model-checker.git
11 years agoexecution: bugfix - backtrack seq-cst fences properly
Brian Norris [Wed, 17 Apr 2013 17:46:19 +0000 (10:46 -0700)]
execution: bugfix - backtrack seq-cst fences properly

The commented-out ATOMIC_FENCE should not be commented out; the note
that "fences don't directly cause backtracking" is false for seq-cst
fences. We intend to backtrack for all seq-cst fences, so we need to
perform the appropriate 'get conflict' search for all fences.

11 years agoexecution: correct comment on check_current_action()
Brian Norris [Wed, 17 Apr 2013 17:45:58 +0000 (10:45 -0700)]
execution: correct comment on check_current_action()

11 years agonodestack: localize the model-checker parameters
Brian Norris [Tue, 16 Apr 2013 19:27:06 +0000 (12:27 -0700)]
nodestack: localize the model-checker parameters

11 years agomodel: privatize ModelChecker::get_num_threads()
Brian Norris [Tue, 16 Apr 2013 18:58:28 +0000 (11:58 -0700)]
model: privatize ModelChecker::get_num_threads()

The public interface is now in ModelExecution.

11 years agonodestack: register ModelExecution class w/in NodeStack
Brian Norris [Tue, 16 Apr 2013 18:56:59 +0000 (11:56 -0700)]
nodestack: register ModelExecution class w/in NodeStack

11 years agopromise: add max_available_thread_idx() interface
Brian Norris [Tue, 16 Apr 2013 18:45:51 +0000 (11:45 -0700)]
promise: add max_available_thread_idx() interface

To remove an unnecessary use of global/public model->get_num_threads().

11 years agoclockvector: don't use global get_num_threads()
Brian Norris [Tue, 16 Apr 2013 18:29:11 +0000 (11:29 -0700)]
clockvector: don't use global get_num_threads()

11 years agomodel: remove leftover junk
Brian Norris [Tue, 16 Apr 2013 18:13:55 +0000 (11:13 -0700)]
model: remove leftover junk

11 years agoexecution: embed obj_map directly in class
Brian Norris [Tue, 16 Apr 2013 18:01:46 +0000 (11:01 -0700)]
execution: embed obj_map directly in class

This structure can be embedded as a full-fledged member, not a pointer.

11 years agohashtable: update documentation
Brian Norris [Tue, 16 Apr 2013 17:23:44 +0000 (10:23 -0700)]
hashtable: update documentation

Some of the existing documentation was incorrect or insufficient. Also,
add new documentation to describe the design "feature" of this table:
that 0/NULL is not a valid key.

11 years agohashtable: enforce, document non-zero keys
Brian Norris [Tue, 16 Apr 2013 16:49:01 +0000 (09:49 -0700)]
hashtable: enforce, document non-zero keys

HashTable does not support a key of "zero." ...

11 years agoexecution: convert HashTable to SnapVector
Brian Norris [Tue, 16 Apr 2013 16:30:17 +0000 (09:30 -0700)]
execution: convert HashTable to SnapVector

We don't actually need a hash table for threads, since we allocate their
indeces contiguously, at least for now. Also, HashTable is really
designed for pointer-based keys and may not accept a 0-valued key. To
avoid these problems, just switch to a snapshotted vector.

11 years agoaction: bugfix - use non-zero fence "location"
Brian Norris [Tue, 16 Apr 2013 16:46:58 +0000 (09:46 -0700)]
action: bugfix - use non-zero fence "location"

Our HashTable does not support zero-based keys (e.g., NULL pointer as a
key). So as a hack, switch to use a small, arbitrary, non-zero location
instead of NULL (0).

11 years agoexecution: embed action_list as full member
Brian Norris [Tue, 16 Apr 2013 06:23:43 +0000 (23:23 -0700)]
execution: embed action_list as full member

11 years agoexecution: add const
Brian Norris [Tue, 16 Apr 2013 06:23:25 +0000 (23:23 -0700)]
execution: add const

11 years agoexecution: embed more data structures directly in class
Brian Norris [Tue, 16 Apr 2013 03:28:09 +0000 (20:28 -0700)]
execution: embed more data structures directly in class

11 years agoexecution: embed snapshotted data structures in class
Brian Norris [Tue, 16 Apr 2013 03:20:11 +0000 (20:20 -0700)]
execution: embed snapshotted data structures in class

11 years agoexecution: make structure snapshotting
Brian Norris [Tue, 16 Apr 2013 03:11:14 +0000 (20:11 -0700)]
execution: make structure snapshotting

All members are snapshot-able.

