| blob | bbf95c0ba0cc563de1738191cd06367b75ab18ad |
2 /*--------------------------------------------------------------------*/
3 /*--- Helgrind: a Valgrind tool for detecting errors ---*/
4 /*--- in threaded programs. hg_main.c ---*/
5 /*--------------------------------------------------------------------*/
7 /*
8 This file is part of Helgrind, a Valgrind tool for detecting errors
9 in threaded programs.
11 Copyright (C) 2007-2017 OpenWorks LLP
12 info@open-works.co.uk
14 Copyright (C) 2007-2017 Apple, Inc.
16 This program is free software; you can redistribute it and/or
17 modify it under the terms of the GNU General Public License as
18 published by the Free Software Foundation; either version 2 of the
19 License, or (at your option) any later version.
21 This program is distributed in the hope that it will be useful, but
22 WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program; if not, see <http://www.gnu.org/licenses/>.
29 The GNU General Public License is contained in the file COPYING.
31 Neither the names of the U.S. Department of Energy nor the
32 University of California nor the names of its contributors may be
33 used to endorse or promote products derived from this software
34 without prior written permission.
35 */
72 // FIXME: new_mem_w_tid ignores the supplied tid. (wtf?!)
74 // FIXME: when client destroys a lock or a CV, remove these
75 // from our mappings, so that the associated SO can be freed up
77 /*----------------------------------------------------------------*/
78 /*--- ---*/
79 /*----------------------------------------------------------------*/
81 /* Note this needs to be compiled with -fno-strict-aliasing, since it
82 contains a whole bunch of calls to lookupFM etc which cast between
83 Word and pointer types. gcc rightly complains this breaks ANSI C
84 strict aliasing rules, at -O2. No complaints at -O, but -O2 gives
85 worthwhile performance benefits over -O.
86 */
88 // FIXME what is supposed to happen to locks in memory which
89 // is relocated as a result of client realloc?
91 // FIXME put referencing ThreadId into Thread and get
92 // rid of the slow reverse mapping function.
94 // FIXME accesses to NoAccess areas: change state to Excl?
96 // FIXME report errors for accesses of NoAccess memory?
98 // FIXME pth_cond_wait/timedwait wrappers. Even if these fail,
99 // the thread still holds the lock.
101 /* ------------ Debug/trace options ------------ */
103 // 0 for silent, 1 for some stuff, 2 for lots of stuff
104 #define SHOW_EVENTS 0
111 // 0 for none, 1 for dump at end of run
112 #define SHOW_DATA_STRUCTURES 0
115 /* ------------ Misc comments ------------ */
117 // FIXME: don't hardwire initial entries for root thread.
118 // Instead, let the pre_thread_ll_create handler do this.
121 /*----------------------------------------------------------------*/
122 /*--- Primary data structures ---*/
123 /*----------------------------------------------------------------*/
125 /* Admin linked list of Threads */
129 /* Admin double linked list of Locks */
130 /* We need a double linked list to properly and efficiently
131 handle del_LockN. */
134 /* Mapping table for core ThreadIds to Thread* */
137 /* Mapping table for lock guest addresses to Lock* */
140 /* The word-set universes for lock sets. */
144 /* univ_laog will be garbaged collected when the nr of element in univ_laog is
145 >= next_gc_univ_laog. */
147 /* Allow libhb to get at the universe of locksets stored
148 here. Sigh. */
151 /* Allow libhb to get at the list of locks stored here. Ditto
152 sigh. */
156 /*----------------------------------------------------------------*/
157 /*--- Simple helpers for the data structures ---*/
158 /*----------------------------------------------------------------*/
163 #if defined(VGO_solaris)
165 #else
169 static
172 /* --------- Constructors --------- */
189 #if defined(VGO_solaris)
195 }
197 // Make a new lock which is unlocked (hence ownerless)
198 // and insert the new lock in admin_locks double linked list.
202 /* begin: add to double linked list */
208 /* end: add */
220 }
222 /* Release storage for a Lock. Also release storage in .heldBy, if
223 any. Removes from admin_locks double linked list. */
225 {
231 /* begin: del lock from double linked list */
237 }
243 }
244 /* end: del */
247 }
249 /* Update 'lk' to reflect that 'thr' now has a write-acquisition of
250 it. This is done strictly: only combinations resulting from
251 correct program and libpthread behaviour are allowed. */
253 {
257 stats__lockN_acquires++;
259 /* EXPOSITION only */
260 /* We need to keep recording snapshots of where the lock was
261 acquired, so as to produce better lock-order error messages. */
263 ThreadId tid;
266 lk->acquired_at
270 }
271 /* end EXPOSITION only */
275 case_LK_nonRec:
285 /* 2nd and subsequent locking of a lock by its owner */
287 /* assert: lk is only held by one thread .. */
289 /* assert: .. and that thread is 'thr'. */
299 }
301 }
304 {
307 /* can only add reader to a reader-writer lock. */
309 /* lk must be free or already r-held. */
313 stats__lockN_acquires++;
315 /* EXPOSITION only */
316 /* We need to keep recording snapshots of where the lock was
317 acquired, so as to produce better lock-order error messages. */
319 ThreadId tid;
322 lk->acquired_at
326 }
327 /* end EXPOSITION only */
335 }
338 }
340 /* Update 'lk' to reflect a release of it by 'thr'. This is done
341 strictly: only combinations resulting from correct program and
342 libpthread behaviour are allowed. */
345 {
346 Bool b;
349 /* lock must be held by someone */
351 stats__lockN_releases++;
352 /* Remove it from the holder set */
354 /* thr must actually have been a holder of lk */
356 /* normalise */
363 }
365 }
368 {
373 }
374 /* for each thread that holds this lock do ... */
380 thr->locksetA
386 thr->locksetW
388 }
389 }
391 }
394 /*----------------------------------------------------------------*/
395 /*--- Print out the primary data structures ---*/
396 /*----------------------------------------------------------------*/
398 #define PP_THREADS (1<<1)
399 #define PP_LOCKS (1<<2)
400 #define PP_ALL (PP_THREADS | PP_LOCKS)
406 {
407 Int i;
417 }
420 {
425 }
429 }
432 {
436 /* nothing */
437 }
443 }
445 }
447 }
450 {
455 n++;
456 }
463 }
465 }
473 }
474 }
476 /* Pretty Print lock lk.
477 if show_lock_addrdescr, describes the (guest) lock address.
478 (this description will be more complete with --read-var-info=yes).
479 if show_internal_data, shows also helgrind internal information.
480 d is the level at which output is indented. */
482 Bool show_lock_addrdescr,
483 Bool show_internal_data)
484 {
485 // FIXME PW EPOCH should use the epoch of the allocated_at ec.
490 else
500 }
503 }
507 }
510 }
513 UWord count;
525 else
528 }
529 }
532 }
534 }
537 {
541 /* nothing */
542 }
548 }
552 }
554 }
557 {
567 }
570 }
573 {
582 }
588 }
593 }
595 #undef SHOW_ADMIN
598 /*----------------------------------------------------------------*/
599 /*--- Initialise the primary data structures ---*/
600 /*----------------------------------------------------------------*/
603 {
605 WordSetID wsid;
607 /* Get everything initialised and zeroed. */
623 /* Ensure that univ_lsets is non-empty, with lockset zero being the
624 empty lockset. hg_errors.c relies on the assumption that
625 lockset number zero in univ_lsets is always valid. */
634 }
636 /* Set up entries for the root thread */
637 // FIXME: this assumes that the first real ThreadId is 1
639 /* a Thread for the new thread ... */
642 identity of the root thread. */
646 /* and bind it in the thread-map table. */
655 }
658 /*----------------------------------------------------------------*/
659 /*--- map_threads :: array[core-ThreadId] of Thread* ---*/
660 /*----------------------------------------------------------------*/
662 /* Doesn't assert if the relevant map_threads entry is NULL. */
664 {
669 }
671 /* Asserts if the relevant map_threads entry is NULL. */
673 {
679 }
681 /* Do a reverse lookup. Does not assert if 'thr' is not found in
682 map_threads. */
684 {
685 ThreadId tid;
687 /* Check nobody used the invalid-threadid slot */
693 }
695 /* Do a reverse lookup. Warning: POTENTIALLY SLOW. Asserts if 'thr'
696 is not found in map_threads. */
698 {
704 }
707 {
714 }
718 #if defined(VGO_solaris) || defined(VGO_freebsd)
721 }
724 #if defined(VGO_solaris) || defined(VGO_freebsd)
728 }
730 #if defined(VGO_freebsd)
734 }
735 #endif
740 }
745 }
750 }
752 /*----------------------------------------------------------------*/
753 /*--- map_locks :: WordFM guest-Addr-of-lock Lock* ---*/
754 /*----------------------------------------------------------------*/
756 /* Make sure there is a lock table entry for the given (lock) guest
757 address. If not, create one of the stated 'kind' in unheld state.
