STUDIES IN LOGIC AND THE FOUNDATIONS OF MATHEMATICS VOLUME 122
Editors:
J. BARWISE, Stanford D. KAPLAN, Los Angeles H. J. KEISLER, Madison P. SUPPES, Stanford A. S. TROELSTRA,Amsterdam
NORTH-HOLLAND AMSTERDAM -NEWYORK -OXFORD -TOKYO
LOGIC COLLOQUIUM '85 Proceedings of the Colloquium held in Orsay, France July 1985
Edited by
THE PARIS LOGIC GROUP CNRS-Universite Paris VII Paris, France
19S7
NORTH-HOLLAND AMSTERDAM -NEWYORK -OXFORD -TOKYO
©
ELSEVIER SCIENCE PUBLISHERS B.Y., 1987
All rights reserved. No part ofthis publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission ofthe copyright owner.
ISBN: 0 444 70211 3
Published by:
Elsevier Science Publishers BV P.O. Box 1991 1000 BZ Amsterdam The Netherlands Sole distributors for the U.S.A. and Canada:
Elsevier Science Publishing Company, Inc. 52 Vanderbilt Avenue New York, N.Y. 10017 U.S.A.
Library of Congress Cataloging-in-Publication Data
Logic Colloquium (1985 : Orsay J France) Logic Colloquium '85. (Studies in logic and the foundations of mathematics 122) Engl ish and French. 1. Logic, Symbolic and mathematical--Congresses. I. Equipe de logique mathemat fque (Paris. France) II. Title. III. Series. QA9.AlL63 1985 511.3 87-8939 ISBN 0-444-70211-3 (U.S.)
PRINTED IN THE NETHERLANDS
Jean van Heijenoort (1912-1986)
P~F~E
Logic Colloquium'85, the European Summer Meeting of the Association for Symbolic Logic, took place in Orsay, near Paris, from 7th July to 13th July, 1985.
It was organized by the Paris Logic Group (Equipe de Logique
Mathematique, Unite Associee 753, C.N.R.S. - Universite Paris VII).
It
was supported by the Association for Symbolic Logic, the Centre National de la Recherche Scientifique (C.N.R.S.) and the Societe Mathematique de France.
Additional financial support was received from UNESCO, Ministere
de l'Education nationale, I.B.M. France and Thomson.
The organizing com-
mittee consisted of: C. Berline, M. Dickmann, J.L. Krivine, D. Lascar, A. Louveau, M. Parigot, E. Pelz, Y. Rav, J.P. Ressayre, G. Ruggiu and G. Sabbagh.
The program committee consisted of: K. Apt, J. Bouveresse,
S. Feferman, H. Gaifman, J.Y. Girard, W. Hodges, J.L. Krivine, D. Lascar, K. McAloon, M. Nivat and G. Sabbagh.
The main topics chosen for the Collo-
quium were: Model Theory and its applications; Proof Theory; Computer Science in relation to Logic; Philosophy in relation to Logic. twenty-nine invited lectures on these subjects. persons attended the meeting.
There were
More than three hundred
The present volume constitutes the proceed-
ings of the Colloquium. On
behalf of the organizing committee, we wish to thank the above-
mentioned institutions for their financial support, the members and collaborators of the Paris Logic Group for their effort to secure the success of the conference, the Universite Paris-Sud (Orsay) for having offered its facilities, and the referees of the papers contributed to this volume.
We
want to record our gratitude to Mme. C. Orieux for her invaluable help during the organization of the Colloquium and the edition of these proceedings. The present volume has been edited by Ch, Berline, E. Bouscaren, M. Dickmann, J.L. Krivine, D. Lascar, M. Parigot, E. Pelz and G. Sabbagh. When this volume was under preparation, we received the sad news of the unexpected death of Jean van Heijenoort. logician and remarkable human being. speakers at the Colloquium.
He was a distinguished
He was also one of the invited
We dedicate this volume to his memory. The Editors
MESSAGE DU DIRECTEUR GENERAL DE l'ORGANISATION DES NATIONS UNIES POUR L'EDUCATION, LA SCIENCE ET LA CULTURE A L'OCCASION DE LA REUNION DE L'ASSOCIATION DE LOGIQUE SYMBOLIQUE. (Orsay, juillet 1985)
Parmi les domaines de l'activite intellectuelle peu connus du grand public, du fait de leur nature technique hautement specialisee, figurent celui de la logique mathematique. Avec les disciplines auxquelles elle a donne naissance - telles que la theorie des modeles et l'informatique - la logique mathematique n'en penetre pas moins, directement ou indirectement, toute la pensee humaine contemporaine. II y a quelque cent trente annees que Georges Boole, fondateur de la logique symbolique, exposait pour la premiere fois son systeme. Depuis, on a assiste
a une
extraordinaire explosion des technologies
utilisant les resultats de ses travaux, ainsi que ceux de quelques autres, tels Gottlob Frege, Giuseppe Peano et Kurt Gadel. La pensee algorithmique a ainsi amplement prouve son exceptionnelle fecondite. Nous sommes ici, en effet, dans un domaine ou la technologie appliquee s'articule presque directement
a
l'effort conceptuel. Tant
il est vrai que la logique mathematique, aussi abstraite soit-elle, ne perd jarnais de vue son intention pratique, bien qu'elle ne puisse deviner toutes les applications sur lesquelles elle est susceptible de deboucher. Je souhaite que votre Congres apporte une fructueuse contribution aux echanges scientifiques internationaux, faisant ainsi progresser un dialogue dont la science n'a cesse de multiplier les exemples les plus eloquents.
Amadou-Mahtar M'Bow
xi
LIST OF LECTURES One-hour lectures were given as follows G. AHLBRANDT, Eastern Michigan University (U.S.A.) Almost strongly minimal totally categorical theories. S.A. BUECHLER, University of Wisconsin, Milwaukee (U.S.A.) "Geometrical" Stability Theory. G.L. CHERLIN, Rutgers University, New Jersey (U.S.A.) Homogeneous directed graphs. E.M. CLARKE, Carnegie - Mellon University, Pittsburgh (U.S.A.) Automatic verification of finite state concurrent systems. P. CLOTE, Boston College, Massachussets (U.S.A.) Subtheories of Peano arithmetic. M.F. COSTE-ROY, IRMAR, Rennes (France) The role of logic in real algebraic geometry. B. COURCELLE, University of Bordeaux I (France) Proofs of partial correctness for iterative and recursive computations. Yu. L. Ershov, Institut of Mathematics, Novosibirsk (U.S.S.R.) RRC-Fields. R. FAGIN, IBM Research Center, San Jose, California (U.S.A.) A model theory of knowledge. L. HARRINGTON, University of California, Berkeley (U.S.A.) Lachlan's finite homogeneous structures. J. Van HEIJENOORT, Brandeis University, Massachussets (U.S.A.) Systeme et metasysteme chez Russell. G. HUET, INRIA, Rocquencourt (France). Applications informatiques de la theorie des constructions. D. ISAACSON, Oxford University (United Kingdom) Arithmetical truth and hidden higher-order concepts.
List of Lectures
xii
G. JAEGER, ETH, Zurich (Switzerland) Some
proof-theoretic constributions to theories of sets.
L.A.S. KIRBY, City University of New-York (U.S.A.) and Univ. of Paris 7 (France) Models of arithmetic and toposes with finiteness conditions. D. LEIVANT, Carnegie-Mellon University, Pittsburgh (U.S.A.) Relational quantifiers and reasoning about programs. M. MAKKAI, Mc Gill University, Montreal (Canada) Codensity theorems as categorical expressions of completeness. K.L. MANDERS, University of Pittsburgh, Pennsylvania (U.S.A.) Logic and conceptual relationships. P. PAPPINGHAUS, University of Hannover (Federal Republic of Germany) Ptykes in GODEL's
T and Kripke-Platek set theory.
A. PILLAY, University of Notre Dame, Indiana (U.S.A.) Definable sets in ordered structures. A. PNUELI, Weizmann Institut, Rehovot (Israel) The application of temporal logic for the specification and verification of reactive systems. B. POIZAT,
University of Paris VI (France)
Stable groups. D. PRAWITZ,
University of Stockholm (Sweden)
Proof theory and Dummett's program for a theory of meaning. A. SCEDROV, University of Pennsylvania (U.S.A.) Intuitionistic set theory: metamathematics and applications. U. SCHMERL, University of Munich (Federal Republic of Germany) Criteria for the independence of diophantine equations in fragments of arithmetic. A.L. SELMAN, Iowa State University (U.S.A.) A complexity-theoretic foundation for public-key cryptography. W. THOMAS, RWTH Aachen (Federal Republic of Germany) Formal languages and first-order logic. H. WOODIN, California Institute of Technology Pasadena, California (U.S.A.) Ideals on
W
1-large cardinals and determinacy.
JEAN VAN HEIJENOORT
(1912 - 1986)
Jean van Heijenoort was killed in tragic circumstances on March 29, 1986 during a brief visit to Mexico City. To most readers of this volume he was best known as a logician, philosopher, and editor and historian of mathematical logic. But he also had two other quite different careers to which he devoted a good part of his life and energy. In the years between 1932 and 1946 he was a full-time political activist committed to the ideals of Marxism as set forth by Leon Trotsky ; and from 1940 until his death. he was an historian and archivist of political history. Jean van Heijenoort was born in 1912, in Creil. France, in the region of the Oise River. His mother. Charlotte Helene Baligny was, by all accounts. a remarkably intelligent and
resourceful woman whose formal
education had been cut short at age eleven when she was obliged to go to work as a domestic. His father, Jean Theodore van Heijenoort, was an immigrant from
Delft who came to the industrial area of Northern France
looking for work and was hired as a design painter in the large safe factory in Creil. Two events. one historical and one personal, had a profound effect upon van Heijenoort : the World War that began in 1914. not long after his second birthday. and his father's traumatic death right at the beginning of that war. All the experiences of his early years were colored by his having grownup in the immediate vicinity of the battlefields and bombing targets where dying was an everyday thing. His own father's death had an even more directly distressing effect on his emotional state. Yet these adversities and sorrows did not seem to hamper young Jean's success as a student. In the provincial milieu where almost no one went beyond primary school. Jean was recognized as brilliant and encouraged by his teachers and his mother to continue hi.s education. By winning a "bourse complete". a full board scholarship. in the regional examinations. he was admitted to the district secondary school at Clermont-de-l'Oise.
A. Burdman Feferman and S. Feferman
2
After seven years as an "interne" there, enduring the discipline of boarding school life but also "absorbing knowledge", as he used to say, van Heijenoort finished with a double baccalaureate in mathematics and philosophy, a string of prizes for excellence, and a full scholarship, to the Lycee St. Louis in Paris. At St. Louis, van Heijenoort became a member of "la classe des taupes", the group
of advanced mathematics students preparing for the
Ecole Normale Superieure. At the same time he became deeply involved in Marxist politics and joined a small but very active Trotskyite organization, the Ligue Communiste. In June 1932, asked him if he would be
a leading member of the group
willing to go to Turkey to work as Trotsky's
secretary, translator, and bodyguard. Trotsky had been in exile there since 1929 ; van Heijenoort had never met nor even seen him, but his commitment was already so deep and his reverence for the man so great that he did not hesitate to accept. Thus, at the end of his two-year preparatory program at the Lycee, instead of taking entrance exams for the Ecole Normale Superieure, he left Paris and went to Prinkipo, an island in the Sea of Marmora. The choice, which in the climate of the mid-1980s may seem extreme, was less so in the early 1930s when there was an economic depression, a general feeling of turbulence and anxiety throughout Europe, and deep fears about Hitler's imminent take-over of Germany. From 1932 until 1939, van Heijenoort lived, worked and traveled with Trotsky in Turkey, France, Norway and Mexico. Ten months before Trotsky's assassination, he left Kexico for the United States to be on his own for a while, but he was still fully committed to Marxism. In New York, he continued to work with the Trotskyite movement as International Secretay of the Fourth International until the end of World War II. Then came the disillusionment. During the years following the war, for the reasons he gave in the afterword to
With Trotsky in Exile, van
Heijenoort went through the painful process of shedding the beliefs to which he had been so strongly committed. "By 1948," he wrote, "Bolshevik ideology was, for me, in ruins. I had to build another life". The other life to which he devoted himself for the next forty years was mathematics and mathematical logic. He resumed his studies at New York
Jean van Heijenoort(J912-1986)
3
University in 1945, did a thesis in differential geometry under J.J. Stoker, and was awarded a Ph. D. in 1949. He was then appointed as an Assistant Professor at NYU, where he remained for sixteen years, teaching mathematics and logic. By the mid-1950s, van Heijenooirt's interest had shifted away from classical mathematics, and he took up logic and the foundations of mathematics. He read widely and was largely self-taught in these areas, but he was for a time guided by G. Kreisel who became something of a mentor and also a close and lasting friend. His style, however, was always his own. Between 1962 and 1964 he taught logic at Columbia University, and in 1965 he accepted the position of Professor in the Philosophy Department of Brandeis University. The move brought van Heijenoort into closer contact with the logicians in the Boston-Cambridge area, notably Burton Dreben, W.V. Quine and Judson Webb, some of whom he already knew from his work on the source book, From- Frege to Godel. Unlike other apostate Marxists, van Heijenoort did not make a sharp turn to the political "right. Although, on a personal level, he was decidedly uncommunicative about his past, he did not cut himself away from it. On the contrary, he felt a particular responsibility to transmit what he knew about the history of Trotsky's thought and activity. Without realizing it, he had begun his career as "archivist" when he joined Trotsky in Prinkipo and helped create the documents that would later be part of the great Trotsky collections at Harvard's Houghton Library and the Hoover Library at Stanford. Among those in Trotsky's service, it was van Heijenoort who was most responsible for the files and most aware of their value to future historians. After Trotsky's death, he was retained by Harvard as a consultant, bibliographer, and expert in special acquisitions. More recently, in connection with the fortuitous discovery of letters and documents missing since the mid-1930s, van Heijenoort was called upon by Hoover to explain and "decode" the letters between Trotsky and his son, Lev Sedov. Revolutionary history was only a small part of what van Heijenoort knew ; he was well informed on all political subjects and movements, old and new. In the year before he died, he was reading Thucydides with great
A. Burdman Feferman and S. Feferman
4
appreciation and planning an essay comparing Thucydides' view of history with Trotsky's. Beyond politics, he read widely and was knowledgeable in many areas. He also had a strong interest in the visual arts and was very receptive to anything new or different. He loved movies and would talk about films at length. The news of van Heijenoort's untimely death came as a terrible shock to his many friends and colleagues. He was esteemed as a gentle man of high integrity and deep loyalties, not given to personal revelation except to those closest to him. His wide range of interests and broad knowledge brought him into contact with people in many different fields, and although he described himself as shy, he was far from anti-social. He was always interested in meeting new people, as well as seeing old friends. Occasionally, he would shed his everyday reserve and become surprisingly expansive. It was always a treat to see him in that mood. He is and will continue to be deeply missed and mourned.
Jean van Heijenoort's most important scholarly contributions are in the history and philosophy of logic. In the historical work, as in the political and archival work mentioned above, his natural gifts as a linguist stood him in good stead. He had learned Latin, Greek and German in school and had taught himself Russian before going to Turkey to work with Trotsky in 1932. Later, of course, he was to learn Spanish and English, as well as a smattering of other languages. His major historical contribution is the source book in mathematical logic, From Frege to Godel (published in 1967), of which he was the editor, on which he worked for nearly a decade. The volume consists of a selection of important and representative articles, or extracts from such, in the period 1879-1931 (a crucial one for modern logic). All the foreignlanguage pieces are carefully translated into English,
and for each article
an introductory note provides information concerning its background, contents and further influences. In the translations van Heijenoort was assisted primarily by his f r i e-nd and former student, S. Bauer-Mengelberg, while with the introductory notes he was assisted by his colleagues B. Dreben, C. Parsons, W.V. Quine and H. Wang.
Jean van Heijenoort (J 912-1 986)
5
The Source Book has attained the status of a classic. In the words of W. V. Quine, its publication " was second only to what
[Alonzo]
Church had contributed in molding the Journal of Symbolic Logic". Noted for its impeccable scholarship, it has been of great value in making a body of primary material (formerly accessible only
to specialists)
available to a wide audience of both professionals and students in logic and neighboring fields. In 1968, soon after the publication of the Source Book, van Heijenoort produced a French edition of the logical works of Jacques Herbrand. (An English edition was provided later by W. Goldfarb). Van Heijenoort clearly had a special interest in and attachment to Herbrand just the year before his death he became engaged in a new editorial project, under the sponsorship of the French government, to produce a complete edition of Herbrand's logical and mathematical work. When, at the beginning of 1982, the time and circumstances seemed propitious to undertake a complete edition of the works of Kurt Godel, van Heijenoort was enthusiastic about the project and agreed to assist as co-editor. In many respects the plan for this work took van Heijenoort's source book as a model, and his care and standards were exercised throughout. His meticulous attention to detail, although sometimes exasperating, also had many beneficial effects. From 1982 on, van Heijenoort lived mainly at Stanford and during that period he was deeply engaged in the work on Volumes I and II of Godel's works. (Volume I appeared before his death and Volume II is due to appear by early 1987). Van Heijenoort had also begun work on some unpublished manuscripts of Godel, intended for Volume III. Because of his special interest in Herbrand, he was particularly excited by the discovery in Godel's Nachlass
of the 1931 correspondence, long believed lost, between
Herbrand and Godel, an exchange that led to the fundamental notion of general recursive function. The papers and notes that van Heijenoort wrote over the years on logic and its philosophy have been reproduced in his Selected Essays (1986) ; these are either directly historical or historically informed. Most interesting among the essays of the former kind is his lengthy paper on Herbrand's logical work. A recurrent theme in other papers is that of logica utens vs. logica magna, i.e., logic as a tool for use in various
6
A. Burdman Feferman and S. Feferman
specific situations or structures (Schroder, Lowenheim, Hilbert, etc.) vs. logic as a universal all-encompassing system (Frege, Russell, etc.) van Heijenoort allies himself with the former tendency and against the latter. An early expression of this is to be found in his paper Logic as calculus and logic as language (1967), and a more mature one in the paper Absolutism and relativism in logic (1979) . The more philosophical of his essays are concerned with such topics as Frege's notion of sense, the logical and philosophical problem of vagueness, and the relation of settheoretical semantics to problems of the semantics of natural language. Typically these papers are directed to a few significant points, but contain along the way many apercus. The style is unhurried but succinct, precise but unfussy, clear and graceful; the point of view is definite, but the perspective is balanced. The reader who discovers these papers in the Selected Essays will become aware of a side of van Heijenoort and the value of his work for our subject that has not been sufficiently nor widely enough appreciated. These essays make abundantly evident his many excellent qualities which, in their combination, made him unique. Anita Burdman Feferman Solomon Feferman
Curriculum vitae Jean van Heijenoort (July 23, 1912 - March 29, 1986)
1946
M.A. in mathematics, New York University.
1949
Ph. D. in mathematics, New York University.
1946-1965
Instructor, Assistant Professor, Associate Professor of Mathematics, New York University.
1962-1964
Visiting Professor of Philosophy, Columbia University.
1965-1977
Professor of Philosophy, Brandeis University.
1971
Visiting Professor of Philosophy, Stanford University (one term).
1977-1986
Emeritus Professor of Philosophy, Brandeis University.
Jean van Heiienoort (J 912-1986)
7
Books and monographs. Editor of from Frege to Godel : a source book in mathematical logic L 1879-1931, Harvard University Press, 1967 (4th printing 1981). Editor of Jacques Herbrand, Ecrits logiques, Presses Universitaires de France, 1968. El ~esarollo de la teor1a de la cuantificati6~, National University of Mexico, Mexico City, 1975. Introduction ~ la semantiquedes logiques non-classiques, Ecole normale superieure, 1978. Trotsky in exile : from Prinkipo to Coyoacan, Harvard University Press, 1978.
~ith
Editor of Leon et Natalie Trotsky, Correspondence 1980.
1933:~l8,
Gallimard,
Co-editor with Solomon Feferman, John W. Dawson, Jr., Stephen C. Kleene, Gregory H. Moore and Robert M. Solovay of Kurt GodelLCollected wqrks, V2lume I, Publications 1929-1936. Oxford Press, 1986. Selected
ess~,
Bibliopolis, 1986.
~~~.
1967
Logic as calculus and logic as language, Boston studies in tQg philosoppy of science 3, 440-446.
1974
Subject and predicate in Western logic, 24, 253-268.
1977
Set-theoretic semantics, in ~9~~oJloqui~_12, R.O. Gandy and J.M.E. Hyland (eds.), North-Holland Publishing Co., 183-190.
?hilo~QE9~gas~
and
.~~t
1977a
Sense in Frege, lournal of £hilos££hical
1977b
Frege on sense identity, ib!!!., 103-108.
1982
L'oeuvre logique de Jacques Herbrand et son contexte historique, in froceedings of the Herbrand Symposium, Logic Colloquium I !H, J. Stern (ed.), North-Holland Publishing Co., 57-85.
1985
Frege and vagueness, in Fr~_~vnthesized :_Studies of__the Philo~ sophical and foundational work of Gottlob Frege, L. Haaparanta and J. Hintikka (eds.), D. Reidel Publishing Co.
1986
Jacques Herbrand's work in logic and its historical context, English translation, with emendations of 1982, in Selected Es~~, J. van Heijenoort, Bibliopolis, 99-121.
logi~
6, 93-102.
1986a
Syst.eme et met asyst.eme chez Russell, in this volume.
Note.
All of the above papers, except 1982 and 1986a, are reproduced in the Selected essays ; in addition, that volume contains seven other previously unpublished notes and essays.
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
9
LA MOUCHE DANS LA BOUTEILLE (En memoire de Jean van Heijenoort, Institut Henri Poincare, 14 mai 1986)
"Je ruminais mes doutes. Pendant plusieurs annees, seule l'etude des mathematiques me permit de conserver mon equilibre interieur. L'ideologie bolchevisteetait pour moi en ruines. II me fallut batir une autre vie". Ces lignes simples et emouvantes closent Ie livre de souvenirs de Jean van Heijenoort (1). L'autre vie, ce fut entre autres une activite de philosophe
et d'historien de la logique mathematique .••
Pour un logicien mathematicien, Jean van Heijenoort est d'abord l'auteur d'un monument "From Frege to Gadel (2) ; ce livre offre un panorama unique des balbutiements de la logique, depuis Ie Begriffschrift de Frege (1879) jusqu'au theoreme de Gadel (1931). II est forme d'une selection d'articles des principaux logiciens de ce demi-siecle, soigneusement annotes, et surtout pourvus d'introductions permettant de degager ces oeuvres des contingences diverses qui en obscurciraient Ie sens pour un lecteur connaissant "la suite". Dans Ie meme ordre d'idees, il faut evidemment mentionner son edition des ecrits logiques de Jacques Herbrand (3) et tres recemment sa participation
a
l'edition en cours des oeuvres de
Kurt Gadel. Le travail de Jean van Heijenoort n'a pas peu contribue modifier notre image des peres fondateurs, en remettant
a
a
leur vraie place
des oeuvres charnieres comme celles de Herbrand ou de Lowenheim. Pour juger son travail d'historien de la logique, ouvrons son tres bel article sur "L'oeuvre logique de Jacques Herbrand" (4), traduit en anglais dans (5) on y trouve une description tres precise des travaux de Herbrand, ainsi que de leurs liens avec ceux (anterieurs) de Lowenheim et Skolem ou (posterieurs) de Gentzen. OU ce travail se distingue radicalement d'autres etudes du meme type, c'est que Jean van Heijenoort dominait mathematiquement son sujet de tres haut, ce qui fait que l'oeuvre d'Herbrand est analysee avec
10
clarte et rigueur : il va toujours a l'essentiel, ne perdant pas de temps a pinailler sur des aspectsdevenus obsoletes; derriere son gout du detail exact on ne sent pas non plus l'admiration figee, Ie fetichisme du document: l'ideologie de Herbrand nous est presentee pour ce qu'elle etait sans doute, un syncretisme entre Brouwer et Hilbert, resultat de lectures mal digerees par un jeune homme de 23 ans. Bref, un texte passionnant, qu'on peut considerer comme un modele du genre. Pour ce qui est de l'interet scientifique de ces travaux historiques, n'oublions pas que beaucoup de questions plus ou moins resolues il y a cinquante ans, ne sont que des feux mal eteints ; et que nos grand-peres vivaient dans un univers logique ou beaucoup plus de possibilites etaient ouvertes ; certaines portes nous paraissent a nous fermees parce que nous n'y frappons plus ... Jean van Heijenoort m'avait dit en 1976 quelque chose comme 9a : "En logique on a l'impression d'etre la mouche dans la bouteille". Pour reprendre cette image, si la mouche voulait sortir maintenant, elle devrait revenir aux vieux plans, ceux d'avant 1930 quand Ie territoire n'etait pas delimite, et en integrant bien sur l'enorme acquis des cinquante Le~
dernieres annees.
travaux de Jean van Heijenoort, et je ne me limite pas ici a ses
textes historiques, je pense aussi a ses travaux plus philosophiques sur Ie vague, sur Ie sens au sens (I) de Frege, nous offrent un temoin remis
a
jour de ces grandes interrogations qui ne s'arreteront qu'avec
la pensee. Une des idees dominantes qui se degagent des etudes philosophico-historiques de Jean van Heijenoort, c'est l'opposition absolutisme/ relativisme. L'absolutisme, c'est la croyance en
~
logique, une geome-
trie etc., alors que Ie relativisme est bien plus opportuniste. L'histoire de la logique dans ses premieres annees est dominee par l'absolutisme, e. g. Frege, Russell. Ce sont eux qui font la percee conceptuelle, surtout Ie premier. Mais la theorie ne devient operationnelle que grace au relativisme, typiquement Lowenheim. Le relativisme, delaissant les ambitions demesurees des peres fondateurs, s'ouvre (en admettant plusieurs logiques, plusieurs interpretations ... ) des possibilites que l'absolutisme recuse avec horreur, quand bien merne il peut les concevoir. L'histoire a tranche: "L'echec de l'absolutismeenlogique est celui du realisme, c'est-a-dire d'une conception pour laquelle l'experience est transmuee en une realite
La Mouche dans la Bouteille
11
independante de tout processus de connaissance. Ce n'est surement pas une conception que Ie developpement historique de la science semble favoriser. L'organisation de la connaissance ne se developpe pas par juxtaposition, mais par une incessante reorganisation, dans laquelle certains concepts sont remplaces par d'autres. Cette atmosphere de la science s'accomode beaucoup mieux du relativisme logique que de l'absolutisme. Les systemes evoluent au gre des besoins . ( ••• )
Le savoir humain n'a pas atteint un
niveau de completude et de stabilite qui nous permettrait de l'organiser en une logica magna." (Absolutism and relativism in Logic, in (5». L'histoire a tranche, mais la fascination des idees absolutistes reste ; d'ailleurs a la fin du XX ierne siecle, un certain retour des idees absolutistes est dans l'ordre du possible. Alors que les distinctions d'ecole traditionnelles (formalistes/intuitionnistes etc.) se sont evaporees avec les protag9nistes, l'interpretation de l'histoire du slijet autour de l'axe absolutisme/relativisme, distinction essentielle dans l'oeuvre de Jean van Heijenoort, semble plus actuelle que jamais. II
n'est pas besoin d'insister sur l'evident hiatus entre les
deux per-Lodes de la vie de Jean van Heije.noort ; bien que cette vie presente deux versants fort contrastes, il n'est pas interdit d'y rechercher certaines continuites profondes. On ne s'etendra guere sur l'affinite entre Ie bouleversement social et Ie bouleversement scientifique -la naissance de 1a logique moderne entre Frege et Godel, pour reprendre Ie titre de l'ouvrage deja cite- ; apres tout, Ie debut du XX ieme siec1e est fertile en bouleversements scientifiques, dont la logique ne constitue pas forcement Ie plus profond. Un texte charniere, quoique marginal dans la production de Jean van Heijenoort, est son etude sur "Engels et 1es mathematiques" (5). II nous montre Engels pontifiant sur un domaine qu'i1 comprend mal, a seu1e fin d'en faire ressortir, a tout prix, l'aspect dia1ectique : "Engels nous apparait maintenant comme un homme plein de prejuges, incapable d'entrer librement dans la batail1e des idees. II aurait voulu avoir sa propre science "dialectique" a part de ce qu'il appelle 1a science "metaphysique ordinaire", c'est a dire, purement et simplement, de la science". Ce jugement severe clot une analyse qui fait apparaitre Ie cote empiriste d'Engels, par exemple ses conceptions expeditives en geometrie, mais surtout Engels y apparait comme un empiriste absolutiste : les mathematiques existent par e1les-meme, comme un acte
12
inconscient de 1a nature etc. : ici encore, on a une seu1e geometrie ! Avec des
~
priori philosophiques et politiques diametralement opposes,
Engels se retrouve finalement en compagnie de Frege, meme si leurs oeuvres sont de qualites tres inegales. On peut se demander si, du marxisme
a
la logique, Ie trait d'union cache de l'activite de
Jean van Heijenoort, n'est pas la fascination de ces theories qui ont cru un instant tenir Ie monde
a
l'aide de quelques formules.
[1]
Sept an aupres de Leon Trotsky, LES LETTRES NOUVELLES, PARIS 1978.
[2]
From Frege to Godel, A source Book in Mathematical Logic, 1879-1931. HARWARD UNIVERSITY PRESS, CAMBRIDGE, MASS. 1967.
[3]
Jacques Herbrand : Ecrits Logiques, P. U. F., PARIS 1968.
[4]
L'oeuvre Logique de Jacques Herbrand et son contexte historique, in PROCEEDINGS OF THE HERBRAND SYMPOSIUM, (ed. Stern) NORTH-HOLLAND PUB. Co., AMSTERDAM 1982.
[5]
Selected Essays, BIBLIOPOLIS, NAPLES 1986, et librairie Vrin, 5, Place de la Sorbonne, Paris V.
Jean-Yves GIRARD
C. N. R. S.
Logic Colloquium '85 Edited by The Paris Logic Group e Elsevier Science Publishers B.V. (North-Holland), 1987
13
J. v , H.
(En memoire de Jean van Heijenoort, Institut Henri Poincare, 14 mai 1986)
Ce fut une des grandes rencontres de rna vie. Elle n'eut lieu qu'en 1979. Depuis longtemps, la belle anthologie de J. v. H., From Frege to Gode! (1967), figurait en bonne place dans rna bibliotheque ou sur rna table de travail; et j'avais parle une £ois en sa presence a une Journee de la Societe
Fran>~ise
de Logique, en 1977. Mais, done, je ne
Ie connaissais pas personnellement et, malgre mes desirs, je n'imaginais pas de forcer les choses quand, un jour (c'etait
a
l'automne 1979), je
reo;;us un telephone d'une amie commune: "Je t'invite a diner, Jean van Heijenoort veut te voir". C'etait incroyable, et pourtant c'etait vrai. II etait comme o;;a, curieux et soucieux de l'autre, genereux, tout simplement. II m'avait impressione, deux ans plut tot,
a
la Journee de
la Societe de Logique, par une intervention, quelque trente secondes seulement apres Ie debut de mon expose, pour me faire preciser un point de notation, et par son silence attentif jusqu'a la discussion finale. C'est un homme egal a lui-meme que je reconnus a ce premier diner: avec lui, il fallait savoir ce qu'on disait ou ecrivait, mais il vous ecoutait alors, ou vous lisait, comme personne. Peu apres son depart pour Ie Mexique et les "Etats-Unis d'Amerique" (selon la formule precise et demodee qu'il s'obstinait a utiliser, du moins a des fins postales), je reo;;us une lettre de lui dans laquelle il poursuivait la discussion que nous avions pu ainsi engager. Les echanges epistolaires ou de vive voix ne devaient plus cesser entre nous. II ne recevait jamais aucun courrier auquel il ne repondit par retour, ne fut-ce que pour en accuser reception; et il ne vena it jamais en France sans consacrer a ses amis Ie plus clair de son temps. Nous passions des apres-midi entieres a parler des choses de la vie et du monde, et aussi, bien sur,
14
Ph. de Rouilhan
avec predilection, des choses de la logique (au sens large qu'il donnait a ce mot). En la matiere, il etait pour moi l'interlocuteur reve, d'une liberte et d'une rigueur, d'une culture incomparables. Et Dieu sa it pourtant que nous n'etions pas toujours d'accord. J'apportais parfois a nos discussions logiques, que ce ffit en prive ou en public, une passion qui contrastait avec la mesure dont il ne se departait jamais. Lorsque Ie sujet ou la vertu de la discussion lui paraissait epuise, il savait signifier, de fa90n delicate mais souveraine, que cela suffisait et qu'il etait temps de passer a autre chose. Une fois, je voulus,
par apres, m'excuser aupres de lui de l'exces
de passion, peut-etre, que j'avais mis a defendre mes theses. Alors il protesta et me rassura d I un mot : "Mais
LaiJ!l~
la passion !
- Mais comment faites-vous pour rester si calme, demandai-je encore 7" Et lui de me repondre, presque en riant : "C'est que je me suis assez emporte dans rna jeunesse ... ". Cette jeunesse, d'autres pourront en parler, mais j'ai idee que c'est elle qui s'acheveen1948 avec l'abandon du mouvement trotskyste et cette retraite vers les mathematiques qu'il evoque dans l'epilogue de son livre
$~ans
aupres de Leon TrotskY. Ce livre de souvenirs, edite par
Maurice Nadeau en 1978, et Ie recueil d'articles logiques ecrits entre 1948 et 1985, qui vient de paraitre a Naples, aux editions Bibliopolis, sous Ie titre de
Sel~cted Essa~,
il est difficile de dire a quel point,
de contenus et d'horizons si differents, ces deux livres sont bien du marne homme (peut-atre faudrait-il preciser de la marne maturite). La pudeur au narrateur et la precision de son temoignage sur les annees d'exil de Trotsky se retrouvent dans la retenue et la rigueur du philosophe et de l'historien de la logique ; on reconnait ici et la la meme discretion et la meme determination. L'un de ses derniers chantiers theoriques avait ete la
vaguenes~,
non pour la denoncer et la frapper d'interdit, mais, paradoxalement, pour lui faire droit. II etait venu parler "du vague" a notre Semina ire de Logique du lundi, a l'automne 1982, et l'avait fait, comme a l'ordinaire, avec une precision extraordinaire. Deux articles du recueil Selected Essays y sont consacres (1979, 1985) et il etait aIle jusqu'a projeter un livre sur la question. Et comme, a notre derniere soiree (c'etait
15
J. v. H.
Ie 2 mars dernier, exactement), je lui en demandais des nouvelles, il me tant cette question lui etait apparue, a
repondit qu'il avait renonce,
la reflexion, toujours plus profonde et plus difficile. Et il eut ce mot (ou
a
peu pres, mais qu'il me plait de rapporter sous une forme dont Ie
logicien qui sommeille en chacun de nous appreciera Ie caractere enigma-
a
tique) : "Quand je n'ai rien
dire, je ne Ie dis pas". Conune Ie poete
selon Valery, ce philosophe ne se payait pas de mots, il ne parlait ni n'ecrivait jamais pour ne rien dire. Je ne crois pas que ce soit Ie moment ni Ie lieu pour analyser les travaux logiques de J. v. R. , laissez-moi quand meme les evoquer d'un mot, ici et maintenant, pour ce qui me parait en etre Ie point fondamental. Deux articles du recueil 1979), et Ie
titre du
second
~~lecte
suggere
aussi
y sont consacres (1967, bien
que
possible
de quoi il s'agit : "Absolutism and Relativism in Logic". La distinction de deux traditions, l'une absolutiste (celIe de Frege, Peano, Russell), l'autre relativiste (celIe de Boole, Schroder, Lowenheim), dans l'histoire de la logique moderne et leur analyse sont caracteristiques des travaux de J. v. R.. Sa conference sur Russell au Congres d'Orsay, l'ete dernier, etait de la meme veine ; de la meme veineaussi, l'article sur Godel auquel il travaillait dans les derniers temps et qui devait s'appeler : "Que demontre Ie theoreme de completude ?" (autrement dit : que demontre Ie theoreme qui demontre la completude de la logique du premier ordre? question philosophique). C'est sur ce point que nous revenions Ie plUS souvent dans nos discussions, pour "tenter, selon sa propre expression, de nous mettre au moins en desaccord" lee qui n'etait pas moins difficile que si nous eussions tente Ie contraire). Pour l'essentiel de son analyse historique, je ne pouvais que Ie suivre, et reconnaitre avec lui que Ie relativisme l'avait emporte sur son rival en logique mathematique depuis, precisement, Ie theoreme de completude de Godel, en 1930 ; mais tandis qu'il avait tendance
a
en prendre son parti et
de dogmatisme etl'adequation
a
a
soutenir Ie relativisme pour l'absence
la realite du travail scientifique contem-
porain, je luttais a contre-courant et defendais plutot l'absolutisme pour la force et Ie courage
a l'egarddes
questions philosophiques. Je ne
sais conunent la question pourrait etre instruite en precision et jusqu'au bout, je sais seulement qu'elle devrait l'etre dans les termes ou J. v. H.