11 years agoexecution: move execution number back to ModelChecker class
Brian Norris [Tue, 16 Apr 2013 03:08:41 +0000 (20:08 -0700)]
execution: move execution number back to ModelChecker class

11 years agoclean out includes, etc.
Brian Norris [Tue, 16 Apr 2013 02:59:53 +0000 (19:59 -0700)]
clean out includes, etc.

11 years agomodel: embed the trace_analyses in the class
Brian Norris [Tue, 16 Apr 2013 02:55:37 +0000 (19:55 -0700)]
model: embed the trace_analyses in the class

11 years agoaction: add <stdlib>
Brian Norris [Tue, 16 Apr 2013 02:53:40 +0000 (19:53 -0700)]
action: add <stdlib>

For exit() and EXIT_*

11 years agoscanalysis: allocate structures as true members of class (not pointers)
Brian Norris [Tue, 16 Apr 2013 02:48:25 +0000 (19:48 -0700)]
scanalysis: allocate structures as true members of class (not pointers)

They're all snapshotting, so it makes sense to make them legitimate
members of the SCAnalysis class.

11 years agoscanalysis: fixup spacing
Brian Norris [Tue, 16 Apr 2013 02:41:50 +0000 (19:41 -0700)]
scanalysis: fixup spacing

11 years agoMerge cleanup branch
Brian Norris [Tue, 16 Apr 2013 18:35:07 +0000 (11:35 -0700)]
Merge cleanup branch

This branch separated ModelChecker into two separate classes/modules. It was a
big disruptive change, and it was not compile-able at some points (the BROKEN
commit and some of its successors). Hence the non-fast-forward merge here, to
record the divergent portion of history as special.

11 years agoschedule: drop the ModelChecker::check_promises_thread_disabled interface
Brian Norris [Tue, 16 Apr 2013 02:37:21 +0000 (19:37 -0700)]
schedule: drop the ModelChecker::check_promises_thread_disabled interface

11 years agomodel / threads: remove global get_next_id() interface
Brian Norris [Tue, 16 Apr 2013 02:31:58 +0000 (19:31 -0700)]
model / threads: remove global get_next_id() interface

11 years agopromise: get reference to ModelExecution
Brian Norris [Tue, 16 Apr 2013 02:25:46 +0000 (19:25 -0700)]
promise: get reference to ModelExecution

11 years agoscanalysis: use ModelExecution interfaces
Brian Norris [Tue, 16 Apr 2013 02:20:02 +0000 (19:20 -0700)]
scanalysis: use ModelExecution interfaces

11 years agoscanalysis: install ModelExecution object in the analysis
Brian Norris [Tue, 16 Apr 2013 02:19:16 +0000 (19:19 -0700)]
scanalysis: install ModelExecution object in the analysis

11 years agoexecution: add 'const'
Brian Norris [Tue, 16 Apr 2013 02:17:53 +0000 (19:17 -0700)]
execution: add 'const'

11 years agomodel: cleanup a few more interfaces
Brian Norris [Tue, 16 Apr 2013 02:01:41 +0000 (19:01 -0700)]
model: cleanup a few more interfaces

These public interfaces are no longer presentin ModelChecker.

11 years agomodel: add get_execution() interface
Brian Norris [Tue, 16 Apr 2013 01:59:53 +0000 (18:59 -0700)]
model: add get_execution() interface

11 years agoBROKEN: restructure much of ModelChecker as ModelExecution class
Brian Norris [Tue, 16 Apr 2013 01:25:53 +0000 (18:25 -0700)]
BROKEN: restructure much of ModelChecker as ModelExecution class

This will *not* compile fully. It is an interim step in which I move
much of the ModelChecker code into a separate class which does not need
to be globally-accessible. The next few commits should fix the compile
problems as I rewrite/remove some interfaces.

11 years agodatarace: simplify raceCheck{Read,Write}() function interfaces
Brian Norris [Tue, 16 Apr 2013 01:46:18 +0000 (18:46 -0700)]
datarace: simplify raceCheck{Read,Write}() function interfaces

The user should not have to pass in a ClockVector.