758 In any case, return the address of the existing or new Lock. */
759 static
761 {
762 Bool found;
779 }
780 }
783 {
784 Bool found;
789 }
792 {
797 /* delFromFM produces the val which is being deleted, if it is
798 found. So assert it is non-null; that in effect asserts that we
799 are deleting a (ga, Lock) pair which actually exists. */
802 }
806 /*----------------------------------------------------------------*/
807 /*--- Sanity checking the data structures ---*/
808 /*----------------------------------------------------------------*/
814 /* REQUIRED INVARIANTS:
816 Thread vs Segment/Lock/SecMaps
818 for each t in Threads {
820 // Thread.lockset: each element is really a valid Lock
822 // Thread.lockset: each Lock in set is actually held by that thread
823 for lk in Thread.lockset
824 lk == LockedBy(t)
826 // Thread.csegid is a valid SegmentID
827 // and the associated Segment has .thr == t
829 }
831 all thread Locksets are pairwise empty under intersection
832 (that is, no lock is claimed to be held by more than one thread)
833 -- this is guaranteed if all locks in locksets point back to their
834 owner threads
836 Lock vs Thread/Segment/SecMaps
838 for each entry (gla, la) in map_locks
839 gla == la->guest_addr
841 for each lk in Locks {
843 lk->tag is valid
844 lk->guest_addr does not have shadow state NoAccess
845 if lk == LockedBy(t), then t->lockset contains lk
846 if lk == UnlockedBy(segid) then segid is valid SegmentID
847 and can be mapped to a valid Segment(seg)
848 and seg->thr->lockset does not contain lk
849 if lk == UnlockedNew then (no lockset contains lk)
851 secmaps for lk has .mbHasLocks == True
853 }
855 Segment vs Thread/Lock/SecMaps
857 the Segment graph is a dag (no cycles)
858 all of the Segment graph must be reachable from the segids
859 mentioned in the Threads
861 for seg in Segments {
863 seg->thr is a sane Thread
865 }
867 SecMaps vs Segment/Thread/Lock
869 for sm in SecMaps {
871 sm properly aligned
872 if any shadow word is ShR or ShM then .mbHasShared == True
874 for each Excl(segid) state
875 map_segments_lookup maps to a sane Segment(seg)
876 for each ShM/ShR(tsetid,lsetid) state
877 each lk in lset is a valid Lock
878 each thr in tset is a valid thread, which is non-dead
880 }
881 */
884 /* Return True iff 'thr' holds 'lk' in some mode. */
886 {
889 else
891 }
893 /* Sanity check Threads, as far as possible */
896 {
897 #define BAD(_str) do { how = (_str); goto bad; } while (0)
908 // locks held in W mode are a subset of all locks held
913 // Thread.lockset: each element is really a valid Lock
915 // Thread.lockset: each Lock in set is actually held by that
916 // thread
918 }
919 }
921 bad:
924 #undef BAD
925 }
928 /* Sanity check Locks, as far as possible */
931 {
932 #define BAD(_str) do { how = (_str); goto bad; } while (0)
934 Addr gla;
936 Int i;
937 // # entries in admin_locks == # entries in map_locks
939 ;
941 // for each entry (gla, lk) in map_locks
942 // gla == lk->guest_addr
947 }
949 // scan through admin_locks ...
951 // lock is sane. Quite comprehensive, also checks that
952 // referenced (holder) threads are sane.
954 // map_locks binds guest address back to this lock
956 // look at all threads mentioned as holders of this lock. Ensure
957 // this lock is mentioned in their locksets.
960 UWord count;
964 // HG_(is_sane_LockN) above ensures these
969 // also check the w-only lockset
976 }
979 /* lock not held by anybody */
981 // since lk is unheld, then (no lockset contains lk)
982 // hmm, this is really too expensive to check. Hmm.
983 }
984 }
987 bad:
990 #undef BAD
991 }
995 stats__sanity_checks++;
1000 }
1004 }
1007 /*----------------------------------------------------------------*/
1008 /*--- Shadow value and address range handlers ---*/
1009 /*----------------------------------------------------------------*/
1012 //static void laog__handle_lock_deletions ( WordSetID ); /* fwds */
1018 /* Block-copy states (needed for implementing realloc()). */
1019 /* FIXME this copies shadow memory; it doesn't apply the MSM to it.
1020 Is that a problem? (hence 'scopy' rather than 'ccopy') */
1023 {
1027 }
1030 {
1034 }
1040 }
1043 {
1045 }
1048 SizeT len )
1049 {
1052 // has no effect (NoFX)
1054 }
1057 SizeT len)
1058 {
1061 // Actually Has An Effect (AHAE)
1063 }
1066 SizeT len )
1067 {
1071 }
1074 /*----------------------------------------------------------------*/
1075 /*--- Event handlers (evh__* functions) ---*/
1076 /*--- plus helpers (evhH__* functions) ---*/
1077 /*----------------------------------------------------------------*/
1079 /*--------- Event handler helpers (evhH__* functions) ---------*/
1081 /* Create a new segment for 'thr', making it depend (.prev) on its
1082 existing segment, bind together the SegmentID and Segment, and
1083 return both of them. Also update 'thr' so it references the new
1084 Segment. */
1085 //zz static
1086 //zz void evhH__start_new_segment_for_thread ( /*OUT*/SegmentID* new_segidP,
1087 //zz /*OUT*/Segment** new_segP,
1088 //zz Thread* thr )
1089 //zz {
1090 //zz Segment* cur_seg;
1091 //zz tl_assert(new_segP);
1092 //zz tl_assert(new_segidP);
1093 //zz tl_assert(HG_(is_sane_Thread)(thr));
1094 //zz cur_seg = map_segments_lookup( thr->csegid );
1095 //zz tl_assert(cur_seg);
1096 //zz tl_assert(cur_seg->thr == thr); /* all sane segs should point back
1097 //zz at their owner thread. */
1098 //zz *new_segP = mk_Segment( thr, cur_seg, NULL/*other*/ );
1099 //zz *new_segidP = alloc_SegmentID();
1100 //zz map_segments_add( *new_segidP, *new_segP );
1101 //zz thr->csegid = *new_segidP;
1102 //zz }
1105 /* The lock at 'lock_ga' has acquired a writer. Make all necessary
1106 updates, and also do all possible error checks. */
1107 static
1110 {
1113 /* Basically what we need to do is call lockN_acquire_writer.
1114 However, that will barf if any 'invalid' lock states would
1115 result. Therefore check before calling. Side effect is that
1116 'HG_(is_sane_LockN)(lk)' is both a pre- and post-condition of this
1117 routine.
1119 Because this routine is only called after successful lock
1120 acquisition, we should not be asked to move the lock into any
1121 invalid states. Requests to do so are bugs in libpthread, since
1122 that should have rejected any such requests. */
1125 /* Try to find the lock. If we can't, then create a new one with
1126 kind 'lkk'. */
1131 /* check libhb level entities exist */
1136 /* the lock isn't held. Simple. */
1139 /* acquire a dependency from the lock's VCs */
1142 }
1144 /* So the lock is already held. If held as a r-lock then
1145 libpthread must be buggy. */
1152 }
1154 /* So the lock is held in w-mode. If it's held by some other
1155 thread, then libpthread must be buggy. */
1161 "granted on mutex/rwlock which is currently "
1164 }
1166 /* So the lock is already held in w-mode by 'thr'. That means this
1167 is an attempt to lock it recursively, which is only allowable
1168 for LK_mbRec kinded locks. Since this routine is called only
1169 once the lock has been acquired, this must also be a libpthread
1170 bug. */
1174 "granted on mutex/wrlock which does not "
1177 }
1179 /* So we are recursively re-locking a lock we already w-hold. */
1181 /* acquire a dependency from the lock's VC. Probably pointless,
1182 but also harmless. */
1186 noerror:
1188 /* check lock order acquisition graph, and update. This has to
1189 happen before the lock is added to the thread's locksetA/W. */
1191 }
1192 /* update the thread's held-locks set */
1195 /* fall through */
1197 error:
1199 }
1202 /* The lock at 'lock_ga' has acquired a reader. Make all necessary
1203 updates, and also do all possible error checks. */
1204 static
1207 {
1210 /* Basically what we need to do is call lockN_acquire_reader.
1211 However, that will barf if any 'invalid' lock states would
1212 result. Therefore check before calling. Side effect is that
1213 'HG_(is_sane_LockN)(lk)' is both a pre- and post-condition of this
1214 routine.
1216 Because this routine is only called after successful lock
1217 acquisition, we should not be asked to move the lock into any
1218 invalid states. Requests to do so are bugs in libpthread, since
1219 that should have rejected any such requests. */
1222 /* Try to find the lock. If we can't, then create a new one with
1223 kind 'lkk'. Only a reader-writer lock can be read-locked,
1224 hence the first assertion. */
1230 /* check libhb level entities exist */
1235 /* the lock isn't held. Simple. */
1238 /* acquire a dependency from the lock's VC */
1241 }
1243 /* So the lock is already held. If held as a w-lock then
1244 libpthread must be buggy. */
1248 "granted on rwlock which is "
1251 }
1253 /* Easy enough. In short anybody can get a read-lock on a rwlock
1254 provided it is either unlocked or already in rd-held. */
1256 /* acquire a dependency from the lock's VC. Probably pointless,
1257 but also harmless. */
1261 noerror:
1263 /* check lock order acquisition graph, and update. This has to
1264 happen before the lock is added to the thread's locksetA/W. */
1266 }
1267 /* update the thread's held-locks set */
1269 /* but don't update thr->locksetW, since lk is only rd-held */
1270 /* fall through */
1272 error:
1274 }
1277 /* The lock at 'lock_ga' is just about to be unlocked. Make all
1278 necessary updates, and also do all possible error checks. */
1279 static
1282 {
1284 Word n;
1285 Bool was_heldW;
1287 /* This routine is called prior to a lock release, before
1288 libpthread has had a chance to validate the call. Hence we need
1289 to detect and reject any attempts to move the lock into an
1290 invalid state. Such attempts are bugs in the client.
1292 isRDWR is True if we know from the wrapper context that lock_ga
1293 should refer to a reader-writer lock, and is False if [ditto]
1294 lock_ga should refer to a standard mutex. */
1300 /* We know nothing about a lock at 'lock_ga'. Nevertheless
1301 the client is trying to unlock it. So complain, then ignore
1302 the attempt. */
1305 }
1313 }
1317 }
1320 /* The lock is not held. This indicates a serious bug in the
1321 client. */
1327 }
1329 /* test just above dominates */
1333 /* The lock is held. Is this thread one of the holders? If not,
1334 report a bug in the client. */
1338 /* We are not a current holder of the lock. This is a bug in
1339 the guest, and (per POSIX pthread rules) the unlock
1340 attempt will fail. So just complain and do nothing
1341 else. */
1349 }
1351 /* Ok, we hold the lock 'n' times. */
1356 n--;
1362 /* We still hold the lock. So either it's a recursive lock
1363 or a rwlock which is currently r-held. */
1369 else
1372 /* n is zero. This means we don't hold the lock any more. But
1373 if it's a rwlock held in r-mode, someone else could still
1374 hold it. Just do whatever sanity checks we can. */
1376 /* It's a rwlock. We no longer hold it but we used to;
1377 nevertheless it still appears to be held by someone else.
