7 #include "concretepredicate.h"
11 #include "execution.h"
12 #include "newfuzzer.h"
14 /** @brief Constructor */
15 ModelHistory::ModelHistory() :
16 func_counter(1), /* function id starts with 1 */
17 last_seq_number(INIT_SEQ_NUMBER),
22 /* The following are snapshot data structures */
23 write_history = new HashTable<void *, value_set_t *, uintptr_t, 0>();
24 loc_rd_func_nodes_map = new HashTable<void *, SnapVector<FuncNode *> *, uintptr_t, 0>();
25 loc_wr_func_nodes_map = new HashTable<void *, SnapVector<FuncNode *> *, uintptr_t, 0>();
26 loc_waiting_writes_map = new HashTable<void *, SnapVector<ConcretePredicate *> *, uintptr_t, 0>();
27 thrd_func_list = new SnapVector<func_id_list_t>();
28 thrd_last_entered_func = new SnapVector<uint32_t>();
29 thrd_waiting_write = new SnapVector<ConcretePredicate *>();
30 thrd_wait_obj = new SnapVector<WaitObj *>();
33 ModelHistory::~ModelHistory()
35 // TODO: complete deconstructor; maybe not needed
36 for (uint i = 0;i < thrd_wait_obj->size();i++)
37 delete (*thrd_wait_obj)[i];
40 void ModelHistory::enter_function(const uint32_t func_id, thread_id_t tid)
42 //model_print("thread %d entering func %d\n", tid, func_id);
43 uint id = id_to_int(tid);
45 if ( thrd_func_list->size() <= id ) {
46 uint oldsize = thrd_func_list->size();
47 thrd_func_list->resize( id + 1 );
49 for (uint i = oldsize;i < id + 1;i++) {
50 // push 0 as a dummy function id to a void seg fault
51 new (&(*thrd_func_list)[i]) func_id_list_t();
52 (*thrd_func_list)[i].push_back(0);
53 thrd_last_entered_func->push_back(0);
57 uint32_t last_entered_func_id = (*thrd_last_entered_func)[id];
58 (*thrd_last_entered_func)[id] = func_id;
59 (*thrd_func_list)[id].push_back(func_id);
61 if ( func_nodes.size() <= func_id )
62 resize_func_nodes( func_id + 1 );
64 FuncNode * func_node = func_nodes[func_id];
65 func_node->function_entry_handler(tid);
67 /* Add edges between FuncNodes */
68 if (last_entered_func_id != 0) {
69 FuncNode * last_func_node = func_nodes[last_entered_func_id];
70 last_func_node->add_out_edge(func_node);
73 /* Monitor the statuses of threads waiting for tid */
74 // monitor_waiting_thread(func_id, tid);
77 /* @param func_id a non-zero value */
78 void ModelHistory::exit_function(const uint32_t func_id, thread_id_t tid)
80 uint32_t id = id_to_int(tid);
81 uint32_t last_func_id = (*thrd_func_list)[id].back();
83 if (last_func_id == func_id) {
84 FuncNode * func_node = func_nodes[func_id];
85 func_node->function_exit_handler(tid);
87 (*thrd_func_list)[id].pop_back();
91 //model_print("thread %d exiting func %d\n", tid, func_id);
94 void ModelHistory::resize_func_nodes(uint32_t new_size)
96 uint32_t old_size = func_nodes.size();
98 if ( old_size < new_size )
99 func_nodes.resize(new_size);
101 for (uint32_t id = old_size;id < new_size;id++) {
102 const char * func_name = func_map_rev[id];
103 FuncNode * func_node = new FuncNode(this);
104 func_node->set_func_id(id);
105 func_node->set_func_name(func_name);
106 func_nodes[id] = func_node;
110 void ModelHistory::process_action(ModelAction *act, thread_id_t tid)
112 uint32_t thread_id = id_to_int(tid);
113 /* Return if thread tid has not entered any function that contains atomics */
114 if ( thrd_func_list->size() <= thread_id )
117 /* Monitor the statuses of threads waiting for tid */
118 // monitor_waiting_thread_counter(tid);
120 /* Every write action should be processed, including
121 * nonatomic writes (which have no position) */
122 if (act->is_write()) {
123 void * location = act->get_location();
124 uint64_t value = act->get_write_value();
125 update_write_history(location, value);
127 /* Notify FuncNodes that may read from this location */
128 SnapVector<FuncNode *> * func_node_list = getRdFuncNodes(location);
129 for (uint i = 0;i < func_node_list->size();i++) {
130 FuncNode * func_node = (*func_node_list)[i];
131 func_node->add_to_val_loc_map(value, location);
134 // check_waiting_write(act);
137 uint32_t func_id = (*thrd_func_list)[thread_id].back();
139 /* The following does not care about actions that are not inside
