A New Model Construction for the Polymorphic Lambda Calculus

A New Model Construction for the Polymorphic Lambda Calculus Dieter Spreen Fachbereich Mathematik, Theoretische Informatik Universit¨at Siegen, 57068 Siegen, Germany Email: [email protected]

Abstract Various models for the Girard-Reynolds second-order lambda calculus have been presented in the literature. Except the term model they are either realizability or domain models. In this paper a further model construction is introduced. Types are interpreted as inverse limits of ω-cochains of finite sets. The corresponding morphisms are sequences of maps acting locally on the finte sets in the ω-cochains. The model can easily be turned into an effectively given one. Moreover, it can be arranged in such a way that the universal type ∀t.t representing absurdity in the higher-order logic defined by the type structure is interpreted by the empty set, which means that it is also a model of this logic.

1

Introduction

Type systems originally introduced in logic and the foundations of mathematics have been proved quite useful in computer science. By the Curry-Howard isomorphism typed expressions can be interpreted in various ways. If types are considered as formulae of a logical calculus, the expressions of a certain type are proofs of the corresponding formula. In case we think of a type as a data structure, an expression is a program which evaluates to a value in this data structure. But we can also consider types as formulae of a specification language. Then the statement that an expression is of a certain type means that this program results in a value which meets the specification given by the type. Various type systems of different computational and expressive power has been considered in the literature. In this paper we will be mainly concerned with the polymorphic lambda calculus. The polymorphic lambda calculus, introduced independently by Girard [13, 14] and Reynolds [21], is an extension of the usual typed lambda calculus that allows a form of parametric polymorphism. Types include universal types which are types of polymorphic terms, thought of as describing those functions which are defined in a uniform manner at all types. Terms can be applied to types and in this sense can be parameterised by types. In order to achieve this, type variables are introduced into the typed lambda calculus. So, for instance, λx : σ. x should be thought of as the identity function on the type denoted by σ. The polymorphic identity function, the term which stands for the identity function on any type, is given by the expression Λt. λx : t. x. It has a universal type denoted by ∀t. t → t. Given a type σ1 , a term Λt. M of universal type ∀t. σ2 can be instantiated to a term {σ1 /t}M which then has type {σ1 /t}σ2 , and so, for instance, the polymorphic identity above instantiates at type σ to the identity λx : σ. x of type σ → σ. While the pioneering work of Girard contains most of the results on the syntax of the calculus, an understanding of its models has developed more slowly. There is a trivial model obtained by interpreting types as either the empty or the one-point set. But this is obviously inadequate as a model of polymorphism and the many useful data structures definable in the calculus. The difficulty of providing nontrivial models arises essentially from the impredicative nature of the calculus: in the abstraction of a universal type ∀t. σ the type variable t is 1

understood to range over all types including the universal type itself. Reynolds [23] showed that no model of the polymorphic lambda calculus in which the function-space constructor behaves set theoretically is possible, classically. But, by a result of Pitts [20], such a model can be constructed in constructive set theory. Nontrivial models, term and realizability models, were already presented by Girard [14] and Troelstra [27]. McCracken [18], building on ideas from Scott [25] produced the first correct domain-theoretic model. It was constructed from Scott’s universal domain Pω, using closures (a special kind of retracts) to represent types. Following a suggestion of Scott [26], McCracken [19] has as well shown that finitary retracts over certain finitary complete partial orders can be used to represent types. Amadio, Bruce, and Longo [1], again using ideas appearing in several papers by Scott, have also constructed a model using finitary projections over complete partial orders. All these domain models are models for stronger calculi with a type of all types, a fact which is used in giving meaning to universal types. But by a result of Girard [14], such systems are inconsistent, when they are considered as logical calculi. In his paper [15], Girard produced an interesting new model in which types of the polymorphic lambda calculus are represented as certain kinds of objects called qualitative domains. In this construction types with free type variables, called “variable types” by Girard, are interpreted as functors on a category of these domains which behave nicely. The central observation was that the behaviour of such functors is already determined by what they do on finite qualitative domains. So he got rid of the circularity in the construction of universal types. Building upon these ideas, Coquand, Gunter, and Winskel presented a domain model for the polymorphic lambda calculus in which types are interpreted as dI-domains [7] and Scott domains [8], respectively. In the last model a universal type is interpreted as a domain (considered as a category) of continuous sections of the Grothendieck fibration of a continuous functor. By using an observation of the present author, Gruchalski [17] showed that the construction of the Scott domain model can be simplified so that only domain-theoretic methods are used. Girard’s qualitative domains can be represented by certain graphs such that the usual domain constructions can be carried out directly on the graphs [16]. Using similar structures Berardi and Berline [3] managed to construct a large family of concrete models in a noncategorical way. A major drawback of the domain models is that the type ∀t. t, which represents absurdity in the logical calculus given by the type system, is interpreted by a nonempty set, which means that this semantics is not adequate when one wants to give meaning to the logic, known to be consistent. Moreover, even when one is only interested in the functional language, then one should be able to introduce some notion of computability in the model, which seems to be impossible at least in the case of the dI- and Scott domain model of Coquand, Gunter and Winskel. In the model we present in this paper types are interpreted as sets which are approximated by sequences of finite sets, more exactly, as inverse limits of ω-cochains of finite sets. The points in these limits are certain sequences of elements of the approximating finite sets. As morphisms in the new category SFS (Sequences of Finite Sets), which we are considering, we take those maps that can be represented as sequences of mappings which act locally on the approximating finite sets and commute with the connecting projections of the chain. For any two sequences of elements of the approximating finite sets they preserve the longest initial segment in which these coincide. In the context of rank-ordered sets Bruce and Mitchell [5] called such maps rank-preserving. As it turns out, the constructors for products and exponents are itself rankpreserving. Note here that the objects in SFS are also sequences. Modulo some coding, a universal type ∀t. σ is then interpreted as the set of all rank-preserving sections with respect to the fibration of the rank-preserving constructor obtained from the interpretation of σ. The model can easily be turned into an effectively given one. Moreover, without any restrictions on the collection of finite sets used for approximation the empty set is an object of our category, which implies that the universal type representing absurdity is interpreted by the empty set. Thus, the model not only gives meaning to the polymorphic lambda calculus viewed as a functional language but also when considered as a logical calculus. The construction of the model allows some variations. If, e.g., one requires the approximating finite sets not to be empty, the interpretation of ∀t. t is nonempty, too. In case all the finite sets are T0 -spaces and the connecting projections are continuous, one obtains a model in which 2