1378 The implication is that, prior to this release, it must
1379 have been shared by us and and whoever else is holding it;
1380 which in turn implies it must be r-held, since a lock
1381 can't be w-held by more than one thread. */
1382 /* The lock is now R-held by somebody else: */
1385 /* Normal case. It's either not a rwlock, or it's a rwlock
1386 that we used to hold in w-mode (which is pretty much the
1387 same thing as a non-rwlock.) Since this transaction is
1388 atomic (V does not allow multiple threads to run
1389 simultaneously), it must mean the lock is now not held by
1390 anybody. Hence assert for it. */
1391 /* The lock is now not held by anybody: */
1394 }
1395 //if (lock->heldBy) {
1396 // tl_assert(0 == VG_(elemBag)( lock->heldBy, (UWord)thr ));
1397 //}
1398 /* update this thread's lockset accordingly. */
1399 thr->locksetA
1401 thr->locksetW
1403 /* push our VC into the lock */
1406 /* If the lock was previously W-held, then we want to do a
1407 strong send, and if previously R-held, then a weak send. */
1409 }
1410 /* fall through */
1412 error:
1414 }
1417 /* ---------------------------------------------------------- */
1418 /* -------- Event handlers proper (evh__* functions) -------- */
1419 /* ---------------------------------------------------------- */
1421 /* What is the Thread* for the currently running thread? This is
1422 absolutely performance critical. We receive notifications from the
1423 core for client code starts/stops, and cache the looked-up result
1424 in 'current_Thread'. Hence, for the vast majority of requests,
1425 finding the current thread reduces to a read of a global variable,
1426 provided get_current_Thread_in_C_C is inlined.
1428 Outside of client code, current_Thread is NULL, and presumably
1429 any uses of it will cause a segfault. Hence:
1431 - for uses definitely within client code, use
1432 get_current_Thread_in_C_C.
1434 - for all other uses, use get_current_Thread.
1435 */
1448 }
1449 }
1455 }
1458 }
1460 ThreadId coretid;
1465 /* evidently not in client code. Do it the slow way. */
1467 /* FIXME: get rid of the following kludge. It exists because
1468 evh__new_mem is called during initialisation (as notification
1469 of initial memory layout) and VG_(get_running_tid)() returns
1470 VG_INVALID_THREADID at that point. */
1475 }
1477 static
1487 }
1489 static
1499 }
1501 #define DCL_evh__new_mem_stack(syze) \
1502 static void VG_REGPARM(1) evh__new_mem_stack_##syze(Addr new_SP) \
1503 { \
1504 Thread *thr = get_current_Thread(); \
1505 if (SHOW_EVENTS >= 2) \
1507 (void*)new_SP, (SizeT)syze ); \
1508 shadow_mem_make_New( thr, -VG_STACK_REDZONE_SZB + new_SP, syze ); \
1509 if (syze >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE)) \
1511 if (UNLIKELY(thr->pthread_create_nesting_level > 0)) \
1512 shadow_mem_make_Untracked( thr, new_SP, syze ); \
1513 }
1525 static
1535 }
1537 static
1548 }
1551 }
1553 static
1556 // This handles mprotect requests. If the memory is being put
1557 // into no-R no-W state, paint it as NoAccess, for the reasons
1558 // documented at evh__die_mem_munmap().
1562 /* Hmm. What should we do here, that actually makes any sense?
1563 Let's say: if neither readable nor writable, then declare it
1564 NoAccess, else leave it alone. */
1569 }
1571 static
1573 // Urr, libhb ignores this.
1579 }
1581 static
1583 // It's important that libhb doesn't ignore this. If, as is likely,
1584 // the client is subject to address space layout randomization,
1585 // then unmapped areas may never get remapped over, even in long
1586 // runs. If we just ignore them we wind up with large resource
1587 // (VTS) leaks in libhb. So force them to NoAccess, so that all
1588 // VTS references in the affected area are dropped. Marking memory
1589 // as NoAccess is expensive, but we assume that munmap is sufficiently
1590 // rare that the space gains of doing this are worth the costs.
1594 }
1596 static
1598 // Libhb doesn't ignore this.
1604 }
1606 static
1615 }
1617 static
1619 {
1646 /* Create a new thread record for the child. */
1647 /* a Thread for the new thread ... */
1652 /* and bind it in the thread-map table */
1657 /* Record where the parent is so we can later refer to this in
1658 error messages.
1660 On x86/amd64-linux, this entails a nasty glibc specific hack.
1661 The stack snapshot is taken immediately after the parent has
1662 returned from its sys_clone call. Unfortunately there is no
1663 unwind info for the insn following "syscall" - reading the
1664 glibc sources confirms this. So we ask for a snapshot to be
1665 taken as if RIP was 3 bytes earlier, in a place where there
1666 is unwind info. Sigh.
1667 */
1669 # if defined(VGP_amd64_linux) || defined(VGP_x86_linux)
1671 # elif defined(VGP_arm64_linux) || defined(VGP_arm_linux)
1673 # endif
1675 }
1681 /* Counterpart in _VG_USERREQ__HG_SET_MY_PTHREAD_T. */
1682 }
1683 }
1687 }
1689 static
1691 {
1692 Int nHeld;
1698 /* quit_tid has disappeared without joining to any other thread.
1699 Therefore there is no synchronisation event associated with its
1700 exit and so we have to pretty much treat it as if it was still
1701 alive but mysteriously making no progress. That is because, if
1702 we don't know when it really exited, then we can never say there
1703 is a point in time when we're sure the thread really has
1704 finished, and so we need to consider the possibility that it
1705 lingers indefinitely and continues to interact with other
1706 threads. */
1707 /* However, it might have rendezvous'd with a thread that called
1708 pthread_join with this one as arg, prior to this point (that's
1709 how NPTL works). In which case there has already been a prior
1710 sync event. So in any case, just let the thread exit. On NPTL,
1711 all thread exits go through here. */
1716 /* Complain if this thread holds any locks. */
1720 #if defined(VGO_freebsd)
1721 /* Bugzilla 494337
1722 * temporary (?): turn off this check on FreeBSD 14.2+
1723 * there is a lock during exit() to make it thread safe
1724 * but that lock gets leaked.
1725 */
1728 }
1729 #endif
1735 }
1737 /* Not much to do here:
1738 - tell libhb the thread is gone
1739 - clear the map_threads entry, in order that the Valgrind core
1740 can re-use it. */
1741 /* Cleanup actions (next 5 lines) copied in evh__atfork_child; keep
1742 in sync. */
1751 }
1753 /* This is called immediately after fork, for the child only. 'tid'
1754 is the only surviving thread (as per POSIX rules on fork() in
1755 threaded programs), so we have to clean up map_threads to remove
1756 entries for any other threads. */
1757 static
1759 {
1760 UInt i;
1762 /* Slot 0 should never be used. */
1765 /* Clean up all other slots except 'tid'. */
1772 /* Cleanup actions (next 5 lines) copied from end of
1773 evh__pre_thread_ll_exit; keep in sync. */
1779 }
1780 }
1782 /* generate a dependence from the hbthr_q quitter to the hbthr_s stayer. */
1783 static
1785 {
1787 /* Allocate a temporary synchronisation object and use it to send
1788 an imaginary message from the quitter to the stayer, the purpose
1789 being to generate a dependence from the quitter to the
1790 stayer. */
1793 /* Send last arg of _so_send as False, since the sending thread
1794 doesn't actually exist any more, so we don't want _so_send to
1795 try taking stack snapshots of it. */
1800 /* Tell libhb that the quitter has been reaped. Note that we might
1801 have to be cleverer about this, to exclude 2nd and subsequent
1802 notifications for the same hbthr_q, in the case where the app is
1803 buggy (calls pthread_join twice or more on the same thread) AND
1804 where libpthread is also buggy and doesn't return ESRCH on
1805 subsequent calls. (If libpthread isn't thusly buggy, then the
1806 wrapper for pthread_join in hg_intercepts.c will stop us getting
1807 notified here multiple times for the same joinee.) See also
1808 comments in helgrind/tests/jointwice.c. */
1810 }
1813 static
1815 {
1841 /* evh__pre_thread_ll_exit issues an error message if the exiting
1842 thread holds any locks. No need to check here. */
1844 /* This holds because, at least when using NPTL as the thread
1845 library, we should be notified the low level thread exit before
1846 we hear of any join event on it. The low level exit
1847 notification feeds through into evh__pre_thread_ll_exit,
1848 which should clear the map_threads entry for it. Hence we
1849 expect there to be no map_threads entry at this point. */
1855 }
1857 static
1869 }
1871 static
1874 Int len;
1878 // Don't segfault if the string starts in an obviously stupid
1879 // place. Actually we should check the whole string, not just
1880 // the start address, but that's too much trouble. At least
1881 // checking the first byte is better than nothing. See #255009.
1890 }
1892 static
1903 }
1905 static
1910 // We ignore the initialisation state (is_inited); that's ok.
1914 }
1916 static
1924 /* Treat frees as if the memory was written immediately prior to
1925 the free. This shakes out more races, specifically, cases
1926 where memory is referenced by one thread, and freed by
1927 another, and there's no observable synchronisation event to
1928 guarantee that the reference happens before the free. */
1931 }
1933 /* We used to call instead
1934 shadow_mem_make_NoAccess_NoFX( thr, a, len );
1935 A non-buggy application will not access anymore
1936 the freed memory, and so marking no access is in theory useless.
1937 Not marking freed memory would avoid the overhead for applications
1938 doing mostly malloc/free, as the freed memory should then be recycled
1939 very quickly after marking.
1940 We rather mark it noaccess for the following reasons:
1941 * accessibility bits then always correctly represents the memory
1942 status (e.g. for the client request VALGRIND_HG_GET_ABITS).
1943 * the overhead is reasonable (about 5 seconds per Gb in 1000 bytes
1944 blocks, on a ppc64le, for a unrealistic workload of an application
1945 doing only malloc/free).
1946 * marking no access allows to GC the SecMap, which might improve
1947 performance and/or memory usage.
1948 * we might detect more applications bugs when memory is marked
1949 noaccess.
