This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
r (y + + zz = - x) x) V V (x (x ::; kk jo, x) and letting the k-th bit and letting the k-th k-th bit bit of of at ae equal equal the the k-th bit of of Entry(io, Entry(io, jo, x).. The (rt) is The whole whole point point of of using using (~) is to to give give aa sufficiently sufficiently succinct succinct encoding encoding of of (il) (~).. Of Of course, course, the the fact fact that that the the encoding encoding is is sufficiently sufficiently succinct succinct also also needs needs to to be be provable provable in G6del number 0* , 1*, in 1.6.0 IA0., It It is is easily easily checked checked that that the the Ghdel number of of the the sequence sequence ((0", 1 " , .. .. .., , x*) x*) uses bits; this uses exactly exactly 6x 6x - 2Numones(x) 2Numones(x) + + 22 many many bits; this is is proved proved by by first first showing showing that that there there are are 2x 2 x -- Numones(x) gumones(x) bits bits in in the the numbers numbers in in the the sequence, sequence, i.e., i.e., L ~i~0 1i*]I = = �=o W commas, and noting that 2x 2x - Numones(x) Numones(x), , and and second second noting noting that that there there are are x x+ + 11 commas, and noting that each each bit bit and and comma comma is is encoded encoded by by two two bits bits in in the the G6del Ghdel number. number. Furthermore, Furthermore, when when xx = = Iyl ]Yl for for some some yy,, 1.6.0 IA0 can can prove prove this this fact, fact, using using LenNumones LenNumones in in place place of of Numones. Numones. We We are are now now able able to to E ~l-define the function function Numones(x) Numones(x) equal equal to to the the number number of of l -define the x. This 1l's's in in the the binary binary representation representation of of x. This is is done done by by defining defining the the sequence sequence
uu
= =
k* ,, aa~), ) * , a�' _ I ) , . . . , ((0,0, a�)) ((k* ( (kk -- 11)*, (( �) , ((
such I , ao 0, and such that that k k= - Ix Ix[, a0 = = 0, and each each ai ai+l is equal equal to to ai ai + + Bit( Bit(i,i, x) x).. By By the the consider consider+ ! is ations ations in in the the previous previous paragraph, paragraph, 1.6. IA00 can can prove prove that that this this sequence sequence is is bounded bounded by by aa term term involving involving only only x x;; also, also, 1.6.0 IA0 can can compute compute the the values values of of 0, 0 , .. .. .., , kk from from 0* 0 ",, .. .. .., , k* k* and and therefore therefore can can compute compute the the values values of of ai ai as as aa function function of of ii and and u u.. (0) (o) Sequence Sequence coding. coding. Once Once we we have have the the Numones Numones function, function, it it is is an an easy easy matter matter ned so to to define define the the G6del Ghdel/3f3 function function by by counting counting commas. commas. The The/3f3 function function is is defi defined so that f3(m, x) that/3(m, x) = = am am provided provided x x is is the the G6del Ghdel number number of of aa sequence sequence ((al a l ,, ." . .", ak a~)) with with m m :::; _ k k.. It It is is also also useful useful to to define define the the length length function function Len(x) Len(x) which which equals equals kk when when xx is is as as above. above. These These are are defined defined easily easily in in terms terms of of the the Numones Numones function: function: the the value value f3( m, x) fl(m, x) equals equals Entry( Entry(i,i, j, j, x) x) where where there there are are m m -- 11 commas commas encoded encoded in in x x to to the the left left coded by of of bit bit ii;; and and Len(x) Len(x) equals equals the the number number commas commas coded by x x.. Once Once sequence sequence encoding encoding has has been been achieved, achieved, the the rest rest of of the the bootstrapping bootstrapping process process is is fairly fairly straightforward. straightforward. The The next next stage stage in in bootstrapping bootstrapping is is to to arithmetize arithmetize meta metamathematics, mathematics, and and this this is is postponed postponed until until section section 22 below. below. Stronger Stronger theories, theories, such such as as IE define all all primitive recursive functions: this is .2.10. /511, can define primitive recursive functions" this is discussed discussed in in section section 11.2.10. I , can 1.2.9. 1.2.9. Relationships R e l a t i o n s h i p s amongst a m o n g s t the t h e axioms a x i o m s of of PA PA
We are We are now now ready ready to to sketch sketch the the proofs proofs of of the the relationships relationships between between the the various various fragments fragments of of Peano Peano arithmetic arithmetic pictured pictured in in paragraph paragraph 1.2.4 1.2.4 above. above. Theorem. T h e o r e m . Let Let nn 2: > OO.. ((a) a) BrIn BII. F ~ BEn+ B~.+~. !' (b) (]9) IEn+ /~n-l-1! F~ BEn+ BEn+I. !. ((c) c) If A(x, 'Iii) Ee r.. En and tt is a. term, then th n B�n Br.. can prove that that (' 00,, (c) may assume assume without without loss loss of of generality generality that there is is only only one (unbounded) existential existential may that there one (unbounded) quantifier quantifier at at the the front front of of A A,, so so A A is is (3y)B with with B B E Il IIn_x. Then (Vx � (0) r and that that 4>(a) r D r4>(a + + 11)) for for all all aa < < u u.. The The induction induction hypothesis hypothesis that that .IT:n /En F ~ B�n B~n together together with with part part (c) (c) implies implies that that the the u) (3y r is is equivalent equivalent - 1 -formula and -formula. Therefore, to to aa �n ~-formula. Therefore, by by induction induction on on 4>, r r4>( u) holds; holds; this this is is what what we we needed needed to to show. show. D [] With theorem, the relationships between With the the aid aid of of the the above above theorem, the other other relationships between fragments fragments of of Peano Peano arithmetic arithmetic are are relatively relatively easy easy to to prove. prove. To To prove prove that that .IT: /~nn implies implies Il IIn-IND, n-IND, let formula and let A(x) be be aa Iln Hn formula and argue argue informally informally inside inside .IT:n /En assuming assuming A(O) A(0) and and (Vx) (A(x) :::> (Vx)(A(x) ~ A(x + 1)) 1)).. Letting Letting aa be be arbitrary, arbitrary, and and letting letting B(x) be be the the formula formula ...,~A(aA (a � x) B (a) and B(x) :::> B (O) , x),, one one has has ..., -~S(a) and S(x) D B(x + 11).) . Thus, Thus, by by induction, induction, ..., ~S(0), and Since aa was and this this is is equivalent equivalent to to A(a) A(a).. Since was arbitrary, arbitrary, (Vx)A(x) follows. follows. A A similar similar mn implies argument argument shows shows that that/IIn implies �n-IND. En-IND. To -MIN axioms To show show that that the the �n En-MIN axioms are are consequences consequences of o f /.IT:n E n , , note note that that by by the the argument .2 . 6 above, argument given given at at the the end end of of section section 11.2.6 above, the the minimization minimization axiom axiom for for A(x) follows A (x) with follows from from induction induction on on the the formula formula (Vx � > 00 (see (see Bennett [1962] and and Nepomnja~ii [1970]).. 11.3.3. .3.3. The The theories theories S� S~ and and TJ T~ of of bounded b o u n d e d arithmetic arithmetic The The second second approach approach to to theories theories of of bounded bounded arithmetic arithmetic is is due due to to Buss Buss [1986] [1986] and and gives gives aa (conjectured) (conjectured) hierarchy hierarchy of of fragments fragments of of I�o IA0 + + 0 ~1, which are are very very closely closely 1 , which related related to to the the computational computational complexity complexity classes classes of of the the polynomial polynomial time time hierarchy. hierarchy. and TJ These fragments, These fragments, S� S~ and T~ and and others, others, use use the the language language 00,, S S,, + + ,,. ,. , # # , , lx Ixl, L 89J , i , L�x Ixl - lyl . and � _;; where where the the ## function function (pronounced 'smash')' ) is is defined defined so so that that x#y x#y = - 2 21xl.lyl. and (pronounced 'smash The # # function function was was first first introduced by Nelson Nelson [1986], [1986], and and it it is is evident evident that that the the # # The introduced by function function has has essentially essentially the the same same growth growth rate rate as as the the W wl-function. I -function. The The second second difference difference between between the the S� S~ and and the the T� T~ theories theories and and the the I�o IA0 + + 01 ~1 approach approach is is that that the the former former theories theories are are based based on on restricting restricting the the power power of of induction; induction; firstly firstly by by further further restricting restricting the the formulas formulas for for which which induction induction holds, holds, and and secondly secondly by by using using (apparently) (apparently) weaker weaker forms forms of of induction. induction. It It is is for for this this reason reason that that the the functions functions and L~xJ 1 are L�xj non-logical language, are included included in in the the non-logical language, since since they they are are needed needed to to Ixl and elegantly elegantly state state the the axioms axioms of of the the theories theories S� S~ and and TJ T~.. Before Before defining defining the the theories theories S� S~ and and T4 T~,, we we define define the the classes classes �� E~ and and rr� II~ of of formulas, formulas, which which are are defined defined by by counting counting alternations alternations of of bounded bounded quantifiers, quantifiers, ignoring ignoring sharply sharply bounded bounded quantifiers. quantifiers. (Bounded (Bounded and and sharply sharply bounded bounded quantifiers quantifiers are are defined defined in in section section 11 above.) above.) Definition. Definition. The The set set � A~g = = �g 2~ = = rrg H~ is is equal equal to to the the set set of of formulas formulas in in which which all all quantifiers bounded. For quantifiers are are sharply sharply bounded. For ii 2:: _ 11,, the the sets sets �� ~ and and rr� II~ are are inductively inductively defined defined by by the the following following conditions: conditions:
s. Buss S.
100 100
(a) (a) If If A A and and BB are are E~-formulas, E� -formulas, then then so so are are A AV V BB and and A A At\ B. B . If If A A isis aa II~ Il� formula formula and ~A E�-formula, then then A are E~-formulas. E�-formulas. and BB isis aa E~-formula, and A D:::> BB and ...,A are A isis aa II~_l-formula, IlL -formula, then then A A isis aa E~-formula. E� -formula. (b) If If A (b) A isis aa E~-formula E�-formula and and tt isis aa term, term, then then (Vx ("Ix oT~. Section 11.3.5 shows that that S2 $2 and and T2 T2 are are the the same same i i ;:::o T4 . Section theory. theory. 11.3.3.2. .3.3.2. Bootstrapping -definable functions. The Bootstrapping and I:t E~-definable functions. The bootstrapping bootstrapping of Si S 1 and and Ti T21 is is analogous analogous to to the the bootstrapping bootstrapping of of 1.600 IA0 as as described described in in sections sections of 1.2.6-1.2.8 1.2.6-1.2.8 above. above. There There is is now now the the additional additional difficulty difficulty that that the the induction induction axioms axioms are restricted; but other hand, language of are more more severely severely restricted; but on on the the other hand, the the language of S� S~ and and T4 T~ is is richer richer since since it it contains contains the the function function symbol symbol Ixl Ixl and and its its BASIC BASIC axioms axioms and and this this x essentially trivial, makes nition of makes the the defi definition of the the graph graph of of yy = -- 22x essentially trivial, and and thereby thereby helps helps with with defining Ghdel G6del numbering defining numbering of of sequences. sequences. The The most most outstanding outstanding difference difference between between the the bootstrapping of bootstrapping of bootstrapping of Si S~ and and Ti T~ and and the the above above bootstrapping of 1.600 IA0 is is that that quantifiers quantifiers are counted; namely, could use predicates and are more more carefully carefully counted; namely, whereas whereas 1.600 IA0 could use .6oo-defined Ao-defined predicates and -defined predicates I:l -defined functions, El-defined functions, the the theories theories Si S~ and and Ti T~ can can introduce introduce .6ot A~-defined predicates and I:t E~-defined functions. Accordingly, Accordingly, we we make make the the following following important important definitions: definitions: and -defined functions. Definition. -defined by Definition. A A predicate predicate symbol symbol R(x) R(Z) is is .6o� A~-defined by aa theory theory T T if if there there is is aa and such I:�-formula E~-formula _ TTheorem. h e o r e m . (Buss Every O~ Of function function isis E~-definable I:t -definable in in S~. S� . ( a) Every (a) Every A~ �f predicate predicate isis A~-definable �� -definable in in S~. S� . ( b) Every (b) Proof. The The proof proof proceeds proceeds by by induction induction on on i.i . The The base base case case has has already already been been done done Proof. 1.3.4.1. Part Part (b) ( b) isis implied implied by by (a), (a) , so so itit suffices suffices to to prove prove (a). ( a) . To To prove prove the the as Theorem Theorem 1.3.4.1. as inductive step, step, we we must must show show the the following following three three things things (and ( and show show they they are are provable provable inductive S� ) : in S~): in then the the characteristic characteristic function function X x(x OPf_ I -function, then (1) ( ~ , yy)) i s is aa 0,_l-function, ( ~)) o of f (1) If If ff(x, (3y To prove prove this, this, we we have have by by the the inducinduc ::; t(2))(f(2, t(x)) ( J (x, yy)) -= 0) 0) isis E~-definable. I:t -definable. To (3y 11), then the the polynomial time hierarchy hierarchy collapses Krajicek, Pudlak collapses provably provably in in T T22 (see (see Kraji~ek, Pudl~k and and Takeuti Takeuti [1991] [1991],' Buss Buss [1995], [1995], Zambella Zambella [1996], [1996], and and section section 3.3.2) 3.3.2).. This This means means that that the the hierarchy hierarchy of of theories theories of of bounded bounded arithmetic arithmetic collapses collapses if if and and only only if if the the polynomial polynomial time time hierarchy hierarchy collapses collapses S S2-provably. 2 -provably. 1.3.7. 1.3.7. The T h e theories theories PVi PVi
l and S� Since T� T~--t and S~ can can �r-defi E~-define the Of 0~ functions, functions, it it is is often often convenient convenient to to Since ne the conservatively conservatively extend extend the the language language of of bounded bounded arithmetic arithmetic with with symbols symbols for for these these l ( Of) and functions. Accordingly, Accordingly, we we define define T�T~-t(0~) and S�( S~(0~) to be be the the (conservative) (conservative) Of) to functions. l extensions containing symbols -functions extensions of of T� T~--t and and S� S~ to to the the language language containing symbols for for the the Of 0~-functions ( Of) has with their their � E~-defining equations as as new new axioms. axioms. For For i == 11,, the the theory theory Tf TO(0~) has � -defining equations with to to be be defined defined slightly slightly differently, differently, since since Tf T~ does does not not have have sufficient sufficient bootstrapping bootstrapping power to to �� E~-define the polynomial polynomial time time functions. functions. Instead, Instead, Tf TO(0~) is defined defined to to power -define the ( On is have first-order first-order language language consisting consisting of of symbols symbols for for all all polynomial polynomial time time functions functions and and have (2) axioms predicates, predicates, and and to to have have as as axioms axioms (1) (1) the the BASIC B A S I C axioms, axioms, (2) axioms that that define define the the non-logical non-logical symbols symbols in in the the spirit spirit of of Cobham Cobham's' s definition definition of of the the polynomial polynomial time time and and (3) (3) IND IND for for all all sharply sharply bounded bounded (equivalently, (equivalently, all all atomic) atomic) formulas.7 formulas. ~ l ( Of) and Of) since, One with T�One must must be be careful careful when when working working with T~-I(0~) and S�( S~(0~) since, for for i > > 11,, the the functions functions symbols symbols for for Of []~ cannot cannot be be used used freely freely in in induction induction axioms axioms (modulo (modulo some some open open questions). questions). l ( Of) is Since PVi instead. Since the the notation notation T�T~-I(0~) is so so atrocious, atrocious, it it is is sometimes sometimes denoted denoted PVi instead. PVi can Krajicek, Krajfhek, Pudlak Pudls and and Takeuti Takeuti [1991] [1991] prove prove that that PVi can be be axiomatized axiomatized by by purely purely universal universal axioms: axioms: to to see see the the main main idea idea of of the the universal universal axiomatization, axiomatization, note note that that if if A A is PVi proves is b.� A~,, then then PVi proves A A is is equivalent equivalent to to aa quantifier-free quantifier-free formula formula via via Skolemization Skolemization and and thus thus induction induction on on A(x, A(x, C) ~, , can can be be obtained obtained from from the the universal universal formula formula
A (t, c-')) A (JA (t, C), C)) J ((V~(Vt)[A(0, ~ 1\ A ..., ~A(t, D A( A(fA(t, ~ = 1, 1, C) c--)1\ A ..., -~A(fA(t, ~, C)] ~] JA (t, C) \iC) (Vt)[A(O, C) -'-
where where fA fA is is computed computed by by aa binary binary search search procedure procedure which which asks asks b.f A~ queries queries to to find find A(b 1, C) aa value is true A(b, C) value bb for for which which A ( b - 1, ~ is true and and A(b, c-*)is is false. false. Of Of course, course, this this f f is is aa Of -function and the language 0~-function and therefore therefore is is aa symbol symbol in in the language of of PVi. PVi. -
1.3.8. 1.3.8. More M o r e axiomatizations a x i o m a t i z a t i o n s of of bounded b o u n d e d arithmetic arithmetic
For -definable, For any any theory theory T T in in which which the the Gi:idel Ghdel (J fl function function is is present present or or is is �� E~-definable, in in particular, particular, for for any any theory theory T T 2 _DSJ S 1 ,, there there are are two two further further possible possible axiomatizations axiomatizations that bounded arithmetic: that are are useful useful for for bounded arithmetic: 7The 7The original original definition definition of a theory of this this type was was the definition definition of equational equational theory PV
of polynomial On can also polynomial time time functions functions by Cook Cook [1975). [1975]. T�( TO(D~) also be defined defined as as the conservative conservative extension extension of PV to first-order first-order logic. logic.
109 109
Proof Theory of Arithmetic
Definition. -replacement axioms Definition. Let Let cp (I) be be aa set set of of formulas. formulas. The The cP (I)-replacement axioms are are the the formulas formulas
s \ ) ( :Jyy :S (x + w) :S t) ((w (A(x, (3 (x + < IIsl)( < t)A(x, t)A(x, y) y) � D (:Jw)( (3w)(Vx ~ Isl) Isl)(A(x, Z(x + 1, w)) w)) 1\ A (3 ~(x + 1, 1, w) _ t) \:Ix :S \:Ix :S for semi) terms ss and for all all formulas formulas A A E cP (I) and and all all appropriate appropriate ((semi)terms and tt.. As As usual usual A A may may have other free have other free variables variables in in addition addition to to x x that that serve serve as as parameters. parameters. -replacement axioms The The strong strong cP O-replacement axioms are are similarly similarly defined defined to to be be the the formulas formulas (3w)(V~ :S _ 11,, and and over over the base theory $21). Figure 11 shows shows these these and and other other for ii � the base theory Si ). Figure axioms relationships among among the the axiomatizations of bounded arithmetic. relationships axiomatizations of bounded arithmetic. 1.4. Sequent Sequent calculus calculus formulations formulations of of arithmetic arithmetic 1.4.
This This section section discusses discusses the the proof proof theory theory of of theories theories of of arithmetic arithmetic in in the the setting setting of of the the sequent sequent calculus: calculus: this this will will be be an an essential essential tool tool for for our our analysis analysis of of the the proof-theoretic proof-theoretic strengths strengths of of fragments fragments of of arithmetic arithmetic and and of of their their interrelationships. interrelationships. The The sequent sequent calculus calculus used used for for arithmetic arithmetic is is based based on on the the system system LKe LK~ described described in in be enlarged Chapter Chapter II of of this this volume; volume; LKe LK~ will will be enlarged with with additional additional rules rules of of inference inference for bounded arithmetic, arithmetic, LKe is for induction, induction, minimization, minimization, etc., etc., and and for for theories theories of of bounded is enlarged include inference bounded quantifiers. enlarged to to include inference rules rules for for bounded quantifiers. 1.4.1. Definition. LKB ((or or LKBe respectively, 1.4.1. Definition. LKB~)) is is the the sequent sequent calculus calculus LK LK ((respectively, LKe the language language of rst-order arithmetic LK~)) extended extended as as follows: follows: First, First, the of fi first-order arithmetic is is expanded expanded
to bounded quantifi ers as part of to allow allow bounded quantifiers as aa basic basic part of the the syntax. syntax. Second, Second, the the following following new new rules rules of of inference inference are are allowed: allowed: Bounded B o u n d e d quantifier quantifier rules rules V< B B') implies R-ThmT(B). R-Thmr(B) .
122 122
s. S. Buss
The implies COTltr -equivalent to The formula formula r not not only only implies ConT,, but but is is actually actually Si S~-equivalent to COTltr ConT.. For this, note that that since since r implies implies ..., ~ThmT(rr it can can be be proved proved in in Si S 1 that that r For this, note Thmr(' ) , it implies implies ..., -~Thmr(ro ThmT(q) = - P) 1~).. (Since (Since if if aa contradiction contradiction is is provable, provable, then then every every formula formula is is provable.) provable.) 2.2.4. The 2.2.4. Lob's L6b's theorem. theorem. The self-referential self-referential formula formula constructed constructed for for the the proof proof of of the the First First and and Second Second Incompleteness Incompleteness Theorems Theorems asserted asserted "I "I am am not not provable" provable".. A A related problem would related problem would be be to to consider consider formulas formulas which which assert assert "I "I am provable" provable".. As As the the next next theorem theorem shows, shows, such such formulas formulas are are necessarily necessarily provable. provable. In In fact, fact, if if aa formula formula is is implied implied by by its its provability, provability, then then the the formula formula is is already already provable. provable. This This gives gives aa strengthening of Theorem, which that, in strengthening of the the Second Second Incompleteness Incompleteness Theorem, which implies implies that, in order order A , one helped by to to prove prove aa formula formula A, one is is not not substantially substantially helped by the the assuming assuming that that A is is provable. More More precisely, precisely, the the assumption assumption Thmr(r ThmT(rA 7) will will not not significantly significantly aid aid aa A') provable. theory theory T T in in proving proving A A.. Lob's axiomatizable theory and A L6b's Theorem. T h e o r e m . Let T T 2 D Q be aann axiomatizable A be any sentence. sentence. If If T T proves Thmr(rA') ThmT(rA "1) J DA A,, then T T proves A A.. Proof. u { ...,A} . Proof. As As usual, usual, we we assume assume T T 2 _DSi S~.. Let Let T' be be the the axiomatizable axiomatizable theory theory T TU{-~A}. The Lob's Theorem The proof proof of of Lhb's Theorem uses uses the the fact fact that that T' T ~ is is consistent consistent if if and and only only if if T T }L ]z A A;; and ThmTfA') . From and furthermore, furthermore, that that Si S 1 proves proves Con(T') Con(T') is is equivalent equivalent to to ..., -~ThmT(rAT). From these immediate from second incompleteness these considerations, considerations, the the proof proof is is almost almost immediate from the the second incompleteness AJ theorem. theorem. Namely, Namely, since since T T proves proves ..., ~A D ..., -~ThmrfA') ThmT(rA 7) by by choice choice of of A A,, T T also also proves proves ...~A ,A J Deduction Theorem, D Con(T') Con(T').. Therefore, Therefore, by by the the Deduction Theorem, T' T' fF- Con(T') Con(T') so so by by Godel's Ghdel's Second Second Incompleteness Incompleteness Theorem, Theorem, T' T ~ is is inconsistent, inconsistent, i.e., i.e., T T fkA A.. 2.2.5. The 2.2.5. Further F u r t h e r reading. reading. The above above material material gives gives only only an an introduction introduction to to the the incompleteness incompleteness theorems. theorems. Other Other significant significant aspects aspects of of incompleteness incompleteness include: include: (1) (1) the the strength strength of of reflection reflection principles principles which which state state that that the the provability provability of of aa formula formula implies implies (2) provability the the truth truth of of the the formula, formula, see, see, e.g., e.g., Smorynski Smorynski [1977]; [1977]; (2) provability and and interpretabil interpretability Boolos [1993], ity logics, logics, for for which which see see Boolos [1993], Lindstrom Lindstrhm [1997] [1997],, and and Chapter Chapter VII VII of of this this handbook; and (3) concrete, handbook; and (3) concrete, combinatorial combinatorial examples examples of of independence independence statements, statements, such such as as the the Ramsey Ramsey theorems theorems shown shown by by Paris Paris and and Harrington Harrington [1977] [1977] to to be be independent independent of of Peano Peano arithmetic. arithmetic. 3. O On 3. n tthe h e sstrengths t r e n g t h s of o f fragments f r a g m e n t s of o f arithmetic arithmetic
3.1. 3.1. Witnessing W i t n e s s i n g theorems theorems
In .2.10, it 1In section section 11.2.10, it was was shown shown that that every every primitive primitive recursive recursive function function is is � ~ldefinable D:1 . We definable by by the the theory theory/~1. We shall shall next next establish establish the the converse converse which which implies implies that that the �1 -definable functions the ~l-definable functions of o f / D:l ~ 1 are are precisely precisely the the primitive primitive recursive recursive functions. functions. The D:l provides The principal principal method method of of proof proof is is the the 'witnessing 'witnessing theorem theorem method': method': 1511 provides the the simplest simplest and and most most natural natural application application of of the the witnessing witnessing method. method.
123 123
Proof Theory Theory of Arithmetic
3.1.1. ((Parsons Parsons [1970] 3.1.1. Theorem. Theorem. [1970],, Mints Mints [1973] [19731 and and Takeuti Takeuti [1987]). [1987]). -definable function �l E1-definable function of of rr: IE11 is is primitive primitive recursive. recursive.
Every Every
Parsons G6del Dialectica Dialectica theorem Parsons'' proof proof of of this this theorem theorem was was based based on on the the Ghdel theorem and and aa 's similar proof volume. Takeuti similar proof is is given given by by Avigad Avigad and and Feferman Feferman in in Chapter Chapter V V in in this this volume. Takeuti's proof ordinals to proof was was based based on on aa Gentzen-style Gentzen-style assignment assignment of of ordinals to proofs. proofs. Mints's Mints's proof proof was was essentially essentially the the same same as as the the witness witness function function proof proof presented presented next; next; except except his his proof proof was was presented presented with with a a functional functional language. language. 3.1.2. For -formula A(b) 3.1.2. The T h e Witness W i t n e s s predicate p r e d i c a t e for for �l E l --formulas. formulas. For each each �l El-formula A(b),, we -formula WitnessA we define define a a boo A0-formula WitnessA (w, (w, b) b) which which states states that that w w is is aa witness witness for for the the truth truth of of A A..
. . . ,,x~)B(Xl,... Definition. Definition. Let Let A(b) A(b) bbee aa formula formula of of the the form form (3Xb (3Xl,... where xk)B(Xl, . . . ,,x~,b), Xk, b) , where B is is a a boo-formula. A0-formula. Then Then the the formula formula WitnessA(w, WitnessA(w, b) b) is is is is defined defined to to be be the the formula formula B -.#
B(/~(1, w), .. .. .. ,, f3( /~(k, w), b) b).. B(f3( k , w), l , w), If bo A = = A',A is aa succedent, then Witness Witnessva(w,~ is defined defined to to be be If bo', A is succedent, then V 11 (w, C) is
WitnessA(f3(l, WitnessA(/~(1, w), w), C) c--)V V Witness WitnessvA,(~(2, w), C). c-]. V l1' (13(2, w), ned similarly Dually, Dually, if if r F = = A, A, r' F' is is an an antecedent, antecedent, then then Witnessl\r Witness Ar is is defi defined similarly as as
WitnessA (f3(l, w), (f3(2, w), WitnessA(~(1, w), C) ~ 1\ A Witnessl\r' WitnessAr,(~(2, w), C). ~. Note Note the the different different conventions conventions on on ordering ordering disjunctions disjunctions and and conjunctions; conjunctions; these these are are not not intrinsically intrinsically important, important, but but merely merely reflect reflect the the conventions conventions for for the the sequent sequent calculus calculus are are that that active active formulas formulas of of strong strong inferences inferences are are at at the the beginning beginning of of an an antecedent antecedent and at at the the end end of of a a succedent. succedent. and It It is, is, of of course, course, obvious obvious that that WitnessA WitnessA is is a a boo-formula, A0-formula, and and that that lboo IA 0 can can prove prove
A(b) (w, b) A(b) f-+ ~ (3w) (3w) WitnessA WitnessA(w, b).. 3.1.3. ((Sketch Sketch of Suppose rr: 3.1.3. Proof. Proof. of the the proof proof of of Theorem Theorem 3.1.1.) 3.1.1.) Suppose PE11 proves proves calculus proof (Vx)(3y)A(x, y) where where A A E E �l El.. Then Then there there is is aa sequent sequent calculus proof P P in in the the (3y)A(x, y) (V'x) theory theory rr: /El1 of of the the sequent sequent (3y)A(c, (3y)A(c, y) y).. We We must must prove prove that that there there is is a a primitive primitive (n)) is such that that A(n, the standard all recursive A( n , ff(n)) recursive function function f f such is true, true, in in the standard integers, integers, for for all nn 2 >__ o0.. In In fact, fact, we we shall shall prove prove more more than than this: this: we we will will prove prove that that there there is is a a -definition in rr: such that rr: proves primitive , primitive recursive recursive function function f f , , with with aa � El-definition in /El, such that /El proves l 1 1 (Vx)A(x, f(x)). . This corollary to to the the next next lemma. lemma. x)A(x, f(x)) This will will be be aa corollary (V' Witnessing W i t n e s s i n g Lemma L e m m a for f o r /rr: E l1. • Let Let r F and and bo A be be cedents cedents of of �l E1 -formulas -formulas and and suppose suppose ---t bo Then there rr: IE11 proves proves the the sequent sequent r F---+ A.. Then there is is aa function function hh such such that that the the following following hold: hold:
124 124
s. Buss S.
n:: 1 and is primitive primitive recursive, and (1) h is E1-defined �l -defined by IE1 (1) proves (2) n:: (2) /El1
(VCj (Vw)[ Witnessl\ r ( w, Cj
::)
Witness V Do (h( w, Cj , Cj].
Note that that Theorem Theorem 3.1.1 3.1.1 isis an an immediate immediate corollary corollary to to the the lemma, lemma, since since we we may may take take Note L\ to to be be the the empty empty sequent, sequent, A to be be the the sequent sequent containing containing just just (3y)A(c, (:3y)A(c, y), y) , and and let let Fr to f(x) == ~(1, ,8(1, ~(1, ,8(1, h(x))) h(x))) where where hh isis the the function function guaranteed guaranteed to to exist exist by by the the lemma. lemma. f(x) h(x) will will be be aa sequence sequence of of length length one one witnessing witnessing the the cedent (:3y)A, This isis because because h(x) This cedent (3y)A, so its first first and and only only element element is witness for for the the formula formula (3y)A, (:3y)A , and and the the first first element element so its is aa witness of that that is is aa value value for for yy that that makes makes A A true. true. of It remains remains to to prove prove the the Witnessing Witnessing Lemma. Lemma. For For this, this, we we know know by by the the Cut Cut It Elimination Theorem Theorem 1.4.2, 1.4.2, that that there there is is aa free-cut free-cut free free proof proof PP of of the the sequent sequent Elimination r ---+ A L\ in in the the theory theory /El; n::1 ; in in this this proof, proof, every every formula formula in in every every sequent sequent can can be be F--+ assumed to be aa El-formula. �l -formula. Therefore, Therefore, we may prove Witnessing Lemma Lemma by by assumed to be we may prove the the Witnessing P. induction on on the number of of steps steps in in the proof P. induction the number the proof The case iiss where where there are zero zero inferences inferences iinn the ---+ L\ The base base case there are the proof proof P P and and ssoo r F---} A is an an initial initial sequent. sequent. Since Since the the initial initial sequents allowed in in aann /n:: proof contain contain only only is sequents allowed E l 1 proof atomic formulas, the the Witnessing Witnessing Lemma Lemma is is trivial case. atomic formulas, trivial for for this this case. For induction step, final For the the induction step, the the argument argument splits splits into into cases, cases, depending depending on on the the final inference inference of of the the proof. proof. There There are are aa large large number number of of cases, cases, one one for for each each inference inference rule rule of of the the sequent sequent calculus; calculus; for for brevity, brevity, we we present present only only three three cases cases below below and and leave leave the the rest rest for for the the reader. reader. For nal inference For the the first first case, case, suppose suppose the the fi final inference of of the the proof proof P P is is an an :3 3 :right inference, inference, namely, namely,
. ... . . rF---} ---+ L\, A, A(t) rF---} ---+ L\ A,, (:3x)A(x) (3x)A(x) Let Let cc be be the the free free variables variables in in the the upper upper sequent. sequent. The The induction induction hypothesis hypothesis gives gives aa � El-defined, primitive recursive recursive function function g(w, Cj ~ such such that t h a t /n:: E l1 proves proves l -defined, primitive .
.
9
Witnessl\ w, Cj, . r ( w, Cj WitnessAr(W, ~ ---+ ~ Witness Witnessv{A,A(t)} (g(w, ~, Cj C-"). V{ Do,A{t)} (g(
IInn order w, Cj ,8(2, g(w, Cj order for for Witness Witnessv{A,A(t)} (g(w, c-),, Cj c-) to to hold, hold, either either/?(2, ~)) witnesses witnesses V V L\ A V{Do ,A{t)} (g( or or ,8(l, ~(1, g(w, Cj) c-)) witnesses witnesses A(t) A(t).. So So letting letting h(w, Cj c-*)be be � El-defined by l -defined by
h(w, Cj~
= =
((t(Cj) ((t(~) *9,8(1, ~(1, g(w, Cj), ~), ,8(2, /3(2,g(w, Cj», ~)),
where where *9 denotes denotes sequence sequence concatenation. concatenation. It It is is immediate immediate from from the the definition definition of of Witness that that
w, Cj , Cj. (h(w, Witnessl\ r ( w, Cj ---+ Witness V{ Do,( 3x)A(x)} (h( For :left For the the second second case, case, suppose suppose the the final final inference inference of of the the proof proof P P is is an an :33:left inference, inference, namely, namely,
Proof Proof Theory Theory of of Arithmetic Arithmetic 9
.
125
o
A(b),, rF -+ ~ � A A(b) -+ � (3x)A(x) (3x)A(x), , r F---+ A
where where b is is an an eigenvariable eigenvariable which which occurs occurs only only as as indicated. indicated. The The induction induction hypothesis hypothesis g( w, C, gives gives us us aa � El-defined, primitive recursive recursive function function g(w, g, b) such such that t h a t /ll: E l1 proves proves I -defined, primitive Witnessl\ � (g(w,, C, WitnessA{A(b),r} (w, C) c-) -+ ---} Witnessv WitnessvA(g(w ~, b) b),, C) c-).. { A(b) ,r} (w,
-defined function WO , W Let w ) bbee the W I , .. .. .. , Wn Let tail( tail(w) the �I El-defined function so so that that tail( ((wo, wi,I , .. .. .. , Wn wn)))) = = ((wl, wn).) . Letting h(w, h(w, C) c') be be the the function function g((tail(,8(1 g((tail(~(1, , w)), w)),/~(2, w)),, c, ~,/?(1,/~(1, w))),, it it is is easy easy Letting ,8(2, w)) ,8(1 , ,8(1 , w))) to es the conditions of Witnessing Lemma. to check check that that h satisfi satisfies the desired desired conditions of the the Witnessing Lemma. For For the the third third case, case, suppose suppose the the final final inference inference of of P P is is aa � EI-IND inference: I -IND inference: 9
9 .
.
. 9
A(b), -+ �, A(b), r F---+ A, A(Sb) A(Sb) A(O) , r -+ �, A(t) A(0), F ~ A, A(t)
where where b is is the the eigenvariable eigenvariable and and does does not not occur occur in in the the lower lower sequent. sequent. The The induction induction hypothesis primitive recursive hypothesis gives gives aa � El-defined, recursive function function g(w, g(w, C, g, b) such such that that ll: PE11 I -defined, primitive proves proves Witnessl\ Witnessv{ �,A(Sb)} (g( w, C, WitnessA{A(b),r} g, b) -+ --+ Witnessv{A,A(Sb)} (g(w, ~, b) b),, c, ~, b) b).. { A(b) ,r} (w, C, Let ned as Let k(c, k(g, v, w) be be defi defined as
k(e, v, w) k(c,
{:
= { v
=
W
if if Witness Witnessv{ ~ }} (v, C) c') V{ � otherwise otherwise
Since ne the primitive Since Witness Witness is is aa �o-predicate, A0-predicate, kk is is � El-defined by ll: FE1. Now defi define the primitive I -defined by 1 . Now recursive recursive function function f f (w, c, g, b) by by ff(w, (w, c, g, 0) 0) = ff ((w, w , ~c,, bb++ 1) 1) =
(,8(l (fl(1,, w), w), O) 0) c, b) ) , (,8 (1, 9g((~(1, ( (,8 (1, ff(w,g,b)),~(2, ( w, C, b) ), ,8 (2, w)), (~(1, w)),~,b)), ))) ( (,8 (1, ff ((w, w, c, (2, w)), (2, 9g((/~(1, (c, ,8 (2, ff ((w, w, c, kk(g,/~(2, g, b) b)),) , ,8 /~(2, ~, b) b)),) , ,8 fl(2, w)), C, g, b) b))))
By By Theorem Theorem 1.2.10, 1.2.10, f f is is � E1I definable definable by b y /ll: E l1, , and and since since ff may may be be used used in in induction induction formulas, formulas, � E1I can can prove prove Witnessl\ + Witness WitnessA{A(o),r 5) -----} Witnessv{A,A(b)} (f (w, C, g, b) b),, c, g, b) b).. V{ �,A(b)} (f(w, { A(O) ,r }} (w, C)
with respect Setting h(w, (w, c, establishes the using using � EI-IND respect to to bb.. Setting h(w, C) ~ = -- ff(w, g, t) establishes the desired desired I -IND with conditions of conditions of the the Witnessing Witnessing Lemma. Lemma. 1.1. Q.E.D. Q.E.D. Witnessing Witnessing Lemma Lemma and and Theorem Theorem 3. 3.1.1. 3.1.4. Corollary. The 3.1.4. - definable predicates The �I A1-definable predicates of of ll: IE11 are precisely precisely the the primitive primitive recursive predicates. predicates. recursive
126 126
S. Buss
Proof. Corollary Corollary 11.2.10 already established established that that every every primitive primitive recursive recursive predicate predicate Proof. .2.10 already is is 6. Al-definable by � /El. For the the converse, converse, suppose suppose A(c) A(c) and and B(c) B(c) are are I; El-formulas 1 -definable by l -formulas 1 ' For such that t h a t /� E l1 proves proves (V'x) (Vx)(A(x) ++ -,B(x) ~B(x)).) . Then Then the the characteristic characteristic function function of of the the such (A(x) ++ predicate predicate A(c) A(c) is is I; El-definable i n /� E l1 since since � 1El1 can can prove prove l -definable in
(Vx)(3!y)[(A(x) O) V (B(x) (B(x) /\ A yy = = 1)]. 1)]. (V'x) (:J!y) [(A(x) /\A Yy = 0)
By By Theorem Theorem 3.1.1, 3.1.1, this this characteristic characteristic function function is is primitive primitive recursive, recursive, hence hence so so is is the the predicate predicate A(c) A(c).. 3.1.5. 3.1.5. Total Total functions functions of o f /�n E n . . Theorem Theorem 1.2.1 1.2.1 provided provided aa characterization characterization of of the the I; El-definable functions of o f /� E l1 as as being being precisely precisely the the primitive primitive recursive recursive functions. functions. 1 -definable functions It It is is also also possible possible to to characterize characterize the the I; Ey-definable functions of o f /�n E n for for n n > > 11 in in 1 -definable functions terms terms of of computational computational complexity; complexity; however, however, the the n n > > 11 situation situation is is substantially substantially more more complicated. complicated. This This problem problem of of characterizing characterizing the the provably provably total total functions functions of of fragments central problems fragments of of Peano Peano arithmetic arithmetic is is classically classically one one of of the the central problems of of proof proof theory; and and a a number number of of important important and and elegant elegant methods methods are are available available to to solve solve it. it. theory; Space Space prohibits prohibits us us from from explaining explaining these these methods, methods, so so we we instead instead mention mention only only a a few few references. references. The The first first method method of of analyzing analyzing the the strength strength of of fragments fragments of of Peano Peano is is based based on on 's assignment Gentzen Gentzen's assignment of of ordinals ordinals to to proofs; proofs; Gentzen Gentzen [1936,1938] [1936,1938] used used Cantor Cantor normal normal form form to to represent represent ordinals ordinals less less than than fO e0 and and gave gave aa constructive constructive method method of of assigning assigning ordinals inductions to ordinals to to proofs proofs in in such such aa way way that that allowed allowed cuts cuts and and inductions to be be removed removed from sentences. This from PA-proofs PA-proofs of of sentences. This can can then then be be used used to to characterize characterize the the primitive primitive recursive recursive functions functions of of fragments fragments of of Peano Peano arithmetic arithmetic in in terms terms of of recursion recursion on on ordinals ordinals of Takeuti less less than than fO e0.. The The textbooks textbooks of Takeuti [1987] [1987] and and Girard Girard [1987] [1987] contain contain descriptions descriptions of of this this approach. approach. A A second second version version of of this this method method is is based based on on the the infinitary infinitary proof proof systems systems of of Tait: Tait: Chapter Chapter III III of of this this volume volume describes describes this this for for Peano Peano arithmetic, arithmetic, and and Chapter Chapter IV IV describes describes extensions extensions of of this this ordinal ordinal assignment assignment method method to to much much stronger stronger second-order second-order theories theories of of arithmetic. arithmetic. The The books books of of Schutte Schiitte [1977] [1977] and and Pohlers Pohlers [1980] [1980] also also describe describe ordinal ordinal assignments assignments and and infinitary infinitary proofs proofs for for strong strong theories theories of of arithmetic. arithmetic. A A further further use use of of ordinal ordinal notations notations is is to to characterize characterize natural natural theories theories of of arithmetic arithmetic in in terms terms of of transfinite transfinite induction. induction. A the computational A second second approach approach to to analyzing analyzing the computational strength strength of of theories theories of of arith arithmetic model-theoretic constructions; Harrington [1977], metic is is based based on on model-theoretic constructions; see see Paris Paris and and Harrington [1977], Ketonen Ketonen and and Solovay Solovay [1981], [1981], Sommer Sommer [1990], [1990], and and Avigad Avigad and and Sommer Sommer [1997]. [1997]. A the Dialectica A third third method method is is based based on on the Dialectica interpretation interpretation of of Geidel Ghdel [1958] [1958] and and 's [1970] on ordinals to on Howard Howard's [1970] assignment assignment of of ordinals to terms terms that that arise arise in in the the Dialectica Dialectica interpretation. interpretation. Chapter Chapter V V of of this this volume volume discusses discusses the the Dialectica Dialectica interpretation. interpretation. A A fourth fourth method, method, due due to to Ackermann Ackermann [1941] [1941] uses uses an an ordinal ordinal analysis analysis of of f-calculus e-calculus proofs. proofs. More More recently, recently, Buss Buss [1994] [1994] has has given given aa characterization characterization of of the the provably provably total total functions �n based functions of of the the theories theories/E~ based on on an an extension extension of of the the witness witness function function method method used used above. above.
Proof Theory Theory of Arithmetic
1127 27
3.2. Witnessing 3.2. Witnessing theorem theorem for for S� S~ Theorem 1.3.4.1 1.3.4.1 stated stated that that every every polynomial polynomial time time function function and and every every polynomial polynomial Theorem � -definable (respectively) time -definable or time predicate predicate is is E� E~-definable or � A~-definable (respectively) by by 8} S~.. More More generally, generally, Theorem -function and -predicate is -definable Theorem 1.3.6 1.3.6 stated stated that that every every Of 0~'-function and every every �f A~-predicate is E� E~-definable or -definable by or �� A~-definable by S� S~.. The The next next theorem theorem states states the the converse; converse; this this gives gives aa precise precise characterization of of the the E� E~-definable functions of of Si S 1 and and of of the the E� E~-definable functions characterization -definable functions -definable functions of of S� S~ in in terms terms of of their their complexity complexity in in the the polynomial polynomial hierarchy. hierarchy. The The most most interesting interesting 1 , where case case is is probably probably the the base base case case ii = - 1, where Si S~ is is seen seen to to have have proof-theoretic proof-theoretic strength strength that that corresponds corresponds precisely precisely to to polynomial polynomial time. time.
Theorem. T h e o r e m . (Buss (Buss [1986]) [1986]) (1) Every -definable function (1) Every E� E~-definable function of of Si S~ is is polynomial polynomial time time computable. computable. (2) Let -definable function -th level, (2) Let ii � >_ 11.. Every Every Et E~-definable function of of S� S~ is is in in the the ii-th level, Of 0~,, of of the the polynomial polynomial hierarchy. hierarchy. Corollary. (Buss [1986]) Corollary. (Buss [1986]) -definable predicate polynomial time. (1) Every (1) Every �� A~-definable predicate of of Si S 1 is is polynomial time. (2) Let -definable predicate -th level, Let ii � >_ 11.. Every Every �� A~-definable predicate of of S� S~ is is in in the the ii-th level, �f A~,, of of the the polynomial polynomial hierarchy. hierarchy.
The corollary the theorem exactly the the same same argument argument as used The corollary follows follows from from the theorem by by exactly as was was used to the theorem, to prove prove Corollary Corollary 3.1.4 3.1.4 from from Theorem Theorem 3.1.1. 3.1.1. To To prove prove the theorem, we we shall shall use use aa witnessing lE I above. First, we witnessing argument argument analogous analogous to to the the one one use use for for/El above. First, we need need aa revised revised predicate; unlike definition of form form of of the the Witness Witness predicate; unlike the the usual usual definition of the the Witness Witness predicate predicate for for bounded bounded arithmetic arithmetic formulas, formulas, we we define define the the Witness Witness predicate predicate only only for for prenex prenex formulas, cation. This formulas, since since this this provides provides some some substantial substantial simplifi simplification. This simplification simplification is is obtained without -formula is obtained without loss loss of of generality generality since since every every Et E~-formula is logically logically equivalent equivalent to to aa E� -formula in E~-formula in prenex prenex form. form. 3.2.1. 3.2.1. Definition. Definition. Fix Fix ii � >_ 11.. Let Let A(C) A(~ be be aa E�-formula E~-formula which which is is in in prenex prenex form. form. Then Then Witness�(w, WitnessiA(w, C) ~ is is defined defined by by induction induction on on the the complexity complexity of of A A as as follows: follows: Witness~(w C) ~ is is just just the the formula formula A(C) A(~, , -formula, then (1) (1) If If A A is is aa TIL Hb i_ 1-f~ then Witness�(w, b (w, C) (2) If A(C) A(~ is is not not in in TIL II~_ 1 and and is is of of the the form form (3x (3x :::; _ 11.. Let Let r F---+ A be be aa sequent sequent of of formulas formulas in in 2:� Eb
in ---+ � in prenex prenex form, form, and and suppose suppose S� S~ proves proves r F---} A.. Let Let c6 include include all all free free variables variables in in the the -function h(w, h( w, C) -defined in sequent. Then sequent. Then there there is is aa Of Dr-function ~ which which is is 2:� E~-defined in S� S~ such such that that S� S~ proves proves ---+ Witness\t �(h(w, ~, C), C) Witness� w~t~~,~(~, ~-+ w~t~&~(h(~, ~.. r (w, C)
The The proof proof of of the the Witnessing Witnessing Lemma Lemma is is by by induction induction oonn the the number number of of sequents sequents iinn aa ---+ � -formula is -formula free-cut free-cut free free proof proof P P of of r F---+ A.. Since Since every every 2:� E~-formula is equivalent equivalent to to aa 2:� E~-formula in in prenex prenex form, form, we we may may assume assume w.l.o.g. w.l.o.g, that that every every induction induction formula formula in in the the free-cut free-cut -formula. Then, Then, by proof P free free proof P is is aa prenex prenex form form 2:� E~-formula. by the the subformula subformula property, property, every every formula -formula in formula appearing appearing anywhere anywhere in in the the proof proof is is also also aa 2:� E~-formula in prenex prenex form. form. The The ---+ � base induction proof base case case of of the the induction proof is is when when r F--} A is is an an initial initial sequent; sequent; in in this this case, case,
Proof Theory of of Arithmetic Arithmetic
1299 12
every formula formula in in the the sequent sequent is is atomic, so the the Witnessing Witnessing Lemma Lemma trivially trivially holds. holds. every atomic, so The nal inference The induction induction step step splits splits into into cases cases depending depending on on the the fi final inference of of the the proof. proof. The The structural structural inferences inferences and and the the propositional propositional inferences inferences are are essentially essentially trivial, trivial, the the latter because because of of our our assumption assumption that that all all formulas formulas are are in in prenex prenex form. form. So So it it remains remains latter to to consider consider the the quantifier quantifier inferences inferences and and the the induction induction inferences. inferences 9 The The cases cases where where the the final final inference inference of of P P is is an an :3 3 � ___:right :right inference inference or or an an :33 � _ > O. O. for
Since -defined Since f f is is defined defined by by limited limited recursion recursion on on notation notation from from g g,, and and since since gg is is I:� E~-defined by also I:� -defined by by S� S~,, f f is is also E~-defined by S� S~.. Therefore, Therefore, f f may may be be used used in in induction induction formulas formulas and and S� S~ can can prove prove
Witnesil\{A (O),r} (w, C) ---+ WitnessiV{D.,A(b)} (J(w , C, b) , C, b) . using Setting h(w, using I:�-PIND E~-PIND with with respect respect to to bb.. Setting h(w, C) 5) = = f(w, f (w, c, ~, t) t) establishes establishes the the desired desired conditions conditions of of the the Witnessing Witnessing Lemma. Lemma. Finally, Finally, we we consider consider the the inferences inferences involving involving bounded bounded universal universal quantifiers. quantifiers. The The cases cases where where the the principal principal formula formula of of the the inference inference is is aa ITL II~_l-formula are essentially essentially I -formula are trivial, since trivial, since such such formulas formulas do do not not require require aa witness witness value, value, i.e., i.e., they they are are their their own own witnesses. witnesses. This This includes includes any any inference inference where where the the principal principal connective connective is is aa non-sharply non-sharply
130 130
s. Buss Buss S.
bounded universal universal quantifier. quantifier. A AV \I _ O. Suppose T� T~ proves proves
(w)(sy)(Vz _ 0 and there are are E� Eib+l-definable function symbols symbols + l -definable function ffl(x), l (x) , h(x, f2(x, Zzl),..., f~(x, Zzt,...zk_t) such that that T� Ti2 proves proves l , . . . Zk-l) such I )' . . . ' fk(x, zd , x, Z2) , X, ZI ) V (Vz2 (Vx) (VZ1 ::; (Vx)(VZl _< t)[A(!I(X) t)[A(fl(X),X,Z,)V (Vz2 ::; _< t)[A(h(x, t)lA(f2(x,z,),x, z2) t) [A( h (x, Zl V(Vza ::; _< t)[A(f3(x, z,,, Z2) z2),, x, x, Z3) z3) V(VZ3 , . . . , Zk- l ) , x, Zk)J . . .J ]] V .· ... . V V (VZk (Vzk ::; _< t)[A(fk(X, Zl,...,Z~_l),X,Z~)]...]]] t)[A(fk(x, Zl V Conversely, Conversely, whenever whenever the the above above formula formula is is provable, provable, then then T� T~ can can also also prove prove (Vx) (3y) (By)(Vz _< t)A(y, t)A(y, x, x, z) z).. (Vx) (Vz ::; The The variables variables x x,, yy and and Zz could could just just as as well well have have been been vectors vectors of of variables, variables, since since the coding can the replacement replacement axioms axioms and and sequence sequence coding can be be used used to to combine combine adjacent adjacent like like quantifiers. Also, the quantifiers. Also, the first first half half of of the the theorem theorem holds holds even even if if tt involves involves both both x x and and yy.. The proof proof of of the the KPT KPT Witnessing Witnessing Theorem Theorem is is now now quite quite simple: simple: by by the the discussion discussion The in section section 11.3.7, we can can replace replace each each T� T~ by by its its conservative, conservative, universally universally axiomatized axiomatized in .3.7, we extension corollary to extension PV;+l PV/+I,, and and now now the the theorem theorem is is an an immediate immediate corollary corollary of of the the corollary to the the generalized generalized Herbrand's Herbrand's theorem theorem in in section section 2.5.3 2.5.3 of of Chapter Chapter I. I. 3.3.2.1. 3.3.2.1. Applications Applications to to the the polynomial polynomial hierarchy. hierarchy. The The above above theorem theorem has has had in showing had aa very very important important application application in showing an an equivalence equivalence between between the the collapse collapse of of the hierarchy hierarchy of theories of the the of theories of bounded bounded arithmetic arithmetic and and the the (provable) (provable) collapse collapse of of the polynomial time hierarchy. equivalence was polynomial time hierarchy. This This equivalence was first first proved proved by by Krajicek, Kraji~ek, Pudhik Pudls and and Takeuti Takeuti [1991J; [1991]; we we state state two two improvements improvements to to their their results. results. (We (We continue continue the the convention convention that that Tf T ~ denotes denotes PV1 PV1.).)
O. If Theorem. T h e o r e m . (Buss (Buss [1995J, [1995], Zambella Zambella [1996]) [1996]) Let Let ii 2: >_ O. If T4 Ti2 F ~ 8� si2++tl ,, then then (1) (1) T4 Ti2 = = 82 $2 the polynomial and and therefore therefore 82 $2 is is finitely finitely axiomatized, axiomatized, and and (2) (2) T4 T~ proves proves the polynomial hierarchy hierarchy equivalent to collapses, and and in a) T4 collapses, in fact, .fact, (2. (2.a) T~ proves proves that that every every E� ~ib3-formula is equivalent to +3 -formula is -formulas and (2. b) T4 proves the polynomial time aa Boolean Boolean combination of E� combination of ~+2b -formulas and (2.b) T~ proves the polynomial time 2 + hierarchy hierarchy collapses collapses to to Ef ~+l/poly. + l /poly . Corollary. proves the Corollary. 82 5'2 is is finitely finitely axiomati axiomatized if and and only only if if 82 $2 proves the polynomial polynomial hierar hierarzed if chy chy collapses. collapses.
Let -definable function Let g(x) g(x) be be aa Et ~-definable function of of T4 T~ such such that that for for each each n n > 0 there there is is g(n) = In an an m m > 0 so so that that T4 Ti2 I~- (Vx) (Vx)(x D g(x) g(x) > m m)) (for (for example, example, g(n) Inll or or (x > nn ::> etc.) Let g(n) I l nl l , etc.) g(n) = --]lull, Let g g E�-IND ~ - I N D denote denote the the axioms axioms A(O) 1\ A (Vx) (Vx)(A(x) D A(x A(x + + 1)) 1)) ::> D (Vz (Vz ::;
Let (in the Let Vm(N) VIIi(N) denote denote the the set set of of all all '1m VII~ sentences sentences (in the language language of of 82 5'2)) true true about about the the standard standard integers. integers.
Proof Theory Theory of Arithmetic
133 133
3.3.2.2. 3.3.2.2. Theorem. T h e o r e m . (essentially (essentially KrajIcek, Krajihek, Pudlcik Pudls and and Takeuti Takeuti [1991]) [1991]) If T� + v'II� {N) 1= g�� -IND, then the polynomial time hierarchy collapses gEi+I-IND , then the polynomial time hierarchy collapses to to +l p /poly . Ai+l/poly. !J.. f+ l Note Note that that second second theorem theorem differs differs from from the the first first in in that that there there is is no no mention mention of of the the provability of the polynomial hierarchy; hand, the provability of the collapse collapse of of the the polynomial hierarchy; on on the the other other hand, the second second theorem theorem states states aa stronger stronger collapse. collapse. KrajIcek, Kraji~ek, Pudlcik Pudl~k and and Takeuti Takeuti [1991] [1991] prove prove the the second nl and second theorem theorem with with g{n) g(n) = = IInl and without without the the presence presence of of VII�{N) VIIi(N)": their their proof proof gives modifications. gives the the stronger stronger form form stated stated here here with with only only minor minor modifications.
3.3.3. -definable functions 3.3.3. The T h e �� E~-definable f u n c t i o n s of of Ti T21 Buss -definable functions Buss and and KrajIcek Kraji6ek [1994] [1994] characterize characterize the the �� E~-definable functions of of Ti T~ as as being being precisely precisely the the functions functions which which are are projections projections of of PLS PLS functions. functions. Polynomial P o l y n o m i a l Local Local Search. Search. Johnson, Johnson, Papadimitriou Papadimitriou and and Yannakakis Yannakakis [1988] [1988] defined defined aa Polynomial Polynomial Local Local Search Search problem problem (PLS-problem (PLS-problem)) L L to to be be aa maximization maximization problem problem satisfying satisfying the the following following conditions: conditions: (we (we have have made made some some inessential inessential simplifications simplifications to to their their definition definition)) set FL{x) 1}* , there (1)) For For every every instance instance x x E {a, {0,1}*, there is is aaset FL(X) of of solutions, solutions, an an integer integer valued valued (I x) and x) , cost cost function function cds, CL(S,X) and aa neighborhood neighborhood function function Nds, NL(S,X), (2) The binary binary predicate predicate ss E FL{X) FL(X) and and the the functions functions cds, CL(S,X) and NL{s, NL(S,X) are (2) The x) and x) are polynomial polynomial time time computable. computable. There There is is aa polynomial polynomial PL PL so so that that for for all all ss E E
FL{X) , ls i � < pd l xl) . Also, A so, °0 E e Fdx) . x) E FL{X) (3) For For all all ss E {a, {0, 1}* 1}*,, Nds, YL(s,x) Fn(x).. (3) (4) For {x) , if x) =1= x) < {s, x), x) . (4) For all all ss E FL Fn(x), if NL{s, Nn(s,x) r ss then then cds, CL(S,X) < cL{NL CL(NL(S,X),X). (5) The finding aa locally locally optimal (5) The problem problem is is solved solved by by finding optimal ss E FL{x) Fn(x),, i.e., i.e., an an ss such such that that NL(s, x) = s . NL{s, It conditions that It follows follows from from these these conditions that all all ss E Fdx) Fn(x) are are polynomial polynomial size. size. -sentence saying A A PLS-problem P LS-problem L L can can be be expressed expressed as as aa II� II~-sentence saying that that the the conditions conditions above hold; if above hold; if these these are are provable provable in in Ti T21 then then we we say say L L is is aa PLS-problem PLS-problem in in Ti T~.- The The OptL{X, s) � -formula NL(s, x) = formula formula OptL(x, s) is is the the !J.. A~-formula Nn(s,z) = ss.. A A multivalued multivalued function function 9g such such called aa PLS function; 9g must total, but that that for for all all x z,, NL NL (g(x), (g(x), x) x) = = g(x) g(z),, is is called PLSfunction; must be be total, but may may be since there optimal cost be multivalued, multivalued, since there may may exist exist more more than than one one optimal cost solution. solution. The The next next theorem states, states, loosely loosely speaking, the (multivalued -definable functions theorem speaking, that that the (multivalued)) �� E~-definable functions of of Ti T2~ are are precisely precisely the the functions functions f f which which can can be be expressed expressed in in the the form form f f = - 1f r Oo gg,, where where 9g is is aa PLS PLS function function and and where where 1f r is is aa polynomial polynomial time time function function (in (in fact, fact, 1f( r(y) =/~(1, y) Y) = ,8 (1, y) ). can always always be be used used). can Theorem. Buss and T h e o r e m . ((Buss and KrajIcek Kraji~ek [1994]) [1994])
(:Jy)OptL(X, (1) For every every PLS PLS problem problem L L,, Ti T~ can can prove prove (Vx) (Vx)(3y)OptL (x, y) y).. (1) For
134 134
S. Buss
proves (V' i) (3y)A(i, y) (2) If I / AA E e �� E~ and and if i/ Ti T~ proves (VZ)(3y)A(Z, y),, then then there there is is aa polynomial polynomial time time (projection) (projection) function function 7l'(y) r(y) and and aa PLS PLS problem problem L L such such that that Ti T~ proves proves ((YZ)(Vy)(OptL(2, y) :J ~ A(i, A(Z, 7l'( r(y)). V'i) (V'y) (OptL (i, y) Y)). for In In other other words, words, if i/g9 is is aa PLS PLS function function solving solving L L,, then then A(i, A(Z, 7l' ~ 0o g(i)) g(Z)) holds holds/or all i and all all values all ~ and values of o/ g(i) g(Z).. Natural N a t u r a l Proofs. Proofs. The The above above theorem theorem characterizing characterizing the the �� IE~ consequences consequences of of Ti T~ in in terms PLS functions terms of of PLS functions was was used used in in an an important important way way to to establish establish the the independence independence of some some computational computational complexity complexity conjectures conjectures from from S�(a) $2(c~).. Razborov Razborov and and Rudich Rudich of [1994] introduced [1994] introduced aa notion notion of of "P-natural "P-natural proofs" proofs" of of P P =I ~ NP NP;; which which intuitively intuitively are are proofs time method proofs which which provide provide aa polynomial polynomial time method of of separating separating out out truth truth tables tables of of Boolean size circuits. then showed Boolean functions functions that that do do not not have have polynomial polynomial size circuits. They They then showed that that under under aa certain certain strong strong pseudo-random pseudo-random number number generator generator conjecture conjecture (henceforth: (henceforth: the the SPRNG conjecture) be P-natural SPRNG conjecture) that that there there cannot cannot be P-natural proofs proofs of of P P =I ~ NP N P . . Razborov Razborov [1995] then then showed showed that that SHa) S~(c~) cannot cannot prove prove superpolynomial superpolynomial lower lower bounds on the the [1995] bounds on size polynomial hierarchy size of of circuits circuits for for predicates predicates in in the the polynomial hierarchy unless unless there there are are P-natural P-natural P . This proofs proofs that that P P =I ~ N NP. This latter latter condition condition of of course course implies implies the the SPRNG SPRNG conjecture conjecture is is false; false; however, however, most most researchers researchers in in cryptography cryptography apparently apparently do do believe believe the the SPRNG SPRNG conjecture. conjecture. Thus Thus commonly commonly believed believed cryptographic cryptographic conjectures conjectures imply imply that that S�(a) S~(c~) cannot cannot prove prove superpolynomial superpolynomial lower lower bounds bounds for for NP NP predicates. predicates. A A further further observation observation SPRNG conjecture. conjecture. Razborov's of Widgerson Widgerson is is that that S� S 2 cannot cannot prove prove the the SPRNG Razborov's proof proof of characterization of used used the the conservativity conservativity of of S� $22 over over Ti T1 ,, and and the the above above characterization of the the �� E~- consequences communication complexity consequences of of Ti T~;; he he then then combined combined this this with with aa communication complexity result result (analogous to (analogous to Craig Craig interpolation) interpolation) to to extract extract aa P-natural P-natural proof proof from from the the resulting resulting PLS PLS function. function. Razborov Razborov [1994] [1994] has has subsequently subsequently given given aa simpler simpler proof proof of of the the above-discussed above-discussed theorem translations from bounded arithmetic arithmetic into theorem which which uses uses the the translations from bounded into propositional propositional logic logic (see (see Chapter Chapter VIII VIII of of this this volume) volume) plus plus interpolation interpolation theorems theorems for for propositional propositional logic. A logic. A complete complete account account of of this this simpler simpler proof proof can can be be found found in in our our survey survey article, article, Buss Buss [1997] [1997].. 3.4. Relationships Relationships between between B�n B ~ and a n d /.rr: ~n
Recall Recall from from section section 1.2 1.2.9, that B�n BEn+l /E~n f~- B�n BEn.' We We show show in in the the next next . 9, that + l f-~- .rr: is conservative over paragraphs that three theories theories are paragraphs that these these three are distinct distinct and and that that B�n BE~+I is conservative over l +
.rr: n· ~n.
outline aa proof 3.4.1. 3.4.1. Conservation C o n s e r v a t i o n of of B�n BE,+1 over .rr: / E n, .. In In this this section section we we outline proof of of + l over the -conservative over .rr: n ; this was the well-known well-known theorem theorem that that the the B�n BE,+I is IIn IIn+2-conservative over /E,; this was 2 + l is + given by Paris and and first proved proved by first by Parsons Parsons [1970] [1970].. A A model-theoretic model-theoretic proof proof was was later later given by Paris and we sketch below Buss [1994]. Kirby Kirby [1978], [1978], and we sketch below aa proof-theoretic proof-theoretic proof proof from from Buss [1994].
135 135
of Arithmetic Arithmetic Proof Theory of
Theorem. BI:n+ 1 is is Hn+2-conservative IIn+2 -conservative over over I~n. lI:n . T h e o r e m . B~n+l
Recall that that BEn+I BI:n+ l isis equivalent equivalent to to the the theory theory BHn, BIIn , which which has has IIn-REPL IIn -REPL axioms axioms Recall of the the form form of (Vx (:Jz) (Vx (Vx _� t)(3y t) (:Jy _� z)A(x, z)A(x, y) y) y) � (3z) (Vx _< � t)(3y)A(x, t) ( :Jy)A(x, y)--~ where where A A EE IIn. IIn . In In the the above above sequent, sequent, there there are are unbounded unbounded quantifiers quantifiers in in the the scope scope of bounded bounded quantifiers, quantifiers, so so the the formula formula in in the the antecedent antecedent is is aa En+l-formula, I:�++ l -formula, not not aa of I:n+ l -formula. En+l-formula.
Definition. Fix Fix nn and and suppose suppose A A EE ~n+l. I:�+ l . Definition. (1) + ,, then ~<s is A ~E 1-I II� then A A";s is defined defined to to be be A. A. (1) If If A +
(2) + ,, then ~M(X, s~.(x,
Since 9r -,¢> D :J -~r -'¢>M(X, s;(x, Z)) , we we immediately immediately have have that that $2 82 also also proves proves Since S,(X, ~),
t 1(x) #=I Zl t2 (x ,Zl ) #=I Z2V ('v'X) [¢>(X) vV (vZl)(2 ('v'zl ) (2'1(~) (w)[r ~v Zl vV (w~)(2 ('v'z2 ) (2'~(~,~1)
. ...9. vV ('v'z l (x ,Zl"....." ,Zl-tl . . . ))] (Vz~)(2 ",-,~ =I # Zt) z~)...))] t) (2t',(~,''
where each t; with polynomial polynomial growth growth rate rate with defined by where each ti is is aa function function with with graph graph defined by aa 1 (x) , holds, provided �o-formula. A0-formula. Thus, Thus, 82 $2 proves proves that that ¢>(x) r holds, provided there there exists exists Zl Zl = = 22ttl(~), z x x, t l , l Z " ,Zl-d z2 = - 2h( 2t2(x'zl),..., - 22te(~'zl ze-~).. Since Since each each t; ti has has polynomial polynomial growth growth rate, rate, d, . . . , Zzlt = ( "..... Z2 ; ' s are the bounded by the values values of of the the zzi's are bounded by 2: 2~+ for sufficiently sufficiently large large x x E E N; N; therefore, therefore, + 11 for holds. 82 $2 proves proves that that if if 2: 2~+ exists, then then ¢>(x) r holds. Taking Taking kk = = £[ + + 11,, Lemma Lemma 4.3.2 4.3.2 is is +11 exists, proved. proved. ((Solovay Solovay [1976]) [1976]) For For each each n, n, kk � >_ 0O,, there there is is aa 8 S~-proof P of of i -proof P n l and (3x)(superexp(k,n,x)) with si size polynomiaUy bounded bounded in in terms terms of of IInl and kk.. In In (3x) ( superexp(k, 11, x)) with ze polynomially addition, addition, P P is is aa �2k E2k+l-proof. + l -proof.
4.3.3. 4.3.3. Theorem. Theorem.
The Proof. P r o o f . The The proof proof is is based based on on using using formulas formulas that that define define inductive inductive cuts. cuts. The particular (x) defined particular ones ones we we need need are are formulas formulas J;(x) Ji(x) and and K; Ki(x) defined as: as:
always true o (x) {::} r 00 = = 00 ((always true)) JJo(x)
Ko (x) {::} (2X = y) Ko(~) ,~ (3y) (3v)(2~=v)
(K; (z) :J~ K;(z ,~ ('v'z) (W)(K,(,) K,(z + + x)) ~)) JJ,+,(~) i+ l (X) {::}
Ki Ki+l(X) r (3y)(2 (3y)(2X~ = = Yy /\A Ji J,+l(y)) + 1 (y)) + 1 (X) {::}
Lemma. Lemma.
((~) a) 8s~i I-F JJ~(0) k (O) ((b) b ) 8i S~ I-k- Jk(x) Jk(x) :JD Jk(x Jk(x + + 1) 1)
Proof Proof Theory Theory of of Arithmetic Arithmetic
141 141
u) (c) si (X) 1\ (c) s~ f-e Jk J~(~) ^ Uu < < x9 :J ~ Jk( J~(u) (d) S~ fF- Jk(x) Jk(x) :J D Jk(x J~(x + + x) x) (d) Si
s~ f-~ Kk g~(o) (e) Si (O)
(U) (f) Si S~ fF- Kk Kk(x) Au u< <x x :J D Kk gk(u) (x) 1\ (f) s] f-~ Kk g~(~) ~ Kk g~(~ + 1) (g) Si (X) :J (X +
(h) , x, z) . (h) Si S~ fR Kk(X) Kk(x) :J D (3z)superexp(k (3z)superexp(k + + 11,x,z). Parts (a)-(g) (a)-(g) are are proved proved simultaneously simultaneously by by induction induction on on k. Part (h) (h) is is likewise likewise proved proved Parts k. Part using using induction induction on on kk.. Moreover, Moreover, it it is is easy easy to to verify verify that that the the S S2-proofs of formulas formulas 2 -proofs of (a)-(g) polynomial size (a)-(g) are are polynomial size in in kk,, and and involve involve only only � E2k+l-formulas. 2k+ 1 -formulas. By using using (d) and (c) (c) of of the the lemma, lemma, it it is is straightforward straightforward now now to to give give find find an an By (d) and Si -proof of (h) give S~-proof of Jk(rr) Jk(n) of of size size polynomial polynomial in in Inl In I and and kk;; from from this, this, (e) (e) and and (h) give the the (3z )superexp(l£, rr, z) . desired desired proof proof of of P P of of (3z)superexp(k, n, z).
4.3.4. Lemma. 4.3.4. L emma. kk � > 00 such such that that
Suppose . Then, Suppose r¢>(x) Ee �l ~]1 and and S $22 + + exp exp fF- (V'x)¢>(x) (Vx)r Then, there there is is aa s~ r
(w)(& %
r
Lemma Lemma 4.3.4 4.3.4 is is proved proved from from Lemma Lemma 4.3.2 4.3.2 by by formalizing formalizing the the argument argument of of Lemma Lemma 4.3.3 4.3.3 in in Si S~..
4.3.5. 4.3.5. Lemma. Lemma. Let Let ¢>( r x ) be be aa V'ITt VII~ -formula, -formula, which which is is without without loss loss of of generality generality of of ¢>M Ee ITt the the form form (V' (Vy)r y) where where CM II~.. Then Then there there is is aa term term tt such such that that Y )¢>M(X, y)
This special case This lemma lemma is is aa special case of of Theorem Theorem 2.1.2. 2.1.2.
Let -sentence such 4.3.6. 4.3.6. Lemma. Lemma. Let ¢> r be be aa V'II� VH~-sentence such that that S $22 + + exp exp fR ¢> r . Then Then there there is is aa kk � that > 00 such such that s~ ~ ~r --+ = Co~.~ ( & ) .
Proof. with Proof. Without Without loss loss of of generality, generality, ¢> r is is of of the the form form (V'X)¢>M(X) (Vx)r with ¢>M CM aa II� 1-It- formula. . On formula. By By Lemma Lemma 4.3.4, 4.3.4, S $22 proves proves ((Vx)(S2 ~ ¢>M(;[)) CM(X__)). On the the other other hand, hand, V'X) (S2 � Lemma Lemma 4.3.5 4.3.5 implies implies that that S $22 proves proves ~r
D (& ~ - r
These two suffice to These two facts facts suffice to prove prove Lemma Lemma 4.3.6. 4.3.6. o nEk (S 4.3.7. 4.3.7. Lemma. L e m m a . Let Let kk > > OO.. Then Then S $22 + + exp exp proves proves C Conr.~ ($2). 2) .
142 142
s. S. Buss Buss
Sketch) . The Proof. Proof. ((Sketch). The proof proof of of this this has has two two main main steps: steps: (82 ) J~ GonEk ( 82 ) . This (1) Firstly, Firstly, one one shows shows that that 8 $22 + + exp exp proves proves BdCon BdCon(S2) Conr.k(S2). This is is (1)
a) Assume done, done, by by formalizing formalizing the the following following argument: argument: ((a) Assume that that P P is is aa �k-proof E~-proof of b) By of 00 = - 11 in in the the theory theory 8 $2. By using using sequence sequence encoding encoding to to collapse collapse 2 • ((b) adjacent adjacent like like quantifiers, quantifiers, we we may may assume assume w.l.o.g. w.l.o.g, that that each each formula formula in in P P has has c) By at at most most k + + 11 unbounded unbounded quantifiers. quantifiers. ((c) By applying applying the the process process used used to to prove prove the the Cut-Elimination Cut-Elimination Theorem Theorem 2.4.2 2.4.2 of of Chapter Chapter I, I, there there is is aa bounded bounded S2-proof of 00 = - 11 of of size size at at most most 2911PII Since only only finitely finitely many many iterations iterations of of �:!4 . Since 8 2 -proof of "2k+4" exponentiation exponentiation are are needed, needed, the the last last step step can can be be formalized formalized in in 8 $22 + + exp exp.. bounded consistency one shows shows that that 8 $22 + § exp can can prove prove the the bounded consistency of of 8 $2. The ((2) 2 ) Secondly, Secondly, one 2 • The general -proof P of 0 = 1 , then there is general idea idea is is that that if if there there is is a a bounded bounded 8 S2-proof P of 0 1, then there is aa 2 aa fixed fixed value value £g so so that that all all variables variables appearing appearing in in P P can can be be implicitly implicitly bounded bounded ize(p) where size(P) is the number of symbols in P. (In fact, g - 3 by L L = - 22~;ize(P) by where size (P) is the number of symbols in P . (In fact, £ = 3 works. bounded by definition can works.)) Once Once all all variables variables are are bounded by L, L, aa truth truth definition can be be given given based on on the the fact fact that that 22 LLs~z~(P) exists. With With this this truth truth definition, definition, 8 $22 + § exp exp can can based 'iz« P) exists. prove prove that that every every sequent sequent in in the the 8 S2-proof is valid. valid. 2 -proof is
4.3.8. The 4.3.8. Corollary. Corollary. The theory theory 8 $22 + + exp exp is is conservative conservative over over the the theory theory 8 $22 U (J {{ GonEk 82 ) : k 2: Con~ k (($2)" > O} 0} with with respect respect to to \lIlt VHb -consequences. -consequences. Proof. P r o o f . The The fact fact that that the the first first theory theory includes includes the the second second theory theory is is immediate immediate from from The conservativity is immediate Theorem Theorem 4.3.7. 4.3.7. The conservativity is immediate from from Lemma Lemma 4.3.6. 4.3.6. Incidentally, Q, we Incidentally, since since 8 $22 is is globally globally interpretable interpretable in in Q, we also also have have that that the the theories theories 82 ) : kk 2: (Q) : kk 2: 8 $22 + + {{ GonEk Con~ k (($2): _ O} 0} and and 8 $22 + + {{ GonEk Con~.~(Q): >_ O} 0} are are equivalent. equivalent. 4.3.9. T h e o r e m .
$2 U {Con~ k(S2): k > 0} l/Con(S2).
It It is is an an immediate immediate consequence consequence of of Theorem Theorem 4.3.9 4.3.9 and and Corollary Corollary 4.3.8 4.3.8 that that 8 $22 + + exp establish. So exp j.t ~ Gon(82) Con(S2),, which which is is the the main main result result we we are are trying trying to to establish. So it it remains remains to to prove prove Theorem Theorem 4.3.9: 4.3.9: 's Diagonal Proof. � -sentence P r o o f . Let Let k > > 00 be be fixed. fixed. Use Use Godel Ghdel's Diagonal Lemma Lemma to to choose choose an an 3� 32~-sentence
�0 O. .
Acknowledgements. A c k n o w l e d g e m e n t s . We We are are grateful grateful to to JJ.. Avigad, Avigad, C C.. Pollett, Pollett, and and JJ.. Krajicek Krajf~ek
for corrections to preliminary versions for suggesting suggesting corrections to preliminary versions of of this this chapter. chapter. Preparation Preparation of of this article was was partially partially supported supported by by NSF grant DMS-9503247 DMS-9503247 and and by by cooperative cooperative this article NSF grant research NSF and Republic Ministry research grant grant INT-9600919/ME-103 INT-9600919/ME-103 of of the the NSF and the the Czech Czech Republic Ministry of Education. Education. of References References W. ACKERMANN W. ACKERMANN (1941) Zur 17, pp. [1941] Zur Widerspruchsfreiheit Widerspruchsfreiheit der der Zahlentheorie, Zahlentheorie, Mathematische Mathematische Annallen, 1117, pp. 162-194. 162-194. R. SOMMER J. AVIGAD AVIGAD AND AND R. SOMMER ordinal analysis, 3, pp. [1997] A model-theoretic model-theoretic approach approach to to ordinal analysis, Bulletin of Symbolic Logic, Logic, 3, pp. 17-52. 17-52. (1997)
J. BARWISE BARWISE [1977] Handbookof of Mathematical Logic, Logic, North-Holland, North-Holland, Amsterdam. Amsterdam. (1977) Handbook J. H H.. BENNETT BENNETT [1962] On Spectra, PhD PhD thesis, thesis, Princeton Princeton University. University. (1962) G G.. BOOLOS BOOLOS 1989) A A new new proof proof of of the the G6del Ghdel incompleteness incompleteness theorem, theorem, Notices of the American Mathematical ([1989] Society, 36, 36, pp. pp. 388-390. 388-390. [1993] The Logic Logic of Provability, Cambridge Cambridge University University Press. Press. (1993) S. R. R. Buss S. Buss
Bibliopolis, Napoli. 1985 Princeton (1986) [1986] Bounded Arithmetic, Bibliopolis, Napoli. Revision Revision of of 1985 Princeton University University Ph.D. Ph.D. thesis. in: Logic (1990) [1990] Axiomatizations Axiomatizations and and conservation conservation results results for for fragments fragments of of bounded bounded arithmetic, arithmetic, in: Logic and Computation, Computation, proceedings proceedings of a Workshop Workshop held held Carnegie-Mellon Carnegie-Mellon University, 1987, 1987, W. Sieg, Sieg, ed., vol. 106 Contemporary Mathematics, American Mathematical Mathematical Society, W. ed., vol. 106 of of Contemporary Mathematics, American Society, Providence, Rhode Island, pp. 57-84. [1992] A A note note on on bootstrapping bootstrapping intuitionistic intuitionistic bounded bounded arithmetic, arithmetic, in: in: Proof Theory: A (1992) selection of H. G. G. Aczel, of papers papers from the Leeds Leeds Proof Theory Programme 1990, 1990, P. P. H. Aczel, H. Simmons, S. Wainer, eds., Cambridge H. Simmons, and and S. S. S. Whiner, eds., Cambridge University University Press, Press, pp. pp. 149-169. 149-169.
144 144
S. s. Buss Buss
The witness witness function function method method and and fragments fragments of of Peano Peano arithmetic, arithmetic, in: in: Proceedings Proceedings of of [1994] [1994] The the Ninth Ninth International International Congress Congress on on Logic, Methodology Methodology and and Philosophy Philosophy of of Science, Science, the D. Westersts Westerstahl, eds., eds., Sweden, August August 7-14, 1991, 1991, D. D. Prawitz, Prawitz, B. B. Skyrms, Skyrms, and and D. Uppsala, Sweden, Elsevier, North-Holland, North-Holland, Amsterdam, Amsterdam, pp. pp. 29-68. 29-68. Elsevier, Relating the the bounded bounded arithmetic arithmetic and and polynomial-time polynomial-time hierarchies, hierarchies, Annals Annals of of Pure Pure and and [1995] Relating [1995] Applied Logic, 75, 75, pp. pp. 67-77. 67-77. Applied Bounded arithmetic arithmetic and and propositional propositional proof proof complexity, complexity, in: in: Logic Logic of of Computation, Computation, [1997] Bounded [1997] H. Schwichtenberg, Schwichtenberg, ed., ed., Springer-Verlag, Springer-Verlag, Berlin, Berlin, pp. pp. 67-121. 67-121. H. Buss AND AND A. A. IGNJATOVIC IONJATOVIC S . R. R. Buss S. Unprovability of of consistency consistency statements statements in in fragments fragments of of bounded bounded arithmetic, arithmetic, Annals Annals of of [1995] [1995] Unprovability 74, pp. pp. 221-244. 221-244. Pure and Applied Logic, 74,
S. R. R. Buss Buss AND AND J. J. KRAJfCEK KRAJiCEK S. [1994] An application application of of Boolean Boolean complexity complexity to to separation separation problems problems in in bounded bounded arithmetic, arithmetic, [1994] An of the London Society, 69, 69, pp. pp. 1-21. 1-21. Proceedings of London Mathematical Society, G. J. J. CHAITIN CHAITIN G. [1974] Information-theoretic Information-theoretic limitations limitations of of formal formal systems, systems, J. 21, [1974] J. Assoc. Assoc. Comput. Mach., 21, pp. pp. 403-424. 403-424. P. CLOTE CLOTE P. relations in in arithmetic, in: Methods C. A. Prisco, [1985] Partition [1985] Partition relations arithmetic, in: Methods in Mathematical Logic, Logic, C. A. Di Di Prisco, ed., Lecture Notes in Computer Computer Science #1130, Springer-Verlag, Berlin, pp. pp. 32-68. 32-68. ed., Lecture Notes in Science #1130, Springer-Verlag, Berlin, COBHAM A . COBHAM A. [1965] The The intrinsic intrinsic computational computational difficulty difficulty of of functions, functions, in: in: Logic, Logic, Methodology and Philos Philos[1965] ophy of of Science, proceedings proceedings of of the second International Congress, Congress, held in Jerusalem, 1964, Y. Y. Bar-Hillel, Bar-Hillel, ed., ed., North-Holland, North-Holland, Amsterdam. Amsterdam.
S. A S. A.. COOK COOK [1975] [1975] Feasibly Feasibly constructive constructive proofs proofs and and the the propositional propositional calculus, calculus, in: in: Proceedings Proceedings of the Seventh Annual ACM Association for A CM Symposium on Theory of of Computing, Association for Computing Computing Machinery, Machinery, New New York, York, pp. pp. 83-97. 83-97. AND A SS.. A A.. COOK COOK AND A.. URQUHART URQUHART [1993] [1993] Functional Functional interpretations interpretations of of feasibly feasibly constructive constructive arithmetic, arithmetic, Annals of of Pure and Applied Logic, Logic, 63, 63, pp. pp. 103-200. 103-200.
S. FEFERMAN S. FEFERMAN [1960] [1960] Arithmetization Arithmetization of of metamathematics metamathematics in in aa general general setting, setting, Pundamenta Fundamenta Mathematicae, 49, 49, pp. pp. 35-92. 35-92. H H.. GAIFMAN GAIFMANAND AND C C.. DIMITRACOPOULOS DIMITRACOPOULOS [1982] [1982] Fragments Fragments of of Peano's Peano's arithmetic arithmetic and and the the MRDP MRDP theorem, theorem, in: in: Logic Logic and and Algorithmic: An International Symposium held in honour of Ernst Ernst Specker, Monographie Monographie #30 #30 de de L'Enseignement L'Enseignement Mathematique, Math~matique, pp. pp. 187-206. 187-206. G. G. GENTZEN GENTZEN
[1936] [1936] Die Die Widerspruchsfreiheit Widerspruchsfreiheit der der reinen reinen Zahlentheorie, Zahlentheorie, Mathematische Mathematische Annalen, Annalen, 112, 112, pp. pp. 493-565. 493-565. English English translation translation in: in: Gentzen Gentzen [1969], [1969], pp. pp. 132-213. 132-213. [1938] [1938] Neue Neue Fassung Fassung des des Widerspruchsfreiheitbeweis Widerspruchsfreiheitbeweis fiir fiir der der reinen reinen Zahlentheorie, Zahlentheorie, Forschungen Forschungen zur Logik Logik end end zur Grundlegung der exacten exacten Wissenschaften, Wissenscha]ten, New New Series, Series, 4, 4, pp. pp. 19-44. 19-44. zur English English translation translation in: in: Gentzen Gentzen [1969], [1969], pp. pp. 252-286. 252-286. [1969] [1969] Collected Collected Papers Papers of of Gerhard Gerhard Gentzen, Gentzen, North-Holland, North-Holland, Amsterdam. Amsterdam. Edited Edited by by M. M. E. E. Sz Szabo. abo.
IRARD JJ.-Y. .-Y. G GIRARD [1987] [1987] Proof Proof Theory Theory and and Logical Logical Complexity, Complexity, vol. vol. I,I, Bibliopolis, Bibliopolis, Napoli. Napoli.
Proof rithmetic Proof Theory of of A Arithmetic
145 145
K K.. GODEL GODEL
[1958] Uber 0ber eine eine bisher bisher noch noch nicht nicht beniitzte beniitzte Erweiterung Erweiterung des des finiten finiten Standpunktes, Standpunktes, Dialectica, [1958] 12, pp. 280-287. 12, pp. 280-287. HAJEK AND P. PUDLAK P. Hh.JEK P. AND P. PUDLAK [1993] [1993] Metamathematics of First-order First-order Arithmetic, Perspectives Perspectives in in Mathematical Mathematical Logic, Logic, Springer-Verlag, Springer-Verlag, Berlin. Berlin.
D. HILBERT AND AND P P.. BERNAYS BERNAYS D. HILBERT [1934-39] [1934-39] Grundlagen der Mathematik, Mathematik, I1 fj 8~II, II, Springer, Springer, Berlin. Berlin. W. HOWARD W. A. A. HOWARD [1970] Assignment Assignment of of ordinals ordinals to to terms terms for for primitive recursive functionals functionals of of finite finite type, in: primitive recursive type, in: [1970] Intuitionism and Proof Theory: Theory: Proceedings Proceedings of the Summer Conference Conference at Buffalo N. Y. 1968, A. Kino, J. Myhill, N.Y. 1968, A. Kino, J. Myhill, and and R. R. E. E. Vesley, Vesley, eds., eds., North-Holland, North-Holland, Amsterdam, Amsterdam, pp. pp. 443-458. 443-458. D. JOHNSON, C C.. H. PAPADIMITRIOU, PAPADIMITRIOU, AND YANNAKAKIS AND M. M. YANNAKAKIS D. S. S. JOHNSON, 37, pp. [1988] How How easy easy is is local local search?, search?, Journal of of Computer and System Science, Science, 37, pp. 79-100. 79-100. [1988]
R. W. R. W. KAYE KAYE #15, Oxford [1991] Models Models of Peano arithmetic, Oxford Oxford Logic Logic Guides Guides #15, Oxford University University Press. Press. [1991] [1993] [1993] Using Using Herbrand-type Herbrand-type theorems theorems to to separate separate strong strong fragments fragments of of arithmetic, arithmetic, in: in: Arith Arithmetic, Proof Theory and Computational Krajicek, eds., Computational Complexity, Complexity, P. P. Clote Clote and and J. J. Kraji~ek, eds., Clarendon Clarendon Press Press (Oxford (Oxford University University Press), Press), Oxford. Oxford. KENT AND B. R. R. HODGSON C. F C. F.. KENT AND B. HODGSON [1982] An An arithmetic arithmetic characterization characterization of of NP, NP, Theoretical Computer Science, 21, 21, pp. pp. 255-267. 255-267. [1982]
R. M. M. SOLOVAY J. KETONEN J. KETONEN AND AND R. SOLOVAY [1981] Ramsey functions, 13, pp. [1981] Rapidly Rapidly growing growing Ramsey functions, Annals of Mathematics, Mathematics, 1113, pp. 267-314. 267-314. J. J. KRAJICEK KRAJICEK [1995] Bounded Arithmetic, Propositional Calculus Calculus and Complexity Theory, Theory, Cambridge Cambridge Uni Uni[1995] versity versity Press. Press. J. KRAJICEK, AND G J. KRAJICEK, P. PUDLAK, PUDLh.K, AND G.. TAKEUTI TAKEUTI [1991] Bounded Bounded arithmetic arithmetic and and the the polynomial polynomial hierarchy, hierarchy, Annals of Pure and Applied Logic, [1991] 52, pp. 143-153. 52, pp. 143-153. M. W. W. KRENTEL M. KRENTEL [1988] [1988] The The complexity complexity of of optimization optimization problems, problems, Journal of of Computer and System Sciences, 36, pp. pp. 490-509. 36, 490-509. H. LESSAN H. LESSAN [1978] [1978] Models Models of Arithmetic, PhD PhD thesis, thesis, Manchester Manchester University. University.
P. LINDSTROM P. LINDSTROM [1997] [1997] Aspects of Incompleteness, Incompleteness, Lecture Lecture Notes Notes in in Logic Logic #10, #10, Springer-Verlag, Springer-Verlag, Berlin. Berlin. R. J. LIPTON R. LIPTON Model theoretic in: Proceedin 19th Annual [1978] [1978] Model theoretic aspects aspects of of computational computational complexity, complexity, in: Proceedings 9s of the 19th Symposium on Foundations Foundations of of Computer Science, IEEE IEEE Computer Computer Society, Society, Piscataway, Piscataway, New Jersey, Jersey, pp. New pp. 193-200. 193-200. M LOB M.. H H.. L6B 15-118. [1955] [1955] Solution Solution of of aa problem problem of of Leon Leon Henkin, Henkin, Journal of of Symbolic Logic, Logic, 20, 20, pp. pp. 1115-118. E. MENDELSON E. MENDELSON [1987] [1987] Introduction Introduction to Mathematical Mathematical Logic, Logic, Wadsworth Wadsworth & & Brooks/Cole, Brooks/Cole, Monterey. Monterey.
146 146
s. Buss Buss S.
G . E. E. MINTS MINTS G. [1973] [1973) Quantifier-free Quantifier-free and and one-quantifier one-quantifier systems, systems, Journal Journal of of Soviet Soviet Mathematics, Mathematics, 1, 1, pp. pp. 71-84. 71-84.
E. NELSON NELSON E.
[1986) Predicative Predicative Arithmetic, Arithmetic, Princeton Princeton University University Press. Press. [1986]
NEPOMNJASCII V . A. A . NEPOMNJAS(~II V.
Rudimentary predicates predicates and and Turing Turing calculations, calculations, Kibernetika, 6, 6, pp. pp. 29-35. 29-35. English English [1970] [1970) Rudimentary translation in in Cybernetics 88 (1972) (1972) 43-50. 43-50. translation R. PARIKH PARIKH R. Existence and feasibility in in arithmetic, arithmetic, Journal of of Symbolic Logic, 36, 36, pp. pp. 494-508. 494-508. [1971] and feasibility [1971) Existence J. B. B . PARIS PARIS AND AND C. C . DIMITRACOPOULOS D IMITRACOPOULOS J. definitions for for �o formulae, in: in: Logic Logic and Algorithmic, Algorithmic, Monographie Monogmphie no 30 de [1982] Truth definitions Ao formulae, [1982) Truth L 'Enseignement Mathematique, Mathematique, University University of of Geneva, Geneva, pp. pp. 317-329. 317-329. L'Enseignement J. B. B . PARIS PARIS AND AND L. L. HARRINGTON HARRINGTON J. A mathematical mathematical incompleteness incompleteness in in Peano Peano arithmetic, in: Handbook Handbook of Mathematical [1977] arithmetic, in: of Mathematical [ 1977) A Logic, North-Holland, pp. 1133-1142. 1 133-1142. North-Holland, Amsterdam, Amsterdam, pp. J. B. B. PARIS PARIS AND AND L. L. A. A. S. S. KIRBY KIRBY J. !;n -collection schemes schemes in arithmetic, in: in: Logic Colloquium North-Holland, Amster [1978] ]En-collection in arithmetic, Colloquium '77, '77, North-Holland, Amster[1978) dam, pp. pp. 199-210. 199-210. dam,
C C.. PARSONS PARSONS On aa number-theoretic number-theoretic choice induction, in: [1970] choice schema schema and and its its relation relation to to induction, in: Intuitionism and [1970) On Proof Theory: Theory: Proceedings Proceedings of Y. 1968, A. Kino, Kino, of the Summer Conference Conference at Buffalo N. N.Y. 1968, A. J. Myhill, Myhill, and E. Vesley, eds., North-Holland, North-Holland, Amsterdam, J. and R. R. E. Vesley, eds., Amsterdam, pp. pp. 459-473. 459-473. 37, pp. pp. 466-482. 466-482. [1972] On n-quantifier n-quantifier induction, induction, Journal of of Symbolic Logic, Logic, 37, [1972) On W . POHLERS W. POHLERS
Lecture Notes Mathematics #1407, #1407, Springer-Verlag, Springer-Verlag, [1980) Proof Theory: An Introduction, [1980] Introduction, Lecture Notes in in Mathematics Berlin. Berlin.
P. PUDLAK P. PUDLAK [1983] Some Some prime prime elements elements in in the the lattice lattice of of interpretability interpretability types, types, Transactions of the [1983) American Mathematical Society, Society, 280, 280, pp. pp. 255-275. 255-275. [1990]) A A note note on on bounded bounded arithmetic, arithmetic, Fundamenta Mathematicae, 136, 136, pp. pp. 85-89. 85-89. [1990 RAZBOROV A A.. A A.. RAZBOROV [1994 [1994]) On provably provably disjoint NP-pairs, Tech. Tech. Rep. Rep. RS-94-36, RS-94-36, Basic Basic Research Research in in Computer Computer Science Science Center, Center, Aarhus, Aarhus, Denmark, Denmark, November. November. http://www.brics.dk/index.html. http://www.brics.dk/index.html. [199 [1995] Unprovability of of lower lower bounds bounds on on the the circuit circuit size size in in certain certain fragments fragments of of bounded bounded 5) Unprovability arithmetic, 59, pp. arithmetic, Izvestiya Izvestiya of of the RAN, 59, pp. 201-224. 201-224.
S. RUDICH A. RAZBOROV A. A. A. RAZBOROV AND AND S. RUDICH in: Proceedings CM Symposium on Theory [1994] Natural Natural proofs, proofs, in: Proceedings of the Twenty-Sixth Annual A ACM [1994) of Computing, Association Association for for Computing Computing Machinery, Machinery, New New York, York, pp. pp. 204-213. 204-213. J J..
B. B. ROSSER ROSSER 1936) Extensions Extensions of of some some theorems theorems of of G6del GSdel and and Church, Church, Journal of of Symbolic Symbolic Logic, Logic, 1, 1, [[1936] pp. pp. 87-91. 87-91.
K. g . SCHUTTE SCHUTTE [1977) [1977] Proof Proof Theory, Grundlehren Grundlehren der der mathematischen mathematischen Wissenschaften Wissenschaften #225, #225, Springer-Verlag, Springer-Verlag, Berlin. Berlin. W W.. SIEG SIEG [1985) [1985] Fragments Fragments of of arithmetic, arithmetic, Annals of Pure and Applied Logic, Logic, 28, 28, pp. pp. 33-71 33-71..
Proof Proof Theory Theory of of AArithmetic rithmetic
147 147
C. SMORYNSKI SMORYNSKI C. [1977] The The incompleteness incompleteness theorems, theorems, in: in: Barwise Barwise [1977], [1977], pp. pp. 821-865. 821-865. [1977] R. M. M. SMULLYAN SMULLYAN R. [1992] Godel's GSdel'sIncompleteness Incompleteness Theorems, Theorems, Oxford Oxford Logic Logic Guides Guides #19, #19, Oxford Oxford University University Press. Press. [1992] R. M. M. SOLOVAY SOLOVAY R. [1976] Letter Letter to to P. P. Hajek Hdjek Unpublished. [1976] R. SOMMER SOMMER R.
[1990] Transfinite TransfiniteInduction Induction and and Hierarchies Hierarchies Generated Generatedby by Transfinite Transfinite Recursion Recursion within within Peano Peano [1990] Arithmetic, PhD thesis, U.C. Berkeley. Berkeley. Arithmetic,
STOCKMEYER LL.. JJ.. STOCKMEYER [1976] The The polynomial-time polynomial-time hierarchy, hierarchy, Theoretical Theoretical Computer Science, Science, 3, 3, pp. pp. 1-22. 1-22. [1976] G.. TAKEUTI TAKEUTI G [1987] Proof Theory, Theory, North-Holland, North-Holland, Amsterdam, Amsterdam, 2nd 2nd ed. ed. [1987] [1990] Some Some relations relations among among systems systems for for bounded bounded arithmetic, arithmetic, in: in: Mathematical MathematicalLogic, Logic, Pro Pro[1990] ceedings ceedings of the Heyting 1988 1988 Summer School, School, P. P. P. P. Petkov, Petkov, ed., ed., Plenum Plenum Press, Press, New New York, pp. 139-154. A.. TARSKI, TARSKI, A. MOSTOWSKI, MOSTOWSKI, AND AND R. M. ROBINSON ROBINSON A [1953] Undecidable UndecidableTheories, Theories, North-Holland, North-Holland, Amsterdam. Amsterdam. [1953] A.. JJ.. WILKIE AND AND JJ.. B B.. PARIS PARIS A On the the scheme scheme of of induction induction for for bounded bounded arithmetic arithmetic formulas, formulas, Annals of Pure Pure and [1987] On Logic, 35, pp. 261-302. Applied Logic, C.. WRATHALL WRATHALL C sets and [1976] Complete Complete sets and the the polynomial-time polynomial-time hierarchy, hierarchy, Theoretical Theoretical Computer Science, Science, 3, 3, [1976] pp. 23-33. D. ZAMBELLA ZAMBELLA [1996] Notes on polynomially bounded bounded arithmetic, arithmetic, Journal of Symbolic Logic, Logic, 61, [1996] Notes on polynomially 61, pp. pp. 942-966. 942-966.
This Page Intentionally Left Blank
CHAPTER III III CHAPTER
Hierarchies of of Provably Provably Recursive Recursive Functions Functions Hierarchies Matt Fairtlough Fairtlough Matt Department of Computer Science, University of Sheffield, She]field, Sheffield She]field Sl $1 4DP, ~DP, England
Stanley S. Wainerl Wainer 1 Stanley of Pure Mathematics, University of Leeds, Leeds LS2 9JT, England Department of
Contents Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1. Introduction S t r u c t u r e d ordinals ordinals and a n d associated associated hierarchies hierarchies . . . . . . . . . . . . . . . . . . . 2. Structured 3. C o m p l e t e w-arithmetic w - a r i t h m e t i c .. .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 3. Complete 4. Provably P r o v a b l y recursive recursive functions functions of of PA PA . . . . . . . . . . . . . . . . . . . . . . . . . 4. I n d e p e n d e n c e results results for for PA PA .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . 5. Independence 6. T h e "true" "true" ordinal ordinal of of PA PA .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 6. The Theories with with transfinite transfinite induction induction . . . . . . . . . . . . . . . . . . . . . . . . . 7. Theories References References .. .. .. .. .. .. . . . . . . . . . . . .. . .. .. . . . . . . . . . . . . . . . . . . . . . . . . .
150 153 164 175 190 193 199 203
11The second author thanks the Department Department of of Philosophy at Carnegie Mellon University for generous hospitality and and the opportunity to teach some some of this material, during his year as a Fulbright Scholar 1992-93. HANDBOOK H A N D B O O K OF O F PROOF P R O O F THEORY THEORY Edited S. R. E d i t e d by by S. R. Buss Buss Elsevier Science Science B.V. B.V. All All rights rights reserved reserved © 1998 Elsevier
M. Fairtlough and S. Wainer Wainer M.
150 150 1 1.. Introduction Introduction
Since the the recursive recursive functions functions are are of of fundamental fundamental importance importance in in logic logic and and computer computer Since science, science, it it is is aa natural natural pure-mathematical pure-mathematical exercise exercise to to attempt attempt to to classify classify them them in in some some way logical and way according according to to their their logical and computational computational complexity. complexity. We We hope hope to to convince convince the do: interesting the reader reader that that this this is is also also an an interesting interesting and and aa useful useful thing thing to to do: interesting because it it brings brings to to bear, bear, in in aa clear clear and and simple simple context, context, some some of of the the most most basic basic because techniques theory such cut-elimination and techniques of of proof proof theory such as as cut-elimination and ordinal ordinal assignments; assignments; and and useful because it connections with useful because it brings brings out out deep deep theoretical theoretical connections with program-verification, program-verification, program program complexity complexity and and finite finite combinatorics. combinatorics. One One might might wonder wonder why why this this branch branch of of recursive function theory should should most recursive function theory most appropriately appropriately be be viewed viewed in in aa proof-theoretic proof-theoretic light, light, but but this this is is simply simply because because the the underlying underlying concerns concerns are are of of an an intensional intensional character, to do derivations of character, to do with with computations computations or or derivations of functions functions according according to to given given programs rather than than merely definitions in in extenso extenso as as sets sets of of ordered pairs. programs rather merely their their definitions ordered pairs. The The proof-theoretic proof-theoretic connection connection is is immediately immediately observable observable by by considering considering the the most most basic basic recursive recursive operation operation of of all, all, namely namely composition: composition: given given functions functions f f and and gg define define hh := ff oo gg by by the the rule rule
(g(x) -+ (f(y) (g(x) = = y) y)--+ ( f ( y ) == z) z) -+ --+ (h(x) (h(x)
= =
z) z)..
Then the Then the usual usual quantifier quantifier rules rules of of logic logic yield yield (x) = = y) y) -+ --+ \/ V yy .. 3:Jzz. (. f(f(y) (y) = - z) z) \/V xx ..3:Jyy. (. g(g(x)
-+ --~
(x) = - z) z) \/Vxx ..3:Jzz. (. h(h(x)
and and so so the the totality/termination totality/termination of of h h follows follows from from that that of of gg and and f f respectively respectively by by means means of of two two applications applications of of Cut. Cut. As As we we shall shall see, see, cut-elimination cut-elimination then then yields yields aa "direct" "direct" proof proof from from which which the the complexity complexity of of hh can can be be read read off. off. It relationship between hand, and It is is the the relationship between computational computational complexity complexity on on the the one one hand, and logical logical complexity complexity (of (of termination termination proofs) proofs) on on the the other, other, which which forms forms our our principal principal theme theme here. here. Put Put simply, simply, aa program program satisfies satisfies aa specification specification
\/input. (input, output) Vinput. :Joutput. 3output. Spec Spec(input, output) if computes an y) holds. if for for each each input input x x it it computes an output output y y such such that that Spec(x, Spec(x, y) holds. Mere Mere knowledge knowledge that that the the specification specification is is true true tells tells us us only only that that there there exists exists aa while whileprogram it. But possible structure program satisfying satisfying it. But to to gain gain information information about about the the possible structure and and specification is complexity complexity of of such such a a program program we we need need to to know know why why the the specification is true, true, in in other other words words we we need need to to be be given given aa proof. proof. Thus Thus our our primary primary interest interest will will be be with with those those (recursively (recursively enumerable) enumerable) classes classes of of functions functions which which are are "verifiably "verifiably computable" computable" in in given given subsystems subsystems of of arithmetic arithmetic and and analysis analysis whose whose proof-theoretic proof-theoretic strength strength is is well-understood. is not well-understood. This This is not to to say say that that the the problem problem of of classifying classifying all all recursive recursive functions functions "in "in one one go" go" is is uninteresting-far uninteresting--far from from it. it. The The known known general general results results of of Feferman Feferman [196 [1962] in that that direction-on direction--on completeness completeness and and incompleteness incompleteness of of hierarchies hierarchies 2] in ' s O-raise generated generated along along paths paths in in Kleene Kleene's O--raise further further deep deep questions questions which which remain remain unanswered, unanswered, e.g. e.g. "what "what is is a a natural natural well-ordering?" well-ordering?"
151 151
Provably Recursive Functions
Our Our aim aim then then is is to to find find uniform uniform scales scales against against which which we we can can measure measure the the computational computational complexity complexity of of functions functions verifiably verifiably computable computable in in "known" "known" theories. theories. By By "complexity" "complexity" we we mean mean "complexity "complexity in in the the large" large",, as as measured measured by by the the rates rates of of growth irrespective of they be be polynomial, growth of of resource-bounding resource-bounding functions functions irrespective of whether whether they polynomial, exponential exponential or or much much worse. worse. We We do do not not wish wish to to place place prior prior restrictions restrictions on on their their size, size, but but rather rather to to have have the the means means of of comparing comparing one one with with another. another. How How might might this this be be achieved? achieved? What What form form should should a a "subrecursive "subrecursive scale" scale" take? take? To To answer answer this this we we need need first definitions we first to to ask ask what what kind kind of of features features of of recursive recursive definitions we are are actually actually trying trying to to measure and measure and compare. compare. Suppose kind, together Suppose given given a a number-theoretic number-theoretic program program of of some some kind, together with with an an operational semantics operational semantics determining determining for for each each number number n n aa space space C(n) C(n) consist consisting of of all all computations and sub-computations of the the program, on in ining computations and sub-computations of program, starting starting on puts The sub-computation relation puts � _ n n.. The sub-computation relation induces induces aa tree tree structure structure on on C(n) C(n) and and we we will will assume assume further further that that it it has has been been linearly linearly ordered ordered by by a a suit suitThen able ordering - =:~ a ~ + + f3 ~ E E OS f~ s 1. 2. a, ~ , f3 ~ E OS f~s ==> ==V a c~.· f3 fl E E OS f~s provided provided 00 E a[l] c~[1] 2. 3. a, c~, f3 ~ E E OS f~s ==> = : , afJ c~# E E OS f~s provided provided 11 E a[l] c~[1] 3.
P r o o f . We We proceed proceed by by O-induction fMnduction on on/~. Again, all all three three are are similar similar so so we we prove prove Proof. f3. Again, (3) assuming assuming (2) (2).. If If f3 r = 00 then a# = = 11 and and 11 E Os f~s.. (3) then afJ
+l = For the the successor successor step step from from/~ to f3 r + 11 assume assume afJ a # E Os f~s.. Then Then afJ a #+1 = afJ a # .. a a and and f3 to For this belongs belongs to to OS f~s by by (2), (2), because because the the proviso proviso 11 E a[l] a[1] implies implies 00 E afJ[l] a#[1] from from the the this proof of of Lemma Lemma 2.12. 2.12. proof For the the limit limit case case/~f3 = = sup sup/3x f~s we we must must check check the the structuredness structuredness condition condition f3x EE OS For + 1] 1] for for every every limit limit A A� ~ afJ a #.. This This follows follows immediately immediately from from the the induction induction [n + AA,n EE AA[n hypotheses if if A A -< -~ afJ a # because because in in that that case case we we have have A A� ~ afJz a #x for for some some x. x. It It therefore therefore hypotheses remains to to verify verify it it in in the the case case A A = - afJ a# = - sup(afJz sup(a#x).) . But But then then for for any any fixed fixed n n we we remains have f3 ~,n E E/3[n + 1] f~s,, and and 1 E E a[l] a[1] C C a[n + 1] by the the proviso. proviso. Therefore Therefore 1] by have f3[n + 1] since/3 since f3 EE Os a[n + AAnn = afJ[n + 1] = n+ 1] immediately Lemma 2.12. This = afJn a #" E E a#[n + 1] = A[ A[n + 1] immediately from from part part (3) (3) of of Lemma 2.12. This completes the the proof. proof. completes 2.14. Notation. Notation. In what what follows follows we we shall often drop brackets from from (a+f3) (c~+~)[n] 2.14. In shall often drop round round brackets [n] or (a (c~.· f3) ~)[n] and write write a c~ + + f3[n] ~[n],, a ~./~[n] instead. or [n] and · f3[n] instead. 2.15. Examples. Examples. 2.15.
1. w0 E OS f~s and and w w= = 11 + + w w0o = = sup(1 sup(1 + + x) x) E Os f~s.. 1. Wo
al . n 2. a Olll ,, .. ... ,. , ak Olk E E ~"~S ~ wOOl nll + + ." .. . + -t- W wa akk . 9nk nk E OS ~s.. OS ==> 2. w l n n n = . . • . + [n] == w 3. w ~ [[nn]] = w w"+~[n] w" . n n + + w w"-l 1 . n n + +... . + + W w ·. n n + + n n + + l[n] l[n].. Thus Thus the the elements elements 3. wW of wW [n] are are exactly exactly those those ordinals ordinals of of co'~ of the the form form w w"n . 9mo mo + m ,n_-l l + + m + .. ... . ++ w w . 9m m,n where every ii _< where mmii .
n+ 1 = Bw(n) n+ F!l' f 2 ++l ~ ((n) ~) = = 22~ + 11 < < n ~+ + 22 "§ = S~(~) + _= F B,+I -.~ B 2"+1 l l F:+I(n) < B�� w.a (n) ('~) < < B��;l ~.a (n) ( n ) == B S~.,+~(n) W.a+w(n) : (n) < = = F>.Jn) F~. (n) < < Bw.>.Jn) S~.~. (n) = Bw.>.(n). S~.~ (n). =
2.24. G, H 2.24. The T h e computational c o m p u t a t i o n a l honesty h o n e s t y of of G, H ,, B B and and F F We call aa computable computable function bounded by We call function "honest" "honest" if if its its complexity complexity is is bounded by some some iterate iterate of of itself. itself. Since Since our our concern concern here here is is with with "large" "large" functions, functions, bigger bigger than than
Provably Recursive Functions
161 161
exponential, it it does does not not matter matter whether whether we we measure measure computational computational complexity complexity in in exponential, terms terms of of space space or or time, time, but but it it will will be be convenient convenient to to think think in in terms terms of of space-complexity. space-complexity. Clearly, the the computability computability and and complexity complexity of of the the functions functions Gc Ga," Hc" Ha, Bo B~ and and F Fa, Clearly, a, for a's a's ranging ranging below below some some fixed fixed tree tree ordinal ordinal , "y depend depend on on the the computability computability and and for complexity of of the the operation operation complexity {(a - 1, 1, x) x) if if a a is is aa successor successor a, xx),) �> (a ((a, ' . 'is llimit. 'f a a IS ax , xx)) Imlt. 1if ((ax, 2.25. Definition. Definition. Let Let qq be be aa strictly strictly increasing increasing number-theoretic number-theoretic function. function. Then Then 2.25. tree-ordinal , ~/is q-space-representable if if there there is is aa uniform uniform method method of of representing representing aa tree-ordinal is q-space-representable each a a -( -~ , ~/as word rr aanI on on aa TUring Turing Machine Machine tape tape ((or more generally generally as as aa term term each as aa word or more in some some finite finite language language), and aa standard standard representation representation of of numbers numbers x x by by words words rrxn, ) , and xI, in such that that the the transition transition such .is a successor a - I' 17,, rrxn) ((rr a a successor x, ) 1'iff aa IS ((ran, raI , rrxn), x, ) �~ (rr aa n-', n) if a a is is limit limit if ( x , rrxx') is computable computable within within space space less less than than q(lr q(/(ran) + / (lr r xx')), n ) ) , where w h e r e /l((rraan,)) denotes denotes the the is a,) + length of of the the word word rran. length aI.
{
{
2.26. Lemma. Lemma. Suppose that that , 7 = sup sup% ~s is is q-space-representable q-space-representable and and let let 2.26. Suppose 'x EE OS ql (n) = ·2 and ·n. Then ql(n) = q(n) q(n).2 and qq~(n) q(n).n. Then for for a a -( -~ , ,~ and and x x E e N N the the space-complexities space-complexities 2 (n) = q(n) (x) are bounded as of computations of of the the computations of Go(x) G~(x),, Ho(x) Ha(x), , Bo(x) Ba(x) and and Fa F~(x) are bounded as follows: follows: ( G +I _< q ,, X ) (Wal) + + Wx')) SG (a, x) ::; ( H � ) SH(a,x) rxn rX' (and ( and halt) halt) (r#n, r0n ,rxn ) , > ( r # n , r x + 7) r(3l , rOI, rx') � r(3l , rx +l l')
(r#n, a ++ 17, rx')) ~_+ rx')) r(3l , rra l l , rxn � (r#n, ( r (3l , rraanl ', rraanl ', rxn
r (3', r A I , rx, )
�
( r(3', r Ax I, rX ')
Fairllough and and S.S. Wainer Wainer M. Fairtlough M.
162 162
The space space used used in in the the computation computation of of B(fl, B({3, x) x) will will be be denoted denoted SB(fl, SB ({3, x). x) . The Now let let L~(x) La (x) be be the the step-counting step-counting function function associated associated with with the the recursive recursive definidefini Now La (La (x)) ++ 1;1 ; L~(x) tion of of B~(x), Ba (x) , thus thus Lo(x) Lo(x) == xx ++ 1;1 ; La+l(x) La+1 (x) == L~(La(x)) L;.. (x) == L~=(x) Ldx) ++ 1.l . tion As above, above, define define L(fl, L({3, x) Lf30 o0 L#, x ) == L#o (x) . Then Then what what we we need need to to prove prove isis Lpl o0 .· .· .· o0 L#k_l LPk _ l (x). As the following: following: the
Claim. For every every aa -~-< 7'Y and and every every sequence sequence #,{3, ififfor for every every xx C l a i m . For sB(#,~) max(n, max(n, m) m).. In In the the fifirst case we we need need to to apply apply the the induction induction ark] hypothesis hypothesis to to obtain obtain max(n, max(n, m) m)": NN f-.Bm ~ A, A, B(m) B(m).. The The desired desired result result then then follows follows immediately immediately by by Weakening. Weakening.
168 168
M. Fairllotlgh Fairtlough and and S. S. Wainer Whiner M.
Otherwise, whatever whatever final final rule rule is is applied applied VxB(x) VxB(x) remains remains as as aa "side "side formula" formula" 2.2. Otherwise,
in the the premises. premises. So So we we can can apply apply the the induction induction hypothesis hypothesis to to each each one, one, in thus replacing replacing nn : : N N by by max(n, max(n, m) m) :: N N and and VxB(x) VxB(x) by by B(m) B(m).. The The desired desired thus result result is is then then obtained obtained by by re-applying re-applying the the same same final final rule, rule, since since f3 /3 E C ark] ~[k] implies/?f3 E e a[max(k, c~[max(k, m)] m)].. Note Note that that if if n n :: N N f-0 ~ A, A, VxB(x) VxB(x) is is an an axiom axiom then then implies F-~ A A is is also also an an axiom, axiom, and and hence hence so so is is max max(n, m) :: N N f-0 ~-~ A, A, B(m) B(m).. nn :: NN f-0 (n , m)
A II of 3.7. Definition. D e f i n i t i o n . The The height height I[A of aa formula formula A A is is defined defined as as follows: follows" 3.7. 1. IIn" n : NNI--0 I=O 1. . . .) I = 2. 2. IIE( E ( .. .. ..))II -= IIE( E(...)I = 11 Al II)) + 3. 3. lI Ao A0 /\ AA A1l II = = II Ao A0 V vA A11 = m max([ A0 [,I, I[A1 + 11 lI = ax (1 Ao A 1 = 4. 3xA(x) Il - II A I1 ++ 1 4. II VxA(x) VxA(x) 1l = - 113xA(x) CI The cut-rank cut-rank of of aa derivation derivation is is then then defined defined as as the the supremum supremum of of all all the the values values of of I[C[ The
where C C is is aa cut-formula cut-formula appearing appearing in in it. it. Thus Thus if if aa derivation derivation has has cut-rank cut-rank 00 then then where there are are no no L-Cuts L-Cuts used used in in it, though there there may may still still be be many many N-Cuts. We need need only only there it, though N-Cuts. We be concerned concerned here here with with derivations derivations of of fi finite cut-rank and and we we denote denote the the fact fact that that a a be nite cut-rank derivation of of n n : 9N N f-0 ~a A A has has cut-rank cut-rank ::; _< rr by by writing writing n n : 9N N f-� t--~ A. A. derivation 3.8. Note. N o t e . Weakening Weakening and and inversion inversion do do not not affect affect cut-rank. cut-rank. 3.8.
Suppose 3.9. Lemma. Lemma. Suppose n n : 9N N f-0 ~a A, A, E E where where E E is is aa false false atom. atom. Then Then n n : 9N N f-0 ~a A. A. 3.9. This lemma lemma is is required required for for the the following following result result (the (the proof proof is is an an easy easy induction induction on on the the This derivation of of n n : 9N N f-0 ~ A, A, E). E). derivation 3.10. C ut-Reduction L emma. Suppose n n : 9N f-� I-~ A, and n n : 9N f-� I-~ A',-~C 3.10. Cut-Reduction Lemma. Suppose A, C C and A/, ...,C where C is is aa formula the form E(( .. ... .)) or = rr + or Bo BI or or 3xB(x), 3xB(x) , and and II C where C formula of of the form E Bo V B1 C II = + 1. l. Suppose that a[n/] Suppose also also that c~[n'] � C_ 7[n'] n.. Then ,[n'l for for every every n' n' > 2: n Then n" N ~-~+= A', A --7'
Proof. by induction induction over over the the derivation derivation of n:N N ~f-� A, A, C. P r o o f . We We proceed proceed by of n" C. If C C is is an an inactive the final rule applied either nn : 9N ~ A A 11.. If inactive side-formula side-formula in in the final rule applied then then either N f-� +o A', is an in which so is is nn :9N A', A; A; or C remains in the the is an axiom axiom in which case case so N ~-~+~ or else else C remains in -f-� -~, premises final rule thus: premises of of that that final rule thus: k:N N F-r f-�~ A", A" , CC k" where we we may may assume, assume, by by weakening weakening ifif necessary, necessary, that that kk _> 2: nn and/3 and f3 E c~[k], ark] , where so/~[n'] C � -y[n'] ,[n'l for for every every n' n' _> 2: k. k . Therefore Therefore by by weakening weakening nn" : N N ~-~ f-� A', A/, ~""C so f3[n/] C_ (if necessary) necessary) to to kk :9N N ~f-� A', A/, ~""C and applying applying the the induction induction hypothesis, hypothesis, we we (if C and obtain obtain k" k:N N ~f-�++~.B A', A/, A A"II o
and hence hence the the final final rule rule can can be be re-applied to obtain obtain nn 9 N and re-applied to N ~-~+~ f-J+ A', as A', A A as --7" required. required.
169 169
Provably Recursive Recursive Functions
If C c == = E is the the "main" "main" formula formula of of n n ": N N I-� F-7 A, A, C C then then this this means means E 22.. If E(( ... .. ). ) is E(( ..... ). ) is is true true and and we we have have an an axiom. axiom. Consequently Consequently -,C ~ C == = E( E ( ... .. ). ) is is false. false. Now Now nn : 9NN 1-;: ~-r7 A' A ~ follows follows from from n n : 9N N 1-;: F-r7 A', A ~, -,C -~C by by Lemma Lemma 33.9 and Weakening Weakening then then . 9 and +Q A', gives --y, gives n n": N N I-;: ~_7+a A ~, A. A 9 3. 3. If If C C == - (Bo (B0 V V B1) B1) is is the the main main formula formula the the proof proof is is similar similar to to the the next next case. case. 4. If If C C == = 3xB(x) is the the main main formula formula then then the the last last rule rule applied applied in in obtaining obtaining 3xB(x) is 4. nn : 9NN I-� F7 A, A, C C is is an an 3-rule 3-rule and and we we may may assume assume that that the the two two premises premises are, are, for for some some m, m, ~_~om m ": N N and and n n": N N 1-� F~11 A, A, B(m), B(m), C C nn": NN I-�o where [n] . [n] � where f3o ~0,131 C_'}' "y[n]. , f31 Ee o:a[n]
Now induction hypothesis Now apply apply the the induction hypothesis to to the the right-hand right-hand premise premise so so as as to to obtain obtain H7mt-~lA i 'I,, A, A, B(m) B(m) n~'~:" N I-;:+Ih
and and apply apply \I-inversion V-inversion and and Weakening Weakening to to the the assumption assumption n n : 9N N 1-;: F-~ A', A', \lx-,B(x) Vx~B(x) to to obtain obtain -,B(m) ((.) *) max(n, m) m)": N N 1-;: t-~ A', A', A, A,-~B(m) max(n, Then N-Cut with n, m) Then one one N-Cut with n n": N N I-�o t-~~ max( max(n, m) : 9N N yields yields H7+-~-~1 A I, A, A,-~B(m) nn": NN I-;: Ih A', -,B(m)
provided 0. For *) provided f3dn] ]~I[T~]=f. ~ O. For if if 65 E e f3dn] j31[n] we we may may weaken weaken the the ordinal ordinal bound bound in in ((.) N-Cut applies both f30 and from f3dn] . from '}' "), to to ,},+ "y+ 65.. Then Then the the N-Cut applies since since both/30 and ,}, -y+ + 65 Iie lie in in '}'+ ~ +/31[n]. Thus Thus if if f3 ~l[n] r 0 o we we can can apply apply an an L-Cut L-Cut with with cut-formula cut-formula B(m) B(m) of of height height rr 1 [n] =f. to A',~ A to obtain obtain n n : 9N N I-rQ ~ +~ A A as as required. required. --7" On On the the other other hand hand if if f3dn] j31[n] = -- 0 o then then n n :: N N 1~ ,811 A, A, B(m), B(m), C C is is an an axiom axiom and and ,8 1 A', A, A, B(m) A', A nn": NN 1-F ~1 A', B(m) is is too. too. Thus Thus either either n n" : N N 1-;: ~ A', A is is already already an an axiom, axiom, or 3.9 and * ) to or else else -,B(m) -~B(m) is is a a false false atom atom in in which which case case we we may may use use 3.9 and ((.) to obtain obtain +Q A', (n, m) A, from max max(n, m ) ": N N 1-;: F~ A', A', A, from which which we we may may deduce deduce n n ": N N I-;: ~-~+" A', A A by by an an N-Cut as N-Cut as before. before.
3.11. (Gentzen 3.11. Cut-Elimination C u t - E l i m i n a t i o n Theorem. Theorem. (Gentzen [1936] [1936] and and Schiitte Schiitte [1977]) [1977]) lf n : N 1-;" If n n": N I-�+l ~-rabl A A then then n" 1-2~ A. A. Hence n n": N N I-� F-7 A A implies implies n n": N N I-f ~* A where 0: a** = = eXP2 exp~(~) Hence A where (0:)
= =
2" } 22",'·2" } rr 2'2's.s .
Proof. induction on nal rule P r o o f . We We proceed proceed by by induction on the the derivation derivation of of n n : 9N N I-� ~-r~_kl A. If If the the fi final rule + l A. applied induction hypothesis applied is is anything anything other other than than an an L-Cut L-Cut of of rank rank rr + + 11,, apply apply the the induction hypothesis o:[n] then to to the the premises premises and and then then re-apply re-apply the the same same rule rule using using the the fact fact that that if if f3 ~ E C a[n] then hand, the final rule 22,8z EE 2Q[n] 2"[n].. If If on on the the other other hand, the final rule is is an an L-Cut L-Cut with with premises premises ~0 ~1 nn " : N I-��l and ~-r+l A, A , - -,C he and n n " : N I-��l ~-r+l A, A, C C
where induction hypothesis possibly aa Weakening where II C CII = - rr + + 11,, then then the the induction hypothesis and and possibly Weakening gives gives n'N 2 ~ A, A , ~-,C C and and n n'N - 2 ~A, A,C n : NF I-;Il : NF I-;Il C
170 170
M. M. Fairllough Fairtlough and S. S. Wainer Whiner
where /3 is /30 , /31 in where/~ is the the greatest greatest of of/~0,/~1 in a[n] a[n].. Now Now the the Cut-Reduction Cut-Reduction lemma lemma 3.10 3.10 applies applies C, ...,~ CC of immediately, immediately, with with 'Y 7 = - a a = - 2{j, 2e, A' A~= = A A and and one one of of C, of the the required required form. form. /l +2/l AA and P [n']'] S;;; Hence Hence n n :: N N r; t-~~+2~ and since since 22Pe + + 22e[n C_ 2°[n'] 2~[n '] when when n' n' � _> n n,, the the desired desired result result follows follows by by a a Weakening. Weakening.
3.12. 3.12. Note. N o t e . It It may may later later be be convenient convenient to to replace replace the the exponential exponential 220~ (in (in 3.1 3.11) by 1 ) by wO w ~.• The The above above proof proof still still works works in in that that case, case, but but with with the the proviso proviso that that the the declared declared P [n']'] S;;; parameter parameter n n should should be be nonzero nonzero since since only only then then do do we we have have w w Pe + +w we[n c_ wO[n'] wa[n '] for for all all n' n' � _> n, n, whenever whenever /3 ~ E E a[n] a[n].. 3.13. is 3.13. Definitions. Definitions. A A E�-formula lE~ is one one of of the the form form 3zl . . . 3zkB(zl, . . . , zk)
where where B B is is "bounded" "bounded" in in the the sense sense that that all all quantifiers quantifiers occurring occurring in in it it are are bounded bounded quantifiers quantifiers 3y(y 3y(y < < tt /\ A . .. .. ). ), , Vy(y Vy(y 1:. ~ tt V V ..... ). ) with with tt either either a a variable variable or or a a closed closed term. term. Note that that this this restriction restriction is is not not a a severe severe one, one, for for if if the the quantifier quantifier bound bound tt were were an an Note open term term then then we we could could rewrite rewrite 3y(y < tt /\ A ....) as 3z(z 3z(z = = tt /\ A 3y(y 3y(y < < z z /\ A ... .. ). )) ) and and open 3y(y < . . ) as vy(y 1:. tt V v . .. .. ). ) as as 3z(z 3z(z = = tt /\ ^ Vy(y vy(y < < zz ^/\. . . ). )) ) .. Vy(y A A closed closed E� E~-formula as as above above is is said said to to be be true true at at m m E E N N if if there there are are m ml, 1 , .. .. ..,, m m, such that B(m (in the mk, all less less than than m, such that B ( m ~1 ,, ... .. ,. , mk) mk) is is true true (in the standard standard model). model). k , all A is A set set A A of of closed closed E�-formulas lE~ is true true at at m m if if at at least least one one Ai Ai E EA A is is true true at at m. m.
3.14. is 3.14. Note. N o t e . If If a a set set A A of of closed closed E�-formulas IE~ is true true at at m m then then it it is is automatically automatically true m'. This Also true at at any any greater greater m'. This property property is is called called E�-persistence. lE~ Also if if A A contains contains a a true bounded then true formula formula all all of of whose whose quantifiers quantifiers are are bounded then A A is is true true at at any any m. m. 3.15. 3.15. Bounding B o u n d i n g Lemma L e m m a for for r. F-. 11.. nn": N r� m : N if and only N ~-~ m " N if and only if if m m ::; _ ;::: B~(m) Bw {m) = = m m+ + 22m space bounded bounded by by some some fixed fixed iterate iterate of of Bo, Ba , say Ba+i . But But for any space say B�i B~' -= Bo+i. for any reasonable model model of of computation computation there there is is aa bounded bounded "computation "computation formula" formula" reasonable C, {X,, y,z) y, z) which which expresses the fact fact that that f{x) is computable computable within within resource resource CI(Z expresses the f(Z) is and with with output-value Since we we know that our our ff is is computable computable within within zz and output-value y y.. Since know that resource Ba+i , it follows that that the the formula formula 3y3z C, {m , y, y, z) z) is is true true resource bounded bounded by by Bo+i, it follows 3y3z.. Cf(rh, at Ba+i(max Bo+~(max rh), by Bounding (3),, we we at m) , for for all all inputs inputs ff~. m. Therefore Therefore by Bounding Lemma Lemma 3.15 3.15 (3) have 2, have for for jj = = II c, C f lI ++ 2, a+ + L �:N N -o~-~ ::J .. C � , y, zz)) max m max nh" Ci(rh ::JY-.:Jz , (m, '0 i i ::J3y3z and then then by applications of the V-rule, 'V-rule, and by k k applications of the k \.I�::J ::J a+ � L ~+'+J+k Cf, ((,~, y, zz). vX -.:JY-.:JZ . C m, y, '0 i+i+ V~3y3z. ).
Since limit and Since "I "y is is aa limit and a c~ -< -~ "I "y we we also also have have a c~ + § ii + -t- jj + § kk -< -~ "I "y and and hence hence f f is is "I-recursive. "y-recursive. The The second second equality equality was was previously previously established established at at the the end end of of section section 2. 2. 22.. This This follows follows exactly exactly the the same same lines lines as as (I) (1) but but using using Bounding Bounding Lemma Lemma 3.16 3.16 O for conditions imposed for p ~o.. The The closure closure conditions imposed on on "I ~' ensure ensure that that if if f f E E{Ga) E(Go) + I , and for some some a (~ -< ~ "I "y we we may may assume assume 22wW � _'~ a c~ so so that that Ga{m) Go(m) ;::: _> 2m 2re+l, and then then for ' find find a (~ -< -~ "I ")' such such that that Gal Go, bounds bounds aa fixed fixed iterate iterate of of Ga Go.. Hence Hence f f will will be be computable computable within within resource resource bounded bounded by by Gal Go, and and for for each each input input m, r5, the the �� E]~ al formula {m, y, true at formula 3y3z 3y3z.. C, Cf(ff~, y, zz)) will will be be true at Ga/ Go, {max (max m) r5),, and and so so max max m r5 p ~o' 3y3z 3y3z.. C, {m, y, y, zz)) and C/(r5, and f f is is therefore therefore "I-definable. "),-definable.
3.20. 3.20. Example. E x a m p l e . First First notice notice that that for for each each integer integer kk ;::: >_ 0, 0, B Bo+~ is just just Ba Bo iterated iterated a+k is
m+l {m) and times, so so E{Ba) E ( S o ) == E{Ba+k) E(Bo+k).. However However Ba B o+w + ~{m) ( m )= - B� S2~+l(m) and so so B Bo+~ 22k~ times, ow eventually eventually dominates dominates every every function function in in E{Ba) E(Bo) if if w w � ~ a. a. Thus Thus B Bo+~ E(So). a+w �r E{B a) . In particular then, then, the k with k = 1 , 2, . . . play the role of the Ack In particular the functions functions B Bw.k with k = 1, 2,... play the role of the Ackw. k+2 ermann/Grzegorczyk ermann/Grzegorczyk functions functions in in such such aa way way that that E{B E(B~.k) = Grzegorczyk's Grzegorczyk's £ E k+2. . w .k) = Therefore Therefore for for each each kk ;::: _ 22 we we have have by by 33.19 (1), since since w w.. kk is is q-space q-space representable representable for for . 1 9 (I), some some polynomial polynomial q, q, HI REC(w.. k) k) = = £ ~k--t--1 REC{W
Provably Provably Recursive Recursive Functions Functions and hence hence and
175 175
REC(w 22)) = -- PRIMITIVE PRIMITIVE RECURSIVE. RECURSIVE. REC(W
Note hand, Note that that on on the the other other hand,
E~
= t; 3.
