source: doc/proposals/concurrency/concurrency.tex @ c69adb7

% requires tex packages: texlive-base texlive-latex-base tex-common texlive-humanities texlive-latex-extra texlive-fonts-recommended

% inline code �...� (copyright symbol) emacs: C-q M-)
% red highlighting �...� (registered trademark symbol) emacs: C-q M-.
% blue highlighting �...� (sharp s symbol) emacs: C-q M-_
% green highlighting �...� (cent symbol) emacs: C-q M-"
% LaTex escape �...� (section symbol) emacs: C-q M-'
% keyword escape �...� (pilcrow symbol) emacs: C-q M-^
% math escape $...$ (dollar symbol)

\documentclass[twoside,11pt]{article}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

% Latex packages used in the document.
\usepackage[T1]{fontenc}                                % allow Latin1 (extended ASCII) characters
\usepackage{textcomp}
\usepackage[latin1]{inputenc}
\usepackage{fullpage,times,comment}
\usepackage{epic,eepic}
\usepackage{upquote}                                                                    % switch curled `'" to straight
\usepackage{calc}
\usepackage{xspace}
\usepackage{graphicx}
\usepackage{tabularx}
\usepackage{glossaries}
\usepackage{varioref}                                                           % extended references
\usepackage{inconsolata}
\usepackage{listings}                                                                   % format program code
\usepackage[flushmargin]{footmisc}                                              % support label/reference in footnote
\usepackage{latexsym}                                   % \Box glyph
\usepackage{mathptmx}                                   % better math font with "times"
\usepackage[usenames]{color}
\usepackage[pagewise]{lineno}
\renewcommand{\linenumberfont}{\scriptsize\sffamily}
\input{common}                                          % bespoke macros used in the document
\usepackage[dvips,plainpages=false,pdfpagelabels,pdfpagemode=UseNone,colorlinks=true,pagebackref=true,linkcolor=blue,citecolor=blue,urlcolor=blue,pagebackref=true,breaklinks=true]{hyperref}
\usepackage{breakurl}

\renewcommand{\UrlFont}{\small\sf}

\setlength{\topmargin}{-0.45in}                                                 % move running title into header
\setlength{\headsep}{0.25in}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

% Names used in the document.

\newcommand{\Version}{1.0.0}
\newcommand{\CS}{C\raisebox{-0.9ex}{\large$^\sharp$}\xspace}

\newcommand{\Textbf}[2][red]{{\color{#1}{\textbf{#2}}}}
\newcommand{\Emph}[2][red]{{\color{#1}\textbf{\emph{#2}}}}
\newcommand{\R}[1]{\Textbf{#1}}
\newcommand{\B}[1]{{\Textbf[blue]{#1}}}
\newcommand{\G}[1]{{\Textbf[OliveGreen]{#1}}}
\newcommand{\uC}{$\mu$\CC}
\newcommand{\cit}{\textsuperscript{[Citation Needed]}\xspace}
\newcommand{\code}[1]{\lstinline{#1}}

\input{glossary}

\newsavebox{\LstBox}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\setcounter{secnumdepth}{3}                             % number subsubsections
\setcounter{tocdepth}{3}                                % subsubsections in table of contents
\makeindex

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\begin{document}
% \linenumbers

\title{Concurrency in \CFA}
\author{Thierry Delisle \\
Dept. of Computer Science, University of Waterloo, \\ Waterloo, Ontario, Canada
}

\maketitle
\section{Introduction}
This proposal provides a minimal core concurrency API that is both simple, efficient and can be reused to build "higher level" features. The simplest possible core is a thread and a lock but this low level approach is hard to master. An easier approach for users is be to support higher level construct as the basis of the concurrency in \CFA.
Indeed, for higly productive parallel programming high-level approaches are much more popular\cite{HPP:Study}. Examples are task based parallelism, message passing, implicit threading.

There are actually two problems that need to be solved in the design of the concurrency for a language. Which concurrency tools are available to the users and which parallelism tools are available. While these two concepts are often seen together, they are in fact distinct concepts that require different sorts of tools\cite{Buhr05a}. Concurrency tools need to handle mutual exclusion and synchronization while parallelism tools are more about performance, cost and ressource utilisation.

