Brian Norris [Mon, 8 Oct 2012 05:17:12 +0000 (22:17 -0700)]
model: check data races during release sequence fixup
This solves two problems:
1. I wasn't even checking for resolved data races after fixing up
release sequence(s)
2. Launching of release sequence fixups now requires that there be
pending data races
Brian Norris [Sun, 7 Oct 2012 22:23:37 +0000 (15:23 -0700)]
model: add release sequence model_thread ASSERT()
This ASSERT() should ensure that model-checker threads are always
'future_ordered'.
Brian Norris [Sat, 6 Oct 2012 02:20:21 +0000 (19:20 -0700)]
model: launch release sequence fixup actions when necessary
This should complete the "release sequence fixup" step. The ModelChecker
will launch new fixup actions, associating them with the special
'model_thread'.
Brian Norris [Sat, 6 Oct 2012 02:18:13 +0000 (19:18 -0700)]
model: add special model-checker Thread to ModelChecker
Note the change in take_step(), so that we base the "current thread" off
of the provided ModelAction, rather than thread_current() (i.e., the
Scheduler). This is because the Scheduler will never run the
model-checker thread.
Brian Norris [Sat, 6 Oct 2012 01:29:45 +0000 (18:29 -0700)]
schedule: do not allow model-checker thread to enter scheduler
Brian Norris [Sat, 6 Oct 2012 00:50:37 +0000 (17:50 -0700)]
threads: add constructor for model-checker thread
This thread will never have its own stack, and it should never be
inserted into the Scheduler.
Brian Norris [Sat, 6 Oct 2012 00:42:03 +0000 (17:42 -0700)]
threads: add flag for a special type of "model-checker thread"
Special model-checker thread(s) might be needed when producing special
model-checker ModelActions.
Brian Norris [Sat, 6 Oct 2012 00:39:49 +0000 (17:39 -0700)]
action: add Thread parameter to constructor
We will need to create ModelActions that are forced to associate with a
specific Thread (contrary to the Scheduler's knowledge), so add a
constructor parameter.
Brian Norris [Fri, 5 Oct 2012 07:07:10 +0000 (00:07 -0700)]
model: add process_relseq_fixup()
This performs the bulk of the release sequence finalization step.
Brian Norris [Sun, 7 Oct 2012 23:18:07 +0000 (16:18 -0700)]
model: wire up rest of release seq. resolution backtracking
I still need to actually initiate the special ModelAction fixups.
Brian Norris [Sun, 7 Oct 2012 23:12:00 +0000 (16:12 -0700)]
nodestack: add release sequence breakage backtracking
End-of-execution resolution of release sequences requires a search
procedure in which we test various attempts at breaking our pending
release sequences. This provides the NodeStack infrastructure.
Brian Norris [Fri, 5 Oct 2012 05:38:37 +0000 (22:38 -0700)]
action: add MODEL_FIXUP_RELSEQ action_type
This type will be used as a special model-checker action for fixing up
release sequences. Each action corresponds to "finalizing" one release
sequence: either force a particular write to break the sequence or else
allow the synchronization to occur.
Currently, this action_type won't do anything, as it's not hooked up in
ModelChecker.
Brian Norris [Sun, 7 Oct 2012 22:04:08 +0000 (15:04 -0700)]
model: disabled threads are "future ordered"
If a Thread is not currently enabled, then it will synchronize with
another (currently-enabled) Thread if/when it wakes up. Thus, it
qualifies as "future ordered" within the release sequence code: it
cannot contribute future writes that will break current pending release
sequences.
Brian Norris [Sun, 7 Oct 2012 22:02:16 +0000 (15:02 -0700)]
model: use proper size_t printf format
Brian Norris [Sun, 7 Oct 2012 21:57:42 +0000 (14:57 -0700)]
schedule: add is_enabled() function
The release sequence functionality needs to check whether a Thread is
currently enabled (rather than finding this information in a particular
Node).
Also, rename the (private) 'is_enabled' field to avoid a name conflict.
Brian Demsky [Sat, 6 Oct 2012 01:50:24 +0000 (18:50 -0700)]
Merge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker
Brian Demsky [Sat, 6 Oct 2012 00:15:49 +0000 (17:15 -0700)]
create enumeration for enabled information...switch from bools to the enumeration
Brian Norris [Sat, 6 Oct 2012 00:07:49 +0000 (17:07 -0700)]
cyclegraph: fix indentation
Brian Norris [Sat, 6 Oct 2012 00:03:01 +0000 (17:03 -0700)]
cyclegraph: flag cycles for reflexive edges
The cyclegraph shouldn't fail (i.e., ASSERT()) when reflexive edges are
added; instead, they should be declared as cycles.
