1 /* Copyright (c) 2008-2015. The SimGrid Team.
2 * All rights reserved. */
4 /* This program is free software; you can redistribute it and/or modify it
5 * under the terms of the license (GNU LGPL) which comes with this package. */
7 /* mc_diff - Memory snapshooting and comparison */
13 #include "src/xbt/ex_interface.h" /* internals of backtrace setup */
15 #include "xbt/mmalloc.h"
16 #include "mc/datatypes.h"
17 #include "src/mc/malloc.hpp"
18 #include "src/mc/mc_private.h"
19 #include "src/mc/mc_snapshot.h"
20 #include "src/mc/mc_dwarf.hpp"
21 #include "src/mc/Type.hpp"
23 #include <xbt/dynar.h>
25 using simgrid::mc::remote;
27 XBT_LOG_NEW_DEFAULT_SUBCATEGORY(mc_diff, xbt,
28 "Logging specific to mc_diff in mc");
30 /*********************************** Heap comparison ***********************************/
31 /***************************************************************************************/
36 struct ProcessComparisonState {
37 std::vector<simgrid::mc::IgnoredHeapRegion>* to_ignore = nullptr;
38 std::vector<s_heap_area_t> equals_to;
39 std::vector<simgrid::mc::Type*> types;
40 std::size_t heapsize = 0;
42 void initHeapInformation(xbt_mheap_t heap,
43 std::vector<simgrid::mc::IgnoredHeapRegion>* i);
46 struct StateComparator {
47 s_xbt_mheap_t std_heap_copy;
48 std::size_t heaplimit;
49 std::array<ProcessComparisonState, 2> processStates;
51 int initHeapInformation(
52 xbt_mheap_t heap1, xbt_mheap_t heap2,
53 std::vector<simgrid::mc::IgnoredHeapRegion>* i1,
54 std::vector<simgrid::mc::IgnoredHeapRegion>* i2);
56 s_heap_area_t& equals_to1_(std::size_t i, std::size_t j)
58 return processStates[0].equals_to[ MAX_FRAGMENT_PER_BLOCK * i + j];
60 s_heap_area_t& equals_to2_(std::size_t i, std::size_t j)
62 return processStates[1].equals_to[ MAX_FRAGMENT_PER_BLOCK * i + j];
64 Type*& types1_(std::size_t i, std::size_t j)
66 return processStates[0].types[ MAX_FRAGMENT_PER_BLOCK * i + j];
68 Type*& types2_(std::size_t i, std::size_t j)
70 return processStates[1].types[ MAX_FRAGMENT_PER_BLOCK * i + j];
73 s_heap_area_t const& equals_to1_(std::size_t i, std::size_t j) const
75 return processStates[0].equals_to[ MAX_FRAGMENT_PER_BLOCK * i + j];
77 s_heap_area_t const& equals_to2_(std::size_t i, std::size_t j) const
79 return processStates[1].equals_to[ MAX_FRAGMENT_PER_BLOCK * i + j];
81 Type* const& types1_(std::size_t i, std::size_t j) const
83 return processStates[0].types[ MAX_FRAGMENT_PER_BLOCK * i + j];
85 Type* const& types2_(std::size_t i, std::size_t j) const
87 return processStates[1].types[ MAX_FRAGMENT_PER_BLOCK * i + j];
90 /** Check whether two blocks are known to be matching
92 * @param state State used
93 * @param b1 Block of state 1
94 * @param b2 Block of state 2
95 * @return if the blocks are known to be matching
97 bool blocksEqual(int b1, int b2) const
99 return this->equals_to1_(b1, 0).block == b2
100 && this->equals_to2_(b2, 0).block == b1;
103 /** Check whether two fragments are known to be matching
105 * @param state State used
106 * @param b1 Block of state 1
107 * @param f1 Fragment of state 1
108 * @param b2 Block of state 2
109 * @param f2 Fragment of state 2
110 * @return if the fragments are known to be matching
112 int fragmentsEqual(int b1, int f1, int b2, int f2) const
114 return this->equals_to1_(b1, f1).block == b2
115 && this->equals_to1_(b1, f1).fragment == f2
116 && this->equals_to2_(b2, f2).block == b1
117 && this->equals_to2_(b2, f2).fragment == f1;
120 void match_equals(xbt_dynar_t list);
126 // TODO, make this a field of ModelChecker or something similar
127 static std::unique_ptr<simgrid::mc::StateComparator> mc_diff_info;
129 /*********************************** Free functions ************************************/
131 static void heap_area_pair_free(heap_area_pair_t pair)
137 static void heap_area_pair_free_voidp(void *d)
139 heap_area_pair_free((heap_area_pair_t) * (void **) d);
142 static void heap_area_free(heap_area_t area)
148 /************************************************************************************/
150 static s_heap_area_t make_heap_area(int block, int fragment)
155 area.fragment = fragment;
160 static int is_new_heap_area_pair(xbt_dynar_t list, int block1, int fragment1,
161 int block2, int fragment2)
164 unsigned int cursor = 0;
165 heap_area_pair_t current_pair;
167 xbt_dynar_foreach(list, cursor, current_pair)
168 if (current_pair->block1 == block1 && current_pair->block2 == block2
169 && current_pair->fragment1 == fragment1
170 && current_pair->fragment2 == fragment2)
176 static int add_heap_area_pair(xbt_dynar_t list, int block1, int fragment1,
177 int block2, int fragment2)
180 if (is_new_heap_area_pair(list, block1, fragment1, block2, fragment2)) {
181 heap_area_pair_t pair = nullptr;
182 pair = xbt_new0(s_heap_area_pair_t, 1);
183 pair->block1 = block1;
184 pair->fragment1 = fragment1;
185 pair->block2 = block2;
186 pair->fragment2 = fragment2;
188 xbt_dynar_push(list, &pair);
196 static ssize_t heap_comparison_ignore_size(
197 std::vector<simgrid::mc::IgnoredHeapRegion>* ignore_list,
201 int end = ignore_list->size() - 1;
203 while (start <= end) {
204 unsigned int cursor = (start + end) / 2;
205 simgrid::mc::IgnoredHeapRegion const& region = (*ignore_list)[cursor];
206 if (region.address == address)
208 if (region.address < address)
210 if (region.address > address)
217 static bool is_stack(const void *address)
219 for (auto const& stack : mc_model_checker->process().stack_areas())
220 if (address == stack.address)
225 // TODO, this should depend on the snapshot?
