Formal Aspects of Computing

, Volume 25, Issue 6, pp 893–931 | Cite as

Explanation of two non-blocking shared-variable communication algorithms

  • Richard Bornat
  • Hasan Amjad
Original Article


Simpson and Harris have described multi-slot algorithms implementing a single-place buffer, each operating without explicit hardware synchronisation mechanisms. Conventional refinement and proof techniques have explained that these algorithms work, but do not give convincing descriptions of how they work. An unconventional refinement process starting from the classic single-variable buffer, using both data and atomicity refinement and drawing information from unsuccessful steps, derives each algorithm. The logic used is RGSep, a marriage of rely/guarantee and concurrent separation logic. Extensive detailed verifications are described. The result is an explanation of how the algorithms work and some pointers to how such algorithms might be devised.


Separation logic Rely-guarantee Concurrency Proof Refinement Atomicity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Abr08.
    Abrial J-R (2008) Formal development of Simpson’s 4-slot algorithm. Private communication, July 2008Google Scholar
  2. AC06.
    Abrial J-R, Cansell D (2006) Formal development of Simpson’s 4-slot algorithm. Private communication, March 2006Google Scholar
  3. AFI+09.
    Alglave J, Fox A, Ishtiaq S, Myreen MO, Sarkar S, Sewell P, Zappa Nardelli F (2009) The semantics of Power and ARM multiprocessor machine code. In: DAMP 2009: workshop on declarative aspects of multicore programming, January 2009Google Scholar
  4. BA10.
    Bornat R, Amjad H: Inter-process buffers in separation logic with rely-guarantee. Form Asp Comp 22(6), 722–735 (2010)CrossRefGoogle Scholar
  5. Bri02.
    Brinch Hansen, P (ed) The origin of concurrent programming. Springer, Berlin (2002)zbMATHGoogle Scholar
  6. Dij65.
    Dijkstra EW (1965) Cooperating sequential processes. Technical report EWD-123, Technical University, Eindhoven. Reprinted in [Gen68] and [Bri02]Google Scholar
  7. Flo67.
    Floyd RW (1967) Assigning meanings to programs. In: Schwartz JT (ed) Mathematical aspects of computer science. Proceedings of symposia in applied mathematics, vol 19, Providence, Rhode Island. American Mathematical Society, pp 19–32Google Scholar
  8. Gen68.
    Genuys F (ed) (1968) Programming languages. Academic PressGoogle Scholar
  9. Har04.
    Harris T (2004) A non-blocking three-slot buffer. Private communication; described in [BA10]Google Scholar
  10. Hen03.
    Henderson N: Proving the correctness of Simpson’s 4-slot ACM using an assertional rely-guarantee proof method. In: Araki, K, Gnesi, S, Mandrioli, D (eds) FME Lecture notes in computer science vol 2805., pp. 244–263. Springer, Berlin (2003)Google Scholar
  11. Her91.
    Herlihy M: Wait-free synchronization. ACM Trans Program Lang Syst 13(1), 124–149 (1991)CrossRefGoogle Scholar
  12. HP02.
    Henderson N, Paynter S (2002) The formal classification and verification of Simpson’s 4-slot asynchronous communication mechanism. In: FME 2002: Formal methods—getting IT right. Lecture notes in computer science, vol 2391. Springer, Berlin, pp 121–132Google Scholar
  13. HW90.
    Herlihy M, Wing JM: Linearizability: a correctness condition for concurrent objects. ACM Trans Program Lang Syst 12(3), 463–492 (1990)CrossRefGoogle Scholar
  14. Jon83.
    Jones CB (1983) Specification and design of (parallel) programs. In: IFIP Congress, pp 321–332Google Scholar
  15. JP08.
