-/* Copyright (c) 2008-2021. The SimGrid Team. All rights reserved. */
+/* Copyright (c) 2008-2023. The SimGrid Team. All rights reserved. */
/* This program is free software; you can redistribute it and/or modify it
* under the terms of the license (GNU LGPL) which comes with this package. */
#include "src/mc/mc_config.hpp"
#include "src/mc/mc_private.hpp"
#include "src/mc/sosp/Snapshot.hpp"
+#include "xbt/ex.h"
#include <algorithm>
-XBT_LOG_NEW_DEFAULT_SUBCATEGORY(mc_compare, xbt, "Logging specific to mc_compare in mc");
+XBT_LOG_NEW_DEFAULT_SUBCATEGORY(mc_compare, mc, "Logging specific to mc_compare in mc");
-using simgrid::mc::remote;
-
-namespace simgrid {
-namespace mc {
+namespace simgrid::mc {
/*********************************** Heap comparison ***********************************/
/***************************************************************************************/
void match_equals(const HeapLocationPairs* list);
};
-} // namespace mc
-} // namespace simgrid
+} // namespace simgrid::mc
/************************************************************************************/
[block](auto const& stack) { return stack.block == block; });
}
-namespace simgrid {
-namespace mc {
+namespace simgrid::mc {
void StateComparator::match_equals(const HeapLocationPairs* list)
{
const Snapshot& snapshot1, const Snapshot& snapshot2, HeapLocationPairs* previous,
Type* type, int pointer_level);
+/* Compares the content of each heap fragment between the two states, at the bit level.
+ *
+ * This operation is costly (about 5 seconds per snapshots' pair to compare on a small program),
+ * but hard to optimize because our algorithm is too hackish.
+ *
+ * Going at bit level can trigger syntaxtic differences on states that are semantically equivalent.
+ *
+ * Padding bytes constitute the first source of such syntaxtic difference: Any malloced memory contains spaces that
+ * are not used to enforce the memory alignment constraints of the CPU. So, cruft of irrelevant changes could get
+ * added on these bits. But this case is handled properly, as any memory block is zeroed by mmalloc before being handled
+ * back, not only for calloc but also for malloc. So the memory interstices due to padding bytes are properly zeroed.
+ *
+ * Another source of such change comes from the order of mallocs, that may well change from one execution path to
+ * another. This will change the malloc fragment in which the data is stored and the pointer values (syntaxtic
+ * difference) while the semantic of the state remains the same.
+ *
+ * To fix this, this code relies on a hugly hack. When we see a difference during the bit-level comparison,
+ * we first check if it could be explained by a pointer-to-block difference. Ie, if when interpreting the memory
+ * area containing that difference as a pointer, I get the pointer to a valid fragment in the heap (in both snapshots).
+ *
+ * This is why we cannot pre-compute a bit-level hash of the heap content: we discover the pointers to other memory
+ * fragment when a difference is found during the bit-level exploration. Fixing this would require to save typing
+ * information about the memory fragments, which is something that could be done with https://github.com/tudasc/TypeART
+ * This would give us all pointers in the mallocated memory, allowing the graph traversal needed to precompute the hash.
+ *
+ * Using a hash without paying attention to malloc fragment reordering would lead to false negatives:
+ * semantically equivalent states would be detected as [syntaxically] different. It's of no importance for the
+ * state-equality reduction (we would re-explore semantically equivalent states), but it would endanger the soundness
+ * of the liveness model-checker, as state-equality is used to detect the loops that constitute the accepting states of
+ * the verified property. So we could miss counter-examples to the verified property. Not good. Not good at all.
