9 #include "snapshot-interface.h"
11 #include "clockvector.h"
12 #include "cyclegraph.h"
15 #include "threads-model.h"
17 #define INITIAL_THREAD_ID 0
22 bug_message(const char *str) {
23 const char *fmt = " [BUG] %s\n";
24 msg = (char *)snapshot_malloc(strlen(fmt) + strlen(str));
25 sprintf(msg, fmt, str);
27 ~bug_message() { if (msg) snapshot_free(msg); }
30 void print() { printf("%s", msg); }
36 * Structure for holding small ModelChecker members that should be snapshotted
38 struct model_snapshot_members {
39 ModelAction *current_action;
40 unsigned int next_thread_id;
41 modelclock_t used_sequence_numbers;
43 ModelAction *next_backtrack;
44 std::vector< bug_message *, SnapshotAlloc<bug_message *> > bugs;
47 /** @brief Constructor */
48 ModelChecker::ModelChecker(struct model_params params) :
49 /* Initialize default scheduler */
51 scheduler(new Scheduler()),
53 num_feasible_executions(0),
55 earliest_diverge(NULL),
56 action_trace(new action_list_t()),
57 thread_map(new HashTable<int, Thread *, int>()),
58 obj_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
59 lock_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
60 condvar_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
61 obj_thrd_map(new HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4 >()),
62 promises(new std::vector< Promise *, SnapshotAlloc<Promise *> >()),
63 futurevalues(new std::vector< struct PendingFutureValue, SnapshotAlloc<struct PendingFutureValue> >()),
64 pending_rel_seqs(new std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >()),
65 thrd_last_action(new std::vector< ModelAction *, SnapshotAlloc<ModelAction *> >(1)),
66 node_stack(new NodeStack()),
67 mo_graph(new CycleGraph()),
68 failed_promise(false),
69 too_many_reads(false),
71 bad_synchronization(false)
73 /* Allocate this "size" on the snapshotting heap */
74 priv = (struct model_snapshot_members *)snapshot_calloc(1, sizeof(*priv));
75 /* First thread created will have id INITIAL_THREAD_ID */
76 priv->next_thread_id = INITIAL_THREAD_ID;
78 /* Initialize a model-checker thread, for special ModelActions */
79 model_thread = new Thread(get_next_id());
80 thread_map->put(id_to_int(model_thread->get_id()), model_thread);
83 /** @brief Destructor */
84 ModelChecker::~ModelChecker()
86 for (unsigned int i = 0; i < get_num_threads(); i++)
87 delete thread_map->get(i);
92 delete lock_waiters_map;
93 delete condvar_waiters_map;
96 for (unsigned int i = 0; i < promises->size(); i++)
97 delete (*promises)[i];
100 delete pending_rel_seqs;
102 delete thrd_last_action;
107 for (unsigned int i = 0; i < priv->bugs.size(); i++)
108 delete priv->bugs[i];
113 static action_list_t * get_safe_ptr_action(HashTable<const void *, action_list_t *, uintptr_t, 4> * hash, void * ptr) {
114 action_list_t * tmp=hash->get(ptr);
116 tmp=new action_list_t();
122 static std::vector<action_list_t> * get_safe_ptr_vect_action(HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4> * hash, void * ptr) {
123 std::vector<action_list_t> * tmp=hash->get(ptr);
125 tmp=new std::vector<action_list_t>();
132 * Restores user program to initial state and resets all model-checker data
135 void ModelChecker::reset_to_initial_state()
137 DEBUG("+++ Resetting to initial state +++\n");
138 node_stack->reset_execution();
139 failed_promise = false;
140 too_many_reads = false;
141 bad_synchronization = false;
143 snapshotObject->backTrackBeforeStep(0);
146 /** @return a thread ID for a new Thread */
147 thread_id_t ModelChecker::get_next_id()
149 return priv->next_thread_id++;
152 /** @return the number of user threads created during this execution */
153 unsigned int ModelChecker::get_num_threads() const
155 return priv->next_thread_id;
158 /** @return The currently executing Thread. */
159 Thread * ModelChecker::get_current_thread()
161 return scheduler->get_current_thread();
164 /** @return a sequence number for a new ModelAction */
165 modelclock_t ModelChecker::get_next_seq_num()
167 return ++priv->used_sequence_numbers;
170 Node * ModelChecker::get_curr_node() {
171 return node_stack->get_head();
175 * @brief Choose the next thread to execute.
177 * This function chooses the next thread that should execute. It can force the
178 * adjacency of read/write portions of a RMW action, force THREAD_CREATE to be
179 * followed by a THREAD_START, or it can enforce execution replay/backtracking.
180 * The model-checker may have no preference regarding the next thread (i.e.,
181 * when exploring a new execution ordering), in which case this will return
183 * @param curr The current ModelAction. This action might guide the choice of
185 * @return The next thread to run. If the model-checker has no preference, NULL.
187 Thread * ModelChecker::get_next_thread(ModelAction *curr)
192 /* Do not split atomic actions. */
194 return thread_current();
195 /* The THREAD_CREATE action points to the created Thread */
196 else if (curr->get_type() == THREAD_CREATE)
197 return (Thread *)curr->get_location();
200 /* Have we completed exploring the preselected path? */
204 /* Else, we are trying to replay an execution */
205 ModelAction *next = node_stack->get_next()->get_action();
207 if (next == diverge) {
208 if (earliest_diverge == NULL || *diverge < *earliest_diverge)
209 earliest_diverge=diverge;
211 Node *nextnode = next->get_node();
212 Node *prevnode = nextnode->get_parent();
213 scheduler->update_sleep_set(prevnode);
215 /* Reached divergence point */
216 if (nextnode->increment_misc()) {
217 /* The next node will try to satisfy a different misc_index values. */
218 tid = next->get_tid();
219 node_stack->pop_restofstack(2);
220 } else if (nextnode->increment_promise()) {
221 /* The next node will try to satisfy a different set of promises. */
222 tid = next->get_tid();
223 node_stack->pop_restofstack(2);
224 } else if (nextnode->increment_read_from()) {
225 /* The next node will read from a different value. */
226 tid = next->get_tid();
227 node_stack->pop_restofstack(2);
228 } else if (nextnode->increment_future_value()) {
229 /* The next node will try to read from a different future value. */
230 tid = next->get_tid();
231 node_stack->pop_restofstack(2);
232 } else if (nextnode->increment_relseq_break()) {
233 /* The next node will try to resolve a release sequence differently */
234 tid = next->get_tid();
235 node_stack->pop_restofstack(2);
237 /* Make a different thread execute for next step */
238 scheduler->add_sleep(thread_map->get(id_to_int(next->get_tid())));
239 tid = prevnode->get_next_backtrack();
240 /* Make sure the backtracked thread isn't sleeping. */
241 node_stack->pop_restofstack(1);
242 if (diverge==earliest_diverge) {
243 earliest_diverge=prevnode->get_action();
246 /* The correct sleep set is in the parent node. */
249 DEBUG("*** Divergence point ***\n");
253 tid = next->get_tid();
255 DEBUG("*** ModelChecker chose next thread = %d ***\n", id_to_int(tid));
256 ASSERT(tid != THREAD_ID_T_NONE);
257 return thread_map->get(id_to_int(tid));
261 * We need to know what the next actions of all threads in the sleep
262 * set will be. This method computes them and stores the actions at
263 * the corresponding thread object's pending action.
266 void ModelChecker::execute_sleep_set() {
267 for(unsigned int i=0;i<get_num_threads();i++) {
268 thread_id_t tid=int_to_id(i);
269 Thread *thr=get_thread(tid);
270 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET &&
271 thr->get_pending() == NULL ) {
272 thr->set_state(THREAD_RUNNING);
273 scheduler->next_thread(thr);
274 Thread::swap(&system_context, thr);
275 priv->current_action->set_sleep_flag();
276 thr->set_pending(priv->current_action);
279 priv->current_action = NULL;
282 void ModelChecker::wake_up_sleeping_actions(ModelAction * curr) {
283 for(unsigned int i=0;i<get_num_threads();i++) {
284 thread_id_t tid=int_to_id(i);
285 Thread *thr=get_thread(tid);
286 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET ) {
287 ModelAction *pending_act=thr->get_pending();
288 if ((!curr->is_rmwr())&&pending_act->could_synchronize_with(curr)) {
289 //Remove this thread from sleep set
290 scheduler->remove_sleep(thr);
297 * Check if we are in a deadlock. Should only be called at the end of an
298 * execution, although it should not give false positives in the middle of an
299 * execution (there should be some ENABLED thread).
301 * @return True if program is in a deadlock; false otherwise
303 bool ModelChecker::is_deadlocked() const
305 bool blocking_threads = false;
306 for (unsigned int i = 0; i < get_num_threads(); i++) {
307 thread_id_t tid = int_to_id(i);
310 Thread *t = get_thread(tid);
311 if (!t->is_model_thread() && t->get_pending())
312 blocking_threads = true;
314 return blocking_threads;
318 * Check if this is a complete execution. That is, have all thread completed
319 * execution (rather than exiting because sleep sets have forced a redundant
322 * @return True if the execution is complete.
