model-checker.git
12 years agomodel: remove <list> include
Brian Norris [Tue, 20 Nov 2012 04:53:46 +0000 (20:53 -0800)]
model: remove <list> include

12 years agomodel: add const
Brian Norris [Tue, 20 Nov 2012 04:51:04 +0000 (20:51 -0800)]
model: add const

12 years agoschedule: rename get_enabled() -> get_enabled_array()
Brian Norris [Tue, 20 Nov 2012 04:40:30 +0000 (20:40 -0800)]
schedule: rename get_enabled() -> get_enabled_array()

This function actually returns the array, not a single "enabled" status.
(There's a separate get_enabled() method for getting a single status.)

12 years agomodel: rename isfinalfeasible -> is_feasible_prefix_ignore_relseq
Brian Norris [Tue, 20 Nov 2012 04:33:53 +0000 (20:33 -0800)]
model: rename isfinalfeasible -> is_feasible_prefix_ignore_relseq

This more accurately reflects its use case and the fact that it is a
slightly-weaker version of isfeasibleprefix(). Also, I integrate it into
isfeasibleprefix(), to avoid re-writing the same conditions.

12 years agomodel: replace isfinalfeasible() with stronger check
Brian Norris [Tue, 20 Nov 2012 04:29:34 +0000 (20:29 -0800)]
model: replace isfinalfeasible() with stronger check

The stronger isfeasibleprefix() check is not strictly necessary in these
cases, since we can ensure that promises are resolved before executing
these, but it make sense to have a well-defined "strength" to these
feasibility properties, then use the strongest strength that is useful.

12 years agomodel: privatize, move isfinalfeasible()
Brian Norris [Tue, 20 Nov 2012 04:17:23 +0000 (20:17 -0800)]
model: privatize, move isfinalfeasible()

This function should go with all the other "feasible" functions.

12 years agomodel: rename some 'isfeasible...' functions to 'is_infeasible...'
Brian Norris [Tue, 20 Nov 2012 04:11:21 +0000 (20:11 -0800)]
model: rename some 'isfeasible...' functions to 'is_infeasible...'

These functions can be more accurately described as checking
*infeasibility*, not necessarily feasibility. This helps clarify their
purpose, at least for my understanding.

12 years agomodel: privatize some functions
Brian Norris [Tue, 20 Nov 2012 04:03:35 +0000 (20:03 -0800)]
model: privatize some functions

Just kill finish_execution() while we're at it.

12 years agomain: remove #include's
Brian Norris [Tue, 20 Nov 2012 03:47:11 +0000 (19:47 -0800)]
main: remove #include's

12 years agomain: remove "pass-by-reference" editing in parse_options()
Brian Norris [Tue, 20 Nov 2012 03:40:12 +0000 (19:40 -0800)]
main: remove "pass-by-reference" editing in parse_options()

parse_options() can simply pass the argc/argv variables through the
model_checker_params struct now.

Also, document a few things.

12 years agothreads: remove todo (long overdue)
Brian Norris [Tue, 20 Nov 2012 03:33:32 +0000 (19:33 -0800)]
threads: remove todo (long overdue)

12 years agomain/model: move full user-program execution to ModelChecker::run
Brian Norris [Tue, 20 Nov 2012 03:32:22 +0000 (19:32 -0800)]
main/model: move full user-program execution to ModelChecker::run

We don't really need the top-level ModelChecker execution loop to be in
main.cc; it should be exposed simply as a run() method.

12 years agomodel/main: add argc/argv parameter
Brian Norris [Tue, 20 Nov 2012 03:30:41 +0000 (19:30 -0800)]
model/main: add argc/argv parameter

ModelChecker will take care of launching the user program soon.

12 years agomodel: move flags to private 'model_snapshot_members'
Brian Norris [Tue, 20 Nov 2012 03:15:47 +0000 (19:15 -0800)]
model: move flags to private 'model_snapshot_members'

12 years agomodel: add model_snapshot_members constructor/destructor
Brian Norris [Tue, 20 Nov 2012 03:04:33 +0000 (19:04 -0800)]
model: add model_snapshot_members constructor/destructor

12 years agomodel: privatize set_assert()
Brian Norris [Tue, 20 Nov 2012 02:40:50 +0000 (18:40 -0800)]
model: privatize set_assert()

12 years agorun.sh: rewrite script to handle options more gracefully
Brian Norris [Tue, 20 Nov 2012 00:39:36 +0000 (16:39 -0800)]
run.sh: rewrite script to handle options more gracefully

Now you can do:

  ./run.sh [OPTIONS]

without having to specify a particular program (defaults to
./test/userprog.o).