+ */
static bool mmalloc_heap_differ(const RemoteProcess& process, StateComparator& state, const Snapshot& snapshot1,
const Snapshot& snapshot2)
{
// If either block is not in the expected area of memory:
if (((const char*)area1 < (const char*)state.std_heap_copy.heapbase) ||
- (block1 > (ssize_t)state.processStates[0].heapsize) || (block1 < 1) ||
+ (block1 > (ssize_t)state.processStates[0].heapsize) ||
((const char*)area2 < (const char*)state.std_heap_copy.heapbase) ||
- (block2 > (ssize_t)state.processStates[1].heapsize) || (block2 < 1)) {
+ (block2 > (ssize_t)state.processStates[1].heapsize)) {
return true;
}
}
if (type_size != -1 && type_size != (ssize_t)heapinfo1->busy_block.busy_size &&
- type_size != (ssize_t)heapinfo2->busy_block.busy_size &&
- (type->name.empty() || type->name == "struct s_smx_context")) {
+ type_size != (ssize_t)heapinfo2->busy_block.busy_size && type->name.empty()) {
if (match_pairs)
state.match_equals(previous);
return false;
}
// Check if the blocks are already matched together:
- if (state.equals_to_<1>(block1, frag1).valid_ && state.equals_to_<2>(block2, frag2).valid_ && offset1 == offset2 &&
+ if (state.equals_to_<1>(block1, frag1).valid_ && state.equals_to_<2>(block2, frag2).valid_ &&
state.fragmentsEqual(block1, frag1, block2, frag2)) {
if (match_pairs)
state.match_equals(previous);
return true;
/* Start comparison */
- bool differ = type ? heap_area_differ_with_type(process, state, area1, area2, snapshot1, snapshot2, previous, type,
- size, check_ignore, pointer_level)
- : heap_area_differ_without_type(process, state, area1, area2, snapshot1, snapshot2, previous, size,
- check_ignore);
- if (differ)
+ if (type ? heap_area_differ_with_type(process, state, area1, area2, snapshot1, snapshot2, previous, type, size,
+ check_ignore, pointer_level)
+ : heap_area_differ_without_type(process, state, area1, area2, snapshot1, snapshot2, previous, size,
+ check_ignore))
return true;
if (match_pairs)
state.match_equals(previous);
return false;
}
-} // namespace mc
-} // namespace simgrid
+} // namespace simgrid::mc
/************************** Snapshot comparison *******************************/
/******************************************************************************/
return false;
}
-namespace simgrid {
-namespace mc {
+namespace simgrid::mc {
-bool snapshot_equal(const Snapshot* s1, const Snapshot* s2)
+bool Snapshot::operator==(const Snapshot& other)
{
// TODO, make this a field of ModelChecker or something similar
static StateComparator state_comparator;
const RemoteProcess& process = mc_model_checker->get_remote_process();
- if (s1->hash_ != s2->hash_) {
- XBT_VERB("(%d - %d) Different hash: 0x%" PRIx64 "--0x%" PRIx64, s1->num_state_, s2->num_state_, s1->hash_,
- s2->hash_);
+ if (hash_ != other.hash_) {
+ XBT_VERB("(%ld - %ld) Different hash: 0x%" PRIx64 "--0x%" PRIx64, this->num_state_, other.num_state_, this->hash_,
+ other.hash_);
return false;
}
- XBT_VERB("(%d - %d) Same hash: 0x%" PRIx64, s1->num_state_, s2->num_state_, s1->hash_);
+ XBT_VERB("(%ld - %ld) Same hash: 0x%" PRIx64, this->num_state_, other.num_state_, this->hash_);
- /* Compare enabled processes */
- if (s1->enabled_processes_ != s2->enabled_processes_) {
- XBT_VERB("(%d - %d) Different amount of enabled processes", s1->num_state_, s2->num_state_);
- return false;
- }
+ /* TODO: re-enable the quick filter of counting enabled processes in each snapshots */
/* Compare size of stacks */
- for (unsigned long i = 0; i < s1->stacks_.size(); i++) {
- size_t size_used1 = s1->stack_sizes_[i];
- size_t size_used2 = s2->stack_sizes_[i];
+ for (unsigned long i = 0; i < this->stacks_.size(); i++) {
+ size_t size_used1 = this->stack_sizes_[i];
+ size_t size_used2 = other.stack_sizes_[i];
if (size_used1 != size_used2) {
- XBT_VERB("(%d - %d) Different size used in stacks: %zu - %zu", s1->num_state_, s2->num_state_, size_used1,