140 * any function that contains atomics or actions without a position */
141 if (func_id == 0 || act->get_position() == NULL)
144 if (skip_action(act))
147 FuncNode * func_node = func_nodes[func_id];
148 func_node->add_inst(act);
150 func_node->update_tree(act);
151 last_seq_number = act->get_seq_number();
154 /* Return the FuncNode given its func_id */
155 FuncNode * ModelHistory::get_func_node(uint32_t func_id)
160 // This node has not been added to func_nodes
161 if (func_nodes.size() <= func_id)
164 return func_nodes[func_id];
167 /* Return the current FuncNode when given a thread id */
168 FuncNode * ModelHistory::get_curr_func_node(thread_id_t tid)
170 int thread_id = id_to_int(tid);
171 uint32_t func_id = (*thrd_func_list)[thread_id].back();
174 return func_nodes[func_id];
180 void ModelHistory::update_write_history(void * location, uint64_t write_val)
182 value_set_t * write_set = write_history->get(location);
184 if (write_set == NULL) {
185 write_set = new value_set_t();
186 write_history->put(location, write_set);
189 write_set->add(write_val);
192 void ModelHistory::update_loc_rd_func_nodes_map(void * location, FuncNode * node)
194 SnapVector<FuncNode *> * func_node_list = getRdFuncNodes(location);
195 func_node_list->push_back(node);
198 void ModelHistory::update_loc_wr_func_nodes_map(void * location, FuncNode * node)
200 SnapVector<FuncNode *> * func_node_list = getWrFuncNodes(location);
201 func_node_list->push_back(node);
204 SnapVector<FuncNode *> * ModelHistory::getRdFuncNodes(void * location)
206 SnapVector<FuncNode *> * func_node_list = loc_rd_func_nodes_map->get(location);
207 if (func_node_list == NULL) {
208 func_node_list = new SnapVector<FuncNode *>();
209 loc_rd_func_nodes_map->put(location, func_node_list);
212 return func_node_list;
215 SnapVector<FuncNode *> * ModelHistory::getWrFuncNodes(void * location)
217 SnapVector<FuncNode *> * func_node_list = loc_wr_func_nodes_map->get(location);
218 if (func_node_list == NULL) {
219 func_node_list = new SnapVector<FuncNode *>();
220 loc_wr_func_nodes_map->put(location, func_node_list);
223 return func_node_list;
226 /* When a thread is paused by Fuzzer, keep track of the condition it is waiting for */
227 void ModelHistory::add_waiting_write(ConcretePredicate * concrete)
229 void * location = concrete->get_location();
230 SnapVector<ConcretePredicate *> * waiting_conditions = loc_waiting_writes_map->get(location);
231 if (waiting_conditions == NULL) {
232 waiting_conditions = new SnapVector<ConcretePredicate *>();
233 loc_waiting_writes_map->put(location, waiting_conditions);
236 /* waiting_conditions should not have duplications */
237 waiting_conditions->push_back(concrete);
239 int thread_id = id_to_int(concrete->get_tid());
240 if (thrd_waiting_write->size() <= (uint) thread_id) {
241 thrd_waiting_write->resize(thread_id + 1);
244 (*thrd_waiting_write)[thread_id] = concrete;
247 void ModelHistory::remove_waiting_write(thread_id_t tid)
249 ConcretePredicate * concrete = (*thrd_waiting_write)[ id_to_int(tid) ];
250 void * location = concrete->get_location();
251 SnapVector<ConcretePredicate *> * concrete_preds = loc_waiting_writes_map->get(location);
253 /* Linear search should be fine because presumably not many ConcretePredicates
254 * are at the same memory location */
255 for (uint i = 0;i < concrete_preds->size();i++) {
256 ConcretePredicate * current = (*concrete_preds)[i];
257 if (concrete == current) {
258 (*concrete_preds)[i] = concrete_preds->back();
259 concrete_preds->pop_back();
264 int thread_id = id_to_int( concrete->get_tid() );
265 (*thrd_waiting_write)[thread_id] = NULL;
269 /* Check if any other thread is waiting for this write action. If so, "notify" them */
270 void ModelHistory::check_waiting_write(ModelAction * write_act)
272 void * location = write_act->get_location();
273 uint64_t value = write_act->get_write_value();
274 SnapVector<ConcretePredicate *> * concrete_preds = loc_waiting_writes_map->get(location);
275 if (concrete_preds == NULL)
