Transwiki:Denotational semantics of the Actor model

The denotational semantics of the Actor model is the subject of denotational domain theory for Actors. The historical development of this subject is recounted in [Hewitt 2008b].

Actor fixed point semantics
The denotational theory of computational system semantics is concerned with finding mathematical objects that represent what systems do. Collections of such objects are called domains. The Actor uses the domain of event diagram scenarios. It is usual to assume some properties of the domain, such as the existence of limits of chains (see cpo) and a bottom element. Various additional properties are often reasonable and helpful: the article on domain theory has more details.

A domain is typically a partial order, which can be understood as an order of definedness. For instance, given event diagram scenarios x and y, one might let "x≤y" mean that "y extends the computations x".

The mathematical denotation denoted by a system S is found by constructing increasingly better approximations from an initial empty denotation called ⊥S using some denotation approximating function progressionS to construct a denotation (meaning ) for <tt>S</tt> as follows:
 * $$\mathbf{Denote}_{\mathtt{S}} \equiv \lim_{i \to \infty} \mathbf{progression}_{\mathtt{S}^i}(\bot_\mathtt{S})$$

It would be expected that <tt>progressionS</tt> would be monotone, i.e., if <tt>x≤y</tt> then   <tt>progressionS(x)≤progressionS(y)</tt>. More generally, we would expect that
 * If ∀$i$∈ω <tt>x</tt>$i$ ≤ <tt>x</tt>$i$+1, then $$\mathbf{progression}_\mathtt{S}(\lim_{i \to \infty} \mathtt{x}_i) = \lim_{i \to \infty} \mathbf{progression}_\mathtt{S}(\mathtt{x}_i)$$

This last stated property of <tt>progressionS</tt> is called ω-continuity.

A central question of denotational semantics is to characterize when it is possible to create denotations (meanings) according to the equation for <tt>DenoteS</tt>. A fundamental theorem of computational domain theory is that if <tt>progressionS</tt> is ω-continuous then <tt>DenoteS</tt> will exist.

It follows from the ω-continuity of <tt>progressionS</tt> that
 * <tt>progressionS(DenoteS) = DenoteS</tt>

The above equation motivates the terminology that <tt>DenoteS</tt> is a fixed point of <tt>progressionS</tt>.

Furthermore this fixed point is least among all fixed points of <tt>progressionS</tt>.

Compositionality in programming languages
An important aspect of denotational semantics of programming languages is compositionality, by which the denotation of a program is constructed from denotations of its parts. For example consider the expression "<tt><expression1> + <expression2></tt>". Compositionality in this case is to provide a meaning for "<tt><expression1> + <expression2></tt>" in terms of the meanings of <tt><expression1></tt> and <tt><expression2></tt>.

The Actor model provides a modern and very general way the compositionality of programs can be analyzed. Scott and Strachey [1971] proposed that the semantics of programming languages be reduced to the semantics of the lambda calculus and thus inherit the denotational semantics of the lambda calculus. However, it turned out that concurrent computation could not be implemented in the lambda calculus (see Indeterminacy in concurrent computation). Thus there arose the problem of how to provide modular denotational semantics for concurrent programming languages. One solution to this problem is to use the Actor model of computation. In Actor model, programs are Actors that are sent <tt>Eval</tt> messages with the address of an environment (explained below) so that programs inherit their denotational semantics from the denotational semantics of the Actor model (an idea published in Hewitt [2006]).

Environments
Environments hold the bindings of identifiers. When an environment is sent a <tt>Lookup</tt> message with the address of an identifier x, it returns the latest (lexical) binding of x.

As an example of how this works consider the lambda expression <tt><L></tt> below which implements a tree data structure when supplied with parameters for a <tt>leftSubTree</tt> and <tt>rightSubTree</tt>. When such a tree is given a parameter message <tt>"getLeft"</tt>, it return <tt>leftSubTree</tt> and likewise when given the message <tt>"getRight"</tt> it returns <tt>rightSubTree</tt>.

λ(leftSubTree, rightSubTree) λ(message) if (message == "getLeft") then leftSubTree else if (message == "getRight") then rightSubTree

Consider what happens when an expression of the form <tt>"(<L> 1 2)"</tt> is sent an <tt>Eval</tt> message with environment E. One semantics for application expressions such as this one is the following: <tt><L>, 1</tt> and <tt>2</tt> are each sent <tt>Eval</tt> messages with environment E. The integers <tt>1</tt> and <tt>2</tt> immediately reply to the <tt>Eval</tt> message with themselves.

However, <tt><L></tt> responds to the <tt>Eval</tt> message by creating a closure Actor (process) C that has an address (called body) for <tt><L></tt> and an address (called environment) for E. The Actor <tt>"(<L> 1 2)"</tt> then sends C the message [1 2].