226 static bool is_block_stack(int block)
228 for (auto const& stack : mc_model_checker->process().stack_areas())
229 if (block == stack.block)
237 void StateComparator::match_equals(xbt_dynar_t list)
239 unsigned int cursor = 0;
240 heap_area_pair_t current_pair;
242 xbt_dynar_foreach(list, cursor, current_pair) {
243 if (current_pair->fragment1 != -1) {
244 this->equals_to1_(current_pair->block1, current_pair->fragment1) =
245 make_heap_area(current_pair->block2, current_pair->fragment2);
246 this->equals_to2_(current_pair->block2, current_pair->fragment2) =
247 make_heap_area(current_pair->block1, current_pair->fragment1);
249 this->equals_to1_(current_pair->block1, 0) =
250 make_heap_area(current_pair->block2, current_pair->fragment2);
251 this->equals_to2_(current_pair->block2, 0) =
252 make_heap_area(current_pair->block1, current_pair->fragment1);
257 int init_heap_information(xbt_mheap_t heap1, xbt_mheap_t heap2,
258 std::vector<simgrid::mc::IgnoredHeapRegion>* i1,
259 std::vector<simgrid::mc::IgnoredHeapRegion>* i2)
261 if (mc_diff_info == nullptr)
262 mc_diff_info = std::unique_ptr<StateComparator>(new StateComparator());
263 return mc_diff_info->initHeapInformation(heap1, heap2, i1, i2);
266 void ProcessComparisonState::initHeapInformation(xbt_mheap_t heap,
267 std::vector<simgrid::mc::IgnoredHeapRegion>* i)
269 auto heaplimit = ((struct mdesc *) heap)->heaplimit;
270 this->heapsize = ((struct mdesc *) heap)->heapsize;
272 this->equals_to.assign(heaplimit * MAX_FRAGMENT_PER_BLOCK, s_heap_area {0, 0, 0});
273 this->types.assign(heaplimit * MAX_FRAGMENT_PER_BLOCK, nullptr);
276 int StateComparator::initHeapInformation(xbt_mheap_t heap1, xbt_mheap_t heap2,
277 std::vector<simgrid::mc::IgnoredHeapRegion>* i1,
278 std::vector<simgrid::mc::IgnoredHeapRegion>* i2)
280 if ((((struct mdesc *) heap1)->heaplimit !=
281 ((struct mdesc *) heap2)->heaplimit)
283 ((((struct mdesc *) heap1)->heapsize !=
284 ((struct mdesc *) heap2)->heapsize)))
286 this->heaplimit = ((struct mdesc *) heap1)->heaplimit;
287 this->std_heap_copy = *mc_model_checker->process().get_heap();
288 this->processStates[0].initHeapInformation(heap1, i1);
289 this->processStates[1].initHeapInformation(heap2, i2);
293 void reset_heap_information()
298 // TODO, have a robust way to find it in O(1)
300 mc_mem_region_t MC_get_heap_region(simgrid::mc::Snapshot* snapshot)
302 size_t n = snapshot->snapshot_regions.size();
303 for (size_t i=0; i!=n; ++i) {
304 mc_mem_region_t region = snapshot->snapshot_regions[i].get();
305 if (region->region_type() == simgrid::mc::RegionType::Heap)
308 xbt_die("No heap region");
311 int mmalloc_compare_heap(simgrid::mc::Snapshot* snapshot1, simgrid::mc::Snapshot* snapshot2)
313 simgrid::mc::Process* process = &mc_model_checker->process();
314 simgrid::mc::StateComparator *state = mc_diff_info.get();
316 /* Start comparison */
317 size_t i1, i2, j1, j2, k;
318 void *addr_block1, *addr_block2, *addr_frag1, *addr_frag2;
319 int nb_diff1 = 0, nb_diff2 = 0;
321 int equal, res_compare = 0;
323 /* Check busy blocks */
327 malloc_info heapinfo_temp1, heapinfo_temp2;
328 malloc_info heapinfo_temp2b;
330 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
331 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
333 // This is the address of std_heap->heapinfo in the application process:
334 void* heapinfo_address = &((xbt_mheap_t) process->heap_address)->heapinfo;
336 // This is in snapshot do not use them directly:
337 const malloc_info* heapinfos1 = snapshot1->read<malloc_info*>(
338 (std::uint64_t)heapinfo_address, simgrid::mc::ProcessIndexMissing);
339 const malloc_info* heapinfos2 = snapshot2->read<malloc_info*>(
340 (std::uint64_t)heapinfo_address, simgrid::mc::ProcessIndexMissing);