every type is interpreted by a directed-complete partial order (not necessarily with a smallest element). Note that in this case the morphisms have to be continuous as well. However, requiring the topology on the finite sets to satisfy stronger separation conditions will produce no further models, since a topology on a finite set which satisfies the T1 -axiom is already discrete. In general, one can consider any property of sets that is closed under the inverse limit construction. With respect to the canonical metric defined on sets of infinite sequences the spaces in SFS are complete ultrametric spaces. Beside the polymorphic lambda calculus the category SFS can also be used to give meaning to other type systems. Here, we consider only the slight extension of the second-order lambda calculus studied by Bruce, Meyer and Mitchell [6]. Extensions of the polymorphic lambda calculus concern the kind structure built upon the type expressions of the calculus. Essentially, kinds are the “types” that appear in type expressions. The object set of the category SFS is a complete projection space. Projection spaces have been studied by Ehrig et al. [9, 10, 11, 12] as a generalization of the projective model of process algebra of Bergstra and Klop [4]. They are a nonempty sets with a family of commuting projection functions. The projections assign a canonical sequence of approximations to each element of the set. With rank-preserving maps as morphisms the category of complete projection spaces is Cartesian closed. The paper is organised as follows. In Section 2 the syntax of the polymorphic lambda calculus is recalled and in Section 3 a modification of Bruce, Meyer and Mitchell’s notion of a second-order environment model is given which includes the case that types can be empty. In both cases we follow the presentation in [6]. The category SFS is considered in Section 4 and in Section 5 complete projection spaces are introduced. It is shown that the collection of all SFS objects is a complete projection space. Section 6 deals with representations in SFS of products of rank-preserving maps over the object set of SFS. In Section 7 the new model for the polymorphic lambda calculus is defined. Concluding remarks appear in Section 8.

2 2.1

Syntax of the polymorphic lambda calculus Constructors and kinds

Every term of the calculus we are going to consider has a type and every subexpression of a type expression has a kind. The subexpressions of type expressions, which may be type expressions or operators like → and ∀, will be called constructors. We will define the sets of kinds and constructor expressions before introducing the syntax and type checking rules for terms. We use the constant T to denote the kind consisting of all types. The set of kind expressions is given by κ ::= T | κ1 ⇒ κ2 . Intuitively, the kind κ1 ⇒ κ2 is the kind of maps from κ1 to κ2 . We define the set of constructor expressions, beginning with a set of constructor constants. Let Ccst be a set of constant symbols cκ , each with a specified kind (written as a superscript when necessary) and let Vcst be a set of variables v κ , each with a specified kind. We assume that we have infinitely many variables for each kind. The constructor expressions over Ccst and Vcst , and their kinds, are defined by the derivation system cκ : κ, v κ : κ µ : κ1 ⇒ κ2 , ν : κ 1 µν : κ2 µ : κ2 . λv κ1 .µ : κ1 ⇒ κ2 Free and bound variables are defined as usual. Substitution {µ/u}ν of µ for free occurrences of u in ν has the usual inductive definition, including renaming bound variables in ν to avoid capture of free variables in µ. 3

A subset of the constructor expressions are the type expressions, the constructor expressions of kind T . Since we will often be concerned with type expressions rather than arbitrary constructor expressions, it will be useful to distinguish them by notational conventions. We adopt the conventions that r, s, t, . . . stand for arbitrary type variables ρ, σ, τ, . . . stand for arbitrary type expressions. As in the definition above, we will generally use µ and ν for constructor expressions. In this paper we consider the case that we only have the usual second-order types in the language, that is, Ccst only contains the function-type constructor constant →: T ⇒ (T ⇒ T ) and the polymorphic-type constructor constant ∀ : (T ⇒ T ) ⇒ T . As usual, we write → as an infix operator, as in the type expression σ → τ , and write ∀t.σ for ∀(λt.σ). Since we have a “kinded” lambda calculus, there are many nontrivial equations between types and constructors, which follow from the logical axioms below. The axioms and inference rules are essentially the familiar rules of the ordinary simply typed lambda calculus. Constructor axioms. (ακ ) λv κ .µ = λuκ .{uκ /v κ }µ, uκ not free in µ (βκ ) (λv κ .µ)ν = {ν/v κ }µ (ηκ ) λv κ .(µv κ ) = µ, v κ not free in µ. The inference rules are the usual congruence rules and are similar to the inference rules (sym), (trans), (cong), and (ξ) given for terms in the next section. If µ = ν is provable from the axioms and rules for constructors, we write ⊢c µ = ν. The constructor axiom system will be used to assign types to terms, since equal types will be associated with the same set of terms. Since the simply typed lambda calculus is strongly normalising, it follows that every constructor is provably equal to a unique normal form constructor with no subexpression matching the lefthand side of axioms (βκ ) or (ηκ ).

2.2

Terms and their types

We write free variables without type labels. However, we always assign types to free variables using a technical device called context. Let Vterm be an infinite collection of variables. We will use the notation x, y, z, . . . for these variables. The set of pre-terms over variables from Vcst and Vterm is defined by M ::= x | λx : σ.M | M N | Λt.M | M σ, where x ∈ Vterm , t is a type variable, and σ is a type expression over Ccst and Vcst . We will define the well-typed terms below. The usual definitions of free and bound variables in lambda expressions may be stated without reference to typing: λ binds x in λx : σ.M and Λ binds t in λt.M . Substitutions {N/x}M of N for x and {σ/t}M of σ for t are defined as usual to include renaming of bound variables to avoid capture. The type of a second-order lambda term will depend on the context in which it occurs. We must know the types of all free variables before assigning a type. A context Γ is a finite set Γ = {x1 : σ1 , . . . , xk : σk } of associations of types to variables, with no variable appearing twice in Γ. If x does not occur in a context Γ, then we write Γ, x : σ for the context Γ, x : σ = Γ ∪ {x : σ}. The typing relation is a three-place relation between contexts, pre-terms and type expressions. Let Γ be a context, M be a pre-term, and σ : T a type expression. We define Γ ⊢ M : σ, which is read “M has type σ with respect to Γ,” by the derivation system below. The axiom about the typing relation is x : σ ⊢ x : σ. 4

