Realizability toposes from specifications Jonas Frey
Warsaw, 3 July 2015
1 / 22
Overview
• In this talk New Krivine realizability models using side effects (I/O) Slogan: ‘Specifications are poles’
• Use categorical approach to realizability, via indexed preorders (triposes) [and categories of partial equivalence relations (toposes)]
• Structure of talk: Warm up: categorical formulation of Kleene realizability ‘Classical’ Krivine realizability formulated categorically New poles using side effects Open questions, speculations, future work
2 / 22
Kleene Realizability and the Brouwer-Heyting-Kolmogorov interpretation • BHK: informal proof semantics of constructive predicate logic Slogan: “The meaning of a formula is the set of its proofs” • ‘Proof’ defined by induction on structure of formulas: Proof of P ∧ Q : Proof of P ⇒ Q : Proof of ∀x : N . ϕ(x) : Proof of ⊥ : ...
Pair ha, bi of proof of P and proof of Q Function f mapping proofs of P to proofs of Q Function f mapping integers n to proofs of ϕ(n) None
• Realizability: replace informal ‘proofs’ by representations as mathematical objects, called ‘realizers’ integers closed λ-terms combinators strategies from game semantics ...
3 / 22
Kleene Realizability and the Brouwer-Heyting-Kolmogorov interpretation • BHK: informal proof semantics of constructive predicate logic Slogan: “The meaning of a formula is the set of its proofs” • ‘Proof’ defined by induction on structure of formulas: Proof of P ∧ Q : Proof of P ⇒ Q : Proof of ∀x : N . ϕ(x) : Proof of ⊥ : ...
Pair ha, bi of proof of P and proof of Q Function f mapping proofs of P to proofs of Q Function f mapping integers n to proofs of ϕ(n) None
• Realizability: replace informal ‘proofs’ by representations as mathematical objects, called ‘realizers’ integers closed λ-terms combinators strategies from game semantics ...
• Implication most important for categorical formulation 3 / 22
Categorical approach – ordering on truth values
• Fix set Λ of realizers (say closed λ-terms modulo β-equivalence) • Truth value: Set P ⊆ Λ of realizers • For P, Q ⊆ Λ, a realizer of P ⇒ Q is a t ∈ Λ such that ∀u ∈ P . tu ∈ Q
[Notation: t P ⇒ Q]
• Define ordering on set P(Λ) of truth values by P≤Q
:⇔
∃t ∈ Λ . t P ⇒ Q
⇔
∃t ∈ Λ ∀u ∈ P . tu ∈ Q
• (P(Λ), ≤) is a preorder (with only two elements up to equivalence)
4 / 22
Categorical approach – ordering on semantic predicates
• (Semantic) predicates are used to interpret open formulas • Predicates are families of truth values ϕ, ψ : J → P(Λ)
(J indexing set)
• Ordering on predicates ϕ≤ψ
:⇔
∃t ∈ Λ ∀j ∈ J
. t ϕ(j) ⇒ ψ(j)
• (P(Λ)J , ≤) is a Heyting algebra
5 / 22
Categorical approach – ordering on semantic predicates
• (Semantic) predicates are used to interpret open formulas • Predicates are families of truth values ϕ, ψ : J → P(Λ)
(J indexing set)
• Ordering on predicates ϕ≤ψ
:⇔
∃t ∈ Λ ∀j ∈ J
. t ϕ(j) ⇒ ψ(j)
• (P(Λ)J , ≤) is a Heyting algebra • Compare to pointwise ordering ϕ ≤ptw ψ
:⇔
∀j ∈ J ∃t ∈ Λ
. t ϕ(j) ⇒ ψ(j)
5 / 22
Semantic predicates as indexed preorder
• Functions f : K → J induce monotone reindexing maps f ∗ : (P(Λ)J , ≤) → (P(Λ)K , ≤)
• The mappings J f
7→ 7 →
(P(Λ)J , ≤) f∗
constitute an indexed preorder Q : Setop → Ord
6 / 22
Tripos and topos
Q : Setop → Ord is a tripos, i.e. • All preorders (P(Λ)J , ≤) are Heyting algebras • All reindexing maps f ∗ : (P(Λ)J , ≤) → (P(Λ)K , ≤) have adjoints ∃f a f ∗ a ∀f satisfying Frobenius and Beck-Chevalley conditions • There is a generic predicate tr ∈ Q(Prop) satisfying ∗ ∀J ∈ Set ∀ϕ ∈ Q(J) ∃f : J → Prop . ϕ ∼ = f (tr)
From the tripos Q, we can construct a realizability topos Set[Q] Reference: • J. van Oosten. Realizability: An Introduction to its Categorical Side.