342 while (i1 < state->heaplimit) {
344 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(heap_region1, &heapinfo_temp1, &heapinfos1[i1], sizeof(malloc_info));
345 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(heap_region2, &heapinfo_temp2, &heapinfos2[i1], sizeof(malloc_info));
347 if (heapinfo1->type == MMALLOC_TYPE_FREE || heapinfo1->type == MMALLOC_TYPE_HEAPINFO) { /* Free block */
352 if (heapinfo1->type < 0) {
353 fprintf(stderr, "Unkown mmalloc block type.\n");
358 ((void *) (((ADDR2UINT(i1)) - 1) * BLOCKSIZE +
359 (char *) state->std_heap_copy.heapbase));
361 if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED) { /* Large block */
363 if (is_stack(addr_block1)) {
364 for (k = 0; k < heapinfo1->busy_block.size; k++)
365 state->equals_to1_(i1 + k, 0) = make_heap_area(i1, -1);
366 for (k = 0; k < heapinfo2->busy_block.size; k++)
367 state->equals_to2_(i1 + k, 0) = make_heap_area(i1, -1);
368 i1 += heapinfo1->busy_block.size;
372 if (state->equals_to1_(i1, 0).valid) {
381 /* Try first to associate to same block in the other heap */
382 if (heapinfo2->type == heapinfo1->type) {
384 if (state->equals_to2_(i1, 0).valid == 0) {
386 addr_block2 = (ADDR2UINT(i1) - 1) * BLOCKSIZE +
387 (char *) state->std_heap_copy.heapbase;
390 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_block1, addr_block2, snapshot1, snapshot2,
391 nullptr, nullptr, 0);
393 if (res_compare != 1) {
394 for (k = 1; k < heapinfo2->busy_block.size; k++)
395 state->equals_to2_(i1 + k, 0) = make_heap_area(i1, -1);
396 for (k = 1; k < heapinfo1->busy_block.size; k++)
397 state->equals_to1_(i1 + k, 0) = make_heap_area(i1, -1);
399 i1 += heapinfo1->busy_block.size;
406 while (i2 < state->heaplimit && !equal) {
408 addr_block2 = (ADDR2UINT(i2) - 1) * BLOCKSIZE +
409 (char *) state->std_heap_copy.heapbase;
416 const malloc_info* heapinfo2b = (const malloc_info*) MC_region_read(heap_region2, &heapinfo_temp2b, &heapinfos2[i2], sizeof(malloc_info));
418 if (heapinfo2b->type != MMALLOC_TYPE_UNFRAGMENTED) {
423 if (state->equals_to2_(i2, 0).valid) {
429 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_block1, addr_block2, snapshot1, snapshot2,
430 nullptr, nullptr, 0);
432 if (res_compare != 1) {
433 for (k = 1; k < heapinfo2b->busy_block.size; k++)
434 state->equals_to2_(i2 + k, 0) = make_heap_area(i1, -1);
435 for (k = 1; k < heapinfo1->busy_block.size; k++)
436 state->equals_to1_(i1 + k, 0) = make_heap_area(i2, -1);
438 i1 += heapinfo1->busy_block.size;
446 XBT_DEBUG("Block %zu not found (size_used = %zu, addr = %p)", i1,
447 heapinfo1->busy_block.busy_size, addr_block1);
448 i1 = state->heaplimit + 1;
453 } else { /* Fragmented block */
455 for (j1 = 0; j1 < (size_t) (BLOCKSIZE >> heapinfo1->type); j1++) {
457 if (heapinfo1->busy_frag.frag_size[j1] == -1) /* Free fragment */
460 if (state->equals_to1_(i1, j1).valid)
464 (void *) ((char *) addr_block1 + (j1 << heapinfo1->type));
469 /* Try first to associate to same fragment in the other heap */
470 if (heapinfo2->type == heapinfo1->type) {
472 if (state->equals_to2_(i1, j1).valid == 0) {
474 addr_block2 = (ADDR2UINT(i1) - 1) * BLOCKSIZE +
475 (char *) state->std_heap_copy.heapbase;
477 (void *) ((char *) addr_block2 +
478 (j1 << heapinfo2->type));
481 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_frag1, addr_frag2, snapshot1, snapshot2,
482 nullptr, nullptr, 0);
484 if (res_compare != 1)
491 while (i2 < state->heaplimit && !equal) {
493 const malloc_info* heapinfo2b = (const malloc_info*) MC_region_read(
494 heap_region2, &heapinfo_temp2b, &heapinfos2[i2],
495 sizeof(malloc_info));
497 if (heapinfo2b->type == MMALLOC_TYPE_FREE || heapinfo2b->type == MMALLOC_TYPE_HEAPINFO) {
502 // We currently do not match fragments with unfragmented blocks (maybe we should).