16
Ph de Rouilhan
l'a, pour la premiere fois, clairement posee. Mais comme je ne veux pas rester sur une simple reconnaissance de dette theorique, je dirai ou redirai, pour finir, que c'etait un homme d'une rare humanite et un esprit distingue. J'ai admire cet homme admirable, je l'ai aime filialement et sans reserve. Et ce me sera desormais comme une consolation, et la seule possible, que de fa ire savoir
a
ceux qui ne l'ont pas connu qui etait
J. v. H.
et l'importance
de ses travaux ; ou mieux d'evoquer sa memoire, comme aujourd'hui, avec ceux qui l'on connu et qui, comme moi,
tout simplement, l'ont aime.
Philippe de ROUILHAN C. N. R. S.
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
17
ALMOST STRONGLY MINIMAL TOTALLY CATEGORICAL THEORIES Gisela Ahlbrandt Ypsilanti, Michigan, USA INTRODUCTION The study of theories categorical in infinite powers has played an important role in the development of model theory.
Morley's 1965 results
on ~l-categorical theories in (Mol) stands at the beginning of a long series of work to clarify the meaning of independence for arbitrary theories.
It was long felt that in totally categorical structures independ-
ence resembled linear independence in a vector space. Vaught's conjecture for
~f
In his study of
categorical theories Marsh (Mar) introduced
strongly minimal sets and isolated those vector-space-like properties. When Baldwin and Lachlan (B-L) extended Marsh's results to arbitray }jlcategorical theories they found that there was an 'easy case' for which Marsh's proof could be adapted.
Those were the almost strongly minimal
theories whose models are algebraic over a strongly minimal set definable with", tuple of parameters of an isolated type.
They are always }j 1 -
categorical, Baldwin (Bal),and Makowsky (Mak) proved already in 1971 that }}~ categorical almost strongly minimal theories are not finitely axioma-
tizable.
It required ten years and totally new techniques before Zil'ber
(Zill) , (see
(CHL)) could prove that arbitrary totally categorical theo-
ries are not finitely axiomatizable.
A crucial step towards this result
was the introduction of strictly minimal sets (which are strongly minimal with additional properties) by Zil'ber and their complete classification independently by Cherlin, Mills and Zil'ber (see
(CHL) as either disin-
tegrated sets without structure or affine or projective geometries over finite fields.
The nonaffine strictly minimal sets are also called modu-
lar and satisfy some nice properties.
Cherlin, Harrington and Lachlan
developed a number of important tools in
(CHL). We follow their nota-
tions, but we restrict our attention to totally categorical theories. the following, let M be a model of such a theory.
In
18
G. Ahlbrandt
In section I we give some examples of strictly minimal sets.
We
formulate the Coordinatization theorem from (CHL) in section 2 in our framework of fibres, and use it repeatedly in section 3 to decompose a type into what we call a filtration.
We will show in section 4 that
the almost strongly minimal theories are exactly those with only few affine sets, thus connecting the results of the early 70's with Zil'ber's work and (CHL). In 1967 Chang conjectured that every complete }tl-categorical theory is axiomatizable with Un-formulas for some n and in (CHL) it is conjectured that every totally categorical theory in a finite language is axiomatizable by one sentence and the axiom schema asserting that the model is infinite.
When Mortimer worked on Chang's question (Mor) he
could prove almost-model-completeness (which implies the conjecture) for totally categorical almost strongly minimal theories satisfying his rather strong appearing finite basis property.
We show in section 5 that
they are exactly the almost strongly minimal theories whose models have disintegrated strictly minimal sets.
Almost-model-completeness for
almost strongly minimal theories can be proven directly from the fact that strictly. minimal sets are almost model complete (see (Ahl), (A-B)). In section 6 we give an overview about the development around the second conjecture.
It implies the first and is true for strictly minimal sets,
as follows immedidtely from their classification.
Ziegler proved it for
the theories with disintegrated sets in 1983 (Zie) and the author generalized his techniques and developed some tools for theories with nondisintegrated strictly minimal sets (Abl) and both together extended the result
to almost strongly minimal totally categorical theories (A-Z).
The general case is still open.
1. Strongly and strictly minimal sets In his study of ~1-categor1cal theories Marsh developed the notion of a strongly minimal set, which in our context of
}~O-categocity
is a
definable subset H all of whose definable subsets are finite or cofinite. H is strictly minimal if it is in addition 0- definable and admits no nontrivial 0- definable equivalence relation. Strongly minimal sets allow the introduction of a dependence relation which behaves very much like the linear span in a vector space.
For an
arbitrary subset X of M let the algebraic closure of X, acl (x), consist of the union of all finite subsets of M which are definable from X.
Totally Categorical Theories
19
Marsh isolated the following properties of the closure on a strongly minimal universe H. Let X, Y cHand x, y E H. 1) 2) 3) 4)
X c acl Xc x e
ac1 (X) , (X) =u {acL (X') lx' c X finite} acl(Y) implies acl (X) c acl (Y) acl (X U {y})"-acl (X) implies y E ac1 (X U (x})
We say H is disintegrated if for all X cH, acl (X) = X. Zil'ber (Zi12) calls a set with a closure operator satisfying 1)-4) a pregeometry, and a geometry if 5) acl({x})
{x}.
It is this last property which makes the important distinction between strictly and strongly minimal sets.
Cherlin, Mills and Zil'ber were
independently able to prove the following: Classification Theorem for strictly minimal sets The lattice of algebraically closed subsets of a nondisintegrated strictly minimal set is isomorphic to that of an infinite dimensional affine or projective space over a finite field. Accordingly we speak of affine, projective and disintegrated strictly minimal sets; the latter two are also called modular since they have a modular lattice of algebraically closed subsets.
Lines in a strictly
minimal set are the closures of two-element sets.
The classification
of arbitrary strongly minimal sets has only been accomplished in very special cases, e.g. those sets whose quotient by the coarsest 0- definable equivalence relation with finite classes is disintegrated (Ziegler unpublished) • Examples 1) A disintegrated strictly minimal set is just an infinite set with no structure.
Infinite sets with an equivalence relation E where each
class has a fixed finite cardinality k are strongly minimal sets with disintegrated quotient. 2) Let the universe M be $Z3,the infinite abelian group with every element of order 3. If the language consists of the addition,then for an arbitrary element a, acl ({a})={ 0, a, 2a}, and M is a strongly but not strictly minimal set. Let E be the equivalence relation on M':=M\{O} that links two points having the same closure. H: = My E is a strictly minimal set.
A line in
20
G. Ahlbrandt
H on points alE and blE consists of the additional points (a+b)
(2a+b)/E thus having 4 points.
IE
and
H is a projective space over GF(3), the
field with three elements. 3) Let the universe be as in 2) but let the language L consist of a ternary function symbol T and let W be the L-structure which interprets T as follows: T(x,y,z)=x+y-z. Ostermann and Schmidt gave the axioms for the affine space in this language in (O-S).
This representation of the
affine space is sometimes referred to as "hiding the zero", since the original a is not algebraic any more, thus affine translations are automorphisms.
W is strictly minimal.
The line through the points a and b
contains only the additional point 2a+2b. GF(3).
W is an affine space over
If any element is named, then an operation similar to the original
addition is definable.
4) Consider
~
<X,{ZR:REL}>
ii) M and N are mutually definable if M is definable in N and vice
28
G. Ahlbrandt versa.
iii)M and N are interdefinable if for each symbol REL there exists a formula ZR in K and for each symbol SEK there exists a formula Y in L and there exists a permutation f f:<X, {R : REL}> f:<X,{Y~:S£K}>
'"
£
S(X) such that
s
<X,{ ZR:REL}>
= <X,{S
: SEK}>
The difference between ii) and iii) is that in the first we do not require that the maps witnessing the isomorphisms are in any way related.
Let us now look at the automorphism
tify two automorphism groups?
groups.
When can we iden-
Isomorphism as abstract groups does not
suffice, since it does not preserve the structure of conjugacy classes. We call two permutation groups G, H on a set X eguivalent if they are conjugate as subgroups of SeX) (see (Hup) page 26).
We thus equate
automorphism groups if their group action is the same up to an enumeration of the underlying set. Lemma 5 i) If M is definable in N, then Aut (N) is equivalent to a subgroup of Aut (M) and for every n there are no more n-types realized in M than in N. ii) If M and N are interdefinable,then their automorphism groups are equivalent. iii) If one of the structures is }} -categorical, then all three notions o are equivalent. Proof For i) let M be definable in N and let f:<X,{R:REL}> then
Aut (M)
is
equivalent
to
contains Aut (N) as a subgroup. union of types in N. permutation f. CAut (f«
Aut (f(M»
~
<X,{ZR:REL}>;
which
The solution set of a type in f(M) iR a
To prove 11) let M and N be interdefinable via a
Using the notation as in the definition iiiX Aut (f (M»
X'{YS:SEK}»)
= Aut
(N)c Aut «X,{ZR:REL}»
Aut (f (M».
Thus Aut (M) and Aut (N) are conjugate via f. iii) Let M and N have equivalent automorphism groups; then they have isomorphic conjugacy classes of n-tuples for every n and,by homogeneity, isomorphic collections of definable sets.
This is equivalent to
mutually definability is implied. then}j
o
interdefinability and
If M and N are mutually definable
-categoricity implies that both have isomorphic conjugacy
29
Totally Categorical Theories
classes.
Since both groups are closed in the full permutation group
SeX), this is equivalent
to Aut (M) and Aut (N) being equivalent.
The
assumption in iii) is necessary for all but interdefinability to imply the other two (see Ahl). We call M quasi finitely axiomatizable if it is interdefinable with some N in a finite language and the theory of N is axiomatized by a sentence and the schema of infinity.
We collect now some results re-
lating quasi finitely axiomatizability and properties of the automorphism group.
One easily shows that M is quasi finitely axiomatizable if
and only if any finite principal extension of M is quasi finitely axiomatizable. Martin proved (Mat) the Finite Index Lemma If Aut (N) has finite index in Aut (M) and M is quasi finitely axiomatizable,so is N. This can be strengthened to include the case when Aut (N) is an open subgroup of Aut (M)
(see (A-Z».
Coquand showed that M and N are
biinterpretable if and only if their automorphism groups are isomorphic as topological groups. finite
Biinterpretability also preserves quasi
axiomatizability (see (A-Z».
which quasi finite
We now consider the cases for
axiomatizability has been shown.
Using some of
the above mentioned facts and known results from geometry one can prove (see (Ahl) or (Mat». Theorem 6 All strictly minimal sets are quasi finitely axiomatizable. Since the strictly minimal sets are the building blocks of all the other totally categorical structures, as we showed in section 3, one hopes to prove the conjecture for arbitrary such structures.
The
Grassmannian structures are biinterpretable with the corresponding strictly minimal structures and therefore all quasi finitely axiomatizable.
Without loss of generality one can assume (see (A-Z» that any
almost strongly minimal structure M reduces to a modular Grassmannian quotient W after factoring by E and all equivalence classes have a cl ' the same finite cardinality. Ziegler showed for W a Grassmannian over a disintegrated set, that W could be "nicely" enumerated in such a way that control over the algebraic closure was possible. (Zie)
He proved in
30
G. Ahlbrandt
Theorem 7 All totally categorical structures with disintegrated set attached are quasi finitely axiomatizable. The author generalized the idea of a nice enumeration to include the notion of a partial well ordering and showed that projective geometries over GF (2) satisfy the conditions, thus showing in (Ahl): Theorem 8 Totally categorical structures of rank one whose strictly minimal attached sets are projective or affine geometries over the field with two elements are quasi finitely axiomatizable. For the almost strongly minimal case it was then only necessary to verify that also higher dimensional Grassmannians over arbitrary finite fields have nice enumerations, which can be shown along the same lines as in the GF(2)-case
(see (A-Z».
Theorem 9 All almost strongly minimal totally categorical theories are quasi finitely axiomatizable.
REFERENCES [A-B]Ahlbrandt, G. and Baldwin, J., Categoricity and generalized model completeness, 1984, submitted. [Ah~
Ahlbrandt, G.
Totally categorical theories of modular type,
dissertation, University of Illinois at Chicago, 1984 [A-Z]Ahlbrandt, G. and Ziegler, M.
Quasi finitely axiomatizable
totally categorical theories, APAL 30 (1986) 63-82. [Bal]Baldwin, J.
Almost strongly minimal theories I, J. Symb.
Logic 37 (1972), 481-493. [B-L] Baldwin, J., Lachlan, A.
On strongly minimal sets, J. Symb.
Logic 36 (1971), 79-96. [CHLJCherlin, G., Harrington, L., Lachlan, A. N ocategorical,
No-stable structures,
Annals of Pure and Applied Logic 28 (1985), 103-135.
31
Totally Categorical Theories
[Hup] Huppe.t,
B. Endliche Gruppen I, Springer-Verlag, Heidelberg,
1967. [Mak] Makowsky, J.
Kategorizitat and endliche
AXiomatisierbarkheit, Diplomarbeit, ETH Zurich, 1971. ~ar]Marsh,
w.
On
wI but not
w-categorical theories,
dissertation, University of Dartmouth, 1966. [Mat] Martin, G. dissertation, Rutgers university, 1985. Categoricity in power, Trans. Amer. Math.
[Mol]Morley, M.
Soc. 114 (1965), 514-538 [MorJ Mortimer , M.
Some topics in model theory,
dissertation, Bedford College, 1974. [O-S]Ostermann, F. and Schmidt, J. Der baryzentrische Ka1kUl als axiomatische Grundlage der affinen Geometrie.
J. Reine Angew. Math. Vol. 224 (1966) [Sh] She1ah, S.
44-57.
Classification theory and the number of
non-isomorphic models, North-Holland, 1978. [Zie]Ziegler, M.
manuscript (1983).
[Zill]Zil'ber, B. Totally categorical theories:
structural
properties and the non-finite axiomatizability, 1979, Springer Lecture Notes 834. [ZiI2]Zi1'ber, B.
Totally categorical structures and
combinatorial geometries, Soviet Math. Dokl. Vol. 24 (1981).
No 1
Gisela Ahlbrandt Eastern Michigan University Department of Mathematics YPSILANTI, MI 48197 (USA)
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
33
ON LASCAR RANK IN NON-MULTIDIMENSIONAL ",-STABLE THEORIES ANDREAS BAUDISCH AdW der DDR, Karl-WeierstraB-Institut fUr Mathematik 1086 Berlin, MohrenstraBe 39 1.
INTRODUCTION Let T be a countable complete w-stable theory. The notion "dimension" is used for classes of non-orthogonal regular types over models. T is non-multidimensional if the number }L(T) of dimensions is bounded. This has been introduced by Shelah [14] and also by Lachlan [5J. Note that in this case }L(T) f NO' Models of non-multidimensional w-stable theories can be classified by jL (T)-tuples of cardinals [14J. We consider the free c-nilpotent groups Fe (pn , :Je) of exponent pn(cLp) with Je free generators. Fc(pn,m) is finite for m L.N O' In [1J we have proved that Fc(pn,:Ie) == Fc(pn,;>.,) for NO f ~A. and that Th(Fc(pn,N O)) is decidable and ~-stable. We continue our investigations by showing Th(Fc(pn,N o ) to be c-dimensional (Th. 6.3.). For every group G(x) that is definable in a stable theory there are the so-called generic types representing the maximum element in the stratified order of G (Poizat [11]). In the superstable case they are of maximum Lascar rank U under the types in G(x). Let G be a model of Th(Fc(p,N O)) and(1) = ZOCZ 1C ••• C Zc = G be the upper central series of G. Then the c dimensions of the theory of Fc (p, }i 0) are represented by the generic type~ Pi of Z(G/Z i_ 1(G)), i = 1, ••• ,c. We prove U(Pi) = W c-~. If the considered groups are of exponent pn with n~1,we obtain similar characterisations. We have to factorize G by the normal subgroup of all elements x p• Using group-theoretical modifications of Lascar's inequalities for Teq, as developed by Berline and Lascar [2J, we compute U(p) = oJ c-1 n + w c - 2n + ••• + wn + n for the generic type of Th(Fc(pn,~ 0)' We can avoid working formula after
A. Baudisch
34
formula. We use the algebraic properties of the models of Th(Fc(p,N O)). To prove the assertion by induction on c it is essential that G/Z Fc_'(p,~o) and that every relation in G/Z, defined in the full theory of Geq, is already definable in G/Z even then, if Th(G)e q has been neglected. In section 3 we give a criterion for this kind of interpretation. Section 2 contains some preliminaries from stability theory. Section 4 is devoted to the algebra of models of Th(Fc(pn,~O)). In section 5 the Lascar rank computation is carried out. Dimensions are considered in section 6.
=
2.
LASCAR'S INEQUALITIES As usual in stability theory we work in a big saturated monster model Q. The main condition in the definition of Lascar rank U(p) is the following: U(p)~ ~+', if there exists a forking extension q of p such that U(q) ;:, «; Remark that U(p) = 0 iff P is algebraic. If ()(, = c../1 n, + f). •• + ."\!,,, n k an d I"' = W 01 m, + ••• + (JJ ok mk wi th "l- ~... ~ k are Cantor decompositions of the ordinals oc and (3 (in our case we allow zeros for n i and m~, then a. Ef) ~ = W t 1 (n,+m,) + ••• + W k(nk+m k). E M M 1= ~(ao, ••• ,an_1)}' t(a/B) dnf/A means tea/B) does not fork over A. 3.
INTERPRETATION WITHOUT NEW INFOR1~TION Let Sand T be two countable complete theories. Let LS and LT be the corresponding languages. We study interpretations r of S in T, that do not use n-tuples for n':' 1 and
36
A, Baudisch
factorization: For every formula ~Cx) of LS of the form x = x, RiCxO' ••• '~_1) where Ri is some n-ary relation symbol of LS' fiCxO' ••• '~_1) = y where f i is some n-ary function symbol of LS' or x = c i where c i is some constant of LS there is a formula rc ..d
LEMMA 4.2. 1et G be a model of Th(Fc(p,.).JO)). (i) There is an (o)-system generating G. (ii) a is an (o)-system «~)-system) in G iff every finite subset of C is an (o)-system «*)-system,respectively). Note concerning (ii) that for finite a it is possible to express elementarily that a is an (o)-system «*)-system). For example let us say that X. = {xoi ,x, i , ••• ,xn~1 : 1 6 i ~ c \ is a (3[)-system. We write E. ZC-i+1 and a finite number of inequalities f(X) 1= 0 mod Zc_i' where 1 l,. if c and for fixed i feX) varies over all nontrivial linear combinations of basic monomials on X of X-degree i with coefficients in Z/pZ. You see that (0)- and (~)-systems are notions concerning the 1ie algebra corresponding to Fe (p, ~ 0). This 1ie algebra
x/
Lascar Rank in Non-Multidimensional w - Stable Theories
41
can be considered as a free Lie algebra over the field with p elements. Sirsov [15J and Witt [16J have proved that every subalgebra of a free Lie algebra over a field is free. We can formulate this theorem in our context as follows (see [1J). THEOREM 4.3. I f G is a model of Th(Fc(p,)JO))' then every (o)-system in G is a (~)-system. Theorem 4.3 is the key result for the model theory of the groups Fc(pn,NJ. It is the main ingredient in the proof of Theorem 4.1. THEOREM 4.4. Let G = Th(Fc(p,.N'O) and C be any (o)-system in G. Assume {b oc : Oi. L;...l is an enumeration of the basic commutators on C ordered according to C-degree. Then every element g of can be uniquely expressed as g = nb«. ro
I [T] for n
1 < n
2, we deduce from
step we show first: For x e: H, x' '" In-L) * 1
(1)
00 •
For
n
Lemmas 1 and 2 that x'
has infinite
i-classes and is not a wreath pro-
duct, so induction applies. Now we will prove that all finite directed graphs of the form: T U
with
T a tournament of order
H.
in
n - I, and I a disjoint i-class, embed
Our claim will then follow, as any subgraph of
n *
can be
100
built up from such graphs by amalgamations with unique solutions. the same reason we may take n
to be indiscernible over T.
For
For
= 2 (1) already suffices. For
n > 2 and T U 1 as described, fix
a,b e: T with
a
+
band
form a directed graph K on a set:
T U T U {a ,a ,b ,b } U 1 U 1 12121212 (leaving the orientation of T
1
U {a ,b } U 1
1
1
1
(a
1,b1
T U 1 with
)
unspecified, however) so that: + b •
I'
G.L. Cherlin
80
(a ,a} 1
1
1
has order
K/l b
and {b ,b}
2
are
2
l-classes;
n;
K - (a 11), b + K - (a / 1) - {a } . 1 2 2 2
+
We need to see that K K - {a} and K = K - {b are embedded 2 1 1 1} in H, so that an amalgam of Hand H will contain a copy of T U 1. 1 2 That K < H follows from (1) with x = a , and that K < H follows by 2
1
taking
K
2
1
over their common part, applying (I) with x
§5.
2
to be the (unique) amalgam of K - {a ,b}
= a2 ,b 2
1
and K - {a ,b } 2
1
respectively.
The semigeneric case. From now on we assume that HII
is infinite.
We will refer to the
extra constraint placed on the semigeneric graph as the parity constraint.
We wish to show that if H satisfies the parity constraint,
then it is semigeneric.
We will prove the following two claims by
i nducti on: (l.n)
If K = T U I is a finite directed graph, with T a tournament of order
(2.n)
nand
a disjoint I-class, then K embeds in H.
If K embeds in the semi generic graph and IK/II = n then K embeds in H.
Observe that
(l.n)
implies
(2.n+l)
by a straightforward amalgamation,
invoking the parity constraint. We prove (Ln) inductively. Lemma 1.
For n = 1 we use the corollary to
For the inductive step we form a directed graph K
II U 1 U T U T U {x,Xo,y}, with the orientation of 2 2 1
1
on the set
(x,y) unspecified,
The Imprimitive Homogeneous Directed Graphs
81
so that: I
1
UI
I xyT 1
2
1
I xyT 2 2
is a single I-class;
=K
with x,y
++
a,b, I
=K
with x,y
++
b,a, I
1
2
if
++
++
I
x
if y
+ y;
+
x;
Corresponding elements c e T c e T are unlinked; 1, 2 2 1
K
1
embeds in the semigeneric graph.
More preci sely, K
is an amalgamation problem, whose solution must
I
conta in a copy of K.
The point
x
0
forces an edge to 1i nk
x and y.
It remains to be seen that the factors embed in H. The factor sequence of
K - {y} I
u.n-n.
embeds in In the factor
H by
(2.n), which we have as a con-
K - {x} 1
the point x
0
the others.
dominates
Taking any x e H, we can apply (2.n) to x in the o 0 manner of the previous proof, so this factor also embeds in H. This I
completes the argument.
§6.
'"
*
leo.
We treat the last case in a similar but more elaborate fashion.
We
assume that H/l is infinite and that H does not satisfy the parity constraint. which
I
If
Jt
is an amalgamation class of finite directed graphs on
is an equivalence relation, then let
A-*
be the set of all
directed graphs K e J4 such that an arbitrary extension by a new I-class 1 will belong to
5f.
K U I of K
let Q be the simplest
directed graph Violating the parity constraint:
82
G.L. Cherlin
o Then the inductive argument corresponding to the ones we have given above is expressed as follows. if it contains all
I
g. Lemma.
If
on which
A
for
n
n < 00. arbitrarily large tournaments. and
is a robust amalgamation class of finite directed graphs
is an equivalence relation. then
1
Corollary.
Call a class of finite directed graphs robust
J4* is also robust.
With .f4 as above. any finite directed graph K on which
is an equivalence relation belongs to
Jf.
We run through the proof of the corollary first: duction on
n = IK/ll
from
1
n = O. assume
IK III = n - 1 and I an l-class. 1 hence K E i.
with
proceeding by in-
n > 0 and let K = K U I 1 By induction K E A* and 1
Proof of the Lemma: Let J = K U I either
I
n
be the graph we wish to show is in
or L(n) for some
n. or
g.
J4.
where K is
Making use of straightforward
amalgamations with unique solutions, we find that we need only consider the following two cases: (1) (2)
is indiscernible over K;
III = 2.
The Imprimitive Homogeneous Directed Graphs
Let H be the (3) For x
E
~-generi c
H. x' embeds
homogeneous di rected graph.
First form the amalgamation diagram:
/.~
a. (
*x
The factors embed in x'. since by Lemmas 1 and 2. x' generic.
We show first:
g.
We give a direct construction.
y*
83
is at worst semi-
If the edge goes from x to y we are done. and otherwise
amalgamate the result with:
/.~
y.~.~.b
taking a.b as the new points. (If this last factor is omitted then we get g embedded in x'
more
directly. ) Next we prove: (4)
If K is a finite directed graph on which
1
is an equivalence
relation with two classes. then K embeds in H.
G. L. Cherlin
84
Let K/I = {I,J}.
Extending J
if necessary, assume the elements of
III = 2,
realize distinct types over J; we can then reduce to the case and then further to the cases: (4.1)
II I
IJ I
(4.2)
II I
2, J indiscernible over I.
In case
2;
(4.1)
there are four cases:
one is
~,
one is covered by
Lemma I, and the other two can be forced by amalgamating the first two, with three points in one I-class and two in the other. In case (4.2) Lemma 1 applies unless fix
a, b
€
H with a
b
1
1
a, b
1
so a' (\ 'b
*b
+
J
+
b, and let C.s H be a second r-ctass.
1
claim is that a'A 'b{)C If
rapid contradiction.
{a.b} with a
is infinite.
b.
So
Our
If this set is empty one gets a
[a ' 1\ 'b /] CI = k with 0 < k < 00, then choose
with b e: (a n 'b)'.
Then a'(\ 'bn C = a' (\ 'b f\C
1
1
is a-definable, a contradiction.
'
Thus (4.2) is treated.
Next we claim: (5)
Suppose that every finite directed graph on which alence relation with n classes embeds in every tournament T of order
n lies in
Indeed consider K = T U I with
x'
is an equiv-
1
for
x e: H.
Then
.A*.
an additional
I-class.
We form
a directed graph (or amalgamation diagram with unspecified edge (x,y)) K
1
on the set I U {x,x ,y} U T U T 0
IxyT
1
or
IxyT '" H if 2
1
(x,y)
2
so that: is suitably oriented;
corresponding elements of T T are 1, 2 X 1 x, X
o
0
+
I-equivalent;
K - (X/I). 1
As usual it SUffices to check that the factors
K - {x} 1
and K - {y} 1
The Imprimitive Homogeneous Directed Graphs
embed in H.
In fact both K 1
embed in x'. by o
hypothesis. (6) A
[.
--t • ~ .]
a
85
belongs to
.94*.
c
b
This is a fairly lengthy argument. We consider K = A U I with an additional
l-class. which we must embed in H.
I
We may suppose that
is either indiscernible over A, or of order 2. If
is indiscernible over A then take three
H. and fix a, c
in "a
I
+
x
+
E
l-classes C. C C 1, 2 C. Let p be the type over a,c defined by:
c", in other words the type of b. and let q be the type of lover {a,c}.
the elements of
Let B be the set of all realizations
of
p in C and let J be the set of all realizations of q in C 2. 1• Both Band J are infinite. We claim that each element of B is linked to J
by infinitely many edges with either orientation, so that
K embeds in H in this case. ferred orientation.
If this claim fails, then there is a pre-
Now if p = q. then no automorphism of H carries
to (C,C and then as in the proof of Lemma 2. H is a 1,C2) 2.C1). wreath product. Now suppose that p * q. If c + I + a. then no auto(C,C
morphism carries a,c,C.C to c,a.C ,C • which gives a contradiction, 1 2 1 2 for example by taking x, E a'f'I c'rI C and mapping ac\x to 1 2 i cax x. (Here we apply Lemma 1.). 1 2 If type r
I is indiscernible over A and a and c realize the same over
I. then we consider also
our claim is that
tp(b/I).
If
tp(blI) = r. then
I'. 'I are not wreath products; the proof of Lemma 2
is readily adapted to this purpose.
So suppose that tp(b/I) = s
* r.
86
G.L. Cherlin
Then we perform the following amalgamation (with a unique solution): a
*
\ s · x-.::...._; ·
(*)
b
c * with factors: a.
r
x.
~.2-
.>. (As
5
s
-:
b .-
and
c.
r,s are asymmetric, the labelled edges should be read from left to
right.)
If abx or xbc ;s isomorphic to A, the corresponding factor
embeds in H by the case treated at the outset, and otherwise it suffices to examine When
'b or
b'.
is of order 2 and is not indiscernible over A, it suffices
to show that for any three
l-classes C,C
1,C2
in H and any i somorphi c
copy abc of A with a,c e: C and b e C , the two types realized by 1
are realized in C • Let q be the type rea 1i zed by one element of 2
over a,c.
If q is either
"a
+
x
+
c" or
"c
v
x
v
e", then this
was done in the course of the argument above, and in the remaining cases it suffices either to look at x'
or
'x
for
x
e:
C , or else to amal2
gamate in the manner of (*). using factors whose elements lie ;n the appropriate classes.
This completes the proof of (6).
After these preparations we can turn directly to the proof that is robust.
By (4)
I c ~* n
for all finite
n.
Next we claim:
**
87
The Imprimitive Homogeneous Directed Graphs
Arbitrarily large tournaments T are in ~*.
(7)
Equivalently, if H* is the homogeneous directed graph associated with .54*, then we claim that H*/1
is infinite.
On the basis of (4,6)
we know that H* is not a wreath product, and that its 1-classes are infinite.
By our work so far, if
for some
IH*/11
is finite then H* ~ n * I~
n.
But this means that every finite directed graph K on which equivalence relation with n+1
classes embeds in H.
so as to minimize the value of
n here.
robust.
A'
Let
choice of
n, the ~I*-generic directed graph is again
n+1
robust
x e: H, x' is
be the amalgamation class associated with x' .
every finite directed graph K on which with
A
Choose
Observe that for
1 is an
n * I"".
By our Thus
1 is an equivalence relation
classes embeds in x', and hence by (5), every tournament of lies in ~ *, a contradiction.
order n+1
It remains only to prove: (*)
Q e:~*. We consider K = I UQ with
cernible over
Q, or of order
sults so far either embeds Thus if
K embeds in
omits Q, then it embeds in H*, and hence
H, as claimed.
This argument applies in particular if
has order two, and both
I U {b,d} are isomorphic with
amalgamate __0 U {ik,j}
for
k = 1,2
This can be set up so that neither is isomorphic with
Q.
I
Q.
In the only case remaining, and (similarly)
directed graph H*, which by our re-
Q (which is the present claim), or is semi-
I U {a,c}
is indiscernible over
Label 0 a,b,c,d as before.
Jf *-generic
We again consider the
generic.
2.
an 1-class which is either indis-
U {a,c}
Q. In this case just
so as to force
0 U {i ,i }
=
{i , j } U {a,c} nor 1 This completes the argument.
~
K.
1 2 {i , j } U {b,d}
2
88
G.L. Cherlin
REFERENCES
1.
C. Berline and G. Cherlin, "QE rings of prime characteristic," in Bull. Soc. Math. Belg. B 33 (1981), 3-17.
2.
P. Cameron, "Orbits of permutation groups on unordered sets II," J. London Math. Soc. 23 (1981), 249-264.
3.
G. Cherlin, A. Harrington, and A. Lachlan, "l\o-categorical, ~o-stable
structures," APAL (1985), 103-135.
4.
G. Cherlin and A. Lachlan, "Stable finitely homogeneous structures," TAMS, to appear 1986.
5.
C.W. Henson, "Countable homogeneous relational systems and categorical theories," JSL 37 (1972), 494-500.
6.
A. Lachlan, "Finite homogeneous simple digraphs," in Logic Colloquium 1981, J. Stern ed., North-Holland, NY (1982), 189-208.
7.
A. Lachlan, "On countable stable structures which are homogeneous for a finite relational language," Israel J. Math. 49 (1984), 69-153.
8.
A. Lachlan, "Countable homogeneous tournaments," TAMS 284 (l984), 431-461.
9.
A. Lachlan, S. Shelah, "Stable structures homogeneous for a binary language," Israel J. Math. 49 (1984), 155-180.
10.
A. Lachlan, R. Woodrow, "Countable ultrahomogeneous graphs," TAMS 262 (1980), 51-94.
11.
D. Saracino and C. Wood, "QE commutative rings," J. Symb. Logic 49 (1984), 644-651.
12.
D. Saracino and C. Wood, "QE nil-2 groups of exponent 4," J.A1g. 76 (1982), 337-382.
13.
J. Schmer1, "Countable homogeneous partially ordered sets," Alg. Univ. 9 (1979), 317-321.
14.
T. Skolem, "Logi sch-kombi natori sche Untersuchungen tiber di e Erful1barkeit and Beweisbarkeit mathematischen Satze nebst einem Theorem tiber di chte Mengen, II Skriften Vitenskapsakad. Kri sti ana 4 (1920), 1-36, §4.
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
89
PROOFS OF PARTIAL CORRECTNESS FOR ITERATIVE AND RECURSIVE COMPUTATIONS Bruno COURCELLE Universite de Bordeaux I,Departement d'lnformatique+ 3~1,Cours de la Liberation, 3340~ TALENCE, France
Abstract :this paper provides some general definitions concern ing the validity of programs, an abstract presentation of the inductive assertion method for iterative and recursive programs. The case of recursive programs is handled by means of call-trees.
INTRODUCTION
The importance of appropriate methods for establishing the validity of programs has been recognized for a long time. Proof methods of various types have been proposed. Even if they are not applicable to long commercial programs because of the length of the resulting proofs, they are useful for the publication of algorithms ( algorithms should always be proved as are theorems in mathematical papers). They are also important at a theoretical level to guide the design of programming languages and the establishment of relevant programming methodologies. This paper presents : - some general definitions concerning the validity of programs and algorithms, an abstract presentation of iterative comvutations and of a proof method for establishing their partial correctness : the inductive assertion method,
+
Formation associee au CNRS This work has been supported by the ATTRISEM project of the GRECO de PROGRAttNATION •
90 an abstract presentation of recursive computations based on the concept of the call-tree of a recursive procedure which yields a proof method for their partial correctness (this presentation is based on recent results by Courcelle and Deransart [3]). 1 - Specifications and correctness proofs
We shall not distinguish between a program written in some precise programming language and an algorithm which can be written in a more flexible (but, hopefully precise and unambiguous) way. Both of them will be called programs. With every program P is associated a set of data A that we can consider to be (in bijection with) a recursive subset of X+ (the set of non empty finite words over the finite alphabet X). The set of programs in also a recursive subset of X+ With a program P and a data d is associated ~ computation sequence a = (SO,81,52, ••• ,8 n , ••• ) which is a sequence of states. A state Sj encodes everything that is necessary for the continuation of the computation: next instruction number, pushdown list of return addresses, intermediate values computed and stored for further treatment, etc ••• We only say that it can be represented by a finite word over X. In the case of a deterministic program the state s1+1 is determined in a unique way from s1 and there is a unique computation sequence a associated with P and d. It is denoted by ap,d. Otherwise a set of computation sequences is associated with P and d. Unless otherwise indicated we shall deal with deterministic programs in this paper. The computation sequence ap,d can be of three types (1)
(2)
ap,d
is infinite,
is finite and its last state is an state, from which no result can be extracted, ap,d
~
(3)
In
is its
is finite, its last state is a success state from which the result d' of the computation (a word over X) can be extracted.
ap,d
case (3), we say that ap,d is successful, that d and d' its output.
~
91
Proofs for Partial Correctness
The function computed by IPI: A ~ X+ such that
IPI (d)= d' if IPI (d)
P
is the partial function
is successful and its output is d',
ITP.d
is undefined in cases (1) and (2).
We shall use the abbreviation P(d)! in the former case and p(d)r in the latter. Let now ~(x,y) be a formula in some logical calculus (that we shall leave as a parameter), with free variables x and y ranging over X+ •
This
formula will be used as a specification of what
P must compute. We shall call it a specification for P. We say that (1)
P
is correct with respect to f
lid E A r sa- E X+ ,
IPI (d) = d'
and
if
~(d,d')]
It is frequently convenient to establish this property by means of two separate proofs, a proof that P terminates (on A) namely that
(2)
lid E A [P(d)
and a proof name ly that : (3)
lid E A
that
! P is partially correct with respect to
P(d)!
~
.. f(d,lpl(d»].
A proof of (2) includes a proof that the length of the computation sequence of P for input d is finite for every d in A. This length depends in an essential way on d, and the standard way to do the proof is to use an induction on the size of d. The size is an appropriately chosen mapping : A -+W where W is some well-founded set (typically II). Nothing more can be said at this level of generality. Finding the appropriate size function may be very difficult even for simple programs. See Dershowitz [5] for a survey of existing techniques concerning term rewriting systems where a similar problem occurs. In this paper we shall only consider proof techniques for partial correctness and we shall show the close relation between structure of the proof and the structure of the program
B. Courcelle
92
We shall denote by ip,d the syntactical part of ~P,d the sequence of instructions of P that are executed in ~P.d' Hence ip,d does not encode the values taken by the variables any longer. i.e.
