a mystery esterel –small no type inference, subtyping, … no recursion, functions, … no...

A Mystery

• Esterel– small

• no type inference, subtyping, …• no recursion, functions, …• no pointers, malloc, GC, …• no complex data structures, libraries, …• …

– formal semantics [Berry&Cosserat84,Gonthier88]

) compiling Esterel is easy well… no!

Motivation

• Esterel– small kernel language + formal semantics– for embedded/real-time/safety-critical designs– compiled into C code, automata, digital circuits, VHDL…

• Mathematically certified compiler?– YES [Schneider04]

• for correct programs• for circuit synthesis• for non-optimized circuits

• let’s check correctness • let’s think generic• let’s aim at performance

)but:

Why Loops?

• Synchronous loops impact– correctness: instantaneous loops– performance: schizophrenia

• Specify code generation for loops

– check correctness– achieve performance – generic (independent from target language)– amenable to certification

A Key to Many Improvements

• Compiler

• Semantics– better understanding of determinism + errors

• Language– new construct: higher expressivity + lower complexity

• Proofs– easier proofs + collection of proof techniques

Outline

• Esterel– Synchronous Reactive Language– Syntax and Formal Semantics

• Causality and Instantaneous Loops

• Schizophrenia

• Conclusion

Reactive Approach

• 0-delay abstraction ) reactions

• Clock-triggered ) instants

time

input input inputoutput output outputinput Event-driven

tick tick tick tick

time

inputs inputs inputs inputsoutputs outputs outputs outputs

Reactive

Synchronous Concurrency

• Parallel composition

• Master clock

• Instantaneous– broadcast of signals– reaction to presence and absence of signals

) deterministic concurrency

Asynchronous

Synchronous

Example

• pause • local signal declaration• signal emission• test• loop• parallel composition• sequence

Syntax

(in the document)

wait for the next tick

Non-Reactive Programs

• signals

• loops

INCORRECT

INCORRECT

Operational Semantics

Inputs and Outputs

Sequence and Concurrency

Deduction Trees

Loops and Local Signals

Example: Present Signal

Outline

• Esterel

• Causality and Instantaneous Loops– Deterministic Semantics– Instantaneous Loop Detection

• Schizophrenia

• Conclusion

Instantaneous Loops - Causality

Instantaneous Loops - Causality

Causality

Instantaneous Loop [Gonthier88]

Non-Determinism

•

INCORRECT

22

A Deterministic Semantics

Deterministic

Semantics

Logical

Semantics

1

0

1

1

0

0

1

Constructive

Semantics

0

1

0

0

[Berry96]

Determinism + Explicit Errors

Determinism + Explicit Errors

Determinism + Explicit Errors

+ error propagation

A better semantics– correct programs: unchanged– incorrect programs: more easily handled– distinguishes causality errors and instantaneous loops

Instantaneous Loop Detection

Outline

• Esterel

• Causality and Instantaneous Loops

• Schizophrenia– Example and Definition– Diagnosis and Cure

• Conclusion

Schizophrenia

Are these programs equivalent? NO

How shall we define, diagnose, and cure schizophrenia?YES

[Berry92]

Defining Schizophrenia

1 2

*

*

*

Diagnosing Schizophrenia

Curing Schizophrenia

)

Recursively replicate loop bodies [Mignard94]

Curing Schizophrenia

)

Curing Schizophrenia

)

Unfolding using non-instantaneous gotopause

And then…

• Extend Esterel with “gotopause”

• Specify the cure– proving it preserves the semantics– proving it cures schizophrenia

• Combine diagnosis and cure– to achieve performance

• Extend the algorithm to full Esterel

Implementation

initial size

(statements)

quadratic

rewriting

quasi-linear

rewriting

abro 14 18 14

P18 28 86 58

tcint 403 725 418

wristwatch 432 833 439

atds100 890 1372 990

cabine 7644 67680 8020

globalopt 10286 566585 16867

Conclusion

• Loops– Instantaneous Loop Detection– Schizophrenia

• generic + efficient

• Better Language– Deterministic Semantics– gotopause

• makes compiling Esterel much easier (because of schizophrenia)• makes compiling to Esterel much easier (ex: SyncCharts [And95])• makes optimizations much easier (source-to-source transformation)

(SAS’03)

(MEMOCODE’04)

(SOS’04)

(SLAP’04)

PROOFS IMPLEMENTATION

Future Work

• Mechanize proofs• Consider constructive causality• Apply gotopause to more optimizations…• Make gotopause available

• Dynamic well-formedness?• Semantics of signals?