503 if (heapinfo2b->type == MMALLOC_TYPE_UNFRAGMENTED) {
508 if (heapinfo2b->type < 0) {
509 fprintf(stderr, "Unkown mmalloc block type.\n");
513 for (j2 = 0; j2 < (size_t) (BLOCKSIZE >> heapinfo2b->type);
516 if (i2 == i1 && j2 == j1)
519 if (state->equals_to2_(i2, j2).valid)
522 addr_block2 = (ADDR2UINT(i2) - 1) * BLOCKSIZE +
523 (char *) state->std_heap_copy.heapbase;
525 (void *) ((char *) addr_block2 +
526 (j2 << heapinfo2b->type));
529 compare_heap_area(simgrid::mc::ProcessIndexMissing, addr_frag1, addr_frag2, snapshot2, snapshot2,
530 nullptr, nullptr, 0);
532 if (res_compare != 1) {
545 ("Block %zu, fragment %zu not found (size_used = %zd, address = %p)\n",
546 i1, j1, heapinfo1->busy_frag.frag_size[j1],
548 i2 = state->heaplimit + 1;
549 i1 = state->heaplimit + 1;
562 /* All blocks/fragments are equal to another block/fragment ? */
565 for(i = 1; i < state->heaplimit; i++) {
566 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(
567 heap_region1, &heapinfo_temp1, &heapinfos1[i], sizeof(malloc_info));
568 if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED) {
569 if (i1 == state->heaplimit) {
570 if (heapinfo1->busy_block.busy_size > 0) {
571 if (state->equals_to1_(i, 0).valid == 0) {
572 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
574 XBT_DEBUG("Block %zu not found (size used = %zu)", i,
575 heapinfo1->busy_block.busy_size);
582 if (heapinfo1->type > 0) {
583 for (j = 0; j < (size_t) (BLOCKSIZE >> heapinfo1->type); j++) {
584 if (i1 == state->heaplimit) {
585 if (heapinfo1->busy_frag.frag_size[j] > 0) {
586 if (state->equals_to1_(i, j).valid == 0) {
587 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
588 // TODO, print fragment address
590 ("Block %zu, Fragment %zu not found (size used = %zd)",
592 heapinfo1->busy_frag.frag_size[j]);
602 if (i1 == state->heaplimit)
603 XBT_DEBUG("Number of blocks/fragments not found in heap1 : %d", nb_diff1);
605 for (i=1; i < state->heaplimit; i++) {
606 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(
607 heap_region2, &heapinfo_temp2, &heapinfos2[i], sizeof(malloc_info));
608 if (heapinfo2->type == MMALLOC_TYPE_UNFRAGMENTED) {
609 if (i1 == state->heaplimit) {
610 if (heapinfo2->busy_block.busy_size > 0) {
611 if (state->equals_to2_(i, 0).valid == 0) {
612 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
613 // TODO, print address of the block
614 XBT_DEBUG("Block %zu not found (size used = %zu)", i,
615 heapinfo2->busy_block.busy_size);
622 if (heapinfo2->type > 0) {
623 for (j = 0; j < (size_t) (BLOCKSIZE >> heapinfo2->type); j++) {
624 if (i1 == state->heaplimit) {
625 if (heapinfo2->busy_frag.frag_size[j] > 0) {
626 if (state->equals_to2_(i, j).valid == 0) {
627 if (XBT_LOG_ISENABLED(mc_diff, xbt_log_priority_debug)) {
628 // TODO, print address of the block
630 ("Block %zu, Fragment %zu not found (size used = %zd)",
632 heapinfo2->busy_frag.frag_size[j]);
642 if (i1 == state->heaplimit)
643 XBT_DEBUG("Number of blocks/fragments not found in heap2 : %d", nb_diff2);
645 return ((nb_diff1 > 0) || (nb_diff2 > 0));
651 * @param real_area1 Process address for state 1
652 * @param real_area2 Process address for state 2
653 * @param snapshot1 Snapshot of state 1
654 * @param snapshot2 Snapshot of state 2
657 * @param check_ignore
659 static int compare_heap_area_without_type(
660 simgrid::mc::StateComparator *state, int process_index,
661 const void *real_area1, const void *real_area2,
662 simgrid::mc::Snapshot* snapshot1,
663 simgrid::mc::Snapshot* snapshot2,
664 xbt_dynar_t previous, int size,
667 simgrid::mc::Process* process = &mc_model_checker->process();
670 const void *addr_pointed1, *addr_pointed2;
671 int pointer_align, res_compare;
672 ssize_t ignore1, ignore2;
674 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
675 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
679 if (check_ignore > 0) {
681 heap_comparison_ignore_size(state->processStates[0].to_ignore,
682 (char *) real_area1 + i)) != -1) {
684 heap_comparison_ignore_size(state->processStates[1].to_ignore,
685 (char *) real_area2 + i)) == ignore1) {
698 if (MC_snapshot_region_memcmp(((char *) real_area1) + i, heap_region1, ((char *) real_area2) + i, heap_region2, 1) != 0) {
700 pointer_align = (i / sizeof(void *)) * sizeof(void *);
701 addr_pointed1 = snapshot1->read(
702 remote((void**)((char *) real_area1 + pointer_align)), process_index);
703 addr_pointed2 = snapshot2->read(
704 remote((void**)((char *) real_area2 + pointer_align)), process_index);
706 if (process->in_maestro_stack(remote(addr_pointed1))
707 && process->in_maestro_stack(remote(addr_pointed2))) {
708 i = pointer_align + sizeof(void *);
710 } else if (addr_pointed1 > state->std_heap_copy.heapbase
711 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
712 && addr_pointed2 > state->std_heap_copy.heapbase
713 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2)) {
714 // Both addreses are in the heap:
716 compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
717 snapshot2, previous, nullptr, 0);
718 if (res_compare == 1)
720 i = pointer_align + sizeof(void *);
738 * @param real_area1 Process address for state 1
739 * @param real_area2 Process address for state 2
740 * @param snapshot1 Snapshot of state 1
741 * @param snapshot2 Snapshot of state 2
744 * @param area_size either a byte_size or an elements_count (?)