More generally, we can define a syntactical computation sequence of P as a sequence (f of instructions of P, starting with the initial instruction and such that the sequencing of instructions is compatible wi th the definition of P. Such a sequence is complete if it is finite and if its last instruction is a terminal one (corresponding to a success state). (Actually some of these syntactical computation sequences may correspond to no actual computation). Let ~ be the set of complete syntactical computation sequences. Then (3) can be rewritten as follows: (4)
lid EA [II ~ E
r
As for (2) an induction on the size of d can be used and we shall not discuss this possibility any longer. An alternative possibility arises from the rewriting of (4) into
(~)
vi
E
r
[lid E A [iTp,d = iT
.. 'f
(d,lpl o. The above difficulty disappears and it is sensible to require that QI implies Qi+l·
This proof method is an abstract formulation of the inductive assertion method. It consists precisely in defining a relation l ~ A x(S+B) such that (11)
lS n (A x
B)~~
and (12) Condition (12) is achieved by requiring that (13)
~
C
11'
and (14) And (12) now follows from (13) and (14) by a simple induction on i (i.e. we take for QI the condition ~eis lS). If (13) and (14) hold, then lS is called an inductive assertion. It defines a relation between the input and the last state of any computation sequence. In an abstract sense this method can be considered as complete i.e. as able to establish any true partial correctness formula of the form (9) since it suffices to choose for lS the relation ~e*. This result appears in De Bakker and Meertens [3]. But it is not complete if one requires that lS is expressible in first-order lo,ic. A counter-example can be built from Wand [13] • On the other hand ~e* is expressible
97
Proofs for Partial Correctness
in
the
[6,7].
infini tary
language
as noticed by Enjalbert
1w w 1
Since the set of true partial correctness formulas is not recursively enumerable in general (due to the incompleteness of arithmetic), there is no hope to find any concrete completeness result (i.e. relative to a recursively enumerable set of proofs ). (2.3) - Application to flowcharts A flowchart can be considered as an iterative program the set of states of which is of the form S = L x D where L is a finite set (the set of instruction labels) and D is the set of all assignments of values from some domain to the variables of the program. (By variables one does not understand only individual variables ranging over ~, 2 or R but more complex data structures like arrays, lists, trees etc ••• ) • An Example
Rather than a fully formal treatment we consider an example from which the general case can be easily derived. Let
P=
be an iterative program such that
S = { 0,1,2 } x D
°
~ = {(d, (O,d' ))/ (d,d') E lXo } for some means that labels the initial instruction).
lXo
cA x D (this
8 = {(i,d),(j,d'))/i,j E {0,1,2},(d,d') E 8i,j} {«i,d),b)/i E {O,I,2},(d,b) E 8i,exit} for some
8i,JfD x D
and some
81,exit cD x B.
If we furthermore assume that
=
80,0 = 81,1 = 81,2 = 82,0 = 82,exit ~ represented by the following diagram :
then
P
can be
U
98
B. Courcelle
Let now ~ be an inductive assertion i.e. satisfying (11), (13) and (14) • Since ~CA x 0,1,2 } x D) + B)
a
relation
«{
it can be written ~
= {(a,(i,d'))/(a,d') E
for some relations ll'exlt C A x B.
~i,iE{0,1,2}}u
~o,
~l
,
~2
£
A x
{(a,b)/(a,b) E
D and some relation
Hence condition (13) reduces to (15)
lXo ~ lSo
,
condition (14) reduces to the following conditions (16)
lSi
(17)
~IBl,exlt
and condition (18)
Bl,j
~
~J
S
, i,j E {0,1,2}
~exlt
(11) reduces to : ~exlt~'t'.
Actually (17) and (18) can be replaced by (19)
~IBl,exlt
£
't'
i
which eliminates the introduction of
~exit}
E {0,1,2} , ~exit
•
Proofs for Partial Correctness
99
The set of conditions (15), (16) and (17) expresses that ~ forms a system of invariant assertions in the terminology of Katz and Manna [Ill. ( This paper presents several techniques for constructing invariant assertions). For applying this method to a non-recursive program one has to find a set of cut-points i.e. a set of instruction labels such that every loop in the graph of the program goes through at least one cut-point. This allows to divide the program into blocks like ao, at, a2 above such that each bloc contains finitely many execution paths. This finiteness condition allows to express the relations aj'J by first-order quantifier-free logical formulas. See [Ill for more details.
(2.4) - Application to parameter less recursive procedures The iterative program implementing a recursive parameter less procedure (or rather a set of mutually recursive such procedures) (by parameterless we mean that they modify a fixed finite set of global variables) uses a set S of the form R x D where R is an infinite set of words over a finite alphabet. Each element of R is a stack of return addresses • the manipulations we did in the example an infinite family of inductive assertions,(~r)rER' Provided one can handle the infinite set of conditions similar to (16) and (19), one can establish the partial correctness of recursive parameter less procedures. of
Working out (2.3) yields
The formal treatment has been done in De Bakker and Meertens [4l But it is practically very difficult to use for concrete proofs. We shall provide a much more convenient method in the next section that is also be applicable to recursive procedures with parameters. 3 - Recursive computations.
In recursive formally.
real programming languages like ALGOL or PASCAL procedures are very difficult to investigate
B. Courcelle
100
For this reason two types of recursive procedures have been extracted from these lancuages : the applicative ones (which form the core of pure-LISP) investigated in depth in many works (see Guessarian [9J ; this book contains many other references) and the imperative ones, that have been much less investigated (see Gallier [8] and, in a more abstract setting De Bakker and Merteens [4]). These two different classes are investigated with different techniques and none of them encompasses all ALGOL recursive procedures. We shall present a new formalism which encompasses both types and can (probably) encompass all ALGOL procedures which do not take procedures as parameters • It is based on the idea of defining the structure of a recursive computation by means of a tree which represents the relations between the different recursive calls. And partial correctness formulas can be proved by induction on these trees, i.e. in some sense by induction on the structure of computations. (The notion of a call-tree is borrowed from Courcelle and Deransart [3] , the notion of a clausal scheme is original). (3.1) - Definition
Let
~
=
Clausal schemes.
{A1J •.. ,AN}
be
a set of unary relational
symbols; let S {Bl, ••• ,BM} be a set of relational symbols with positive arity (p(B) denotes the arity of B in S). Let variables. We define an (J,S)-clause (also clause in the context of a fixed pair (J,S» the form:
called simply a as a sequence of
where n ) 0, io, ••• ,i n E [N], j E [Ml, p(Bj) = n+l. Anticipating on the semantics we shall denote it as a logical formula and AI A clausal scheme on
(J,S)
is a set
n
(x n) and S
of
Bj (xo, •• .,x n)
(J,S)-clauses.
101
Proofs for Partial Correctness
I = (DI
S is a relational structure An interpretation for • (BI) ) consisting of a non empty set DI and a
BES.
p(B)-ary relation on
DI associated with every
B
in
s.
A pair (S.I) where S and I are as above is called a clausal program. The value of S in I is an N-tuple of unary relations AtI •••• ,ANI on DI that we shall define in two equivalent ways. first by taking a least fixed point and secondly by means of call-trees (that are close to computation sequences).
(3.2) - Least fixed point semantics We say that an N-tuple at •••• ,aN of subsets of D I is a solution of S in I if the relational structure (I,ats···,aN) = (DI,(BI)
,(ail
Ai ES model of S considered as a set of formulas of the form BES
is a (20)
The set P(DI)N is ordered by (at, ••• ,aN)S (a~, ••• ,a~) iff a , c a , for all i E [NJ. LEMMA A clausal scheme interpretation I.
S
has a least solution in every
We denote this least solution by (AII' •••• ANI) and consider it as the value of S in I • This lemma is easy to establish (i t s basically the one of the main theorem of [12]).
proof
Let us only concretely defined as
is
recall that (Atl' •••• ANI) can be U K~(_N) where Ks maps P(DI)N into JQO itself as follows for al •••• ,aN c DI • KS(al ••••• aN) denotes the N-tuple (a~, •••• a;) such that a'i :::
U Kc (a j CESi
, •••
,aN)
where Si is the set of clauses C in S of the form (20) with io=i. and where for such a clause C
is true for some d 1 in al , ••• ,d n in al }. 1
n
102
B. Courcelle
(3.3) - OperatiQnal semantics
Our second characterizatiQn uses the concept of a call-tree, defined as fQIIQws. Let Al E ~ • A call-tree t Qf Al is a finite tree such that for SQme clause C in 51 Qf the fQrm
i) either n = 0 and t ii) Qr n
~
1 and t
is reduced tQ a nQde labeled by C
is of the fQrm C
/\ where tl, ••• ,t n are call-trees Qf Ai
1
, ••• ,Ai respectively. n
By using the nQtatiQn C in case (i) and the notatiQn C(tl, ••• ,t n ) in case (ii) Qne gets a linear notation for call-trees. A call-tree t can be cQnsidered as defining a certain subset tr Qf Dr. Using the recursive definition of call-trees we can define tr as follows: tl
= Bjr
in case (i). This definition is meaningful since in this case C is reduced tQ and p(Bj) = 1. Ai (XQ)+ Bj (xo)
We now define Ail
=u {tl / t
is a call-tree of
AI} •
A routine prQof can establish that this definition coincides with the first one. Remarks (1)
sequences
Call-trees correspond tQ syntactical cQmputation defined for iterative prQgrams. The set tr is the
Proofs for Partial Correctness
103
set of all tuples (inputl, ••• ,inputk' oUtpUtl, ••• ,outputl) which are computed by the tree of calls specified by t (recall that the variables xo, ••• ,x n appearing in the definition of clauses as in (20) represent tuples of values in the appropriate domain; see example 1 below). (2) In the case of iterative programs we have only used an operational semantics (based on the concept of a computation sequence). It is not diffiCUlt to convert equation (9) into a least fixed-point characterization of by using the fact that the transitive closure of a relation is itself a least fixed point.
Ipi
(3.4) - Applicative and imperative recursive programs There are two great types of recursive programs, the applicative (pure-LISP like) ones and the imperative (ALGOL like) ones. The former ones are written with functions, predicates, if-then-else and define new functions by means of function application and recursive calls. The latter ones use the sequencing of instructions as the ground control structure and the effect of a program is a modification of the values of the variables. Both types of recursive programs can be considered as interpreted clausal schemes. Rather than formal constructions that can be found in Courcelle and Deransart [3] we give representative examples. Example 1 : Ackermann's function The well-known Ackermann's function f : ~ x ~ ~~ can be defined by the following recursive applicative program f(x,y) = i f x = 0 then y + 1 else if y= 0 then f(x-1,1) else f(x-l, f(x,y-l» The computation of 1(1,2) = = = = = =
f(I,2)
1(0,f(1,1» 1(1,1) + 1 f(O,f(1,O» 1(1,0) + 2 1(0,1) + 2 2 + 2 = 4
proceeds as follows
+ 1
104
B. Courcelle
We have underlined the occurrence of f which is replaced at the next step. Other computations (yielding the same result) are possible .f(l,2) = = = = = =
f(O,.f(I,I» f(O,f(O,.f(l,O» f(O,f(O,f(O,I» r (O,.f(0,2» .f(O,3) 4
Anticipating on the sequel we can represent the organization of recursive calls by the following tree, which is the same in the two cases : f (l, 2)
D
f(O,I)
D We represent (21) by the clausal scheme A(uo) .. B I (uo) A(uo) .. A(UI) A(uo) .. A(UI)
B2(UO,UI) A(U2) and
The
corresponding interpretation is I with domain DI = ~ X ~ such that AI={(X,y,Z)E~3/z = f(x,y)}.
X ~ We shall define B I 1,B2I' B31
Each variable uO,uI,u2 stands for a triple of variables ranging over ~ ; we let ul represent (xl,YI,zl). We
105
Proofs for Partial Correctness
now define Bl1, B21, xo,Yo,zO,xl, ••• etc
B31
by formulas with free variables
Bl(Xo,Yo,ZO) ~ Xo > 0 and Zo= Yo+1 B2(Xo,Yo,zo,Xl,Yl,Zl) ~ Xo > 0 and Yo= 0 and xl=xo-1 and Yl=l and Zo = zl B3(Xo,YO,ZO,Xl,Yl,Zl,X2,Y2,Z2) ~ xo> 0 and Yo > 0 and xl~xO and Yl=Yo-1 and x2=xo-1 and Y2=Zl and Zo = z2. The two computations of following call-tree t :
f(l,2)
both
correspond
to
the
It is easy to verify that (1,2,4) belongs to tl. Note that t does not represent a unique computation sequence (in the sense of section 1) but rather a set of equivalent computation sequences (the equivalence of computation sequences has been formally defined in Berry and Levy [2]). Example 2 Consider the following sorting algorithm which modifies a sequence u (say of integers) so as to sort it (say by increasing order) : sort (u) begin i f length (u) > 1 then ~ new variable v,w of type sequence of integers .!.P..li!. (u,v,w) sort (v) sort (w) ut-merge (v,w) end This program uses an auxiliary procedure .!.P..li!. (u,v,w) which divides u into two parts (as equal as possible), assigns to v the first part and to w the second part without modifying u
B. Courcelle
106
(so that u = v.w after execution). The base function ~ forms a unique sorted sequence by interleaving the two sorted sequences it takes as arguments. We can trans late this program into the clausal program A(u,u') A(u,u')
• •
B I (u,u') A(v,v') and A(w,w') and B2(U,U' ,v,v' ,w,w')
where BI(U,U') ~ length (u) = 1 and u'=u B2(U,U' ,v,v' ,w,w') .~ length (u) > 1 and U=v.w and length (v) ~ length (w) ~ length (w) - 1 and u' = merge (v' ,w') and u,u' ,v,v' ,w,w'
range over nonempty sequences of integers.
In this program, A(u,u') should be understood as is the result of the sorting of u
u'
The call-tree associated with the sorting of any sequence u of length 5 is B2(B2(B 2(B I,BI),BI),B2(BI,BI»'
(3.5) - Partial correctness of clausal programs Let us recall that the partial correctness of a program w.r.t. ~ can be formulated as follows: For every terminating computation with input x and output y , property ~(x,y) holds. In the case of clausal computations correspond to call-trees. For {AI"" ,AN} specification One says that i in [N], for Thi s in [N] •
schemes,
terminating
(4,~) where ~ = a clausal scheme S over and I is an interpretation, we define a ~ as an N-tuple (~I""'~N) of subsets of Dr. (S,I) is partially correct w.r.t. ~ if for all every call-tree t of Ai' tr f. ~i'
is equivalent to requiring that
Air~ ~i
for all
In concrete cases, the subsets ~I"",~n will be defined by logical formulas similarly as are the Br's for B E ~ (see examples 1 and 2).
107
Proofs for Partial Correctness
How to establish the partial correctness of a clausal
progr~
We now propose a method for establishing the partial correctness of a clausal progr~ (S,I) with respect to some specification If. Defini tion : A spec ificat ion is inductive if Ks (E>l,· •• ,E>N) equivalently if
IX
Fact 1 : then
(I,91,···,E>N)
(S,I)
9
E>
s
for
(E>l,···,E>N)
(S, I)
(E> l' ••• ,E>N)
is a solution of
in
S
is inductive with respect to
is partially correct with respect to
I.
(S,I) 9 •
Proof: Since (AII, ••• ,ANI) is the least solution of S in I , 9i if 9 is inductive. This means that (S,I) is partially correct w.r.t. 9 • 0
AiI~
Fact 2 : for (S,l).
(A11, ••• ,A N1 )
is an inductive specification
These two facts yield the following proposition: (3.6) Proposition A clausal progr~ correct w.r.t. some specification If specification 9 such that 9 9
(1) (2)
i.Q1:
9
Proof
.
't'
is inductive w.r.t. is stronger than If
if one thinks of The
i
It
r"
9
and
(S,I) is partially iff there exists a
(S, I) i.e. 9 't'
part follows from
s
If
as formulas). Fact 1.
The '\onlY" if part follows from Fact 2 that shows that (A1I, ••• ,ANI) can be taken as the requested specification 9. 0 Rema.rk
(1) A clausal progr~ (S,I) may be partially correct w.r.t. some specification If without 't' being inductive.
108
B. Courcelle
(2) In concrete cases the following holds
(m) One works in a model of axioms
~
(a typical example is
M= < ~
M,(fM)fEF> of some set with Peano's axioms ).
(~) The domain DI is Mk for some finite k. (If)
free BI·
lo&:ical
The relations BI'S are defined by quantifierformulas in the language of M ; say ~B defines
(£) So are the components of the specification ~ with first-order logical formulas in the language of M (we denote them by ~l, ••• ,~n) •
In order to establish that (S,I) is partially correct with respect to ~ it suffices to find ~ i.e. an N-tuple of logical formulas 91, ••• ,9N' such that (s )
.t4
r--
9;
..
~;
for all i = 1, ••• N (i.e. such that one can prove in is stronger than ~) and such that : ('II)
.t4
r--
I;IXo, •••
,xn[~B(Xo, ••• ,xn) and
for all clauses C of the form (20) that 9 is inductive) •
9 i (x n) n
~
that 9
and 9;fx 1 )
.. 9 i
o(X
O)
and
]
(i .e. one can prove .in .t4
The proof method consisting in defining ~,k'~B'~i,9i as in (m) - (£) and satisfying (E) and (~) is sound • This is a consequence of the "if" part of corollary. (3) The "only if" part of Proposition (3.6) looks like a completeness result. It is one at the set-theoretical level, where one can deal with arbitrary subsets of some given set. It is not if one must define them in first-order logic since the relations AiIare not usually expressible in first- order logic (but they are in second-order logic or in L w w). A precise counter-example has been given by Wand 1 [13]
and adapted to the present situation by Courcelle and Deransart [3]. To summarize, this proof method is applicable to the following classes of programs:
Proofs for Partial Correctness
109
imperative recursive programs (deterministic or not), applicative recursive programs with call-by-value computations (deterministic or not), deterministic applicative recursive programs with call-by- name computations attribute grammars (as shown in [3]). Appl ications to PROLOQ programs, can be expected since the notion of a program defined as a set of clauses and the relational style of clausal programs are borrowed from PROLOG. But they are not very deep since in PROLOQ the major problem is with termination and not with partial correctness. Acknowledgnews helpful comments.
thank
Z.Manna and
the
referee for many
---0---
REFERENCES [ll
H. ANDREU, I. NEMETI, I. SAIN, A complete logic for reasoning about programs via nonstandard model theory, Theor. Comput. Sci. 17 (1982) pp. 193-212 and pp , 259-278.
[2]
Q.
BERRY, J.J.LEVY, Minimal and optimal computations of recursive programs, J.Assoc.Comp.Mach. 26 (1979) 148-175.
[3]
B. COURCELLE, P. DERANSART, Proofs of partial correctness for attribute grammars and recursive procedures, INRIA research report 322, July 1984.
[4]
J. De BAKKER, L. MEERTENS, On the completeness of the the inductive assertion method, Journ. Comput. Syst. Sci. 11 (1975) pp 323-357.
[5]
N. DERSHOWITZ, Termination, Proc. of the colloquium on rewriting techniques and applications, Dijon 1985, L.N.C.S vol.202, Springer-Verlag.
[6]
P. ENJALBERT, Algebraic semantics and program logics algorithmic logic for program trees. In Logics of Programs and their applications, Salwicki ed : vol. 148, Springer Verlag, 1983.
[7]
P. ENJALBERT, w-rule and continuity, Bialowieza Conference on logic of program, October 1981.
110
B. Courcelle
[8]
J. GALLIER, Non-deterministic flow-chart programs Semantics and with recursive procedures (1981) pp • correctness, Theor.Comput.Sci. 13 193-229 and 239-270.
[9]
I. GUESSARIAN, Algebraic Semantics, L.N.C.S.vol. 99 1981.
[10]
D. KAREL, On folk theorems, Communications of ACM 23 1980) pp. 379-389.
[11]
S. KATZ, Z.MANNA, Logical analysis of programs C.ACM 19(1976) pp 188-206.
[12]
M.VAN EMDEN, R.KCWALSKI , The semantics of predicate logic as a programming language, J.Ass.Comp. Mach. 23 (1976) pp 733-742.
[13]
M. WAND, A new incompleteness result for Hoare's logic J.Ass.Comp.Mach. 25 (1978) pp 168-175.
Logic Colloquium '85 Edited by The Paris Logic Group
111
© Elsevier Science Publishers B.V. (North-Holland), 1987
SYSTEME ET METASYSTEME CHEZ RUSSELL Jean van Heijenoort Brandeis University Principia mathematica fut originellement con9u, en decembre 1902, comme devant etre Ie second volume de Russell 1903, lequel porte l'indication 'Volume I';
il devint bient&t un projet independant.
Les
deux ouvrages, auxquels il faut ajouter Russell 1919, sont cependant les produits (avec l'aide de Whitehead en ce qui concerne PM) d'un effort constant de la part de Russell.
Que tentait-il de faire?
Russell
declare, dans la phrase qui ouvre la preface de PM, que Ie sujet de l'ouvrage est 'Ie traitement mathematique des principes des mathematiques';
et les deux titres, The principles of mathematics et Principia
mathematica, semblent confirmer que telle est bien l'entreprise de Russell.
Nous commen90ns, cependant,
a avoir
certains doutes quand nous
voyons que la plupart des exemples qu'il invoque sont non-mathematiques. On pourrait peut-etre considerer que ces exemples appartiennent
a des
explications qui restent en dehors du systeme et n'ont donc aucune importance theorique.
Mais, dans PM, *1, parmi les 'Idees primitives'
Russell fait figurer les 'propositions elementaires', qu'il caracterise ainsi:
'Par proposition
ne fait pas appel
a des
"~l~mentaire"
nous entendons une proposition qui
variables ou, autrement dit, une proposition qui
ne contient pas de mots tels que "tous", "certains", "Ie", ou les equivalents de tels mots.
Une proposition tel Ie que "ceci est rouge", ou
"ceci" est quelque chose qui nous est donne par la sensation, sera elementaire'.
Les mathematiciens ne semblent guere se preoccuper d'une
proposition telle que 'ceci est rouge'.
lIs partent d'un domaine
arbitraire (ainsi en theorie des groupes, par exemple), avec des operations ou des relations definies dans ce domaine, mais certainement pas de proprietes non-mathematiques telles que 'rouge'; partent d'un univers d'ensembles, bati
a partir
ou bien ils
de l'ensemble vide par
la theorie des ensembles. II y a chez Russell une continuite entre Ie mathematique et Ie nonmathematique.
Son principal argument contre Hilbert est que fonder
axiomatiquement l'arithmetique 'a Ie desavantage de ne pas reussir
a
112
J. van Heijenoort
expliquer comment les nombres s'appliquent lorsque l'on compte' (1959, page 110).
Pourquoi?
Parce que la collection des douze apotres, par
exemple, est completement detachee des etres mathematiques introduits axiomatiquement.
8i des ob j at.s quelconques peuvent etre enumeres, toute
collection de ces objets doit etre consideree comme figurant parmi les ensembles qui servent a la definition des nombres cardinaux.
On n'a pas
une theorie mathematique que l'on applique ensuite au monde des sens;
on
a une imbrication etroite entre Ie mathematique et Ie non-mathematique qui fait que l'on a un systeme universel. Les propositions ont chez Russell, comme on sait, un statut ambigu; elles flottent entre phrases (c'est-a-dire objets linguistiques) et faits (etats de choses).
Optant pour les phrases, nous pouvons peut-etre
exprimer la conception de Russell ainsi: (designes par des demonstratifs:
l'univers consiste en individus
ceci ou cela), auxquels sont attaches
des predicats (a un ou plusieurs arguments) et nous avons un stock initial de phrases vraies, toutes celles qui affirment gue tel ou tel predicat s'applique, ou ne s'applique pas, a tel{s) ou tel{s) individu{s). Ces phrases vraies caracterisent l'univers, elles embrassent tout ce qui peut se dire dans la connaissance humaine et forment Ie terrain sur lequel la logique se tient, et aussi les mathematiques, puisque, selon Russell, celles-ci ne sont que de la logique.
'L'univers consiste en objets ayant
diverses qualites et maintenant entre eux diverses relations' (PM, page
45;
-1
page 43). Et: 'Notre sys t eme commence avec des "propositions 2, atomiques". Nous les acceptons comme quelque chose de donne, car les PM
problemes qui surgissent en ce qui les concerne appartiennent a la partie philosophique de la logique et ne peuvent subir (en tout cas a present) un traitement mathematique' (PM, page xv). La logique se -2 revele etre une structure abstraite erigee sur les phrases qui caracterisent l'univers. Avant Russell, Frege avait deja considere que la logique reposait sur les phrases atomiques qui sont vraies dans un univers fixe et embrassant tout, l'univers des objets et des fonctions.
Dans la preface
a 1879 il envisage une extension de son systeme a l'ensemble des mathematiques, a la geometrie, a la mecanique, a la physique. Russell different sans doute quant a leurs vues sur l'univers.
Frege et Pour
Frege, c'est un cosmos rationnellement reconstruit, dans lequel les proprietes sont 'objectives' (sur ce point voir ~ Heijenoort 1985, pages
91-92);
pour Russell (a certains moments du moins), c'est un monde
Systeme et Metasysteme Chez Russell
113
peuple de maints 'ceci' et 'cela', chacun d'eux etant donne par la sensation.
Mais tous deux sont d'accord pour penser que la logique repose
sur un univers unique et ne devrait pas s'abaisser a considerer, successivement, de soi-disant univers de discours, univers desseches dont on peut changer a volonte.
Cette conception, qui est dans la tradition
de la logica magna medievale, n'est pas expressement adopteee et defenduej mais, tacitement, elle forme Ie terrain sur lequel leur oeuvre repose. Une premiere consequence d'une telle conception, c'est que les quantificateurs liant des variables individuelles vont s'etendre a tous les objets, c'est-a-dire a tous les objets dans l'univers. que Frege ecrit (1879,
C'est ainsi
§ll, ou van Heijenoort 1967, page 24):
les autres conditions a imposer
a ce
'Toutes
qui peut etre mis a la place
d'une lettre gothique [c'est-a-dire une variable universellement liee] doivent etre incorporees dans Ie jugement'.
Pour prendre un exemple
simple, la loi commutative de l'addition des nombres naturels est, selon cette vue, formulee ains;: y + ~),
et non ainsi:
Ce qui est ici 'incorpore dans Ie jugement', c'est l'antecedent '(Nx & Ny)' Sur ce point Russell a exactement la meme position que Frege: devons, par consequent, permettre
a nos
~,
'Nous
chaque fois que la verite de
notre implication formelle n'en est pas alteree, de prendre toutes les valeurs sans exception;
et la ou une restriction quelconque
a la
variabilite s'impose, l'implication ne doit pas etre regardee comme formelle tant que la dite restriction n'a pas ete eliminee, etant transformee en une hypothese initiale' (1903, page 38).
Si nous nous
souvenons que pour Russell une implication formelle est la cloture universelle d'un conditionnel, la restriction transformee par Russell en hypothese initiale est exactment ce qui pour Frege est la condition incorporee dans Ie jugement.
Dans PM (au commencement du Chapitre I)
Russell distingue entre variables restreintes et variables nonrestreintesj limitees
une variable est restreinte 'lorsque ses valeurs sont
a n'etre
que certaines de celles qu'elle peut prendre';
la variable est non-restreinte.
II ajoute ensuite:
sinon,
'Pour les fins de la
logique la variable non-restreinte est plus commode que la variable restreinte et c'est elle que nous emploierons toujours' (PM, page -1
4; -PM 2,
114
J. van Heijenoort
page
4).
II y a, chez Frege, un certain nombre de degres de
stratification et, chez Russell, une echelle infinie de types;
il est
entendu qu'une variable est non-restreinte a une certain niveau, non a travers des niveaux differents.
Comme Russell l'ecrit, 'les limitations
auxquelles la variable non-restreinte est sujette [par la stratification] n'ont pas besoin d'etre indiquees explicitement, car elles sont les limites du sens de l'enonce dans lequel la variable se trouve, donc intrinsequement determinees par cet enonce' (PM
4).
l,
page
elles sont
4; PM
2,
page
Comme Ie systeme est suppose tout embrasser, vrai est ce qui est affirme dans Ie systeme, soit comme axiome, soit comme consequence d'un certain nombre d'axiomes, et une notion de verite qui se maintiendrait hors du systeme serait illusoire.
Russell est ainsi naturellement
conduit a s'abstenir de donner de ses connecteurs primitifs une definition basee sur les tables de verite; 'indefinissables' (1903, page 8).
il les considere
II ecrit: 'Les constantes logiques
elles-memes ne seront definies que par enumeration, car elles sont si fondamentales que toutes les proprietes par lesquelles la classe qu'elles constituent pourrait etre definie presupposent certains termes de cette classe' (1903, pages 8-9).
Et aussi (page 4):
l'implication est tout a fait impossible'. 'Si
E implique 3,
alors si
E est
de E implique la verite de 2; a-dire la faussete de
3
vrai
3
'une definition de
Son argument est Ie suivant:
est vrai, c'est-a-dire la verite
et aussi, si 3 est faux E est faux, c'est-
implique la faussete de
E'.
Et il conclut:
'Ainsi verite et faussete ne nous donnent que de nouvelles implications, non pas une
defi~ition
de l'implication'.
Nous avons ici devant nos yeux
un homme qui s'avance sur un plancher gluant, incapable de lever un pied sans s'y coller de nouveau. Les regles d'inference conduisent Russell a un semblable embarras. Comme, pense-t-il, rien ne peut etre dit en dehors du systeme, les regles d'inference prennent un statut ambigu, et la notion meme de regIe est douteuse. Dans 1919 il enumere, comme etant 'les principes formels de deduction', cinq axiomes pour Ie fragment propositionnel de son systeme (pages 149-150). Et il ajoute: a un double emploi [ •.• ].
'Un principe formel de deduction
II a un emploi en tant que premisse d'une
inference et un emploi en etablissant Ie fait que la premisse implique la conclusion'.
La regIe de detachment est mise par Russell sur Ie meme
plan que les axiomes.
Dans PM elle apparait (pour les formules sans
Systeme et Metasysteme Chez Russell quantificateurs) comme *1.1 et est enoncee ainsi:
115
'Tout ce qui est
implique par une proposition elementaire vraie est vrai'.
Et
a la
fin de
cette phrase Russell ajoute 'Pp', une abreviation empruntee a Peano et signifiant 'Proposition primitive'.
Le meme 'PP' se trouve a la fin de
*1.2-6, qui sont les cinq axiomes pour Ie fragment propositionnel de PM. La situation dans laquelle Russell s'est enfonce est assez bien decrite par lui-meme:
'Le proces de l'inference [c'est-a-dire l'emploi de la
regle de detachement] ne peut etre reduit a des symboles.
La seule
marque qu' il laisse est l' occurrence de "q'" (P~ ,page 9; P~, page 9). C'est bien vrai, la regle de detachment 'ne peut etre reduite a des symboles', c'est-a-dire exprimee dans le systeme, et 'la seule marque qu'elle laisse' dans le systeme est
Dans Ie systeme nous voyons que la regle a ete appliquee, mais nous ne pouvons pas dire qu'elle l'a ete. regrettable;
C'est la, pour Russell, une situation
la regle de detachement 'echappe a un enonce forme1 et
indique un certain defaut du formalisme en general' (1903, page 34).
A ce
point Russell invoque, a juste titre, l'article bien connu de Lewis Carroll (1895), qui montre comment on ne peut se depetrer du systeme si un metasysteme bien distinct n'a pas ete pose. II a deja ete note (par exemple, par Godel (1944, page 126)) que, dans PM, Russell specifie sa syntaxe avec moins de precision que Frege. Bien que Frege, comme nous Ie verrons plus loin, maintienne plus strictement que Russell les principaux elements de ce que nous pouvons appeler ici la conception universaliste de la logique, ceci ne l'empeche pas, cependant, de donner une vue exacte du statut des regles d'inference; ce sont, comme il l'ecrit, des regles 'pour l'emploi de nos signes' et elles 'ne peuvent etre exprimees dans l'ideographie, car elles en forment la base' (Frege 1879, § J.3, ou ~ Heijenoort 1967, page 28). Avec ces quelques mots Ie plancher gluant est lave a grande eau.
Alors
que Russell regarde Ie conditionnel comme 'indefinissable', Frege en donne une definition semantique (metasystematique) en termes de valeurs de verite, definition qui lui permet de justifier la regIe de detachement. II sait faire la part du feu.
J. van Heijenoort
116
Le fait que Frege et Russell regardent leurs systemes comme embrassant tout les empeche d'entreprendre aucune recherche metasystematique.
C'est ainsi que Frege ecarte abruptement Ie probleme
de la non-contradiction:
'Car, comme un axiome doit necessairement etre
vrai, il est impossible que des axiomes se contredisent les uns les autres.
Done il ne faut pas gaspiller en pure perte un seul mot la-
dessus' (1969, page 267).
A propos d'un autre probleme metasystematique,
celui de l'independance mutuelle des axiomes, Russell est quelque peu plus loquace, mais lui aussi refuse de sortir
du systeme:
'et il faut
observer que la methode qui consiste a supposer un axiome faux et
a
deduire les consequences de cette hypothese, methode qui s'est averee admirable dans des cas tels que celui de l'axiome des paralleles, n'est pas ici universellement applicable. principes de deduction;
Car tous les axiomes sont des
et, s'ils sont vrais, les consequences qui
semblent decouler de l'emploi d'un principe oppose ne decoulerait pas vraiment, de sorte que des arguments bases sur l'hypothese qu'un axiome est faux sont ici sujets
a des
erreurs particulieres.
Ainsi, Ie nornbre
de propositions indemontrables peut etre susceptible d'etre reduit davantage et, en ce qui concerne certaines d'entre elles, je ne connais pas de raisons pour les regarder comrne indernontrables sinon Ie fait qu'elles sont restees indemontrees jusqu'a maintenant' (1903, pages 15-16). Et dans PM nous avons une note (1910, page 95;
1925, page 91) disant:
'Les methodes generalernent adrnises pour prouver l'independance ne peuvent pas s'appliquer sans reserve aux choses fondamentales'. L'incapacite de Russell de regarder son systeme de l'exterieur est ici frappante. Ajoutons que Frege, dans sa polemique avec Hilbert sur les fondernents de la geometrie, maintenait que l'independance des axiomes de la geometrie euclidienne ne pouvait etre demontree. Nous voyons Russell s'en remettre a l'experience dans la question de l'independance des axiomes ('nous pouvons seulement dire que certaines propositions sont restees indernontrees jusqu'a maintenant');
il s'en
rernet encore a l'experience lorsque se pose la question de savoir si Ie systeme est adequat.
Dans PM nous lisons:
'la principale raison en
faveur de toute theorie concernant les principes des mathematiques doit toujours etre inductive, c'est-a-dire qu'elle doit resider dans Ie fait que la theorie en question nous perrnet de deduire les rnathernatiques ordinaires' (1910, page v;
1925, page v).
Une demonstration de la
cornpletude de la theorie de la quantification aurait implique qu'il aurait
Systeme el Metasysteme Chez Russell
117
fallu considerer une notion ensembliste de verite en dehors du systeme, alors que les ensembles, si l'on veut bien en parler, doivent etre introduits a une certaine etape dans le developpement du systeme.
La
notion meme de completude n'a pas de sens, et nous voyons que le systeme est adequat en deduisant dans lui autant de theoremes de logique et de mathematiques que nous pouvons.
La seule completude a laquelle nous
puissions aspirer, c'est, pour nous servir d'une expression de Herbrand, une 'completude experimentale'. 11 faut ajouter, sur cette question de completude, que Frege et Russell ne considerent pas la logique du premier ordre comme digne d'une etude independante. Leurs formules sont closes, dans un sens absolu. C'est ainsi qu'ils ne considerent pas la formule
mais la formule
PoUr de telles formules il y a une seule interpretation et la notion fondamentale n'est pas la validite, mais la verite. on ne peut meme guere parler d'interpretation.
Pour Frege et Russell
Cette notion implique
que l'on vient attacher, peut-etre de differentes manieres, le sens au signe.
Pour eux le sens colle toujours au signe.
La conception universaliste de la logique est associee chez Frege a une vue absolutiste de la verite mathematique.
Les axiomes dans les
diverses branches des mathematiques sont vrais dans le sens que leurs negations, etant fausses, ne peuvent pas etre considerees comme premisses de conditionnels.
Frege revient constamMent la-dessus.
'Tout comme les
theoremes, les axiomes sont des verites; mais ce sont des verites qui ne peuvent pas etre prouvees dans notre systeme et qui d'ailleurs n'ont nullement besoin d'une preuve.
Ceci implique qu'il n'y a pas de faux
axiomes et que nous ne pouvons pas non plus reconnaitre comme axiomes des pensees qui pour nous sont douteuses' (1969, page 221).
