Refining Properties of Filter Models:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

Refining Properties of Filter Models:

Sensibility, Approximability and Reducibility

ANONYMOUS AUTHOR(S)

In this paper, we study the tedious link between the properties of sensibility and approximability of models of untyped

λ-calculus.

Approximability is known to be a slightly, but strictly stronger property that sensibility. However, we will see that so far, each and every (filter) model that have been proven sensible are in fact approximable. We explain this result as a weakness of the sole known approach of sensibility: the Tait reducibility candidates and its realizability variants.

In fact, we will reduce the approximability of a filter model

D

for the

λ-calculus to the sensibility ofD

but for an extension of the

λ-calculus that we callλ-calculus withD-tests. Then we show that traditional proofs of sensibility ofD

for the

λ-calculus

are smoothly extendable for this

λ-calculus withD-tests.

ACM Reference format:

Anonymous Author(s). 2017. Refining Properties of Filter Models: Sensibility, Approximability and Reducibility. 1, 1, Article 1 (December 2017), 23 pages.

https://doi.org/10.1145/nnnnnnn.nnnnnnn

INTRODUCTION

Sensibility. It is the ability, for a model, to distinguish non terminating programms from meaningfull ones by collapsing their interpretation (Def. 1.7). Through Curry-Howard isomorphism, it also corresponds to the consistence of the internal theory of the model. This shows the importance in understanding sensibility, but also the undecidability of such a property.

Such profund but undecidable results are often targets for classification of more or less easy subclasses, serving as grinding stone for proof technics. Here we take an unorthodox approach consisting in classifying sensible models by using as discriminator a slightly stronger property called “Approximability”. To our surprise, we found out that available methodes to prove sensibility (reducibility) where not powerfull enought to distinguish sensibility from approximablity.

Approximability. The approximation theorem (Def. 1.10) is an important concept when considering denotational models of the head reduction. In order to study head reduction, λ-calculists systematically use B¨ohm trees, which are basically normal forms of a degenerated λ-calculus using an error symbol (Def. 1.9). Such objects are able to approximate terms, the same way as partial evaluations are approximating the notion of evaluation. The approximability simply says that the model reflects the fact that a term is the limit its finite B¨ohm approximations.

This notion has been extensively studied [1, Section III.17.3] and this article presents a new su ffi cient condition for approximability, the weak positivity by far encompassing any previous results on approximability (of filter models). As a property on models, approximability is supposed to be striclty stronger that sensibility. Indeed, approximability implies that the interpretation of any diverging terms (and only those) are collapsed into the interpretation of the error symbol ⊥. This inclusion is supposed to be strict as, for exemple, approximable models

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

©2017 Association for Computing Machinery.

XXXX-XXXX/2017/12-ART1 $15.00 https://doi.org/10.1145/nnnnnnn.nnnnnnn

48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94

are not able to distinguish the Turring fixedpoint from the Church fixedpoint. In fact, there is a continuity of sensible but non-approximable λ-theories, it is surprising that we are not able to model any of those.

Reducibility. In this title, “Reducibility” refers to Tait reducibility methods [? ] and its modern extensions (including realisability). These methods used to prove structural properties of types systems and models such as sensibility and approximability but also more practical properties [? ]. For types systems, it consists in constructing saturated sets of terms with the wanted property by induction on types, then in proving that any typable term has been included. For denotational models, the method is more subtle due to the structure not being inductive : one must find a fixpoint to be able to apply the method, but the fixpoint does not need to be computable or constructive in any way.

In Section 4, we use the sensiblility and the approximability as a grinding stone to perform yet a new disection of those reducibiliy / realisability methodes. We try to be as general as possible until the last moment in order to get the the coarsest possible characterization, but also in order to point over the specific weaknesses of the methode.

We will discuss in the conclusion and along the paper why we were not able to fill the gap between approximability and sensibility. In particular, we insist on the link between this blockage and the difficulty to performe fixpoints on non-monotonous functions.

Filter Models. Introduced in the 80s using the notion of type as the elementary brick for their construction, filter models [10] (Def.1.1) are extracted from a type theory with simple types enlarged by intersection types and subtyping. Formally, the interpretation of a λ-term is the filter generated by the set of its types. Variations on the intersection type theory induce di ff erent filter models. The resulting class essentially corresponds to the class of Scott complete lattices.

Filter models (and domains) form one of the classes of models of untyped λ-calculus that have been the more broadly studied, but properties such as sensibility and approximability are yet to be understood perfectly.

In particular, a simple bibliographical analysis show that that the theoretically huge gap between sensible and approximable models have never been filed by any model. The best advancements toward this direction are covered by the third part of the recent book “Lambda-calculus with types” of Barendregt, Dekkers and Statman [1].

λ-calculi with tests. In order to exhibit the link between sensibility and approximability, we are using λ-calculi with tests of Section 2. These are syntactic extensions of the untyped λ-calculus with operators defining types of the underlying intersection type system. We will see (Sec. 3) that the approximability of a filter model D is equivalent to the sensibility of the same model D for the λ-calculus with D-tests Λ

τ(D)

(with respect to a notion of head convergence). This theorem brings together the notions of sensibility and approximability in a very novel way!

The calculi with tests played a central role in this paper. The idea of test mechanisms as syntactic extensions of the λ-calculus was first used by Bucciarelli et al. [8] and developed further by the author in [4] and [5] for Krivine-models. The one presented in this paper is yet an other generalization to the broader (extensional and distributive) filter models. Originally inspired from Wadsworth’s labeled λ⊥-calculus [23] and Girard experiments [12, 15], they are syntactic extensions of the λ-calculus with operators defining compact elements of the given models. Since the model appears in the syntax, we are able to perform inductions (and co-inductions) directly on the reduction steps of actual terms, rather than on the construction of B¨ohm trees.

Content. Section 1 will focuss on preliminarries, with mostly standard presentations of the untyped lambda- calculus, the filder models and the B¨oms trees. In Section 2, we present the λ-calculi with tests, mostly following previous works of the author [4]; we give their syntaxe, their interpretation in filter models, and finaly their main properties. Section 3 is short but central in this paper: we present here the collapse of the notions of approximability and sensibility at the level of test extensions.

In a Section 4, we will present a standard proof of sensibility by reducibility adapted to λ-calculi with tests. Using

our new equivalence between sensibility for this calculus with tests and approximability, this a priori standard

95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140

• proof of sensibility becomes a non-standard proof of approximability! This allows us to describe a condition for approximability that encompasses every known sensible extensional filter models, bringing these two properties closer than we believed them to be.

1 PRELIMINARIES 1.1 The λ -calculus

In this paper, we only consider the minimal untyped λ-calculus with the contextual and / or the head reduction, in the pure tradition of Barendregt book [2].

The λ-terms are defined up to α-equivalence by the following grammar using notation “`a la Barendregt” (where variables are denoted by final Latin letters x, y, z...):

(λ-terms) Λ M, N ::= x | λx.M | M N

We denote by FV(M) the set of free variables of a λ-term M. Moreover, we denote by M[N/x] the capture-free substitution of x by N.

