diff options
Diffstat (limited to 'helgrind/.svn')
19 files changed, 14177 insertions, 0 deletions
diff --git a/helgrind/.svn/dir-prop-base b/helgrind/.svn/dir-prop-base new file mode 100644 index 0000000..da4a263 --- /dev/null +++ b/helgrind/.svn/dir-prop-base @@ -0,0 +1,16 @@ +K 10 +svn:ignore +V 243 +.deps +helgrind-amd64-linux +helgrind-ppc32-linux +helgrind-ppc64-linux +helgrind-x86-linux +Makefile +Makefile.in +vgpreload_helgrind-amd64-linux.so +vgpreload_helgrind-ppc32-linux.so +vgpreload_helgrind-ppc64-linux.so +vgpreload_helgrind-x86-linux.so + +END diff --git a/helgrind/.svn/entries b/helgrind/.svn/entries new file mode 100644 index 0000000..3b4259a --- /dev/null +++ b/helgrind/.svn/entries @@ -0,0 +1,226 @@ +8 + +dir +9703 +svn://svn.valgrind.org/valgrind/trunk/helgrind +svn://svn.valgrind.org/valgrind + + + +2009-03-15T23:25:38.213170Z +9416 +njn +has-props + +svn:special svn:externals svn:needs-lock + + + + + + + + + + + +a5019735-40e9-0310-863c-91ae7b9d1cf9 + +hg_intercepts.c +file + + + + +2009-03-13T17:29:59.000000Z +4c0347b80766f4bc77bf3c07f6732f71 +2009-03-10T22:02:09.669944Z +9344 +njn + +hg_errors.h +file + + + + +2009-03-13T17:29:59.000000Z +49cfb9c69c123d0d7fd0b5e3d1da8e1f +2009-03-10T22:02:09.669944Z +9344 +njn + +helgrind.h +file + + + + +2009-03-13T17:29:59.000000Z +4d5f0424f46fabd606a69c95cbb32d70 +2009-03-10T22:02:09.669944Z +9344 +njn + +hg_main.c +file + + + + +2009-04-30T16:43:55.000000Z +ebb2d4f778cb646795ef7153502766fc +2009-03-15T23:25:38.213170Z +9416 +njn + +hg_wordset.c +file + + + + +2009-03-13T17:29:59.000000Z +d8a429ba83845e51ffc57b37348b7ddb +2009-03-10T22:02:09.669944Z +9344 +njn + +docs +dir + +README_YARD.txt +file + + + + +2009-03-13T17:29:59.000000Z +bb34f6de399819578286f5f3077ae81f +2008-10-25T16:22:41.648611Z +8707 +sewardj + +hg_lock_n_thread.c +file + + + + +2009-03-13T17:29:59.000000Z +8d7af180e014bb6118d169588f603fb3 +2009-03-10T22:02:09.669944Z +9344 +njn + +hg_wordset.h +file + + + + +2009-03-13T17:29:59.000000Z +4b9896a3623d4bb410438d7efb61856c +2009-03-10T22:02:09.669944Z +9344 +njn + +hg_lock_n_thread.h +file + + + + +2009-03-13T17:29:59.000000Z +cf621660dfe32f08290225cc4d001aae +2009-03-10T22:02:09.669944Z +9344 +njn + +tests +dir + +hg_basics.c +file + + + + +2009-03-13T17:29:59.000000Z +8c29c10deb3e538eebc7b83d902b4133 +2009-03-10T22:02:09.669944Z +9344 +njn + +libhb.h +file + + + + +2009-03-13T17:29:59.000000Z +68278834bfa089717072ddb0b07df10e +2009-03-10T22:02:09.669944Z +9344 +njn + +hg_basics.h +file + + + + +2009-03-13T17:30:00.000000Z +5d981ad3e0ef05e01ee0e6b88f4e8f9f +2009-03-10T22:02:09.669944Z +9344 +njn + +libhb_core.c +file + + + + +2009-04-30T16:43:55.000000Z +3d64543b3dc34ab4e62405b369bba155 +2009-03-15T23:25:38.213170Z +9416 +njn + +Makefile.am +file + + + + +2009-03-13T17:30:00.000000Z +5386f6c46810c3f9a826fa3277e073f6 +2009-01-22T21:56:32.234907Z +9031 +njn + +README_MSMProp2.txt +file + + + + +2009-03-13T17:30:00.000000Z +967ec9869d6c3f23157f4dfc405b76f1 +2008-10-25T16:22:41.648611Z +8707 +sewardj + +hg_errors.c +file + + + + +2009-03-13T17:30:00.000000Z +bd6ffc9b7c116a65d51bece430ae2f7a +2009-03-10T22:02:09.669944Z +9344 +njn + diff --git a/helgrind/.svn/format b/helgrind/.svn/format new file mode 100644 index 0000000..45a4fb7 --- /dev/null +++ b/helgrind/.svn/format @@ -0,0 +1 @@ +8 diff --git a/helgrind/.svn/text-base/Makefile.am.svn-base b/helgrind/.svn/text-base/Makefile.am.svn-base new file mode 100644 index 0000000..02f96ba --- /dev/null +++ b/helgrind/.svn/text-base/Makefile.am.svn-base @@ -0,0 +1,127 @@ +include $(top_srcdir)/Makefile.tool.am + +noinst_PROGRAMS = +if VGCONF_PLATFORMS_INCLUDE_X86_LINUX +noinst_PROGRAMS += helgrind-x86-linux vgpreload_helgrind-x86-linux.so +endif +if VGCONF_PLATFORMS_INCLUDE_AMD64_LINUX +noinst_PROGRAMS += helgrind-amd64-linux vgpreload_helgrind-amd64-linux.so +endif +if VGCONF_PLATFORMS_INCLUDE_PPC32_LINUX +noinst_PROGRAMS += helgrind-ppc32-linux vgpreload_helgrind-ppc32-linux.so +endif +if VGCONF_PLATFORMS_INCLUDE_PPC64_LINUX +noinst_PROGRAMS += helgrind-ppc64-linux vgpreload_helgrind-ppc64-linux.so +endif +if VGCONF_PLATFORMS_INCLUDE_PPC32_AIX5 +noinst_PROGRAMS += helgrind-ppc32-aix5 vgpreload_helgrind-ppc32-aix5.so +endif +if VGCONF_PLATFORMS_INCLUDE_PPC64_AIX5 +noinst_PROGRAMS += helgrind-ppc64-aix5 vgpreload_helgrind-ppc64-aix5.so +endif + +VGPRELOAD_HELGRIND_SOURCES_COMMON = hg_intercepts.c + +vgpreload_helgrind_x86_linux_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_x86_linux_so_CPPFLAGS = $(AM_CPPFLAGS_X86_LINUX) +vgpreload_helgrind_x86_linux_so_CFLAGS = $(AM_CFLAGS_X86_LINUX) $(AM_CFLAGS_PIC) +vgpreload_helgrind_x86_linux_so_DEPENDENCIES = $(LIBREPLACEMALLOC_X86_LINUX) +vgpreload_helgrind_x86_linux_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_X86_LINUX) \ + $(LIBREPLACEMALLOC_LDFLAGS_X86_LINUX) + +vgpreload_helgrind_amd64_linux_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_amd64_linux_so_CPPFLAGS = $(AM_CPPFLAGS_AMD64_LINUX) +vgpreload_helgrind_amd64_linux_so_CFLAGS = $(AM_CFLAGS_AMD64_LINUX) $(AM_CFLAGS_PIC) +vgpreload_helgrind_amd64_linux_so_DEPENDENCIES = $(LIBREPLACEMALLOC_AMD64_LINUX) +vgpreload_helgrind_amd64_linux_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_AMD64_LINUX) \ + $(LIBREPLACEMALLOC_LDFLAGS_AMD64_LINUX) + +vgpreload_helgrind_ppc32_linux_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_ppc32_linux_so_CPPFLAGS = $(AM_CPPFLAGS_PPC32_LINUX) +vgpreload_helgrind_ppc32_linux_so_CFLAGS = $(AM_CFLAGS_PPC32_LINUX) $(AM_CFLAGS_PIC) +vgpreload_helgrind_ppc32_linux_so_DEPENDENCIES = $(LIBREPLACEMALLOC_PPC32_LINUX) +vgpreload_helgrind_ppc32_linux_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_PPC32_LINUX) \ + $(LIBREPLACEMALLOC_LDFLAGS_PPC32_LINUX) + +vgpreload_helgrind_ppc64_linux_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_ppc64_linux_so_CPPFLAGS = $(AM_CPPFLAGS_PPC64_LINUX) +vgpreload_helgrind_ppc64_linux_so_CFLAGS = $(AM_CFLAGS_PPC64_LINUX) $(AM_CFLAGS_PIC) +vgpreload_helgrind_ppc64_linux_so_DEPENDENCIES = $(LIBREPLACEMALLOC_PPC64_LINUX) +vgpreload_helgrind_ppc64_linux_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_PPC64_LINUX) \ + $(LIBREPLACEMALLOC_LDFLAGS_PPC64_LINUX) + +vgpreload_helgrind_ppc32_aix5_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_ppc32_aix5_so_CPPFLAGS = $(AM_CPPFLAGS_PPC32_AIX5) +vgpreload_helgrind_ppc32_aix5_so_CFLAGS = $(AM_CFLAGS_PPC32_AIX5) $(AM_CFLAGS_PIC) +vgpreload_helgrind_ppc32_aix5_so_DEPENDENCIES = $(LIBREPLACEMALLOC_PPC32_AIX5) +vgpreload_helgrind_ppc32_aix5_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_PPC32_AIX5) \ + $(LIBREPLACEMALLOC_LDFLAGS_PPC32_AIX5) + +vgpreload_helgrind_ppc64_aix5_so_SOURCES = $(VGPRELOAD_HELGRIND_SOURCES_COMMON) +vgpreload_helgrind_ppc64_aix5_so_CPPFLAGS = $(AM_CPPFLAGS_PPC64_AIX5) +vgpreload_helgrind_ppc64_aix5_so_CFLAGS = $(AM_CFLAGS_PPC64_AIX5) $(AM_CFLAGS_PIC) +vgpreload_helgrind_ppc64_aix5_so_DEPENDENCIES = $(LIBREPLACEMALLOC_PPC64_AIX5) +vgpreload_helgrind_ppc64_aix5_so_LDFLAGS = \ + $(PRELOAD_LDFLAGS_PPC64_AIX5) \ + $(LIBREPLACEMALLOC_LDFLAGS_PPC64_AIX5) + +HELGRIND_SOURCES_COMMON = \ + hg_basics.c hg_lock_n_thread.c hg_wordset.c libhb_core.c \ + hg_errors.c hg_main.c + +helgrind_x86_linux_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_x86_linux_CPPFLAGS = $(AM_CPPFLAGS_X86_LINUX) +helgrind_x86_linux_CFLAGS = $(AM_CFLAGS_X86_LINUX) -O2 +helgrind_x86_linux_DEPENDENCIES = $(COREGRIND_LIBS_X86_LINUX) +helgrind_x86_linux_LDADD = $(TOOL_LDADD_X86_LINUX) +helgrind_x86_linux_LDFLAGS = $(TOOL_LDFLAGS_X86_LINUX) + +helgrind_amd64_linux_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_amd64_linux_CPPFLAGS = $(AM_CPPFLAGS_AMD64_LINUX) +helgrind_amd64_linux_CFLAGS = $(AM_CFLAGS_AMD64_LINUX) -O2 +helgrind_amd64_linux_DEPENDENCIES = $(COREGRIND_LIBS_AMD64_LINUX) +helgrind_amd64_linux_LDADD = $(TOOL_LDADD_AMD64_LINUX) +helgrind_amd64_linux_LDFLAGS = $(TOOL_LDFLAGS_AMD64_LINUX) + +helgrind_ppc32_linux_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_ppc32_linux_CPPFLAGS = $(AM_CPPFLAGS_PPC32_LINUX) +helgrind_ppc32_linux_CFLAGS = $(AM_CFLAGS_PPC32_LINUX) -O2 +helgrind_ppc32_linux_DEPENDENCIES = $(COREGRIND_LIBS_PPC32_LINUX) +helgrind_ppc32_linux_LDADD = $(TOOL_LDADD_PPC32_LINUX) +helgrind_ppc32_linux_LDFLAGS = $(TOOL_LDFLAGS_PPC32_LINUX) + +helgrind_ppc64_linux_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_ppc64_linux_CPPFLAGS = $(AM_CPPFLAGS_PPC64_LINUX) +helgrind_ppc64_linux_CFLAGS = $(AM_CFLAGS_PPC64_LINUX) -O2 +helgrind_ppc64_linux_DEPENDENCIES = $(COREGRIND_LIBS_PPC64_LINUX) +helgrind_ppc64_linux_LDADD = $(TOOL_LDADD_PPC64_LINUX) +helgrind_ppc64_linux_LDFLAGS = $(TOOL_LDFLAGS_PPC64_LINUX) + +helgrind_ppc32_aix5_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_ppc32_aix5_CPPFLAGS = $(AM_CPPFLAGS_PPC32_AIX5) +helgrind_ppc32_aix5_CFLAGS = $(AM_CFLAGS_PPC32_AIX5) -O2 +helgrind_ppc32_aix5_DEPENDENCIES = $(COREGRIND_LIBS_PPC32_AIX5) +helgrind_ppc32_aix5_LDADD = $(TOOL_LDADD_PPC32_AIX5) +helgrind_ppc32_aix5_LDFLAGS = $(TOOL_LDFLAGS_PPC32_AIX5) + +helgrind_ppc64_aix5_SOURCES = $(HELGRIND_SOURCES_COMMON) +helgrind_ppc64_aix5_CPPFLAGS = $(AM_CPPFLAGS_PPC64_AIX5) +helgrind_ppc64_aix5_CFLAGS = $(AM_CFLAGS_PPC64_AIX5) -O2 +helgrind_ppc64_aix5_DEPENDENCIES = $(COREGRIND_LIBS_PPC64_AIX5) +helgrind_ppc64_aix5_LDADD = $(TOOL_LDADD_PPC64_AIX5) +helgrind_ppc64_aix5_LDFLAGS = $(TOOL_LDFLAGS_PPC64_AIX5) + +hgincludedir = $(includedir)/valgrind + +hginclude_HEADERS = helgrind.h + +noinst_HEADERS = \ + hg_basics.h hg_lock_n_thread.h hg_errors.h hg_wordset.h \ + libhb.h + +EXTRA_DIST = README_MSMProp2.txt README_YARD.txt diff --git a/helgrind/.svn/text-base/README_MSMProp2.txt.svn-base b/helgrind/.svn/text-base/README_MSMProp2.txt.svn-base new file mode 100644 index 0000000..6b4ac5f --- /dev/null +++ b/helgrind/.svn/text-base/README_MSMProp2.txt.svn-base @@ -0,0 +1,156 @@ + +MSMProp2, a simplified but functionally equivalent version of MSMProp1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Julian Seward, OpenWorks Ltd, 19 August 2008 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Note that this file does NOT describe the state machine used in the +svn://svn.valgrind.org/branches/YARD version of Helgrind. That state +machine is different again from any previously described machine. + +See the file README_YARD.txt for more details on YARD. + + ---------------------- + +In early 2008 Konstantin Serebryany proposed "MSMProp1", a memory +state machine for data race detection. It is described at +http://code.google.com/p/data-race-test/wiki/MSMProp1 + +Implementation experiences show MSMProp1 is useful, but difficult to +implement efficiently. In particular keeping the memory usage under +control is complex and difficult. + +This note points out a key simplification of MSMProp1, which makes it +easier to implement without changing the functionality. + + +The idea +~~~~~~~~ + +The core of the idea pertains to the "Condition" entry for MSMProp1 +state machine rules E5 and E6(r). These are, respectively: + + HB(SS, currS) and its negation + ! HB(SS, currS). + +Here, SS is a set of segments, and currS is a single segment. Each +segment contains a vector timestamp. The expression "HB(SS, currS)" +is intended to denote + + for each segment S in SS . happens_before(S,currS) + +where happens_before(S,T) means that S's vector timestamp is ordered +before-or-equal to T's vector timestamp. + +In words, the expression + + for each segment S in SS . happens_before(S,currS) + +is equivalent to saying that currS has a timestamp which is +greater-than-equal to the timestamps of all the segments in SS. + +The key observation is that this is equivalent to + + happens_before( JOIN(SS), currS ) + +where JOIN is the lattice-theoretic "max" or "least upper bound" +operation on vector clocks. Given the definition of HB, +happens_before and (binary) JOIN, this is easy to prove. + + +The consequences +~~~~~~~~~~~~~~~~ + +With that observation in place, it is a short step to observe that +storing segment sets in MSMProp1 is unnecessary. Instead of +storing a segment set in each shadow value, just store and +update a single vector timestamp. The following two equivalences +hold: + + MSMProp1 MSMProp2 + + adding a segment S join-ing S's vector timestamp + to the segment-set to the current vector timestamp + + HB(SS,currS) happens_before( + currS's timestamp, + current vector timestamp ) + +Once it is no longer necessary to represent segment sets, it then +also becomes unnecessary to represent segments. This constitutes +a significant simplication to the implementation. + + +The resulting state machine, MSMProp2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +MSMProp2 is isomorphic to MSMProp1, with the following changes: + +States are New, Read(VTS,LS), Write(VTS,LS) + +where LS is a lockset (as before) and VTS is a vector timestamp. + +For a thread T with current lockset 'currLS' and current VTS 'currVTS' +making a memory access, the new rules are + +Name Old-State Op Guard New-State Race-If + +E1 New rd True Read(currVTS,currLS) False + +E2 New wr True Write(currVTS,currLS) False + +E3 Read(oldVTS,oldLS) rd True Read(newVTS,newLS) False + +E4 Read(oldVTS,oldLS) wr True Write(newVTS,newLS) #newLS == 0 + && !hb(oldVTS,currVTS) + +E5 Write(oldVTS,oldLS) rd hb(oldVTS, Read(currVTS,currLS) False + currVTS) + +E6r Write(oldVTS,oldLS) rd !hb(oldVTS, Write(newVTS,newLS) #newLS == 0 + currVTS) && !hb(oldVTS,currVTS) + +E6w Write(oldVTS,oldLS) wr True Write(newVTS,newLS) #newLS == 0 + && !hb(oldVTS,currVTS) + + where newVTS = join2(oldVTS,currVTS) + + newLS = if hb(oldVTS,currVTS) + then currLS + else intersect(oldLS,currLS) + + hb(vts1, vts2) = vts1 happens before or is equal to vts2 + + +Interpretation of the states +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +I always found the state names in MSMProp1 confusing. Both MSMProp1 +and MSMProp2 are easier to understand if the states Read and Write are +renamed, like this: + + old name new name + + Read WriteConstraint + Write AllConstraint + +The effect of a state Read(VTS,LS) is to constrain all later-observed +writes so that either (1) the writing thread holds at least one lock +in common with LS, or (2) those writes must happen-after VTS. If +neither of those two conditions hold, a race is reported. + +Hence a Read state places a constraint on writes. + +The effect of a state Write(VTS,LS) is similar, but it applies to all +later-observed accesses: either (1) the accessing thread holds at +least one lock in common with LS, or (2) those accesses must +happen-after VTS. If neither of those two conditions hold, a race is +reported. + +Hence a Write state places a constraint on all accesses. + +If we ignore the LS component of these states, the intuitive +interpretation of the VTS component is that it states the earliest +vector-time that the next write / access may safely happen. + diff --git a/helgrind/.svn/text-base/README_YARD.txt.svn-base b/helgrind/.svn/text-base/README_YARD.txt.svn-base new file mode 100644 index 0000000..992769c --- /dev/null +++ b/helgrind/.svn/text-base/README_YARD.txt.svn-base @@ -0,0 +1,34 @@ + +YARD, Yet Another Race Detector, built on the Helgrind framework +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Julian Seward, OpenWorks Ltd, 19 August 2008 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The YARD race detector lives in svn://svn.valgrind.org/branches/YARD. + +It uses a new and relatively simple race detection engine, based on +the idea of shadowing each memory location with two vector timestamps, +indicating respectively the "earliest safe read point" and "earliest +safe write point". As far as I know this is a novel approach. Some +features of the implementation: + +* Modularity. The entire race detection engine is placed in a + standalone library (libhb_core.c) with a simple interface (libhb.h). + This makes it easier to debug and verify the engine; indeed it can + be built as a standalone executable with test harness using "make -f + Makefile_sa". + +* Simplified and scalable storage management, so that large programs, + with many synchronisation events, can be handled. + +* Ability to report both call stacks involved in a race, without + excessive time or space overhead. + +* Pure happens before operation, so as not to give any false + positives. + +To use, build as usual and run as "--tool=helgrind". + +You can disable lock order checking with --track-lockorders=no, as it +sometimes produces an annoying amount of output. diff --git a/helgrind/.svn/text-base/helgrind.h.svn-base b/helgrind/.svn/text-base/helgrind.h.svn-base new file mode 100644 index 0000000..7696e7d --- /dev/null +++ b/helgrind/.svn/text-base/helgrind.h.svn-base @@ -0,0 +1,113 @@ +/* + ---------------------------------------------------------------- + + Notice that the above BSD-style license applies to this one file + (helgrind.h) only. The entire rest of Valgrind is licensed under + the terms of the GNU General Public License, version 2. See the + COPYING file in the source distribution for details. + + ---------------------------------------------------------------- + + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks LLP + info@open-works.co.uk + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. The origin of this software must not be misrepresented; you must + not claim that you wrote the original software. If you use this + software in a product, an acknowledgment in the product + documentation would be appreciated but is not required. + + 3. Altered source versions must be plainly marked as such, and must + not be misrepresented as being the original software. + + 4. The name of the author may not be used to endorse or promote + products derived from this software without specific prior written + permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + ---------------------------------------------------------------- + + Notice that the above BSD-style license applies to this one file + (helgrind.h) only. The entire rest of Valgrind is licensed under + the terms of the GNU General Public License, version 2. See the + COPYING file in the source distribution for details. + + ---------------------------------------------------------------- +*/ + +#ifndef __HELGRIND_H +#define __HELGRIND_H + +#include "valgrind.h" + +typedef + enum { + VG_USERREQ__HG_CLEAN_MEMORY = VG_USERREQ_TOOL_BASE('H','G'), + + /* The rest are for Helgrind's internal use. Not for end-user + use. Do not use them unless you are a Valgrind developer. */ + + /* Notify the tool what this thread's pthread_t is. */ + _VG_USERREQ__HG_SET_MY_PTHREAD_T = VG_USERREQ_TOOL_BASE('H','G') + + 256, + _VG_USERREQ__HG_PTH_API_ERROR, /* char*, int */ + _VG_USERREQ__HG_PTHREAD_JOIN_POST, /* pthread_t of quitter */ + _VG_USERREQ__HG_PTHREAD_MUTEX_INIT_POST, /* pth_mx_t*, long mbRec */ + _VG_USERREQ__HG_PTHREAD_MUTEX_DESTROY_PRE, /* pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE, /* pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_POST, /* pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, /* pth_mx_t*, long isTryLock */ + _VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, /* pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_COND_SIGNAL_PRE, /* pth_cond_t* */ + _VG_USERREQ__HG_PTHREAD_COND_BROADCAST_PRE, /* pth_cond_t* */ + _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE, /* pth_cond_t*, pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_COND_WAIT_POST, /* pth_cond_t*, pth_mx_t* */ + _VG_USERREQ__HG_PTHREAD_COND_DESTROY_PRE, /* pth_cond_t* */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_INIT_POST, /* pth_rwlk_t* */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_DESTROY_PRE, /* pth_rwlk_t* */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, /* pth_rwlk_t*, long isW */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, /* pth_rwlk_t*, long isW */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE, /* pth_rwlk_t* */ + _VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST, /* pth_rwlk_t* */ + _VG_USERREQ__HG_POSIX_SEM_INIT_POST, /* sem_t*, ulong value */ + _VG_USERREQ__HG_POSIX_SEM_DESTROY_PRE, /* sem_t* */ + _VG_USERREQ__HG_POSIX_SEM_POST_PRE, /* sem_t* */ + _VG_USERREQ__HG_POSIX_SEM_WAIT_POST, /* sem_t* */ + _VG_USERREQ__HG_PTHREAD_BARRIER_INIT_PRE, /* pth_bar_t*, ulong */ + _VG_USERREQ__HG_PTHREAD_BARRIER_WAIT_PRE, /* pth_bar_t* */ + _VG_USERREQ__HG_PTHREAD_BARRIER_DESTROY_PRE /* pth_bar_t* */ + } Vg_TCheckClientRequest; + +/* Clean memory state. This makes Helgrind forget everything it knew + about the specified memory range, and resets it to New. This is + particularly useful for memory allocators that wish to recycle + memory. */ +#define VALGRIND_HG_CLEAN_MEMORY(_qzz_start, _qzz_len) \ + do { \ + unsigned long _qzz_res; \ + VALGRIND_DO_CLIENT_REQUEST(_qzz_res, 0, VG_USERREQ__HG_CLEAN_MEMORY, \ + _qzz_start, _qzz_len, 0, 0, 0); \ + (void)0; \ + } while(0) + +#endif /* __HELGRIND_H */ diff --git a/helgrind/.svn/text-base/hg_basics.c.svn-base b/helgrind/.svn/text-base/hg_basics.c.svn-base new file mode 100644 index 0000000..d7f3fa7 --- /dev/null +++ b/helgrind/.svn/text-base/hg_basics.c.svn-base @@ -0,0 +1,86 @@ + +/*--------------------------------------------------------------------*/ +/*--- Basic definitions for all of Helgrind. ---*/ +/*--- hg_basics.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_mallocfree.h" +#include "pub_tool_threadstate.h" + +#include "hg_basics.h" /* self */ + + +/*----------------------------------------------------------------*/ +/*--- Very basic stuff ---*/ +/*----------------------------------------------------------------*/ + +void* HG_(zalloc) ( HChar* cc, SizeT n ) +{ + void* p; + tl_assert(n > 0); + p = VG_(malloc)( cc, n ); + tl_assert(p); + VG_(memset)(p, 0, n); + return p; +} + +void HG_(free) ( void* p ) +{ + tl_assert(p); + VG_(free)(p); +} + +Char* HG_(strdup) ( HChar* cc, const Char* s ) +{ + return VG_(strdup)( cc, s ); +} + + +/*----------------------------------------------------------------*/ +/*--- Command line options ---*/ +/*----------------------------------------------------------------*/ + +/* Description of these flags is in hg_basics.h. */ + +Bool HG_(clo_track_lockorders) = True; + +Bool HG_(clo_cmp_race_err_addrs) = False; + +Bool HG_(clo_show_conflicts) = True; + +UWord HG_(clo_conflict_cache_size) = 1000000; + +Word HG_(clo_sanity_flags) = 0; + + +/*--------------------------------------------------------------------*/ +/*--- end hg_basics.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_basics.h.svn-base b/helgrind/.svn/text-base/hg_basics.h.svn-base new file mode 100644 index 0000000..4923c0e --- /dev/null +++ b/helgrind/.svn/text-base/hg_basics.h.svn-base @@ -0,0 +1,97 @@ + +/*--------------------------------------------------------------------*/ +/*--- Basic definitions for all of Helgrind. ---*/ +/*--- hg_basics.h ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#ifndef __HG_BASICS_H +#define __HG_BASICS_H + + +/*----------------------------------------------------------------*/ +/*--- Very basic stuff ---*/ +/*----------------------------------------------------------------*/ + +#define HG_(str) VGAPPEND(vgHelgrind_,str) + +void* HG_(zalloc) ( HChar* cc, SizeT n ); +void HG_(free) ( void* p ); +Char* HG_(strdup) ( HChar* cc, const Char* s ); + +static inline Bool HG_(is_sane_ThreadId) ( ThreadId coretid ) { + return coretid >= 0 && coretid < VG_N_THREADS; +} + + +/*----------------------------------------------------------------*/ +/*--- Command line options ---*/ +/*----------------------------------------------------------------*/ + +/* Flags for controlling for which events sanity checking is done */ +#define SCE_THREADS (1<<0) // Sanity check at thread create/join +#define SCE_LOCKS (1<<1) // Sanity check at lock events +#define SCE_BIGRANGE (1<<2) // Sanity check at big mem range events +#define SCE_ACCESS (1<<3) // Sanity check at mem accesses +#define SCE_LAOG (1<<4) // Sanity check at significant LAOG events + +#define SCE_BIGRANGE_T 256 // big mem range minimum size + + +/* Enable/disable lock order checking. Sometimes it produces a lot of + errors, possibly genuine, which nevertheless can be very + annoying. */ +extern Bool HG_(clo_track_lockorders); + +/* When comparing race errors for equality, should the race address be + taken into account? For users, no, but for verification purposes + (regtesting) this is sometimes important. */ +extern Bool HG_(clo_cmp_race_err_addrs); + +/* Show conflicting accesses? This involves collecting and storing + large numbers of call stacks just in case we might need to show + them later, and so is expensive (although very useful). Hence + allow it to be optionally disabled. */ +extern Bool HG_(clo_show_conflicts); + +/* Size of the conflicting-access cache, measured in terms of + maximum possible number of elements in the previous-access map. + Must be between 10k amd 10 million. Default is 1 million. */ +extern UWord HG_(clo_conflict_cache_size); + +/* Sanity check level. This is an or-ing of + SCE_{THREADS,LOCKS,BIGRANGE,ACCESS,LAOG}. */ +extern Word HG_(clo_sanity_flags); + + + + +#endif /* ! __HG_BASICS_H */ + +/*--------------------------------------------------------------------*/ +/*--- end hg_basics.h ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_errors.c.svn-base b/helgrind/.svn/text-base/hg_errors.c.svn-base new file mode 100644 index 0000000..fbb499b --- /dev/null +++ b/helgrind/.svn/text-base/hg_errors.c.svn-base @@ -0,0 +1,813 @@ + +/*--------------------------------------------------------------------*/ +/*--- Error management for Helgrind. ---*/ +/*--- hg_errors.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_libcprint.h" +#include "pub_tool_execontext.h" +#include "pub_tool_errormgr.h" +#include "pub_tool_wordfm.h" +#include "pub_tool_xarray.h" +#include "pub_tool_debuginfo.h" +#include "pub_tool_threadstate.h" + +#include "hg_basics.h" +#include "hg_wordset.h" +#include "hg_lock_n_thread.h" +#include "libhb.h" +#include "hg_errors.h" /* self */ + + +/*----------------------------------------------------------------*/ +/*--- ---*/ +/*----------------------------------------------------------------*/ + +/* This has to do with printing error messages. See comments on + announce_threadset() and summarise_threadset(). Perhaps it + should be a command line option. */ +#define N_THREADS_TO_ANNOUNCE 5 + + +/*----------------------------------------------------------------*/ +/*--- Error management ---*/ +/*----------------------------------------------------------------*/ + +/* maps (by value) strings to a copy of them in ARENA_TOOL */ + +static WordFM* string_table = NULL; + +ULong HG_(stats__string_table_queries) = 0; + +ULong HG_(stats__string_table_get_map_size) ( void ) { + return string_table ? (ULong)VG_(sizeFM)(string_table) : 0; +} + +static Word string_table_cmp ( UWord s1, UWord s2 ) { + return (Word)VG_(strcmp)( (HChar*)s1, (HChar*)s2 ); +} + +static HChar* string_table_strdup ( HChar* str ) { + HChar* copy = NULL; + HG_(stats__string_table_queries)++; + if (!str) + str = "(null)"; + if (!string_table) { + string_table = VG_(newFM)( HG_(zalloc), "hg.sts.1", + HG_(free), string_table_cmp ); + tl_assert(string_table); + } + if (VG_(lookupFM)( string_table, + NULL, (Word*)©, (Word)str )) { + tl_assert(copy); + if (0) VG_(printf)("string_table_strdup: %p -> %p\n", str, copy ); + return copy; + } else { + copy = HG_(strdup)("hg.sts.2", str); + tl_assert(copy); + VG_(addToFM)( string_table, (Word)copy, (Word)copy ); + return copy; + } +} + +/* maps from Lock .unique fields to LockP*s */ + +static WordFM* map_LockN_to_P = NULL; + +ULong HG_(stats__LockN_to_P_queries) = 0; + +ULong HG_(stats__LockN_to_P_get_map_size) ( void ) { + return map_LockN_to_P ? (ULong)VG_(sizeFM)(map_LockN_to_P) : 0; +} + +static Word lock_unique_cmp ( UWord lk1W, UWord lk2W ) +{ + Lock* lk1 = (Lock*)lk1W; + Lock* lk2 = (Lock*)lk2W; + tl_assert( HG_(is_sane_LockNorP)(lk1) ); + tl_assert( HG_(is_sane_LockNorP)(lk2) ); + if (lk1->unique < lk2->unique) return -1; + if (lk1->unique > lk2->unique) return 1; + return 0; +} + +static Lock* mk_LockP_from_LockN ( Lock* lkn ) +{ + Lock* lkp = NULL; + HG_(stats__LockN_to_P_queries)++; + tl_assert( HG_(is_sane_LockN)(lkn) ); + if (!map_LockN_to_P) { + map_LockN_to_P = VG_(newFM)( HG_(zalloc), "hg.mLPfLN.1", + HG_(free), lock_unique_cmp ); + tl_assert(map_LockN_to_P); + } + if (!VG_(lookupFM)( map_LockN_to_P, NULL, (Word*)&lkp, (Word)lkn)) { + lkp = HG_(zalloc)( "hg.mLPfLN.2", sizeof(Lock) ); + *lkp = *lkn; + lkp->admin = NULL; + lkp->magic = LockP_MAGIC; + /* Forget about the bag of lock holders - don't copy that. + Also, acquired_at should be NULL whenever heldBy is, and vice + versa. Also forget about the associated libhb synch object. */ + lkp->heldW = False; + lkp->heldBy = NULL; + lkp->acquired_at = NULL; + lkp->hbso = NULL; + VG_(addToFM)( map_LockN_to_P, (Word)lkp, (Word)lkp ); + } + tl_assert( HG_(is_sane_LockP)(lkp) ); + return lkp; +} + +/* Errors: + + race: program counter + read or write + data size + previous state + current state + + FIXME: how does state printing interact with lockset gc? + Are the locksets in prev/curr state always valid? + Ditto question for the threadsets + ThreadSets - probably are always valid if Threads + are never thrown away. + LockSets - could at least print the lockset elements that + correspond to actual locks at the time of printing. Hmm. +*/ + +/* Error kinds */ +typedef + enum { + XE_Race=1101, // race + XE_FreeMemLock, // freeing memory containing a locked lock + XE_UnlockUnlocked, // unlocking a not-locked lock + XE_UnlockForeign, // unlocking a lock held by some other thread + XE_UnlockBogus, // unlocking an address not known to be a lock + XE_PthAPIerror, // error from the POSIX pthreads API + XE_LockOrder, // lock order error + XE_Misc // misc other error (w/ string to describe it) + } + XErrorTag; + +/* Extra contexts for kinds */ +typedef + struct { + XErrorTag tag; + union { + struct { + Addr data_addr; + Int szB; + Bool isWrite; + ExeContext* mb_lastlock; + ExeContext* mb_confacc; + Thread* thr; + Thread* mb_confaccthr; + Int mb_confaccSzB; + Bool mb_confaccIsW; + Char descr1[96]; + Char descr2[96]; + } Race; + struct { + Thread* thr; /* doing the freeing */ + Lock* lock; /* lock which is locked */ + } FreeMemLock; + struct { + Thread* thr; /* doing the unlocking */ + Lock* lock; /* lock (that is already unlocked) */ + } UnlockUnlocked; + struct { + Thread* thr; /* doing the unlocking */ + Thread* owner; /* thread that actually holds the lock */ + Lock* lock; /* lock (that is held by 'owner') */ + } UnlockForeign; + struct { + Thread* thr; /* doing the unlocking */ + Addr lock_ga; /* purported address of the lock */ + } UnlockBogus; + struct { + Thread* thr; + HChar* fnname; /* persistent, in tool-arena */ + Word err; /* pth error code */ + HChar* errstr; /* persistent, in tool-arena */ + } PthAPIerror; + struct { + Thread* thr; + Addr before_ga; /* always locked first in prog. history */ + Addr after_ga; + ExeContext* before_ec; + ExeContext* after_ec; + } LockOrder; + struct { + Thread* thr; + HChar* errstr; /* persistent, in tool-arena */ + } Misc; + } XE; + } + XError; + +static void init_XError ( XError* xe ) { + VG_(memset)(xe, 0, sizeof(*xe) ); + xe->tag = XE_Race-1; /* bogus */ +} + + +/* Extensions of suppressions */ +typedef + enum { + XS_Race=1201, /* race */ + XS_FreeMemLock, + XS_UnlockUnlocked, + XS_UnlockForeign, + XS_UnlockBogus, + XS_PthAPIerror, + XS_LockOrder, + XS_Misc + } + XSuppTag; + + +/* Updates the copy with address info if necessary. */ +UInt HG_(update_extra) ( Error* err ) +{ + XError* xe = (XError*)VG_(get_error_extra)(err); + tl_assert(xe); + //if (extra != NULL && Undescribed == extra->addrinfo.akind) { + // describe_addr ( VG_(get_error_address)(err), &(extra->addrinfo) ); + //} + + if (xe->tag == XE_Race) { + /* See if we can come up with a source level description of the + raced-upon address. This is potentially expensive, which is + why it's only done at the update_extra point, not when the + error is initially created. */ + static Int xxx = 0; + xxx++; + if (0) + VG_(printf)("HG_(update_extra): " + "%d conflicting-event queries\n", xxx); + tl_assert(sizeof(xe->XE.Race.descr1) == sizeof(xe->XE.Race.descr2)); + if (VG_(get_data_description)( + &xe->XE.Race.descr1[0], + &xe->XE.Race.descr2[0], + sizeof(xe->XE.Race.descr1)-1, + xe->XE.Race.data_addr )) { + tl_assert( xe->XE.Race.descr1 + [ sizeof(xe->XE.Race.descr1)-1 ] == 0); + tl_assert( xe->XE.Race.descr2 + [ sizeof(xe->XE.Race.descr2)-1 ] == 0); + } + { Thr* thrp = NULL; + ExeContext* wherep = NULL; + Addr acc_addr = xe->XE.Race.data_addr; + Int acc_szB = xe->XE.Race.szB; + Thr* acc_thr = xe->XE.Race.thr->hbthr; + Bool acc_isW = xe->XE.Race.isWrite; + SizeT conf_szB = 0; + Bool conf_isW = False; + tl_assert(!xe->XE.Race.mb_confacc); + tl_assert(!xe->XE.Race.mb_confaccthr); + if (libhb_event_map_lookup( + &wherep, &thrp, &conf_szB, &conf_isW, + acc_thr, acc_addr, acc_szB, acc_isW )) { + Thread* threadp; + tl_assert(wherep); + tl_assert(thrp); + threadp = libhb_get_Thr_opaque( thrp ); + tl_assert(threadp); + xe->XE.Race.mb_confacc = wherep; + xe->XE.Race.mb_confaccthr = threadp; + xe->XE.Race.mb_confaccSzB = (Int)conf_szB; + xe->XE.Race.mb_confaccIsW = conf_isW; + } + } + } + + return sizeof(XError); +} + +void HG_(record_error_Race) ( Thread* thr, + Addr data_addr, Int szB, Bool isWrite, + ExeContext* mb_lastlock ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + +# if defined(VGO_linux) + /* Skip any races on locations apparently in GOTPLT sections. This + is said to be caused by ld.so poking PLT table entries (or + whatever) when it writes the resolved address of a dynamically + linked routine, into the table (or whatever) when it is called + for the first time. */ + { + VgSectKind sect = VG_(seginfo_sect_kind)( NULL, 0, data_addr ); + if (0) VG_(printf)("XXXXXXXXX RACE on %#lx %s\n", + data_addr, VG_(pp_SectKind)(sect)); + /* SectPLT is required on ???-linux */ + if (sect == Vg_SectGOTPLT) return; + /* SectPLT is required on ppc32/64-linux */ + if (sect == Vg_SectPLT) return; + } +# endif + + init_XError(&xe); + xe.tag = XE_Race; + xe.XE.Race.data_addr = data_addr; + xe.XE.Race.szB = szB; + xe.XE.Race.isWrite = isWrite; + xe.XE.Race.mb_lastlock = mb_lastlock; + xe.XE.Race.thr = thr; + tl_assert(isWrite == False || isWrite == True); + tl_assert(szB == 8 || szB == 4 || szB == 2 || szB == 1); + xe.XE.Race.descr1[0] = xe.XE.Race.descr2[0] = 0; + // FIXME: tid vs thr + // Skip on any of the conflicting-access info at this point. + // It's expensive to obtain, and this error is more likely than + // not to be discarded. We'll fill these fields in in + // HG_(update_extra) just above, assuming the error ever makes + // it that far (unlikely). + xe.XE.Race.mb_confaccSzB = 0; + xe.XE.Race.mb_confaccIsW = False; + xe.XE.Race.mb_confacc = NULL; + xe.XE.Race.mb_confaccthr = NULL; + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_Race, data_addr, NULL, &xe ); +} + +void HG_(record_error_FreeMemLock) ( Thread* thr, Lock* lk ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + tl_assert( HG_(is_sane_LockN)(lk) ); + init_XError(&xe); + xe.tag = XE_FreeMemLock; + xe.XE.FreeMemLock.thr = thr; + xe.XE.FreeMemLock.lock = mk_LockP_from_LockN(lk); + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_FreeMemLock, 0, NULL, &xe ); +} + +void HG_(record_error_UnlockUnlocked) ( Thread* thr, Lock* lk ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + tl_assert( HG_(is_sane_LockN)(lk) ); + init_XError(&xe); + xe.tag = XE_UnlockUnlocked; + xe.XE.UnlockUnlocked.thr = thr; + xe.XE.UnlockUnlocked.lock = mk_LockP_from_LockN(lk); + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_UnlockUnlocked, 0, NULL, &xe ); +} + +void HG_(record_error_UnlockForeign) ( Thread* thr, + Thread* owner, Lock* lk ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + tl_assert( HG_(is_sane_Thread)(owner) ); + tl_assert( HG_(is_sane_LockN)(lk) ); + init_XError(&xe); + xe.tag = XE_UnlockForeign; + xe.XE.UnlockForeign.thr = thr; + xe.XE.UnlockForeign.owner = owner; + xe.XE.UnlockForeign.lock = mk_LockP_from_LockN(lk); + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_UnlockForeign, 0, NULL, &xe ); +} + +void HG_(record_error_UnlockBogus) ( Thread* thr, Addr lock_ga ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + init_XError(&xe); + xe.tag = XE_UnlockBogus; + xe.XE.UnlockBogus.thr = thr; + xe.XE.UnlockBogus.lock_ga = lock_ga; + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_UnlockBogus, 0, NULL, &xe ); +} + +void HG_(record_error_LockOrder)( + Thread* thr, Addr before_ga, Addr after_ga, + ExeContext* before_ec, ExeContext* after_ec + ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + if (!HG_(clo_track_lockorders)) + return; + init_XError(&xe); + xe.tag = XE_LockOrder; + xe.XE.LockOrder.thr = thr; + xe.XE.LockOrder.before_ga = before_ga; + xe.XE.LockOrder.before_ec = before_ec; + xe.XE.LockOrder.after_ga = after_ga; + xe.XE.LockOrder.after_ec = after_ec; + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_LockOrder, 0, NULL, &xe ); +} + +void HG_(record_error_PthAPIerror) ( Thread* thr, HChar* fnname, + Word err, HChar* errstr ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + tl_assert(fnname); + tl_assert(errstr); + init_XError(&xe); + xe.tag = XE_PthAPIerror; + xe.XE.PthAPIerror.thr = thr; + xe.XE.PthAPIerror.fnname = string_table_strdup(fnname); + xe.XE.PthAPIerror.err = err; + xe.XE.PthAPIerror.errstr = string_table_strdup(errstr); + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_PthAPIerror, 0, NULL, &xe ); +} + +void HG_(record_error_Misc) ( Thread* thr, HChar* errstr ) +{ + XError xe; + tl_assert( HG_(is_sane_Thread)(thr) ); + tl_assert(errstr); + init_XError(&xe); + xe.tag = XE_Misc; + xe.XE.Misc.thr = thr; + xe.XE.Misc.errstr = string_table_strdup(errstr); + // FIXME: tid vs thr + tl_assert( HG_(is_sane_ThreadId)(thr->coretid) ); + tl_assert( thr->coretid != VG_INVALID_THREADID ); + VG_(maybe_record_error)( thr->coretid, + XE_Misc, 0, NULL, &xe ); +} + +Bool HG_(eq_Error) ( VgRes not_used, Error* e1, Error* e2 ) +{ + XError *xe1, *xe2; + + tl_assert(VG_(get_error_kind)(e1) == VG_(get_error_kind)(e2)); + + xe1 = (XError*)VG_(get_error_extra)(e1); + xe2 = (XError*)VG_(get_error_extra)(e2); + tl_assert(xe1); + tl_assert(xe2); + + switch (VG_(get_error_kind)(e1)) { + case XE_Race: + return xe1->XE.Race.szB == xe2->XE.Race.szB + && xe1->XE.Race.isWrite == xe2->XE.Race.isWrite + && (HG_(clo_cmp_race_err_addrs) + ? xe1->XE.Race.data_addr == xe2->XE.Race.data_addr + : True); + case XE_FreeMemLock: + return xe1->XE.FreeMemLock.thr == xe2->XE.FreeMemLock.thr + && xe1->XE.FreeMemLock.lock == xe2->XE.FreeMemLock.lock; + case XE_UnlockUnlocked: + return xe1->XE.UnlockUnlocked.thr == xe2->XE.UnlockUnlocked.thr + && xe1->XE.UnlockUnlocked.lock == xe2->XE.UnlockUnlocked.lock; + case XE_UnlockForeign: + return xe1->XE.UnlockForeign.thr == xe2->XE.UnlockForeign.thr + && xe1->XE.UnlockForeign.owner == xe2->XE.UnlockForeign.owner + && xe1->XE.UnlockForeign.lock == xe2->XE.UnlockForeign.lock; + case XE_UnlockBogus: + return xe1->XE.UnlockBogus.thr == xe2->XE.UnlockBogus.thr + && xe1->XE.UnlockBogus.lock_ga == xe2->XE.UnlockBogus.lock_ga; + case XE_PthAPIerror: + return xe1->XE.PthAPIerror.thr == xe2->XE.PthAPIerror.thr + && 0==VG_(strcmp)(xe1->XE.PthAPIerror.fnname, + xe2->XE.PthAPIerror.fnname) + && xe1->XE.PthAPIerror.err == xe2->XE.PthAPIerror.err; + case XE_LockOrder: + return xe1->XE.LockOrder.thr == xe2->XE.LockOrder.thr; + case XE_Misc: + return xe1->XE.Misc.thr == xe2->XE.Misc.thr + && 0==VG_(strcmp)(xe1->XE.Misc.errstr, xe2->XE.Misc.errstr); + default: + tl_assert(0); + } + + /*NOTREACHED*/ + tl_assert(0); +} + + +/* Announce (that is, print the point-of-creation) of 'thr'. Only do + this once, as we only want to see these announcements once per + thread. */ +static void announce_one_thread ( Thread* thr ) +{ + tl_assert(HG_(is_sane_Thread)(thr)); + tl_assert(thr->errmsg_index >= 1); + if (!thr->announced) { + if (thr->errmsg_index == 1) { + tl_assert(thr->created_at == NULL); + VG_(message)(Vg_UserMsg, "Thread #%d is the program's root thread", + thr->errmsg_index); + } else { + tl_assert(thr->created_at != NULL); + VG_(message)(Vg_UserMsg, "Thread #%d was created", + thr->errmsg_index); + VG_(pp_ExeContext)( thr->created_at ); + } + VG_(message)(Vg_UserMsg, ""); + thr->announced = True; + } +} + + +void HG_(pp_Error) ( Error* err ) +{ + XError *xe = (XError*)VG_(get_error_extra)(err); + + switch (VG_(get_error_kind)(err)) { + + case XE_Misc: { + tl_assert(xe); + tl_assert( HG_(is_sane_Thread)( xe->XE.Misc.thr ) ); + announce_one_thread( xe->XE.Misc.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d: %s", + (Int)xe->XE.Misc.thr->errmsg_index, + xe->XE.Misc.errstr); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + break; + } + + case XE_LockOrder: { + tl_assert(xe); + tl_assert( HG_(is_sane_Thread)( xe->XE.LockOrder.thr ) ); + announce_one_thread( xe->XE.LockOrder.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d: lock order \"%p before %p\" violated", + (Int)xe->XE.LockOrder.thr->errmsg_index, + (void*)xe->XE.LockOrder.before_ga, + (void*)xe->XE.LockOrder.after_ga); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + if (xe->XE.LockOrder.before_ec && xe->XE.LockOrder.after_ec) { + VG_(message)(Vg_UserMsg, + " Required order was established by acquisition of lock at %p", + (void*)xe->XE.LockOrder.before_ga); + VG_(pp_ExeContext)( xe->XE.LockOrder.before_ec ); + VG_(message)(Vg_UserMsg, + " followed by a later acquisition of lock at %p", + (void*)xe->XE.LockOrder.after_ga); + VG_(pp_ExeContext)( xe->XE.LockOrder.after_ec ); + } + break; + } + + case XE_PthAPIerror: { + tl_assert(xe); + tl_assert( HG_(is_sane_Thread)( xe->XE.PthAPIerror.thr ) ); + announce_one_thread( xe->XE.PthAPIerror.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d's call to %s failed", + (Int)xe->XE.PthAPIerror.thr->errmsg_index, + xe->XE.PthAPIerror.fnname); + VG_(message)(Vg_UserMsg, + " with error code %ld (%s)", + xe->XE.PthAPIerror.err, + xe->XE.PthAPIerror.errstr); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + break; + } + + case XE_UnlockBogus: { + tl_assert(xe); + tl_assert( HG_(is_sane_Thread)( xe->XE.UnlockBogus.thr ) ); + announce_one_thread( xe->XE.UnlockBogus.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d unlocked an invalid lock at %p ", + (Int)xe->XE.UnlockBogus.thr->errmsg_index, + (void*)xe->XE.UnlockBogus.lock_ga); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + break; + } + + case XE_UnlockForeign: { + tl_assert(xe); + tl_assert( HG_(is_sane_LockP)( xe->XE.UnlockForeign.lock ) ); + tl_assert( HG_(is_sane_Thread)( xe->XE.UnlockForeign.owner ) ); + tl_assert( HG_(is_sane_Thread)( xe->XE.UnlockForeign.thr ) ); + announce_one_thread( xe->XE.UnlockForeign.thr ); + announce_one_thread( xe->XE.UnlockForeign.owner ); + VG_(message)(Vg_UserMsg, + "Thread #%d unlocked lock at %p " + "currently held by thread #%d", + (Int)xe->XE.UnlockForeign.thr->errmsg_index, + (void*)xe->XE.UnlockForeign.lock->guestaddr, + (Int)xe->XE.UnlockForeign.owner->errmsg_index ); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + if (xe->XE.UnlockForeign.lock->appeared_at) { + VG_(message)(Vg_UserMsg, + " Lock at %p was first observed", + (void*)xe->XE.UnlockForeign.lock->guestaddr); + VG_(pp_ExeContext)( xe->XE.UnlockForeign.lock->appeared_at ); + } + break; + } + + case XE_UnlockUnlocked: { + tl_assert(xe); + tl_assert( HG_(is_sane_LockP)( xe->XE.UnlockUnlocked.lock ) ); + tl_assert( HG_(is_sane_Thread)( xe->XE.UnlockUnlocked.thr ) ); + announce_one_thread( xe->XE.UnlockUnlocked.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d unlocked a not-locked lock at %p ", + (Int)xe->XE.UnlockUnlocked.thr->errmsg_index, + (void*)xe->XE.UnlockUnlocked.lock->guestaddr); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + if (xe->XE.UnlockUnlocked.lock->appeared_at) { + VG_(message)(Vg_UserMsg, + " Lock at %p was first observed", + (void*)xe->XE.UnlockUnlocked.lock->guestaddr); + VG_(pp_ExeContext)( xe->XE.UnlockUnlocked.lock->appeared_at ); + } + break; + } + + case XE_FreeMemLock: { + tl_assert(xe); + tl_assert( HG_(is_sane_LockP)( xe->XE.FreeMemLock.lock ) ); + tl_assert( HG_(is_sane_Thread)( xe->XE.FreeMemLock.thr ) ); + announce_one_thread( xe->XE.FreeMemLock.thr ); + VG_(message)(Vg_UserMsg, + "Thread #%d deallocated location %p " + "containing a locked lock", + (Int)xe->XE.FreeMemLock.thr->errmsg_index, + (void*)xe->XE.FreeMemLock.lock->guestaddr); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + if (xe->XE.FreeMemLock.lock->appeared_at) { + VG_(message)(Vg_UserMsg, + " Lock at %p was first observed", + (void*)xe->XE.FreeMemLock.lock->guestaddr); + VG_(pp_ExeContext)( xe->XE.FreeMemLock.lock->appeared_at ); + } + break; + } + + case XE_Race: { + Addr err_ga; + HChar* what; + Int szB; + what = xe->XE.Race.isWrite ? "write" : "read"; + szB = xe->XE.Race.szB; + err_ga = VG_(get_error_address)(err); + + announce_one_thread( xe->XE.Race.thr ); + if (xe->XE.Race.mb_confaccthr) + announce_one_thread( xe->XE.Race.mb_confaccthr ); + VG_(message)(Vg_UserMsg, + "Possible data race during %s of size %d at %#lx by thread #%d", + what, szB, err_ga, (Int)xe->XE.Race.thr->errmsg_index + ); + VG_(pp_ExeContext)( VG_(get_error_where)(err) ); + if (xe->XE.Race.mb_confacc) { + if (xe->XE.Race.mb_confaccthr) { + VG_(message)(Vg_UserMsg, + " This conflicts with a previous %s of size %d by thread #%d", + xe->XE.Race.mb_confaccIsW ? "write" : "read", + xe->XE.Race.mb_confaccSzB, + xe->XE.Race.mb_confaccthr->errmsg_index + ); + } else { + // FIXME: can this ever happen? + VG_(message)(Vg_UserMsg, + " This conflicts with a previous %s of size %d", + xe->XE.Race.mb_confaccIsW ? "write" : "read", + xe->XE.Race.mb_confaccSzB + ); + } + VG_(pp_ExeContext)( xe->XE.Race.mb_confacc ); + } + + + /* If we have a better description of the address, show it. */ + if (xe->XE.Race.descr1[0] != 0) + VG_(message)(Vg_UserMsg, " %s", &xe->XE.Race.descr1[0]); + if (xe->XE.Race.descr2[0] != 0) + VG_(message)(Vg_UserMsg, " %s", &xe->XE.Race.descr2[0]); + + break; /* case XE_Race */ + } /* case XE_Race */ + + default: + tl_assert(0); + } /* switch (VG_(get_error_kind)(err)) */ +} + +Char* HG_(get_error_name) ( Error* err ) +{ + switch (VG_(get_error_kind)(err)) { + case XE_Race: return "Race"; + case XE_FreeMemLock: return "FreeMemLock"; + case XE_UnlockUnlocked: return "UnlockUnlocked"; + case XE_UnlockForeign: return "UnlockForeign"; + case XE_UnlockBogus: return "UnlockBogus"; + case XE_PthAPIerror: return "PthAPIerror"; + case XE_LockOrder: return "LockOrder"; + case XE_Misc: return "Misc"; + default: tl_assert(0); /* fill in missing case */ + } +} + +Bool HG_(recognised_suppression) ( Char* name, Supp *su ) +{ +# define TRY(_name,_xskind) \ + if (0 == VG_(strcmp)(name, (_name))) { \ + VG_(set_supp_kind)(su, (_xskind)); \ + return True; \ + } + TRY("Race", XS_Race); + TRY("FreeMemLock", XS_FreeMemLock); + TRY("UnlockUnlocked", XS_UnlockUnlocked); + TRY("UnlockForeign", XS_UnlockForeign); + TRY("UnlockBogus", XS_UnlockBogus); + TRY("PthAPIerror", XS_PthAPIerror); + TRY("LockOrder", XS_LockOrder); + TRY("Misc", XS_Misc); + return False; +# undef TRY +} + +Bool HG_(read_extra_suppression_info) ( Int fd, Char* buf, Int nBuf, + Supp* su ) +{ + /* do nothing -- no extra suppression info present. Return True to + indicate nothing bad happened. */ + return True; +} + +Bool HG_(error_matches_suppression) ( Error* err, Supp* su ) +{ + switch (VG_(get_supp_kind)(su)) { + case XS_Race: return VG_(get_error_kind)(err) == XE_Race; + case XS_FreeMemLock: return VG_(get_error_kind)(err) == XE_FreeMemLock; + case XS_UnlockUnlocked: return VG_(get_error_kind)(err) == XE_UnlockUnlocked; + case XS_UnlockForeign: return VG_(get_error_kind)(err) == XE_UnlockForeign; + case XS_UnlockBogus: return VG_(get_error_kind)(err) == XE_UnlockBogus; + case XS_PthAPIerror: return VG_(get_error_kind)(err) == XE_PthAPIerror; + case XS_LockOrder: return VG_(get_error_kind)(err) == XE_LockOrder; + case XS_Misc: return VG_(get_error_kind)(err) == XE_Misc; + //case XS_: return VG_(get_error_kind)(err) == XE_; + default: tl_assert(0); /* fill in missing cases */ + } +} + +void HG_(print_extra_suppression_info) ( Error* err ) +{ + /* Do nothing */ +} + + +/*--------------------------------------------------------------------*/ +/*--- end hg_errors.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_errors.h.svn-base b/helgrind/.svn/text-base/hg_errors.h.svn-base new file mode 100644 index 0000000..a45173a --- /dev/null +++ b/helgrind/.svn/text-base/hg_errors.h.svn-base @@ -0,0 +1,71 @@ + +/*--------------------------------------------------------------------*/ +/*--- Error management for Helgrind. ---*/ +/*--- hg_errors.h ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#ifndef __HG_ERRORS_H +#define __HG_ERRORS_H + + +/* The standard bundle of error management functions that we are +required to present to the core/tool interface at startup. */ +Bool HG_(eq_Error) ( VgRes not_used, Error* e1, Error* e2 ); +void HG_(pp_Error) ( Error* err ); +UInt HG_(update_extra) ( Error* err ); +Bool HG_(recognised_suppression) ( Char* name, Supp *su ); +Bool HG_(read_extra_suppression_info) ( Int fd, Char* buf, Int nBuf, + Supp* su ); +Bool HG_(error_matches_suppression) ( Error* err, Supp* su ); +Char* HG_(get_error_name) ( Error* err ); +void HG_(print_extra_suppression_info) ( Error* err ); + +/* Functions for recording various kinds of errors. */ +void HG_(record_error_Race) ( Thread* thr, + Addr data_addr, Int szB, Bool isWrite, + ExeContext* mb_lastlock ); +void HG_(record_error_FreeMemLock) ( Thread* thr, Lock* lk ); +void HG_(record_error_UnlockUnlocked) ( Thread*, Lock* ); +void HG_(record_error_UnlockForeign) ( Thread*, Thread*, Lock* ); +void HG_(record_error_UnlockBogus) ( Thread*, Addr ); +void HG_(record_error_PthAPIerror) ( Thread*, HChar*, Word, HChar* ); +void HG_(record_error_LockOrder) ( Thread*, Addr, Addr, + ExeContext*, ExeContext* ); +void HG_(record_error_Misc) ( Thread*, HChar* ); + +/* Statistics pertaining to error management. */ +extern ULong HG_(stats__LockN_to_P_queries); +extern ULong HG_(stats__LockN_to_P_get_map_size) ( void ); +extern ULong HG_(stats__string_table_queries); +extern ULong HG_(stats__string_table_get_map_size) ( void ); + +#endif /* ! __HG_ERRORS_H */ + +/*--------------------------------------------------------------------*/ +/*--- end hg_errors.h ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_intercepts.c.svn-base b/helgrind/.svn/text-base/hg_intercepts.c.svn-base new file mode 100644 index 0000000..c2ea907 --- /dev/null +++ b/helgrind/.svn/text-base/hg_intercepts.c.svn-base @@ -0,0 +1,1734 @@ + +/*--------------------------------------------------------------------*/ +/*--- pthread intercepts for thread checking. ---*/ +/*--- tc_intercepts.