CBMC
pthread_lib.c
Go to the documentation of this file.
1 /* FUNCTION: pthread_mutexattr_settype */
2 
3 #ifndef __CPROVER_PTHREAD_H_INCLUDED
4 #include <pthread.h>
5 #define __CPROVER_PTHREAD_H_INCLUDED
6 #endif
7 
8 int __VERIFIER_nondet_int(void);
9 
10 int pthread_mutexattr_settype(pthread_mutexattr_t *attr, int type)
11 {
12  __CPROVER_HIDE:;
13 
14  (void)attr;
15  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
16  if(type==PTHREAD_MUTEX_RECURSIVE)
17  __CPROVER_set_must(attr, "mutexattr-recursive");
18  #else
19  (void)type;
20  #endif
21 
22  int result=__VERIFIER_nondet_int();
23  return result;
24 }
25 
26 /* FUNCTION: pthread_cancel */
27 
28 #ifndef __CPROVER_PTHREAD_H_INCLUDED
29 #include <pthread.h>
30 #define __CPROVER_PTHREAD_H_INCLUDED
31 #endif
32 
33 int __VERIFIER_nondet_int(void);
34 
35 int pthread_cancel(pthread_t thread)
36 {
37  __CPROVER_HIDE:;
38 
39  (void)thread;
40  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
41  __CPROVER_assert(__CPROVER_get_must(&thread, "pthread-id"),
42  "pthread_cancel must be given valid thread ID");
43  #endif
44 
45  int result=__VERIFIER_nondet_int();
46  return result;
47 }
48 
49 /* FUNCTION: pthread_mutex_init */
50 
51 #ifndef __CPROVER_PTHREAD_H_INCLUDED
52 #include <pthread.h>
53 #define __CPROVER_PTHREAD_H_INCLUDED
54 #endif
55 
56 #ifndef __CPROVER_mutex_t_defined
57 #define __CPROVER_mutex_t_defined
58 #if defined __CYGWIN__ || defined __MINGW32__ || defined _WIN32
59 // on Windows, the mutexes are integers already
60 typedef pthread_mutex_t __CPROVER_mutex_t;
61 #else
62 typedef signed char __CPROVER_mutex_t;
63 #endif
64 #endif
65 
66 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
67 void pthread_mutex_cleanup(void *p)
68 {
69  __CPROVER_HIDE:;
70  __CPROVER_assert(
71  __CPROVER_get_must(p, "mutex-destroyed"),
72  "mutex must be destroyed");
73 }
74 #endif
75 
76 int pthread_mutex_init(
77  pthread_mutex_t *mutex,
78  const pthread_mutexattr_t *mutexattr)
79 {
80  __CPROVER_HIDE:;
81  *((__CPROVER_mutex_t *)mutex)=0;
82  if(mutexattr!=0) (void)*mutexattr;
83 
84  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
85  __CPROVER_cleanup(mutex, pthread_mutex_cleanup);
86  __CPROVER_set_must(mutex, "mutex-init");
87  __CPROVER_clear_may(mutex, "mutex-destroyed");
88  if(__CPROVER_get_must(mutexattr, "mutexattr-recursive"))
89  __CPROVER_set_must(mutex, "mutex-recursive");
90  #endif
91 
92  return 0;
93 }
94 
95 /* FUNCTION: pthread_mutex_lock */
96 
97 #ifndef __CPROVER_PTHREAD_H_INCLUDED
98 #include <pthread.h>
99 #define __CPROVER_PTHREAD_H_INCLUDED
100 #endif
101 
102 #ifndef __CPROVER_mutex_t_defined
103 #define __CPROVER_mutex_t_defined
104 #if defined __CYGWIN__ || defined __MINGW32__ || defined _WIN32
105 // on Windows, the mutexes are integers already
106 typedef pthread_mutex_t __CPROVER_mutex_t;
107 #else
108 typedef signed char __CPROVER_mutex_t;
109 #endif
110 #endif
111 
112 int pthread_mutex_lock(pthread_mutex_t *mutex)
113 {
114  __CPROVER_HIDE:;
115  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
116  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-init"),
117  "mutex must be initialized");
118 
119  __CPROVER_assert(!__CPROVER_get_may(mutex, "mutex-destroyed"),
120  "mutex must not be destroyed");
121 
122  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-recursive") ||
123  !__CPROVER_get_may(mutex, "mutex-locked"),
124  "attempt to lock non-recurisive locked mutex");
125 
126  __CPROVER_set_must(mutex, "mutex-locked");
127  __CPROVER_set_may(mutex, "mutex-locked");
128 
129  __CPROVER_assert(*((__CPROVER_mutex_t *)mutex)!=-1,
130  "mutex not initialised or destroyed");
131  #else
132  __CPROVER_atomic_begin();
133  __CPROVER_assume(!*((__CPROVER_mutex_t *)mutex));
134  *((__CPROVER_mutex_t *)mutex)=1;
135  __CPROVER_atomic_end();
136 
137  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
138  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
139  #endif
140 
141  return 0; // we never fail
142 }
143 
144 /* FUNCTION: pthread_mutex_trylock */
145 
146 #ifndef __CPROVER_PTHREAD_H_INCLUDED
147 #include <pthread.h>
148 #define __CPROVER_PTHREAD_H_INCLUDED
149 #endif
150 
151 #ifndef __CPROVER_mutex_t_defined
152 #define __CPROVER_mutex_t_defined
153 #if defined __CYGWIN__ || defined __MINGW32__ || defined _WIN32
154 // on Windows, the mutexes are integers already
155 typedef pthread_mutex_t __CPROVER_mutex_t;
156 #else
157 typedef signed char __CPROVER_mutex_t;
158 #endif