The λ-terms are subject to the β-reduction:

(β) (λx.M) N →

^β

M[N/x]

A context C is a λ-term with possibly some occurrences of a hole, i.e.:

(contexts) Λ

^(|.|)

C :: = ( |.| ) | x | λx.C | C

1

C

2

The writing C( |M| ) denotes the term obtained by filling the holes of C by M. The small step reduction → is the closure of (β) by any context, and →

_h

is the closure of (β) by the rules:

M →

_h

M

^′

λx.M →

_h

λx.M

^′

M →

_h

M

^′

M is an application M N →

_h

M

^′

N

The transitive reduction →

^*

(resp →

^*

h

) is the reflexive transitive closure of → (resp →

_h

).

The big step head reduction, denoted M ⇓

^h

N, is M →

^*

h

N for N in a head-normal form, i.e., of the form λx

1

...x

k

.y M

1

· · · M

k

, for M

1

, ..., M

k

any terms.

We write M ⇓

^h

for the (head) convergence, i.e., whenever there is N such that M ⇓

^h

N.

Other notions of convergence exist (strong, lazy, call by value...), but our study focuses on head convergence.

1.2 Filter Models

Def of sensibil- ity

Def of sensibil- We introduce here the main semantic object of this article: distributive and extensional filter models (of DEFiM). ity

Despite corresponding to reflexive complete lattices (endowed with continuous functions), we are not using this presentation to describe filter models, but rather its dual representation by Stone duality: the sup-lattice of compact elements. The following presentation is rather standard, and the notations can be find here [9] for example.

This presentation has the advantage to match the representation of the interpretation of terms as intersection types derivations, as we will see in Proposition 1.

The models consists of a set D of “types” (or compact elements), and two operations: the intersection ∧ (characterising the induced order) and the functional arrow → (characterising the reflexive embeding). Moreover, we will consider extensionality, which means the the η-conversion is viable, which we represent by the existence of a specific function ext

_D

: D → 𝒫

_f

(D × D).

Definition 1.1 ([10]). A filter model is a triple (D, ∧, →) where:

142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188

∙ D = (|D|, ∧) is a pointed join-semilattice; we denote ω the top element and ≥

_D

the induced order : α ∧ α = α α ∧ β = β ∧ α α ∧ (β ∧ γ) = (α ∧ β) ∧ γ α ∧ ω = α (α ≥

_D

β ⇔ α ∧ β = β)

∙ → is a binary operation on D such that γ→δ ≥

_D

⋀︁

i

α

i

→β

i

⇔ δ ≥

_D

⋀︁

{i|γ≤α_i}

β

i

, in particular, γ→δ = ω i ff δ = ω.

A filter model is extensional whenever there is a function ext

_D

: D→𝒫

_f

(D × D) that associates to each α ∈ D a finite subset ext

_D

(α) ⊆ D × D such that:

α = ⋀︁

(β,γ)∈extD(α)

β→γ

It is free to consider that the image of ext

D

(α) by → is an anti-chain in the sens that for any pair (β, γ) ∈ ext

D

(α) and any non empty subset I ⊆ ext

D

(α):

⋀︁

(β^′,γ^′)∈I

(β

^′

→γ

^′

) < Im(→) and β→γ ̸≥

_D

⋀︁

(β^′,γ^′)∈ext_D(α)−(β,γ)

β

^′

→γ

^′

In particular (β, ω) ∈ ext

D

(α) implies α = ω, moreover ext

D

(ω) = { (β, ω) } for some arbitrary β since β→ω = ω.

Unfortunately, the function ext

_D

is generally not unique or even canonical. in order to make it canonical, we restrict our study to distributive filter models. A filter model D is distributive whenever any α ≥ β ∧ γ is accessible in the sens that there exists a decomposition α = β

^′

∧ γ

^′

such that β

^′

≥

_D

β and γ

^′

≥

_D

γ.

For short, we call DEFiM the distributive and extensional filter models.

By abuse of notation we may denote the quadruple (D, ∧, →, ext

D

) simply by D when it is clear from the context that we are referring to a DEFiM.

Creating a DEFiM from scratch is often heavy, as they have to satisfy complex rules even forcing the model to be an infinite object. Fortunately, there is a way to automatically infer the required properties from a smaller (often finite) core object. This core object is a partial DEFiM which is a basically a subset of a DEFiM.

Definition 1.2. An partial filter model is a triple (E, ∧, →) satisfying the axioms of filter models except that → is partially defined and for any α, (β

i

)

i≤n

∈ E

ⁿ⁺¹

:

(∀i ≤ n, α→β

i

defined ) ⇒ α→ ⋀︁

i

β

i

defined as ⋀︁

i

(α→β

i

)

It is a partial DEFiM if ext

_E

is defined and E satisfies the other axioms of distributive extensional filter models.

Definition 1.3. The completion of a partial DEFiM (E, ∧ , → , ext

E

) is the union E ¯ : =

⎛

⎜ ⎜

⎜ ⎜

⎜ ⎝

⋃︁

n∈N

E

n

, ⋃︁

n∈N

(∧

n

) , ⋃︁

n∈N

(→

n

) , ⋃︁

n∈N

ext

E_n

⎞

⎟ ⎟

⎟ ⎟

⎟ ⎠

of partial completions (E

_n

, ∧

_n

, →

_n

, ext

_En

) that are partial DEFiM defined by induction on n:

The initialization (E

₀

, ∧

₀

, →

₀

, ext

_E0

) : = (E, ∧, →, ext

_E

) is performed by the partial DEFiM, and we continue by completing:

∙ |E

^′_n+1

| : = 𝒫

_f

(|E

n

| ⊎ (|E

n

|

²

−Dom(→

n

))), for readability, use a, b.. for elements of |E

^′_n+1

| and we write α→

*

β for (α, β) in the second component,

∙ →

^′

n+1

is defined only over | E

n

|

²

⊆ | E

^′_n+1

|

²

by { α }→

^′

n+1

{ β } : = { α →

_n

β } whenever (α, β) ∈ Dom( →

_n

) and by {α}→

^′_n+1

{β} := {α→

_*

β} whenever (α, β) ∈ | E

n

|

²

− Dom( →

_n

),

∙ ext

^′_n+1

is defined over | E

_n^′₊₁

| by ext

^′_n+1

(a) = {ext

_n

(α) | α ∈ E

n

∩ a } ∧ {(α, β) | α→

_*

β ∈ a }.

189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234

•

⟦ x

_i

⟧

^⃗xD

= {(⃗α, β) | β ≥ α

_i

} ⟦ λy.M ⟧

^⃗xD

= {(⃗α, ⋀︀

i

(β

_i

→γ

_i

)) | ∀i, (⃗αβ

_i

, γ

_i

) ∈ ⟦ M ⟧

^⃗xyD

}

⟦ M N ⟧

^⃗x_D

= { (⃗α, ⋀︀

i

β

_i

) | ∃⃗γ

_i

, (⃗α, ⋀︀

i

(γ

_i

→β

_i

)) ∈ ⟦ M ⟧

^⃗x_D

∧ (⃗α, ⋀︀

i

γ

_i

) ∈ ⟦ N ⟧

^⃗x_D

}

Fig. 1. Direct interpretation ofΛin the modelD

∙ |E

n+1

| : = |E

_n^′₊₁

|/

≡

is the quotient of |E

_n^′₊₁

| by the equivalence a ≡ b whenever:

∀ (α, γ) ∈ ext

^′_n+1

(a), γ ≥ ⋀︁

{(β,δ)∈ext_n+1(b)|α≤β}

δ ∀ (β, δ) ∈ ext

^′_n+1

(b), δ ≥ ⋀︁

{(α,γ)∈ext_n+1(a)|β≤α}

γ

∙ ∧

_n+1

, →

_n+1

and ext

n+1

are the quotients of ∧, →

^′_n+1

and ext

^′_n+1

by ≡ (notice that →

^′_n+1

only need to be defined for one element equivalent class for →

^′_n+1

to be defined).

