model-checker.git
12 years agonodestack: refactor Node constructor
Brian Norris [Wed, 19 Dec 2012 06:18:03 +0000 (22:18 -0800)]
nodestack: refactor Node constructor

12 years agoaction: fixup style
Brian Norris [Wed, 19 Dec 2012 01:31:55 +0000 (17:31 -0800)]
action: fixup style

12 years agomodel: refactor check_current_action, next thread computation
Brian Norris [Tue, 18 Dec 2012 20:46:48 +0000 (12:46 -0800)]
model: refactor check_current_action, next thread computation

Pulling the 'get_next_thread()' computation out of
check_current_action() so that I can restructure the model-checker
execution a little.

12 years agothreads: assert completion is only called once
Brian Norris [Tue, 18 Dec 2012 22:08:19 +0000 (14:08 -0800)]
threads: assert completion is only called once

We don't need to support the case that Thread::complete() is called
multiple times. We should instead ensure (ASSERT()) that it is only
called when the Thread is not already completed (and cleaned up).

12 years agothreads: assert THREAD_COMPLETED is immutable
Brian Norris [Tue, 9 Oct 2012 17:42:50 +0000 (10:42 -0700)]
threads: assert THREAD_COMPLETED is immutable

12 years agoclean up some DEBUG() messages
Brian Norris [Sat, 15 Dec 2012 01:28:40 +0000 (17:28 -0800)]
clean up some DEBUG() messages

We were printing may_read_from info twice.

Printing the current action when we get to check_current_action() is
helpful.

Printing scheduling based on priority is also useful, as we recently had
a "bug" involving fairness/priority.

Include the file name in DEBUG() prints, since we may have the same
function names in different files/classes.

12 years agonodestack: style
Brian Norris [Sat, 15 Dec 2012 00:34:20 +0000 (16:34 -0800)]
nodestack: style

12 years agonodestack: add const
Brian Norris [Sat, 15 Dec 2012 00:31:49 +0000 (16:31 -0800)]
nodestack: add const

12 years agonodestack: do not allow Node with act == NULL
Brian Norris [Sat, 15 Dec 2012 00:29:31 +0000 (16:29 -0800)]
nodestack: do not allow Node with act == NULL

Since I removed the root 'NULL' Node, all Nodes will have a
corresponding action. Now, just ASSERT this in the constructor.

12 years agonodestack: don't create empty base node
Brian Norris [Thu, 13 Dec 2012 03:57:44 +0000 (19:57 -0800)]
nodestack: don't create empty base node

We don't actually need an empty base node, since the first thread will
never be backtracked. But it does mean that we no longer assume that
every newly-constructed Node has a parent.

Note that this changes the number of executions performed for some
programs. Even though the model-checker should be deterministic, this is
not a bug, AFAICT. The discrepancy seems to come from a change in
scheduling, where the scheduler order may differ after reaching a
divergence point. This is caused by the fairness support which is hacked
into Node creation, so threads may gain priority sooner in the presence
of a useless Node. In fact, before this change, (almost?) every
execution caused a thread (typically thread 1) to gain priority due to
fairness. Now, we reach this condition much more occasionally.

I made measurements of the scheduling decisions based on priority for
the execution of:

 # ./run.sh test/linuxrwlocks.o -f 10 -m 2

Previously, threads gained priority 10042 times in 7906 executions (9947
of those were for thread 1, when it would shortly become disabled).

Now, threads gain priority 68 times in 8396 executions (thread 1 never
gains priority).

12 years agomodel: check for NULL parent Node
Brian Norris [Thu, 13 Dec 2012 02:29:30 +0000 (18:29 -0800)]
model: check for NULL parent Node

I'm editing the NodeStack to eliminate the empty Node. So we should
check to ensure that the Node has a parent before using it.

12 years agomodel: use helper 'get_thread()'
Brian Norris [Thu, 13 Dec 2012 23:31:14 +0000 (15:31 -0800)]
model: use helper 'get_thread()'

12 years agonodestack: print extra backtracking info
Brian Norris [Thu, 13 Dec 2012 23:18:12 +0000 (15:18 -0800)]
nodestack: print extra backtracking info

If we ever use the Node::print() method, print some extra info about
backtracking.