159 #endif
160 
161 int pthread_mutex_trylock(pthread_mutex_t *mutex)
162 {
163  __CPROVER_HIDE:;
164  int return_value;
165  __CPROVER_atomic_begin();
166 
167  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
168  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-init"),
169  "mutex must be initialized");
170 
171  __CPROVER_assert(*((__CPROVER_mutex_t *)mutex)!=-1,
172  "mutex not initialised or destroyed");
173  #endif
174 
175  if(*((__CPROVER_mutex_t *)mutex)==1)
176  {
177  // failed
178  return_value=1;
179  }
180  else
181  {
182  // ok
183  return_value=0;
184  *((__CPROVER_mutex_t *)mutex)=1;
185  }
186 
187  __CPROVER_atomic_end();
188 
189  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
190  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
191 
192  return return_value;
193 }
194 
195 /* FUNCTION: pthread_mutex_unlock */
196 
197 #ifndef __CPROVER_PTHREAD_H_INCLUDED
198 #include <pthread.h>
199 #define __CPROVER_PTHREAD_H_INCLUDED
200 #endif
201 
202 #ifndef __CPROVER_mutex_t_defined
203 #define __CPROVER_mutex_t_defined
204 #if defined __CYGWIN__ || defined __MINGW32__ || defined _WIN32
205 // on Windows, the mutexes are integers already
206 typedef pthread_mutex_t __CPROVER_mutex_t;
207 #else
208 typedef signed char __CPROVER_mutex_t;
209 #endif
210 #endif
211 
212 int pthread_mutex_unlock(pthread_mutex_t *mutex)
213 {
214  __CPROVER_HIDE:;
215 
216  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
217  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-init"),
218  "mutex must be initialized");
219 
220  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-locked"),
221  "mutex must be locked");
222 
223  __CPROVER_assert(!__CPROVER_get_may(mutex, "mutex-destroyed"),
224  "mutex must not be destroyed");
225 
226  __CPROVER_clear_may(mutex, "mutex-locked");
227 
228  #else
229 
230  // the fence must be before the unlock
231  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
232  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
233  __CPROVER_atomic_begin();
234  __CPROVER_assert(*((__CPROVER_mutex_t *)mutex)==1,
235  "must hold lock upon unlock");
236  *((__CPROVER_mutex_t *)mutex)=0;
237  __CPROVER_atomic_end();
238  #endif
239 
240  return 0; // we never fail
241 }
242 
243 /* FUNCTION: pthread_mutex_destroy */
244 
245 #ifndef __CPROVER_PTHREAD_H_INCLUDED
246 #include <pthread.h>
247 #define __CPROVER_PTHREAD_H_INCLUDED
248 #endif
249 
250 #ifndef __CPROVER_mutex_t_defined
251 #define __CPROVER_mutex_t_defined
252 #if defined __CYGWIN__ || defined __MINGW32__ || defined _WIN32
253 // on Windows, the mutexes are integers already
254 typedef pthread_mutex_t __CPROVER_mutex_t;
255 #else
256 typedef signed char __CPROVER_mutex_t;
257 #endif
258 #endif
259 
260 int pthread_mutex_destroy(pthread_mutex_t *mutex)
261 {
262  __CPROVER_HIDE:;
263 
264  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
265  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-init"),
266  "mutex must be initialized");
267 
268  __CPROVER_assert(!__CPROVER_get_may(mutex, "mutex-locked"),
269  "mutex must not be locked");
270 
271  __CPROVER_assert(!__CPROVER_get_may(mutex, "mutex-destroyed"),
272  "mutex must not be destroyed");
273 
274  __CPROVER_set_must(mutex, "mutex-destroyed");
275  __CPROVER_set_may(mutex, "mutex-destroyed");
276  #else
277 
278  __CPROVER_assert(*((__CPROVER_mutex_t *)mutex)==0,
279  "lock held upon destroy");
280  *((__CPROVER_mutex_t *)mutex)=-1;
281 
282  #endif
283 
284  return 0;
285 }
286 
287 /* FUNCTION: pthread_exit */
288 
289 #ifndef __CPROVER_PTHREAD_H_INCLUDED
290 #include <pthread.h>
291 #define __CPROVER_PTHREAD_H_INCLUDED
292 #endif
293 
294 __CPROVER_bool __CPROVER_threads_exited[__CPROVER_constant_infinity_uint];
295 __CPROVER_thread_local unsigned long __CPROVER_thread_id = 0;
296 #if 0
297  // Destructor support is disabled as it is too expensive due to its extensive
298  // use of shared variables.
299 __CPROVER_thread_local const void
300  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
301 __CPROVER_thread_local void (
302  *__CPROVER_thread_key_dtors[__CPROVER_constant_infinity_uint])(void *);
303 __CPROVER_thread_local unsigned long __CPROVER_next_thread_key = 0;
304 #endif
305 
306 void pthread_exit(void *value_ptr)
307 {
308  __CPROVER_HIDE:;
309  if(value_ptr!=0) (void)*(char*)value_ptr;
310 #if 0
311  // Destructor support is disabled as it is too expensive due to its extensive
312  // use of shared variables.