745 * @param check_ignore
746 * @param pointer_level
747 * @return 0 (same), 1 (different), -1 (unknown)
749 static int compare_heap_area_with_type(
750 simgrid::mc::StateComparator *state, int process_index,
751 const void *real_area1, const void *real_area2,
752 simgrid::mc::Snapshot* snapshot1,
753 simgrid::mc::Snapshot* snapshot2,
754 xbt_dynar_t previous, simgrid::mc::Type* type,
755 int area_size, int check_ignore,
760 // HACK: This should not happen but in pratice, there are some
761 // DW_TAG_typedef without an associated DW_AT_type:
762 //<1><538832>: Abbrev Number: 111 (DW_TAG_typedef)
763 // <538833> DW_AT_name : (indirect string, offset: 0x2292f3): gregset_t
764 // <538837> DW_AT_decl_file : 98
765 // <538838> DW_AT_decl_line : 37
769 if (is_stack(real_area1) && is_stack(real_area2))
771 ssize_t ignore1, ignore2;
773 if ((check_ignore > 0)
774 && ((ignore1 = heap_comparison_ignore_size(
775 state->processStates[0].to_ignore, real_area1))
777 && ((ignore2 = heap_comparison_ignore_size(
778 state->processStates[1].to_ignore, real_area2))
782 simgrid::mc::Type *subtype, *subsubtype;
784 const void *addr_pointed1, *addr_pointed2;
786 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
787 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
789 switch (type->type) {
790 case DW_TAG_unspecified_type:
793 case DW_TAG_base_type:
794 if (!type->name.empty() && type->name == "char") { /* String, hence random (arbitrary ?) size */
795 if (real_area1 == real_area2)
798 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, area_size) != 0);
800 if (area_size != -1 && type->byte_size != area_size)
803 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, type->byte_size) != 0);
806 case DW_TAG_enumeration_type:
807 if (area_size != -1 && type->byte_size != area_size)
810 return (MC_snapshot_region_memcmp(real_area1, heap_region1, real_area2, heap_region2, type->byte_size) != 0);
813 case DW_TAG_const_type:
814 case DW_TAG_volatile_type:
816 type = type->subtype;
819 case DW_TAG_array_type:
820 subtype = type->subtype;
821 switch (subtype->type) {
822 case DW_TAG_unspecified_type:
825 case DW_TAG_base_type:
826 case DW_TAG_enumeration_type:
827 case DW_TAG_pointer_type:
828 case DW_TAG_reference_type:
829 case DW_TAG_rvalue_reference_type:
830 case DW_TAG_structure_type:
831 case DW_TAG_class_type:
832 case DW_TAG_union_type:
833 if (subtype->full_type)
834 subtype = subtype->full_type;
835 elm_size = subtype->byte_size;
837 // TODO, just remove the type indirection?
838 case DW_TAG_const_type:
840 case DW_TAG_volatile_type:
841 subsubtype = subtype->subtype;
842 if (subsubtype->full_type)
843 subsubtype = subsubtype->full_type;
844 elm_size = subsubtype->byte_size;
850 for (int i = 0; i < type->element_count; i++) {
851 // TODO, add support for variable stride (DW_AT_byte_stride)
853 compare_heap_area_with_type(state, process_index,
854 (char *) real_area1 + (i * elm_size),
855 (char *) real_area2 + (i * elm_size),
856 snapshot1, snapshot2, previous,
857 type->subtype, subtype->byte_size,
858 check_ignore, pointer_level);
863 case DW_TAG_reference_type:
864 case DW_TAG_rvalue_reference_type:
865 case DW_TAG_pointer_type:
866 if (type->subtype && type->subtype->type == DW_TAG_subroutine_type) {
867 addr_pointed1 = snapshot1->read(remote((void**)real_area1), process_index);
868 addr_pointed2 = snapshot2->read(remote((void**)real_area2), process_index);
869 return (addr_pointed1 != addr_pointed2);;
872 if (pointer_level > 1) { /* Array of pointers */
873 for (size_t i = 0; i < (area_size / sizeof(void *)); i++) {
874 addr_pointed1 = snapshot1->read(
875 remote((void**)((char*) real_area1 + i * sizeof(void *))),
877 addr_pointed2 = snapshot2->read(
878 remote((void**)((char*) real_area2 + i * sizeof(void *))),
880 if (addr_pointed1 > state->std_heap_copy.heapbase
881 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
882 && addr_pointed2 > state->std_heap_copy.heapbase
883 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2))
885 compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
