9 #include "snapshot-interface.h"
11 #include "clockvector.h"
12 #include "cyclegraph.h"
15 #include "threads-model.h"
18 #define INITIAL_THREAD_ID 0
23 bug_message(const char *str) {
24 const char *fmt = " [BUG] %s\n";
25 msg = (char *)snapshot_malloc(strlen(fmt) + strlen(str));
26 sprintf(msg, fmt, str);
28 ~bug_message() { if (msg) snapshot_free(msg); }
31 void print() { model_print("%s", msg); }
37 * Structure for holding small ModelChecker members that should be snapshotted
39 struct model_snapshot_members {
40 ModelAction *current_action;
41 unsigned int next_thread_id;
42 modelclock_t used_sequence_numbers;
44 ModelAction *next_backtrack;
45 std::vector< bug_message *, SnapshotAlloc<bug_message *> > bugs;
46 struct execution_stats stats;
49 /** @brief Constructor */
50 ModelChecker::ModelChecker(struct model_params params) :
51 /* Initialize default scheduler */
53 scheduler(new Scheduler()),
55 earliest_diverge(NULL),
56 action_trace(new action_list_t()),
57 thread_map(new HashTable<int, Thread *, int>()),
58 obj_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
59 lock_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
60 condvar_waiters_map(new HashTable<const void *, action_list_t *, uintptr_t, 4>()),
61 obj_thrd_map(new HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4 >()),
62 promises(new std::vector< Promise *, SnapshotAlloc<Promise *> >()),
63 futurevalues(new std::vector< struct PendingFutureValue, SnapshotAlloc<struct PendingFutureValue> >()),
64 pending_rel_seqs(new std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >()),
65 thrd_last_action(new std::vector< ModelAction *, SnapshotAlloc<ModelAction *> >(1)),
66 node_stack(new NodeStack()),
67 mo_graph(new CycleGraph()),
68 failed_promise(false),
69 too_many_reads(false),
71 bad_synchronization(false)
73 /* Allocate this "size" on the snapshotting heap */
74 priv = (struct model_snapshot_members *)snapshot_calloc(1, sizeof(*priv));
75 /* First thread created will have id INITIAL_THREAD_ID */
76 priv->next_thread_id = INITIAL_THREAD_ID;
78 /* Initialize a model-checker thread, for special ModelActions */
79 model_thread = new Thread(get_next_id());
80 thread_map->put(id_to_int(model_thread->get_id()), model_thread);
83 /** @brief Destructor */
84 ModelChecker::~ModelChecker()
86 for (unsigned int i = 0; i < get_num_threads(); i++)
87 delete thread_map->get(i);
92 delete lock_waiters_map;
93 delete condvar_waiters_map;
96 for (unsigned int i = 0; i < promises->size(); i++)
97 delete (*promises)[i];
100 delete pending_rel_seqs;
102 delete thrd_last_action;
107 for (unsigned int i = 0; i < priv->bugs.size(); i++)
108 delete priv->bugs[i];
113 static action_list_t * get_safe_ptr_action(HashTable<const void *, action_list_t *, uintptr_t, 4> * hash, void * ptr) {
114 action_list_t * tmp=hash->get(ptr);
116 tmp=new action_list_t();
122 static std::vector<action_list_t> * get_safe_ptr_vect_action(HashTable<void *, std::vector<action_list_t> *, uintptr_t, 4> * hash, void * ptr) {
123 std::vector<action_list_t> * tmp=hash->get(ptr);
125 tmp=new std::vector<action_list_t>();
132 * Restores user program to initial state and resets all model-checker data
135 void ModelChecker::reset_to_initial_state()
137 DEBUG("+++ Resetting to initial state +++\n");
138 node_stack->reset_execution();
139 failed_promise = false;
140 too_many_reads = false;
141 bad_synchronization = false;
144 /* Print all model-checker output before rollback */
147 snapshotObject->backTrackBeforeStep(0);
150 /** @return a thread ID for a new Thread */
151 thread_id_t ModelChecker::get_next_id()
153 return priv->next_thread_id++;
156 /** @return the number of user threads created during this execution */
157 unsigned int ModelChecker::get_num_threads() const
159 return priv->next_thread_id;
162 /** @return The currently executing Thread. */
163 Thread * ModelChecker::get_current_thread()
165 return scheduler->get_current_thread();
168 /** @return a sequence number for a new ModelAction */
169 modelclock_t ModelChecker::get_next_seq_num()
171 return ++priv->used_sequence_numbers;
174 Node * ModelChecker::get_curr_node() {
175 return node_stack->get_head();
179 * @brief Choose the next thread to execute.
181 * This function chooses the next thread that should execute. It can force the
182 * adjacency of read/write portions of a RMW action, force THREAD_CREATE to be
183 * followed by a THREAD_START, or it can enforce execution replay/backtracking.
184 * The model-checker may have no preference regarding the next thread (i.e.,
185 * when exploring a new execution ordering), in which case this will return
187 * @param curr The current ModelAction. This action might guide the choice of
189 * @return The next thread to run. If the model-checker has no preference, NULL.
191 Thread * ModelChecker::get_next_thread(ModelAction *curr)
196 /* Do not split atomic actions. */
198 return thread_current();
199 /* The THREAD_CREATE action points to the created Thread */
200 else if (curr->get_type() == THREAD_CREATE)
201 return (Thread *)curr->get_location();
204 /* Have we completed exploring the preselected path? */
208 /* Else, we are trying to replay an execution */
209 ModelAction *next = node_stack->get_next()->get_action();
211 if (next == diverge) {
212 if (earliest_diverge == NULL || *diverge < *earliest_diverge)
213 earliest_diverge=diverge;
215 Node *nextnode = next->get_node();
216 Node *prevnode = nextnode->get_parent();
217 scheduler->update_sleep_set(prevnode);
219 /* Reached divergence point */
220 if (nextnode->increment_misc()) {
221 /* The next node will try to satisfy a different misc_index values. */
222 tid = next->get_tid();
223 node_stack->pop_restofstack(2);
224 } else if (nextnode->increment_promise()) {
225 /* The next node will try to satisfy a different set of promises. */
226 tid = next->get_tid();
227 node_stack->pop_restofstack(2);
228 } else if (nextnode->increment_read_from()) {
229 /* The next node will read from a different value. */
230 tid = next->get_tid();
231 node_stack->pop_restofstack(2);
232 } else if (nextnode->increment_future_value()) {
233 /* The next node will try to read from a different future value. */
234 tid = next->get_tid();
235 node_stack->pop_restofstack(2);
236 } else if (nextnode->increment_relseq_break()) {
237 /* The next node will try to resolve a release sequence differently */
238 tid = next->get_tid();
239 node_stack->pop_restofstack(2);
241 /* Make a different thread execute for next step */
242 scheduler->add_sleep(thread_map->get(id_to_int(next->get_tid())));
243 tid = prevnode->get_next_backtrack();
244 /* Make sure the backtracked thread isn't sleeping. */
245 node_stack->pop_restofstack(1);
246 if (diverge==earliest_diverge) {
247 earliest_diverge=prevnode->get_action();
250 /* The correct sleep set is in the parent node. */
253 DEBUG("*** Divergence point ***\n");
257 tid = next->get_tid();
259 DEBUG("*** ModelChecker chose next thread = %d ***\n", id_to_int(tid));
260 ASSERT(tid != THREAD_ID_T_NONE);
261 return thread_map->get(id_to_int(tid));
265 * We need to know what the next actions of all threads in the sleep
266 * set will be. This method computes them and stores the actions at
267 * the corresponding thread object's pending action.
270 void ModelChecker::execute_sleep_set() {
271 for(unsigned int i=0;i<get_num_threads();i++) {
272 thread_id_t tid=int_to_id(i);
273 Thread *thr=get_thread(tid);
274 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET &&
275 thr->get_pending() == NULL ) {
276 thr->set_state(THREAD_RUNNING);
277 scheduler->next_thread(thr);
278 Thread::swap(&system_context, thr);
279 priv->current_action->set_sleep_flag();
280 thr->set_pending(priv->current_action);
283 priv->current_action = NULL;
286 void ModelChecker::wake_up_sleeping_actions(ModelAction * curr) {
287 for(unsigned int i=0;i<get_num_threads();i++) {
288 thread_id_t tid=int_to_id(i);
289 Thread *thr=get_thread(tid);
290 if ( scheduler->get_enabled(thr) == THREAD_SLEEP_SET ) {
291 ModelAction *pending_act=thr->get_pending();
292 if ((!curr->is_rmwr())&&pending_act->could_synchronize_with(curr)) {
293 //Remove this thread from sleep set
294 scheduler->remove_sleep(thr);
301 * Check if we are in a deadlock. Should only be called at the end of an
302 * execution, although it should not give false positives in the middle of an
303 * execution (there should be some ENABLED thread).
305 * @return True if program is in a deadlock; false otherwise
307 bool ModelChecker::is_deadlocked() const
309 bool blocking_threads = false;
310 for (unsigned int i = 0; i < get_num_threads(); i++) {
311 thread_id_t tid = int_to_id(i);
314 Thread *t = get_thread(tid);
315 if (!t->is_model_thread() && t->get_pending())
316 blocking_threads = true;
318 return blocking_threads;
322 * Check if this is a complete execution. That is, have all thread completed
323 * execution (rather than exiting because sleep sets have forced a redundant
326 * @return True if the execution is complete.