We consider that E

n

⊆ E

n+1

since for each α ∈ |E

n

|, {α} is in a di ff erent equivalence class.

R emark 1. The completion of a partial filter model (E, →, ext

_E

) is well defined and corresponds to the coarsest DEFiM E containing E. In particular, any DEFiM model D is the completion of itself: D ¯ = D. ¯

Example 1.4. Most filter models found in the literature can in fact be given as extensional completions of extremely simple partial filter models. Here are some example, the three first one are from the literatures and the two last one are fully expressing the power of the extensional completion:

(1) Scott’s D

_∞

[21] is the completion of

|D| : = {ω, *}, * ∧ ω : = *, ω→* : = * ext

D

(*) : = {(ω, *)}.

Notice, that *→* is undefined in D so that we need the completion.

(2) Park’s P

∞

[20] is the completion of

|P| : = {ω, *}, ω ∧ * : = *, *→* : = * ext

P

(*) : = {(*, *)}.

(3) Norm or D

^*_∞

[11] is the completion of

|D

^*

| : = {ω, p, q}, ω ∧ p : = p ω ∧ q : = q p ∧ q : = q p → q := q q → p := p ext

D^*

(q) := { (p, q) } ext

D^*

(p) := { (q, p) }, (4) Z

∞

is the completion of

|Z| : = {n | n ≥ 0}, n ∧ ω : = n, ω→n + 1 : = n ext

D

(n) : = {(ω, n + 1)}.

(5) U

∞

is the completion of

|U| : = {n | n ≥ 0}, n ∧ ω : = n, n + 1→n + 1 : = n ext

D

(n) : = {(n + 1, n + 1)}.

R emark 2. The completion of a partial filter model is in fact the free completion in the sens that for any partial DEFiM E ⊆ D contains in a DEFiM D, there is a function φ : ¯ E → D stable in E such that ⟦ . ⟧

E^¯

⊆ ⟦ . ⟧

D

, where

⟦ . ⟧

E^¯

(resp. ⟦ . ⟧

D

) is the interpretation of the λ-calculus into E (resp. D) as defined below. ¯

It is folklore that the interpretation of the λ-calculus into a given D can be equivalently characterized by a specific intersection type system whose types are elements α ∈ D, with ∧ modeling the intersection and → the logical implication.

Definition 1.5 (Interpretation of λ-terms). In Figure 1, we give the interpretation of M into a filter model D.

The interpretation ⟦ M ⟧

^x_D^1...xn

of M is suppose to be a morphism (Scott-continuous function) from D

^⃗x

to D where

⃗ x is a superset of the free variables of M. Concretely, we use the Cartesian closeness do define ⟦ M ⟧

^x_D^1...xn

as a

downward-close subsets of (D

^op

)

^⃗x

× D.

236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282

x : α ⊢ x : α Γ ⊢ M : α

Γ , x : β ⊢ M : α Γ ⊢ M : β α ≥ β Γ ⊢ M : α Γ , x : α ⊢ M : β

Γ ⊢ λx.M : α→β

Γ ⊢ M : α→β Γ ⊢ N : α Γ ⊢ M N : β

Γ ⊢ M : α Γ ⊢ M : β Γ ⊢ M : α ∧ β

Fig. 2. Intersection types for theλ-calculus inD

In Figure 7a, we give the intersection-type assignment corresponding to D. Notice that we can infer typing sequents for the form Γ ⊢ M : α for Γ = (x

1

: α

1

, ..., x

n

: α

n

) an environment defined (at least) over all free variables of M.

Example 1.6.

⟦ λx.y ⟧

^y_D

=

⎧

⎪ ⎪

⎨

⎪ ⎪

⎩ ((α), ⋀︁

i

(β

i

→α

^′_i

))

⃒ ⃒

⃒ ⃒

⃒ ⃒

⃒

∀i, α

^′_i

≥

_D

α

⎫

⎪ ⎪

⎬

⎪ ⎪

⎭ ,

⟦ λx.x ⟧

^y_D

=

⎧

⎪ ⎪

⎨

⎪ ⎪

⎩ ((α), ⋀︁

i

(β

i

→β

^′_i

))

⃒

⃒ ⃒

⃒ ⃒

⃒ ⃒

∀i, β

^′_i

≥

_D

β

i

⎫

⎪ ⎪

⎬

⎪ ⎪

⎭ ,

⟦ I ⟧

D

=

⎧

⎪ ⎪

⎨

⎪ ⎪

⎩

⋀︁

i

(α

_i

→α

^′_i

)

⃒

⃒ ⃒

⃒ ⃒

⃒ ⃒

∀i, α

^′_i

≥

_D

α

_i

⎫

⎪ ⎪

⎬

⎪ ⎪

⎭ ,

⟦ 1 ⟧

D

=

⎧

⎪ ⎪

⎨

⎪ ⎪

⎩

⋀︁

i

(α

_i

→α

^′_i

)

⃒ ⃒

⃒ ⃒

⃒ ⃒

⃒

∃⃗β

^′

, ⃗γ

^′

, ⃗β, ⃗γ, ⋀︀

i

α

^′_i

= ⋀︀

j

(β

^′_j

→γ

^′_j

), ⋀︀

j

γ

^′_j

= ⋀︀

k

γ

_k^′

,

⋀︀

i

α

i

≤ ⋀︀

k

(β

k

→γ

k

), ⋀︀

j

β

^′_j

≤ ⋀︀

k

β

k

,

⎫

⎪ ⎪

⎬

⎪ ⎪

⎭ .

In the last two cases, terms are interpreted in an empty environment. We, then, omit the empty sequence associated with the empty environment, e.g., α→β→α stands for ((), α→β→α).

We can verify that extensionality holds, indeed ⟦ 1 ⟧

D

= ⟦ I ⟧

D

. To prove it we use ext

_D

as the witness function for both existential.

P roposition 1. Let M be a term of Λ and D a filter model, the following statements are equivalent representations of the interpretation of M in D:

∙ (⃗α, β) ∈ ⟦ M ⟧

^⃗x_D

for the interpretation defined in Figure 1,

∙ the type judgment ⃗ x : α ⊢ M : β is derivable by the rules of Figure 7a.

P roof . By structural induction on the grammar of Λ .

Definition 1.7 (Sensibility). A filter model D is sensible for the untyped λ-calculus if diverging terms corresponds exactly to those of empty interpretation:

M⇓

^h

⇔ ⟦ M ⟧

^⃗x

, ∅ . 1.3 B ¨ohm Approximants

The B¨ohm approximants (or finite B¨ohm trees) are the normal forms of a λ-calculus extended with a constant ⊥ and an additional reduction →

_⊥

.

A λ-term M is a λ-term possibly containing occurrences of the constant ⊥. The set λ of all λ-terms is generated by the grammar:

λ : M, N :: = x | λx.M | MN | ⊥

283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328

• Similarly a (single hole) λ-context is a (single hole) context C( || )− possibly containing occurrences of ⊥. The

⊥-reduction →

_⊥

is defined as the λ⊥-contextual closure of the rules:

(⊥) λx.⊥ → ⊥ ⊥M → ⊥

The β-reduction is extended to λ-terms in the obvious way. We write B for the set of λ-terms in β⊥-normal forms and we denote its elements by s, t, u, . . .