12 years agomodel: style fixups
Brian Norris [Thu, 13 Dec 2012 23:00:29 +0000 (15:00 -0800)]
model: style fixups

12 years agomodel: add 'set_latest_backtrack()'
Brian Norris [Thu, 13 Dec 2012 22:47:59 +0000 (14:47 -0800)]
model: add 'set_latest_backtrack()'

12 years agomodel: print bug reports only for feasible executions
Brian Norris [Thu, 13 Dec 2012 08:36:04 +0000 (00:36 -0800)]
model: print bug reports only for feasible executions

We can assert a bug (e.g., uninitialized load) without having a feasible
exeuction. If this execution is later ruled infeasible, we don't need to
print the trace info.

12 years agotest: uninit: remove @todo (bug fixed)
Brian Norris [Thu, 13 Dec 2012 08:35:25 +0000 (00:35 -0800)]
test: uninit: remove @todo (bug fixed)

The previous bugfix allows this example to run properly, so remove the
@todo.

12 years agomodel: bugfix - mo_may_allow was too restrictive
Brian Norris [Thu, 13 Dec 2012 08:13:08 +0000 (00:13 -0800)]
model: bugfix - mo_may_allow was too restrictive

This bugfix has the same rationale as with the following commit:

commit c2d7fa973e562c194eb732d8dc58ab7659b7a2ee

We do not want the potential reader to disqualify itself from reading a
future value; previously, this was fixed only for reads (not RMW's). But
we can experience the same problem with RMW's, which are both read and
write.

So, instead of using 'act != reader' as a special case for the is_read()
case, just use it as a breaking condition in addition to

   !(reader --hb-> act)

This is really intended anyway, since our happens-before is reflexive,
whereas it is irreflexive in the specification.

12 years agomodel: make dumpGraph 'const'
Brian Norris [Thu, 13 Dec 2012 08:12:28 +0000 (00:12 -0800)]
model: make dumpGraph 'const'

SUPPORT_MOD_ORDER_DUMP can't compile if dumpGraph() isn't const.

12 years agonodestack: fixup style
Brian Norris [Thu, 13 Dec 2012 07:19:15 +0000 (23:19 -0800)]
nodestack: fixup style

12 years agomodel: remove snapshotted 'nextThread'
Brian Norris [Thu, 13 Dec 2012 03:40:56 +0000 (19:40 -0800)]
model: remove snapshotted 'nextThread'

The 'nextThread' field is no longer needed, since I've simplified
take_step().

12 years agomodel: pass current action as function argument
Brian Norris [Thu, 13 Dec 2012 03:31:10 +0000 (19:31 -0800)]
model: pass current action as function argument

Diminish the use of 'priv->current_action', and instead pass it to
take_step() as an argument. At the same time, it is more obvious that we
do not need to reset priv->current_action to NULL.

12 years agomodel: simplify take_step()
Brian Norris [Thu, 13 Dec 2012 03:25:02 +0000 (19:25 -0800)]
model: simplify take_step()

Now that priv->current_action is always non-NULL (when reaching
take_step()), we can simplify the logic a bit. Also, rename some
variables.

12 years agomodel: force first thread to run immediately
Brian Norris [Thu, 13 Dec 2012 03:16:43 +0000 (19:16 -0800)]
model: force first thread to run immediately

Forcing the first thread to run immediately yields us our first
ModelAction, so we won't have to special-case the case that
current_action == NULL.

12 years agomodel: change guaranteed condition into ASSERT()
Brian Norris [Thu, 13 Dec 2012 02:27:27 +0000 (18:27 -0800)]
model: change guaranteed condition into ASSERT()

This guaranteed condition should only be included as an ASSERT(). This
gives a bonus, that the code becomes a little easier to read.

12 years agonodestack: rename 'iter' to 'head_idx'
Brian Norris [Thu, 13 Dec 2012 02:03:23 +0000 (18:03 -0800)]
nodestack: rename 'iter' to 'head_idx'

12 years agonodestack: make 'iter' signed
Brian Norris [Thu, 13 Dec 2012 01:57:28 +0000 (17:57 -0800)]
nodestack: make 'iter' signed

iter will need to be negative when we allow the NodeStack to be empty.