When C receives the message [1 2], it creates a new environment Actor F which behaves as follows:
 * 1) When it receives a <tt>Lookup</tt> message for the identifier <tt>leftSubTree</tt>, it responds with <tt>1</tt>
 * 2) When it receives a <tt>Lookup</tt> message for the identifier <tt>rightSubTree</tt>, it responds with <tt>2</tt>
 * 3) When it receives a <tt>Lookup</tt> message for any other identifier, it forwards the <tt>Lookup</tt> message to E

The Actor (process) C then sends an <tt>Eval</tt> message with environment F to the following actor (process):

λ(message) if (message == "getLeft") then leftSubTree else if (message == "getRight") then rightSubTree

Arithmetic expressions
For another example consider the Actor for the expression "<tt><expression1> + <expression2></tt>" which has addresses for two other actors (processes) <tt><expression1></tt> and <tt><expression2></tt>. When the composite expression Actor (process) receives an <tt>Eval</tt> message with addresses for an environment Actor E and a customer C, it sends <tt>Eval</tt> messages to <tt><expression1></tt> and <tt><expression2></tt> with environment E and sends C a new Actor (process) C0. When C0 has received back two values N1 and N2, it sends C the value N1 <tt>+</tt> N2. In this way, the denotational semantics for process calculi and the Actor model provide a denotational semantics for "<tt><expression1> + <expression2></tt>" in terms of the semantics for <tt><expression1></tt> and <tt><expression2></tt>.

Other programming language constructs
The denotational compositional semantics presented above is very general and can be used for functional, imperative, concurrent, logic, etc. programs (see [Hewitt 2008a]). For example it easily provides denotation semantics for constructs that are difficult to formalize using other approaches such as delays and futures.

Clinger's Model
In his doctoral dissertation, Will Clinger developed the first denotation semantics for the Actor model.

The domain of Actor computations
Clinger [1981] explained the domain of Actor computations as follows:


 * The augmented Actor event diagrams [see Actor model theory] form a partially ordered set < <tt>Diagrams</tt>, <tt>≤</tt> > from which to construct the power domain <tt>P[Diagrams]</tt>  (see the section on Denotations below).  The augmented diagrams are partial computation histories representing "snapshots" [relative to some frame of reference] of a computation on its way to being completed.  For <tt>x</tt>,<tt>y</tt>∈<tt>Diagrams</tt>, <tt>x≤y</tt> means <tt>x</tt> is a stage the computation could go through on its way to <tt>y</tt>.  The completed elements of <tt>Diagrams</tt> represent computations that have terminated and nonterminating computations that have become infinite.  The completed elements may be characterized abstractly as the maximal elements of <tt>Diagrams</tt> [see William Wadge 1979].  Concretely, the completed elements are those having non pending events.  Intuitively, <tt>Diagrams</tt> is not ω-complete because there exist increasing sequences of finite partial computations


 * $$x_0 \le x_1 \le x_2 \le x_3 \le ...$$


 * in which some pending event remains pending forever while the number of realized events grows without bound, contrary to the requirement of finite [arrival] delay. Such a sequence cannot have a limit, because any limit would represent a completed nonterminating computation in which an event is still pending.


 * To repeat, the actor event diagram domain <tt>Diagrams</tt> is incomplete because of the requirement of finite arrival delay, which allows any finite delay between an event and an event it activates but rules out infinite delay.

Denotations
In his doctoral dissertation, Will Clinger explained how power domains are obtained from incomplete domains as follows:

From the article on Power domains: <tt>P[D]</tt> is the collection of downward-closed subsets of domain <tt>D</tt> that are also closed under existing least upper bounds of directed sets in <tt>D</tt>. Note that while the ordering on <tt>P[D]</tt> is given by the subset relation, least upper bounds do not in general coincide with unions.


 * For the actor event diagram domain <tt>Diagrams</tt>, an element of <tt>P[Diagrams]</tt> represents a list of possible initial histories of a computation. Since for elements <tt>x</tt> and <tt>y</tt> of <tt>Diagrams</tt>, <tt>x≤y</tt> means that <tt>x</tt> is an initial segment of the initial history <tt>y</tt>, the requirement that elements of <tt>P[Diagrams]</tt> be downward-closed has a clear basis in intuition.
 * Usually the partial order from which the power domain is constructed is required to be ω-complete. There are two reasons for this.  The first reason is that most power domains are simply generalizations of domains that have been used as semantic domains for conventional sequential programs, and such domains are all complete because of the need to compute fixed points in the sequential case.  The second reason is that ω-completeness permits the solution of recursive domain equations involving the power domain such as
 * Usually the partial order from which the power domain is constructed is required to be ω-complete. There are two reasons for this.  The first reason is that most power domains are simply generalizations of domains that have been used as semantic domains for conventional sequential programs, and such domains are all complete because of the need to compute fixed points in the sequential case.  The second reason is that ω-completeness permits the solution of recursive domain equations involving the power domain such as


