Clocks in Kahn Process Networks

Transcription

1 Clocks in Kahn Process Networks Marc Pouzet UPMC/ENS/INRIA Paris MPRI October 28

2 Kahn Process Networks A system is defined by a set of operators that run in parallel and communicate with FIFO queues. It can be represented by a set of equations : z,t = Q(y) y = P(x,r) t = R(t) z = F(x) What is the meaning (semantics) of these two sets of equations : Meaning of z, t, y, P, Q, R? Knowing them, what is the meaning of F? Modularity : the two (left and right) sets of equations should define the same relation between x and z, i.e., naming a set of equations should not change the semantics of the system.

3 Kahn Networks [Kahn 74, Kahn 75] In the 7 s Kahn showed that the semantics of deterministic parallel processes communicating through (possibly) unbounded buffers is a stream function. x y z P Q r R t A set of sequential deterministic processes (i.e., sequential programs) written in an imperative language : P, Q, M,... They communicate asynchronously via message passing into FIFOs (buffers) using two primitives get/put with the following assumptions : Read is blocking on the empty FIFO; sending is non blocking. Channels are supposed reliable (communication delays are bounded). Read (waiting) on a single channel only, i.e., the program : if (a is not empty) or (b is not empty) then... is FORBIDDEN

4 Concretely : A buffer channel is defined by two primitives, get, to wait (pop) a value from a buffer and put, to send (push) a value. Parallel composition can either be implemented with regular processes ( fork ) or lightweight processes ( threads ). Historically, Gilles Kahn was interested in the semantics of Unix pipes and Unix processes communicating through FIFOs. E.g., take OCaml : type a buff = { put: unit -> a; get: a -> unit } val buffer : unit -> a buff buffer () creates a buffer associated to a read and write functions. Either unbounded size (using lists) or statically bounded size. Add a possible status bit : IsEmptyBuffer and IsFullBuffer.

5 Implementation Here is a possible implementation of the previous set of processes (kahn.ml). (* Process P *) let p x r y () = y.put ; (* init *) let memo = ref in while true do let v = x.get () in let w = r.get () in memo := if v then else!memo + w; y.put!memo done (* Process Q *) let q y t z () = while true do done let v = y.get () in t.put v; z.put v

6 (* Process M *) let m t r () = while true do let v = t.get () in r.put (v + ) done (* Put them in parallel. *) let main x z () = let r = buffer () in let y = buffer () in let t = buffer () in Thread.create (p x r y) (); Thread.create (p y t z) (); Thread.create (m t r) ()

7 Question : Provide an implementation of the function buffer in OCaml (using modules Thread, Mutex, or Unix and Sys). Questions : What is the semantics of p, q, m and main? What does it change when removing line (* init *)? Would you be able to prove that the program main is non blocking, i.e, if x.get () never blocks then z.put () never blocks? Is there a statically computable bound for the size of buffers without leading to blocking? Would it be possible to statically schedule this set of processes, that is, to generate an equivalent sequential program? These are all undecidable questions in the general case (see [Thomas Park s PhD. thesis, 995], among others). Kahn Process Networks and variants have been (and are still) very popular, both practically, and theoretically as it conciliates parallelism and determinacy.

8 Kahn Process Networks Kahn Principle : The semantics of process networks communicating through unbounded FIFOs (e.g., Unix pipe, sockets)? x y z P Q r R t message communication into FIFOs (send/wait) reliable channels, bounded communication delay blocking wait on a channel. The following program is forbidden if (A is present) or (B is present) then... a process = a continuous function (V ) n (V ) m. Lustre : Lustre has a Kahn semantics (no test of absence) A dedicated type system (clock calculus) to guaranty the existence of an execution with no buffer (no synchronization) Course notes - Marc Pouzet 8/64

