9 #include "snapshot-interface.h"
11 #include "clockvector.h"
12 #include "cyclegraph.h"
15 #include "threads-model.h"
18 #define INITIAL_THREAD_ID 0
23 bug_message(const char *str) {
24 const char *fmt = " [BUG] %s\n";
25 msg = (char *)snapshot_malloc(strlen(fmt) + strlen(str));
26 sprintf(msg, fmt, str);
28 ~bug_message() { if (msg) snapshot_free(msg); }
31 void print() { model_print("%s", msg); }
37 * Structure for holding small ModelChecker members that should be snapshotted
39 struct model_snapshot_members {
40 ModelAction *current_action;
41 unsigned int next_thread_id;
42 modelclock_t used_sequence_numbers;
44 ModelAction *next_backtrack;
45 std::vector< bug_message *, SnapshotAlloc<bug_message *> > bugs;
46 struct execution_stats stats;
49 /** @brief Constructor */
50 ModelChecker::ModelChecker(struct model_params params) :
51 /* Initialize default scheduler */
53 scheduler(new Scheduler()),
55 earliest_diverge(NULL),
56 action_trace(new action_list_t()),
57 thread_map(new HashTable<int, Thread *, int>()),
58 obj_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
59 lock_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
60 condvar_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
61 obj_thrd_map(new HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4 >()),
62 promises(new std::vector< Promise *, SnapshotAlloc<Promise *> >()),
63 futurevalues(new std::vector< struct PendingFutureValue, SnapshotAlloc<struct PendingFutureValue> >()),
64 pending_rel_seqs(new std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >()),
65 thrd_last_action(new std::vector< ModelAction *, SnapshotAlloc<ModelAction *> >(1)),
66 node_stack(new NodeStack()),
67 mo_graph(new CycleGraph()),
68 failed_promise(false),
69 too_many_reads(false),
71 bad_synchronization(false)
73 /* Allocate this "size" on the snapshotting heap */
74 priv = (struct model_snapshot_members *)snapshot_calloc(1, sizeof(*priv));
75 /* First thread created will have id INITIAL_THREAD_ID */
76 priv->next_thread_id = INITIAL_THREAD_ID;
78 /* Initialize a model-checker thread, for special ModelActions */
79 model_thread = new Thread(get_next_id());
80 thread_map->put(id_to_int(model_thread->get_id()), model_thread);
83 /** @brief Destructor */
84 ModelChecker::~ModelChecker()
86 for (unsigned int i = 0; i < get_num_threads(); i++)
87 delete thread_map->get(i);
92 delete lock_waiters_map;
93 delete condvar_waiters_map;
96 for (unsigned int i = 0; i < promises->size(); i++)
97 delete (*promises)[i];
100 delete pending_rel_seqs;
102 delete thrd_last_action;
107 for (unsigned int i = 0; i < priv->bugs.size(); i++)
108 delete priv->bugs[i];
113 static action_list_t * get_safe_ptr_action(HashTable<const void *, action_list_t *, uintptr_t, 4> * hash, void * ptr) {
114 action_list_t * tmp=hash->get(ptr);
116 tmp=new action_list_t();
122 static std::vector<action_list_t> * get_safe_ptr_vect_action(HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4> * hash, void * ptr) {
123 std::vector<action_list_t> * tmp=hash->get(ptr);
125 tmp=new std::vector<action_list_t>();
132 * Restores user program to initial state and resets all model-checker data
135 void ModelChecker::reset_to_initial_state()
137 DEBUG("+++ Resetting to initial state +++\n");
138 node_stack->reset_execution();
139 failed_promise = false;
140 too_many_reads = false;
141 bad_synchronization = false;
144 /* Print all model-checker output before rollback */
147 snapshotObject->backTrackBeforeStep(0);
150 /** @return a thread ID for a new Thread */
151 thread_id_t ModelChecker::get_next_id()
153 return priv->next_thread_id++;
156 /** @return the number of user threads created during this execution */
157 unsigned int ModelChecker::get_num_threads() const
159 return priv->next_thread_id;
162 /** @return The currently executing Thread. */
163 Thread * ModelChecker::get_current_thread()
165 return scheduler->get_current_thread();
168 /** @return a sequence number for a new ModelAction */
169 modelclock_t ModelChecker::get_next_seq_num()
171 return ++priv->used_sequence_numbers;
174 Node * ModelChecker::get_curr_node() {
175 return node_stack->get_head();
179 * @brief Choose the next thread to execute.
181 * This function chooses the next thread that should execute. It can force the
182 * adjacency of read/write portions of a RMW action, force THREAD_CREATE to be
183 * followed by a THREAD_START, or it can enforce execution replay/backtracking.
184 * The model-checker may have no preference regarding the next thread (i.e.,
185 * when exploring a new execution ordering), in which case this will return
187 * @param curr The current ModelAction. This action might guide the choice of
189 * @return The next thread to run. If the model-checker has no preference, NULL.
191 Thread * ModelChecker::get_next_thread(ModelAction *curr)
196 /* Do not split atomic actions. */
198 return thread_current();
199 /* The THREAD_CREATE action points to the created Thread */
200 else if (curr->get_type() == THREAD_CREATE)
201 return (Thread *)curr->get_location();
204 /* Have we completed exploring the preselected path? */
208 /* Else, we are trying to replay an execution */
209 ModelAction *next = node_stack->get_next()->get_action();
211 if (next == diverge) {
212 if (earliest_diverge == NULL || *diverge < *earliest_diverge)
213 earliest_diverge=diverge;
215 Node *nextnode = next->get_node();
216 Node *prevnode = nextnode->get_parent();
217 scheduler->update_sleep_set(prevnode);
219 /* Reached divergence point */
220 if (nextnode->increment_misc()) {
221 /* The next node will try to satisfy a different misc_index values. */
222 tid = next->get_tid();
223 node_stack->pop_restofstack(2);
224 } else if (nextnode->increment_promise()) {
225 /* The next node will try to satisfy a different set of promises. */
226 tid = next->get_tid();
227 node_stack->pop_restofstack(2);
228 } else if (nextnode->increment_read_from()) {
229 /* The next node will read from a different value. */
230 tid = next->get_tid();
231 node_stack->pop_restofstack(2);
232 } else if (nextnode->increment_future_value()) {
233 /* The next node will try to read from a different future value. */
234 tid = next->get_tid();
235 node_stack->pop_restofstack(2);
236 } else if (nextnode->increment_relseq_break()) {
237 /* The next node will try to resolve a release sequence differently */
238 tid = next->get_tid();
239 node_stack->pop_restofstack(2);
241 /* Make a different thread execute for next step */
242 scheduler->add_sleep(thread_map->get(id_to_int(next->get_tid())));
243 tid = prevnode->get_next_backtrack();
244 /* Make sure the backtracked thread isn't sleeping. */
245 node_stack->pop_restofstack(1);
246 if (diverge==earliest_diverge) {
247 earliest_diverge=prevnode->get_action();
250 /* The correct sleep set is in the parent node. */
253 DEBUG("*** Divergence point ***\n");
257 tid = next->get_tid();
259 DEBUG("*** ModelChecker chose next thread = %d ***\n", id_to_int(tid));
260 ASSERT(tid != THREAD_ID_T_NONE);
261 return thread_map->get(id_to_int(tid));
265 * We need to know what the next actions of all threads in the sleep
266 * set will be. This method computes them and stores the actions at
267 * the corresponding thread object's pending action.
270 void ModelChecker::execute_sleep_set() {
271 for(unsigned int i=0;i<get_num_threads();i++) {
272 thread_id_t tid=int_to_id(i);
273 Thread *thr=get_thread(tid);
274 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET &&
275 thr->get_pending() == NULL ) {
276 thr->set_state(THREAD_RUNNING);
277 scheduler->next_thread(thr);
278 Thread::swap(&system_context, thr);
279 priv->current_action->set_sleep_flag();
280 thr->set_pending(priv->current_action);
283 priv->current_action = NULL;
286 void ModelChecker::wake_up_sleeping_actions(ModelAction * curr) {
287 for(unsigned int i=0;i<get_num_threads();i++) {
288 thread_id_t tid=int_to_id(i);
289 Thread *thr=get_thread(tid);
290 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET ) {
291 ModelAction *pending_act=thr->get_pending();
292 if ((!curr->is_rmwr())&&pending_act->could_synchronize_with(curr)) {
293 //Remove this thread from sleep set
294 scheduler->remove_sleep(thr);
301 * Check if we are in a deadlock. Should only be called at the end of an
302 * execution, although it should not give false positives in the middle of an
303 * execution (there should be some ENABLED thread).
305 * @return True if program is in a deadlock; false otherwise
307 bool ModelChecker::is_deadlocked() const
309 bool blocking_threads = false;
310 for (unsigned int i = 0; i < get_num_threads(); i++) {
311 thread_id_t tid = int_to_id(i);
314 Thread *t = get_thread(tid);
315 if (!t->is_model_thread() && t->get_pending())
316 blocking_threads = true;
318 return blocking_threads;
322 * Check if this is a complete execution. That is, have all thread completed
323 * execution (rather than exiting because sleep sets have forced a redundant
326 * @return True if the execution is complete.