12 years agooutput: don't redirect any output for DEBUG builds
Brian Norris [Tue, 20 Nov 2012 00:37:26 +0000 (16:37 -0800)]
output: don't redirect any output for DEBUG builds

12 years agoREADME: add verbose (-v) argument
Brian Norris [Mon, 19 Nov 2012 23:51:02 +0000 (15:51 -0800)]
README: add verbose (-v) argument

12 years agomodel: optimize get_last_conflict() search
Brian Norris [Mon, 19 Nov 2012 21:10:07 +0000 (13:10 -0800)]
model: optimize get_last_conflict() search

Relaxed operations should never require backtracking, so don't even
bother with searching the list in such cases. I ran some simple
benchmarking tests with linuxrwlocks (timing results below). Also, perf
shows a significant decrease in % time spent in
ModelAction::could_synchronize_with.

------------
Before:
------------

$ time ./run.sh test/linuxrwlocks.o -f 10 -m 10
Number of complete, bug-free executions: 7110
Number of redundant executions: 29
Number of buggy executions: 0
Number of infeasible executions: 43578
Total executions: 50717
Total nodes created: 63463

real 0m7.274s
user 0m6.596s
sys 0m0.652s

2.10%  linuxrwlocks.o  libmodel.so          [.] ModelAction::could_synchronize_with(ModelAction const*) const

------------
After:
------------

$ time ./run.sh test/linuxrwlocks.o -f 10 -m 10
Number of complete, bug-free executions: 7110
Number of redundant executions: 29
Number of buggy executions: 0
Number of infeasible executions: 43578
Total executions: 50717
Total nodes created: 63463

real 0m6.690s
user 0m6.000s
sys 0m0.664s

0.73%  linuxrwlocks.o  libmodel.so          [.] ModelAction::could_synchronize_with(ModelAction const*) const

12 years agoaction: add is_relaxed() function
Brian Norris [Mon, 19 Nov 2012 21:09:29 +0000 (13:09 -0800)]
action: add is_relaxed() function

12 years agocommon: update comment
Brian Norris [Sat, 17 Nov 2012 08:11:27 +0000 (00:11 -0800)]
common: update comment

12 years agomodel: add "# redundant" stat
Brian Norris [Sat, 17 Nov 2012 08:01:18 +0000 (00:01 -0800)]
model: add "# redundant" stat

12 years agomodel: refactor end-of-execution output
Brian Norris [Sat, 17 Nov 2012 07:55:12 +0000 (23:55 -0800)]
model: refactor end-of-execution output

12 years agomodel: print_summary() should be const
Brian Norris [Sat, 17 Nov 2012 07:51:59 +0000 (23:51 -0800)]
model: print_summary() should be const

12 years agomodel/main: disable most printing by default, add verbosity
Brian Norris [Sat, 17 Nov 2012 04:23:15 +0000 (20:23 -0800)]
model/main: disable most printing by default, add verbosity

Adds a '-v' parameter for printing verbose info on a non-DEBUG build.
This effectively creates 3 classes of runs:

 - Default build, no -v: only prints info when discovering a buggy
   execution
 - Default build, -v: prints more verbose information, on all feasible
   executions (buggy or non-buggy)
 - Debug build: Built with 'make debug'. Most verbose; prints everything
   for every execution, including infeasible executions. Also prints
   DEBUG() prints (as usual).

12 years agooutput redirection
Brian Norris [Sat, 17 Nov 2012 04:07:57 +0000 (20:07 -0800)]
output redirection

12 years agomodel: print execution # with trace
Brian Norris [Sat, 17 Nov 2012 01:45:23 +0000 (17:45 -0800)]
model: print execution # with trace

Since stats won't be printed regularly, we still want a measure of
"how many executions have run" when we print a summary trace.