11 years agodatarace: make globals static
Brian Norris [Tue, 16 Apr 2013 01:33:28 +0000 (18:33 -0700)]
datarace: make globals static

They're only global within this file.

11 years agomodel: drop public get_current_node() interface
Brian Norris [Tue, 16 Apr 2013 00:59:36 +0000 (17:59 -0700)]
model: drop public get_current_node() interface

11 years agomodel: remove public check_promises() interface
Brian Norris [Tue, 16 Apr 2013 00:38:45 +0000 (17:38 -0700)]
model: remove public check_promises() interface

11 years agomodel: add synchronize() function
Brian Norris [Tue, 16 Apr 2013 00:28:11 +0000 (17:28 -0700)]
model: add synchronize() function

To prevent code duplication.

11 years agocommon: drop model_print_summary()
Brian Norris [Tue, 16 Apr 2013 01:19:10 +0000 (18:19 -0700)]
common: drop model_print_summary()

This can cause problems if we include it in the output of ASSERT().

11 years agopromise: add Promise::get_index function
Brian Norris [Tue, 16 Apr 2013 00:53:11 +0000 (17:53 -0700)]
promise: add Promise::get_index function

11 years agoaction: we don't need special cases for lock/join anymore
Brian Norris [Tue, 16 Apr 2013 00:26:24 +0000 (17:26 -0700)]
action: we don't need special cases for lock/join anymore

11 years agomove license to LICENSE file
Brian Norris [Tue, 16 Apr 2013 00:12:20 +0000 (17:12 -0700)]
move license to LICENSE file

11 years agoMerge cleanup code from Brian N.
Brian Norris [Tue, 16 Apr 2013 00:09:53 +0000 (17:09 -0700)]
Merge cleanup code from Brian N.

11 years agotraceanalysis: rename to remove '_'
Brian Norris [Mon, 15 Apr 2013 23:56:51 +0000 (16:56 -0700)]
traceanalysis: rename to remove '_'

11 years agobugmessage: move struct to header file
Brian Norris [Mon, 15 Apr 2013 22:41:31 +0000 (15:41 -0700)]
bugmessage: move struct to header file

11 years agofix weird duplicated code
Brian Demsky [Mon, 15 Apr 2013 08:00:36 +0000 (01:00 -0700)]
fix weird duplicated code

11 years agoparams: move model_params to header file
Brian Norris [Mon, 15 Apr 2013 07:02:58 +0000 (00:02 -0700)]
params: move model_params to header file

11 years agomodel: add too_many_steps()
Brian Norris [Mon, 15 Apr 2013 06:24:44 +0000 (23:24 -0700)]
model: add too_many_steps()

11 years agomodel: fixup whitespace
Brian Norris [Mon, 15 Apr 2013 06:11:53 +0000 (23:11 -0700)]
model: fixup whitespace

11 years agoscanalysis: fix warning
Brian Norris [Mon, 15 Apr 2013 04:34:49 +0000 (21:34 -0700)]
scanalysis: fix warning

canalysis.cc: In member function ‘bool SCAnalysis::processRead(ModelAction*, ClockVector*)’:
scanalysis.cc:162:78: warning: suggest parentheses around ‘&&’ within ‘||’ [-Wparentheses]

11 years agoscanalysis: remove whitespace
Brian Norris [Mon, 15 Apr 2013 03:57:48 +0000 (20:57 -0700)]
scanalysis: remove whitespace

11 years agoclean up printing a little for cycle cases...
Brian Demsky [Sun, 14 Apr 2013 07:57:55 +0000 (00:57 -0700)]
clean up printing a little for cycle cases...

11 years agomore implementation of scanalysis...
Brian Demsky [Fri, 12 Apr 2013 08:33:34 +0000 (01:33 -0700)]
more implementation of scanalysis...

implementation of scanalysis and printout code...  should work now

11 years agomore implementation of scanalysis...
Brian Demsky [Fri, 12 Apr 2013 08:33:34 +0000 (01:33 -0700)]
more implementation of scanalysis...
seems like it might work at this point, but need code to tell whether it is a SC trace or not and which parts are SC

11 years agotowards supporting scanalysis...
Brian Demsky [Thu, 11 Apr 2013 10:01:07 +0000 (03:01 -0700)]
towards supporting scanalysis...
added some accessor methods in model.cc for external analyses

11 years agoadd some support for traceanalysis plugins
Brian Demsky [Wed, 10 Apr 2013 18:26:19 +0000 (11:26 -0700)]
add some support for traceanalysis plugins