313  for(unsigned long i = 0; i < __CPROVER_next_thread_key; ++i)
314  {
315  const void *key = __CPROVER_thread_keys[i];
316  __CPROVER_thread_keys[i] = 0;
317  if(__CPROVER_thread_key_dtors[i] && key)
318  __CPROVER_thread_key_dtors[i](key);
319  }
320 #endif
321  __CPROVER_threads_exited[__CPROVER_thread_id]=1;
322  __CPROVER_assume(0);
323 #ifdef LIBRARY_CHECK
324  __builtin_unreachable();
325 #endif
326 }
327 
328 /* FUNCTION: pthread_join */
329 
330 #ifndef __CPROVER_PTHREAD_H_INCLUDED
331 #include <pthread.h>
332 #define __CPROVER_PTHREAD_H_INCLUDED
333 #endif
334 
335 #ifndef __CPROVER_ERRNO_H_INCLUDED
336 #include <errno.h>
337 #define __CPROVER_ERRNO_H_INCLUDED
338 #endif
339 
340 __CPROVER_bool __CPROVER_threads_exited[__CPROVER_constant_infinity_uint];
341 #ifndef LIBRARY_CHECK
342 __CPROVER_thread_local unsigned long __CPROVER_thread_id = 0;
343 #endif
344 unsigned long __CPROVER_next_thread_id = 0;
345 
346 int pthread_join(pthread_t thread, void **value_ptr)
347 {
348 __CPROVER_HIDE:;
349 
350 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
351  __CPROVER_assert(
352  __CPROVER_get_must(&thread, "pthread-id"),
353  "pthread_join must be given valid thread ID");
354 #endif
355 
356  if((unsigned long)thread>__CPROVER_next_thread_id) return ESRCH;
357  if((unsigned long)thread==__CPROVER_thread_id) return EDEADLK;
358  if(value_ptr!=0) (void)**(char**)value_ptr;
359  __CPROVER_assume(__CPROVER_threads_exited[(unsigned long)thread]);
360 
361  return 0;
362 }
363 
364 /* FUNCTION: _pthread_join */
365 
366 // This is for Apple
367 
368 #ifndef __CPROVER_PTHREAD_H_INCLUDED
369 #include <pthread.h>
370 #define __CPROVER_PTHREAD_H_INCLUDED
371 #endif
372 
373 #ifndef __CPROVER_ERRNO_H_INCLUDED
374 #include <errno.h>
375 #define __CPROVER_ERRNO_H_INCLUDED
376 #endif
377 
378 #ifdef __APPLE__
379 __CPROVER_bool __CPROVER_threads_exited[__CPROVER_constant_infinity_uint];
380 # ifndef LIBRARY_CHECK
381 __CPROVER_thread_local unsigned long __CPROVER_thread_id = 0;
382 unsigned long __CPROVER_next_thread_id = 0;
383 # endif
384 
385 int _pthread_join(pthread_t thread, void **value_ptr)
386 {
387 __CPROVER_HIDE:;
388 
389 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
390  __CPROVER_assert(
391  __CPROVER_get_must(&thread, "pthread-id"),
392  "pthread_join must be given valid thread ID");
393 #endif
394 
395  if((unsigned long)thread>__CPROVER_next_thread_id) return ESRCH;
396  if((unsigned long)thread==__CPROVER_thread_id) return EDEADLK;
397  if(value_ptr!=0) (void)**(char**)value_ptr;
398  __CPROVER_assume(__CPROVER_threads_exited[(unsigned long)thread]);
399 
400  return 0;
401 }
402 #endif
403 
404 /* FUNCTION: pthread_rwlock_destroy */
405 
406 #ifndef __CPROVER_PTHREAD_H_INCLUDED
407 #include <pthread.h>
408 #define __CPROVER_PTHREAD_H_INCLUDED
409 #endif
410 
411 int pthread_rwlock_destroy(pthread_rwlock_t *lock)
412 {
413  __CPROVER_HIDE:;
414  __CPROVER_assert(*((signed char *)lock)==0,
415  "rwlock held upon destroy");
416  *((signed char *)lock)=-1;
417 
418  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
419  __CPROVER_set_must(lock, "rwlock_destroyed");
420  #endif
421 
422  return 0;
423 }
424 
425 /* FUNCTION: pthread_rwlock_init */
426 
427 #ifndef __CPROVER_PTHREAD_H_INCLUDED
428 #include <pthread.h>
429 #define __CPROVER_PTHREAD_H_INCLUDED
430 #endif
431 
432 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
433 void pthread_rwlock_cleanup(void *p)
434 {
435  __CPROVER_HIDE:;
436  __CPROVER_assert(__CPROVER_get_must(p, "rwlock_destroyed"),
437  "rwlock must be destroyed");
438 }
439 #endif
440 
441 int pthread_rwlock_init(
442  pthread_rwlock_t *lock,
443  const pthread_rwlockattr_t *attr)
444 {
445  __CPROVER_HIDE:;
446  (*(signed char *)lock)=0;
447  if(attr!=0) (void)*attr;
448 
449  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
450  __CPROVER_cleanup(lock, pthread_rwlock_cleanup);
451  #endif
452 
453  return 0;
454 }
455 
456 /* FUNCTION: pthread_rwlock_rdlock */
457 
458 #ifndef __CPROVER_PTHREAD_H_INCLUDED
459 #include <pthread.h>
460 #define __CPROVER_PTHREAD_H_INCLUDED
461 #endif
462 
