There is an increasing body of literature proposing new and efficient persistent versions of concurrent data structures ensuring that a consistent state can be recovered after a power failure or a crash. Their correctness is typically stated in terms of durable linearizability (DL), which requires that individual library operations appear to be executed atomically in a sequence consistent with the real-time order and, moreover, that recovering from a crash return a state corresponding to a prefix of that sequence. Sadly, however, there are hardly any formal DL proofs, and those that do exist cover the correctness of rather simple persistent algorithms on specific (simplified) persistency models.
In response, we propose a general, powerful, modular, and incremental proof technique that can be used to guide the development and establish DL. Our technique is:
- general, in that it is not tied to a specific persistency and/or consistency model,
- powerful, in that it can handle the most advanced persistent algorithms in the literature,
- modular, in that it allows the reuse of an existing linearizability argument, and
- incremental, in that the additional requirements for establishing DL depend on the complexity of the algorithm to be verified.
We illustrate this technique on various versions of a persistent set, leading to the link-free set of Zuriel et al.