324 bool ModelChecker::is_complete_execution() const
326 for (unsigned int i = 0; i < get_num_threads(); i++)
327 if (is_enabled(int_to_id(i)))
333 * @brief Assert a bug in the executing program.
335 * Use this function to assert any sort of bug in the user program. If the
336 * current trace is feasible (actually, a prefix of some feasible execution),
337 * then this execution will be aborted, printing the appropriate message. If
338 * the current trace is not yet feasible, the error message will be stashed and
339 * printed if the execution ever becomes feasible.
341 * This function can also be used to immediately trigger the bug; that is, we
342 * don't wait for a feasible execution before aborting. Only use the
343 * "immediate" option when you know that the infeasibility is justified (e.g.,
344 * pending release sequences are not a problem)
346 * @param msg Descriptive message for the bug (do not include newline char)
347 * @param user_thread Was this assertion triggered from a user thread?
348 * @param immediate Should this bug be triggered immediately?
350 void ModelChecker::assert_bug(const char *msg, bool user_thread, bool immediate)
352 priv->bugs.push_back(new bug_message(msg));
354 if (immediate || isfeasibleprefix()) {
357 switch_to_master(NULL);
362 * @brief Assert a bug in the executing program, with a default message
363 * @see ModelChecker::assert_bug
364 * @param user_thread Was this assertion triggered from a user thread?
366 void ModelChecker::assert_bug(bool user_thread)
368 assert_bug("bug detected", user_thread);
372 * @brief Assert a bug in the executing program immediately
373 * @see ModelChecker::assert_bug
374 * @param msg Descriptive message for the bug (do not include newline char)
376 void ModelChecker::assert_bug_immediate(const char *msg)
378 printf("Feasible: %s\n", isfeasibleprefix() ? "yes" : "no");
379 assert_bug(msg, false, true);
382 /** @return True, if any bugs have been reported for this execution */
383 bool ModelChecker::have_bug_reports() const
385 return priv->bugs.size() != 0;
388 /** @brief Print bug report listing for this execution (if any bugs exist) */
389 void ModelChecker::print_bugs() const
391 if (have_bug_reports()) {
392 printf("Bug report: %zu bugs detected\n", priv->bugs.size());
393 for (unsigned int i = 0; i < priv->bugs.size(); i++)
394 priv->bugs[i]->print();
399 * Queries the model-checker for more executions to explore and, if one
400 * exists, resets the model-checker state to execute a new execution.
402 * @return If there are more executions to explore, return true. Otherwise,
405 bool ModelChecker::next_execution()
411 if (isfinalfeasible() && (is_complete_execution() || have_bug_reports())) {
412 printf("Earliest divergence point since last feasible execution:\n");
413 if (earliest_diverge)
414 earliest_diverge->print();
416 printf("(Not set)\n");
418 earliest_diverge = NULL;
419 num_feasible_executions++;
422 assert_bug("Deadlock detected");
427 } else if (DBG_ENABLED()) {
431 if ((diverge = get_next_backtrack()) == NULL)
435 printf("Next execution will diverge at:\n");
439 reset_to_initial_state();
443 ModelAction * ModelChecker::get_last_conflict(ModelAction *act)
445 switch (act->get_type()) {
449 /* linear search: from most recent to oldest */
450 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
451 action_list_t::reverse_iterator rit;
452 for (rit = list->rbegin(); rit != list->rend(); rit++) {
453 ModelAction *prev = *rit;
454 if (prev->could_synchronize_with(act))
460 case ATOMIC_TRYLOCK: {
461 /* linear search: from most recent to oldest */
462 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
463 action_list_t::reverse_iterator rit;
464 for (rit = list->rbegin(); rit != list->rend(); rit++) {
465 ModelAction *prev = *rit;
466 if (act->is_conflicting_lock(prev))
471 case ATOMIC_UNLOCK: {
472 /* linear search: from most recent to oldest */
473 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
474 action_list_t::reverse_iterator rit;
475 for (rit = list->rbegin(); rit != list->rend(); rit++) {
476 ModelAction *prev = *rit;
477 if (!act->same_thread(prev)&&prev->is_failed_trylock())
483 /* linear search: from most recent to oldest */
484 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
485 action_list_t::reverse_iterator rit;
486 for (rit = list->rbegin(); rit != list->rend(); rit++) {
487 ModelAction *prev = *rit;
488 if (!act->same_thread(prev)&&prev->is_failed_trylock())
490 if (!act->same_thread(prev)&&prev->is_notify())
496 case ATOMIC_NOTIFY_ALL:
497 case ATOMIC_NOTIFY_ONE: {
498 /* linear search: from most recent to oldest */
499 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
500 action_list_t::reverse_iterator rit;
501 for (rit = list->rbegin(); rit != list->rend(); rit++) {
502 ModelAction *prev = *rit;
503 if (!act->same_thread(prev)&&prev->is_wait())
514 /** This method finds backtracking points where we should try to
515 * reorder the parameter ModelAction against.
517 * @param the ModelAction to find backtracking points for.
519 void ModelChecker::set_backtracking(ModelAction *act)
521 Thread *t = get_thread(act);
522 ModelAction * prev = get_last_conflict(act);
526 Node * node = prev->get_node()->get_parent();
528 int low_tid, high_tid;
529 if (node->is_enabled(t)) {
530 low_tid = id_to_int(act->get_tid());
531 high_tid = low_tid+1;
534 high_tid = get_num_threads();
537 for(int i = low_tid; i < high_tid; i++) {
538 thread_id_t tid = int_to_id(i);
540 /* Make sure this thread can be enabled here. */
541 if (i >= node->get_num_threads())
544 /* Don't backtrack into a point where the thread is disabled or sleeping. */
545 if (node->enabled_status(tid)!=THREAD_ENABLED)
548 /* Check if this has been explored already */
549 if (node->has_been_explored(tid))
552 /* See if fairness allows */
553 if (model->params.fairwindow != 0 && !node->has_priority(tid)) {
555 for(int t=0;t<node->get_num_threads();t++) {
556 thread_id_t tother=int_to_id(t);
557 if (node->is_enabled(tother) && node->has_priority(tother)) {
565 /* Cache the latest backtracking point */
566 if (!priv->next_backtrack || *prev > *priv->next_backtrack)
567 priv->next_backtrack = prev;
569 /* If this is a new backtracking point, mark the tree */
570 if (!node->set_backtrack(tid))
572 DEBUG("Setting backtrack: conflict = %d, instead tid = %d\n",
573 id_to_int(prev->get_tid()),
574 id_to_int(t->get_id()));
583 * Returns last backtracking point. The model checker will explore a different
584 * path for this point in the next execution.
585 * @return The ModelAction at which the next execution should diverge.
587 ModelAction * ModelChecker::get_next_backtrack()
589 ModelAction *next = priv->next_backtrack;
590 priv->next_backtrack = NULL;
595 * Processes a read or rmw model action.
596 * @param curr is the read model action to process.
597 * @param second_part_of_rmw is boolean that is true is this is the second action of a rmw.
598 * @return True if processing this read updates the mo_graph.
600 bool ModelChecker::process_read(ModelAction *curr, bool second_part_of_rmw)
602 uint64_t value = VALUE_NONE;
603 bool updated = false;
605 const ModelAction *reads_from = curr->get_node()->get_read_from();
606 if (reads_from != NULL) {
607 mo_graph->startChanges();
609 value = reads_from->get_value();
610 bool r_status = false;
612 if (!second_part_of_rmw) {
613 check_recency(curr, reads_from);
614 r_status = r_modification_order(curr, reads_from);
618 if (!second_part_of_rmw&&!isfeasible()&&(curr->get_node()->increment_read_from()||curr->get_node()->increment_future_value())) {
619 mo_graph->rollbackChanges();
620 too_many_reads = false;
624 curr->read_from(reads_from);
625 mo_graph->commitChanges();
626 mo_check_promises(curr->get_tid(), reads_from);
629 } else if (!second_part_of_rmw) {
630 /* Read from future value */
631 value = curr->get_node()->get_future_value();
632 modelclock_t expiration = curr->get_node()->get_future_value_expiration();
633 curr->read_from(NULL);
634 Promise *valuepromise = new Promise(curr, value, expiration);
635 promises->push_back(valuepromise);
637 get_thread(curr)->set_return_value(value);
643 * Processes a lock, trylock, or unlock model action. @param curr is
644 * the read model action to process.
646 * The try lock operation checks whether the lock is taken. If not,
647 * it falls to the normal lock operation case. If so, it returns
650 * The lock operation has already been checked that it is enabled, so
651 * it just grabs the lock and synchronizes with the previous unlock.
653 * The unlock operation has to re-enable all of the threads that are
654 * waiting on the lock.