886 snapshot2, previous, type->subtype,
889 res = (addr_pointed1 != addr_pointed2);
894 addr_pointed1 = snapshot1->read(remote((void**)real_area1), process_index);
895 addr_pointed2 = snapshot2->read(remote((void**)real_area2), process_index);
896 if (addr_pointed1 > state->std_heap_copy.heapbase
897 && addr_pointed1 < mc_snapshot_get_heap_end(snapshot1)
898 && addr_pointed2 > state->std_heap_copy.heapbase
899 && addr_pointed2 < mc_snapshot_get_heap_end(snapshot2))
900 return compare_heap_area(process_index, addr_pointed1, addr_pointed2, snapshot1,
901 snapshot2, previous, type->subtype,
904 return (addr_pointed1 != addr_pointed2);
908 case DW_TAG_structure_type:
909 case DW_TAG_class_type:
911 type = type->full_type;
912 if (area_size != -1 && type->byte_size != area_size) {
913 if (area_size > type->byte_size && area_size % type->byte_size == 0) {
914 for (size_t i = 0; i < (size_t)(area_size / type->byte_size); i++) {
916 compare_heap_area_with_type(state, process_index,
917 (char *) real_area1 + i * type->byte_size,
918 (char *) real_area2 + i * type->byte_size,
919 snapshot1, snapshot2, previous, type, -1,
927 for(simgrid::mc::Member& member : type->members) {
928 // TODO, optimize this? (for the offset case)
929 void *real_member1 = simgrid::dwarf::resolve_member(
930 real_area1, type, &member, (simgrid::mc::AddressSpace*) snapshot1, process_index);
931 void *real_member2 = simgrid::dwarf::resolve_member(
932 real_area2, type, &member, (simgrid::mc::AddressSpace*) snapshot2, process_index);
934 compare_heap_area_with_type(state, process_index, real_member1, real_member2,
935 snapshot1, snapshot2,
936 previous, member.type, -1,
943 case DW_TAG_union_type:
944 return compare_heap_area_without_type(state, process_index, real_area1, real_area2,
945 snapshot1, snapshot2, previous,
946 type->byte_size, check_ignore);
956 /** Infer the type of a part of the block from the type of the block
958 * TODO, handle DW_TAG_array_type as well as arrays of the object ((*p)[5], p[5])
960 * TODO, handle subfields ((*p).bar.foo, (*p)[5].bar…)
962 * @param type_id DWARF type ID of the root address
964 * @return DWARF type ID for given offset
966 static simgrid::mc::Type* get_offset_type(void *real_base_address, simgrid::mc::Type* type,
967 int offset, int area_size,
968 simgrid::mc::Snapshot* snapshot, int process_index)
971 // Beginning of the block, the infered variable type if the type of the block:
975 switch (type->type) {
976 case DW_TAG_structure_type:
977 case DW_TAG_class_type:
979 type = type->full_type;
981 if (area_size != -1 && type->byte_size != area_size) {
982 if (area_size > type->byte_size && area_size % type->byte_size == 0)
987 for(simgrid::mc::Member& member : type->members) {
989 if (member.has_offset_location()) {
990 // We have the offset, use it directly (shortcut):
991 if (member.offset() == offset)
994 void *real_member = simgrid::dwarf::resolve_member(
995 real_base_address, type, &member, snapshot, process_index);
996 if ((char*) real_member - (char *) real_base_address == offset)
1005 /* FIXME : other cases ? */
1013 * @param area1 Process address for state 1
1014 * @param area2 Process address for state 2
1015 * @param snapshot1 Snapshot of state 1
1016 * @param snapshot2 Snapshot of state 2
1017 * @param previous Pairs of blocks already compared on the current path (or nullptr)
1018 * @param type_id Type of variable
1019 * @param pointer_level
1020 * @return 0 (same), 1 (different), -1
1022 int compare_heap_area(int process_index, const void *area1, const void *area2, simgrid::mc::Snapshot* snapshot1,
1023 simgrid::mc::Snapshot* snapshot2, xbt_dynar_t previous,
1024 simgrid::mc::Type* type, int pointer_level)
1026 simgrid::mc::Process* process = &mc_model_checker->process();
1028 simgrid::mc::StateComparator *state = mc_diff_info.get();
1031 ssize_t block1, frag1, block2, frag2;
1033 int check_ignore = 0;
1035 void *real_addr_block1, *real_addr_block2, *real_addr_frag1, *real_addr_frag2;
1037 int offset1 = 0, offset2 = 0;
1038 int new_size1 = -1, new_size2 = -1;
1039 simgrid::mc::Type *new_type1 = nullptr, *new_type2 = nullptr;
