Extracting Herbrand trees in classical realizability using forcing

Extracting Herbrand trees in classical realizability using forcing∗ Lionel Rieg LIP (UMR 5668 CNRS ENS Lyon UCBL INRIA), ENS de Lyon, Université de Lyon 46 allée d’Italie, 69364 LYON, FRANCE Abstract Krivine presented in [9] a methodology to combine Cohen’s forcing with the theory of classical realizability and showed that the forcing condition can be seen as a reference that is not subject to backtracks. The underlying classical program transformation was then analyzed by Miquel [11] in a fully typed setting in classical higher-order arithmetic (PAω + ). As a case study of this methodology, we present a method to extract a Herbrand tree from a classical realizer of inconsistency, following the ideas underlying the completeness theorem and the proof of Herbrand’s theorem. Unlike the traditional proof based on Kőnig’s lemma (using a fixed enumeration of atomic formulas), our method is based on the introduction of a particular Cohen real. It is formalized as a proof in PAω + , making explicit the construction of generic sets in this framework in the particular case where the set of forcing conditions is arithmetical. We then analyze the algorithmic content of this proof. 1998 ACM Subject Classification F.4.1 Lambda-calculus and related system Keywords and phrases classical realizability, forcing, Curry-Howard correspondence, Herbrand trees Digital Object Identifier 10.4230/LIPIcs.CSL.2013.597 1 Introduction Forcing is a model transformation initially invented by Cohen [1, 2] to prove the relative consistency of the negation of the continuum hypothesis with respect to the axioms of ZermeloFraenkel (ZF) set theory. From a model-theoretic point of view, forcing is a technique to extend a given model of ZF—the base model—into a larger model—the generic extension— generated around the base model from a new set with good properties: the generic filter G. From a proof-theoretic point of view, forcing can be presented as a logical translation that maps formulas expressing properties of the extended model into formulas expressing (more complex) properties of the base model. Through this translation, the properties of the (fictitious) generic set G (in the extended universe) are reduced to the properties of the forcing poset C (in the base universe) that parametrizes the whole construction. Recently, Krivine studied [9] Cohen forcing in the framework of the proofs-as-programs correspondence in classical logic [5, 13, 3] and showed how to combine it with the theory of classical realizability [8]. In particular, he discovered a program translation (independent from typing derivations) that captures the computational contents of the logical translation underlying forcing. Surprisingly, this program transformation acts as a state passing style ∗ This work was supported by the ANR project RÉCRÉ. © Lionel Rieg; licensed under Creative Commons License CC-BY Computer Science Logic 2013 (CSL’13). Editor: Simona Ronchi Della Rocca; pp. 597–614 Leibniz International Proceedings in Informatics Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Dagstuhl Publishing, Germany 598 Extracting Herbrand trees in classical realizability using forcing translation where the forcing condition is treated as a memory cell that is protected from the backtracks performed by control operators such as callcc [5] —thus opening an intriguing connection between forcing and imperative programming. Reformulating this work in classical higher-order arithmetic (PAω + ) and analyzing the corresponding program transformation, Miquel [11, 12] introduced an extension of the Krivine Abstract Machine (KAM) devoted to execution of proofs by forcing—the KFAM—where the forcing condition is explicitly treated as a memory cell in the context of the execution of a proof by forcing. These analogies naturally suggest that Cohen forcing can be used not only to prove relative consistency results, but also to write computationally more efficient (classical) proofs by exploiting the imperative flavor of the forcing condition. In this paper, we propose to instantiate this technique on one example, namely the extraction of a Herbrand tree (see section 2) from a validity proof of an existential formula ∃~x. F (~x) where F (~x) is quantifier-free. Our extraction procedure is based on a proof of a mix between completeness and Herbrand’s theorem using the method of forcing. The key ingredient of this proof is the introduction of a Cohen real (using forcing) that represents all valuations at once. From a computational point of view, we will see that the corresponding program uses the forcing condition to store the tree under construction, thus protecting it from the backtracks induced by classical reasoning. The interest of this approach is that since the conclusion of our semantic variant of Herbrand’s theorem is Σ01 , any proof (program) of the translation of the conclusion (through the forcing translation) can be turned into a proof (program) of the conclusion itself. From this, it is then possible to apply standard witness extraction techniques in classical realizability [10] to extract the desired Herbrand tree. Contribution of the paper This work follows on from [9] and [11]. Its contributions are the following: The extension of the program transformation underlying forcing to a generic filter G (when the forcing sort and its relativization predicate are invariant under forcing). A proof of a semantic variant of Herbrand’s theorem (containing completeness) by forcing where a Cohen real represents all valuations at once in the forcing universe. A formalization of this proof in the formal system PAω + which, through the forcing transformation, gives an extraction process for Herbrand trees. An analysis of the computational content of this extraction process in classical realizability. 2 Herbrand trees 2.1 The notion of Herbrand tree In what follows, we work in a given countable first-order language, and write Term and Atom the countable sets of closed terms and of closed atomic formulas, respectively. Throughout this paper we are interested in the following problem. Let ∃~x. F (~x) be a purely existential formula, where F (~x) is quantifier-tree. Let us now assume that the formula ∃~x. F (~x) is true in all models, and actually in all syntactic models, where variables are interpreted by closed terms t ∈ Term. From this information, we know −−−→ that there is a function H : (Atom → Bool) → Term that associates to every syntactic −−−→ valuation ρ : Atom → Bool a tuple of closed terms H(ρ) = ~t ∈ Term such that ρ |= F (~t) (i.e. a ‘witness’ for the formula ∃~x. F (~x) in the valuation ρ). However, the information provided by the function H is twice infinite: it is infinite in depth since each valuation ρ : Atom → Bool is (a priori) infinite, and it is infinite in L. Rieg 599 width since the set of all such valuations has the power of continuum. Nevertheless, the completeness theorem combined with Herbrand’s theorem sa (...truncated)