mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add tests showing weak memory behaviours

Browse Source
This commit is contained in:
Andy Wang 2022-05-12 22:04:37 +01:00
parent 773131bb26
commit 7d874db213
No known key found for this signature in database
GPG Key ID: 181B49F9F38F3374
5 changed files with 112 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
tests/run-pass/concurrency/weak_memory.rs → tests/run-pass/weak_memory/consistency.rs
View File

@ -1,8 +1,8 @@
// ignore-windows: Concurrency on Windows is not supported yet. // ignore-windows: Concurrency on Windows is not supported yet.
// compile-flags: -Zmiri-ignore-leaks -Zmiri-disable-stacked-borrows // compile-flags: -Zmiri-ignore-leaks -Zmiri-disable-stacked-borrows
// Weak memory emulation tests. All of the following test if // The following tests check whether our weak memory emulation produces
// our weak memory emulation produces any inconsistent execution outcomes // any inconsistent execution outcomes
// //
// Due to the random nature of choosing valid stores, it is always // Due to the random nature of choosing valid stores, it is always
// possible that our tests spuriously succeeds: even though our weak // possible that our tests spuriously succeeds: even though our weak
@ -12,15 +12,6 @@
// //
// To mitigate this, each test is ran enough times such that the chance // To mitigate this, each test is ran enough times such that the chance
// of spurious success is very low. These tests never supriously fail. // of spurious success is very low. These tests never supriously fail.
//
// Note that we can't effectively test whether our weak memory emulation
// can produce *all* consistent execution outcomes. This may be possible
// if Miri's scheduler is sufficiently random and explores all possible
// interleavings of our small test cases after a reasonable number of runs.
// However, since Miri's scheduler is not even pre-emptive, there will
// always be possible interleavings (and possible execution outcomes),
// that can never be observed regardless of how weak memory emulation is
// implemented.
// Test cases and their consistent outcomes are from // Test cases and their consistent outcomes are from
// http://svr-pes20-cppmem.cl.cam.ac.uk/cppmem/ // http://svr-pes20-cppmem.cl.cam.ac.uk/cppmem/
@ -28,10 +19,9 @@
// M. Batty, S. Owens, S. Sarkar, P. Sewell and T. Weber, // M. Batty, S. Owens, S. Sarkar, P. Sewell and T. Weber,
// "Mathematizing C++ concurrency", ACM SIGPLAN Notices, vol. 46, no. 1, pp. 55-66, 2011. // "Mathematizing C++ concurrency", ACM SIGPLAN Notices, vol. 46, no. 1, pp. 55-66, 2011.
// Available: https://ss265.host.cs.st-andrews.ac.uk/papers/n3132.pdf. // Available: https://ss265.host.cs.st-andrews.ac.uk/papers/n3132.pdf.
#![feature(atomic_from_mut)]
use std::sync::atomic::AtomicUsize;
use std::sync::atomic::Ordering::*; use std::sync::atomic::Ordering::*;
use std::sync::atomic::{AtomicU16, AtomicU32, AtomicUsize};
use std::thread::{spawn, yield_now}; use std::thread::{spawn, yield_now};
#[derive(Copy, Clone)] #[derive(Copy, Clone)]
@ -41,7 +31,7 @@ unsafe impl<T> Send for EvilSend<T> {}
unsafe impl<T> Sync for EvilSend<T> {} unsafe impl<T> Sync for EvilSend<T> {}
// We can't create static items because we need to run each test // We can't create static items because we need to run each test
// multiple tests // multiple times
fn static_atomic(val: usize) -> &'static AtomicUsize { fn static_atomic(val: usize) -> &'static AtomicUsize {
let ret = Box::leak(Box::new(AtomicUsize::new(val))); let ret = Box::leak(Box::new(AtomicUsize::new(val)));
// A workaround to put the initialisation value in the store buffer // A workaround to put the initialisation value in the store buffer
@ -190,26 +180,6 @@ fn test_mixed_access() {
assert_eq!(r2, 2); assert_eq!(r2, 2);
} }
// Strictly speaking, atomic accesses that imperfectly overlap with existing
// atomic objects are UB. Nonetheless we'd like to provide a sane value when
// the access is not racy.
fn test_imperfectly_overlapping_access() {
let mut qword = AtomicU32::new(42);
assert_eq!(qword.load(Relaxed), 42);
qword.store(u32::to_be(0xabbafafa), Relaxed);
let qword_mut = qword.get_mut();
let dwords_mut = unsafe { std::mem::transmute::<&mut u32, &mut [u16; 2]>(qword_mut) };
let (hi_mut, lo_mut) = dwords_mut.split_at_mut(1);
let (hi, lo) = (AtomicU16::from_mut(&mut hi_mut[0]), AtomicU16::from_mut(&mut lo_mut[0]));
assert_eq!(u16::from_be(hi.load(Relaxed)), 0xabba);
assert_eq!(u16::from_be(lo.load(Relaxed)), 0xfafa);
}
// The following two tests are taken from Repairing Sequential Consistency in C/C++11 // The following two tests are taken from Repairing Sequential Consistency in C/C++11
// by Lahav et al. // by Lahav et al.
// https://plv.mpi-sws.org/scfix/paper.pdf // https://plv.mpi-sws.org/scfix/paper.pdf
@ -236,7 +206,6 @@ fn test_sc_store_buffering() {
} }
pub fn main() { pub fn main() {
test_imperfectly_overlapping_access();
// TODO: does this make chances of spurious success // TODO: does this make chances of spurious success
// "sufficiently low"? This also takes a long time to run, // "sufficiently low"? This also takes a long time to run,
// prehaps each function should be its own test case so they // prehaps each function should be its own test case so they

