THE SCHEME MACHINE:
A CASE STUDY IN PROGRESS IN DESIGN DERIVATION AT SYSTEM LEVELS

Steven D. Johnson
Indiana University

The Scheme Machine is one of several design projects of the Digital Design Derivation group at Indiana University. It differs from the other projects in its focus on issues of system design and its connection to surrounding research in programming language semantics, compiler construction, and programming methodology underway at Indiana and elsewhere. The genesis of the project dates to the early 1980s, when digital design derivation research branched from the surrounding research effort in programming languages. Both branches have continued to develop in parallel, with this particular project serving as a bridge. However, by 1990 there remained little real interaction between the branches and recently we have undertaken to reintegrate them.

On the software side, researchers have refined a mathematically rigorous (but not mechanized) treatment starting with the fully abstract semantic definition of Scheme and resulting in an efficient implementation consisting of a compiler and virtual machine model, the latter typically realized with a general purpose microprocessor. The derivation includes a number of sophisticated factorizations and representations and is also deep example of the underlying engineering methodology.

The hardware research has created a mechanized algebra supporting the tedious and massive transformations often seen at lower levels of design. This work has progressed to the point that large scale devices, such as processors, can be derived from first-order finite state machine specifications. This is roughly where the language oriented research stops; thus, together, the two efforts establish a thread from the highest levels of abstract specification to detailed digital implementation.

The Scheme Machine project challenges hardware derivation research in several ways, although the individual components of the system are of a similar scale to those we have worked with before. The machine has a custom dual-ported memory to support garbage collection. It consists of four tightly coupled processes—processor, collector, allocator, memory—with a very non-trivial synchronization relationship. Finally, there are deep issues of representation for the run-time objects of a symbolic processing language.

The research centers on verification through integrated formal reasoning systems, but is also involved with modeling and prototyping environments. Since the derivation algebra is based on an executable modeling language, there is opportunity to incorporate design animation in the design process. We are looking for ways to move smoothly and incrementally from executable specifications into hardware realization. For example, we can run the garbage collector specification, a Scheme program, directly against the physical memory prototype, and similarly, the instruction processor model against the heap implementation.
The Scheme Machine:  
A Case Study in Progress  
In Design Derivation at System Levels  

Steven D. Johnson  
DDD Project, Hardware Methods Laboratory  
Computer Science Department  
Indiana University  

sjohnson@cs.indiana.edu  
http://www.cs.indiana.edu/hmg/hmg.html  

Thanks: NSF/MIP9 08745, NASA/MCT-50841  

The Scheme Machine Prototype  

Emulator in Ac-  
tel FPGAs, PLDs  
and standard  
DRAM simms.  

Outline  
- The Scheme Machine Prototype  
- Context, Motivation, and Goals of the Research  
- Components of the Scheme Machine  
- Issues in Verification  
- Incremental Construction of Hardware  
- Summary and Status  

The Logic Engine  

An environment for system  
prototyping, VLSI emulation,  
and functional testing  

(Scheme and/or C)
Scheme Machine
Memory:
$2 \times 4 \times 1,000,000$ bytes
Design Size:
20,000 gates (?)
Speed:
$2$ MHz+ (or $1.25 \times$ DRAM)

Context of the Research
1982 M. Wand, Semantics-directed machine architecture (POPL 92)
1983 S.D. Johnson, Synthesis of Digital Designs from Recursion Equations, Ch. 5 (PhD dissertation)
1984 W. Clinger, The Scheme 3.3 Compiler (LI&FP 84)
1988 R. Wehrmeister, Derivation of an SECD Machine (IU/CS TR #290)
1990 D. Boyer and K. Rath derive boolean system for a Scheme machine.
1992 M. Wand, D. Friedman, C. Haynes, Essentials of Programming Languages, Ch. 12

Digital Design Derivation Project

The Scheme Machine Project

An interactive transformation system for deriving synthesizable hardware descriptions from higher level system specifications.

Interpreter
Heap Model

Compiler
Machine Model

CPU
Heap
Memory
Garbage Collector
Components of the Scheme Machine

Memory
- Dual-port ed semispaces, multiplexed bus
- Typical case: 2 opns. per 1.25 cycles
- Refresh inhibits clock
- Manual design, unverified (one bug so far)

Heap Interface
- Collector, allocator, invalidator
- Derived from XFSM.
- Synchronization with CPU not verified
- Algorithm not verified (VLISP?)

Processor
- Derived from X-FSM only.
- SPEC close to VLISP machine?

Issues in Verification
- Higher level behavior specification
- Memory model
- Process synchronization
- Data abstraction hierarchy
- Multiple views
### Memory Model

**Memory Interface**

- `OLD`: Old data
- `NEW`: New data

- `old add` (Old address)
- `new add` (New address)
- `old JA` (Old Jump Address)
- `new JA` (New Jump Address)
- `Data out` (Data output)

- `tag(X, a) = tag(D, b)`
- `wtag(X, a) = wtag(D, c)`
- `mem[X] = mem[D]`
- `mem[N, a] = mem[N, c]`

### Process Synchronization

- In Scheme Machine, heap integrity is guaranteed by hardware, with overhead absorbed (to be measured) by the parallel sweep.
- In VLISP, heap integrity is guaranteed by the compiler, but is interruption considered?

### Data Abstraction

- **Semantic model**: $\rho: \text{Var} \rightarrow \text{Val}$
- **Compiler factorization**: $\rho_1: \text{Var} \rightarrow \text{StaticOffset}$
- $\rho_2: \text{StaticOffset} \rightarrow \text{Store} \rightarrow \text{Val}$

- **Operational model**: $\text{Rep}[\alpha] = \text{List(Vector)}$
- **Implementation model**: $\text{List: HeapReference}$
- $\text{Vector: (HeapReference, Offset)}$

- **Representation**: $\text{HeapReference: (Tag, Address)}$
  - $\text{Offset: Address}$
  - $\text{Tag: (list, int, \ldots)}$
  - $\text{Address: Z}_{2^N}$

- **HW Realization**: $\text{Address, Offset: BitVector(24)}$
  - $\text{Tag: BitVector(8)}$

### Multiple Views

- The CPU sees the heap as an assorted collection of cells, including numbers, list cells of various flavors, vectors, strings, etc.
- The allocator and collector see the heap as an array of words subject to certain invariants.
- The invalidator sees the heap as a sequence of bits.
Incremental Construction of Hardware

- The software specification of the processor runs directly against both the software specification of the heap and (with functional test points exposed) the hardware prototype.
- The software specification of the processor, allocator, and collector, run directly against both the modeling environment's heap image and the hardware realization.
- We are seeking to develop an environment where modeling, simulation, emulation, and realization are closely integrated with verification.
- We are seeking to integrate multiple reasoning tools to apply to the verification problem.

Summary and Status

- Design derivation extends and adapts programming methodology to hardware targets
- Language implementation, Scheme in this case, is a standard example,
  - exposes hard (higher order) modeling issues
  - a form of closure/completeness (Scheme Machine derivation & emulation could be run on the Scheme Machine).
- the Scheme Machine system specification exposes new verification problems in process coordination, algorithmic correctness, ....
- the design environment explores the gap between modeling and implementation.
- components of the Scheme Machine, or their variations are viable products.