9 Pros and Cons of KPN (+) : Simple semantics : a process defines a function (determinism); composition is function composition (+) : Modularity : a network is a continuous function (+) : Asynchronous distributed execution : easy; no centralized scheduler (+/-) : Time invariance : no explicit timing; but impossible to state that two events happen at the same time. x = x x x 2 x 3 x 4 x 5... f(x) = y y y 2 y 3 y 4 y 5... f(x) = y y y 2 y 3 y 4 y 5... This appeared to be a useful model for video apps (TV boxes) : Sally (Philips NatLabs), StreamIt (MIT), Xstream (ST-micro) with various synchronous restriction à la SDF (Edward Lee) Course notes - Marc Pouzet 9/64

10 A small dataflow kernel Expression (e), constants (i), functions applied pointwise (op(e,...,e n )), data-flow primitives. e ::= e fby e op(e,...,e) x v op ::= + not... Definition of stream functions, equations : merge e e e ewhene d ::= node f(p) = p with D p ::= x,...,x x D ::= x = e DandD var x in D Course notes - Marc Pouzet /64

11 Dataflow Primitives x x x x 2 x 3 x 4 x 5 y y y y 2 y 3 y 4 y 5 x+y x +y x +y x 2 +y 2 x 3 +y 3 x 4 +y 4 x 5 +y 5 x fby y x y y y 2 y 3 y 4 h x = xwhenh x x 2 x 4 z z z z 2 merge h x z x z x 2 z x 4 z 2 Sampling : if h is a boolean sequence, xwhenh produces a sub-sequence of x merge h x z combines two sub-sequences Course notes - Marc Pouzet /64

12 Kahn Semantics If V is a set, V n is the set of sequences of length n made by concatenating elements from V. V = n=v n is the Kleene star operation. V = V V ω is the set of finite and infinite sequences. ǫ is the empty sequence. v.s is a sequence whose first element is v and tail is s. The set (V,,ǫ), with the prefix order between sequences, ǫ the minimum element, is a complete partial order (cpo). a The Kleene theorem applies : if f : V V is a continuous function, the equation x = f(x) has a least fix-point x = lim n (f n (ǫ)). Every operator is interpreted as a stream. If x s and y s 2 then the value of x+y is lift 2 (+)(s,s 2 ) Course notes - Marc Pouzet 2/64 a. The minimal element is usually written.

13 Kahn Semantics lift (v) lift (op)(v.s) lift (op)(ǫ) = v.lift (v) = op(v).lift (op)(s) = ǫ lift 2 (op)(v.s,v 2.s 2 ) = op(v,v 2 ).lift 2 (op)(s,s 2 ) lift 2 (op)(s,s 2 ) fby(s )(s 2 ) = ǫ if s = ǫ or s 2 = ǫ = ǫ if s = ǫ fby(v.s )(s 2 ) = v.s 2 Course notes - Marc Pouzet 3/64

14 Kahn Semantics when(v.s,.c) = v.when(s, c) when(v.s,.c) = when(s, c) when(s,s 2 ) = ǫ if s = ǫ or s 2 = ǫ merge(.c,v.s,s 2 ) = v.merge(c,s,s 2 ) merge(.c,s,v.s 2 ) = v.merge(c,s,s 2 ) merge(.c,ǫ,s 2 ) merge(.c,s,ǫ) merge(ǫ,s,s 2 ) = ǫ = ǫ = ǫ All those functions are continuous [2]. Course notes - Marc Pouzet 4/64

15 An other formulation Represent a sequence as a function from an initial segment of N to V. Initial segment : I N is an initial segment when : n,m N.(n I) (m n) (m I) E.g.,, {,,2} are initial segment; {,42} is not. Lemma : For any subset A of N, there exists a strictly increasing, one-to-one function φ A between an initial segment I A of N and A. A signal u is a sequence (u n ) n N, finite or not, indexed on an initial segment N. Course notes - Marc Pouzet 5/64