328 bool ModelChecker::is_complete_execution() const
330 for (unsigned int i = 0; i < get_num_threads(); i++)
331 if (is_enabled(int_to_id(i)))
337 * @brief Assert a bug in the executing program.
339 * Use this function to assert any sort of bug in the user program. If the
340 * current trace is feasible (actually, a prefix of some feasible execution),
341 * then this execution will be aborted, printing the appropriate message. If
342 * the current trace is not yet feasible, the error message will be stashed and
343 * printed if the execution ever becomes feasible.
345 * @param msg Descriptive message for the bug (do not include newline char)
346 * @return True if bug is immediately-feasible
348 bool ModelChecker::assert_bug(const char *msg)
350 priv->bugs.push_back(new bug_message(msg));
352 if (isfeasibleprefix()) {
360 * @brief Assert a bug in the executing program, asserted by a user thread
361 * @see ModelChecker::assert_bug
362 * @param msg Descriptive message for the bug (do not include newline char)
364 void ModelChecker::assert_user_bug(const char *msg)
366 /* If feasible bug, bail out now */
368 switch_to_master(NULL);
371 /** @return True, if any bugs have been reported for this execution */
372 bool ModelChecker::have_bug_reports() const
374 return priv->bugs.size() != 0;
377 /** @brief Print bug report listing for this execution (if any bugs exist) */
378 void ModelChecker::print_bugs() const
380 if (have_bug_reports()) {
381 model_print("Bug report: %zu bug%s detected\n",
383 priv->bugs.size() > 1 ? "s" : "");
384 for (unsigned int i = 0; i < priv->bugs.size(); i++)
385 priv->bugs[i]->print();
390 * @brief Record end-of-execution stats
392 * Must be run when exiting an execution. Records various stats.
393 * @see struct execution_stats
395 void ModelChecker::record_stats()
398 if (!isfinalfeasible())
399 stats.num_infeasible++;
400 else if (have_bug_reports())
401 stats.num_buggy_executions++;
402 else if (is_complete_execution())
403 stats.num_complete++;
405 stats.num_redundant++;
408 /** @brief Print execution stats */
409 void ModelChecker::print_stats() const
411 model_print("Number of complete, bug-free executions: %d\n", stats.num_complete);
412 model_print("Number of redundant executions: %d\n", stats.num_redundant);
413 model_print("Number of buggy executions: %d\n", stats.num_buggy_executions);
414 model_print("Number of infeasible executions: %d\n", stats.num_infeasible);
415 model_print("Total executions: %d\n", stats.num_total);
416 model_print("Total nodes created: %d\n", node_stack->get_total_nodes());
420 * @brief End-of-exeuction print
421 * @param printbugs Should any existing bugs be printed?
423 void ModelChecker::print_execution(bool printbugs) const
425 print_program_output();
427 if (DBG_ENABLED() || params.verbose) {
428 model_print("Earliest divergence point since last feasible execution:\n");
429 if (earliest_diverge)
430 earliest_diverge->print();
432 model_print("(Not set)\n");
438 /* Don't print invalid bugs */
447 * Queries the model-checker for more executions to explore and, if one
448 * exists, resets the model-checker state to execute a new execution.
450 * @return If there are more executions to explore, return true. Otherwise,
453 bool ModelChecker::next_execution()
456 /* Is this execution a feasible execution that's worth bug-checking? */
457 bool complete = isfinalfeasible() && (is_complete_execution() ||
460 /* End-of-execution bug checks */
463 assert_bug("Deadlock detected");
471 if (DBG_ENABLED() || params.verbose || have_bug_reports())
472 print_execution(complete);
474 clear_program_output();
477 earliest_diverge = NULL;
479 if ((diverge = get_next_backtrack()) == NULL)
483 model_print("Next execution will diverge at:\n");
487 reset_to_initial_state();
491 ModelAction * ModelChecker::get_last_conflict(ModelAction *act)
493 switch (act->get_type()) {
497 /* linear search: from most recent to oldest */
498 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
499 action_list_t::reverse_iterator rit;
500 for (rit = list->rbegin(); rit != list->rend(); rit++) {
501 ModelAction *prev = *rit;
502 if (prev->could_synchronize_with(act))
508 case ATOMIC_TRYLOCK: {
509 /* linear search: from most recent to oldest */
510 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
511 action_list_t::reverse_iterator rit;
512 for (rit = list->rbegin(); rit != list->rend(); rit++) {
513 ModelAction *prev = *rit;
514 if (act->is_conflicting_lock(prev))
519 case ATOMIC_UNLOCK: {
520 /* linear search: from most recent to oldest */
521 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
522 action_list_t::reverse_iterator rit;
523 for (rit = list->rbegin(); rit != list->rend(); rit++) {
524 ModelAction *prev = *rit;
525 if (!act->same_thread(prev)&&prev->is_failed_trylock())
531 /* linear search: from most recent to oldest */
532 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
533 action_list_t::reverse_iterator rit;
534 for (rit = list->rbegin(); rit != list->rend(); rit++) {
535 ModelAction *prev = *rit;
536 if (!act->same_thread(prev)&&prev->is_failed_trylock())
538 if (!act->same_thread(prev)&&prev->is_notify())
544 case ATOMIC_NOTIFY_ALL:
545 case ATOMIC_NOTIFY_ONE: {
546 /* linear search: from most recent to oldest */
547 action_list_t *list = get_safe_ptr_action(obj_map, act->get_location());
548 action_list_t::reverse_iterator rit;
549 for (rit = list->rbegin(); rit != list->rend(); rit++) {
550 ModelAction *prev = *rit;
551 if (!act->same_thread(prev)&&prev->is_wait())
562 /** This method finds backtracking points where we should try to
563 * reorder the parameter ModelAction against.
565 * @param the ModelAction to find backtracking points for.
567 void ModelChecker::set_backtracking(ModelAction *act)
569 Thread *t = get_thread(act);
570 ModelAction * prev = get_last_conflict(act);
574 Node * node = prev->get_node()->get_parent();
576 int low_tid, high_tid;
577 if (node->is_enabled(t)) {
578 low_tid = id_to_int(act->get_tid());
579 high_tid = low_tid+1;
582 high_tid = get_num_threads();
585 for(int i = low_tid; i < high_tid; i++) {
586 thread_id_t tid = int_to_id(i);
588 /* Make sure this thread can be enabled here. */
589 if (i >= node->get_num_threads())
592 /* Don't backtrack into a point where the thread is disabled or sleeping. */
593 if (node->enabled_status(tid)!=THREAD_ENABLED)
596 /* Check if this has been explored already */
597 if (node->has_been_explored(tid))
600 /* See if fairness allows */
601 if (model->params.fairwindow != 0 && !node->has_priority(tid)) {
603 for(int t=0;t<node->get_num_threads();t++) {
604 thread_id_t tother=int_to_id(t);
605 if (node->is_enabled(tother) && node->has_priority(tother)) {
613 /* Cache the latest backtracking point */
614 if (!priv->next_backtrack || *prev > *priv->next_backtrack)
615 priv->next_backtrack = prev;
617 /* If this is a new backtracking point, mark the tree */
618 if (!node->set_backtrack(tid))
620 DEBUG("Setting backtrack: conflict = %d, instead tid = %d\n",
621 id_to_int(prev->get_tid()),
622 id_to_int(t->get_id()));
631 * Returns last backtracking point. The model checker will explore a different
632 * path for this point in the next execution.
633 * @return The ModelAction at which the next execution should diverge.
635 ModelAction * ModelChecker::get_next_backtrack()
637 ModelAction *next = priv->next_backtrack;
638 priv->next_backtrack = NULL;
643 * Processes a read or rmw model action.
644 * @param curr is the read model action to process.
645 * @param second_part_of_rmw is boolean that is true is this is the second action of a rmw.
646 * @return True if processing this read updates the mo_graph.
648 bool ModelChecker::process_read(ModelAction *curr, bool second_part_of_rmw)
650 uint64_t value = VALUE_NONE;
651 bool updated = false;
653 const ModelAction *reads_from = curr->get_node()->get_read_from();
654 if (reads_from != NULL) {
655 mo_graph->startChanges();
657 value = reads_from->get_value();
658 bool r_status = false;
660 if (!second_part_of_rmw) {
661 check_recency(curr, reads_from);
662 r_status = r_modification_order(curr, reads_from);
666 if (!second_part_of_rmw&&!isfeasible()&&(curr->get_node()->increment_read_from()||curr->get_node()->increment_future_value())) {
667 mo_graph->rollbackChanges();
668 too_many_reads = false;
672 curr->read_from(reads_from);
673 mo_graph->commitChanges();
674 mo_check_promises(curr->get_tid(), reads_from);
677 } else if (!second_part_of_rmw) {
678 /* Read from future value */
679 value = curr->get_node()->get_future_value();
680 modelclock_t expiration = curr->get_node()->get_future_value_expiration();
681 curr->read_from(NULL);
682 Promise *valuepromise = new Promise(curr, value, expiration);
683 promises->push_back(valuepromise);
685 get_thread(curr)->set_return_value(value);
691 * Processes a lock, trylock, or unlock model action. @param curr is
692 * the read model action to process.
