Reasoning Algebraically About Refinement on TSO Architectures

  • Brijesh Dongol
  • John Derrick
  • Graeme Smith
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8687)


The Total Store Order memory model is widely implemented by modern multicore architectures such as x86, where local buffers are used for optimisation, allowing limited forms of instruction reordering. The presence of buffers and hardware-controlled buffer flushes increases the level of non-determinism from the level specified by a program, complicating the already difficult task of concurrent programming. This paper presents a new notion of refinement for weak memory models, based on the observation that pending writes to a process’ local variables may be treated as if the effect of the update has already occurred in shared memory. We develop an interval-based model with algebraic rules for various programming constructs. In this framework, several decomposition rules for our new notion of refinement are developed. We apply our approach to verify the spinlock algorithm from the literature.


Shared Memory Memory Model Critical Section Proof Obligation State Predicate 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adve, S.V., Gharachorloo, K.: Shared memory consistency models: A tutorial. IEEE Computer 29(12), 66–76 (1996)CrossRefGoogle Scholar
  2. 2.
    Alglave, J.: A formal hierarchy of weak memory models. Formal Methods in System Design 41(2), 178–210 (2012)CrossRefMATHGoogle Scholar
  3. 3.
    Back, R.J.R., von Wright, J.: Reasoning algebraically about loops. Acta Informatica 36(4), 295–334 (1999)MathSciNetCrossRefMATHGoogle Scholar
  4. 4.
    Bovet, D., Cesati, M.: Understanding the Linux Kernel, 3rd edn. OReilly (2005)Google Scholar
  5. 5.
    Boyland, J.: Checking interference with fractional permissions. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 55–72. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Burckhardt, S., Alur, R., Martin, M.M.K.: Checkfence: Checking consistency of concurrent data types on relaxed memory models. In: PLDI, pp. 12–21 (2007)Google Scholar
  7. 7.
    Burckhardt, S., Gotsman, A., Musuvathi, M., Yang, H.: Concurrent library correctness on the TSO memory model. In: Seidl, H. (ed.) Programming Languages and Systems. LNCS, vol. 7211, pp. 87–107. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Burckhardt, S., Musuvathi, M., Singh, V.: Verifying local transformations on relaxed memory models. In: Gupta, R. (ed.) CC 2010. LNCS, vol. 6011, pp. 104–123. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Cohen, E., Schirmer, B.: From total store order to sequential consistency: A practical reduction theorem. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 403–418. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Dongol, B., Derrick, J.: Data refinement for true concurrency. In: Derrick, J., Boiten, E.A., Reeves, S. (eds.) Refine. EPTCS, vol. 115, pp. 15–35 (2013)Google Scholar
  11. 11.
    Dongol, B., Derrick, J., Hayes, I.J.: Fractional permissions and non-deterministic evaluators in interval temporal logic. ECEASST 53 (2012)Google Scholar
  12. 12.
    Dongol, B., Hayes, I.J.: Deriving real-time action systems in a sampling logic. Sci. Comput. Program. 78(11), 2047–2063 (2013)CrossRefGoogle Scholar
  13. 13.
    Dongol, B., Hayes, I.J., Derrick, J.: Deriving real-time action systems with multiple time bands using algebraic reasoning. Sci. of Comp. Prog. 85(Pt. B), 137–165 (2014)CrossRefGoogle Scholar
  14. 14.
    Dongol, B., Hayes, I.J., Meinicke, L., Solin, K.: Towards an algebra for real-time programs. In: Kahl, W., Griffin, T.G. (eds.) RAMICS 2012. LNCS, vol. 7560, pp. 50–65. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Dongol, B., Travkin, O., Derrick, J., Wehrheim, H.: A high-level semantics for program execution under total store order memory. In: Liu, Z., Woodcock, J., Zhu, H. (eds.) ICTAC 2013. LNCS, vol. 8049, pp. 177–194. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  16. 16.
    Gotsman, A., Musuvathi, M., Yang, H.: Show no weakness: Sequentially consistent specifications of TSO libraries. In: Aguilera, M.K. (ed.) DISC 2012. LNCS, vol. 7611, pp. 31–45. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Hayes, I.J., Burns, A., Dongol, B., Jones, C.B.: Comparing degrees of non-determinism in expression evaluation. Comput. J. 56(6), 741–755 (2013)CrossRefGoogle Scholar
  18. 18.
    Lamport, L.: How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Computers 28(9), 690–691 (1979)CrossRefMATHGoogle Scholar
  19. 19.
    Moszkowski, B.C.: A complete axiomatization of Interval Temporal Logic with infinite time. In: LICS, pp. 241–252 (2000)Google Scholar
  20. 20.
    Owens, S.: Reasoning about the implementation of concurrency abstractions on x86-TSO. In: D’Hondt, T. (ed.) ECOOP 2010. LNCS, vol. 6183, pp. 478–503. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Park, S., Dill, D.L.: An executable specification, analyzer and verifier for RMO (relaxed memory order). In: SPAA, pp. 34–41 (1995)Google Scholar
  22. 22.
    Sewell, P., Sarkar, S., Owens, S., Nardelli, F.Z., Myreen, M.O.: x86-TSO: a rigorous and usable programmer’s model for x86 multiprocessors. Commun. ACM 53(7), 89–97 (2010)CrossRefGoogle Scholar
  23. 23.
    Sorin, D.J., Hill, M.D., Wood, D.A.: A Primer on Memory Consistency and Cache Coherence. Synthesis Lectures on Computer Architecture. Morgan & Claypool (2011)Google Scholar
  24. 24.
    Spivey, J.M.: The Z Notation: A Reference Manual. Prentice Hall (1992)Google Scholar
  25. 25.
    Travkin, O., Mütze, A., Wehrheim, H.: SPIN as a linearizability checker under weak memory models. In: Bertacco, V., Legay, A. (eds.) HVC 2013. LNCS, vol. 8244, pp. 311–326. Springer, Heidelberg (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Brijesh Dongol
    • 1
  • John Derrick
    • 1
  • Graeme Smith
    • 2
  1. 1.Department of ComputingUniversity of SheffieldUK
  2. 2.School of Information Technology and Electrical EngineeringThe University of QueenslandAustralia

Personalised recommendations