279 while (index < concrete_preds->size()) {
280 ConcretePredicate * concrete_pred = (*concrete_preds)[index];
281 SnapVector<struct concrete_pred_expr> * concrete_exprs = concrete_pred->getExpressions();
282 bool satisfy_predicate = true;
283 /* Check if the written value satisfies every predicate expression */
284 for (uint i = 0;i < concrete_exprs->size();i++) {
285 struct concrete_pred_expr concrete = (*concrete_exprs)[i];
286 bool equality = false;
287 switch (concrete.token) {
289 equality = (value == concrete.value);
292 equality = ((void*)value == NULL);
295 model_print("unknown predicate token");
299 if (equality != concrete.equality) {
300 satisfy_predicate = false;
305 if (satisfy_predicate) {
306 /* Wake up threads */
307 thread_id_t tid = concrete_pred->get_tid();
308 Thread * thread = model->get_thread(tid);
310 //model_print("** thread %d is woken up\n", thread->get_id());
311 ((NewFuzzer *)model->get_execution()->getFuzzer())->notify_paused_thread(thread);
318 WaitObj * ModelHistory::getWaitObj(thread_id_t tid)
320 int thread_id = id_to_int(tid);
321 int old_size = thrd_wait_obj->size();
322 if (old_size <= thread_id) {
323 thrd_wait_obj->resize(thread_id + 1);
324 for (int i = old_size;i < thread_id + 1;i++) {
325 (*thrd_wait_obj)[i] = new WaitObj( int_to_id(i) );
329 return (*thrd_wait_obj)[thread_id];
332 void ModelHistory::add_waiting_thread(thread_id_t self_id,
333 thread_id_t waiting_for_id, FuncNode * target_node, int dist)
335 WaitObj * self_wait_obj = getWaitObj(self_id);
336 self_wait_obj->add_waiting_for(waiting_for_id, target_node, dist);
338 /* Update waited-by relation */
339 WaitObj * other_wait_obj = getWaitObj(waiting_for_id);
340 other_wait_obj->add_waited_by(self_id);
343 /* Thread tid is woken up (or notified), so it is not waiting for others anymore */
344 void ModelHistory::remove_waiting_thread(thread_id_t tid)
346 WaitObj * self_wait_obj = getWaitObj(tid);
347 thrd_id_set_t * waiting_for = self_wait_obj->getWaitingFor();
349 /* Remove tid from waited_by's */
350 thrd_id_set_iter * iter = waiting_for->iterator();
351 while (iter->hasNext()) {
352 thread_id_t other_id = iter->next();
353 WaitObj * other_wait_obj = getWaitObj(other_id);
354 other_wait_obj->remove_waited_by(tid);
357 self_wait_obj->clear_waiting_for();
361 void ModelHistory::stop_waiting_for_node(thread_id_t self_id,
362 thread_id_t waiting_for_id, FuncNode * target_node)
364 WaitObj * self_wait_obj = getWaitObj(self_id);
365 bool thread_removed = self_wait_obj->remove_waiting_for_node(waiting_for_id, target_node);
367 // model_print("\t%d gives up %d on node %d\n", self_id, waiting_for_id, target_node->get_func_id());
369 /* If thread self_id is not waiting for waiting_for_id anymore */
370 if (thread_removed) {
371 WaitObj * other_wait_obj = getWaitObj(waiting_for_id);
372 other_wait_obj->remove_waited_by(self_id);
374 thrd_id_set_t * self_waiting_for = self_wait_obj->getWaitingFor();
375 if ( self_waiting_for->isEmpty() ) {
376 // model_print("\tthread %d waits for nobody, wake up\n", self_id);
377 ModelExecution * execution = model->get_execution();
378 Thread * thread = execution->get_thread(self_id);
379 ((NewFuzzer *)execution->getFuzzer())->notify_paused_thread(thread);
384 bool ModelHistory::skip_action(ModelAction * act)
386 bool second_part_of_rmw = act->is_rmwc() || act->is_rmw();
387 modelclock_t curr_seq_number = act->get_seq_number();
389 /* Skip actions that are second part of a read modify write */
390 if (second_part_of_rmw)
393 /* Skip actions with the same sequence number */
394 if (last_seq_number != INIT_SEQ_NUMBER && last_seq_number == curr_seq_number)
397 /* Skip actions that are paused by fuzzer (sequence number is 0) */
398 if (curr_seq_number == 0)
404 /* Monitor thread tid and decide whether other threads (that are waiting for tid)
405 * should keep waiting for this thread or not. Shall only be called when a thread
408 * Heuristics: If the distance from the current FuncNode to some target node
409 * ever increases, stop waiting for this thread on this target node.