463 int pthread_rwlock_rdlock(pthread_rwlock_t *lock)
464 {
465  __CPROVER_HIDE:;
466  __CPROVER_atomic_begin();
467  __CPROVER_assert(*((signed char *)lock)!=-1,
468  "lock not initialised or destroyed");
469  __CPROVER_assume(!*((signed char *)lock));
470  *((signed char *)lock)=1;
471  __CPROVER_atomic_end();
472  return 0; // we never fail
473 }
474 
475 /* FUNCTION: pthread_rwlock_tryrdlock */
476 
477 #ifndef __CPROVER_PTHREAD_H_INCLUDED
478 #include <pthread.h>
479 #define __CPROVER_PTHREAD_H_INCLUDED
480 #endif
481 
482 int pthread_rwlock_tryrdlock(pthread_rwlock_t *lock)
483 {
484  __CPROVER_HIDE:;
485  __CPROVER_atomic_begin();
486  if((*(signed char *)lock &2)!=0) { __CPROVER_atomic_end(); return 1; }
487  (*(signed char *)lock)|=1;
488  __CPROVER_atomic_end();
489  return 0;
490 }
491 
492 /* FUNCTION: pthread_rwlock_trywrlock */
493 
494 #ifndef __CPROVER_PTHREAD_H_INCLUDED
495 #include <pthread.h>
496 #define __CPROVER_PTHREAD_H_INCLUDED
497 #endif
498 
499 int pthread_rwlock_trywrlock(pthread_rwlock_t *lock)
500 {
501  __CPROVER_HIDE:;
502  __CPROVER_atomic_begin();
503  if(*(signed char *)lock) { __CPROVER_atomic_end(); return 1; }
504  (*(signed char *)lock)=2;
505  __CPROVER_atomic_end();
506  return 0;
507 }
508 
509 /* FUNCTION: pthread_rwlock_unlock */
510 
511 #ifndef __CPROVER_PTHREAD_H_INCLUDED
512 #include <pthread.h>
513 #define __CPROVER_PTHREAD_H_INCLUDED
514 #endif
515 
516 int pthread_rwlock_unlock(pthread_rwlock_t *lock)
517 {
518  __CPROVER_HIDE:;
519  __CPROVER_assert(*((signed char *)lock)==1,
520  "must hold lock upon unlock");
521  // TODO: unlocks all held locks at once
522  *((signed char *)lock)=0;
523  return 0; // we never fail
524 }
525 
526 /* FUNCTION: pthread_rwlock_wrlock */
527 
528 #ifndef __CPROVER_PTHREAD_H_INCLUDED
529 #include <pthread.h>
530 #define __CPROVER_PTHREAD_H_INCLUDED
531 #endif
532 
533 int pthread_rwlock_wrlock(pthread_rwlock_t *lock)
534 {
535  __CPROVER_HIDE:;
536  __CPROVER_atomic_begin();
537  __CPROVER_assert(*((signed char *)lock)!=-1,
538  "lock not initialised or destroyed");
539  __CPROVER_assume(!*((signed char *)lock));
540  *((signed char *)lock)=2;
541  __CPROVER_atomic_end();
542  return 0; // we never fail
543 }
544 
545 /* FUNCTION: __spawned_thread */
546 
547 __CPROVER_bool __CPROVER_threads_exited[__CPROVER_constant_infinity_uint];
548 #ifndef LIBRARY_CHECK
549 __CPROVER_thread_local unsigned long __CPROVER_thread_id = 0;
550 #endif
551 #if 0
552  // Destructor support is disabled as it is too expensive due to its extensive
553  // use of shared variables.
554 __CPROVER_thread_local const void
555  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
556 __CPROVER_thread_local void (
557  *__CPROVER_thread_key_dtors[__CPROVER_constant_infinity_uint])(void *);
558 #endif
559 __CPROVER_thread_local unsigned long __CPROVER_next_thread_key = 0;
560 
561 void __spawned_thread(
562  unsigned long this_thread_id,
563 #if 0
564  // Destructor support is disabled as it is too expensive due to its extensive
565  // use of shared variables.
566  void (**thread_key_dtors)(void *),
567 #endif
568  unsigned long next_thread_key,
569  void *(*start_routine)(void *),
570  void *arg)
571 {
572 __CPROVER_HIDE:;
573  __CPROVER_thread_id = this_thread_id;
574  __CPROVER_next_thread_key = next_thread_key;
575 #if 0
576  // Destructor support is disabled as it is too expensive due to its extensive
577  // use of shared variables.
578  for(unsigned long i = 0; i < __CPROVER_next_thread_key; ++i)
579  __CPROVER_thread_key_dtors[i] = thread_key_dtors[i];
580 #endif
581 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
582  // Clear all locked mutexes; locking must happen in same thread.
583  __CPROVER_clear_must(0, "mutex-locked");
584  __CPROVER_clear_may(0, "mutex-locked");
585 #endif
586  start_routine(arg);
587  __CPROVER_fence(
588  "WWfence",
589  "RRfence",
590  "RWfence",
591  "WRfence",
592  "WWcumul",
593  "RRcumul",
594  "RWcumul",
595  "WRcumul");
596 #if 0
597  // Destructor support is disabled as it is too expensive due to its extensive
598  // use of shared variables.