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks LLP + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. + + Neither the names of the U.S. Department of Energy nor the + University of California nor the names of its contributors may be + used to endorse or promote products derived from this software + without prior written permission. +*/ + +/* RUNS ON SIMULATED CPU + Interceptors for pthread_* functions, so that tc_main can see + significant thread events. + + Important: when adding a function wrapper to this file, remember to + add a test case to tc20_verifywrap.c. A common cause of failure is + for wrappers to not engage on different distros, and + tc20_verifywrap essentially checks that each wrapper is really + doing something. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_redir.h" +#include "valgrind.h" +#include "helgrind.h" + +#define TRACE_PTH_FNS 0 +#define TRACE_QT4_FNS 0 + + +/*----------------------------------------------------------------*/ +/*--- ---*/ +/*----------------------------------------------------------------*/ + +#define PTH_FUNC(ret_ty, f, args...) \ + ret_ty I_WRAP_SONAME_FNNAME_ZZ(libpthreadZdsoZd0,f)(args); \ + ret_ty I_WRAP_SONAME_FNNAME_ZZ(libpthreadZdsoZd0,f)(args) + +// Do a client request. This is a macro rather than a function +// so as to avoid having an extra function in the stack trace. + +#define DO_CREQ_v_W(_creqF, _ty1F,_arg1F) \ + do { \ + Word _unused_res, _arg1; \ + assert(sizeof(_ty1F) == sizeof(Word)); \ + _arg1 = (Word)(_arg1F); \ + VALGRIND_DO_CLIENT_REQUEST(_unused_res, 0, \ + (_creqF), \ + _arg1, 0,0,0,0); \ + } while (0) + +#define DO_CREQ_v_WW(_creqF, _ty1F,_arg1F, _ty2F,_arg2F) \ + do { \ + Word _unused_res, _arg1, _arg2; \ + assert(sizeof(_ty1F) == sizeof(Word)); \ + assert(sizeof(_ty2F) == sizeof(Word)); \ + _arg1 = (Word)(_arg1F); \ + _arg2 = (Word)(_arg2F); \ + VALGRIND_DO_CLIENT_REQUEST(_unused_res, 0, \ + (_creqF), \ + _arg1,_arg2,0,0,0); \ + } while (0) + +#define DO_CREQ_W_WW(_resF, _creqF, _ty1F,_arg1F, _ty2F,_arg2F) \ + do { \ + Word _res, _arg1, _arg2; \ + assert(sizeof(_ty1F) == sizeof(Word)); \ + assert(sizeof(_ty2F) == sizeof(Word)); \ + _arg1 = (Word)(_arg1F); \ + _arg2 = (Word)(_arg2F); \ + VALGRIND_DO_CLIENT_REQUEST(_res, 2, \ + (_creqF), \ + _arg1,_arg2,0,0,0); \ + _resF = _res; \ + } while (0) + +#define DO_CREQ_v_WWW(_creqF, _ty1F,_arg1F, \ + _ty2F,_arg2F, _ty3F, _arg3F) \ + do { \ + Word _unused_res, _arg1, _arg2, _arg3; \ + assert(sizeof(_ty1F) == sizeof(Word)); \ + assert(sizeof(_ty2F) == sizeof(Word)); \ + assert(sizeof(_ty3F) == sizeof(Word)); \ + _arg1 = (Word)(_arg1F); \ + _arg2 = (Word)(_arg2F); \ + _arg3 = (Word)(_arg3F); \ + VALGRIND_DO_CLIENT_REQUEST(_unused_res, 0, \ + (_creqF), \ + _arg1,_arg2,_arg3,0,0); \ + } while (0) + + +#define DO_PthAPIerror(_fnnameF, _errF) \ + do { \ + char* _fnname = (char*)(_fnnameF); \ + long _err = (long)(int)(_errF); \ + char* _errstr = lame_strerror(_err); \ + DO_CREQ_v_WWW(_VG_USERREQ__HG_PTH_API_ERROR, \ + char*,_fnname, \ + long,_err, char*,_errstr); \ + } while (0) + + +/* Needed for older glibcs (2.3 and older, at least) who don't + otherwise "know" about pthread_rwlock_anything or about + PTHREAD_MUTEX_RECURSIVE (amongst things). */ +#define _GNU_SOURCE 1 + +#include <stdio.h> +#include <assert.h> +#include <errno.h> +#include <pthread.h> + + +/* A lame version of strerror which doesn't use the real libc + strerror_r, since using the latter just generates endless more + threading errors (glibc goes off and does tons of crap w.r.t. + locales etc) */ +static char* lame_strerror ( long err ) +{ switch (err) { + case EPERM: return "EPERM: Operation not permitted"; + case ENOENT: return "ENOENT: No such file or directory"; + case ESRCH: return "ESRCH: No such process"; + case EINTR: return "EINTR: Interrupted system call"; + case EBADF: return "EBADF: Bad file number"; + case EAGAIN: return "EAGAIN: Try again"; + case ENOMEM: return "ENOMEM: Out of memory"; + case EACCES: return "EACCES: Permission denied"; + case EFAULT: return "EFAULT: Bad address"; + case EEXIST: return "EEXIST: File exists"; + case EINVAL: return "EINVAL: Invalid argument"; + case EMFILE: return "EMFILE: Too many open files"; + case ENOSYS: return "ENOSYS: Function not implemented"; + case EOVERFLOW: return "EOVERFLOW: Value too large " + "for defined data type"; + case EBUSY: return "EBUSY: Device or resource busy"; + case ETIMEDOUT: return "ETIMEDOUT: Connection timed out"; + case EDEADLK: return "EDEADLK: Resource deadlock would occur"; + case EOPNOTSUPP: return "EOPNOTSUPP: Operation not supported on " + "transport endpoint"; /* honest, guv */ + default: return "tc_intercepts.c: lame_strerror(): " + "unhandled case -- please fix me!"; + } +} + + +/*----------------------------------------------------------------*/ +/*--- pthread_create, pthread_join, pthread_exit ---*/ +/*----------------------------------------------------------------*/ + +/* Do not rename this function. It contains an unavoidable race and + so is mentioned by name in glibc-*helgrind*.supp. */ +static void* mythread_wrapper ( void* xargsV ) +{ + volatile Word* xargs = (volatile Word*) xargsV; + void*(*fn)(void*) = (void*(*)(void*))xargs[0]; + void* arg = (void*)xargs[1]; + pthread_t me = pthread_self(); + /* Tell the tool what my pthread_t is. */ + DO_CREQ_v_W(_VG_USERREQ__HG_SET_MY_PTHREAD_T, pthread_t,me); + /* allow the parent to proceed. We can't let it proceed until + we're ready because (1) we need to make sure it doesn't exit and + hence deallocate xargs[] while we still need it, and (2) we + don't want either parent nor child to proceed until the tool has + been notified of the child's pthread_t. */ + xargs[2] = 0; + /* Now we can no longer safely use xargs[]. */ + return (void*) fn( (void*)arg ); +} + +// pthread_create +PTH_FUNC(int, pthreadZucreateZAZa, // pthread_create@* + pthread_t *thread, const pthread_attr_t *attr, + void *(*start) (void *), void *arg) +{ + int ret; + OrigFn fn; + volatile Word xargs[3]; + + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_create wrapper"); fflush(stderr); + } + xargs[0] = (Word)start; + xargs[1] = (Word)arg; + xargs[2] = 1; /* serves as a spinlock -- sigh */ + + CALL_FN_W_WWWW(ret, fn, thread,attr,mythread_wrapper,&xargs[0]); + + if (ret == 0) { + /* we have to wait for the child to notify the tool of its + pthread_t before continuing */ + while (xargs[2] != 0) { + /* Do nothing. We need to spin until the child writes to + xargs[2]. However, that can lead to starvation in the + child and very long delays (eg, tc19_shadowmem on + ppc64-linux Fedora Core 6). So yield the cpu if we can, + to let the child run at the earliest available + opportunity. */ + sched_yield(); + } + } else { + DO_PthAPIerror( "pthread_create", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: pth_create -> %d >>\n", ret); + } + return ret; +} + +// pthread_join +PTH_FUNC(int, pthreadZujoin, // pthread_join + pthread_t thread, void** value_pointer) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_join wrapper"); fflush(stderr); + } + + CALL_FN_W_WW(ret, fn, thread,value_pointer); + + /* At least with NPTL as the thread library, this is safe because + it is guaranteed (by NPTL) that the joiner will completely gone + before pthread_join (the original) returns. See email below.*/ + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_JOIN_POST, pthread_t,thread); + } else { + DO_PthAPIerror( "pthread_join", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: pth_join -> %d >>\n", ret); + } + return ret; +} + +/* Behaviour of pthread_join on NPTL: + +Me: +I have a question re the NPTL pthread_join implementation. + + Suppose I am the thread 'stayer'. + + If I call pthread_join(quitter), is it guaranteed that the + thread 'quitter' has really exited before pthread_join returns? + + IOW, is it guaranteed that 'quitter' will not execute any further + instructions after pthread_join returns? + +I believe this is true based on the following analysis of +glibc-2.5 sources. However am not 100% sure and would appreciate +confirmation. + + 'quitter' will be running start_thread() in nptl/pthread_create.c + + The last action of start_thread() is to exit via + __exit_thread_inline(0), which simply does sys_exit + (nptl/pthread_create.c:403) + + 'stayer' meanwhile is waiting for lll_wait_tid (pd->tid) + (call at nptl/pthread_join.c:89) + + As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536, + lll_wait_tid will not return until kernel notifies via futex + wakeup that 'quitter' has terminated. + + Hence pthread_join cannot return until 'quitter' really has + completely disappeared. + +Drepper: +> As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536, +> lll_wait_tid will not return until kernel notifies via futex +> wakeup that 'quitter' has terminated. +That's the key. The kernel resets the TID field after the thread is +done. No way the joiner can return before the thread is gone. +*/ + + +/*----------------------------------------------------------------*/ +/*--- pthread_mutex_t functions ---*/ +/*----------------------------------------------------------------*/ + +/* Handled: pthread_mutex_init pthread_mutex_destroy + pthread_mutex_lock + pthread_mutex_trylock pthread_mutex_timedlock + pthread_mutex_unlock + + Unhandled: pthread_spin_init pthread_spin_destroy + pthread_spin_lock + pthread_spin_trylock + pthread_spin_unlock +*/ + +// pthread_mutex_init +PTH_FUNC(int, pthreadZumutexZuinit, // pthread_mutex_init + pthread_mutex_t *mutex, + pthread_mutexattr_t* attr) +{ + int ret; + long mbRec; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxinit %p", mutex); fflush(stderr); + } + + mbRec = 0; + if (attr) { + int ty, zzz; + zzz = pthread_mutexattr_gettype(attr, &ty); + if (zzz == 0 && ty == PTHREAD_MUTEX_RECURSIVE) + mbRec = 1; + } + + CALL_FN_W_WW(ret, fn, mutex,attr); + + if (ret == 0 /*success*/) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_INIT_POST, + pthread_mutex_t*,mutex, long,mbRec); + } else { + DO_PthAPIerror( "pthread_mutex_init", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: mxinit -> %d >>\n", ret); + } + return ret; +} + + +// pthread_mutex_destroy +PTH_FUNC(int, pthreadZumutexZudestroy, // pthread_mutex_destroy + pthread_mutex_t *mutex) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxdestroy %p", mutex); fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_DESTROY_PRE, + pthread_mutex_t*,mutex); + + CALL_FN_W_W(ret, fn, mutex); + + if (ret != 0) { + DO_PthAPIerror( "pthread_mutex_destroy", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: mxdestroy -> %d >>\n", ret); + } + return ret; +} + + +// pthread_mutex_lock +PTH_FUNC(int, pthreadZumutexZulock, // pthread_mutex_lock + pthread_mutex_t *mutex) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxlock %p", mutex); fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + pthread_mutex_t*,mutex, long,0/*!isTryLock*/); + + CALL_FN_W_W(ret, fn, mutex); + + /* There's a hole here: libpthread now knows the lock is locked, + but the tool doesn't, so some other thread could run and detect + that the lock has been acquired by someone (this thread). Does + this matter? Not sure, but I don't think so. */ + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + pthread_mutex_t*,mutex); + } else { + DO_PthAPIerror( "pthread_mutex_lock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: mxlock -> %d >>\n", ret); + } + return ret; +} + + +// pthread_mutex_trylock. The handling needed here is very similar +// to that for pthread_mutex_lock, except that we need to tell +// the pre-lock creq that this is a trylock-style operation, and +// therefore not to complain if the lock is nonrecursive and +// already locked by this thread -- because then it'll just fail +// immediately with EBUSY. +PTH_FUNC(int, pthreadZumutexZutrylock, // pthread_mutex_trylock + pthread_mutex_t *mutex) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxtrylock %p", mutex); fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + pthread_mutex_t*,mutex, long,1/*isTryLock*/); + + CALL_FN_W_W(ret, fn, mutex); + + /* There's a hole here: libpthread now knows the lock is locked, + but the tool doesn't, so some other thread could run and detect + that the lock has been acquired by someone (this thread). Does + this matter? Not sure, but I don't think so. */ + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + pthread_mutex_t*,mutex); + } else { + if (ret != EBUSY) + DO_PthAPIerror( "pthread_mutex_trylock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: mxtrylock -> %d >>\n", ret); + } + return ret; +} + + +// pthread_mutex_timedlock. Identical logic to pthread_mutex_trylock. +PTH_FUNC(int, pthreadZumutexZutimedlock, // pthread_mutex_timedlock + pthread_mutex_t *mutex, + void* timeout) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxtimedlock %p %p", mutex, timeout); + fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + pthread_mutex_t*,mutex, long,1/*isTryLock-ish*/); + + CALL_FN_W_WW(ret, fn, mutex,timeout); + + /* There's a hole here: libpthread now knows the lock is locked, + but the tool doesn't, so some other thread could run and detect + that the lock has been acquired by someone (this thread). Does + this matter? Not sure, but I don't think so. */ + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + pthread_mutex_t*,mutex); + } else { + if (ret != ETIMEDOUT) + DO_PthAPIerror( "pthread_mutex_timedlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: mxtimedlock -> %d >>\n", ret); + } + return ret; +} + + +// pthread_mutex_unlock +PTH_FUNC(int, pthreadZumutexZuunlock, // pthread_mutex_unlock + pthread_mutex_t *mutex) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_mxunlk %p", mutex); fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE, + pthread_mutex_t*,mutex); + + CALL_FN_W_W(ret, fn, mutex); + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_POST, + pthread_mutex_t*,mutex); + } else { + DO_PthAPIerror( "pthread_mutex_unlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " mxunlk -> %d >>\n", ret); + } + return ret; +} + + +/*----------------------------------------------------------------*/ +/*--- pthread_cond_t functions ---*/ +/*----------------------------------------------------------------*/ + +/* Handled: pthread_cond_wait pthread_cond_timedwait + pthread_cond_signal pthread_cond_broadcast + pthread_cond_destroy + + Unhandled: pthread_cond_init + -- is this important? +*/ + +// pthread_cond_wait +PTH_FUNC(int, pthreadZucondZuwaitZAZa, // pthread_cond_wait@* + pthread_cond_t* cond, pthread_mutex_t* mutex) +{ + int ret; + OrigFn fn; + unsigned long mutex_is_valid; + + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_cond_wait %p %p", cond, mutex); + fflush(stderr); + } + + /* Tell the tool a cond-wait is about to happen, so it can check + for bogus argument values. In return it tells us whether it + thinks the mutex is valid or not. */ + DO_CREQ_W_WW(mutex_is_valid, + _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE, + pthread_cond_t*,cond, pthread_mutex_t*,mutex); + assert(mutex_is_valid == 1 || mutex_is_valid == 0); + + /* Tell the tool we're about to drop the mutex. This reflects the + fact that in a cond_wait, we show up holding the mutex, and the + call atomically drops the mutex and waits for the cv to be + signalled. */ + if (mutex_is_valid) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE, + pthread_mutex_t*,mutex); + } + + CALL_FN_W_WW(ret, fn, cond,mutex); + + /* these conditionals look stupid, but compare w/ same logic for + pthread_cond_timedwait below */ + if (ret == 0 && mutex_is_valid) { + /* and now we have the mutex again */ + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + pthread_mutex_t*,mutex); + } + + if (ret == 0 && mutex_is_valid) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_COND_WAIT_POST, + pthread_cond_t*,cond, pthread_mutex_t*,mutex); + } + + if (ret != 0) { + DO_PthAPIerror( "pthread_cond_wait", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " cowait -> %d >>\n", ret); + } + + return ret; +} + + +// pthread_cond_timedwait +PTH_FUNC(int, pthreadZucondZutimedwaitZAZa, // pthread_cond_timedwait@* + pthread_cond_t* cond, pthread_mutex_t* mutex, + struct timespec* abstime) +{ + int ret; + OrigFn fn; + unsigned long mutex_is_valid; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_cond_timedwait %p %p %p", + cond, mutex, abstime); + fflush(stderr); + } + + /* Tell the tool a cond-wait is about to happen, so it can check + for bogus argument values. In return it tells us whether it + thinks the mutex is valid or not. */ + DO_CREQ_W_WW(mutex_is_valid, + _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE, + pthread_cond_t*,cond, pthread_mutex_t*,mutex); + assert(mutex_is_valid == 1 || mutex_is_valid == 0); + + /* Tell the tool we're about to drop the mutex. This reflects the + fact that in a cond_wait, we show up holding the mutex, and the + call atomically drops the mutex and waits for the cv to be + signalled. */ + if (mutex_is_valid) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE, + pthread_mutex_t*,mutex); + } + + CALL_FN_W_WWW(ret, fn, cond,mutex,abstime); + + if ((ret == 0 || ret == ETIMEDOUT) && mutex_is_valid) { + /* and now we have the mutex again */ + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + pthread_mutex_t*,mutex); + } + + if (ret == 0 && mutex_is_valid) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_COND_WAIT_POST, + pthread_cond_t*,cond, pthread_mutex_t*,mutex); + } + + if (ret != 0 && ret != ETIMEDOUT) { + DO_PthAPIerror( "pthread_cond_timedwait", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " cotimedwait -> %d >>\n", ret); + } + + return ret; +} + + +// pthread_cond_signal +PTH_FUNC(int, pthreadZucondZusignalZAZa, // pthread_cond_signal@* + pthread_cond_t* cond) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_cond_signal %p", cond); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_COND_SIGNAL_PRE, + pthread_cond_t*,cond); + + CALL_FN_W_W(ret, fn, cond); + + if (ret != 0) { + DO_PthAPIerror( "pthread_cond_signal", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " cosig -> %d >>\n", ret); + } + + return ret; +} + + +// pthread_cond_broadcast +// Note, this is pretty much identical, from a dependency-graph +// point of view, with cond_signal, so the code is duplicated. +// Maybe it should be commoned up. +PTH_FUNC(int, pthreadZucondZubroadcastZAZa, // pthread_cond_broadcast@* + pthread_cond_t* cond) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_broadcast_signal %p", cond); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_COND_BROADCAST_PRE, + pthread_cond_t*,cond); + + CALL_FN_W_W(ret, fn, cond); + + if (ret != 0) { + DO_PthAPIerror( "pthread_cond_broadcast", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " cobro -> %d >>\n", ret); + } + + return ret; +} + + +// pthread_cond_destroy +PTH_FUNC(int, pthreadZucondZudestroyZAZa, // pthread_cond_destroy@* + pthread_cond_t* cond) +{ + int ret; + OrigFn fn; + + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_cond_destroy %p", cond); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_COND_DESTROY_PRE, + pthread_cond_t*,cond); + + CALL_FN_W_W(ret, fn, cond); + + if (ret != 0) { + DO_PthAPIerror( "pthread_cond_destroy", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " codestr -> %d >>\n", ret); + } + + return ret; +} + + +/*----------------------------------------------------------------*/ +/*--- pthread_barrier_t functions ---*/ +/*----------------------------------------------------------------*/ + +/* Handled: pthread_barrier_init + pthread_barrier_wait + pthread_barrier_destroy + + Unhandled: pthread_barrierattr_destroy + pthread_barrierattr_getpshared + pthread_barrierattr_init + pthread_barrierattr_setpshared + -- are these important? +*/ + +PTH_FUNC(int, pthreadZubarrierZuinit, // pthread_barrier_init + pthread_barrier_t* bar, + pthread_barrierattr_t* attr, unsigned long count) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_barrier_init %p %p %lu", + bar, attr, count); + fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_BARRIER_INIT_PRE, + pthread_barrier_t*,bar, + unsigned long,count); + + CALL_FN_W_WWW(ret, fn, bar,attr,count); + + if (ret != 0) { + DO_PthAPIerror( "pthread_barrier_init", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " pthread_barrier_init -> %d >>\n", ret); + } + + return ret; +} + + +PTH_FUNC(int, pthreadZubarrierZuwait, // pthread_barrier_wait + pthread_barrier_t* bar) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_barrier_wait %p", bar); + fflush(stderr); + } + + /* That this works correctly, and doesn't screw up when a thread + leaving the barrier races round to the front and re-enters while + other threads are still leaving it, is quite subtle. See + comments in the handler for PTHREAD_BARRIER_WAIT_PRE in + hg_main.c. */ + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_BARRIER_WAIT_PRE, + pthread_barrier_t*,bar); + + CALL_FN_W_W(ret, fn, bar); + + if (ret != 0 && ret != PTHREAD_BARRIER_SERIAL_THREAD) { + DO_PthAPIerror( "pthread_barrier_wait", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " pthread_barrier_wait -> %d >>\n", ret); + } + + return ret; +} + + +PTH_FUNC(int, pthreadZubarrierZudestroy, // pthread_barrier_destroy + pthread_barrier_t* bar) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_barrier_destroy %p", bar); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_BARRIER_DESTROY_PRE, + pthread_barrier_t*,bar); + + CALL_FN_W_W(ret, fn, bar); + + if (ret != 0) { + DO_PthAPIerror( "pthread_barrier_destroy", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " pthread_barrier_destroy -> %d >>\n", ret); + } + + return ret; +} + +/*----------------------------------------------------------------*/ +/*--- pthread_rwlock_t functions ---*/ +/*----------------------------------------------------------------*/ + +/* Handled: pthread_rwlock_init pthread_rwlock_destroy + pthread_rwlock_rdlock + pthread_rwlock_wrlock + pthread_rwlock_unlock + + Unhandled: pthread_rwlock_timedrdlock + pthread_rwlock_tryrdlock + + pthread_rwlock_timedwrlock + pthread_rwlock_trywrlock +*/ + +// pthread_rwlock_init +PTH_FUNC(int, pthreadZurwlockZuinit, // pthread_rwlock_init + pthread_rwlock_t *rwl, + pthread_rwlockattr_t* attr) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_init %p", rwl); fflush(stderr); + } + + CALL_FN_W_WW(ret, fn, rwl,attr); + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_INIT_POST, + pthread_rwlock_t*,rwl); + } else { + DO_PthAPIerror( "pthread_rwlock_init", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_init -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_destroy +PTH_FUNC(int, pthreadZurwlockZudestroy, // pthread_rwlock_destroy + pthread_rwlock_t *rwl) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_destroy %p", rwl); fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_DESTROY_PRE, + pthread_rwlock_t*,rwl); + + CALL_FN_W_W(ret, fn, rwl); + + if (ret != 0) { + DO_PthAPIerror( "pthread_rwlock_destroy", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_destroy -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_wrlock +PTH_FUNC(int, pthreadZurwlockZuwrlock, // pthread_rwlock_wrlock + pthread_rwlock_t* rwlock) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_wlk %p", rwlock); fflush(stderr); + } + + DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, + pthread_rwlock_t*,rwlock, + long,1/*isW*/, long,0/*!isTryLock*/); + + CALL_FN_W_W(ret, fn, rwlock); + + if (ret == 0 /*success*/) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, + pthread_rwlock_t*,rwlock, long,1/*isW*/); + } else { + DO_PthAPIerror( "pthread_rwlock_wrlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_wlk -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_rdlock +PTH_FUNC(int, pthreadZurwlockZurdlock, // pthread_rwlock_rdlock + pthread_rwlock_t* rwlock) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_rlk %p", rwlock); fflush(stderr); + } + + DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, + pthread_rwlock_t*,rwlock, + long,0/*!isW*/, long,0/*!isTryLock*/); + + CALL_FN_W_W(ret, fn, rwlock); + + if (ret == 0 /*success*/) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, + pthread_rwlock_t*,rwlock, long,0/*!isW*/); + } else { + DO_PthAPIerror( "pthread_rwlock_rdlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_rlk -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_trywrlock +PTH_FUNC(int, pthreadZurwlockZutrywrlock, // pthread_rwlock_trywrlock + pthread_rwlock_t* rwlock) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_trywlk %p", rwlock); fflush(stderr); + } + + DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, + pthread_rwlock_t*,rwlock, + long,1/*isW*/, long,1/*isTryLock*/); + + CALL_FN_W_W(ret, fn, rwlock); + + /* There's a hole here: libpthread now knows the lock is locked, + but the tool doesn't, so some other thread could run and detect + that the lock has been acquired by someone (this thread). Does + this matter? Not sure, but I don't think so. */ + + if (ret == 0 /*success*/) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, + pthread_rwlock_t*,rwlock, long,1/*isW*/); + } else { + if (ret != EBUSY) + DO_PthAPIerror( "pthread_rwlock_trywrlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_trywlk -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_tryrdlock +PTH_FUNC(int, pthreadZurwlockZutryrdlock, // pthread_rwlock_tryrdlock + pthread_rwlock_t* rwlock) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_tryrlk %p", rwlock); fflush(stderr); + } + + DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, + pthread_rwlock_t*,rwlock, + long,0/*!isW*/, long,1/*isTryLock*/); + + CALL_FN_W_W(ret, fn, rwlock); + + /* There's a hole here: libpthread now knows the lock is locked, + but the tool doesn't, so some other thread could run and detect + that the lock has been acquired by someone (this thread). Does + this matter? Not sure, but I don't think so. */ + + if (ret == 0 /*success*/) { + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, + pthread_rwlock_t*,rwlock, long,0/*!isW*/); + } else { + if (ret != EBUSY) + DO_PthAPIerror( "pthread_rwlock_tryrdlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_tryrlk -> %d >>\n", ret); + } + return ret; +} + + +// pthread_rwlock_unlock +PTH_FUNC(int, pthreadZurwlockZuunlock, // pthread_rwlock_unlock + pthread_rwlock_t* rwlock) +{ + int ret; + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_PTH_FNS) { + fprintf(stderr, "<< pthread_rwl_unlk %p", rwlock); fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE, + pthread_rwlock_t*,rwlock); + + CALL_FN_W_W(ret, fn, rwlock); + + if (ret == 0 /*success*/) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST, + pthread_rwlock_t*,rwlock); + } else { + DO_PthAPIerror( "pthread_rwlock_unlock", ret ); + } + + if (TRACE_PTH_FNS) { + fprintf(stderr, " :: rwl_unlk -> %d >>\n", ret); + } + return ret; +} + + +/*----------------------------------------------------------------*/ +/*--- POSIX semaphores ---*/ +/*----------------------------------------------------------------*/ + +#include <semaphore.h> + +#define TRACE_SEM_FNS 0 + +/* Handled: + int sem_init(sem_t *sem, int pshared, unsigned value); + int sem_destroy(sem_t *sem); + int sem_wait(sem_t *sem); + int sem_post(sem_t *sem); + + Unhandled: + int sem_trywait(sem_t *sem); + int sem_timedwait(sem_t *restrict sem, + const struct timespec *restrict abs_timeout); +*/ + +/* glibc-2.5 has sem_init@@GLIBC_2.2.5 (amd64-linux) + and sem_init@@GLIBC_2.1 (x86-linux): match sem_init@* */ +PTH_FUNC(int, semZuinitZAZa, sem_t* sem, int pshared, unsigned long value) +{ + OrigFn fn; + int ret; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_SEM_FNS) { + fprintf(stderr, "<< sem_init(%p,%d,%lu) ", sem,pshared,value); + fflush(stderr); + } + + CALL_FN_W_WWW(ret, fn, sem,pshared,value); + + if (ret == 0) { + DO_CREQ_v_WW(_VG_USERREQ__HG_POSIX_SEM_INIT_POST, + sem_t*, sem, unsigned long, value); + } else { + DO_PthAPIerror( "sem_init", errno ); + } + + if (TRACE_SEM_FNS) { + fprintf(stderr, " sem_init -> %d >>\n", ret); + fflush(stderr); + } + + return ret; +} + + +/* glibc-2.5 has sem_destroy@@GLIBC_2.2.5 (amd64-linux) + and sem_destroy@@GLIBC_2.1 (x86-linux); match sem_destroy@* */ +PTH_FUNC(int, semZudestroyZAZa, sem_t* sem) +{ + OrigFn fn; + int ret; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_SEM_FNS) { + fprintf(stderr, "<< sem_destroy(%p) ", sem); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_POSIX_SEM_DESTROY_PRE, sem_t*, sem); + + CALL_FN_W_W(ret, fn, sem); + + if (ret != 0) { + DO_PthAPIerror( "sem_destroy", errno ); + } + + if (TRACE_SEM_FNS) { + fprintf(stderr, " sem_destroy -> %d >>\n", ret); + fflush(stderr); + } + + return ret; +} + + +/* glibc-2.5 has sem_wait (amd64-linux); match sem_wait + and sem_wait@@GLIBC_2.1 (x86-linux); match sem_wait@* */ +/* wait: decrement semaphore - acquire lockage */ +static int sem_wait_WRK(sem_t* sem) +{ + OrigFn fn; + int ret; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_SEM_FNS) { + fprintf(stderr, "<< sem_wait(%p) ", sem); + fflush(stderr); + } + + CALL_FN_W_W(ret, fn, sem); + + if (ret == 0) { + DO_CREQ_v_W(_VG_USERREQ__HG_POSIX_SEM_WAIT_POST, sem_t*,sem); + } else { + DO_PthAPIerror( "sem_wait", errno ); + } + + if (TRACE_SEM_FNS) { + fprintf(stderr, " sem_wait -> %d >>\n", ret); + fflush(stderr); + } + + return ret; +} +PTH_FUNC(int, semZuwait, sem_t* sem) { /* sem_wait */ + return sem_wait_WRK(sem); +} +PTH_FUNC(int, semZuwaitZAZa, sem_t* sem) { /* sem_wait@* */ + return sem_wait_WRK(sem); +} + + +/* glibc-2.5 has sem_post (amd64-linux); match sem_post + and sem_post@@GLIBC_2.1 (x86-linux); match sem_post@* */ +/* post: increment semaphore - release lockage */ +static int sem_post_WRK(sem_t* sem) +{ + OrigFn fn; + int ret; + + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_SEM_FNS) { + fprintf(stderr, "<< sem_post(%p) ", sem); + fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_POSIX_SEM_POST_PRE, sem_t*,sem); + + CALL_FN_W_W(ret, fn, sem); + + if (ret != 0) { + DO_PthAPIerror( "sem_post", errno ); + } + + if (TRACE_SEM_FNS) { + fprintf(stderr, " sem_post -> %d >>\n", ret); + fflush(stderr); + } + + return ret; +} +PTH_FUNC(int, semZupost, sem_t* sem) { /* sem_post */ + return sem_post_WRK(sem); +} +PTH_FUNC(int, semZupostZAZa, sem_t* sem) { /* sem_post@* */ + return sem_post_WRK(sem); +} + + + +/*----------------------------------------------------------------*/ +/*--- Qt 4 threading functions (w/ GNU name mangling) ---*/ +/*----------------------------------------------------------------*/ + +/* Handled: + QMutex::lock() + QMutex::unlock() + QMutex::tryLock() + QMutex::tryLock(int) + + QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC1ENS_13RecursionModeE + QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC2ENS_13RecursionModeE + QMutex::~QMutex() _ZN6QMutexD1Ev + QMutex::~QMutex() _ZN6QMutexD2Ev + + Unhandled: + QReadWriteLock::lockForRead() + QReadWriteLock::lockForWrite() + QReadWriteLock::unlock() + QReadWriteLock::tryLockForRead(int) + QReadWriteLock::tryLockForRead() + QReadWriteLock::tryLockForWrite(int) + QReadWriteLock::tryLockForWrite() + + QWaitCondition::wait(QMutex*, unsigned long) + QWaitCondition::wakeAll() + QWaitCondition::wakeOne() + + QSemaphore::* +*/ +/* More comments, 19 Nov 08, based on assessment of qt-4.5.0TP1, + at least on Unix: + + It's apparently only necessary to intercept QMutex, since that is + not implemented using pthread_mutex_t; instead Qt4 has its own + implementation based on atomics (to check the non-contended case) + and pthread_cond_wait (to wait in the contended case). + + QReadWriteLock is built on top of QMutex, counters, and a wait + queue. So we don't need to handle it specially once QMutex + handling is correct -- presumably the dependencies through QMutex + are sufficient to avoid any false race reports. On the other hand, + it is an open question whether too many dependencies are observed + -- in which case we may miss races (false negatives). I suspect + this is likely to be the case, unfortunately. + + QWaitCondition is built on pthread_cond_t, pthread_mutex_t, QMutex + and QReadWriteLock. Same compositional-correctness justificiation + and limitations as fro QReadWriteLock. + + Ditto QSemaphore (from cursory examination). + + Does it matter that only QMutex is handled directly? Open + question. From testing with drd/tests/qt4_* and with KDE4 apps, it + appears that no false errors are reported; however it is not clear + if this is causing false negatives. + + Another problem with Qt4 is thread exiting. Threads are created + with pthread_create (fine); but they detach and simply exit when + done. There is no use of pthread_join, and the provided + wait-for-a-thread-to-exit mechanism (QThread::wait, I believe) + relies on a system of mutexes and flags. I suspect this also + causes too many dependencies to appear. Consequently H sometimes + fails to detect races at exit in some very short-lived racy + programs, because it appears that a thread can exit _and_ have an + observed dependency edge back to the main thread (presumably) + before the main thread reaps the child (that is, calls + QThread::wait). + + This theory is supported by the observation that if all threads are + made to wait at a pthread_barrier_t immediately before they exit, + then H's detection of races in such programs becomes reliable; + without the barrier, it is varies from run to run, depending + (according to investigation) on whether aforementioned + exit-before-reaping behaviour happens or not. + + Finally, why is it necessary to intercept the QMutex constructors + and destructors? The constructors are intercepted only as a matter + of convenience, so H can print accurate "first observed at" + clauses. However, it is actually necessary to intercept the + destructors (as it is with pthread_mutex_destroy) in order that + locks get removed from LAOG when they are destroyed. +*/ + +// soname is libQtCore.so.4 ; match against libQtCore.so* +#define QT4_FUNC(ret_ty, f, args...) \ + ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args); \ + ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args) + +// QMutex::lock() +QT4_FUNC(void, _ZN6QMutex4lockEv, void* self) +{ + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_QT4_FNS) { + fprintf(stderr, "<< QMutex::lock %p", self); fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + void*,self, long,0/*!isTryLock*/); + + CALL_FN_v_W(fn, self); + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + void*, self); + + if (TRACE_QT4_FNS) { + fprintf(stderr, " :: Q::lock done >>\n"); + } +} + +// QMutex::unlock() +QT4_FUNC(void, _ZN6QMutex6unlockEv, void* self) +{ + OrigFn fn; + VALGRIND_GET_ORIG_FN(fn); + + if (TRACE_QT4_FNS) { + fprintf(stderr, "<< QMutex::unlock %p", self); fflush(stderr); + } + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE, + void*, self); + + CALL_FN_v_W(fn, self); + + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_POST, + void*, self); + + if (TRACE_QT4_FNS) { + fprintf(stderr, " Q::unlock done >>\n"); + } +} + +// bool QMutex::tryLock() +// using 'long' to mimic C++ 'bool' +QT4_FUNC(long, _ZN6QMutex7tryLockEv, void* self) +{ + OrigFn fn; + long ret; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_QT4_FNS) { + fprintf(stderr, "<< QMutex::tryLock %p", self); fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + void*,self, long,1/*isTryLock*/); + + CALL_FN_W_W(ret, fn, self); + + // assumes that only the low 8 bits of the 'bool' are significant + if (ret & 0xFF) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + void*, self); + } + + if (TRACE_QT4_FNS) { + fprintf(stderr, " :: Q::tryLock -> %lu >>\n", ret); + } + + return ret; +} + +// bool QMutex::tryLock(int) +// using 'long' to mimic C++ 'bool' +QT4_FUNC(long, _ZN6QMutex7tryLockEi, void* self, long arg2) +{ + OrigFn fn; + long ret; + VALGRIND_GET_ORIG_FN(fn); + if (TRACE_QT4_FNS) { + fprintf(stderr, "<< QMutex::tryLock(int) %p %d", self, (int)arg2); + fflush(stderr); + } + + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE, + void*,self, long,1/*isTryLock*/); + + CALL_FN_W_WW(ret, fn, self,arg2); + + // assumes that only the low 8 bits of the 'bool' are significant + if (ret & 0xFF) { + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST, + void*, self); + } + + if (TRACE_QT4_FNS) { + fprintf(stderr, " :: Q::tryLock(int) -> %lu >>\n", ret); + } + + return ret; +} + + +// It's not really very clear what the args are here. But from +// a bit of dataflow analysis of the generated machine code of +// the original function, it appears this takes two args, and +// returns nothing. Nevertheless preserve return value just in +// case. A bit of debug printing indicates that the first arg +// is that of the mutex and the second is either zero or one, +// probably being the recursion mode, therefore. +// QMutex::QMutex(QMutex::RecursionMode) ("C1ENS" variant) +QT4_FUNC(void*, _ZN6QMutexC1ENS_13RecursionModeE, + void* mutex, + long recmode) +{ + OrigFn fn; + long ret; + VALGRIND_GET_ORIG_FN(fn); + CALL_FN_W_WW(ret, fn, mutex, recmode); + // fprintf(stderr, "QMutex constructor 1: %p <- %p %p\n", ret, arg1, arg2); + DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_MUTEX_INIT_POST, + void*,mutex, long,1/*mbRec*/); + return (void*)ret; +} + +// QMutex::~QMutex() ("D1Ev" variant) +QT4_FUNC(void*, _ZN6QMutexD1Ev, void* mutex) +{ + OrigFn fn; + long ret; + VALGRIND_GET_ORIG_FN(fn); + DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_MUTEX_DESTROY_PRE, + void*,mutex); + CALL_FN_W_W(ret, fn, mutex); + return (void*)ret; +} + + +// QMutex::QMutex(QMutex::RecursionMode) ("C2ENS" variant) +QT4_FUNC(void*, _ZN6QMutexC2ENS_13RecursionModeE, + void* mutex, + long recmode) +{ + assert(0); +} + +// QMutex::~QMutex() ("D2Ev" variant) +QT4_FUNC(void*, _ZN6QMutexD2Ev, void* mutex) +{ + assert(0); +} + + +// QReadWriteLock is not intercepted directly. See comments +// above. + +//// QReadWriteLock::lockForRead() +//// _ZN14QReadWriteLock11lockForReadEv == QReadWriteLock::lockForRead() +//QT4_FUNC(void, ZuZZN14QReadWriteLock11lockForReadEv, +// // _ZN14QReadWriteLock11lockForReadEv +// void* self) +//{ +// OrigFn fn; +// VALGRIND_GET_ORIG_FN(fn); +// if (TRACE_QT4_FNS) { +// fprintf(stderr, "<< QReadWriteLock::lockForRead %p", self); +// fflush(stderr); +// } +// +// DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, +// void*,self, +// long,0/*!isW*/, long,0/*!isTryLock*/); +// +// CALL_FN_v_W(fn, self); +// +// DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, +// void*,self, long,0/*!isW*/); +// +// if (TRACE_QT4_FNS) { +// fprintf(stderr, " :: Q::lockForRead :: done >>\n"); +// } +//} +// +//// QReadWriteLock::lockForWrite() +//// _ZN14QReadWriteLock12lockForWriteEv == QReadWriteLock::lockForWrite() +//QT4_FUNC(void, ZuZZN14QReadWriteLock12lockForWriteEv, +// // _ZN14QReadWriteLock12lockForWriteEv +// void* self) +//{ +// OrigFn fn; +// VALGRIND_GET_ORIG_FN(fn); +// if (TRACE_QT4_FNS) { +// fprintf(stderr, "<< QReadWriteLock::lockForWrite %p", self); +// fflush(stderr); +// } +// +// DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE, +// void*,self, +// long,1/*isW*/, long,0/*!isTryLock*/); +// +// CALL_FN_v_W(fn, self); +// +// DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST, +// void*,self, long,1/*isW*/); +// +// if (TRACE_QT4_FNS) { +// fprintf(stderr, " :: Q::lockForWrite :: done >>\n"); +// } +//} +// +//// QReadWriteLock::unlock() +//// _ZN14QReadWriteLock6unlockEv == QReadWriteLock::unlock() +//QT4_FUNC(void, ZuZZN14QReadWriteLock6unlockEv, +// // _ZN14QReadWriteLock6unlockEv +// void* self) +//{ +// OrigFn fn; +// VALGRIND_GET_ORIG_FN(fn); +// if (TRACE_QT4_FNS) { +// fprintf(stderr, "<< QReadWriteLock::unlock %p", self); +// fflush(stderr); +// } +// +// DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE, +// void*,self); +// +// CALL_FN_v_W(fn, self); +// +// DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST, +// void*,self); +// +// if (TRACE_QT4_FNS) { +// fprintf(stderr, " :: Q::unlock :: done >>\n"); +// } +//} + + +/*----------------------------------------------------------------*/ +/*--- Replacements for basic string functions, that don't ---*/ +/*--- overrun the input arrays. ---*/ +/*----------------------------------------------------------------*/ + +/* Copied verbatim from memcheck/mc_replace_strmem.c. When copying + new functions, please keep them in the same order as they appear in + mc_replace_strmem.c. */ + + +#define STRCHR(soname, fnname) \ + char* VG_REPLACE_FUNCTION_ZU(soname,fnname) ( const char* s, int c ); \ + char* VG_REPLACE_FUNCTION_ZU(soname,fnname) ( const char* s, int c ) \ + { \ + UChar ch = (UChar)((UInt)c); \ + UChar* p = (UChar*)s; \ + while (True) { \ + if (*p == ch) return p; \ + if (*p == 0) return NULL; \ + p++; \ + } \ + } + +// Apparently index() is the same thing as strchr() +STRCHR(VG_Z_LIBC_SONAME, strchr) +STRCHR(VG_Z_LD_LINUX_SO_2, strchr) +STRCHR(VG_Z_LD_LINUX_X86_64_SO_2, strchr) +STRCHR(VG_Z_LIBC_SONAME, index) +STRCHR(VG_Z_LD_LINUX_SO_2, index) +STRCHR(VG_Z_LD_LINUX_X86_64_SO_2, index) + + +// Note that this replacement often doesn't get used because gcc inlines +// calls to strlen() with its own built-in version. This can be very +// confusing if you aren't expecting it. Other small functions in this file +// may also be inline by gcc. +#define STRLEN(soname, fnname) \ + SizeT VG_REPLACE_FUNCTION_ZU(soname,fnname)( const char* str ); \ + SizeT VG_REPLACE_FUNCTION_ZU(soname,fnname)( const char* str ) \ + { \ + SizeT i = 0; \ + while (str[i] != 0) i++; \ + return i; \ + } + +STRLEN(VG_Z_LIBC_SONAME, strlen) +STRLEN(VG_Z_LD_LINUX_SO_2, strlen) +STRLEN(VG_Z_LD_LINUX_X86_64_SO_2, strlen) + + +#define STRCPY(soname, fnname) \ + char* VG_REPLACE_FUNCTION_ZU(soname, fnname) ( char* dst, const char* src ); \ + char* VG_REPLACE_FUNCTION_ZU(soname, fnname) ( char* dst, const char* src ) \ + { \ + const Char* dst_orig = dst; \ + \ + while (*src) *dst++ = *src++; \ + *dst = 0; \ + \ + return (char*)dst_orig; \ + } + +STRCPY(VG_Z_LIBC_SONAME, strcpy) + + +#define STRCMP(soname, fnname) \ + int VG_REPLACE_FUNCTION_ZU(soname,fnname) \ + ( const char* s1, const char* s2 ); \ + int VG_REPLACE_FUNCTION_ZU(soname,fnname) \ + ( const char* s1, const char* s2 ) \ + { \ + register unsigned char c1; \ + register unsigned char c2; \ + while (True) { \ + c1 = *(unsigned char *)s1; \ + c2 = *(unsigned char *)s2; \ + if (c1 != c2) break; \ + if (c1 == 0) break; \ + s1++; s2++; \ + } \ + if ((unsigned char)c1 < (unsigned char)c2) return -1; \ + if ((unsigned char)c1 > (unsigned char)c2) return 1; \ + return 0; \ + } + +STRCMP(VG_Z_LIBC_SONAME, strcmp) +STRCMP(VG_Z_LD_LINUX_X86_64_SO_2, strcmp) +STRCMP(VG_Z_LD64_SO_1, strcmp) + + +#define MEMCPY(soname, fnname) \ + void* VG_REPLACE_FUNCTION_ZU(soname,fnname) \ + ( void *dst, const void *src, SizeT len ); \ + void* VG_REPLACE_FUNCTION_ZU(soname,fnname) \ + ( void *dst, const void *src, SizeT len ) \ + { \ + register char *d; \ + register char *s; \ + \ + if (len == 0) \ + return dst; \ + \ + if ( dst > src ) { \ + d = (char *)dst + len - 1; \ + s = (char *)src + len - 1; \ + while ( len >= 4 ) { \ + *d-- = *s--; \ + *d-- = *s--; \ + *d-- = *s--; \ + *d-- = *s--; \ + len -= 4; \ + } \ + while ( len-- ) { \ + *d-- = *s--; \ + } \ + } else if ( dst < src ) { \ + d = (char *)dst; \ + s = (char *)src; \ + while ( len >= 4 ) { \ + *d++ = *s++; \ + *d++ = *s++; \ + *d++ = *s++; \ + *d++ = *s++; \ + len -= 4; \ + } \ + while ( len-- ) { \ + *d++ = *s++; \ + } \ + } \ + return dst; \ + } + +MEMCPY(VG_Z_LIBC_SONAME, memcpy) +MEMCPY(VG_Z_LD_SO_1, memcpy) /* ld.so.1 */ +MEMCPY(VG_Z_LD64_SO_1, memcpy) /* ld64.so.1 */ +/* icc9 blats these around all over the place. Not only in the main + executable but various .so's. They are highly tuned and read + memory beyond the source boundary (although work correctly and + never go across page boundaries), so give errors when run natively, + at least for misaligned source arg. Just intercepting in the exe + only until we understand more about the problem. See + http://bugs.kde.org/show_bug.cgi?id=139776 + */ +MEMCPY(NONE, _intel_fast_memcpy) + + +/*--------------------------------------------------------------------*/ +/*--- end tc_intercepts.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_lock_n_thread.c.svn-base b/helgrind/.svn/text-base/hg_lock_n_thread.c.svn-base new file mode 100644 index 0000000..bcdb236 --- /dev/null +++ b/helgrind/.svn/text-base/hg_lock_n_thread.c.svn-base @@ -0,0 +1,123 @@ + +/*--------------------------------------------------------------------*/ +/*--- Definitions for Locks and Threads. ---*/ +/*--- hg_lock_n_thread.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_execontext.h" +#include "pub_tool_threadstate.h" +#include "pub_tool_wordfm.h" + +#include "hg_basics.h" +#include "hg_wordset.h" +#include "hg_lock_n_thread.h" /* self */ + + +/*----------------------------------------------------------------*/ +/*--- Sanity checking ---*/ +/*----------------------------------------------------------------*/ + +inline Bool HG_(is_sane_Thread) ( Thread* thr ) { + return thr != NULL && thr->magic == Thread_MAGIC; +} + +static Bool is_sane_Bag_of_Threads ( WordBag* bag ) +{ + Thread* thr; + Word count; + VG_(initIterBag)( bag ); + while (VG_(nextIterBag)( bag, (Word*)&thr, &count )) { + if (count < 1) return False; + if (!HG_(is_sane_Thread)(thr)) return False; + } + VG_(doneIterBag)( bag ); + return True; +} + +static Bool is_sane_Lock_BASE ( Lock* lock ) +{ + if (lock == NULL + || (lock->magic != LockN_MAGIC && lock->magic != LockP_MAGIC)) + return False; + switch (lock->kind) { + case LK_mbRec: case LK_nonRec: case LK_rdwr: break; + default: return False; + } + if (lock->heldBy == NULL) { + if (lock->acquired_at != NULL) return False; + /* Unheld. We arbitrarily require heldW to be False. */ + return !lock->heldW; + } else { + if (lock->acquired_at == NULL) return False; + } + + /* If heldBy is non-NULL, we require it to contain at least one + thread. */ + if (VG_(isEmptyBag)(lock->heldBy)) + return False; + + /* Lock is either r- or w-held. */ + if (!is_sane_Bag_of_Threads(lock->heldBy)) + return False; + if (lock->heldW) { + /* Held in write-mode */ + if ((lock->kind == LK_nonRec || lock->kind == LK_rdwr) + && !VG_(isSingletonTotalBag)(lock->heldBy)) + return False; + } else { + /* Held in read-mode */ + if (lock->kind != LK_rdwr) return False; + } + return True; +} + +Bool HG_(is_sane_LockP) ( Lock* lock ) { + return lock != NULL + && lock->magic == LockP_MAGIC + && lock->hbso == NULL + && is_sane_Lock_BASE(lock); +} + +Bool HG_(is_sane_LockN) ( Lock* lock ) { + return lock != NULL + && lock->magic == LockN_MAGIC + && lock->hbso != NULL + && is_sane_Lock_BASE(lock); +} + +Bool HG_(is_sane_LockNorP) ( Lock* lock ) { + return is_sane_Lock_BASE(lock); +} + + +/*--------------------------------------------------------------------*/ +/*--- end hg_lock_n_thread.