Correct and efficient implementations of synchronous models on asynchronous execution platforms
Stavros Tripakis
UC Berkeley and Verimag
EC^2 Workshop, Grenoble, June 2009
1

Some observations
Threads have conquered the world, but …
• Concurrency => interleaving
– C.f., synchronous systems (e.g., circuits)
• Concurrency => non-determinism
– synchronous circuits are deterministic
• Concurrency => shared memory
– C.f., data flow models
• Asynchronous concurrency (interleaving) => non-determinism
– C.f., Kahn Process Networks
2

What are the problems we (as a community) are trying to solve?
• Cope with concurrency… but what does it mean?
• What are the right execution platforms?
– Which multicore architecture, memory model, … given, asynchronous
• What are the right programming models?
• For which types of applications?
± given, synchronous
• How to map the latter to the former?
– Correctly and efficiently!
focus
• How to verify stuff?
3

Synchronous vs. asynchronous concurrency
• Synchronous concurrency
– Execution platforms: synchronous hardware
– Programming models: Simulink, SCADE, synchronous languages (Esterel, Lustre, …), …
• Asynchronous concurrency
– Execution platforms: many, including distributed platforms
– Programming models: thread-based (often communicating by shared-memory)
4

• Most synchronous models are deterministic: synchronous hardware, Simulink, SCADE, most synchronous languages, …
Engine control model in Simulink
Copyright The Mathworks
5

• Some asynchronous models are also deterministic, e.g.:
– Kahn Process Networks: the sequence of values
(stream) produced at each FIFO is the same independent of process interleaving
6

Our choice of programming model: synchronous
• Set of parallel processes, notion of global synchronous cycle
– Simulink, SCADE, VHDL, Verilog, Lustre, Esterel, …
• Main advantages:
– Determinism, no process interleaving:
• Easier to understand, easier to verify (less state explosion)
• Main objections :
– “Synchrony is impossible/hard/too expensive to implement”
– “This is especially true for distributed systems”
• “You need clock synchronization”
– Practice seems to agree with this…
• Most available implementations of synchronous systems are either synchronous hardware, or centralized “read; compute; write;” control loops.
– …but it is not quite true.
7

Semantics-preserving implementation of synchronous models design application
…
Simulink implementation single-processor single-task single-processor multi-task distributed, synchronous
(TTA)
… distributed, asynchronous
(KPN, LTTA, ...) execution platform
8

[IEEE Trans. Computers, Oct’08]
From synchronous models to asynchronous distributed implementations
Joint work with
Claudio Pinello, Cadence
Alberto Sangiovanni-Vincentelli, UC Berkeley
Albert Benveniste, IRISA (France)
Paul Caspi, VERIMAG (France)
Marco di Natale, SSSA (Italy)
9

Implementation on asynchronous distributed platforms synchronous model • Asynchronous distributed platforms:
– Many computers, each with a local clock
• No clock synchronization
– Computers communicate using some network/protocol
• Don’t care which network, as long as finite FIFO queues (TCP) can be implemented on top asynchronous platform with some communication network
10

Implementation on asynchronous distributed platforms synchronous model
Intermediate layer: asynchronous processes communicating with finite FIFO queues asynchronous platform with some communication network
11

Implementation on asynchronous distributed platforms synchronous model
This is like
Kahn Process Networks with blocking write() when FIFO is full.
Intermediate layer: asynchronous processes communicating with finite FIFO queues
FIFOs must be large enough to avoid deadlocks.
=> semantical (stream) preservation
12

• Use old theories [1970s]:
• Marked graphs
– Subclass of Petri Nets
– Used to show FFP liveness (no deadlock)
• Kahn Process Networks
– Used Kahn’s fundamental result: determinism
– Streams do not depend on process interleaving
13

Performance analysis: worst-case logical-time throughput and latency
Computing worst-case logical-time throughput
P1
WCLTT = 1/2
P2 deterministic firing policy
Relating real-time and logical-time throughput
LT thput = 3/4
Reachability lasso of marked graph
1
P1
WCLTT = 1
P2
14

[ACM Trans. Embed. Comp. Sys., Feb’08]
From synchronous models to asynchronous multitask implementations
Joint work with
Paul Caspi,
Norman Scaife,
Christos Sofronis,
VERIMAG
15

Sync
Implementation on centralized, multitasking platforms tasks
T
1
T
2
T
3
• Why multitasking and not single “real-compute-write” loop?
• For multi-rate models:
– Multitask implementation schedulable, but single-task not schedulable scheduler
Single-processor
Priority scheduling
(fixed priority or EDF)
16

Sync
Implementation on centralized, multitasking platforms
Goal: semantical preservation tasks
T
1
T
2
T
3 scheduler
Single-processor
Priority scheduling
(fixed priority or EDF)
17

Sync tasks
Implementation on centralized, multitasking platforms
“Naïve” implementations don’t work
The Dynamic Buffering Protocol
Q
Prio
Q
> Prio
A
> Prio
B
A B
T
1
T
2
T
3 scheduler
Single-processor
Priority scheduling
(fixed priority or EDF)
A
A
Q
Q
B
A
A
B
1
- non-blocking (wait-free)
ERROR
- memory-optimal
- semantics-preserving
18

• Concurrency => non-determinism
• Synchronous models are deterministic
– easier to understand and verify
• Synchronous models can be implemented on a variety of asynchronous execution platforms, using non-trivial techniques:
– Implementations are correct-by-construction
– They are memory-optimal
– Performance (throughput, latency, …) can be analyzed and optimized
19

• For which applications is the synchronous programming model suitable?
– Traditionally for control: avionics, automotive, …
– Some recent works trying to apply it to multimedia/signal processing
• To what extent these methods apply to multicores?
• Are dataflow computers going to come back?
20