656 * @return True if synchronization was updated; false otherwise
658 bool ModelChecker::process_mutex(ModelAction *curr) {
659 std::mutex *mutex=NULL;
660 struct std::mutex_state *state=NULL;
662 if (curr->is_trylock() || curr->is_lock() || curr->is_unlock()) {
663 mutex = (std::mutex *)curr->get_location();
664 state = mutex->get_state();
665 } else if(curr->is_wait()) {
666 mutex = (std::mutex *)curr->get_value();
667 state = mutex->get_state();
670 switch (curr->get_type()) {
671 case ATOMIC_TRYLOCK: {
672 bool success = !state->islocked;
673 curr->set_try_lock(success);
675 get_thread(curr)->set_return_value(0);
678 get_thread(curr)->set_return_value(1);
680 //otherwise fall into the lock case
682 if (curr->get_cv()->getClock(state->alloc_tid) <= state->alloc_clock)
683 assert_bug("Lock access before initialization");
684 state->islocked = true;
685 ModelAction *unlock = get_last_unlock(curr);
686 //synchronize with the previous unlock statement
687 if (unlock != NULL) {
688 curr->synchronize_with(unlock);
693 case ATOMIC_UNLOCK: {
695 state->islocked = false;
696 //wake up the other threads
697 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, curr->get_location());
698 //activate all the waiting threads
699 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
700 scheduler->wake(get_thread(*rit));
707 state->islocked = false;
708 //wake up the other threads
709 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, (void *) curr->get_value());
710 //activate all the waiting threads
711 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
712 scheduler->wake(get_thread(*rit));
715 //check whether we should go to sleep or not...simulate spurious failures
716 if (curr->get_node()->get_misc()==0) {
717 get_safe_ptr_action(condvar_waiters_map, curr->get_location())->push_back(curr);
719 scheduler->sleep(get_current_thread());
723 case ATOMIC_NOTIFY_ALL: {
724 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
725 //activate all the waiting threads
726 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
727 scheduler->wake(get_thread(*rit));
732 case ATOMIC_NOTIFY_ONE: {
733 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
734 int wakeupthread=curr->get_node()->get_misc();
735 action_list_t::iterator it = waiters->begin();
736 advance(it, wakeupthread);
737 scheduler->wake(get_thread(*it));
749 * Process a write ModelAction
750 * @param curr The ModelAction to process
751 * @return True if the mo_graph was updated or promises were resolved
753 bool ModelChecker::process_write(ModelAction *curr)
755 bool updated_mod_order = w_modification_order(curr);
756 bool updated_promises = resolve_promises(curr);
758 if (promises->size() == 0) {
759 for (unsigned int i = 0; i < futurevalues->size(); i++) {
760 struct PendingFutureValue pfv = (*futurevalues)[i];
761 //Do more ambitious checks now that mo is more complete
762 if (mo_may_allow(pfv.writer, pfv.act)&&
763 pfv.act->get_node()->add_future_value(pfv.writer->get_value(), pfv.writer->get_seq_number()+params.maxfuturedelay) &&
764 (!priv->next_backtrack || *pfv.act > *priv->next_backtrack))
765 priv->next_backtrack = pfv.act;
767 futurevalues->resize(0);
770 mo_graph->commitChanges();
771 mo_check_promises(curr->get_tid(), curr);
773 get_thread(curr)->set_return_value(VALUE_NONE);
774 return updated_mod_order || updated_promises;
778 * @brief Process the current action for thread-related activity
780 * Performs current-action processing for a THREAD_* ModelAction. Proccesses
781 * may include setting Thread status, completing THREAD_FINISH/THREAD_JOIN
782 * synchronization, etc. This function is a no-op for non-THREAD actions
783 * (e.g., ATOMIC_{READ,WRITE,RMW,LOCK}, etc.)
785 * @param curr The current action
786 * @return True if synchronization was updated or a thread completed
788 bool ModelChecker::process_thread_action(ModelAction *curr)
790 bool updated = false;
792 switch (curr->get_type()) {
793 case THREAD_CREATE: {
794 Thread *th = (Thread *)curr->get_location();
795 th->set_creation(curr);
799 Thread *blocking = (Thread *)curr->get_location();
800 ModelAction *act = get_last_action(blocking->get_id());
801 curr->synchronize_with(act);
802 updated = true; /* trigger rel-seq checks */
805 case THREAD_FINISH: {
806 Thread *th = get_thread(curr);
807 while (!th->wait_list_empty()) {
808 ModelAction *act = th->pop_wait_list();
809 scheduler->wake(get_thread(act));
812 updated = true; /* trigger rel-seq checks */
816 check_promises(curr->get_tid(), NULL, curr->get_cv());
827 * @brief Process the current action for release sequence fixup activity
829 * Performs model-checker release sequence fixups for the current action,
830 * forcing a single pending release sequence to break (with a given, potential
831 * "loose" write) or to complete (i.e., synchronize). If a pending release
832 * sequence forms a complete release sequence, then we must perform the fixup
833 * synchronization, mo_graph additions, etc.
835 * @param curr The current action; must be a release sequence fixup action
836 * @param work_queue The work queue to which to add work items as they are
839 void ModelChecker::process_relseq_fixup(ModelAction *curr, work_queue_t *work_queue)
841 const ModelAction *write = curr->get_node()->get_relseq_break();
842 struct release_seq *sequence = pending_rel_seqs->back();
843 pending_rel_seqs->pop_back();
845 ModelAction *acquire = sequence->acquire;
846 const ModelAction *rf = sequence->rf;
847 const ModelAction *release = sequence->release;
851 ASSERT(release->same_thread(rf));
855 * @todo Forcing a synchronization requires that we set
856 * modification order constraints. For instance, we can't allow
857 * a fixup sequence in which two separate read-acquire
858 * operations read from the same sequence, where the first one
859 * synchronizes and the other doesn't. Essentially, we can't
860 * allow any writes to insert themselves between 'release' and
864 /* Must synchronize */
865 if (!acquire->synchronize_with(release)) {
866 set_bad_synchronization();
869 /* Re-check all pending release sequences */
870 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
871 /* Re-check act for mo_graph edges */
872 work_queue->push_back(MOEdgeWorkEntry(acquire));
874 /* propagate synchronization to later actions */
875 action_list_t::reverse_iterator rit = action_trace->rbegin();
876 for (; (*rit) != acquire; rit++) {
877 ModelAction *propagate = *rit;
878 if (acquire->happens_before(propagate)) {
879 propagate->synchronize_with(acquire);
880 /* Re-check 'propagate' for mo_graph edges */
881 work_queue->push_back(MOEdgeWorkEntry(propagate));
885 /* Break release sequence with new edges:
886 * release --mo--> write --mo--> rf */
887 mo_graph->addEdge(release, write);
888 mo_graph->addEdge(write, rf);
891 /* See if we have realized a data race */
892 if (checkDataRaces())
893 assert_bug("Datarace");
897 * Initialize the current action by performing one or more of the following
898 * actions, as appropriate: merging RMWR and RMWC/RMW actions, stepping forward
899 * in the NodeStack, manipulating backtracking sets, allocating and
900 * initializing clock vectors, and computing the promises to fulfill.
902 * @param curr The current action, as passed from the user context; may be
903 * freed/invalidated after the execution of this function, with a different
904 * action "returned" its place (pass-by-reference)
905 * @return True if curr is a newly-explored action; false otherwise
907 bool ModelChecker::initialize_curr_action(ModelAction **curr)
909 ModelAction *newcurr;
911 if ((*curr)->is_rmwc() || (*curr)->is_rmw()) {
912 newcurr = process_rmw(*curr);
915 if (newcurr->is_rmw())
916 compute_promises(newcurr);
922 (*curr)->set_seq_number(get_next_seq_num());
924 newcurr = node_stack->explore_action(*curr, scheduler->get_enabled());
926 /* First restore type and order in case of RMW operation */
927 if ((*curr)->is_rmwr())
928 newcurr->copy_typeandorder(*curr);
930 ASSERT((*curr)->get_location() == newcurr->get_location());
931 newcurr->copy_from_new(*curr);
933 /* Discard duplicate ModelAction; use action from NodeStack */
936 /* Always compute new clock vector */
937 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
940 return false; /* Action was explored previously */
944 /* Always compute new clock vector */
945 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
947 * Perform one-time actions when pushing new ModelAction onto
950 if (newcurr->is_write())
951 compute_promises(newcurr);
952 else if (newcurr->is_relseq_fixup())
953 compute_relseq_breakwrites(newcurr);
954 else if (newcurr->is_wait())
955 newcurr->get_node()->set_misc_max(2);
956 else if (newcurr->is_notify_one()) {
957 newcurr->get_node()->set_misc_max(get_safe_ptr_action(condvar_waiters_map, newcurr->get_location())->size());
959 return true; /* This was a new ModelAction */
964 * @brief Check whether a model action is enabled.
966 * Checks whether a lock or join operation would be successful (i.e., is the
967 * lock already locked, or is the joined thread already complete). If not, put
968 * the action in a waiter list.
970 * @param curr is the ModelAction to check whether it is enabled.
971 * @return a bool that indicates whether the action is enabled.
973 bool ModelChecker::check_action_enabled(ModelAction *curr) {
974 if (curr->is_lock()) {
975 std::mutex * lock = (std::mutex *)curr->get_location();
976 struct std::mutex_state * state = lock->get_state();
977 if (state->islocked) {
978 //Stick the action in the appropriate waiting queue
979 get_safe_ptr_action(lock_waiters_map, curr->get_location())->push_back(curr);
982 } else if (curr->get_type() == THREAD_JOIN) {
983 Thread *blocking = (Thread *)curr->get_location();
984 if (!blocking->is_complete()) {
985 blocking->push_wait_list(curr);
994 * Stores the ModelAction for the current thread action. Call this
995 * immediately before switching from user- to system-context to pass
997 * @param act The ModelAction created by the user-thread action
999 void ModelChecker::set_current_action(ModelAction *act) {
1000 priv->current_action = act;
1004 * This is the heart of the model checker routine. It performs model-checking
1005 * actions corresponding to a given "current action." Among other processes, it
1006 * calculates reads-from relationships, updates synchronization clock vectors,
1007 * forms a memory_order constraints graph, and handles replay/backtrack
1008 * execution when running permutations of previously-observed executions.
1010 * @param curr The current action to process
1011 * @return The next Thread that must be executed. May be NULL if ModelChecker
1012 * makes no choice (e.g., according to replay execution, combining RMW actions,
1015 Thread * ModelChecker::check_current_action(ModelAction *curr)
1018 bool second_part_of_rmw = curr->is_rmwc() || curr->is_rmw();
1020 if (!check_action_enabled(curr)) {
1021 /* Make the execution look like we chose to run this action
1022 * much later, when a lock/join can succeed */
1023 get_current_thread()->set_pending(curr);
1024 scheduler->sleep(get_current_thread());
1025 return get_next_thread(NULL);
1028 bool newly_explored = initialize_curr_action(&curr);
1030 wake_up_sleeping_actions(curr);
1032 /* Add the action to lists before any other model-checking tasks */
1033 if (!second_part_of_rmw)
1034 add_action_to_lists(curr);
1036 /* Build may_read_from set for newly-created actions */
1037 if (newly_explored && curr->is_read())
1038 build_reads_from_past(curr);
1040 /* Initialize work_queue with the "current action" work */
1041 work_queue_t work_queue(1, CheckCurrWorkEntry(curr));
1042 while (!work_queue.empty() && !has_asserted()) {
1043 WorkQueueEntry work = work_queue.front();
1044 work_queue.pop_front();
1046 switch (work.type) {
1047 case WORK_CHECK_CURR_ACTION: {
1048 ModelAction *act = work.action;
1049 bool update = false; /* update this location's release seq's */
1050 bool update_all = false; /* update all release seq's */
1052 if (process_thread_action(curr))
1055 if (act->is_read() && process_read(act, second_part_of_rmw))
1058 if (act->is_write() && process_write(act))
1061 if (act->is_mutex_op() && process_mutex(act))
1064 if (act->is_relseq_fixup())
1065 process_relseq_fixup(curr, &work_queue);
1068 work_queue.push_back(CheckRelSeqWorkEntry(NULL));
1070 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1073 case WORK_CHECK_RELEASE_SEQ:
1074 resolve_release_sequences(work.location, &work_queue);
1076 case WORK_CHECK_MO_EDGES: {
1077 /** @todo Complete verification of work_queue */
1078 ModelAction *act = work.action;
1079 bool updated = false;
1081 if (act->is_read()) {
1082 const ModelAction *rf = act->get_reads_from();
1083 if (rf != NULL && r_modification_order(act, rf))
1086 if (act->is_write()) {
1087 if (w_modification_order(act))
1090 mo_graph->commitChanges();
1093 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1102 check_curr_backtracking(curr);
1103 set_backtracking(curr);
1104 return get_next_thread(curr);
1107 void ModelChecker::check_curr_backtracking(ModelAction * curr) {
1108 Node *currnode = curr->get_node();
1109 Node *parnode = currnode->get_parent();
1111 if ((!parnode->backtrack_empty() ||
1112 !currnode->misc_empty() ||
1113 !currnode->read_from_empty() ||
1114 !currnode->future_value_empty() ||
1115 !currnode->promise_empty() ||
1116 !currnode->relseq_break_empty())
1117 && (!priv->next_backtrack ||
1118 *curr > *priv->next_backtrack)) {
1119 priv->next_backtrack = curr;
1123 bool ModelChecker::promises_expired() const
1125 for (unsigned int promise_index = 0; promise_index < promises->size(); promise_index++) {
1126 Promise *promise = (*promises)[promise_index];
1127 if (promise->get_expiration()<priv->used_sequence_numbers) {
1134 /** @return whether the current partial trace must be a prefix of a
1135 * feasible trace. */
1136 bool ModelChecker::isfeasibleprefix() const
1138 return promises->size() == 0 && pending_rel_seqs->size() == 0 && isfeasible();
1141 /** @return whether the current partial trace is feasible. */
1142 bool ModelChecker::isfeasible() const
1144 if (DBG_ENABLED() && mo_graph->checkForRMWViolation())
1145 DEBUG("Infeasible: RMW violation\n");
1147 return !mo_graph->checkForRMWViolation() && isfeasibleotherthanRMW();
1150 /** @return whether the current partial trace is feasible other than
1151 * multiple RMW reading from the same store. */
1152 bool ModelChecker::isfeasibleotherthanRMW() const
1154 if (DBG_ENABLED()) {
1155 if (mo_graph->checkForCycles())
1156 DEBUG("Infeasible: modification order cycles\n");
1158 DEBUG("Infeasible: failed promise\n");
1160 DEBUG("Infeasible: too many reads\n");
1161 if (bad_synchronization)
1162 DEBUG("Infeasible: bad synchronization ordering\n");
1163 if (promises_expired())
1164 DEBUG("Infeasible: promises expired\n");
1166 return !mo_graph->checkForCycles() && !failed_promise && !too_many_reads && !bad_synchronization && !promises_expired();
1169 /** Returns whether the current completed trace is feasible. */
1170 bool ModelChecker::isfinalfeasible() const
1172 if (DBG_ENABLED() && promises->size() != 0)
1173 DEBUG("Infeasible: unrevolved promises\n");
1175 return isfeasible() && promises->size() == 0;
1178 /** Close out a RMWR by converting previous RMWR into a RMW or READ. */
1179 ModelAction * ModelChecker::process_rmw(ModelAction *act) {
1180 ModelAction *lastread = get_last_action(act->get_tid());
1181 lastread->process_rmw(act);
1182 if (act->is_rmw() && lastread->get_reads_from()!=NULL) {
1183 mo_graph->addRMWEdge(lastread->get_reads_from(), lastread);
1184 mo_graph->commitChanges();
1190 * Checks whether a thread has read from the same write for too many times
1191 * without seeing the effects of a later write.
1194 * 1) there must a different write that we could read from that would satisfy the modification order,
1195 * 2) we must have read from the same value in excess of maxreads times, and
1196 * 3) that other write must have been in the reads_from set for maxreads times.
1198 * If so, we decide that the execution is no longer feasible.
1200 void ModelChecker::check_recency(ModelAction *curr, const ModelAction *rf) {
1201 if (params.maxreads != 0) {
1203 if (curr->get_node()->get_read_from_size() <= 1)
1205 //Must make sure that execution is currently feasible... We could
1206 //accidentally clear by rolling back
1209 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1210 int tid = id_to_int(curr->get_tid());
1213 if ((int)thrd_lists->size() <= tid)
1215 action_list_t *list = &(*thrd_lists)[tid];
1217 action_list_t::reverse_iterator rit = list->rbegin();
1218 /* Skip past curr */
1219 for (; (*rit) != curr; rit++)
1221 /* go past curr now */
1224 action_list_t::reverse_iterator ritcopy = rit;
1225 //See if we have enough reads from the same value
1227 for (; count < params.maxreads; rit++,count++) {
1228 if (rit==list->rend())
1230 ModelAction *act = *rit;
1231 if (!act->is_read())
1234 if (act->get_reads_from() != rf)
1236 if (act->get_node()->get_read_from_size() <= 1)
1239 for (int i = 0; i<curr->get_node()->get_read_from_size(); i++) {
1241 const ModelAction * write = curr->get_node()->get_read_from_at(i);
1243 //Need a different write
1247 /* Test to see whether this is a feasible write to read from*/
1248 mo_graph->startChanges();
1249 r_modification_order(curr, write);
1250 bool feasiblereadfrom = isfeasible();
1251 mo_graph->rollbackChanges();
1253 if (!feasiblereadfrom)
1257 bool feasiblewrite = true;
1258 //new we need to see if this write works for everyone
1260 for (int loop = count; loop>0; loop--,rit++) {
1261 ModelAction *act=*rit;
1262 bool foundvalue = false;
1263 for (int j = 0; j<act->get_node()->get_read_from_size(); j++) {
1264 if (act->get_node()->get_read_from_at(j)==write) {
1270 feasiblewrite = false;
1274 if (feasiblewrite) {
1275 too_many_reads = true;
1283 * Updates the mo_graph with the constraints imposed from the current
1286 * Basic idea is the following: Go through each other thread and find
1287 * the lastest action that happened before our read. Two cases:
1289 * (1) The action is a write => that write must either occur before
1290 * the write we read from or be the write we read from.
1292 * (2) The action is a read => the write that that action read from
1293 * must occur before the write we read from or be the same write.
1295 * @param curr The current action. Must be a read.
1296 * @param rf The action that curr reads from. Must be a write.
1297 * @return True if modification order edges were added; false otherwise
1299 bool ModelChecker::r_modification_order(ModelAction *curr, const ModelAction *rf)
1301 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1304 ASSERT(curr->is_read());
1306 /* Iterate over all threads */
1307 for (i = 0; i < thrd_lists->size(); i++) {
1308 /* Iterate over actions in thread, starting from most recent */
1309 action_list_t *list = &(*thrd_lists)[i];
1310 action_list_t::reverse_iterator rit;
1311 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1312 ModelAction *act = *rit;
1315 * Include at most one act per-thread that "happens
1316 * before" curr. Don't consider reflexively.
1318 if (act->happens_before(curr) && act != curr) {
1319 if (act->is_write()) {
1321 mo_graph->addEdge(act, rf);
1325 const ModelAction *prevreadfrom = act->get_reads_from();
1326 //if the previous read is unresolved, keep going...
1327 if (prevreadfrom == NULL)
1330 if (rf != prevreadfrom) {
1331 mo_graph->addEdge(prevreadfrom, rf);
1343 /** This method fixes up the modification order when we resolve a
1344 * promises. The basic problem is that actions that occur after the
1345 * read curr could not property add items to the modification order
1348 * So for each thread, we find the earliest item that happens after
1349 * the read curr. This is the item we have to fix up with additional
1350 * constraints. If that action is write, we add a MO edge between
1351 * the Action rf and that action. If the action is a read, we add a
1352 * MO edge between the Action rf, and whatever the read accessed.
1354 * @param curr is the read ModelAction that we are fixing up MO edges for.
1355 * @param rf is the write ModelAction that curr reads from.
1358 void ModelChecker::post_r_modification_order(ModelAction *curr, const ModelAction *rf)
1360 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1362 ASSERT(curr->is_read());
1364 /* Iterate over all threads */
1365 for (i = 0; i < thrd_lists->size(); i++) {
1366 /* Iterate over actions in thread, starting from most recent */
1367 action_list_t *list = &(*thrd_lists)[i];
1368 action_list_t::reverse_iterator rit;
1369 ModelAction *lastact = NULL;
1371 /* Find last action that happens after curr that is either not curr or a rmw */
1372 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1373 ModelAction *act = *rit;
1374 if (curr->happens_before(act) && (curr != act || curr->is_rmw())) {
1380 /* Include at most one act per-thread that "happens before" curr */
1381 if (lastact != NULL) {
1382 if (lastact==curr) {
1383 //Case 1: The resolved read is a RMW, and we need to make sure
1384 //that the write portion of the RMW mod order after rf
1386 mo_graph->addEdge(rf, lastact);
1387 } else if (lastact->is_read()) {
1388 //Case 2: The resolved read is a normal read and the next
1389 //operation is a read, and we need to make sure the value read
1390 //is mod ordered after rf
1392 const ModelAction *postreadfrom = lastact->get_reads_from();
1393 if (postreadfrom != NULL&&rf != postreadfrom)
1394 mo_graph->addEdge(rf, postreadfrom);
1396 //Case 3: The resolved read is a normal read and the next
1397 //operation is a write, and we need to make sure that the
1398 //write is mod ordered after rf
1400 mo_graph->addEdge(rf, lastact);
1408 * Updates the mo_graph with the constraints imposed from the current write.
1410 * Basic idea is the following: Go through each other thread and find
1411 * the lastest action that happened before our write. Two cases:
1413 * (1) The action is a write => that write must occur before
1416 * (2) The action is a read => the write that that action read from
1417 * must occur before the current write.
1419 * This method also handles two other issues:
1421 * (I) Sequential Consistency: Making sure that if the current write is
1422 * seq_cst, that it occurs after the previous seq_cst write.
1424 * (II) Sending the write back to non-synchronizing reads.
1426 * @param curr The current action. Must be a write.
1427 * @return True if modification order edges were added; false otherwise
1429 bool ModelChecker::w_modification_order(ModelAction *curr)
1431 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1434 ASSERT(curr->is_write());
1436 if (curr->is_seqcst()) {
1437 /* We have to at least see the last sequentially consistent write,
1438 so we are initialized. */
1439 ModelAction *last_seq_cst = get_last_seq_cst(curr);
1440 if (last_seq_cst != NULL) {
1441 mo_graph->addEdge(last_seq_cst, curr);
1446 /* Iterate over all threads */
1447 for (i = 0; i < thrd_lists->size(); i++) {
1448 /* Iterate over actions in thread, starting from most recent */
1449 action_list_t *list = &(*thrd_lists)[i];
1450 action_list_t::reverse_iterator rit;
1451 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1452 ModelAction *act = *rit;
1455 * 1) If RMW and it actually read from something, then we
1456 * already have all relevant edges, so just skip to next
1459 * 2) If RMW and it didn't read from anything, we should
1460 * whatever edge we can get to speed up convergence.
1462 * 3) If normal write, we need to look at earlier actions, so
1463 * continue processing list.
1465 if (curr->is_rmw()) {
1466 if (curr->get_reads_from()!=NULL)
1475 * Include at most one act per-thread that "happens
1478 if (act->happens_before(curr)) {
1480 * Note: if act is RMW, just add edge:
1482 * The following edge should be handled elsewhere:
1483 * readfrom(act) --mo--> act
1485 if (act->is_write())
1486 mo_graph->addEdge(act, curr);
1487 else if (act->is_read()) {
1488 //if previous read accessed a null, just keep going
1489 if (act->get_reads_from() == NULL)
1491 mo_graph->addEdge(act->get_reads_from(), curr);
1495 } else if (act->is_read() && !act->could_synchronize_with(curr) &&
1496 !act->same_thread(curr)) {
1497 /* We have an action that:
1498 (1) did not happen before us
1499 (2) is a read and we are a write
1500 (3) cannot synchronize with us
1501 (4) is in a different thread
1503 that read could potentially read from our write. Note that
1504 these checks are overly conservative at this point, we'll
1505 do more checks before actually removing the
1509 if (thin_air_constraint_may_allow(curr, act)) {
1511 (curr->is_rmw() && act->is_rmw() && curr->get_reads_from() == act->get_reads_from() && isfeasibleotherthanRMW())) {
1512 struct PendingFutureValue pfv = {curr,act};
1513 futurevalues->push_back(pfv);
1523 /** Arbitrary reads from the future are not allowed. Section 29.3
1524 * part 9 places some constraints. This method checks one result of constraint
1525 * constraint. Others require compiler support. */
1526 bool ModelChecker::thin_air_constraint_may_allow(const ModelAction * writer, const ModelAction *reader) {
1527 if (!writer->is_rmw())
1530 if (!reader->is_rmw())
1533 for (const ModelAction *search = writer->get_reads_from(); search != NULL; search = search->get_reads_from()) {
1534 if (search == reader)
1536 if (search->get_tid() == reader->get_tid() &&
1537 search->happens_before(reader))
1545 * Arbitrary reads from the future are not allowed. Section 29.3 part 9 places
1546 * some constraints. This method checks one the following constraint (others
1547 * require compiler support):
1549 * If X --hb-> Y --mo-> Z, then X should not read from Z.
1551 bool ModelChecker::mo_may_allow(const ModelAction *writer, const ModelAction *reader)
1553 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, reader->get_location());
1555 /* Iterate over all threads */
1556 for (i = 0; i < thrd_lists->size(); i++) {
1557 const ModelAction *write_after_read = NULL;
1559 /* Iterate over actions in thread, starting from most recent */
1560 action_list_t *list = &(*thrd_lists)[i];
1561 action_list_t::reverse_iterator rit;
1562 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1563 ModelAction *act = *rit;
1565 if (!reader->happens_before(act))
1567 else if (act->is_write())
1568 write_after_read = act;
1569 else if (act->is_read() && act->get_reads_from() != NULL && act != reader) {
1570 write_after_read = act->get_reads_from();
1574 if (write_after_read && write_after_read!=writer && mo_graph->checkReachable(write_after_read, writer))
1581 * Finds the head(s) of the release sequence(s) containing a given ModelAction.
1582 * The ModelAction under consideration is expected to be taking part in
1583 * release/acquire synchronization as an object of the "reads from" relation.
1584 * Note that this can only provide release sequence support for RMW chains
1585 * which do not read from the future, as those actions cannot be traced until
1586 * their "promise" is fulfilled. Similarly, we may not even establish the
1587 * presence of a release sequence with certainty, as some modification order
1588 * constraints may be decided further in the future. Thus, this function
1589 * "returns" two pieces of data: a pass-by-reference vector of @a release_heads
1590 * and a boolean representing certainty.
1592 * @param rf The action that might be part of a release sequence. Must be a
1594 * @param release_heads A pass-by-reference style return parameter. After
1595 * execution of this function, release_heads will contain the heads of all the
1596 * relevant release sequences, if any exists with certainty
1597 * @param pending A pass-by-reference style return parameter which is only used
1598 * when returning false (i.e., uncertain). Returns most information regarding
1599 * an uncertain release sequence, including any write operations that might
1600 * break the sequence.
1601 * @return true, if the ModelChecker is certain that release_heads is complete;
1604 bool ModelChecker::release_seq_heads(const ModelAction *rf,
1605 rel_heads_list_t *release_heads,
1606 struct release_seq *pending) const
1608 /* Only check for release sequences if there are no cycles */
1609 if (mo_graph->checkForCycles())
1613 ASSERT(rf->is_write());
1615 if (rf->is_release())
1616 release_heads->push_back(rf);
1618 break; /* End of RMW chain */
1620 /** @todo Need to be smarter here... In the linux lock
1621 * example, this will run to the beginning of the program for
1623 /** @todo The way to be smarter here is to keep going until 1
1624 * thread has a release preceded by an acquire and you've seen
1627 /* acq_rel RMW is a sufficient stopping condition */
1628 if (rf->is_acquire() && rf->is_release())
1629 return true; /* complete */
1631 rf = rf->get_reads_from();
1634 /* read from future: need to settle this later */
1636 return false; /* incomplete */
1639 if (rf->is_release())
1640 return true; /* complete */
1642 /* else relaxed write; check modification order for contiguous subsequence
1643 * -> rf must be same thread as release */
1644 int tid = id_to_int(rf->get_tid());
1645 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, rf->get_location());
1646 action_list_t *list = &(*thrd_lists)[tid];
1647 action_list_t::const_reverse_iterator rit;
1649 /* Find rf in the thread list */
1650 rit = std::find(list->rbegin(), list->rend(), rf);
1651 ASSERT(rit != list->rend());
1653 /* Find the last write/release */
1654 for (; rit != list->rend(); rit++)
1655 if ((*rit)->is_release())
1657 if (rit == list->rend()) {
1658 /* No write-release in this thread */
1659 return true; /* complete */
1661 ModelAction *release = *rit;
1663 ASSERT(rf->same_thread(release));
1665 pending->writes.clear();
1667 bool certain = true;
1668 for (unsigned int i = 0; i < thrd_lists->size(); i++) {
1669 if (id_to_int(rf->get_tid()) == (int)i)
1671 list = &(*thrd_lists)[i];
1673 /* Can we ensure no future writes from this thread may break
1674 * the release seq? */
1675 bool future_ordered = false;
1677 ModelAction *last = get_last_action(int_to_id(i));
1678 Thread *th = get_thread(int_to_id(i));
1679 if ((last && rf->happens_before(last)) ||
1682 future_ordered = true;
1684 ASSERT(!th->is_model_thread() || future_ordered);
1686 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1687 const ModelAction *act = *rit;
1688 /* Reach synchronization -> this thread is complete */
1689 if (act->happens_before(release))
1691 if (rf->happens_before(act)) {
1692 future_ordered = true;
1696 /* Only non-RMW writes can break release sequences */
1697 if (!act->is_write() || act->is_rmw())
1700 /* Check modification order */
1701 if (mo_graph->checkReachable(rf, act)) {
1702 /* rf --mo--> act */
1703 future_ordered = true;
1706 if (mo_graph->checkReachable(act, release))
1707 /* act --mo--> release */
1709 if (mo_graph->checkReachable(release, act) &&
1710 mo_graph->checkReachable(act, rf)) {
1711 /* release --mo-> act --mo--> rf */
1712 return true; /* complete */
1714 /* act may break release sequence */
1715 pending->writes.push_back(act);
1718 if (!future_ordered)
1719 certain = false; /* This thread is uncertain */
1723 release_heads->push_back(release);
1724 pending->writes.clear();
1726 pending->release = release;
1733 * A public interface for getting the release sequence head(s) with which a
1734 * given ModelAction must synchronize. This function only returns a non-empty
1735 * result when it can locate a release sequence head with certainty. Otherwise,
1736 * it may mark the internal state of the ModelChecker so that it will handle
1737 * the release sequence at a later time, causing @a act to update its
1738 * synchronization at some later point in execution.
1739 * @param act The 'acquire' action that may read from a release sequence
1740 * @param release_heads A pass-by-reference return parameter. Will be filled
1741 * with the head(s) of the release sequence(s), if they exists with certainty.
1742 * @see ModelChecker::release_seq_heads
1744 void ModelChecker::get_release_seq_heads(ModelAction *act, rel_heads_list_t *release_heads)
1746 const ModelAction *rf = act->get_reads_from();
1747 struct release_seq *sequence = (struct release_seq *)snapshot_calloc(1, sizeof(struct release_seq));
1748 sequence->acquire = act;
1750 if (!release_seq_heads(rf, release_heads, sequence)) {
1751 /* add act to 'lazy checking' list */
1752 pending_rel_seqs->push_back(sequence);
1754 snapshot_free(sequence);
1759 * Attempt to resolve all stashed operations that might synchronize with a
1760 * release sequence for a given location. This implements the "lazy" portion of
1761 * determining whether or not a release sequence was contiguous, since not all
1762 * modification order information is present at the time an action occurs.
1764 * @param location The location/object that should be checked for release
1765 * sequence resolutions. A NULL value means to check all locations.
1766 * @param work_queue The work queue to which to add work items as they are
1768 * @return True if any updates occurred (new synchronization, new mo_graph
1771 bool ModelChecker::resolve_release_sequences(void *location, work_queue_t *work_queue)
1773 bool updated = false;
1774 std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >::iterator it = pending_rel_seqs->begin();
1775 while (it != pending_rel_seqs->end()) {
1776 struct release_seq *pending = *it;
1777 ModelAction *act = pending->acquire;
1779 /* Only resolve sequences on the given location, if provided */
1780 if (location && act->get_location() != location) {
1785 const ModelAction *rf = act->get_reads_from();
1786 rel_heads_list_t release_heads;
1788 complete = release_seq_heads(rf, &release_heads, pending);
1789 for (unsigned int i = 0; i < release_heads.size(); i++) {
1790 if (!act->has_synchronized_with(release_heads[i])) {
1791 if (act->synchronize_with(release_heads[i]))
1794 set_bad_synchronization();
1799 /* Re-check all pending release sequences */
1800 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
1801 /* Re-check act for mo_graph edges */
1802 work_queue->push_back(MOEdgeWorkEntry(act));
1804 /* propagate synchronization to later actions */
1805 action_list_t::reverse_iterator rit = action_trace->rbegin();
1806 for (; (*rit) != act; rit++) {
1807 ModelAction *propagate = *rit;
1808 if (act->happens_before(propagate)) {
1809 propagate->synchronize_with(act);
1810 /* Re-check 'propagate' for mo_graph edges */
1811 work_queue->push_back(MOEdgeWorkEntry(propagate));
1816 it = pending_rel_seqs->erase(it);
1817 snapshot_free(pending);
1823 // If we resolved promises or data races, see if we have realized a data race.
1824 if (checkDataRaces())
1825 assert_bug("Datarace");
1831 * Performs various bookkeeping operations for the current ModelAction. For
1832 * instance, adds action to the per-object, per-thread action vector and to the
1833 * action trace list of all thread actions.
1835 * @param act is the ModelAction to add.