11 years agoadd some support for traceanalysis plugins
Brian Demsky [Wed, 10 Apr 2013 18:26:19 +0000 (11:26 -0700)]
add some support for traceanalysis plugins

11 years agoimprove documentation + Doxygen formatting
Brian Norris [Thu, 11 Apr 2013 19:15:10 +0000 (12:15 -0700)]
improve documentation + Doxygen formatting

11 years agoaction: refactor, move VALUE_TRY{SUCCESS,FAILED} out of header
Brian Norris [Thu, 11 Apr 2013 18:25:16 +0000 (11:25 -0700)]
action: refactor, move VALUE_TRY{SUCCESS,FAILED} out of header

11 years agocyclegraph: kill unused promise_list_t type
Brian Norris [Thu, 11 Apr 2013 17:57:30 +0000 (10:57 -0700)]
cyclegraph: kill unused promise_list_t type

11 years agosnapshot: cleanup/document much of fork-based snapshotting
Brian Norris [Sat, 6 Apr 2013 01:42:16 +0000 (18:42 -0700)]
snapshot: cleanup/document much of fork-based snapshotting

We can consolidate much of the fork-based snapshotting "context"
variables so that they are easier to understand; we essentially only
need two types of contexts, the "shared" context used for the client
program (i.e., the model-checker) and the "private" context, which
each snapshot process uses for running and managing its state. That way,
we only have a single process using the "shared" context at a time,
while the others reside in their private context.

Additionally, I add an "exit" context, which is used just to help with
terminating processes once they have to roll back.

Otherwise, this commit contains renaming and documenting of several
fields, variables, etc.

11 years agosnapshot: use sizeof(*fork_snap)
Brian Norris [Fri, 5 Apr 2013 21:44:02 +0000 (14:44 -0700)]
snapshot: use sizeof(*fork_snap)

11 years agomodel: remove DEBUG action print
Brian Norris [Fri, 5 Apr 2013 21:17:42 +0000 (14:17 -0700)]
model: remove DEBUG action print

A ModelAction should only be printed at certain points, where the action
is guaranteed to be consistent (e.g., its reads_from pointer is valid).
Rather than try to position this print opportunely, just drop it; we
already print out the whole trace, which should be sufficient.

11 years agosnapshot: clean up fork-based error handling
Brian Norris [Fri, 5 Apr 2013 21:02:58 +0000 (14:02 -0700)]
snapshot: clean up fork-based error handling

This is an ugly attempt at error handling. Kill the useless variables,
reword the debug prints, and use perror().

11 years agoaction: correct RF capitalization
Brian Norris [Fri, 5 Apr 2013 21:01:33 +0000 (14:01 -0700)]
action: correct RF capitalization

11 years agomodel: deadlock: print the culprit thread, when known
Brian Norris [Thu, 4 Apr 2013 08:38:40 +0000 (01:38 -0700)]
model: deadlock: print the culprit thread, when known

11 years agodatarace: use variable-argument bug-printing
Brian Norris [Thu, 4 Apr 2013 08:38:28 +0000 (01:38 -0700)]
datarace: use variable-argument bug-printing

11 years agomodel: add variable arguments for bug messages
Brian Norris [Thu, 4 Apr 2013 08:25:34 +0000 (01:25 -0700)]
model: add variable arguments for bug messages

11 years agomodel: proactively build/prune is_enabled() set
Brian Norris [Thu, 4 Apr 2013 08:00:17 +0000 (01:00 -0700)]
model: proactively build/prune is_enabled() set

We should proactively check whether threads are enabled, as this allows
the model-checker to more accurately reason about backtracking, fairness
(particularly, assigning thread priorities), and sleep sets.

This commit causes changes in observed executions for many test
programs. Often, this occurs for programs where the main thread
performs a JOIN on a child thread. Previously, we would only discover
that this thread should be disabled once the scheduler attempts to
execute the JOIN ModelAction. For the period of the trace in which this
disabling isn't discovered, we may try to set backtracking points for
the main thread. These executions just turn into infeasible or
sleep-set-redundant executions anyway.

This can also affect the assertion of thread priority when assigning
backtracking points. If a thread is supposedly "enabled" (but in fact is
not), then we may prevent other threads from running because this thread has
priority. But that thread cannot run, so instead we were doing some
funky things with the remaining ("low-priority") threads.