Brian Demsky [Fri, 5 Oct 2012 02:44:14 +0000 (19:44 -0700)]
1) more comments
2) rename is_synchronizing with
3) realize that reordering is only necessary if we create a synchronization...not needed to break one...
Brian Demsky [Fri, 5 Oct 2012 00:37:38 +0000 (17:37 -0700)]
Merge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker
Brian Demsky [Fri, 5 Oct 2012 00:37:12 +0000 (17:37 -0700)]
changes
Brian Norris [Thu, 4 Oct 2012 21:59:44 +0000 (14:59 -0700)]
nodestack: destroy Nodes properly in ~NodeStack()
Brian Norris [Thu, 4 Oct 2012 21:57:37 +0000 (14:57 -0700)]
nodestack: use initializer list
Brian Norris [Thu, 4 Oct 2012 19:11:05 +0000 (12:11 -0700)]
model: remove unnecessary boolean variable
Brian Norris [Thu, 4 Oct 2012 19:42:13 +0000 (12:42 -0700)]
model: assign "pending" return values in release_seq_heads()
Now that the lazy pending release sequences list is improved, return
more information from release_seq_heads().
Note that this change also affects the behavior of the last double loop;
now, even after discovering write(s) from one thread that might break the
release sequence, I continue exploring other threads. This has some pros
and cons:
Con:
* may cause more work in exploring many threads without gaining any
extra information
Pro:
* may help discover a write that *certainly* breaks the sequence,
whereas previously, we might have exited with an uncertain status
* builds a more thorough, complete set of writes that might break the
release sequence
The last point is the main intention, since we will require a complete
set for end-of-execution fixups. The others balance out to a net benefit
(and possibly a bugfix).
Brian Norris [Thu, 4 Oct 2012 19:15:14 +0000 (12:15 -0700)]
model: update pending release sequence list type
In working toward proper resolution of pending release sequences, I will
change the pending release sequence list again. This time, a single list
entry will have the ability to hold all important info regarding a
single release sequence. For now, I only utilize it to store the
'acquire' operation, so there should be no real change in behavior yet.
Brian Norris [Thu, 4 Oct 2012 18:15:39 +0000 (11:15 -0700)]
model: add release_seq structure definition
Brian Demsky [Thu, 4 Oct 2012 08:32:45 +0000 (01:32 -0700)]
fix bug...can't mo_check_promises until we're done resolving promises for a write back in time
Brian Demsky [Thu, 4 Oct 2012 08:21:11 +0000 (01:21 -0700)]
local commit... bug that prunes too many executions
Brian Demsky [Thu, 4 Oct 2012 00:28:26 +0000 (17:28 -0700)]
Merge branch 'master' of /home/git/model-checker
Brian Demsky [Thu, 4 Oct 2012 00:26:43 +0000 (17:26 -0700)]
fix low hanging fruit when profiling...
dump typo was turning off optimized version of checkpointing...option 2 is by far fastest
was spending most of the time freeing an oversized hashtable
Brian Norris [Thu, 4 Oct 2012 00:12:59 +0000 (17:12 -0700)]
fixup more id vs. thread_id_t
Brian Norris [Tue, 25 Sep 2012 23:29:14 +0000 (16:29 -0700)]
action: return synchronization status for ModelAction::read_from()
The ModelChecker may need to know if any synchronization was performed in
read_from().
Note that the return status is not used yet.
Brian Norris [Wed, 3 Oct 2012 23:29:59 +0000 (16:29 -0700)]
action: remove clockvector flag from print() method
We don't actually need to tell ModelAction::print() when to print the
associated clock vector. The introduction of the 'print_cv' boolean flag
was to fix a separate bug that has been fixed. Now the clock vector can
be printed unconditionally, when it exists.
Brian Norris [Wed, 3 Oct 2012 23:07:54 +0000 (16:07 -0700)]
model: rename release_seq_head() -> release_seq_heads()
It may return multiple heads, so make it plural.
Brian Norris [Wed, 3 Oct 2012 22:36:26 +0000 (15:36 -0700)]
model: do not assume THREAD_FINISH is always the last action
It's possible that there will be special fixup ModelActions added, so
just use the Thread::is_complete() method to check for a completed
Thread.
Brian Norris [Wed, 3 Oct 2012 22:26:52 +0000 (15:26 -0700)]
fixup usage of int vs. thread_id_t
Brian Norris [Wed, 3 Oct 2012 22:08:28 +0000 (15:08 -0700)]
model: add const qualifier to get_thread()
Brian Norris [Wed, 3 Oct 2012 21:50:30 +0000 (14:50 -0700)]
model: rearrange conditionals, fixup take_step()
Brian Norris [Wed, 3 Oct 2012 20:54:22 +0000 (13:54 -0700)]
Merge remote-tracking branch 'origin/master'
Brian Norris [Wed, 3 Oct 2012 20:17:47 +0000 (13:17 -0700)]
modeltypes: move small typedefs to own header
To prevent some unnecessary inter-header dependencies, we can move some
simple typedefs to a modeltypes.h header.
Brian Norris [Wed, 3 Oct 2012 20:16:49 +0000 (13:16 -0700)]
model: don't include schedule.h
Brian Norris [Wed, 3 Oct 2012 20:50:51 +0000 (13:50 -0700)]
nodestack: move has_priority() out of header
Brian Norris [Wed, 3 Oct 2012 20:37:02 +0000 (13:37 -0700)]
model: move get_thread() implementations out of header
Brian Norris [Wed, 3 Oct 2012 20:16:00 +0000 (13:16 -0700)]
model: move get_current_thread() implementation out of header
Brian Demsky [Wed, 3 Oct 2012 19:38:27 +0000 (12:38 -0700)]
Merge branch 'master' of /home/git/model-checker
Brian Demsky [Wed, 3 Oct 2012 19:37:53 +0000 (12:37 -0700)]
a number of fixes to add missing mo_graph edges to speed up detection of infeasible
traces
Brian Norris [Wed, 3 Oct 2012 19:37:22 +0000 (12:37 -0700)]
model: update switch_to_master() comment
Brian Norris [Wed, 3 Oct 2012 19:13:03 +0000 (12:13 -0700)]
Makefile: eliminate malloc.c warning
malloc.c: In function ‘sys_trim’:
malloc.c:4289:20: warning: unused variable ‘newsize’ [-Wunused-variable]
malloc.c: In function ‘destroy_mspace’:
malloc.c:5452:13: warning: unused variable ‘base’ [-Wunused-variable]
Brian Norris [Wed, 3 Oct 2012 19:06:20 +0000 (12:06 -0700)]
mymemory: fix indentation for ModelAlloc
Brian Norris [Wed, 3 Oct 2012 18:50:35 +0000 (11:50 -0700)]
rename 'MyAlloc' to 'ModelAlloc'
Brian Norris [Wed, 3 Oct 2012 18:37:26 +0000 (11:37 -0700)]
mymemory: reword comments
Brian Norris [Wed, 3 Oct 2012 18:29:01 +0000 (11:29 -0700)]
snapshot: rename 'SnapShot' -> 'Snapshot'
This capitalization always messes me up
Brian Norris [Wed, 3 Oct 2012 18:26:17 +0000 (11:26 -0700)]
common: remove excess semicolon
Brian Norris [Wed, 3 Oct 2012 18:15:05 +0000 (11:15 -0700)]
mymemory: define SNAPSHOTALLOC appropriately
SNAPSHOTALLOC can be filled in with meaningful allocators, rather than
using the global default allocators.
Brian Norris [Wed, 3 Oct 2012 18:08:36 +0000 (11:08 -0700)]
replace malloc/calloc/free with snapshot_{malloc/calloc/free}
We need to explicitly declare when we are requesting snapshotting
memory, and we need to avoid using malloc, etc., directly. For now, this
has no functional change, as the 'snapshot_*' functions just call the
stdlib functions, but soon we may switch allocators to use a private
heap.
Brian Norris [Wed, 3 Oct 2012 18:05:36 +0000 (11:05 -0700)]
mymemory: make snapshot_{malloc,calloc,free} externally linkable
As we begin to use these functions, they can't be simply declared
statically in the header; they need to be linkable in hashtable.h, for
instance.
Brian Norris [Wed, 3 Oct 2012 17:12:56 +0000 (10:12 -0700)]
action: reword comments
Why all the ...?