12 years agoprint stats only at end of execution
Brian Norris [Sat, 17 Nov 2012 01:44:50 +0000 (17:44 -0800)]
print stats only at end of execution

12 years agoprintf -> model_print
Brian Norris [Fri, 16 Nov 2012 23:23:40 +0000 (15:23 -0800)]
printf -> model_print

As we move toward redirecting program output, we will need a special
printf function for model-checking prints. Just define a simple
model_print() for now.

12 years agomodel: correct plural ("bug" or "bugs")
Brian Norris [Fri, 16 Nov 2012 23:05:51 +0000 (15:05 -0800)]
model: correct plural ("bug" or "bugs")

12 years agomodel: rework assert_bug() and assert_user_bug() interfaces
Brian Norris [Fri, 16 Nov 2012 22:58:32 +0000 (14:58 -0800)]
model: rework assert_bug() and assert_user_bug() interfaces

We don't need assert_bug_immediate(), and we don't need some of the
optional parameters in assert_bug(). Just simplify down to two
interfaces:

    assert_bug()
    assert_user_bug()

The former is useful for all bugs triggered from model-checker threads,
and the latter is useful from a user-thread context, so that you can
immediately switch to the model-checking context and exit the program -
but *only if* the trace is currently-feasible.

12 years agodataraces: don't print an uninformative "Data race" bug msg
Brian Norris [Fri, 16 Nov 2012 22:44:32 +0000 (14:44 -0800)]
dataraces: don't print an uninformative "Data race" bug msg

Now that checkDataRaces() handles all bug reporting and assertions on
its own, we don't need an additional bug report message printed by the
caller. In some cases, this means the caller doesn't have any action to
take. In one case (a race immediately-realized from a user thread), we
still need to "bail out" to the model-checker.

12 years agodatarace: redirect "Data race @ ..." messages to model-checker bug list
Brian Norris [Fri, 16 Nov 2012 22:38:26 +0000 (14:38 -0800)]
datarace: redirect "Data race @ ..." messages to model-checker bug list

Data race information was previously printed in multiple ways: through
the datarace.cc printRace() method and through the model-checker
assert_bug() method. Start unifying that.

Other notes:
- Data race objects probably should be freed (even though they are
  snapshotted). I fix this.
- Races could be printed more than once previously, since the
  unrealizedraces vector was never cleared of realized races. Now, we
  clear this vector every time we process it (in a feasible execution),
  either stashing a bug message or dropping the race entirely.

12 years agodatarace: change "Datarace" to "Data race"
Brian Norris [Fri, 16 Nov 2012 21:59:03 +0000 (13:59 -0800)]
datarace: change "Datarace" to "Data race"

12 years agomodel: restructure statistics records
Brian Norris [Fri, 16 Nov 2012 20:02:10 +0000 (12:02 -0800)]
model: restructure statistics records

12 years agomodel: annotate SNAPSHOT for bug_message
Brian Norris [Fri, 16 Nov 2012 02:01:31 +0000 (18:01 -0800)]
model: annotate SNAPSHOT for bug_message

Since we use operator new with bug_message, it needs to be marked
SNAPSHOTALLOC.

12 years agomodel: temporary fix for uninitialized loads
Brian Norris [Fri, 16 Nov 2012 01:51:43 +0000 (17:51 -0800)]
model: temporary fix for uninitialized loads

This patch does two things:

(1) Convert 'set_assert()' to 'assert_bug()' to provide:
    - More unified bug printing
    - Only printing the bug for a feasible prefix
(2) Avoids the work_queue loop if a bug was asserted

Part (1) mostly provides some cosmetic fixes.
Part (2) prevents an ASSERT() from being thrown in future values, since
we don't abort the trace early enough when there's nothing to read from.

This all needs better treatment of uninitialized loads, as there are
some loose ends.

12 years agoassert bugs through common interface
Brian Norris [Thu, 15 Nov 2012 21:50:40 +0000 (13:50 -0800)]
assert bugs through common interface

- User-provied assertions (MODEL_ASSERT())
- Data races
- Deadlocks
- Unlock before lock

Notably, I have not yet converted the "uninitialized load" bug, because
it actually isn't correct yet. It needs to handle future values and lazy
synchronization better.