3.21. Example. Example. It should should be be fairly fairly clear clear that that for for limits limits , 7 satisfying satisfying mild mild repre repre3.21. It sent ability and sentability and closure closure conditions, conditions, that that the the ,-recursive 7-recursive functions functions are are exactly exactly those those defined recursions over initial segments ,. For recursion f, defined by by nested nested recursions over initial segments of of 7. For any any such such recursion f, computation formula formula Cf Cf would would be be definable definable and and an an informal informal termination termination proof proof aa computation by transfinite transfinite induction induction could could be be translated translated into into aa formal formal proof proof within within the the system system by f"( . Conversely, F-~. Conversely, the the Hierarchy Hierarchy Theorem Theorem would would show show that that any any ,-recursive 7-recursive function function is is elementary elementary in in some some BOt B, for for a ~ � -~ " 7, and and so so definable definable by by nested nested recursions recursions because because the the B, functions functions are. are. BOt
3.22. 3.22. Note. Note. From From the the example example on on primitive primitive recursion, recursion, we we see see that that part part 11 of of the the Hierarchy Hierarchy Theorem Theorem applies applies to to any any , 7 which which is is q-space q-space representable representable for for some some primitive primitive recursive q, and such such that that w2 w2 :s _ , 7.. recursive q, and Similarly Similarly part part 22 of of the the Hierarchy Hierarchy Theorem Theorem applies applies to to any any , 7 which which is is q-space q-space representable q, provided representable for for some some primitive primitive recursive recursive q, provided , 7 is is at at least least as as big big as as the the fifirst rst primitive primitive recursively recursively closed closed ordinal ordinal and and also also satisfies satisfies the the stated stated compositionality compositionality requirement. requirement. These conditions will will indeed These conditions indeed be be satisfied satisfied by by any any , 7 to to which which we we later later apply apply the the Hierarchy Hierarchy Theorem, Theorem, but but we we leave leave the the reader reader to to convince convince him him or or herself herself of of this this fact. fact. In particular, it In particular, it is is quite quite easy easy to to see see that that C:o ~0 is is polynomial-space polynomial-space representable. representable. See See e.g. Sommer e.g. Sommer [1992] [1992].. 4. Provably 4. P r o v a b l y recursive r e c u r s i v e functions f u n c t i o n s of o f PA PA
Here recursive functions (PA) Here we we characterize characterize the the provably provably recursive functions of of Peano Peano Arithmetic Arithmetic (PA) and its its fragments: fragments: and PRovREC(PA) PRovREc(PA) = = REC(C:o) REC(e0) PRovREC(L:�-IND ) = PROvREc(E~ = REC((C:O)n) REC((e0),) if if n n >� 22 PROVREC(~0_IND)- REC(W REC(w22)) PRovREC(L:�-IND)
These These results results go go back back to to Kreisel Kreisel [1952] [1952] for for PA, PA, Parsons Parsons [1966] [1966] for for the the fragments, fragments, and and to to Wainer Wainer [1970] [1970] and and Schwichtenberg Schwichtenberg [1971] [1971] for for their their corresponding corresponding subrecursive subrecursive hierarchy classifications. hierarchy classifications.
4.1. 4.1. Peano P e a n o Arithmetic A r i t h m e t i c (PA) (PA).. Our Our version version of of PA PA is is formalized formalized classically classically in in aa Tait-style calculus PA built out Tait-style calculus PA f~- A A where where as as before, before, A A is is aa finite finite set set of of formulas formulas built out
E( . . . ) , E( . . . ) using of of atoms atoms E(...), E(...) using V, V, 1\ A,, 3 3,, V; V; but but now now the the formulas formulas may may contain contain free free variables. the free variables. It It is is sometimes sometimes convenient convenient to to display display the free variables variables occurring occurring in in A A by by
176 176
M. Fairtlo'tlgh Fairtlough and S. Wainer M.
L-Ax L-Ax fF- A, A, E(tb E ( t l , .. ... ., , tk) tk),, E(tb E ( t l , .' ... ., , tk) tk) V V
f-F- A, A , Bi Bi A, (Bo (B0 V B B1) f- A, 1)
1\
A, Bl f-t-A, A, Bo Bo fF-A, B1 f-~- A, A, (Bo (Bo 1\ A B1) B1)
3
A, B(t) B(t) f-~ A, 3zB(z) f-~- A, 3xB(x)
f-F- A, A, B(y) B(y) VxB(x) f-F- A, A, VxB(x)
V
= 0 0 or or ii = = 11 ii =
not free free in in A A y not
A , ~...,Ce ft- A, A,C e f-F- A, f-t - AA
L-Cut L-Cut
Figure rules of 2: Logical Figure 2: Logical axioms axioms and and rules of PA PA writing The special not occur in the writing A(Xb A ( x l , ... .. . ,,Xk) etc. The special atoms atoms x x : 9N N do do not occur in the language language of of Xk) etc. PA. PA. 1. logical axioms are as as in 2. The logical axioms and and rules rules are in figure figure 2. 1. The The principle principle of induction is formulated here rule (but (but see Note 4.3 below) : of induction is formulated here as as aa rule see Note 4.3 below)" 22.. The Ind Ind
f- A,B(0) A, B(O) t-
f-~ A, + 1) A , -...,, BB( (x) x ) , ,BB(x (x + 1) f- A, A, B(t) B(t)
where the the variable not free free in any term. where variable xx is is not in A, A, and and tt is is any term. 3. To ground, we to add certain arithmetical 3. To get get the the theory theory off off the the ground, we also also need need to add certain arithmetical axioms defining the the atomic relations between basic terms. Among these these will will axioms defining atomic relations between basic terms. Among the successor successor function function ++ 11 and and the the equality equality and and inequality inequality be 0, the be the the constant constant 0, y) relations Eo(x, y) -== (x (x == y) y) and and Eo(x,y) Eo(x, y) -== (x (x #=f. y), y) , El(X,y) E1 (x, y) === (x (x > 0, 0, define define "7' by where where d dl1 > > ". ." . > > dk dk and by ...+w dk .9(3Ok). ,-)1 w ddl1 . . (3cd (3C1) + -~-"""-~Wdk (3Ck). "! --=W
Then by induction on 2w ·w we we have have Then by induction on 7, ~� 2~'~ implies (3 ~'' + + 22 E e , 7'[e(m)] (3 Ee 7[m] ,[m] implies ' [e(m)]
(t) (t)
where where e(m} e(m) = - 33 ..22m+! m+l - l1.. w .d • c. The holds vacuously. c. If The case caSe , 7 = - 00 holds vacuously. Otherwise Otherwise we we can can write write , 7 = - 0~ + + 22~'d" If , 7 is is )}. aa successor [m] U successor then then d d= = 00 and and (3 ~ E e ,[m] 7Ira] implies implies (3 ~ E e 0~ + + (c ( c -- l} 1)[m] U {o (~ + + (c (c- I1)}. By By the the induction induction hypothesis hypothesis we we then then have have ~'' + + 22 E C 0~'' + + 3(c 3 ( c -- l1)[e(m)] U {o' {~' + + 3c 3 c -- I} 1} C C, 7'[e(,~)]. ) [e(m}] U (3 ' [e(m}].
Finally (3 Ee '%~[m]. Finally if if , ")' is is aa limit limit then then d d> > 00 and and/~(3 E E ,[m] "),Ira] implies implies/~ So by by the the m [m]w. .(So +! induction induction hypothesis hypothesis (3 fl'+2 7~[e(m)].. But But 'm ~/,~ = = 0+2 5 + 2 ~w'.dd .. ((c c -_- 11}+2 ) + 2 ~ ' ( dd- 1l))' .22m m+l ' +2 Ee ,:"[e(m)] and and so so 'Tim = = 0(~!' + -~- w ~ddd"• (3c (3C -- 3) 3) + -~- W 5ddd-- l1" (e(m) (e(m) + -~- I}. 1). ,:" Therefore Therefore •
[e(m)] C + 22 E e ,:"[e(m)] 7~[e(m)] = = 05'' + +w w dd" (3c ( 3 c- 2) 2)[e(m)] C, 7'[e(m)]. (3~'' + ' [e(m)]. •
This This completes completes the the proof proof of of (t) (t).. We We now now use use this this to to prove prove n :
n 9N N f-'Y t-~ A A implies implies n n : 9N N f-'Y" b~" A A
+1 + . d1 ."el ..+ . dk ."Ck where if if ,~ / = = 22w~'dl "~"."'" "~-22ww'dk aS above, above, then then ,7"" = = wd1 (-ddl-F1 "~- " ~l + + 22.. Cl + where Ck as Furthermore Furthermore the the transformation transformation from from bound bound ,~/ to to bound bound ,7"" does does not not alter alter any of of the the cut-formulas. cut-formulaS. The The proof proof is is by by induction induction over over derivations. derivations. The The any axiom axiom case caSe is is immediate immediate and and all all other other cases caSes have have the the same same form. form. For For suppose suppose
183 183
Provably Recursive Functions n
-11 A, is derived premises m n :: N N IF-"I~ A A is derived from from premises m :: N N 1kZ A , BB by by any any rule, rule, where where ~/[m].. By By the the induction hypothesis we we have have m m :: N N 1k--~'' B and and by by (3 EE ,[m] induction hypothesis 11" A, A, B 2 A,, BB since Weakening, ee(m) N 1~-"1" " --2 A since by by (t) (t),, (3' f l ' ++ 22 E e ,'[e(m)] ~'[e(m)] and and hence hence Weakening, (m) :: N +1 on (3" fl" E9 ," 9 ' "- 2[e(m)] 2[e(m)].. The The only only reason reason for for the the extra extra wd1 w d1+1 on the the front front of of , 9'"" is is -2 ee(m)" (m) . to _2 (m) � (m) � Hence : N 1 "1" : N by (m) to ensure ensure that that B B~,,_2(m) >_ B B~+,(m) >_ e(m). Hence m " N k~"-2 N by m e W+1 "I" " 1 Bounding A, B Bounding Lemma Lemma 33.15 (1). Therefore Therefore by by an an N-cut, N-cut, m m : 9N N IF-"I~''-1 A, B.. We We can can .15 (1). "I" A, A, B now now re-apply re-apply the the rule rule in in question question to to obtain obtain n n :: N N Ik--~'' B as as desired. desired. +l + Step 22 now now follows follows by by putting putting , -y = 22ww'd SO that that ,,/" ~" = - Wd w d+l + wd w d.. 33 + + 2. This Step .d so 2. This completes completes 4.9. 4.9. -
-
4.10. 4.10. Theorem. Theorem. REC(w 22)) � C_ PRovREC(��-IND) PROVREC(E~ REC(W Proof. By By 3.20 3.20 B B~.k is primitive primitive recursive, recursive, for for each each kk 6E N N and and so so by by the the Hierarchy Hierarchy Proof. w .k is Theorem, Theorem, every every function function in in REC(W REC(w 22)) is is primitive primitive recursive. recursive. We We therefore therefore only only need show show that that every every primitive primitive recursive recursive function function is is provably provably recursive recursive in in ��-IND. 9 need This This is is done done by by assigning assigning to to each each primitive primitive recursive recursive definition definition of of aa function function f, f, aa i, y, with the intuitive meaning: "z is a sequence code which bounded formula bounded formula C, CI(2, y, z) with the intuitive meaning: "z is a sequence code which z) ( describes describes the the step-by-step step-by-step computation computation of of f(i f (~), ending with with output output y" y".. The The formula formula ) , ending 3y 3 z . C, 3y3z. CI(s(i, y, y, zz)) then then � E~� -defines f(i f(E)) and and we we merely merely have have to to show show it it to to be be provable provable in in ��-IND. ~~ If f f is is defined defined by by one one of of the the initial initial schemes: schemes: 1. If
ff ((i M)) -=- 00 or or f(i f ( ~ )) -= x , Xl + l + 1 or or f f ((~i')) = - x Xi i
to be then y, zz)) to then take take C, Cf(s( i, y, be the the conjunction conjunction of of zz = - 00 (the (the empty empty sequence) sequence) with with y -= - 00 or or y y -= X Xl l + l+ 1 or or yy -=x iXi respectively. respectively. Then Then in in each each case case we we have have C, 0) or or c, Cf(E, O, O) Cf(~,x, + 1, l, 0) O) or or C, Cf(~,xi, O) (i, Xi, 0) (i, Xl + ( i, 0,
provable provable immediately immediately by by identity identity axioms, axioms, hence hence IF- 3y3 3y3z. CI(E y, zz)) by by the the z . C, (i,, y, 3-rule (i,, y, 3-rule and and hence hence IFV Vsi 3y3z 3y3z. . C, CI(Y. y, zz)) by by the the V-rule. V-rule. 2. 2. Suppose Suppose f f is is defined defined from from go go,, gl g, and and g g22 by by the the substitution substitution scheme: scheme: i) , gg2(x)) ff(x) (i) = 2 (i)) - g g0(g, O ( gl ((x),
and and assume assume inductively inductively that that g go, g, and and g g22 have have already already been been assigned assigned "compu "compuo , gl tation tation formulas" formulas" C Co, C1 and and C C~2 so so that that in in ��-IND X]~ o , Cl
I-F VVZi 3y3z 3y3z. . Ci Ci(Y., y, zz).) . (i, y, Then to be Then take take C, Cf(s( i, y, y, zz)) to be the the formula formula lh(z)) = = 33 /\ A (z)o (Z)o =f:. ~ 00 /\ A (zh (z), =f:. r 00 /\ A (z (z)~ r 00 /\ A Yy = = u((z)o) u((z)o) lh(z h =f:. ^/\ Cl c1((i,, u((zh ) , v ((zh)) /\ ^ C2 (i, u((zh) , v ((zh)) ( (z)o)) . ^C Co(u((z)l), u((z)o),, vv((z)0)). o (u((zh ) , u((z h) , u((z)o) /\
Wainer Fairtlotlgh and M. Fairtlough M. and S. S. Whiner
184 184
derive can derive that we to see easy to it's easy PA it's in PA arithmetical axioms the arithmetical Now from Now from the axioms in see that we can
",C1 (x, yl, Zl ) , ..,C2(x, Y2, Z2) , ",Co(yl, Yo, zo) , p(yl, z~Zl ),) , p(y~, zo) , p(y~, (P(Yo , zo), Yo , (p(yo, C,(x, yo, c~(~, P (Y2, z~) Z2)))>)..
I- ~c, (z, y~, z,), ~c~(z, y~, z~), ~Co(y~, yo, zo),
Then by quantifier rules in the the correct correct order order we we obtain obtain rules in the quantifier applying the by applying Then I-
3xvyVz . ..,C1(X, y , z) , 3xvyVz . ..,C2(X, y , z) , 3xvyVz . ..,Co(x, y , z) , VX 3y3z .C,(X, y, z) ,
3~yv~. ~c~ (~, y, z), 3~yv~. ~c~(~, y, ~), ~ y v ~ . - C o ( ~ , y, z), v~ 3y3~. c~(~, y, z),
cuts, successive cuts, three successive by three this by and and from from this
VX 3y3z .C,(X, y , z). 91 by and gl 90 and defined from is defined Suppose ff is 3. Suppose 3. from go by primitive primitive recursion: recursion: 1) = )). f(x f(~,, 0) 0) - 90(x) go(~) ,, f(x f(~,, w w+ + 1) -- 9gl(x, f(~,, w w)). 1 (X, w,w, f(x been assigned already been 91 have Assume Assume 90 go and and gl have already assigned formulas formulas Co Co,, C1 C1 such such that that in in I- V~ 3y3z. CI(~. , y, z). ~-
=
have we have �� ~]~ IND we -
VX 3y3z. Co (x, y , z) VX VwVw'3y3z. C1(X, w, w' , y, z).
IF- V~. 3y3z. Co(F., y, z) ~- V~ VwVw'gygz. C1 (~,, w, w', y, z). I-
C,(x, w, y , z) 0) /\ lh(z) = w w+ + 11 A ((z),; =j:. # O) AY y = = u((z)w) u((z)w) Vi > OO.. Proof. P r o o f . The The proof proof is is by by induction induction on on aa.. If If aa = - 11 then then ordx(a o r d x ( a -- 11)) = - 00 = -- Px(I) Px(1).. (x + Suppose Suppose a a > > 11 and and that that the the complete complete basebase-(x + 1) 1) form form of of aa is is a = (x + 1)al 9ml -[- (x -[- 1)a2 9m2 + . . .
+ (x + 1 ) a k . m k .
If ak -- 0 then o r d x ( a - 1) - ord~(a) - 1 -- P~(ordx(a)). If ak > 0 then let b = (x + 1)a' 9ml + (x + 1)a2 9m2 + . . . + (x + 1) ak. (ink -- 1).
Then Then
1
-2 . x + = bb + + (x (x + + I1t ) akk - l . xx + + (x (x + + l)ak 1)ak-2-x + '.". . + + (x (x + + 1)° 1)~. x. aa -- I1 = -
•
Let ) . Then Let c¥ a = - ordx(a) ordx(a), f3 fl = - ordx(b) ordx(b) and and C¥k ak = -- ordx{ak ordx(ak). Then by by the the induction induction hypothesis hypothesis we we have have (Ok ) 9xx + (Ok ) . 9xx + ordx {a - 1) ordx(a 1) = = f3 fl + +W w P. P'(ak) +W w P; P2(ak) + . .. .. . + + x. x. ,
-
•
Therefore Therefore by by the the properties properties of of the the function function Px Px we we obtain obtain
ordx {a 1) k) = {ordx{a)) ord~(a1 ) -= Px(!3 Px(fl + +W wOa~) - Px Pz(ordx(a)) -
5.4. 5.4. Lemma. L e m m a . g{x, g ( x , aa) ) = = G G Xz + P z ( o r d z ( (a))) a))). . + 1l ((Px{ordx
M. Fairtlough and and S. S. Wainer Whiner M.
192 192
P r o o f . By By the the definitions, definitions, note note that that Proof. g(x,a) g(x, a)
=
=G Gx+~(ordx(a1)) X+ 1 (ordx(a - 1))
since Gx Gx+l replaces base base w by by (x (x + + 2) 2),, as as in in 2.11. 2.11. The The result result then then follows follows from from 5.3. 5.3. since +1 replaces 5.5. Lemma. L e m m a . Let Let aax, ax+l, ax+2,.., be the the Goodstein Goodstein sequence sequence on on (x, (x, a) a).. Then Then for for x , ax 5.5. +2 , " . be +b ax each jj each 1. ordx+j(ax+j) - Px Px+j-1 Px+j-2 Px(ordx(a)). 1. ordx x (ordx (a) ) . +j(ax+j) = +j - 1 Px +j -2 '" "" "P 2. ax ax+j = Gx Gx+j(ordx+j(ax+j)). 2. +j(ordx+j(ax+j)) . +j = Proof. Proof. By induction induction on on j. j. The The base base case is trivial trivial and and for for the the induction induction step step we we have have 11.. By case is by 5.3, 5.3, by ordx+j+l(g(x + j, ax+j))
= -
ordx ordx+j(ax+j - 1) 1) +j(ax+j Px+j(ordx+j(ax+j)). Px +j (ordx+j (ax+j)).
Hence ordx ordx+j+l(ax+j+l) -- Px Px+j(ordx+j(ax+j)) and the the result result follows follows immedi immediHence +j (ordx+j (ax+j)) and +i+ l (aX+i+l ) = ately from from the the induction induction hypothesis. hypothesis. ately 2. This is is immediate immediate by by iterating iterating 5.4. 5.4. 2. This
5.6. (Cichon 5.6. Theorem. Theorem. (Cichon [1983]) [1983]) Let Let {a {a,},>x be the the Goodstein Goodstein sequence sequence on on (x, (x, a) a).. i };�x be Then 0, and Then there there is is aa y y such such that that ay ay = = O, and the the least least such such yy is is given given by by yy = = H Horde(a)(x). ord. (a) (x) . Proof. 5.5, ordx+j+l(ax+j+l) ordx+j + 1 (ax+j + 1 ) -~ -< ordx+j(ax+j) ordx+j (ax+j) if if ordx+j(ax+j) ordx+j (ax+j) :fl P r o o f . By By 5.5, By welli= 0. O. By well foundedness there must must be stage kk at at which which ordx+k(ax+k) ordx+k (ax+k) = and hence hence foundedness there be aa first first stage -- 00 and = O. O. By By Theorem Theorem 2.19 2.19 we we can can express express this this kk as ax+k as ax +k -kk
= -
least k. k . (Px+k-1 (Px+k- l Px+k-2""Px(ordx(a)) 0) Px+k -2 ' . . Px(ordx(a)) == 0) least D Dord~(a)(succ)(x) ord. (a) (succ) (x)
Hord.(a) (x)).. and therefore therefore xx §+ kk = and ---- Uordz(a)(X 5.7. heorem. (Kirby 5.7. TTheorem. (Kirby and and Paris Paris [1982]) [1982]) Let Let Good(a,x, Good(a, x, y) y) be be aa E~ '£� -formula of of arithmetic arithmetic expressing expressing the the fact fact that that the the Goodstein Goodstein sequence sequence on on (x, (x, a) a) terminates terminates at at y, y, i.e. ay ay == O. O . Then Then VaVx3y. VaVx3y . Good(a, Good(a, x, x, y) y) isis true true by by 5.6, 5. 6, but but not not provable provable in PA. i.e. in PA. PProof. r o o f . If were aa theorem If itit were theorem of of PA, PA, the the function function h(a,x) h(a, x) == least least yy . . Good(a,x, Good(a, x, y) y) would be be provably provably recursive recursive in in PA. PA. For x, set set a(x) a(x) == exp~+l exp;+ 1 (1). (1) . Then Then a(x) would For each each x, a(x) isis primitive would also also be primitive recursive recursive and and so so the the function function h(a(x), h(a(x) , x) x) would be provably provably recursive recursive (co)x, we we have Hco (x) . in PA. PA. However, However, by by 5.6 5.6 and and since since ordx(a(x)) ordx(a(x)) -= (c0)x, in have hh(a(x), ( a ( x ) , xx) ) -= H6o(X). This This contradicts contradicts 4.12(4). 4.12(4) .
Provably Recursive Functions
193 193
6. The T h e "true" " t r u e " ordinal o r d i n a l of o f PA PA 6.
Section Section 44 characterizes characterizes the the provably provably recursive recursive functions functions of of PA PA in in terms terms of of co c0recursiveness but, but, recalling recalling definitions definitions 3. 3.17, it still still remains remains to to characterize characterize them them in in recursiveness 17, it terms of of 'Y-definability. 7-definability. We We shall shall now now "compute" "compute" the the appropriate appropriate 'Y 7 by by appealing appealing terms to the the Hierarchy Hierarchy Theorems Theorems 3.19 3.19 and and finding finding an an ordinal ordinal map map a a 1-7 ~ a+ a + such such that that for for to ' s, a � -< co e0,, and and even even much much larger larger a a's, a B~ = Go+ We then then have have We
P P RRovREC(PA) ovREc(PA) = = REC(co) REC(c0)= = ��-DEF(c:t). E~ 's system For related related results results and and an an alternative alternative treatment treatment in in terms terms of of G6del GSdel's system T T of of For primitive recursive recursive functionals, functionals, see see Schwichtenberg Schwichtenberg and and Wainer Wainer [1995] [1995].. ct c + is is the the primitive proof-theoretic ordinal ordinal of of the the theory theory of of one one inductive inductive definition definition and and is is usually usually referred referred proof-theoretic to as as the the Bachmann-Howard Bachmann-Howard ordinal ordinal ((see Howard [1970]) [1970]).. Girard Girard [1981] [1981] was was the the first first see Howard to to give give a a detailed detailed analysis analysis of of the the relationship relationship between between the the fast-growing fast-growing and and the the to slow-growing hierarchies hierarchies and and once once the the correct correct result result was was known, known, many many others others gave gave slow-growing more direct and simpler analyses. analyses. We We shall shall follow follow the treatment in Cichon and and more direct and simpler the treatment in Cichon Wainer [1983] [1983] and and more more generally, generally, Wainer Wainer [1989]. [1989]. The The main main point point is is that, in order order that, in Wainer to describe describe the the map map a a 1-7 ~+ a+ a +,, one one needs needs to to make make use use of of "higher "higher number number classes" classes" of of to uncountable tree-ordinals. tree-ordinals. However, However, since we are are only only concerned concerned here here with "small" uncountable since we with "small" a a ' 'ss below below co e0,, we we only only need need to to go go to to the the "next" "next" number number class class over over fl. f~.
Let Let flo ~0 = - N N and and flI f~l = - fl. ~. Then Then the the set set fl2 f~2 is is generated generated inductively according according to to the the four four rules: rules: inductively Zero. 0 0 E f~2 E fl2 Zero. Succ. a EE~ 2fl2 = ====} ~ a +al E+~ 21 E fl2 Succ. a = (a~) (ax) EE fl2 flo(ax EE ~2) fl2) ====} Lim0. Vx E E ~0(a~ ~ aa = f~2 Limo. Vx fl2) ==~ ===} aa == (a~) (a� ) EE ~2 Lim l . V� fl2 flI (a� E ~2) Liml. V~ EE ~l(a~
6.1. Definition. 6.1. D efinition.
Note: we we sometimes sometimes write = S U P a e� according a = Note: write aa == sup sup a~ ax or or aa = SUPa according to to whether whether a = (a~) (ax) or a = (ae) in f~2. or a = (a fl2 • � ) in 6.2. D e f i n i t i o n . The The (well-founded) partial ordering defined 6.2. Definition. (well-founded) "subtree" "subtree" partial ordering -< � on on f~2 fl2 iiss defined as the transitive closure of the rules as the transitive closure of the rules a -� . < a ++l l .9 a • 9Vx sup az) ax) Vx EE ~0(az flo (ax -< � sup • 9 V� V~ E E fh flI (ar (a{ -< � SUPar SUPa{) 6.3. r i t h m e t i c on Addition, multiplication and exponentiation Arithmetic on f~2. fl2 . Addition, multiplication and exponentiation of of ~2 fl2 are are 6.3. A for ~1, flI ' but but with with an an extra extra limit limit clause clause in in each each case, case, viz. viz. defined defined exactly exactly as as in in 2.11 2.1 1 for
SUP,B{ = SSUP(a aa++ SU P& = U P ( a ++&,B{) ) SUP,B{ = aa. · SUPflr
SUP(a · ,Bd SUP(a.fl~) SUP /Je = SUP(a&). aaSUP& SUP(a/Je ) .
M. M. Fairtlough Fairtlough and and S. S.
194 194
Wainer Wainer
6.4. 6.4. Examples. Examples. 11.. wo w0 = = sup sup x, x, wl t~ 1 = --- SUP(l SUP(1 + + �) ~c) ~,1 �l W W l ~,+~ = SUP sup(l, Wl, w~l'1,, W WlI ,, .. ... ). ). . 22.. CW (1 , W I,W l +I 6.5. Definition. The 6.5. D efinition. The slow slow growing growing function function G G :: 01 ~1 X • 00 ~0 -+ --+ 00 ~0 is is now now extended extended to notationally convenient to aa map map G G :: O2 f12 x • 00 ~0 -+ --+ 01 ~1.. As As in in 22.11 it will will be be notationally convenient to to swap swap . 11 it the write, for the arguments arguments and and write, for each each fixed fixed n E E N IN,, Gn{a) G , ( a ) instead instead of of G",(n) G , ( n ) . . Thus Thus for for each n we O2 -+ 01 by the following each we define define Gn G , :: ~2 --+ ~1 by the following recursion: recursion:
n
n
Gn(O) G.(0) = = 00 Gn(a G . ( a ++ l ) 1) = = Gn{a) G . ( a ) ++l 1 Gn(sup C.(sup ax) ) = Gn(an) Gn(SUPae) Gn{ax) G.(SUPa~) = = sup supG .(a~) Note Note that that we we immediately immediately have, have, for for every every
n,
n,
Gn(wd an(W1) = : 11 + + wo W0 = - - ww E E 01• ~'~1. 6.6. 6.6. Lemma. Lemma.
For For each each fixed fixed n n E E N IN and and all all a, a, /3 13 E E O2, i22, Gn{a G.(~ + + /3) ~) = Gn(a) G.(a) + + Gn(/3) G.(~) . . /3) Gn(a Gn(a) Gn(/3) a . ( a . fl) = G . ( a ) . G.(fl) Gn(a.8) Gn(a) Gn (lJ) =
Proof. inductions on P r o o f . This This is is by by easy easy inductions on /3 ~ E E O2 f~2..
rules: 6.7. Definition. 6.7. D e f i n i t i o n . Let Let EXP EXP � c_ O2 ~2 be be generated generated inductively inductively according according to to the the rules: • 01 U 9 ~'~1 U {W {~dl} C EXP EXP I} � •9 a, /3, a a , / ~/3 E E EXP EXP � ==a a a + +/~, ~./3, ~ E E EXP EXP.. · /3, a.8 6.8. 6.8. Lemma. Lemma.
have have
Fix Fix n n E E N IN.. Then Then for for every every 'Y 3' E E EXP E X P of of the the form form 'Y 3" = = SUP'Ye SUP3'~ we we V~ 6 f~l(G.(3'~)= G.(3')c.(~))
Proof. P r o o f . This This is is by by induction induction on on the the generation generation of of 'Y 3' E E EXP E X P . . The The base base case case 1I is is easy easy because Gn(re) = Gn{�) = then 'Ye because the the only only possibility possibility is is 'Y 3' = = W Wl, so then 3'~ = = 11 + + �~ and and G,(3'~) = 11 + + G,(~) = I , so . /3 where w wc.(~) = Gn(r) G,(3')c.(~ In case case 22 suppose suppose for for example example that that 'Y 3' = = a c~./3 where a a E E EXP EXP Gn (e) = Gn (e)).. In and a n d / 3/3 E E EXP E X P . . Then Then there there are are two two sub-cases. sub-cases. Either Either/~/3 = - / 3/3' ' + + 11,, in in which which case case induction hypothesis 'Y3' = - a a . /. 3/3'' + + a ~ and and hence hence by by the the induction hypothesis applied applied to to a, a, G.(7~) = Gn{a G . ( ~ . /. 3/3'' + + a ~d ) = = Gn(a G . ( a . /.~/3') ') + + Gn(a) G.(a)a.(~) = Gn(r) G.(7)a.(~). (re) = Gn Gn (e)· Gn ( e ) =
Or induction hypothesis Or/~/3 = = SUP/3e SUP/3~ in in which which case case 'Ye 3'~ = = a a . /· ~/3e, , and and hence hence by by induction hypothesis applied applied to /3, to/3, G.(7~) - G.(c~). G.(/~) = G.(c~).G.(~)G.(~) = G.(7)c.(~).
195 195
Provably Recursive Recursive Functions Functions Provably
6.9. DDefinition. The fast-growing fast-growing hierarchy hierarchy BB :: ~011 •x 9to 00 -+ -+ ~o 00 isis "lifted" "lifted" to to aa 6.9. efinition. The hierarchy ~o:
11,, PA. PrtOVREC(II~ 6.16. 6.16.
= REC((e0)~)= Z~
It now now remains remains to to prove prove that that It
c"' l + 1 (wo) c:~0t+ = = CP v~,+~(~0)
is structured. This is structured. This has has been been done done by by Kadota Kadota [1993] [1993] and and independently independently (though (though pre previously unpublished second author. author. We develop an viously unpublished)) by by the the second We first first need need to to develop an appropriate appropriate notion of of structuredness structuredness for for O f~2. notion 2, Definition. ((cf. cf. 2.6) 2.6) For E f22 O2 and and all N, flf3 EE ~'~1, 01 , define the finite finite set Definition. For each each aa E all nn E E 51, define the set a[n,/~] of aa by a[n, f3] of of -K-predecessors - cP v~(Z) e cp vo(Z)[~].
Proof. We proceed by by induction induction over over aa EE f~2. O2 • The The zero zero case case is is trivial trivial and and both both Proof. We proceed limit cases cases follow follow immediately immediately from the induction induction hypothesis hypothesis and and the the definitions definitions of of limit from the and a[n, a[n, ~]. f3] . For For the the successor successor case case suppose suppose 7'Y EE aa ++ l[n, U {a}. {a}. f3] -= a[n, a[n, fl] f3] U ~a(~) CPo (f3) and l [n, fl] Then qp~(fl) since 68 ++ l[n] for E qoa(/3)+ Then � qO,+x(~)[n] � tPa(6)[n] cP-y(f3) E CPo (f3) + l[n] cpo ( 8) [n] C CPO+ 1 (f3) [n] since l [n] == qa0((f)[n] cpo (8 ) [nJ for l [n] C_ any any 6. 8. Let be the of the Let -K -< s8 be the transitive transitive closure closure of the rules rules aa -K -<s8 aa ++ 1; 1; 8 8 Vn(an Vn(an -K -<s sup sup a=); ax) ; V7 V'Y EE f~S(c~ -<s SUPa~). SUPae ) . Of(a-y -K 66.18. .18. D efinition. Definition.
198 198
M. Fairtlough and and S. S. Wainer Whiner M.
6.19. Call 6.19. Definition. Definition. Call a a E E n2 f~2 structured structured if if for for all all "small "small limits" limits" A A -:�/ _ s a, a, . Vn Ee N V7 v~ Ee nf af - {O} {0}.w ~.. (An ( ~ Ee A[n ~[~ + + 1~,, 7D ~]).· Let n� f2s denote denote the the set set of of all all structured structured a cz E E n2 f22 and and note note that that a c~ E E n� f2s and a n d / ~fJ -<s _<s a a Let imply t h a t / ~fJ E E n� f2s.. imply that
6.20. Lemma. For have: 6.20. L emma. For every every a c~ E E n� f2 s we we have: 'Po -+ (nf ~o.: (nf C a r- {O}) {0})-~ ( a f -- {O}). {0}).
Proof. P r o o f . We We proceed proceed by by induction induction on on a cz E E nq f2s.. Let Let fJ /~ E E nf f21s - {O}. {0}. If If a c~ = = 00 then then ~o~(/~) = / 3fJ + + 11 E E nf f21s - {O}. {0}. For For the the successor successor case case a c~ -+ --+ a c~ + + 11 we we have have 'Po ~P~+z (/~) = = 'Po (fJ) = +! (fJ) ~o~(~o~(/~)) E E nf f~s _ {O} {0} by by two two applications of the the induction induction hypothesis. If a c~ = = sup sup ax c~ 'Po('Po(fJ)) applications of hypothesis. If then ~ (fJ) (/~) = = sup sup 'Po. ~a~ (fJ) (/~) and and by by the the induction induction hypothesis hypothesis 'Po. ~pa~(fJ) (/~) E E nf f 2 s- {{O} 0 } for for each each then 'Po x. Thus only need structuredness condition x. Thus we we only need check check the the structuredness condition 6.19 6.19 for for 'Po(fJ) ~o~(/~) itself. itself. Now Now ax a[x + , fJl for x, because structured, and czx E E c~[x + 11,/3] for each each x, because a cz is is structured, and therefore therefore by by Lemma L e m m a 6.17, 6.17, ~o~(/3) E E 'Po(fJ)[x ~(/~)[x + + 11 1].· If If a c~ = = SUPae SUPc~ then then 'Po(fJ) ~o~(/~) = = 'Po� ~o~ (fJ) (/~) and and a c~s -<s _<s a c~ and and this 'Po.(fJ) this fl case case is is then then immediate immediate by by the the induction induction hypothesis. hypothesis.
6.21. Lemma. (cf. a, ~, fJ, 85 E 6.21. L emma. (cf. 2.12) 2.12) For For all all c~, E n2 f22,, all all 7 7 E E n1 ~1 and and all all n n E E N N we we have have fJ[n, 71 1. 85 EE fJ[n, 1. t3[n, 71 V] => ==~ a a + + 85 E E a c~ + +/~[n, V] 2. fJ[n, ,1 a 2. 8~ E e ~[~, ~] => ~ ~ ·. 8~ E e a ~ ·. fJ[n, ~[~, 71 ~] if iS 0o E e a[n, ~[~, ,1 ~] afl[n, 71 3. 3. 8~ E E fJ[n, ~[n, 71 V] => ==~ ad c~6 E E c~S[n, V] if if 1I E E a[n, c~[n, 71 V].. P r o o f . This This is is almost almost identical to that that of of 2.12 2.12 but but with, in each each case, case, an an additional additional Proof. identical to with, in trivial trivial step step corresponding corresponding to to "big "big limits" limits"/3fJ = = SUPfJe SUPfl~..
6.22. (cf. 6.22. Theorem. Theorem. (cf. 22 .. 13) 1 3 ) /If f aa,, fJ fl E E n� f2s then then 1. a + fJ E n� /. ~ + # e ~ 2. Vn > 2 a ~. · fJ # E e n� a~ provided , ~ o , i ~ V7 v~ E e nf ~f - {{O} 0 } .. w > O0.. (0 (0 E e a[n, ~[n, 7D ~]) 3. afl E n� provided V, E nf - {O} . Vn > O . ( 1 E a[n, ,D . Proof. All parts induction on 3) assuming P r o o f . All parts are are similar, similar, by by induction o n / ~fJ E E nq f2s.. We We just just do do ((3) assuming -+ fJ 2). If I f / 3fJ = = 00 then then aO c~~ = = 11 E E nq f2s.. For For the the successor successor case case fJ /3--+ /~+ + 1 1 we we have have ((2). afl part (2), the proviso c~s+z - afl c~s . 9a c~ E E n� f~s by by the the induction induction hypothesis hypothesis and and part (2), since since the proviso on on +! = fJx then a a ensures ensures that that afl c~s satisfies satisfies the the proviso proviso in in (2). (2). If If fJ j3 = - sup sup/~x then afl c~s = - sup sup afl• c~sx and and fJx E fJ[x + N . Also by by the the induction induction hypothesis hypothesis afl• a sx E E n� f~s for for each each x x E E N. Also/~x E/~[x + 11,, 71 V] for for all all VE E nf f2s - {0} and all all x x E E N, so afl• a s~ E aS[x + + 1, 7] by by 6.21 6.21 (3) (3).. Therefore Therefore afl as E E nq f2s.. 7 {O} and N , so E afl[x 1, ,1 If/3fJ = -- SUP/3e then afl as = - SUPafle SUPaSe and and since, by the the induction induction hypothesis, aSe E E n� f2s If SUPfJe then since, by hypothesis, afle whenever whenever � ~E E nf f2s,, we we automatically automatically have have afl as E E n� f~g.. 6.23. T h e o r e m .
~o+ = ~E~l+l (W0) E f2s.
Provably Recursive Functions
199 199
Proof. P r o o f . First First note note that that WI Wl = = SUP(l SUP(1 + + �) ~) E E 0,� f~2s,, since since if if A A= = sup sup A Ax ~ s WI wl then then x �s _ 11 + -t- "1 V for for some some "1 VE e 0,r f~ls.. Therefore Therefore A AE e 0,r f~s and and so so An An E E A A[n q- 1] 1] for for all all n n E e N N.. AA � [n + But countable, A[n A[n + , �] But since since A A is is countable, + 1] 1] = = A[n A[n + q- 11,~ c] for for all all �~c E e 0, f~l. Hence we we have have 1 . Hence V~ E e 0,r f~s _ {O} {0}.. Vn Vn E e N N.. ((An e A[n -t- 1, 1, W ~c]).. Note wl[n, �] ~] whenever whenever V� An E A[n + Note also also that that 11 Ee wdn, e 0,r f~ls - {O} {0} and and n n > > 0. Therefore by by 6.22 6.22 (3), (3), wf Wl~ E e 0,� f~2S whenever whenever /3 ZE e 0,� f22s.. Hence Hence �E O. Therefore "' 1 U)l •11 I 11,, WI belong to Wl,, wrl wl , W Wl� ,, . . . aall l l belong to 0,� f~s.. Now Now let let A A= =C~l+l. Then A A= = s usUP p AAxx where where AO A0 = = 11 and and An An+l=W~". Fixing CWI + l ' Then + ! = wtn • Fixing n [n + 1, "1] n E e N N and and "1 7 E e 0,r f~ls - {O} {0} we we have have 11 E e WI wl[n + 1, 7],, and and therefore therefore by by n n successive successive n + dn + 1, "1] A[n + Hence c~w1+1 applications applications of of 6.21 6.21 (3) (3),, An An E e A An+l[n + 1, V] = - A[n h- 11,, "1] V].. Hence f~2s. Thus Thus WI+ ! Ee 0,r (wo) E "' 1 +1 (w0) E 0,r f~ls by by Lemma Lemma 6.20. 6.20. 4"qoE~+l • • •
The The results results of of this this section section suggest suggest that that Peano Peano Arithmetic Arithmetic could could be be reformulated reformulated with a a weaker weaker "pointwise" "pointwise" induction induction scheme, scheme, sufficient sufficient only only to to prove prove termination termination of of with in order order to capture all all the the the slow-growing slow-growing G G functions. functions. But But then, then, in to capture the provably provably recursive recursive functions these inductions initial segments functions of of PA, PA, these inductions would would have have to to extend extend over over all all initial segments of of the Howard Howard ordinal. ordinal. In the Howard Howard ordinal ordinal becomes becomes the the ordinal ordinal of of PA PA the In this this way, way, the with pointwise this idea, idea, and with pointwise induction. induction. The The realisation realisation of of this and appropriate appropriate formulation formulation of of pointwise pointwise induction induction schemes, schemes, is is due due to to Schmerl Schmerl [1982]. [1982]. with transfinite 7. Theories T h e o r i e s with transfinite induction induction
This This final final section section shows shows how how the the foregoing foregoing subrecursive subrecursive classifications classifications for for PA PA can be extended from itit by can be extended quite quite easily easily to to theories theories obtained obtained from by adding adding the the Principle Principle o . Since of nite Induction of Transfi Transfinite Induction over over given given well-orderings well-orderings of of order order type type � >- c~0. Since proof prooftheoretic theoretic ordinal ordinal analysis analysis seeks seeks to to compute compute for for aa given given theory theory T T,, the the least least upper upper see Pohlers bound bound r T of of its its "provable "provable ordinals" ordinals" ((see Pohlers in in this this volume) volume),, the the results results here here will will then viz. then immediately immediately give give a a classification classification of of the the provably provably recursive recursive functions functions of of T T viz. PRovREC(T) PrtovREc(T) = = REc(r) R E C ( T ) ==
U E(Fa) E(F~)..
a - > a. a. Hence A(.. a a + 4- � ( is is aa K,-normal R-normal a. We function function for for all all regular regular K, a > > a. We define define [� + (V'1] < a) H := {~a E e On On II a o~# # 0 1\ ^ (V'� (V~ < a) oL)(Vrl o0[~ + 1]r/ > w), w), 11 := 0' 0' E E lHI H,, w w E E lHI H and and w w rnq H = {I}. {1}. Hence Hence enl8l end(0) = 11 and and rst two enl8l(l) en~(1) = = w w which which are are the the fi first two examples examples of of the the fact fact that that {]. (V'� [enl8l (�) = (V~c E E On) On)[en~(~) = w w~]. Thus Thus A� A(.. w{ w~ is is aa (K,-)normal (a-)normal function function (for (for all all K, a E E lR R bigger bigger than than w). w). We We have have
lHI ][-][ � c_ Lim Lira U {l} {1} and and obtain obtain
a Ee lHI [� + M / i /iff ( v ~(V'� < < a) o0[,~ + a o~ = = a]. 04.
(1)
213 213
Set Set Theory Theory and and Second Second Order Order Number Number Theory Theory Thus for for aa finite finite set set {at { a l ,, ... .. ,. , an an}} � C_lHl H we we get get Thus
..+ at m al + + . .. .. . + + an an = = ak akll + + ."'" + ak akin
�
k, _> ak for for {{kk1l ,, .. ... ., , kkin} { 1,, .. .. .., , n} n} such such that t h a t ki ki < < ki ki+l and a ak~ ak~+l. By induction induction on on m } �C_ {I i+l . By + ! and aa we we obtain obtain thus thus ordinals ordinals {at { a l ,,... .. ,. , an an }} � C_ lHl H such such that t h a t for for a a =f. r 00 we we have have
(2) (2)
a = al + " " + an and al > _ ' " >_ an.
This is is obvious obvious for for a a E E lHl H and and immediate immediate from from the the induction induction hypothesis hypothesis and and the the This above above remark r e m a r k if if a a = = �~ + + 1]77for for �, ~, 1]77< < a. a. It It follows follows by by induction induction on on nn that t h a t the the ordinals ordinals al a l ,l. .. .. ,. , an an in in (2) (2) are are uniquely uniquely determined. determined. We We therefore therefore define define an an additive additive normal normal
form form
aa ==NF N F aa l +t .+ . . .+.a·+an n'r :
¢:}
aa ==a l a {at + .t .+ . +. a. n·+an, , { a t ,,. .. .. ,.a, nan } C}_� H lHl and and a alt
�>_ .".". �>_an. an.
We We call call {at { a l ,,. .. .. ,. , an an }} the the set set of of additive additive components components of of a a if if a a = =NF al + + ' '.' . . + + an an.. NF at We ne the We use use the the additive additive components components to to defi define the symmetric symmetric sum sum of of ordinals ordinals a a = =NF NF . . . by a + a ! + NF an a lt + + ' '.' . . + + an an and and (3 fl = =NF an+l + " " + am by m + . . . aa #~ (3fl := (m) (t) + "= a,, a~(1) +'" + + a,, a~Cm)
where 11" lr is is aa permutation p e r m u t a t i o n of of the the numbers numbers {I, { 1 , . .. .., , m m}} such such that that where
11 : {I 'fJ1 and Then a a = = NNF F CP (P~IT]I = NNFF CP6'f (P~2~2 ~ 6 r = "-- 6 r and and 'fJ1 771 = = 'fJ2 ?72.. Since Since �~ < < a a and and 'fJ < a) implies implies cp a) the < /3 ~ E E Cr( Cr(a) ~ r{'fJ < /3 we we call call Cr( Cr(a) the class class of of a-critical a-critical ordinals.. ordinals.. If If -critical then => cp{'fJ < a. a. Therefore a a is is itself itself a a-critical then �, ~, 'fJ r / . . . ,,Xn) xn) such t+ Fr~(Z)] l ' . . . ,xn) and !21 (Vx) [F(x) ++ f-+ Fn(Z)]. Frr(x)] . It is A L). for for aa theory theory Ax iff itit is models of and 91 1= ~ (VZ)[F(Z) It is A x iff is L). A for for all all models of Ax. Ax. Recall that that the constructible hierarchy hierarchy L L is is the the union union of of its its stages L= given Recall the constructible stages La given by by the the following following definition. definition.
Frr
11.2.1. .2.1. D efinition. Definition.
Lo La+1 La+! == Def(L~) Def(La) LL~A == U{L~I U{Ld f� Ax A x ef- ((3,) (3u)[u = = L-y /\ ^ Gu ]) L. , Ax respectively, for for all all formulas formulas G G EF .T.. The The following following lemma lemma iiss aa first first easy easy observation observation respectively, about partial models. models. about partial
Ax lloo] be 1.2.3. Lemma. L e m m a . Let Let K, aE E (w (w,, IIIIAxII~] be an an ordinal ordinal such such that that Ax A x believes believes that that K,a is is 1.2.3. Ax II II� = proves the admissible and Ax admissible and A x proves the Lit-reflection L~-reflection rule rule for for � El-formulas. Then IIIlhxll,~ l -formulas. Then Ax II Efr.· IIIIAxll -
need only show the the converse Ax llEf ::; Ax I l II� and Proof. P r o o f . We We obviously obviously have have IIIIAxII~ ~ IIIIAxllr~ and need only to to show converse Ax II Ef ' let (3y)F(x, y) be aa Ih-sentence inequality. Thus inequality. Thus put put a a := : - II[]hxIl~.?, let ('v'x) (Vx)(3y)F(x, y) be II2-sentence such such that that h x ~f- ('Ix (Vx E E LIt) L~)(3y L~)F(x,y) and choose some aa E E La L,.. We We have have to to show show that that Ax (3y EE LIt)F(x, y) and choose some L~ F ~ (3y)F(a, (3y)F(a, y) y).. Since Since a a is is obviously obviously a a limit limit ordinal ordinal there there is is a a j3 ~ < a a such such that that La L~. By By definition definition of of a a there there is is a a El-sentence G such such that that Ax A x f~- G G L• L~ but but Lfj LZ � ~: G. G. aa EE Lfj. � l -sentence G Since A x proves proves L L~-reflection we obtain obtain Ax A x f~-(3-y L~)(3u L ~ ) ( u -= L-y L~ /\ A GU G u)) Since Ax (3, EE LIt) (3u EE LIt)(u it -reflection we and since Ax A x believes admissible by A0-collection relativized L~ also and since believes that that aK, is is admissible by �o-collection relativized to to Lit also hAx x ~ L~ -+ --+ (3z - uu we get (3z EE L~)(Vx LIt) ('v'x EE v)(3y v) (3y EE z)F(x, z)F(x, y). y). Choosing Choosing vv = we thus thus get f- vv EE Lit
GU~ A A x ~L~)(3u = L~ AG (Vx E y)]. /\ ('Ix E u)(3y u) (3y EE z)F(x, z)F(x, y)]. f- (3~/E (3, E LIt) (3u EE L~)(3z LIt) (3z E L~)[u LIt) [u = L-y /\ Ax Since K, is is admissible admissible this this is equivalent to �l -sentence relativized relativized Since Ax A x believes believes that that ~ is equivalent to a a El-sentence to Lit to L~.. Hence Hence L~ G~ A (Vx eE u)(3y z)F(x, y)]. Because La ~F (37)(3u)(3z)[u (3,) (3u) (3z) [u == L~ L-y A /\ GU /\ ('Ix u) (3y Ee z)F(x, y)] . Because L-y is is absolute absolute for for L~ La we finally get get G GL~ E L-y)(3y EL La)F(x, y) for some uu = = L~ we finally and ('Ix (Vx E L~)(3y E ~ ) f ( x , y) for some L� and , < a. a. Because Lfj ~�GGw ewe Hence aa E Lfj � L-y it follows 7 < Because of ofL~ h a have v e f l j3 < < ,. 7. Hence L~ C_ L~ and and it follows L~ F ~ (3y)f(a, desired. O 0 La (3y)F(a, y)as y) as desired. Ax then w If Pw- + + El-FOUND c_ A x then w < < I[[Ax[l~ and Ax A x proves proves the If K KPw� l -FOUND � the =: aa and I Ax l l oo =" L-reflection rule rule for for E-formulas. �-formulas. Interpreting Interpreting the the provable provable sentences sentences of of A Ax it makes makes L-reflection x it no difference difference ifif we we think think that that every unrestricted quantifier quantifier is is restricted restricted by by L~. La . Since Since no every unrestricted KP �A Ax this has has the the same effect as as ifif A Ax believes that that aa is is admissible. Therefore K P -- c_ x this same effect x believes admissible. Therefore we we obtain obtain as as aa corollary corollary of of Lemma Lemma 1.2.3 1.2.3
1.2.4. Corollary. Corollary. 1.2.4.
If K KPw+ E,-FOUND � 1 - FOUND C_ � Ax then [[Ax[Ig If Pw- + A x then II Ax IIII2 ' II Ax l i E1l == [[Ax[[n2.
Another observation observation is is that that adding adding true true II~-sentences II�-sentences does does not not increase increase the the E~: �� Another ordinal ordinal of of an an axiom axiom system. system.
Set Theory and Second Order Number Theory
1.2.5. 1.2.5. Theorem. Theorem.
219 219
Ax + Let Let G G be be aa true II� H~ sentence. sentence. Then Then IIIIAx +G GII~ = III Ax I A xIII E� I~ ' l b:;� =
Proof. Let G G == - HL� H L~ for for aa II Hi-sentence H. Assume Assume that that Ax Ax + + G G ~� FL� F L~ for for aa Proof. Let I -sentence H. EI E1 sentence sentence F F.. Then Then Ax A x e�- ( (H H -+ --+ F F)) L� L~ and and H H -+ -+ F F is is EI El.. For For a c~ :"=- I III A Ax x [I l]E� ~ we we thus have have La: L~ F ~ H H -+ --+ F F.. From From a ~ � _ K., a, L" L~ F ~ H H and and the the downwards downwards persistency persistency of of thus Il Hi-sentences we get get La: L, F ~ H H which which in in turn turn entails entails La: L~ F ~ F F.. Hence Hence I[lAx + G GII~ _ I Ax + l -sentences we I I E�~ � But the the converse converse inequality inequality holds holds trivially trivially and and we we have have I[lAx + G GII~ Ax I I E� ' But I Ax + III[Axll~?. I I E�~ = 0 Ax II E� . D IIItAxII~r We introduce introduce the the following following notation. notation. We
1.2.6. 1.2.6. Definit Definition. ion.
Ax l l ,, :== I[IAxl[~ IIIIAxll~ I Ax I I E�
AxI I II� for Because I Ax l l " = Because of of Lemma Lemma 1.2.3 1.2.3 we we get get IIIAxII~ - IIIIAx[Inu for theories theories Ax Ax satisfying satisfying the the hypotheses of of the the lemma. lemma. hypotheses We We call call the the computation computation of of the the ordinal ordinal II[IAxll~ a-ordinal analysis analysis for for Ax Ax.. It It Axl l " aa K.-ordinal I Ax l lwcK will turn turn out out that that IIIAx[[~CK will be the most important ordinal. In Section 2.1.4 we will be the most important ordinal. In Section 2.1.4 we will 1 will see see that that there there is is also also something as an an w-ordinal which gives gives aa characterization of will something as w-ordinal which characterization of the Skolem Skolem functions functions of of the the provable provable II� H~'-sentences of an an axiom axiom system system Ax Ax in in terms terms the -sentences of of of aa sub-recursive sub-recursive hierarchy. hierarchy. 1.3. Connections C o n n e c t i o n s to s u b s y s t e m s of of second o r d e r number n u m b e r theory 1.3. to subsystems second order
Let Arithmetic. We Let C� L~ be be the the language language of of Second Second Order Order Arithmetic. We assume assume that that C� L~ contains contains aa constant constant Q 0 for for 00 and and constants constants for for all all primitive primitive recursive recursive functions functions and and predicates. predicates. We predicate variables and talk about set set variables. variables. We restrict restrict the the language language to to unary unary predicate variables and talk about This means real restriction restriction since since we we have have a a primitive primitive recursive recursive coding machinery. This means no no real coding machinery. We capital Latin Latin letters letters as as syntactical syntactical variables variables for X instead instead We use use capital for sets sets and and write write tt EE X of X(t).. We assume familiarity complexity classes classes in the arithmetical of X(t) We assume familiarity with with the the complexity in the arithmetical and and analytical analytical hierarchy. hierarchy. all primitive primitive recursive recursive functions functions and and predicates predicates have -definitions in in Since all have �o A0-definitions Since FOUND , we C� as as aa sublanguage sublanguage of of L(E) C(E) by restricting KPwE l -- FOUND, K Pw- + + E1 we may may regard regard L~ by restricting all quantifiers to w and all second second order quantifiers (VX) all first first order order quantifiers to w and replacing replacing all order quantifiers (\IX) and and by (\I X w) and and (3X (3X C_ � w), w), respectively. respectively. We transfer the (3X) C w) We may may therefore therefore transfer the notions notions (3X) by (VX � the arithmetical and analytical hierarchy to C( E). Whenever of the arithmetical and analytical hierarchy to the the language language of of/:(E). Whenever we we of talk of aa H II�, E�, II� , .. .. ..-- sentences sentences in in the the language Set Theory further talk of ~ E ~ 1-I~, language of of Set Theory without without further comments 2 comments we we think think of of aa translation translation of of the the corresponding corresponding sC�-sentence. facts for for the the things things to to come come is is the the w-Completeness w-Completeness Theorem Theorem One One of of the the basic basic facts II} -sentences. We We will will use use the the w-Completeness w-Completeness Theorem Theorem to to introduce introduce the the notion notion for for H~-sentences. of for II~-sentences. value t N of of truth truth complexity complexity for II}-sentences. The The value of aa closed closed term term tt and and the the truth value value of of an an atomic atomic sentence sentence in in the the standard standard structure structure N N are are primitive primitive recurrecurtruth -sively -sively computable. computable. Since Since there there are are symbols symbols for for all all primitive primitive recursive recursive functions functions and and predicates predicates we we obtain obtain the the diagram diagram of of N N
tN
D(N) D(N) "= := {A { A II AA isis an an atomic atomic sentence sentence and and NN ~F AA}}
220 220
W. Pohlers
as aa recursive recursive set. set. For For arithmetical arithmetical sentences sentences which which are are not not atomic atomic the the truth truth definition definition as is given given inductively inductively by by is
N F ~ A A1l and and N N F ~ A A2=v N F ~ A A 1l A1\ Bl B1 N 2 => N A2 N ~FA ,Ai . f ofor r s osome m e i e {i 1E, 2{I, } 2} => = ~N N ~FAA 1l V VA2 N N F ~ A(!l) A(n) for for all all n n Ee N N => =~ N N F ~ (Vx)A(x) (Vx)A(x) N NF p A(!l) A(~) for yor some ~om~ n ~E e N N => ~ N NF p (:3x)A(x) (3~)A(~).. N To extend extend this this truth truth definition definition to to n Hi-sentences we introduce introduce an an infinitary infinitary calculus. calculus. To t -sentences we For technical technical reasons reasons we we opt opt for for aa one one sided sided sequent sequent calculus calculus itg la la Tait. Tait. First First we we fix fix For the language language of of the the Tait Tait calculus. calculus. the The non non logical logical symbols symbols for for the the Tait-Ianguage Tait-language of of .c s are: are: The
�
•
9 The The constant constant Q 0 as as well well as as constants constants for for all all primitive primitive recursive recursive functions functions and and -relations. relations. The logical logical symbols symbols comprise: comprise: The •
9 Bounded Bounded number-variables, by x, y, z, Xl,... and set set variables, variables, denoted denoted number-variables, denoted denoted by Z, Xl , . . . and x, y, X1,... bbyy XX,, Y, Y, Z, Z, X l,. . .
•
9 The The logical logical connectives connectives A, and the the quantifiers quantifiers V, V, :3. 3. 1\, VV and
•
9 The The membership membership symbol symbol E E and and its its negation negation fl. ~..
Terms Terms are are built built up up from from Q 0 and and function function symbols symbols iinn the the familiar familiar way. way. We We use use 5S as as aa symbol for the the successor function. Terms Terms of of the the shape shape ((� S ~ ~ 0 )O) are are numerals numerals and and symbol for successor function. nn --times times
will be denoted by !l. n_. will be denoted by Atomic Atomic formulas formulas are are tt E E X X,, tt fI. ~ X X and and R(tb R ( t l , ... .. ,. t' ~tn) ) , , where where t, t l , .. ...., ,t tn ~ are are t, tb terms, X X is variable and and R R is is aa symbol symbol for n-ary relation terms, is a a set set variable for an an n-ary relation symbol. symbol. From formulas we in the way. From the the atomic atomic formulas we obtain obtain the the formulas formulas of of s.c in the familiar familiar way. Notice have free Notice that that we we do do not not have free number number variables variables in in the the language. language. The symbol is is not not aa basic basic symbol the Tait-Ianguage. define the the The negation negation symbol symbol of of the Tait-language. We We define negation by de de Morgan's laws.. negation of of aa formula formula by Morgan's laws
�
~(t x);; ~(t X) ..., ( t rfI. xX)) . =: = (t Ee x) ..., ( t eE xX)) . -:= (t rfI. X) := (CRtl is aa symbol symbol for for the complement of ~...,(( Rt R t ll. .. .. t. ~tn) ) "=_ R t l ... .. t. ntn) ) where where R R is the complement of R R ~(A A B) B)"_= (-~A - ( - (..., ~ AA 1\ A ..., -,S) V -~S); ...,B ); -~(A ..., (A V VB B)) ::= ..., ( A 1\ AV B) := (...,
-,(Vx)A(x) "=_ (3x)-~A(x); :- (Vx)-~A(x). (:3x)...,A (x) ; -,(3x)A(x) ..., (Vx)A(x) := ..., ( :3x)A(x) := (Vx)...,A (x) . It is It is obvious obvious that that we we have have
(11) (11)
-,-,A=A.
The semantics semantics for for the the Tait-language Tait-Ianguage is is straightforward. straightforward. We We easily easily check check The
N ~s A[Sl ' . . . ' S~] Snl Snl iff � A[S1,..., N ~F ((...,~ A N A ))[Sb [ S l , .· .· .·, , Sn] iff N
for any any assignment assignment of of sets sets SSl1,, .. .. .., , Sn to the the set set variables variables occurring occurring in in A. A. for S~ to We use use capital capital Greek Greek letters letters A, � , F, ' as syntactical variables for finite finite r, A, A, � We A1, ... as syntactical variables for l sets sets of/:~-formulas. of .c -formulas.
�
• . .
221 221
Set Set Theory Theory and and Second Second Order Order Number Number Theory Theory
1.3.1. 1.3.1. Definition. Definition. We We defi define ~ t. A inductively inductively by by the the following following clauses: clauses: ne p (AxM) If I f t. A n N D(N) D(N) =I~ 0q} then then p ~ t. A for for all all ordinals ordinals a (~.. (AxM)
If tN tN = = Ss N N then then p ~ t., A, ss f/. r X X, , tt E e X X for for all all ordinals ordinals a. ~. AxL) If ((AxL) (A) (1\)
(v) (V) (V)
(3) (3)
If t.,, AA, i and , 2 then t., A If � ~ A a n d ~aii < < a a for f o r ii== 11,2 then p ~ A, A1l 1\ A A A22 ..
I , 2} then If some ii Ee {{1,2} Al VV A If � ~ t., A , AA,i and a~d a ~i < < a ~ for 1o~ ~om~ t~ p ~ t., A,A~ g~. 2. If If � ~ t., A, A(i) A(i) and and a aii < < a a for for all all ii E e N N then then p ~ t., A, (Vx)A(x) (Vx)A(x) ..
If y � ~ t., A, A(i) A(i) and a~d ao ~o < . Sa and and 15(s) 6(s) is is an an axiom axiom according according ttoo (AxM) then s�(i) s-. Sz~ for all for all ii E 6 N. N. (I. (I. e. e. ss is is aa topmost topmost node node of of Sf:>. S~ .) .)
(
) (
)
For 8(s) is For the the following following clauses clauses assume assume ss E 6 Sf:>. Sa such such that that 6(s) is not not an an axiom. axiom.
(O) E6 Sf:>. (S (S~a) If 15(s) 5(s) is is not not reducible reducible then then s� s~(O) S~ and and 15(s�(O)) 6(s~(O)) = = 15(s) 6(s).. id ) If (i) E6 Sf:>. (S^) If If Fo Fo 1\ A Fl F~ is is the the distinguished distinguished formula formula in in 15(s) 6(s) then then s� s~(i) S~ for for ii = = 0, O, 11 (S,,)
and 15(s� 6(s~ (i)) (i)) := 6(s) r, Fi F~.. and := 15(Sy, (S (Sv) Let Fo Fo V F F~l be be the the distinguished distinguished formula formula in in 15(s) 6(s).. Then Then s�(io) s~. S~ and and v ) Let 15(s�(io)) = 15(sy, 6(s~(io)) ::= 6(s) ~, Fo, F0, Fl F~.. /f the the distinguished distinguished formula formula in in 8(s) 6(s) is is (Vx)F(x) (Vx)F(x),, then then s� s~ (i) (i) E6 Sf:>. S~ for for all all ii E6 N N ((Sv) SI;I) If and F(i) . and 15(s�(i)) 6(s~(i)) = = 15(sy, 6(s)~,F(i). (O) E6 Sf:>. S3) If If the the distinguished distinguished formula formula in in 8(s) 6(s) is is (3x)F(x) (3x)F(x),, then then s� s~(O) Sz~ and and (($3) 8(s� (0)) = 15(sy, F(n,) , (3x)F(x) , where n is the least natural at rat number umb r such 80�8 15(so) that that n n i# tt NN for for all all formulas formulas F(t) F(t) E 6 U Usocs 6(s0).. =
Observe Observe that that we we introduced introduced clause clause (SAx) (SAx) only only for for better better readability. readability. It It follows follows from from the the other other clauses clauses and and the the fact fact that that Sf:>. Sz~ is is inductively inductively defined. defined. There There are are two two main main lemmas. lemmas.
Set Set Theory Theory and and Second Second Order Number Number Theory
1.3.2. Syntactical Syntactical Main Main Lemma. Lemma. 1.3.2. Sa l °typ( ) A and b.. . and jowp(S~)
223 223
If If Sa Sf),. isis well-founded well-founded then then otyp(Szx) otyp(Sf),.)
F
=~ (35<w~ =V (30 (35<w7 < wrKK))�~ FF => (30 < wrKK))�~ FF =>
showing showing that that the the Cut-Elimination Cut-Elimination Theorem Theorem holds holds for for the the semi-formal semi-formal calculus. calculus. But But this this is is of of little little help help since since we we do do not not know know how how to to compute compute 05 from from /3 /3 and and p. p. In In aa moment, moment, however, however, we we will will see see that that for for predicative predicative theories theories we we can can sharpen sharpen Cut CutElimination to Elimination to
��
=>
�A.,o�.
(vi) (vi)
By By (v) (v),, (vi) (vi) and and (iv) (iv) we we get get
c(F) :S< CP~p/3 (vii) (vii) ttc(F) p/3 /3 and for for Ax Ax � ~ F F.. Since Since/3 and p p only only depend depend on on the the formulas formulas in in Ax Ax this this will will give give an an
possible bound bound it upper Ax ll n Il . To upper bound, bound, say say r10, for for IIIIAxlln~. To show show that that 10r is is the the best best possible it suffices suffices to well-ordering -< to prove prove that that for for every every 0:: c~ < < 10r there there is is aa primitive primitive recursive recursive well-ordering -< such such that that 0:: c~ :S < otyp(- '. .. .. ,, xn) x , ) , , x~, x,) Xl> .. .. .. ,, xn) , (X ( Xll >, .' .". , X, xn) n) E e R R H ~ XR ) ( . R(X ( Xl l ,' . ". . , ,Xxn) n) = = 00
The The scheme scheme of of Mathematical Mathematical Induction Induction
F (Q) /\A (V'x) F(O) ( V x ) [[F(x) F(x)
F (S(x))]
(V'x)F(x)
-+ --+ F ( S ( x ) ) ] - +-+ ( V x ) F ( x )
for F(u) for all all CN-formulas s F(u). .
2.1.2. NT) 2.1.2. An A n upper u p p e r bound b o u n d for for spec specrq rr ,, ((NT)
Following Following the the general general pattern pattern as as sketched sketched in in the the previous previous section section we we have have first first to to deal deal with with the the truth truth complexity complexity of of logically logically valid valid sentences. sentences. Therefore Therefore we we have have to to fix fix aa calculus calculus for for pure pure predicate predicate logic logic and and we we opt opt for for aa cut cut free free Tait Tait calculus, calculus, i.e., i.e., one one sided sided sequent sequent calculus, calculus, which which is is given given by by the the following following rules: rules:
2.1.2.1. 2.1.2.1. Definition. Definition. ((AxL) AxL) (v (V))
(/\) (A)
A for ~ - A, A , A, A , --, ~A f o r any a n y m, m , if if A A is is an an atomic a t o m i c formula formula � If I f p. ~2_ A, A, A A ii for f o r some s o m e ii E E {l, {1, 2}, 2}, then then � ~-- A, A, A A1l V V A A22 for f o r all all m m > > mo mo 2}, then If If P ~-- A, A, A A ii and and m m ii < < m m for f o r all all ii E E {l, (1,2}, then � ~ - A, A, A A1l /\ A A A22
233 233
Set Theory and Second Order Number Theory (B) (3) (V) (V')
If If � ~ �, A, A(t) A(t),, then then F ~- �, A, (3x)A(x) (Bx)A(x) for for all all m m > mo
If not free If � ~2_ �, A, A(u) A(u) and and uu not free in in � A,, (V'x)A(x) (Vx)A(x),, then then F ~- �, A, (V'x)A(x) (Vx)A(x) for for all all m m >>mmo o. ·
The The identity identity axioms axioms are are the the following following formulas formulas (w:)[x = = x] ~] (V'X)[X (V'x) ( w ) ( v(V'y)[x y)[~ = = Y y ---+ -+ Y y = = x] ~] ---+ x9 = ( w ) ( v(V'y) y)(V z ) [ [x ~ = = Y y 1\ ^ Y y = = z z -+ = z] z] (V'x) (V'z) (V'X) (V'Y) [XI = (V..~)(Vy~[xl = Yl y , 1\ A .. ... . 1\ A Xn xn = - - Yn ---+ "-'+ f f ( x(xI, t , . . . ,.x.n.) , xn ) = -- f f ( y(y , , I. .,. " " ,Yn)] Yn)] ( v ~ ) ((V' v ~Y) [ x[XI , = = Yl y, 1\ ^ . ... . 1\ ^ Xn x,, = = Yn y,, ---+ -+ (( R R ((~Xl , , ,. .. .. . ,,~,,) ~ R(y R ( y ,I, ,. ... . . ,,y,,))] (V'X) xn) ---+ Yn))] (V'x) (V'y) [x = (W:)(Vy)[~ = Y y ---+ -+ (x (x E e X X ---+ --+ Y y E e X)] X)]
' s Hauptsatz Due to to Gentzen Gentzen's Hauptsatz we we have have the the following following theorem: theorem: Due
Let Let � A be be aa finite finite set set of of formulas formulas such such that that V V � A is is valid valid in in the sense of the sense of first first order order predicate predicate logic. logic. Then Then there there are are finitely finitely many many identity identity axioms axioms h ,..·,I F ,1 , ,In ' � I1,..., Inn and and an an m m < <w w such such that that ~--~I1,.. A. 1 , . . ..,-,In,
2.1.2.2. 2.1.2.2. Theorem. Theorem.
'
Let containing all occur free Let i1 t7 be be aa list list containing all number number variables variables which which occur free in in �. A. An An easy easy induction using the the fact induction on on m using fact (30) (30)
A (~) ~,~d ~ = t ~ =. ~ A (t)
shows shows
r- A(~) ~
(31)
~ A (~)
for for every every tuple tuple ii g of of numerals. numerals. We We have have
� (V'x)(V'y)[x (w)(vy)[~ = = y y
(x Ee X -~ (~ x ---+ -+ Y y E e X)] x)] ---+
and and all all the the other other identity identity and and defining defining axioms axioms for for primitive primitive recursive recursive functions functions and and relations are arithmetical sentences. relations are true true arithmetical sentences. Thus, Thus, using using also also (16) (16),, we we have have
tc(F) tc(F) < < w w
(32) (32)
for for all all mathematical mathematical and and identity identity axioms axioms except except induction. induction. What What really really needs needs checking checking is is the the truth truth complexity complexity of of the the scheme scheme of of Mathematical Mathematical Induction. Induction. Here Here we we need need the the following following lemma. lemma. 2.1.2.3. 2.1.2.3. Tautology T a u t o l o g y Lemma. Lemma.
For For every every .e s N -sentence we we have have
12.rk(F) [2.rk(F) � A, ~F, F F.. , ,F,
The induction on The proof proof is is immediate immediate by by induction on rk(F) rk(F).. The Mathematical Induction The truth truth complexity complexity for for all all instances instances of of Mathematical Induction follows follows from from the Induction the Induction Lemma. Lemma.
234
W. Pohlers Pohlers W.
234
2.1.2.4. 2.1.2.4. Induction Induction Lemma. Lemma.
F ( n ) we we have have F(ll)
For For any any natural natural number number n n and and any any eN s -sentence
2. [rk( F(!!))+n] -+ F(S(x))], F(S(x))], F( F(n_.). ...,~F(0),-~(Vx)[F(x) F (Q.) , ..., (\fx) [F(x) -+ ll) . 1I
(33) (33) The 20) For 33) asas The proof proof by by induction induction on on n n is is very very similar similar to to that that of of ((20). For n n= - 00 we we get get ((33) .
an the Tautology Lemma. For the induction an instance instance of of the Tautology Lemma. For the induction step step we we have have 2. [rk(F(!!))+n] ~F(0), ( V x ) [[F(x) F ( x ) -+ F(S(x))], F(S(x))], F( F ( nll)) F (Q) , ..~.,(\fx) 112"['k(F(~-))+"l ..., by the the induction hypothesis and and obtain obtain by induction hypothesis 2.rk(F(n)) ~F(0), ~(Vx)[F(x)-+ F ( S ( x ) ) ] ,, ~ ( S ( n ) ) ,,FF(S(n)) (S(n)) F (Q.) , ..., (\fx) [F(x) -+ F(S(x))] ""FF(S(n)) 1j2.~k(F(~_)) ...,
(i) (i)
(ii) (ii)
by by the the Tautology Tautology Lemma. Lemma. From From (i) (i) and and (ii) (ii) we we get get 2 [rk(F(n))+n + ~F(0),--,(Vx)[F(x) ~ F(S(x))], F(S(x))], F( F ( nll)) /\ A ..., ~ FF((S(n)) S ( n ) ) , , F(S(n)) F ( S ( n ) ) .. (iii) (iii) F (Q) , ..., (\fx) [F(x) -+ ' ] 1 ..., 112"[~k(F(~-))+"]+l By By aa clause clause (S) we finally finally obtain obtain (3) we 2.[rk(F(!!)) +n]+2 ~F(O), -~(Vx)[F(x) -+ F ( S ( x ) ) ] , F ( S ( n ) ) . [3 o ..., F (Q) , ..., (\fx) [F(x) -+ F(S(x))], F(S(n)) . 1
]2.[,k(F(n_))+n]+2 By (G) �_~ w ++ 44 for By Lemma Lemma 2.1.2.4 2.1.2.4 we we have have tc tc(G) for all all instances instances G G of of the the Mathematical Mathematical Induction Scheme. Induction Scheme. Together Together with with (32) (32) we we get get (34) tc(F) (34) tc (F) �g w ++ 44 w
w
for for all all identity identity and and non-logical non-logical axioms axioms of of NT NT.. If {Fl , . . . , Fn If NT NT � ~- F F then then there there are are eN-sentences s {F1,..., Fn}} and and aa natural natural number number m such such that that
(35) (35)
~- -,F~, . . . , ~Fn, F
Fi
and . . . , n} and for for all all ii E {I, {1,..., n} the the formula formula Fi is is either either an an axiom axiom in in NT N T or or an an identity identity axiom. F axiom. For For every every eN-sentence s F such such that that NT N T ~� F F we we thus thus get get by by (35) and and (31) eN-sentences Fn such such that LN-sentences F F1,..., that l , . . , F~
(35)
.
(36 (36))
-~F1, . . . , -~Fn, F
34
and and by by ((34)) ~+' IIW+4
(31)
37) ((37)
FF/i
for . . . , n}. n} . for all all ii E {I, {1,..., As Section 1.4 the will be As sketched sketched in in Section the problem problem of of linking linking ((37)) and and ((36)) will be solved solved by by introducing introducing aa semi-formal semi-formal calculus. calculus.
1.4
37
36
2.1.2.5. which We ne � 2.1.2.5. Definition. Definition. We defi define ~ b. A for for aa finite finite set set b. A of of eN-formulas s which contain contain at at most most free free set-variables set-variables inductively inductively by by the the following following clauses: clauses:
(AxM) If (AxM) I f b. An N D(N) D(N) =1= r 0q} then then � ~ b. A for for all all ordinals ordinals Q c~ and and p p..
Set Theory Theory and Second Second Order Number Theory
235 235
N then (AxL) If If tt NN = Ss N ~ �, A, ss ¢ r X, X, tt E X X for for all all ordinals ordinals a a and p. (AxL) then � and p. (A) (1\)
Is � $ �, A, Ai A, and a . ~ .ai , t(~Opal+~opa2) aa > 0 then then there there is is a aa a < < a a and and a a natural natural number number U U (i.e. W~ + =: W (i.e. a a numeral numeral in in NT), N T ) , such such that that �~ < < w + . .. .. . + + W w% =: w U~. n (c.f. (c.f. the the proof proof of of the the
0
•
� n n --f fool l dd
n
Predicative Predicative Elimination Elimination Lemma). Lemma). We We show show aa < 'x)(3y)F(x, y) f f (\>'x) (3y)F(x, y), f f Wo(x) . F(x, y). Wo (\>'x)(3y)[Wo(x) y], a < < IIIAxll A x ~� (\>'x)(3y)[Wo(x) (W)(3y)[W~(x) = - yl y] I Ax l1 ~ Ax '*
F(x, y)
( )
(67) (67) Wo.
for nition of for all all axiom axiom systems systems Ax A x which which allow allow the the defi definition of the the functions functions W~. (For (For this this it it certainly certainly suffices suffices that that Ax A x allows allows the the definition definition of of all all primitive primitive recursive recursive functions. functions. In In the the rest rest of of the the paper paper we we tacitly tacitly assume assume that that this this is is true true for for all all axiom axiom systems systems considered. considerations which considered. Weaker Weaker systems systems need need more more subtle subtle considerations which are are outside outside the the scope scope of of this this contribution) contribution). . For For axiom axiom systems systems satisfying satisfying this this assumption assumption we we obtain obtain as aa corollary corollary of of Theorem Theorem 2.1.4.3 as
2.1.4.3 2.1.4.4. Ax l1 then 2.1.4.4. Lemma. Lemma. If If cc cc ((\>'x)(3y)F(x, ((Vx)(3y)F(x, y)) y)) < < IIIIAxll then there there is is aa provably provably recur recurthat N x)F(x, f(x)). sive sive function function f f of of Ax Ax such such that NF ~ (\>' (Vx)F(x, f(x)). Because (\>'x)(3y)[Wo(x) =- yly]l.olrrg == a~ ++ 11 we Because of of II(V~)(3y)[W~(~) we obtain obtain from from (67) (67) also also (68) Axllrrg . (68) Ax l1 ~ a a a < < IIIIAxII a < < IIIlAxll.o. '*
Hence Hence Ax llrrl = IIIIAxII Ax l 1 S Ax l i rrg . IIIIAxllnl~ IIIIAxllno.
69
(69 (69))
In proper. For IAx l i rro2 , for In general general the the inequality inequality in in ((69)) is is proper. For a ~ := : - I[IAxllno, for ininl stance, we get by ( ) the inequalities + = yl Ax rr stance, we get by (28) the inequalities = ll 1 = IIIIAx + (w)(3y)[Wo(~) = y]lln~ . Ax = Ax < a + most Ax In . llrrg yl = l l rrl = I[[Ax[[ In most cases, cases, II[[Axl[ul S a < II[ [ A x + (Vx)(3y)[W~(x) = y][[no. i l1 _< however, spending aa little ordinal assign however, we we obtain obtain - spending little more more care care on on the the ordinal assignment This ment - sup sup {tc(F)] Ax A x ~� F F} = = sup sup {cc (F) II Ax A x e� - F } .. This then then entails entails Ax l l rrl = = sup sup {tc(F) II Ax A x e� - F} = = sup sup {cc ( F ) [ I Ax A x e� - F } . Together Together with with (69) IIIIAxlln} we then then obtain obtain we
28
{tc(F) I {tc(F)
} F}
(\>'x)(3y)[Wo(x) (\>'x)(3y) [Wo(x) {cc (F) F} {cc (F) F}. {cc (F) I
Ax llrr l S Ax llrrg S Ax li rr l ' Ii Ax Ii = IIAxII - IIIIAxllrxl _ IIIIAxllno ~ sup sup {cc (F) I Ax Ax � I~ F} = - IIIlAxllrq,
F}
(69)
(70) (70)
Ax l l rrg . We i.e., Ax ll rr' = i.e., IIIIAxlln, = IIIIAxllno. We are are going going to to call call axioms axioms systems systems for for which which we we have have Ax llrrl = IAx ll rrg regular. ) is the the following = II]Axllno regular. Another Another consequence consequence of of ((67)is following theorem. theorem. IIIIAxlln]
67
249 249
Theory and Second Order Order Number Theory Set Theory
2.1.4.5. e., let 2.1.4.5. Theorem. T h e o r e m . Let Let Ax A x be be aa regular regular axiom axiom system, system, i.i.e., let IIAxl IIAxll1 = = IIAxll IIAxllno. rrg . Then provably recursive Then the the provably recursive functions functions of of Ax A x are are exactly exactly the the functions functions which which are are primitive primitive recursive recursive (even (even elementary) elementary) in in some some W~0 for for a a < < IIAx IIAxll. ll .
W
W�
Without connected to Without further further hint hint we we just just remark remark that that the the functions functions W P are are closely closely connected to the Hardy-functions . A detailed study is in Buchholz, Cichon and Weiermann the Hardy-functions H Ha. A detailed study is in Buchholz, Cichon and Weiermann o
[1994]. [1994].
We We want want to to close close this this section section with with the the remark remark that that there there is is also also aa IT YI�~ ordinal ordinal for for theories, theories, whose whose intention intention is is to to express express the the order order type type of of the the shortest shortest primitive primitive recursive recursive well-ordering well-ordering which which is is needed needed to to prove prove the the consistency consistency of of the the theory theory within within finitistic framework. framework. Due Due to to certain certain pathologies pathologies ((cf. Remark 7.1 7.1.9. in Girard Girard [1987] [1987] aa finitistic cf. Remark .9. in which which exposes exposes an an example example due due to to Kreisel) Kreisel) the the definition definition of of the the IT II �~ ordinal ordinal is is not not completely completely straightforward. straightforward. We We omit omit aa discussion discussion since since we we believe believe that that the the known known concepts still too concepts are are still too far far from from a a final final form form and and need need further further research. research.
Computational complexity NT. c o m p l e x i t y of of N T . As As an an example example we we want want to to compute compute
NT) . The specrro specno2 ((NT). The first first step step consists consists in in computing computing the the computational computational complexities complexities of of the the axioms axioms of of NT. N T . We We observe observe that that
(71)
(VXl)""" (VXn)a(Xl,... ,Xn)
('v'Xl) · · · ('v'Xn )G(Xl, . . . , Xn ) G(Ul, . . . , Un) (Zb . . . , zn ) G(Zb . . . , zn ) E D(N). ('v'Xl) · · · ('v'Xn )G(Xb . . . ' xn ) ('v'). (VXl) . . . (VXn )G(Xl' . . . , xn ) G( , Un )
holds holds for for all all true true sentences sentences (VXl)""(VXn)e(Xl,...,Xn) where where G(ul,...,un) is is a a quantifier quantifier free free formula. formula. The is simple. The proof proofis simple. For For every every n-tuple n-tuple (zl,..., zn) we we have have G(zl,..., zn) E D(N). Hence 0 Hence I� [~ (Vxl)... (Vx~)G(xl,... ,x,,) by by n-fold n-fold application of aa clause clause (V). r] application of All mathematical mathematical axioms NT, All axioms of of N T , except except the the induction induction scheme, scheme, are are IT-sentences H-sentences of of the the form form ( V x l ) . . . ( V x , ) G ( x l , . . . , x n ) with with G (11.1 u l ,, . . . , u , ) quantifier-free. quantifier-free. Thus Thus (71) (71) gives gives us us bounds bounds for for the the computational computational complexity complexity of of all all these these axioms. axioms. To To compute compute the the computational computational complexity complexity of of the the scheme scheme of of Mathematical Mathematical Induction Induction we we first first prove prove . • •
· rk(F) � I,olw'rk(F) /k,, F, F, -,F ~F 1I�
(72) (72)
rk(F).
by by induction induction on on rk(F). The The proof proof is is essentially essentially that that of of the the Tautology Tautology Lemma Lemma bit more more care (Lemma (Lemma 2.1.2.3). 2.1.2.3). A A bit care is is needed needed for for the the case case that that F is is a a formula formula (Vx)G(x). There There we we have have
F
('v'x)G(x).
·rk(G(�)) �, I,ol'''rkcac=-)) A, G(;:), a(z_),--,a(z) 1I� -,G(;:)
(i(i))
EN
for for all all E N by by the the induction induction hypothesis hypothesis and and obtain obtain
;:), (3x)-,G(x) 1I�·rk(G(�)l+Z �, G( G(z_), (Sx)~G(x) zEN
(3).
w · rk(G(;:)) Z
w · (rk(G(z))
((ii) ii)
for holds for for every every z E N by by a a clause clause (3). But But w. rk(G(z)) + -t- z «z ((z w. (rk(G(z)) + -i- 1) 1) holds for all and we all z E N and we obtain obtain
zEN
~.rk((V=)C(=)) 1I�·rk«\fX)G(X)) �, ('v'x )G(x), -,('v'x)G(x)
('v').
by by a a clause clause (V).
o
250 250
W. Pohlers Pohlers W.
The The computation computation of of the the computational computational complexity complexity of of instances instances of of the the scheme scheme of of Mathematical Mathematical Induction Induction is is obtained obtained as as in in Lemma Lemma 2.1.2.4 with with some some extra extra care care on on the the ordinal assignment. assignment. We We prove prove ordinal
2.1.2.4
·rk (F(Q))+2.n -.F(Q) , -. (\fx)[F(x) II0W'rk(F(~ 1I�
n.
n 0
~ --*
(72).
F(Sx)],F(n)_ F( Sx)], F(nJ
(73) (73)
(72)
by induction induction on on n. For For n = = 0 this this is is (72). For For the the induction induction step step we we get get by by (72) and and by the induction induction hypothesis hypothesis by by an an inference inference (A) the
w. (O))+2n+ l -. I][0w' f(Sx)],F(n_) F(Q) , -. (\fx)[F(x) --*-+ F(Sx)], lo rk(FrkCf(0--))+2n+l--,F(O),~(Vx)[F(x) F(nJ
-.F(Sn.), F(Sn). ((i)i) We have have nn «: k � F]]
Lemma 2.1.5.8 r-fold the Elimination r-fold application application of of the Elimination Lemma Lemma ((Lemma 2.1.5.8))
"'r(m) (V'x)(3y)F(x, (Vx)(3y)f(x, y). y) W wr (w.k,m) I,o[~,(m) W~r(~'k,m) 0
a wr(w·k, m) co
iii) ((iii)
Putting a ::= &r(w.k, m) < ~o we iii) using Putting we obtain obtain from from ((iii) using the the Inversion Inversion and and Witnessing Witnessing Lemmas Lemmas 2.1.5.5 and 2.1.5.3 ) ( Lemmas (Lemmas 2.1.5.5 and 2.1.5.3)
(V'x (Vx E e N)(3y N)(3y < Wet(x))F(x, W~(x))F(x, y) y)
((iv) iv)
which which shows shows
1(V'x)(3y)F(x,y) lrrg :::; 0 the the theory theory ID" ID~ proves proves the the (II�-BI) . This existence existence of of an an w-model w-model for for (II�-CA O and call call an an operator operator 7/closed 1i closed under under aa function function f" f: On if { 6 , · · · ' �n } C_� 7/(X)]. 1i(X)]. (VX 1i(X) r {r162 ('IX eE Pow(On))(Vr162 Pow(On))('v'6 ) · · · ('v'�n )[J(6 , . . . ' �n ) eE 7/(X) o . . . ##ww'~"n we In case case that that 7t 1i isis closed closed under under f! ((al we call call it In a l , , .. .. .. ,, aann)) := w ~1 ## "'" it CCantorian antorian:= wetl closed. closed. A A set set M and an an operator operator 7t 1i induce induce aa new new operator operator ~1i[M] by by M C_� On On and 1i[M](X) := 7t(M 7t[M](X) (148) 1i(M uU X). X). E 1i MC_7r � 1i M 7/C_M 1i � M n1i c� 1i' n'
:{:} :{:}
:{:}
{:}
let For an an sCRS -expression EE let For
301 301
Set Theory and Second Order Order Number Theory
occurs in
(149) (149)
par (E) ::= par(E) - - {a {~1I La L~ o ~ u ~ i~ E E }} .
1l
If 8 {3 is is aa set set of of £R s s -expressions and and 7i an an operator operator we we define define 1l ~ [8] := := 1l "//[par(O)]. If [par(8)] .
1l acceptable
3.4.3.2. Definition. Definition. An operator operator ~ is is acceptable if if it it satisfies satisfies the the following following An 3.4.3.2. conditions: conditions: o E~ n(O) 7/isis Cantorian-closed Cantorian-closed (150) (VX E E Pow(On) Pow(On))[X C_ 1l ~ (X)] (150) (' ~/(X) � c_ 1l(Y)]. n(y)]. (' 1/J/tao r < 1/J/ta r (161) follows r E Cl(a, follows since since 1/J/tao E Cl(a, r1/J/ta) M n ~. K, .
We We obtain obtain r
r (ft~ I a < ft~}
((162) 162)
since the assumption assumption 1/J/ta = nu >> aa EE Cl(a, Cl(a, r1/J/ta) leads to 1/J/ta E since the r = ft,, leads to r E Cl(a, Cl(a, r1/J/ta) which which contradicts contradicts (160). (160) . We have We have E SC SC r1/J/ta E since entails ~o~rl since ~, �, r1'}/ > 7r ~r = nO"H ' a O / -=NF - N F 7/J1f'TJ ~)~r~
=
{
{:} r
a a -
~)lr?~
=
a
=
(178) (178)
=
a 1 -[-- 9 9 9 -4- a n
=
(179) (179)
~a+l.
All All that that opens opens the the possibility possibility to to define define simultaneously simultaneously aa term-system term-system T T together together with with an an evaluation evaluation function function 1I 1iv: 7" ----+> On O n and and aa "less "less than" than" relation relation < < on on the the 0: T ordinal-terms l < IIbio l and ordinal-terms such such that that a < b {:} r and the the "less-than" "less-than" relation relation on on the the l]alo ordinal terms ordinal terms becomes becomes primitive primitive recursive. recursive. We We will will not not do do this this in in all all details details but but only only indicate indicate the the essential essential steps. steps. There There are are the the following following sets sets of of ordinal-terms ordinal-terms
a b
•
ao bo
the set comprising all ordinal terms the set PP of principal the set principal terms terms denoting denoting additively additively indecomposable indecomposable ordinals ordinals the set SC SC the set SC denoting denoting strongly strongly critical critical ordinals ordinals in in SC the set KK ofof cardinal the set cardinal terms terms denoting denoting ordinals ordinals in in Reg Reg the set FF ofof fixed-point the set fixed-point terms terms denoting denoting ordinals ordinals which which are are fixed-points fixed-points of of the the enumerating enumerating function function of of Reg Reg the set RR ofof regular-terms the set regular-terms denoting denoting ordinals ordinals in in Reg Reg
9 the set T T comprising all ordinal terms
•
9
•
9
•
9
•
9
•
9
which which are are defined defined by: by: •
R � � � P � TT 9 F� FcKK E TT,, IIOlo:-0 9 II O_E llio := 0 IIo ::== Iz 9 I / E E R R nn F F,, IIZlo al �>_ .. ". . �>_ aa,n aa lI,, ... .. ,. a, ,an EE PP and and al . . + . + laI~xlo l a nl o do + ' " + I~.lo
9 RcKK c S C cSC Pc
•
• •
•9
al
an E l a l
a o :=
nl := � =~ al + + . .. .. . + + a, E T T,, la~ + + ' .". . + + a.lo
Set Set Theory Theory and and Second Second Order Order Number Number Theory Theory •
9 a, a, bb EE T T � =~ -q5 - ~aab bEE PP,, l-q5 ]-~ab[o:-~l~lolb[o a bl o := -q5lalo I b l o
309 309
'P,
where -q5 ~ is is the the fixed-point fixed-point free free version version of of the the function function ~, i.e. i.e. where
qp~(fl + + 1) 1) if if f3 fl = = ,"),+ + nn for for some some nn < < w w and and ,-), such such that that 'Po, ~o~q,= - , ,), 'Pof3 '' =9= {L~ 'Po(f3 otherwise, ~ f l otherwise, 'Pof3
_
•
al o p a Ee SC 'l/Jp a l o := 9 Ifp I.fp EE R, R, aa =J ~ L I, aa EE T T and and K KilCpal (a) < < aa then then 'l/J Cpa SC and and IICpalo "- 'l/J r lp lo llalo I 1PpallI(a)
•
9 If If aa EE T T and and K KIICL~II (a) < < aa then then 'l/J CLa F and and I'l/J ICLalv r l al o ra EE F II1P]all (a) ra l o :"-= 'l/Jl
•
9 If If aa EE T\ T\ F F then then D f ~a EE K K and and D f~a+l and ID If~lo '- D f~l~lo a l o := a+l EE RR and 1a 1o
'P!&
where 1 1 :"=- 9~o0. where The The definition definition of of the the sets sets Kp(a) Kp(a) for for pp EE K K and and aa EE T T should should be be obvious obvious from from Definition ial o l Definition 3.4.4.2. 3.4.4.2. Similarly Similarly obvious obvious is is the the definition definition of of the the "cardinality" "cardinality" Ilicit = Iilalo] i a ll = of an an ordinal ordinal term term aa from from (179). (179). of Finally we we have have ((omitting some obvious obvious cases cases)) Finally omitting some
aa = a ll = = 00 1\ A bb =J -7(=0, 0, or or lIlall < Ilibl], or Iilicit - Ilbll ]]bi] and and one one of of the the following following I bll, or I all < conditions conditions is is satisfied satisfied aa = = 'l/J r p c 1\ A bb -=e n'l/Jdpd 1\ A cc < < dd =-~cd 5 C A1\ c, c,dd < < bb aa = -q5cd 1\A bb EE SC aa EE SC (a � S C A1\ bb -= - ~-q5cd c d 1\ A (a < cc V aa � K} => 1i"( wl'+,, [8] {Cl(r ++ l1,, 1/1r (r ++ l1))1 par(8) �c n N{cl( [el 1 ,p� ("(+wl'+" ) LJ. A ((i) + K" , j), E 1i"([8] ,p� ("(+wl'+" ) i) 1i"([8] f; LJ. by main main induction on j), # with with side side induction on c~. To simplify simplify notations we abbreviate abbreviate by induction on induction on a. To notations we ) . So i) the first first three three lines lines in in the the assumptions assumptions of of claim claim ((i) by Asm Asmp(A; e; j), #;j Kj a; , 7). So ((i) p(LJ. j 8j i ) by the becomes becomes +wl'+" ) LJ.. ((ii) ii) Asmp(A; O" 7/~[O] Ir.;~£>.. LJ. A => =~ 1i,,( 7/~+~,+~ [O] lI,pr �("( Asmp(LJ.j 8j j),#;j Kto;j ~/) ,) /\A 1i"([8] +wl'+" [8] ,pK ("(+Wl' " ) A '
r
+
"
induction we To prepare prepare the the induction we first first observe observe that that by by Lemma Lemma 3.4.5.2 3.4.5.2 we we have have To
((iii) iii) Asmp(A; 8j O; j), #;j K ~;;j , ')')) /\ Aa c~ E E 7-/.y[O] =~ , 7+ + w w~'+'~ ~ ]. Asmp(LJ.j 1i"([8] => lJ+£> Ee 1i"([8]. + From iii) , ((182), 182) , ,"f' � 180 ) we then From ((iii), _< , ~' + + wlJ w~+~£> and and ((180)we then obtain obtain +£» EE 1i,,( ((iv) iv) + wlJ ) /\A a~ EE 7/~[O] p(LJ. j 8j Asmp(A; O; j), #;j K a;j , ")') =~ 1/11 +wI'+" [8]. Most collapsing property Most important important is is the the following following collapsing property of of the the function function 1/11< r (, + + w w~+~). lJ+£» . +£> +£» , Cl(~/+ 1)) for for all all G G E E C(F) C(F).. So So we we have have r>1< Cl(r for all all G Asmp(A, tf(G);j j), #;j Kj a; ,y) Z/) for GE e C(F) C(F) and and get get As m p(LJ., GG;j 8O UU tF(G) ,pK ("(+wI'++"G ) LJ., ((vii) vii) A G 1i7-l.~+~,+,o[OUtf(G)] "(+wl'+"G [8 U tF(G)] I[0"(~+~"+"~ ,pK ("(+Wl' "G ) G +£>G ) < for induction hypothesis. hypothesis. By v) we ++ wlJ for all all G G E C(F) C(F) by by the the side side induction By ((v) we have have 1/I1� n.K. Hence Hence par(t) par(t) C_ for all T n. So have 1)) for for all all TT _� K. SO we we have � Cl(% Clbn ++ 1, 1 , r'l/Ir bn ++ 1)) 'Yn) (xii) Asmp(A, r ( t , , y); (xii) 8, t;t; #;/-t; n;K; 7n) y) ; (9, Asm p(� , ((3y 3y EE /L,,~ ))F(t 7;, . Observing that 'Yn + wU+"~ wl'+o == 'Yn+ induction hypothesis hypothesis applied for all for all tt E E T~. Observing that 7, + %+1l the the induction applied to (xi) yields to (xi) yields
�")'n 1�
(xiii) (xiii)
�KtnH�
(xiv)
( 3y eE L.~)F(t, [8, t]t] I.,rIr11/!/!KK ")'n+H �A,, (3y 1/.")'n+ 1 [e, L,,)F(t , y)y) n..,,,,+,
for all tt EE T~. 7;, . Using Using the the Boundedness Boundedness Theorem 3.4.3.7 we we obtain obtain for all Theorem 3.4.3.7
(3y eE t.)F(t, 1/.")'nH [8, t]t] IrIr " "Yn+l ~ ~,� , (3y L'I )F(t, y)y) n~,,,+,[e,
+o+ l .)F(x, a)LA E A'. �' . For E T~ T>. we we have F(a, a) L~ C ( (3X EE L~)F(x,~)L~), L>.)F(x, a) LA ) , (3X EE L~)F(x,~) L L stg(a) . ... } The induction hypothesis {Xl, {xl,...,xn}. The induction hypothesis implies implies 1£[par(L\'), 7/[par(A'),b] A',F(b,d) t~ b] IIo�2.a+mo ·a+m L\'. /V. ['7 for £ [par(L\') ] I10�2.a+m for all all bb E E 0. T~.. Using Using an an inference inference (1\) (A) we we obtain obtain 17/[par(A')] then par(F(a,,~) L~) � the premise If y e {xl,...,xn} C_ par(A'). n then the premise ~ A(Z),F(y,Z-). If 2.(a+mo ) Otherwise Otherwise we we replace replace y by by L0. In In both both cases cases we we get get 7/[par(A')] 10 A', F(a, g)L~ by induction hypothesis by the the induction hypothesis and and obtain obtain the the claim claim by by an an inference inference (V). In In the the case case of of an an restricted restricted quantifier quantifier there there is is aa sentence sentence (3z E ai)F(x, d) L~ in in A'. Assume From the Assume that that a, = = { x e L~I G(x,~)}. From the premise premise ~ A,y e ~i 1\ A F(y,~) 2.(~+mo) A', a E ai 1\ A F(a, ~) we induction hypothesis we obtain obtain by by the the induction hypothesis 7/[par(A')] 10 _
.
'*
ct .
, Xn
.
0
Regarding Regarding identity identity axioms axioms as as part part of of Pure Pure Logic Logic the the next next step step is is to to deal deal with with these that, because these axioms. axioms. We We already already mentioned mentioned that, because of of the the extensionality extensionality of of sets, sets, this this simple. The is by by far far not not simple. The tedious tedious point point is is the the bookkeeping bookkeeping of of derivation derivation lengths. lengths. is To To obtain obtain precise precise bounds bounds we we are are forced forced to to derive derive all all axioms axioms step step by by step step which which is is aa bore. However, bore. However, we we do do not not need need absolutely absolutely exact exact bounds. bounds. The The collapsing collapsing procedure procedure will will equalize equalize too too precise precise bounds bounds anyway. anyway. We We already already observed observed that that the the rank rank of of aa sentence bound for introduce sentence is is always always an an upper upper bound for its its truth truth complexity. complexity. So So we we will will introduce aa more more liberal liberal derivation derivation calculus calculus � ~ A and and show show afterwards afterwards that that � ~ A entails entails 7/[par(A)] ~ A where where ct a is is computable computable from from rk(A). For be the successor, i.e., For aa set set e (9 � C_ On On we we define define e O to to be the closure closure of of e (9 u tJ {w} under under successor, i.e., �H ~ �~ + + 11 and and regular regular successor, successor, i.e., i.e., �~ H ~ �~+.. We We define define the the relation relation � ~- A by by the the rules rules
L\
1£ [par(L\)] � L\ (1\ (A')' )
L\
rk(L\). +
{w}
L\
� L\, GGlorallG~C(F) for all G E C(F) '* [-A, ~ � ~ AL\, , FF
and and
((V') V')
� ~- L\, A, f F,
C (F) and and par(L\, par(A, f F)) � C_ par(L\, par(A, F) F) =~ � ~- L\, A, F. F. fF �c_ C(F) Here . . , toto denote multi-sets, i.e., Here we we want want L\, A, ...., denote multi-sets, i.e., sequences sequences which which are are independent independent from but count from the the order order of of their their elements elements but count their their multiplicity. multiplicity. To To avoid avoid distinctions distinctions by by cases cases we we introduce introduce for for aa E E Tstg( Tstg(b) the relation relation b) the G(s) ifif bb == {x{x Ee LL~Ia I F(x)} F(a) 1\ A G(s) F(x)} (185) (185) a € b 1\ G(s) . { F(a) if G(s) if bb = - LL,. a. '*
,
.
Dually we Dually we put put
¢:}
317 317
Set Theory Theory and Second Second Order OrderNumber Number Theory Theory ' s ) .:r¢:> aa rfL bb VY G( G(s)
{{ G(s) ,F(a) -~F(a) V V G(s) G(s) G(s)
if if bb = = {x {x EE Lo k, lI F(x)} F(x)} if bb = = Lo' k~. if
(186) (lS6)
For multi-sets multi-sets we we defi define analogously For ne analogously
{
)} S {{.'.,-~F(a),G(s),...} ifbb = = {x {z E Lo k~[I F(x F(x)} . . . ' 'F ( a) , G ( s ) , . . . } if {( .. ... . ,, aa I-f b,b, G(s G ( s ) ,), .. .. ..}} := : - ~ { {. . . ,,G(s),...} i f bb -=k ~Lo. . if (s ) , . . . } G This has has the the notational notational advantage advantage that that C C ((aa EE b) b) = = {t = aa lI stg(t) stg(b)}} This {t (e bb 1\A tt = stg(t) < stg(b) stg(t) < stg(b) and C C((3x b)F(x)) = - {{tt d e b 1\ A F(t) F(t)l I stg(t) stg(b)}} independent independent of of the the shape shape of of and ( (:lx E b)F(x)) b.b.
There is is aa number number of of inference inference rules rules which which are are derivable derivable or or admissible admissible within within the the There calculus � ~ . . We We list list the the most most important important ones ones calculus
((Str) Str)
~ A� and andA C_F =~ � ~-Fr � �� r =}
~ A, A,-~A ((Taut) Taut ) � ,A
~ A�, , AA =} =~ � ~ A�" , ~ BB, , A Sent ) � A AI\BB ((Sent) (E) (E) ((ri )
�, aa EEb b ~-A, f oar sfor o msome e t E TtsEt gTstg( ( b )b) =} =~ � ~--A, � �, tt e(bbA1\t -ta=
~- �, A, tt I-f bb,, tt =I: # aa for for all all tt E Tstg( %tg(b) :=~ � ~- �, A, aa i r bb � b) =}
(V0~)) � ~- �, A,F(t) for all t E To. T~ =} =~ � ~ A�, , ( V(\Ix x EEL ~Lo)F(x) )F(x) F(t) for (\1 F(Lo )) and (3 0~)) tt E E To. T~,, par(t) par(t) � C_ par(�, par(A,F(Lo)) and � ~- �, A , FF( ( tt)) =} ::~ (:1
(Vbb)) (\l b) (~b) (:l
� ~- �, A, ((3x La)F(x) :Ix E Lo)F(x)
~- A, b, F(t) F(t) for for all all tt E Tstg( Tstg(b) =~ � ~- �, A, (\Ix (Vx E b)F(x) b)F(x) � �, tt/[I- b, b) =}
Tstg(b), par(t) � C_ par(�, par(A, F(L F(L0)) and � ~ A, A F(t) F(t) �, tt (e bb 1\ tt E Tstg( o )) and b) , par(t) =}
� �, (:Ix E b)F(x)
We as Structural as Tautology Tautology Rule, Rule, to We refer refer to to (Str) ( Str) as Structural Rule, Rule, to to (Taut) (Taut ) as to ((Sent) Sent ) as as Sentential Rule to ((E), E ) , (r (i) as as E-rule E -rule or The proofs proofs are all obvious. obvious. or i~-rule, Sentential Rule,, to etc. The are all -rule, etc. For aa multi-set multi-set � A of of/:as-sentences we define define For eRs -sentences we ~:A "~----~Ew,k( Wrk(F) F) #� := FEA FE
Ll
/
(V')
and observe observe that according to to (A') V\ ) and we always #�p . for
(196) (196)
Let a, bb E e T>. T~ and and/3(3 := := max{stg(a) max{stg(a),, stg(b)} stg(b)} + + 1. Then Let 1. Then ~-aa E e LL/~ from(191). (191). � ,8 1\A b ES LL/~ ,8 from
( V')
(i)
Since U par(b) par(b) and we get get from from (i) by (V') Since/3(3 E9 par(a) par(a) U and/3(3 < < A A we (i) by L~)[a � (3z (3z eE LA) [a eE zZ A1\ bb eE z]. z] . A) Hence Hence by by twofold twofold (V (Vx)
1\ yY E9 z]. z] . � (Vx (Vx eE L~)(Vy LA) (Vy SE L~)(3z LA) (3z E9 L~)[x LA) [X E9 zZ A
(ii) (ii) [] D
Next Next we we show show
, L>. for � (Union') (Union ) L~ for AA eE Lira. Lim.
(197) (197)
Let aa eE T~ we obtain: obtain: T>. and and c~ a := := stg(a). stg(a) . For For tt eE T~ To. and and ss eE Tstg(t) 7.tg(t) we Let
� ss fi t,t, ss eE L~ La from from (190) (190) by by (Str) (Str)
(i) (i)
� (Vx eE t)[x t) [x eE L~] La] from from (i) (i) by by (~) (VI) ~-(Vx
(ii) (ii)
� tt ~/a, i a, (Vx (Vx E9 t)[x t)[x eE L~] La] from from (ii) (ii) by by (Str) (Str) ~-
(iii) (iii)
a) � (Vy (Vy E9a)(Vx a) (Vx eE y)[x y)[x eE L~] La] from from (iii) (iii) by by (V (va) }--
(iv) (iv)
(3w eE L~)(Vy LA) (Vy eE a)(Vx a) (Vx eE y)[x y)[x eE w] w] from from (iv) (iv) by by (qLx) (3L>.) F� (3w
(v) (v)
� (Vu (Vu eE L~)(3w LA) (3w eE L~)(Vy LA) (Vy eE u)(Vx u) (Vx eE y)[x y)[x eE w] w] from from (v) (v) by by (vL~). (VL>.) . ~-
DD
We prove prove the the set set existence existence axiom-schemes axiom-schemes of of Separation Separation and and Collection Collection in in the the form form We ( L\o-Sep) (Vg)(Va)(3z)[(Vx (W) (Va)(3z) [(Vx eE z)(x (A0-Sep) z) (x eE aa A1\ F(x, F(x, if)) v)) A1\ (Vx (Vx eE a)(F(x, a) (F(x, if) z)] --+ xx eE z)] v) -+
322 322
W. Pohlers Pohlers W.
z)F(x,y,y, g)] (:3z) (Vx eE ~)(3y u) ( :3y eE z)F(~, ( �o -Col) (vg)(w)[(w (VV) (Vu) [(Vx E9 ~)(3y)F(~, u) (:3y)F(x,y,y, v-3 (Ao-Col) 17)] V) ~--+ (3z)(W
for Ao-formulas �o-formulas F(x, F(x, g) and F(x, F(x, y,y,~), if) , respectively. respectively. We We first first prove prove v) and for L). for Lim. � ( �o -Sep)L~ for AA EE Lim. !--(Ao-Sep)
(198) (198)
Let {a, {a, aall, . . ." , a, na}n } C_ LA and and aa := : = max{stg(a), max{stg(a), stg(az),..., stg(al), ' " , stg(an)} stg (an) } ++ 1. 1 . Define Define Let � k~ l '
an) } . F(x, aail,l. .". , " an)}. La l xx EE aa A/\ F(x, {x EE k~l bb ::= - {x
(i) (i)
Then we we obtain obtain for for tt EE T~: fa : Then
, an) by by (Taut)and (Taut) and (Sent) (Sent) � t tI b, b , tt EE aa A/\ F(t, F(t, az,... a l , " . ,an) F-t
(ii) (ii)
b) � (Vx (Vx EE b)[x b) [x EE aa A/\ F(x, F(x, aaI,i , ... .. ,. , a,)] an)] from from (ii) (ii) by by (V (Vb)
(iii) (iii)
� tt fI a, a, ~F(t, -,F(t, ~), it), tt EE aa A/\ F(t, F(t, g) it) A/\ tt == tt for for tt EE Tstg(,) Istg(a) F-
(iv)
� tt fI a,-~F(t, a, -,F(t, ~), it), tt e€ bb A/\ tt == tt reformulation reformulation of of (iv) (iv)
(v) (v)
� t If a,-~F(t,~) a, -,F(t, it) VV tt EE bb }--t
(vi) (vi)
from from (188)and (188) and (189) (189) by by (Sent) (Sent)
from (v) by from (v) by (E) (E) and and (V (V')')
a) � E a)[F(x, a) [F(x, it) E b]b] from (vi) by ~- (Vx (Vx E ~) --+ -4 x xE from (vi) by (v (Va)
� (:3z EE LA) [(Vx EE z) (x EE aa A/\ F(x, (F(x, it) b (3z L~)[(Vx z)(x F(x, it)) ~)) /\ A (Vx (Vx E E a) a)(F(x, ~) --+ --+ xx E E z)] z)] >' from and (vii) ). from (iii) (iii)and (vii) by by (/\' (A')) and and (:3 (3~).
From �o -Sep) LL~ ). by From (viii) (viii) we we finally finally obtain obtain ((Ao-Sep) by inferences inferences (V>'). (Y~). We We show show
� ). for I- (Inf (Inf')' ) LLx for w < A~ EE Lim. Lim.
(iv)
(vii) (viii) o D
(199)
Let Let aa EE Tw T~ and and ac~ := := stg(a) s t g ( a )+ + 11. . Then Then � ~ aa EE La L~ and and � ~-aa EE Ll~w by by (191). (191). This (:3y E Lw ) [y EE LL~] (:3z E Lw ) [a EE z] This entails entails � ~(3yEL~)[y and � ~-(3zEk~)[a z] for for all all tt EE Tw T~.. Hence Hence w ] and � Lk~ (Vx EE Lk~)(3z Since w w .} >. ) �
L
·rk(F(a) >')+3 .(stg(a)+ 1 ) ,F 17-/[par(a)] _~F(a)L~ (3x EE LLx)[F(x) (Vy E E x)'F(y) x)-,F(y) LL~] i [par(a )] 1�Io2.rk(F(a)'~)+3.(str A) [F(x) LL~ (a) L\' (3x >.] >. 1\A (Vy for all a E T>. T~.. for We prove prove the the lemma lemma by by induction induction on on stg(a) stg(a) and and get get We
L
·rk(F(b) >')+3 .(stg(b)+ 1 ) ,F(b) 1n[p~r(b)] L\' (3x 2.rk(f(b)'~)+S.(,tg(b)+l) _~F(b)Lx (3x Ee LA L~)[F(x) (Vy E E x),F x)-,F(y) (i) i [par(b)] 1� ) [F(x) LLx>. 1\A (Vy >.] (i) (y) LLx] Io for all all bb E E Ts Tstg(a). By the the structural structural rule rule (151) (151) this this entails entails for tg(a) . By L
·rk(F(b) >' ) +3.(stg(b)+ 1 ) bb If a,a,-~F(b) 12"rk(F(b)L~)+3"(stg(b)+l) ,F(WL~>' ,' 1i [par(a, b)] b)] 1� 7-l[par(a, ,o (3z L~)[F(~) (Vy Ee x) ~)~F(y)L~]. [F(x) L~>. 1\^ (Vy (3x Ee LA) 'F(y) L >. ].
this implies implies Using (/\) Using (A) this
(ii) (ii)
L
·rk(F(b) >' )+3 .(stg(a))+ 1 (Vz a)~F(z) (Vz EE a) 1i [par(a)] Io 1�2.rk(F(b)4,)+3.(,tr 'F(z)LL~>. ,' 7-/[par(a)] (iii) (iii) L~)[F(x) (Vy Ee x)-~F(y)L~]. x) 'F(y) L >. ]. [F(x) LL~>. 1\A (Vy (3x Ee LA)
By Lemma 3.4.6.1 we have have By Lemma 3.4.6.1 we
12"rk(fCa)L~) 2r FaL
1i [par(a)] 1,0. k( ( ) >. ) F(a) 7-/[par(a)] L~,, -~F(a) A (Vy (iv) (Vy eE x)-~F(y)L~]. x) 'F(y) L>. ] . (iv) LA ) [F(x) LL~>. 1\ F(a) L>. (3x eE L~)[F(x) L>. , (3x 'F(a) L~, 0 L>. ) we Putting we obtain Putting aa := 2. 2 . rk(F(a) rk(F(a) L~) obtain
o . (stg(a))+2 la+3'(stg(a))+2 ,F(a), F(a) F( L~, ~F(a), F(a) L~ A (Vz (Vz EE a)-~F(z)
1i [par(a)] ,;l 0 +3 "//[par(a)]
L>. 1\
a)' z)L>., (3x L~ A (Vy EE x)-~F(y) x) 'F(y) L~] (3x EE L~)[F(x) 1\ (Vy L >. ] LA)[F(x) L>.
(v)
(v)
from (iii)and from (iii) and (iv). (iv). Hence Hence
o
a
+3.(stg( ))+3 ~F(a)L~, L>. ] 1i [par(a)] 1o 1\ (Vy (Vy EE x)-~F(y) x) 'F(y) L~] l~+3.(st,(,))+3 (3x EE L~)[F(x) LA) [F(x) LL~>. A 'F(a)L>. , (3x 7-/[par(a)] 0
� (V).
by (V)"
We get We get the the following following theorem theorem as as a a corollary corollary of of the the Foundation Foundation Lemma. Lemma.
(vi) (vi)
D []
324 324
w. Pohlers Pohlers W.
3.4.6.9. Foundation Foundation Theorem. Theorem. Let Let F(x,Z) F(x, x) be be an an L:(E, C ( E, Ad) Ad) formula formula without without 3.4.6.9. Lim and and 7-l 1i an an acceptable acceptable operator operator with with AA EE 7-l. 1i . Then Then there there further free free variables, variables, A A EE Lira further is an an nn .]. (:3x eE L,\ )F(x, x) L>. -+ (:3x eE L,\ ) [F(x, x) L>. ^1\ (Vy L>. ) ~p FF for So we have have shown shown the So we the following following theorem theorem 3.4.6.11. Theorem. 3.4.6.11. Theorem.
IIIKPlll I KPl llna < :5 Cn(cn~+l). 1Pn (€nw + 1 ) '
The ordinal ordinal II not not only only satisfies satisfies (Vx (Vx EE f~co)(3~ f2w ) (3K EE f~co)[~ f2w ) [K EE Reg Reg A /\ xx E E n] K] but but also also The E Reg. Reg. So So we we obtain obtain by by (200), ( 200) , Lemma Lemma 3.4.6.2, Lemma Lemma 3.4.6.7, Lemma Lemma 3.4.6.3, the the II E (Theorem 3.4.6.9)and 3.4.6.9) and (201)through (201 ) through (204) (204) Foundation Theorem (Theorem Foundation Theorem I .2+W FL' L/ K P i ~IrFF =~ 1l 0 IIr2+coF => 7/0 KPi I+n I +n
for some some nn [a, b] 1I'~+1 30 �(a)b]
for aa finite finite set set of of �-formulas E-formulas �(u) A(~) by by induction induction on on a. a. The crucial crucial The for case is is again again that that the the main main formula formula of of the the last last inference inference is is .Lim. -~Lim. Let Let case such that that �(a)b A(~) b S; C_ � E "~.. From the the induction induction hypothesis hypothesis we we obtain obtain a~,b From , b such n>. +300 -~Ad(c) V ai r C,/k(~) b for all c E T~+ which by an inference 7/~,~+3~oo [a, [~, b, b, c] c] I[a~+a~o 1iw0>.+3e> '~++1 "++ 1 .Ad(c) V ai � c, �(a)b for all c E 7,.+ which by an inference n +300 + l ~(3Z L~+)[Ad(z) A ai E z], A(a) b By cut we (A) implies ~/o,n~+3~o[~, b] I]flX+3c~o+l �+1 (1\) implies 1iw0 . (:Jz E L,,+ ) [Ad(z) 1\ ai E Z] , �(a)b . By cut we >. +3e>o [a, b] "K+-I-I 2 + +n>. + +2 < wn>. n + + n~,x+3oo[~,b] A(~)b. wn>. n~+3~~ +w w,,~++n~+3~o+2 +300 + +30 we � 300 � (a)b . Since w obtain 1iw o>. +3e>o [a, b] I1a~+3~o+2 300 < W ~+3~ ',r" +1 obtain 1i 7/~,~+3~[~, b] 1I~+1 "~+3~ A(~) by the the Collapsing Collapsing Theorem. Theorem. obtain 30 � (a)b~ by W0>. +3e> [a, b] By the the now now familiar familiar technique technique we we obtain obtain from from (210) (210) By
���
[
�:
]
W - K P i ~� - F F '* =~ (:Ja ( 3 a eEcco) ~ 1io 7/~ IIn~n~+lFL"~] F Loe> W-KPi (212) (212) +l Collapsing Theorem for for �l-sentences ~l-sentences F F.. By By the the Collapsing Theorem and and Theorem Theorem 3.4.2.2 3.4.2.2 this this implies implies
3.4.6.15. Theorem. Theorem. 3.4.6.15.
W-KPi ll n ::; _< 'ljJ Cn(~o). IIIIW-KPilln n (neo ) .
From (211) (211) we we obtain obtain as as in in the the proof proof of of (208) (208) From
[
W-KP1 ~ F f '* =~ (:Ja (3a E e co) Co) 1iw no,,~+~ W -KPI � ow +e> [~+~+t EL"]
213) ((213)
n+nw +O) -= 'ljJ Since Cn(w 'ljJn (w~+n~+~) WO) < r'ljJn (nw . Co) co) for for �l-sentences F < Co co we for ~l-sentences F.. Since r n (nw . w ~) < for aa < we get from (213) by the Collapsing Theorem and and Theorem Theorem 3.4.2.2 get from (213) by the Collapsing Theorem 3.4.2.2 3.4.6.16. Theorem. 3.4.6.16. Theorem.
o) . 'ljJn (nw ' cc0). [IW-KPlll II W-KPl ll ~n _< ::; Cn(fl~"
The theories for for iterated iterated admissibles admissibles needs needs serious extra work The analysis analysis of of theories serious extra work which which has first first been been done done by by M. M. Rathjen. Rathjen. We there are are operator controlled has We have have to to show show that that there operator controlled ItAd( a, f). f) . This This is is prepared is provable provable derivations for for the the axioms derivations axioms ItAd(a, prepared by by aa Lemma Lemma which which is in K PF.. in KPlr 3.4.6.17. Lemma. Let aa and and uu be be admissible admissible sets sets such such that that aa EE uu and and Lemma. (KPI (KPn 3.4.6.17. r) Let a. Then Then (V~ (V� .-calculus. The of terms in character character to to the typed A-calculus. The closure closure conditions are as as follows: conditions on on terms terms are follows: There . . . of There are are infinitely infinitely many many variables variables x", x ~, y", y~, z", z~,.., of each each type type T T.. 00 is a constant of type o. is a constant of type 0. Be Sc is is a a constant constant of of type type (0 (0 -+ --+ 0) 0).. If t( s) is If ss is is a a term term of of type type a a and and tt is is a a term term of of type type (a (a -+ --+ T T)) then then t(s) is a a term term of of type type T T.. 5. ). 5. If If tt is is aa term term of of type type T T then then >'XCT.t Ax~.t is is aa term term of of type type (a (a -+ --+ T T). (n = 0 , 1 , 2 , . . . ) is a sequence of terms of type T then 6. 6. If If tt,~ (tn} is aa term term of of n ) is n (n = 0, 1, 2 , . . . ) is a sequence of terms of type then (t type ). type (0 (0 -+ --+ T T). n (O) Then Write Write n n for for Bc Sc"(O). we translate translate each each term term tt of of T T into into aa term term tt + + of of this this . Then we + system system of of infinite infinite terms terms by by taking taking tt + = = tt for for tt aa variable, variable, 00 or or Be, Sc,
11.. 2. 2. 3. 3. 4. 4.
K K ++ = = >'x>'y.x, AxAy.x, SS++ = = >.x>.y>.z.x(z, AxAyAz.x(z, y(z)) y(z)) and and
(n, ttn), n) , R n+ ! = R ++ = - >.j>.g>.x.(tn} AfAgAx.(tn} where where ttoo = - ff and and ttn+l - gg(n,
+ to and and by by requiring requiring (-) (.)+ to preserve preserve application. application. Each Each term term tt of of the the infinite infinite system system is is assigned assigned an an ordinal ordinal It[t[I as as length length in in aa natural natural way, way, with with It[tlI = = 11 for for tt aa variable variable or or constant, constant, I>.x.tl [Ax.t] = = It[t[I + + 11,, It(s) [t(s)[1 : ls Is[i + + ItItII and, (tn} 1 == ssupn } {m ) t> t (m)~> tm m n
Godel's G6del 's Functional Functional Interpretation Interpretation
361 361
3. ({tn} ((tn)(r))(s)~ (tn(s))(r), when rr is is not not aa numeral numeral and and (tn}{r) (t~)(r) is is not not of of type type O. O. {r)) (s) t> (tn(s)) (r) , when 3. * The relation relation -t -~* is is then then the the least least reflexive reflexive and and transitive transitive relation relation which which extends extends the the The t> relation relation and and preserves preserves application. application. As As before, before, aa term term tt is is said said to to be be in in normal normal form form * uu then whenever tt -t --+* then tt is is identical identical with with uu.. ifif whenever
For For each each term term tt of of T T we we can can find find aa term term to t ~ in in normal normal form form such such that tt++ -t -+** to t ~ and and ItO It~I < co ~o.. that
4.4.1. 4.4.1. Theorem. Theorem.
The idea idea of of Tait's Tait's proof proof of of Theorem Theorem 4.4. 4.4.11 is is very very much much the the same same as as that that for for the the The ' s classical cut-elimination theorem theorem for for the the extension extension of of Gentzen Gentzen's classical propositional propositional sequent sequent cut-elimination calculus calculus to to that that for for logic logic with with countably countably long long conjunctions conjunctions II II and and disjunctions disjunctions L E. Derivations Derivations in in PA PA are are translated translated into into derivations derivations in in this this calculus, calculus, by by first first translating translating formulas cp ~ into into propositional propositional formulas formulas cp+ ~+,, using using (Yx (Vx cp[x] ~[x])) ++ = = II I Inn-~-~3b Vk (b (bbin(k) ftree)), -,Bounded(ree , k) -t -,-,3b Vk hin (k) EE ree )),
WKL) since follows follows from from ((WKL) since the the double-negation double-negation only only weakens weakens the the conclusion. conclusion.
0 C]
We WKL) as We define define aa convenient convenient variant variant of of ((WKL) as follows: follows: ((WKL') WKL' )
'v'f 3b 3b Vk Vk (-,Bounded(ree, (-~Bounded(f tree,k) k) -t --+ bbbin(k) ftree). hin (k) Ee ree). "If
Proving Proving the the following following lemma lemma is is aa simple simple exercise exercise in in intuitionistic intuitionistic logic. logic. 7.3.3. 7.3.3. Lemma. Lemma.
Over ). Over intuitionistic intuitionistic logic, logic, (( WKL WKL)) is is implied implied by by (( WKL' WKL').
In In fact, fact, the the two two principles principles are are equivalent equivalent over over JiA ~ # ,# , but but the the converse converse direction direction requires requires more more work work and and is is not not needed needed below. below.
Godel's GSdel 's Functional Functional Interpretation Interpretation
375 375
-
-
# ++ ((WKL') # 7.4. Reducing R e d u c i n g HA H-'A# to HA H-'A# 7.4. WKL') to ' t prove # doesn Though WKL) , we WKL) doesn't Though HA H-A# doesn't prove ((WKL), we can can show show that that adding adding ((WKL) doesn't # allow H'A# to prove any new II ~ sentences. The main avenue to this result allow HA to prove any new rrg sentences. The main avenue to this result isis abstracted in in the the following following abstracted Lemma. 7.4.1. Lemma.
# proves Suppose HA ~ffA# proves Suppose
a, b,b,c) 3~ Vb, vb, c~ S( S(a, ~) -t ~ Vx w 3y 3y R(x, R(~, y) y). 3a
(2) (2)
(a, x) Then Then there there is is aa specific specific term term c8(a, x) (whose (whose other other free free variables variables are are among among those those of of R R # proves and S) S) such such that that HA ~ffA# proves and
(a, x)) w 3a 3~ Vb vb S(a, s(~, b,b, ce(a, ~)) -t -+ Vx w 3y 3y R(x, R(~, y) y). Vx # to The proof proof is is straightforward, straightforward, using using the the scheme scheme cp ~ +-+ ++ cpD ~D of of JiA H-A# to convert convert (2) (2) The with "Vx" "Vx" deleted deleted to to its its D-translation, D-translation, applying applying Theorem Theorem 5.1.3 5.1.3 to to extract extract aa term term with c 8 of of T T,, and and then then manipulating manipulating quantifiers. quantifiers. The The upshot upshot is is that that to to eliminate eliminate the the # , it assumption assumption 3a 3a Vb, Yb, cc S(a, S(a, b, b, cc)) from from aa proof proof of of Vx Yx 3y 3y R(x, R(x, y) y) in in JiA H-A#, it suffices suffices to to show that that one one can can prove prove show 3a vb S(a, S(a,b,~(a,~)) 3a Vb b, c(a, x)) A
for any any specific specific term term c8.. for We now now apply apply this this to to the the situation situation at at hand. hand. We
7.4.2. 7.4.2. Lemma. Lemma. 7.4.3. Proof. 7.4.3. P roof. proves proves
HA # + WKL) is conservative over HA # for for rrg H-A# + (( WKL) is conservative over ~ffA# II~ sentences. sentences. Lemma 7.3.3 if JiA# By + ((WKL) WKL) By Lemma 7.3.3 and and the the deduction deduction theorem, theorem, if H-A#+
Vx 3y R(~, R(x, y), w 3y y),
then proves then H'A# HA # proves
Vf 3b 3b Vk Vf Vk (~Bounded(f ~y R(x, R(x, y).16 bhin(k) EE ftree) -+ VX ( -,Bounded (ftree, tree , k) k) --+ -t bbin(k) ree) _.~ Vx 3y y). 16 Applying C) to Applying (A (AC) to the the hypothesis, hypothesis, we we obtain obtain 3B f, kk (~Bounded(f tree, ee , k) k) ~-t B(f)bin(k) B(f)hin(k) eE ftree) ree) ._~ 3B VVf, ( -,Bounded (r -t Vx Vx 3y 3y R(x, R(x, y). y).
Applying Lemma Lemma 7.4.1 7.4.1 with with kk in in place place of of c, c, we we are are reduced reduced to to showing showing that that HA HA## Applying proves proves 9B (3) ree ) (3) ( -,Bounded (ree , k(S,x)) k(B, x)) ~-t B(f)bin([~(B,x)) B(f)hin(k(B, x)) eE ftree) 3B Vf Vf (~Sounded(ftree, #
-
-
#
-
#
to use H'Ao HAo# or or I-H'A I-HA# instead instead of WEfffA WE-HA# , since the the deduction theorem fails 16Here we need to for the the latter latter theory; cf. 3.1. However, However, for for aa way around around this, this, see Kohlenbach [1992], [1992), p. p. 1246. for
J. Avigad and S. Feferman Feferman
376 376
for for any any closed closed term term k k.. We now now bring in the the notion of hereditary hereditary majorizability to bound bound the the value value of of We bring in notion of majorizability to kk(B, (B, x) find aa term x).. By By Proposition Proposition 7.2.3, 7.2.3, we we can can find term k* k* that that hereditarily hereditarily majorizes majorizes kk.. Define Define k'(x) def k*().x).j.1, x). k'(x) = --def Since xx :::: HA # proves Since HA* HA * FI- ttr n A A A ttr n t A HA*
for aa suitable suitable term term tt with with FV(t) FV(t) Cc FV(A). FV(A) . for
Proof. The proof proof proceeds proceeds by by induction induction on on the the length length of of derivations; derivations; that that is is to to say, say, P r o o f . The we have have to to find find realizing realizing terms terms for for the the axioms, axioms, and and for for the the rules rules we we must must show show how how we to find find aa realizing realizing term term for for the the conclusion conclusion from from realizing realizing terms terms for for the the premises. premises. We to We check some some cases. cases. check L5. Assume B) , tt'~r_~n(A -+ -+ C), G) , and and x r_~nA; then then p(t.x, f . x ) r_~n(BAG) Lh. Assume tt r_nn(A -+ B), (BAC),, so Ax.p(t.x, t'ox) r___~n(A --+ -+ BB A C). G) . so L14. Assume L14. Assume tr___nn(A-+ --+ B) B),, x r¢ FV(B), FV(B) , and and let let yr___nn3xA, then then plyr._nnA[x/poy], -+ S). B) . hence t[x/poy].(ply)r___nB, so hence so Ay.t[x/poy].(ply)r___nn (3x A -~ Of the the non-logical requires attention. attention. Suppose Of non-logical axioms, axioms, only only induction induction requires Suppose
rn (A rn (A x rn A; p(tox, t'ox) rn Ax.p(tox, t'ox) rn (A t rn (A x yrn3x A, Pl y rnA[x/poY]' t[x/POY]O(P1Y) rnB, Ay.t[x/POY].(P1Y) rn (3x A xx r___nn rn (A[y/O] (A[y/O] A Vy(A 'v'y(A --+ A[y/Sy])). A[y/Sy])).
Then Then
-+
poxrnA[y/O], rnAA -+ (Plx)oyozrnA[y/Sy]. pox rn A[y/O], zz r___~n ~ (p~x).y.z rn A[y/Sy].