328 bool ModelChecker::is_complete_execution() const
330 for (unsigned int i = 0; i < get_num_threads(); i++)
331 if (is_enabled(int_to_id(i)))
337 * @brief Assert a bug in the executing program.
339 * Use this function to assert any sort of bug in the user program. If the
340 * current trace is feasible (actually, a prefix of some feasible execution),
341 * then this execution will be aborted, printing the appropriate message. If
342 * the current trace is not yet feasible, the error message will be stashed and
343 * printed if the execution ever becomes feasible.
345 * @param msg Descriptive message for the bug (do not include newline char)
346 * @return True if bug is immediately-feasible
348 bool ModelChecker::assert_bug(const char *msg)
350 priv->bugs.push_back(new bug_message(msg));
352 if (isfeasibleprefix()) {
360 * @brief Assert a bug in the executing program, asserted by a user thread
361 * @see ModelChecker::assert_bug
362 * @param msg Descriptive message for the bug (do not include newline char)
364 void ModelChecker::assert_user_bug(const char *msg)
366 /* If feasible bug, bail out now */
368 switch_to_master(NULL);
371 /** @return True, if any bugs have been reported for this execution */
372 bool ModelChecker::have_bug_reports() const
374 return priv->bugs.size() != 0;
377 /** @brief Print bug report listing for this execution (if any bugs exist) */
378 void ModelChecker::print_bugs() const
380 if (have_bug_reports()) {
381 model_print("Bug report: %zu bug%s detected\n",
383 priv->bugs.size() > 1 ? "s" : "");
384 for (unsigned int i = 0; i < priv->bugs.size(); i++)
385 priv->bugs[i]->print();
390 * @brief Record end-of-execution stats
392 * Must be run when exiting an execution. Records various stats.
393 * @see struct execution_stats
395 void ModelChecker::record_stats()
398 if (!isfinalfeasible())
399 stats.num_infeasible++;
400 else if (have_bug_reports())
401 stats.num_buggy_executions++;
402 else if (is_complete_execution())
403 stats.num_complete++;
406 /** @brief Print execution stats */
407 void ModelChecker::print_stats() const
409 model_print("Number of complete, bug-free executions: %d\n", stats.num_complete);
410 model_print("Number of buggy executions: %d\n", stats.num_buggy_executions);
411 model_print("Number of infeasible executions: %d\n", stats.num_infeasible);
412 model_print("Total executions: %d\n", stats.num_total);
413 model_print("Total nodes created: %d\n", node_stack->get_total_nodes());
417 * Queries the model-checker for more executions to explore and, if one
418 * exists, resets the model-checker state to execute a new execution.
420 * @return If there are more executions to explore, return true. Otherwise,
423 bool ModelChecker::next_execution()
427 if (isfinalfeasible() && (is_complete_execution() || have_bug_reports())) {
428 model_print("Earliest divergence point since last feasible execution:\n");
429 if (earliest_diverge)
430 earliest_diverge->print();
432 model_print("(Not set)\n");
434 earliest_diverge = NULL;
437 assert_bug("Deadlock detected");
443 } else if (DBG_ENABLED()) {
450 if ((diverge = get_next_backtrack()) == NULL)
454 model_print("Next execution will diverge at:\n");
458 reset_to_initial_state();
462 ModelAction * ModelChecker::get_last_conflict(ModelAction *act)
464 switch (act->get_type()) {
468 /* linear search: from most recent to oldest */
469 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
470 action_list_t::reverse_iterator rit;
471 for (rit = list->rbegin(); rit != list->rend(); rit++) {
472 ModelAction *prev = *rit;
473 if (prev->could_synchronize_with(act))
479 case ATOMIC_TRYLOCK: {
480 /* linear search: from most recent to oldest */
481 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
482 action_list_t::reverse_iterator rit;
483 for (rit = list->rbegin(); rit != list->rend(); rit++) {
484 ModelAction *prev = *rit;
485 if (act->is_conflicting_lock(prev))
490 case ATOMIC_UNLOCK: {
491 /* linear search: from most recent to oldest */
492 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
493 action_list_t::reverse_iterator rit;
494 for (rit = list->rbegin(); rit != list->rend(); rit++) {
495 ModelAction *prev = *rit;
496 if (!act->same_thread(prev)&&prev->is_failed_trylock())
502 /* linear search: from most recent to oldest */
503 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
504 action_list_t::reverse_iterator rit;
505 for (rit = list->rbegin(); rit != list->rend(); rit++) {
506 ModelAction *prev = *rit;
507 if (!act->same_thread(prev)&&prev->is_failed_trylock())
509 if (!act->same_thread(prev)&&prev->is_notify())
515 case ATOMIC_NOTIFY_ALL:
516 case ATOMIC_NOTIFY_ONE: {
517 /* linear search: from most recent to oldest */
518 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
519 action_list_t::reverse_iterator rit;
520 for (rit = list->rbegin(); rit != list->rend(); rit++) {
521 ModelAction *prev = *rit;
522 if (!act->same_thread(prev)&&prev->is_wait())
533 /** This method finds backtracking points where we should try to
534 * reorder the parameter ModelAction against.
536 * @param the ModelAction to find backtracking points for.
538 void ModelChecker::set_backtracking(ModelAction *act)
540 Thread *t = get_thread(act);
541 ModelAction * prev = get_last_conflict(act);
545 Node * node = prev->get_node()->get_parent();
547 int low_tid, high_tid;
548 if (node->is_enabled(t)) {
549 low_tid = id_to_int(act->get_tid());
550 high_tid = low_tid+1;
553 high_tid = get_num_threads();
556 for(int i = low_tid; i < high_tid; i++) {
557 thread_id_t tid = int_to_id(i);
559 /* Make sure this thread can be enabled here. */
560 if (i >= node->get_num_threads())
563 /* Don't backtrack into a point where the thread is disabled or sleeping. */
564 if (node->enabled_status(tid)!=THREAD_ENABLED)
567 /* Check if this has been explored already */
568 if (node->has_been_explored(tid))
571 /* See if fairness allows */
572 if (model->params.fairwindow != 0 && !node->has_priority(tid)) {
574 for(int t=0;t<node->get_num_threads();t++) {
575 thread_id_t tother=int_to_id(t);
576 if (node->is_enabled(tother) && node->has_priority(tother)) {
584 /* Cache the latest backtracking point */
585 if (!priv->next_backtrack || *prev > *priv->next_backtrack)
586 priv->next_backtrack = prev;
588 /* If this is a new backtracking point, mark the tree */
589 if (!node->set_backtrack(tid))
591 DEBUG("Setting backtrack: conflict = %d, instead tid = %d\n",
592 id_to_int(prev->get_tid()),
593 id_to_int(t->get_id()));
602 * Returns last backtracking point. The model checker will explore a different
603 * path for this point in the next execution.
604 * @return The ModelAction at which the next execution should diverge.
606 ModelAction * ModelChecker::get_next_backtrack()
608 ModelAction *next = priv->next_backtrack;
609 priv->next_backtrack = NULL;
614 * Processes a read or rmw model action.
615 * @param curr is the read model action to process.
616 * @param second_part_of_rmw is boolean that is true is this is the second action of a rmw.
617 * @return True if processing this read updates the mo_graph.
619 bool ModelChecker::process_read(ModelAction *curr, bool second_part_of_rmw)
621 uint64_t value = VALUE_NONE;
622 bool updated = false;
624 const ModelAction *reads_from = curr->get_node()->get_read_from();
625 if (reads_from != NULL) {
626 mo_graph->startChanges();
628 value = reads_from->get_value();
629 bool r_status = false;
631 if (!second_part_of_rmw) {
632 check_recency(curr, reads_from);
633 r_status = r_modification_order(curr, reads_from);
637 if (!second_part_of_rmw&&!isfeasible()&&(curr->get_node()->increment_read_from()||curr->get_node()->increment_future_value())) {
638 mo_graph->rollbackChanges();
639 too_many_reads = false;
643 curr->read_from(reads_from);
644 mo_graph->commitChanges();
645 mo_check_promises(curr->get_tid(), reads_from);
648 } else if (!second_part_of_rmw) {
649 /* Read from future value */
650 value = curr->get_node()->get_future_value();
651 modelclock_t expiration = curr->get_node()->get_future_value_expiration();
652 curr->read_from(NULL);
653 Promise *valuepromise = new Promise(curr, value, expiration);
654 promises->push_back(valuepromise);
656 get_thread(curr)->set_return_value(value);
662 * Processes a lock, trylock, or unlock model action. @param curr is
663 * the read model action to process.