12 years agoschedule: spacing
Brian Norris [Thu, 13 Dec 2012 01:15:46 +0000 (17:15 -0800)]
schedule: spacing

12 years agonodestack: spacing
Brian Norris [Thu, 13 Dec 2012 00:21:56 +0000 (16:21 -0800)]
nodestack: spacing

12 years agomodel: spacing
Brian Norris [Thu, 13 Dec 2012 00:07:01 +0000 (16:07 -0800)]
model: spacing

12 years agomodel: rename 'promise_index' to 'i'
Brian Norris [Wed, 12 Dec 2012 23:49:29 +0000 (15:49 -0800)]
model: rename 'promise_index' to 'i'

The fuction looks cleaner if the loop variable is just a simple 'i'
index.

12 years agotest/uninit: add an "uninit" test
Brian Norris [Wed, 12 Dec 2012 02:38:16 +0000 (18:38 -0800)]
test/uninit: add an "uninit" test

This is a weird example, where we don't explicitly initialize y, but
synchronization should guarantee that it is initialized.

Right now, this example has a problem where we never see flag == 2.

12 years agomodel: return value from switch_to_master
Brian Norris [Wed, 12 Dec 2012 02:08:31 +0000 (18:08 -0800)]
model: return value from switch_to_master

12 years agoaction: refactor ATOMIC_READ printing
Brian Norris [Wed, 12 Dec 2012 02:05:51 +0000 (18:05 -0800)]
action: refactor ATOMIC_READ printing

For ATOMIC_READ, we don't need a special case to print VALUE_NONE,
because any action where the value isn't explicitly set (e.g., all
ATOMIC_READ actions) default to VALUE_NONE. And if this 'default'
changes in the future, we would want to print it.

(Right now it's confusing, for instance, when we have a failed promise
execution, since the model-checker trace gives no indication of what the
promised value actually *was*. This should be fixed sometime.)

12 years agonodestack: add 'const'
Brian Norris [Wed, 12 Dec 2012 01:44:04 +0000 (17:44 -0800)]
nodestack: add 'const'

12 years agoimpatomic: add C++ atomic_init()
Brian Norris [Wed, 12 Dec 2012 00:16:53 +0000 (16:16 -0800)]
impatomic: add C++ atomic_init()

According to N337, C++ has a C-like atomic_init() function, which was
left out of our impatomic header.

12 years agocyclegraph: uniform spacing, style
Brian Norris [Tue, 11 Dec 2012 23:22:56 +0000 (15:22 -0800)]
cyclegraph: uniform spacing, style

12 years agocyclegraph: bugfix - more SnapshotAlloc
Brian Norris [Tue, 11 Dec 2012 23:10:40 +0000 (15:10 -0800)]
cyclegraph: bugfix - more SnapshotAlloc

12 years agocommon: bugfix - always display backtrace output
Brian Norris [Tue, 11 Dec 2012 20:59:39 +0000 (12:59 -0800)]
common: bugfix - always display backtrace output

The stacktrace can be hidden if it doesn't go to 'model_out', instead of
'stdout'.

12 years agocyclegraph: bugfix - use model-checker's allocater for CycleNode::edges
Brian Norris [Tue, 11 Dec 2012 20:56:59 +0000 (12:56 -0800)]
cyclegraph: bugfix - use model-checker's allocater for CycleNode::edges

This vector should use our SnapshotAlloc allocator, to avoid polluting
the user's memory allocator.

This solves an annoying bug that causes us to hit an ASSERT() when a
user's threads aren't allocated in the same location every execution.

12 years agocyclegraph: don't export CycleNode::edges directly, use accessors
Brian Norris [Tue, 11 Dec 2012 20:55:28 +0000 (12:55 -0800)]
cyclegraph: don't export CycleNode::edges directly, use accessors

The CycleNode::edges vector shouldn't be accessed directly; it should be
used through accessors, to hide implementation details. (Really, there's
a bug in the CycleNode that I need to fix, so I'm fixing this first.)

12 years agoinclude the correct standard headers
Brian Norris [Tue, 11 Dec 2012 19:11:45 +0000 (11:11 -0800)]
include the correct standard headers

Our own headers are including several of the wrong headers in the wrong
places. Move a few to place them more closely to their actual usage
location, and remove some others that are unused (e.g., <iostream>,
<cassert>, <csignal>).

12 years agospacing
Brian Norris [Sat, 8 Dec 2012 02:40:59 +0000 (18:40 -0800)]
spacing

12 years agomodel: don't create UNINIT actions for Threads, mutexes, etc.
Brian Norris [Fri, 7 Dec 2012 06:57:02 +0000 (22:57 -0800)]
model: don't create UNINIT actions for Threads, mutexes, etc.