694 * The try lock operation checks whether the lock is taken. If not,
695 * it falls to the normal lock operation case. If so, it returns
698 * The lock operation has already been checked that it is enabled, so
699 * it just grabs the lock and synchronizes with the previous unlock.
701 * The unlock operation has to re-enable all of the threads that are
702 * waiting on the lock.
704 * @return True if synchronization was updated; false otherwise
706 bool ModelChecker::process_mutex(ModelAction *curr) {
707 std::mutex *mutex=NULL;
708 struct std::mutex_state *state=NULL;
710 if (curr->is_trylock() || curr->is_lock() || curr->is_unlock()) {
711 mutex = (std::mutex *)curr->get_location();
712 state = mutex->get_state();
713 } else if(curr->is_wait()) {
714 mutex = (std::mutex *)curr->get_value();
715 state = mutex->get_state();
718 switch (curr->get_type()) {
719 case ATOMIC_TRYLOCK: {
720 bool success = !state->islocked;
721 curr->set_try_lock(success);
723 get_thread(curr)->set_return_value(0);
726 get_thread(curr)->set_return_value(1);
728 //otherwise fall into the lock case
730 if (curr->get_cv()->getClock(state->alloc_tid) <= state->alloc_clock)
731 assert_bug("Lock access before initialization");
732 state->islocked = true;
733 ModelAction *unlock = get_last_unlock(curr);
734 //synchronize with the previous unlock statement
735 if (unlock != NULL) {
736 curr->synchronize_with(unlock);
741 case ATOMIC_UNLOCK: {
743 state->islocked = false;
744 //wake up the other threads
745 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, curr->get_location());
746 //activate all the waiting threads
747 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
748 scheduler->wake(get_thread(*rit));
755 state->islocked = false;
756 //wake up the other threads
757 action_list_t *waiters = get_safe_ptr_action(lock_waiters_map, (void *) curr->get_value());
758 //activate all the waiting threads
759 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
760 scheduler->wake(get_thread(*rit));
763 //check whether we should go to sleep or not...simulate spurious failures
764 if (curr->get_node()->get_misc()==0) {
765 get_safe_ptr_action(condvar_waiters_map, curr->get_location())->push_back(curr);
767 scheduler->sleep(get_current_thread());
771 case ATOMIC_NOTIFY_ALL: {
772 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
773 //activate all the waiting threads
774 for (action_list_t::iterator rit = waiters->begin(); rit != waiters->end(); rit++) {
775 scheduler->wake(get_thread(*rit));
780 case ATOMIC_NOTIFY_ONE: {
781 action_list_t *waiters = get_safe_ptr_action(condvar_waiters_map, curr->get_location());
782 int wakeupthread=curr->get_node()->get_misc();
783 action_list_t::iterator it = waiters->begin();
784 advance(it, wakeupthread);
785 scheduler->wake(get_thread(*it));
797 * Process a write ModelAction
798 * @param curr The ModelAction to process
799 * @return True if the mo_graph was updated or promises were resolved
801 bool ModelChecker::process_write(ModelAction *curr)
803 bool updated_mod_order = w_modification_order(curr);
804 bool updated_promises = resolve_promises(curr);
806 if (promises->size() == 0) {
807 for (unsigned int i = 0; i < futurevalues->size(); i++) {
808 struct PendingFutureValue pfv = (*futurevalues)[i];
809 //Do more ambitious checks now that mo is more complete
810 if (mo_may_allow(pfv.writer, pfv.act)&&
811 pfv.act->get_node()->add_future_value(pfv.writer->get_value(), pfv.writer->get_seq_number()+params.maxfuturedelay) &&
812 (!priv->next_backtrack || *pfv.act > *priv->next_backtrack))
813 priv->next_backtrack = pfv.act;
815 futurevalues->resize(0);
818 mo_graph->commitChanges();
819 mo_check_promises(curr->get_tid(), curr);
821 get_thread(curr)->set_return_value(VALUE_NONE);
822 return updated_mod_order || updated_promises;
826 * @brief Process the current action for thread-related activity
828 * Performs current-action processing for a THREAD_* ModelAction. Proccesses
829 * may include setting Thread status, completing THREAD_FINISH/THREAD_JOIN
830 * synchronization, etc. This function is a no-op for non-THREAD actions
831 * (e.g., ATOMIC_{READ,WRITE,RMW,LOCK}, etc.)
833 * @param curr The current action
834 * @return True if synchronization was updated or a thread completed
836 bool ModelChecker::process_thread_action(ModelAction *curr)
838 bool updated = false;
840 switch (curr->get_type()) {
841 case THREAD_CREATE: {
842 Thread *th = (Thread *)curr->get_location();
843 th->set_creation(curr);
847 Thread *blocking = (Thread *)curr->get_location();
848 ModelAction *act = get_last_action(blocking->get_id());
849 curr->synchronize_with(act);
850 updated = true; /* trigger rel-seq checks */
853 case THREAD_FINISH: {
854 Thread *th = get_thread(curr);
855 while (!th->wait_list_empty()) {
856 ModelAction *act = th->pop_wait_list();
857 scheduler->wake(get_thread(act));
860 updated = true; /* trigger rel-seq checks */
864 check_promises(curr->get_tid(), NULL, curr->get_cv());
875 * @brief Process the current action for release sequence fixup activity
877 * Performs model-checker release sequence fixups for the current action,
878 * forcing a single pending release sequence to break (with a given, potential
879 * "loose" write) or to complete (i.e., synchronize). If a pending release
880 * sequence forms a complete release sequence, then we must perform the fixup
881 * synchronization, mo_graph additions, etc.
883 * @param curr The current action; must be a release sequence fixup action
884 * @param work_queue The work queue to which to add work items as they are
887 void ModelChecker::process_relseq_fixup(ModelAction *curr, work_queue_t *work_queue)
889 const ModelAction *write = curr->get_node()->get_relseq_break();
890 struct release_seq *sequence = pending_rel_seqs->back();
891 pending_rel_seqs->pop_back();
893 ModelAction *acquire = sequence->acquire;
894 const ModelAction *rf = sequence->rf;
895 const ModelAction *release = sequence->release;
899 ASSERT(release->same_thread(rf));
903 * @todo Forcing a synchronization requires that we set
904 * modification order constraints. For instance, we can't allow
905 * a fixup sequence in which two separate read-acquire
906 * operations read from the same sequence, where the first one
907 * synchronizes and the other doesn't. Essentially, we can't
908 * allow any writes to insert themselves between 'release' and
912 /* Must synchronize */
913 if (!acquire->synchronize_with(release)) {
914 set_bad_synchronization();
917 /* Re-check all pending release sequences */
918 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
919 /* Re-check act for mo_graph edges */
920 work_queue->push_back(MOEdgeWorkEntry(acquire));
922 /* propagate synchronization to later actions */
923 action_list_t::reverse_iterator rit = action_trace->rbegin();
924 for (; (*rit) != acquire; rit++) {
925 ModelAction *propagate = *rit;
926 if (acquire->happens_before(propagate)) {
927 propagate->synchronize_with(acquire);
928 /* Re-check 'propagate' for mo_graph edges */
929 work_queue->push_back(MOEdgeWorkEntry(propagate));
933 /* Break release sequence with new edges:
934 * release --mo--> write --mo--> rf */
935 mo_graph->addEdge(release, write);
936 mo_graph->addEdge(write, rf);
939 /* See if we have realized a data race */
944 * Initialize the current action by performing one or more of the following
945 * actions, as appropriate: merging RMWR and RMWC/RMW actions, stepping forward
946 * in the NodeStack, manipulating backtracking sets, allocating and
947 * initializing clock vectors, and computing the promises to fulfill.
949 * @param curr The current action, as passed from the user context; may be
950 * freed/invalidated after the execution of this function, with a different
951 * action "returned" its place (pass-by-reference)
952 * @return True if curr is a newly-explored action; false otherwise
954 bool ModelChecker::initialize_curr_action(ModelAction **curr)
956 ModelAction *newcurr;
958 if ((*curr)->is_rmwc() || (*curr)->is_rmw()) {
959 newcurr = process_rmw(*curr);
962 if (newcurr->is_rmw())
963 compute_promises(newcurr);
969 (*curr)->set_seq_number(get_next_seq_num());
971 newcurr = node_stack->explore_action(*curr, scheduler->get_enabled());
973 /* First restore type and order in case of RMW operation */
974 if ((*curr)->is_rmwr())
975 newcurr->copy_typeandorder(*curr);
977 ASSERT((*curr)->get_location() == newcurr->get_location());
978 newcurr->copy_from_new(*curr);
980 /* Discard duplicate ModelAction; use action from NodeStack */
983 /* Always compute new clock vector */
984 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
987 return false; /* Action was explored previously */
991 /* Always compute new clock vector */
992 newcurr->create_cv(get_parent_action(newcurr->get_tid()));
994 * Perform one-time actions when pushing new ModelAction onto
997 if (newcurr->is_write())
998 compute_promises(newcurr);
999 else if (newcurr->is_relseq_fixup())
1000 compute_relseq_breakwrites(newcurr);
1001 else if (newcurr->is_wait())
1002 newcurr->get_node()->set_misc_max(2);
1003 else if (newcurr->is_notify_one()) {
1004 newcurr->get_node()->set_misc_max(get_safe_ptr_action(condvar_waiters_map, newcurr->get_location())->size());
1006 return true; /* This was a new ModelAction */
1011 * @brief Check whether a model action is enabled.
1013 * Checks whether a lock or join operation would be successful (i.e., is the
1014 * lock already locked, or is the joined thread already complete). If not, put
1015 * the action in a waiter list.
1017 * @param curr is the ModelAction to check whether it is enabled.
1018 * @return a bool that indicates whether the action is enabled.
1020 bool ModelChecker::check_action_enabled(ModelAction *curr) {
1021 if (curr->is_lock()) {
1022 std::mutex * lock = (std::mutex *)curr->get_location();
1023 struct std::mutex_state * state = lock->get_state();
1024 if (state->islocked) {
1025 //Stick the action in the appropriate waiting queue
1026 get_safe_ptr_action(lock_waiters_map, curr->get_location())->push_back(curr);
1029 } else if (curr->get_type() == THREAD_JOIN) {
1030 Thread *blocking = (Thread *)curr->get_location();
1031 if (!blocking->is_complete()) {
1032 blocking->push_wait_list(curr);
1041 * Stores the ModelAction for the current thread action. Call this
1042 * immediately before switching from user- to system-context to pass
1043 * data between them.
1044 * @param act The ModelAction created by the user-thread action
1046 void ModelChecker::set_current_action(ModelAction *act) {
1047 priv->current_action = act;
1051 * This is the heart of the model checker routine. It performs model-checking
1052 * actions corresponding to a given "current action." Among other processes, it
1053 * calculates reads-from relationships, updates synchronization clock vectors,
1054 * forms a memory_order constraints graph, and handles replay/backtrack
1055 * execution when running permutations of previously-observed executions.
1057 * @param curr The current action to process
1058 * @return The next Thread that must be executed. May be NULL if ModelChecker
1059 * makes no choice (e.g., according to replay execution, combining RMW actions,
1062 Thread * ModelChecker::check_current_action(ModelAction *curr)
1065 bool second_part_of_rmw = curr->is_rmwc() || curr->is_rmw();
1067 if (!check_action_enabled(curr)) {
1068 /* Make the execution look like we chose to run this action
1069 * much later, when a lock/join can succeed */
1070 get_current_thread()->set_pending(curr);
1071 scheduler->sleep(get_current_thread());
1072 return get_next_thread(NULL);
1075 bool newly_explored = initialize_curr_action(&curr);
1077 wake_up_sleeping_actions(curr);
1079 /* Add the action to lists before any other model-checking tasks */
1080 if (!second_part_of_rmw)
1081 add_action_to_lists(curr);
1083 /* Build may_read_from set for newly-created actions */
1084 if (newly_explored && curr->is_read())
1085 build_reads_from_past(curr);
1087 /* Initialize work_queue with the "current action" work */
1088 work_queue_t work_queue(1, CheckCurrWorkEntry(curr));
1089 while (!work_queue.empty() && !has_asserted()) {
1090 WorkQueueEntry work = work_queue.front();
1091 work_queue.pop_front();
1093 switch (work.type) {
1094 case WORK_CHECK_CURR_ACTION: {
1095 ModelAction *act = work.action;
1096 bool update = false; /* update this location's release seq's */
1097 bool update_all = false; /* update all release seq's */
1099 if (process_thread_action(curr))
1102 if (act->is_read() && process_read(act, second_part_of_rmw))
1105 if (act->is_write() && process_write(act))
1108 if (act->is_mutex_op() && process_mutex(act))
1111 if (act->is_relseq_fixup())
1112 process_relseq_fixup(curr, &work_queue);
1115 work_queue.push_back(CheckRelSeqWorkEntry(NULL));
1117 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1120 case WORK_CHECK_RELEASE_SEQ:
1121 resolve_release_sequences(work.location, &work_queue);
1123 case WORK_CHECK_MO_EDGES: {
1124 /** @todo Complete verification of work_queue */
1125 ModelAction *act = work.action;
1126 bool updated = false;
1128 if (act->is_read()) {
1129 const ModelAction *rf = act->get_reads_from();
1130 if (rf != NULL && r_modification_order(act, rf))
1133 if (act->is_write()) {
1134 if (w_modification_order(act))
1137 mo_graph->commitChanges();
1140 work_queue.push_back(CheckRelSeqWorkEntry(act->get_location()));
1149 check_curr_backtracking(curr);
1150 set_backtracking(curr);
1151 return get_next_thread(curr);
1154 void ModelChecker::check_curr_backtracking(ModelAction * curr) {
1155 Node *currnode = curr->get_node();
1156 Node *parnode = currnode->get_parent();
1158 if ((!parnode->backtrack_empty() ||
1159 !currnode->misc_empty() ||
1160 !currnode->read_from_empty() ||
1161 !currnode->future_value_empty() ||
1162 !currnode->promise_empty() ||
1163 !currnode->relseq_break_empty())
1164 && (!priv->next_backtrack ||
1165 *curr > *priv->next_backtrack)) {
1166 priv->next_backtrack = curr;
1170 bool ModelChecker::promises_expired() const
1172 for (unsigned int promise_index = 0; promise_index < promises->size(); promise_index++) {
1173 Promise *promise = (*promises)[promise_index];
1174 if (promise->get_expiration()<priv->used_sequence_numbers) {
1181 /** @return whether the current partial trace must be a prefix of a
1182 * feasible trace. */
1183 bool ModelChecker::isfeasibleprefix() const
1185 return promises->size() == 0 && pending_rel_seqs->size() == 0 && isfeasible();
1188 /** @return whether the current partial trace is feasible. */
1189 bool ModelChecker::isfeasible() const
1191 if (DBG_ENABLED() && mo_graph->checkForRMWViolation())
1192 DEBUG("Infeasible: RMW violation\n");
1194 return !mo_graph->checkForRMWViolation() && isfeasibleotherthanRMW();
1197 /** @return whether the current partial trace is feasible other than
1198 * multiple RMW reading from the same store. */
1199 bool ModelChecker::isfeasibleotherthanRMW() const
1201 if (DBG_ENABLED()) {
1202 if (mo_graph->checkForCycles())
1203 DEBUG("Infeasible: modification order cycles\n");
1205 DEBUG("Infeasible: failed promise\n");
1207 DEBUG("Infeasible: too many reads\n");
1208 if (bad_synchronization)
1209 DEBUG("Infeasible: bad synchronization ordering\n");
1210 if (promises_expired())
1211 DEBUG("Infeasible: promises expired\n");
1213 return !mo_graph->checkForCycles() && !failed_promise && !too_many_reads && !bad_synchronization && !promises_expired();
1216 /** Returns whether the current completed trace is feasible. */
1217 bool ModelChecker::isfinalfeasible() const
1219 if (DBG_ENABLED() && promises->size() != 0)
1220 DEBUG("Infeasible: unrevolved promises\n");
1222 return isfeasible() && promises->size() == 0;
1225 /** Close out a RMWR by converting previous RMWR into a RMW or READ. */
1226 ModelAction * ModelChecker::process_rmw(ModelAction *act) {
1227 ModelAction *lastread = get_last_action(act->get_tid());
1228 lastread->process_rmw(act);
1229 if (act->is_rmw() && lastread->get_reads_from()!=NULL) {
1230 mo_graph->addRMWEdge(lastread->get_reads_from(), lastread);
1231 mo_graph->commitChanges();
1237 * Checks whether a thread has read from the same write for too many times
1238 * without seeing the effects of a later write.
1241 * 1) there must a different write that we could read from that would satisfy the modification order,
1242 * 2) we must have read from the same value in excess of maxreads times, and
1243 * 3) that other write must have been in the reads_from set for maxreads times.
1245 * If so, we decide that the execution is no longer feasible.