Brian Demsky [Wed, 3 Oct 2012 10:04:21 +0000 (03:04 -0700)]
extra file committed accidentally
Brian Demsky [Wed, 3 Oct 2012 10:03:02 +0000 (03:03 -0700)]
missing change
Brian Demsky [Wed, 3 Oct 2012 09:57:32 +0000 (02:57 -0700)]
mspace_malloc will call into mmap if it runs out of memory... this does not play well with
snapshotting the mspace of course...
turn off the mmap option and give us a bigger heap...
add assertions to malloc/calloc/realloc if they return NULL (which is now possible with MMAP turned off)
Brian Demsky [Wed, 3 Oct 2012 08:28:12 +0000 (01:28 -0700)]
error
Brian Demsky [Wed, 3 Oct 2012 08:20:48 +0000 (01:20 -0700)]
random memory leak fixes and memory access fixes
Brian Norris [Tue, 2 Oct 2012 01:15:12 +0000 (18:15 -0700)]
model: debug print - pending release sequences
Brian Norris [Wed, 3 Oct 2012 01:52:43 +0000 (18:52 -0700)]
test: add a "pending release sequences" test
This helps test the end-of-execution "pending release sequence"
functionality, as well as other release-sequence-related code. It also
uncovered the regression that was just reverted prior to this.
Brian Norris [Wed, 3 Oct 2012 01:48:05 +0000 (18:48 -0700)]
(bug) revert JOIN/LOCK simplification
A test case throws an assertion when these changes are included. Maybe
I'll make a proper fix later, but for now, I mostly revert these.
Revert "model: remove obsolete ModelChecker::do_complete_join()"
This reverts commit
cef10a2b49af5da16ffe59c5b9ddd210c668fbac.
Revert "model: unify JOIN- and LOCK-related sleep/wake code"
This reverts commit
620ae95ce4fed006d18a41b6ccfd949d7e77f677.
Brian Norris [Wed, 26 Sep 2012 00:00:53 +0000 (17:00 -0700)]
model: one release sequence may help resolve another
Brian Norris [Wed, 3 Oct 2012 01:09:40 +0000 (18:09 -0700)]
model: THREAD_FINISH triggers release sequence check
A THREAD_FINISH action may ensure that a Thread is no longer able to
break release sequences, so all pending release sequences should be
checked.
Brian Demsky [Wed, 3 Oct 2012 01:07:02 +0000 (18:07 -0700)]
Merge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker
Brian Demsky [Wed, 3 Oct 2012 01:06:46 +0000 (18:06 -0700)]
a bug fix
Brian Norris [Wed, 3 Oct 2012 00:54:26 +0000 (17:54 -0700)]
assign sequence numbers after initial processing
When re-ordering the execution of JOIN and LOCK operations (e.g., when
they attempt to execute when not enabled), the sequence numbers became
out of order. Also, RMW operations would cause sequence numbers to jump
by 2 every time.
This fix arranges initialization such that a ModelAction is only
assigned a sequence number after it passes some initial checks to ensure
that it will be executed and utilized immediately. Otherwise, it will
either be discarded or held pending until it is enabled.
Brian Norris [Wed, 3 Oct 2012 00:58:01 +0000 (17:58 -0700)]
action: edit some spacing
Brian Norris [Wed, 3 Oct 2012 00:29:56 +0000 (17:29 -0700)]
model: remove obsolete ModelChecker::do_complete_join()
This function was folded into the one place it is used, now.
Brian Norris [Wed, 3 Oct 2012 00:28:02 +0000 (17:28 -0700)]
model: unify JOIN- and LOCK-related sleep/wake code
We might as well use similar code paths for JOIN and LOCK operations
that must wait on another thread to re-enable it. The side benefit here
is that the JOIN action is now placed at the correct sequence point in
the execution trace.
Brian Norris [Wed, 3 Oct 2012 00:14:46 +0000 (17:14 -0700)]
model: refactor mutex thread-blocking code
There are a few functions that are used in suboptimal ways.
* use the ModelChecker::get_thread(ModelAction *) version of overloaded
'get_thread()' function
* the add/remove interfaces were used inconsistently previously; for
"waking" we directly utilized Scheduler::add_thread, whereas the
"sleeping" case used ModelChecker::remove_thread
* use the Scheduler::sleep and Scheduler::wake functions for sleep/wake
instead of explicitly adding/removing
Brian Norris [Tue, 2 Oct 2012 19:33:21 +0000 (12:33 -0700)]
action: don't print clock vector when it is invalid
Due to clock vector snapshotting, a ModelAction may hold a pointer to
an inavlid ClockVector. This fix allows callers of ModelAction::print()
to prevent it from printing a corrupted ClockVector.
Brian Demsky [Tue, 2 Oct 2012 21:54:59 +0000 (14:54 -0700)]
small hack to optimize our common case for snapshotting and set config option to turn this back on.
hack assumes that same pages will be dirty across different executions so just copies them and doesn't reprotect them
Brian Demsky [Tue, 2 Oct 2012 21:29:10 +0000 (14:29 -0700)]
fix bug.... not quite perfect for linux locks, but runs to completion...
