1 /* Copyright (c) 2008-2015. The SimGrid Team.
2 * All rights reserved. */
4 /* This program is free software; you can redistribute it and/or modify it
5 * under the terms of the license (GNU LGPL) which comes with this package. */
7 /* mc_diff - Memory snapshooting and comparison */
9 #include "src/xbt/ex_interface.h" /* internals of backtrace setup */
11 #include "xbt/mmalloc.h"
12 #include "mc/datatypes.h"
13 #include "src/mc/malloc.hpp"
14 #include "src/mc/mc_private.h"
15 #include "src/mc/mc_snapshot.h"
16 #include "src/mc/mc_dwarf.hpp"
17 #include "src/mc/Type.hpp"
19 using simgrid::mc::remote;
21 XBT_LOG_NEW_DEFAULT_SUBCATEGORY(mc_diff, xbt,
22 "Logging specific to mc_diff in mc");
24 /*********************************** Heap comparison ***********************************/
25 /***************************************************************************************/
27 struct XBT_PRIVATE s_mc_diff {
28 s_xbt_mheap_t std_heap_copy;
29 std::size_t heaplimit;
30 // Number of blocks in the heaps:
31 std::size_t heapsize1, heapsize2;
32 std::vector<simgrid::mc::IgnoredHeapRegion>* to_ignore1;
33 std::vector<simgrid::mc::IgnoredHeapRegion>* to_ignore2;
34 s_heap_area_t *equals_to1, *equals_to2;
35 simgrid::mc::Type **types1;
36 simgrid::mc::Type **types2;
37 std::size_t available;
40 #define equals_to1_(i,j) equals_to1[ MAX_FRAGMENT_PER_BLOCK*(i) + (j)]
41 #define equals_to2_(i,j) equals_to2[ MAX_FRAGMENT_PER_BLOCK*(i) + (j)]
42 #define types1_(i,j) types1[ MAX_FRAGMENT_PER_BLOCK*(i) + (j)]
43 #define types2_(i,j) types2[ MAX_FRAGMENT_PER_BLOCK*(i) + (j)]
45 static __thread struct s_mc_diff *mc_diff_info = nullptr;
47 /*********************************** Free functions ************************************/
49 static void heap_area_pair_free(heap_area_pair_t pair)
55 static void heap_area_pair_free_voidp(void *d)
57 heap_area_pair_free((heap_area_pair_t) * (void **) d);
60 static void heap_area_free(heap_area_t area)
66 /************************************************************************************/
68 static s_heap_area_t make_heap_area(int block, int fragment)
73 area.fragment = fragment;
78 static int is_new_heap_area_pair(xbt_dynar_t list, int block1, int fragment1,
79 int block2, int fragment2)
82 unsigned int cursor = 0;
83 heap_area_pair_t current_pair;
85 xbt_dynar_foreach(list, cursor, current_pair)
86 if (current_pair->block1 == block1 && current_pair->block2 == block2
87 && current_pair->fragment1 == fragment1
88 && current_pair->fragment2 == fragment2)
94 static int add_heap_area_pair(xbt_dynar_t list, int block1, int fragment1,
95 int block2, int fragment2)
98 if (is_new_heap_area_pair(list, block1, fragment1, block2, fragment2)) {
99 heap_area_pair_t pair = nullptr;
100 pair = xbt_new0(s_heap_area_pair_t, 1);
101 pair->block1 = block1;
102 pair->fragment1 = fragment1;
103 pair->block2 = block2;
104 pair->fragment2 = fragment2;
106 xbt_dynar_push(list, &pair);
114 static ssize_t heap_comparison_ignore_size(
115 std::vector<simgrid::mc::IgnoredHeapRegion>* ignore_list,
119 int end = ignore_list->size() - 1;
121 while (start <= end) {
122 unsigned int cursor = (start + end) / 2;
123 simgrid::mc::IgnoredHeapRegion const& region = (*ignore_list)[cursor];
124 if (region.address == address)
126 if (region.address < address)
128 if (region.address > address)
135 static bool is_stack(const void *address)
137 for (auto const& stack : mc_model_checker->process().stack_areas())
138 if (address == stack.address)
143 // TODO, this should depend on the snapshot?