The following characterization of β ⊥ -normal forms is well known.

L emma 1.8. Let M ∈ λ. We have M ∈ B if and only if either M = ⊥ or M has shape λx

₁

. . . x

n

.x

_i

M

1

· · · M

k

(for some n, k ≥ 0) and each M

_i

is β⊥ -normal.

The set of all B¨ohm approximants of M can be obtained by calculating the direct approximants of all λ-terms β-convertible with M.

Definition 1.9. Let M ∈ λ.

(1) The direct approximant of M, written a p(M), is the λ-term defined as:

∙ a p(M) = ⊥ if M = λx

1

. . . x

_k

.(λy.M

^′

)N M

1

· · · M

_k

,

∙ a p(M) = λx

1

. . . x

n

.x

i

a p(M

1

) · · · a p(M

k

) if M = λx

1

. . . x

n

.x

i

M

1

· · · M

k

, (2) The set of finite approximants of M is defined by:

B(M) = {︀ a p(M

^′

) | M →

^*_h

M

^′

}︀

We can now fully describe the property of approximability for a filter model:

Definition 1.10. A filter model is approximable i ff :

⟦ M ⟧

^⃗x

= ⋃︁

N∈B(M)

⟦ N ⟧

^⃗x

,

where the interpretation of B¨ohm approximants is the immediate extension of the interpretation of terms plus the minimal interpretation given to the bottom: ⟦ ⊥ ⟧ : = {(⃗α, ⊥) | ∀⃗α}.

2 λ -CALCULI WITH D-TESTS 2.1 Syntax

The original idea of using tests to recover full abstraction (via a theorem of definability) is due to Bucciarelli et al.

[8]. Here we define variants of Bucciarelli et al.’s calculus adapted to DEFiMs.

Directly dependent on a given DEFiM D, the λ-calculus with D-tests Λ

τ(D)

is, to some extent, an internal calculus for D. In fact, we will see that, for D to be fully abstract for Λ

τ(D)

, it is su ffi cient to be sensible (Th. 2.13).

The idea is to introduce tests as a new kind in the syntax. Tests Q ∈ T

τ(D)

are sort of co-terms, in the sense that their interpretations are maps from the context to the dualizing object of the linear category S cott L (ω = {*}):

⟦ Q ⟧

^x1...xn

∈ D

ⁿ

⇒ ω

The type ω is the unit type, having only one value representing the convergence of the evaluation, seen as a success.

¹

The interaction between terms and tests is carried out by two groups of operations indexed by the elements α ∈ D:

τ

α

: Λ

τ(D)

→ T

_τ(D)

and τ ¯

α

: T

_τ(D)

→ Λ

τ(D)

.

1We will see in Remark 3 that in a polarized context, the behavior of test does not correspond to co-term (or stack), but to commands (or processes),i.e., to interactions between usual terms and fictive co-terms extracted from the semantics.

330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376

(term) Λ

τ(D)

M, N ::= x | λx.M | M N | ∑︀

i≤n

τ ¯

_αi

(Q

i

) , ∀ (α

_i

)

i

∈ (D − ω)

ⁿ

, n ≥ 0 (test) T

τ(D)

P , Q :: = ∑︀

i≤n

P

i

| ∏︀

i≤n

P

i

| τ

α

(M) , ∀α ∈ (D − ω), n ≥ 0

Fig. 3. Grammar of the calculus withD-tests

The first operation, τ

α

, will verify that its argument M ∈ Λ

τ(D)

has the point α in its interpretation. Intuitively, this is performed by recursively unfolding the B¨ohm tree of M and succeeding (i.e., converging) when α is in the interpretation of the finite unfolded B¨ohm tree. If α < ⟦ M ⟧ , the test τ

_α

(M) will either diverge or refute (raising a 0 considered as an error). Concretely, it is an infinite application that feeds its argument with empty ¯ τ operators.

The second operator, ¯ τ

_α

, simply constructs a term of interpretation ↓α if its argument succeeds and diverges otherwise. Concretely, it is an infinite abstraction that runs its test argument, but also tests each of its applicants using τ operators.

In addition to these operators, we use sums and products as ways to introduce may (for the addition) and must (for the multiplication) non-determinism; in the spirit of the λ + ||-calculus [13]. Indeed, these two forms of non-determinism are necessary to explore the branching of B¨ohm trees.

The idea of these two operators is to use the parametricity of our terms toward their intersection types. As a result, ¯ τ

α

(ϵ) (further on denoted ϵ ¯

α

), that transfers the always succeeding test ϵ into a term of interpretation ↓α, constitutes the canonical term of type α; its behavior is exactly the common behavior of every term of type α.

Symmetrically, the test τ

α

(M) will verify whether M behaves like a term of type α.

Hereafter, D denotes a fixed DEFiM.

Definition 2.1. The λ-calculus with D-tests, for short Λ

τ(D)

, is given by the grammar in Figure 3. We denote the empty sum by 0, and the empty product by ϵ. Binary sums (resp. products) can be written with infix notation, e.g.

P + Q (resp P·Q).

Moreover, we use the notation ϵ ¯

α

: = τ ¯

α

(ϵ) and ϵ ¯

a

: = ∑︀

α∈a

ϵ ¯

α

; which are terms.

Sums and products are considered as multisets, in particular we suppose associativity, commutativity and neutrality with, respectively, 0 and ϵ.

In the following, an abstraction can refer either to a λ-abstraction or to a sum of ¯ τ operators. This notation is justified by the behavior of Σ

i

τ ¯

_αi

(Q

_i

) that mimics an infinite abstraction.

The operational semantics is given by three sets of rules in Figure 4. The main rules of Figure 5a are the e ff ective rewriting rules. The distributive rules of Figure 5b implement the distribution of the sum over the test-operators and the product. The small step semantics → is the free contextual closure (i.e., by the rules of Figure 5d) of the rules of Figures 5a and 5b. The contextual rules of Figure 5c implement the head reduction →

_h

that is the specific contextual extension we are considering.

Example 2.2. The operational behavior of D-tests depends on D. Recall the DEFiMs of Example 1.4. In the case of Scott’s D

∞

we have in Λ

τ(D∞)

:

τ

*

((λxy.x y) ϵ ¯

*

) →

^β_h

τ

*

(λy. ϵ ¯

*

y) →

^τ_h

τ

*

(¯ ϵ

*

0) →

^τ¯ _h

τ

*

(¯ ϵ

*

) = τ

*

(¯ τ

*

(ϵ)) →

^τ¯τ_h

ϵ,

τ

*

((λxy.y x) ϵ ¯

*

) →

^β_h

τ

*

(λy.y ϵ ¯

*

) →

^τ_h

τ

*

(0 ¯ ϵ

*

) →

^τ¯ _h

τ

*

(0) →

^τ¯τ_h

0.

In the case of Park P

∞

:

τ

*

(λx.xx) →

^τ_h

τ

*

(¯ ϵ

*

ϵ ¯

*

) →

^τ¯_h

τ

*

(¯ τ

*

(τ

*

(¯ ϵ

*

))) →

^τ¯τ_h

→

^τ¯τ_h

ϵ.