So So let let tt be be such such that that
tt.0 oO �~ p0x, pox, to(Sy) t . ( S y ) ~� (P1X)o (p,x).y.(t.y). YO(toy). The application of theorem, or The existence existence of of tt follows follows either either by by an an application of the the recursion recursion theorem, or is is
immediate immediate if if closure closure under under recursion recursion has has been been built built directly directly into into the the definition definition of of recursive function. recursive function. It It is is now now easy easy to to prove prove by by induction induction that that tt realizes realizes induction induction for for A . O0 A call this A statement statement weaker weaker than than soundness soundness is is I~- A => =~ IF- 3x(x r___~nA); we we might might call this weak weak soundness. soundness. We We can can also also prove prove a a stronger stronger version version of of soundness: soundness:
A.
A
3x(x rn A); A
1.8. 1.8. Theorem. T h e o r e m . (Strong (Strong Soundness Soundness Theorem) Theorem) For For closed closed A HA HA** IF A => ~ HA HA** IFn ~ r_~nA A An ~ r n t A for for some some numeral numeral n ~..
A
rn A rnt A
A;
Proof. P r o o f . Let Let HA* HA* IF A; from from the the soundness soundness theorem theorem we we find find aa term term tt such such that that tt r_nnA, hence hence t..\.. t$. t..\., � -formula of t$, i.e. i.e. tt = - tt is is equivalent equivalent to to aa E E~ of HA, H A , say say 3x(s = - 0) 0),, and and HA H A proves proves only true E only true E~� -formulas, from from which which we we see see that that tt = - n 5 must must be be provable provable in in HA* HA* for for some some numeral numeral n ft.. Similarly Similarly for for r n t . 0 o
rn A,
3x(s
rnt.
415
Realizability
R e m a r k . If If one one formalizes formalizes the the proof proof of of the the soundness soundness theorem, theorem, it it is is easy easy to to 1.9. Remark. see that that there there are are primitive primitive recursive recursive functions functions '1/;, r 1 r such such that that see H A fk- Prf Prf(x, 7) -t --+ Prf Prf(r HA (x , rrAAI) ( 1 (x) , Sub ( r y rn A' , yy,r , 'I/; (x))) where "Prf" "Prf" is is the the formalized formalized proof-predicate proof-predicate of of HA* HA*,, rr~7 is the the godelnumber gbdelnumber of of where c is expression �, ~, and and Sub(rB 7, x, x, rrss ,7)) is is the the godelnumber gbdelnumber of of E[x/ B[x/s]. expression Sub(r E', s] . In fact, fact, the the whole whole implication implication is is provable provable even even in in primitive primitive recursive recursive arithmetic. arithmetic. In But the the statement statement expressing expressing aa formalized formalized version version of of the the strong strong completeness completeness But theorem: theorem: Prf(x, rrAT) --+ Prf(1(x), Prf(r rn AI) A 7) Prf(x, A ') -t rre(x) 'I/; (x) rn (A closed, closed, for for suitable suitable provably provably recursive recursive 1, r '1/;) r is is not not provable provable in in HA H A (see (see sec sec(A tion 1. 1.16). tion 16). 1.10. Lemma. L e m m a . (Self-realizing (Self-realizing formulas) formulas) For For 33-free formulas, canonical canonical realizers realizers 1.10. -free formulas, exist, that is to to say say for for each each 33-free A we we have have in in HA* HA* exist, that is -free A (i) fF 3x(x 3x(x rrnn A A)) -t -+ A, A, (i) (ii) tA with (ii) fFA A -t --+ ttArn A for for some some term term tA with FV(tA) FV(tA) c C FV(A) FV(A).. A rn A (iii) A A formula formula A A is is provably provably equivalent equivalent to to its its own own realizability, realizability, i.i.e. A ++ ~ 3x(x rn A)), A)), 3x( x rn (iii) e. A
iff -free formula. iff A A is is provably provably equivalent equivalent to to an an existentially existentially quantified quantified 33-free formula. (iv) Realizability is idempotent, i.e. 3x(x rn 3y(y rn A)) ++ 3x(x rn A) ; in in fact, fact, even even (iv) Realizability is idempotent, i.e. :Jx(x rn 3y(y rn A)) ++ 3x(x rn A); 3x(x rn (A ++ 3y(y rn A))) holds.
:= Ax.tA (x rfr tAAB := P(tA' Proof. Proof. Take Take tts=s, 0, tA^s P(tA, ttB), AX.tA,, tA tA-~B Ax.tsB (X VxA "-B ) , ttVxA -+ B := Ax.t S=SI := 0, FV(ts)), and prove prove (i) and (ii) by simultaneous simultaneous induction on A. A. (iii) (iii) and and (iv) (iv) are are FV(t (i) and (ii) by induction on B ) ) , and immediate corollaries. 0 [] immediate corollaries.
:=
:=
R e m a r k . An of practical practical usefulness is the any definable definable Remark. An observation observation of usefulness is the following. following. For For any predicate with with canonical realizers (i.e. (i.e. a a predicate predicate A definable by A definable by an an 3-free 3-free formula) formula) predicate canonical realizers . . . )) we obtain an equivalent realizability we obtain an equivalent realizability if if we we read read restricted restricted quantifiers quantifiers Vx(A(x) Vx(A(x) -t -+ ... and 3x(A(x) quantifiers VxEA, VXEA, 3xEA 3xEA over over aa new domain with with realizability and 3x(A(x) A as quantifiers new domain realizability /\ .. ... . )) as clauses copied from numerical quantification, i.e. i.e. clauses copied from numerical quantification,
xx rr__~n r__~nB) A x$, E) /\ x.j.. , n VyEA.B VyEA.E :"= = VyEA(x~ VY EA(x.y rn rn B[x/pox] E[x/poX] A /\ A(p0x). A(pox) . xx rn r___~n33Yy eEA.E A . B "= plx PI X r___n In short, we may may simply forget about In short, we simply forget about the the canonical canonical realizers. realizers.
:=
realizability 1.11. x i o m a t i z i n g pprovable r o v a b l e realizability 1.11. A Axiomatizing
As we we have seen already already in in the the introduction, introduction, realizability realizability validates validates more more than than what what is is As have seen provable prove realizability provable in in HA; HA; in in fact, fact, we we can can formally formally prove realizability of of in in HA* HA* an an intuitionistic intuitionistic version version of of Church's Church's thesis: thesis: CTo Vx3y A(x, CT0 Vx3y A(x, y) y) --+ -t 3zVx(A(x, 3zVx{A(x, zox) z.x) A/\ z~ z.x.j..) . is certainly certainly not not provable provable in in HA, HA, since since itit is is in fact refutable refutable in classical arithmetic. arithmetic. CT00 is in fact in classical CT This version of well-known version This version of Church's Church's thesis thesis is is in in fact fact aa combination combination of of the the well-known version which which states states "Each "Each humanly humanly computable computable function function is is recursive" recursive" and and the the intuitionistic intuitionistic
416
A.S. Troelstra A.S.
reading y) which which states states that that there there is reading of of \fx3yA(x, Vx3yA(x, y) is aa method method for for constructing, constructing, for for each each given method describes humanly computable given x, x, a a y y such such that that A(x, A(x, y) y).. Such Such a a method describes aa humanly computable function. function. We now now ask ask ourselves: ourselves: is is there there aa reasonably reasonably simple simple axiomatization axiomatization (by (by aa few few We axiom in HA? axiom schemata schemata say) say) of of the the formulas formulas provably provably realizable realizable in H A ? The The answer answer is is yes, yes, 0, the axiomatized by the provably provably realizable realizable formulas formulas can can be be axiomatized by aa generalization generalization of of CT CTo, namely namely "Extended "Extended Church Church's's Thesis Thesis":": ECTa \fx(Ax ECTo Vx(Ax -+ 3y 3y Bxy) B x y ) - -+ ~ 3z\fx(Ax 3zVx(Ax -+ zox-!z.x$ /\ A B(x, B ( x , zzox)) . x ) ) (A (A 3-free) 3-free).. Lemma. * -realizable. L e m m a . Each Each instance instance of of ECTa ECT0 is is HA HA*-realizable. Proof. P r o o f . Suppose Suppose uu rrn n \fx(Ax Vx(Ax -+ --+ 3yBxy) 3yBxy) rn 3yBxy) , and Then rn Ax -+ uoxov Then \fxv(v Vxv(vr___nnAx u~ and since since A A is is 3-free, 3-free, in in particular particular \fx(Ax oxot A rn ( u xot A ) rn a (Uoxot A )) ' Then Vx(Ax -+ uu.x.tA r n 33yBxy) y B x y ) , , so so \fx(Ax Vx(Ax -+ Pl pl(U.X.tA) r n BB(x, (x, P po(U.X.tA)). Then it it is is straightforward straightforward to to see see that that p ( Ax · Pa( UoxotA) , A xv. p ( O , Pl p(Ax.po(uox~ Axv.p(0, Pl (UOxotA))) (U~ )) realizes realizes the the conclusion. conclusion. 0 [] o
condition "A "A is Remark. R e m a r k . The The condition is 3-free" 3-free" in in ECTa ECT0 cannot cannot be be dropped: dropped: applying applying -,3zTxxz, Bxy 3zTxxz) V unrestricted ECTa unrestricted ECT0 to to Ax Ax := 33zTxxz zTxxz V V-~3zTxxz, B x y := (y (y = = 00 /\ A 3zTxxz) (y = -- 11 /\ A -,3zTxxz) -~3zTxxz) yields yields a a contradiction. contradiction. In In fact, fact, this this example example can can be be used used to to (y show a ! fails a! is show that that even even unrestricted unrestricted ECT ECT0! fails (ECT (ECT0! is like like ECT ECT0a except except that that 3y 3y in in the the premise premise is is replaced replaced by by 3!y; 3!y; 3!y 3!y means means "there "there is is aa unique unique y y such such that" that").) . Theorem. T h e o r e m . (Characterization (Characterization Theorem Theorem for for rn-realizability) r__nn-realizability) A) for (i) (i) HA* HA* + + ECTa ECT0 fFA A +-+ ~ 3x(x 3x(x R rt A) for R rt E e {rn, {rn, rnt} r n t },, (ii) (ii) For For closed closed A, A, HA* HA* + + ECTa ECT0 fFA A {::} r HA* HA* fFn ~t rn r___nnA A for for some some numeral numeral n ft.. Proof. P r o o f . (i) (i) is is proved proved by by a a straightforward straightforward induction induction on on A. A. The The crucial crucial case case is is A C; then rn B) -+ rn C)) (by A == _-- B B -+ --+ C; then B B -+ ~ C C +-+ ~ (3x(x (3x(xr___~nB) ~ 3y(y 3y(yr__gnC)) (by the the induction induction hypothesis) hypothesis) +-+ ~ Vx(x Vx(x rn r___~nB B -+ --+ 3y(y 3y(y rn rn C)) C)) (by (by pure pure logic) logic) +-+ ~ 3zVx(x 3zVx(x rn r__~nB B -+ --+ zox zox rn r___nC) C) (by rn B (by ECTa ECT0,, since since x x r___n B is is 3-free) 3-free) == = 3z(z 3z(z rn r__~n(B (B -+ --+ C)) C)).. (ii) (ii).. The The direction direction � =v follows follows from from the the strong strong soundness soundness theorem theorem plus plus the the lemma; lemma; {= r is is an an immediate immediate consequence consequence of of (i). (i). 0 o Curiosity classically provably Curiosity prompts prompts us us to to ask ask which which formulas formulas are are classically provably realizable, realizable, i.e. i.e. provably provably realizable realizable in in first-order first-order Peano Peano Arithmetic Arithmetic PA, P A , which which is is just just HA H A with with classical classical logic. logic. The The answer answer is is contained contained in in the the following following Proposition. 3x(x rn P r o p o s i t i o n . PA P A fF 3x(x r___~nA) A) {::} r HA HA + + M M+ + ECTo ECT0 f~- -,-,A, -~-~A, 's principle: where where M M is is Markov Markov's principle:
M M
Vx(A V -,A) -,A) /\ A. ~' Vx(A A ~-,-,3x 3x A A -+ 3x 3x A.
Realizability
417 417
Proof. rn A) let B P r o o f . Let Let PA P A I}- 3x(x 3x(x r__nn A),, and and let B be be aa negative negative formula formula (i.e. (i.e. aa formula formula in in the the - -Nx-,(x A, V, V, -+-fragment) --+-fragment) such such that that HA H A ++MM lF- x xr__~nA ++ B(x) B(x).. Then Then PA P A I~~Vx~(xr__~nA), rn A t-t rn A) , /\, and since since PA P A is is conservative conservative over over HA H A for for negative negative formulas formulas (in (in consequence consequence of of and Ghdel's's negative negative translation), translation), also also HA H A IF --~Vx-B, i.e. HA HA + + M M IF -,-,3x(x ~3x(xr__nnA), ,Vx-,B, i.e. rn A) , Godel simpler. 0 and and thus thus it it follows follows that that HA HA + + M M+ + ECTo ECT0 IF -,-,A. ~-~A. The The converse converse is is simpler, o Extensions of of HA* HA* 11.12. .12. Extensions
For For suitable suitable sets sets r F of of extra extra axioms, axioms, we we may may replace replace HA HA** in in the the soundness soundness and and r. Weak characterization characterization theorem theorem by by HA HA** + + F. Weak soundness soundness and and the the characterization characterization theorem theorem require require for for all all A AE Er F HA* HA* + + r F IF 3x(x 3x(x rrn ___n_A) A). n . (1) r Soundness requires Soundness requires for for all all A AEF HA* (2) HA* + + r F I~- tt rn r_nnA A for for some some term term t, t, and and strong strong soundness soundness requires requires (2) and and in in addition: addition" HA HA** + + r F proves proves only only true true ~~ ��-formulas. Examples Examples
(a) For (a) For r F any any set set of of 3-free 3-free formulas formulas soundness soundness and and the the characterization characterization theorem theorem soundness holds. extend. extend. If If HA HA** + + r F proves proves only only true true �� ~~ -formulas, strong strong soundness holds. The The next next two examples permit permit characterization two examples characterization and and strong strong soundness. soundness. (b) Let Let -< -~ be be a a primitive primitive recursive recursive well-ordering well-ordering of of iN, provably total total and and linear linear IN, provably (b) in * ; for in HA HA*; for r F we we take take all all instances instances of of transfinite transfinite induction induction over over -< -~:: TI( - is below) below).. If m m is is (a code of) of) a a sequence, sequence, lth(m) lth(m) is is its its length; is aa primitive primitive recursive recursive If (a code length; *9 is concatenation concatenation function function for for codes codes of of sequences. sequences. We We abbreviate abbreviate ·
nn ~�mm ."= = )m) 3 n ' ( n .*nn' '=m , , - 3n'(n " - ( n - ~(n m A�n ~m m )1\ , n =I- m) , nn - ~-<m m := .i; := (x) . 9=
The The primitive primitive recursive recursive inverse inverse function function AXY.{X)y A x y . ( x ) y of of sequence sequence encoding encoding satisfies satisfies m m) y = m) y = m = = (no, ( n o , .. .. .., , n nx-l> =~ ((m)y = n nyy for for y y< < x, ((m)y = 00 for for y > x. x. x -l) => For reasons reasons of of technical technical convenience convenience we we assume assume monotonicity monotonicity in in the the arguments arguments for for For encodings of pairs, n-tuples n-tuples and encodings of pairs, and finite finite sequences: sequences: n' -+ -+ p(n, p(n, m) m) < < p(n', p(n', m), m), m m < < m' m' -+ --+ p(n, p(n, m) m) < < p(n, p(n, m') m'),, nn . 0 ~0"= Q
x,
O. . . . , anx). (aO, . . . , ax).
. , an)
a (x
aO
�
(aI, . . . , an)
Definition. Definition. Elementary E l e m e n t a r y Analysis A n a l y s i s EL EL is is aa conservative conservative extension extension of of HA H A obtained obtained by by adding adding to to HA H A variables variables (c~, f3, ~, 1', ~/, 0, 5, f.e)) and and quantifiers quantifiers for for (total) (total) functions functions from from IN IN to infinite sequences to IN IN (i.e. (i.e. infinite sequences of of natural natural numbers) numbers).. There There is is A-abstraction A-abstraction for for explicit explicit (t aa numerical numerical term, definition recursion-operator Rec definition of of functions, functions, and and aa recursion-operator Rec such such that that (t term, p (t , t' )) = Cp(t, r aa function function term; term; r (t , t' t')) ::= t')) Rec(t, Rec(t, = Rec(t, r = t, t, Rec(t, Rec(t, r = r Rec(t, r = Induction Induction iiss extended extended to to all all formulas formulas iinn the the new new language. language.
(a,
¢
¢ ¢)(O)
¢
¢)(Sx) ¢ (x,
¢)(x)).
426 426
A.S. Troelstra A.S.
The functions functions of of EL EL are are assumed assumed to to be be closed closed under under "recursive "recursive in", in" , which which isis The A: expressed by by including including aa weak weak choice choice axiom axiom for for quantifier-free quantifier-free A: expressed QF-AC QF-AC
Vn3mA(n, m) m) --+ -t B~VnA(n, 3aVnA(n, an) an) Vn3mA(n,
0 []
In EL EL we we introduce introduce abbreviations abbreviations for partial continuous continuous application application Definition. In Definition. for partial 0), ~(~) = 33y(a(j3y) y ( ~ ( ~ y ) == x9 ++ 11 ^/\ vVyl(u) = z ++ 1) (I)r162 ~r 1) A /\ ~r 4>(x *9 &n) > 00 A/\ (I)r 4>("') (~ ", (x *9 &n) > 0, 0, (x *9 &n) = 0o otherwise. otherwise. == r 'ljJ1(. Take Take Case 4. r -z+ + 1 iif Bu 00 /\ A e(x ~(s *9 ~n) > 0, ",(x 1) /\ otherwise . 0o otherwise. 0 The other cases are to the the reader. reader. [] The other cases are left left to It is is now in EL pca is model of APP do not confuse It now easy easy to to prove prove in EL** that that PCO is aa model of A P P (do not confuse the A-abstraction EL* with with the the defined A-operator in in APP) For example, example, an an in EL* the A-abstraction in defined A-operator A P P ) . . For interpretation of of Is] [s] is is found found as follows. If If r is term of of EL * , let let us us write interpretation as follows. is a a function function term EL*, write Aa.¢J for for the the ~r 4> given by the the lemma. lemma. Then Aa.r given by Then we we put put
t
g
= Case t an) t Case ¢J { z z n, '" z n Case t ¢J('ljJ) . {z iE luuc z"() ~� zza \fzz22V\f"(\f If we we add add MUC MUC to HAW we can can m_xr-interpret mr-interpret FAND. FANo. If, If, on the other other hand, hand, we we If to H A ~,, we on the EL* ++ CT CT as as our our metatheory metatheory for for ICF-m__~r, ICF-mr, we we can can realize realize aa statement statement positively positively use EL* use 0
•
434 434
A.S. 1'roelstra Troelstra
contradicting MUC. MUC. See See Troelstra Troelstra [1973a,2.6.4, [1973a,2.6.4, 2.6.6, 2.6.6, 3.4.16, 3.4.16, 3.4.19]. 3.4.19]. contradicting As an an example example of of an an application application of of aa concrete concrete version version of of mr-realizability m__Er-realizabilitywe we can can As show e.g. e.g. the the consistency consistency of of HAW HA ~ + + IP IPeff + + AC AC + + WC-N WC-N + + FANn FAND + + EXT EXT1,0, show 1 ,o , e where WC-N WC-N is is the the schema schema Va3n Va3n A(a, A(a, n) n) -+ -4 Va3n, Va3n, mVf3(iim mVt~(~m = = (3m ~m -+ -4 A(f3, A(~, n)) n)),, where and EXT EXT1,0 is Vaf3z2(a Vaflz2(a = =/~f3 -+ -4 Z2a z2ce = = z2f3) zZ/3).. (Use (Use ICF-mr-realizability ICF-m__Er-realizabilitywith with EL* EL* + + and 1,o is FAND as as metatheory.) metatheory.) FANn N o t a t i o n . Henceforth Henceforth we we write write mrn, mrn, mrf mrf for for HRO-mr HRO-m__Erand and ICF-mr-realizability ICF-m__Er-realizability Notation. respectively. D. [:]. respectively.
3.10. Notes Notes 3.10. Modified realizability realizability was was first first formulated formulated by by Kreisel Kreisel [1962b]; [1962b]; aa concrete concrete version version Modified equivalent to to our our ICF-mr-realizability ICF-mr-realizability was was used used in in Kleene and Vesley Vesley [1965] [1965].. equivalent Kleene and Cook and Harnik [1992] Cook and Urquhart Urquhart [1993] [1993] and and Harnik [1992] apply apply mrt-realizability mrt-realizability to to bounded bounded arithmetic and related systems, systems, improving improving on on earlier earlier results results obtained obtained by by Buss Buss [1986] [1986] arithmetic and related by means means of of numerical numerical realizability. by realizability. Vesley used modified Vesley [1970] [1970] used modified realizability realizability to to obtain obtain consistency consistency of of intuitionistic intuitionistic analysis with with aa restricted restricted form form of of IP IP (Vesley's (Vesley's principle) principle).. Moschovakis Moschovakis [1971] [1971] used used analysis realizability interpretation interpretation to obtain consistency consistency of of aa weak weak version version of of aa modified modified realizability to obtain Church's's thesis thesis with Kleene's's system system for for intuitionistic intuitionistic analysis analysis (i.e EL with with bar bar Church with Kleene (i.e EL induction induction and and GC GC for for the the case case A A == _= 00 = = 0), 0), together together with with Vesley's Vesley's Principle. Principle. The The weak Church's thesis may be as: "each "each numerical not not weak version version of of Church's thesis may be stated stated as: numerical function function is is not not recursive". observed that that the the modified realizability recursive" . In In Troelstra Troelstra [1973a,3.4.15] [1973a,3.4.15] itit is is observed modified realizability of in the of Moschovakis Moschovakis [1971] [1971] is is essentially essentially abstract abstract modified modified realizability realizability interpreted interpreted in the recursive elements ICF, and and that that the the consistency consistency type structure structure consisting consisting of of the the recursive type elements of of ICF, proof covers covers in fact full full IP IPeff (Troelstra [1973a,3.4.18]). proof in fact e (Troelstra [1973a,3.4.18]). Some examples of of papers using or realizability are Some further further examples papers using or discussing discussing modified modified realizability are Dragalin[1968], van Oosten [1990], Scedrov and Dragalin[1968] , Diller[1980], Diller[1980], Grayson[1981b,1982], Grayson[1981b,1982], van Oosten [1990], Scedrov and Vesley [1983]. also 9.8 on Berger Berger and [1995], Berger, Berger, Schwicht Vesley [1983]. See See also 9.8 on and Schwichtenberg Schwichtenberg [1995], Schwichtenberg and Seisenberger [1997] enberg and Seisenberger [1997]..
4. D 4. erivation oof f tthe h e Fan Fan R ule Derivation Rule
This section section is is devoted devoted to to an an "indirect "indirect application" application" of of modified modified realizability: realizability: itit is is This shown from mrt.-realizability, may shown how how closure closure under under the the rule rule of of choice choice ACR, ACR, obtained obtained from mrt-realizability, may be combined combined with with the the (intrinsically (intrinsically interesting) interesting) notion notion of of "majorizable "majorizable functional" functional" be to Fan Rule. to obtain obtain closure closure under under the the Fan Rule. We can relative to We can define define the the so-called so-called majorizable majorizable functionals functionals relative to any any finite-type finite-type structure. They They are are introduced introduced via via aa relation relation of of majorization, majorization, defined defined as as follows. follows. structure.
435 435
Realizability Realizability
t* ut, to, t E a, a: t* ot := t* ;::: t, t* maj uxrt := Pot* maju Pot P1t* majr PIt, t* rut := Vy*y(y* majr y t*y* maj u ty, tOy). t E Maj := 3t* ut ("t Lemma. t* maj maj tt =v => t* t* maj maj t*. t* . L e m m a . t* Proof. Induction on on the the type type of of t.t. P r o o f . Induction + EE 0aOa by 4.2. define tt+ 4.2. Definition. Definition. For For each each tt EE 0a Oa we we define by induction induction on on the the structure structure of a. a. of + z, t(Sz)} t+ O == to, t+ (Sz) == max{t t(Sz)} for for aa == 0, 0, t+O tO, t+(Sz) max{t+z, := An.[Ay((An.tny)+n)] for a == a1a tt+ + := An.[Ay((An.tny)+n)] for a -a, a2, 2, + n)((An,P1(tn)) +n) for for aa - al a1 xx a2. a2 . = An.p((An.po(tn)) tt+ += )m.p((An.po(tn))+n)((An.pl(tn))+n) Lemma. F++ maj L e m m a . II/Vn f V n ~O (Fnmaj maj Gn), Gn), then then F maj G+, G +, G. G. Proof. a. Let Let Fn, P r o o f . We We use use induction induction on on a. Fn, Gn Gn E E a. a. Case (i) O. Almost Almost immediate. immediate. Case (i) a a =_ O. Case (ii) (ii) aa === ala2. a1a2 ' The yields Case The assumption assumption yields s* maj Fns* maj Fns, Gns Gns s* maj ss =~ Fns* maj Fns, for all nn EE IN. IN. By By the the induction for all induction hypothesis hypothesis we we have have + , (An.Fns), +, (An.Gns), (An.Fns*) (~n.Fns*) + + maj maj (An.Fns) ()m.Fns) +, (~n.Fns), (An.Gns) (~n.Gns) +, (~n.Gns), (1) Now nition of Now by by defi definition of F+, F +, G+ G + and and beta-conversion: beta-conversion: (An.Fns*) ( )m.Fns* ) + +kk = - F F+ +ks ks** + ks + k == FF+ks (An.Fns) (An.Fns)+k + ks (An.Gns)+k ()m.Gns)+k =G = G+ks If If n n ;::: _ m, m, we we obtain obtain from from (1) (1) +ns, FF+ms, +ns** maj +ms, Gms. +ms, Fms, +ns** maj FF+ns maj F F+ns, Fms, F F+ns maj G G+ms, Gms. + and F+n maj m, Fm, Since m, itit follows and from from this this F+n maj F F+m, Fm, G+m, G+m, Gm. Gm. Since n n ;::: _ m, follows that that FF ++ maj maj G G+ +,, G. G. Case Case (iii) (iii) a a - a1 al x x a a2. We are are given given Vn(Fnmaj Vn(Fn maj Gn), Gn), so so 2 . We Vn(pi(Fn) (i EE {0, {O, I}). Vn(pi(Fn) maj maj pi(Gn)) p,(Gn)) (i 1}). SO So we we have have Vn((An.pi(Fn))nmaj Vn((An.pi(Fn))n maj (An.Pi(Gn))n) (An.pi(Gn))n) and induction hypothesis and hence hence by by the the induction hypothesis (An,Pi(Fn)) ( ) m . p , ( f n)) + + maj maj (An,Pi(Gn)) (~n.pi(Gn)) ++,, An )m.pi(Gn). ,Pi(Gn). From m, ii EE {O, From this this we we obtain obtain for for n n ;::: > m, {0,1I}} +m, (An,Pi(Gn)) +n maj +m, (An.Pi(Gn))m, (An,Pi(Fn)) (~n.pi(Fn))+n maj (An,Pi(Fn)) ( ) m . p , ( f n))+m, (~n.pi(Gn))+m, (~n.p,(Gn))m, + n) maj +m), Pi(G +m), pi(Gm) Pi(F pi(F+n) maj Pi(F pi(F+m), p,(G+m), p,(Gm) and and therefore therefore hence hence F F+ + maj maj G G+ +,, G. G. 4.1. 4.1. Definition. Definition. t* maj maj ~t, for for t*, t E a, is is defined defined by by induction induction on on a: maj t*maj0t "=t*_t, /\ Pl t* majr Pit, t* maj ~xrt "= pot* maj~ pot A t* maj maj ~ t "= Vy*y(y* maj~ y -+ ---* t'y* maj~ ty, t'y). Furthermore we we put put Furthermore maj ~t ("t is is majorizable"). majorizable" ). t E Maj "- 3t* maj
==
==
=>
==
436 436
A.S. Troelstra
4.3. Let all all free 1; then then there 4.3. Proposition. P r o p o s i t i o n . Let free variables variables in in tt E T ~" be be of of type type 00 or or 1; there is is aa term t* E T with t* maj term t* with FV(t*) FV(t*) C C FV(t) FV(t),, such such that that HAw H A WfF t* maj t*, t*, t. t.
Proof. P r o o f . For For each each constant constant or or variable variable of of type type 00 or or 11 of of HAw H A W (c (cT~ say say)) we we show show that that there c. there is is aa c* c* E T with with c* c* maj maj~T c. maj 0, 0, S S maj maj S S are are immediate; immediate; ((a) a) 00 maj o for yyll define +; maj x x~ ; for define y* y* by by recursion recursion as as yy+; ((b) b ) Xx O~maj ((c) c) k k maj maj k, k, ss maj maj s, s, p p maj maj p, p, po P0 maj maj po P0,, Pl Pl maj maj Pl Pl;; ((d) d ) If rOts = If rr is is the the recursor recursor with with rOts = tt etc., etc., take take rr** := rr + +.. 4.4. Theorem. 4.4. T h e o r e m . (Fan (Fan Rule) Rule) Let Let A A be be a a formula formula of of HAW H A W containing containing only only variables variables of of types 0 0 or or 1i free, free, then then HAw H A WfF \fa�,B3n Vc~_ =~ HAw H A WfF 3m 3 m \fa�,B3n�m Y a < ~ 3 n < m A(a, A(a, n) n),, types
where ,B := \fm(an � ,Bn) . where a ~ � "x.B (B ( B any any formula) formula) we we can can formulate formulate Instead the V as the axiom axiom for for second-order second-order ~/as
VX.A VX.A --+ --+ A[X/)~x.B] A[Xj>..x .B] A[Xj >..x .B] isis obtained obtained from from A A by by replacing replacing every every occurrence occurrence of of XXt by B[x/t]. B[xjt] . where A[X/)~x.B] where t by
Alternatively, Alternatively, we we restrict restrict the the V2-axiom ' ,.. .. .. ,, Xn A'n iiss defined defined as as (Xl (X1 xx .... Xn-1) A'n. A n. - l) Xx X We use use calligraphic calligraphic capitals capitals X A',, Y, y , ... .. . for for O-sets. m-sets. 0 [] We
Ext t =x t.5 O-product ' (x, "," (x', n
(x '" x')
Examples. Examples. 0 ~ itself itself may may be be viewed viewed as as an an O-set ~-set (0, (~, t+) ~ ) where where X X t+ ~ Y Y is is defined defined as in in 7.8. 7.8. Another Another example example is is N Af := (IN, (IN, = ~ ) , where where n = ~ m := {n} n N {m} m} as {n 9n - m m }} . .
=IN),
{n : n =
n =IN := {n} {
8.5. D e f i n i t i o n . Let Let X A' == - (X, (X, "' ~)) be be an an O-set ~2-set and and F F :: X 8.5. Definition. X
-+)
~t aa map. map. We We put put 0
:= n (Fx Ex), a e p l ((FF)) := := n ~ (Fx (Fx /\ Ax x '" ~ Yy --+ Fy) Fy).. Repl An O-predicate ~-predicate on on X A' is is an an F F :: X X --+ 0 ~ such such that that Strict Strict(F) and Repl Repl(F) are An ( F ) and ( F ) are belong to ) . An -relation on inhabited inhabited ((belong to 0* ~*). An 0 m-relation on X X l1,, .. .. .., , Xn A'n is is an an O-predicate gt-predicate on on Xl A'I x Xn If (X (X xx Y, the product product of of the the gt-sets O-sets (X, If Y,~)) is is the (X, =x) (]1, =y), = y ) , and F :: X = ) and and (Y, and F X xx Strict Strict(F) ~ Ex), ( F ) := A (Fx --+ xEX xEX
--+
x,yEX x,yEX
.9 ... •
Y Y
X
X , ~ n .
.
-+~ ~, 0,
--+
"'
x
we we define define
=y := n (F(x, F(x, Total ( F ) := := N(E n(Ex UF( Total(F) UF(x,, y)). An ~-function O-function from from A' X to to yY isis an an FF : X X xx YY --+ ~0 such such that that Strict(F), Strict ( F ) , aRepl An e p l ((FF) ), , Fun ( F ) Fun(F)
z) y) A /\ F(x, z) z) ~--+ yy =y z) := N (F(x, y) x~y~z x ,y,z
x
x
--+
y
y
:
--+
are inhabited. inhabited. The The definition definition of of ~-function O-function for for more more than than one one Fun ( F ) , Total(F) Total ( F ) are Fun(F), argument argument isis reduced reduced to to this this case case via via products products of of m-sets. O-sets. []0
interpretation [ ] with equality equality =~ =u anan ~-set O-set ~a] [a] -== (9,( a l , ... .. ,. a, ak k . .11 Suppose Suppose }LL FL A. by theorem theorem 2.4, 2.4, there there is is a a fi finite L-model -) in A is {W, R, R, 11IF-) in which which A is not not valid. valid. We We may may assume assume that that W W = = {I, { 1 , .. .. .., , l}, l}, 11 is is the the (W, root, and and 11 � ~ AA.. We We defi define new frame frame (W', R'):: root, ne aa new (W', R') w ' ==w W u { oU} {O} , , W' R' == R {(O, w) II W E wW} n' R uU {(o, }. . Observe that is aa finite Observe that {W', (W', R') R') is finite L-frame. L-frame. We are : w -+ W' (with (with embed this frame into T by means of of aa function We are going going to to embed this frame into T by means function h h :w -+ W' the nonnegative for each W E9W', which assert nonnegative integers) integers) and and sentences sentences Limw Lim~,, for each w W', which assert that that w the the limit limit of of h. h. This This function function will will be be defined defined in in such such aa way that aa basic basic lemma lemma 3.2 3.2 w way that W isis the holds about about the the statements statements that that TT can can prove prove about about the the sentences sentences Lim~. Limw . These These holds statements are are tailored tailored to to prove the next next lemma lemma 3.3 3.3 that that expresses that provability provability statements prove the expresses that in TT behaves behaves for the relevant relevant formulas formulas on on the the Kripke-model Kripke-model in in the the same same way as the the in for the way as D . This This will will allow us to to conclude conclude the the proof. proof. operator [:]. modal allow us modal operator 3.2. emma. 3.2. LLemma.
V {Limr I r E W'} ,
proves that that hh has has aa limit limit in in W W'' , , i.e., i. e. , TT Ff- V (a) TT proves (a)
f- -1 (Lim~ (b) (b) IfIf wW ~-=f:. u, U, then then TT F(Limw h1\ Limu), Limu), ...,
{Limr I r 9 W'},
R' u, u , then then TT ++ Lim~ Limw proves proves that that TT F}L ~..., Limu, Limu , (c) (c) IfIf wW R' then TT ++ Lim~ Limw proves proves that that TT Ff- ~ ..., Lim~, Limu , and not not wW R' R' u,u, then (d) (d) IIff wW ~-=f:. 0° and
1 We will will use use italic italic capital capital letters letters for for modal-logical modal-logical formulas formulas and and Greek Greek letters letters for for arithmetic arithmetic 1We sentences and and formulas, formulas, except except that that we we will will use use Roman Roman letters letters for for descriptive descriptive names names like like "Proof". "Proof" . sentences
482 482
G. Japaridze and D. de Jongh
e) Lim0 Limo is is true, true, ((e) For each each ii Ee W', W', Limi Limi is is consistent with T. T. f) For consistent with ((f) We We now now define define aa realization realization '* by by setting setting for for each each propositional propositional letter letter P Pi, i, p*= W{Lim~ IweW, wlF-pi}.
This This pi p~. will will then then function function as as the the above-mentioned above-mentioned O!i hi.. 3.3. 3.3. Lemma. L e m m a . For For any any w w E~ W W and and any any L-formula L-formula B, B, - B, then ((a) a) if if w w lfI~-B, then T T + + Limw Lim~ fF B' B*,, b) if B, then then T if w wW P~B, T + + Limw Lim~ fF, ~ B' B*.. ((b) Proof. induction on atomic, then a) is Proof. By By induction on the the complexity complexity of of B. B. If If B B is is atomic, then clause clause ((a) is evident, and b) is ( b) . The evident, and clause clause ((b) is also also clear clear in in view view of of lemma lemma 3.2 3.2(b). The cases cases when when B B is is aa Boolean combination combination are So, only DC will Boolean are straightforward. straightforward. So, only the the case case that that B B is is [:]C will have have to be considered. to be considered. a) Assume DC. Then, If-C. By Assume that that w w lfl~-[:]C. Then, for for each each W/ w ' eE W W with with w w RRww' ' , , w' w'l~-C. By ((a) induction hypothesis, hypothesis, for for each such w' w',, T T+ + Limw' Lim~, fF C' C*,, and and this this fact fact is is then then provable provable induction each such in T. T. On On the hand, by by lemma 3.2(a) in T T itself itself)) and and ((c), T+ + Limw Limw the other other hand, lemma 3.2 ( a) ((proved proved in c) , T in ' proves R' w } . Together { Limwl II w proves that that T T fF V W{Lim~, wR'w'}. Together this this implies implies that that T T proves proves that that T DC)" . T fF- C" C*,, i.e., i.e., T T fF- ((C]C)*. b ) Assume DC. Then, W with w', w Assume that that w wW P~c]C. Then, for for some some w' w ' eE W with W w R' R'w', w '' ~WCC. . ((b) ,C" , i.e., -+ ,Limw' . By By hypothesis, T By induction induction hypothesis, T+ + Limw' Lim~, f~-~C*, i.e., T T fF C" C*--+-~Lim~,. By the the sec second ( c) implies (DC)' ond HBL-condition, HBL-condition, T T f~-(C IV)* -+ --+ Pr PrT(-~Lim~). But lemma lemma 3.2 3.2(c) implies that that T ( ,Limw ) . But --I ,(DC) " . T ,PrT ( ,Limw ) ' i.e., T+ + Limw Limw fF--~PrT(-~Lim~), i.e., T T+ + Limw Lim~ fF-~([:]C)*. -~
w IF-B" Observe If- B" f-+ Observe by by the the way way that that lemma lemma 3.3 3.3 expresses expresses that that T T+ + Limw Limw fF ""w ~ B' B*.. Assuming lemma 3.2 we can now complete the proof of theorem Assuming lemma 3.2 we can now complete the proof of theorem 1.1. By By the the construction construction of of the the Kripke-model, Kripke-model, 1 1f-,A. IF--~A. By By lemma lemma 3.3, 3.3, T T+ + Lim Liml! fF ,A" -~A*.. Since, Since, --I ( f) , T by by lemma lemma 3.2 3.2(f), T+ + Lim! Liml is is consistent, consistent, T TY lz A' A*.. -~
Our remaining duties ne the Our remaining duties are are to to defi define the function function h h and and to to prove prove lemma lemma 3.2. 3.2. The The recursion recursion theorem theorem enables enables us us to to define define this this function function simultaneously simultaneously with with the the sentences sentences for each Limw Limw ((for each w w eE W') W~),, which, which, as as we we have have mentioned mentioned already, already, assert assert that that w w is is the the limit limit of of h. h. 3.4. Solovay function 3.4. Definition. Definition. ((Solovay function h) h) We (O) = We define define hh(0) = O. 0. If If x x is is the the code code of of aa proof proof in in T T of of ,Limw -~Limw for for some some w w with with h(x) h(x) R R w, w, then then h(x h(x + + 1) 1) = =w w.. Otherwise, = h(x) Otherwise, h(x h(x + + 1) 1)= h(x)..
It It is is not not hard hard to to see see that that h h is is primitive primitive recursive. recursive. f) , we Proof case below, below, except e) and P r o o f of of lemma l e m m a 3.2. 3.2. In In each each case except in in ((e) and ((f), we reason reason in in T. T.
483 483
The Logic of Provability
By induction induction on on the For end end nodes nodes w w ((i.e., the ones ones with with no no R Ra) By the nodes. nodes. For i.e., the ((a) successors h(y) = successors),) , it it can can be be proved proved that that T T IF- "Ix Vx (h(x) (h(x) = =w ~ -+ --+ Vy Vy � >t x x h(y) - w) ~) by by induction induction on -+ Limw on x x,, and and hence hence T T IF ::Ix 3x h(x) h ( x ) -= w ffJ--+ Limw.. Next, Next, it it is is easily easily seen seen that, that, if if for for all all ' w successors h(x) = Limw" II w' } , then successors w' of of a a node node w w,, T T IF- ::Ix 3x h(x) = w' ~' -+ -+ V V {{Lim~,, T ' -= w" w" V v w' w' R R w" w"}, then T Limwl II w WR ( x) = T IF ::Ix 3x h h(x) = w ~ -+ --+ V V {{Lim~, w= = w' w' V vw R W/}. w'}. Therefore, Therefore, this this will will hold hold for for w w= = 0, 0, which a) . which implies implies ((a). cannot have have two two different different limits w and and u u.. ((b) b) Clearly Clearly hh cannot limits w Assume w w is is the the limit limit of o f hh and and w wR Let n n be be such such that that for for all all x x /� > nn, , c) Assume R'~u. u . Let ((c) h(x) Limu . Deny h(x) = - w w.. We We need need to to show show that that T T� )z _~Limu. Deny this. this. Then, Then, since since every every provable provable formula has has arbitrarily arbitrarily long there is is x x/> n such such that that x x codes proof of of ...,Limu --Limu;; �n codes aa proof formula long proofs, proofs, there h(x + 11)) -= u, which, which, as but then, according definition 3.4, but then, according to to definition 3.4, we we must must have have h(x as u u =I~ w w by irreflexivity irreflexivity of of R') R'),, is is a a contradiction. contradiction. ((by since d ) Assume =I- 0, 0, w w is Assume w w-7(: is the the limit limit of of h h and and not not WR' wR' u. If If u u= = w w,, then then ((since ((d) w 0) there h(x + w =I~= 0) there exists exists an an x x such such that that h(x + 11)) ==ww and and hh(x) ( x ) r=I- w w.. Then Then x x codes codes aa =I- w proof .., Limw is proof of of ..., -, Limw Lim~ and and .--Lim,o is provable. provable. Next Next suppose suppose u u-7(: w.. Let Let us us fix fix a a number number with h h (( zz )) -=ww . . Since Since h h is is primitive primitive recursive, recursive, T T proves proves that that h h (( zz )) -= w w.. Now Now zz with since uu is the limit (z) = number xx argue argue in in T T + + Limu Lim~:: since is the limit of of h h and and h h(z) =w w =I~ u u,, there there is is a a number with � zz such h(x + 1) 1) == u. This with x x/> such that that h(x) h(x) =I~ u u and and h(x This contradicts contradicts the the fact fact that that not not (w = = )h(z)R' )h(z)R' u, Thus, Thus, T T + Lim~ is inconsistent, i.e., i.e., T T IF -1Lim~. (w is inconsistent, Limu . + Limu e ) By a) , as sound, one true. Since Since for By ((a), as T T is is sound, one of of the the Limw Limw for for w w Ee W' W' is is true. for no no w w ((e) do d) means implies in do we we have have wR'w, wRiT, ((d) means that that each each Limw Lim~,, except except Limo Lim0,, implies in T T its its own own T-disprovability Consequently, Lim0 Limo is T-disprovability and and therefore therefore is is false. false. Consequently, is true. true. e) , ((c) -j-I c ) and By ((e), and the the soundness soundness of of T. T. ((f) f) By ...,
...,
's second To To repeat repeat the the statement statement of of Solovay Solovay's second arithmetic arithmetic completeness completeness theorem theorem 1.2): ((theorem theorem 1. 2) : I-[- ss A A iff iff IN IN F ~ A' A* for for all all arithmetic arithmetic realizations realizations '*.. Proof Since the DA -+ principles and P r o o f of of theorem t h e o r e m 1.2. 1.2. Since the [:]A --+ A A are are reflection reflection principles and these these are are true sound theory, soundness part true for for a a sound theory, the the soundness part is is clear. clear. So, So, assume assume � jz ss A. A. Modal Modal completeness see definition completeness of of S S then then provides provides us us with with an an A-sound A-sound ((see definition 2.5 2.5)) model model in in which which A A is is not not forced forced in in the the root. root. We We can can repeat repeat the the procedure procedure of of the the proof proof of of the the which we first first completeness completeness theorem, theorem, but but now now directly directly to to the the model model itself itself ((which we assume assume to to have root 0) lemmas 3.2 But have a a root 0) without without adding adding a a new new root, root, and and again again prove prove lemmas 3.2 and and 3.3. 3.3. But this time lemma 3.3 this time we we have have forcing forcing also also for for 00 and and we we can can improve improve lemma 3.3 to to apply apply it it also also to to w w= - 0 ,0, at at least least for for subformulas subformulas of of A. A. b ) -part of The The proof proof of of the the ((b)-part of that that lemma lemma can can be be copied. copied. With With respect respect to to the the Then, for restricting again again to to the the D-case, [:]-case, assume assume that that 00 IIIF- DC. [:]C. Then, for each each w w Ee W W ((a)-part, a) -part, restricting with 0, w the A-soundness A-soundness of with w w =I:/: 0, w II-C. I}-C. But But now, now, by by the of the the model, model, C C is is also also forced forced in in the the root O. By induction hypothesis, ( a) root 0. By the the induction hypothesis, for for all all w w Ee W W,, T T + + Limw Lim~ It- C' C*.. By By lemma lemma 3.2 3.2(a) DC) ' and then then T T IF C' C*,, so, so, T T I[- (([:]C)* and hence hence T T IF Limo Lim0 -+ -+ ((C]C)*. DC) ' . Applying Applying the the strengthened strengthened version version of of lemma lemma 3.3 3.3 to to w w= = 00 and and A, A, we we obtain obtain -j T lemma 3.2 ). T IF Limo Lim0 -+ --+ ..., -1 A' A*,, which which suffices, suffices, since since Limo Lim0 is is true true ((lemma 3.2). -~
484 484
G. Japaridze and D. de Jongh
4. Fixed 4. F i x e d point p o i n t theorems theorems
For the the provability provability logic logic L L aa fixed fixed point point theorem theorem can can be be proved. proved. One One can can view view For 's diagonalization Godel lemma as stating that theories the GSdel's diagonalization lemma as stating that in in arithmetic arithmetic theories the formula formula -,Op ~ [::lp ' s proof has has aa fixed fixed point: point: the the Godel GSdel sentence. sentence. Godel GSdel's proof of of his his second second incompleteness incompleteness theorem effectively consisted of theorem effectively consisted of the the fact fact that that the the sentence sentence expressing expressing consistency, consistency, the the arithmetic 0 1.. is provably equivalent point. Actually arithmetic realization realization of of ~[::lJ_, is provably equivalent to to this this fixed fixed point. Actually this fact fact is is provable provable from from the the principles principles codified codified in in the the provability provability logic logic L, L, which which this means L. This means then then that that it it can can actually actually be be presented presented as as aa fact fact about about L. This leads leads to to aa rather rather general xed point general fi fixed point theorem, theorem, which which splits splits into into aa uniqueness uniqueness and and an an existence existence part. part. It It concerns formulas A A with with aa distinguished variable p p that that only only occurs occurs distinguished propositional propositional variable concerns formulas boxed A, i.e., in A DB of boxed in in A, i.e., each each occurrence occurrence of of p p in A is is part part of of aa subformula subformula [::IB of A. A. -,
,
q
44.1. . 1 . Theorem. Uniqueness of T h e o r e m . ((Uniqueness of fixed fixed points points)) If If p p occurs occurs only only boxed boxed in in A(p) A(p) and and q L c:J ((p t-t not occur does not occur at at all all in in A(p) A(p),, then then iF-L E]((p ~ A(p)) A(p)) 1\ ^ (q t-t +-~A(q)) A(q)) -+ ~ (p (p t-t ++ q). does
(q
q).
If L B t-t If p p occurs occurs only only boxed boxed in in A(p) A(p),, and and both both iF-LB +-~A(B) A(B) and and t-L C C t-t ++ A(C) A(C),, then then iF-L B t-t ~ C. C. i-L LB
4.2. 4.2. Corollary. Corollary.
4.3. Theorem. Existence of xed points 4.3. T h e o r e m . ((Existence of fi fixed points)) If If p p occurs occurs only only boxed boxed in in A(p) A(p),, then then there there
exists containing pp and otherwise containing exists aa formula formula B, B, not not containing and otherwise containing only only variables variables of of A(p) A(p),, such such that that iF-L LB B t-t ~ A(B) A (B)..
After original proofs see Sambin After the the original proofs by by de de Jongh Jongh and and Sambin Sambin ((see Sambin [1976] [1976],, Smorynski Smoryfiski r st proof [1978,1985] [1978,1985], and, and, for for the the fi first proof of of uniqueness, uniqueness, Bernardi Bernardi [1976]) [1976]) many many other, other, ' different, different, proofs proofs have have been been given given for for the the fixed fixed point point theorems, theorems, syntactical syntactical as as well well as as semantical ones, the latter e.g., semantical ones, the latter e.g., in in Gleit Gleit and and Goldfarb Goldfarb [1990j [1990].. It It is is also also worthwhile worthwhile which can to 4.3 follows theorem 4.1 to remark remark that that theorem theorem 4.3 follows from from theorem 4.1 ((which can be be seen seen as as aa kind kind of of ' s definability theorem that holds for implicit nability theorem implicit defi definability theorem)) by by way way of of Beth Beth's definability theorem that holds for L. L. The The latter latter can can be be proved proved from from interpolation interpolation in in the the usual usual manner. manner. Interpolation Interpolation can can 's consistency be standard manner manner via be proved proved semantically semantically in in the the standard via aa kind kind of of Robinson Robinson's consistency see Smoryfiski Smorynski [1978]), syntactically in lemma lemma ((see [197S]), and and syntactically in the the standard standard manner manner by by cut cutSambin and elimination calculus formulation elimination in in aa sequent sequent calculus formulation ofL ofL ((Sambin and Valentini Valentini [1982,1983]). [1982,1983]). In In an an important important sense sense the the meaning meaning of of the the fixed fixed point point theorem theorem is is negative, negative, namely namely in in the the sense sense that, that, if if in in arithmetic arithmetic one one attempts attempts to to obtain obtain formulas formulas with with essentially essentially new properties by new properties by diagonalization, diagonalization, one one will will not not get get them them by by using using instantiations instantiations of of purely except once Godel sentence, purely propositional propositional modal modal formulas formulas ((except once of of course: course: the the GSdel sentence, or or the ) . That the sentence sentence Lob LSb used used to to prove prove his his theorem theorem). That is is one one reason reason that that interesting interesting fixed see section fixed points points often often use use Rosser-orderings Rosser-orderings ((see section 9). 9). 5 theories 5.. Propositional Propositional t h e o r i e s and a n d Magari-algebras Magari-algebras
A usually in A propositional propositional theory theory is is aa set set of of modal modal formulas formulas ((usually in aa finite finite number number of of closed under under modus but propositional propositional variables variables)) which which is is closed modus ponens ponens and and necessitation, necessitation, but
Logic of of Provability The Logic
485 485
not necessarily necessarily under under substitution. substitution. not We We say say that that such such aa theory theory is is faithfully interpretable in in PA, PA, if if there there is is aa realization realization such that that T = - {A { A II P A fF A*} A*}.. (This (This is isan adaptation of of definition definition 111.1 to the the modal modal ** such PA an adaptation 1 . 1 to propositional language.) language.) Each Each sentence sentence a a of of PA P A generates generates aa propositional propositional theory theory propositional which is is faithfully faithfully interpretable interpretable in in PA, PA, namely namely Tha Th~ = = {A(p) {A(p) II PA P A fF A*( A*(ra'~)}. Of a "' ) } . Of which course, this this theory theory is is closed closed under under L-derivability: L-derivability: it it is is an an L-propositional theory. course, A question question much much wider wider than than the the one one discussed discussed in in the the previous previous sections sections is, is, which which A L-propositional theories theories are are faithfully faithfully interpretable interpretable in in PA P A and and other other theories. This L-propositional theories. This question was was essentially essentially solved solved by by Shavrukov Shavrukov [1993b] [1993b]:: question
5.1. e. L-propositional theory TT is faithfully interpretable in PA 5.1. Theorem. T h e o r e m . An r. r.e. PA iff TT is consistent and and satisfies the e., oA the strong strong disjunction disjunction property property (i. (i.e., DA E~ T T implies A E~ T, T, and oA DA V V OB DB E~ T T implies OA DA E~ T T or OB DB E~ T) T).. A Note that that faithfully faithfully interpretable interpretable theories theories in in aa finite finite number number of of propositional propositional Note variables are are necessarily necessarily r.e. r.e. The The theorem theorem was was given given aa more more compact compact proof proof and and at at the the variables same time time generalized generalized to to all all r.e. r.e. theories theories extending extending IAo + EXP EXP by by Zambella [1994].. lao + Zambella [1994] same If one one applies applies the the theorem theorem to to the the minimal minimal L-propositional L-propositional theory, theory, an an earlier earlier proved proved If 's theorem strengthening of of Solovay Solovay's theorem (Artemov (Artiimov [1980] [1980],, Avron [1984], Boolos Boolos [1982] [1982], strengthening Avron [1984] ' ' Montagna [1979], [1979], Visser Visser [1980]) [1980])rolls out. Montagna rolls out.
5.2. (Uniform 5.2. Corollary. Corollary. (Uniform arithmetic arithmetic completeness completeness theorem) theorem) There exists a sequence of arithmetic sentences So, ao, aI , . . . such that, for any n and modal for of arithmetic O/1,... formula AA(p0,... (p , . . . ,,pn), LA iff, under the arithmetic realization ** induced by setting Pn ) , fF LA p� = a~ n, , A* p~) = ao, c~0,..., A* is provable in PA. PA. P · · · , p* o= o
Sets of of modal modal formulas formulas that that are are the the true true sentences sentences under under some some realization realization are Sets are closed under under modus modus ponens, ponens, but but not necessarily under such sets sets are are closed not necessarily under necessitation; necessitation; such generally not not propositional above sense. sense. Let Let us us call call aa set set T of modal T of modal generally propositional theories theories in in the the above formulas realistic if if there exists a a realization such that that A A** is true, for every A A E~ T. there exists realization ** such is true, for every T. formulas Moreover, say that that T well-specified if, if, whenever A eE T and B B is of Moreover, we we say T is is well-specified whenever A T and is aa subformula subformula of A, we also have T or [1997] result that that generalizes generalizes .B Ee T. T. Strannegard A, we also have B B Ee T or -~B Strannegs [1997] proves proves aa result both arithmetic completeness completeness theorem. We give give aa both theorem theorem 5.1 5.1 and and Solovay's Solovay 's second second arithmetic theorem. We weak but easy to version of of it. weak but easy to state state version it.
Let TT be a well-specified well-specified r.e. r.e. set set of of modal formulas. Then TT is modal formulas. realistic T is with S. S. realistic iff iffT is consistent consistent with
5.3. 5.3. Theorem. Theorem.
An even more more general general point point of of view view than than propositional propositional theories theories is look at at the the An even is to to look Boolean algebras algebras of of arithmetic arithmetic theories theories with with one one additional additional operator operator representing representing Boolean formalized provability provability and, and, more more specifically, specifically, at at the the ones ones generated generated by by aa sequence sequence of of formalized sentences in in the the algebras of arithmetic. arithmetic. The The algebras can be be axiomatized sentences algebras of algebras can axiomatized equationally equationally and and are are called called Magari-algebras Magan-algebras (after (after the the originator originator R. R. Magari) Magari) or or diagonalizable diagonalizable algebras. Of Of course, course, theorem theorem 5.1 5.1 can can be be restated in terms terms of of Magari-algebras. Magari-algebras. algebras. restated in Shavrukov beautiful and and essential essential additional additional results results concerning concerning the the Shavrukov proved proved two two beautiful
486 486
G. Japaridze Japaridze and D. de Jongh
Magari-algebras of of formal formal theories theories that cannot naturally naturally be be formulated formulated in in terms terms Magari-algebras that cannot of theories. of propositional propositional theories.
5.4. Theorem. PA 5.4. T h e o r e m . (Shavrukov (Shavrukov [1993a]) [1993a]) The Magari algebras algebras of o/P A and ZF ZF are not isomorphic, and, in fact not elementarily equivalent (Shavrukov ). (Shavrukov [1997] [1997]). F proves The The proof proof only only uses uses the the fact fact that that Z ZF proves the the uniform uniform 2: El-reflection principle 1 -refiection principle A. AA corollary for for P PA. corollary of of the the theorem theorem is is that that there there is is aa formula formula of of the the second second order order propositional propositional calculus calculus that that is is valid valid in in the the interpretation interpretation with with respect respect to to PA, PA, but but not not in the the one one with with respect respect to to ZF. Beklemishev [1996b] [1996b] gives gives aa different different kind kind of of example example ZF. Beklemishev in of theories PA ID.o + EXP. of such such aa formula formula for for the the two two theories PA and and IA0 EXP. 5.5. the Magari algebra 5.5. Theorem. T h e o r e m . (Shavrukov (Shavrukov [1997]) [1997]) The first order theory of o/the algebra of o/
PA PA is undecidable.
Japaridze Japaridze [1993] [1993] contains contains some some moderately moderately positive positive results results on on the the decidability decidability of of certain certain fragments fragments of of (a (a special special version version of) of) this this theory. theory. 6. h e extent e x t e n t of o f Solovay's S o l o v a y ' s theorems theorems 6. T The
's theorems An An important important feature feature of of Solovay Solovay's theorems is is their their remarkable remarkable stability: stability: aa wide wide class class of of arithmetic arithmetic theories theories and and their their provability provability predicates predicates enjoys enjoys one one and and the the same same L. Roughly, provability provability logic logic L. Roughly, there there are are three three conditions conditions sufficient sufficient for for the the validity validity of of 's results: Solovay the theory theory has be ((a) a) sufficiently (b) recursively recursively enu Solovay's results: the has to to be sufficiently strong, strong, (b) enu' s derivability merable (a predicate satisfying derivability conditions merable (a provability provability predicate satisfying Lob Lhb's conditions is is naturally naturally constructed from constructed from aa recursive recursive enumeration enumeration of of the the set set of of its its axioms) axioms),, and and (c) (c) sound. sound. Let Let us us see see what what happens happens if if we we try try to to do do without without these these conditions. conditions. The The situation situation is is fully fully investigated investigated only only W.Lt. w.r.t, the the soundness soundness condition. condition. Consider Le. theory Consider an an arbitrary arbitrary arithmetic arithmetic r.e. theory T T containing containing PA PA and and aa 2: 211 provability provability defined as predicate predicate Pr PrT(x) for T. T. Iterated consistency assertions for for T T are are defined as follows: follows: T (x) for Con~
:= T;
Con~+l(T):= Con(T + Conn(T)),
n (T) is ' ) . In where, rp) stands where, as as usual, usual, Con(T Con(T + + ~) stands for for -, ~ Pr PrT(r-~ ~7). In other other words, words, Con Conn(T) is T ( rp realization of modal formula (up to to provable provable equivalence) equivalence) the the unique unique arithmetic arithmetic realization of the the modal formula (up n (T) is n+ ! (T) is n .1. We [:]n_l_. We say say that that T T is is of of height n if if Con Con n (T) is true true and and Con Conn+l(T) is false false in in the the -, O standard model. If standard model. If no no such such n exists, exists, we we say say that that T T has has infinite height. In In aa sense, sense, theories theories of of finite finite height height are are close close to to being being inconsistent inconsistent and and therefore therefore can considered as can be be considered as aa pathology. pathology. The The inconsistent inconsistent theory theory is is the the only only one one of of height height O. All All 2: infinite height, 0. El-SOund theories have have infinite height, but but there there exist exist 2: El-Unsound theories 1 -sound theories 1 -unsound theories n of infinite height. of infinite height. The The theory theory T T+ + ~ Con Con ~(T) (T) is is of of height height n, if if T T has has infinite infinite height. height. Moreover, Moreover, for for each each consistent consistent but but 2: El-Unsound theory T T and and each each n > 0, 0, one one can can 1 -unsound theory construct aa provability construct provability predicate predicate for for T T such such that that T is is precisely precisely of of height height n with with respect respect to to this this predicate predicate (Beklemishev (Beklemishev [1989a]). [1989a]). -,
-,
The Logic of o.f Provability
487 487
Let us us call call the provability of T T the the set set of of all all modal formulas A A such such that that provability logic of modal formulas Let T f-F (A)r, arithmetic realizations realizations •* with (A)~,, for for all all arithmetic with respect respect to to Pr PrT. The truth provability T . The the set set of of all all A A such such that that (A)r (A)~, is is true true in in the the standard model, for for all all logic of TT isis the standard model,
realizations realizations *. • .
6.1. T h e o r e m . (Visser (Visser [1981]) [1981]) For an r. r.e. PA, the 6.1. Theorem. e. arithmetic theory TT containing containing PA, provability logic ofT of T coincides with 1. L, L, if T 1. T has infinite height, n 1- f-F LA}, 2. {A 1I O 2. {A D~-lLA}, if T T is of of height 00 ::;; m ;;?! >/1, The logic logic can can be be axiomatized axiomatized over over CS CS by by the the mono monotonicity axiom nn > 1 , etc. etc. The tonicity axiom D A -+ --+ 6A AA and and the the schema schema oA 6(05 /x(Ds -+ + 5) s),,
where (possibly empty DB and where 5 S is is an an arbitrary arbitrary (possibly empty)) disjunction disjunction of of formulas formulas of of the the form form [-qB and 6B.3 AB.a The exive (see The second second one one corresponds corresponds to to III-essentially II~-essentially refl reflexive (see definition definition 12.3 12.3)) exten extensions theories of bounded arithmetic arithmetic complexity PRA) sions of of theories of bounded complexity such such as as e.g., e.g., (lAo (IAo + + EXP, EXP, P RA),, (IN., I� R (I�n, �tl) for 1 , where I�k but IN.+1) for n n ;;?! >/1, where I� IN~� is is defined defined like like I~k but with with the the induction induction for rule. The for �k-formulas 2k-formulas formulated formulated as as aa rule. The corresponding corresponding provability provability logic logic can can be be axiomatized CSM -essential reflexivity schema axiomatized over over C S M by by the the III IIl-essential schema 6A -+ ( 0 (A -+ -+ 5), AA ~ 6 A(O(A --+ 5) S)--+ S),
where before. where 5 S is is as as before. We Beklemishev [[1994]). 1994]) . The We also also know know two two natural natural provability provability logics logics of of type type A A ((Beklemishev The first first system system corresponds corresponds to to pairs pairs of of theories theories (T, (T, U) U) such such that that U is is an an extension extension of of T T by -sentences and consistency of T, such by finitely finitely many many III IIl-sentences and proves proves w-times-iterated w-times-iterated consistency of T, such as as etc. This This logic logic can ( ZF )) , ((IE1, I�b I�l ( I�2 )) ' etc. e.g., pairs (PA, (PA, PA e.g., the the pairs PA + + Con Con(ZF)), IE1 + + Con Con(IE2)), can be be axiomatized axiomatized over over CSM C S M by by the the principle principle (P) (P)
6A AA -+ --+ 0 [::1(6.1 (A_I_ V v A), A),
valid valid for for all all III-axiomatizable 1-Ii-axiomatizable extensions extensions of of theories, theories, together together with with the the schema schema A-~ nn_L,
n/> 1.
3In the following, monotonicity axiom will following, CS CS together together with the monotonicity will be denoted CSM. CSM.
494 494
C. G. Japaridze and D. de Jongh
The second The second system system corresponds corresponds to to reflexive reflexive II IIl-axiomatizable extensions of of theories, theories, I -axiomatizable extensions n (PA) I[ nn/>� I}), such as as e.g., e.g., (PA, (PA, PA PA + + {Con {Conn(PA) 1}), (I�I, (IIE1, I]E1 + {Con(IEn) {Con(IIEn) I[ n � >i I1}). It I�l + } ) . It such CSM (P) by can can be be axiomatized axiomatized over over C S M plus plus (P) by the the reflexivity axiom axiom 6A A A --7 ~ 60A. AOA.
Finally, Finally, we we know know by by Beklemishev Beklemishev [1996a] [1996a] aa natural natural system system of of type type L that that corresponds corresponds to to finite finite extensions extensions oftheories of theories of of the the form form (T, (T, T T+ + A) A),, where where both both T T+ + cp ~o and and T T+ + -~ cp ~o are conservative conservative over over T T with with respect respect to to Boolean of El-sentences. ~l-sentences. are Boolean combinations combinations of � 11,, and Examples (PRA, I�l) I�n) ' for Examples of of such such pairs pairs are are (PRA, I]E1),' (I��, (IIE~,I~En), for n n/> and others. others. The The logic CSM logic is is axiomatized axiomatized over over C S M by by the the 8(EI)-conservativity B(P~l)-conservativity schema schema --,
6B --7 AB ~ DB, [::]B,
where where B B denotes denotes an an arbitrary arbitrary Boolean Boolean combination combination of of formulas formulas of of the the form form DC [::]C and and 6C. AC. The six six bimodal bimodal logics logics described described above above essentially essentially exhaust exhaust all all nontrivial nontrivial cases cases The for which natural natural provability logics have been characterized. for which provability logics have explicitly explicitly been characterized. It It is is worth worth mentioning that all mentioning that all these these systems systems are are decidable, decidable, and and aa suitable suitable Kripke-style Kripke-style semantics semantics is them. Smoryfiski Smorynski [1985] is known known for for each each of of them. [1985] contains contains an an extensive extensive treatment treatment of of three arithmetic PRLpA,zF including including proofs proofs of of three arithmetic completeness completeness theorems theorems due due to to Carlson. Carlson. PRLpA,ZF These [1997] These theorems theorems are are extended extended by by Strannegiird Strannegs [1997] to to the the setting setting of of r.e. r.e. sets sets of of bimodal Visser [1995] presents aa beautiful bimodal formulas formulas (as (as discussed discussed in in section section 5). 5). Visser [1995] presents beautiful approach bimodal provability approach to to Kripke Kripke semantics semantics for for bimodal provability logics. logics. Beklemishev Beklemishev [1994, [1994, 1996a] 1996a] gives gives aa detailed detailed survey survey of of the the current current state state of of the the field. field. Apart Apart from from describing describing the the joint joint behaviour behaviour of of two two 'usual 'usual'' provability provability predicates, predicates, each each of of them them being being separately separately well well enough enough understood, understood, bimodal bimodal logic logic has has been been successfully some nonstandard, successfully used used for for the the analysis analysis of of some nonstandard, not not necessarily necessarily r.e., r.e., concepts concepts of provability. provability. The The systems systems emerging emerging from from such such an an analysis analysis often often have have not not so so much much in in of common CS, although common with with CS, although different different 'bimodal 'bimodal analyses analyses'' do do share share common common technical technical ideas. ideas. As 1986, Japaridze As early early as as 1986, Japaridze [1986,1988b] [1986,1988b] characterized characterized the the bimodal bimodal logic logic of of prov prov-provability (dual Later his ability ability and and w oa-provability (dual to to w-consistency) w-consistency) in in Peano Peano arithmetic. arithmetic. Later his study study was Boolos [1993b,1993a], was simplified simplified and and further further advanced advanced by by Ignatiev Ignatiev [1993a] [1993a] and and Soolos [1993b,1993a], who, who, among among other other things, things, showed showed that that the the same same system system corresponds corresponds to to some some other, other, so-called so-called strong, concepts concepts of of provability provability (taken (taken jointly jointly with with the the usual usual one). one). Other Other examples examples of of strong strong provability provability predicates predicates are are the the En+ En+l-complete from all l -complete provability from -sentences, for true arithmetic arithmetic IIn IIn-sentences, for n � i> 11,, and and the the m-complete II~-complete provability provability under the
w-rule in analysis.
Japaridze bimodal logic Japaridze's' s bimodal logic can can be be axiomatized axiomatized by by the the axioms axioms and and rules rules of of L, formulated 6, the formulated separately separately for for D El and and for for A, the monotonicity monotonicity principle principle DA [:]A --7 --+ 6A, AA, and and an I -completeness principle principle an additional additional II HI-completeness OA ~A --7 --+ 60A, A~A,
The Logic Logic of of Provability Provability
495 495
which reflects reflects in in so so far far as as that that is is possible possible that t h a t //::, k is is strong strong enough enough to to prove prove all all true true which IIl-sentences (if 0 [] is is the the usual usual r.e. r.e. provability provability predicate predicate and a n d //::, k aa strong strong provability provability Il l -sentences (if 's logic predicate). Japaridze Japaridze's logic is is decidable decidable and and has has aa reasonable reasonable Kripke Kripke semantics. semantics. An An predicate). extensive treatment treatment of of Japaridze's Japaridze's logic logic is is given given in in Boolos Boolos [1993b] [1993b].. extensive Bimodal analysis analysis of of other other unusual unusual provability provability concepts concepts has has been been undertaken undertaken Bimodal by Visser Visser [1989,1995] [1989,1995] and and Shavrukov Shavrukov [1991 [1991,1994]. Using the the work work of of Guaspari Guaspari and and by ,1994] . Using Solovay [1979] [1979],, Shavrukov Shavrukov [1991] [1991] found found aa complete complete axiomatization of the the bimodal bimodal Solovay axiomatization of logic of of the the usual usual and and Rosser's provability predicate for for Peano Peano arithmetic arithmetic (see (see also also logic section 9). It It is is worth worth noting that Rosser's Rosser's provability provability predicate, predicate, although although numerating numerating section 9). noting that (externally) the the same same theory theory as as the the usual usual one, one, has has aa very very different different modal modal behaviour; behaviour; (externally) 's e.g., Rosser Rosser consistency consistency of of PA PA is is aa provable provable fact, fact, but but on on the the other other hand, hand, Rosser Rosser's e.g., provability predicate predicate is is not not provably provably closed closed under under modus modus ponens. Shavrukov [1994] [1994] provability ponens. Shavrukov characterizes the the logic logic of of the the so-called so-called Feferman provability predicate. predicate. This This work work characterizes was preceded by Visser Visser [1989,1995] [1989,1995], where where the the concept concept of of provability in PA PA from was preceded by and some some other other unusual unusual provability provability concepts concepts 'nonstandardly finitely many' axioms' and were bimodally bimodally characterized. These systems systems were were motivated motivated by by their connections were characterized. These their connections with interpretability interpretability logic, logic, but but another another motivation motivation originates originates with with Jeroslow Jeroslow and and with Putnam who who studied studied the the Rosser Rosser and and Feferman Feferman style style systems systems as as 'experimental 'experimental'' Putnam systems: their their self-correcting self-correcting behaviour behaviour is is supposed supposed to to be be closer closer to to the the way way humans humans systems: reason. Studying Studying ordinary ordinary provability provability and and self-correcting self-correcting provability provability can can provide provide aa reason. good heuristic for appreciating appreciating the the differences differences between between both both kinds kinds of of systems. systems. good heuristic for A fi final example of of such such an an analysis analysis of of an an unusual unusual proof proof predicate predicate by by the the A nal example ' s analysis development of of aa bimodal logic was was Lindstrom LindstrSm [19941 [1994]'s analysis of of Parikh provability, development bimodal logic i.e.,, the the proof proof predicate predicate that that allows allows OAf []A/AA as as aa rule rule of of inference. inference. i.e. Additional early early results in bimodal logic, e.g., e.g., aa bimodal bimodal analysis analysis of of the so-called Additional results in bimodal logic, the so-called Mostowski operator, operator, can [1985]. Mostowski can be be found found in in Smoryfiski Smorynski [1985]. Many results in bimodal provability logic logic can can be be generalized generalized to to polymodal logic. Many results in bimodal provability Such generalization is is particularly particularly natural natural in in the modal-logical study Such aa generalization the modal-logical study of of progressions progressions of topic in in proof proof theory theory that the work work of of Turing of theories, theories, aa topic that goes goes as as far far back back as as the Turing [1939] [1939].. From the of view, view, however, however, such such a a generalization, all known known From the modal-logical modal-logical point point of generalization, in in all cases, lead to to any any essentially essentially new Roughly, the cases, does does not not lead new phenomena. phenomena. Roughly, the resulting resulting systems fragments; therefore therefore we systems happen happen to to be be direct direct sums sums of of their their bimodal bimodal fragments; we shall shall not not go go into into the the details. details.
bimodal logic logic (modalities, (modalities, inin Polymodal analogues analogues are are known for Japaridze's Japaridze 's bimodal Polymodal known for dexed n, correspond correspond to to the the operators operators to be provable from from all true dexed by by natural natural numbers numbers n, IIn-sentences), provability logics Iln -sentences), and and for for natural natural provability logics due due to to Carlson Carlson and and Beklemishev. Beklemishev. Here, theories of Here, the the modal modal operators operators correspond correspond to to the the theories of the the original original Turing-Feferman Turing-Feferman progressions progressions of of transfinitely transfinitely iterated iterated reflection reflection principles, principles, and and thus, thus, are are indexed indexed by by ordinals say, the ordinals for for some some constructive constructive system system of of ordinal ordinal notation, notation, say, the natural natural one one up up EO . Iterating Iterating full full reflection reflection leads leads to to the the polymodal polymodal analogue analogue of of PR[-pA,ZF, PRLpA,ZF , and and to ~0. to transfinitely transfinitely iterated iterated consistency consistency leads leads to to aa natural natural polymodal polymodal analogue analogue of of A-type A-type provability provability logics logics (Beklemishev (Beklemishev [1991,1994]). [1991,1994]).
496 496
G. Japaridze Japaridze and D. de Jongh
9 9.. Rosser R o s s e r orderings orderings
To To discuss discuss Rosser Rosser sentences sentences and and more more generally generally the the so-called so-called Rosser Rosser provability provability predicate in in aa modal modal context, context, Guaspari Guaspari and and Solovay Solovay [1979] [1979] enriched enriched the the modal modal predicate oA and oA -< DB and language language by by adding, adding, for for each each DA and DB, E]B, the the formulas formulas CA -< E]B and oA OA � ~ DB, OB, with with as as their their arithmetic arithmetic realizations realizations the the �l-sentences El-sentences ''A "A** is is provable provable by by aa proof proof that is is smaller smaller than than any any proof proof of of B*" B*",, and and "A* "A* is is provable provable by by aa proof proof that that is is that so-called witness comparison formulas). smaller smaller than than or or equal equal to to any any proof proof of of B*" B*" ((so-called They They axiomatized axiomatized modal modal logics logics RR - and and R R = = RR - ++ the the rule rule oAIA, C]A/A, and and gave gave an an arithmetic completeness arithmetic completeness result result for for R. R. In In this this arithmetic arithmetic completeness completeness result result they they did did have to to allow allow arbitrary arbitrary standard provability provability predicates predicates in in the the arithmetic arithmetic realizations realizations have however, however, i.e., i.e., arbitrary arbitrary provability provability predicates predicates satisfying satisfying the the three three Lob Lhb conditions. conditions. Shavrukov see also Shavrukov [1991] [1991] ((see also the the end end of of section section 8) 8) showed showed that that this this restriction restriction can can be be -,A ((the oA -< the dropped dropped when when one one restricts restricts the the contexts contexts for for the the new new operator operator to to [:]A -< o C]-~A RA), and short: O Rosser provability predicate, for for short: vIRA), and de de Jongh Jongh and and Montagna Montagna [1991] [1991] showed showed that, that, allowing allowing formulas formulas with with free free variables variables as as arithmetic arithmetic substitutions substitutions leads leads to to Rthe arithmetically complete system. system. Guaspari Guaspari and R - as as the arithmetically complete and Solovay Solovay [1979] [1979] also also showed showed that standard provability predicates all sentences a that for for some some standard provability predicates all Rosser sentences (i.e., (i.e., sentences c~ "' ) -< such that that P PA a ++ ~ (PrpA (PrpA ( ( r --, a a-l) .< PrpA PrpA ( (r a a-l)) are equivalent, equivalent, and and that that for for some some such A f-F a .., ) ) are other other standard standard provability provability predicates predicates this this is is not not the the case. case. This This leaves leaves open open the the question question whether whether aa reasonable reasonable notion notion of of usual proof proof predicate predicate can can be be defined defined for for which the question "Is the the Rosser which the question "Is Rosser sentence sentence unique?" unique?" does does have have aa definite definite answer. answer. Hence also, Hence also, uniqueness uniqueness of of fixed fixed points points is is not not provable provable in in R. R. Finally, Finally, they they showed showed that that Simpler proofs also also the the existence existence part part of of the the fixed fixed point point theorem theorem fails fails for for R. R. Simpler proofs for for the the completeness completeness theorems theorems were were given given in in de de Jongh Jongh [1987] [1987] and and Voorbraak Voorbraak [1988] [1988].. There connections between up. There are are connections between this this work work in in provability provability logic logic and and speed speed up. 's First, de First, de Jongh Jongh and and Montagna Montagna [1988,1989] [1988,1989] gave gave aa new new simpler simpler proof proof of of Parikh Parikh [1971] [1971]'s theorem that, for theorem that, for any any provably provably recursive recursive function function 9g there there is is aa sentence sentence a a provable provable proof in A such a "' ) by in P PA such that that PA PA proves proves PrpA Prpn ( (raT) by aa much much shorter shorter proof in the the sense sense of of 9g in g(a) < b) than ==, T T fF- a(kJ a ( k l ,' .. ... ., , kn) k~),,
9a a binumerates binumerates R R in in T, T,
if if a a numerates numerates R R and and -,a -,a numerates numerates the the complement complement of of R R in in T. T.
We We need need some some more more terminology terminology and and notation. notation. The The formula formula class class LJ! El! is is the the set set of of arithmetic which have explicit LJ arithmetic formulas formulas which have an an explicit E1 form, form, i.e., i.e., 3x 3x 'P ~o for for some some primitive primitive recursive lId denotes recursive formula formula 'P ~o.. Similarly Similarly for for IIJ HI!.! . Simply Simply LJ E1 (resp. (resp. 111) denotes the the class class of of formulas which are I�l-equivalent to some LJ!(resp. IIJ !-) formula. formulas which are IEl-equivalent to some E1 !- (resp. IIl!-) formula. It It is is known known (see (see Smorynski Smoryfiski [1977]) [1977]) that that the the predicate predicate "x "x codes codes aa true true LJ! El!sentence" can be formalized by a LJ !-formula, which we will denote by True(x) sentence" can be formalized by a E1 !-formula, which we will denote by True(x).. This This formula proves that) formula is is such such that that (I�l (IE1 proves that) for I�l f-F- 'P each LJ!-sentence f o r each ~1 ! - s e n t e n c e 'P, ~o, IIE1 qo +-t +-~ True( True(rqpT). 'P..,). Next, Next, we we denote denote by by Regwit(y, Regwit(y, x) x) the the very very primitive primitive recursive recursive formula formula for for which which True(x) True(x) == - 3y 3 y RRegwit(y, e g w i t ( y , xx) ) "' ) is and and say say that that kk is is aa regular regular witness witness of of aa LJ!-sentence 21 !-sentence 'P ~o,, iff iff Regwit(k, Regwit(k, rr 'P ~o~) is true. true. And And kk is is said said to to be be aa regular regular counterwitness counterwitness of of aa IIJ!-sentence 111!-sentence Vz Vz 'P ~o,, iff iff kk is is aa regular regular witness of of 3z 3z -, 'P ~o.. witness
505 505
The The Logic Logic of of Provability Provability
k
., ififS5 ~-f- Prz( (ii) (ii) /3(x) f3(x) binumerates binumerates the the set set of ofaxioms axioms of ofTT inin S.5.
509 509
The Logic of Provability Provability
Proof. Proof. Let Let X X be be the the set set of of all all the the sentences sentences f.e such such that that S S IF- Prytm PrT$m((r-ef. "'n)) for for some some !-formula 7(x) ,(x) such m. By By lemma lemma 12.9, 12.9, there there is is aa EI El!-formula such that that for for all all sentences sentences A,~,, (4) (4)
if A )~E~ X, X , then then S S I~ ,(A"'), 7(r-i~n), if
(5) (5)
if ,(A"') if A f/-r X, then then S S + + ..., -,7(r-A ") is El-conservative El-conservative over over S.
Let T(X) and and O"(x) a(x) be be primitive recursive formulas formulas defining defining the the sets sets of of axioms axioms of of T T Let primitive recursive and Applying self-reference, ,8(x) by and S, respectively. respectively. Applying self-reference, we we define define/3(x) by
13(x) =_ TT(X) h Vy, Vy, Zz � (ii) : Suppose f- PrT-l-m ( >. "' ) . Since PrT~m (r >...,) A-l) is is aa I:l-sentence, E~-sentence, it it follows follows that that T T fF-PrT.j. PrT~m (r A"') 17) and and T, T, being being essentially essentially m( PrT-l -m( reflexive, proves proves AA.. -l--t reflexive, 12.14. Theorem. Theorem. (Lindstr6m [1984 [1984])(PA~ A superarithmetic superarithmetic theory T T is (Lindstrom 12.14. ] ) (PA f- ::)) A faithfully interpretable in a superarithmetic superarithmetic theory S S iff T T is III II1-conservative -conservative over SS faithfully T. and SS is El-conservative I:I -conservative over T. Proof. In In view view of of theorems theorems 12.7 12.7 and and 12. 12.13, the direction direction (=» (=~) is is straightforward. straightforward. To To Proof. 13, the is I:l-conservative prove ({=) (r , suppose suppose T T is Hi-conservative over over S S and and S S is El-conservative over over T T.. prove is III-conservative Then by by theorems theorems 12.7 12.7 and and 12.13, 12.13, we we have: have: Then
(20) f- Cont (20) for for all all m, S S tContsm, -l-m , - A. (21) for for all all m m and and A, A, if if S S fF- Prt-l-m Prtsm(rAT), T fFA. ( A"') , then then T (21) Let Let f3 3 be be the the formula formula from from lemma lemma 12.10, 12.10, and and let let a(x) a(x) be be the the formula formula f3(x) fl(x) /\ A Conf3-l-x Conz~x.' Then (arguing as of theorem (20) implies a(x) (x ) binubinu Then (arguing as in in the the proof proof of theorem 12.7(ii)=~(i)), 12.7(ii) => (i)) , (20) implies that that a merates of axioms of T F- Cons. merates the the set set of axioms of T in in SS and and SS fCona . Consequently, Consequently, by by lemma lemma 12.10, 12.10, there is an an interpretation interpretation tt of of T in S S such such that that there is T in (22) t>. ~=> SS kf- Pro(rAT). (22) for for all all A, >., SS Ff- tA Pra ( >."') .
To show that tt iiss also also aa cointerpretation cointerpretation of T, suppose S fThen, by t>.. Then, To show that of S S iinn T, suppose S ~-tA. by (22), P A ~f-PPra r a ( r(>'''') A -~) ~-+ Pro(rAT). (22) , S~Pr~(rA-~). S f- Pra (A"') . It It is is obvious obvious that that PA Prf3 (>'''' ) . Then, Then, by by -l lemma 12.10(i), for some whence, by by (21), (21), T T fI-- A. -t lemma 12. 10(i) , SS Ff- PrT~m(rA-1) PrT.j.m( A"') for some m, whence, A.
12.15. i n i t e l y aaxiomatized x i o m a t i z e d theories 12.15. FFinitely theories In In the the case case of of finitely finitely axiomatized axiomatized theories theories the the interpretability interpretability relations relations have have other other interesting characterizations. characterizations. E.g., E.g., aa theorem theorem due due to to Harvey Harvey Friedman (improved interesting Friedman (improved establishes that that for for finitely finitely axiomatized axiomatized sequential sequential theories theories TT and and by Visser Visser [1990]) by [ 1990]) establishes S, S, TT is is interpretable interpretable in in SS if if and and only only if if the the weak weak theory theory IAo 1.6.0 ++ EXP EXP proves proves that that the the consistency of of SS (with (with respect respect to to cutfree cutfree proofs) proofs) implies implies the the consistency consistency of of T T (with (with consistency respect to respect to cutfree cutfree proofs). proofs).
514 514
G. G. Japaridze Japaridze and D. de Jongh
12.16. 12.16. Feasible Feasible interpretability interpretability Visser introduced notion of Visser introduced the the notion of feasible feasible interpretability. interpretability. A A theory theory T T is is feasibly the language interpretable in in aa theory theory T' T' iff iff there there is is aa translation translation tt from from the language of of T T into into the x, if the language language of of T' T' and and aa polynomial polynomial function function P(x) such such that that for for any any A A and and x, if - xA, then T f- s P(x) tA o In similar manner T fFxA, then T' T'F B) (1) (1) O [-q(A --+ B) B)--+ (At> B),, -+ (A t> C) , (2) t> B) t> C) -+ (A (2) (A (At> B ) ^/\ (B (Bt>C)--+ (At>C), t> C) , (3) t> C ) /\^ ((Bt>C) B t> C ) -+ (3) (A (At>C) --+((gA V vB Bt>C), (4) (A t> B) (4) (At> B ) +-+ (((}A --+ O 0 BB) ) ,, OA -+ A t> A. (5) O (5) (}At> A. With respect treated as With respect to to priority priority of of parentheses parentheses t> t> is is treated as -+ --+.. Furthermore, Furthermore, in in this this section, section, we we will will consider consider the the extension extension ILM ILM = = IL IL + + M M of of IL IL where where M M is is the the axiom axiom (A t> B) /\ [:]Ct> o C t> B/x B 1\ oC) will write write hL (At> B) -+ --+ (A (A/~ [:]C).. We We will bIL and and hLM FIL M for for derivability derivability in in IL IL and ILM, but and ILM, but sometimes sometimes we we may may leave leave off off the the subscript. subscript. As As will will be be proved proved further further on, on,
The Logic of of Provability
515 515
the the logic the logic logic ILM I L M is is the logic of of II1-conservativity IIl-conservativity of of PA, PA, and and therefore therefore also, also, as as shown shown in section, its in the the previous previous section, its interpretability interpretability logic. logic. We We will will not not treat treat here here the the logic logic ILP ILP (A [> B) which [> B) which arises arises by by extending extending IL IL by by the the scheme scheme (A (At> B) -+ --4 0 D(At> B) that that axiomatizes axiomatizes the interpretability logic of of the the most most common common finitely finitely axiomatizable axiomatizable theories theories (Visser (Visser the interpretability logic [1990] using aa modal [1990],, using modal completeness completeness result result of of de de Jongh Jongh and and Veltman Veltman [1990]). [1990]).
13.1. 13.1. Lemma. Lemma. (a) hL Fir.[3~ --4 (A (At> B),, (a) O-, A A -+ [> B) A [> A, (b) (b) f-1L Fir. A Av vO (~At> A, (c) -, A . (c) hL FIr. A A t[> >A A Ai\ o [3-~A. Proof. The The parts parts (a) (a) and and (b) (b) are are easy. easy. For For part part (c) (c) use use lemma lemma 22.1(j) to obtain obtain Proof. . 1 (j) to f-Ft.L A (A i\A O-,A) i\ o-,A) A -+ --4 (A [3~A) V v (}(A [3~A).. Then Then use use the the necessitation necessitation rule, rule, axiom axiom (1), (1), part part O (A A -l (b) and axiom axiom (2) (2).. -q (b) and 13.2. 13.2. Corollary. Corollary. B, A and AA [>t>B (a) formulas A A [> t> B, A/xi\ 0-, n-~ A A [> t> B B and B/xi\ 0-, [3-, B B are lL-equivalent. IL-equivalent. (a) The formulas (b) (b) The formulas formulas A A [> t> ..1 2- and 0 [3--,A A are IL-equivalent. Proof. (a) lemma 13.1 (c) and its converse, which is Proof. (a) By By lemma 13.1(c) and its converse, which is derivable derivable from from axiom axiom (1), (1), and transitivity transitivity of of [> t> (axiom (axiom (2)). (2)). and (b) The The direction direction from from right right to to left left follows follows from from lemma lemma 13. 13.1(a). The other other (b) 1 (a) . The (i) and direction direction is is obtained obtained by by using using axiom axiom (4) (4) with with ..1 2_ for for B B,, lemma lemma 2.1 2.1(i) and transitivity transitivity -l-t of of [> t>.. -,
An IL-frame 13.3. 13.3. Definition. Definition. An IL-ffame (also (also Veltman-frame) Veltman-ffame) is is an an L-frame L-frame (W, (W, R) with, with, for for each each w Ee W, W, an an additional additional relation relation Sw S~,, which which has has the the following following properties: properties: {w' Ee W W IIw wR (i) (i) Sw S~ is is aa relation relation on on wt wJ" = = {w' R w'}, w'}, (ii) (ii) Sw S~ iiss reflexive reflexive and and transitive, transitive, (iii) if w', w$ and and w'R w'R w", then then w' w'S~w". w', w" Ee wt Sww". (iii) if We write SS for We may may write for {Swlw {S~lw E~ W W }}. .
13.4. W, R, S) combined 13.4. Definition. Definition. An An IL-model IL-model is given given by by an an IL-frame IL-frame ((W, combined with with forcing relation relation IIIF with with the the clauses: clauses: aa forcing uu llVv(uR I- A ) , I~-oA rnA {=} ~ Vv(uR v =} =~ v iIFA), u IIlFAt> - A [> B Vv( I-A =} vSuw and I- B)) . B {=} ~ V v (uu R R vv and and v IIFA =~ 3w( 3w(vSuw and w IIFB)). 13.5. 13.5. Definition. Definition. 1. If then we S) and A for 1. If F F is is aa frame, frame, then we write write F F F ~ A A iff iff F F = = (W, (W, R, S) and w IIIFA for every every W and and every every IF on F. F. w Ee W II- on K. 2. ff F 2. IIff K K: iiss aa class class ooff frames, frames, we we write write K K: F ~ A A iiff F F ~ A A for for each each F F Ee/C. 3. KM the class the class 3. /CM,, the class of of ILM-frames, ILM-frames, is is the class of of IL-frames IL-frames satisfying satisfying (iv) (iv) if u Sw v R z, then then u R z. 4. 4. A Ann ILM-model ILM-model iiss an an IL-model IL-model oonn an an ILM-frame. ILM-frame.
516 516
G. Japaridze Japaridze and and D. D. de de Jongh Jongh G.
The scheme scheme M M characterizes characterizes (see (see section section 2) 2) the the class class of of frames frames KM K:M;; that that is is the the content content The of part part (b) (b) of of the the next next soundness soundness lemma. lemma. of 13.6. Lemma. Lemma. For all all IL-frames IL-frames F, F, 13.6. For (a) For For each each A, A, if if hL F IL A, A, then then F F F ~ A. A. (a) M. (b) F F F ~ ILM I L M iff iff F F Ee K ~M. (b) M F~ A. (C) For For each each A, A, if if hLMA, FILMA, then then K )~M A. (c) As before, before, in in the the case case of of L, L, we we work work inside inside aa so-called so-called adequate adequate set. set. It It is is convenient convenient to to As use the the fact fact that that 0 [] is is definable definable in in IL IL in in terms terms of of t> t> :: DA []A is is IL-equivalent IL-equivalent to to -, -1A E>.1 _k use A t> . 2 (b)) . This (corollary (corollary 13 13.2(b)). This means means that that we we can, can, in in constructing constructing countermodels, countermodels, restrict restrict our attention attention to to formulas formulas that that do do not not contain contain D [3.. The The entire entire following following discussion discussion will will our be based based on on the the presumption presumption the the formulas formulas discussed discussed do do not not contain contain D [3.. be The ned symbol. The other other side side of of the the coin coin is is that that this this will will allow allow us us to to use use 0 [] as as aa defi defined symbol. The A will The most most convenient convenient way way to to this this turns turns out out to to be be the the following: following: 0 ~A will be be an an abbreviation of of -, -~ (A (AC>_I_) and DA []A will will then then abbreviate abbreviate the the formula formula rvOrvA ~~A (i.e., abbreviation t> .1) and (i.e., rvA ,,~A t> E>.1) _l_).. We We need need to to adapt adapt the the concept concept of of adequate adequate set set to to the the new new situation. situation.
es the 13.7. 13.7. Definition. D e f i n i t i o n . An An adequate adequate set set offormulas of formulas is is aa set set (I) that that satisfi satisfies the following following conditions: conditions: 1. (I) is is closed closed under under taking taking subformulas, subformulas, 1. 2. if if A AE e , (I), then ,,~A Ee , (I), 2. then rvA _l_t> E>._L (I), 1 Ee , 33.. .1 -formula in At> 4. A E>B B Ee (I) if if A A is is an an antecedent antecedent or or succedent succedent of of some some t> E>-formula in (I),, and and so so 4. is B B.. is is is an set, then then A B ~E (~ iff iff both both 0 are in 13.8. Lemma. If (~ 13.8. Lemma. I.f an adequate adequate set, A t> E>B ~ AA and and ~0BB are in in case contains contains no no doubly doubly negated iff both and DrvB are (~ (and (and in case (~ negated formulas) formulas) iff both DrvA [3,,~A and [],,~B are in (~.. in is obvious that each each formula formula is is contained contained in in aa finite finite adequate adequate set. In proving proving It is It obvious that set. In completeness we we can can of of course course restrict restrict our our attention attention to to formulas formulas without without double double completeness negations, and and will will therefore therefore be be able able to to use use adequate sets with with formulas formulas without without negations, adequate sets double negations, negations, so so that that we we can can apply the last last part of lemma lemma 13.8. 13.8. We will write write part of double apply the We will ILS remarks apply apply to LM. ILS if if our our remarks to both both IL IL and and IILM. Let Fr and and A .0. be be maximal maximal ILS-consistent ILS-consistent subsets subsets of of some some 13.9. D Definition. 13.9. efinition. Let Then Fr C and, hence, hence, cannot cannot be be aa member member of of r.) F.) To To prove prove that that such such aa bo A exists exists it it is is sufficient sufficient to to prove prove that that the the above above set set is is IL-consistent. Suppose Suppose not. not. Then Then there there exist exist AI A ~, ,,. .' ." , Am Am and and DI D 1 ", . .'. ", Dk Dk with with IL-consistent. DI D1," . '. ". , Dk, Dk, OD [-ID1, nDk, , --, AI A1,, '. ". . , -n Am, Am, O, c:l--,AI A~,, .. .. .. ,, o rn--, A m , B, B , O, [::]--,B B r..l F_L , Am, ) , .. .. .. ,, ODk, or equivalently equivalently or
(AI vv .. .. . . vV Am) D 1,, .. .. .., , Dk, Dk, ODI, v1D1,..., [::lDkr FB BA ^ O [:1-, B -+ -+ AI A~ v v ..... . v v Am Am v v O O(A1 Am).. DI . . . , ODk ,B Applying what what we we know know of of L L gives gives Applying
(AI v ..... . v Am vv O Am)). E:]D1,..., rqDkFr O D(B/~ D - BB- +-+ A Al l V v ..... . v yAm O(AlV yAm)). ODI, . . . , ODk (B A O, Axiom implies Axiom (1) then implies (1) then
(AI vv ... ... v Am). v Am vv O ODk B^A O ODI, O D 1 , .. .. .., , D D ~r FB [:]-IBt>A1 v ..... . yAm (}(A~ vAin). , B r> AI v From lemmas and and axiom axiom (2) it follows that (2) it follows then then that From lemmas
. . . yAm. v Am. D D 1 , .. ... ., , nODk D k FrBBt >r>AAI 1 vv ... ODI,
(3) that that Given that that AAlt t >r>CC, . ,mAm we also also have, have, by by using using axiom axiom (3) Given , . .. . ., A t > Cr>eC F , E r , we r Fr A1 Al vV ... Am r> C. So, So, finally, finally, we we obtain obtain Fr Fr B Btr> C which which contradicts contradicts the the . , . vV Amt>C. F >C consistency -~ --I consistency of of F. r. 13.13. LLemma. Let BBEr>> CC ~E F. r . Then, Then, ifif there there exists exists an an EE-critical successor Abo of of 13.13. e m m a . Let - c r i t i c a l successor r with with BB ~E Abo, , there there also also exists exists an an EE- -critical successor Abo'' of of Pr with with C, C, Do~,C F c r i t i c a l successor C ~E Abo' '. . Proof. Suppose Suppose B, B, C, C, E, E, Fr and and A bo satisfy satisfy the the assumptions assumptions of of the the lemma lemma and and there there Proof. is no no such such A'. bo' . Then Then there there would would be be D ODI, ODn eE F, Fk r> EE eE Fr r, and and F1D FI r> EE,, . .. .. ,. , FkD is D 1 , .. ... ., , [::lDn such such that that Dn , DOD DI1 ," . .'. ," Dn, DIt ,,... .. ,. , I::]D~, ODn , -~ , Fk, Fk, [:]--1 O , F~, FI , .. .. .. ,, C]-~ o , Fk, Fk, C, C, D-~C O,C Fr I..l , EFIl ,, ... .. , --1 D · ,
and, and, therefore, therefore, D ~ n, , D D 1 ,, ... ·. ,· , K I Dn~rF C C ^A D C-~ ~ V DI1 ,, ..... ,. D, D ODI OD O~,C -+F FI . . . vF~ V Fk vv (}(F~ . . . yFk), v Fk), v ... O (FI vv ...
E. Since Since BB and and EE are are respectively respectively an an antecedent antecedent and and which as as before before implies implies Fr Fr BB Dr> E. which , the the adequacy adequacy conditions conditions imply imply then then that that this this succedent of of some some D-formula r> -formula in in (I), aa succedent can be be strengthened strengthened to to BBDr> EE eE P. r . As As Abo isis supposed supposed to to be be an an E-critical E-critical successor successor of of can F, --] r, this this implies implies ,.~B rvB ~E Abo and and we we have have arrived arrived at at aa contradiction. contradiction. --I
518 518
G. Japaridze daparidze and D. de Jongh G.
13.14. Completeness and and decidability then there 13.14. Theorem. T h e o r e m . ((Completeness decidability of of IL IL)) IfYIfJZ ILA, ILA, then there is is a a
-model K finite finite IL IL-model K such such that that K K .JC ~ A. A.
P r o o f . Take Take some some finite finite adequate adequate set set 9 containing containing A, A, and and let let r F b bee aa maximal maximal Proof. IL-consistent subset of (I) containing containing .-vA. ~ A . The The intuitive intuitive idea of the construction of of idea of the construction IL-consistent subset of the model the set successors of the model is is to to divide divide the set of of successors of each each constructed constructed world world w, starting w, starting with r with F,, into into different different parts, parts, each each part part containing containing the the E-critical E-critical successors successors w w for for some some !>-succedent E in in the the adequate adequate set. For occurrences occurrences of of the the same same maximal maximal consistent consistent r> -succedent E set. For set in in different different parts we use use distinct The Sw Sw are are defined defined to to be be the the universal universal set parts we distinct copies. copies. The relation inside the E-critical but to relation inside each each part part consisting consisting of of the E-critical successors successors for for some some E E,, but to be be such no other such as as to to make make no other connections connections between between worlds. worlds. Then Then lemmas lemmas 13.12 13.12 and and 13.13 13.13 give give the the theorem theorem rather rather straightforwardly. straightforwardly. With With some some care care this this program program can can be be executed, executed, but but we we take take a a slightly slightly more more complicated complicated road road that that points points the the way way to to the the completeness completeness proof proof for for ILM I L M where where the the straightforward straightforward manner manner does does not not work. work. with l:. consistent Set the smallest Set Wr Wr to to be be the smallest set set of of pairs pairs (l:., (A, T) T) with A aa maximal maximal consistent subset of of 9 and and T T a a finite finite sequence sequence of of formulas from 9 that that satisfy satisfy the following formulas from the following subset requirements: requirements: ((i)i ) rr >C c Ee (w)o (~)o � * = , Vu(w w(~ R Ru ~ 1\ ^B B Ee (u)o (~)o -t -~ 3v(u 3v(~ Sw S~ v~ 1\ AC C Ee (v)o)). (v)0)). � : Suppose r Suppose B B r> t> C C f/-r (w)o. (w)0. Then Then ~ (B (B r> E>C) C) Ee (w)o. (W)o. We We have have ttoo show show that, that, for for some some uu with with w with (w)o wR R u, u, B B Ee (U)o (u)o and and Vv Vv (u (u SwV Swv -t --+ .-v ~ C C Ee (V)o) (v)0).. Let Let l:. A with (w)0 < t>C (w)o.. Consider Consider any any u u such such that that B B Ee (u)o (u)0 and and w R R uu,, and and first assume assume (uh (u)l = = (w) ( w )lI*, (E) { E } *, TT and and (u)o (u)0 is is an an E-critical E-critical successor successor of of (w) (W)o. By o . By first lemma 13.13 13.13 we we can can find find an an E-critical E-critical successor successor bo' A' of of (w)o (w)0 with with C C Ee bo' A'.. It It is is clear clear lemma * (E) )} is that that vv = = (bo {A',' , (wh (W)l,{E} is a a member member of of Wr Wr and and fulfills fulfills all all the the requirements requirements to to make make
uU~wV. Swv.
If (uh (u)l = = (w ( wh ) I*, {( E E }) ,*TT but but (u)o (u)0 is is not not an an E-critical E-critical successor successor of of (w)o (w)0,, then then we we find find If aa successor successor bo A'' of of (w)0 with C C Ee N A' by by using using axiom axiom (4) (4) instead instead of of lemma lemma 13.13. 13.13. Again Again (w)o with it is is clear clear that that vv = = (bo', {A', (w (w)l,{E}} is a a member member of of Wr Wr and and fulfills fulfills all all the the requirements requirements h * (E ) ) is it to make make u u Swv Swv.. The The final final case case is is that that (uh (u)l = = (W) (w)l.l . In In that that case case also also we we apply apply axiom axiom to -l (4) to to obtain obtain bo' A' with with C C E~ bo' A' and and take take vv = = ({A', (w)~}. -~ (4) bo', (W) l) ' 13.15. Theorem. T h e o r e m . (Completeness (Completeness and and decidability decidability of of IILM) L M ) If If•J.L ILMA, ILMA, then then there there 13.15. is aa finite finite ILM-model K such such that that K K .Ii J~ A. A. ILM -model K is
The main main problem problem iinn the the proof proof of of this this theorem theorem is is the the following. following. To To apply apply the the The characteristic axiom axiom (A (A [> ~>B) B) -+ --+ (A (A/~ 9 [> t> B B/~A P C ) we we seem seem to to be be forced forced to to add add the the characteristic A DC DC) succedent succedent of of this this formula formula to to the the adequate adequate set set whenever whenever we we have have the the antecedent. antecedent. A A straightforward definition definition of of adequate set for for the case of of IILM L M would therefore lead lead straightforward adequate set the case would therefore adequate sets to to be be always always infinite, infinite, which is of of course unacceptable. After After some some adequate sets which is course unacceptable. searching we are are lead to the following defi definition. searching we lead to the following nition.
An 13.16. Definition. Definition. An ILM-adequate ILM-adequate set set (I) is is an an adequate adequate set set that that satisfies satisfies the the 13.16. additional condition: condition: additional if B B t> t> C' C' such such that if [> C, C, []D D D Ee ~, , then then there there is is in in (I) aa formula formula B' B' [> that B' is C' to to C/~ C A DD. DD. is ILM-equivalent ILM-equivalent to to B/~ B A []D DD and and C' B' Even though we require require only only equivalents equivalents to present in course no longer Even though we to be be present in (I) it it is is of of course no longer evident of formulas contained in in a a finite I L M - a d e q u a t e set, evident that that each each finite finite set set of formulas is is contained finite ILM-adequate set, since each each newly newly constructed B/~A [::]D gives rise rise to to a a new new [:]-formula: B/~A ODC> _L.. since constructed B DD gives D-formula: B DD [> ..l But we will will show show that To make we But we that this this iiss nevertheless nevertheless true. true. To make iitt easier easier on on ourselves ourselves we assume that that in in our formula A assume our formula of t>-formulas the A all all antecedents antecedents and and succedents succedents of [> -formulas have have the form B AD B, except ..l . In In view 13.2 ( a) this this is is not an essential form B A [:] ,,~ B, except for for _1_. view of of corollary corollary 13.2(a) not an essential The restriction restriction is is not not really really necessary, necessary, see Berarducci [[1990].) 1990] .) restriction. restriction. ((The see Berarducci rv
Each in an an ILM-adequate set (~ Each formula formula AA is is contained contained in ILM-adequate set that that contains only only aa finite finite number number of contains 9 ILM - equivalence classes. classes.
13.17. emma. 13.17. LLemma.
be the the set set PProof. r o o f . Let Let (I) be be the the smallest smallest IL-adequate IL-adequate set set containing containing A. A. Let Let W9 be of We obtain by of antecedents antecedents and and succedents succedents of of t>-formulas [> -formulas in in ~ including including _l_. ..l. We obtain ~* W' by closing ~W off off under under the the operation operation that that forms forms D D nA EE from from each each formula formula D D in in the the class class closing some and each each formula formula EE that, that, either either is is aa [:]-formula D -formula in in ~, , or or is is of of the the form form [] D ~ FF for and for some W' contains contains only only aa finite finite number number of of equivalence equivalence claim is is that that ~* FF in in the the class. class. The The claim classes. L M - a d e q u a t e set classes. Given Given that that claim claim we we can can construct construct aa finite finite IILM-adequate set by by joining joining to to rv
520 520
G. Japaridze Japaridze and D. de Jongh
* , and the set of in w the subformulas subformulas of of a a finite finite set of representatives representatives of of all all equivalence equivalence classes classes in ~*, and finally adding adding all all the the interpretability interpretability formulas formulas combining combining two two members members of of this this finite finite finally set set of of representatives. representatives. It the claim. induction on It remains remains to to prove prove the claim. This This will will be be done done by by induction on the the cardinality cardinality ), the So, we that cardinality of of W ~. . If If that cardinality is is 11 (i.e., (i.e., W9 = -- {..L} {2_}), the result result is is obvious. obvious. So, we can can assume assume the form that 1. We that the the cardinality cardinality is is larger larger than than 1. We note note that that each each element element of of w ~** is is of of the form B W. That B 1\ ^ 0 rn ,,, B B 1\ ^ OCI []C1 1\ ^ ..... . 1\ ^ oCk []Ck,, with with B B 1\ ^ 0 [] ,,, B B from from ~. That 0 [] ,-, B B is is a a member member of of this this conjunction conjunction means means that that in in the the Ci Ci's's all all occurrences occurrences of of B B 1\ ^ 0 [] ~ B B can can be be replaced replaced by by ..L. _l_. Also Also one one will will recognize recognize that that B B 1\ ^ 0 El ~,, B B will will only only be be thrown thrown in in by by the the operation ( B 1\ ... . Replacing operation into into the the Ci Ci in in conjuncts conjuncts of of the the form form ...., -~(B ^ 0 [] ~,, B B 1\ ^ ...). Replacing those those occurrences occurrences of of B B 1\ ^ 0 [] ,-, B B by by ..L _L means means that that one one can can drop drop the the whole whole conjunct conjunct and and keep keep an equivalent equivalent formula. formula. If one drops drops all all those those conjuncts conjuncts containing containing B B/~1\ 0 [] ~, B, then an If one B, then the the resulting resulting formula formula is is of of the the form form B B ^1\ 0 [] ,-, B B 1\ ^ ODI C:ID~ 1\ ^ ..... . 1\ ^ ODm E]Dm with with B B 1\ ^ 0 [] ,-, B B not in the the Di This means the Di been constructed not (relevantly) (relevantly) occurring occurring in Di.. This means that that the Di have have been constructed from -formulas in from the the O []-formulas in 1> (I) and and the the other other elements elements of of W ~. . Thus, Thus, by by the the induction induction hypothesis, hypothesis, there there are are only only a a finite finite number number of of such such Di Di (up (up to to equivalence) equivalence) and and that start start with hence only finite number of equivalence equivalence classes classes of of elements elements of of w ~** that with hence only aa finite number of B B. The the other W, so B 1\ A0 [] ~,, B. The same same holds holds for for each each of of the other elements elements of of ~, so that that the the resulting resulting -l set set is is finite. finite. -~ rv
rv
rv
rv
rv
)
rv
rv
rv
rv
rv
rv
Proof finite ILM-adequate P r o o f of of theorem t h e o r e m 13.15. 13.15. Take Take some some finite ILM-adequate set set 1> (I) containing containing A A and and some maximal maximal consistent define both some consistent subset subset r F of of 1> (I) containing containing rvA. ~,A. We We define both WI' Wr and and R as the previous This time, holds as as in in the previous proof. proof. This time, however, however, we we let let u S~v apply apply if if (I) holds as well well as as (II') and and (III),
u Swv
(I)
R
(II') (III), = (wh * (C) ) * (C) ) and (II') (II') (uh (U)l � c_ ((V)l, and if if (uh (u)t--(W)l (C) H 9T and and (vh ( v ) l -= ((w)l (C) H 9T'' for for some some C, -critical successor C, T, r, T T',' , and and (u)o (u)0 is is a a C C-critical successor of of (w)o, (w)0, then then so so is is (v)o. (v)0. (III) member of (III) each each oA []A Ee (u)o (u)0 is is also also a a member of (v)o, (v)0, That under this definition the Sw will have the properties That under this definition the Sw will have the properties (i)-(iii) (i)-(iii) is is shown shown in in almost the same manner as that the the property required by almost the same manner as before; before; that the Sw Sw has has the property (iv) (iv) required by definition definition 13.5 13.5 is is shown shown as as follows: follows: Suppose that must T')Sw(i�.", T")R (f', a ) . We Suppose that (b,.', (A',T'ISw(A",T")R (F',a). Wem u s t show show (b,.', ( A ' , ~T')R ' ) R (f', ( r ' , aa) ). . That That ' T a, is T' � C a, is immediate. immediate. That That b,.' A' < < F', follows from from b,. A"" < < f' F' combined combined with with the the fact fact that, that, f', follows -formulas are by by (III), (III), O D-formulas are preserved preserved from from A' to to A ' . Naturally, define w I- p iffiff pp Ee (w)o, Naturally, we we again again define w IIFp (w)0, and and it it will will be be sufficient sufficient to to prove prove that, that, - D iff for for each each D D Ee (I), w w IIIFD iff D D Ee (w)o. (w)0. The The only only interesting interesting case case is is the the one one that that D D is is C, i.e., B B r> D C, i.e., we we have have to to show show that that B (w)o Vu(w (u)o 3v(uSwv 1\^ C B >r> C C Ee (w)0 W(w Ru R 1\ ^B B E (u)o v(u C Ee (v)o). (v)0). V l'
*
W l
b,.'
*
b,." .
1>,
{= :: r
�
--+
Basically as proof for Basically as in in the the proof for IL. IL. ==} ~ : : Assume Assume that that B B r> DC C ~E (w)0, and and that that u is is such such that that w R u and and B B ~E (u)0. Let Let {{ [ODI ] D 1 ,, .. ... ., , ODn} DOn} be be the the set set of of O-formulas []-formulas in in (u)0. By By axiom axiom M M (see (see proposi proposition 1>, (w)0 will with B' tion 2.1 2.1 (d)) (d)) and and the the adequacy adequacy of of (I), will contain contain aa formula formula B B'I> C' with B' and and C' C' ' r> C' respectively DI 1\ Dn and respectively ILM-equivalent ILM-equivalent to to B B 1\ ^ O []D1 ^ ..... . 1\ ^ o []Dn and C C 1\ ^ ODI []D~ 1\ ^ ..... , 1\ ^ OD o D nn. -
(w)o, (w)o
u
(u)o.
wRu
(u)o.
The Logic Logic of of Provability Provability The
521 521
Let the case and (u)0 Let us us just just treat treat the case that that (u)l (uh == (w)l (wh ** (E> (u)o is is an an E-critical E-critical (E) .*TT and successor successor of of (w)0. (w)o . (The (The other other cases cases are are easy, easy, given given our our experience experience with with IL.) IL.) We We 13.13, with with (w)0, (w)o , (u)0 (u)o and and B'C> B' r;, C' C' as as input, input, an an E-critical E-critical can find, find, by by lemma lemma 13.13, can /:l' of of (w)0 (w)o with with both both CC and and [:]D DD E9A' /:l' for for each each [:]D D D E9 (u)0. (u)o. ItIt suffices suffices to to successor A' successor take vv = Given that also in take = . ( uh ) . Given that each each [:l-formula D-formula in in (u)0 (u)o appears appears also in A', /:l' , the the depth depth of A /:l'~ cannot cannot be be larger larger than than the the depth depth of of (u)0. (u)o. Therefore, Therefore, vv E9Wr Wr and and vv fulfills fulfills all all of requirements. -1 requirements. -t Visser from the Visser (see (see Berarducci Berarducci [1990])showed [1990]) showed that, that, from the models models constructed constructed in in the the relation that that is is independent independent of of the the proof, one one can can construct construct models models with with an an SS relation above proof, above world w may have have to world w (see (see also also definition definition 15.4). 15.4) . These These models models may to be be infinite infinite however. however. The The first first arithmetic arithmetic completeness completeness proofs proofs used used these these models models instead instead of of the the finite finite models models constructed in in the the above proof, but but we will not not introduce introduce them them in in this this section, section, since since constructed above proof, we will our 14) uses uses the the finite finite models models directly. directly. our arithmetic arithmetic completeness completeness proof proof (section (section 14) The fixed can be extended to to IL IL and hence to I L M and ILP The fixed point point theorem theorem of of LL can be extended and hence to ILM and ILP (de and Visser [1991]). (de Jongh Jongh and Visser [1991]). Arithmetic completeness of 114. 4. A rithmetic completeness o f ILM ILM
We fix aa theory we assume that T the language We fix theory TT containing containing IE1. 1�1 . For For safety safety we assume that T is is in in the language of arithmetic and T is sound, true (in arithmetic and T is sound, i.e., i.e., all all its its axioms axioms are are true (in the the standard standard model model of of arithmetic) , although in fact fact itit is is easy easy to our proof proof of of the of arithmetic), although in to adjust adjust our the completeness completeness 2: 1 -soundness of theorem to the the weaker condition of of El-soundness of T. T. theorem to weaker condition
14.1 . Definition. Definition. The definition of given in section 11 is 14.1. The definition of aa realization realization given in section is extended extended to the the language language of of IILM L M by by stipulating that (A (AC>B)* = Conserv Conserv((rA*7, to stipulating that r;, B)* = A* "', rr BB*. 7"')), , where Conserv Conserv((rA* is an an intensional intensional formalization formalization ((see Chapter IIII of of this this where A' '''7,, rr BB.* 7) "' ) is see Chapter Handbook) of Handbook) of "T "T + + B* B* is is III-conservative IIl-conservative over over T T+ + A*" A*"..
If If T T= = PPA, A , then, then, iinn view view of of theorem theorem 12.7, 12.7, the the interpretability interpretability and and II H1lconservativity relations over finite extensions conservativity relations over its its finite extensions are are the the "same" "same" in in all all reasonable reasonable senses, so so we we can can take take Conserv Conserv((rA*7, . 7 ) to to be be a a formalization formalization of of "T "T + B* B* is is A*"', rr BB*"') senses, interpretable in interpretable in T T + + A*" A*".. Below Below we we prove prove the the completeness completeness of of ILM I L M as as the the logic logic of of IIl-conservativity I]l-conservativity over over T T and and thus thus at at the the same same time time the the completeness completeness of of IILM LM as as the the logic logic of of interpretability interpretability over over T T= = PA. PA. The The fact fact that that ILM I L M is is the the logic logic of of interpretability interpretability over over PA P A was was proven proven more more or or less less simultaneously simultaneously and and independently independently by by Berarducci Berarducci [1990] [1990] and and Shavrukov Shavrukov [1988] [1988].. Later, Later, Hajek H~jek and and Montagna Montagna [1990,1992] [1990,1992] proved proved that that ILM I L M is is the the logic logic of of II IIl-conservativity over T T= = 1�1 IE1 and and stronger stronger theories. theories. l-conservativity over 14.2. f-F- ILM A iff 14.2. Theorem. Theorem. ILMA iff for for every every realization realization **,, T T fF- A* A*.. Proof. The ( ====} ) part can be verified by induction on ILM Proof. The (=:~) part can be verified by induction on I L M proofs. proofs. Since Since the the soundness soundness of of L L is is already already known, known, we we only only need need to to verify verify that that if if D D is is an an instance instance of of *. one one of of the the additional additional 66 axiom axiom schemata schemata of of ILM, ILM, then, then, for for any any realization realization **,, T T f~- D D*. All All the the arguments arguments below below are are easily easily formalizable formalizable in in T: T:
G. Japaridze Japaridze and and D. D. de de Jongh Jongh G.
522 522
I> B) Axiom (1): (1): D [::](A -+ B) B) -+ -~ (A (At> B).. If If T T f-F A A -+ --+B, B, then then clearly clearly T T+ + B* B* is is Axiom (A -+ conservative over over T T+ + A* A*.. conservative Axiom I> B) I> C) -+ I> C) . Evidently, Axiom (2) (2):: (A (At> B) 1\A (B (Bt>C) ~ (A (At>C). Evidently, the the relation relation of of conservativ conservativity is is transitive. transitive. ity Axiom I> C) 1\^ (B I> C) -+ I> C. It Axiom (3) (3):: (A (At>C) (Bt>C) -+ A A vv B Bt>C. It is is easy easy to to see see that that if if T T+ + C* C* is is (H1-) conservative conservative over over T T+ + A* A* and and T T+ + B* B*,, then then so so is is it it over over T T+ + A* A* Vy B* B*.. (ITI-) A -+ B) . Clearly, 1 -conservative over Axiom I> B) Axiom (4) (4):: (A (At> B) -+ -+ ((0 ~A -~ 0 (}B). Clearly, if if T T+ + B* B* is is IT Ill-conservative over T+ + A* A* and and T T+ + A* A* is is consistent, consistent, then then so so is is T T+ + B* B*.. T Axiom I> A. Suppose Axiom (5): (5): OA ~At>A. Suppose AA is is aa IT Hl!-sentence provable in in T T+ + A* A*.. We We need need l !-sentence provable to * , that to show, show, arguing arguing in in T T+ + (OA) ((}A)*, that then then A• is is true. true. Indeed, Indeed, suppose suppose T T+ + A* A* is is consistent. Then Then it it cannot cannot prove prove aa false false IT IIl!-sentence (by � Ell !-completeness) !-completeness) ,, and and consistent. l !-sentence (by hence/kA must must be be true. true. hence Axiom I> B) Axiom (M): (M): (A (At> B) -+ -~ (A (A 1\ ^ DCI> OCt> B B 1\ ^ DC) DC).. Suppose Suppose T T+ + B* B* is is IT II~-conservative l -conservative over T T+ + A* A* and and A)~ is is aa IT IIl!-sentence provable in in T T+ + B* B* 1\ ^ ((E]C)*. Then T T+ + B* B* over DC)' . Then l !-sentence provable proves DC)* -+ proves ((EIC)* -+ A. )~. But But the the latter latter is is aa IT YIl-sentence and therefore therefore it it is is also also proved proved by by l -sentence and T+ + A* A*.. Hence, Hence, T T+ + A* A* 1\ A (DC)* (DC)* fFA A.. T The following following proof proof of of the the ((r{:= ) part part of of the the theorem theorem is is taken taken from from Japaridze Japaridze The [1994b] and and has has considerable considerable similarity similarity to to proofs proofs given given in in Japaridze Japaridze [1992,1993] [1992,1993] and and [1994b] Zambella Zambella [1992]. [1992]. Just Just as as in in Japaridze Japaridze [1992,1993], [1992,1993], the the Solovay Solovay function function is is defined defined in than provability in terms terms of of regular regular witnesses witnesses rather rather than provability in in finite finite subtheories subtheories (as (as in in Berarducci Berarducci [1990], [1990], Shavrukov Shavrukov [1988], [1988], Zambella Zambella [1992]). [1992]). Disregarding Disregarding this this difference, difference, the function function is is almost the same same as as the the one one given [1992] ' for for both both proofs, proofs, the almost the given in in Zambella Zambella [1992], unlike the ones ones in in Berarducci Berarducci [1990] [1990] and and Shavrukov Shavrukov [1988] finite ILM-models unlike the [1988],, employ employ finite ILM-models rather than rather than infinite infinite Visser-models. Visser-models. Then, by by theorem theorem 13.15, 13.15, there there is finite ILM-model ILM-model J.L1LM A. A. Then, Suppose ~ILM Suppose is aa finite w , IF) If-) in in which which A A is is not not valid. valid. We We may assume that that W W == {{I, (W, R, R, {S~}~ {Sw}w eE w, (W, may assume 1 , .. ...., , l}, l}, W eE W, W, and is the the root root of of the the model model in the sense sense that that 1R for all all 11 ~: and 11 ~WAA.. We We 11 is in the lR w w for i= w define ~ w , ) ): : define aa new new frame frame (W (W',~, RR',~, {S~ {S� }}WEWI
w'=wu{o}, W' = W U {O} , R' == RR uU {(0, R' }. . { (O, w) II W E W W} Sb == $1 Sl UU ((1, {(I, w) w ) lw I W ~E W W}} and and for for each each w w eE W, W, S~ S� == S~. Sw ' S~ Observe }wew,) is Observe that that (W', (W', R', R', (S~ {S�}WEWI) is aa finite finite ILM-frame. ILM-frame. Just as as in in section section 3,3, we we are are going going to to embed embed this this frame frame into into TT by by means means of of aa Just Solovay style style function function gg :w : w~ W'~ and and sentences sentences Lim~ Limw for for ww eE W W'~ which which assert assert that that Solovay -+ W w isis the the limit limit of of g.g. This This function function will will be be defined defined in in such such aa way way that that the the following following w basic basic lemma lemma holds: holds: 14.3. emma. 14.3. LLemma.
V
(a) TT proves proves that that gg has has aa limit limit in in W', W', i.e., i.e., TT Ff- V {Limr { Limr II rr ~E W'}, W'} , (b) (b) IfIfww ~i= u, u , then then TT Ff- -~.., (Limw (Limw n1\ Limu), Limu), (c) (c) IfIfww RR'~u, u , then then TT ++ Limw Limw proves proves that that TT]zJ.L -~ Lim~,, Limu , ..,
The Provability The Logic Logic of o] Provability
523 523
(d) If If w w '" ~ 0 0 and and not not w w R' R' u, u, then then T T + + Limw Limw proves proves that that T T IF- --, --1Lim~, (d) Lim", v, then that T -conservative over (e) (e) If If U u S� S'~v, then T T + + Limw Lim~ proves proves that T + + Limv Limv is is III H~-conservative over T T + + Lim" Lim~,, (f) (f) Suppose Suppose w w R' R' u u and and V V is is a a subset subset of of W' W ' such such that that for for no no vv Ee V, V, u u Swv S~v ;;
V
-conservative over then then T T + + Limw Lim~ proves proves that that T T + + V {Limv {Lim, IIvv Ee V} V } is is not not III II~-conservative over T T+ + Lim" Lim~,, (g) (g) Limo Lim0 is is true, true, (h) For each each ii Ee W', W ~, Limi is consistent with T. T. (h) For Limi is consistent with To deduce deduce the the main main thesis thesis from from this this lemma, lemma, we we define define aa realization realization '* by by setting setting To for for each each propositional propositional letter letter p, p,
{Limr lI rr EE W pP** = = V V{Limr W,, rr lf-p}. I~-p}. 14.4. 14.4. Lemma. Lemma.
For -formula B, For any any w w Ee W W and and any any ILM ILM-formula B,
f- B, then (a) imw I-F- B* (a) if if w w lIF-B, then T T + +L Lim~ B*;; (b) (b) if if w w W-B IF B , , then then T T + + Limw Lim~ IF- --, ~B B*. *. Proof. By induction induction on on the the complexity complexity of B.. The The cases cases when when B B is is atomic atomic or or has has Proof. By of B the DC are handled just the form form [:]C are handled just as as in in the the proof proof of of lemma lemma 3.3, 3.3, so so we we consider consider only only the the case case when when B B = = Cl C1 l> D C2 C2.. Assume instead of Assume w w Ee W. W. Then Then we we can can always always write write w wR Rx x and and x x Sw S~ yy instead of w w R' R~xx and (i = establish that both and x x S� S~ yy.. Let Let ai ai = = {{rr II w wR R r, r, rr If-Ci} I~-Ci} (i = 11,, 2). 2). First First we we establish that for for both ii = = 1, 1, 2, 2, ((,) *)
V
T T+ + Limw Lim~ proves proves that that T T I~q C~ ++ ~ V {Limr {Limr II rr Ee ai} c~i}..
Indeed, Indeed, argue argue in in T T + + Limw Limw.. Since each hypothesis for Since each rr Ee a aii forces forces Ci Ci,, we we have have by by the the induction induction hypothesis for clause clause (a) (a) that that for for each each such such rr,, T T IF- Limr Limr -t --+ Ct C~,, whence whence T T IF- V V {{Lim L i m rr II rr eE a;} ai} -t -+ Ct C~.. Next, Next,
V 9
J
W'} and, according according to to lemma lemma 14.3(a) 14.3(a),, TI TF-- V {Lim {Lim~r II rr Ee W'} and, according according to to lemma lemma 14.3(d), 14.3(d), T {Limr I] wR r}; at T disproves disproves every every Limr Lim~ with with not not wR w R r; r; consequently, consequently, T T I~- V V{Lim~ w R r}; at the the same same time, time, by by the the induction induction hypothesis hypothesis for for clause clause (b) (b),, Ct C~ implies implies in in T T the the negation negation of of each each Limr Lim~ with with rr W-Ci P~Ci.. We We conclude conclude that that T T IF- q C~ -t -+ V V {Limr {Limr II wRr, w R r, rr If-C;} I~-Ci},, i.e., i.e., {Limr II rr eE a i } . Thus, T T I~q C~ -t ~ V V{Lim~ ai}. Thus, ((,) is proved. proved. Now Now continue: continue" * ) is l w f C l> C2 . Argue in T + Limw . By (a) Suppose (a) Suppose w IF-C1l E> C2. Argue in T + Limw. By ((.), to prove prove that that T T+ + c; C~ * ), to {Limr II rr Ee a2 is is Ill-conservative Hi-conservative over over T T+ + C; Ct,, it it is is enough enough to to show show that that T T+ + V V{Lim~ a2}} is {Limr II rr Ee ad Consider an is III-conservative Hi-conservative over over T T+ + V V{Lim~ al}.. Consider an arbitrary arbitrary U u Ee a all (the (the case case with with empty empty a all is is trivial, trivial, for for any any theory theory is is conservative conservative over over T T + + .i). _[_). Since Since w I I> w lf-C I~-C1 E> C2 C2,, there there is is Vv Ee a2 a2 such such that that u u Sw Sw vv.. Then, Then, by by lemma lemma 14.3(e) 14.3(e),, T T+ + Limv Limv is is {Limr II rr Ee a2} III-conservative HI-conservative over over T T+ + Lim" Lim~.. Then Then so so is is T T+ + V V{Lim~ a2} (which (which is is weaker weaker
524 524
G. Japaridze and D. de Jongh
than ). Thus, Thus, for than T T+ + Limv Limv). for each each u u Ee aI C~l,, T T + + V V {{Lim L i m ,r II rr Ee a ~2} is ill-conservative lIi-conservative 2 } is
V
this implies that T over over T T + + Lim" Lim~.. Clearly Clearly this implies that T+ + V {Limr {Limr II rr Ee a c~2} is il IIl-conservative l -conservative 2 } is
V
l· over over T T + + V {Limr {Limr II rr eE al C~l}. (b) w WCI ~C1 [> c> C2 C2.. Let Let us us then then fix fix an an element element u u of of al al such such that that u u Sw S~ vv for for (b) Suppose Suppose w no . Argue in T + Limw . no vv Ee a as. Argue in T + Lim~. 2 By lemma By lemma 14.3(f), 14.3(f), T T+ + V {Lim {Lim~r II rr Ee a a2} is not not il 1-Ii-conservative over T T + + Limu Limu.. l -conservative over 2 } is
V
V
Then, neither neither is Then, is it it il Hi-conservative over T T + + V {Limr {Lim~ II rr Ee ad c~1} (which (which is is weaker weaker than than l -conservative over over T + Ci . T ). This T + + Lim,, Lim~). This means means by by (*) (.) that that T T + + c:; C~ is is not not ill-conservative IIl-Conservative over T + C~. -l -~ Now WA, lemma Now we we can can pass pass to to the the desired desired conclusion: conclusion: since since 1l~ZA, lemma 14.4 14.4 gives gives But we we do do have have T T~Z _7Liml Liml But � .., -l according to lemma 14.3(h).. This This ends ends the the proof proof of of theorem theorem 14.2. 14.2. -t according to lemma 14.3(h)
T Ik- Lim Limll -+ --+ .., -~ A* A*,, whence whence T T� Y .., -~ Lim Limll :::} =~ T TJz A*.. T � A*
Our remaining remaining duty Our duty is is to to define define the the function function 9 g and and to to prove prove lemma lemma 14.3. 14.3. The The recursion ne this recursion theorem theorem enables enables us us to to defi define this function function simultaneously simultaneously with with the the sentences sentences Limw (for (for each each W w Ee W'), W'), which, which, as as we we have have mentioned mentioned already, already, assert assert that that w w is is the the Limw (w, u) ne limit limit of of gg,, and and the the formulas formulas �w,,(y) A ~ ( y ) (for (for each each pair pair (w, u) with with wR'u) wR'u), , which which we we defi define by by �w,, (y)
== -
3t > Y y (g(t) = = UA ^ Vz V z ((y y � < z z < t --+ g(z) g(z) = = :1
t > (g(t)
< t -+
w)) .