144 static bool is_block_stack(int block)
146 for (auto const& stack : mc_model_checker->process().stack_areas())
147 if (block == stack.block)
152 static void match_equals(struct s_mc_diff *state, xbt_dynar_t list)
155 unsigned int cursor = 0;
156 heap_area_pair_t current_pair;
158 xbt_dynar_foreach(list, cursor, current_pair)
160 if (current_pair->fragment1 != -1) {
162 state->equals_to1_(current_pair->block1, current_pair->fragment1) =
163 make_heap_area(current_pair->block2, current_pair->fragment2);
164 state->equals_to2_(current_pair->block2, current_pair->fragment2) =
165 make_heap_area(current_pair->block1, current_pair->fragment1);
169 state->equals_to1_(current_pair->block1, 0) =
170 make_heap_area(current_pair->block2, current_pair->fragment2);
171 state->equals_to2_(current_pair->block2, 0) =
172 make_heap_area(current_pair->block1, current_pair->fragment1);
178 /** Check whether two blocks are known to be matching
180 * @param state State used
181 * @param b1 Block of state 1
182 * @param b2 Block of state 2
183 * @return if the blocks are known to be matching
185 static int equal_blocks(struct s_mc_diff *state, int b1, int b2)
188 if (state->equals_to1_(b1, 0).block == b2
189 && state->equals_to2_(b2, 0).block == b1)
195 /** Check whether two fragments are known to be matching
197 * @param state State used
198 * @param b1 Block of state 1
199 * @param f1 Fragment of state 1
200 * @param b2 Block of state 2
201 * @param f2 Fragment of state 2
202 * @return if the fragments are known to be matching
204 static int equal_fragments(struct s_mc_diff *state, int b1, int f1, int b2,
208 if (state->equals_to1_(b1, f1).block == b2
209 && state->equals_to1_(b1, f1).fragment == f2
210 && state->equals_to2_(b2, f2).block == b1
211 && state->equals_to2_(b2, f2).fragment == f1)
220 int init_heap_information(xbt_mheap_t heap1, xbt_mheap_t heap2,
221 std::vector<simgrid::mc::IgnoredHeapRegion>* i1,
222 std::vector<simgrid::mc::IgnoredHeapRegion>* i2)
224 if (mc_diff_info == nullptr) {
225 mc_diff_info = xbt_new0(struct s_mc_diff, 1);
226 mc_diff_info->equals_to1 = nullptr;
227 mc_diff_info->equals_to2 = nullptr;
228 mc_diff_info->types1 = nullptr;
229 mc_diff_info->types2 = nullptr;
231 struct s_mc_diff *state = mc_diff_info;
233 if ((((struct mdesc *) heap1)->heaplimit !=
234 ((struct mdesc *) heap2)->heaplimit)
236 ((((struct mdesc *) heap1)->heapsize !=
237 ((struct mdesc *) heap2)->heapsize)))
240 state->heaplimit = ((struct mdesc *) heap1)->heaplimit;
242 state->std_heap_copy = *mc_model_checker->process().get_heap();
244 state->heapsize1 = heap1->heapsize;
245 state->heapsize2 = heap2->heapsize;
247 state->to_ignore1 = i1;
248 state->to_ignore2 = i2;
250 if (state->heaplimit > state->available) {
251 state->equals_to1 = (s_heap_area_t*)
252 realloc(state->equals_to1,
253 state->heaplimit * MAX_FRAGMENT_PER_BLOCK *
254 sizeof(s_heap_area_t));
255 state->types1 = (simgrid::mc::Type**)
256 realloc(state->types1,
257 state->heaplimit * MAX_FRAGMENT_PER_BLOCK *
258 sizeof(simgrid::mc::Type*));
259 state->equals_to2 = (s_heap_area_t*)
260 realloc(state->equals_to2,
261 state->heaplimit * MAX_FRAGMENT_PER_BLOCK *
262 sizeof(s_heap_area_t));
263 state->types2 = (simgrid::mc::Type**)
264 realloc(state->types2,
265 state->heaplimit * MAX_FRAGMENT_PER_BLOCK *
266 sizeof(simgrid::mc::Type*));
267 state->available = state->heaplimit;
270 memset(state->equals_to1, 0,
271 state->heaplimit * MAX_FRAGMENT_PER_BLOCK * sizeof(s_heap_area_t));
272 memset(state->equals_to2, 0,
273 state->heaplimit * MAX_FRAGMENT_PER_BLOCK * sizeof(s_heap_area_t));
274 memset(state->types1, 0,
275 state->heaplimit * MAX_FRAGMENT_PER_BLOCK * sizeof(char**));
276 memset(state->types2, 0,
277 state->heaplimit * MAX_FRAGMENT_PER_BLOCK * sizeof(char**));
283 void reset_heap_information()
288 // TODO, have a robust way to find it in O(1)
290 mc_mem_region_t MC_get_heap_region(simgrid::mc::Snapshot* snapshot)
292 size_t n = snapshot->snapshot_regions.size();
293 for (size_t i=0; i!=n; ++i) {
294 mc_mem_region_t region = snapshot->snapshot_regions[i].get();
295 if (region->region_type() == simgrid::mc::RegionType::Heap)
298 xbt_die("No heap region");
301 int mmalloc_compare_heap(simgrid::mc::Snapshot* snapshot1, simgrid::mc::Snapshot* snapshot2)
303 simgrid::mc::Process* process = &mc_model_checker->process();
304 struct s_mc_diff *state = mc_diff_info;
306 /* Start comparison */
307 size_t i1, i2, j1, j2, k;
308 void *addr_block1, *addr_block2, *addr_frag1, *addr_frag2;
309 int nb_diff1 = 0, nb_diff2 = 0;
311 int equal, res_compare = 0;
313 /* Check busy blocks */
317 malloc_info heapinfo_temp1, heapinfo_temp2;
318 malloc_info heapinfo_temp2b;
320 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
321 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
323 // This is the address of std_heap->heapinfo in the application process:
324 void* heapinfo_address = &((xbt_mheap_t) process->heap_address)->heapinfo;
326 // This is in snapshot do not use them directly:
327 const malloc_info* heapinfos1 = snapshot1->read<malloc_info*>(
328 (std::uint64_t)heapinfo_address, simgrid::mc::ProcessIndexMissing);
329 const malloc_info* heapinfos2 = snapshot2->read<malloc_info*>(
330 (std::uint64_t)heapinfo_address, simgrid::mc::ProcessIndexMissing);
332 while (i1 <= state->heaplimit) {
334 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(heap_region1, &heapinfo_temp1, &heapinfos1[i1], sizeof(malloc_info));
335 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(heap_region2, &heapinfo_temp2, &heapinfos2[i1], sizeof(malloc_info));