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_lock_n_thread.h.svn-base b/helgrind/.svn/text-base/hg_lock_n_thread.h.svn-base new file mode 100644 index 0000000..01ae3aa --- /dev/null +++ b/helgrind/.svn/text-base/hg_lock_n_thread.h.svn-base @@ -0,0 +1,165 @@ + +/*--------------------------------------------------------------------*/ +/*--- Definitions for Locks and Threads. ---*/ +/*--- hg_lock_n_thread.h ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#ifndef __HG_LOCK_N_THREAD_H +#define __HG_LOCK_N_THREAD_H + + +/*----------------------------------------------------------------*/ +/*--- Primary data definitions ---*/ +/*----------------------------------------------------------------*/ + +/* Magic numbers, for doing assertions that structures really are of + the right type. Useful as some of the code can get a bit + complex. */ +#define Thread_MAGIC 0x504fc5e5 +#define LockN_MAGIC 0x6545b557 /* normal nonpersistent locks */ +#define LockP_MAGIC 0x755b5456 /* persistent (copied) locks */ + + +/* These are handles for Word sets. CONSTRAINTS: must be (very) small + ints numbered from zero, since < 30-bit versions of them are used to + encode thread-sets and lock-sets in 32-bit shadow words. */ +typedef WordSet WordSetID; + + +/* Synchronisation Objects, exported abstractly by libhb. */ +typedef struct _SO SO; + +/* Thr, libhb's private thread record, exported abstractly */ +typedef struct _Thr Thr; + + +/* Stores information about a thread. Addresses of these also serve + as unique thread identifiers and so are never freed, so they should + be as small as possible. Freeing Thread structures makes the + storage management just too complex, and most programs don't create + many threads, so tolerating this leak seems like a not-bad + tradeoff. + + Since these are never freed, the .coretid field only indicates the + core's ThreadId associated with this Thread whilst it is alive. + Once the thread finishes, the ThreadId is set to + VG_INVALID_THREADID. + + The core may later re-use the same ThreadId for what is a logically + completely different thread, which of course must have a different + Thread structure. */ +typedef + struct _Thread { + /* ADMIN */ + struct _Thread* admin; + UInt magic; + Thr* hbthr; + ThreadId coretid; + /* USEFUL */ + WordSetID locksetA; /* WordSet of Lock* currently held by thread */ + WordSetID locksetW; /* subset of locksetA held in w-mode */ + /* EXPOSITION */ + /* Place where parent was when this thread was created. */ + ExeContext* created_at; + Bool announced; + /* Index for generating references in error messages. */ + Int errmsg_index; + } + Thread; + + +/* Stores information about a lock's current state. These are + allocated and later freed (when the containing memory becomes + NoAccess). This gives a problem for the XError type, which + contains Lock*s. Solution is to copy any Lock which is to be + incorporated into an XErrors, so as to make it independent from the + 'normal' collection of Locks, which can come and go. When the lock + is copied, its .magic is changed from LockN_Magic to + LockP_Magic. */ + +/* Lock kinds. */ +typedef + enum { + LK_mbRec=1001, /* normal mutex, possibly recursive */ + LK_nonRec, /* normal mutex, definitely non recursive */ + LK_rdwr /* reader-writer lock */ + } + LockKind; + +typedef + struct _Lock { + /* ADMIN */ + struct _Lock* admin; + ULong unique; /* used for persistence-hashing */ + UInt magic; /* LockN_MAGIC or LockP_MAGIC */ + /* EXPOSITION */ + /* Place where lock first came to the attention of Helgrind. */ + ExeContext* appeared_at; + /* If the lock is held, place where the lock most recently made + an unlocked->locked transition. Must be sync'd with .heldBy: + either both NULL or both non-NULL. */ + ExeContext* acquired_at; + /* USEFUL-STATIC */ + SO* hbso; /* associated SO */ + Addr guestaddr; /* Guest address of lock */ + LockKind kind; /* what kind of lock this is */ + /* USEFUL-DYNAMIC */ + Bool heldW; + WordBag* heldBy; /* bag of threads that hold this lock */ + /* .heldBy is NULL: lock is unheld, and .heldW is meaningless + but arbitrarily set to False + .heldBy is non-NULL: + .heldW is True: lock is w-held by threads in heldBy + .heldW is False: lock is r-held by threads in heldBy + Either way, heldBy may not validly be an empty Bag. + + for LK_nonRec, r-holdings are not allowed, and w-holdings may + only have sizeTotal(heldBy) == 1 + + for LK_mbRec, r-holdings are not allowed, and w-holdings may + only have sizeUnique(heldBy) == 1 + + for LK_rdwr, w-holdings may only have sizeTotal(heldBy) == 1 */ + } + Lock; + +/*----------------------------------------------------------------*/ +/*--- Sanity checking ---*/ +/*----------------------------------------------------------------*/ + +Bool HG_(is_sane_Thread) ( Thread* thr ); +Bool HG_(is_sane_LockP) ( Lock* lock ); +Bool HG_(is_sane_LockN) ( Lock* lock ); +Bool HG_(is_sane_LockNorP) ( Lock* lock ); + + +#endif /* ! __HG_LOCK_N_THREAD_H */ + +/*--------------------------------------------------------------------*/ +/*--- end hg_lock_n_thread.h ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_main.c.svn-base b/helgrind/.svn/text-base/hg_main.c.svn-base new file mode 100644 index 0000000..d63d73b --- /dev/null +++ b/helgrind/.svn/text-base/hg_main.c.svn-base @@ -0,0 +1,4287 @@ + +/*--------------------------------------------------------------------*/ +/*--- Helgrind: a Valgrind tool for detecting errors ---*/ +/*--- in threaded programs. hg_main.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks LLP + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. + + Neither the names of the U.S. Department of Energy nor the + University of California nor the names of its contributors may be + used to endorse or promote products derived from this software + without prior written permission. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcprint.h" +#include "pub_tool_threadstate.h" +#include "pub_tool_tooliface.h" +#include "pub_tool_hashtable.h" +#include "pub_tool_replacemalloc.h" +#include "pub_tool_machine.h" +#include "pub_tool_options.h" +#include "pub_tool_xarray.h" +#include "pub_tool_stacktrace.h" +#include "pub_tool_debuginfo.h" /* VG_(get_data_description) */ +#include "pub_tool_wordfm.h" + +#include "hg_basics.h" +#include "hg_wordset.h" +#include "hg_lock_n_thread.h" +#include "hg_errors.h" + +#include "libhb.h" + +#include "helgrind.h" + + +// FIXME: new_mem_w_tid ignores the supplied tid. (wtf?!) + +// FIXME: when client destroys a lock or a CV, remove these +// from our mappings, so that the associated SO can be freed up + +/*----------------------------------------------------------------*/ +/*--- ---*/ +/*----------------------------------------------------------------*/ + +/* Note this needs to be compiled with -fno-strict-aliasing, since it + contains a whole bunch of calls to lookupFM etc which cast between + Word and pointer types. gcc rightly complains this breaks ANSI C + strict aliasing rules, at -O2. No complaints at -O, but -O2 gives + worthwhile performance benefits over -O. +*/ + +// FIXME catch sync signals (SEGV, basically) and unlock BHL, +// if held. Otherwise a LOCK-prefixed insn which segfaults +// gets Helgrind into a total muddle as the BHL will not be +// released after the insn. + +// FIXME what is supposed to happen to locks in memory which +// is relocated as a result of client realloc? + +// FIXME put referencing ThreadId into Thread and get +// rid of the slow reverse mapping function. + +// FIXME accesses to NoAccess areas: change state to Excl? + +// FIXME report errors for accesses of NoAccess memory? + +// FIXME pth_cond_wait/timedwait wrappers. Even if these fail, +// the thread still holds the lock. + +/* ------------ Debug/trace options ------------ */ + +// this is: +// shadow_mem_make_NoAccess: 29156 SMs, 1728 scanned +// happens_before_wrk: 1000 +// ev__post_thread_join: 3360 SMs, 29 scanned, 252 re-Excls +#define SHOW_EXPENSIVE_STUFF 0 + +// 0 for silent, 1 for some stuff, 2 for lots of stuff +#define SHOW_EVENTS 0 + + +static void all__sanity_check ( Char* who ); /* fwds */ + +#define HG_CLI__MALLOC_REDZONE_SZB 16 /* let's say */ + +// 0 for none, 1 for dump at end of run +#define SHOW_DATA_STRUCTURES 0 + + +/* ------------ Misc comments ------------ */ + +// FIXME: don't hardwire initial entries for root thread. +// Instead, let the pre_thread_ll_create handler do this. + + +/*----------------------------------------------------------------*/ +/*--- Primary data structures ---*/ +/*----------------------------------------------------------------*/ + +/* Admin linked list of Threads */ +static Thread* admin_threads = NULL; + +/* Admin linked list of Locks */ +static Lock* admin_locks = NULL; + +/* Mapping table for core ThreadIds to Thread* */ +static Thread** map_threads = NULL; /* Array[VG_N_THREADS] of Thread* */ + +/* Mapping table for lock guest addresses to Lock* */ +static WordFM* map_locks = NULL; /* WordFM LockAddr Lock* */ + +/* The word-set universes for thread sets and lock sets. */ +static WordSetU* univ_tsets = NULL; /* sets of Thread* */ +static WordSetU* univ_lsets = NULL; /* sets of Lock* */ +static WordSetU* univ_laog = NULL; /* sets of Lock*, for LAOG */ + +/* never changed; we only care about its address. Is treated as if it + was a standard userspace lock. Also we have a Lock* describing it + so it can participate in lock sets in the usual way. */ +static Int __bus_lock = 0; +static Lock* __bus_lock_Lock = NULL; + + +/*----------------------------------------------------------------*/ +/*--- Simple helpers for the data structures ---*/ +/*----------------------------------------------------------------*/ + +static UWord stats__lockN_acquires = 0; +static UWord stats__lockN_releases = 0; + +static +ThreadId map_threads_maybe_reverse_lookup_SLOW ( Thread* thr ); /*fwds*/ + +/* --------- Constructors --------- */ + +static Thread* mk_Thread ( Thr* hbthr ) { + static Int indx = 1; + Thread* thread = HG_(zalloc)( "hg.mk_Thread.1", sizeof(Thread) ); + thread->locksetA = HG_(emptyWS)( univ_lsets ); + thread->locksetW = HG_(emptyWS)( univ_lsets ); + thread->magic = Thread_MAGIC; + thread->hbthr = hbthr; + thread->coretid = VG_INVALID_THREADID; + thread->created_at = NULL; + thread->announced = False; + thread->errmsg_index = indx++; + thread->admin = admin_threads; + admin_threads = thread; + return thread; +} + +// Make a new lock which is unlocked (hence ownerless) +static Lock* mk_LockN ( LockKind kind, Addr guestaddr ) { + static ULong unique = 0; + Lock* lock = HG_(zalloc)( "hg.mk_Lock.1", sizeof(Lock) ); + lock->admin = admin_locks; + lock->unique = unique++; + lock->magic = LockN_MAGIC; + lock->appeared_at = NULL; + lock->acquired_at = NULL; + lock->hbso = libhb_so_alloc(); + lock->guestaddr = guestaddr; + lock->kind = kind; + lock->heldW = False; + lock->heldBy = NULL; + tl_assert(HG_(is_sane_LockN)(lock)); + admin_locks = lock; + return lock; +} + +/* Release storage for a Lock. Also release storage in .heldBy, if + any. */ +static void del_LockN ( Lock* lk ) +{ + tl_assert(HG_(is_sane_LockN)(lk)); + tl_assert(lk->hbso); + libhb_so_dealloc(lk->hbso); + if (lk->heldBy) + VG_(deleteBag)( lk->heldBy ); + VG_(memset)(lk, 0xAA, sizeof(*lk)); + HG_(free)(lk); +} + +/* Update 'lk' to reflect that 'thr' now has a write-acquisition of + it. This is done strictly: only combinations resulting from + correct program and libpthread behaviour are allowed. */ +static void lockN_acquire_writer ( Lock* lk, Thread* thr ) +{ + tl_assert(HG_(is_sane_LockN)(lk)); + tl_assert(HG_(is_sane_Thread)(thr)); + + stats__lockN_acquires++; + + /* EXPOSITION only */ + /* We need to keep recording snapshots of where the lock was + acquired, so as to produce better lock-order error messages. */ + if (lk->acquired_at == NULL) { + ThreadId tid; + tl_assert(lk->heldBy == NULL); + tid = map_threads_maybe_reverse_lookup_SLOW(thr); + lk->acquired_at + = VG_(record_ExeContext)(tid, 0/*first_ip_delta*/); + } else { + tl_assert(lk->heldBy != NULL); + } + /* end EXPOSITION only */ + + switch (lk->kind) { + case LK_nonRec: + case_LK_nonRec: + tl_assert(lk->heldBy == NULL); /* can't w-lock recursively */ + tl_assert(!lk->heldW); + lk->heldW = True; + lk->heldBy = VG_(newBag)( HG_(zalloc), "hg.lNaw.1", HG_(free) ); + VG_(addToBag)( lk->heldBy, (Word)thr ); + break; + case LK_mbRec: + if (lk->heldBy == NULL) + goto case_LK_nonRec; + /* 2nd and subsequent locking of a lock by its owner */ + tl_assert(lk->heldW); + /* assert: lk is only held by one thread .. */ + tl_assert(VG_(sizeUniqueBag(lk->heldBy)) == 1); + /* assert: .. and that thread is 'thr'. */ + tl_assert(VG_(elemBag)(lk->heldBy, (Word)thr) + == VG_(sizeTotalBag)(lk->heldBy)); + VG_(addToBag)(lk->heldBy, (Word)thr); + break; + case LK_rdwr: + tl_assert(lk->heldBy == NULL && !lk->heldW); /* must be unheld */ + goto case_LK_nonRec; + default: + tl_assert(0); + } + tl_assert(HG_(is_sane_LockN)(lk)); +} + +static void lockN_acquire_reader ( Lock* lk, Thread* thr ) +{ + tl_assert(HG_(is_sane_LockN)(lk)); + tl_assert(HG_(is_sane_Thread)(thr)); + /* can only add reader to a reader-writer lock. */ + tl_assert(lk->kind == LK_rdwr); + /* lk must be free or already r-held. */ + tl_assert(lk->heldBy == NULL + || (lk->heldBy != NULL && !lk->heldW)); + + stats__lockN_acquires++; + + /* EXPOSITION only */ + /* We need to keep recording snapshots of where the lock was + acquired, so as to produce better lock-order error messages. */ + if (lk->acquired_at == NULL) { + ThreadId tid; + tl_assert(lk->heldBy == NULL); + tid = map_threads_maybe_reverse_lookup_SLOW(thr); + lk->acquired_at + = VG_(record_ExeContext)(tid, 0/*first_ip_delta*/); + } else { + tl_assert(lk->heldBy != NULL); + } + /* end EXPOSITION only */ + + if (lk->heldBy) { + VG_(addToBag)(lk->heldBy, (Word)thr); + } else { + lk->heldW = False; + lk->heldBy = VG_(newBag)( HG_(zalloc), "hg.lNar.1", HG_(free) ); + VG_(addToBag)( lk->heldBy, (Word)thr ); + } + tl_assert(!lk->heldW); + tl_assert(HG_(is_sane_LockN)(lk)); +} + +/* Update 'lk' to reflect a release of it by 'thr'. This is done + strictly: only combinations resulting from correct program and + libpthread behaviour are allowed. */ + +static void lockN_release ( Lock* lk, Thread* thr ) +{ + Bool b; + tl_assert(HG_(is_sane_LockN)(lk)); + tl_assert(HG_(is_sane_Thread)(thr)); + /* lock must be held by someone */ + tl_assert(lk->heldBy); + stats__lockN_releases++; + /* Remove it from the holder set */ + b = VG_(delFromBag)(lk->heldBy, (Word)thr); + /* thr must actually have been a holder of lk */ + tl_assert(b); + /* normalise */ + tl_assert(lk->acquired_at); + if (VG_(isEmptyBag)(lk->heldBy)) { + VG_(deleteBag)(lk->heldBy); + lk->heldBy = NULL; + lk->heldW = False; + lk->acquired_at = NULL; + } + tl_assert(HG_(is_sane_LockN)(lk)); +} + +static void remove_Lock_from_locksets_of_all_owning_Threads( Lock* lk ) +{ + Thread* thr; + if (!lk->heldBy) { + tl_assert(!lk->heldW); + return; + } + /* for each thread that holds this lock do ... */ + VG_(initIterBag)( lk->heldBy ); + while (VG_(nextIterBag)( lk->heldBy, (Word*)&thr, NULL )) { + tl_assert(HG_(is_sane_Thread)(thr)); + tl_assert(HG_(elemWS)( univ_lsets, + thr->locksetA, (Word)lk )); + thr->locksetA + = HG_(delFromWS)( univ_lsets, thr->locksetA, (Word)lk ); + + if (lk->heldW) { + tl_assert(HG_(elemWS)( univ_lsets, + thr->locksetW, (Word)lk )); + thr->locksetW + = HG_(delFromWS)( univ_lsets, thr->locksetW, (Word)lk ); + } + } + VG_(doneIterBag)( lk->heldBy ); +} + + +/*----------------------------------------------------------------*/ +/*--- Print out the primary data structures ---*/ +/*----------------------------------------------------------------*/ + +//static WordSetID del_BHL ( WordSetID lockset ); /* fwds */ + +#define PP_THREADS (1<<1) +#define PP_LOCKS (1<<2) +#define PP_ALL (PP_THREADS | PP_LOCKS) + + +static const Int sHOW_ADMIN = 0; + +static void space ( Int n ) +{ + Int i; + Char spaces[128+1]; + tl_assert(n >= 0 && n < 128); + if (n == 0) + return; + for (i = 0; i < n; i++) + spaces[i] = ' '; + spaces[i] = 0; + tl_assert(i < 128+1); + VG_(printf)("%s", spaces); +} + +static void pp_Thread ( Int d, Thread* t ) +{ + space(d+0); VG_(printf)("Thread %p {\n", t); + if (sHOW_ADMIN) { + space(d+3); VG_(printf)("admin %p\n", t->admin); + space(d+3); VG_(printf)("magic 0x%x\n", (UInt)t->magic); + } + space(d+3); VG_(printf)("locksetA %d\n", (Int)t->locksetA); + space(d+3); VG_(printf)("locksetW %d\n", (Int)t->locksetW); + space(d+0); VG_(printf)("}\n"); +} + +static void pp_admin_threads ( Int d ) +{ + Int i, n; + Thread* t; + for (n = 0, t = admin_threads; t; n++, t = t->admin) { + /* nothing */ + } + space(d); VG_(printf)("admin_threads (%d records) {\n", n); + for (i = 0, t = admin_threads; t; i++, t = t->admin) { + if (0) { + space(n); + VG_(printf)("admin_threads record %d of %d:\n", i, n); + } + pp_Thread(d+3, t); + } + space(d); VG_(printf)("}\n"); +} + +static void pp_map_threads ( Int d ) +{ + Int i, n = 0; + space(d); VG_(printf)("map_threads "); + for (i = 0; i < VG_N_THREADS; i++) { + if (map_threads[i] != NULL) + n++; + } + VG_(printf)("(%d entries) {\n", n); + for (i = 0; i < VG_N_THREADS; i++) { + if (map_threads[i] == NULL) + continue; + space(d+3); + VG_(printf)("coretid %d -> Thread %p\n", i, map_threads[i]); + } + space(d); VG_(printf)("}\n"); +} + +static const HChar* show_LockKind ( LockKind lkk ) { + switch (lkk) { + case LK_mbRec: return "mbRec"; + case LK_nonRec: return "nonRec"; + case LK_rdwr: return "rdwr"; + default: tl_assert(0); + } +} + +static void pp_Lock ( Int d, Lock* lk ) +{ + space(d+0); VG_(printf)("Lock %p (ga %#lx) {\n", lk, lk->guestaddr); + if (sHOW_ADMIN) { + space(d+3); VG_(printf)("admin %p\n", lk->admin); + space(d+3); VG_(printf)("magic 0x%x\n", (UInt)lk->magic); + } + space(d+3); VG_(printf)("unique %llu\n", lk->unique); + space(d+3); VG_(printf)("kind %s\n", show_LockKind(lk->kind)); + space(d+3); VG_(printf)("heldW %s\n", lk->heldW ? "yes" : "no"); + space(d+3); VG_(printf)("heldBy %p", lk->heldBy); + if (lk->heldBy) { + Thread* thr; + Word count; + VG_(printf)(" { "); + VG_(initIterBag)( lk->heldBy ); + while (VG_(nextIterBag)( lk->heldBy, (Word*)&thr, &count )) + VG_(printf)("%lu:%p ", count, thr); + VG_(doneIterBag)( lk->heldBy ); + VG_(printf)("}"); + } + VG_(printf)("\n"); + space(d+0); VG_(printf)("}\n"); +} + +static void pp_admin_locks ( Int d ) +{ + Int i, n; + Lock* lk; + for (n = 0, lk = admin_locks; lk; n++, lk = lk->admin) { + /* nothing */ + } + space(d); VG_(printf)("admin_locks (%d records) {\n", n); + for (i = 0, lk = admin_locks; lk; i++, lk = lk->admin) { + if (0) { + space(n); + VG_(printf)("admin_locks record %d of %d:\n", i, n); + } + pp_Lock(d+3, lk); + } + space(d); VG_(printf)("}\n"); +} + +static void pp_map_locks ( Int d ) +{ + void* gla; + Lock* lk; + space(d); VG_(printf)("map_locks (%d entries) {\n", + (Int)VG_(sizeFM)( map_locks )); + VG_(initIterFM)( map_locks ); + while (VG_(nextIterFM)( map_locks, (Word*)&gla, + (Word*)&lk )) { + space(d+3); + VG_(printf)("guest %p -> Lock %p\n", gla, lk); + } + VG_(doneIterFM)( map_locks ); + space(d); VG_(printf)("}\n"); +} + +static void pp_everything ( Int flags, Char* caller ) +{ + Int d = 0; + VG_(printf)("\n"); + VG_(printf)("All_Data_Structures (caller = \"%s\") {\n", caller); + if (flags & PP_THREADS) { + VG_(printf)("\n"); + pp_admin_threads(d+3); + VG_(printf)("\n"); + pp_map_threads(d+3); + } + if (flags & PP_LOCKS) { + VG_(printf)("\n"); + pp_admin_locks(d+3); + VG_(printf)("\n"); + pp_map_locks(d+3); + } + + VG_(printf)("\n"); + VG_(printf)("}\n"); + VG_(printf)("\n"); +} + +#undef SHOW_ADMIN + + +/*----------------------------------------------------------------*/ +/*--- Initialise the primary data structures ---*/ +/*----------------------------------------------------------------*/ + +static void initialise_data_structures ( Thr* hbthr_root ) +{ + Thread* thr; + + /* Get everything initialised and zeroed. */ + tl_assert(admin_threads == NULL); + tl_assert(admin_locks == NULL); + + tl_assert(sizeof(Addr) == sizeof(Word)); + + tl_assert(map_threads == NULL); + map_threads = HG_(zalloc)( "hg.ids.1", VG_N_THREADS * sizeof(Thread*) ); + tl_assert(map_threads != NULL); + + tl_assert(sizeof(Addr) == sizeof(Word)); + tl_assert(map_locks == NULL); + map_locks = VG_(newFM)( HG_(zalloc), "hg.ids.2", HG_(free), + NULL/*unboxed Word cmp*/); + tl_assert(map_locks != NULL); + + __bus_lock_Lock = mk_LockN( LK_nonRec, (Addr)&__bus_lock ); + tl_assert(HG_(is_sane_LockN)(__bus_lock_Lock)); + VG_(addToFM)( map_locks, (Word)&__bus_lock, (Word)__bus_lock_Lock ); + + tl_assert(univ_tsets == NULL); + univ_tsets = HG_(newWordSetU)( HG_(zalloc), "hg.ids.3", HG_(free), + 8/*cacheSize*/ ); + tl_assert(univ_tsets != NULL); + + tl_assert(univ_lsets == NULL); + univ_lsets = HG_(newWordSetU)( HG_(zalloc), "hg.ids.4", HG_(free), + 8/*cacheSize*/ ); + tl_assert(univ_lsets != NULL); + + tl_assert(univ_laog == NULL); + univ_laog = HG_(newWordSetU)( HG_(zalloc), "hg.ids.5 (univ_laog)", + HG_(free), 24/*cacheSize*/ ); + tl_assert(univ_laog != NULL); + + /* Set up entries for the root thread */ + // FIXME: this assumes that the first real ThreadId is 1 + + /* a Thread for the new thread ... */ + thr = mk_Thread(hbthr_root); + thr->coretid = 1; /* FIXME: hardwires an assumption about the + identity of the root thread. */ + tl_assert( libhb_get_Thr_opaque(hbthr_root) == NULL ); + libhb_set_Thr_opaque(hbthr_root, thr); + + /* and bind it in the thread-map table. */ + tl_assert(HG_(is_sane_ThreadId)(thr->coretid)); + tl_assert(thr->coretid != VG_INVALID_THREADID); + + map_threads[thr->coretid] = thr; + + tl_assert(VG_INVALID_THREADID == 0); + + /* Mark the new bus lock correctly (to stop the sanity checks + complaining) */ + tl_assert( sizeof(__bus_lock) == 4 ); + + all__sanity_check("initialise_data_structures"); +} + + +/*----------------------------------------------------------------*/ +/*--- map_threads :: array[core-ThreadId] of Thread* ---*/ +/*----------------------------------------------------------------*/ + +/* Doesn't assert if the relevant map_threads entry is NULL. */ +static Thread* map_threads_maybe_lookup ( ThreadId coretid ) +{ + Thread* thr; + tl_assert( HG_(is_sane_ThreadId)(coretid) ); + thr = map_threads[coretid]; + return thr; +} + +/* Asserts if the relevant map_threads entry is NULL. */ +static inline Thread* map_threads_lookup ( ThreadId coretid ) +{ + Thread* thr; + tl_assert( HG_(is_sane_ThreadId)(coretid) ); + thr = map_threads[coretid]; + tl_assert(thr); + return thr; +} + +/* Do a reverse lookup. Does not assert if 'thr' is not found in + map_threads. */ +static ThreadId map_threads_maybe_reverse_lookup_SLOW ( Thread* thr ) +{ + ThreadId tid; + tl_assert(HG_(is_sane_Thread)(thr)); + /* Check nobody used the invalid-threadid slot */ + tl_assert(VG_INVALID_THREADID >= 0 && VG_INVALID_THREADID < VG_N_THREADS); + tl_assert(map_threads[VG_INVALID_THREADID] == NULL); + tid = thr->coretid; + tl_assert(HG_(is_sane_ThreadId)(tid)); + return tid; +} + +/* Do a reverse lookup. Warning: POTENTIALLY SLOW. Asserts if 'thr' + is not found in map_threads. */ +static ThreadId map_threads_reverse_lookup_SLOW ( Thread* thr ) +{ + ThreadId tid = map_threads_maybe_reverse_lookup_SLOW( thr ); + tl_assert(tid != VG_INVALID_THREADID); + tl_assert(map_threads[tid]); + tl_assert(map_threads[tid]->coretid == tid); + return tid; +} + +static void map_threads_delete ( ThreadId coretid ) +{ + Thread* thr; + tl_assert(coretid != 0); + tl_assert( HG_(is_sane_ThreadId)(coretid) ); + thr = map_threads[coretid]; + tl_assert(thr); + map_threads[coretid] = NULL; +} + + +/*----------------------------------------------------------------*/ +/*--- map_locks :: WordFM guest-Addr-of-lock Lock* ---*/ +/*----------------------------------------------------------------*/ + +/* Make sure there is a lock table entry for the given (lock) guest + address. If not, create one of the stated 'kind' in unheld state. + In any case, return the address of the existing or new Lock. */ +static +Lock* map_locks_lookup_or_create ( LockKind lkk, Addr ga, ThreadId tid ) +{ + Bool found; + Lock* oldlock = NULL; + tl_assert(HG_(is_sane_ThreadId)(tid)); + found = VG_(lookupFM)( map_locks, + NULL, (Word*)&oldlock, (Word)ga ); + if (!found) { + Lock* lock = mk_LockN(lkk, ga); + lock->appeared_at = VG_(record_ExeContext)( tid, 0 ); + tl_assert(HG_(is_sane_LockN)(lock)); + VG_(addToFM)( map_locks, (Word)ga, (Word)lock ); + tl_assert(oldlock == NULL); + return lock; + } else { + tl_assert(oldlock != NULL); + tl_assert(HG_(is_sane_LockN)(oldlock)); + tl_assert(oldlock->guestaddr == ga); + return oldlock; + } +} + +static Lock* map_locks_maybe_lookup ( Addr ga ) +{ + Bool found; + Lock* lk = NULL; + found = VG_(lookupFM)( map_locks, NULL, (Word*)&lk, (Word)ga ); + tl_assert(found ? lk != NULL : lk == NULL); + return lk; +} + +static void map_locks_delete ( Addr ga ) +{ + Addr ga2 = 0; + Lock* lk = NULL; + VG_(delFromFM)( map_locks, + (Word*)&ga2, (Word*)&lk, (Word)ga ); + /* delFromFM produces the val which is being deleted, if it is + found. So assert it is non-null; that in effect asserts that we + are deleting a (ga, Lock) pair which actually exists. */ + tl_assert(lk != NULL); + tl_assert(ga2 == ga); +} + + + +/*----------------------------------------------------------------*/ +/*--- Sanity checking the data structures ---*/ +/*----------------------------------------------------------------*/ + +static UWord stats__sanity_checks = 0; + +static void laog__sanity_check ( Char* who ); /* fwds */ + +/* REQUIRED INVARIANTS: + + Thread vs Segment/Lock/SecMaps + + for each t in Threads { + + // Thread.lockset: each element is really a valid Lock + + // Thread.lockset: each Lock in set is actually held by that thread + for lk in Thread.lockset + lk == LockedBy(t) + + // Thread.csegid is a valid SegmentID + // and the associated Segment has .thr == t + + } + + all thread Locksets are pairwise empty under intersection + (that is, no lock is claimed to be held by more than one thread) + -- this is guaranteed if all locks in locksets point back to their + owner threads + + Lock vs Thread/Segment/SecMaps + + for each entry (gla, la) in map_locks + gla == la->guest_addr + + for each lk in Locks { + + lk->tag is valid + lk->guest_addr does not have shadow state NoAccess + if lk == LockedBy(t), then t->lockset contains lk + if lk == UnlockedBy(segid) then segid is valid SegmentID + and can be mapped to a valid Segment(seg) + and seg->thr->lockset does not contain lk + if lk == UnlockedNew then (no lockset contains lk) + + secmaps for lk has .mbHasLocks == True + + } + + Segment vs Thread/Lock/SecMaps + + the Segment graph is a dag (no cycles) + all of the Segment graph must be reachable from the segids + mentioned in the Threads + + for seg in Segments { + + seg->thr is a sane Thread + + } + + SecMaps vs Segment/Thread/Lock + + for sm in SecMaps { + + sm properly aligned + if any shadow word is ShR or ShM then .mbHasShared == True + + for each Excl(segid) state + map_segments_lookup maps to a sane Segment(seg) + for each ShM/ShR(tsetid,lsetid) state + each lk in lset is a valid Lock + each thr in tset is a valid thread, which is non-dead + + } +*/ + + +/* Return True iff 'thr' holds 'lk' in some mode. */ +static Bool thread_is_a_holder_of_Lock ( Thread* thr, Lock* lk ) +{ + if (lk->heldBy) + return VG_(elemBag)( lk->heldBy, (Word)thr ) > 0; + else + return False; +} + +/* Sanity check Threads, as far as possible */ +__attribute__((noinline)) +static void threads__sanity_check ( Char* who ) +{ +#define BAD(_str) do { how = (_str); goto bad; } while (0) + Char* how = "no error"; + Thread* thr; + WordSetID wsA, wsW; + UWord* ls_words; + Word ls_size, i; + Lock* lk; + for (thr = admin_threads; thr; thr = thr->admin) { + if (!HG_(is_sane_Thread)(thr)) BAD("1"); + wsA = thr->locksetA; + wsW = thr->locksetW; + // locks held in W mode are a subset of all locks held + if (!HG_(isSubsetOf)( univ_lsets, wsW, wsA )) BAD("7"); + HG_(getPayloadWS)( &ls_words, &ls_size, univ_lsets, wsA ); + for (i = 0; i < ls_size; i++) { + lk = (Lock*)ls_words[i]; + // Thread.lockset: each element is really a valid Lock + if (!HG_(is_sane_LockN)(lk)) BAD("2"); + // Thread.lockset: each Lock in set is actually held by that + // thread + if (!thread_is_a_holder_of_Lock(thr,lk)) BAD("3"); + } + } + return; + bad: + VG_(printf)("threads__sanity_check: who=\"%s\", bad=\"%s\"\n", who, how); + tl_assert(0); +#undef BAD +} + + +/* Sanity check Locks, as far as possible */ +__attribute__((noinline)) +static void locks__sanity_check ( Char* who ) +{ +#define BAD(_str) do { how = (_str); goto bad; } while (0) + Char* how = "no error"; + Addr gla; + Lock* lk; + Int i; + // # entries in admin_locks == # entries in map_locks + for (i = 0, lk = admin_locks; lk; i++, lk = lk->admin) + ; + if (i != VG_(sizeFM)(map_locks)) BAD("1"); + // for each entry (gla, lk) in map_locks + // gla == lk->guest_addr + VG_(initIterFM)( map_locks ); + while (VG_(nextIterFM)( map_locks, + (Word*)&gla, (Word*)&lk )) { + if (lk->guestaddr != gla) BAD("2"); + } + VG_(doneIterFM)( map_locks ); + // scan through admin_locks ... + for (lk = admin_locks; lk; lk = lk->admin) { + // lock is sane. Quite comprehensive, also checks that + // referenced (holder) threads are sane. + if (!HG_(is_sane_LockN)(lk)) BAD("3"); + // map_locks binds guest address back to this lock + if (lk != map_locks_maybe_lookup(lk->guestaddr)) BAD("4"); + // look at all threads mentioned as holders of this lock. Ensure + // this lock is mentioned in their locksets. + if (lk->heldBy) { + Thread* thr; + Word count; + VG_(initIterBag)( lk->heldBy ); + while (VG_(nextIterBag)( lk->heldBy, + (Word*)&thr, &count )) { + // HG_(is_sane_LockN) above ensures these + tl_assert(count >= 1); + tl_assert(HG_(is_sane_Thread)(thr)); + if (!HG_(elemWS)(univ_lsets, thr->locksetA, (Word)lk)) + BAD("6"); + // also check the w-only lockset + if (lk->heldW + && !HG_(elemWS)(univ_lsets, thr->locksetW, (Word)lk)) + BAD("7"); + if ((!lk->heldW) + && HG_(elemWS)(univ_lsets, thr->locksetW, (Word)lk)) + BAD("8"); + } + VG_(doneIterBag)( lk->heldBy ); + } else { + /* lock not held by anybody */ + if (lk->heldW) BAD("9"); /* should be False if !heldBy */ + // since lk is unheld, then (no lockset contains lk) + // hmm, this is really too expensive to check. Hmm. + } + } + + return; + bad: + VG_(printf)("locks__sanity_check: who=\"%s\", bad=\"%s\"\n", who, how); + tl_assert(0); +#undef BAD +} + + +static void all_except_Locks__sanity_check ( Char* who ) { + stats__sanity_checks++; + if (0) VG_(printf)("all_except_Locks__sanity_check(%s)\n", who); + threads__sanity_check(who); + laog__sanity_check(who); +} +static void all__sanity_check ( Char* who ) { + all_except_Locks__sanity_check(who); + locks__sanity_check(who); +} + + +/*----------------------------------------------------------------*/ +/*--- the core memory state machine (msm__* functions) ---*/ +/*----------------------------------------------------------------*/ + +//static WordSetID add_BHL ( WordSetID lockset ) { +// return HG_(addToWS)( univ_lsets, lockset, (Word)__bus_lock_Lock ); +//} +//static WordSetID del_BHL ( WordSetID lockset ) { +// return HG_(delFromWS)( univ_lsets, lockset, (Word)__bus_lock_Lock ); +//} + + +///* Last-lock-lossage records. This mechanism exists to help explain +// to programmers why we are complaining about a race. The idea is to +// monitor all lockset transitions. When a previously nonempty +// lockset becomes empty, the lock(s) that just disappeared (the +// "lossage") are the locks that have consistently protected the +// location (ga_of_access) in question for the longest time. Most of +// the time the lossage-set is a single lock. Because the +// lossage-lock is the one that has survived longest, there is there +// is a good chance that it is indeed the lock that the programmer +// intended to use to protect the location. +// +// Note that we cannot in general just look at the lossage set when we +// see a transition to ShM(...,empty-set), because a transition to an +// empty lockset can happen arbitrarily far before the point where we +// want to report an error. This is in the case where there are many +// transitions ShR -> ShR, all with an empty lockset, and only later +// is there a transition to ShM. So what we want to do is note the +// lossage lock at the point where a ShR -> ShR transition empties out +// the lockset, so we can present it later if there should be a +// transition to ShM. +// +// So this function finds such transitions. For each, it associates +// in ga_to_lastlock, the guest address and the lossage lock. In fact +// we do not record the Lock* directly as that may disappear later, +// but instead the ExeContext inside the Lock which says where it was +// initialised or first locked. ExeContexts are permanent so keeping +// them indefinitely is safe. +// +// A boring detail: the hardware bus lock is not interesting in this +// respect, so we first remove that from the pre/post locksets. +//*/ +// +//static UWord stats__ga_LL_adds = 0; +// +//static WordFM* ga_to_lastlock = NULL; /* GuestAddr -> ExeContext* */ +// +//static +//void record_last_lock_lossage ( Addr ga_of_access, +// WordSetID lset_old, WordSetID lset_new ) +//{ +// Lock* lk; +// Int card_old, card_new; +// +// tl_assert(lset_old != lset_new); +// +// if (0) VG_(printf)("XX1: %d (card %ld) -> %d (card %ld) %#lx\n", +// (Int)lset_old, +// HG_(cardinalityWS)(univ_lsets,lset_old), +// (Int)lset_new, +// HG_(cardinalityWS)(univ_lsets,lset_new), +// ga_of_access ); +// +// /* This is slow, but at least it's simple. The bus hardware lock +// just confuses the logic, so remove it from the locksets we're +// considering before doing anything else. */ +// lset_new = del_BHL( lset_new ); +// +// if (!HG_(isEmptyWS)( univ_lsets, lset_new )) { +// /* The post-transition lock set is not empty. So we are not +// interested. We're only interested in spotting transitions +// that make locksets become empty. */ +// return; +// } +// +// /* lset_new is now empty */ +// card_new = HG_(cardinalityWS)( univ_lsets, lset_new ); +// tl_assert(card_new == 0); +// +// lset_old = del_BHL( lset_old ); +// card_old = HG_(cardinalityWS)( univ_lsets, lset_old ); +// +// if (0) VG_(printf)(" X2: %d (card %d) -> %d (card %d)\n", +// (Int)lset_old, card_old, (Int)lset_new, card_new ); +// +// if (card_old == 0) { +// /* The old lockset was also empty. Not interesting. */ +// return; +// } +// +// tl_assert(card_old > 0); +// tl_assert(!HG_(isEmptyWS)( univ_lsets, lset_old )); +// +// /* Now we know we've got a transition from a nonempty lockset to an +// empty one. So lset_old must be the set of locks lost. Record +// some details. If there is more than one element in the lossage +// set, just choose one arbitrarily -- not the best, but at least +// it's simple. */ +// +// lk = (Lock*)HG_(anyElementOfWS)( univ_lsets, lset_old ); +// if (0) VG_(printf)("lossage %ld %p\n", +// HG_(cardinalityWS)( univ_lsets, lset_old), lk ); +// if (lk->appeared_at) { +// if (ga_to_lastlock == NULL) +// ga_to_lastlock = VG_(newFM)( HG_(zalloc), "hg.rlll.1", HG_(free), NULL ); +// VG_(addToFM)( ga_to_lastlock, ga_of_access, (Word)lk->appeared_at ); +// stats__ga_LL_adds++; +// } +//} +// +///* This queries the table (ga_to_lastlock) made by +// record_last_lock_lossage, when constructing error messages. It +// attempts to find the ExeContext of the allocation or initialisation +// point for the lossage lock associated with 'ga'. */ +// +//static ExeContext* maybe_get_lastlock_initpoint ( Addr ga ) +//{ +// ExeContext* ec_hint = NULL; +// if (ga_to_lastlock != NULL +// && VG_(lookupFM)(ga_to_lastlock, +// NULL, (Word*)&ec_hint, ga)) { +// tl_assert(ec_hint != NULL); +// return ec_hint; +// } else { +// return NULL; +// } +//} + + +/*----------------------------------------------------------------*/ +/*--- Shadow value and address range handlers ---*/ +/*----------------------------------------------------------------*/ + +static void laog__pre_thread_acquires_lock ( Thread*, Lock* ); /* fwds */ +//static void laog__handle_lock_deletions ( WordSetID ); /* fwds */ +static inline Thread* get_current_Thread ( void ); /* fwds */ +__attribute__((noinline)) +static void laog__handle_one_lock_deletion ( Lock* lk ); /* fwds */ + + +/* Block-copy states (needed for implementing realloc()). */ +static void shadow_mem_copy_range ( Addr src, Addr dst, SizeT len ) +{ + libhb_copy_shadow_state( src, dst, len ); +} + +static void shadow_mem_read_range ( Thread* thr, Addr a, SizeT len ) +{ + Thr* hbthr = thr->hbthr; + tl_assert(hbthr); + LIBHB_READ_N(hbthr, a, len); +} + +static void shadow_mem_write_range ( Thread* thr, Addr a, SizeT len ) { + Thr* hbthr = thr->hbthr; + tl_assert(hbthr); + LIBHB_WRITE_N(hbthr, a, len); +} + +static void shadow_mem_make_New ( Thread* thr, Addr a, SizeT len ) +{ + libhb_range_new( thr->hbthr, a, len ); +} + +static void shadow_mem_make_NoAccess ( Thread* thr, Addr aIN, SizeT len ) +{ + if (0 && len > 500) + VG_(printf)("make NoAccess ( %#lx, %ld )\n", aIN, len ); + libhb_range_noaccess( thr->hbthr, aIN, len ); +} + + +/*----------------------------------------------------------------*/ +/*--- Event handlers (evh__* functions) ---*/ +/*--- plus helpers (evhH__* functions) ---*/ +/*----------------------------------------------------------------*/ + +/*--------- Event handler helpers (evhH__* functions) ---------*/ + +/* Create a new segment for 'thr', making it depend (.prev) on its + existing segment, bind together the SegmentID and Segment, and + return both of them. Also update 'thr' so it references the new + Segment. */ +//zz static +//zz void evhH__start_new_segment_for_thread ( /*OUT*/SegmentID* new_segidP, +//zz /*OUT*/Segment** new_segP, +//zz Thread* thr ) +//zz { +//zz Segment* cur_seg; +//zz tl_assert(new_segP); +//zz tl_assert(new_segidP); +//zz tl_assert(HG_(is_sane_Thread)(thr)); +//zz cur_seg = map_segments_lookup( thr->csegid ); +//zz tl_assert(cur_seg); +//zz tl_assert(cur_seg->thr == thr); /* all sane segs should point back +//zz at their owner thread. */ +//zz *new_segP = mk_Segment( thr, cur_seg, NULL/*other*/ ); +//zz *new_segidP = alloc_SegmentID(); +//zz map_segments_add( *new_segidP, *new_segP ); +//zz thr->csegid = *new_segidP; +//zz } + + +/* The lock at 'lock_ga' has acquired a writer. Make all necessary + updates, and also do all possible error checks. */ +static +void evhH__post_thread_w_acquires_lock ( Thread* thr, + LockKind lkk, Addr lock_ga ) +{ + Lock* lk; + + /* Basically what we need to do is call lockN_acquire_writer. + However, that will barf if any 'invalid' lock states would + result. Therefore check before calling. Side effect is that + 'HG_(is_sane_LockN)(lk)' is both a pre- and post-condition of this + routine. + + Because this routine is only called after successful lock + acquisition, we should not be asked to move the lock into any + invalid states. Requests to do so are bugs in libpthread, since + that should have rejected any such requests. */ + + tl_assert(HG_(is_sane_Thread)(thr)); + /* Try to find the lock. If we can't, then create a new one with + kind 'lkk'. */ + lk = map_locks_lookup_or_create( + lkk, lock_ga, map_threads_reverse_lookup_SLOW(thr) ); + tl_assert( HG_(is_sane_LockN)(lk) ); + + /* check libhb level entities exist */ + tl_assert(thr->hbthr); + tl_assert(lk->hbso); + + if (lk->heldBy == NULL) { + /* the lock isn't held. Simple. */ + tl_assert(!lk->heldW); + lockN_acquire_writer( lk, thr ); + /* acquire a dependency from the lock's VCs */ + libhb_so_recv( thr->hbthr, lk->hbso, True/*strong_recv*/ ); + goto noerror; + } + + /* So the lock is already held. If held as a r-lock then + libpthread must be buggy. */ + tl_assert(lk->heldBy); + if (!lk->heldW) { + HG_(record_error_Misc)( + thr, "Bug in libpthread: write lock " + "granted on rwlock which is currently rd-held"); + goto error; + } + + /* So the lock is held in w-mode. If it's held by some other + thread, then libpthread must be buggy. */ + tl_assert(VG_(sizeUniqueBag)(lk->heldBy) == 1); /* from precondition */ + + if (thr != (Thread*)VG_(anyElementOfBag)(lk->heldBy)) { + HG_(record_error_Misc)( + thr, "Bug in libpthread: write lock " + "granted on mutex/rwlock which is currently " + "wr-held by a different thread"); + goto error; + } + + /* So the lock is already held in w-mode by 'thr'. That means this + is an attempt to lock it recursively, which is only allowable + for LK_mbRec kinded locks. Since this routine is called only + once the lock has been acquired, this must also be a libpthread + bug. */ + if (lk->kind != LK_mbRec) { + HG_(record_error_Misc)( + thr, "Bug in libpthread: recursive write lock " + "granted on mutex/wrlock which does not " + "support recursion"); + goto error; + } + + /* So we are recursively re-locking a lock we already w-hold. */ + lockN_acquire_writer( lk, thr ); + /* acquire a dependency from the lock's VC. Probably pointless, + but also harmless. */ + libhb_so_recv( thr->hbthr, lk->hbso, True/*strong_recv*/ ); + goto noerror; + + noerror: + /* check lock order acquisition graph, and update. This has to + happen before the lock is added to the thread's locksetA/W. */ + laog__pre_thread_acquires_lock( thr, lk ); + /* update the thread's held-locks set */ + thr->locksetA = HG_(addToWS)( univ_lsets, thr->locksetA, (Word)lk ); + thr->locksetW = HG_(addToWS)( univ_lsets, thr->locksetW, (Word)lk ); + /* fall through */ + + error: + tl_assert(HG_(is_sane_LockN)(lk)); +} + + +/* The lock at 'lock_ga' has acquired a reader. Make all necessary + updates, and also do all possible error checks. */ +static +void evhH__post_thread_r_acquires_lock ( Thread* thr, + LockKind lkk, Addr lock_ga ) +{ + Lock* lk; + + /* Basically what we need to do is call lockN_acquire_reader. + However, that will barf if any 'invalid' lock states would + result. Therefore check before calling. Side effect is that + 'HG_(is_sane_LockN)(lk)' is both a pre- and post-condition of this + routine. + + Because this routine is only called after successful lock + acquisition, we should not be asked to move the lock into any + invalid states. Requests to do so are bugs in libpthread, since + that should have rejected any such requests. */ + + tl_assert(HG_(is_sane_Thread)(thr)); + /* Try to find the lock. If we can't, then create a new one with + kind 'lkk'. Only a reader-writer lock can be read-locked, + hence the first assertion. */ + tl_assert(lkk == LK_rdwr); + lk = map_locks_lookup_or_create( + lkk, lock_ga, map_threads_reverse_lookup_SLOW(thr) ); + tl_assert( HG_(is_sane_LockN)(lk) ); + + /* check libhb level entities exist */ + tl_assert(thr->hbthr); + tl_assert(lk->hbso); + + if (lk->heldBy == NULL) { + /* the lock isn't held. Simple. */ + tl_assert(!lk->heldW); + lockN_acquire_reader( lk, thr ); + /* acquire a dependency from the lock's VC */ + libhb_so_recv( thr->hbthr, lk->hbso, False/*!strong_recv*/ ); + goto noerror; + } + + /* So the lock is already held. If held as a w-lock then + libpthread must be buggy. */ + tl_assert(lk->heldBy); + if (lk->heldW) { + HG_(record_error_Misc)( thr, "Bug in libpthread: read lock " + "granted on rwlock which is " + "currently wr-held"); + goto error; + } + + /* Easy enough. In short anybody can get a read-lock on a rwlock + provided it is either unlocked or already in rd-held. */ + lockN_acquire_reader( lk, thr ); + /* acquire a dependency from the lock's VC. Probably pointless, + but also harmless. */ + libhb_so_recv( thr->hbthr, lk->hbso, False/*!strong_recv*/ ); + goto noerror; + + noerror: + /* check lock order acquisition graph, and update. This has to + happen before the lock is added to the thread's locksetA/W. */ + laog__pre_thread_acquires_lock( thr, lk ); + /* update the thread's held-locks set */ + thr->locksetA = HG_(addToWS)( univ_lsets, thr->locksetA, (Word)lk ); + /* but don't update thr->locksetW, since lk is only rd-held */ + /* fall through */ + + error: + tl_assert(HG_(is_sane_LockN)(lk)); +} + + +/* The lock at 'lock_ga' is just about to be unlocked. Make all + necessary updates, and also do all possible error checks. */ +static +void evhH__pre_thread_releases_lock ( Thread* thr, + Addr lock_ga, Bool isRDWR ) +{ + Lock* lock; + Word n; + Bool was_heldW; + + /* This routine is called prior to a lock release, before + libpthread has had a chance to validate the call. Hence we need + to detect and reject any attempts to move the lock into an + invalid state. Such attempts are bugs in the client. + + isRDWR is True if we know from the wrapper context that lock_ga + should refer to a reader-writer lock, and is False if [ditto] + lock_ga should refer to a standard mutex. */ + + tl_assert(HG_(is_sane_Thread)(thr)); + lock = map_locks_maybe_lookup( lock_ga ); + + if (!lock) { + /* We know nothing about a lock at 'lock_ga'. Nevertheless + the client is trying to unlock it. So complain, then ignore + the attempt. */ + HG_(record_error_UnlockBogus)( thr, lock_ga ); + return; + } + + tl_assert(lock->guestaddr == lock_ga); + tl_assert(HG_(is_sane_LockN)(lock)); + + if (isRDWR && lock->kind != LK_rdwr) { + HG_(record_error_Misc)( thr, "pthread_rwlock_unlock with a " + "pthread_mutex_t* argument " ); + } + if ((!isRDWR) && lock->kind == LK_rdwr) { + HG_(record_error_Misc)( thr, "pthread_mutex_unlock with a " + "pthread_rwlock_t* argument " ); + } + + if (!lock->heldBy) { + /* The lock is not held. This indicates a serious bug in the + client. */ + tl_assert(!lock->heldW); + HG_(record_error_UnlockUnlocked)( thr, lock ); + tl_assert(!HG_(elemWS)( univ_lsets, thr->locksetA, (Word)lock )); + tl_assert(!HG_(elemWS)( univ_lsets, thr->locksetW, (Word)lock )); + goto error; + } + + /* test just above dominates */ + tl_assert(lock->heldBy); + was_heldW = lock->heldW; + + /* The lock is held. Is this thread one of the holders? If not, + report a bug in the client. */ + n = VG_(elemBag)( lock->heldBy, (Word)thr ); + tl_assert(n >= 0); + if (n == 0) { + /* We are not a current holder of the lock. This is a bug in + the guest, and (per POSIX pthread rules) the unlock + attempt will fail. So just complain and do nothing + else. */ + Thread* realOwner = (Thread*)VG_(anyElementOfBag)( lock->heldBy ); + tl_assert(HG_(is_sane_Thread)(realOwner)); + tl_assert(realOwner != thr); + tl_assert(!HG_(elemWS)( univ_lsets, thr->locksetA, (Word)lock )); + tl_assert(!HG_(elemWS)( univ_lsets, thr->locksetW, (Word)lock )); + HG_(record_error_UnlockForeign)( thr, realOwner, lock ); + goto error; + } + + /* Ok, we hold the lock 'n' times. */ + tl_assert(n >= 1); + + lockN_release( lock, thr ); + + n--; + tl_assert(n >= 0); + + if (n > 0) { + tl_assert(lock->heldBy); + tl_assert(n == VG_(elemBag)( lock->heldBy, (Word)thr )); + /* We still hold the lock. So either it's a recursive lock + or a rwlock which is currently r-held. */ + tl_assert(lock->kind == LK_mbRec + || (lock->kind == LK_rdwr && !lock->heldW)); + tl_assert(HG_(elemWS)( univ_lsets, thr->locksetA, (Word)lock )); + if (lock->heldW) + tl_assert(HG_(elemWS)( univ_lsets, thr->locksetW, (Word)lock )); + else + tl_assert(!HG_(elemWS)( univ_lsets, thr->locksetW, (Word)lock )); + } else { + /* We no longer hold the lock. */ + tl_assert(!lock->heldBy); + tl_assert(lock->heldW == False); + //if (lock->heldBy) { + // tl_assert(0 == VG_(elemBag)( lock->heldBy, (Word)thr )); + //} + /* update this thread's lockset accordingly. */ + thr->locksetA + = HG_(delFromWS)( univ_lsets, thr->locksetA, (Word)lock ); + thr->locksetW + = HG_(delFromWS)( univ_lsets, thr->locksetW, (Word)lock ); + /* push our VC into the lock */ + tl_assert(thr->hbthr); + tl_assert(lock->hbso); + /* If the lock was previously W-held, then we want to do a + strong send, and if previously R-held, then a weak send. */ + libhb_so_send( thr->hbthr, lock->hbso, was_heldW ); + } + /* fall through */ + + error: + tl_assert(HG_(is_sane_LockN)(lock)); +} + + +/* ---------------------------------------------------------- */ +/* -------- Event handlers proper (evh__* functions) -------- */ +/* ---------------------------------------------------------- */ + +/* What is the Thread* for the currently running thread? This is + absolutely performance critical. We receive notifications from the + core for client code starts/stops, and cache the looked-up result + in 'current_Thread'. Hence, for the vast majority of requests, + finding the current thread reduces to a read of a global variable, + provided get_current_Thread_in_C_C is inlined. + + Outside of client code, current_Thread is NULL, and presumably + any uses of it will cause a segfault. Hence: + + - for uses definitely within client code, use + get_current_Thread_in_C_C. + + - for all other uses, use get_current_Thread. +*/ + +static Thread* current_Thread = NULL; + +static void evh__start_client_code ( ThreadId tid, ULong nDisp ) { + if (0) VG_(printf)("start %d %llu\n", (Int)tid, nDisp); + tl_assert(current_Thread == NULL); + current_Thread = map_threads_lookup( tid ); + tl_assert(current_Thread != NULL); +} +static void evh__stop_client_code ( ThreadId tid, ULong nDisp ) { + if (0) VG_(printf)(" stop %d %llu\n", (Int)tid, nDisp); + tl_assert(current_Thread != NULL); + current_Thread = NULL; + libhb_maybe_GC(); +} +static inline Thread* get_current_Thread_in_C_C ( void ) { + return current_Thread; +} +static inline Thread* get_current_Thread ( void ) { + ThreadId coretid; + Thread* thr; + thr = get_current_Thread_in_C_C(); + if (LIKELY(thr)) + return thr; + /* evidently not in client code. Do it the slow way. */ + coretid = VG_(get_running_tid)(); + /* FIXME: get rid of the following kludge. It exists because + evh__new_mem is called during initialisation (as notification + of initial memory layout) and VG_(get_running_tid)() returns + VG_INVALID_THREADID at that point. */ + if (coretid == VG_INVALID_THREADID) + coretid = 1; /* KLUDGE */ + thr = map_threads_lookup( coretid ); + return thr; +} + +static +void evh__new_mem ( Addr a, SizeT len ) { + if (SHOW_EVENTS >= 2) + VG_(printf)("evh__new_mem(%p, %lu)\n", (void*)a, len ); + shadow_mem_make_New( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__new_mem-post"); +} + +static +void evh__new_mem_w_tid ( Addr a, SizeT len, ThreadId tid ) { + if (SHOW_EVENTS >= 2) + VG_(printf)("evh__new_mem_w_tid(%p, %lu)\n", (void*)a, len ); + shadow_mem_make_New( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__new_mem_w_tid-post"); +} + +static +void evh__new_mem_w_perms ( Addr a, SizeT len, + Bool rr, Bool ww, Bool xx, ULong di_handle ) { + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__new_mem_w_perms(%p, %lu, %d,%d,%d)\n", + (void*)a, len, (Int)rr, (Int)ww, (Int)xx ); + if (rr || ww || xx) + shadow_mem_make_New( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__new_mem_w_perms-post"); +} + +static +void evh__set_perms ( Addr a, SizeT len, + Bool rr, Bool ww, Bool xx ) { + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__set_perms(%p, %lu, %d,%d,%d)\n", + (void*)a, len, (Int)rr, (Int)ww, (Int)xx ); + /* Hmm. What should we do here, that actually makes any sense? + Let's say: if neither readable nor writable, then declare it + NoAccess, else leave it alone. */ + if (!