7 / 22
Krivine’s classical realizability – basic ideas
Guiding intuitions: • Combination of Kleene realizability and negative translation • Syntax with continuations instead of CPS translation • Negation replaced by (−) ⇒ R, for convenient R (‘pole’) • different R give different realizability models • new: encode specifications in R
8 / 22
The Krivine Machine Three syntactic classes Terms: Stacks: Processes:
t π p
::= x | λx.t | tt | cc | kπ ::= π0 | t·π ::= t ? π
( t closed, π0 ∈ Π0 ) ( t closed )
where Π0 is a fixed set of stack constants • Λ set of closed terms • Π set of stacks • Λ?Π set of processes Reduction relation on processes: (push) (pop) (save) (restore)
tu ? π (λx . t[x]) ? u·π cc ? t·π kπ ? t·ρ
t ? u·π t[u] ? π t ? kπ ·π t ?π
The first two rules implement weak head reduction The other two capture and restore continuations.
9 / 22
Quasi-Proofs and Poles
To define realizability interpretations we need two more ingredients: Definition QP ⊆ Λ is the set of quasi-proofs, i.e. closed terms not containing any kπ . Observation: t is a quasi-proof iff it does not contain any stack constant π0 Definition A pole is a set ‚ ⊆ Λ?Π of processes closed under inverse reduction Different poles ‚ give different realizability models ... as we shall see now
10 / 22
Truth values, predicates, ordering on predicates • Fix a pole ‚ • Truth values are subsets P ⊆ Π, elements are ‘refutations’ • For t ∈ Λ, P, Q ∈ P(Π) define t P P⇒Q
⇔ ∀π ∈ P . t ? π ∈ ‚ = {u·π | u P, π ∈ Q}
(‘t realizes P’)
• Predicates are families of truth values, i.e. functions ϕ, ψ : J → P(Π) • Define ordering on set P(Π)J of predicates on J by ϕ≤ψ
:⇔
∃t ∈ QP ∀j ∈ J . t ϕ(j) ⇒ ψ(j)
[ Restriction to quasi-proofs to avoid degeneracy ] • (P(Π)J , ≤) is a Boolean algebra • The assignment J 7→ (P(Π)J , ≤) extends to a Boolean tripos K‚ : Setop → Ord, which gives rise to a Boolean topos Set[K‚ ] 11 / 22
Consistency
• Falsity is the set Π of all stacks • K‚ is consistent, if there is no quasi-proof realizing Π ¬∃t ∈ QP . t Π ⇔
¬∃t ∈ QP ∀π ∈ Π . t ? π ∈ ‚
⇔
∀t ∈ QP ∃π ∈ Π . t ? π 6∈ ‚
• This motivates Krivine’s ‘thread model’. It is obtained by postulating a stack constant πt for each quasi-proof t, and defining ‚ = {p | ∀t ∈ QP . t ? πt 6
∗
p}
Krivine, J.L. Realizability algebras II: new models of ZF+DC. 2011
12 / 22
Adding effects
• Krivine uses non-logical instructions to realize axioms “Indeed, when we realize usual axioms of mathematics, we need to introduce, one after the other, the very standard tools in system programming: for the law of Peirce, these are continuations (particularly useful for exceptions); for the axiom of dependent choice, these are the clock and the process numbering; for the ultrafilter axiom and the well ordering of R, these are no less than I/O instructions on a global memory, in other words assignment.” (Realizability algebras II) • instructions in Krivine’s sense are not real ‘side’-effects • to model actual ‘side’-effects, Alexandre Miquel proposes operational semantics based on pairs (p, s) where p is a process and s is a state which can be changed by non-logical instructions Miquel, A. Classical modal realizability and side effects. 2009
• Our account is based on Miquel’s, but different notion of pole
13 / 22
The Krivine Machine with read/write (IOKAM) Syntax extended by I/O and termination instructions: Terms: Stacks: Processes:
t π p
::= x | λx.t | tt | cc | kπ | r | w1 | w0 | end ::= ε | t·π ::= t ? π | >
( t closed ) ( t closed )
Operational semantics defined on configurations (p, σ, τ ) with σ, τ ∈ {0, 1}∗ (τ ) (r0) (r1) (rε) (w0) (w1) (e)
( t ?π , ι, ω) ( r ? t·u·v ·π, 0·ι, ω) ( r ? t·u·v ·π, 1·ι, ω) ( r ? t·u·v ·π, ε, ω) ( w0 ? t·π , ι, ω) ( w1 ? t·π , ι, ω) (end ? π , ι, ω)
(u ? ρ, ι, ω) whenever t ? π u ? ρ ( t ? π, ι, ω) (u ? π, ι, ω) (v ? π, ε, ω) ( t ? π, ι, 0·ω) ( t ? π, ι, 1·ω) ( > , ι, ω)
Intuition: Model of computation that explicitly includes reading and writing of data – instead of ‘values’ or Church numerals.
