Copyright	(c) 2016 Michael Walker
License	MIT
Maintainer	Michael Walker <mike@barrucadu.co.uk>
Stability	experimental
Portability	CPP
Safe Haskell	None
Language	Haskell2010

Test.DejaFu.SCT

Contents

Bounded Partial-order Reduction
Combination Bounds
Individual Bounds
Backtracking

Description

Systematic testing for concurrent computations.

Synopsis

Bounded Partial-order Reduction

We can characterise the state of a concurrent computation by considering the ordering of dependent events. This is a partial order: independent events can be performed in any order without affecting the result, and so are not ordered.

Partial-order reduction is a technique for computing these partial orders, and only testing one total order for each partial order. This cuts down the amount of work to be done significantly. Bounded partial-order reduction is a further optimisation, which only considers schedules within some bound.

This module provides both a generic function for BPOR, and also a pre-emption bounding BPOR runner, which is used by the Test.DejaFu module.

See Bounded partial-order reduction, K. Coons, M. Musuvathi, K. McKinley for more details.

sctBounded Source #

Arguments

:: MonadRef r n
=> MemType	The memory model to use for non-synchronised `CRef` operations.
-> BoundFunc ThreadId ThreadAction Lookahead	Check if a prefix trace is within the bound
-> BacktrackFunc ThreadId ThreadAction Lookahead DepState	Add a new backtrack point, this takes the history of the execution so far, the index to insert the backtracking point, and the thread to backtrack to. This may insert more than one backtracking point.
-> Conc n r a
-> n [(Either Failure a, Trace ThreadId ThreadAction Lookahead)]

SCT via BPOR.

Schedules are generated by running the computation with a deterministic scheduler with some initial list of decisions, after which the supplied function is called. At each step of execution, possible-conflicting actions are looked for, if any are found, "backtracking points" are added, to cause the events to happen in a different order in a future execution.

Note that unlike with non-bounded partial-order reduction, this may do some redundant work as the introduction of a bound can make previously non-interfering events interfere with each other.

Combination Bounds

Combination schedule bounding, where individual bounds are enabled if they are set.

Pre-emption + fair bounding is useful for programs which use loop/yield control flows but are otherwise terminating.
Pre-emption, fair + length bounding is useful for non-terminating programs, and used by the testing functionality in Test.DejaFu.

data Bounds Source #

Constructors

Bounds
Fields boundPreemp :: Maybe PreemptionBound boundFair :: Maybe FairBound boundLength :: Maybe LengthBound

defaultBounds :: Bounds Source #

All bounds enabled, using their default values.

noBounds :: Bounds Source #

No bounds enabled. This forces the scheduler to just use partial-order reduction and sleep sets to prune the search space. This will ONLY work if your computation always terminated!

sctBound Source #

Arguments

:: MonadRef r n
=> MemType	The memory model to use for non-synchronised `CRef` operations.
-> Bounds	The combined bounds.
-> Conc n r a	The computation to run many times
-> n [(Either Failure a, Trace ThreadId ThreadAction Lookahead)]

An SCT runner using a bounded scheduler

Individual Bounds

Pre-emption Bounding

BPOR using pre-emption bounding. This adds conservative backtracking points at the prior context switch whenever a non-conervative backtracking point is added, as alternative decisions can influence the reachability of different states.

See the BPOR paper for more details.

newtype PreemptionBound :: * #

Constructors

PreemptionBound Int

Instances

Enum PreemptionBound
Methods succ :: PreemptionBound -> PreemptionBound # pred :: PreemptionBound -> PreemptionBound # toEnum :: Int -> PreemptionBound # fromEnum :: PreemptionBound -> Int # enumFrom :: PreemptionBound -> [PreemptionBound] # enumFromThen :: PreemptionBound -> PreemptionBound -> [PreemptionBound] # enumFromTo :: PreemptionBound -> PreemptionBound -> [PreemptionBound] # enumFromThenTo :: PreemptionBound -> PreemptionBound -> PreemptionBound -> [PreemptionBound] #
Eq PreemptionBound
Methods (==) :: PreemptionBound -> PreemptionBound -> Bool # (/=) :: PreemptionBound -> PreemptionBound -> Bool #
Integral PreemptionBound
Methods quot :: PreemptionBound -> PreemptionBound -> PreemptionBound # rem :: PreemptionBound -> PreemptionBound -> PreemptionBound # div :: PreemptionBound -> PreemptionBound -> PreemptionBound # mod :: PreemptionBound -> PreemptionBound -> PreemptionBound # quotRem :: PreemptionBound -> PreemptionBound -> (PreemptionBound, PreemptionBound) # divMod :: PreemptionBound -> PreemptionBound -> (PreemptionBound, PreemptionBound) # toInteger :: PreemptionBound -> Integer #
Num PreemptionBound
Methods (+) :: PreemptionBound -> PreemptionBound -> PreemptionBound # (-) :: PreemptionBound -> PreemptionBound -> PreemptionBound # (*) :: PreemptionBound -> PreemptionBound -> PreemptionBound # negate :: PreemptionBound -> PreemptionBound # abs :: PreemptionBound -> PreemptionBound # signum :: PreemptionBound -> PreemptionBound # fromInteger :: Integer -> PreemptionBound #
Ord PreemptionBound
Methods compare :: PreemptionBound -> PreemptionBound -> Ordering # (<) :: PreemptionBound -> PreemptionBound -> Bool # (<=) :: PreemptionBound -> PreemptionBound -> Bool # (>) :: PreemptionBound -> PreemptionBound -> Bool # (>=) :: PreemptionBound -> PreemptionBound -> Bool # max :: PreemptionBound -> PreemptionBound -> PreemptionBound # min :: PreemptionBound -> PreemptionBound -> PreemptionBound #
Read PreemptionBound
Methods readsPrec :: Int -> ReadS PreemptionBound # readList :: ReadS [PreemptionBound] # readPrec :: ReadPrec PreemptionBound # readListPrec :: ReadPrec [PreemptionBound] #
Real PreemptionBound
Methods toRational :: PreemptionBound -> Rational #
Show PreemptionBound
Methods showsPrec :: Int -> PreemptionBound -> ShowS # show :: PreemptionBound -> String # showList :: [PreemptionBound] -> ShowS #
NFData PreemptionBound
Methods rnf :: PreemptionBound -> () #

defaultPreemptionBound :: PreemptionBound #

A sensible default preemption bound: 2.

See Concurrency Testing Using Schedule Bounding: an Empirical Study, P. Thomson, A. F. Donaldson, A. Betts for justification.

sctPreBound Source #

Arguments

:: MonadRef r n
=> MemType	The memory model to use for non-synchronised `CRef` operations.
-> PreemptionBound	The maximum number of pre-emptions to allow in a single execution
-> Conc n r a	The computation to run many times
-> n [(Either Failure a, Trace ThreadId ThreadAction Lookahead)]

An SCT runner using a pre-emption bounding scheduler.

pBacktrack :: BacktrackFunc ThreadId ThreadAction Lookahead s Source #

Add a backtrack point, and also conservatively add one prior to the most recent transition before that point. This may result in the same state being reached multiple times, but is needed because of the artificial dependency imposed by the bound.

pBound :: PreemptionBound -> BoundFunc ThreadId ThreadAction Lookahead Source #

Pre-emption bound function. This is different to preempBound in that it does not count pre-emptive context switches to a commit thread.

Fair Bounding

BPOR using fair bounding. This bounds the maximum difference between the number of yield operations different threads have performed.

See the BPOR paper for more details.

newtype FairBound :: * #

Constructors

FairBound Int

Instances

Enum FairBound
Methods succ :: FairBound -> FairBound # pred :: FairBound -> FairBound # toEnum :: Int -> FairBound # fromEnum :: FairBound -> Int # enumFrom :: FairBound -> [FairBound] # enumFromThen :: FairBound -> FairBound -> [FairBound] # enumFromTo :: FairBound -> FairBound -> [FairBound] # enumFromThenTo :: FairBound -> FairBound -> FairBound -> [FairBound] #
Eq FairBound
Methods (==) :: FairBound -> FairBound -> Bool # (/=) :: FairBound -> FairBound -> Bool #
Integral FairBound
Methods quot :: FairBound -> FairBound -> FairBound # rem :: FairBound -> FairBound -> FairBound # div :: FairBound -> FairBound -> FairBound # mod :: FairBound -> FairBound -> FairBound # quotRem :: FairBound -> FairBound -> (FairBound, FairBound) # divMod :: FairBound -> FairBound -> (FairBound, FairBound) # toInteger :: FairBound -> Integer #
Num FairBound
Methods (+) :: FairBound -> FairBound -> FairBound # (-) :: FairBound -> FairBound -> FairBound # (*) :: FairBound -> FairBound -> FairBound # negate :: FairBound -> FairBound # abs :: FairBound -> FairBound # signum :: FairBound -> FairBound # fromInteger :: Integer -> FairBound #
Ord FairBound
Methods compare :: FairBound -> FairBound -> Ordering # (<) :: FairBound -> FairBound -> Bool # (<=) :: FairBound -> FairBound -> Bool # (>) :: FairBound -> FairBound -> Bool # (>=) :: FairBound -> FairBound -> Bool # max :: FairBound -> FairBound -> FairBound # min :: FairBound -> FairBound -> FairBound #
Read FairBound
Methods readsPrec :: Int -> ReadS FairBound # readList :: ReadS [FairBound] # readPrec :: ReadPrec FairBound # readListPrec :: ReadPrec [FairBound] #
Real FairBound
Methods toRational :: FairBound -> Rational #
Show FairBound
Methods showsPrec :: Int -> FairBound -> ShowS # show :: FairBound -> String # showList :: [FairBound] -> ShowS #
NFData FairBound
Methods rnf :: FairBound -> () #

defaultFairBound :: FairBound #

A sensible default fair bound: 5.

This comes from playing around myself, but there is probably a better default.

sctFairBound Source #

Arguments

:: MonadRef r n
=> MemType	The memory model to use for non-synchronised `CRef` operations.
-> FairBound	The maximum difference between the number of yield operations performed by different threads.
-> Conc n r a	The computation to run many times
-> n [(Either Failure a, Trace ThreadId ThreadAction Lookahead)]

An SCT runner using a fair bounding scheduler.

fBacktrack :: BacktrackFunc ThreadId ThreadAction Lookahead s Source #

Add a backtrack point. If the thread isn't runnable, or performs a release operation, add all runnable threads.

fBound :: FairBound -> BoundFunc ThreadId ThreadAction Lookahead Source #

Fair bound function

Length Bounding

BPOR using length bounding. This bounds the maximum length (in terms of primitive actions) of an execution.