337 if (heapinfo1->type == MMALLOC_TYPE_FREE || heapinfo1->type == MMALLOC_TYPE_HEAPINFO) { /* Free block */
342 if (heapinfo1->type < 0) {
343 fprintf(stderr, "Unkown mmalloc block type.\n");
348 ((void *) (((ADDR2UINT(i1)) - 1) * BLOCKSIZE +
349 (char *) state->std_heap_copy.heapbase));
351 if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED) { /* Large block */
353 if (is_stack(addr_block1)) {
354 for (k = 0; k < heapinfo1->busy_block.size; k++)
355 state->equals_to1_(i1 + k, 0) = make_heap_area(i1, -1);
356 for (k = 0; k < heapinfo2->busy_block.size; k++)
357 state->equals_to2_(i1 + k, 0) = make_heap_area(i1, -1);
358 i1 += heapinfo1->busy_block.size;
362 if (state->equals_to1_(i1, 0).valid) {
371 /* Try first to associate to same block in the other heap */
372 if (heapinfo2->type == heapinfo1->type) {
374 if (state->equals_to2_(i1, 0).valid == 0) {
376 addr_block2 = (ADDR2UINT(i1) - 1) * BLOCKSIZE +
377 (char *) state->std_heap_copy.heapbase;
380 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_block1, addr_block2, snapshot1, snapshot2,
383 if (res_compare != 1) {
384 for (k = 1; k < heapinfo2->busy_block.size; k++)
385 state->equals_to2_(i1 + k, 0) = make_heap_area(i1, -1);
386 for (k = 1; k < heapinfo1->busy_block.size; k++)
387 state->equals_to1_(i1 + k, 0) = make_heap_area(i1, -1);
389 i1 += heapinfo1->busy_block.size;
396 while (i2 <= state->heaplimit && !equal) {
398 addr_block2 = (ADDR2UINT(i2) - 1) * BLOCKSIZE +
399 (char *) state->std_heap_copy.heapbase;
406 const malloc_info* heapinfo2b = (const malloc_info*) MC_region_read(heap_region2, &heapinfo_temp2b, &heapinfos2[i2], sizeof(malloc_info));
408 if (heapinfo2b->type != MMALLOC_TYPE_UNFRAGMENTED) {
413 if (state->equals_to2_(i2, 0).valid) {
419 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_block1, addr_block2, snapshot1, snapshot2,
422 if (res_compare != 1) {
423 for (k = 1; k < heapinfo2b->busy_block.size; k++)
424 state->equals_to2_(i2 + k, 0) = make_heap_area(i1, -1);
425 for (k = 1; k < heapinfo1->busy_block.size; k++)
426 state->equals_to1_(i1 + k, 0) = make_heap_area(i2, -1);
428 i1 += heapinfo1->busy_block.size;
436 XBT_DEBUG("Block %zu not found (size_used = %zu, addr = %p)", i1,
437 heapinfo1->busy_block.busy_size, addr_block1);
438 i1 = state->heaplimit + 1;
443 } else { /* Fragmented block */
445 for (j1 = 0; j1 < (size_t) (BLOCKSIZE >> heapinfo1->type); j1++) {
447 if (heapinfo1->busy_frag.frag_size[j1] == -1) /* Free fragment */
450 if (state->equals_to1_(i1, j1).valid)
454 (void *) ((char *) addr_block1 + (j1 << heapinfo1->type));
459 /* Try first to associate to same fragment in the other heap */
460 if (heapinfo2->type == heapinfo1->type) {
462 if (state->equals_to2_(i1, j1).valid == 0) {
464 addr_block2 = (ADDR2UINT(i1) - 1) * BLOCKSIZE +
465 (char *) state->std_heap_copy.heapbase;
467 (void *) ((char *) addr_block2 +
468 (j1 << heapinfo2->type));
471 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_frag1, addr_frag2, snapshot1, snapshot2,
474 if (res_compare != 1)
481 while (i2 <= state->heaplimit && !equal) {
483 const malloc_info* heapinfo2b = (const malloc_info*) MC_region_read(
484 heap_region2, &heapinfo_temp2b, &heapinfos2[i2],
485 sizeof(malloc_info));
487 if (heapinfo2b->type == MMALLOC_TYPE_FREE || heapinfo2b->type == MMALLOC_TYPE_HEAPINFO) {
492 // We currently do not match fragments with unfragmented blocks (maybe we should).
493 if (heapinfo2b->type == MMALLOC_TYPE_UNFRAGMENTED) {
498 if (heapinfo2b->type < 0) {
499 fprintf(stderr, "Unkown mmalloc block type.\n");
503 for (j2 = 0; j2 < (size_t) (BLOCKSIZE >> heapinfo2b->type);
506 if (i2 == i1 && j2 == j1)
509 if (state->equals_to2_(i2, j2).valid)
512 addr_block2 = (ADDR2UINT(i2) - 1) * BLOCKSIZE +
513 (char *) state->std_heap_copy.heapbase;
515 (void *) ((char *) addr_block2 +
516 (j2 << heapinfo2b->type));
519 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_frag1, addr_frag2, snapshot2, snapshot2,
522 if (res_compare != 1) {
535 ("Block %zu, fragment %zu not found (size_used = %zd, address = %p)\n",
536 i1, j1, heapinfo1->busy_frag.frag_size[j1],
538 i2 = state->heaplimit + 1;
539 i1 = state->heaplimit + 1;
552 /* All blocks/fragments are equal to another block/fragment ? */
555 for(i = 1; i <= state->heaplimit; i++) {
556 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(
557 heap_region1, &heapinfo_temp1, &heapinfos1[i], sizeof(malloc_info));
558 if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED) {
559 if (i1 == state->heaplimit) {
560 if (heapinfo1->busy_block.busy_size > 0) {
561 if (state->equals_to1_(i, 0).valid == 0) {
562 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
564 XBT_DEBUG("Block %zu not found (size used = %zu)", i,
565 heapinfo1->busy_block.busy_size);
566 //mmalloc_backtrace_block_display((void*)heapinfo1, i);
573 if (heapinfo1->type > 0) {
574 for (j = 0; j < (size_t) (BLOCKSIZE >> heapinfo1->type); j++) {
575 if (i1 == state->heaplimit) {
576 if (heapinfo1->busy_frag.frag_size[j] > 0) {
577 if (state->equals_to1_(i, j).valid == 0) {
578 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
579 // TODO, print fragment address
581 ("Block %zu, Fragment %zu not found (size used = %zd)",
583 heapinfo1->busy_frag.frag_size[j]);
584 //mmalloc_backtrace_fragment_display((void*)heapinfo1, i, j);
594 if (i1 == state->heaplimit)
595 XBT_DEBUG("Number of blocks/fragments not found in heap1 : %d", nb_diff1);
597 for (i=1; i <= state->heaplimit; i++) {
598 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(
599 heap_region2, &heapinfo_temp2, &heapinfos2[i], sizeof(malloc_info));