1041 int match_pairs = 0;
1043 // This is the address of std_heap->heapinfo in the application process:
1044 void* heapinfo_address = &((xbt_mheap_t) process->heap_address)->heapinfo;
1046 const malloc_info* heapinfos1 = snapshot1->read(
1047 remote((const malloc_info**)heapinfo_address), process_index);
1048 const malloc_info* heapinfos2 = snapshot2->read(
1049 remote((const malloc_info**)heapinfo_address), process_index);
1051 malloc_info heapinfo_temp1, heapinfo_temp2;
1053 if (previous == nullptr) {
1055 xbt_dynar_new(sizeof(heap_area_pair_t), heap_area_pair_free_voidp);
1058 // Get block number:
1061 (char *) state->std_heap_copy.heapbase) / BLOCKSIZE + 1;
1064 (char *) state->std_heap_copy.heapbase) / BLOCKSIZE + 1;
1066 // If either block is a stack block:
1067 if (is_block_stack((int) block1) && is_block_stack((int) block2)) {
1068 add_heap_area_pair(previous, block1, -1, block2, -1);
1070 state->match_equals(previous);
1071 xbt_dynar_free(&previous);
1075 // If either block is not in the expected area of memory:
1076 if (((char *) area1 < (char *) state->std_heap_copy.heapbase)
1077 || (block1 > (ssize_t) state->processStates[0].heapsize) || (block1 < 1)
1078 || ((char *) area2 < (char *) state->std_heap_copy.heapbase)
1079 || (block2 > (ssize_t) state->processStates[1].heapsize) || (block2 < 1)) {
1081 xbt_dynar_free(&previous);
1085 // Process address of the block:
1086 real_addr_block1 = (ADDR2UINT(block1) - 1) * BLOCKSIZE +
1087 (char *) state->std_heap_copy.heapbase;
1088 real_addr_block2 = (ADDR2UINT(block2) - 1) * BLOCKSIZE +
1089 (char *) state->std_heap_copy.heapbase;
1093 if (type->full_type)
1094 type = type->full_type;
1096 // This assume that for "boring" types (volatile ...) byte_size is absent:
1097 while (type->byte_size == 0 && type->subtype != nullptr)
1098 type = type->subtype;
1101 if ((type->type == DW_TAG_pointer_type)
1102 || ((type->type == DW_TAG_base_type) && !type->name.empty()
1103 && type->name == "char"))
1106 type_size = type->byte_size;
1110 mc_mem_region_t heap_region1 = MC_get_heap_region(snapshot1);
1111 mc_mem_region_t heap_region2 = MC_get_heap_region(snapshot2);
1113 const malloc_info* heapinfo1 = (const malloc_info*) MC_region_read(
1114 heap_region1, &heapinfo_temp1, &heapinfos1[block1], sizeof(malloc_info));
1115 const malloc_info* heapinfo2 = (const malloc_info*) MC_region_read(
1116 heap_region2, &heapinfo_temp2, &heapinfos2[block2], sizeof(malloc_info));
1118 if ((heapinfo1->type == MMALLOC_TYPE_FREE || heapinfo1->type==MMALLOC_TYPE_HEAPINFO)
1119 && (heapinfo2->type == MMALLOC_TYPE_FREE || heapinfo2->type ==MMALLOC_TYPE_HEAPINFO)) {
1123 state->match_equals(previous);
1124 xbt_dynar_free(&previous);
1128 } else if (heapinfo1->type == MMALLOC_TYPE_UNFRAGMENTED
1129 && heapinfo2->type == MMALLOC_TYPE_UNFRAGMENTED) {
1130 /* Complete block */
1132 // TODO, lookup variable type from block type as done for fragmented blocks
1134 offset1 = (char *) area1 - (char *) real_addr_block1;
1135 offset2 = (char *) area2 - (char *) real_addr_block2;
1137 if (state->equals_to1_(block1, 0).valid
1138 && state->equals_to2_(block2, 0).valid) {
1139 if (state->blocksEqual(block1, block2)) {
1141 state->match_equals(previous);
1142 xbt_dynar_free(&previous);
1148 if (type_size != -1) {
1149 if (type_size != (ssize_t) heapinfo1->busy_block.busy_size
1150 && type_size != (ssize_t) heapinfo2->busy_block.busy_size
1151 && (type->name.empty() || type->name == "struct s_smx_context")) {
1153 state->match_equals(previous);
1154 xbt_dynar_free(&previous);
1160 if (heapinfo1->busy_block.size !=
1161 heapinfo2->busy_block.size) {
1163 xbt_dynar_free(&previous);
1167 if (heapinfo1->busy_block.busy_size !=
1168 heapinfo2->busy_block.busy_size) {
1170 xbt_dynar_free(&previous);
1174 if (!add_heap_area_pair(previous, block1, -1, block2, -1)) {
1176 state->match_equals(previous);
1177 xbt_dynar_free(&previous);
1182 size = heapinfo1->busy_block.busy_size;
1184 // Remember (basic) type inference.
1185 // The current data structure only allows us to do this for the whole block.