1950 If needed, we could support here an option --free-is-noaccess=yes|no
1951 to avoid marking freed memory as no access if some applications
1952 would need to avoid the marking noaccess overhead. */
1956 }
1958 /* --- Event handlers called from generated code --- */
1966 }
1974 }
1982 }
1990 }
1998 }
2006 }
2014 }
2022 }
2024 /* Same as evh__mem_help_cwrite_4 but unwind will use a first_sp_delta of
2025 one word. */
2035 }
2043 }
2045 /* Same as evh__mem_help_cwrite_8 but unwind will use a first_sp_delta of
2046 one word. */
2056 }
2064 }
2067 /* ------------------------------------------------------- */
2068 /* -------------- events to do with mutexes -------------- */
2069 /* ------------------------------------------------------- */
2071 /* EXPOSITION only: by intercepting lock init events we can show the
2072 user where the lock was initialised, rather than only being able to
2073 show where it was first locked. Intercepting lock initialisations
2074 is not necessary for the basic operation of the race checker. */
2075 static
2078 {
2087 }
2089 static
2091 Bool mutex_is_init )
2092 {
2101 /* cannot fail - Thread* must already exist */
2107 /* We're destroying a mutex which we don't have any record of,
2108 and which appears to have the value PTHREAD_MUTEX_INITIALIZER.
2109 Assume it never got used, and so we don't need to do anything
2110 more. */
2112 }
2117 }
2123 /* Basically act like we unlocked the lock */
2126 /* remove lock from locksets of all owning threads */
2132 }
2140 }
2142 out:
2145 }
2149 {
2150 /* Just check the mutex is sane; nothing else to do. */
2151 // 'mutex' may be invalid - not checked by wrapper
2167 }
2175 /* uh, it's a non-recursive lock and we already w-hold it, and
2176 this is a real lock operation (not a speculative "tryLock"
2177 kind of thing). Duh. Deadlock coming up; but at least
2178 produce an error message. */
2186 }
2187 }
2188 }
2191 {
2192 // only called if the real library call succeeded - so mutex is sane
2202 thr,
2205 );
2206 }
2209 {
2210 // 'mutex' may be invalid - not checked by wrapper
2220 }
2223 {
2224 // only called if the real library call succeeded - so mutex is sane
2232 // anything we should do here?
2233 }
2236 /* ------------------------------------------------------- */
2237 /* -------------- events to do with spinlocks ------------ */
2238 /* ------------------------------------------------------- */
2240 /* All a bit of a kludge. Pretend we're really dealing with ordinary
2241 pthread_mutex_t's instead, for the most part. */
2245 {
2248 /* In glibc's kludgey world, we're either initialising or unlocking
2249 it. Since this is the pre-routine, if it is locked, unlock it
2250 and take a dependence edge. Otherwise, do nothing. */
2263 /* it's held. So do the normal pre-unlock actions, as copied
2264 from evh__HG_PTHREAD_MUTEX_UNLOCK_PRE. This stupidly
2265 duplicates the map_locks_maybe_lookup. */
2268 }
2269 }
2273 {
2275 /* More kludgery. If the lock has never been seen before, do
2276 actions as per evh__HG_PTHREAD_MUTEX_INIT_POST. Else do
2277 nothing. */
2287 }
2288 }
2292 {
2294 }
2298 {
2300 }
2304 {
2306 }
2309 /* ----------------------------------------------------- */
2310 /* --------------- events to do with CVs --------------- */
2311 /* ----------------------------------------------------- */
2313 /* A mapping from CV to (the SO associated with it, plus some
2314 auxiliary data for error checking). When the CV is
2315 signalled/broadcasted upon, we do a 'send' into the SO, and when a
2316 wait on it completes, we do a 'recv' from the SO. This is believed
2317 to give the correct happens-before events arising from CV
2318 signallings/broadcasts.
2319 */
2321 /* .so is the SO for this CV.
2322 .mx_ga is the associated mutex, when .nWaiters > 0
2324 POSIX says effectively that the first pthread_cond_{timed}wait call
2325 causes a dynamic binding between the CV and the mutex, and that
2326 lasts until such time as the waiter count falls to zero. Hence
2327 need to keep track of the number of waiters in order to do
2328 consistency tracking. */
2329 typedef
2334 }
2335 CVInfo;
2338 /* pthread_cond_t* -> CVInfo* */
2345 }
2346 }
2361 }
2362 }
2372 }
2373 }
2393 /* Destroying a cond var being waited upon outcome is EBUSY and
2394 variable is not destroyed. */
2396 }
2403 /* We have no record of this CV. So complain about it
2404 .. except, don't bother to complain if it has exactly the
2405 value PTHREAD_COND_INITIALIZER, since it might be that the CV
2406 was initialised like that but never used. */
2410 }
2411 }
2412 }
2415 {
2416 /* 'tid' has signalled on 'cond'. As per the comment above, bind
2417 cond to a SO if it is not already so bound, and 'send' on the
2418 SO. This is later used by other thread(s) which successfully
2419 exit from a pthread_cond_wait on the same cv; then they 'recv'
2420 from the SO, thereby acquiring a dependency on this signalling
2421 event. */
2424 //Lock* lk;
2437 // error-if: mutex is bogus
2438 // error-if: mutex is not locked
2439 // Hmm. POSIX doesn't actually say that it's an error to call
2440 // pthread_cond_signal with the associated mutex being unlocked.
2441 // Although it does say that it should be "if consistent scheduling
2442 // is desired." For that reason, print "dubious" if the lock isn't
2443 // held by any thread. Skip the "dubious" if it is held by some
2444 // other thread; that sounds straight-out wrong.
2445 //
2446 // Anybody who writes code that signals on a CV without holding
2447 // the associated MX needs to be shipped off to a lunatic asylum
2448 // ASAP, even though POSIX doesn't actually declare such behaviour
2449 // illegal -- it makes code extremely difficult to understand/
2450 // reason about. In particular it puts the signalling thread in
2451 // a situation where it is racing against the released waiter
2452 // as soon as the signalling is done, and so there needs to be
2453 // some auxiliary synchronisation mechanism in the program that
2454 // makes this safe -- or the race(s) need to be harmless, or
2455 // probably nonexistent.
2456 //
2461 }
2462 /* note: lk could be NULL. Be careful. */
2467 }
2470 "pthread_cond_{signal,broadcast}: dubious: "
2472 }
2475 "pthread_cond_{signal,broadcast}: "
2477 }
2479 /* Couldn't even find the damn thing. */
2480 // But actually .. that's not necessarily an error. We don't
2481 // know the (CV,MX) binding until a pthread_cond_wait or bcast
2482 // shows us what it is, and if that may not have happened yet.
2483 // So just keep quiet in this circumstance.
2484 //HG_(record_error_Misc)( thr,
2485 // "pthread_cond_{signal,broadcast}: "
2486 // "no or invalid mutex associated with cond");
2487 }
2488 }
2491 }
2493 /* returns True if it reckons 'mutex' is valid and held by this
2494 thread, else False */
2497 {
2513 /* Check for stupid mutex arguments. There are various ways to be
2514 a bozo. Only complain once, though, even if more than one thing
2515 is wrong. */
2519 thr,
2540 }
2541 }
2543 // error-if: cond is also associated with a different mutex
2548 /* form initial (CV,MX) binding */
2550 }
2556 }
2560 }
2564 Bool timeout)
2565 {
2566 /* A pthread_cond_wait(cond, mutex) completed successfully. Find
2567 the SO for this cond, and 'recv' from it so as to acquire a
2568 dependency edge back to the signaller/broadcaster. */
2580 // error-if: cond is also associated with a different mutex
2584 /* This could be either a bug in helgrind or the guest application
2585 that did an error (e.g. cond var was destroyed by another thread.
2586 Let's assume helgrind is perfect ...
2587 Note that this is similar to drd behaviour. */
2591 }
2598 /* Hmm. How can a wait on 'cond' succeed if nobody signalled
2599 it? If this happened it would surely be a bug in the threads
2600 library. Or one of those fabled "spurious wakeups". */
2602 "succeeded"
2604 }
2606 /* anyway, acquire a dependency on it. */
2610 }
2614 {
2625 }
2630 {
2631 /* Deal with destroy events. The only purpose is to free storage
2632 associated with the CV, so as to avoid any possible resource
2633 leaks. */
2640 }
2643 /* ------------------------------------------------------- */
2644 /* -------------- events to do with rwlocks -------------- */
2645 /* ------------------------------------------------------- */
2647 /* EXPOSITION only */
2648 static
2650 {
2657 }
2659 static
2661 {
2669 /* cannot fail - Thread* must already exist */
2677 }
2683 /* Basically act like we unlocked the lock */
2686 /* remove lock from locksets of all owning threads */
2692 }
2700 }
2704 }
2706 static
2710 {
2711 /* Just check the rwl is sane; nothing else to do. */
2712 // 'rwl' may be invalid - not checked by wrapper
2727 /* Wrong kind of lock. Duh. */
2731 }
2732 }
2734 static
2736 {
2737 // only called if the real library call succeeded - so mutex is sane
2749 thr,
2752 );
2753 }
2756 {
2757 // 'rwl' may be invalid - not checked by wrapper
2767 }
2770 {
2771 // only called if the real library call succeeded - so mutex is sane
2779 // anything we should do here?
2780 }
2783 /* ---------------------------------------------------------- */
2784 /* -------------- events to do with semaphores -------------- */
2785 /* ---------------------------------------------------------- */
2787 /* This is similar to but not identical to the handling for condition
2788 variables. */
2790 /* For each semaphore, we maintain a stack of SOs. When a 'post'
2791 operation is done on a semaphore (unlocking, essentially), a new SO
2792 is created for the posting thread, the posting thread does a strong
2793 send to it (which merely installs the posting thread's VC in the
2794 SO), and the SO is pushed on the semaphore's stack.
2796 Later, when a (probably different) thread completes 'wait' on the
2797 semaphore, we pop a SO off the semaphore's stack (which should be
2798 nonempty), and do a strong recv from it. This mechanism creates
2799 dependencies between posters and waiters of the semaphore.
2801 It may not be necessary to use a stack - perhaps a bag of SOs would
2802 do. But we do need to keep track of how many unused-up posts have
2803 happened for the semaphore.