600 if (heapinfo2->type == MMALLOC_TYPE_UNFRAGMENTED) {
601 if (i1 == state->heaplimit) {
602 if (heapinfo2->busy_block.busy_size > 0) {
603 if (state->equals_to2_(i, 0).valid == 0) {
604 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
605 // TODO, print address of the block
606 XBT_DEBUG("Block %zu not found (size used = %zu)", i,
607 heapinfo2->busy_block.busy_size);
608 //mmalloc_backtrace_block_display((void*)heapinfo2, i);
615 if (heapinfo2->type > 0) {
616 for (j = 0; j < (size_t) (BLOCKSIZE >> heapinfo2->type); j++) {
617 if (i1 == state->heaplimit) {
618 if (heapinfo2->busy_frag.frag_size[j] > 0) {
619 if (state->equals_to2_(i, j).valid == 0) {
620 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
621 // TODO, print address of the block
623 ("Block %zu, Fragment %zu not found (size used = %zd)",
625 heapinfo2->busy_frag.frag_size[j]);
626 //mmalloc_backtrace_fragment_display((void*)heapinfo2, i, j);
636 if (i1 == state->heaplimit)
637 XBT_DEBUG("Number of blocks/fragments not found in heap2 : %d", nb_diff2);
639 return ((nb_diff1 > 0) || (nb_diff2 > 0));
645 * @param real_area1 Process address for state 1
646 * @param real_area2 Process address for state 2
647 * @param snapshot1 Snapshot of state 1
648 * @param snapshot2 Snapshot of state 2
651 * @param check_ignore
653 static int compare_heap_area_without_type(struct s_mc_diff *state, int process_index,
654 const void *real_area1, const void *real_area2,
655 simgrid::mc::Snapshot* snapshot1,
656 simgrid::mc::Snapshot* snapshot2,
657 xbt_dynar_t previous, int size,
660 simgrid::mc::Process* process = &mc_model_checker->process();
663 const void *addr_pointed1, *addr_pointed2;
664 int pointer_align, res_compare;
665 ssize_t ignore1, ignore2;
667 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
668 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
672 if (check_ignore > 0) {
674 heap_comparison_ignore_size(state->to_ignore1,
675 (char *) real_area1 + i)) != -1) {
677 heap_comparison_ignore_size(state->to_ignore2,
678 (char *) real_area2 + i)) == ignore1) {
691 if (MC_snapshot_region_memcmp(((char *) real_area1) + i, heap_region1, ((char *) real_area2) + i, heap_region2, 1) != 0) {
693 pointer_align = (i / sizeof(void *)) * sizeof(void *);
694 addr_pointed1 = snapshot1->read(
695 remote((void**)((char *) real_area1 + pointer_align)), process_index);
696 addr_pointed2 = snapshot2->read(
697 remote((void**)((char *) real_area2 + pointer_align)), process_index);
699 if (process->in_maestro_stack(remote(addr_pointed1))
700 && process->in_maestro_stack(remote(addr_pointed2))) {
701 i = pointer_align + sizeof(void *);
703 } else if (addr_pointed1 > state->std_heap_copy.heapbase
704 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
705 && addr_pointed2 > state->std_heap_copy.heapbase
706 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2)) {
707 // Both addreses are in the heap:
709 compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
710 snapshot2, previous, nullptr, 0);
711 if (res_compare == 1)
713 i = pointer_align + sizeof(void *);
731 * @param real_area1 Process address for state 1
732 * @param real_area2 Process address for state 2
733 * @param snapshot1 Snapshot of state 1
734 * @param snapshot2 Snapshot of state 2
737 * @param area_size either a byte_size or an elements_count (?)
738 * @param check_ignore
739 * @param pointer_level
740 * @return 0 (same), 1 (different), -1 (unknown)
742 static int compare_heap_area_with_type(struct s_mc_diff *state, int process_index,
743 const void *real_area1, const void *real_area2,
744 simgrid::mc::Snapshot* snapshot1,
745 simgrid::mc::Snapshot* snapshot2,
746 xbt_dynar_t previous, simgrid::mc::Type* type,
747 int area_size, int check_ignore,
751 // HACK: This should not happen but in pratice, there is some
752 // DW_TAG_typedef without DW_AT_type. We should fix this somehow.
756 if (is_stack(real_area1) && is_stack(real_area2))
758 ssize_t ignore1, ignore2;
760 if ((check_ignore > 0)
761 && ((ignore1 = heap_comparison_ignore_size(state->to_ignore1, real_area1))
763 && ((ignore2 = heap_comparison_ignore_size(state->to_ignore2, real_area2))
767 simgrid::mc::Type *subtype, *subsubtype;
769 const void *addr_pointed1, *addr_pointed2;
771 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
772 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
774 switch (type->type) {
775 case DW_TAG_unspecified_type:
778 case DW_TAG_base_type:
779 if (!type->name.empty() && type->name == "char") { /* String, hence random (arbitrary ?) size */
780 if (real_area1 == real_area2)
783 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, area_size) != 0);
785 if (area_size != -1 && type->byte_size != area_size)
788 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, type->byte_size) != 0);
791 case DW_TAG_enumeration_type:
792 if (area_size != -1 && type->byte_size != area_size)
795 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, type->byte_size) != 0);
798 case DW_TAG_const_type:
799 case DW_TAG_volatile_type:
801 type = type->subtype;
804 case DW_TAG_array_type:
805 subtype = type->subtype;
806 switch (subtype->type) {
807 case DW_TAG_unspecified_type:
810 case DW_TAG_base_type:
811 case DW_TAG_enumeration_type:
812 case DW_TAG_pointer_type:
813 case DW_TAG_reference_type:
814 case DW_TAG_rvalue_reference_type:
815 case DW_TAG_structure_type:
816 case DW_TAG_class_type:
817 case DW_TAG_union_type:
818 if (subtype->full_type)
819 subtype = subtype->full_type;
820 elm_size = subtype->byte_size;
822 // TODO, just remove the type indirection?