Et encore, 'un
axiome qui n'est pas vrai est une contradiction' (page 263).
De plus,
toutes les notions qui se presentent dans un axiome doivent avoir ete prealablement definies:
'Dans l'expression d'un axiome il ne peut yavoir
rien d'inconnu' (page 263).
Ce dogme tenace trouve une application
immediate dans le cas special de la geometrie: maitres.
'Nul ne peut servir deux
On ne peut pas servir la verite et servir l'erreur.
Si la
geometrie euclidienne est vraie, alors la geometrie non-euclidienne est
J. van Heiienoort
118
fausse;
et si la geometrie non-euclidenne est vraie, alors la geometrie
euclidienne est fausse' (page 183). L'attitude de Russell dans ces questions est bien differente de celIe de Frege.
En 1901 deja, il ecrivait (1951, page 75):
'Les mathematiques
pures consistent entierement en assertions declarant que, si telle ou telle proposition est vraie d'une entite quelconque, alors telle ou telle autre proposition est vraie de cette entite.
11 est essentiel de ne pas
discuter si la premiere proposition est reellement vraie et de ne pas mentionner ce qu'est l'entite dont elle est supposee etre vraie'.
Et il
concluait par une phrase qui est devenue un aphorisme souvent cite: 'Ainsi les mathematiques peuvent etre definies comme le sujet dans lequel nous ne savons jamais de quoi nous parlons et nous ne savons jamais si ce que nous disons est vrai'. On a dit de Russell que c'etait un philosophe sans philosophie.
11 a
souvent change ses idees, et sa conception universaliste de la logique est moins coherente que celle de Frege.
On pourrait dire aussi qu'il est
moins dogmatique que Frege et n'a pas son ton peremptoire. page 169;
~!
page 161) il declare:
Dans PM (1910,
'en pratique seuls comptent les
types relatifs des variables' (souligne dans l'original).
Cet 'en
pratique' veut dire que la technique logique peut, jusqu'a un certain point, etre dissociee des presupposes ontologiques, et ainsi, sur Ie plan logique, un certain relativisme est introduit.
11 y a dans
~
a savoir le paragraphe *9, qui est carrement metasystematique:
un passage, si c'est
en rempla9ant, dans certains schemas, les lettres par des formules sans quantificateurs que nous obtenons les axiomes du fragment propositionnel, alors sont demontrables les formules obtenues en rempla9ant ces memes lettres par des formules quelconques.
D'un autre cote, nous le voyons se
refuser a une entreprise aussi innocente que le probleme de l'independance des axiomes propositionnels. Avec le renouveau moderne de la logique et les premiers succes, les chercheurs voyaient s'ouvrir devant eux un large champ d'activite; idees nouvelles surgissaient dans des directions differentes.
des
C'est
pourquoi il ne faut pas chercher chez Russell, ou meme chez Frege, trop de coherence.
Mais derriere un certain foisonnement, il y a une tendance
profonde, que ces deux auteurs sui vent sans la mettre en question tant elle semble evidente, qui reste done tacite, mais qui se manifeste a la surface en differents points. ces points.
J'ai essaye d'indiquer un certain nombre de
Cette tendance profonde, c'est la crainte de la circularite.
Systeme et Mltasyst~me Chez Russell
119
La logique est la science premiere, car elle se place avant toutes les
autres, en particulier avant les sciences mathematiques, puisqu'elle pretend donner (au moins potentiellement) une forme a leur langage et a leurs arguments. d'une table rase.
La logique ne peut done rien supposer.
II faut partir
On demarre et l'interlocuteur doit suivre, suivre dans
les deux sens du mot, c'est-a-dire etre entraine et comprendre.
Frege
Ie dit, cet interlocuteur ne doit pas lui refuser une dose de bonne volonte.
II doit voir sans que l'on lui dise.
Frege se sert du mot
allemand 'Wink', qui signifie 'signe ', 'indication', 'clin d'oeil'. metalangage comme clin d'oeil!
Le
Poussee a l'extreme, cette conception est intenable et l'on trouve chez Frege et Russell des introductions, des explications prealables, qui, comme ils Ie disent, ne comptent pas officiellement.
Mais, sous une forme
adoucie, cette crainte de la circularite se retrouve chez un certain nombre de chercheurs. Bien que les ecrits de Skolem ne contiennent pas de considerations philosophiques d'une amplitude comparable a celIe de ce qu'on trouve chez Frege ou Russell, on per90it en filigrane dans ses travaux techniques une conception bien definie de la logique et de ses fondements, conception qU'il formula explicitement en 1955:
'II me semble que les fondements des
mathematiques devraient etre etablis sur une table rase, c'est-a-dire sans que soient supposes des notions ou des theoremes empruntes aux mathematiques classiques, en particulier sans que soit supposee la theorie transfinie des ensembles de Cantor' (1955, page 103;
1970, page 584).
Voila des lignes que Frege ou Russell auraient pu signer. esquisse ensuite trois manieres de proceder.
Skolem
On peut developper les
mathematiques dans la logique du premier ordre, 'con9ue de la maniere syntactique' (donc sans demonstration de completude), mais les modeles non-standard sont alors inevitables.
On peut proceder au developpement de
l'arithmetique primitive recursive, avec exclusivement des variables libres.
On peut enfin tenter d'extraire de chaque enonce mathematique son
contenu constructif.
Ce sont la des solutions fort eloignees de celles
de Frege ou de Russell. est Ie meme:
II n'en reste pas moins que Ie point de depart
la table rase, la crainte de la circularite, l'interdiction
d'invoquer des considerations ensemblistes. Cette meme interdiction se retrouve chez Herbrand.
Tout comme
Skolem, il n'entre pas dans des considerations philosophiques qui puissent se comparer par leur etendue a celles de Frege ou de Russell, mais il a
120
J. van Heijenoort
une vue bien arretee sur les moyens a utiliser dans les recherches logiques.
11 fut sans doute partiellement inspire par Hilbert, qui a
propos des problemes de non-contradiction avait indique des limites a ne pas franchir dans les moyens de demonstration. aU-dela de ces restrictions.
Mais Herbrand alla bien
11 etendit a toutes les investigations
logiques Ie finitisme de Hilbert, se refusant, par exemple, lui aussi a considerer une demonstration de completude ensembliste.
Comme il
admettait la theorie des ensembles classiques en mathematiques, il faut, la encore, voir dans son attitude en metamathematique une crainte de la circularite. En 1929 Godel donna une demonstration de la completude semantique de la logique du premier ordre.
A cette occasion, dans le texte original de
sa dissertation, il fit quelques commentaires sur les moyens employes dans la demonstration et on le voit se debattre contre les vieux reproches de circularite.
Concernant ces moyens, declara-t-il, 'aucune restriction de
quelque sorte que ce fut n'a ete faite'.
Et il nota que 'le principe du
tiers exclu pour les collections infinies avait ete employe de maniere essentielle' (vu l'indecidabilite de la logique du premier ordre).
II
rejetait l'objection que 'ceci rendrait invalide toute la demonstration de completude'.
En conclusion il ecrivait:
'Enfin, il faut encore ne pas
oublier que le probleme traite ici n'est nullement apparu a la suite de la querelle sur les fondements (alors que ce fut sans doute Ie cas pour le probleme de la non-contradiction des mathematiques), mais que, meme si l'on n'avait jamais doute que la mathematique "naive" fUt valable quant a son contenu [inhaltlich], ce probleme pouvait etre pose d'une maniere nullement denuee de sens a l'interieur de cette mathematique (contrairement, par exemple, au probleme de la non-contradiction), car une limitation des moyens de demonstration ne parait pas plus s'imposer ici que pour n'importe quel autre probleme mathematique' (1986, page 64) .
Voila qui met un point final aux craintes de circularite.
La
citation de Godel decrit assez bien la situation qui s'est formee apres la ruine des entreprises de Frege et de Russell.
On se debrouille avec
les moyens du bord, en ayant soin de les rendre explicites.
L'ecueil sur
lequel fit naufrage la conception universaliste de la logique, ce fut en fin de compte sa sterilite.
Car que pouvait-on faire?
Deduire des
theoremes l'un apres l'autre. II y eut longtemps en logique deux courants qui avancerent sans
121
Systeme et Metasysteme Chez Russell
meIer leurs eaux, celui de Frege-Russell (ou logicisme), dont j'ai essaye d'esquisser les traits fondamentaux, et celuide Peirce-SchroderLowenheim (ou algebre de la logique), dont les tenants, sans s'embarrasser de preoccupations ontologiques grandioses, developpaient une conception plus technique de la logique. celIe des mathematiciens.
Leur pratique se rapprochait de
lIs consideraient librement, l'un apres
l'autre, des univers differents et accumulerent bient6t des resultats importants et parfois inattendus. des solutions
a differents
Comme Ie theoreme de Lowenheim, comme
problemes de decision ou de reduction
(problemes ignores par les logicistes). courants se melerent.
Dans les annees vingt les deux
Frege et Russell avaient apporte la notion de
systeme formel, que les algebristes de la logique avaient ignoree.
Mais
bien des problemes examines furent ceux que ces derniers avaient poursuivis.
Les problemes de la decision retinrent l'attention
(Schonfinkel, Bernays, Ackermann).
La notion d'interpretation (done de
validite) fut precisee, et l'aboutissement fut Ie theoreme de completude pour la logique du premier ordre (Godel).
On pourrait discuter quelle
est la veritable portee philosophique de ce theoreme, mais ce que l'on ne peut nier, c'est qu'il eut des applications importantes qui ouvraient des voies nouvelles.
Done
a la
sterilite de la conception universaliste de
la logique on peut opposer la fecondite d'un courant etranger conception. II peut sembler ridicule de parler de sterilite
a propos
a cette de Frege,
qui nous a donne les regles logiques que nous employons encore aujourd'hui, et de Russell, dont les Principia influencerent toute une generation.
Mais en l'absence de recherches metasystematiques la force de
ces decouvertes s'epuisa bient6t.
On se trouvait dans une impasse, et
pour sortir de cette impasse il fallut renouer avec une autre tradition, celIe de l'algebre de la logique.
122
J. van Heijenoort
References
Carroll, Lewis 1895
What the tortoise said to Achilles, Mind, new series, ~, 278280.
Frege, Gottlob 1879
Begriffsschrift, eine der arithmetischen nachgebildet Formelsprache des reinen Denkens; Halle; traduction anglaise de Stefan Bauer-Mengelberg dans
1969
Nachgelassene Schriften;
~
Heijenoort 1967, 1-82.
Hambourg.
Godel, Kurt 1944
Russell's mathematical logic, dans Schilpp 1944, 123-153.
1986
Collected works, vol. 1;
Oxford et New York.
Russell, Bertrand 1903
The principles of mathematics;
1919
Introduction to mathematical philosophy;
New York.
1951
Mysticism and logic, and other essays;
1959
My philosophical development;
Londres. lOth printing;
Londres.
Londres.
Voir Whitehead, Alfred North, et Bertrand Russell. Schilpp, Paul Arthur (ed.) 1944
The philosophy of Bertrand Russell;
New York.
Skolem, Thoralf 1955
A critical remark on foundational research, Det Kongelige Norske Videnskabers Selskabs Forhandlinger 18, no. 20, 100-105; reimprime dans Skolem 1970, 581-586.
1970
Selected works in logic;
Oslo, Bergen, Tromso.
van Heijenoort, Jean 1967
(ed.) From Frege to Godel, ~ ~ book in mathematical logic, 1879-1931;
1985
Cambridge, Massachusetts, et Londres.
Selected essays;
Naples.
Whitehead, Alfred North, et Bertrand Russell 1910
Principia mathematica, vol. 1;
Cambridge, Angleterre (cite
aussi comme PM 1925
1). 2nd edition of 1910 (cite aussi comme PM
2).
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
123
Concepts Mathematiques et Informatiques Forrnalises dans Ie Calcul des Constructions Thierry Coquand Gerard Huet Inria Rocquencourt France Nous presentons un essai de mecanisation de concepts mathernatiques et informatiques dans Ie Caleul des Constructions. Tous les exemples presentee ont ete verifies par machine.
1
Introduction
Le Caleul des Constructions est un langage logique dont le calcul de types implements la deduction naturelle en caleul des predicats d'ordre superieur. Cette theorie s'appuie SUr les travaux de De Bruijn [8,10,11], Girard [25,26] et Martin-Lof [45,49]. Le langage en a He presente et motive dans Coquand-Huet [17], et sa coherence a ete prouvee dans la these de Coquand [16]. Une version simplifiee, munie d'une sernantique detaillee, est presentee dans Coquand-Huet [19]. Une implementation prototype a He developpee a l'INRIA afin dexpetimenter avec le pouvoir expressif du systeme. De nombreux exemples ont ete verifies mecaniquement sur cette implementation [18,52]. Nous rappelons les regles du calcul dans une premiere section. Nous expliquons en detail les conventions d'ecriture permises par Ie systeme. Le reste du papier est une session annotee d'un certain nombre d'exemples caracteristiques. Cette session presente l'ensemble des axiomes, definitions et theoremes necessaires a la comprehension des notions introduites, dans' la tradition des Principia [76J.
2
Le Calcul des Constructions.
2.1
Constructions: contextes, propositions et preuves.
Les Constructions sont des expressions bien typees d'un lambda-calcul type dont les types sont des expresssions de merne nature. Le lang age de base s'appuie Sur Ie formalisme A de Nederpelt [53,54,21]. Nous avons quatre regles de formation:
*
Univers
[x:M]N
Abstraction
(M N)
Application
x
Variable
Dans la regie de formation pour I'abstraction, nous preferons la notation Automath a la notation plus traditionnelle >'XM • N pOur deux raisons. Premierement,
[x : M]N
124
T Coquand and G. Huet
le type M associe a. la variable liee x peut etre tres complique, et la notation indicee deviendrait trop embrouillee, avec des indices de niveau arbitraire. Dsuxiemement, cette operation d'abstraction sert a. representer des produits 'Ix EM· N aussi bien que des fonctions AX EM· N. Le nom x est bien sur completement arbitraire, et n'est utilise qu'au niveau de l'interface d'entree sortie. Dans la syntaxe abstraite, I'operateur d'abstraction est binaire, avec deux composantes M et N. Les occurrences de la variable x apparaissant dans la syntaxe concrete du terme N sont remplacees par des indices de de Bruijn, qui refletent la profondeur de la variable dans l'emboitement des abstractions [9J. Ainsi la formule
[x: A]([y : BJ(x y) x) est une representation concrete de la structure abstraite
[A]([BJ(2 1) 1). Comme il est d'usage en logique combinatoire, on ecrit (M N) pour l'application du terme N au terme M. On emploie aussi a. l'occasion la representation (N)M, dans Ie style Automath. Notre algebre de termes est completee par une constants *, qui joue Ie role de la sorte de tous les types (sans etre elle-meme un type). On peut voir egalement * comme Ill. sorte de toutes les propositions, suivant la correspondance de Curry-Howard entre propositions et types. Dans les langages Automath, * est note To Nous appelerons construction un terme bien construit, relativement a. un algorithme de verification de types que nous allons presenter. Cette verification restreint les termes legaux suivant trois criteres. Premierement, les termes doivent etre legaux du point de vue du scope des variables. Deuxiemernent, les applications (M N) ne sont legales que si le terme M a un type fonctionnel coherent avec Ie type du terme N. Troisiemement, nous limitons notre calcul a. trois couches de termes: les contextes, les propositions et les preuves. Les contextes sont simplement les termes construits par une suite d'abstractions a. partir de *:
Intuitivement, les contextes sont des declarations: on introduit les variables Xl, ... ,x" avec leurs types. Les propositions sont les constructions dont le type est un contexte. Intuitivement, les propositions sont des formules logiques contenant eventuellement des variables libres. Par exemple, une proposition ayant pour type Ie contexte ci-dessus peut contenir des occurrences lib res des variables Xl, ... , x". Une variable de proposition de ce type peut done etre consideree comme designant une proposition n-aire, On appelle enonce une proposition fermee, c'est a. dire de type *. Finalement, les preuves sont les constructions dont Ie type est une proposition. Intuitivement, une telle construction est une preuve de la proposition qui est son type. Une preuve fonctionnelle est une preuve dependant dhypotheses, vues comme ses parametres. La proposition correspondante aura comme type ce contexte d'hypotheses. Cette vision fonctionnelle des preuves est conforme aux systernes d'inference de logique naturelle [61]. L'interpretation inforrnatique des constructions suivant leurs trois niveaux est de considerer les contextes comme des declarations, les propositions comme des specifications, et les preuves comme des algorithmes realisant la specification qui est leur type. On peut d'ailleurs voir cette interpretation comme definissant une semantique de la partie logique de notre formalisme, une proposition etant interpretee par l'ensemble de ses justifications, c'est a. dire des algorithmes de ce type. Cette vision constructive de Ill. sernantique est conforme a. la logique intuitioniste [39J. Toutefois, I'identification d'une preuve avec une A-expression permet d'eviter les codages par arithmetisation.
Ca/cu/ des Constructions
2.2
125
Typage
Nous n'avons pas 180 place ici de donner 180 theorie syntaxique complete de notre calcul. Nous renvoyons Ie lecteur interesse a 180 these de Coquand [16]. Nous supposons connue I'operation de substitution M[x/ N] qui remplace les occurrences libres de 180 variable x dans Ie terme M par Ie terme N. Nous avons une regie de caleul unique, correspondant a 180 notion de ,a-reduction en A-caleul. Cette regie remplace un sous-terme de 180 forme ([x: AIM N) par Ie terme M[x/N]. On peut montrer que cette regie definit une relation de calcul confluente et noetherienne sur les termes types. Tout terme bien construit M possede done une forme irreductible unique, atteignable par une sequence arbitraire de caleuls, que l'on appelle forme canonique de M, et que l'on designe par )I(M). Nous allons decrire l'algorithme de typage des constructions par un systeme dinference, dont les regles manipulent des sequents r f- If}, ou r est un contexte servant a declarer les variables lib res apparaissant dans l'expression E. II est pratique de definir quelques notations permettant de manipuler les contextes comme des suites. Si r est un contexte et M un terme queleonque, on definit la concatenation I': M de r et M recursivement. Si r = *, alors I'; M = M. Si r = [x : A]A, alors I'; M = [x : A] (Aj M). Lorsque r et A sont des contextes, on ecrit r ~ A si et seulement s'il existe un contexte e tel que A = I'; e. On dit que r est un prefixe de A. Finalement, si r est un contexte et M un terme quelconque, on ecrit I'[z : M] pour I'; [x : M]*. Cette notation permet d'ecrire tout contexte non vide comme une suite [Xl: Ml] ... [xn : M n ] et de reserver * pour Ie contexte vide. Nous allons maintenant decrire precisernent I'algorithme de typage. Les sequents sont de trois formes: Contexte indique que
r
est un contexte bien construit.
rf-p:A indique que Pest une proposition bien construite dans Ie contexte construction entraine que I'; A est un contexte bien construit.
rs- u .»
Proposition
r
et de type A. Une telle
Preuve
indique que Ie terme M est une preuve de la proposition P dans Ie contexte r. Une telle construction entraine que P est bien construite dans Ie contexte bien construit r. Dans ce qui suit, les meta-variables r ,A et e designent des contextes, P et Q des propositions, M et N des termes non-contextes queleonques, T et U des contextes ou propositions queleonques, X et Y des termes queleonques. Donnons tout d'abord les regles de construction de contextes:
f-*
Contextel
r; A f- * I'[e : A] f- *
Contexte2
r; A f- P: *
r[x: A; )I(P)] f- *
Contexte3
Un contexte ne peut done declarer que des predicate et des hypotheses en forme canonique. Pour les termes non contextes, on donne des regles de typage, correspondant aux regles de formation de termes: Variable r f- x ; Tz
T. Coquand and G. Huet
126
r[x : XlI- M : Y I- [x : XIM : [x : XJY
Abstraction
I- M : [x: P1X r I- N : P I- (M N): N(X[x/N])
Applicationi
r r
r
r I- M: [x: ~]X r I- P: e r
I- (M P): N(X[x/PJ)
(~$
e)
Application2
Le systems presente ci-dessus met systematiquement en forme canonique les expressions de type. Ceci n'est pas strictement necessaire, mais simplifie la presentation. quelques explications sont necessaires. Tout d'abord, Ia regie Application2 permet une coercion entre Ie contexte 8 et son prefixe A. Cette regie d'inclusion de types permet de diminuer a. volonte la fonctionnalite d'une proposition en quantifiant universellement les hypotheses superflues. Donnons tout de suite un exemple. On se place dans Ie contexte vide. L'algorithme d'identite polymorphe est construit par la preuve Id = [A: *][x : A]x,
de type la proposition Un = [A: *][x : A]A.
La proposition Un peut se lire comme Ie schema d'implication A ---> A, lorsque A est une proposition quelconque. Mais elle peut aussi se lire comme l'enonce VA . A ---> A decrivant le cardinal I. II est done legal de construire l'application (Id Un), qui est l'algorithme d'identite specialise 11 la structure 1. On peut remarquer egalement que les types sont toujours dans une forme ou leur fonctionnalite est explicite. Dans Ie jargon du A-calcul, on parle de forme 17-saturee. Par exemple, le contexte [x : [A : *]][y : xl n'est pas bien construit, car la fonctionnalite de y n'est pas apparente. Par contre, [x : [A: *]][y : [A : *j(x A)] est bien construit. On remarque que la regie de calcul preserve Ie type des constructions. Plus exactement, si r I- M : T et si M se reduit en N alors r I- N : T', avec T = T' lorsque Met N sont des preuves, et T $ T' lorsque M et N sont des propositions. Si M est un terme bien construit dans Ie contexte I', on a r I- M : T avec T unique, en forme canonique. On designe T par rr(M), ou r(M) losque le contexte r est clair. Le Calcul des Constructions presente ici est plus restreint que celui originellement propose dans Coquand-Huet [17]. La restriction 11 trois niveaux est conforme avec la theorie presentee dans la these de Coquand [16] et dans Coquand-Huet [181. En particulier, tout terme bien construit est fortement normalisable (toutes les sequences de calcul issues du terme terminent), ce qui justifie l'utilisation de formes canoniques pour les expressions de type. En tant que systeme logique Ie calcul est coherent, dans la mesure ou la proposition absurde V = [A : *] A n'a pas de preuve.
2.3
Abrevlations
Nous utilisons plusieurs abreviations dans notre syntaxe concrete. Tout d'abord, on peut abreger [A : *] X en VA·X. Par exemple, on ecrit V comme VA·A. Cette abreviation s'itere, par exemple VA,B,C ·X. On peut interpreter le symbole "v" comme quantifiant sur toutes les propositions. (Et non seulement sur tous les enonces, a cause de la regie d'inclusion des types expliquee ci-dessus: une variable de type * peut etre liee a une proposition ayant pour type un contexte arbitraire, considers comme prefixe de quantification). La deuxierne abreviation consiste 11 autoriser l'expression A ---> B a la place de [x : A] B, lorsque x n'apparait pas libre dans B. Le terme A ---> B, vu comme un type, est Ie type des
Calcul des Constructions
127
fonctions de domaine A et de codomaine B. Un type dependent [x : AJ (P x) est Ie type d'objets fonctionnels generalises associant a la valeur X de leur domaine A une valeur de type (P X). De tels constructeurs de type existent par exemple dans la theorie intuitioniste des types de Martin-Lof [49]. Des constructeurs de type analogues existent deja dans les langages de programmation usuels. Pensez a une procedure Algol admettant un pararnetre en tier n et un parametre de tableau de dimension n. Si I'on pense a A ---+ B comme une proposition plutot que comme un type, on peut interpreter Ia Heche ---+ comme I'implication intuitioniste. Nos deux abreviations peuvent etre vues comme particularisant, au niveau des propositions, les deux constructions de type du calcul de second ordre de Girard [25,26]. Quelques autres abreviations sont autorisees. Par exemple, la syntaxe du let de ISWIM [42] et ML [28J est autorisee, sous la forme de [x = XJ Y. Ceci permet de simplifier des constructions complexes avec de multiples occurrences d'une sous-expression X en ecrivent [x = X] Y" au lieu de la forme developpee Yx. Ceci presente deux avantages sur l'ecriture sous forme de "redex" ([x: A]Y" X); tout d'abord, les expressions sont plus lisibles. Ensuite, il n'est pas besoin de specifier Ie type A, qui est remplace implicitement par Ie type de X. Les conventions usuelles de la logique combinatoire sont acceptees, et on peut ecrire (A B 0) au lieu de ((A B) 0). De meme, ---+ associe a droite. Ainsi, A ---+ B ---+ 0 est une abreviation pour [It: A][v : B]O. Nous avons decide d'implementer la version prototype du calcul des constructions dans Ie lang age ML [28]. ML est utilise egalement en tant que meta-Iangage du systeme, ce qui permet a l'utilisateur de macro-generer des constructions pararnetriques compliquees. Dans l'implementation, la syntaxe concrete des constructions est definie par une grammaire Yacc, dont les actions semantiques engendrent des valeurs ML sous la forme d'arbres de syntaxe abstraite. Les expressions entre guillemets "..." sont ainsi analysees par Yacc. Un programme d'impression permet de restituer a l'utilisateur une forme concrete des constructions qu'il a fabriquees. L'utilisateur peut manipuler une construction en cours de developpement, en faisant naviguer I'interprete de ML a l'interieur d'un contexte de constructions. Le paragraphe suivant presente les commandes dont il dispose.
2.4
Le systeme de theories
Nous avons enrichi Ie Iangage de base des constructions en autorisant des constantes, designees par des identificateurs. Tout terme bien construit peut etre nomme, et plus tard invoque par ce nom. Ceci est coherent avec la notation [x = XJ qui peut maintenant etre vue comme la forme interne de declaration d'une constante. On peut done voir le contexte courant comme une suite de declarations d'hypotheses, et une suite de declarations de canstantes correspondant a des constructions deja verifiees. On peut ajouter des hypotheses et des constantes, en naviguant vers I'interieur de la construction en cours. On peut aussi decharger des hypotheses et des constantes en naviguant vers I'exterieur. On peut distinguer les commandes de ce systems rudimentaire de theories en deux categories; les commandes eIementaires fabriquent une construction etape par etapej les commandes de haut niveau utilisent I'analyseur syntaxique pour compiler des suites de commandes elementaires. Les commandes elementaires construisent progressivement un terme courant. Ces commandes se comprennent par leur effet sur une petite machine, possedant un registre C (la construction courante), et une pile contenant I'environnement E, constitue du contexte courant d'hypotheses et de constantes. On empile egelement dans E les arguments deja construits, en attendant qu'ils soient appliques. L'environnement generalise E est done constitue de declarations d'hypotheses [x : MI, de declarations de constantes [x = XJ, et
128
T. Coquand and G. Huet
d'arguments en attente (M). • Cornmandes e1ementaires Raz: G
A, dans un environnement qui contient la definition de /\ .
Var Aj . .. [A = . --]- .. VA fVar B; VA,B fRef B; VA,B fEmpile; VA,B(B) fRef Aj VA,B{B) IEmpilej VA,B{B,A) fRef A; VA, B(B, A) fAppl; VA, B{B) fApplj VA, B fVar h; VA,B [h: A/\ B] fRef Aj VA,B[h:AAB]fVar Xj VA,B[h:AAB][x:A]fRef s, VA,B [h: AA B][x: A] fVar Yj VA,B [h: AA B][x: A][y: Bj fRef Xj VA, B [h : A A B][x : A][y : B] fDecharqe; VA, B [h : A A B][x : A] fDecharqe; VA,B[h:AAB] fEmpilej VA,B [h: AA B]([x: A][y: Bj x) fRef A; VA, B [h : A A B]([x : A][y : BJ x) fEmpile; VA,B [h: AA B]([x: A][y: B] x, A) fRef h; VA,B [h: AA B]([x: A][y: BJ x,A) fApplj VA, B [h : A A B]{[x : A][y : B] x) IVA,B [h: AA B] fApplj ... fProuoe "A"j ... [A = ... j ... fAbs Aj
*
*
B
*
A
*
A
(A)A (B, A)A
*
A
*
B
*
x [y: B] x [x:A][y:B]x
*
A
*
h (A)h {[x: A][y: Bj x,A)h VA, B [h : A A B] (h A [x: A][y : B] x)
On peut maintenant conclure la session ci-dessus en enregistrant Ie lemme preuve, au
J30
T. Coquand and G. Hue!
moyen de la cornmande:
Lemme
Jrl
"VA,B· A/\ B -> A".
La preuve de haut niveau correspondante peut se resumer a la construction de I'algorithme de premiere projection:
Const
Jrl
"[A: *][B : *j[h : A /\ B] (h A [x: A][y: BJ x)";
et a la verification:
Prouue "VA, B· A /\ B -> A"
Remarques. La commande Prouve verifie effectivement la validite d'une proposition, au sens intuitioniste de posseder une methode de preuve, en tant qu'algorithme calculant sur des justifications. Nous avons reduit le mecanisme de verification a un simple calcul de types dans le langage A, c'est a dire a la simple deduction naturelle. Nous n'avons pas besoin de postuler des connectives logiques, des axiomes 'ou regles d'inference concernant l'usage de ces connectives. Notre systeme est done fondamentalement different de ceux qui postulent au depart des regles particulieres, comme le PP Ade LCF [29]ou la theorie des types intuitioniste de Martin-Lof [49]. Le Calcul des Constructions est plus directement apparente au langage Automath [8J, et ala theorie des types de Maetin-Lof de 1971 [45J. Le prix que nous avons a payer pour cette sirnplicite est qu'il nous faut developper un materiel preliminaire important avant d'avoir construit suffisamment de logique pour pouvoir faire des preuves de haut niveau. Les premiers exemples que nous presentons concernent ces preliminaires logiques. IIs ont une cornplexite intrinseque, due a leur nature fondamentale. La situation est analogue II la comprehension d'un langage inforrnatique, a partir de son implementation en langage machine. II est preferable d'admettre en premier lieu l'existence d'un micro-code et de comprendre les concepts de plus haut niveau en termes de ce microcode, I'implementation du micro-code en langage machine etant laissee au specialiste. Les exemples ci-dessous vont etre presentee dans un symbolisme qui fait un compromis entre les commandes de haut niveau et les commandes de bas niveau, en autorisant I'utilisation de formules complexes, mais en rendant compte explicitement de la structure de I'environnement par l'utilisation de tabulations. La commande Decl nom [ormule se symbolise par nom: [ormule, avec introduction d'une tabulation. De meme Const nom [ormule se symbolise par nom := f orrnule. Les eommandes d'abstraction Decharge, et Abs se.syrnbolisent par le retour a la tabulation anterieure. La commande Prouve for mule se symbolise par I- [ormule, et la commande Nomme nom par =: nom. La commande Boit formule se symbolise simplement par l'ecriture de for mule.
2.6
Polymorphisme implicite et synthese de types
Considerons la constante Jr1 ci-dessus. Une construction typique utilisant Jr1, dans Ie contexte d'une paire [p; nat /\ nat], est (Jr1 nat nat p). Cette ecriture est maladroite, car redondante: lier p a h devrait automatiquement lier l'argument de polymorphisme A a nat (resp. B II nat). On aimerait done pouvoir ecrire simplement Jrl(P), comme dans I'ecriture usuelle. II est clair que les arguments A et B peuvent etre aisement synthetises comme etant des composantes du type de p, que Ie systerne doit calculer de toute facon lors de la verification des types. Cette notion de polymorphisme implicite existe deja dans le langage ML [28]. Le cadre general dans lequel cette synthese est possible est le suivant. Soit X un terme arbitraire en forme canonique. On peut l'ecrire sous la forme:
Calcul des Constructions
131
au
x est une variable, et les Ti et X; sont de la merne forme. Soit V un ensemble de variables. On appelle occurrence rigide de X relativement a v l'ensemble des positions dans X suivantes. D'abord, les occurrences rigides dans Ti relativement a v U {UI,...,Ui-l}, pour i = 1, ... , n. Ensuite, si p = 0, l'occurrence de x, et sinon, lorsque z appartient It W = V U {Ul' ..., un}, les occurrences rigides dans X; relativement It W, pour j = 1, ... ,p. Soit z une variable quelconque. On dit que X determine z ssi z apparait dans X a une occurrence rigide relativement It 0. La notion d'occurrence rigide provient d'algorithmes de resolution d'equations en A-calcul [32,35J. Intuitivement, les occurrences rigides relativement a V sont invariantes par substitution a des variables non dans V. Nous allons maintenant decrire une generalisation de la commande Canst en autorisant d'ecrire schema .- formule, ou schema est une suite de chaines de caracteres et de declarations [x : X]. Ceci permet d'introduire une constante avec sa representation concrete sous forme "mixfixe". Les variables du schema, qui doivent etre toutes distinctes, sont automatiquement declarees avant la construction de [ormule (de la gauche vers la droite), puis dechargees, Ainsi, la conjonction peut etre declaree comme operateur infixe par: [A:
*] /\ [B: *]
:= 'VC· (A
--t
B
--t
C)
--t
C.
La commande Canst generalises permet d'une certaine maniere de declarer comme constructions des operateurs de ler ordre, munis d'une arite. On en profite pour munir l'operateur d'une syntaxe concrete, mais cette commodite d'ecriture n'est qu'un aspect superficiel du concept. Ce qui est plus important est que cette commande specifie les arguments explicites associes It la constante, correspondant aux variables du schema. Par exemple, dans la definition de /\ ci-dessus, les variables A et B sont explicites, et la conjonction est done un operateur binaire muni d'une syntaxe infixe. Les arguments supplernentaires sont optionnels. De merne avec la construction : A: *j B: *j
1I"1([h: A /\ BD := (h A [x: A][y : B] x)
a un argument explicite h. Nous voulons maintenant abstraire 11"1 en A et 11"1 comme une constante polymorphe dans Ie contexte vide. Dans ce cas on va pouvoir Ie faire sans rajouter explicitement des arguments de polymorphisme 11.11"1,' car 11"1 determine A et B par son argument explicite h. Plus generalement, on pourra abstraire une variable u comme argument implicite d'une constante C([Xl : T1l,..., [xn : TnD := X ssi u est determinee par un T i • Expliquons maintenant la situation generale, On suppose que l'on vient de declarer la constante C ci-dessus, dans un contexte se terminant par la declaration de variable u. L'environnement courant est done de la forme: lei, la constante
11"1
B, pour pouvoir utiliser
et on veut maintenant decharger u sans oublier C, grace ala commande Gen que nous allons maintenant decrire, Tout d'abord, l'environnement devient :
... [C = [u : U][Xl : T1l,..., [xn : Tn] Xl f- * et maintenant il y a deux cas pour l'invocation de C. Si u est determinee par l'un des Ti, alors on invoque C sans modification, l'instanciation de u etant fournie automatiquement par Ie verificateur de types, qui va verifier la concordance de U au type trouve a l'occurrence rigide correspondante du type de l'argument i, Sinon, u devient un nouvel argument qui doit etre explicitement applique a C.
T. Coquand and G. Huet
132
Dans les exemples qui suivent, les variables Bout toujours dechargeee par la cornmande Gen, qui est simplement symbolisee par un retour de tabulation, avec indication entre crochets (IL) de la variable supplementaire introduite dans le deuxieme cas ci-dessus. Remarquons que si 0 est declaree avec deux variables explicites z et y, par exemple O([x : T], [y : U]) := "', on peut obtenir la construction de 0 applique a un seul argument X par [y : U] O(X, y), ce qui montre que notre facilite d'ecriture ne restreint pas la generalite du formalisms.
Remarque. Plus generalement, on pourrait autoriser des schemes mixtes melangeant des mots-cles, des declarations [lLi : T i ] d'arguments explicites, et des declarations {lLi : Ti } d'arguments implicites. De tels schemas sont legaux ssi pour tout i implicite il existe un argument j > i tel que T j determine lLi. II n'est pas necessaire que j soit un argument explicite, car la synthese des arguments implicites peut s'iterer (de la droite vers la gauche). II est bien sur fondamental pour I'implementation de l'algorithme de synthese que tous les arguments declares comme explicites dans Ie schema soient presents lors de tout appel du combinateur ainsi defini. On peut bien sur aussi imaginer de realiser la synthese de preuves de constructions par recherche systematique des combinaisons possibles de combinateurs donnes, De telles tactiques sont facilement programmables dans Ie meta-langage des constructions, et seront une aide puissante au mathematicien, qui n'aura plus a se soucier que de la strategie generale de la preuve, c'est a dire de l'ordonnancement des lemmes, sans se soucier de la combinatoire liee a la preuve de chaque lemme.
3
Constructions Logiques
Nous allons construire progressivement les principaux concepts logiques, d'abord intuitionistes, puis classiques. Notre presentation suit [61,16].