599  for(unsigned long i = 0; i < __CPROVER_next_thread_key; ++i)
600  {
601  const void *key = __CPROVER_thread_keys[i];
602  __CPROVER_thread_keys[i] = 0;
603  if(__CPROVER_thread_key_dtors[i] && key)
604  __CPROVER_thread_key_dtors[i](key);
605  }
606 #endif
607  __CPROVER_threads_exited[this_thread_id] = 1;
608 }
609 
610 /* FUNCTION: pthread_create */
611 
612 #ifndef __CPROVER_PTHREAD_H_INCLUDED
613 # include <pthread.h>
614 # define __CPROVER_PTHREAD_H_INCLUDED
615 #endif
616 
617 #ifndef LIBRARY_CHECK
618 unsigned long __CPROVER_next_thread_id = 0;
619 # if 0
620 __CPROVER_thread_local void (
621  *__CPROVER_thread_key_dtors[__CPROVER_constant_infinity_uint])(void *);
622 # endif
623 __CPROVER_thread_local unsigned long __CPROVER_next_thread_key = 0;
624 #endif
625 
626 void __spawned_thread(
627  unsigned long this_thread_id,
628 #if 0
629  // Destructor support is disabled as it is too expensive due to its extensive
630  // use of shared variables.
631  void (**thread_key_dtors)(void *),
632 #endif
633  unsigned long next_thread_key,
634  void *(*start_routine)(void *),
635  void *arg);
636 
637 int pthread_create(
638  pthread_t *thread, // must not be null
639  const pthread_attr_t *attr, // may be null
640  void *(*start_routine)(void *), // must not be null
641  void *arg) // may be null
642 {
643  __CPROVER_HIDE:;
644  unsigned long this_thread_id;
645  __CPROVER_atomic_begin();
646  this_thread_id=++__CPROVER_next_thread_id;
647  __CPROVER_atomic_end();
648 
649  // pthread_t is a pointer type on some systems
650  *thread=(pthread_t)this_thread_id;
651 
652  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
653  __CPROVER_set_must(thread, "pthread-id");
654  #endif
655 
656  if(attr) (void)*attr;
657 
658  unsigned long next_thread_key = __CPROVER_next_thread_key;
659 #if 0
660  // Destructor support is disabled as it is too expensive due to its extensive
661  // use of shared variables.
662  void (**thread_key_dtors)(void *) = __CPROVER_thread_key_dtors;
663 #endif
664 
665  __CPROVER_ASYNC_1:
666  __spawned_thread(
667  this_thread_id,
668 #if 0
669  // Destructor support is disabled as it is too expensive due to its
670  // extensive use of shared variables.
671  thread_key_dtors,
672 #endif
673  next_thread_key,
674  start_routine,
675  arg);
676 
677  return 0;
678 }
679 
680 /* FUNCTION: pthread_cond_init */
681 
682 #ifndef __CPROVER_PTHREAD_H_INCLUDED
683 #include <pthread.h>
684 #define __CPROVER_PTHREAD_H_INCLUDED
685 #endif
686 
687 int pthread_cond_init(pthread_cond_t *cond, const pthread_condattr_t *attr)
688 { __CPROVER_HIDE:
689  *((unsigned *)cond)=0;
690  if(attr) (void)*attr;
691  return 0;
692 }
693 
694 /* FUNCTION: pthread_cond_signal */
695 
696 #ifndef __CPROVER_PTHREAD_H_INCLUDED
697 #include <pthread.h>
698 #define __CPROVER_PTHREAD_H_INCLUDED
699 #endif
700 
701 int pthread_cond_signal(pthread_cond_t *cond)
702 { __CPROVER_HIDE:
703  __CPROVER_atomic_begin();
704  (*((unsigned *)cond))++;
705  __CPROVER_atomic_end();
706  return 0;
707 }
708 
709 /* FUNCTION: pthread_cond_broadcast */
710 
711 #ifndef __CPROVER_PTHREAD_H_INCLUDED
712 #include <pthread.h>
713 #define __CPROVER_PTHREAD_H_INCLUDED
714 #endif
715 
716 int pthread_cond_broadcast(pthread_cond_t *cond)
717 { __CPROVER_HIDE:
718  __CPROVER_atomic_begin();
719  *((unsigned *)cond)=(unsigned)-1;
720  __CPROVER_atomic_end();
721  return 0;
722 }
723 
724 /* FUNCTION: pthread_cond_wait */
725 
726 #ifndef __CPROVER_PTHREAD_H_INCLUDED
727 #include <pthread.h>
728 #define __CPROVER_PTHREAD_H_INCLUDED
729 #endif
730 
731 int pthread_cond_wait(pthread_cond_t *cond, pthread_mutex_t *mutex)
732 { __CPROVER_HIDE:
733 
734  (void)*mutex;
735 
736  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
737  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-init"),
738  "mutex must be initialized");
739 
740  __CPROVER_assert(__CPROVER_get_must(mutex, "mutex-locked"),
741  "mutex must be locked");
742 
743  __CPROVER_assert(!__CPROVER_get_may(mutex, "mutex-destroyed"),
744  "mutex must not be destroyed");
745 
746  __CPROVER_clear_may(mutex, "mutex-locked");
747  #endif
748 
749  __CPROVER_atomic_begin();
750  if(*((unsigned *)cond))
751  (*((unsigned *)cond))--;
752  __CPROVER_atomic_end();
753 
754  return 0; // we never fail
755 }
756 
757 /* FUNCTION: pthread_spin_lock */
758 
759 #ifndef __CPROVER_PTHREAD_H_INCLUDED
760 #include <pthread.h>
761 #define __CPROVER_PTHREAD_H_INCLUDED
762 #endif
763 
764 // no pthread_spinlock_t on the Mac
765 #ifndef __APPLE__
766 int pthread_spin_lock(pthread_spinlock_t *lock)
767 {
768  __CPROVER_HIDE:;
769  __CPROVER_atomic_begin();
770  __CPROVER_assume(!*((unsigned *)lock));
771  (*((unsigned *)lock))=1;
772  __CPROVER_atomic_end();
773 
774  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
775  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
776  return 0;
777 }
778 #endif
779 
780 /* FUNCTION: pthread_spin_unlock */
781 
782 #ifndef __CPROVER_PTHREAD_H_INCLUDED
783 #include <pthread.h>
784 #define __CPROVER_PTHREAD_H_INCLUDED
785 #endif
786 
787 // no pthread_spinlock_t on the Mac
788 #ifndef __APPLE__
789 int pthread_spin_unlock(pthread_spinlock_t *lock)
790 {
791  __CPROVER_HIDE:;
792  // This is atomic_full_barrier() in glibc.
