We are happy to announce Dezyne 2.18 which introduces shared interface state.

Before 2.18.0, for a component to be able to act on the state of a another component behind an interface, it would need to define and maintain a shadow copy of its state.

Now given a port port and a boolean state bool state be referred to as port.state in expressions by the components on either side of the interface. Note that the access of such state is read-only.

See also the Dezyne documentation.

We will evaluate your reports and track them via the Gitlab dezyne-issues project, see our guide to writing helpful bug reports.

What's next?

In the next releases we would like to see:

• Improved debugability of queueing behavior related to the defer and external keywords.
• Unification of extern data and state types in parameter passing and returning.
• Generating system traces to explore system properties and the use of these in the verification of the generated code.
• Further improving of the parser infrastructure with respect to language extensions and early editing feedback.

Future

Looking beyond the next releases and in no particular order:

• Module-specifications, i.e., user defined functional properties at component and system level.
• Extern data-interfaces, i.e., the ability to inspect extern data and leverage this information in the behavioral control flow as well as to add algorithm support.
• Hierarchical behaviors, i.e., adding the support for an aspect oriented way of dividing up behavior and the introduction of named behaviors.
• Module Based Testing, i.e., the ability to verify any implemention against its module specification by means of test execution.

Enjoy!
The Dezyne developers.

Download

git clone git://git.savannah.nongnu.org/dezyne.git

Here are the compressed sources and a GPG detached signature[*]:
dezyne-2.18.0.tar.gz
dezyne-2.18.0.tar.gz.sig

Here are the SHA1 and SHA256 checksums:

13599d3b4b7a47696848576b51f1abbbe3513ec2  dezyne-2.18.0.tar.gz  
f16b21d1cd9833752421331cba903bb7d33d7544dfcafb868bbbf27d99ef79d1  dezyne-2.18.0.tar.gz

[*] Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this:

gpg --verify .sig

If that command fails because you don't have the required public key, then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 1A858392E331EAFDB8C27FFBF3C1A0D9C1D65273

and rerun the gpg --verify command.

Alternatively, Dezyne can be installed using GNU Guix:

guix pull  
guix install dezyne

NEWS

Changes in 2.18.0 since 2.17.3

• Language

  • A component can now directly refer to the state values of its ports from an expression (guard, if, assignment).
  • The undocumented feature of defining models and types using a name with an inline dotted namespace has been removed.

• Build

  • The test runner now has a --t,--timeout option, using a 5min default.
  • For C and C++, include headers are installed in <includedir>/dzn.
  • For C, a new libdzn library is built and installed in <libdir> on systems that have GNU pth.
  • For C++, a new libdzn-c++ library are built and installed in <libdir> on systems that have std::mutex.

• Verification

  • A new -T,--timings option now shows detailed timings for the different stages like: parse, normalization and mCRL2.
  • The compliance check is no longer skipped when the unreachable code check reports errors.
  • The -j,--jitty flag has been removed.

• Code

  • C++ implements directly referring to the state values of its port.
  • Lambda capture lists explicitly refer to this since C++20 deprecates the implicit capture for =.
  • The code generator backends for C++, C#, and C have been rewritten based on SCMackerel.
  • The experimental C code generator now supports blocking and defer, strictly single-threaded, using GNU Portable Threads.
  • The C++ and C runtime and code generator now use a more consistent coding style GNU Coding Standards.
  • The C++ code generator and runtime now adds the source code location of an illegal.
  • The C++ generated code no longer adds check_bindings, dump_tree functions to components; Use runtime functions dzn::check_bindings and dzn::dump_tree instead.
  • The C++ generated code no longer generates global connect functions; Use the runtime function dzn::connect instead.
  • Setting the dzn_share_p boolean in a port to false, before it is connected, allows disabling maintaining state sharing, as well as strict illegal checking. This is a (temporary) workaround for an interface that is more restrive than its handwritten implementation.
  • The pretty printer (code --language=dzn) now also supports most synthesized AST elements which is especially useful in combination with transformations (-t,--transform).
  • When generating code for a thread-safe shell system, i.e., using -s,--shell, the well-formedness check will now assert that its outer requires ports are marked external.
  • For languages json and makreel, the -o,--output option is now honored too.
  • The -s,--shell option can now be used multiple times.
  • The --language=json output no longer implicitly remove behaviors.