14 / 22
Properties of the IOKAM
Definition A process p implements a partial function f : N * N, if we have (p, bin(n), ε)
∗
(>, ε, bin(f (n)))
for all n ∈ dom(f ), where bin(n) is the binary representation of n. Theorem (Turing completeness) Every computable f : N * N is implemented by some process p. Proof uses storage operators, which serve to simulate CBV in CBN.
15 / 22
Quasi-Proofs and Poles in presence of I/O Redefine ‘quasi-proof’ and ‘pole’ in presence of side effects: Definition The set QP ⊆ Λ of quasi-proofs is the set of closed terms not containing any I/O instructions r, w0, w1, end. Idea : Quasi-proofs are ‘purely logical’ (continuations allowed) Definition A pole is a set ‚ ⊆ Λ?Π of processes closed under inverse effect-free reduction . Compare: For Miquel (loc. cit.), poles are sets of configurations closed under all inverse transitions. Theorem With these definitions, poles ‚ give rise to triposes K‚ and toposes Set[K‚ ] just as before.
16 / 22
Consistency in presence of I/O
Theorem With the new definitions, a pole ‚ ⊆ Λ?Π is consistent iff every t ∗ π ∈ ‚ \ {>} contains a non-logical instruction. Proof. Recall that consistency means ∀t ∈ QP ∃π ∈ Π . t ? π 6∈ ‚. If all elements of ‚ \ {>} contain non-logical instructions, then t ? ε 6∈ ‚ for any quasi-proof t. Conversely, if t ? π ∈ ‚ is ‘pure’, then kπ t is a quasi-proof-realizing Π.
17 / 22
Poles from specifications
The slogan ‘specifications are poles’ is made precise as follows. Lemma If ‚ ⊆ Λ?Π is closed under observational equivalence, then ‚ is a pole. • Paper uses two different notions of equivalence. • Finer one captures interactivity, based on weak bisimulation • Prime examples do not require interactivity: Example Let f : N * N be a computable function. Then the set ‚f = {p | p implements f } is a pole, which is consistent if f is not everywhere undefined.
18 / 22
Toposes from computable functions
• Poles ‚f give triposes Kf and toposes Set[Kf ] (for for computable f ) • Plan: use toposes Set[Kf ] to study f , in particular wrt complexity • View Set[Kf ] as geometric object, more precisely as ‘space of solutions to algorithmic problem of computing f ’ • Use geometric invariants like cohomology to study shape of Set[Kf ] • Problem: Well-definedness of cohomology not even clear • Look for other ways of understanding the structure of Set[Kf ]
19 / 22
First steps in understanding the structure of Set[Kf ]
• Are the categories Set[Kf ] Grothendieck toposes? Probably not, at least not in a ‘standard’ way (∆ : Set → Set[Kf ] not part of a geometric morphism)
• What is the finite type hierarchy in Set[Kf ]? No idea
• What are the truth values of Set[Kf ]? Not full picture yet, but some structure of f can be encoded in truth values
20 / 22
Relating f and Kf (1) • Kf (1) = (P(Π), ≤) is the order of truth values in Set[Kf ] • Assume f total • For every computable factorization f = g ◦ h define truth value ∗
Pg = {t·ε | ∀n ∈ N . (t ? n·ε, ε, ε)
(>, ε, bin(g(n)))}
Theorem Pg ≤ Pg0 iff g factors through g 0 computably.
h
9N
g
%
k
N h0
%
9N
g0
N
21 / 22
Thanks for your attention!
22 / 22