823 case DW_TAG_const_type:
825 case DW_TAG_volatile_type:
826 subsubtype = subtype->subtype;
827 if (subsubtype->full_type)
828 subsubtype = subsubtype->full_type;
829 elm_size = subsubtype->byte_size;
835 for (int i = 0; i < type->element_count; i++) {
836 // TODO, add support for variable stride (DW_AT_byte_stride)
838 compare_heap_area_with_type(state, process_index,
839 (char *) real_area1 + (i * elm_size),
840 (char *) real_area2 + (i * elm_size),
841 snapshot1, snapshot2, previous,
842 type->subtype, subtype->byte_size,
843 check_ignore, pointer_level);
848 case DW_TAG_reference_type:
849 case DW_TAG_rvalue_reference_type:
850 case DW_TAG_pointer_type:
851 if (type->subtype && type->subtype->type == DW_TAG_subroutine_type) {
852 addr_pointed1 = snapshot1->read(remote((void**)real_area1), process_index);
853 addr_pointed2 = snapshot2->read(remote((void**)real_area2), process_index);
854 return (addr_pointed1 != addr_pointed2);;
857 if (pointer_level > 1) { /* Array of pointers */
858 for (size_t i = 0; i < (area_size / sizeof(void *)); i++) {
859 addr_pointed1 = snapshot1->read(
860 remote((void**)((char*) real_area1 + i * sizeof(void *))),
862 addr_pointed2 = snapshot2->read(
863 remote((void**)((char*) real_area2 + i * sizeof(void *))),
865 if (addr_pointed1 > state->std_heap_copy.heapbase
866 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
867 && addr_pointed2 > state->std_heap_copy.heapbase
868 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2))
870 compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
871 snapshot2, previous, type->subtype,
874 res = (addr_pointed1 != addr_pointed2);
879 addr_pointed1 = snapshot1->read(remote((void**)real_area1), process_index);
880 addr_pointed2 = snapshot2->read(remote((void**)real_area2), process_index);
881 if (addr_pointed1 > state->std_heap_copy.heapbase
882 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
883 && addr_pointed2 > state->std_heap_copy.heapbase
884 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2))
885 return compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
886 snapshot2, previous, type->subtype,
889 return (addr_pointed1 != addr_pointed2);
893 case DW_TAG_structure_type:
894 case DW_TAG_class_type:
896 type = type->full_type;
897 if (area_size != -1 && type->byte_size != area_size) {
898 if (area_size > type->byte_size && area_size % type->byte_size == 0) {
899 for (size_t i = 0; i < (size_t)(area_size / type->byte_size); i++) {
901 compare_heap_area_with_type(state, process_index,
902 (char *) real_area1 + i * type->byte_size,
903 (char *) real_area2 + i * type->byte_size,
904 snapshot1, snapshot2, previous, type, -1,
912 for(simgrid::mc::Member& member : type->members) {
913 // TODO, optimize this? (for the offset case)
914 void *real_member1 = simgrid::dwarf::resolve_member(
915 real_area1, type, &member, (simgrid::mc::AddressSpace*) snapshot1, process_index);
916 void *real_member2 = simgrid::dwarf::resolve_member(
917 real_area2, type, &member, (simgrid::mc::AddressSpace*) snapshot2, process_index);
919 compare_heap_area_with_type(state, process_index, real_member1, real_member2,
920 snapshot1, snapshot2,
921 previous, member.type, -1,
928 case DW_TAG_union_type:
929 return compare_heap_area_without_type(state, process_index, real_area1, real_area2,
930 snapshot1, snapshot2, previous,
931 type->byte_size, check_ignore);
941 /** Infer the type of a part of the block from the type of the block
943 * TODO, handle DW_TAG_array_type as well as arrays of the object ((*p)[5], p[5])
945 * TODO, handle subfields ((*p).bar.foo, (*p)[5].bar…)
947 * @param type_id DWARF type ID of the root address
949 * @return DWARF type ID for given offset
951 static simgrid::mc::Type* get_offset_type(void *real_base_address, simgrid::mc::Type* type,
952 int offset, int area_size,
953 simgrid::mc::Snapshot* snapshot, int process_index)
956 // Beginning of the block, the infered variable type if the type of the block:
960 switch (type->type) {
961 case DW_TAG_structure_type:
962 case DW_TAG_class_type:
964 type = type->full_type;
966 if (area_size != -1 && type->byte_size != area_size) {
967 if (area_size > type->byte_size && area_size % type->byte_size == 0)
972 for(simgrid::mc::Member& member : type->members) {
974 if (member.has_offset_location()) {
975 // We have the offset, use it directly (shortcut):
976 if (member.offset() == offset)
979 void *real_member = simgrid::dwarf::resolve_member(
980 real_base_address, type, &member, snapshot, process_index);
981 if ((char*) real_member - (char *) real_base_address == offset)
990 /* FIXME : other cases ? */
998 * @param area1 Process address for state 1
999 * @param area2 Process address for state 2
1000 * @param snapshot1 Snapshot of state 1
1001 * @param snapshot2 Snapshot of state 2