(rr || ww)) + shadow_mem_make_NoAccess( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__set_perms-post"); +} + +static +void evh__die_mem ( Addr a, SizeT len ) { + if (SHOW_EVENTS >= 2) + VG_(printf)("evh__die_mem(%p, %lu)\n", (void*)a, len ); + shadow_mem_make_NoAccess( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__die_mem-post"); +} + +static +void evh__pre_thread_ll_create ( ThreadId parent, ThreadId child ) +{ + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__pre_thread_ll_create(p=%d, c=%d)\n", + (Int)parent, (Int)child ); + + if (parent != VG_INVALID_THREADID) { + Thread* thr_p; + Thread* thr_c; + Thr* hbthr_p; + Thr* hbthr_c; + + tl_assert(HG_(is_sane_ThreadId)(parent)); + tl_assert(HG_(is_sane_ThreadId)(child)); + tl_assert(parent != child); + + thr_p = map_threads_maybe_lookup( parent ); + thr_c = map_threads_maybe_lookup( child ); + + tl_assert(thr_p != NULL); + tl_assert(thr_c == NULL); + + hbthr_p = thr_p->hbthr; + tl_assert(hbthr_p != NULL); + tl_assert( libhb_get_Thr_opaque(hbthr_p) == thr_p ); + + hbthr_c = libhb_create ( hbthr_p ); + + /* Create a new thread record for the child. */ + /* a Thread for the new thread ... */ + thr_c = mk_Thread( hbthr_c ); + tl_assert( libhb_get_Thr_opaque(hbthr_c) == NULL ); + libhb_set_Thr_opaque(hbthr_c, thr_c); + + /* and bind it in the thread-map table */ + map_threads[child] = thr_c; + tl_assert(thr_c->coretid == VG_INVALID_THREADID); + thr_c->coretid = child; + + /* Record where the parent is so we can later refer to this in + error messages. + + On amd64-linux, this entails a nasty glibc-2.5 specific hack. + The stack snapshot is taken immediately after the parent has + returned from its sys_clone call. Unfortunately there is no + unwind info for the insn following "syscall" - reading the + glibc sources confirms this. So we ask for a snapshot to be + taken as if RIP was 3 bytes earlier, in a place where there + is unwind info. Sigh. + */ + { Word first_ip_delta = 0; +# if defined(VGP_amd64_linux) + first_ip_delta = -3; +# endif + thr_c->created_at = VG_(record_ExeContext)(parent, first_ip_delta); + } + } + + if (HG_(clo_sanity_flags) & SCE_THREADS) + all__sanity_check("evh__pre_thread_create-post"); +} + +static +void evh__pre_thread_ll_exit ( ThreadId quit_tid ) +{ + Int nHeld; + Thread* thr_q; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__pre_thread_ll_exit(thr=%d)\n", + (Int)quit_tid ); + + /* quit_tid has disappeared without joining to any other thread. + Therefore there is no synchronisation event associated with its + exit and so we have to pretty much treat it as if it was still + alive but mysteriously making no progress. That is because, if + we don't know when it really exited, then we can never say there + is a point in time when we're sure the thread really has + finished, and so we need to consider the possibility that it + lingers indefinitely and continues to interact with other + threads. */ + /* However, it might have rendezvous'd with a thread that called + pthread_join with this one as arg, prior to this point (that's + how NPTL works). In which case there has already been a prior + sync event. So in any case, just let the thread exit. On NPTL, + all thread exits go through here. */ + tl_assert(HG_(is_sane_ThreadId)(quit_tid)); + thr_q = map_threads_maybe_lookup( quit_tid ); + tl_assert(thr_q != NULL); + + /* Complain if this thread holds any locks. */ + nHeld = HG_(cardinalityWS)( univ_lsets, thr_q->locksetA ); + tl_assert(nHeld >= 0); + if (nHeld > 0) { + HChar buf[80]; + VG_(sprintf)(buf, "Exiting thread still holds %d lock%s", + nHeld, nHeld > 1 ? "s" : ""); + HG_(record_error_Misc)( thr_q, buf ); + } + + /* About the only thing we do need to do is clear the map_threads + entry, in order that the Valgrind core can re-use it. */ + tl_assert(thr_q->coretid == quit_tid); + thr_q->coretid = VG_INVALID_THREADID; + map_threads_delete( quit_tid ); + + if (HG_(clo_sanity_flags) & SCE_THREADS) + all__sanity_check("evh__pre_thread_ll_exit-post"); +} + + +static +void evh__HG_PTHREAD_JOIN_POST ( ThreadId stay_tid, Thread* quit_thr ) +{ + Thread* thr_s; + Thread* thr_q; + Thr* hbthr_s; + Thr* hbthr_q; + SO* so; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__post_thread_join(stayer=%d, quitter=%p)\n", + (Int)stay_tid, quit_thr ); + + tl_assert(HG_(is_sane_ThreadId)(stay_tid)); + + thr_s = map_threads_maybe_lookup( stay_tid ); + thr_q = quit_thr; + tl_assert(thr_s != NULL); + tl_assert(thr_q != NULL); + tl_assert(thr_s != thr_q); + + hbthr_s = thr_s->hbthr; + hbthr_q = thr_q->hbthr; + tl_assert(hbthr_s != hbthr_q); + tl_assert( libhb_get_Thr_opaque(hbthr_s) == thr_s ); + tl_assert( libhb_get_Thr_opaque(hbthr_q) == thr_q ); + + /* Allocate a temporary synchronisation object and use it to send + an imaginary message from the quitter to the stayer, the purpose + being to generate a dependence from the quitter to the + stayer. */ + so = libhb_so_alloc(); + tl_assert(so); + libhb_so_send(hbthr_q, so, True/*strong_send*/); + libhb_so_recv(hbthr_s, so, True/*strong_recv*/); + libhb_so_dealloc(so); + + /* evh__pre_thread_ll_exit issues an error message if the exiting + thread holds any locks. No need to check here. */ + + /* This holds because, at least when using NPTL as the thread + library, we should be notified the low level thread exit before + we hear of any join event on it. The low level exit + notification feeds through into evh__pre_thread_ll_exit, + which should clear the map_threads entry for it. Hence we + expect there to be no map_threads entry at this point. */ + tl_assert( map_threads_maybe_reverse_lookup_SLOW(thr_q) + == VG_INVALID_THREADID); + + if (HG_(clo_sanity_flags) & SCE_THREADS) + all__sanity_check("evh__post_thread_join-post"); +} + +static +void evh__pre_mem_read ( CorePart part, ThreadId tid, Char* s, + Addr a, SizeT size) { + if (SHOW_EVENTS >= 2 + || (SHOW_EVENTS >= 1 && size != 1)) + VG_(printf)("evh__pre_mem_read(ctid=%d, \"%s\", %p, %lu)\n", + (Int)tid, s, (void*)a, size ); + shadow_mem_read_range( map_threads_lookup(tid), a, size); + if (size >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__pre_mem_read-post"); +} + +static +void evh__pre_mem_read_asciiz ( CorePart part, ThreadId tid, + Char* s, Addr a ) { + Int len; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__pre_mem_asciiz(ctid=%d, \"%s\", %p)\n", + (Int)tid, s, (void*)a ); + // FIXME: think of a less ugly hack + len = VG_(strlen)( (Char*) a ); + shadow_mem_read_range( map_threads_lookup(tid), a, len+1 ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__pre_mem_read_asciiz-post"); +} + +static +void evh__pre_mem_write ( CorePart part, ThreadId tid, Char* s, + Addr a, SizeT size ) { + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__pre_mem_write(ctid=%d, \"%s\", %p, %lu)\n", + (Int)tid, s, (void*)a, size ); + shadow_mem_write_range( map_threads_lookup(tid), a, size); + if (size >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__pre_mem_write-post"); +} + +static +void evh__new_mem_heap ( Addr a, SizeT len, Bool is_inited ) { + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__new_mem_heap(%p, %lu, inited=%d)\n", + (void*)a, len, (Int)is_inited ); + // FIXME: this is kinda stupid + if (is_inited) { + shadow_mem_make_New(get_current_Thread(), a, len); + } else { + shadow_mem_make_New(get_current_Thread(), a, len); + } + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__pre_mem_read-post"); +} + +static +void evh__die_mem_heap ( Addr a, SizeT len ) { + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__die_mem_heap(%p, %lu)\n", (void*)a, len ); + shadow_mem_make_NoAccess( get_current_Thread(), a, len ); + if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) + all__sanity_check("evh__pre_mem_read-post"); +} + +static VG_REGPARM(1) +void evh__mem_help_read_1(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_READ_1(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_read_2(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_READ_2(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_read_4(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_READ_4(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_read_8(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_READ_8(hbthr, a); +} + +static VG_REGPARM(2) +void evh__mem_help_read_N(Addr a, SizeT size) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_READ_N(hbthr, a, size); +} + +static VG_REGPARM(1) +void evh__mem_help_write_1(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_WRITE_1(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_write_2(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_WRITE_2(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_write_4(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_WRITE_4(hbthr, a); +} + +static VG_REGPARM(1) +void evh__mem_help_write_8(Addr a) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_WRITE_8(hbthr, a); +} + +static VG_REGPARM(2) +void evh__mem_help_write_N(Addr a, SizeT size) { + Thread* thr = get_current_Thread_in_C_C(); + Thr* hbthr = thr->hbthr; + LIBHB_WRITE_N(hbthr, a, size); +} + +//static void evh__bus_lock(void) { +// Thread* thr; +// if (0) VG_(printf)("evh__bus_lock()\n"); +// thr = get_current_Thread(); +// tl_assert(thr); /* cannot fail - Thread* must already exist */ +// evhH__post_thread_w_acquires_lock( thr, LK_nonRec, (Addr)&__bus_lock ); +//} +//static void evh__bus_unlock(void) { +// Thread* thr; +// if (0) VG_(printf)("evh__bus_unlock()\n"); +// thr = get_current_Thread(); +// tl_assert(thr); /* cannot fail - Thread* must already exist */ +// evhH__pre_thread_releases_lock( thr, (Addr)&__bus_lock, False/*!isRDWR*/ ); +//} + +/* ------------------------------------------------------- */ +/* -------------- events to do with mutexes -------------- */ +/* ------------------------------------------------------- */ + +/* EXPOSITION only: by intercepting lock init events we can show the + user where the lock was initialised, rather than only being able to + show where it was first locked. Intercepting lock initialisations + is not necessary for the basic operation of the race checker. */ +static +void evh__HG_PTHREAD_MUTEX_INIT_POST( ThreadId tid, + void* mutex, Word mbRec ) +{ + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_MUTEX_INIT_POST(ctid=%d, mbRec=%ld, %p)\n", + (Int)tid, mbRec, (void*)mutex ); + tl_assert(mbRec == 0 || mbRec == 1); + map_locks_lookup_or_create( mbRec ? LK_mbRec : LK_nonRec, + (Addr)mutex, tid ); + if (HG_(clo_sanity_flags) & SCE_LOCKS) + all__sanity_check("evh__hg_PTHREAD_MUTEX_INIT_POST"); +} + +static +void evh__HG_PTHREAD_MUTEX_DESTROY_PRE( ThreadId tid, void* mutex ) +{ + Thread* thr; + Lock* lk; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_MUTEX_DESTROY_PRE(ctid=%d, %p)\n", + (Int)tid, (void*)mutex ); + + thr = map_threads_maybe_lookup( tid ); + /* cannot fail - Thread* must already exist */ + tl_assert( HG_(is_sane_Thread)(thr) ); + + lk = map_locks_maybe_lookup( (Addr)mutex ); + + if (lk == NULL || (lk->kind != LK_nonRec && lk->kind != LK_mbRec)) { + HG_(record_error_Misc)( + thr, "pthread_mutex_destroy with invalid argument" ); + } + + if (lk) { + tl_assert( HG_(is_sane_LockN)(lk) ); + tl_assert( lk->guestaddr == (Addr)mutex ); + if (lk->heldBy) { + /* Basically act like we unlocked the lock */ + HG_(record_error_Misc)( + thr, "pthread_mutex_destroy of a locked mutex" ); + /* remove lock from locksets of all owning threads */ + remove_Lock_from_locksets_of_all_owning_Threads( lk ); + VG_(deleteBag)( lk->heldBy ); + lk->heldBy = NULL; + lk->heldW = False; + lk->acquired_at = NULL; + } + tl_assert( !lk->heldBy ); + tl_assert( HG_(is_sane_LockN)(lk) ); + + laog__handle_one_lock_deletion(lk); + map_locks_delete( lk->guestaddr ); + del_LockN( lk ); + } + + if (HG_(clo_sanity_flags) & SCE_LOCKS) + all__sanity_check("evh__hg_PTHREAD_MUTEX_DESTROY_PRE"); +} + +static void evh__HG_PTHREAD_MUTEX_LOCK_PRE ( ThreadId tid, + void* mutex, Word isTryLock ) +{ + /* Just check the mutex is sane; nothing else to do. */ + // 'mutex' may be invalid - not checked by wrapper + Thread* thr; + Lock* lk; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_MUTEX_LOCK_PRE(ctid=%d, mutex=%p)\n", + (Int)tid, (void*)mutex ); + + tl_assert(isTryLock == 0 || isTryLock == 1); + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + lk = map_locks_maybe_lookup( (Addr)mutex ); + + if (lk && (lk->kind == LK_rdwr)) { + HG_(record_error_Misc)( thr, "pthread_mutex_lock with a " + "pthread_rwlock_t* argument " ); + } + + if ( lk + && isTryLock == 0 + && (lk->kind == LK_nonRec || lk->kind == LK_rdwr) + && lk->heldBy + && lk->heldW + && VG_(elemBag)( lk->heldBy, (Word)thr ) > 0 ) { + /* uh, it's a non-recursive lock and we already w-hold it, and + this is a real lock operation (not a speculative "tryLock" + kind of thing). Duh. Deadlock coming up; but at least + produce an error message. */ + HG_(record_error_Misc)( thr, "Attempt to re-lock a " + "non-recursive lock I already hold" ); + } +} + +static void evh__HG_PTHREAD_MUTEX_LOCK_POST ( ThreadId tid, void* mutex ) +{ + // only called if the real library call succeeded - so mutex is sane + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_MUTEX_LOCK_POST(ctid=%d, mutex=%p)\n", + (Int)tid, (void*)mutex ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + evhH__post_thread_w_acquires_lock( + thr, + LK_mbRec, /* if not known, create new lock with this LockKind */ + (Addr)mutex + ); +} + +static void evh__HG_PTHREAD_MUTEX_UNLOCK_PRE ( ThreadId tid, void* mutex ) +{ + // 'mutex' may be invalid - not checked by wrapper + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_MUTEX_UNLOCK_PRE(ctid=%d, mutex=%p)\n", + (Int)tid, (void*)mutex ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + evhH__pre_thread_releases_lock( thr, (Addr)mutex, False/*!isRDWR*/ ); +} + +static void evh__HG_PTHREAD_MUTEX_UNLOCK_POST ( ThreadId tid, void* mutex ) +{ + // only called if the real library call succeeded - so mutex is sane + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_MUTEX_UNLOCK_POST(ctid=%d, mutex=%p)\n", + (Int)tid, (void*)mutex ); + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // anything we should do here? +} + + +/* ----------------------------------------------------- */ +/* --------------- events to do with CVs --------------- */ +/* ----------------------------------------------------- */ + +/* A mapping from CV to the SO associated with it. When the CV is + signalled/broadcasted upon, we do a 'send' into the SO, and when a + wait on it completes, we do a 'recv' from the SO. This is believed + to give the correct happens-before events arising from CV + signallings/broadcasts. +*/ + +/* pthread_mutex_cond* -> SO* */ +static WordFM* map_cond_to_SO = NULL; + +static void map_cond_to_SO_INIT ( void ) { + if (UNLIKELY(map_cond_to_SO == NULL)) { + map_cond_to_SO = VG_(newFM)( HG_(zalloc), + "hg.mctSI.1", HG_(free), NULL ); + tl_assert(map_cond_to_SO != NULL); + } +} + +static SO* map_cond_to_SO_lookup_or_alloc ( void* cond ) { + UWord key, val; + map_cond_to_SO_INIT(); + if (VG_(lookupFM)( map_cond_to_SO, &key, &val, (UWord)cond )) { + tl_assert(key == (UWord)cond); + return (SO*)val; + } else { + SO* so = libhb_so_alloc(); + VG_(addToFM)( map_cond_to_SO, (UWord)cond, (UWord)so ); + return so; + } +} + +static void map_cond_to_SO_delete ( void* cond ) { + UWord keyW, valW; + map_cond_to_SO_INIT(); + if (VG_(delFromFM)( map_cond_to_SO, &keyW, &valW, (UWord)cond )) { + SO* so = (SO*)valW; + tl_assert(keyW == (UWord)cond); + libhb_so_dealloc(so); + } +} + +static void evh__HG_PTHREAD_COND_SIGNAL_PRE ( ThreadId tid, void* cond ) +{ + /* 'tid' has signalled on 'cond'. As per the comment above, bind + cond to a SO if it is not already so bound, and 'send' on the + SO. This is later used by other thread(s) which successfully + exit from a pthread_cond_wait on the same cv; then they 'recv' + from the SO, thereby acquiring a dependency on this signalling + event. */ + Thread* thr; + SO* so; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_COND_SIGNAL_PRE(ctid=%d, cond=%p)\n", + (Int)tid, (void*)cond ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // error-if: mutex is bogus + // error-if: mutex is not locked + + so = map_cond_to_SO_lookup_or_alloc( cond ); + tl_assert(so); + + libhb_so_send( thr->hbthr, so, True/*strong_send*/ ); +} + +/* returns True if it reckons 'mutex' is valid and held by this + thread, else False */ +static Bool evh__HG_PTHREAD_COND_WAIT_PRE ( ThreadId tid, + void* cond, void* mutex ) +{ + Thread* thr; + Lock* lk; + Bool lk_valid = True; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_COND_WAIT_PRE" + "(ctid=%d, cond=%p, mutex=%p)\n", + (Int)tid, (void*)cond, (void*)mutex ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + lk = map_locks_maybe_lookup( (Addr)mutex ); + + /* Check for stupid mutex arguments. There are various ways to be + a bozo. Only complain once, though, even if more than one thing + is wrong. */ + if (lk == NULL) { + lk_valid = False; + HG_(record_error_Misc)( + thr, + "pthread_cond_{timed}wait called with invalid mutex" ); + } else { + tl_assert( HG_(is_sane_LockN)(lk) ); + if (lk->kind == LK_rdwr) { + lk_valid = False; + HG_(record_error_Misc)( + thr, "pthread_cond_{timed}wait called with mutex " + "of type pthread_rwlock_t*" ); + } else + if (lk->heldBy == NULL) { + lk_valid = False; + HG_(record_error_Misc)( + thr, "pthread_cond_{timed}wait called with un-held mutex"); + } else + if (lk->heldBy != NULL + && VG_(elemBag)( lk->heldBy, (Word)thr ) == 0) { + lk_valid = False; + HG_(record_error_Misc)( + thr, "pthread_cond_{timed}wait called with mutex " + "held by a different thread" ); + } + } + + // error-if: cond is also associated with a different mutex + + return lk_valid; +} + +static void evh__HG_PTHREAD_COND_WAIT_POST ( ThreadId tid, + void* cond, void* mutex ) +{ + /* A pthread_cond_wait(cond, mutex) completed successfully. Find + the SO for this cond, and 'recv' from it so as to acquire a + dependency edge back to the signaller/broadcaster. */ + Thread* thr; + SO* so; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_COND_WAIT_POST" + "(ctid=%d, cond=%p, mutex=%p)\n", + (Int)tid, (void*)cond, (void*)mutex ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // error-if: cond is also associated with a different mutex + + so = map_cond_to_SO_lookup_or_alloc( cond ); + tl_assert(so); + + if (!libhb_so_everSent(so)) { + /* Hmm. How can a wait on 'cond' succeed if nobody signalled + it? If this happened it would surely be a bug in the threads + library. Or one of those fabled "spurious wakeups". */ + HG_(record_error_Misc)( thr, "Bug in libpthread: pthread_cond_wait " + "succeeded on" + " without prior pthread_cond_post"); + } + + /* anyway, acquire a dependency on it. */ + libhb_so_recv( thr->hbthr, so, True/*strong_recv*/ ); +} + +static void evh__HG_PTHREAD_COND_DESTROY_PRE ( ThreadId tid, + void* cond ) +{ + /* Deal with destroy events. The only purpose is to free storage + associated with the CV, so as to avoid any possible resource + leaks. */ + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_COND_DESTROY_PRE" + "(ctid=%d, cond=%p)\n", + (Int)tid, (void*)cond ); + + map_cond_to_SO_delete( cond ); +} + + +/* ------------------------------------------------------- */ +/* -------------- events to do with rwlocks -------------- */ +/* ------------------------------------------------------- */ + +/* EXPOSITION only */ +static +void evh__HG_PTHREAD_RWLOCK_INIT_POST( ThreadId tid, void* rwl ) +{ + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_RWLOCK_INIT_POST(ctid=%d, %p)\n", + (Int)tid, (void*)rwl ); + map_locks_lookup_or_create( LK_rdwr, (Addr)rwl, tid ); + if (HG_(clo_sanity_flags) & SCE_LOCKS) + all__sanity_check("evh__hg_PTHREAD_RWLOCK_INIT_POST"); +} + +static +void evh__HG_PTHREAD_RWLOCK_DESTROY_PRE( ThreadId tid, void* rwl ) +{ + Thread* thr; + Lock* lk; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_RWLOCK_DESTROY_PRE(ctid=%d, %p)\n", + (Int)tid, (void*)rwl ); + + thr = map_threads_maybe_lookup( tid ); + /* cannot fail - Thread* must already exist */ + tl_assert( HG_(is_sane_Thread)(thr) ); + + lk = map_locks_maybe_lookup( (Addr)rwl ); + + if (lk == NULL || lk->kind != LK_rdwr) { + HG_(record_error_Misc)( + thr, "pthread_rwlock_destroy with invalid argument" ); + } + + if (lk) { + tl_assert( HG_(is_sane_LockN)(lk) ); + tl_assert( lk->guestaddr == (Addr)rwl ); + if (lk->heldBy) { + /* Basically act like we unlocked the lock */ + HG_(record_error_Misc)( + thr, "pthread_rwlock_destroy of a locked mutex" ); + /* remove lock from locksets of all owning threads */ + remove_Lock_from_locksets_of_all_owning_Threads( lk ); + VG_(deleteBag)( lk->heldBy ); + lk->heldBy = NULL; + lk->heldW = False; + lk->acquired_at = NULL; + } + tl_assert( !lk->heldBy ); + tl_assert( HG_(is_sane_LockN)(lk) ); + + laog__handle_one_lock_deletion(lk); + map_locks_delete( lk->guestaddr ); + del_LockN( lk ); + } + + if (HG_(clo_sanity_flags) & SCE_LOCKS) + all__sanity_check("evh__hg_PTHREAD_RWLOCK_DESTROY_PRE"); +} + +static +void evh__HG_PTHREAD_RWLOCK_LOCK_PRE ( ThreadId tid, + void* rwl, + Word isW, Word isTryLock ) +{ + /* Just check the rwl is sane; nothing else to do. */ + // 'rwl' may be invalid - not checked by wrapper + Thread* thr; + Lock* lk; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_RWLOCK_LOCK_PRE(ctid=%d, isW=%d, %p)\n", + (Int)tid, (Int)isW, (void*)rwl ); + + tl_assert(isW == 0 || isW == 1); /* assured us by wrapper */ + tl_assert(isTryLock == 0 || isTryLock == 1); /* assured us by wrapper */ + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + lk = map_locks_maybe_lookup( (Addr)rwl ); + if ( lk + && (lk->kind == LK_nonRec || lk->kind == LK_mbRec) ) { + /* Wrong kind of lock. Duh. */ + HG_(record_error_Misc)( + thr, "pthread_rwlock_{rd,rw}lock with a " + "pthread_mutex_t* argument " ); + } +} + +static +void evh__HG_PTHREAD_RWLOCK_LOCK_POST ( ThreadId tid, void* rwl, Word isW ) +{ + // only called if the real library call succeeded - so mutex is sane + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_RWLOCK_LOCK_POST(ctid=%d, isW=%d, %p)\n", + (Int)tid, (Int)isW, (void*)rwl ); + + tl_assert(isW == 0 || isW == 1); /* assured us by wrapper */ + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + (isW ? evhH__post_thread_w_acquires_lock + : evhH__post_thread_r_acquires_lock)( + thr, + LK_rdwr, /* if not known, create new lock with this LockKind */ + (Addr)rwl + ); +} + +static void evh__HG_PTHREAD_RWLOCK_UNLOCK_PRE ( ThreadId tid, void* rwl ) +{ + // 'rwl' may be invalid - not checked by wrapper + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_RWLOCK_UNLOCK_PRE(ctid=%d, rwl=%p)\n", + (Int)tid, (void*)rwl ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + evhH__pre_thread_releases_lock( thr, (Addr)rwl, True/*isRDWR*/ ); +} + +static void evh__HG_PTHREAD_RWLOCK_UNLOCK_POST ( ThreadId tid, void* rwl ) +{ + // only called if the real library call succeeded - so mutex is sane + Thread* thr; + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__hg_PTHREAD_RWLOCK_UNLOCK_POST(ctid=%d, rwl=%p)\n", + (Int)tid, (void*)rwl ); + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // anything we should do here? +} + + +/* ---------------------------------------------------------- */ +/* -------------- events to do with semaphores -------------- */ +/* ---------------------------------------------------------- */ + +/* This is similar to but not identical to the handling for condition + variables. */ + +/* For each semaphore, we maintain a stack of SOs. When a 'post' + operation is done on a semaphore (unlocking, essentially), a new SO + is created for the posting thread, the posting thread does a strong + send to it (which merely installs the posting thread's VC in the + SO), and the SO is pushed on the semaphore's stack. + + Later, when a (probably different) thread completes 'wait' on the + semaphore, we pop a SO off the semaphore's stack (which should be + nonempty), and do a strong recv from it. This mechanism creates + dependencies between posters and waiters of the semaphore. + + It may not be necessary to use a stack - perhaps a bag of SOs would + do. But we do need to keep track of how many unused-up posts have + happened for the semaphore. + + Imagine T1 and T2 both post once on a semaphore S, and T3 waits + twice on S. T3 cannot complete its waits without both T1 and T2 + posting. The above mechanism will ensure that T3 acquires + dependencies on both T1 and T2. + + When a semaphore is initialised with value N, we do as if we'd + posted N times on the semaphore: basically create N SOs and do a + strong send to all of then. This allows up to N waits on the + semaphore to acquire a dependency on the initialisation point, + which AFAICS is the correct behaviour. + + We don't emit an error for DESTROY_PRE on a semaphore we don't know + about. We should. +*/ + +/* sem_t* -> XArray* SO* */ +static WordFM* map_sem_to_SO_stack = NULL; + +static void map_sem_to_SO_stack_INIT ( void ) { + if (map_sem_to_SO_stack == NULL) { + map_sem_to_SO_stack = VG_(newFM)( HG_(zalloc), "hg.mstSs.1", + HG_(free), NULL ); + tl_assert(map_sem_to_SO_stack != NULL); + } +} + +static void push_SO_for_sem ( void* sem, SO* so ) { + UWord keyW; + XArray* xa; + tl_assert(so); + map_sem_to_SO_stack_INIT(); + if (VG_(lookupFM)( map_sem_to_SO_stack, + &keyW, (UWord*)&xa, (UWord)sem )) { + tl_assert(keyW == (UWord)sem); + tl_assert(xa); + VG_(addToXA)( xa, &so ); + } else { + xa = VG_(newXA)( HG_(zalloc), "hg.pSfs.1", HG_(free), sizeof(SO*) ); + VG_(addToXA)( xa, &so ); + VG_(addToFM)( map_sem_to_SO_stack, (Word)sem, (Word)xa ); + } +} + +static SO* mb_pop_SO_for_sem ( void* sem ) { + UWord keyW; + XArray* xa; + SO* so; + map_sem_to_SO_stack_INIT(); + if (VG_(lookupFM)( map_sem_to_SO_stack, + &keyW, (UWord*)&xa, (UWord)sem )) { + /* xa is the stack for this semaphore. */ + Word sz; + tl_assert(keyW == (UWord)sem); + sz = VG_(sizeXA)( xa ); + tl_assert(sz >= 0); + if (sz == 0) + return NULL; /* odd, the stack is empty */ + so = *(SO**)VG_(indexXA)( xa, sz-1 ); + tl_assert(so); + VG_(dropTailXA)( xa, 1 ); + return so; + } else { + /* hmm, that's odd. No stack for this semaphore. */ + return NULL; + } +} + +static void evh__HG_POSIX_SEM_DESTROY_PRE ( ThreadId tid, void* sem ) +{ + UWord keyW, valW; + SO* so; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_POSIX_SEM_DESTROY_PRE(ctid=%d, sem=%p)\n", + (Int)tid, (void*)sem ); + + map_sem_to_SO_stack_INIT(); + + /* Empty out the semaphore's SO stack. This way of doing it is + stupid, but at least it's easy. */ + while (1) { + so = mb_pop_SO_for_sem( sem ); + if (!so) break; + libhb_so_dealloc(so); + } + + if (VG_(delFromFM)( map_sem_to_SO_stack, &keyW, &valW, (UWord)sem )) { + XArray* xa = (XArray*)valW; + tl_assert(keyW == (UWord)sem); + tl_assert(xa); + tl_assert(VG_(sizeXA)(xa) == 0); /* preceding loop just emptied it */ + VG_(deleteXA)(xa); + } +} + +static +void evh__HG_POSIX_SEM_INIT_POST ( ThreadId tid, void* sem, UWord value ) +{ + SO* so; + Thread* thr; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_POSIX_SEM_INIT_POST(ctid=%d, sem=%p, value=%lu)\n", + (Int)tid, (void*)sem, value ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + /* Empty out the semaphore's SO stack. This way of doing it is + stupid, but at least it's easy. */ + while (1) { + so = mb_pop_SO_for_sem( sem ); + if (!so) break; + libhb_so_dealloc(so); + } + + /* If we don't do this check, the following while loop runs us out + of memory for stupid initial values of 'value'. */ + if (value > 10000) { + HG_(record_error_Misc)( + thr, "sem_init: initial value exceeds 10000; using 10000" ); + value = 10000; + } + + /* Now create 'valid' new SOs for the thread, do a strong send to + each of them, and push them all on the stack. */ + for (; value > 0; value--) { + Thr* hbthr = thr->hbthr; + tl_assert(hbthr); + + so = libhb_so_alloc(); + libhb_so_send( hbthr, so, True/*strong send*/ ); + push_SO_for_sem( sem, so ); + } +} + +static void evh__HG_POSIX_SEM_POST_PRE ( ThreadId tid, void* sem ) +{ + /* 'tid' has posted on 'sem'. Create a new SO, do a strong send to + it (iow, write our VC into it, then tick ours), and push the SO + on on a stack of SOs associated with 'sem'. This is later used + by other thread(s) which successfully exit from a sem_wait on + the same sem; by doing a strong recv from SOs popped of the + stack, they acquire dependencies on the posting thread + segment(s). */ + + Thread* thr; + SO* so; + Thr* hbthr; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_POSIX_SEM_POST_PRE(ctid=%d, sem=%p)\n", + (Int)tid, (void*)sem ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // error-if: sem is bogus + + hbthr = thr->hbthr; + tl_assert(hbthr); + + so = libhb_so_alloc(); + libhb_so_send( hbthr, so, True/*strong send*/ ); + push_SO_for_sem( sem, so ); +} + +static void evh__HG_POSIX_SEM_WAIT_POST ( ThreadId tid, void* sem ) +{ + /* A sem_wait(sem) completed successfully. Pop the posting-SO for + the 'sem' from this semaphore's SO-stack, and do a strong recv + from it. This creates a dependency back to one of the post-ers + for the semaphore. */ + + Thread* thr; + SO* so; + Thr* hbthr; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_POSIX_SEM_WAIT_POST(ctid=%d, sem=%p)\n", + (Int)tid, (void*)sem ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + // error-if: sem is bogus + + so = mb_pop_SO_for_sem( sem ); + + if (so) { + hbthr = thr->hbthr; + tl_assert(hbthr); + + libhb_so_recv( hbthr, so, True/*strong recv*/ ); + libhb_so_dealloc(so); + } else { + /* Hmm. How can a wait on 'sem' succeed if nobody posted to it? + If this happened it would surely be a bug in the threads + library. */ + HG_(record_error_Misc)( + thr, "Bug in libpthread: sem_wait succeeded on" + " semaphore without prior sem_post"); + } +} + + +/* -------------------------------------------------------- */ +/* -------------- events to do with barriers -------------- */ +/* -------------------------------------------------------- */ + +typedef + struct { + Bool initted; /* has it yet been initted by guest? */ + UWord size; /* declared size */ + XArray* waiting; /* XA of Thread*. # present is 0 .. .size */ + } + Bar; + +static Bar* new_Bar ( void ) { + Bar* bar = HG_(zalloc)( "hg.nB.1 (new_Bar)", sizeof(Bar) ); + tl_assert(bar); + /* all fields are zero */ + tl_assert(bar->initted == False); + return bar; +} + +static void delete_Bar ( Bar* bar ) { + tl_assert(bar); + if (bar->waiting) + VG_(deleteXA)(bar->waiting); + HG_(free)(bar); +} + +/* A mapping which stores auxiliary data for barriers. */ + +/* pthread_barrier_t* -> Bar* */ +static WordFM* map_barrier_to_Bar = NULL; + +static void map_barrier_to_Bar_INIT ( void ) { + if (UNLIKELY(map_barrier_to_Bar == NULL)) { + map_barrier_to_Bar = VG_(newFM)( HG_(zalloc), + "hg.mbtBI.1", HG_(free), NULL ); + tl_assert(map_barrier_to_Bar != NULL); + } +} + +static Bar* map_barrier_to_Bar_lookup_or_alloc ( void* barrier ) { + UWord key, val; + map_barrier_to_Bar_INIT(); + if (VG_(lookupFM)( map_barrier_to_Bar, &key, &val, (UWord)barrier )) { + tl_assert(key == (UWord)barrier); + return (Bar*)val; + } else { + Bar* bar = new_Bar(); + VG_(addToFM)( map_barrier_to_Bar, (UWord)barrier, (UWord)bar ); + return bar; + } +} + +static void map_barrier_to_Bar_delete ( void* barrier ) { + UWord keyW, valW; + map_barrier_to_Bar_INIT(); + if (VG_(delFromFM)( map_barrier_to_Bar, &keyW, &valW, (UWord)barrier )) { + Bar* bar = (Bar*)valW; + tl_assert(keyW == (UWord)barrier); + delete_Bar(bar); + } +} + + +static void evh__HG_PTHREAD_BARRIER_INIT_PRE ( ThreadId tid, + void* barrier, + UWord count ) +{ + Thread* thr; + Bar* bar; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_BARRIER_INIT_PRE" + "(tid=%d, barrier=%p, count=%lu)\n", + (Int)tid, (void*)barrier, count ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + if (count == 0) { + HG_(record_error_Misc)( + thr, "pthread_barrier_init: 'count' argument is zero" + ); + } + + bar = map_barrier_to_Bar_lookup_or_alloc(barrier); + tl_assert(bar); + + if (bar->initted) { + HG_(record_error_Misc)( + thr, "pthread_barrier_init: barrier is already initialised" + ); + } + + if (bar->waiting && VG_(sizeXA)(bar->waiting) > 0) { + tl_assert(bar->initted); + HG_(record_error_Misc)( + thr, "pthread_barrier_init: threads are waiting at barrier" + ); + VG_(dropTailXA)(bar->waiting, VG_(sizeXA)(bar->waiting)); + } + if (!bar->waiting) { + bar->waiting = VG_(newXA)( HG_(zalloc), "hg.eHPBIP.1", HG_(free), + sizeof(Thread*) ); + } + + tl_assert(bar->waiting); + tl_assert(VG_(sizeXA)(bar->waiting) == 0); + bar->initted = True; + bar->size = count; +} + + +static void evh__HG_PTHREAD_BARRIER_DESTROY_PRE ( ThreadId tid, + void* barrier ) +{ + Thread* thr; + Bar* bar; + + /* Deal with destroy events. The only purpose is to free storage + associated with the barrier, so as to avoid any possible + resource leaks. */ + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_BARRIER_DESTROY_PRE" + "(tid=%d, barrier=%p)\n", + (Int)tid, (void*)barrier ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + bar = map_barrier_to_Bar_lookup_or_alloc(barrier); + tl_assert(bar); + + if (!bar->initted) { + HG_(record_error_Misc)( + thr, "pthread_barrier_destroy: barrier was never initialised" + ); + } + + if (bar->initted && bar->waiting && VG_(sizeXA)(bar->waiting) > 0) { + HG_(record_error_Misc)( + thr, "pthread_barrier_destroy: threads are waiting at barrier" + ); + } + + /* Maybe we shouldn't do this; just let it persist, so that when it + is reinitialised we don't need to do any dynamic memory + allocation? The downside is a potentially unlimited space leak, + if the client creates (in turn) a large number of barriers all + at different locations. Note that if we do later move to the + don't-delete-it scheme, we need to mark the barrier as + uninitialised again since otherwise a later _init call will + elicit a duplicate-init error. */ + map_barrier_to_Bar_delete( barrier ); +} + + +static void evh__HG_PTHREAD_BARRIER_WAIT_PRE ( ThreadId tid, + void* barrier ) +{ + /* This function gets called after a client thread calls + pthread_barrier_wait but before it arrives at the real + pthread_barrier_wait. + + Why is the following correct? It's a bit subtle. + + If this is not the last thread arriving at the barrier, we simply + note its presence and return. Because valgrind (at least as of + Nov 08) is single threaded, we are guaranteed safe from any race + conditions when in this function -- no other client threads are + running. + + If this is the last thread, then we are again the only running + thread. All the other threads will have either arrived at the + real pthread_barrier_wait or are on their way to it, but in any + case are guaranteed not to be able to move past it, because this + thread is currently in this function and so has not yet arrived + at the real pthread_barrier_wait. That means that: + + 1. While we are in this function, none of the other threads + waiting at the barrier can move past it. + + 2. When this function returns (and simulated execution resumes), + this thread and all other waiting threads will be able to move + past the real barrier. + + Because of this, it is now safe to update the vector clocks of + all threads, to represent the fact that they all arrived at the + barrier and have all moved on. There is no danger of any + complications to do with some threads leaving the barrier and + racing back round to the front, whilst others are still leaving + (which is the primary source of complication in correct handling/ + implementation of barriers). That can't happen because we update + here our data structures so as to indicate that the threads have + passed the barrier, even though, as per (2) above, they are + guaranteed not to pass the barrier until we return. + + This relies crucially on Valgrind being single threaded. If that + changes, this will need to be reconsidered. + */ + Thread* thr; + Bar* bar; + SO* so; + UWord present, i; + + if (SHOW_EVENTS >= 1) + VG_(printf)("evh__HG_PTHREAD_BARRIER_WAIT_PRE" + "(tid=%d, barrier=%p)\n", + (Int)tid, (void*)barrier ); + + thr = map_threads_maybe_lookup( tid ); + tl_assert(thr); /* cannot fail - Thread* must already exist */ + + bar = map_barrier_to_Bar_lookup_or_alloc(barrier); + tl_assert(bar); + + if (!bar->initted) { + HG_(record_error_Misc)( + thr, "pthread_barrier_wait: barrier is uninitialised" + ); + return; /* client is broken .. avoid assertions below */ + } + + /* guaranteed by _INIT_PRE above */ + tl_assert(bar->size > 0); + tl_assert(bar->waiting); + + VG_(addToXA)( bar->waiting, &thr ); + + /* guaranteed by this function */ + present = VG_(sizeXA)(bar->waiting); + tl_assert(present > 0 && present <= bar->size); + + if (present < bar->size) + return; + + /* All the threads have arrived. Now do the Interesting Bit. Get + a new synchronisation object and do a weak send to it from all + the participating threads. This makes its vector clocks be the + join of all the individual threads' vector clocks. Then do a + strong receive from it back to all threads, so that their VCs + are a copy of it (hence are all equal to the join of their + original VCs.) */ + so = libhb_so_alloc(); + + /* XXX check ->waiting has no duplicates */ + + tl_assert(bar->waiting); + tl_assert(VG_(sizeXA)(bar->waiting) == bar->size); + + /* compute the join ... */ + for (i = 0; i < bar->size; i++) { + Thread* t = *(Thread**)VG_(indexXA)(bar->waiting, i); + Thr* hbthr = t->hbthr; + libhb_so_send( hbthr, so, False/*weak send*/ ); + } + /* ... and distribute to all threads */ + for (i = 0; i < bar->size; i++) { + Thread* t = *(Thread**)VG_(indexXA)(bar->waiting, i); + Thr* hbthr = t->hbthr; + libhb_so_recv( hbthr, so, True/*strong recv*/ ); + } + + /* finally, we must empty out the waiting vector */ + VG_(dropTailXA)(bar->waiting, VG_(sizeXA)(bar->waiting)); + + /* and we don't need this any more. Perhaps a stack-allocated + SO would be better? */ + libhb_so_dealloc(so); +} + + +/*--------------------------------------------------------------*/ +/*--- Lock acquisition order monitoring ---*/ +/*--------------------------------------------------------------*/ + +/* FIXME: here are some optimisations still to do in + laog__pre_thread_acquires_lock. + + The graph is structured so that if L1 --*--> L2 then L1 must be + acquired before L2. + + The common case is that some thread T holds (eg) L1 L2 and L3 and + is repeatedly acquiring and releasing Ln, and there is no ordering + error in what it is doing. Hence it repeatly: + + (1) searches laog to see if Ln --*--> {L1,L2,L3}, which always + produces the answer No (because there is no error). + + (2) adds edges {L1,L2,L3} --> Ln to laog, which are already present + (because they already got added the first time T acquired Ln). + + Hence cache these two events: + + (1) Cache result of the query from last time. Invalidate the cache + any time any edges are added to or deleted from laog. + + (2) Cache these add-edge requests and ignore them if said edges + have already been added to laog. Invalidate the cache any time + any edges are deleted from laog. +*/ + +typedef + struct { + WordSetID inns; /* in univ_laog */ + WordSetID outs; /* in univ_laog */ + } + LAOGLinks; + +/* lock order acquisition graph */ +static WordFM* laog = NULL; /* WordFM Lock* LAOGLinks* */ + +/* EXPOSITION ONLY: for each edge in 'laog', record the two places + where that edge was created, so that we can show the user later if + we need to. */ +typedef + struct { + Addr src_ga; /* Lock guest addresses for */ + Addr dst_ga; /* src/dst of the edge */ + ExeContext* src_ec; /* And corresponding places where that */ + ExeContext* dst_ec; /* ordering was established */ + } + LAOGLinkExposition; + +static Word cmp_LAOGLinkExposition ( UWord llx1W, UWord llx2W ) { + /* Compare LAOGLinkExposition*s by (src_ga,dst_ga) field pair. */ + LAOGLinkExposition* llx1 = (LAOGLinkExposition*)llx1W; + LAOGLinkExposition* llx2 = (LAOGLinkExposition*)llx2W; + if (llx1->src_ga < llx2->src_ga) return -1; + if (llx1->src_ga > llx2->src_ga) return 1; + if (llx1->dst_ga < llx2->dst_ga) return -1; + if (llx1->dst_ga > llx2->dst_ga) return 1; + return 0; +} + +static WordFM* laog_exposition = NULL; /* WordFM LAOGLinkExposition* NULL */ +/* end EXPOSITION ONLY */ + + +__attribute__((noinline)) +static void laog__init ( void ) +{ + tl_assert(!laog); + tl_assert(!laog_exposition); + + laog = VG_(newFM)( HG_(zalloc), "hg.laog__init.1", + HG_(free), NULL/*unboxedcmp*/ ); + + laog_exposition = VG_(newFM)( HG_(zalloc), "hg.laog__init.2", HG_(free), + cmp_LAOGLinkExposition ); + tl_assert(laog); + tl_assert(laog_exposition); +} + +static void laog__show ( Char* who ) { + Word i, ws_size; + UWord* ws_words; + Lock* me; + LAOGLinks* links; + VG_(printf)("laog (requested by %s) {\n", who); + VG_(initIterFM)( laog ); + me = NULL; + links = NULL; + while (VG_(nextIterFM)( laog, (Word*)&me, + (Word*)&links )) { + tl_assert(me); + tl_assert(links); + VG_(printf)(" node %p:\n", me); + HG_(getPayloadWS)( &ws_words, &ws_size, univ_laog, links->inns ); + for (i = 0; i < ws_size; i++) + VG_(printf)(" inn %#lx\n", ws_words[i] ); + HG_(getPayloadWS)( &ws_words, &ws_size, univ_laog, links->outs ); + for (i = 0; i < ws_size; i++) + VG_(printf)(" out %#lx\n", ws_words[i] ); + me = NULL; + links = NULL; + } + VG_(doneIterFM)( laog ); + VG_(printf)("}\n"); +} + +__attribute__((noinline)) +static void laog__add_edge ( Lock* src, Lock* dst ) { + Word keyW; + LAOGLinks* links; + Bool presentF, presentR; + if (0) VG_(printf)("laog__add_edge %p %p\n", src, dst); + + /* Take the opportunity to sanity check the graph. Record in + presentF if there is already a src->dst mapping in this node's + forwards links, and presentR if there is already a src->dst + mapping in this node's backwards links. They should agree! + Also, we need to know whether the edge was already present so as + to decide whether or not to update the link details mapping. We + can compute presentF and presentR essentially for free, so may + as well do this always. */ + presentF = presentR = False; + + /* Update the out edges for src */ + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)src )) { + WordSetID outs_new; + tl_assert(links); + tl_assert(keyW == (Word)src); + outs_new = HG_(addToWS)( univ_laog, links->outs, (Word)dst ); + presentF = outs_new == links->outs; + links->outs = outs_new; + } else { + links = HG_(zalloc)("hg.lae.1", sizeof(LAOGLinks)); + links->inns = HG_(emptyWS)( univ_laog ); + links->outs = HG_(singletonWS)( univ_laog, (Word)dst ); + VG_(addToFM)( laog, (Word)src, (Word)links ); + } + /* Update the in edges for dst */ + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)dst )) { + WordSetID inns_new; + tl_assert(links); + tl_assert(keyW == (Word)dst); + inns_new = HG_(addToWS)( univ_laog, links->inns, (Word)src ); + presentR = inns_new == links->inns; + links->inns = inns_new; + } else { + links = HG_(zalloc)("hg.lae.2", sizeof(LAOGLinks)); + links->inns = HG_(singletonWS)( univ_laog, (Word)src ); + links->outs = HG_(emptyWS)( univ_laog ); + VG_(addToFM)( laog, (Word)dst, (Word)links ); + } + + tl_assert( (presentF && presentR) || (!presentF && !presentR) ); + + if (!presentF && src->acquired_at && dst->acquired_at) { + LAOGLinkExposition expo; + /* If this edge is entering the graph, and we have acquired_at + information for both src and dst, record those acquisition + points. Hence, if there is later a violation of this + ordering, we can show the user the two places in which the + required src-dst ordering was previously established. */ + if (0) VG_(printf)("acquire edge %#lx %#lx\n", + src->guestaddr, dst->guestaddr); + expo.src_ga = src->guestaddr; + expo.dst_ga = dst->guestaddr; + expo.src_ec = NULL; + expo.dst_ec = NULL; + tl_assert(laog_exposition); + if (VG_(lookupFM)( laog_exposition, NULL, NULL, (Word)&expo )) { + /* we already have it; do nothing */ + } else { + LAOGLinkExposition* expo2 = HG_(zalloc)("hg.lae.3", + sizeof(LAOGLinkExposition)); + expo2->src_ga = src->guestaddr; + expo2->dst_ga = dst->guestaddr; + expo2->src_ec = src->acquired_at; + expo2->dst_ec = dst->acquired_at; + VG_(addToFM)( laog_exposition, (Word)expo2, (Word)NULL ); + } + } +} + +__attribute__((noinline)) +static void laog__del_edge ( Lock* src, Lock* dst ) { + Word keyW; + LAOGLinks* links; + if (0) VG_(printf)("laog__del_edge %p %p\n", src, dst); + /* Update the out edges for src */ + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)src )) { + tl_assert(links); + tl_assert(keyW == (Word)src); + links->outs = HG_(delFromWS)( univ_laog, links->outs, (Word)dst ); + } + /* Update the in edges for dst */ + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)dst )) { + tl_assert(links); + tl_assert(keyW == (Word)dst); + links->inns = HG_(delFromWS)( univ_laog, links->inns, (Word)src ); + } +} + +__attribute__((noinline)) +static WordSetID /* in univ_laog */ laog__succs ( Lock* lk ) { + Word keyW; + LAOGLinks* links; + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)lk )) { + tl_assert(links); + tl_assert(keyW == (Word)lk); + return links->outs; + } else { + return HG_(emptyWS)( univ_laog ); + } +} + +__attribute__((noinline)) +static WordSetID /* in univ_laog */ laog__preds ( Lock* lk ) { + Word keyW; + LAOGLinks* links; + keyW = 0; + links = NULL; + if (VG_(lookupFM)( laog, &keyW, (Word*)&links, (Word)lk )) { + tl_assert(links); + tl_assert(keyW == (Word)lk); + return links->inns; + } else { + return HG_(emptyWS)( univ_laog ); + } +} + +__attribute__((noinline)) +static void laog__sanity_check ( Char* who ) { + Word i, ws_size; + UWord* ws_words; + Lock* me; + LAOGLinks* links; + if (UNLIKELY(!laog || !laog_exposition)) + laog__init(); + VG_(initIterFM)( laog ); + me = NULL; + links = NULL; + if (0) VG_(printf)("laog sanity check\n"); + while (VG_(nextIterFM)( laog, (Word*)&me, + (Word*)&links )) { + tl_assert(me); + tl_assert(links); + HG_(getPayloadWS)( &ws_words, &ws_size, univ_laog, links->inns ); + for (i = 0; i < ws_size; i++) { + if ( ! HG_(elemWS)( univ_laog, + laog__succs( (Lock*)ws_words[i] ), + (Word)me )) + goto bad; + } + HG_(getPayloadWS)( &ws_words, &ws_size, univ_laog, links->outs ); + for (i = 0; i < ws_size; i++) { + if ( ! HG_(elemWS)( univ_laog, + laog__preds( (Lock*)ws_words[i] ), + (Word)me )) + goto bad; + } + me = NULL; + links = NULL; + } + VG_(doneIterFM)( laog ); + return; + + bad: + VG_(printf)("laog__sanity_check(%s) FAILED\n", who); + laog__show(who); + tl_assert(0); +} + +/* If there is a path in laog from 'src' to any of the elements in + 'dst', return an arbitrarily chosen element of 'dst' reachable from + 'src'. If no path exist from 'src' to any element in 'dst', return + NULL. */ +__attribute__((noinline)) +static +Lock* laog__do_dfs_from_to ( Lock* src, WordSetID dsts /* univ_lsets */ ) +{ + Lock* ret; + Word i, ssz; + XArray* stack; /* of Lock* */ + WordFM* visited; /* Lock* -> void, iow, Set(Lock*) */ + Lock* here; + WordSetID succs; + Word succs_size; + UWord* succs_words; + //laog__sanity_check(); + + /* If the destination set is empty, we can never get there from + 'src' :-), so don't bother to try */ + if (HG_(isEmptyWS)( univ_lsets, dsts )) + return NULL; + + ret = NULL; + stack = VG_(newXA)( HG_(zalloc), "hg.lddft.1", HG_(free), sizeof(Lock*) ); + visited = VG_(newFM)( HG_(zalloc), "hg.lddft.2", HG_(free), NULL/*unboxedcmp*/ ); + + (void) VG_(addToXA)( stack, &src ); + + while (True) { + + ssz = VG_(sizeXA)( stack ); + + if (ssz == 0) { ret = NULL; break; } + + here = *(Lock**) VG_(indexXA)( stack, ssz-1 ); + VG_(dropTailXA)( stack, 1 ); + + if (HG_(elemWS)( univ_lsets, dsts, (Word)here )) { ret = here; break; } + + if (VG_(lookupFM)( visited, NULL, NULL, (Word)here )) + continue; + + VG_(addToFM)( visited, (Word)here, 0 ); + + succs = laog__succs( here ); + HG_(getPayloadWS)( &succs_words, &succs_size, univ_laog, succs ); + for (i = 0; i < succs_size; i++) + (void) VG_(addToXA)( stack, &succs_words[i] ); + } + + VG_(deleteFM)( visited, NULL, NULL ); + VG_(deleteXA)( stack ); + return ret; +} + + +/* Thread 'thr' is acquiring 'lk'. Check for inconsistent ordering + between 'lk' and the locks already held by 'thr' and issue a + complaint if so. Also, update the ordering graph appropriately. +*/ +__attribute__((noinline)) +static void laog__pre_thread_acquires_lock ( + Thread* thr, /* NB: BEFORE lock is added */ + Lock* lk + ) +{ + UWord* ls_words; + Word ls_size, i; + Lock* other; + + /* It may be that 'thr' already holds 'lk' and is recursively + relocking in. In this case we just ignore the call. */ + /* NB: univ_lsets really is correct here */ + if (HG_(elemWS)( univ_lsets, thr->locksetA, (Word)lk )) + return; + + if (UNLIKELY(!laog || !laog_exposition)) + laog__init(); + + /* First, the check. Complain if there is any path in laog from lk + to any of the locks already held by thr, since if any such path + existed, it would mean that previously lk was acquired before + (rather than after, as we are doing here) at least one of those + locks. + */ + other = laog__do_dfs_from_to(lk, thr->locksetA); + if (other) { + LAOGLinkExposition key, *found; + /* So we managed to find a path lk --*--> other in the graph, + which implies that 'lk' should have been acquired before + 'other' but is in fact being acquired afterwards. We present + the lk/other arguments to record_error_LockOrder in the order + in which they should have been acquired. */ + /* Go look in the laog_exposition mapping, to find the allocation + points for this edge, so we can show the user. */ + key.src_ga = lk->guestaddr; + key.dst_ga = other->guestaddr; + key.src_ec = NULL; + key.dst_ec = NULL; + found = NULL; + if (VG_(lookupFM)( laog_exposition, + (Word*)&found, NULL, (Word)&key )) { + tl_assert(found != &key); + tl_assert(found->src_ga == key.src_ga); + tl_assert(found->dst_ga == key.dst_ga); + tl_assert(found->src_ec); + tl_assert(found->dst_ec); + HG_(record_error_LockOrder)( + thr, lk->guestaddr, other->guestaddr, + found->src_ec, found->dst_ec ); + } else { + /* Hmm. This can't happen (can it?) */ + HG_(record_error_LockOrder)( + thr, lk->guestaddr, other->guestaddr, + NULL, NULL ); + } + } + + /* Second, add to laog the pairs + (old, lk) | old <- locks already held by thr + Since both old and lk are currently held by thr, their acquired_at + fields must be non-NULL. + */ + tl_assert(lk->acquired_at); + HG_(getPayloadWS)( &ls_words, &ls_size, univ_lsets, thr->locksetA ); + for (i = 0; i < ls_size; i++) { + Lock* old = (Lock*)ls_words[i]; + tl_assert(old->acquired_at); + laog__add_edge( old, lk ); + } + + /* Why "except_Locks" ? We're here because a lock is being + acquired by a thread, and we're in an inconsistent state here. + See the call points in