16 lift (v) = (u) n N with n N.u n = v lift (op)((u n ) n N ) = (v n ) n N with n N.v n = op(v n ) lift 2 (op)((u n ) n N,(v n ) n N ) = (w n ) n N with n N.w n = op(u n,v n ) fby((u n ) n N )((v n ) n N ) = (w n ) n N with w = u and n N\{}.w n = v n If (h n ) n N is a boolean sequence, define : N h = {k N h k = } and N h = {k N h k = } N h with N h form a partition of N. Course notes - Marc Pouzet 6/64

17 when((u n ) n N,(h n ) n N ) = (v n ) n INh with v n = u φnh (n) merge((h n ) n N,(u n ) n INh,(v n ) n INh ) = (w n ) n N with w n = u n if n N h and w n = v n if n N h The base clock is the constant sequence base such that n N,base n =. Course notes - Marc Pouzet 7/64

18 Making it a bit more operational constant v n = v lift op x n = op(x(n)) notl x = lift not lift2 op x y n = op (x(n)) (y(n)) lift3 op x y z n = op (x(n)) (y(n)) (z(n)) x fby y = x() x fby y n = y(n-) x when h n = x(i(h)(n+)) merge h x y n = if h(n) then x(o(h)(n)) else y(o(notl h)(n) where I and O are (respectively) the index and cumulative functions. Course notes - Marc Pouzet 8/64

19 The index and cumulative functions I and O functions If h is a boolean stream, O(h)(n) is the sum of till index n; I(h)(n) is the index of the n-th in h. O(h)(n) = n h(i) I(h)(n) = min{k N O h (k) = n} i= O(h)(n) = h(n) + (if n = then else (h)(n-)) I(h)(n) = I (h)()(n) I (h)(i)(n) = if h(i) then if n = then i else I (h)(i+)(n-) else I (h)(i+)(n) It is very possible that I(n) be undefined (no value in N). E.g., (x when (constant false))(n). The domain of a signal x (values of n for which x(n) exists) is an initial section. Course notes - Marc Pouzet 9/64

20 An implementation in Haskell using lazy lists module Streams where -- lifting constants constant x = x : (constant x) -- pointwise application extend (f:fs) (x:xs) = (f x):(extend fs xs) -- delays (x:xs) fby y = x:y pre x y = x : y -- sampling (x : xs) when (True : cs) = (x : (xs when cs)) (x : xs) when (False : cs) = xs when cs merge (True : c) (x : xs) y = x : (merge c xs y) merge (False : c) x (y : ys) = y : (merge c x ys)

21 An embedding in Haskell function definition/applications are the regular ones; mutually recursive definitions of streams are represented as mutually recursive definitions of values. We can write many usefull examples and benefit from features of the host language. lift2 f x y = extend (extend (constant f) x) y plusl x y = lift2 (+) x y -- integers greaters than n from n = let nat = n fby (plusl nat (constant )) in nat -- resetable counter reset_counter res input = let output = ifthenelse res (constant ) v v = ifthenelse input (pre (plusl output (constant ))) (pre output) in output

22 Multi-periodic systems every n = let o = reset_counter (pre o = n - ) (constant True) in o filter n top = top when (every n) hour_minute_second top = let second = filter (constant ) top in let minute = filter (constant 6) second in let hour = filter (constant 6) minute in hour,minute,second

23 Over-sampling (with fixed step) Compute the sequence (o n ) n IN such that o 2n = x n and o 2n+ = x n. -- the half clock half = (constant True) fby notl half -- double its input stutter x = o = merge half x ((pre o) when notl half) in o over-sampling : the internal rate is faster than the rate of inputs this is still a real-time program why is it rejected in Lustre?