2805 Imagine T1 and T2 both post once on a semaphore S, and T3 waits
2806 twice on S. T3 cannot complete its waits without both T1 and T2
2807 posting. The above mechanism will ensure that T3 acquires
2808 dependencies on both T1 and T2.
2810 When a semaphore is initialised with value N, we do as if we'd
2811 posted N times on the semaphore: basically create N SOs and do a
2812 strong send to all of then. This allows up to N waits on the
2813 semaphore to acquire a dependency on the initialisation point,
2814 which AFAICS is the correct behaviour.
2816 We don't emit an error for DESTROY_PRE on a semaphore we don't know
2817 about. We should.
2818 */
2820 /* sem_t* -> XArray* SO* */
2827 }
2828 }
2831 UWord keyW;
2844 }
2845 }
2848 UWord keyW;
2854 /* xa is the stack for this semaphore. */
2855 Word sz;
2866 /* hmm, that's odd. No stack for this semaphore. */
2868 }
2869 }
2872 {
2882 /* Empty out the semaphore's SO stack. This way of doing it is
2883 stupid, but at least it's easy. */
2888 }
2896 }
2897 }
2899 static
2901 {
2912 /* Empty out the semaphore's SO stack. This way of doing it is
2913 stupid, but at least it's easy. */
2918 }
2920 /* If we don't do this check, the following while loop runs us out
2921 of memory for stupid initial values of 'value'. */
2926 }
2928 /* Now create 'valid' new SOs for the thread, do a strong send to
2929 each of them, and push them all on the stack. */
2937 }
2938 }
2941 {
2942 /* 'tid' has posted on 'sem'. Create a new SO, do a strong send to
2943 it (iow, write our VC into it, then tick ours), and push the SO
2944 on on a stack of SOs associated with 'sem'. This is later used
2945 by other thread(s) which successfully exit from a sem_wait on
2946 the same sem; by doing a strong recv from SOs popped of the
2947 stack, they acquire dependencies on the posting thread
2948 segment(s). */
2961 // error-if: sem is bogus
2969 }
2972 {
2973 /* A sem_wait(sem) completed successfully. Pop the posting-SO for
2974 the 'sem' from this semaphore's SO-stack, and do a strong recv
2975 from it. This creates a dependency back to one of the post-ers
2976 for the semaphore. */
2989 // error-if: sem is bogus
3000 /* Hmm. How can a wait on 'sem' succeed if nobody posted to it?
3001 If this happened it would surely be a bug in the threads
3002 library. */
3006 }
3007 }
3010 /* -------------------------------------------------------- */
3011 /* -------------- events to do with barriers -------------- */
3012 /* -------------------------------------------------------- */
3014 typedef
3020 }
3021 Bar;
3025 /* all fields are zero */
3028 }
3035 }
3037 /* A mapping which stores auxiliary data for barriers. */
3039 /* pthread_barrier_t* -> Bar* */
3046 }
3047 }
3059 }
3060 }
3069 }
3070 }
3075 UWord count,
3076 UWord resizable )
3077 {
3092 );
3093 }
3098 );
3099 }
3107 );
3108 }
3114 );
3116 }
3120 }
3126 }
3131 {
3135 /* Deal with destroy events. The only purpose is to free storage
3136 associated with the barrier, so as to avoid any possible
3137 resource leaks. */
3152 );
3153 }
3158 );
3159 }
3161 /* Maybe we shouldn't do this; just let it persist, so that when it
3162 is reinitialised we don't need to do any dynamic memory
3163 allocation? The downside is a potentially unlimited space leak,
3164 if the client creates (in turn) a large number of barriers all
3165 at different locations. Note that if we do later move to the
3166 don't-delete-it scheme, we need to mark the barrier as
3167 uninitialised again since otherwise a later _init call will
3168 elicit a duplicate-init error. */
3170 }
3173 /* All the threads have arrived. Now do the Interesting Bit. Get a
3174 new synchronisation object and do a weak send to it from all the
3175 participating threads. This makes its vector clocks be the join of
3176 all the individual threads' vector clocks. Then do a strong
3177 receive from it back to all threads, so that their VCs are a copy
3178 of it (hence are all equal to the join of their original VCs.) */
3180 {
3181 /* XXX check bar->waiting has no duplicates */
3182 UWord i;
3188 /* compute the join ... */
3193 }
3194 /* ... and distribute to all threads */
3199 }
3201 /* finally, we must empty out the waiting vector */
3204 /* and we don't need this any more. Perhaps a stack-allocated
3205 SO would be better? */
3207 }
3212 {
3213 /* This function gets called after a client thread calls
3214 pthread_barrier_wait but before it arrives at the real
3215 pthread_barrier_wait.
3217 Why is the following correct? It's a bit subtle.
3219 If this is not the last thread arriving at the barrier, we simply
3220 note its presence and return. Because valgrind (at least as of
3221 Nov 08) is single threaded, we are guaranteed safe from any race
3222 conditions when in this function -- no other client threads are
3223 running.
3225 If this is the last thread, then we are again the only running
3226 thread. All the other threads will have either arrived at the
3227 real pthread_barrier_wait or are on their way to it, but in any
3228 case are guaranteed not to be able to move past it, because this
3229 thread is currently in this function and so has not yet arrived
3230 at the real pthread_barrier_wait. That means that:
3232 1. While we are in this function, none of the other threads
3233 waiting at the barrier can move past it.
3235 2. When this function returns (and simulated execution resumes),
3236 this thread and all other waiting threads will be able to move
3237 past the real barrier.
3239 Because of this, it is now safe to update the vector clocks of
3240 all threads, to represent the fact that they all arrived at the
3241 barrier and have all moved on. There is no danger of any
3242 complications to do with some threads leaving the barrier and
3243 racing back round to the front, whilst others are still leaving
3244 (which is the primary source of complication in correct handling/
3245 implementation of barriers). That can't happen because we update
3246 here our data structures so as to indicate that the threads have
3247 passed the barrier, even though, as per (2) above, they are
3248 guaranteed not to pass the barrier until we return.
3250 This relies crucially on Valgrind being single threaded. If that
3251 changes, this will need to be reconsidered.
3252 */
3255 UWord present;
3271 );
3273 }
3275 /* guaranteed by _INIT_PRE above */
3281 /* guaranteed by this function */
3289 }
3294 UWord newcount )
3295 {
3298 UWord present;
3314 );
3316 }
3321 );
3323 }
3328 );
3330 }
3332 /* guaranteed by _INIT_PRE above */
3335 /* Guaranteed by this fn */
3339 /* Increasing the capacity. There's no possibility of threads
3340 moving on from the barrier in this situation, so just note
3341 the fact and do nothing more. */
3344 /* Decreasing the capacity. If we decrease it to be equal or
3345 below the number of waiting threads, they will now move past
3346 the barrier, so need to mess with dep edges in the same way
3347 as if the barrier had filled up normally. */
3353 }
3355 }
3356 }
3359 /* ----------------------------------------------------- */
3360 /* ----- events to do with user-specified HB edges ----- */
3361 /* ----------------------------------------------------- */
3363 /* A mapping from arbitrary UWord tag to the SO associated with it.
3364 The UWord tags are meaningless to us, interpreted only by the
3365 user. */
3369 /* UWord -> SO* */
3376 }
3377 }
3389 }
3390 }
3400 }
3401 }
3404 static
3406 {
3407 /* TID is just about to notionally sent a message on a notional
3408 abstract synchronisation object whose identity is given by
3409 USERTAG. Bind USERTAG to a real SO if it is not already so
3410 bound, and do a 'weak send' on the SO. This joins the vector
3411 clocks from this thread into any vector clocks already present
3412 in the SO. The resulting SO vector clocks are later used by
3413 other thread(s) which successfully 'receive' from the SO,
3414 thereby acquiring a dependency on all the events that have
3415 previously signalled on this SO. */
3430 }
3432 static
3434 {
3435 /* TID has just notionally received a message from a notional
3436 abstract synchronisation object whose identity is given by
3437 USERTAG. Bind USERTAG to a real SO if it is not already so
3438 bound. If the SO has at some point in the past been 'sent' on,
3439 to a 'strong receive' on it, thereby acquiring a dependency on
3440 the sender. */
3454 /* Acquire a dependency on it. If the SO has never so far been
3455 sent on, then libhb_so_recv will do nothing. So we're safe
3456 regardless of SO's history. */
3458 }
3460 static
3462 {
3463 /* TID declares that any happens-before edges notionally stored in
3464 USERTAG can be deleted. If (as would normally be the case) a
3465 SO is associated with USERTAG, then the association is removed
3466 and all resources associated with SO are freed. Importantly,
3467 that frees up any VTSs stored in SO. */
3473 }
3476 #if defined(VGO_solaris)
3477 /* ----------------------------------------------------- */
3478 /* --- events to do with bind guard/clear intercepts --- */
3479 /* ----------------------------------------------------- */
3481 static
3483 {
3496 /* Misuse pthread_create_nesting_level for ignoring mutex activity. */
3498 }
3499 }
3501 static
3503 {
3517 }
3518 }
3522 /*--------------------------------------------------------------*/
3523 /*--- Lock acquisition order monitoring ---*/
3524 /*--------------------------------------------------------------*/
3526 /* FIXME: here are some optimisations still to do in
3527 laog__pre_thread_acquires_lock.
3529 The graph is structured so that if L1 --*--> L2 then L1 must be
3530 acquired before L2.
3532 The common case is that some thread T holds (eg) L1 L2 and L3 and
3533 is repeatedly acquiring and releasing Ln, and there is no ordering
3534 error in what it is doing. Hence it repeatedly:
3536 (1) searches laog to see if Ln --*--> {L1,L2,L3}, which always
3537 produces the answer No (because there is no error).
3539 (2) adds edges {L1,L2,L3} --> Ln to laog, which are already present
3540 (because they already got added the first time T acquired Ln).
3542 Hence cache these two events:
3544 (1) Cache result of the query from last time. Invalidate the cache
3545 any time any edges are added to or deleted from laog.
3547 (2) Cache these add-edge requests and ignore them if said edges
3548 have already been added to laog. Invalidate the cache any time
3549 any edges are deleted from laog.