\section{Concurrency}
Several tool can be used to solve concurrency challenges. Since these challenges always appear with the use of mutable shared state, some languages and libraries simply disallow mutable shared state completely (Erlang\cite{Erlang}, Haskell\cite{Haskell}, Akka (Scala)\cit). In the paradigms, interaction between concurrent objects rely on message passing or other paradigms that often closely relate to networking concepts. However, in imperative or OO languages these approaches entail a clear distinction between concurrent and non concurrent paradigms. Which in turns mean that programmers need to learn two sets of designs patterns in order to be effective at their jobs. Approaches based on shared memory are more closely related to non-concurrent paradigms since they often rely on non-concurrent constructs like routine calls and objects. At a lower level these can be implemented as locks and atomic operations. However for productivity reasons it is desireable to have a higher-level construct to be the core concurrency paradigm\cite{HPP:Study}. This paper proposes Monitors\cit as the core concurrency construct.

Finally, an approach that is worth mentionning because it is gaining in popularity is transactionnal memory\cite{Dice10}. However, the performance and feature set is currently too restrictive to be possible to add such a paradigm to a language like C or \CC\cit, which is why it was rejected as the core paradigm for concurrency in \CFA.

\section{Monitors}
A monitor is a set of routines that ensure mutual exclusion when accessing shared state. This concept is generally associated with Object-Oriented Languages like Java\cite{Java} or \uC\cite{uC++book} but does not strictly require OOP semantics. The only requirements is to be able to declare a handle to a shared object and a set of routines that act on it :
\begin{lstlisting}
        typedef /*some monitor type*/ monitor;
        int f(monitor & m);

        int main() {
                monitor m;
                f(m);
        }
\end{lstlisting}

\subsection{Call semantics} \label{call}
The above example of monitors already displays some of their intrinsic caracteristics. Indeed, it is necessary to use pass-by-reference over pass-by-value for monitor routines. This semantics is important because since at their core, monitors are simply implicit mutual exclusion objects (locks) and copying semantics of these is ill defined. Therefore, monitors are implicitly non-copyable.

Another aspect to consider is when a monitor acquires its mutual exclusion. Indeed, a monitor may need to be passed to helper routines that do not acquire the monitor mutual exclusion on entry. Examples of this can be both generic helper routines (\code{swap}, \code{sort}, etc.) or specific helper routines like the following example :

\begin{lstlisting}
        mutex struct counter_t { /*...*/ };

        void ?{}(counter_t & mutex this);
        int ++?(counter_t & mutex this);
        void ?{}(int * this, counter_t & mutex cnt);

        bool is_zero(counter_t & nomutex this) {
                int val = this;
                return val == 0;
        }
\end{lstlisting}
*semantics of the declaration of \code{mutex struct counter_t} will be discussed in details in \ref{data}

This is an example of a monitor used as safe(ish) counter for concurrency. This API, which offers the prefix increment operator and a conversion operator to \code{int}, guarantees that reading the value (by converting it to \code{int}) and incrementing it are mutually exclusive. Note that the \code{is_zero} routine uses the \code{nomutex} keyword. Indeed, since reading the value is already atomic, there is no point in maintaining the mutual exclusion once the value is copied locally (in the variable \code{val} ).

Having both \code{mutex} and \code{nomutex} keywords could be argued to be redundant based on the meaning of a routine having neither of these keywords. If there were a meaning to routine \code{void foo(counter_t & this)} then one could argue that it should be to default to the safest option : \code{mutex}. On the other hand, the option of having routine \code{void foo(counter_t & this)} mean \code{nomutex} is unsafe by default and may easily cause subtle errors. It can be argued that this is the more "normal" behavior, \code{nomutex} effectively stating explicitly that "this routine has nothing special". An other alternative is to make one of these keywords mandatory, which would provide the same semantics but without the ambiguity of supporting routine \code{void foo(counter_t & this)}. Mandatory keywords would also have the added benefice of being more clearly self-documented but at the cost of extra typing. In the end, which solution should be picked is still up for debate. For the reminder of this proposal, the explicit approach will be used for the sake of clarity.

