model-checker.git
11 years agoschedule: improve scheduler printing
Brian Norris [Sat, 19 Jan 2013 00:38:55 +0000 (16:38 -0800)]
schedule: improve scheduler printing

Print more detailed, informative info about the Scheduler, still on a
single line.

11 years agoschedule: allow Schedule::print() even in non-DEBUG build
Brian Norris [Sat, 19 Jan 2013 00:30:26 +0000 (16:30 -0800)]
schedule: allow Schedule::print() even in non-DEBUG build

For instance, printing from w/in gdb

11 years agomodel: bugfix - sleep sets are NOT directly compatible with DPOR
Brian Norris [Thu, 17 Jan 2013 01:42:57 +0000 (17:42 -0800)]
model: bugfix - sleep sets are NOT directly compatible with DPOR

We failed to incorporate changes from the POPL'05 DPOR paper's addendum,
preventing us from seeing all behaviors in some test programs. This
fixes that.

11 years agolitmus: iriw: allow command-line switch 's' for seq_cst
Brian Norris [Wed, 16 Jan 2013 08:24:48 +0000 (00:24 -0800)]
litmus: iriw: allow command-line switch 's' for seq_cst

The IRIW litmus test fails if we make it seq_cst; we don't see all 15
potential behaviors. Run with:

  # release/acquire litmus test
  ./run.sh test/litmus/iriw.o -v

  # seq_cst litmus test
  ./run.sh test/litmus/iriw.o -v -- s

11 years agolitmus: iriw: use release/acquire, not release/relaxed
Brian Norris [Wed, 16 Jan 2013 07:57:45 +0000 (23:57 -0800)]
litmus: iriw: use release/acquire, not release/relaxed

11 years agotests: litmus: link up Makefile properly
Brian Norris [Wed, 16 Jan 2013 07:43:44 +0000 (23:43 -0800)]
tests: litmus: link up Makefile properly

Now this builds the litmus tests properly.

11 years agotest: litmus: add litmus tests from Nitpicking C++
Brian Norris [Tue, 15 Jan 2013 20:44:47 +0000 (12:44 -0800)]
test: litmus: add litmus tests from Nitpicking C++

This adds most of the litmus tests from Nitpicking C++ Concurrency. Note
that it leaves out the 'consume' tests (replacing it with the
also-mentioned release/acquire test). It doesn't test the seq_cst
results, although I could provide command-line switches to do so...

11 years agotest: Makefile: add $(BASE) variable
Brian Norris [Tue, 15 Jan 2013 20:30:33 +0000 (12:30 -0800)]
test: Makefile: add $(BASE) variable

Makes this Makefile a little more flexible

11 years agomodel: reformat execution trace prints
Brian Norris [Thu, 10 Jan 2013 18:54:02 +0000 (10:54 -0800)]
model: reformat execution trace prints

Bring the "INFEASIBLE" message together with the "Execution #" message,
to make the log more compact and readable (e.g., grep for "Execution"
will give you some regularly-patterned, useful information).

11 years agomodel: spelling mistake
Brian Norris [Thu, 10 Jan 2013 01:50:57 +0000 (17:50 -0800)]
model: spelling mistake

11 years agomodel: fixup "infeasible" messages
Brian Norris [Wed, 9 Jan 2013 23:54:04 +0000 (15:54 -0800)]
model: fixup "infeasible" messages

These messages should be much more compact and targeted. Currently, we
either get no infeasibility messages (when verbose=0) or we get messages
every time is_infeasible() is executed. Neither is helpful for debugging,
since the infeasibility may be temporary, as we choose a new path for
execution on the fly. So instead, just print the infeasibility message
at the end of infeasible executions.

Also, rather than spread the messages across multiple lines, just put
them together into a single string.

11 years agocyclegraph: add documentation
Brian Norris [Wed, 9 Jan 2013 22:07:07 +0000 (14:07 -0800)]
cyclegraph: add documentation

11 years agocyclegraph: remove redundant code
Brian Norris [Wed, 9 Jan 2013 21:47:57 +0000 (13:47 -0800)]
cyclegraph: remove redundant code

The edgeCreatesCycle() function can simply be reduced to
checkReachable(), since checkReachable() will detect "to == from".