1002 * @param previous Pairs of blocks already compared on the current path (or nullptr)
1003 * @param type_id Type of variable
1004 * @param pointer_level
1005 * @return 0 (same), 1 (different), -1
1007 int compare_heap_area(int process_index, const void *area1, const void *area2, simgrid::mc::Snapshot* snapshot1,
1008 simgrid::mc::Snapshot* snapshot2, xbt_dynar_t previous,
1009 simgrid::mc::Type* type, int pointer_level)
1011 simgrid::mc::Process* process = &mc_model_checker->process();
1013 struct s_mc_diff *state = mc_diff_info;
1016 ssize_t block1, frag1, block2, frag2;
1018 int check_ignore = 0;
1020 void *real_addr_block1, *real_addr_block2, *real_addr_frag1, *real_addr_frag2;
1022 int offset1 = 0, offset2 = 0;
1023 int new_size1 = -1, new_size2 = -1;
1024 simgrid::mc::Type *new_type1 = nullptr, *new_type2 = NULL;
1026 int match_pairs = 0;
1028 // This is the address of std_heap->heapinfo in the application process:
1029 void* heapinfo_address = &((xbt_mheap_t) process->heap_address)->heapinfo;
1031 const malloc_info* heapinfos1 = snapshot1->read(
1032 remote((const malloc_info**)heapinfo_address), process_index);
1033 const malloc_info* heapinfos2 = snapshot2->read(
1034 remote((const malloc_info**)heapinfo_address), process_index);
1036 malloc_info heapinfo_temp1, heapinfo_temp2;
1038 if (previous == nullptr) {
1040 xbt_dynar_new(sizeof(heap_area_pair_t), heap_area_pair_free_voidp);
1043 // Get block number:
1046 (char *) state->std_heap_copy.heapbase) / BLOCKSIZE + 1;
1049 (char *) state->std_heap_copy.heapbase) / BLOCKSIZE + 1;
1051 // If either block is a stack block:
1052 if (is_block_stack((int) block1) && is_block_stack((int) block2)) {
1053 add_heap_area_pair(previous, block1, -1, block2, -1);
1055 match_equals(state, previous);
1056 xbt_dynar_free(&previous);
1060 // If either block is not in the expected area of memory:
1061 if (((char *) area1 < (char *) state->std_heap_copy.heapbase)
1062 || (block1 > (ssize_t) state->heapsize1) || (block1 < 1)
1063 || ((char *) area2 < (char *) state->std_heap_copy.heapbase)
1064 || (block2 > (ssize_t) state->heapsize2) || (block2 < 1)) {
1066 xbt_dynar_free(&previous);
1070 // Process address of the block:
1071 real_addr_block1 = (ADDR2UINT(block1) - 1) * BLOCKSIZE +
1072 (char *) state->std_heap_copy.heapbase;
1073 real_addr_block2 = (ADDR2UINT(block2) - 1) * BLOCKSIZE +
1074 (char *) state->std_heap_copy.heapbase;
1078 if (type->full_type)
1079 type = type->full_type;
1081 // This assume that for "boring" types (volatile ...) byte_size is absent:
1082 while (type->byte_size == 0 && type->subtype != nullptr)
1083 type = type->subtype;
1086 if ((type->type == DW_TAG_pointer_type)
1087 || ((type->type == DW_TAG_base_type) && !type->name.empty()
1088 && type->name == "char"))
1091 type_size = type->byte_size;
1095 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
1096 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
1098 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(
1099 heap_region1, &heapinfo_temp1, &heapinfos1[block1], sizeof(malloc_info));
1100 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(
1101 heap_region2, &heapinfo_temp2, &heapinfos2[block2], sizeof(malloc_info));
1103 if ((heapinfo1->type == MMALLOC_TYPE_FREE || heapinfo1->type==MMALLOC_TYPE_HEAPINFO)
1104 && (heapinfo2->type == MMALLOC_TYPE_FREE || heapinfo2->type ==MMALLOC_TYPE_HEAPINFO)) {
1108 match_equals(state, previous);
1109 xbt_dynar_free(&previous);
1113 } else if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED
1114 && heapinfo2->type == MMALLOC_TYPE_UNFRAGMENTED) {
1115 /* Complete block */
1117 // TODO, lookup variable type from block type as done for fragmented blocks
1119 offset1 = (char *) area1 - (char *) real_addr_block1;
1120 offset2 = (char *) area2 - (char *) real_addr_block2;
1122 if (state->equals_to1_(block1, 0).valid
1123 && state->equals_to2_(block2, 0).valid) {
1124 if (equal_blocks(state, block1, block2)) {
1126 match_equals(state, previous);
1127 xbt_dynar_free(&previous);
1133 if (type_size != -1) {
1134 if (type_size != (ssize_t) heapinfo1->busy_block.busy_size
1135 && type_size != (ssize_t) heapinfo2->busy_block.busy_size
1136 && (type->name.empty() || type->name == "struct s_smx_context")) {
1138 match_equals(state, previous);
1139 xbt_dynar_free(&previous);
1145 if (heapinfo1->busy_block.size !=
1146 heapinfo2->busy_block.size) {
1148 xbt_dynar_free(&previous);
1152 if (heapinfo1->busy_block.busy_size !=
1153 heapinfo2->busy_block.busy_size) {
1155 xbt_dynar_free(&previous);
1159 if (!add_heap_area_pair(previous, block1, -1, block2, -1)) {
1161 match_equals(state, previous);
1162 xbt_dynar_free(&previous);
1167 size = heapinfo1->busy_block.busy_size;
1169 // Remember (basic) type inference.
1170 // The current data structure only allows us to do this for the whole block.