12 years agomodel: print bug reports at end of each execution
Brian Norris [Thu, 15 Nov 2012 21:33:13 +0000 (13:33 -0800)]
model: print bug reports at end of each execution

This ensures:
- that bug reports are printed only at the end of feasible executions
- that execution summaries are printed only for complete (or halted and
  buggy) executions that are feasible
- that all bug reports will have the same formatting (at least, ones
  that use the 'assert_bug()' function)

Note that deadlocks are the only bugs reported this way right now. I'll
fix that up soon.

12 years agomodel: add bug reporting framework
Brian Norris [Thu, 15 Nov 2012 21:25:35 +0000 (13:25 -0800)]
model: add bug reporting framework

This will help clean up bug reporting so that bugs are only printed for
complete, valid executions.

12 years agomodel: remove unnecessary DEBUG()
Brian Norris [Thu, 15 Nov 2012 21:29:44 +0000 (13:29 -0800)]
model: remove unnecessary DEBUG()

12 years agomodel: use snapshot_calloc()
Brian Norris [Thu, 15 Nov 2012 20:43:23 +0000 (12:43 -0800)]
model: use snapshot_calloc()

Also, might as well free priv on destruction.

12 years agomodel: add 'const'
Brian Norris [Thu, 15 Nov 2012 20:21:45 +0000 (12:21 -0800)]
model: add 'const'

12 years agomodel: routine to check if execution is complete
Brian Norris [Thu, 15 Nov 2012 00:46:03 +0000 (16:46 -0800)]
model: routine to check if execution is complete

Not used yet.

12 years agomake compile on linux...needed string.h
Brian Demsky [Thu, 15 Nov 2012 07:29:52 +0000 (23:29 -0800)]
make compile on linux...needed string.h

12 years agoMerge branch 'master' of /home/git/model-checker
Brian Demsky [Thu, 15 Nov 2012 07:27:30 +0000 (23:27 -0800)]
Merge branch 'master' of /home/git/model-checker

12 years agooptimize hashtable so we don't always build new ones for cyclegraph check
Brian Demsky [Thu, 15 Nov 2012 07:26:45 +0000 (23:26 -0800)]
optimize hashtable so we don't always build new ones for cyclegraph check

12 years agoremove hashtable functionality
Brian Demsky [Thu, 15 Nov 2012 06:45:26 +0000 (22:45 -0800)]
remove hashtable functionality

12 years agomake hashtables only contain primitive types or pointers
Brian Demsky [Thu, 15 Nov 2012 06:44:33 +0000 (22:44 -0800)]
make hashtables only contain primitive types or pointers

12 years agoMerge branch 'master' of /home/git/model-checker
Brian Demsky [Thu, 15 Nov 2012 04:55:23 +0000 (20:55 -0800)]
Merge branch 'master' of /home/git/model-checker

12 years agoavoid warning
Brian Demsky [Thu, 15 Nov 2012 04:55:06 +0000 (20:55 -0800)]
avoid warning

12 years agomerge
Brian Demsky [Thu, 15 Nov 2012 02:15:04 +0000 (18:15 -0800)]
merge
Merge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker

Conflicts:
config.h
model.cc

12 years agooptimization...don't calloc the datarace tables every single time...it is really...
Brian Demsky [Thu, 15 Nov 2012 02:11:29 +0000 (18:11 -0800)]
optimization...don't calloc the datarace tables every single time...it is really expensive for rollback

12 years agomodel: remove useless special case
Brian Norris [Thu, 15 Nov 2012 00:30:39 +0000 (16:30 -0800)]
model: remove useless special case

Why do we want to print races, etc., when exiting due to execution
length bound? If you want that, just enable debug prints.

12 years agomodel: don't export Scheduler
Brian Norris [Wed, 14 Nov 2012 23:56:55 +0000 (15:56 -0800)]
model: don't export Scheduler

I removed any users of the get_scheduler() function.

12 years agomodel/promise: use ModelChecker is_enabled() interface
Brian Norris [Wed, 14 Nov 2012 23:55:59 +0000 (15:55 -0800)]
model/promise: use ModelChecker is_enabled() interface

class Promise should not need to access Scheduler directly. Use the
ModelChecker interface.