1247 void ModelChecker::check_recency(ModelAction *curr, const ModelAction *rf) {
1248 if (params.maxreads != 0) {
1250 if (curr->get_node()->get_read_from_size() <= 1)
1252 //Must make sure that execution is currently feasible... We could
1253 //accidentally clear by rolling back
1256 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1257 int tid = id_to_int(curr->get_tid());
1260 if ((int)thrd_lists->size() <= tid)
1262 action_list_t *list = &(*thrd_lists)[tid];
1264 action_list_t::reverse_iterator rit = list->rbegin();
1265 /* Skip past curr */
1266 for (; (*rit) != curr; rit++)
1268 /* go past curr now */
1271 action_list_t::reverse_iterator ritcopy = rit;
1272 //See if we have enough reads from the same value
1274 for (; count < params.maxreads; rit++,count++) {
1275 if (rit==list->rend())
1277 ModelAction *act = *rit;
1278 if (!act->is_read())
1281 if (act->get_reads_from() != rf)
1283 if (act->get_node()->get_read_from_size() <= 1)
1286 for (int i = 0; i<curr->get_node()->get_read_from_size(); i++) {
1288 const ModelAction * write = curr->get_node()->get_read_from_at(i);
1290 //Need a different write
1294 /* Test to see whether this is a feasible write to read from*/
1295 mo_graph->startChanges();
1296 r_modification_order(curr, write);
1297 bool feasiblereadfrom = isfeasible();
1298 mo_graph->rollbackChanges();
1300 if (!feasiblereadfrom)
1304 bool feasiblewrite = true;
1305 //new we need to see if this write works for everyone
1307 for (int loop = count; loop>0; loop--,rit++) {
1308 ModelAction *act=*rit;
1309 bool foundvalue = false;
1310 for (int j = 0; j<act->get_node()->get_read_from_size(); j++) {
1311 if (act->get_node()->get_read_from_at(j)==write) {
1317 feasiblewrite = false;
1321 if (feasiblewrite) {
1322 too_many_reads = true;
1330 * Updates the mo_graph with the constraints imposed from the current
1333 * Basic idea is the following: Go through each other thread and find
1334 * the lastest action that happened before our read. Two cases:
1336 * (1) The action is a write => that write must either occur before
1337 * the write we read from or be the write we read from.
1339 * (2) The action is a read => the write that that action read from
1340 * must occur before the write we read from or be the same write.
1342 * @param curr The current action. Must be a read.
1343 * @param rf The action that curr reads from. Must be a write.
1344 * @return True if modification order edges were added; false otherwise
1346 bool ModelChecker::r_modification_order(ModelAction *curr, const ModelAction *rf)
1348 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1351 ASSERT(curr->is_read());
1353 /* Iterate over all threads */
1354 for (i = 0; i < thrd_lists->size(); i++) {
1355 /* Iterate over actions in thread, starting from most recent */
1356 action_list_t *list = &(*thrd_lists)[i];
1357 action_list_t::reverse_iterator rit;
1358 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1359 ModelAction *act = *rit;
1362 * Include at most one act per-thread that "happens
1363 * before" curr. Don't consider reflexively.
1365 if (act->happens_before(curr) && act != curr) {
1366 if (act->is_write()) {
1368 mo_graph->addEdge(act, rf);
1372 const ModelAction *prevreadfrom = act->get_reads_from();
1373 //if the previous read is unresolved, keep going...
1374 if (prevreadfrom == NULL)
1377 if (rf != prevreadfrom) {
1378 mo_graph->addEdge(prevreadfrom, rf);
1390 /** This method fixes up the modification order when we resolve a
1391 * promises. The basic problem is that actions that occur after the
1392 * read curr could not property add items to the modification order
1395 * So for each thread, we find the earliest item that happens after
1396 * the read curr. This is the item we have to fix up with additional
1397 * constraints. If that action is write, we add a MO edge between
1398 * the Action rf and that action. If the action is a read, we add a
1399 * MO edge between the Action rf, and whatever the read accessed.
1401 * @param curr is the read ModelAction that we are fixing up MO edges for.
1402 * @param rf is the write ModelAction that curr reads from.
1405 void ModelChecker::post_r_modification_order(ModelAction *curr, const ModelAction *rf)
1407 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1409 ASSERT(curr->is_read());
1411 /* Iterate over all threads */
1412 for (i = 0; i < thrd_lists->size(); i++) {
1413 /* Iterate over actions in thread, starting from most recent */
1414 action_list_t *list = &(*thrd_lists)[i];
1415 action_list_t::reverse_iterator rit;
1416 ModelAction *lastact = NULL;
1418 /* Find last action that happens after curr that is either not curr or a rmw */
1419 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1420 ModelAction *act = *rit;
1421 if (curr->happens_before(act) && (curr != act || curr->is_rmw())) {
1427 /* Include at most one act per-thread that "happens before" curr */
1428 if (lastact != NULL) {
1429 if (lastact==curr) {
1430 //Case 1: The resolved read is a RMW, and we need to make sure
1431 //that the write portion of the RMW mod order after rf
1433 mo_graph->addEdge(rf, lastact);
1434 } else if (lastact->is_read()) {
1435 //Case 2: The resolved read is a normal read and the next
1436 //operation is a read, and we need to make sure the value read
1437 //is mod ordered after rf
1439 const ModelAction *postreadfrom = lastact->get_reads_from();
1440 if (postreadfrom != NULL&&rf != postreadfrom)
1441 mo_graph->addEdge(rf, postreadfrom);
1443 //Case 3: The resolved read is a normal read and the next
1444 //operation is a write, and we need to make sure that the
1445 //write is mod ordered after rf
1447 mo_graph->addEdge(rf, lastact);
1455 * Updates the mo_graph with the constraints imposed from the current write.
1457 * Basic idea is the following: Go through each other thread and find
1458 * the lastest action that happened before our write. Two cases:
1460 * (1) The action is a write => that write must occur before
1463 * (2) The action is a read => the write that that action read from
1464 * must occur before the current write.
1466 * This method also handles two other issues:
1468 * (I) Sequential Consistency: Making sure that if the current write is
1469 * seq_cst, that it occurs after the previous seq_cst write.
1471 * (II) Sending the write back to non-synchronizing reads.
1473 * @param curr The current action. Must be a write.
1474 * @return True if modification order edges were added; false otherwise
1476 bool ModelChecker::w_modification_order(ModelAction *curr)
1478 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
1481 ASSERT(curr->is_write());
1483 if (curr->is_seqcst()) {
1484 /* We have to at least see the last sequentially consistent write,
1485 so we are initialized. */
1486 ModelAction *last_seq_cst = get_last_seq_cst(curr);
1487 if (last_seq_cst != NULL) {
1488 mo_graph->addEdge(last_seq_cst, curr);
1493 /* Iterate over all threads */
1494 for (i = 0; i < thrd_lists->size(); i++) {
1495 /* Iterate over actions in thread, starting from most recent */
1496 action_list_t *list = &(*thrd_lists)[i];
1497 action_list_t::reverse_iterator rit;
1498 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1499 ModelAction *act = *rit;
1502 * 1) If RMW and it actually read from something, then we
1503 * already have all relevant edges, so just skip to next
1506 * 2) If RMW and it didn't read from anything, we should
1507 * whatever edge we can get to speed up convergence.
1509 * 3) If normal write, we need to look at earlier actions, so
1510 * continue processing list.
1512 if (curr->is_rmw()) {
1513 if (curr->get_reads_from()!=NULL)
1522 * Include at most one act per-thread that "happens
1525 if (act->happens_before(curr)) {
1527 * Note: if act is RMW, just add edge:
1529 * The following edge should be handled elsewhere:
1530 * readfrom(act) --mo--> act
1532 if (act->is_write())
1533 mo_graph->addEdge(act, curr);
1534 else if (act->is_read()) {
1535 //if previous read accessed a null, just keep going
1536 if (act->get_reads_from() == NULL)
1538 mo_graph->addEdge(act->get_reads_from(), curr);
1542 } else if (act->is_read() && !act->could_synchronize_with(curr) &&
1543 !act->same_thread(curr)) {
1544 /* We have an action that:
1545 (1) did not happen before us
1546 (2) is a read and we are a write
1547 (3) cannot synchronize with us
1548 (4) is in a different thread
1550 that read could potentially read from our write. Note that
1551 these checks are overly conservative at this point, we'll
1552 do more checks before actually removing the
1556 if (thin_air_constraint_may_allow(curr, act)) {
1558 (curr->is_rmw() && act->is_rmw() && curr->get_reads_from() == act->get_reads_from() && isfeasibleotherthanRMW())) {
1559 struct PendingFutureValue pfv = {curr,act};
1560 futurevalues->push_back(pfv);
1570 /** Arbitrary reads from the future are not allowed. Section 29.3
1571 * part 9 places some constraints. This method checks one result of constraint
1572 * constraint. Others require compiler support. */
1573 bool ModelChecker::thin_air_constraint_may_allow(const ModelAction * writer, const ModelAction *reader) {
1574 if (!writer->is_rmw())
1577 if (!reader->is_rmw())
1580 for (const ModelAction *search = writer->get_reads_from(); search != NULL; search = search->get_reads_from()) {
1581 if (search == reader)
1583 if (search->get_tid() == reader->get_tid() &&
1584 search->happens_before(reader))
1592 * Arbitrary reads from the future are not allowed. Section 29.3 part 9 places
1593 * some constraints. This method checks one the following constraint (others
1594 * require compiler support):
1596 * If X --hb-> Y --mo-> Z, then X should not read from Z.
1598 bool ModelChecker::mo_may_allow(const ModelAction *writer, const ModelAction *reader)
1600 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, reader->get_location());
1602 /* Iterate over all threads */
1603 for (i = 0; i < thrd_lists->size(); i++) {
1604 const ModelAction *write_after_read = NULL;
1606 /* Iterate over actions in thread, starting from most recent */
1607 action_list_t *list = &(*thrd_lists)[i];
1608 action_list_t::reverse_iterator rit;
1609 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1610 ModelAction *act = *rit;
1612 if (!reader->happens_before(act))
1614 else if (act->is_write())
1615 write_after_read = act;
1616 else if (act->is_read() && act->get_reads_from() != NULL && act != reader) {
1617 write_after_read = act->get_reads_from();
1621 if (write_after_read && write_after_read!=writer && mo_graph->checkReachable(write_after_read, writer))
1628 * Finds the head(s) of the release sequence(s) containing a given ModelAction.