ModelActions may be associated with fences, mutexes, threads, etc., all
of which never hit the "uninitialized" case. So, we shouldn't create
these UNINIT actions.

12 years agoaction: add is_atomic_var()
Brian Norris [Fri, 7 Dec 2012 06:55:38 +0000 (22:55 -0800)]
action: add is_atomic_var()

To check if a ModelAction is for a C/C++ atomic variable (vs. a Thread
action, a fake ModelChecker action, a mutex, a condition variable, etc.)

12 years agomodel/action: bugfix - UNINIT actions do not have a Node
Brian Norris [Fri, 7 Dec 2012 06:53:07 +0000 (22:53 -0800)]
model/action: bugfix - UNINIT actions do not have a Node

Fix the one place where ModelChecker looks for a Node in an UNINIT
action.

This also adds an ASSERT() within ModelAction to prevent calling
get_node() on an UNINIT action. It is technically OK to call get_node()
in this case, but most callers don't check for NULL, so it's better to
just catch the ASSERT() for this unwanted special case.

12 years agomodel: remove old "uninitialized" bug check
Brian Norris [Fri, 7 Dec 2012 06:45:23 +0000 (22:45 -0800)]
model: remove old "uninitialized" bug check

The previously-existing bug check is not fully correct and has been
replaced with explicit UNINIT actions that, when read from, trigger a
bug assertion.

12 years agomodel: generate UNINIT actions as new atomic operations form
Brian Norris [Fri, 7 Dec 2012 06:42:10 +0000 (22:42 -0800)]
model: generate UNINIT actions as new atomic operations form

The first time an atomic variable is accessed, we need to add an
appropriate UNINIT action to the ModelChecker data structures. We assign
these ModelActions to the special model-checker thread (Thread 0). Note
that these actions will *not* appear in the NodeStack and will not be
explored in check_current_action, etc.

12 years agoaction: move ModelAction::get_node to action.cc
Brian Norris [Fri, 7 Dec 2012 06:40:05 +0000 (22:40 -0800)]
action: move ModelAction::get_node to action.cc

This function needs to expand a bit, so move it to the implementation
file.

12 years agomodel: add helper for allocating new UNINIT actions
Brian Norris [Fri, 7 Dec 2012 06:03:53 +0000 (22:03 -0800)]
model: add helper for allocating new UNINIT actions

These UNINIT actions will be special; they won't enter the NodeStack,
and so they need to be snapshot-allocated. That way, they will roll-back
with the execution, instead of requiring manual deletion.

12 years agomymemory: add placement new
Brian Norris [Fri, 7 Dec 2012 05:50:33 +0000 (21:50 -0800)]
mymemory: add placement new

I will need to use the placement new operator, if I want to allocate an
object with an allocator other than the one I established (SNAPSHOTALLOC
vs. MODELALLOC).

12 years agomodel: clear a ModelAction's reads-from properly
Brian Norris [Fri, 7 Dec 2012 06:02:03 +0000 (22:02 -0800)]
model: clear a ModelAction's reads-from properly

12 years agoaction: add ATOMIC_UNINIT type
Brian Norris [Fri, 7 Dec 2012 05:12:29 +0000 (21:12 -0800)]
action: add ATOMIC_UNINIT type

Adding a new type of "uninitialized atomic" action, to serve as a store
which, if any load is able to "see" this store, constitutes an
uninitialized load - a bug in the user program. It has to act like a
store operation, but it triggers a bug (ModelChecker::assert_bug) if any
load tries to read from it.

12 years agoMakefile: build dependencies in .*.o.d files
Brian Norris [Thu, 6 Dec 2012 22:10:28 +0000 (14:10 -0800)]
Makefile: build dependencies in .*.o.d files

My previous attempts at fixing dependency generation actually cause
full recompilation every time a file is changed. Apparently, it'll work
best if each target object has its own dependency file. i.e., target
'model.o' has a corresponding '.model.o.d' which holds its dependency
information.

