Deciding reachability under persistent x86-TSO

Abstract: We address the problem of verifying the reachability problem in programs running under the formal model Px86 defined recently by Raad et al. in POPL'20 for the persistent Intel x86 architecture. We prove that this problem is decidable. To achieve that, we provide a new formal model that is equivalent to Px86 and that has the feature of being a well structured system. Deriving this new model is the result of a deep investigation of the properties of Px86 and the interplay of its components.

“…The soundness of Pierogi is proven relative to the Px86 view of Cho et al [9]; there are however other equivalent models in the literature [1,23,32,34], as well as other persistency models [33,35]. While the original persistent x86 semantics has asynchronous explicit persist instructions [34], the underlying model assumed here is due to Cho et al [9] with synchronous persist instructions.…”

“…Besides program logics, there have been other recent efforts to help programmers reason about persistent programs. For instance, Abdulla et al [1] have proven that state-reachability for persistent x86 is decidable, thus opening the door to automatic verification of persistent programs, and Gorjiara et al [18] and Kokologiannakis et al [25] have developed model checkers for finding bugs in persistent programs. Recent works have considered durable atomic objects such as concurrent data structures [17] and transactional memory [3] and their verification [3,14,15], which have been designed to satisfy conditions such as durable linearizability [20,24] and durable opacity [3].…”

View-Based Owicki–Gries Reasoning for Persistent x86-TSO

“…The soundness of Pierogi is proven relative to the Px86 view of Cho et al [9]; there are however other equivalent models in the literature [1,23,32,34], as well as other persistency models [33,35]. While the original persistent x86 semantics has asynchronous explicit persist instructions [34], the underlying model assumed here is due to Cho et al [9] with synchronous persist instructions.…”

“…Besides program logics, there have been other recent efforts to help programmers reason about persistent programs. For instance, Abdulla et al [1] have proven that state-reachability for persistent x86 is decidable, thus opening the door to automatic verification of persistent programs, and Gorjiara et al [18] and Kokologiannakis et al [25] have developed model checkers for finding bugs in persistent programs. Recent works have considered durable atomic objects such as concurrent data structures [17] and transactional memory [3] and their verification [3,14,15], which have been designed to satisfy conditions such as durable linearizability [20,24] and durable opacity [3].…”

View-Based Owicki–Gries Reasoning for Persistent x86-TSO

“…The existing DPOR algorithms [8,9,11,13,18,[21][22][23][24][25][26][27] typically proceed to detect a pair of competing access periods after exploring a program trace and then investigating other traces containing the competing accesses in the reverse order to avoid re-exploring equivalent execution traces while maintaining some state information. Nonetheless, existing algorithms may reveal an exponential number of traces even for non-optimal cases such as for programs near O(n!)…”

Dynamic Partial Order Reduction Based on Interference Solution

Consistency and Persistency in Program Verification: Challenges and Opportunities