Changeset e6e1a12 for doc/theses


Ignore:
Timestamp:
Jul 10, 2023, 11:13:26 AM (18 months ago)
Author:
Peter A. Buhr <pabuhr@…>
Branches:
master
Children:
713905fd
Parents:
9b0c1936
Message:

more proofreading of actor chapter

File:
1 edited

Legend:

Unmodified
Added
Removed
  • doc/theses/colby_parsons_MMAth/text/actors.tex

    r9b0c1936 re6e1a12  
    555555In theory, this goal is not achievable, but practical results show the goal is virtually achieved.
    556556
    557 One important lesson learned while working on \uC actors~\cite{} and through discussions with fellow student Thierry Delisle, who examined work-stealing for user-threads in his Ph.D.~\cite{Delisle22}, is \emph{not} to aggressively steal.
     557One important lesson learned while working on \uC actors~\cite{Buhr22} and through discussions with fellow student Thierry Delisle, who examined work-stealing for user-threads in his Ph.D.~\cite{Delisle22}, is \emph{not} to aggressively steal.
    558558With reasonable workloads, being a thief should be a temporary state, \ie eventually work appears on the thief's ready-queues and it returns to normal operation.
    559559Furthermore, the act of \emph{looking} to find work is invasive (Heisenberg uncertainty principle), possibly disrupting multiple victims.
     
    563563The outline for lazy-stealing by a thief is: select a victim, scan its queues once, and return immediately if a queue is stolen.
    564564The thief then returns to normal operation and conducts a regular scan over its own queues looking for work, where stolen work is placed at the end of the scan.
    565 Hence, only one victim is affected and there is a reasonable delay between stealing events as the thief will scan its ready queue looking for its own work before potentially stealing again.
     565Hence, only one victim is affected and there is a reasonable delay between stealing events as the thief scans its ready queue looking for its own work before potentially stealing again.
    566566This lazy examination by the thief has a low perturbation cost for victims, while still finding work in a moderately loaded system.
    567567In all work-stealing algorithms, there is the pathological case where there is too little work and too many workers;
     
    584584\begin{cfa}
    585585struct work_queue {
    586         spinlock_t mutex_lock;                          $\C[2.75in]{// atomicity for queue operations}$
    587         copy_queue * owned_queue;                       $\C{// copy queue}$
    588         copy_queue * c_queue;                           $\C{// current queue}$
    589         volatile bool being_processed;          $\C{// flag to prevent concurrent processing}$
     586        spinlock_t mutex_lock;                  $\C[2.75in]{// atomicity for queue operations}$
     587        copy_queue * owned_queue;               $\C{// copy queue}$
     588        copy_queue * c_queue;                   $\C{// current queue}$
     589        volatile bool being_processed;  $\C{// flag to prevent concurrent processing}$
    590590};
    591 work_queue * mailboxes;                                 $\C{// master array of work request queues}$
    592 work_queue ** worker_queues;                    $\C{// secondary array of work queues to allow for swapping}\CRT$
     591work_queue * mailboxes;                         $\C{// master array of work request queues}$
     592work_queue ** worker_queues;            $\C{// secondary array of work queues to allow for swapping}\CRT$
    593593\end{cfa}
    594594A send inserts a request at the end of one of @mailboxes@.
    595 A steal swaps two pointers in @worker_queues@.
     595A steal swaps two pointers in \snake{worker_queues}.
    596596Conceptually, @worker_queues@ represents the ownership relation between mailboxes and workers.
    597597Given $M$ workers and $N$ mailboxes, each worker owns a contiguous $M$/$N$ block of pointers in @worker_queues@.
     
    599599To transfer ownership of a mailbox from one worker to another, a pointer from each of the workers' ranges are swapped.
    600600This structure provides near-complete separation of stealing and gulping/send operations.
    601 As such, operations can happen on @mailboxes@ independent of stealing, which avoids almost all contention between thief threads and victim threads.
     601As such, operations can happen on @mailboxes@ independent of stealing, which avoids almost all contention between thief and victim threads.
    602602
    603603\begin{figure}
     
    627627The thief then resumes normal execution and ceases being a thief.
    628628Hence, it iterates over its own worker queues because new messages may have arrived during stealing, including ones in the potentially stolen queue.
    629 Stealing is only repeated after the worker completes two consecutive iterations over its owned queues without finding work.
     629Stealing is only repeated after the worker completes two consecutive iterations over its message queues without finding work.
    630630\end{enumerate}
    631631
     
    637637temp = worker_queues[x];
    638638// preemption and steal
    639 transfer( local_queue, temp->c_queue ); // @being_processed@ set in transfer with mutual exclusion
     639transfer( local_queue, temp->c_queue );   // atomically sets being_processed
    640640\end{cfa}
    641641where @transfer@ gulps the work from @c_queue@ to the victim's @local_queue@ and leaves @c_queue@ empty, partitioning the mailbox.
     
    648648\end{enumerate}
    649649If the victim is preempted after the dereference, a thief can steal the mailbox pointer before the victim calls @transfer@.
    650 The thief then races ahead, transitions back to a victim, searches its mailboxes, finds the stolen non-empty mailbox, and gulps its queue.
     650The thief then races ahead, transitions back to a victim, searches its mailboxes, finds the stolen non-empty mailbox, and gulps this queue.
    651651The original victim now continues and gulps from the stolen mailbox pointed to by its dereference, even though the thief has logically subdivided this mailbox by gulping it.
    652652At this point, the mailbox has been subdivided a second time, and the victim and thief are possibly processing messages sent to the same actor, which violates mutual exclusion and the message-ordering guarantee.
     
    654654However, any form of locking here creates contention between thief and victim.
    655655
    656 The alternative to locking is allowing the race and resolving it lazily.
     656The alternative to locking is allowing the race and resolving it lazily (lock-free approach).
    657657% As mentioned, there is a race between a victim gulping and a thief stealing because gulping partitions a mailbox queue making it ineligible for stealing.
    658658% Furthermore, after a thief steals, there is moment when victim gulps but the queue no longer
     
    668668The flag indicates that a mailbox has been gulped (logically subdivided) by a worker and the gulped queue is being processed locally.
    669669The @being_processed@ flag is reset once the local processing is finished.
    670 If a worker, either victim or thief turned victim, attempts to gulp from a mailbox and find the @being_processed@ flag set, it does not gulp and moves on to the next mailbox in its range.
     670If a worker, either victim or thief turned victim, attempts to gulp from a mailbox and finds the @being_processed@ flag set, it does not gulp and moves onto the next mailbox in its range.
    671671This resolves the race no matter the winner.
    672672If the thief wins the race, it steals the mailbox and gulps, and the victim sees the flag set and skips gulping from the mailbox.
     