12 years agoMakefile: rename variable to be more clear
Brian Norris [Thu, 6 Dec 2012 22:19:45 +0000 (14:19 -0800)]
Makefile: rename variable to be more clear

12 years agomodel: refactoring + spacing
Brian Norris [Thu, 6 Dec 2012 23:30:44 +0000 (15:30 -0800)]
model: refactoring + spacing

12 years agoschedule: add is_sleep_set(thread)
Brian Norris [Thu, 6 Dec 2012 23:30:24 +0000 (15:30 -0800)]
schedule: add is_sleep_set(thread)

12 years agoschedule: add const
Brian Norris [Thu, 6 Dec 2012 23:29:26 +0000 (15:29 -0800)]
schedule: add const

12 years agothreads: add const
Brian Norris [Thu, 6 Dec 2012 23:26:30 +0000 (15:26 -0800)]
threads: add const

12 years agonotes: fence: replace variables to match 29.8
Brian Norris [Thu, 6 Dec 2012 20:13:25 +0000 (12:13 -0800)]
notes: fence: replace variables to match 29.8

I had some remaining edits to do for my notes 29.8, to match back with
the specification's variables (X, Y, A, B).

12 years agonotes: fence: rename variables to match spec better
Brian Norris [Thu, 6 Dec 2012 19:51:15 +0000 (11:51 -0800)]
notes: fence: rename variables to match spec better

Originally, I purposely renamed these since I needed to introduce more
variables than were in the spec. But it turns out I can make this match
the spec pretty well.

Now: A, B, X, and Y fulfill the same roles as in the original C++
specification statements. I only introduce my new variable as W, when
needed. This also makes sense because W is a Write.

Also, I delete an extraneous paragraph that duplicated a piece of the
spec.

12 years agonotes: fence: add release/acquire fence notes
Brian Norris [Thu, 6 Dec 2012 00:41:17 +0000 (16:41 -0800)]
notes: fence: add release/acquire fence notes

I remove the copied-and-pasted algorithm pseudocode, since I didn't feel
like it was necessary to tweak the pseudocode to include fences. I might
change my mind later.

12 years agonotes: fence: more updates
Brian Norris [Wed, 5 Dec 2012 23:35:02 +0000 (15:35 -0800)]
notes: fence: more updates

12 years agodoc: notes: fence: update fence notes
Brian Norris [Wed, 5 Dec 2012 23:29:32 +0000 (15:29 -0800)]
doc: notes: fence: update fence notes

The backtracking and seq-cst/MO constraints are complete, but the
release/acquire, etc.

12 years agomodel: stop thread-trace search once edge is added
Brian Norris [Wed, 5 Dec 2012 20:20:31 +0000 (12:20 -0800)]
model: stop thread-trace search once edge is added

Once an edge has been added from 'act' to the current thread (or the
'rf' thread), we don't need to continue to search for more edges.

12 years agodoc: notes: add fences note
Brian Norris [Wed, 5 Dec 2012 02:23:52 +0000 (18:23 -0800)]
doc: notes: add fences note

This note is incomplete.

12 years agomodel: fix bugs in fence-acquire synchronization
Brian Norris [Wed, 5 Dec 2012 00:40:32 +0000 (16:40 -0800)]
model: fix bugs in fence-acquire synchronization

(1) In the fence-acquire search, we can't stop searching for prior loads
    when we reach the current action; we must continue to search until
    we find a *different* fence-acquire (or the beginning of the thread)

(2) The load action does not synchronize in fence-acquire
    synchronization: the fence should synchronize. This was just a typo
    (act vs. curr).

12 years agoimpatomic: move atomic_{thread,signal}_fence() to namespace std
Brian Norris [Wed, 5 Dec 2012 00:04:40 +0000 (16:04 -0800)]
impatomic: move atomic_{thread,signal}_fence() to namespace std

12 years agorun.sh: print the command that runs
Brian Norris [Tue, 4 Dec 2012 23:36:40 +0000 (15:36 -0800)]
run.sh: print the command that runs

This will help understanding typos, script bugs, etc.

12 years agomodel: add process_fence()
Brian Norris [Tue, 4 Dec 2012 02:30:18 +0000 (18:30 -0800)]
model: add process_fence()

process_fence() will only handle fence-acquire. Fence-relaxed is a
no-op; fence-release is only logged for later use; and fence-seq-cst
takes release/acquire semantics, plus some mo-graph rules which apply to
reads/reads (see {r,w}_modification_order).