14.5. 14.5. Definition. D e f i n i t i o n . (function (function g) g) We We define define g(O) g(0) = = O. 0. Assume ned for Assume that that g(y) g(y) has has already already been been defi defined for every every yy � ~ x, x, and and let let gg(x) = w. w. (x ) = Then ned as Then g(x g(x + + 1) 1) is is defi defined as follows: follows: (1) wR'u, n w. Then, (1) Suppose Suppose wR'u, n� n, (x) = Limu . Deny �wu (fi) - w. w. We We need need to to show show that that T T J.L Y -, -1Limu. Deny this. this. Then Then T T bI- Limu Lim~ --+ ~ -, -1Awu(fi) 9g(x) and, ;::, nn such and, since since every every provable provable formula formula has has arbitrary arbitrary long long proofs, proofs, there there is is x x/> such that --+ -' �wu(fi) nition 14.5(1), that I-x F-x Limu Lim~--+-~ Awe(g);; but but then, then, according according to to defi definition 14.5(1), we we must must have have g(x + + 1) 1) = - u, u, which, which, as as u u oj =fi w w (by (by irreflexivity irreflexivity of of R'), R'), is is a a contradiction. contradiction. g(x 0, w the limit u. If w, then (d): (d): Assume Assume w w oj -~ 0, w is is the limit of of 9 g and and not not wR' wR' u. If u u= = w, then (since (since w 1) = u. This w oj -~ 0) 0) there there is is x x such such that that g(x) g(x) = = vv oj =fiu u and and g(x g(x + + 1) = u. This means means that that at at the the rst case moment moment x x+ + 11 we we make make either either an an R'-move R'-move or or an an Sf-move. S'-move. In In the the fi first case we we have have T Limu --+ easy to the � T IF-Lim~ ~ - ~-, �vu(fi) Ave(g) for for some some n n for for which, which, as as it it is is easy to see, see, the E1l !-sentence !-sentence � !-completeness, T -, Limu . And AT g ) is is true, true, whence, whence, by by �I El!-completeness, T 1b-~Lim~. And if if an an Sf-move S'-move is is vu((fi) taken, taken, then then again again T T IF- -, -~ Limu Lim~ because because T T + + Limu Lim~ proves proves a a false false (with (with a a ::::; ~<x x regular regular counterwitness) III counterwitness) II1 !-sentence. !-sentence. Next, w. Let w. Since Next, suppose suppose u u oj ~: w. Let us us fix fix a a number number zz with with g(z) g(z) = = w. Since 9 g is is primitive primitive recursive, limit recursive, T T proves proves that that g(z) g ( z ) -= w w.. Now Now argue argue in in T T + + Limu Lim~:: since since u u is is the the limit oj uu and of of 9 g and and g(z) g ( z ) == w w oj :/: u u,, there there is is a a number number x x with with x x ;::, >1 zz such such that that g(x) g(x)::/= and gg(x (x + 1) = + 1) = u u.. Since Since not not (w (w = = )g(z)R' )g(z)R' u u,, we we have have by by lemma lemma 14.7 14.7 that that
(,) (*)
for for each each y with with zz ::::; ~> z, z, cc such such that that g(x) g(x) -= g(x for A. g(x + + 1) 1) -= uU (as ( as uU is is the the limit limit of g, such such aa number number exists). exists) . Then, Then, according according to to definition definition 14.5, 14.5, the the only only reason reason for for of g, g(x from uu to g(x + + 1) 1) == uU =/ I-=vv can can be be that that we we make make an an S~-transfer S' -transfer from to uu and and the the rank rank of of this this transfer is is less less than than z,z, which, which, by by lemma lemma 14.6, 14.6, is is not not the the case. case. Conclusion: Conclusion: A A (is (is true). true). transfer (f): for each (f) : Assume Assume w w is is the the limit limit of of g, g, wR' WRI uU, , VV c_ 1 � n, n, g(z) g(z) = = w. w. B primitive recursiveness recursiveness of of g, g, TT proves proves that n ) == w. A ~ ( ~ ) . . So, ~ ( ~(n) ) i s is aa w . By By definition definition 14.5(1), 14.5(1), TT ++ Lim~ Limu lz J.L --,~6.wu(n) So, as as ~-,A6.wu that gg(( n)
V
{Limv IIvv Ee V} III -sentence, in in order order to to prove that TT ++ V{Limv not Ill-conservative III-conservative over V} isis not Hi-sentence, prove that over T + Limu, for each T + ~ ( ~(n) ) . . Let Limu , itit is is enough enough to to show show that that for each vv Ee V, V, T + Lim, Limv f-~ -~ -, A 6.wu Let us us fix fix T+ any V. According According to our assumption, not uu S~ S� vv and, by reflexivity reflexivity of S� , uu Iv. any vv eE V. to our assumption, not and, by of S~, :/: v. Argue in in T that 6.wu(n) A ~ ( n ) holds, holds, i.e., i.e., there Argue T ++ Lim,. Limv . Suppose, Suppose, for for aa contradiction, contradiction, that there is such that n > nn such there is is t't' >> tt such such that that g(t' g(t' -- 1) 1) Iand at at the the moment of and vv rI- u, ~ v v and moment t't' we we arrive arrive of g9 and u, there at to stay there for for ever. ever. Let Let then then x0 Xo /j. j. S'-move. Moreover, Thus, from from the the moment moment Xj xj onwards, onwards, each each move move is is an an S~-move. Moreover, for for each each Thus, the S'-move with jj � ~>,, where where A A>>B is interpreted interpreted as as tor A* -+ A f-k ((A* "there "there is is aa � E~-sentence ~o such such that that P PA -~ ijJ ~o)) 1\ A ((~o -~ B*)" B*)" (for (for comparison: comparison: ijJ -+ l -sentence ijJ the the interpretation interpretation of of � E~A is nothing nothing but but "there "there is is aa � El-sentence ~o such such that that l A is l -sentence ijJ ijJ -+ A * -+ * ) " ) . He P AA fF- ((A* -~ ~o) ~ A A*)"). He constructed constructed aa logic logic ELH E L H in in this this language, language, called called P ijJ) 1\A ((~o "the logic logic of of � E~-interpolability", and proved proved its its arithmetic arithmetic completeness. completeness. Although Although "the l -interpolability" , and the this, he the author author of of the the logic logic of of �l-interpolability El-interpolability did did not not suspect suspect this, he actually actually had had found the the logic logic of of weak weak interpretability interpretability over over PA, PA, because, because, as as it it is is now now easy easy to to see see found in --, ( A » that PA in view view of of corollary corollary 12 12.8, the formula formula -~(A >> --,B) -~B) expresses expresses that PA + + B* B* is is weakly weakly . 8, the interpretable in in P PA + A A*. interpretable A+ *. We interpretability is (binary) case linear tolerance, We know know that that weak weak interpretability is aa special special (binary) case of of linear tolerance, and the the latter latter is is aa special special (linear) (linear) case case of of tolerance tolerance of of aa tree tree of of theories. theories. JJaparidze and aparidze [1992] gave gave an an axiomatization axiomatization of of the the logic logic T O L of of linear linear tolerance tolerance over over PA, PA, and and [1992] TOL Japaridze [1993] [1993] did did the the same same for for the the logic logic TLR T L R of of the the most most general general relation relation of of Japaridze tolerance for for trees. trees. tolerance All ELH, T TOL TOL All three three logics logics ELH, O L and and TLR T L R are are decidable. decidable. Among Among them them T O L has has the the most TOL most elegant elegant language, language, axiomatization axiomatization and and Kripke Kripke semantics, semantics, and and although although T O L is is TLR, going to just aa fragment just fragment of of T L R , here here we we are are going to have have aa look look only only at at this this intermediate intermediate logic. logic. TOL The The language language of of T O L contains contains the the single single variable-arity variable-arity modal modal operator operator 0 ~:: for for formulas, then This logic logic is any any n, if if A A1,..., Ann are are formulas, then so so is is 0 O(A1,..., A~). is defined defined as as l, . . . , A n ) . This (Al, . . . , A classical logic plus the rule rule --,A/--' the following classical logic plus the ~A/--,O(A) plus the following axiom axiom schemata: schemata: O (A) plus 1. ~ ( 0 , A, 6 ) - ~ (}(C, A A--B,/9) v {}(C, B,/9),
22.. O (}(A)--+ 0 ((A A 1\ A-~0(A)), (A) -+ O --'O ( A)) , 3. 0 ~(C, :D) -+ ~ 0 {}((J, D),, ( 0, 15) ( 0, A, 15) 4. 0 4. ~(C,A,D)-~ (}(C,A,A,.D), ( 0, A, A, 15) , ( 0, A , 15) -+ 0 55.. O 0(A, (}(C)) (}(A/~ -+ O ( A 1\ (}(C)), ( A, 0 0 ( 0)) , ( 0)) --+ 6. 6. 0 ( 0, 0 ( 15)) -+ 0 ( 0, 15) . � 0, 0 (Here ( 0 ) isis identified identified with (Here A A stands stands for for A A1,...,An for an an arbitrary arbitrary n n~>0, (}(()) with T.) -1-.) l , . . . , An for
530 530
G. G. Japaridze and D. de Jongh
15.4. A see Berarducci 15.4. Definition. Definition. A Visser-frame Visser-frame ((see Berarducci [1990]) [1990]) is is aa triple triple (W, {W, R, R, S) S},, where where (W, {W, R) R / is is aa Kripke-frame Kripke-frame for for L L and and S S is is aa transitive, transitive, reflexive reflexive relation relation on on W W such that that R R� c_ S S and, and, for for all all w, W, we we have have w S u R v �~. wRv wry.. such w, u, u, vv EE W, wSuRv A S, If-) A TOL-model TOL-model is is aa quadruple quadruple (W, (W, R, R,S, IF} with with (W, {W, R, R , SS) ) aa Visser-frame Visser-frame com combined with relation Ifbined with aa forcing forcing relation I~- with with the the clause clause w IfIF-O (~(A1 iff there there are are Ul u l ,, .. ... ., , Un un with with ulS u l S . .. .. . SUn Sun such such that, that, w (Al .. .. .., , An) An) iff - Ai . for all all i, wRuii and and U uii IfIF-Ai. for i, WRU Such model is nite. Such aa model is said said to to be be finite, finite, if if W W is is fi finite. 15.5. ((Japaridze Japaridze [1992]) -formula A, A, f-t- TOL 15.5. Theorem. Theorem. [19921) For For any any TOL TOL-formula ToLAA iff iff A A is is valid same is valid in in every every TOL-model; TOL-model; the the same is true true if if we we consider consider only only finite finite TOL-models. TOL-models.
((Japaridze Japaridze [1992]) sound superarithmetic [1992]) Let Let T T be be aa sound superarithmetic theory, theory, arithmetic realization, and let, let, for for ** an an arithmetic realization, ((0 ~ ((AI A 1 ,, .. ... ., , An))* An))* be be interpreted interpreted as as aa natural natural and formalization . . .,T formalization of of "the "the sequence sequence T T + + Ai, A~,..., T + + A� A~ is is tolerant". tolerant". Then, Then, for for any any TOL TOLA iff for every realization *, T fA* . formula formula A, A, fF- TO ToLA iff for every realization *, T FA*. L 15.6. Theorem. 15.6. T heorem.
With the the arithmetic arithmetic interpretation in mind, note that that L L is is the the fragment fragment of of TOL TOL With interpretation in mind, note in 1. This in which which the the arity arity of of 0 ~ is is restricted restricted to to 1. This is is because because consistency consistency of of A* A* with with T, expressed T, expressed in in L L by by 0 ~ AA,, means means nothing nothing but but tolerance tolerance of of the the one-element one-element sequence sequence {T + + A*} of theories, expressed in in T O L by by O ~(A). (T A*) of theories, expressed TOL (A) . As for for cotolerance, one can can easily easily show, show, using using theorems theorems 12.7 12.7 and and 12.13 12.13 As cotolerance, one (( i ) {::: iii)) , that ((i) ~ :::} ((iii)), that a a sequence sequence of of superarithmetic superarithmetic theories theories is is cotolerant cotolerant iff iff the the sequence sequence where tolerant. Moreover, where the the order order of of these these theories theories is is reversed reversed is is tolerant. Moreover, it it was was shown shown in in Japaridze [1993] cotolerance - though tolerance - for Japaridze [1993] that that cotolerance though not not tolerance for trees trees can can also also be linear tolerance. tolerance. In particular, aa tree be expressed expressed in in terms terms of of linear In particular, tree of of superarithmetic superarithmetic theories olerant iff theories is is cot cotolerant iff one one of of its its topological topological sortings sortings is. is. Hence, Hence, given given aa tree tree Tr Tr of of modal modal formulas, formulas, cotolerance cotolerance of of the the corresponding corresponding tree tree of of theories theories can can be be expressed expressed in in -:'), where TOL T O L by by O ( }((A s l) V v . .. .. . V vo (~ (A (A~n), where A s I' . . . ' A An:' are are all all the the reverse-order reverse-order topological topological sortings of linear tolerance, can, at sortings of Tr. Tr. Thus Thus TOL, T O L , being being the the logic logic of of linear tolerance, can, at the the same same time, time, be unrestricted) cotolerance be viewed viewed as as the the logic logic of of ((unrestricted) cotolerance over over PA. PA. Just -consistency ((see see defi nition 12.4) Just like like tolerance, tolerance, the the notion notion of of r F-consistency definition 12.4) can can be be generalized generalized to to finite finite trees, trees, including including sequences sequences as as special special cases cases of of trees: trees: aa tree tree Tr -consistent iff there are Tr of of theories theories is is r F-consistent iff there are consistent consistent extensions extensions of of these these theories, theories, of of -conservative over its predecessors the tree. which each one is which each one is r F-conservative over its predecessors in in the tree. Then Then the the corollaries corollaries of of theorems theorems 12.7 12.7 and and 12.13 12.13 generalize generalize to to the the following: following:
((Japaridze Japaridze [1993], 15.7. 15.7. Theorem. Theorem. [1993], PA P A f~- )) For For any any finite finite tree tree Tr Tr of of superarith superarithmetic metic theories, theories, ((a) a) Tr Tr is is tolerant tolerant iff iff Tr Tr is is il rIl-consistent; l -consistent; ((b) b) Tr 1:1 -consistent. Tr is is cotolerant cotolerant iff iff Tr Tr is is El-consistent.
Just ILM, in Just as as in in the the case case of of ILM, in the the arithmetic arithmetic completeness completeness theorems theorems for for TOL TOL and essential refl exivity) of and TLR, T L R , the the requirement requirement of of superarithmeticity superarithmeticity ((essential reflexivity) of T T can can be be
The Logic of of Provability
531 531
weakened weakened to to nJ1 IE1 � c_ T T if if we we view view these these logics logics as as logics logics of of IT Hi-consistency rather than than l -consistency rather tolerance. tolerance. 15.8. 15.8. Truth T r u t h interpretability i n t e r p r e t a b i l i t y logics logics We want want to to fi finish our discussion discussion of of propositional propositional interpretability interpretability logics logics by by noting noting We nish our that the the closure closure under under modus modus ponens ponens of of the the set set of of theorems theorems of of ILM, or any any other other that ILM, or oA -+ of of the the logics logics mentioned mentioned in in this this section, section, supplemented supplemented with with the the axiom axiom []A --+ A A or or its its equivalent, equivalent, yields yields the the logic logic (in (in case case of of ILM I L M called called ILMW I L M ~)) that that describes describes all all true true principles expressible in in the just as this was principles expressible the corresponding corresponding modal modal language, language, just as this was shown shown to be be the the case case for for L L in section 3. The original sources usually usually contain contain proofs proofs of of both both to in section 3. The original sources versions of of the the arithmetic arithmetic completeness completeness theorems theorems for for these these logics. logics. versions Strannegs [1997] [1997] considers considers infinite infinite r.e. sets of of modal modal formulas formulas of of interpretability interpretability Strannegard Le. sets logic. theorem 5.3 for the logic. He He generalizes generalizes his his theorem 5.3 for the specific specific case case of of interpretability interpretability over over PA PA to the following following theorem. theorem. to the
Let e. set Let T T be be aa well-specified well-specified r. r.e. set of of formulas formulas of of interpretability interpretability logic. logic. Then Then T T is is realistic realistic iff iff it it is is consistent consistent with with ILMw I L M ~ ..
15.9. 15.9. Theorem. Theorem.
As iinn the the case case of of L (corollary 5.2), 5.2), a a stronger stronger version version of of this this theorem theorem implies implies as as As L (corollary corollary a a uniform uniform version version of of the arithmetic completeness completeness of of ILM I L M with with regard regard to to aa corollary the arithmetic P A. For let us first note the existence PA. For aa further further consequence, consequence, let us first note that that the existence of of Grey-sentences Orey-sentences in .A are in PA, PA, i.e., i.e., arithmetic arithmetic sentences sentences A A such such that that both both PA PA + + A A and and PA PA + +-~A are interpretable interpretable in in PA P A (first (first obtained obtained by by Orey Orey [1961]), [1961]), follows follows immediately immediately from from the the arithmetic arithmetic completeness completeness of of ILM I L M with with regard regard to to PA. PA. In In Strannegard Strannegs ' s terminology terminology c> .p} is this this can can be be phrased phrased as: as: Orey Orey [1961] [1961] showed showed that that the the set set {{T T bc>pp,, T Tb-~p} is realistic. realistic. Orey Orey continued continued by by asking asking what what similar similar sets sets (such (such as as {{T T bc>pp,, T T bC>qq, , T T bC>- ~.(p ( p A1\qq)), , ) , .(T q) } ) are realistic. Let --(T C> b .p) -~p),, .(T -~(T C> b .q -~q), -~(T C> bP p 1\ A q)}) are realistic. Let an an Grey Orey set set be be a a set set of of modal modal .(T C> C) Boolean formulas. formulas formulas of of the the form form (.)(B (-~)(Bb C),, where where B B and and C C are are Boolean formulas. Strannegard Strannegs 's question. can then give can then give the the following following answer answer to to Orey Orey's question.
15.10. 15.10. Theorem. Theorem.
with ILM I L M w~ .. with
Let e. Grey Let T T be be an an r. r.e. Orey set. set. Then Then T T is is realistic realistic iff iff it it is is consistent consistent
1 6 . Predicate provability logics 16. Predicate provability logics
16.1. 16.1. The T h e predicate p r e d i c a t e modal m o d a l language l a n g u a g e and a n d its its arithmetic a r i t h m e t i c interpretation interpretation
The rst order The language language of of predicate predicate provability provability logic logic is is that that of of fi first order logic logic (without (without identity identity or or function function symbols) symbols) together together with with the the operator operator o O.. We We assume assume that that this this language language uses uses the the same same individual individual variables variables as as the the arithmetic arithmetic language. language. Throughout Throughout this this section section T T denotes denotes a a sound sound theory theory in in the the language language of of arithmetic arithmetic containing containing PA. PA. We We also also assume assume that that T T satisfies satisfies the the Lob Lhb derivability derivability conditions. conditions.
532 532
G. Japaridze and D. de Jongh
As the previous want to regard each .., P As in in the previous sections, sections, we we want to regard each modal modal formula formula A(PI A(P1,, ...., Pn) n) as , Pn ) by substitution of as aa schema schema of of arithmetic arithmetic formulas formulas arising arising from from A(PI A(P1,, ... ...,Pn) by substitution of arithmetic the predicate predicate letters letters PI> arithmetic predicates predicates P{, P{, ... ...,, P; P,~ for for the P1, ... ...,, P P,n and and replacing replacing D [::l by by Pr PrT(). However, some some caution caution is is necessary necessary when when we we try try to to make make this this approach approach T O . However, ers that precise. In precise. In particular, particular, we we need need to to forbid forbid for for Pt P* to to contain contain quantifi quantifiers that bind bind variables variables occurring occurring in in A. A. 16.2. Definition. Definition. A realization realization for for aa predicate predicate modal modal formula formula A A is is aa function function ** 16.2. A which arithmetic formula (VI , . . . , vv,), which assigns assigns to to each each predicate predicate symbol symbol P P of of A A an an arithmetic formula P* P*(Vl,..., n) , whose whose bound bound variables variables do do not not occur occur in in A A and and whose whose free free variables variables are are just just the the first first variables of of the the alphabetical alphabetical list list of of the the variables variables of of the the arithmetic arithmetic language language if if n n is is nn variables the P. For A, we ne A* the arity arity of of P. For any any realization realization ** for for A, we defi define A* by by the the following following induction induction on on the the complexity complexity of of A: A" •9 in " " , xx,n)))* (XI ' . . . ,,xn), xn ) , in the the atomic atomic cases, cases, (P(XI, (P(Xl,... ) * == P* P*(Xl,... •
ers and 9 ** commutes commutes with with quantifi quantifiers and Boolean Boolean connectives: connectives: (VxB)* C)* = (VxB)* = = Vx(B*) Vx(B*),, (B (B -+ -+ C)* = B* ~ C* C*,, etc., etc., B* -+
•
DB)* = 9 ((KIB)* = Pr PrT[B*]. T [B* ] .
For notation "[]" For an an explanation explanation of of the the notation "[]" see see notation notation 12.2. 12.2. Observe Observe from from this this that that A* A* always always contains contains the the same same free free variables variables as as A. A. We We say say that that an an arithmetic arithmetic formula formula 'P A, if ~o is is aa realizational realizational instance instance of of aa predicate predicate modal modal formula formula A, if 'P ~o= = A* A* for for some some realization realization ** for for A. A. The The main main task task is is to to investigate investigate the the set set of of predicate predicate modal modal formulas formulas which which express express valid valid principles principles of of provability, provability, i.e., i.e., all all of of whose whose realizational realizational instances instances are are provable, provable, or or true true in in the the standard standard model. model. 16.3. 16.3. The T h e situation s i t u a t i o n here here is is not not as as smooth s m o o t h as as in in the t h e propositional p r o p o s i t i o n a l case, case, .. ... .
Having Having been been encouraged encouraged by by the the impressive impressive theorems theorems of of Solovay Solovay on on the the decidability decidability of logic, one of propositional propositional provability provability logic, one might might expect expect that that the the valid valid principles principles captured captured by decidability is by the the predicate predicate modal modal language language are are also also axiomatizable axiomatizable ((decidability is ruled ruled out out of of course). course). However, However, the the situation situation here here is is not not as as smooth smooth as as in in the the propositional propositional case. case. The The first first doubts doubts about about this this were were raised raised by by Montagna Montagna [1984J. [1984]. In In fact, fact, it it turned turned out out afterwards afterwards that that we we have have very very strong strong negative negative results, results, one one of of which which is is the the following following theorem theorem on on nonarithmeticity nonarithmeticity of of truth truth predicate predicate logics logics of of provability. provability. 16.4. ((Artiimov Artemov [1985a Suppose T 16.4. Theorem. Theorem. [1985a]) T is is recursively recursively enumerable. enumerable. Then Then J) Suppose (Jor the provability predicate PrT) PrT ) the set Tr predicate modal (/or any any choice choice of o/the provability predicate the set Tr of o/predicate modal formulas formulas all of whose realizational instances are not arithmetic. all o/whose realizational instances are true, true, is is not arithmetic.
It It was was later later shown shown by by Vardanyan Vardanyan [1986], [1986], and and also also by by Boolos Boolos and and McGee McGee [1987] [1987] that that Tr Tr is is in in fact fact Il Hi-complete in the the truth truth set set of of arithmetic. arithmetic. l -complete in
The Logic of o.f Provability
533 533
Proof 16.4. We P r o o f of of theorem t h e o r e m 16.4. We assume assume here here that that the the arithmetic arithmetic language language contains contains one two-place two-place predicate predicate letter letter E E and and two three-place predicate predicate letters letters A A and and M M,, one two three-place and and does does not not contain contain any any other other predicate, predicate, functional functional or or individual individual letters. letters. Thus, Thus, this language language is is a a fragment fragment of of our our predicate predicate modal modal language. language. In In the the standard standard model model this E(x, y) y),, A(x, A(x, y, z) and and M(x, M(x, y, z) are are interpreted interpreted as as the the predicates predicates x x= : y y,, x x+ + y y= : zz E(x, y, z) y, z) and z, respectively. and x x x x y y= : z, respectively. One One variant variant of of a a well-known well-known theorem theorem of of Tennenbaum Tennenbaum (see (see e.g., e.g., Chapter Chapter 29 29 of of Boolos and Jeffrey Jeffrey [1989]) [1989]) asserts asserts the the existence existence of of an an arithmetic sentence f3 /3 such such Boolos and arithmetic sentence that: that: (1) f3 19 is is true true (("true" here always always means means "true "true in in the the standard standard model" model"),), "true" here (1) (2) any any model model of of/3, with domain domain w co,, E E interpreted interpreted as as the the identity identity relation, relation, f3, with (2) and and A A and and M M as as recursive recursive predicates, predicates, is is isomorphic isomorphic to to the the standard standard model. model.
We We assume assume that that f3 ~9 conjunctively conjunctively contains contains the the axioms axioms of of Robinson's Robinson's arithmetic arithmetic Q, Q, including the the identity identity axioms. axioms. Therefore, Therefore, using using standard standard factorization, factorization, we we can can pass pass including from any any model model D D of of/9f3 with with domain co and and such such that E, A A and and M M are are interpreted interpreted from domain w that E, as recursive recursive predicates, predicates, to to a a model model D' D' which which satisfies satisfies the the conditions conditions of of (2) and which which as (2) and (2) can is is elementarily elementarily equivalent equivalent to to D D.. Thus, Thus, (2) can be be changed changed to to the the following: following:
f3, with E, A (2') (2') any any model model D D of of ~, with domain domain w co and and E, A and and M M interpreted interpreted as as recursive recursive predicates, predicates, is is elementarily elementarily equivalent equivalent to to the the standard standard model model (i.e., ). (i.e., D D 1= b , -), iff iff , -y is is true, true, for for all all sentences sentences , "),). Let Let C C be be the the formula formula
y) Vv D..., E(x, y)) y)) 1\ ^ \:Iwx,, yy ( DE(x, y) y, z)) z)) 1\A (oA(x, y, z) V v D.. [3-,., A(x, A(x, y, x, y, y, zz (DA(x, y, z) \:IVx, (OM(x, y, z) V v D a ~..., M(x, M(x, y, y, z)) z)).. x, y, y, zz (DM(x, y, z) \:IVx, The The following following lemma lemma yields yields the the algorithmic algorithmic reducibility reducibility of of the the set set of of all all true true arithmetic arithmetic formulas theorem, is arithmetic) to formulas (which, (which, by by Tarski's Tarski's theorem, is non nonarithmetic) to the the set set Tr, Tr, and and this this proves proves the theorem. the theorem. 16.5. For 16.5. Lemma. Lemma. For any any arithmetic arithmetic formula formula cp ~o,, cp ~ is is true true if if and and only only if if every every realizational realizational instance instance of of f3 j9 1\ AC C -+ --+ cp ~o is is true. true. Proof. Suppose cp realization for 1\ C* Proof. � ----~ :: Suppose ~ is is true, true, ** is is a a realization for/9f3 1\ AC C --+ + cp ~ and and f3* jg*A C* is is
true. We that, since true. We want want to to show show that that cp* ~o* is is also also true. true. It It is is not not hard hard to to see see that, since T T is is consistent consistent and and recursively recursively enumerable enumerable (this (this condition condition is is essential!), essential!), the the truth truth of of C* C* means means that that the the relations relations defined defined on on w co in in the the standard standard model model by by the the formulas formulas E* E*,, domain w that, for A* A* and and M* M* are are recursive. recursive. Let Let us us define define a a model model D D with with domain co such such that, for all all k, m, m, nn E~ w, co, k, D true, D 1= b E(k, E(k, m) m) iff iff E*(k, E*(k, m) m) is is true, D m, n) n) iff n) is true, D 1= b A(k, A(k, m, iff A*(k, A*(k, m, m, n) is true, D m,, nn)) is D 1= b M(k, M ( k , mm,, nn) ) iff iff M* M * ((k, k,m is true. true.
534 534
G. G. Japaridze Japaridze and D. de Jongh
Observe that that for which the the realization Observe for every every arithmetic arithmetic formula formula 'Y 7 (for (for which realization '* is is legal) legal),, we we have particular D f3, and es the have D D F= ~ 'Y 7 iff iff 'Y 7"' is is true. true. In In particular D F= ~ #, and thus thus D D satisfi satisfies the conditions conditions of of (2'), i.e., i.e., D D is is elementarily elementarily equivalent equivalent to to the the standard standard model, model, whence (as tp ~ is is true) true) (2'), whence (as D D F= ~ tp ~,, whence whence tp ~*' is is true. true. � : Suppose tp is Let r Suppose ~ is false. false. Let '* be be the the trivial trivial realization, realization, i.e., i.e., such such that that E*(x, E(x, V) y),, A' A*(x, z),, M' M*(x, = M(x, M(x, y, z) z).. Then Then f3' #* = = f3, #, E' (x, y) y) == E(x, (x, y, z) z) == A(x, A(x, y, z) (x, y, z) = ' = tp ~a* = tp ~a and and therefore therefore it it suffices suffices to to show show that that f3 #A A C' C* -+ --+ tp ~ is is false, false, i.e., i.e., that that f3 #A A C' C* is true by (1), and y, is true. true. But But f3 # is is true by (1), and from from the the decidability decidability in in T T of of the the relations relations x x -= y, -1 xx + + y= = z and and x x xy= = zz,, it it follows follows that that C' C* is is also also true. true. Formalizing Formalizing in in arithmetic arithmetic the the idea idea employed employed in in the the above above proof, proof, Vardanyan Vardanyan [1986] [1986] also proved proved that that if if T T is is recursively recursively enumerable, enumerable, then then the the set set of of predicate predicate modal modal also formulas formulas whose whose realizational realizational instances instances are are provable provable in in T T (or (or in in PA) PA) is is not not recursively recursively enumerable and -complete. enumerable and is is in in fact fact II II2-complete. 2 There There is is one one perhaps perhaps even even more more unpleasant unpleasant result result which which should should also also be be mentioned mentioned here. T, the here. For For recursively recursively enumerable enumerable T, the answer answer to to the the question question whether whether aa predicate predicate modal formula expresses expresses aa valid valid provability provability principle, principle, turns turns out out to to be be dependent dependent modal formula on is, on on the the choice choice of of the the formula formula Pr PrT, that is, on the the concrete concrete way way of of formalization formalization of of T , that code of xed the predicate the predicate "x "x is is the the code of an an axiom axiom of of T" T",, even even if if aa set set of of axioms axioms is is fi fixed 's theorems (Artemov Note that (Art~mov [1986]). [1986]). Note that the the proofs proofs of of Solovay Solovay's theorems for for propositional propositional provability logic are provability logic are insensitive insensitive in in this this respect respect and and actually actually the the only only requirement requirement is is that the the three three L6b-conditions Lob-conditions must that must be be satisfied. satisfied. 16.6. still not 1 6 . 6 . . ... . . but b u t still not completely c o m p l e t e l y desperate desperate
Against Against this this gloomy gloomy background background one one still still can can succeed succeed in in obtaining obtaining positive positive results results in in two two directions. directions. Firstly, Firstly, although although the the predicate predicate logic logic of of provability provability in in full full generality generality is axiomatizable, some is not not (recursively) (recursively) axiomatizable, some natural natural fragments fragments of of it it can can be be so so and and may may be the choice the formula be stable stable with with respect respect to to the choice of of the formula Pr PrT. T. And And secondly, secondly, all all the the above-mentioned above-mentioned negative negative facts facts exclusively exclusively concern concern recur recursively theories, and sively enumerable enumerable theories, and the the proofs proofs hopelessly hopelessly fail fail as as soon soon as as this this condition condition is is removed. removed. There There are are however however many many examples examples of of interesting interesting and and natural natural theories theories which which are are not not recursively recursively enumerable enumerable (e.g. (e.g.,, the the theories theories induced induced by by w-provability w-provability or or the other strong strong concepts concepts of provability mentioned the other of provability mentioned in in section section 8) 8),, and and it it well well might might be be that that the the situation situation with with their their predicate predicate provability provability logics logics is is as as nice nice as as in in the the propositional propositional case. case. The The main main positive positive result result we we are are going going to to consider consider is is the the following: following: the the "arith "arith's theorems, metic metic part" part" of of Solovay Solovay's theorems, according according to to which which the the existence existence of of aa Kripke Kripke countermodel (with countermodel (with a a transitive transitive and and converse converse well-founded well-founded accessibility accessibility relation) relation) implies arithmetic nonvalidity formula, can implies arithmetic nonvalidity of of the the formula, can be be extended extended to to the the predicate predicate level. level. This This gives gives us us aa method method of of establishing establishing nonvalidity nonvalidity for for a a quite quite considerable considerable class class of of predicate modal formulas. predicate modal formulas.
The Logic Logic of o/Provability The Provability
535 535
16.7. Kripke-models K r i p k e - m o d e l s for for the t h e predicate p r e d i c a t e modal m o d a l language language 16.7.
A A Kripke-frame Kripke-ffame for for the the predicate predicate modal modal language language is is aa system system M=(W,R,{Dw}~ew), where (W, (W, R) R) is is aa Kripke-frame Kripke-frame in in the the sense sense of of section section 2, 2, {{D~}wew are nonempty nonempty where DW } WEW are sets (("domains of individuals" individuals")) indexed indexed by by elements elements of of W W such such that that if if w wR R uu,, then then sets "domains of Dw Du,, and and aa Kripke-model Kripke-model is is aa Kripke-frame Kripke-frame together together with with aa forcing forcing relation relation IIIF,, D w �g Du which is is now now aa relation relation between between worlds worlds w w E9W W and and closed closed formulas formulas with with parameters parameters which in Dw D~;; for for the the Boolean Boolean connectives connectives and and D El,, IIIF behaves behaves as as described described in in section section 2, 2, and and in we have have only only the the following following additional additional condition condition for for the the universal universal quantifi quantifier: we er: •
9w w II-VxA(x) IhVxA(x) iff iff w w IIhA(a) for all all aa E9Dw D~,, I- A(a) for
and a a similar one for for the the existential existential quantifier. quantifier. A A formula formula is is said said to to be be valid valid in in aa and similar one Kripke-model (W, (W, R, R, {D~}w~w, IF}, A is is forced forced at at every every world world W w E9W W.. Such Such a a if A Kripke-model {Dw } WE W , 11) , if model is said said to to be be finite finite if if W W as as well well as as all all Dw D~ are are finite finite.. . model is 16.8. The T h e predicate p r e d i c a t e version v e r s i o n of of Solovay's Solovay's theorems theorems 16.8. For every every predicate predicate modal modal formula formula A, let REFL( REFL(A) denote the the universal universal closure closure For A, let A ) denote of 1\ A {{DB ElB --+ --+ B B[ I [:]B SD},, where where Sb Sb is is the the set set of of the the subformulas subformulas of of A A.. of DB E9Sb}
(Artemov 1990]) . For (Art~mov and and Japaridze Japaridze [1987, [1987,1990]). For any any closed closed predicate predicate modal formula A, A, modal formula (a) if A is not with aa transitive converse (a) if A is not valid valid in in some some finite finite Kripke-model Kripke-model with transitive and and converse well-founded accessibility relation, relation, then exists aa realization realization *' for A such that well-founded accessibility then there there exists for A such that T Jz T V A*, A' , (b) if REFL A is is not not valid valid in in such such aa model, model, then there exists realization *' (b) if R E F L ((A) A ) ---+ + A then there exists aa realization for for AA such such that that A* A' is is false. false. 16.9. Theorem. Theorem. 16.9.
Proof. We We prove only clause (b) as as an exercise for for the the reader. Proof. prove here here only clause (a), (a), leaving leaving (b) an exercise reader. Some Some details in are in redundant if if we we want want to to prove prove only (a),, but are details in this this proof proof are in fact fact redundant only (a) but they they are of assistance in in passing of assistance passing to to aa proof proof of of (b). (b). w, IF) model with with the above-mentioned prop Assume that (W, R, R, {Dw}w Assume that (W, {Dw}w E9 w, is aa model the above-mentioned prop1 1- ) is erties A isis not not valid. valid. As As before, before, without without loss loss of of generality generality we we may may suppose suppose erties in in which which A that 1 , .. .. .., ,l }I}, , 11 is We suppose is the the root root and and 1JFA. 1 � A. We suppose also also that that DwC_w Dw � w and and that W W== {{I, 0o E9 Dw Dw for for each each w w E9 W. W. Let Let us us define define aa model model (W', (W', R', R', {D~}~ew,, {D�}wE WI , IF'} II- ' ) by by setting setting •
W' {O} , 9 w ' : w=u W U {0},
• 9 •
R R'' ==R
R uU {(O, w) l w E W} ,
9 D~ D� -= D1 D l and, Dw , and, for for all all w w E9W, W, D~ D� -= D~,
any atomic atomic formula formula P, P, 00 IF'P II- ' P iff iff 11 IFP 1 1- P and, and, ifif w w E9 W, W, w w IF'P il- ' P iff 9 for for any iff w w IFP. II- P.
•
G. G. Japaridze and D. de Jongh
536 536
We accept the the definitions the Solovay the sentences Limw from We accept definitions of of the Solovay function function hh and and the sentences Lim~ from section the only only additional step is the following: section 33 without without any any changes; changes; the additional step is the following: For {Dw IIxx E9W For each each aa from from D D= - U{Dw W}} we we define define an an arithmetic arithmetic formula formula 'Y %(x) with a (x) with only only x x free free by by setting setting
U
'Y%(x) = V V {f3t 3t � ~<xx(( hh(t) ( t ) ==hh(x) (x) = = wWAA- -, ~ 3::Iz z < < tt(h(z) ( h ( z ) ==ww) ) AAx X = t= t + + aa)) l Iaa 9E Dw}. a (x) = Thus, Thus, using using the the jargon jargon from from section section 14, 14, 'Y %(x) says that that we we have have reached reached some some world world a (x) says such such that that aa E9Dw D~,, at at the the moment moment x x we we are are still still at at w w,, and and exactly exactly aa moments moments have have passed since we we moved moved to to this (we assume the first first "move" "move",, to to the the world passed since this world world (we assume that that the world 0, happened happened at at the the initial initial moment 0). We We define define the predicates 'Y ~,� by by 0, moment 0). the predicates
W w
and for each each 00 # # aa E9D, D, 'Y�(x) 7~(x) = = 'Y %(x), •9 for a (x) , and •9 'Yb(x) D\ {r(ax(x) ~,~)(x) = = '%(x) V{% ) I] a a E9 D \ { {O}}. 0}}. YO (x) Vv - V -,
(It is is easy easy to to check check that that the left disjunct disjunct of of 'Yb 7~(x) is redundant; redundant; it it implies implies the the right right (x) is (It the left disjunct.) Since we employ employ the the same same Solovay Solovay function function hh as as in in section 3.2 disjunct.) Since we section 3, 3, lemma lemma 3.2 continues continues to to hold. hold. In In addition, addition, we we need need the the following following lemma: lemma:
16.10. 16.10. Lemma. Lemma. T (i) (i) T fF -, --1(r�(x) (')'~(x) A A 'Y�(x)) "y~(x)) for for all all aa # # b, (ii) T (ii) T fF Limw Limw � --+ 1\ {::Ix 'Y�(x) I a Ee Dw} Dw} for for all all W w E9W', W',
(iii) (iii)
V
T T fF Limw Lim~ � --+ 'v'x( v x ( V {'Y�(x) {7,~(x) I] a a E9Dw}) D~}) for for all all W w E9 W' W'. .
Proof. (i) Proof. (i):: The The formulas formulas 'Y %(x) and 'Yb(X) %(x) for for aa # =/-b are are defined defined so so that that each each disjunct disjunct a (x) and of (x) , of 'Y %(x) is inconsistent inconsistent with with each each disjunct disjunct of of 'Yb(X) %(x).. And And the the right right disjunct disjunct of of 'Yb ")'~(x), a (x) is by by definition, definition, is is inconsistent inconsistent with with each each 'Y %(x), ~ O. 0. a (x) , aa # (ii) T+ (ii):: Suppose Suppose aa E9Dw D~ and and argue argue in in T + Limw Lim~.' Since Since W w is is the the limit limit of of h h,, there there is in w is aa moment moment tt at at which which we we arrive arrive in w,, and and stay stay there there for for ever ever (more (more formally: formally: ::Iy < we a) we have have -, --13y < tt (h(y) (h(y) = = w) w) and and 'v'y Vy � >1tt (h(y) (h(y) = - w)). w)). Then, Then, by by definition, definition, �/ %(t + a) a (t + holds, holds, whence holds, whence whence 'Y�(t 7'~(t + + a) a) holds, whence ::Ix 3x 'Y�(x) -),~(x).. And And so so for for each each aa E9Dw Dw.. (iii): x. We (iii): Argue Argue in in T T+ + Limw Lim~.. Consider Consider an an arbitrary arbitrary number number x. We must must show show that that 'Y�(x) Dw ' The definition of that, either 7~(x) holds holds for for some some a a E9Dw. The definition of h h implies implies that, either h(x)R' h(x)R' w w,, or or h(x) w; in both cases h(x) = = w; in both cases we we then then have have Dh Dh(,) c_ Dw D~.' Let Let tt be be the the least least number number such such ( x) � that h(x) , and t. By (and thus that h(t) h(t) = = h(x), and let let aa = = x x- t. By definition, definition, if if aa E9Dh Dh(,) thus a a E9Dw D~),) , (x) (and then then 'Y %(x) holds, whence whence 'Y�(x) 7~(x) holds holds and and we we are are done; done; and and if if aarrt Dh Dh(,), then (the (the (x) , then a (x) holds, .,-t right right disjunct disjunct of) of) 'Yb(x) "y~)(x) holds holds and and we we are are also also done, done, because because 00 E9Dw Dw.'
We P, let We now now define define aa realization realization '*.. For For each each n-place n-place predicate predicate letter letter P, let P' P* be be V{Lim~,A'y'~,(vl) A ... A'y'~.(v,)I~,,
9 ,~eD~,
wll-'P(ax,...,an)}.
537 537
The The Logic Logic of of Provability Provability
Let Let B B be be aa predicate predicate modal modal formula formula with with precisely precisely Xl x t ,, .. ... . ,,xn free. Xn free. Then, Then, for for each each w w E9lV W and and for for all all aI, al, .. .. .. ,, an an Ee Dw Dw,, . . /\A'Y�J xn) --+ (a) (a) if if w w lfI F' (B(al, ' ( B ( a l ,·. .. .·, , an) an),, then then T T f-~- Lim Lim~ (Xl) /\A .... "y~ (xn) --+ B B*; w /\A'Y~/~1 �l (xd *; --+ -,-- B f- Limw (xI) /\ ..... . /\A%Jxn) (b) if i f ww~W'(B(al, ' ( B ( a l , . . .., .a.n,)an) , , then then T TFLim~ /\A%l 3,~1(Xl)A 3'~(xn)--+ B*. (b) *. Proof. Proof. We We proceed proceed by by induction induction on on the the complexity complexity of of B. B. Suppose Suppose B(XI, B ( X l , .. .. .., ,xxn) n) is 'Y�1 (xd is one of the (xn) is atomic. atomic. If If w w If-' IF' B(al B ( a t ,'. .. .. ,. , an) an),, then then Lim Lim~ (xl) /\A .. ... . /\A 'Y 3'~ (xn) is one of the w /\A')"~I �n disjuncts an), then disjuncts of of B B** and and the the desired desired result result is is obvious. obvious. If If w w W' ~ ' B(al B ( a l ,, .. ... . ,,an), then that that formula formula is is not not aa dis disjunct of B B** and, and, according according to to lemma lemma 3.2(b) 3.2(5) and and 16.10(i), 16.10(i), it it implies implies j unct of in T T the the negations negations of of all all the the disjuncts disjuncts of of B B*. in *. Next Next suppose suppose that that B(XI B ( x t , ,. .. .., . , xn) Xn) is is Vy Vy C(y, C(y, Xl X l ,, .. ... ., , Xn) Xn).. If I f- Vy C(y, f- C(b, If W wIFVy C ( y , aa~l ,, ... .. ,. a, nan), ) , then then w w IIF C(b, aa ll ,, .. ... ,. a, an) n ) for for all all bb E9Dw D~.. Then, Then, by by the the induction hypothesis, hypothesis, for for all all bb Ee D D~, induction w, T T fF Limw LimwA'TIb(Y) (V(y, Xl, z l , . ·. .· ,·x,nxn))*. ) ) *. 'Y�n (xn) --+ (C(y, /\ 'Y�(Y) /\Aq/al(Xl) 'Y�1 (xd /\A ..... . /\A")'la,,,(xn)-+ 16.11. 16.11. Lemma. Lemma.
Therefore, Therefore,
I- Limw T fLim,,, /\ A (V b� (y) I bt, E Dw } ) /\ . . . , xn))*. T ^ 'Y�1 4, (Xl) (x,) /\^.... . . /\ 'Y�JXn) --+ (C(y, (c(,,, Xl, x,,...,
Note that that there there is is no no free free occurrence occurrence of of yy in in either either Limw Lim~ or or 'Y�1 711(xd (Xl) /\ A ... .. . /\ A 'Y�JXn 7~, (xn). Note ). Universal quantification quantification over over yy gives gives Universal
T 'Y�JXn) --+ 'Y�1 (Xl) /\ ..... . /\h 7'~(xn) T i -f-LLimw i m ~ n V/\YVy [ V (V { 7 ' bb� ( y )(y) Il bb eEDDw ~ } } )) /\ AT'~i(Xl)h --~ Vy(C(y, Xn))*. Vy(C(y, x i , , .. .. .. ,,Xn))*. Xl / H
\
(V b� (y) IJbeD,,,} b E Dw} )I VY(V{',/~(y)
the conjunct By By lemma lemma 16.10(iii) 16.10(iii),, we we can can eliminate eliminate the conjunct Vy antecedent of and conclude that antecedent of the the above above formula formula and conclude that
% - -
/
iinn the the
T fF-Lim~ A'y'a,(xl)A l , . .. .., .X, nXn))*. ))*. T Limw /\ /\ 'Y�JXn) --+ Vy (C(y, xXl, 'Y�1 (Xl) /\ ..... . A~/'~(Xn)--+Vy(C(y,
then there the other hand wwW If If on on the other hand ~ Vy V y CC(y, ( y , aal, l , ... .. ,. a, nan) ) , , then there is is bb eEDDw ~ such such that that w WC(b, an). By By the the induction induction hypothesis, hypothesis, w ~C(b, a!, a l , ... .. ,. , an).
(C(y, xl, , xn))*. Limw A/\ g/~(y) . . . A/\ 'Y�JXn) (Xl) A/\ ... TT i-f- Lim~ g/~ (xn) "-+-" Xl , .. .. .. ,Xn))*. --+ -, (C(y, 'Y�1 (Xl) 'Y�(Y ) A/\ T'~I contains yy free, /\ 'Y�n (xn) contains Again, neither neither Lim~ Limw nor nor 3'Y�1 free, and and existential existential Again, ' ~ (Xl) ( X l ) /\ A ... .. . A3'~(xn) quantification over yy gives gives quantification over
, xn))*. . . . A'/a~ --+ 3:3yy --,' ( (CC(y, f- Lim~ Limw A/\ gY'Y~(Y) :3y 'Y� ( Y) A/\ T'a, Xl, .. .. .. ,xn))*. TT F(xn) --+ ( y , xl, 'Y�1 (Xl) (Xl) A/\ ... /\ 'Y�JXn) According to to lemma lemma 16.10(ii), 16.1O(ii), TT t-f- Lim~ Limw --+ Therefore, According :3y 7~(y). --+ 9y 'Y� ( Y ) . Therefore, . . . A/\T'Y�n T ' ~ ((Xn) X n ) ---+ ~ - -, ' ( V(Vy y CC(y, ( y , xXll ,,. . . , x,nxn))*. ))*. T F-Lim~ f- Limw A3"~l(Xl)A /\ 'Y�1 (Xl) /\ ... . . •
Finally, suppose suppose that that BB is is rqC. DC. IfIf ww llf-F DC(a then for for each each uu such such that that Finally, D C ( a ll,,. .. .. ,.a,nan), ) , then and, by by the the induction induction hypothesis, hypothesis, we have have uu IIf-FC(al an ) and, wR'u, we wR'u, C ( a l ,, .. ... ,. , an) T F-Limu AT~,I(X,)A ... Ag/a,,(x,)-+ (C(Xl,...,Xn)) *.
G. G. Japaridze Japaridze and and D. D. de de Jongh Jongh
538 538 Therefore, Therefore,
T F ( V{Lim~
I wR'u}) A 3,' (Xl)A...A
3/~. (x,)--~
(C(xl,..., xn))*,
and, by by the the first first two two Lob Lhb conditions, conditions, and,
T F PrT[( V{Lim~, IwR'u}) A ")lal(Xl)A ... A g/'a,(Xn)]-+ (E]C(Xl, . . .,Xn))*. Observe that that the the formulas formulas l%(x) are primitive primitive recursive recursive and and we we have have that that Observe a (X) are T lF, %(x) --+ PrTb PrT[%(x)]; together with with lemma lemma 3.2(d) 3.2(d) this this means means that that T a (X) -+ a (x)] ; together
T I-F Limw Lim~ /\A I�' "Y~I(Xl (Xl)) /\A ... .. . /\A I� ")'~. (x.) -+ --~ T n (Xn) im PrT[(( V V{Lim~ wR'u})A "y'a,(Xl) (Xl) /\A . . 9. /\A9 I�JXn)] 3''~.(x,)].. {L u II wR'u} PrT[ ) /\ I�,
, . . . , Xn))* . Thus, we we get get T T FI- Limw Lim~A/\ I� '~lal(Xl '~la.(Xn)~ ([-]C(Xl,...,Xn))*. Thus, n (Xn ) -+ (oC(XI ' (Xl)) /\A .. ... . /\A I� If W: OC(aI , . . . , an), then If w wP~[:lC(al,...,a,), then there there is is u u such such that that wR' w R ' uu and and uu ~W: C(al C ( a l ,, .. ... ., a, an). , ) . By By the induction induction hypothesis, hypothesis, the T F Lim, A')/~i(Xl)A ... A ' ) / ~ . ( x , ) ~ - , ( C ( x l , . . . , x , ) ) * . Therefore, Therefore,
T F ( C ( X l , . . . , x n ) ) * -~-, (Limu A'y'a,(Xl)A ... AqI~, (x,)),
'Y�JXn))] , · · . , xn)) T FI- PrT[(C(xl PrT[(C(xl,..., x,))']* ] -+ ~ PrT[--(Lim, (Xl)A... (x,))],, PrT["" (Limu /\A-Y',l /�, (Xl) /\ . . . /\A 7'a. T . . . A/\ T'.. 'Y�JXn))] (OC(XI , .. .. .. ,,x.))*. Xn)) * . TT F1- -..., PrT[(x.))I -+ ~ - "" (E]C(xl, 'Y�, (Xl) (Xl) A/\ ... PrT["" (Lim, (Limu A/\ g/,, On the other On the other hand, hand, we we have have
(Xn)] --+ -+ 'Y�n (Xn)] (Xl) A/\ . .. .. . A/\ ")/a. T PrTb�, (Xl) T FI- -..., PrT[PrT["" Lim~] Limu] A/\ PrT[')'lal (Xl) A1\ . . . A~la.(Xn))] -,PrT[-(Lim~, /\ 'Y�JXn ))] ..., PrT["" (Limu A/\ T~x 'Y�, (Xl) .
.
.
Oq --+ -+ (}(p (this is realizational instance instance of the principle principle ()p () (p A which is provable (this is aa realizational of the (}p A q) which is provable /\ E]q /\ q) in ) . According we have According to to lemma lemma 3.2(c), 3.2(c) , and and since since TT FI- ")'~(x) 'Y�(x) --~ -+ PrT[7~(x)], PrTb�(x)] , we have in gK). (Xn) --+ -+ TT FI- Limw 'Y�n (x.) (Xl) A/\ . .. .. . A/\ "y~. Limw A/\ "7~, I�, (x,) (Xn)] . . . . A/\ ~'~. ) I�n (x,)]. ] -, PrT[-, Lim~] A PrT[~/al (x,) A . . . /\ PrTb�, (Xl ..., PrT["" Limu /\ Therefore, T F Limw h 7'hi (Xl) A . . .
A 'Tlar,(Xn)--~ ~ ( [ - ] C ( X l , . . .
,Xn))*.
To finish finish the the proof proof of of theorem theorem 16.9: 16.9: since since A A isis closed closed and and l~ZA, 1 w: A, we we have have by by To lemma 16.11, 16.11, TT FI- Liml Liml ~-+ ~..., A*. A* . By By lemma lemma 3.2(f), 3.2(f) , Liml Liml isis consistent consistent with with T, T, and and lemma consequently -~ -I consequently TT ~J.l A*. A' .
The Logic Logic of ofProvability Provability The
539 539
16.12. FFurther 16.12. u r t h e r ppositive o s i t i v e rresults esults
One of of the the applications applications of of theorem theorem 16.9 16.9 isis the the following. following. Consider Consider the the fragment fragment One of our predicate predicate modal modal language language which which arises arises by by restricting restricting the the set set of of variables variables to to of our x. In In this this case, case, without without loss loss of of generality, generality, we we may may assume assume that that one single single variable variable x. one every predicate predicate letter letter isis one-place. one-place. Since Since the the variable variable xx isis fixed, fixed, itit isis convenient convenient to to every omit itit in in the the expressions expressions Vx, Vx, P(x), P(x) , Q Q(x) and simply simply write write V, V, p, p, q,q, . . ... . In In fact, fact, omit ( x ) ,, . .. .. . and and V. V. we then then have have aa bimodal bimodal propositional propositional language language with with the the modal modal operators operators []D and we The The modal modal logic logic Lq, Lq, introduced introduced by by Esakia Esakia [1988], [1988], isis axiomatized axiomatized by by the the following following schemata: schemata: . .
1 . all all propositional propositional tautologies tautologies in in the the bimodal bimodal language, language, 1.
2 . the the axioms axioms of of LL for for [3, D, 2. 33.. the the axioms axioms of of $5 S5 for for V, V, i.e., i.e., •
� B) B) --+ � (VA � VB), 9V V (A (A --+ (VA --+ VB),
•
VA � A, 9 VA--+A,
•
A (3 (3 abbreviates abbreviates -~, V-, ), 9 3A 3A � ~ V V 33 A V-~ ),
44.. D VA []V A -� + VV[ DA, ]A, together ponens, A/ together with with the the rules rules modus modus ponens, A~ DA [3A and and A/VA. A/VA. For For this this logic logic (the (the language language of which is predicate modal modal language) the of which is understood understood as as aa fragment fragment of of the the predicate language) we we have have the following modal completeness completeness theorem: following modal theorem:
- Lq A f~-Lq A iff iff A A is is valid valid in in all all finite finite predicate predicate Kripke-models Kripke-models with with aa transitive transitive and and converse converse well-founded well-founded accessibility accessibility relation relation.. 16.13. 16.13. Theorem. Theorem.
(Japaridze (Japaridze [1988a,1990a]) [1988a,1990a]) For For any any Lq-formula Lq-formula A, A,
In In view view of of the the evident evident arithmetic arithmetic soundness soundness of of Lq, Lq, this this modal modal completeness completeness theorem theorem together together with with the the above above predicate predicate version version of of Solovay's Solovay's first first theorem theorem implies implies the the arithmetic arithmetic completeness completeness of of Lq: Lq: 16.14. For any any Lq-formula Lq-formula A, A, f-Lq F-LqA A iff iff every every realizational realizational instance instance 16.14. Corollary. Corollary. For
of of A A is is provable provable in in T. T.
Japaridze Japaridze [1988a,1990a] [1988a,1990a] also also introduced introduced the the bimodal bimodal version version Sq Sq of of SS and and proved proved that that f-Sq ~Sq A A iff iff every every realizational realizational instance instance of of A A is is true. true. The The axioms axioms of of Sq Sq are are all all A � A, theorems theorems of of Lq Lq plus plus D []A--+ A, and and the the rules rules of of inference inference are are Modus Modus Ponens Ponens and and A/VA. A/VA. Taking Taking into into account account that that we we deal deal with with aa predicate predicate language, language, the the requirement requirement of of finiteness finiteness of of the the models models in in theorem theorem 16.9 16.9 is is aa very very undesirable undesirable restriction restriction however. however. In In Japaridze Japaridze [1990a] [1990a] aa stronger stronger variant variant of of this this theorem theorem was was given given with with the the condition condition of of finiteness finiteness replaced replaced by by aa weaker weaker one. one. What What we we need need instead instead of of finiteness, finiteness, is is roughly roughly the the following: following:
G. Japaridze and D. de Jongh G.
540 540
(1) The The relations relations W w eE W, W, w w RRuu, , aa eEDDw ~ must must be be binumerable binumerable in in T T (see (see defini defini(1) tion tion 12.1), 12.1), and and this this fact fact must must be be provable provable in in T. T. (2) (2) The The relation relation IfIF must must be be numerable numerable in in T T and and T T must must prove prove that that fact. fact. To To defined for be more be more precise, precise, IIIF need need not not be be defined for all all worlds worlds and and all all formulas, formulas, but but only only for which are falsify the for those those which are needed needed to to falsify the formula formula A A in in the the root root of of the the model model (i.e., (i.e., - ..., B - B nor in in some some cases cases we we may may have have neither neither w w IIlFB nor w w 11IF-~ B);) ; T T should should just just prove prove that that w II- B or or w II-C) , IF behaves behaves "properly" "properly",, e.g., e.g., w w lII-B b B ===} ==# w w ~].jL..., - ~ BB, , w w lII-B F B vVC C ===} ==~ ((wlFB wlFC), IIw lllF-..., - ~(B ( B vvCC) ) ===} ==~ (w (wlF-~B and w wlF-~C), w l h B and l l-..., C) , .. .. .. . . (3) T also also must must "prove" "prove" that that the the relation relation R R is is transitive transitive and and converse converse well well(3) T founded. course, well-foundedness founded. Of Of course, well-foundedness is is not not expressible expressible in in the the first first order order language, language, and T T should should somehow somehow simulate simulate aa proof proof of of this this property property of of R. This is is the the case case if, if, R. This and e.g., e.g., T T proves proves the the scheme scheme of of R-induction R-induction for for the the elements elements of of W, W, i.e., i.e.,
T T f- Vw E W w (Vu ( wR u -Hp(U)) ---+ cp (w) ) ---+ -+ Vw v,, E W w cp(w). We want want to to end end this this section section by by mentioning mentioning one one last last positive positive result. result. Let Let QL QL be be the the We logic logic which which arises arises by by adding adding to to L L (written (written in in the the predicate predicate modal modal language) language) the the axioms axioms and and rules rules of of the the classical classical predicate predicate calculus. calculus. Similarly, Similarly, let let QS QS be be the the closure closure of S S with with respect respect to to classical classical predicate predicate logic. logic. of
(Japaridze 1991j). Suppose (Japaridze [1990a, [1990a,1991]). Suppose T T is is strong strong enough enough to to prove prove all true -sentences, and all true ITI Hi-sentences, and A A is is aa closed closed predicate predicate modal modal formula formula which which satisfies satisfies one one of of the the following following conditions: conditions: 16.15. 16.15. Theorem. Theorem.
(i) in the some occurrence A, or or (i) no no occurrence occurrence of of aa quantifier quantifier is is in the scope scope of of some occurrence of of 0 [] in in A, (ii) no some other (ii) no occurrence occurrence of of 0 • is is in in the the scope scope of of some other occurrence occurrence of of 0 [] in in A, A, or or (iii) A (iii) A has has the the form form O9n ..L ---+ ~ B. B.
Then Then we we have: have: (a) (a) fF QL qt. A A iff iff all all realizational realizational instances instances of of A A are are provable provable in in T, T, (b) (b) f-QS F qs A A iff iff all all realizational realizational instances instances of of A A are are true. true. (Of (b) is (ii) and (Of course, course, clause clause (b) is trivial trivial in in case case (iii).) (iii).) The The proof proof for for the the (ii) and (iii) (iii)fragments fragments in in Japaridze Japaridze [1990a] [1990a] is is based based on on the the above-mentioned above-mentioned strong strong variant variant of of the the 's theorems. 's theorems predicate predicate version version of of Solovay Solovay's theorems. Both Both Vardanyan's Vardanyan's and and Artemov Artiimov's theorems on (i) and on nonenumerability nonenumerability and and nonarithmeticity nonarithmeticity hold hold for for the the (i) and (ii)-fragments (ii)-fragments as as well, well, but 16.15. The but this this is is not not in in contradiction contradiction with with theorem theorem 16.15. The point point is is that that the the use use of of Tennenbaum in the only on Tennenbaum's' s theorem theorem in the proofs proofs of of these these negative negative results results is is possible possible only on assumption recursive enumerability T, whereas theory which assumption of of the the recursive enumerability of of T, whereas no no consistent consistent theory which proves recursively enumerable. there are proves all all the the true true IT IIl-sentences can be be recursively enumerable. Thus Thus there are no no I -sentences can immediate against the that QL immediate objections objections against the optimistic optimistic conjecture conjecture that QL and and QS QS are are complete complete for strong theories for such such strong theories without without any any restriction restriction on on the the language. language.
The Logic Logic of of Provability Provability
541 541
117. 7 . Acknowledgements Acknowledgements In the the first first place place we we are are very very grateful grateful to to Lev Lev Beklemishev Beklemishev for for providing providing us us with with In draft for the sections sections 6, and 8 8 in in a a near near perfect perfect state. state. He He also also gave gave extensive extensive aa draft for the 6, 77 and comments on other sections. Sergei Sergei Artemov Art~imov supported supported us us with with section section 10, 10, and and in in comments on other sections. answering some some questions questions for for us. us. Albert Albert Visser Visser was was very very helpful helpful with with comments comments answering and discussions, discussions, answering answering questions, and pointing out mistakes. Giovanni Sambin Sambin and questions, and pointing out mistakes. Giovanni provided valuable valuable comments. Claes Strannegard Strannegs shared his his expertise expertise with with us. us. Joost Joost provided comments. Claes shared Joosten, Rosalie Rosalie Iemhoff Iemhoff and and Eva Eva Hoogland Hoogland found found quite quite a a number number of of inaccuracies inaccuracies Joosten, in stood by in the the manuscript. manuscript. Anne Anne Troelstra Troelstra stood by us us with with advice. advice. Sam Sam Buss Buss was was a a very very helpful helpful editor editor and and careful careful reader. reader. The first first author author was was supported supported by by N.W.O., N.W.O., the the Dutch Dutch Foundation Foundation for for Scientifi Scientificc The Research, working on Research, while while working on this this chapter chapter in in 1992-1993, 1992-1993, and and by by the the National National Science Science Foundation ((grant CCR-9403447)) while while working working on on its its final final version version in in 1997. 1997. grant CCR-9403447 Foundation References References
S. S. N. N. ARTEMOV ARTi~MOV [1980] Arithmetically Arithmetically complete complete modal modal theories, theories, Semiotika i Informatika, VINITI, Moscow, Moscow, 14, 14, [1980] pp. 115-133. 115-133. In In Russian, Russian, English English translation translation in: in: Amer. Math. Soc. Soc. Transl. Transl. (2), (2), 135: 135: pp. 39-54, 39-54, 1987. 1987. [1985a] [1985a] Nonarithmeticity Nonarithmeticity of of truth truth predicate predicate logics logics of of provability, provability, Doklady Akademii Nauk SSSR, 284, pp. 270-271. 284, pp. 270-271. In In Russian, Russian, English English translation translation in in Soviet Math. Dokl. 32 32 (1985), (1985), pp. pp. 403-405. 403-405. [1985b] [1985b] On On modal modal logics logics axiomatizing axiomatizing provability, provability, Izvestiya Akad. Nauk SSSR, ser. set. mat., 49, 49, pp. pp. 1123-1154. 1123-1154. In In Russian, Russian, English English translation translation in: in: Math. USSR Izvestiya 27(3). 27(3). [1986] Numerically Numerically correct correct logics logics of of provability, provability, Doklady Akademii Nauk SSSR, 290, 290, pp. pp. 12891289[1986] 1292. In 1292. In Russian. Russian. 67, pp. [1994] Logic Logicof of proofs, proofs, Annals of of Pure and Applied Logic, Logic, 67, pp. 29-59. 29-59. [1994] [1995] Operational Modal Logic, Logic, Tech. Tech. Rep. Rep. MSI MSI 95-29, 95-29, Cornell Cornell University. University. [1995] SS.. N. AND G ZHAPARIDZE) N. ARTEMOV ARTi~MOVAND G.. K. K. JAPARIDZE JAPARIDZE (D (DZHAPARIDZE) On effective effective predicate predicate logics logics of of provability, provability, Doklady Akademii Nauk SSSR, 297, 297, pp. pp. 521521[1987] On 523. 523. In In Russian, Russian, English English translation translation in in Soviet Math. Dokl. Dokl. 36 36 (1987), (1987), pp. pp. 478-480. 478-480. [1990] Finite Finite Kripke Kripke models models and and predicate predicate logics logics of of provability, provability, Journal of Symbolic Logic, Logic, 55, 55, [1990] pp. pp. 1090-1098. 1090-1098. A. AVRON A. AVRON interpretations, Journal of Symbolic Logic, [1984] On On modal modal systems systems having having arithmetical arithmetical interpretations, Logic, 49, 49, [1984] pp. pp. 935-942. 935-942. L. D L. D.. BEKLEMISHEV BEKLEMISHEV [1989a] On On the the classification classification of of propositional propositional provability provability logics, logics, Izvestiya Akademii Nauk SSSR, [1989a] ser. mat. D, 53, pp. 915-943. 53, pp. 915-943. In In Russian, Russian, English English translation translation in in Math. USSR Izvestiya 35 35 (1990) (1990) 247-275. 247-275. [1989b] A A provability provability logic logic without without Craig'sprotect Craig'sprotect interpolation interpolation property, property, Matematicheskie [1989b] 45, pp. Zametkie, 45, pp. 12-22. 12-22. In In Russian, Russian, English English translation translation in in Math. Notes 45 45 (1989). (1989). [1991] Provability Provability logics logics for for natural natural Turing Turing progressions progressions of of arithmetical arithmetical theories, theories, Studia Logica, [1991] pp. 107-128. pp. 107-128. [1992] Independent Independent numerations numerations of of theories theories and and recursive recursive progressions, progressions, Sibirskii Matematich Matematich[1992] 33, pp. skii Zhurnal, Zhurnal, 33, pp. 22-46. 22-46. In In Russian, Russian, English English translation translation in in Siberian Math. Journal, 33 33 (1992). (1992).
542 542
G. G. Japaridze Japaridze and and D. D. de de Jongh Jongh
On the the complexity complexity of of arithmetic arithmetic applications applications of of modal modal formulae, formulae, Archive Archive for for MatheMathe [1993a] [1993aJ On matical Logic, 32, 32, pp. pp. 229-238. 229-238. matical Review of of de de Jongh Jongh and and Montagna Montagna [1988,1989], [1988,1989] ' Carbone Carbone and and Montagna Montagna [1989,1990], [1989,1990] ' [1993b] [1993bJ Review Journal of Symbolic Logic, 58, 58, pp. pp. 715-717. 715-717. Journal of Symbolic On bimodal bimodal logics logics of of provability, provability, Annals Annals of and Applied Applied Logic, 68, 68, pp. pp. 115-160. 115-160. [1994] of Pure and [1994J On Bimodal logics logics for for extensions extensions of arithmetical theories, theories, Journal Journal of of Symbolic Symbolic Logic, Logic, 61, [1996a] of arithmetical [1996aJ Bimodal 61, pp. 91-124. 91-124. pp. EXP, in: in: Logic Logic and A. Ursini Ursini Remarks on Magari-algebras of of PA PA and I�o ++ EXP, [1996b] on Magari-algebras and IA0 and Algebra, A. [1996bJ Remarks and P. P. Aglianb, Agliano, eds., eds., Marcel Marcel Dekker, Dekker, Inc., Inc., New New York, York, pp. pp. 317-326. 317-326. and B ERARDUCCI A . BERARDUCCI A. The interpretability interpretability logic logic of of Peano Peano arithmetic, arithmetic, Journal of of Symbolic Symbolic Logic, 55, 55, pp. pp. 10591059[1990] [1990J The 1089. 1089. B ERARDUCCI AND R. R. VERBRUGGE VERBRUGGE A. BERARDUCCI A. On the the provability provability logic logic of of bounded bounded arithmetic, arithmetic, Annals Annals of [1993] of Pure Pure and Applied Logic, 61, [1993J On 61, pp. 75-93. pp. 75-93. C. BERNARDI BERNARDI C. [1976] The The uniqueness of the uniqueness of the fixed-point fixed-point in in every every diagonalizable diagonalizable algebra, algebra, Studia Studia Logica, Logica, 35, [1976J 35, pp. 335-343. pp. 335-343. BOOLOS G G.. BOOLOS Cambridge University University Press. Press. [1979] of Consistency, Cambridge [1979J The Unprovability of Provability, truth logic, Journal of Philosophic Logic, 9, 1-7. [1981] truth and and modal modal logic, Philosophic Logic, 9, pp. pp. 1-7. [1981J Provability, Extremely undecidable undecidable sentences, sentences, Journal of Symbolic Symbolic Logic, 47, pp. [1982] Extremely Logic, 47, pp. 191-196. 191-196. [1982J [1993a] The The analytical analytical completeness of Dzhaparidze's of Pure and [1993aJ completeness of Dzhaparidze's polymodal polymodal logics, logics, Annals of Applied 95-11l. Applied Logic, 61, 61, pp. pp. 95-111. [1993bJ The Logic of of Provability, Provability, Cambridge Cambridge University University Press. [1993b] Press. G BOOLOS AND AND R. R. C. C. JEFFREY G.. BOOLOS JEFFREY [1989] Computability and Logic, University Press. [1989J Logic, 3rd ed., Cambridge Cambridge University Press. G. BOOLOS AND V. V. MCGEE G. BOOLOS AND MCGEE degree of of the set of [1987] The The degree the set of sentences sentences of of predicate predicate provability provability logic logic that that are are true true under under [1987J pp. 165-17l. every every interpretation, interpretation, Journal of of Symbolic Logic, Logic, 52, 52, pp. 165-171. G. SAMBIN G. BOOLOS G. BOOLOS AND AND G. SAMBIN [1991] Provability: Provability: the the emergence emergence of of a a mathematical mathematical modality, modality, Studia Logica, Logica, 50, 50, pp. pp. 1-23. 1-23. [1991J CARBONE AND F. MONTAGNA A. CARBONE A. AND F. MONTAGNA [1989J [1989] Rosser Rosser orderings orderings in in bimodal bimodal logics, logics, Zeitschrift fur fiir Mathematische Logik und Grundlagen der Mathematik, 35, 35, pp. pp. 343-358. 343-358. [1990J [1990] Much Much shorter shorter proofs: proofs: aa bimodal bimodal investigation, investigation, Zeitschrift fur fiir Mathematische Logik und Grundlagen der Mathematik, 36, pp. 47-66. Mathematik, 36, pp. 47-66. T. CARLSON T. CARLSON [1986J [1986] Modal Modal logics logics with with several several operators operators and and provability provability interpretations, interpretations, Israel Journal of Mathematics, 54, 54, pp. pp. 14-24. 14-24. B. F. B. F. CHELLAS CHELLAS [1980] Modal Logic: Logic: An Introduction, Cambridge Cambridge University University Press. Press. [1980J PP.. CLOTE CLOTE AND AND JJ.. KRAJiCEK KRAJf(~EK [1993J [1993] eds., eds., Arithmetic, Proof Theory and Computational Complexity, Complexity, Oxford Oxford University University Press. Press. D. VAN D. VAN DALEN DALEN [1994J [1994] Logic Logic and Structure, Springer Springer Verlag, Verlag, Berlin, Berlin, Amsterdam. Amsterdam.
L. L. L. L. ESAKIA ESAKIA [1988] Provability Provability logic logic with with quantifier quantifier modalities, modalities, in: in: Intensional Logics Logics and the Logical Logical [1988J Structure of Theories: Material from the fourth Soviet-Finnish Symposium on Logic, Logic, Telavi, May 20-24, 1985, Metsniereba, 20-24, 1985, Metsniereba, Tbilisi, Tbilisi, pp. pp. 4-9. 4-9. In In Russian. Russian.
The Logic Logic of of Provability Provability
543 543
S. FEFERMAN S. FEFERMAN [1960] [1960] Arithmetization Arithmetization of of metamathematics metamathematics in in aa general general setting, setting, Archive for Mathematical Logic, 6, 6, pp. pp. 52-63. 52-63. [1962] [1962] Transfinite Transfinite recursive recursive progressions progressions of of axiomatic axiomatic theories, theories, Journal of Symbolic Logic, Logic, 27, 27, pp. pp. 259-316. 259-316. G. KREISEL, KREISEL, AND S. OREY S. FEFERMAN, S. FEFERMAN, G. AND S. GREY [1960] I-consistency 1-consistency and and faithful faithful interpretations, interpretations, Fundamenta Mathematicae, 49, 49, pp. pp. 35-92. 35-92. [1960]
Z. G L EIT AND Z. GLEIT AND W W.. GOLDFARB GOLDFARB [1990] Characters Characters and and fixed fixed points points in in provability provability logic, logic, Notre Dame Journal of o] Formal Logic, [1990] 31, pp. 31, pp. 26-55l. 26-551.
K K.. GODEL GODEL
[1933] Eine Eine Interpretation des intuitionistischen intuitionistischen Aussagenkalkuls, Aussagenkalkuls, Ergebnisse Math. Colloq., Colloq., Interpretation des [1933] Bd. Bd. 4, 4, pp. pp. 39-40. 39-40. D. G U A SPARI D. GUASPARI [1979] Partially Partially conservative conservative extensions extensions of of arithmetic, arithmetic, Transactions of the American Mathe Mathe[1979] pp. 47-68. 47-68. matical Society, 254, 254, pp. [1983] Sentences Sentences implying implying their their own own provability, provability, Journal of of Symbolic Logic, Logic, 48, 48, pp. pp. 777-789. 777-789. [1983] D R. M. M. SOLOVAY D.. GUASPARI GUASPARI AND AND R. SOLOVAY [1979] Rosser Rosser sentences, sentences, Annals of Mathematical Logic, Logic, 16, 16, pp. pp. 81-99. 81-99. [1979] P. HAJEK P. HAJEK [1971] On On interpretability interpretability in in set set theories theories I, I, Comm. Math. Univ. Univ. Carolinae, Carolinae, 12, 12, pp. pp. 73-79. 73-79. [1971] [1972] On On interpretability interpretability in in set set theories theories II, II, Comm. Math. Univ. Univ. Carolinae, Carolinae, 13, 13, pp. pp. 445-455. 445-455. [1972] P. HAJEK F. MONTAGNA P. HAJEK AND AND F. MONTAGNA [1990] [1990] The The logic logic of of II Hl-Conservativity, Archly fUr ]iir Mathematische Logik und Grundlagen Grundlagen1 -conservativity, Archiv forschung, ]orschung, 30, 30, pp. pp. 113-123. 113-123. 1992] The The logic logic of of II1-conservativity Hl-Conservativity continued, continued, Archiv fUr fiir Mathematische Logik und Grund Grund[[1992] 32, pp. lagenforschung, lagen]orschung, 32, pp. 57-63. 57-63. P. HAJEK, F. MONTAGNA, AND P PUDLAK P. HAJEK, F. MONTAGNA, AND P.. PUDLAK [1993] [1993] Abbreviating Abbreviating proofs proofs using using metamathematical metamathematical rules, rules, in: in: Clote Clote and Krajicek KrajiSek r199S}, [1993], pp. 387-428. 387-428. pp. D. HAREL D. HAREL [1984] [1984] Dynamic Dynamic logic, logic, in: in: Handbook Handbook of Philosophic Logic, Logic, Volume II, Extensions of Classical Logic, D. D. Gabbay Publishers, Dordrecht, Gabbay and and F. F. Guenthener, Guenthener, eds., eds., Kluwer Kluwer Academic Academic Publishers, Dordrecht, Boston, pp. pp. 497-604. 497-604. Boston, P. BE RNAYS D. HILBERT HILBERT AND AND P. BERNAYS [1939] Grundlagen der Mathematik II, Springer, [1939] Springer, Berlin. Berlin. G E. H U G HES AND AND M. M. J. J. CRESSWELL G.. E. HUGHES CRESSWELL [1984] A Companion to MODAL MODAL LOGIC, Methuen, Methuen, London, London, New New York. York. [1984] K. N. N. IGNATIEV K. IGNATIEV [1990] The logic -interpolability over Peano arithmetic. Manuscript. [1990] logic of of �l El-interpolability Manuscript. In In Russian. Russian. the associated [1993a] [1993a] On On strong strong provability provability predicates predicates and and the associated modal modal logics, logics, Journal of Symbolic Logic, 58, 58, pp. pp. 249-290. 249-290. [1993b] [1993b] The The provability provability logic logic of of �l-interpolability, El-interpolability, Annals of Pure and Applied Logic, Logic, 64, 64, pp. 1-25. 1-25. pp. G ZHAPARIDZE) G.. K K.. JAPARIDZE J APARIDZE (D (DZHAPARIDZE) [1986] [1986] The Modal Logical Logical Means of Investigation of Provability, PhD PhD thesis, thesis, Moscow Moscow State State University. In In Russian. Russian. University. [1988a] [1988a] The The arithmetical arithmetical completeness completeness of of the the logic logic of of provability provability with with quantifier quantifier modalities, modalities, Bull. Acad. Sci. Georgian 265-268. In Georgian SSR, 132, 132, pp. pp. 265-268. In Russian. Russian.
544 544
G. G. Japaridze Japaridze and and D. D. de de Jongh Jongh
[1988b] The The polymodal polymodal logic logic of of provability, provability, in: in: Intensional Logics Logics and the Logical Structure of [1988bJ [1990a]J [1990a [1990b] bJ [1990 [1991] [1991J [1992]J [1992 [1993]J [1993
[1994aJ [1994a] [1994b] [1994bJ
Theories: Material from the fourth Soviet-Finnish Symposium on Logic, Logic, Telavi, Telavi, May 20-24, 1985, 1985, Metsniereba, Metsniereba, Tbilisi, Tbilisi, pp. pp. 16-48. 16-48. In In Russian. Russian. Decidable Decidable and and enumerable enumerable predicate predicate logics logics of of provability, provability, Studia Studia Logica, Logica, 449, pp. 7-21. 7-21. 9 , pp. Provability Provability logic logic with with modalities modalities for for arithmetical arithmetical complexities, complexities, Bull. Acad. Sci. Georgian SSR, 138, pp. 481-484. 138, pp. 481-484. Predicate Predicate provability provability logic logic with with non-modalized non-modalized quantifiers, quantifiers, Studia Logica, Logica, 50, 50, pp. pp. 149149160. 160. The 51, pp. The logic logic of of linear linear tolerance, tolerance, Studia Logica, Logica, 51, pp. 24 249-277. 9-277. A A generalized generalized notion notion of of weak weak interpretability interpretability and and the the corresponding corresponding logic, logic, Annals Annals of Pure and Applied Logic, 13-160. Logic, 61, 61, pp. pp. 1113-160. The The logic logic of of arithmetical arithmetical hierarchy, hierarchy, Annals of Pure and Applied Logic, Logic, 66, 66, pp. pp. 89-112. 89-112. A A simple simple proof proof of of arithmetical arithmetical completeness completeness for for II IIl-Conservativity logic, Notre Dame 1 -conservativity logic, of Formal Logic, Logic, 35, pp. 346-354. 346-354. Journal of 35, pp.
D H. J. DE D.. H. DE JONGH JONGH A simplification simplification of of a a completeness completeness proof proof of of Guaspari Guaspari and and Solovay, Solovay, Studia Studia Logica, Logica, 46, 46, 1987J A [[1987] pp. pp. 187-192. 187-192. D. H. H. J. DE JONGH, M F. MONTAGNA D. DE JONGH, M.. JUMELET, JUMELET, AND AND F. MONTAGNA 50, pp. [1991] On On the the proof proof of of Solovay's Solovay's theorem, theorem, Studia Logica, Logiea, 50, pp. 51-70. 51-70. [1991J D. H. H. J. DE F. MONTAGNA D. DE JONGH J ONGH AND AND F. M ONTAGNA [1988]J Provable Provable fixed fixed points, points, Zeitschrijt Zeitschr#2 fUr fiir Mathematische Logik Logik und Grundlagen der [1988 Mathematik, Mathematik~ 34, 34, pp. pp. 229-250. 229-250. 89J Much [1989] Much shorter shorter proofs, proofs, Zeitschrijt Zeitschrift fur fiir Mathematische Logik und Grundlagen der Mathe Mathe[19 35, pp. matik, 35, pp. 247-260. 247-260. [1991] Rosser-orderings Rosser-orderings and and free free variables, variables, Studia Logica, Logica, 50, 50, pp. pp. 71-80. 71-80. [1991J H. J. DE JONGH AND D. PIANIGIANI PIANIGIANI D. H. DE JONGH AND D. 57. To [1998] Solution Solution of of a a problem problem of of David David Guaspari, Guaspari, Studia Studia Logica, Logica, 57. To appear. appear. [1998J DE JONGH AND F. D D.. H. H. JJ.. DE JONGH AND F. VELTMAN VELTMAN 1 990J Provability Provability logics logics for for relative relative interpretability, interpretability, in: in: Petkov [1990j, [1990], pp. pp. 31-42. 31-42. [[1990] D. H. H. J. DE A. VISSER D. DE JONGH JONGH AND AND A. VISSER interpretability logic, [1991 [1991]J Explicit Explicit fixed fixed points points in in interpretability logic, Studia Logica, Logica, 50, 50, pp. pp. 339-50. 9-50. G A. LEVY G.. KREISEL KREISEL AND AND A. LEVY [1968 [1968]J Reflection Reflection principles principles and and their their use use for for establishing establishing the the complexity complexity of of axiomatic axiomatic systems, systems, Zeitschrijt 14, pp. 7-142. Zeitschrift fur fiir Mathematische Logik Logik und Grundlagen der Mathematik, 14, pp. 997-142. P P.. LINDSTROM LINDSTROM [1984J [1984] On On faithful faithful interpretability, interpretability, in: in: Computation and Proof Theory, M. M. M. M. Richter, Richter, E. Borger, B. Schinzel, E. BSrger, W. W. Oberschelp, Oberschelp, B. Schinzel, and and W. W. Thomas, Thomas, eds., eds., Lecture Lecture Notes Notes in in Mathematics Mathematics #1104, #1104, Springer Springer Verlag, Verlag, Berlin, Berlin, Berlin, Berlin, pp. pp. 27 279-288. 9-288. [1994J [1994] The Modal Logic Logic of of Parikh Provability, Tech. Tech. Rep. Rep. Filosofiska Filosofiska Meddelanden, Meddelanden, Grona GrSna serien, serien, No. No. 5, 5, University University of of Goteborg. GSteborg. J AND A. J.. C. C. C. C. McKINSEY M CKINSEY AND A. TARSKI TARSKI [1948] Some Some theorems theorems about about the the calculi calculi of of Lewis Lewis and and Heyting, Heyting, Journal of of Symbolic Logic, Logic, 13, 13, [1948J pp. pp. 1-15. 1-15. F. F. MONTAGNA MONTAGNA [1979] On On the the diagonalizable diagonalizable algebra algebra of of Peano Peano arithmetic, arithmetic, Bulletino della della Unione Matematica [1979J 5, 16B, pp. 7795-812. Italiana, 5, 16B, pp. 95-812. [1984] The The predicate predicate modal modal logic logic of of provability, provability, Notre Dame Journal of of Formal Logic, Logic, 25, 25, [1984J pp. 179-189. 179-189. pp. [1987] Provability Provability in in finite finite subtheories subtheories of of PA, PA, Journal of of Symbolic Logic, Logic, 52, 52, pp. pp. 494-511. 494-511. [1987J
The Logic of of Provability Provability
545 545
Polynomially and and superexponentially superexponentially shorter shorter proofs proofs in in fragments fragments of of arithmetic, arithmetic, Journal [[1992] 1992] Polynomially of 57, pp. of Symbolic Logic, Logic, 57, pp. 844-863. 844-863. S. S. OREY GREY Relative interpretations, interpretations, Zeitschrijt Zeitschri# fur fiir Mathematische Logik und Grundlagen der [[1961] 1961] Relative Mathematik, 7, 7, pp. pp. 146-153. 146-153. R. R. PARIKH PARIKH 1971] Existence Existence and and feasibility, feasibility, Journal of Symbolic Logic, Logic, 36, 36, pp. pp. 494-508. 494-508. [[1971] P.. P P.. PETKOV PETKOV P ed., Mathematical Logic, Logic, Proceedings Proceedings of the Heyting 1988 Summer School, School, New New York, York, [[1990] 1990] ed., Plenum Plenum Press. Press. M. DE M. DE RIJKE RIJKE Unary interpretability interpretability logic, logic, Notre Dame Journal of Formal Logic, Logic, 33, 33, pp. pp. 249-272. 249-272. [[1992] 1992] Unary G. SAMBIN G. SAMBIN An effective effective fixed-point fixed-point theorem theorem in in intuitionistic intuitionistic diagonalizable diagonalizable algebras, algebras, Studia Studia Logica, [[1976] 1976] An 35, pp. pp. 345-36l. 35, 345-361. G. G. SAMBIN SAMBIN AND AND S. S. VALENTINI VALENTINI The modal modal logic logic of of provability. provability. The The sequential sequential approach., approach., Journal of Philosophical Logic, [[1982] 1982] The 11, pp. 311-342. 11, pp. 311-342. The modal modal logic logic of of provability: provability: cut cut elimination., elimination., Journal of of Philosophical Logic, Logic, 12, 12, [[1983] 1983] The pp. pp. 471-476. 471-476. D S. SCOTT D.. S. SCOTT Algebras of of sets sets binumerable binumerable in in complete complete extensions extensions of of arithmetic, arithmetic, in: in: Recursive 1962] Algebras [[1962] American Mathematical Mathematical Society, Society, Providence, Providence, R.I., R.I., pp. pp. 117-12l. 117-121. Function Theory, American V. Y. V. Y. SHAVRUKOV SHAVRUKOV Logic of of Relative Interpretability over Peano Arithmetic, Arithmetic, Tech. Tech. Rep. Rep. Report Report No.5, No.5, [[1988] 1988] The Logic Stekhlov Moscow. (in Stekhlov Mathematical Mathematical Institute, Institute, Moscow. (in Russian). Russian). 's provability On Rosser RoBBer's provability predicate, predicate, Zeitschrijt Zeitschrift fur fiir Mathematische Logik Logik und Grundlagen [[1991] 1991] On 37, pp. der Mathematik, 37, pp. 317-330. 317-330. A note note on on the the diagonalizable diagonalizable algebras algebras of of PA PA and and ZF, ZF, Annals of of Pure and Applied Logic, 1993a] A [[1993a] 61, pp. 161-173. 61, pp. 161-173. 1993b] Subalgebras Subalgebras of of diagonalizable diagonalizable algebras algebras of of theories theories containing containing arithmetic, arithmetic, Dissertationes [[1993b] mathematicae (Rozprawy matematycne), 323. 323. Instytut Instytut Matematyczny, Matematyczny, Polska Polska Akademia Akademia Nauk, Nauk, Warsaw. Warsaw. 35, pp. A smart smart child child of of Peano's, Peano's, Notre Dame Journal of of Formal Logic, 35, pp. 161-185. 161-185. [[1994] 1994] A Undecidability in in diagonalizable diagonalizable algebras, algebras, Journal of of Symbolic Logic, Logic, 62, 62, pp. pp. 79-116. 79-116. [[1997] 1997] Undecidability C. SMORYNSKI C. SMORYI~SKI The incompleteness incompleteness theorems, theorems, in: in: Handbook Handbook of of Mathematical Logic, Logic, J. J. Barwise, Barwise, ed., ed., [[1977] 1977] The vol. vol. 4, 4, North-Holland, North-Holland, Amsterdam, Amsterdam, Amsterdam, Amsterdam, pp. pp. 821-865. 821-865. 's theorem Beth's theorem and and self-referential self-referential statements, statements, in: in: Computation and Proof Theory, [[1978] 1978] Beth A. Macintyre, L. Pacholski, J. B. B. Paris, Paris, eds., A. Macintyre, L. Pacholski, and and J. eds., North-Holland, North-Holland, Amsterdam, Amsterdam, Amsterdam, Amsterdam, pp. pp. 17-36. 17-36. Self-reference and modal logic, logic, Springer-Verlag, Springer-Verlag, Berlin. Berlin. [[1985] 1985] Self-reference R. M. M. SOLOVAY R. SOLOVAY 25, pp. Provability interpretations interpretations of of modal modal logic, logic, Israel Journal of of Mathematics, 25, pp. 2872871976] Provability [[1976] 304. 304. C. STRANNEGARD C. STRANNEG?,RD 1997] Arithmetical Realizations of of Modal Formulas, PhD PhD thesis, thesis, University University of of Goteborg, G5teborg, Acta Acta [[1997] Philosophica Philosophica Gothoburgensia Gothoburgensia 5. 5. A. A. TARSKI, TARSKI, A. A. MOSTOWSKI, MOSTOWSKI, AND AND R. R. M. M. ROBINSON ROBINSON Undecidable Theories, North-Holland, North-Holland, Amsterdam, Amsterdam, Amsterdam. Amsterdam. 1953] Undecidable [[1953]
546 546
G. G. Japaridze Japaridze and and D. D. de de Jon9h Jongh
A AND H. A.. S. S. TROELSTRA TROELSTRA AND H. SCHWICHTENBERG SCHWICHTENBERG [1996] Basic Proof Theory, Cambridge Cambridge University University Press. Press. [1996] A TURING A.. TURING [1939] System System of of logics logics based based on on ordinals, ordinals, Proceedings Proceedings of of the London Mathematical Society, Society, [1939] Ser. 2, 45, 45, pp. pp. 161-228. 161-228. V. A V. A.. VARDANYAN VARDANYAN [1986] Arithmetic Arithmetic complexity complexity of of predicate predicate logics logics of of provability provability and and their their fragments, fragments, Doklady [1986] Akademii 288, pp. Akademii Nauk Nauk SSSR, 288, pp. 11-14. 11-14. In In Russian, Russian, English English translation translation in in Soviet Math. pp. 569-572. Dokl. 33 33 (1986), (1986), pp. 569-572. R. R. VERBRUGGE VERBRUGGE [1993a] Efficient EJ~cient Metamathematics, PhD thesis, Universiteit van van Amsterdam, Amsterdam, ILLC-disseration ILLC-disseration [1993a] Metamathematics, PhD thesis, Universiteit series series 1993-3. 1993-3. [1993b] [1993b] Feasible Feasible interpretability, interpretability, in: in: Clote and Krajicek Kraj(Sek [1993}, [1993], pp. pp. 197-221. 197-221. A. A. VISSER VISSER H.E. Curry: Essays on Combinatory [1980] Numerations, Numerations, A-calculus )~-calculus and and arithmetic, arithmetic, in: in: To H.B. [1980] J. P. J. R. logic, lambda lambda calculus and formalism, J. P. Seldin Seldin and and J. R. Hindley, Hindley, eds., eds., Academic Academic Press, Inc., Press, Inc., London, London, pp. pp. 259-284. 259-284. [1981] [1981] Aspects of Diagonalization Diagonalization and Provability, Provability, PhD PhD thesis, thesis, University University of of Utrecht, Utrecht, Utrecht, Utrecht, The The Netherlands. Netherlands. recursively enumerable [1984] The The provability provability logics logics of of recursively enumerable theories theories extending extending Peano Peano arithmetic arithmetic [1984] at at arbitrary arbitrary theories theories extending extending Peano Peano arithmetic, arithmetic, Journal of of Philosophical Philosophical Logic, Logic, 13, 13, pp. pp. 97-113. 97-113. [1985] Evaluation, Provably Deductive Equivalence Equivalence in Heyting's arithmetic of Substitution Substitution [1985] LGPS 4, Instances Instances of of Propositional Formulas, Formulas, Tech. Tech. Rep. Rep. LGPS 4, Department Department of of Philosophy, Philosophy, Utrecht Utrecht University. University. children. aa provability [1989] Peano's Peano's smart smart children, provability logical logical study study of of systems systems with with built-in built-in consistency, consistency, [1989] Notre 30, pp. pp. 161-196. Notre Dame Journal of of Formal Logic, Logic, 30, 161-196. [1990] Interpretability logic, logic, in: in: Petkov [1990}, [1990], pp. pp. 175-209. 175-209. [1990] Interpretability The formalization formalization of of interpretability, interpretability, Studia Logica, Logica, 50, 50, pp. pp. 81-106. 81-106. [1991] The [1991] [1994] ~-Sentences in Heyting's Arithmetic, Tech. Tech. Rep. Rep. LGPS LGPS [1994] Propositional Combinations of '£',-Sentences 117, 117, Department Department of of Philosophy, Philosophy, Utrecht Utrecht University. University. To To appear appear in in the the Annals Annals of of Pure Pure and and Applied Applied Logic. Logic. [1995] A course course in in bimodal bimodal provability provability logic, logic, Annals of Pure and Applied Logic, 73, 73, pp. pp. 109-142. 109-142. [1995] A [1997] An overview overview of of interpretability interpretability logic, logic, in: in: Advances in Modal Logic Logic '96, '96, M. M. Kracht, Kracht, [1997] An M. M. de de Rijke, Rijke, and and H. H. Wansing, Wansing, eds., eds., CSLI CSLI Publications, Publications, Stanford. Stanford. A. VISSER, H. JJ.. DE AND G. G. R. R. RENARDEL A. VISSER, JJ.. VAN VAN BENTHEM, BENTHEM, D. H. DE JONGH, JONGH, AND RENARDEL DE DE LAVALETTE LAVALETTE [1995] NILL, aa study study in in intuitionistic intuitionistic propositional propositional logic, logic, in: in: Modal Logic Logic and Process Algebra, [1995] a Bisimulation Bisimulation Perspective, Perspective, A. A. Ponse, Ponse, M. M. de de Rijke, Rijke, and and Y. Y. Venema, Venema, eds., eds., CSLI CSLI Lecture Lecture Notes Notes #53, #53, CSLI CSLI Publications, Publications, Stanford, Stanford, pp. pp. 289-326. 289-326. F. VOORBRAAK F. VOORBRAAK 's R, simplification of [1988] [1988] A A simplification of the the completeness completeness proofs proofs for for Guaspari Guaspari and and Solovay Solovay's R, Notre Dame Journal of Formal Logic, 31, pp. Logic, 31, pp. 44-63. 44-63. D. ZAMBELLA ZAMBELLA [1992] On On the the proofs proofs of of arithmetical arithmetical completeness completeness of of interpretability interpretability logic, logic, Notre Dame Journal [1992] 35, pp. of of Formal Logic, 35, pp. 542-551. 542-551. [1994] [1994] Shavrukov's Shavrukov's theorem theorem on on the the subalgebras subalgebras of of diagonalizable diagonalizable algebras algebras for for theories theories contain containIflo + 35, pp. ing ing IA0 + EXP, EXP, Notre Dame Journal of of Formal Logic, Logic, 35, pp. 147-157. 147-157.
CHAPTER CHAPTER VIII VIII
The The Lengths Lengths of of Proofs Proofs Pavel Pavel Pudlak Pudls Mathematical Institute, Academy of of Sciences of o.f the Czech Republic 115 115 67 67 Prague 1, 1, The Czech Republic
Contents Contents
1. Introduction 1. I n t r o d u c t i o n .. .. .. .. .. .. . . . . . . . . . . . .. .. .. .. .. .. . . . . . . . . . . . . . . . . . . . 2. Types T y p e s of of proofs proofs and and measures measures of of complexity complexity . . . . . . . . . . . . . . . . . . . . 3. Some 3. Some short short formulas formulas and and short short proofs proofs .. .. . .. . . . . . . . . . . . . . . . . . . . . 4. 4. More More on on the the structure s t r u c t u r e of of proofs proofs .. .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . Bounds on on cut-elimination cut-elimination and and Herbrand's H e r b r a n d ' s theorem theorem ................ 5. Bounds 6. Finite Finite consistency consistency statements statements - concrete concrete bounds b o u n d s .. . . . . . . . . . . . . . . . . . 7. 7. Speed-up Speed-up theorems theorems in in first first order order logic logic . . . . . . . . . . . . . . . . . . . . . . . P r o p o s i t i o n a l proof p r o o f systems systems .. .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8. Propositional 9. Lower Lower bounds b o u n d s on on propositional propositional proofs proofs .. .. .. . . . . . . . . . . . . . . . . . . . . 10. 10. Bounded B o u n d e d arithmetic a r i t h m e t i c and and propositional propositional logic logic . . . . . . . . . . . . . . . . . . . . 11. Bibliographical Bibliographical remarks remarks for for further further reading reading .. . . . . . . . . . . . . . . . . . . . . References References .. .. .. .. .. .. . . . . . . . . . . . . .. .. .. .. .. .. .. .. . . . . . . . . . . . . . . . . . . . .
.
HANDBOOK PROOF H A N D B O O K OF OF P R O O F THEORY THEORY Edited E d i t e d by by S. S. R. R. Buss Buss © 1998 Elsevier (~) 1998 Elsevier Science Science B.V. B.V. All All rights rights reserved reserved
548 549 555 564 573 577 585 590 605 619 627 629
548 548
P. Pudldk
1 1.. Introduction Introduction
In In this this chapter chapter we we shall shall consider consider the the problem problem of of determining determining the the minimal minimal complexity complexity of of aa proof proof of of aa theorem theorem in in aa given given proof proof system. system. We We shall shall deal deal with with propositional logic. There propositional logic logic and and first first order order logic. There are are several several measures measures of of complexity complexity of of proof and and there are many many different different proof proof systems. systems. Let Let us us give give some some reasons reasons for for this this aa proof there are research, research, before before we we discuss discuss particular particular instances instances of of the the problem. problem. 11.1. . 1 . Our Our subject subject could could be be called called the the quantitative quantitative study study of of the the proofs. proofs. In In contrast contrast with the the classical proof theory theory we we want want to to know know not not only only whether whether aa theorem theorem has has with classical proof proof but but also also whether whether the the proof proof is is feasible, feasible, i.e., i.e., can can be be actually actually written written down down aa proof or or checked checked by by aa computer. computer. An An ideal ideal justification justification for for such such research research would would be be aa proof that particular theorem proof that aa particular theorem for for which which we we have have only only long long proofs proofs (such (such as as the the four color theorem), four color theorem), or or aa conjecture conjecture for for which which we we do do not not have have any any proof proof (such (such as as P in some reasonable theory P i= ~ NP), AfT~), does does not not have have aa short short proof proof in some reasonable theory (such (such as as ZF). ZF). Presently Presently this this seems seems to to be be aa very very distant distant goal; goal; we we are are only only able able to to prove prove lower lower bounds on on the the lengths lengths of of proofs proofs for for artifi artificial statements, or or for for natural statements, bounds cial statements, natural statements, but similar to but in in very very weak weak proof proof systems. systems. The The situation situation here here is is similar to the the situation situation in in the the study study of of (weak) (weak) fragments fragments of of arithmetic arithmetic and and complexity complexity theory. theory. In In fragments fragments of of only for sentences obtained arithmetic arithmetic we we can can prove prove unprovability unprovability of of rry H ~ sentences sentences only for sentences obtained by diagonalization, and by diagonalization, and in in complexity complexity theory theory we we can can separate separate complexity complexity classes classes also also only when connected only when diagonalization diagonalization is is possible. possible. These These three three areas areas are are very very much much connected and possible to and it it is is not not possible to advance advance very very much much in in one one of of them them without without making making progress progress in in the the others. others. Nevertheless Nevertheless there there are are already already now now some some practical practical consequences consequences of of this this research. research. For we know For instance instance in in first first order order logic logic we know quite quite precisely precisely how how much much cut-elimination cut-elimination increases increases the the size size of of proofs. proofs. In In propositional propositional logic logic we we have have simple simple tautologies tautologies which which have have only only exponentially exponentially long long resolution resolution proofs. proofs. This This is is very very important important information information for for designers designers of of automated automated theorem theorem provers. provers. Another Another reason reason for for studying studying the the lengths lengths of of proofs proofs is is that that information information about about the the size size of of proofs proofs is is very very important important in in the the study study of of weak weak fragments fragments of of arithmetic, arithmetic, namely fragments is namely when when metamathematics metamathematics of of fragments is considered. considered. For For instance, instance, in in bounded bounded arithmetic arithmetic the the exponentiation exponentiation function function is is not not provably provably total. total. Therefore Therefore the cut-elimination theorem is (in fact the cut-elimination theorem is not not provable provable in in bounded bounded arithmetic arithmetic (in fact first first order cut-elimination than elementary elementary increase increase in size of order cut-elimination requires requires more more than in the the size of proofs). proofs). Consequently Consequently we we have have (at (at least) least) two two different different concepts concepts of of consistency consistency in in bounded bounded arithmetic: the usual arithmetic: the usual one one and and cut-free cut-free consistency. consistency. Furthermore relation between bounded arithmetic arithmetic and Furthermore there there is is aa relation between provability provability in in bounded and the certain proof proof systems the lengths lengths of of proofs proofs in in certain systems for for propositional propositional logic. logic. This This seems seems to be the most promising promising way proving concrete to be the most way of of proving concrete independence independence results results for for bounded bounded arithmetic. arithmetic. Finally this Finally this area area is is important important because because of of its its tight tight relation relation to to complexity complexity theory. theory. Actually, lengths of considered as Actually, research research into into the the lengths of proofs proofs should should be be considered as aa part part of of com complexity connections with computational complexity. plexity theory. theory. There There are are two two kinds kinds of of connections with computational complexity.
The Lengths of Proofs
549 549
On the the one one hand hand there there are are explicit explicit connections connections such such as as the the fact fact that that a a proof proof system system On for algorithm for for propositional propositional logic logic is is a a nondeterministic nondeterministic algorithm for the the (coNP (coAl7~ complete) complete) set set of of tautologies. tautologies. On On the the other other hand hand there there are are intuitive intuitive connections connections which which are are not not supported supported by by theorems. theorems. For For example example the the relation relation between between Frege Frege systems systems and and extension extension Frege Frege systems systems (see (see below below for for definitions) definitions) for for propositional propositional logic logic is is very very much like the the relation between the measures of based much like relation between the complexity complexity measures of boolean boolean functions functions based on formula size and and circuit on formula size circuit size, size, respectively. respectively. It It is is an an open open problem problem whether whether Frege Frege systems are systems and systems are as as powerful powerful as as extension extension Frege Frege systems and also also it it is is an an open open problem problem whether formulas formulas are are as as powerful powerful as as circuits; circuits; but but we we are are not not able able to to prove prove any any of of two two whether implications implications between between these these apparently apparently related related problems. problems. Some Some people people think think that that the the difficult difficult problems problems in in complexity complexity theory theory such such as as P 7~ = - NP? AfT~? are are essentially essentially logical logical (not (not combinatorial) combinatorial) problems. problems. If If it it is is so, so, then then proof proof theory, theory, and and in in particular particular the the lengths lengths of of proofs, proofs, should should play play an an important important role role in in their their solution. solution.
1.2. the contents 1.2. Now Now we we shall shall briefly briefly outline outline the contents of of this this chapter. chapter. Section Section 22 introduces introduces some some basic basic concepts. concepts. In In section section 33 we we describe describe aa technique technique of of constructing constructing short short formulas for for inductively inductively defi defined concepts. This This technique technique has has various various applications. applications. formulas ned concepts. Section Section 44 contains contains results results about about dependence dependence of of different different measures measures of of complexity complexity of proofs proofs and and a a remark remark on on the the popular popular Kreisel Kreisel Conjecture. Conjecture. In In section section 55 we we shall shall of consider consider the the cut-elimination cut-elimination theorem theorem from from the the point point of of view view of of the the lengths lengths of of proofs; proofs; namely, shall show bound on section 66 we namely, we we shall show a a lower lower bound on the the increase increase of of the the length. length. In In section we shall prove incompleteness theorem finite consistencies. shall prove a a version version of of the the second second incompleteness theorem for for finite consistencies. This This enables enables us us to to prove prove some some concrete concrete lower lower bounds bounds and and speed-up. speed-up. In In section section 77 we we survey survey speed-up speed-up theorems, theorems, namely namely results results about about shortening shortening of of proofs proofs when when a a stronger stronger theory theory is is used used instead instead of of a a weaker weaker one one and and related related results. results. Section Section 88 is is aa survey survey of of the the most most important important propositional propositional proof proof systems. systems. In In section section 99 we we give give aa nontrivial nontrivial example of of a a lower lower bound bound on on the the lengths lengths of of propositional propositional proofs proofs in in the the resolution resolution example system. 10 we system. In In section section 10 we present present important important relations relations between between the the lengths lengths of of proofs proofs in propositional in fragments nal section in propositional logic logic and and provability provability in fragments of of arithmetic. arithmetic. The The fi final section 1111 surveys results which which have surveys especially especially those those results have not not been been treated treated in in the the main main text. text. 2. Types 2. T y p e s of o f proofs p r o o f s and a n d measures m e a s u r e s of o f complexity complexity
In In this this section section we we introduce introduce notation notation and and some some basic basic concepts concepts used used in in both both propositional propositional logic logic and and first first order order logic. logic. 2.1. One 2.1. One can can consider consider many many different different formalizations formalizations and and it it is is difficult difficult to to find find aa classification classification schema schema which which would would cover cover all. all. There There is is however however one one basic basic property property which which all all formalizations formalizations of of the the concept concept of of a a proof proof must must satisfy: satisfy: it it must must be be computable computable in polynomial time in polynomial time whether whether aa given given sequence sequence is is a a proof proof of of aa given given formula. formula. Here Here we nite we assume, assume, as as usual, usual, that that proofs proofs and and formulas formulas are are encoded encoded as as strings strings in in aa fi finite alphabet alphabet and and we we identify identify feasible feasible computations computations with with polynomial polynomial time time computations. computations. This This trivial trivial observation observation gives gives us us important important link link to to computational computational complexity. complexity. The The proof general setting setting are just nondeterministic decision procedures proof systems systems in in such such aa general are just nondeterministic decision procedures
550 550
P. Pudldk
for the the set set of of tautologies tautologies or or the the set set of of theorems theorems of of aa theory theory in in question. question. More More for specifically, an an upper upper bound bound on on the the size size of of proofs proofs for for aa particular particular proof proof system system gives gives specifically, nondeterministic decision decision procedure procedure with with the the bound bound on on the the running running time time and, and, aa nondeterministic conversely, aa lower lower bound bound on on the the nondeterministic nondeterministic time time complexity complexity is is aa lower lower bound bound conversely, for any any proof proof system. system. for In particular, let TAUT T A U T be be the the set set of of propositional propositional tautologies tautologies in in some some fixed fixed In particular, let complete basis basis of of connectives. connectives. A A propositional propositional proof proof system system is is aa binary binary relation relation complete P(x, y) y) which which is is computable computable in in polynomial polynomial time time and and P(x,
T A U T == - 3y 3y P( ) il> (t ) (5.1) il> O(t)--+ 3xO(x) (5.1) (t ) -+ 3x il> (x ) term, x, x, yy are stands for for aa term, are variables variables).) . ((tt stands Note that shall refer calculus as We shall refer to to this this calculus as the the Hilbert Hilbert style style calculus. calculus.Note that in in aa system system We schemas or such as as above above we we can can either either say say that that we we have have axiom axiom schemas or that that we we have have axioms axioms such and and allow allow the the substitution substitution rule rule to to be be applied applied only only to to axioms. axioms. We We shall shall consider consider the the power power of of various various proof proof systems systems for for propositional propositional logic logic in in section section 8. 8. The The propositional propositional part part of of the the Hilbert Hilbert style style system system is is aa special special case case of of calculi calculi called called Frege Frege systems. systems. Contrary Contrary to to the the history, history, the the general general substitution substitution rule rule is is not not permitted permitted in in Frege Frege systems. systems. There There are are more more compact compact Hilbert Hilbert style style systems, systems, e.g. e.g. the the one one considered considered by by Hilbert Hilbert --'. As and and Ackermann Ackermann [1928] [1928],' use use only only the the connectives connectives V V and and -~. As we we shall shall see, see, the the unless we propositional propositional parts parts simulate simulate each each other other and and ((unless we use use some some strange strange quantifier quantifier be extended whole systems. rules rules)) this this can can be extended to to the the whole systems. Let Let us us note note that that there there are are natural natural proof proof systems systems for for first first order order logic logic which which have have only and the the quantifi er rules only modus modus ponens ponens as as aa rule rule and quantifier rules are are replaced replaced by by aa finite finite number number of of simple simple axiom axiom schemas, schemas, see see e.g. e.g. Grzegorczyk Grzegorczyk [1974]. [1974]. 2.5.2. 2.5.2. Another Another important important system system has has been been introduced introduced by by Gentzen Gentzen [19 [1935]. The ba ba35]. The sic proof are sequences 'PI sic elements elements of of the the proof are sequents sequents which which are are sequences ~1,, . 9. 9. , 'Pn ~n --t~ 'l/JI r , . . 9. , 'l/Jm era.. Here Here --t~ is is aa syntactical syntactical symbol, symbol, aa different different symbol symbol -+ -~ is is used used for for implication. implication. The The interpretation of with -+ interpretation of such such aa sequent sequent is is 'P ~1I A .. ... . A 'Pn ~n -+ ~ 'l/J rIV V .. ... . V V 'l/Jm Cm ((with --+ standing standing now now for for implication implication).) . The The system system has has aa single single axiom axiom scheme scheme A A --t> A, A, where where A A is is aa formula, assumptions and formula, and and several several rules rules which which have have one one or or two two sequents sequents as as assumptions and one one sequent instance of sequent as as a a conclusion. conclusion. A A proof proof is is aa tree tree of of sequents sequents where where leaves leaves are are instance of the the axiom axiom and and every every other other sequent sequent follows follows from from its its predecessors predecessors by by aa rule. rule. The The tree tree structure structure is is very very convenient convenient for for analyzing analyzing proofs, proofs, but but one one can can also also consider consider sequences sequences
554 554
P. P. Pudlak Pudldk
of of sequents sequents as as aa proof. proof. The The most most important important rule rule as as the the cut cut rule rule C~l,...,~k ) ~l,...,~t,~ ~l,...,~k,"Yl,...,"Ym
~,"YI,...,"Ym ) 61,...,(~n ~1,''',~,61,''',6n,
)'
Observe whole Observe that that for for k k= - ll = - m m = : 0, 0, n n = - 11 we we get get essentially essentially modus modus ponens. ponens. The The whole system is is described in Chapter Chapter I. Gentzen presented presented transformations transformations of of proofs proofs from from system described in I. Gentzen the Hilbert style calculus his sequent sequent calculus vice versa. Eder [[1992] 1992] it the Hilbert style calculus to to his calculus and and vice versa. In In Eder it is is shown that this gives polynomial the systems shown that this in in fact fact gives polynomial simulations simulations of of the systems if if 1. in both 1. in both we we take take tree-proofs tree-proofs or or 2. in in both 2. both we we take take sequence-proofs. sequence-proofs. In shall show simulation of In section section 44 we we shall show that that there there is is also also polynomial polynomial simulation of sequence-proofs sequence-proofs by tree-proofs tree-proofs in the Hilbert Hilbert style style calculus. calculus. Thus Thus the the most most commonly commonly used used systems systems by in the are are polynomially polynomially equivalent. equivalent. The schematic theory. The systems systems above above are are prototypes prototypes of of what what is is called called aa schematic theory. This This concept concept is is aa natural natural extension extension of of the the concept concept of of the the Frege Frege system system used used in in propositional propositional logic. In first first order order logic, logic, however, however, it it is is not not easy easy to to define define precisely precisely such such aa concept concept logic. In especially especially because because restrictions restrictions on on occurrences occurrences of of variables variables in in quantifier quantifier rules rules ((or or axioms 1967] , axioms)) are are needed. needed. For For possible possible definitions definitions of of schematic schematic theories theories see see Vaught Vaught [[1967], 1973] , Krajicek 1989a] , Farmer 1984,1988] and 1994] . Parikh Parikh [[1973], Kraji~ek [[1989a], Farmer [[1984,1988] and Buss Buss [[1994]. Hilbert Hilbert's's e-calculus c-calculus is is based based on on a a different different language. language. Instead Instead of of quantifiers quantifiers it it uses whose meaning is an element which satisfies the formula cp(x) if uses e-terms c-terms tev(x) whose meaning is an element which satisfies the formula ~(x) if (x)
O, there exists exists jj such such i � with that u u occurs occurs in in ttj� i e in in depth depth < d(tj) d(tj).. that
4.2.3. Claim. 4.2.3. C laim.
P. Pudltf.k Pudldk
568
To suppose it only in To prove prove the the Claim, Claim, suppose it is is false. false. Then Then u u can can occur occur only in the the part part of of the the (J. Thus terms t e r m s tie which which belongs belongs to to a. Thus we we can can obtain obtain a a smaller smaller unifier unifier by by replacing replacing all all 0 occurrences occurrences of of u u by by aa variable. variable. []
t/E
We shall show We shall show that that B1, B1,...,, B Brr have have disjoint disjoint occurrences. occurrences. For For each each Bi take take the the term corresponding to term Wi wi corresponding to the the first first vertex vertex of of Bi Bi and and take take an an occurrence occurrence of of Wi wi in in the the depth depth :::; _< d(tj) in in some some tiE. Then Then the the occurrences occurrences of of D;'s Di's in in these these occurrences occurrences of of w; wi's's must must be be disjoint. disjoint. Thus Thus we we have have . . •
d(tj)
tjE.
+...+ Dl 1 JJ (d(d§+ 1) dd ++l +12+( d2(d + l )+ + . 1) . . ++ . . . + lLd d +� (d+ ( d + l )1). ~· . � L ( [ dd + 21 d· +l�J d D+l1J . · (l�J + 11] ++ 11)) DJ.D · �~2I [l� d+ d + l1 J D D 22 D D 22 D D D . 9(1(1 -- 0(1)). = ~ o(1)). 22 2(d 2(d 2(d++ 1) 1) 2(d++ 1) 1)
s Bd S > > IIBII-+-...§ I Br l > >
= = >
>
> > -
0 4.2.4. Suppose that 4.2.4. Suppose that Do A = = (rp (qol,..., qon) is is aa proof proof of of rp qo,, i.e., i.e., rpn ~n = = rp ~.. The The skeleton skeleton I . . . . , rpn) of length where of Do A is is a a sequence sequence of of the the same same length where each each rpi ~i is is replaced replaced by by an an axiom axiom schemas schemas or in Do this step; step; moreover, then there or aa rule rule used used in A at at this moreover, if if a a rule rule was was used, used, then there is is also also information lines to applied. E.g. information about about the the proof proof lines to which which the the rule rule was was applied. E.g. aa formula formula obtained P, j, k) obtained by by modus modus ponens ponens from from formulas formulas rpj qoj and and rpk q0k will will be be replaced replaced by by (M (MP, k).. We shall show We shall show that that for for a a given given formula formula rp ~p and and aa skeleton skeleton E there there exists exists in in aa sense sense aa most unifier most general general proof. proof. This This proof proof will will be be constructed constructed from from a a most most general general unifier for unification problem defining the cation problem for a a unification problem obtained obtained from from L E. In In defining the unifi unification problem assigned assigned to to the the proof proof Do A we we shall shall follow follow Baaz Baaz and and Pudbik Pudl~k [1993], the the idea idea goes goes back back to to Parikh Parikh [1973]. Replace . , rp�) Replace all all atomic atomic formulas formulas in in Do A by by a a single single constant constant c; let let Do' A' = = (rp�, (qo~,..., qo~) be be the the resulting resulting sequence. sequence. The The language language for for the the terms terms in in the the unification unification problem problem will will consists consists of of the the constant constant cc,, distinct distinct variables variables va for for every every subformula subformula f3 ~ of of Do' A ~ and and aa function function symbol symbol for for each each connective connective and and quantifier, quantifier, i.e., i.e., f--; f_~,, f�, f~, h f3 etc. etc. We We shall shall write write the the pairs pairs of of the the unification unification problem problem as as equations: equations: (1) For For each each propositional propositional axiom axiom schema schema used used in in the the proof proof we we add add an an equation equation : is ) , then which it; e.g., which represents represents it; e.g., if if rp qo~ is a c~ --r --+ (f3 (~ --r ~ a c~), then we we add add equation equation
E
[1993],
[1973].
. .
v/3
(1)
v~: = f_,(~,, f_,(v~,,,));
(2)
j
ponens, where (2) if if rpi qoi is is derived derived from from rpj qoj and and rpk qok via via modus modus ponens, where rpk qok is is rp qoj --r --+ rpi qoi,, we we
add add
v~, = y_,(v~,~,
v~);
56 9 569
The Lengths of of Proofs
(t)
(3) if if 'Pi ~i is is an an instance instance of of aa quantifier quantifier axiom, axiom, say say 'Pi ~pi is is (I)(t) --+ -+ 3x(x) 3x~(x),, then then we we (3) add the the equation equation add
v~ - f-~(va, f3(v~));
(t)
here 0: c~ is is the the formula formula obtained obtained from from (I)(t) by by substituting substituting c for for atomic atomic formulas, formulas, this this here is the the same same formula formula which which we we thus thus obtain obtain from from (I)(x); is (4) in in the the same same way way we we add add equations equations for for quantifier quantifier rules: rules: e.g., e.g., suppose suppose 'P ~jj is is (4) c~ --+ -~/~, ~ : is is 3xo: 3xc~ --+ -~/~ and 'Pi ~i is is derived derived from from ~j by by the the quantifier quantifier rule rule (6.3) (6.3),, then then we we 0: /3, 'P /3 and add equations equations add V",' (va, vp) v~;1 = = f--7 f~(v~, vB),, (5) fi finally we add add nally we (5)
(x); 'Pj
V", (13(va), vp) v~: = = f--7 f~(fa(v~), v~);; V~[ = T,
where T is is obtained obtained from from 'P� ~'~ by by replacing replacing connectives connectives and and quantifi quantifiers by the the where ers by corresponding corresponding function function symbols symbols f_,, . .. -4 ' f~, � , f3, .... Now we we are are ready ready to to prove prove the the result. denote the the depth of of 'P ~ aa formula, formula, Now result. Let Let dp(~) denote where we we consider consider 'P ~ as as aa term term but but we we treat treat atomic atomic formulas formulas as as atoms. atoms. Let Let dp(A), where for aa proof the maximal maximal depth depth of of aa formula formula in in A. for proof A, denote denote the
f f 13 , .
dp('P)
depth
dp(fl), fl. 4.2.5. Theorem. Theorem. (Krajf~ek [1989a] [1989a],, Pudhik PudlAk [1987]) [1987]) Let Let fl A be be aa proof proof of of 'P ~ and and 4.2.5. (Krajicek suppose fl A has has smallest smallest possible possible size. size. Then Then suppose )) . dp(fl) 0o ( Vlfll ' (dp('P) + 11/) Proof. Consider aa proof proof A fl ofof ~'P ofof minimum minimum size. size. Let U be be the problem P r o o f . Consider Let H the unification unification problem assigned to A. Clearly Clearly A fl determines determines aa unifier unifier au for for U H in in the the natural natural way. way. Let Let 1: assigned to fl. fl,
=
be aa most most general unifier of of H. U . We construct aa proof proof rF = 'l/Jn) from from be general unifier We shall shall construct = (Vh ( r , . . . , Cn) ~.. Let . Choose Choose a a small small formula 1: Let ~8 be be the the substitution substitution such such that that au -= ~1:8. formula �~ which which does not not contain any variable variable which occurs in in A, e.g., e.g., 00 = 00 if is in in the does contain any which occurs if itit is the language. language. Consider the the proof i.e., 'Pi ~i,, and and terms terms vv "'~:au and and Vv"'~: .1: . We We Consider the i-th i-th formula formula in in the proof A, i.e., with some some subformulas subformulas replaced v",: u ; this this means means that that v",:~ 1: is have ~ 61:8 = - v~a; is v"': v ~ au with replaced have v ",: by variables. variables. Thus to be be 'Pi subformulas corresponding corresponding to by Thus we we define define 'l/Ji r to ~i with with the the subformulas to variables in in v~ replaced by variables v"': ~1: replaced by ~. �.
fl,
=
fl,
'Pj
4.2.6. Let us consider an example. Suppose Suppose 'Pi been obtained obtained from 4.2.6. Let us consider an example. ~i has has been from ~j by by the the quantifier (6.3) . Suppose Suppose ~Pi 'Pi is is quantifier rule rule (6.3).
3x(P(x) ~--+ (Q(x) (Q(x) --+ 3x(P(x) R(y))) ~--+ R(y), R(y), --+ R(y))) Then vvla is
f-4 (13 f-4 ( f ( c)),)) ) c, -4 c, c
By By case case (4) (4) of of the the definition definition of of H, U, vv~E v"'i1: has has form form
s),
,c .
P. P. Pudlak Pudldk
570 570
t
s. f-+ (c,
s
c
t
for and s. Because most general, and t for some some terms terms t and Because E E is is most general, s is is either either c or or a a variable variable and is either as is either as in in vvv~a or f_.(c, vv~), or a a variable. variable. Let Let us us suppose suppose that that V �) ~) -+ --+ R(y). R(y). We needed in We see see that that the the structure structure of of formulas formulas needed in axiom axiom schemas schemas and and rules rules is is preserved. preserved. Note satisfied, since Note that that also also the the restrictions restrictions on on variables variables in in quantifier quantifier rules rules are are satisfied, since � does not should be does not contain contain any any variable variable which which should be bounded. bounded. Finally Finally we we have have also also r = = ~CPn , =~. 'l/Jn
=
cp o
4.2.7. Now Lemma 4.2.2. 4.2.7. Now we we can can apply apply Lemma 4.2.2. The The terms terms in in U b/ have have constant constant depth depth (where determined by (where the the constant constant is is determined by our our choice choice of of the the proof proof system) system) except except for for the the last equation equation where where we we have have aa term term whose whose depth depth is is equal equal to to dp(~o);j thus thus the the maximal maximal last depth depth is is O(dp(~)). Hence Hence the the maximal maximal depth depth of of aa term term vv 2� 2~ . Since in the the original proof d all all 'Y, 7 , .. ...., , 'Yk 7k must must eventually eventually merge merge into into one one formula, formula, d d must must contain contain at at least least kk � _> 2� 2o proof-lines. proof-lines. o D
The Lengths of of Proofs
577 577
Let us us note note that that the the above above proof proof can can be be applied applied directly directly to to Herbrand Herbrand theorem theorem Let too. Namely, Namely, the the above above argument argument also also shows shows that that any any Herbrand Herbrand disjunction disjunction for for 1/Jn Cn too. must have have at at least least 220 disjuncts. must � disjuncts. 5.3. The question question whether whether mathematical mathematical reasoning reasoning as as represented represented by by Zermelo Zermelo5.3. The Fraenkel set set theory theory is is consistent consistent has has intrigued intrigued aa lot lot of of mathematicians mathematicians and and philoso philosoFraenkel phers. The The approach approach of of finitists finitists is is to to discard discard it it as as meaningless meaningless and and ask ask instead instead phers. whether there there is is aa feasible feasible proof proof of of contradiction contradiction from from our our axioms axioms of of set set theory. theory. We We whether shall say say more more about about this this modified modified question question in in the the next next section. section. Now Now we we only only want want shall to show show that that there there are are theories, theories, not not quite quite unnatural, unnatural, which which are are inconsistent inconsistent but but in in to which no no feasible feasible proof proof of of contradiction contradiction exists. exists. Such Such theories theories have have been been considered considered which by several several researchers researchers including including Parikh Parikh [1971], [1971], Dragalin Dragalin [1985], [1985], Gavrilenko Gavrilenko [[1984] and by 1 984] and Orevkov [1990]; [1990]; the the first first and and the the most most infl influential was the the paper paper of of Parikh. Parikh. Orevkov uential was Let Let T T be be any any fragment fragment of of arithmetic arithmetic (it (it can can be be even even the the set set of of all all true true sentences sentences in the the standard standard model) model).. Let Let tt be be aa closed closed term term whose whose value value m m is is so so large large that that no no in 1 00 . proof of of size size m m can can be be ever ever constructed. constructed. Note Note that that tt can can be be quite quite simple, simple, say say 221~176 proof Extend T T to to T' T ~ by by adding adding axioms axioms Extend I(0),, 1(0)
l(x)
I(S(x)) , ~I(2~ . ""1(2�) -+
Clearly T' Clearly T ~ is is not not consistent. consistent. We We shall shall show, show, however, however, that that there there is is no no feasible feasible contradiction in in T' T ~.. contradiction Suppose we can can derive derive a a contradiction in T' T ~ of of size size less less than than n. Then, by the the Suppose we contradiction in Then, by bound on cut-elimination, cut-elimination, there there is is a a cut-free cut-free proof proof of of contradiction contradiction of of size size less less than than bound on A To fragment To To we have have such of --+) ..., 22�~ . This This means means that such aa proof proof of -~/~ To,, for for aa finite finite fragment that we be aa Skolemization Skolemization of of To. To . Then the proof of ---+ ..., A A T1 Tl is of T' T'.. Let T1l be Then the proof of -~ ~ at most of Let T is at most polynomially larger than each sentence sentence has has a a polynomial proof from from its its polynomially larger than 22�o (since (since each polynomial size size proof Skolemization). Thus by by taking also t, only slightly slightly larger larger than we get get Skolemization) . Thus taking m, hence hence also t , only than n, n, we to the the open open theory TI . Then Then we use the "interpretation" an upper ~ to theory T1. we use the same same "interpretation" an upper bound bound 22� argument as the lower lower bound to show show that that such such a a proof cannot exist. argument as in in the bound proof proof above above to proof cannot exist. Let us us note closure properties properties such as I(x) A I(y) l(x) /\ l(y) -+ Let note that that we we can can add add also also other other closure such as l(x + y) y) and and the the same same for take tt aa little little larger, larger, since since we we can can I(x for multiplication, multiplication, if if we we take using small small formulas formulas and (see 3.5). interpret such such aa theory theory in in TT'~ using interpret and short short proofs proofs (see 3.5). 6. i n i t e cconsistency onsistency sstatements t a t e m e n t s - - cconcrete o n c r e t e bbounds ounds 6. F Finite
We have have already already remarked remarked that there are almost no no concrete concrete examples examples of of sentences sentences We that there are almost for which which one one can can prove nontrivial bounds bounds on on the the length length of of proofs. proofs. There There is, is, however, however, for prove nontrivial T does does not not prove prove one exception; exception; namely, namely, the the sentences sentences expressing expressing that that aa theory one theory T contradiction using using aa proof proof of of length length _< ::; n; n ; (we (we shall shall say say that that the the theory theory TT is is aa contradiction consistent n) . consistent up up to to n). These are are not not real real mathematical mathematical theorems, theorems, which which would would be be interesting interesting for for These an ordinary ordinary mathematician, mathematician, but but they they are are very very interesting interesting for people who who study study an for people
578 578
P. Pudlak Pudldk
foundations of of mathematics. We shall prove bounds bounds on on the the length of such such aa statement statement foundations mathematics. We shall prove length of could be called a finite (or, (or, if in in the the theory theory T T itself. itself. This This could be called if you you prefer prefer the the word, word, feasible) version of of the the second second Ghdel Theorem. Furthermore, Furthermore, these these bounds bounds (especially the version Godel Theorem. (especially the lower applications. lower bounds) bounds) have have interesting interesting applications.
ajinite
feasible)
6.1. We 6.1. Formalization F o r m a l i z a t i o n of of syntax. syntax. We shall shall derive derive aa strengthening strengthening of of the the second second Godel Incompleteness Ghdel Incompleteness Theorem Theorem and and some some speed-up speed-up results. results. We We shall shall try try to to avoid avoid the the boring subject possible. However boring subject of of the the formalization formalization of of syntax syntax as as much much as as possible. However we we have have to the classical to say say something something about about it, it, since since the classical way way of of formalizing formalizing syntax syntax cannot cannot be be used used here. here. 6.1.1. First 6.1.1. First we we need need a a more more efficient efficient way way of of representing representing numbers numbers by by terms. terms. The The n (o) cannot classical numerals s Sn(0) cannot be since their their length is already already greater greater than than n, be used, used, since length is classical numerals while while we we want want to to bound bound the the lengths lengths of of proofs proofs by by aa polynomial polynomial iinn In] - the the length length of of the binary representation representation of of n. Thus Thus we we define the n-th numeral 11 n_n_as as follows. follows. If If the binary define the n-th numeral
In l
n.
kk .
n,
nn == ;=E~ 0 2'a;, I}, then 2iai, a; ai E {O, {0,1}, then n is is the the closed closed term term . . .) )) , !!o _a_0+ + 2 2.· (!h (_al + + 22.· (!h (a2 + + ' ". . . (!! ( ~k--1l + + 22.' !!k) a_k)...))), 11
i=0
where 1 1 -= S(O) S(0),, 2 2= = 1 1+ + 1. 1. where We numbers. A suitable one-to-one We need need also also to to represent represent sequences sequences by by numbers. A suitable one-to-one mapping mapping from {O, I1}* } * onto from {0, onto IN IN is is given given by by ( a 0 , . . . , an)~-+ E 2i( a' + 1).
a,
A A formula formula cp ~ is is first first represented represented as as a a 00 -- 11 sequence sequence a, then then we we take take the the number number m m which codes a as Godel number number of cpo We cp1 for which codes as the the Ghdel of ~. We shall shall use use the the symbol symbol r[~] for such such aa Godel number of Ghdel number of cp ~.o
a
6.1.2. Suppose 6.1.2. Suppose that that we we want want to to formalize formalize aa concept concept which which can can be be represented represented as as aa k If R subset T, then subset R R � C_ lN INk.• If R is is formalized formalized by by aa formula formula p(xl,..., Xk) in aa theory theory of of T, then k) in we clearly need we clearly need that that
p(Xl, . . . , X
( n l , . . . , n k ) E R r T ~- p ( n l , . . . , n_n_k).
This alone is usually not sufficient. The This alone is usually not sufficient. The key key property property for for our our proof proof is is that that the the above above formula length. As important concept, formula has has a a proof proof of of polynomial polynomial length. As it it is is an an important concept, we we shall shall define define it it precisely. precisely.
k and 6.1.3. Definition. Let 6.1.3. Definition. Let an an axiomatization axiomatization of of aa theory theory T T be be fixed, fixed, let let R R � c_ lN INk and let be aa formula. T, if let p(xl,..., , xk) formula. We We say say that that p polynomiaUy numerates R R in in T, if for for k ) be holds: R(nl,..., R( some some polynomial polynomial p and and every every n l , .. ... ., , nk E IN, IN, the the following following holds: nk) iff iff k! . T f~ p ( n , .. ...., , Ilk) n_k) by by a a proof proof of of length length :::; _< p(lnll,..., , ]nkl). T
p(Xl, . . . X p p(l1,
nl ,
p polynomially numerates n l , . . . , nk) p(lnll, . . . In )
It turns out that, for sufficiently strong T, the numerable It turns out that, for aa sufficiently strong theory theory T, the polynomially polynomially numerable relations are just the relations are just the NP AlP relations. relations.