Regardless of which keyword is kept, it is important to establish when mutex/nomutex may be used depending on type parameters.
\begin{lstlisting}
        int f01(monitor & mutex m);
        int f02(const monitor & mutex m);
        int f03(monitor * mutex m);
        int f04(monitor * mutex * m);
        int f05(monitor ** mutex m);
        int f06(monitor[10] mutex m);
        int f07(monitor[] mutex m);
        int f08(vector(monitor) & mutex m);
        int f09(list(monitor) & mutex m);
        int f10([monitor*, int] & mutex m);
        int f11(graph(monitor*) & mutex m);
\end{lstlisting}

For the first few routines it seems to make sense to support the mutex keyword for such small variations. The difference between pointers and reference (\code{f01} vs \code{f03}) or const and non-const (\code{f01} vs \code{f02}) has no significance to mutual exclusion. It may not always make sense to acquire the monitor when extra dereferences (\code{f04}, \code{f05}) are added but it is still technically feasible and the present of the explicit mutex keywork does make it very clear of the user's intentions. Passing in a known-sized array(\code{f06}) is also technically feasible but is close to the limits. Indeed, the size of the array is not actually enforced by the compiler and if replaced by a variable-sized array (\code{f07}) or a higher-level container (\code{f08}, \code{f09}) it becomes much more complex to properly acquire all the locks needed for such a complex critical section. This implicit acquisition also poses the question of what qualifies as a container. If the mutex keyword is supported on monitors stored inside of other types it can quickly become complex and unclear which monitor should be acquired and when. The extreme example of this is \code{f11} which takes a possibly cyclic graph of pointers to monitors. With such a routine signature the intuition of which monitors will be acquired on entry is lost\cite{Chicken}. Where to draw the lines is up for debate but it seems reasonnable to consider \code{f03} as accepted and \code{f06} as rejected.

\subsection{Data semantics} \label{data}
Once the call semantics are established, the next step is to establish data semantics. Indeed, until now a monitor is used simply as a generic handle but in most cases monitors contian shared data. This data should be intrinsic to the monitor declaration to prevent any accidental use of data without its appripriate protection. For example here is a more fleshed-out version of the counter showed in \ref{call}:
\begin{lstlisting}
        mutex struct counter_t {
                int value;
        };

        void ?{}(counter_t & mutex this) {
                this.cnt = 0;
        }

        int ++?(counter_t & mutex this) {
                return ++this->value;
        }

        void ?{}(int * this, counter_t & mutex cnt) {
                *this = (int)cnt;
        }
\end{lstlisting}
\begin{tabular}{ c c }
Thread 1 & Thread 2 \\
\begin{lstlisting}
        void main(counter_t & mutex c) {
                for(;;) {
                        int count = c;
                        sout | count | endl;
                }
        }
\end{lstlisting} &\begin{lstlisting}
        void main(counter_t & mutex c) {
                for(;;) {
                        ++c;
                }
        }

\end{lstlisting}
\end{tabular}
\\


This simple counter offers an example of monitor usage. Notice how the counter is used without any explicit synchronisation and yet supports thread-safe semantics for both reading and writting. \\

These simple mutual exclusion semantics also naturally expand to multi-monitor calls.
\begin{lstlisting}
        int f(MonitorA & mutex a, MonitorB & mutex b);

        MonitorA a;
        MonitorB b;
        f(a,b);
\end{lstlisting}

This code acquires both locks before entering the critical section. In practice, writing multi-locking routines that can lead to deadlocks can be very tricky. Having language level support for such feature is therefore a significant asset for \CFA. However, as the this proposal shows, this does have significant repercussions relating to scheduling (see \ref{insched} and \ref{extsched}). The ability to acquire multiple monitors at the same time does incur a significant pitfall even without looking into scheduling. For example :
\begin{lstlisting}
        void foo(A & mutex a, B & mutex a) {
                //...
        }

        void bar(A & mutex a, B & nomutex a)
                //...
                foo(a, b);
                //...
        }

        void baz(A & nomutex a, B & mutex a)
                //...
                foo(a, b);
                //...
        }
\end{lstlisting}

TODO: dig further into monitor order aquiring

Thoughs : calls to \code{baz} and \code{bar} are definitely incompatible because they explicitly acquire locks in reverse order and therefore are explicitly asking for a deadlock. The best that can be done in this situatuin is to detect the deadlock. The case of implicit ordering is less clear because in the case of monitors the runtime system \textit{may} be smart enough to figure out that someone is waiting with explicit ordering... maybe.