665 * The try lock operation checks whether the lock is taken. If not,
666 * it falls to the normal lock operation case. If so, it returns
669 * The lock operation has already been checked that it is enabled, so
670 * it just grabs the lock and synchronizes with the previous unlock.
672 * The unlock operation has to re-enable all of the threads that are
673 * waiting on the lock.
675 * @return True if synchronization was updated; false otherwise
677 bool ModelChecker::process_mutex(ModelAction *curr) {
678 std::mutex *mutex=NULL;
679 struct std::mutex_state *state=NULL;
681 if (curr->is_trylock() || curr->is_lock() || curr->is_unlock()) {
682 mutex = (std::mutex *)curr->get_location();
683 state = mutex->get_state();
684 } else if(curr->is_wait()) {
685 mutex = (std::mutex *)curr->get_value();
686 state = mutex->get_state();
689 switch (curr->get_type()) {
690 case ATOMIC_TRYLOCK: {
691 bool success = !state->islocked;
692 curr->set_try_lock(success);
694 get_thread(curr)->set_return_value(0);
697 get_thread(curr)->set_return_value(1);
699 //otherwise fall into the lock case
701 if (curr->get_cv()->getClock(state->alloc_tid) <= state->alloc_clock)
702 assert_bug("Lock access before initialization");
703 state->islocked = true;
704 ModelAction *unlock = get_last_unlock(curr);
705 //synchronize with the previous unlock statement
706 if (unlock != NULL) {
707 curr->synchronize_with(unlock);
712 case ATOMIC_UNLOCK: {
714 state->islocked = false;
715 //wake up the other threads
716 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, curr->get_location());
717 //activate all the waiting threads
718 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
719 scheduler->wake(get_thread(*rit));
726 state->islocked = false;
727 //wake up the other threads
728 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, (void *) curr->get_value());
729 //activate all the waiting threads
730 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
731 scheduler->wake(get_thread(*rit));
734 //check whether we should go to sleep or not...simulate spurious failures
735 if (curr->get_node()->get_misc()==0) {
736 get_safe_ptr_action(condvar_waiters_map, curr->get_location())->push_back(curr);
738 scheduler->sleep(get_current_thread());
742 case ATOMIC_NOTIFY_ALL: {
743 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
744 //activate all the waiting threads
745 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
746 scheduler->wake(get_thread(*rit));
751 case ATOMIC_NOTIFY_ONE: {
752 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
753 int wakeupthread=curr->get_node()->get_misc();
754 action_list_t::iterator it = waiters->begin();
755 advance(it, wakeupthread);
756 scheduler->wake(get_thread(*it));
768 * Process a write ModelAction
769 * @param curr The ModelAction to process
770 * @return True if the mo_graph was updated or promises were resolved
772 bool ModelChecker::process_write(ModelAction *curr)
774 bool updated_mod_order = w_modification_order(curr);
775 bool updated_promises = resolve_promises(curr);
777 if (promises->size() == 0) {
778 for (unsigned int i = 0; i < futurevalues->size(); i++) {
779 struct PendingFutureValue pfv = (*futurevalues)[i];
780 //Do more ambitious checks now that mo is more complete
781 if (mo_may_allow(pfv.writer, pfv.act)&&
782 pfv.act->get_node()->add_future_value(pfv.writer->get_value(), pfv.writer->get_seq_number()+params.maxfuturedelay) &&
783 (!priv->next_backtrack || *pfv.act > *priv->next_backtrack))
784 priv->next_backtrack = pfv.act;
786 futurevalues->resize(0);
789 mo_graph->commitChanges();
790 mo_check_promises(curr->get_tid(), curr);
792 get_thread(curr)->set_return_value(VALUE_NONE);
793 return updated_mod_order || updated_promises;
797 * @brief Process the current action for thread-related activity
799 * Performs current-action processing for a THREAD_* ModelAction. Proccesses
800 * may include setting Thread status, completing THREAD_FINISH/THREAD_JOIN
801 * synchronization, etc. This function is a no-op for non-THREAD actions
802 * (e.g., ATOMIC_{READ,WRITE,RMW,LOCK}, etc.)
804 * @param curr The current action
805 * @return True if synchronization was updated or a thread completed
807 bool ModelChecker::process_thread_action(ModelAction *curr)
809 bool updated = false;
811 switch (curr->get_type()) {
812 case THREAD_CREATE: {
813 Thread *th = (Thread *)curr->get_location();
814 th->set_creation(curr);
818 Thread *blocking = (Thread *)curr->get_location();
819 ModelAction *act = get_last_action(blocking->get_id());
820 curr->synchronize_with(act);
821 updated = true; /* trigger rel-seq checks */
824 case THREAD_FINISH: {
825 Thread *th = get_thread(curr);
826 while (!th->wait_list_empty()) {
827 ModelAction *act = th->pop_wait_list();
828 scheduler->wake(get_thread(act));
831 updated = true; /* trigger rel-seq checks */
835 check_promises(curr->get_tid(), NULL, curr->get_cv());
846 * @brief Process the current action for release sequence fixup activity
848 * Performs model-checker release sequence fixups for the current action,
849 * forcing a single pending release sequence to break (with a given, potential
850 * "loose" write) or to complete (i.e., synchronize). If a pending release
851 * sequence forms a complete release sequence, then we must perform the fixup
852 * synchronization, mo_graph additions, etc.
854 * @param curr The current action; must be a release sequence fixup action
855 * @param work_queue The work queue to which to add work items as they are
858 void ModelChecker::process_relseq_fixup(ModelAction *curr, work_queue_t *work_queue)
860 const ModelAction *write = curr->get_node()->get_relseq_break();
861 struct release_seq *sequence = pending_rel_seqs->back();
862 pending_rel_seqs->pop_back();
864 ModelAction *acquire = sequence->acquire;
865 const ModelAction *rf = sequence->rf;
866 const ModelAction *release = sequence->release;
870 ASSERT(release->same_thread(rf));
874 * @todo Forcing a synchronization requires that we set
875 * modification order constraints. For instance, we can't allow
876 * a fixup sequence in which two separate read-acquire
877 * operations read from the same sequence, where the first one
878 * synchronizes and the other doesn't. Essentially, we can't
879 * allow any writes to insert themselves between 'release' and
883 /* Must synchronize */
884 if (!acquire->synchronize_with(release)) {
885 set_bad_synchronization();
888 /* Re-check all pending release sequences */
889 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
890 /* Re-check act for mo_graph edges */
891 work_queue->push_back(MOEdgeWorkEntry(acquire));
893 /* propagate synchronization to later actions */
894 action_list_t::reverse_iterator rit = action_trace->rbegin();
895 for (; (*rit) != acquire; rit++) {
896 ModelAction *propagate = *rit;
897 if (acquire->happens_before(propagate)) {
898 propagate->synchronize_with(acquire);
899 /* Re-check 'propagate' for mo_graph edges */
900 work_queue->push_back(MOEdgeWorkEntry(propagate));
904 /* Break release sequence with new edges:
905 * release --mo--> write --mo--> rf */
906 mo_graph->addEdge(release, write);
907 mo_graph->addEdge(write, rf);
910 /* See if we have realized a data race */
915 * Initialize the current action by performing one or more of the following
916 * actions, as appropriate: merging RMWR and RMWC/RMW actions, stepping forward
917 * in the NodeStack, manipulating backtracking sets, allocating and
918 * initializing clock vectors, and computing the promises to fulfill.
920 * @param curr The current action, as passed from the user context; may be
921 * freed/invalidated after the execution of this function, with a different
922 * action "returned" its place (pass-by-reference)
923 * @return True if curr is a newly-explored action; false otherwise
925 bool ModelChecker::initialize_curr_action(ModelAction **curr)
927 ModelAction *newcurr;
929 if ((*curr)->is_rmwc() || (*curr)->is_rmw()) {
930 newcurr = process_rmw(*curr);
933 if (newcurr->is_rmw())
934 compute_promises(newcurr);
940 (*curr)->set_seq_number(get_next_seq_num());
942 newcurr = node_stack->explore_action(*curr, scheduler->get_enabled());
944 /* First restore type and order in case of RMW operation */
945 if ((*curr)->is_rmwr())
946 newcurr->copy_typeandorder(*curr);
948 ASSERT((*curr)->get_location() == newcurr->get_location());
949 newcurr->copy_from_new(*curr);
951 /* Discard duplicate ModelAction; use action from NodeStack */
954 /* Always compute new clock vector */
955 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
958 return false; /* Action was explored previously */
962 /* Always compute new clock vector */
963 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
965 * Perform one-time actions when pushing new ModelAction onto
968 if (newcurr->is_write())
969 compute_promises(newcurr);
970 else if (newcurr->is_relseq_fixup())
971 compute_relseq_breakwrites(newcurr);
972 else if (newcurr->is_wait())
973 newcurr->get_node()->set_misc_max(2);
974 else if (newcurr->is_notify_one()) {
975 newcurr->get_node()->set_misc_max(get_safe_ptr_action(condvar_waiters_map, newcurr->get_location())->size());
977 return true; /* This was a new ModelAction */
982 * @brief Check whether a model action is enabled.