The type derivation rules are (→ E) (→ I) (∀E) (∀I)

Γ ⊢ M : σ → τ, Γ ⊢ N : σ Γ ⊢ MN : τ Γ, x : σ ⊢ M : τ Γ ⊢ λx : σ.M : σ → τ Γ ⊢ M : ∀µ Γ ⊢ M τ : µτ Γ⊢M: τ t not free in Γ Γ ⊢ Λt.M : ∀t.τ

and two rules that apply to terms of any form. A few comments are in order before discussing the remaining two typing rules. In rule (∀E), we know that µ must have kind T ⇒ T , since ∀µ is assumed to be a type, and ∀ has kind (T ⇒ T ) ⇒ T . Therefore µτ will be a well-formed type expression. A related point about (∀I) is that while we can only introduce ∀-types of the form ∀t.σ ::= ∀(λt.σ), we will be able to use the type equality rule below to derive typings of the form Γ ⊢ Λt.M : ∀µ, where µ is not of the form (λt.σ). Since additional hypotheses about the types of variables do not effect the type of a term, we have the rule (add hyp)

Γ⊢M: τ Γ, x : σ ⊢ M : τ

x not in Γ

for adding typing hypotheses. In addition, we have the type equality rule (type eq)

Γ ⊢ M : σ, ⊢c σ = τ . Γ⊢M: τ

We say that M is a term if Γ ⊢ M : σ for some Γ and σ. In writing Γ ⊢ M : σ, we will mean that the typing Γ ⊢ M : σ is derivable.

2.3

Equations between terms

Since we write terms with type assignments, it is natural to include type assignments in equations as well. By equation, we will mean an expression Γ ⊢ M = N : σ, where Γ ⊢ M : σ and Γ ⊢ N : σ. Intuitively, an equation {x1 : σ1 , . . . , xk : σk } ⊢ M = N : σ means, “if the variables x1 , . . . , xk have types σ1 , . . . , σk , respectively, then terms M and N denote the same element of type σ. The axioms and inference rules for equations between second-order lambda terms are similar to the axioms and rules of the ordinary typed lambda calculus. The main difference is that we tend to have two versions of each axiom or rule, one for ordinary function abstraction or application, and another for type abstraction or application. Axioms for terms. (α)

Γ ⊢ λx : σ.M = λy : σ.{y/x}M : σ → τ, y not free in M , Γ ⊢ Λt.M = Λs.{s/t}M : ∀t.σ, s not free in Λt.M ,

(β)

Γ ⊢ (λx : σ.M )N = {N/x}M : τ, Γ ⊢ (Λt.M )ρ = {ρ/t}M : σ,

(η)

Γ ⊢ λx : σ.M x = M : σ → τ, x not free in M , Γ ⊢ Λt.M t = M : ∀t.σ, t not free in M .

It is not necessary to include a reflexivity axiom because M = M follows from (β) by the symmetry and transitivity rules below. 5

Inference rules for terms. (sym)

Γ⊢M =N: σ Γ⊢N =M: σ

(trans)

Γ ⊢ M = N : σ, Γ ⊢ N = P : σ Γ⊢M =P: σ

(cong)1

Γ ⊢ M = N : σ → τ, Γ ⊢ P = Q : σ Γ ⊢ MP = NQ: τ

(cong)2

Γ ⊢ M = N : ∀µ, ⊢c σ = τ Γ ⊢ M σ = N τ : µσ

(ξ)1

Γ, x : σ ⊢ M = N : ρ, ⊢c σ = τ Γ ⊢ λx : σ.M = λx : τ.N : σ → ρ

(ξ)2

Γ⊢M =N: σ Γ ⊢ Λt.M = Λt.N : ∀t.σ

(constr sub)

Γ ⊢ M = N : σ, µ : κ Γ ⊢ {µ/v κ }M = {µ/v κ }N : {µ/v κ }σ

t not free in Γ v κ not free in Γ and κ 6≡ T .

Since type assignments and types are included in the syntax of equations, equational versions of the (add hyp) and (type eq) typing rules are needed: (add hyp) (type eq)

Γ⊢M =N: τ Γ, x : σ ⊢ M = N : τ

x not in Γ

Γ ⊢ M = N : σ, ⊢c σ = τ Γ⊢M =N: τ

As is shown in [6], the inference rules preserve well-typedness of equations.

3

Second-order environment models

Models for second-order lambda calculus have several parts: “kind frames” are used to interpret kinds and constructors and additional sets indexed by types to interpret terms. All these parts are collected together in what is called a frame. Models are defined as frames which satisfy an additional condition involving the meaning of terms.

3.1

Semantics of constructor expressions

Constructor expressions are interpreted using kind frames, which are essentially frames for the simply typed lambda calculus. A kind frame, Kind for a set Ccst of constructor constants is a tuple Kind = ({ Kindκ | κ a kind }, { Φκ1 ,κ2 | κ1 , κ2 kinds }, I), where Φκ1 ,κ2 : Kindκ1 ⇒κ2 → [Kindκ1 → Kindκ2 ] is a bijection between Kindκ1 ⇒κ2 and some set [Kindκ1 → Kindκ2 ] of maps from Kindκ1 to Kindκ2 , and [ I : Ccst → Kindκ κ

preserves kinds, that is, I(cκ ) ∈ Kindκ . Since constructor expressions include all typed lambda expressions one is interested in kind frames which are models of the simply typed lambda calculus. 6

S Let η be an environment mapping constructor variables to κ Kindκ such that for each v κ , one has η(v κ ) ∈ Kindκ . The meaning [[µ]]η of a constructor expression µ in environment η is defined as follows: [[v κ ]]η = η(v κ ), [[cκ ]]η = I(cκ ), [[µν]]η = Φκ1 ,κ2 ([[µ]]η )([[ν]]η ), [[λv κ .µ]]η = Φ−1 κ1 ,κ2 (f ),

where f (a) = [[µ]]η[a/vκ ] for all a ∈ Kindκ . ′

′

Here, η[a/v κ ] is the environment that maps v κ onto a and every other variable uκ onto η(uκ ). Note that the above conditions do not entail that the map f is in the range of Φκ1 ,κ2 . Therefore, the meaning may not be defined for all constructor expressions. Kind is said to be a kind environment model for Ccst if every constructor expression over Ccst has a meaning in every environment for Kind.