1629 * The ModelAction under consideration is expected to be taking part in
1630 * release/acquire synchronization as an object of the "reads from" relation.
1631 * Note that this can only provide release sequence support for RMW chains
1632 * which do not read from the future, as those actions cannot be traced until
1633 * their "promise" is fulfilled. Similarly, we may not even establish the
1634 * presence of a release sequence with certainty, as some modification order
1635 * constraints may be decided further in the future. Thus, this function
1636 * "returns" two pieces of data: a pass-by-reference vector of @a release_heads
1637 * and a boolean representing certainty.
1639 * @param rf The action that might be part of a release sequence. Must be a
1641 * @param release_heads A pass-by-reference style return parameter. After
1642 * execution of this function, release_heads will contain the heads of all the
1643 * relevant release sequences, if any exists with certainty
1644 * @param pending A pass-by-reference style return parameter which is only used
1645 * when returning false (i.e., uncertain). Returns most information regarding
1646 * an uncertain release sequence, including any write operations that might
1647 * break the sequence.
1648 * @return true, if the ModelChecker is certain that release_heads is complete;
1651 bool ModelChecker::release_seq_heads(const ModelAction *rf,
1652 rel_heads_list_t *release_heads,
1653 struct release_seq *pending) const
1655 /* Only check for release sequences if there are no cycles */
1656 if (mo_graph->checkForCycles())
1660 ASSERT(rf->is_write());
1662 if (rf->is_release())
1663 release_heads->push_back(rf);
1665 break; /* End of RMW chain */
1667 /** @todo Need to be smarter here... In the linux lock
1668 * example, this will run to the beginning of the program for
1670 /** @todo The way to be smarter here is to keep going until 1
1671 * thread has a release preceded by an acquire and you've seen
1674 /* acq_rel RMW is a sufficient stopping condition */
1675 if (rf->is_acquire() && rf->is_release())
1676 return true; /* complete */
1678 rf = rf->get_reads_from();
1681 /* read from future: need to settle this later */
1683 return false; /* incomplete */
1686 if (rf->is_release())
1687 return true; /* complete */
1689 /* else relaxed write; check modification order for contiguous subsequence
1690 * -> rf must be same thread as release */
1691 int tid = id_to_int(rf->get_tid());
1692 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, rf->get_location());
1693 action_list_t *list = &(*thrd_lists)[tid];
1694 action_list_t::const_reverse_iterator rit;
1696 /* Find rf in the thread list */
1697 rit = std::find(list->rbegin(), list->rend(), rf);
1698 ASSERT(rit != list->rend());
1700 /* Find the last write/release */
1701 for (; rit != list->rend(); rit++)
1702 if ((*rit)->is_release())
1704 if (rit == list->rend()) {
1705 /* No write-release in this thread */
1706 return true; /* complete */
1708 ModelAction *release = *rit;
1710 ASSERT(rf->same_thread(release));
1712 pending->writes.clear();
1714 bool certain = true;
1715 for (unsigned int i = 0; i < thrd_lists->size(); i++) {
1716 if (id_to_int(rf->get_tid()) == (int)i)
1718 list = &(*thrd_lists)[i];
1720 /* Can we ensure no future writes from this thread may break
1721 * the release seq? */
1722 bool future_ordered = false;
1724 ModelAction *last = get_last_action(int_to_id(i));
1725 Thread *th = get_thread(int_to_id(i));
1726 if ((last && rf->happens_before(last)) ||
1729 future_ordered = true;
1731 ASSERT(!th->is_model_thread() || future_ordered);
1733 for (rit = list->rbegin(); rit != list->rend(); rit++) {
1734 const ModelAction *act = *rit;
1735 /* Reach synchronization -> this thread is complete */
1736 if (act->happens_before(release))
1738 if (rf->happens_before(act)) {
1739 future_ordered = true;
1743 /* Only non-RMW writes can break release sequences */
1744 if (!act->is_write() || act->is_rmw())
1747 /* Check modification order */
1748 if (mo_graph->checkReachable(rf, act)) {
1749 /* rf --mo--> act */
1750 future_ordered = true;
1753 if (mo_graph->checkReachable(act, release))
1754 /* act --mo--> release */
1756 if (mo_graph->checkReachable(release, act) &&
1757 mo_graph->checkReachable(act, rf)) {
1758 /* release --mo-> act --mo--> rf */
1759 return true; /* complete */
1761 /* act may break release sequence */
1762 pending->writes.push_back(act);
1765 if (!future_ordered)
1766 certain = false; /* This thread is uncertain */
1770 release_heads->push_back(release);
1771 pending->writes.clear();
1773 pending->release = release;
1780 * A public interface for getting the release sequence head(s) with which a
1781 * given ModelAction must synchronize. This function only returns a non-empty
1782 * result when it can locate a release sequence head with certainty. Otherwise,
1783 * it may mark the internal state of the ModelChecker so that it will handle
1784 * the release sequence at a later time, causing @a act to update its
1785 * synchronization at some later point in execution.
1786 * @param act The 'acquire' action that may read from a release sequence
1787 * @param release_heads A pass-by-reference return parameter. Will be filled
1788 * with the head(s) of the release sequence(s), if they exists with certainty.
1789 * @see ModelChecker::release_seq_heads
1791 void ModelChecker::get_release_seq_heads(ModelAction *act, rel_heads_list_t *release_heads)
1793 const ModelAction *rf = act->get_reads_from();
1794 struct release_seq *sequence = (struct release_seq *)snapshot_calloc(1, sizeof(struct release_seq));
1795 sequence->acquire = act;
1797 if (!release_seq_heads(rf, release_heads, sequence)) {
1798 /* add act to 'lazy checking' list */
1799 pending_rel_seqs->push_back(sequence);
1801 snapshot_free(sequence);
1806 * Attempt to resolve all stashed operations that might synchronize with a
1807 * release sequence for a given location. This implements the "lazy" portion of
1808 * determining whether or not a release sequence was contiguous, since not all
1809 * modification order information is present at the time an action occurs.
1811 * @param location The location/object that should be checked for release
1812 * sequence resolutions. A NULL value means to check all locations.
1813 * @param work_queue The work queue to which to add work items as they are
1815 * @return True if any updates occurred (new synchronization, new mo_graph
1818 bool ModelChecker::resolve_release_sequences(void *location, work_queue_t *work_queue)
1820 bool updated = false;
1821 std::vector< struct release_seq *, SnapshotAlloc<struct release_seq *> >::iterator it = pending_rel_seqs->begin();
1822 while (it != pending_rel_seqs->end()) {
1823 struct release_seq *pending = *it;
1824 ModelAction *act = pending->acquire;
1826 /* Only resolve sequences on the given location, if provided */
1827 if (location && act->get_location() != location) {
1832 const ModelAction *rf = act->get_reads_from();
1833 rel_heads_list_t release_heads;
1835 complete = release_seq_heads(rf, &release_heads, pending);
1836 for (unsigned int i = 0; i < release_heads.size(); i++) {
1837 if (!act->has_synchronized_with(release_heads[i])) {
1838 if (act->synchronize_with(release_heads[i]))
1841 set_bad_synchronization();
1846 /* Re-check all pending release sequences */
1847 work_queue->push_back(CheckRelSeqWorkEntry(NULL));
1848 /* Re-check act for mo_graph edges */
1849 work_queue->push_back(MOEdgeWorkEntry(act));
1851 /* propagate synchronization to later actions */
1852 action_list_t::reverse_iterator rit = action_trace->rbegin();
1853 for (; (*rit) != act; rit++) {
1854 ModelAction *propagate = *rit;
1855 if (act->happens_before(propagate)) {
1856 propagate->synchronize_with(act);
1857 /* Re-check 'propagate' for mo_graph edges */
1858 work_queue->push_back(MOEdgeWorkEntry(propagate));
1863 it = pending_rel_seqs->erase(it);
1864 snapshot_free(pending);
1870 // If we resolved promises or data races, see if we have realized a data race.
1877 * Performs various bookkeeping operations for the current ModelAction. For
1878 * instance, adds action to the per-object, per-thread action vector and to the
1879 * action trace list of all thread actions.
1881 * @param act is the ModelAction to add.
1883 void ModelChecker::add_action_to_lists(ModelAction *act)
1885 int tid = id_to_int(act->get_tid());
1886 action_trace->push_back(act);
1888 get_safe_ptr_action(obj_map, act->get_location())->push_back(act);
1890 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, act->get_location());
1891 if (tid >= (int)vec->size())
1892 vec->resize(priv->next_thread_id);
1893 (*vec)[tid].push_back(act);
1895 if ((int)thrd_last_action->size() <= tid)
1896 thrd_last_action->resize(get_num_threads());
1897 (*thrd_last_action)[tid] = act;
1899 if (act->is_wait()) {
1900 void *mutex_loc=(void *) act->get_value();
1901 get_safe_ptr_action(obj_map, mutex_loc)->push_back(act);
1903 std::vector<action_list_t> *vec = get_safe_ptr_vect_action(obj_thrd_map, mutex_loc);
1904 if (tid >= (int)vec->size())
1905 vec->resize(priv->next_thread_id);
1906 (*vec)[tid].push_back(act);
1908 if ((int)thrd_last_action->size() <= tid)
1909 thrd_last_action->resize(get_num_threads());
1910 (*thrd_last_action)[tid] = act;
1915 * @brief Get the last action performed by a particular Thread
1916 * @param tid The thread ID of the Thread in question
1917 * @return The last action in the thread
1919 ModelAction * ModelChecker::get_last_action(thread_id_t tid) const
1921 int threadid = id_to_int(tid);
1922 if (threadid < (int)thrd_last_action->size())
1923 return (*thrd_last_action)[id_to_int(tid)];
1929 * Gets the last memory_order_seq_cst write (in the total global sequence)
1930 * performed on a particular object (i.e., memory location), not including the
1932 * @param curr The current ModelAction; also denotes the object location to
1934 * @return The last seq_cst write
1936 ModelAction * ModelChecker::get_last_seq_cst(ModelAction *curr) const
1938 void *location = curr->get_location();
1939 action_list_t *list = get_safe_ptr_action(obj_map, location);
1940 /* Find: max({i in dom(S) | seq_cst(t_i) && isWrite(t_i) && samevar(t_i, t)}) */
1941 action_list_t::reverse_iterator rit;
1942 for (rit = list->rbegin(); rit != list->rend(); rit++)
1943 if ((*rit)->is_write() && (*rit)->is_seqcst() && (*rit) != curr)
1949 * Gets the last unlock operation performed on a particular mutex (i.e., memory
1950 * location). This function identifies the mutex according to the current
1951 * action, which is presumed to perform on the same mutex.
1952 * @param curr The current ModelAction; also denotes the object location to
1954 * @return The last unlock operation
1956 ModelAction * ModelChecker::get_last_unlock(ModelAction *curr) const
1958 void *location = curr->get_location();
1959 action_list_t *list = get_safe_ptr_action(obj_map, location);
1960 /* Find: max({i in dom(S) | isUnlock(t_i) && samevar(t_i, t)}) */
1961 action_list_t::reverse_iterator rit;
1962 for (rit = list->rbegin(); rit != list->rend(); rit++)
1963 if ((*rit)->is_unlock() || (*rit)->is_wait())
1968 ModelAction * ModelChecker::get_parent_action(thread_id_t tid)
1970 ModelAction *parent = get_last_action(tid);
1972 parent = get_thread(tid)->get_creation();
1977 * Returns the clock vector for a given thread.
1978 * @param tid The thread whose clock vector we want
1979 * @return Desired clock vector
1981 ClockVector * ModelChecker::get_cv(thread_id_t tid)
1983 return get_parent_action(tid)->get_cv();
1987 * Resolve a set of Promises with a current write. The set is provided in the
1988 * Node corresponding to @a write.
1989 * @param write The ModelAction that is fulfilling Promises
1990 * @return True if promises were resolved; false otherwise
1992 bool ModelChecker::resolve_promises(ModelAction *write)
1994 bool resolved = false;
1995 std::vector< thread_id_t, ModelAlloc<thread_id_t> > threads_to_check;
1997 for (unsigned int i = 0, promise_index = 0; promise_index < promises->size(); i++) {
1998 Promise *promise = (*promises)[promise_index];
1999 if (write->get_node()->get_promise(i)) {
2000 ModelAction *read = promise->get_action();
2001 if (read->is_rmw()) {
2002 mo_graph->addRMWEdge(write, read);
2004 read->read_from(write);
2005 //First fix up the modification order for actions that happened
2007 r_modification_order(read, write);
2008 //Next fix up the modification order for actions that happened
2010 post_r_modification_order(read, write);
2011 //Make sure the promise's value matches the write's value
2012 ASSERT(promise->get_value() == write->get_value());
2015 promises->erase(promises->begin() + promise_index);
2016 threads_to_check.push_back(read->get_tid());
2023 //Check whether reading these writes has made threads unable to
2026 for(unsigned int i=0;i<threads_to_check.size();i++)
2027 mo_check_promises(threads_to_check[i], write);
2033 * Compute the set of promises that could potentially be satisfied by this
2034 * action. Note that the set computation actually appears in the Node, not in
2036 * @param curr The ModelAction that may satisfy promises
2038 void ModelChecker::compute_promises(ModelAction *curr)
2040 for (unsigned int i = 0; i < promises->size(); i++) {
2041 Promise *promise = (*promises)[i];
2042 const ModelAction *act = promise->get_action();
2043 if (!act->happens_before(curr) &&
2045 !act->could_synchronize_with(curr) &&
2046 !act->same_thread(curr) &&
2047 act->get_location() == curr->get_location() &&
2048 promise->get_value() == curr->get_value()) {
2049 curr->get_node()->set_promise(i, act->is_rmw());
2054 /** Checks promises in response to change in ClockVector Threads. */
2055 void ModelChecker::check_promises(thread_id_t tid, ClockVector *old_cv, ClockVector *merge_cv)
2057 for (unsigned int i = 0; i < promises->size(); i++) {
2058 Promise *promise = (*promises)[i];
2059 const ModelAction *act = promise->get_action();
2060 if ((old_cv == NULL || !old_cv->synchronized_since(act)) &&
2061 merge_cv->synchronized_since(act)) {
2062 if (promise->increment_threads(tid)) {
2063 //Promise has failed
2064 failed_promise = true;
2071 void ModelChecker::check_promises_thread_disabled() {
2072 for (unsigned int i = 0; i < promises->size(); i++) {
2073 Promise *promise = (*promises)[i];
2074 if (promise->check_promise()) {
2075 failed_promise = true;
2081 /** Checks promises in response to addition to modification order for threads.
2083 * pthread is the thread that performed the read that created the promise
2085 * pread is the read that created the promise
2087 * pwrite is either the first write to same location as pread by
2088 * pthread that is sequenced after pread or the value read by the
2089 * first read to the same lcoation as pread by pthread that is
2090 * sequenced after pread..
2092 * 1. If tid=pthread, then we check what other threads are reachable
2093 * through the mode order starting with pwrite. Those threads cannot
2094 * perform a write that will resolve the promise due to modification
2095 * order constraints.
2097 * 2. If the tid is not pthread, we check whether pwrite can reach the
2098 * action write through the modification order. If so, that thread
2099 * cannot perform a future write that will resolve the promise due to
2100 * modificatin order constraints.
2102 * @parem tid The thread that either read from the model action
2103 * write, or actually did the model action write.
2105 * @parem write The ModelAction representing the relevant write.
2108 void ModelChecker::mo_check_promises(thread_id_t tid, const ModelAction *write) {
2109 void * location = write->get_location();
2110 for (unsigned int i = 0; i < promises->size(); i++) {
2111 Promise *promise = (*promises)[i];
2112 const ModelAction *act = promise->get_action();
2114 //Is this promise on the same location?