The The Lengths Lengthsof of Proofs Proofs
579 579
6.1.4. Theorem. T h e o r e m . The The following following are are equivalent equivalent 6.1.4. (1) R isi NP; J 7,, (1) (2) R R is is polynomially polynomially numerable numerable in in Robinson Robinson arithmetic arithmetic Q Q.. (2) Since (2) (2) => ~ (1) (1) is is trivial trivial for for any any finitely finitely axiomatized axiomatized theory theory T, the the same same theorem theorem Since holds for for any any finite finite consistent consistent extension extension of of Q. Q. holds Before Before we we sketch sketch the the proof proof of of the the converse converse implication, implication, we we state state aa lemma lemma whose whose proof we we defer defer to to section section 6.3.4. 6.3.4. proof
6.1.5. For 6.1.5. Lemma. Lemma. For every every bounded bounded formula formula cp(x) ~(x),, with with xx the the only only free free variable, variable, there exists exists aa polynomial polynomial pp such such that that there
If1 IA00 + + Exp Exp f~ Vxcp(x) Vx~(x) implies that that for for every every nn EE IN, implies
Q f- cp(n,) Q
by aa proof proof of of length length :::; < p(log p(log n) n).. by
This f10 + This lemma lemma allows allows us us to to replace replace Q Q by by IIA0 + Exp Exp in in the the proof proof of of the the implication implication
(1) => ~ (2) (2).. If If we we are are proving proving some some property property of of a a concept concept formalized formalized by by aa f1 A00 formula formula (1)
Q, but in f10 + in IIA0 + Exp, Exp, then then this this statement statement may may not not be be provable provable in in Q, but each each numeric numeric instance instance has has a a polynomial polynomial proof. proof. Thus Thus for for instance instance we we are are free free to to use use commutative commutative and associative associative laws. laws. and
Proof-sketch R EE Np be given. given. We formalize P r o o f - s k e t c h of of Theorem T h e o r e m 6.1.4. 6.1.4. Let Let an an R JV'T~ be We formalize computations machine defining R. Thus R(( nn ll ,, .. ... ., , n~) nk) is is equivalent equivalent to to the computations of of aa Turing Turing machine defining R. Thus R the existence of string ss whose length is is bounded by aa polynomial in IInd, existence of aa 00 - 11 string whose length bounded by polynomial in n l l , ·. .. .., , Ink Inkll accepting computation). computation). satisfies aa certain property (namely, (namely, ss codes and which which satisfies certain property codes an an accepting and particular bits states that that each each c particular This This property property states bits of of ss have have one one of of some some particular particular forms, forms, where cc is some constant. For aa given there are are polynomially polynomially many many such such conditions. is some constant. For given s, s , there conditions. where Xk, y) y) such formula, where stand for nk and and Denote by aa(xI Denote by ( x l ,, ... .. ,. , xk, such aa formula, where X for nnI, l , ... .. ,. , nk Xn stand X Il,, .. ...., , xn holds for for some some true, then then a(nl,...,n_n_k,m) a(ZlJ , . . . , Ilk , m) holds nk) isis true, the string string s.s. If If RR(n yy for for the ( n ll,, ..... ,. , nk) m, whose whose length length is is bounded bounded by by aa polynomial polynomial in in IInnll ll,, .. .. .., , Inkl. number m, To prove prove Ink l . To number Ilk, m) by aa polynomial polynomial proof proof in in Q, Q, transform transform itit into into statements statements about about single single m) by aa(n.I, ( n l , .'. , . n_~, these bits of of the the string string encoded encoded by by m. m. Since Since the the string string really really witnesses R(( nnl, nk ) , these bits witnesses R l , ..... ., , nk), 3ya(n.I' · · · ,n_k, elementary statements statements are are true, true, hence hence provable. provable. Finally Finally derive derive 3ya(nl,... elementary y) ' Ilk, y) 0 from aa(n, Ilk, m). m) . Thus Thus 3ya(xl,..., 3ya(xI , . . . , xn) xn) polynomially polynomially numerates numerates R. R. from ( n ll,>... .. ,. , n_k, [] .
Now we we apply apply Theorem Theorem 6.1.4 6.1.4 to to the the provability provability predicate. predicate. Suppose Suppose aa theory theory TT isis Now NP, resp. resp. 7P~,, set set of of axioms. axioms. Let Let R(x, R( x, y) y) denote denote that that xx is is aa proof proof of of yy given by by an an AlP, given also. By By Theorem Theorem 6.1.4 6.1 .4 there there isis aa formalization formalization in T. T . Then Then RR isis in in A/P, NP , resp. resp. PP, , also. in of this this relation, relation, such such that that every every true true numeric numeric instance instance has has aa polynomial polynomial proof proof ProofT of PrOofT " Iml < n" can also be polynomially numerated, we get the in Q. Since the relation in Q. Since the relation "lml < n" can also be polynomially numerated, we get the following following corollary: corollary:
580 580
P. Pudl6.k Pudldk
00 be be such such that that for for every every rr Jl C~
(44) (44)
>-- r~.
Let Let dd be be the the degree degree of of n n in in P3(n, p3(n, k, k, m m).) . Take Take kk so so that that kc ke > d. d. Now Now suppose suppose (2) (2) fails fails for k, thus for k, thus k Vx(~(x) -~ Con COnT(Xk)). TT f-~ Vx T (x )) . ( {3 (x) -+ Let Let m be be the the length length of of this this proof. proof. Take Take n n so so large large that that p3(n, k, m) < nkke.. P3(n,
> 00 such such that that Then
7.2.2. 7.2.2. Theorem. Theorem.
II COnT(f(~))llT >_ f(~)~,
while 1.1. IIIConT(J( COnT(Y(n))llr+con~ = O(logn) O(logn);; :a)) IIT+conT = 2. fConT(J(:a))l ) li T = 2. IIIIPrT( PrT([ConT(Y(n__))q)llT = O(log O(logn). n) . Thus Thus in in both both cases cases we we get get aa speed-up speed-up by by any any provably provably total total recursive recursive function function of of T. T. Proof. (x, y) Proof. Lower Lower bound. bound. Let Let rp qo(x, y) be be the the formula formula which which polynomially polynomially numerates numerates f (x) = = y. Thus we we want want to to bound bound f(x) y. Thus
3y( rp (:a, Yy)/x ) 1\ ConT(y)) liT. 11113y(~(~, COnT(y))[IT. Let m -= f(n). f(n) . Clearly Clearly Let m
3! yrp (:a, y) m) --+ 3lye(n, y)A1\ qo(n, --+ ConT(m). ConT(m). rp (:a, m) Thus Thus
(46) (46)
ConT (m) lIT liT :::; []II ConT(m)
ConT ( Y)) liT + y) 1\ ConT(Y))llT m) liT ++ K, 113y(rp (:a, y)A + 113!Y~(n, y) liT ++ Ilk(n, K, Ilrp(:a, m)/IT 11 3 ! yrp(:a, Y)IIT 113y(~(n, where K K isis the the length length of of the the proof proof of of (46). (46) . The The proof proof of of (46) (46) depends depends only only linearly linearly where on on the the lengths lengths of of nn and and m, m, thus thus K K == O(log O(log m). m) . Similarly Similarly
11 3 ! yrp(:a, y)lIT O(log n), n), Y) IIT == O(log 113!y~(n,
on since f- Vx3!yqo(x,y). 'v'x3! yrp (x, V) . Finally Finally we we have have aa bound bound (log (log m)~ m) O( l) on since we we assume assume TT Fby polynomial polynomial numerability. numerability. Thus, Thus, using using Theorem Theorem 6.2.3 6.2.3 we we have have m) IIT by II~(n, IIrp (:a, m)liT (log m)~O( l ) , y) 1\ COnT(y))IIT m" -< ConT (m) liT _< 113y(rp (:a, Y)A me ConT(y)) liT ++ (logm) :::; 113Y(qo(n, :::; IIII COnT(m)llT which which gives gives the the lower lower bound. bound.
Upper bound bound (1). (1). Recall Recall that that ConT ConT denotes denotes Vx ConT (x) and and that that we we assume assume TT ~f Upper 'v'x ConT(x) Vx3!yqo(x, 'v'x3! yrp (x, y). y) . Again, Again, the the proof proof of of y) A1\ ConT(y)) ConT(y)) --+ 3y(~(n, 3y(rp(:a, y) y) --+ Vx 'v'x3!yrp(x, y) ConT (x) A1\ VxS!y~(x, 'v'xConT(x)
The Lengths of Proofs
589 589
depends of n, depends only only linearly linearly on on the the length length of n, thus thus 113 ( , ( ) Con ( y
1. 1. h
(Of (Of course, course, to to get get an an expression expression of of the the form form (54), (54), we we have have to to collect collect the the constant constant terms side; also terms on on the the right right hand hand side; also we we collect collect constant constant and and other other terms terms after after each each application of application of aa rule.) rule.) The The axioms axioms and and derivation derivation rules rules are are 11.. axioms all translations the clauses question and axioms are are all translations of of the clauses in in question and the the expressions expressions Pi pi 2: _> 0, 0, Pi 2: -Pi _> - 11; ; 22.. addition: a d d i t i o n : add add two two lines; lines; 3. multiplication: 3. m u l t i p l i c a t i o n : multiply multiply aa line line by by a a positive positive integer; integer; 44Another Another name proposed for this calculus is the Groebner Groebnerproof system.
of Proofs The Lengths of
605 605
4. division: division- divide divide aa line line (54) (54) by by aa positive positive integer integer cc which which divides divides evenly evenly al a l l, . .. .., , ak 4. and round-up round-up the the constant constant term term on on the the right right hand hand side, side, i.e., i.e., we we get get and
al an I + . . . + -Pn -P c c
+...+
-c . � rBl VB1.
(Note (Note that that on on the the left left hand hand side side we we have have integers, integers, thus thus rounding rounding up up is is sound.) sound.) A contradiction contradiction is is obtained, obtained, when when we we prove prove 00 > 11.. A We suggest suggest to to the the reader, reader, as as an an easy easy exercise, exercise, to to check check that that this this system system simulates simulates We resolution. Goerdt Goerdt [1991] [1991] proved proved that that Frege Frege systems systems polynomially polynomially simulate simulate the the resolution. cutting plane plane proof proof system. system. Furthermore, Furthermore, Buss Buss and and Clote Clote [1996] [1996] proved proved that that the the cutting cutting plane plane system system with with the the division division rule rule restricted restricted to to the the division division by by 22 (or (or any any cutting other constant constant > 11)) polynomially polynomially simulates simulates the the general general system. system. Recent Recent success success in in other proving exponential exponential lower lower bounds bounds on on the lengths of of cutting cutting plane plane proofs proofs (see section proving the lengths (see section 9.3) gives gives us us also also interesting interesting separations. separations. The The cutting cutting plane plane proof proof system system cannot cannot be be 9.3) simulated by by bounded depth Frege Frege systems systems as as it it proves proves the the pigeonhole pigeonhole principle principle (see (see simulated bounded depth Cook, Coullard and Tunin Turin [1987]) [1987]) using using polynomial polynomial size size proofs. proofs. The The cutting plane Cook, Coullard and cutting plane proof system system does does not not polynomially simulate bounded bounded depth depth Frege Frege systems systems Bonet, Bonet, proof polynomially simulate Pitassi and and Raz Raz [1997a] [1997a],, Krajicek Kraji~ek [1997a], [1997a], Pudhik Pudl~k [1997]. [1997]. Pitassi
�
9. L o w e r bounds b o u n d s on o n propositional p r o p o s i t i o n a l proofs proofs 9. Lower In this this section section we we give give an an example example of of aa lower lower bound proof in in propositional propositional logic. logic. In bound proof Our lower lower bound bound will will be be an an exponential exponential lower lower bound bound on on the the size size of of resolution resolution proofs proofs Our of the the pigeonhole pigeonhole principle. principle. The The first first such such bound bound for for unrestricted unrestricted resolution resolution was was of proved by Haken [1985].. Unfortunately Unfortunately his his proof proof cannot proved by Haken [1985J cannot be be generalized generalized to to stronger stronger systems, (at nobody has doing it). it) . Therefore Therefore we shall apply systems, (at least least nobody has succeeded succeeded in in doing we shall apply a a technique of Ajtai Ajtai [1994a], [1994a], which which he bounded depth Frege systems. case technique of he used used for for bounded depth Frege systems. The The case which can can be considered as as aa depth depth one system, is simpler than than of resolution, resolution, which be considered one Frege Frege system, is simpler of for depths and serve as more advanced advanced results. for larger larger depths and thus thus can can serve as aa good good introduction introduction to to more results. 9.1. A general general m ethod. Before we consider consider the we shall 9.1. A method. Before we the concrete concrete example, example, we shall present a a general lower bound proofs, which can be be applied applied to to some some present general framework framework for for lower bound proofs, which can existing proofs proofs and, and, maybe, for some proofs. A general existing maybe, can can be be also also used used for some new new proofs. A general description of is going going on on in in lower bound proofs proofs is is always always useful, useful, since, since, when when description of what what is lower bound proving aa lower lower bound, we are things (the (the short proving bound, we are working working with with nonexisting nonexisting things short proofs proofs whose whose existence existence we we are are disproving) disproving) and and therefore therefore itit is is difficult difficult to to give give any any intuition intuition about about them. them. The basic basic idea idea of of our our approach approach is is as as follows. follows. Suppose Suppose that that we we want to show show that that The want to a2, . . . ,am) , am ) is is not not aa proof proof of of c~. a. Let Let LL be be the the set set of of subformulas subformulas of of c~1, aI, a2,... a2, . . . ,am , am (c~1, (aI , c~2,... and and c~. a. L L isis aa partial partial algebra algebra with with operations operations given given by by the the connectives. connectives. Suppose Suppose that that and aa homomorphism homomorphism A A :: L L --+ -+ B B such such that that A(c~) A(a) ~=I- lB. lB. we have have aa boolean boolean algebra algebra B and we a cannot cannot be among c~1,... al l . . . ,c~m, , am , since since A(qo) A(ip) == 1B 1B for for every every axiom axiom and and this this is is Then c~ Then be among preserved Frege rules. a is is aa tautology tautology preserved by by Frege rules. In In this this form form the the method method cannot cannot work: work: ifif c~ (and Therefore we have to (and we we are are interested interested only only in in tautologies), tautologies) , then then A(c~) A(a) -= lB. lB. Therefore we have to
B
Pudldk P. Pud16k
606
modify it. it. We We take take only only some some subsets subsets L Lii � C_L L and and AAii :: L Lii ---+ --+ B Bii for for different different boolean boolean modify algebras algebras B Bi. .i Now we we shall shall describe describe this this method method in in details. details. Let Let Now
(p~,..., v~(p~,..., , ' " , Ppt),..., k(Pl, ' " , Pp~) CPv~l (Pl i) , . . . , CP i) (P! , · · . ,,Pl) Pi) cp(/9(Pl,''' be be aa Frege Frege rule rule R. R. We We shall shall associate associate with with it it the the set set LR LR of of all all subformulas subformulas of of ~Pl,..., ~kk and and cp ~.o If If l, ' . . , CP CP l (¢! , . . . , ¢l k (¢! , . . . , ¢l ~1(r r ) , . . . , CP ~(r r ) CP (¢! , . . . , ¢l ) cp~(r162 is an an instance instance of of R, R, we we associate associate with with it it the the set set is
LLR(g ) ; a(pl R( ,j)) = (tPl ....... = LR LR(r C t )= - {a( ( a ( r¢l, . . . , ¢i Ct); a ( p t ,, .. ... ., ,pPtl)) E LR}. LR). ...tPtl Let B B be be aa boolean algebra. A A homomorphism homomorphism A A : 9L LR(5) --+ B B is is a a mapping which Let boolean algebra. mapping which R(,j) ---+ maps connectives connectives onto onto corresponding corresponding operations operations in in B B,, i.e., i.e., maps
z ( .cp) ~) = = 'BA( ~.~(~) A( cp) z(vcp V v¢ r)= = A( ~(v) v , A( ~(r¢ ) A( cp) VB
etc. etc. The following following lemma lemma formalizes formalizes our our method. method. The
Let Let (a (at,! , a2, a 2 , .' .. .., , am am)) be be aa Frege Frege proof proof using using aa set set of of assumptions assumptions SS.. Suppose Suppose the the following following conditions conditions are are satisfied: satisfied: the proof we have 1. every .formula of the proof we have aa boolean boolean algebra algebra B Bii and and an an element element 1. For For every formula ai ai of bbii E Bi. Bi . Furthermore, Furthermore, ifif ai ai EE S, S, then bi == 11B~. Bi . then bi 2. For For every every instance instance of proof we have aa boolean boolean algebra algebra BR(g BR(,j)) 2. of aa rule rule R( R(r"f) of of the the proof we have AR(,j) : 9LR(g) ---+ BR(g). BR(,j) . LR(,j) --~ and homomorphism AR(g) and aa homomorphism For every formula ai ai of the proof proof and and and and every every instance instance of rule R( 3. For every formula of the of aa rule R(r"f) where where we have have an /\'i.R(,j) :" B LR(,j) ' we ai EE LR(r BR(,j)) so ai an embedding embedding ai,R(g) Bii ---+ --+ BR(g so that that /\' ai,R(5)(bi) i.R(,j) (bi ) == AR(,j) (ai ) Then Then
9.1.1. 9.1.1. Lemma. Lemma.
'
bt = 1 s l , . . . , b m = lB,,.
The proof proof of of this this lemma lemma is is based based on on the the following following observation: observation: The 9.1.2. emma. 9.1.2. LLemma.
A rule is any boolean boolean algebra. A Frege Frege rule is sound sound in in any algebra.
Proof. Suppose for for some some assignment assignment of of values values from B we we get get the the value value 1B lB for for P r o o f . Suppose from B the assumptions assumptions but but aa value value bb 00 is is aa constant. constant. We shall use We shall use the the following following simple simple estimate. estimate. 9.2.4. Let I AI I = A� 9.2.4. Lemma. Lemma. Let a, a, b, b, l1 � < n, n,A C_ { l1,, . . .., ,nn} } , l, A = aa.. Take Take aa random random E B � C_ { 1 , .. .. . , , n}, n}, lEI [B[ = = b, with uniform uniform probability. probability. Then Then {I, b, with
( )
.
eab
Prob(IA n EII � l) � Prob(IAMB >_l) < \ --:;;z nl ]
l
Proof. Proof.
Prob(IA Prob(IA n ME BII � _>l) < _ =
~
�AA {al, ... ,ad { a l ..... at}C
()
Prob(a E,, .. ... ., , aatt EE E) Prob(all E EB B)
a . !!.. . b - 11 . . b - l + 1 .. . l nn nn --1 1 nn --l +l1+ 1
D
610 610
P. Pudlak Pudldk
l
1 Proof n'J . Let P r o o f of of Lemma L e m m a 9.2.3. 9.2.3. Let Let us us denote denote by by l1 = = l[~n'J. Let � A be be given. given. We We shall shall simplify simplify the the situation situation by by replacing replacing each each -'Pij "~Pij E E � A by by
'j V V Pi pi,J v V V Pij pij,.' · V i'i'r#i ij'r'#j This operation commutes with the restriction and This operation commutes with the restriction and the the new new clause clause is is covered covered by by assume that that � the old old one T, ITI ::; < ll,, iff iff the one is, is, since since £e < < n' n' - 2. 2. Thus Thus we we can can assume A contains contains only is determined only positive positive literals. literals. Such Such aa � A is determined by by the the graph graph E E = {{(i,j);pij A}.. (i, j); Pij Ee �} Let Let
2/ 3 nn2/3 a = 40 · 40 From shall omit From now now on on we we shall omit the the integer integer part part function function and and assume assume that that all all numbers numbers are only inessential are integers. integers. This This introduces introduces only inessential errors. errors. Furthermore Furthermore denote denote by by a
~"
~
.
A }. A= = {j {j E E R; R; degEU) degE(j) � _ 2a 2a}. We We shall shall consider consider two two cases. cases. Case Case 1: 1" IAI IAI � _> 2a. 2a. We We shall shall show show that that in in this this case case � Agg = = T 7- with with high high probability. probability. First estimate IA IA n First we we estimate M rng( rng(g)I. Note that that rng( rng(g) is aa random random subset subset of of R R of of size size g ) is g ) I . Note Hence we apply n- n' n',, thus thus also also R' R' = - R\ R \ rng( rng(g) is a a random random subset subset of of size size n'. n'. Hence we can can apply g) is Lemma 9.2.4. Lemma 9.2.4. Prob(IA Prob([A n M rng( rng(g)[ < a) a) = Prob(IA Prob([A n MR R'[' I � > [IAI A [- a) a) g) I < I AI -a ( 2 2e < (elZlnX/3 )lal-a e)a eIA l n l/3 < < n(IAI - a) n(IAI-a) -< nn-~ 2 /3 The bounded by The probability probability that that � Agg is is not not T 7- is is bounded by
)
(
('
( ) a •"
)
Prob v'j EE A Prob (Vj mn M rng( rng(g)((g-l(j),j) E)) ::; < g ) ((g -I U ) , j) �~ E) Prob(IA Prob(IA n n rng( rng(g)l a) + + g ) I < a) Prob Vj EE A n rng(g ) ((g - I U) , j) �r E) IA n rng(g ) I � Prob(Vj ANrng(g)((g-~(j),j) E) II IAnrng(g)l > aa). .
(
)
The estimated by The second second term term can can be be estimated by
(
(55) (55)
(56)
)
max Prob (Vj Vj EE A n rng(g ) ((g - I U), j) �r E) Il A n rng(g ) = C max Prob Anrng(g)((g-~(j),j) Anrng(g)= C),, C�A. CC_A, ICI2:a ICl>a
thus thus it it suffices suffices to to consider consider a a fixed fixed such such C C and and bound bound the the probability. probability. Let Let C C = = l I I the of , , ) j . , , vertices . . U as . , . think one ) ; , U } {jl {jl, h j 2 , .· . . , Jlcl}; j2),... ' g g-l(Jlcl) chosen one by by I gg - t ((h) lcl as chosen I Cl think of the vertices gg-X(jl), one independently, except that that they they must be different. one independently, except must be different. Prob (id = . . . , g (it ) = ( g - I Ut+I ) , jt+ l) �r E Prob ((g-~(jt+,),jt+~) E II g g(il) = jb jl,...,g(it) = jjr)t = = I it } 1 < 1 -_ degEU ) = 11 - IE ] E -- l (UJ t+ t +ll)) - {il { i l ,, .. ... . ,,it}l < 1 -_ 22aa - tt. < 1 d e g E ( Jt+t +l l )-- tt = < 1 . nn ++l -1--t t nn ++l 1 nn ++l 1 -
(
)
-
_
-
611 611
The The Lengths Lengths of of Proofs Proofs
=
l (jt), jt) � Thus ei is Thus the the probability probability that that (g(g-l(jt),jt) r E E for for all all tt = 11,, .. .. .., , lICI is
a )a (1 - �) (1 - 2an +- 11 ) . . . (1 - 2a -n I+C1I + 1 ) - (1 - _ n+1 n+1 /3 , this expression is e -n(nl/3 ) . The first term of (56) is Since n�l rv � and aa ,.., nn 22/a, estimated in (55) and is even smaller. Thus in Case 1 the probability is 1 _ e-n(nl/3 ) as required. =~
S� [CP(x)] lyl ) ' S~ fF- Vy3d Vy3d (d (d": P P fF-[~(X)llyl).
T, if (3) A (3) A propositional propositional proof proof system system P P is is associated associated to to aa theory theory T, if P P simulates simulates T T and and T T fF- RFN(P) RFN(P).. Probably in (2) you Probably in (2) you expected expected rather rather aa statement statement like like in in Theorems Theorems 10.2.2 10.2.2 and and 10.3.2. condition (2) (2) is 10.3.2. In In fact fact the the condition is stronger: stronger: by by Buss's Buss's Theorem Theorem 11.3.2, II.3.2, the the provability provability of of such such aa IT II22 statement statement in in Si S~ implies implies that that it it can can be be witnessed witnessed by by aa polynomial polynomial time time computable computable function. function. Thus, Thus, in in particular, particular, the the P P proofs proofs of of [cp(x)] [~(x)]n's must be be of of n 's must polynomial (2) means there is polynomial size. size. So So (2) means that that there is aa polynomial polynomial bound bound on on the the lengths lengths of of P P proofs proofs of of [cp(x)] [~(x)]n's provably in in aa weak weak theory. theory. n 's provably Let us is equivalent the consistency Let us also also note note that that RF R F NN(P) ( P ) is equivalent to to the consistency of of P P assuming assuming some "mild conditions" conditions" on some "mild on P. P. We We shall shall denote denote by by G G the the quantified quantified propositional propositional proof proof system system based based on on the the sequent calculus, see sequent calculus, see 8.8. 8.8. Let Let G; Gi denote denote the the subsystem subsystem of of G G obtained obtained by by imposing imposing the the restriction restriction of of at at most most ii alternations alternations of of quantifiers quantifiers in in each each formula formula of of aa proof. proof. Let Let G; G* denote denote G; Gi where where we we allow allow only only tree-like tree-like proofs. proofs. The The following following theorem theorem gives gives some some known known pairs pairs of of aa proof proof system system associated associated to to aa theory theory (for (for definitions definitions of of the the theories theories see see Chapter Chapter II) II)..
625 625
The The Lengths Lengths of of Proofs Proofs
10.3.5. ((Cook Cook [1975] 10.3.5. Theorem. Theorem. [1975],, Krajicek Kraji~ek and and Takeuti Takeuti [1990] [1990],, Krajicek KrajiSek and and Pudlak Pudls [1990]) [1990]) The The following following are are pairs pairs of of aa theory theory and and aa proof proof system system associated associated to to it: it: 0[] T� , Gi) (S~,, extension extension Frege) Frege),, (S�, (S~, Gn G*) for .for ii � >_11,, ((T~, G,) for for ii � >_11,, (Ui (U~,, G) G).. (Si
Note Note that that for for Ui U~ we we have have two two related related systems, systems, depending depending on on which which translation translation we take. take. Further Further results results of of this this type type were were proved proved in in Clote Clote [1992] [1992].. we Next Next theorem theorem shows shows that that under under reasonable reasonable conditions conditions the the associated associated propositional propositional proof system system is is determined determined up up to to polynomial polynomial simulation. simulation. proof 10.3.6. ((Krajf~ek Krajicek and 10.3.6. Theorem. Theorem. and Pudlak Pudl~k [1990]) [1990]) Let Let P P be be aa propositional propositional proof proof system associated associated to to aa theory theory T. T. Suppose Suppose T T contains contains Si S 1 and and the the following following is is provable provable system in in Si S~ :: P P simulates simulates extension extension Frege Frege systems systems and and it it is is closed closed under under modus modus ponens. ponens. Then P P polynomially polynomially simulates simulates any any propositional propositional proof proof system system for for which which T T proves proves the the Then reflection principle. principle. reflection
Thus, e.g. by Thus, e.g. by Theorem Theorem 10.3.5, 10.3.5, extension extension Frege Frege systems systems and and Gi G~ are are polynomially polynomially equivalent. equivalent. Proof. Proof. Suppose Suppose T T fF RFN(Q) R F N ( Q ) . . Let Let PQ(x, pQ(x, y) y) be be the the ITt II~ formula formula which which defines defines the the reflection principle, principle, i.e., i.e., reflection
pq(d, pQ(d, u) u) == -- dd:: Q Q fFu u -t -+ Taut(u). Taut(u). By By the the assumptions assumptions Si S~ fF Vz(P Vz(P fF [PQ(x, [pQ(x, y)l Y)]z)" We now now we we argue argue in in the the theory theory Si S 1.. z ) . We
Thus we we have have Thus
P P fF [x [x:: Q Q fF yy -t --+ Taut(y)] Taut(y)]~.z . is [x: [x : Q Q Ff- y]z [Taut(y)] z and and PP is closed under under Since Ix: [x : Q f- y Taut(y)]zz is yl z -t Since Q F y -t --+ Taut(y)] ~ [Taut(y)]~ is closed
modus ponens, we we get get modus ponens,
PFf-[ x[x: Q: FQyf-] ~yl z P We have also also We have
-t ~
P f- [Taut(y)l z . PF[Taut(y)]~.
P f-F [Taut(y)]z [Taut(y)l z P
-t --~
P P fF y, y,
P Ff- [x P [x :: Q Q Ff- y]z yL
-+ -t
P P Ff- y. y.
since itit is true already already for for extension extension Frege Frege systems systems (we (we leave leave this this claim claim without without aa since is true proof). have obtained Thus we we have obtained in in S~ Si proof) . Thus witnessing theorem theorem itit means means that that one one can can construct construct Back in in the the real real world, world, by Buss 's witnessing Back by Buss's in in polynomial polynomial time time aa proof proof of of ~cp in in PP from from aa proof proof of of [d: [d : Q Q Ff- ~P]n in P. P. CP] n in Now suppose suppose that that we we are are given given aa proof proof dd of of ~cp in in Q. Q. Substituting Substituting the the numbers numbers Now which encode encode dd and and ~cp we we get get aa true true variable-free variable-free propositional.formula propositional formula [d [d ": QQ Ff- :t:l which ~]n. n. formulas always always have have polynomial polynomial size size proofs proofs even even in in aa Frege Frege system. system. Thuswe Thus we Such formulas Such get [] 0 proof of of ~p cp in in polynomial polynomial time. time. get aa PP proof
The meaning meaning of of this this theorem theorem isis that that the the proof proof system system associated associated to to aa theory theory TT is, is, The from from the the point point of of view view of of T, T, the the strongest strongest proof proof system, system, i.e., i.e., stronger stronger systems systems may may be be inconsistent. inconsistent. Let Let us us state state itit formally: formally:
626 626
P. PudlO.k Pudldk
10.3.7. 10.3.7. Corollary. Corollary. Under the the same assumptions as as in in Theorem Theorem 10. 10.3.6, if T T fiUnder same assumptions 3. 6, if NP AlP = coNP, coAf P, then then P P is is polynomially polynomially bounded. bounded. Proof. Since the complete, the Proof. Since the set set of of propositional propositional tautologies tautologies is is coNP coAfT)-complete, the assumption assumption T T f~ NP AlP = = coNP coAf7~ means means that that -
T T fF- 'v'x(a(x) Vx(a(x) == - Taut(x)), Taut(x)),
(59) (59)
for nes aa polynomially for some some a(x) a(x) E E I;� E b.. So So aa defi defines polynomially bounded bounded propositional propositional proof proof system system bounded quantifi ers) . The Q (proofs (proofs are are the the witnesses witnesses for for the the existential existential bounded quantifiers). The sentence sentence Q (59) implies implies T Hence, by (59) T fF- RF R F NN(Q) ( Q ) . . Hence, by Theorem Theorem 10.3.6, 10.3.6, P P polynomially polynomially simulates simulates Q. Q. 0 But But if if Q Q is is polynomially polynomially bounded, bounded, then then also also P P must must be. be. El As corollary will will be As we we believe believe that that NP AfP =I 5r coNP, coA/'7), we we expect expect that that the the corollary be used used in in the the contrapositive contrapositive form. form. Let Let us us state state the the nicest nicest special special case case of of it it (proved (proved directly directly by Wilkie Wilkie in in 1987, 1987, unpublished; unpublished; as as observed observed in in Krajicek Krajfhek and and Pudllik Pudl~k [1989] [1989] it it also also by follows follows from from results results of of Cook Cook [1975] [1975] and and Buss Buss [1986]). [1986]). 10.3.8. If 10.3.8. Corollary. Corollary. If extension extension Frege Frege proofs proofs are are not not polynomially polynomially bounded, bounded, then then 0 S~ does does not 3/'7~ = : coNP coAf ~ . . [] not prove prove NP Si 10.4. Optimal The 10.4. O p t i m a l proof p r o o f systems s y s t e m s and and consistency consistency statements. statements. The second second translation can link between translation can be be used used to to show show aa link between aa fundamental fundamental problem problem about about the the lengths of of proofs proofs of of fi finite consistency statements statements and and the the existence existence of of an an optimal optimal lengths nite consistency propositional proof propositional proof system. system. Furthermore Furthermore there there is is aa statement statement from from structural structural complexity problems. A I} * is complexity theory theory which which is is equivalent equivalent to to these these problems. A set set Y Y � C_ {O, {0, 1}* is n is bounded bounded by called sparse, called sparse, if if for for every every n n,, the the size size of of Y Yn gl {O, {0, l} 1}n is by aa polynomial. polynomial. 10.4.1. 10.4.1. Theorem. T h e o r e m . (Krajicek (grajfhek and and Pudllik Pudls [1989]) [1989]) The The following following are are equivalent: equivalent: 1. There exists exists aa consistent consistent finitely finitely axiomatized axiomatized theory theory T T 2 D_Si S 1 such such that that for for every every 1. There
consistent finitely consistent finitely axiomatized axiomatized theory theory S S IICons(
)IIT = n ~
2. 2. There There exists exists an an optimal optimal propositional propositional proof proof system, system, i.e., i.e., aa propositional propositional proof proof propositional proof system system P P such such that that for for every every propositional proof system system Q Q
II lIQ- li il for for every every tautology tautology cp. ~o. 3. -set X 3. For For every every coNP co.hf P-set X there there exists exists aa nondeterministic nondeterministic Turing Turing machine machine which which accepts and uses polynomial time subset Y accepts X X and uses only only polynomial time on on every every sparse sparse subset Y � CX X ,, Y Y E EP 7).. The 1. and 2. is The proof proof of of the the equivalence equivalence of of 1. and 2. is based based on on the the following following two two construc constructions. If tions. If T T is is an an optimal optimal theory theory in in the the sense sense of of 1., 1., we we take take aa propositional propositional proof proof system defined by: system P P defined by: dd": P df dd": T P f~ cp ~o == --dl T fF- Taut( Taut(~_). if)'
Lengths of of Proofs The Lengths
627 627
If, on on the the other other hand, hand, P P is is an an optimal optimal propositional propositional proof proof system, system, we we take take the the theory theory If, T defined defined by: by: T T =df =~f S� S1 + + RFN(P). RFN(P). T D[Z] We omit omit the the rest rest of of the the proof. proof. We Given Given aa propositional propositional proof proof system system P P which which is is not not polynomially polynomially bounded, bounded, we we can can produce, produce, using using this this theorem, theorem, aa sequence sequence of of tautologies tautologies which which surely surely do do not not have have polynomial size size proofs proofs in in P. P. Unfortunately, Unfortunately, the the tautologies tautologies will will be be rather rather complex complex polynomial artificial statements, statements, thus thus not not amenable amenable to to aa combinatorial combinatorial analysis. analysis. However, However, as as artificial noted by by Krajicek Krajf~ek [1995], [1995], one one can can use use the the polynomial reductions, by by which which NP Af:P noted polynomial reductions, completeness results results are are proved, proved, to to turn turn these these tautologies tautologies into into simple simple combinatorial combinatorial completeness statements. For For instance instance one one can can construct construct aa sequence sequence of of nonhamiltonian nonhamiltonian graphs, graphs, statements. such that that there there are are no no polynomial polynomial size size proofs proofs in in P P of of the the tautologies tautologies expressing expressing such that the the graphs graphs are are nonhamiltonian. nonhamiltonian. Thus Thus the the problem problem reduces reduces to to finding finding aa class class that of nonhamiltonian nonhamiltonian graphs graphs for for which which it it is is difficult difficult to to prove prove in in P P that that they they are are of nonhamiltonian. nonhamiltonian. 11. Bibliographical r e m a r k s for f o r further f u r t h e r reading reading 1 1 . Bibliographical remarks In this this section section we we shall shall give give aa few few more more references references which which have have not not been been mentioned mentioned In in text. This in the the main main text. This should should serve serve to to the the reader reader who who is is interested interested in in the the history history of of the subject subject or or who who wants wants to to learn learn more more about about it. it. Our Our aim aim is is not not to to complete complete the the the list of of references references about about results results on on the the lengths lengths of of proofs, proofs, rather rather we we want want to to partially partially list complement the the above above presentation presentation which which concentrated concentrated on on methods methods used used in in this this complement research research area. area. Thus, Thus, in in particular, particular, we we shall shall not not repeat repeat results results described described above. above. Probably oldest recorded recorded paper paper on the subject subject is is GSdel Probably the the oldest on the Godel [1936]. [1936]. In In this this two-page abstract stated the the result that there the lengths lengths two-page abstract he he stated result that there is is aa speed-up speed-up between between the of proofs of formulas order and § 1-st order arithmetics. To quote quote 1-st order arithmetics. To of proofs of formulas provable provable in in i-th i-th order and ii + him: The transition to the logic of of the results in transition to the logic the next next higher higher type type not not only only results in certain certain him: The
previously unprovable unprovable propositions provable, but it becoming becoming possible possible previously propositions becoming becoming provable, but also also in in it to the proofs proofs already The length to shorten shorten extraordinarily extraordinarily infinitely infinitely many many of of the already available. available. The length of proofs is considered considered to steps and speed-up is r for any of proofs is to be be the the number number of of steps and the the speed-up is ¢>(n) for any function ¢>r "computable" "computable" in in the lower system. system. There no proof proof given paper. function the lower There was was no given in in the the paper.
For aa full statement see see Buss [1994]. For full proof proof of of this this statement Buss [1994]. Another important important writing Godel which which was was discovered only aa few Another writing of of GSdel discovered only few years years ago, ago, is is the the letter letter by by GSdel Godel [1993]. [1993]. In In that that letter letter he he posed posed the the question question whether whether one one can can decide in in linear, linear, quadratic, quadratic, etc. etc. time time in in nn whether whether aa given given formula formula has has aa proof proof of of decide length (= (= number number of of symbols) symbols) n. n. Now Now we we know know that that this this problem problem is is Af:P-complete. NP-complete. length See Buss Buss [1995a] [1995a] for for aa discussion discussion and and aa proof proof of of an an unproven claim of of GSdel. Godel. See unproven claim Looking at at the the literature literature itit seems seems that that the the subject subject lay dormant for for several several decades. decades. Looking lay dormant think that that many many people people thought thought about about problems problems on on the the lengths lengths of of proofs, but the the II think proofs, but things that that they they actually could prove prove did did not not look look interesting interesting enough, enough, especially especially when when things actually could compared with with other other fancy fancy topics topics like like set set theory. theory. Furthermore some basic basic concepts concepts compared Furthermore some were missing (one (one of of such such crucial crucial things things was the distinction distinction between polynomial size size were missing was the between polynomial
628 628
P. Pudldk Pudlak P.
and exponential exponential size). size) . This This can can be be documented documented by by aa remark remark of of Kreisel Kreisel [1967,page [1967,page and 241] , who who mentions mentions aa conversation conversation with with GSdel G6del where where GSdel G6del asked asked the the question question of of 241], what are are the the lengths lengths of of proofs proofs of of finite finite consistency consistency statements. statements. No No paper paper had had been been what written about about itit until until Friedman Friedman [1979], [1979], but but he he did did not not consider consider itit to to be be worth worth written publishing. publishing. At the the early early stages, stages, Georg Georg Kreisel Kreisel was was one one of of the the main main proponents proponents of of this this field. field. At His student student Statman Statman [1978] [1978] determined determined the the increase increase of of the the lengths lengths of of proofs proofs in in His cut-elimination and and Herbrand's Herbrand ' s Theorem. Theorem. Another Another of of his his students, students, Baaz Baaz (see (see Baaz Baaz cut-elimination and Pudl~k Pudhik [1993], [1993], Baaz Baaz and and Zach Zach [1995]), [1995]), made made significant significant progress progress in in Kreisel's Kreisel's and Conjecture. As seen seen on on Kreisel's Kreisel's Conjecture, Conjecture, Kreisel Kreisel was more interested interested in in positive positive Conjecture. As was more results in in the the sense sense of of deriving deriving more more information information from the proofs proofs than than just just the the mere mere results from the fact that the the statement statement is is true. true. Logic Logic should should help help mathematicians mathematicians to to get get more more or or fact that better results, results, rather rather than than only only to to show show impossibilities impossibilities of of certain certain proofs, see e.g. e.g. better proofs, see Kreisel [1990]. [1990]. From From this of view, of the the greatest greatest successes successes in in proof proof theory theory Kreisel this point point of view, one one of was the Luckhardt [1989], [1989], deriving deriving explicit explicit bounds bounds on was the result result of of Luckhardt on approximation approximation of of algebraic numbers by by rational rational numbers numbers (Roth's (Roth's theorem), using Herbrand's Herbrand ' s theorem. algebraic numbers theorem), using theorem. Originally in the lengths of of proofs mainly on Originally the the interest interest in the lengths proofs was was based based mainly on philosophical philosophical and With the new practical and methodological methodological considerations. considerations. With the advent advent of of computers computers aa new practical proving. The The main main tool tool in in automated reason reason appeared: appeared: automated automated theorem theorem proving. automated theorem theorem proving for first first order see e.g. e.g. Chang Lee [1973]. proving is is the the resolution resolution system system for order logic, logic, see Chang and and Lee [1973]. For For us, us, theoreticians, theoreticians, most most of of the the papers papers are are too too much much applied, applied, however however there there are are several several results results which which are are important important also also for for theory. theory. Such Such aa notable notable result result is is the exponential lower bound for propositional regular resolution of the exponential lower bound for propositional regular resolution of Tsejtin Tsejtin [1968]. [1968]. The The question question about about the the efficiency efficiency of of proof-search proof-search strategies strategies are are often often nontrivial nontrivial mathematical mathematical problems, problems, let let us us mention mention at at least least some some results results of of this this type type Baaz Baaz and and Leitsch Leitsch [1992,1994]. [1992,1994]. There There are are several several books books about about the the complexity complexity of of logical logical calculi, calculi, e.g. e.g. Eder Eder [1992]; [1992]; they they deal deal mainly mainly with with the the first first order order logic. logic. The The next next important important stimulus stimulus was was the the rise rise of of complexity complexity theory. theory. The The lengths lengths of of proofs proofs is is just just one one of of several several research research areas areas which which combine combine logic logic and and complexity complexity theory. theory. Another one, which Another one, which is is closely closely related related to to it, it, is is the the complexity complexity of of logical logical theories. theories. The The problem problem is is how how efficiently efficiently can can we we decide decide if if aa sentence sentence is is provable provable in in aa given given decidable decidable theory theory T T (e.g., (e.g., Presburger Presburger arithmetic). arithmetic). Note Note that that an an upper upper bound bound on on the the lengths lengths of of proofs proofs in in T T gives gives an an upper upper bound bound on on aa nondeterministic nondeterministic procedure procedure for for decidability. decidability. Often Often this this bound bound is is not not very very far far from from the the best. best. We We refer refer the the reader reader to to the the surveys surveys Rabin Rabin [1977] [1977] and and Compton Compton and and Henson nenson [1990]. [1990]. We We can can say say that that the the research research into into complexity complexity of of proofs proofs really really started started with with the the seminal seminal paper paper of of Parikh Parikh [1971] [1971] which which introduced introduced several several important important concepts concepts and and proved proved basic basic results results about about them: them: speed-up speed-up for ]or first first order order theories, theories, theories theories which which are are inconsistent inconsistent but but are are consistent consistent for .for practical practical purposes, purposes, and and bounded bounded arithmetic. arithmetic. Soon Soon after after it, it, he he published published aa basic basic result result on on Kreisel's Kreisel's Conjecture Conjecture in in Parikh Parikh [1973]. [1973]. He He proved proved that that the the conjecture conjecture is is true, true, if if we we take take Peano Peano arithmetic arithmetic with with + + and and xx as as ternary ternary relations relations instead instead of of function function symbols. symbols. That That proof proof has has been been aa paradigm paradigm for for ' s Conjecture. all all subsequent subsequent proofs proofs of of instances instances of of Kreisel Kreisel's Conjecture. After After that that several several people people started started to to work work on on these these subjects. subjects. One One of of the the most most
The The Lengths Lengths of of Proofs Proofs
629 629
influential researchers researchers in in this this fi field has been been Orevkov. Orevkov. We We shall shall mention mention only only the the influential eld has most important important papers papers of of the the many many that that he he published. published. Orevkov Orevkov [1982] [1982] gave gave aa most different proof proof of of the the lower lower bounds bounds on on the the lengthening lengthening of of proofs proofs in in cut-elimination cut-elimination different and Orevkov Orevkov [1986] [1986] gave gave more more precise precise upper upper bounds. bounds. Orevkov Orevkov [1987b] [1987b] introduced introduced and explicitly the the concept concept of of the the skeleton skeleton and and Orevkov Orevkov [1987a] [1987a] proved proved several several results results explicitly ' s Conjecture. related to to Kreisel Kreisel's Conjecture. All All these these results, results, and and many many more, more, are are covered covered in in related Orevkov [1993] [1993].. Orevkov There are are more more results results on on the the complexity complexity of of first first order order proofs. proofs. Of Of those those that that There we have have not not presented presented yet, yet, let let us us mention mention the the dissertation dissertation of of Ignjatovic Ignjatovid [1990]. [1990]. He He we proved aa nonelementary nonelementary speed speed up up between between Primitive Primitive Recursive Recursive Arithmetic Arithmetic and and /I:.o I~0.. proved Currently the the most most active active area area is is propositional logic and and bounded bounded arithmetic. arithmetic. Currently propositional logic The fundamental fundamental paper paper is is Cook Cook [1975] [1975],, where where aa relation relation of of the the lengths lengths of of proofs proofs in in The propositional logic logic and and provability provability in in arithmetic arithmetic was was considered considered for for the the first first time. time. propositional The most most influential influential papers papers in in bounded bounded arithmetic arithmetic after after Parikh Parikh [1971] [1971] were were written written The by Paris Paris and and Wilkie; Wilkie; let let us us mentioned mentioned at at least least the the Paris Paris and and Wilkie Wilkie [1985] [1985] paper paper by on counting counting problems problems which which influenced influenced very very much much research research on on the the complexity complexity of of on propositional logic. logic. The The basic book on on bounded bounded arithmetic arithmetic is is due due to to Buss Buss [1986] [1986].. propositional basic book Another fundamental paper is by by Ajtai Ajtai [1994a], [1994a], where where he he introduced introduced the the method method Another fundamental paper is of random random restrictions restrictions into into propositional propositional logic, logic, which which had had already already been been used used in in of complexity theory. theory. This This development development has has been been partially partially described described in in this this chapter chapter complexity and also also in in Chapter Chapter II; much more more can can be be found found in in the the monograph by Krajfbek and II; much monograph by Krajicek [1995],, which which covers covers the the whole whole area area in in detail detail except except for for the the most most recent recent results. As [1995] results. As this being finalized, obtained on this manuscript manuscript is is being finalized, new new exciting exciting results results are are being being obtained on the the polynomial calculus calculus by by Razborov Razborov [n.d.] [n.d.], Krajicek [1997b] and and Riis Riis and and Sitharam Sitharam polynomial ' Kraji~ek [1997b] [1997].. [1997] A cknowledgments Acknowledgments II would would like Sam Buss helping me with the the preparation preparation of the like to to thank thank Sam Buss for for helping me with of the manuscript and suggesting and Jan Jan Kraji~ek for checking checking the the manuscript and suggesting several several improvements improvements and Krajicek for manuscript. article was was supported supported by grant #A1019602 manuscript. The The preparation preparation of of the the article by grant #A10l9602 of Academy of Sciences of of the Czech Republic Republic and the cooperative cooperative research of the the Academy of Sciences the Czech and the research grant INT-9600919/ME-103 of the the U.S. U.S. National National Science Science Foundation Foundation and and the the Czech Czech grant INT-9600919/ME-103 of Republic Ministry Ministry of Republic of Education. Education. R eferences References M. AJTAI AJTAI [1990] pigeonhole principle, in: Feasible Feasible Mathematics: Mathematics: A A Mathematical Mathematical Sciences [1990] Parity and the pigeonhole Institute Workshop Workshop held in Ithaca, New New York, June June 1989, 1989, S. R. Buss Buss and P. J. Scott, Institute eds., Birkh~iuser, Birkhauser, Boston, Boston, pp. 1-24. Combinatorica, 14, pp. 417-433. 417-433. Extended complexity of the pigeonhole pigeonhole principle, principle, Combinatorica, [1994a] [1994a] The complexity Annual IEEE IEEE Symposium Symposium on Foundations Foundations of Computer Science, Science, abstract in Proc. 29th Annual of Computer 1988, 1988, pp. 346-355. 346-355.
630 630
P. Pudl6k Pudldk
[1994b] The The independence independence of of the modulo p counting counting principles, principles, in: [1994b] the modulo in: Proceedings Proceedings of the 26th Annual ACM A CM Symposium on the Theory of Computing, Association Association for for Computing Computing Machinery, Machinery, New New York, York, pp. pp. 402-411. 402-411. [1995] On On the the existence existence of of modulo modulo p cardinality cardinality functions, functions, in: in: Feasible Feasible Mathematics II, P. P. Clote Clote [1995] and J. B. B. Remmel, eds., Birkhaauser, and J. Remmel, eds., Birkh~iauser, Boston, Boston, pp. pp. 1-14. 1-14.
N. ALON N. ALON AND AND R. R. BOPPANA BOPPANA [1987] [1987] The The monotone monotone circuit circuit complexity complexity of of boolean boolean functions, functions, Combinatorica, Combinatorica, 7, 7, pp. pp. 1-22. 1-22. S. ARORA, LUND, R. M. SUDAN, SUDAN, AND M. SZEGEDY S. ARORA, C C.. LUND, R.. MOTWANI, MOTWANI, M. AND M. SZEGEDY [1992] Proof Proof verification verification and and hardness hardness of of approximation approximation problems, problems, in: in: Proceedings Proceedings of of the 33rd [1992] Annual Symposium on Foundations of Computer Science, IEEE IEEE Computer Computer Society, Society, Piscataway, Piscataway, New New Jersey, Jersey, pp. pp. 14-23. 14-23. M. AND A. LEITSCH LEITSCH BAAZ AND M. BAAZ [1992] [1992] Complexity Complexity of of resolution resolution proofs proofs and and function function introduction, introduction, Annals Annals of of Pure and Applied Logic, 20, pp. 181-215. 20, pp. 181-215. [1994] On On Skolemization Skolemization and and proof proof complexity, complexity, Fundamenta Mathematicae, 20. 20. [1994]
M. BAAZ DLA K M. BAAZ AND AND P P.. PU PUDL~tK [1993] Kreisel's Kreisel's conjecture conjecture for for L31 L31,, in: in: Arithmetic Proof Theory and Computational Complex Complex[1993] ity, P. J. Krajicek, pp. 30-39. P. Clote Clote and and J. Kraji~ek, eds., eds., Oxford Oxford University University Press, Press, pp. 30-39. M. BAAZ AND R. R. ZACH M. B AAZ AND EACH [1995] Generalizing Generalizing theorems theorems in in real real closed closed fields, fields, Annals of of Pure and Applied Logic, Logic, 75, 75, [1995] pp. pp. 2-23. 2-23. T. P ITASSI, AND DLAK P P.. BEAME, BEAME, R. R. IMPAGLIAZZO, IMPAGLIAZZO,JJ.. KRAJiCEK, KRAJf(3EK, T. PITASSI, AND P P.. PU PUDLAK Hilbert's Nullstellensatz [1996] Lower Lower bounds bounds on on Hilbert's Nullstellensatz and and propositional propositional proofs, proofs, Proceedings Proceedings of of the [1996] pp. 1-26. London Mathematical Society, 73, 73, pp. 1-26. BEAME, R. J. KRAJiCEK, T. PITASSI, A. WOODS PP.. BEAME, R. IMPAGLIAZZO, IMPAGLIAZZO,J. KRAJICEK, T. PITASSI, P P.. PUDLAK, PUDL~tK, AND AND A. WOODS [1992] Exponential Exponential lower lower bounds bounds for for the the pigeonhole pigeonhole principle, principle, in: in: Proceedings Proceedings of of the 24th [1992] Annual A CM Symposium on the Theory of Computing, Association Association for for Computing Computing Machinery, Machinery, New New York, York, pp. pp. 200-221. 200-221. ITASSI P. BEAME P. BEAME AND AND T. T. P PITASSI [1996] [1996] Exponential Exponential separation separation between between the the matching matching principles principles and and the the pigeonhole pigeonhole principle, principle, Annals of 80, pp. of Pure and Applied Logic, 80, pp. 195-228. 195-228.
S. BELLANTONI, T. P ITASSI, AND A. URQUHART S. BELLANTONI, T. PITASSI, AND A. URQUHART [1992] [1992] Approximation Approximation and and small-depth small-depth Frege Frege proofs, proofs, SIAM SIAM Journal on Computing, 21, 21, pp. pp. 1161-1179. 1161-1179. E. W. E. W. BETH BETH [1959] The Foundations of of Mathematics, North-Holland, North-Holland, Amsterdam. Amsterdam. [1959] M AND S. S. R. R. Buss M.. L. L. BONET BONET AND Buss [1993] [1993] The The deduction deduction rule rule and and linear linear and and near-linear near-linear proof proof simulations, simulations, Journal of of Symbolic Logic, 58, 58, pp. 688-709. pp. 688-709. M T. P ITASSI, AND AND R. M.. L. L. BONET, BONET, T. PITASSI, R. RAZ RAZ [1997a] [1997a] Lower Lower bounds bounds for for cutting cutting planes planes proofs proofs with with small small coefficients, coefficients, Journal of o] Symbolic Logic, 62, 62, pp. pp. 708-728. 708-728. An An earlier earlier version version appeared appeared in in Proc. Twenty-Seventh Twenty-Seventh Annual A CM Symposium on the Theory of of Computing, 1995, 1995, pp. pp. 575-584. 575-584. [1997bJ proofs, [1997b] No No feasible feasible interpolation interpolation for for TCO-Frege TC~ proofs, in: in: Proceedings Proceedings of of the 38th Annual Symposium on Foundations of of Computer Science, Science, IEEE IEEE Computer Computer Society, Society, Piscataway, Piscataway, New Jersey, pp. pp. 254-263. New Jersey, 254-263.
The Lengths of of Proofs
631 631
S. R. R. Buss Buss S. [1986] Bounded Bounded Arithmetic, Arithmetic,Bibliopolis, Bibliopolis,Napoli. Napoli. Revision Revision of of 1985 1985 Princeton Princeton University University Ph.D. Ph.D. [1986] thesis. thesis. [1987] Polynomial Polynomial size size proofs proofs of of the the propositional propositionalpigeonhole pigeonhole principle, principle, Journal Journal of of Symbolic Symbolic [1987] Logic, 52, pp. 916-927. 916-927. Logic, 52, pp. [1991a] Propositional Propositional consistency consistency proofs, proofs, Annals of of Pure and Applied Logic, Logic, 52, 52, pp. pp. 3-29. 3-29. [1991a] [1991b] The The undecidability undecidability of of k-provability, k-provability, Annals of of Pure and Applied Logic, Logic, 53, 53, pp. pp. 75-102. 75-102. [1991b] [1994] On On Godel's GSdel's theorems theorems on on lengths lengths of of proofs proofs I: I: Number Number of of lines lines and and speedup speedup for for arithmetics, arithmetics, [1994] Symbolic Logic, 59, 59, pp. pp. 737-756. 737-756. Journal of Symbolic [1995a] On On Godel's GSdel's theorems theorems on on lengths lengths of of proofs proofs II: II: Lower Lower bounds bounds for for recognizing recognizing k-symbol k-symbol [1995a] provability, in: in: Feasible Feasible Mathematics II, II, P. P. Clote Clote and and J. J. B. B. Remmel, Remmel, eds., eds., Birkhiiauser, Birkh~i~user, provability, Boston, pp. pp. 57-90. 57-90. Boston, [1995b] Some Some remarks remarks on on lengths lengths of of propositional propositional proofs, proofs, Archive for for Mathematical Logic, Logic, 34, 34, [1995b] pp. 377-394. 377-394. pp. S. R. R. Buss Buss AND AND P P.. CLOTE CLOTE S. [1996] Cutting Cutting planes, planes, connectivity connectivity and and threshold threshold logic, logic, Archive for Mathematical Logic, Logic, 35, 35, [1996] pp. 33-62. S. Buss, R. IMPAGLIAZZO,JJ.. KRAJicEK, KRAJI(~EK, P P.. PUDLAK, PUDLAK, A A.. A A.. RAZBOROV, AND JJ.. SGALL SGALL RAZBOROV, AND S. R. R. Buss, R. IMPAGLIAZZO, [1996/1997] Proof Proof complexity complexity in in algebraic algebraic systems systems and and constant constant depth depth Frege Frege systems systems with with [1996/1997] modular counting, counting, Computational Complexity, 6, 6, pp. pp. 256-298. 256-298. modular S. AND T. PITASSI T. PITASSI S. R. R. Buss Buss AND [1997] Resolution and the Weak Pigeonhole Pigeonhole Principle. Typeset Typeset manuscript, manuscript, to to appear appear in in [1997]
CSL '97.
S. R. Buss BUSS AND AND Gy. GY. TURAN TURIN S. R. [1988] Resolution Resolutionproofs proofs of of generalized generalized pigeonhole pigeonhole principles, principles, Theoretical Theoretical Computer Computer Science, Science, [1988] 62, pp. 311-317. 311-317. 62, pp. C.-L. CHANG CHANG AND AND R. R. C.-T. C.-T. LEE LEE C.-L. [1973] Symbolic Logic Logic and and Mechanical Mechanical Theorem Proving, Academic Academic Press, Press, New New York. Theorem Proving, York. [1973] Symbolic
M. AND R. CLEGG, J. J. EDMONDS, EDMONDS, AND R. IMPAGLIAZZO IMPAGLIAZZO M. CLEGG, Using the the Groebner algorithm to to find of [1996] Using Groebner basis basis algorithm find proofs proofs of of unsatisfiablility, unsatisfiablility,in: in: Proceedings Proceedings of [1996] the Twenty-Eighth Annual Annual A CM Symposium Association ACM Symposium on the Theory of Computing, Computing, Association for Computing Machinery, New pp. 174-183. for Computing Machinery, New York, York, pp. 174-183. P. CLOTE P . CLOTE [1992] ALOGTIME of S. S. A. A. Cook, [1992] ALOGTIME and and a a conjecture conjecture of Cook, Annals of Mathematics and Artificial Inteligence, Inteligence, 6, 6, pp. pp. 57-106. 57-106.
P. KRAJf(~EK P . CLOTE CLOTE AND AND J. J. KRAJiCEK Proof Theory and Computational Computational Complexity, Oxford University Press. [1993] Arithmetic,Proof Theory and Complexity, Oxford University Press. [1993] Arithmetic, K. J. J. CCOMPTON AND C. C. W. W. HENSON HENSON K. O M P T O N AND [1990] uniform method for proving method for proving lower lower bounds bounds on on the the computational computational complexity complexity of of logical logical [1990] AA uniform theories, Annals of of Pure Pure and and Applied Applied Logic, Logic, 48, 48, pp. pp. 1-79. 1-79. theories, Annals
S. S. A. A. COOK COOK Feasibly constructive constructive proofs proofs and the the propositional propositional calculus, calculus, in: in: Proceedings Proceedings of the [1975] Feasibly [1975] Seventh Annual Annual A CM Symposium Symposium on the Theory Theory of Computing, Association Association for Seventh of Computing, for Computing Computing Machinery, Machinery, New New York, York, pp. pp. 83-97. 83-97.
S. S. A. A . COOK COOK AND AND R,. R. A. A . RECKHOW RECKHOW [1979] The efficiency of proof systems, Journal of of Symbolic The relative relative efficiency of propositional propositional proof systems, Journal Symbolic Logic, Logic, 44, 44, [1979] pp. pp. 36-50. 36-50.
632 632
Pudldk P. Pudl6k
W. w.
COOK, C. R R.. COULLARD, COULLARD, AND AND Gy. GY. TURAN TUR~.N COOK, [1987] On On the the complexity complexity of of cutting cutting plane plane proofs, proofs, Discrete Discrete Applied Mathematics, 18, 18, pp. pp. 25-38. 25-38. [1987]
CRAIG W. CRAIG [1957a] Linear Linear reasoning. reasoning.A A new new form form of of the the Herbrand-Gentzen Herbrand-Gentzen theorem, theorem, Journal Journal of of Symbolic Symbolic [1957a] Logic, 22, 22, pp. pp. 250-268. 250-268. Logic, [1957b] Three Three uses uses of of the the Herbrand-Gentzen Herbrand-Gentzen theorem theorem in in relating relatingmodel model theory theory and and proof prooftheory, theory, [1957b] Logic, 22, 22, pp. pp. 269-285. 269-285. Journal of Symbolic Logic,
DOWD M. DoWD [1979] Propositional PropositionalRepresentation of Arithmetic Proofs, Proofs, PhD PAD thesis, thesis, University University of of Toronto. Toronto. [1979] [1985] Model-Theoretic Model-TheoreticAspects of P -:j; # NP. NP. Typewritten Typewritten manuscript. manuscript. [1985] DRAGALIN G. DRAGALIN A. G. [1985] Correctness Correctness of of inconsistent inconsistent theories theories with with notions notions of of feasibility, feasibility, in: in: Computation Theory, Theory, [1985] Proceedings, A. A. Skowron, Skowron, ed., ed., vol. vol. 108 108 of of Lecture Lecture Notes Notes in in Computer Computer Fifth Symposium Proceedings, Science #208, #208, Springer-Verlag, Springer-Verlag, Berlin, Berlin, pp. pp. 58-79. 58-79. Science E. EDER [1992] Relative Complexities of of First Order Order Calculi, Calculi, Verlag Vieweg. [1992]
EHRENFEUCHT AND MYCIELSKI A. EHRENFEUCHT AND JJ.. MYCIELSKI [1971] Abbreviating Abbreviating proofs proofs by by adding adding new new axioms, axioms, Bulletin of the American Mathematical [1971] pp. 366-367. 366-367. Society, 77, 77, pp. W. M.. FARMER FARMER W. M thesis, University Wisconsin, Madison. [1984] [1984] Length of Proofs and Unification Theory, PhD PAD thesis, University of of Wisconsin, Madison. [1988] A A unification unification algorithm algorithm for for second second order order monadic monadic terms, terms, Annals of Pure and Applied [1988] Logic, 39, 39, pp. pp. 131-174. 131-174. Logic, J. FERRANTE AND AND C. RACKOFF J. FERRANTE C. W. W. RACKOFF [1979] [1979] The Computational Complexity Complexity of Logical Logical Theories, Theories, Lecture Lecture Notes Notes in in Mathematics Mathematics #718, Berlin. #718, Springer-Verlag, Springer-Verlag, Berlin. H. M.. FRIEDMAN FRIEDMAN H. M problems in in mathematical mathematical logic, 40, [1975] [1975] One One hundred hundred and and two two problems logic, Journal of of Symbolic Logic, Logic, 40, pp. 113-129. pp. 113-129. consistency, completeness, completeness, and correctness problems. Ohio State University, [1979] problems. Ohio State University, [1979] On the consistency, unpublished. unpublished. Yu. V.. GAVRILENKO GAVRILENKO Yu. V [1984] Monotone of feasible pp. 18-22. [1984] Monotone theories theories of feasible numbers, numbers, Doklady Doklady Akademii Nauk SSSR, 276, 276, pp. 18-22. G. GENTZEN G. GENTZEN iiber das Schliessen, Mathematische Zeitschrift, 39, pp. 176[1935] Untersuchungen [1935] Untersuchungen fiber das Logische Logische Schliessen, ZeitschriIt, 39, pp. 176210 and 405-431. 210 and 405-431 . J.-Y. J .-Y. GIRARD GIRARD [1989] Press. [1989] Proofs Proofs and Types, Cambridge Cambridge University University Press. K. K . GODEL GODEL Uber die die Liinge von Beweisen, Beweisen, Ergebnisse eines Mathematischen Mathematischen KoUoquiums, Kolloquiums, pp. pp. 23-24. 23-24. [1936] L~'lge yon [1936] Uber Godel: Collected Works, Works, Volume Volume 1, pages 396-399, Oxford Oxford English translation in Kurt English translation in Kurt GSdel: pages 396-399, University University Press, Press, 1986. 1986. [1993] letter to March 20, Arithmetic Proof Proof Theory Theory and [1993] A A letter to yon von Neumann, Neumann, March :20, 1956, 1956, in: in: Arithmetic Computational Complexity, Complexity, P. P. Clote J. Kraji~ek, Krajicek, eds., eds., Oxford Oxford University University Press, Press, Computational Clote and and J. pp. pp. vii-ix. vii-ix.
The Lengths Lengths of of Proofs
633 633
A. A. GOERDT GOERDT [1991] Cutting Cutting plane plane versus versus Frege Frege proof proof systems, systems, in: in: Computer Science Logic: Logic: 4th workshop, [1991] '90, E. BSrger and and et et al., al., eds., eds., Lecture Lecture Notes Notes in in Computer Computer Science Science #533, #533, CSL '90, E. Borger Springer-Verlag, Springer-Verlag, Berlin, Berlin, pp. pp. 174-194. 174-194. A. GRZEGORCZYK A. GRZEGORCZYK D. Reidel Co., Dordrecht-Boston, [1974] An An Outline of of Mathematical Logic, D. Reidel Publishing Publishing Co., Dordrecht-Boston, Mass., Mass., [1974] PWN-Polish PWN-Polish Scientific Scientific Publishers, Publishers, Warsaw. Warsaw. Translation Translation of of Zarys logiki logiki matematicznej, Panstwowe Pafistwowe Wyadwnictwo Wyadwnictwo Naukowe, Naukowe, 1969. 1969. PP.. HAJEK, F. MONTAGNA, HAJEK, F. MONTAGNA,AND AND P P.. PUDLAK PUDL~,K [1993] Abbreviating Abbreviating proofs proofs using using metamathematical metamathematical rules, rules, in: in: Arithmetic Proof Theory and [1993] P. Clote Clote and and J. Krajicek, Kraji~ek, eds., eds., Oxford Oxford University University Press, Press, Computational Complexity, P. pp. pp. 197-221. 197-221. P. H~JEK AND AND P. PUDLAK P. PUDLAK P. HAJEK [1993] Metamathematics of First-order Arithmetic, Perspectives Perspectives in in Mathematical Mathematical Logic, Logic, [1993] Springer-Verlag, Springer-Verlag, Berlin. Berlin.
G. HAJOS G. HAJOS arberer Graphen, [1961] Uber Uber eine eine Konstruktion Konstruktion nicht nicht n-f n-fdrberer Graphen, Wiss. Zeitschr. M. Luther Univ. Univ. [1961] HalleWittenberg, A Halle-Wittenberg, A 10, I0, pp. pp. 116-117. 116-I17. A. HAKEN A. HAKEN [1985] The The intractability intractability of of resolution, resolution, Theoretical Computer Science, 39, 39, pp. pp. 297-308. 297-308. [1985] A HAKEN AND AND S. S. A. A. COOK A.. HAKEN COOK [n.d.] An Exponential Lower Bound Bound for for the Size of Monotone Real Circuits. To To appear appear in in J. [n.d.] of Computer and System Science.
J J.. HASTAD HASTAD
[1986] [1986] Computation Limits Limits of Small Small Depth Circuits, MIT MIT Press. Press. AND W. W. ACKERMANN D D.. HILBERT HILBERT AND ACKERMANN [1928] Grundzuge Grundziige der theoretischen Logik, Logik, Springer-Verlag, Springer-Verlag, Berlin. Berlin. [1928] D AND P D.. HILBERT HILBERT AND P.. BERNAYS BERNAYS 4] Grundlagen der Mathematik I, Springer-Verlag, [1934] Springer-Verlag, Berlin. Berlin. [193 [1939] [1939] Grundlagen der Mathematik II, Springer-Verlag, Springer-Verlag, Berlin. Berlin. A. IGNJATOVIC A. IGNJATOVIC [1990] [1990] Fragments of of First and Second Order Arithmetic Arithmetic and Length of of Proofs, PhD PhD thesis, thesis, University University of of California, California, Berkeley. Berkeley.
R. R. IMPAGLIAZZO, IMPAGLIAZZO,P P.. PUDLAK, PUDL~.K, AND AND JJ.. SGALL SGALL [1997] [1997] Lower Bounds for the Polynomial Calculus and the Groebner Basis Algorithm, Tech. Tech. Rep. Rep. TR97-042, TR97-042, Electronic Electronic Colloquium Colloquium on on Computational Computational Complexity Complexity (ECCC). (ECCC). J J.. JOHANNSEN JOHANNSEN
[1997] Lower Bounds for for Monotone Real Circuit Depth and Formula Size and Tree-like Cutting [1997] Planes, Tech. Tech. Rep. Rep. TR97-032, TR97-032, Electronic Electronic Colloquium Colloquium on on Computational Computational Complexity, Complexity, http://www.eccc.uni-trier.de/eccc/ http://www.eccc.uni-trier.de/eccc/.. J. KRAJiCEK J. KRAJfCEK [n.d.] [n.d.] Discretely Ordered Ordered Modules as a First-Order Extension of the Cutting Planes Proof in the the J. of System. To To appear appear in o] Symbolic Logic. pp. 153-178. [1989a] [1989a] On On the the number number of of steps steps in in proofs, proofs, Annals of o] Pure and Applied Logic, Logic, 41, 41, pp. 153-178. [198gb] [1989b] Speed-up Speed-up for for propositional propositional Frege Frege systems systems via via generalizations generalizations of of proofs, proofs, Commentationes Mathematicae Universitatis Carolinae, Carolinae, 30, 30, pp. pp. 137-140. 137-140.
634 634
P. P. Pudl6k Pudldk
[1994a] Lower bounds bounds to to the the size size of of constant-depth constant-depth propositional propositional proofs, proofs, Journal of Symbolic [1994a] Lower 59, pp. Logic, Logic, 59, pp. 73-86. 73-86. J. Krajicek [1994b] [1994b] On On Frege Frege and and extended extended Frege Frege proof proof systems, systems, in: in: Feasible Feasible Mathematics II, J. Kraji~ek and J. B. B. Remmel, Remmel, eds., and J. eds., Birkhiiuser, Birkh~iuser, Boston, Boston, pp. pp. 284-319. 284-319. [1995] [1995] Bounded BoundedArithmetic, Propositional Propositional Logic Logic and Complexity Theory, Theory, Cambridge Cambridge University University Press. Press. [1997a] [1997a] Interpolation Interpolation theorems, theorems, lower lower bounds bounds for for proof proof systems systems and and independence independence results results for for bounded bounded arithmetic, arithmetic, Journal of Symbolic Symbolic Logic, Logic, 62, 62, pp. pp. 457-486. 457-486. Proofs from Uniform [1997b] [1997b] On the Degree Degree of Ideal Ideal Membership Membership Proofs Uniform Families Families of Polynomials over a Finite Field. Field. Typeset Typeset manuscript. manuscript.
J. KRAJicEK P. PUDLAK J. KrtAJI~EK AND AND P. PUDLXK [1988] The The number number of of proof proof lines lines and and the the size size of of proofs proofs in in first-order first-order logic, logic, Archive Archive for [1988] Mathematical Logic, Logic, 27, 27, pp. pp. 69-84. 69-84. [1989] Propositional Propositional proof proof systems, systems, the the consistency consistency of of first-order first-order theories theories and and the the complexity complexity [1989] 54, pp. pp. 1063-1079. of of computations, computations, Journal of Symbolic Symbolic Logic, Logic, 54, 1063-1079. [1990] Quantified Quantified propositional propositional calculi calculi and and fragments fragments of of bounded bounded arithmetic, arithmetic, Zeitschrijt Zeitschrift fii farr [1990] Mathematische Logik Logik und Grundlagen Grundlagen der Mathematik, 36, 36, pp. pp. 29-46. 29-46. i and [1998] Some Some consequences consequences of of cryptographical cryptographical conjectures conjectures for for S S~ and EF, Information Information and [1998] Computation, 140, 140, pp. pp. 82-94. 82-94. AND A JJ.. KRAJiCEK, KRAJiCEK, P P.. PUDLAK, PUDLAK, AND A.. WOODS WOODS [1995] An An exponential exponential lower lower bound bound to to the the size size of of bounded bounded depth depth Frege Frege proofs proofs of of the the pigeonhole pigeonhole [1995] principle, principle, Random Structures and Algorithms, 7, 7, pp. pp. 15-39. 15-39.
J. KRAJiCEK G. TAKEUTI J. KRAJf(3EK AND AND G. TAKEUTI [1990] [1990] On On bounded bounded L�-polynomial ~-polynomial induction, induction, in: in: Feasible Feasible Mathematics, Mathematics, S. S. R. R. Buss Buss and and P. P. J. J. Scott, Scott, eds., eds., Birkhiiuser, Birkh~iuser, Boston, Boston, pp. pp. 259-280. 259-280. KREISEL G G.. KREISEL [1967] [1967] Mathematical Mathematical logic: logic: What What has has it it done done for for the the philosophy philosophy of of mathematics, mathematics, in: in: Bertrand ed., George Russell: Philosopher of the Century, Century, Essays in his Honour, R. R. Shoenemann, Shoenemann, ed., George Allen and pp. 201-272. Allen and Unwin, Unwin, pp. 201-272. in: Logic [1990] [1990] Logical Logical aspects aspects of of computation: computation: Contributions Contributions and and distractions, distractions, in: Logic and Computer Science, Academic Academic Press, Press, New New York, York, pp. pp. 205-278. 205-278. H. H. LuCKHARDT LUCKHARDT [1989] [1989] Herbrand-Analysen Herbrand-Analysen zweier zweier Beweise Beweise des des Satzes Satzes von yon Roth: Roth: polynomiale polynomiale Anzahlschranken, Anzahlschranken, Journal of Symbolic 54, pp. pp. 234-263. Symbolic Logic, Logic, 54, 234-263.
T T.. MIYATAKE MIYATAKE [1980] [1980] On On the the length length of of proofs proofs in in formal formal systems, systems, Tsukuba Tsukuba Journal of Mathematics, 4, 4, pp. pp. 115-125. 115-125. D. MUNDICI MUNDICI G. Lolli, [1984 [1984]] NP NP and and Craig's Craig's interpolation interpolation theorem, theorem, in: in: Logic Logic Colloquium Colloquium '82, '82, G. Lolli, G. G. Longo, Longo, and eds., North-Holland, and A. A. Marcja, Marcja, eds., North-Holland, Amsterdam, Amsterdam, pp. pp. 345-358. 345-358.
E. NELSON E. NELSON [1986] [1986] Predicative PredicativeArithmetic, Arithmetic, Princeton Princeton University University Press. Press. P. OREVKOV V. P. V. OREVKOV [1982] [1982] Lower Lower bounds bounds on on the the increase increase in in complexity complexity of of deductions deductions in in cut cut elimination, elimination, Journal of Soviet Mathematics, 20. 20. Original Original Russian Russian version version in in Zap. Zap. Nauchn. Nauchn. Sem. Sere. L.G.M.1. L.O.M.L 88 (1979), (1979), pp.137-162. pp.137-162. [1986] [1986] Upper Upper bound bound on on the the lengthening lengthening of of proofs proofs by by cut cut elimination, elimination, Journal of Soviet Mathematics, 34, 34, pp. pp. 1810-1819. 1810-1819. Original Original Russian Russian version version in in Zap. Zap. Nauchn. Nauchn. Sem. Sere. L.O. M.I. 137 197 (1984), L.O.M.I. (1984), pp.87-98. pp.87-98.
The Lengths of of Proofs Proofs
635 635
[1987a] Lower Lower bounds bounds on on the the lengths lengths of of derivations derivations in in arithmetic arithmetic in in terms terms of of the the complexity complexity [1987a) of terms terms involved involved in in the the derivations, derivations, Soviet Mathematics Doklady, Doklady, 35, 35, pp. pp. 579-582. 579-582. of g4/4 (1987). Original Russian Russian version version in in Dokl. Dokl. Akad. Akad. Nauk. Nauk. 229~//~ (1987). Original [1987b] Reconstruction Reconstruction of of aa prooffrom proof from its its scheme, scheme, Soviet Mathematics Doklady, Doklady, 35, 35, pp. pp. 326-329. 326-329. [1987b) Original Russian Russian version version in in Dok!. Dokl. Akad. Akad. Nauk. Nauk. 293 293 (1987) (1987) 313-316. 313-316. Original [1990] Correctness Correctness of of short short proofs proofs in in theory theory with with notions notions of of feasibility, feasibility, in: in: COLOG-88: COLOG-88: [1990)
International Conference Conference on Computer Logic, Logic, Tallinn, Tallinn, USSR, USSR, Dec. Dec. 1988, 1988, Proceedings, Proceedings, International
P. Martin-Lof Martin-LSf and and G. G. E. E. Mints, Mints, eds., eds., Lecture Lecture Notes Notes in in Computer Computer Science Science #417, #417, P. Springer-Verlag, Berlin, Berlin, pp. pp. 242-245. 242-245. Springer-Verlag, [1993] Complexity Complexity of Proofs Proofs and Their Transformations Transformations in Axiomatic theories, theories, vol. vol. 128 128 of of [1993) Translations of of Mathematical Mathematical Monographs, Monographs, American American Mathematical Mathematical Society, Society, Provi ProviTranslations dence, Rhode Rhode Island. Island. dence,
R. PARIKH PArUKH R. [1971] Existence Existence and and feasibility feasibility in in arithmetic, arithmetic, Journal of Symbolic Symbolic Logic, Logic, 36, 36, pp. pp. 494-508. 494-508. [1971) [1973] Some Some results results on on the the lengths lengths of of proofs, proofs, Transactions Transactions of of the American Mathematical [1973) 177, pp. pp. 29-36. 29-36. Society, 177, B.. PARIS A. JJ.. WILKIE WILKIE JJ.. B PARIS AND AND A. [1985] Counting Counting problems problems in in bounded bounded arithmetic, arithmetic, in: in: Methods Methods in Mathematical Mathematical Logic, Logic, Pro Pro[1985) ceedings of the 6-th 6-th Latin American Symposium, Caracas, Caracas, Venezuella, Venezuella, C. Prisco, ceedings C. A. A. Di Di Prisco, ed., Lecture Lecture Notes Notes in in Mathematics Mathematics #1130, #1130, Springer-Verlag, Springer-Verlag, Berlin, Berlin, pp. pp. 317-340. 317-340. ed., T. PITASSI, P P.. BEAME, BEAME, AND AND R. IMPAGLIAZZO T. PITASSI, R. IMPAGLIAZZO [1993] Exponential Exponential lower lower bounds bounds for for the the pigeonhole pigeonhole principle, principle, Computational Computational Complexity, 3, [1993) pp. 97-140. T. PITASSI AND AND A. URQUHART T. PITASSI A. URQUHART [1992] The The complexity complexity of of the the Haj6snameindexHaj6s, Haj6snameindexHaj6s, G. G. calculus, calculus, in: in: Proceedings Proceedings of the 33th [1992) Foundations of Computer Science, Science, IEEE IEEE Computer Computer Society, Society, Annual Symposium on Foundations Piscataway, New New Jersey, Jersey, pp. pp. 187-196. 187-196. Piscataway, D. PRAWlTZ PRAWITZ in proof in: Proceedings Logic [1970] Ideas Ideas and and results results in proof theory, theory, in: Proceedings of of the Second Second Scandinavian Logic [1970) ed., North-Holland, Symposium, J. J. E. E. Fenstad, Fenstad, ed., North-Holland, Amsterdam. Amsterdam. P.. PUDLAK P PUDLAK [1985] Cuts, consistency and interpretation, of Symbolic Logic, Logic, 50, consistency statements statements and interpretation, Journal of 50, pp. pp. 423423[1985) Cuts, 441. 44l. [1986] On proofs of consistency statements statements in first order order theories, theories, in: On the the lengths lengths of of proofs of finitistic finitistic consistency in first in: [1986) Logic Colloquium Colloquium '84, J. J. B. and G. B. Paris, Paris, A. A. J. J. Wilkie, Wilkie, and G. M. M. Wilmers, Wilmers, eds., eds., North-Holland, North-Holland, Amsterdam, pp. 165-196. Amsterdam, pp. 165-196. [1987] Improved bounds lengths of of proofs proofs of consistency statements, bounds to to the the lengths of finitistic finitistic consistency statements, in: in: [1987) Improved Logic and Combinatorics, S. G. Simpson, ed., vol. 65 65 of of Contemporary Mathematics, Combinatorics, S. G. Simpson, ed., vol. Contemporary Mathematics, American Mathematical Mathematical Society, Providence, Rhode American Society, Providence, Rhode Island, Island, pp. pp. 309-33l. 309-331. theorem in in bounded bounded arithmetic, in: Computer Science [1991] Ramsey's theorem arithmetic, in: Science Logic Logic '90, '90, E. E. BSrger Borger [1991) Ramsey's and et et al., aI., eds., eds., Lecture Lecture Notes Notes in in Computer Computer Science Science #533, #533, Springer-Verlag, Springer-Verlag, Berlin, Berlin, and pp. pp. 308-312. 308-312. bounds for for resolution and cutting cutting planes proofs and and monotone computations, [1997] Lower bounds resolution and planes proofs monotone computations, [1997) Lower Journal of of Symbolic Logic, Logic, 62, 62, pp. pp. 981-998. 981-998. M. M. O. O. RABIN RABIN [1977] of Mathematical Logic, Decidable theories, theories, in: in: Handbook Handbook of Logic, J. J. Barwise, Barwise, ed., ed., North-Holland, North-Holland, [1977) Decidable Amsterdam, pp. 595-629. pp. 595-629. Amsterdam, A. A. A. A. RhZBOrtOV RAZBOROV Lower Bounds for Calculus. To To appear in Computational Complexity. [n.d.) Lower [n.d.] for the Polynomial Calculus. appear in
636 636
P. P. Pud16k Pudldk
[1985] Lower Lowerbounds bounds on on the the monotone monotone complexity complexity of of some some boolean boolean functions, functions, Doklady Akademii [1985] Nauk 282, pp. Nauk SSSR, 282, pp. 1033-1037. 1033-1037. English English translation translation in: in: Soviet Soviet Mathern. Mathem. Doklady, Doklady, 31, 31, pp. pp. 354-357. 354-357. [1994] On provably disjoint NP-pairs, Tech. Tech. Rep. Rep. RS-94-36, RS-94-36, Basic Basic Research Research in in Computer Computer [1994] Science Science Center, Center, Aarhus, Aarhus, Denmark, Denmark, November. November. http://www.brics.dk/index.html. http://www.brics.dk/index.html. [1996] Lower Lowerbounds bounds for for propositional propositional proofs proofs and and independence independence results results in in Bounded Bounded Arithmetic, Arithmetic, [1996] in: in: Automata, languages and progmmming: programming: 2:Jrd 23rd international colloquium, lCALP ICALP '96, '96, F. Meyer Heide and B. Monien, Lecture Notes F. Meyer auf auf der der Heide and B. Monien, eds., eds., Lecture Notes in in Computer Computer Science Science #1099, # 1099, Springer-Verlag, Springer-Verlag, Berlin, Berlin, pp. pp. 48-62. 48-62. A. WIDGERSON, A. C.-C. A A. RAZBOROV, A.. A. RAZBOROV, A. WIDGERSON, AND AND A. C.-C. YAO YAO [1997] Read-once Read-once branching branching programs, programs, rectangular rectangular proofs proofs of of the the pigeonhole pigeonhole principle principle and and the the [1997] transversal transversal calculus, calculus, in: in: Proceedings Proceedings of of the 29th Annual A CM Symposium on the Theory Association for Computing Machinery, of Computing, Computing, Association for Computing Machinery, New New York, York, pp. pp. 739-748. 739-748. R. A. A. RECKHow R. RECKHOW [1976] [1976] On the Lengths of of Proofs in the Propositional Calculus, Calculus, PhD PhD thesis, thesis, Department Department of of Computer Computer Science, Science, University University of of Toronto. Toronto. Technical Technical Report Report #87. #87. M. SITHARAM S. Rus S. RIIS AND AND M. SITHARAM [1997] Non-constant Degree Degree Lower Bounds imply Linear Degree Degree Lower Bounds, Bounds, Tech. Tech. Rep. Rep. [1997] TR97-048, Colloquium TR97-048, Colloquium on on Computation Computation Complexity, Complexity, ECCC, ECCC, http://www.eccc.uni http://www.eccc.unitrier.de/eccc;' trier.de/eccc/. B B.. RUSSELL RUSSELL [1906] [1906] The The theory theory of of implication, implication, American Journal of of Mathematics, 28, 28, pp. pp. 159-202. 159-202. R. M. SMULLYAN R. M. SMULLYAN [1968] [1968] First-Order Logic, Logic, Springer-Verlag, Springer-Verlag, Berlin. Berlin. M. SOLOVAY R. M. R. SOLOVAY [1990] [1990] Upper UpperBounds on the Speedup Speedup of GB over ZF. preprint. preprint. R. STATMAN R. STATMAN [1977] [1977] Complexity Complexity of of derivations derivations from from quantifier-free quantifier-free Horn Horn formulae, formulae, mechanical mechanical introduction introduction of of explicit explicit definitions, definitions, and and refinement refinement of of completeness completeness theorems, theorems, in: in: Logic Logic Colloquium '76, R. J. M. pp. 505-517. R. O. O. Gandy Gandy and and J. M. E. E. Hyland, Hyland, eds., eds., North-Holland, North-Holland, Amsterdam, Amsterdam, pp. 505-517. [1978] Proof Proof search search and and speed-up speed-up in in the the predicate predicate calculus, calculus, Annals of Mathematical Logic, Logic, 15, 15, [1978] pp. pp. 225-287. 225-287. [1981] [1981] Speed-up Speed-up by by theories theories with with infinite infinite models, models, Proceedings Proceedings of the American Mathematical Society, Society, 81, 81, pp. pp. 465-469. 465-469.
G G.. TAKEUTI TAKEUTI [1987] [1987] Proof Theory, North-Holland, North-Holland, Amsterdam, Amsterdam, 2nd 2nd ed. ed. [1990] [1990] Some Some relations relations among among systems systems for for bounded bounded arithmetic, arithmetic, in: in: Mathematical Logic, Logic, Petkov, ed., Plenum Press, Proceedings of of the Heyting 1988 Summer School, School, P. P. P. P. Petkov, ed., Plenum Press, New New York, York, pp. pp. 139-154. 139-154. A. TARSKI A. TARSKI [1936] [1936] Der Der Warheitsbegriff Warheitsbegriff in in den den formalisierten formalisierten Sprachen, Sprachen, Studia Studia Philosophica, Commentarii Societatis Philosophicae 1, pp. pp. 261-405. Philosophicae Polonorum, 1, 261-405. G S. TSEJTIN G.. S. TSEJTIN [1968] [1968] On On the the complexity complexity of of derivations derivations in in propositional propositional calculus, calculus, in: in: Studies in mathematics A. O. O. Slisenko, and mathematical logic, Part II, II, A. Slisenko, ed., ed., pp. pp. 115-125. 115-125. in in Russian. Russian. G AND A. G.. S. S. TSEJTIN TSEJTIN AND A. A. A. CUBARJAN (~UBARJAN [1975] On [1975] On some some bounds bounds to to the the lengths lengths of of logical logical proofs proofs in in classical classical propositional propositional calculus, calculus, 1rudy Trudy Vycisl. VySisl. Centm Centra AN AN ArmSSR ArrnSSR i Erevan. Univ., Univ., 8, 8, pp. pp. 57--64. 57-64. In In Russian. Russian.
The Lengths Lengths of of Proofs Proofs The
637 637
R. L. L . VAUGHT VAUGHT R. On axiomatizability axiomatizability by by aa schema, schema, Journal of Symbolic Logic, Logic, 32, 32, pp. pp. 473-479. 473-479. [1967] [1967] On
A. C.-C. C.-C. YAO YAO A. Separating the the polynomial polynomial time time hierarchy hierarchy by by oracles, oracles, in: in: Proceedings Proceedings of £6th Annual Annual [1985] of the 26th [1985] Separating IEEE Computer Computer Society, Society, Piscataway, Piscataway, Symposium on Foundations of Computer Science, IEEE New Jersey, Jersey, pp. pp. 1-10. 1-10. New
This Page Intentionally Left Blank
CHAPTER CHAPTER IX IX
A Proof-Theoretic Proof-Theoretic Fr Framework A amework for Logic Progr Programming Logic amming Gerhard J~iger Ger hard Jager fiir Informatik 'lind und angewandte Mathematik, Universitiit UniversitSt Bern Institut fUr Neubriickstrasse 110, Neubruckstrasse 0, CH-3012 Bern, Switzerland jaeger@iam, unibe, ch [email protected]
Robert F. Sts Robert F. Stark ]iir Informatik, Universitiit Universit~t Freiburg Institut fUr Rue Faucigny 2, CH-1 CH-1700 700 Fribourg, Switzerland robert. [email protected] robert, staerk @unifr. ch
Contents Contents
1. IIntroduction 1. ntroduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2. Basic Basic notions notions .. .. .. .. .. .. . . . . . . . . . . . . .. .. .. .. .. .. .. .. .. . . . . . . . . . . . . . . . 3. Some Some model-theoretic model-theoretic properties properties of of logic logic programs p r o g r a m s .. . . . . . . . . . . . . . . . . 4. Deductive Deductive systems systems for for logic logic programs p r o g r a m s .. . . . . . . . . . . . . . . . . . . . . . . . 5. SLDNF-resolution S L D N F - r e s o l u t i o n .. .. .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . P a r t i a l i t y in in logic logic programming p r o g r a m m i n g .. . . . . . . . . . . . . . . . . . . . . . . . . . . 6. Partiality 7. 7. Concluding Concluding remark remark . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References References .. .. .. .. .. .. . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
H A N D B O O K OF O F PPROOF R O O F THEORY THEORY HANDBOOK E d i t e d by by S. S. R. R. Buss Buss Edited © 1998 Elsevier 9 1998 Elsevier Science Science B.V. B.V. All All rights rights reserved reserved
640 641 650 655 661 672 678 679
640 640
G. J~iger Jager and R. St~irk Stark G.
1 . IIntroduction 1. ntroduction
The purpose purpose of of this this article article isis to to present present one one specific specific proof-theoretic proof-theoretic framework framework The for for first first order order logic logic programming, programming, but but of of course course itit is is not not claimed claimed that that our our approach approach is the the only only possible possible one. one. However, However, we we hope hope to to succeed succeed in in providing providing aa perspicuous perspicuous is and and satisfactory satisfactory explanation explanation of of the the most most central central concepts concepts in in this this area, area, where where our our emphasis is is put put on on aa deductive deductive and and procedural procedural point point of of view. view. emphasis The basic basic principles principles of of logic logic programming, programming, its its history, history, and and its its relationship relationship to to The the programming programming language Prolog are are well well presented presented in in many other publications publications the language Prolog many other (cf. e.g. e.g. Apt Apt [1990], [1990] , Doets Doets [1994] [1994] and and Lloyd Lloyd [1987]) [1987]) so so that that we we can can omit omit details. details. A A (cf. first important important distinction distinction is is between between definite definite logic logic programs programs which which are are based based on on so so first called definite definite Horn Horn clauses, clauses, and and extensions extensions thereof thereof which which provide provide means means for for treating treating called negative information. negative information. For definite definite logic quite simple. For logic programs programs the the situation situation is is quite simple. We We have have the the straightstraight forward observation observation that that aa closed closed atomic atomic formula A is is valid in the Herbrand forward formula A valid in the least least Herbrand of aa definite P if if and and only if A A is is aa logical logical consequence of P. model MR definite logic logic program program P only if consequence of model Mp of P. Moreover, the least least fixed fixed point point of the immediate consequence operator operator T Moreover, M MR is the of the immediate consequence Tpp p is introduced in in van van Emden and Kowalski Kowalski [1976]. [1976]. T also provides provides the link to to the the introduced Emden and Tpp also the link so SLD-resolution, which the standard proof procedure procedure for for definite definite logic so called called SLD-resolution, which is is the standard proof logic programs in suitable calculi. programs and and equivalent equivalent to to direct direct proofs proofs in suitable sequent sequent calculi. Although formulated formulated in in aa very definite logic are Although very restricted restricted language, language, definite logic programs programs are computationally complete in in the sense that that they all recursively computationally complete the sense they can can represent represent all recursively enumer enumerable relations. Nevertheless definite programs programs do able relations. Nevertheless definite do not not adequately adequately reflect reflect the the paradigm paradigm of programming programming in in logic there is is no of logic since since there no way way to to express express negative negative information. information. The standard to introduce introduce negative negative information programming The standard method method to information into into logic logic programming environments Clark's famous environments is is by by Clark's famous negation negation as as failure failure rule. rule. The The result result of of adding adding this will be this rule rule to to SLD-resolution SLD-resolution is is called called SLDNF-resolution SLDNF-resolution and and will be described described below below in in detail. detail. Negation Negation as as failure failure has has aa strong strong procedural procedural character character and and is is easy easy to to ed with, implement. implement. On On the the other other hand, hand, negation negation as as failure failure must must not not be be identifi identified with, for for example, example, classical classical or or intuitionistic intuitionistic negation, negation, and and its its exact exact logical logical meaning meaning is is quite intricate. The Shepherdson [1992] quite intricate. The survey survey articles articles Apt Apt and and Bol Bol [1994] [1994] and and Shepherdson [1992] are are dedicated logical environment environment of negation in in logic logic programming dedicated to to the the logical of negation programming and and are are aa good guide field. Jager concerned with good guide to to the the relevant relevant literature literature in in this this field. J~ger [1989] [1989] is is concerned with the the treatment treatment of of negative negative information information by by means means of of so so called called default default operators operators and and axiomatic axiomatic extensions. extensions. Our Our article article focuses focuses on on the the interpretation interpretation of of logic logic programs programs (with (with negation) negation) as as deductive deductive systems systems and and provides provides aa natural natural reconstruction reconstruction of of logic logic programming programming in in terms terms of of traditional traditional proof proof theory. theory. By By following following this this line line we we can can exploit exploit the the close close interplay interplay between between proof proof search search and and computation computation and and can can profit profit from from the the fact fact that that proof proof theory theory gives gives more more insight insight into into the the procedural procedural behavior behavior of of logic logic programs programs than than most most model-theoretic model-theoretic approaches. approaches. The The paper paper consists consists of of five five major major parts. parts. We We begin begin in in Section Section 22 with with introducing introducing the the basic basic syntactic syntactic and and semantic semantic notions. notions. This This is is essentially essentially aa repetition repetition of of standard standard terminology terminology including including threethree- and and four-valued four-valued structures. structures.
A Proof-Theoretic Proof-Theoretic Framework ~rameworkfor Logic Logic Programming
641 641
The The backbone backbone of of Section Section 33 is is formed formed by by the the general general theory theory of of inductive inductive definability definability for for threethree- and and four-valued four-valued structures structures plus plus the the notions notions of of adequate adequate structure structure and and envelope generated generated by by aa logic logic program. program. This This machinery machinery is is used used to to introduce introduce in in the the envelope fastest fastest possible possible way way that that part part of of model model theory theory which which will will be be needed needed later. later. The The aim aim of of Section Section 44 is is to to set set up up deductive deductive systems systems for for logic logic programs. programs. We We introduce introduce sequent sequent calculi calculi with with additional additional program program rules, rules, consider consider their their identity-free identity-free subsystems and prove shown to subsystems and prove cut-elimination cut-elimination for for them. them. In In addition addition they they are are shown to be be sound and and complete complete with with respect respect to to the the semantics semantics introduced introduced before. before. sound In Section 55 we we study Starting point In Section study SLDNF-resolution. SLDNF-resolution. Starting point is is the the negation negation as as failure rule which is is carefully carefully integrated integrated into into the the resolution process. Modes Modes and and failure rule which resolution process. mode then introduced input/output behavior mode assignments assignments are are then introduced in in order order to to specify specify the the input/output behavior of logic logic programs. programs. They They provide provide aa powerful powerful tool tool for for setting setting up up large large and and natural natural of syntactically nable classes syntactically defi definable classes oflogic of logic programs programs for for which which SLDNF-resolution SLDNF-resolution is is shown shown to be procedure. to be a a sound sound and and complete complete proof proof procedure. Partiality is is considered considered in in the the last last section. section. We We show show how how aa simple simple syntactic syntactic Partiality transformation to regard transformation makes makes it it possible possible to regard logic logic programs programs (with (with negation) negation) as as aa system of of closure closure conditions conditions of of simultaneous simultaneous positive positive inductive inductive definitions definitions so so that that system the proof theory theory of of inductive becomes immediately to logic logic the proof inductive definitions definitions becomes immediately applicable applicable to programming. with aa brief indication of programming. This This section section concludes concludes with brief indication of the the importance importance of of induction principles for proving properties about logic logic programs with presenting induction principles for proving properties about programs and and with presenting an adequate adequate formal formal basis for such such activities. activities. an basis for 2 2.. Basic B a s i c notions notions
2.1. 2.1. Syntactic Syntactic framework framework
In will deal with countable countable first order languages languages C with equality In the the following following we we will deal with first order s with equality which consist of which consist of the the following following basic basic symbols: symbols: . . . ) and 11.. Count ably many (u, v, v, w, W, U1 Countably many free free variables variables (u, ul,, VI Vl,, WI, Wl,...) and countably countably many many bound variables , . . .) ; (x, y, Z, bound variables (x, z, Xl, xl, YYl, Zl,...); 1 , Zl 2. countable 2. one one or or more more O-ary 0-ary function function symbols symbols ((= - constants) constants) and and an an arbitrary arbitrary countable number number of of function function symbols symbols of of finite finite arities arities greater greater than than 0; 0; 3. 3. the the symbols symbols = - for for equality equality and and ir for for inequality; inequality; (R, S, , . . . ) of 4. ably many 4. count countably many relation relation symbols symbols (R, S, T, T, Rl, R1, Sl S1,, Tl T1,...) of every every finite finite arity arity greater than 0; greater than 0; 5. the the symbol symbol - for for the the formation formation of of complementary complementary relations; relations; 5. 6. 6. the the propositional propositional constants constants T T and and .1.. l , , the the propositional propositional connectives connectives V V and and 1\ A and V. and the the quantifiers quantifiers :3 3 and and V. As notation we As auxiliary auxiliary symbols symbols we we have have parentheses parentheses and and commas. commas. To To simplify simplify the the notation we do relation symbols. symbols. Apart do not not denote denote the the equality equality and and inequality inequality symbols symbols as as relation Apart from from the function and relation the basic basic vocabulary the function and relation symbols, symbols, the vocabulary of of all all languages languages which which we we will consider first order will consider is is the the same. same. Each Each of of our our first order languages languages is is thus thus determined determined by by its its function and and relation relation symbols. symbols. function
642 642
C. G. Jager J~ger and R. Stark
The terms terms (a, b, c, c, d, d, aI, the language The The (a, b, al, b1, bl, Cl Cl,, d1, d l , . . . )) of of the language C L: are are defined defined as as usual. usual. The literals (L, . . . ) of all expressions , . . . , an) and R(a1 , . . . , an) literals (L, M, M, L1, L1, MI M,...) of C s are are all expressions R(a1 R(a,,..., an) and R(al,..., an) so so , . . . , an) an) are that that R R is is an an n-ary n-ary relation relation symbol symbol of of sC; the the literals literals R(a1 R(al,..., are called called positive, positive, and literals R(al , . . . , an) called negative; and the the literals R(al,..., aN) are are called negative; the the positive positive literals literals are are sometimes sometimes atomic formulas ..1, (a also denoted as also denoted as atoms. atoms. The The atomic formulas of of C s are are the the literals literals plus plus T T,, A_, (a = = b) b) and (a #(A, B, C1, . . . ) of and (a r b) b).. The The formulas formulas (A, B, C, C, A!, A1, B1, B1, C1,...) of C s are are generated generated as as follows: follows: 11.. If If A A is is an an atomic atomic formula formula of of sC, then then A A is is an an C s formula. formula. 2. If 2. If A A and and B B are are C s formulas, formulas, then then (A (A V V B) B) and and (A (A 1\ A B) B) are are C L: formulas. formulas. 3. If A(u) A(u) is is an an C s formula, formula, then then 3xA(x) 3xA(x) and and 'v'xA(x) VxA(x) are are C s formulas. formulas. 3. If The The vector vector notation notation if V is is used used as as shorthand shorthand for for aa finite finite string string V V1,..., V~ whose whose length length ! , . . . , Vn will be specified will be specified by by the the context. context. We We write write A[it] A[g] to to indicate indicate that that all all free free variables variables of of A A come come from from the the list list a; g; analogously, analogously, a[a] a[g] stands stands for for aa term term with with no no variables variables different different a) and a( a) may other free from from a. g. The The formulas formulas A( A(g) and the the terms terms a(~) may contain contain other free variables variables besides a. besides g. We We denote denote the the set set of of all all free free variables variables of of the the formula formula A A by by var(A) vat(A).. The The universal universal closure closure of of a a formula formula A A is is denoted denoted by by 'v'(A) V(A) and and its its existential existential closure closure by by . • •
3(A).. 3(A)
So for Z: C formulas. So far far we we have have no no negation negation for formulas. However, However, it it can can be be easily easily introduced introduced by by means the complementary the law and de means of of the complementary relations, relations, the law of of double double negation negation and de Morgan's Morgan's ,A of laws. laws. The The negation negation ---A of an an C Z: formula formula A A is is inductively inductively defined defined as as follows: follows: 11.. If C, then If R R is is an an n-ary n-ary relation relation symbol symbol of of E, then we we set set -,R(ii) := := R(ii) ~R(d) R(d)
and and
-,R(ii) --R(d)
:= R(ii). := R(d).
2. 2. For For the the other other formulas formulas we we have have -,T ~ T := ..1, _L,
-,(a := (a #~(a = = b) b):= r b), ,(A VV B) (-,A 1\A -,B), B ) : := = (~A ~B), ---(A -,3xA(x) := 'v'x-,A(x), -,BxA(x) "= Vx-,A(x),
-,..1 = T, --1 :"= T,
:= (a (a = -,(a -~(a #r b) b)"= = b), b), -,(A - ( A 1\ A B) B ) ":= = ((-,A -A V V -,B), ~B), -NxA(x) := 3x-,A(x) -~VxA(x) "= Bx-,A(x)..
Logical implication Logical implication (A (A -+ --+ B) B) and and logical logical equivalence equivalence (A (A t+ ~ B) B) are are defined defined as as usual. usual. In In the the following following we we shall shall omit omit parentheses parentheses whenever whenever the the meaning meaning is is evident evident from from the the context. will often rank. context. The The complexity complexity of of formulas formulas will often be be measured measured in in terms terms of of their their rank. The m(A) of 2.1.1. 2.1.1. Definition. Definition. The rank rank rn(A) of an an C s formula formula A A is is inductively inductively defined defined as as follows: follows: := O. 11.. If If A A is is an an atomic atomic formula, formula, then then m(A) rn(A) := 0. 2. V C) 2. If If A A is is aa formula formula (B (B Y C) or or (B (B 1\ A C) C) so so that that m(B) rn(S) = = m m and and m(C) rn(C) = = n, n, then then m(A) := m ax (m , n rn(A) max(m, n )) ++ 11.. 33.. If =n If A A is is a a formula formula 3xB(x) 3xB(x) or or 'v'xB(x) VxB(x) so so that that m(B(u)) rn(B(u)) = = nn,, then then m(A) rn(A) ::= n ++l l. . Terms Terms and and formulas formulas without without free free variables variables are are called called closed. closed. The The equality equality formulas formulas the C which do (E, . . . ) of (E, E1, E1,...) of C s are are the L: formulas formulas which do not not contain contain relation relation symbols; symbols; the the
A ProofTheoretic Framework Proof-Theoretic Framework for Logic Logic Programming
643 643
(1, 1)
, 0) (1
(0, 1)
(0, 0) Figure Figure 11": The The information information ordering ordering on on FOUR. FouR.
positive positive formulas formulas of of .c s are are the the .c L formulas formulas which which do do not not contain contain negative negative literals. literals. Observe, however, however, that that equations equations ((aa = - b) b) and and inequations inequations (a (a =1= =/=b) b) are are not not considered considered Observe,
as as literals literals in in our our terminology terminology so so that that positive positive formulas formulas may may contain contain equations equations and and inequations. inequations. Following on [1988], Following Shepherds Shepherdson [1988], aa language language .c s is is called called finite finite if if its its set set of of function function nite languages symbols symbols is is finite, finite, otherwise otherwise it it is is called called infinite. infinite. Thus Thus fi finite languages with with at at least least one function function symbol symbol of of positive arity have have an an infinite infinite number of closed closed terms. terms. l1 one positive arity number of The The Herbrand Herbrand universe universe U.c UL of of .c L is is the the collection collection of of all all closed closed terms terms of of s.c. By By our our assumptions U.c contains assumptions on on .c L we we know know that that UL contains at at least least one one element. element. 2.2. 2.2. Two-valued, T w o - v a l u e d , three-valued t h r e e - v a l u e d and a n d four-valued four-valued structures structures
Classical true) and false) . On Classical logic logic just just employs employs two two truth truth values values tt ((true) and ff ((false). On the the other hand, recent other hand, recent research research in in logic logic programming programming indicates indicates that that aa third third truth truth value value u undefined) and contradictory) have u ((undefined) and aa fourth fourth truth truth value value cc ((contradictory) have their their natural natural place place ((cf. cf. e.g. Mycroft [1984] Fitting [1985] Kunen [1987, e.g. Lassez Lassez and and Maher Maher [1985] [1985],, Mycroft [1984], Fitting [1985] and and Kunen [1987, ' 1989]). 1989]). We We follow follow the the presentation presentation of of Fitting Fitting [1991]; [1991]; similar similar approaches approaches are are due due to to Belnap Belnap [1977] FOUR :-:= {0, {O, 1I}} x {0, {O, I1}. }. [19771 and and Ginsberg Ginsberg [1987]. [1987]. The The set set of of truth truth values values is is the the set set FOUR If FOUR is If (x (x,, yy)) E E FOUR is assigned assigned to to some some statement statement A, A, then then xx represents represents the the degree degree of of evidence evidence against usual truth evidence for for A A and and yy the the degree degree of of evidence against A. A. The The usual truth values values can can be be embedded into this this framework = (0, embedded into framework by by setting setting tt := (1, (1, 0) 0> and and ff ::= (0, 1) 1>;; the the third third truth truth FOUR aa binary value value u u is is represented represented by by (0, (0, 0) 0> and and cc is is (1, (1, 1) 1>.. On On FOUR binary relation relation is is defined defined by by <Xl, y~) [:: (X2, Y2>
:r
Xl _< X2 and
Yl -- Y2
where on the right hand where the the relation relation :S _< on the right hand side side is is the the usual usual ordering ordering relation relation of of the the natural natural numbers see Fig. Fig. 1). numbers ((see 1). This This partial partial ordering ordering is is sometimes sometimes denoted denoted as as information information-
ordering. ordering.
On FOUR one defines which will be used On FOUR one defines the the following following operations operations which will be used below below to to 11Hence Hence "finite" "finite" refers refers to the number number of function symbols symbols and not to the number number of closed closed terms.
G. G. Jager Jiiger and and R. R. Stark Stiirk
644 644
interpret the logical interpret the logical connectives: connectives: -(x, = (x, y) ::= , Y2 ) : = , YI) + (xl,yl) + (X2 (x2,y2):= (XI . = (Xl,, YYI)" (x2,' YY2) (Xl I ) (X2 2 ) ::= := Eiei(x~, Yi/:= iEI(Xi, Yi) L rliei(xi, y i / :: = = iEI (Xi, Yi) Il
, x) , (y,x), (y max(Xl , x2 ) , min( min(yl,Y2)/, ((max(xl,x2), YI , Y2 ) , min(xl , X2 ) , max( ((min(xl, x2), max(yYI1,, YY2)), 2) , ax{xi : ii EE I}, (max{x/: I}, min{ min{yi I}/,) , (m Yi :: ii EE I} in{xi :: ii EE I}, max{ Yi : ii EE I} (min{xi I},max{y/: I}/.) . (m
Observe {t, f} Observe that that the the sets sets {t, f},, {t, {t, f, f, c} c} and and {t, (t, f, f, u} u} are are closed closed under under these these operations. operations. This FOUR This is is not not the the case case for for the the limit limit of of elements elements of of F o u r which which is is defined defined by by taking taking the the pointwise pointwise maxima: maxima: lirn~eI(xi, Yi):= (max{x/: i E I},max{y/: i E I}).
It It is is clear, clear, however, however, that that all all these these operations operations are are monotone monotone on on FOUR FOUR with with respect respect to to the the relation relation � E.. 2.2.1. 2.2.1. Definition. Definition. 1. A 1. A lour-valued f o u r - v a l u e d structure structure oot 9Y~ for for C s consists consists of of aa non-empty non-empty domain domain l!)Y~I together lootl together oot(J) and with with assignments assignments ~)Y~(f) and oot(R) ffJ~(R) to to all all function function symbols symbols I f and and relation relation symbols symbols R R of of C s so so that that (a) lootlI to (a) oot(J) ffJl:(f) is is an an n-ary n-cry function function from from 103~ to lootl In[ if if I f is is n-ary, n-cry, (b) (b) ffJl(R) oot(R) is is an an n-ary n-cry function function from from lootl [ffJl:[ to to FOUR F o u r if if R R is is n-ary. n-cry. 2. An 2. An upper upper three-valued three-valued structure s t r u c t u r e for for C s is is aa four-valued four-valued structure structure for for C s so so that that oot(R) do relation symbol the the functions functions ~)91:(R) do not not take take the the value value u u for for any any relation symbol R R of of C. s 3. 3. A A lower lower three-valued three-valued structure s t r u c t u r e for for C s is is aa four-valued four-valued structure structure for for C s so so that that the the functions functions oot(R) ~}Y~(R)do do not not take take the the value value cc for for any any relation relation symbol symbol R R of of C. s 4. 4. A A two-valued two-valued structure structure for for C s is is aa four-valued four-valued structure structure for for C s so so that that the the functions functions oot(R) ff2(R) do do not not take take the the values values ce and and u u for for any any relation relation symbol symbol R R of of C. s
For by For aa four-valued four-valued C s structure structure oot if2 one one introduces introduces the the language language C[oot] s by adding adding to to C s ootl . Yet new new constants constants ~m for for all all m m E l]ff2]. Yet in in order order to to simplify simplify notation notation we we often often write write mn] . The A [[ml m l , '. .. . ., . , m mn] instead of of A[ml A [ ~ I ,' .. ... ., , mn]. The value value of of each each closed closed expression expression of of C[oot] s A n] instead is now inductively is now inductively defined defined as as follows: follows: 2.2.2. Let 2.2.2. Definition. Definition. Let oot ff)t be be aa four-valued four-valued C s structure. structure. We We assign assign to to each each closed term aa and closed formula aa value closed term and closed formula A A of of C[oot] s value oot(a) !)Y~(a) E lootl 1if2] and and aa value value oot(A) ff2(A) E E FOUR. FouR. 1. If 1. If aa is is the the term term m ~ for for some some element element m m of of lootl Iff)~],, then then oot(a) ff2(a) ::= m. = m. 2. for 2. If If aa is is the the term term l f ( (aI, a l , . ... ., a. n, an) ) for some some n-ary n-cry function function symbol symbol I f and and terms terms : = oot(J) al al,, .. .. .. ,, aan n ,, then then oot(a) !)Y~(a):= ~ ( f ) ( f f(oot(al) J ~ ( a l ) , , .. .. .. oot(an)). ffJ~(an)).
A Proof-Theoretic Proof-Theoretic Framework Frameworkfor Logic Logic Programming Programming
645 645
3. If A A is is the the formula formula T T,, then then 9Yt(A) :-- tt;; if if A A is is the the formula formula (a (a = - b) b),, then then 3. If OO1(A) :=
{
9= [ t, t,
001 (A) := ff2(A)
[
f,
if if OO1(a) ~:(a) = = OO1(b), ~Yl:(b), if OO1(a) i' OO1(b).
4. 4. If If A A is is the the formula formula R(aI R ( a l ,, .. ... ,. , a an) for some some n-ary n-cry relation relation symbol symbol R R and and terms terms n ) for := OO1(R) a l ,, ... .. ,. a, na,n , then then OO1(A) ffJ~(A):= ~ ( R ) ((OO1(al) ~ ( a l ) ,". . .' ," ~OO1(a ( a n )n))). . aI 5. B and 5. If If A A is is the the formula formula ..., ~B and B B the the formula formula T T,, an an equation equation or or a a positive positive literal, literal, then then OO1(A) ~ ( A ) " =:= -OO1(B). -~(B). C) , then C) . 6. If If A A is is aa formula formula (B (B V V C), then OO1(A) ff2(A) := := OO1(B) ~:(B) + + OO1( ~:(C). 6. 7. OO1(A) := 9Jr(B). OO1(B) · OO1(C). 7. If If A A is is a a formula formula (B (B 1\ A C) C),, then then ffJt(A)'= ffJt(C). 8. 8. If If A A is is a a formula formula 3xB(x) 3xB(x),, then then OO1(A) ffJt(A) := "= EmEI!)]! ~mel~l1 OO1(B(m)) 9Yt(B(m)).. 9. : = TImEI!)]!1 9. If If A A is is a a formula formula VxB(x) YxB(x),, then then OO1(A) ff2(A)'= YImel~l OO1(B(m)) 9'A(B(m)).. Obviously t , ff,, cc}} for t , ff,, u} Obviously one one has has OO1(A) 9Jr(A) E e {{t, for all all upper upper three-valued three-valued 001, ffJt, OO1(A) ffJt(A) E e {{t, u} for {t, f} for all all lower lower three-valued three-valued 001 ffJt and and OO1(A) ff2(A) E {t, f} for for all all two-valued two-valued 001. 9Yr. Hence Hence these these three-valued three-valued and and four-valued four-valued structures structures are are natural natural generalizations generalizations of of the the two-valued two-valued case. Observe Observe that that equality equality is is always always handled handled as as the the usual usual two-valued two-valued identity. identity. If If A A case. is an an equality equality formula formula of of s£[001] , then then 9Jr(A) - tt or or 9Yt(A) = f, also for for three-valued three-valued is OO1(A) = OO1(A) = f, also 001. and and four-valued four-valued structures structures 9Yr. If £ and formula If 001 ffJt is is aa four-valued four-valued structure structure for for/:: and A A is is aa closed closed £[001] s formula so so that that x, y) then we (A) for y; hence OO1(A) = 9Jr(A) = ((x, y),, then we often often write write 0011st ~Jtlst(A) for xx and and 0012 ~Jt2nd(A) for y; hence we we have have nd (A) for (A) ) . st (A), 0012nd OO1(A) 9~t(A) = = (0011 (~Jtlst(A), ~Jt2nd(A)}. The The Herbrand Herbrand structures structures for for £ s are are the the £ s structures structures so so that that the the domain domain of of these these structures structures is is the the set set U Uez and and the the function function symbols symbols have have their their obvious obvious interpretations interpretations Herbrand structure over over Ue. UL. Hence Hence every every Herbrand structure 001 ffJt is is characterized characterized by by the the interpretation interpretation of symbols. In of its its relation relation symbols. In the the following following we we write write ile ~/z for for the the two-valued two-valued Herbrand Herbrand f, and structure structure for for £ s which which interprets interprets each each relation relation symbol symbol as as identically identically f, and 3ile 3ill to to denote denote the the lower lower three-valued three-valued Herbrand Herbrand structure structure for for £ s which which interprets interprets each each relation relation symbol symbol as as identically identically u. u. There There is is a a natural natural notion notion of of extension extension on on the the four-valued four-valued £ s structures structures which which is is obtained obtained by by lifting lifting the the above above defined defined relation relation � E on on FOUR F o u r pointwise pointwise to to the the four-valued four-valued £ /2 structures: structures" 2.2.3. Definition. be four-valued 2.2.3. D e f i n i t i o n . Let Let 001 ~ and and 1)1 9~ be four-valued structures structures for for £ Z: which which have have the the same same universe universe and and the the same same interpretations interpretations of of the the function function symbols. symbols. 1)1 9~ is is called called an an extension ( R( m)) � ( R( m)) for extension of of 001 ~Y~if if we we have have 001 9~:(R(~)) E 1)1 9~(R(rh)) for all all relation relation symbols symbols R R of of £ s and and m r5 E 10011 I~1.. In In this this case case we we write write 001 if2 � E 1)1. 9~.
The relation � ordering on The relation E is is a a partial partial ordering on the the four-valued four-valued structures structures for for s£, and and 3ile 3ill is is the the least least Herbrand Herbrand structure structure with with respect respect to to this this ordering. ordering. In In addition addition it it is is easy easy to to see see that that the the £ s formulas formulas are are monotone monotone with with respect respect to to � E in in the the sense sense of of the the following following remark. remark.
Jager and and R. R. Stdrk Stark G. Jiiger G.
646 646
2.2.4. RRemark. Let 92 !lJt and and 91 91 be be four-valued four-valued s£ structures. structures. Then Then we we have have for for all all 2.2.4. e m a r k . Let closed s£[!lJt] formulas formulas A" closed A: ~ ===}
!lJt E[; ~91 9Jr
91 (A) . ffJt(A) !lJt(A) E [; 91(A).
As aa special special case case this this means means that that as as soon soon as as an an E[92] £[!lJt] formula formula has has obtained obtained aa value value As or ff in in aa lower lower three-valued three-valued structure structure 92, it will will keep keep this this value value in in all all lower lower tt or !lJt , it three-valued extensions extensions of of 92. !lJt. three-valued 2.3. FFour-valued versus ttwo-valued 2.3. o u r - v a l u e d versus w o - v a l u e d sstructures tructures
In this this section section we we introduce introduce the the extension extension s£" of of aa first first order order language language E£ and and show show In that the the four-valued four-valued structures structures for for s£ can can be be identified identified with with two-valued structures that two-valued structures for £" . for/:~. 2.3.1. Definition. Let Let £" be the which results results from 2.3.1. Definition. s be the first first order order language language which from s£ by by replacing each relation relation symbol symbol R replacing each R of two new of s£ by by two new independent independent relation relation symbols symbols R+ and R Rwhich are are of of the the same same arity arity as as R. R. R + and - , , which
Hence each relation symbol R R of corresponds to pair (R+ R-) relation symbols Hence each relation symbol of s£ corresponds to a a pair (R +,, R - ) of of relation symbols of £" . Four-valued for R R can be associated two-valued of/:~. Four-valued interpretations interpretations for can therefore therefore be associated to to two-valued interpretations for R R++ and Rinterpretations for and R - .. 2.3.2. Let !lJt be be aa four-valued four-valued structure 91 aa two-valued 2.3.2. Definition. Definition. Let 92 structure for for s£ and and 91 two-valued structure structure for for £" s . 1. !lJt" and agrees 1. 92~ is is the the two-valued two-valued s£" structure structure which which has has the the same same universe universe as as !lJt 92 and agrees with !lJt relation symbols with 92 on on the the interpretation interpretation of of the the function function symbols; symbols; for for relation symbols R± R+ of and m set of £" s and rh E 6 1!lJt1 1921 we we set : = (!lJt !lJt" (R+ ) (m) := 1st (R(m)) , 1 !lJt1st (R(m)) ) , !lJt" (R- ) (m) : = (!lJt2nd (R(m)) , 1 !lJt2nd (R(m )) ) .
:=
-
-
2. 91° 2. 91is is the the four-valued four-valued £ s structure structure which which has has the the same same universe universe as as 91 91 and and agrees agrees symbols; for relation symbols with with 91 91 on on the the interpretation interpretation of of the the function function symbols; for relation symbols R R of o f /£: and and m n5 E 6 1911 1911we we set set 9I~
:= (gllst(R+(rh)),9Ii,t(R-(r5))).
The The previous previous two two constructions constructions are are inverse inverse to to each each other other in in the the strongest strongest possible possible sense. sense. We We have have for for all all four-valued four-valued £ s structures structures !lJt 9~ and and all all two-valued two-valued £" s structures structures 91 91 that 91° ) " = that (!lJt"t (92~)o = = !lJt 92 and and ((91o)~ _ 91. 91. Hence Hence it it is is perfectly perfectly legitimate legitimate to to identify identify the the four-valued four-valued structures structures for for the the language language £ s with with the the two-valued two-valued structures structures for for the the extension extension £" s of o f /£. : . In In view view of of the the following following remark remark it it is is possible possible to to identify identify the the lower £" structures lower three-valued three-valued £ s structures structures with with the the two-valued two-valued/J structures which which satisfy satisfy the the uniqueness uniqueness condition condition that that all all R+ R + and and RR - are are interpreted interpreted as as disjoint disjoint relations. relations.
A A Proof-Theoretic Proof-TheoreticFramework Frameworkfor Logic Logic Programming Programming
647 647
2.3.3. Remark. Remark. Let 9Jt 93t be be aa four-valued four-valued .c s structure. structure. Then Then 9Jt 9JI is is upper upper three threeLet 2.3.3. )) = valued (R+ (rii) V valued if if and and only only if if 9Jtu 93t~(R+(r5) Y RR - (rii (r5)) - tt for for all all relation relation symbols symbols R R of of .c s and and all all iii ) t\R- (iii r5 E e 19Jt 199~1; analogously, 9Jt 93t is is lower lower three-valued three-valued if if and and only only if if 9JtU(R ffJt~(R + + (rii (rh)AR(rh)) -- ff )) = 1 ; analogously, for relation symbols 9Jt 1 . for all all relation symbols R R of of .c s and and all all iii r5 E 119I[I.
Based on .c to Based on the the extension extension of of the the language language/: to the the language l a n g u a g e /.cU J we we now now translate translate every every .c into .cU and A Z: formula formula A A into ZJ formulas formulas A A+ + and A-- as as follows: follows" := A 1. If 1. If A A is is an an atomic atomic equality equality formula, formula, then then A A+ + := A and and AA- := : - --.A. -~A. 2. .c, then a) 2. If If A A is is of of the the form form R(a) R(g) for for some some n-ary n-cry relation relation symbol symbol of of/:, then A A+ + := := R R+ + ((~) - ( a) . and := R and AA- := R-(~). relation symbol 3. If 3. If A A is is of of the the form form R(a) R(d) for for some some n-ary n-cry relation symbol of of .c, s then then A+ A + := := RR-(g) (a) and and AA - : =:= R+(a) R + (~).. 4. (B V A++ := := (S (B++ V C+) := ((B4. If If A A is is of of the the form form (B Y C) C),, then then A y C +) and and AA- := B - t\ A C-) C - ) .. If A A is is of of the the form form ((B A C) C),, then A+ + ::= (B + t\ A C+) C +) and and AA- ::= (B- V V C-) C - ) .. 55.. If B t\ then A = (B+ = (B6. = 3xB+ (x) and 6. If If A A is is of of the the form form 3xB(x) 3xS(x),, then then A+ A + :"= 3xB+(x) and AA- := := VxBVxB-(x). (x) . 7. (x) , then then A+ (x) and (x) . 7. If If A A is is of of the the form form VxB YxB(x), A + := "= VxB+ VxB+(x) and AA- := := 3xB3xB-(x). This This means means that that the the .cU s formula formula A A+ + is is obtained obtained from from the the .c s formula formula A A by by changing changing + (a) and all positive positive literals literals R(d) A into into R R+(6) and all all negative negative literals R(g) in in A A into into literals R(a) all R(a) in in A + (a) R(a) ; Ain --.A by R-(d); A- is is obtained obtained from from A A by by replacing replacing all all positive positive literals literals R(a) R(~)in-~A by R R+(g) and all negative literals literals R(a) R(d) in ~A by by RR-(~). If there there are are axioms axioms available available which which in --.A (a) . If and all negative - (a) are express (it) , then express that that the the formulas formulas R R-(g) are the the negations negations of of the the formulas formulas R+ R+(g), then one one may may identify identify A+ A + with with A A and and AA- with with --.A. --A. .cU formulas. 2.3.4. 2.3.4. Remark. R e m a r k . If If A A is is an an .c Z: formula, formula, then then A A+ + and and AA- are are positive positive/::~ formulas. The the close The following following remark remark shows shows how how the close connection connection between between four-valued four-valued/:.c struc structures .cU structures tures and and two-valued two-valued/:~ structures extends extends to to arbitrary arbitrary .c s formulas. formulas. 2.3.5. .c[I)tO] 2.3.5. Remark. R e m a r k . We We have have for for all all two-valued two-valued .cU ZJ structures structures I)t 92 and and all all closed closed/:[fit ~ formulas (A+), I)t = (l)tlst formulas A A that that I)tO(A) 92~ (921,t(A+), 921st(A-)/. lst (A- » . 2.4. 2.4. Logical Logical consequences consequences
An An .c s theory theory is is aa (possibly (possibly infinite) infinite) set set of of .c s formulas. formulas. By By Th "l'h It- A A we we express express that that the the formula formula A A can can be be deduced deduced from from the the theory theory Th Th by by the the usual usual axioms axioms and and rules rules of of first first order order predicate predicate logic. logic. If If 9Jt 93t is is a a two-valued two-valued structure, structure, A[it] A[~7] is is an an .c s formula formula and and Th Th an an .c s theory, theory, then then J) = . Then we we define define as as usual: usual: A[it] A[~7] is is valid valid in in 9J 93q: if 9Jt(A[iii ffJt(A[r5]) = tt for for all all iii r5 E e 19Jt1 193q:1. Then we we t if and write Th is is valid in 9J all elements call call 9Jt ff.rt aa model model of of A[a] A[~7] and write 9Jt 93t F ~ A[a] A[~7].. Th valid in 93tt if if all elements of of Th Th are are valid valid in in 9Jt. 93t. Then Then we we call call 9Jt ffYta a model model of of Th Th and and write write 9Jt ff)I F ~ Th. Th. A[it] A[~7] is is aa logical logical consequence of Th if models of Then we Th F consequence of Th if A[a] A[~7] is is valid valid in in all all models of Th. Th. Then we write write Th ~ A[a] A[~7].. The The usual usual completeness completeness result result for for first first order order logic logic states states that that derivability derivability is is equivalent equivalent to to logical logical consequence, consequence, Le., i.e., that that Th Th I~- A A if if and and only only if if Th Th F ~ A A for for all all s theories theories Th Th and and/:: formulas A. A. .c .c formulas
648 648
G. G. Jager J~ger and R. Stark
This form This form of of logical logical consequence consequence is is based based on on two-valued two-valued structures. structures. Special Special forms forms of of consequences consequences of of logic logic programs programs with with respect respect to to certain certain three-valued three-valued and and four-valued four-valued structures structures will will be be introduced introduced in in Section Section 3.1. 3.1. 2.5. 2.5. Clark's C l a r k ' s equational e q u a t i o n a l theory theory
Unification plays Unification plays a a major major role role in in practically practically all all implementations implementations of of logic logic program programming ming environments. environments. In In general general the the most most simple simple form form of of unification unification is is employed employed which which treats treats two two closed closed expressions expressions as as equal equal if if and and only only if if they they are are syntactically syntactically identical. identical. The The corresponding corresponding unification unification theorem theorem goes goes back back to to Robinson Robinson [1965J [1965] and and states states the the existence existence of of an an algorithm algorithm which which for for any any two two expressions expressions produces produces an an idempotent idempotent most general general unifi unifier if they they are are unifiable unifiable and and otherwise otherwise reports reports the the nonexistence nonexistence of of aa most er if unifier. unifier. Space Space does does not not permit permit to to go go into into details, details, and and only only the the basic basic terminology terminology can can be be repeated. repeated. An An £ s substitution substitution B0 is is aa finite finite set set {ut/ { u l / aaIl ,, .. ... ., , un/an} u~/a~} of of bindings bindings so so that that the £ s terms terms aaii are are different different from from the the variables variables Ui ui for for 11 :::; _< ii :::; _< n n and and Ui ui is is different different the :::; ii < < jj :::; n. We B, a, T, B01,al, , . . . for the from from Uj uj for for 11 _< _< n. We shall shall use use O,a, T1,... for substitutions; substitutions; the I , aI , TI empty denoted by empty substitution substitution is is denoted by c. The The instance instance ZB ZO of of an an expression expression Z Z and and aa substitution substitution B0 = = {Ut/a { u l / a l, l , .. ... ., , un/an} u~/a~} is is the replacing each occurrence of the expression expression obtained obtained from from Z Z by by simultaneously simultaneously replacing each occurrence of the the variable addition, an variable Ui ui in in Z Z by by the the term term aaii (i (i = = 11,, .. .. .., , n) n).. In In addition, an expression expression Zl Z1 is is called called aa variant variant of of the the expression expression Z2 if if there there exist exist substitutions substitutions a a and and T so SO that that Zw 2:1a = -- Z2 and l. and Z2T = =Z Z1. Let {al = Let S $ be be the the set set of of equations equations {al = bl b l,, .. .. ..,,aann = = bn} bn}.. A A unifier unifier of of S $ is is an an £ substitution B0 with identical for s substitution with the the property property that that aiB aiO and and biB biO are are identical for 11 :::; < ii :::; < n n.. This This unifier most general general if substitution T unifier is is most if for for any any other other unifier unifier a a of of S $ there there exists exists aa substitution so composition of general) unifier SO that that a a is is the the composition of B0 and and T T,, i.e., i.e., a a = -- B1". OT. A A (most (most general) unifier of of (most general) the the two two atoms atoms R R (( aal, l , .. ...., , an an)) and and R(bI R ( b , ,, .. ...., , bn) bn) is is aa (most general) unifier unifier of of the the set set of = bl of equations equations {a {all = b l,, .. .. .., , a ann = = bn} bn}.. For For further further unexplained unexplained notions notions we we refer refer to to Apt Apt [1990], [1990], Doets Doets [1994J [1994] and and Lloyd Lloyd [1987J. [1987]. 's equational Clark Clark's equational theory theory GETc CETL (cf. (cf. Clark Clark [1978]) [1978]) may may be be understood understood as as the the axiomatic axiomatic counterpart counterpart of of this this form form of of unification. unification. The The theory theory GETc CET~ depends depends on on the the language language £ s and and comprises comprises the the following following equality equality axioms axioms (E1) (El) and and (E2) (E2).. First First we we have have (E1) /\ .. ... . /\ = bn , (al = (El) ...~(al = bl bl A A an an = bn)) for bn} is able. an, bbIl,, .. .. .., , bbnn so for all all £ s terms terms aab l , .. ...., , an, so that that {a {all = = bl, b l , .. .. .., , an an = = bn} is not not unifi unifiable. The The second second group group of of axioms axioms states states (E2) . . a/\nan (E2) (al ( a l ==b bl l A/\. . .. A = b= n ) bn) - - + -+ c = dc = d provided bn} is able with er B0 and provided that that {al {al = = bl b l,, .. .. .., , aann = = bn} is unifi unifiable with a a most most general general unifi unifier and cB cO and and dB dO are are syntactically syntactically identical. identical. A A four-valued four-valued structure structure rot if2 is is called called an an equational equational structure structure if if the the universal universal closures closures of (E2) are of the the equality equality axioms axioms (E1) (El) and and (E2) are true true in in rot. ~ . ilc 12~ is is an an equational equational structure structure and ed by and is is sometimes sometimes called called the the standard standard model model of of GETc CETL.. This This is is justifi justified by the the obvious obvious
A Proof-Theoretic Framework for Logic Programming
649 649
fact fact that that every every model model of of CETe CETL contains contains an an isomorphic isomorphic copy copy of of the the standard standard model. model. CET~ does does not not contain contain equality equality assertions assertions for for relation relation symbols. symbols. Hence, Hence, for for example, example, CETe formula of of the the form form aa - bb /\ A R(a) R(a) -+ --+ R(b) for some some unary unary relation relation symbol symbol R R is is not not aa formula R(b) for derivable derivable from from CETe CETL.. ' cev [1971] A result result of of Mal Mal'cev [1971] states states that that CETe CETL is is complete complete if if C s is is an an infinite language. A infinite language. Observe, however, however, that that CETe CET~ is is in in general general not not complete complete for for finite finite languages. languages. Let Let C, s Observe, for example, example, be be a a language language with with a a constant constant aa and and no no other other function function symbols. symbols. Then Then for LtL is is a a model model of of 'v'x( Vx(xx - a) a) but but CETe CETL does does not not prove prove this this equality equality formula. formula. In In order order Ue to to obtain obtain completeness completeness also also for for finite finite languages languages C s one one has has to to strengthen strengthen CETe CETL by by the the so so called called domain domain closure closure axiom axiom DCAe DCAL,,
=
=
:=
=
f(fi)), DCAe W 3y(x =/(Y-0), DCAc := 'v'x Vx~/3g(x f Ee which belongs to which says says that that every every element element of of the the universe universe belongs to the the range range of of some some function function 'cev [1971] symbol symbol of of sC. Then Then the the following following theorem theorem follows follows for for example example from from Mal Mal'cev [1971] or or Shepherdson [1988] Shepherdson [1988].. 2.5.1. Theorem. 2.5.1. Theorem.
have have the the equivalence equivalence
Let Let E E be be aa closed closed equality equality formula formula of of the the language language C s . Then Then we we CETe E C E T L Ff-- E
{:=> -: ;-
Ue L i LF l E E, ,
provided provided that that C s is is infinite. infinite. On On the the other other hand, hand, if if C s is is finite, finite, then then one one can can only only show show that that Ue CETL + + DCAe DCA~ fF- E E r t2L F ~ E E.. CETe {:=> 2.6. 2.6. Logic Logic programs p r o g r a m s and and their their completions completions
Finally the article: logic Finally the stage stage is is set set for for introducing introducing the the central central object object of of this this article: logic programs. programs. What What we we simply simply call call a a logic logic program program here here is is sometimes sometimes denoted denoted as as aa cf. e.g. normal or normal or general general logic logic program, program, in in contrast contrast to to definite definite logic logic programs programs ((cf. e.g. Apt Apt [1990] [1990],, Doets Doets [1994] [1994] and and Lloyd Lloyd [1987]). [1987]). Goals possibly empty Goals (G, (G, H, H, Gi, G1, Hi, H1,...) in the the language language C Z: are are finite finite ((possibly empty)) sequences sequences . . . ) in of of C Z: literals. literals. The The empty empty goal goal is is denoted denoted by by 0 O.. A A program program clause clause in i n /C: is is an an expression expression of the the form form of A A ::-GG
so so that that A A is is a a positive positive literal literal of of C. s The The atom atom A A is is the the head head and and the the sequence sequence of of the body clause is literals literals G G the body of of the the clause. clause. If If the the body body of of a a program program clause is empty, empty, we we simply simply C is (C, PC) PC) which write write A A instead instead of of A A : -- 0 O.. A A logic logic program program in in/:: is aa pair pair (s which consists consists of of aa first C and first order order language language/:: and aa finite finite set set PC PC of of program program clauses clauses in in C. s Suppose Suppose that that P P is is a a logic logic program, program, R R is is an an n-ary n-cry relation relation symbol symbol and and that that there there th clause are R( . . . ) so are m m clauses clauses in in P P whose whose heads heads are are of of the the form form R(...) so that that the the iith clause is is of of the the form form
:
R( R(ai,l[~, ai,nM) - Li Li,IM, Li,~(i)[~ ,dv] , ·. .. .. ,, Li ,k(i) [V] ai,l [V] , .. .. .. ,, ai ,n [V] ) :: -
G. Jager Jagerand andR. R. Stark Stark G.
650 650
and has has k( k(i) literals in in its its body. body. Then Then the the definition definition form form of of R R with with respect respect to to P P isis and i) literals defined to be be the the formula formula defi ned to
DR[uI, . . . , un]
:=
k ( i» n !/Jx ({& (Uj = ai,j [X] ) 1\ (& Li,j [x]) . rn m
n
k(i)
i=l
-
j=l
The i) == 00 are The special special cases cases m m= = 00 and and k( k(i) are included included by by interpreting interpreting empty empty disjunctions disjunctions as ..1 3_ and and empty empty conjunctions conjunctions as as T. T. as In Section Section 44 we we will will introduce introduce deductive deductive systems systems for for logic logic programs, programs, and and in in these these In systems so so called called program program rules rules are are associated associated to to the the program program clauses. clauses. However, However, systems from aa declarative declarative point point of of view view aa logic logic program program P P is is often often identified identified with with the the theory theory from consisting consisting of of all all formulas formulas V~(DR[:~'] -+ -+ R R(~)) so that that each each DRIP7] is is the the definition definition ( )) so form of of R R with with respect respect to to P. P. Other Other schools schools in in the the model-theoretic model-theoretic approach approach to to form logic programming programming argue argue that that the the intended intended meaning meaning of of aa logic logic program program P P is is better better logic reflected by the the so so called called Clark Clark completion completion of of P P,, in in which which the the implications implications of of the the refl ected by previous formulas formulas are are replaced replaced by by equivalences equivalences (cf. (cf. Clark Clark [1978]). previous More formally, formally, let let P P be be aa logic logic program program in in .c s and and assume assume that that the the definition definition form form More of each each relation relation symbol symbol R R of of .c s is is the the formula formula DRIP7]. Then Then we we call call of
'v'X(DR[X]
x
DR[i1]
[1978]).
