X-Git-Url: https://git.lttng.org/?a=blobdiff_plain;f=formal-model%2Fooomem-two-writes%2Fmem.spin;h=9202043692079304e5c88460df81cad6a9c15309;hb=dfa8abef9f88fd28e232b0eab9a105fc50e71959;hp=4892c5ec333249b74d3b8beab5ff5bee40a268b1;hpb=03c9e0f3f9c72b36b9da30ad4b6ecb055fb6adff;p=urcu.git diff --git a/formal-model/ooomem-two-writes/mem.spin b/formal-model/ooomem-two-writes/mem.spin index 4892c5e..9202043 100644 --- a/formal-model/ooomem-two-writes/mem.spin +++ b/formal-model/ooomem-two-writes/mem.spin @@ -21,48 +21,22 @@ /* Promela validation variables. */ /* - * Produced process data flow. Updated after each instruction to show which - * variables are ready. Assigned using SSA (static single assignment) (defuse - * analysis must be done on the program to map "real" variables to single define - * followed by use). Using one-hot bit encoding per variable to save state - * space. Used as triggers to execute the instructions having those variables - * as input. + * Produced process control and data flow. Updated after each instruction to + * show which variables are ready. Using one-hot bit encoding per variable to + * save state space. Used as triggers to execute the instructions having those + * variables as input. Leaving bits active to inhibit instruction execution. + * Scheme used to make instruction disabling and automatic dependency fall-back + * automatic. */ -#define PRODUCE_TOKENS(state, bits) \ - state = (state) | (bits) +#define CONSUME_TOKENS(state, bits, notbits) \ + ((!(state & (notbits))) && (state & (bits)) == (bits)) -/* All bits must be active to consume. All notbits must be inactive. */ -/* Consuming a token does not clear it, it just waits for it. */ -#define CONSUME_TOKENS(state, bits, notbits) \ - ((!((state) & (notbits))) && ((state) & (bits)) == (bits)) +#define PRODUCE_TOKENS(state, bits) \ + state = state | (bits); -#define CLEAR_TOKENS(state, bits) \ - state = (state) & ~(bits) - -/* - * Bit encoding, proc_one_produced : - */ - -#define P1_PROD_NONE (1 << 0) - -#define P1_WRITE (1 << 1) -#define P1_WMB (1 << 2) -#define P1_SYNC_CORE (1 << 3) -#define P1_RMB (1 << 4) -#define P1_READ (1 << 5) - -int proc_one_produced; - -#define P2_PROD_NONE (1 << 0) - -#define P2_WRITE (1 << 1) -#define P2_WMB (1 << 2) -#define P2_SYNC_CORE (1 << 3) -#define P2_RMB (1 << 4) -#define P2_READ (1 << 5) - -int proc_two_produced; +#define CLEAR_TOKENS(state, bits) \ + state = state & ~(bits) #define NR_PROCS 2 @@ -172,6 +146,20 @@ DECLARE_CACHED_VAR(byte, beta, 0); byte read_one = 2; byte read_two = 2; +/* + * Bit encoding, proc_one_produced : + */ + +#define P1_PROD_NONE (1 << 0) + +#define P1_WRITE (1 << 1) +#define P1_WMB (1 << 2) +#define P1_SYNC_CORE (1 << 3) +#define P1_RMB (1 << 4) +#define P1_READ (1 << 5) + +int proc_one_produced; + active proctype test_proc_one() { assert(get_pid() < NR_PROCS); @@ -184,6 +172,9 @@ active proctype test_proc_one() #ifdef NO_RMB PRODUCE_TOKENS(proc_one_produced, P1_RMB); #endif +#ifdef NO_SYNC + PRODUCE_TOKENS(proc_one_produced, P1_SYNC_CORE); +#endif do :: CONSUME_TOKENS(proc_one_produced, P1_PROD_NONE, P1_WRITE) -> @@ -219,6 +210,21 @@ active proctype test_proc_one() assert(!(read_one == 0 && read_two == 0)); } + +/* + * Bit encoding, proc_two_produced : + */ + +#define P2_PROD_NONE (1 << 0) + +#define P2_WRITE (1 << 1) +#define P2_WMB (1 << 2) +#define P2_SYNC_CORE (1 << 3) +#define P2_RMB (1 << 4) +#define P2_READ (1 << 5) + +int proc_two_produced; + active proctype test_proc_two() { assert(get_pid() < NR_PROCS); @@ -231,6 +237,9 @@ active proctype test_proc_two() #ifdef NO_RMB PRODUCE_TOKENS(proc_two_produced, P2_RMB); #endif +#ifdef NO_SYNC + PRODUCE_TOKENS(proc_two_produced, P2_SYNC_CORE); +#endif do :: CONSUME_TOKENS(proc_two_produced, P2_PROD_NONE, P2_WRITE) ->