evhH__post_thread_{r,w}_acquires_lock. + When called in this inconsistent state, locks__sanity_check duly + barfs. */ + if (HG_(clo_sanity_flags) & SCE_LAOG) + all_except_Locks__sanity_check("laog__pre_thread_acquires_lock-post"); +} + + +/* Delete from 'laog' any pair mentioning a lock in locksToDelete */ + +__attribute__((noinline)) +static void laog__handle_one_lock_deletion ( Lock* lk ) +{ + WordSetID preds, succs; + Word preds_size, succs_size, i, j; + UWord *preds_words, *succs_words; + + if (UNLIKELY(!laog || !laog_exposition)) + laog__init(); + + preds = laog__preds( lk ); + succs = laog__succs( lk ); + + HG_(getPayloadWS)( &preds_words, &preds_size, univ_laog, preds ); + for (i = 0; i < preds_size; i++) + laog__del_edge( (Lock*)preds_words[i], lk ); + + HG_(getPayloadWS)( &succs_words, &succs_size, univ_laog, succs ); + for (j = 0; j < succs_size; j++) + laog__del_edge( lk, (Lock*)succs_words[j] ); + + for (i = 0; i < preds_size; i++) { + for (j = 0; j < succs_size; j++) { + if (preds_words[i] != succs_words[j]) { + /* This can pass unlocked locks to laog__add_edge, since + we're deleting stuff. So their acquired_at fields may + be NULL. */ + laog__add_edge( (Lock*)preds_words[i], (Lock*)succs_words[j] ); + } + } + } +} + +//__attribute__((noinline)) +//static void laog__handle_lock_deletions ( +// WordSetID /* in univ_laog */ locksToDelete +// ) +//{ +// Word i, ws_size; +// UWord* ws_words; +// +// if (UNLIKELY(!laog || !laog_exposition)) +// laog__init(); +// +// HG_(getPayloadWS)( &ws_words, &ws_size, univ_lsets, locksToDelete ); +// for (i = 0; i < ws_size; i++) +// laog__handle_one_lock_deletion( (Lock*)ws_words[i] ); +// +// if (HG_(clo_sanity_flags) & SCE_LAOG) +// all__sanity_check("laog__handle_lock_deletions-post"); +//} + + +/*--------------------------------------------------------------*/ +/*--- Malloc/free replacements ---*/ +/*--------------------------------------------------------------*/ + +typedef + struct { + void* next; /* required by m_hashtable */ + Addr payload; /* ptr to actual block */ + SizeT szB; /* size requested */ + ExeContext* where; /* where it was allocated */ + Thread* thr; /* allocating thread */ + } + MallocMeta; + +/* A hash table of MallocMetas, used to track malloc'd blocks + (obviously). */ +static VgHashTable hg_mallocmeta_table = NULL; + + +static MallocMeta* new_MallocMeta ( void ) { + MallocMeta* md = HG_(zalloc)( "hg.new_MallocMeta.1", sizeof(MallocMeta) ); + tl_assert(md); + return md; +} +static void delete_MallocMeta ( MallocMeta* md ) { + HG_(free)(md); +} + + +/* Allocate a client block and set up the metadata for it. */ + +static +void* handle_alloc ( ThreadId tid, + SizeT szB, SizeT alignB, Bool is_zeroed ) +{ + Addr p; + MallocMeta* md; + + tl_assert( ((SSizeT)szB) >= 0 ); + p = (Addr)VG_(cli_malloc)(alignB, szB); + if (!p) { + return NULL; + } + if (is_zeroed) + VG_(memset)((void*)p, 0, szB); + + /* Note that map_threads_lookup must succeed (cannot assert), since + memory can only be allocated by currently alive threads, hence + they must have an entry in map_threads. */ + md = new_MallocMeta(); + md->payload = p; + md->szB = szB; + md->where = VG_(record_ExeContext)( tid, 0 ); + md->thr = map_threads_lookup( tid ); + + VG_(HT_add_node)( hg_mallocmeta_table, (VgHashNode*)md ); + + /* Tell the lower level memory wranglers. */ + evh__new_mem_heap( p, szB, is_zeroed ); + + return (void*)p; +} + +/* Re the checks for less-than-zero (also in hg_cli__realloc below): + Cast to a signed type to catch any unexpectedly negative args. + We're assuming here that the size asked for is not greater than + 2^31 bytes (for 32-bit platforms) or 2^63 bytes (for 64-bit + platforms). */ +static void* hg_cli__malloc ( ThreadId tid, SizeT n ) { + if (((SSizeT)n) < 0) return NULL; + return handle_alloc ( tid, n, VG_(clo_alignment), + /*is_zeroed*/False ); +} +static void* hg_cli____builtin_new ( ThreadId tid, SizeT n ) { + if (((SSizeT)n) < 0) return NULL; + return handle_alloc ( tid, n, VG_(clo_alignment), + /*is_zeroed*/False ); +} +static void* hg_cli____builtin_vec_new ( ThreadId tid, SizeT n ) { + if (((SSizeT)n) < 0) return NULL; + return handle_alloc ( tid, n, VG_(clo_alignment), + /*is_zeroed*/False ); +} +static void* hg_cli__memalign ( ThreadId tid, SizeT align, SizeT n ) { + if (((SSizeT)n) < 0) return NULL; + return handle_alloc ( tid, n, align, + /*is_zeroed*/False ); +} +static void* hg_cli__calloc ( ThreadId tid, SizeT nmemb, SizeT size1 ) { + if ( ((SSizeT)nmemb) < 0 || ((SSizeT)size1) < 0 ) return NULL; + return handle_alloc ( tid, nmemb*size1, VG_(clo_alignment), + /*is_zeroed*/True ); +} + + +/* Free a client block, including getting rid of the relevant + metadata. */ + +static void handle_free ( ThreadId tid, void* p ) +{ + MallocMeta *md, *old_md; + SizeT szB; + + /* First see if we can find the metadata for 'p'. */ + md = (MallocMeta*) VG_(HT_lookup)( hg_mallocmeta_table, (UWord)p ); + if (!md) + return; /* apparently freeing a bogus address. Oh well. */ + + tl_assert(md->payload == (Addr)p); + szB = md->szB; + + /* Nuke the metadata block */ + old_md = (MallocMeta*) + VG_(HT_remove)( hg_mallocmeta_table, (UWord)p ); + tl_assert(old_md); /* it must be present - we just found it */ + tl_assert(old_md == md); + tl_assert(old_md->payload == (Addr)p); + + VG_(cli_free)((void*)old_md->payload); + delete_MallocMeta(old_md); + + /* Tell the lower level memory wranglers. */ + evh__die_mem_heap( (Addr)p, szB ); +} + +static void hg_cli__free ( ThreadId tid, void* p ) { + handle_free(tid, p); +} +static void hg_cli____builtin_delete ( ThreadId tid, void* p ) { + handle_free(tid, p); +} +static void hg_cli____builtin_vec_delete ( ThreadId tid, void* p ) { + handle_free(tid, p); +} + + +static void* hg_cli__realloc ( ThreadId tid, void* payloadV, SizeT new_size ) +{ + MallocMeta *md, *md_new, *md_tmp; + SizeT i; + + Addr payload = (Addr)payloadV; + + if (((SSizeT)new_size) < 0) return NULL; + + md = (MallocMeta*) VG_(HT_lookup)( hg_mallocmeta_table, (UWord)payload ); + if (!md) + return NULL; /* apparently realloc-ing a bogus address. Oh well. */ + + tl_assert(md->payload == payload); + + if (md->szB == new_size) { + /* size unchanged */ + md->where = VG_(record_ExeContext)(tid, 0); + return payloadV; + } + + if (md->szB > new_size) { + /* new size is smaller */ + md->szB = new_size; + md->where = VG_(record_ExeContext)(tid, 0); + evh__die_mem_heap( md->payload + new_size, md->szB - new_size ); + return payloadV; + } + + /* else */ { + /* new size is bigger */ + Addr p_new = (Addr)VG_(cli_malloc)(VG_(clo_alignment), new_size); + + /* First half kept and copied, second half new */ + // FIXME: shouldn't we use a copier which implements the + // memory state machine? + shadow_mem_copy_range( payload, p_new, md->szB ); + evh__new_mem_heap ( p_new + md->szB, new_size - md->szB, + /*inited*/False ); + /* FIXME: can anything funny happen here? specifically, if the + old range contained a lock, then die_mem_heap will complain. + Is that the correct behaviour? Not sure. */ + evh__die_mem_heap( payload, md->szB ); + + /* Copy from old to new */ + for (i = 0; i < md->szB; i++) + ((UChar*)p_new)[i] = ((UChar*)payload)[i]; + + /* Because the metadata hash table is index by payload address, + we have to get rid of the old hash table entry and make a new + one. We can't just modify the existing metadata in place, + because then it would (almost certainly) be in the wrong hash + chain. */ + md_new = new_MallocMeta(); + *md_new = *md; + + md_tmp = VG_(HT_remove)( hg_mallocmeta_table, payload ); + tl_assert(md_tmp); + tl_assert(md_tmp == md); + + VG_(cli_free)((void*)md->payload); + delete_MallocMeta(md); + + /* Update fields */ + md_new->where = VG_(record_ExeContext)( tid, 0 ); + md_new->szB = new_size; + md_new->payload = p_new; + md_new->thr = map_threads_lookup( tid ); + + /* and add */ + VG_(HT_add_node)( hg_mallocmeta_table, (VgHashNode*)md_new ); + + return (void*)p_new; + } +} + +static SizeT hg_cli_malloc_usable_size ( ThreadId tid, void* p ) +{ + MallocMeta *md = VG_(HT_lookup)( hg_mallocmeta_table, (UWord)p ); + + // There may be slop, but pretend there isn't because only the asked-for + // area will have been shadowed properly. + return ( md ? md->szB : 0 ); +} + + +/*--------------------------------------------------------------*/ +/*--- Instrumentation ---*/ +/*--------------------------------------------------------------*/ + +static void instrument_mem_access ( IRSB* bbOut, + IRExpr* addr, + Int szB, + Bool isStore, + Int hWordTy_szB ) +{ + IRType tyAddr = Ity_INVALID; + HChar* hName = NULL; + void* hAddr = NULL; + Int regparms = 0; + IRExpr** argv = NULL; + IRDirty* di = NULL; + + tl_assert(isIRAtom(addr)); + tl_assert(hWordTy_szB == 4 || hWordTy_szB == 8); + + tyAddr = typeOfIRExpr( bbOut->tyenv, addr ); + tl_assert(tyAddr == Ity_I32 || tyAddr == Ity_I64); + + /* So the effective address is in 'addr' now. */ + regparms = 1; // unless stated otherwise + if (isStore) { + switch (szB) { + case 1: + hName = "evh__mem_help_write_1"; + hAddr = &evh__mem_help_write_1; + argv = mkIRExprVec_1( addr ); + break; + case 2: + hName = "evh__mem_help_write_2"; + hAddr = &evh__mem_help_write_2; + argv = mkIRExprVec_1( addr ); + break; + case 4: + hName = "evh__mem_help_write_4"; + hAddr = &evh__mem_help_write_4; + argv = mkIRExprVec_1( addr ); + break; + case 8: + hName = "evh__mem_help_write_8"; + hAddr = &evh__mem_help_write_8; + argv = mkIRExprVec_1( addr ); + break; + default: + tl_assert(szB > 8 && szB <= 512); /* stay sane */ + regparms = 2; + hName = "evh__mem_help_write_N"; + hAddr = &evh__mem_help_write_N; + argv = mkIRExprVec_2( addr, mkIRExpr_HWord( szB )); + break; + } + } else { + switch (szB) { + case 1: + hName = "evh__mem_help_read_1"; + hAddr = &evh__mem_help_read_1; + argv = mkIRExprVec_1( addr ); + break; + case 2: + hName = "evh__mem_help_read_2"; + hAddr = &evh__mem_help_read_2; + argv = mkIRExprVec_1( addr ); + break; + case 4: + hName = "evh__mem_help_read_4"; + hAddr = &evh__mem_help_read_4; + argv = mkIRExprVec_1( addr ); + break; + case 8: + hName = "evh__mem_help_read_8"; + hAddr = &evh__mem_help_read_8; + argv = mkIRExprVec_1( addr ); + break; + default: + tl_assert(szB > 8 && szB <= 512); /* stay sane */ + regparms = 2; + hName = "evh__mem_help_read_N"; + hAddr = &evh__mem_help_read_N; + argv = mkIRExprVec_2( addr, mkIRExpr_HWord( szB )); + break; + } + } + + /* Add the helper. */ + tl_assert(hName); + tl_assert(hAddr); + tl_assert(argv); + di = unsafeIRDirty_0_N( regparms, + hName, VG_(fnptr_to_fnentry)( hAddr ), + argv ); + addStmtToIRSB( bbOut, IRStmt_Dirty(di) ); +} + + +//static void instrument_memory_bus_event ( IRSB* bbOut, IRMBusEvent event ) +//{ +// switch (event) { +// case Imbe_SnoopedStoreBegin: +// case Imbe_SnoopedStoreEnd: +// /* These arise from ppc stwcx. insns. They should perhaps be +// handled better. */ +// break; +// case Imbe_Fence: +// break; /* not interesting */ +// case Imbe_BusLock: +// case Imbe_BusUnlock: +// addStmtToIRSB( +// bbOut, +// IRStmt_Dirty( +// unsafeIRDirty_0_N( +// 0/*regparms*/, +// event == Imbe_BusLock ? "evh__bus_lock" +// : "evh__bus_unlock", +// VG_(fnptr_to_fnentry)( +// event == Imbe_BusLock ? &evh__bus_lock +// : &evh__bus_unlock +// ), +// mkIRExprVec_0() +// ) +// ) +// ); +// break; +// default: +// tl_assert(0); +// } +//} + + +static +IRSB* hg_instrument ( VgCallbackClosure* closure, + IRSB* bbIn, + VexGuestLayout* layout, + VexGuestExtents* vge, + IRType gWordTy, IRType hWordTy ) +{ + Int i; + IRSB* bbOut; + Bool x86busLocked = False; + Bool isSnoopedStore = False; + + if (gWordTy != hWordTy) { + /* We don't currently support this case. */ + VG_(tool_panic)("host/guest word size mismatch"); + } + + /* Set up BB */ + bbOut = emptyIRSB(); + bbOut->tyenv = deepCopyIRTypeEnv(bbIn->tyenv); + bbOut->next = deepCopyIRExpr(bbIn->next); + bbOut->jumpkind = bbIn->jumpkind; + + // Copy verbatim any IR preamble preceding the first IMark + i = 0; + while (i < bbIn->stmts_used && bbIn->stmts[i]->tag != Ist_IMark) { + addStmtToIRSB( bbOut, bbIn->stmts[i] ); + i++; + } + + for (/*use current i*/; i < bbIn->stmts_used; i++) { + IRStmt* st = bbIn->stmts[i]; + tl_assert(st); + tl_assert(isFlatIRStmt(st)); + switch (st->tag) { + case Ist_NoOp: + case Ist_AbiHint: + case Ist_Put: + case Ist_PutI: + case Ist_IMark: + case Ist_Exit: + /* None of these can contain any memory references. */ + break; + + case Ist_MBE: + //instrument_memory_bus_event( bbOut, st->Ist.MBE.event ); + switch (st->Ist.MBE.event) { + case Imbe_Fence: + break; /* not interesting */ + /* Imbe_Bus{Lock,Unlock} arise from x86/amd64 LOCK + prefixed instructions. */ + case Imbe_BusLock: + tl_assert(x86busLocked == False); + x86busLocked = True; + break; + case Imbe_BusUnlock: + tl_assert(x86busLocked == True); + x86busLocked = False; + break; + /* Imbe_SnoopedStore{Begin,End} arise from ppc + stwcx. instructions. */ + case Imbe_SnoopedStoreBegin: + tl_assert(isSnoopedStore == False); + isSnoopedStore = True; + break; + case Imbe_SnoopedStoreEnd: + tl_assert(isSnoopedStore == True); + isSnoopedStore = False; + break; + default: + goto unhandled; + } + break; + + case Ist_Store: + if (!x86busLocked && !isSnoopedStore) + instrument_mem_access( + bbOut, + st->Ist.Store.addr, + sizeofIRType(typeOfIRExpr(bbIn->tyenv, st->Ist.Store.data)), + True/*isStore*/, + sizeofIRType(hWordTy) + ); + break; + + case Ist_WrTmp: { + IRExpr* data = st->Ist.WrTmp.data; + if (data->tag == Iex_Load) { + instrument_mem_access( + bbOut, + data->Iex.Load.addr, + sizeofIRType(data->Iex.Load.ty), + False/*!isStore*/, + sizeofIRType(hWordTy) + ); + } + break; + } + + case Ist_Dirty: { + Int dataSize; + IRDirty* d = st->Ist.Dirty.details; + if (d->mFx != Ifx_None) { + /* This dirty helper accesses memory. Collect the + details. */ + tl_assert(d->mAddr != NULL); + tl_assert(d->mSize != 0); + dataSize = d->mSize; + if (d->mFx == Ifx_Read || d->mFx == Ifx_Modify) { + instrument_mem_access( + bbOut, d->mAddr, dataSize, False/*!isStore*/, + sizeofIRType(hWordTy) + ); + } + /* This isn't really correct. Really the + instrumentation should be only added when + (!x86busLocked && !isSnoopedStore), just like with + Ist_Store. Still, I don't think this is + particularly important. */ + if (d->mFx == Ifx_Write || d->mFx == Ifx_Modify) { + instrument_mem_access( + bbOut, d->mAddr, dataSize, True/*isStore*/, + sizeofIRType(hWordTy) + ); + } + } else { + tl_assert(d->mAddr == NULL); + tl_assert(d->mSize == 0); + } + break; + } + + default: + unhandled: + ppIRStmt(st); + tl_assert(0); + + } /* switch (st->tag) */ + + addStmtToIRSB( bbOut, st ); + } /* iterate over bbIn->stmts */ + + return bbOut; +} + + +/*----------------------------------------------------------------*/ +/*--- Client requests ---*/ +/*----------------------------------------------------------------*/ + +/* Sheesh. Yet another goddam finite map. */ +static WordFM* map_pthread_t_to_Thread = NULL; /* pthread_t -> Thread* */ + +static void map_pthread_t_to_Thread_INIT ( void ) { + if (UNLIKELY(map_pthread_t_to_Thread == NULL)) { + map_pthread_t_to_Thread = VG_(newFM)( HG_(zalloc), "hg.mpttT.1", + HG_(free), NULL ); + tl_assert(map_pthread_t_to_Thread != NULL); + } +} + + +static +Bool hg_handle_client_request ( ThreadId tid, UWord* args, UWord* ret) +{ + if (!VG_IS_TOOL_USERREQ('H','G',args[0])) + return False; + + /* Anything that gets past the above check is one of ours, so we + should be able to handle it. */ + + /* default, meaningless return value, unless otherwise set */ + *ret = 0; + + switch (args[0]) { + + /* --- --- User-visible client requests --- --- */ + + case VG_USERREQ__HG_CLEAN_MEMORY: + if (0) VG_(printf)("VG_USERREQ__HG_CLEAN_MEMORY(%#lx,%ld)\n", + args[1], args[2]); + /* Call die_mem to (expensively) tidy up properly, if there + are any held locks etc in the area. Calling evh__die_mem + and then evh__new_mem is a bit inefficient; probably just + the latter would do. */ + if (args[2] > 0) { /* length */ + evh__die_mem(args[1], args[2]); + /* and then set it to New */ + evh__new_mem(args[1], args[2]); + } + break; + + /* --- --- Client requests for Helgrind's use only --- --- */ + + /* Some thread is telling us its pthread_t value. Record the + binding between that and the associated Thread*, so we can + later find the Thread* again when notified of a join by the + thread. */ + case _VG_USERREQ__HG_SET_MY_PTHREAD_T: { + Thread* my_thr = NULL; + if (0) + VG_(printf)("SET_MY_PTHREAD_T (tid %d): pthread_t = %p\n", (Int)tid, + (void*)args[1]); + map_pthread_t_to_Thread_INIT(); + my_thr = map_threads_maybe_lookup( tid ); + /* This assertion should hold because the map_threads (tid to + Thread*) binding should have been made at the point of + low-level creation of this thread, which should have + happened prior to us getting this client request for it. + That's because this client request is sent from + client-world from the 'thread_wrapper' function, which + only runs once the thread has been low-level created. */ + tl_assert(my_thr != NULL); + /* So now we know that (pthread_t)args[1] is associated with + (Thread*)my_thr. Note that down. */ + if (0) + VG_(printf)("XXXX: bind pthread_t %p to Thread* %p\n", + (void*)args[1], (void*)my_thr ); + VG_(addToFM)( map_pthread_t_to_Thread, (Word)args[1], (Word)my_thr ); + break; + } + + case _VG_USERREQ__HG_PTH_API_ERROR: { + Thread* my_thr = NULL; + map_pthread_t_to_Thread_INIT(); + my_thr = map_threads_maybe_lookup( tid ); + tl_assert(my_thr); /* See justification above in SET_MY_PTHREAD_T */ + HG_(record_error_PthAPIerror)( + my_thr, (HChar*)args[1], (Word)args[2], (HChar*)args[3] ); + break; + } + + /* This thread (tid) has completed a join with the quitting + thread whose pthread_t is in args[1]. */ + case _VG_USERREQ__HG_PTHREAD_JOIN_POST: { + Thread* thr_q = NULL; /* quitter Thread* */ + Bool found = False; + if (0) + VG_(printf)("NOTIFY_JOIN_COMPLETE (tid %d): quitter = %p\n", (Int)tid, + (void*)args[1]); + map_pthread_t_to_Thread_INIT(); + found = VG_(lookupFM)( map_pthread_t_to_Thread, + NULL, (Word*)&thr_q, (Word)args[1] ); + /* Can this fail? It would mean that our pthread_join + wrapper observed a successful join on args[1] yet that + thread never existed (or at least, it never lodged an + entry in the mapping (via SET_MY_PTHREAD_T)). Which + sounds like a bug in the threads library. */ + // FIXME: get rid of this assertion; handle properly + tl_assert(found); + if (found) { + if (0) + VG_(printf)(".................... quitter Thread* = %p\n", + thr_q); + evh__HG_PTHREAD_JOIN_POST( tid, thr_q ); + } + break; + } + + /* EXPOSITION only: by intercepting lock init events we can show + the user where the lock was initialised, rather than only + being able to show where it was first locked. Intercepting + lock initialisations is not necessary for the basic operation + of the race checker. */ + case _VG_USERREQ__HG_PTHREAD_MUTEX_INIT_POST: + evh__HG_PTHREAD_MUTEX_INIT_POST( tid, (void*)args[1], args[2] ); + break; + + case _VG_USERREQ__HG_PTHREAD_MUTEX_DESTROY_PRE: + evh__HG_PTHREAD_MUTEX_DESTROY_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_PRE: // pth_mx_t* + evh__HG_PTHREAD_MUTEX_UNLOCK_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_MUTEX_UNLOCK_POST: // pth_mx_t* + evh__HG_PTHREAD_MUTEX_UNLOCK_POST( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_PRE: // pth_mx_t*, Word + evh__HG_PTHREAD_MUTEX_LOCK_PRE( tid, (void*)args[1], args[2] ); + break; + + case _VG_USERREQ__HG_PTHREAD_MUTEX_LOCK_POST: // pth_mx_t* + evh__HG_PTHREAD_MUTEX_LOCK_POST( tid, (void*)args[1] ); + break; + + /* This thread is about to do pthread_cond_signal on the + pthread_cond_t* in arg[1]. Ditto pthread_cond_broadcast. */ + case _VG_USERREQ__HG_PTHREAD_COND_SIGNAL_PRE: + case _VG_USERREQ__HG_PTHREAD_COND_BROADCAST_PRE: + evh__HG_PTHREAD_COND_SIGNAL_PRE( tid, (void*)args[1] ); + break; + + /* Entry into pthread_cond_wait, cond=arg[1], mutex=arg[2]. + Returns a flag indicating whether or not the mutex is believed to be + valid for this operation. */ + case _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE: { + Bool mutex_is_valid + = evh__HG_PTHREAD_COND_WAIT_PRE( tid, (void*)args[1], + (void*)args[2] ); + *ret = mutex_is_valid ? 1 : 0; + break; + } + + /* cond=arg[1] */ + case _VG_USERREQ__HG_PTHREAD_COND_DESTROY_PRE: + evh__HG_PTHREAD_COND_DESTROY_PRE( tid, (void*)args[1] ); + break; + + /* Thread successfully completed pthread_cond_wait, cond=arg[1], + mutex=arg[2] */ + case _VG_USERREQ__HG_PTHREAD_COND_WAIT_POST: + evh__HG_PTHREAD_COND_WAIT_POST( tid, + (void*)args[1], (void*)args[2] ); + break; + + case _VG_USERREQ__HG_PTHREAD_RWLOCK_INIT_POST: + evh__HG_PTHREAD_RWLOCK_INIT_POST( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_RWLOCK_DESTROY_PRE: + evh__HG_PTHREAD_RWLOCK_DESTROY_PRE( tid, (void*)args[1] ); + break; + + /* rwlock=arg[1], isW=arg[2], isTryLock=arg[3] */ + case _VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE: + evh__HG_PTHREAD_RWLOCK_LOCK_PRE( tid, (void*)args[1], + args[2], args[3] ); + break; + + /* rwlock=arg[1], isW=arg[2] */ + case _VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST: + evh__HG_PTHREAD_RWLOCK_LOCK_POST( tid, (void*)args[1], args[2] ); + break; + + case _VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE: + evh__HG_PTHREAD_RWLOCK_UNLOCK_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST: + evh__HG_PTHREAD_RWLOCK_UNLOCK_POST( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_POSIX_SEM_INIT_POST: /* sem_t*, unsigned long */ + evh__HG_POSIX_SEM_INIT_POST( tid, (void*)args[1], args[2] ); + break; + + case _VG_USERREQ__HG_POSIX_SEM_DESTROY_PRE: /* sem_t* */ + evh__HG_POSIX_SEM_DESTROY_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_POSIX_SEM_POST_PRE: /* sem_t* */ + evh__HG_POSIX_SEM_POST_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_POSIX_SEM_WAIT_POST: /* sem_t* */ + evh__HG_POSIX_SEM_WAIT_POST( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_BARRIER_INIT_PRE: + /* pth_bar_t*, ulong */ + evh__HG_PTHREAD_BARRIER_INIT_PRE( tid, (void*)args[1], args[2] ); + break; + + case _VG_USERREQ__HG_PTHREAD_BARRIER_WAIT_PRE: + /* pth_bar_t* */ + evh__HG_PTHREAD_BARRIER_WAIT_PRE( tid, (void*)args[1] ); + break; + + case _VG_USERREQ__HG_PTHREAD_BARRIER_DESTROY_PRE: + /* pth_bar_t* */ + evh__HG_PTHREAD_BARRIER_DESTROY_PRE( tid, (void*)args[1] ); + break; + + default: + /* Unhandled Helgrind client request! */ + tl_assert2(0, "unhandled Helgrind client request 0x%lx", + args[0]); + } + + return True; +} + + +/*----------------------------------------------------------------*/ +/*--- Setup ---*/ +/*----------------------------------------------------------------*/ + +static Bool hg_process_cmd_line_option ( Char* arg ) +{ + Char* tmp_str; + + if VG_BOOL_CLO(arg, "--track-lockorders", + HG_(clo_track_lockorders)) {} + else if VG_BOOL_CLO(arg, "--cmp-race-err-addrs", + HG_(clo_cmp_race_err_addrs)) {} + else if VG_BOOL_CLO(arg, "--show-conflicts", + HG_(clo_show_conflicts)) {} + + /* If you change the 10k/10mill limits, remember to also change + them in assertions at the top of event_map_maybe_GC. */ + else if VG_BINT_CLO(arg, "--conflict-cache-size", + HG_(clo_conflict_cache_size), 10*1000, 10*1000*1000) {} + + /* "stuvwx" --> stuvwx (binary) */ + else if VG_STR_CLO(arg, "--hg-sanity-flags", tmp_str) { + Int j; + + if (6 != VG_(strlen)(tmp_str)) { + VG_(message)(Vg_UserMsg, + "--hg-sanity-flags argument must have 6 digits"); + return False; + } + for (j = 0; j < 6; j++) { + if ('0' == tmp_str[j]) { /* do nothing */ } + else if ('1' == tmp_str[j]) HG_(clo_sanity_flags) |= (1 << (6-1-j)); + else { + VG_(message)(Vg_UserMsg, "--hg-sanity-flags argument can " + "only contain 0s and 1s"); + return False; + } + } + if (0) VG_(printf)("XXX sanity flags: 0x%lx\n", HG_(clo_sanity_flags)); + } + + else + return VG_(replacement_malloc_process_cmd_line_option)(arg); + + return True; +} + +static void hg_print_usage ( void ) +{ + VG_(printf)( +" --track-lockorders=no|yes show lock ordering errors? [yes]\n" +" --show-conflicts=no|yes show both stack traces in a race? [yes]\n" +" --conflict-cache-size=N size of conflict history cache [1000000]\n" + ); + VG_(replacement_malloc_print_usage)(); +} + +static void hg_print_debug_usage ( void ) +{ + VG_(replacement_malloc_print_debug_usage)(); + VG_(printf)(" --cmp-race-err-addrs=no|yes are data addresses in " + "race errors significant? [no]\n"); + VG_(printf)(" --hg-sanity-flags=<XXXXXX> sanity check " + " at events (X = 0|1) [000000]\n"); + VG_(printf)(" --hg-sanity-flags values:\n"); + VG_(printf)(" 010000 after changes to " + "lock-order-acquisition-graph\n"); + VG_(printf)(" 001000 at memory accesses (NB: not currently used)\n"); + VG_(printf)(" 000100 at mem permission setting for " + "ranges >= %d bytes\n", SCE_BIGRANGE_T); + VG_(printf)(" 000010 at lock/unlock events\n"); + VG_(printf)(" 000001 at thread create/join events\n"); +} + +static void hg_post_clo_init ( void ) +{ +} + +static void hg_fini ( Int exitcode ) +{ + if (SHOW_DATA_STRUCTURES) + pp_everything( PP_ALL, "SK_(fini)" ); + if (HG_(clo_sanity_flags)) + all__sanity_check("SK_(fini)"); + + if (VG_(clo_verbosity) >= 2) { + + if (1) { + VG_(printf)("\n"); + HG_(ppWSUstats)( univ_tsets, "univ_tsets" ); + VG_(printf)("\n"); + HG_(ppWSUstats)( univ_lsets, "univ_lsets" ); + VG_(printf)("\n"); + HG_(ppWSUstats)( univ_laog, "univ_laog" ); + } + + //zz VG_(printf)("\n"); + //zz VG_(printf)(" hbefore: %'10lu queries\n", stats__hbefore_queries); + //zz VG_(printf)(" hbefore: %'10lu cache 0 hits\n", stats__hbefore_cache0s); + //zz VG_(printf)(" hbefore: %'10lu cache > 0 hits\n", stats__hbefore_cacheNs); + //zz VG_(printf)(" hbefore: %'10lu graph searches\n", stats__hbefore_gsearches); + //zz VG_(printf)(" hbefore: %'10lu of which slow\n", + //zz stats__hbefore_gsearches - stats__hbefore_gsearchFs); + //zz VG_(printf)(" hbefore: %'10lu stack high water mark\n", + //zz stats__hbefore_stk_hwm); + //zz VG_(printf)(" hbefore: %'10lu cache invals\n", stats__hbefore_invals); + //zz VG_(printf)(" hbefore: %'10lu probes\n", stats__hbefore_probes); + + VG_(printf)("\n"); + VG_(printf)(" locksets: %'8d unique lock sets\n", + (Int)HG_(cardinalityWSU)( univ_lsets )); + VG_(printf)(" threadsets: %'8d unique thread sets\n", + (Int)HG_(cardinalityWSU)( univ_tsets )); + VG_(printf)(" univ_laog: %'8d unique lock sets\n", + (Int)HG_(cardinalityWSU)( univ_laog )); + + //VG_(printf)("L(ast)L(ock) map: %'8lu inserts (%d map size)\n", + // stats__ga_LL_adds, + // (Int)(ga_to_lastlock ? VG_(sizeFM)( ga_to_lastlock ) : 0) ); + + VG_(printf)(" LockN-to-P map: %'8llu queries (%llu map size)\n", + HG_(stats__LockN_to_P_queries), + HG_(stats__LockN_to_P_get_map_size)() ); + + VG_(printf)("string table map: %'8llu queries (%llu map size)\n", + HG_(stats__string_table_queries), + HG_(stats__string_table_get_map_size)() ); + VG_(printf)(" LAOG: %'8d map size\n", + (Int)(laog ? VG_(sizeFM)( laog ) : 0)); + VG_(printf)(" LAOG exposition: %'8d map size\n", + (Int)(laog_exposition ? VG_(sizeFM)( laog_exposition ) : 0)); + VG_(printf)(" locks: %'8lu acquires, " + "%'lu releases\n", + stats__lockN_acquires, + stats__lockN_releases + ); + VG_(printf)(" sanity checks: %'8lu\n", stats__sanity_checks); + + VG_(printf)("\n"); + libhb_shutdown(True); + } +} + +/* FIXME: move these somewhere sane */ + +static +void for_libhb__get_stacktrace ( Thr* hbt, Addr* frames, UWord nRequest ) +{ + Thread* thr; + ThreadId tid; + UWord nActual; + tl_assert(hbt); + thr = libhb_get_Thr_opaque( hbt ); + tl_assert(thr); + tid = map_threads_maybe_reverse_lookup_SLOW(thr); + nActual = (UWord)VG_(get_StackTrace)( tid, frames, (UInt)nRequest, + NULL, NULL, 0 ); + tl_assert(nActual <= nRequest); + for (; nActual < nRequest; nActual++) + frames[nActual] = 0; +} + +static +ExeContext* for_libhb__get_EC ( Thr* hbt ) +{ + Thread* thr; + ThreadId tid; + ExeContext* ec; + tl_assert(hbt); + thr = libhb_get_Thr_opaque( hbt ); + tl_assert(thr); + tid = map_threads_maybe_reverse_lookup_SLOW(thr); + ec = VG_(record_ExeContext)( tid, 0 ); + return ec; +} + + +static void hg_pre_clo_init ( void ) +{ + Thr* hbthr_root; + VG_(details_name) ("Helgrind"); + VG_(details_version) (NULL); + VG_(details_description) ("a thread error detector"); + VG_(details_copyright_author)( + "Copyright (C) 2007-2009, and GNU GPL'd, by OpenWorks LLP et al."); + VG_(details_bug_reports_to) (VG_BUGS_TO); + VG_(details_avg_translation_sizeB) ( 200 ); + + VG_(basic_tool_funcs) (hg_post_clo_init, + hg_instrument, + hg_fini); + + VG_(needs_core_errors) (); + VG_(needs_tool_errors) (HG_(eq_Error), + HG_(pp_Error), + False,/*show TIDs for errors*/ + HG_(update_extra), + HG_(recognised_suppression), + HG_(read_extra_suppression_info), + HG_(error_matches_suppression), + HG_(get_error_name), + HG_(print_extra_suppression_info)); + + VG_(needs_command_line_options)(hg_process_cmd_line_option, + hg_print_usage, + hg_print_debug_usage); + VG_(needs_client_requests) (hg_handle_client_request); + + // FIXME? + //VG_(needs_sanity_checks) (hg_cheap_sanity_check, + // hg_expensive_sanity_check); + + VG_(needs_malloc_replacement) (hg_cli__malloc, + hg_cli____builtin_new, + hg_cli____builtin_vec_new, + hg_cli__memalign, + hg_cli__calloc, + hg_cli__free, + hg_cli____builtin_delete, + hg_cli____builtin_vec_delete, + hg_cli__realloc, + hg_cli_malloc_usable_size, + HG_CLI__MALLOC_REDZONE_SZB ); + + /* 21 Dec 08: disabled this; it mostly causes H to start more + slowly and use significantly more memory, without very often + providing useful results. The user can request to load this + information manually with --read-var-info=yes. */ + if (0) VG_(needs_var_info)(); /* optional */ + + VG_(track_new_mem_startup) ( evh__new_mem_w_perms ); + VG_(track_new_mem_stack_signal)( evh__new_mem_w_tid ); + VG_(track_new_mem_brk) ( evh__new_mem_w_tid ); + VG_(track_new_mem_mmap) ( evh__new_mem_w_perms ); + VG_(track_new_mem_stack) ( evh__new_mem ); + + // FIXME: surely this isn't thread-aware + VG_(track_copy_mem_remap) ( shadow_mem_copy_range ); + + VG_(track_change_mem_mprotect) ( evh__set_perms ); + + VG_(track_die_mem_stack_signal)( evh__die_mem ); + VG_(track_die_mem_brk) ( evh__die_mem ); + VG_(track_die_mem_munmap) ( evh__die_mem ); + VG_(track_die_mem_stack) ( evh__die_mem ); + + // FIXME: what is this for? + VG_(track_ban_mem_stack) (NULL); + + VG_(track_pre_mem_read) ( evh__pre_mem_read ); + VG_(track_pre_mem_read_asciiz) ( evh__pre_mem_read_asciiz ); + VG_(track_pre_mem_write) ( evh__pre_mem_write ); + VG_(track_post_mem_write) (NULL); + + ///////////////// + + VG_(track_pre_thread_ll_create)( evh__pre_thread_ll_create ); + VG_(track_pre_thread_ll_exit) ( evh__pre_thread_ll_exit ); + + VG_(track_start_client_code)( evh__start_client_code ); + VG_(track_stop_client_code)( evh__stop_client_code ); + + ///////////////////////////////////////////// + hbthr_root = libhb_init( for_libhb__get_stacktrace, + for_libhb__get_EC ); + ///////////////////////////////////////////// + + initialise_data_structures(hbthr_root); + + /* Ensure that requirements for "dodgy C-as-C++ style inheritance" + as described in comments at the top of pub_tool_hashtable.h, are + met. Blargh. */ + tl_assert( sizeof(void*) == sizeof(struct _MallocMeta*) ); + tl_assert( sizeof(UWord) == sizeof(Addr) ); + hg_mallocmeta_table + = VG_(HT_construct)( "hg_malloc_metadata_table" ); + +} + +VG_DETERMINE_INTERFACE_VERSION(hg_pre_clo_init) + +/*--------------------------------------------------------------------*/ +/*--- end hg_main.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_wordset.c.svn-base b/helgrind/.svn/text-base/hg_wordset.c.svn-base new file mode 100644 index 0000000..5d33004 --- /dev/null +++ b/helgrind/.svn/text-base/hg_wordset.c.svn-base @@ -0,0 +1,860 @@ + +/*--------------------------------------------------------------------*/ +/*--- Sets of words, with unique set identifiers. ---*/ +/*--- hg_wordset.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks LLP + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. + + Neither the names of the U.S. Department of Energy nor the + University of California nor the names of its contributors may be + used to endorse or promote products derived from this software + without prior written permission. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcprint.h" +#include "pub_tool_threadstate.h" +#include "pub_tool_wordfm.h" + +#include "hg_basics.h" +#include "hg_wordset.h" /* self */ + +//------------------------------------------------------------------// +//--- Word Cache ---// +//------------------------------------------------------------------// + +typedef + struct { UWord arg1; UWord arg2; UWord res; } + WCacheEnt; + +/* Each cache is a fixed sized array of N_WCACHE_STAT_MAX entries. + However only the first .dynMax are used. This is because at some + point, expanding the cache further overall gives a slowdown because + searching more entries more than negates any performance advantage + from caching those entries in the first place. Hence use .dynMax + to allow the size of the cache(s) to be set differently for each + different WordSetU. */ +#define N_WCACHE_STAT_MAX 32 +typedef + struct { + WCacheEnt ent[N_WCACHE_STAT_MAX]; + UWord dynMax; /* 1 .. N_WCACHE_STAT_MAX inclusive */ + UWord inUse; /* 0 .. dynMax inclusive */ + } + WCache; + +#define WCache_INIT(_zzcache,_zzdynmax) \ + do { \ + tl_assert((_zzdynmax) >= 1); \ + tl_assert((_zzdynmax) <= N_WCACHE_STAT_MAX); \ + (_zzcache).dynMax = (_zzdynmax); \ + (_zzcache).inUse = 0; \ + } while (0) + +#define WCache_LOOKUP_AND_RETURN(_retty,_zzcache,_zzarg1,_zzarg2) \ + do { \ + UWord _i; \ + UWord _arg1 = (UWord)(_zzarg1); \ + UWord _arg2 = (UWord)(_zzarg2); \ + WCache* _cache = &(_zzcache); \ + tl_assert(_cache->dynMax >= 1); \ + tl_assert(_cache->dynMax <= N_WCACHE_STAT_MAX); \ + tl_assert(_cache->inUse >= 0); \ + tl_assert(_cache->inUse <= _cache->dynMax); \ + if (_cache->inUse > 0) { \ + if (_cache->ent[0].arg1 == _arg1 \ + && _cache->ent[0].arg2 == _arg2) \ + return (_retty)_cache->ent[0].res; \ + for (_i = 1; _i < _cache->inUse; _i++) { \ + if (_cache->ent[_i].arg1 == _arg1 \ + && _cache->ent[_i].arg2 == _arg2) { \ + WCacheEnt tmp = _cache->ent[_i-1]; \ + _cache->ent[_i-1] = _cache->ent[_i]; \ + _cache->ent[_i] = tmp; \ + return (_retty)_cache->ent[_i-1].res; \ + } \ + } \ + } \ + } while (0) + +#define WCache_UPDATE(_zzcache,_zzarg1,_zzarg2,_zzresult) \ + do { \ + Word _i; \ + UWord _arg1 = (UWord)(_zzarg1); \ + UWord _arg2 = (UWord)(_zzarg2); \ + UWord _res = (UWord)(_zzresult); \ + WCache* _cache = &(_zzcache); \ + tl_assert(_cache->dynMax >= 1); \ + tl_assert(_cache->dynMax <= N_WCACHE_STAT_MAX); \ + tl_assert(_cache->inUse >= 0); \ + tl_assert(_cache->inUse <= _cache->dynMax); \ + if (_cache->inUse < _cache->dynMax) \ + _cache->inUse++; \ + for (_i = _cache->inUse-1; _i >= 1; _i--) \ + _cache->ent[_i] = _cache->ent[_i-1]; \ + _cache->ent[0].arg1 = _arg1; \ + _cache->ent[0].arg2 = _arg2; \ + _cache->ent[0].res = _res; \ + } while (0) + + +//------------------------------------------------------------------// +//--- WordSet ---// +//--- Implementation ---// +//------------------------------------------------------------------// + +typedef + struct { + WordSetU* owner; /* for sanity checking */ + UWord* words; + UWord size; /* Really this should be SizeT */ + } + WordVec; + +/* ix2vec[0 .. ix2vec_used-1] are pointers to the lock sets (WordVecs) + really. vec2ix is the inverse mapping, mapping WordVec* to the + corresponding ix2vec entry number. The two mappings are mutually + redundant. */ +struct _WordSetU { + void* (*alloc)(HChar*,SizeT); + HChar* cc; + void (*dealloc)(void*); + WordFM* vec2ix; /* WordVec-to-WordSet mapping tree */ + WordVec** ix2vec; /* WordSet-to-WordVec mapping array */ + UWord ix2vec_size; + UWord ix2vec_used; + WordSet empty; /* cached, for speed */ + /* Caches for some operations */ + WCache cache_addTo; + WCache cache_delFrom; + WCache cache_intersect; + WCache cache_minus; + /* Stats */ + UWord n_add; + UWord n_add_uncached; + UWord n_del; + UWord n_del_uncached; + UWord n_union; + UWord n_intersect; + UWord n_intersect_uncached; + UWord n_minus; + UWord n_minus_uncached; + UWord n_elem; + UWord n_doubleton; + UWord n_isEmpty; + UWord n_isSingleton; + UWord n_anyElementOf; + UWord n_isSubsetOf; + }; + +/* Create a new WordVec of the given size. */ + +static WordVec* new_WV_of_size ( WordSetU* wsu, UWord sz ) +{ + WordVec* wv; + tl_assert(sz >= 0); + wv = wsu->alloc( wsu->cc, sizeof(WordVec) ); + wv->owner = wsu; + wv->words = NULL; + wv->size = sz; + if (sz > 0) { + wv->words = wsu->alloc( wsu->cc, (SizeT)sz * sizeof(UWord) ); + } + return wv; +} + +static void delete_WV ( WordVec* wv ) +{ + void (*dealloc)(void*) = wv->owner->dealloc; + if (wv->words) { + dealloc(wv->words); + } + dealloc(wv); +} +static void delete_WV_for_FM ( UWord wv ) { + delete_WV( (WordVec*)wv ); +} + +static Word cmp_WordVecs_for_FM ( UWord wv1W, UWord wv2W ) +{ + UWord i; + WordVec* wv1 = (WordVec*)wv1W; + WordVec* wv2 = (WordVec*)wv2W; + UWord common = wv1->size < wv2->size ? wv1->size : wv2->size; + for (i = 0; i < common; i++) { + if (wv1->words[i] == wv2->words[i]) + continue; + if (wv1->words[i] < wv2->words[i]) + return -1; + if (wv1->words[i] > wv2->words[i]) + return 1; + tl_assert(0); + } + /* Ok, the common sections are identical. So now consider the + tails. Both sets are considered to finish in an implied + sequence of -infinity. */ + if (wv1->size < wv2->size) { + tl_assert(common == wv1->size); + return -1; /* impliedly, wv1 contains some -infinitys in places + where wv2 doesn't. */ + } + if (wv1->size > wv2->size) { + tl_assert(common == wv2->size); + return 1; + } + tl_assert(common == wv1->size); + return 0; /* identical */ +} + +static void ensure_ix2vec_space ( WordSetU* wsu ) +{ + UInt i, new_sz; + WordVec** new_vec; + tl_assert(wsu->ix2vec_used <= wsu->ix2vec_size); + if (wsu->ix2vec_used < wsu->ix2vec_size) + return; + new_sz = 2 * wsu->ix2vec_size; + if (new_sz == 0) new_sz = 2; + new_vec = wsu->alloc( wsu->cc, new_sz * sizeof(WordVec*) ); + tl_assert(new_vec); + for (i = 0; i < wsu->ix2vec_size; i++) + new_vec[i] = wsu->ix2vec[i]; + if (wsu->ix2vec) + wsu->dealloc(wsu->ix2vec); + wsu->ix2vec = new_vec; + wsu->ix2vec_size = new_sz; +} + +/* Index into a WordSetU, doing the obvious range check. Failure of + the assertions marked XXX and YYY is an indication of passing the + wrong WordSetU* in the public API of this module. */ +static WordVec* do_ix2vec ( WordSetU* wsu, WordSet ws ) +{ + WordVec* wv; + tl_assert(wsu->ix2vec_used <= wsu->ix2vec_size); + if (wsu->ix2vec_used > 0) + tl_assert(wsu->ix2vec); + /* If this assertion fails, it may mean you supplied a 'ws' + that does not come from the 'wsu' universe. */ + tl_assert(ws < wsu->ix2vec_used); /* XXX */ + wv = wsu->ix2vec[ws]; + /* Make absolutely sure that 'ws' is a member of 'wsu'. */ + tl_assert(wv); + tl_assert(wv->owner == wsu); /* YYY */ + return wv; +} + +/* See if wv is contained within wsu. If so, deallocate wv and return + the index of the already-present copy. If not, add wv to both the + vec2ix and ix2vec mappings and return its index. +*/ +static WordSet add_or_dealloc_WordVec( WordSetU* wsu, WordVec* wv_new ) +{ + Bool have; + WordVec* wv_old; + UWord/*Set*/ ix_old = -1; + /* Really WordSet, but need something that can safely be casted to + a Word* in the lookupFM. Making it WordSet (which is 32 bits) + causes failures on a 64-bit platform. */ + tl_assert(wv_new->owner == wsu); + have = VG_(lookupFM)( wsu->vec2ix, + (Word*)&wv_old, (Word*)&ix_old, + (Word)wv_new ); + if (have) { + tl_assert(wv_old != wv_new); + tl_assert(wv_old); + tl_assert(wv_old->owner == wsu); + tl_assert(ix_old < wsu->ix2vec_used); + tl_assert(wsu->ix2vec[ix_old] == wv_old); + delete_WV( wv_new ); + return (WordSet)ix_old; + } else { + ensure_ix2vec_space( wsu ); + tl_assert(wsu->ix2vec); + tl_assert(wsu->ix2vec_used < wsu->ix2vec_size); + wsu->ix2vec[wsu->ix2vec_used] = wv_new; + VG_(addToFM)( wsu->vec2ix, (Word)wv_new, (Word)wsu->ix2vec_used ); + if (0) VG_(printf)("aodW %d\n", (Int)wsu->ix2vec_used ); + wsu->ix2vec_used++; + tl_assert(wsu->ix2vec_used <= wsu->ix2vec_size); + return (WordSet)(wsu->ix2vec_used - 1); + } +} + + +WordSetU* HG_(newWordSetU) ( void* (*alloc_nofail)( HChar*, SizeT ), + HChar* cc, + void (*dealloc)(void*), + Word cacheSize ) +{ + WordSetU* wsu; + WordVec* empty; + + wsu = alloc_nofail( cc, sizeof(WordSetU) ); + VG_(memset)( wsu, 0, sizeof(WordSetU) ); + wsu->alloc = alloc_nofail; + wsu->cc = cc; + wsu->dealloc = dealloc; + wsu->vec2ix = VG_(newFM)( alloc_nofail, cc, + dealloc, cmp_WordVecs_for_FM ); + wsu->ix2vec_used = 0; + wsu->ix2vec_size = 0; + wsu->ix2vec = NULL; + WCache_INIT(wsu->cache_addTo, cacheSize); + WCache_INIT(wsu->cache_delFrom, cacheSize); + WCache_INIT(wsu->cache_intersect, cacheSize); + WCache_INIT(wsu->cache_minus, cacheSize); + empty = new_WV_of_size( wsu, 0 ); + wsu->empty = add_or_dealloc_WordVec( wsu, empty ); + + return wsu; +} + +void HG_(deleteWordSetU) ( WordSetU* wsu ) +{ + void (*dealloc)(void*) = wsu->dealloc; + tl_assert(wsu->vec2ix); + VG_(deleteFM)( wsu->vec2ix, delete_WV_for_FM, NULL/*val-finalizer*/ ); + if (wsu->ix2vec) + dealloc(wsu->ix2vec); + dealloc(wsu); +} + +WordSet HG_(emptyWS) ( WordSetU* wsu ) +{ + return wsu->empty; +} + +Bool HG_(isEmptyWS) ( WordSetU* wsu, WordSet ws ) +{ + WordVec* wv = do_ix2vec( wsu, ws ); + wsu->n_isEmpty++; + if (wv->size == 0) { + tl_assert(ws == wsu->empty); + return True; + } else { + tl_assert(ws != wsu->empty); + return False; + } +} + +Bool HG_(isSingletonWS) ( WordSetU* wsu, WordSet ws, UWord w ) +{ + WordVec* wv; + tl_assert(wsu); + wsu->n_isSingleton++; + wv = do_ix2vec( wsu, ws ); + return (Bool)(wv->size == 1 && wv->words[0] == w); +} + +UWord HG_(cardinalityWS) ( WordSetU* wsu, WordSet ws ) +{ + WordVec* wv; + tl_assert(wsu); + wv = do_ix2vec( wsu, ws ); + tl_assert(wv->size >= 0); + return wv->size; +} + +UWord HG_(anyElementOfWS) ( WordSetU* wsu, WordSet ws ) +{ + WordVec* wv; + tl_assert(wsu); + wsu->n_anyElementOf++; + wv = do_ix2vec( wsu, ws ); + tl_assert(wv->size >= 1); + return wv->words[0]; +} + +UWord HG_(cardinalityWSU) ( WordSetU* wsu ) +{ + tl_assert(wsu); + return wsu->ix2vec_used; +} + +void HG_(getPayloadWS) ( /*OUT*/UWord** words, /*OUT*/UWord* nWords, + WordSetU* wsu, WordSet ws ) +{ + WordVec* wv; + tl_assert(wsu); + wv = do_ix2vec( wsu, ws ); + tl_assert(wv->size >= 0); + *nWords = wv->size; + *words = wv->words; +} + +Bool HG_(plausibleWS) ( WordSetU* wsu, WordSet ws ) +{ + if (wsu == NULL) return False; + if (ws < 0 || ws >= wsu->ix2vec_used) + return False; + return True; +} + +Bool HG_(saneWS_SLOW) ( WordSetU* wsu, WordSet ws ) +{ + WordVec* wv; + UWord i; + if (wsu == NULL) return False; + if (ws < 0 || ws >= wsu->ix2vec_used) + return False; + wv = do_ix2vec( wsu, ws ); + /* can never happen .. do_ix2vec will assert instead. Oh well. */ + if (wv->owner != wsu) return False; + if (wv->size < 0) return False; + if (wv->size > 0) { + for (i = 0; i < wv->size-1; i++) { + if (wv->words[i] >= wv->words[i+1]) + return False; + } + } + return True; +} + +Bool HG_(elemWS) ( WordSetU* wsu, WordSet ws, UWord w ) +{ + UWord i; + WordVec* wv = do_ix2vec( wsu, ws ); + wsu->n_elem++; + for (i = 0; i < wv->size; i++) { + if (wv->words[i] == w) + return True; + } + return False; +} + +WordSet HG_(doubletonWS) ( WordSetU* wsu, UWord w1, UWord w2 ) +{ + WordVec* wv; + wsu->n_doubleton++; + if (w1 == w2) { + wv = new_WV_of_size(wsu, 1); + wv->words[0] = w1; + } + else if (w1 < w2) { + wv = new_WV_of_size(wsu, 2); + wv->words[0] = w1; + wv->words[1] = w2; + } + else { + tl_assert(w1 > w2); + wv = new_WV_of_size(wsu, 2); + wv->words[0] = w2; + wv->words[1] = w1; + } + return add_or_dealloc_WordVec( wsu, wv ); +} + +WordSet HG_(singletonWS) ( WordSetU* wsu, UWord w ) +{ + return HG_(doubletonWS)( wsu, w, w ); +} + +WordSet HG_(isSubsetOf) ( WordSetU* wsu, WordSet small, WordSet big ) +{ + wsu->n_isSubsetOf++; + return small == HG_(intersectWS)( wsu, small, big ); +} + +void HG_(ppWS) ( WordSetU* wsu, WordSet ws ) +{ + UWord i; + WordVec* wv; + tl_assert(wsu); + wv = do_ix2vec( wsu, ws ); + VG_(printf)("{"); + for (i = 0; i < wv->size; i++) { + VG_(printf)("%p", (void*)wv->words[i]); + if (i < wv->size-1) + VG_(printf)(","); + } + VG_(printf)("}"); +} + +void HG_(ppWSUstats) ( WordSetU* wsu, HChar* name ) +{ + VG_(printf)(" WordSet \"%s\":\n", name); + VG_(printf)(" addTo %10lu (%lu uncached)\n", + wsu->n_add, wsu->n_add_uncached); + VG_(printf)(" delFrom %10lu (%lu uncached)\n", + wsu->n_del, wsu->n_del_uncached); + VG_(printf)(" union %10lu\n", wsu->n_union); + VG_(printf)(" intersect %10lu (%lu uncached) " + "[nb. incl isSubsetOf]\n", + wsu->n_intersect, wsu->n_intersect_uncached); + VG_(printf)(" minus %10lu (%lu uncached)\n", + wsu->n_minus, wsu->n_minus_uncached); + VG_(printf)(" elem %10lu\n", wsu->n_elem); + VG_(printf)(" doubleton %10lu\n", wsu->n_doubleton); + VG_(printf)(" isEmpty %10lu\n", wsu->n_isEmpty); + VG_(printf)(" isSingleton %10lu\n", wsu->n_isSingleton); + VG_(printf)(" anyElementOf %10lu\n", wsu->n_anyElementOf); + VG_(printf)(" isSubsetOf %10lu\n", wsu->n_isSubsetOf); +} + +WordSet HG_(addToWS) ( WordSetU* wsu, WordSet ws, UWord w ) +{ + UWord k, j; + WordVec* wv_new; + WordVec* wv; + WordSet result = (WordSet)(-1); /* bogus */ + + wsu->n_add++; + WCache_LOOKUP_AND_RETURN(WordSet, wsu->cache_addTo, ws, w); + wsu->n_add_uncached++; + + /* If already present, this is a no-op. */ + wv = do_ix2vec( wsu, ws ); + for (k = 0; k < wv->size; k++) { + if (wv->words[k] == w) { + result = ws; + goto out; + } + } + /* Ok, not present. Build a new one ... */ + wv_new = new_WV_of_size( wsu, wv->size + 1 ); + k = j = 0; + for (; k < wv->size && wv->words[k] < w; k++) { + wv_new->words[j++] = wv->words[k]; + } + wv_new->words[j++] = w; + for (; k < wv->size; k++) { + tl_assert(wv->words[k] > w); + wv_new->words[j++] = wv->words[k]; + } + tl_assert(j == wv_new->size); + + /* Find any existing copy, or add the new one. */ + result = add_or_dealloc_WordVec( wsu, wv_new ); + tl_assert(result != (WordSet)(-1)); + + out: + WCache_UPDATE(wsu->cache_addTo, ws, w, result); + return result; +} + +WordSet HG_(delFromWS) ( WordSetU* wsu, WordSet ws, UWord w ) +{ + UWord i, j, k; + WordVec* wv_new; + WordSet result = (WordSet)(-1); /* bogus */ + WordVec* wv = do_ix2vec( wsu, ws ); + + wsu->n_del++; + + /* special case empty set */ + if (wv->size == 0) { + tl_assert(ws == wsu->empty); + return ws; + } + + WCache_LOOKUP_AND_RETURN(WordSet, wsu->cache_delFrom, ws, w); + wsu->n_del_uncached++; + + /* If not already present, this is a no-op. */ + for (i = 0; i < wv->size; i++) { + if (wv->words[i] == w) + break; + } + if (i == wv->size) { + result = ws; + goto out; + } + /* So w is present in ws, and the new set will be one element + smaller. */ + tl_assert(i >= 0 && i < wv->size); + tl_assert(wv->size > 0); + + wv_new = new_WV_of_size( wsu, wv->size - 1 ); + j = k = 0; + for (; j < wv->size; j++) { + if (j == i) + continue; + wv_new->words[k++] = wv->words[j]; + } + tl_assert(k == wv_new->size); + + result = add_or_dealloc_WordVec( wsu, wv_new ); + if (wv->size == 1) { + tl_assert(result == wsu->empty); + } + + out: + WCache_UPDATE(wsu->cache_delFrom, ws, w, result); + return result; +} + +WordSet HG_(unionWS) ( WordSetU* wsu, WordSet ws1, WordSet ws2 ) +{ + UWord i1, i2, k, sz; + WordVec* wv_new; + WordVec* wv1 = do_ix2vec( wsu, ws1 ); + WordVec* wv2 = do_ix2vec( wsu, ws2 ); + wsu->n_union++; + sz = 0; + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + sz++; + if (wv1->words[i1] < wv2->words[i2]) { + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + i2++; + } else { + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + if (i1 == wv1->size && i2 < wv2->size) { + sz += (wv2->size - i2); + } + if (i2 == wv2->size && i1 < wv1->size) { + sz += (wv1->size - i1); + } + + wv_new = new_WV_of_size( wsu, sz ); + k = 0; + + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + if (wv1->words[i1] < wv2->words[i2]) { + wv_new->words[k++] = wv1->words[i1]; + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + wv_new->words[k++] = wv2->words[i2]; + i2++; + } else { + wv_new->words[k++] = wv1->words[i1]; + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + if (i1 == wv1->size && i2 < wv2->size) { + while (i2 < wv2->size) + wv_new->words[k++] = wv2->words[i2++]; + } + if (i2 == wv2->size && i1 < wv1->size) { + while (i1 < wv1->size) + wv_new->words[k++] = wv1->words[i1++]; + } + + tl_assert(k == sz); + + return add_or_dealloc_WordVec( wsu, wv_new ); +} + +WordSet HG_(intersectWS) ( WordSetU* wsu, WordSet ws1, WordSet ws2 ) +{ + UWord i1, i2, k, sz; + WordSet ws_new = (WordSet)(-1); /* bogus */ + WordVec* wv_new; + WordVec* wv1; + WordVec* wv2; + + wsu->n_intersect++; + + /* Deal with an obvious case fast. */ + if (ws1 == ws2) + return ws1; + + /* Since intersect(x,y) == intersect(y,x), convert both variants to + the same query. This reduces the number of variants the cache + has to deal with. */ + if (ws1 > ws2) { + WordSet wst = ws1; ws1 = ws2; ws2 = wst; + } + + WCache_LOOKUP_AND_RETURN(WordSet, wsu->cache_intersect, ws1, ws2); + wsu->n_intersect_uncached++; + + wv1 = do_ix2vec( wsu, ws1 ); + wv2 = do_ix2vec( wsu, ws2 ); + sz = 0; + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + if (wv1->words[i1] < wv2->words[i2]) { + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + i2++; + } else { + sz++; + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + + wv_new = new_WV_of_size( wsu, sz ); + k = 0; + + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + if (wv1->words[i1] < wv2->words[i2]) { + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + i2++; + } else { + wv_new->words[k++] = wv1->words[i1]; + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + + tl_assert(k == sz); + + ws_new = add_or_dealloc_WordVec( wsu, wv_new ); + if (sz == 0) { + tl_assert(ws_new == wsu->empty); + } + + tl_assert(ws_new != (WordSet)(-1)); + WCache_UPDATE(wsu->cache_intersect, ws1, ws2, ws_new); + + return ws_new; +} + +WordSet HG_(minusWS) ( WordSetU* wsu, WordSet ws1, WordSet ws2 ) +{ + UWord i1, i2, k, sz; + WordSet ws_new = (WordSet)(-1); /* bogus */ + WordVec* wv_new; + WordVec* wv1; + WordVec* wv2; + + wsu->n_minus++; + WCache_LOOKUP_AND_RETURN(WordSet, wsu->cache_minus, ws1, ws2); + wsu->n_minus_uncached++; + + wv1 = do_ix2vec( wsu, ws1 ); + wv2 = do_ix2vec( wsu, ws2 ); + sz = 0; + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + if (wv1->words[i1] < wv2->words[i2]) { + sz++; + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + i2++; + } else { + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + if (i2 == wv2->size && i1 < wv1->size) { + sz += (wv1->size - i1); + } + + wv_new = new_WV_of_size( wsu, sz ); + k = 0; + + i1 = i2 = 0; + while (1) { + if (i1 >= wv1->size || i2 >= wv2->size) + break; + if (wv1->words[i1] < wv2->words[i2]) { + wv_new->words[k++] = wv1->words[i1]; + i1++; + } else + if (wv1->words[i1] > wv2->words[i2]) { + i2++; + } else { + i1++; + i2++; + } + } + tl_assert(i1 <= wv1->size); + tl_assert(i2 <= wv2->size); + tl_assert(i1 == wv1->size || i2 == wv2->size); + if (i2 == wv2->size && i1 < wv1->size) { + while (i1 < wv1->size) + wv_new->words[k++] = wv1->words[i1++]; + } + + tl_assert(k == sz); + + ws_new = add_or_dealloc_WordVec( wsu, wv_new ); + if (sz == 0) { + tl_assert(ws_new == wsu->empty); + } + + tl_assert(ws_new != (WordSet)(-1)); + WCache_UPDATE(wsu->cache_minus, ws1, ws2, ws_new); + + return ws_new; +} + +static __attribute__((unused)) +void show_WS ( WordSetU* wsu, WordSet ws ) +{ + UWord i; + WordVec* wv = do_ix2vec( wsu, ws ); + VG_(printf)("#%u{", ws); + for (i = 0; i < wv->size; i++) { + VG_(printf)("%lu", wv->words[i]); + if (i < wv->size-1) + VG_(printf)(","); + } + VG_(printf)("}\n"); +} + +//------------------------------------------------------------------// +//--- end WordSet ---// +//--- Implementation ---// +//------------------------------------------------------------------// + +/*--------------------------------------------------------------------*/ +/*--- end hg_wordset.c ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/hg_wordset.h.svn-base b/helgrind/.svn/text-base/hg_wordset.h.svn-base new file mode 100644 index 0000000..1d1a72f --- /dev/null +++ b/helgrind/.svn/text-base/hg_wordset.h.svn-base @@ -0,0 +1,101 @@ + +/*--------------------------------------------------------------------*/ +/*--- Sets of words, with unique set identifiers. ---*/ +/*--- hg_wordset.h ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of Helgrind, a Valgrind tool for detecting errors + in threaded programs. + + Copyright (C) 2007-2009 OpenWorks LLP + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. + + Neither the names of the U.S. Department of Energy nor the + University of California nor the names of its contributors may be + used to endorse or promote products derived from this software + without prior written permission. +*/ + +#ifndef __HG_WORDSET_H +#define __HG_WORDSET_H + +//------------------------------------------------------------------// +//--- WordSet ---// +//--- Public Interface ---// +//------------------------------------------------------------------// + +typedef struct _WordSetU WordSetU; /* opaque */ + +typedef UInt WordSet; /* opaque, small int index */ + +/* Allocate and initialise a WordSetU */ +WordSetU* HG_(newWordSetU) ( void* (*alloc_nofail)( HChar*, SizeT ), + HChar* cc, + void (*dealloc)(void*), + Word cacheSize ); + +/* Free up the WordSetU. */ +void HG_(deleteWordSetU) ( WordSetU* ); + +/* Get the number of elements in this WordSetU. */ +UWord HG_(cardinalityWSU) ( WordSetU* ); + +/* Show performance stats for this WordSetU. */ +void HG_(ppWSUstats) ( WordSetU* wsu, HChar* name ); + + +/* Element-level operations on WordSets. Note that the WordSet + numbers given out are 0, 1, 2, 3, etc, and as it happens 0 always + represents the empty set. */ + +WordSet HG_(emptyWS) ( WordSetU* ); +WordSet HG_(addToWS) ( WordSetU*, WordSet, UWord ); +WordSet HG_(delFromWS) ( WordSetU*, WordSet, UWord ); +WordSet HG_(unionWS) ( WordSetU*, WordSet, WordSet ); +WordSet HG_(intersectWS) ( WordSetU*, WordSet, WordSet ); +WordSet HG_(minusWS) ( WordSetU*, WordSet, WordSet ); +Bool HG_(isEmptyWS) ( WordSetU*, WordSet ); +Bool HG_(isSingletonWS) ( WordSetU*, WordSet, UWord ); +UWord HG_(anyElementOfWS) ( WordSetU*, WordSet ); +UWord HG_(cardinalityWS) ( WordSetU*, WordSet ); +Bool HG_(elemWS) ( WordSetU*, WordSet, UWord ); +WordSet HG_(doubletonWS) ( WordSetU*, UWord, UWord ); +WordSet HG_(singletonWS) ( WordSetU*, UWord ); +WordSet HG_(isSubsetOf) ( WordSetU*, WordSet, WordSet ); + +Bool HG_(plausibleWS) ( WordSetU*, WordSet ); +Bool HG_(saneWS_SLOW) ( WordSetU*, WordSet ); + +void HG_(ppWS) ( WordSetU*, WordSet ); +void HG_(getPayloadWS) ( /*OUT*/UWord** words, /*OUT*/UWord* nWords, + WordSetU*, WordSet ); + + +//------------------------------------------------------------------// +//--- end WordSet ---// +//--- Public Interface ---// +//------------------------------------------------------------------// + +#endif /* ! __HG_WORDSET_H */ + +/*--------------------------------------------------------------------*/ +/*--- end hg_wordset.h ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/libhb.h.svn-base b/helgrind/.svn/text-base/libhb.h.svn-base new file mode 100644 index 0000000..b204883 --- /dev/null +++ b/helgrind/.svn/text-base/libhb.h.svn-base @@ -0,0 +1,156 @@ + +/*--------------------------------------------------------------------*/ +/*--- LibHB: a library for implementing and checking ---*/ +/*--- the happens-before relationship in concurrent programs. ---*/ +/*--- libhb_main.