DR[i1] .
V~(DR[~] ++ n(~))
the P. The the completed completed definition definition of of R R with with respect respect to to P. The completion completion of of P P is is the the .c Z: theory theory comp(P) definitions of comp(P) which which consists consists of of CETc CETc plus plus the the completed completed definitions of all all relation relation symbols symbols of/:. of .c. 3.. Some Some m odel-theoretic pproperties r o p e r t i e s of o f logic l o g i c pprograms rograms 3 model-theoretic
There are are some some central central model-theoretic model-theoretic properties properties of of logic logic programs which are are There programs which crucial for our crucial for our proof-theoretic proof-theoretic approach, approach, in in particular particular from from the the point point of of view view of of providing aa semantic semantic platform platform and and motivation motivation of of the the following following steps. steps. We We will will now now providing recall recall these these results results and and present present them them in in aa form form tailored tailored for for our our later later applications. applications. 3.1. d e q u a t e sstructures tructures 3.1. A Adequate
We start start with with structures structures which which are are adequate adequate to to logic logic programs. programs. Informally, Informally, We adequate structures structures are are structures structures which which reflect reflect the the meaning meaning of of aa logic logic program program in in adequate the sense sense that that the the information information content content of of the the definition definition form form isis inherited inherited to to the the the corresponding corresponding relation. relation. 3.1.1. Definition. Definition. Let Let PP be be aa logic logic program program in in s.c. AA four-valued four-valued equational equational 3.1.1. structure adequate toto PP ifif structure 93t VR for for s.c isis called called adequate ff2(DR[rh]) E ffJt(R(r5))
DR[U]
for all all rh m EE 192tl IVRI and and all all relation relationsymbols symbols RR of ofs.c plus plus their their definition definition form form DR[g] with with for respect respect toto P. P.
A ProofTheoretic Framework Proof-Theoretic Frameworkfor .for Logic Logic Programming
651 651
This definition definition implies implies that that a a two-valued two-valued equational equational structure structure oot 9Yt for for C E is is adequate adequate to to This logic program program P P if if and and only only if if oot ffJt is is a a model model of of comp(P) comp(P).. Moreover, Moreover, Remark Remark 3.2.6 3.2.6 aa logic below below describes describes the the relationship relationship between between three-valued three-valued models models of of comp(P) comp(P) in in the the sense sense of of Fitting Fitting [1985] [1985] and and Kunen Kunen [1987] [1987] and and three-valued three-valued structures structures which which are are adequate adequate to to P. P.
3.1.2. 3.1.2. Definition. D e f i n i t i o n . Let Let P P be be a a logic logic program program in in C s and and A[iI] A[g] an an C s formula. formula. 1. A[iI] -adequate consequence 1. A[g] is is called called a a 44-adequate consequence of of P P if if oot1st(A[m]) ~Utlst(A[rn]) = = 11 for for all all four fouroot l . valued equational C structures oot which are valued equational s structures ffJt which are adequate adequate to to P P and and all all m rh E E lIffJtl. Then Then we we write write P P F ~44 A[iI] A[g].. 2. 2. A[iI] A[~7] is is called called an an upper upper consequence consequence of of P P if if oot1st(A[m]) ffJhst(A[nh]) = = 11 for for all all upper upper three-valued three-valued equational equational C s structures structures oot ffJt which which are are adequate adequate to to P P and and all all m oot l . Then r5 E e lIffJtl. Then we we write write P P FL> ~z~ A[iI] A[~7].. lower consequence 3. A[~7] is is called called a a lower consequence of of P P if if oot1st(A[m]) ffJtlst(A[rh]) = = 11 for for all all lower lower three three3. A[iI] valued oot l . valued equational equational C s structures structures oot ffJt which which are are adequate adequate to to P P and and all all m n5 E E lIffJtl. Then Then we we write write P P F'il ~ v A[iI] A[~7].. 4. A[iI] -adequate consequence 4. A[g] is is called called a a 22-adequate consequence of of P P if if oot1st(A[m]) ffJtl,t(A[nh]) = = 11 for for all all two twovalued equational which are adequate to all m oot l . valued equational C s structures structures oot ffJt which are adequate to P P and and all n5 E E lIff)tl. Then Then we we write write P P F2 ~2 A[iI] A[~7]..
Since Since the the two-valued two-valued structures structures which which are are adequate adequate to to a a logic logic program program P P agree agree with with the the models models of of comp(P) comp(P),, it it is is obvious obvious that that a a formula formula A A is is a a 2-adequate 2-adequate consequence consequence of completion of of P P if if and and only only if if it it is is a a logical logical consequence consequence of of the the completion of P. P. 3.2. 3.2. Envelopes E n v e l o p e s generated g e n e r a t e d by b y logic logic programs programs
A structure oot providing some partial information A four-valued four-valued structure ffJt can can be be viewed viewed as as providing some partial information about intended scope interest, and about the the intended scope of of interest, and a a logic logic program program P P as as aa means means of of modifying modifying this structure oot [P] , which call the P-envelope of this information information oot 9~t to to a a new new structure 9Yt[P], which we we call the P-envelope of oot. ffJt. 3.2.1. Let 3.2.1. Definition. Definition. Let oot ffJt be be a a four-valued four-valued C s structure structure and and P P aa logic logic program program in the P-envelope which has in sC. Then Then the P-envelope oot[P] ffJt[P] of of oot ff)t is is the the C s structure structure which has the the same same universe with oot symbols; if universe as as oot ffJt and and agrees agrees with ffJt on on the the interpretation interpretation of of the the function function symbols; if R P, then R is is a a relation relation symbol symbol of of C s and and DR[iI] DRIp7] its its definition definition form form with with respect respect to to P, then we we set (R) (m) := oot(DR[m]) oot l . set oot[P] ffJt[P](R)(rh):= ffJt(Dn[nh]) for for all all m n5 E e l19Jtl.
It definition that It follows follows from from this this definition that the the P-envelope P-envelope of of aa two-valued two-valued structure structure is is two-valued two-valued and and that that of of an an upper upper or or lower lower three-valued three-valued structure structure is is upper upper or or lower lower three-valued, respectively. In general it extension of three-valued, respectively. In general it is is not not the the case case that that oot[P ffJt[P]] is is an an extension of oot, but property is ffJt, but at at least least the the following following property is given. given. 3.2.2. Let 3.2.2. Remark. Remark. Let oot ~ and and !.Jl fit be be four-valued four-valued/:C structures structures and and assume assume that that P P is is aa logic logic program program in in sC. Then Then we we have: have:
oot 9 / t _[; !.Jl 9t
==> ~
oot[P] 9 / t [ P ] _[; !.Jl[P] 9tIP]..
5
G. G. Jager J@er and R. Stark StSrk
66522
Hence the formation Hence the formation of of envelopes envelopes is is monotone. monotone. Making Making use use of of envelopes, envelopes, it it is is now now an an easy task task to easy to characterize characterize those those structures structures which which are are adequate adequate to to aa logic logic program program P. P.
VJt
3.2.3. Let 3.2.3. Remark. Remark. Let ff~ be be a a four-valued four-valued equational equational structure structure for for C s and and assume assume that logic program only if that P P is is a a logic program in in C. s Then Then ffY~is is adequate adequate to to P P if if and and only if ffY~[P] � _E 9)t.
VJt
VJt[P] VJt.
There close relationship There is is a a close relationship between between four-valued four-valued and and lower lower three-valued three-valued adequate adequate structures. structure which structures. Every Every four-valued four-valued structure which is is adequate adequate to to a a logic logic program program P P extends extends a a lower lower three-valued three-valued structure structure which which is is invariant invariant under under the the formation formation of of its its P-envelope P-envelope and and thus thus adequate adequate to to P P by by the the previous previous remark: remark: 3.2.4. 3.2.4. Proposition. P r o p o s i t i o n . Let Let P P be be aa logic logic program program in in C s and and VJt ~ aa four-valued four-valued C L struc strucP. Then ture ture which which is is adequate adequate to to P. Then there there exists exists aa lower lower three-valued three-valued structure structure IJ1 9l for for C L soso that that IJ1 9I � E VJt ffJ~ and and IJ1[P] 9~[P] = - 1J1. 9t. Proof. P r o o f . Let Let K K be be the the nonempty nonempty set set of of all all lower lower three-valued three-valued structures structures for for C s which which are K, � are extended extended by by VJt. 9)t. Then Then ((K, K) is is a a complete complete partial partial ordering. ordering. In In addition, addition, the the operation operation which which maps maps an an element element of of K K to to its its P-envelope, P-envelope, which which belongs belongs to to K K as as well, is well, is monotone monotone according according to to Remark Remark 3.2.2. 3.2.2. Therefore Therefore there there exists exists a a structure structure IJ1 9t 0 as claimed in as claimed in the the assertion. assertion. []
)
We have for all logic programs in and for all formulas that is a 4-adequate consequence of if and only if is a lower consequence of i.e., i.e.,
3.2.5. 3.2.5. Corollary. Corollary. We have for all logic programs P P in C s and for all C s formulas that A A is a 4-adequate consequence of P P if and only if A A is a lower consequence of P, P, P~4A
[1985]
[1987]
~, ,~
P~v
A.
Fitting Fitting [1985] and and Kunen Kunen [1987] use use slightly slightly different different definitions definitions and and introduce introduce the the notion model of notion of of aa three-valued three-valued model of the the completion completion comp(P) of of aa logic logic program program P. P. Then Then it it is is obvious obvious that that one one has has the the following following correspondence: correspondence:
comp(P)
VJt
3.2.6. Let 3.2.6. Remark. Remark. Let P P be be a a logic logic program program in in C s and and if2 aa lower lower three-valued three-valued model of completion comp(P) if structure for structure for sC. Then Then 9)t is is aa three-valued three-valued model of the the completion if and and only only if if ff2[P] = = 9/1:.
VJt[P] VJt.
VJt
comp(P)
3.3. 3.3. Least Least adequate a d e q u a t e sstructures tructures
Standard techniques Standard techniques of of the the theory theory of of inductive inductive definitions, definitions, as as presented, presented, for for the means show that that all all logic example, in Moschovakis example, in Moschovakis [1974], provide provide the means to to show logic programs programs P P lower three-valued) three-valued) structures P. These have have least least ((lower structures which which are are adequate adequate to to P. These structures structures are are generated generated by by iterating iterating the the formation formation of of P-envelopes P-envelopes through through aa sufficiently sufficiently large large initial initial segment segment of of the the ordinals. ordinals. If If 9Yt is is a a four-valued four-valued structure structure for for C L: then then 3VJt 39/1:is is the the lower lower three-valued three-valued structure structure for for C s which which has has the the same same universe universe and and the the same same interpretation interpretation of of all all function function symbols symbols as as 9)t and and interprets interprets each each relation relation symbol symbol as as identically identically u. u. A A family family (ffJ~i : i E E I) I) of of
[1974],
VJt
VJt
(VJti : i
653 653
A Proof-Theoretic Framework for Logic Programming
based on
!.m 3!.mi =
four-valued four-valued structures structures for f o r /.c: is is based on a a four-valued four-valued structure structure ~ if if 3ffJ~i = 3!.m 3931:for for all all ii E E /. I. Now be aa non-empty family of Now let let (ff)l:i :: i E E /) I) be non-empty family of four-valued four-valued structures structures for for .c s which which are based based on on aa four-valued four-valued .c s structure structure 931:. Then Then the the limit Iliei ffJ~i of of this this family family is is are the the four-valued four-valued structure structure SJt fit for for .c s so so that that 33fit - 3!.m 3ff2 and and
(!.mi i
limit UiEI !.mi SJt = fft(R)(r5) SJt(R)( m) :=:= llimff2i(R)(rh) i� !.mi(R)(m) !.m lI.. This for relation symbols for all all relation symbols R R of of .c s and and m r5 E E l]gJl: This implies implies that that the the degree degree of of evidence evidence for for (against) (against) a a positive positive literal literal R(~) ff2~, if if it it is is 11 in in some some !.mi, ff)l:~, R(a) isis 11 inin Ui]l~eiE/ !.mi, and 0 otherwise. !.m.
and 0 otherwise.
P
!.m
3.3.1. Let 3.3.1. Definition. Definition. Let P be be aa logic logic program program in in .c s and and if2 a a four-valued four-valued .c s struc structure. Then we we define by recursion on the the ordinals the following following four-valued four-valued structures structures ture. Then define by recursion on ordinals the for for .c: s
+l := J9Jt], J!.m� ~[~p := "--" 3!.m, 3~)~, ~ff~p+l .= J�[P], 3ff~p[P], 3 ~ P := U U J!.m}, 39~p J� ~ + w, i.e., 3~+ +~w = = Jp. 3p. One One simply simply has has to to consider consider the the definition definition forms forms DR[U] DR[u] and and Ds Ds[u] and S S with with respect respect to to P: P: [u] ofof RR and f (x) /\ A R(x)) R(x)) and and ::I 3xx (u (u = = f(x) f (x) /\ A S(x)) S(x)) v V ::I3xx R(x). R(x). ::I3xx (u(u =-- f(x) :-
654 654
G. G. Jager JSger and R. Stark StSrk
J�
Trivial induction induction on on the the ordinals ordinals shows the structures structures :iffJ~p and and the the structure structure Trivial shows that that the :iMp are are lower lower three-valued. three-valued. Furthermore, Furthermore, if if aa four-valued four-valued s structure structure 9~ is is adequate adequate then :iff~p [;:; to to P P and and 3ffYt - 39~, then _ 9~ for for all all a a E E On. In In view view of of Remark Remark 3.2.3 we we therefore obtain the therefore obtain the following following theorem. theorem.
Jv.np
3v.n = 3!J1,
J� !J1
On.
.c
!J1
3.2.3
3.3.3. Let 3.3.3. Theorem. Theorem. Let P P be be aa logic logic program program in in .c f~ and and v.n ffJ~ aa four-valued four-valued structure structure for lower three-valued for .c. L. Then Then Jv.np :iffJ~p is is aa lower three-valued structure structure which which is is adequate adequate to to P P.. In In addition, to PP and addition, iiff !J1 9~ is is aa four-valued four-valued structure structure for for .c L which which is is adequate adequate to and satisfies satisfies 3ffJ~ 39~, then then we we have have Jv.np :iMp [;:; ~ !J1. ~[~. 3v.n == 3!J1, This This theorem theorem implies, implies, in in particular, particular, that that the the structures structures Jp :JR are are the the least least four-valued four-valued P. Some Some simple Herbrand Herbrand structures structures which which are are adequate adequate to to the the logic logic programs programs P. simple reflections reflections on on the the high high logical logical complexity complexity of of the the structures structures Jp, :IF, which which is is reflected reflected K by the the fact fact that that the the three-valued three-valued closure closure ordinals ordinals may may be be as as large large as as w wf oK,, make make it it by clear that the least least adequate only be clear that the adequate structures structures can can only be of of limited limited use use for for a a procedural procedural approach to to logic logic programming. programming. It It follows, follows, for for example, example, that that in in general general the the collection collection approach of of all all closed closed formulas formulas true true in in :ip is is not not even even first first order order definable. definable. We We agree agree with with Kunen Kunen [1987] that that the the "procedural "procedural content" content" of of aa logic logic program program P P is is better better approached approached by finite stages by the the finite stages (:i~ 9n n < < w w)) of of :IF-
Jp
[1987]
(Jp :
Jp.
3.4. 3.4. The T h e finite finite stages stages of of least least adequate a d e q u a t e structures structures
This This thesis thesis is is also also supported supported by by the the following following observations. observations. Taking Taking up up an an idea idea of of assigns to Kunen [1987] and Kunen and Shepherdson Shepherdson [1988] one one assigns to each each .c s formula formula A and and natural natural number number n n an an equality equality formula formula E~(A), which which depends depends on on the the given given logic logic program program P. P.
[1987]
[1988] Ep (A),
3.4.1. 3.4.1. Definition. Definition.
A
Let Let P P be be a a logic logic program program in in .c s . For For every every n n < < w w and and every every
formula A A we the equality formula E E~(A) by induction induction on on n. .cs formula we define define the equality formula p (A) by 1.1. IfIf AA isis an (A) := A. an atomic atomic equality equality formula, formula, then then E E~(A) := A. p 2. 2. If If R R is is a a relation relation symbol symbol of of .c s and and D DR[g] the definition definition form form of of R R with with respect respect R [it] the n.
to P, then to P, then we we set set
E�(R( E~ _1_, E~ R (a)) := := 1-, _1_, E�(..., a)) :=:= 1-, l 1 :- E E~(DR[~]), EE~+I(R(~)) p (DR[a]), EE~+I(-~R(~)):p (...,DR [a]). �+ (R(a)) := �+ (""R(a)) := EE~(~DR[~]). 3.3. The The propositional propositional connectives connectives and and quantifiers quantifiers are are dealt dealt with with in in the the obvious obvious way: way:
B) ::= - E E~(A) B) ::=- E E~(A) EE~(A p (B), p (A) /\A EE~(B), p (A /\A B) p (A) VV EE~(B), p (B), EE~,(A p (A VV B) := 3xE 3xE~,(A)(x), xEp (A)(x). EE~(3xA(x)) p (V'xA(x)) :=:= V'VxE~(A)(x). p (3xA(x)) := p (A)(x), EE~(VxA(x)) Now Now the the lemma lemma below below reduces reduces truth truth of of A A in in the the finite finite stages stages Jv.n� :iffJt~ of of the the lower lower three-valued structures structures Jv.np three-valued :iMp to to two-valued two-valued validity validity of of the the formulas formulas E E~(A). p (A). ItIt isis
essentially proved essentially proved by by main main induction induction on on n n and and side side induction induction on on the the rank rank of of the the formulas formulas involved. involved.
655 655
A Proof-Theoretic Pro@ Theoretic Framework for for Logic Programming Programming
Let Let P P be be a a logic logic program program in in £, s and and !JJt ffJ~ a a four-valued four-valued £, s structure. structure. Then have for closed £,s formulas A and Then we we have for all all closed formulas A and all all n n <w w":
3.4.2. 3 . 4 . 2 . Lemma. Lemma.
J!JJt � (A) = 3ffJC~p(A) = tt
� -: -
~ E�(A) E~(A). . J3ff~p 9Jtj, F
This lemma may be be combined combined with with Theorem Theorem 2.5.1. 2.5.1. As As aa result result we we have have aa reduction reduction This lemma may of of truth truth in in the the finite finite stages stages J� 3~ to to purely purely equational equational reasoning. reasoning.
Let Let P P be be aa logic logic program program in in s£', A A an an £, s formula formula and and n n < w w.. Then Then we we have have the the equivalence equivalence
3.4.3. 3.4.3. Theorem. Theorem.
J�(A) ?Pp(A) = = tt
~, ,~ �
CETs IF- E�(A) E ~ ( A ) ,, CETc.
provided provided that that £, s is is infinite. infinite. On On the the other other hand, hand, if if £, s is is finite, finite, then then one one only only obtains obtains that that J�(A) :I~p(A) = = tt
-: "�
CETc. CETc + + DCAc. DCAL It- E�(A). E~(A).
4. Deductive 4. D e d u c t i v e systems s y s t e m s for f o r logic l o g i c programs programs
After the the preceding preceding semantic semantic considerations considerations we we will now approach approach logic logic program programAfter will now ming procedural way. ming in in aa more more deductive deductive and and procedural way. Traditionally, Traditionally, aa logic logic program program is is often often regarded possible to regarded as as aa set set of of axioms. axioms. Alternatively, Alternatively, however, however, it it is is also also possible to replace replace this this programs-as-theories interpretation interpretation of of logic logic programs programs by by aa programs-as-deductivesystems paradigm paradigm (cf. (cf. e.g. e.g. Hallniis Halln~is and and Schroeder-Heister Schroeder-Heister [1990] [1990],, Jager J~iger [1994] [1994], ' Schroeder-Heister [1991] conceptually closer Schroeder-Heister [1991], Stark St~irk [1991,1994a]) [1991,1994a]) so so that that one one is is conceptually closer to to aa ' procedural understanding understanding of procedural of logic logic programming. programming. We begin with introducing aa calculus R(P) for P, which We begin with introducing calculus TO(P) for each each logic logic program program P, which will will provide are provide the the widest widest framework framework for for the the following following considerations. considerations. The The systems systems R(P) 7r are designed the model designed for for aa proof-theoretic proof-theoretic treatment treatment and and form form aa link link between between the model theory theory of -resolution) of logic logic programming programming and and very very specific specific proof proof procedures procedures (like (like SLDNF SLDNF-resolution) suited will also R(P) which suited for for implementations. implementations. Later Later we we will also study study subsystems subsystems of of the the 7r which arise arise naturally naturally in in the the context context of of logic logic programming. programming.
programs-as-theories systems
programs-as-deductive
4.1. 4.1. The The calculi calculi R(P) TO(P)
The The following following deduction deduction systems systems are are presented presented in in aa Tait-style Tait-style manner. manner. Accord Accordingly, ingly, the the axioms axioms and and derivation derivation rules rules are are formulated formulated for for finite finite sets sets of of £, Z: formulas formulas which which are are interpreted interpreted disjunctively. disjunctively. The The capital capital Greek Greek letters letters r, F, A A,, II, H, �, E , .. ... (pos (possibly sibly with with subscripts) subscripts) denote denote finite finite sets sets of of £, s formulas, formulas, and and we we write write (for (for example) example) r, A {A, B}. r, F, A A,, A, A, B B for for the the union union of of F, A and and {A, B}. Given Given aa four-valued four-valued structure structure !JJt ffJr for for £' s, we ( r) for we sometimes sometimes simply simply write write !JJt 9Jt(F) for the the truth truth value value of of the the universal universal closure closure of of the the disjunction t . We disjunction of of the the formulas formulas in in r F according according to to !JJ YJ~. We say say that that r F is is valid in in !JJt ffJr if if ~ ( r( r) ) = : tt.. !JJt The for The systems systems R(P) 7r for logic logic programs programs P P are are extensions extensions of of the the usual usual Tait Tait calculus calculus for for predicate predicate logic logic (cf. (cf. e.g. e.g. Tait Tait [1968]) [1968]) by by adding adding equality equality axioms axioms and and so so called called
.
valid
G. Jager and R. Stark
656
program which take care of program clauses clauses in the program rules rules which take care of the the program in P. P. Altogether Altogether we we have have the
following axioms and and rules. following five five classes classes of of axioms rules. I. Logical I:- formulas Logical axioms. a x i o m s . For For all all atomic atomic/:: formulas A" (LI) (L1) F,-~A, A, (L2) (L2) F, T. T. The The axioms axioms (LI) (L1) are are often often called called identity axioms. They They will will play play an an important important role role later. later. II. Equality II. E q u a l i t y axioms. a x i o m s . For For all all I:Z: terms terms al a l ,, .. ... ., a, an, n , bI b l,, .. ...., b, bn n so so that that the the set set of of equations {a bn} is equations {all = = bI b l,, .. .. .., , an an = = bn} is not not unifiable: unifiable:
A:
r, -,A, A, r,
identity axioms .
(EI) (El)
r,
#
# bn.
c, d
For For all all I:s terms terms aI a l ,, .. ... ., , an, an, bI b l,, .. .. .., , bn, bn, c, d so so that that {al {al = - bI b l,, .. .. .., , an an = = bn} bn} is is unifiable unifiable with with a a most most general general unifier unifier ()0 and and cO is is syntactically syntactically identical identical to to dO:
c()
(E2) (E2)
d():
F, al ~ b l , . . . , an ~ bn, c = d.
A
B,
u
III. III. Logical Logical rules. rules. For For all all I:s formulas formulas A and and B, all all I:s terms terms a a and and all all free free variables variables u which do occur in which do not not occur in F, VxA(x):
r, V'xA(x):
r,F, AA r,F, BB (1\), r, BB V2) , F, r,F, AA A1\BB (A), r,F, AA VvBB ((V2), r,F, A(a) r,F, A(u) A(a) A(u) , (3) V'). 3xA(x) (3), r,F, V'VxA(x) xA(x) ((V). r,F, 3xA(x) IV. rules. For IV. Cut C u t rules. For all all I:Z: formulas formulas A: A: r,F, AA r,r, -,A ~A (cut) . rF The The formulas formulas A A and and -,A ~A are are called called the the cut cut formulas formulas of of this this cut; cut; the the rank rank of of aa cut cut is is r,F, AA VI ) , r,F, AA VVBB ((Vl),
the the rank rank of of its its cut cut formulas. formulas.
R
V. P. For definition form V. Program P r o g r a m rules rules for for P. For every every relation relation symbol symbol R of of I:Z: and and its its definition form Dn[~7] with with respect respect to to the the logic logic program program P P and and all all I:s terms terms ~ we we have have the the following following positive positive and and negative negative program program rules: rules:
DR[U]
r,F, DR[ii] DR[ ] (+R), r,r, R(ii) ( +R) ,
r,
ii
(-R).
One should should emphasize emphasize that One that the the program program rules rules are are impredicative impredicative in in the the sense sense that that the the rank rank of of the the main main formula formula of of the the premise premise of of such such aa rule rule is is in in general general greater greater than than the the rank corresponding conclusion. rank of of the the main main formula formula of of the the corresponding conclusion. R(P) is Based Based on on these these axioms axioms and and rules rules of of inference inference derivability derivability in in TO(P) is introduced introduced R(P) ~_n F expresses in in the the standard standard way. way. The The notation notation TO(P) expresses that that F is is provable provable in in R(P) Ti(P) by by a a proof proof whose whose length length and and cut cut complexity complexity are are bounded bounded by by n n and and r, r, respectively. respectively.
f-� r
r
657 657
Proof-Theoretic Framework Framework .for for Logic Programming Programming AA Proof-Theoretic
.c
.c
4.1.1. Definition. Definition. Let Let PP be be aa logic logic program program in in s and and Fr aa finite finite set set of of s formulas. formulas. 4.1.1. Then we we define define 7~(P) R(P) F-~ I-� Fr for for all all n, r > 00 for for some some 11 $ _< jj $ _ k: k" We We can can assume assume that that L1 is is positive positive and and 00 < < nl. Let Let B ' - M 1 , . . . , Mt be be aa clause clause from from P P and and a and and T T be be substi substitutions tutions so so that that L l a = - BT. We We have have to to show show that that the the goal goal M I T , . . . , MtT, L 2 a , . . . , Lka is BI) and is in in N(P) N ( P ) . . Note Note that that by by ((B1) and (B2) (B2) the the goal goal M M 1I T, T , . . . , MIT, L 2 a , . . . , L~a belongs belongs By assumption, to to SS - ((P) P ) . . Let Let ()0 be be a a substitution. substitution. By assumption, there there exists exists an an 11 $ _< i $ < kk so so that that 3ffYt~p~(LiaO) = = ff.. If If i = 11,, then then YffJt~pl(LlaO) = ff and, and, by by the the definition definition of of the the finite finite $ jj $ f. Since stages stages 39Jt~, there there exists exists aa 11 _< < Cg so so that that 39Jt~1-1(MjT0) = - f. Since
G Case 2. G i Lj nj nl. B : - M1, . . . , Mi L1 a BT. i=
J9Jl'}1 (Lia()) J9Jl�,
g.
r nl-l
W r n2 W . . . -t- r nk
The The following following shorthand shorthand notation notation will will bbee used used from from now now on: on" If If r F iiss the the set set then rF ++ stands stands for the corresponding {A1,..., of s formulas, formulas, then for the corresponding set set {At { A +,, .. .. .., A +} {Al , . . . An} of of relationship between of L:~ formulas. formulas. Then Then the the relationship between the the identity-free identity-free and and cut-free cut-free deriva derivais obvious: in the of the in 7~(P) and tions in and a(P) is obvious: they they are are identical identical in the sense sense of the following following tions lemma. lemma.
£�
, An } £ R(P) 8(P)
, A�}
A ProofTheoretic Framework for Logic Programming Proof-Theoretic
6.2.3. Lemma 6.2.3. L e m m a ..
.cs formulas: formulas:
675 675
We We have have for for all all logic logic programs programs P P in in .c s and and finite finite sets sets r F of of R( P) It-o 8(a(P)P) It-o T~(P) H-o r F ~ ~-o rr ++.. {=:}
Together with with Theorem Theorem 4.3.1 4.3.1 which which states states cut cut elimination elimination for for identity-free identity-free derivations derivations Together in 7~(P) we we therefore therefore obtain obtain the the following following result result about about the the relationship relationship between between 7~(P) in and and O(P).
R(P) 8(P).
R(P)
Let Let P P be be aa logic logic program program in in .c s and and r F be be aa finite finite set set of.c of s formulas. formulas. Then we we have the following following equivalences: equivalences: Then have the r. R(P) r r 8(P) T~(P) It-o H-oF O ( P ) ~f- Fr++ < :- R(P) 7~(P) Ittt-F. This This means means that that the the identity-free identity-free and and the the identityidentity- and and cut-free cut-free derivations derivations in in R(P) 7~(P) correspond exactly exactly to to the the positive positive fragment fragment of of 8( O(P). The following following side side remark remark refers refers correspond P). The to cut-free cut-free derivations derivations in T~(P) which which permit permit identity-axioms. identity-axioms. to in R(P) 6.2.5. Let TOT) consist 6.2.5. Remark. Remark. Let ((TOT) consist of of the the following following sets sets of of .c� s formulas formulas which which 6.2.4. 6.2.4. Corollary. Corollary.
{=:}
{=:}
express express that that all all pairs pairs (R (R + +,, R-) R-) are are total total in in the the sense sense that that at at least least one one of of the the two two R-- ((it) is true: formulas formulas R ~ ) oor r R+ R + (a) (~)is true: ((TOT) TOT)
F, R-(g), R + (~).
P .c It-o r+ .
r
Then Then one one immediately immediately has has for for all all logic logic programs programs P in in s and and all all finite finite sets sets F of of E-formulas" .c-formulas: TOT) H-o F +. n ( P ) bo F {=:} < :- O(P) + + ((TOT)
R(P) f-o r
8(P)
The calculus is, The general general role role of of cuts cuts and and cut-free cut-free derivations derivations in in the the sequent sequent calculus is, for for example, in Girard and Girard, Lafont and example, analyzed analyzed in Girard [1987b] [19875] and Girard, Lafont and Taylor Taylor [1989] [1989].. Similar Similar results results about about the the identity-free identity-free derivations derivations in in the the sequent sequent calculus calculus are are contained contained in in Hosli [1994]. HSsli and and Jager Js [1994]. This This article article also also studies studies the the close close dualities dualities between between cut-free cut-free and identity-free derivations. and identity-free derivations. 6.3. 6.3. The T h e inductive inductive extension e x t e n s i o n of of logic logic programs programs
The partial completions logic programs The partial completions of of logic programs are are comparatively comparatively weak weak theories. theories. They They are are not not powerful powerful enough enough to to prove prove many many interesting interesting properties properties of of logic logic programs programs and, and, for instance, the clearer, consider for instance, the equivalence equivalence of of logic logic programs. programs. To To make make this this point point clearer, consider the the following following two two examples. examples. 6.3.1. 6.3.1. Example E x a m p l e (( Termination T e r m i n a t i o n )). . We We use use the the same same notions notions as as in in Example Example 5.2.8 5.2.8 and and let let P1 be be the the logic logic program program which which consists consists of of the the following following clauses: clauses: list ([]) list([]) list list([ ([ulv]) l ]) :: - list li t(v) member(u, member(u, [ulv]) [ulv]) member(u, [vlw]) [vlw])::member(u, w) w) member(u, - member(u,
PI
(v)
676 676
G. Jager J6ger and R. Stark St6rk G.
Suppose, that that we we want want to to prove prove that that for for every every term term aa and and every every list list bb the the goal goal Suppose, member(a, b) b) either either succeeds succeeds or or fails fails using using SLDNF-resolution. SLDNF-resolution. By By our our previous previous results results member(a, we we know know that that this this is is equivalent equivalent to to the the statement statement that that the the partial partial completion completion of of P1 proves the the formula formula proves
Pl
+ (u, - (u, v)). l i s t ++( (v) v ) -+ ~ (member (member+ (u, v) v) V V member member-(u, v)). list However, it it is is easy easy to to see see that that this this is is not not possible possible without without making making use use of of some some form form However, of induction. induction. of
6.3.2. 6.3.2. Example E x a m p l e (Equivalence). (Equivalence). Now Now we we define define the the addition addition of of natural natural numbers numbers in two two different different ways: ways: by by recursion recursion on on the the first first argument argument and and by by recursion recursion on on the the in second argument. argument. Let Let P2 be be the the following following logic logic program: program: second nat(0) nat (0) ~at(~(u)) :: - nat ~at(u) nat(s(u)) (u) addl (O, (0, u, u, u) u) addl ~ddl(~(u),, ~, ~(~)) :: - addl addl(~, v, w) ~) addl(s(u) v, s(w)) (u, v, add2 (u, 0, 0, u) u) add2(u, ~dd2(u, s(v) ~(~),, s(w)) ~(~)) :: - add2(u, add2(u, ~, ~) add2(u, v, w) It would would be be nice nice if if one one could could show show that that both both definitions definitions have have the the same same input/output input/output It behavior. Unfortunately, Unfortunately, this this is is not not possible possible in in compS(P2); for for example, example, the the following following behavior. formula is is not not provable provable there: there: formula
P2
comp�(P2);
n~t+(u) ^ .~t+(~) -~ (~ddl+(~, ~, ~) ~ add2+(~, ~, ~)).
In ciencies we partial completion suited In order order to to overcome overcome these these defi deficiencies we add add to to the the partial completion suited forms of induction. induction. The following. Suppose we are are given given aa logic forms of The basic basic idea idea is is the the following. Suppose we logic program in .c s which contains the relation symbol symbol R0,..., P~.. Then we collect collect all all program P in which contains the relation Ro, . . . , R" Then we positive formulas formulas Dt positive D ~ [x] [~] and and DR. D ~ [~] and consider them as as the the definition definition clauses clauses of of [x] and consider them aa simultaneous simultaneous inductive inductive definition the relations relations R Rt, ,...,R R;;, R;; in the definition SID SID of of the +, RO R0-,..., +, R~ in the sense of, for sense of, for example, example, Moschovakis Moschovakis [[1974]. 1974] . The partial completion expresses that that these relations are this simul simulThe partial completion expresses these relations are closed closed under under this does not say that the relations relations Rt taneous inductive not say that the R+ taneous inductive definition. definition. However, However, compS(P) does and R; are fixed fixed points, let alone least fixed fixed points of SID. SID. The next step step is is therefore therefore and R~- are points, let alone least points of The next to add further induction induction principles principles which which enforce the relations relations Rt to add further enforce the P~,, RO R o ,, . ... ., , R +, R;; R~ R;;, to to be be least least fixed fixed points. points. For notational convenience convenience we we have to introduce introduce some some shorthand shorthand notations: notations: Let Let For notational have to P be be aa logic logic program program in in s which which contains contains the the relation relation symbols symbols R0,..., Ro, . . . , P~. R" . Then Then we we write write closed(P) for for the the formula formula
P
comp� (P)
.
P
closed(P)
.c
n
n
Rt (x)) /\ VZ /)~(VZ R; (x))). (DR. [x] --+ (Dt [x] --+ V'x (D~[Z] -+ R+(Z))A -+ R~-(Z))). � (V'x (D~[Z] i=O
(CLOSURE) (Ct,osuRP,)
i--O
closed(P)
comp�(P).
is provable in compS(P). Now Now suppose suppose further further that that we we have for Obviously closed(P) is Obviously provable in have for relation symbol symbol P~ R; two two s formulas formulas Ai(g) Ai(it) and and Bi(~7) Bi(it) with with distinguished distinguished free free each each relation
.c�
677 677
A Proof-Theoretic Framework Frameworkfor Logic Logic Programming Programming
closed (P, Ji+ Jiclosed(P) Rt(ii) Ai (ii) R;(ii) Bi (ii) n. sub (Ji+, Ji-, (R t + ((si!) --+ Ai( Ai (~)) (R:,; ((~) Bi (5c'))). i!) --+ Bi(X))). i!)) 1\A VV~i! (R i�=O (V(V~i! (R 6.3.3. 6.3.3. Definition. Definition. Let Let P P be be a a logic logic program program in in .c. s Then Then the the inductive inductive extension extension ind'(P) of of P P is is the the/:~ theory which which consists consists of of comp�(P) compS(P) and and comprises comprises the the following following ind�(P) {} theory
variables i1 variables g = = UI t t l ,,. .. .. . ,, Urn Urn,, provided provided that that Ii; R / iis s m-ary. m-cry. Then Then closed(P, R+/.4, ) /X, R - //BB) is the the formula formula which from closed(P) by by simultaneously simultaneously replacing replacing each each oc ocis which results results from currence currence of of R+(g) by by Ai(~) and and R~-(~) by by Bi(~) for for 00 < _ i < _ n. As As additional additional abbreviation abbreviation we we write write sub(R + X, .4, .~-, B) B) for for n
-+
-+
i=0
additional additional axioms axioms
- /B) -+--+ sub + /X, JiR-IB) (Ji++, X, closed(P, closed(P, Ji R+I.4, sub(R .4, Ji R-,-, B) B)
(MINIMALITY) (MINIMALITY)
.c�
for B with for all all s formulas formulas X A and and/9 with a a suitable suitable number number of of distinguished distinguished free free variables. variables.
ind�(P)
From From the the point point of of view view of of inductive inductive definitions definitions ind'(P) is is an an extremely extremely natural natural theory. theory. We We can can show show in in ind'(P) that that for for each each relation relation symbol symbol R of of P the the relation relation symbols symbols R + and and R - are are least least fixed fixed points points of of the the simultaneous simultaneous inductive inductive definition definition which which corresponds corresponds to to P in in the the sense sense described described above. above. This This means, means, in in particular, particular, that that in ind'(P). Further induction induction on on all all R + and and R - is is available available in Further one one can can prove prove in in the the inductive inductive extension extension of of P that that R + and and R - have have no no elements elements in in common. common. Although Although strong strong induction induction principles principles are are added added to to compS(P), the the theory theory ind'(P) is is a a conservative conservative extension extension of of compS(P) with with respect respect to to positive positive s formulas. formulas. The The proof theorem is proof of of the the following following theorem is obvious obvious from from the the elementary elementary theory theory of of inductive inductive definitions. definitions.
R+
R P RP R+ Rind�(P). P R+ Rcomp�(P), comp�(P) .c�
6.3.4. 6.3.4. Theorem. Theorem.
.c�ffl formulas formulas A: A"
ind�(P)
ind�(P)
Let Let P P be be aa logic logic program program in in .c. L. Then Then we we have have for for all all positive positive ind'(P) F- A
~
compS(P) F- A.
The sound The combination combination of of the the previous previous result, result, Theorem Theorem 6.1.3, 6.1.3, Theorem Theorem 5.3.1 5.3.1 ((soundness completeness of ness of of SLDNF-resolution SLDNF-resolution)) and and Theorem Theorem 5.3.5 5.3.5 ((completeness of SLDNF-resolution SLDNF-resolution)) provides for the provides a a powerful powerful framework framework for the analysis analysis of of logic logic programs. programs. We We show show this this by by continuing the introduced above. continuing the discussion discussion of of the the programs programs P1 and and P2 introduced above. First termination in induction is First we we turn turn to to the the question question of of termination in Example Example 6.3.1 6.3.1.. Since Since induction is available, available, it it is is easy easy to to see see that that we we have have
PI
P2
+ (x, + (y) --+ (member - (x, y))). � (Pd f-F-VxVy(list ind y) V member ind'(P1) VxVy(list+(y) (member+ (x, y)V member-(x, y))). (1) (1) Now Now choose choose arbitrary arbitrary terms terms a and and bb so so that that list l i s t ( b(b) ) succeeds succeeds using using SLDNF SLDNFresolution, we can resolution, i.e., i.e., list(b) l i s t ( b ) R(P) R ( P ) c. Then Then we can conclude conclude that that member(a, member(a, b) b) either either -+
a
succeeds succeeds or or fails fails using using SLDNF-resolution SLDNF-resolution by by the the following following argument: argument: In In view view of of Theorem 5.3.1 Theorem 6.1.3 Theorem 5.3.1 and and Theorem 6.1.3 we we have have
compS(P1) F- list+(b).
(2)
678 678
G. G. Jager Jhger and R. Stark Sthrk
ind�(Pl )
ind�(Pl )
Since ind'(P1) is is an an extension extension of of comp�(Pt) compS(P1),, we we obtain obtain from from (1) (1) and (2) that Since and (2) that ind'(P1) + (a, b) - (a, b) proves proves member member+(a, b) V V member member-(a, b).. Hence Hence the the previous previous theorem theorem implies implies
compS(P1) F member+(a, b) V member-(a, b).
(3) (3)
Applying Applying Theorem Theorem 5.3.5 5.3.5 and and Theorem Theorem 6.1.3 6.1.3 with with the the mode mode assignment assignment of of Ex Example that either ample 5.2.6 5.2.6 yields yields that either member(a, member(a,b) for some substitution a a or or b) R ( P ) aa for some substitution member(a, b) b) E E F(P). In In other other words, words, the the goal goal member(a, member(a, b) b) succeeds succeeds or or fails fails using using member(a, SLDNF-resolution. SLDNF -resolution. After After the the treatment treatment of of termination termination of of logic logic programs programs we we come come back back to to the the problem problem of of the the equivalence equivalence of of the the logic logic programs programs in in Example Example 6.3.2. 6.3.2. It It is is easy easy to to verify verify that that we we have have
R(P)
F(P).
i~d~(P~) F wvyvz(~t+(~)A ~t+(y)-+ (~ddl+ (z, y, z) ~ ~dd2+(~,y, z))). (4) Let be terms terms so that the the goals goals nnat(a) at (a) and ( b) succeed Let a, a, bb and and c be so that and nat nat(b) succeed using using SLDNF SLDNFresolution. resolution. Since Since the the program program P2 is is definite, definite, we we can can use use the the trivial trivial mode mode assignment assignment of Example Example 5.2.6, 5.2.6, and and by by the the same same argument argument as as above above we we can can conclude conclude that that the the goal goal of add 1 (a, b, b, cc)) addl(a, b, cc)) succeeds succeeds using using SLDNF-resolution SLDNF-resolution just just in in case case that that the the goal goal add2(a, add2(a, b, succeeds. succeeds. The The two two relations relations add1 addl and and add2 add2 do do not not only only have have the the same same behavior behavior with with respect respect to share the to success success but but also also share the same same behavior behavior with with respect respect to to failure. failure. We We first first observe observe that that (5) (add1 + (x, y, z) V add1 ind~(P2) f-I- 'v'x'v'y'v'z VxVyVz(nat+(x) -+ (addl+(x,y,z) addl-(x,y,z))) (5) (nat + (x) -+ - (x, y, z)))
P2
ind � (P2 ) and and + (x, y, z) V add + (y) -~ (add2 � (p2 ) f-F 'v'x'v'y'v'z(nat (6) ind~(P2) VxVyVz(nat+(y) (add2+(x,y,z) add2-(x,y,z))). ind T (x, y, z))). � (P2 ) proves - (x)) for Lines (5), (6) (:l) /\ R Lines (4) (4),, (5), (6) and and the the fact fact that that ind ind'(P2) proves 'v'x-.(R+ V%-~(R+(%)A R-(%)) for any any -+
relation yield that that relation R R of of £, s yield
i~d~(P~) F WVyW(~t+(~) ^ ~t+(y) ~ (~ddl-(~, y, z) ++ ~dd2-(~, y, z))). From this we b, cc)) fails using SLDNF-resolution From this we can can conclude conclude that that the the goal goal add1(a, addl(a, b, fails using SLDNF-resolution c) fails if aa,, bb and at(a) and if if and and only only if if the the goal goal add2(a, add2(a, b, b, c) fails if and c are are terms terms so so that that n nat(a) and succeed. Thus, at(b) succeed. nnat(b) Thus, the the relations relations add1 addl and and add2 add2 have have the the same same behavior behavior with with respect respect to to success success and and failure. failure. 7. Concluding Concluding remark remark
In In discussing discussing the the foundations foundations of of logic logic programming programming it it is is often often possible possible to to distin distinguish guish between between three three levels levels of of abstraction: abstraction: I.I. Declarative Declarative semantics. semantics. Semantical Semantical considerations considerations about about logic logic programming programming are are of often guided ten guided by by the the attempt attempt of of constructing constructing suitable suitable minimal minimal models models of of logic logic programs. programs. However, minimal models models of However, in in gen�ral general the the logical logical complexity complexity of of minimal of logic logic programs programs is is very very high high and and the the corresponding corresponding semantics semantics is is noneffective. noneffective.
Proof-Theoretic Framework Framework for for Logic Logic Programming Programming AA Proof-Theoretic
679 679
II. Proof Proof theory. theory. ItIt deals deals with with the the development development and and analysis analysis of of deductive deductive systems systems for for II. proofs as as computations computations paradigm. paradigm. In In the the logic programs programs and and isis often often directed directed to to the the proofs logic ideal case case there there isis aa close close connection connection between between the the proof proof theory theory and and the the procedural procedural ideal aspects of of logic logic programming programming in in the the sense sense that that query-answering query-answering mechanisms mechanisms can can aspects be interpreted interpreted as as formal formal proofs proofs and and suitable suitable formal formal proofs proofs can can be be transformed transformed into into be successful computations. computations. successful III. Procedural Procedural semantics. semantics. ItIt isis concerned concerned with with the the general general principles principles behind behind the the III. implementations of of logic logic programming. programming. Since Since today today most most procedural procedural approaches approaches implementations to first first order order logic logic programming programming are are based based on on some some form form of of SLDNF-resolution, SLDNF-resolution, the the to distinguished role role of of this this concept concept is is evident. evident. distinguished In our our article article we we followed followed this this general general pattern. pattern. The The results results we we presented presented can can be be In roughly summarized summarized as as follows. follows. If If PP is is aa "decent" "decent" logic logic program program and and A A aa closed closed roughly atom, then then the the following following assertions are equivalent: equivalent: atom, assertions are A is is true least adequate structure ~[p of P. ((i) i) A true in in the the w-segment w-segment of of the the least adequate Herbrand Berbrand structure 'Jp of P. A is true in all structures structures which which are are adequate P. (ii ) A (ii) is true in all adequate to to P. ((iii) iii) A A is identity and and cut-free cut-free provable provable in deductive system R(P) . is identity in the the deductive system 7~(P). is derivable derivable by by SLDNF-resolution. SLDNF-resolution. (iv) A (iv) A is Furthermore, by aa simple simple syntactic transformation it possible to to associate each Furthermore, by syntactic transformation it is is possible associate to to each logic program program P system of inductive definitions �(P) so logic P a a system of positive positive inductive definitions ind ind'(P) so that that for for closed closed (P) is atoms atoms A A derivability derivability from from ind� ind'(P) is equivalent equivalent to to each each of of the the four four assertions assertions above. above. In (P) which In addition addition induction induction principles principles are are available available in in ind� ind'(P) which make make it it possible possible to to prove prove properties properties about about logic logic programs. programs. In In this this sense sense we we hope hope that that we we could could provide provide aa proof-theoretic proof-theoretic framework framework for for logic logic programming. programming. Of Of course course there there exist exist other other proof-theoretic proof-theoretic approaches approaches to to logic logic programming programming which which we we did did not not mention mention at at all, all, and and we we conclude conclude this this article article with with mentioning mentioning two two of of them. them. 's linear cf. e.g. Some Some interesting interesting activities activities in in this this area area start start off off from from Girard Girard's linear logic logic ((cf. e.g. Girard 1987a]) and Girard [[1987a]) and study study the the connections connections between between logic logic programming programming and and linear linear logic. logic. Another Another important important area area in in the the general general field field of of logic logic programming programming deals deals with with 1991] higher higher order order logic logic programming, programming, and and we we refer refer the the reader reader for for example example to to Miller Miller [[1991] and 1992] for and Pfenning Pfenning [[1992] for further further reading. reading. References References
K. K. R. R. APT APT [1990] [1990] Logic Logicprogramming, programming, in: in: Handbook Handbookof o] Theoretical Theoretical Computer Computer Science, Science, Volume Volume B, B, J. J. van van Leeuwen, Leeuwen, ed., ed., Elsevier, Elsevier, ch. ch. 10, 10, pp. pp. 495-574. 495-574. K K.. R. R. APT APT AND ANDR. R. BOL SOL [1994] [1994] Logic Logicprogramming programmingand and negation: negation: A A survey, survey,J. J. of ofLogic LogicProgramming, Programming,19/20, 19120,pp. pp. 9-72. 9-72. N N.. D D.. BELNAP BELNAP
Valued Logic, [1977] [1977] A A useful useful four-valued four-valuedlogic, logic, in: in: Modem Modern Uses Usesof of MultipleMultiple-Valued Logic, J.J. M. M. Dunn Dunn and and G. G. Epstein, Epstein, eds., eds., D. D. Reidel, Reidel,Dordrecht, Dordrecht, pp. pp. 8-37. 8-37.
680 680
G. G.
Jager Jiiger and R. R. Stark St~rk
H. H. A. A. BLAIR BLAIR [1982] The The recursion-theoretic recursion-theoretic complexity complexity of of the the semantics semantics of of predicate predicate logic logic as as aa programming programming [1982] 54, pp. language, language, Infonnation Information and Control, 54, pp. 25-47. 25-47. W W.. BUCHHOLZ BUCHHOLZ [1992] [1992] A negation as failure calculus, calculus, tech. tech. rep., rep., University University of of Munich. Munich. L. CAVEDON AND AND J. J. W. L. CAVEDON W. LLOYD LLOYD [1989] A A completeness completeness theorem theorem for for SLDNF-resolution, SLDNF-resolution, J. ofLogic Programming, 7, 7, pp. pp. 177-191. 177-191. [1989] K. L. L. CLARK K. CLARK H. Gallaire [1978] Negation Negation as as failure, failure, in: in: Logic Logic and Data Bases, Bases, H. Gallaire and and J. J. Minker, Minker, eds., eds., Plenum Plenum [1978] Press, Press, New New York, York, pp. pp. 293-322. 293-322. K K.. DOETS DOETS [1994] From Logic Logic to Logic Logic Programming, MIT MIT Press. Press. [1994] W. DRABENT AND AND M. MARTELLI W. DRABENT M. MARTELLI [1991] Strict Strict completion completion of of logic logic programs, programs, New Generation Computing, 9, 9, pp. pp. 69-69. 69-69. [1991] M. H. H. VAN AND R. R. A. A. KOWALSKI M. VAN EMDEN EMDEN AND KOWALSKI [1976] The The semantics semantics of of predicate predicate logic logic as as aa programming programming language, language, J. of the Association for [1976] 4, pp. pp. 733-742. Computing Machinery, 4, 733-742. S. FEFERMAN S. FEFERMAN [1991] [1991] Reflecting Reflecting on on incompleteness, incompleteness, J. J. of of Symbolic Symbolic Logic, Logic, 56, 56, pp. pp. 1-49. 1-49. M. FITTING M. FITTING [1985] A A Kripke-Kleene Kripke-Kleene semantics semantics for for logic logic programs, programs, J. J. of of Logic Logic Programming, 2, 2, pp. pp. 295-312. 295-312. [1985] [1991] Bilattices Bilattices and and the the semantics semantics of of logic logic programming, programming, J. of Logic Logic Programming, Programming, 11, 11, [1991] pp. pp. 91-116. 91-116. M. L. L. GINSBERG M. GINSBERG [1987] [1987] Multi-valued Multi-valued logics, logics, in: in: Readings Readings in Nonmonotonic Reasoning, Reasoning, M. M. L. L. Ginsberg, Ginsberg, ed., ed., Morgan Morgan Kaufmann, Kaufmann, pp. pp. 251-255. 251-255. JJ.-Y. .-Y. GIRARD GIRARD [1987a] [1987a] Linear Linear logic, logic, Theoretical Computer Science, Science, 50, 50, pp. pp. 1-102. 1-102. [1987b] [1987b] Proof Theory and Logical Logical Complexity, Complexity, Bibliopolis, Bibliopolis, Napoli. Napoli. JJ.-Y. .-Y. GIRARD, Y. LAFONT, GIRARD, Y. LAFONT, AND AND P P.. TAYLOR TAYLOR [1989] [1989] Proofs Proofs and Types, Types, Cambridge Cambridge University University Press. Press. L. HALLNAS L. HALLN)/,SAND AND P P.. SCHROEDER-HEISTER SCHROEDER-HEISTER
[1990] [1990] A A proof-theoretic proof-theoretic approach approach to to logic logic programming. programming. 1. I. Clauses Clauses as as rules, rules, J. of Logic Logic and Computation, 1, pp. Computation, 1, pp. 261-283. 261-283. B G. JAGER B.. HOSLI H(SSLI AND AND G. J)i.GER [1994] [1994] About About some some symmetries symmetries of of negation, negation, J. of Symbolic Symbolic Logic, Logic, 59, 59, pp. pp. 473-485. 473-485. G. JAGER G. JAGER [1989] [1989] Non-monotonic Non-monotonic reasoning reasoning by by axiomatic axiomatic extensions, extensions,in: in: Logic, Logic, Methodology Methodology and and Philos Philosophy J. E. E. Fenstad, eds., North-Holland, ophy of of Science Science VIII, VIII,J. Fenstad, 1. I. T. T. Frolov, Frolov, and and R. R. Hilpinen, Hilpinen, eds., North-Holland, Amsterdam, Amsterdam, pp. pp. 93-110. 93-110. [1994] [1994] A A deductive deductive approach approach to to logic logicprogramming, programming, in: in: Proof Proof and and Computation, Computation, H. H. Schwichten Schwichtenberg, ed., Sciences, NATO berg, ed., Series SeriesF: F: Computer Computer and and Systems Systems Sciences, N A T O Advanced Advanced Study Study Institute, Institute, International International Summer Summer School School held held in in Marktoberdorf, Marktoberdorf, Germany, Germany, 1993, 1993, Springer-Verlag, Springer-Verlag, Berlin, pp. 133-172. Berlin, pp. 133-172. K K.. KUNEN KUNEN [1987] [1987] Negation Negation in in logic logic programming, programming, J. of Logic Logic Programming, 4, 4, pp. pp. 289-308. 289-308.
Proof-Theoretic Framework for Logic Logic Programming A ProofTheoretic F'ramework
681 681
[1989] Signed data dependencies in logic programs, J. J. of Logic Logic Programming, Programming, 7, pp. pp. 231-245. [1989] LASSEZAND AND M M.. J. MAHER MAHER J.-L. LASSEZ [1985] Optimal fixed fixed points of logic programs, Theoretical Theoretical Computer Science, Science, 39, pp. 15-25. [1985] LLOYD J. W. W. LLOYD [1987] Foundations Foundations of Logic Logic Programming, Programming, Springer-Verlag, Berlin, second ed. [1987] MAL'CEV A. !,I. MAL'CEV [1971] Axiomatizable Axiomatizable classes classes of of locally locally free free algebras algebras of of various various types, types, in: in: The Metamathematics Metamathematics [1971] Algebraic Systems, Collected CollectedPapers, North-Holland, North-Holland, Amsterdam, Amsterdam, ch. ch. 23, 23, pp. pp. 262-281. 262-281. of Algebraic D.. MILLER MILLER D A logic logic programming programming language language with with lambda-abstraction, lambda-abstraction, function function variables variables and and simple simple [1991] A unification, J. of of Logic Logic and Computation, Computation, 1, 1, pp. pp. 497-536. 497-536. unification, Y. M OSCHOVAKIS Y. N. N. MOSCHOVAKIS [1974] Elementary Induction on Abstract Structures, North-Holland, North-Holland, Amsterdam. Amsterdam. [1974] A. MYCROFT A. MYCROFT [1984] Logic Logic programs programs and and many-valued many-valued logic, logic, in: in: STA STACS Theoretical CS 84: Symposium on Theoretical [1984] M. Fontet Fontet and and K. Mehlhorn, eds., eds., Lecture Lecture Notes Notes in in Aspects of Computer Science, Science, M. K. Mehlhorn, Computer #166, Springer-Verlag, Springer-Verlag, Berlin, pp. 274-286. 274-286. Computer Science Science #166, Berlin, pp. F. PFENNING F. PFENNING [1992] ed., Types Types in Logic Logic Programming, Programming, MIT Press. [1992] ROBINSON JJ.. A. A. ROBINSON [1965] A A machine-oriented machine-oriented logic logic based based on on the the resolution resolution principle, principle, J. Ass. Compo Comp. Mach., Mach., 12, 12, [1965] pp. 23-41. P. SCHROEDER-HEISTER P. SCHROEDER-HEISTER [1991] Hypothetical Hypothetical reasoning reasoning and and definitional definitional reflection reflection in in logic logic programming, programming, in: in: Extensions Extensions [1991] of Logic Programming, Programming, P. P. Schroeder-Heister, Schroeder-Heister, ed., ed., Lecture Lecture Notes Notes in Computer Science Science in Computer of #475 Notes in Artificial Intelligence), Springer-Verlag, Berlin, Berlin, pp. pp. 327-339. #475 (Lecture (Lecture Notes in Artificial Intelligence), Springer-Verlag, 327-339. S. . SCHUTTE SCH~ITTE K [1977] Proof Theory, Springer-Verlag, Springer-Verlag, Berlin. Berlin. [1977] J. J. C. C. SHEPHERDSON SHEPHERDSON [1988] Language and Equality Theory in Logic Logic Programming, PM-88-08, University University Programming, Tech. Tech. Rep. Rep. PM-88-08, [1988] Language of Bristol. Bristol. and complete for aa version failure, Theoretical [1989] A sound sound and complete semantics semantics for version of of negation negation as as failure, [1989] A Computer 343-371. Computer Science, Science, 65, 65, pp. pp. 343-371. negation as failure, in: N. Moschovakis, [1992] Logics Logics for for negation as failure, in: Logic Logic from from Computer Science, Science, Y. Y. N. Moschovakis, [1992] ed., Springer-Verlag, Berlin, Berlin, pp. 521-583. R. R. F. F. STARK STARK A complete complete axiomatization axiomatization of of the the three-valued three-valued completion completion of logic programs, programs, J. of [1991] A [1991] of logic of Logic 1, pp. pp. 811-834. 811-834. and Computation, 1, [1994a] Cut-property Cut-property and negation as as failure, failure, International International Journal Journal of Computer [1994a] and negation of Foundations of of Computer 5, pp. pp. 129-164. 129--164. Science, 5, Input/output dependencies dependencies of of normal normal logic logic programs, programs, J. of 4, [1994b] of Logic and Computation, 4, [1994b] Input/output pp. 249-262. pp. 249-262. [1996] programs to Logic: From Foundations to ApplicaApplica From logic logic programs to inductive inductive definitions, definitions, in: in: Logic: [1996] From '93, W. W. Hodges, Hodges, ed., ed., Oxford Oxford University University Press, Press, tions. Proceedings Proceedings of of Logic Colloquium '93, pp. pp. 453-481. 453-481.
682 682
Jager and and R. R. StSrk Stark G. Jiiger G.
W. W. W. TAIT TAIT W. derivability in in classical classical logic, logic, in: in: The Syntax Syntax and Semantics Semantics of of Infinitary InJinitary [1968] Normal derivability [1968] Normal Languages, Barwise, ed., ed., Lecture Lecture Notes Notes in in Mathematics Mathematics #72, #72, Springer-Verlag, Springer-Verlag, Languages, J. J. Barwise, Berlin, pp. pp. 204-236. 204-236. Berlin, G. TAKEUTI TAKEUTI G. North-Holland, Amsterdam. Amsterdam. [1987] Proof Theory, North-Holland, [1987] A . VAN VAN GELDER GELDER AND AND J. J . S. S. SCHLIPF SCHLIPF A. Commonsense axiomatizations axiomatizations for for logic logic programs, programs, J. of Progmmming, 17, 17, pp. pp. 161161[1993] of Logic Programming, [1993] Commonsense 195. 195.
CHAPTER XX CHAPTER
Types Types in Logic, Logic, Mathematics M athematics and and Programming Programming Robert L. L. Constable Constable Robert
Computer Science Department, Cornell Cornell University Computer Science Department, 14853, USA Ithaca, New York 1~853,
Contents Contents
1. Introduction 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2. Typed Typed logic logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3. Type 3. Type theory theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4. Typed Typed programming programming languages languages . . . . . . . . . . . . . . . . . . . . . . . . . . . 5. Conclusion 5. Conclusion .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6. Appendix Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References References .. .. .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
HANDBOOK H A N D B O O K OF OF PROOF P R O O F THEORY THEORY Edited Edited by by S. S. R. R. Buss Buss © 1998 1998 Elsevier Elsevier Science Science B.V. B.V. All All rights rights reserved reserved
684 684 692 726 754 766 768 773
R. Constable R.
684 684 1 . IIntroduction 1. ntroduction
Proof theory theory and and computer computer science science are are jointly jointly engaged engaged in in aa remarkable remarkable enterenter Proof prise. Together Together they they provide provide the the practical practical means means to to formalize formalize vast vast amounts amounts of of prise. mathematical knowledge. knowledge. They They have have created created the the subject subject of of automated reasoning mathematical and and aa digital digital computer computer based based proof technology; these these enable enable aa diverse diverse community community of mathematicians, mathematicians, computer computer scientists, scientists, and and educators educators to to build build aa new new artifact artifact of aa globally globally distributed distributed digital digital library library of of formalized formalized mathematics. mathematics. II think think that that this this artifact artifact signals signals the the emergence emergence of of aa new new branch branch of of mathematics, mathematics, perhaps perhaps to to be be called called Formal Mathematics. The theorems theorems of of this this mathematics mathematics are are completely completely formal formal and and are are processed The processed digitally. They They can can be be displayed displayed as as beautifully beautifully and and legibly legibly as as journal journal quality quality digitally. mathematical text. text. At At the the heart heart of of this this library library are are completely completely formal formal proofs proofs mathematical created with with computer computer assistance. assistance. Their Their correctness correctness is is based based on on the the axioms axioms and and rules rules created of various of various foundational foundational theories; theories; this this formal formal accounting accounting of of correctness correctness supports supports the the highest known standards to formally formally relate highest known standards of of rigor rigor and and truth. truth. The The need need to relate results results in in different topic in in proof proof theory theory and foundations of of different foundational foundational theories theories opens opens a a new new topic and foundations mathematics. mathematics. Formal theories are Formal proofs proofs of of interesting interesting theorems theorems in in current current foundational foundational theories are very very large objects. Creating Creating them the speed capacities of large rigid rigid objects. them requires requires the speed and and memory memory capacities of modern expressiveness of modern software. Programs modern computer computer hardware hardware and and the the expressiveness of modern software. Programs fill in in tedious tedious detail; detail; they many kinds kinds of called theorem provers fill called they recognize recognize many of "obvious "obvious inference," and and they find long chains of and even inference," they automatically automatically find long chains of inferences inferences and even complete complete subproofs or or proofs. The study of these these theorem theorem provers and the the symbolic symbolic algorithms subproofs proofs. The study of provers and algorithms that make make them them work part of of the the subject reasoning. This that work is is part subject of of automated automated reasoning. This science science and and the the proof proof technology technology built built on on it it are are advancing advancing all all the the time, time, and and the the new new branch branch of mathematics that will have methods, surprises of mathematics that they they enable enable will have its its own own standards, standards, methods, surprises and and triumphs. triumphs. This This article article is is about about the the potent potent mixture mixture of of proof proof theory theory and and computer computer science science behind automated behind automated reasoning reasoning and and proof proof technology. technology. The The emphasis emphasis is is on on proof proof theory theory topics topics while while stressing stressing connections connections to to computer computer science. science. Computer Computer science science is is concerned concerned with with automating automating computation. computation. Doing Doing this this well well has possible to has made made it it possible to formalize formalize real real proofs. proofs. Computing Computing well well requires requires fast fast and and robust robust hardware hardware as as well well as as expressive expressive high high level level programming programming languages. languages. High High level level lan languages guages are are partially partially characterized characterized by by their their type systems; i.e., i.e., the the organization organization of of data types expressible expressible in in the the language. language. The The evolution evolution of of these these languages languages has has led led to to type type systems systems that that resemble resemble mathematical mathematical type type theories theories or or even even computationally computationally effective effective set set theories. theories. (This (This development development underlines underlines the the fact fact that that high high level level programming programming is is an an aspect aspect of of computational computational mathematics.) mathematics.) This article will focus mainly on relating data types and mathematical types. The The connection connection between between data data types types and and mathematical mathematical types types in in the the case case of of formal formal mathematics mathematics and and automated automated reasoning reasoning is is even even tighter tighter than than the the general general connection. connection. Here Here is is why. why. To To preserve preserve the the highest highest standards standards of of rigor rigor in in formalized formalized mathematics mathematics built built with with computer computer assistance assistance (the (the only only way way to to produce produce it) it),, it it is is necessary necessary to to reason reason
proof technology;
automated reasoning
Formal Mathematics.
theorem provers
types
data types and mathematical types.
type systems;
data
This article will focus mainly on relating
Types Types
685 685
about about programs programs and and computations. computations. This This is is what what intuitionists intuitionists and and constructivists constructivists do do at aa very very high high level level of of abstraction. abstraction. So So as as the the programming programming languages languages for for automating automating at reasoning become become more more abstract abstract and and expressive, expressive, constructive constructive mathematics mathematics becomes becomes reasoning directly relevant relevant to to Formal Formal Mathematics Mathematics and and to to the the "grand "grand enterprise" enterprise" of of building building it it directly using theorem theorem provers. provers. We We will will see see that that connections connections are are quite quite deep. deep. using It turns turns out out that that proof proof technology technology is is relevant relevant to to other other technologies technologies of of economic economic and and It strategic importance. importance. For For instance, instance, the the type checkers in in commercial commercial programming programming strategic languages like like ML ML are are actually actually small small theorem theorem provers. provers. They They check check that that arguments arguments languages to aa function function match match the the type type of of the the function function (see (see section section 3). 3). Industrial Industrial model to checkers systematically systematically search search for for errors errors in in the the design design of of finite finite state state systems, systems, such such as as hardware circuits circuits or or software software protocols. protocols. More More general general tools tools are are program verification hardware systems. These These combine combine type type checkers, checkers, model model checkers, checkers, decision decision procedures, procedures, and and theorem theorem provers provers that that use use formalized formalized mathematics. mathematics. They They are are employed employed to to prove prove that programs programs have have certain certain formally formally specified specified properties. properties. Such Such proofs proofs provide provide the the that highest levels levels of of assurance assurance that that can can be be given given that that programs programs operate operate according according to to highest specifications. There There are are also also software software systems systems based based on on proof proof technology technology which which specifications. synthesize synthesize correct correct programs programs from from proofs proofs that that specifications specifications are are realizable. realizable. We We will will examine the the proof proof theory theory underlying underlying some some of of these these systems. systems. examine My My approach approach to to the the subject subject comes comes from from the the experience experience of of designing, designing, studying, studying, and and using using some some of of the the earliest earliest and and then then some some of of the the most most modern modern of of these these theorem theorem provers. provers. Currently Currently my my colleagues colleagues and and II at at Cornell Cornell are are working working with with the the system system we we ,, l ) . We in Constable call "new pearl call Nuprl Nuprl (("new pearl").1 We call call it it a a proof development system in Constable et et al. [1986] al. [1986],, but but some some call call it it a a problem solving environment (PSE) (PSE) or or aa logicalframework (LF). From From another another point point of of view view it it is is a a collaborative mathematics environment, c.f., c.f., (LF). Chew Whatever Nuprl Chew et et al. al. [1996]. [1996]. Whatever Nuprl is is called, called, II am am concerned concerned with with systems systems like like it it and and their evolution. evolution. We examine the the logical logical features to aa variety of current current their We will will examine features common common to variety of systems similar kind, kind, such such as as ACL2, ACL2, Alf, Alf, Coq, Coq, HOL, IMPS, Isabelle, Kiv, LA, systems of of aa similar HOL, IMPS, Isabelle, Kiv, LA, Mizar, NqThm NqThm and Otter. So So while while II will refer to to Nuprl from time time to time, Lego, Mizar, Lego, and Otter. will refer Nuprl from to time, most of general and apply to 21st century most of the the ideas ideas are are very very general and will will apply to the the systems systems of of the the 21st century as well. Before saying saying more more about about the the article, article, let let me put the the work work into historical as well. Before me put into historical perspective. Doing Doing this this will will allow allow me me to to state state my my goals goals more more exactly (especially after after perspective. exactly (especially each each topic topic of of Section Section 1.1). 1.1).
type checkers
checkers systems.
model program verification
proof development system problem solving environment logicalframework collaborative mathematics environment,
Begriff Grundgesetze sschrift and the the ground ground was was cleared cleared to to provide provide aa firm firm foundation foundation for mathematics.22 Frege, and Frege, for mathematics. In Principia Principia Mathematica, Mathematica, Whitehead Whitehead and and Russell Russell [1925-27] [1925-27J revised revised Frege's Frege ' s flawed flawed In From BegriffHistorical 1875-1995. From 1.1. H 1.1. i s t o r i c a l pperspective e r s p e c t i v e on on aa ggrand r a n d eenterprise n t e r p r i s e 1875-1995. [1879J onwards onwards until until Grundgesetze [1903], [1903], logic logic was was re-surveyed re-surveyed by by Gottlob Gottlob sschrift [1879]
architectural plans, plans, and and then then using using these these plans, plans, Hilbert Hilbert [1926] [1926J laid laid out out aa formalist formalist architectural
We have have released released Version Version 4.2, 4.2, see see http://www.cs.cornell.edu/Info/Projects/NuPrl/nuprl.html. http://www.cs.comell.edu/lnfo/Projects/NuPrl/nuprl.html. 11We Version 55 and and "Nuprl Light" Light" will will be be available available at at this this World World Wide Wide Web Web site site in in 1999. 1999. Version 2 BegrifJsschrijt ("concept ("concept script") script") analyzed analyzed the the notion notion of of aa proposition proposition into into function function and and 2Begri~sschrift argument, introduced introduced the the quantifiers, quantifiers, binding, binding, and and aa theory theory of of identity. identity. This This created created the the entire entire argument, predicate calculus. calculus. Grundgesetze Grundgesetze presented presented aa theory theory of of classes classes based based on on the the comprehension comprehension predicate principle and and defined defined the the natural natural numbers in terms terms of them.
686 686
R. Constable Constable
program program to to build build the the completely completely formal formal theories theories which which would would be be used used to to explain explain and justify justify the the results results and mathematics. His His program program would would defend defend and and methods methods of of mathematics. mathematical mathematical practice practice against against critics critics like like Brouwer Brouwer who who saw saw the the need need to to place place the the foundation pilings pilings squarely squarely on on the the natural natural numbers numbers and and build build with with constructive constructive foundation methods. 33 methods. Hilbert called for training some some himself, Hilbert called for workers, workers, training himself, and and began began with with them them the the task task which compelling and which proved proved to to be be so so compelling and attractive attractive to to many many talented talented mathematicians mathematicians like Neumann, Herbrand, Herbrand, Gentzen, like Church, Church, von von Neumann, Gentzen, Skolem, Skolem, Turing, Turing, Tarski, Tarski, Godel, GSdel, and and many more. deep into into the the bedrock to explore explore the the foundation foundation site, site, Kurt Kurt GSdel many more. Boring Boring deep bedrock to Godel [1931] limitations to to the [1931] unexpected unexpected limitations the planned planned activity. activity. It It could could never never be be completed completed as envisioned envisioned by by Hilbert.4 Hilbert. 4 His His surprising surprising discovery discovery changed changed expectations, expectations, but but the the as tools Godel tools GSdel created created transformed transformed the the field field and and stimulated stimulated enormous enormous interest interest in in the the enterprise. enterprise. More More remarkable remarkable discoveries discoveries followed. followed. Within two two decades, decades, computer computer science science was was providing providing new new "power "power tools" tools" to to realize realize Within in software software the the formal formal structures structures needed needed to support mathematics. mathematics. By By 1960 computer in to support 1960 computer hardware hardware could could execute execute programming programming languages languages like like Lisp, Lisp, c.f. c.f. McCarthy McCarthy [1963], [1963], designed designed for for the the symbolic symbolic processing processing needed needed to to build build formal formal structures. structures. Up Up in in the the scaffolding scaffolding computer computer scientists scientists began began to to encounter encounter their their own own problems problems with with "wiring "wiring and and communications," communications," control control of of resource resource expenditure, expenditure, design design of of better better tools, etc. 1970's poised tools, etc. But But already already even even in in the the 1970's poised over over the the ground ground like like aa giant giant drilling rig, the structures supported supported still deeper penetration drilling rig, the formal formal structures still deeper penetration into into the the bedrock bedrock designed designed to to support support mathematics mathematics (and (and with with it it the the mathematical mathematical sciences sciences and and much much of our technical of our technical knowledge). knowledge). The The theory theory of of computational computational complexity, complexity, arising arising from from 's P Hartmanis and Stearns led to like Cook Hartmanis and Stearns [1965], [1965], led to further further beautiful beautiful discoveries discoveries like Cook's P = N N PP problem, problem, and and to to a a theory theory of of algorithms algorithms needed needed for for sophisticated sophisticated constructions, constructions, and and to to a a theory theory of feasible mathematics (see (see Buss Buss [1986], [1986], Leivant Leivant [1994b,1994a,1995]) [1994b,1994a,1995]),, and and to to ideas ideas for for the the foundations of computational mathematics. By 1970 the By 1970 the value value of of the the small small formal formal structure structure already already assembled assembled put put to to rest rest the the nagging nagging questions questions of of earlier earlier times times about about why why mathematics mathematics should should be be formalized. formalized. The The existing economic benefit engineering, just Leibniz dreamed, existing structure structure provided provided economic benefit to to engineering, just as as Leibniz dreamed, Frege Frege foresaw, foresaw, McCarthy McCarthy planned planned [1962], [1962], and and many many are are realizing. realizing. Even Even without without the the accumulating accumulating evidence evidence of of economic economic value, value, and and without without counting counting the the immediate immediate utility utility of of the the software software artifacts, artifacts, scientists scientists in in all all fields fields recognized recognized that that the the discoveries discoveries attendant attendant on on this this "grand "grand enterprise" enterprise" illuminate illuminate the the very very nature nature of of knowledge create and results of knowledge while while providing providing better better means means to to create and manage manage it. it. The The results of this enterprise because all scholars and this enterprise have have profound profound consequences consequences because all scholars and scientists scientists are are in the business in the business of of processing processing information information and and contributing contributing to to the the accumulation accumulation and and dissemination dissemination of of knowledge. knowledge. The construction of on; it kind The construction of the the foundational foundational structure structure goes goes on; it is is forming forming aa new new kind
ofJeasible mathematics foundations of computational mathematics.
31 nitistic analysis 3I refer to Hilbert's formalist formalistprogram programfounded on a fifinitistic analysis of formal formal systems systems to prove their consistency reasoning as a (possibly their consistency and to justify justify non-constructive non-constructive reasoning (possibly meaningless) meaningless) detour detour justifi ed by the consistency justified consistency of a formal formal system. system. 4Godel consistency is not sufficient 4GSdel showed showed that consistency sufficient to justify the detour because because there are formulas formulas of number theory theory such such that that both both P p can added (P an of number P and and ..., ~P can be be consistently consistently added an unprovable unprovable formula). formula).
687 687
Types
of of place, place, like like a a biosphere biosphere made made out out of of bits. bits. We We might might call call it it aa "cybersphere" "cybersphere" since since it it encloses . . . which encloses the the space space we we call call "cyberspace." "cyberspace." Many Many people people now now live live in in this this space space.., which supports supports commerce commerce and and recreation recreation as as well well as as scholarship scholarship and and science. science. It is is in in the the context context of of this "grand enterprise" enterprise" that that II have have framed framed the the article. article. II see see It this "grand it the major it concerned concerned with with two two of of the major modes modes of of work work in in assembling assembling the the formal formal structures structures logical analysis construction. II will - - logical analysis and and algorithmic algorithmic construction. will briefly briefly mention mention the the aspects aspects of of these these activities activities that that II treat treat here. here. Logical Logical analysis. analysis. When When looking looking back back over over the the period period from from 1879 1879 to to now, now, we we see see that that the the formal formal analysis analysis of of mathematical mathematical practice practice started started with with logical logical language. language. Frege Frege [1879] [1879] said: said: "To "To prevent prevent anything anything intuitive intuitive from from penetrating penetrating [[into an argument argument]] un uninto an noticed, noticed, II had had to to bend bend every every effort effort to to keep keep the the chain chain of of inferences inferences free free of gaps. gaps. In attempting to to comply comply with requirement in strictest of In attempting with this this requirement in the the strictest possible way obstacle. This possible way II found found the the inadequacy inadequacy of of language language to to be be an an obstacle. This defi ciency led ... deficiency led me me to to the the present present ideography ideography... Leibniz, Leibniz, too, too, recognized recognized n and and perhaps perhaps overrated overrated the the advantages advantages of of ad adequate . . . calculus philosophicus.., . . . was equate notation. notation. His His idea idea of of aa... was so so gigantic gigantic that that the the attempt attempt to to realize realize it it could could not not go go beyond beyond the the bare bare preliminaries. preliminaries. The The enthusiasm enthusiasm that that seized seized its its originator originator when when he he contemplated contemplated the the immense mankind that the calculus immense increase increase in in intellectual intellectual prover prover of of mankind that [[the calculus would would bring bring]] caused caused him him to to underestimate underestimate the the difficulties difficulties .. .. ... . But But even even if if this this worthy worthy goal goal cannot cannot be be reached reached in in one one leap, leap, we we need need not not despair despair of of aa slow slow step step by by step step approximation." approximation." So So Frege Frege began began with with very very limited limited goals goals and and took took what what he he characterized characterized as as "small "small steps" (like (like creating creating all all of of predicate predicate 10giC!). logic!). He He did did not not include include aa study study of of computation computation steps" and and its its language; language; he he limited limited his his study study of of notation notation to to logical logical operators, operators, and and he he ruled ruled out out creating creating a a natural natural expression expression of of proofs proofs or or classifying classifying them them based based on on how how "obvious" "obvious" they they are. are. In In addition, addition, Frege Frege focused focused on on understanding understanding the the most most fundamental fundamental types, types, natural natural numbers, numbers, sequences, sequences, functions, functions, and and classes. classes. He He adopted adopted aa very very simple simple approach approach to to in his the the domain domain of of functions, functions, forcing forcing them them all all to to be be total. He He said said ((in his Collected Papers) "the sign always have "the sign a + + bb should should always have aa reference, reference, whatever whatever signs signs for for definite definite objects objects ' may b '." Principia took took aa different may be be inserted inserted in in place place of o f ' 'aa' and and ''b'." different approach approach to to functions, functions, introducing introducing types, types, but but also also it it excluded excluded from from consideration consideration an an analysis analysis of of computation computation or or natural natural proofs proofs or or the the notational notational practices practices of of working working mathematics. mathematics. It It too too developed developed only only basic basic mathematics mathematics with with no no attempt attempt to to treat treat abstract abstract algebra algebra or computational computational parts parts of of analysis. analysis. or Principia Mathematica, the the monumental monumental work work of of Whitehead Whitehead and and Russell Russell [1925[192527] 27],, was was indeed indeed the the first first comprehensive comprehensive rendering rendering of of mathematics mathematics in in symbolic symbolic logic. logic. ' s celebrated 1931 paper Godel GSdel's celebrated 1931 paper "On "On Formally Formally Undecidable Undecidable Propositions Propositions of of Principia Mathematica and and Related Related Systems" Systems" begins: begins: "The "The development development of of mathematics mathematics toward toward greater greater precision precision has has led, led, as as is known, to it, so is well well known, to the the formalization formalization of of large large tracts tracts of of it, so that that one one
calculus philosophicus
a
total. Principia
Collected Papers)
Principia Mathematica,
Mathematica
Principia
688 688
R. Constable Constable
can nothing but rules. The can prove prove any any theorems theorems using using nothing but aa few few mechanical mechanical rules. The most most comprehensive comprehensive formal formal systems systems that that have have been been set set up up hither hither to to are are hand and the the system system of of Principia Mathematica (PM) (PM) on on the the one one hand and the the Zermelo-Fraenkel . . . on Zermelo-Fraenkel axiom axiom system system of of set set theory theory.., on the the other." other." Principia presents presents a a logic logic based based on on types types and and derives derives in in it it aa theory theory of of classes, classes, while ZF ZF set set theory theory provided provided informal informal axioms and, and, logic logic was was incidentaP incidental. 5 Principia while deals with with the deals the topics topics that that II find find fundamental fundamental in in my my own own work work of of "implementing "implementing mathematics" mathematics" in in the the Nuprl Nuprl system, system, Constable Constable et et al. al. [1986] [1986].. Thus Thus much much of of what what II say say here is here is related related to to PM. P M. Indeed, Indeed, in in a a sense sense Nuprl Nuprl is is aa modern modern style style Principia suitable suitable for for computational computational mathematics. mathematics. Hilbert introduced Hilbert introduced a a greater greater degree degree of of formalization, formalization, essentially essentially banishing banishing seman semantics, and tics, and he he began began as as aa result result to to deal deal with with computation computation in in his his metalanguage. metalanguage. But But he took aa step he took step backwards backwards from from Principia in in terms terms of of analyzing analyzing when when expressions expressions are are meaningful. He meaningful. He reduced reduced this this to to an an issue issue of of parsing parsing and and "decidable "decidable type type checking" checking" of of formulas semantic judgments formulas as as opposed opposed to to the the semantic judgments of of Principia. ' t until It It wasn wasn't until Gentzen Gentzen that that the the notion notion of of proofs proofs as as they they occur occur in in practice practice was was ' t until analyzed, first in in natural deduction and then in analyzed, first and then in sequent calculi. It It wasn wasn't until Her Herbrand, Godel, Church, brand, GSdel, Church, Markov, Markov, and and Turing Turing that that computation computation was was analyzed analyzed and and not not until until de de Bruijn Bruijn that that the the organization organization of of knowledge knowledge (into (into aa "tree "tree of of knowledge" knowledge" with with ' s Automath explicit explicit contexts) contexts) was was considered. considered. De De Bruijn Bruijn's Automath project project also also established established links to computing, like links to computing, like those those simultaneously simultaneously being being forged forged from from computer computer science. science. Recently Recently Martin-Lor Martin-LSf has has widened widened the the logical logical investigation investigation to to reintroduce reintroduce aa se semantic mantic approach approach to to logic, logic, to to include include computation computation as as part part of of the the language, language, and and to to make make manifest manifest the the connections connections to to knowledge. knowledge. Martin-Lor Martin-LSf [1983,p.30] [1983,p.30] says: says: "to "to have have proved proved = -- to to know know = - to to have have understood, understood, comprehended, comprehended, grasped, grasped, or or seen. seen. It It is is now now manifest, manifest, from from these these equations, equations, that that proof proof and and knowledge knowledge are are the the same. same. Thus, Thus, if if proof proof theory theory is is construed, construed, not not in in ' s sense, Hilbert Hilbert's sense, as as metamathematics metamathematics but but simply simply as as the the study study of of proofs proofs in in the the original original sense sense of of the the word, word, then then proof proof theory theory is is the the same same as as theory theory of of knowledge ..." knowledge..." We position where consider all We are are now now in in a a position where mathematical mathematical logic logic can can consider all of of these these elements: truth, and elements: an an analysis analysis of of the the basic basic judgments judgments of of typing, typing, truth, and computational computational equality; equality; an an analysis analysis of of natural natural proofs proofs and and their their semantics; semantics; the the integration integration of of compu computational concepts tational concepts into into the the basic basic language; language; an an analysis analysis of of the the structure structure of of knowledge knowledge and and its its role role in in practical practical inference; inference; and and classification classification of of inference inference according according to to its its computational complexity. computational complexity. We will attempt logic that We will attempt aa consideration consideration of of logic that takes takes all all this this into into account account and and is is linked to computing practice, linked to computing practice, and and yet yet is is accessible. accessible. II begin begin the the article article with with an an account account of logic that naturally to of typed typed logic that relates relates naturally to the the Automath Automath conception. conception. The The connection connection is is discussed explicitly explicitly in Section 2.12. discussed in Section 2.12.
Principia Mathematica
Principia
axioms
Principia
Principia
Principia
natural deduction
Principia. sequent calculi.
55principia Principia is is not not formal formal in in the the modern modern sense. sense. There There are are semantic semantic elements elements in in the the account account which Wittgenstein [1953,1922] Hilbert made a point of formalizing which Wittgenstein [1953,1922] objected objected to. Hilbert formalizing logic, logic, and we follow that purely purely formal follow in that formal tradition.
689 689
Types
The article article stresses stresses the the nature nature of of the the underlying underlying logical logical language language because because that that The is so so basic basic - - everything everything else else is is built built upon upon it. it. The The structures structures built built are are so so high high that that is small change change in in the the foundation foundation can can cause cause aa large large movement movement at at the the top top of of the the aa small structure. So So any any discoveries discoveries that that improve improve the the foundation foundation for for formal formal mathe mathe '1tics atics structure. are among among the the most most profound profound in in their their effect. effect. As As it it is, is, we we are are standing standing on on the the shoulders shoulders are of giants. giants. II take take the the time time in in section section 22 to to review review this this heritage heritage that that is is so so crucial crucial to to of everything else. else. everything A l g o r i t h m i c construction. c o n s t r u c t i o n . Computer Computer science science completely completely transformed transformed the the "grand "grand Algorithmic enterprise." First First it it introduced introduced computational computational procedure procedure and and procedural knowledge, enterprise." and it it gradually gradually widened the scope scope of of its its successes. It could could check check formulas formulas and and and widened the successes. It synthesize them; later later it it could check proofs proofs and and synthesize synthesize them. them. In In all all this, this, the the synthesize them; could check precision that that Godel GSdel referred referred to to reached reached new new levels levels of of mechanical precision. The The vast vast precision change of of scale scale from from processing processing aa few few hundred hundred lines lines by by hand hand to to tens tens of of thousands thousands change by machine machine ((now hundreds of of millions millions)) caused caused aa qualitative qualitative change change and and created created now hundreds by new fi fields like Automated Automated Deduction Deduction and and Formal Formal Mathematics Mathematics in in which which formalisms formalisms new elds like became usable. became usable. The success success of of procedural procedural knowledge knowledge created created the the questions questions of of relating relating it it to to declar declarThe ative knowledge, knowledge, aa question question at at the the heart heart of of computer computer science, science, studied studied extensively ative extensively in in the database database area, area, also also in in "logic "logic programming" and in in AI. It is is a a question question at at the the programming" and AI. It the ' s work heart of of AD, AD, McAllester McAllester [[1989], as is is clearly clearly seen seen in in Bundy Bundy's work on on proof plans heart 1989] , as From the the AI AI perspective, perspective, one one can can see see this this impact impact as as reintroducing reintroducing "mind" "mind" [[1991]. 1991 ] . From and "thought" "thought" into into the the enterprise enterprise McAllester McAllester [[1989]. From the the logical logical perspective perspective 1989] . From and ' s notion one can can see see this as reintroducing reintroducing the the study study of of intension and and Frege Frege's notion of of sense one this as into logic. logic. As As Jean-Yves Jean-Yves Girard Girard put put it it in in Girard, Girard, Taylor Taylor and and Lafont Lafont [[1989,p.4]: into 1989,p.4] :
procedural knowledge,
mechanical precision.
proof plans
intension
sense
"In recent recent years, during which the algebraic algebraic tradition tradition has flourished, "In years, during which the has flourished, the tradition was not of of note the syntactic syntactic tradition was not note and and would would without without a a doubt doubt have disappeared in one or two more for want want of any issue issue have disappeared in one or two more decades, decades, for of any or methodology. methodology. The The disaster disaster was was averted because of of computer computer science science or averted because y n t a x- which which posed some very very important - that that great great manipulator manipulator or or ssyntax posed some important theoretical theoretical problems." problems." Computer produced new new high high level for expressing expressing algorithms. algorithms. Computer science science produced level languages languages for These programming languages languages such such as as ML ML (for Meta LanLan These have have evolved evolved to to modern modern programming ( for Meta designed to to help help automate automate reasoning. reasoning. ML and its its proposed proposed extensions extensions have have guage) designed guage) ML and data types types that that the the type type system system resembles resembles aa constructive constructive theory theory such aa rich rich system system of of data such mathematical types. types. We discuss this this observation observation in in section section 3. 3. Our Our concern concern for for the the of We discuss of mathematical relationship between data relationship between data types types and and mathematical mathematical types types is is aa reason reason that that II will will talk talk so much about 2. so much about typed typed logic logic in in section section 2. Computer science science also also created created aa new new medium for for doing doing m mathematics the digital digital Computer a t h e m a t i c s- the This affects affects electronic medium medium now now most most visible visible through through the the World World Wide Wide Web. Web. This electronic every aspect For example, syntax can every aspect of of the the enterprise. enterprise. For example, the the "surface" "surface" or or concrete concrete syntax can be be disconnected from the abstract syntax, syntax, and we can disconnected from the abstract and we can display the the underlying underlying terms terms in in aa large large variety To take universal quantifier, variety of of forms. forms. To take aa trivial trivial point, point, the the typed typed universal quantifier, "for "for
medium
display
690 690
R. Constable Constable
all A" can : A. or all x x of of type type A" can be be displayed displayed as as ' lof(z))) as arguments arguments (writing lof(z)=~ (2of(z) (2of(z)=v lof(z))) in in Prop Prop 22 --+ Prop). Prop). For For ease will consider propositional functions ease of of analysis, analysis, we we will consider propositional functions from from the the Cartesian Cartesian power, power, Prop Prop n~,, into into Prop. Prop. The The constants constants T T and and ..1 I are are regarded regarded as as zero-ary zero-ary functions, functions, and and for for convenience convenience define define Propo Prop ~ = 11 for for 11 the the unit unit type. type. Then Then f(x) f (x) = T T and and f(x) f (x) = _l_ are are in in Propo Prop ~ --+ Prop. Prop. The propositional functions The idea idea is is to to define define the the pure pure propositional functions inductively inductively as as a a subtype subtype of of Prop Prop nn --+ --+ Prop Prop constructed constructed using using only only constant constant functions, functions, simple simple projections projections like like projI' (PI , . . . , PPn)n ) = PiPi and &, V, proj~(P1,..., and the the operations operations &, =~ lifted lifted up up to to the the level level of of functions. functions. V, => Each &, VV,, =~ can Each connective connective &, can be be lifted lifted to to the the functions functions Prop Prop nn --+ Prop, Prop, namely namely given given f f and and g, g, define define (J ( f oop p g)(P) g)(P) = f(P) f ( P ) oop p g(P) g(P) where where P 15 E E Prop Prop nn.. For For example, example, =>
=>
=>
=
--+
=
=>
--+
=
=
= ..1
--+
15Lauchli 15L~iuchli [1970] [1970] tries to express express this uniformity uniformity using using permutations. 16We 16We will will deal deal later with with the issue issue of equality equality on Prop, Prop, which which seems seems necessary necessary to talk about
functions.
701 701
Types
f(P, P h(P, (P Pn
g(P, P)).
P)
f
h
Q) = if if f ( P , QQ) ) = = P and and g(P,Q) = (Q (Q � =v P) then then f � =~ 9g is is aa function function h such such that that h(P, Q) Q) = = (P � =v (Q (Q � ::~ P)). We We can can now now define define the the general general abstract abstract propositional propositional functions functions of of n variables variables call call the class class P . as as the the inductive inductive subset subset of of Prop" -+ -+ Prop whose whose base base elements elements are are the the the constant and and projection projection functions, functions, constant
n Propn Prop (P) = T C.l CT(P) C• (P) CT p r o j ~ ( P )= - Pi Pi where where/5 ( P l1,,.. .. ..,, Pn) P , ) and and 11 :::; _ ii :::; < n. n. P = (P proji(P) Then Then given given f, f, g E E Pn P , and and given given any any lifted lifted connective connective op, op, we we have have (J ( f oop p g) g) EE Pn P,. · Nothing else else belongs belongs to to Pn. P , . When When we we want want to to mention mention the the underlying underlying type, type, we we write write Nothing n Prop).. Let 7), as as P(Prop P(Prop" ~ Prop) Let P 7~ - U U PPn; , ; these these are are the the pure pure propositions. propositions. Note Note Pn n=O n Prop) isis inductively that that P P = U U PP(Prop ( P r o p " --+ Prop) inductively defined. defined. The The valid valid elements elements of of P P are are n=O n , f(P) those functions functions f f E E P 7~ such such that that for for f f E Pn 7~, and and P 75 any any element element of of Prop Prop", f(7 )) is is those true. Call Call these these True(P) True(7)).. true. = T
= = 1-J-
9
=
oo 00
-+
117 7
=
=
oo 00
.--0
-+
n--0
E
Using these these concepts concepts we we can can express express the the idea idea of of a a uniform uniform functional functional proof. proof. The The Using simplest approach approach is is probably probably to to use use a a Hilbert style axiomatic axiomatic base. base. If If we we take take simplest Hilbert style Heyting's or or Kleene's Kleene's axioms axioms for for the the intuitionistic intuitionistic propositional propositional calculus, calculus, then then we we Heyting's can define define ProvableH(P) inductively. inductively. The The completeness completeness theorem theorem we we want want is is then then can
ProvableH(P) True(P) - ProvableH(P) Provableg(7)). . True(P) We We can can use use the the same same technique technique to to define define the the pure pure typed typed propositional propositional functions. functions. n First we we need need to to define define pure pure type type functions functions T T as as a a subset subset of of Type Type" --+ Type Type for for First We take take n n � _> 11 since since there are as as yet yet no no constant constant types types to to include. include. nn = 1,1, 2,2, .. ...... We there are An example example is is t(A, t(A, B) B) - A A x x B B.. Next Next we we define define the the typed typed propositional propositional functions functions An pp": t(T) t(T) --+ -+ Prop. Prop. =
=
-+
=
In general general we whose inputs inputs are are n-tuples In we need need to to consider consider functions functions whose n-tuples of of the the type type
(tl (T) Prop) (tn(T) Prop) and whose We do topic further further here, but when we and whose output output is is aa Prop. Prop. We do not not pursue pursue this this topic here, but when we (tl(T)--~ -+ Prop) •x . . . •x (t,(T) ~ -+ Prop)
examine the the proof for typed we will will see see that it offers offers aa simple examine proof system system for typed propositions propositions we that it simple way to provide abstract for pure pure typed typed propositions that use rules for for the way to provide abstract proofs proofs for propositions that use only only rules the connectives and quantifiers - say say a a pure proof. There There are are various various results results suggesting suggesting connectives and quantifiers that if if there any proof These that there is is any proof of of these these pure pure propositions, propositions, then then there there is is aa pure proof. These for this typed version version of of the the predicate predicate calculus. calculus. We not are completeness results for are this typed We will will not prove them prove them here. here.
pure proof
completeness results
pure proof
2.4. ormulas 2.4. FFormulas P r o p o s i t i o n a l ccalculus. a l c u l u s . Consider Propositional Consider first first the the case case of of formulas formulas to to represent represent pure propositions. propositions. The The standard standard way to do do this this is is to to inductively inductively dede the way to the pure fine The base base case case includes includes fine aa class class of of propositional formulas, PropFormula. The
propositional formulas, PropFormula.
17Since we do not not study study any mapping of formulas to pure propositions, not worried about propositions, I have not relating elements of Pn Pn and Pro, Pm , n < m, m , by coherence conditions.
R. Constable Constable R.
702 702
Constants {T, ..l}, Variables {P, Q, R, PI , QI,R1, } . F, G PropFormulas, (F G) , (F G) , (F G) . PropFormula. F, PI , . . . , Pn n P PropFormulasn , (Propn Prop) IPi] = proj~ projj [Pi] [F] && i[G] G)] = [F] [(F && G)] I(F al G)] = [FI [(F vV G)] [F] vV [G] [G] [(F [G].] . [[(F ( F ==> ~ GG)] ) ] = I[FJ F I ==> ~iG For variable P Pi,i , corresponds the projection projection function proj~(P) = Pi. For each each variable corresponds to to the function projj(P) Pi. Say Say valid iff [F] isis aa valid valid pure pure proposition. proposition. that FF is that is valid iff IF]
the propositional propositional constants, constants, Constants --= {T, _L}, and and propositional propositional variables, variables, the These are are propositional propositional formulas. formulas. The The Variables = These = {P, Q, R, P1, Q1, R1, . . .}. inductive case case is is inductive If F, G are are PropFormulas, then then so so are are (F & G), (FVV G), and Nothing If and (F =~ => G). Nothing else is is aa PropFormula. else We can assign assign to to every every formula formula aa mathematical mathematical meaning meaning as as aa pure pure proposition. proposition. We can Given aa formula be the the propositional propositional variables variables occurring occurring in in itit (say (say let P 1 , . . . , Pn be formula F , let Given be the the vector vector of of them. them. Define Define aa map map from from n variable variable ordered from from left left to to right); right); let let t5 be ordered into (Prop ~ -+ Prop) inductively inductively by by propositional formulas, formulas, PropFormulasn, into propositional . • •
=
Boolean formulas. If consider aa single-valued single-valued relation relation from propo B o o l e a n vvalued a l u e d formulas. If we we consider from propositions to their truth values, taken as Booleans, Booleans, then then we an especially simple sitions to their truth values, taken as we get get an especially simple B (P, tt) . la == {tt, ff} and and let let BB :Prop xx ]B la -+ that P {:} semantics. Let Let ]B semantics. -~ Prop such such that r B In classical classical mathematics mathematics one one usually usually assumes of aa function like like b, In assumes the the existence existence of say b : P r o p --+ ]B where in lB. But since since b is not a a computable say -+ la where P r{:} b(P) -= tt in la. But is not computable function, of describing the situation be used used in in constructive function, this this way way of describing the situation would would not not be constructive mathematics. Instead Instead we we could talk about about "decidable "decidable propositions" propositions" or mathematics. could talk or "boolean "boolean propositions. propositions.""
b : Prop
{tt, ff} : Prop P b(P) tt
Prop
b
P (P, tt). function b ,
BoolProp v) :" Prop l P r (v in Jan BoolProp = = {(P, { (P, v) Prop x x la IBIP (v = tt tt in ]B)} Then there there is Then is a a function function b b E E BoolProp BoolProp -+ la ]~ such such that that P P r (b(P) ( b(P) = tt tt in in la) ]IS).. If If we we interpret interpret formulas formulas as as representing representing elements elements of of pure pure boolean boolean propositions, propositions, then la. An then each each variable variable P; Pi denotes denotes an an element element of of B. An assignment assignment a a is is aa mapping mapping of of variables into into la, is, an la. Given variables ]B, that that is, an element element of of Variables Variables -+ ]~. Given an an assignment assignment a a we we can can compute compute aa boolean boolean value value for for any any formula formula F. F . Namely Namely Value(F, Value(F, a) a) = if if F F is is aa variable, variable, then then a(F) a(F) if if F F is is (F (F1l Oop then Value(F Value(F1,1 , a) a) bop bop Value(F Value(F2, 2 ' aa)) P FF2)2 ) then where corresponding to where bop bop is is the the boolean boolean operation operation corresponding to the the propositional propositional operator operator op op ==
{:}
=
{:}
-+
=
in in the the usual usual way, way, e. e. g. g.
P P
tt tt ff ff tt tt ff ff
Q
tt tt tt ff ff ff ff
Q PP ~=>b bQQ Vb Q PVb P P &b &b Q P tt tt ff ff ff ff ff ff
tt tt tt tt tt tt ff ff
tt tt tt tt ff ff tt tt
=
703 703
Types
Typed formulas. To To define define typed typed propositional propositional formulas, formulas, we we need need T y p e d ppropositional r o p o s i t i o n a l formulas. the notion notion of of aa type type expression, expression, aa term, term, and and aa type context because because formulas formulas are are built built the in in aa type type context. context. Then Then we we define define propositional propositional variables variables and and propositional-function propositional-function variables which which are are used used along along with with terms terms to to make make atomic atomic propositions propositions in in aa context. context. variables From these From these we we build build compound compound formulas formulas using using the the binary binary connectives connectives &, &, V, V, =~, => , and and We let let op denote denote any any binary binary connective connective and and the typed quantifiers Vx:A, 3 x ::AA. . We the denote either either of of the the quantifiers. quantifiers. Qx:A denote
type context
typed quantifiers \Ix : A, ::Ix op Qx: A type variables, variables, then then Ai Ai are are type type expressions. expressions. Type expressions. Let Let A1, AI, A2,... A2 , bebe type T y p e expressions. TI, T2 T2 are are type type expressions, expressions, then then so so is is (TI T2 ). If T1, If (T1 x T2). • . •
Nothing else else is is aa type type expression expression for for now. now. Nothing
Xl, X2 ,
terms.
Terms. Let Xl, x2,.., . . . be be individual individual variables variables (or (or element element variables); variables); they they are are terms. T e r m s . Let If If s, t are are terms, terms, then then so so is is the the ordered ordered pair pair (s, t). Nothing Nothing else else is is aa term term for for now. now.
s, t
(s, t).
Xi, i type assumption
Tl, . . . , Tn Xi typing context.
. ,n
are type type expressions and xi, i = are Typing If T1,...,T~ are T y p i n g ccontexts. o n t e x t s . If expressions and = 11,, .. . .. , n are individual variables, variables, then then xi :: Ti 1'; is and the the list list distinct individual is aa type assumption and is aa typing context. We let T, T', Tjj 7j denote denote typing typing contexts. contexts. xl :T1,... ,x~ :T~ is We let T, T',
distinct Xl : Tl, . . . , Xn : Tn
T y p i n g judgments. j u d g m e n t s . Given can assign assign types types to to terms terms built Typing Given aa typing typing context, context, T, T, we we can built the variables the context. context. The The judgment judgment that that term type T in in context from the from variables in in the term t has has type context T writing T is is expressed expressed by by writing T T ~f-t E T .
t
T
t E T.
t,
second-order
we need need to to be explicit about about the the variables variables of of TT and use aa second-order If If we be explicit and t, we we use variable t[xl,..., xn] and and write write
variable t[XI, . . . , xnJ
Zl : T ~ , . . . , z , :T, ~- t[z~,... ,z,] ~ T
t
When When using using aa second-order second-order variable variable we we know know that that the the only only variables variables occurring occurring in in t are variables of are xi. We We call call these these variables of t free variables. Later, we Later, we give give rules rules for for knowing knowing these these judgments. judgments. Just Just as as we we said said in in section section 2.2, 2.2, it be noted that t E T is it should should be noted that is not a proposition; it it is is not an an expression expression that that has has truth value. value. We ordered pair We are are saying saying what what an an ordered pair is rather rather than than giving giving a a property property aa truth of it. So is giving telling us of it. So the the judgment judgment t E T is giving the the meaning meaning of of t and and telling us that that the the expression expression t is is well-formed or or meaningful. meaningful. In In other other presentations presentations of of predicate predicate logic logic these these judgments judgments are are incorporated incorporated into into the the syntax syntax of of terms, terms, and and there there is is an an algorithm algorithm to to check check that that terms terms are are meaningful meaningful before before one one considers considers their their truth. truth. We We want want aa more more flexible flexible approach approach so so that that typing typing judgments judgments need need not not be be decidable. decidable. We . . . denote We let let P1, P2,... denote propositional variables, writing writing Pi E Prop, for for proposi propositional tional function function variables, variables, writing writing Pi E (T -+ -4 Prop) for for T aa type type expression. expression. If If T T ~f- t e T and and P e (T -+ --+ Prop), then then P(t) is is an an atomic formula in the Note, we context T T with with the the variables variables occurring occurring in in t free; it it is is an an instance of of P. Note, we abbreviate abbreviate P ( ( t l , . . . , tn)) by by P(tl,... ,tn). If If t is is aa variable, variable, say say x, then then P ( x ) i is s
Xi.
t free variables. t E T not a proposition; not is tET t t well-formed
PI, P2 , propositional variables, Pi E Prop, Pi E (T Prop) T t E T P E (T Prop) , P(t) atomic formula in the context t free; instance P. P ((tl , . . . , tn )) P(tl, . . . , tn ) . t x, P(x)
704 704
R. Constable Constable
arbitrary instance arbitrary value P Pi E Prop, G op Qx: A (F G) (F op opG)
x.
an arbitrary instance or or arbitrary value of of P with with free free variable variable x. A A propositional propositional an variable, variable, Pi E Prop, is is also also an an atomic atomic formula. formula. If T,, and If F F and and G are are formulas formulas with with free free variables variables X, x, fj y respectively respectively in in contexts contexts T and if er, then if op is is a a connective connective and and Qx:A a a quantifi quantifier, then
immediate subfor
is {x} U {fj} in is a a formula formula with with free free variables variables {~} U (~} in context context T T and and with with immediate subforand G; mulas F F and
mulas
G;
Qv :T.F Qv:T.F is : A removed; is a a formula formula in in context context T' 7" where where T' 7" is is T T with with vv:A removed; this this formula formula has has leading leading binding operator operator Qv Q v :: AA with with binding binding occurrence occurrence of of vv whose whose scope scope is is F F ,, and and its its free free binding variables and all all free in F variables are are {x} {~} with with vv removed, removed, and free occurrences occurrences of of vv in F become become bound bound by is F. by Qv Qv :: A; A; its its immediate immediate subformula subformula is F. A A formula formula is is closed closed iff iff it it has has no no free free variables; variables; such such a a formula formula is is well-formed well-formed in in an an empty empty context, context, but but its its subformulas subformulas might might only only be be well-formed well-formed in in a a context. context. A A subformula subformula G G of of a a formula formula F F is is either either an an immediate immediate subformula subformula or or aa subformula subformula of of aa subformula. subformula.
PI : A Prop, P2 : B Prop, P3 : A B 3y:B. P3(x, P3(x,y) ~ (�x:A. (3x:A. PI(x) P~(x) & & �y 3y :: B. B. P P2(x))) x:A. �y:B. y) ::::} 2 (x))) (\l(Vx:A. is A. �y: B. P3(x, is a a closed closed formula. formula. \Ix: Vx:A. 3y:B. P3(x, y) y) is is an an immediate immediate subformula subformula which which is is also also closed, but B. P3(x, y) isis not A; this closed, but �y: 3y:B. P3(x, y) not closed closed since since it it has has the the free free variable variable x: x:A; this latter latter formula A. formula is is well-formed well-formed in in the the context context x: x:A. The The atomic atomic subformulas subformulas are are PI(X), P~(x), P P2(Y), and P3((x P3((x,, y)) y)) which which are are formulas formulas in in 2 (y), and the (x, y) EE AA x BB isis used the context context x:A, x:A, y:B, y:B, and and the the typing typing judgment judgment x:A, x:A, y:B y : B fF- (x,y) used to (x, y))). to understand understand the the formation formation of of P3(x, P3(x, y) y) (which (which is is an an abbreviation abbreviation of of P3( P3((x, y>)).
Examples. for P1 : A -+ E x a m p l e s . Here Here are are examples, examples, for --+ Prop, P2 : B -+ --+ Prop, P3 : A x B -+ --+
Prop. Prop.
2.5. 2.5. Formal F o r m a l proofs proofs
There are many ways to to organize e. g. g. natural There are many ways organize formal formal proofs proofs of of typed typed formulas, formulas, e. natural deduction, the deduction, the sequent sequent calculus, calculus, or or its its dual, dual, tableaux, tableaux, or or Hilbert Hilbert style style systems systems to to name aa few. choose aa sequent calculus presented presented in name few. We We choose sequent calculus in a a top-down top-down fashion fashion (as (as with with tableaux) tableaux).. We We call call this this a a refinement logic (RL). (RL). The The choice choice is is motivated motivated by by the the advantages advantages sequents sequents provide provide for for automation automation and and display. display, 1is8 Here Here is is what what aa simple simple proof proof looks looks like like for for A E Type, P E A -+ --+ Prop; only only the the relevant relevant hypotheses hypotheses are are mentioned rst time mentioned and and only only the the fi first time they they are are generated. generated.
refinement logic A E Type, P E A Prop;
HOL; PVS uses 18This lSThis is the mechanism mechanism used used in Nuprl Nuprl and HOL; uses multiple conclusion conclusion sequents.
705 705
Types Types
1. 11.1 .1 11.1.1 .1.1
Vx": A. (Vy": A. P ( y ) => =v 3x 3x :" A. A. P(x)) P(x)) A. P(y) f-F- Vx A. (Vy Vy": A. A. P ( y ) =v 3x 3 x " : A. P(x) xx": AA f-F- Vy P(y) A. P(x) P(y)) ff :" (Vy (Vy :" A. A. P ( y ) ) fF- 3x 3x :" A. A. P(x) P(x) P ( x ) fF- 3x 3x :" A. A. P(x) P(x) ll :" P(x) f-F- P(x) P(x) 11.1.1.1 .1.1.1 1.1.1.2 1.1.1.2 f-~ xx EE AA f-t - xxEEA A =>
11.1.2 . 1 .2 The The schematic schematic tree tree structure structure with with path path names names is is
by by VR VR by by =>R =~R by VL f iwith byV L oon nfw thx
x
3R x by by hyp hyp ll by by hyp hyp x x by by hyp hyp x x
by by 3R with with x
f-F-GG I 1. GI 1. HI H1 ft-G1 I 1.1 1.1 H H22 fF- G G22 // \\ 11.1.1 . 1 . 1 H3 11.1.2 . 1.2 H //3 fF- G G22 //22 fF- G3 G3 // \\ 11.1.1.2 . 1 . 1 .2 H3 11.1.1.1 . 1 . 1 . 1 H3 /-/3 fF- G4 G4 /-/3 fP G3 G3 Sequents. S e q u e n t s . The The nodes nodes of of a a proof proof tree tree are are called called sequents. sequents. They They are are aa list list of of hypotheses hypotheses separated separated by by the the assertion assertion sign, sign, ft- (called (called turnstile turnstile or or proof proof sign) sign) followed followed by by the the conclusion. conclusion. A A hypothesis hypothesis can can be be a a typing typing assumption assumption such such as as x x ::AA for for A A aa type type or or aa labeled labeled assertion, assertion, such such as as ll:: P(x) P ( x ) . . The The label label l1 is is used used to to refer refer to to the the hypothesis hypothesis in in the the rules. rules. The The occurrence occurrence of of x x in in x x ::AA is is an an individual individual variable, variable, and and we we are are assuming assuming that an object that it it is is an object of of type type A. A. So So it it is is an an assumption assumption that that A A is is inhabited. inhabited. Here Here is is aa sequent, sequent,
Xlxl :" HI, G H 1 , .. ... ., x, X ~ n :" H H~n fF-G Hi Xi
Xi
where type and where H~ is is an an assertion assertion or or a a type and xi is is either either aa label label or or a a variable variable respectively. respectively. The The xi are are all all distinct. distinct. G is is always always an an unlabeled unlabeled formula. formula. We We can can also also refer refer to to the the hypothesis hypothesis by by number, number, 11 .. ... .n , and and we we refer refer to to G as as the the O-th 0-th component component of of the the sequent. sequent. We We abbreviate abbreviate a a sequent sequent by by fI /~ ~ G for for fI /~ = = (xl " H 1 , . . . ,x~" H~); sometimes sometimes we we write write x9 9fI F- G.
G
: f- G.
n,
f- G
G
(Xl : HI, . . . , Xn : Hn ) ;
Rules. R u l e s . Proof Proof rules rules are are organized organized in in the the usual usual format format of of the the single-conclusion single-conclusion sequent sequent calculus. appear in table shortly. explain now this table. calculus. They They appear in a a table shortly. We We explain now some some entries entries of of this table. There There are are two two rules rules for for each each logical logical operator operator (connective (connective or or quantifier) quantifier).. The The right
right
Constable
R. Constable R.
706 706
rule
for an an operator operator tells tells how how to to decompose decompose aa conclusion conclusion formula formula built built with with that that rule for for an an operator operator tells tells how how to to decompose decompose such such aa formula formula operator, and and the the left rule for operator, when itit isis on on the the left, left, that that isis when when itit isis aa hypothesis. hypothesis. There There are are also also trivial trivial rules rules for for when the constants constants TT and and _1_ .1. and and aa rule rule for for hypotheses. hypotheses. So So the the rules rules fit fit this this pattern pattern and and the are named named as as shown. shown. are
left rule
Left Left & &
V V
=> V :J 3 T T .1. _L
Right Right
&R &R vRI vRI VRr vRr =>R =>R VR VR 3R :JR TR TR
&LL & vL vL ~=>L L VL VL :JL 3L -
-
.1.L _kL
hyp Xi
Hi by HI, by hyp xi Xl :" H Xl 1 , .. ... . ,, xXnn ": /Hn I n IF Hi lL =~L is is similar to the the famous famous modus ponens rule rule usually usually written written as as
left
ex falso libet any
t modus ponens
A A AA ~ B=> B B B In In top top down down form form it it would would be be A, A~=> by =>L ~L A,A B FBB I- B by A, A, B B FI-BB A A FI-AA Some Some of of the the rules rules such such as as VL VL and and :JR 3 R require require parameters 9 For For example, example, to to decompose decompose Vx :: T.P(x) T.P(x) as as aa hypothesis, hypothesis, we we need need aa term term t E E T T.. So So the the rule rule is is VL VL on on t. For For Vx : T. P(x) 3x:T. P(x) as as aa goal, goal, to to decompose decompose it, it, we we also also need need aa term term tt E E Tj T; the the decomposition decomposition :Jx generates generates the the subgoal subgoal P(t) P(t)..
parameters. t
t.
707 707
Types
Pv -.P
-.-.P P proof
Magic rule. These These rules rules do do not not allow allow us us to to prove prove the the formula formula PV-,P nor nor ~--P =~ =:} P M a g i c rule. nor nor any any equivalent equivalent formula formula.9 If If we we add add one one of of these these formulas formulas as as an an axiom axiom scheme scheme by then we we can can prove prove the the others. others. We We can can also also prove prove them them by by adopting adopting the the proof by then rule contradiction rule H H t- P by by contradiction 1-..1 H H,, - - P F-_L
contradiction
I- P contradiction -. P -.P My base arguments these formulas axiom scheme scheme P P VV --P My preference preference is is to to base arguments for for these formulas on on the the axiom called the the law law of excluded middle middle because because these these arguments arguments have have aa special special status status in in called of excluded
relating logic logic to to computation computation and and because because this this law law is is so so important important in in philosophical philosophical relating foundational discussions. discussions. In In the the organization organization II adopt, adopt, this this is is the the only only rule rule which which and and foundational does sequent pattern does not not fit fit the the sequent pattern and and itit is is the the only only rule rule not not constructively constructively justifiable justifiable as we we will will see see later. later. II sometimes sometimes call call the the rule rule "magic" "magic" based based on on the the discussion discussion of of as justification to to follow. follow. justification Justifications. rule names names and and parameters parameters to important J u s t i f i c a t i o n s . The The rule to them them make make up up aa very very important part of the the proof called the of the step. We think of the part of proof called the justification of the inference inference step. We can can think of the justifi cation as an operator on sequents which which decomposes decomposes the into aa justification as an the goal goal sequent sequent into subgoal sequents. This format for for the the justification justification reveals reveals that that role graphically. subgoal sequents. This format role graphically.
justification operator on sequents x : H I1.Hl I-
2"H~GG G1 1.H1 ~ GI
r(x; t)
by by r(2; t-)
k.H~ F- Gk
For example For example
HH I~- (P (P V V Q) Q) by by vRl VRl 1.H I- P 1.HF-P _
The labels of The justification justification takes takes the the variables variables and and labels of x 2 plus plus some some parameters parameters tt and and
generates generates the the k k subgoals subgoals H Hii IF- G Gi. The hypothesis hypothesis rule rule generates generates no no subgoals subgoals and and so so i . The
terminates terminates a a branch branch of of the the proof proof tree. tree. Such Such rules rules are are thus thus found found at at the the leaves. leaves. By By putting putting into into the the justifications justifications still still more more information, information, we we can can reveal reveal all all the the links links between between a a goal goal and and its its subgoals. subgoals. To To illustrate illustrate this this information, information, consider consider the the =:} &LL rule. =v L L rule rule and and the the & rule.
H, [I, ff :" (P (P =:} ~ Q), Q), J J I~- G G by by =:} =rL on o n ff 1. I-~ P 1. H, [ t , ff " (P (P =:} ~ Q), Q),J J P 2. 2. H, [ - If, f ': ((P P ~ Q), Q ) , J, J , yy:Q ' Q I~- G G :
=:}
H,pq - G by H, pq": P P& &Q Q IFby &L &L H,pq:P Q,p:P, q:Q, jJ I-F-G H, pq.P & &.Q,p.P,q.Q, _
708 708
R. Constable R.
y,
If If the the =~ * RR justification justification provided provided the the label label y, then then all all the the information information for for genergener ating ating the the subgoal subgoal would would be be present. present. If If the the &L &L rule rule provided provided the the labels labels p, p, q then then the the data isis present present for for generating generating its its subgoals subgoals as as well. well. So So we we will will add add this this information information to to data form aa complete justification. form Notice Notice that that these these labels labels behave behave like like the the variable variable names names xi Xi in in the the sense sense that that we we can can systematically systematically rename them them without without changing changing the the meaning meaning of of aa sequent sequent or or aa justification. They They act act like like bound variables in in the the sequent. sequent. The The phrase phrase new new u, u, v v in in aa justification. justification allows allows us us to to explicitly explicitly name name these these bound bound variables. variables. justification
complete justification. rename bound variables
rules. Sequents Sequents as as defined on lists of formulas, formulas, so so SStructural t r u c t u r a l rules. defined here here are are based based on lists of the rules rules for for decomposing decomposing on on the the left must refer to the the position position of of the the formula. formula. the left must refer to This is is indicated indicated by by supplying supplying aa context context around the formula, formula, typically typically of of the the form form This around the H, fl, x ' FF,, JJ FI-- G. G . The The cut rule rule specifies specifies the the exact exact location location at at which which the the formula formula is is to to does the the same. same. be introduced introduced into into aa hypothesis hypothesis list, list, and and thin does be By combining applications applications of can be moved (exchanged) By combining of cut and and thin, hypotheses hypotheses can be moved (exchanged) or contracted. contracted. The The so-called so-called structural rules are are included included among these rules. or among these rules.
x:
cut
thin cut thin, structural rules
2.6. PProof 2.6. r o o f eexpressions x p r e s s i o n s and a n d ttactics actics C o m p l e t e justifications. j u s t i f i c a t i o n s . If If there there is enough information information in genComplete is enough in aa justification justification to to gen erate the subgoals, subgoals, then the tree tree of of justifications justifications and and the the top top goal goal can can generate erate the then the the whole proof. Moreover, Moreover, the the tree tree of of justifications be combined combined into into aa single the whole proof. justifications can can be single "algebraic describing the the whole tree stripped "algebraic expression" expression" describing whole proof. proof. Indeed, Indeed, the the proof proof tree stripped of of the sequents sequents is just aa parse parse tree tree for for this this expression. expression. the is just If we we present present the the rules rules annotated annotated If the justifications justifications in in the the right right way way we we can can read read the (c.f. Reps by by them them as as an an attribute grammar (c.f. Reps and and Teitelbaum Teitelbaum [1988] [19SS],, Reps Reps [1982], [1982], Griffin Griffin [1988a]) [1988a]) for for generating generating an an expression expression describing describing the the proof proof called called aa proof the case case of the =~L *L and let p and expression. Consider Consider the of the and &L &L rules rules again. again. Suppose Suppose we we let and 9 subgoals, then g denote denote proof proof expressions expressions for for the the subgoals, then
generate
attribute grammar
proof p
expression.
Gbby x5c": fl, H, f f :" (P (P * =~ Q), Q), J J I-t-G y *L =~L on on f f I-- P by P by p(x) p(~)
-, y :
g(x, y) g(x, y)
by --, y " Q Q I-~- G G by g(~, y) If If we we think think of of the the proof proof expressions expressions p(x) p(~) and and g(~, y) as as being being synthesized up up from from the subtrees, then the subtrees, then the the complete complete proof proof information information for for the the goal goal sequent sequent is is
synthesized
*L with new =~L on on f f from from p(x) p(~) and and from from g(x, g(~, y) y)with new yy
y
Organizing Organizing this this into into aa more more compact compact expression expression and and recognizing recognizing that that y is is aa new new bound bound variable, variable, aa suggestive suggestive expression expression is is
*L(Jj =~L(f; p(x) p(~);j yy .g(x, .g(~, y)) y))
709 709
Types
g x,
bound label
Here . ( y) y) to Here we we use use the the "dot "dot notation" notation" y y.g(2, to indicate indicate that that yy is is aa new new bound label in in the proof proof expression expression g(2, y) y).. The The dot dot notation is used used with with quantifiers quantifiers as as in in \Ix Vx:A. F notation is : A. F the to : A from to separate separate the the binding binding operator operator \Ix Vx:A from the the formula formula F F .. Likewise, Likewise, in in the the lambda lambda notation, A A(x.b), the dot dot is is used used to to indicate indicate the the beginning beginning of of the the scope scope of of the the binding binding notation, x ) , the of of x x.. In In the the case case of of &L &L,, the the rule rule with with proof proof expressions expressions looks looks like like
g(x,
( b .
H, zz'P&Q G by by &L &L in in zz with with new new u, u, vv : P&Q }- G x5c": ii, 2" H, u:p, u'P, v:Q v'Q f~G G by by g(x, g(2, u, u, v) v) x:ii, f-
A A compact compact notation notation is is
&L(z; u, v. g(x, u, v))
u, v
Here Here u, v are are new new labels labels which which again again behave behave like like bound bound variables variables in in the the proof proof expression. expression. The will be be the The justification justification for for P V V ~ P will the term term magic(P). This This is is the the only only justification justification term term that that requires requires the the formula formula as as aa subterm. subterm. With logic as With this this basic basic typed typed predicate predicate logic as aa basis, basis, we we will will now now proceed proceed to to add add specific types, lists, functions, number of of specific types, namely namely natural natural numbers, numbers, lists, functions, sets sets over over aa aa number type, type, and and so-called so-called quotient quotient types. types. Each Each of of these these shows shows an an aspect aspect of of typed typed logic. logic. Note, Note, in in these these rules rules we we are are presupposing presupposing that that P, Q, and and the the formulas formulas in in ii /~ are are well-formed according to well-formed according to the the definition definition of of a a formula formula and and that that the the type type expressions expressions are are also accordance with also well-formed well-formed in in accordance with the the typing typing rules. rules. As As we we introduce introduce more more types, types, it typing judgments it will will be be necessary necessary to to incorporate incorporate typing judgments as as subgoals. subgoals. The The Nuprl Nuprl logic logic of of Constable al. [1986] relies on subgoals from Constable et et al. [1986] relies on such such subgoals from the the beginning beginning so so that that the the caveat caveat just stated stated for this table just for this table of of rules rules is is unnecessary unnecessary there. there.
P op
magic(P) .
P, Q,
Tactics. Tactics. Complete Complete justifications justifications will will generate generate the the entire entire proof proof given given the the goal goal formula formula because because the the rule rule name, name, and and labeling labeling formation formation and and parameters parameters are are enough enough data data to to generate generate subgoals subgoals from from the the goals. goals. So So the the subgoals subgoals are are computable computable from from the the part part of cation that of the the justifi justification that does does not not include include the the proof proof expression expression for for the the subproofs subproofs to automate (the (the synthesized synthesized expressions). expressions). This This fact fact suggests suggests aa way way to automate interactive interactive proof generation. Namely, proof generation. Namely, a a program program called called aa refiner, takes takes aa goal goal and and aa complete complete justification justification and and produces produces the the subgoals. subgoals. Nuprl Nuprl works works this this way. way. Nuprl and Wadsworth Nuprl also also adapts adapts tactics tactics from from LCF LCF (Gordon, (Gordon, Milner Milner and Wadsworth [1979]) [1979]) into notion of into the the proof proof tree tree setting setting to to get get aa notion of tactic-tree proof (Allen (Allen et et al. al. [1990], [1990], Basin Basin and and Constable Constable [1993], [1993], Griffin Griffin [1988b]). [1988b]). In In this this setting setting the the justifications justifications are are called primitive primitive refinement combined using using procedures called refinement tactics. tactics. These These can can be be combined procedures called called tacticals. For For example, example, if if a a refinement refinement ro generates generates subgoals subgoals G1,..., Gn when when applied applied to sequent then the compound refinement tactic written THENL to sequent Go, then the compound refinement tactic written ro T H E N Lh [ r l;; .. ... . ;;rn]] executes executes ro, then then applies applies ri to to subgoal subgoal Gi generated generated by by ro. There are many tacticals (c.f. Jackson [1994a] , Constable et al. [1986]); There are many tacticals (c.f. Jackson [1994a], Constable et al. [1986]); two two basic REPEAT. The ORELSE tactical basic ones ones are are ORELSE ORELSE and and REPEAT. The ORELSE tactical relies relies on on the the idea idea that that refinement might might fail fail to to apply, apply, as as in in trying trying to to use use &R &R on on an an implication. implication. In In aa refinement to decompose ro ORELSE ORELSE r l , if if ro fails fails to decompose the the goal, goal, then then rl is is applied. applied.
refiner,
tactic-tree proof
tacticals.
To
Go, ro,
r1 , ro
Ti
To Gi
ro.