1186 if (type != nullptr && area1 == real_addr_block1)
1187 state->types1_(block1, 0) = type;
1188 if (type != nullptr && area2 == real_addr_block2)
1189 state->types2_(block2, 0) = type;
1193 state->match_equals(previous);
1194 xbt_dynar_free(&previous);
1202 if ((heapinfo1->busy_block.ignore > 0)
1203 && (heapinfo2->busy_block.ignore ==
1204 heapinfo1->busy_block.ignore))
1205 check_ignore = heapinfo1->busy_block.ignore;
1207 } else if ((heapinfo1->type > 0) && (heapinfo2->type > 0)) { /* Fragmented block */
1211 ((uintptr_t) (ADDR2UINT(area1) % (BLOCKSIZE))) >> heapinfo1->type;
1213 ((uintptr_t) (ADDR2UINT(area2) % (BLOCKSIZE))) >> heapinfo2->type;
1215 // Process address of the fragment:
1217 (void *) ((char *) real_addr_block1 +
1218 (frag1 << heapinfo1->type));
1220 (void *) ((char *) real_addr_block2 +
1221 (frag2 << heapinfo2->type));
1223 // Check the size of the fragments against the size of the type:
1224 if (type_size != -1) {
1225 if (heapinfo1->busy_frag.frag_size[frag1] == -1
1226 || heapinfo2->busy_frag.frag_size[frag2] == -1) {
1228 state->match_equals(previous);
1229 xbt_dynar_free(&previous);
1234 if (type_size != heapinfo1->busy_frag.frag_size[frag1]
1235 || type_size != heapinfo2->busy_frag.frag_size[frag2]) {
1237 state->match_equals(previous);
1238 xbt_dynar_free(&previous);
1244 // Check if the blocks are already matched together:
1245 if (state->equals_to1_(block1, frag1).valid
1246 && state->equals_to2_(block2, frag2).valid) {
1247 if (offset1==offset2 && state->fragmentsEqual(block1, frag1, block2, frag2)) {
1249 state->match_equals(previous);
1250 xbt_dynar_free(&previous);
1255 // Compare the size of both fragments:
1256 if (heapinfo1->busy_frag.frag_size[frag1] !=
1257 heapinfo2->busy_frag.frag_size[frag2]) {
1258 if (type_size == -1) {
1260 state->match_equals(previous);
1261 xbt_dynar_free(&previous);
1266 xbt_dynar_free(&previous);
1271 // Size of the fragment:
1272 size = heapinfo1->busy_frag.frag_size[frag1];
1274 // Remember (basic) type inference.
1275 // The current data structure only allows us to do this for the whole fragment.
1276 if (type != nullptr && area1 == real_addr_frag1)
1277 state->types1_(block1, frag1) = type;
1278 if (type != nullptr && area2 == real_addr_frag2)
1279 state->types2_(block2, frag2) = type;
1281 // The type of the variable is already known:
1286 // Type inference from the block type.
1287 else if (state->types1_(block1, frag1) != nullptr
1288 || state->types2_(block2, frag2) != nullptr) {
1290 offset1 = (char *) area1 - (char *) real_addr_frag1;
1291 offset2 = (char *) area2 - (char *) real_addr_frag2;
1293 if (state->types1_(block1, frag1) != nullptr
1294 && state->types2_(block2, frag2) != nullptr) {
1296 get_offset_type(real_addr_frag1, state->types1_(block1, frag1),
1297 offset1, size, snapshot1, process_index);
1299 get_offset_type(real_addr_frag2, state->types2_(block2, frag2),
1300 offset1, size, snapshot2, process_index);
1301 } else if (state->types1_(block1, frag1) != nullptr) {
1303 get_offset_type(real_addr_frag1, state->types1_(block1, frag1),
1304 offset1, size, snapshot1, process_index);
1306 get_offset_type(real_addr_frag2, state->types1_(block1, frag1),
1307 offset2, size, snapshot2, process_index);
1308 } else if (state->types2_(block2, frag2) != nullptr) {
1310 get_offset_type(real_addr_frag1, state->types2_(block2, frag2),
1311 offset1, size, snapshot1, process_index);
1313 get_offset_type(real_addr_frag2, state->types2_(block2, frag2),
1314 offset2, size, snapshot2, process_index);
1317 state->match_equals(previous);
1318 xbt_dynar_free(&previous);
1323 if (new_type1 != nullptr && new_type2 != nullptr && new_type1 != new_type2) {
1326 while (type->byte_size == 0 && type->subtype != nullptr)
1327 type = type->subtype;
1328 new_size1 = type->byte_size;
1331 while (type->byte_size == 0 && type->subtype != nullptr)
1332 type = type->subtype;
1333 new_size2 = type->byte_size;
1337 state->match_equals(previous);
1338 xbt_dynar_free(&previous);
1344 if (new_size1 > 0 && new_size1 == new_size2) {
1349 if (offset1 == 0 && offset2 == 0
1350 && !add_heap_area_pair(previous, block1, frag1, block2, frag2)) {
1352 state->match_equals(previous);
1353 xbt_dynar_free(&previous);
1360 state->match_equals(previous);
1361 xbt_dynar_free(&previous);
1366 if ((heapinfo1->busy_frag.ignore[frag1] > 0)
1367 && (heapinfo2->busy_frag.ignore[frag2] ==
1368 heapinfo1->busy_frag.ignore[frag1]))
1369 check_ignore = heapinfo1->busy_frag.ignore[frag1];
1374 xbt_dynar_free(&previous);
1380 /* Start comparison */
1383 compare_heap_area_with_type(state, process_index, area1, area2, snapshot1, snapshot2,
1384 previous, type, size, check_ignore,
1388 compare_heap_area_without_type(state, process_index, area1, area2, snapshot1, snapshot2,
1389 previous, size, check_ignore);
1391 if (res_compare == 1) {
1393 xbt_dynar_free(&previous);
1398 state->match_equals(previous);
1399 xbt_dynar_free(&previous);