1837 void ModelChecker::add_action_to_lists(ModelAction *act)
1839 int tid = id_to_int(act->get_tid());
1840 action_trace->push_back(act);
1842 get_safe_ptr_action(obj_map, act->get_location())->push_back(act);
1844 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, act->get_location());
1845 if (tid >= (int)vec->size())
1846 vec->resize(priv->next_thread_id);
1847 (*vec)[tid].push_back(act);
1849 if ((int)thrd_last_action->size() <= tid)
1850 thrd_last_action->resize(get_num_threads());
1851 (*thrd_last_action)[tid] = act;
1853 if (act->is_wait()) {
1854 void *mutex_loc=(void *) act->get_value();
1855 get_safe_ptr_action(obj_map, mutex_loc)->push_back(act);
1857 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, mutex_loc);
1858 if (tid >= (int)vec->size())
1859 vec->resize(priv->next_thread_id);
1860 (*vec)[tid].push_back(act);
1862 if ((int)thrd_last_action->size() <= tid)
1863 thrd_last_action->resize(get_num_threads());
1864 (*thrd_last_action)[tid] = act;
1869 * @brief Get the last action performed by a particular Thread
1870 * @param tid The thread ID of the Thread in question
1871 * @return The last action in the thread
1873 ModelAction * ModelChecker::get_last_action(thread_id_t tid) const
1875 int threadid = id_to_int(tid);
1876 if (threadid < (int)thrd_last_action->size())
1877 return (*thrd_last_action)[id_to_int(tid)];
1883 * Gets the last memory_order_seq_cst write (in the total global sequence)
1884 * performed on a particular object (i.e., memory location), not including the
1886 * @param curr The current ModelAction; also denotes the object location to
1888 * @return The last seq_cst write
1890 ModelAction * ModelChecker::get_last_seq_cst(ModelAction *curr) const
1892 void *location = curr->get_location();
1893 action_list_t *list = get_safe_ptr_action(obj_map, location);
1894 /* Find: max({i in dom(S) | seq_cst(t_i) && isWrite(t_i) && samevar(t_i, t)}) */
1895 action_list_t::reverse_iterator rit;
1896 for (rit = list->rbegin(); rit != list->rend(); rit++)
1897 if ((*rit)->is_write() && (*rit)->is_seqcst() && (*rit) != curr)
1903 * Gets the last unlock operation performed on a particular mutex (i.e., memory
1904 * location). This function identifies the mutex according to the current
1905 * action, which is presumed to perform on the same mutex.
1906 * @param curr The current ModelAction; also denotes the object location to
1908 * @return The last unlock operation
1910 ModelAction * ModelChecker::get_last_unlock(ModelAction *curr) const
1912 void *location = curr->get_location();
1913 action_list_t *list = get_safe_ptr_action(obj_map, location);
1914 /* Find: max({i in dom(S) | isUnlock(t_i) && samevar(t_i, t)}) */
1915 action_list_t::reverse_iterator rit;
1916 for (rit = list->rbegin(); rit != list->rend(); rit++)
1917 if ((*rit)->is_unlock() || (*rit)->is_wait())
1922 ModelAction * ModelChecker::get_parent_action(thread_id_t tid)
1924 ModelAction *parent = get_last_action(tid);
1926 parent = get_thread(tid)->get_creation();
1931 * Returns the clock vector for a given thread.
1932 * @param tid The thread whose clock vector we want
1933 * @return Desired clock vector
1935 ClockVector * ModelChecker::get_cv(thread_id_t tid)
1937 return get_parent_action(tid)->get_cv();
1941 * Resolve a set of Promises with a current write. The set is provided in the
1942 * Node corresponding to @a write.
1943 * @param write The ModelAction that is fulfilling Promises
1944 * @return True if promises were resolved; false otherwise
1946 bool ModelChecker::resolve_promises(ModelAction *write)
1948 bool resolved = false;
1949 std::vector< thread_id_t, ModelAlloc<thread_id_t> > threads_to_check;
1951 for (unsigned int i = 0, promise_index = 0; promise_index < promises->size(); i++) {
1952 Promise *promise = (*promises)[promise_index];
1953 if (write->get_node()->get_promise(i)) {
1954 ModelAction *read = promise->get_action();
1955 if (read->is_rmw()) {
1956 mo_graph->addRMWEdge(write, read);
1958 read->read_from(write);
1959 //First fix up the modification order for actions that happened
1961 r_modification_order(read, write);
1962 //Next fix up the modification order for actions that happened
1964 post_r_modification_order(read, write);
1965 //Make sure the promise's value matches the write's value
1966 ASSERT(promise->get_value() == write->get_value());
1969 promises->erase(promises->begin() + promise_index);
1970 threads_to_check.push_back(read->get_tid());
1977 //Check whether reading these writes has made threads unable to
1980 for(unsigned int i=0;i<threads_to_check.size();i++)
1981 mo_check_promises(threads_to_check[i], write);
1987 * Compute the set of promises that could potentially be satisfied by this
1988 * action. Note that the set computation actually appears in the Node, not in
1990 * @param curr The ModelAction that may satisfy promises
1992 void ModelChecker::compute_promises(ModelAction *curr)
1994 for (unsigned int i = 0; i < promises->size(); i++) {
1995 Promise *promise = (*promises)[i];
1996 const ModelAction *act = promise->get_action();
1997 if (!act->happens_before(curr) &&
1999 !act->could_synchronize_with(curr) &&
2000 !act->same_thread(curr) &&
2001 act->get_location() == curr->get_location() &&
2002 promise->get_value() == curr->get_value()) {
2003 curr->get_node()->set_promise(i, act->is_rmw());
2008 /** Checks promises in response to change in ClockVector Threads. */
2009 void ModelChecker::check_promises(thread_id_t tid, ClockVector *old_cv, ClockVector *merge_cv)
2011 for (unsigned int i = 0; i < promises->size(); i++) {
2012 Promise *promise = (*promises)[i];
2013 const ModelAction *act = promise->get_action();
2014 if ((old_cv == NULL || !old_cv->synchronized_since(act)) &&
2015 merge_cv->synchronized_since(act)) {
2016 if (promise->increment_threads(tid)) {
2017 //Promise has failed
2018 failed_promise = true;
2025 void ModelChecker::check_promises_thread_disabled() {
2026 for (unsigned int i = 0; i < promises->size(); i++) {
2027 Promise *promise = (*promises)[i];
2028 if (promise->check_promise()) {
2029 failed_promise = true;
2035 /** Checks promises in response to addition to modification order for threads.
2037 * pthread is the thread that performed the read that created the promise
2039 * pread is the read that created the promise
2041 * pwrite is either the first write to same location as pread by
2042 * pthread that is sequenced after pread or the value read by the
2043 * first read to the same lcoation as pread by pthread that is
2044 * sequenced after pread..
2046 * 1. If tid=pthread, then we check what other threads are reachable
2047 * through the mode order starting with pwrite. Those threads cannot
2048 * perform a write that will resolve the promise due to modification
2049 * order constraints.
2051 * 2. If the tid is not pthread, we check whether pwrite can reach the
2052 * action write through the modification order. If so, that thread
2053 * cannot perform a future write that will resolve the promise due to
2054 * modificatin order constraints.
2056 * @parem tid The thread that either read from the model action
2057 * write, or actually did the model action write.
2059 * @parem write The ModelAction representing the relevant write.
2062 void ModelChecker::mo_check_promises(thread_id_t tid, const ModelAction *write) {
2063 void * location = write->get_location();
2064 for (unsigned int i = 0; i < promises->size(); i++) {
2065 Promise *promise = (*promises)[i];
2066 const ModelAction *act = promise->get_action();
2068 //Is this promise on the same location?