984 * Checks whether a lock or join operation would be successful (i.e., is the
985 * lock already locked, or is the joined thread already complete). If not, put
986 * the action in a waiter list.
988 * @param curr is the ModelAction to check whether it is enabled.
989 * @return a bool that indicates whether the action is enabled.
991 bool ModelChecker::check_action_enabled(ModelAction *curr) {
992 if (curr->is_lock()) {
993 std::mutex * lock = (std::mutex *)curr->get_location();
994 struct std::mutex_state * state = lock->get_state();
995 if (state->islocked) {
996 //Stick the action in the appropriate waiting queue
997 get_safe_ptr_action(lock_waiters_map, curr->get_location())->push_back(curr);
1000 } else if (curr->get_type() == THREAD_JOIN) {
1001 Thread *blocking = (Thread *)curr->get_location();
1002 if (!blocking->is_complete()) {
1003 blocking->push_wait_list(curr);
1012 * Stores the ModelAction for the current thread action. Call this
1013 * immediately before switching from user- to system-context to pass
1014 * data between them.
1015 * @param act The ModelAction created by the user-thread action
1017 void ModelChecker::set_current_action(ModelAction *act) {
1018 priv->current_action = act;
1022 * This is the heart of the model checker routine. It performs model-checking
1023 * actions corresponding to a given "current action." Among other processes, it
1024 * calculates reads-from relationships, updates synchronization clock vectors,
1025 * forms a memory_order constraints graph, and handles replay/backtrack
1026 * execution when running permutations of previously-observed executions.
1028 * @param curr The current action to process
1029 * @return The next Thread that must be executed. May be NULL if ModelChecker
1030 * makes no choice (e.g., according to replay execution, combining RMW actions,
1033 Thread * ModelChecker::check_current_action(ModelAction *curr)
1036 bool second_part_of_rmw = curr->is_rmwc() || curr->is_rmw();
1038 if (!check_action_enabled(curr)) {
1039 /* Make the execution look like we chose to run this action
1040 * much later, when a lock/join can succeed */
1041 get_current_thread()->set_pending(curr);
1042 scheduler->sleep(get_current_thread());
1043 return get_next_thread(NULL);
1046 bool newly_explored = initialize_curr_action(&curr);
1048 wake_up_sleeping_actions(curr);
1050 /* Add the action to lists before any other model-checking tasks */
1051 if (!second_part_of_rmw)
1052 add_action_to_lists(curr);
1054 /* Build may_read_from set for newly-created actions */
1055 if (newly_explored && curr->is_read())
1056 build_reads_from_past(curr);
1058 /* Initialize work_queue with the "current action" work */
1059 work_queue_t work_queue(1, CheckCurrWorkEntry(curr));
1060 while (!work_queue.empty() && !has_asserted()) {
1061 WorkQueueEntry work = work_queue.front();
1062 work_queue.pop_front();
1064 switch (work.type) {
1065 case WORK_CHECK_CURR_ACTION: {
1066 ModelAction *act = work.action;
1067 bool update = false; /* update this location's release seq's */
1068 bool update_all = false; /* update all release seq's */
1070 if (process_thread_action(curr))
1073 if (act->is_read() && process_read(act, second_part_of_rmw))
1076 if (act->is_write() && process_write(act))
1079 if (act->is_mutex_op() && process_mutex(act))
1082 if (act->is_relseq_fixup())
1083 process_relseq_fixup(curr, &work_queue);
1086 work_queue.push_back(CheckRelSeqWorkEntry(NULL));
1088 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1091 case WORK_CHECK_RELEASE_SEQ:
1092 resolve_release_sequences(work.location, &work_queue);
1094 case WORK_CHECK_MO_EDGES: {
1095 /** @todo Complete verification of work_queue */
1096 ModelAction *act = work.action;
1097 bool updated = false;
1099 if (act->is_read()) {
1100 const ModelAction *rf = act->get_reads_from();
1101 if (rf != NULL && r_modification_order(act, rf))
1104 if (act->is_write()) {
1105 if (w_modification_order(act))
1108 mo_graph->commitChanges();
1111 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1120 check_curr_backtracking(curr);
1121 set_backtracking(curr);
1122 return get_next_thread(curr);
1125 void ModelChecker::check_curr_backtracking(ModelAction * curr) {
1126 Node *currnode = curr->get_node();
1127 Node *parnode = currnode->get_parent();
1129 if ((!parnode->backtrack_empty() ||
1130 !currnode->misc_empty() ||
1131 !currnode->read_from_empty() ||
1132 !currnode->future_value_empty() ||
1133 !currnode->promise_empty() ||
1134 !currnode->relseq_break_empty())
1135 && (!priv->next_backtrack ||
1136 *curr > *priv->next_backtrack)) {
1137 priv->next_backtrack = curr;
1141 bool ModelChecker::promises_expired() const
1143 for (unsigned int promise_index = 0; promise_index < promises->size(); promise_index++) {
1144 Promise *promise = (*promises)[promise_index];
1145 if (promise->get_expiration()<priv->used_sequence_numbers) {
1152 /** @return whether the current partial trace must be a prefix of a
1153 * feasible trace. */
1154 bool ModelChecker::isfeasibleprefix() const
1156 return promises->size() == 0 && pending_rel_seqs->size() == 0 && isfeasible();
1159 /** @return whether the current partial trace is feasible. */
1160 bool ModelChecker::isfeasible() const
1162 if (DBG_ENABLED() && mo_graph->checkForRMWViolation())
1163 DEBUG("Infeasible: RMW violation\n");
1165 return !mo_graph->checkForRMWViolation() && isfeasibleotherthanRMW();
1168 /** @return whether the current partial trace is feasible other than
1169 * multiple RMW reading from the same store. */
1170 bool ModelChecker::isfeasibleotherthanRMW() const
1172 if (DBG_ENABLED()) {
1173 if (mo_graph->checkForCycles())
1174 DEBUG("Infeasible: modification order cycles\n");
1176 DEBUG("Infeasible: failed promise\n");
1178 DEBUG("Infeasible: too many reads\n");
1179 if (bad_synchronization)
1180 DEBUG("Infeasible: bad synchronization ordering\n");
1181 if (promises_expired())
1182 DEBUG("Infeasible: promises expired\n");
1184 return !mo_graph->checkForCycles() && !failed_promise && !too_many_reads && !bad_synchronization && !promises_expired();
1187 /** Returns whether the current completed trace is feasible. */
1188 bool ModelChecker::isfinalfeasible() const
1190 if (DBG_ENABLED() && promises->size() != 0)
1191 DEBUG("Infeasible: unrevolved promises\n");
1193 return isfeasible() && promises->size() == 0;
1196 /** Close out a RMWR by converting previous RMWR into a RMW or READ. */
1197 ModelAction * ModelChecker::process_rmw(ModelAction *act) {
1198 ModelAction *lastread = get_last_action(act->get_tid());
1199 lastread->process_rmw(act);
1200 if (act->is_rmw() && lastread->get_reads_from()!=NULL) {
1201 mo_graph->addRMWEdge(lastread->get_reads_from(), lastread);
1202 mo_graph->commitChanges();
1208 * Checks whether a thread has read from the same write for too many times
1209 * without seeing the effects of a later write.
1212 * 1) there must a different write that we could read from that would satisfy the modification order,
1213 * 2) we must have read from the same value in excess of maxreads times, and
1214 * 3) that other write must have been in the reads_from set for maxreads times.
1216 * If so, we decide that the execution is no longer feasible.
1218 void ModelChecker::check_recency(ModelAction *curr, const ModelAction *rf) {
1219 if (params.maxreads != 0) {
1221 if (curr->get_node()->get_read_from_size() <= 1)
1223 //Must make sure that execution is currently feasible... We could
1224 //accidentally clear by rolling back
1227 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1228 int tid = id_to_int(curr->get_tid());
1231 if ((int)thrd_lists->size() <= tid)
1233 action_list_t *list = &(*thrd_lists)[tid];
1235 action_list_t::reverse_iterator rit = list->rbegin();
1236 /* Skip past curr */
1237 for (; (*rit) != curr; rit++)
1239 /* go past curr now */
1242 action_list_t::reverse_iterator ritcopy = rit;
1243 //See if we have enough reads from the same value
1245 for (; count < params.maxreads; rit++,count++) {
1246 if (rit==list->rend())
1248 ModelAction *act = *rit;
1249 if (!act->is_read())
1252 if (act->get_reads_from() != rf)
1254 if (act->get_node()->get_read_from_size() <= 1)
1257 for (int i = 0; i<curr->get_node()->get_read_from_size(); i++) {
1259 const ModelAction * write = curr->get_node()->get_read_from_at(i);
1261 //Need a different write
1265 /* Test to see whether this is a feasible write to read from*/
1266 mo_graph->startChanges();
1267 r_modification_order(curr, write);
1268 bool feasiblereadfrom = isfeasible();
1269 mo_graph->rollbackChanges();
1271 if (!feasiblereadfrom)
1275 bool feasiblewrite = true;
1276 //new we need to see if this write works for everyone
1278 for (int loop = count; loop>0; loop--,rit++) {
1279 ModelAction *act=*rit;
1280 bool foundvalue = false;
1281 for (int j = 0; j<act->get_node()->get_read_from_size(); j++) {
1282 if (act->get_node()->get_read_from_at(j)==write) {
1288 feasiblewrite = false;
1292 if (feasiblewrite) {
1293 too_many_reads = true;
1301 * Updates the mo_graph with the constraints imposed from the current
1304 * Basic idea is the following: Go through each other thread and find
1305 * the lastest action that happened before our read. Two cases:
1307 * (1) The action is a write => that write must either occur before
1308 * the write we read from or be the write we read from.