24 Over-sampling with variable step Compute the root of an input x (using Newton method) u n = u n /2+x/2u n u = x eps = constant. root input = let ic = merge ok input (pre ic) when notl ok) uc = (pre uc) / 2 + (ic / 2 * pre uc) ok = true -> uc - pre uc <= eps output = uc when ok in output This example mimics an internal while loop (example due to Paul Le Guernic)

25 Where are the monsters? A stream is represented as a lazy data-structure. Nonetheless, lazyness allows streams to be build in a strange manner. Structural (Scott) order : struct v, (v : w) struct (v : w ) iff v struct v and w struct w. The following programs are perfectly correct in Haskell (with a unique non-empty solution) hd (x:y) = x tl (x:y) = y incr (x:y) = (x+) : incr y one = : one x = (if hd(tl(tl(tl(x)))) = 5 then 3 else 4) : : 2 : 3 : one output = (hd(tl(tl(tl(x))))) : (hd(tl(tl(x)))) : (hd(x)) : output The values are : x = 4 : : 2 : 3 : :... output = 3 : 2 : 4 : 3 : 2 : 4 :...

26 These stream may be constructed lazilly : x =,x = : : 2 : 3 : un,x 2 = 4 : : 2 : 3 : one. output =,output = 3 : 2 : 4 :... An other example (due to Paul Caspi) : nat = zero fby (incr nat) ifn n x y = if n <= 9 then hd(x) : if9(n+) (tl(x)) (tl(y)) else y if9 x y = ifn 9 x y x = if9 (incr (tl x)) nat We have x = 8,7,6,5,4,3,2,,,9,,,... Are they reasonnable programs? Streams are constructed in a reverse manner from the future to the past. We say that they are not causal. This is because the structural order between streams allows to fill the holes in any order, e.g. : ( : ) ( : : : ) ( : : 2 : ) ( : : 2 : ) ( : : 2 : )

27 It is also possible to build streams with intermediate holes (undefined values in the middle) through the final program is correct : half = fail = fail half = :fail:half fill x = (hd(x)) : fill (tl(tl x)) ok = fill half We need to model causality, that is, stream should be produced in a sequential order. We take the prefix order introduced by Kahn : Prefix order : x y if x is a prefix of y, that is : x and v.x v.y if x y Causal function : A function is causal when it is monotonous for the prefix order : x y f(x) f(y) All the previous program will get the value in the Kahn semantics.

28 Kahn Semantics in Haskell It is possible to remove possible non causal streams by forbidding values of the form.x. In Haskell, the annotation!a states that the value with type a is strict ( ). module SStreams where -- only consider streams where the head is always a value (not bot) data ST a = Cons!a (ST a) deriving Show constant x = Cons x (constant x) extend (Cons f fs) (Cons x xs) = Cons (f x) (extend fs xs) (Cons x xs) fby y = Cons x y (Cons x xs) when (Cons True cs) = (Cons x (xs when cs)) (Cons x xs) when (Cons False cs) = xs when cs merge (Cons True c) (Cons x xs) y = Cons x (merge c xs y) merge (Cons False c) x (Cons y ys) = Cons y (merge c x ys) This time, all the previous non causal programs have value (stack overflow).

29 Some synchrony monsters even & If x = (x i ) i IN then even(x) = (x 2i ) i IN and x&even(x) = (x i &x 2i ) i IN. Unbounded FIFOs! must be rejected statically every operator is finite memory through the composition is not : all the complexity (synchronization) is hidden in communication channels the Kahn semantics does not model time, i.e., impossible to state that two event arrive at the same time Course notes - Marc Pouzet 29/64

30 Synchronous (Clocked) streams Complete streams with an explicit representation of absence (abs). x : (V abs ) Clock : the clock of x is a boolean sequence IB = {,} CLOCK = IB clock ǫ clock (abs.x) clock (v.x) = ǫ =.clock x =.clock x Synchronous streams : ClStream(V,cl) = {s/s (V abs ) clock s prefix cl} An other possible encoding : x : (V IN) Course notes - Marc Pouzet 3/64