793  // The fence must be before the unlock.
794  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
795  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
796  *((unsigned *)lock) = 0;
797  return 0;
798 }
799 #endif
800 
801 /* FUNCTION: pthread_spin_trylock */
802 
803 #ifndef __CPROVER_PTHREAD_H_INCLUDED
804 #include <pthread.h>
805 #define __CPROVER_PTHREAD_H_INCLUDED
806 #endif
807 
808 #ifndef __CPROVER_ERRNO_H_INCLUDED
809 #include <errno.h>
810 #define __CPROVER_ERRNO_H_INCLUDED
811 #endif
812 
813 // no pthread_spinlock_t on the Mac
814 #ifndef __APPLE__
815 int pthread_spin_trylock(pthread_spinlock_t *lock)
816 {
817  __CPROVER_HIDE:;
818  int result;
819  __CPROVER_atomic_begin();
820  if(*((unsigned *)lock))
821  result=EBUSY;
822  else
823  {
824  result=0;
825  (*((unsigned *)lock))=1;
826  }
827  __CPROVER_atomic_end();
828 
829  __CPROVER_fence("WWfence", "RRfence", "RWfence", "WRfence",
830  "WWcumul", "RRcumul", "RWcumul", "WRcumul");
831  return result;
832 }
833 #endif
834 
835 /* FUNCTION: pthread_barrier_init */
836 
837 #ifndef __CPROVER_PTHREAD_H_INCLUDED
838 #include <pthread.h>
839 #define __CPROVER_PTHREAD_H_INCLUDED
840 #endif
841 
842 int __VERIFIER_nondet_int(void);
843 
844 // no pthread_barrier_t on the Mac
845 // slightly different declaration on OpenBSD
846 #if !defined(__APPLE__) && !defined(__OpenBSD__)
847 int pthread_barrier_init(
848  pthread_barrier_t *restrict barrier,
849  const pthread_barrierattr_t *restrict attr,
850  unsigned count)
851 {
852  __CPROVER_HIDE:;
853  (void)barrier;
854  (void)attr;
855  (void)count;
856 
857  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
858  __CPROVER_set_must(barrier, "barrier-init");
859  __CPROVER_clear_may(barrier, "barrier-destroyed");
860  #endif
861 
862  int result=__VERIFIER_nondet_int();
863  return result;
864 }
865 #endif
866 
867 // pthread_barrier_init has a slightly different decl on OpenBSD
868 #if defined(__OpenBSD__)
869 int pthread_barrier_init(
870  pthread_barrier_t *restrict barrier,
871  pthread_barrierattr_t *restrict attr,
872  unsigned count)
873 {
874 __CPROVER_HIDE:;
875  (void)barrier;
876  (void)attr;
877  (void)count;
878 
879 #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
880  __CPROVER_set_must(barrier, "barrier-init");
881  __CPROVER_clear_may(barrier, "barrier-destroyed");
882 #endif
883 
884  int result = __VERIFIER_nondet_int();
885  return result;
886 }
887 #endif
888 
889 /* FUNCTION: pthread_barrier_destroy */
890 
891 #ifndef __CPROVER_PTHREAD_H_INCLUDED
892 #include <pthread.h>
893 #define __CPROVER_PTHREAD_H_INCLUDED
894 #endif
895 
896 int __VERIFIER_nondet_int(void);
897 
898 // no pthread_barrier_t on the Mac
899 #ifndef __APPLE__
900 int pthread_barrier_destroy(pthread_barrier_t *barrier)
901 {
902  __CPROVER_HIDE:;
903 
904  (void)barrier;
905 
906  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
907  __CPROVER_assert(__CPROVER_get_must(barrier, "barrier-init"),
908  "pthread barrier must be initialized");
909  __CPROVER_assert(!__CPROVER_get_may(barrier, "barrier-destroyed"),
910  "pthread barrier must not be destroyed");
911  __CPROVER_set_may(barrier, "barrier-destroyed");
912  #endif
913 
914  int result=__VERIFIER_nondet_int();
915  return result;
916 }
917 #endif
918 
919 /* FUNCTION: pthread_barrier_wait */
920 