377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422

•

(β) (λx.M) N → M[N/x]

(¯ τ) ( ∑︀

i

τ ¯

α_i

(Q

i

)) N → ∑︀

i

∑︀

(β,γ)∈ext_D(α_i)

τ ¯

γ

(Q

i

· τ

β

(N))

(τ) τ

α

(λx.M) → ∏︀

(β,γ)∈ext_D(α)

τ

γ

(M[¯ ϵ

β

/x]) (τ¯ τ) τ

α

( ∑︀

i∈I

τ ¯

β_i

(Q

i

)) → ∑︀

{I^′⊆I|α≥⋀︀

i∈I′β_i}

∏︀

i∈I^′

Q

i (a) Main rules

(· + ) Π

i≤n

Σ

j≤ki

Q

_i,j

→ Σ

j1≤k1,...,jn≤kn

Π

i≤n

Q

_i,ji

(¯ τ + ) τ ¯

_α

( Σ

i

Q

_i

) → Σ

i

τ ¯

_α

(Q

_i

)

(b) Distribution of the sum

M →

_h

M

^′

(h-cλ) λx.M →

_h

λx.M

^′

M →

_h

M

^′

M is an application

(h-c@) M N →

_h

M

^′

N

M →

_h

M

^′

M is an application (h-cτ) τ

α

(M) →

_h

τ

α

(M

^′

)

Q →

_h

Q

^′

Q is not a sum (h-c¯ τ) τ ¯

_α

(Q) →

_h

τ ¯

_α

(Q

^′

)

M →

_h

M

^′

(h-cs) M + N →

_h

M

^′

+ N

Q →

_h

Q

^′

(h-c + ) Q + P →

_h

Q

^′

+ P

Q →

_h

Q

^′

Q is not a sum (h-c·) Q·P →

_h

Q

^′

·P

(c) Contextual rules for the head reduction

M → M

^′

(cλ)

λx.M → λx.M

^′

M → M

^′

(c@L)

M N → M

^′

N

N → N

^′

(c@R) M N → M N

^′

M → M

^′

(cτ)

τ

α

(M) → τ

α

(M

^′

)

Q → Q

^′

(c¯ τ) τ ¯

_α

(Q) → τ ¯

_α

(Q

^′

) M → M

^′

(cs)

M + N → M

^′

+ N

Q → Q

^′

(c + ) Q + P → Q

^′

+ P

Q → Q

^′

Q·P → Q

^′

·P (c·)

(d) Contextual rules for the full reduction

Fig. 4. Operational semantics of the calculus withD-tests.

In rulesτ

¯

andτ, notice that we use the notationsτω

(

M) :=ϵandϵ¯ω

:=

0in order to keep the rule simpler.

424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470

In the case of Norm:

τ

_p

(λx.x) →

^τ_h

τ

_p

(¯ ϵ

_q

) →

^τ¯τ_h

ϵ, and τ

_q

(λx.x) →

^τ_h

τ

_q

(¯ ϵ

_p

) →

^τ¯τ_h

0.

In the case of Z

∞

:

τ

n+2

( ϵ ¯

n

M) →

^τ¯ _h

τ

n+2

(¯ ϵ

n+1

) →

^τ¯τ_h

0 , τ

n+2

(¯ ϵ

n

M N) →

^¯τ_h²

τ

n+2

(¯ ϵ

n+2

) →

^τ¯τ_h

ϵ , τ

n+2

(¯ ϵ

n

M N L) →

^τ¯ _h³

τ

n+2

( ϵ ¯

n+3

) →

^τ¯τ_h

0 R emark 3. In a polarized (or classical) framework with explicit co-terms (or stacks) as the framework presented in [19], tests would correspond to commands (or processes), or, more exactly, to conjunctions and disjunctions of commands. Indeed, a test τ

α

(M) is nothing else than the command ⟨ M | π

α

⟩ where π

α

would be the canonical co-term of interpretation ↑α, the same way that ϵ ¯

_α

is the canonical term of interpretation ↓α. Similarly, the term τ(Q) ¯ can be seen as the canonical term ϵ ¯

_α

endowed with a parallel composition referring to the set of commands Q. To resume, we have:

τ

_α

(M) ≃ ⟨M | ↑α⟩ ⟨ τ ¯

_α

(Q) | π⟩ ≃ ⟨↓α | π⟩·Q Definition 2.3. A test is in may-head-normal form i ff it has the following shape:

Π

i

τ

α_i

(x

i

M

_i¹

· · · M

_iⁿ

) + Q, with i ≥ 0 and M

_i^k

any term.

A term is in may-head-normal form if it has one of the following shapes:

λx

1

....x

n

.y M

1

· · · M

m

, or λx

1

...x

n

.¯ τ

α

(Q) + N, where m, n ≥ 0, α ∈ (D − ω), M

i

and N any terms, and Q any test in head-normal form without sums.

Coherently with the head convergence in λ-calculus, the convergence will be denoted by ⇓

^h

and the divergence by ⇑

^h

.

Example 2.4. For any n ∈ N, the term n (λx.¯ τ

_α

(τ

_α

(x) + τ

_β

(x))) ϵ ¯

_α

may-head-converges.

Let us notice that this calculus enjoys the properties of confluence and standardization as shown in the Breuvart’s thesis [5, Thm. 2.3.1.26 and 2.3.1.29]. It also enjoys a very nice property stating that tests-reductions can always be postponed until the very end:

T heorem 2.5. Let D a DEFiM and M, N ∈ Λ

τ(D)

.

For any reduction M →

^*

N, there exists M

^′

, N

^′

∈ Λ

τ(D)

such that M →

^*_β

M

^′

with only β-reductions, M

^′

→

^*_∖β

with only tests reductions, and N →

^*

N.

M →

^*

N

β

→

*

→

*

M

^′

→

_β^*_∖

N

^′

In particular, M is may-head converging i ff there is a sequence of β-reductions M →

^*_β

L with L that is may-head converging without any β-reduction.

Definition 2.6. Grammars of term-contexts Λ

^(|·|_τ(D)⁾

and test-contexts T

^(|·|_τ(D)⁾

are given in Figure 5.

Definition 2.7. The observational preorder ⊑

_τ(D)

of Λ

τ(D)

is defined by:

M ⊑

_τ(D)

N iff ( ∀ K ∈T

^(|·|_τ(D)⁾

, K( | M | ) ⇓

^h

implies K( | N | ) ⇓

^h

).

We denote by ≡

_τ(D)

the observational equivalence, i.e., the equivalence induced by ⊑

_τ(D)

.

471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516

• (term-context) Λ

^(|·|_τ(D)⁾

C :: = x | ( |.| ) | C C

^′

| λx.C | ∑︀

i≤n

τ ¯

_αi

(K

_i

) , ∀(α

_i

)

_i

∈ D

ⁿ

, n ≥ 0 (test-context) T

^(|·|_τ(D)⁾

K :: = ∑︀

i≤n

K

i

| ∏︀

i≤n

K

i

| τ

α

(C) , ∀α ∈ D, n ≥ 0

Fig. 5. Grammar of the contexts in a calculus withD-tests

⟦ x

i

⟧

^⃗_D^x

= {(⃗α, β) | β ≥ α

i

} ⟦ λy.M ⟧

^⃗x_D

= {(⃗α, ⋀︀

i

(β

i

→γ

i

)) | ∀i, (⃗αβ

i

, γ

i

) ∈ ⟦ M ⟧

^⃗xy_D

}

⟦ M N ⟧

^⃗_D^x

= {(⃗α, ⋀︀

i

β

_i

) | ∃⃗γ

_i

, (⃗α, ⋀︀

i

(γ

_i

→β

_i

)) ∈ ⟦ M ⟧

^⃗_D^x

∧ (⃗α, ⋀︀

i

γ

_i

) ∈ ⟦ N ⟧

^⃗_D^x

}

(a) Interpretation ofΛ

⟦Σ

i∈J

τ ¯

α_i

(Q

i

) ⟧

^⃗x_D

= {(⃗β, γ) | ∃I ⊆ J , ⃗β ∈ ⋂︀

i∈I

⟦ Q

i

⟧

^⃗x_D

∧ γ ≥

_D

⋀︀

i∈I

α

i

}

⟦ 0 ⟧

^⃗x_D

= { (⃗α, ω) } ⟦ τ

α

(M) ⟧

^⃗x_D

= {⃗β | (⃗β, α) ∈ ⟦ M ⟧

^⃗x_D

}

⟦Π

i≤k

Q

_i

⟧

^⃗x_D

= ⋂︀

i≤k

⟦ Q

_i

⟧

^⃗_D^x

⟦ ϵ ⟧

^⃗x_D

= D

^⃗x

⟦Σ

i≤k

Q

_i

⟧

^⃗x_D

= ⋃︀

i≤k

⟦ Q

_i

⟧

^⃗x_D

⟦ 0 ⟧

^⃗x_D

= ∅

(b) Interpretation of tests extensions

Fig. 6. Direct interpretation inD

x : α ⊢ x : α Γ ⊢ M : α

Γ , x : β ⊢ M : α Γ ⊢ M : β α ≥ β Γ ⊢ M : α Γ , x : α ⊢ M : β

Γ ⊢ λx.M : α→β Γ ⊢ M : α→β Γ ⊢ N : α

Γ ⊢ M N : β Γ ⊢ M : α Γ ⊢ M : β Γ ⊢ M : α ∧ β

(a) Intersection types for theλ-calculus inD

Γ ⊢ M : α

Γ ⊢ τ

α

(M)

Γ ⊢ Q

j

Γ ⊢ ∑︀

i∈I

τ ¯

α_i

(Q

i

) : α

j

Γ ⊢ Q

j

Γ ⊢ ∑︀

i∈I

Q

i

∀i ∈ I, Γ ⊢ Q

i

Γ ⊢ ∏︀

i∈I

Q

i (b) Intersection types for theD-tests extension inD

Fig. 7. Intersection type system computing the interpretation inD

R emark 4. The observational preorder could have been defined using term-contexts rather than test-contexts, but this appears to be equivalent and test-contexts are easier to manipulate (because normal forms for tests are simpler).

can be re- moved can be re- moved 2.2 Semantics

The standard interpretation of Λ into D can be extended to Λ

τ(D)

(Fig. 6b).

Definition 2.8. A term M with n free variables is interpreted as a morphism (Scott-continuous function) from D

ⁿ

to D and a test Q with n free variables as a morphism from D

ⁿ

to the dualizing object {*} . Concretely, we use the Cartesian closeness to define ⟦ M ⟧

^⃗x_D

as a downward-close sets of (D

^op

)

^⃗x

× D and ⟦ Q ⟧

^⃗x_D

as a downward-close subsets of (D

^op

)

^⃗x

.

This interpretation is given in Figure 6 by structural induction.

518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564

P roposition 2. Any DEFiM D is a model for its own test extension (the λ-calculus with D-tests), in the sens that the interpretation is contextual and invariant under reduction.

P roof . The invariance under β-reduction is obtained, as usual, by the Cartesian closedness of S cott L

_!

. The other

rules are easy to check directly.

The idea of intersection types can be generalized to to tests as shown in Figure 7b. Notice that tests have no type:

a test does not carry any behavior, and under a specific environment it can only be succeeding (and typable) or diverging (untypable).

T heorem 2.9 (I ntersection types ). Let D be a DEFiM and M a term of Λ

τ(D)

(resp. Q a test of T

τ(D)

), the following statements are equivalent:

∙ (⃗α, β) ∈ ⟦ M ⟧

^⃗x_D

(resp. ⃗α ∈ ⟦ Q ⟧

^⃗x_D

) in the interpretation of Figure 6,

∙ the type judgment ⃗ x : ⃗α ⊢ M : β (resp. ⃗ x : ⃗α ⊢ Q) is derivable by the rules of Figure 7.

P roof . By structural induction on the grammar of Λ

τ(D)

.

ref to a forth- coming article?

ref to a forth- coming article?

2.2.1 Full abstraction and sensibility for tests.

The main interest of the full abstraction with tests is to be fully abstract as soon as it is sensible (Theorem 2.13).

The sensibility is a very commune property saying that diverging terms are collapsed together and separated from non-diverging terms. In other worlds, such a model is able to give meaning to terminating terms and those only.

The full abstraction, however, is a much stronger property stating that the equality in the model corresponds exactly to the observational equality (for the head-convergence). Collapsing those two properties gives the real meaning of tests: they are syntactical representation of “reasonable” domains. Where “reasonable” means extensional and (as we will see later on) approximable domains.

Definition 2.10. A DEFiM D is sensible for Λ

τ(D)

whenever diverging terms (resp. tests) correspond exactly to the terms (resp. tests) having empty interpretation, i.e., for all M ∈ Λ

τ(D)

and Q ∈ T

_τ(D)

:

M⇑

^h

⇔ ⟦ M ⟧

^⃗xD

= {(⃗α, ω) | ∀⃗α} Q⇑

^h

⇔ ⟦ Q ⟧

^⃗xD

= ∅ The following is an immediate lemma:

L emma 2.11. If D is sensible for Λ

τ(D)

then:

(⃗αβ, γ) ∈ ⟦ M ⟧

^⃗xy

⇔ (⃗α, γ) ∈ ⟦ M[¯ ϵ

β

/y] ⟧

^⃗x

, (⃗α, γ) ∈ ⟦ M ⟧

^⃗x

⇔ ⃗α ∈ ⟦ τ

γ

(M) ⟧

^⃗x

. T heorem 2.12 (D efinability ). If D is sensible for Λ

τ(D)

then:

(⃗α, β) ∈ ⟦ M ⟧

^⃗x

⇔ τ

β

(M[(¯ ϵ

α_i

/x

i

)

i≤n

])⇓

^h

.

P roof . If (⃗α, β) ∈ ⟦ M ⟧

^⃗x

then ⟦ τ

β

(M[(¯ ϵ

α_i

/x

i

)

i≤n

]) ⟧ is not empty by Lemma 2.11, thus it converges by sensibility.

Conversely, if τ

_β

(M[(¯ ϵ

_αi

/x

_i

)

i≤n

]) ⇓

^h

, since it has no variable, its interpretation is either empty or { () } , it has to be the

second by sensibility, which means (⃗α, β) ∈ ⟦ M ⟧

^⃗x

(by Lemma 2.11).

T heorem 2.13 ( full abstraction ). For any DEFiM D, if D is sensible for Λ

τ(D)

, then D is inequationally fully abstract for the observational preorder of Λ

τ(D)

:

⟦ M ⟧ ⊆ ⟦ N ⟧ ⇔ ∀ C ∈ T

^(|·|_τ(D)⁾

,C( | M | )⇓

^h

⇒ C( | N | )⇓

^h

.

565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610

• P roof . Let ⟦ M ⟧ ⊆ ⟦ N ⟧ and C( |M| )⇓

^h

. Then by sensibility we have that ⟦ C( |M| ) ⟧ is non-empty. Moreover, by Proposition 2 we have that ⟦ C( |M| ) ⟧ ⊆ ⟦ C( |N| ) ⟧ . Thus ⟦ C( |N| ) ⟧ is non-empty and by sensibility, C( |N| )⇓

^h

.

change in the thesis!!!

change in the

thesis!!! Conversely, suppose that for all context C ∈ T

⁽_τ(D)^|·|)

, C( |M| )⇓

^h

⇒ C( |N| )⇓

^h

and let (⃗α, β) ∈ ⟦ M ⟧

^⃗x

:

Then by Theorem 2.12, τ

β

(M[( ϵ ¯

α_i

/x

i

)

i≤n

])⇓

^h

where n is the length of ⃗α. Thus, after stating the context C = τ

_β

((λx

1

...x

_n

.( |.| )) ϵ ¯

_α1

· · · ϵ ¯

_αn

), we have C( |M| ) →

ⁿ_h

τ

_β

(M[(¯ ϵ

_αi

/x

_i

)

i≤n

])⇓

^h

which implies that C( |N| )⇓

^h

. However, there is no choice for the n first head reductions of C( |N| ), those are forced to be C( |N| ) →

ⁿ_h

τ

_β

(N[(¯ ϵ

_αi

/x

i

)

i≤n

]) so that this term is also head-converging. Then by applying the reverse implication of Theorem 2.12 we conclude (⃗α, β) ∈ ⟦ N ⟧

^⃗x

. 3 COLLAPSING SENSIBILITY AND APPROXIMABILITY FOR TESTS

Once we have said that sensibility and full abstraction are equivalent properties for test, it should not surprise the reader to learn that approximability is also equivalent to those properties. Indeed, approximability usually corresponds to the adequation of the B¨ohm-tree’s equality, which is a property between sensibility and full abstraction. However, the situation is a bit mere subtle: if the properties of sensibility and full abstraction for Λ

τ(D)

strongly refer to tests mechanisms, the property of approximability is defined independently from tests. This really means that D-tests will behave well exactly whenever D is approximable.

First we extend the languages of approximants with tests (or rather the language of tests with approximants):

T heorem 3.1. Each of the above properties are still true when adding to the calculus with D-test the term ⊥ and the rules:

λx.⊥ → ⊥ ⊥ M → ⊥ τ

_α

(⊥) → 0.

P roof . The term ⊥ behave similarly to ¯ τ

α

(0) (for any α). The only di ff erence is that the rule ¯ τ + is delayed. But this rule is cosmetic, one can work with or without it since it distributes with every other rules.

We can now use the approximants of Definition 1.9 together with tests:

L emma 3.2. For any DEFiM D, any sequence ⃗α ∈ D

^⃗x

, any β ∈ D −{ ω } and any M ∈ Λ (with free variables ⃗ x), the following are equivalent:

∙ the test τ

β

(M[¯ ϵ

α

/⃗ x]) is may-head converging without β-reduction,

∙ the test with approximants τ

_β

(a p(M)[¯ ϵ

_α

/⃗ x]) is may-head converging,

∙ (⃗α, β) ∈ ⟦ a p(M) ⟧

^⃗x

.

P roof . Considering that ⊥ is a notation for ¯ τ

_α

(0), the second and third points are equivanent by Theorem 2.12.

The equivalence between the two first points is obtained by induction on a p(M):

∙ Immediate when a p(M) = M = x

_i

.

∙ When a p(M) = λy.a p(N) for M = λy.N, we can use the induction hypothesis on N.

∙ When a p(M) = ⊥, this means that τ

β

(M[ ϵ ¯

α

/⃗ x]) →

^*

τ

^′_β

((λy.M

^′

) M

1

· · · M

n

) cannot converges without performing a β-reduction.

∙ Otherwise, a p(M) = x

i

a p(N

₁

) · · · a p(N

_n

) with M = x

i

N

1

· · · N

n

thus the terms τ

β

(M[¯ ϵ

α

/⃗ x]) and τ

β

(a p(M)[¯ ϵ

α

/⃗ x]) can performe the same sequence of ¯ τ-reductions followed by a τ¯ τ-reduction which results in a sum and product combination of tests behaving the same way by induction hypothesis.

This clearly shows that taking the approximants is an operation that distribute with the semantics. This is su ffi cient to get the approximation theorem whenever the extension with tests is sensible.

T heorem 3.3. Any extensional filter model D, is approximable if and only if it is sensible for D-tests.

P roof . Both implications are considered separatelly.

612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658

∙ If D is sensible for Λ

τ(D)

then it is approximable:

Let ⃗α ∈ D

^⃗x

, β ∈ D−⊥ and M ∈ Λ .

– If (⃗α, β) ∈ ⟦ a p(N) ⟧

^⃗_D^x

for some M →

^*

N, then τ

α

(N[¯ ϵ

α

/⃗ x])⇓

^h_h

by Lemma 3.2, thus τ

α

(M[ ϵ ¯

α

/⃗ x])⇓

^h_h

and (⃗α, β) ∈ ⟦ a p(M) ⟧

^⃗xD

.

– If (⃗α, β) ∈ ⟦ a p(M) ⟧

^⃗D^x

, then τ

_α

(M[¯ ϵ

_α

/⃗ x]) ⇓

^h_h

. By Theorem 2.5, M →

^*_β

N with τ

_α

(N[ ϵ ¯

_α

/⃗ x]) that may-head converges without β-reduction. Thus, (⃗α, β) ∈ ⟦ a p(N) ⟧

^⃗x

by Lemma 3.2.

∙ If D is approximable then it is sensible for Λ

τ(D)

: Let ⃗α ∈ D

^⃗x

, β ∈ D−⊥ and M ∈ Λ .

– If τ

_α

(M[¯ ϵ

_α

/⃗ x])⇓

^h_h

, then by Theorem 2.5, M →

^*_β

N with τ

_α

(N[¯ ϵ

_α

/⃗ x]) that may-head converges without β-reduction. Thus, by Lemma 3.2, (⃗α, β) ∈ ⟦ a p(N) ⟧

^⃗x

, which is included in ⟦ M ⟧

^⃗x

by approximability.

– If (⃗α, β) ∈ ⟦ a p(M) ⟧

^⃗x_D

, then there is M →

^*

N such that (⃗α, β) ∈ ⟦ a p(N) ⟧

^⃗x

. By Lemma 3.2 we have τ

β

(M[ ϵ ¯

α

/⃗ x]) that is may-head converging so that τ

α

(M[ ϵ ¯

α

/⃗ x])⇓

^h_h

.

4 SUFFICIENT CONDITION FOR THE SENSIBILITY OF TESTS

So far we could not find a generic proof of the approximation property in the literature for standard filter model.

²

Hence, we give a su ffi cient condition (Def 4.11) for a filter model D to be approximable (Th. 4.16). Indeed, we use this condition in Example 4.20 for stating the approximation property of the models of Example 1.4 (save for P

∞

) and Example ??.

Here, we make a strong use of the equivalence between approximability and sensibility with tests (Th. 3.3) proven in the previous chapter. Indeed, if approximability is also proved using Tait reducibility methods [22], the process is not as well understood as in the proofs of sensibility. By directly relying on the connection with tests, we can get the more refined analysis of the theorem of approximation that we have ever find.