3.1
Logique positive
Rappelons tout d'abord que le langage possede implicitement les concepts d'implication (intuitioniste) et de quantification universelle. En particulier, A -+ B n'est qu'une abreviation pour [h : A]B. La proposition VA· A -+ A, c'est 11 dire la reflexivite de l'algorithme d'identite polymorphe : A:
-+,
se prouve simplement par
*
Id := [x: A] x I- A -+ A (A). De merne, la transitivite de
A:
-->
se prouve par l'algorithme de composition:
*
B: * 0: *
If : A -+ B] ; [g : B -+ 0] := [x: A] (g U x)) I- (A --> B) --> (B -+ 0) -+ (A --> 0).
Notre facilite de polymorphisme implicite permet exactement les notations categoriques : I'identite IdA pour l'objet A est obtenue comme (fd A) (qui peut aussi s'ecrire (A)Id), mais
Calcul des Constructions
133
la composition des fleches f : A -- B et g : B -- C est notee simplement fig, son domaine A et son co-domaine C etant implicites a partir de ceux de f et g. Remarquons qu'il est possible d'interpreter les propositions comme des regles d'inference, la relation de deduction f- ayant les proprietes de l'implication intuitioniste. Par exemple, on peut lire la definition de la composition comme une regle de coupure: A--B B--C A--C A titre d'exemple, donnons les combinateurs usuels [20] : A: * B: *
K := [x: A] [y : B] x f- A -- B -- A (A, B)
A: * B: *
C: * S := [f: A -- B -- C][g : A -- B][x : A] (J x (g x)) f- (A ~ B -- C) -- (A -- B) -- (A -- C) (A,B,C).
Ces combinateurs, combines par application, forment les preuves du calcul propositionnel minimal, ou logique implicationnelle positive. On remarque en effet que les types de K et S correspondent aux axiomes de Hilbert. Nous definissons Ie produit, c'est a dire la conjonction, comme nous I'avons detaille plus haut: [A: *! A [B : *J := VC· (A -- B -- C) -- C. On introduit une conjonction par I'algorithme de paire : A: * B: '"
< [x: A], [y : B] > := VC· [h : A f-A--B __ AAB.
->
B
->
CJ (h x y)
Notez que la preuve a ete faite dans Ie contexte [A : *][B : *J. L'algorithme de paire a eM rendu polymorphe en dechargeant A et B. Les preuves d'elimination de "A" a gauche et a droite correspondent respectivement aux algorithmes 11"1 et 11"2 de Jere et 2eme projection. On donne a titre d'exemple I'algorithme de Curryfication : A: * B: *
C: * Curry [h:AAB--C] := [x:A][y:BJ(h <x,y».
Remarquez la synthese des arguments de polymorphisme dans I'application < x, y > ci-dessus. Nous laissons au lecteur la preuve de l'implication inverse. L'isomorphisme ainsi defini prouve Ie theorems de deduction. L'equivalence intuitioniste s'ecrit done: [A: *] ..... [B : *J := (A -> B) A (B -> A).
134
T. Coquand and G. Huet
On construit de meme la somme, ou disjonction intuitioniste:
[A : *] U [B : *1 := VC· (A
-+
C)
-+
(B
-+
C)
-+
C.
Cette definition suit ici encore la sernantique operatoire : une preuve de A U B permet de prouver toute proposition C, 11 partir de methodes hi et h 2 permettant de prouver C 11 partir de respectivement A et B. L'elimination d'une somme est l'algorithme de construction par cas: A: *;
B: *j C: *j Si [c: Au B] a/ors [x: A
-+
C] sinon [y: B
-+
C] .- (c C x y).
Les algorithmes d'injection prouvent I'introduction gauche et droite de la somme. Nous laissons leur construction au lecteur.
3.2
Quantificateurs
La quantification universelle, ou produit generalise, est implicite dans Ie langage, puisqu'on peut definir : A:
*
II([P: A -+ *]) := [x: A] (P x).
L'elimination de II, c'est a dire I'instanciation, est ici simplement l'application. Son introduction est simplement I'abstraction. La quantification existentielle, ou somme generalisee, se construit comme suit. Dans Ie contexte [A : *][P : A -+ *], la proposition 3x· (P x) permet de prouver tout enonce B, a partir d'une preuve que B Be deduit de (P x), pour x : A quelconque : A:
*
L([P: A -+ *]) := VB· ([x: A] (P x) -+ B)
-+
B.
On introduit une quantification existentielle par la construction : A:
*
::I[P: A -+ *] := [x: A][h: (P x)] VB· [p: [x : A] (P x) -+ B] (p x h) f- [P : A -+ *][x : Al (P x) -+ L(P),
Inversement, on peut projeter la somme sur un "temoin" qui verifie Ie predicat quantifie existentiellement : A: t
f-
*
[P : A -+ *] := [p: L(P)] (p A [x : A] (P x) -+ x) [P : A -+ *] L(P) -+ A.
Dans la pratique, on s'autorisera a Skolemiser la preuve p en une constante C utilisee comme abreviation pour (t P p), ce qui rendra I'ecriture plus conforme a la pratique mathematique. Remarquez qu'il n'est pas possible ici de projeter p vers la preuve de (P C) qu'elle encapsule. Notre somme est done differente de celIe axiomatisee par Martin-Lof [49]. Ceci est par contre conforme a I'interpretation d'un quantificateur existentiel comme type abstrait [44].
Calcul des Constructions
3.3
135
Logique classique
La contradiction, ou proposition absurde, permet de prouver toute proposition A par simple application: V := VA·A.
V n'a pas de preuve, et joue done logiquement Ie role de la valeur de verite faux. Nier une proposition revient II exprimer qu'elle entraine V, d'ou Ie concept de negation: .., [A : *1 := A --> V. La connective de Sheffer A I B (lire "A contradictoire avec B") se definit par : *11 [B : *1 := A --> B --> V. II est facile de montrer VA, B . (A 1 B) ..... ..,(A/\ B). Les autres connectives classiques s'expriment simplement en terme de 1 : [A:
*J => fB : *J := A I-.B *1 V [B : *1 := (..,A) 1(..,B) *1 {} [B : *1 := (A => B) /\ (B => A).
[A:
[A: [A:
Appelons fermeture classique de la proposition A sa double negation:
[[A: *]] := ..,(..,A).
Toute proposition nie sa negation:
*
A: p:A q:
..,A
NegJYeg f- VA·
(q p)
A --> [A].
(A,p, q)
L'implication inverse n'est vraie que des propositions classiques : Classique fA: *J := fA] --> A. On peut montrer que V,,,, ,
I
produisent des propositions classiques, et done aussi V et
=>. Finalement, /\ preserve la propriete d'etre classique, et {} produit done egalement des propositions classiques. En fait, un raisonnement classique consiste en general a montrer qu'un ensemble de propositions {A1, ...,An } est contradictoire. Les connectives V,.." 1 expriment cette notion pour n = 0, 1,2 respectivement. Remarquons qu'il est tres simple de prouver Ie principe du tiers exclu :
[A:
4
*1 (Id [A))
f-
VA· (..,A) vA.
Une fheorle intuitioniste des ensembles
Dans cette section, nous montrons comment axiomatiser dans les Constructions les concepts usuels de theorie des ensembles. On se place dans un contexte global, dans lequel on a declare [U : *1. On peut penser II U comme etant l'universdu discours, Les ensembles seront assimiles a des predicats sur U, c'est II dire a des propositions de type U --> *, que nous abregeons en Ens. On appelera famille un ensemble d'ensembles, de type Ens --> *, abrege en Fam. De meme on appelle relation un ensemble de paires Curriflees, de type U --> U --> *, abrege Rei. On se place done dans Ie contexte:
136
T. Coquand and G. Huet
U: * Ens:= U -+ * Fam:= Ens -+ * Rel:= U -+ U -+ *
4.1
Ensembles, Familles, Relations
Les ensembles etant assimiles a. leur predicat caracteristique, I'appartenance se definit simplement comme etant I'application : [x : U] E [P : Ens] := (P x). Notons qu'il est essentiel de distinguer entre Ie signe " E " et Ie signe " :" de la relation de typage; la notion d'ensemble apparait comme une notion derivee (mais distincte) de celie de type. Cette distinction fondamentale remonte aux Principia [76]. On definit dans ce cadre les notions ensemblistes usuelles : [P: Ens] C;;; [Q : Ens] .- [x: U] x E P -+ x E Q [P : Ens] = [Q : Ens] := P C;;; Q A Q C;;; P := [x: UJ \7 [P: Ens] n [Q : Ens] .- [x: U] x EPA x E Q [P:Ens]Il[Q:Ens].- [x:U]XEPUXEQ [P: Ens] U [Q : Ens] .- [x: U] x E PV x E Q ~ [P : Ens] := [x: U] -, z E P. On remarque que les quantificateurs peuvent etre interpretes comme des operations sur les ensembles: IT(P) dit que Pest universel, et E(P) dit que P n'est pall vide. Le type des ensembles est intrinsequement plus riche que Ie type de l'univers. On peut exprimer cette forme du paradoxe de Russell (ou du theoreme de Cantor) en montrant qu'il n'y a pas d'injection de type Ens ..... U. Cette preuve se construit par contradiction:
o
F: Ens ..... U G: U -+ Ens H: [P : Ens] (G (F P)) = P epimenide := [u: UJ -,u E (G u) menteur := (F epimenide) paradoxe := menteur E (G menteur) (1rl(H epimenide) menteur) I- paradoxe -+ <paradoze =: negati! hyp:paradoxe (negati! hyp hyp) I- -iparadoxe =: contradiction (1r2(H epimenide) menteur) I- (-'paradoxe) ..... paradoxe =: positi]
(contradiction ipositi] contradiction)) I- \7.
L'intersection d 'une famille d'ensembles se definit par: E P. On peut alors verifier que cet ensemble est effectivement Ie plus grand ensemble indus dans tous les ensembles de la famille.
n[F : Fam] := [x: U][P : Set] (F P) ..... x
Calcul des Constructions
137
On peut definir sur les relations les notions analogues a ~, =, 0, n, U, r-e , Par convention, nous indicerons ces notions avec 2, comme par exemple n2. De meme, on peut considerer des families de relations (de type Fam2 = Rei -> *), et definir I'intersection (n2) d'une telle famille. Enfin, on peut introduire les notions usuelles associees aux relations:
Reflexive [R : Rei] := [x: U] (R x x) Symetrique [R : Rei] := [x: U][y : UJ (R x y) -> (R y x) Transitive [R : Rei] := [x: U][y : U)[z : U] (R x y) -> (R y z)
4.2
->
(R x z).
Egalit es intentionnelle et extensionnelle
L'egalite definie ci-dessus est I'egalite extensionnelle considers traditionnellement en theorie des ensembles: deux ensembles sont egaux ssi ils ont les memes elements. II est possible egalement de definir une egalite intentionnelle, pour tout type. Suivant Leibniz, on dit que x et y sont identiques ssi ils admettent les memes proprietes (tout ensemble contenant x contient y) :
[x: UJ
== [y: UJ
:=
[P: Ens] (x E P)
->
(y E P).
La propriete de substitutivite est implicite dans la definition de bien une equivalence. La reflexivite de == se montre par I'algorithme d'identite :
==.
Montrons que
== est
Refl.; := [x: U)[P: Ens] (Id (x E P)) f- Reflexive ==. De meme la transitivite de montre par composition :
Trans= := [x: U)[y : U][z : U][p : x f- Transitive ==.
== y][q : y == z][P: Ens] (p P)j (q P)
Par contre, la symetrie est moins triviale, compte tenu du fait que notre implication est intuitioniste : x: U
y: U p: x== y
P: Ens Q = [z : U] (z E P) -> (x E P) (p Q (Id (x E P))) f- (y E P) -> (x E P) f- Symetrique ==.
4.3
Operations de fermeture
Nous formalisons la notion de fermeture d'une relation R par rapport a une propriete comme etant I'intersection de la famille des relations possedant la propriete et contenant R. A titre d'exemple, nous definissons la fermeture transitive:
[R: Re/]+ := [u: U][v : U][S : Rei] (Transitive S)
->
(R ~2 S)
->
(S
u
v).
Plus generalement, definissons:
Fermeture [P : Fam2][R : ReI] := [u: U][v : U][S : Rei] (P S) --+ (R ~2 S) -> (S u v). Lorsque Pest une conjonction, on Curryfie la definition, comme par exemple pour la fermeture transitive et reflexive: [R: Re1]* := [u: U][v : U][S : Rei] (Transitive S)
->
(Reflexive S)
->
(R ~2 S)
->
(8
u
v).
T. Coquand and G. Huet
138
On dit qu'une propriete P est stable ssi elle est stable par intersection: Stable [P : Fam2] := [Q: Fam2] ([R : Rei] (Q R) --t (P R)) --t (P (n2Q)) et on montre: (Stable P) --t (P (Fermeture P R)). Comme cas particulier, on peut montrer que la propriete transitive est stable, et en deduire que R+ est transitive. De meme, on montre par stabilite que R+ contient R. La prochaine section illustre les notions precedentes sur un exemple elementaire en theorie des relations.
4.4
Lemme de Newman
Ce lemme, qui exprime que la confluence d'une relation peut etre r eduite a une verification locale si cette relation est Noetherienne, est fondamental pour l'etud\e des systemes de simplification [55,40,36]. II illustre bien l'utilisation de la logique d'ordre superieur. Definissons tout d'abord les notions necessaires a I'enonce. On se place dans Ie contexte d'une relation R fixee : R: ReI. Deux elements sont dits coherenis s'ils admettent un majorant commun : Coherence [x : U][y : U] := VA.([z: U] (R+ z z) --t (R+ Y z) --t A) --t A. Remarquons que cette definition n'est que la forme sequentialisee de la definition equivalsnte
2)R+ x) n (R+ y). La notion de confluence exprime une forme de determinisme de R : --t (R+ X v) --t (Coherence u v). La confluence locale restreint cette propriete aux successeurs immediats de z : Confluence locale := [x: U][u : U][v : U] (R xu) --t (R x v) --t (Coherence u v). Une relation est Ncetiierienne ssi elle n'admet pas de chaine infinie. La formalisation de ce concept en tant que construction passe par son enonce sous la forme du principe de recurrence Noetherienne [13] : N oetherien := [P: Ens] ([u : U] ([v: U]( R u v) --t V E P) --t U E P) --t [u : U] u E P. Le lemme de Newman s'enonce alors : Newman := N oetherien --t Confluence locale --t Confluence. II se prouve par recurrence Ncetherienne sur la propriete : (Confluence x). La preuve est detaillee dans [18J.
Confluence := [x: U][u : U][v : U] (R+ xu)
5
Constructions informatiques
Nous allons montrer dans ce chapitre que Ie Calcul des Constructions est bien adapte formaliser certains concepts informatiques.
5.1
a
Algebre universelle et types de donnees
Cornmencons par montrer comment formaliser les notions elementaires d'Algebre, et en particulier la notion d'algebre libre sur une signature. On se place d'abord dans Ie cas homogene, c'est a dire dans Ie contexte: A: * Pour tout n
O=A
~
0, on definit Ie A-cardinal 11 associe
a n par recurrence:
Calcul des Constructions
n+ 1= n-+
139
A.
On definit maintenant 1a fonctionnalite •••, a. of terms.
is used to indicate that all free variables of A come from the list !'.; A(0 may contain
other free variables besides !'.. The formula A a is the result of replacing in A each unrestricted quantifier Vx(...) or
3>:(...)
by (Vxe a)(...) or
176
J. Jaeger
II. Number-theoretic axioms. For every axiom A[.':!] of PA:
III. Equality axioms. (£1) a=a; (£2) a=b -) (A(a) -) A(b» for every atomic formula of
LAd'
IV. Set existence axioms. (Pair) 3z(aEz & bEz) ;
(Transitive Hull) :Iz(ac:z & z transitive) ; (t:.,,-Sep) :Iz(z = {XEa : A(x)}) ;
(!!o-Col) (VXEa)(3y)A(x,y) -) 3z(VXE a)(3ye z)A(x,y)
where A is !!o in both schemes.
V. Induction axioms. These axioms provide complete induction on the natural numbers (INDN) and the usual
E
-induction (IND e); both for arbitrary LAd formulas:
(IND N ) A(O) & (VxEN)(A(x) -) A(x+l» -) (VxEN)A(x);
(IND e) Vx«VyEx)A(Y) -) A(x»
-) VxA(x).
KPu corresponds to Barwise's theory KPU" as defined in [1] with PA as theory for the urele-
ments, The transitive standard models of KPu are called admissible sets (above N). An ordinal a is said to be admissible (above N), if La is an admissible set above N. Here (La: aE ON) denotes the constructible hierarchy over the natural numbers as urelements.
ProofTheoretic Contributions to Theories of Sets
177
In order to speak about universes which are limits of admissible sets, we replace in KPu the scheme of Ii. collection by the limit axiom
Vx3.l'(XEy & Ad(y»
(Lim)
and call this theory KPI. KPi finally is KPu+(Lim) and formalizes recursively inaccessible universes, i.e. universes which are admissible limits of admissibles. Suppose that Th is one of the theories KPu, KPI or KPi. Then Th' is taken to be the theory Th with (IND N) and (IND e) replaced by the axioms (IN) and (Ie) (IN) DEa & (VxEa)(x+IEa)
(Ie) a,t0
---7
---7
(VxEN)(xEa);
(3xEa)(Vyea)(Yfix).
Th' is taken to be Th with (INDN) restricted to (IN) and (IND e) omitted completely. For ordinal notations we refer to the literature (e.g, [4,33,3]). Ordinal functions eo, for a countable, can be introduced by the following transfinite recursion: ~ is CJ)~; for a > D, <Pa~ is the ~th simultaneous fixed point of all functions
with
Er---7A(y»
: Prog(a,r,A)
---7 (VXEa)A(x)
---7 A(x)]
;
;
: VXT/(a,r,x).
An ordinal a is said to be provable in the theory Th if there exists a primitive recursive wellordering Q of order-type a such that Th 1- W/(N,Q). The proof·theoretic ordinal of Th, denoted by IThl, is the least ordinal a that is not provable in Th. By Th; " Th1 we mean that the theories Th; and Th1
J. Jaeger
178
prove the same arithmetic formulas, possibly with parameters (and modulo ..,.., translation if one of the theories uses intuitionistic logic). Remark. In practice we have: I. Tho '" Thl iff IThol
2. If a
= IThl,
= ITh11
then a is the least ordinal such that PRA+QF-TI(a) (primitive recursive arithmetic with
quantifier-free transfinite induction along a standard primitive recursive well-ordering of order-type a) proves the consistency of Th.
2. Impredicative theories. A theory Th is called predicatively reducible if its proof-theoretic ordinal is less than or equal to
r 0> otherwise Th is referred to as impredicative. This
terminology goes back to the work of Feferman
[4] and Schiine [33] in the middle of the sixties, where the philosophical concept of predicativity lila Poincare was brought into precise mathematical shape. Remark. We use the phrase 'predicatively reducible' instead of the more common 'predicative' in order to emphasize the following point: The least standard model of a predicative theory Th is a substructure of L ro or L ro itself, and therefore each set existence axiom of Th is predicatively justified. This is the case for example for Feferman's theory IR or the theory AUT(I1~) of Feferman-Jaeger [10]. In the next section we will see that there are predicatively reducible theories which are not predicative. KPi is the strongest theory which has been treated in admissible proof theory so far. It is closely
related to second order arithmetic with ~1 comprehension and bar induction and to Feferman' s theory To for explicit mathematics. The main result states that
KPi '" (~1-CA)+(B/) '" To
(1)
The reduction of To to (~1-CA)+(B/) is due to Feferman [7]; the embedding of (~1-CA)+(B/) into KPi is given in Jaeger [22]. The ordinal analysis of KPi is carried through in Jaeger-Pohlers [27]; it is IKPil
:$; 8°(81£10+10)0.
Jaeger [21] shows that every ordinal a < 8°(81£10+10)0 is provable in To.
Proof-Theoretic Contributions to Theories ofSets
179
The equivalence (1) is also interesting for constructive mathematics. Feferman's T. is based on intuitionistic logic and is a suitable framework for Bishop style constructive mathematics (Feferman [6.7.9]). Hence the theory KPi. which was developed without any reference to constructivity, is a conservative extension of constructive mathematics with respect to arithmetic (even Ill) statements. Admissible proof theory can be extended to stronger theories. A cut elimination argument for the formalization of a recursively Mahlo universe is given in Jaeger [26]; the exact ordinal assignment. however. is still missing. The impredicative subsystems of KPi are closely related to subsystems of analysis. subsystems of T. and theories for iterated inductive definitions. For simplicity we confine ourselves to state some spe-
cial cases only. For further equivalences. unexplained notations and the proofs of (2) - (6) we refer to Buchholz-Feferman-Pohlers-Sieg [3] and Jaeger [21.24]. KPi'+(INDN ) and KPi' correspond in strength to the theories (t.i-CA) and (t.i-CA). Here the sub-
script
0
is used to indicate that the scheme of complete induction is replaced by the axiom.
(2)
(3) KPI is the framework to treat
III comprehension on the natural numbers. We have KPI '" (rrj-CA)+(Bl)
(4)
(5)
(6)
KPu is an impredicative theory which proves the same arithmetic sentences as (t>I-CA)+(Bl) and
the theory /D I of one inductive definition. The proof-theoretic ordinal of KPu. (t.l-GA)+(Bl) and [Dr is the so called Howard ordinal. The equivalence (7) below follows from Howard [17] and Jaeger [20].
KPu '" (t.l-GA)+(Bl) '" /DI
(7)
180
J. Jaeger
3. Predicatively reducible theories. The previous section supports the thesis that theories for admissible sets provide a uniform framework for impredicative formalized mathematics. Now we turn to predicatively reducible systems. They can be approached by theories for admissible sets without
E
-induction. In this survey, however, we
essentially concentrate on KPj· and the new concept of the admissible extension Th< of a theory Th. The weakest theories for admissible sets are the theories KPu· and KPu'. These systems are conservative extensions of Peano arithmetic PA in the sense that
KPu'
I- AN KPu· I- AN PA 1- A
for every sentence A of L!. If we add the scheme of complete induction, we reach the strength of
(L\l-CA). So we have:
KPu' '" KPu· '" (L\l-CA). '" PA
(8)
(9)
(8) and (9) are proved in Jaeger [7,22] by a combination of proof-theoretic and model-theoretic arguments.t Both results also follow from more general considerations concerning the admissible extension of a theory, a concept that we explain now.
Definition. Let Th be a theory which is formulated in the language LAd or an extension LAI.!) of LAd by finitely many set constants '!. = ej, ....e•. First we extend this language by a new set constant M to the language LAI.!,M). Tb" then is the theory that consists of the following axioms:
1. Ontological and equality axioms. As in KPu.
2. M-axioms. M is transitive; bEM for all constants b of Th.
t) The third equivalence in (8) was originally proved by Barwise-Schlipf [21 (model-theoretically) and FefennanSieg [3] (proof-theoretically).
Proof-Theoretic Contributions to Theories ofSets
181
3. Th-axioms. For every axiom A[~] of Th: (V!EM)AM[:!l . 4. ]{ripke-Platek axioms. The set existence axioms of KPu.
The can be considered as the proof-theoretic analogue of the 'next admissible set' construction in
recursion theory (cf, Barwise [1]): If «a,...> is a standard model of Th, then is the least standard model of The that contains a as element. In this case. M is interpreted as a and a+ is the least admissible set with element a. The is very weak with respect to induction. Only that amount of induction is available in The
which can be lifted from Th, The existence of infinite descending sequences of sets outside M is consistent with The. The admissible extension of a theory Th is characterized by the following two theorems. Theorem 1. Suppose that Th is a theory in LAi.9. Then we have for every sentence A of L,.,/9:
(a) Th'
1-AN
Th
1-A
;
The implications from right to left are obvious; the converse directions are proved in Jaeger [25]. In order to establish conservation results for The+(INDN) we turn to infinitary systems. By Tk; we denote the system which results from Th if we replace the scheme (INDN ) by the co-rule A -+ B(n)
for every natural number n A -+ (VXEN)B(X)
We write Th_l-
Ki'i"
1- lfx(Ad(x)
~
k') .
The proof is by induction on the length of the derivations in KPu"+(BR). It is not clear whether the converse of Theorem 6 is true in full generality as well. Uniform provability in all admissibles has to do with predicativity. The following result makes a case of Kl'i" having a predicative justification with respect two uniformly provable 112 formulas.
Theorem 7. We have for every 112 sentence A of LAd: Kl'i"
1- lfx(Ad(x)~k') => L ro 1= A
.
J. Jaeger
188
Remark. We have compared KPio with all theories of ordinals $
r o that
we know. In each case it was
fairly easy to prove an embedding theorem into Ki'i", Hence it seems justified to call Kri" the strongest predicatively reducible theory. In this context it is interesting to consider the following parallel:
KPio - predicativity KPi - constructivity,
Further research. In the previous considerations we have concentrated on set existence provided by the iteration of admissibility and on various restrictions of induction principles. By doing this, a uniform proof-theortic approach to theories in strength between PA and (.1.i-CA)+(BI) has been obtained. We end this paper with mentioning an alternative form of set existence. It is possibile to shift from pure set existence axioms to another class of axioms which one can denote as set structuring axioms. The general form of these axioms is
3xA(x) ~
3Y(y nice & A(y»
where A and nice have to be specified. Obviously axioms of this form are related to the so called basis theorems in recursion theory (cf. Shoenfield (35)). However, not much is known about set structuring axioms in proof theory but they seem to be very interesting.
REFERENCES. [1]
Barwise, J. Admissible Sets and Structures. Springer-Verlag, Berlin, Heidelberg, New York (1975).
[2]
Barwise, J. and Schlipf, J. On recursively saturated models of arithmetic. Model Theory and Algebra. Lecture Notes in Mathematics 498. Springer Verlag, Berlin, Heidelberg, New York (1975).
Proof-Theoretic Contributions to Theories of Sets [3]
189
Buchholz, W., Feferman, S., Pohlers, W. and Sieg, W. Iterated Inductive Definitions and Subsystems of Analysis: Recent Proof-Theoretical Studies. Lecture Notes in Mathematics 897. Springer-Verlag, Berlin, Heidelberg, New York (1981).
[4]
Feferrnan, S. Systems for predicative analysis. Systems of predicative analysis. Journal of Symbolic Logic 29 (1964).
[5]
Feferrnan, S. Predicatively reducible systems of set theory. Set Theory II. American Mathematical Society, Providence, R.I. (1974).
[6J
Feferman, S. A language and axioms for explicit mathematics. Algebra and Logic. Lecture Notes in Mathematics 450. Springer-Verlag, Berlin, Heidelberg, New York (1975).
[7J
Feferman, S. Constructive theories of functions and classes. Logic Colloquium '78. NorthHolland, Amsterdam (1979).
[8J
Feferman, S. Iterated inductive fixed-point theories: Application to Hancock's conjecture. Patras Logic Symposion 1980. North-Holland, Amsterdam (1982).
[9J
Feferman, S. Between constructive and classical mathematics. Computation and Proof Theory. Proceedings, Logic Colloquium Aachen 1983, Part II. Lecture Notes in Mathematics 1104. Springer-Verlag, Berlin, Heidelberg, New York, Tokio (1984).
[l0]
Feferrnan, S. and Jaeger, O. Choice principles, the bar rule and autonomously iterated comprehension schemes in analysis. Journal of Symbolic Logic 48 (1983).
[IIJ
Friedman, H. Iterated inductive definitions and (~-AC). Intuitionism and Proof Theory. North-Holland, Amsterdam (1970).
[12]
Friedman, H. Systems of second order arithmetic with restricted induction I, II (abstracts). Journal of Symbolic Logic 41 (1976).
[13J
Friedman, H. Set theoretic foundations of constructive analysis. Annals of Mathematics 105 (1977).
[14J
Friedman, H., McAloon, K. and Simpson, S.O. A finite combinatorial principle which is equivalent to the l-consistency of predicative analysis. Patras Logic Symposion 1980. North-
J. Jaeger
190 Holland, Amsterdam (1982). [15]
Girard, J.-Y. nl-logic, Part I: Dilators. Annals of Mathematical Logic 21 (1981).
[16]
Girard, J.-Y. A survey of TIl-logic. Logic, Methodology and Philosophy of Science VI. NorthHolland, Amsterdam (1982).
[17]
Howard, W.W. Ordinal analysis of bar recursion of type O. Compositio Mathematica 42 (1981).
[I8]
Jaeger, G. Beweistheorie von KPN. Archiv fiir Mathematische Logik und Grundlagenforschung 20 (1980).
[19]
Jaeger, G. Die konstruktible Hierarchie als Hilfsrnittel zur beweistheoretischen Untersuchung von Teilsystemen der Mengenlehre und Analysis. Dissertation, Miinchen (1979).
[20]
Jaeger, G. Zur Beweistheorie der Kripke-Platek-Mengenlehre tiber den naturlichen Zahlen. Archiv fur Mathematische Logik und Grundlagenforschung 22 (1982).
[21]
Jaeger, G. A well-ordering proof for Feferman's theory To. Archiv fur Mathematische Logik und Grundlagenforschung 23 (1983).
[22]
Jaeger, G. Iterating admissibility in proof theory. Proceedings of the Herbrand Symposium. Logic Colloquium '81. North-Holland, Amsterdam (1982).
[23]
Jaeger, G. A version of Kripke-Platek set theory which is conservative over Peano arithmetic. Zeitschrift fuer mathematische Logik und Grundlagen der Mathematik 30 (1984).
[24]
Jaeger, G. The strength of admissibility without foundation. Journal of Symbolic Logic 49 (1984).
[25]
Jaeger, G. Theories for admissible sets - a unifying approach to proof theory. Habilitationsschrift, Muenchen (1984).
[26]
Jaeger, G. A cut elimination argument for a Mahlo universe. Handwritten notes (1981).
[27]
Jaeger, G. and Pohlers, W. Eine beweistheoretische Untersuchung von (D.l-cA)+(Bl) und verwandter Systeme. Bayerische Akademie der Wissenschaften, MathematischNaturwissenschaftliche Klasse: Sitzungsberichte (1982).
ProofTheoretic Contributions to Theories ofSets
191
[28]
Jaeger, O. and Pohlers, W. Admissible Proof Theory. In preparation.
[29]
Martin-LOf. An intuitionistic theory of types: Predicative part. Logic Colloquium '73. NorthHolland, Amsterdam (1975).
[30]
Pohlers, W. Cut-elimination for impredicative infinitary systems. Part I: Ordinal analysis for ID I • Archiv fiir Mathematische Logik und Grundlagenforschung 21 (1981).
[31]
Pohlers, W. Cut-elimination for impredicative infinitary systems. Part II: Ordinal analysis for iterated inductive definitions. Archiv fUr Mathematische Logik und Orundlagenforschung 22 (1982).
[32]
Pohlers, W. Admissibility in proof theory, a survey. Logic, Methodology and Philosophy of Science VI. North-Holland, Amsterdam (1982).
[33]
Schutte, K. Eine Orenze der Beweisbarkeit der transfiniten Induktion in der verzweigten Typenlogik. Archiv fur Mathematische Logik und Grundlagenforschung 7 (1964).
[34]
Schutte, K. Proof Theory. Springer-Verlag, Berlin, Heidelberg, New York (1977).
[35]
Shoenfie1d, J. Mathematical Logic. Addison-Wesley, Reading, Mass. (1967).
[36]
Simpson, S.G. Set theory. Set theoretic aspects of ATR o • Logic Colloquium '80. NorthHolland, Amsterdam (1982).
[37]
Simpson, S.G.
1:1 and III transfinite induction. Logic Colloquium '80. North-Holland, Amster-
dam (1982). [38]
Simpson, S.O. Reverse mathematics. Proceedings of the AMS Summer Institute in Recursion Theory. To appear.
[39]
Takeuti, O. Proof Theory. North-Holland, Amsterdam (1975).
G. Jaeger Mathematik ETH-Zentrum CH-8092 ZUrich (Suisse)
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
213
TI 2-MODELS OF EXTENSIONS OF KRIPKE-PLATEK SET THEORY Peter Pappinghaus Institut fur Mathematik, Universitat Hannover Welfengarten 1, D-3000 Hannover 1 § 1. INTRODUCTION
In the development of proof theory a shift has taken place from subsystems of analysis (second order arithmetic) to theories of inductive definitions, and from these to extensions and subsystems of Kripke-Platek set theory. The latter change is advanced most forcefully by Jager, and for background and recent results we refer to his contribution in this volume [Ja 2J. Following this trend we present a new method of analyzing extensions of Kripke-Platek set theory in the spirit of Girard's TI~-logic. Our method is remarkably simpler than previous work. Partly this is due to the fact that our aims are less ambitious. In contrast to the tradition we are not concerned with determining so-called proof-theoretic ordinals, but rather with finding TI 2-models and the TI 2-ordinals of the theories we study. These notions are explained below and go back to Jager (see [Ja 2J)t. We assume familiarity with Kripke-Platek set theory as developed in [Bw, Ch. I]. We consider only sets without urelements, and so the formal system KP is formulated in a one-sorted language with the two-place relation symbols
=
and E. As axioms of KP we have the axioms of equality, ex-
tensionality, pairing and union, and the schemes of
~o-separation, ~o-col
lection and foundation. We extend KP to the theory KP(G) by adjoining a new two-place predicate constant G and the following axioms expressing that G is the graph of an ordinal function. (G 1)
\!x,y,z ( G(x,y)
(G 2)
\j x ( Ord(x)
Ord(c) is the usual
+
A
G(x,z) + y
3y ( Ord(y)
~o-formula
A
= Z
G(x,y) ) )
expressing that c is an ordinal.
KP(G) is a uniform way of giving extensions of KP of different strength according to how G is interpreted. For example, if G is to be interpreted as the graph of the constant function with value w, we can replace the relation constant G by a Ll-formula defining this graph, and we obtain a
t The referee has pointed out to me that the notion of TI 2-model implicitly goes back to Tait. However I have not been able to locate a reference.
P. Pdppinghaus
214
theory equivalent to Jager's KPu (see [Ja lJ). And if G is to be interpreted as the graph of the function associating with any ordinal a the next admissible ordinal a+, we can similarly obtain a theory equivalent to Jager's KPi (see [JP]) as well as to Pearce' s ~ (see [Pc]). We are interested only in standard models for the language of KP(G). which are given by a pair (M,g), where M is a non-empty. transitive set, and
g:On + On is a total ordinal function. M is called admissible. if
(M,E) is a model of KP, and M is called g-admissible, if (M,€,G
is a mog) del of KP(G). G is defined by Gg(a,b): (Ord(a) b=g(a)) v (-,Ord(a) g A b=O). (M,g) is called a TIz-model of KP(G), if (M,€,G ) is a model of A
g
every TIz-sentence. which is provable in KP(G).
One way to phrase our aims is to say that we want to determine ordinals K s.t. (VK,g) is a TIz-model of KP(G). (VK denotes the K-th level of the Phrased in a recursion-theoretic spirit, we want
cumulative hierarchy.)
to determine bounds for set functions and ordinal functions, which are ~~ definable provably in KP(G). Let V denote the universe of sets and On the class of all ordinals. We use a.b.c •••• as free variables of the formal language and also (somewhat ambiguously) informally to denote sets. The notation Fl~J is used to indi+
a = al, .•. ,a as its free variabn les. ~ denotes derivability, and a,S,y, .•• are used for ordinals.
cate that a formula F contains at most
f:V + V is called ~?-definable provably in KP(G) iff there is a ~l-formu la F[a.b] of KP(G) s t , KP(G) ~ Yx 3!y Flx,yJ s
set M and
a EM:
defines that
and for every g-admissible
(M,E.,G g) 1= F [a, f(a)J • Analogously one On is Z~-definable provably in KP(G). In particular
f(a) '" M and
f:On
+
an ordinal a is called Z~-definable provably in KP(G) iff there is a ~l formula
A[a] of KP(G) a.r ,
g-admissible set M:
KP(G)
a EM and
l-
(M,E,G
3!y(Ord(y) ~
A
A[y])
and for every
A[a]
g) We will give bounds for provably ~~-definable functions in terms of a
hierarchy of ordinal functions JB:On + On • This hierarchy is defined and investigated at length in [pa
, Kap. IIJ. The indices D of the hierarchy
denote dilators. The following dilators. in particular. playa role in our
To understand this definition and notation (and even more so later parts of this paper) the reader has to be familiar with the fundamentals of the theory of dilators as exposed in [Gi 2, pp. 89-139J.
Kripke-Platek Set Theory
215
The principal bounded ness result is the following. We assume that g:On
+
On is non-decreasing and
Theorem 1.1: Let
qtt]
KP(G) /-
g(O) >
a
be a lIo-formula of KP(G) s
\ft3 y c[ii,y]
s
t ,
V! Eo V ::3 t E V a ]g (a) is true with G interpreted by Gg . (l+Id)(n) This immediately entails closure properties in the cumulative hierarchy.