3.2

Frames and environment models

As in the definition of a kind environment model, first a structure, called frame, is defined and then models are defined by distinguishing frames which interpret all terms from those that do not. Second-order frames include versions of the maps Φ.,. , now indexed by types, plus an additional collection of such maps for polymorphic types. Intuitively, a polymorphic term Λt.M denotes a map from the set of types to elements of types. More precisely, the meaning of Λt.M is regarded as an element of the Cartesian product Πa∈KindT Domf (a) for some map f : KindT ⇒T determined from the typing of M . Therefore, for every map f ∈ KindT ⇒T , a second-order model has a map Φf mapping Dom∀(f ) to some subset [Πa∈KindT Domf (a) ] of Πa∈KindT Domf (a) . Here ∀(f ) denotes the element ΦT ⇒T,T (I(∀))(f ) of KindT . In the same way we write a → b to mean ΦT,T (ΦT,T ⇒T (I(→))(a))(b) in the next definition. A second-order frame F for terms over constants from Ccst is a tuple F = (Kind, Dom, { Ψa,b | a, b ∈ KindT }, { Ψf | f ∈ KindT ⇒T }) satisfying conditions (1) through (4): 1. Kind = ({Kindκ }, {Φκ1 ,κ2 }, I) is a kind frame for Ccst . 2. Dom = { Doma | a ∈ KindT } is a family of sets Doma indexed by elements a ∈ KindT . 3. For each a, b ∈ KindT , there is a set [Doma → Domb ] of maps from Doma to Domb with bijection Ψa,b : Doma→b → [Doma → Domb ]. 4. For every f ∈ Kind[T ⇒T ] , there is a subset [Πa∈KindT Domf (a) ] of Πa∈KindT Domf (a) with bijection Ψf : Dom∀(f ) → [Πa∈KindT Domf (a) ]. Essentially, condition (3) states that Doma→b must “represent” some set [Doma → Domb ] of maps from Doma to Domb . Similarly, condition (4) specifies that Dom∀(f ) must represent some subset [Πa∈KindT Domf (a) ] of the product Πa∈KindT Domf (a) . Note that since in the model we are going to construct types are allowed to be empty, in what follows environments are partial maps mapping variables in Vcst ∪ Vterm to certain values which are defined for all elements of Vcst , but need not be defined for all ordinary variables. Terms are interpreted using Ψ’s for application and Ψ−1 ’s for abstraction. Since different Ψ and Ψ−1 maps are used, depending on the types of terms, the type of a term will be used to define its meaning. If Γ is a context andSη an environment mapping Vcst to elements of the appropriate kinds and Vterm to elements of { Doma | a ∈ KindT }, one says that η satisfies Γ, written η |= Γ, if for every x : σ ∈ Γ, η(x) is defined with η(x) ∈ Dom[[σ]]η , in case Dom[[σ]]η is not empty, and η(x) is undefined, otherwise. 7

Let F be a second-order frame. For any well-typed term Γ ⊢ M : σ and environment η |= Γ the meaning [[Γ ⊢ M : σ]]η is defined by induction on typing derivations. The inductive clauses of the meaning function are given in the same order as the typing rules in Section 2.2, with rules (→ E), (→ I), (∀E), and (∀I) preceding rules (add hyp) and (type eq) which do not rely on the form of terms: [[Γ ⊢ x : σ]]η = η(x), [[Γ ⊢ M N : τ ]]η = Ψa,b ([[Γ ⊢ M : σ → τ ]]η )([[Γ ⊢ N : σ]]η ), [[Γ ⊢ λx : σ.M : σ → τ ]]η =

Ψ−1 a,b (g),

g(d) = [[Γ, x : σ ⊢ M : τ ]]η[d/x]

where a = [[σ]]η , b = [[τ ]]η and for all d ∈ Doma ,

[[Γ ⊢ M τ : µτ ]]η = Ψf ([[Γ ⊢ M : ∀µ]]η )([[τ ]]η ), [[Γ ⊢ Λt.M : ∀t.σ]]η =

Ψ−1 f (g),

g(a) = [[Γ ⊢ M : σ]]η[a/t]

where a = [[σ]]η and b = [[τ ]]η ,

where f = [[µ]]η ,

where f ∈ KindT ⇒T is the map [[λt.σ]]η and for all a ∈ KindT ,

[[Γ, x : σ ⊢ M : τ ]]η = [[Γ ⊢ M : τ ]]η ,

where the left-hand typing follows from

the rule (add hyp), [[Γ ⊢ M : τ ]]η = [[Γ ⊢ M : σ]]η ,

where the left-hand typing follows by rule (type eq).

It is relatively easy to see that the environments on the right-hand sides of these clauses all satisfy the appropriate contexts (cf. [6]). In the above definition of meaning, there is no guarantee that the map g in the λx : σ.M case is in the domain of Ψ−1 a,b , and similarly for the map g in the Λt.M case. A second-order frame F = (Kind, Dom, { Ψa,b | a, b ∈ KindT }, { Ψf | f ∈ KindT ⇒T }) is an environment model if Kind is a kind environment model and for every term Γ ⊢ M : σ and every environment η |= Γ, the maps g in the λx : σ.M case and g in the Λt.M case, respectively, −1 of the definition of the meaning [[Γ ⊢ M : σ]]η are in the domains of Ψ−1 a,b and Ψf . It is easy to check that the meanings of the terms have the appropriate semantic types: Lemma 3.1 Let η be an environment for a model (Kind, Dom, {Ψa,b }, {Ψf }) and Γ ⊢ M : σ be a term. If η |= Γ and Dom[[τ ]]η is not empty, for every x : τ ∈ Γ such that x occurs free in M , then [[Γ ⊢ M : σ]]η ∈ Dom[[σ]]η . The only nontrivial case is abstraction by rule (→ I). Since we assume that Γ ⊢ λx : σ.M : σ → τ follows from Γ, x : σ ⊢ M : τ , we have to distinguish the cases whether Dom[[σ]]η is empty or not. The second case is obvious and in the first case we have that the map g is the empty map, which is the only map from Dom[[σ]]η to Dom[[τ ]]η . As in [6] it moreover follows that the meaning of a well-typed term Γ ⊢ M : σ does not depend on the derivation of the typing. An environment η |= Γ for model F satisfies an equation Γ ⊢ M = N : σ, if [[Γ ⊢ M : σ]]η = [[Γ ⊢ N : σ]]η . A model F satisfies an equation Γ ⊢ M = N : σ, if F and η satisfy Γ ⊢ M = N : σ for all η |= Γ. In the same way as in [6] one obtains that the axioms and inference rules presented in Section 2.3 are sound for environment models. Proposition 3.2 (Soundness) Let Γ ⊢ M = N : σ be a provable equation. Then Γ ⊢ M = N : σ is satisfied by every environment model.