T1
G1 , . . . , Gn To
rn
710 710
R. R. Constable Constable
Table T a b l e of o f justification j u s t i f i c a t i o n operators operators Right(R) Right(R)
Left(L) Left(L)
H, xx'P&Q, by &L(xj &L(x;u, . g(u , v)) u, vv.g(u,v)) f- G by : P&Q, JJ~-G fl, fI, xx": P&Q, P&Q, uu :"P, P, vv :"Q Q,, JJ f-F-G G by by g(u g(u,, v) v) 1.1. fl,
&
v
i-I, xx ': P , JJ Ff-- G bby y VL(Xj VL(x;u. gl(u);v, gr(v)) (v)) (U)j V . gr U . g, PVVQQ, fl, i-I, xx ': P Q,u'P, JFG by by g, gt(u) (U) f- G u : P, J PVv Q, 1.1. fl, i-I, x ': P Q,v'Q, JFG by by gr gr(v) (v) f- G PVv Q, 2. fl, v : Q, J
fl f-b P&Q P&Q by by &R(Pj &R(p; q) q) P fl f-F-P 1.1./~ P by byp 2.2 . fl / L f-b QQ by by qq fl /~ f-F-P P vV Q Q by by VR1(P) Vnl(p) fl f-F-P 1.1./~ P by bypP fl /~ f-~-P P vV Q Q by by VRr(q) VRr(q) f- Q by 1. 1 . fl /~Q by qq
:}
/L, xx": P P :} =~ Q, J ,7 f-F- G by :}L(xj =~L(x;pj p; yy.. gg(y)) (y)) fl, 1. fl, [I, x ': PP :} =~ Q, J j f-F-P P by P p 2./~, P :} =~ Q, J, J, yy'Q by g(y) : Q f-F- G by fl, xx": P 2.
fl /~ f-I- P P :} =~ Q Q by by :}R(x. =~R(x. q(x)) q(x)) P f-b Q fl, H, xx :: P Q by by q(x) q(x)
'V
i-I, xx": 'Vz Vz:A.P(z), JF-f- G by 'VL(xj VL(x;a;y.g(y)) aj y. g(y)) : A. P(z), J fl, [-I, x" Vz'A. P(z), J J f-F-a EG A A 1.1. fl, : A. P(z), x: 'Vz 2. fl, H, x x": 'Vz Vz'A. P(z), J, J, yy'P(a) F- G by by g(y) : P(a) f: A. P(z),
p(z)) new : A.P(z) by fl [-I f-F-'Vz Vz'A.P(z) by 'VR(z. VR(z.p(z)) new w w fl, i-I, w w": A A f-~- P(w) P(w) by by p(w) p(w)
3
i-I, x x": 3z 3z": A. P(z), 3L(xj u, f- G by 3L(x; P(z), jJ Fg(u , v)) u, v. v . g(u, fl, new new u, u, v by g(u,v) H, G by J f- G g(u , v) 3z :A. P(z), u:A,v'P(u), x : 3z'A.P(z), fl, x" u : A, v : P(u), JF-
3R(ajp) by 3R(a; P(z) by fl f-~- 3z 3z": A. A. P(z) p)
/~, f- G any (x) by any(x) .1, JJ ~x: _l_, G by fl, x"
f- T true fl Fby true T by /~
.1 T
i
f- Hi Hi xXll ' :HHl 1 ,,... .. ,. x, xn n ' H: Hn n F-
H~ Hi
11.. fl H Ff-- a EEAA by pp P(a) by f- P(a) fl F2. H 2.
by hyp Xi ii == 1,..., 1, . . . , nn hYP xi by distinct) are distinct) (recall xi Xi are (recall
cut cut
c) /~, cut(x.g (x)j c) by cut(x.g(x); fl, jJ bf- G G by i-I, g(x) by g(x) G by x : C, JJ bf- G fl, x'C, [-I, yc c fl, JJFf-' CCb by
@ ii C@ Assert C Assert J. in fl, J. locates CC in/~, where ii locates where
thin thin
[-I, by g9 G by f- G x : P, JJ Ffl, x'P,
Thin ~@ ii Thin in fl, J.J. locates xx-:PP in/~, where ii locates where
[-I, b yby g 9 fl, JJbf-G G
Magic: Magic:
H magic(P) by magic(P) ..,p by f- PPVV --,P H ~-
711 711
Types
We We will will use use tacticals tacticals to to put put together together compound compound justifications justifications when when the the notation notation seems seems clear clear enough. enough. 2.7. 2.7. Natural N a t u r a l numbers numbers
One One of of the the most most basic basic mathematical mathematical types types is is N, IN, the the natural natural numbers. numbers. This This type type is formed formed by by the the rule rule H H fF- N IN E E Type. Type. The The type type is is inductively inductively defined defined by by the the rules rules is which which say say that that 00 E E N, IN, and and if if n n E E N IN then then suc(n) suc(n) EE N. IN. The The typing typing judgments judgments we we need need are are H tIN H f- 0O EE N
type_of_zero
H fF- suc( suc(n) IN type_of..successor type_of_successor H n) EE N H H Ff-- nnEEI NN
To ned we To express express the the fact fact that that N 1N is is inductively inductively defi defined we use use the the rule rule of of mathematical mathematical induction. In induction. In its its unrestricted unrestricted form, form, this this essentially essentially says says that that nothing nothing else else is is aa member member of of N IN except except what what can can be be generated generated from from 00 using using suc. suc. But But the the form form of of the the rule rule given given here does not all propositional here does not quantify quantify over over all propositional functions functions on on N, IN, so so it it is is not not aa full full statement statement of of the the principle. principle. Suppose Suppose P P": (N (IN x • A) A) -t ~ Prop, Prop, then then
(u, i, x)) po; u, i, p. P(n,~) by ind(n; ind(n;po;u,i, p,(u,i,~)) : N f-F- P(n, x) by x~'[-I, : H, nn'iN x~'H,n'IN : H, n : N f-F- P(O) P(O) by by Po Po x) by u, x) . (u, i,i, x) i-I, n n": N, IN, u" iN, ii": P( P(u, ~) fF- P(suc(u) P(suc(u), , ~) by p ps(u, ~) x~ :"H, u : N, _
Arithmetic. A r i t h m e t i c . When When we we display display proofs proofs of of arithmetical arithmetical propositions, propositions, we we will will assume assume that automatic proof proof procedure procedure which will prove quantifier free that there there is is an an automatic which will prove any any true true quantifier free conclusion and < So for conclusion in in a a sequent sequent involving involving 0, 0, suc(n) suc(n),, + +,, - , ., , * , = - and i: one wrote wrote phrases phrases like like "the "the function function sin(x) in x x or or eX e x in in x x". Russell's Ck,, 's lambda and lambda notation, notation, A)~x.e x.ex~ ,, brought brought flexibility notation, creating and Church Church's flexibility to to the the notation, creating aa indicate the single name binding operator single name for for the the function function with with a a binding operator (~) to indicate the arguments. arguments. (A) to The modern working books ((used used in The modern working notation notation in in mathematical mathematical articles articles and and books in Bourbaki Bourbaki for for example example)) is is x x t-t ~ bb for for a a function function with with argument argument x x and and value value given given by by the the expression expression bb in in x x;; for for example example x x t-t ~ x x for for the the identity, identity, x x t-t ~ eX e x for for the the exponential. exponential. As As we we did did for for propositional propositional functions, functions, we we will will adopt adopt the the lambda lambda notation notation in in the the form form A(X. A(x. b) b) for for x x t-t ~-+ b. b. In In Nuprl Nuprl one one can can display display this this in in a a variety variety of of ways, ways, including including => b. b. The xx t-t ~-+ bb or or bi: b~ or or fun fun x x =~ The important important points points are: are: •9 There There is is an an operator operator name, name, lambda lambda that that distinguishes distinguishes functions. functions. Their Their canoni canonical cal value value is is A(X A(x.. b) b).. •9 A x. bb is or formula A binding binding phrase, phrase, x. is used used to to identify identify the the name name of of the the argument argument ((or formula parameter body of parameter),) , x x,, and and the the body of the the function. function.
Types Types
715 715
•
9 The The usual usual rules rules about about binding binding phrases phrases apply apply concerning concerning bound bound variables, variables, scope, scope, and and a-equality. a-equality.
Essentially the the only way to to use use a a function function is is to to apply apply it it to to an an argument. Informal Essentially only way argument. 1199 Informal
notation for (a) or for applying applying aa function function J f to to an an argument argument aa is is to to write write J f(a) or J faa or or even even to show show the the substitution substitution of of "actual" argument for for the the "formal" "formal" one one as as in in sin(a) or or to "actual" argument We adopt adopt an an operator operator name name to to remind remind ourselves ourselves that that application application is is a a distinct distinct eeaa.. We operation. So So we we write write ap(J; ap(f; a) a).. But But again, again, Nuprl Nuprl can can display this this anyway anyway the the user user J(a) or fa or even f. a or f@a . pleases, e.g. as pleases, e.g. as f(a) or fa or even f. a or f@a.
One One of of the the major major discoveries discoveries from from aa systematic systematic study study of of function function notations, notations, especially the the lambda lambda calculus calculus and and combinatory combinatory calculus calculus and and later later programming programming especially languages, languages, is is that that rules rules for for formally calculating with with functions functions can can be be given given indepen independently meaning, especially dently of of their their meaning, especially independently independently of of types. types. The nitional equality" The rules rules for for calculation calculation or or for for "defi "definitional equality" can can be be expressed expressed nicely nicely as as evaluation rules. rules. Here Here is is the the so so called called "calLby "call_by_name" evaluation rule. rule. evaluation -Ilame" evaluation
Jf {. .\(x. b) b) b[z/x] {. c ap(J; a) {.,1,cc ap(/; a) The _value" rule The "calLby "call_by_value" rule is is this this
f {. .\(x. b) a {. a' b[a'/x] {. c p(Y; a) {.$ c ap(J; Closed .\(x . .\(y. Closed expression expression functions functions like like 1 I == = = .\(x. A(x. x) x) or or K g == = = A(x. A(y. x)) x)) are are called called combinators; these these two two are are "polymorphic" "polymorphic" in in that that we we can can compute compute their their values values regardless the form regardless of of the form of of the the input. input. Thus Thus ap(.\(x. ap(A(x, x); x); K) K) {. $K g and and ap(.\(x. ap(A(x, x); x); 0) 0) {. $ O0,, and ap(K; 1I)) {. $ .\(x. A(x. 1) I).. and Other functions .\(z.add(loJ(z); 20J(z))) only be Other functions like like .\(z.lof(z)) A(z.lof(z)) or or A(z.add(lof(z); 2of(z))) can can only be reduced reduced to specific form, to values values on on inputs inputs of of aa specific form, and and others others like like .\(x.suc(x)) A(x.suc(x)) or or .\(x. A(x. 44/x) /x)
reduce reduce to to meaningful meaningful values values (typed (typed values) values) only only on on specific specific inputs. inputs. For For example, example, ap(.\(z.lof(z) ap(A(z.lof(z);; 0) 0) {. $ 10f(0) lof(0) but but 10f(0) lof(0) is is not not a a canonical canonical value value let let alone alone aa sensible sensible value. pair(O; 0)) value. In In the the case case ap(.\(x. ap(A(x, suc(x)); suc(x));pair(O; 0)) the the result result of of evaluation evaluation is is the the value value suc(pair(O; 0)) this value 0)),, but but this value has has no no type. type.
Typing T y p i n g functions. functions. The The space space of of functions functions from from type type A A to to type type B B is is denoted denoted A the range A --+ --+ B B.. The The domain type type is is A A,, the range (or (or co-domain) co-domain) is is B B.. The The typing typing rule rule for for functions functions is is intuitively intuitively simple. simple. We We say say that that .\(x. A(x. b) b) E EA A --+ ~ B B provided provided that that on on each each a) EE B input input aa E EA A,, ap(.\(x. ap(A(x, b) b);; a) B.. This This judgment judgment is is usually usually made made symbolically symbolically by by that bb EE B the form assuming assuming x x E EA A and and judging judging by by typing typing rules rules that B.. This This is is the form of of typing typing judgment judgment we we adopt. adopt. So So the the typing typing rule rule has has the the form form
fI /~ fk .\(x. A(x. b) b) E EA A --+ -+ B B by by fun_type fun_type fI, x : A fF-- b E B [-t,x:A B 19 19Although Although if functional functional equality is defined defined intensionally, intensionally, then it is also also possible possible to analyze analyze their structure. Of course, course, function function can also also be passed passed as data.
716 716
R. Constable
More More generally, generally, given given an an expression expression f f we we allow allow
H /~ fF f f E EA A -+ ~ B B by by fun_type fun_type H x) EE B H ,, xx::AA fF ap(jj ap(f;x) B In judging that In the the course course of of judging that an an expression expression tt has has aa type type T, T, we we allow allow replacing replacing tt by definition ally equal by any any term term t' t ~ that that is is definitionally equal or or by by a a term term t' t ~ that that tt evaluates evaluates to. to. So So if if tt T. In in T T and and tt .j.. $ t' t',, then then tt E E T. In the the logic logic over over (A (A -+ --+ B) B) we we add add the the rule rule for for function function in equality equality
H /~ ft- f f = = 9 g in in A A -+ --+ B B by by extensionaLequalityR extensional_equalityR H, A fF ap(Jj ap(f; x) ap(g; x) in B B H, xx:: A x) = ap(gj x) in ap(gj b) /~, - 9 g in in A A -+ --+ B B ft-- ap(Jj ap(f; a) a) = ap(g; b) in in B B by by extensionaLequalityL extensional_equalityL H, ff =
f-~ -aa EE AA Here Here is is Cantor's Cantor's interesting interesting argument argument about about functions functions based based on on the the method method of of diagonalization. rules for (See the diagonalization. It It illustrates illustrates the the rules for functions. functions. (See the appendix appendix for for a a Nuprl Nuprl proof.) proof.) Definition. Call ff in : B. f(g(y)) Definition. Call in (A (A -+ --+ B) B) onto onto iff iff 3g 3 g :: ((B B -+ --+ A) A) such such that that Vy Vy:B. f ( g ( y ) ) == yy in in B B..
Cantor Cantor shows shows that that for for inhabited inhabited types types A A with with two two distinct distinct elements elements there there is is no no -essentially because function function from from A A onto onto (A (A -+ --+ A) A)--essentially because (A (A -+ --+ A) A) is is "too "too big" big" to to be be enumerated A. We enumerated by by A. We state state the the condition condition on on A A using using functions. functions. We We require require that that A such there there is is a a function function diff diff E EA A -+ --+ A such that that diff(x) diff (x) =1= ~ x x for for all all x x in in A A.. The The theorem theorem is is Cantor's Cantor's Theorem. Theorem. : A. diff(x) 3 e : A -+ (A is onto) onto) (3 diff (A -+ A) (3 diff ::(A A).. Vx Vx:A. dill(x) =1= r x x in in A) A) :=} =v (..., (~3e:A (A -+ --+ A). A). ee is Proof. THEN :=}R P r o o f . by by :=}R =~R THEN ==~R 11.. 33 diff A. diff(x) dill: : (A (A -+ A). A ). Vx Vx:: A. dill(x) =1= ~ xx in in A A 2. 3e : A -+ 2. 3e:A --+ (A (A -+ --+ A) A).. ee is is onto onto
f-l. FA_
Next Next use use 3L 3L on on 22 TTHEN H E N unfold unfold "onto" "onto" TTHEN H E N 3L 3L 2. ee:A : A -+ -+ A) A) 2. ~ (A (A-+ 3. gg:: (A (A -+ --+ A) A) -+ ~ A A A -+ 4. Vh:(A -~ A) A).. e(g(h)) e(g(h))== hh in in ((A --+ A) A) 4. Vh : (A -+ Next A -+ .2 Vx : A. diff(x) Next 3L 3L on on 11 to to replace replace 11 by by 1.1 1.1 diff diff ::A -~ A A,, 11.2 Vx:A. dill(x) =1= ~ xx in in A A Let Let ho ho == == ).(x. A(x. diff(e(x)(x))) diff (e(x)(x))) Now Now VL VL on on 44 with with ho h0 5. = ho 5. e(g(ho)) e(g(ho))= ho in in A A -+ --+ A A Let by extensionaLequalityL Let d d == == g(ho) g(h0),, by extensional_equalityL ho(d) in 6. (d) = ho(d) 6. e(d) e(d)(d) in A A
Types
717 717
Now evaluate evaluate ho(d) to to rewrite rewrite 66 as as Now 6. e(d) e(d)(d) = diJJ(e(d) diff(e(d)(d)) 6. (d) = (d)) Now by by VL VL on on 1.2 1.2 with with e(d) e(d)(d) Now (d) 7. diJJ(e(d) diff(e(d)(d)) r e(d) e(d)(d) (which is is (diJJ(e(d) (diff(e(d)(d)) = e(d) e(d)(d)) --+_l_) 7. (d)) # (d) (which (d)) = (d)) �1-)
F• f-1-
Finish by by =*L =~L on on 7. 7. and and 6. 6. 0 [] Finish
Implicit functions functions from f r o m relations. relations. A A common common way way to to define define functions functions is is implic implicImplicit itly in in terms terms of of relations. relations. Suppose Suppose R R is is a a relation relation on on A A x x B B and and we we know know that that for for itly every x x E A A there there is is aa unique unique yy in in B B such such that that R(x, R(x, y) y).. Then Then we we expect expect to to have have aa every x, Jf(x)). (x)) . How function function J f E CA A� -+ B B such such that that R( R(x, How do do we we specify specify this this function? function? To facilitate facilitate consideration consideration of of this this matter, matter, let let us us define define :J!y 3!y:A. P(y) to to mean mean there there To : A. P(y) is aa yy satisfying satisfying P P , , and and any any zz that that satisfies satisfies it it is is yy.. Thus Thus is Definition. 3!y": A. A. P(y) P(y) == = = :Jy 3y": A. A. P(y) & Vz Vz": A. A. (P(z) (P(z) =* =~ yy = zz in in A) A).. Definition. :J!y P(y) & We expect expect the the following following formula formula to to be We be true. true.
Function Comprehension. Comprehension. "Ix Vx": A. =~ :JJ 3f :" A A � --+ B. B. "Ix Vx" Function A. 3!y" :J!y : B. B. R(x,y) R(x, y) =*
A. A. R R (x, (x, J(x)) f (x))..
For many many instances instances of of types types A, B and and relation R we we can can prove prove this this formula formula by by For A, B relation R exhibiting r) for in N exhibiting a a specific specific function. function. For For example, example, if if we we define define Root(n, Root(n, r) for n, n, rr in N as as r 2 :::; < n n & &n n < < (r (r + + 1) 1) 22 then not only only can can we we prove prove Vx Vx": N. g. :J!r 3!r": N. N. Root(n, Root(n, r) r) but we then not r2 but we can also also define function root by primitive primitive recursion, recursion, namely namely can define aa function root by oot(O) == o0 root(O) root(suc(n)) = if if (root(n) (root(n)++ 1) then root(n) root(n) + + 11 else root(n).. else root(n) root(suc(n)) = 1) 22 _:::; nn then
We know know that root(x)) eE N g --~ and Root Root (n, So perhaps We that )~ >. (x. (x. root(x)) �N N and (n, root(n))is root(n)) is true. true. So perhaps if there there are expressions for for defining prove the the conjecture. if are enough enough expressions defining functions, functions, we we can can prove conjecture. In set theory, functions are are usually usually defined defined as total relations, i.e., aa In set theory, functions as single-valued single-valued total relations, i.e., relation R on on A B is for all in A A there unique yy in in B B such relation R A xx B is aa function function iff iff for all xx in there is is aa unique such that that y) . The The relation relation R is aa subset subset of of A A xx B and this this R taken to to be the function. R(x, y). R is B, , and R is is taken be the function. R(x, Bour If the the underlying underlying logic Hilbert EE-operator) -operator) as If logic has has a a choice choice function function (or (or Hilbert as in in Bourbaki 1968b] or HOL (Gordon (Gordon and and Melham 1993] ), then then the of the the function function baki [[19685] or HOL Melham [[1993]), the value value of defined for the defined by by RR on on input input xx isis choice(y. choice(y. R(x, R(x, y)) y)) and and aa A >. form form for the function function isis
)~(x. >.(x. choice(y. choice(y. R(x, R(x, y)). y)) .
The choice choice operator operator would would not not only only prove prove the the implicit implicit function function conjecture, conjecture, but but itit The as well. well. That is would prove the the closely closely related related axiom axiom of of choice choice as would prove T h a t axiom axiom is � B). B). Vx" Vx : A. A. R(x, R(x, fJ(x)) A x i o m oof f C h o i c e . Vx" (x)) .. Axiom Choice. Vx : A. A. 3y" :Jy : B. B. R(x, R(x, y) y) =~ =* 3:JJf ": (A (A -~
We will We will see see in in section section 33 that that in in constructive constructive type type theory theory this this axiom axiom isis provable provable because the the theory theory has has enough enough expressions expressions for for functions. functions. because
718 718
R. Constable
Set types types aand local set set theories theories 2.10. Set 2.10. n d local
Another of of the the most most fundamental fundamental concepts concepts of of modern modern mathematics mathematics isis the the notion notion Another of set set or or class. class. Class Class theory theory arose arose out out of of Frege's Frege 's foundation of foundation for for mathematics mathematics in in Grundgesetze and and in in Principia Principia along along similar similar lines. lines. Even Even before 1900 Cantor Cantor was Grundgesetze before 1900 was creating aa rich rich naive naive set set theory theory which which was axiomatized in in 1908 1908 by by Zermelo Zermelo and and creating was axiomatized improved improved by by Skolem Skolem and and Fraenkel Fraenkel into into modern modern day day axiomatic axiomatic set set theories theories such such as as ZF ZF (Bernays [1958]) [1958]) and and BG BG (Ghdel (G6del [1931]) [1931]) and and Bourbaki's Bourbaki ' s set set theory theory ([1968b]). ([1968b]). (Bernays We could could formulate formulate aa full full blown blown axiomatic axiomatic set set theory theory based based on the type type Set. Set. We on the But type theory into which which ZF But the the type theory of of section section 33 is is an an alternative alternative into ZF can can be be encoded encoded (Aczel [1986]). [1986]). So So instead instead we we pursue pursue aa much much more more modest modest treatment of sets sets along along the the (Aczel treatment of lines of of Principia's Principia 's classes. classes. In In Principia, Principia, given given aa propositional propositional function function ri: whose whose lines range of of significance significance is is the the type type A, A , we we can can form form the the class class 2(r i: ( x) of of those those elements elements range A satisfying satisfying r . We write this this as as {x: {x : A[r A I (x)} . We call this this aa set set type or aa of We write We call type or of A class. two classes classes c~, a, fl (3 we we can can form the usual combinations of of union, union, aa U class. Given Given two form the usual combinations U (3fl,, intersection, universal class, A , and empty class, intersection, aa n M (3 fl,, complement, complement, a ~,, universal class, A, and empty class, r . The judgment associated with a a set set type what one one would The typing typing judgment associated with type is is what would expect. expect. Suppose A is EA Prop , then then Suppose A is a a type type and and P P E A -+ --+ Prop,
H by setR setR [-I ~f- aa eE {x { x ':AA II P(x)} P(x)} by H H Ff-- aaEEAA f- P(a) P(a) gH Fm
The rule for for using using an assumption about membership is is The rule an assumption about set set membership
H, f-I,yy :" {x { x ': AA Ii P(x)} P(x ) } f~G G by by setL setL H, P(y) f-F- G H, yy": A, A, P(y) G As As with with the the other other rules, rules, we we can can choose choose to to name name the the assumption assumption P(y) P(y) by by using using the new uu.. In the justification justification by by setL setL new In Nuprl Nuprl there there is is the the option option to to "hide" "hide" the the proof proof of of P(y).. This hidden version version is is the default in in Nuprl. Nuprl. A A hypothesis hypothesis is is hidden hidden to to prevent prevent P(y) This hidden the default proof object object from This is necessary because because the the proof the from being being used used in in computations. computations. This is necessary the set set membership does not proof P (a) ; so the constructive membership rule, rule, setR, setR, does not keep keep track track of of the the proof P(a); so the constructive elimination elimination rule rule is is i-I, yy": {x" A I] P P(x) J FG by by /setL, IsetL, new new u u H, {x : A (x)}} ,, J f- G : A, [u H, i-I, yy'A, [u": P(y)] P(y)],, J J fJ- G. G.
In In local local set set theories, theories, the the concept concept of of the the power power set, set, P(A) 7~(A) is is introduced introduced (c.f. (c.f. Bell Bell [1988], [1988], MacLane MacLane and and Moerdijk Moerdijk [1992]). [1992]). This This type type collects collects all all sets sets built built over over A A and and Prop. Prop. If If A A is is aa type, type, then then P(A) 7~(A) is is aa type. type. In In order order to to express express rules rules about about this this type, type, we we need need to to treat treat the the judgments judgments A AE E Type Type and and P P EE A A -+ ~ Prop Prop in in the the rules. rules. Thus Thus far far we we have have expressed expressed these these judgments judgments only only implicitly, not implicitly, not as as explicit explicit goals, goals, in in part part because because Type Type and and A A -+ --+ Prop Prop are are not not types types themselves, but themselves, but "large "large types." types." However, However, it it makes makes sense sense to to write write aa rule rule such such as as
719 719
Types
/~ I~ {x {x:: A A II P(x)} P(x) } E e P(A) P(A) : fI [-I IF- A A E E Type Type fI fI I-~- P P E e A A --+ -+ Prop Prop
We We can can also also imagine imagine the the rule rule r
I
'I
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
,
I
H , Xx' 7: :P(A) ' ( A ) IF- 3P 3 P ' :AA --+ -~ Prop. Prop. (X (X = = {x { x ':AAI PI P ( x(x)} ) } in in P(A)) P(A)) . fI,
'I
"
I
I J
This introduces introduces the the large large type, type, (A (A --+ --~ Prop) Prop) into into the the type type position. position. Treating Treating this this This concept concept precisely precisely requires requires that that we we consider consider explicit explicit rules rules for for Type Type and and Prop, Prop, espe especially cially their their stratification stratification as as Typei Typei and and ProPi Propi.. We We defer defer these these ideas ideas until until section section 3.7. Let Let us us note note at at this this point point that that the the notion notion of of Prop Prop and and set set types types be be at at the the heart heart of of topos Essentially, the topos theory theory as as explained explained in in Bell Bell [1988]. [1988]. Essentially, the subobject subobject classifier, classifier, n ~ and and T : : 11 --+ --+ n f~,, of of topos topos theory theory is is an an (impredicative) notion of of Prop Prop and and the the subtype subtype T (impredicative) notion of propositions. The of true true propositions. The notion notion of of a a pullback pullback is is used used to to define define subtypes subtypes of of a a type type A "pulling back" A by by "pulling back" a a characteristic characteristic function function P P : :AA --+ -~ Prop Prop and and the the truth truth arrow arrow I P( x(x) T T : : 11 --+ -~ Prop Prop to to get get the the domain domain of of P P, , {x {x:: A AIR ) } .} . A A topos topos is is essentially essentially a a category products (n-ary) subobject classifier category with with Cartesian Cartesian products (n-cry) aa subobject classifier and and power power objects. objects. In In other other words, words, it it is is an an abstraction abstraction of of a a type type theory theory which which has has Prop Prop,, a a collection collection of of true true propositions, propositions, subtypes subtypes and and a a power power type, type, P ( A ) for for each each type. type. The The notion notion of of aa P(A) Grothendieck (c.f. Bell Moerdijk [1992]) Grothendieck topos topos (c.f. Bell [1988], [1988], MacLane MacLane and and Moerdijk [1992]) is is essentially essentially aa predicative concept. It ned in predicative version version of of this this concept. It can can be be defi defined in Martin-Lof Martin-Lhf type type theory theory and and in Nuprl, but beyond the in Nuprl, but that that is is beyond the scope scope of of these these notes. notes. (However, (However, see see section section 5.)
2.11. Quotient 2.11. Q u o t i e n t types types
The The equality equality relation relation on on a a type, type, written written ss = = tt in in T T or or ss =T = T tt,, defines defines the the 's referential element element's referential nature. nature. The The semantic semantic models models we we use use in in section section 3.9 3.9 take take a a type type to to be be a a partial partial equivalence equivalence relation relation (per (per)) on on a a collection collection of of terms. terms. T, other Given Given a a type type T, other types types can can be be defined defined from from it it by by specifying specifying new new equality equality relations on relations on the the elements elements of of T T.. For For example, example, given given the the integers integers Z Z,, we we can can define define the the congruence to be congruence integers integers Z//mod Z//mod n n to be the the type type whose whose elements elements are are those those of of Z Z related related by by xx = iff nn divides = y y mod mod n n iff divides (x (x - y) y)..
More : N. m More symbolically, symbolically, let let n n I[ m m mean mean that that n n divides divides m m,, i.e., i.e., 3k 3k:N. m = - k k ,* n n.. Then Then = y mod n iff n I (x y) . If rm(x, n) is the remainder when x is divided by n n,, xx = y mod n iff n [ ( x - y). If r m ( x , n) is the remainder when x is divided by then then clearly clearly x x = - y y mod rood n n iff i f f rrm( m ( xx,, nn) ) = -- rm(y, r m ( y , nn)) in in Z Z.. It It is is easy easy to to see see that that xx = - y y mod mod n n is is an an equivalence equivalence relation relation on on Z Z.. In In general, general, this this is is all all we we require require to type. If to form form a a quotient quotient type. If A A is is a a type type and and E E is is an an equivalence equivalence relation relation on on A A,,
720 720
R. Constable
then / / E is then AAilE is aa new new type, type, the the quotient quotient of of A A by by E. E . The The equality equality rule rule isis xx == yy in in iff E(x, E(x, y) y) for for x, x, yy in in A. A . Here Here are are the the new new rules. rules. AAll / / EE iff
is aa type type iff iff A A isis aa type type and and EE isis an an equivalence equivalence relation relation on on A A AAll / / EE is
iI Ff- aa in in AAilE by quotient_member quotienLmember /~ liE by iI~f-a ianin H AA
H, A//E, iI, xx :: All E, JJ Ff- b[x] b[x] in in BB by by quotientL quotientL f- b[x] b[x] in in BB iI, x: x : A, A, JJ FH, [-I, b[x/] in in B B iI, xx :: A, A, x' x' :: A, A, E(x, E(x, x'), x'), JJ Ff- b[x] b[x] == b[x']
For For PP to to be be aa propositional propositional function function on on aa type type A, A , we we require require that that when when aa == a' a' in in A A then then P(a) P (a) and and P(a') P(a') are are the the same same proposition. proposition. If If we we consider consider atomic atomic propositions propositions P(x) / / E , then / / E . . The equality of iff xx == tt in in AAilE, then aa == tt in in AAilE The rules rules for for equality of expressions expressions P (x) iff built from elements / / E will guarantee the nature of propositions over will guarantee the functional functional nature of propositions over built from elements of of AAilE A / / EE. . We 3.9 and literature on on Nuprl All We discuss discuss the the topic topic in in detail detail in in section section 3.9 and in in the the literature Nuprl Constable et al. [1986], [1986], Allen Allen [1987b]. [1987b]. Constable et al. The very important many subjects. We have have found it especially The quotient quotient type type is is very important in in many subjects. We found it especially natural in automata theory et al. [1998]), rational rational arithmetic arithmetic and of ( Constable et al. [1998]), and of natural in automata theory (Constable course, for congruences. For For congruence congruence integers we have course, for congruences. integers we have proved proved Fermat's Fermat ' s little little theorem this form: theorem in in this form:
Theorem. {x : N lI prime(p)} prime(p)} .. Vx:g//mod Vx : Z/lmod p. p. (x x) (xpp = T h e o r e m . Vp Vp:: (x:N = x)
Here mechanism suppresses the type equality when it can Here the the display display mechanism suppresses the type on on equality when it can be be immediately immediately inferred inferred from from the the type type of of the the equands. equands. Equivalence E q u i v a l e n c e classes. classes. It It is is noteworthy noteworthy that that quotient quotient types types offer offer aa computationally computationally tractable tractable way way of of treating treating topics topics normally normally expressed expressed in in terms terms of of equivalence equivalence classes. classes. For For example, example, if if we we want want to to study study the the algebraic algebraic properties properties of of Zllmod Z//mod n n it it is is customary customary to to form form the the set set of of equivalence equivalence classes classes of of Z g where where the the equivalence equivalence class class of of an an element element of these Z/mod nn.. The Zz is is [z] [z] = = {{ii :: Z g l Ii i = = zz mod mod n} n}.. The The set set of these classes classes is is denoted denoted g/mod The algebraic algebraic operations operations are are extended extended to to classes classes by by
[z [Zl + [z,]t J + + [Z [z,]2 ] = = [z, + Zz,], 2], [Zl] [zl] * * [Z [z2] = [Z [Zll * * Zz2], etc. 2] = 2 ], etc. All All of of this this development development can can be be rephrased rephrased in in terms terms quotient quotient types. types. We We show show that that + + and a n d ,* are are well-defined well-defined on on Zllmod g//mod nn,, and and the the elements elements are are ordinary ordinary integers integers instead instead of of equivalence equivalence classes. classes. What What changes changes is is the the equality equality on on elements. elements. 2.12. 2.12. Theory Theory structure structure
So So far far we we have have introduced introduced aa typed typed mathematical mathematical language language and and aa few few examples examples lists, Cartesian of of specific specific types types and and then then rules-for rules--for N, N, lists, Cartesian products, products, functions, functions, subsets, subsets, and and quotients. quotients. The The possibilities possibilities for for new new types types are are endless, endless, and and we we shall shall see see more more of of
Types Types
721 721
them them in in sections sections 33 and and 4. 4. For For example, example, we we could could introduce introduce the the type type Set Set and and explore explore classical computational set theories. We introduce partial classical and and computational set theories. We can can introduce partial objects objects via via the the bar types types that that Constable Constable and and Smith Smith [1993] [1993] developed. developed. As As we we have have seen, seen, we we can can use use bar the Magic rule the Magic rule or or not not or or various various weaker weaker forms forms of of it. it. Some Some choices choices of of rules rules are are inconsistent, inconsistent, e.g. e.g. bar bar types types and and Magic Magic or or the the impredica impredicative Mendler [1988] products on tive f:::. /~ type type of of Mendler [1988] and and dependent dependent products on the the fixed fixed point point rule rule with with all the consistent all types. types. How How are are we we to to keep keep track track of of the consistent possibilities? possibilities? One One method method is is to to postulate postulate fixed fixed theories theories in in the the typed typed logic logic such such as as Heyting Heyting IZF (HA) (c.f. (HA + Arithmetic Arithmetic (HA) (c.f. Troelstra Troelstra [1973]) [1973]) or or Peano Peano Arithmetic Arithmetic (HA + Magic) Magic) or or IZF (c.f. Moerdijk [1995] (c.f. Beeson Beeson [1985] [1985],, Friedman Friedman and and Scedrov Scedrov [1983] [1983],, Joyal Joyal and and Moerdijk [1995],, Moerdijk Moerdijk and and Reyes Reyes [1991]) [1991]) or or Intuitionistic Intuitionistic Type Type Theory Theory (ITT) (ITT) or or Higher Higher Order Order Logic Logic (HOL) (HOL).. We We rely rely on on a a community community of of scholars scholars to to establish establish the the consistency consistency of of various various collections collections of axioms. axioms. Books Books like like Troelstra Troelstra [1973] study relationships relationships between between dozens dozens of of these these of [1973] study theories. The The space space of of them them is is very very large. large. theories. Another the "tree Another possibility possibility is is to to explore explore the "tree of of knowledge" knowledge" formed formed by by doing doing nitions and mathematics mathematics in in various various contexts contexts determined determined by by the the defi definitions and axioms axioms used used for any any result. result. We We can can think think of of definitions definitions and and axioms axioms as as establishing establishing contexts. contexts. for N.G. N.G. de de Bruijn Bruijn [1980] [1980] has has proposed proposed aa way way to to organize organize this this knowledge, knowledge, including including derivation derivation of of inconsistency inconsistency on on certain certain paths. paths. Essentially Essentially de de Bruijn Bruijn defined defined typed typed mathematical mathematical languages, languages, PAL, PAL, Aut-68, Aut-68, Aut AutQE, AutAut-II, which were used for for writing definitions and and axioms. axioms. 20 2~ He He proposed proposed aa QE, II , which were used writing definitions logical organizing definitions, definitions, axioms logical framework framework for for organizing axioms and and theorems theorems into into books. books. We We will will explore explore these these typed typed languages languages in in the the next next section. section. They They are are more more primitive primitive than than our our typed typed logic. logic. The The apparatus apparatus of of Automath Automath is is completely completely formal; formal; it it is is aa mechanism mechanism whose whose meaning meaning is is to to be be found found completely completely in in its its ability ability to to organize organize information information and and classify classify it content. Extending mathematics being it without without regard regard for for content. Extending this this attitude attitude to to the the mathematics being expressed expressed leads leads to to the the formalist formalist philosophy philosophy of of mathematics mathematics espoused espoused by by Hilbert Hilbert [1926]. with Principia [1926]. This This is is de de Bruijn's Bruijn's view view in in fact, fact, and and it it surely surely contrasts contrasts with Principia which which found meaning in truths written written into found its its meaning in the the logical logical truths into aa fixed fixed foundational foundational theory. theory. It will contrast Martin-Lof view, view, the It will contrast as as well well to to the the Martin-Lhf view, Girard's Girard's [1987] [1987] view, the views views of of Coquand Huet in Coq and expressed to Coquand and and Huet in Coq and my my own own view view (as (as expressed to aa large large extent extent in in Nuprl) Nuprl) in in which which the the logical logical framework framework is is organized organized to to express express computational computational meaning. meaning. It It is is noteworthy noteworthy that that the the three three influential influential philosophical philosophical schools-Formalism, schools--Formalism, Logicism, Logicism, and and Intuitionism, Intuitionism, can can be be characterized characterized rather rather sharply sharply in in this this setting setting (and (and coexist!). coexist!). An An Automath Automath book book is is a a sequence sequence of of lines. lines. A A line line has has four four parts parts as as indicated indicated in in Table Table 2. 2. Each Each line line introduces introduces aa unique unique identifier identifier which which is is either either aa primitive primitive notion, notion, PN, or PN, or a a block block opener opener or or is is defined. defined. The The category category part part provides provides the the grammatical grammatical category; category; type type is is aa built-in built-in category, category, defined defined types types like like nat nat are are another. another. The The lines lines form form two two structures, structures, one one the the linear linear order order and and the the other other aa rooted rooted tree. tree. 2° 2~"Automath is a language language which which we claim claim to be suitable for expressing expressing very large large parts of mathematics, in such a way that the correctness correctness of the mathematical contents contents is guaranteed as as as the rules of the grammar are obeyed." obeyed." de Bruijn [1980). [1980]. long as
722 722
R. Constable Constable
indicator indicator identifier identifier definition definition category category PN 0 nat type PN nat type nn nat 0 nat real PN type real PN type 0 xX n real real -
-
Table 2: Sequence Table 2: Sequence of of lines lines The nodes nodes of of the the tree tree are are identifiers, identifiers, x x,, and and the the edges edges are are from from x x to to the the indicator indicator The identifier part. of line having of the the line having x x as as its its identifier part. The The complete complete context context of of x x is is the the list list of of the root. line uses indicators indicators from from x x back back to to the root. So So each each line uses as as its its indicator indicator the the last last block block opener opener in in its its context. context. When When the the definition definition and and category category components components are are included included with with x x,, the the result result is is what what de de Bruijn Bruijn calls calls the the tree tree of of knowledge. knowledge. Nuprl has has a a similar similar structure structure to to its its knowledge knowledge base, base, called called a a library. library. A A library library Nuprl consists consists of of lines. lines. Each Each one one is is uniquely uniquely named named by by an an identifier. identifier. These These can can include include the the equivalent equivalent of of block block openers, openers, called called theory theory delimiters delimiters (begin_thyname, (begin_thyname, end_thyname) end_thyname).. The The library library is is organized organized by by a a dependency dependency graph graph which which indicates indicates the the logical logical order order among delimiters) . Unlike among theories theories (the (the lines lines between between delimiters). Unlike in in Automath, Automath, the the theory theory structure structure is is a a directed directed acyclic acyclic graph graph (dag). (dag). Theories Theories can can also also be be linked linked to to aa file file system system or or a a database database which which provides provides additional additional "nonlogical" "nonlogical" structuring. structuring. The The Nuprl Nuprl 55 system system also also provides provides a a structured structured library library with with mechanisms mechanisms to to control control access to theories. collecting access to theories. There There are are two two modes modes of of accessing accessing information. information. One One is is by by collecting axioms, definitions, and theorems into axioms, definitions, and theorems into controlled controlled access access theories. theories. These These theories theories can can only use specific rules root. Each only use the the specific rules and and axioms axioms assembled assembled at at its its root. Each type type such such as as N N or or T is is organized organized into into a a small small theory theory consisting consisting of of its its rules. rules. 21 21 More More complex complex theories theories SS x T are built built by by collecting axioms. 22 22 We We will be specifying specifying certain certain important important theories theories are collecting axioms. will be later. One later. One of of them them is is Nuprl Nuprl 4, 4, the the fixed fixed logic logic in in the the Nuprl Nuprl 4.2 4.2 release. release. Another Another theory theory could Smith [1993]) could be be Nuprl Nuprl 4_bar, 4_bar, the the theory theory with with partial partial objects objects (Constable (Constable and and Smith [1993]) or uIZF, the or N NuIZF, the formulation formulation of of IZF IZF in in type type theory. theory. Another library we call free Another way way to to use use the the library we might might call free access. access. A A user user can can prove prove theorems rules whatsoever, Once aa theorem theorems using using any any rules whatsoever, even even inconsistent inconsistent collections. collections. Once theorem collection of is is proved, proved, the the system system can can define define its its rooLsystem, root_system, the the collection of all all rules rules and and definitions used and prove it. The ystem determines definitions used to to state state and prove it. The root...s root_system determines the the class class of of theories theories into into which which the the result result can can be be "planted." "planted."
2.13. Proofs 2.13. P r o o f s as as objects objects
The The notion notion of of proof proof plays plays a a fundamental fundamental role role in in logic logic as as we we have have seen seen here. here. ' s proof proofs, and Hilbert Hilbert's proof theory theory is is a a study study of of proofs, and for for philosophical philosophical reasons reasons he he conceived conceived 21The 21The associated tactics are attached attached as well, well, see Hickey Hickey [1996b,1997]. [1996b,1997]. 22The 22The associated associated tactics can also also enforce enforce global global constraints on the theory such such as "decidable "decidable type checking." checking."
723 723
Types
3 Given of it it as as a a constructive constructive theory, theory, and and a a metatheory. metatheory. 223 Given the the central central role role of of proofs proofs of in all of mathematics, it it is not a a great great leap leap to begin thinking thinking about about proofs proofs as as in all of mathematics, is not to begin mathematical mathematical objects objects with with the the same same "reality" "reality" as as numbers. numbers. This This viewpoint viewpoint is is central central to intuitionistic and to intuitionistic and constructive constructive mathematics, mathematics, and and it it seems seems to to be be coherent coherent classically classically as as well. well. De De Bruijn Bruijn designed designed the the Automath Automath formalisms formalisms around around notion notion of of formal formal proofs proofs as objects, and ordinary ordinary objects objects such such as as functions functions could could depend on proofs. proofs. In In order order to to as objects, and depend on treat what what was was called called classical classical mathematics mathematics he he had had to to add add a a principle principle of of irrelevance irrelevance treat of proofs. 2244 However, ofproofs. However, to to bring bring proof proof expressions expressions fully fully into into the the mathematics mathematics as as objects objects means more more than than allowing allowing them them into into the the language. language. As As the the proof proof irrelevance irrelevance principle principle means shows, they they can can be be regarded regarded as as part part of of the the underlying underlying linguistic linguistic apparatus. apparatus. 225 To shows, 5 To make make proofs proofs explicit explicit objects objects with with a a referential referential character, character, we we must must define define equality equality on on nitional them (the (the kind kind of of equality equality called called book book equality equality in in Automath Automath as as opposed opposed to to defi definitional them equality equality which which holds holds for for all all terms terms whether whether referential referential or or not) not).. There objects. We There are are two two sources sources to to guide guide the the discovery discovery of of equality equality rules rules for for proof proof objects. We can turn turn to intuitionistic mathematics mathematics and and its its semantics semantics for for the the logical logical operators operators or or we can to intuitionistic we can look look to to proof proof theory and the the reduction reduction (or (or normalization normalization rules). rules). Neither Neither account account can theory and is classically conceived is definitive definitive for for classically conceived mathematics. mathematics. In In the the case case of of using using intuitionistic intuitionistic reasoning reasoning as as a a guide, guide, we we must must handle handle classical classical rules, rules, such such as as contradiction, contradiction, or or classical classical axioms like like the the law law of of excluded excluded middle middle "magic" "magic".. There There are are various various ways ways to to approach approach axioms this promising results results (Allen (Allen et al. [1990], this with with promising et al. [1990], Murthy Murthy [1991]' [1991], Girard Girard [1991]). [1991]). The The subject subject is is still still very very active. active. Another normalization theorems Another approach approach is is suggested suggested by by the the normalization theorems for for classical classical and and constructive deduction systems, constructive logics logics natural natural deduction systems, or or N-systems N-systems (due (due to to Prawitz Prawitz [1965]), [1965]), and and the the body body of of results results on on cut cut elimination elimination in in the the sequent sequent calculi, calculi, or or L-systems L-systems (arising (arising from from Gentzen Gentzen [1935]). [1935]). Unfortunately, Unfortunately, the the results results give give somewhat somewhat conflicting conflicting notions notions of of proof proof equality equality (c.f. (c.f. Zucker Zucker [1974,1977]' [1974,1977], Ungar Ungar [1992]) [1992]).. It It is is perhaps perhaps premature premature to to suggest suggest the the appropriate appropriate classical classical theory, theory, so so instead instead we we will will sketch sketch the the constructive constructive ideas details to ideas and and leave leave the the technical technical details to section section 33 where where we we will will explore explore carefully carefully Martin-Lars Martin-Lhf's interpretation interpretation in in which which the the computational computational content content of of a a proof proof is is taken taken as as the the object. object. Another Another prerequisite prerequisite to to treating treating proofs proofs as as objects objects is is that that we we understand understand the the domain domain of of significance, significance, the the type type of of assertions assertions about about proofs. proofs. This This is is another another point point that that is is not not entirely entirely clear. clear. For For instance, instance, the the views views of of Kreisel Kreisel [1981]' [1981], Scott Scott [1976], [1976], and and Tait Martin-Lof [1982,1983] Girard [1987]. Tait [1967,1983] [1967,1983] differ differ sharply sharply from from those those of of Martin-Lhf [1982,1983] and and Girard [1987]. One One of of the the key key points points is is whether whether we we understand understand a a proof proof p p as as a a proof proof of of a a proposition proposition P P,, p p proves proves P P,, or or whether whether provability provability is is a a relation relation on on proofs proofs so so that that Proves(p, Proves(p, P) P))) is is the the appropriate appropriate relationship. relationship. In In the the latter latter case case there there arises arises the the part of Hilbert's Hilbert's Program Programfor a formal foundation foundation of mathematics. 23That it had to be so was part Classical Classical parts parts of of mathematics mathematics were were to to be be considered considered as as ideal ideal elements elements ultimately ultimately justified justified by by constructive means. 24",,... proposition are 24 . . . we extend the language by proclaiming that proofs of one and the same proposition always definitionally equal. This extra rule was called 'proof irrelevance' .... irrelevance'...." 25This is quite different from taking them to be metamathematical metamathematicalobjects as is done in proof theory . . . a theory that theory.., that could be formalized in Automath. "
724 724
R. Constable Constable R.
danger of of an an infinite infinite regress regress since since we we will will require require aa proof proof p~ p' of of (p (p Proves Proves P). P) . danger At some some level level itit seems seems that that provability provability must must be be aa basic basic judgment, judgment, like like the the typing typing At T. judgment tt EE T. judgment Ifwe we start start with with the the view view of ofthe the relationship relationship pp proves proves PP as as aa typing typing judgment, judgment, then then If we are are led led to to the the view view that that the the type type of of aa proof proof isis the the proposition proposition that that itit proves. proves. Thus Thus we propositions play play the the role role of of types types according according to to the the propositions_as_types propositions_as_types principle. principle. propositions This principle principle isis designed designed into into Automath Automath (but (but can can be be regarded regarded as as "linguistic"), "linguistic" ), This and itit is is the the core core of of both both Martin-Lhf Martin-LOf type type theory theory (Martin-Lhf (Martin-LOf [1982,1984,1983], [1982,1984,1983] ' and Nordstrom, Petersson Petersson and and Smith Smith [1990]) [1990]) and and Girard Girard type type theory theory (Stenlund (Stenlund [1972], [1972] ' Nordstrom, Constable et et al. al. [1986], [1986] , Girard, Girard, Taylor Taylor and and Lafont Lafont [1989]). [1989]). According According to to this this principle, principle, Constable proposition PP is is provable provable (constructivists (constructivists would would say iff there there is is aa proof proof pp whose whose aa proposition say true) true) iff type is is PP, , that that is is type iff for p, t-p f- p EE PP for some some p, f- PP iff Indeed, on on this this interpretation interpretation and and recognizing recognizing that that proof proof expressions expressions pp denote denote proofs, proofs, Indeed, f- PP by as just way of of writing writing we can see see the the sequent notation fI we can sequent notation H ~by p p as just another another way
fI f- p E P . [-I~-pEP.
The P by form can can be be considered is The /~ fI ~f- P by pp judgment judgment form considered implicit. implicit. Attention Attention is focused on P and the main concern concern is is that that there is some The f- pp EE PP focused on P , , and the main there is some inhabitant. inhabitant. T h e /fI ~ Fform is explicit, attention is is focused focused on on the the actual actual proof. rules could could all all be be form is explicit, and and attention proof. The The rules presented presented in in either either implicit implicit (logical) (logical) form form or or explicit explicit (type (type theoretic) theoretic) form. form. Consider Consider the is an the VL VL and and VR VR rules, rules, for for example. example. Here Here is an implicit implicit form. form.
j aj Y . g[y]) H , fj' V: Vx x ' A: A. . P(x, P(x,)J~G by by VLU VL(f;a;y. g[y]) )J f- G H, Vx": A. P(x) P(x),, J J,, yy": P(a) P(a) fF- G G by by g[y] g[y] H, jf :"Vx fI f- A by HF-A by aa _
H f-F- Vx Vx": A. A. P(x) P(x) by by VR(x. VR(x. p[x]) p[x]) H H, H, xx": A A f-~- P(x) P(x) by by p[x] p[x] Here Here is is the the explicit explicit form form of of the the VL VL rule. rule. i-I, jf": Vx Vx": A. A. P(x), P(x), J J f-~-VLU VL(f;j aj a; y. y. g[y]) g[y]) EE G G fI, f-I, jf'Vx" A. P(x), P(x), J 2,, yy": P(a) P(a) f-F- g[y] g[y] EE G G fI, : Vx : A. fI fI f-F- aa EEAA We We will will discover discover in in section section 3.11 3.11 that that there there is is aa reasonable reasonable notion notion of of reduction reduction
on on proof proof expressions expressions (which (which can can either either be be considered considered as as computation computation or or definitional definitional equality) equality) and and that that this this gives gives rise rise to to aa minimal minimal concept concept of of equality equality on on proofs proofs that that is is sufficient sufficient to to give give them them the the status status of of mathematical mathematical objects. objects. 2.14. Heyting's H e y t i n g ' s semantics semantics
' s interpretation Here Here is is Heyting Heyting's interpretation of of the the judgment judgment pp proves proves P P.. 11.. For atomic P we cannot base the explanation on propositional For atomic P we cannot base the explanation on propositional components components of of ' P because there aren t any. But it might depend on an analysis P because there aren't any. But it might depend on an analysis of of terms terms and and
725 725
Types their type type which which could could be be compound. compound. their
We recognize recognize certain certain atomic atomic propositions, propositions, such such as as 00 = - 00 in in N N as as "atomically "atomically We true." That T h a t is, is, the the proofs proofs are are themselves themselves atomic, atomic, so so the the proposition proposition is is an an true." axiom. In In the the case case when when the the terms terms are are atomic atomic and and the the type type is is as as well, well, there there is is axiom. little left left to to analyze. analyze. But But other other atomic atomic propositions propositions can can be be reduced reduced to to these these little axioms by by computation computation on on terms, terms, say say 55 *900 = = 11 *900 in in N N.. axioms Some atomic atomic propositions propositions are are proved proved by by computation computation on on terms terms and and proofs. proofs. Some For example, example, suc(suc(suc(O))) suc(suc(suc(O))) = = suc(suc(suc(O))) suc(suc(suc(O))) in in N N is is proved proved by by thrice thrice For iterating the the inference inference rule rule suceq suc_eq iterating
nn ==mm suc(n) = suc(m) =
We might might take take the the object object suc_eq(suc_eq(suceq(zero_eq))) suc_eq(suc_eq(suc_eq(zero_eq))) as as aa proof proof expression expression We for this this equality. equality. On On the the other other hand, in such such aa case case we we can can just as well well consider consider for hand, in just as the proof proof to to be be a a computation computation procedure on the the terms terms whose whose result result is is some some the procedure on token indicating indicating success success of of the the procedure. procedure. token In general, general, the the proofs proofs of of atomic atomic propositions propositions depends depends on on an an analysis analysis of of the the In terms involved involved and and the the underlying underlying type type and and its its components. components. For For example, example, terms = bb in in AI A / /IEE might might involve involve a a proof proof the the proposition E(a, b).. aa = proposition E( a, b) So we we cannot cannot say say in in advance advance what what all all the the forms forms of of proof proof are are in in these these cases. cases. As As a a So general guide, guide, in in the the case case of of completely completely atomic atomic propositions propositions such such as as 00 = - 00 in in N N general in in which which the the terms terms and and type type are are atomic, atomic, we we speculate speculate that that the the proof proof is is atomic atomic as as 6 well. proofs we have aa special such as as axiom. axiom. 22~ well. For For these these atomic atomic proofs we might might have special symbol symbol such 2. proof of Q is is aa pair proves PP and and qq proves proves Q. of PP & &Q pair (/9, (p, q) q) where where pp proves Q. 2. AA proof proof of of P P and To be 33.. AA proof P vV QQ isis either either pp or or qq where where pp proves proves P and qq proves proves Q. Q . To be more explicit explicit we we say say it is aa pair where if if the designates P P then (tag, e) e) where the tag tag designates then ee is is more it is pair (tag, pp and Q,, then and ifif itit designates designates Q then ee is is q. q. 4. A A proof proof of P =~ Q is is a a procedure maps any proof pp of p),, a a 4. of P *Q procedure ff which which maps any proof of PP to to ff ((p) proof of of Q. proof Q. A proof 3x:: A A.. P[x] is aa pair where a a eE A and pp proves 55.. A proof of of 3x P[x] is pair (a, (a, p) p) where A and proves P[a]. P[a] . "Ix : A. P[x] P[x] is procedure ff taking taking any element aa of of A A to to aa proof 6. AA proof 6. proof of of Vx:A. is a a procedure any element proof f (a) of f(a) of P[a]. P[a] . Note, we we treat treat --,P as PP ==>_1_, *1.. , so so these these definitions definitions give give an an account account of of negation, negation, Note, P as but approaches, such but there there are are other other approaches, such as as Bishop Bishop [1967]. [1967]. We will will see see aa finer finer analysis analysis of this definition definition in the section section on type theory; theory; We of this in the on type there following following Martin-LSf Martin-Lof [1982] [1982] and and Tait Tait [1967,1983], [1967,1983], we will distinguish distinguish between between there we will canonical proof expressions )) canonical proof expressions and and non-canonical non-canonical ones ones such such as as add(suc(O); add(suc(O) ; suc(suc(O) suc(suc(O))) (which to aa canonical In this (which reduces reduces to canonical one one suc(suc(suc(O)))). suc(suc(suc(O)) ) ) . In this more more refined refined analysis analysis 26In Martin-LSf and in Nuprl atomic formulas are are reduced reduced to a token Martin-Lof type theory and Nuprl all proofs of atomic
(axiom in Nuprl). Information that that might be needed from the proof is kept only at at the the metalevel.
726 726
R. Constable Constable
we canonical proof we say say that that the the above above clauses clauses define define the the canonical canonical proofs, proofs, e.g. e.g. a a canonical proof of of P pair (p, L( '* R(x. (x, q)); proof of P & &Q Q is is a a pair (p, q) q/,, but but '* =~L(=~ R(x.(x, q/); p) P) is is a a noncanonical noncanonical proof of P P & &Q Q which "normalize" the which reduces reduces to to (p, (p, q) q} when when we we "normalize" the proof. proof. Although this this is is aa suggestive suggestive semantics semantics of of both proofs and and propositions, propositions, several several Although both proofs questions remain. questions remain. Given Given a a proposition proposition P, P, can can we we be be sure sure that that all all proofs proofs have have the the structure structure suggested suggested by by this this semantics? semantics? Suppose Suppose P P & &Q Q is is not not proved proved by by proving proving P P and decomposing an and proving proving Q Q but but instead instead by by a a case case analysis analysis or or by by decomposing an implication implication and and then existential statement, statement, etc.; then decomposing decomposing an an existential etc.; so so if if tt proves proves P P & &Q Q,, do do we we know know tt is aa pair? pair? is If objects, then relation on If proofs proofs are are going going to to be be objects, then what what is is the the right right equality equality relation on them? them? If tt proves proves P P&Q then is is tt at at least least equal equal to to aa pair pair (p, (p, q) q/?? What What is is the the right right equality equality &Q then If Q?? How on on propositions? propositions? If If P P - Q Q and and p p proves proves P P does does p p prove prove Q How can can we we make make sense sense structure of of Magic as proof object? object? It of Magic as a a proof It is is aa proof proof of of P P v V ..,p -~P yet yet it it has has no no structure of the the kind kind Heyting Heyting suggests. suggests. We We will will see see that that the the type type theories theories of of the the next next section section provide provide just just the the right right tools tools for for answering answering these these questions. questions.
=
3.. Type T y p e theory theory 3
3.1. 3.1. Introduction Introduction Essential E s s e n t i a l features. features. In In this this section section II want want to to give give aa nontechnical nontechnical overview overview of of the the subject will discuss subject II am am calling calling type type theory. theory. II will discuss these these points: points: •
9 It It is is a a foundational foundational theory theory in in the the sense sense of of providing providing definitions definitions of of the the basic basic notions logic, mathematics, notions in in logic, mathematics, and and computer computer science science in in terms terms of of aa few few primitive primitive concepts. concepts.
•
9 It It is is aa computational computational theory theory in in the the sense sense that that among among the the primitive primitive built-in built-in concepts concepts are are notions notions of of algorithm, algorithm, data data type, type, and and computation. computation. Moreover Moreover these notions are these notions are so so interwoven interwoven into into the the fabric fabric of of the the theory theory that that we we can can discuss discuss the the computational computational aspects aspects of of every every other other idea idea in in the the theory. theory. (The (The theory theory also also provides mathematics, as provides a a foundation foundation for for noncomputational noncomputational mathematics, as we we explain explain later.) later.)
•
9 It It is is referential referential in in the the sense sense that that the the terms terms denote denote mathematical mathematical objects. objects. The The referential referential nature nature of of aa term term in in a a type type T T is is determined determined by by the the equality equality relation relation associated with T, relation is associated with T, written written s = tt in in T T.. The The equality equality relation is basic basic to to the the meaning meaning of of the the type. type. All All terms terms of of the the theory theory are are functional Junctional over over these these equalities. equalities.
s=
•
9 When When properly properly formalized formalized and and implemented, implemented, the the theory theory provides provides practical practical tools for expressing, performing, and reasoning about computation tools for expressing, performing, and reasoning about computation in in all all areas areas of of mathematics. mathematics.
A three features A detailed detailed account account of of these these three features will will serve serve to to explain explain the the theory. theory. Under Understanding them standing them is is essential essential to to seeing seeing its its dynamics. dynamics. In In aa sense, sense, the the axioms axioms of of the the theory theory serve serve to to provide provide a a very very abstract abstract account account of of mathematical mathematical data, data, its its transformation transformation by by effective procedures, and effective procedures, and its its assembly assembly into into useful useful knowledge. knowledge. II summarized summarized my my ideas ideas on this this topic topic in in Constable Constable [1991]. [1991]. on
Types Types
727 727
L a n g u a g e and a n d logic. logic. In In aa sense, sense, the the theory theory is is logic logic free. free. Unlike Unlike our our account account of of Language typed logic, logic, we we do do not not start start with with propositions propositions and and truth. truth. Instead Instead we we begin begin with with more more typed elementary parts parts of of language, language, in in particular, particular, with with aa theory theory of of computational computational equality equality elementary of terms terms (or (or expressions). expressions). In In Principia Principia these these elementary elementary ideas ideas are are considered considered as as part part of of the the meaning meaning of of propositions. propositions. We We separate separate them them more more clearly. clearly. We We examine examine the the of mechanism of of naming naming and and definition definition as as the the most most fundamental fundamental and and later later build build upon upon mechanism this an an account account of of propositions propositions and and truth. truth. this This analysis analysis of of language language draws draws on on the the insights insights of of Frege, Frege, Russell, Russell, Brouwer, Brouwer, This Wittgenstein, Church, Church, Curry, Curry, Markov, Markov, de de Bruijn, Bruijn, Kolmogorov, Kolmogorov, and and Martin-Lof, Martin-Lhf, and and Wittgenstein, it draws draws on on technical technical advances advances made made by by numerous numerous computer computer scientists scientists and and logicians. logicians. it We can can summarize summarize the the insights insights in in this this way. way. The The notion notion of of computability computability is is grounded grounded in in We rules for for processing processing language language (Church (Church [1940]' [1940], Curry Curry and and Feys Feys [1958] [1958],, Markov Markov [1949]) [1949]).. rules In particular, particular, they they can can bbee organized organized as as rules rules for for aa basic basic (type (type free) free) equality equality on on In 's theory expressions closely closely related related to to Frege Frege's theory of of identity identity in in [1903]. [1903]. The The rules rules explain explain expressions when two two expressions expressions will have the the same same reference if they they have have any any reference. reference. (We (We call call when will have reference if these computation computation rules, rules, but but they they could could also also be be considered considered simply simply as as general general rules rules of of these definitional equality equality as as in in Automath.) Automath.) De Bruijn showed showed that that to to fully fully understand understand the the definitional De Bruijn definitional rules, we we need need to to understand understand how how expressions expressions are are organized organized into into contexts contexts defi nitional rules, in tree of of knowledge knowledge as as we we discussed discussed in section 2.12. 2.12. in aa tree in section Frege not not only only realized realized the the nature nature of of identity identity rules, rules, but but he he explained explained that that the the Frege very notion notion of of an an object object (or (or mathematical mathematical object) object) depends depends on on rules rules for for equality equality of of very expressions which which are are intended intended to to denote denote objects. objects. The The equality equality rules rules of of aa theory theory expressions serve serve to to define define the the objects objects and and prepare prepare the the ground ground for for aa referential referential language, language, one one in in which the the expressions expressions can can be be said said to to denote denote objects. objects. which Frege also also believed believed that that the equality rules were not arbitrary but but expressed Frege the equality rules were not arbitrary expressed the the primitive truths about about abstract such as as numbers numbers and and classes. We build primitive truths abstract objects objects such classes. We build on on Brouwer's understanding of of the numbers N especially Brouwer's theme theme that that an an understanding the natural natural numbers N is is an an especially clear place to to build build as as possible with them. Here clear place to begin, begin, and and we we try try to as much much as possible with them. Here the insights insights of Brouwer [1975] van Stigt how to connect intuitions intuitions the of Brouwer [1975] (see (see van Stigt [1990]) [1990]) show show how to connect about number to equality of of expressions. expressions. Brouwer Brouwer shows shows that about number to the the rules rules for for equality that the the idea idea of natural natural number number and numbers are are meaningful meaningful because they arise arise from of and of of pairing pairing numbers because they from mental operations. operations. Moreover, Moreover, these these are abilities needed needed to the mental are the the same same abilities to manipulate manipulate the language of of expressions expressions (see [1988]). 227 language (see Chomsky Chomsky [1988]). 7 So and Brouwer (and unlike unlike formalists), formalists), we we understand understand type theory to to So like like Frege Frege and Brouwer (and type theory be referential, that that is, theory is about mathematical mathematical objects, be referential, is, the the theory is about objects, and and the the meaningful meaningful expressions expressions denote denote them. them. Following theory is created by by classifying Following Russell, Russell, we we believe believe that that aa referential referential theory is created classifying Not every is meaningful, meaningful, for for example, example, school school expressions every expression expression is expressions into into types. types. Not children is sometimes say say that % is not. not. We We sometimes that the the meaningful meaningful expressions expressions children know know that that 0/0 are are those those that that refer refer to to mathematical mathematical objects, objects, but but this this seems seems to to presuppose presuppose that that we we 27For Brouwer this language is required by an individual only because of the limits and and flaws in his or her her mental powers. powers. But for our our theory, theory, language language is essential to the communication among agents (human and artificial or otherwise) needed to establish public knowledge.
728 728
R. Constable
know know what what such such objects objects are. are. So So we we prefer prefer to to say say that that the the task task of of type type theory theory is is to to provide the the means means to to say say when when an an expression expression is is meaningful. meaningful. This This is is done done by by classifying classifying provide expressions expressions into into types. types. Indeed Indeed to to define define a a type type is is to to say say what what expressions expressions are are of of that that type. type. This This process process also also serves serves to to define define mathematical mathematical objects. objects. 22s8 Martin-Lof suggested particular way Martin-LSf suggested a a particular way of of specifying specifying types types based based on on ideas ideas devel develFirst designate oped by oped by W. W. W. W. Tait Tait [1967,1983]. [1967,1983]. First designate the the standard standard irreducible irreducible names names for for elements belong to elements of of a a type, type, say say tl, t l , tt22 ,, ... ., . belong to T T.. Call Call these these canonical canonical values. values. Then Then based on on the the definition of evaluation, evaluation, extend extend the the membership membership relation relation to to all all t' t ~ such such based definition of that t' t ~ evaluates evaluates to to a a canonical canonical value value of of T; we say say that that membership membership is is extended extended by by T; we that
pre-evaluation. pre-evaluation.
Level [1908] observed L e v e l restrictions. r e s t r i c t i o n s . Russell Russell [1908] observed that that it it is is not not possible possible to to regard regard the the collection of collection of all all types types as as a a type type itself. itself. Let Let Type Type be be this this collection collection of of all all types. types. So So Type Type is not not an an element element of of Type. Type. Russell Russell suggested suggested schemes schemes for for layering layering or or stratifying stratifying these these is Set. The "inexhaustible "inexhaustible concepts" concepts" like like Type Type or or Proposition Proposition or or Set. The idea idea is is to to introduce introduce notions notions of of types types of of various various levels. levels. In In our our theory theory these these levels levels are are indicated indicated by by level level ypei . They will be indexes indexes such such as as T Typei. They will be defined defined later. later. Architecture A r c h i t e c t u r e of o f type t y p e theory. t h e o r y . What W h a t we we have have said said so so far far lays lays out out a a basic basic structure structure for linguistic material for the the theory. theory. We We start start with with a a class class of of terms. terms. This This is is the the linguistic material needed needed for communication. We for communication. We use use variables variables and and substitution substitution of of terms terms for for variables variables to to express x, y, s, tt be express relations relations between between terms. terms. Let Let x, y, zz be be variables variables and and s, be terms. terms. We We of variable denote of term denote the the substitution substitution of term ss for for all all free free occurrences occurrences of variable x x in in tt by by t[s/x] t[s/x]. . The details of The details of specifying specifying this this mechanism mechanism vary vary from from theory theory to to theory. theory. Our Our account account is is conventional conventional and and general. general. Substitution Substitution introduces introduces a a primitive primitive linguistic linguistic relationship relationship among among terms terms which which is is used used to to define define certain certain basic basic computational computational equalities equalities such such as as ap(>.(x.b); ap(A(x.b); a) a) = = bra/xl b[a/x].. There There are are other other relations relations expressed expressed on on terms terms which which serve serve to to define define computation. computation. We We write write these these as as evaluation evaluation relations relations
tt evals_to evals_to t' t ~ also also written written tt .} $ t'. t ~. Some Some terms terms denote denote types, types, e. e. g. g. N N denotes denotes the the type type of of natural natural numbers. numbers. There There are are type build new Cartesian product type forming forming operations operations that that build new types types from from others, others, e. e. g. g. the the Cartesian product T1 x x T T22 of of T T1l and and T T2. Corresponding to to a a type type constructor constructor like like x • there there is is usually usually a a Tl 2 . Corresponding constructor on tl EE T1, Tb tt22 EE T T2 . By constructor on elements, elements, e. e. g. g. if if tl T22 then then pair(t pair(t1;1 ; tt2) T1 x • T2. By the the 2 ) EE Tl Tait condition above Tait pre-evaluation pre-evaluation condition above
t't ~evals_to evals_to pair(tl pair(tl;; tt2) 2) tt'' Ee T1 T~ x • T T22 28The 2SThe interplay between expressions and objects has seemed confusing to readers of constructive type theory. In In my opinion this arises mainly from the fact that that computability considerations cause us to say more about the underlying language than is typical, but the same relationship exists in any formal account of mathematics.
Types Types
729 729
Part of of defining defining aa type type is is defining defining equality equality among among its its numbers. numbers. This This is is written written Part as ss = - tt in in T. T. The The idea idea of of defining defining an an equality equality with with aa type type produces produces aa concept concept as like Bishop's Bishop's sets sets (see (see Bishop Bishop [1967], [1967], Bishop Bishop and and Bridges Bridges [1985]), [1985]), that that is is Bishop Bishop like [1967,p.63] said said ""... set is is defined defined by by describing describing what what must must be be done done to to construct construct an an [1967,p.63] . . . aa set element element of of the the set, set, and and what what must must be be done done to to show show that that two two elements elements are are equal." equal." The basic basic forms forms of of judgment judgment in in this this type type theory theory are are The t is is aa term term •9 t This is is aa simple simple context-free context-free condition condition on on strings strings of of symbols symbols that that can can be be checked checked This by aa parser. parser. We We stress stress this this by by calling calling these these readable readable expressions. expressions. by •
9T T is_a is_a type type
We also also write write T T E E Type Type and and prefer prefer to to write write capital capital letters, letters, S, S, T, T, A, A, B B for for types. types. We This relationship relationship is is not not decidable decidable in in general general and and cannot cannot be be checked checked by by aa parser. parser. This There are are rules rules for for inferring inferring typehood. typehood. There tE ET T (type membership membership or or elementhood) elementhood) •9 t (type This judgement judgement is is undecidable undecidable in in general. general. This s= = tt in in T T (equality on on T) T) •9 s (equality This judgement judgement is is also also undecidable undecidable generally. generally. This
Inference m e c h a n i s m . Since Since Post Post it it has has been been the the accepted accepted practice to define define the the Inference mechanism. practice to class of of formulas formulas and and the the notion notion of of proof proof inductively. inductively. Notice Notice our our definition of formula formula class definition of in section section 2.4, 2.4, also, also, for for example, example, a a Hilbert Hilbert style style p proof is a a sequence sequence of of closed closed formulas formulas roo/ is in F1 F 1,, . . . , , Fn Fn such such that that Fj Fi is is an an axiom axiom or or follows follows by by aa rule rule of of inference inference from from F Fj, Fkk for for j, F < i, i, k k < < ii.. A A typical inference rule rule is is expressed expressed in form of of hypotheses hypotheses above jj < typical inference in the the form above aa horizontal line with with the the conclusion conclusion below below as as in in modus modus poneus. poneus. horizontal line • . •
A , AA~ => B B A, B B This presentation of that an an element element This definition definition of of aa proof proof includes includes aa specific specific presentation of evidence evidence that is in the class proofs. is in the class of of all all proofs. The above form of of aa rule rule can can be be used used to to present present any The above form any inductive inductive definition. definition. For For example, the the natural natural numbers numbers are are often often defined defined inductively inductively by by one with no no example, one rule rule with premise and another premise and another rule rule with with one. one. 0o EENN
nn EENN suc(n ) E~ N suc(n) N
This This definition definition of of 5I N isis one one of of the the most most basic basic inductive inductive definitions. definitions. It It is is aa pattern pattern for for all others, others, and and indeed, indeed, itit is is the the clarity clarity of of this this style style of of definition definition that that recommends recommends itit all for for foundational foundational work. work. Inductive definitions definitions are are also also prominent prominent in in set theory. The The article article of of Aczel Aczel [1986] [1986] Inductive set theory. Introduction to to Inductive Inductive Definitions" Definitions" surveys surveys the the methods methods and and results. results. He He "An "An Introduction bases his his account account on on sets of of rule rule instances instances of of the the form form x__ �X where X are are the the premises premises bases sets (I) where X and and xx the the conclusions. conclusions. A A set set Y Y isis called called (I)-closed -closed iff iff X X C_ �Y Y implies implies xx EE Y. Y . The The set set inductively inductively defined defined by by (I) is is the the intersection intersection of of all all subsets subsets Y Y of of A A which which are are C-closed. -closed.
7730 30
R. Constable
3.2. 3.2. Small S m a l l fragment fragment m arithmetic arithmetic We build small fragment fragment of of a a type type theory theory to to illustrate illustrate the the points points we we have have just just We build aa small made. The explanations explanations are are all all inductive. We let let 8 S and and T T be be metavariables metavariables for for made. The inductive. We ! ! types let, s,s, t,t, si, Si, titi ,, also s', t', t', s:, types and and let, also s', si, t: t i denote denote terms. terms. We We arrange arrange the the theory theory around around a a single single judgment, judgment, the the equality equality ss = = tt in in T T.. We We avoid avoid membership membership and and typehood typehood judgments judgments by by "folding "folding them them into into equality" equality" just just to to make account of make the the fragment fragment more more compact. compact. First First we we look look at at an an informal informal account of this this theory. theory. The intended meaning meaning of in T is that The intended of ss = -- tt in T is that T T is is a a type type and and ss and and tt are are equal equal elements it. Thus = tt in implies that elements of of it. Thus a a premise premise such such as as ss = in T T implies that T T is is a a type type and and that that and tt are are elements elements of of T T (thus (thus subsuming membership judgment) judgment).. 229 9 ss and subsuming membership N. If The The only only atomic atomic type type is is N. If 8 S and and T T are are types, types, then then so so is is (8 (S x T) T);; these these are are the only compound compound types. the only types. The canonical elements of of N N are are 00 and and suc(n) suc(n) where where n n is is an an element element of of N, N, The canonical elements canonical canonical or or not. not. The The canonical canonical elements elements of of (8 (S x T) T) are are pair(s; pair(s; t) t) where where ss is is of of type type 8 S and and tt of of type type T. T. The The expressions expressions 10J(p) lof(p) and and 20J(p) 2of(p) are are noncanonical. noncanonical. The The evaluation evaluation of of 10J(pair(s; lof(pair(s; t)) t)) is is ss and and of of 20J(pair(s; 2of(pair(s; t)) t)) is is tt.. The The inference inference mechanism mechanism must must generate generate the the evident evident judgments judgments of of the the form form ss = = tt in in T T according according to to the the above above semantics. semantics. This This is is easily easily done done as as an an inductive inductive definition. definition. The The rules rules are are all all given given as as clauses clauses in in this this definition definition of of the the usual usual style style (recall (recall Aczel Aczel [1977] [1977] for for example) example).. only atomic N. If We We start start with with terms terms and and their their evaluation. evaluation. The The only atomic terms terms are are 00 and and N. If ss and 20J(t) . Of and tt are are terms, terms, then then so so are are suc(t), suc(t), (s (s xx t) t),, pair(s; pair(s; t) t),, 10J(t), lof(t),2of(t). Of course, course, not not will not all will be meaning, e.g. all terms terms will be given given meaning, e.g. (0 (0 x N), N), suc(N) suc(N),, 10J(N) lof(N) will not be. be.
Evaluation. E v a l u a t i o n . Let Let ss and and tt be be terms. terms.
o0 evals_to evals_to 00 N N evals_to evals_to N N suc(t) suc(t) evals_to evals_to suc(t) suc(t) pair(s; pair(s; t) t) evals_to evals_to pair(s; pair(s; t) t) 10J (pair ( s; t)) 1of(pair(s; t)) evals_to evals_to ss
20J(pair(s; 2of(pair(s; t)) t)) evals_to evals_to tt
Remark: Remark: s(N) s(N) evals_to evals_to s(N) s(N),, 10J(pair(N; lof(pair(N; 0)) 0)) evals_to evals_to N. N. So So evaluation evaluation applies applies to to meaningless formal relation, meaningless terms. terms. It It is is a a purely purely formal relation, an an effective effective calculation. calculation. Thus Thus the the base base of of this this theory theory includes includes a a formal formal notion notion of of effective effective computability computability (c.f. (c.f. Rogers Rogers [1967]) with various [1967]) compatible compatible with various formalizations formalizations of of that that notion, notion, but but not not restricted restricted necessarily necessarily to to them them (e.g. (e.g. Church's Church's thesis thesis is is not not assumed). assumed). Also Also note note that that evals_to evals_to is is idempotent; idempotent; if if tt evals_to evals_to t't' then then t' t' evals_to evals_to t' t' and and t' t' is is a a value. value. general g e n e r a l equality equality tt ll = in T tl = ttll = = tt22 in T tl = tt22 in in T T tt22 = = ta t3 in in T T - - tt22 in in T T tl tl evals_to evals_to t� t'1 t� t2 = tl in T tl = t3 in T t~ = = tt22 in in T T 29In the type theory of Martin-Lof [1982], a premise such as s = t in T Martin-Lhf [1982], T presupposes that that T T is a type and that that Ss EE T, T, t EE T. T. This must be known before before the judgment makes sense.
731 731
Types
typehood t y p e h o o d and a n d equality equality 5 1N O0 ==0 iOn in
tt = = t 't'i nin 5 1N suc(t) = = suc(t') suc(t') in in N 51 suc(t)
ss = = s' s' in in S S tt ==t ' it'n Tin T pair(s; pair(s; tt)) == pair(s pair(s';' ; t') t ' ) iin n (S (S x T) T)
The The inductive inductive nature nature of of the the type type N 51 and and of of the the theory theory in in general general is is apparent apparent from from its its presentation. presentation. That T h a t is, is, from from outside outside the the theory theory we we can can see see this this structure. structure. We We can use use induction induction principles principles from from the the informal informal mathematics mathematics (the (the metamathematics) metamathematics) can to say, say, for for example, every canonical canonical expression for aa number number is is either either 00 or or suc(n) suc(n). . to example, every expression for But But so so far far there there is is no no construct construct inside inside the the theory theory which which expresses expresses this this fact. fact. We We will will eventually eventually add add one one in in section section 3.3. 3.3. E x a m p l e s . Here Here are are examples examples oftrue of true judgments judgments that that we we can can make: make: suc(O) suc(O) = suc(O) suc(O) Examples. in N. N. This This tells tells us us that that 51 is a a type type and and suc(O) suc(O) an an element element of of it. it. Also Also pair(O; = in N is pair(O; suc(O)) suc(O)) = pair(O; suc(O)) suc(O)) in in (N (51 x x N) 51) which which tells tells us us that that (N (51 x N) 51) is is a a type type with with pair(O; pair(O; suc(O)) suc(O)) pair(O; aa member. a)) belongs belongs to member. Also Also loj(pair(O; 1of(pair(O; a)) to N 51 and and suc(loj(pair(O; suc(lof(pair(O; a))) a))) does does as as well well for for arbitrary arbitrary aa.. 0 Here is is a a derivation derivation that that suc(loj(pair(O; suc(lof(pair(O; suc(O)))) suc(O)))) = 2oj(pair(O; 2of(pair(O; suc(O))) suc(O))) in in N.3 51.30 Here
00 ==0 i0n in n N in N = 00 in in Nsuc(O) Nsuc(O) = suc(O) suc(O) = = suc(o) suc(o)in N 00 = pair(O; pair(O; suc(O)) suc(O)) = pair(O; pair(O; suc(O)) suc(O)) in in N 51 x N N loj(pair(O; lof(pair(O; suc(O))) suc(O))) = loj(pair(O; lof(pair(O; suc(O))) suc(O))) in in N N loj(pair(O; lof (pair(O; suc(O))) suc(O))) evals_to evals_to 00 2oj(pair(O; 2of(pair(O; suc(O)))= suc(O)))= 2oj(pair(O; 2of(pair(O; suc(O))) suc(O))) in in N N 2oj(pair(O; 2of(pair(O; suc(O))) suc(O))) evals_to evals_to suc(O) suc(O) loj(pair(O; lof(pair(O; suc(O))) suc(O))) = = 00 in in N N suc(loj(pair(O; suc(lof (pair(O; suc(O)))) suc(O)))) = suc(O) suc(O) in in N N
2oj(pair(O; 2of(pair(O; suc(O)) suc(O)))) = = suc(O) suc(O) in in N N suc(O) suc(O) = = 2oj(pair(O; 2of (pair(O; suc(O))) suc(O))) in in N 51
suc(loj(pair(O; suc(lof (pair(O; suc(O)))) suc(O)))) = = 2oj(pair(O; 2of(pair(O; suc(O))) suc(O))) in in N N Analyzing A n a l y z i n g the t h e fragment. f r a g m e n t . This This little little fragment fragment illustrates illustrates several several features features of of the the theory. theory. First, evaluation First, evaluation is is defined defined prior prior to to typing. typing. The The evals_to evals_to relation relation is is purely purely formal formal and and is is grounded grounded in in language language which which is is a a prerequisite prerequisite for for communicating communicating mathematics. mathematics. Computation Computation does does not not take take into into account account the the meaning meaning of of terms. terms. This This definition definition of of computability might be since we relies on computability might be limiting limiting since we can can imagine imagine a a notion notion that that relies on the the information information in in typehood, typehood, and and it it is is possible possible that that a a "semantic "semantic notion" notion" of of computation computation must be be explored explored in in addition, once the the types types are are laid laid down. down. 3311 Our Our approach approach to to must addition, once 30In 3~ type theory, we will write the derivations in the usual bottom-up style with the conclusion at the bottom, leaves at the top. 31 In IZF this is precisely the way computation is done, based on the information provided by a alin membership proof.
732 732
R. Constable
computation is compatible with computation theory computation is compatible with the the view view taken taken in in computation theory (c.f. (c.f. Rogers Rogers [1967]). [1967]). Second, Second, the the semantics semantics of of even even this this simple simple theory theory fragment fragment shows shows that that the the concept concept of a a proposition proposition involves involves the the notion notion of of its its meaningfulness meaningfulness (or (or well-formedness). well-formedness). For For of example, what appears to be be aa simple example, what appears to simple proposition, proposition, tt = = tt in in T T,, expresses expresses the the judgments judgments that that T T is is a a type type and and that that tt belongs belongs to to this this type. type. These These judgments judgments are are part part of of understanding understanding the the judgment judgment of of truth. truth. To To stress stress this this point, point, notice notice that that by by postulating postulating 00 = = 00 in in N N we we are are saying saying that that N N is is a a type, type, that that 00 belongs belongs to to N N and and that that it it equals equals itself. itself. The The truth truth judgment judgment is is entirely trivial; entirely trivial; so so the the significance significance of of tt = = tt in in T T lies lies in in the the well-formedness well-formedness judgments judgments implicit in it. These judgments judgments are are normally normally left left implicit implicit in in accounts accounts of of logic. logic. implicit in it. These Notice Notice that that the the well-formedness well-formedness judgments judgments cannot cannot be be false. false. They They are are a a different different category of those about about truth. truth. To that 00 EE N category of judgment judgment from from those To say say that N is is to to define define zero, zero, and and to to say say N N is is a a type type is is to to define define N. N. We We see see this this from from the the rules rules since since there there are are no no separate "N is� separate rules rules of of the the form form "N is_a type" type" or or 00 is_a is_a N." N." Note, Note, because because tt = - tt whenever whenever tt is type, the is in in a a type, the judgment judgment tt = - tt in in T T happens happens to to be be true true exactly exactly when when it it is is well-formed. well-formed. Finally be clarified Finally the the points points about about tt = = tt in in T T might might be clarified by by contrasting contrasting it it with with sue suc in suc = - suc in O0.. This This judgment judgment is is meaningless meaningless in in our our semantics semantics because because 00 is is not not aa type. Likewise suc = sue in although N type, suc type. Likewise suc = suc in N N is is meaningless meaningless because because although N is is a a type, suc is is not not a a member member of of it. it. Similarly, Similarly, 00 = = sue suc in in N N is is meaningless meaningless since since sue suc is is not not aa semantics. None member member of of N N according according to to our our semantics. None of of these these expressions, expressions, which which read read like like propositions, is propositions, is false; false; they they are are just just senseless. senseless. So So we we cannot cannot understand, understand, with with respect respect to to our our semantics, semantics, what what it it would would mean mean for for them them to to be be false. false. Third, Third, notice notice that that the the semantics semantics of of the the theory theory were were given given inductively inductively (although (although informally), informally), and and the the proof proof rules rules were were designed designed to to directly directly express express this this inductive inductive definition. will be the full definition. This This feature feature will be true true for for the full theory theory as as well, well, although although the the basic basic judgments will involve both semantically semantically and judgments will involve variables variables and and will will be be more more complex complex both and proof theoretically. theoretically. proof Fourth, the semantic language. We Fourth, the semantic explanations explanations are are rooted rooted in in the the use use of of informal informal language. We speak of language is critical speak of of terms, terms, substitution substitution and and evaluation. evaluation. The The use use of language is critical to to ex expressing not treat treat terms terms as nor evaluation pressing computation. computation. We We do do not as mathematical mathematical objects objects nor evaluation as as aa mathematical mathematical relation. relation. To To do do this this would would be be to to conduct conduct metamathematics metamathematics about about the the system, system, and and that that metamathematics metamathematics would would then then be be based based on on some some prior prior informal informal language. language. When When we we consider consider implementing implementing the the theory, theory, it it is is the the informal informal language language which implement, translating translating it notation lying which we we implement, it to to a a programming programming notation lying necessarily necessarily outside outside of of the the theory. theory. Fifth, although the Fifth, although the theory theory is is grounded grounded in in language, language, it it refers refers to to abstract abstract objects. objects. This the equality (pair(O; sue(O))) This abstraction abstraction is is provided provided by by the equality rules. rules. So So while while 10f lof(pair(O; suc(O))) is is not canonical integer not aa canonical integer in in the the term term language, language, we we cannot cannot observe observe this this linguistic linguistic fact fact in in the the theory. theory. This This term term denotes denotes the the number number O0.. The The theory theory is is referential referential in in this this sense. sense. Sixth, Sixth, the the theory theory is is defined defined by by rules. rules. Although Although these these rules rules reflect reflect concepts concepts that that we meaningful, and we have have mastered mastered in in language, language, so so are are meaningful, and although although all all of of the the judgments judgments we evident, it Since the we assert assert are are evident, it is is the the rules rules that that define define the the theory. theory. Since the rules rules reflect reflect aa semantic the objects semantic philosophy, philosophy, we we can can see see in in them them answers answers to to basic basic questions questions about about the objects
Types
733 733
of the the theory. theory. We We can can say say what what a a number number is, what 00 is, is, what what successor successor is. is. Since Since the the of is, what fragment fragment is is so so small, small, the the answers answers are are a a bit bit weak, weak, but but we we will will strengthen strengthen it it later. later. Seventh, the the theory theory is is open-ended. open-ended. We We expect expect to to extend extend this this theory theory to to formalize formalize Seventh, ever larger larger fragments fragments of of our our intuitions intuitions about about numbers, numbers, types, types, and and propositions. propositions. As As ever G6del showed, complete. So Ghdel showed, this this process process is is never never complete. So at at any any point point the the theory theory can can be be extended. extended. By By later later specifying specifying how how evaluation evaluation and and typing typing work, work, we we provide provide aa framework framework for for future future extensions extensions and and provide provide the the guarantees guarantees that that extensions extensions will will preserve preserve the the truths truths already already expressed. expressed.
3.3. 3.3. First F i r s t extensions extensions We could could extend extend the the theory theory by by adding further forms forms of of computation such as as a a We adding further computation such the evaluation term, prd, term, prd, for for predecessor predecessor along along with with the evaluation
prd(suc(n)) prd(suc(n)) evals_to evals_to n. n. We We can can also also include include a a term term for for addition, addition, add(s; add(s; t) t) along along with with the the evaluation evaluation rules rules
add(O; t) evals_to add(O; t) evals_to tt
add(n; t) evals_to add(n; t) evals_to s' s' add(suc(n); t) t) evals_to evals_to suc(s suc(s')' ) add(suc(n);
We We include, include, as as well, well, a a term term for for multiplication, multiplication, mult(s; mult(s; t) t) along along with with the the evaluation evaluation rule rule mult(O" t) evals_to 00 mult(O; t) evals_to '
mult(n; mult(n; t) t) evals_to evals_to m m add(m; add(m; t) t) evals_to evals_to aa mult(suc(n); t) evals_to mult(suc(n); t) evals_to aa
These equalities. We These rules rules enable enable us us to to type type more more terms terms and and assert assert more more equalities. We can can easily easily prove, prove, for for instance, instance, that that
add(suc(O); add(suc(O); suc(O)) suc(O)) = = mult(suc(O); mult(suc(O); add(suc(O); add(suc(O); suc(O))) suc(O))) in in N. N. But "theory" is is woefully woefully weak. It cannot cannot But this this "theory" weak. It internally express 9 internally express general general statements statements such such as as prd(suc(x)) prd(suc(x)) = - xx in in N l~l or or add(suc(x); ; y) y) = - suc(add(x; suc(add(x; y)) y)) for for any any x x because because there there is is no no notion notion of of variable, variable, add(suc(x) but but these these are are true true in in the the metalanguage. metalanguage.
•
•
definition patterns 9 express express function function definition patterns such such as as the the primitive primitive recursions recursions which which were were used add, multiply multiply and used to to define define add, and for for which which we we know know general general truths. truths.
•
9 express express the the inductive inductive nature nature of of N N and and its its consequences consequences for for the the uniqueness uniqueness of of functions functions defined defined by by primitive primitive recursion. recursion. Adding Adding capability capability to to define define new new functions functions and and state state their their "functionality" "functionality" takes takes us concrete theory one; from us from from a a concrete theory to to an an abstract abstract one; from specific specific equality equality judgments judgments to to functional functional judgments. judgments. These These functional functional judgments judgments are are the the essence essence of of the the theory, theory, and and they connecting to they provide provide the the basis basis for for connecting to the the propositional propositional functions functions of of typed typed logic. logic. So So we we add add them them next. next.
734 734
R. Constable Constable R.
The simplest simplest new new construct construct to to incorporate incorporate isis one one for for constructing constructing any any object object The (primitive) by following following the the pattern pattern for for the the construction construction of of aa number. number. We We call call itit aa (primitive) by recursion combinator, combinator, R. R. ItIt captures captures the the pattern pattern of of definition definition of of prd, prd, add, add, mult mult given given recursion above. ItIt will will later later be be used used to to explain explain induction induction as as well. well. above. The defining defining property property of of RR isis its its rule rule of of computation computation and and its its respect respect for for equality. equality. The 32 The We present present the the computation computation rule rule using using substitution. substitution.32 The simplest simplest way way to to to to this this We bound variables variables (as (as in in the the lambda lambda calculus calculus or or as to to use use the the standard standard mechanism mechanism of of bound as in quantifier quantifier notation). notation). To To this this end end we we let let u, u, v, v, w, w, x, x, y,y, zz be be variables, variables, and and given given an an in exp of of the the theory, theory, we we let let u.exp u.exp or or u, u, v.exp v.exp or or u, u, v,x.exp v, x.exp or or generally generally expression exp expression U l , . . . , un .exp (also (also written written ~t.exp) u.exp) be be aa binding phrase. We that the the ui Ui are are Ux,...,un.exp binding phrase. We say say that binding occurrences occurrences of of variables variables whose whose scope scope isis exp. exp. The The occurrences occurrences of of ui Ui in in exp exp are are binding bound (by (by the the smallest smallest binding binding phrase phrase containing containing them). them). The The unbound unbound variables variables of of bound exp are are called called free, free, and and ifif xx isis aa free free variable variable of of ~.exp, u.exp , then then ~.exp[t/x] u.exp[t/x] denotes denotes the the exp every free free occurrence occurrence of of xx in in exp. exp o IfIf any any of of the the ui Ui occur occur free free in in substitution of of tt for substitution for every t, usual u.exp[t/x] ~.exp[t/x] produces phrase u'.exp' ~t'.exp' where where the t , then then as as usual produces aa new new binding binding phrase the binding binding 33 variables are prevent capture capture of variables of of t.t . 33 variables are renamed renamed to to prevent of free free variables b[t/v] evals_to evals_to cc b[t/v] R(0; v.b; u, i.h) evaZs evals_to R(O; t;t; v.b; u, v,v, i.h) -to cc
R(n; t; v.b; u, v, v, i.h) ali] evals_to R(n; t; v.b; u, i.h) evals_to evals_to aa h[n/u, h[n/u, t/v, t/v, a/i] evals_to cc R(suc(n); t; v.b; u, v, v, i.h) R(suc(n); t; v.b; u, i.h) evals_to evals_to cc Here addition in Here is is a a typical typical example example of of R R used used to to define define addition in the the usual usual primitive primitive recursive recursive way. way.
R(n; R(n; m; m; v.v; v.v; u, u, v, v, a.suc(a)) a.suc(a) )
We We see see that that
R(O; m;; --R(0; m - ) ) evals_to evals_to m m , , i.e. i.e. 00 + +m m = =m m R(suc(n) R(suc(n);; m; m ; --- ) ) evals_to evals_to suc(R(n; suc(R(n; m; m ; --- ) ) )), , i.e. i.e. suc(n) suc(n) + +m m evals_to evals_to suc(n suc(n + + m) m) Once Once we we have have introduced introduced binding binding phrases phrases into into terms, terms, the the format format for for equality equality and and consequent consequent typing typing rules rules must must change. change. Consider Consider typing typing R. R. We We want want to to say say that that if if v.b v.b and and u, u, v, v, i.h i.h have have certain certain types, types, then then R R has has aa certain certain type. type. But But the the type type of of bb and and hh will will depend depend on on the the types types of of u, u, vv and and ii.. For For example, example, the the type type of of v.v v.v will will be be T T in in aa context context in in which which the the variable variable vv is is assumed assumed to to have have type type T T.. Let Let us us agree agree to to use use the the judgment judgment tt E ET T to to discuss discuss typing typing issues, issues, but but for for this this theory theory fragment fragment (as (as for for Nuprl Nuprl)) this this notation notation is is just just an an abbreviation abbreviation for for tt = = tt in in T T.. We We will will use use it it when when we we intend intend to to focus focus on on typing typing issues. issues. We We might might write write aa rule rule like like 32 32R R can can also also be be defined defined as as aa combinator combinator without without variables. variables. In In this this case case the the primitive primitive notion notion isis application application rather rather than than substitution. substitution. 33If 33If tI; ui isis aa free free variable variable of of tt then then itit is is captured capturedin in ii.exp[t/x] fi.exp[t/x] by by the the binding binding occurrence occurrence tlj ui..
735 735
Types
N vv EE Al A~ U u EEI N A 1 ii E EB B 22 nn EEI NN tt EEAA1 I bvb EEEE �I hh EE B B22 B22 R(n; t; v.b; u, v, v, i.h) R(n; t; v.b; u, i.h) E EB B22 The The premises premises
uu EE N Al ii EE B N vv E E A1 B22 hh EEBB 22 reads reads ""hh has has type type B B22 under under the the assumption assumption that that u u has has type type N, N, u u has has type type Al A1 and and ii has has type type B B2." 2 ." For ease ease of of writing writing we we render render this this hypothetical hypothetical typing typing judgment judgment as as For uu ::NN, The syntax , vv ::AAI 1 , , ii ::BB 22 f~ h h E E B B2. syntax u u ::NN is is a a vvariant a r i a n t of of u u E E N N which which 2 . The stresses the typing stresses that that u u is is a a variable. variable. Now Now the typing of of R R can can be be written written nn EE N : AI f- bb EE B N,, vv:A1, : AI , ii:B2 : B2 f-F- hh EE B N tt EENN v v:A1FB22 u u :: N B22 R(n; t; v.b; v, i.i. h) R(n; t; v.b; u, u, v, h) E EB B22 This n, t,t, bb and possibly compound compound expressions This format format tells tells us us that t h a t n, and h h are are possibly expressions of of the the indicated v, u, u, ii as indicated types types with with v, as variables variables assumed assumed to to be be of of the the indicated indicated types. types. Following our our practice practice of of subsuming subsuming the the typing typing judgment judgment in in the the equality equality one, one, we we Following introduce introduce the the following following rule. rule. First First let let
Principle_argument Principle_argument Aux_argument Aux_argument Base_equal ity Base_equality Induction_equality Induction_equality
nn = = n' n' in in N N tt = = t' t ~ in in N 1N vv = in B2 = v' v ~in in A A1F= b' b~inB2 l f- bb = uu = = u' u ~in in N, IN, vv = = v' v ~in in AI, A1, ii = = ii '~in in B B22 fF- h h = = h' h' in in B B22
== ---
== ==
Then Then the the rule rule is is
Principle_argument Aux_argument Base_equality Induction_equality Principle_argument Aux_ar g u m e n t Base_equality Induction_equality R(n; t; v. v. b;b; u, v, e.e. h) R(n; t; u, v, h) = - R(n R(n';' ; tt';' ; vv'.'. b'; u',' , vv',' , ee'.' . h') h') in in B B22 b'; u Unit U n i t and a n d empty e m p t y ttypes. y p e s . We We have have already already seen seen a a need need for for a a type type with with exactly exactly one one element, element, called called a a unit unit type. type. We We take take 11 as as the the type type name name and and •9 as as the the element, element, and and adopt adopt the the rules: rules: .9=1 4.9 in l
We We adopt adopt the the convention convention that that such such a a rule rule automatically automatically adds adds the the new new terms terms .9 and and 1 to to the the collection collection of of terms. terms. We We also also automatically automatically add add •
9 evals_to evals_to •9
1 evals_to 1
to indicate that to indicate that the the new new terms terms are are canonical canonical unless unless we we stipulate stipulate otherwise otherwise with with a a different different evaluation evaluation rule. rule.
R. Constable
736
We will have reasons reasons later later for for wanting wanting the the "dual" "dual" of of the the unit unit type. type. This This is is the the We will have empty empty type, type, 0, 0, with with no no elements. elements. There There is is no no rule rule for for elements, elements, but but we we postulate postulate 0 0 is_a type is_a type from from which which we we have have that that we we 0 0 as as a a term term and and 0 0 evals_to evals_to 0 0 An handling 00 is An interesting interesting point point about about handling is to to decide decide what what we we mean mean by by assuming assuming xx EE O. 0. Does Does
xx : :0OF -I- xx EE0 O make make sense? sense? Is Is this this a a sensible sensible judgment? judgment? We We seem seem to to be be saying saying that that if if we we assume assume
belongs to O. We clearly know to 0 and and that that 0 0 is is type, type, then then x x indeed indeed belongs to 0. We clearly know xx belongs belongs to functionality vacuously vacuously since since there there are are no no closed closed terms terms t, with tt = = t' t' in in 0. It is is t, t't' with o. It functionality more interesting to more interesting to ask ask about about such such anomalies anomalies as as
or x z : :0 0 F -I-z Ex1E 1 xx : :00F -I-x Ex NE N or
or possible nonsense or even even the the possible nonsense
xx : :O0~ I-N ENNE. N. What are we the design the theory? W h a t are we to to make make of of these these "boundary "boundary conditions" conditions" in in the design of of the theory? According to 0 ItAccording to our our semantics semantics and and Martin-Lors Martin-LSf's typing typing judgments, judgments, even even x x :"0 (suc = t, t't' in (suc = N N in in N) N) is is a a true true judgment judgment because because we we require require that that 0 0 is is a a type type and and for for t, in 0, if if tt = = t' t' in 0, then then suc suc E E N, N, N N E E N and sue suc = = N N in in N. N. Since Since anything anything is is true true for for 0, in 0, N and all t, t't' in 0, the true. all t, in 0, the judgment judgment is is true. This bizarre, but will be This conclusion conclusion is is somewhat somewhat bizarre, but we we will will see see later later that that there there will be other other types, I P( x()x}) } whose types, of of the the form form {{xx : : A AlP whose emptiness emptiness is is unknown. unknown. So So our our recourse recourse is is to to treat treat types types uniformly uniformly and and not not attempt a t t e m p t to to make make a a special special judgment judgment in in the the case case of of assumptions assumptions of of the the form form x x :: T T for for which which T T might might be be empty. empty. List list data data type almost as central to L i s t types. t y p e s . The The list type is is almost as central to computing computing as as the the natural natural numbers. numbers. We We presented presented this this type type in in the the logic logic as as well, well, and and we we follow follow that t h a t example example even though we special case even though we can can see see lists lists as as a a special case of of the the recursive recursive types types to to be be discussed discussed pleasing to later (section 4). later (section 4). The The rules rules are are more more compact compact and and pleasing to examine examine if if we we omit omit T and use the typing abbreviation of t E T for t = t in the typing context the typing context T and use the typing abbreviation of t E T for t = t in T T.. So So although we we will will write write a a rule rule like like 334 4 although
aa EE A, A, 11 EE list(A) list(A) eons(a; cons(a; l) l) E list(A) list(A) Without W i t h o u t its its typing typing context, context, we we intend intend the the full full rule rule T T It- a a = = a' a' in in A A T T IF- 1l = = l' l' in in list(A) list(A) T T IF- eons(a; cons(a; l) l) = = eons(a cons(a';' ; ll') in list(A). list(A). ' ) in 34In 34In this section we use list(A) instead of A list to stress that we are developing a different theory than in theory than in section section 2. 2.
737 737
Types
We also also introduce introduce a a form form of of primitive primitive recursion recursion on on lists, lists, the the combinator combinator L L whose whose We evaluation are: evaluation rule rule and and typing typing rules rules are:
b[t/v] b[t/v] evals_to evals_to cc L(nil; p; v.b; h, t,t, v, v, i.g) L(nil; p; v.b; h, i.g) evals_to evals_to cc L(l, s, v.b, h, t,t, v,v, i.g) cdi] evals_to L(l, s, v.b, h, i.g) evals_to evals_to Cl c, g[a/h, g[a/h, lit, 1/t, s/v, ~1~, c,/i] evals_to C2 c2 L(cons(a; h, t,t, v,v, i.g) L(cons(a; l); l); s; s; v.b; v.b; h, i.g) evals_to evals_to C2 c2 Let b; h, h, t,t, v,v, e.e. g), and Let L[x; L[x; b, b, g] g] = = L(x; L(x; v. v. b; g), and HE in S HB === = V v = = Vi v ~ in S fF- bb = = b' b~ E E B, B, Hs A,, t =t t= t'~in Hs == == hh = hi h ~in inA i n llist(A), i s t ( A ) , vv = Vi v ~in in S, S, ii = i' i ~in i n BB~ fg =9g ~=i ng'Bin , B,
C CAA == = = f~- a a = = a' a ~in in A, A, Css == = = f~ ss = = s' s ~in in S, S, and and C
C Alist === CAli~t = fF- ll = = l' l' in in list(A), list(A), then then Hs C Hs HB nz Ca Ca~i,~ CA Cs Aliit L[cons(a; b; g] L[cons(a; l), l), b; g] = = L[cons(a'; L[cons(a'; I') l'),, b', b', g'] g'] in in list(A) list(A)
L(nil; L(nil; v.b; v.b; h, h, t, t, v, v, i.g) i.g) = L(nil; L(nil; v.b'; v.b'; hi, h', t, t, V, v, i.g i.g')' ) in in list(A) list(A) Here Here are are typical typical generalizations generalizations of of the the functions functions add, add, mult, mult, exp exp to to N N list list to to illustrate L. For illustrate the the use use of of L. For the the list list (3, (3, 8, 8, 5, 5, 7, 7, 22)) the the operations operations behave behave as as follows. follows. Add Add addL addL is is (3 (3 + + (8 (8 + + (5 (5 + + (7 (7 + + ((22 + + 0)))) 0))))),) , multL multL is is 33 *9 88 *9 55 *9 h 7 9 22 *9 11,, expL expL22 is is (((((2)2 ) 2~)~)~)~)~. ((((( ) 7 ) 5 ) 8) 3 .
a.add(h, a)) L(l; 0; addL(l) == = = L(1; 0; h, h, t, t, a.add(h, a)) addL(I) 1; h, m.mult(h, m)) multL(l) == = = L(l; L(1; 1; h, t, t, m.mult(h, m)) multL(I) ezpL(l)~ == = = L(I; n(1; k; k; h, h, t, t, e.exp(h, e.exp(h, e)). e)). expL(I)k The The induction induction rule rule for for lists lists is is expressed expressed using using L L as as follows. follows. Let Let Hs Hs == xz Ee list(A), list(A), Yy E e S, S, vv E e S S fF- j[nil/x, f[nil/z, v/y] v/y] = = bb in in B S
and and let let HUst Htist ==
xx Ee list(A), A, tt Ee list(A), list(A), yy E e S, S, hh E e A, list(A), vv E e S, S, ii E e B B fF- j[cons(h; f[cons(h; t)/x, t)/z, v/y] v/y] = 9g in in B, B, then then
Hs
Htist
xz EE list(A) v, i.g) list(A), , yy E e S S fF- j f = L(x; L(x; y; y; v.b; v.b; h, h, t, t, v, i.g) in in B B This This says says that that L L defines defines a a unique unique functional functional expression expression over over list(A) list(A) and and S S because because
the the values values as as inductively inductively determined determined by by the the evaluation evaluation rule rule completely completely determine determine functions functions over over list(A) list(A). .
738 738
Constable R. Constable R.
3.4. FFunctions 3.4. unctions
The judgment judgment xx -= xx in The in AA FI- bb -= bb in in BB defines defines aa function function from from AA to to BB whose whose rule rule isis given given by by the the expression expression b.b. We We know know this this from from the the functionality functionality constraint constraint in the the type type A, A , then then b[a/x] bra/xl == b[a'/x] bra' /x] in in implicit in in the the judgment, judgment, i.e. i.e. ifif aa == a'a' in implicit the expression in the type type B. B . Likewise Likewise ifif bl b1 isis an an expression in xx and and b'b' isis an an expression expression in in x' x' then then xx -= x' b' in two rules b' are in BB defines defines such such aa function. function. The The two rules b, b, b' are considered considered x' in in A A FI- bb -= b' equal in A. A . Also Also itit isis part part of of the the judgment judgment that that b[a/x] bra/xl -= b'[a'/x']. b'[a' /x'] . To To equal on on equal equal a,a, a'a' in extensional. this extent extent at at least least the the notion notion of of equality equality on on these these functions functions isis extensional. this Let us us look look at at patterns patterns of of functionality functionality that that involve functions as as arguments. arguments. The The Let involve functions N isis represented represented by by addition function function on on N addition
add(loJ(z); 2of(z)) 2oJ(z)) EE NN N xx NN FI- add(lof(z); zz EE N We also know know that that We also
l1 EE list(N) l i s t ( N ) FI- addL(l) addL(l) E e N. N.
We the pattern pattern of of definition definition used multL, expL expL We know know that that the used to to form form addL, addL, multL, can extended to to any any binary binary function function Jf from to N using can be be extended from N N xx N N to N using fJLk Lk(1) = L(l; L(l; k; (h, a)). For any any specific we can can write write this function fJLk Lk(l), (l) = k; h, h, t,t, a.f a.f(h, a)). For specific fJ we this function (l) , but we would like to to express general fact as aa function saying: for for any but we would like express the the general fact as function of of fJ, , saying: any function from N to to N N and and any any kk in in N k; h, h, t,t, a.f(h,a)) a.J(h, a)) isis aa functional function from N N x x N N, , L(l; L(l; k; functional expression expression in in l,l, kk and and fJ. . In order to say this, this, we type for (N xx N) N) -+ -+ N the In order to say we need need aa type for fJ. . The The notation notation (N N is is the type used in section 2. We can add (A --+ -+ B) B) as type expression for A A and and B type used in section 2. We can add (A as a a type expression for B types. But we also need canonical canonical values for the the type, type, what should they they be? be? Can Can we types. But we also need values for what should we use use (x (x E EA A IF bb E e B) B) as as a a notation notation for for a a function function in in (A (A -+ --+ B) B ) ?? It notation; it similar to It would would be be acceptable acceptable to to use use just just that that notation; it is is even even similar to the the Bourbaki Bourbaki notation notation x x f-t ~-~ b(x b(x E E A, A, bb E E A) A) (see (see Bourbaki Sourbaki [1968a]). [1968a]). But But in in fact fact we we do do not not need need the type type information information to to define define the the evaluation evaluation relation relation nor nor to to describe describe the the typing typing rule. the rule. So So we we could could simply simply use use (x (x f-t ~ b) b).. Instead Instead we we adopt adopt the the lambda lambda notation notation 'x(x.b) A(x.b) more more familiar familiar in in computer computer science science as as we we did did in in sections sections 11 and and 2. 2. We We also also need need notation notation for for function function application. application. We We write write ap(f; ap(f; a) a) for for the the applica application tion of of function function J f to to argument argument a a,, but but often often display display this this as as J(a) f(a). . The The new new evaluation evaluation rules rules are: are: 'x(x.b) A(x.b) evals_to evals_to 'x(x.b) A(x.b)
bra/xl b[a/x] evals_to evals_to c ap(,X(x.b); a) evals_to c The The typing typing rule rule is is xx ==x 'x' in A I-F bb ==b b' inA ' i nin BB ,X(x. .' II) in A(x. b) b ) == 'x(x A(x'./~) in (A (A -+ ~ B) B)
739 739
Types This rule rule generates generates the the type type (A --+ B) B) as as a a term. term. 33~ This (A -+ 5
3.5. 3.5. Duality D u a l i t y and a n d disjoint d i s j o i n t unions unions
The called duals The types types 0 0 and and 11 are are called duals of of each each other other in in a a category category theory. theory. Here Here is is what means. The called terminal what this this means. The object object 11 is is called terminal (or (or final) final) because because for for every every type type A A,, there there is is a a unique unique map map iinn A A -+ -+ 1, 1, i.e. i.e. a a map map terminating terminating iinn 1, namely namely >.(x A ( x.. .•)). . The The object 0 0 is is initial initial since since for for every every type type A A,, there there is is a a unique unique map map initiating in 0, i.e. 0 object initiating in 0, i.e. -+ -+ A A,, namely namely >'(X.X) ~(x.x).36 . 36 The The duality duality concept concept is is that that the the arrows arrows of of the the types types are are reversed reversed in in the the definition. definition. 1 is is final final iff iff for for all all A A there there is is a a unique unique element element in in A A -+ -+ l1.. o 0 is is initial initial iff iff for for all all A A there there is is a a unique unique element element in in 0 0 -+ -+ A. A. We We will will examine examine another another useful useful duality duality next. next. be characterized The The type type A A x • B B can can be characterized in in terms terms of of functions. functions. In In category category theory theory this this is is done done with with a a diagram diagram c C
V~/Pp � ff Z/ " ~ gg � A A ~f':-- A A •x B ~ B B which projection functions == which says says that that given given the the projection functions aa = - >.(x.loJ(x)) )~(x.lof(x)), , bb == - = >.(x.2oJ(x)) A(x.2of(x)) and A, 9g :: C B, there and any any functions functions J f :: C C -+ --+ A, C -+ --+ B, there is is exactly exactly one one map map p p denoted denoted (1, ( f , gg) ) E E CC- +-+ A •A x B such that J = a 0 p and 9 = b 0 Pi that is, for f o r zzEEC C J(z) f(z) = -- a((1, a ( ( f , gg) ) ((z)) z)) g(z) = = b((1, b((f, g)(z)). g)(z)). We We can can show show that that >.(z.pair(J(z) A(z.pair(f(z); i g(z))) g(z))) is is the the unique unique map map (1, (f, g) g)..
In construction that In category category theory theory there there is is a a construction that is is dual dual to to the the product, product, called called
co-product. diagram, so co-product. Duals Duals are are created created by by reversing reversing the the arrows arrows in in the the diagram, so for for a a dual dual
we we claim claim this. this.
C C f\ A
ff ~jl :i pp "' r,,,, g g � A A ~� A A ++B B ~ Z BB Given inl EE A Given A, A , BB with with maps maps inl A -+ ~ A A + + B B , , inr inr E E B B -+ ~ A A + + B B and and maps maps Jf EE A A -+ -+ C C,, 9 g E E (B (B -+ -+ C) C) there there is is a a unique unique map map [1, [f, g] g] E EA A+ + B B -+ -+ C C such such that that
[1, [ f , g] g ] o0iinl n l == f J and and [J, [ f , b] b ] 0o iinr n r == g . g. In In type type theory theory we we take take inl(a) inl(a),, inr(b) inr(b) to to be be canonical canonical values values with with evaluation evaluation 35Martin-L6f : A f-F-b E B since this means that 35Martin_LSf would only need the premise x x:A that A is a type. But in his system to prove x ::A fF-b E B requires requires proving A is..a is_a type type.. 36We 36We could also use A(X. ,k(x. aa)) for any aa EE A if there is one since under the assumption that that xx EE 00,, xx = - a a for any aa,, thus A(X. ,k(x. x) x) = = A(X. )~(x. aa)) in 00 � --+ A A..
740 740
R. Constable Constable R.
inl(a) inl(a) evals_to evals_to inl(a) inl(a)
inr(b) evals_to evals_to inr(b). inr(b). inr(b)
For AA and and BB types, types, AA ++ BB isis aa new new type type called called the the disjoint disjoint union union of of A A and and B. B. For But the the typing typing rules rules present present aa difficulty. difficulty. IfIf we we simply simply write write But in A A aa == da' in
inl(a' ) in in AA ++ SB inl(a) == inl(a') inl(a)
bb = =b b'~ in in BB
inr(b) inr(b') in in A A ++ BB inr(b) == inr(b')
then we we can can deduce deduce aa judgment judgment like like inl(O) inl(O) -= inl(O) inl(O) in in N N ++ suc(O) suc(O) which which does does then not make make sense sense because because N N ++ suc(O) suc(O) isis not not aa type. type. That That is, is, the the rules rules would would no no longer longer not propagate the invariant invariant that that ifif tt == tt in in TT then then TT is is aa type. type. propagate the is_a type, type , into into the the We could solve solve this this problem problem by by including including aa new new judgment, judgment, TT is_a We could theory. The The rules rules would would be be quite quite clear clear for the types built, namely: namely: theory. for the types already already built, N is_a type
1 is_a type 0 is_a type
A is_a type type B is_a type A is_a B is_a type (A xx B) is_a type (A B) is_a type list(A) list(A) is_a is_a type type (A (A -+ -~ B) B) is_a is_a type type (A is_a type (A + + B) B) is_a type We We can can then then use use the the rules rules
aa = - a' d in in A A B B is_a is_a type type inl(a) inl(a) = = inl(a inl(a')' ) in in A A+ + B B
bb = - b' b~in in B B A A is. is_a type .a type inr(b) inr(b) = = inr(b inr(l/)' ) in in A A+ + B B
We We will will see see in in section section 3.7 3.7 how how to to avoid avoid adding adding this this new new judgment judgment T T is_ is_ type type.. The gj is The map map [j, [f,g] is built built from from aa new new form form called called decide(d; decide(d; u.f(u); u.f(u); v.g(v)) v.g(v)) whose whose evaluation evaluation rules rules are are
f(a) f (a) evals_to evals_to cc decide(inl(a); decide(inl(a); u.f(u) u.f (u);; v.g(v)) v.g(v)) evalS-to evals_to cc g(b) g(b) evals_to evals_to cc decide(inr(b) decide(inr(b);; u.f(u); u.f (u); v.g(v)) v.g(v)) evals_to evals_to cc The gj isis )..)~(x.decide(x; ( x.decide(x; u.f( u) ; v.g( v)) ) . ItIt isis easy The function function [j, [f,g] u.f(u); v.g(v))). easy to to see see that that
[j, g] (inl(a)) =- ff(a) (a) and [f,g](inl(a)) and [j, (inr(b)) =- g(b) If, g] g](inr(b)) g(b)..
Types
741 741
3.6. 3.6. Metamathematical M e t a m a t h e m a t i c a l properties p r o p e r t i e s of of the t h e type t y p e theory t h e o r y fragment fragment
The theory with -* and The theory with base base types types 0, 11,, N and and type type constructors constructors x x,, list, list,--+ and + + is is sufficiently sufficiently complex complex that that it it is is worthwhile worthwhile analyzing analyzing its its properties. properties. First, First, it it is is based based on on a a simple simple inductive inductive model model of of computability computability and and typing typing that that is intuitively intuitively clear. clear. So So we we could could accept accept it it based based on on self-evidence. self-evidence. Indeed Indeed it it is is like like is PRA Church Church [1960] in that that regard-a regard--a manifestly manifestly correct correct theory theory baring baring mistakes mistakes of of [1960] in PRA formalization the intuitive this type theory leads formalization of of the intuitive ideas. ideas. Discussing Discussing this type evidence evidence for for the the theory leads us into philosophy and and Formal Formal Methods Methods studies of formalization formalization which are beyond beyond us into philosophy studies of which are the the scope scope of of the the work. work. Second, we Second, we can can prove prove various various properties properties of of the the formalism formalism by by syntactic syntactic means. means. For For instance: instance: Termination Termination of of Evaluation: Evaluation: If If ft- tt = = tt in in T T then then there there is is a a term term t' t' such such that that tt evals_to evals_to t' t' and and t' t' evals_to evals_to t' t'.. Subject Subject Reduction: Reduction: If If f~ tt = = tt in in T T and and tt evals_to evals_to t' t' then then ft- t' t ~= = t' t' in in T T.. Typehood: Typehood: If If ft- ttl1 = = tt22 in in T T then then T T is_a is_a type type,, and and ft- ttl1 = = t1 tl in in T T and and f~ tt22 = = tt22 in in
T T.. Nontriviality: Nontriviality: There There is is no no term term tt such such that that ft- tt = = tt iinn O. 0. Consistency: Consistency: It It is is not not possible possible to to derive derive 00 = = suc(O) suc(O) in in N. IN.
Third, Third, we we can can translate translate this this theory theory into into various various well-known well-known mathematical mathematical theories theories order, HA IZF set including including Heyting Heyting Arithmetic Arithmetic of of w w order, HA wW,, IZF set theory theory and and ZF ZF set set theory, theory, and and the the theories theories of of Feferman Feferman [1970,1975] [1970,1975].. There There are are also also categorical categorical models models of of this this ( Bell [1988]) . simple fragment using topoi simple fragment using topoi (Bell [1988]). /
3.7. 3.7. Inductive I n d u c t i v e type t y p e classes classes and a n d large large types types
The belong to The types types defined defined so so far far belong to an an inductively inductively defined defined collection collection according according to is_a type last section. to the the scheme scheme for for T T is_a type in in the the last section. Let Let U1 U1 denote denote this this inductively inductively defi ned collection defined collection of of types; types; it it has has the the characteristic characteristic of of aa type type in in that that it it has has elements elements and and is is structured. structured. Evaluation Evaluation is is defined defined on on the the elements, elements, e.g. e.g. N 1N evals_to evals_to N, IN, (N (N x N) IN) evals_to evals_to (N (IN x N) N),, etc. etc. So So all all of of the the elements elements are are canonical canonical and and are are built built up up inductively themselves. N. It properties of inductively themselves. In In this this regard regard U1 U1 resembles resembles IN. It has has all all the the properties of aa type. type. We We want want to to make make U1 U1 a a type. type. So So we we add add rules rules for for its its elements elements in in terms terms of of equalities. equalities. For For example, example, there there are are rules rules 0 = = 0 in in U1 U1 and and
A in1U1 A ==AA' ' i nin U 1U1 B B ==B B' 'inU A A xB B = = A A'' X x B B'' in in U1 U1
The have in in mind are these The equality equality rules rules we we have mind are these 1l ==l i n1 Uinl U1 N N ==NN i nin U IU1 0 O ==O0i ninUU1 t
742 742
R. Constable R.
A==AA' B==B 'B' A ' i nin U 1U1 B (A a ' xx B') (A •x BB)) == ((A' B')
inU1 in U1 in in Ux U1 list(A') in 0"1 U1 list(A) == list(a') list(a) in (A' --+ B') in (A --+ (A in U1 U1 -+ B') -+ BB)) == (A' B) == ((A' B') in in U1 U1 (A ++ B) (A a ' ++ B')
This is is aa structural structural or or intensional intensional equality equality (used (used in in both both Nuprl Nuprl and and MartinMartin This Lof [1982]). [1982]) . ItIt turns turns out out that that this this equality is also also extensional since A A == BB in in U1 iff Lbf equality is extensional since U1 iff A implies implies aa EE B B and and conversely. conversely. This This is is the the only only type type so so far far whose whose elements elements are are EA aa E but itit does does not not include include all all types, types, in in particular particular U1 not in in U1 U1 according according to to our our types, but types, U1 isis not semantics. semantics. We have no no way way to to prove prove that that U1 to say say is not not in in U1. U1 • We We don't don 't even We have U1 is even have have aa way way to this. this. But But itit would would be be possible possible to to add add aa recursion recursion combinator combinator on on U1 U1 that that expressed expressed the idea idea that that U1 is the the least least type type closed closed under under these these operations. operations. The The combinator combinator the U1 is would have the the form form of of aa primitive primitive recursive definition would have recursive definition
f(O, x) = f(o, = bo(x) b0( )
f(l, x) x) = (x) f(1, : b1 bl(X) = b f(N, x) f ( U , x ) = b2(x) 2 (x) f((A x) = h1 f((A x x B), B),x) h x(A, ( A ,B, B , ff(A, ( A , xx) ) , ,f f( B(B, , x )x)) ) ff (((A + B), x) = hh 44(A, (A + B),x) ( A ,B, B , ff ((A, A , xx), ) , ff( B(B, , x )x)) ) With this form recursion and and the corresponding induction rule we prove With this form of of reeursion the corresponding induction rule we could could prove 0, 1, 1, N, N, aa product, etc. that every every element element of of U1 that was either either 0, product, a a union, union, etc. U1 was Once regard types types as elements of then we can extend our Once we we can can regard as elements of a a type type like like U1 U1,, then we can extend our methods for building building objects, over N N or or by analysis over of Booleans, methods for objects, say say over by case ease analysis over aa type type of Booleans, say say iii ]~ etc. etc. to to building building types. types. Here Here are are two two examples, examples, taking taking iii ]~ as as an an abbreviation abbreviation of of 11 + (.) as tt and ( . ) as + 11 and and abbreviating abbreviating inl inl(.) as tt and inr inr(.) as f ff f .. Let A, T(ff) = B A(x.T(x)) is Let T(tt) T(tt) = A,T(ff) B,, then then )~(x.T(x)) is a a function function iii ]~ -+ --+ U1 U1.. If If we we build build aa generalization generalization of of iii ]~ to to n n distinct distinct values, values, say say iii" ]I~ = - ((1 ((1 + + 1) 1) + + . .. .. . + + 1) 1) n n times times defined IIi(suc(n)) = lIi(n) + with elements build defined by by iii ]~ = = 1, 1,]~(suc(n)) = ]~(n) 4- 11 with elements 1l bb ,, .. .. .., , n rib, then we we can can build b , then aa function selecting nn types, ) . function T(x) T(x)selecting types, T(i T(ib). b It It is is worth worth thinking thinking harder harder about about functions functions like like T T :: 11% ]~n -+ ~ U1 U1.• This This is is an an indexed indexed , T(n collection putting them collection of of types, types, {T(l { T ( l bb ),) , .· .· .·, T ( n bb))}}. . We We can can imagine imagine putting them together together to to form for instance form types types in in various various ways, ways, for instance by by products products or or unions unions or or functions functions T(l T(lb) T(nb) or b) Xx . . . x• T(n b ) or . . . T(n + ) T(l ) + or T(lb) + ' " + T(nb) or b b T(l T(lb) ~ ' ".-.-.+-+ T(n T(nb). b) . b) -+ • • •
We We could could define define these these types types recursively, recursively, say say by by functions functions II H,, I: ~ and and e (9 if if we we could could have have inputs inputs like like this: this: m m in in N, N, T T in in B.n B,~ -+ ~ U1 U1,,
II YIm(O)(T) T(ir~(1)) m (l)) m (O) (T) = T(i IIm(n)(T) = I I m ( n- l) 1)(T) T(im(suc(n))) II (n) (T) = II (T) xx T(i m (n m (suc(n))) m
743 743
Types
where lan , kkb. where iira(k) selects the the k-th k-th constant constant of of ]~n, Likewise for for L: E and and 8 O.. However, However, m (k) selects b .3377 Likewise we are are unable unable to to type type these these functions functions H, E, 8 0 with with the the current current type type constructors. constructors. IT, L:, we We We could could type type them them with with the the new new ones ones we we are are trying trying to to define! define! In the the case case of of IT II and and L: E the the operations operations make make sense sense even even for for infinite infinite families families of of In types, E A types, say say indexed indexed by by T T E A -+ --+ U1 U1 for for any any type type A A.. We We can can think think of of IT H over over T EA that on input aa EE A (a) EE T(a) T E A -+ -~ U U11 as as functions functions f f such such that on input A,, we we have have f f(a) T(a).. For For L: EA the elements elements aa as E over over T T E A -+ --+ U1 U~ we we can can use use the as "tags" "tags" so so that that elements elements are are pairs pairs (a, t) where where tt EE T(a) (a, t) T(a). . These ideas ideas give give rise rise to to two two new new type type constructors, H and and L: E over over an an indexed indexed These constructors, IT family of of types types T T E E A A -+ --+ U1 U1.• We We write write the the new new constructors constructors as as IT(A; H(A;T) and family T) and E(A; T) T).. We We could could use use typing typing rules rules like like these these L:(A; p
"1
A EA A E E U1 U1 T T E A - -+ + U1 U1 IT(A; n(A; T) T) E E U1 U~ L:(A; T) EE U1 E(A; T) U~
x E A k- f E T(x) )~(x.f) E H(A; T)
F-aEA F-bET(a) pair(a; b) E E(A; T)
The indicate that The dotted dotted lines lines forming forming the the box box indicate that this this is is an an exploratory exploratory rule rule which which will will pair(a; b) be be supplanted supplanted later. later. We We treat treat A(X.f) A(x.f) and and pair(a; b) just just as as before, before, so so we we are are not not elements to just new existing ones. adding new adding new elements to the the theory, theory, just new ways ways to to type type existing ones. With With IT II and and L: E and and using using induction induction over over N iN we we can can build build types types that that are are not not in A, f (suc(n)) = in this this U1 U~.• For For example, example, let let f(O) f(O) = = A,f(suc(n)) = A A x• f(n) f(n). . Then Then f f is is a a times. The function function N iN -+ --+ U1 U1 where where f(n) f(n) = = A A x • ..... . x • A A taken taken n n times. The actual actual function function is is A(n.R(n; A(n.R(n; A; A; u, u, t.A t.A x • t)) t)).. Now Now we we can can build build types types like like L:(N; E(N; A(n.R(n; A(n.R(n; A; A; u, u, t.A t.A x • t))) t))) and t.A x• t))) and IT(A; II(A; A(n.R(n; A(n.R(n; A; A; u, u,t.A t))) which which are are not not in in U1 U1.. We We could could imagine imagine trying trying to to enlarge enlarge the the inductive inductive type type class class U1 U~ by by adding adding these these operators operators to to the the inductive inductive definition. take up the next next section. definition. We We will will take up this this topic topic in in the section. Dependent D e p e n d e n t types. t y p e s . The The construction construction of of IT H and and L: 2 types types over over U U11 suggests suggests something something more more expressive. expressive. Instead Instead of of limiting limiting the the dependent dependent constructions constructions to to functions functions from from T EA can form type expression T E A -+ --+ U U1, we could could allow allow dependency dependency whenever whenever we we can form a a type expression 1 , we B[x] that B[x] that is is meaningful meaningful for for all all x x of of type type A A.. We We are are led led to to consider consider a a rule rule of of the the form form
I-b A A E E U1 UI
xx : :AA I-F B[x] B[x] E E U1 U~ fun(A; fun(A; x.B) x.B) E E U1 U1 prod(A; prod(A; x.B) x.B) E E U1 U1
37in(O) = inlm-l(inl(.)) and ira(n) = inlm-"(inr(.)).
744 744
R. Constable Constable
We call call fun fun aa dependent dependent function function constructor and prod prod aa dependent dependent product.38 product. 38 We constructor and We We adopt adopt a a different different notation notation from from IT H and and I; E to to suggest suggest the the more more fundamental fundamental character character of of the the construction. construction. If If we we have have T T E EA A -+ ~ U1 U1,, then then IT(A; II(A; T) T) is is the the same same as as fun(A; x.T(x)) x.T(x)) and and I;(A; E(A; T) T) is is the same as as prod(A; prod(A; x.T(x)) x.T(x)).. But But now now we we can can iterate iterate fun(A; the same is, we the construction without the construction without going going beyond beyond U1 U1.• That That is, we postulate postulate that that U1 U1 is is closed closed under under dependent dependent functions functions and and products. products. This conception conception of of IT II and and I; E is is reminiscent reminiscent of of the the collection collection axiom axiom in in set set theory. theory. This relation on For example, in For example, in ZF ZF if if R(x, R(x, y) y) is is a a single-valued single-valued relation on sets, sets, then then we we can can form form to think ( y l I33x x E E A.R(x, A.R(x,y)}. Another way way to think of of collection collection is is to to have have a a function function y)} . Another {y ff :: A Set where Set and (x) IIxx EE A} A -+ ~ Set where A A E E Set and postulate postulate the the existence existence of of the the set set {J {f(x) A}.. The The similarity similarity between between collection collection and and these these rules rules is is that that we we can can consider consider B B in in fun(A; x.B) x.B) to to defi define function >.(x.B) A(x.B) from from A A into into U1 U1.. With With the the addition addition of of fun(A; ne aa function dependent intuitive model model becomes becomes more dependent types, types, the the intuitive more complex. complex. What What assurance assurance can can we consistent, e.g. we offer offer that that the the theory theory is is still still consistent, e.g. that that we we can can't' t derive derive 00 = -- 11 in in N N or or that that we we derive derive tt E E T T but but evaluation evaluation of of tt fails fails to to terminate? terminate? Can Can we we continue continue to to understand understand the the model model inductively? inductively? If If we we can can build build an an inductive inductive model model of of U1 U1 then then we we can be assured but of can be assured of of not not only only consistency consistency but of a a constructive constructive explanation. explanation. We We answer answer these questions these questions next. next.