11 years agocyclegraph: add edgeCreatesCycle() function
Brian Norris [Wed, 9 Jan 2013 00:40:29 +0000 (16:40 -0800)]
cyclegraph: add edgeCreatesCycle() function

This is repeated code, so make it a function.

11 years agocyclegraph: add const
Brian Norris [Wed, 9 Jan 2013 00:29:17 +0000 (16:29 -0800)]
cyclegraph: add const

11 years agomodel: add 'add_future_value()' wrapper
Brian Norris [Tue, 8 Jan 2013 02:22:57 +0000 (18:22 -0800)]
model: add 'add_future_value()' wrapper

Encapsulate a little logic in a function here, so we can reuse this in
other places.

11 years agomodel: add PendingFutureValue constructor
Brian Norris [Tue, 8 Jan 2013 01:38:25 +0000 (17:38 -0800)]
model: add PendingFutureValue constructor

11 years agonew test case
Brian Demsky [Tue, 8 Jan 2013 00:55:00 +0000 (16:55 -0800)]
new test case

11 years agocyclegraph: add back edges to CycleNode
Brian Norris [Fri, 4 Jan 2013 19:05:10 +0000 (11:05 -0800)]
cyclegraph: add back edges to CycleNode

11 years agohashtable: style
Brian Norris [Fri, 4 Jan 2013 18:09:29 +0000 (10:09 -0800)]
hashtable: style

11 years agocyclegraph: add putNode() helper
Brian Norris [Fri, 4 Jan 2013 17:53:04 +0000 (09:53 -0800)]
cyclegraph: add putNode() helper

11 years agohashtable: style
Brian Norris [Fri, 4 Jan 2013 01:01:09 +0000 (17:01 -0800)]
hashtable: style

11 years agopromise: style fixup
Brian Norris [Fri, 4 Jan 2013 00:24:54 +0000 (16:24 -0800)]
promise: style fixup

11 years agocyclegraph: fix insignificant memory leak
Brian Norris [Fri, 4 Jan 2013 00:18:10 +0000 (16:18 -0800)]
cyclegraph: fix insignificant memory leak

11 years agocyclegraph: small cleanup
Brian Norris [Thu, 3 Jan 2013 22:00:37 +0000 (14:00 -0800)]
cyclegraph: small cleanup

11 years agohashtable: add const
Brian Norris [Thu, 3 Jan 2013 22:30:18 +0000 (14:30 -0800)]
hashtable: add const

11 years agohashtable: fixup style
Brian Norris [Thu, 3 Jan 2013 22:29:16 +0000 (14:29 -0800)]
hashtable: fixup style

11 years agosnapshot: more renaming
Brian Norris [Thu, 3 Jan 2013 20:24:34 +0000 (12:24 -0800)]
snapshot: more renaming

11 years agosnapshot-interface: bugfix - reorder constructor params
Brian Norris [Thu, 3 Jan 2013 20:17:37 +0000 (12:17 -0800)]
snapshot-interface: bugfix - reorder constructor params

The snapshot_id should come first.

11 years agosnapshot-interface: rename, clean up
Brian Norris [Thu, 3 Jan 2013 20:14:32 +0000 (12:14 -0800)]
snapshot-interface: rename, clean up

11 years agosnapshot-interface: change hand-coded stack to vector
Brian Norris [Thu, 3 Jan 2013 19:59:13 +0000 (11:59 -0800)]
snapshot-interface: change hand-coded stack to vector

The logic, etc., is much simpler when using C++ vectors and constructors
here.

11 years agosnapshot: turn C++ interface into C interface
Brian Norris [Thu, 3 Jan 2013 19:37:51 +0000 (11:37 -0800)]
snapshot: turn C++ interface into C interface

We don't need all this 'class' structure exposed as an interface; we
only use 3 simple functions (one of which probably can be removed).