12 years agomodel: is_deadlocked() (sort of) had a bug
Brian Norris [Wed, 14 Nov 2012 23:53:16 +0000 (15:53 -0800)]
model: is_deadlocked() (sort of) had a bug

We were comparing the boolean (is_enabled(t)) to an enum
(THREAD_DISABLED). This happened to work as we wanted to because
THREAD_DISABLED == 0 == false. But that's not really what I meant...

Anyway, this uses a proper ModelChecker::is_enabled(tid) interface.

12 years agomodel: add ModelChecker is_enabled() functions
Brian Norris [Wed, 14 Nov 2012 23:52:16 +0000 (15:52 -0800)]
model: add ModelChecker is_enabled() functions

We don't want all users to have to directly address the scheduler;
provide an interface.

12 years agoschedule: improve is_enabled() routines
Brian Norris [Wed, 14 Nov 2012 23:43:39 +0000 (15:43 -0800)]
schedule: improve is_enabled() routines

The comments don't clearly explain what is_enabled() might include
(i.e., SLEEP_SET, ENABLED, or DISABLED). Also, we need a direct accessor
keyed by thread_id_t, not just by class Thread.

12 years agomodel: fix spacing
Brian Norris [Wed, 14 Nov 2012 23:28:25 +0000 (15:28 -0800)]
model: fix spacing

12 years agomodel: move snapshot members out of header
Brian Norris [Wed, 14 Nov 2012 23:27:40 +0000 (15:27 -0800)]
model: move snapshot members out of header

This struct is only used within model.cc

12 years agoREADME
Brian Norris [Wed, 14 Nov 2012 03:31:02 +0000 (19:31 -0800)]
README

12 years agomain: change default future value sloppiness
Brian Norris [Wed, 7 Nov 2012 03:10:53 +0000 (19:10 -0800)]
main: change default future value sloppiness

Future value sloppiness should be set somewhat in proportion to
maxfuturedelay, and we need a value higher than 2. Set to 10 for now,
although we may change this later.

12 years agonodestack: implement expiration sloppiness parameter
Brian Norris [Wed, 7 Nov 2012 00:10:33 +0000 (16:10 -0800)]
nodestack: implement expiration sloppiness parameter

Now, a previously-explored, repeated future value will only generate a
new future-value/expiration pair if the expiration is higher than the
previous expiration + sloppiness. This prevents executions where we
continue to step up the future value expiration by a small increment,
creating the same execution.

This also rewrites the add_future_value() logic just a bit so that it is
a little bit more clear.

12 years agomain/model: add future value expiration sloppiness parameter
Brian Norris [Wed, 7 Nov 2012 00:09:59 +0000 (16:09 -0800)]
main/model: add future value expiration sloppiness parameter

Functionality not implemented yet

12 years agonodestack: limit the number of future values per read
Brian Norris [Sun, 4 Nov 2012 02:39:33 +0000 (19:39 -0700)]
nodestack: limit the number of future values per read

Not tested very thoroughly, but it seems to limit the future values set
as intended.

12 years agomain: add maxfuturevalues parameter (-M)
Brian Norris [Sun, 4 Nov 2012 01:16:45 +0000 (18:16 -0700)]
main: add maxfuturevalues parameter (-M)

Not implemented yet

12 years agocommon: early quit on MODEL_ASSERT()
Brian Norris [Sun, 4 Nov 2012 00:50:26 +0000 (17:50 -0700)]
common: early quit on MODEL_ASSERT()

If a user program hits an assertion, we should quit before executing any
further. i.e., don't even wait for the next atomic action, since the
assertion might trigger more bugs that have unintended/unforseen
consequences.

12 years agomodel-assert: add MODEL_ASSERT() for user programs
Brian Norris [Sat, 3 Nov 2012 22:52:16 +0000 (15:52 -0700)]
model-assert: add MODEL_ASSERT() for user programs

12 years agomodel: refactor build_reads_from_past
Brian Norris [Tue, 6 Nov 2012 00:00:18 +0000 (16:00 -0800)]
model: refactor build_reads_from_past

A couple of if-else conditions can be merged to a single if block.

Also, I move the DBG prints for the may_read_from set into the correct
part of the if, to avoid printing false messages about the may_read_from
set.