3550 */
3552 typedef
3556 }
3557 LAOGLinks;
3559 /* lock order acquisition graph */
3562 /* EXPOSITION ONLY: for each edge in 'laog', record the two places
3563 where that edge was created, so that we can show the user later if
3564 we need to. */
3565 typedef
3571 }
3572 LAOGLinkExposition;
3575 /* Compare LAOGLinkExposition*s by (src_ga,dst_ga) field pair. */
3583 }
3586 /* end EXPOSITION ONLY */
3591 {
3600 cmp_LAOGLinkExposition );
3601 }
3625 }
3628 }
3631 Word i;
3640 // univ_laog_seen[*] set to 0 (False) by zalloc.
3651 }
3656 seen++;
3657 else
3659 }
3663 // We need to decide the value of the next_gc.
3664 // 3 solutions were looked at:
3665 // Sol 1: garbage collect at seen * 2
3666 // This solution was a lot slower, probably because we both do a lot of
3667 // garbage collection and do not keep long enough laog WV that will become
3668 // useful again very soon.
3669 // Sol 2: garbage collect at a percentage increase of the current cardinality
3670 // (with a min increase of 1)
3671 // Trials on a small test program with 1%, 5% and 10% increase was done.
3672 // 1% is slightly faster than 5%, which is slightly slower than 10%.
3673 // However, on a big application, this caused the memory to be exhausted,
3674 // as even a 1% increase of size at each gc becomes a lot, when many gc
3675 // are done.
3676 // Sol 3: always garbage collect at current cardinality + 1.
3677 // This solution was the fastest of the 3 solutions, and caused no memory
3678 // exhaustion in the big application.
3679 //
3680 // With regards to cost introduced by gc: on the t2t perf test (doing only
3681 // lock/unlock operations), t2t 50 10 2 was about 25% faster than the
3682 // version with garbage collection. With t2t 50 20 2, my machine started
3683 // to page out, and so the garbage collected version was much faster.
3684 // On smaller lock sets (e.g. t2t 20 5 2, giving about 100 locks), the
3685 // difference performance is insignificant (~ 0.1 s).
3686 // Of course, it might be that real life programs are not well represented
3687 // by t2t.
3689 // If ever we want to have a more sophisticated control
3690 // (e.g. clo options to control the percentage increase or fixed increased),
3691 // we should do it here, eg.
3692 // next_gc_univ_laog = prev_next_gc_univ_laog + VG_(clo_laog_gc_fixed);
3693 // Currently, we just hard-code the solution 3 above.
3701 }
3706 UWord keyW;
3711 /* Take the opportunity to sanity check the graph. Record in
3712 presentF if there is already a src->dst mapping in this node's
3713 forwards links, and presentR if there is already a src->dst
3714 mapping in this node's backwards links. They should agree!
3715 Also, we need to know whether the edge was already present so as
3716 to decide whether or not to update the link details mapping. We
3717 can compute presentF and presentR essentially for free, so may
3718 as well do this always. */
3721 /* Update the out edges for src */
3725 WordSetID outs_new;
3736 }
3737 /* Update the in edges for dst */
3741 WordSetID inns_new;
3752 }
3757 LAOGLinkExposition expo;
3758 /* If this edge is entering the graph, and we have acquired_at
3759 information for both src and dst, record those acquisition
3760 points. Hence, if there is later a violation of this
3761 ordering, we can show the user the two places in which the
3762 required src-dst ordering was previously established. */
3771 /* we already have it; do nothing */
3780 }
3781 }
3785 }
3789 UWord keyW;
3792 /* Update the out edges for src */
3799 }
3800 /* Update the in edges for dst */
3807 }
3809 /* Remove the exposition of src,dst (if present) */
3810 {
3813 LAOGLinkExposition expo;
3822 }
3823 }
3825 /* deleting edges can increase nr of of WS so check for gc. */
3829 }
3833 UWord keyW;
3843 }
3844 }
3848 UWord keyW;
3858 }
3859 }
3881 }
3888 }
3891 }
3895 bad:
3899 }
3901 /* If there is a path in laog from 'src' to any of the elements in
3902 'dst', return an arbitrarily chosen element of 'dst' reachable from
3903 'src'. If no path exist from 'src' to any element in 'dst', return
3904 NULL. */
3906 static
3908 {
3910 Word ssz;
3914 WordSetID succs;
3917 //laog__sanity_check();
3919 /* If the destination set is empty, we can never get there from
3920 'src' :-), so don't bother to try */
3950 }
3955 }
3958 /* Thread 'thr' is acquiring 'lk'. Check for inconsistent ordering
3959 between 'lk' and the locks already held by 'thr' and issue a
3960 complaint if so. Also, update the ordering graph appropriately.
3961 */
3965 Lock* lk
3966 )
3967 {
3972 /* It may be that 'thr' already holds 'lk' and is recursively
3973 relocking in. In this case we just ignore the call. */
3974 /* NB: univ_lsets really is correct here */
3978 /* First, the check. Complain if there is any path in laog from lk
3979 to any of the locks already held by thr, since if any such path
3980 existed, it would mean that previously lk was acquired before
3981 (rather than after, as we are doing here) at least one of those
3982 locks.
3983 */
3987 /* So we managed to find a path lk --*--> other in the graph,
3988 which implies that 'lk' should have been acquired before
3989 'other' but is in fact being acquired afterwards. We present
3990 the lk/other arguments to record_error_LockOrder in the order
3991 in which they should have been acquired. */
3992 /* Go look in the laog_exposition mapping, to find the allocation
3993 points for this edge, so we can show the user. */
4010 /* Hmm. This can't happen (can it?) */
4011 /* Yes, it can happen: see tests/tc14_laog_dinphils.
4012 Imagine we have 3 philosophers A B C, and the forks
4013 between them:
4015 C
4017 fCA fBC
4019 A fAB B
4021 Let's have the following actions:
4022 A takes fCA,fAB
4023 A releases fCA,fAB
4024 B takes fAB,fBC
4025 B releases fAB,fBC
4026 C takes fBC,fCA
4027 C releases fBC,fCA
4029 Helgrind will report a lock order error when C takes fCA.
4030 Effectively, we have a deadlock if the following
4031 sequence is done:
4032 A takes fCA
4033 B takes fAB
4034 C takes fBC
4036 The error reported is:
4037 Observed (incorrect) order fBC followed by fCA
4038 but the stack traces that have established the required order
4039 are not given.
4041 This is because there is no pair (fCA, fBC) in laog exposition :
4042 the laog_exposition records all pairs of locks between a new lock
4043 taken by a thread and all the already taken locks.
4044 So, there is no laog_exposition (fCA, fBC) as no thread ever
4045 first locked fCA followed by fBC.
4047 In other words, when the deadlock cycle involves more than
4048 two locks, then helgrind does not report the sequence of
4049 operations that created the cycle.
4051 However, we can report the current stack trace (where
4052 lk is being taken), and the stack trace where other was acquired:
4053 Effectively, the variable 'other' contains a lock currently
4054 held by this thread, with its 'acquired_at'. */
4059 }
4060 }
4062 /* Second, add to laog the pairs
4063 (old, lk) | old <- locks already held by thr
4064 Since both old and lk are currently held by thr, their acquired_at
4065 fields must be non-NULL.
4066 */
4073 }
4075 /* Why "except_Locks" ? We're here because a lock is being
4076 acquired by a thread, and we're in an inconsistent state here.
4077 See the call points in evhH__post_thread_{r,w}_acquires_lock.
4078 When called in this inconsistent state, locks__sanity_check duly
4079 barfs. */
4082 }
4084 /* Allocates a duplicate of words. Caller must HG_(free) the result. */
4086 {
4087 UInt i;
4098 }
4100 /* Delete from 'laog' any pair mentioning a lock in locksToDelete */
4104 {
4112 // We need to duplicate the payload, as these can be garbage collected
4113 // during the del/add operations below.
4129 /* This can pass unlocked locks to laog__add_edge, since
4130 we're deleting stuff. So their acquired_at fields may
4131 be NULL. */
4133 }
4134 }
4135 }
4142 // Remove lk information from laog links FM
4143 {
4151 }
4152 }
4153 /* FIXME ??? What about removing lock lk data from EXPOSITION ??? */
4154 }
4156 //__attribute__((noinline))
4157 //static void laog__handle_lock_deletions (
4158 // WordSetID /* in univ_laog */ locksToDelete
4159 // )
4160 //{
4161 // Word i, ws_size;
4162 // UWord* ws_words;
4163 //
4164 //
4165 // HG_(getPayloadWS)( &ws_words, &ws_size, univ_lsets, locksToDelete );
4166 // UWordV_dup call needed here ...
4167 // for (i = 0; i < ws_size; i++)
4168 // laog__handle_one_lock_deletion( (Lock*)ws_words[i] );
4169 //
4170 // if (HG_(clo_sanity_flags) & SCE_LAOG)
4171 // all__sanity_check("laog__handle_lock_deletions-post");
4172 //}
4175 /*--------------------------------------------------------------*/
4176 /*--- Malloc/free replacements ---*/
4177 /*--------------------------------------------------------------*/
4179 typedef
4186 }
4187 MallocMeta;
4189 /* A hash table of MallocMetas, used to track malloc'd blocks
4190 (obviously). */
4193 /* MallocMeta are small elements. We use a pool to avoid
4194 the overhead of malloc for each MallocMeta. */
4201 }
4204 }
4207 /* Allocate a client block and set up the metadata for it. */
4209 static
4212 {
4213 Addr p;
4220 }
4224 /* Note that map_threads_lookup must succeed (cannot assert), since
4225 memory can only be allocated by currently alive threads, hence
4226 they must have an entry in map_threads. */
4237 /* Tell the lower level memory wranglers. */
4241 }
4243 /* Re the checks for less-than-zero (also in hg_cli__realloc below):
4244 Cast to a signed type to catch any unexpectedly negative args.
4245 We're assuming here that the size asked for is not greater than
4246 2^31 bytes (for 32-bit platforms) or 2^63 bytes (for 64-bit
4247 platforms). */
4252 }
4257 }
4258 static void* hg_cli____builtin_new_aligned ( ThreadId tid, SizeT n, SizeT align, SizeT orig_align ) {
4262 }
4267 }
4268 static void* hg_cli____builtin_vec_new_aligned ( ThreadId tid, SizeT n, SizeT align, SizeT orig_align ) {
4272 }
4277 }
4282 }
4285 /* Free a client block, including getting rid of the relevant
4286 metadata. */
4289 {
4291 SizeT szB;
4293 /* First see if we can find the metadata for 'p'. */
4303 }
4305 /* Nuke the metadata block */
4315 /* Tell the lower level memory wranglers. */
4317 }
4321 }
4324 }
4327 }
4330 }
4333 }
4336 {
4338 SizeT i;
4347 }
4365 }
4367 }
4370 /* size unchanged */
4373 }
4376 /* new size is smaller */
4381 }
4384 /* new size is bigger */
4387 // Nb: if realloc fails, NULL is returned but the old block is not
4388 // touched. What an awful function.