11 years agofixup style
Brian Norris [Thu, 3 Jan 2013 18:31:00 +0000 (10:31 -0800)]
fixup style

11 years agosnapshot: more renaming
Brian Norris [Thu, 3 Jan 2013 03:18:43 +0000 (19:18 -0800)]
snapshot: more renaming

addMemoryRegionToSnapShot -> snapshot_add_memory_region
rollBack                  -> snapshot_roll_back
takeSnapshot              -> take_snapshot

11 years agosnapshot: add (unused) mprot_snapshotter destructor
Brian Norris [Thu, 3 Jan 2013 03:10:28 +0000 (19:10 -0800)]
snapshot: add (unused) mprot_snapshotter destructor

11 years agosnapshot: rename HandlePF -> mprot_handle_pf
Brian Norris [Thu, 3 Jan 2013 03:07:29 +0000 (19:07 -0800)]
snapshot: rename HandlePF -> mprot_handle_pf

11 years agosnapshot: add constructor for mprot_snapshotter
Brian Norris [Thu, 3 Jan 2013 03:06:10 +0000 (19:06 -0800)]
snapshot: add constructor for mprot_snapshotter

11 years agosnapshot: separate struct SnapShot naming
Brian Norris [Thu, 3 Jan 2013 02:45:25 +0000 (18:45 -0800)]
snapshot: separate struct SnapShot naming

The "struct SnapShot snapshotrecord;" structure is very uninformative in
naming and is distinctly different for mprotect-based and fork-based
snapshotting. This renames the struct in order to more clearly separate
its usage in the different implementations.

11 years agosnapshot: edit capitalization in comment
Brian Norris [Thu, 3 Jan 2013 02:33:58 +0000 (18:33 -0800)]
snapshot: edit capitalization in comment

11 years agosnapshot: combine public interfaces
Brian Norris [Thu, 3 Jan 2013 02:31:38 +0000 (18:31 -0800)]
snapshot: combine public interfaces

Implement the public "API" interfaces once, with separate calls made out
to "fork_*" and "mprotect_*" versions. This should make things a little
clearer, and potentially remove the #if's eventually.

11 years agosnapshot: split up fork-based and mprotect-based snapshotting
Brian Norris [Thu, 3 Jan 2013 02:14:17 +0000 (18:14 -0800)]
snapshot: split up fork-based and mprotect-based snapshotting

The code is kind of cluttered with #if's and intermixed implementations.
Now, snapshot.cc is split into two halves, where the first half
implements mprotect-based snapshotting and the latter half implements
fork-based snapshotting.

11 years agosnapshot: remove SSDEBUG
Brian Norris [Thu, 3 Jan 2013 01:54:45 +0000 (17:54 -0800)]
snapshot: remove SSDEBUG

We don't need a separate snapshotting DEBUG() macro.

11 years agodissolve snapshotimp.h
Brian Norris [Thu, 3 Jan 2013 01:48:28 +0000 (17:48 -0800)]
dissolve snapshotimp.h

snapshotimp.h was being used as a way to expose some of the snapshotting
implementation to mymemory.cc, just for fork-based snapshotting. I've
removed that exposure, so now I can pull the entire header into
snapshot.cc.

11 years agomymemory/snapshot: rearrange snapshot implementation
Brian Norris [Thu, 3 Jan 2013 01:38:19 +0000 (17:38 -0800)]
mymemory/snapshot: rearrange snapshot implementation

Move some implementation details back to snapshot.cc.

11 years agosnapshotimp: move macros to fork-based
Brian Norris [Thu, 3 Jan 2013 01:21:33 +0000 (17:21 -0800)]
snapshotimp: move macros to fork-based

These macros are only used for fork-based snapshotting.

11 years agosnapshot: change 'struct SnapShotPage' to a simple typedef
Brian Norris [Thu, 3 Jan 2013 00:41:35 +0000 (16:41 -0800)]
snapshot: change 'struct SnapShotPage' to a simple typedef

The struct SnapShotPage was being used improperly; it was accessed as
simply an array of data, instead of explicitly accessing its member
variable (which itself was an array). So just make this more
straightforward as a typedef'd array.

This also corrects a pointer cast to use (void *) when appropriate.