+ XBT_VERB("(%ld - %ld) Different size used in stacks: %zu - %zu", num_state_, other.num_state_, size_used1,
size_used2);
return false;
}
}
/* Init heap information used in heap comparison algorithm */
- const s_xbt_mheap_t* heap1 = static_cast<xbt_mheap_t>(
- s1->read_bytes(alloca(sizeof(s_xbt_mheap_t)), sizeof(s_xbt_mheap_t), process.heap_address, ReadOptions::lazy()));
- const s_xbt_mheap_t* heap2 = static_cast<xbt_mheap_t>(
- s2->read_bytes(alloca(sizeof(s_xbt_mheap_t)), sizeof(s_xbt_mheap_t), process.heap_address, ReadOptions::lazy()));
- if (state_comparator.initHeapInformation(heap1, heap2, s1->to_ignore_, s2->to_ignore_) == -1) {
- XBT_VERB("(%d - %d) Different heap information", s1->num_state_, s2->num_state_);
+ const s_xbt_mheap_t* heap1 = static_cast<xbt_mheap_t>(this->read_bytes(
+ alloca(sizeof(s_xbt_mheap_t)), sizeof(s_xbt_mheap_t), process.heap_address, ReadOptions::lazy()));
+ const s_xbt_mheap_t* heap2 = static_cast<xbt_mheap_t>(other.read_bytes(
+ alloca(sizeof(s_xbt_mheap_t)), sizeof(s_xbt_mheap_t), process.heap_address, ReadOptions::lazy()));
+ if (state_comparator.initHeapInformation(heap1, heap2, this->to_ignore_, other.to_ignore_) == -1) {
+ XBT_VERB("(%ld - %ld) Different heap information", this->num_state_, other.num_state_);
return false;
}
/* Stacks comparison */
- for (unsigned int cursor = 0; cursor < s1->stacks_.size(); cursor++) {
- const_mc_snapshot_stack_t stack1 = &s1->stacks_[cursor];
- const_mc_snapshot_stack_t stack2 = &s2->stacks_[cursor];
+ for (unsigned int cursor = 0; cursor < this->stacks_.size(); cursor++) {
+ const_mc_snapshot_stack_t stack1 = &this->stacks_[cursor];
+ const_mc_snapshot_stack_t stack2 = &other.stacks_[cursor];
- if (local_variables_differ(process, state_comparator, *s1, *s2, stack1, stack2)) {
- XBT_VERB("(%d - %d) Different local variables between stacks %u", s1->num_state_, s2->num_state_, cursor + 1);
+ if (local_variables_differ(process, state_comparator, *this, other, stack1, stack2)) {
+ XBT_VERB("(%ld - %ld) Different local variables between stacks %u", this->num_state_, other.num_state_,
+ cursor + 1);
return false;
}
}
- size_t regions_count = s1->snapshot_regions_.size();
- if (regions_count != s2->snapshot_regions_.size())
+ size_t regions_count = this->snapshot_regions_.size();
+ if (regions_count != other.snapshot_regions_.size())
return false;
for (size_t k = 0; k != regions_count; ++k) {
- Region* region1 = s1->snapshot_regions_[k].get();
- Region* region2 = s2->snapshot_regions_[k].get();
+ Region* region1 = this->snapshot_regions_[k].get();
+ Region* region2 = other.snapshot_regions_[k].get();
// Preconditions:
if (region1->region_type() != RegionType::Data)
xbt_assert(region1->object_info());
/* Compare global variables */
- if (global_variables_differ(process, state_comparator, region1->object_info(), region1, region2, *s1, *s2)) {
+ if (global_variables_differ(process, state_comparator, region1->object_info(), region1, region2, *this, other)) {
std::string const& name = region1->object_info()->file_name;
- XBT_VERB("(%d - %d) Different global variables in %s", s1->num_state_, s2->num_state_, name.c_str());
+ XBT_VERB("(%ld - %ld) Different global variables in %s", this->num_state_, other.num_state_, name.c_str());
return false;
}
}
+ XBT_VERB(" Compare heap...");
/* Compare heap */
- if (mmalloc_heap_differ(process, state_comparator, *s1, *s2)) {
- XBT_VERB("(%d - %d) Different heap (mmalloc_compare)", s1->num_state_, s2->num_state_);
+ if (mmalloc_heap_differ(process, state_comparator, *this, other)) {
+ XBT_VERB("(%ld - %ld) Different heap (mmalloc_heap_differ)", this->num_state_, other.num_state_);
return false;
}
- XBT_VERB("(%d - %d) No difference found", s1->num_state_, s2->num_state_);
+ XBT_VERB("(%ld - %ld) No difference found", this->num_state_, other.num_state_);
return true;
}
-} // namespace mc
-} // namespace simgrid
+} // namespace simgrid::mc