12 years agocommon/config: allow enable/disable ASSERT() easily
Brian Norris [Wed, 14 Nov 2012 22:39:07 +0000 (14:39 -0800)]
common/config: allow enable/disable ASSERT() easily

Now, assertions (ASSERT()) are only checked if the CONFIG_ASSERT macro
is defined. We leave this enabled for all builds for now.

12 years agorace: where possible, use "const void *" for addresses
Brian Norris [Tue, 13 Nov 2012 00:42:41 +0000 (16:42 -0800)]
race: where possible, use "const void *" for addresses

This allows more flexible use for read-only objects.

12 years agotest: add AB/BA deadlock test
Brian Norris [Wed, 7 Nov 2012 03:26:13 +0000 (19:26 -0800)]
test: add AB/BA deadlock test

12 years agomodel: add deadlock detection
Brian Norris [Wed, 7 Nov 2012 03:18:34 +0000 (19:18 -0800)]
model: add deadlock detection

This is only a simple end-of-execution deadlock detection. If we have a
true deadlock, and no other threads are spinning, then our execution
will exit --- we can recognize this state.

For more complicated deadlocks involving other spinning threads, we need
to perform some sort of depth-first-search cycle detection.

12 years agomodel: get_num_threads() should be const
Brian Norris [Wed, 7 Nov 2012 03:13:05 +0000 (19:13 -0800)]
model: get_num_threads() should be const

12 years agosnapshot: find the correct binary name
Brian Norris [Sat, 3 Nov 2012 22:31:20 +0000 (15:31 -0700)]
snapshot: find the correct binary name

This is somewhat of a neutral change; the existing /proc/*/maps check
works because our path name usually has the word 'model' in it. But
really, we should find the true, full path of the user program.

This should be extended to find more maps (e.g., for other libraries),
and it should be extended for Mac OSX too.

12 years agosnapshot: read from /proc/self/maps
Brian Norris [Sat, 3 Nov 2012 21:55:56 +0000 (14:55 -0700)]
snapshot: read from /proc/self/maps

We don't need to get the PID

12 years agomain: fixup parameter parsing for user program
Brian Norris [Fri, 2 Nov 2012 22:50:48 +0000 (15:50 -0700)]
main: fixup parameter parsing for user program

The user program expects 'optind' to be reset and for 'argv' and 'argc'
to include the program name as the first argument variable.

Note: our mmap()/mprotect()-based snapshotting does not snapshot this
'optind' global, so user-progs that use optarg() functionality might
fail.

12 years agotest: add AB/BA deadlock test
Brian Norris [Wed, 7 Nov 2012 03:26:13 +0000 (19:26 -0800)]
test: add AB/BA deadlock test

12 years agomodel: add deadlock detection
Brian Norris [Wed, 7 Nov 2012 03:18:34 +0000 (19:18 -0800)]
model: add deadlock detection

This is only a simple end-of-execution deadlock detection. If we have a
true deadlock, and no other threads are spinning, then our execution
will exit --- we can recognize this state.

For more complicated deadlocks involving other spinning threads, we need
to perform some sort of depth-first-search cycle detection.

12 years agomodel: get_num_threads() should be const
Brian Norris [Wed, 7 Nov 2012 03:13:05 +0000 (19:13 -0800)]
model: get_num_threads() should be const

12 years agomain: change default future value sloppiness
Brian Norris [Wed, 7 Nov 2012 03:10:53 +0000 (19:10 -0800)]
main: change default future value sloppiness

Future value sloppiness should be set somewhat in proportion to
maxfuturedelay, and we need a value higher than 2. Set to 10 for now,
although we may change this later.

12 years agonodestack: implement expiration sloppiness parameter
Brian Norris [Wed, 7 Nov 2012 00:10:33 +0000 (16:10 -0800)]
nodestack: implement expiration sloppiness parameter

Now, a previously-explored, repeated future value will only generate a
new future-value/expiration pair if the expiration is higher than the
previous expiration + sloppiness. This prevents executions where we
continue to step up the future value expiration by a small increment,
creating the same execution.

This also rewrites the add_future_value() logic just a bit so that it is
a little bit more clear.

12 years agomain/model: add future value expiration sloppiness parameter
Brian Norris [Wed, 7 Nov 2012 00:09:59 +0000 (16:09 -0800)]
main/model: add future value expiration sloppiness parameter

Functionality not implemented yet

12 years agomodel: refactor build_reads_from_past
Brian Norris [Tue, 6 Nov 2012 00:00:18 +0000 (16:00 -0800)]
model: refactor build_reads_from_past

A couple of if-else conditions can be merged to a single if block.