12 years agomodel: distinguish between 'read' and 'acquire' in release sequences
Brian Norris [Tue, 4 Dec 2012 23:14:29 +0000 (15:14 -0800)]
model: distinguish between 'read' and 'acquire' in release sequences

When using fences, we may have a fence-acquire preceded by a non-acquire
load, where the load takes part in a "hypothetical release sequence" (as
named by Mathematizing C++). So, I add a parameter to
get_release_seq_heads() and to struct release_seq so that we record the
'acquire' operation separately from the 'read'.

For our traditional release sequences, 'acquire' and 'read' will be the
same ModelAction. But fence-acquire support will utilize distinct
actions.

12 years agomodel: add read-acquire/fence-release support
Brian Norris [Tue, 4 Dec 2012 22:08:13 +0000 (14:08 -0800)]
model: add read-acquire/fence-release support

C++ Section 29.8, statement 3: gives conditions under which a
read-acquire and fence-release might synchronize. It's easy enough to
integrate into our existing release sequence code.

12 years agoaction: add is_thread_start()
Brian Norris [Tue, 4 Dec 2012 02:29:42 +0000 (18:29 -0800)]
action: add is_thread_start()

12 years agomodel: privatize a few interfaces
Brian Norris [Tue, 4 Dec 2012 02:23:22 +0000 (18:23 -0800)]
model: privatize a few interfaces

These functions were only public for ModelAction::read_from, which has
now been internalized into ModelChecker.

12 years agomodel/action: move complicated read_from logic into model.cc
Brian Norris [Tue, 4 Dec 2012 02:14:55 +0000 (18:14 -0800)]
model/action: move complicated read_from logic into model.cc

The release sequence wrapper logic will only get more complicated, so
rather than spreading across two files and exporting more interfaces,
just integrate into ModelChecker.

12 years agomodel: record last fence-release from each thread
Brian Norris [Tue, 4 Dec 2012 00:51:43 +0000 (16:51 -0800)]
model: record last fence-release from each thread

12 years agoaction: record last fence release from the current thread
Brian Norris [Tue, 4 Dec 2012 00:43:19 +0000 (16:43 -0800)]
action: record last fence release from the current thread

12 years agomodel: remove extraneous copy-and-paste
Brian Norris [Tue, 4 Dec 2012 00:58:58 +0000 (16:58 -0800)]
model: remove extraneous copy-and-paste

12 years agomodel: add seq-cst fence rules
Brian Norris [Tue, 4 Dec 2012 00:17:08 +0000 (16:17 -0800)]
model: add seq-cst fence rules

Add mo_graph constraints, from statements 4-6 in C++ Section 29.3. There
are probably more constraints we can choose for building may-read-from /
future values.

12 years agoaction/model: backtrack for seq-cst and release/acquire fences
Brian Norris [Tue, 4 Dec 2012 00:00:33 +0000 (16:00 -0800)]
action/model: backtrack for seq-cst and release/acquire fences

Extends backtracking support to explore all interleavings of conflicting
seq-cst fences and potentially-synchronizing write/read/fence pairs.

12 years agoaction: allow fence ModelActions to have location == NULL
Brian Norris [Mon, 3 Dec 2012 21:27:58 +0000 (13:27 -0800)]
action: allow fence ModelActions to have location == NULL

12 years agomodel: refactor build_reads_from_past
Brian Norris [Mon, 3 Dec 2012 21:05:55 +0000 (13:05 -0800)]
model: refactor build_reads_from_past

Just rearrange the logic a little, to prepare for some other additions.

12 years agomodel: add get_last_seq_cst_fence
Brian Norris [Sat, 1 Dec 2012 02:46:28 +0000 (18:46 -0800)]
model: add get_last_seq_cst_fence

12 years agomodel: rename last_seq_cst -> last_sc_write
Brian Norris [Mon, 3 Dec 2012 19:36:50 +0000 (11:36 -0800)]
model: rename last_seq_cst -> last_sc_write

12 years agomodel: rename get_last_seq_cst -> get_last_seq_cst_write
Brian Norris [Sat, 1 Dec 2012 01:54:58 +0000 (17:54 -0800)]
model: rename get_last_seq_cst -> get_last_seq_cst_write

12 years agoimpatomic: add atomic_{thread,signal}_fence() definitions
Brian Norris [Fri, 30 Nov 2012 23:05:44 +0000 (15:05 -0800)]
impatomic: add atomic_{thread,signal}_fence() definitions

The impatomic.h header is outdated. Additional information from the ISO
papers N2633, N2731, and N2752 have limited the "fence()" support to
just these two functions.