Then for some fini te n and every ordinal a:
+ +]
C[ a,b
Corollary 1.2: Let K be an ordinal closed under all :]~2+Id) ,n < w. Then (VK,g) is a TIz-model of KP(G). In other words: V is close~n)under K all functions, which are L~-definable provably in KP(G), and these have a VK-absolute L~-definition. K(g) := ~rl+Id) w (0) of the corollary.
is the least ordinal satisfying the hypothesis
() Moreover it follows from the results of CPa] that
the set of ordinals L~-definable provably in KP(G) is a cofinal subset of K(g). Consequently K(g) is the least ordinal K s.t. (VK,g) is a TIz-model of KP(G). An application of the same methods to a version of KPu yields that
K(Aa.w)
(which, incidentally, by [PaJ equals the so-called Bachmann-
Howard ordinal) is the least ordinal K s.t. VK is a TIz-model of KPu. By a slight modification of our techniques we can prove similarly that K(Aa.w) is the least ordinal K s.t. LK is a TIz-model of KPu, i.e. in the terminology of Jager (see [Ja 2J): K(AQ.W) is the TIz-ordinal of KPu. (LK denotes the K-th level of the constructible hierarchy.) Finally we can also analyze a version of KPi and obtain that
K(Aa.a+)
is the TIz-ordinal of KPi. These
ordinals have been determined by Jager and Pohlers in [Ja IJ and [JpJ to equal
EJE
Q+10
and
01 E I +10 respectively.
The principal boundedness result (Theorem 1.1) is proved by combining a syntactic analysis of KP(G) in traditional lines with a semantic analysis in the form of an asymmetric interpretation. To analyze KP(G) proof-theoretically we introduce an infinitary sequent calculus KPV(G). It has for every ordinal a an a-branching rule expressing the definition of Va' and further an On-branching rule expressing that every set is an element of some Va' KP(G) can be embedded in KPV(G). By virtue of the infinitary rules the scheme of foundation can be derived in KPV(G). The remaining axioms of KP(G) - which are of bounded logical complexity - are taken care of by particular rules, called axiom rules. For KPV(G) a weak cut-elimination theorem is proved. (In the disguise of the
P. Pdppinghaus
216
axiom rules there remain specific cuts.) As usual we have to control the lengths of the derivations obtained in the process of embedding and cut-elimination. For this purpose we use dilators rather than ordinals. More precisely we use a relation of majorization between KPV(G)-derivations and dilators. This is the only trace of functoriality in our treatment. We have stayed closer to traditional proof theory ~han the Girard school (see e.g. [Fe]) in that we have not incorporated any functoriality conditions in the notion of derivation. However all infinitary derivations occurring here could be shown to be homogeneous trees in the sense of [Jer] , even primitive recursive ones, and are thus perfectly good constructive objects. While homogeneity of derivation trees would be needed for a unique assignment of dilators as lengths, we get along with a majorization, which can be obtained more cheaply. Moreover we pay no attention to the metamathematical methods employed in our work, and so there is no technical need to bother about homogeneity. Dilators as length bounds are of great technical advantage. We could have replaced the On-branching rule of KPV(G) by an analogous Q-branching rule. In such a setting we could have used ordinals below £Q+I as length bounds like in [How]. But as Howard's work shows, this leads to great complications due to the fact that the fundamental sequences are not well-behaved w.r.t. the algebraic operations. The use of dilators is a much more elegant solution. To obtain length bounds for derivations, one only has to construct natural transformations between dilators without ever paying attention to fundamental sequences. And for coping with the On-branching ·rule we have the fundamental sequences ({D} ~l;;;
'JJ~C'JlgCa»
•
JJgCa) > a
D and D of kind
A
']
gCa) ;;; gCa) .
=>
~
'JgCa);;; JfD}Ca+l)Ca)
Theorem 3.4: Asymmetric Interpretation Theorem If d is a cut-free KPVCG)-derivation of the sequent dilator s.t.
f
f--
1:1 , and D is a
d maj D , then for every ordinal a: g
1 gc<X)
1
a
Cf
f--
1:1)
Proof: By induction on d. We distinguish cases according to which rule has been used last in d. We confine ourselves to a few crucial cases and leave the rest to the reader. Case CV): Let d be obtained from Cd) CV), where d
W
derives
VWCa),f
f--
that D';;;D and for every ordinal W:d hypothesis to da and obtain By Lemma 3.3 we have
g
0
W W6. n
by an application of rule
1:1 • For some dilator D' of kind ~ we have
w maj
{D'}Cw+l) • We apply the induction
1'J{D'}Ca+l)Ca) a
Va r C (a },
'JI{D'}CCI+l)Ca) ;;; 'J1 D, Ca ) ;;; 'JlDCa) , and so 1 JDCa) g The free variable a ranges over Va a anyway, so it follows that \JDC a) g a Cf f-- 1:1) •
1:1
f-- )
CVaCa) .r
l-
1:1)
P. Piippinghaus
222
Case (~o-Coll): Let d be obtained from do with end sequent r ~ ~, (\:I yEa)3zC , and from d with end sequent 3x(\>'ye:a)(3zex)C,r ~ ~ 1 There are dilators Do and D1 s.t. do maj Do' d 1 maj D1, and Do+l+D1~ D . We let (3:=~D (a) and Y:=JG «(3+1), and for contradiction we assume to be D given ~ eVa g.t. gff: (r~~h~J is not satisfied. By induction hypothesis
for do we see that
('1/ y E a)(3 Z 6V(3)Cfa"J is true (recall that C is a ~o
formula of+KP(G». By virtue of V(3E.V(3+1 it follows that (3 XE.V(3+1)(V'Yea) (3 Z e x)C La] is true. By induction hypothesis for d 1 we obtain validity of g~ (3x(\i YE.a)(3 z ~x)C,r ~ ~) , and so g~ tr ~ ~) [it] is satisfied. Since
a~(3+1~y,
we have met a contradiction. By Lemma 3.3 we obtain
Y='JlD «(3+1)~'JID (']l«(3»='llD (J 1 ( '] D (a»)='J D -i-» (ah'JlD(a), and hence the claim follo~s. 1 0 a - 1 Case (Ax): We have to distinguish subcases according to which instance of the axiom rule we meet. The instances of (Eq), (Ext) and (G 1) are valid ~o-formulas
of KP(G), so the claim follows immediately from induction hypo-
thesis. For the instances of (Pair), (Union) and
d is obtained
(~o-Sep),
from do with end sequent 3zc(z),r ~ ~ , where C(b) is a ~o-formula of KP(G). For some dilator Do with do maj Do and l+Do~ D we obtain by induc-
gL (3zC(z), r f-~) [~J is satisfied for arbitrary 'a+I ;Lsva+and (3:=':]D (a+1). By virtue of the content of the axioms, (3 zE.Va+1) C(z)la] is true,oand so g~l(rf-~)L~J is satisfied. Now the proof is comtion hypothesis that
pleted by observing that (3='J D (a+1)~']D (']I l(a»='J)l+D (ah'JD(a) • It remains to look at instanceg of (G 2)~ d is obtai;edofrom d with end sequent (Ord(a) +3y(Ord(y)
o
A
G(a,y»),r f- !1 , and there is a dilator D
-0
sv t , do maj Do and l+Do~ D . We have that (3:='Jl2(a)=']1(']1(a»~']1(g(a»
~g(a)+l, and by induction hypothesis
g+ «Ord(a)+3y(Ord(Y)AG(a~y»),r~
~) [+] a is satisfied for arbitrary + acVa and Y:=']D «(3).
by the ordinal 0 €V , then g(o) ~ g(a), so g(O)E.V
(3
If a is interpreted
) 1 c V(3 , and hence a g a + ye V(3)(Ord(y) A G(a,y» [it] is satisfied. It follows that gff: (rf-!1) is
valid. The proof is completed by noting that Y='J
'J) 2+D -
o(
(a)
s l]D(a) .
D a
«(3)='3I
D
('Jl2 ( a » =
0-
0
§ 4. EMBEDDING OF KP(G) IN KPV(G)
Lemma 4.1: ~
For every formula A of KP(G) there is a cut-free KPV(G)-derivation d of A,r f- ~,A
~
s.t. for some finite k: d maj
1 .
If A is the universal closure of an instance of one of the axiom schemes (Eq), (Ext), (Pair), (Union), (!1o-Sep),
(~o-Coll),
(G 1) or (G 2), then
Kripke-Platek Set Theory
there is a cut-free KPY(G)-derivation d of
223
t-
r
s.t. for some fi-
~,A
nite k: d maj k • Proof:
~
is proved as usual by induction on A, and
using the rules (Ax) and
~
follows from
~
In either case finite derivations
(~o-Coll).
(without applications of (Y~) or (Y» are obtained. It follows easily from Definition 2.2 that such derivations can be majorized by a constant dilator k with
l~
k<w.
Lemma 4.2: Let A(a) be a formula of KP(G), and let Prog(A)
:=
Vx«Vy€ x)A(y)
+
A(x»
1. There is a finite k s.t. for every ordinal derivation d
Ct
of
yCt(a),Prog(A),r
t-
there is a cut-free KPY(G)-
~
Ct
~,A(a)
satisfying d maj (k+S)o2 • Ct
2. There is a cut-free KPY(G)-derivation d of n-~, 'v'y(Prog(A) Id s.t. for some finite k: d maj kol
+
Proof:
A(a)
~
We choose k s.t. k majorizes a KPY(G)-derivation of
and for it we prove the claim by induction on
Ci..
t-
y13(b) ,Prog(A)
bea
y13(b) ,Prog(A)
t-
bE a
(\/ ye:a)y 13(y) ,Prog(A)
t-
(V YEa)A(y)
bE:a
+
+
13(y),Prog(A)
l-
A(a)
yCt(a) ,Prog(A)
l-
A(a)
° :d 13 l- A(b) °
A(b) A(a)
(\fye:a)y 13(y),Prog(A),(VYEa)A(y) + A(a) ('.::/y€a)y
~A(a),
In a fragmentary writing
the induction step looks as follows. bs a
\/xA(x»
t-
t-
A(a)
A(a) all
13
b.,A(b)
Reduction Lemma: Let d and d' be KPV(G)-derivations of c,r ~ b.
r ~ b.,C and
respectively with cut-rank ~n, C a formula of KP(G) of complexity
n, D and D' dilators majorizing d and d' respectively. Then there is a KPV(G)-derivation p(d,d') of
r ~ b.
with cut-rank ~n and p(d,d') maj D·D'.
Proof: By induction on d'. Case 1: C is the principal formula of the last rule of d'. Case 1.1: C atomic: We let p(d,d'):=d. (In case version Lemma.)
1 ~ D'
entails
Case 1.2: C = VxA(x): Let
d~
D
~
C=~,
apply
~
of the In-
D'D' .
be the subderivation of d' deriving the
upper sequent A(b), \fxA(x),r ~ b. and D~ a dilator s.t. d~ maj D~ and l+D'~ D'. By induction hypothesis p(d,d') derives A(b),r L b. and p(d,d')
-
0
maj
0 ' -
D'D~.
Let db be obtained from d by
cation of the cut rule to db and
~
P(d,d~)
desired p(d,d'). We have p(d,d,) maj
0
of the Inversion Lemma. An appli-
with cut formula
D+D'D~
and
A(b)
yields the
D+D'D~=D'(l+D~)~D'D',
and
hence q.e.d. Case 1.3: C = A+B: Let the upper sequents
d~
and di be the subderivations of d' deriving
A+B,r ~ b.,A
and
B,A+B,r ~ b.
respectively, and D~
and Di be dilators s.t. d~ maj D~, di maj Di, and D~+l+Di ~ D'. By applying the Inversion Lemma to d, of
A,r ~ b.,B,
r ~
d~,
s,«
and di we obtain derivations
,and
B,r ~ b.
d*,d~',
and di'
respectively. Two applications
of the cut rule with cut formulas A and B yield the desired p(d,d'). We have p(d,d') maj D~+D+Di and D~+D+Di ~ D'D~+D+D'Di = D'(D~+l+Di) ~ D'D' , and hence q.e.d. Case 2: C is a side formula of the last rule of d'. Let (de)SO apply
~
~
.
•
Cut-elimination Lemma: Let d be a KPV(G)-derivation with finite cut-rank n+l and majorizing dilator D. Then there is a KPV(G)-derivation £(d) of the same end sequent with cut-rank ~n and
£(d) maj (l+Id)D
Proof: By induction on d. Case 1: d is obtained from do and d l by an application of the cut rule. There are dilators Do and Dl s.t. do maj Do' d l maj Dl, and Do+Dl~ D. By induction hypothesis i=O,l: £(d
£(d o) and £(d with cut-rank ~n and for l) By an application of the Reductbon LemmaDwe get
weD~btain
maj (l+Id)
1.
i) £(d):= p(£(d ),£(d l » with cut-rank ~n and £(d) maj (2+Id) o'(2+Id) 1 o D Dl D +D D the claim follows since (l+Id) o'(l+Id) (l+Id) 0 l ~ (l+Id)
Now
Case 2: d is obtained from (d a)a60n by an application of rule (V). There is a dilator D' of kind Q s.t. D'~ D and for every ordinal a: d maj {D'}(a+l) . By induction hypothesis we obtain £(d ) with cut-rank a ~n and £(da) maj (l+Id){D'}(a+l) • We let £(d) be obtai~ed by an application of rule (V) to (£(d » EO . From Lemma 5.1 it follows that {D'}(a+l) aD,a n D' D (2+Id) ~ {(2+Id) }(a+l), and together with (2+Id) ~ (2+Id) w: see that
£(d) rna; (l+Id)D •
- -
Using Lemma 5.2 the remaining cases follow straightforwardly from induction hypothesis. Finite iteration of this lemma leads to the following normal form theorem. Cut-elimination Theorem: Let d be a KPV(G)-derivation with finite cutrank nand majorizing dilator D. Then there is a cut-free KPV(G)-derivation v(d) of the same end sequent with
v(d)
maj
(l+Id)'
n times
Theorem 5.3: For every sequent derivable in KP(G) there is a cut-free KPV(G)-derivation d s.t. for some finite n:
d maj
(l+Id)(n)
Proof: We combine Theorem 4.3 with the Cut-elimination Theorem. Moreover using Lemma 5.2 it is not very hard to prove that for finite k, r there is I d'r k'2 ~ (2+Id) -- (n)
a finite n s.t.
Kripke-Platek Set Theory
229
§ 6. TI 2-MODELS AND TI 2-ORDINALS
We are now in the position to verify the claims made in § 1. First we observe that our principal bounded ness result (Theorem 1.1) follows from Theorem 5.3 together with the Asymmetric Interpretation Theorem (Theorem
3.4). In Corollary 1.2 we have interpreted this result as a closure property of certain levels V of the cumulative hierarchy. Any K closed under all K ~g (n<w) must be a limit ordinal by virtue of Lemma 3.3.4. With Cl+Id) ( ) this n observation, Corollary 1.2 follows immediately from Theorem 1.1. Another way to interpret Theorem 1.1 is to draw from it bounds for the functions, which are ~~-definable provably in KP(G). Corollary 6.1: 1. If
f:V
V is ~~-definable provably in KP(G), then for some finite
+
n and every set a: ~ If
n
f:On
< ~Z2+Id) -
(rank(a»
(n)
is ~~-definable provably in KP(G), then for some finite
On
+
rank(f(a»
and every ordinal
f(a)
Ha£H a S (b) a E: H => "3 a < S: a ~ H a S (c) a,~E.Ha ===> {a,b}6Ha+ 1 and Uae.H a+ 1 (d) a,bEH a ' D[y,~] lIa-formula of KP(G) ===> Iv s a] D[y,b]}EHa+ 1 • (e) H () On a a
For the general case of KP(G) we have no asymmetric interpretation into the levels of the constructible hierarchy L, since condition (d) fails for this language. KPu, however, is formulated in the language of KP, and so the Asymmetric Interpretation Theorem works, if the predicate constants Va are interpreted by La' the corresponding level of the constructible hierarchy. We arrive at a variant of Theorem 1.1 and its corollaries for the theory KPu. In particular it follows that
K(Aa.w)
is the least ordinal K s.t.
L is a IT 2-model of KPu, i.e.: the Bachmann-Howard ordinal is the IT 2-ordiK nal of KPu. In order to obtain a theory equivalent to the theory KPi of Jager and Pohlers mula
in [JPJ, we proceed as follows. We observe that there is a llo-for-
Ad(c)
of KP expressing that c is an admissible
~.
Aczel [RA, Thm , 2.4, p, 315£.J there is a IT 3-sentence for every non-empty, transitive set M: M is admissible
Ax
By Richter and
of KP s t , KP iff (M,E)~ Ax KP i
Kripke-Platek Set Theory
We choose a
~o-formula
Tran(c)
231
expressing that c is a non-empty, transi-
tive set, and let (AXKP)(c) be obtained from Ax by bounding to c all unKP bounded quantifiers in Ax KP (see [Bw, p, 15J). Then Ad(c) Tran(c) (AXKP)(C) serves our needs. By a lengthy, but easy verification one can
:=
A
see that for every sentence B, which is an instance of an axiom of KP, Ad(c) ~ B(c)
is derivable using only the axioms of equality and extensio-
nality and the scheme of foundation. Now we define KPi to be KP extended by the following axiom of inaccessibility:
::h(Ad(y)
A
aEy). g=i\a.a+
is
provably Li-definable in KPi. The asymmetric interpretation presents no difficulty, if we choose to interpret into the constructible hierarchy. Namely for a E La we have that a € La+ , La+ is admissible and La+ E La++1' and so (3 YEL + 1)(Ad(y) " a6 y) is true. This is essentially what is a + needed to verify the asymmetric interpretation for the axiom rule in the case of the axiom of inaccessibility. As result we obtain a variant of Theorem 1.1 and its corollaries for the theory KPi. In particular it follows that
K(i\a.a+)
is the IT 2 - or di na l of KPi.
REFERENCES [BwJ
Barwise, J.: Admissible Sets and Structures. An Approach to Definability Theory, Berlin-Heidelberg-New York 1975
[FeJ
Ferbus, M.-C.: Functorial bounds for cut elimination in L .1, in: Bw Arch. math. Logik 24 (1984), 141-158
[Gi IJ
Girard, J.-Y.: A survey of rr~-logic, in: Cohen, L.J., Los, J., Pfeiffer, H., Podewski, K.-P. (eds.): Logic, Methodology and Philosophy of Science VI. Proceedings of the Sixth International Congress at Hannover 1979, Amsterdam-New York-Oxford-Warszawa 1982, 89-107
[Gi 2J
--: rr~-logic, Part 1: Dilators, in: Annals of Mathematical Logic 21 (1981), 75-219
[How]
Howard, W.A.: A system of abstract constructive ordinals, in: JSL 37 (1972), 355-374
[Ja IJ
Jager, G.: Zur Beweistheorie der Kripke-Platek-Mengenlehre tiber den nattirlichen Zahlen, in: Arch. math. Logik 22 (1982), 121-139
[Ja 2J
--: Some Proof-Theoretic Contributions to Theories of Sets, this volume
[JpJ
Jager, G., Pohlers, W.: Eine beweistheoretische Untersuchung von (~!-CA)+(BI) und verwandter Systeme, in: Sitzungsberichte der Bayerischen Akademie der Wissenschaften (1982), 1-28
[JerJ
Jervell, H.R.: Introducing homogeneous trees, in: Stern, J. (ed.): Proceedings of the Herbrand Symposium. Logic Colloquium '81, Amsterdam-New York-Oxford 1982, 147-158
232
P Pdppinghaus
CPa]
Pappinghaus, P.: Ptykes in Godel's T und Hierarchien von Ordinalzahlfunktionen, to appear in the Proceedings of the rri-workshop in Oslo - August 1984
[pc]
Pearce, J.: A constructive consistency proof of a fragment of set theory, in: Annals of Pure and Applied Logic 27 (1984), 25-62 Richter, W., Aczel, P.: Inductive definitions and reflecting properties of admissible ordinals, in: Fenstad, J.E., Hinman, P.G. (eds.): Generalized Recursion Theory. Proceedings of the 1972 Oslo Symposium, Amsterdam-London-New York 1974, 301-381
[RA]
[Sch]
Schwichtenberg, H.: Proof theory: Some applications of cut-elimination, in: Barwise, J. (ed.): Handbook of Mathematical Logic, Amsterdam-New York-Oxford 1977, 867-912
[Ta]
Takeuti, G.: Proof theory, Amsterdam 1975
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
213
TI 2-MODELS OF EXTENSIONS OF KRIPKE-PLATEK SET THEORY Peter Pappinghaus Institut fur Mathematik, Universitat Hannover Welfengarten 1, D-3000 Hannover 1 § 1. INTRODUCTION
In the development of proof theory a shift has taken place from subsystems of analysis (second order arithmetic) to theories of inductive definitions, and from these to extensions and subsystems of Kripke-Platek set theory. The latter change is advanced most forcefully by Jager, and for background and recent results we refer to his contribution in this volume [Ja 2J. Following this trend we present a new method of analyzing extensions of Kripke-Platek set theory in the spirit of Girard's TI~-logic. Our method is remarkably simpler than previous work. Partly this is due to the fact that our aims are less ambitious. In contrast to the tradition we are not concerned with determining so-called proof-theoretic ordinals, but rather with finding TI 2-models and the TI 2-ordinals of the theories we study. These notions are explained below and go back to Jager (see [Ja 2J)t. We assume familiarity with Kripke-Platek set theory as developed in [Bw, Ch. I]. We consider only sets without urelements, and so the formal system KP is formulated in a one-sorted language with the two-place relation symbols
=
and E. As axioms of KP we have the axioms of equality, ex-
tensionality, pairing and union, and the schemes of
~o-separation, ~o-col
lection and foundation. We extend KP to the theory KP(G) by adjoining a new two-place predicate constant G and the following axioms expressing that G is the graph of an ordinal function. (G 1)
\!x,y,z ( G(x,y)
(G 2)
\j x ( Ord(x)
Ord(c) is the usual
+
A
G(x,z) + y
3y ( Ord(y)
~o-formula
A
= Z
G(x,y) ) )
expressing that c is an ordinal.
KP(G) is a uniform way of giving extensions of KP of different strength according to how G is interpreted. For example, if G is to be interpreted as the graph of the constant function with value w, we can replace the relation constant G by a Ll-formula defining this graph, and we obtain a
t The referee has pointed out to me that the notion of TI 2-model implicitly goes back to Tait. However I have not been able to locate a reference.
P. Pdppinghaus
214
theory equivalent to Jager's KPu (see [Ja lJ). And if G is to be interpreted as the graph of the function associating with any ordinal a the next admissible ordinal a+, we can similarly obtain a theory equivalent to Jager's KPi (see [JP]) as well as to Pearce' s ~ (see [Pc]). We are interested only in standard models for the language of KP(G). which are given by a pair (M,g), where M is a non-empty. transitive set, and
g:On + On is a total ordinal function. M is called admissible. if
(M,E) is a model of KP, and M is called g-admissible, if (M,€,G
is a mog) del of KP(G). G is defined by Gg(a,b): (Ord(a) b=g(a)) v (-,Ord(a) g A b=O). (M,g) is called a TIz-model of KP(G), if (M,€,G ) is a model of A
g
every TIz-sentence. which is provable in KP(G).
One way to phrase our aims is to say that we want to determine ordinals K s.t. (VK,g) is a TIz-model of KP(G). (VK denotes the K-th level of the Phrased in a recursion-theoretic spirit, we want
cumulative hierarchy.)
to determine bounds for set functions and ordinal functions, which are ~~ definable provably in KP(G). Let V denote the universe of sets and On the class of all ordinals. We use a.b.c •••• as free variables of the formal language and also (somewhat ambiguously) informally to denote sets. The notation Fl~J is used to indi+
a = al, .•. ,a as its free variabn les. ~ denotes derivability, and a,S,y, .•• are used for ordinals.
cate that a formula F contains at most
f:V + V is called ~?-definable provably in KP(G) iff there is a ~l-formu la F[a.b] of KP(G) s t , KP(G) ~ Yx 3!y Flx,yJ s
set M and
a EM:
defines that
and for every g-admissible
(M,E.,G g) 1= F [a, f(a)J • Analogously one On is Z~-definable provably in KP(G). In particular
f(a) '" M and
f:On
+
an ordinal a is called Z~-definable provably in KP(G) iff there is a ~l formula
A[a] of KP(G) a.r ,
g-admissible set M:
KP(G)
a EM and
l-
(M,E,G
3!y(Ord(y) ~
A
A[y])
and for every
A[a]
g) We will give bounds for provably ~~-definable functions in terms of a
hierarchy of ordinal functions JB:On + On • This hierarchy is defined and investigated at length in [pa
, Kap. IIJ. The indices D of the hierarchy
denote dilators. The following dilators. in particular. playa role in our
To understand this definition and notation (and even more so later parts of this paper) the reader has to be familiar with the fundamentals of the theory of dilators as exposed in [Gi 2, pp. 89-139J.
Kripke-Platek Set Theory
215
The principal bounded ness result is the following. We assume that g:On
+
On is non-decreasing and
Theorem 1.1: Let
qtt]
KP(G) /-
g(O) >
a
be a lIo-formula of KP(G) s
\ft3 y c[ii,y]
s
t ,
V! Eo V ::3 t E V a ]g (a) is true with G interpreted by Gg . (l+Id)(n) This immediately entails closure properties in the cumulative hierarchy.
Then for some fini te n and every ordinal a:
+ +]
C[ a,b
Corollary 1.2: Let K be an ordinal closed under all :]~2+Id) ,n < w. Then (VK,g) is a TIz-model of KP(G). In other words: V is close~n)under K all functions, which are L~-definable provably in KP(G), and these have a VK-absolute L~-definition. K(g) := ~rl+Id) w (0) of the corollary.
is the least ordinal satisfying the hypothesis
() Moreover it follows from the results of CPa] that
the set of ordinals L~-definable provably in KP(G) is a cofinal subset of K(g). Consequently K(g) is the least ordinal K s.t. (VK,g) is a TIz-model of KP(G). An application of the same methods to a version of KPu yields that
K(Aa.w)
(which, incidentally, by [PaJ equals the so-called Bachmann-
Howard ordinal) is the least ordinal K s.t. VK is a TIz-model of KPu. By a slight modification of our techniques we can prove similarly that K(Aa.w) is the least ordinal K s.t. LK is a TIz-model of KPu, i.e. in the terminology of Jager (see [Ja 2J): K(AQ.W) is the TIz-ordinal of KPu. (LK denotes the K-th level of the constructible hierarchy.) Finally we can also analyze a version of KPi and obtain that
K(Aa.a+)
is the TIz-ordinal of KPi. These
ordinals have been determined by Jager and Pohlers in [Ja IJ and [JpJ to equal
EJE
Q+10
and
01 E I +10 respectively.
The principal boundedness result (Theorem 1.1) is proved by combining a syntactic analysis of KP(G) in traditional lines with a semantic analysis in the form of an asymmetric interpretation. To analyze KP(G) proof-theoretically we introduce an infinitary sequent calculus KPV(G). It has for every ordinal a an a-branching rule expressing the definition of Va' and further an On-branching rule expressing that every set is an element of some Va' KP(G) can be embedded in KPV(G). By virtue of the infinitary rules the scheme of foundation can be derived in KPV(G). The remaining axioms of KP(G) - which are of bounded logical complexity - are taken care of by particular rules, called axiom rules. For KPV(G) a weak cut-elimination theorem is proved. (In the disguise of the
P. Pdppinghaus
216
axiom rules there remain specific cuts.) As usual we have to control the lengths of the derivations obtained in the process of embedding and cut-elimination. For this purpose we use dilators rather than ordinals. More precisely we use a relation of majorization between KPV(G)-derivations and dilators. This is the only trace of functoriality in our treatment. We have stayed closer to traditional proof theory ~han the Girard school (see e.g. [Fe]) in that we have not incorporated any functoriality conditions in the notion of derivation. However all infinitary derivations occurring here could be shown to be homogeneous trees in the sense of [Jer] , even primitive recursive ones, and are thus perfectly good constructive objects. While homogeneity of derivation trees would be needed for a unique assignment of dilators as lengths, we get along with a majorization, which can be obtained more cheaply. Moreover we pay no attention to the metamathematical methods employed in our work, and so there is no technical need to bother about homogeneity. Dilators as length bounds are of great technical advantage. We could have replaced the On-branching rule of KPV(G) by an analogous Q-branching rule. In such a setting we could have used ordinals below £Q+I as length bounds like in [How]. But as Howard's work shows, this leads to great complications due to the fact that the fundamental sequences are not well-behaved w.r.t. the algebraic operations. The use of dilators is a much more elegant solution. To obtain length bounds for derivations, one only has to construct natural transformations between dilators without ever paying attention to fundamental sequences. And for coping with the On-branching ·rule we have the fundamental sequences ({D} ~l;;;
'JJ~C'JlgCa»
•
JJgCa) > a
D and D of kind
A
']
gCa) ;;; gCa) .
=>
~
'JgCa);;; JfD}Ca+l)Ca)
Theorem 3.4: Asymmetric Interpretation Theorem If d is a cut-free KPVCG)-derivation of the sequent dilator s.t.
f
f--
1:1 , and D is a
d maj D , then for every ordinal a: g
1 gc<X)
1
a
Cf
f--
1:1)
Proof: By induction on d. We distinguish cases according to which rule has been used last in d. We confine ourselves to a few crucial cases and leave the rest to the reader. Case CV): Let d be obtained from Cd) CV), where d
W
derives
VWCa),f
f--
that D';;;D and for every ordinal W:d hypothesis to da and obtain By Lemma 3.3 we have
g
0
W W6. n
by an application of rule
1:1 • For some dilator D' of kind ~ we have
w maj
{D'}Cw+l) • We apply the induction
1'J{D'}Ca+l)Ca) a
Va r C (a },
'JI{D'}CCI+l)Ca) ;;; 'J1 D, Ca ) ;;; 'JlDCa) , and so 1 JDCa) g The free variable a ranges over Va a anyway, so it follows that \JDC a) g a Cf f-- 1:1) •
1:1
f-- )
CVaCa) .r
l-
1:1)
P. Piippinghaus
222
Case (~o-Coll): Let d be obtained from do with end sequent r ~ ~, (\:I yEa)3zC , and from d with end sequent 3x(\>'ye:a)(3zex)C,r ~ ~ 1 There are dilators Do and D1 s.t. do maj Do' d 1 maj D1, and Do+l+D1~ D . We let (3:=~D (a) and Y:=JG «(3+1), and for contradiction we assume to be D given ~ eVa g.t. gff: (r~~h~J is not satisfied. By induction hypothesis
for do we see that
('1/ y E a)(3 Z 6V(3)Cfa"J is true (recall that C is a ~o
formula of+KP(G». By virtue of V(3E.V(3+1 it follows that (3 XE.V(3+1)(V'Yea) (3 Z e x)C La] is true. By induction hypothesis for d 1 we obtain validity of g~ (3x(\i YE.a)(3 z ~x)C,r ~ ~) , and so g~ tr ~ ~) [it] is satisfied. Since
a~(3+1~y,
we have met a contradiction. By Lemma 3.3 we obtain
Y='JlD «(3+1)~'JID (']l«(3»='llD (J 1 ( '] D (a»)='J D -i-» (ah'JlD(a), and hence the claim follo~s. 1 0 a - 1 Case (Ax): We have to distinguish subcases according to which instance of the axiom rule we meet. The instances of (Eq), (Ext) and (G 1) are valid ~o-formulas
of KP(G), so the claim follows immediately from induction hypo-
thesis. For the instances of (Pair), (Union) and
d is obtained
(~o-Sep),
from do with end sequent 3zc(z),r ~ ~ , where C(b) is a ~o-formula of KP(G). For some dilator Do with do maj Do and l+Do~ D we obtain by induc-
gL (3zC(z), r f-~) [~J is satisfied for arbitrary 'a+I ;Lsva+and (3:=':]D (a+1). By virtue of the content of the axioms, (3 zE.Va+1) C(z)la] is true,oand so g~l(rf-~)L~J is satisfied. Now the proof is comtion hypothesis that
pleted by observing that (3='J D (a+1)~']D (']I l(a»='J)l+D (ah'JD(a) • It remains to look at instanceg of (G 2)~ d is obtai;edofrom d with end sequent (Ord(a) +3y(Ord(y)
o
A
G(a,y»),r f- !1 , and there is a dilator D
-0
sv t , do maj Do and l+Do~ D . We have that (3:='Jl2(a)=']1(']1(a»~']1(g(a»
~g(a)+l, and by induction hypothesis
g+ «Ord(a)+3y(Ord(Y)AG(a~y»),r~
~) [+] a is satisfied for arbitrary + acVa and Y:=']D «(3).
by the ordinal 0 €V , then g(o) ~ g(a), so g(O)E.V
(3
If a is interpreted
) 1 c V(3 , and hence a g a + ye V(3)(Ord(y) A G(a,y» [it] is satisfied. It follows that gff: (rf-!1) is
valid. The proof is completed by noting that Y='J
'J) 2+D -
o(
(a)
s l]D(a) .
D a
«(3)='3I
D
('Jl2 ( a » =
0-
0
§ 4. EMBEDDING OF KP(G) IN KPV(G)
Lemma 4.1: ~
For every formula A of KP(G) there is a cut-free KPV(G)-derivation d of A,r f- ~,A
~
s.t. for some finite k: d maj
1 .
If A is the universal closure of an instance of one of the axiom schemes (Eq), (Ext), (Pair), (Union), (!1o-Sep),
(~o-Coll),
(G 1) or (G 2), then
Kripke-Platek Set Theory
there is a cut-free KPY(G)-derivation d of
223
t-
r
s.t. for some fi-
~,A
nite k: d maj k • Proof:
~
is proved as usual by induction on A, and
using the rules (Ax) and
~
follows from
~
In either case finite derivations
(~o-Coll).
(without applications of (Y~) or (Y» are obtained. It follows easily from Definition 2.2 that such derivations can be majorized by a constant dilator k with
l~
k<w.
Lemma 4.2: Let A(a) be a formula of KP(G), and let Prog(A)
:=
Vx«Vy€ x)A(y)
+
A(x»
1. There is a finite k s.t. for every ordinal derivation d
Ct
of
yCt(a),Prog(A),r
t-
there is a cut-free KPY(G)-
~
Ct
~,A(a)
satisfying d maj (k+S)o2 • Ct
2. There is a cut-free KPY(G)-derivation d of n-~, 'v'y(Prog(A) Id s.t. for some finite k: d maj kol
+
Proof:
A(a)
~
We choose k s.t. k majorizes a KPY(G)-derivation of
and for it we prove the claim by induction on
Ci..
t-
y13(b) ,Prog(A)
bea
y13(b) ,Prog(A)
t-
bE a
(\/ ye:a)y 13(y) ,Prog(A)
t-
(V YEa)A(y)
bE:a
+
+
13(y),Prog(A)
l-
A(a)
yCt(a) ,Prog(A)
l-
A(a)
° :d 13 l- A(b) °
A(b) A(a)
(\fye:a)y 13(y),Prog(A),(VYEa)A(y) + A(a) ('.::/y€a)y
~A(a),
In a fragmentary writing
the induction step looks as follows. bs a
\/xA(x»
t-
t-
A(a)
A(a) all
13
b.,A(b)
Reduction Lemma: Let d and d' be KPV(G)-derivations of c,r ~ b.
r ~ b.,C and
respectively with cut-rank ~n, C a formula of KP(G) of complexity
n, D and D' dilators majorizing d and d' respectively. Then there is a KPV(G)-derivation p(d,d') of
r ~ b.
with cut-rank ~n and p(d,d') maj D·D'.
Proof: By induction on d'. Case 1: C is the principal formula of the last rule of d'. Case 1.1: C atomic: We let p(d,d'):=d. (In case version Lemma.)
1 ~ D'
entails
Case 1.2: C = VxA(x): Let
d~
D
~
C=~,
apply
~
of the In-
D'D' .
be the subderivation of d' deriving the
upper sequent A(b), \fxA(x),r ~ b. and D~ a dilator s.t. d~ maj D~ and l+D'~ D'. By induction hypothesis p(d,d') derives A(b),r L b. and p(d,d')
-
0
maj
0 ' -
D'D~.
Let db be obtained from d by
cation of the cut rule to db and
~
P(d,d~)
desired p(d,d'). We have p(d,d,) maj
0
of the Inversion Lemma. An appli-
with cut formula
D+D'D~
and
A(b)
yields the
D+D'D~=D'(l+D~)~D'D',
and
hence q.e.d. Case 1.3: C = A+B: Let the upper sequents
d~
and di be the subderivations of d' deriving
A+B,r ~ b.,A
and
B,A+B,r ~ b.
respectively, and D~
and Di be dilators s.t. d~ maj D~, di maj Di, and D~+l+Di ~ D'. By applying the Inversion Lemma to d, of
A,r ~ b.,B,
r ~
d~,
s,«
and di we obtain derivations
,and
B,r ~ b.
d*,d~',
and di'
respectively. Two applications
of the cut rule with cut formulas A and B yield the desired p(d,d'). We have p(d,d') maj D~+D+Di and D~+D+Di ~ D'D~+D+D'Di = D'(D~+l+Di) ~ D'D' , and hence q.e.d. Case 2: C is a side formula of the last rule of d'. Let (de)SO apply
~
~
.