Also, I move the DBG prints for the may_read_from set into the correct
part of the if, to avoid printing false messages about the may_read_from
set.

12 years agonodestack: limit the number of future values per read
Brian Norris [Sun, 4 Nov 2012 02:39:33 +0000 (19:39 -0700)]
nodestack: limit the number of future values per read

Not tested very thoroughly, but it seems to limit the future values set
as intended.

12 years agomain: add maxfuturevalues parameter (-M)
Brian Norris [Sun, 4 Nov 2012 01:16:45 +0000 (18:16 -0700)]
main: add maxfuturevalues parameter (-M)

Not implemented yet

12 years agoMerge branch 'master' into pldi13
Brian Norris [Sun, 4 Nov 2012 01:16:19 +0000 (18:16 -0700)]
Merge branch 'master' into pldi13

12 years agomain: always ensure defaults when printing
Brian Norris [Sun, 4 Nov 2012 01:14:19 +0000 (18:14 -0700)]
main: always ensure defaults when printing

If one or more arguments have been parsed by the time we print a help
message, we may print the wrong defaults. Fix: always reset to defaults
before printing.

12 years agomodel: fix some whitespace
Brian Norris [Sun, 4 Nov 2012 01:09:59 +0000 (18:09 -0700)]
model: fix some whitespace

12 years agocommon: early quit on MODEL_ASSERT()
Brian Norris [Sun, 4 Nov 2012 00:50:26 +0000 (17:50 -0700)]
common: early quit on MODEL_ASSERT()

If a user program hits an assertion, we should quit before executing any
further. i.e., don't even wait for the next atomic action, since the
assertion might trigger more bugs that have unintended/unforseen
consequences.

12 years agomodel-assert: add MODEL_ASSERT() for user programs
Brian Norris [Sat, 3 Nov 2012 22:52:16 +0000 (15:52 -0700)]
model-assert: add MODEL_ASSERT() for user programs

12 years agosnapshot: find the correct binary name
Brian Norris [Sat, 3 Nov 2012 22:31:20 +0000 (15:31 -0700)]
snapshot: find the correct binary name

This is somewhat of a neutral change; the existing /proc/*/maps check
works because our path name usually has the word 'model' in it. But
really, we should find the true, full path of the user program.

This should be extended to find more maps (e.g., for other libraries),
and it should be extended for Mac OSX too.

12 years agoMerge remote-tracking branch 'origin/master' into pldi13
Brian Norris [Sat, 3 Nov 2012 22:31:02 +0000 (15:31 -0700)]
Merge remote-tracking branch 'origin/master' into pldi13

12 years agoannoying bug... Optimization was originally intended for the following insight:
Brian Demsky [Sat, 3 Nov 2012 22:24:54 +0000 (15:24 -0700)]
annoying bug...  Optimization was originally intended for the following insight:
if you have a unresolved read and a write w that is mod ordered after whatever that read sees, then any writes that are mo past w should not send their future values back to the unresolved read.  So we begin by looking for operations that happen after the unresolved read and if they are a write we have our w, and if they are a read then its reads_from is our w.
The case I missed was we don't want to consider the write that the read we want to send the value to is currently reading...  It won't cause a mo problem because it will be gone if we send a future value back to that read.

12 years agosnapshot: read from /proc/self/maps
Brian Norris [Sat, 3 Nov 2012 21:55:56 +0000 (14:55 -0700)]
snapshot: read from /proc/self/maps

We don't need to get the PID

12 years agoMerge remote-tracking branch 'origin/master' into pldi13
Brian Norris [Sat, 3 Nov 2012 19:09:47 +0000 (12:09 -0700)]
Merge remote-tracking branch 'origin/master' into pldi13

12 years agopromise: fix signed/unsigned warning
Brian Norris [Sat, 3 Nov 2012 19:09:20 +0000 (12:09 -0700)]
promise: fix signed/unsigned warning

12 years agoclean up check code
Brian Demsky [Sat, 3 Nov 2012 09:54:08 +0000 (02:54 -0700)]
clean up check code