1 C11Tester: A Testing tool for C11 and C++11 Atomics
2 =====================================================
4 C11Tester is a testing tool for C11/C++11 which randomly explores the
5 behaviors of code under the C/C++ memory model.
7 C11Tester is constructed as a dynamically-linked shared library which
8 implements the C and C++ atomic types and portions of the other thread-support
9 libraries of C/C++ (e.g., std::atomic, std::mutex, etc.).
11 C11Tester compiles on Linux. Instrumenting programs requires using
12 our LLVM pass. It likely can be ported to other \*NIX flavors.
17 If you have questions, you can contact us at c11tester@googlegroups.com.
19 You can sign up for the C11Tester mailing list at:
20 <https://groups.google.com/forum/#!forum/c11tester>
26 If you haven't done so already, you may download C11Tester using git:
28 git clone git://plrg.eecs.uci.edu/c11tester.git
30 Get the benchmarks (not required; distributed separately):
32 git clone git://plrg.eecs.uci.edu/c11concurrency-benchmarks.git
34 Get the LLVM frontend using git and follow its directions to build:
36 git clone git://plrg.eecs.uci.edu/c11llvm.git
42 To see the help message on how to run C11Tester, execute:
52 > Verbose: show all executions and not just buggy ones.
56 > Specify the number number of executions to run.
60 > Value to provide to atomics loads from uninitialized memory locations. The
61 > default is 0, but this may cause some programs to throw exceptions
62 > (segfault) before the model checker prints a trace.
67 Many simple tests are located in the `test/` directory. These are
68 manually instrumented and can just be run.
70 You may also want to try the larger benchmarks (distributed
71 separately). These require LLVM to instrument.
77 You likely want to test your own code, not just our tests. You will
78 likely need to use our LLVM pass to instrument your program. You will
79 have to modify your build environment to do this.
81 Test programs should be compiled against our shared library
82 (libmodel.so). Then the shared library must be made available to the
83 dynamic linker, using the `LD_LIBRARY_PATH` environment variable, for
87 Reading an execution trace
88 --------------------------
90 When C11Tester detects a bug in your program (or when run with the `--verbose`
91 flag), it prints the output of the program run (STDOUT) along with some summary
92 trace information for the execution in question. The trace is given as a
93 sequence of lines, where each line represents an operation in the execution
94 trace. These lines are ordered by the order in which they were run by C11Tester
95 (i.e., the "execution order"), which does not necessarily align with the "order"
96 of the values observed (i.e., the modification order or the reads-from
99 The following list describes each of the columns in the execution trace output:
101 * \#: The sequence number within the execution. That is, sequence number "9"
102 means the operation was the 9th operation executed by C11Tester. Note that
103 this represents the execution order, not necessarily any other order (e.g.,
104 modification order or reads-from).
106 * t: The thread number
108 * Action type: The type of operation performed
110 * MO: The memory-order for this operation (i.e., `memory_order_XXX`, where `XXX` is
111 `relaxed`, `release`, `acquire`, `rel_acq`, or `seq_cst`)
113 * Location: The memory location on which this operation is operating. This is
114 well-defined for atomic write/read/RMW, but other operations are subject to
115 C11Tester implementation details.
117 * Value: For reads/writes/RMW, the value returned by the operation. Note that
118 for RMW, this is the value that is *read*, not the value that was *written*.
119 For other operations, 'value' may have some C11Tester-internal meaning, or
120 it may simply be a don't-care (such as `0xdeadbeef`).
122 * Rf: For reads, the sequence number of the operation from which it reads.
123 [Note: If the execution is a partial, infeasible trace (labeled INFEASIBLE),
124 as printed during `--verbose` execution, reads may not be resolved and so may
125 have Rf=? or Rf=Px, where x is a promised future value.]
127 * CV: The clock vector, encapsulating the happens-before relation (see our
128 paper, or the C/C++ memory model itself). We use a Lamport-style clock vector
129 similar to [1]. The "clock" is just the sequence number (#). The clock vector
130 can be read as follows:
132 Each entry is indexed as CV[i], where
134 i = 0, 1, 2, ..., <number of threads>
136 So for any thread i, we say CV[i] is the sequence number of the most recent
137 operation in thread i such that operation i happens-before this operation.