1310 * (2) The action is a read => the write that that action read from
1311 * must occur before the write we read from or be the same write.
1313 * @param curr The current action. Must be a read.
1314 * @param rf The action that curr reads from. Must be a write.
1315 * @return True if modification order edges were added; false otherwise
1317 bool ModelChecker::r_modification_order(ModelAction *curr, const ModelAction *rf)
1319 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1322 ASSERT(curr->is_read());
1324 /* Iterate over all threads */
1325 for (i = 0; i < thrd_lists->size(); i++) {
1326 /* Iterate over actions in thread, starting from most recent */
1327 action_list_t *list = &(*thrd_lists)[i];
1328 action_list_t::reverse_iterator rit;
1329 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1330 ModelAction *act = *rit;
1333 * Include at most one act per-thread that "happens
1334 * before" curr. Don't consider reflexively.
1336 if (act->happens_before(curr) && act != curr) {
1337 if (act->is_write()) {
1339 mo_graph->addEdge(act, rf);
1343 const ModelAction *prevreadfrom = act->get_reads_from();
1344 //if the previous read is unresolved, keep going...
1345 if (prevreadfrom == NULL)
1348 if (rf != prevreadfrom) {
1349 mo_graph->addEdge(prevreadfrom, rf);
1361 /** This method fixes up the modification order when we resolve a
1362 * promises. The basic problem is that actions that occur after the
1363 * read curr could not property add items to the modification order
1366 * So for each thread, we find the earliest item that happens after
1367 * the read curr. This is the item we have to fix up with additional
1368 * constraints. If that action is write, we add a MO edge between
1369 * the Action rf and that action. If the action is a read, we add a
1370 * MO edge between the Action rf, and whatever the read accessed.
1372 * @param curr is the read ModelAction that we are fixing up MO edges for.
1373 * @param rf is the write ModelAction that curr reads from.
1376 void ModelChecker::post_r_modification_order(ModelAction *curr, const ModelAction *rf)
1378 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1380 ASSERT(curr->is_read());
1382 /* Iterate over all threads */
1383 for (i = 0; i < thrd_lists->size(); i++) {
1384 /* Iterate over actions in thread, starting from most recent */
1385 action_list_t *list = &(*thrd_lists)[i];
1386 action_list_t::reverse_iterator rit;
1387 ModelAction *lastact = NULL;
1389 /* Find last action that happens after curr that is either not curr or a rmw */
1390 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1391 ModelAction *act = *rit;
1392 if (curr->happens_before(act) && (curr != act || curr->is_rmw())) {
1398 /* Include at most one act per-thread that "happens before" curr */
1399 if (lastact != NULL) {
1400 if (lastact==curr) {
1401 //Case 1: The resolved read is a RMW, and we need to make sure
1402 //that the write portion of the RMW mod order after rf
1404 mo_graph->addEdge(rf, lastact);
1405 } else if (lastact->is_read()) {
1406 //Case 2: The resolved read is a normal read and the next
1407 //operation is a read, and we need to make sure the value read
1408 //is mod ordered after rf
1410 const ModelAction *postreadfrom = lastact->get_reads_from();
1411 if (postreadfrom != NULL&&rf != postreadfrom)
1412 mo_graph->addEdge(rf, postreadfrom);
1414 //Case 3: The resolved read is a normal read and the next
1415 //operation is a write, and we need to make sure that the
1416 //write is mod ordered after rf
1418 mo_graph->addEdge(rf, lastact);
1426 * Updates the mo_graph with the constraints imposed from the current write.
1428 * Basic idea is the following: Go through each other thread and find
1429 * the lastest action that happened before our write. Two cases:
1431 * (1) The action is a write => that write must occur before
1434 * (2) The action is a read => the write that that action read from
1435 * must occur before the current write.
1437 * This method also handles two other issues:
1439 * (I) Sequential Consistency: Making sure that if the current write is
1440 * seq_cst, that it occurs after the previous seq_cst write.
1442 * (II) Sending the write back to non-synchronizing reads.
1444 * @param curr The current action. Must be a write.
1445 * @return True if modification order edges were added; false otherwise
1447 bool ModelChecker::w_modification_order(ModelAction *curr)
1449 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1452 ASSERT(curr->is_write());
1454 if (curr->is_seqcst()) {
1455 /* We have to at least see the last sequentially consistent write,
1456 so we are initialized. */
1457 ModelAction *last_seq_cst = get_last_seq_cst(curr);
1458 if (last_seq_cst != NULL) {
1459 mo_graph->addEdge(last_seq_cst, curr);
1464 /* Iterate over all threads */
1465 for (i = 0; i < thrd_lists->size(); i++) {
1466 /* Iterate over actions in thread, starting from most recent */
1467 action_list_t *list = &(*thrd_lists)[i];
1468 action_list_t::reverse_iterator rit;
1469 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1470 ModelAction *act = *rit;
1473 * 1) If RMW and it actually read from something, then we
1474 * already have all relevant edges, so just skip to next
1477 * 2) If RMW and it didn't read from anything, we should
1478 * whatever edge we can get to speed up convergence.
1480 * 3) If normal write, we need to look at earlier actions, so
1481 * continue processing list.
1483 if (curr->is_rmw()) {
1484 if (curr->get_reads_from()!=NULL)
1493 * Include at most one act per-thread that "happens
1496 if (act->happens_before(curr)) {
1498 * Note: if act is RMW, just add edge:
1500 * The following edge should be handled elsewhere:
1501 * readfrom(act) --mo--> act
1503 if (act->is_write())
1504 mo_graph->addEdge(act, curr);
1505 else if (act->is_read()) {
1506 //if previous read accessed a null, just keep going
1507 if (act->get_reads_from() == NULL)
1509 mo_graph->addEdge(act->get_reads_from(), curr);
1513 } else if (act->is_read() && !act->could_synchronize_with(curr) &&
1514 !act->same_thread(curr)) {
1515 /* We have an action that:
1516 (1) did not happen before us
1517 (2) is a read and we are a write
1518 (3) cannot synchronize with us
1519 (4) is in a different thread
1521 that read could potentially read from our write. Note that
1522 these checks are overly conservative at this point, we'll
1523 do more checks before actually removing the
1527 if (thin_air_constraint_may_allow(curr, act)) {
1529 (curr->is_rmw() && act->is_rmw() && curr->get_reads_from() == act->get_reads_from() && isfeasibleotherthanRMW())) {
1530 struct PendingFutureValue pfv = {curr,act};
1531 futurevalues->push_back(pfv);
1541 /** Arbitrary reads from the future are not allowed. Section 29.3
1542 * part 9 places some constraints. This method checks one result of constraint
1543 * constraint. Others require compiler support. */
1544 bool ModelChecker::thin_air_constraint_may_allow(const ModelAction * writer, const ModelAction *reader) {
1545 if (!writer->is_rmw())
1548 if (!reader->is_rmw())
1551 for (const ModelAction *search = writer->get_reads_from(); search != NULL; search = search->get_reads_from()) {
1552 if (search == reader)
1554 if (search->get_tid() == reader->get_tid() &&
1555 search->happens_before(reader))
1563 * Arbitrary reads from the future are not allowed. Section 29.3 part 9 places
1564 * some constraints. This method checks one the following constraint (others
1565 * require compiler support):
1567 * If X --hb-> Y --mo-> Z, then X should not read from Z.
1569 bool ModelChecker::mo_may_allow(const ModelAction *writer, const ModelAction *reader)
1571 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, reader->get_location());
1573 /* Iterate over all threads */
1574 for (i = 0; i < thrd_lists->size(); i++) {
1575 const ModelAction *write_after_read = NULL;
1577 /* Iterate over actions in thread, starting from most recent */
1578 action_list_t *list = &(*thrd_lists)[i];
1579 action_list_t::reverse_iterator rit;
1580 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1581 ModelAction *act = *rit;
1583 if (!reader->happens_before(act))
1585 else if (act->is_write())
1586 write_after_read = act;
1587 else if (act->is_read() && act->get_reads_from() != NULL && act != reader) {
1588 write_after_read = act->get_reads_from();
1592 if (write_after_read && write_after_read!=writer && mo_graph->checkReachable(write_after_read, writer))
1599 * Finds the head(s) of the release sequence(s) containing a given ModelAction.