\subsubsection{Internal scheduling} \label{insched}
Monitors should also be able to schedule what threads access it as a mean of synchronization. Internal scheduling is one of the simple examples of such a feature. It allows users to declare condition variables and wait for them to be signaled. Here is a simple example of such a technique :

\begin{lstlisting}
        mutex struct A {
                condition e;
        }

        void foo(A & mutex a) {
                //...
                wait(a.e);
                //...
        }

        void bar(A & mutex a) {
                signal(a.e);
        }
\end{lstlisting}

Here routine \code{foo} waits on the \code{signal} from \code{bar} before making further progress, effectively ensuring a basic ordering. This can easily be extended to multi-monitor calls by offering the same guarantee.

\begin{center}
\begin{tabular}{ c @{\hskip 0.65in} c }
Thread 1 & Thread 2 \\
\begin{lstlisting}
void foo(monitor & mutex a,
         monitor & mutex b) {
        //...
        wait(a.e);
        //...
}

foo(a, b);
\end{lstlisting} &\begin{lstlisting}
void bar(monitor & mutex a,
         monitor & mutex b) {
        signal(a.e);
}



bar(a, b);
\end{lstlisting}
\end{tabular}
\end{center}

A direct extension of the single monitor semantics would be to release all locks when waiting and transferring ownership of all locks when signalling. However, for the purpose of synchronization it may be usefull to only release some of the locks but keep others. On the technical side, partially releasing lock is feasible but from the user perspective a choice must be made for the syntax of this feature. It is possible to do without any extra syntax by relying on order of acquisition :

\begin{center}
\begin{tabular}{|c|c|c|}
Context 1 & Context 2 & Context 3 \\
\hline
\begin{lstlisting}
void foo(monitor & mutex a,
         monitor & mutex b) {
        wait(a.e);
}






foo(a,b);
\end{lstlisting} &\begin{lstlisting}
void bar(monitor & mutex a,
         monitor & nomutex b) {
        foo(a,b);
}

void foo(monitor & mutex a,
         monitor & mutex b) {
        wait(a.e);
}

bar(a, b);
\end{lstlisting} &\begin{lstlisting}
void bar(monitor & mutex a,
         monitor & nomutex b) {
        foo(a,b);
}

void baz(monitor & nomutex a,
         monitor & mutex b) {
        wait(a.e);
}

bar(a, b);
\end{lstlisting}
\end{tabular}
\end{center}

This can be interpreted in two different ways :
\begin{enumerate}
        \item \code{wait} atomically releases the monitors \underline{theoretically} acquired by the inner-most mutex routine.
        \item \code{wait} atomically releases the monitors \underline{actually} acquired by the inner-most mutex routine.
\end{enumerate}
While the difference between these two is subtle, it has a significant impact. In the first case it means that the calls to \code{foo} would behave the same in Context 1 and 2. This semantic would also mean that the call to \code{wait} in routine \code{baz} would only release \code{monitor b}. While this may seem intuitive with these examples, it does have one significant implication, it creates a strong distinction between acquiring multiple monitors in sequence and acquiring the same monitors simulatenously.

\begin{center}
\begin{tabular}{c @{\hskip 0.35in} c @{\hskip 0.35in} c}
\begin{lstlisting}
enterMonitor(a);
enterMonitor(b);
// do stuff
leaveMonitor(b);
leaveMonitor(a);
\end{lstlisting} & != &\begin{lstlisting}
enterMonitor(a);
enterMonitor(a, b);
// do stuff
leaveMonitor(a, b);
leaveMonitor(a);
\end{lstlisting}
\end{tabular}
\end{center}

This is not intuitive because even if both methods will display the same monitors state both inside and outside the critical section respectively, the behavior is different. Furthermore, the actual acquiring order will be exaclty the same since acquiring a monitor from inside its mutual exclusion is a no-op. This means that even if the data and the actual control flow are the same using both methods, the behavior of the \code{wait} will be different. The alternative is option 2, that is releasing \underline{actually} acquired monitors. This solves the issue of having the two acquiring method differ at the cost of making routine \code{foo} behave differently depending on from which context it is called (Context 1 or 2). Indeed in Context 2, routine \code{foo} will actually behave like routine \code{baz} rather than having the same behavior than in context 1. The fact that both implicit approaches can be unintuitive depending on the perspective may be a sign that the explicit approach is superior.
\\

