bit need_mb = 0; /* =1 says need reader mb, =0 for reader response. */
byte reader_progress[4];
/* Count of read-side statement executions. */
+bit reader_done = 0;
+ /* =0 says reader still running, =1 says done. */
+bit updater_done = 0;
+ /* =0 says updater still running, =1 says done. */
/* urcu definitions and variables, taken straight from the algorithm. */
do
:: need_mb == 1 ->
need_mb = 0;
- :: 1 -> skip;
+ :: !updater_done -> skip;
:: 1 -> break;
od;
reader_progress[2] +
reader_progress[3] == 0) && need_mb == 1 ->
need_mb = 0;
- :: 1 -> skip;
+ :: !updater_done -> skip;
:: 1 -> break;
od;
urcu_active_readers = tmp;
break;
:: tmp < 4 && reader_progress[tmp] != 0 ->
tmp = tmp + 1;
- :: tmp >= 4 ->
+ :: tmp >= 4 &&
+ reader_progress[0] == reader_progress[3] ->
done = 1;
break;
+ :: tmp >= 4 &&
+ reader_progress[0] != reader_progress[3] ->
+ break;
od;
do
:: tmp < 4 && reader_progress[tmp] == 0 ->
do
:: need_mb == 1 ->
need_mb = 0;
- :: 1 -> skip;
+ :: !updater_done -> skip;
:: 1 -> break;
od;
:: else -> skip;
od;
assert((tmp_free == 0) || (tmp_removed == 1));
+ /* Reader has completed. */
+ reader_done = 1;
+
/* Process any late-arriving memory-barrier requests. */
do
:: need_mb == 1 ->
need_mb = 0;
- :: 1 -> skip;
+ :: !updater_done -> skip;
:: 1 -> break;
od;
}
proctype urcu_updater()
{
+ /* prior synchronize_rcu(), second counter flip. */
+ need_mb = 1;
+ do
+ :: need_mb == 1 -> skip;
+ :: need_mb == 0 -> break;
+ od;
+ urcu_gp_ctr = urcu_gp_ctr + RCU_GP_CTR_BIT;
+ need_mb = 1;
+ do
+ :: need_mb == 1 -> skip;
+ :: need_mb == 0 -> break;
+ od;
+ do
+ :: 1 ->
+ if
+ :: (urcu_active_readers & RCU_GP_CTR_NEST_MASK) != 0 &&
+ (urcu_active_readers & ~RCU_GP_CTR_NEST_MASK) !=
+ (urcu_gp_ctr & ~RCU_GP_CTR_NEST_MASK) ->
+ skip;
+ :: else -> break;
+ fi;
+ od;
+ need_mb = 1;
+ do
+ :: need_mb == 1 -> skip;
+ :: need_mb == 0 -> break;
+ od;
+
/* Removal statement, e.g., list_del_rcu(). */
removed = 1;
- /* synchronize_rcu(), first counter flip. */
+ /* current synchronize_rcu(), first counter flip. */
need_mb = 1;
do
:: need_mb == 1 -> skip;
od;
do
:: 1 ->
- printf("urcu_gp_ctr=%x urcu_active_readers=%x\n", urcu_gp_ctr, urcu_active_readers);
- printf("urcu_gp_ctr&0x7f=%x urcu_active_readers&0x7f=%x\n", urcu_gp_ctr & ~RCU_GP_CTR_NEST_MASK, urcu_active_readers & ~RCU_GP_CTR_NEST_MASK);
if
:: (urcu_active_readers & RCU_GP_CTR_NEST_MASK) != 0 &&
(urcu_active_readers & ~RCU_GP_CTR_NEST_MASK) !=
(urcu_gp_ctr & ~RCU_GP_CTR_NEST_MASK) ->
skip;
:: else -> break;
- fi
+ fi;
od;
need_mb = 1;
do
:: need_mb == 0 -> break;
od;
- /* Erroneous removal statement, e.g., list_del_rcu(). */
- /* removed = 1; */
-
- /* synchronize_rcu(), second counter flip. */
+ /* current synchronize_rcu(), second counter flip. */
need_mb = 1;
do
:: need_mb == 1 -> skip;
od;
do
:: 1 ->
- printf("urcu_gp_ctr=%x urcu_active_readers=%x\n", urcu_gp_ctr, urcu_active_readers);
- printf("urcu_gp_ctr&0x7f=%x urcu_active_readers&0x7f=%x\n", urcu_gp_ctr & ~RCU_GP_CTR_NEST_MASK, urcu_active_readers & ~RCU_GP_CTR_NEST_MASK);
if
:: (urcu_active_readers & RCU_GP_CTR_NEST_MASK) != 0 &&
(urcu_active_readers & ~RCU_GP_CTR_NEST_MASK) !=
/* free-up step, e.g., kfree(). */
free = 1;
+
+ /*
+ * Signal updater done, ending any otherwise-infinite loops
+ * in the reading process.
+ */
+ updater_done = 1;
}
/*