31 Dataflow Primitives Constant : Point-wise application : i # (ǫ) = ǫ i # (.cl) = i.i # (cl) i # (.cl) = abs.i # (cl) Synchronous arguments must be constant, i.e., having the same clock + # (s,s 2 ) = ǫ if s i = ǫ + # (abs.s,abs.s 2 ) = abs.+ # (s,s 2 ) + # (v.s,v 2.s 2 ) = (v +v 2 ).+ # (s,s 2 ) Course notes - Marc Pouzet 3/64

32 Partial definitions What happens when one element is present and the other is absent? Constraint their domain : (+) : cl : CLOCK.ClStream(int, cl) ClStream(int, cl) ClStream(int, cl) i.e., (+) expect its two input stream to be on the same clock cl and produce an output on the same clock These extra conditions are types which must be statically verified Remark (notation) : Regular types and clock types can be written separately : (+) : int int int its type signature (+) :: cl.cl cl cl its clock signature In the following, we only consider the clock type. Course notes - Marc Pouzet 32/64

33 Sampling s when # s 2 (abs.s)when # (abs.c) (v.s)when # (.c) (v.s)when # (.c) = ǫ if s = ǫ or s 2 = ǫ = abs.swhen # c = v.swhen # c = abs.xwhen # c mergecs s 2 = ǫ if one of the s i = ǫ merge(abs.c)(abs.s )(abs.s 2 ) = abs.mergecs s 2 merge(.c)(v.s )(abs.s 2 ) = v.mergecs s 2 merge(.c)(abs.s )(v.s 2 ) = v.mergecs s 2 Course notes - Marc Pouzet 33/64

34 Examples base = ()... x x x x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x x... h = ()... y = xwhenh x x 2 x 4 x 6 x 8 x x... h = ()... z = ywhenh x x 6 x... k k k k 2 k 3... merge h z k x k k x 6 k 2 k 3... let clock five = let rec f = true fby false fby false fby false fby f in f let node stutter x = o where rec o = merge five x (( fby o) whenot five) in o stutter(nat) = Course notes - Marc Pouzet 34/64

35 Sampling and clocks xwhen # y is defined when x and y have the same clock cl the clock of xwhen # c is written clonc : c moves at the pace of cl We get : Written instead : sonc (.cl) on(.c) (.cl) on(.c) = ǫ if s = ǫ or c = ǫ =.cl on c =.cl on c (.cl) on(abs.c) =.cl on c when : cl. x : cl. c : cl.clonc merge : cl. c : cl. x : clonc. y : clonnot c.cl when : cl.cl (c : cl) clonc merge : cl.(c : cl) clonc clonnot c cl Course notes - Marc Pouzet 35/64

36 Checking Synchrony The previous program is now rejected. even & This is a now a typing error let even x = x when half let non_synchronous x = x & (even x) ^^^^^^^ This expression has clock a on half, but is used with clock a Final remarks : We only considered clock equality, i.e., two streams are either synchronous or not Clocks are used extensively to generate efficient sequential code Course notes - Marc Pouzet 36/64

37 From Synchrony to Relaxed Synchrony a can we compose non strictly synchronous streams provided their clocks are closed from each other? communication between systems which are almost synchronous model jittering, bounded delays Give more freedom to the compiler, generate more efficient code, translate into regular synchronous code if necessary Course notes - Marc Pouzet 37/64 a. Joint work with Albert Cohen, Marc Duranton, Louis Mandel and Florence Plateau (PhD. Thesis at

38 A typical example : Picture in Picture incrust HD downscaler SD HD not incrust when merge HD Incrustation of a Standard Definition (SD) image in a High Definition (HD) one downscaler : reduction of an HD image (92 8 pixels) to an SD image (72 48 pixels) when : removal of a part of an HD image merge : incrustation of an SD image in an HD image Question : buffer size needed between the downscaler and the merge nodes? delay introduced by the picture in picture in the video processing chain?