0
tests/run-pass/concurrency/weak_memory.stderr → tests/run-pass/weak_memory/consistency.stderr
View File

29
tests/run-pass/weak_memory/imperfectly_overlapping.rs Normal file
View File

@ -0,0 +1,29 @@
// ignore-windows: Concurrency on Windows is not supported yet.
#![feature(atomic_from_mut)]
use std::sync::atomic::Ordering::*;
use std::sync::atomic::{AtomicU16, AtomicU32};
// Strictly speaking, atomic accesses that imperfectly overlap with existing
// atomic objects are UB. Nonetheless we'd like to provide a sane value when
// the access is not racy.
fn test_same_thread() {
let mut qword = AtomicU32::new(42);
assert_eq!(qword.load(Relaxed), 42);
qword.store(u32::to_be(0xabbafafa), Relaxed);
let qword_mut = qword.get_mut();
let dwords_mut = unsafe { std::mem::transmute::<&mut u32, &mut [u16; 2]>(qword_mut) };
let (hi_mut, lo_mut) = dwords_mut.split_at_mut(1);
let (hi, lo) = (AtomicU16::from_mut(&mut hi_mut[0]), AtomicU16::from_mut(&mut lo_mut[0]));
assert_eq!(u16::from_be(hi.load(Relaxed)), 0xabba);
assert_eq!(u16::from_be(lo.load(Relaxed)), 0xfafa);
}
pub fn main() {
test_same_thread();
}

77
tests/run-pass/weak_memory/weak.rs Normal file
View File

@ -0,0 +1,77 @@
// ignore-windows: Concurrency on Windows is not supported yet.
// compile-flags: -Zmiri-ignore-leaks
// Tests showing weak memory behaviours are exhibited. All tests
// return true when the desired behaviour is seen.
// This is scheduler and pseudo-RNG dependent, so each test is
// run multiple times until one try returns true.
// Spurious failure is possible, if you are really unlucky with
// the RNG.
use std::sync::atomic::AtomicUsize;
use std::sync::atomic::Ordering::*;
use std::thread::spawn;
#[derive(Copy, Clone)]
struct EvilSend<T>(pub T);
unsafe impl<T> Send for EvilSend<T> {}
unsafe impl<T> Sync for EvilSend<T> {}
// We can't create static items because we need to run each test
// multiple times
fn static_atomic(val: usize) -> &'static AtomicUsize {
let ret = Box::leak(Box::new(AtomicUsize::new(val)));
// A workaround to put the initialisation value in the store buffer
ret.store(val, Relaxed);
ret
}
fn relaxed() -> bool {
let x = static_atomic(0);
let j1 = spawn(move || {
x.store(1, Relaxed);
x.store(2, Relaxed);
});
let j2 = spawn(move || x.load(Relaxed));
j1.join().unwrap();
let r2 = j2.join().unwrap();
r2 == 1
}
// https://www.doc.ic.ac.uk/~afd/homepages/papers/pdfs/2017/POPL.pdf Figure 8
fn seq_cst() -> bool {
let x = static_atomic(0);
let j1 = spawn(move || {
x.store(1, Relaxed);
});
let j2 = spawn(move || {
x.store(2, SeqCst);
x.store(3, SeqCst);
});
let j3 = spawn(move || x.load(SeqCst));
j1.join().unwrap();
j2.join().unwrap();
let r3 = j3.join().unwrap();
r3 == 1
}
// Asserts that the function returns true at least once in 100 runs
macro_rules! assert_once {
($f:ident) => {
assert!(std::iter::repeat_with(|| $f()).take(100).any(|x| x));
};
}
pub fn main() {
assert_once!(relaxed);
assert_once!(seq_cst);
}

2
tests/run-pass/weak_memory/weak.stderr Normal file
View File

@ -0,0 +1,2 @@
warning: thread support is experimental and incomplete: weak memory effects are not emulated.