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of LibHB, a library for implementing and checking + the happens-before relationship in concurrent programs. + + Copyright (C) 2008-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#ifndef __LIBHB_H +#define __LIBHB_H + +/* Abstract to user: thread identifiers */ +/* typedef struct _Thr Thr; */ /* now in hg_lock_n_thread.h */ + +/* Abstract to user: synchronisation objects */ +/* typedef struct _SO SO; */ /* now in hg_lock_n_thread.h */ + +/* Initialise library; returns Thr* for root thread. 'shadow_alloc' + should never return NULL, instead it should simply not return if + they encounter an out-of-memory condition. */ +Thr* libhb_init ( + void (*get_stacktrace)( Thr*, Addr*, UWord ), + ExeContext* (*get_EC)( Thr* ) + ); + +/* Shut down the library, and print stats (in fact that's _all_ + this is for.) */ +void libhb_shutdown ( Bool show_stats ); + +/* Thread creation: returns Thr* for new thread */ +Thr* libhb_create ( Thr* parent ); + +/* Thread async exit */ +void libhb_async_exit ( Thr* exitter ); + +/* Synchronisation objects (abstract to caller) */ + +/* Allocate a new one (alloc'd by library) */ +SO* libhb_so_alloc ( void ); + +/* Dealloc one */ +void libhb_so_dealloc ( SO* so ); + +/* Send a message via a sync object. If strong_send is true, the + resulting inter-thread dependency seen by a future receiver of this + message will be a dependency on this thread only. That is, in a + strong send, the VC inside the SO is replaced by the clock of the + sending thread. For a weak send, the sender's VC is joined into + that already in the SO, if any. This subtlety is needed to model + rwlocks: a strong send corresponds to releasing a rwlock that had + been w-held (or releasing a standard mutex). A weak send + corresponds to releasing a rwlock that has been r-held. + + (rationale): Since in general many threads may hold a rwlock in + r-mode, a weak send facility is necessary in order that the final + SO reflects the join of the VCs of all the threads releasing the + rwlock, rather than merely holding the VC of the most recent thread + to release it. */ +void libhb_so_send ( Thr* thr, SO* so, Bool strong_send ); + +/* Recv a message from a sync object. If strong_recv is True, the + resulting inter-thread dependency is considered adequate to induce + a h-b ordering on both reads and writes. If it is False, the + implied h-b ordering exists only for reads, not writes. This is + subtlety is required in order to support reader-writer locks: a + thread doing a write-acquire of a rwlock (or acquiring a normal + mutex) models this by doing a strong receive. A thread doing a + read-acquire of a rwlock models this by doing a !strong_recv. */ +void libhb_so_recv ( Thr* thr, SO* so, Bool strong_recv ); + +/* Has this SO ever been sent on? */ +Bool libhb_so_everSent ( SO* so ); + +/* Memory accesses (1/2/4/8 byte size). They report a race if one is + found. */ +#define LIBHB_WRITE_1(_thr,_a) zsm_apply8___msm_write((_thr),(_a)) +#define LIBHB_WRITE_2(_thr,_a) zsm_apply16___msm_write((_thr),(_a)) +#define LIBHB_WRITE_4(_thr,_a) zsm_apply32___msm_write((_thr),(_a)) +#define LIBHB_WRITE_8(_thr,_a) zsm_apply64___msm_write((_thr),(_a)) +#define LIBHB_WRITE_N(_thr,_a,_n) zsm_apply_range___msm_read((_thr),(_a),(_n)) + +#define LIBHB_READ_1(_thr,_a) zsm_apply8___msm_read((_thr),(_a)) +#define LIBHB_READ_2(_thr,_a) zsm_apply16___msm_read((_thr),(_a)) +#define LIBHB_READ_4(_thr,_a) zsm_apply32___msm_read((_thr),(_a)) +#define LIBHB_READ_8(_thr,_a) zsm_apply64___msm_read((_thr),(_a)) +#define LIBHB_READ_N(_thr,_a,_n) zsm_apply_range___msm_read((_thr),(_a),(_n)) + +void zsm_apply8___msm_write ( Thr* thr, Addr a ); +void zsm_apply16___msm_write ( Thr* thr, Addr a ); +void zsm_apply32___msm_write ( Thr* thr, Addr a ); +void zsm_apply64___msm_write ( Thr* thr, Addr a ); +void zsm_apply_range___msm_write ( Thr* thr, + Addr a, SizeT len ); + +void zsm_apply8___msm_read ( Thr* thr, Addr a ); +void zsm_apply16___msm_read ( Thr* thr, Addr a ); +void zsm_apply32___msm_read ( Thr* thr, Addr a ); +void zsm_apply64___msm_read ( Thr* thr, Addr a ); +void zsm_apply_range___msm_read ( Thr* thr, + Addr a, SizeT len ); + + +/* Set memory address ranges to new (freshly allocated), or noaccess + (no longer accessible). */ +void libhb_range_new ( Thr*, Addr, SizeT ); +void libhb_range_noaccess ( Thr*, Addr, SizeT ); + +/* For the convenience of callers, we offer to store one void* item in + a Thr, which we ignore, but the caller can get or set any time. */ +void* libhb_get_Thr_opaque ( Thr* ); +void libhb_set_Thr_opaque ( Thr*, void* ); + +/* Low level copy of shadow state from [src,src+len) to [dst,dst+len). + Overlapping moves are checked for and asserted against. */ +void libhb_copy_shadow_state ( Addr src, Addr dst, SizeT len ); + +/* Call this periodically to give libhb the opportunity to + garbage-collect its internal data structures. */ +void libhb_maybe_GC ( void ); + +/* Extract info from the conflicting-access machinery. */ +Bool libhb_event_map_lookup ( /*OUT*/ExeContext** resEC, + /*OUT*/Thr** resThr, + /*OUT*/SizeT* resSzB, + /*OUT*/Bool* resIsW, + Thr* thr, Addr a, SizeT szB, Bool isW ); + +#endif /* __LIBHB_H */ + +/*--------------------------------------------------------------------*/ +/*--- end libhb.h ---*/ +/*--------------------------------------------------------------------*/ diff --git a/helgrind/.svn/text-base/libhb_core.c.svn-base b/helgrind/.svn/text-base/libhb_core.c.svn-base new file mode 100644 index 0000000..572b26b --- /dev/null +++ b/helgrind/.svn/text-base/libhb_core.c.svn-base @@ -0,0 +1,5011 @@ + +/*--------------------------------------------------------------------*/ +/*--- LibHB: a library for implementing and checking ---*/ +/*--- the happens-before relationship in concurrent programs. ---*/ +/*--- libhb_main.c ---*/ +/*--------------------------------------------------------------------*/ + +/* + This file is part of LibHB, a library for implementing and checking + the happens-before relationship in concurrent programs. + + Copyright (C) 2008-2009 OpenWorks Ltd + info@open-works.co.uk + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307, USA. + + The GNU General Public License is contained in the file COPYING. +*/ + +#include "pub_tool_basics.h" +#include "pub_tool_libcassert.h" +#include "pub_tool_libcbase.h" +#include "pub_tool_libcprint.h" +#include "pub_tool_mallocfree.h" +#include "pub_tool_wordfm.h" +#include "pub_tool_sparsewa.h" +#include "pub_tool_xarray.h" +#include "pub_tool_oset.h" +#include "pub_tool_threadstate.h" +#include "pub_tool_aspacemgr.h" +#include "pub_tool_execontext.h" +#include "pub_tool_errormgr.h" +#include "pub_tool_options.h" // VG_(clo_verbosity) +#include "hg_basics.h" +#include "hg_wordset.h" +#include "hg_lock_n_thread.h" +#include "hg_errors.h" + +#include "libhb.h" + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// Debugging #defines // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + +/* Check the sanity of shadow values in the core memory state + machine. Change #if 0 to #if 1 to enable this. */ +#if 0 +# define CHECK_MSM 1 +#else +# define CHECK_MSM 0 +#endif + + +/* Check sanity (reference counts, etc) in the conflicting access + machinery. Change #if 0 to #if 1 to enable this. */ +#if 0 +# define CHECK_CEM 1 +#else +# define CHECK_CEM 0 +#endif + + +/* Check sanity in the compressed shadow memory machinery, + particularly in its caching innards. Unfortunately there's no + almost-zero-cost way to make them selectable at run time. Hence + set the #if 0 to #if 1 and rebuild if you want them. */ +#if 0 +# define CHECK_ZSM 1 /* do sanity-check CacheLine stuff */ +# define inline __attribute__((noinline)) + /* probably want to ditch -fomit-frame-pointer too */ +#else +# define CHECK_ZSM 0 /* don't sanity-check CacheLine stuff */ +#endif + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// Forward declarations // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + +/* fwds for + Globals needed by other parts of the library. These are set + once at startup and then never changed. */ +static void (*main_get_stacktrace)( Thr*, Addr*, UWord ) = NULL; +static ExeContext* (*main_get_EC)( Thr* ) = NULL; + + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION BEGIN compressed shadow memory // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + +#ifndef __HB_ZSM_H +#define __HB_ZSM_H + +typedef ULong SVal; + +/* This value has special significance to the implementation, and callers + may not store it in the shadow memory. */ +#define SVal_INVALID (3ULL << 62) + +/* This is the default value for shadow memory. Initially the shadow + memory contains no accessible areas and so all reads produce this + value. TODO: make this caller-defineable. */ +#define SVal_NOACCESS (2ULL << 62) + +/* Initialise the library. Once initialised, it will (or may) call + rcinc and rcdec in response to all the calls below, in order to + allow the user to do reference counting on the SVals stored herein. + It is important to understand, however, that due to internal + caching, the reference counts are in general inaccurate, and can be + both above or below the true reference count for an item. In + particular, the library may indicate that the reference count for + an item is zero, when in fact it is not. + + To make the reference counting exact and therefore non-pointless, + call zsm_flush_cache. Immediately after it returns, the reference + counts for all items, as deduced by the caller by observing calls + to rcinc and rcdec, will be correct, and so any items with a zero + reference count may be freed (or at least considered to be + unreferenced by this library). +*/ +static void zsm_init ( void(*rcinc)(SVal), void(*rcdec)(SVal) ); + +static void zsm_set_range ( Addr, SizeT, SVal ); +static SVal zsm_read8 ( Addr ); +static void zsm_copy_range ( Addr, Addr, SizeT ); +static void zsm_flush_cache ( void ); + +#endif /* ! __HB_ZSM_H */ + + +/* Round a up to the next multiple of N. N must be a power of 2 */ +#define ROUNDUP(a, N) ((a + N - 1) & ~(N-1)) +/* Round a down to the next multiple of N. N must be a power of 2 */ +#define ROUNDDN(a, N) ((a) & ~(N-1)) + + + +/* ------ User-supplied RC functions ------ */ +static void(*rcinc)(SVal) = NULL; +static void(*rcdec)(SVal) = NULL; + + +/* ------ CacheLine ------ */ + +#define N_LINE_BITS 6 /* must be >= 3 */ +#define N_LINE_ARANGE (1 << N_LINE_BITS) +#define N_LINE_TREES (N_LINE_ARANGE >> 3) + +typedef + struct { + UShort descrs[N_LINE_TREES]; + SVal svals[N_LINE_ARANGE]; // == N_LINE_TREES * 8 + } + CacheLine; + +#define TREE_DESCR_16_0 (1<<0) +#define TREE_DESCR_32_0 (1<<1) +#define TREE_DESCR_16_1 (1<<2) +#define TREE_DESCR_64 (1<<3) +#define TREE_DESCR_16_2 (1<<4) +#define TREE_DESCR_32_1 (1<<5) +#define TREE_DESCR_16_3 (1<<6) +#define TREE_DESCR_8_0 (1<<7) +#define TREE_DESCR_8_1 (1<<8) +#define TREE_DESCR_8_2 (1<<9) +#define TREE_DESCR_8_3 (1<<10) +#define TREE_DESCR_8_4 (1<<11) +#define TREE_DESCR_8_5 (1<<12) +#define TREE_DESCR_8_6 (1<<13) +#define TREE_DESCR_8_7 (1<<14) +#define TREE_DESCR_DTY (1<<15) + +typedef + struct { + SVal dict[4]; /* can represent up to 4 diff values in the line */ + UChar ix2s[N_LINE_ARANGE/4]; /* array of N_LINE_ARANGE 2-bit + dict indexes */ + /* if dict[0] == SVal_INVALID then dict[1] is the index of the + LineF to use, and dict[2..] are also SVal_INVALID. */ + } + LineZ; /* compressed rep for a cache line */ + +typedef + struct { + Bool inUse; + SVal w64s[N_LINE_ARANGE]; + } + LineF; /* full rep for a cache line */ + +/* Shadow memory. + Primary map is a WordFM Addr SecMap*. + SecMaps cover some page-size-ish section of address space and hold + a compressed representation. + CacheLine-sized chunks of SecMaps are copied into a Cache, being + decompressed when moved into the cache and recompressed on the + way out. Because of this, the cache must operate as a writeback + cache, not a writethrough one. + + Each SecMap must hold a power-of-2 number of CacheLines. Hence + N_SECMAP_BITS must >= N_LINE_BITS. +*/ +#define N_SECMAP_BITS 13 +#define N_SECMAP_ARANGE (1 << N_SECMAP_BITS) + +// # CacheLines held by a SecMap +#define N_SECMAP_ZLINES (N_SECMAP_ARANGE / N_LINE_ARANGE) + +/* The data in the SecMap is held in the array of LineZs. Each LineZ + either carries the required data directly, in a compressed + representation, or it holds (in .dict[0]) an index to the LineF in + .linesF that holds the full representation. + + Currently-unused LineF's have their .inUse bit set to zero. + Since each in-use LineF is referred to be exactly one LineZ, + the number of .linesZ[] that refer to .linesF should equal + the number of .linesF[] that have .inUse == True. + + RC obligations: the RCs presented to the user include exactly + the values in: + * direct Z reps, that is, ones for which .dict[0] != SVal_INVALID + * F reps that are in use (.inUse == True) + + Hence the following actions at the following transitions are required: + + F rep: .inUse==True -> .inUse==False -- rcdec_LineF + F rep: .inUse==False -> .inUse==True -- rcinc_LineF + Z rep: .dict[0] from other to SVal_INVALID -- rcdec_LineZ + Z rep: .dict[0] from SVal_INVALID to other -- rcinc_LineZ +*/ +typedef + struct { + UInt magic; + LineZ linesZ[N_SECMAP_ZLINES]; + LineF* linesF; + UInt linesF_size; + } + SecMap; + +#define SecMap_MAGIC 0x571e58cbU + +static inline Bool is_sane_SecMap ( SecMap* sm ) { + return sm != NULL && sm->magic == SecMap_MAGIC; +} + +/* ------ Cache ------ */ + +#define N_WAY_BITS 16 +#define N_WAY_NENT (1 << N_WAY_BITS) + +/* Each tag is the address of the associated CacheLine, rounded down + to a CacheLine address boundary. A CacheLine size must be a power + of 2 and must be 8 or more. Hence an easy way to initialise the + cache so it is empty is to set all the tag values to any value % 8 + != 0, eg 1. This means all queries in the cache initially miss. + It does however require us to detect and not writeback, any line + with a bogus tag. */ +typedef + struct { + CacheLine lyns0[N_WAY_NENT]; + Addr tags0[N_WAY_NENT]; + } + Cache; + +static inline Bool is_valid_scache_tag ( Addr tag ) { + /* a valid tag should be naturally aligned to the start of + a CacheLine. */ + return 0 == (tag & (N_LINE_ARANGE - 1)); +} + + +/* --------- Primary data structures --------- */ + +/* Shadow memory primary map */ +static WordFM* map_shmem = NULL; /* WordFM Addr SecMap* */ +static Cache cache_shmem; + + +static UWord stats__secmaps_search = 0; // # SM finds +static UWord stats__secmaps_search_slow = 0; // # SM lookupFMs +static UWord stats__secmaps_allocd = 0; // # SecMaps issued +static UWord stats__secmap_ga_space_covered = 0; // # ga bytes covered +static UWord stats__secmap_linesZ_allocd = 0; // # LineZ's issued +static UWord stats__secmap_linesZ_bytes = 0; // .. using this much storage +static UWord stats__secmap_linesF_allocd = 0; // # LineF's issued +static UWord stats__secmap_linesF_bytes = 0; // .. using this much storage +static UWord stats__secmap_iterator_steppings = 0; // # calls to stepSMIter +static UWord stats__cache_Z_fetches = 0; // # Z lines fetched +static UWord stats__cache_Z_wbacks = 0; // # Z lines written back +static UWord stats__cache_F_fetches = 0; // # F lines fetched +static UWord stats__cache_F_wbacks = 0; // # F lines written back +static UWord stats__cache_invals = 0; // # cache invals +static UWord stats__cache_flushes = 0; // # cache flushes +static UWord stats__cache_totrefs = 0; // # total accesses +static UWord stats__cache_totmisses = 0; // # misses +static ULong stats__cache_make_New_arange = 0; // total arange made New +static ULong stats__cache_make_New_inZrep = 0; // arange New'd on Z reps +static UWord stats__cline_normalises = 0; // # calls to cacheline_normalise +static UWord stats__cline_read64s = 0; // # calls to s_m_read64 +static UWord stats__cline_read32s = 0; // # calls to s_m_read32 +static UWord stats__cline_read16s = 0; // # calls to s_m_read16 +static UWord stats__cline_read8s = 0; // # calls to s_m_read8 +static UWord stats__cline_write64s = 0; // # calls to s_m_write64 +static UWord stats__cline_write32s = 0; // # calls to s_m_write32 +static UWord stats__cline_write16s = 0; // # calls to s_m_write16 +static UWord stats__cline_write8s = 0; // # calls to s_m_write8 +static UWord stats__cline_set64s = 0; // # calls to s_m_set64 +static UWord stats__cline_set32s = 0; // # calls to s_m_set32 +static UWord stats__cline_set16s = 0; // # calls to s_m_set16 +static UWord stats__cline_set8s = 0; // # calls to s_m_set8 +static UWord stats__cline_get8s = 0; // # calls to s_m_get8 +static UWord stats__cline_copy8s = 0; // # calls to s_m_copy8 +static UWord stats__cline_64to32splits = 0; // # 64-bit accesses split +static UWord stats__cline_32to16splits = 0; // # 32-bit accesses split +static UWord stats__cline_16to8splits = 0; // # 16-bit accesses split +static UWord stats__cline_64to32pulldown = 0; // # calls to pulldown_to_32 +static UWord stats__cline_32to16pulldown = 0; // # calls to pulldown_to_16 +static UWord stats__cline_16to8pulldown = 0; // # calls to pulldown_to_8 + +static inline Addr shmem__round_to_SecMap_base ( Addr a ) { + return a & ~(N_SECMAP_ARANGE - 1); +} +static inline UWord shmem__get_SecMap_offset ( Addr a ) { + return a & (N_SECMAP_ARANGE - 1); +} + + +/*----------------------------------------------------------------*/ +/*--- map_shmem :: WordFM Addr SecMap ---*/ +/*--- shadow memory (low level handlers) (shmem__* fns) ---*/ +/*----------------------------------------------------------------*/ + +/*--------------- SecMap allocation --------------- */ + +static HChar* shmem__bigchunk_next = NULL; +static HChar* shmem__bigchunk_end1 = NULL; + +static void* shmem__bigchunk_alloc ( SizeT n ) +{ + const SizeT sHMEM__BIGCHUNK_SIZE = 4096 * 256 * 4; + tl_assert(n > 0); + n = VG_ROUNDUP(n, 16); + tl_assert(shmem__bigchunk_next <= shmem__bigchunk_end1); + tl_assert(shmem__bigchunk_end1 - shmem__bigchunk_next + <= (SSizeT)sHMEM__BIGCHUNK_SIZE); + if (shmem__bigchunk_next + n > shmem__bigchunk_end1) { + if (0) + VG_(printf)("XXXXX bigchunk: abandoning %d bytes\n", + (Int)(shmem__bigchunk_end1 - shmem__bigchunk_next)); + shmem__bigchunk_next = VG_(am_shadow_alloc)( sHMEM__BIGCHUNK_SIZE ); + if (shmem__bigchunk_next == NULL) + VG_(out_of_memory_NORETURN)( + "helgrind:shmem__bigchunk_alloc", sHMEM__BIGCHUNK_SIZE ); + shmem__bigchunk_end1 = shmem__bigchunk_next + sHMEM__BIGCHUNK_SIZE; + } + tl_assert(shmem__bigchunk_next); + tl_assert( 0 == (((Addr)shmem__bigchunk_next) & (16-1)) ); + tl_assert(shmem__bigchunk_next + n <= shmem__bigchunk_end1); + shmem__bigchunk_next += n; + return shmem__bigchunk_next - n; +} + +static SecMap* shmem__alloc_SecMap ( void ) +{ + Word i, j; + SecMap* sm = shmem__bigchunk_alloc( sizeof(SecMap) ); + if (0) VG_(printf)("alloc_SecMap %p\n",sm); + tl_assert(sm); + sm->magic = SecMap_MAGIC; + for (i = 0; i < N_SECMAP_ZLINES; i++) { + sm->linesZ[i].dict[0] = SVal_NOACCESS; + sm->linesZ[i].dict[1] = SVal_INVALID; + sm->linesZ[i].dict[2] = SVal_INVALID; + sm->linesZ[i].dict[3] = SVal_INVALID; + for (j = 0; j < N_LINE_ARANGE/4; j++) + sm->linesZ[i].ix2s[j] = 0; /* all reference dict[0] */ + } + sm->linesF = NULL; + sm->linesF_size = 0; + stats__secmaps_allocd++; + stats__secmap_ga_space_covered += N_SECMAP_ARANGE; + stats__secmap_linesZ_allocd += N_SECMAP_ZLINES; + stats__secmap_linesZ_bytes += N_SECMAP_ZLINES * sizeof(LineZ); + return sm; +} + +typedef struct { Addr gaKey; SecMap* sm; } SMCacheEnt; +static SMCacheEnt smCache[3] = { {1,NULL}, {1,NULL}, {1,NULL} }; + +static SecMap* shmem__find_SecMap ( Addr ga ) +{ + SecMap* sm = NULL; + Addr gaKey = shmem__round_to_SecMap_base(ga); + // Cache + stats__secmaps_search++; + if (LIKELY(gaKey == smCache[0].gaKey)) + return smCache[0].sm; + if (LIKELY(gaKey == smCache[1].gaKey)) { + SMCacheEnt tmp = smCache[0]; + smCache[0] = smCache[1]; + smCache[1] = tmp; + return smCache[0].sm; + } + if (gaKey == smCache[2].gaKey) { + SMCacheEnt tmp = smCache[1]; + smCache[1] = smCache[2]; + smCache[2] = tmp; + return smCache[1].sm; + } + // end Cache + stats__secmaps_search_slow++; + if (VG_(lookupFM)( map_shmem, + NULL/*keyP*/, (UWord*)&sm, (UWord)gaKey )) { + tl_assert(sm != NULL); + smCache[2] = smCache[1]; + smCache[1] = smCache[0]; + smCache[0].gaKey = gaKey; + smCache[0].sm = sm; + } else { + tl_assert(sm == NULL); + } + return sm; +} + +static SecMap* shmem__find_or_alloc_SecMap ( Addr ga ) +{ + SecMap* sm = shmem__find_SecMap ( ga ); + if (LIKELY(sm)) { + return sm; + } else { + /* create a new one */ + Addr gaKey = shmem__round_to_SecMap_base(ga); + sm = shmem__alloc_SecMap(); + tl_assert(sm); + VG_(addToFM)( map_shmem, (UWord)gaKey, (UWord)sm ); + return sm; + } +} + + +/* ------------ LineF and LineZ related ------------ */ + +static void rcinc_LineF ( LineF* lineF ) { + UWord i; + tl_assert(lineF->inUse); + for (i = 0; i < N_LINE_ARANGE; i++) + rcinc(lineF->w64s[i]); +} + +static void rcdec_LineF ( LineF* lineF ) { + UWord i; + tl_assert(lineF->inUse); + for (i = 0; i < N_LINE_ARANGE; i++) + rcdec(lineF->w64s[i]); +} + +static void rcinc_LineZ ( LineZ* lineZ ) { + tl_assert(lineZ->dict[0] != SVal_INVALID); + rcinc(lineZ->dict[0]); + if (lineZ->dict[1] != SVal_INVALID) rcinc(lineZ->dict[1]); + if (lineZ->dict[2] != SVal_INVALID) rcinc(lineZ->dict[2]); + if (lineZ->dict[3] != SVal_INVALID) rcinc(lineZ->dict[3]); +} + +static void rcdec_LineZ ( LineZ* lineZ ) { + tl_assert(lineZ->dict[0] != SVal_INVALID); + rcdec(lineZ->dict[0]); + if (lineZ->dict[1] != SVal_INVALID) rcdec(lineZ->dict[1]); + if (lineZ->dict[2] != SVal_INVALID) rcdec(lineZ->dict[2]); + if (lineZ->dict[3] != SVal_INVALID) rcdec(lineZ->dict[3]); +} + +inline +static void write_twobit_array ( UChar* arr, UWord ix, UWord b2 ) { + Word bix, shft, mask, prep; + tl_assert(ix >= 0); + bix = ix >> 2; + shft = 2 * (ix & 3); /* 0, 2, 4 or 6 */ + mask = 3 << shft; + prep = b2 << shft; + arr[bix] = (arr[bix] & ~mask) | prep; +} + +inline +static UWord read_twobit_array ( UChar* arr, UWord ix ) { + Word bix, shft; + tl_assert(ix >= 0); + bix = ix >> 2; + shft = 2 * (ix & 3); /* 0, 2, 4 or 6 */ + return (arr[bix] >> shft) & 3; +} + +/* Given address 'tag', find either the Z or F line containing relevant + data, so it can be read into the cache. +*/ +static void find_ZF_for_reading ( /*OUT*/LineZ** zp, + /*OUT*/LineF** fp, Addr tag ) { + LineZ* lineZ; + LineF* lineF; + UWord zix; + SecMap* sm = shmem__find_or_alloc_SecMap(tag); + UWord smoff = shmem__get_SecMap_offset(tag); + /* since smoff is derived from a valid tag, it should be + cacheline-aligned. */ + tl_assert(0 == (smoff & (N_LINE_ARANGE - 1))); + zix = smoff >> N_LINE_BITS; + tl_assert(zix < N_SECMAP_ZLINES); + lineZ = &sm->linesZ[zix]; + lineF = NULL; + if (lineZ->dict[0] == SVal_INVALID) { + UInt fix = (UInt)lineZ->dict[1]; + tl_assert(sm->linesF); + tl_assert(sm->linesF_size > 0); + tl_assert(fix >= 0 && fix < sm->linesF_size); + lineF = &sm->linesF[fix]; + tl_assert(lineF->inUse); + lineZ = NULL; + } + *zp = lineZ; + *fp = lineF; +} + +/* Given address 'tag', return the relevant SecMap and the index of + the LineZ within it, in the expectation that the line is to be + overwritten. Regardless of whether 'tag' is currently associated + with a Z or F representation, to rcdec on the current + representation, in recognition of the fact that the contents are + just about to be overwritten. */ +static __attribute__((noinline)) +void find_Z_for_writing ( /*OUT*/SecMap** smp, + /*OUT*/Word* zixp, + Addr tag ) { + LineZ* lineZ; + LineF* lineF; + UWord zix; + SecMap* sm = shmem__find_or_alloc_SecMap(tag); + UWord smoff = shmem__get_SecMap_offset(tag); + /* since smoff is derived from a valid tag, it should be + cacheline-aligned. */ + tl_assert(0 == (smoff & (N_LINE_ARANGE - 1))); + zix = smoff >> N_LINE_BITS; + tl_assert(zix < N_SECMAP_ZLINES); + lineZ = &sm->linesZ[zix]; + lineF = NULL; + /* re RCs, we are freeing up this LineZ/LineF so that new data can + be parked in it. Hence have to rcdec it accordingly. */ + /* If lineZ has an associated lineF, free it up. */ + if (lineZ->dict[0] == SVal_INVALID) { + UInt fix = (UInt)lineZ->dict[1]; + tl_assert(sm->linesF); + tl_assert(sm->linesF_size > 0); + tl_assert(fix >= 0 && fix < sm->linesF_size); + lineF = &sm->linesF[fix]; + tl_assert(lineF->inUse); + rcdec_LineF(lineF); + lineF->inUse = False; + } else { + rcdec_LineZ(lineZ); + } + *smp = sm; + *zixp = zix; +} + +static __attribute__((noinline)) +void alloc_F_for_writing ( /*MOD*/SecMap* sm, /*OUT*/Word* fixp ) { + UInt i, new_size; + LineF* nyu; + + if (sm->linesF) { + tl_assert(sm->linesF_size > 0); + } else { + tl_assert(sm->linesF_size == 0); + } + + if (sm->linesF) { + for (i = 0; i < sm->linesF_size; i++) { + if (!sm->linesF[i].inUse) { + *fixp = (Word)i; + return; + } + } + } + + /* No free F line found. Expand existing array and try again. */ + new_size = sm->linesF_size==0 ? 1 : 2 * sm->linesF_size; + nyu = HG_(zalloc)( "libhb.aFfw.1 (LineF storage)", + new_size * sizeof(LineF) ); + tl_assert(nyu); + + stats__secmap_linesF_allocd += (new_size - sm->linesF_size); + stats__secmap_linesF_bytes += (new_size - sm->linesF_size) + * sizeof(LineF); + + if (0) + VG_(printf)("SM %p: expand F array from %d to %d\n", + sm, (Int)sm->linesF_size, new_size); + + for (i = 0; i < new_size; i++) + nyu[i].inUse = False; + + if (sm->linesF) { + for (i = 0; i < sm->linesF_size; i++) { + tl_assert(sm->linesF[i].inUse); + nyu[i] = sm->linesF[i]; + } + VG_(memset)(sm->linesF, 0, sm->linesF_size * sizeof(LineF) ); + HG_(free)(sm->linesF); + } + + sm->linesF = nyu; + sm->linesF_size = new_size; + + for (i = 0; i < sm->linesF_size; i++) { + if (!sm->linesF[i].inUse) { + *fixp = (Word)i; + return; + } + } + + /*NOTREACHED*/ + tl_assert(0); +} + + +/* ------------ CacheLine and implicit-tree related ------------ */ + +__attribute__((unused)) +static void pp_CacheLine ( CacheLine* cl ) { + Word i; + if (!cl) { + VG_(printf)("%s","pp_CacheLine(NULL)\n"); + return; + } + for (i = 0; i < N_LINE_TREES; i++) + VG_(printf)(" descr: %04lx\n", (UWord)cl->descrs[i]); + for (i = 0; i < N_LINE_ARANGE; i++) + VG_(printf)(" sval: %08lx\n", (UWord)cl->svals[i]); +} + +static UChar descr_to_validbits ( UShort descr ) +{ + /* a.k.a Party Time for gcc's constant folder */ +# define DESCR(b8_7, b8_6, b8_5, b8_4, b8_3, b8_2, b8_1, b8_0, \ + b16_3, b32_1, b16_2, b64, b16_1, b32_0, b16_0) \ + ( (UShort) ( ( (b8_7) << 14) | ( (b8_6) << 13) | \ + ( (b8_5) << 12) | ( (b8_4) << 11) | \ + ( (b8_3) << 10) | ( (b8_2) << 9) | \ + ( (b8_1) << 8) | ( (b8_0) << 7) | \ + ( (b16_3) << 6) | ( (b32_1) << 5) | \ + ( (b16_2) << 4) | ( (b64) << 3) | \ + ( (b16_1) << 2) | ( (b32_0) << 1) | \ + ( (b16_0) << 0) ) ) + +# define BYTE(bit7, bit6, bit5, bit4, bit3, bit2, bit1, bit0) \ + ( (UChar) ( ( (bit7) << 7) | ( (bit6) << 6) | \ + ( (bit5) << 5) | ( (bit4) << 4) | \ + ( (bit3) << 3) | ( (bit2) << 2) | \ + ( (bit1) << 1) | ( (bit0) << 0) ) ) + + /* these should all get folded out at compile time */ + tl_assert(DESCR(1,0,0,0,0,0,0,0, 0,0,0, 0, 0,0,0) == TREE_DESCR_8_7); + tl_assert(DESCR(0,0,0,0,0,0,0,1, 0,0,0, 0, 0,0,0) == TREE_DESCR_8_0); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 1,0,0, 0, 0,0,0) == TREE_DESCR_16_3); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,1,0, 0, 0,0,0) == TREE_DESCR_32_1); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,0,1, 0, 0,0,0) == TREE_DESCR_16_2); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,0,0, 1, 0,0,0) == TREE_DESCR_64); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,0,0, 0, 1,0,0) == TREE_DESCR_16_1); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,0,0, 0, 0,1,0) == TREE_DESCR_32_0); + tl_assert(DESCR(0,0,0,0,0,0,0,0, 0,0,0, 0, 0,0,1) == TREE_DESCR_16_0); + + switch (descr) { + /* + +--------------------------------- TREE_DESCR_8_7 + | +------------------- TREE_DESCR_8_0 + | | +---------------- TREE_DESCR_16_3 + | | | +-------------- TREE_DESCR_32_1 + | | | | +------------ TREE_DESCR_16_2 + | | | | | +--------- TREE_DESCR_64 + | | | | | | +------ TREE_DESCR_16_1 + | | | | | | | +---- TREE_DESCR_32_0 + | | | | | | | | +-- TREE_DESCR_16_0 + | | | | | | | | | + | | | | | | | | | GRANULARITY, 7 -> 0 */ + case DESCR(1,1,1,1,1,1,1,1, 0,0,0, 0, 0,0,0): /* 8 8 8 8 8 8 8 8 */ + return BYTE(1,1,1,1,1,1,1,1); + case DESCR(1,1,0,0,1,1,1,1, 0,0,1, 0, 0,0,0): /* 8 8 16 8 8 8 8 */ + return BYTE(1,1,0,1,1,1,1,1); + case DESCR(0,0,1,1,1,1,1,1, 1,0,0, 0, 0,0,0): /* 16 8 8 8 8 8 8 */ + return BYTE(0,1,1,1,1,1,1,1); + case DESCR(0,0,0,0,1,1,1,1, 1,0,1, 0, 0,0,0): /* 16 16 8 8 8 8 */ + return BYTE(0,1,0,1,1,1,1,1); + + case DESCR(1,1,1,1,1,1,0,0, 0,0,0, 0, 0,0,1): /* 8 8 8 8 8 8 16 */ + return BYTE(1,1,1,1,1,1,0,1); + case DESCR(1,1,0,0,1,1,0,0, 0,0,1, 0, 0,0,1): /* 8 8 16 8 8 16 */ + return BYTE(1,1,0,1,1,1,0,1); + case DESCR(0,0,1,1,1,1,0,0, 1,0,0, 0, 0,0,1): /* 16 8 8 8 8 16 */ + return BYTE(0,1,1,1,1,1,0,1); + case DESCR(0,0,0,0,1,1,0,0, 1,0,1, 0, 0,0,1): /* 16 16 8 8 16 */ + return BYTE(0,1,0,1,1,1,0,1); + + case DESCR(1,1,1,1,0,0,1,1, 0,0,0, 0, 1,0,0): /* 8 8 8 8 16 8 8 */ + return BYTE(1,1,1,1,0,1,1,1); + case DESCR(1,1,0,0,0,0,1,1, 0,0,1, 0, 1,0,0): /* 8 8 16 16 8 8 */ + return BYTE(1,1,0,1,0,1,1,1); + case DESCR(0,0,1,1,0,0,1,1, 1,0,0, 0, 1,0,0): /* 16 8 8 16 8 8 */ + return BYTE(0,1,1,1,0,1,1,1); + case DESCR(0,0,0,0,0,0,1,1, 1,0,1, 0, 1,0,0): /* 16 16 16 8 8 */ + return BYTE(0,1,0,1,0,1,1,1); + + case DESCR(1,1,1,1,0,0,0,0, 0,0,0, 0, 1,0,1): /* 8 8 8 8 16 16 */ + return BYTE(1,1,1,1,0,1,0,1); + case DESCR(1,1,0,0,0,0,0,0, 0,0,1, 0, 1,0,1): /* 8 8 16 16 16 */ + return BYTE(1,1,0,1,0,1,0,1); + case DESCR(0,0,1,1,0,0,0,0, 1,0,0, 0, 1,0,1): /* 16 8 8 16 16 */ + return BYTE(0,1,1,1,0,1,0,1); + case DESCR(0,0,0,0,0,0,0,0, 1,0,1, 0, 1,0,1): /* 16 16 16 16 */ + return BYTE(0,1,0,1,0,1,0,1); + + case DESCR(0,0,0,0,1,1,1,1, 0,1,0, 0, 0,0,0): /* 32 8 8 8 8 */ + return BYTE(0,0,0,1,1,1,1,1); + case DESCR(0,0,0,0,1,1,0,0, 0,1,0, 0, 0,0,1): /* 32 8 8 16 */ + return BYTE(0,0,0,1,1,1,0,1); + case DESCR(0,0,0,0,0,0,1,1, 0,1,0, 0, 1,0,0): /* 32 16 8 8 */ + return BYTE(0,0,0,1,0,1,1,1); + case DESCR(0,0,0,0,0,0,0,0, 0,1,0, 0, 1,0,1): /* 32 16 16 */ + return BYTE(0,0,0,1,0,1,0,1); + + case DESCR(1,1,1,1,0,0,0,0, 0,0,0, 0, 0,1,0): /* 8 8 8 8 32 */ + return BYTE(1,1,1,1,0,0,0,1); + case DESCR(1,1,0,0,0,0,0,0, 0,0,1, 0, 0,1,0): /* 8 8 16 32 */ + return BYTE(1,1,0,1,0,0,0,1); + case DESCR(0,0,1,1,0,0,0,0, 1,0,0, 0, 0,1,0): /* 16 8 8 32 */ + return BYTE(0,1,1,1,0,0,0,1); + case DESCR(0,0,0,0,0,0,0,0, 1,0,1, 0, 0,1,0): /* 16 16 32 */ + return BYTE(0,1,0,1,0,0,0,1); + + case DESCR(0,0,0,0,0,0,0,0, 0,1,0, 0, 0,1,0): /* 32 32 */ + return BYTE(0,0,0,1,0,0,0,1); + + case DESCR(0,0,0,0,0,0,0,0, 0,0,0, 1, 0,0,0): /* 64 */ + return BYTE(0,0,0,0,0,0,0,1); + + default: return BYTE(0,0,0,0,0,0,0,0); + /* INVALID - any valid descr produces at least one + valid bit in tree[0..7]*/ + } + /* NOTREACHED*/ + tl_assert(0); + +# undef DESCR +# undef BYTE +} + +__attribute__((unused)) +static Bool is_sane_Descr ( UShort descr ) { + return descr_to_validbits(descr) != 0; +} + +static void sprintf_Descr ( /*OUT*/HChar* dst, UShort descr ) { + VG_(sprintf)(dst, + "%d%d%d%d%d%d%d%d %d%d%d %d %d%d%d", + (Int)((descr & TREE_DESCR_8_7) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_6) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_5) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_4) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_3) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_2) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_1) ? 1 : 0), + (Int)((descr & TREE_DESCR_8_0) ? 1 : 0), + (Int)((descr & TREE_DESCR_16_3) ? 1 : 0), + (Int)((descr & TREE_DESCR_32_1) ? 1 : 0), + (Int)((descr & TREE_DESCR_16_2) ? 1 : 0), + (Int)((descr & TREE_DESCR_64) ? 1 : 0), + (Int)((descr & TREE_DESCR_16_1) ? 1 : 0), + (Int)((descr & TREE_DESCR_32_0) ? 1 : 0), + (Int)((descr & TREE_DESCR_16_0) ? 1 : 0) + ); +} +static void sprintf_Byte ( /*OUT*/HChar* dst, UChar byte ) { + VG_(sprintf)(dst, "%d%d%d%d%d%d%d%d", + (Int)((byte & 128) ? 1 : 0), + (Int)((byte & 64) ? 1 : 0), + (Int)((byte & 32) ? 1 : 0), + (Int)((byte & 16) ? 1 : 0), + (Int)((byte & 8) ? 1 : 0), + (Int)((byte & 4) ? 1 : 0), + (Int)((byte & 2) ? 1 : 0), + (Int)((byte & 1) ? 1 : 0) + ); +} + +static Bool is_sane_Descr_and_Tree ( UShort descr, SVal* tree ) { + Word i; + UChar validbits = descr_to_validbits(descr); + HChar buf[128], buf2[128]; + if (validbits == 0) + goto bad; + for (i = 0; i < 8; i++) { + if (validbits & (1<<i)) { + if (tree[i] == SVal_INVALID) + goto bad; + } else { + if (tree[i] != SVal_INVALID) + goto bad; + } + } + return True; + bad: + sprintf_Descr( buf, descr ); + sprintf_Byte( buf2, validbits ); + VG_(printf)("%s","is_sane_Descr_and_Tree: bad tree {\n"); + VG_(printf)(" validbits 0x%02lx %s\n", (UWord)validbits, buf2); + VG_(printf)(" descr 0x%04lx %s\n", (UWord)descr, buf); + for (i = 0; i < 8; i++) + VG_(printf)(" [%ld] 0x%016llx\n", i, tree[i]); + VG_(printf)("%s","}\n"); + return 0; +} + +static Bool is_sane_CacheLine ( CacheLine* cl ) +{ + Word tno, cloff; + + if (!cl) goto bad; + + for (tno = 0, cloff = 0; tno < N_LINE_TREES; tno++, cloff += 8) { + UShort descr = cl->descrs[tno]; + SVal* tree = &cl->svals[cloff]; + if (!is_sane_Descr_and_Tree(descr, tree)) + goto bad; + } + tl_assert(cloff == N_LINE_ARANGE); + return True; + bad: + pp_CacheLine(cl); + return False; +} + +static UShort normalise_tree ( /*MOD*/SVal* tree ) +{ + UShort descr; + /* pre: incoming tree[0..7] does not have any invalid shvals, in + particular no zeroes. */ + if (UNLIKELY(tree[7] == SVal_INVALID || tree[6] == SVal_INVALID + || tree[5] == SVal_INVALID || tree[4] == SVal_INVALID + || tree[3] == SVal_INVALID || tree[2] == SVal_INVALID + || tree[1] == SVal_INVALID || tree[0] == SVal_INVALID)) + tl_assert(0); + + descr = TREE_DESCR_8_7 | TREE_DESCR_8_6 | TREE_DESCR_8_5 + | TREE_DESCR_8_4 | TREE_DESCR_8_3 | TREE_DESCR_8_2 + | TREE_DESCR_8_1 | TREE_DESCR_8_0; + /* build 16-bit layer */ + if (tree[1] == tree[0]) { + tree[1] = SVal_INVALID; + descr &= ~(TREE_DESCR_8_1 | TREE_DESCR_8_0); + descr |= TREE_DESCR_16_0; + } + if (tree[3] == tree[2]) { + tree[3] = SVal_INVALID; + descr &= ~(TREE_DESCR_8_3 | TREE_DESCR_8_2); + descr |= TREE_DESCR_16_1; + } + if (tree[5] == tree[4]) { + tree[5] = SVal_INVALID; + descr &= ~(TREE_DESCR_8_5 | TREE_DESCR_8_4); + descr |= TREE_DESCR_16_2; + } + if (tree[7] == tree[6]) { + tree[7] = SVal_INVALID; + descr &= ~(TREE_DESCR_8_7 | TREE_DESCR_8_6); + descr |= TREE_DESCR_16_3; + } + /* build 32-bit layer */ + if (tree[2] == tree[0] + && (descr & TREE_DESCR_16_1) && (descr & TREE_DESCR_16_0)) { + tree[2] = SVal_INVALID; /* [3,1] must already be SVal_INVALID */ + descr &= ~(TREE_DESCR_16_1 | TREE_DESCR_16_0); + descr |= TREE_DESCR_32_0; + } + if (tree[6] == tree[4] + && (descr & TREE_DESCR_16_3) && (descr & TREE_DESCR_16_2)) { + tree[6] = SVal_INVALID; /* [7,5] must already be SVal_INVALID */ + descr &= ~(TREE_DESCR_16_3 | TREE_DESCR_16_2); + descr |= TREE_DESCR_32_1; + } + /* build 64-bit layer */ + if (tree[4] == tree[0] + && (descr & TREE_DESCR_32_1) && (descr & TREE_DESCR_32_0)) { + tree[4] = SVal_INVALID; /* [7,6,5,3,2,1] must already be SVal_INVALID */ + descr &= ~(TREE_DESCR_32_1 | TREE_DESCR_32_0); + descr |= TREE_DESCR_64; + } + return descr; +} + +/* This takes a cacheline where all the data is at the leaves + (w8[..]) and builds a correctly normalised tree. */ +static void normalise_CacheLine ( /*MOD*/CacheLine* cl ) +{ + Word tno, cloff; + for (tno = 0, cloff = 0; tno < N_LINE_TREES; tno++, cloff += 8) { + SVal* tree = &cl->svals[cloff]; + cl->descrs[tno] = normalise_tree( tree ); + } + tl_assert(cloff == N_LINE_ARANGE); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + stats__cline_normalises++; +} + + +typedef struct { UChar count; SVal sval; } CountedSVal; + +static +void sequentialise_CacheLine ( /*OUT*/CountedSVal* dst, + /*OUT*/Word* dstUsedP, + Word nDst, CacheLine* src ) +{ + Word tno, cloff, dstUsed; + + tl_assert(nDst == N_LINE_ARANGE); + dstUsed = 0; + + for (tno = 0, cloff = 0; tno < N_LINE_TREES; tno++, cloff += 8) { + UShort descr = src->descrs[tno]; + SVal* tree = &src->svals[cloff]; + + /* sequentialise the tree described by (descr,tree). */ +# define PUT(_n,_v) \ + do { dst[dstUsed ].count = (_n); \ + dst[dstUsed++].sval = (_v); \ + } while (0) + + /* byte 0 */ + if (descr & TREE_DESCR_64) PUT(8, tree[0]); else + if (descr & TREE_DESCR_32_0) PUT(4, tree[0]); else + if (descr & TREE_DESCR_16_0) PUT(2, tree[0]); else + if (descr & TREE_DESCR_8_0) PUT(1, tree[0]); + /* byte 1 */ + if (descr & TREE_DESCR_8_1) PUT(1, tree[1]); + /* byte 2 */ + if (descr & TREE_DESCR_16_1) PUT(2, tree[2]); else + if (descr & TREE_DESCR_8_2) PUT(1, tree[2]); + /* byte 3 */ + if (descr & TREE_DESCR_8_3) PUT(1, tree[3]); + /* byte 4 */ + if (descr & TREE_DESCR_32_1) PUT(4, tree[4]); else + if (descr & TREE_DESCR_16_2) PUT(2, tree[4]); else + if (descr & TREE_DESCR_8_4) PUT(1, tree[4]); + /* byte 5 */ + if (descr & TREE_DESCR_8_5) PUT(1, tree[5]); + /* byte 6 */ + if (descr & TREE_DESCR_16_3) PUT(2, tree[6]); else + if (descr & TREE_DESCR_8_6) PUT(1, tree[6]); + /* byte 7 */ + if (descr & TREE_DESCR_8_7) PUT(1, tree[7]); + +# undef PUT + /* END sequentialise the tree described by (descr,tree). */ + + } + tl_assert(cloff == N_LINE_ARANGE); + tl_assert(dstUsed <= nDst); + + *dstUsedP = dstUsed; +} + +/* Write the cacheline 'wix' to backing store. Where it ends up + is determined by its tag field. */ +static __attribute__((noinline)) void cacheline_wback ( UWord wix ) +{ + Word i, j, k, m; + Addr tag; + SecMap* sm; + CacheLine* cl; + LineZ* lineZ; + LineF* lineF; + Word zix, fix, csvalsUsed; + CountedSVal csvals[N_LINE_ARANGE]; + SVal sv; + + if (0) + VG_(printf)("scache wback line %d\n", (Int)wix); + + tl_assert(wix >= 0 && wix < N_WAY_NENT); + + tag = cache_shmem.tags0[wix]; + cl = &cache_shmem.lyns0[wix]; + + /* The cache line may have been invalidated; if so, ignore it. */ + if (!is_valid_scache_tag(tag)) + return; + + /* Where are we going to put it? */ + sm = NULL; + lineZ = NULL; + lineF = NULL; + zix = fix = -1; + + /* find the Z line to write in and rcdec it or the associated F + line. */ + find_Z_for_writing( &sm, &zix, tag ); + + tl_assert(sm); + tl_assert(zix >= 0 && zix < N_SECMAP_ZLINES); + lineZ = &sm->linesZ[zix]; + + /* Generate the data to be stored */ + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + + csvalsUsed = -1; + sequentialise_CacheLine( csvals, &csvalsUsed, + N_LINE_ARANGE, cl ); + tl_assert(csvalsUsed >= 1 && csvalsUsed <= N_LINE_ARANGE); + if (0) VG_(printf)("%lu ", csvalsUsed); + + lineZ->dict[0] = lineZ->dict[1] + = lineZ->dict[2] = lineZ->dict[3] = SVal_INVALID; + + /* i indexes actual shadow values, k is cursor in csvals */ + i = 0; + for (k = 0; k < csvalsUsed; k++) { + + sv = csvals[k].sval; + if (CHECK_ZSM) + tl_assert(csvals[k].count >= 1 && csvals[k].count <= 8); + /* do we already have it? */ + if (sv == lineZ->dict[0]) { j = 0; goto dict_ok; } + if (sv == lineZ->dict[1]) { j = 1; goto dict_ok; } + if (sv == lineZ->dict[2]) { j = 2; goto dict_ok; } + if (sv == lineZ->dict[3]) { j = 3; goto dict_ok; } + /* no. look for a free slot. */ + if (CHECK_ZSM) + tl_assert(sv != SVal_INVALID); + if (lineZ->dict[0] + == SVal_INVALID) { lineZ->dict[0] = sv; j = 0; goto dict_ok; } + if (lineZ->dict[1] + == SVal_INVALID) { lineZ->dict[1] = sv; j = 1; goto dict_ok; } + if (lineZ->dict[2] + == SVal_INVALID) { lineZ->dict[2] = sv; j = 2; goto dict_ok; } + if (lineZ->dict[3] + == SVal_INVALID) { lineZ->dict[3] = sv; j = 3; goto dict_ok; } + break; /* we'll have to use the f rep */ + dict_ok: + m = csvals[k].count; + if (m == 8) { + write_twobit_array( lineZ->ix2s, i+0, j ); + write_twobit_array( lineZ->ix2s, i+1, j ); + write_twobit_array( lineZ->ix2s, i+2, j ); + write_twobit_array( lineZ->ix2s, i+3, j ); + write_twobit_array( lineZ->ix2s, i+4, j ); + write_twobit_array( lineZ->ix2s, i+5, j ); + write_twobit_array( lineZ->ix2s, i+6, j ); + write_twobit_array( lineZ->ix2s, i+7, j ); + i += 8; + } + else if (m == 4) { + write_twobit_array( lineZ->ix2s, i+0, j ); + write_twobit_array( lineZ->ix2s, i+1, j ); + write_twobit_array( lineZ->ix2s, i+2, j ); + write_twobit_array( lineZ->ix2s, i+3, j ); + i += 4; + } + else if (m == 1) { + write_twobit_array( lineZ->ix2s, i+0, j ); + i += 1; + } + else if (m == 2) { + write_twobit_array( lineZ->ix2s, i+0, j ); + write_twobit_array( lineZ->ix2s, i+1, j ); + i += 2; + } + else { + tl_assert(0); /* 8 4 2 or 1 are the only legitimate values for m */ + } + + } + + if (LIKELY(i == N_LINE_ARANGE)) { + /* Construction of the compressed representation was + successful. */ + rcinc_LineZ(lineZ); + stats__cache_Z_wbacks++; + } else { + /* Cannot use the compressed(z) representation. Use the full(f) + rep instead. */ + tl_assert(i >= 0 && i < N_LINE_ARANGE); + alloc_F_for_writing( sm, &fix ); + tl_assert(sm->linesF); + tl_assert(sm->linesF_size > 0); + tl_assert(fix >= 0 && fix < (Word)sm->linesF_size); + lineF = &sm->linesF[fix]; + tl_assert(!lineF->inUse); + lineZ->dict[0] = lineZ->dict[2] = lineZ->dict[3] = SVal_INVALID; + lineZ->dict[1] = (SVal)fix; + lineF->inUse = True; + i = 0; + for (k = 0; k < csvalsUsed; k++) { + if (CHECK_ZSM) + tl_assert(csvals[k].count >= 1 && csvals[k].count <= 8); + sv = csvals[k].sval; + if (CHECK_ZSM) + tl_assert(sv != SVal_INVALID); + for (m = csvals[k].count; m > 0; m--) { + lineF->w64s[i] = sv; + i++; + } + } + tl_assert(i == N_LINE_ARANGE); + rcinc_LineF(lineF); + stats__cache_F_wbacks++; + } +} + +/* Fetch the cacheline 'wix' from the backing store. The tag + associated with 'wix' is assumed to have already been filled in; + hence that is used to determine where in the backing store to read + from. */ +static __attribute__((noinline)) void cacheline_fetch ( UWord wix ) +{ + Word i; + Addr tag; + CacheLine* cl; + LineZ* lineZ; + LineF* lineF; + + if (0) + VG_(printf)("scache fetch line %d\n", (Int)wix); + + tl_assert(wix >= 0 && wix < N_WAY_NENT); + + tag = cache_shmem.tags0[wix]; + cl = &cache_shmem.lyns0[wix]; + + /* reject nonsense requests */ + tl_assert(is_valid_scache_tag(tag)); + + lineZ = NULL; + lineF = NULL; + find_ZF_for_reading( &lineZ, &lineF, tag ); + tl_assert( (lineZ && !lineF) || (!lineZ && lineF) ); + + /* expand the data into the bottom layer of the tree, then get + cacheline_normalise to build the descriptor array. */ + if (lineF) { + tl_assert(lineF->inUse); + for (i = 0; i < N_LINE_ARANGE; i++) { + cl->svals[i] = lineF->w64s[i]; + } + stats__cache_F_fetches++; + } else { + for (i = 0; i < N_LINE_ARANGE; i++) { + SVal sv; + UWord ix = read_twobit_array( lineZ->ix2s, i ); + /* correct, but expensive: tl_assert(ix >= 0 && ix <= 3); */ + sv = lineZ->dict[ix]; + tl_assert(sv != SVal_INVALID); + cl->svals[i] = sv; + } + stats__cache_Z_fetches++; + } + normalise_CacheLine( cl ); +} + +static void shmem__invalidate_scache ( void ) { + Word wix; + if (0) VG_(printf)("%s","scache inval\n"); + tl_assert(!is_valid_scache_tag(1)); + for (wix = 0; wix < N_WAY_NENT; wix++) { + cache_shmem.tags0[wix] = 1/*INVALID*/; + } + stats__cache_invals++; +} + +static void shmem__flush_and_invalidate_scache ( void ) { + Word wix; + Addr tag; + if (0) VG_(printf)("%s","scache flush and invalidate\n"); + tl_assert(!is_valid_scache_tag(1)); + for (wix = 0; wix < N_WAY_NENT; wix++) { + tag = cache_shmem.tags0[wix]; + if (tag == 1/*INVALID*/) { + /* already invalid; nothing to do */ + } else { + tl_assert(is_valid_scache_tag(tag)); + cacheline_wback( wix ); + } + cache_shmem.tags0[wix] = 1/*INVALID*/; + } + stats__cache_flushes++; + stats__cache_invals++; +} + + +static inline Bool aligned16 ( Addr a ) { + return 0 == (a & 1); +} +static inline Bool aligned32 ( Addr a ) { + return 0 == (a & 3); +} +static inline Bool aligned64 ( Addr a ) { + return 0 == (a & 7); +} +static inline UWord get_cacheline_offset ( Addr a ) { + return (UWord)(a & (N_LINE_ARANGE - 1)); +} +static inline Addr cacheline_ROUNDUP ( Addr a ) { + return ROUNDUP(a, N_LINE_ARANGE); +} +static inline Addr cacheline_ROUNDDN ( Addr a ) { + return ROUNDDN(a, N_LINE_ARANGE); +} +static inline UWord get_treeno ( Addr a ) { + return get_cacheline_offset(a) >> 3; +} +static inline UWord get_tree_offset ( Addr a ) { + return a & 7; +} + +static __attribute__((noinline)) + CacheLine* get_cacheline_MISS ( Addr a ); /* fwds */ +static inline CacheLine* get_cacheline ( Addr a ) +{ + /* tag is 'a' with the in-line offset masked out, + eg a[31]..a[4] 0000 */ + Addr tag = a & ~(N_LINE_ARANGE - 1); + UWord wix = (a >> N_LINE_BITS) & (N_WAY_NENT - 1); + stats__cache_totrefs++; + if (LIKELY(tag == cache_shmem.tags0[wix])) { + return &cache_shmem.lyns0[wix]; + } else { + return get_cacheline_MISS( a ); + } +} + +static __attribute__((noinline)) + CacheLine* get_cacheline_MISS ( Addr a ) +{ + /* tag is 'a' with the in-line offset masked out, + eg a[31]..a[4] 0000 */ + + CacheLine* cl; + Addr* tag_old_p; + Addr tag = a & ~(N_LINE_ARANGE - 1); + UWord wix = (a >> N_LINE_BITS) & (N_WAY_NENT - 1); + + tl_assert(tag != cache_shmem.tags0[wix]); + + /* Dump the old line into the backing store. */ + stats__cache_totmisses++; + + cl = &cache_shmem.lyns0[wix]; + tag_old_p = &cache_shmem.tags0[wix]; + + if (is_valid_scache_tag( *tag_old_p )) { + /* EXPENSIVE and REDUNDANT: callee does it */ + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + cacheline_wback( wix ); + } + /* and reload the new one */ + *tag_old_p = tag; + cacheline_fetch( wix ); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + return cl; +} + +static UShort pulldown_to_32 ( /*MOD*/SVal* tree, UWord toff, UShort descr ) { + stats__cline_64to32pulldown++; + switch (toff) { + case 0: case 4: + tl_assert(descr & TREE_DESCR_64); + tree[4] = tree[0]; + descr &= ~TREE_DESCR_64; + descr |= (TREE_DESCR_32_1 | TREE_DESCR_32_0); + break; + default: + tl_assert(0); + } + return descr; +} + +static UShort pulldown_to_16 ( /*MOD*/SVal* tree, UWord toff, UShort descr ) { + stats__cline_32to16pulldown++; + switch (toff) { + case 0: case 2: + if (!