This fix remedies these sorts of issues by precisely computing the set
of threads which are disabled, waiting on other threads/locks.

11 years agomodel: pull thread control logic out of take_step(), check_current...()
Brian Norris [Wed, 3 Apr 2013 16:44:07 +0000 (09:44 -0700)]
model: pull thread control logic out of take_step(), check_current...()

Much of the scheduling and main control loop should be handled closer to
the top-level run() method. This is a start toward putting these
decisions at the appropriate level, making things more clear. Of course,
it's not complete.

11 years agosnapshot: kill useless macro
Brian Norris [Fri, 5 Apr 2013 17:27:18 +0000 (10:27 -0700)]
snapshot: kill useless macro

We're not reusing this macro, so it's better just to use the standard
perror() followed by exit().

11 years agocontext: move Mac swapcontext() to separate compilation unit
Brian Norris [Thu, 4 Apr 2013 20:19:50 +0000 (13:19 -0700)]
context: move Mac swapcontext() to separate compilation unit

We really don't want model_swapcontext() to ever be inlined on Mac OSX,
since this could potentially cause subtle getcontext()-related bugs to
resurface. Just make it a separate compilation unit (*.cc file).

11 years agocommon: improve redirect_output() error handling
Brian Norris [Thu, 4 Apr 2013 19:55:33 +0000 (12:55 -0700)]
common: improve redirect_output() error handling

Check the return code and errno results of all system/library calls.
Also delete the extraneous 'fd' variable and use the appropriate
STDOUT_FILENO macro instead of fileno(stdout).

11 years agocommon: make model_print() use OS file descriptor, not C library FILE*
Brian Norris [Thu, 4 Apr 2013 19:46:13 +0000 (12:46 -0700)]
common: make model_print() use OS file descriptor, not C library FILE*

A C library FILE does buffering (and possibly other opaque operations)
that can conflict with the model-checker's methods of snapshotting
memory. Particularly, it seems like we could corrupt and drop data that
was written to model_out, if the data was large enough and buffered in
just the right way.

Really, with the presence of dprintf(), there is no reason to print to a
FILE stream; we can just use the file descriptor (either STDOUT_FILENO
or the descriptor received from dup2()).

This fixes bugs seen in verbose mode, with a lot of extra debug
printing. Some of the output was being dropped.

11 years agoaction: include reads-from-promise in HASH calculations
Brian Norris [Thu, 4 Apr 2013 17:10:32 +0000 (10:10 -0700)]
action: include reads-from-promise in HASH calculations

And include the *value*, since the same promise index can yield
different future values.

11 years agotest: insanesync: pointer types
Brian Norris [Thu, 4 Apr 2013 07:16:46 +0000 (00:16 -0700)]
test: insanesync: pointer types

Atomic pointers should be stored in atomic_intptr_t/atomic_uintptr_t.
This can throw some extra warnings on 32-bit architectures.

11 years agomodel: note the DPOR addendum
Brian Norris [Thu, 4 Apr 2013 00:55:49 +0000 (17:55 -0700)]
model: note the DPOR addendum

To prevent having problems with this in the future.

11 years agomodel: use get_thread() helper
Brian Norris [Wed, 3 Apr 2013 16:08:44 +0000 (09:08 -0700)]
model: use get_thread() helper

11 years agoswapcontext() fix for Mac OSX
Brian Norris [Thu, 4 Apr 2013 02:27:06 +0000 (19:27 -0700)]
swapcontext() fix for Mac OSX

We provide our own model_swapcontext() for Mac OSX.

11 years agothreads: remove wait_list
Brian Norris [Wed, 3 Apr 2013 01:11:49 +0000 (18:11 -0700)]
threads: remove wait_list

We can glean the "thread waiting" information without recording it
directly in a list for each thread.

11 years agomodel: use get_mutex() and get_thread_operand() helpers
Brian Norris [Wed, 3 Apr 2013 00:52:12 +0000 (17:52 -0700)]
model: use get_mutex() and get_thread_operand() helpers

11 years agomodel: kill lock_waiters_map
Brian Norris [Wed, 3 Apr 2013 00:48:59 +0000 (17:48 -0700)]
model: kill lock_waiters_map

This information can be gleaned without the need for a hash-table of
lists.