 * $$R \approx S \rarr P[S + (S \times R)]$$


 * which defines a domain of resumptions [Gordon Plotkin 1976]. However, power domains can be defined for any domain whatsoever.  Furthermore the power domain of a domain is essentially the power domain of its ω-completion, so recursive equations involving the power domain of an incomplete domain can still be solved, provide the domains to which the usual constructors (+, ×, →, and *) are applied are ω-complete.  It happens that defining Actor semantics as in Clinger [1981] does not require solving any recursive equations involving the power domain.


 * In short, there is no technical impediment to building power domains from incomplete domains. But why should one want to do so?


 * In behavioral semantics, developed by Irene Greif, the meaning of program is a specification of the computations that may be performed by the program. The computations are represented formally by Actor event diagrams.  Greif specified the event diagrams by means of causal axioms governing the behaviors of individual Actors [Greif 1975].


 * Henry Baker has presented a nondeterministic interpreter generating instantaneous schedules which then map onto event diagrams. He suggested that a corresponding deterministic interpreter operating on sets of instantaneous schedules could be defined using power domain semantics [Baker 1978].


 * The semantics presented in [Clinger 1981] is a version of behavioral semantics. A program denotes a set of Actor event diagrams.  The set is defined extensionally using power domain semantics rather than intensionally using causal axioms.  The behaviors of individual Actors is defined functionally.  It is shown, however, that the resulting set of Actor event diagrams consists of exactly those diagrams that satisfy causal axioms expressing the functional behaviors of Actors.  Thus Greif's behavioral semantics is compatible with a denotational power domain semantics.


 * Baker's instantaneous schedules introduced the notion of pending events, which represent messages on the way to their targets. Each pending event must become an actual (realized) arrival event sooner or later, a requirement referred to as finite delay.  Augmenting Actor event diagrams  with sets of pending events helps to express the finite delay property, which is characteristic of true concurrency [Schwartz 1979].

Sequential computations form an ω-complete subdomain of the domain of Actor computations
In his 1981 dissertation, Clinger showed how sequential computations form a subdomain of concurrent computations:


 * Instead of beginning with a semantics for sequential programs and then trying to extend it for concurrency, Actor semantics views concurrency as primary and obtains the semantics of sequential programs as a special case.
 * The fact that there exist increasing sequences without least upper bounds may seem strange to those accustomed to thinking about the semantics of sequential programs. It may help to point out that the increasing sequences produced by sequential programs all have least upper bounds.  Indeed, the partial computations that can be produced by sequential computation form an ω-complete subdomain of the domain of Actor computations <tt>Diagrams</tt>.  An informal proof follows.
 * The fact that there exist increasing sequences without least upper bounds may seem strange to those accustomed to thinking about the semantics of sequential programs. It may help to point out that the increasing sequences produced by sequential programs all have least upper bounds.  Indeed, the partial computations that can be produced by sequential computation form an ω-complete subdomain of the domain of Actor computations <tt>Diagrams</tt>.  An informal proof follows.


 * From the Actor point of view, sequential computations are a special case of concurrent computations, distinguishable by their event diagrams. The event diagram of a sequential computation has an initial event, and no event activates more than one event.  In other words, the activation ordering of a sequential computation is linear; the event diagram is essentially a conventional execution sequence.  This means that the finite elements of <tt>Diagrams</tt>


 * $$x_0 \le x_1 \le x_2 \le x_3 \le ...$$


 * corresponding to the finite initial segments of a sequential execution sequence all have exactly one pending event, excepting the largest, completed element if the computation terminates. One property of the augmented event diagrams domain < <tt>Diagrams</tt>,  <tt>≤</tt> > is that if <tt>x≤y</tt> and <tt>x≠y</tt>, then some pending event of <tt>x</tt> is realized in <tt>y</tt>.  Since in this case each <tt>xi</tt> has at most one pending event, every pending event in the sequence becomes realized.  Hence the sequence


 * $$x_0 \le x_1 \le x_2 \le x_3 \le ...$$


 * has a least upper bound in <tt>Diagrams</tt> in accord with intuition.


 * The above proof applies to all sequential programs, even those with choice points such as guarded commands. Thus Actor semantics includes sequential programs as a special case, and agrees with conventional semantics of such programs.