The following examples shows three alternatives of explicit wait semantics :
\\

\begin{center}
\begin{tabular}{|c|c|c|}
Case 1 & Case 2 & Case 3 \\
Branding on construction & Explicit release list & Explicit ignore list \\
\hline
\begin{lstlisting}
void foo(monitor & mutex a,
         monitor & mutex b,
           condition & c)
{
        // Releases monitors
        // branded in ctor
        wait(c);
}

monitor a;
monitor b;
condition1 c1 = {a};
condition2 c2 = {a, b};

//Will release only a
foo(a,b,c1);

//Will release a and b
foo(a,b,c2);
\end{lstlisting} &\begin{lstlisting}
void foo(monitor & mutex a,
         monitor & mutex b,
           condition & c)
{
        // Releases monitor a
        // Holds monitor b
        waitRelease(c, [a]);
}

monitor a;
monitor b;
condition c;



foo(a,b,c);



\end{lstlisting} &\begin{lstlisting}
void foo(monitor & mutex a,
         monitor & mutex b,
           condition & c)
{
        // Releases monitor a
        // Holds monitor b
        waitHold(c, [b]);
}

monitor a;
monitor b;
condition c;



foo(a,b,c);



\end{lstlisting}
\end{tabular}
\end{center}
(Note : Case 2 and 3 use tuple semantics to pass a variable length list of elements.)
\\

All these cases have there pros and cons. Case 1 is more distinct because it means programmers need to be carefull about where the condition was initialized as well as where it is used. On the other hand, it is very clear and explicit which monitor will be released and which monitor will stay acquired. This is similar to Case 2, which releases only the monitors explictly listed. However, in Case 2, calling the \code{wait} routine instead of the \code{waitRelease} routine will release all the acquired monitor. The Case 3 is an improvement on that since it releases all the monitors except those specified. The result is that the \code{wait} routine can be written as follows :
\begin{lstlisting}
void wait(condition & cond) {
        waitHold(cond, []);
}
\end{lstlisting}
This alternative offers nice and consistent behavior between \code{wait} and \code{waitHold}. However, one large pitfall is that mutual exclusion can now be violated by calls to library code. Indeed, even if the following example seems benign there is one significant problem :
\begin{lstlisting}
extern void doStuff();

void foo(monitor & mutex m) {
        //...
        doStuff(); //warning can release monitor m
        //...
}
\end{lstlisting}

Indeed, if Case 2 or 3 are chosen it any code can violate the mutual exclusion of calling code by issuing calls to \code{wait} or \code{waitHold} in a nested monitor context. Case 2 can be salvaged by removing the \code{wait} routine from the API but Case 3 cannot prevent users from calling \code{waitHold(someCondition, [])}. For this reason the syntax proposed in Case 3 is rejected. Note that syntaxes proposed in case 1 and 2 are not exclusive. Indeed, by supporting two types of condition as follows both cases can be supported :
\begin{lstlisting}
struct condition { /*...*/ };

// Second argument is a variable length tuple.
void wait(condition & cond, [...] monitorsToRelease);
void signal(condition & cond);

struct conditionN { /*...*/ };

void ?{}(conditionN* this, /*list of N monitors to release*/);
void wait(conditionN & cond);
void signal(conditionN & cond);
\end{lstlisting}

Regardless of the option chosen for wait semantics, signal must be symmetrical. In all cases, signal only needs a single parameter, the condition variable that needs to be signalled. But \code{signal} needs to be called from the same monitor(s) than the call to \code{wait}. Otherwise, mutual exclusion cannot be properly transferred back to the waiting monitor.

Finally, an additionnal semantic which can be very usefull is the \code{signalBlock} routine. This routine behaves like signal for all of the semantics discussed above, but with the subtelty that mutual exclusion is transferred to the waiting task immediately rather than wating for the end of the critical section.