Revert "model: revert broken bugfix"
This reverts commit
ae7fcd2e5e499f72d9d1530bdc293f4fbc5f0644.
Brian Norris [Tue, 2 Oct 2012 19:17:16 +0000 (12:17 -0700)]
clockvector: snapshot the whole object
Brian Norris [Tue, 2 Oct 2012 18:16:12 +0000 (11:16 -0700)]
model: revert broken bugfix
This reverts parts of the following commit:
commit
7ba211ec7d1cacbaa3ef2027f1a0f534888f1708
The bugfix broke our basic test case (userprog)
Brian Norris [Tue, 2 Oct 2012 18:02:46 +0000 (11:02 -0700)]
model: fix "earliest diverge" NULL pointer exception
Brian Demsky [Tue, 2 Oct 2012 09:09:13 +0000 (02:09 -0700)]
start support for drawing execution diagrams
fix some signed/unsigned warnings
Brian Demsky [Tue, 2 Oct 2012 07:29:10 +0000 (00:29 -0700)]
Fixed bug breaking our consolidation of future values...
Brian Demsky [Tue, 2 Oct 2012 04:48:34 +0000 (21:48 -0700)]
Two change:
(1) Bug fix... Check that rf is non-null before calling
r_modification
(2) Add a hook into assert mechanism for the debugger
Brian Norris [Tue, 2 Oct 2012 01:18:07 +0000 (18:18 -0700)]
rename MYFREE -> model_free
Brian Norris [Tue, 2 Oct 2012 01:17:26 +0000 (18:17 -0700)]
rename MYCALLOC -> model_calloc
Brian Norris [Tue, 2 Oct 2012 01:16:24 +0000 (18:16 -0700)]
rename MYMALLOC -> model_malloc
Brian Norris [Tue, 2 Oct 2012 00:37:02 +0000 (17:37 -0700)]
model: refactor/reword initialize_curr_action()
Brian Norris [Tue, 2 Oct 2012 00:30:01 +0000 (17:30 -0700)]
clockvector: snapshot our clock vectors
Clock vectors need to be snapshotted
Brian Norris [Tue, 2 Oct 2012 00:11:52 +0000 (17:11 -0700)]
mymemory: add placeholder "snapshot_{calloc,malloc,free}" functions
Eventually, we may want a separate heap for the model-checker's
snapshotted data (vs. user's snapshotted data), so create allocator
stubs for this. This allows us to begin annotating our malloc()'s
properly.
Brian Norris [Tue, 2 Oct 2012 00:20:34 +0000 (17:20 -0700)]
model: always re-calculate clock vectors
Clock vectors are mutable, via synchronization. We will need to both
snapshot and recompute clock vectors as they are generated. Right now,
we have some incorrect assumptions in place. This bugfix prevents stale
clock vectors (from previous executions) from polluting subsequent
executions.
Brian Demsky [Mon, 1 Oct 2012 23:27:49 +0000 (16:27 -0700)]
another bug fix
Brian Demsky [Mon, 1 Oct 2012 22:17:11 +0000 (15:17 -0700)]
bug fix...recompute promises of RMW actions at divergence points
Brian Norris [Mon, 1 Oct 2012 20:29:54 +0000 (13:29 -0700)]
model: utilize bad_synchronization flag
Brian Norris [Mon, 1 Oct 2012 20:29:00 +0000 (13:29 -0700)]
model: add "bad synchronization" flag
Can be used for aborting a trace when an incorrectly-ordered
synchronization occurs.
Brian Norris [Mon, 1 Oct 2012 20:20:56 +0000 (13:20 -0700)]
action: synchronize_with - return status for out-of-order synchronization
"synchronize_with()" now can return a boolean status, rather than just
using an ASSERT(). This allows synchronize_with() to be called with
actions that are against the program trace order, then return a status
to signify success/failure. This will allow, for instance, release
sequence calculations to simply abort this single execution, not the
whole model-checker.
Brian Norris [Mon, 1 Oct 2012 17:55:23 +0000 (10:55 -0700)]
model: remove debug print
Brian Demsky [Sat, 29 Sep 2012 03:58:27 +0000 (20:58 -0700)]
missing commit of mo_graph changes
Brian Demsky [Fri, 28 Sep 2012 10:16:00 +0000 (03:16 -0700)]
fix bug from moving read_from check_recency...check_recency had the assumption that the read_from field was set...