4 4.1

Sequences of finite sets Basic definitions

The objects by which we will interpret types in the model we are going to present are inverse p0 p1 p2 limits T~ of ω-cochains T0 ←− T1 ←− T2 ←− · · · of finite sets Ti of natural numbers such 8

that for every i > 0 either Ti is empty and pi−1 is the empty map, or Ti is not empty and pi−1 is surjective. The elements of such a limit are sequences (yi )i∈ω with yi ∈ Ti such that yi = pi (yi+1 ). If ~x ∈ T~ then we denote the ith element of the sequence by xi . At first sight, the restriction to subsets of ω seems to be an unnecessary complication of the construction. The reason for it will become clear later. As a consequence of this restriction an encoding of the objects obtained is necessary after most of the construction steps. But in order to make the construction more transparent, we only indicate in the following how the encoding has to be done and then suppress it as much as possible. So, e.g., we always identify a finite object with its code. Moreover, we write {. . . }c to indicate that not the set {. . . } but the set of codes of its elements is meant. Let h , . . . , i : ω n → ω be a computable n-tuple encoding with decoding functions πin (1 ≤ i ≤ n) which is monotone in each argument. Moreover, let D be a canonical coding of finite sets of natural numbers (cf. [24]). If A, A′ , B and B ′ are finite sets of natural numbers and p : A → B and p′ : A′ → B ′ are finite functions, then A ×c A′ = { ha, a′ i | a ∈ A ∧ a′ ∈ A′ } and p ×c p′ : A ×c A′ → B ×c B ′ is the function defined by p ×c p′ (ha, a′ i) = hp(a), p′ (a′ )i. A finite function g : A → B is coded by the number hn, a, bi, where n, a, and b are such that Da = A, Db = B, and Dn = { hd, ei | g(d) = e }. Obviously, the value of the function for an argument can easily be obtained from the code. The morphisms we will consider are such that the degree of coincidence between any two sequences in their domain is preserved. Definition 4.1 Let T~ and T~ ′ be inverse limits of ω-cochains. A map f : T~ → T~ ′ is said to be rank-preserving if for all ~x, ~y ∈ T~ and all i ∈ ω the following condition holds: xi = yi ⇒ f (~x)i = f (~y )i . Note that in the context of rank-ordered sets this definition is equivalent to the one given by Bruce and Mitchell [5]. In the case of projection spaces maps with this property are called projection compatible (cf. [9]). Let SFS be the category which has as • objects

• morphisms

p2 p1 p0 inverse limits T~ of ω-cochains T0 ←− T1 ←− T2 ←− · · · of finite sets Ti of natural numbers such that either Ti+1 is empty and pi is the empty map, or Ti+1 is not empty and pi is surjective, and as

rank-preserving maps.

We denote its object set by SFS and for any two objects T~ and T~ ′ the set of all morphisms ∅ ∅ from T~ to T~ ′ by SFS[T~ , T~ ′ ]. The empty set as inverse limit of the cochain ∅ ←− ∅ ←− · · · is obviously initial in this category and the inverse limit of the cochain {i} ← {i} ← · · · is terminal, for any i ∈ ω.

4.2

Product and exponentials

The product is defined componentwise. Let T~ , T~ ′ , T~ ′′ , and T~ ′′′ be SFS objects such that p0 p1 p2 T~ and T~ ′ , respectively, are the inverse limits of the cochains T0 ←− T1 ←− T2 ←− · · · and p′

p′

p×

p′

p×

p×

0 1 2 0 1 2 T0′ ←− T1′ ←− T2′ ←− · · · . Construct a new cochain T0× ←− T1× ←− T2× ←− · · · by setting

Ti× = Ti ×c Ti′

c ′ and p× i = pi × pi

and define T~ ⊗ T~ ′ to be its inverse limit. We denote elements of T~ ⊗ T~ ′ by ≪~x, ~x′ ≫ with ~x ∈ T~ ′ and ~x′ ∈ T~ ′ . Let pr(≪~x, ~x′ ≫) = ~x and pr (≪~x, ~x′ ≫) = ~x′ . Moreover, for two morphisms 9

′ f ∈ SFS[T~ , T~ ′′ ] and g ∈ SFS[T~ ′ , T~ ′′′ ] let (f ⊗ g)(≪~x, ~x′ ≫) = ≪f (~x), g(~x′ )≫. Then pr, pr and f ⊗ g are rank-preserving. Obviously, one obtains a product in SFS by this means. So, the category is Cartesian. Note that when defining a connecting projection pi we always assume that its domain space is not empty. If it is empty the map pi is always chosen as the empty mapping. Next, we want to show that SFS is also Cartesian closed. To this end we first show that the function space can itself be represented as an inverse limit of an ω-cochain of finite sets of natural numbers. Let to this end pij = pj ◦ · · · ◦ pi−1 , for j < i. The idea is to represent a rank-preserving map from T~ to T~ ′ by a sequence of locally acting functions from Ti to Ti′ . Set c

[Ti → Ti′ ] = { h : Ti → Ti′ | (∀y, z ∈ Ti )(∀j < i)[pij (y) = pij (z) ⇒ p′ij (h(y)) = p′ij (h(z))] } ′ and define qi : [Ti+1 → Ti+1 ] → [Ti → Ti′ ] by

qi (h)(y) = p′i (h(z)), for some z ∈ p−1 i ({y}). Obviously, the value of qi (h)(y) is independent of the choice of z. Moreover, qi is surjective. Let [T~ ⇒ T~ ′ ] be the inverse limit of the cochain ([T~ ⇒ T~ ′ ], qi )i∈ω . There is a one-toone correspondence between SFS[T~ , T~ ′ ] and [T~ ⇒ T~ ′ ]. As it is easily seen, both sets are not empty exactly if T~ ′ is not empty. In this case define ΘT~ ,T~ ′ : SFS[T~ , T~ ′ ] → [T~ ⇒ T~ ′ ] by letting ΘT~ ,T~ ′ (f )i be the (code of the) finite function that maps y ∈ Ti to f (z)i , for some ~z ∈ T~ with y = zi . Since f is rank-preserving, this definition is independent of the choice of ~z and the condition in the definition of [Ti → Ti′ ] is satisfied. Moreover qi (ΘT~ ,T~ ′ (f )i+1 ) = ΘT~ ,T~ ′ (f )i . Thus Θ ~ ~ ′ (f ) ∈ [T~ ⇒ T~ ′ ]. Conversely, define Ψ ~ ~ ′ : [T~ ⇒ T~ ′ ] → SFS[T~ , T~ ′ ] by T ,T