\subsection{External scheduling} \label{extsched}
As one might expect, the alternative to Internal scheduling is to use External scheduling instead. This method is somewhat more robust to deadlocks since one of the threads keeps a relatively tight control on scheduling. Indeed, as the following examples will demontrate, external scheduling allows users to wait for events from other threads without the concern of unrelated events occuring. External scheduling can generally be done either in terms of control flow (see \uC) or in terms of data (see Go). Of course, both of these paradigms have their own strenghts and weaknesses but for this project control flow semantics where chosen to stay consistent with the reset of the languages semantics. Two challenges specific to \CFA arise when trying to add external scheduling which is loose object definitions and multi-monitor routines. The following example shows what a simple use \code{accept} versus \code{wait}/\code{signal} and its advantages.

\begin{center}
\begin{tabular}{|c|c|}
Internal Scheduling & External Scheduling \\
\hline
\begin{lstlisting}
        _Monitor blarg {
                condition c;
        public:
                void f();
                void g() { signal}
                void h() { wait(c); }
        private:
        }
\end{lstlisting}&\begin{lstlisting}
        _Monitor blarg {

        public:
                void f();
                void g();
                void h() { _Accept(g); }
        private:
        }
\end{lstlisting}
\end{tabular}
\end{center}

In the case of internal scheduling, the call to \code{wait} only guarantees that \code{g} was the last routine to access the monitor. This intails that the routine \code{f} may have acquired mutual exclusion several times while routine \code{h} was waiting. On the other hand, external scheduling guarantees that while routine \code{h} was waiting, no routine other than \code{g} could acquire the monitor.

\subsubsection{Loose object definitions}
In \uC monitor definitions include an exhaustive list of monitor operations. Since \CFA is not an object oriented it becomes much more difficult to implement but also much less clear for the user :

\begin{lstlisting}
        mutex struct A {};

        void f(A & mutex a);
        void g(A & mutex a);
        void h(A & mutex a) { accept(g); }
\end{lstlisting}

While this is the direct translation of the \uC code, at the time of compiling routine \code{f} the \CFA does not already have a declaration of \code{g} while the \uC compiler does. This means that either the compiler has to dynamically find which routines are "acceptable" or the language needs a way of statically listing "acceptable" routines. Since \CFA has no existing concept that resemble dynamic routine definitions or pattern matching, the static approach seems the more consistent with the current language paradigms. This approach leads to the \uC example being translated to :
\begin{lstlisting}
        accept( void g(mutex struct A & mutex a) )
        mutex struct A {};

        void f(A & mutex a) { accept(g); }
        void g(A & mutex a);
\end{lstlisting}

This syntax is the most consistent with the language since it somewhat mimics the \code{forall} declarations. However, the fact that it comes before the struct declaration does means the type needs to be forward declared (done inline in the example). Here are a few alternatives to this syntax : \\
\begin{tabular}[t]{l l}
Alternative 1 & Alternative 2 \\
\begin{lstlisting}
mutex struct A
accept( void g(A & mutex a) )
{};
\end{lstlisting} &\begin{lstlisting}
mutex struct A {}
accept( void g(A & mutex a) );

\end{lstlisting} \\
Alternative 3 & Alternative 4 \\
\begin{lstlisting}
mutex struct A {
        accept( void g(A & mutex a) )
};

\end{lstlisting} &\begin{lstlisting}
mutex struct A {
        accept :
                void g(A & mutex a) );
};
\end{lstlisting}
\end{tabular}


An other aspect to consider is what happens if multiple overloads of the same routine are used. For the time being it is assumed that multiple overloads of the same routine should be scheduled regardless of the overload used. However, this could easily be extended in the future.

\subsubsection{Multi-monitor scheduling}

External scheduling, like internal scheduling, becomes orders of magnitude more complex when we start introducing multi-monitor syntax. Even in the simplest possible case some new semantics need to be established :
\begin{lstlisting}
        accept( void f(mutex struct A & mutex this))
        mutex struct A {};

        mutex struct B {};

        void g(A & mutex a, B & mutex b) {
                accept(f); //ambiguous, which monitor
        }
\end{lstlisting}

The obvious solution is to specify the correct monitor as follows :

\begin{lstlisting}
        accept( void f(mutex struct A & mutex this))
        mutex struct A {};

        mutex struct B {};

        void g(A & mutex a, B & mutex b) {
                accept( f, b );
        }
\end{lstlisting}

This is unambiguous. The both locks will be acquired and kept, when routine \code{f} is called the lock for monitor \code{a} will be temporarily transferred from \code{g} to \code{f} (while \code{g} still holds lock \code{b}). This behavior can be extended to multi-monitor accept statment as follows.

\begin{lstlisting}
        accept( void f(mutex struct A & mutex, mutex struct A & mutex))
        mutex struct A {};

        mutex struct B {};

        void g(A & mutex a, B & mutex b) {
                accept( f, b, a );
        }
\end{lstlisting}

Note that the set of monitors passed to the \code{accept} statement must be entirely contained in the set of monitor already acquired in the routine. \code{accept} used in any other context is Undefined Behaviour.