After our detailed analysis, we describe a su ffi cient, but not necessary, condition for the approximability.

Generalizing the study of sensible models carried out by Berline [3] and her students (Kerth [16] in particular). In fact, we include (by far) all filter models proven sensible in the literature!

4.1 Realizers

In this section, we are adapting Tait proof of reducibility to the filter models and the calculi with tests. The adaptation for filter models (or restrictions) have already been extensively studied; for example, see Berline’s survey [3]. However, the adaptation to tests is new and quite interesting. Indeed, we will see that the set of realizers we are looking into is much more coarser and refined, making the search more readable.

The first step is to defined what is a correct realizer:

³

Definition 4.1. A saturated set is a set of term G ⊆ Λ

τ(D)

that is close by backward reduction.

Given two saturated sets G, H, we denotes by G ↦→ H the saturated set of terms M such that (M N) ∈ H whenever N ∈ G.

2Save Chapter 17.3 of the book of Barendregt, Dekkers ans Statman [1] where this proof is done in parallel for several models of different classes.

3Notice that this notion of Realizers is not exactly what Tait call a realizer, but more like aD-indexed set of those. However, since we will look into a set of suchD-indexed sets of Realizers; we changed the level of abstraction...

659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704

• Definition 4.2. A realizer of D in Λ is a function R from D to saturated subsets of Λ

τ(D)

such that for all α, β ∈ D, we have

R(α ∧ β) = R(α) ∩ R(β) R(α→β) = R(α) ↦→ R(β).

Given any D-indexed sequence S of saturated sets, a realizer R of D in Λ is a S -realizer if for all α, R(α) ∈ R

α

. This definition trivially is extended for a partial DEFiM J in place of D.

Intuitively, a S -realizer is a proof that a certain property represented by S is true for every typable terms. This

“certain property represented by S ” is basically the commune property of elements of S . In our case, we are looking for sensibility, this gives us following, the quite complex but also quite refined, set:

Definition 4.3. We denote, for all α ∈ D−ω:

∙ 𝒩

_α⁺

: = {M ∈ Λ

τ(D)

| ∀β ≥

_D

α, τ

β

(M)⇓

^h

},

∙ 𝒩

_α⁻

: = {( ∑︀

i

ϵ ¯

β_i

+ L | ⋀︀

i

β

i

≤

_D

α, L ∈ Λ

τ(D)

},

∙ S

α

is the set of τ(D)-saturated subsets of 𝒩

_α⁺

that contains 𝒩

_α⁻

,

∙ S

ω

= Λ

τ(D)

∙ S

_τ(D)^D

= (S

^α_τ(D)

)

α∈D

is the set of D-indexed collections of elements of S

^α_τ(D)

. The definition is extended for partial models.

L emma 4.4. Let R be a S

^D_τ(D)

-realizer in D.

if (⃗α, β) ∈ ⟦ M ⟧

^⃗x

and (∀i, L

_i

∈ R(α

_i

)) then M[ ⃗ L/⃗ x] ∈ R(β) if ⃗α ∈ ⟦ Q ⟧

^⃗x

and (∀i, L

i

∈ R(α

i

)) then Q[ ⃗ L/⃗ x] →

^*

ϵ P roof . By induction on M and Q.:

∙ M = x

i

: then α

i

≤

_D

β. Thus if L

i

∈ R(α

i

) ⊆ R(β), we have M[ ⃗ L/⃗ x] = L

i

∈ R(β).

∙ M = N

1

N

2

: there exists (γ

_j

, β

_j

)

j≤n

such that β = ⋀︀

j

β

_j

, (⃗α, ⋀︀

j

γ

_j

→β

_j

) ∈ ⟦ N

1

⟧

^⃗x

and (⃗ a; ⋀︀

j

γ

_j

) ∈ ⟦ N

2

⟧

^⃗x

. Thus, by induction hypothesis, if for all i, L

i

∈ R(α

i

), N

1

[ ⃗ L/⃗ x] ∈ ( ⋂︀

j

(R(γ

j

) ↦→ R(β

j

))) and N

2

[ ⃗ L/⃗ x] ∈ ⋂︀

j

R(γ

j

).

We conclude by (N

1

N

2

)[ ⃗ L/⃗ x] ∈ ⋃︀

j

R(β

i

).

∙ M = λy.N : then β = ⋀︀

j

γ

j

→β

j

and ((⃗α, ⋀︀

i

γ

i

); ⋀︀

i

β

i

) ∈ ⟦ N ⟧

^⃗xy

. We want to show that whenever ∀i ≤ |⃗ x|, L

i

∈ R(α

_i

) and j ≤ n, we have λy.N[ ⃗ L/⃗ x] ∈ R(γ

_j

) ↦→ R(β

_j

). But if L ∈ R( ⋀︀

i

γ

_i

) for all i, the induction hypothesis give us that for any j, N[ ⃗ L/⃗ x][L/y] ∈ R(β

_j

).

∙ M = Σ

j∈J

τ ¯

γ_j

(Q

j

) : there is J

^′

⊆ J such that β ⪯ ⋀︀

j∈J^′

γ

j

and ⃗α ∈ ⋂︀

j∈J^′

⟦ Q

j

⟧

^⃗x

.

By induction hypothesis, when given L

i

∈ R(α

i

) for each i ≤ |⃗ x|, we get Q

j

[ ⃗ L/⃗ x] →

^*

ϵ for any j ∈ J

^′

. Thus, for all j ∈ J

^′

, M[ ⃗ L/⃗ x] →

^*

M

^′

+ ϵ ¯

_γj

∈ 𝒩

_γ⁻

j

⊆ R(γ

_j

), so that M[ ⃗ L/⃗ x] ∈ R( ⋀︀

j∈J^′

γ

_i

) ⊆ R(β).

∙ Q = τ

_β

(M) : we have (⃗α, β) ∈ ⟦ M ⟧

^⃗x

, and by induction hypothesis if ∀i ≤ |⃗ x|, L

i

∈ R(α

i

) then M[ ⃗ L/⃗ x] ∈ R(β) ⊆ 𝒩

_β⁺

. Thus, by definition, τ

_α

(M[ ⃗ L/⃗ x]) →

^*

ϵ

∙ Q = Q

1

·Q

2

: then ⃗α ∈ ⟦ Q

1

⟧

^⃗x

∩ ⟦ Q

2

⟧

^⃗x

and by induction hypothesis whenever ∀i ≤ |⃗ x|, L

_i

∈ R(α

_i

), Q

₁

[ ⃗ L/⃗ x] →

^*

ϵ and Q

₂

[ ⃗ L/⃗ x] →

^*

ϵ, thus trivially Q

₁

·Q

₂

→

^*

ϵ

∙ Q = Q

1

+ Q

2

: then there is j ∈ {1, 2}, ⃗α ∈ ⟦ Q

j

⟧

^⃗x

and by induction hypothesis whenever ∀ i ≤ |⃗ x |, L

i

∈ R(α

_i

), Q

j

[ ⃗ L/⃗ x] →

^*

ϵ, thus trivially Q

1

·Q

2

→

^*

ϵ

T heorem 4.5. A DEFiM D is sensible for Λ

τ(D)

i ff there is a S

^D_τ(D)

-realizer in D.