•
Cut-elimination Lemma: Let d be a KPV(G)-derivation with finite cut-rank n+l and majorizing dilator D. Then there is a KPV(G)-derivation £(d) of the same end sequent with cut-rank ~n and
£(d) maj (l+Id)D
Proof: By induction on d. Case 1: d is obtained from do and d l by an application of the cut rule. There are dilators Do and Dl s.t. do maj Do' d l maj Dl, and Do+Dl~ D. By induction hypothesis i=O,l: £(d
£(d o) and £(d with cut-rank ~n and for l) By an application of the Reductbon LemmaDwe get
weD~btain
maj (l+Id)
1.
i) £(d):= p(£(d ),£(d l » with cut-rank ~n and £(d) maj (2+Id) o'(2+Id) 1 o D Dl D +D D the claim follows since (l+Id) o'(l+Id) (l+Id) 0 l ~ (l+Id)
Now
Case 2: d is obtained from (d a)a60n by an application of rule (V). There is a dilator D' of kind Q s.t. D'~ D and for every ordinal a: d maj {D'}(a+l) . By induction hypothesis we obtain £(d ) with cut-rank a ~n and £(da) maj (l+Id){D'}(a+l) • We let £(d) be obtai~ed by an application of rule (V) to (£(d » EO . From Lemma 5.1 it follows that {D'}(a+l) aD,a n D' D (2+Id) ~ {(2+Id) }(a+l), and together with (2+Id) ~ (2+Id) w: see that
£(d) rna; (l+Id)D •
- -
Using Lemma 5.2 the remaining cases follow straightforwardly from induction hypothesis. Finite iteration of this lemma leads to the following normal form theorem. Cut-elimination Theorem: Let d be a KPV(G)-derivation with finite cutrank nand majorizing dilator D. Then there is a cut-free KPV(G)-derivation v(d) of the same end sequent with
v(d)
maj
(l+Id)'
n times
Theorem 5.3: For every sequent derivable in KP(G) there is a cut-free KPV(G)-derivation d s.t. for some finite n:
d maj
(l+Id)(n)
Proof: We combine Theorem 4.3 with the Cut-elimination Theorem. Moreover using Lemma 5.2 it is not very hard to prove that for finite k, r there is I d'r k'2 ~ (2+Id) -- (n)
a finite n s.t.
Kripke-Platek Set Theory
229
§ 6. TI 2-MODELS AND TI 2-ORDINALS
We are now in the position to verify the claims made in § 1. First we observe that our principal bounded ness result (Theorem 1.1) follows from Theorem 5.3 together with the Asymmetric Interpretation Theorem (Theorem
3.4). In Corollary 1.2 we have interpreted this result as a closure property of certain levels V of the cumulative hierarchy. Any K closed under all K ~g (n<w) must be a limit ordinal by virtue of Lemma 3.3.4. With Cl+Id) ( ) this n observation, Corollary 1.2 follows immediately from Theorem 1.1. Another way to interpret Theorem 1.1 is to draw from it bounds for the functions, which are ~~-definable provably in KP(G). Corollary 6.1: 1. If
f:V
V is ~~-definable provably in KP(G), then for some finite
+
n and every set a: ~ If
n
f:On
< ~Z2+Id) -
(rank(a»
(n)
is ~~-definable provably in KP(G), then for some finite
On
+
rank(f(a»
and every ordinal
f(a)
Ha£H a S (b) a E: H => "3 a < S: a ~ H a S (c) a,~E.Ha ===> {a,b}6Ha+ 1 and Uae.H a+ 1 (d) a,bEH a ' D[y,~] lIa-formula of KP(G) ===> Iv s a] D[y,b]}EHa+ 1 • (e) H () On a a
For the general case of KP(G) we have no asymmetric interpretation into the levels of the constructible hierarchy L, since condition (d) fails for this language. KPu, however, is formulated in the language of KP, and so the Asymmetric Interpretation Theorem works, if the predicate constants Va are interpreted by La' the corresponding level of the constructible hierarchy. We arrive at a variant of Theorem 1.1 and its corollaries for the theory KPu. In particular it follows that
K(Aa.w)
is the least ordinal K s.t.
L is a IT 2-model of KPu, i.e.: the Bachmann-Howard ordinal is the IT 2-ordiK nal of KPu. In order to obtain a theory equivalent to the theory KPi of Jager and Pohlers mula
in [JPJ, we proceed as follows. We observe that there is a llo-for-
Ad(c)
of KP expressing that c is an admissible
~.
Aczel [RA, Thm , 2.4, p, 315£.J there is a IT 3-sentence for every non-empty, transitive set M: M is admissible
Ax
By Richter and
of KP s t , KP iff (M,E)~ Ax KP i
Kripke-Platek Set Theory
We choose a
~o-formula
Tran(c)
231
expressing that c is a non-empty, transi-
tive set, and let (AXKP)(c) be obtained from Ax by bounding to c all unKP bounded quantifiers in Ax KP (see [Bw, p, 15J). Then Ad(c) Tran(c) (AXKP)(C) serves our needs. By a lengthy, but easy verification one can
:=
A
see that for every sentence B, which is an instance of an axiom of KP, Ad(c) ~ B(c)
is derivable using only the axioms of equality and extensio-
nality and the scheme of foundation. Now we define KPi to be KP extended by the following axiom of inaccessibility:
::h(Ad(y)
A
aEy). g=i\a.a+
is
provably Li-definable in KPi. The asymmetric interpretation presents no difficulty, if we choose to interpret into the constructible hierarchy. Namely for a E La we have that a € La+ , La+ is admissible and La+ E La++1' and so (3 YEL + 1)(Ad(y) " a6 y) is true. This is essentially what is a + needed to verify the asymmetric interpretation for the axiom rule in the case of the axiom of inaccessibility. As result we obtain a variant of Theorem 1.1 and its corollaries for the theory KPi. In particular it follows that
K(i\a.a+)
is the IT 2 - or di na l of KPi.
REFERENCES [BwJ
Barwise, J.: Admissible Sets and Structures. An Approach to Definability Theory, Berlin-Heidelberg-New York 1975
[FeJ
Ferbus, M.-C.: Functorial bounds for cut elimination in L .1, in: Bw Arch. math. Logik 24 (1984), 141-158
[Gi IJ
Girard, J.-Y.: A survey of rr~-logic, in: Cohen, L.J., Los, J., Pfeiffer, H., Podewski, K.-P. (eds.): Logic, Methodology and Philosophy of Science VI. Proceedings of the Sixth International Congress at Hannover 1979, Amsterdam-New York-Oxford-Warszawa 1982, 89-107
[Gi 2J
--: rr~-logic, Part 1: Dilators, in: Annals of Mathematical Logic 21 (1981), 75-219
[How]
Howard, W.A.: A system of abstract constructive ordinals, in: JSL 37 (1972), 355-374
[Ja IJ
Jager, G.: Zur Beweistheorie der Kripke-Platek-Mengenlehre tiber den nattirlichen Zahlen, in: Arch. math. Logik 22 (1982), 121-139
[Ja 2J
--: Some Proof-Theoretic Contributions to Theories of Sets, this volume
[JpJ
Jager, G., Pohlers, W.: Eine beweistheoretische Untersuchung von (~!-CA)+(BI) und verwandter Systeme, in: Sitzungsberichte der Bayerischen Akademie der Wissenschaften (1982), 1-28
[JerJ
Jervell, H.R.: Introducing homogeneous trees, in: Stern, J. (ed.): Proceedings of the Herbrand Symposium. Logic Colloquium '81, Amsterdam-New York-Oxford 1982, 147-158
232
P Pdppinghaus
CPa]
Pappinghaus, P.: Ptykes in Godel's T und Hierarchien von Ordinalzahlfunktionen, to appear in the Proceedings of the rri-workshop in Oslo - August 1984
[pc]
Pearce, J.: A constructive consistency proof of a fragment of set theory, in: Annals of Pure and Applied Logic 27 (1984), 25-62 Richter, W., Aczel, P.: Inductive definitions and reflecting properties of admissible ordinals, in: Fenstad, J.E., Hinman, P.G. (eds.): Generalized Recursion Theory. Proceedings of the 1972 Oslo Symposium, Amsterdam-London-New York 1974, 301-381
[RA]
[Sch]
Schwichtenberg, H.: Proof theory: Some applications of cut-elimination, in: Barwise, J. (ed.): Handbook of Mathematical Logic, Amsterdam-New York-Oxford 1977, 867-912
[Ta]
Takeuti, G.: Proof theory, Amsterdam 1975
Logic Colloquium '85 Edited by The Paris Logic Group
233
© Elsevier Science Publishers B.V. (North.Holland), 1987
WEAKLY NORMAL GROUPS U. Hrushovski and A. Pillay* In this paper we show (Theorem 4.1) that a group G is weakly normal n (or I-based) if and only if every definable X c G is a Boolean combinan) tion of cosets of acl(¢)-definable subgroups (of G Vn if and only if n every definable X c G is a Boolean combination of cosets of definable n) subgroups (of G Vn. (By a ~ we mean here a structure on which there is a ¢-definable group law).
Moreover (Theorem 3.2) such a group is abe-
lian-by-finite. This improves results and answers questions from [Pi3J (which in turn generalizes results of Zilber [zJ). The results of the present paper were actually proved independently by the two authors around the same time. In section 1 we recall some equivalent conditions to that of weak normality, and we take the opportunity to give proofs of assertions in earlier papers (eg. [Pi3J). In section 2 we recall some basic results on stable groups (concerning generic types, stablizers, etc.). In section 3 we show that a "locally connected" definable subgroup of a weakly normal group
is acl(0)-definable.
(This suffices to prove Theo-
rem 3.2). In section 4 we show that if G is a weakly normal group, then any p
~
S(G) is determined by the definable cosets in p (this, together with
results of section 3, is enough to prove equivalence in Theorem 4.1). For background on stability theory, see [PilJ and [ShJ, and for stable groups, see [B-LJ and [PlJ. The second author wishes to thank Daniel Lascar for some very helpful remarks. 1.
T will here be a complete theory [is, as usual, a very saturated model of T and [e q is as in [Sh~. Every element of ofq is a member of a certain sort S.
Two important sorts are S-, the sort of elements of [,
*Supported by NSF grant DMS 8401713
U. Hrushovski and A. Pillay
234
and Sn, the sort of n-tuples from [n A definable set X (of elements of a given sort) is said to be weakly normal if every infinite set of pairwise distinct conjugates of X (with q) respect to automorphisms of [e has empty intersection. T is said to be weakly normal for sort S if every definable set of elements of sort S is a Boolean combination of weakly normal definable sets.
T is weakly normal
if T is weakly normal for all sorts S. It is Easy to see (as in [Pi-S]) that if T is weakly normal for sort =
S , then T is stable.
On the other hand, suppose [has a ¢-definable group
structure, and X is a coset of an acl(¢)-definable subgroup H. ily X is weakly normal.
Then eas-
We will in fact show that for weakly normal
groups, this is the typical situation. Recall from [ShJ that if p is a strong type over some set,then Cb(p) (canonical b~se of p) is the set of elements of [eq which are fixed by every automorphism of [eq which fixes the unique nonforking extension of p to [eq.
The stable theory T is said to be I-based for sort S if for any
a of sort Sand B, Cb(stp(a/B»
~
acl(a).
(Note that Cb(stp(a/B»
c acl(a)
means that the global nonforking extension of stp(a/B) does not fork over {a}).
T is said to be I-based if T is I-based for all sorts S.
We say that T type-interprets a pseudoplane i f there are complete eq with p(x) u q(y) c I(x,y) such that types p(x), q(y), I(x,y) of r [eq (teq [eq > is a pseudoplane (see [LcJ).
G, Gil 'x=x').
=>
First let a be such that tp(a/G) is a generic of H.
So note that a and g are independent over G.
be a model such that tp(a/G') does not fork over G. eric of H (or rather of ¢
G'
where ¢(x) defines H).
generic of the coset Hg (which is G'-definable). Hg'.
Let
G u a, and g be such that tp(g/G") is a generic of G"(Le. of So let G'
=>
G' ug
So tp(a/G') is a genThus tp(ag/G') is a
We put g'=ag.
So Hg
Also, as tp(g/G") is a generic of 'x=x', tp(ag/G") does not fork
over ¢ and so tp(g'/G) does not fork over 0.
This proves the claim.
We may assume that G' is very saturated.
Let v be the canonical
parameter of Hg'. By local connectedness of H, the Hg'-genericity of tp(g'/G') and Lemma 2.1, it follows that v mality of G, v meter of H). over 0, so u Theorem 3.2. ite.
E
acl(g').
So u
E
Clearly u
acl(g').
E
Cb(tp(g'/G').
E
By weak nor-
dcl(v) (u is the canonical para-
But by the claim u and g' are independent
acl(0), i.e., H is acl(0)-definable.
E
Let G be a weakly normal group.
Then G is abelian-by-fin-
Moreover, if the language of G is just the language of groups, the
converse also holds. Proof.
The fact that G is abelian-by-finite follows from Lemma 3.1 as
in [Pi3J (based on an idea of Zilber [zJ).
We will give a slightly
streamlined argument, pointed out by Poizat:
We may assume by stability,
that G has no proper centralizer of finite index. H = {(h,glhg): g
2
h
E
G}.
E
G, let
So each H is a locally connected definable subg
group of G , and so by Lemma 3.1, acl(0)-definable. finitely many distinct H ,g g
in G.
For each g
E
G.
So there are only
But the H 's index the cosets of Z(G) g
239
Weakly Normal Groups So Z(G) has finite index in G.
So Z(G)
= G.
If G is abelian-by-finite, and has no structure other than the group structure, then G is known to be interpretable (with parameters) in an Rmodule for some ring R (see [BCM] for example). ted out that any module is weakly normal.
But we have already poin-
So therefore is G.
This com-
pletes the proof of Theorem 3.2. Remark 3.3.
S. Buechler has pointed out that the proof of Lemma 3.1 works
with G I-based replaced by the weaker condition a dominates Cb(p) over 0."
"for any p
stp(a/A),
In effect we obtain g' dominates v over 0. So
g' dominates u over 0, and as g' and u are independent over 0, u is algebraic over 0.
Thus this weaker condition implies abelian-by-finiteness.
4. Here we prove our main theorem. Theorem 4.1. (a)
Let G be a weakly normal group.
n Then every definable subset of G is
a Boolean combination of cosets of acl(0)-definable subgroups of (b)
en.
Conversely, if G is a group in which every definable subset of
en
is
a boolean combination of definable subgroups, then G is weakly normal. The theorem may be restated as follows.
An Abelian structure is an
Abelian group A together with distinguished subgroups of An for the various n's.
Any Abelian structure is interpretable in a module.
Restatement
Let G be a weakly normal group.
bi-interpretable with an Abelian structure.
Then G is parametrically More precisely, G has a 0-
definable subgroup A of finite index.
Let M be any elementary submodel O of G, and add a constant for every element of M so that M = dcl(0). O O' Let A denote the model with universe A and with the induced Abelian structure alone, and let
A denote
A with the full induced structure.
Then:
(1)
There exists a MO-definable bijection of G with An (for some n.)
(2)
The structures
relations.
Aand
(A,a) A M have exactly the same definable aE n 0
To prove the restatement, use theorem 3.2 to find A, and add constants for MO' co sets of A in
(1)
e.
is obvious as M has a set of representatives for the O For (2), let ¢(x) define a subset of An for some n.
By 4.l(a),¢(x) is equivalent to a Boolean combination of cosets of ¢-definable subgroups. form C-UiC each C i
C
It may be written as a disjunction of expressions of the
where C and the Ci's are cosets of 0-definable subgroups, i, C, and no C has finite index in C; and moreover it can be i
U. Hrushovski and A. Pillay
240
arranged that if e and D are two cosets that appear positively, enD has infinite index in both C and D.
Under these conditions, it is easy to see
that the set of cosets appearing positively is uniquely determined. ember that ¢ is 0-definable). model, e n M '" O. (A,a)
ae
A 1
If c
O
E
(Rem-
Since M is a O then e = (C - c) + c is ¢-definable in
Thus each C is algebraic.
e
nM O'
.The cosets occuring negatively can now be dealt with in a
f M O
similar manner.
Thus ¢ is 0-definable in (A,a)
AnM'
0 The proof of 4.l(a) hinges on the following lemma.
Lemma 4.2.
Let G be weakly normal, ITI+-saturated, and p
Sn(G).
Then
Let us first see how Theorem 4.l(a) follows from this Lemma.
Given
for some (right) coset p
E
aE
Sn(G), let
A~
A~
of Stab p,
be as in Lemma 4.2.
~ c
E
p.
It follows from Lemma 4.2 and Lemma
2.2 that Stab p is connected. Thus ~Stab(p) ++ A~, where ~= {¢(x) over G: nected subgroup and l=Stab p By Lemma 3.1, each ¢
E ~
-+
¢ defines a locally con-
¢}.
is acl(0)-definable.
By Lemma 2.1 ii), P is the unique generic type of A{~(X)
E
p:
right coset of an acl(0)-definable subgroup}.
So it follows that if
p,q
~
Sn(G),then p = q if and only if whenever
E
~
is a
defines a right coset of
an acl(0)-definable subgroup of G,then ~ E P iff ~ E q. It follows easily n that every definable X c G is a Boolean combination of cosets of acl(0)definable subgroups. Proof of Lemma 4.2. generic of G.
Without loss of generality n = 1.
Let the model G'
=>
Let tp(g/G) be a
G' u g be [TI+-saturated.
Let p' =
tp(a/G') be the nonforking extension of p. By genericity of tp(g/G),we have a and ga are independent over G.
(I)
Let q = tp(ga/G') (=gp'). Let S = Stab p. too.
Let
Claim (II).
gS
So S is a A-definable subgroup of G,and moreover S
Stab p '
denote the (A-definable) left coset of S by g. Let f be a G-automorphism of G'.
Then f(q) = q iff f(gS)
gS. Proof.
Note that any G automorphism f of G' fixes p'. Thus q = f(q) iff 1 -1 gp' = f(gp') iff gp' = f(g)p' iff f(g)- g p' = p' iff f(g) g E S iff gS =
f(g)S iff fS = f(gS) (as S is also G-definable). Let now fgSl denote the set of canonical parameters for the definable cosets in gS.
241
Weakly Normal Groups So from Claim (II) we have (III)
q does not fork over G u 'gS', and moreover, as G is I-based we have;
(IV) cgS' s: ad (G u {ga}) . Claim (V.) Proof.
tp (ga/G u {a}
u rgS 1) does not fork over G c r gS 1 .
By (IV) and (I), tp(a/G
u i ga}
urgS'j does not fork over G and
so does not fork over G u 'g5 Now apply forking symmetry. '• Now by (III) and Claim (V) we have: (VI.)
tp(ga/G') and tp(ga/G u {a}
u rgS') are parallel.
Now ga f (gS)a, the latter being an infinitely {a} u rgSl-definable By (VI) and saturation of G' there is a' E G' such that ga E g(Sa') (note that g E G' and S is G-definable). So a E Sa'.
As p'
=
tp(a/G'), is the nonforking extension of p, there
is, by saturation of G, some a" E G such that a So we have shown that some right coset of S
=
E
Sa", i.e. 'x
E
Sa'"
E p.
Stab p is in p, and this
concludes the proof of Lemma 4.2, and thus of Theorem 4.l(a). Proof of Theorem 4.l(b). Let G be a group, and assume that every 0-definable subset of G(n) is a Boolean combination of definable cosets. mal.
We show that G is weakly nor-
Without loss of generality, G is IT!+-saturated. Note first that G is stable:
call a formula ¢(x,y) stable if there
is no sequence ai' indexed by an infinite linearly ordered set I, such that i < j *¢(a.,a.) IIl¢(a.,a.). ].
J
J].
By the usual Ramsey argument, the class
of stable formulas in variables x,y is closed under negation and under disjunctions, hence under Boolean combinations.
Since every definable subset
of G(n) is a Boolean combination of cosets, it suffices to prove that cosets are stable. Suppose ¢(x,y) = "(x,y) E dH" is unstable, where H is a n. definable subgroup of Gn and d f G By making a change of variables, we ~ay
assume d
1.
So there exists a sequence ai(i ( Q) such that i < j *
(a.,a.) ( dH II (aJ.,a ].
so (1,a tion.
-1
J
3
a
l)
(H.
i dH. i) Since (a
In particular, (a
E dR, (a O,a3) f dH, O,a1) E dR, we get (a E dR, a contradic2,a l) 2,a 3)
We need to show that every definable subgroup is a finite union of
cosets of subgroups definable almost over 0.
Let Sa be a subgroup defin-
able from the parameters a; for convenience, and without real loss of generality, assume a (G.
Let S
=
{(x,y):
S
x
is a subgroup and YES}. x
assumption, S is a Boolean combination of definable cosets; they are all definable over some set, say X.
Since S is O-definable, it must also be
equal to a Boolean combination of X'-definable cosets, whenever X' is a
By
242
U Hrushovski and A. Pillay
conjugate of X; so X may be chosen independent from a.
Using dis-
junctive normal form, we may write S as a finite union of sets of the form C-(Ei
U ••.• U En)'
where C is a coset of some subgroup H, and each E is a i coset of some subgroup of H. Let b realize the generic type of the connected component of Sa over XU{a}, juncts C-(Ei
U,:.U
and let HI
{y:
Claim Sao
=
En)'
So the pair (a,b) is in one of the dis-
Let H denote the subgroup of which C is a coset,
(l,y) E H}.
Sa n HI has finite index in both Sa and HI'
= HlO,
In other words
where ( )0 denotes the connected component of ( ).
Let p be the generic type of S 0 (over X U {a,b}), and let c F p, -1 a -1 Then (a,c) E C, so (l,bc ) E H, Since bc itself realizes p, every o o generic element of Sa is in HI' so Sa C HI' We need to show conversely that HI F.1, 1
=
0
Let F be the subgroup belonging to E and let i, i {(y: (l,y) E F.,}. Let Q = {L: (a,l) E E Q = {t: Fi,l has fin1 1 i}, 2 ES a
ite index in HI}'
If i
0
E Ql' then b ESC HI a
0
c F.J., l' so (I, b) ( Fi;
since (a,b) , E (l,b) E F and (a,l) E E are not simultaneously possii, i i o
Now let q be the generic type of HI over X' U {a,b}, There are two possibilities: (1) (2)
If c
F q,then
(a,c) is not in any E i, For some i, if c F q, then (a,c) E E i,
If the first possibility holds, then (a,c) E C whenever c So suppose (2) holds, lows that (l,c) E F (a,l) E E i,
f=
q, so H~ c' Sa'
By comparing two generic realizations of q, it folo for c F q, Thus HI c Fi,l' Again by (2),
i Thus i E Q l
n Q ' a contradiction,
2
This proves the claim,
Now HI is X-definable, so HI n Sa is definable almost over X. (Every o conjugate of HI n Sa is a subgroup of HI containing HI ; the number of possibilities is bounded.) almost over {a}. almost over 0.
For the same reason, HI n Sa is definable
Since a and X are independent, HI n Sa is definable Thus Sa has a subgroup of finite index definable almost
over 0. We have shown that every definable group is a finite union of cosets of acl(0)-definable subgroups, bination of such cosets.
Therefore every formula is a Boolean com-
It was remarked in section 1 that any coset of
an acl(0)-definable subgroup of
en is
weakly normal.
By propositions 1.1
243
Weakly Normal Groups and 1.2, G is weakly normal. j{~RKS
~
By Theorem 4.1, the structure of an infinite dimensional vector space
over a field, with a predicate picking out a basis, is not I-based (although it is w-stable).
4.4
It follows easily from Theorem 4.1 that a weakly normal group is non-
multidimensional (in fact any type over a ITI+-saturated model is a translate of a type based on acl(0», and has the following strong version of NOTOP:
0\
i f M M are models independent over M c M
u M2) l n M2, then acl l, 2 is a model. To see this,note that the property is preserved by addition
of constants and by interpretation, and use the restated version of the theorem and the corresponding fact for modules from [Pi-PrJ.
4.5
The first author has recently shown that if
~
is weakly normal and q
is a non-trivial regular type, then T interprets a group G, and q is domination-equivalent to the generic type of a subgroup of G.
Thus the char-
acterization of weakly normal groups in this paper is a powerful fact about general I-based theories, at least in the superstable context.
4.6
A supers table theory is simple if for all algebraically closed sets
A,B,C with A Aut(~/B)
c
B n C, Band C are independent over A if and only if
u Aut(~/C) generates Aut(~/A).
This is considerably weaker than
weak normality; it can be thought of as saying that weak normality holds if one adjoins imaginaries of high complexity.
The second author has shown
that simple superstable groups are nilpotent-by-finite. REFERENCES [BCMJ [BLJ [LcJ [Pi IJ [Pi 2J [Pi 3J [Pi-PrJ [Pi-SJ
W. Baur, G. Cherlin and A. Macintyre, Totally categorical groups and rings, Journal of Algebra, 57(1979), 407-440. Ch. Berline and D. Lascar, Superstable groups, to appear in the Annals of Pure and Applied Logic, 30, {1986) 1.43. A.H. Lachlan, Two conjectures on the stability of ~o-categorical theories, Fund. Math. 81(1974), 133-145. A. Pillay, An introduction to stability theory, Oxford University Press, 1983. A. Pillay, Stable theories, pseudoplanes and the number of countable models, submitted to Annals of Pure and Applied Logic. A. Pillay, Superstable groups of finite rank without pseudoplanes, appear in Annals of Pure and Applied Logic (Proceedings of Trento meeting). A. Pillay and M. Prest, Modules and stability theory, submitted to Transaction of A.M.S. A. Pillay and G. Srour, Closed sets and chain conditions in stable theories, Journal of Symbolic Logic, 49(1984), 1350-1362.
244 [p 1]
[P 2J [Sh] [Z]
U. Hrushovski and A. Pillay B. Poizat, Groupes stables avec types g~neriques reguliers, Journal of Symbolic Logic, 48(1983), 339-355. B. Poizat, A propos de groupes stables, preprint, 1985. S. Shelah, Classification Theory, North-Holland, 1978. B. Zilber, Structural properties of models of~l-categorical theories, preprint, 1983.
U. Hrushovski Department of Mathematics University of California at Berkeley Berkeley, California 94720
A. Pillay Department of Mathematics University of Notre Dame Notre Dame, Indiana 46556
Logic Colloquium '85 Edited by The Paris Logic Group
245
© Elsevier Science Publishers B.V. (North-Holland), 1987
A PROPOS DE GROUPES STABLES Bruno Poizat Universite Pierre et Marie Curie
Et qui f.,a);t f.,..t lu 6le.uJtf., nouvelle.!> que [e. Jt~ve TJtouveJtont dan}., ce Ml lave. c.omme une gJte.ve Le myf.,Uque aliment qui 6eJta);t le.uJt v-igue.uJt
C.B. La grande mode de la fin des annees 60, pour les logiciens de tournure d'esprit quelque peu algebrique, c'etait Ie safari aux groupes, aux anneaux, aux corps, ou aux structures les plus bizarres qui eliminaient les quanteurs, ou bien qui avaient une theorie decidable.
Quand sont app-
arues les classifications fondamentales de la Theorie des Modeles contemporaine:
cat~goricite, stabilite, superstabilite, etc .. , il a fallu aussi
pourchasser ceux qui entraient dans ce cadre: On a vu defiler d'impressionantes theories de r~sultats, qui manifestent bien l'enthousiasme des amoureux de la chose; malheureusement, pour beaucoup d'entre eux, la recette manquait de sophistication:
on sort un
plat congele d'un bouquin d'algebre, on enrobe de sauce logique, et on passe au four
a micro-ondes.
Nos estomacs se lassent vite de mets si peu
epices, et nos esprits sont tourmentes par cette insidieuse question: pourquoi faire cela, pourquoi est-il si necessaire de partir che des groupes stables?
a
la recher-
S'agit-il d'un rapprochement artificiel de deux
notions venues d'horizons etrangers - Ie groupe, la stabilite - n'ayant d'autre interet que de faire Ie bonheur des directeurs de these en mal de sujet? Eh bien non, car on peut pretendre que ces groupes stables interviendront dans (presque?) tout contexte ou la Logique aura un int~ret mathematique, et pas seulement metamathematique; ces deux choses, Ie groupe et ~a
stabilite, ant la meme signification: Les groupes sont
a la
f.,tJtuc.tUlte.
fois les objets les plus typiques, les plus
mysterieux et les plus fascinants de nos mathematiques, et il est inutile d'argumenter longtemps pour convaincre ceux qui ne sont deja convaincus qu'un groupe apporte une structure mathematiquement signifiante. Quant a la stabilite, c'est ce qui permet de domestiquer cette structure: trap de structure, ce n'est plus de la structure, c'est un chaos. J'ajoute que la signification de la stabilite, elle, n'a plus de mystere,
B. Poizat
246
et est facilement accessible maintenant qu 'on dispose d 'un bon manuel sur Le sujet. En un mot, chaque fois qu'une structure restera sous notre contrale, elle sera stable, et, si elle n'est pas triviale, on y trouvera un groupe; d'oll l'importance des groupes stables. ablement terroriste, je renvoie
a la
Pour conforter cet argument pass-
construction par Boris Zil'ber d'un
"groupe de liaison" dans une structure aleph-un-categorique non fortement minima Ie [ZIL'BER 1980J, au "groupe de Galois" associe par Ellis Kolchin
a certaines
equations differentielles [KOLCHIN 1973J, [POIZAT 1985, ch.
l8J, et au groupe aasoc Le par Ehud Hrushovski trivial
a un
type regulier non
[HRUSHOVSKI 1986]·
A - STRUCTURES SANS STRUCTURE La structure qui en est Ie plus depourvue (de structure), c'est bien celIe d'un ensemble infini A dans Ie seul langage de
l'egalite~
Si donc
mon introduction n'est pas un del ire pur, on n'y peut definir de groupe infini.
Vous en etes bien persuades, mais comment Ie prouver?
Faisons une premiere tentative. metrie, vous pouvez argumenter ainsi:
Si vous avez des lumieres en geosoit G un tel groupe; il est omega-
categorique, donc d'exposant fini n; mettez sur A une structure de corps K algebriquement clos, de characteristique zero; comme nous Ie verrons, a G devient alors un groupe algebrique; soit G son plus grand sous-groupe a affine connexe; G/G est une variete abelienne, qui est finie car une variete abelienne infinie contient des elements de tout ordre fini premier a, characteristique. Choisissez une representation lineaire de G qui
a la
devient un groupe de matrices; les valeurs propres du "point generique" a de G (qui est Ie type defini par l'ideal premier associe a cette variete) sont
a chercher
parmi les racines nO de l'unite; donc Ie generique reste
generique sur chacune de ses valeurs propres; or l'equation matricielle = 0 definit un ferme de ZarisKi de Ga: si elle est satisfaite
det(X - AI)
g~,eriquement, elle est satisfaite partout, et en particulier par l'iden-
tite; la seule valeur propre possible pour Ie generique est donc 1, et n comme 1 est racine simple du polynome X - 1 Ie generique, et donc tout a a, el~ment de G satisfait X = I, G = I, G est fini! Pendant qu'on y est, on observe qu'en characteristique p un groupe algebrique connexe d'exposant fini est d'exposant pm; il est forme de matrices unipotentes, il est done nilpotent.
247
Groupes Stables
Si vous manquez de lumieres en geometrie, vous cherchez une preuve plus raisonable:
mettez cette fois sur A une structure de chatne; les
chalnesentune propriete que James Schroerl a qualifie de nuet~e [SCHMERL 1977]. et que je prefererais appeler loc~e.
a savoir
l'exis-
tence d'un entier k (pour une chaine k=2) tel que pour tout element a et tout uple fini b Ie type de a sur
b
soit determine par sa restriction
a
moins de k elements de b. Dne structure locale ne permet pas d'interpreter un groupe G infini: soit G un groupe. defini sur une partie definissable de Am/E, ou E est une relation d'equivalence definissable; si G etait infini, on pourrait trouver une suite indiscernable (dans l'ordre) de m-uples al, ...a •... , donnant n des elements distincts bl ••••• b ••••• dans G (ou plus exactement dans une n extension elementaire de G); il existe alors un entier n tel que Ie type du produit. au sens de la loi du groupe. bl .... b
sur {al, .••a soit n} n determine par sa restriction a {al ••••ai_l'ai+l' •••an}; on voit que bl ••. b
ri
est rationnel sur cet ensemble. ce qui est en conflit avec l'indis-
cernabilite de la suite. On peut etre surpris de constater qu'il est plus facile d'enrichir d'abord la structure. et de montrer un resultat plus fort que celui pose par Ie probleme d'origine; c'est que l'egalite, de meme que toute structure stable infinie. n'est pas locale; en effet. dans une structure locale on ne peut trouver de suite infinie totalement indiscernable, comme Ie lecteur Ie verifiera aisement; il verifiera avec une egale facilite qu'une structure locale ne peut avoir la propriete d'independance (voir [POIZAT 1985, ch. 12]).
Pour un raisonement direct. il faut utiliser l'analogue
stable de la localite. c'est-a-dire l'existence d'un entier k tel que pour tous a et b. il existe une partie
c de b d'au plus k elements tel que
tp(a/b) soit l'unique extension non deviante de tp(a/c) (pour la deviation. voir [POlZAT 1985. ch. 15]).
,B - LES EXEMPLES CANONIQDES Afin de ne pas egarer d'avantage un lecteur, ou une lectrice, qui ne serait deja specialiste du sujet. je decris maintenant les principales familIes de groupes connus pour etre stables. Tout d'abord je precise ce que j'entends par "groupe stable": UYl gJtoupe. G de6hU daYL6 UYle. -6.tJw.c.:twte. -6ta.ble.; cela revient a dire, grace au Theoreme de Separation des Parametres [POIZAT 1985. 12.31]. un groupe G.
248
muni d'une structure suppl~mentaire, Ie tout etant stable.
Cette conven-
tion n'est pas Ie produit d'un amour gratuit de la generalite; d'abord, la Theorie des Modeles est impuissante
a distinguer,
dans un cadre general,
ce qui vient de la seule loi de groupe de ce qui necessite un langage plus riche, et je ne connais aucun theoreme de stabilite specifiant la restriction au seul langage des groupes; ensuite, quand bien meme nous etudions un groupe G reduit
a sa
seule loi de groupe, nous voyons apparaltre des
sous-groupes H au des groupes quotients G/H definissables dans G, et ceuxla doivent etre consideres avec toute la structure qui provient de G; enfin, un groupe apparaissant dans un contexte mathematique a de fortes chances de porter une structure supplementaire.
Par exemple, Ie langage
naturel pour etudier les groupes algebriques est celui de la geometrie, celui au on considere tout ce qui est definissable grace au corps de base (qui est algebriquement clos); G est alors une structure aleph-un-categorique; il est cependant vrai que, dans bien des cas, on peut reconstituer toute la geometrie Autre illustration:
a partir
de la seule loi de groupe.
d'apres un theoreme d'Angus Macintyre, amelior~
par Gregory Cherlin, on sait qu'un corps supers table est algebriquement clos; comme les corps algebriquement clos sont Ie paradigme meme de structure om~ga-stable, et meme fortement minimale, on a l'impression que Ie probleme est regIe.
C'est une erreur, car les corps qu'on voit appar-
aftre dans Ie contexte des groupes stables peuvent etremunisd'une structure plus riche; il sera it particulierement important de savoir si un corps de rang de Morley fini est necessairement de rang un; et meme, ce qu'est un corps de rang un, personne ne Ie sait:
il est possible que ce
ne so it rien d'autre qu'un corps (algebriquement clos), dans lequel on aura singularise quelques canstantes, mais persanne n'a reussi
a Ie
mon-
trer. 1 - Les groupes faiblement normaux TOU4
leo
g~oupeo
abet1enb
~ont ~tableo, quand on est dans Ie seul
langage des groupes, naturellement; plus generalement, il en est ainsi des modules, et des groupes abeliens par fini, qui s'interpretent dans un module.
Leurs parties definissables ant meme une structure beaucoup
plus trivialeque ce qu'impose la stabilite:
d'apres Wanda Szmieliev
[SZMIELIEV 1955] et Walter Baur [BAUR 1976], ce sont seulement les combinaisons booleennes (finies~) de classes modulo des sous-groupes definis-
Groupes Stables sables sans parametres.
Ces groupes sont des structures dimensionelles,
chaque type etant D-equivalent sur
0.
249
a
(et en fait:
translate de) un type base
On observa, en lisant [POIZAT 1985, ch. 6J, que l'analyse modele-
theorique des modules se ramene au seul resultat d'algebre suivant, du
a
[NEUMANN 1952J: LEMME DE B. NEUMANN: S' V
:
une triangulation semf-al.qebr tque (C est un complexe
simplicial fini et Si
0
un homeornorphisme semt-a l qebr Ique de C sur V).
est un simplexe de dimension d-1 de C on note g(o) I e nombre de
simplexes de dimension d dont
0
est une face. Alors
Theoreme 3.3.2.1. ([39], [11], [5]) Si
0
est un simplexe de dimension d-1 l e nombre g(o) est pair.