4390 }
4392 /* First half kept and copied, second half new */
4393 // FIXME: shouldn't we use a copier which implements the
4394 // memory state machine?
4398 /* FIXME: can anything funny happen here? specifically, if the
4399 old range contained a lock, then die_mem_heap will complain.
4400 Is that the correct behaviour? Not sure. */
4403 /* Copy from old to new */
4407 /* Because the metadata hash table is index by payload address,
4408 we have to get rid of the old hash table entry and make a new
4409 one. We can't just modify the existing metadata in place,
4410 because then it would (almost certainly) be in the wrong hash
4411 chain. */
4422 /* Update fields */
4428 /* and add */
4432 }
4433 }
4436 {
4439 // There may be slop, but pretend there isn't because only the asked-for
4440 // area will have been shadowed properly.
4442 }
4445 /* For error creation: map 'data_addr' to a malloc'd chunk, if any.
4446 Slow linear search. With a bit of hash table help if 'data_addr'
4447 is either the start of a block or up to 15 word-sized steps along
4448 from the start of a block. */
4451 {
4452 /* Accept 'a' as within 'mm' if 'mm's size is zero and 'a' points
4453 right at it. */
4456 /* else normal interval rules apply */
4460 }
4466 Addr data_addr )
4467 {
4469 Int i;
4472 /* Before searching the list of allocated blocks in hg_mallocmeta_table,
4473 first verify that data_addr is in a heap client segment. */
4478 /* First, do a few fast searches on the basis that data_addr might
4479 be exactly the start of a block or up to 15 words inside. This
4480 can happen commonly via the creq
4481 _VG_USERREQ__HG_CLEAN_MEMORY_HEAPBLOCK. */
4487 }
4489 /* Well, this totally sucks. But without using an interval tree or
4490 some such, it's hard to see how to do better. We have to check
4491 every block in the entire table. */
4496 }
4498 /* Not found. Bah. */
4500 /*NOTREACHED*/
4502 found:
4510 }
4513 /*--------------------------------------------------------------*/
4514 /*--- Instrumentation ---*/
4515 /*--------------------------------------------------------------*/
4517 #define unop(_op, _arg1) IRExpr_Unop((_op),(_arg1))
4518 #define binop(_op, _arg1, _arg2) IRExpr_Binop((_op),(_arg1),(_arg2))
4519 #define mkexpr(_tmp) IRExpr_RdTmp((_tmp))
4520 #define mkU32(_n) IRExpr_Const(IRConst_U32(_n))
4521 #define mkU64(_n) IRExpr_Const(IRConst_U64(_n))
4522 #define assign(_t, _e) IRStmt_WrTmp((_t), (_e))
4524 /* This takes and returns atoms, of course. Not full IRExprs. */
4526 {
4530 /* Generate 32to1(And32(1Uto32(arg1), 1Uto32(arg2))). Appalling
4531 code, I know. */
4542 }
4546 Int szB,
4547 Bool isStore,
4548 Bool fixupSP_needed,
4549 Int hWordTy_szB,
4550 Int goff_sp,
4551 Int goff_sp_s1,
4552 /* goff_sp_s1 is the offset in guest
4553 state where the cachedstack validity
4554 is stored. */
4556 {
4564 // THRESH is the size of the window above SP (well,
4565 // mostly above) that we assume implies a stack reference.
4575 /* So the effective address is in 'addr' now. */
4591 /* Unwind has to be done with a SP fixed up with one word.
4592 See Ist_Put heuristic in hg_instrument. */
4598 }
4603 /* Unwind has to be done with a SP fixed up with one word.
4604 See Ist_Put heuristic in hg_instrument. */
4610 }
4620 }
4650 }
4651 }
4653 /* Create the helper. */
4659 argv );
4662 /* memory access helper might read the shadow1 SP offset, that
4663 indicates if the cached stacktrace is valid. */
4670 }
4673 /* We're ignoring memory references which are (obviously) to the
4674 stack. In fact just skip stack refs that are within 4 pages
4675 of SP (SP - the redzone, really), as that's simple, easy, and
4676 filters out most stack references. */
4677 /* Generate the guard condition: "(addr - (SP - RZ)) >u N", for
4678 some arbitrary N. If that is true then addr is outside the
4679 range (SP - RZ .. SP + N - RZ). If N is smallish (a few
4680 pages) then we can say addr is within a few pages of SP and
4681 so can't possibly be a heap access, and so can be skipped.
4683 Note that the condition simplifies to
4684 (addr - SP + RZ) >u N
4685 which generates better code in x86/amd64 backends, but it does
4686 not unfortunately simplify to
4687 (addr - SP) >u (N - RZ)
4688 (would be beneficial because N - RZ is a constant) because
4689 wraparound arithmetic messes up the comparison. eg.
4690 20 >u 10 == True,
4691 but (20 - 15) >u (10 - 15) == 5 >u (MAXINT-5) == False.
4692 */
4696 /* "addr - SP" */
4699 sbOut,
4701 tyAddr == Ity_I32
4704 );
4706 /* "addr - SP + RZ" */
4709 sbOut,
4711 tyAddr == Ity_I32
4714 );
4716 /* guardA == "guard on the address" */
4719 sbOut,
4721 tyAddr == Ity_I32
4724 );
4726 }
4728 /* If there's a guard on the access itself (as supplied by the
4729 caller of this routine), we need to AND that in to any guard we
4730 might already have. */
4733 }
4735 /* Add the helper. */
4737 }
4740 /* Figure out if GA is a guest code address in the dynamic linker, and
4741 if so return True. Otherwise (and in case of any doubt) return
4742 False. (sidedly safe w/ False as the safe value) */
4744 {
4756 }
4758 static
4760 Int goff_sp_s1,
4761 Int hWordTy_szB)
4762 {
4763 /* Invalidate cached stack: Write 0 in the shadow1 offset 0 */
4768 /// ???? anything more efficient than assign a Word???
4769 }
4771 static
4778 {
4779 Int i;
4786 // Set to True when SP must be fixed up when taking a stack trace for the
4787 // mem accesses in the rest of the instruction
4791 /* SP in shadow1 indicates if cached stack is valid.
4792 We have to invalidate the cached stack e.g. when seeing call or ret. */
4797 /* We don't currently support this case. */
4799 }
4803 }
4805 /* Set up BB */
4812 // Copy verbatim any IR preamble preceding the first IMark
4816 i++;
4817 }
4819 // Get the first statement, and initial cia from it
4833 /* No memory reference, but if we do anything else than
4834 Ijk_Boring, indicate to helgrind that the previously
4835 recorded stack is invalid.
4836 For Ijk_Boring, also invalidate the stack if the exit
4837 instruction has no CF info. This heuristic avoids cached
4838 stack trace mismatch in some cases such as longjmp
4839 implementation. Similar logic below for the bb exit. */
4846 /* None of these can contain any memory references. */
4849 /* This cannot contain any memory references. */
4850 /* If we see a put to SP, from now on in this instruction,
4851 the SP needed to unwind has to be fixed up by one word.
4852 This very simple heuristic ensures correct unwinding in the
4853 typical case of a push instruction. If we need to cover more
4854 cases, then we need to better track how the SP is modified by
4855 the instruction (and calculate a precise sp delta), rather than
4856 assuming that the SP is decremented by a Word size. */
4859 }
4862 /* This cannot contain any memory references. */
4868 /* no mem refs, but note the insn address. */
4871 /* Don't instrument the dynamic linker. It generates a
4872 lot of races which we just expensively suppress, so
4873 it's pointless.
4875 Avoid flooding is_in_dynamic_linker_shared_object with
4876 requests by only checking at transitions between 4K
4877 pages. */
4884 }
4894 }
4898 /* Atomic read-modify-write cycle. Just pretend it's a
4899 read. */
4908 }
4909 /* Just be boring about it. */
4912 bbOut,
4918 NULL/*no-guard*/
4919 );
4920 }
4922 }
4925 /* We pretend store-conditionals don't exist, viz, ignore
4926 them. Whereas load-linked's are treated the same as
4927 normal loads. */
4928 IRType dataTy;
4930 /* LL */
4934 bbOut,
4939 NULL/*no-guard*/
4940 );
4941 }
4943 /* SC */
4944 /*ignore */
4945 }
4947 }
4952 bbOut,
4957 NULL/*no-guard*/
4958 );
4959 }
4970 hWordTy_szB,
4973 }
4984 hWordTy_szB,
4987 }
4994 bbOut,
4999 NULL/*no-guard*/
5000 );
5001 }
5002 }
5004 }
5007 Int dataSize;
5010 /* This dirty helper accesses memory. Collect the
5011 details. */
5021 NULL/*no-guard*/
5022 );
5023 }
5024 }
5031 NULL/*no-guard*/
5032 );
5033 }
5034 }
5038 }
5040 }
5043 unhandled:
5052 // See above the case Ist_Exit:
5058 }
5060 #undef binop
5061 #undef mkexpr
5062 #undef mkU32
5063 #undef mkU64
5064 #undef assign
5067 /*----------------------------------------------------------------*/
5068 /*--- Client requests ---*/
5069 /*----------------------------------------------------------------*/
5071 /* Sheesh. Yet another goddam finite map. */
5078 }
5079 }
5081 /* A list of Ada dependent tasks and their masters. Used for implementing
5082 the Ada task termination semantic as implemented by the
5083 gcc gnat Ada runtime. */
5084 typedef
5090 }
5094 {
5099 }
5100 }
5103 {
5111 }
5113 {
5114 // Make xtmemory_report_next_block ready to be called.
