4 #include "model-assert.h"
8 #define relaxed memory_order_relaxed
9 #define release memory_order_release
10 #define acquire memory_order_acquire
12 #define MAX_FREELIST 4 /* Each thread can own up to MAX_FREELIST free nodes */
13 #define INITIAL_FREE 3 /* Each thread starts with INITIAL_FREE free nodes */
15 #define POISON_IDX 0x666
17 static unsigned int (*free_lists)[MAX_FREELIST];
19 /* Search this thread's free list for a "new" node */
20 static unsigned int new_node()
23 int t = get_thread_num();
24 for (i = 0; i < MAX_FREELIST; i++) {
25 //unsigned int node = load_32(&free_lists[t][i]);
26 unsigned int node = free_lists[t][i];
28 //store_32(&free_lists[t][i], 0);
33 /* free_list is empty? */
38 /* Place this node index back on this thread's free list */
39 static void reclaim(unsigned int node)
42 int t = get_thread_num();
44 /* Don't reclaim NULL node */
47 for (i = 0; i < MAX_FREELIST; i++) {
48 /* Should never race with our own thread here */
49 //unsigned int idx = load_32(&free_lists[t][i]);
50 unsigned int idx = free_lists[t][i];
52 /* Found empty spot in free list */
54 store_32(&free_lists[t][i], node);
55 //free_lists[t][i] = node;
59 /* free list is full? */
63 void init_queue(queue_t *q, int num_threads)
66 for (i = 0; i < MAX_NODES; i++) {
67 atomic_init(&q->nodes[i].next, MAKE_POINTER(POISON_IDX, 0));
70 /* Initialize each thread's free list with INITIAL_FREE pointers */
71 /* The actual nodes are initialized with poison indexes */
72 free_lists = malloc(num_threads * sizeof(*free_lists));
73 for (i = 0; i < num_threads; i++) {
74 for (j = 0; j < INITIAL_FREE; j++) {
75 free_lists[i][j] = 2 + i * MAX_FREELIST + j;
76 atomic_init(&q->nodes[free_lists[i][j]].next, MAKE_POINTER(POISON_IDX, 0));
80 /* initialize queue */
81 atomic_init(&q->head, MAKE_POINTER(1, 0));
82 atomic_init(&q->tail, MAKE_POINTER(1, 0));
83 atomic_init(&q->nodes[1].next, MAKE_POINTER(0, 0));
88 @Interface_define: Enqueue
91 void enqueue(queue_t *q, unsigned int val)
100 //store_32(&q->nodes[node].value, val);
101 q->nodes[node].value = val;
102 tmp = atomic_load_explicit(&q->nodes[node].next, relaxed);
103 set_ptr(&tmp, 0); // NULL
104 atomic_store_explicit(&q->nodes[node].next, tmp, relaxed);
110 @Commit_point_clear: true
111 @Label: Enqueue_Clear
114 /**** detected UL ****/
115 tail = atomic_load_explicit(&q->tail, acquire);
116 /****FIXME: miss ****/
117 next = atomic_load_explicit(&q->nodes[get_ptr(tail)].next, acquire);
118 //printf("miss1_enqueue\n");
119 if (tail == atomic_load_explicit(&q->tail, relaxed)) {
121 /* Check for uninitialized 'next' */
122 //MODEL_ASSERT(get_ptr(next) != POISON_IDX);
124 if (get_ptr(next) == 0) { // == NULL
125 pointer value = MAKE_POINTER(node, get_count(next) + 1);
126 /**** detected UL ****/
127 // Second release can be just relaxed
128 success = atomic_compare_exchange_strong_explicit(&q->nodes[get_ptr(tail)].next,
129 &next, value, release, relaxed);
132 @Commit_point_define_check: success
133 @Label: EnqueueUpdateNext
138 // This routine helps the other enqueue to update the tail
139 /**** detected UL ****/
140 unsigned int ptr = get_ptr(atomic_load_explicit(&q->nodes[get_ptr(tail)].next, acquire));
141 pointer value = MAKE_POINTER(ptr,
142 get_count(tail) + 1);
143 /****FIXME: miss ****/
144 // Second release can be just relaxed
146 succ = atomic_compare_exchange_strong_explicit(&q->tail,
147 &tail, value, release, relaxed);
149 //printf("miss2_enqueue CAS succ\n");
151 //printf("miss2_enqueue\n");
156 /**** dectected UL ****/
157 // Second release can be just relaxed
158 bool succ = atomic_compare_exchange_strong_explicit(&q->tail,
160 MAKE_POINTER(node, get_count(tail) + 1),
166 @Interface_define: Dequeue
169 bool dequeue(queue_t *q, int *retVal)
171 unsigned int value = 0;
180 @Commit_point_clear: true
181 @Label: Dequeue_Clear
184 /**** detected correctness error ****/
185 head = atomic_load_explicit(&q->head, acquire);
188 @Commit_point_define_check: true
189 @Label: DequeueReadHead
193 /** A new bug has been found here!!! It should be acquire instead of
194 * relaxed (it introduces a bug when there's two dequeuers and one
195 * enqueuer) correctness bug!!
197 tail = atomic_load_explicit(&q->tail, acquire);
199 /**** Detected UL/DR (testcase1.c) ****/
200 next = atomic_load_explicit(&q->nodes[get_ptr(head)].next, acquire);
203 @Potential_commit_point_define: true
204 @Label: DequeueReadNext
207 if (atomic_load_explicit(&q->head, relaxed) == head) {
208 if (get_ptr(head) == get_ptr(tail)) {
210 /* Check for uninitialized 'next' */
211 //MODEL_ASSERT(get_ptr(next) != POISON_IDX);
213 if (get_ptr(next) == 0) { // NULL
214 return false; // NULL
216 /**** Detected UL (testcase1.c) ****/
217 // Second release can be just relaxed
219 succ = atomic_compare_exchange_strong_explicit(&q->tail,
221 MAKE_POINTER(get_ptr(next), get_count(tail) + 1),
224 //printf("miss4_dequeue CAS succ\n");
226 //printf("miss4_dequeue\n");
229 //value = load_32(&q->nodes[get_ptr(next)].value);
230 value = q->nodes[get_ptr(next)].value;
231 /**** correctness error ****/
232 success = atomic_compare_exchange_strong_explicit(&q->head,
234 MAKE_POINTER(get_ptr(next), get_count(head) + 1),
238 @Commit_point_define_check: success
239 @Label: DequeueUpdateHead
245 @Commit_point_define: success
246 @Potential_commit_point_label: DequeueReadNext
247 @Label: DequeueReadNextVerify
255 reclaim(get_ptr(head));