1171 if (type != nullptr && area1 == real_addr_block1)
1172 state->types1_(block1, 0) = type;
1173 if (type != nullptr && area2 == real_addr_block2)
1174 state->types2_(block2, 0) = type;
1178 match_equals(state, previous);
1179 xbt_dynar_free(&previous);
1187 if ((heapinfo1->busy_block.ignore > 0)
1188 && (heapinfo2->busy_block.ignore ==
1189 heapinfo1->busy_block.ignore))
1190 check_ignore = heapinfo1->busy_block.ignore;
1192 } else if ((heapinfo1->type > 0) && (heapinfo2->type > 0)) { /* Fragmented block */
1196 ((uintptr_t) (ADDR2UINT(area1) % (BLOCKSIZE))) >> heapinfo1->type;
1198 ((uintptr_t) (ADDR2UINT(area2) % (BLOCKSIZE))) >> heapinfo2->type;
1200 // Process address of the fragment:
1202 (void *) ((char *) real_addr_block1 +
1203 (frag1 << heapinfo1->type));
1205 (void *) ((char *) real_addr_block2 +
1206 (frag2 << heapinfo2->type));
1208 // Check the size of the fragments against the size of the type:
1209 if (type_size != -1) {
1210 if (heapinfo1->busy_frag.frag_size[frag1] == -1
1211 || heapinfo2->busy_frag.frag_size[frag2] == -1) {
1213 match_equals(state, previous);
1214 xbt_dynar_free(&previous);
1219 if (type_size != heapinfo1->busy_frag.frag_size[frag1]
1220 || type_size != heapinfo2->busy_frag.frag_size[frag2]) {
1222 match_equals(state, previous);
1223 xbt_dynar_free(&previous);
1229 // Check if the blocks are already matched together:
1230 if (state->equals_to1_(block1, frag1).valid
1231 && state->equals_to2_(block2, frag2).valid) {
1232 if (offset1==offset2 && equal_fragments(state, block1, frag1, block2, frag2)) {
1234 match_equals(state, previous);
1235 xbt_dynar_free(&previous);
1240 // Compare the size of both fragments:
1241 if (heapinfo1->busy_frag.frag_size[frag1] !=
1242 heapinfo2->busy_frag.frag_size[frag2]) {
1243 if (type_size == -1) {
1245 match_equals(state, previous);
1246 xbt_dynar_free(&previous);
1251 xbt_dynar_free(&previous);
1256 // Size of the fragment:
1257 size = heapinfo1->busy_frag.frag_size[frag1];
1259 // Remember (basic) type inference.
1260 // The current data structure only allows us to do this for the whole fragment.
1261 if (type != nullptr && area1 == real_addr_frag1)
1262 state->types1_(block1, frag1) = type;
1263 if (type != nullptr && area2 == real_addr_frag2)
1264 state->types2_(block2, frag2) = type;
1266 // The type of the variable is already known:
1271 // Type inference from the block type.
1272 else if (state->types1_(block1, frag1) != nullptr
1273 || state->types2_(block2, frag2) != nullptr) {
1275 offset1 = (char *) area1 - (char *) real_addr_frag1;
1276 offset2 = (char *) area2 - (char *) real_addr_frag2;
1278 if (state->types1_(block1, frag1) != nullptr
1279 && state->types2_(block2, frag2) != nullptr) {
1281 get_offset_type(real_addr_frag1, state->types1_(block1, frag1),
1282 offset1, size, snapshot1, process_index);
1284 get_offset_type(real_addr_frag2, state->types2_(block2, frag2),
1285 offset1, size, snapshot2, process_index);
1286 } else if (state->types1_(block1, frag1) != nullptr) {
1288 get_offset_type(real_addr_frag1, state->types1_(block1, frag1),
1289 offset1, size, snapshot1, process_index);
1291 get_offset_type(real_addr_frag2, state->types1_(block1, frag1),
1292 offset2, size, snapshot2, process_index);
1293 } else if (state->types2_(block2, frag2) != nullptr) {
1295 get_offset_type(real_addr_frag1, state->types2_(block2, frag2),
1296 offset1, size, snapshot1, process_index);
1298 get_offset_type(real_addr_frag2, state->types2_(block2, frag2),
1299 offset2, size, snapshot2, process_index);
1302 match_equals(state, previous);
1303 xbt_dynar_free(&previous);
1308 if (new_type1 != nullptr && new_type2 != NULL && new_type1 != new_type2) {
1311 while (type->byte_size == 0 && type->subtype != nullptr)
1312 type = type->subtype;
1313 new_size1 = type->byte_size;
1316 while (type->byte_size == 0 && type->subtype != nullptr)
1317 type = type->subtype;
1318 new_size2 = type->byte_size;
1322 match_equals(state, previous);
1323 xbt_dynar_free(&previous);
1329 if (new_size1 > 0 && new_size1 == new_size2) {
1334 if (offset1 == 0 && offset2 == 0
1335 && !add_heap_area_pair(previous, block1, frag1, block2, frag2)) {
1337 match_equals(state, previous);
1338 xbt_dynar_free(&previous);
1345 match_equals(state, previous);
1346 xbt_dynar_free(&previous);
1351 if ((heapinfo1->busy_frag.ignore[frag1] > 0)
1352 && (heapinfo2->busy_frag.ignore[frag2] ==
1353 heapinfo1->busy_frag.ignore[frag1]))
1354 check_ignore = heapinfo1->busy_frag.ignore[frag1];
1359 xbt_dynar_free(&previous);
1365 /* Start comparison */
1368 compare_heap_area_with_type(state, process_index, area1, area2, snapshot1, snapshot2,
1369 previous, type, size, check_ignore,
1373 compare_heap_area_without_type(state, process_index, area1, area2, snapshot1, snapshot2,
1374 previous, size, check_ignore);
1376 if (res_compare == 1) {
1378 xbt_dynar_free(&previous);