T ,T

ΨT~ ,T~ ′ (g)(~x)i = gi (xi ). Since p′i (gi+1 (xi+1 )) = qi (gi+1 )(pi (xi+1 )) = gi (xi ), we have that ΨT~ ,T~ ′ (g)(x) ∈ T~ ′ . Moreover, ΨT~ ,T~ ′ (g) is rank-preserving. As is readily verified, both maps ΘT~ ,T~ ′ and ΨT~ ,T~ ′ are inverse to each other. Proposition 4.2 For all T~ , T~ ′ ∈ SFS, the map ΨT~ ,T~ ′ is a bijection from [T~ ⇒ T~ ′ ] onto SFS[T~ , T~ ′ ]. We will now show that [T~ ⇒ T~ ′ ] is the exponent of T~ and T~ ′ in SFS. Define eval ∈ SFS[[T~ ⇒ ′ ~ T ] ⊗ T~ , T~ ′ ] by eval(≪g, ~x ≫) = ΨT~ ,T~ ′ (g)(~x), where g ∈ [T~ ⇒ T~ ′ ] and x ∈ T~ , and curry : SFS[T~ ⊗ T~ ′ , T~ ′′ ] → SFS[T~ , [T~ ′ ⇒ T~ ′′ ]] by curry(f )(~x)i (y) = ΘT~ ⊗T~ ′ ,T~ ′′ (f )i (hxi , yi), for f ∈ SFS[T~ ⊗ T~ ′ , T~ ′′ ], ~x ∈ T~ , and y ∈ Ti . Then one has for h ∈ SFS[T~ ⊗ T~ ′ , T~ ′ ], k ∈ SFS[T~ , [T~ ′ ⇒ T~ ′′ ]], ~x ∈ T~ , and ~z ∈ T~ ′ that (eval ◦(curry(h) ⊗ idT~′ ))(≪~x, ~z ≫)i = eval(≪ curry(h)(~x), ~z ≫)i = ΨT~ ′ ,T~ ′′ (curry(h)(~x))(~z)i = curry(h)(~x)i (zi ) = ΘT~ ⊗T~ ′ ,T~ ′′ (h)i (hxi , zi i) = h(≪~x, ~z ≫)i 10

and curry(eval ◦(k ⊗ idT~′ ))(~x)i (zi ) = ΘT~ ⊗T~ ′ ,T~ ′′ (eval ◦(k ⊗ idT~′ ))i (hxi , zi i) = eval(k ⊗ idT~′ (≪~x, ~z ≫))i = eval(≪k(~x), ~z ≫)i = ΨT~ ′ ,T~ ′′ (k(~x))(~z)i = k(~x)i (zi ). Summing up what we have shown so far we obtain the following result. Theorem 4.3 The category SFS of inverse limits of ω-cochains of finite sets of natural numbers and rank-preserving maps is Cartesian closed. Thus, the category SFS gives rise to a model of the simply typed lambda calculus, even to a model of an extension of this calculus by explicit pairs (cf. [2]).

5

Complete projection spaces

5.1

Basic definitions

In this section we study the structure of SFS. As will turn out, SFS is a complete projection space. We have already seen that the usual constructions on SFS are rank-preserving. With rank-preserving maps as morphisms the category of complete projection spaces is Cartesian closed. Definition 5.1 Let P be a nonempty set and ([·]i )i∈ω be a family of maps from P into P . 1. (P, ([·]i )i∈ω ) is a projection space, if for all i, j ∈ ω [·]i ◦ [·]j = [·]min{i,j} . 2. (P, ([·]i )i∈ω ) is complete if for any sequence (xi )i∈ω from P with xi = [xi+1 ]i , for i ∈ ω, there is a unique element x ∈ P such that for all i, xi = [x]i . For i ∈ ω set Pi = { x ∈ P | x = [x]i }. Projection spaces have been studied by Ehrig et al. [9, 10, 11, 12] as a generalization of the projective model of process algebra by Bergstra and Klop [4]. Bruce and Mitchell [5] considers a subclass of complete projection spaces, called rank-ordered sets, which are such that the map [·]0 projects the whole space onto a distinguished element ⊥. The mapping [·]i can be thought of as a map that takes an element x to its ith approximation. In the case of an inverse limit T~ ∈ SFS the ith approximation [T~ ]SFS is the inverse limit of the i cochain p0

p1

pi−1

p2

pi

pi+1

T0 ←− T1 ←− T2 ←− · · · ←− Ti ←− Ti ←− · · · , with pj = idTi , for j ≥ i, which is isomorphic to Ti . Proposition 5.2 (SFS, ([·]SFS )i∈ω ) is a complete projection space. i Note that each projection space P is the inverse limit of the cochain (Pi , [·]i ↾ Pi+1 )i∈ω , but the sets Pi need not be finite. As is readily verified, a map F : P → Q between projection spaces P and Q is rank-preserving exactly if for all x ∈ P and all i, j ∈ ω with j ≥ i, Q Q [F ([x]P j )]i = [F (x)]i . Let CP be the category which has as • objects

complete projection spaces and as

• morphisms rank-preserving maps. We denote the object set by CP and for any two objects P and Q the set of all morphisms from P to Q by CP[P, Q]. 11

5.2

Products and exponentials

Products in the category of complete projections spaces are formed as Cartesian products P ×Q with projections [·]× i given by Q P [(x, y)]× i = ([x]i , [y]i ).

Exponentials are the sets CP[P, Q] of all rank-preserving maps F : P → Q. Define projections [·]→ i by Q [F ]→ i (x) = [F (x)]i .