Theoreme 3.3.2.2. ([ 11], [5]) Si (0')
0
et 0'
sont deux simplexes de dimension d-1 et si (0)
et
sont contenus dans un meme sous-ensemble algebrique irreductible
de dimension d-1 de V, al or s g(o) est congru 11 g(o') modulo 4. Grace au dictionnaire fourni par Ie spectre reel entre l'algebre et 1a geometrie, ces theoremes sont demontres dans [11] 11 partir de resultats algebriques sur 1es anneaux de valuation reels. 4. PERSPECTIVES D'AVENIR 4.1. Les anneaux exce11ents L'etude du spectre reel des anneaux excellents semble tres prometteuse. Les anneaux excellents [25] jouissent d' excellentes proprle tes (d I ou leur nom) du point de vue de I' al qebre commutative tout en enq.l.obant 1es cas particuliers des anneaux de fonctions pol ynomes , de series
M.p. Roy
276
formelles, de series formelles e l.qebrIques , de fonctions analytiques, de fonctions de Nash. II semble probable que les spectres reels des anneaux excellents ant toutes les bonnes proprietes des spectres reels des anneaux de fonctions polynomiales. A partir d'un theoreme de dimension reelle J. Ruiz a deja pu mantrer Theoreme 4.1.1. [33] 5i M est une var Let.e analytique compacte, les sous-ensembles de M definis par une combinaison booleenne d'inegalites portant sur des fonctions analytiques sur M sont en bijection avec les constructibles du spectre reel de l'anneau des fonctions analytiques sur M. Ceci donne la solution du 17e probleme de Hilbert pour les fonctions analytiques reeties sur une var Iete analytique r ee l l e compacte M. Theoreme 4.1.2. [33] Toute fonction analytique strictement positive sur M est somme de carres de fonctions meromorphes. Le cas non-compact reste ouvert. Il est Lnt.eres san t de signaler que dans Le cas analytique on a l e theoreme 4.1.1. qui remplace Ie theoreme d'homomorphisme d'Artin-Lang mais pas de stabilite par projection: la projection d'un ensemble semianalytique n'est pas en general semi-analytique [24], phenomene qui est a l'origine de l'etude des ensembles sous-analytiques. 4.2. Les ensembles semi-pfaffiens L' etude de la qeomet r Le des ensembles def In I s par une combinaison booIeenne d' Ineqal I tes se pose pour d' autres classes de f onc t i ons ' que les polynomes ou les fonctions analytiques, par exemple pour les fonctions pfaffiennes [19]. Les fonctions pfaffiennes sont definies par induction: les polynomes sont des fonctions pfaffiennes et une fonction analytique dont les der I vee s sont des expressions po.lynomia l es d' e l l e-meme et de fonctions pfaffiennes deja definies est pfaffienne (un exemple typique de fonction pfaffienne est l'exponentielle qui verifie l'equation diff'er ent l.eLle y' = y ) . Les ensembles semi-pfaffiens sont les ensembles def Lni s par des combinaisons bool eenne s d' Ineqal Ltes portant sur des fonctions pfaffiennes. A partir de resultats partiels on pense que les ensembles semi -pf aff iens partagent les bonnes pr-opr i e tes de f ini tude des ensembles semi-algebriques [40]. Les fanctions pfaffiennes sont utilisees par Khovanski dans l'etude des "fewnomials" (polynomes avec peu de monomes). Il montre un theoreme
Logique et Gdometrie Algebrique Reelle
de Bezout
r~el
277
qui majore Ie nombre de solutions non
d~g~n~r~es
d'un
sys teme d' equat Ions pol.ynomial.es en n inconnues par une fonction du nombre de monomes du systeme [19]. II s'agit la d'un
~nonc~
du premier
ordre dont on ne connait pas de demonstration ~lementaire. 5. EN GUISE DE CONCLUSION On est done amene a constater I' infl uence profonde qu' a exercc la logique en g~om~trie algebrique reelle. La reciproque est aussi vraie : les corps r~els clos, introduits par Artin et Schreier pour l'etude du 17e probleme de Hilbert ont jou~ un role important dans Ie developpement de la theorie des modeles. Les recents travaux de Pillay-Steinhorn et van den Dries sur les structures O-minimales [29] montrent que l' histoire de ces echanges et influencec
r~ciproques
n'est pas finie.
On observe aussi que dans Ie developpement de la theorie une approche geometrique
ou
algebrique
directe
logiques ou categoriques d'origine,
se
substitue
aux
considerations
signe que les objets abstraits
finissent par se laisser apprivoiser au point de devenir des objets qu'il est a l'evidence nature 1 d'etudier. BIBLIOGRAPHIE [1] Artin
[2] [3]
[4] [5] [6] [7] [.ll]
[9] [10] [11]
E., Uber die Zergelung definiter Funktionen in Quadrate, Abh. Math. Sem. Univ. Hamburg 5 (1927) 85-99. Artin M., Grothendieck A., Verdier J.-L., Theor Ie des topos et cohomologie etale des schemas (SGA4) volume II, Springer Lect. Not. Math. 270 (1972). Artin M., Mazur B., On periodic points, Ann. of Math. 81 (1965) 82-99. Ben-Or M., Dexter K., Reif J., The complexity of elementary algebra and geometry, Prepublication MIT (1983). Bochnak J., Coste M., Roy M. -F ., Ceomet.r l e aLqebr Lque r ee l l.e , Ergebnisse der Mathematik, Springer-Verlag (a paraitre). Bochnak J., Efroymson J., Real algebraic geometry and the 17th Hilbert problem, Math. Ann. 251 (1980) 213-241. Brocker L., Minimale Erzeugung von Positivbereich, Geometria Dedicata 16 (1984) 335-350. Collins G. E., Quantifier elimination for real closed fields: a guide to the litterature, dans Computer algebra, symbolic and algebraic calculation, Springer-Verlag (1982) 79-81. Coste M., Localizations, spectra and sheaf representation, dans Applications of sheaves, Springer Lect. Not. Math. 753 (1979) 212-238. Coste M., Ensembles semt -a IqebrIques , dans Ceometr Le al qehr i.que r~elle et formes quadratiques, Springer Lect. Not. Math. 959 (1982) 109-138. Coste M., Sous-ensembles algebriques r~els de codimension 1, C.R. Acad. Sc. Paris 300 (1985) 661-664.
M.F. Roy
278
[12] Coste M., Roy M.-F., Topologies for real algebraic geometry, dans Topos theoretic methods in geometry, A. Kock ed. Arhus Universitet (1979) 29-100. [13] Coste M., Roy M.-F., La topologie du spectre reel, Contemp. Math. 8 (1982) 27-59. [14] Coste M., Roy M.-F., Le spectre eta Ie reel d'un anneau est spatial, C.R. Acad. Sc. Paris 290 (1980) 91-94. [15] Delfs H., Knebusch M., Semi-algebraic geometry over a real closed field II : Basic properties of semialgebraic spaces, Math. l. 178 (1981) 175-213. [16] Dubois D., A Nullstellensatz for ordered fields, Ark. Math. 8 ( 1969) 111-114. [17] Grigor'ev D., Vorobjov N., Solving systems of polynomial inequalities in subexponential time, Prepublication Universite de Leningrad. [18] Hormander L., The analysis of partial differential operators II, Springer Verlag (1983). [19] Khovanskii A. G., Fewnomials and pf3ff manifolds, Proc. Int. Congress of Mathematics Warsaw (198~). [20] King H., Survey on the topology of real algebraic sets, Rocky Mountain Journal of Math. 1414 (1984) 821-830. [21] Krivine J.-L., Anneaux preordonnes, J. Analyse Math. 21 (1964) 307-326. [22] Lang S., The theory of real places, Ann. of Math. 57 (1953) 378391. [23] Lang 5., Algebra, Addison-Wesley (1971). [24] Lojasiewicz 5., Ensembles semi-analytiques, I.H.E.S. Bures sur Yvette (1964). [25] Matsumura H., Commutative algebra, Benjamin (1970). [26] Mostowski T., Some properties of the ring of Nash functions, Ann. Scuola Norm. Sup. Pisa 111-2 (1976) 243-266. [27] Paugam A., Algorithmes d'elimination des quantificateurs, Colloque d'algebre de Rennes (1985). [28] Pfister A., Zur darstellung definiter Funktionen als Summe von Quadraten, Invent. Math. 4 (1967) 229-237. [29] Pillay A., Steinhorn C., On dedekind complete O-minimal structures, Preprint (1985). [30] Risler J.-J., Une caracterisation des Ldeaux des var Ietes al qebriques reelles, C. R. Acad. Sci. Paris 271 (1970) 113-127. [31] Robinson E., Affine schemes and p-adic geometry, Ph. D. University of Cambridge (1983). [32] Roy M.-F., Faisceau structural sur Ie spectre reel et fonctions de Nash, dans Geometrie algebrique reel Ie et formes quadratiques, Springer Lect. Not. Math. 959 (1982) 406-432. [33] Ruiz J., Cones locaux et completions, C. R. Acad. Sci. Paris paraitre). [34] Schwartz J., Shamir M., Mathematical problems and training in robotics, Notices of the A.M.S. (august 1983). [35] Shafarevitch I.R., Basic algebraic geometry, Springer Verlag (1974). [36] Shoenfield J., Mathematical logic, Addison Wesley (1967). [37] Seidenberg A., A new decision method for elementary algebra, Ann. of Math. (1954) 365-374. [38] Tarski A., A decision method for elementary algebra and geometry, prepared for publication by J.e.c. Mac Kinsey, Berkeley (1951).
(a
Logique et Geometrie Algebrique Reelle [39] Thom R., Un lemme sur les applications differentiables, Bol. Soc.
279
Mat. Mexicana, 1, (1956) 59-71. [40] van den Dries L., Tarski problem an pfaffian functions, Prepublication Stanford University.
Logic Colloquium '85 Edited by The Paris Logic Group © Elsevier Science Publishers B.V. (North-Holland), 1987
281
SOME ASPECTS OF CATEGORICAL SEMANTICS: SHEAVES AND GLUEING Andre Scedrov' Department of Mathematics University of Pennsylvania Philadelphia, FA 19104, U.S.A. Abstract. Two uses of sheaf models in functional analysis and in computable analysis are given. A new proof of the numerical instantiation property of intuitionistic ZF set theory is presented. Introduction The ongoing revival of interest in theories based on intuitionistic logic has come from two independent sources.
On the one hand,
BISHOP [1967] motivated several efforts toward a more precise formulation of its underlying logical principles: c f , FRIEDMAN [1977),
and FEFERMAN [1978).
Theirs was,
MYH ILL [1975], r n a sense,
a
continuation of KLEENE's and KREISEL's work on intuitionistic formal systems of arithmetic and analysis (cf. the other hand,
TROELSTRA [1973]).
On
intuitionistic first order or higher order logic or
arithmetic turned out to be synonymous with varlOUS free categories isolated in the wake of ARTIN-GROTHENDIECK-VERDIER [1972]: LAWVERE [1972],
FREYD [1972,1986],
[1977),
LAMBEK-SCOTT [1983].
constructivism,
BOILEAU-JOYAL Thus,
[1981],
MAKKAI-REYES
while one motivation came from
the other arose from a category-theoretic formu-
lation of algebraic geometry and algebraic topology in terms of sheaf categories,
1. e.,
Grothendieck topoi
(JOHNSTONE [1977],
BARR-
WELLS [1985]). One of the popular mlsconceptions about theories With intuit i
on i s t i c logic is that,
due to the lack of Excluded Mlddle,
must be weaker than their counterparts With tradltlonal 10glC.
In fact,
it
they
(boolean)
was suggested already in GC'iDEL [1932] that
'boolean theories may be considered as equiconsistent subtheories of their intuitionistic analogues.
Godel's negative interpretation,
which establlshed this result for Peano arithmetic With respect to lntuitionistic arithmetlc,
was anticipated to a certain extent ln
• Part1ally supported by N.S.F. and by Centre en ktudes Categor1ques, Montreal
Interun1vers~ta~re
282
A. Scedrov [1925] and it has since been extended to type theory in
KOLMOGOROV MYHILL
[197'!] and to set theory in FRIEDMAN [1973].
course,
This has,
of
invo 1ved the formul at ion of the corresponding int ui t ioni s-
tic theories.
(Cf.
t r on i s t r c ZF.
section 3 for the precise description of r rrt u t
>-
We wish to emphasize that the negative interpre-
tation is but a special case of the relationship that naturally occurs in many areas of mathematics,
e.g.
regular open sets vs.
algebraic closures of prime fields v s,
open sets,
fields,
divl-
sible torsion groups with inflnitely many elements of every flnite order vs.
abelian groups,
mutative cO-algebras, semantics),
commutative von Neumann algebras vs.
weak forcing vs.
boolean algebras vs.
com-
strong forcing (i. e., Kripke
Heyting algebras,
models and their symmetric extensions vs. reader may consult BLASS-SCEDROV [1983),
boolean-valued
Grothendieck tOP01. SCEDROV
[198'!a),
(The
and
[1980] for details. )
FOURMAN
Another point worth emphasizing is the ubiqulty of categorles that naturally lnduce e.g.
pr e t opo i
interpretations of intuitionlstic theories,
and topoi
(MAKKAI-REYES
[1977],
BOILEAU-JOYAL
[1981]).
Even logically strong lntuitionistic theories may be interpreted in er-ot nena s eck t opo i , e. g. tionistic ZF (cf.
FOURMAN
the Fourman interpretation of intui[1980] and also HAYASHI
[1981]),
based
on a reconstructlon of the von Neumann cumulative hierarchy within any Grothendieck topos,
allowing any object as the object of atoms.
These category-theoretic interpretations provide a framework for the following approach.
Involved mathematlcal objects (often
stated in terms of equivariance or continuity in addltional parameters) may be considered as representations of simpler
mathemati~
cal objects g i ve n internally ''In the right category",
e.,
a suitably chosen lnterpretation.
1.
under
This approach plays a signifi-
cant part ln obtalning several simplified arguments or lmproved results ln various areas of mathematics: homotopy theory (JOYAL [1985J, [198'!, VAN
[1985]),
TIERNEY
1985]),
differential geometry (MOERDIJK-REYES
commutative ring theory (MULVEY [197'!],
DEN BOSSCHE
[1985]),
analysis (ROUSSEAU [1979,
functional analysis (SCEDROV [1986]). (TAKEUTI
[1978J,
OZAWA
[1983],
JECH
BORCEUX-
1985]),
and
Boolean-valued analysis [1985])
is based on the same
idea ln a more restricted settlng. Three further illustrations of this approach are dlscussed in the present paper.
In sectlon 1 we study linear algebra in catego-
ries of sheaves on compact Hausdorff spaces to obtain new facts concernlng the law of inertla and the elgenvalue problem
Ax ,
~Bx
283
Some Aspects of Categorical Semantics for symmetr1c matrices over rings of continuous funct1ons.
The ranK
computat1on algorithm for such contjnuous matrlces is discussed. In section 2 we consider the topos of recursive sheaves [1982])
as a s e t t i ng for computable analysis.
(MULRY
This enables us to
give a simple proof of the effective Weierstrass Approximation Theorem for computable sequences of real functions
(first obtained
by the methods of recurS1ve analysis in POUR-EL - CALDWELL [1975]). As in the first example,
the r-e su l t s are obt a i ne d by interpreting
some basic construct1ve mathematics
(BISHOP [1967].
BRIDGES [1979])
1n a sU1table category. This technique of simplifying the issues by "mov1ng into a better category" was first applied to intuitionistic logic itself 1n FREYD [1978]
1n a new,
elegant proof of the closure of var10US
intu1tionistic theories under instantiation rules infer C ,
3!x(C
ft
A)",
"From
with var10US further restrictions on
and on the range of x. 1 )
3xA A,
on
In c a t e g or-yv t he or-e t t c terms this rule
is stated as the project1v1ty of a terminator in var10US free categories,
1.
e.,
everyep1morphism
A ---} 1
splits.
Freyd e xh i b i t e d
these categories as retracts of categories in which 1 was obviously projective, category.
thereby showing the proJect1vity of
It was shown in SCEDROV-SCOTT [1982]
in the glven that the 1nterpre-
tations of f1rst order and h1gher order 10glC and ar1thmet1c impliC1t in the categor1es obtained by Freyd's construction are the same as the slash interpretations given syntactically by Kleene and by Friedman.
In section 3 we discuss the numer i c e I
3xeH. A(x) n.
is provable,
then
A(n)
s ns t ent i et i on:
Lf
1S provable for some numeral
We show that Freyd's method may be extended to intu1tion1st1c
ZF with Collection,
thus glv1ng an alternative proof of the nume-
rical instantiation (first obtained in BEESON [1979] by the recurSive realizability-and-true interpretat1on). request,
At the referee's
we make the category-theoretic setting expl1clt.
We would liKe to thank Professor Feferman for inv1ting us to speaK at the Logic Colloquium '85.
We are grateful to Professor
Lascar and other members of the Paris 10glC group for provid1ng a pleasant atmosphere during the meet1ng. 1.
Continuous matrices KADISON [1984] aSKed for the characterizat10n of compact Haus-
dorff spaces trlces over
X
for which one has diagonal1zat1on of normal ma-
C(X) . The natural setting determ1ned independently by
GROVE-PEDERSEN [1984a,bJ
(us1ng geometric - operator algebra me-
A. Scedrov
284 thods) and SCEDROV [1986] Stonean spaces,
open
Fa
(using sheaf models) is that of the sub-
defined by the condition that any two disjoint
subsets have disjoint closures.
ful to assume that
X
(Furthermore,
it is help-
is totally disconnected.) Sub-Stonean spaces
have apparently been rediscovered several times (e. g. [1970] before this occassion).
in CHOQUET
GILLMAN-JERI SON [1960] referred to
them as F-spaces. A particular kind of sub-Stonean spaces are the RJckart spaces,
Fa
characterized by the requirement that open closures.
subsets have open
This condition is clearly equivalent to the condition
(studied in BERBERIAN [1972]) that the lattlce of open-and-closed sets is countably complete.
Rickart spaces were called basically
disconnected in GILLMAN-JERISON [1960]. Every Rickart space is a totally disconnected sub-Stonean space, but not vice versa. these spaces,
All of
including the proper subclass of extremally d i s con-
nected spaces considered in boolean-valued analysis,
occur natural-
ly in functional analysis as the spaces of maximal ideals in various abelian operator algebras.
These spaces have slmple characteri-
zations in terms of the topological sheaf interpretation of the properties of natural ordering of i nt u i t i on i s t i c reals (cf.
below).
We use this fact to prove the law of inertia and give the solution to the eigenvalue problem C(X)
Ax:
~Bx
for symmetric matrices over
for any totally disconnected sub-Stonean space
X,
and to
show that the ordinary rank computation algorithm applies to matrices over
C(X)
iff
X
is a Rickart space.
The topological interpretation of constructlve analysis goes back to SCOTT [1968]
(in the Baire space case, which has recently
been investigated in SCOWCROFT [1984] from a model-theoretic point of vlew).
A more general setting is given ln FOURMAN-SCOTT [1979].
For our purposes it suffices to interpret valued continuous functions on and let
na: bll
int ( XEX : a(x)
int (XEX b(x)
J ,
X,
(Dedekind) reals as real-
rationals as rational constants
a(x): b(x)
[a < bll
J,
[a
( XEX ; a t x)
bR b(x)
Formulae involving propositional connectives and quantifiers over the reals are interpreted as interiors of subsets obtained by the corresponding boolean algebra operations on subsets of standard Soundness Lemma states that tively provable assertion to,
say,
A.
IIAII
X
X.
The
for any construc-
(Constructive provability may refer
provability in r rrt u i t i cn r s t r c ZF,
when this lemma is a
special case of the soundness of the Fourman interpretation mentioned in the introduction.
In practice, however,
it suffices to
Some Aspects of Categorical Semantics
285
such as rnt u i t r cru s t i c second order
refer to much weaker theories, ari thmet r c. )
The reader will have noticed that the interpretation glven above is formulated for Dedekind cuts.
They are intuitionistically
equivalent to Cauchy sequences of rationals in the presence of the Axiom of Countable Choice, but not otherwise (FOURMAN-HYLAND [1979] ). Proposition 1.1. Hausdorff space. a)
iff
be a totally disconnected,
iff X
BVrER. (1':0
1
V
Proof. Regarding
a)
and
Go
set
The second condition ln a)
1
(1'10)) I
X,
HVUEP(H). VnEH.
(rie u
b)
b)
, notice that
Ua l 01
nnll ( XEX : a t x)
Re g ar-d i ng
Proposition 1.2.
c)
is treated similarly.
is the
The second conC(X) is
, interpret sets of natural numbers as and let
IInEUIi
Un
The following are lntuitionistic consequen-
VI', sER 3pER. (r:ps
a)
) II
reflects a characterizatlon in GILLMAN-JERISON
sequences of open sets, ces of
1 (rie uj
> -2- n l
[1960] requlring that every finitely generated ideal in pr-a nc i pa i ,
v
X.
interior of a closed dition ln
: X •
(r:O» U : X .
is extremally disconnected iff :
compact
I'll', SER. 3pe:R. (r-e ps v s e pr-) B : X .
is a Rickart space iff IVrER. (r-z o v
X
c)
X
is sub-Stonean iff IVrER. (r-z o v r-t o) I
X
b)
Let
Then:
V
s:pr)
:
All eigenvalues of an invertible symmetric real matrix are
lnvertible reals. b) P
W2,
c) with
U
Any positive (seml)definite matrix with
Any lnvertible real matrix unitary,
Proof.
P
may be wrltten as
positive (semi)definite.
W
and
T
S
may be factored as
S: UT,
upper triangular with positive diagonal.
The eigenvalues of a symmetric matrix may be obtained
anyway (ROUSSEAU [1985]). proposition hOlds,
If,
r n addition,
the condition of the
then (SCEDROV [1986]) every symmetric matrix
of the form QDQT, with Q unitary and QD- 10T so part a) follows. Regarding
D b),
diagonal. let
W
lS
(QDQT)-l: OD1/2QT.
Regarding c), recall that the Gram-Schmidt algorithm is allowed (SCEDROV [1986])
Lemma 1.3.
, Assume the condition of Proposition 1.2. Then,
intuitionistically. any invertible congruence transform an invertible symmetric matrix (negatlve) eigenvalues as
A.
A
STAS
of
has the same number of positlve
286
A.Scedrov Proof.
Lemma 1.2 a,c) allows us to follow the standard proof.
Indeed, write S: UT by Lemma 1.2c, and let Set) tU + (l-t)UT, with 0 ! t ! 1 . Each Set) is invertible because U is unitary, and the other factor tI + (1-t)T is triangular with positive diagonal. Indeed, 1et d > 0 be a diagonal entry of T. Both t , (1-t) d
o
t < 2/3 , then
If
t
+
(l-t) d
z
d/3 > O.
If
t > 1/3 , then
t + (l-t)d l t > 1/3 > 0 Because each S(t)TAS(t) is invertible, Lemma 1.2a implies that the eigenvalues of each S(t)TAS(t) are apart from O. S(O)TAS(O) : STAS S(1)TAS(1): UTAU U-1AU The latter matrix clearly has the same eigenvalues as Theorem 1.4. Stonean space,
A
Let
X
be a compact, totally disconnected sub-
and let
A
be an invertible symmetric matrix over
C(X) . Then any invertible congruence transform number of positive (negative) eigenvalues as
STAS
has the same
A
Proof. Lemma 1.3 in the topological sheaf interpretation over X . Because
X
is totally disconnected,
it has a baS1S of open-
and-closed sets, hence a supremum involved in the 1nterpretation of an eXistential assertion may be replaced by a single instance The eigenvalue problem Ax : ABx is our next topic. Lemoa 1. 5.
Assume the c orid i t i on of Proposition 1. 2.
intuitlonistically, any symmetric
n'n
I
Then,
real matrix and any
posltlve definite n'n real matrix may be simultaneously diagonalized by a congruence transformation. Proof. Again, the assumption allows us to follow the standard argument. By Lemma 1.2b we may write B: w2 , With W: wT positive definite. Letting
Thus
Ax: ABx
becomes
AW-1 y: AWy, w1th
y: Wx.
C: w-l , the eigenvalue problem under consideration is
reduced to the standard eigenvalue problem My = AY with M symmetric (here M: CTAC). Let U be a un1tary matrix for which uTMU is d1agonal (SCEDROV [1986]) and let S: CU . Then U: WS, so STBS STW2S: sTwTws = uTU : I and STAS: UTCTACU : UTMU 1S diagonal
I
Theorem 1.6. Stonean space.
Let
Then,
X
be a compact,
in the ring of
n.n
totally disconnected submatrices over
C(X),
any
symmetric matrix and any positive definite matrix may be simultaneously diagonalized by a congruence transformat10n. over
Proof. X
Lemma 1.5 in the topological sheaf interpretation
We close this section with a remark on the rank computat10n algor1thm for matrices over C(X)
287
Some Aspects of CategoricalSemantics Proposition 1.7.
Each of the following assertions intultio-
nistically implies the next: i)
\freR. (r=O v 1 (r=O»
ii)
For any
m'n
and
real matrix
tation matrix
P,
such that Proof.
there exist a real permu-
and a real
m-ri
L.
echelon matrix R
PA = LR .
First half of
half of
A
a lower triangular real matrix
with a unit diagonal, iii)
\fr, seR. 3peR. (r=ps v s e pr-) .
t )
.
Row reduction may be used already under the second
i)
(SCEDROV [1986).
to recognize non-zero pivots Theorem 1.8.
Let
X
Here, however,
one must also be able
I
be a compact Hausdorff space.
Then the
following are equivalent: i)
X
ii}
IS a Rickart space,
For any
m.n
matrix
mutation matrix trix
Lover
P
A over
C(X)
such that
there eXIst a per-
m'n
echelon matrix
on
Rover
C(X)
PA = LR
Proposition 1. 1b and the topological sheaf interpre-
tation of Proposition 1.7 2.
C(X)
C(X), a lower triangular ma-
with the constant function
the di ag ona 1, and an Proof.
over
I
Computability in analysis and recursive sheaves In this section we discuss a sheaf interpretation which yields
the posltlve results obtained in the study of computability in classical analysis (POUR-EL - CALDWELL [1975), [1983a,b) [1967), term,
POUR-EL - RICHARDS
as simple consequences of constructive theorems (BISHOP
BRIDGES [1979).
Since "computable analysis" is an overused
let us begin by making some distinctions.
The study of com-
putability in classical analysis that we are concerned with here is mostly the stUdy of the effective approximability as an additional property in the context of the classical continuum,
and the rela-
tions of this property to the main notions of classical analysis (cf.
Definitions 2.3 and 2.7 below).
This IS in contrast with con-
structive computable analysis (KUSHNER
[198~J)
in which only the
computable reals and the computable functions are allowed.
This
contrast is well illustrated by the fact that there is a counterexample to the effectivization of the existence theorem for the s o l u t i on to the wave equation under the first approach (cf. POUR-EL - RICHARDS
[1983b),
other approach (SCEDROV
e. g.
while the theorem holds under the
[198~b).
The counterexample arises when
A. Scedrov
288
the initial function is computable and ct , and we insist on a computable solution. On the other hand, a computable solution may be found (by the Kirchoff formula)
if both the initial function and
its derivative are computable. oBishop-style constructive setting is linked with constructive computable analysis and algebra by the recursive realizability semantlcs (most recently considered in HYLAND [t982] and McCARTY [1984]).
The sheaf interpretation considered here is different and
more suited to the Pour-EI - Richards approach.
The fact that there
lS a common core of positive results in either semantics certainly suggests the possibility of general transfer principles.
These
principles and the related category-theoretic issues are being investigated by Rosolini in his dissertation under D. Scott [1986]).
(ROSOLINI
Martin Hyland also tells us that he had been aware of the
uses of the sheaf model described here. Although the semantics we will deal with in this section is a special case of a sheaf interpretation of a higher order language in a Grothendieck topos (cf. indeed,
e. g.
Chapter 0 in SCEDROV [1984a]),
a special case of the Fourman interpretation With (non-
standard) natural numbers as atoms, this specific case explicitly. in MULRY [1982, Let
N
lt seems worthwhile to state
The topos in question was introduced
1985].
be the monoid of recursive functions
f: H ---) H ,
with the monoid multiplication defined as composition. a subcategory of the category whose objects are with an action of the monoid
N),
We consider
N-sets (i.e.,
riant maps (i.e., maps that preserve the action).
Rec
of recurslve sheaves has the same maps,
but its ob-
jointly surjective collection of recursive functions and any e qu i var-r an t map
that
F:
S ---) X
generated by these functions,
SeN
F(fi)
=
xfi
is
The SUbca-
X With the property that for any finite,
jects are the N-sets fk '
N
Note the
itself an N-set with the action defined by composition. tegory
sets
and whose morphisms are equlva-
for all
fl'
f2'
from the sub-N-set
there is a unique
1! 1 ! k . Observe that
xe:x N
such
itself
is a recursive sheaf. Let us consider a multisorted first order language With equality,
whose sorts are recursive sheaves.
For each formula
A(x1""
,X n) of this language (With free variables among those diSPlayed) and a choice of elements al"" ,an of the corresponding sorts we define the forcing relation
as
"A(Xt, ... , Xn) is forced for
t
at,···, an")
A(x) [a]
(to be read
289
Some Aspects of CategoricalSemantics •
T.
Y
•
(A "
B) (X) [a)
•
(A v B) (x)
1.
(Xl
•
= X2) [al. a2)
i f f . A(x) iff
[~)
iff
al = a2 •
and
[a)
•
B(x) [a)
•
there exist finitely many jointly surJective fl •...• fk EN
such that for each
i=l ..... k • • A(X)[alfi ..... anfi) iff iff
there exist finitely many jointly surJec-
then tive
•
B(x'j
[alf, ... , anf) ,
fl •...• fk EN
i= 1, ...• k
such that for each
there exists an element
the sort of
y
iff
for each sort of
fEN
of
,
and each element
Y • • A(y,
b
x) [b. al f, ... ,anf)
We say that a sentence of this language holds in forced.
b
such that
• A(y.x)[b.al fi'···.a n fi) • Vy.A(Y.X) [a)
or
• B('it) [alfi"" • anfiJ. for each fEN, if • A(x) [alf •...• anf)
Rec
of the .
iff it is
An interpretation of intUltionistic higher order arithmetic
is obtained if the appropriate sheaves are specified as sorts. natural number sort is given by the sub-N-set
HeN
of constant functions (under the static action). object
0
The
consisting
The truth-value
(the internal power set of a singleton) is the set of
families of r. e.
sets closed under inclusion and finite union,
where the action is by left translation:
Sf
consists of all
gEN
such that
fg
S.
The exponential
yX
of N-sets
X, Y
maps
enumerates an r-, e.
set in
is the N-set whose elements are the equivariant
F: N.X ---) Y , the act ion being
power-object of meaning of
H.
X
(Ff) (g, x ) = F(gf,
is given by the exponential
(XEY) [a, P)
H
wi th
aEX,
OX,
xj .
The
so the
PEOX , 1 S obVi ous.
This interpretation of intuitionistic higher order arithmetic is of no interest:
internal DedeKind real s are just external real s ,
A contribution of MULRY [1982) is. number sort to values.
l.e .•
N
and.
secondly.
to replace
0
firstly,
to expand the natural
to consider only the r. e.
by its sub-N-set
0r.e.
truth-
consisting
of the principal ideals. A formula is called arltlJmetlc if the only quantifiers it contains are quantlfiers over
N. The following two easy facts are
recent folklore: Proposition 2.1. Or. e. N hold in Rec with parameters over
Induction on
N
and Comprehension w.r. t.
for positive existential arithmetic formulae N and Or. e. N . This inclUdes all ~~
formulae with parameters over
N
only
290
A. Scedrov Proposition 2.2.
Vx,y~N
Starting from the sort
(x=y v l(x=y»
N,
holds in
the standard construction of
rationals yields (in this semantics) the N-set valued recurSive functions c ompo s i t i on. values,
Rec
f: X ---) Q.
0
of rational-
where the N-action is by
To describe DedeKind cuts in
with r-. e.
0
truth-
we recall a few basic definitions in computable analysis
(POUR-EL - RICHARDS [1983b). Definition 2.3.
A sequence of reals
(xKI
is called
computable if there is a recursive double sequence of rationals IrknJ such that IXk - ~nl < 2- n for all x, n Proposition 2.4. of Dedekind cuts in
(MULRY [1982) 0
The object
R
(Or. e. 0)2
C
is given by the N-set of computable sequen-
ces of reals. where the N-action is by composition We shall refer to
as the obj ect of (int ernal) real s , Let
R
us first observe that: Proposi tion 2. 5. a)
I-
Every real is computable.
b)
I-
Every feNN is r-e cur-s i ve .
Proof.
Given
x~R
let
r~aN
be a recursive double sequence I- Vn~N ( l x - rl < 2- n ) .
obtained by Proposition 2.4.
Clearly
An internal recursive index
e~N
function
e(n)
= index of
Proposition 2.6. Proof.
r
f
is glven by the recursive
~m.r(n.m)
n ) x .
VX~R. 3n~N.
Given a computable sequence
recursive function fen)
I-
of
such that
fen)
A sequence
IFKI
x
of reals,
> xn
for all
we need a n.
Let
= r nO+2 We recall that: Definition 2.7.
of real functions on [0,1]
1S called computable if: a) For every computable sequence
IXnl
of pOints in [0,1] ,
(FK(x n) I is a computable ccum e sequence of r-e a l s ,
and
b) There exists a recursive function d(n,K) all x, y e [0.1]. ix - YI < 2- d(n,k) implies
such that for IFK(X)
- FK(Y)I
< 2- n
Our central observation is: Proposition 2.8.
The internal
C([0.1])
1n
is glven
Rec
by the N-set of computable sequences of real-valued functions on [0,1] , where the N-action is given by c ompo s i t r ori. Proof.
It is readily checKed that the internal
given by the N- set of comput abl e sequences of point s from the real world.
Furthermore.
[0,1] i
describing any N-set
n
1S
[0, 1]
X means
291
Some Aspects of CategoricalSemantics specifying the morphisms
N ---) X .
Thus,
let
F: N. [0,11 ---) R
Rec. It is clear from Proposition 2.~ and from the equivariance of F that the condition a) of Definition 2.7 holds for F. Regarding b) , note that: I- ItK, nEN. 3mEN. Itx, yE [0, I). ( [x - yl 2- m,. IFK (x) - FK (y) I < 2- n), be a morphism in
so there are recursive, such that for each
jointly surjective
i=I, ... ,p
computable sequences
x,
tx f i (j)
Y -
there is
of points in
is provable
was not available.
Extend the
to this new language and add a new aX10m
For a limit ordinal
the language of
1.
Tl
is the union of previously introduced languages together With new constants
bw.U.V.A
specified below.
Extend the aXioms and rules,
and add new axioms as follows: Let and
V,
free.
w
a term,
small sets of terms of the previous languages such that:
r)
';Ixew. 3y A(x, y)
ii)
For each
ueu,
uew
i11)
For each
ueu,
there is
1S provable in some
provable in some Then let
bw.V,V.A
introduced yet),
,
To
veV
,
0 < 1 To ,
.
0 < 1
A(u.v)
such that
is
0 < 1
be a new constant of
Tl
(if it has not been
and add the following aXioms: •
vebw,U.V.A'
veV
Proof.
To
is provable in some
';Ixew 3yebw, U. V, A A (x, y)
Lemma 3. 1. X
x, y
A(x,y) be a formula with exactly V
L
for each
is embeddable in
(1) (2)
X
Viewed category-theoretically,
this is immediate because
is a directed union of slices w. r-. t , well-supported objects.
logician may use transfinite induction on is conservative over IZF.
0
This is clear for
A
to show that each 0+1
At
To
a limit
ordinal lone needs to consider only finitely many instances of (1)
and (2)
(by compactness),
and replace them by
i)
- iii)
and
finite union In order to define a representation of a full SUbcategory of
t.
L
t, we specify
1n
We refer to the global sections of
t
as w i t nes s e s . For each ordinal a , let Ma be the set of all witnesses whose Sets-part is a singleton on a set of Witnesses in some
My,
y
of) witnesses In
M,
of course,
subcategory of
t
whose objects are
for which the elements of and
f
It may be readIly seen that
view the ca-
as a fUll subcategory of S
are
(n-tuples
1S given by the erasing functor ( )-.
L*
is a sublogos.
to the situat10n described in SCEDROV-SCOTT
(This is analogous
[1982] and in LAMBEK-
SCOTT [1983].) We define a functor
F: L ---> L*
by letting
F(A)
= <S.f.A>
S = ( .3y A(x,y)
v
is a global sec-
€S
holds in
there is and
L"
let a (small) X c M
are satisfied for
T~
Then the corresponding instances of
V
U,
and a limit
i) - iii) ln the defini-
tion of
T
L"
such that By applying Col-