1600 * The ModelAction under consideration is expected to be taking part in
1601 * release/acquire synchronization as an object of the "reads from" relation.
1602 * Note that this can only provide release sequence support for RMW chains
1603 * which do not read from the future, as those actions cannot be traced until
1604 * their "promise" is fulfilled. Similarly, we may not even establish the
1605 * presence of a release sequence with certainty, as some modification order
1606 * constraints may be decided further in the future. Thus, this function
1607 * "returns" two pieces of data: a pass-by-reference vector of @a release_heads
1608 * and a boolean representing certainty.
1610 * @param rf The action that might be part of a release sequence. Must be a
1612 * @param release_heads A pass-by-reference style return parameter. After
1613 * execution of this function, release_heads will contain the heads of all the
1614 * relevant release sequences, if any exists with certainty
1615 * @param pending A pass-by-reference style return parameter which is only used
1616 * when returning false (i.e., uncertain). Returns most information regarding
1617 * an uncertain release sequence, including any write operations that might
1618 * break the sequence.
1619 * @return true, if the ModelChecker is certain that release_heads is complete;
1622 bool ModelChecker::release_seq_heads(const ModelAction *rf,
1623 rel_heads_list_t *release_heads,
1624 struct release_seq *pending) const
1626 /* Only check for release sequences if there are no cycles */
1627 if (mo_graph->checkForCycles())
1631 ASSERT(rf->is_write());
1633 if (rf->is_release())
1634 release_heads->push_back(rf);
1636 break; /* End of RMW chain */
1638 /** @todo Need to be smarter here... In the linux lock
1639 * example, this will run to the beginning of the program for
1641 /** @todo The way to be smarter here is to keep going until 1
1642 * thread has a release preceded by an acquire and you've seen
1645 /* acq_rel RMW is a sufficient stopping condition */
1646 if (rf->is_acquire() && rf->is_release())
1647 return true; /* complete */
1649 rf = rf->get_reads_from();
1652 /* read from future: need to settle this later */
1654 return false; /* incomplete */
1657 if (rf->is_release())
1658 return true; /* complete */
1660 /* else relaxed write; check modification order for contiguous subsequence
1661 * -> rf must be same thread as release */
1662 int tid = id_to_int(rf->get_tid());
1663 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, rf->get_location());
1664 action_list_t *list = &(*thrd_lists)[tid];
1665 action_list_t::const_reverse_iterator rit;
1667 /* Find rf in the thread list */
1668 rit = std::find(list->rbegin(), list->rend(), rf);
1669 ASSERT(rit != list->rend());
1671 /* Find the last write/release */
1672 for (; rit != list->rend(); rit++)
1673 if ((*rit)->is_release())
1675 if (rit == list->rend()) {
1676 /* No write-release in this thread */
1677 return true; /* complete */
1679 ModelAction *release = *rit;
1681 ASSERT(rf->same_thread(release));
1683 pending->writes.clear();
1685 bool certain = true;
1686 for (unsigned int i = 0; i < thrd_lists->size(); i++) {
1687 if (id_to_int(rf->get_tid()) == (int)i)
1689 list = &(*thrd_lists)[i];
1691 /* Can we ensure no future writes from this thread may break
1692 * the release seq? */
1693 bool future_ordered = false;
1695 ModelAction *last = get_last_action(int_to_id(i));
1696 Thread *th = get_thread(int_to_id(i));
1697 if ((last && rf->happens_before(last)) ||
1700 future_ordered = true;
1702 ASSERT(!th->is_model_thread() || future_ordered);
1704 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1705 const ModelAction *act = *rit;
1706 /* Reach synchronization -> this thread is complete */
1707 if (act->happens_before(release))
1709 if (rf->happens_before(act)) {
1710 future_ordered = true;
1714 /* Only non-RMW writes can break release sequences */
1715 if (!act->is_write() || act->is_rmw())
1718 /* Check modification order */
1719 if (mo_graph->checkReachable(rf, act)) {
1720 /* rf --mo--> act */
1721 future_ordered = true;
1724 if (mo_graph->checkReachable(act, release))
1725 /* act --mo--> release */
1727 if (mo_graph->checkReachable(release, act) &&
1728 mo_graph->checkReachable(act, rf)) {
1729 /* release --mo-> act --mo--> rf */
1730 return true; /* complete */
1732 /* act may break release sequence */
1733 pending->writes.push_back(act);
1736 if (!future_ordered)
1737 certain = false; /* This thread is uncertain */
1741 release_heads->push_back(release);
1742 pending->writes.clear();
1744 pending->release = release;
1751 * A public interface for getting the release sequence head(s) with which a
1752 * given ModelAction must synchronize. This function only returns a non-empty
1753 * result when it can locate a release sequence head with certainty. Otherwise,
1754 * it may mark the internal state of the ModelChecker so that it will handle
1755 * the release sequence at a later time, causing @a act to update its
1756 * synchronization at some later point in execution.
1757 * @param act The 'acquire' action that may read from a release sequence
1758 * @param release_heads A pass-by-reference return parameter. Will be filled
1759 * with the head(s) of the release sequence(s), if they exists with certainty.
1760 * @see ModelChecker::release_seq_heads
1762 void ModelChecker::get_release_seq_heads(ModelAction *act, rel_heads_list_t *release_heads)
1764 const ModelAction *rf = act->get_reads_from();
1765 struct release_seq *sequence = (struct release_seq *)snapshot_calloc(1, sizeof(struct release_seq));
1766 sequence->acquire = act;
1768 if (!release_seq_heads(rf, release_heads, sequence)) {
1769 /* add act to 'lazy checking' list */
1770 pending_rel_seqs->push_back(sequence);
1772 snapshot_free(sequence);
1777 * Attempt to resolve all stashed operations that might synchronize with a
1778 * release sequence for a given location. This implements the "lazy" portion of
1779 * determining whether or not a release sequence was contiguous, since not all
1780 * modification order information is present at the time an action occurs.
1782 * @param location The location/object that should be checked for release
1783 * sequence resolutions. A NULL value means to check all locations.
1784 * @param work_queue The work queue to which to add work items as they are
1786 * @return True if any updates occurred (new synchronization, new mo_graph
1789 bool ModelChecker::resolve_release_sequences(void *location, work_queue_t *work_queue)
1791 bool updated = false;
1792 std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >::iterator it = pending_rel_seqs->begin();
1793 while (it != pending_rel_seqs->end()) {
1794 struct release_seq *pending = *it;
1795 ModelAction *act = pending->acquire;
1797 /* Only resolve sequences on the given location, if provided */
1798 if (location && act->get_location() != location) {
1803 const ModelAction *rf = act->get_reads_from();
1804 rel_heads_list_t release_heads;
1806 complete = release_seq_heads(rf, &release_heads, pending);
1807 for (unsigned int i = 0; i < release_heads.size(); i++) {
1808 if (!act->has_synchronized_with(release_heads[i])) {
1809 if (act->synchronize_with(release_heads[i]))
1812 set_bad_synchronization();
1817 /* Re-check all pending release sequences */
1818 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
1819 /* Re-check act for mo_graph edges */
1820 work_queue->push_back(MOEdgeWorkEntry(act));
1822 /* propagate synchronization to later actions */
1823 action_list_t::reverse_iterator rit = action_trace->rbegin();
1824 for (; (*rit) != act; rit++) {
1825 ModelAction *propagate = *rit;
1826 if (act->happens_before(propagate)) {
1827 propagate->synchronize_with(act);
1828 /* Re-check 'propagate' for mo_graph edges */
1829 work_queue->push_back(MOEdgeWorkEntry(propagate));
1834 it = pending_rel_seqs->erase(it);
1835 snapshot_free(pending);
1841 // If we resolved promises or data races, see if we have realized a data race.
1848 * Performs various bookkeeping operations for the current ModelAction. For
1849 * instance, adds action to the per-object, per-thread action vector and to the
1850 * action trace list of all thread actions.
1852 * @param act is the ModelAction to add.