138 Notably, thread 0 is reserved as a dummy thread for certain C11Tester
141 See the following example trace:
143 ------------------------------------------------------------------------------------
144 # t Action type MO Location Value Rf CV
145 ------------------------------------------------------------------------------------
146 1 1 thread start seq_cst 0x7f68ff11e7c0 0xdeadbeef ( 0, 1)
147 2 1 init atomic relaxed 0x601068 0 ( 0, 2)
148 3 1 init atomic relaxed 0x60106c 0 ( 0, 3)
149 4 1 thread create seq_cst 0x7f68fe51c710 0x7f68fe51c6e0 ( 0, 4)
150 5 2 thread start seq_cst 0x7f68ff11ebc0 0xdeadbeef ( 0, 4, 5)
151 6 2 atomic read relaxed 0x60106c 0 3 ( 0, 4, 6)
152 7 1 thread create seq_cst 0x7f68fe51c720 0x7f68fe51c6e0 ( 0, 7)
153 8 3 thread start seq_cst 0x7f68ff11efc0 0xdeadbeef ( 0, 7, 0, 8)
154 9 2 atomic write relaxed 0x601068 0 ( 0, 4, 9)
155 10 3 atomic read relaxed 0x601068 0 2 ( 0, 7, 0, 10)
156 11 2 thread finish seq_cst 0x7f68ff11ebc0 0xdeadbeef ( 0, 4, 11)
157 12 3 atomic write relaxed 0x60106c 0x2a ( 0, 7, 0, 12)
158 13 1 thread join seq_cst 0x7f68ff11ebc0 0x2 ( 0, 13, 11)
159 14 3 thread finish seq_cst 0x7f68ff11efc0 0xdeadbeef ( 0, 7, 0, 14)
160 15 1 thread join seq_cst 0x7f68ff11efc0 0x3 ( 0, 15, 11, 14)
161 16 1 thread finish seq_cst 0x7f68ff11e7c0 0xdeadbeef ( 0, 16, 11, 14)
163 ------------------------------------------------------------------------------------
165 Now consider, for example, operation 10:
167 This is the 10th operation in the execution order. It is an atomic read-relaxed
168 operation performed by thread 3 at memory address `0x601068`. It reads the value
169 "0", which was written by the 2nd operation in the execution order. Its clock
170 vector consists of the following values:
172 CV[0] = 0, CV[1] = 7, CV[2] = 0, CV[3] = 10
174 End of Execution Summary
175 ------------------------
177 C11Tester prints summary statistics at the end of each execution. These
178 summaries are based off of a few different properties of an execution, which we
179 will break down here:
181 * A _buggy_ execution is an execution in which C11Tester has found a real
182 bug: a data race, a deadlock, failure of a user-provided assertion, or an
183 uninitialized load, for instance. C11Tester will only report bugs in feasible
187 Other Notes and Pitfalls
188 ------------------------
190 * Data races may be reported as multiple bugs, one for each byte-address of the
191 data race in question. See, for example, this run:
193 $ ./run.sh test/releaseseq.o
195 Bug report: 4 bugs detected
196 [BUG] Data race detected @ address 0x601078:
197 Access 1: write in thread 2 @ clock 4
198 Access 2: read in thread 3 @ clock 9
199 [BUG] Data race detected @ address 0x601079:
200 Access 1: write in thread 2 @ clock 4
201 Access 2: read in thread 3 @ clock 9
202 [BUG] Data race detected @ address 0x60107a:
203 Access 1: write in thread 2 @ clock 4
204 Access 2: read in thread 3 @ clock 9
205 [BUG] Data race detected @ address 0x60107b:
206 Access 1: write in thread 2 @ clock 4
207 Access 2: read in thread 3 @ clock 9
213 The C11Tester project page:
215 > <http://demsky.eecs.uci.edu/c11tester.html>
217 The C11Tester source and accompanying benchmarks on Gitweb:
219 > <http://plrg.eecs.uci.edu/git/?p=c11tester.git>
221 > <http://plrg.eecs.uci.edu/git/?p=c11llvm.git>
223 > <http://plrg.eecs.uci.edu/git/?p=c11concurrency-benchmarks.git>
230 Please feel free to contact us for more information. Bug reports are welcome,
231 and we are happy to hear from our users. We are also very interested to know if
232 C11Tester catches bugs in your programs.
234 Contact Weiyu Luo at <weiyul7@uci.edu> or Brian Demsky at <bdemsky@uci.edu>.
240 Copyright © 2013 and 2019 Regents of the University of California. All rights reserved.
242 C11Tester is distributed under the GPL v2. See the LICENSE file for details.
248 [1] L. Lamport. Time, clocks, and the ordering of events in a distributed
249 system. CACM, 21(7):558-565, July 1978.