    675675There is a final case where the race occurs and is resolved with \emph{both} gulps occurring.
    676676Here, the winner of the race finishes processing the queue and resets the @being_processed@ flag.
    677 Then the loser unblocks and completes its gulp from the same mailbox and atomically sets the @being_processed@ flag.
    678 The loser is now processing messages from a temporarily shared mailbox, which is safe because the winner will ignore this mailbox if it attempts another gulp, since @being_processed@ is set.
     677Then the loser unblocks and completes its gulp from the same mailbox and atomically sets the \snake{being_processed} flag.
     678The loser is now processing messages from a temporarily shared mailbox, which is safe because the winner ignores this mailbox, if it attempts another gulp since @being_processed@ is set.
    679679The victim never attempts to gulp from the stolen mailbox again because its next cycle sees the swapped mailbox from the thief (which may or may not be empty at this point).
    680680This race is now the only source of contention between victim and thief as they both try to acquire a lock on the same queue during a transfer.
    681681However, the window for this race is extremely small, making this contention rare.
    682 In theory, if this race occurs multiple times consecutively \ie a thief steals, dereferences stolen mailbox pointer, is interrupted and stolen from, etc., this scenario can cascade across multiple workers all attempting to gulp from one mailbox.
     682In theory, if this race occurs multiple times consecutively, \ie a thief steals, dereferences a stolen mailbox pointer, is interrupted, and stolen from, etc., this scenario can cascade across multiple workers all attempting to gulp from one mailbox.
    683683The @being_processed@ flag ensures correctness even in this case, and the chance of a cascading scenario across multiple workers is even rarer.
    684 It is straightforward to count the number of missed gulps due to the @being_processed@ flag at runtime.
    685 With the exception of the repeat benchmark, the median count of missed gulps for each number of cores for all benchmarks presented in Section~\ref{s:actor_perf} is \emph{zero}.
     684
     685It is straightforward to count the number of missed gulps due to the @being_processed@ flag and this counter is added to all benchmarks presented in Section~\ref{s:actor_perf}.
     686The results show the median count of missed gulps for each experiment is \emph{zero}, except for the repeat benchmark.
    686687The repeat benchmark is an example the pathological case described earlier where there is too little work and too many workers.
    687 In the repeat benchmark one actor has the majority of the workload, and no other actor has a consistent workload which results in rampant stealing.
    688 None of the work stealing actor systems compared in this work perform well on the repeat benchmark.
    689 Hence, the claim is made that this stealing mechanism has a (probabilistically) zero-victim-cost in practice.
     688In the repeat benchmark, one actor has the majority of the workload, and no other actor has a consistent workload, which results in rampant stealing.
     689None of the work-stealing actor-systems examined in this work perform well on the repeat benchmark.
     690Hence, for all non-pathological cases, the claim is made that this stealing mechanism has a (probabilistically) zero-victim-cost in practice.
    690691
    691692\subsection{Queue Pointer Swap}\label{s:swap}
    692 Two atomically swap two pointers in @worker_queues@, a novel wait-free swap algorithm is used.
    693 The novel wait-free swap is effectively a special case of a DCAS.
    694 DCAS stands for Double Compare-And-Swap, which is a more general version of the Compare-And-Swap (CAS) atomic operation~\cite{Doherty04}.
    695 CAS compares is a read-modify-write operation available on most modern architectures which atomically compares an expected value with a memory location.
    696 If the expected value and value in memory are equal it then writes a new value into the memory location.
    697 A sample software implemention of CAS follows.
     693
     694To atomically swap the two @worker_queues@ pointers during work stealing, a novel wait-free swap-algorithm is needed.
     695The \gls{cas} is a read-modify-write instruction available on most modern architectures.
     696It atomically compares two memory locations, and if the values are equal, it writes a new value into the first memory location.
     697A software implementation of \gls{cas} is:
    698698\begin{cfa}
    699699// assume this routine executes atomically
    700 bool CAS( val * ptr, val expected, val new ) {
    701         if ( *ptr != expected )
    702                 return false;
    703         *ptr = new;
     700bool CAS( T * assn, T comp, T new ) {   // T is a basic type
     701        if ( *assn != comp ) return false;
     702        *assn = new;
    704703        return true;
    705704}
    706705\end{cfa}
    707 As shown CAS only operates on one memory location.
    708 Where CAS operates on a single memory location and some values, DCAS operates on two memory locations.
     706However, this instruction does \emph{not} swap @assn@ and @new@, which is why compare-and-swap is a misnomer.
     707If @T@ can be a double-wide address-type (128 bits on a 64-bit machine), called a \gls{dwcas}, then it is possible to swap two values, if and only if the two addresses are juxtaposed in memory.
     708\begin{cfa}
     709union Pair {
     710        struct { void * ptr1, * ptr2; };   // 64-bit pointers
     711        __int128 atom;
     712};
     713Pair pair1 = { addr1, addr2 }, pair2 = { addr2, addr1 };
     714Pair top = pair1;
     715DWCAS( top.atom, pair1.atom, pair2.atom );
     716\end{cfa}
     717However, this approach does not apply because the mailbox pointers are seldom juxtaposed.
     718
     719Only a few architectures provide a \gls{dcas}, which extends \gls{cas} to two memory locations~\cite{Doherty04}.
    709720\begin{cfa}
    710721// assume this routine executes atomically
    711 bool DCAS( val * addr1, val * addr2, val old1, val old2, val new1, val new2 ) {
    712         if ( ( *addr1 == old1 ) && ( *addr2 == old2 ) ) {
    713                 *addr1 = new1;
    714                 *addr2 = new2;
     722bool DCAS( T * assn1, T * assn2, T comp1, T comp2, T new1, T new2 ) {
     723        if ( *assn1 == comp1 && *assn2 == comp2 ) {
     724                *assn1 = new1;
     725                *assn2 = new2;
    715726                return true;
    716727        }
     