39 Course notes - Marc Pouzet 38/64

40 Too restrictive for video applications x when when y z?? + t y z streams should be synchronous adding buffer (by hand) difficult and error-prone compute it automatically and generate synchronous code relax the associated clocking rules Course notes - Marc Pouzet 4/64

41 N-Synchronous Kahn Networks y buff[] z based on the use of infinite ultimately periodic sequences a precedence relation cl <: cl 2 Course notes - Marc Pouzet 4/64

42 Ultimately periodic sequences Q 2 for the set of infinite periodic binary words. () =... () =... for presence for absence Definition : w ::= u(v) where u (+) and v (+) + Course notes - Marc Pouzet 42/64

43 Clocks and infinite binary words Number of ones O w Instants w O w (i) = cumulative function of from w Course notes - Marc Pouzet 43/64

44 Clocks and infinite binary words Number of ones O w O w2 O w Instants buffer sub-typing size(w,w 2 ) = max i N (O w (i) O w2 (i)) w <: w 2 def n N, i, O w (i) O w2 (i) n Course notes - Marc Pouzet 44/64

45 Clocks and infinite binary words Number of ones O w O w2 O w Instants buffer sub-typing size(w,w 2 ) = max i N (O w (i) O w2 (i)) w <: w 2 def n N, i, O w (i) O w2 (i) n synchronizability w w 2 def b,b 2 Z, i, b O w (i) O w2 (i) b 2 precedence w w 2 def i, O w (i) O w2 (i) Course notes - Marc Pouzet 45/64

46 Multi-clock c ::= w c on w w (+) ω c on w is a sub-clock of c, by moving in w at the pace of c. E.g., () on () = (). base... () p... () base on p... () p 2... () (base on p ) on p 2... () For ultimately periodic clocks, precedence, synchronizability and equality are decidable (but expensive) Course notes - Marc Pouzet 46/64

47 Come-back to the language Pure synchrony : close to an ML type system (e.g., SCADE 6) structural equality of clocks H e : ck H e 2 : ck Relaxed Synchrony : we add a sub-typing rule : H op(e,e 2 ) : ck (SUB) H e : ck on w w <: w H buffer(e) : ck on w defines synchronization points when a buffer is inserted the basis of the language Lucy-N (Plateau and Mandel). Course notes - Marc Pouzet 47/64

48 What about non periodic systems? The same idea : synchrony + properties between clocks. Insuring the absence of deadlocks and bounded buffering. The exact computation with periodic clocks is expensive. E.g., () on 36 () on () = 96 ( ) Motivations :. To treat long periodic patterns. To avoid an exact computation. 2. To deal with almost periodic clocks. E.g., α on w where w =.( ()+() ) (e.g. w =... ) Idea : manipulate sets of clocks; turn questions into arithmetic ones Course notes - Marc Pouzet 48/64

49 Abstraction of Infinite Binary Words Number of ones a = 5, 5 ( 7 3 ) 5 O w Instants A word w can be abstracted by two lines : abs(w) = b,b (r) concr ( b,b ) def (r) w, i, w[i] = O w(i) r i+b w[i] = O w (i) r i+b Course notes - Marc Pouzet 49/64

50 Abstraction of Infinite Binary Words Number of ones a 4 = 3, 4 3 ( 3) Number of ones a 5 = 4 3, 3 ( ) Instants Instants Course notes - Marc Pouzet 5/64

51 Abstract Clocks as Automata Number of ones a = 5, 5 ( 7 3 ) Instants O w,, 2,2 2, 3,2 4,3 4,2 5,3 a =, 7 3 ) 5 5 ( 5 set of states {(i,j) N 2 } : coordinates in the 2D-chronogram finite number of state equivalence classes transition function δ : allows to check/generate clocks δ(,(i,j)) = nf(i+,j +) if j + r i+b δ(,(i,j)) = nf(i+,j +) if j + r i+b Course notes - Marc Pouzet 5/64

