}
}
+int FuncNode::compute_distance(FuncNode * target, int max_step)
+{
+ SnapList<FuncNode *> queue;
+ HashTable<FuncNode *, int, uintptr_t, 0> distances;
+
+ int dist = 0;
+ queue.push_back(this);
+ distances.put(this, dist);
+
+ while (!queue.empty()) {
+ FuncNode * curr = queue.front();
+ queue.pop_front();
+
+ if (curr == target)
+ return dist;
+ else if (max_step < dist)
+ return -1;
+
+ dist++;
+ ModelList<FuncNode *> * outEdges = curr->get_out_edges();
+ mllnode<FuncNode *> * it;
+ for (it = outEdges->begin(); it != NULL; it = it->getNext()) {
+ FuncNode * out_node = it->getVal();
+ if ( !distances.contains(out_node) ) {
+ queue.push_back(out_node);
+ distances.put(out_node, dist);
+ }
+ }
+ }
+
+ /* Target node is unreachable */
+ return -1;
+}
+
void FuncNode::print_predicate_tree()
{
model_print("digraph function_%s {\n", func_name);
#include "classlist.h"
#include "threads-model.h"
+#define MAX_DIST 10
typedef ModelList<FuncInst *> func_inst_list_mt;
typedef enum edge_type {
void add_out_edge(FuncNode * other);
ModelList<FuncNode *> * get_out_edges() { return &out_edges; }
+ int compute_distance(FuncNode * target, int max_step = MAX_DIST);
void print_predicate_tree();
void print_val_loc_map();
loc_waiting_writes_map = new HashTable<void *, SnapVector<ConcretePredicate *> *, uintptr_t, 0>();
thrd_waiting_write = new SnapVector<ConcretePredicate *>();
func_inst_act_maps = new HashTable<uint32_t, SnapVector<inst_act_map_t *> *, int, 0>(128);
- func_threads_map = new HashTable<uint32_t, SnapVector<thread_id_t> *, int, 0>(128);
}
void ModelHistory::enter_function(const uint32_t func_id, thread_id_t tid)
SnapVector<FuncNode *> * func_node_list = loc_rd_func_nodes_map->get(location);
if (func_node_list == NULL) {
func_node_list = new SnapVector<FuncNode *>();
- loc_wr_func_nodes_map->put(location, func_node_list);
+ loc_rd_func_nodes_map->put(location, func_node_list);
}
return func_node_list;
return false;
}
-void ModelHistory::update_func_threads_map(uint32_t func_id, thread_id_t tid)
-{
- SnapVector<thread_id_t> * thread_ids = get_calling_threads(func_id);
- thread_ids->push_back(tid);
-}
-
-/* Return a vector of thread_id's that have called this function before */
-SnapVector<thread_id_t> * ModelHistory::get_calling_threads(uint32_t func_id)
-{
- SnapVector<thread_id_t> * thread_ids = func_threads_map->get(func_id);
- if (thread_ids == NULL) {
- /* Make sure the result can be iterated without checking nullity */
- thread_ids = new SnapVector<thread_id_t>();
- func_threads_map->put(func_id, thread_ids);
- }
-
- return thread_ids;
-}
-
/* Reallocate some snapshotted memories when new executions start */
void ModelHistory::set_new_exec_flag()
{
SnapVector<inst_act_map_t *> * getThrdInstActMap(uint32_t func_id);
- void update_func_threads_map(uint32_t func_id, thread_id_t tid);
- SnapVector<thread_id_t> * get_calling_threads(uint32_t func_id);
-
void set_new_exec_flag();
void dump_func_node_graph();
void print_func_node();
HashTable<uint32_t, SnapVector<inst_act_map_t *> *, int, 0> * func_inst_act_maps;
bool skip_action(ModelAction * act, SnapList<ModelAction *> * curr_act_list);
-
- /* Map func_id to threads that have called this function */
- HashTable<uint32_t, SnapVector<thread_id_t> *, int, 0> * func_threads_map;
};
#endif /* __HISTORY_H__ */
thrd_last_read_act[thread_id] = read;
FuncNode * func_node = history->get_curr_func_node(tid);
- inst_act_map_t * inst_act_map = func_node->get_inst_act_map(tid);
Predicate * curr_pred = func_node->get_predicate_tree_position(tid);
FuncInst * read_inst = func_node->get_inst(read);
-
Predicate * selected_branch = selectBranch(tid, curr_pred, read_inst);
+
+ inst_act_map_t * inst_act_map = func_node->get_inst_act_map(tid);
prune_writes(tid, selected_branch, rf_set, inst_act_map);
}
// No write satisfies the selected predicate, so pause this thread.
if ( rf_set->size() == 0 ) {
Thread * read_thread = execution->get_thread(tid);
- model_print("the %d read action of thread %d is unsuccessful\n", read->get_seq_number(), read_thread->get_id());
+ model_print("the %d read action of thread %d at %p is unsuccessful\n", read->get_seq_number(), read_thread->get_id(), read->get_location());
// reset thread pending action and revert sequence numbers
read_thread->set_pending(read);
execution->restore_last_seq_num();
conditional_sleep(read_thread);
+
+ find_threads(read);
+
return -1;
/*
SnapVector<ModelAction *> * pruned_writes = thrd_pruned_writes[thread_id];
paused_thread_set.push_back(thread);
paused_thread_table.put(thread, index); // Update table
- /* */
+ /* Add the waiting condition to ModelHistory */
ModelAction * read = thread->get_pending();
thread_id_t tid = thread->get_id();
FuncNode * func_node = history->get_curr_func_node(tid);
{
if (numthreads == 0 && has_paused_threads()) {
wake_up_paused_threads(threadlist, &numthreads);
- model_print("list size: %d\n", numthreads);
- model_print("active t id: %d\n", threadlist[0]);
+ model_print("list size: %d, active t id: %d\n", numthreads, threadlist[0]);
}
int random_index = random() % numthreads;
history->remove_waiting_write(tid);
}
+/* Find threads that may write values that the pending read action is waiting for */
+void NewFuzzer::find_threads(ModelAction * pending_read)
+{
+ void * location = pending_read->get_location();
+ thread_id_t self_id = pending_read->get_tid();
+
+ SnapVector<FuncNode *> * func_node_list = history->getWrFuncNodes(location);
+ for (uint i = 0; i < func_node_list->size(); i++) {
+ FuncNode * target_node = (*func_node_list)[i];
+ model_print("node %s may write to loc %p\n", target_node->get_func_name(), location);
+
+ for (uint i = 1; i < execution->get_num_threads(); i++) {
+ thread_id_t tid = int_to_id(i);
+ if (tid == self_id)
+ continue;
+
+ FuncNode * node = history->get_curr_func_node(tid);
+ if (node == NULL)
+ continue;
+
+ int distance = node->compute_distance(target_node);
+ model_print("thread: %d; distance from node %d to node %d: %d\n", tid, node->get_func_id(), target_node->get_func_id(), distance);
+ }
+ }
+}
+
bool NewFuzzer::shouldWait(const ModelAction * act)
{
return random() & 1;
void conditional_sleep(Thread * thread);
void wake_up_paused_threads(int * threadlist, int * numthreads);
+
+ void find_threads(ModelAction * pending_read);
};
#endif /* end of __NEWFUZZER_H__ */
projects / c11tester.git / commitdiff