11 years agomodel: merge duplicated code for WAIT and UNLOCK
Brian Norris [Wed, 3 Apr 2013 00:45:24 +0000 (17:45 -0700)]
model: merge duplicated code for WAIT and UNLOCK

11 years agotest: mutextest: add thread yield point
Brian Norris [Wed, 3 Apr 2013 00:28:59 +0000 (17:28 -0700)]
test: mutextest: add thread yield point

11 years agomodel: get_mutex() for locating the lock map
Brian Norris [Wed, 3 Apr 2013 00:25:04 +0000 (17:25 -0700)]
model: get_mutex() for locating the lock map

The mutex can already be located via get_mutex(), so don't try to guess
whether it was store in the value or location fields of the ModelAction.

11 years agoaction: add ModelAction::is_thread_join() helper
Brian Norris [Tue, 2 Apr 2013 23:53:52 +0000 (16:53 -0700)]
action: add ModelAction::is_thread_join() helper

11 years agomymemory: fix compiling with !USE_MPROTECT_SNAPSHOT
Brian Norris [Tue, 2 Apr 2013 23:00:30 +0000 (16:00 -0700)]
mymemory: fix compiling with !USE_MPROTECT_SNAPSHOT

11 years agonodestack: move "behaviors" increment all into Node wrapper function
Brian Norris [Thu, 28 Mar 2013 22:27:17 +0000 (15:27 -0700)]
nodestack: move "behaviors" increment all into Node wrapper function

11 years agonodestack: regroup some code
Brian Norris [Thu, 28 Mar 2013 22:21:00 +0000 (15:21 -0700)]
nodestack: regroup some code

To put "threads backtracking" code together

11 years agothreads: move circular wait check into Threads::is_waiting_on
Brian Norris [Wed, 27 Mar 2013 20:03:43 +0000 (13:03 -0700)]
threads: move circular wait check into Threads::is_waiting_on

A Threads::is_waiting_on(Thread *) interface  provides a more generic
interface, which can be useful for tasks other than just circular wait
deadlock detection.

11 years agocorrect comment typo
Brian Demsky [Fri, 22 Mar 2013 23:31:47 +0000 (16:31 -0700)]
correct comment typo

11 years agocheck in insane test case...
Brian Demsky [Fri, 22 Mar 2013 23:27:37 +0000 (16:27 -0700)]
check in insane test case...

We don't support such behavior.

11 years agofix mistake in promises may allow code... need to be even more aggressive about fv
Brian Demsky [Fri, 22 Mar 2013 07:06:51 +0000 (00:06 -0700)]
fix mistake in promises may allow code...  need to be even more aggressive about fv

11 years agomain: adjust defaults again
Brian Norris [Fri, 22 Mar 2013 06:24:15 +0000 (23:24 -0700)]
main: adjust defaults again

-s 6 -S 4

11 years agoMerge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker
Brian Norris [Fri, 22 Mar 2013 01:07:18 +0000 (18:07 -0700)]
Merge branch 'master' of ssh://demsky.eecs.uci.edu/home/git/model-checker

11 years agomain: change default 'future delay' for promise expiration
Brian Norris [Fri, 22 Mar 2013 01:05:04 +0000 (18:05 -0700)]
main: change default 'future delay' for promise expiration

From 100 to 10, since 100 is kind of absurd, given the current program
length scalability.

11 years agomodel: re-check pending future values whenever a promise is resolved
Brian Norris [Thu, 21 Mar 2013 23:48:57 +0000 (16:48 -0700)]
model: re-check pending future values whenever a promise is resolved

This is the second part of the previous bugfix; now we must also allow
stashed pending future values to be re-checked in case a promise has
been resolved which now allows sending the value.

11 years agomodel: bugfix - send future values more eagerly
Brian Norris [Thu, 21 Mar 2013 23:33:04 +0000 (16:33 -0700)]
model: bugfix - send future values more eagerly

This is a bugfix to a pretty big problem with our future value pruning,
where we would hold future values as 'pending' until all pending
promises were resolved. Unfortunately, this is unsound and must be
rewritten.

Now, we allow sending some future values even in presence of promises,
if the value is being sent to a load that is later than the last time a
Promise was created. We have a pseudo-proof that this should be correct.

11 years agomodel: refactor add_future_value, add documentation
Brian Norris [Thu, 21 Mar 2013 23:24:47 +0000 (16:24 -0700)]
model: refactor add_future_value, add documentation