11 years agofixup style
Brian Norris [Wed, 2 Jan 2013 23:43:54 +0000 (15:43 -0800)]
fixup style

11 years agothreads: change thrd_t to store Thread pointer
Brian Norris [Thu, 20 Dec 2012 00:03:45 +0000 (16:03 -0800)]
threads: change thrd_t to store Thread pointer

I need to make some bigger changes to Thread allocation, so we'll need
to modify the storage of thrd_t.

11 years agoaction: add get_thread_operand() method
Brian Norris [Wed, 19 Dec 2012 23:26:47 +0000 (15:26 -0800)]
action: add get_thread_operand() method

Instead of guessing at the (type-unsafe) storage within
THREAD_{CREATE,JOIN} ModelActions, we can at least code this within a
single method. Note that this method may get more complex, particularly
for THREAD_CREATE.

11 years agomodel: use get_thread(curr) instead of get_current_thread()
Brian Norris [Thu, 20 Dec 2012 00:50:11 +0000 (16:50 -0800)]
model: use get_thread(curr) instead of get_current_thread()

The former is more accurate; the latter is only intended for use while
in user-thread context, where we are sure that Scheduler is in the
appropriate state.

12 years agotest: don't relay on thrd_current() returning an int
Brian Norris [Wed, 19 Dec 2012 06:48:21 +0000 (22:48 -0800)]
test: don't relay on thrd_current() returning an int

The C11 spec doesn't require thrd_t to be a particular object
format/type. I will need to change this type, I think, so don't assume
it's an int.

12 years agonodestack: refactor Node constructor
Brian Norris [Wed, 19 Dec 2012 06:18:03 +0000 (22:18 -0800)]
nodestack: refactor Node constructor

12 years agoaction: fixup style
Brian Norris [Wed, 19 Dec 2012 01:31:55 +0000 (17:31 -0800)]
action: fixup style

12 years agomodel: refactor check_current_action, next thread computation
Brian Norris [Tue, 18 Dec 2012 20:46:48 +0000 (12:46 -0800)]
model: refactor check_current_action, next thread computation

Pulling the 'get_next_thread()' computation out of
check_current_action() so that I can restructure the model-checker
execution a little.

12 years agothreads: assert completion is only called once
Brian Norris [Tue, 18 Dec 2012 22:08:19 +0000 (14:08 -0800)]
threads: assert completion is only called once

We don't need to support the case that Thread::complete() is called
multiple times. We should instead ensure (ASSERT()) that it is only
called when the Thread is not already completed (and cleaned up).

12 years agothreads: assert THREAD_COMPLETED is immutable
Brian Norris [Tue, 9 Oct 2012 17:42:50 +0000 (10:42 -0700)]
threads: assert THREAD_COMPLETED is immutable

12 years agoclean up some DEBUG() messages
Brian Norris [Sat, 15 Dec 2012 01:28:40 +0000 (17:28 -0800)]
clean up some DEBUG() messages

We were printing may_read_from info twice.

Printing the current action when we get to check_current_action() is
helpful.

Printing scheduling based on priority is also useful, as we recently had
a "bug" involving fairness/priority.

Include the file name in DEBUG() prints, since we may have the same
function names in different files/classes.

12 years agonodestack: style
Brian Norris [Sat, 15 Dec 2012 00:34:20 +0000 (16:34 -0800)]
nodestack: style

12 years agonodestack: add const
Brian Norris [Sat, 15 Dec 2012 00:31:49 +0000 (16:31 -0800)]
nodestack: add const

12 years agonodestack: do not allow Node with act == NULL
Brian Norris [Sat, 15 Dec 2012 00:29:31 +0000 (16:29 -0800)]
nodestack: do not allow Node with act == NULL

Since I removed the root 'NULL' Node, all Nodes will have a
corresponding action. Now, just ASSERT this in the constructor.

12 years agonodestack: don't create empty base node
Brian Norris [Thu, 13 Dec 2012 03:57:44 +0000 (19:57 -0800)]
nodestack: don't create empty base node

We don't actually need an empty base node, since the first thread will
never be backtracked. But it does mean that we no longer assume that
every newly-constructed Node has a parent.