\subsection{Implementation Details}
\textbf{\large{Work in progress...}}
\subsubsection{Interaction with polymorphism}
At first glance, interaction between monitors and \CFA's concept of polymorphism seem complexe to support. However, it can be reasoned that entry-point locking can solve most of the issues that could be present with polymorphism.

First of all, interaction between \code{otype} polymorphism and monitors is impossible since monitors do not support copying. Therefore the main question is how to support \code{dtype} polymorphism. We must remember that monitors' main purpose is to ensure mutual exclusion when accessing shared data. This implies that mutual exclusion is only required for routines that do in fact access shared data. However, since \code{dtype} polymorphism always handle incomplete types (by definition) no \code{dtype} polymorphic routine can access shared data since the data would require knowledge about the type. Therefore the only concern when combining \code{dtype} polymorphism and monitors is to protect access to routines. With callsite-locking, this would require significant amount of work since any \code{dtype} routine could have to obtain some lock before calling a routine. However, with entry-point-locking calling a monitor routine becomes exactly the same as calling it from anywhere else.

\subsubsection{External scheduling queues}
To support multi-monitor external scheduling means that some kind of entry-queues must be used that is aware of both monitors. However, acceptable routines must be aware of the entry queues which means they most be stored inside at least one of the monitors that will be acquired. This in turn adds the requirement a systematic algorithm of disambiguating which queue is relavant regardless of user ordering. The proposed algorithm is to fall back on monitors lock ordering and specify that the monitor that is acquired first is the lock with the relevant entry queue. This assumes that the lock acquiring order is static for the lifetime of all concerned objects gut that is a reasonnable contraint. This algorithm choice has two consequences, the ofthe highest priority monitor is no longer a true FIFO queue and the queue of the lowest priority monitor is both required and probably unused. The queue can no longer be a FIFO queue because instead of simply containing the waiting threads in order arrival, they also contain the second mutex. Therefore, another thread with the same highest priority monitor but a different lowest priority monitor may arrive first but enter the critical section after a thread with the correct pairing. Secondly, since it may not be known at compile time which monitor will be the lowest priority monitor, every monitor needs to have the correct queues even though it is probably that half the multi-monitor queues will go unused for the entire duration of the program.

\subsection{Other concurrency tools}

\section{Parallelism}
Historically, computer performance was about processor speeds and instructions count. However, with heat dissipaction being an ever growing challenge, parallelism has become the new source of greatest performance \cite{Sutter05, Sutter05b}. In this decade, it is not longer reasonnable create high-performance application without caring about parallelism. Indeed, parallelism an important aspect of performance and more specifically throughput and hardware utilization. The lowest level approach parallelism is to use \glspl{kthread}. However since these have significant costs and limitations, \glspl{kthread} are now mostly used as an implementation tool rather than a user oriented one. There are several alternatives to solve these issues which all have strengths and weaknesses.

\subsection{User-level threads}
A direct improvement on the \gls{kthread} approach is to use \glspl{uthread}. These threads offer most of the same features that the operating system already provide but can be used on a much larger scale. This is the most powerfull solution as it allows all the features of multi-threading while removing several of the more expensives costs of using kernel threads. The down side is that almost none of the low-level threading complexities are hidden, users still have to think about data races, deadlocks and synchronization issues. This can be somewhat alleviated by a concurrency toolkit with strong garantees but the parallelism toolkit offers very little to reduce complexity in itself.

Examples of languages that support are Java\cite{Java}, Haskell\cite{Haskell} and \uC\cite{uC++book}.