1854 void ModelChecker::add_action_to_lists(ModelAction *act)
1856 int tid = id_to_int(act->get_tid());
1857 action_trace->push_back(act);
1859 get_safe_ptr_action(obj_map, act->get_location())->push_back(act);
1861 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, act->get_location());
1862 if (tid >= (int)vec->size())
1863 vec->resize(priv->next_thread_id);
1864 (*vec)[tid].push_back(act);
1866 if ((int)thrd_last_action->size() <= tid)
1867 thrd_last_action->resize(get_num_threads());
1868 (*thrd_last_action)[tid] = act;
1870 if (act->is_wait()) {
1871 void *mutex_loc=(void *) act->get_value();
1872 get_safe_ptr_action(obj_map, mutex_loc)->push_back(act);
1874 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, mutex_loc);
1875 if (tid >= (int)vec->size())
1876 vec->resize(priv->next_thread_id);
1877 (*vec)[tid].push_back(act);
1879 if ((int)thrd_last_action->size() <= tid)
1880 thrd_last_action->resize(get_num_threads());
1881 (*thrd_last_action)[tid] = act;
1886 * @brief Get the last action performed by a particular Thread
1887 * @param tid The thread ID of the Thread in question
1888 * @return The last action in the thread
1890 ModelAction * ModelChecker::get_last_action(thread_id_t tid) const
1892 int threadid = id_to_int(tid);
1893 if (threadid < (int)thrd_last_action->size())
1894 return (*thrd_last_action)[id_to_int(tid)];
1900 * Gets the last memory_order_seq_cst write (in the total global sequence)
1901 * performed on a particular object (i.e., memory location), not including the
1903 * @param curr The current ModelAction; also denotes the object location to
1905 * @return The last seq_cst write
1907 ModelAction * ModelChecker::get_last_seq_cst(ModelAction *curr) const
1909 void *location = curr->get_location();
1910 action_list_t *list = get_safe_ptr_action(obj_map, location);
1911 /* Find: max({i in dom(S) | seq_cst(t_i) && isWrite(t_i) && samevar(t_i, t)}) */
1912 action_list_t::reverse_iterator rit;
1913 for (rit = list->rbegin(); rit != list->rend(); rit++)
1914 if ((*rit)->is_write() && (*rit)->is_seqcst() && (*rit) != curr)
1920 * Gets the last unlock operation performed on a particular mutex (i.e., memory
1921 * location). This function identifies the mutex according to the current
1922 * action, which is presumed to perform on the same mutex.
1923 * @param curr The current ModelAction; also denotes the object location to
1925 * @return The last unlock operation
1927 ModelAction * ModelChecker::get_last_unlock(ModelAction *curr) const
1929 void *location = curr->get_location();
1930 action_list_t *list = get_safe_ptr_action(obj_map, location);
1931 /* Find: max({i in dom(S) | isUnlock(t_i) && samevar(t_i, t)}) */
1932 action_list_t::reverse_iterator rit;
1933 for (rit = list->rbegin(); rit != list->rend(); rit++)
1934 if ((*rit)->is_unlock() || (*rit)->is_wait())
1939 ModelAction * ModelChecker::get_parent_action(thread_id_t tid)
1941 ModelAction *parent = get_last_action(tid);
1943 parent = get_thread(tid)->get_creation();
1948 * Returns the clock vector for a given thread.
1949 * @param tid The thread whose clock vector we want
1950 * @return Desired clock vector
1952 ClockVector * ModelChecker::get_cv(thread_id_t tid)
1954 return get_parent_action(tid)->get_cv();
1958 * Resolve a set of Promises with a current write. The set is provided in the
1959 * Node corresponding to @a write.
1960 * @param write The ModelAction that is fulfilling Promises
1961 * @return True if promises were resolved; false otherwise
1963 bool ModelChecker::resolve_promises(ModelAction *write)
1965 bool resolved = false;
1966 std::vector< thread_id_t, ModelAlloc<thread_id_t> > threads_to_check;
1968 for (unsigned int i = 0, promise_index = 0; promise_index < promises->size(); i++) {
1969 Promise *promise = (*promises)[promise_index];
1970 if (write->get_node()->get_promise(i)) {
1971 ModelAction *read = promise->get_action();
1972 if (read->is_rmw()) {
1973 mo_graph->addRMWEdge(write, read);
1975 read->read_from(write);
1976 //First fix up the modification order for actions that happened
1978 r_modification_order(read, write);
1979 //Next fix up the modification order for actions that happened
1981 post_r_modification_order(read, write);
1982 //Make sure the promise's value matches the write's value
1983 ASSERT(promise->get_value() == write->get_value());
1986 promises->erase(promises->begin() + promise_index);
1987 threads_to_check.push_back(read->get_tid());
1994 //Check whether reading these writes has made threads unable to
1997 for(unsigned int i=0;i<threads_to_check.size();i++)
1998 mo_check_promises(threads_to_check[i], write);
2004 * Compute the set of promises that could potentially be satisfied by this
2005 * action. Note that the set computation actually appears in the Node, not in
2007 * @param curr The ModelAction that may satisfy promises
2009 void ModelChecker::compute_promises(ModelAction *curr)
2011 for (unsigned int i = 0; i < promises->size(); i++) {
2012 Promise *promise = (*promises)[i];
2013 const ModelAction *act = promise->get_action();
2014 if (!act->happens_before(curr) &&
2016 !act->could_synchronize_with(curr) &&
2017 !act->same_thread(curr) &&
2018 act->get_location() == curr->get_location() &&
2019 promise->get_value() == curr->get_value()) {
2020 curr->get_node()->set_promise(i, act->is_rmw());
2025 /** Checks promises in response to change in ClockVector Threads. */
2026 void ModelChecker::check_promises(thread_id_t tid, ClockVector *old_cv, ClockVector *merge_cv)
2028 for (unsigned int i = 0; i < promises->size(); i++) {
2029 Promise *promise = (*promises)[i];
2030 const ModelAction *act = promise->get_action();
2031 if ((old_cv == NULL || !old_cv->synchronized_since(act)) &&
2032 merge_cv->synchronized_since(act)) {
2033 if (promise->increment_threads(tid)) {
2034 //Promise has failed
2035 failed_promise = true;
2042 void ModelChecker::check_promises_thread_disabled() {
2043 for (unsigned int i = 0; i < promises->size(); i++) {
2044 Promise *promise = (*promises)[i];
2045 if (promise->check_promise()) {
2046 failed_promise = true;
2052 /** Checks promises in response to addition to modification order for threads.
2054 * pthread is the thread that performed the read that created the promise
2056 * pread is the read that created the promise
2058 * pwrite is either the first write to same location as pread by
2059 * pthread that is sequenced after pread or the value read by the
2060 * first read to the same lcoation as pread by pthread that is
2061 * sequenced after pread..
2063 * 1. If tid=pthread, then we check what other threads are reachable
2064 * through the mode order starting with pwrite. Those threads cannot
2065 * perform a write that will resolve the promise due to modification
2066 * order constraints.
2068 * 2. If the tid is not pthread, we check whether pwrite can reach the
2069 * action write through the modification order. If so, that thread
2070 * cannot perform a future write that will resolve the promise due to
2071 * modificatin order constraints.
2073 * @parem tid The thread that either read from the model action
2074 * write, or actually did the model action write.
2076 * @parem write The ModelAction representing the relevant write.
2079 void ModelChecker::mo_check_promises(thread_id_t tid, const ModelAction *write) {
2080 void * location = write->get_location();
2081 for (unsigned int i = 0; i < promises->size(); i++) {
2082 Promise *promise = (*promises)[i];
2083 const ModelAction *act = promise->get_action();
2085 //Is this promise on the same location?
