Crate traceforge 

Re-exports

pub use coverage::CoverageInfo;

pub use coverage::ExecutionId;

pub use crate::msg::Val;

Modules

channel

coverage

future

Shuttle’s implementation of an async executor, roughly equivalent to futures::executor.

loc

monitor_types

msg

Must’s requirements for types passed as messages

sync

thread

TraceForge’s implementation of std::thread.

Macros

assume

Blocks (stops) the exploration if cond is false.

cover

Structs

Config

TraceForge configuration options.

ConfigBuilder

Builds a Config struct.

Stats

TraceForge exploration statistics.

Enums

ConsType

Available consistency models

SchedulePolicy

Available scheduling policies for TraceForge.

Traits

Nondet

TypeNondet

Functions

assert

TraceForge’s wrapper for an assertion. It behaves similarly to the system’s assert! but allows the underlying model checker to continue exploration even if an assertion violation has been found.

assumeDeprecated

Blocks the exploration if cond is false.

async_recv_msg

Message API

coin_tossDeprecated

estimate_execs

Estimates the number of executions the program needs in order to be verified

estimate_execs_with_config

There is no way to write a counterexample file without using this function. There is a good question though about what name we should offer this to customers under.

estimate_execs_with_samples

Same as estimate_execs but with a user-defined number of samples The return value can be Inf to denote the estimate is too large for a f64 representation

named_nondet

Models a named nondeterministic boolean choice.

nondet

Models a nondeterministic choice in the model #[deprecated(since=“0.2”, note=“please use <bool>::nondet() instead”)]

parallel_test

verify tries to systematically explore the state space until completion. For preliminary analysis, parallel_test provides an incomplete exploration strategy. parallel_test spins up a configurable number of threads, and runs TraceForge on each thread using different random scheduling orders on each thread but otherwise running the ODPOR algorithm. parallel_test is not meant to be comprehensive and usually runs with an upper bound on the number of executions explored in each thread or an upper bound on the time (both can be configured—see with_samples and with_time_bound)

publish

Makes a value available for inspection at the end of an execution

recv_msg

Returns a message from the thread queue or times out

recv_msg_block

Returns a message from the queue.

recv_tagged_msg

Returns a tagged message from the thread queue or times out

recv_tagged_msg_block

Returns a message from the queue that matches tag

replay

Model Checker API

select_msg

Select API, unstable

select_msg_block

select_tagged_msg

select_tagged_msg_block

send_lossy_msg

Sends to t the message v, which can be lost

send_msg

Sends to t the message v

send_tagged_lossy_msg

Sends to t the message v, which can be lost, tagged with ’tag

send_tagged_msg

Sends to t the message v tagged with ’tag

spawn_monitor

spawn_symmetric

Spawns a new thread symmetric to tid

test

verify tries to systematically explore the state space until completion. For preliminary analysis, test provides an incomplete exploration strategy. test is not meant to be comprehensive and usually runs with an upper bound on the number of executions explored

verify

Model Checker API