\subsection{Jobs and thread pools}
The opposite approach is to base parallelism on \glspl{job}. Indeed, \glspl{job} offer limited flexibility but at the benefit of a simpler user interface. In \gls{job} based systems users express parallelism as units of work and the dependency graph (either explicit or implicit) that tie them together. This means users need not to worry about concurrency but significantly limits the interaction that can occur between different jobs. Indeed, any \gls{job} that blocks also blocks the underlying \gls{kthread}, this effectively mean the CPU utilization, and therefore throughput, will suffer noticeably. The golden standard of this implementation is Intel's TBB library\cite{TBB}.

\subsection{Fibers : user-level threads without preemption}
Finally, in the middle of the flexibility versus complexity spectrum lay \glspl{fiber} which offer \glspl{uthread} without the complexity of preemption. This means users don't have to worry about other \glspl{fiber} suddenly executing between two instructions which signficantly reduces complexity. However, any call to IO or other concurrency primitives can lead to context switches. Furthermore, users can also block \glspl{fiber} in the middle of their execution without blocking a full processor core. This means users still have to worry about mutual exclusion, deadlocks and race conditions in their code, raising the complexity significantly.
\cite{Go}

\subsection{Paradigm performance}
While the choice between the three paradigms listed above can have significant performance implication, it is difficult to pin the performance implications of chosing a model at the language level. Indeed, in many situations own of these paradigms will show better performance but it all depends on the usage.
Having mostly indepent units of work to execute almost guarantess that the \gls{job} based system will have the best performance. However, add interactions between jobs and the processor utilisation might suffer. User-level threads may allow maximum ressource utilisation but context switches will be more expansive and it is also harder for users to get perfect tunning. As with every example, fibers sit somewhat in the middle of the spectrum.

\section{Parallelism in \CFA}
As a system level language, \CFA should offer both performance and flexibilty as its primary goals, simplicity and user-friendliness being a secondary concern. Therefore, the core of parallelism in \CFA should prioritize power and efficiency.

\subsection{Kernel core}\label{kernel}
At the ro
\subsubsection{Threads}
\CFA threads have all the caracteristiques of

\subsection{High-level options}\label{tasks}

\subsubsection{Thread interface}
constructors destructors
        initializer lists
monitors

\subsubsection{Futures}

\subsubsection{Implicit threading}
Finally, simpler applications can benefit greatly from having implicit parallelism. That is, parallelism that does not rely on the user to write concurrency. This type of parallelism can be achieved both at the language level and at the system level.

\begin{center}
\begin{tabular}[t]{|c|c|c|}
Sequential & System Parallel & Language Parallel \\
\begin{lstlisting}
void big_sum(int* a, int* b,
                 int* out,
                 size_t length)
{
        for(int i = 0; i < length; ++i ) {
                out[i] = a[i] + b[i];
        }
}





int* a[10000];
int* b[10000];
int* c[10000];
//... fill in a and b ...
big_sum(a, b, c, 10000);
\end{lstlisting} &\begin{lstlisting}
void big_sum(int* a, int* b,
                 int* out,
                 size_t length)
{
        range ar(a, a + length);
        range br(b, b + length);
        range or(out, out + length);
        parfor( ai, bi, oi,
        [](int* ai, int* bi, int* oi) {
                oi = ai + bi;
        });
}

int* a[10000];
int* b[10000];
int* c[10000];
//... fill in a and b ...
big_sum(a, b, c, 10000);
\end{lstlisting}&\begin{lstlisting}
void big_sum(int* a, int* b,
                 int* out,
                 size_t length)
{
        for (ai, bi, oi) in (a, b, out) {
                oi = ai + bi;
        }
}





int* a[10000];
int* b[10000];
int* c[10000];
//... fill in a and b ...
big_sum(a, b, c, 10000);
\end{lstlisting}
\end{tabular}
\end{center}

\subsection{Machine setup}\label{machine}
Threads are all good and well but wee still some OS support to fully utilize available hardware.

\textbf{\large{Work in progress...}} Do wee need something beyond specifying the number of kernel threads?

\section{Future work}
Concurrency and parallelism is still a very active field that strongly benefits from hardware advances. As such certain features that aren't necessarily mature enough in their current state could become relevant in the lifetime of \CFA.
\subsection{Transactions}

\section*{Acknowledgements}

\clearpage
\printglossary

\clearpage
\bibliographystyle{plain}
\bibliography{pl,local}


\end{document}