52 Abstract Relations Number of ones a = 5, 5 ( 7 3 ) 5 O w O w a 2 = 6 5, 2 5 ( 3 5 ) Instants Synchronizability : r = r 2 b,b (r ) b 2,b 2 (r2 ) Precedence : b 2 b < b,b (r) b 2,b 2 (r) Subtyping : a <: a 2 a a 2 a a 2 proposition : abs(w ) <: abs(w 2 ) w <: w 2 buffer : size(a,a 2 ) = b b 2 Course notes - Marc Pouzet 52/64

53 Abstract Operators Composed clocks : c ::= w not w c on c Abstraction of a composed clock : abs(not w) = not abs(w) abs(c on c 2 ) = abs(c ) on abs(c 2 ) Operators correctness property : not w concr(not abs(w)) c on c 2 concr(abs(c ) on abs(c 2 )) Course notes - Marc Pouzet 53/64

54 Abstract Operators Number of ones a 4 = 3, 4 3 ( 3) a 5 = 4 3, 3 ( ) Instants not operator definition : not b,b (r) = b, b ( r) Course notes - Marc Pouzet 54/64

55 Abstract Operators 25,9 22,8 23,8 24,8 25,8 26,8 2,7 2,7 22,7 23,7 7,6 8,6 9,6 2,6 2,6 4,5 5,5 6,5 7,5 8,5,4 2,4 3,4 4,4 5,4 3, 4, 5, 6,2 6, 7,2 8,2 7, 9,3 9,2,3,3 2,3 a on a 2 = 5, 5 ( 7 3 5) on 6 3 ) 5 5 (, 2 5, 2, 3, 4, on operator definition : b, b ( r ) on b 2, b 2 ( r 2 ) = b r 2 +b 2, b r 2 +b 2 (r r 2 ) with b, b 2 Course notes - Marc Pouzet 55/64

56 Modeling Jitter Number of ones , 2 ) 3 ( Instants Number of ones , 3 ( 3 ) Instants set of clock of rate r = 3 and jitter can be specified by 3, 3 ( 3 ) 3 3, 3 ( 3 3) =, () on, 3 ( 2 ) 3 f :: α.α α on 3, 3 ( 3 ) 3 Course notes - Marc Pouzet 56/64

57 Formalization in a Proof Assistant By Louis Mandel and Florence Plateau Most of the properties have been proved in Coq example of property Property on_absh_correctness: forall (w:ibw) (w2:ibw), forall (a:abstractionh) (a2:abstractionh), forall H_wf_a: well_formed_abstractionh a, forall H_wf_a2: well_formed_abstractionh a2, forall H_a_eq_absh_w: in_abstractionh w a, forall H_a2_eq_absh_w2: in_abstractionh w2 a2, in_abstractionh (on w w2) (on_absh a a2). number of Source Lines of Code specifications : about 6 SLOC proofs : about 5 SLOC Course notes - Marc Pouzet 57/64

58 Back to the Picture in Picture Example incrust HD downscaler SD not incrust merge HD HD when abstraction of downscaler output : abs(() on 36 () on ( )) =, 8 ( 7 3 ) 8 on 36, 36 () on 4,48 ( ) 4 9 = 2, minimal delay and buffer : exact result delay buffer size ( 6) ( time to receive 5 HD lines) ( 267 SD lines) abstract result 995 ( time to receive 6 HD lines) ( 268 SD lines) This is implemented in Lucy-N by Louis Mandel. Course notes - Marc Pouzet 58/64

59 Parallel implementation and integer clocks

60 Parallel processes communicating through a buffer f g int f_out; while () { f_step (f_mem, &f_out); fifo.push(f_out); } int g_in; while () { fifo.pop(&g_in); v = g_step (g_mem, g_in); } Buffers allow to desynchronize the execution Course notes - Marc Pouzet 6/64