• Noteworthy bug fixes

  • A verification bug was fixed that would erroneously report a deadlock for non-determinstic interface constraints.

  • A verification bug was fixed to correctly report unreachable code when interface and component imperative statement locations overlap.

  • Running the parser in -f,--fall-back mode now shows a parse tree again; a regression introduced in 2.17.2.

  • Event names can now overlap with toplevel names.

  • For C++, it is no longer necessary to add tracing to events implemented in handwritten code, the runtime now takes care of this.

  • The dzn_ prefix is used more consistently in generated code to avoid possible clashes with user defined names.

  • When generating executable code, using an empty dollar expression ($$) now raises a well-formedness error.

  • The verification no longer reports a false positive defer-induced <queue-full> when using defer after a function call.

  • A bug in the name resolver has been fixed that would lead to a quadratic performance impact when looking up an undefined type.

  • Use of the unreachable code check, which is enabled by default, would add tag (line, column) arguments on the dzn lts command line, making it more prone to hit the arbitrary 8191 command-line limit) when running dzn verify on a Windows desktop. Tags have been moved from the command-line to the verify pipeline; Note, the limit on Windows remains for other user input derived information communicated via the command-line.

  • Building the C++ pump using the Boost::Coroutine library works out of the box again. This was a regression introduced in 2.16.0.

  • In the C++ runtime dzn::thread::defer has been renamed to dzn::async and its definition has been moved to std-async.cc.

  • The std::async in the C++ pump has been replaced by dzn::async to allow selecting between std::async and dzn::thread::pool by either linking to std-async.cc or thread-pool.cc respectively. This allows working around the arbitrary limits in std::async observed on some Microsoft systems.

  • The C++ thread-pool no longer joins threads at destruction, instead it detaches them.

  • The well-formedness check now allows using an early return in a tail-recursive function.

  • The well-formedness check now allows statements after a non-recursive call in a recursive function.

  • A bug leading to stray verification errors was fixed for two triggers using the same imperative statement.

  • The simulator now correctly reports a queue-full error for a non-compliant component where an unbounded defer is only restricted by its interface constraint.

  • The C++ thread-pool now respects its resource dependencies by declaring members in the proper order to allow problem/error free destruction.

  • The well-formedness check now reports a guard statement used in an imperative context.

  • A bug has been fixed in the C++ code generator for a system in a namespace, using a component instance from another namespace.

  • A well-formedness check has been added to for return to be the final statement of a block.

For changes in the previous release see Dezyne release 2.17.3.

Join dezyne-devel@nongnu.org and #deyne on irc.libera.chat for discussions.

About Dezyne

Dezyne is a programming language and a set of tools to specify, validate, verify, simulate, document, and implement concurrent control software for embedded and cyber-physical systems.

The Dezyne language has formal semantics expressed in mCRL2 developed at the department of Mathematics and Computer Science of the Eindhoven University of Technology (TUE). Dezyne requires that every model is finite, deterministic and free of deadlocks, livelocks, and contract violations. This is achieved by means of the language itself as well as builtin verification through model checking. This allows the construction of complex systems by assembling independently verified components.

Dezyne is free software, it is distributed under the terms of the GNU Affero General Public Licence version 3 or later.

About Verum

Verum, the organization behind the Dezyne language, is committed to continuing to invest in the language for the benefit of all its users. Verum assists its customers and partners in solving the software challenges of today and tomorrow, by offering expert consultancy on the application of the Dezyne language and the development and use of its tools, as well as on Verum's commercial tools like Verum-Dezyne's IDE support based on the LSP (Language Server Protocol), interactive integrated graphics, interactive simulation, (custom) code generation and (custom) runtime library support.