2115 if ( act->get_location() != location )
2118 //same thread as the promise
2119 if ( act->get_tid()==tid ) {
2121 //do we have a pwrite for the promise, if not, set it
2122 if (promise->get_write() == NULL ) {
2123 promise->set_write(write);
2124 //The pwrite cannot happen before the promise
2125 if (write->happens_before(act) && (write != act)) {
2126 failed_promise = true;
2130 if (mo_graph->checkPromise(write, promise)) {
2131 failed_promise = true;
2136 //Don't do any lookups twice for the same thread
2137 if (promise->has_sync_thread(tid))
2140 if (promise->get_write()&&mo_graph->checkReachable(promise->get_write(), write)) {
2141 if (promise->increment_threads(tid)) {
2142 failed_promise = true;
2150 * Compute the set of writes that may break the current pending release
2151 * sequence. This information is extracted from previou release sequence
2154 * @param curr The current ModelAction. Must be a release sequence fixup
2157 void ModelChecker::compute_relseq_breakwrites(ModelAction *curr)
2159 if (pending_rel_seqs->empty())
2162 struct release_seq *pending = pending_rel_seqs->back();
2163 for (unsigned int i = 0; i < pending->writes.size(); i++) {
2164 const ModelAction *write = pending->writes[i];
2165 curr->get_node()->add_relseq_break(write);
2168 /* NULL means don't break the sequence; just synchronize */
2169 curr->get_node()->add_relseq_break(NULL);
2173 * Build up an initial set of all past writes that this 'read' action may read
2174 * from. This set is determined by the clock vector's "happens before"
2176 * @param curr is the current ModelAction that we are exploring; it must be a
2179 void ModelChecker::build_reads_from_past(ModelAction *curr)
2181 std::vector<action_list_t> *thrd_lists = get_safe_ptr_vect_action(obj_thrd_map, curr->get_location());
2183 ASSERT(curr->is_read());
2185 ModelAction *last_seq_cst = NULL;
2187 /* Track whether this object has been initialized */
2188 bool initialized = false;
2190 if (curr->is_seqcst()) {
2191 last_seq_cst = get_last_seq_cst(curr);
2192 /* We have to at least see the last sequentially consistent write,
2193 so we are initialized. */
2194 if (last_seq_cst != NULL)
2198 /* Iterate over all threads */
2199 for (i = 0; i < thrd_lists->size(); i++) {
2200 /* Iterate over actions in thread, starting from most recent */
2201 action_list_t *list = &(*thrd_lists)[i];
2202 action_list_t::reverse_iterator rit;
2203 for (rit = list->rbegin(); rit != list->rend(); rit++) {
2204 ModelAction *act = *rit;
2206 /* Only consider 'write' actions */
2207 if (!act->is_write() || act == curr)
2210 /* Don't consider more than one seq_cst write if we are a seq_cst read. */
2211 if (!curr->is_seqcst() || (!act->is_seqcst() && (last_seq_cst == NULL || !act->happens_before(last_seq_cst))) || act == last_seq_cst) {
2212 if (!curr->get_sleep_flag() || curr->is_seqcst() || sleep_can_read_from(curr, act)) {
2213 DEBUG("Adding action to may_read_from:\n");
2214 if (DBG_ENABLED()) {
2218 curr->get_node()->add_read_from(act);
2222 /* Include at most one act per-thread that "happens before" curr */
2223 if (act->happens_before(curr)) {
2231 assert_bug("May read from uninitialized atomic");
2233 if (DBG_ENABLED() || !initialized) {
2234 model_print("Reached read action:\n");
2236 model_print("Printing may_read_from\n");
2237 curr->get_node()->print_may_read_from();
2238 model_print("End printing may_read_from\n");
2242 bool ModelChecker::sleep_can_read_from(ModelAction * curr, const ModelAction *write) {
2244 Node *prevnode=write->get_node()->get_parent();
2246 bool thread_sleep=prevnode->enabled_status(curr->get_tid())==THREAD_SLEEP_SET;
2247 if (write->is_release()&&thread_sleep)
2249 if (!write->is_rmw()) {
2252 if (write->get_reads_from()==NULL)
2254 write=write->get_reads_from();
2258 static void print_list(action_list_t *list, int exec_num = -1)
2260 action_list_t::iterator it;
2262 model_print("---------------------------------------------------------------------\n");
2264 model_print("Execution %d:\n", exec_num);
2266 unsigned int hash=0;
2268 for (it = list->begin(); it != list->end(); it++) {
2270 hash=hash^(hash<<3)^((*it)->hash());
2272 model_print("HASH %u\n", hash);
2273 model_print("---------------------------------------------------------------------\n");
2276 #if SUPPORT_MOD_ORDER_DUMP
2277 void ModelChecker::dumpGraph(char *filename) {
2279 sprintf(buffer, "%s.dot",filename);
2280 FILE *file=fopen(buffer, "w");
2281 fprintf(file, "digraph %s {\n",filename);
2282 mo_graph->dumpNodes(file);
2283 ModelAction ** thread_array=(ModelAction **)model_calloc(1, sizeof(ModelAction *)*get_num_threads());
2285 for (action_list_t::iterator it = action_trace->begin(); it != action_trace->end(); it++) {
2286 ModelAction *action=*it;
2287 if (action->is_read()) {
2288 fprintf(file, "N%u [label=\"%u, T%u\"];\n", action->get_seq_number(),action->get_seq_number(), action->get_tid());
2289 if (action->get_reads_from()!=NULL)
2290 fprintf(file, "N%u -> N%u[label=\"rf\", color=red];\n", action->get_seq_number(), action->get_reads_from()->get_seq_number());
2292 if (thread_array[action->get_tid()] != NULL) {
2293 fprintf(file, "N%u -> N%u[label=\"sb\", color=blue];\n", thread_array[action->get_tid()]->get_seq_number(), action->get_seq_number());
2296 thread_array[action->get_tid()]=action;
2298 fprintf(file,"}\n");
2299 model_free(thread_array);
2304 /** @brief Prints an execution trace summary. */
2305 void ModelChecker::print_summary() const
2307 #if SUPPORT_MOD_ORDER_DUMP
2309 char buffername[100];
2310 sprintf(buffername, "exec%04u", stats.num_total);
2311 mo_graph->dumpGraphToFile(buffername);
2312 sprintf(buffername, "graph%04u", stats.num_total);
2313 dumpGraph(buffername);
2316 if (!isfinalfeasible())
2317 model_print("INFEASIBLE EXECUTION!\n");
2318 print_list(action_trace, stats.num_total);
2323 * Add a Thread to the system for the first time. Should only be called once
2325 * @param t The Thread to add
2327 void ModelChecker::add_thread(Thread *t)
2329 thread_map->put(id_to_int(t->get_id()), t);
2330 scheduler->add_thread(t);
2334 * Removes a thread from the scheduler.
2335 * @param the thread to remove.
2337 void ModelChecker::remove_thread(Thread *t)
2339 scheduler->remove_thread(t);
2343 * @brief Get a Thread reference by its ID
2344 * @param tid The Thread's ID
2345 * @return A Thread reference
2347 Thread * ModelChecker::get_thread(thread_id_t tid) const
2349 return thread_map->get(id_to_int(tid));
2353 * @brief Get a reference to the Thread in which a ModelAction was executed
2354 * @param act The ModelAction
2355 * @return A Thread reference
2357 Thread * ModelChecker::get_thread(ModelAction *act) const
2359 return get_thread(act->get_tid());
2363 * @brief Check if a Thread is currently enabled
2364 * @param t The Thread to check
2365 * @return True if the Thread is currently enabled
2367 bool ModelChecker::is_enabled(Thread *t) const
2369 return scheduler->is_enabled(t);
2373 * @brief Check if a Thread is currently enabled
2374 * @param tid The ID of the Thread to check
2375 * @return True if the Thread is currently enabled
2377 bool ModelChecker::is_enabled(thread_id_t tid) const
2379 return scheduler->is_enabled(tid);
2383 * Switch from a user-context to the "master thread" context (a.k.a. system
2384 * context). This switch is made with the intention of exploring a particular
2385 * model-checking action (described by a ModelAction object). Must be called
2386 * from a user-thread context.
2388 * @param act The current action that will be explored. May be NULL only if
2389 * trace is exiting via an assertion (see ModelChecker::set_assert and
2390 * ModelChecker::has_asserted).
2391 * @return Return status from the 'swap' call (i.e., success/fail, 0/-1)
2393 int ModelChecker::switch_to_master(ModelAction *act)
2396 Thread *old = thread_current();
2397 set_current_action(act);
2398 old->set_state(THREAD_READY);
2399 return Thread::swap(old, &system_context);
2403 * Takes the next step in the execution, if possible.
2404 * @return Returns true (success) if a step was taken and false otherwise.
2406 bool ModelChecker::take_step() {
2410 Thread *curr = priv->current_action ? get_thread(priv->current_action) : NULL;
2412 if (curr->get_state() == THREAD_READY) {
2413 ASSERT(priv->current_action);
2415 priv->nextThread = check_current_action(priv->current_action);
2416 priv->current_action = NULL;
2418 if (curr->is_blocked() || curr->is_complete())
2419 scheduler->remove_thread(curr);
2424 Thread *next = scheduler->next_thread(priv->nextThread);
2426 /* Infeasible -> don't take any more steps */
2429 else if (isfeasibleprefix() && have_bug_reports()) {
2434 if (params.bound != 0) {
2435 if (priv->used_sequence_numbers > params.bound) {
2440 DEBUG("(%d, %d)\n", curr ? id_to_int(curr->get_id()) : -1,
2441 next ? id_to_int(next->get_id()) : -1);
2444 * Launch end-of-execution release sequence fixups only when there are:
2446 * (1) no more user threads to run (or when execution replay chooses
2447 * the 'model_thread')
2448 * (2) pending release sequences
2449 * (3) pending assertions (i.e., data races)
2450 * (4) no pending promises
2452 if (!pending_rel_seqs->empty() && (!next || next->is_model_thread()) &&
2453 isfinalfeasible() && !unrealizedraces.empty()) {
2454 model_print("*** WARNING: release sequence fixup action (%zu pending release seuqences) ***\n",
2455 pending_rel_seqs->size());
2456 ModelAction *fixup = new ModelAction(MODEL_FIXUP_RELSEQ,
2457 std::memory_order_seq_cst, NULL, VALUE_NONE,
2459 set_current_action(fixup);
2463 /* next == NULL -> don't take any more steps */
2467 next->set_state(THREAD_RUNNING);
2469 if (next->get_pending() != NULL) {
2470 /* restart a pending action */
2471 set_current_action(next->get_pending());
2472 next->set_pending(NULL);
2473 next->set_state(THREAD_READY);
2477 /* Return false only if swap fails with an error */
2478 return (Thread::swap(&system_context, next) == 0);
2481 /** Runs the current execution until threre are no more steps to take. */
2482 void ModelChecker::finish_execution() {
2485 while (take_step());
projects / model-checker.git / blob