12 years agoimpatomic: remove fence member functions
Brian Norris [Fri, 30 Nov 2012 22:57:39 +0000 (14:57 -0800)]
impatomic: remove fence member functions

Recent C/C++ drafts do not include fence() as a member function for any
object. All fences apply globally (not to any particular object).

[ These changes came in the ISO papers N2633, N2731, N2752 ]

So, I discard any reference to a fence that is associated with an object
(i.e., as a member of an object or with an object parameter).

I will implement a replacement shortly, which just uses the
_ATOMIC_FENCE_(order) macro.

12 years agoMakefile: fix dependency generation
Brian Norris [Wed, 21 Nov 2012 02:27:20 +0000 (18:27 -0800)]
Makefile: fix dependency generation

- Don't regenerate make.deps for 'make clean' target
- Place the dependency on make.deps at the correct level; all "%.o"
  generations depend on it, not the top-level 'all' target

12 years agomodel: remove <list> include
Brian Norris [Tue, 20 Nov 2012 04:53:46 +0000 (20:53 -0800)]
model: remove <list> include

12 years agomodel: add const
Brian Norris [Tue, 20 Nov 2012 04:51:04 +0000 (20:51 -0800)]
model: add const

12 years agoschedule: rename get_enabled() -> get_enabled_array()
Brian Norris [Tue, 20 Nov 2012 04:40:30 +0000 (20:40 -0800)]
schedule: rename get_enabled() -> get_enabled_array()

This function actually returns the array, not a single "enabled" status.
(There's a separate get_enabled() method for getting a single status.)

12 years agomodel: rename isfinalfeasible -> is_feasible_prefix_ignore_relseq
Brian Norris [Tue, 20 Nov 2012 04:33:53 +0000 (20:33 -0800)]
model: rename isfinalfeasible -> is_feasible_prefix_ignore_relseq

This more accurately reflects its use case and the fact that it is a
slightly-weaker version of isfeasibleprefix(). Also, I integrate it into
isfeasibleprefix(), to avoid re-writing the same conditions.

12 years agomodel: replace isfinalfeasible() with stronger check
Brian Norris [Tue, 20 Nov 2012 04:29:34 +0000 (20:29 -0800)]
model: replace isfinalfeasible() with stronger check

The stronger isfeasibleprefix() check is not strictly necessary in these
cases, since we can ensure that promises are resolved before executing
these, but it make sense to have a well-defined "strength" to these
feasibility properties, then use the strongest strength that is useful.

12 years agomodel: privatize, move isfinalfeasible()
Brian Norris [Tue, 20 Nov 2012 04:17:23 +0000 (20:17 -0800)]
model: privatize, move isfinalfeasible()

This function should go with all the other "feasible" functions.

12 years agomodel: rename some 'isfeasible...' functions to 'is_infeasible...'
Brian Norris [Tue, 20 Nov 2012 04:11:21 +0000 (20:11 -0800)]
model: rename some 'isfeasible...' functions to 'is_infeasible...'

These functions can be more accurately described as checking
*infeasibility*, not necessarily feasibility. This helps clarify their
purpose, at least for my understanding.

12 years agomodel: privatize some functions
Brian Norris [Tue, 20 Nov 2012 04:03:35 +0000 (20:03 -0800)]
model: privatize some functions

Just kill finish_execution() while we're at it.

12 years agomain: remove #include's
Brian Norris [Tue, 20 Nov 2012 03:47:11 +0000 (19:47 -0800)]
main: remove #include's

12 years agomain: remove "pass-by-reference" editing in parse_options()
Brian Norris [Tue, 20 Nov 2012 03:40:12 +0000 (19:40 -0800)]
main: remove "pass-by-reference" editing in parse_options()

parse_options() can simply pass the argc/argv variables through the
model_checker_params struct now.

Also, document a few things.

12 years agothreads: remove todo (long overdue)
Brian Norris [Tue, 20 Nov 2012 03:33:32 +0000 (19:33 -0800)]
threads: remove todo (long overdue)

12 years agomain/model: move full user-program execution to ModelChecker::run
Brian Norris [Tue, 20 Nov 2012 03:32:22 +0000 (19:32 -0800)]
main/model: move full user-program execution to ModelChecker::run

We don't really need the top-level ModelChecker execution loop to be in
main.cc; it should be exposed simply as a run() method.