3.8. 3.8. Universes Universes
We We can can consider consider U1 U1 and and the the rules rules for for it it in in the the last last section section as as partial partial axiomatization axiomatization of of the the concept concept of of Type Type.. On On this this view, view, we we think think of of U1 U1 as as open-ended, open-ended, and and we we do do not not adapt adapt an an axiom axiom capturing capturing its its closed closed inductive inductive character, character, such such as as the the recursion recursion combinator for combinator for U1 U1 discussed discussed above. above. On other hand, hand, we think of On the the other we can can also also think of U1 U1 as as a a large large type type belonging belonging to to Type Type.. On construction on On this this view view the the axioms axioms for for U1 U1 reflect reflect the the rules rules of of type type construction on Type Type into into the the collection collection of of types. types. The The axioms axioms postulate postulate a a certain certain enrichment enrichment of of the the concept concept Type Type in in the the same same way way that that the the axiom axiom of of inaccessible inaccessible cardinals cardinals postulates postulates an an enrichment enrichment of of Set. Set. Similarly, Similarly, from from the the foundations foundations of of category category theory theory (Kreisel (Kreisel [1959]) [1959]),, Grothendieck's Grothendieck's concept concept of of a a universe universe is is a a way way of of modeling modeling large large categories categories (and (and is is equivalent equivalent to to inaccessible inaccessible cardinals). cardinals). If If we we take take the the view view that that U1 U1 is is a a universe universe (rather (rather than than Type), Type), then then it it makes makes sense sense to etc. To form U we extend U1 by adding , to form form larger larger universes, universes, say say U U2, then U U3, etc. To form U2 we extend U1 by adding 2 2 , then 3 this: U1 the the type type U1 U1 itself, itself, like like this: U1 = = U1 U1 in in U U2. 2• Martin-Lof Martin-Lhf and and Nuprl Nuprl axiomatize axiomatize a a universe universe hierarchy hierarchy indexed indexed by by natural natural num nummethod of doing this bers, bers, U Ui. The method of doing this is is to to add add U Uii = - U Uii to to UH1 Ui+l and and to to postulate postulate i • The cumulativity, cumulativity, that that any any type type A A in in U Uii belongs belongs to to all all Uj Uj for for ii < < jj .. So So the the universe universe rules rules are: are: A in U A= =A Ain Uii Ui =Ui in Ui+l A A ==AAi nin U Uj j for f o r i/ bra/xl b[a/zl �(a) @(a)b'[a' b'[a'/x']} In In order order for for this this per per to to define define type type membership membership for for the the function function space, space, we we require require that that whenever whenever aaa' a~a',, then then �(a) (I)(a) = = �(a') (I)(a').. We We have have in in mind mind that that these these membership membership conditions conditions are are put put together together inductively. inductively. This This is is made made explicit explicit by by the the following following inductive inductive definition definition of of aa relation relation K K on on pers. pers.
Types
747 747
K(Neq) K(Neq) K(ar if K(a) K ( a ) and and K(fl) if K(f3) K(a®f3) K(Ha(I)) if K(a) K ( a ) and and '(a) ~(a) = - cI>(a') (b(a') & & K(cI>(a)). K((~(a)). K(IIacI» if We can can prove prove inductively inductively that that all all the the pers pers in in K K are are value value respecting respecting and and all all We defi ne type membership. K define type membership. K provides provides a a per per semantics semantics for for the the small small type type theory theory based based on N, products products and Notice equality on N, and dependent dependent functions. functions. Notice equality on on pers pers is is extensional. extensional. T y p e expressions. expressions. The The inductively inductively defined defined set set K K determines determines a a collection collection of of mem memType bership bership pers pers which which represent represent types, types, but but it it does does not not relate relate these these to to the the terms terms used used N, N (N; x. x. decide(s; v. N to to name name types, types, e. e. g. g. terms terms such such as as N, N x • N N,, fun fun (N; decide(s; u. u. N; N; v. N x x N)) N)) and relationship next definition of and so so forth. forth. We We establish establish this this relationship next by by modifying modifying the the definition of K K to to include include names names for for types. types. Let Let M M be be the the following following inductively inductively defined defined binary binary relation. relation.
N N M M Neq Neq A if AMa and BMf3 A xxBB M M aa®f3 | = cI> (a') and fun(A; x. B) fun(A; x. B) M M IIacI> Ha(b if if AMa A M a and and '(a) (b(a)=(~(a') and B[a/x]McI>(a) B[a/x]M@(a) This is is an an ordinary ordinary inductive inductive defi definition of a a binary binary relation. relation. Also, Also, it it is is easy easy to to This nition of Ma see see that that A AM a implies implies K K aa. . The The only only membership membership pers pers described described by by M M are are those those whose whose constituents constituents are are also also described described by by M M . . Moreover, Moreover, all all the the membership membership pers pers are are represented i. e. represented by by terms, terms, i. e. are are related related to to terms terms by by M M . . This This is is critical critical for for the the IIacI> Ha(I) pers pers because because it it guarantees guarantees that that cI> (I) is is represented represented by by aa term. term. Here Here are are three three critical critical facts facts about about M M.. Fact Fact 1 AMa A M a =} =~ K(a) K(a) Fact Fact 2 AMa A M a and and AMa' A M a ' =} =~ a a = = a' a' Fact Fact 3 AMa A M a and and A A � ~_ A' A' =} =~ A'Ma. A'Ma. These These facts facts can can be be proved proved by by M M induction. induction. Fact Fact 11 means means that that all all member member pers pers are are value value respecting, respecting, and and Fact Fact 33 means means that that the the type type names names are are value value respecting respecting as as well. well.
Pers P e r s for for intensional intensional type type equality. equality. We We now now want want to to define define a a per per on on type type ex expressions type equality value respecting. pressions which which represents represents type equality and and is is value respecting. There There is is already already M a, Ma a' aa sensible sensible equality equality that that arises arises from from M M , , namely, namely, A A = -- A' A' if if A AM a, A' A'M ' and and aa = extensional equality. model the = a' a'.. This This is is an an extensional equality. We We want want to to model the structural structural equality equality of of section Here is section 3.7, 3.7, thus thus A A x x B B = - A' A' x x B' B' iff iff A A = - A' A' and and B B = - B' B'.. Here is the the appropriate appropriate definition of relation E terms. definition of aa binary binary relation E on on terms.
NEN NEN A A x x BEA' BEA' X x B' B' if if AEA' A E A ' and and BEB' BEB' if xB)E fun(A'; x'. B') fun(A; fun(A; x B ) E fun(A'; x'. B') if AEA' A E A ' and and 30'. 3a AM A M t ~a and and A' A'M M aa and and Va, a'. a'. aaa' aaa' =} =v B[a/x]E B[a/x]E B'[a'/x'] B'[a'/x'] '.(x.b) A(x.b) in in fun(A; fun(A; x.B) x.B) L) F L) F
7i+l .
E
E E
E
E
E
Modeling M o d e l i n g hypothetical h y p o t h e t i c a l judgments. j u d g m e n t s . The The meaning meaning of of x x EA A \F- bb E EB B is is that that A A is is type and and for for any any two two elements, a' of of A A,, B B[a/x] is aa type type and and B B[a/x] - B[a' B[a'/x] aa type elements, a, a, a' [a/x] is [a/x] = /x] ((i.e. i.e. B b[a'/x] B is is type type functional functional in in A), A), and and moreover, moreover, bra/xl b[a/x] EE B[a/x] B[a/x] and and bra/xl b[a/x] = = b[a'/x] in ne in B[a/x] B[a/x].. We We have have extended extended this this notion notion to to multiple multiple hypotheses hypotheses inductively inductively to to defi define xl E AI A1,... An \t- bb E B B.. This This definition can be be carried carried over over to to type type systems. systems. , . . . ,,xn xn E An definition can
Xl E
E
E
3.11. 3.11. A A semantics s e m a n t i c s of of proofs
The in section The discussion discussion of of proofs proofs as as objects objects and and Heyting Heyting semantics semantics in section 22 suggested suggested treating proofs objects and propositions as treating proofs as as objects and propositions as the the types types they they inhabit. inhabit. True True propo propositions are those inhabited by proofs. proofs. But But there there were were several several questions questions left left open open in in sitions are those inhabited by details of section 2.14 section 2.14 about about the the details of carrying carrying out out this this idea. idea. The The type type theory theory of of this this section section can can answer answer these these questions, questions, and and in in so so doing doing it it provides provides a a semantics semantics of of proofs. proofs. The The basic basic idea idea is is to to consider consider a a proposition proposition as as the the type type of of all all of of its its proofs proofs and and to to take take proof proof expressions expressions to to denote denote objects objects of of these these ' s semantics types. types. Based Based on on Heyting Heyting's semantics we we have have a a good good idea idea of of how how to to assign assign a a type type to to compound compound propositions propositions in in terms terms of of types types assigned assigned to to the the components. components. For For atomic atomic propositions propositions there there are are several several possibilities, possibilities, but but the the simple simple one one will will turn turn out out to to provide provide good semantics. consider only semantics. The The idea idea is is to to consider only those those atomic atomic propositions propositions which which can can aa good plausibly plausibly have have atomic atomic proofs proofs and and to to denote denote the the canonical canonical atomic atomic proofs proofs by by the the term term axiom. axiom. We We will will assign assign types types to to the the compound compound propositions propositions in in such such a a way way that that the the canonical will call canonical elements elements will will represent represent what what we we will call canonical canonical proofs. proofs. Moreover, Moreover, the the reduction reduction relation relation on on the the objects objects assigned assigned to to proof proof expressions expressions will will correspond correspond to to meaningful meaningful reductions reductions on on proofs. proofs. Proofs Proofs corresponding corresponding to to noncanonical noncanonical objects objects will will be canonical proofs. be called called non noncanonical proofs. The The correspondence correspondence will will guarantee guarantee that that noncanonical noncanonical proofs proofs p' p~ of of a a proposition proposition P P will will reduce reduce to to canonical canonical proofs proofs of of P P.. We We now now define define the the correspondence correspondence between between propositions propositions and and types types and and between between proofs proofs and and objects. objects. Sometimes Sometimes this this correspondence correspondence is is called called the the Curry-Howard Curry-Howard isomorphism. isomorphism. Curry-Howard C u r r y - H o w a r d isomorphism. i s o m o r p h i s m . For For the the sake sake of of this this definition, definition, if if P P is is a a proposition, proposition, we type, and we let let [P] [P] be be the the corresponding corresponding type, and if if p p is is a a proof proof expression, expression, we we let let [P] [p] be be the the corresponding corresponding element element of of [P] [P].. We We proceed proceed to to define define [[ ]] inductively inductively on on the the structure structure of proposition P from from section section 2.5. 2.5. of proposition P We consider consider only only atomic atomic propositions propositions of of the the form form aa = - bb in in A A.. The The type type 11.. We [a will have the atomic atomic proof Ia = = bb in in A] A] will have the proof object object axiom axiom if if the the proposition proposition is is
752 752
R. Constable R.
axiomatically true. true. axiomatically for aa == bb in in A A evaluates evaluates to to aa canonical canonical proof proof built built If the the proof proof expression expression ee for If only from from equality equality rules, rules, then then we we arrange arrange that that ee $.j.. axiom. axiom . This This isis aa simple simple only form of of correspondence correspondence that that ignores ignores equality equality information. information. For For instance instance form e 2 )] $.j.. axiom. [transitivity(el ' e2)] axiom. [symmetry(3)] [symmetry(3)] $.j.. axiom axiom [transitivity(el, e' [e] [~] $.j.. e'
[equality_intro(e)] $.j.. e'e' [equality_intro(e)] We also need need these these evaluation evaluation rules rules for for the the proof proof expressions expressions for for substitution substitution We also and type type equality. equality. and
2. 2. 3. 3.
4. 4. 5. 5.
6. 6.
[p] ip] pi pi [p] $.j.. p' [p] $.j.. p' i [subst(p [eq(p; e pi e)] p .j.. ; H $ p' [~q(p; ~)] $.j.. p' [~ub~t(p; ~)1 [Q] and and [P Q] == [P] [P] xx [Q] iP & & Q] [[&R e2 )] -= pair([eli; pair([e l ]; [e2]), and [e2]), and ~ ( e(eI l , , e2)] 2of([e l ]/v)) . u, v. ~)1 e2 )] == [~](loy(i~ll)/u, [e2 ](lof([e l ])/u, 2oY([~11/~)). [&L(e i~L(~;l ; ~,,. = [P] [P] ++ [Q], [Q] , [P V V Q] [P Q] = [VRl(a)] == int([a]), inl([an , [URt(a)] [VRr(b)] == ~n~([b]), inr([bn , [UR~(b)] v. ee2)] [VL(d; u. u. el; e l i v. decide([d] ; u.[el]; u.[eIJ; v.[e2]). v.[e2 ]) . [YL(d; 2 )] == decide([d]; [P =} Q] = [P] -+ [Q] , IF =~ Q] = IF] --+ [Q], [=}R(x. e)] = i~R(~. ~)1 = >'(x.[e]) ~(~.M), , [g] [ap([J]; ~p]/y]. [P]/y] . [[~n(y; L(j; p; y. q)] p; y. q)] == M[ap([Y]; =} [P[x]]) = prod(A; x. [3x:: A. P[z]] = prod(A; x. [P[x]]),, A. P[x]] [3x [3R(a; [3R(a; p)] p)] = = pair(a; paid(a; [pn [P]),, [3L(p; (lof( [P])/u, 2of([P]/v)) [3L(p; u, u, v. v. g)] g)] = = [g] [g](lof([pl)/u, 2of([p]/v)). . [Vx:A. P[x]] = = fun(A; fun(A; x. x. [P[x]]) IF[x]]),, [Vx : A. P[x]] [VR(x. e)] = = >'(x.[e)) ~(x.[e]),, [ap([J] ; a)/y] [VL(j; a; y. y. e)] [VL(f; a; e)] = = [g] [g][ap([f]; a)/y]..
Sequents S e q u e n t s to to typing t y p i n g jjudgments. u d g m e n t s . We We can can now now translate translate deductions deductions of of sequents sequents f/ Hn we [-I fFP P by by p p to to derivations derivations of of [f/] [/4] f~- [P] [/9] E E [P] IF].. Given G i v e n /f/ ~ = - X xll :"H H I ,, .. .. .., , xn xn :"Hn we take [f/] be x~ Xl EE HL where if type then then Hi take [/~] to to be H ~ , .. .. .., , Xn x~ E E H� H~ where if Hi is is aa type H~ = - Hi and and if if Hi is Hi ] . In this case is aa formula formula then then Hi H~ = = [[Hi]. In this case we we treat treat the the label label Xi xi as as aa variable. variable. Now to translate a deduction tree to a derivation tree we work Now to translate a deduction tree to a derivation tree we work up up from from the the leaves leaves translating translating sequents sequents as as prescribed prescribed and and changing changing the the rule rule names. names. The The proof proof system system was was designed designed in in that that we we need need not not change change the the variable variable names. names. Expressing E x p r e s s i n g well-formedness w e l l - f o r m e d n e s s of of formulas. formulas. The The introduction introduction of of U U1I combined combined with with the the propositions-as-types propositions-as-types interpretation interpretation allows allows us us to to express express the the pure pure proposi proposition tion of of typed typed logic logic more more generally, generally, and and we we can can solve solve the the small small difficulty difficulty of of insuring insuring that that A A+ + B B is is aa type type discussed discussed at at the the end end of of section section 3.5. 3.5.
753 753
Types
According According to to the the propositions-as-types propositions-as-types principle, principle, Ul U1 represents represents the the type type __;; (small) (small) propositions, and and a a function function P P E E A A --+ --+ Ul U1 can can be be interpreted interpreted as as a a propositional propositional propositions, function. want to this logical function. When When we we want to stress stress this logical interpretation, interpretation, we we use use the the display display form form ProP the proposition Prop1l for for Ul U1 and and generally generally ProPi Propi for for Ui Ui,, and and we we call call ProPi Propi the proposition of of leveli leveli.. We propositions in We can can express express general general propositions in typed typed logic logic by by quantifying quantifying over over ProPi Propi and and Ui Ui.. Here Here are are some some examples examples from from section section 2. 2.
1. 1. VA, VA, B B": U U1. VP": A A --+ ~ PropNQ ProplVQ": B B --+ -~ ProP Prop1. l . VP l. Vx": A. A. Vy Vy": B. B. (P(x)&Q(y)) (P(x)&Q(y)) ¢:> r Vx Vx": A. A. P(x)&Vy P(x)&Vy": B. B. Q(y) Q(y).. Vx : A. �y : B. R(x, y)) . 2. VA, B B ':UU1I ..VR V R :' A A xxBB --+ -~ ProPl Prop~.. (�y (3y'B. Vx'A. R(x,y) =~ Vx Vx'A. 3y'B. R(x,y)). 2. VA, : B. Vx : A. R(x, y) �
At this this level level of of generality, generality, we we need need to to express express the the well-formedness well-formedness of of typed typed At formulas in in the the logic rather than than as as preconditions preconditions on on the the formulas formulas as as we we did did in in formulas logic rather 2. This section 2. section This can can be be accomplished accomplished easily easily using using Ui Ui and and ProPi Propi.. We We incorporate incorporate into into the the rules rules the the conditions conditions necessary necessary for for well well formedness. formedness. For For example, example, in in the the rule rule fHP~� HF-P Q Q by by � ::~ _
fI, p P F'r- Q Q fI,
We We need need to to know know that that P P and and Q Q are are propositions. propositions. We We express express this this by by additional additional well-formedness well-formedness subgoals. subgoals. A A complete complete rule rule might might be be v
"1
fI / ~ F'r-- P P ~� Q Q by by �R ~ R at at ii H, p PF-Q fI, 'r- Q Pi fI f-I 'r~- P P E E Pro Propi Pi fI [-I 'rF- Q QE E Pro Propi _
t.
I
.t
If the invariant can prove prove fI If we we maintain maintain the invariant that that whenever whenever we we can H 'r~ aa E E A A then then we we know A in aa Ui fI 'r-~ P know P in ProPi know A is is in Ui,, and and whenever whenever we we prove prove/~ P then then we we know P is is in Propi,, then then we we can can simplify simplify the the rule rule to to this this _
,------,
fI H t 'r-- -P P ~�Q Q by by H, p P t 'r-- QQ fI, fI [-I 'rf- P P E E ProPi Propi _
� = ~ at at i
We add well-formedness We need need to to add well-formedness conditions conditions to to the the following following rules, rules, VR, VR, �R, =~R, VR, VR,
Magic. Magic. We We already already presented presented �R; =vR; here here are are the the others. others. fI by VRI at ii VR VR H t'r-- PPVVQ Q by VRt at fI H F'r-- Pp fI H 'rt- Q Q EE ProPi Propi The The VRr VP~ case case is is similar. similar. VVR R
Magic Magic
fI [-I 'rF-Vx Vx": A. A. P(x) P(x) by by VR VR at at i-I, xx": A A 'rf- P(x) P(x) fI, fI 'r-~ AAEEUUi H i
i
fI /~ 'rF- P P V V op ~ P by by Magic Magic at at fI [-I 'r~P P EE ProPi Propi
i
754 754
R. Constable
3.12. PProofs as pprograms 3.12. r o o f s as rograms
The type type corresponding corresponding to to aa proposition proposition of of the the form form (Vx:A. (\Ix : A. 3y:B. 3y : B. S[x, S[x, y]) y]) isis The -+ yy: :BB •x ~S[x,y]]. [S[x, y]] . The The proof proof expressions, expressions, say say p, p , for for the function function space space xx: :AA --+ the this object object denotes denotes aa canonical canonical element element of of the the type. type. That That element element is is aa function function this b) where where for for each A, b[a/x] bra/xl eE y: y : BB •x IS[a, [S[a, y]] y]] and and if if lof 10](b[a/x]) and A(x. each aa eE A, (b[a/x]) e BB and -X(x. b) -+ B B and and let 2of(b[a/x]) 20](b[a/x]) eE [S[a, [S[a, lof(b[a/x])~. lo](b[a/x])] . So So the the function function ~(x. -X(x. lof(b)) 10](b)) e AA --+ let A -+ = )~(x. -X(x. lof(b)), 10](b)) , then then f] eE A B and and ~(x. A(X. 2of(b)) 20](b)) proves proves Vx:A. \lx : A. Six, S[x, f(x)]. ] (x) ] . -+ B f] = So we we can can see see that that the the process process of of proving proving the the "specification" "specification" Vx:A. \Ix : A. 3y:B. 3y : B. Six, S[x, y] y] So constructively creates creates aa program program f] for for solving solving the the programming programming task task given given by by the the constructively specification, and and itit simultaneously simultaneously produces produces the the verification verification ~(x. -X(x. 2of(b)) 20](b)) that that the the specification, program meets meets its its specification specification (c.f. (c.f. Constable Constable [1972], [1972], Bates Bates and and Constable Constable [1985] [1985] program and Kreitz Kreitz [n.d.]). [n.d.]). and
E
E
Refinement style pprogramming. to R e f i n e m e n t style r o g r a m m i n g . This This style style of of programming programming provides provides a a way way to build the the program possible to to gradually refine build program and and its its justification justification hand-in-hand. hand-in-hand. It It is is possible gradually refine these two objects, filling filling only only as as much much detail detail as as necessary for clarity. for example, example, these two objects, necessary for clarity. So So for proof detail detail can can be be omitted omitted for for programming programming steps steps that obvious. The The extreme proof that are are obvious. extreme case we omit omit all all proof proof steps except those case of of "unbridled" "unbridled" programming programming arises arises when when we steps except those that come come automatically automatically as as part part of of the the programming, programming, e.g. e.g. certain certain "type "type checking checking that steps" and and the the over all logical logical structure structure of of the proof. steps" over all the proof. Explicit programming style. We can program program aa solution solution to : A. 3y : B. S[x, Explicit p r o g r a m m i n g style. We can to \Ix Vx:A. 3y:B. Six, y] y] directly by function f] E E A A -~ -+ B and then then proving \Ix : A. A. S[x, directly by writing writing a a function B and proving Vx: S[x, ](x)] f(x)].. Christine Paulin-Mohring studying how program information to Christine Paulin-Mohring [1989] [1989] is is studying how to to use use the the program information to help help drive drive the the derivation derivation of of the the proof. proof. 4. T Typed languages 4. y p e d programming programming languages
4.1. 4.1. Background Background
Programming at Programming at its its "lowest "lowest level" level" involves involves communicating communicating with with specific specific digital digital ' s) . The hardware hardware in in "machine "machine language," language," sequences sequences of of bits bits (D's (O's and and ll's). The particular particular machine machine model model will will classify classify sequences sequences of of bits bits into into aa fixed fixed number number of of "types," "types," say say instructions, instructions, signals, signals, addresses, addresses, and and data; data; the the data data might might be be further further classified classified as as floating floating point point or or integer integer or or audio audio or or video, video, etc. etc. Programming Programming at at this this machine machine level level assembly language or or just just above above at at assembly language level level is is generally generally regarded regarded as as "untyped" "untyped" in in part part because because everything everything is is ultimately ultimately bits. bits. We We are are mainly mainly concerned concerned with with so-called so-called higher-level higher-level programming programming languages, languages, and and for for the the purpose purpose of of this this discussion, discussion, higher-level higher-level languages languages will will be be classified classified into into two two groups groups as as typed typed or or essentially essentially untyped. untyped. Two Two high high level level languages languages from from the the earliest earliest period Lisp. Fortran period are are still still "alive," "alive," Fortran Fortran and and Lisp. Fortran is is considered considered typed typed (though (though minimally) minimally) as as are are more more modern modern languages languages like like Pascal, Pascal, C C ++ ++ ,, ML, ML, and and Java. Java. Two Two of of
Types Types
755 755
the the most most historically historically significant significant typed typed languages languages were were Algol Algol 68 68 and and Simula Simula 67. 67. Lisp Lisp is considered considered untyped untyped as as is is its its modern modern descendent descendent Scheme. Scheme. These These languages languages have have is notion of of run-time run-time typing typing in in which which data is tagged information during during aa notion data is tagged with with type type information execution. 68, ML, ML, and execution. Whereas Whereas Algol Algol 68, and Java, Java, for for example, example, are are statically statically typed typed in in that that data and and expressions expressions are are typed typed before before execution execution (at (at "compile "compile time" time" ).4 ).411 data One the computer One of of the the major major design design debates debates in in the computer science science community community over over the the years the value years has has been been about about the value of of rich rich static static typing, typing, represented represented by by Algol Algol 68 68 and and Simula, and Scheme. There Simula, and "untyped" "untyped" programming programming represented represented by by Lisp Lisp and and Scheme. There are are formal languages languages that that capture capture the the essence essence of of this this distinction. distinction. Lisp Lisp and and Scheme Scheme are are formal Barendregt [1981] represented represented by by the the untyped untyped lambda lambda calculus calculus of of Church Church [1960] [1960] (see (see Barendregt [1981],' Seldin [1972]) Stenlund [1972] [1972],' Hindley, Hindley, Lercher Lercher and and Seldin [1972]) on on which which they they were were modeled, modeled, Stenlund and and ML ML by by the the typed typed lambda lambda calculus calculus (see (see Barendregt Barendregt [1977], [1977], de de Bruijn Bruijn [1972]) [1972]).. We We have have seen seen the the untyped untyped lambda lambda calculus calculus in in section section 3.4. 3.4. Its Its terms terms are are variables, variables, abstractions, and applications denoted abstractions, and applications denoted respectively respectively Xi xi,, A(X. •(x. t) t),, and and ap(s; up(s; t) t) for for ss and and tt terms. terms. The calculus introduces introduces some The typed typed calculus some system system of of types types T T and and requires requires that that the the variables are are typed, typed, x x TT .. Usually Usually the types include include the the individuals, individuals, L~,, and and if if a, a,/~ are variables the types f3 are types, types, then then so so is is ((aa -+ --+ (3) ~).. The The untyped untyped lambda lambda calculus calculus can can express express the the full full range range of sequential sequential control and hence hence the the class class of of general general recursive recursive functions. functions. of control structures structures and For ap(x; x)))); ap(x; x)))) For example, example, the the Y Y combinator combinator A(f. A(f . ap(A(x. ap(A(x, ap(f; up(f; up(x; x)))); A(X. )~(x. ap(f; up(f; up(x; x)))) more A(X. xx)) ne recursive more commonly commonly written written A(f. A(f. JfA(x. xx)) A(X. A(x. xx) xx) is is used used to to defi define recursive functions. functions. We We have have that that Y(A(f. Y(A(f. F[J])) F[f])) = = F[Y(A(f. F[Y(A(f. F[J]))] Fir]))] so so that that Y Y "solves" "solves" the the recursive recursive definition definition J f - = F[J] F[f]. . In lambda calculus, In the the typed typed lambda calculus, Y Y is is not not typeable typeable because because the the self-application self-application A( x. ap( x; x)) A(x. up(x; x)) cannot cannot be be typed. typed. This This situation situation summarizes summarizes for for "typeless "typeless programming programming devotees" devotees" the the inherent inherent limitations limitations of of typed typed programming; programming; for for them them types types "get "get in in the the way." way." The The debate debate about about typed typed or or untyped untyped languages languages illustrates illustrates one one of of the the many many design design issues Other topics issues that that have have been been studied studied and and debated debated over over the the years. years. Other topics include: include: functional functional versus versus imperative, imperative, lazy lazy versus versus eager eager evaluation, evaluation, manual manual versus versus automatic automatic storage so forth. storage allocation, allocation, reflection reflection or or not, not, and and so forth. Many Many of of these these issues issues have have been been explored explored with with theoretical theoretical models, models, and and much much is about the design consequences. Indeed many is known known about the design consequences. Indeed many programming programming language language constructs setting of theories, e.g. constructs arose arose first first in in the the setting of formal formal logical logical theories, e.g. the the lambda lambda calculus, calculus, as algebraic type type systems, systems, binding binding mechanisms, mechanisms, block block structure, structure, abstract abstract data data types types ((as algebraic structures) modules. Just structures) and and modules. Just as as assembling assembling aa good good formal formal theory theory is is high high art, art, so so is is assembling programming language. assembling aa good good programming language. Both Both are are formal formal systems systems which which can can be be processed computers. But processed by by computers. But there there is is at at least least one one major major difference. difference. Good programming Good programming languages languages are are widely widely used, used, perhaps perhaps by by tens tens of of thousands thousands of of people their life times. Most Most logical people over over their life times. logical theories theories are are never never implemented, implemented, and and the the 2 best best of of those those that that are are might might be be used used by by less less than than one one hundred hundred people people over over aa lifetime.4 lifetime. 42 41 A compiler 41A compilertranslates high-level high-level language language programs programs into into another another language, language, typically typically a lower lowerlevel level language language such such as assembly assembly code code or native code code (machine (machine language). language). 42We 42We hope hope that the fact fact that Nuprl Nuprl contains contains a programming programming language language and that proofs proofs are will attract a significant significant audience. audience. executable will
756 756
R. Constable Constable
believe that that this fact has has aa major consequence for for "theory "theory designers," designers," namely they II believe this fact major consequence namely they must must learn learn about about programming programming language language evolution. evolution. We We see see from from aa history history of of programming programming languages languages what what ideas ideas "work" "work",, what what com combinations of used. As binations of features features are are most most expressive, expressive, what what constructs constructs are are heavily heavily used. As with with the the evolution evolution of of natural natural languages, languages, the the speakers speakers exert exert aa force force to to mold mold the the language language to purpose. One to its its purpose. One of of the the lessons lessons of of programming programming language language history history is is that that types types are are ' s type component. We critical. critical. A A language language's type system system is is its its most most important important component. We also also know know that modularity modularity mechanisms are critical, critical, but this too is defined by the the type type system. system. that mechanisms are but this too is defined by The trend is The evolutionary evolutionary trend is toward toward ever ever richer richer type type systems-from systems--from the the fixed fixed types types of Fortran Fortran to to the the polymorphic polymorphic recursive recursive types types of of ML ML and and the the classes classes of of Java. Java. One One of might might argue argue that that this this development development must must eventually eventually subsume subsume the the type type systems systems of of the the mathematical true, and discussion of will mathematical theories. theories. II believe believe this this is is true, and our our discussion of type type systems systems will reveal reveal why. why. Role the role types in in programming Role of of types t y p e s in in programming. p r o g r a m m i n g . Let Let us us examine examine the role of of types programming (see (see the the excellent excellent article article by by Hoare Hoare [1972] [1972] as as well) well).. Fortran Fortran used used variable variable names names k, l,I, m, m, nn to beginning beginning with with ii,, j, j, k, to denote denote integers integers (fixed (fixed point point numbers), numbers), the the other other letters letters indicated indicated reals reals (floating (floating point point numbers). numbers). This This type type distinction distinction facilitated facilitated connection to to mathematical mathematical practice practice where where the the same same conventions conventions were were used, used, and and it it connection provided information information to to the the compiler compiler about about how how to to translate translate expressions expressions into into assem assemprovided bly language which also bly language which also made made the the distinction distinction between between fixed fixed and and floating floating numbers. numbers. Another Another important important type type in in Fortran Fortran and and Algol Algol was was the the array. array. Arrays Arrays represent represent sequences, matrices, matrices, tensors, tensors, etc. etc. A sequences, A typical typical specification specification (or (or declaration) declaration) of of this this type type dimensional array might might be be real real array[n, array[n, m] m],, a a two two dimensional array (matrix) (matrix) of of reals. reals. The The declaration declaration provides link to to important provides aa link important mathematical mathematical types types such such as as sequences sequences or or matrices, matrices, and and provides to the compiler on provides information information to the compiler on how how much much memory memory needs needs to to be be allocated allocated for for this data. this data. The links to The record record type type (or (or Algol Algol structure) structure) also also provides provides links to mathematical mathematical types types al :: and compiler. A and provides provides information information for for the the compiler. A typical typical record record syntax syntax is is record( record(a1 T ;1 . . . ;;an an ::Tn) Tn) where ai are called field Tt;... where T Tii are are types types and and ai are identifiers identifiers called field selectors. selectors. This This type type corresponds corresponds to to aa cartesian cartesian product product T T1l x ... .. . x• Tn Tn,, and and if if tt is is an an expression expression of of this this record record type, type, then then t.ai t.ai indicates indicates the the i-th i-th component, component, which which has has type type Ii Ti.. We We discuss discuss the the field field selectors selectors in in Section Section 4.4. 4.4. In In this this case case the the type type declaration declaration also also introduces introduces new new identifiers identifiers (or (or names) names) into into the the language. language. This This was was aa convenience convenience not not systematically systematically used used in in mathematics. mathematics. But But it bound it also also led led to to some some confusion confusion about about the the status status of of these these names names ai ai;; are are they they bound variables bound, what what is is their variables or or free? free? And And if if bound, their scope? scope? Here Here aa small small "convenience" "convenience" leads naming in leads to to interesting interesting new new questions questions about about scope scope and and naming in formal formal languages. languages. Algol , . . . , Tn) . This Algol 68 68 introduced introduced aa union union type, type, union(Tl union(Tt,...,Tn). This was was an an obvious obvious attempt link to mathematical types, attempt to to link to mathematical types, but but it it created created problems problems for for efficient efficient language language translation since the compiler might translation since the compiler might have have to to reserve reserve storage storage based based on on the the type type T Tii needing the needing the most most memory. memory. This This type type also also brought brought language language designers designers face face to to face face with set theory." in the with the the problems problems of of aa "computable "computable set theory." A A programmer programmer given given data data tt in the type B, C) type union(A, union(A, B, C) will will need need to to know know which which type type it it is is in. in. So So there there must must be be an an operation, like will decide operation, like decide(t) decide(t) which which will decide what what type type tt belongs belongs to. to. This This operation operation
Types
757 757
is not not available available as as aa computable computable operation operation in in set set theory, theory, so so new new mathematics mathematics had had to to is be 68 was was rich rich in in aa "computable "computable mathematics mathematics of of types," types," and and its its be worked worked out. out. Algol Algol 68 reference reference manual manual isis aa type type theory theory which which inspired inspired both both logician logician and and computer computer scientist scientist alike. alike. Pascal the the union union type type was was considered considered to to be be aa variant of the the record record type. type. The The In variant of In Pascal record(xl :A1; : AI; x2:A2[x~]) which is is thought thought of of as as simplest such such structure structure is is essentially essentially record(x1 simplest X2 : A2 [xd) which aa union AI . This This is is aa restricted restricted version version of of our our union indexed indexed by by the the (necessarily (necessarily finite) finite) type type A1. dependent product product type type prod(A~; prod(AI; x. x. A2[x]) A2 [X]) from Section 3.7. 3.7. The The Pascal Pascal conception conception dependent from Section reveals both the the computational computational way to treat treat unions, unions, namely namely use use disjoint reveals both way to disjoint unions, unions, and and reveals the the implementation implementation strategy strategy (borrowed (borrowed from set theory)--use theory)-use elements elements from from reveals from set types are are type A1 Al as as tags tags on on the the data data to to keep keep track track of of the the disjunct. disjunct. So So ifif the the tag tag types aa type the booleans, booleans, ~, B, and and AI(i) A l (i) -= if then SS else else TT fifi then then prod(]~; prod{B; i.i. Al(i)) A l (i)) isis the the Algol Algol the if ii then 68 [i]).43 68 union(S, union(S, T) T) and and the the Pascal Pascal variant variant record record record(i record(i :]~; : B; x: x : A1 Adi]) . 43 Algol 60 60 and and Algol Algol 68 68 considered considered the the notion notion of of higher higher order order functions. functions. Algol Algol 68 68 Algol essentially had the the idea the type type fun(x:A)B fun (x : A)B as function from A to to essentially had idea of of the as the the type type of of function from A technology was up to to the the task task of functions B. But the the implementation implementation technology was not not up of returning returning functions B . But as values. values. This the community community to to implement implement it it correctly correctly as done in as This type type challenged challenged the as done in Scheme and ML closures. Scheme and ML with with closures. The function function space concept fun(x:A)B fun (x : A)B does does not not mean mean the the same same thing as the the The space concept thing as corresponding notion, A A -+ the constructive case. In corresponding mathematical mathematical notion, -~ B B even even in in the constructive case. In computational mathematics the elements elements ff of A -+ -+ B B are functions; that computational mathematics the of A are total total functions; that of A, A, f(a) f (a) converges converges to to aa value value bb in in B Whereas, the is, every element is, on on every element aa of B.. Whereas, the elements r1jJ of might diverge or abort of fu A)B are are partial partial functions, functions, that is, 1jJ(a) elements funn (x (x:: A)B that is, r might diverge or abort without returning This is without returning a a value. value. This is a a major major difference difference between between programming programming types types and and mathematical mathematical types. types. There There are are two two reactions reactions to to the the difference. difference. It It is is possible possible to to give give total total function function : A)B and semantics semantics to to fun(x fun(x:A)B and claim claim that that current current implementations implementations are are just just approxima approximations to logic with tions to the the idea. idea. The The full full concept concept emerges emerges in in a a programming programming logic with termination termination rules hand, one rules (Dijkstra (Dijkstra [1968]). [1968]). On On the the other other hand, one can can regard regard the the partial partial function function space space as a a new new mathematical mathematical construct construct and and try try to to work work out out axioms axioms and and models models for for it it as (Scott (Scott [1976], [1976], Plotkin Plotkin [1977]). [1977]). Both Both approaches approaches have have been been pursued. pursued. (x : A)B to Notice Notice that that it it is is aa simple simple manner manner to to extend extend fun fun(x:A)B to dependent dependent function function types types by by allowing allowing B B to to depend depend on on x x.. This This type type is is then then closely closely related related to to fun fun (A; (A; x. x. B) B) of of Section Section 3. 3. A A more more modern modern addition addition to to the the type type structure structure of of programming programming languages languages is is the the module module or or object object (or (or ADT ADT or or package package or or unit). unit). This This concept concept can can be be traced traced to to Simula Simula 67 and and is is well well developed developed in in Modula Modula and and SML. SML. Among Among the the interesting interesting experimental experimental 67 languages languages for for modules modules were were Russell Russell at at Cornell Cornell (Demers (Demers and and Donahue Donahue [1980] [1980],, Boehm Boehm et et al. al. [1986]) [1986]),, CLU CLU at at MIT MIT (Liskov (Liskov and and Guttag Guttag [1986]), [1986]), and and Modula Modula at at DEC. DEC. The The basic basic idea idea is is that that aa module module is is aa type, type, say say D D,, and and aa collection collection of of operations operations fi fi 43The 43The actual Pascal syntax is is very very baroque, and the so so called called free free unions unions are a well well known known place place for for "breaking" "breaking" the type discipline discipline since since the user user must must keep keep track of the dependency. dependency. Note Note the if_then_else_fi if_then_else_finotation is the Algol Algol 68 way of "bracketing" "bracketing" the conditional conditional with delimiters delimiters if, Ii fi..
758 758
R. Constable Constable R.
This isis the the type type of of aa structure structure in in algebra algebra (Bourbaki (Bourbaki on D D and and auxiliary auxiliary types. types. This on [1968a]) and and model model theory theory (Chang (Chang and and Keisler Keisler [1990]). [1990]). For For example, example, we we might might have have [1968a]) (D, (D, f,j, g,g, e} e) where where the the signature signature of of the the module module isis list list of of types types of of the the components, components, e.g. D D EE Type, Type, fj :: DD xx DD -4 -+ D, D, gg :: DD -4 -+ ~, 1m, ee E E D. D . AA group group would would have have signature signature e.g. G n v :: GG -4 G EE Type, Type, oopp :: GG xx GG -4 -+ G, G, iinv -+ G, G, ee EE G, G , and and then then there there would would be be axioms axioms saying that that op op isis associative, associative, inv inv isis an an inverse inverse and and ee an an identity. identity. saying The module module concept concept corresponds corresponds exactly exactly to to dependent dependent types types over over Type. Type. In The In Section 22 we we would would denote denote the the type type of of groups groups (signature) (signature) as as Section G 4 G) G :Type : Type xx op: op : (G (G xx G G--+ G) xx inv: inv : (G (G -4 -+ G) G) xx ee ::GG
Except for the fact that the the function function types types in in the the programming programming type type are are partial partial Except for the fact that and Type Type has has less less mathematical mathematical structure, structure, the the algebraic algebraic concept concept and and the the programprogram and ming one one are are similar. similar. ming We will will see see that that the the notion notion of of subtype and inheritance inheritance that that is so critical modern We subtype and is so critical to to modern programming be nicely nicely captured theory. This This leads leads to to aa programming practice practice can can be captured in in our our type type theory. object-oriented programming programming (c.f. (c.f. mathematical treatment of the central concepts concepts in mathematical treatment of the central in object-oriented Meyer [1988]). [1988]). Meyer Looking over the types above we these uses. Looking over the types described described above we discern discern these uses. 1. Types 1. Types relate relate data data in in the the machine machine to to standard standard mathematical mathematical concepts. concepts. 2. Types express the domain of significance of a programming problem 2. Types express the domain of significance of a programming problem and and impose impose constraints to be constraints on on the the data data for for it it to be "meaningful" "meaningful" in in the the sense sense that that the the computer computer will not "crash" "crash" (attempt (attempt to to execute execute aa meaningless meaningless instruction) and the the data data will not instruction) and will not not fail to represent mathematical objects.44 objects. 44 Usually Usually these these constraints constraints will fail to represent mathematical can can be be rapidly rapidly checked checked to to provide provide some some level level of of assurance assurance that that aa program program is is sensible. sensible. 3. 3. Types Types provide provide aa notation notation for for structuring structuring aa solution solution by by decomposing decomposing aa task task into into components components (modules) (modules) and and levels levels of of abstraction. abstraction. 4. "debugging" ) aa computa 4. Types Types provide provide an an interface interface language language for for analyzing analyzing (("debugging") computation. tion. 5. 5. Type Type information information can can be be used used to to increase increase the the performance performance of of the the compiled compiled code. code. There There is is aa direct direct historical historical link link from from Russell Russell and and Church Church to to languages languages like like Algol Algol and and Lisp. Lisp. Also Also we we are are seeing seeing aa close close correspondence correspondence between between mathematical mathematical types types and and data data types: types: Cartesian Cartesian products products correspond correspond to to record record types, types, unions unions to to disjoint disjoint unions unions (or (or variant variant record record types), types), function function spaces spaces to to procedure procedure types, types, inductive inductive types types to to recursive recursive data data types, types, algebraic algebraic structures structures to to modules modules (and (and superstructures superstructures correspond correspond to to subtypes) subtypes).. The The integers integers are are included included in in some some programming programming languages languages as as the the data data type type "bignums" "bignums",, and and real real numbers numbers are are (badly) (badly) approximated approximated by by "floating "floating point point numbers" numbers".. In In aa sense sense the the system system of of data data types types provides provides aa computational computational type type theory theory capable capable of of organizing organizing and and unifying unifying programming programming problems problems and and solutions solutions in in 44Crashing 44Crashingcan can mean meanaa complete completefailure failureto to respond respondor or an an unwanted unwantedresponse responsefrom fromthe the operating operating system "bus error") "segmentation fault" ). system (("bus error") or or from fromthe the hardware hardware (("segmentation fault").
Types
759 759
the same same way way that that type type theory theory organizes organizes and and unifies unifies computational computational (also (also constructive constructive the and and intuitionistic) intuitionistic) mathemataical mathemataical problems problems and and solutions. solutions. The The continuing continuing (rapid) (rapid) evolution of of programming programming languages languages will will probably probably lead lead to to data data type type theories theories that that evolution subsume mathematical mathematical type type theories. theories. There There may may be be new new data data types types appropriate appropriate for for subsume expressing expressing the the problems problems of of interaction interaction as as well well as as those those of of "functional "functional action" action" which which now dominate. now dominate. Although Although the the similarities similarities between between types types and and data data types types just just enumerated enumerated is is com compelling and think it pelling and interesting, interesting, II think it is is also also important important to to understand understand the the differences. differences. These These differences differences challenge challenge us us to to find find logical logical foundations foundations for for new new types. types.
4.2. 4.2. Type Type E E type t y p e and a n d domain d o m a i n theory theory
Given Given that that programming programming types types are are not not the the same same as as mathematical mathematical ones, ones, might might it it be allow aa type all types, types, precisely theory was be sensible sensible to to allow type of of all precisely the the notion notion that that type type theory was created in accordance with the the vicious One fact know created to to disallow disallow in accordance with vicious circle circle principle? principle? One fact we we know from the work of of Meyer and Reinhold Reinhold [1986] [1986] and Howe [1991,1989,1987,1996b] [1991,1989,1987,1996b] is is from the work Meyer and and Howe that adding the typing typing rule rule Type Type E E Type Type to the simply simply typed typed lambda allows to the lambda calculus calculus allows that adding the new typed among new terms terms to to be be typed among which which are are applications applications that that fail fail to to terminate. terminate. No No such such terms typed without without this this new the other other hand, this rule would not terms can can be be typed new rule. rule. On On the hand, this rule would not cause the type "collapse" in cause the type system system to to "collapse" in the the sense sense that that every every term term could could be be typed typed or or every every term term belongs belongs to to every every type type (as (as would would happen happen if if we we added added the the rule rule T T1l = = T T22 for for Indeed, we any any two two types types Tl T1 and and T T2). we know know that that such such aa type type system system has has aa nontrivial nontrivial 2 ) . Indeed, mathematical (Cardelli [1994] mathematical model model (Cardelli [1994],, Meyer Meyer [1988]) [1988]).. The The discovery discovery of of interesting interesting mathematical mathematical models models for for programming programming language language types programming language semantics. It types is is aa flourishing flourishing topic topic in in the the field field of of programming language semantics. It theory pioneered has led directly the rich rich subject has led directly to to the subject of of domain domain theory pioneered by by Dana Dana Scott Scott [1970a,1970b,1972,1976] [1970a,1970b,1972,1976] led led early early on on by by Gordon Gordon Plotkin Plotkin [1975]. [1975]. (The (The results results of of Plotkin Plotkin [1981], [1981], Abramsky Abramsky [1993] [1993], Reynolds Reynolds [1981], [1981], Cardelli Cardelli [1994], [1994], Mitchell Mitchell [1996], [1996], ' Gunter Gunter [1994] [1994],, Egli Egli and and Constable Constable [1976] [1976],, and and Abadi Abadi and and Cardelli Cardelli [1996] [1996] are are quite quite relevant relevant to to the the work work discussed discussed here.) here.) One One of of the the major major early early discoveries discoveries of of domain domain theory theory is is that that there there are are referential referential or or "denotational" "denotational" mathematical mathematical models models of of partial partial function function spaces, spaces, in in particular, particular, of of the the untyped untyped lambda lambda calculus calculus in in which which function function equality equality is is extensional extensional (see (see Scott Scott [1976]) [1976]).. The as been The challenge challenge for for domain domain theory theory hhas been to to relate relate these these models models to to the the standard standard mathematical mathematical types types and and type type theories. theories. This This remains remains an an active active area area of of research research with with especially especially promising promising recent recent results results in in analysis analysis (Edalat (Edalat [1994]). [1994]). Let Let us us call call types types which which allow allow diverging diverging elements elements partial partial types. types. Given Given that that there there is is aa consistent consistent theory theory of of partial partial types types allowing allowing Type Type EE Type Type and and that that this this rule rule drastically simplifies the drastically simplifies the theory, theory, we we proceed proceed to to explore explore it. it. One One view view of of this this theory theory is is that that it it speaks speaks about about aa domain. domain. Another Another is is that that it it is is aa "partial theory" which "partial type type theory" which will will require require refinement refinement as as more more constraints constraints are are added, added, such such as as totality totality restrictions. restrictions. But But until until we we require require totality, totality, the the vicious vicious circle circle principle principle has has no no force force since since its its consequence consequence is is merely merely aa nonwell nonwell founded founded concept concept (nontermi (nonterminating term) nating term).. This This approach approach to to type type theory theory permits permits aa great great deal deal of of freedom-partial freedommpartial
760 760
R. Constable Constable
objects }, objects are are allowed, allowed, illogical illogical comprehension comprehension is is possible, possible, e.g. e.g. {x ( x : : Type Type II xx E Xx}, negative definitions are negative recursive recursive definitions are allowed allowed (see (see Section Section 4.3) 4.3),, and and concepts concepts need need not not be be referential required. It referential since since equality equality relations relations are are not not required. It will will be be left left to to the the programming programming logics these "unruly" logics to to impose impose more more logical logical order order on on these "unruly" types. types. One this theory products taken One of of the the first first benefits benefits of of this theory is is that that dependent dependent products taken over over Type Type provide module is provide a a notion notion of of module. module. The The signature signature (or (or type) type) of of a a module is M M :: Type Type x• F(M) F(M) M.. By where where F(M) F(M) is is a a type type built built from from M M such such as as M M x • M M -+ --+ M By iterating iterating this this construct construct we we get get the the general general structure structure of of a a module module (XO) x0:: Type Type x • Xl Xl:: TI Tl(X0) Xo
x •
. . . X• Xn (xo, . . . , Xn-l ) ' x n : : Tn Tn(xo,...,xn-1).
4.3. 4.3. Recursive R e c u r s i v e types types
As As we we have have seen, seen, inductive inductive definitions definitions and and principles principles of of inductive inductive reasoning reasoning lie lie at at the and logic. the heart heart of of computational computational mathematics mathematics and logic. The The inductive inductive definition definition of of the the natural lists, and mind. The natural numbers, numbers, lists, and formulas formulas come come immediately immediately to to mind. The elements elements intro introduced inductively inductively can can be be represented represented in in computer computer memory memory by by linked linked data data structures structures duced A, say ), constructed constructed from from pointers. pointers. For For example, example, a a list list of of elements elements of of type type A, say ((aa Il ,, . ... ., , an an), would would be be represented represented by by a2 I] t-+ an I[ t-+ -Jr---+I[a2 -~ "-- � ~ ~ nil nil I[alal I[ t-+ I[an where where the the arrows arrows are are pointers pointers (data (data of of type type address address or or in in Algol Algol 68 68 terminology, terminology, references thus of type ref(A) references to to A A objects, objects, thus of type ref (A)).) . A A seminal seminal discussion discussion of of these these methods methods can can be be found found in in C.A.R. C.A.R. Hoare Hoare's's article article Notes Notes on on Data Data Structuring Structuring [1972] [1972]..45 4~ One the most One of of the most decisive decisive uses uses of of types types in in programming programming languages languages is is in in defining defining recursive recursive data data types types at at the the same same level level of of abstraction abstraction used used in in mathematics. mathematics. This This innovation innovation was was pioneered pioneered by by Lisp Lisp and and its its treatment treatment of of lists lists without without explicit explicit mention mention of pointers. The of pointers. The pointer pointer representation representation is is managed managed by by the the run-time run-time system system of of pro procollector is gramming language, language, and called aa garbage gramming and a a program program called garbage collector is used used to to dynamically dynamically manage manage the the allocation allocation and and deallocation deallocation of of memory memory for for lists lists and and other other inductive inductive structures. structures. In In programming programming these these inductive inductive types types are are called called recursive recursive types types or or recursive recursive data structures with recursive data structures by by analogy analogy with recursive programs. programs. They They include include circular circular data data structures, structures, unfounded unfounded lists lists (or (or streams) streams) and and other other "nonwell-founded" "nonwell-founded" recursive recursive data data ,, 6 that 4 The that would would not not be be considered considered as as properly properly "inductive. "inductive. ''46 The definition definition of of such such a a 45The small book Structured Structured Programming, Programming, Dahl, Dijkstra and Hoare [1972], [1972], is one of the gems of computer science. science. All of computer All three three articles articles are are closely closely related related to to the the subject subject of of this this section. section. 46Perhaps the reason for the popularity of the term "recursive data type" comes from Hoare's evocative evocative analogy: analogy: "There "There are are certain certain close close analogies analogies between between the the methods methods used used for for structuring structuring data . . . a discriminated union data and the methods for structuring a program which processes that that data data.., corresponds corresponds to to aa conditional conditional ..... . arrays arrays to to for ]or statements statements ..... . sequence sequence structure structure ..... . to to unfounded unfounded looping . . . The looping ..... The question question naturally naturally arises arises whether whether the the analogy analogy can can be be to to aa data data structure structure corresponding to recursive procedures."
Types Types
761 761
type isis disarmingly disarmingly simple simple to to paraphrase paraphrase Hoare: Hoare: "write "write the the name name of of the the type type being being type defined inside inside its its own own definition." definition." In In his his notation notation we we write write defined
type TT == F[T] F[T] type where FIX] type definition definition in in X. X . If If we we use use ++ for for disjoint disjoint union union and and 11 for for the the unit unit where F[X] isis aa type type and and xx for for cartesian cartesian product, product, then then here here are are the the definitions definitions for for natural natural numbers numbers type and lists lists over over aa type type A. A. and
type NN := 11 ++N type N list LL := 1l +(A +(A xx L). L). list We will will use use aa more more compact compact notation, notation, writing writing aa single single term term with with aa binding binding construct. construct. We Our notations A xx L) L) where where N N and and LL notations for for these these types types are are #(N. J-t(N. 11 ++ N), N) , #(L. J-t(L. 11 ++ A Our are bound F[T] isis aa type type expression expression in in T, T , then then #(T. J-t(T. FIT]) F[T]) bound variables. variables. In In general, general, ifif FIT] are denotes type used above to giving the denotes the the recursive recursive type used above to illustrate illustrate Hoare's Hoare's notation. notation. In In giving the rules for for recursive recursive types, will use A --+ -+ B B and for the the programming rules types, we we will use A and xx:: AA -+ -~ B[x] B[x] for programming type fun so the the elements elements are functions. type f u n ((x x : :AA)B; ) B ; so are partial partial functions. J-t (x. F[x]) E Type redype_def 11.. H Ig F- # (x. F[x]) e Type rec_type_def H, xx ::Type Type I-F- F[x] H, Fix] E E Type Type
2. (x. Fix]) F[x]) redype_member 2. H g It- tt E e J-t # (x. rec_type_member H g It- tt E e F F [J-t(x. [#(x. F[x])] F[x])] 3. redype_elim 3. fI /~ IF- J-t # (t; (t; f, f, y. y. g[f, g[f , y]) y]) E e G G rec_type_elim fI, H, x x:: Type, Type, f f ::x z -+ --+ G, G, yy:: F[x] Fix] It- g[J, g[f , y] y] E e G G E J-t(x. F[x]) fI It R F- t e #(x. F[x]) The The term term J-t # (t; (t; f, f, y. y. g[J, g[f, y]) y]) is is called called aa recursion recursion combinator. combinator. It It is is the the recursive recursive program program associated associated with with the the recursive recursive definition. definition. The The evaluation evaluation rule rule is is 9g [-X z; f, y. g[J, [~ ((z. z . J-t , ((z; f, y. g[f, y])) y ] ) ) // ff,, t/y] t/y] .\.$ aa
J-#t (t; (t; f, g[J, y]) y]) .\.$ aa f, y. y. g[f,
The The operational operational intuition intuition behind behind these these rules rules is is this. this. A A recursive recursive type type type type T T = = F[T] F[T] is is well well formed formed exactly exactly when when its its "body" "body" F[T] F[T] is is aa type type under under the the assumption assumption that that T T is is aa type. type. This This is is "writing "writing the the name name of of the the type type being being defined defined in in its its own own definition." definition." To To construct construct aa member member of of the the type, type, build build aa member member of of F[T] FIT],, and and if if this this construction construction requires requires an an element element of of T T,, then then apply apply the the construction construction recursively recursively (in (in the the implementation, implementation, use use aa pointer pointer to to T T and and build build recursively). recursively). The The process process may may not not terminate terminate unless unless there there is is aa "base "base case" case" which which does does not not mention mention T T,, as as in in the the left left disjunct disjunct of of 11 + +T T or or of of 11 + +A A xx T T.. A A definition definition like like J-t(X. #(X. X) X) is is empty empty because because no no element element can can be be created, created, likewise likewise for for J-t(X. #(X. X X + + X) X) or or J-t(T. #(T. T T xx T) T).. Note Note however however that that J-t(T. #(T. T T -+ --+ T) T) will will contain contain the the element element -X(x. A(x. x) x) by by this this application application of of rules rules
I-t- -X(x. A(x. x) x) Ee J-t(T. #(T. T T -+ -+ T) T) TT": Type Type I-F--X(x. A(x. x) x) EE T T -+ --+ T T T. T. Type, Type, xx": T T I-F-xx EE T. T.
762 762
R. Constable R.
Associated with with #J.l (x. (x. F[x]) F[x]) isis aa method method of of recursive recursive computation computation (as (as Hoare Hoare Associated suggested and and as as we we know know from from inductive inductive definitions definitions in in mathematics). mathematics). If Ifthe the recursive recursive suggested type isis "well-founded" "well-founded" then then this this procedure procedure will will terminate, terminate, otherwise otherwise itit might might not. not. type The recursive recursive procedure procedure isis the the following. following. Given Given tt EE #J.l (X. (X. Fix]), F[x]) , to to compute compute an an The , use a program 9 that computes on elements of F[x] . This element of of type type G, element use a program g that computes on elements of F[x]. This C procedure may decompose decompose tt into into components components tt'~ of of type type #J.l (x. (x. Fix]). F[x]) . In In this this case, case, procedure g9 may call the the procedure procedure recursively. recursively. To To specify specify this this we we note note that that ifif we we consider consider that that tt call belongs to to Fix], F[x] , then then component component tt'~ will will belong belong to to X. X . The The recursive recursive call call of of the the belongs procedure isis represented represented in in the the rule rule by by the the function function variable variable fj from from X X to to G. We see see procedure C . We from the the evaluation evaluation rule rule that that this this is is used used exactly exactly as as aa recursive recursive call. call. from This method method of of organizing organizing the the rules rules comes comes from from Constable Constable and and Mendler Mendler [1985] [1985] This and Mendler Mendler [1988]; [1988] ; itit can can be be made made more more expressive expressive using using the the subtyping subtyping relation relation and SS E_ parameterized recursions. !;,;; T T and and dependent dependent function function types types and and parameterized recursions. First, First, with with dependent types types we we get get dependent
g) EE Gin] (x. F[X]) fl, uu ':#J.l (X. /~, FIX]) f~ #J.l (u; (u; j, f, y. y. g) C [u] [x]) , yy": F[X] F[X] f-t-- 9g Ee G[y] i-I, X :"Type, Type, f" G[x]), fl, X j : (x" (x : XX ~-+ C C [y]
The form of of recursive type to to depend depend on on aa The parameterized parameterized form recursive type type allows allows the the defined defined type parameter of type A The syntax syntax is is #J.l (X. (X. F[x]) @a parameter of type A.. The f[x]) @a
(X. F[X])@a F[X]) @a EE Type Type Ip. fl f-~- J.#l (X. l p. /~ 2p. 2p.
3p. 3p.
p. 44p.
fl, i-I, X X": A A -+ ~ Type Type ft- F[x] f[x] E E (A (A -+ ~ Type) Type) fl H t f- aaE EA A flt /~t E E J.l # (X. (X. F[x]) F[x]) @a @a fl @y] (a) /~ fF- tt E EF F [,\ [A (y. (y. J.#l (X. (X. F[X])) FIX]))@y] (a) fl l (a; t;t; j, H f~ J.#(a; f, u, u, y. y. g) g) E EC G l (X. F[X])@u) fI, X X :"(A (A -+ -~ Type) Type),, Vu Vu :. A. A. (X(u) (X (u) !;,;; E_ J.~(X. F[XI)~u) fl, f-~- g[j, g[.f, u, u, y] y] EE C G f-~ aaEEA A f-F- tt EE J.l(X. #(X. F[x])@a F[x])@a u. '\~ (~. r. J.~(u; l u; r; gg [~'\ (u. r; j, S, u, u, y. y. gg))) IS, ~lu, t/y] .~ J.#(a; l a; t;t; jf,, u, u, y. y. 9g) $ c _
We We can can combine combine the the parameterized parameterized form form and and the the dependent dependent form; form; such such rules rules are are 't use given given in in Constable Constable et et al. al. [1986] [1986] and and Mendler Mendler [1988], [19SS], but but we we won won't use this this level level of of complexity complexity here. here. The The parameterized parameterized recursive recursive types types can can be be used used to to define define mutually mutually recursive recursive types types since since we we can can think think of of J.l(X. #(X. F[x])@u F[x])@u as as aa family family of of simultaneously simultaneously recursively recursively defined defined types. types. With With the the propositions-as-types propositions-as-types principle principle and and restricting restricting the the recursive recursive types types to to be be well-founded, well-founded, we we get get recursively recursively defined defined relations. relations. These These have have been been exploited exploited well well in in the the Coq Coq theorem theorem prover prover (Coquand (Coquand and and Paulin-Mohring Paulin-Mohring [1990] [1990],, Coquand Coquand [1990], [1990], Paulin-Mohring Paulin-Mohring and and Werner Werner [1993]). [1993]). With With recursive recursive types types and and disjoint disjoint unions unions and and aa unit unit type type we we can can define define natural natural numbers numbers and and lists lists as as we we have have shown. shown. Using Using record record types types we we can can define define pairs pairs of of numbers numbers which which gives gives us us integers integers and and rational rational numbers. numbers. (Using (Using function function types types we we can can define define the the computable computable reals; reals; see see Bishop Bishop [1967], [1967], Chirimar Chirimar and and Howe Howe [1991], [1991], Forester Forester
Types
763
Booleans can be defined [1993].) [1993].) Booleans can be defined as as 11 + + 1. So the the number number of of primitives primitives for for aa rich rich 1. So type will examine type theory theory can can be be reduced reduced to to a a very very small small set. set. We We will examine some some especially especially interesting reductions reductions in interesting in the the next next section. section. E x a m p l e defining defining primitive p r i m i t i v e recursion r e c u r s i o n on on N. N. To To illustrate illustrate the the workings workings of of the the Example recursion recursion combinator combinator p,O #(),, we we use use it it to to define define primitive primitive recursive recursive functions functions from from N N to to G.. Suppose Suppose 1 f is is defined defined primitive primitive recursively recursively on on p,(X. #(X. 1 + X) X) to to G G by by G
1(0) S(0) = =bb
I(suc(u)) f(suc(u)) = h(n, h(n, I(n)). f(n)). Then Then the the corresponding corresponding combinator combinator is is p, # (u; (u; l, f, u. u. decide decide (u; (u; v. v. b; b; v. v. h(v, h(v, l(v)))) f(v))))
whose typing typing is is seen seen from from the the judgment. judgment. whose
X: : Type, Type, I ]:: X X -t --+ G, G, u u:: 1 + X X f~- decide(u; decide(u; v. h(v, I(v))) f(v))) E E G. G. X v. b;b; v. v. h(v,
Typing Typing a a fixed fixed point point combinator. c o m b i n a t o r . While While the the recursion recursion combinators combinators are are essential essential for inductive types, indeed they characterize characterize them, them, in in aa rich rich enough enough partial type for inductive types, indeed they partial type theory defined. The theory they they can can be be defined. The idea idea is is to to use use the the richness richness of of the the recursive recursive types types to to assign assign a a type type to to a a fixed fixed point point combinator, combinator, like like Y Y.. Recall Recall that that the the Y Y combinator combinator is is abbreviated >.(x. g(xx))>.(x. g(xx))) or >.(x. g(xx)) abbreviated >' ik (g. (g. ~(x. g(xx))~(x, g(xx))) or still still further further by by letting letting w w= = )~(x. g(xx)) and We show that Y and writing writing Y Y as as >.(g. A(g. ww) ww).. We show that Y has has type type (T (T -t -+ T) T) -t -~ T T for for any any type type T T p,(X. X by by using using the the auxiliary auxiliary recursive recursive type type S S == = - #(X. X -t --+ T) T).. Here Here is is the the derivation. derivation. The T, the T. The The type type of of 9 g will will be be T T -t -+ T, the type type of of w w is is S S -t ~ T. The "trick" "trick" is is to to type type ap(x; x) to to be be of of type type T T.. We We examine examine the the typing typing derivation derivation for for w w.. ap(x; x) fp,(X. X F- >.(x. ,~(x. g(xx)) g(xx)) E E #(X. X -t --+ T) T) by by p,Jllembership #_membership by )~(x. g(xx)) g(xx)) E ES S -t -~ T T by -t --+ R R f-~- >.(x. gg :: T T - -t + T, T , xx::SS fby t- g(xx) g(xx) E ET T by -t ~ L L by xx E ET T by ap ap f-~- xx f-~- xx EE S by S -t ~ T T by unroll unroll x x f-~-xx EE S by S by hyp h y p xx Once Once we we know know that that w wE ES S -t ~ T T and and w wE ES S,, then then ww ww E ET T and and g(ww) g(ww) E ET T.. One corollary of this typing is that Y(>.(x. x)) belongs to the empty type p,(X. One corollary of this typing is that Y(:k(x. x)) belongs to the empty type #(X. X) X) called called void, void, since since >.(x. A(x. x) x) E E void void -t --+ void. void. But But Y(>.(x. Y()~(x. x)) x)) is is aa diverging diverging term, term, so so it it is is not not aa value value belonging belonging to to void. void. Indeed, Indeed, we we can can easily easily show show that that there there are are no no values values of of type type void. void. Now including the Now we we can can use use Y Y to to define define any any partial partial recursive recursive function, function, including the recursion recursion combinators of type p,(X. F) -t G . In general, >. (x. p,(x; I, u . g[l, combinators of type #(X. F) ~ G. In general, ~ (x. #(x; f, u. g[f, u])) u])) is is just just Y (>. (J. >.( u. g[l, u]))) . The type of 1 is (p, (X. F) -t G) -t (p,(X. F) -t G) Y ()~ (f. ~(u. g[f, u]))). The type of f is (# (X. F) --+ G) ~ (#(X. F) ~ G),, and and we we observed observed that that g[l, g[f, u] u] E EG G can can be be derived derived from from this this typing typing of of I f ..
gg:T--+ : T -t T T
Applying Applying this this general general construction construction to to primitive primitive recursion recursion we we get get the the term term
Y(>.(J. v. b;b;v. v. h(v, l(v)))))) , which Y()~(f. >.(n. ik(n. decide(u; decide(u;v, h(v,f(v)))))), which is is R R,, the the primitive primitive recursion recursion combinator, (with (with bb and and h h as as parameters). parameters). combinator,
764 764
R. Constable
types. Constable Constable and and Mendler Mendler [1985] [1985] and and Mendler Mendler [1988] [1988] gave gave conditions conditions IInductive n d u c t i v e types. needed to to guarantee guarantee that that recursive recursive types types #(X. j.L(X. F) F) define define only only total total objects. objects. One One needed be aa monotone monotone operation operation on on types types in in the the sense sense that that such condition condition isis that that FF be such ZX E � YY =~ => FIX] F[X] E� FLY]. F [Y] . We We also also studied studied conditions conditions to to guarantee guarantee that that elements elements of of these types types are are functional. functional. The The result result is is aa set set of of rules rules used used in in Nuprl Nuprl for for inductive inductive these types (c.f. (c.f. Constable Constable et et al. al. [1986], [1986], Hickey Hickey [1996a]). [1996a]). types When FF is When is required required to to be be monotone, monotone, then then we we cannot cannot define define the the type type #(X. j.L(X. X X --+ -+ T) T) used used in in typing typing Y. Y . Indeed, Indeed, itit is is not not possible possible to to type type Y Y nor nor divergent divergent elements. elements. For For this reason reason the the #(x; this j.L(x; f,f, u. u. g) g) recursion recursion forms forms are are needed. needed. They They provide provide the the structural structural induction rules rules for for inductive inductive types. types. In In Nuprl Nuprl these these induction induction rules rules for for recursive types induction recursive types Y(>.. (J. b)) b)) are are can be be used used to to prove prove that that certain certain applications applications of of the the Y Y combinator, combinator, Y(A(f. can indeed total total objects objects (see (see Constable Constable et et al. al. [1986]). [1986]). So So we we get get the the advantages advantages of of general general indeed recursive programs programs without without losing losing the the logical logical structure structure of of type type theory. theory. recursive 4.4. 4.4. Dependent D e p e n d e n t records records aand n d vvery e r y ddependent e p e n d e n t ttypes ypes We are core type type system system that that will of the We are aiming aiming to to exhibit exhibit aa small small core will generate generate all all of the types we studied. The step in direction that that we take here of considerable considerable types we have have studied. The step in this this direction we take here is is of practical value--it value-it builds builds record spaces. practical record types types from from dependent dependent function function spaces. n } be == {( 1I ,, .. .. .., , n} Consider the the record type record(x : Al, . . . , Xn Nn == Consider record type record(x1l "A1,..., xn "An). Let Nn be : An) . Let element enumeration type-it can can simply simply be be 1 ++. .. .. . + an taken n times. Define Define an nn element enumeration type--it + 11 taken n times. to Type. Then the the essential the record B(i) -= A~ from Arm Type. Then essential structure structure of of the record Ai from Nm to aa function function B(i) : Nn -+ this type, type, ff(i) is given by the the dependent dependent function space ee'Nn is given by function space -~ B(i) B(i).. Given Given ff in in this (i) is the i-th component. We display form form for for record record selection selection if if we ne is the i-th component. We obtain obtain aa nice nice display we defi define
f· Xi == ff(i). (i) .
f. xi ----
This definition of properties. In This definition of records records has has nice nice subtyping subtyping properties. In aa standard standard record record calculus calculus a a record record type, type, rr~, is aa subytpe subytpe of of record record type type rr2, written rr~l � _ rr2, iff rrll 2 , iff 2 , written l , is has fields. So has additional additional fields. So a a colored colored point point is is aa subtype subtype of of aa point point or or aa group group type type is is aa subtype subtype of of monoid monoid type, type, etc. etc. Our Our definition definition provides provides this this subtyping subtyping directly directly from from the subtyping that if the subtyping relation relation on on function function spaces. spaces. Recall Recall that if A A1l � __E_A A2, B1l � E_ B B22 then then 2, B A Also if A22 -+ -~ Bl B1 � _ Al A~ -+ --+ B B2. if Nn Nn � _ N Arm, and n n � _ m m,, and and B B~l (i) (i) = B B2(i) for ii E EN Nnn 2 . Also m , and 2 (i) for then then i'Nm -+ Bl(i) E_ i'Nn ~ B2(i).
: Nn -+ Notice Notice that that f f E E (i (i": N Arm -+ B BI(i)) is an an element element of of ii'Nn -+ B B2(i) simply by by the the 2 (i) simply l (i)) is m -+ polymorphic nature polymorphic nature of of functions functions (Le. (i.e. they they are are rules rules given given by by >.. A terms) terms).. Encoding records. The : Al x• A E n c o d i n g dependent d e p e n d e n t records. The dependent dependent product product types, types, x x:A1 A2[x] offer aa 2 [x] offer A l ; X2 form form of of dependent dependent record record as as mentioned mentioned above. above. The The general general form form is is record(x record(x1l ::A1; x2:: A [x l , . . . , Xn- l]) . Can A2[xl];... An[Xl,...,xn-1]). Can we we also also define define these these records records as as dependent dependent Xn : An 2 [xl ] ; . . . ;;xn: functions? functions? The The existing existing dependent dependent function function space space is is not not adequate adequate for for this this task, task, but but Jason Jason Hickey Hickey [1996a] [1996a] has has discovered discovered an an extension extension that that he he calls calls very very dependent dependent function function
Types Types
765 765
spaces. B[x]).. spaces. The Thebasic basicnotation notationisis fun(A; fun(A;f,f,x.x. B[f, B[f, x]) xl) as as opposed opposed to to fun(A; fun(A; x. x. B[xl) The function Theidea ideaisisthat thatthe thetype type BB can can depend depend not not only only on on the the argument argument to to the the function sosothat values" of of g(a) EE B[a], B[a] , but but now now the the type type of of BB can can depend depend on on "previous "previous values" that g(a) g,g ,sosog(a) the elements elements g(a) EEB[g, B[g,a]. a] . To Tosee see how how the the idea idea works, works, let's let's use use itit to to define define the ofofxlXl"At (a~,a2) where Note A2 A2 "A~ -+ Type, Type , and and an an element element is is (al , a2 ) where : A 2 (XI) . Note : Al --+ : Al • xx2X2"A2(x~). ala l eE Al, Imagine that that A I ,a2a2 eE A2(al). A2 (al ) . The The encoding encoding isis based based on on N2 N2 == {1,2}. {I, 2} . Imagine B(1) say this this if if we we had had We could could say where a~ a l eE A~. A I . We andwe wewant want B(2) B(2) == A2(a~) A 2 (al) where B(l)==A~, AI ,and the element g such that g(1) E A1. So if we add g as a parameter to B we can say the element g such that g(l) E A I . So if we add g as a parameter to B we can say
B(g, B(g, 1)1) == A1 Al S(g, B(g, 2)=A2(g(1)). 2) = A 2 (g(1)).
This 2),, gg is is referenced referenced only only This particular particular definition definition makes makes sense sense because because at at B(g, 2) atat previous basis for for defi defining the simplest simplest Hickey takes takes this this as as the the basis ning the previous arguments. arguments. Hickey very on gg as as prerequisite prerequisite to to very dependent dependentfunction function space. space. He He requires requires aa well-ordering well-ordering on forming theory we we can can get get away away with with formingthe thetype type (see (see Hickey Hickey [1996a]). [1996al ) . In In aa partial partial type type theory less. generate an an ordering ordering on on values values via via less. AA particular particular computable computable function function gg will will generate its Big, x] x] in in forming forming the the type, type, itscomputation. computation. So So we we can can allow allow arbitrary arbitrary expressions expressions B[g, but satisfying the the constraints constraints of of B. B. The The but itit will will be be empty empty unless unless there there isis aa function function satisfying (viciously circular) circular) rules rules are: are: (viciously
fun(A; f,f, x.x. B) B) EE Type Type 1.1 . HfI ~f- fun(A; fI Ff- AA EE Type Type [-I fI, xx ": A, A, ff ": ffun(A; f, x. x. B) B) f-~ B [I, un(A; f, B EE Type Type fI F-f- A(x. .\(x. b)E b) E fun(A; fun(A; f,x. f, x. B) B) 2.2. /~ fI, x" x : AA ~f- bb eE B[A(x. B[.\(x. b)/f] /~, b)/f] g(a) eE B[g/f, B[g/ f, a/x] fI ~f- g(a) 3.3. H a/x] by by ap ap over over fun(A; fun(A; f, f, x. x. B) B) fI Ff- gg EE fun(A; fun (A; f, f, x. x. B) B) fIFf-- aaEEAA H With this this type type we we can With can define define dependent dependent products products as as
prod(A; x. B[xl) == x. ifif xx -= 11 then 2 ; f,f,x. prod(A;x. B[x]) = = fun(N fun(N2; then AA else else B[J(l)]). B[f(1)]). 4.5. A A vvery 4.5. e r y small small type type theory theory
The previous previous reductions The reductions show show that that we we can can define define aa very very rich rich type type theory theory using using only three primitive type constructors and one primitive type, namely Type only three primitive type constructors and one primitive type, namely Type.. x. B) types: types: Type Type AA ++ B B fun(A; fun(A; f,f,x. B) Jl(X #(Z.. B) B) values: values: inl(a), inl(a), inr(b), inr(b), .\(x. A(x. b)b) forms: forms: decide(t; decide(t; u. u. a;a;v.v. b)b) ap(t; ap(t;a)a) This This language language can can be be seen seen as as aa combination combination of ofthe the ideas ideasfrom fromConstable Constableand andMendler Mendler [1 985], Mendler 1988] , Hickey 1996a] ; itit isis inin the [1985], Mendler [[19SS], Hickey [[1996a]; the style style of ofMendler's Mendler'sthesis thesisusing using 's textbook Hickey's ] considers Hickey's key key reduction. reduction. The The language language FPC FPC ininGunter Gunter's textbook[ 1992 [1992] considersthe the nondependent nondependent recursive recursive types types in in aa similar similarspirit. spirit.
766 766
Constable R. Constable
5.. Conclusion Conclusion 5 In the the main, main, this this article article is is aa snapshot snapshot of of three three subjects subjects recently recently come come into into In alignment. This This conclusion conclusion addresses addresses research research dynamics dynamics driving driving these these subjects. subjects. alignment. T y p e d logic. logic. Many Many standard standard topics topics in in logic logic must must be be reworked reworked for for typed typed logic. logic. We We Typed have already already seen seen that that its its deductive deductive machinery machinery is is different, different, so we need need to to ask ask about about have so we normalization results for for natural natural deduction deduction (as (as in in Prawitz Prawitz [1965]) [1965]) or or cut cut elimination elimination normalization results for numerous numerous variants variants of of the the sequent sequent calculus calculus (with (with structural structural rules rules or or without, without, for tableau style style or or bottom bottom up, up, etc.) etc.) What What properties properties of of the the normal normal syntax syntax of of proofs proofs tableau reflect their their deeper deeper semantic semantic content? content? What What symmetries symmetries of of the the sequent sequent calculus calculus reflect reveal properties properties of of evidence? evidence? reveal The emergence emergence of of automated automated deduction deduction systems systems has has introduced introduced new new issues issues and and The questions. For For example, example, the the notion notion of of aa tactic-tree tactic-tree proof proof(Allen et al. al. [1990]) [1990]) illustrated illustrated (Allen et questions. here here is is aa novel novel structure, structure, and and its its use use in in refinement refinement logics logics (Bates (Bates [1979], [1979], Bates Bates and and Constable [1985]) [1985]) raises raises questions, questions, such such as, as, how how is is soundness and type type correctness correctness Constable soundness and of the the metalevel metalevel programming programming language language for for tactics tactics related related to to the the soundness soundness of of the the of logic? logic? The traditional traditional questions questions about about the the relative relative "power" "power" of of logical logical theories theories can can be be The posed for for typed typed logics, logics, and and the the various various translation translation results results such such as as the the Kolmogorov Kolmogorov posed and Godel translations and GSdel translations are are being being studied studied (Troelstra (Troelstra and and Schwichtenberg Schwichtenberg [1996]). [1996]). Chet Chet Murthy Murthy [1990,1992] [1990,1992] discovered discovered remarkable remarkable results results relating relating these these translations translations to to Plotkin's's CPS CPS translations, translations, and and he he proved proved Friedman's Friedman's [1978] [1978] theorem theorem for for aa fragment fragment Plotkin of Nuprl as part part of of this work (see (see also also Palmgren [1995a]). These These results have been been of Nuprl as this work Palmgren [1995a]). results have applied in in interesting interesting ways ways in in program program extraction extraction by by Murthy Murthy [1992] [1992] and and Berger Berger applied and Schwichtenberg Schwichtenberg [1996]. [1996]. Friedman "reverse mathematics" can be be and Friedman's's program program of of "reverse mathematics" can elaborated in in this this context well, and and now now programming programming logics can be considered in in elaborated context as as well, logics can be considered aa more more uniform manner (Kozen (Kozen [1977], [1977], Kozen and Tiuryn Wiuryn [1990]). uniform manner Kozen and [1990]). The logic has emerged in of logic and computer computer The subject subject of of applied applied logic has emerged in the the intersection intersection of logic and science. This This includes includes the the study science. study of of specification specification languages languages such such as as Z Z (Spivey (Spivey [1989]), [1989]), aa main main topic topic in methods. The languages of typed logic HOL, in formal formal methods. The languages of typed logic (say (say in in Coq, Coq, HOL, Nuprl, PVS) provide provide alternative alternative specification languages which which seem seem to have Nuprl, and and PVS) specification languages to have advantages automation. These typed logics logics can accommodate special special advantages over over ZZ in in automation. These rich rich typed can accommodate languages those needed needed in in temporal temporal logic and for languages such such as as those logic and for hybrid hybrid systems systems (Nerode (Nerode and Shore and Ho Ho [1994]). and Shore [1994], [1994], Henzinger Henzinger and [1994]). The field of automated automated deduction flourishing part part of of applied applied logic. logic. Presently, Presently, The field of deduction is is aa flourishing specialized tools tools such such as as model specialized checkers (c.f. model checkers (d. Clarke, Clarke, Long Long and and McMillan McMillan [1989], [1989], checkers (c.f. (d. Milner, Milner, Tofte Tofte and and Burch et et al. al. [1991], [1991] ' Henzinger Henzinger and and Ho Ho [1994]), [1994]), type Burch type checkers Harper [1991]), [1991]), and and arithmetic arithmetic decision decision procedures procedures are are already already used used by by industry industry in in Harper production. are also production. Integrated Integrated systems systems like like Coq, Coq, HOL, HOL, Nuprl, Nuprl, and and PVS PVS are also valuable valuable to to industry. 4~ The logic-based industrial systems has wealth of industry.47 The deployment deployment of of logic-based industrial systems has led led to to aa wealth of research problems and and challenges (Kreitz, Hayden and Hickey [n.d.]). For For example, research problems challenges (Kreitz, Hayden and Hickey [n.d.]). example, 47The late IBM Fellow, Fellow, Harlam Harlam Mills, Mills, said in December December 1984, 1984, "It is the kind of research research that 47The can change the course course of industrial history."
Types
767 767
it is is becoming becoming imperative imperative to to share share libraries libraries of of mathematics mathematics between between provers. Howe's it provers. Howe's work work [1996a] [1996a] with with HOL HOL libraries libraries in in Nuprl Nuprl is is one one of of the the first first examples examples of of how how this this can can be done. done. Practical Practical deployment deployment relies relies on on several several years years of of investigating investigating the the underlying underlying be semantic semantic issues issues involved involved in in translating translating between between theories theories (Howe (Howe [1996b,1991]). [1996b,1991]). The to share The need need to share results results between between provers provers is is only only one one example example of of aa more more general general need to to build build more more open theorem proving proving systems. systems. These These systems systems should should be be able able to to need open theorem interface with with several several text text and and proof proof editors, editors, with with other other provers, with programming interface provers, with programming languages languages to to evaluate evaluate computable computable terms, terms, and and with with metalanguages metalanguages for for managing managing proof We discuss proof planning planning and and generation. generation. Nuprl Nuprl Version Version 55 is is one one such such system. system. We discuss these these problems in in aa wider wider context context in in Collaborative Collaborative Mathematics Mathematics Environments (Chew et et problems Environments (Chew al. [1996]). [1996]). al. Type theory. The The research research agenda agenda in type theory theory is is strongly strongly tied tied to logic as as this this T y p e theory. in type to logic article illustrates, providing new semantics. semantics. In In addition, addition, there there are are strong strong ties ties to to pure pure article illustrates, providing aa new (Gallier [1993]). and applied mathematics mathematics (Gallier [1993]). Indeed, Indeed, Martin-Loftype Martin-Lhf type theory theory arose arose as as an an and applied attempt foundational account the practice practice of of constructive attempt to to find find aa foundational account of of the constructive mathematics, mathematics, especially the style style of Bridges [1985], [1985], Mines, Mines, especially in in the of Bishop Bishop (Bishop (Bishop [1967], [1967], Bishop Bishop and and Bridges Richman and and Ruitenburg Ruitenburg [1988]). [1988]). This constructive mathematics mathematics is Richman This constructive is more more similar similar the practice of computational computational mathematics mathematics than to Intuitionistic mathematics to the practice of than to Intuitionistic mathematics to book can can be read in that that its its results results are are consistent consistent classically. classically. Indeed, Indeed, Bishop's Bishop 's book in be read as classical analysis or as as computational computational or or Intuitionistic Intuitionistic mathematics. as a a piece piece of of classical analysis or mathematics. Nuprl, in in fact, as an to provide foundation for Nuprl, fact, arose arose as an attempt attempt to provide a a foundation for computer computer science science numerical analysis, analysis, computer computer algebra, algebra, the the theory theory of algorithms and numerical of algorithms and computability. computability. It It was based based on on programming programming concepts concepts (Constable Constable and [1984]) was (Constable [1972], [1972], Constable and Zlatin Zlatin [1984]) influenced by Algol68 and in 1978 and and influenced by Algol68 and Simula, Simula, but but we we recognized recognized in 1978 the the power power of of Martin-LM semantics to this activity, Martin-Lhf semantics to organize organize this activity, and and in in Constable Constable and and Zlatin Zlatin [1984] [1984] used used his his semantics semantics to to improve improve our our earlier earlier design. design. As As computational computational mathematics mathematics has has gained gained importance, importance, more more work work has has been been done done to to systematize systematize it. it. For For example, example, the the algebra algebra underlying underlying aa computer computer algebra algebra system system AXIOM (Jenks (Jenks and such such as as AXIOM and Sutor Sutor [1992]) [1992]) is is constructive: constructive: consider consider the the definition definition of of an provides aa function, which will will divide an integral integral domain; domain; it it provides function, div div,, which divide aa * cc by by cc =F r oo.. In In general, claim that object "exists" "exists" is general, in in computer computer algebra, algebra, to to claim that an an object is to to give give an an algorithm algorithm to to construct construct it. it. A A current current active active area area of of research research is is expressing expressing the the concepts concepts of of computer computer algebra algebra in in constructive constructive type type theory. theory. It It is is especially especially promising promising that that the the work orderly account work provides provides an an orderly account of of the the types types and and domains domains used used in in algebra algebra systems systems - - for for example, example, compare compare AXIOM AXIOM (Jenks (Jenks and and Sutor Sutor [1992]) [1992]) or or Weyl Weyl (Zippel (Zippel [1993]) [1993]) to to ' s account Jackson Jackson's account in in Nuprl Nuprl [1994b,1994a]. [1994b,1994a]. Peter Peter Aczel Aczel is is considering considering Galois Galois theory theory in in LEGO LEGO (Pollack (Pollack [1995]), [1995]), and and more more work work of of this this sort sort will will be be done. done. Another Another important important topic topic in in the the same same vein vein is is the the use use of of type type theory theory to to organize organize the the foundations foundations of of numerical numerical mathematics mathematics by by Boehm Boehm et et al. al. [1986] [1986],, Chirimar Chirimar and and Howe Howe [1991]. [1991]. It It will will be be interesting interesting to to see see whether whether floating floating point point numbers numbers could could be be incorporated incorporated into into aa rigorous rigorous theory, theory, perhaps perhaps even even arranging arranging that that the the notion notion of of aa constructive number as which was constructive real real number as aa sequence sequence of of approximations approximations each each of of which was aa "floating number. It intriguing to "floating point" point" number. It is is intriguing to imagine imagine that that this this work work might might extend extend to to
768 768
R. Constable
aa computational computational treatment treatment of of nonstandard nonstandard analysis analysis (see (see Nelson Nelson [1968], [1968], Wattenberg Wattenberg [1988]). [1988]). This This is is potentially potentially interesting interesting because because it it is is now now realized realized since since the the work work of of Loeb accounts of more Loeb that that nonstandard nonstandard accounts of probability probability applications applications can can be be significantly significantly more intuitive than their their classical intuitive than classical counterparts. counterparts. Category Category theory theory can can be be seen seen as as an an abstract abstract organization organization of of type type theory, theory, and and just just as as type type theory theory provides provides an an alternative alternative and and more more general general foundation foundation for for mathematics mathematics than too, category than set set theory, theory, so so too, category theory theory provides provides such such aa foundation. foundation. The The category category possible to called an an elementary elementary topos topos generalizes generalizes set set theory. theory. 448 It is is possible to develop develop aa 8 It called predicative os theory Martin-Lof type predicative version version of of top topos theory (the (the Grothendieck Grothendieck topos) topos) in in Martin-Lhf type theory (Palmgren [1995a]). Likewise, Likewise, category category theory theory can can provide provide models of type type theory (Palmgren [1995a]). models of theory (Crole [1993], theory (Crole [1993], Seely Seely [1987]). [1987]). The The categorical categorical models models allow allow new new kinds kinds of of constructive theorems for predicate calculus constructive completeness completeness theorems for the the Intuitionistic Intuitionistic predicate calculus Palmgren Palmgren [1995a] [1995a],, and and from from these these it it is is possible possible to to give give aa uniform uniform computational computational interpretation interpretation to to nonstandard nonstandard analysis analysis (Palmgren (Palmgren [1995a]). [1995a]). Typed T y p e d programming p r o g r a m m i n g languages. languages. The The research research agenda agenda in in programming programming languages languages is is the the most most fast-paced fast-paced of of the the three; three; like like everything everything in in computer computer science science it it is is driven driven by by curiosity, curiosity, by by technology, technology, and and by by market market forces. forces. Research Research is is put put to to use use before before the the "ink is "ink is dry." dry." Each Each small small result result seems seems to to explode explode into into an an industry. industry. Needs Needs for for secure secure mobile code code will will now influence as mobile now be be a a major major influence as code code reuse reuse and and modularity modularity were were before. before. Language Language research research depends depends on on aa deeper deeper understanding understanding of of the the design design space space and and on on range of of semantic semantic tools tools to to rapidly rapidly validate validate experimental experimental designs. designs. Our Our approach approach of of aa range "partial types" is attempts to this knowledge, theory, "partial types" is one one of of many many attempts to provide provide this knowledge, domain domain theory, and semantics (c.f. others (see Crary and theories theories of of operational operational semantics (c.f. Plotkin Plotkin [1981]) [1981]) are are others (see also also Crary [1998]). [1998]). Acknowledgments. A c k n o w l e d g m e n t s . II want want to to thank thank Kate Kate Ricks Ricks for for preparing preparing this this manuscript manuscript and Allen for helping with and Stuart Stuart Allen for helpful helpful comments comments on on earlier earlier drafts drafts and and for for helping with aa new new account 1987 thesis account of of his his 1987 thesis work. work. 6. Appendix 6. Appendix
6.1. 6.1. Cantor's C a n t o r ' s Theorem. Theorem. tion tion 2.9. 2.9.
Here Here is is aa Nuprl Nuprl proof proof of of Cantor's Cantor's theorem theorem from from Sec Sec-
*T 9T cantor cantor
I3 diff : A -+ A : A . ..., (diff x = x» ~- VA V A :: UU. . ((3dill:A-+ A.. Vx Vx:A. -~(diffx=x)) => (Ve : A -+ d : A -+ : A . ..., (e x (Ve:A -+ A A -+ -+ A A.. 3 3d:A -+ A A.. Vx Vx:A. -~(e x ==dd» )) I BY veo THENW ut o BY Uni UnivCD THENW A Auto I I 11.. AA :: UU 48 48"The "The startling aspect of topos theory is that it unifies unifies two seemingly seeminglywholly whollydistinct mathe mathematical subjects: hand, topology subjects: on the one hand, topology and algebraic algebraic geometry, geometry, and on the other hand, hand, logic logic theory." MacLane MacLaneand Moerdijk Moerdijk [1992,p.l) [1992,p.1] and set theory."
Types Types
769 769
Hdiff:A -~ A A.. 'v'x Vx:A. -~ (diff (dill x x= = x) x) 22.. 3 diff : A --+ : A . ..., 3. e: e: A A ---+ + A -A+ A--+ A 3. ~- 3 Hd:A -+ A A.. 'v' Vx:A. -~(e d) r d : A --+ x : A . ..., (e xx == d) I[ B Y DD2 2 BY I[ dill:: A A --+ --~ A A 22.. diff Vx:A. -~(diff ) 33.. 'v'x : A . ..., (diff xx == xx) + A A ---+ +A A 44.. ee:: AA ---+ I[ BY With Aa.diff (e a a a) a) 1] (D (D 0) O) THENW THENW Auto Auto BY With r[ A a . diff (e
I[ ~- 'v'x Vx:A. -~(e = ((Aa.diff (e a a a) a))) r : A . ..., (e xx = A a . diff (e )) Il
BY D D 0 0 THENW THENW Auto Auto BY I[ x :: AA 55.. x ~- ..., -~(e x = = ((Aa.diff (e a a a) a))) r (e x A a . diff (e )) Il BY D D 0 0 THENW THENW Auto Auto BY Il 6.. e e xx= = ((Aa.diff ) )) A a . diff ((ee aaaa) 6 ~- False False r Il BY With x x] (D 3) THENW Auto Auto BY With r[ee x xl (D 3) THENW Il 3. A - +AA --+ A 3 . ee :: AA- +--+ 4. x :: AA 4. x 5.. e e xx= = (Aa.diff ) )) 5 ( A a . diff ((ee aaa a) 6.. -1(diff ) = ) 6 ..., (diff ((ee xxx x) =ee xxxx) Il B Y DD6 6 BY Il ~diff ((ee xxx x) ) = - ee xxxx r diff Il BY RW RW (AddrC (AddrC [3; THENN Auto BY [3 ; I] 1] (HypC (HypC 5) 5) )) 00 THENW Auto II r diff (e x x) == (Aa.diff ( A a . diff (e (e aa a)) a) ) xx ~diff (e x x) lI BY THEN Auto Auto BY Reduce Reduce 00 THEN *C cantor_end
********************************
6.2. SStamps Here is is aa complete complete Nuprl Nuprl proof proof for for aa simple simple arithmetic arithmetic 6.2. t a m p s pproblem. roblem. Here problem. We show any number number greater greater than than or or equal equal to to 88 can can be be written written as as a a problem. We show that that any sum of of 3's 3 ' s and and 5's. 5's. We We call call this this the the "stamps" "stamps" problem. problem. When When Sam Sam Buss Buss saw saw this this sum we discussed discussed aa generalization generalization which which is is included included in in Section Section 6.3. 6.3. Christoph Christoph theorem theorem we
770 770
R. R. Constable Constable
Kreitz proved handwritten notes. notes. It Kreitz proved the the generalization generalization following following Sam's Sam's handwritten It is is interesting interesting that Nuprl Nuprl caught caught aa missing missing case case in in this this proof. proof. The The arguments arguments seem seem sufficiently sufficiently that self-contained self-contained that that we we present present them them without without further further comment. comment. F- 'v' V ii: :{{8 8 . .. . .} .. } . 3m, 3m,n n ::lN V. . 3 3 , *mm + 5+, n5=*i n = i I1I BY BY D D0 0 THENA THENA Auto· Auto. 1I 1i.. ii:: {8 . . .} {8...} I- 3 m,n: N . 3 Bm,n:/V. 3 ,*mm + 5+, 5n =*in = i 1I BY BY NSubsetlnd NSubsetInd 11 THEN Auto Auto.· 1I THEN 1l\ \ 1l l1.. ii::Z Z 11 22.. 00< i< i 3. 8 e ==i i 113. 1II1 11 BY 11 0 BY DTerm DTerm r[11]1 0 0 THENM THENM DTerm DTerm r[ 1] 0 THEN THEN Auto· Auto.
\\ 11.. ii :: ZZ 22 .. 88< > O] 01 THENA BY BY Decide Decide r[n THENA Auto Auto.· 1l\ \ 6. n n >>O 0 116. 1II1 BY DTerm DTerm rrm m + + 2] 0 THENM THENM DTerm DTerm rrn n - 11]1 0 0 THEN THEN Auto Auto.· 1i BY 21 0 \ \ 6 6.. ..., -~ (n (n > > 0) O) 1I BY m -- 3] 31 0 n+ 21 0 BY DTerm DTerm r[m 0 THENM THENM DTerm DTerm r[n + 2] 0 THEN THEN Auto Auto.· 1I II'- O 0 � < m --3 3 1I BY BY Suplnf SupInf THEN THEN Auto Auto
Types
6.3. GGeneralized 6.3. e n e r a l i z e d sstamps t a m p s pproblem roblem
Lemmata Nurpl Library. L e m m a t a ffrom r o m tthe h e SStandard tandard N urpl L ibrary. 'v' a , b : N N. . 00 iih � jj ll **jj22 Fl * ii2 2 _< nn< n ~f- k'v'iaa::N N , . k'v'n l n::N N ++. . 00 _� aarrem e m n n A/\ aarrem emn< 'v'a: Z . kin'Z 'v'n : Z --0o. . aa == (a (a -~ + nn)) ,*nn+ a+rae mrem ~f- kia:Z, n n ± jj ii == 4i ==j j VVi =i-=j -j == i
*T 9T rrem_bounds_l em_bounds_l *T 9T ddi i vv__rem_sum rem_sum *A pm_equal 9A pm_equal
b b II a a a==b b == 3 B cc':ZZ .. a . c* c *T divisor_bound fa : NN N +. +. a I b => 9T divisor_bound ~ 'v' kia" . . 'v'b kib:: N a lb ~ a a _< � bb *A 9A ddivides ivides
Newly Lemmata. N e w l y IIntroduced n t r o d u c e d Notions N o t i o n s and and L emmata. STAMPS STAMPS *T a= 9T ppm_equal_nat m_equal_nat k iaa::N N + +.. a = ± 4- 11 => ~ a a = = 11 f-~ 'v' *T fa ,b , c : Z . a 9T ddivisor_oCsub ivisor_of_sub ~ 'v' kia,b,c:Z, a II b b => ~ a a II cc => ~ a a II b b --c c ,b: Z *T 9T divisor_oCsub_self divisor_of_sub_self fF- 'v'a kia,b" Z .. a a II b b => ~ a a II b b -a a a *A 9A even even a is is even even == == 2 2 II a a a *A 9A oodd dd a iis s odd odd == == 2 2 II a a ++ 11 *T ,m: Z . m => odd f-~ 'v'b 9T oodd_mul dd_mul kib,m'Z, m **bbi sis o dodd d ~ b b iis sod d *T feven V 9T odd_or_even odd_or_even ~ 'v'z kiz:: Z Z .. z z is is even V z z is is odd odd *A aa and 9A stampproperty stampproperty and b b are a r e useful u s e f u l stamp stamp values values m :: N == 'v' k iii :: {{a a ++bb. .. ..}..} . 3 Bnn ,, m / V .. ii ==nn, a*+am+, bm * b
Proof P r o o f of o f the t h e 'Induction' ' I n d u c t i o n ' Step. Step.
*T 9T sstamp_pre t a m p _ p r e f~ 'v'a V a ,,bb': NN + + .. a a .-abstraction, A-abstraction, 68 68 >.A-calculus, -calculus, 68, 68, 755, 755, 759 759 lambda 696, 709, lambda notation, notation, 696, 709, 714 714 >.-term, )~-term, 68 68 language, language, 44 least 282, 387 least fixed fixed point, point, 282, 387 least least number number principle, principle, see see minimization minimization axaxiom iom leftmost leftmost branch, branch, 384 384 Leivant's Leivant's Principle, Principle, 488 488 length, 92, 103, 103, 425 length, 92, 425 length length induction, induction, see see induction induction axiom axiom length minimization, length minimization, see see minimization minimization axiom axiom see also size, proof length, length, proof, proof, 13, 13, 564, 564, see also size, proof level, level, see see type type level level Levy Levy hierarchy, hierarchy, 215, 215, 295 295 Lifschitz Lifschitz topos, topos, 457 457 limit limit ordinal, ordinal, 281 281 Li m , 211 Lira, 211 limited limited iteration iteration on on notation, notation, 104 104 limited limited recursion recursion on on notation, notation, 365 365 line, line, 721 721 linear linear arithmetic arithmetic (SupInf), (SupInf), 711 711 linear linear bounded bounded automata, automata, 99 99 linear linear implication, implication, 72 72 linear linear logic, logic, 70-74 70-74 MALL, 73 MALL, 73 linear 270, 286 linear order, order, LaO /.0(.),, 270, 286 linear linear proof, proof, 551 551 linear linear resolution, resolution, 24 24
804 804
Subject Index Index Subject
linear space, 99 linear time hierarchy, 99 linked list, 760 686, 754 754 Lisp, 686, list, 713 list type, 736 18, 598, 598, 642 literal, 18, ground, 62 negative, 19, 642 positive, 19, 642 LSb's Theorem, 122 Liib's local predicativity, 253 local reflection principle, 490 reflexive, 505 locally essentially reflexive, logic of proofs, 497 logic program, 649 allowed, 668 definite, 649, 649, 667 definite, general, 649 normal, 649 411-412,746 logic with partial terms (LPT), 41 1-412, 746 logical argument, 665 logical axiom, 5, 111, 176, 656 1 , 17, 176, logical consequence, 647 logical framework, framework, 685 logical implication, 28, 32 logical rule, 32, 656 Magari algebra, 485 magic rule, 707, 707, 709 part of an inference, 255, main part 255, 299, 299, see also also principal formula majorizable, 434, 434, 436 majorization hierarchy, 160 majorization properties, 159 majorize, 373, 434 354, 356, 356, Markov's principle 347, 352, 352, 354, principle (M), 347, 416 maximality, 460 131, see see also maximization axiom, 131, also minimization axiom meta-predicative, 268 metatheory, 488 Midsequent Theorem, 574 minimal logic, 48 minimization axiom, axiom, 86, 95 length (LMIN), 101,110 length 101, 110 MIN, 83, 110 minimization operator operator (#), (IL), 266, 377, 378 Mizar, Mizar, 691 ML, 754 modal logic completeness, completeness, 478
completeness completeness theorem, theorem, 480 480 modal modal operators operators D,O, 0 , 0 , 477 I-q,, 477 [J D,, !:::,. A,, 491 0 DR ,, 496 DR [> ~>,, 514 514 E., I:;i E + ,, 528 I:n, » >>,, 529 529 0 O,, 529 529 D,V,3,539 0 , 'v' , 3 , 539 modal modal propositional propositional logic, logic, 477 477 modal modal systems systems K,L,K4,S, K , L , K 4 , S , 477, 477, 478 478 $4, 481, 481,497 S4, 497 A,D, 487 487 A,D, CS,CSM, 492, 492, 493 493 CS,CSM, LP, LP, 497 497 IL,ILM, IL,ILM, 514 514 TOL,TLR,ELH, T O L , T L R , E L H , 529 529 Lq,S5, Lq,S5, 539 539 Sq, Sq, 539 539 QL,QS, QL,QS, 540 540 modality, modality, 73 73 modally modally expressible, expressible, 490 490 mode, mode, 665 665 mode mode assignment, assignment, 665 665 model, 647 model, 28, 28, 501, 501,647 modified modified realizability, realizability, see see realizability realizability Modula, 757 Modula, 757 module, 757, 760 module, 757, 760 Modulus Uniform Continuity 433 Modulus of of Uniform Continuity (MUC), (MUC), 433 modus modus ponens, ponens, 5, 5, 706, 706, 729 729 monotone monotone operator, operator, 269 269 monotonic, monotonic, 282 282 monotonicity monotonicity axiom, axiom, 493 493 Monotonicity Monotonicity Lemma, Lemma, 225 225 most most general general proof, proof, 568 568 move, move, 524, 524, 525 525 multiplicative multiplicative connective, connective, 71-73, 71-73, 733 733 multiply 189 multiply recursive, recursive, 189 N-interpretation, 342, 342, see see also also negative negative transtransN-interpretation, lation lation natural deduction, deduction, 47-48, 47-48, 69, 69, 600 600 natural natural numbers, 711 711 natural numbers, natural proofs, proofs, 134 134 natural ND-interpreted, 348 348 ND-interpreted, necessitation, 477, 477, 498 498 necessitation, negation as as failure, failure, 661 661 negation negative clause, clause, 19 19 negative negative formula, formula, 437, 437, 439 439 negative negative occurrence, 15 15 negative occurrence,
805 805
Subject S u b j e c t Index Index
negative negative translation, translation, 66, 66, 67, 67, 338, 338, 341, 341, 342, 342, 355, 355, 370, 370, 392, 392, 766 766 neighbourhood 426 neighbourhood function, function, 426 no-counterexample 54, 340, no-counterexample interpretation, interpretation, 54, 340, 355, 355, 362 362 node, 478 node, 221, 221,478 non-logical symbols, 81 non-logical symbols, 81 non-schematic non-schematic theory, theory, 117 117 norm, norm, 242 242 oo-norm, c~-norm, 216 216 norm norm function, function, 201 201 normal, normal, 498, 498, 499 499 normal form, form, 358 358 normal normal normal function, function, 212 212 normal normal modal modal logic, logic, 477 477 normalizable, normalizable, 358 358 normalization, normalization, 17 17 normalizing, normalizing, 358 358 Nullstellensatz, Nullstellensatz, 603 603 Number Number Theory, Theory, NT, NT, 232, 232, see see also also arithmetic arithmetic second-order, second-order, NT NT2,271 2 , 271 numeral, numeral, 81, 81, 116, 116, 119, 119, 220, 220, 409 409 numeral wise representability, numeralwise representability, 113 113 numerate, numerate, 504 504 Nuprl, Nuprl, 722 722 object, object, 757 757 object object assignment, assignment, 28 28 object-oriented object-oriented programming, programming, 758 758 occurs occurs check, check, 60 60 w-consistent, w-consistent, see see consistent consistent !1 gt function, function, 447 447 !1 451 gt functionset, functionset, 451 !1 powerset, 451 powerset, 451 !1 gt predicate, predicate, 447 447 !1 product, product, 447 447 w w provability, provability, 487, 487, 494 494 !1 relation, relation, 447 447 !1 set, 446 gt set, 446 one-way one-way function, function, 617 617 ontological ontological axiom, axiom, 216, 216, 217 217 Operations Operations Hereditarily Hereditarily Effective, Effective, 431 431 Hereditarily Hereditarily Recursive, Recursive, 430 430 operator, operator, 300 300 operator controlled derivable, operator controlled derivable, 301 301 operator operator controlled controlled derivation, derivation, 253, 253, 254, 254, 300 300 optimal optimal propositional propositional proof proof system, system, 626 626 oracle, oracle, 106 106 order 222, 288 order type, type, otyp, otyp, 212, 212, 221, 221,222, 288 ordered ordered pair, pair, 696 696 ordinal, 210, 280, see ordinal, 210, 280, see also also tree tree ordinal ordinal 229, 230 ordinal ordinal analysis, analysis, 229, 230
IIl n~-,-, 229 229
for for set set theories, theories, 321-331 321-331 of of NT, NT, 240 240 profound, profound, 263 263 K-, 219 ~-, 219 IIg-, II ~ 247 247 ordinal ordinal arithmetic, arithmetic, 156, 156, 193 193 ordinal ordinal notation, notation, 495, 495, see see also also tree-ordinal tree-ordinal ordinal ordinal of of aa formula formula
IIHl~,, 229 HIE, , 229 IFI nO ', 260 [F[Ho 260 2
ordinal ordinal of of aa theory theory IIA IIAxll ~, ' 216 216 x ll oo
IIA IIAxll ~,, 216 216 x II F IIA I Axll n2 , 217, 219 x II K , IIA IIAxll~, IIAxII~, x II Ei" IIIAxlln~, IIA x l 1 n' , 228 IIAxlln;, 228 n8 IIA IIAxll, x l l , :228 IIA [[Ax[[ ~cK, 229 CK , 229 x l 1 E71 ]Ell table table of of impredicative impredicative theories, theories, 332 332 ordinal operator, operator, 300 300 ordinal ordinal ordinal sum, sum, 212 212 ordinal ordinal term, term, 308 308 ordinal ordinal terms, terms, 308 308 Orey Orey sentence, sentence, 531 531 Orey Orey set, set, 531 531 output output argument, argument, 665 665 output output variables, variables, 665 665 pairing, 423, 429, 429, 445 pairing, 70, 70, 423, 445 pairing 177, 216, pairing axioms, axioms, 177, 216, 279 279 parameter parameter variable, variable, 33 33 parameters, parameters, par(-) par(-),, 258, 258, 300 300 paramodulation, paramodulation, 63 63 parentheses, parentheses, omitting, omitting, 5, 5, 26 26 Parikh Parikh provability, provability, 495 495 Parikh's Parikh's Theorem, Theorem, 87, 87, 112 112 partial partial combinatory combinatory algebra, algebra, 424 424 partial partial continuous continuous application, application, 426 426 Partial Partial Continuous Continuous Operations Operations (PCO), (PCO), 426 426 partial (per), 719, 719, 745, partial equivalence equivalence relation relation (per), 745, 746, 746, 748 748 partial recursive, partial recursive, 172 172 in in an an ordinal, ordinal, 217 217 Partial Partial Recursive Recursive Operations Operations (PRO), (PRO), 424 424 partial partial type, type, 759 759 Pascal, Pascal, 754 754 path, path, 221 221 Peano 175, 231,352, 231, 352, 721, Peano arithmetic, arithmetic, 84, 84, 175, 721, see see also also arithmetic arithmetic persistence, persistence, 170 170 � -Persistency, 280 E-Persistency, 280
806 806
S u b j e c t Index Index Subject
persistency downwards, 301 downwards, upwards, 301 Hi-completeness, II I -completeness, 494 pinning down, 267 pointer, 760 491,495 polymodal logic, 491, 495 393, 715, 715, 745 polymorphic, 393, polymorphic A-calculus, F, 394 polymorphism, 393 polynomial calculus, 604 polynomial growth rate, 98, 100 133, 134 Polynomial Local Search (PLS), 133, PLS function, 133 polynomial size tree (pst) proof, 564 polynomial time, 103, 103, 104, 104, 106 polynomial time hierarchy, 105-108 polynomially equivalent, 552 polynomially numerates, 578 polynomially simulates, 552 positive clause, 19 positive formula, 643 positive occurrence, 15, 282 positive resolution, 22 power type, 445 predecessor, 89, 423, 733 n-predecessor, 154 immediate n-predecessor, 154 predicate provability logic, 531 predicative, 268 Predicative Elimination Lemma, 237, 302 predicative polymorphism, 394, 398 predicativity, 267 prenexification, 51 E-preservativity, 488 b-preservativity, prime powers, 90 prime primes, 90 primitive notion, PN, 721 primitive recursion, 82, 96, 733 175, 189, 189, 219, 363, primitive recursive, 175, 363, 364 primitive recursive arithmetic, arithmetic, see see arithmetic primitive recursive function, 82, 96 defining equations, equations, 82 primitive recursive predicate, 96 PRWO, 264 primitive recursive well ordering, PRWO, principal principal formula, 12, 46, 110, 110, 112, 112, see see also also main main part part of an inference principal term, 308 probabilistically checkable checkable proofs, 550 product product topology, 9, 373 product product type, type, 429, 739 profound, 263
clause, 649 649 program clause, program program rules, rules, 656 656 stratified, 660 programs as deductive deductive systems, 655 programs as theories, 655 progressive, progressive, 187 187 Prog, Prog, 225, 225, 238, 238, 286 projection, 70, 96, 103 PROLOG, PROLOG, 64, 64, 668 668 proof, 550 length, length, see see length, length, proof sequence-like sequence-like (dag-like), (dag-like), 13, 13, 551 551 tree-like, 13, 550 proof proof by contradiction, 707 proof proof equality, equality, 723 723 proof expression, 708 116, 263, 263, 476, 476, 498, 499 proof predicate, 116, proof system associated associated to to theory, theory, 624 624 cutting plane, 604 cutting extension extension Frege, 592 Frege, 5-10, 591 Frege, 5-10, 591 bounded bounded depth, depth, 599 599 Groebner, Groebner, 604 604 Haj6s HajSs calculus, 601 Hilbert Hilbert style, style, 29, 29, 553 553 Nullstellensatz, Nullstellensatz, 603 603 polynomial polynomial calculus, calculus, 604 604 propositional, propositional, 550 550 optimal, 626 optimal, 626 quantified, quantified, 600 600 resolution, 18-26, 59-64, resolution, 18-26, 59-64, 598-599, 598-599, see see also also resolution resolution substitution Frege, substitution Frege, 591 591 proof theoretic proof theoretic ordinal, ordinal, 228, 228, see see also also ordinal ordinal of of aa theory theory proofs 679, 754 754 proofs as as programs, programs, 679, proposition, proposition, 694 694 category 694, 695 category Prop P r o p , , 694, 695 propositional propositional function, function, 695 695 propositional propositional logic, logic, see see Frege Frege system, system, proof proof system, quantified quantified propositional propositional logic system, logic and resolution resolution and and bounded bounded arithmetic, arithmetic, 619 619 and propositional rule, rule, 11,710 11, 710 propositional propositional theory, 484, 485 propositions as types, types, 724, 724, 752 752 propositions as proto-effective, 453 453 proto-effective, canonically, 453 453 canonically, provability logic, logic, 476, 476, 487, 487, 489, 489, 491,492 491, 492 provability provability predicate, predicate, 116 116 provability provably recursive, recursive, 87, 87, 173, 173, 199, 199, 202, 202, 248, 248, provably
Subject S u b j e c t Index Index 353, 354, 364, 370, 498, see 353,354, 364, 370,498, see also also definable definable function function in 189, 253, in P P AA, , 189, 253, 362 362 in P RovREC(T» , 173 173 in T T ((PROvREc(T)), provably 498, 587, 587, see provably total, total, 498, see also also provably provably recursive recursive Prover-Adversary 596 Prover-Adversary game, game, 596 pullback, 719 pullback, 719 pure pure proof, proof, 701 701 pure proposition, 700, 700, 701 pure pure propositional propositional function, function, 700 700 pure type, 343 pure type, 343 pure typed typed function, function, 701 701 pure Q, R (theories (theories of of arithmetic) arithmetic),, 82-83, 82-83, 507, 507, Q, R 513, 513, 560, 560, 579 579 quantified propositional propositional logic, logic, 600 600 quantified quantifier quantifier exchange exchange property, property, 100 100 quantifier quantifier rule, rule, 32, 32, 109, 109, 710 710 Quantifier Quantifier Theorem, Theorem, 286, 286, 287 287 quantifier quantifier theorem, theorem, hyperarithmetical, hyperarithmetical, 229 229 quasi tautology, 49, quasitautology, 49, 52 52 quotient quotient type, type, 719, 719, 720 720
ramified ramified analysis, analysis, 383, 383, 385 385 ramified ramified set set theory, theory, 294 294 Ramsey's Ramsey's theorem, theorem, 619 619 random random restriction, restriction, 607 607 range 715 range type, type, 715 rank, 297, 361, 525, 642, rank, 168, 168, 178, 178, 221, 221,297, 361,525, 642, 656 656 realistic, realistic, 485 485 realizability, 66, 407-462 realizability, 66, 407-462 abstract (;1;:), 424 abstract (r_), 424 extensional extensional (re,rne,rnet) (re,rne,rnet),, 439, 439, 440 440 function function (rf), (rf), 427, 427, 428 428 function function with with truth truth (rft), (rft), 427, 427, 428 428 Lifschitz Lifschitz (rIn, (rln, rlf), rlf), 437 437 modified 432, 434 modified (mr), (mr), 429, 429, 431, 431,432, 434 function function (mrf), (turf), 434 434 numerical 443, 457 457 numerical (mrn) (turn),, 434, 434, 443, with with truth truth (mrt), (tort), 431 431 naming naming conventions, conventions, 422 422 numerical 410, 413, 413, 418, 418, 442, numerical (rn), (rn), 408, 408, 410, 442, 444, 444, 446, 446, 455 455 numerical numerical with with truth truth (rnt), (rnt), 413, 413, 442, 442, 457 457 q, 422 q, 421, 421,422 sset et theory, theory, 458 458 realization, realization, see see arithmetic arithmetic realization realization realizational realizational instance, instance, 532 532 record record type, type, 756, 756, 764 764 � -Recursion Theorem, E-Recursion Theorem, 281 281
807 807
recursion, recursion, see see bar bar recursion, recursion, limited limited recur recursion, primitive primitive recursion, transfinite re sion, recursion, transfinite recursion cursion recursion recursion operator, operator, 425 425 recursive, recursive, 172 172 ,-recursive REC(,),» ),, 172, 7-recursive ((REC(~/) 172, see see also also descendescendent dent recursive recursive recursive recursive comprehension comprehension (RCA), (RCA), 371 371 recursive recursive type, type, 760 760 recursively recursively inaccessible, inaccessible, 289 289 recursively 228, 304 recursively regular, regular, 228, 304 recursor, 232, 344, recursor, 232, 344, 345, 345, 348, 348, 349, 349, 360, 360, 362, 362, 364, , 763 364, 378, 378, 387, 387, 429, 429, 734, 734, 737, 737, 761 761,763 redex, 358 358 redex, reduced reduced sequence, sequence, 222 222 reduces, reduces, 358 358 reduces reduces in in one one step, step, 358 358 reducibility reducibility candidate, candidate, 397 397 reducible, 222, 358, reducible, 222, 358, 359 359 Reduction 256, 302 Reduction Lemma, Lemma, 235, 235, 256, 302 refinement refinement logic, logic, 704 704 �-Reflection, E-Reflection, 280 280 reflection reflection principle, principle, 217, 217, 218, 218, 280, 280, 281, 281, 490, 490, 624 624 iterated, iterated, 495 495 reflexive, reflexive, 505 505 reflexivity, reflexivity, 86 86 reflexivity reflexivity axiom, axiom, 494 494 regular regular axiom axiom system, system, 248 248 regular regular counterwitness, counterwitness, 504 504 regular 11 regular ordinal, ordinal, 2211 regular regular ordinals ordinals (Reg) (Reg),, 304 304 topological topological closure closure Reg Reg,, 304 304 regular regular term, term, 308 308 regular regular witness, witness, 504 504 relation relation symbol, symbol, 26 26 relative relative translation, translation, 501 501 relativization, 18, 216 relativization, 1118, 216 Relativized -Recursion Theorem, Relativized � E-Recursion Theorem, 284 284 relativizing relativizing formula, formula, 501 501 remainder, remainder, 89 89 �-Replacement, E-Replacement, 280 280 replacement, 109, 1110, 10, 112, replacement, 84, 84, 94, 94, 109, 112, 135, 135, 412, 412, 445, 445, 447, 447, see see also also collection collection and a n d strong strong replacement replacement resolution, 18-26, 59-64, 598-599 resolution, 18-26, 59-64, 598-599 ground, ground, 62 62 hyper-, hyper-, 22 22 input, input, 24 24 linear, linear, 24 24 negative, negative, 23 23 positive, positive, 22 22
808 808
Subject S u b j e c t Index Index
positive unit, unit, 25 25 positive R-resolution, 61 61 R-resolution, semantic, 23 23 semantic, set of of support, support, 23 23 set SLD, 26, 640, 640, 661 SLD, SLDNF, 640, 640, 661 661 SLDNF, unit, 24 resolution proof, 20 20 resolution resolution refutation, refutation, 19, 19, 598 598 resolution resolution rule, rule, 19, 19, 598 598 resolution 19, 61, 61,664 resolvent, 19, 664 restricted arithmetic (Arith), 711 restricted quantifiers, 215 371,766 reverse mathematics, 371 , 766 rewrite system, 358 (RP),, 457 Richman's Principle (RP) see Q, R Robinson arithmetic, see root, 478 Rosser ordering, 496 Rosser Rosser provability, 120, 120, 495, 496 121,496 Rosser sentence, 121, 496 Rosser's Theorem, 120 run time typing, 755
satisfiable, 4, 19, 28 satisfied, 28 satisfy, 28, 61 115, 117, 117, 552, 554 schematic theory, 115, Scheme, 755 scope, 704, 734 221,222, search tree, 221, 222, 228 Second Incompleteness Theorem, 121, 121, 137, 476, 583 formalized, 506 order logic, 271 second order self-realizing, 415 self-reference, 118 self-referential, see see Diagonal Diagonal Lemma Lemma semantic semantic resolution, 23 semantic semantic tableau, tableau, 36 Semantical Main Lemma, 223 Semantical semantics, 27 semi-formal calculus, calculus, 231,234, 231 , 234, 298 semiformula, 31 semiterm, 31 sentence, sentence, 27 sentential sentential rule, rule, 317 317 separated, separated, 453 453 canonically, canonically, 453 453 A-Separation, fl. -Separation, 280 280 separation, separation, 216, 216, 321 321 Separation Separation axiom, axiom, 216 216 sequence, sequence, 713 713
sequence sequence coding, coding, 91-94 91-94 sequence-like sequence-like proof, proof, see see proof proof sequent, sequent, 10, 10, 705 705 empty, empty, 10 10 initial, initial, 11 11 upper, upper, lower, lower, 11 11 sequent 600 sequent calculus, calculus, 10, 10, 31, 31,600 LJ, LJ, 64 64 LK, LK, 32 32 PK, PK, 11 11 sequential sequential theory, theory, 560, 560, 562 562 set set existence existence axioms, axioms, 216 216 set set of of support support resolution, resolution, 23 23 set set terms, terms, 295 295 set set theory, theory, 718 718 set set type, type, 718 718 Shanin's Shanin's algorithm, algorithm, 422 422 sharply sharply bounded bounded quantifier, quantifier, 82 82 side side formulas, formulas, 12 12 signature, signature, 758 758 simple simple contradiction, contradiction, 596 596 Simula, Simula, 755 755 simulate, simulate, 624 624 simultaneous simultaneous inductive inductive definition definition (SID), (SID), 676 676 size size proof, 142, 551, proof, 142, 551, see see also also length, length, proof proof term, term, 567 567 skeleton, 42, 114, skeleton, 42, 114, 568 568 Skolem Skolem function, function, 50 50 Skolem functional, Skolem functional, 377, 377, 378, 378, 386 386 Skolemization, Skolemization, 50, 50, 346 346 slash I ), 420-421 slash (([), 420-421 Aczel, 421 Aczel, 421 SLD, SLD, SLDNF, SLDNF, see see resolution, resolution, completeness, completeness, and a n d soundness soundness slow-growing hierarchy, 152, 157, 157, 194 194 slow-growing hierarchy, 152, slow-growing operator, G, 152, 156 156 G , 152, slow-growing operator, smash function function (( ##) ),, 81, 81, 99, 99, 100 100 smash social proof, proof, 22 social Solovay function, function, 482 482 Solovay sorting, 393 393 sorting, sound, 480 480 sound, soundness soundness first-order, 30, 30, 33 33 first-order, HAW , 432 432 HA~, HA HA'I ,, 438 438 HA* , 414 414 HA*, strong, 414, 414, 417, 417, 420 420 strong, weak, 414, 414, 417 417 weak, implicational, 6, 6, 13 13 implicational, intuitionistic many-sorted, many-sorted, 448, 448, 449 449 intuitionistic modal logic, logic, 478 478 modal
Subject S u b j e c t Index Index propositional, 6, 6, 13 13 propositional, resolution, 19 19 resolution, SLDNF, 669 669 SLDNF, space representable, representable, 161 161 space sparse set, set, 626 626 sparse species, 392 species, Spector(-Howard) interpretation, 367 Spector(-Howard) Spector-Gandy Theorem, Theorem, 286 Spector-Gandy spectrum II~-spectrum, 228 rrt -spectrum, 228 20-spectrum, 246 LY -spectrum, 246 H~-spectrum, 247 rrg speed up, 497 speed square root, 90 square 215, 295 stage in constructible hierarchy, 215, stg, 295 stg, stage of an inductive inductive definition, 269, 269, 281 stage standard interpretation, 295 starting function, 242 static typing, 755 stratification, 728 stratified program rules, 660 411,447 strict, 411, 447 strong fragment, 81 strong inference, inference, 111, 1 , 32 strong interpretation, 502 109, 110 strong replacement, 96, 109, strongly critical, 214, 308 SC,, 214 SC strongly strongly critical critical components, components, SC, SC, 305 305 strongly normalizable, 358 strongly normalizing, 358 strongly positive, 388 structural rule, 11,301,317, structural 11, 301, 317, 708, 710 structure, 27 adequate, 650 equational, 648 four-valued, 644 free term, term, 670 Herbrand, Herbrand, 645 lower three-valued, 644 two-valued, 644 644 upper upper three-valued, three-valued, 644 structured structured tree-ordinal, tree-ordinal, see see tree-ordinal subformula, subformula, 704 subformula subformula property, property, 13, 13, 111,573 111, 573 subobject subobject classifier, classifier, 719 substitution, substitution, 5, 5, 27, 27, 59, 59, 116, 116, 341, 341, 567, 567, 648, 648, 728, 734 closed closed under, under, 33 empty, empty, 648 variable variable renaming, renaming, 59
809 809
substitution substitution Frege Frege system, system, 591 591 substitution substitution operator, operator, 232 232 substitution substitution rule, rule, 591 591 subsume, subsume, 22 22 subsumption, subsumption, 22 22 subtheory, subtheory, 501 501 subtraction, subtraction, 89, 89, 349 349 subtree subtree ordering, ordering, 154, 154, 193 193 subtype, subtype, 693 693 succedent, succedent, 10 10 successor, successor, 96, 96, 103, 103, 220, 220, 232, 232, 344, 344, 360, 360, 409, 409, 423, 423, 429, 429, 516 516 successor 304 successor ordinal, ordinal, 211, 211,304 superarithmetic superarithmetic theory, theory, 504 504 superexponentiation, superexponentiation, 37, 37, 81, 81, 138, 138, 139 139 support, support, set set of, of, 23 23 supremum, supremum, 211 211 surjection, surjection, 445 445 Suslin Suslin quantifier, quantifier, 384 384 switching switching lemma, lemma, 618 618 symmetric symmetric sum, sum, 213 213 Syntactical Syntactical Main Main Lemma, Lemma, 223 223 system system F, F, 394 394
T -predicate, Kleene's, T-predicate, Kleene's, 409 409 tableaux tableaux proof, proof, 704 704 tactic, tactic, 709 709 tactic tree tactic tree proof, proof, 766 766 tactical, tactical, 709 709 tail, 125, 714 tail, 125, 714 tail tail model, model, 480, 480, 490 490 Tait 165, 220, 220, 232 Tait calculus, calculus, 16-18, 16-18, 165, 232 Takeuti's Takeuti's conjecture, conjecture, 398 398 Tarski's Tarski's conditions, conditions, 560 560 tautological tautological implication, implication, 44 tautology, tautology, 4, 4, 505 505 Tautology Lemma, 233 Tautology Lemma, 233 tautology rule, rule, 317 317 tautology term, 26, 31, 220, 642, 642, 703 703 term, 26, 31,220, A-calculus, 68 68 A-calculus, term model, 357, 357, 358 358 term model, terminal, 739 739 terminal, tertium non non datur, datur, see see excluded excluded middle, middle, law law tertium of of theory, 29, 29, 501 501 theory, theory delimiters, delimiters, 722 722 theory theory of of implication, implication, 600 600 theory thin, 708 708 thin, thread, 221 221 thread, three-valued closure closure ordinal, ordinal, 653 653 three-valued TOL model, model, 530 530 TOL tolerance, 503, 503, 528-530 528-530 tolerance, topos, 421,441,451,452, 421, 441, 451, 452, 457, 457, 461,719 461, 719 topos,
810 810
topos theory, theory, 719 719 topos transfer, 525 525 transfer, transfinite induction, induction, ssee ee induction induction transfinite transfinite recursion, recursion, 211,281 211, 281 transfinite transitive, 210 210 transitive, transitivity, 86 86 transitivity, translation, 501 501 translation, tree, 221 221 tree, tree of of knowledge, knowledge, 722 722 tree tree relation, relation, 222 222 tree proof tree-like proof, proof, see tree-like see proof tree-ordinal, 154, 154, 191,386 191, 386 tree-ordinal, finite type type theory theory (OR"{), ( OR'j'), 386, 386, 387 387 finite structured, 154, 198 198 structured, 154, trichotomy, 86 86 trichotomy, truth, 28, 501 501 truth, 28, truth assignment, assignment, 3, 3, 702 702 truth truth complexity, complexity, 219 truth 219 t e , 224, tc, 224, 297 297 truth definition, definition, 137, truth 137, 139, 139, 142, 142, 220 220 truth provability logic, logic, 487 truth provability 487 truth value, value, 694 truth 694 contradictory, contradictory, 643 643 false, 643 643 false, true, 643 true, 643 undefined, 643 undefined, 643 type, 68, 68, 342, 342, 692, 692, 703 703 type, of aa term, term, 343, 343, 429 429 of type assumption, type assumption, 703 703 type level, level, 343, 343, 452 type 452 type type structure, structure, 343 343 type type system, system, 748 748 type type theory, theory, 726, 726, 767 767 typed typed A-calculus, A-calculus, 755 755 typed typed propositional propositional formula, formula, 703 703 typing typing context, context, 703 703 typing judgment, 698, 698, 735 typing judgment, 735 unbounded unbounded quantifier, quantifier, 82 82 unbounded unbounded set, set, 211 211 uncountable uncountable cardinal, cardinal, 304 304 unification, 55, 59, 59, 567, unification, 55, 567, 648 648 unification unification algorithm, algorithm, 60-61 60-61 Unification Unification Theorem, Theorem, 60 60 unifier, unifier, 59, 59, 567, 567, 648 648 most most general, general, 60, 60, 567, 567, 648 648 uniform, uniform, 452 452 canonically, canonically, 452 452 Uniform Uniform Continuity Continuity Modulus Modulus of, of, 433 433 Uniformity Uniformity Principle Principle (UP), (UP), 442, 442, 453 453 Uniformity Uniformity Rule Rule (UR), (UR), 443 443 union union axiom, axiom, 216, 216, 279 279
Subject Index Index Subject union type, 756 unique unique factorization, factorization, 90 90 unit unit clause, 24 unit unit resolution, resolution, 24 24 unit unit type, type, 700, 700, 735 735 universal closure, universal closure, 32 32 universe, universe, 27, 27, 394, 394, 398-400, 398-400, 744 744 universe rules, 744 unpairing, unpairing, 429 429 unrestricted unrestricted quantifiers, quantifiers, 215 215 unsecured 277, 287, unsecured sequences, sequences, 230, 230, 277, 287, 290 290 untyped A-calculus, A-calculus, 755, 755, 759 759 untyped unwinding, 338 unwinding, 338 upward upward persistency, persistency, 301 301
valid, 28, 28, 32, 32, 448, 448, 478, 478, 535, 535, 647, 702 valid, 647, 702 valid element, 701 valid formula, 4 valid inference, 115 variable, 3, 3, 26, 26, 702 variable, 702 free and and bound, 734 free bound, 31,703, 31, 703, 704, 704, 734 variant, 648 term, 42 term, 42 Veblen Veblen function, function, 214 214 Veblen hierarchy, hierarchy, 383 Veblen 383 Veblen 214 Veblen normal normal form, form, 214 Veltman frame, Veltman frame, 515 515 very very dependent, dependent, 765 765 very function, 764 very dependent dependent function, 764 very type, 764 very dependent dependent type, 764 very very weak weak fragment, fragment, 81 81 Visser frame, frame, 530 530 Visser Weak Continuity Continuity (WC), (WC), 434 434 Weak Weak Weak Extended Extended Church's Church's Thesis Thesis (WECT), (WECT), 440 440 weak weak fragment, fragment, 81 81 weak weak inference, inference, 11 11 Weak Weak Konig's KSnig's Lemma Lemma (WKL), (WKL), 371, 371,374 374 Weakening Weakening Lemma, Lemma, 167 167 weakening weakening rule, rule, 11, 11, 73 73 weakly -consistent, 119 weakly w w-consistent, 119 weakly weakly compact compact cardinal, cardinal, 331 331 weakly weakly inaccessible, inaccessible, 304 304 weakly weakly interpretable, interpretable, 503, 503, 528 528 weakly weakly introduced, introduced, 43 43 weakly weakly positive, positive, 388 388 well 222 well founded, founded, 221, 221,222 Wf(-