(descr & TREE_DESCR_32_0)) { + descr = pulldown_to_32(tree, 0, descr); + } + tl_assert(descr & TREE_DESCR_32_0); + tree[2] = tree[0]; + descr &= ~TREE_DESCR_32_0; + descr |= (TREE_DESCR_16_1 | TREE_DESCR_16_0); + break; + case 4: case 6: + if (!(descr & TREE_DESCR_32_1)) { + descr = pulldown_to_32(tree, 4, descr); + } + tl_assert(descr & TREE_DESCR_32_1); + tree[6] = tree[4]; + descr &= ~TREE_DESCR_32_1; + descr |= (TREE_DESCR_16_3 | TREE_DESCR_16_2); + break; + default: + tl_assert(0); + } + return descr; +} + +static UShort pulldown_to_8 ( /*MOD*/SVal* tree, UWord toff, UShort descr ) { + stats__cline_16to8pulldown++; + switch (toff) { + case 0: case 1: + if (!(descr & TREE_DESCR_16_0)) { + descr = pulldown_to_16(tree, 0, descr); + } + tl_assert(descr & TREE_DESCR_16_0); + tree[1] = tree[0]; + descr &= ~TREE_DESCR_16_0; + descr |= (TREE_DESCR_8_1 | TREE_DESCR_8_0); + break; + case 2: case 3: + if (!(descr & TREE_DESCR_16_1)) { + descr = pulldown_to_16(tree, 2, descr); + } + tl_assert(descr & TREE_DESCR_16_1); + tree[3] = tree[2]; + descr &= ~TREE_DESCR_16_1; + descr |= (TREE_DESCR_8_3 | TREE_DESCR_8_2); + break; + case 4: case 5: + if (!(descr & TREE_DESCR_16_2)) { + descr = pulldown_to_16(tree, 4, descr); + } + tl_assert(descr & TREE_DESCR_16_2); + tree[5] = tree[4]; + descr &= ~TREE_DESCR_16_2; + descr |= (TREE_DESCR_8_5 | TREE_DESCR_8_4); + break; + case 6: case 7: + if (!(descr & TREE_DESCR_16_3)) { + descr = pulldown_to_16(tree, 6, descr); + } + tl_assert(descr & TREE_DESCR_16_3); + tree[7] = tree[6]; + descr &= ~TREE_DESCR_16_3; + descr |= (TREE_DESCR_8_7 | TREE_DESCR_8_6); + break; + default: + tl_assert(0); + } + return descr; +} + + +static UShort pullup_descr_to_16 ( UShort descr, UWord toff ) { + UShort mask; + switch (toff) { + case 0: + mask = TREE_DESCR_8_1 | TREE_DESCR_8_0; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_16_0; + break; + case 2: + mask = TREE_DESCR_8_3 | TREE_DESCR_8_2; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_16_1; + break; + case 4: + mask = TREE_DESCR_8_5 | TREE_DESCR_8_4; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_16_2; + break; + case 6: + mask = TREE_DESCR_8_7 | TREE_DESCR_8_6; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_16_3; + break; + default: + tl_assert(0); + } + return descr; +} + +static UShort pullup_descr_to_32 ( UShort descr, UWord toff ) { + UShort mask; + switch (toff) { + case 0: + if (!(descr & TREE_DESCR_16_0)) + descr = pullup_descr_to_16(descr, 0); + if (!(descr & TREE_DESCR_16_1)) + descr = pullup_descr_to_16(descr, 2); + mask = TREE_DESCR_16_1 | TREE_DESCR_16_0; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_32_0; + break; + case 4: + if (!(descr & TREE_DESCR_16_2)) + descr = pullup_descr_to_16(descr, 4); + if (!(descr & TREE_DESCR_16_3)) + descr = pullup_descr_to_16(descr, 6); + mask = TREE_DESCR_16_3 | TREE_DESCR_16_2; + tl_assert( (descr & mask) == mask ); + descr &= ~mask; + descr |= TREE_DESCR_32_1; + break; + default: + tl_assert(0); + } + return descr; +} + +static Bool valid_value_is_above_me_32 ( UShort descr, UWord toff ) { + switch (toff) { + case 0: case 4: + return 0 != (descr & TREE_DESCR_64); + default: + tl_assert(0); + } +} + +static Bool valid_value_is_below_me_16 ( UShort descr, UWord toff ) { + switch (toff) { + case 0: + return 0 != (descr & (TREE_DESCR_8_1 | TREE_DESCR_8_0)); + case 2: + return 0 != (descr & (TREE_DESCR_8_3 | TREE_DESCR_8_2)); + case 4: + return 0 != (descr & (TREE_DESCR_8_5 | TREE_DESCR_8_4)); + case 6: + return 0 != (descr & (TREE_DESCR_8_7 | TREE_DESCR_8_6)); + default: + tl_assert(0); + } +} + +/* ------------ Cache management ------------ */ + +static void zsm_flush_cache ( void ) +{ + shmem__flush_and_invalidate_scache(); +} + + +static void zsm_init ( void(*p_rcinc)(SVal), void(*p_rcdec)(SVal) ) +{ + tl_assert( sizeof(UWord) == sizeof(Addr) ); + + rcinc = p_rcinc; + rcdec = p_rcdec; + + tl_assert(map_shmem == NULL); + map_shmem = VG_(newFM)( HG_(zalloc), "libhb.zsm_init.1 (map_shmem)", + HG_(free), + NULL/*unboxed UWord cmp*/); + tl_assert(map_shmem != NULL); + shmem__invalidate_scache(); + + /* a SecMap must contain an integral number of CacheLines */ + tl_assert(0 == (N_SECMAP_ARANGE % N_LINE_ARANGE)); + /* also ... a CacheLine holds an integral number of trees */ + tl_assert(0 == (N_LINE_ARANGE % 8)); +} + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION END compressed shadow memory // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION BEGIN vts primitives // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + +#ifndef __HB_VTS_H +#define __HB_VTS_H + +/* VtsIDs can't exceed 30 bits, since they have to be packed into the + lowest 30 bits of an SVal. */ +typedef UInt VtsID; +#define VtsID_INVALID 0xFFFFFFFF + +/* A VTS contains .ts, its vector clock, and also .id, a field to hold + a backlink for the caller's convenience. Since we have no idea + what to set that to in the library, it always gets set to + VtsID_INVALID. */ +typedef + struct { + VtsID id; + XArray* ts; /* XArray* ScalarTS(abstract) */ + } + VTS; + + +/* Create a new, empty VTS. */ +VTS* VTS__new ( void ); + +/* Delete this VTS in its entirety. */ +void VTS__delete ( VTS* vts ); + +/* Create a new singleton VTS. */ +VTS* VTS__singleton ( Thr* thr, ULong tym ); + +/* Return a new VTS in which vts[me]++, so to speak. 'vts' itself is + not modified. */ +VTS* VTS__tick ( Thr* me, VTS* vts ); + +/* Return a new VTS constructed as the join (max) of the 2 args. + Neither arg is modified. */ +VTS* VTS__join ( VTS* a, VTS* b ); + +/* Compute the partial ordering relation of the two args. */ +typedef + enum { POrd_EQ=4, POrd_LT, POrd_GT, POrd_UN } + POrd; + +POrd VTS__cmp ( VTS* a, VTS* b ); + +/* Compute an arbitrary structural (total) ordering on the two args, + based on their VCs, so they can be looked up in a table, tree, etc. + Returns -1, 0 or 1. */ +Word VTS__cmp_structural ( VTS* a, VTS* b ); + +/* Debugging only. Display the given VTS in the buffer. */ +void VTS__show ( HChar* buf, Int nBuf, VTS* vts ); + +/* Debugging only. Return vts[index], so to speak. */ +ULong VTS__indexAt_SLOW ( VTS* vts, Thr* idx ); + +#endif /* ! __HB_VTS_H */ + + +/*--------------- to do with Vector Timestamps ---------------*/ + +/* Scalar Timestamp */ +typedef + struct { + Thr* thr; + ULong tym; + } + ScalarTS; + + +static Bool is_sane_VTS ( VTS* vts ) +{ + UWord i, n; + ScalarTS *st1, *st2; + if (!vts) return False; + if (!vts->ts) return False; + n = VG_(sizeXA)( vts->ts ); + if (n >= 2) { + for (i = 0; i < n-1; i++) { + st1 = VG_(indexXA)( vts->ts, i ); + st2 = VG_(indexXA)( vts->ts, i+1 ); + if (st1->thr >= st2->thr) + return False; + if (st1->tym == 0 || st2->tym == 0) + return False; + } + } + return True; +} + + +/* Create a new, empty VTS. +*/ +VTS* VTS__new ( void ) +{ + VTS* vts; + vts = HG_(zalloc)( "libhb.VTS__new.1", sizeof(VTS) ); + tl_assert(vts); + vts->id = VtsID_INVALID; + vts->ts = VG_(newXA)( HG_(zalloc), "libhb.VTS__new.2", + HG_(free), sizeof(ScalarTS) ); + tl_assert(vts->ts); + return vts; +} + + +/* Delete this VTS in its entirety. +*/ +void VTS__delete ( VTS* vts ) +{ + tl_assert(vts); + tl_assert(vts->ts); + VG_(deleteXA)( vts->ts ); + HG_(free)(vts); +} + + +/* Create a new singleton VTS. +*/ +VTS* VTS__singleton ( Thr* thr, ULong tym ) { + ScalarTS st; + VTS* vts; + tl_assert(thr); + tl_assert(tym >= 1); + vts = VTS__new(); + st.thr = thr; + st.tym = tym; + VG_(addToXA)( vts->ts, &st ); + return vts; +} + + +/* Return a new VTS in which vts[me]++, so to speak. 'vts' itself is + not modified. +*/ +VTS* VTS__tick ( Thr* me, VTS* vts ) +{ + ScalarTS* here = NULL; + ScalarTS tmp; + VTS* res; + Word i, n; + tl_assert(me); + tl_assert(is_sane_VTS(vts)); + //if (0) VG_(printf)("tick vts thrno %ld szin %d\n", + // (Word)me->errmsg_index, (Int)VG_(sizeXA)(vts) ); + res = VTS__new(); + n = VG_(sizeXA)( vts->ts ); + + /* main loop doesn't handle zero-entry case correctly, so + special-case it. */ + if (n == 0) { + tmp.thr = me; + tmp.tym = 1; + VG_(addToXA)( res->ts, &tmp ); + tl_assert(is_sane_VTS(res)); + return res; + } + + for (i = 0; i < n; i++) { + here = VG_(indexXA)( vts->ts, i ); + if (me < here->thr) { + /* We just went past 'me', without seeing it. */ + tmp.thr = me; + tmp.tym = 1; + VG_(addToXA)( res->ts, &tmp ); + tmp = *here; + VG_(addToXA)( res->ts, &tmp ); + i++; + break; + } + else if (me == here->thr) { + tmp = *here; + tmp.tym++; + VG_(addToXA)( res->ts, &tmp ); + i++; + break; + } + else /* me > here->thr */ { + tmp = *here; + VG_(addToXA)( res->ts, &tmp ); + } + } + tl_assert(i >= 0 && i <= n); + if (i == n && here && here->thr < me) { + tmp.thr = me; + tmp.tym = 1; + VG_(addToXA)( res->ts, &tmp ); + } else { + for (/*keepgoing*/; i < n; i++) { + here = VG_(indexXA)( vts->ts, i ); + tmp = *here; + VG_(addToXA)( res->ts, &tmp ); + } + } + tl_assert(is_sane_VTS(res)); + //if (0) VG_(printf)("tick vts thrno %ld szou %d\n", + // (Word)me->errmsg_index, (Int)VG_(sizeXA)(res) ); + return res; +} + + +/* Return a new VTS constructed as the join (max) of the 2 args. + Neither arg is modified. +*/ +VTS* VTS__join ( VTS* a, VTS* b ) +{ + Word ia, ib, useda, usedb; + ULong tyma, tymb, tymMax; + Thr* thr; + VTS* res; + + tl_assert(a && a->ts); + tl_assert(b && b->ts); + useda = VG_(sizeXA)( a->ts ); + usedb = VG_(sizeXA)( b->ts ); + + res = VTS__new(); + ia = ib = 0; + + while (1) { + + /* This logic is to enumerate triples (thr, tyma, tymb) drawn + from a and b in order, where thr is the next Thr* + occurring in either a or b, and tyma/b are the relevant + scalar timestamps, taking into account implicit zeroes. */ + tl_assert(ia >= 0 && ia <= useda); + tl_assert(ib >= 0 && ib <= usedb); + + if (ia == useda && ib == usedb) { + /* both empty - done */ + break; + + } else if (ia == useda && ib != usedb) { + /* a empty, use up b */ + ScalarTS* tmpb = VG_(indexXA)( b->ts, ib ); + thr = tmpb->thr; + tyma = 0; + tymb = tmpb->tym; + ib++; + + } else if (ia != useda && ib == usedb) { + /* b empty, use up a */ + ScalarTS* tmpa = VG_(indexXA)( a->ts, ia ); + thr = tmpa->thr; + tyma = tmpa->tym; + tymb = 0; + ia++; + + } else { + /* both not empty; extract lowest-Thr*'d triple */ + ScalarTS* tmpa = VG_(indexXA)( a->ts, ia ); + ScalarTS* tmpb = VG_(indexXA)( b->ts, ib ); + if (tmpa->thr < tmpb->thr) { + /* a has the lowest unconsidered Thr* */ + thr = tmpa->thr; + tyma = tmpa->tym; + tymb = 0; + ia++; + } else if (tmpa->thr > tmpb->thr) { + /* b has the lowest unconsidered Thr* */ + thr = tmpb->thr; + tyma = 0; + tymb = tmpb->tym; + ib++; + } else { + /* they both next mention the same Thr* */ + tl_assert(tmpa->thr == tmpb->thr); + thr = tmpa->thr; /* == tmpb->thr */ + tyma = tmpa->tym; + tymb = tmpb->tym; + ia++; + ib++; + } + } + + /* having laboriously determined (thr, tyma, tymb), do something + useful with it. */ + tymMax = tyma > tymb ? tyma : tymb; + if (tymMax > 0) { + ScalarTS st; + st.thr = thr; + st.tym = tymMax; + VG_(addToXA)( res->ts, &st ); + } + + } + + tl_assert(is_sane_VTS( res )); + + return res; +} + + +/* Compute the partial ordering relation of the two args. +*/ +POrd VTS__cmp ( VTS* a, VTS* b ) +{ + Word ia, ib, useda, usedb; + ULong tyma, tymb; + + Bool all_leq = True; + Bool all_geq = True; + + tl_assert(a && a->ts); + tl_assert(b && b->ts); + useda = VG_(sizeXA)( a->ts ); + usedb = VG_(sizeXA)( b->ts ); + + ia = ib = 0; + + while (1) { + + /* This logic is to enumerate doubles (tyma, tymb) drawn + from a and b in order, and tyma/b are the relevant + scalar timestamps, taking into account implicit zeroes. */ + tl_assert(ia >= 0 && ia <= useda); + tl_assert(ib >= 0 && ib <= usedb); + + if (ia == useda && ib == usedb) { + /* both empty - done */ + break; + + } else if (ia == useda && ib != usedb) { + /* a empty, use up b */ + ScalarTS* tmpb = VG_(indexXA)( b->ts, ib ); + tyma = 0; + tymb = tmpb->tym; + ib++; + + } else if (ia != useda && ib == usedb) { + /* b empty, use up a */ + ScalarTS* tmpa = VG_(indexXA)( a->ts, ia ); + tyma = tmpa->tym; + tymb = 0; + ia++; + + } else { + /* both not empty; extract lowest-Thr*'d triple */ + ScalarTS* tmpa = VG_(indexXA)( a->ts, ia ); + ScalarTS* tmpb = VG_(indexXA)( b->ts, ib ); + if (tmpa->thr < tmpb->thr) { + /* a has the lowest unconsidered Thr* */ + tyma = tmpa->tym; + tymb = 0; + ia++; + } + else + if (tmpa->thr > tmpb->thr) { + /* b has the lowest unconsidered Thr* */ + tyma = 0; + tymb = tmpb->tym; + ib++; + } else { + /* they both next mention the same Thr* */ + tl_assert(tmpa->thr == tmpb->thr); + tyma = tmpa->tym; + tymb = tmpb->tym; + ia++; + ib++; + } + } + + /* having laboriously determined (tyma, tymb), do something + useful with it. */ + if (tyma < tymb) + all_geq = False; + if (tyma > tymb) + all_leq = False; + } + + if (all_leq && all_geq) + return POrd_EQ; + /* now we know they aren't equal, so either all_leq or all_geq or + both are false. */ + if (all_leq) + return POrd_LT; + if (all_geq) + return POrd_GT; + /* hmm, neither all_geq or all_leq. This means unordered. */ + return POrd_UN; +} + + +/* Compute an arbitrary structural (total) ordering on the two args, + based on their VCs, so they can be looked up in a table, tree, etc. + Returns -1, 0 or 1. (really just 'deriving Ord' :-) +*/ +Word VTS__cmp_structural ( VTS* a, VTS* b ) +{ + /* We just need to generate an arbitrary total ordering based on + a->ts and b->ts. Preferably do it in a way which comes across likely + differences relatively quickly. */ + Word i, useda, usedb; + ScalarTS *tmpa, *tmpb; + + tl_assert(a && a->ts); + tl_assert(b && b->ts); + useda = VG_(sizeXA)( a->ts ); + usedb = VG_(sizeXA)( b->ts ); + + if (useda < usedb) return -1; + if (useda > usedb) return 1; + + /* Same length vectors, so let's step through them together. */ + tl_assert(useda == usedb); + for (i = 0; i < useda; i++) { + tmpa = VG_(indexXA)( a->ts, i ); + tmpb = VG_(indexXA)( b->ts, i ); + if (tmpa->tym < tmpb->tym) return -1; + if (tmpa->tym > tmpb->tym) return 1; + if (tmpa->thr < tmpb->thr) return -1; + if (tmpa->thr > tmpb->thr) return 1; + } + + /* They're identical. */ + return 0; +} + + +/* Debugging only. Display the given VTS in the buffer. +*/ +void VTS__show ( HChar* buf, Int nBuf, VTS* vts ) { + ScalarTS* st; + HChar unit[64]; + Word i, n; + Int avail = nBuf; + tl_assert(vts && vts->ts); + tl_assert(nBuf > 16); + buf[0] = '['; + buf[1] = 0; + n = VG_(sizeXA)( vts->ts ); + for (i = 0; i < n; i++) { + tl_assert(avail >= 40); + st = VG_(indexXA)( vts->ts, i ); + VG_(memset)(unit, 0, sizeof(unit)); + VG_(sprintf)(unit, i < n-1 ? "%p:%lld " : "%p:%lld", + st->thr, st->tym); + if (avail < VG_(strlen)(unit) + 40/*let's say*/) { + VG_(strcat)(buf, " ...]"); + buf[nBuf-1] = 0; + return; + } + VG_(strcat)(buf, unit); + avail -= VG_(strlen)(unit); + } + VG_(strcat)(buf, "]"); + buf[nBuf-1] = 0; +} + + +/* Debugging only. Return vts[index], so to speak. +*/ +ULong VTS__indexAt_SLOW ( VTS* vts, Thr* idx ) { + UWord i, n; + tl_assert(vts && vts->ts); + n = VG_(sizeXA)( vts->ts ); + for (i = 0; i < n; i++) { + ScalarTS* st = VG_(indexXA)( vts->ts, i ); + if (st->thr == idx) + return st->tym; + } + return 0; +} + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION END vts primitives // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION BEGIN main library // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + + +///////////////////////////////////////////////////////// +// // +// VTS set // +// // +///////////////////////////////////////////////////////// + +static WordFM* /* VTS* void void */ vts_set = NULL; + +static void vts_set_init ( void ) +{ + tl_assert(!vts_set); + vts_set = VG_(newFM)( HG_(zalloc), "libhb.vts_set_init.1", + HG_(free), + (Word(*)(UWord,UWord))VTS__cmp_structural ); + tl_assert(vts_set); +} + +/* Given a newly made VTS, look in vts_set to see if we already have + an identical one. If yes, free up this one and return instead a + pointer to the existing one. If no, add this one to the set and + return the same pointer. Caller differentiates the two cases by + comparing returned pointer with the supplied one (although that + does require that the supplied VTS is not already in the set). +*/ +static VTS* vts_set__find_and_dealloc__or_add ( VTS* cand ) +{ + UWord keyW, valW; + /* lookup cand (by value) */ + if (VG_(lookupFM)( vts_set, &keyW, &valW, (UWord)cand )) { + /* found it */ + tl_assert(valW == 0); + /* if this fails, cand (by ref) was already present (!) */ + tl_assert(keyW != (UWord)cand); + VTS__delete(cand); + return (VTS*)keyW; + } else { + /* not present. Add and return pointer to same. */ + VG_(addToFM)( vts_set, (UWord)cand, 0/*val is unused*/ ); + return cand; + } +} + + +///////////////////////////////////////////////////////// +// // +// VTS table // +// // +///////////////////////////////////////////////////////// + +static void VtsID__invalidate_caches ( void ); /* fwds */ + +/* A type to hold VTS table entries. Invariants: + If .vts == NULL, then this entry is not in use, so: + - .rc == 0 + - this entry is on the freelist (unfortunately, does not imply + any constraints on value for .nextfree) + If .vts != NULL, then this entry is in use: + - .vts is findable in vts_set + - .vts->id == this entry number + - no specific value for .rc (even 0 is OK) + - this entry is not on freelist, so .nextfree == VtsID_INVALID +*/ +typedef + struct { + VTS* vts; /* vts, in vts_set */ + UWord rc; /* reference count - enough for entire aspace */ + VtsID freelink; /* chain for free entries, VtsID_INVALID at end */ + } + VtsTE; + +/* The VTS table. */ +static XArray* /* of VtsTE */ vts_tab = NULL; + +/* An index into the VTS table, indicating the start of the list of + free (available for use) entries. If the list is empty, this is + VtsID_INVALID. */ +static VtsID vts_tab_freelist = VtsID_INVALID; + +/* Do a GC of vts_tab when the freelist becomes empty AND the size of + vts_tab equals or exceeds this size. After GC, the value here is + set appropriately so as to check for the next GC point. */ +static Word vts_next_GC_at = 1000; + +static void vts_tab_init ( void ) +{ + vts_tab + = VG_(newXA)( HG_(zalloc), "libhb.vts_tab_init.1", + HG_(free), sizeof(VtsTE) ); + vts_tab_freelist + = VtsID_INVALID; + tl_assert(vts_tab); +} + +/* Add ii to the free list, checking that it looks out-of-use. */ +static void add_to_free_list ( VtsID ii ) +{ + VtsTE* ie = VG_(indexXA)( vts_tab, ii ); + tl_assert(ie->vts == NULL); + tl_assert(ie->rc == 0); + tl_assert(ie->freelink == VtsID_INVALID); + ie->freelink = vts_tab_freelist; + vts_tab_freelist = ii; +} + +/* Get an entry from the free list. This will return VtsID_INVALID if + the free list is empty. */ +static VtsID get_from_free_list ( void ) +{ + VtsID ii; + VtsTE* ie; + if (vts_tab_freelist == VtsID_INVALID) + return VtsID_INVALID; + ii = vts_tab_freelist; + ie = VG_(indexXA)( vts_tab, ii ); + tl_assert(ie->vts == NULL); + tl_assert(ie->rc == 0); + vts_tab_freelist = ie->freelink; + return ii; +} + +/* Produce a new VtsID that can be used, either by getting it from + the freelist, or, if that is empty, by expanding vts_tab. */ +static VtsID get_new_VtsID ( void ) +{ + VtsID ii; + VtsTE te; + ii = get_from_free_list(); + if (ii != VtsID_INVALID) + return ii; + te.vts = NULL; + te.rc = 0; + te.freelink = VtsID_INVALID; + ii = (VtsID)VG_(addToXA)( vts_tab, &te ); + return ii; +} + + +/* Indirect callback from lib_zsm. */ +static void VtsID__rcinc ( VtsID ii ) +{ + VtsTE* ie; + /* VG_(indexXA) does a range check for us */ + ie = VG_(indexXA)( vts_tab, ii ); + tl_assert(ie->vts); /* else it's not in use */ + tl_assert(ie->rc < ~0UL); /* else we can't continue */ + tl_assert(ie->vts->id == ii); + ie->rc++; +} + +/* Indirect callback from lib_zsm. */ +static void VtsID__rcdec ( VtsID ii ) +{ + VtsTE* ie; + /* VG_(indexXA) does a range check for us */ + ie = VG_(indexXA)( vts_tab, ii ); + tl_assert(ie->vts); /* else it's not in use */ + tl_assert(ie->rc > 0); /* else RC snafu */ + tl_assert(ie->vts->id == ii); + ie->rc--; +} + + +/* Look up 'cand' in our collection of VTSs. If present, deallocate + it and return the VtsID for the pre-existing version. If not + present, add it to both vts_tab and vts_set, allocate a fresh VtsID + for it, and return that. */ +static VtsID vts_tab__find_and_dealloc__or_add ( VTS* cand ) +{ + VTS* auld; + tl_assert(cand->id == VtsID_INVALID); + auld = vts_set__find_and_dealloc__or_add(cand); + if (auld != cand) { + /* We already have an Aulde one. Use that. */ + VtsTE* ie; + tl_assert(auld->id != VtsID_INVALID); + ie = VG_(indexXA)( vts_tab, auld->id ); + tl_assert(ie->vts == auld); + return auld->id; + } else { + VtsID ii = get_new_VtsID(); + VtsTE* ie = VG_(indexXA)( vts_tab, ii ); + ie->vts = cand; + ie->rc = 0; + ie->freelink = VtsID_INVALID; + cand->id = ii; + return ii; + } +} + + +static void show_vts_stats ( HChar* caller ) +{ + UWord nSet, nTab, nLive; + ULong totrc; + UWord n, i; + nSet = VG_(sizeFM)( vts_set ); + nTab = VG_(sizeXA)( vts_tab ); + totrc = 0; + nLive = 0; + n = VG_(sizeXA)( vts_tab ); + for (i = 0; i < n; i++) { + VtsTE* ie = VG_(indexXA)( vts_tab, i ); + if (ie->vts) { + nLive++; + totrc += (ULong)ie->rc; + } else { + tl_assert(ie->rc == 0); + } + } + VG_(printf)(" show_vts_stats %s\n", caller); + VG_(printf)(" vts_tab size %4lu\n", nTab); + VG_(printf)(" vts_tab live %4lu\n", nLive); + VG_(printf)(" vts_set size %4lu\n", nSet); + VG_(printf)(" total rc %4llu\n", totrc); +} + +/* NOT TO BE CALLED FROM WITHIN libzsm. */ +__attribute__((noinline)) +static void vts_tab__do_GC ( Bool show_stats ) +{ + UWord i, nTab, nLive, nFreed; + + /* check this is actually necessary. */ + tl_assert(vts_tab_freelist == VtsID_INVALID); + + /* empty the caches for partial order checks and binary joins. We + could do better and prune out the entries to be deleted, but it + ain't worth the hassle. */ + VtsID__invalidate_caches(); + + /* First, make the reference counts up to date. */ + zsm_flush_cache(); + + nTab = VG_(sizeXA)( vts_tab ); + + if (show_stats) { + VG_(printf)("<<GC begins at vts_tab size %lu>>\n", nTab); + show_vts_stats("before GC"); + } + + /* Now we can inspect the entire vts_tab. Any entries + with zero .rc fields are now no longer in use and can be + free list, removed from vts_set, and deleted. */ + nFreed = 0; + for (i = 0; i < nTab; i++) { + Bool present; + UWord oldK = 0, oldV = 0; + VtsTE* te = VG_(indexXA)( vts_tab, i ); + if (te->vts == NULL) { + tl_assert(te->rc == 0); + continue; /* already on the free list (presumably) */ + } + if (te->rc > 0) + continue; /* in use */ + /* Ok, we got one we can free. */ + tl_assert(te->vts->id == i); + /* first, remove it from vts_set. */ + present = VG_(delFromFM)( vts_set, + &oldK, &oldV, (UWord)te->vts ); + tl_assert(present); /* else it isn't in vts_set ?! */ + tl_assert(oldV == 0); /* no info stored in vts_set val fields */ + tl_assert(oldK == (UWord)te->vts); /* else what did delFromFM find?! */ + /* now free the VTS itself */ + VTS__delete(te->vts); + te->vts = NULL; + /* and finally put this entry on the free list */ + tl_assert(te->freelink == VtsID_INVALID); /* can't already be on it */ + add_to_free_list( i ); + nFreed++; + } + + /* Now figure out when the next GC should be. We'll allow the + number of VTSs to double before GCing again. Except of course + that since we can't (or, at least, don't) shrink vts_tab, we + can't set the threshhold value smaller than it. */ + tl_assert(nFreed <= nTab); + nLive = nTab - nFreed; + tl_assert(nLive >= 0 && nLive <= nTab); + vts_next_GC_at = 2 * nLive; + if (vts_next_GC_at < nTab) + vts_next_GC_at = nTab; + + if (show_stats) { + show_vts_stats("after GC"); + VG_(printf)("<<GC ends, next gc at %ld>>\n", vts_next_GC_at); + } + + if (VG_(clo_verbosity) > 1) { + static UInt ctr = 0; + tl_assert(nTab > 0); + VG_(message)(Vg_DebugMsg, + "libhb: VTS GC: #%u old size %lu live %lu (%2llu%%)", + ctr++, nTab, nLive, (100ULL * (ULong)nLive) / (ULong)nTab); + } +} + + +///////////////////////////////////////////////////////// +// // +// Vts IDs // +// // +///////////////////////////////////////////////////////// + +////////////////////////// +static ULong stats__getOrdering_queries = 0; +static ULong stats__getOrdering_misses = 0; +static ULong stats__join2_queries = 0; +static ULong stats__join2_misses = 0; + +static inline UInt ROL32 ( UInt w, Int n ) { + w = (w << n) | (w >> (32-n)); + return w; +} +static inline UInt hash_VtsIDs ( VtsID vi1, VtsID vi2, UInt nTab ) { + UInt hash = ROL32(vi1,19) ^ ROL32(vi2,13); + return hash % nTab; +} + +#define N_GETORDERING_CACHE 1023 +static + struct { VtsID vi1; VtsID vi2; POrd ord; } + getOrdering_cache[N_GETORDERING_CACHE]; + +#define N_JOIN2_CACHE 1023 +static + struct { VtsID vi1; VtsID vi2; VtsID res; } + join2_cache[N_JOIN2_CACHE]; + +static void VtsID__invalidate_caches ( void ) { + Int i; + for (i = 0; i < N_GETORDERING_CACHE; i++) { + getOrdering_cache[i].vi1 = VtsID_INVALID; + getOrdering_cache[i].vi2 = VtsID_INVALID; + getOrdering_cache[i].ord = 0; /* an invalid POrd value */ + } + for (i = 0; i < N_JOIN2_CACHE; i++) { + join2_cache[i].vi1 = VtsID_INVALID; + join2_cache[i].vi2 = VtsID_INVALID; + join2_cache[i].res = VtsID_INVALID; + } +} +////////////////////////// + +//static Bool VtsID__is_valid ( VtsID vi ) { +// VtsTE* ve; +// if (vi >= (VtsID)VG_(sizeXA)( vts_tab )) +// return False; +// ve = VG_(indexXA)( vts_tab, vi ); +// if (!ve->vts) +// return False; +// tl_assert(ve->vts->id == vi); +// return True; +//} + +static VTS* VtsID__to_VTS ( VtsID vi ) { + VtsTE* te = VG_(indexXA)( vts_tab, vi ); + tl_assert(te->vts); + return te->vts; +} + +static void VtsID__pp ( VtsID vi ) { + HChar buf[100]; + VTS* vts = VtsID__to_VTS(vi); + VTS__show( buf, sizeof(buf)-1, vts ); + buf[sizeof(buf)-1] = 0; + VG_(printf)("%s", buf); +} + +/* compute partial ordering relation of vi1 and vi2. */ +__attribute__((noinline)) +static POrd VtsID__getOrdering_WRK ( VtsID vi1, VtsID vi2 ) { + UInt hash; + POrd ord; + VTS *v1, *v2; + //if (vi1 == vi2) return POrd_EQ; + tl_assert(vi1 != vi2); + ////++ + stats__getOrdering_queries++; + hash = hash_VtsIDs(vi1, vi2, N_GETORDERING_CACHE); + if (getOrdering_cache[hash].vi1 == vi1 + && getOrdering_cache[hash].vi2 == vi2) + return getOrdering_cache[hash].ord; + stats__getOrdering_misses++; + ////-- + v1 = VtsID__to_VTS(vi1); + v2 = VtsID__to_VTS(vi2); + ord = VTS__cmp( v1, v2 ); + ////++ + getOrdering_cache[hash].vi1 = vi1; + getOrdering_cache[hash].vi2 = vi2; + getOrdering_cache[hash].ord = ord; + ////-- + return ord; +} +static inline POrd VtsID__getOrdering ( VtsID vi1, VtsID vi2 ) { + return vi1 == vi2 ? POrd_EQ : VtsID__getOrdering_WRK(vi1, vi2); +} + +/* compute binary join */ +__attribute__((noinline)) +static VtsID VtsID__join2_WRK ( VtsID vi1, VtsID vi2 ) { + UInt hash; + VtsID res; + VTS *vts1, *vts2, *nyu; + //if (vi1 == vi2) return vi1; + tl_assert(vi1 != vi2); + ////++ + stats__join2_queries++; + hash = hash_VtsIDs(vi1, vi2, N_JOIN2_CACHE); + if (join2_cache[hash].vi1 == vi1 + && join2_cache[hash].vi2 == vi2) + return join2_cache[hash].res; + stats__join2_misses++; + ////-- + vts1 = VtsID__to_VTS(vi1); + vts2 = VtsID__to_VTS(vi2); + nyu = VTS__join(vts1,vts2); + res = vts_tab__find_and_dealloc__or_add(nyu); + ////++ + join2_cache[hash].vi1 = vi1; + join2_cache[hash].vi2 = vi2; + join2_cache[hash].res = res; + ////-- + return res; +} +static inline VtsID VtsID__join2 ( VtsID vi1, VtsID vi2 ) { + return vi1 == vi2 ? vi1 : VtsID__join2_WRK(vi1, vi2); +} + +/* create a singleton VTS, namely [thr:1] */ +static VtsID VtsID__mk_Singleton ( Thr* thr, ULong tym ) { + VTS* nyu = VTS__singleton(thr,tym); + return vts_tab__find_and_dealloc__or_add(nyu); +} + +/* tick operation, creates value 1 if specified index is absent */ +static VtsID VtsID__tick ( VtsID vi, Thr* idx ) { + VTS* vts = VtsID__to_VTS(vi); + VTS* nyu = VTS__tick(idx,vts); + return vts_tab__find_and_dealloc__or_add(nyu); +} + +/* index into a VTS (only for assertions) */ +static ULong VtsID__indexAt ( VtsID vi, Thr* idx ) { + VTS* vts = VtsID__to_VTS(vi); + return VTS__indexAt_SLOW( vts, idx ); +} + + +///////////////////////////////////////////////////////// +// // +// Threads // +// // +///////////////////////////////////////////////////////// + +struct _Thr { + /* Current VTSs for this thread. They change as we go along. viR + is the VTS to be used for reads, viW for writes. Usually they + are the same, but can differ when we deal with reader-writer + locks. It is always the case that VtsID__getOrdering(viW,viR) + == POrd_LT or POrdEQ -- that is, viW must be the same, or + lagging behind, viR. */ + VtsID viR; + VtsID viW; + /* opaque (to us) data we hold on behalf of the library's user. */ + void* opaque; +}; + +static Thr* Thr__new ( void ) { + Thr* thr = HG_(zalloc)( "libhb.Thr__new.1", sizeof(Thr) ); + thr->viR = VtsID_INVALID; + thr->viW = VtsID_INVALID; + return thr; +} + + +///////////////////////////////////////////////////////// +// // +// Shadow Values // +// // +///////////////////////////////////////////////////////// + +// type SVal, SVal_INVALID and SVal_NOACCESS are defined by +// hb_zsm.h. We have to do everything else here. + +/* SVal is 64 bit unsigned int. + + <---------30---------> <---------30---------> + 00 X-----Rmin-VtsID-----X 00 X-----Wmin-VtsID-----X C(Rmin,Wmin) + 01 X--------------------X XX X--------------------X E(rror) + 10 X--------------------X XX X--------------------X A: SVal_NOACCESS + 11 X--------------------X XX X--------------------X I: SVal_INVALID +*/ +#define SVAL_TAGMASK (3ULL << 62) + +static inline Bool SVal__isC ( SVal s ) { + return (0ULL << 62) == (s & SVAL_TAGMASK); +} +static inline SVal SVal__mkC ( VtsID rmini, VtsID wmini ) { + //tl_assert(VtsID__is_valid(rmini)); + //tl_assert(VtsID__is_valid(wmini)); + return (((ULong)rmini) << 32) | ((ULong)wmini); +} +static inline VtsID SVal__unC_Rmin ( SVal s ) { + tl_assert(SVal__isC(s)); + return (VtsID)(s >> 32); +} +static inline VtsID SVal__unC_Wmin ( SVal s ) { + tl_assert(SVal__isC(s)); + return (VtsID)(s & 0xFFFFFFFFULL); +} + +static Bool SVal__isE ( SVal s ) { + return (1ULL << 62) == (s & SVAL_TAGMASK); +} +static SVal SVal__mkE ( void ) { + return 1ULL << 62; +} + +static Bool SVal__isA ( SVal s ) { + return (2ULL << 62) == (s & SVAL_TAGMASK); +} +static SVal SVal__mkA ( void ) { + return 2ULL << 62; +} + +/* Direct callback from lib_zsm. */ +static void SVal__rcinc ( SVal s ) { + if (SVal__isC(s)) { + VtsID__rcinc( SVal__unC_Rmin(s) ); + VtsID__rcinc( SVal__unC_Wmin(s) ); + } +} + +/* Direct callback from lib_zsm. */ +static void SVal__rcdec ( SVal s ) { + if (SVal__isC(s)) { + VtsID__rcdec( SVal__unC_Rmin(s) ); + VtsID__rcdec( SVal__unC_Wmin(s) ); + } +} + + +///////////////////////////////////////////////////////// +// // +// A simple group (memory) allocator // +// // +///////////////////////////////////////////////////////// + +//////////////// BEGIN general group allocator +typedef + struct { + UWord elemSzB; /* element size */ + UWord nPerGroup; /* # elems per group */ + void* (*alloc)(HChar*, SizeT); /* group allocator */ + HChar* cc; /* group allocator's cc */ + void (*free)(void*); /* group allocator's free-er (unused) */ + /* XArray of void* (pointers to groups). The groups themselves. + Each element is a pointer to a block of size (elemSzB * + nPerGroup) bytes. */ + XArray* groups; + /* next free element. Is a pointer to an element in one of the + groups pointed to by .groups. */ + void* nextFree; + } + GroupAlloc; + +static void init_GroupAlloc ( /*MOD*/GroupAlloc* ga, + UWord elemSzB, + UWord nPerGroup, + void* (*alloc)(HChar*, SizeT), + HChar* cc, + void (*free)(void*) ) +{ + tl_assert(0 == (elemSzB % sizeof(UWord))); + tl_assert(elemSzB >= sizeof(UWord)); + tl_assert(nPerGroup >= 100); /* let's say */ + tl_assert(alloc); + tl_assert(cc); + tl_assert(free); + tl_assert(ga); + VG_(memset)(ga, 0, sizeof(*ga)); + ga->elemSzB = elemSzB; + ga->nPerGroup = nPerGroup; + ga->groups = NULL; + ga->alloc = alloc; + ga->cc = cc; + ga->free = free; + ga->groups = VG_(newXA)( alloc, cc, free, sizeof(void*) ); + ga->nextFree = NULL; + tl_assert(ga->groups); +} + +/* The freelist is empty. Allocate a new group and put all the new + elements in it onto the freelist. */ +__attribute__((noinline)) +static void gal_add_new_group ( GroupAlloc* ga ) +{ + Word i; + UWord* group; + tl_assert(ga); + tl_assert(ga->nextFree == NULL); + group = ga->alloc( ga->cc, ga->elemSzB * ga->nPerGroup ); + tl_assert(group); + /* extend the freelist through the new group. Place the freelist + pointer in the first word of each element. That's why the + element size must be at least one word. */ + for (i = ga->nPerGroup-1; i >= 0; i--) { + UChar* elemC = ((UChar*)group) + i * ga->elemSzB; + UWord* elem = (UWord*)elemC; + tl_assert(0 == (((UWord)elem) % sizeof(UWord))); + *elem = (UWord)ga->nextFree; + ga->nextFree = elem; + } + /* and add to our collection of groups */ + VG_(addToXA)( ga->groups, &group ); +} + +inline static void* gal_Alloc ( GroupAlloc* ga ) +{ + UWord* elem; + if (UNLIKELY(ga->nextFree == NULL)) { + gal_add_new_group(ga); + } + elem = ga->nextFree; + ga->nextFree = (void*)*elem; + *elem = 0; /* unnecessary, but just to be on the safe side */ + return elem; +} + +inline static void* gal_Alloc_w_size_check ( GroupAlloc* ga, SizeT n ) +{ + tl_assert(n == ga->elemSzB); + return gal_Alloc( ga ); +} + +inline static void gal_Free ( GroupAlloc* ga, void* p ) +{ + UWord* elem = (UWord*)p; + *elem = (UWord)ga->nextFree; + ga->nextFree = elem; +} +//////////////// END general group allocator + + +///////////////////////////////////////////////////////// +// // +// Change-event map2 // +// // +///////////////////////////////////////////////////////// + +#define EVENT_MAP_GC_DISCARD_FRACTION 0.5 + +/* This is in two parts: + + 1. An OSet of RCECs. This is a set of reference-counted stack + traces. When the reference count of a stack trace becomes zero, + it is removed from the set and freed up. The intent is to have + a set of stack traces which can be referred to from (2), but to + only represent each one once. The set is indexed/searched by + ordering on the stack trace vectors. + + 2. A SparseWA of OldRefs. These store information about each old + ref that we need to record. It is indexed by address of the + location for which the information is recorded. For LRU + purposes, each OldRef also contains a generation number, + indicating when it was most recently accessed. + + The important part of an OldRef is, however, its accs[] array. + This is an array of N_OLDREF_ACCS which binds (thread, R/W, + size) triples to RCECs. This allows us to collect the last + access-traceback by up to N_OLDREF_ACCS different triples for + this location. The accs[] array is a MTF-array. If a binding + falls off the end, that's too bad -- we will lose info about + that triple's access to this location. + + When the SparseWA becomes too big, we can throw away the OldRefs + whose generation numbers are below some threshold; hence doing + approximate LRU discarding. For each discarded OldRef we must + of course decrement the reference count on the all RCECs it + refers to, in order that entries from (1) eventually get + discarded too. + + A major improvement in reliability of this mechanism would be to + have a dynamically sized OldRef.accs[] array, so no entries ever + fall off the end. In investigations (Dec 08) it appears that a + major cause for the non-availability of conflicting-access traces + in race reports is caused by the fixed size of this array. I + suspect for most OldRefs, only a few entries are used, but for a + minority of cases there is an overflow, leading to info lossage. + Investigations also suggest this is very workload and scheduling + sensitive. Therefore a dynamic sizing would be better. + + However, dynamic sizing would defeat the use of a GroupAllocator + for OldRef structures. And that's important for performance. So + it's not straightforward to do. +*/ + + +static UWord stats__ctxt_rcdec1 = 0; +static UWord stats__ctxt_rcdec2 = 0; +static UWord stats__ctxt_rcdec3 = 0; +static UWord stats__ctxt_rcdec_calls = 0; +static UWord stats__ctxt_rcdec_discards = 0; +static UWord stats__ctxt_rcdec1_eq = 0; + +static UWord stats__ctxt_tab_curr = 0; +static UWord stats__ctxt_tab_max = 0; + +static UWord stats__ctxt_tab_qs = 0; +static UWord stats__ctxt_tab_cmps = 0; + + +/////////////////////////////////////////////////////// +//// Part (1): An OSet of RCECs +/// + +#define N_FRAMES 8 + +// (UInt) `echo "Reference Counted Execution Context" | md5sum` +#define RCEC_MAGIC 0xab88abb2UL + +//#define N_RCEC_TAB 98317 /* prime */ +#define N_RCEC_TAB 196613 /* prime */ + +typedef + struct _RCEC { + UWord magic; /* sanity check only */ + struct _RCEC* next; + UWord rc; + UWord rcX; /* used for crosschecking */ + UWord frames[1 + N_FRAMES]; /* first word is hash of all the rest */ + } + RCEC; + +static RCEC** contextTab = NULL; /* hash table of RCEC*s */ + + +/* Gives an arbitrary total order on RCEC .frames fields */ +static Word RCEC__cmp_by_frames ( RCEC* ec1, RCEC* ec2 ) { + Word i; + tl_assert(ec1 && ec1->magic == RCEC_MAGIC); + tl_assert(ec2 && ec2->magic == RCEC_MAGIC); + if (ec1->frames[0] < ec2->frames[0]) return -1; + if (ec1->frames[0] > ec2->frames[0]) return 1; + for (i = 1; i < 1 + N_FRAMES; i++) { + if (ec1->frames[i] < ec2->frames[i]) return -1; + if (ec1->frames[i] > ec2->frames[i]) return 1; + } + return 0; +} + + +/* Dec the ref of this RCEC. */ +static void ctxt__rcdec ( RCEC* ec ) +{ + stats__ctxt_rcdec_calls++; + tl_assert(ec && ec->magic == RCEC_MAGIC); + tl_assert(ec->rc > 0); + ec->rc--; +} + +static void ctxt__rcinc ( RCEC* ec ) +{ + tl_assert(ec && ec->magic == RCEC_MAGIC); + ec->rc++; +} + + +//////////// BEGIN RCEC group allocator +static GroupAlloc rcec_group_allocator; + +static RCEC* alloc_RCEC ( void ) { + return gal_Alloc ( &rcec_group_allocator ); +} + +static void free_RCEC ( RCEC* rcec ) { + tl_assert(rcec->magic == RCEC_MAGIC); + gal_Free( &rcec_group_allocator, rcec ); +} +//////////// END OldRef group allocator + + +/* Find 'ec' in the RCEC list whose head pointer lives at 'headp' and + move it one step closer the the front of the list, so as to make + subsequent searches for it cheaper. */ +static void move_RCEC_one_step_forward ( RCEC** headp, RCEC* ec ) +{ + RCEC *ec0, *ec1, *ec2; + if (ec == *headp) + tl_assert(0); /* already at head of list */ + tl_assert(ec != NULL); + ec0 = *headp; + ec1 = NULL; + ec2 = NULL; + while (True) { + if (ec0 == NULL || ec0 == ec) break; + ec2 = ec1; + ec1 = ec0; + ec0 = ec0->next; + } + tl_assert(ec0 == ec); + if (ec0 != NULL && ec1 != NULL && ec2 != NULL) { + RCEC* tmp; + /* ec0 points to ec, ec1 to its predecessor, and ec2 to ec1's + predecessor. Swap ec0 and ec1, that is, move ec0 one step + closer to the start of the list. */ + tl_assert(ec2->next == ec1); + tl_assert(ec1->next == ec0); + tmp = ec0->next; + ec2->next = ec0; + ec0->next = ec1; + ec1->next = tmp; + } + else + if (ec0 != NULL && ec1 != NULL && ec2 == NULL) { + /* it's second in the list. */ + tl_assert(*headp == ec1); + tl_assert(ec1->next == ec0); + ec1->next = ec0->next; + ec0->next = ec1; + *headp = ec0; + } +} + + +/* Find the given RCEC in the tree, and return a pointer to it. Or, + if not present, add the given one to the tree (by making a copy of + it, so the caller can immediately deallocate the original) and + return a pointer to the copy. The caller can safely have 'example' + on its stack, since we will always return a pointer to a copy of + it, not to the original. Note that the inserted node will have .rc + of zero and so the caller must immediatly increment it. */ +__attribute__((noinline)) +static RCEC* ctxt__find_or_add ( RCEC* example ) +{ + UWord hent; + RCEC* copy; + tl_assert(example && example->magic == RCEC_MAGIC); + tl_assert(example->rc == 0); + + /* Search the hash table to see if we already have it. */ + stats__ctxt_tab_qs++; + hent = example->frames[0] % N_RCEC_TAB; + copy = contextTab[hent]; + while (1) { + if (!copy) break; + tl_assert(copy->magic == RCEC_MAGIC); + stats__ctxt_tab_cmps++; + if (0 == RCEC__cmp_by_frames(copy, example)) break; + copy = copy->next; + } + + if (copy) { + tl_assert(copy != example); + /* optimisation: if it's not at the head of its list, move 1 + step fwds, to make future searches cheaper */ + if (copy != contextTab[hent]) { + move_RCEC_one_step_forward( &contextTab[hent], copy ); + } + } else { + copy = alloc_RCEC(); + tl_assert(copy != example); + *copy = *example; + copy->next = contextTab[hent]; + contextTab[hent] = copy; + stats__ctxt_tab_curr++; + if (stats__ctxt_tab_curr > stats__ctxt_tab_max) + stats__ctxt_tab_max = stats__ctxt_tab_curr; + } + return copy; +} + +static inline UWord ROLW ( UWord w, Int n ) +{ + Int bpw = 8 * sizeof(UWord); + w = (w << n) | (w >> (bpw-n)); + return w; +} + +__attribute__((noinline)) +static RCEC* get_RCEC ( Thr* thr ) +{ + UWord hash, i; + RCEC example; + example.magic = RCEC_MAGIC; + example.rc = 0; + example.rcX = 0; + main_get_stacktrace( thr, &example.frames[1], N_FRAMES ); + hash = 0; + for (i = 1; i < 1 + N_FRAMES; i++) { + hash ^= example.frames[i]; + hash = ROLW(hash, 19); + } + example.frames[0] = hash; + return ctxt__find_or_add( &example ); +} + +/////////////////////////////////////////////////////// +//// Part (2): +/// A SparseWA guest-addr -> OldRef, that refers to (1) +/// + +// (UInt) `echo "Old Reference Information" | md5sum` +#define OldRef_MAGIC 0x30b1f075UL + +/* Records an access: a thread and a context. The size + (1,2,4,8) and read-or-writeness are also encoded as + follows: bottom bit of .thr is 1 if write, 0 if read + bottom 2 bits of .rcec are encode size: + 00 = 1, 01 = 2, 10 = 4, 11 = 8 +*/ +typedef struct { Thr* thr; RCEC* rcec; } Thr_n_RCEC; + +#define N_OLDREF_ACCS 5 + +typedef + struct { + UWord magic; /* sanity check only */ + UWord gen; /* when most recently accessed */ + /* or free list when not in use */ + /* unused slots in this array have .thr == NULL */ + Thr_n_RCEC accs[N_OLDREF_ACCS]; + } + OldRef; + + +//////////// BEGIN OldRef group allocator +static GroupAlloc oldref_group_allocator; + +static OldRef* alloc_OldRef ( void ) { + return gal_Alloc ( &oldref_group_allocator ); +} + +static void free_OldRef ( OldRef* r ) { + tl_assert(r->magic == OldRef_MAGIC); + gal_Free( &oldref_group_allocator, r ); +} +//////////// END OldRef group allocator + + +static SparseWA* oldrefTree = NULL; /* SparseWA* OldRef* */ +static UWord oldrefGen = 0; /* current LRU generation # */ +static UWord oldrefTreeN = 0; /* # elems in oldrefTree */ +static UWord oldrefGenIncAt = 0; /* inc gen # when size hits this */ + +inline static void* ptr_or_UWord ( void* p, UWord w ) { + return (void*)( ((UWord)p) | ((UWord)w) ); +} +inline static void* ptr_and_UWord ( void* p, UWord w ) { + return (void*)( ((UWord)p) & ((UWord)w) ); +} + +inline static UInt min_UInt ( UInt a, UInt b ) { + return a < b ? a : b; +} + +/* Compare the intervals [a1,a1+n1) and [a2,a2+n2). Return -1 if the + first interval is lower, 1 if the first interval is higher, and 0 + if there is any overlap. Redundant paranoia with casting is there + following what looked distinctly like a bug in gcc-4.1.2, in which + some of the comparisons were done signedly instead of + unsignedly. */ +/* Copied from exp-ptrcheck/sg_main.c */ +static Word cmp_nonempty_intervals ( Addr a1, SizeT n1, + Addr a2, SizeT n2 ) { + UWord a1w = (UWord)a1; + UWord n1w = (UWord)n1; + UWord a2w = (UWord)a2; + UWord n2w = (UWord)n2; + tl_assert(n1w > 0 && n2w > 0); + if (a1w + n1w <= a2w) return -1L; + if (a2w + n2w <= a1w) return 1L; + return 0; +} + +static void event_map_bind ( Addr a, SizeT szB, Bool isW, Thr* thr ) +{ + OldRef* ref; + RCEC* rcec; + Word i, j; + UWord keyW, valW; + Bool b; + + rcec = get_RCEC( thr ); + ctxt__rcinc(rcec); + + /* encode the size and writeness of the transaction in the bottom + two bits of thr and rcec. */ + thr = ptr_or_UWord(thr, isW ? 