1383 match_equals(state, previous);
1384 xbt_dynar_free(&previous);
1390 /*********************************************** Miscellaneous ***************************************************/
1391 /****************************************************************************************************************/
1393 // Not used and broken code:
1397 static int get_pointed_area_size(void *area, int heap)
1400 struct s_mc_diff *state = mc_diff_info;
1403 malloc_info *heapinfo;
1406 heapinfo = state->heapinfo1;
1408 heapinfo = state->heapinfo2;
1412 (char *) state->std_heap_copy.heapbase) / BLOCKSIZE + 1;
1414 if (((char *) area < (char *) state->std_heap_copy.heapbase)
1415 || (block > state->heapsize1) || (block < 1))
1418 if (heapinfo[block].type == MMALLOC_TYPE_FREE || heapinfo[block].type == MMALLOC_TYPE_HEAPINFO) { /* Free block */
1420 else if (heapinfo[block].type == MMALLOC_TYPE_UNFRAGMENTED) /* Complete block */
1421 return (int) heapinfo[block].busy_block.busy_size;
1424 ((uintptr_t) (ADDR2UINT(area) % (BLOCKSIZE))) >> heapinfo[block].type;
1425 return (int) heapinfo[block].busy_frag.frag_size[frag];
1430 #define max( a, b ) ( ((a) > (b)) ? (a) : (b) )
1434 int mmalloc_linear_compare_heap(xbt_mheap_t heap1, xbt_mheap_t heap2)
1437 struct s_mc_diff *state = mc_diff_info;
1439 if (heap1 == nullptr && heap1 == NULL) {
1440 XBT_DEBUG("Malloc descriptors null");
1444 if (heap1->heaplimit != heap2->heaplimit) {
1445 XBT_DEBUG("Different limit of valid info table indices");
1449 /* Heap information */
1450 state->heaplimit = ((struct mdesc *) heap1)->heaplimit;
1452 state->std_heap_copy = *mc_model_checker->process().get_heap();
1454 state->heapbase1 = (char *) heap1 + BLOCKSIZE;
1455 state->heapbase2 = (char *) heap2 + BLOCKSIZE;
1458 (malloc_info *) ((char *) heap1 +
1460 ((char *) heap1->heapinfo - (char *) state->s_heap)));
1462 (malloc_info *) ((char *) heap2 +
1464 ((char *) heap2->heapinfo - (char *) state->s_heap)));
1466 state->heapsize1 = heap1->heapsize;
1467 state->heapsize2 = heap2->heapsize;
1469 /* Start comparison */
1471 void *addr_block1, *addr_block2, *addr_frag1, *addr_frag2;
1475 /* Check busy blocks */
1479 while (i <= state->heaplimit) {
1482 ((void *) (((ADDR2UINT(i)) - 1) * BLOCKSIZE +
1483 (char *) state->heapbase1));
1485 ((void *) (((ADDR2UINT(i)) - 1) * BLOCKSIZE +
1486 (char *) state->heapbase2));
1488 if (state->heapinfo1[i].type != state->heapinfo2[i].type) {
1490 distance += BLOCKSIZE;
1491 XBT_DEBUG("Different type of blocks (%zu) : %d - %d -> distance = %d", i,
1492 state->heapinfo1[i].type, state->heapinfo2[i].type, distance);
1497 if (state->heapinfo1[i].type == MMALLOC_TYPE_FREE
1498 || state->heapinfo1[i].type == MMALLOC_TYPE_HAPINFO) { /* Free block */
1503 if (state->heapinfo1[i].type == MMALLOC_TYPE_UNFRAGMENTED) { /* Large block */
1505 if (state->heapinfo1[i].busy_block.size !=
1506 state->heapinfo2[i].busy_block.size) {
1508 BLOCKSIZE * max(state->heapinfo1[i].busy_block.size,
1509 state->heapinfo2[i].busy_block.size);
1510 i += max(state->heapinfo1[i].busy_block.size,
1511 state->heapinfo2[i].busy_block.size);
1513 ("Different larger of cluster at block %zu : %zu - %zu -> distance = %d",
1514 i, state->heapinfo1[i].busy_block.size,
1515 state->heapinfo2[i].busy_block.size, distance);
1519 /*if(heapinfo1[i].busy_block.busy_size != heapinfo2[i].busy_block.busy_size){
1520 distance += max(heapinfo1[i].busy_block.busy_size, heapinfo2[i].busy_block.busy_size);
1521 i += max(heapinfo1[i].busy_block.size, heapinfo2[i].busy_block.size);
1522 XBT_DEBUG("Different size used oin large cluster at block %zu : %zu - %zu -> distance = %d", i, heapinfo1[i].busy_block.busy_size, heapinfo2[i].busy_block.busy_size, distance);
1528 //while(k < (heapinfo1[i].busy_block.busy_size)){
1529 while (k < state->heapinfo1[i].busy_block.size * BLOCKSIZE) {
1530 if (memcmp((char *) addr_block1 + k, (char *) addr_block2 + k, 1) !=
1539 } else { /* Fragmented block */
1541 for (j = 0; j < (size_t) (BLOCKSIZE >> state->heapinfo1[i].type); j++) {
1544 (void *) ((char *) addr_block1 + (j << state->heapinfo1[i].type));
1546 (void *) ((char *) addr_block2 + (j << state->heapinfo2[i].type));
1548 if (state->heapinfo1[i].busy_frag.frag_size[j] == 0
1549 && state->heapinfo2[i].busy_frag.frag_size[j] == 0) {
1554 /*if(heapinfo1[i].busy_frag.frag_size[j] != heapinfo2[i].busy_frag.frag_size[j]){
1555 distance += max(heapinfo1[i].busy_frag.frag_size[j], heapinfo2[i].busy_frag.frag_size[j]);
1556 XBT_DEBUG("Different size used in fragment %zu in block %zu : %d - %d -> distance = %d", j, i, heapinfo1[i].busy_frag.frag_size[j], heapinfo2[i].busy_frag.frag_size[j], distance);
1562 //while(k < max(heapinfo1[i].busy_frag.frag_size[j], heapinfo2[i].busy_frag.frag_size[j])){
1563 while (k < (BLOCKSIZE / (BLOCKSIZE >> state->heapinfo1[i].type))) {
1564 if (memcmp((char *) addr_frag1 + k, (char *) addr_frag2 + k, 1) !=