2086 if ( act->get_location() != location )
2089 //same thread as the promise
2090 if ( act->get_tid()==tid ) {
2092 //do we have a pwrite for the promise, if not, set it
2093 if (promise->get_write() == NULL ) {
2094 promise->set_write(write);
2095 //The pwrite cannot happen before the promise
2096 if (write->happens_before(act) && (write != act)) {
2097 failed_promise = true;
2101 if (mo_graph->checkPromise(write, promise)) {
2102 failed_promise = true;
2107 //Don't do any lookups twice for the same thread
2108 if (promise->has_sync_thread(tid))
2111 if (promise->get_write()&&mo_graph->checkReachable(promise->get_write(), write)) {
2112 if (promise->increment_threads(tid)) {
2113 failed_promise = true;
2121 * Compute the set of writes that may break the current pending release
2122 * sequence. This information is extracted from previou release sequence
2125 * @param curr The current ModelAction. Must be a release sequence fixup
2128 void ModelChecker::compute_relseq_breakwrites(ModelAction *curr)
2130 if (pending_rel_seqs->empty())
2133 struct release_seq *pending = pending_rel_seqs->back();
2134 for (unsigned int i = 0; i < pending->writes.size(); i++) {
2135 const ModelAction *write = pending->writes[i];
2136 curr->get_node()->add_relseq_break(write);
2139 /* NULL means don't break the sequence; just synchronize */
2140 curr->get_node()->add_relseq_break(NULL);
2144 * Build up an initial set of all past writes that this 'read' action may read
2145 * from. This set is determined by the clock vector's "happens before"
2147 * @param curr is the current ModelAction that we are exploring; it must be a
2150 void ModelChecker::build_reads_from_past(ModelAction *curr)
2152 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
2154 ASSERT(curr->is_read());
2156 ModelAction *last_seq_cst = NULL;
2158 /* Track whether this object has been initialized */
2159 bool initialized = false;
2161 if (curr->is_seqcst()) {
2162 last_seq_cst = get_last_seq_cst(curr);
2163 /* We have to at least see the last sequentially consistent write,
2164 so we are initialized. */
2165 if (last_seq_cst != NULL)
2169 /* Iterate over all threads */
2170 for (i = 0; i < thrd_lists->size(); i++) {
2171 /* Iterate over actions in thread, starting from most recent */
2172 action_list_t *list = &(*thrd_lists)[i];
2173 action_list_t::reverse_iterator rit;
2174 for (rit = list->rbegin(); rit != list->rend(); rit++) {
2175 ModelAction *act = *rit;
2177 /* Only consider 'write' actions */
2178 if (!act->is_write() || act == curr)
2181 /* Don't consider more than one seq_cst write if we are a seq_cst read. */
2182 if (!curr->is_seqcst() || (!act->is_seqcst() && (last_seq_cst == NULL || !act->happens_before(last_seq_cst))) || act == last_seq_cst) {
2183 if (!curr->get_sleep_flag() || curr->is_seqcst() || sleep_can_read_from(curr, act)) {
2184 DEBUG("Adding action to may_read_from:\n");
2185 if (DBG_ENABLED()) {
2189 curr->get_node()->add_read_from(act);
2193 /* Include at most one act per-thread that "happens before" curr */
2194 if (act->happens_before(curr)) {
2202 assert_bug("May read from uninitialized atomic");
2204 if (DBG_ENABLED() || !initialized) {
2205 model_print("Reached read action:\n");
2207 model_print("Printing may_read_from\n");
2208 curr->get_node()->print_may_read_from();
2209 model_print("End printing may_read_from\n");
2213 bool ModelChecker::sleep_can_read_from(ModelAction * curr, const ModelAction *write) {
2215 Node *prevnode=write->get_node()->get_parent();
2217 bool thread_sleep=prevnode->enabled_status(curr->get_tid())==THREAD_SLEEP_SET;
2218 if (write->is_release()&&thread_sleep)
2220 if (!write->is_rmw()) {
2223 if (write->get_reads_from()==NULL)
2225 write=write->get_reads_from();
2229 static void print_list(action_list_t *list, int exec_num = -1)
2231 action_list_t::iterator it;
2233 model_print("---------------------------------------------------------------------\n");
2235 model_print("Execution %d:\n", exec_num);
2237 unsigned int hash=0;
2239 for (it = list->begin(); it != list->end(); it++) {
2241 hash=hash^(hash<<3)^((*it)->hash());
2243 model_print("HASH %u\n", hash);
2244 model_print("---------------------------------------------------------------------\n");
2247 #if SUPPORT_MOD_ORDER_DUMP
2248 void ModelChecker::dumpGraph(char *filename) {
2250 sprintf(buffer, "%s.dot",filename);
2251 FILE *file=fopen(buffer, "w");
2252 fprintf(file, "digraph %s {\n",filename);
2253 mo_graph->dumpNodes(file);
2254 ModelAction ** thread_array=(ModelAction **)model_calloc(1, sizeof(ModelAction *)*get_num_threads());
2256 for (action_list_t::iterator it = action_trace->begin(); it != action_trace->end(); it++) {
2257 ModelAction *action=*it;
2258 if (action->is_read()) {
2259 fprintf(file, "N%u [label=\"%u, T%u\"];\n", action->get_seq_number(),action->get_seq_number(), action->get_tid());
2260 if (action->get_reads_from()!=NULL)
2261 fprintf(file, "N%u -> N%u[label=\"rf\", color=red];\n", action->get_seq_number(), action->get_reads_from()->get_seq_number());
2263 if (thread_array[action->get_tid()] != NULL) {
2264 fprintf(file, "N%u -> N%u[label=\"sb\", color=blue];\n", thread_array[action->get_tid()]->get_seq_number(), action->get_seq_number());
2267 thread_array[action->get_tid()]=action;
2269 fprintf(file,"}\n");
2270 model_free(thread_array);
2275 void ModelChecker::print_summary()
2277 #if SUPPORT_MOD_ORDER_DUMP
2279 char buffername[100];
2280 sprintf(buffername, "exec%04u", stats.num_total);
2281 mo_graph->dumpGraphToFile(buffername);
2282 sprintf(buffername, "graph%04u", stats.num_total);
2283 dumpGraph(buffername);
2286 if (!isfinalfeasible())
2287 model_print("INFEASIBLE EXECUTION!\n");
2288 print_list(action_trace, stats.num_total);
2293 * Add a Thread to the system for the first time. Should only be called once
2295 * @param t The Thread to add
2297 void ModelChecker::add_thread(Thread *t)
2299 thread_map->put(id_to_int(t->get_id()), t);
2300 scheduler->add_thread(t);
2304 * Removes a thread from the scheduler.
2305 * @param the thread to remove.
2307 void ModelChecker::remove_thread(Thread *t)
2309 scheduler->remove_thread(t);
2313 * @brief Get a Thread reference by its ID
2314 * @param tid The Thread's ID
2315 * @return A Thread reference
2317 Thread * ModelChecker::get_thread(thread_id_t tid) const
2319 return thread_map->get(id_to_int(tid));
2323 * @brief Get a reference to the Thread in which a ModelAction was executed
2324 * @param act The ModelAction
2325 * @return A Thread reference
2327 Thread * ModelChecker::get_thread(ModelAction *act) const
2329 return get_thread(act->get_tid());
2333 * @brief Check if a Thread is currently enabled
2334 * @param t The Thread to check
2335 * @return True if the Thread is currently enabled
2337 bool ModelChecker::is_enabled(Thread *t) const
2339 return scheduler->is_enabled(t);
2343 * @brief Check if a Thread is currently enabled
2344 * @param tid The ID of the Thread to check
2345 * @return True if the Thread is currently enabled
2347 bool ModelChecker::is_enabled(thread_id_t tid) const
2349 return scheduler->is_enabled(tid);
2353 * Switch from a user-context to the "master thread" context (a.k.a. system
2354 * context). This switch is made with the intention of exploring a particular
2355 * model-checking action (described by a ModelAction object). Must be called
2356 * from a user-thread context.
2358 * @param act The current action that will be explored. May be NULL only if
2359 * trace is exiting via an assertion (see ModelChecker::set_assert and
2360 * ModelChecker::has_asserted).
2361 * @return Return status from the 'swap' call (i.e., success/fail, 0/-1)
2363 int ModelChecker::switch_to_master(ModelAction *act)
2366 Thread *old = thread_current();
2367 set_current_action(act);
2368 old->set_state(THREAD_READY);
2369 return Thread::swap(old, &system_context);
2373 * Takes the next step in the execution, if possible.
2374 * @return Returns true (success) if a step was taken and false otherwise.
2376 bool ModelChecker::take_step() {
2380 Thread *curr = priv->current_action ? get_thread(priv->current_action) : NULL;
2382 if (curr->get_state() == THREAD_READY) {
2383 ASSERT(priv->current_action);
2385 priv->nextThread = check_current_action(priv->current_action);
2386 priv->current_action = NULL;
2388 if (curr->is_blocked() || curr->is_complete())
2389 scheduler->remove_thread(curr);
2394 Thread *next = scheduler->next_thread(priv->nextThread);
2396 /* Infeasible -> don't take any more steps */
2399 else if (isfeasibleprefix() && have_bug_reports()) {
2404 if (params.bound != 0) {
2405 if (priv->used_sequence_numbers > params.bound) {
2410 DEBUG("(%d, %d)\n", curr ? id_to_int(curr->get_id()) : -1,
2411 next ? id_to_int(next->get_id()) : -1);
2414 * Launch end-of-execution release sequence fixups only when there are:
2416 * (1) no more user threads to run (or when execution replay chooses
2417 * the 'model_thread')
2418 * (2) pending release sequences
2419 * (3) pending assertions (i.e., data races)
2420 * (4) no pending promises
2422 if (!pending_rel_seqs->empty() && (!next || next->is_model_thread()) &&
2423 isfinalfeasible() && !unrealizedraces.empty()) {
2424 model_print("*** WARNING: release sequence fixup action (%zu pending release seuqences) ***\n",
2425 pending_rel_seqs->size());
2426 ModelAction *fixup = new ModelAction(MODEL_FIXUP_RELSEQ,
2427 std::memory_order_seq_cst, NULL, VALUE_NONE,
2429 set_current_action(fixup);
2433 /* next == NULL -> don't take any more steps */
2437 next->set_state(THREAD_RUNNING);
2439 if (next->get_pending() != NULL) {
2440 /* restart a pending action */
2441 set_current_action(next->get_pending());
2442 next->set_pending(NULL);
2443 next->set_state(THREAD_READY);
2447 /* Return false only if swap fails with an error */
2448 return (Thread::swap(&system_context, next) == 0);
2451 /** Runs the current execution until threre are no more steps to take. */
2452 void ModelChecker::finish_execution() {
2455 while (take_step());
projects / c11tester.git / blob