2069 if ( act->get_location() != location )
2072 //same thread as the promise
2073 if ( act->get_tid()==tid ) {
2075 //do we have a pwrite for the promise, if not, set it
2076 if (promise->get_write() == NULL ) {
2077 promise->set_write(write);
2078 //The pwrite cannot happen before the promise
2079 if (write->happens_before(act) && (write != act)) {
2080 failed_promise = true;
2084 if (mo_graph->checkPromise(write, promise)) {
2085 failed_promise = true;
2090 //Don't do any lookups twice for the same thread
2091 if (promise->has_sync_thread(tid))
2094 if (promise->get_write()&&mo_graph->checkReachable(promise->get_write(), write)) {
2095 if (promise->increment_threads(tid)) {
2096 failed_promise = true;
2104 * Compute the set of writes that may break the current pending release
2105 * sequence. This information is extracted from previou release sequence
2108 * @param curr The current ModelAction. Must be a release sequence fixup
2111 void ModelChecker::compute_relseq_breakwrites(ModelAction *curr)
2113 if (pending_rel_seqs->empty())
2116 struct release_seq *pending = pending_rel_seqs->back();
2117 for (unsigned int i = 0; i < pending->writes.size(); i++) {
2118 const ModelAction *write = pending->writes[i];
2119 curr->get_node()->add_relseq_break(write);
2122 /* NULL means don't break the sequence; just synchronize */
2123 curr->get_node()->add_relseq_break(NULL);
2127 * Build up an initial set of all past writes that this 'read' action may read
2128 * from. This set is determined by the clock vector's "happens before"
2130 * @param curr is the current ModelAction that we are exploring; it must be a
2133 void ModelChecker::build_reads_from_past(ModelAction *curr)
2135 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
2137 ASSERT(curr->is_read());
2139 ModelAction *last_seq_cst = NULL;
2141 /* Track whether this object has been initialized */
2142 bool initialized = false;
2144 if (curr->is_seqcst()) {
2145 last_seq_cst = get_last_seq_cst(curr);
2146 /* We have to at least see the last sequentially consistent write,
2147 so we are initialized. */
2148 if (last_seq_cst != NULL)
2152 /* Iterate over all threads */
2153 for (i = 0; i < thrd_lists->size(); i++) {
2154 /* Iterate over actions in thread, starting from most recent */
2155 action_list_t *list = &(*thrd_lists)[i];
2156 action_list_t::reverse_iterator rit;
2157 for (rit = list->rbegin(); rit != list->rend(); rit++) {
2158 ModelAction *act = *rit;
2160 /* Only consider 'write' actions */
2161 if (!act->is_write() || act == curr)
2164 /* Don't consider more than one seq_cst write if we are a seq_cst read. */
2165 if (!curr->is_seqcst() || (!act->is_seqcst() && (last_seq_cst == NULL || !act->happens_before(last_seq_cst))) || act == last_seq_cst) {
2166 if (!curr->get_sleep_flag() || curr->is_seqcst() || sleep_can_read_from(curr, act)) {
2167 DEBUG("Adding action to may_read_from:\n");
2168 if (DBG_ENABLED()) {
2172 curr->get_node()->add_read_from(act);
2176 /* Include at most one act per-thread that "happens before" curr */
2177 if (act->happens_before(curr)) {
2185 assert_bug("May read from uninitialized atomic");
2187 if (DBG_ENABLED() || !initialized) {
2188 printf("Reached read action:\n");
2190 printf("Printing may_read_from\n");
2191 curr->get_node()->print_may_read_from();
2192 printf("End printing may_read_from\n");
2196 bool ModelChecker::sleep_can_read_from(ModelAction * curr, const ModelAction *write) {
2198 Node *prevnode=write->get_node()->get_parent();
2200 bool thread_sleep=prevnode->enabled_status(curr->get_tid())==THREAD_SLEEP_SET;
2201 if (write->is_release()&&thread_sleep)
2203 if (!write->is_rmw()) {
2206 if (write->get_reads_from()==NULL)
2208 write=write->get_reads_from();
2212 static void print_list(action_list_t *list)
2214 action_list_t::iterator it;
2216 printf("---------------------------------------------------------------------\n");
2218 unsigned int hash=0;
2220 for (it = list->begin(); it != list->end(); it++) {
2222 hash=hash^(hash<<3)^((*it)->hash());
2224 printf("HASH %u\n", hash);
2225 printf("---------------------------------------------------------------------\n");
2228 #if SUPPORT_MOD_ORDER_DUMP
2229 void ModelChecker::dumpGraph(char *filename) {
2231 sprintf(buffer, "%s.dot",filename);
2232 FILE *file=fopen(buffer, "w");
2233 fprintf(file, "digraph %s {\n",filename);
2234 mo_graph->dumpNodes(file);
2235 ModelAction ** thread_array=(ModelAction **)model_calloc(1, sizeof(ModelAction *)*get_num_threads());
2237 for (action_list_t::iterator it = action_trace->begin(); it != action_trace->end(); it++) {
2238 ModelAction *action=*it;
2239 if (action->is_read()) {
2240 fprintf(file, "N%u [label=\"%u, T%u\"];\n", action->get_seq_number(),action->get_seq_number(), action->get_tid());
2241 if (action->get_reads_from()!=NULL)
2242 fprintf(file, "N%u -> N%u[label=\"rf\", color=red];\n", action->get_seq_number(), action->get_reads_from()->get_seq_number());
2244 if (thread_array[action->get_tid()] != NULL) {
2245 fprintf(file, "N%u -> N%u[label=\"sb\", color=blue];\n", thread_array[action->get_tid()]->get_seq_number(), action->get_seq_number());
2248 thread_array[action->get_tid()]=action;
2250 fprintf(file,"}\n");
2251 model_free(thread_array);
2256 void ModelChecker::print_summary()
2259 printf("Number of executions: %d\n", num_executions);
2260 printf("Number of feasible executions: %d\n", num_feasible_executions);
2261 printf("Total nodes created: %d\n", node_stack->get_total_nodes());
2263 #if SUPPORT_MOD_ORDER_DUMP
2265 char buffername[100];
2266 sprintf(buffername, "exec%04u", num_executions);
2267 mo_graph->dumpGraphToFile(buffername);
2268 sprintf(buffername, "graph%04u", num_executions);
2269 dumpGraph(buffername);
2272 if (!isfinalfeasible())
2273 printf("INFEASIBLE EXECUTION!\n");
2274 print_list(action_trace);
2279 * Add a Thread to the system for the first time. Should only be called once
2281 * @param t The Thread to add
2283 void ModelChecker::add_thread(Thread *t)
2285 thread_map->put(id_to_int(t->get_id()), t);
2286 scheduler->add_thread(t);
2290 * Removes a thread from the scheduler.
2291 * @param the thread to remove.
2293 void ModelChecker::remove_thread(Thread *t)
2295 scheduler->remove_thread(t);
2299 * @brief Get a Thread reference by its ID
2300 * @param tid The Thread's ID
2301 * @return A Thread reference
2303 Thread * ModelChecker::get_thread(thread_id_t tid) const
2305 return thread_map->get(id_to_int(tid));
2309 * @brief Get a reference to the Thread in which a ModelAction was executed
2310 * @param act The ModelAction
2311 * @return A Thread reference
2313 Thread * ModelChecker::get_thread(ModelAction *act) const
2315 return get_thread(act->get_tid());
2319 * @brief Check if a Thread is currently enabled
2320 * @param t The Thread to check
2321 * @return True if the Thread is currently enabled
2323 bool ModelChecker::is_enabled(Thread *t) const
2325 return scheduler->is_enabled(t);
2329 * @brief Check if a Thread is currently enabled
2330 * @param tid The ID of the Thread to check
2331 * @return True if the Thread is currently enabled
2333 bool ModelChecker::is_enabled(thread_id_t tid) const
2335 return scheduler->is_enabled(tid);
2339 * Switch from a user-context to the "master thread" context (a.k.a. system
2340 * context). This switch is made with the intention of exploring a particular
2341 * model-checking action (described by a ModelAction object). Must be called
2342 * from a user-thread context.
2344 * @param act The current action that will be explored. May be NULL only if
2345 * trace is exiting via an assertion (see ModelChecker::set_assert and
2346 * ModelChecker::has_asserted).
2347 * @return Return status from the 'swap' call (i.e., success/fail, 0/-1)
2349 int ModelChecker::switch_to_master(ModelAction *act)
2352 Thread *old = thread_current();
2353 set_current_action(act);
2354 old->set_state(THREAD_READY);
2355 return Thread::swap(old, &system_context);
2359 * Takes the next step in the execution, if possible.
2360 * @return Returns true (success) if a step was taken and false otherwise.
2362 bool ModelChecker::take_step() {
2366 Thread *curr = priv->current_action ? get_thread(priv->current_action) : NULL;
2368 if (curr->get_state() == THREAD_READY) {
2369 ASSERT(priv->current_action);
2371 priv->nextThread = check_current_action(priv->current_action);
2372 priv->current_action = NULL;
2374 if (curr->is_blocked() || curr->is_complete())
2375 scheduler->remove_thread(curr);
2380 Thread *next = scheduler->next_thread(priv->nextThread);
2382 /* Infeasible -> don't take any more steps */
2385 else if (isfeasibleprefix() && have_bug_reports()) {
2390 if (params.bound != 0) {
2391 if (priv->used_sequence_numbers > params.bound) {
2396 DEBUG("(%d, %d)\n", curr ? id_to_int(curr->get_id()) : -1,
2397 next ? id_to_int(next->get_id()) : -1);
2400 * Launch end-of-execution release sequence fixups only when there are:
2402 * (1) no more user threads to run (or when execution replay chooses
2403 * the 'model_thread')
2404 * (2) pending release sequences
2405 * (3) pending assertions (i.e., data races)
2406 * (4) no pending promises
2408 if (!pending_rel_seqs->empty() && (!next || next->is_model_thread()) &&
2409 isfinalfeasible() && !unrealizedraces.empty()) {
2410 printf("*** WARNING: release sequence fixup action (%zu pending release seuqences) ***\n",
2411 pending_rel_seqs->size());
2412 ModelAction *fixup = new ModelAction(MODEL_FIXUP_RELSEQ,
2413 std::memory_order_seq_cst, NULL, VALUE_NONE,
2415 set_current_action(fixup);
2419 /* next == NULL -> don't take any more steps */
2423 next->set_state(THREAD_RUNNING);
2425 if (next->get_pending() != NULL) {
2426 /* restart a pending action */
2427 set_current_action(next->get_pending());
2428 next->set_pending(NULL);
2429 next->set_state(THREAD_READY);
2433 /* Return false only if swap fails with an error */
2434 return (Thread::swap(&system_context, next) == 0);
2437 /** Runs the current execution until threre are no more steps to take. */
2438 void ModelChecker::finish_execution() {
2441 while (take_step());
projects / model-checker.git / blob