The Timed Diagrams Model
Hewitt [2006b] published a new denotational semantics for Actors based on Timed Diagrams. The Timed Diagrams model stands in contrast to Clinger [1981] which constructed an ω-complete power domain from an underlying incomplete diagrammatic domain, which did not include time. The advantage of the domain Timed Diagrams model is that it is physically motivated and the resulting computations have the desired property of ω-completeness (therefore unbounded nondeterminism) which provides guarantee of service.

Domain of Timed Actor Computations
Timed Diagrams denotational semantics constructs an ω-complete computational domain for Actor computations. In the domain, for each event in an Actor computation, there is a delivery time which represents the time at which the message is delivered such that each delivery time satisfies the following conditions:
 * 1) The delivery time is a positive rational number that is not the same as the delivery time of any other message.
 * 2) The delivery time is more than a fixed δ greater than the time of its activating event. It will later turn out that the value of δ doesn't matter. In fact the value of δ can even be allowed to decrease linearly with time to accommodate Moore's Law.

The Actor event timed diagrams form a partially ordered set <TimedDiagrams, ≤>. The diagrams are partial computation histories representing "snapshots" (relative to some frame of reference) of a computation on its way to being completed. For d1,d2εTimedDiagrams, d1≤d2 means d1 is a stage the computation could go through on its way to d2 The completed elements of TimedDiagrams represent computations that have terminated and nonterminating computations that have become infinite. The completed elements may be characterized abstractly as the maximal elements of TimedDiagrams. Concretely, the completed elements are those having no pending events.

Theorem: TimedDiagrams is an ω-complete domain of Actor computations i.e.,
 * 1) If D⊆TimedDiagrams is directed, the least upper bound ⊔D exists; furthermore ⊔D obeys all the laws of Actor model theory.
 * 2) The finite elements of TimedDiagrams are countable where an element xεTimedDiagrams is finite (isolated) if and only if D⊆TimedDiagrams is directed and x≤VD, there exists dεD with x≤d. In other words, x is finite if one must go through x in order to get up to or above x via the limit process.
 * 3) Every element of TimedDiagrams is the least upper bound of a countable increasing sequence of finite elements.

Power domains

 * Definition: The domain <Power[TimedDiagrams], ⊆> is the set of possible initial histories M of a computation such that
 * M is downward-closed, i.e., if dεM, then ∀d’εTimedDiagrams d’≤d ⇒ d’εM
 * M is closed under least upper bounds of directed sets, i.e. if D⊆M is directed, then VDεM
 * Note: Although Power[TimedDiagrams] is ordered by ⊆, limits are not given by U. I.e.,
 * <tt>(∀i∈ω Mi≤Mi+1) ⇒ Ui∈ω Mi ⊆ ⊔i∈ω Mi</tt>
 * E.g., If ∀i diεTimedDiagrams and di≤di+1 and Mi= {dk | k ≤i} then
 * <tt>⊔i∈ω Mi = Ui∈ωMi U{ ⊔i∈ω di } </tt>
 * Theorem: Power [TimedDiagrams] is an ω-complete domain.

Concurrency Representation Theorem
An Actor computation can progress in many ways. Let d be a diagram with next scheduled event e and X ≡ {e’ | e ─≈→1-message e’} (see Actor model theory), Flow(d) is defined to be the set of all timed diagrams with d and extensions of d by X such that
 * 1) the arrival all of the events of X has been scheduled where
 * 2) the events of X are scheduled in all possible orderings among the scheduled future events of d
 * 3) subject to the constraint that each event in X is scheduled at least δ after e and every event in X is scheduled at least once in every δ interval after that.

(Recall that δ is the minimum amount of time to deliver a message.)

Flow(d) ≡ {d} if d is complete.

Let S be an Actor system, ProgressionS is a mapping
 * Power[TimedDiagrams]→Power[TimedDiagrams]
 * ProgressionS(M) ≡ UdεM Flow(d)

Theorem: ProgressionS is ω-continuous.


 * I.e., if ∀i Mi⊆Mi+1 then ProgressionS(⊔iεω Mi) = ⊔iεω ProgressionS(Mi)

Furthermore the least fixed point of ProgressionS is given by the Concurrency Representation Theorem as follows:
 * ⊔iεω ProgressionSi(⊥S)

where ⊥S is the initial configuration of S.

The denotation DenoteS of an Actor system S is the set of all computations of S.

Define the time abstraction of a timed diagram to be the diagram with the time annotations removed.

Representation Theorem: The denotation Denote S of an Actor system S is the time abstraction of
 * ⊔iεω ProgressionSi (⊥S)

Using the domain TimedDiagrams, which is ω-complete, is important because it provides for the direct expression of the above representation theorem for the denotations of Actor systems by directly constructing a minimal fixed point.

The criterion of continuity for the graphs of functions that Scott used to initially develop the denotational semantics of functions can be derived as a consequence of the Actor laws for computation as shown in the next section.