    718729}
    719730\end{cfa}
    720 The DCAS implemented in this work is special cased in two ways.
    721 First of all, a DCAS is more powerful than what is needed to swap two pointers.
    722 A double atomic swap (DAS) is all that is needed for this work.
    723 The atomic swap provided by most modern hardware requires that at least one operand is a register.
    724 A DAS would relax that restriction so that both operands of the swap could be memory locations.
    725 As such a DAS can be written in terms of the DCAS above as follows.
    726 \begin{cfa}
    727 bool DAS( val * addr1, val * addr2 ) {
    728         return DCAS( addr1, addr2, *addr1, *addr2, *addr2, *addr1 );
     731and can swap two values, where the comparisons are superfluous.
     732\begin{cfa}
     733DCAS( x, y, x, y, y, x );
     734\end{cfa}
     735A restrictive form of \gls{dcas} can be simulated using \gls{ll}/\gls{sc}~\cite{Brown13} or more expensive transactional memory the same progress property problems as LL/SC.
     736(There is waning interest in transactional memory and it seems to be fading away.)
     737
     738Similarly, very few architectures have a true memory/memory swap instruction (Motorola M68K, SPARC 32-bit).
     739The x86 XCHG instruction (and most other architectures with a similar instruction) only works between a register and memory location.
     740In this case, there is a race between loading the register and performing the swap (discussed shortly).
     741
     742Hence, a novel swap is constructed, called \gls{das}, special cased in two ways:
     743\begin{enumerate}
     744\item
     745It works on two separate memory locations, and hence, is logically the same as.
     746\begin{cfa}
     747bool DAS( T * assn1, T * assn2 ) {
     748        return DCAS( assn1, assn2, *assn1, *assn2, *assn2, *assn1 );
    729749}
    730750\end{cfa}
    731 The other special case is that the values being swapped will never null pointers.
    732 This allows the DAS implementation presented to use null pointers as intermediate values during the swap.
    733 
    734 Given the wait-free swap used is novel, it is important to show that it is correct.
    735 It is clear to show that the swap is wait-free since all thieves will fail or succeed in swapping the queues in a finite number of steps since there are no locks or looping.
    736 There is no retry mechanism in the case of a failed swap, since a failed swap either means the work was already stolen, or that work was stolen from the thief.
    737 In both cases it is apropos for a thief to give up on stealing.
    738 \CFA-style pseudocode for the queue swap is presented below.
    739 The swap uses compare-and-swap (@CAS@) which is just pseudocode for C's @__atomic_compare_exchange_n@.
    740 A pseudocode implementation of @CAS@ is also shown below.
    741 The correctness of the wait-free swap will now be discussed in detail.
    742 To first verify sequential correctness, consider the equivalent sequential swap below:
    743 
     751\item
     752The values swapped are never null pointers, so a null pointer can be used as an intermediate values during the swap.
     753\end{enumerate}
     754Figure~\ref{c:swap} shows the \CFA pseudocode for the \gls{das}.
     755In detail, a thief performs the following steps to swap two pointers:
     756\begin{enumerate}[start=0]
     757\item
     758stores local copies of the two pointers to be swapped.
     759\item
     760verifies the stored copy of the victim queue pointer, @vic_queue@, is valid.
     761If @vic_queue@ is null, then the victim queue is part of another swap so the operation fails.
     762No state has changed at this point so no fixup is needed.
     763Note, @my_queue@ can never be equal to null at this point since thieves only set their own queues pointers to null when stealing.
     764At no other point is a queue pointer set to null.
     765Since each worker owns a disjoint range of the queue array, it is impossible for @my_queue@ to be null.
     766\item
     767attempts to atomically set the thief's queue pointer to null.
     768The @CAS@ only fails if the thief's queue pointer is no longer equal to @my_queue@, which implies this thief has become a victim and its queue has been stolen.
     769At this point, the thief-turned-victim fails, and since it has not changed any state, it just returns false.
     770If the @CAS@ succeeds, the thief's queue pointer is now null.
     771Nulling the pointer is safe since only thieves look at other worker's queue ranges, and whenever thieves need to dereference a queue pointer, it is checked for null.
     772\item
     773attempts to atomically set the victim's queue pointer to @my_queue@.
     774If the @CAS@ succeeds, the victim's queue pointer has been set and the swap can no longer fail.
     775If the @CAS@ fails, the thief's queue pointer must be restored to its previous value before returning.
     776\item
     777set the thief's queue pointer to @vic_queue@ completing the swap.
     778\end{enumerate}
     779
     780\begin{figure}
     781\begin{cfa}
     782bool try_swap_queues( worker & this, uint victim_idx, uint my_idx ) with(this) {
     783        // Step 0: mailboxes is the shared array of all sharded queues
     784        work_queue * my_queue = mailboxes[my_idx];
     785        work_queue * vic_queue = mailboxes[victim_idx];
     786
     787        // Step 1 If the victim queue is 0p then they are in the process of stealing so return false
     788        // 0p is Cforall's equivalent of C++'s nullptr
     789        if ( vic_queue == 0p ) return false;
     790
     791        // Step 2 Try to set our own (thief's) queue ptr to be 0p.
     792        // If this CAS fails someone stole our (thief's) queue so return false
     793        if ( !CAS( &mailboxes[my_idx], &my_queue, 0p ) )
     794                return false;
     795
     796        // Step 3: Try to set victim queue ptr to be our (thief's) queue ptr.
     797        // If it fails someone stole the other queue, so fix up then return false
     798        if ( !CAS( &mailboxes[victim_idx], &vic_queue, my_queue ) ) {
     799                mailboxes[my_idx] = my_queue; // reset queue ptr back to prev val
     800                return false;
     801        }
     802        // Step 4: Successfully swapped.
     803        // Thief's ptr is 0p so no one will touch it
     804        // Write back without CAS is safe
     805        mailboxes[my_idx] = vic_queue;
     806        return true;
     807}
     808\end{cfa}
     809\caption{DAS Concurrent}
     810\label{c:swap}
     811\end{figure}
     812
     813\begin{theorem}
     814\gls{das} is correct in both the success and failure cases.
     815\end{theorem}
     816To verify sequential correctness, Figure~\ref{s:swap} shows a simplified \gls{das}.
     817Step 1 is missing in the sequential example since it only matters in the concurrent context.
     818By inspection, the sequential swap copies each pointer being swapped, and then the original values of each pointer are reset using the copy of the other pointer.
     819
     820\begin{figure}
    744821\begin{cfa}
    745822void swap( uint victim_idx, uint my_idx ) {
     