Then CP[P, Q] is a complete projection space again. Moreover, let Eval und Curry be given in the usual way, that is, for F ∈ CP[P, Q], G ∈ CP[P × Q, R], x ∈ P and y ∈ Q let Eval(F, x) = F (x), Curry(G)(x)(y) = G(x, y). Then Eval ∈ CP[CP[P, Q] × P, Q] and Curry ∈ CP[CP[P × Q, R], CP[P, CP[Q, R]]]. Q Obviously, (P ×Q)i = Pi ×Qi and CP[P, Q]i = { F : K → L | (∀x ∈ P )F (x) = [F ([x]P i )]i }. Theorem 5.3 The category CP of complete projection spaces and rank-preserving maps is Cartesian closed.

6

The product type construction

Let → SFS be rank-preserving. We call F a parametrisation. A map f : SFS → S F ~: SFS { F (T ) | T~ ∈ SFS } is a section of F if f (T~ ) ∈ F (T~ ), for all T~ ∈ SFS. Definition 6.1 Let F be a parametrisation. A section f of F is rank-preserving if for all T~ , T~ ′ ∈ SFS and all i ∈ ω the following condition holds: Ti = Ti′ ⇒ f (T~ )i = f (T~ ′ )i . We would like to interpret a universal type ∀t.σ by the set of all rank-preserving sections of the parametrisation given through the interpretation of the type expression σ. This set can be represented as an inverse limit of sets, in the same way as the morphism set SFS[T~ , T~ ′ ], but in general the approximating sets are not finite, as the sets SFSi are not finite. Therefore, we construct a set which is an inverse limit of an ω-cochain of finte sets and is in a one-to-one correspondence with the set of rank-preserving sections of this parametrisation. Let F be a parametrisation. Then the idea is the following: In order to know F (T~ ) we have to know its approximations F (T~ )i , which depend only on the approximation Tj for j ≤ i, since F is rank-preserving. Thus, instead of taking a product over all T~ ∈ SFS it suffices in the ith approximation to consider the product over all finite cochains pi−1

p1

p0

T0 ←− T1 ←− · · · ←− Ti . Each such cochain is uniquely determined by the sequence (p0 , . . . , pi−1 ) of projections. Let Seq = { σ | σ = (p0 , . . . , pn ) ∧ (∀j < n) dom(pj+1 ) = range(pj ) } and for σ ∈ Seq define Ext(σ) to be the inverse limit of the cochain q0

q1

qi−1

q2

qi

qi+1

T0 ←− T1 ←− T2 ←− · · · ←− Ti ←− Ti ←− · · · , with Ti = range(pi ), for i < n, and Ti = dom(pn ), otherwise, and qi = pi , for i ≤ n, and qi = iddom(pn ) , otherwise. Then Ext(σ) is isomorphic to dom(pn ). 12

One can easily construct an onto and one-to-one enumeration seq : ω → Seq of Seq such that lth(seq(m)) ≤ m + 1, where lth(seq(m)) is the length of the sequence seq(m). Define Π≤n F to be the set of all ha0 , . . . , an i with am ∈ F (Ext(seq(m)))lth(seq(m))−1 , for all m ≤ n, such that the following consistency condition holds: for all m1 , m2 ≤ n with m1 6= m2 , if the sequence seq(m2 ) extends the sequence seq(m1 ) then F (Ext(seq(m )))

F (Ext(seq(m )))

2 2 (· · · (plth(seq(m2 ))−2 (am2 )) · · · ). am1 = plth(seq(m1 ))−1

Moreover, let pΠF n : Π≤n+1 F → Π≤n F be the projection onto the (coded) first n+1 components and define ΠF to be the inverse limit of the cochain (Π≤n F, pnΠF )n≥0 . In the finite approximations of ΠF the information about the finite approximations of the values under F is collected. Every t ∈ ΠF contains the information about the behaviour of F on all finite approximating cochains. In order to obtain a value in F (T~ ) for some object T~ , the type application function Apply has thus to single out the necessary information from t. To make this ~ ~ idea precise, let init(T~ , i) be the uniquely determined number m with seq(m) = (pT0 , . . . , pTi ). Then set Apply(t, T~ )(i) = t(init(T~ , i))init(T~ ,i) . In order to obtain the ith approximation of Apply(t, T~ ), we have to compute t(init(T~ , i)) ∈ Π≤init(T~ ,i) F . Then t(init(T~ , i)) is an (init(T~ , i) + 1)-tuple and t(init(T~ , i))init(T~ ,i) ∈ F (Ext(seq(init(T~ , i))))lth(seq(init(T~ ,i)))−1 . By the definition of init(T~ , i), lth(seq(init(T~ , i))) = i + 1. Moreover, Ext(seq(init(T~ , i))) is the ω-cochain T0 ← T1 ← · · · ← Ti ← Ti · · · . Since F is rank-preserving, it thus follows that F (Ext(seq(init(T~ , i)))) = F (T~ )i . Hence, Apply(t, T~ ) ∈ F (T~ ). ~ lth(seq(init(T ,i)))−1

Proposition 6.2 Let F be a parametrisation. Then the following two statements hold: 1. For every t ∈ ΠF , the map λT~ .Apply(t, T~ ) is a rank-preserving section of F . 2. The map ΨF : t 7→ λT~ .Apply(t, T~ ) is bijection from ΠF onto the set of all rank-preserving sections of F . Because of the property that always lth(seq(m)) ≤ m+1 we moreover have that ΠF depends on F ∈ CP[SFS, SFS] in a rank-preserving way. Proposition 6.3 Π ∈ CP[CP[SFS, SFS], SFS].

7

Semantics of the polymorphic lambda calculus

Set KindT = SFS and for kind expressions κ1 , κ2 define Kindκ1 ⇒κ2 = CP[Kindκ1 , Kindκ2 ]. Moreover, let Φκ1 ,κ2 be the identity on this set. Finally, for T~ , T~ ′ ∈ SFS and F ∈ CP[SFS, SFS] set I(→)(T~ )(T~ ′ ) = [T~ ⇒ T~ ′ ]

and

I(∀)(F ) = ΠF.

Then Kind = ({ Kindκ | κ a kind }, { Φκ1 ,κ2 | κ1 , κ2 kinds }, I) is a kind environment model. ~ Next, for T~ , T~ ′ ∈ SFS and F ∈ CP[SFS, SFS], set DomT = T~ and let the maps ΨT~ ,T~ ′ and ΨF , respectively, be as in Sections 4.2 and 6. Then it follows with Propositions 4.2 and 6.2(2) that (Kind , SFS, { ΨT~ ,T~ ′ | T~ , T~ ′ ∈ SFS }, { ΨF | F ∈ CP[SFS, SFS] }) is a second-order environment model.

