Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[herd] Check the liveness of some read-from relations #997

Closed
wants to merge 4 commits into from

Conversation

maranget
Copy link
Member

@maranget maranget commented Oct 4, 2024

Intuitively, this "liveness" property is that a read cannot indefinitely read from a non-final write. Our formulation involves 'pruned' executions and requires that, for all locations x the last read of x in a pruned po is from the final write to x.

Our implementation builds on the "CutOff" (ex "TooFar") feature. Namely, for the sake of avoiding infinite or excessive running times, some executions are pruned, resulting in execution prefixes. Those are normally discarded, unless -variant CutOff is specified. In those executions, pruned po relation end with a specific CutOff effect.

The liveness condition applies to those execution prefixes. The condition will reject executions for which there exists
some fr source in a pruned po that is not followed by a rf target:

That is, given

      +-fr->W
      |
      |
      R ----po---> CutOff

there does not exists a rf s.t.

     +-fr->W-rf-+
     |          |
     |         \ /
     R ----po---R-----> CutOff

Notice that this "liveness" condition applies to writes that are followed by a DSB effect (i.e. stores followed by a DSB fence instruction).

This commit also performs a change of vocabulary:
"too far" is changed into the more appropriate "cutoff",
as such events signals the position where program order
is pruned.
The  warning is now emitted as soon as there is an
execution candidate with a cuttof node, would it be validated
of not by the model.
The condition will reject executions for which there exists
some `fr` source in a pruned `po` that is not followed
by a `rf` target:

That is, given
  +-fr->W
  |
  |
  R ----po---> CutOff

there does not exists a rf s.t.

  +-fr->W-rf-+
  |          |
  |         \ /
  R ----po---R-----> CutOff

Notice that this "liveness" condition applies to writes that
are followed by a DSB effect (_i.e._ stores followed by a DSB
fence instruction).
@maranget
Copy link
Member Author

maranget commented Oct 14, 2024

Delayed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant