Add tests showing weak memory behaviours

Author: cbeuw

tests/run-pass/concurrency/weak_memory.rs tests/run-pass/weak_memory/consistency.rs

@@ -1,8 +1,8 @@
 // ignore-windows: Concurrency on Windows is not supported yet.
 // compile-flags: -Zmiri-ignore-leaks -Zmiri-disable-stacked-borrows
 
-// Weak memory emulation tests. All of the following test if
-// our weak memory emulation produces any inconsistent execution outcomes
+// The following tests check whether our weak memory emulation produces
+// any inconsistent execution outcomes
 //
 // Due to the random nature of choosing valid stores, it is always
 // possible that our tests spuriously succeeds: even though our weak
@@ -12,26 +12,16 @@
 //
 // To mitigate this, each test is ran enough times such that the chance
 // of spurious success is very low. These tests never supriously fail.
-//
-// Note that we can't effectively test whether our weak memory emulation
-// can produce *all* consistent execution outcomes. This may be possible
-// if Miri's scheduler is sufficiently random and explores all possible
-// interleavings of our small test cases after a reasonable number of runs.
-// However, since Miri's scheduler is not even pre-emptive, there will
-// always be possible interleavings (and possible execution outcomes),
-// that can never be observed regardless of how weak memory emulation is
-// implemented.
 
 // Test cases and their consistent outcomes are from
 // http://svr-pes20-cppmem.cl.cam.ac.uk/cppmem/
 // Based on
 // M. Batty, S. Owens, S. Sarkar, P. Sewell and T. Weber,
 // "Mathematizing C++ concurrency", ACM SIGPLAN Notices, vol. 46, no. 1, pp. 55-66, 2011.
 // Available: https://ss265.host.cs.st-andrews.ac.uk/papers/n3132.pdf.
-#![feature(atomic_from_mut)]
 
+use std::sync::atomic::AtomicUsize;
 use std::sync::atomic::Ordering::*;
-use std::sync::atomic::{AtomicU16, AtomicU32, AtomicUsize};
 use std::thread::{spawn, yield_now};
 
 #[derive(Copy, Clone)]
@@ -41,7 +31,7 @@ unsafe impl<T> Send for EvilSend<T> {}
 unsafe impl<T> Sync for EvilSend<T> {}
 
 // We can't create static items because we need to run each test
-// multiple tests
+// multiple times
 fn static_atomic(val: usize) -> &'static AtomicUsize {
     let ret = Box::leak(Box::new(AtomicUsize::new(val)));
     // A workaround to put the initialisation value in the store buffer
@@ -190,26 +180,6 @@ fn test_mixed_access() {
     assert_eq!(r2, 2);
 }
 
-// Strictly speaking, atomic accesses that imperfectly overlap with existing
-// atomic objects are UB. Nonetheless we'd like to provide a sane value when
-// the access is not racy.
-fn test_imperfectly_overlapping_access() {
-    let mut qword = AtomicU32::new(42);
-    assert_eq!(qword.load(Relaxed), 42);
-    qword.store(u32::to_be(0xabbafafa), Relaxed);
-
-    let qword_mut = qword.get_mut();
-
-    let dwords_mut = unsafe { std::mem::transmute::<&mut u32, &mut [u16; 2]>(qword_mut) };
-
-    let (hi_mut, lo_mut) = dwords_mut.split_at_mut(1);
-
-    let (hi, lo) = (AtomicU16::from_mut(&mut hi_mut[0]), AtomicU16::from_mut(&mut lo_mut[0]));
-
-    assert_eq!(u16::from_be(hi.load(Relaxed)), 0xabba);
-    assert_eq!(u16::from_be(lo.load(Relaxed)), 0xfafa);
-}
-
 // The following two tests are taken from Repairing Sequential Consistency in C/C++11
 // by Lahav et al.
 // https://plv.mpi-sws.org/scfix/paper.pdf
@@ -236,7 +206,6 @@ fn test_sc_store_buffering() {
 }
 
 pub fn main() {
-    test_imperfectly_overlapping_access();
     // TODO: does this make chances of spurious success
     // "sufficiently low"? This also takes a long time to run,
     // prehaps each function should be its own test case so they

tests/run-pass/concurrency/weak_memory.stderr tests/run-pass/weak_memory/consistency.stderr

@@ -0,0 +1,29 @@
+// ignore-windows: Concurrency on Windows is not supported yet.
+#![feature(atomic_from_mut)]
+
+use std::sync::atomic::Ordering::*;
+use std::sync::atomic::{AtomicU16, AtomicU32};
+
+// Strictly speaking, atomic accesses that imperfectly overlap with existing
+// atomic objects are UB. Nonetheless we'd like to provide a sane value when
+// the access is not racy.
+fn test_same_thread() {
+    let mut qword = AtomicU32::new(42);
+    assert_eq!(qword.load(Relaxed), 42);
+    qword.store(u32::to_be(0xabbafafa), Relaxed);
+
+    let qword_mut = qword.get_mut();
+
+    let dwords_mut = unsafe { std::mem::transmute::<&mut u32, &mut [u16; 2]>(qword_mut) };
+
+    let (hi_mut, lo_mut) = dwords_mut.split_at_mut(1);
+
+    let (hi, lo) = (AtomicU16::from_mut(&mut hi_mut[0]), AtomicU16::from_mut(&mut lo_mut[0]));
+
+    assert_eq!(u16::from_be(hi.load(Relaxed)), 0xabba);
+    assert_eq!(u16::from_be(lo.load(Relaxed)), 0xfafa);
+}
+
+pub fn main() {
+    test_same_thread();
+}

tests/run-pass/weak_memory/imperfectly_overlapping.rs

@@ -0,0 +1,77 @@
+// ignore-windows: Concurrency on Windows is not supported yet.
+// compile-flags: -Zmiri-ignore-leaks
+
+// Tests showing weak memory behaviours are exhibited. All tests
+// return true when the desired behaviour is seen.
+// This is scheduler and pseudo-RNG dependent, so each test is
+// run multiple times until one try returns true.
+// Spurious failure is possible, if you are really unlucky with
+// the RNG.
+
+use std::sync::atomic::AtomicUsize;
+use std::sync::atomic::Ordering::*;
+use std::thread::spawn;
+
+#[derive(Copy, Clone)]
+struct EvilSend<T>(pub T);
+
+unsafe impl<T> Send for EvilSend<T> {}
+unsafe impl<T> Sync for EvilSend<T> {}
+
+// We can't create static items because we need to run each test
+// multiple times
+fn static_atomic(val: usize) -> &'static AtomicUsize {
+    let ret = Box::leak(Box::new(AtomicUsize::new(val)));
+    // A workaround to put the initialisation value in the store buffer
+    ret.store(val, Relaxed);
+    ret
+}
+
+fn relaxed() -> bool {
+    let x = static_atomic(0);
+    let j1 = spawn(move || {
+        x.store(1, Relaxed);
+        x.store(2, Relaxed);
+    });
+
+    let j2 = spawn(move || x.load(Relaxed));
+
+    j1.join().unwrap();
+    let r2 = j2.join().unwrap();
+
+    r2 == 1
+}
+
+// https://www.doc.ic.ac.uk/~afd/homepages/papers/pdfs/2017/POPL.pdf Figure 8
+fn seq_cst() -> bool {
+    let x = static_atomic(0);
+
+    let j1 = spawn(move || {
+        x.store(1, Relaxed);
+    });
+
+    let j2 = spawn(move || {
+        x.store(2, SeqCst);
+        x.store(3, SeqCst);
+    });
+
+    let j3 = spawn(move || x.load(SeqCst));
+
+    j1.join().unwrap();
+    j2.join().unwrap();
+    let r3 = j3.join().unwrap();
+
+    r3 == 1
+}
+
+// Asserts that the function returns true at least once in 100 runs
+macro_rules! assert_once {
+    ($f:ident) => {
+        assert!(std::iter::repeat_with(|| $f()).take(100).any(|x| x));
+    };
+}
+
+pub fn main() {
+    assert_once!(relaxed);
+    assert_once!(seq_cst);
+}

tests/run-pass/weak_memory/weak.rs

@@ -0,0 +1,2 @@
+warning: thread support is experimental and incomplete: weak memory effects are not emulated.
+