5118 }
5121 {
5123 (
5133 }
5135 /* return True if request recognised, False otherwise */
5137 {
5141 Int kwdid;
5146 /* NB: if possible, avoid introducing a new command below which
5147 starts with the same first letter(s) as an already existing
5148 command. This ensures a shorter abbreviation for the user. */
5168 {
5173 Int i;
5182 }
5183 }
5190 }
5191 }
5197 }
5201 }
5205 {
5206 Addr address;
5213 }
5217 else
5219 }
5221 }
5228 }
5233 }
5234 }
5236 static
5238 {
5243 /* Anything that gets past the above check is one of ours, so we
5244 should be able to handle it. */
5246 /* default, meaningless return value, unless otherwise set */
5251 /* --- --- User-visible client requests --- --- */
5256 /* Call die_mem to (expensively) tidy up properly, if there
5257 are any held locks etc in the area. Calling evh__die_mem
5258 and then evh__new_mem is a bit inefficient; probably just
5259 the latter would do. */
5262 /* and then set it to New */
5264 }
5277 }
5281 }
5283 }
5290 }
5298 }
5311 else
5315 /* This thread (tid) (a master) is informing us that it has
5316 seen the termination of a dependent task, and that this should
5317 be considered as a join between master and dependent. */
5319 Word n;
5330 /* Similar loop as for master completed hook below, but stops at
5331 the first matching occurence, only comparing master and
5332 dependent. */
5345 }
5346 }
5348 }
5350 /* --- --- Client requests for Helgrind's use only --- --- */
5352 /* Some thread is telling us its pthread_t value. Record the
5353 binding between that and the associated Thread*, so we can
5354 later find the Thread* again when notified of a join by the
5355 thread. */
5363 /* This assertion should hold because the map_threads (tid to
5364 Thread*) binding should have been made at the point of
5365 low-level creation of this thread, which should have
5366 happened prior to us getting this client request for it.
5367 That's because this client request is sent from
5368 client-world from the 'thread_wrapper' function, which
5369 only runs once the thread has been low-level created. */
5371 /* So now we know that (pthread_t)args[1] is associated with
5372 (Thread*)my_thr. Note that down. */
5379 /* FIXME: hardwires assumption about identity of the root thread. */
5384 }
5385 }
5387 }
5394 #if defined(VGO_freebsd)
5397 }
5398 #endif
5402 }
5404 /* This thread (tid) has completed a join with the quitting
5405 thread whose pthread_t is in args[1]. */
5415 /* Can this fail? It would mean that our pthread_join
5416 wrapper observed a successful join on args[1] yet that
5417 thread never existed (or at least, it never lodged an
5418 entry in the mapping (via SET_MY_PTHREAD_T)). Which
5419 sounds like a bug in the threads library. */
5420 // FIXME: get rid of this assertion; handle properly
5425 thr_q);
5427 }
5429 }
5431 /* This thread (tid) is informing us of its master. */
5433 GNAT_dmml dmml;
5442 "dependent = %p master = %p master_level = %ld"
5449 }
5451 /* This thread (tid) is informing us that it has completed a
5452 master. */
5454 Word n;
5466 /* Reverse loop on the array, simulating a pthread_join for
5467 the Dependent tasks of the completed master, and removing
5468 them from the array. */
5480 }
5481 }
5483 }
5485 /* EXPOSITION only: by intercepting lock init events we can show
5486 the user where the lock was initialised, rather than only
5487 being able to show where it was first locked. Intercepting
5488 lock initialisations is not necessary for the basic operation
5489 of the race checker. */
5494 /* mutex=arg[1], mutex_is_init=arg[2] */
5524 /* This thread is about to do pthread_cond_signal on the
5525 pthread_cond_t* in arg[1]. Ditto pthread_cond_broadcast. */
5537 /* Entry into pthread_cond_wait, cond=arg[1], mutex=arg[2].
5538 Returns a flag indicating whether or not the mutex is believed to be
5539 valid for this operation. */
5542 Bool mutex_is_valid
5547 }
5549 /* Thread successfully completed pthread_cond_init:
5550 cond=arg[1], cond_attr=arg[2] */
5556 /* cond=arg[1], cond_is_init=arg[2] */
5561 /* Thread completed pthread_cond_wait, cond=arg[1],
5562 mutex=arg[2], timeout=arg[3], successful=arg[4] */
5579 /* rwlock=arg[1], isW=arg[2], isTryLock=arg[3] */
5587 /* rwlock=arg[1], isW=arg[2], tookLock=arg[3] */
5629 #if defined(VGO_freebsd)
5632 #else
5635 #endif
5640 /* pth_bar_t*, ulong count, ulong resizable */
5646 /* pth_bar_t*, ulong newcount */
5652 /* pth_bar_t* */
5657 /* pth_bar_t* */
5662 /* pth_spinlock_t* */
5667 /* pth_spinlock_t* */
5672 /* pth_spinlock_t*, Word */
5677 /* pth_spinlock_t* */
5682 /* pth_spinlock_t* */
5687 /* HChar* who */
5695 /* record_error_Misc strdup's buf, so this is safe: */
5698 }
5701 /* UWord arbitrary-SO-tag */
5706 /* UWord arbitrary-SO-tag */
5711 /* UWord arbitrary-SO-tag */
5719 else
5722 }
5729 }
5731 }
5738 }
5740 }
5766 #if defined(VGO_solaris)
5777 /* Unhandled Helgrind client request! */
5782 }
5785 }
5788 /*----------------------------------------------------------------*/
5789 /*--- Setup ---*/
5790 /*----------------------------------------------------------------*/
5793 {
5810 // 500 just in case someone with a lot of CPU and memory would like to use
5811 // the same value for --num-callers and this.
5819 /* "stuvwx" --> stuvwx (binary) */
5821 Int j;
5827 }
5835 }
5836 }
5838 }
5855 else
5859 }
5862 {
5882 );
5883 }
5886 {
5904 );
5905 }
5908 {
5916 }
5917 }
5919 //zz VG_(printf)("\n");
5920 //zz VG_(printf)(" hbefore: %'10lu queries\n", stats__hbefore_queries);
5921 //zz VG_(printf)(" hbefore: %'10lu cache 0 hits\n", stats__hbefore_cache0s);
5922 //zz VG_(printf)(" hbefore: %'10lu cache > 0 hits\n", stats__hbefore_cacheNs);
5923 //zz VG_(printf)(" hbefore: %'10lu graph searches\n", stats__hbefore_gsearches);
5924 //zz VG_(printf)(" hbefore: %'10lu of which slow\n",
5925 //zz stats__hbefore_gsearches - stats__hbefore_gsearchFs);
5926 //zz VG_(printf)(" hbefore: %'10lu stack high water mark\n",
5927 //zz stats__hbefore_stk_hwm);
5928 //zz VG_(printf)(" hbefore: %'10lu cache invals\n", stats__hbefore_invals);
5929 //zz VG_(printf)(" hbefore: %'10lu probes\n", stats__hbefore_probes);
5937 }
5939 //VG_(printf)("L(ast)L(ock) map: %'8lu inserts (%d map size)\n",
5940 // stats__ga_LL_adds,
5941 // (Int)(ga_to_lastlock ? VG_(sizeFM)( ga_to_lastlock ) : 0) );
5958 }
5962 stats__lockN_acquires,
5963 stats__lockN_releases
5964 );
5969 }
5972 {
5981 }
5990 }
5992 /* FIXME: move these somewhere sane */
5994 static
5996 {
5998 ThreadId tid;
5999 UWord nActual;
6011 }
6013 static
6015 {
6017 ThreadId tid;
6023 /* this will assert if tid is invalid */
6026 }
6030 {
6036 "helgrind --delta-stacktrace=yes only works with "
6040 }
6043 /////////////////////////////////////////////
6045 for_libhb__get_EC );
6046 /////////////////////////////////////////////
6054 // Activate full xtree memory profiling.
6056 }
6059 {
6061 }
6064 {
6074 hg_instrument,
6075 hg_fini);
6094 hg_print_usage,
6095 hg_print_debug_usage);
6098 // FIXME?
6099 //VG_(needs_sanity_checks) (hg_cheap_sanity_check,
6100 // hg_expensive_sanity_check);
6106 hg_cli____builtin_new,
6107 hg_cli____builtin_new_aligned,
6108 hg_cli____builtin_vec_new,
6109 hg_cli____builtin_vec_new_aligned,
6110 hg_cli__memalign,
6111 hg_cli__calloc,
6112 hg_cli__free,
6113 hg_cli____builtin_delete,
6114 hg_cli____builtin_delete_aligned,
6115 hg_cli____builtin_vec_delete,
6116 hg_cli____builtin_vec_delete_aligned,
6117 hg_cli__realloc,
6118 hg_cli_malloc_usable_size,
6119 HG_CLI__DEFAULT_MALLOC_REDZONE_SZB );
6121 /* 21 Dec 08: disabled this; it mostly causes H to start more
6122 slowly and use significantly more memory, without very often
6123 providing useful results. The user can request to load this
6124 information manually with --read-var-info=yes. */
6142 // FIXME: surely this isn't thread-aware
6151 /* evh__die_mem calls at the end libhb_srange_noaccess_NoFX
6152 which has no effect. We do not use VG_(track_die_mem_stack),
6153 as this would be an expensive way to do nothing. */
6154 // VG_(track_die_mem_stack) ( evh__die_mem );
6156 // FIXME: what is this for?
6164 /////////////////
6172 /* Ensure that requirements for "dodgy C-as-C++ style inheritance"
6173 as described in comments at the top of pub_tool_hashtable.h, are
6174 met. Blargh. */
6177 hg_mallocmeta_table
6186 // add a callback to clean up on (threaded) fork.
6188 }
6192 /*--------------------------------------------------------------------*/
6193 /*--- end hg_main.c ---*/
6194 /*--------------------------------------------------------------------*/