Note that this changes the number of executions performed for some
programs. Even though the model-checker should be deterministic, this is
not a bug, AFAICT. The discrepancy seems to come from a change in
scheduling, where the scheduler order may differ after reaching a
divergence point. This is caused by the fairness support which is hacked
into Node creation, so threads may gain priority sooner in the presence
of a useless Node. In fact, before this change, (almost?) every
execution caused a thread (typically thread 1) to gain priority due to
fairness. Now, we reach this condition much more occasionally.

I made measurements of the scheduling decisions based on priority for
the execution of:

 # ./run.sh test/linuxrwlocks.o -f 10 -m 2

Previously, threads gained priority 10042 times in 7906 executions (9947
of those were for thread 1, when it would shortly become disabled).

Now, threads gain priority 68 times in 8396 executions (thread 1 never
gains priority).

12 years agomodel: check for NULL parent Node
Brian Norris [Thu, 13 Dec 2012 02:29:30 +0000 (18:29 -0800)]
model: check for NULL parent Node

I'm editing the NodeStack to eliminate the empty Node. So we should
check to ensure that the Node has a parent before using it.

12 years agomodel: use helper 'get_thread()'
Brian Norris [Thu, 13 Dec 2012 23:31:14 +0000 (15:31 -0800)]
model: use helper 'get_thread()'

12 years agonodestack: print extra backtracking info
Brian Norris [Thu, 13 Dec 2012 23:18:12 +0000 (15:18 -0800)]
nodestack: print extra backtracking info

If we ever use the Node::print() method, print some extra info about
backtracking.

12 years agomodel: style fixups
Brian Norris [Thu, 13 Dec 2012 23:00:29 +0000 (15:00 -0800)]
model: style fixups

12 years agomodel: add 'set_latest_backtrack()'
Brian Norris [Thu, 13 Dec 2012 22:47:59 +0000 (14:47 -0800)]
model: add 'set_latest_backtrack()'

12 years agomodel: print bug reports only for feasible executions
Brian Norris [Thu, 13 Dec 2012 08:36:04 +0000 (00:36 -0800)]
model: print bug reports only for feasible executions

We can assert a bug (e.g., uninitialized load) without having a feasible
exeuction. If this execution is later ruled infeasible, we don't need to
print the trace info.

12 years agotest: uninit: remove @todo (bug fixed)
Brian Norris [Thu, 13 Dec 2012 08:35:25 +0000 (00:35 -0800)]
test: uninit: remove @todo (bug fixed)

The previous bugfix allows this example to run properly, so remove the
@todo.

12 years agomodel: bugfix - mo_may_allow was too restrictive
Brian Norris [Thu, 13 Dec 2012 08:13:08 +0000 (00:13 -0800)]
model: bugfix - mo_may_allow was too restrictive

This bugfix has the same rationale as with the following commit:

commit c2d7fa973e562c194eb732d8dc58ab7659b7a2ee

We do not want the potential reader to disqualify itself from reading a
future value; previously, this was fixed only for reads (not RMW's). But
we can experience the same problem with RMW's, which are both read and
write.

So, instead of using 'act != reader' as a special case for the is_read()
case, just use it as a breaking condition in addition to

   !(reader --hb-> act)

This is really intended anyway, since our happens-before is reflexive,
whereas it is irreflexive in the specification.

12 years agomodel: make dumpGraph 'const'
Brian Norris [Thu, 13 Dec 2012 08:12:28 +0000 (00:12 -0800)]
model: make dumpGraph 'const'

SUPPORT_MOD_ORDER_DUMP can't compile if dumpGraph() isn't const.

12 years agonodestack: fixup style
Brian Norris [Thu, 13 Dec 2012 07:19:15 +0000 (23:19 -0800)]
nodestack: fixup style

12 years agomodel: remove snapshotted 'nextThread'
Brian Norris [Thu, 13 Dec 2012 03:40:56 +0000 (19:40 -0800)]
model: remove snapshotted 'nextThread'

The 'nextThread' field is no longer needed, since I've simplified
take_step().

12 years agomodel: pass current action as function argument
Brian Norris [Thu, 13 Dec 2012 03:31:10 +0000 (19:31 -0800)]
model: pass current action as function argument

Diminish the use of 'priv->current_action', and instead pass it to
take_step() as an argument. At the same time, it is more obvious that we
do not need to reset priv->current_action to NULL.