    Jones CB, Pierce KG (2008) Splitting atoms with rely/guarantee conditions coupled with data reification. In: ABZ ’08: Proceedings of the 1st international conference on abstract state machines, B and Z. Springer, Berlin, pp 360–377Google Scholar
  16. JP09.
    Jones CB, Pierce KG (2009) Elucidating concurrent algorithms via layers of abstraction and reification. Technical report CS-TR-1166, Newcastle University, Computing ScienceGoogle Scholar
  17. Lak76.
    Lakatos I (1976) Proofs and refutations: the logic of mathematical discovery. Cambridge University PressGoogle Scholar
  18. O’H07.
    O’Hearn P: Resources, concurrency, and local reasoning. Theor Comput Sci 375(1-3), 271–307 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  19. OSS09.
    Owens S, Sarkar S, Sewell P (2009) A better x86 memory model: x86-TSO. In: TPHOLs 2009: theorem proving in higher order logics. LNCS, vol. 5674, pp 391–407Google Scholar
  20. Owe10.
    Owens S: Reasoning about the implementation of concurrency abstractions on x86-TSO. In: D’Hondt, T (eds) ECOOP 2010—object-oriented programming 24th European conference Lecture notes in computer science vol 6183., pp. 478–503. Springer, Berlin (2010)Google Scholar
  21. PHA04.
    Paynter SE, Henderson N, Armstrong JM: Ramifications of metastability in bit variables explored via Simpson’s 4-slot mechanism. Form Asp Comp 16(4), 332–351 (2004)CrossRefzbMATHGoogle Scholar
  22. Rus02.
    Rushby J (2002) Model checking Simpson’s four-slot fully asynchronous communication mechanism. Technical report, Computer Science Laboratory, SRI InternationalGoogle Scholar
  23. Sim86.
    Simpson H: The mascot method. Softw Eng J 1(3), 103–120 (1986)CrossRefGoogle Scholar
  24. Sim90.
    Simpson HR: Four-slot fully asynchronous communication mechanism. IEE Proc 137(1), 17–30 (1990)Google Scholar
  25. Sim92.
    Simpson HR: Correctness analysis for class of asynchronous communication mechanisms. IEE Proc 139(1), 35–49 (1992)Google Scholar
  26. Sim97a.
    Simpson HR: New algorithms for asynchronous communication. IEE Proc: Comput Digital Tech 144(227–231), 144, 227–231 (1997)Google Scholar
  27. Sim97b.
    Simpson HR: Role model analysis of an asynchronous communication mechanism. IEE Proc: Comput Digit Tech 144(4), 232–240 (1997)CrossRefGoogle Scholar
  28. SJ79.
    Simpson HR, Jackson K: Process synchronisation in MASCOT. Comput J 22(4), 332–345 (1979)CrossRefzbMATHGoogle Scholar
  29. SSA+11.
    Sarkar S, Sewell P, Alglave J, Maranget L, Williams D (2011) Understanding POWER multiprocessors. In: Proc. PLDIGoogle Scholar
  30. SSO+10.
    Sewell P, Sarkar S, Owens S, Zappa Nardelli F, Myreen MO: x86-TSO a rigorous and usable programmer’s model for x86 multiprocessors. Commun ACM 53(7), 89–97 (2010)CrossRefGoogle Scholar
  31. SSZN+09.
    Sarkar S, Sewell P, Zappa Nardelli F, Owens S, Ridge T, Braibant T, Myreen M, Alglave J (2009) The semantics of x86-CC multiprocessor machine code. In: Proc. POPL 2009, January 2009Google Scholar
  32. Vaf07.
    Vafeiadis V (2007) Modular fine-grained concurrency verification. PhD thesis, University of CambridgeGoogle Scholar
  33. VP07.
    Vafeiadis V, Parkinson MJ (2007) A marriage of rely/guarantee and separation logic. In: CONCUR 2007—concurrency theory. LNCS, vol 4037, pp 256–271, August 2007Google Scholar
  34. Yan07.
    Yang H: Relational separation logic. Theor Comput Sci 375(1–3), 308–334 (2007)CrossRefzbMATHGoogle Scholar

Copyright information

© British Computer Society 2011

Authors and Affiliations

  1. 1.Department of Engineering and Information SciencesMiddlesex UniversityLondonUK

Personalised recommendations