921 #ifndef __CPROVER_PTHREAD_H_INCLUDED
922 #include <pthread.h>
923 #define __CPROVER_PTHREAD_H_INCLUDED
924 #endif
925 
926 int __VERIFIER_nondet_int(void);
927 
928 // no pthread_barrier_t on the Mac
929 #ifndef __APPLE__
930 int pthread_barrier_wait(pthread_barrier_t *barrier)
931 {
932  __CPROVER_HIDE:;
933 
934  (void)barrier;
935 
936  #ifdef __CPROVER_CUSTOM_BITVECTOR_ANALYSIS
937  __CPROVER_assert(__CPROVER_get_must(barrier, "barrier-init"),
938  "pthread barrier must be initialized");
939  __CPROVER_assert(!__CPROVER_get_may(barrier, "barrier-destroyed"),
940  "pthread barrier must not be destroyed");
941  #endif
942 
943  int result=__VERIFIER_nondet_int();
944  return result;
945 }
946 #endif
947 
948 /* FUNCTION: pthread_key_create */
949 
950 #ifndef __CPROVER_PTHREAD_H_INCLUDED
951 #include <pthread.h>
952 #define __CPROVER_PTHREAD_H_INCLUDED
953 #endif
954 
955 __CPROVER_thread_local const void
956  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
957 #ifndef LIBRARY_CHECK
958 # if 0
959 __CPROVER_thread_local void (
960  *__CPROVER_thread_key_dtors[__CPROVER_constant_infinity_uint])(void *);
961 # endif
962 __CPROVER_thread_local unsigned long __CPROVER_next_thread_key = 0;
963 #endif
964 
965 int pthread_key_create(pthread_key_t *key, void (*destructor)(void *))
966 {
967 __CPROVER_HIDE:;
968  __CPROVER_thread_keys[__CPROVER_next_thread_key] = 0;
969 #if 0
970  // Destructor support is disabled as it is too expensive due to its extensive
971  // use of shared variables.
972  __CPROVER_thread_key_dtors[__CPROVER_next_thread_key] = destructor;
973 #else
974  __CPROVER_precondition(destructor == 0, "destructors are not yet supported");
975 #endif
976  *key = __CPROVER_next_thread_key++;
977  return 0;
978 }
979 
980 /* FUNCTION: pthread_key_delete */
981 
982 #ifndef __CPROVER_PTHREAD_H_INCLUDED
983 #include <pthread.h>
984 #define __CPROVER_PTHREAD_H_INCLUDED
985 #endif
986 
987 __CPROVER_thread_local const void
988  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
989 
990 int pthread_key_delete(pthread_key_t key)
991 {
992 __CPROVER_HIDE:;
993  __CPROVER_thread_keys[key] = 0;
994  return 0;
995 }
996 
997 /* FUNCTION: pthread_getspecific */
998 
999 #ifndef __CPROVER_PTHREAD_H_INCLUDED
1000 #include <pthread.h>
1001 #define __CPROVER_PTHREAD_H_INCLUDED
1002 #endif
1003 
1004 __CPROVER_thread_local const void
1005  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
1006 
1007 void *pthread_getspecific(pthread_key_t key)
1008 {
1009 __CPROVER_HIDE:;
1010  return (void *)__CPROVER_thread_keys[key];
1011 }
1012 
1013 /* FUNCTION: pthread_setspecific */
1014 
1015 #ifndef __CPROVER_PTHREAD_H_INCLUDED
1016 #include <pthread.h>
1017 #define __CPROVER_PTHREAD_H_INCLUDED
1018 #endif
1019 
1020 __CPROVER_thread_local const void
1021  *__CPROVER_thread_keys[__CPROVER_constant_infinity_uint];
1022 
1023 int pthread_setspecific(pthread_key_t key, const void *value)
1024 {
1025 __CPROVER_HIDE:;
1026  __CPROVER_thread_keys[key] = value;
1027  return 0;
1028 }
__CPROVER_constant_infinity_uint
#define __CPROVER_constant_infinity_uint
Definition: cprover.h:21
__CPROVER_clear_must
void __CPROVER_clear_must(const void *, const char *)
__CPROVER_assert
void __CPROVER_assert(__CPROVER_bool assertion, const char *description)
__CPROVER_fence
void __CPROVER_fence(const char *kind,...)