1 : 0); + switch (szB) { + /* This doesn't look particularly branch-predictor friendly. */ + case 1: rcec = ptr_or_UWord(rcec, 0); break; + case 2: rcec = ptr_or_UWord(rcec, 1); break; + case 4: rcec = ptr_or_UWord(rcec, 2); break; + case 8: rcec = ptr_or_UWord(rcec, 3); break; + default: tl_assert(0); + } + + /* Look in the map to see if we already have this. */ + b = VG_(lookupSWA)( oldrefTree, &keyW, &valW, a ); + + if (b) { + + /* We already have a record for this address. We now need to + see if we have a stack trace pertaining to this (thread, R/W, + size) triple. */ + tl_assert(keyW == a); + ref = (OldRef*)valW; + tl_assert(ref->magic == OldRef_MAGIC); + + tl_assert(thr); + for (i = 0; i < N_OLDREF_ACCS; i++) { + if (ref->accs[i].thr != thr) + continue; + /* since .thr encodes both the accessing thread and the + read/writeness, we know now that at least those features + of the access match this entry. So we just need to check + the size indication. Do this by inspecting the lowest 2 bits of + .rcec, which contain the encoded size info. */ + if (ptr_and_UWord(ref->accs[i].rcec,3) != ptr_and_UWord(rcec,3)) + continue; + /* else we have a match, so stop looking. */ + break; + } + + if (i < N_OLDREF_ACCS) { + /* thread 'thr' has an entry at index 'i'. Update it. */ + if (i > 0) { + Thr_n_RCEC tmp = ref->accs[i-1]; + ref->accs[i-1] = ref->accs[i]; + ref->accs[i] = tmp; + i--; + } + if (rcec == ref->accs[i].rcec) stats__ctxt_rcdec1_eq++; + stats__ctxt_rcdec1++; + ctxt__rcdec( ptr_and_UWord(ref->accs[i].rcec, ~3) ); + ref->accs[i].rcec = rcec; + tl_assert(ref->accs[i].thr == thr); + } else { + /* No entry for this (thread, R/W, size) triple. Shuffle all + of them down one slot, and put the new entry at the start + of the array. */ + if (ref->accs[N_OLDREF_ACCS-1].thr) { + /* the last slot is in use. We must dec the rc on the + associated rcec. */ + tl_assert(ref->accs[N_OLDREF_ACCS-1].rcec); + stats__ctxt_rcdec2++; + if (0 && 0 == (stats__ctxt_rcdec2 & 0xFFF)) + VG_(printf)("QQQQ %lu overflows\n",stats__ctxt_rcdec2); + ctxt__rcdec( ptr_and_UWord(ref->accs[N_OLDREF_ACCS-1].rcec, ~3) ); + } else { + tl_assert(!ref->accs[N_OLDREF_ACCS-1].rcec); + } + for (j = N_OLDREF_ACCS-1; j >= 1; j--) + ref->accs[j] = ref->accs[j-1]; + ref->accs[0].thr = thr; + ref->accs[0].rcec = rcec; + /* thr==NULL is used to signify an empty slot, so we can't + add a NULL thr. */ + tl_assert(ptr_and_UWord(thr, ~3) != 0); + } + + ref->gen = oldrefGen; + + } else { + + /* We don't have a record for this address. Create a new one. */ + if (oldrefTreeN >= oldrefGenIncAt) { + oldrefGen++; + oldrefGenIncAt = oldrefTreeN + 50000; + if (0) VG_(printf)("oldrefTree: new gen %lu at size %lu\n", + oldrefGen, oldrefTreeN ); + } + + ref = alloc_OldRef(); + ref->magic = OldRef_MAGIC; + ref->gen = oldrefGen; + ref->accs[0].rcec = rcec; + ref->accs[0].thr = thr; + /* thr==NULL is used to signify an empty slot, so we can't add a + NULL thr. */ + tl_assert(ptr_and_UWord(thr, ~3) != 0); + for (j = 1; j < N_OLDREF_ACCS; j++) { + ref->accs[j].thr = NULL; + ref->accs[j].rcec = NULL; + } + VG_(addToSWA)( oldrefTree, a, (UWord)ref ); + oldrefTreeN++; + + } +} + + +Bool libhb_event_map_lookup ( /*OUT*/ExeContext** resEC, + /*OUT*/Thr** resThr, + /*OUT*/SizeT* resSzB, + /*OUT*/Bool* resIsW, + Thr* thr, Addr a, SizeT szB, Bool isW ) +{ + Word i, j; + OldRef* ref; + UWord keyW, valW; + Bool b; + + Thr* cand_thr; + RCEC* cand_rcec; + Bool cand_isW; + SizeT cand_szB; + Addr cand_a; + + Addr toCheck[15]; + Int nToCheck = 0; + + tl_assert(thr); + tl_assert(szB == 8 || szB == 4 || szB == 2 || szB == 1); + + toCheck[nToCheck++] = a; + for (i = -7; i < (Word)szB; i++) { + if (i != 0) + toCheck[nToCheck++] = a + i; + } + tl_assert(nToCheck <= 15); + + /* Now see if we can find a suitable matching event for + any of the addresses in toCheck[0 .. nToCheck-1]. */ + for (j = 0; j < nToCheck; j++) { + + cand_a = toCheck[j]; + // VG_(printf)("test %ld %p\n", j, cand_a); + + b = VG_(lookupSWA)( oldrefTree, &keyW, &valW, cand_a ); + if (!b) + continue; + + ref = (OldRef*)valW; + tl_assert(keyW == cand_a); + tl_assert(ref->magic == OldRef_MAGIC); + tl_assert(ref->accs[0].thr); /* first slot must always be used */ + + cand_thr = NULL; + cand_rcec = NULL; + cand_isW = False; + cand_szB = 0; + + for (i = 0; i < N_OLDREF_ACCS; i++) { + Thr_n_RCEC* cand = &ref->accs[i]; + cand_thr = ptr_and_UWord(cand->thr, ~3); + cand_rcec = ptr_and_UWord(cand->rcec, ~3); + /* Decode the writeness from the bottom bit of .thr. */ + cand_isW = 1 == (UWord)ptr_and_UWord(cand->thr, 1); + /* Decode the size from the bottom two bits of .rcec. */ + switch ((UWord)ptr_and_UWord(cand->rcec, 3)) { + case 0: cand_szB = 1; break; + case 1: cand_szB = 2; break; + case 2: cand_szB = 4; break; + case 3: cand_szB = 8; break; + default: tl_assert(0); + } + + if (cand_thr == NULL) + /* This slot isn't in use. Ignore it. */ + continue; + + if (cand_thr == thr) + /* This is an access by the same thread, but we're only + interested in accesses from other threads. Ignore. */ + continue; + + if ((!cand_isW) && (!isW)) + /* We don't want to report a read racing against another + read; that's stupid. So in this case move on. */ + continue; + + if (cmp_nonempty_intervals(a, szB, cand_a, cand_szB) != 0) + /* No overlap with the access we're asking about. Ignore. */ + continue; + + /* We have a match. Stop searching. */ + break; + } + + tl_assert(i >= 0 && i <= N_OLDREF_ACCS); + + if (i < N_OLDREF_ACCS) { + /* return with success */ + tl_assert(cand_thr); + tl_assert(cand_rcec); + tl_assert(cand_rcec->magic == RCEC_MAGIC); + tl_assert(cand_szB >= 1); + *resEC = VG_(make_ExeContext_from_StackTrace)( + &cand_rcec->frames[1], + min_UInt(N_FRAMES, VG_(clo_backtrace_size)) + ); + *resThr = cand_thr; + *resSzB = cand_szB; + *resIsW = cand_isW; + return True; + } + + /* consider next address in toCheck[] */ + } /* for (j = 0; j < nToCheck; j++) */ + + /* really didn't find anything. */ + return False; +} + +static void event_map_init ( void ) +{ + Word i; + + /* Context (RCEC) group allocator */ + init_GroupAlloc ( &rcec_group_allocator, + sizeof(RCEC), + 1000 /* RCECs per group */, + HG_(zalloc), + "libhb.event_map_init.1 (RCEC groups)", + HG_(free) ); + + /* Context table */ + tl_assert(!contextTab); + contextTab = HG_(zalloc)( "libhb.event_map_init.2 (context table)", + N_RCEC_TAB * sizeof(RCEC*) ); + tl_assert(contextTab); + for (i = 0; i < N_RCEC_TAB; i++) + contextTab[i] = NULL; + + /* Oldref group allocator */ + init_GroupAlloc ( &oldref_group_allocator, + sizeof(OldRef), + 1000 /* OldRefs per group */, + HG_(zalloc), + "libhb.event_map_init.3 (OldRef groups)", + HG_(free) ); + + /* Oldref tree */ + tl_assert(!oldrefTree); + oldrefTree = VG_(newSWA)( + HG_(zalloc), + "libhb.event_map_init.4 (oldref tree)", + HG_(free) + ); + tl_assert(oldrefTree); + + oldrefGen = 0; + oldrefGenIncAt = 0; + oldrefTreeN = 0; +} + +static void event_map__check_reference_counts ( Bool before ) +{ + RCEC* rcec; + OldRef* oldref; + Word i; + UWord nEnts = 0; + UWord keyW, valW; + + /* Set the 'check' reference counts to zero. Also, optionally + check that the real reference counts are non-zero. We allow + these to fall to zero before a GC, but the GC must get rid of + all those that are zero, hence none should be zero after a + GC. */ + for (i = 0; i < N_RCEC_TAB; i++) { + for (rcec = contextTab[i]; rcec; rcec = rcec->next) { + nEnts++; + tl_assert(rcec); + tl_assert(rcec->magic == RCEC_MAGIC); + if (!before) + tl_assert(rcec->rc > 0); + rcec->rcX = 0; + } + } + + /* check that the stats are sane */ + tl_assert(nEnts == stats__ctxt_tab_curr); + tl_assert(stats__ctxt_tab_curr <= stats__ctxt_tab_max); + + /* visit all the referencing points, inc check ref counts */ + VG_(initIterSWA)( oldrefTree ); + while (VG_(nextIterSWA)( oldrefTree, &keyW, &valW )) { + oldref = (OldRef*)valW; + tl_assert(oldref->magic == OldRef_MAGIC); + for (i = 0; i < N_OLDREF_ACCS; i++) { + Thr* aThr = ptr_and_UWord(oldref->accs[i].thr, ~3); + RCEC* aRef = ptr_and_UWord(oldref->accs[i].rcec, ~3); + if (aThr) { + tl_assert(aRef); + tl_assert(aRef->magic == RCEC_MAGIC); + aRef->rcX++; + } else { + tl_assert(!aRef); + } + } + } + + /* compare check ref counts with actual */ + for (i = 0; i < N_RCEC_TAB; i++) { + for (rcec = contextTab[i]; rcec; rcec = rcec->next) { + tl_assert(rcec->rc == rcec->rcX); + } + } +} + +__attribute__((noinline)) +static void event_map_maybe_GC ( void ) +{ + OldRef* oldref; + UWord keyW, valW, retained, maxGen; + XArray* refs2del; + Word i, j, n2del; + + UWord* genMap = NULL; + UWord genMap_min = 0; + UWord genMap_size = 0; + + if (LIKELY(oldrefTreeN < HG_(clo_conflict_cache_size))) + return; + + if (0) + VG_(printf)("libhb: event_map GC at size %lu\n", oldrefTreeN); + + /* Check for sane command line params. Limit values must match + those in hg_process_cmd_line_option. */ + tl_assert( HG_(clo_conflict_cache_size) >= 10*1000 ); + tl_assert( HG_(clo_conflict_cache_size) <= 10*1000*1000 ); + + /* Check our counting is sane (expensive) */ + if (CHECK_CEM) + tl_assert(oldrefTreeN == VG_(sizeSWA)( oldrefTree )); + + /* Check the reference counts (expensive) */ + if (CHECK_CEM) + event_map__check_reference_counts( True/*before*/ ); + + /* Compute the distribution of generation values in the ref tree. + There are likely only to be a few different generation numbers + in the whole tree, but we don't know what they are. Hence use a + dynamically resized array of counters. The array is genMap[0 + .. genMap_size-1], where genMap[0] is the count for the + generation number genMap_min, genMap[1] is the count for + genMap_min+1, etc. If a new number is seen outside the range + [genMap_min .. genMap_min + genMap_size - 1] then the array is + copied into a larger array, and genMap_min and genMap_size are + adjusted accordingly. */ + + /* genMap :: generation-number -> count-of-nodes-with-that-number */ + + VG_(initIterSWA)( oldrefTree ); + while ( VG_(nextIterSWA)( oldrefTree, &keyW, &valW )) { + + UWord ea, key; + oldref = (OldRef*)valW; + key = oldref->gen; + + /* BEGIN find 'ea', which is the index in genMap holding the + count for generation number 'key'. */ + if (UNLIKELY(genMap == NULL)) { + /* deal with the first key to be seen, so that the following + cases don't need to handle the complexity of a NULL count + array. */ + genMap_min = key; + genMap_size = 1; + genMap = HG_(zalloc)( "libhb.emmG.1a", + genMap_size * sizeof(UWord) ); + ea = 0; + if (0) VG_(printf)("(%lu) case 1 [%lu .. %lu]\n", + key, genMap_min, genMap_min+genMap_size- 1 ); + } + else + if (LIKELY(key >= genMap_min && key < genMap_min + genMap_size)) { + /* this is the expected (almost-always-happens) case: 'key' + is already mapped in the array. */ + ea = key - genMap_min; + } + else + if (key < genMap_min) { + /* 'key' appears before the start of the current array. + Extend the current array by allocating a larger one and + copying the current one to the upper end of it. */ + Word more; + UWord* map2; + more = genMap_min - key; + tl_assert(more > 0); + map2 = HG_(zalloc)( "libhb.emmG.1b", + (genMap_size + more) * sizeof(UWord) ); + VG_(memcpy)( &map2[more], genMap, genMap_size * sizeof(UWord) ); + HG_(free)( genMap ); + genMap = map2; + genMap_size += more; + genMap_min -= more; + ea = 0; + tl_assert(genMap_min == key); + if (0) VG_(printf)("(%lu) case 2 [%lu .. %lu]\n", + key, genMap_min, genMap_min+genMap_size- 1 ); + } + else { + /* 'key' appears after the end of the current array. Extend + the current array by allocating a larger one and copying + the current one to the lower end of it. */ + Word more; + UWord* map2; + tl_assert(key >= genMap_min + genMap_size); + more = key - (genMap_min + genMap_size) + 1; + tl_assert(more > 0); + map2 = HG_(zalloc)( "libhb.emmG.1c", + (genMap_size + more) * sizeof(UWord) ); + VG_(memcpy)( &map2[0], genMap, genMap_size * sizeof(UWord) ); + HG_(free)( genMap ); + genMap = map2; + genMap_size += more; + ea = genMap_size - 1;; + tl_assert(genMap_min + genMap_size - 1 == key); + if (0) VG_(printf)("(%lu) case 3 [%lu .. %lu]\n", + key, genMap_min, genMap_min+genMap_size- 1 ); + } + /* END find 'ea' from 'key' */ + + tl_assert(ea >= 0 && ea < genMap_size); + /* and the whole point of this elaborate computation of 'ea' is .. */ + genMap[ea]++; + } + + tl_assert(genMap); + tl_assert(genMap_size > 0); + + /* Sanity check what we just computed */ + { UWord sum = 0; + for (i = 0; i < genMap_size; i++) { + if (0) VG_(printf)(" xxx: gen %ld has %lu\n", + i + genMap_min, genMap[i] ); + sum += genMap[i]; + } + tl_assert(sum == oldrefTreeN); + } + + /* Figure out how many generations to throw away */ + retained = oldrefTreeN; + maxGen = 0; + + for (i = 0; i < genMap_size; i++) { + keyW = i + genMap_min; + valW = genMap[i]; + tl_assert(keyW > 0); /* can't allow a generation # 0 */ + if (0) VG_(printf)(" XXX: gen %lu has %lu\n", keyW, valW ); + tl_assert(keyW >= maxGen); + tl_assert(retained >= valW); + if (retained - valW + > (UWord)(HG_(clo_conflict_cache_size) + * EVENT_MAP_GC_DISCARD_FRACTION)) { + retained -= valW; + maxGen = keyW; + } else { + break; + } + } + + HG_(free)(genMap); + + tl_assert(retained >= 0 && retained <= oldrefTreeN); + + /* Now make up a big list of the oldrefTree entries we want to + delete. We can't simultaneously traverse the tree and delete + stuff from it, so first we need to copy them off somewhere + else. (sigh) */ + refs2del = VG_(newXA)( HG_(zalloc), "libhb.emmG.2", + HG_(free), sizeof(Addr) ); + + if (retained < oldrefTreeN) { + + /* This is the normal (expected) case. We discard any ref whose + generation number <= maxGen. */ + VG_(initIterSWA)( oldrefTree ); + while (VG_(nextIterSWA)( oldrefTree, &keyW, &valW )) { + oldref = (OldRef*)valW; + tl_assert(oldref->magic == OldRef_MAGIC); + if (oldref->gen <= maxGen) { + VG_(addToXA)( refs2del, &keyW ); + } + } + if (VG_(clo_verbosity) > 1) { + VG_(message)(Vg_DebugMsg, + "libhb: EvM GC: delete generations %lu and below, " + "retaining %lu entries", + maxGen, retained ); + } + + } else { + + static UInt rand_seed = 0; /* leave as static */ + + /* Degenerate case: there's only one generation in the entire + tree, so we need to have some other way of deciding which + refs to throw away. Just throw out half of them randomly. */ + tl_assert(retained == oldrefTreeN); + VG_(initIterSWA)( oldrefTree ); + while (VG_(nextIterSWA)( oldrefTree, &keyW, &valW )) { + UInt n; + oldref = (OldRef*)valW; + tl_assert(oldref->magic == OldRef_MAGIC); + n = VG_(random)( &rand_seed ); + if ((n & 0xFFF) < 0x800) { + VG_(addToXA)( refs2del, &keyW ); + retained--; + } + } + if (VG_(clo_verbosity) > 1) { + VG_(message)(Vg_DebugMsg, + "libhb: EvM GC: randomly delete half the entries, " + "retaining %lu entries", + retained ); + } + + } + + n2del = VG_(sizeXA)( refs2del ); + tl_assert(n2del == (Word)(oldrefTreeN - retained)); + + if (0) VG_(printf)("%s","deleting entries\n"); + for (i = 0; i < n2del; i++) { + Bool b; + Addr ga2del = *(Addr*)VG_(indexXA)( refs2del, i ); + b = VG_(delFromSWA)( oldrefTree, &keyW, &valW, ga2del ); + tl_assert(b); + tl_assert(keyW == ga2del); + oldref = (OldRef*)valW; + for (j = 0; j < N_OLDREF_ACCS; j++) { + Thr* aThr = ptr_and_UWord(oldref->accs[j].thr, ~3); + RCEC* aRef = ptr_and_UWord(oldref->accs[j].rcec, ~3); + if (aRef) { + tl_assert(aThr); + stats__ctxt_rcdec3++; + ctxt__rcdec( aRef ); + } else { + tl_assert(!aThr); + } + } + + free_OldRef( oldref ); + } + + VG_(deleteXA)( refs2del ); + + tl_assert( VG_(sizeSWA)( oldrefTree ) == retained ); + + oldrefTreeN = retained; + oldrefGenIncAt = oldrefTreeN; /* start new gen right away */ + + /* Throw away all RCECs with zero reference counts */ + for (i = 0; i < N_RCEC_TAB; i++) { + RCEC** pp = &contextTab[i]; + RCEC* p = *pp; + while (p) { + if (p->rc == 0) { + *pp = p->next; + free_RCEC(p); + p = *pp; + tl_assert(stats__ctxt_tab_curr > 0); + stats__ctxt_tab_curr--; + } else { + pp = &p->next; + p = p->next; + } + } + } + + /* Check the reference counts (expensive) */ + if (CHECK_CEM) + event_map__check_reference_counts( False/*after*/ ); + + //if (0) + //VG_(printf)("XXXX final sizes: oldrefTree %ld, contextTree %ld\n\n", + // VG_(OSetGen_Size)(oldrefTree), VG_(OSetGen_Size)(contextTree)); + +} + + +///////////////////////////////////////////////////////// +// // +// Core MSM // +// // +///////////////////////////////////////////////////////// + +/* Logic in msm_read/msm_write updated/verified after re-analysis, + 19 Nov 08. */ + +/* 19 Nov 08: it seems that MSM_RACE2ERR == 1 is a bad idea. When + nonzero, the effect is that when a race is detected for a location, + that location is put into a special 'error' state and no further + checking of it is done until it returns to a 'normal' state, which + requires it to be deallocated and reallocated. + + This is a bad idea, because of the interaction with suppressions. + Suppose there is a race on the location, but the error is + suppressed. The location now is marked as in-error. Now any + subsequent race -- including ones we want to see -- will never be + detected until the location is deallocated and reallocated. + + Hence set MSM_RACE2ERR to zero. This causes raced-on locations to + remain in the normal 'C' (constrained) state, but places on them + the constraint that the next accesses happen-after both the + existing constraint and the relevant vector clock of the thread + doing the racing access. +*/ +#define MSM_RACE2ERR 0 + +static ULong stats__msm_read = 0; +static ULong stats__msm_read_change = 0; +static ULong stats__msm_write = 0; +static ULong stats__msm_write_change = 0; + +__attribute__((noinline)) +static void record_race_info ( Thr* acc_thr, + Addr acc_addr, SizeT szB, Bool isWrite ) +{ + /* Call here to report a race. We just hand it onwards to + HG_(record_error_Race). If that in turn discovers that the + error is going to be collected, then that queries the + conflicting-event map. The alternative would be to query it + right here. But that causes a lot of pointless queries for + errors which will shortly be discarded as duplicates, and can + become a performance overhead; so we defer the query until we + know the error is not a duplicate. */ + tl_assert(acc_thr->opaque); + HG_(record_error_Race)( acc_thr->opaque, acc_addr, + szB, isWrite, NULL/*mb_lastlock*/ ); +} + +static Bool is_sane_SVal_C ( SVal sv ) { + POrd ord; + if (!SVal__isC(sv)) return True; + ord = VtsID__getOrdering( SVal__unC_Rmin(sv), SVal__unC_Wmin(sv) ); + if (ord == POrd_EQ || ord == POrd_LT) return True; + return False; +} + + +/* Compute new state following a read */ +static inline SVal msm_read ( SVal svOld, + /* The following are only needed for + creating error reports. */ + Thr* acc_thr, + Addr acc_addr, SizeT szB ) +{ + SVal svNew = SVal_INVALID; + stats__msm_read++; + + /* Redundant sanity check on the constraints */ + if (CHECK_MSM) { + tl_assert(is_sane_SVal_C(svOld)); + } + + if (SVal__isC(svOld)) { + POrd ord; + VtsID tviR = acc_thr->viR; + VtsID tviW = acc_thr->viW; + VtsID rmini = SVal__unC_Rmin(svOld); + VtsID wmini = SVal__unC_Wmin(svOld); + + ord = VtsID__getOrdering(rmini,tviR); + if (ord == POrd_EQ || ord == POrd_LT) { + /* no race */ + /* Note: RWLOCK subtlety: use tviW, not tviR */ + svNew = SVal__mkC( rmini, VtsID__join2(wmini, tviW) ); + goto out; + } else { + /* assert on sanity of constraints. */ + POrd ordxx = VtsID__getOrdering(rmini,wmini); + tl_assert(ordxx == POrd_EQ || ordxx == POrd_LT); + svNew = MSM_RACE2ERR + ? SVal__mkE() + /* see comments on corresponding fragment in + msm_write for explanation. */ + /* aggressive setting: */ + /* + : SVal__mkC( VtsID__join2(wmini,tviR), + VtsID__join2(wmini,tviW) ); + */ + /* "consistent" setting: */ + : SVal__mkC( VtsID__join2(rmini,tviR), + VtsID__join2(wmini,tviW) ); + record_race_info( acc_thr, acc_addr, szB, False/*!isWrite*/ ); + goto out; + } + } + if (SVal__isA(svOld)) { + /* reading no-access memory (sigh); leave unchanged */ + /* check for no pollution */ + tl_assert(svOld == SVal_NOACCESS); + svNew = SVal_NOACCESS; + goto out; + } + if (SVal__isE(svOld)) { + /* no race, location is already "in error" */ + svNew = SVal__mkE(); + goto out; + } + VG_(printf)("msm_read: bad svOld: 0x%016llx\n", svOld); + tl_assert(0); + + out: + if (CHECK_MSM) { + tl_assert(is_sane_SVal_C(svNew)); + } + tl_assert(svNew != SVal_INVALID); + if (svNew != svOld && HG_(clo_show_conflicts)) { + if (SVal__isC(svOld) && SVal__isC(svNew)) { + event_map_bind( acc_addr, szB, False/*!isWrite*/, acc_thr ); + stats__msm_read_change++; + } + } + return svNew; +} + + +/* Compute new state following a write */ +static inline SVal msm_write ( SVal svOld, + /* The following are only needed for + creating error reports. */ + Thr* acc_thr, + Addr acc_addr, SizeT szB ) +{ + SVal svNew = SVal_INVALID; + stats__msm_write++; + + /* Redundant sanity check on the constraints */ + if (CHECK_MSM) { + tl_assert(is_sane_SVal_C(svOld)); + } + + if (SVal__isC(svOld)) { + POrd ord; + VtsID tviW = acc_thr->viW; + VtsID wmini = SVal__unC_Wmin(svOld); + + ord = VtsID__getOrdering(wmini,tviW); + if (ord == POrd_EQ || ord == POrd_LT) { + /* no race */ + svNew = SVal__mkC( tviW, tviW ); + goto out; + } else { + VtsID tviR = acc_thr->viR; + VtsID rmini = SVal__unC_Rmin(svOld); + /* assert on sanity of constraints. */ + POrd ordxx = VtsID__getOrdering(rmini,wmini); + tl_assert(ordxx == POrd_EQ || ordxx == POrd_LT); + svNew = MSM_RACE2ERR + ? SVal__mkE() + /* One possibility is, after a race is seen, to + set the location's constraints as aggressively + (as far ahead) as possible. However, that just + causes lots more races to be reported, which is + very confusing. Hence don't do this. */ + /* + : SVal__mkC( VtsID__join2(wmini,tviR), + VtsID__join2(wmini,tviW) ); + */ + /* instead, re-set the constraints in a way which + is consistent with (ie, as they would have been + computed anyway) had no race been detected. */ + : SVal__mkC( VtsID__join2(rmini,tviR), + VtsID__join2(wmini,tviW) ); + record_race_info( acc_thr, acc_addr, szB, True/*isWrite*/ ); + goto out; + } + } + if (SVal__isA(svOld)) { + /* writing no-access memory (sigh); leave unchanged */ + /* check for no pollution */ + tl_assert(svOld == SVal_NOACCESS); + svNew = SVal_NOACCESS; + goto out; + } + if (SVal__isE(svOld)) { + /* no race, location is already "in error" */ + svNew = SVal__mkE(); + goto out; + } + VG_(printf)("msm_write: bad svOld: 0x%016llx\n", svOld); + tl_assert(0); + + out: + if (CHECK_MSM) { + tl_assert(is_sane_SVal_C(svNew)); + } + tl_assert(svNew != SVal_INVALID); + if (svNew != svOld && HG_(clo_show_conflicts)) { + if (SVal__isC(svOld) && SVal__isC(svNew)) { + event_map_bind( acc_addr, szB, True/*isWrite*/, acc_thr ); + stats__msm_write_change++; + } + } + return svNew; +} + + +///////////////////////////////////////////////////////// +// // +// Apply core MSM to specific memory locations // +// // +///////////////////////////////////////////////////////// + +/*------------- ZSM accesses: 8 bit apply ------------- */ + +void zsm_apply8___msm_read ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read8s++; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 .. 7 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_8_0 << toff)) )) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_8(tree, toff, descr); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_read( svOld, thr,a,1 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; +} + +void zsm_apply8___msm_write ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read8s++; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 .. 7 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_8_0 << toff)) )) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_8(tree, toff, descr); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_write( svOld, thr,a,1 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; +} + +/*------------- ZSM accesses: 16 bit apply ------------- */ + +void zsm_apply16___msm_read ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read16s++; + if (UNLIKELY(!aligned16(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0, 2, 4 or 6 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_16_0 << toff)) )) { + if (valid_value_is_below_me_16(descr, toff)) { + goto slowcase; + } else { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_16(tree, toff, descr); + } + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_read( svOld, thr,a,2 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_16to8splits++; + zsm_apply8___msm_read( thr, a + 0 ); + zsm_apply8___msm_read( thr, a + 1 ); +} + +void zsm_apply16___msm_write ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read16s++; + if (UNLIKELY(!aligned16(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0, 2, 4 or 6 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_16_0 << toff)) )) { + if (valid_value_is_below_me_16(descr, toff)) { + goto slowcase; + } else { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_16(tree, toff, descr); + } + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_write( svOld, thr,a,2 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_16to8splits++; + zsm_apply8___msm_write( thr, a + 0 ); + zsm_apply8___msm_write( thr, a + 1 ); +} + +/*------------- ZSM accesses: 32 bit apply ------------- */ + +void zsm_apply32___msm_read ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + if (UNLIKELY(!aligned32(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 or 4 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_32_0 << toff)) )) { + if (valid_value_is_above_me_32(descr, toff)) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_32(tree, toff, descr); + } else { + goto slowcase; + } + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_read( svOld, thr,a,4 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_32to16splits++; + zsm_apply16___msm_read( thr, a + 0 ); + zsm_apply16___msm_read( thr, a + 2 ); +} + +void zsm_apply32___msm_write ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + SVal svOld, svNew; + UShort descr; + if (UNLIKELY(!aligned32(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 or 4 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_32_0 << toff)) )) { + if (valid_value_is_above_me_32(descr, toff)) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_32(tree, toff, descr); + } else { + goto slowcase; + } + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + svOld = cl->svals[cloff]; + svNew = msm_write( svOld, thr,a,4 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_32to16splits++; + zsm_apply16___msm_write( thr, a + 0 ); + zsm_apply16___msm_write( thr, a + 2 ); +} + +/*------------- ZSM accesses: 64 bit apply ------------- */ + +void zsm_apply64___msm_read ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno; + //UWord toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read64s++; + if (UNLIKELY(!aligned64(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + //toff = get_tree_offset(a); /* == 0, unused */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & TREE_DESCR_64) )) { + goto slowcase; + } + svOld = cl->svals[cloff]; + svNew = msm_read( svOld, thr,a,8 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_64to32splits++; + zsm_apply32___msm_read( thr, a + 0 ); + zsm_apply32___msm_read( thr, a + 4 ); +} + +void zsm_apply64___msm_write ( Thr* thr, Addr a ) { + CacheLine* cl; + UWord cloff, tno; + //UWord toff; + SVal svOld, svNew; + UShort descr; + stats__cline_read64s++; + if (UNLIKELY(!aligned64(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + //toff = get_tree_offset(a); /* == 0, unused */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & TREE_DESCR_64) )) { + goto slowcase; + } + svOld = cl->svals[cloff]; + svNew = msm_write( svOld, thr,a,8 ); + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; + return; + slowcase: /* misaligned, or must go further down the tree */ + stats__cline_64to32splits++; + zsm_apply32___msm_write( thr, a + 0 ); + zsm_apply32___msm_write( thr, a + 4 ); +} + +/*--------------- ZSM accesses: 8 bit write --------------- */ + +static +void zsm_write8 ( Addr a, SVal svNew ) { + CacheLine* cl; + UWord cloff, tno, toff; + UShort descr; + stats__cline_set8s++; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 .. 7 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_8_0 << toff)) )) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_8(tree, toff, descr); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff] = svNew; +} + +/*--------------- ZSM accesses: 16 bit write --------------- */ + +static +void zsm_write16 ( Addr a, SVal svNew ) { + CacheLine* cl; + UWord cloff, tno, toff; + UShort descr; + stats__cline_set16s++; + if (UNLIKELY(!aligned16(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0, 2, 4 or 6 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_16_0 << toff)) )) { + if (valid_value_is_below_me_16(descr, toff)) { + /* Writing at this level. Need to fix up 'descr'. */ + cl->descrs[tno] = pullup_descr_to_16(descr, toff); + /* At this point, the tree does not match cl->descr[tno] any + more. The assignments below will fix it up. */ + } else { + /* We can't indiscriminately write on the w16 node as in the + w64 case, as that might make the node inconsistent with + its parent. So first, pull down to this level. */ + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_16(tree, toff, descr); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } + } + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff + 0] = svNew; + cl->svals[cloff + 1] = SVal_INVALID; + return; + slowcase: /* misaligned */ + stats__cline_16to8splits++; + zsm_write8( a + 0, svNew ); + zsm_write8( a + 1, svNew ); +} + +/*--------------- ZSM accesses: 32 bit write --------------- */ + +static +void zsm_write32 ( Addr a, SVal svNew ) { + CacheLine* cl; + UWord cloff, tno, toff; + UShort descr; + stats__cline_set32s++; + if (UNLIKELY(!aligned32(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 or 4 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_32_0 << toff)) )) { + if (valid_value_is_above_me_32(descr, toff)) { + /* We can't indiscriminately write on the w32 node as in the + w64 case, as that might make the node inconsistent with + its parent. So first, pull down to this level. */ + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_32(tree, toff, descr); + if (CHECK_ZSM) + tl_assert(is_sane_CacheLine(cl)); /* EXPENSIVE */ + } else { + /* Writing at this level. Need to fix up 'descr'. */ + cl->descrs[tno] = pullup_descr_to_32(descr, toff); + /* At this point, the tree does not match cl->descr[tno] any + more. The assignments below will fix it up. */ + } + } + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff + 0] = svNew; + cl->svals[cloff + 1] = SVal_INVALID; + cl->svals[cloff + 2] = SVal_INVALID; + cl->svals[cloff + 3] = SVal_INVALID; + return; + slowcase: /* misaligned */ + stats__cline_32to16splits++; + zsm_write16( a + 0, svNew ); + zsm_write16( a + 2, svNew ); +} + +/*--------------- ZSM accesses: 64 bit write --------------- */ + +static +void zsm_write64 ( Addr a, SVal svNew ) { + CacheLine* cl; + UWord cloff, tno; + //UWord toff; + stats__cline_set64s++; + if (UNLIKELY(!aligned64(a))) goto slowcase; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + //toff = get_tree_offset(a); /* == 0, unused */ + cl->descrs[tno] = TREE_DESCR_64; + tl_assert(svNew != SVal_INVALID); + cl->svals[cloff + 0] = svNew; + cl->svals[cloff + 1] = SVal_INVALID; + cl->svals[cloff + 2] = SVal_INVALID; + cl->svals[cloff + 3] = SVal_INVALID; + cl->svals[cloff + 4] = SVal_INVALID; + cl->svals[cloff + 5] = SVal_INVALID; + cl->svals[cloff + 6] = SVal_INVALID; + cl->svals[cloff + 7] = SVal_INVALID; + return; + slowcase: /* misaligned */ + stats__cline_64to32splits++; + zsm_write32( a + 0, svNew ); + zsm_write32( a + 4, svNew ); +} + +/*------------- ZSM accesses: 8 bit read/copy ------------- */ + +static +SVal zsm_read8 ( Addr a ) { + CacheLine* cl; + UWord cloff, tno, toff; + UShort descr; + stats__cline_get8s++; + cl = get_cacheline(a); + cloff = get_cacheline_offset(a); + tno = get_treeno(a); + toff = get_tree_offset(a); /* == 0 .. 7 */ + descr = cl->descrs[tno]; + if (UNLIKELY( !(descr & (TREE_DESCR_8_0 << toff)) )) { + SVal* tree = &cl->svals[tno << 3]; + cl->descrs[tno] = pulldown_to_8(tree, toff, descr); + } + return cl->svals[cloff]; +} + +static void zsm_copy8 ( Addr src, Addr dst, Bool uu_normalise ) { + SVal sv; + stats__cline_copy8s++; + sv = zsm_read8( src ); + zsm_write8( dst, sv ); +} + +/* ------------ Shadow memory range setting ops ------------ */ + +void zsm_apply_range___msm_read ( Thr* thr, + Addr a, SizeT len ) +{ + /* fast track a couple of common cases */ + if (len == 4 && aligned32(a)) { + zsm_apply32___msm_read( thr, a ); + return; + } + if (len == 8 && aligned64(a)) { + zsm_apply64___msm_read( thr, a ); + return; + } + + /* be completely general (but as efficient as possible) */ + if (len == 0) return; + + if (!aligned16(a) && len >= 1) { + zsm_apply8___msm_read( thr, a ); + a += 1; + len -= 1; + tl_assert(aligned16(a)); + } + if (len == 0) return; + + if (!aligned32(a) && len >= 2) { + zsm_apply16___msm_read( thr, a ); + a += 2; + len -= 2; + tl_assert(aligned32(a)); + } + if (len == 0) return; + + if (!aligned64(a) && len >= 4) { + zsm_apply32___msm_read( thr, a ); + a += 4; + len -= 4; + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 8) { + tl_assert(aligned64(a)); + while (len >= 8) { + zsm_apply64___msm_read( thr, a ); + a += 8; + len -= 8; + } + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 4) + tl_assert(aligned32(a)); + if (len >= 4) { + zsm_apply32___msm_read( thr, a ); + a += 4; + len -= 4; + } + if (len == 0) return; + + if (len >= 2) + tl_assert(aligned16(a)); + if (len >= 2) { + zsm_apply16___msm_read( thr, a ); + a += 2; + len -= 2; + } + if (len == 0) return; + + if (len >= 1) { + zsm_apply8___msm_read( thr, a ); + //a += 1; + len -= 1; + } + tl_assert(len == 0); +} + + + +void zsm_apply_range___msm_write ( Thr* thr, + Addr a, SizeT len ) +{ + /* fast track a couple of common cases */ + if (len == 4 && aligned32(a)) { + zsm_apply32___msm_write( thr, a ); + return; + } + if (len == 8 && aligned64(a)) { + zsm_apply64___msm_write( thr, a ); + return; + } + + /* be completely general (but as efficient as possible) */ + if (len == 0) return; + + if (!aligned16(a) && len >= 1) { + zsm_apply8___msm_write( thr, a ); + a += 1; + len -= 1; + tl_assert(aligned16(a)); + } + if (len == 0) return; + + if (!aligned32(a) && len >= 2) { + zsm_apply16___msm_write( thr, a ); + a += 2; + len -= 2; + tl_assert(aligned32(a)); + } + if (len == 0) return; + + if (!aligned64(a) && len >= 4) { + zsm_apply32___msm_write( thr, a ); + a += 4; + len -= 4; + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 8) { + tl_assert(aligned64(a)); + while (len >= 8) { + zsm_apply64___msm_write( thr, a ); + a += 8; + len -= 8; + } + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 4) + tl_assert(aligned32(a)); + if (len >= 4) { + zsm_apply32___msm_write( thr, a ); + a += 4; + len -= 4; + } + if (len == 0) return; + + if (len >= 2) + tl_assert(aligned16(a)); + if (len >= 2) { + zsm_apply16___msm_write( thr, a ); + a += 2; + len -= 2; + } + if (len == 0) return; + + if (len >= 1) { + zsm_apply8___msm_write( thr, a ); + //a += 1; + len -= 1; + } + tl_assert(len == 0); +} + + + + +/* Block-copy states (needed for implementing realloc()). */ + +static void zsm_copy_range ( Addr src, Addr dst, SizeT len ) +{ + SizeT i; + if (len == 0) + return; + + /* assert for non-overlappingness */ + tl_assert(src+len <= dst || dst+len <= src); + + /* To be simple, just copy byte by byte. But so as not to wreck + performance for later accesses to dst[0 .. len-1], normalise + destination lines as we finish with them, and also normalise the + line containing the first and last address. */ + for (i = 0; i < len; i++) { + Bool normalise + = get_cacheline_offset( dst+i+1 ) == 0 /* last in line */ + || i == 0 /* first in range */ + || i == len-1; /* last in range */ + zsm_copy8( src+i, dst+i, normalise ); + } +} + + +/* For setting address ranges to a given value. Has considerable + sophistication so as to avoid generating large numbers of pointless + cache loads/writebacks for large ranges. */ + +/* Do small ranges in-cache, in the obvious way. */ +static +void zsm_set_range_SMALL ( Addr a, SizeT len, SVal svNew ) +{ + /* fast track a couple of common cases */ + if (len == 4 && aligned32(a)) { + zsm_write32( a, svNew ); + return; + } + if (len == 8 && aligned64(a)) { + zsm_write64( a, svNew ); + return; + } + + /* be completely general (but as efficient as possible) */ + if (len == 0) return; + + if (!aligned16(a) && len >= 1) { + zsm_write8( a, svNew ); + a += 1; + len -= 1; + tl_assert(aligned16(a)); + } + if (len == 0) return; + + if (!aligned32(a) && len >= 2) { + zsm_write16( a, svNew ); + a += 2; + len -= 2; + tl_assert(aligned32(a)); + } + if (len == 0) return; + + if (!aligned64(a) && len >= 4) { + zsm_write32( a, svNew ); + a += 4; + len -= 4; + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 8) { + tl_assert(aligned64(a)); + while (len >= 8) { + zsm_write64( a, svNew ); + a += 8; + len -= 8; + } + tl_assert(aligned64(a)); + } + if (len == 0) return; + + if (len >= 4) + tl_assert(aligned32(a)); + if (len >= 4) { + zsm_write32( a, svNew ); + a += 4; + len -= 4; + } + if (len == 0) return; + + if (len >= 2) + tl_assert(aligned16(a)); + if (len >= 2) { + zsm_write16( a, svNew ); + a += 2; + len -= 2; + } + if (len == 0) return; + + if (len >= 1) { + zsm_write8( a, svNew ); + //a += 1; + len -= 1; + } + tl_assert(len == 0); +} + + +/* If we're doing a small range, hand off to zsm_set_range_SMALL. But + for larger ranges, try to operate directly on the out-of-cache + representation, rather than dragging lines into the cache, + overwriting them, and forcing them out. This turns out to be an + important performance optimisation. */ + +static void zsm_set_range ( Addr a, SizeT len, SVal svNew ) +{ + tl_assert(svNew != SVal_INVALID); + stats__cache_make_New_arange += (ULong)len; + + if (0 && len > 500) + VG_(printf)("make New ( %#lx, %ld )\n", a, len ); + + if (0) { + static UWord n_New_in_cache = 0; + static UWord n_New_not_in_cache = 0; + /* tag is 'a' with the in-line offset masked out, + eg a[31]..a[4] 0000 */ + Addr tag = a & ~(N_LINE_ARANGE - 1); + UWord wix = (a >> N_LINE_BITS) & (N_WAY_NENT - 1); + if (LIKELY(tag == cache_shmem.tags0[wix])) { + n_New_in_cache++; + } else { + n_New_not_in_cache++; + } + if (0 == ((n_New_in_cache + n_New_not_in_cache) % 100000)) + VG_(printf)("shadow_mem_make_New: IN %lu OUT %lu\n", + n_New_in_cache, n_New_not_in_cache ); + } + + if (LIKELY(len < 2 * N_LINE_ARANGE)) { + zsm_set_range_SMALL( a, len, svNew ); + } else { + Addr before_start = a; + Addr aligned_start = cacheline_ROUNDUP(a); + Addr after_start = cacheline_ROUNDDN(a + len); + UWord before_len = aligned_start - before_start; + UWord aligned_len = after_start - aligned_start; + UWord after_len = a + len - after_start; + tl_assert(before_start <= aligned_start); + tl_assert(aligned_start <= after_start); + tl_assert(before_len < N_LINE_ARANGE); + tl_assert(after_len < N_LINE_ARANGE); + tl_assert(get_cacheline_offset(aligned_start) == 0); + if (get_cacheline_offset(a) == 0) { + tl_assert(before_len == 0); + tl_assert(a == aligned_start); + } + if (get_cacheline_offset(a+len) == 0) { + tl_assert(after_len == 0); + tl_assert(after_start == a+len); + } + if (before_len > 0) { + zsm_set_range_SMALL( before_start, before_len, svNew ); + } + if (after_len > 0) { + zsm_set_range_SMALL( after_start, after_len, svNew ); + } + stats__cache_make_New_inZrep += (ULong)aligned_len; + + while (1) { + Addr tag; + UWord wix; + if (aligned_start >= after_start) + break; + tl_assert(get_cacheline_offset(aligned_start) == 0); + tag = aligned_start & ~(N_LINE_ARANGE - 1); + wix = (aligned_start >> N_LINE_BITS) & (N_WAY_NENT - 1); + if (tag == cache_shmem.tags0[wix]) { + UWord i; + for (i = 0; i < N_LINE_ARANGE / 8; i++) + zsm_write64( aligned_start + i * 8, svNew ); + } else { + UWord i; + Word zix; + SecMap* sm; + LineZ* lineZ; + /* This line is not in the cache. Do not force it in; instead + modify it in-place. */ + /* find the Z line to write in and rcdec it or the + associated F line. */ + find_Z_for_writing( &sm, &zix, tag ); + tl_assert(sm); + tl_assert(zix >= 0 && zix < N_SECMAP_ZLINES); + lineZ = &sm->linesZ[zix]; + lineZ->dict[0] = svNew; + lineZ->dict[1] = lineZ->dict[2] = lineZ->dict[3] = SVal_INVALID; + for (i = 0; i < N_LINE_ARANGE/4; i++) + lineZ->ix2s[i] = 0; /* all refer to dict[0] */ + rcinc_LineZ(lineZ); + } + aligned_start += N_LINE_ARANGE; + aligned_len -= N_LINE_ARANGE; + } + tl_assert(aligned_start == after_start); + tl_assert(aligned_len == 0); + } +} + + +///////////////////////////////////////////////////////// +// // +// Synchronisation objects // +// // +///////////////////////////////////////////////////////// + +// (UInt) `echo "Synchronisation object" | md5sum` +#define SO_MAGIC 0x56b3c5b0U + +struct _SO { + VtsID viR; /* r-clock of sender */ + VtsID viW; /* w-clock of sender */ + UInt magic; +}; + +static SO* SO__Alloc ( void ) { + SO* so = HG_(zalloc)( "libhb.SO__Alloc.1", sizeof(SO) ); + so->viR = VtsID_INVALID; + so->viW = VtsID_INVALID; + so->magic = SO_MAGIC; + return so; +} +static void SO__Dealloc ( SO* so ) { + tl_assert(so); + tl_assert(so->magic == SO_MAGIC); + if (so->viR == VtsID_INVALID) { + tl_assert(so->viW == VtsID_INVALID); + } else { + tl_assert(so->viW != VtsID_INVALID); + VtsID__rcdec(so->viR); + VtsID__rcdec(so->viW); + } + so->magic = 0; + HG_(free)( so ); +} + + +///////////////////////////////////////////////////////// +// // +// Top Level API // +// // +///////////////////////////////////////////////////////// + +static void show_thread_state ( HChar* str, Thr* t ) +{ + if (1) return; + if (t->viR == t->viW) { + VG_(printf)("thr \"%s\" %p has vi* %u==", str, t, t->viR ); + VtsID__pp( t->viR ); + VG_(printf)("%s","\n"); + } else { + VG_(printf)("thr \"%s\" %p has viR %u==", str, t, t->viR ); + VtsID__pp( t->viR ); + VG_(printf)(" viW %u==", t->viW); + VtsID__pp( t->viW ); + VG_(printf)("%s","\n"); + } +} + + +Thr* libhb_init ( + void (*get_stacktrace)( Thr*, Addr*, UWord ), + ExeContext* (*get_EC)( Thr* ) + ) +{ + Thr* thr; + VtsID vi; + tl_assert(get_stacktrace); + tl_assert(get_EC); + main_get_stacktrace = get_stacktrace; + main_get_EC = get_EC; + + // No need to initialise hg_wordfm. + // No need to initialise hg_wordset. + + vts_set_init(); + vts_tab_init(); + event_map_init(); + VtsID__invalidate_caches(); + + // initialise shadow memory + zsm_init( SVal__rcinc, SVal__rcdec ); + + thr = Thr__new(); + vi = VtsID__mk_Singleton( thr, 1 ); + thr->viR = vi; + thr->viW = vi; + VtsID__rcinc(thr->viR); + VtsID__rcinc(thr->viW); + + show_thread_state(" root", thr); + return thr; +} + +Thr* libhb_create ( Thr* parent ) +{ + /* The child's VTSs are copies of the parent's VTSs, but ticked at + the child's index. Since the child's index is guaranteed + unique, it has never been seen before, so the implicit value + before the tick is zero and after that is one. */ + Thr* child = Thr__new(); + + child->viR = VtsID__tick( parent->viR, child ); + child->viW = VtsID__tick( parent->viW, child ); + VtsID__rcinc(child->viR); + VtsID__rcinc(child->viW); + + tl_assert(VtsID__indexAt( child->viR, child ) == 1); + tl_assert(VtsID__indexAt( child->viW, child ) == 1); + + /* and the parent has to move along too */ + VtsID__rcdec(parent->viR); + VtsID__rcdec(parent->viW); + parent->viR = VtsID__tick( parent->viR, parent ); + parent->viW = VtsID__tick( parent->viW, parent ); + VtsID__rcinc(parent->viR); + VtsID__rcinc(parent->viW); + + show_thread_state(" child", child); + show_thread_state("parent", parent); + + return child; +} + +/* Shut down the library, and print stats (in fact that's _all_ + this is for. */ +void libhb_shutdown ( Bool show_stats ) +{ + if (show_stats) { + VG_(printf)("%s","<<< BEGIN libhb stats >>>\n"); + VG_(printf)(" secmaps: %'10lu allocd (%'12lu g-a-range)\n", + stats__secmaps_allocd, + stats__secmap_ga_space_covered); + VG_(printf)(" linesZ: %'10lu allocd (%'12lu bytes occupied)\n", + stats__secmap_linesZ_allocd, + stats__secmap_linesZ_bytes); + VG_(printf)(" linesF: %'10lu allocd (%'12lu bytes occupied)\n", + stats__secmap_linesF_allocd, + stats__secmap_linesF_bytes); + VG_(printf)(" secmaps: %'10lu iterator steppings\n", + stats__secmap_iterator_steppings); + VG_(printf)(" secmaps: %'10lu searches (%'12lu slow)\n", + stats__secmaps_search, stats__secmaps_search_slow); + + VG_(printf)("%s","\n"); + VG_(printf)(" cache: %'lu totrefs (%'lu misses)\n", + stats__cache_totrefs, stats__cache_totmisses ); + VG_(printf)(" cache: %'14lu Z-fetch, %'14lu F-fetch\n", + stats__cache_Z_fetches, stats__cache_F_fetches ); + VG_(printf)(" cache: %'14lu Z-wback, %'14lu F-wback\n", + stats__cache_Z_wbacks, stats__cache_F_wbacks ); + VG_(printf)(" cache: %'14lu invals, %'14lu flushes\n", + stats__cache_invals, stats__cache_flushes ); + VG_(printf)(" cache: %'14llu arange_New %'14llu direct-to-Zreps\n", + stats__cache_make_New_arange, + stats__cache_make_New_inZrep); + + VG_(printf)("%s","\n"); + VG_(printf)(" cline: %'10lu normalises\n", + stats__cline_normalises ); + VG_(printf)(" cline: rds 8/4/2/1: %'13lu %'13lu %'13lu %'13lu\n", + stats__cline_read64s, + stats__cline_read32s, + stats__cline_read16s, + stats__cline_read8s ); + VG_(printf)(" cline: wrs 8/4/2/1: %'13lu %'13lu %'13lu %'13lu\n", + stats__cline_write64s, + stats__cline_write32s, + stats__cline_write16s, + stats__cline_write8s ); + VG_(printf)(" cline: sets 8/4/2/1: %'13lu %'13lu %'13lu %'13lu\n", + stats__cline_set64s, + stats__cline_set32s, + stats__cline_set16s, + stats__cline_set8s ); + VG_(printf)(" cline: get1s %'lu, copy1s %'lu\n", + stats__cline_get8s, stats__cline_copy8s ); + VG_(printf)(" cline: splits: 8to4 %'12lu 4to2 %'12lu 2to1 %'12lu\n", + stats__cline_64to32splits, + stats__cline_32to16splits, + stats__cline_16to8splits ); + VG_(printf)(" cline: pulldowns: 8to4 %'12lu 4to2 %'12lu 2to1 %'12lu\n", + stats__cline_64to32pulldown, + stats__cline_32to16pulldown, + stats__cline_16to8pulldown ); + if (0) + VG_(printf)(" cline: sizeof(CacheLineZ) %ld, covers %ld bytes of arange\n", + (Word)sizeof(LineZ), (Word)N_LINE_ARANGE); + + VG_(printf)("%s","\n"); + + VG_(printf)(" libhb: %'13llu msm_read (%'llu changed)\n", + stats__msm_read, stats__msm_read_change); + VG_(printf)(" libhb: %'13llu msm_write (%'llu changed)\n", + stats__msm_write, stats__msm_write_change); + VG_(printf)(" libhb: %'13llu getOrd queries (%'llu misses)\n", + stats__getOrdering_queries, stats__getOrdering_misses); + VG_(printf)(" libhb: %'13llu join2 queries (%'llu misses)\n", + stats__join2_queries, stats__join2_misses); + + VG_(printf)("%s","\n"); + VG_(printf)( + " libhb: %ld entries in vts_table (approximately %lu bytes)\n", + VG_(sizeXA)( vts_tab ), VG_(sizeXA)( vts_tab ) * sizeof(VtsTE) + ); + VG_(printf)( " libhb: %lu entries in vts_set\n", + VG_(sizeFM)( vts_set ) ); + + VG_(printf)("%s","\n"); + VG_(printf)( " libhb: ctxt__rcdec: 1=%lu(%lu eq), 2=%lu, 3=%lu\n", + stats__ctxt_rcdec1, stats__ctxt_rcdec1_eq, + stats__ctxt_rcdec2, + stats__ctxt_rcdec3 ); + VG_(printf)( " libhb: ctxt__rcdec: calls %lu, discards %lu\n", + stats__ctxt_rcdec_calls, stats__ctxt_rcdec_discards); + VG_(printf)( " libhb: contextTab: %lu slots, %lu max ents\n", + (UWord)N_RCEC_TAB, + stats__ctxt_tab_curr ); + VG_(printf)( " libhb: contextTab: %lu queries, %lu cmps\n", + stats__ctxt_tab_qs, + stats__ctxt_tab_cmps ); +#if 0 + VG_(printf)("sizeof(AvlNode) = %lu\n", sizeof(AvlNode)); + VG_(printf)("sizeof(WordBag) = %lu\n", sizeof(WordBag)); + VG_(printf)("sizeof(MaybeWord) = %lu\n", sizeof(MaybeWord)); + VG_(printf)("sizeof(CacheLine) = %lu\n", sizeof(CacheLine)); + VG_(printf)("sizeof(LineZ) = %lu\n", sizeof(LineZ)); + VG_(printf)("sizeof(LineF) = %lu\n", sizeof(LineF)); + VG_(printf)("sizeof(SecMap) = %lu\n", sizeof(SecMap)); + VG_(printf)("sizeof(Cache) = %lu\n", sizeof(Cache)); + VG_(printf)("sizeof(SMCacheEnt) = %lu\n", sizeof(SMCacheEnt)); + VG_(printf)("sizeof(CountedSVal) = %lu\n", sizeof(CountedSVal)); + VG_(printf)("sizeof(VTS) = %lu\n", sizeof(VTS)); + VG_(printf)("sizeof(ScalarTS) = %lu\n", sizeof(ScalarTS)); + VG_(printf)("sizeof(VtsTE) = %lu\n", sizeof(VtsTE)); + VG_(printf)("sizeof(MSMInfo) = %lu\n", sizeof(MSMInfo)); + + VG_(printf)("sizeof(struct _XArray) = %lu\n", sizeof(struct _XArray)); + VG_(printf)("sizeof(struct _WordFM) = %lu\n", sizeof(struct _WordFM)); + VG_(printf)("sizeof(struct _Thr) = %lu\n", sizeof(struct _Thr)); + VG_(printf)("sizeof(struct _SO) = %lu\n", sizeof(struct _SO)); +#endif + + VG_(printf)("%s","<<< END libhb stats >>>\n"); + VG_(printf)("%s","\n"); + + } +} + +void libhb_async_exit ( Thr* thr ) +{ + /* is there anything we need to do? */ +} + +/* Both Segs and SOs point to VTSs. However, there is no sharing, so + a Seg that points at a VTS is its one-and-only owner, and ditto for + a SO that points at a VTS. */ + +SO* libhb_so_alloc ( void ) +{ + return SO__Alloc(); +} + +void libhb_so_dealloc ( SO* so ) +{ + tl_assert(so); + tl_assert(so->magic == SO_MAGIC); + SO__Dealloc(so); +} + +/* See comments in libhb.h for details on the meaning of + strong vs weak sends and strong vs weak receives. */ +void libhb_so_send ( Thr* thr, SO* so, Bool strong_send ) +{ + /* Copy the VTSs from 'thr' into the sync object, and then move + the thread along one step. */ + + tl_assert(so); + tl_assert(so->magic == SO_MAGIC); + + /* stay sane .. a thread's read-clock must always lead or be the + same as its write-clock */ + { POrd ord = VtsID__getOrdering(thr->viW, thr->viR); + tl_assert(ord == POrd_EQ || ord == POrd_LT); + } + + /* since we're overwriting the VtsIDs in the SO, we need to drop + any references made by the previous contents thereof */ + if (so->viR == VtsID_INVALID) { + tl_assert(so->viW == VtsID_INVALID); + so->viR = thr->viR; + so->viW = thr->viW; + VtsID__rcinc(so->viR); + VtsID__rcinc(so->viW); + } else { + /* In a strong send, we dump any previous VC in the SO and + install the sending thread's VC instead. For a weak send we + must join2 with what's already there. */ + tl_assert(so->viW != VtsID_INVALID); + VtsID__rcdec(so->viR); + VtsID__rcdec(so->viW); + so->viR = strong_send ? thr->viR : VtsID__join2( so->viR, thr->viR ); + so->viW = strong_send ? thr->viW : VtsID__join2( so->viW, thr->viW ); + VtsID__rcinc(so->viR); + VtsID__rcinc(so->viW); + } + + /* move both parent clocks along */ + VtsID__rcdec(thr->viR); + VtsID__rcdec(thr->viW); + thr->viR = VtsID__tick( thr->viR, thr ); + thr->viW = VtsID__tick( thr->viW, thr ); + VtsID__rcinc(thr->viR); + VtsID__rcinc(thr->viW); + if (strong_send) + show_thread_state("s-send", thr); + else + show_thread_state("w-send", thr); +} + +void libhb_so_recv ( Thr* thr, SO* so, Bool strong_recv ) +{ + tl_assert(so); + tl_assert(so->magic == SO_MAGIC); + + if (so->viR != VtsID_INVALID) { + tl_assert(so->viW != VtsID_INVALID); + + /* Weak receive (basically, an R-acquisition of a R-W lock). + This advances the read-clock of the receiver, but not the + write-clock. */ + VtsID__rcdec(thr->viR); + thr->viR = VtsID__join2( thr->viR, so->viR ); + VtsID__rcinc(thr->viR); + + /* For a strong receive, we also advance the receiver's write + clock, which means the receive as a whole is essentially + equivalent to a W-acquisition of a R-W lock. */ + if (strong_recv) { + VtsID__rcdec(thr->viW); + thr->viW = VtsID__join2( thr->viW, so->viW ); + VtsID__rcinc(thr->viW); + } + + if (strong_recv) + show_thread_state("s-recv", thr); + else + show_thread_state("w-recv", thr); + + } else { + tl_assert(so->viW == VtsID_INVALID); + /* Deal with degenerate case: 'so' has no vts, so there has been + no message posted to it. Just ignore this case. */ + show_thread_state("d-recv", thr); + } +} + +Bool libhb_so_everSent ( SO* so ) +{ + if (so->viR == VtsID_INVALID) { + tl_assert(so->viW == VtsID_INVALID); + return False; + } else { + tl_assert(so->viW != VtsID_INVALID); + return True; + } +} + +#define XXX1 0 // 0x67a106c +#define XXX2 0 + +static Bool TRACEME(Addr a, SizeT szB) { + if (XXX1 && a <= XXX1 && XXX1 <= a+szB) return True; + if (XXX2 && a <= XXX2 && XXX2 <= a+szB) return True; + return False; +} +static void trace ( Thr* thr, Addr a, SizeT szB, HChar* s ) { + SVal sv = zsm_read8(a); + VG_(printf)("thr %p (%#lx,%lu) %s: 0x%016llx ", thr,a,szB,s,sv); + show_thread_state("", thr); + VG_(printf)("%s","\n"); +} + +void libhb_range_new ( Thr* thr, Addr a, SizeT szB ) +{ + SVal sv = SVal__mkC(thr->viW, thr->viW); + tl_assert(is_sane_SVal_C(sv)); + if(TRACEME(a,szB))trace(thr,a,szB,"nw-before"); + zsm_set_range( a, szB, sv ); + if(TRACEME(a,szB))trace(thr,a,szB,"nw-after "); +} + +void libhb_range_noaccess ( Thr* thr, Addr a, SizeT szB ) +{ + if(TRACEME(a,szB))trace(thr,a,szB,"NA-before"); + zsm_set_range( a, szB, SVal__mkA() ); + if(TRACEME(a,szB))trace(thr,a,szB,"NA-after "); +} + +void* libhb_get_Thr_opaque ( Thr* thr ) { + tl_assert(thr); + return thr->opaque; +} + +void libhb_set_Thr_opaque ( Thr* thr, void* v ) { + tl_assert(thr); + thr->opaque = v; +} + +void libhb_copy_shadow_state ( Addr dst, Addr src, SizeT len ) +{ + zsm_copy_range(dst, src, len); +} + +void libhb_maybe_GC ( void ) +{ + event_map_maybe_GC(); + /* If there are still freelist entries available, no need for a + GC. */ + if (vts_tab_freelist != VtsID_INVALID) + return; + /* So all the table entries are full, and we're having to expand + the table. But did we hit the threshhold point yet? */ + if (VG_(sizeXA)( vts_tab ) < vts_next_GC_at) + return; + vts_tab__do_GC( False/*don't show stats*/ ); +} + + +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// +// // +// SECTION END main library // +// // +///////////////////////////////////////////////////////////////// +///////////////////////////////////////////////////////////////// + +/*--------------------------------------------------------------------*/ +/*--- end libhb_main.c ---*/ +/*--------------------------------------------------------------------*/ |