    755832}
    756833\end{cfa}
    757 
    758 Step 1 is missing in the sequential example since it only matters in the concurrent context presented later.
    759 By looking at the sequential swap it is easy to see that it is correct.
    760 Temporary copies of each pointer being swapped are stored, and then the original values of each pointer are set using the copy of the other pointer.
    761 
    762 \begin{cfa}
    763 
    764 bool try_swap_queues( worker & this, uint victim_idx, uint my_idx ) with(this) {
    765         // Step 0:
    766         // mailboxes is the shared array of all sharded queues
    767         work_queue * my_queue = mailboxes[my_idx];
    768         work_queue * vic_queue = mailboxes[victim_idx];
    769 
    770         // Step 1:
    771         // If the victim queue is 0p then they are in the process of stealing so return false
    772         // 0p is Cforall's equivalent of C++'s nullptr
    773         if ( vic_queue == 0p ) return false;
    774 
    775         // Step 2:
    776         // Try to set our own (thief's) queue ptr to be 0p.
    777         // If this CAS fails someone stole our (thief's) queue so return false
    778         if ( !CAS( &mailboxes[my_idx], &my_queue, 0p ) )
    779                 return false;
    780 
    781         // Step 3:
    782         // Try to set victim queue ptr to be our (thief's) queue ptr.
    783         // If it fails someone stole the other queue, so fix up then return false
    784         if ( !CAS( &mailboxes[victim_idx], &vic_queue, my_queue ) ) {
    785                 mailboxes[my_idx] = my_queue; // reset queue ptr back to prev val
    786                 return false;
    787         }
    788 
    789         // Step 4:
    790         // Successfully swapped.
    791         // Thief's ptr is 0p so no one will touch it
    792         // Write back without CAS is safe
    793         mailboxes[my_idx] = vic_queue;
    794         return true;
    795 }
    796 \end{cfa}\label{c:swap}
    797 
    798 Now consider the concurrent implementation of the swap.
    799 \begin{enumerate}[topsep=5pt,itemsep=3pt,parsep=0pt]
    800 \item
    801 Step 0 is the same as the sequential example, and the thief stores local copies of the two pointers to be swapped.
    802 \item
    803 Step 1 verifies that the stored copy of the victim queue pointer, @vic_queue@, is valid.
    804 If @vic_queue@ is equal to @0p@, then the victim queue is part of another swap so the operation fails.
    805 No state has changed at this point so no fixups are needed.
    806 Note, @my_queue@ can never be equal to @0p@ at this point since thieves only set their own queues pointers to @0p@ when stealing.
    807 At no other point will a queue pointer be set to @0p@.
    808 Since each worker owns a disjoint range of the queue array, it is impossible for @my_queue@ to be @0p@.
    809 \item
    810 Step 2 attempts to set the thief's queue pointer to @0p@ via @CAS@.
    811 The @CAS@ will only fail if the thief's queue pointer is no longer equal to @my_queue@, which implies that this thief has become a victim and its queue has been stolen.
    812 At this point the thief-turned-victim will fail and since it has not changed any state it just fails and returns false.
    813 If the @CAS@ succeeds then the thief's queue pointer will now be @0p@.
    814 Nulling the pointer is safe since only thieves look at other worker's queue ranges, and whenever thieves need to dereference a queue pointer they check for @0p@.
    815 \item
    816 Step 3 attempts to set the victim's queue pointer to be @my_queue@ via @CAS@.
    817 If the @CAS@ succeeds then the victim's queue pointer has been set and swap can no longer fail.
    818 If the @CAS@ fails then the thief's queue pointer must be restored to its previous value before returning.
    819 \item
    820 Step 4 sets the thief's queue pointer to be @vic_queue@ completing the swap.
    821 \end{enumerate}
    822 
    823 \begin{theorem}
    824 The presented swap is correct and concurrently safe in both the success and failure cases.
    825 \end{theorem}
    826 
    827 Correctness of the swap is shown through the existence of an invariant.
    828 The invariant is that when a queue pointer is set to @0p@ by a thief, then the next write to the pointer can only be performed by the same thief.
     834\caption{DAS Sequential}
     835\label{s:swap}
     836\end{figure}
     837
     838To verify concurrent correctness, it is necessary to show \gls{das} is wait-free, \ie all thieves fail or succeed in swapping the queues in a finite number of steps.
     839This property is straightforward, because there are no locks or looping.
     840As well, there is no retry mechanism in the case of a failed swap, since a failed swap either means the work is already stolen or that work is stolen from the thief.
     841In both cases, it is apropos for a thief to give up stealing.
     842
     843The proof of correctness is shown through the existence of an invariant.
     844The invariant states when a queue pointer is set to @0p@ by a thief, then the next write to the pointer can only be performed by the same thief.
    829845To show that this invariant holds, it is shown that it is true at each step of the swap.
     846\begin{itemize}
     847\item
    830848Step 0 and 1 do not write and as such they cannot invalidate the invariant of any other thieves.
    831 In step 2 a thief attempts to write @0p@ to one of their queue pointers.
     849\item
     850In step 2, a thief attempts to write @0p@ to one of their queue pointers.
    832851This queue pointer cannot be @0p@.
    833 As stated above, @my_queue@ is never equal to @0p@ since thieves will only write @0p@ to queue pointers from their own queue range and all worker's queue ranges are disjoint.
    834 As such step 2 upholds the invariant since in a failure case no write occurs, and in the success case, the value of the queue pointer is guaranteed to not be 0p.
    835 In step 3 the thief attempts to write @my_queue@ to the victim's queue pointer.
    836 If the current value of the victim's queue pointer is @0p@, then the CAS will fail since @vic_queue@ cannot be equal to @0p@ because of the check in step 1.
    837 Therefore in the success case where the @CAS@ succeeds, the value of the victim's queue pointer must not be @0p@.
    838 As such, the write will never overwrite a value of @0p@, hence the invariant is held in the @CAS@ of step 3.
    839 The write back to the thief's queue pointer that happens in the failure case of step three and in step 4 hold the invariant since they are the subsequent write to a @0p@ queue pointer and they are being set by the same thief that set the pointer to @0p@.
     852As stated above, @my_queue@ is never equal to @0p@ since thieves only write @0p@ to queue pointers from their own queue range and all worker's queue ranges are disjoint.
     853As such, step 2 upholds the invariant, since in a failure case no write occurs, and in the success case, the value of the queue pointer is guaranteed to not be 0p.
     854\item
     855In step 3, the thief attempts to write @my_queue@ to the victim's queue pointer.
     856If the current value of the victim's queue pointer is @0p@, then the CAS fails since @vic_queue@ cannot be equal to @0p@ because of the check in step 1.
     857Therefore, when the @CAS@ succeeds, the value of the victim's queue pointer must not be @0p@.
     858As such, the write never overwrites a value of @0p@, hence the invariant is held in the @CAS@ of step 3.
     859\item
     860The write back to the thief's queue pointer that happens in the failure case of step 3 and in step 4 hold the invariant since they are the subsequent write to a @0p@ queue pointer and are being set by the same thief that set the pointer to @0p@.
     861\end{itemize}
    840862
    841863Given this informal proof of invariance it can be shown that the successful swap is correct.
    842 Once a thief atomically sets their queue pointer to be @0p@ in step 2, the invariant guarantees that pointer will not change.
    843 As such, in the success case step 3 it is known that the value of the victim's queue pointer that was overwritten must be @vic_queue@ due to the use of @CAS@.
     864Once a thief atomically sets their queue pointer to be @0p@ in step 2, the invariant guarantees that that pointer does not change.
     865In the success case of step 3, it is known the value of the victim's queue-pointer, which is not overwritten, must be @vic_queue@ due to the use of @CAS@.
    844866Given that pointers all have unique memory locations, this first write of the successful swap is correct since it can only occur when the pointer has not changed.
    845 By the invariant the write back in the successful case is correct since no other worker can write to the @0p@ pointer.
    846 
    847 In the failed case the outcome is correct in steps 1 and 2 since no writes have occurred so the program state is unchanged.
    848 In the failed case of step 3 the program state is safely restored to its state it had prior to the @0p@ write in step 2, thanks to the invariant that makes the write back to the @0p@ pointer safe.
     867By the invariant, the write back in the successful case is correct since no other worker can write to the @0p@ pointer.
     868In the failed case of step 3, the outcome is correct in steps 1 and 2 since no writes have occurred so the program state is unchanged.
     869Therefore, the program state is safely restored to the state it had prior to the @0p@ write in step 2, because the invariant makes the write back to the @0p@ pointer safe.
    849870
    850871\begin{comment}
     
    957978% C_TODO: go through and use \paragraph to format to make it look nicer
    958979\subsection{Victim Selection}\label{s:victimSelect}
    959 In any work stealing algorithm thieves have some heuristic to determine which victim to choose from.
     980
     981In any work stealing algorithm, thieves use a heuristic to determine which victim to choose.
    960982Choosing this algorithm is difficult and can have implications on performance.
    961 There is no one selection heuristic that is known to be the best on all workloads.
    962 Recent work focuses on locality aware scheduling in actor systems\cite{barghi18}\cite{wolke17}.
    963 However, while locality aware scheduling provides good performance on some workloads, something as simple as randomized selection performs better on other workloads\cite{barghi18}.
    964 Since locality aware scheduling has been explored recently, this work introduces a heuristic called \textbf{longest victim} and compares it to randomized work stealing.
    965 The longest victim heuristic maintains a timestamp per executor threads that is updated every time a worker attempts to steal work.
    966 Thieves then attempt to steal from the thread with the oldest timestamp.
    967 This means that if two thieves look to steal at the same time, they likely will attempt to steal from the same victim.
    968 This does increase the chance at contention between thieves, however given that workers have multiple queues under them, often in the tens or hundreds of queues per worker it is rare for two queues to attempt so steal the same queue.
    969 Furthermore in the case they attempt to steal the same queue at least one of them is guaranteed to successfully steal the queue as shown in Theorem \ref{t:one_vic}.
    970 Additionally, the longest victim heuristic makes it very improbable that the no swap scenario presented in Theorem \ref{t:vic_cycle} manifests.
    971 Given the longest victim heuristic, for a cycle to manifest it would require all workers to attempt to steal in a short timeframe.
    972 This is the only way that more than one thief could choose another thief as a victim, since timestamps are only updated upon attempts to steal.
    973 In this case, the probability of lack of any successful swaps is a non issue, since it is likely that these steals were not important if all workers are trying to steal.
     983There is no one selection heuristic known to be best for all workloads.
     984Recent work focuses on locality aware scheduling in actor systems~\cite{barghi18,wolke17}.
     985However, while locality-aware scheduling provides good performance on some workloads, sometime randomized selection performs better on other workloads~\cite{barghi18}.
     986Since locality aware scheduling has been explored recently, this work introduces a heuristic called \Newterm{longest victim} and compares it to randomized work stealing.
     987
     988The longest-victim heuristic maintains a timestamp per executor thread that is updated every time a worker attempts to steal work.
     989\PAB{Explain the timestamp, \ie how is it formed?}
     990Thieves then attempt to steal from the worker with the oldest timestamp.
     991This heuristic means that if two thieves look to steal at the same time, they likely attempt to steal from the same victim.
     992\PAB{This idea seems counter intuitive so what is the intuition?}
     993This consequence does increase the chance at contention among thieves;
     994however, given that workers have multiple queues, often in the tens or hundreds of queues, it is rare for two thieves to attempt stealing from the same queue.
     995\PAB{Both of these theorems are commented out.}
     996Furthermore, in the case they attempt to steal the same queue, at least one of them is guaranteed to successfully steal the queue as shown in Theorem~\ref{t:one_vic}.
     997Additionally, the longest victim heuristic makes it very improbable that the no swap scenario presented in Theorem~\ref{t:vic_cycle} manifests.
     998Given the longest victim heuristic, for a cycle to manifest it requires all workers to attempt to steal in a short timeframe.
     999This scenario is the only way that more than one thief could choose another thief as a victim, since timestamps are only updated upon attempts to steal.
     1000In this case, the probability of an unsuccessful swap is rare, since it is likely these steals are not important when all workers are trying to steal.
    9741001
    9751002\section{Safety and Productivity}\label{s:SafetyProductivity}
     1003
    9761004\CFA's actor system comes with a suite of safety and productivity features.
    977 Most of these features are present in \CFA's debug mode, but are removed when code is compiled in nodebug mode.
     1005Most of these features are only present in \CFA's debug mode, and hence, have have zero-cost in nodebug mode.
    9781006The suit of features include the following.
    979 
    9801007\begin{itemize}
    981 \item Static-typed message sends.
    982 If an actor does not support receiving a given message type, the actor program is rejected at compile time, allowing unsupported messages to never be sent to actors.
    983 \item Detection of message sends to Finished/Destroyed/Deleted actors.
    984 All actors have a ticket that assigns them to a respective queue.
    985 The maximum integer value of the ticket is reserved to indicate that an actor is dead, and subsequent message sends result in an error.
    986 \item Actors made before the executor can result in undefined behaviour since an executor needs to be created beforehand so it can give out the tickets to actors.
    987 As such, this is detected and an error is printed.
    988 \item When an executor is created, the queues are handed out to executor threads in round robin order.
    989 If there are fewer queues than executor threads, then some workers will spin and never do any work.
    990 There is no reasonable use case for this behaviour so an error is printed if the number of queues is fewer than the number of executor threads.
    991 \item A warning is printed when messages are deallocated without being sent.
     1008\item Static-typed message sends:
     1009If an actor does not support receiving a given message type, the receive call is rejected at compile time, allowing unsupported messages to never be sent to an actor.
     1010
     1011\item Detection of message sends to Finished/Destroyed/Deleted actors:
     1012All actors receive a ticket from the executor at creation that assigns them to a specific mailbox queue of a worker.
     1013The maximum integer value of the ticket is reserved to indicate an actor is terminated, and assigned to an actor's ticket at termination.
     1014Any subsequent message sends to this terminated actor results in an error.
     1015
     1016\item Actors cannot be created before the executor starts:
     1017Since the executor distributes mailbox tickets, correctness implies it must be created before an actors so it can give out the tickets.
     1018
     1019\item When an executor is configured, $M >= N$.
     1020That is, each worker must receive at least one mailbox queue, otherwise the worker spins and never does any work.
     1021
     1022\item Detection of unsent messages:
     1023At program termination, a warning is printed for all deallocated messages that are not sent.
    9921024Since the @Finished@ allocation status is unused for messages, it is used internally to detect if a message has been sent.
    993 Deallocating a message without sending it could indicate to a user that they are touching freed memory later, or it could point out extra allocations that could be removed.
    994 \item Detection of messages sent but not received
    995 As discussed in Section~\ref{s:executor}, once all actors have terminated shutdown is communicated to executor threads via a status flag. Upon termination the executor threads check their queues to see if any contain messages. If they do, an error is reported. Messages being sent but not received means that their allocation action did not occur and their payload was not delivered. Missing the allocation action can lead to memory leaks and missed payloads can cause unpredictable behaviour. Detecting this can indicate a race or logic error in the user's code.
     1025Deallocating a message without sending it could indicate problems in the program design.
     1026
     1027\item Detection of messages sent but not received:
     1028As discussed in Section~\ref{s:executor}, once all actors have terminated, shutdown is communicated to the executor threads via a status flag.
     1029During termination of the executor threads, each worker checks its mailbox queues for any messages.
     1030If so, an error is reported.
     1031Messages being sent but not received means their allocation action has not occur and their payload is not delivered.
     1032Missed deallocations can lead to memory leaks and unreceived payloads can mean logic problems.
     1033% Detecting can indicate a race or logic error in the user's code.
    9961034\end{itemize}
    9971035
    998 In addition to these features, \CFA's actor system comes with a suite of statistics that can be toggled on and off.
    999 These statistics have minimal impact on the actor system's performance since they are counted on a per executor threads basis.
    1000 During shutdown of the actor system they are aggregated, ensuring that the only atomic instructions used by the statistics counting happen at shutdown.
     1036In addition to these features, the \CFA's actor system comes with a suite of statistics that can be toggled on and off when \CFA is built.
     1037These statistics have minimal impact on the actor system's performance since they are counted independently by each worker thread.
     1038During shutdown of the actor system, these counters are aggregated sequentially.
    10011039The statistics measured are as follows.
    1002 
    10031040\begin{description}
    10041041\item[\LstBasicStyle{\textbf{Actors Created}}]
    1005 Actors created.
    1006 Includes both actors made by the main and ones made by other actors.
    1007 \item[\LstBasicStyle{\textbf{Messages Sent}}]
    1008 Messages sent and received.
     1042Includes both actors made in the program main and ones made by other actors.
     1043\item[\LstBasicStyle{\textbf{Messages Sent and Received}}]
    10091044Includes termination messages send to the executor threads.
    10101045\item[\LstBasicStyle{\textbf{Gulps}}]
    1011 Gulps that occurred across the executor threads.
     1046Gulps across all worker threads.
    10121047\item[\LstBasicStyle{\textbf{Average Gulp Size}}]
    10131048Average number of messages in a gulped queue.
    10141049\item[\LstBasicStyle{\textbf{Missed gulps}}]
    1015 Occurrences where a worker missed a gulp due to the concurrent queue processing by another worker.
     1050Missed gulps due to the current queue being processed by another worker.
    10161051\item[\LstBasicStyle{\textbf{Steal attempts}}]
    1017 Worker threads attempts to steal work.
    1018 
     1052All worker thread attempts to steal work.
    10191053\item[\LstBasicStyle{\textbf{Steal failures (no candidates)}}]
    1020 Work stealing failures due to selected victim not having any non empty or non-being-processed queues.
     1054Work stealing failures due to selected victim not having any non-empty or non-being-processed queues.
    10211055\item[\LstBasicStyle{\textbf{Steal failures (failed swaps)}}]
    1022 Work stealing failures due to the two stage atomic swap failing.
     1056Work stealing failures due to the two-stage atomic-swap failing.
    10231057\item[\LstBasicStyle{\textbf{Messages stolen}}]
    1024 Aggregate of the number of messages in queues as they were stolen.
     1058Aggregate number of messages in stolen queues.
    10251059\item[\LstBasicStyle{\textbf{Average steal size}}]
    1026 Average number of messages in a stolen queue.
     1060Average number of messages across stolen queues.
    10271061\end{description}
    10281062
    1029 These statistics enable a user of \CFA's actor system to make informed choices about how to configure their executor, or how to structure their actor program.
    1030 For example, if there is a lot of messages being stolen relative to the number of messages sent, it could indicate to a user that their workload is heavily imbalanced across executor threads.
    1031 In another example, if the average gulp size is very high, it could indicate that the executor could use more queue sharding.
    1032 
    1033 Another productivity feature that is included is a group of poison-pill messages.
    1034 Poison-pill messages are common across actor systems, including Akka and ProtoActor \cite{Akka,ProtoActor}.
    1035 Poison-pill messages inform an actor to terminate.
     1063These statistics enable a user of the \CFA's actor system to make informed choices about how to configure their executor or how to structure their actor program.
     1064For example, if there are a lot of messages being stolen relative to the number of messages sent, it indicates that the workload is heavily imbalanced across executor threads.
     1065Another example is if the average gulp size is very high, it indicates the executor needs more queue sharding, \ie increase $M$.
     1066
     1067Another productivity feature is a group of \Newterm{poison-pill} messages.
     1068Poison-pill messages are common across actor systems, including Akka and ProtoActor~\cite{Akka,ProtoActor} to inform an actor to terminate.
    10361069In \CFA, due to the allocation of actors and lack of garbage collection, there needs to be a suite of poison-pills.
    10371070The messages that \CFA provides are @DeleteMsg@, @DestroyMsg@, and @FinishedMsg@.
    1038 These messages are supported on all actor types via inheritance and when sent to an actor, the actor takes the corresponding allocation action after receiving the message.
    1039 Note that any pending messages to the actor will still be sent.
    1040 It is still the user's responsibility to ensure that an actor does not receive any messages after termination.
     1071These messages are supported on all actor types via inheritance.
     1072When sent to an actor, the actor takes the corresponding allocation action after receiving the message, regardless of what the actor returns to the executor.
     1073\PAB{What does this mean? Note that any pending messages to the actor will still be sent.
     1074It is still the user's responsibility to ensure that an actor does not receive any messages after termination.}
    10411075
    10421076\section{Performance}\label{s:actor_perf}
     1077
    10431078The performance of \CFA's actor system is tested using a suite of microbenchmarks, and compared with other actor systems.
    1044 Most of the benchmarks are the same as those presented in \ref{}, with a few additions.
     1079Most of the benchmarks are the same as those presented in \cite{Buhr22}, with a few additions.
    10451080% C_TODO cite actor paper
    1046 At the time of this work the versions of the actor systems are as follows.
    1047 \CFA 1.0, \uC 7.0.0, Akka Typed 2.7.0, CAF 0.18.6, and ProtoActor-Go v0.0.0-20220528090104-f567b547ea07.
    1048 Akka Classic is omitted as Akka Typed is their newest version and seems to be the direction they are headed in.
    1049 The experiments are run on
     1081This work compares with the following actor systems: \CFA 1.0, \uC 7.0.0, Akka Typed 2.7.0, CAF 0.18.6, and ProtoActor-Go v0.0.0-20220528090104-f567b547ea07.
     1082Akka Classic is omitted as Akka Typed is their newest version and seems to be the direction they are headed.
     1083The experiments are run on two popular architectures:
    10501084\begin{list}{\arabic{enumi}.}{\usecounter{enumi}\topsep=5pt\parsep=5pt\itemsep=0pt}
    10511085\item
     
    10551089\end{list}
    10561090
    1057 The benchmarks are run on up to 48 cores.
    1058 On the Intel, when going beyond 24 cores there is the choice to either hop sockets or to use hyperthreads.
    1059 Either choice will cause a blip in performance trends, which can be seen in the following performance figures.
    1060 On the Intel the choice was made to hyperthread instead of hopping sockets for experiments with more than 24 cores.
    1061 
    1062 All benchmarks presented are run 5 times and the median is taken.
    1063 Error bars showing the 95\% confidence intervals are drawn on each point on the graphs.
     1091The benchmarks are run on 1--48 cores.
     1092On the Intel, with 24 core sockets, there is the choice to either hopping sockets or using hyperthreads on the same socket.
     1093Either choice causes a blip in performance, which is seen in the subsequent performance graphs.
     1094The choice is to use hyperthreading instead of hopping sockets for experiments with more than 24 cores.
     1095
     1096All benchmarks are run 5 times and the median is taken.
     1097Error bars showing the 95\% confidence intervals appear on each point in the graphs.
    10641098If the confidence bars are small enough, they may be obscured by the point.
    1065 In this section \uC will be compared to \CFA frequently, as the actor system in \CFA was heavily based off \uC's actor system.
    1066 As such the performance differences that arise are largely due to the contributions of this work.
     1099In this section, \uC is compared to \CFA frequently, as the actor system in \CFA is heavily based off of the \uC's actor system.
     1100As such, the performance differences that arise are largely due to the contributions of this work.
     1101Future work is to port some of the new \CFA work back to \uC.
     1102
     1103\subsection{Message Sends}
     1104
     1105Message sending is the key component of actor communication.
     1106As such, latency of a single message send is the fundamental unit of fast-path performance for an actor system.
     1107The static and dynamic microbenchmarks evaluate the average latency for a static actor/message send and a dynamic actor/message send.
     1108In the static-send benchmark, a message and actor are allocated once and then the message is sent to the same actor 100 million (100M) times.
     1109The average latency per message send is then calculated by dividing the duration by the number of sends.
     1110This benchmark evaluates the cost of message sends in the actor use case where all actors and messages are allocated ahead of time and do not need to be created dynamically during execution.
     1111The CAF static-send benchmark only sends a message 10M times to avoid extensively long run times.
     1112
     1113In the dynamic-send benchmark, the same experiment is used, but for each send, a new actor and message is allocated.
     1114This benchmark evaluates the cost of message sends in the other common actor pattern where actors and messages are created on the fly as the actor program tackles a workload of variable or unknown size.
     1115Since dynamic sends are more expensive, this benchmark repeats the actor/message creation and send 20M times (\uC, \CFA), or 2M times (Akka, CAF, ProtoActor), to give an appropriate benchmark duration.
    10671116
    10681117\begin{table}[t]
     
    10701119\setlength{\extrarowheight}{2pt}
    10711120\setlength{\tabcolsep}{5pt}
    1072 
    1073 \caption{Static Actor/Message Performance: message send, program memory}
     1121\caption{Static Actor/Message Performance: message send, program memory (lower is better)}
    10741122\label{t:StaticActorMessagePerformance}
     1123\PAB{Put uC++ beside \CFA.}
    10751124\begin{tabular}{*{5}{r|}r}
    10761125        & \multicolumn{1}{c|}{\CFA (100M)} & \multicolumn{1}{c|}{CAF (10M)} & \multicolumn{1}{c|}{Akka (100M)} & \multicolumn{1}{c|}{\uC (100M)} & \multicolumn{1}{c@{}}{ProtoActor (100M)} \\
     
    10831132\bigskip
    10841133
    1085 \caption{Dynamic Actor/Message Performance: message send, program memory}
     1134\caption{Dynamic Actor/Message Performance: message send, program memory (lower is better)}
    10861135\label{t:DynamicActorMessagePerformance}
     1136\PAB{The uC++ AMD looks high. It is 65ns in the Actor paper.}
    10871137
    10881138\begin{tabular}{*{5}{r|}r}
     
    10951145\end{table}
    10961146
    1097 \subsection{Message Sends}
    1098 Message sending is the key component of actor communication.
    1099 As such latency of a single message send is the fundamental unit of fast-path performance for an actor system.
    1100 The following two microbenchmarks evaluate the average latency for a static actor/message send and a dynamic actor/message send.
    1101 Static and dynamic refer to the allocation of the message and actor.
    1102 In the static send benchmark a message and actor are allocated once and then the message is sent to the same actor repeatedly until it has been sent 100 million (100M) times.
    1103 The average latency per message send is then calculated by dividing the duration by the number of sends.
    1104 This benchmark evaluates the cost of message sends in the actor use case where all actors and messages are allocated ahead of time and do not need to be created dynamically during execution.
    1105 The CAF static send benchmark only sends a message 10M times to avoid extensively long run times.
    1106 
    1107 In the dynamic send benchmark the same experiment is performed, with the change that with each send a new actor and message is allocated.
    1108 This evaluates the cost of message sends in the other common actor pattern where actors and message are created on the fly as the actor program tackles a workload of variable or unknown size.
    1109 Since dynamic sends are more expensive, this benchmark repeats the actor/message creation and send 20M times (\uC, \CFA), or 2M times (Akka, CAF, ProtoActor), to give an appropriate benchmark duration.
    1110 
    1111 The results from the static/dynamic send benchmarks are shown in Figures~\ref{t:StaticActorMessagePerformance} and \ref{t:DynamicActorMessagePerformance} respectively.
    1112 \CFA leads the charts in both benchmarks, largely due to the copy queue removing the majority of the envelope allocations.
    1113 Additionally, the receive of all messages sent in \CFA is statically known and is determined via a function pointer cast, which incurs a compile-time cost.
    1114 All the other systems use their virtual system to find the correct behaviour at message send.
    1115 This requires two virtual dispatch operations, which is an additional runtime send cost that \CFA does not have.
    1116 Note that Akka also statically checks message sends, but still uses their virtual system at runtime.
    1117 In the static send benchmark all systems except CAF have static send costs that are in the same ballpark, only varying by ~70ns.
    1118 In the dynamic send benchmark all systems experience slower message sends, as expected due to the extra allocations.
    1119 However, Akka and ProtoActor, slow down by a more significant margin than the \uC and \CFA.
    1120 This is likely a result of Akka and ProtoActor's garbage collection, which can suffer from hits in performance for allocation heavy workloads, whereas \uC and \CFA have explicit allocation/deallocation.
     1147The results from the static/dynamic-send benchmarks are shown in Tables~\ref{t:StaticActorMessagePerformance} and \ref{t:DynamicActorMessagePerformance}, respectively.
     1148\CFA has the best results in both benchmarks, largely due to the copy queue removing the majority of the envelope allocations.
     1149Additionally, the receive of all messages sent in \CFA is statically known and is determined via a function pointer cast, which incurs no runtime cost.
     1150All the other systems use virtual dispatch to find the correct behaviour at message send.
     1151This operation actually requires two virtual dispatches, which is an additional runtime send cost.
     1152Note that Akka also statically checks message sends, but still uses the Java virtual system.
     1153In the static-send benchmark, all systems except CAF have static send costs that are in the same ballpark, only varying by ~70ns.
     1154In the dynamic-send benchmark, all systems experience slower message sends, due to the memory allocations.
     1155However, Akka and ProtoActor, slow down by two-orders of magnitude.
     1156This difference is likely a result of Akka and ProtoActor's garbage collection, which results in performance delays for allocation-heavy workloads, whereas \uC and \CFA have explicit allocation/deallocation.
     1157Tuning the garage collection might reduce garbage-collection cost, but this exercise is beyond the scope of this work.
    11211158
    11221159\subsection{Work Stealing}
    1123 \CFA's actor system has a work stealing mechanism which uses the longest victim heuristic, introduced in Section~ref{s:victimSelect}.
    1124 In this performance section, \CFA with the longest victim heuristic is compared with other actor systems on the benchmark suite, and is separately compared with vanilla non-stealing \CFA and \CFA with randomized work stealing.
    1125 
    1126 \begin{figure}
    1127         \centering
    1128         \subfloat[AMD \CFA Balance-One Benchmark]{
    1129                 \resizebox{0.5\textwidth}{!}{\input{figures/nasusCFABalance-One.pgf}}
    1130                 \label{f:BalanceOneAMD}
    1131         }
    1132         \subfloat[Intel \CFA Balance-One Benchmark]{
    1133                 \resizebox{0.5\textwidth}{!}{\input{figures/pykeCFABalance-One.pgf}}
    1134                 \label{f:BalanceOneIntel}
    1135         }
    1136         \caption{The balance-one benchmark comparing stealing heuristics (lower is better).}
    1137 \end{figure}
    1138 
    1139 \begin{figure}
    1140         \centering
    1141         \subfloat[AMD \CFA Balance-Multi Benchmark]{
    1142                 \resizebox{0.5\textwidth}{!}{\input{figures/nasusCFABalance-Multi.pgf}}
    1143                 \label{f:BalanceMultiAMD}
    1144         }
    1145         \subfloat[Intel \CFA Balance-Multi Benchmark]{
    1146                 \resizebox{0.5\textwidth}{!}{\input{figures/pykeCFABalance-Multi.pgf}}
    1147                 \label{f:BalanceMultiIntel}
    1148         }
    1149         \caption{The balance-multi benchmark comparing stealing heuristics (lower is better).}
    1150 \end{figure}
    1151 
    1152 There are two benchmarks in which \CFA's work stealing is solely evaluated.
    1153 The main goal of introducing work stealing to \CFA's actor system is to eliminate the pathological unbalanced cases that can present themselves in a system without some form of load balancing.
    1154 The following two microbenchmarks construct two such pathological cases, and compare the work stealing variations of \CFA.
    1155 The balance benchmarks adversarially takes advantage of the round robin assignment of actors to load all actors that will do work on specific cores and create 'dummy' actors that terminate after a single message send on all other cores.
     1160
     1161\CFA's work stealing mechanism uses the longest-victim heuristic, introduced in Section~\ref{s:victimSelect}.
     1162In this performance section, \CFA's approach is first tested in isolation on pathological unbalanced benchmarks, then with other actor systems on general benchmarks.
     1163
     1164Two pathological unbalanced cases are created, and compared using vanilla and randomized work stealing in \CFA.
     1165These benchmarks adversarially takes advantage of the round-robin assignment of actors to workers by loading the receive actors on even cores and the send actors on the odd cores.
    11561166The workload on the loaded cores is the same as the executor benchmark described in \ref{s:executorPerf}, but with fewer rounds.
     1167
    11571168The balance-one benchmark loads all the work on a single core, whereas the balance-multi loads all the work on half the cores (every other core).
    11581169Given this layout, one expects the ideal speedup of work stealing in the balance-one case to be $N / N - 1$ where $N$ is the number of threads.
     
    11611172In the balance-multi experiment, the workload increases with the number of cores so an increasing or constant runtime is expected.
    11621173
     1174\begin{figure}
     1175        \centering
     1176        \subfloat[AMD \CFA Balance-One Benchmark]{
     1177                \resizebox{0.5\textwidth}{!}{\input{figures/nasusCFABalance-One.pgf}}
     1178                \label{f:BalanceOneAMD}
     1179        }
     1180        \subfloat[Intel \CFA Balance-One Benchmark]{
     1181                \resizebox{0.5\textwidth}{!}{\input{figures/pykeCFABalance-One.pgf}}
     1182                \label{f:BalanceOneIntel}
     1183        }
     1184        \caption{The balance-one benchmark comparing stealing heuristics (lower is better).}
     1185\end{figure}
     1186
     1187\begin{figure}
     1188        \centering
     1189        \subfloat[AMD \CFA Balance-Multi Benchmark]{
     1190                \resizebox{0.5\textwidth}{!}{\input{figures/nasusCFABalance-Multi.pgf}}
     1191                \label{f:BalanceMultiAMD}
     1192        }
     1193        \subfloat[Intel \CFA Balance-Multi Benchmark]{
     1194                \resizebox{0.5\textwidth}{!}{\input{figures/pykeCFABalance-Multi.pgf}}
     1195                \label{f:BalanceMultiIntel}
     1196        }
     1197        \caption{The balance-multi benchmark comparing stealing heuristics (lower is better).}
     1198\end{figure}
     1199
    11631200On both balance microbenchmarks slightly less than ideal speedup compared to the non stealing variation is achieved by both the random and longest victim stealing heuristics.
    11641201On the balance-multi benchmark \ref{f:BalanceMultiAMD},\ref{f:BalanceMultiIntel} the random heuristic outperforms the longest victim.
     
    11711208
    11721209\subsection{Executor}\label{s:executorPerf}
     1210
    11731211The microbenchmarks in this section are designed to stress the executor.
    11741212The executor is the scheduler of an actor system and is responsible for organizing the interaction of executor threads to service the needs of a workload.
    1175 In the executor benchmark, 40'000 actors are created and assigned a group.
    1176 Each group of actors is a group of 100 actors who send and receive 100 messages from all other actors in their group.
     1213In the executor benchmark, 40,000 actors are created and each actor is placed into a group of 100, who send and receive 100 messages to/from each actors in their group.
    11771214Each time an actor completes all their sends and receives, they are done a round.
    11781215After all groups have completed 400 rounds the system terminates.
Note: See TracChangeset for help on using the changeset viewer.