newtype LengthBound :: * #

Constructors

LengthBound Int

Instances

Enum LengthBound
Methods succ :: LengthBound -> LengthBound # pred :: LengthBound -> LengthBound # toEnum :: Int -> LengthBound # fromEnum :: LengthBound -> Int # enumFrom :: LengthBound -> [LengthBound] # enumFromThen :: LengthBound -> LengthBound -> [LengthBound] # enumFromTo :: LengthBound -> LengthBound -> [LengthBound] # enumFromThenTo :: LengthBound -> LengthBound -> LengthBound -> [LengthBound] #
Eq LengthBound
Methods (==) :: LengthBound -> LengthBound -> Bool # (/=) :: LengthBound -> LengthBound -> Bool #
Integral LengthBound
Methods quot :: LengthBound -> LengthBound -> LengthBound # rem :: LengthBound -> LengthBound -> LengthBound # div :: LengthBound -> LengthBound -> LengthBound # mod :: LengthBound -> LengthBound -> LengthBound # quotRem :: LengthBound -> LengthBound -> (LengthBound, LengthBound) # divMod :: LengthBound -> LengthBound -> (LengthBound, LengthBound) # toInteger :: LengthBound -> Integer #
Num LengthBound
Methods (+) :: LengthBound -> LengthBound -> LengthBound # (-) :: LengthBound -> LengthBound -> LengthBound # (*) :: LengthBound -> LengthBound -> LengthBound # negate :: LengthBound -> LengthBound # abs :: LengthBound -> LengthBound # signum :: LengthBound -> LengthBound # fromInteger :: Integer -> LengthBound #
Ord LengthBound
Methods compare :: LengthBound -> LengthBound -> Ordering # (<) :: LengthBound -> LengthBound -> Bool # (<=) :: LengthBound -> LengthBound -> Bool # (>) :: LengthBound -> LengthBound -> Bool # (>=) :: LengthBound -> LengthBound -> Bool # max :: LengthBound -> LengthBound -> LengthBound # min :: LengthBound -> LengthBound -> LengthBound #
Read LengthBound
Methods readsPrec :: Int -> ReadS LengthBound # readList :: ReadS [LengthBound] # readPrec :: ReadPrec LengthBound # readListPrec :: ReadPrec [LengthBound] #
Real LengthBound
Methods toRational :: LengthBound -> Rational #
Show LengthBound
Methods showsPrec :: Int -> LengthBound -> ShowS # show :: LengthBound -> String # showList :: [LengthBound] -> ShowS #
NFData LengthBound
Methods rnf :: LengthBound -> () #

defaultLengthBound :: LengthBound #

A sensible default length bound: 250.

Based on the assumption that anything which executes for much longer (or even this long) will take ages to test.

sctLengthBound Source #

Arguments

:: MonadRef r n
=> MemType	The memory model to use for non-synchronised `CRef` operations.
-> LengthBound	The maximum length of a schedule, in terms of primitive actions.
-> Conc n r a	The computation to run many times
-> n [(Either Failure a, Trace ThreadId ThreadAction Lookahead)]

An SCT runner using a length bounding scheduler.

Backtracking

data BacktrackStep tid action lookahead state :: * -> * -> * -> * -> * #

One step of the execution, including information for backtracking purposes. This backtracking information is used to generate new schedules.

Constructors

BacktrackStep

Fields

bcktThreadid :: tid
The thread running at this step
bcktDecision :: (Decision tid, action)
What happened at this step.
bcktRunnable :: Map tid lookahead
The threads runnable at this step
bcktBacktracks :: Map tid Bool
The list of alternative threads to run, and whether those alternatives were added conservatively due to the bound.
bcktState :: state
Some domain-specific state at this point.

Instances

(Show tid, Show action, Show lookahead, Show state) => Show (BacktrackStep tid action lookahead state)
Methods showsPrec :: Int -> BacktrackStep tid action lookahead state -> ShowS # show :: BacktrackStep tid action lookahead state -> String # showList :: [BacktrackStep tid action lookahead state] -> ShowS #
(NFData tid, NFData action, NFData lookahead, NFData state) => NFData (BacktrackStep tid action lookahead state)
Methods rnf :: BacktrackStep tid action lookahead state -> () #

type BacktrackFunc tid action lookahead s = [BacktrackStep tid action lookahead s] -> Int -> tid -> [BacktrackStep tid action lookahead s] #

A backtracking step is a point in the execution where another decision needs to be made, in order to explore interesting new schedules. A backtracking function takes the steps identified so far and a point and a thread to backtrack to, and inserts at least that backtracking point. More may be added to compensate for the effects of the bounding function. For example, under pre-emption bounding a conservative backtracking point is added at the prior context switch.

In general, a backtracking function should identify one or more backtracking points, and then use backtrackAt to do the actual work.