13

8

Final remarks

In this paper a new model for the Girard-Reynolds second-order lambda calculus is presented, which is not based on domains. This is in accordance with Reynolds, who argued in [22] that “types are not limited to computation” and that “they should be explicable without invoking constructs, such as Scott domains, that are peculiar to the theory of computation.” The model allows empty types. As a consequence of this, the type ∀t. t is interpreted by the empty set, which entails that it is also a model of the logic associated with the type structure of the calculus. This is not the case with domain models. The model is simple and constructive. It can be extended to stronger calculi which allow the formation of various sorts of dependent products and sums.

Acknowledgement The author is grateful to Furio Honsell for useful hints.

References [1] R. Amadio, K. Bruce, and G. Longo, The finitary projection model for second order lambda calculus and solutions to higher domain equations, in: Proceedings of the IEEE Symposium on Logic in Computer Science, IEEE Computer Society Press, Los Alamitos, CA, 1986, 122–130. [2] A. Asperti and G. Longo, Categories, Types, and Structures, MIT Press, Cambridge, MA, 1991 [3] S. Berardi and C. Berline, Building continuous webbed models for System F , manuscript, 1998. [4] J. A. Bergstra and J. W. Klop, A convergence theorem in process algebra, Technical Report CS-R8733, CWI, Amsterdam, 1987. [5] K. Bruce and J. C. Mitchell, PER models of subtyping, recursive types and higher-order polymorphism, in: Proceedings of the ACM Symposium on Principles of Programming Languages, Ass. for Comp. Machinery, New York, 1992, 316–327. [6] K. Bruce, A. R. Meyer and J. M. Mitchell, The semantics of second-order lambda calculus, Inform. and Computation, 85 (1990) 76–134. [7] T. Coquand, C. Gunter, and G. Winskel, DI-domains as a model of polymorphism, in: M. Main et al., eds., Proceedings of the Third Workshop on the Mathematical Foundations of Programming Language Semantics, Lecture Notes in Computer Science 298, SpringerVerlag, Berlin, 1987, 344–363. [8] T. Coquand, C. Gunter, and G. Winskel, Domain theoretic models of polymorphism, Inform. and Computation 81 (1989) 123–167. [9] H. Ehrig, F. Parisi Presicce, P. Boehm, C. Rieckhoff, C. Dimitrovici, and M. Große-Rhode, Algebraic data types and process specification based on projection spaces, in: D. Sannella and A. Tarlecki , eds., Recent Trends in Data Type Specifications, Lecture Notes in Computer Science 332, Springer-Verlag, Berlin, 1988, 23–43. [10] M. Große-Rhode, Parameterized data type and process specification using projection algebras, in: H. Ehrig et al., eds., Categorical Methods in Computer Science with Aspects from Topology, Lecture Notes in Computer Science 393, Springer-Verlag, Berlin, 1989, 185–197.

14

[11] M. Große-Rhode and H. Ehrig, Transformation of combined data type and process specification using projection algebras, in: J. W. de Bakker et al., eds., Stepwise Refinement of Distributed Systems, Lecture Notes in Computer Science 430, Springer-Verlag, Berlin, 1989, 301–339. [12] H. Herrlich and H. Ehrig, The construct PRO of projection spaces: its internal structure, in: H. Ehrig et al., eds., Categorical Methods in Computer Science with Aspects from Topology, Lecture Notes in Computer Science 393, Springer-Verlag, Berlin, 1989, 286–293. [13] J.-Y. Girard, Une extension de l’interpr´etation fonctionelle de G¨odel `a l’analyse et son application ` a l’´elimination des coupures dans l’analyse et la th´eorie des types, in: J. F. Fenstad, ed., Proceedings of the Second Scandinavian Logic Symposium, North-Holland, Amsterdam, 1971, 63–92. [14] J.-Y. Girard, Interpr´etation fonctionelle et ´elimination des coupures de l’arithm´etique d’ordre sup´erieure, These D’Etat, Universit´e Paris VII, 1972. [15] J.-Y. Girard, The system F of variable types, fifteen years later, Theoretical Computer Science 45 (1986) 159–192. [16] J.-Y. Girard, Y. Lafont and P. Taylor, Proofs and Types, Cambridge University Press, Cambridge, 1989. [17] A. Gruchalski, Constructive domain models of typed lambda calculi, Ph.D. thesis, Siegen University, 1995. [18] N. McCracken, An investigation of a programming language with a polymorphic type structure, Ph.D. thesis, Syracuse University, 1979. [19] N. McCracken, A finitary retract model for the polymorphic lambda-calculus, manuscript, 1982. [20] A. M. Pitts, Polymorphism is set-theoretic, constructively, in: D. Pitt et al., eds., Proceedings of the Summer Conference on Category Theory and Computer Science, Lecture Notes in Computer Science 283, Springer-Verlag, Berlin, 1987, 12–39. [21] J. C. Reynolds, Towards a theory of type structures, in: B. Robinet, ed., Colloque sur la programmation, Lecture Notes in Computer Science 19, Springer-Verlag, Berlin, 1974, 408–425. [22] J. C. Reynolds, Types, abstraction, and parametric polymorphism, in: R. E. A. Mason, ed., Information Processing 83, Elsevier, Amsterdam, 1983, 513–523. [23] J. C. Reynolds, Polymorphism is not set-theoretic, in: G. Kahn et al., eds., Proceedings of the International Symposium on Semantics of Data Types, Lecture Notes in Computer Science 173, Springer-Verlag, Berlin, 1984, 145–156. [24] H. Rogers, Jr., Theory of Recursive Functions and Effective Computability, McGraw-Hill, New York, 1967. [25] D. Scott, Data types as lattices. Siam J.Computing 5 (1976) 522–587. [26] D. Scott, A space of retracts, manuscript, Merton College, Oxford, 1980. [27] A. S. Troelstra, Notes on intuitionistic second order arithmetic, in: A. R. D. Mathias and H. Rogers, eds., Cambridge Summer School in Mathematical Logic, Lecture Notes in Mathematics 337, Springer-Verlag, Berlin, 1973, 171–205.

15