12 years agomodel: simplify take_step()
Brian Norris [Thu, 13 Dec 2012 03:25:02 +0000 (19:25 -0800)]
model: simplify take_step()

Now that priv->current_action is always non-NULL (when reaching
take_step()), we can simplify the logic a bit. Also, rename some
variables.

12 years agomodel: force first thread to run immediately
Brian Norris [Thu, 13 Dec 2012 03:16:43 +0000 (19:16 -0800)]
model: force first thread to run immediately

Forcing the first thread to run immediately yields us our first
ModelAction, so we won't have to special-case the case that
current_action == NULL.

12 years agomodel: change guaranteed condition into ASSERT()
Brian Norris [Thu, 13 Dec 2012 02:27:27 +0000 (18:27 -0800)]
model: change guaranteed condition into ASSERT()

This guaranteed condition should only be included as an ASSERT(). This
gives a bonus, that the code becomes a little easier to read.

12 years agonodestack: rename 'iter' to 'head_idx'
Brian Norris [Thu, 13 Dec 2012 02:03:23 +0000 (18:03 -0800)]
nodestack: rename 'iter' to 'head_idx'

12 years agonodestack: make 'iter' signed
Brian Norris [Thu, 13 Dec 2012 01:57:28 +0000 (17:57 -0800)]
nodestack: make 'iter' signed

iter will need to be negative when we allow the NodeStack to be empty.

12 years agoschedule: spacing
Brian Norris [Thu, 13 Dec 2012 01:15:46 +0000 (17:15 -0800)]
schedule: spacing

12 years agonodestack: spacing
Brian Norris [Thu, 13 Dec 2012 00:21:56 +0000 (16:21 -0800)]
nodestack: spacing

12 years agomodel: spacing
Brian Norris [Thu, 13 Dec 2012 00:07:01 +0000 (16:07 -0800)]
model: spacing

12 years agomodel: rename 'promise_index' to 'i'
Brian Norris [Wed, 12 Dec 2012 23:49:29 +0000 (15:49 -0800)]
model: rename 'promise_index' to 'i'

The fuction looks cleaner if the loop variable is just a simple 'i'
index.

12 years agotest/uninit: add an "uninit" test
Brian Norris [Wed, 12 Dec 2012 02:38:16 +0000 (18:38 -0800)]
test/uninit: add an "uninit" test

This is a weird example, where we don't explicitly initialize y, but
synchronization should guarantee that it is initialized.

Right now, this example has a problem where we never see flag == 2.

12 years agomodel: return value from switch_to_master
Brian Norris [Wed, 12 Dec 2012 02:08:31 +0000 (18:08 -0800)]
model: return value from switch_to_master

12 years agoaction: refactor ATOMIC_READ printing
Brian Norris [Wed, 12 Dec 2012 02:05:51 +0000 (18:05 -0800)]
action: refactor ATOMIC_READ printing

For ATOMIC_READ, we don't need a special case to print VALUE_NONE,
because any action where the value isn't explicitly set (e.g., all
ATOMIC_READ actions) default to VALUE_NONE. And if this 'default'
changes in the future, we would want to print it.

(Right now it's confusing, for instance, when we have a failed promise
execution, since the model-checker trace gives no indication of what the
promised value actually *was*. This should be fixed sometime.)

12 years agonodestack: add 'const'
Brian Norris [Wed, 12 Dec 2012 01:44:04 +0000 (17:44 -0800)]
nodestack: add 'const'

12 years agoimpatomic: add C++ atomic_init()
Brian Norris [Wed, 12 Dec 2012 00:16:53 +0000 (16:16 -0800)]
impatomic: add C++ atomic_init()

According to N337, C++ has a C-like atomic_init() function, which was
left out of our impatomic header.

12 years agocyclegraph: uniform spacing, style
Brian Norris [Tue, 11 Dec 2012 23:22:56 +0000 (15:22 -0800)]
cyclegraph: uniform spacing, style

12 years agocyclegraph: bugfix - more SnapshotAlloc
Brian Norris [Tue, 11 Dec 2012 23:10:40 +0000 (15:10 -0800)]
cyclegraph: bugfix - more SnapshotAlloc

12 years agocommon: bugfix - always display backtrace output
Brian Norris [Tue, 11 Dec 2012 20:59:39 +0000 (12:59 -0800)]
common: bugfix - always display backtrace output

The stacktrace can be hidden if it doesn't go to 'model_out', instead of
'stdout'.

12 years agocyclegraph: bugfix - use model-checker's allocater for CycleNode::edges
Brian Norris [Tue, 11 Dec 2012 20:56:59 +0000 (12:56 -0800)]
cyclegraph: bugfix - use model-checker's allocater for CycleNode::edges

This vector should use our SnapshotAlloc allocator, to avoid polluting
the user's memory allocator.

This solves an annoying bug that causes us to hit an ASSERT() when a
user's threads aren't allocated in the same location every execution.

12 years agocyclegraph: don't export CycleNode::edges directly, use accessors
Brian Norris [Tue, 11 Dec 2012 20:55:28 +0000 (12:55 -0800)]
cyclegraph: don't export CycleNode::edges directly, use accessors

The CycleNode::edges vector shouldn't be accessed directly; it should be
used through accessors, to hide implementation details. (Really, there's
a bug in the CycleNode that I need to fix, so I'm fixing this first.)

12 years agoinclude the correct standard headers
Brian Norris [Tue, 11 Dec 2012 19:11:45 +0000 (11:11 -0800)]
include the correct standard headers

Our own headers are including several of the wrong headers in the wrong
places. Move a few to place them more closely to their actual usage
location, and remove some others that are unused (e.g., <iostream>,
<cassert>, <csignal>).

12 years agospacing
Brian Norris [Sat, 8 Dec 2012 02:40:59 +0000 (18:40 -0800)]
spacing

12 years agomodel: don't create UNINIT actions for Threads, mutexes, etc.
Brian Norris [Fri, 7 Dec 2012 06:57:02 +0000 (22:57 -0800)]
model: don't create UNINIT actions for Threads, mutexes, etc.

ModelActions may be associated with fences, mutexes, threads, etc., all
of which never hit the "uninitialized" case. So, we shouldn't create
these UNINIT actions.

12 years agoaction: add is_atomic_var()
Brian Norris [Fri, 7 Dec 2012 06:55:38 +0000 (22:55 -0800)]
action: add is_atomic_var()

To check if a ModelAction is for a C/C++ atomic variable (vs. a Thread
action, a fake ModelChecker action, a mutex, a condition variable, etc.)

12 years agomodel/action: bugfix - UNINIT actions do not have a Node
Brian Norris [Fri, 7 Dec 2012 06:53:07 +0000 (22:53 -0800)]
model/action: bugfix - UNINIT actions do not have a Node

Fix the one place where ModelChecker looks for a Node in an UNINIT
action.

This also adds an ASSERT() within ModelAction to prevent calling
get_node() on an UNINIT action. It is technically OK to call get_node()
in this case, but most callers don't check for NULL, so it's better to
just catch the ASSERT() for this unwanted special case.

12 years agomodel: remove old "uninitialized" bug check
Brian Norris [Fri, 7 Dec 2012 06:45:23 +0000 (22:45 -0800)]
model: remove old "uninitialized" bug check

The previously-existing bug check is not fully correct and has been
replaced with explicit UNINIT actions that, when read from, trigger a
bug assertion.

12 years agomodel: generate UNINIT actions as new atomic operations form
Brian Norris [Fri, 7 Dec 2012 06:42:10 +0000 (22:42 -0800)]
model: generate UNINIT actions as new atomic operations form

The first time an atomic variable is accessed, we need to add an
appropriate UNINIT action to the ModelChecker data structures. We assign
these ModelActions to the special model-checker thread (Thread 0). Note
that these actions will *not* appear in the NodeStack and will not be
explored in check_current_action, etc.

12 years agoaction: move ModelAction::get_node to action.cc
Brian Norris [Fri, 7 Dec 2012 06:40:05 +0000 (22:40 -0800)]
action: move ModelAction::get_node to action.cc

This function needs to expand a bit, so move it to the implementation
file.