__CPROVER_get_must
__CPROVER_bool __CPROVER_get_must(const void *, const char *)
__CPROVER_set_may
void __CPROVER_set_may(const void *, const char *)
__CPROVER_precondition
void __CPROVER_precondition(__CPROVER_bool precondition, const char *description)
__CPROVER_clear_may
void __CPROVER_clear_may(const void *, const char *)
__CPROVER_get_may
__CPROVER_bool __CPROVER_get_may(const void *, const char *)
__CPROVER_atomic_begin
void __CPROVER_atomic_begin(void)
__CPROVER_set_must
void __CPROVER_set_must(const void *, const char *)
__CPROVER_atomic_end
void __CPROVER_atomic_end(void)
__CPROVER_cleanup
void __CPROVER_cleanup(const void *, const void *)
__CPROVER_assume
void __CPROVER_assume(__CPROVER_bool assumption)
__builtin_unreachable
void __builtin_unreachable(void)
restrict
mini_bddt restrict(const mini_bddt &u, unsigned var, const bool value)
Definition: miniBDD.cpp:551
__VERIFIER_nondet_int
int __VERIFIER_nondet_int(void)
pthread_exit
void pthread_exit(void *value_ptr)
Definition: pthread_lib.c:306
pthread_rwlock_destroy
int pthread_rwlock_destroy(pthread_rwlock_t *lock)
Definition: pthread_lib.c:411
pthread_mutex_lock
int pthread_mutex_lock(pthread_mutex_t *mutex)
Definition: pthread_lib.c:112
pthread_cond_signal
int pthread_cond_signal(pthread_cond_t *cond)
Definition: pthread_lib.c:701
pthread_setspecific
int pthread_setspecific(pthread_key_t key, const void *value)
Definition: pthread_lib.c:1023
pthread_rwlock_tryrdlock
int pthread_rwlock_tryrdlock(pthread_rwlock_t *lock)
Definition: pthread_lib.c:482
pthread_mutex_trylock
int pthread_mutex_trylock(pthread_mutex_t *mutex)
Definition: pthread_lib.c:161
pthread_rwlock_unlock
int pthread_rwlock_unlock(pthread_rwlock_t *lock)
Definition: pthread_lib.c:516
__spawned_thread
void __spawned_thread(unsigned long this_thread_id, unsigned long next_thread_key, void *(*start_routine)(void *), void *arg)
Definition: pthread_lib.c:561
__CPROVER_next_thread_key
__CPROVER_thread_local unsigned long __CPROVER_next_thread_key
Definition: pthread_lib.c:559
pthread_rwlock_wrlock
int pthread_rwlock_wrlock(pthread_rwlock_t *lock)
Definition: pthread_lib.c:533
pthread_getspecific
void * pthread_getspecific(pthread_key_t key)
Definition: pthread_lib.c:1007
__CPROVER_thread_id
__CPROVER_thread_local unsigned long __CPROVER_thread_id
Definition: pthread_lib.c:295
pthread_spin_unlock
int pthread_spin_unlock(pthread_spinlock_t *lock)
Definition: pthread_lib.c:789
pthread_mutex_destroy
int pthread_mutex_destroy(pthread_mutex_t *mutex)
Definition: pthread_lib.c:260
pthread_rwlock_rdlock
int pthread_rwlock_rdlock(pthread_rwlock_t *lock)
Definition: pthread_lib.c:463
pthread_mutex_init
int pthread_mutex_init(pthread_mutex_t *mutex, const pthread_mutexattr_t *mutexattr)
Definition: pthread_lib.c:76
__CPROVER_mutex_t
signed char __CPROVER_mutex_t
Definition: pthread_lib.c:62
pthread_spin_lock
int pthread_spin_lock(pthread_spinlock_t *lock)
Definition: pthread_lib.c:766
pthread_rwlock_init
int pthread_rwlock_init(pthread_rwlock_t *lock, const pthread_rwlockattr_t *attr)
Definition: pthread_lib.c:441
__CPROVER_next_thread_id
unsigned long __CPROVER_next_thread_id
Definition: pthread_lib.c:344
pthread_barrier_init
int pthread_barrier_init(pthread_barrier_t *restrict barrier, const pthread_barrierattr_t *restrict attr, unsigned count)
Definition: pthread_lib.c:847
pthread_mutexattr_settype
int pthread_mutexattr_settype(pthread_mutexattr_t *attr, int type)
Definition: pthread_lib.c:10
pthread_barrier_wait
int pthread_barrier_wait(pthread_barrier_t *barrier)
Definition: pthread_lib.c:930
pthread_cond_wait
int pthread_cond_wait(pthread_cond_t *cond, pthread_mutex_t *mutex)
Definition: pthread_lib.c:731
pthread_mutex_unlock
int pthread_mutex_unlock(pthread_mutex_t *mutex)
Definition: pthread_lib.c:212
pthread_cancel
int pthread_cancel(pthread_t thread)
Definition: pthread_lib.c:35
pthread_join
int pthread_join(pthread_t thread, void **value_ptr)
Definition: pthread_lib.c:346
pthread_spin_trylock
int pthread_spin_trylock(pthread_spinlock_t *lock)
Definition: pthread_lib.c:815
pthread_cond_init
int pthread_cond_init(pthread_cond_t *cond, const pthread_condattr_t *attr)
Definition: pthread_lib.c:687
__CPROVER_threads_exited
__CPROVER_bool __CPROVER_threads_exited[__CPROVER_constant_infinity_uint]
Definition: pthread_lib.c:294
pthread_create
int pthread_create(pthread_t *thread, const pthread_attr_t *attr, void *(*start_routine)(void *), void *arg)
Definition: pthread_lib.c:637
pthread_barrier_destroy
int pthread_barrier_destroy(pthread_barrier_t *barrier)
Definition: pthread_lib.c:900
pthread_key_delete
int pthread_key_delete(pthread_key_t key)
Definition: pthread_lib.c:990
__CPROVER_thread_keys
__CPROVER_thread_local const void * __CPROVER_thread_keys[__CPROVER_constant_infinity_uint]
Definition: pthread_lib.c:956
pthread_key_create
int pthread_key_create(pthread_key_t *key, void(*destructor)(void *))
Definition: pthread_lib.c:965
pthread_rwlock_trywrlock
int pthread_rwlock_trywrlock(pthread_rwlock_t *lock)
Definition: pthread_lib.c:499
pthread_cond_broadcast
int pthread_cond_broadcast(pthread_cond_t *cond)
Definition: pthread_lib.c:716