61 FIFO with batching To pop, the consumer has to check for the availability of data. This check is expensive. It is better to communicate by chunks. Batch : the consumer can read in the fifo only when batch values are available the producer can write in the fifo only when batch rooms are available Batch size : Cycles/push : 23.7 Bandwidth : Batch size : 2 Cycles/push : 5.79 Bandwidth : MB/s 86.4 MB/s Batch size : 4 Cycles/push : 2.6 Bandwidth : MB/s Batch size : 8 Cycles/push :. Bandwidth : MB/s Batch size : 6 Cycles/push : Batch size : 32 Cycles/push : Batch size : 64 Cycles/push : Batching : reduce the synchronization with the FIFO 7.5 Bandwidth : 8.58 MB/s 7.33 Bandwidth : MB/s 7.33 Bandwidth : MB/s Course notes - Marc Pouzet 6/64

62 Integer clocks f α on (2) α on (2) g Burst : allows to compute and communicate several values within one instant formulas can be easily lifted to integers Course notes - Marc Pouzet 62/64

63 Integer clocks f α on (2) α on (2) g Burst : allows to compute several values into one instant formulas can be easily lifted to integers impacts causality This has been studied by Adrien Guatto in his PhD. thesis (26). Course notes - Marc Pouzet 63/64

64 Type based clock calculus Lucid Synchrone stream Kahn semantics, clocks, functions possibly higher-order study (implement) extensions of Lustre experiment things, manage all the compilation chain and write programs! Version (995), Version 2 (2), V3 (26) Quite fruitful : the Scade 6 language and its compiler (first release in 28) incorporates several features from Lucid Synchrone the LCM language at Dassault-Syst `mes (Delmia Automation) based on the same principles several features reused in Stimulus, a language for requirement simulation.

65 Références [] Sylvain Boulmé and Grégoire Hamon. Certifying Synchrony for Free. In International Conference on Logic for Programming, Artificial Intelligence and Reasoning (LPAR), volume 225, La Havana, Cuba, December 2. Lecture Notes in Artificial Intelligence, Springer-Verlag. Short version of A clocked denotational semantics for Lucid-Synchrone in Coq, available as a Technical Report (LIP6), at pouzet/bib/bib.html. [2] P. Caspi. Clocks in dataflow languages. Theoretical Computer Science, 94 :25 4, 992. [3] Paul Caspi and Marc Pouzet. Synchronous Kahn Networks. In ACM SIGPLAN International Conference on Functional Programming (ICFP), Philadelphia, Pensylvania, May 996. [4] Albert Cohen, Marc Duranton, Christine Eisenbeis, Claire Pagetti, Florence Plateau, and Marc Pouzet. N-Synchronous Kahn Networks : a Relaxed Model of Synchrony for Real-Time Systems. In ACM International Conference on Principles of Programming Languages (POPL 6), Charleston, South Carolina, USA, January 26. [5] Albert Cohen, Louis Mandel, Florence Plateau, and Marc Pouzet. Abstraction of Clocks in Synchronous Data-flow Systems. In The Sixth ASIAN Symposium on Programming Languages and Systems (APLAS), Bangalore, India, December 28. [6] Jean-Louis Colaço and Marc Pouzet. Clocks as First Class Abstract Types. In Third International Conference on Embedded Software (EMSOFT 3), Philadelphia, Pennsylvania, USA, october 23. [7] Louis Mandel, Florence Plateau, and Marc Pouzet. Lucy-n : a n-synchronous Extension of Lustre. In th International Conference on Mathematics of Program Construction (MPC ), Manoir St-Castin, Québec, Canada, June 2. Springer LNCS. [8] Louis Mandel, Florence Plateau, and Marc Pouzet. Static Scheduling of Latency Insensitive Designs with Lucy-n. In International Conference on Formal Methods in Computer-Aided Design (FMCAD), Austin, Texas, USA, October 3 November 2 2.

66 [9] Florence Plateau. Modèle n-synchrone pour la programmation de réseaux de Kahn à mémoire bornée. PhD thesis, Université Paris-Sud, Orsay, France, 6 janvier 2.