411 void ModelHistory::monitor_waiting_thread(uint32_t func_id, thread_id_t tid)
413 WaitObj * wait_obj = getWaitObj(tid);
414 thrd_id_set_t * waited_by = wait_obj->getWaitedBy();
415 FuncNode * curr_node = func_nodes[func_id];
417 /* For each thread waiting for tid */
418 thrd_id_set_iter * tid_iter = waited_by->iterator();
419 while (tid_iter->hasNext()) {
420 thread_id_t waited_by_id = tid_iter->next();
421 WaitObj * other_wait_obj = getWaitObj(waited_by_id);
423 node_set_t * target_nodes = other_wait_obj->getTargetNodes(tid);
424 node_set_iter * node_iter = target_nodes->iterator();
425 while (node_iter->hasNext()) {
426 FuncNode * target = node_iter->next();
427 int old_dist = other_wait_obj->lookup_dist(tid, target);
428 int new_dist = curr_node->compute_distance(target, old_dist);
430 if (new_dist == -1) {
431 stop_waiting_for_node(waited_by_id, tid, target);
441 void ModelHistory::monitor_waiting_thread_counter(thread_id_t tid)
443 WaitObj * wait_obj = getWaitObj(tid);
444 thrd_id_set_t * waited_by = wait_obj->getWaitedBy();
446 // Thread tid has taken an action, update the counter for threads waiting for tid
447 thrd_id_set_iter * tid_iter = waited_by->iterator();
448 while (tid_iter->hasNext()) {
449 thread_id_t waited_by_id = tid_iter->next();
450 WaitObj * other_wait_obj = getWaitObj(waited_by_id);
452 bool expire = other_wait_obj->incr_counter(tid);
454 // model_print("thread %d stops waiting for thread %d\n", waited_by_id, tid);
455 wait_obj->remove_waited_by(waited_by_id);
456 other_wait_obj->remove_waiting_for(tid);
458 thrd_id_set_t * other_waiting_for = other_wait_obj->getWaitingFor();
459 if ( other_waiting_for->isEmpty() ) {
460 // model_print("\tthread %d waits for nobody, wake up\n", self_id);
461 ModelExecution * execution = model->get_execution();
462 Thread * thread = execution->get_thread(waited_by_id);
463 ((NewFuzzer *)execution->getFuzzer())->notify_paused_thread(thread);
471 /* Reallocate some snapshotted memories when new executions start */
472 void ModelHistory::set_new_exec_flag()
474 for (uint i = 1;i < func_nodes.size();i++) {
475 FuncNode * func_node = func_nodes[i];
476 func_node->set_new_exec_flag();
480 void ModelHistory::dump_func_node_graph()
482 model_print("digraph func_node_graph {\n");
483 for (uint i = 1;i < func_nodes.size();i++) {
484 FuncNode * node = func_nodes[i];
485 ModelList<FuncNode *> * out_edges = node->get_out_edges();
487 model_print("\"%p\" [label=\"%s\"]\n", node, node->get_func_name());
488 mllnode<FuncNode *> * it;
489 for (it = out_edges->begin();it != NULL;it = it->getNext()) {
490 FuncNode * other = it->getVal();
491 model_print("\"%p\" -> \"%p\"\n", node, other);
497 void ModelHistory::print_func_node()
499 /* function id starts with 1 */
500 for (uint32_t i = 1;i < func_nodes.size();i++) {
501 FuncNode * func_node = func_nodes[i];
502 func_node->print_predicate_tree();
505 func_inst_list_mt * entry_insts = func_node->get_entry_insts();
506 model_print("function %s has entry actions\n", func_node->get_func_name());
508 mllnode<FuncInst*>* it;
509 for (it = entry_insts->begin();it != NULL;it=it->getNext()) {
510 FuncInst *inst = it->getVal();
511 model_print("type: %d, at: %s\n", inst->get_type(), inst->get_position());
517 void ModelHistory::print_waiting_threads()
519 ModelExecution * execution = model->get_execution();
520 for (unsigned int i = 0;i < execution->get_num_threads();i++) {
521 thread_id_t tid = int_to_id(i);
522 WaitObj * wait_obj = getWaitObj(tid);
523 wait_obj->print_waiting_for();
526 for (unsigned int i = 0;i < execution->get_num_threads();i++) {
527 thread_id_t tid = int_to_id(i);
528 WaitObj * wait_obj = getWaitObj(tid);
529 wait_obj->print_waited_by();
projects / c11tester.git / blob