Intensional and Extensional Semantics of Bounded and Unbounded Nondeterminism

10/27/2017 ∙ by James Laird, et al. ∙ 0

We give extensional and intensional characterizations of nondeterministic functional programs: as structure preserving functions between biorders, and as nondeterministic sequential algorithms on ordered concrete data structures which compute them. A fundamental result establishes that the extensional and intensional representations of non-deterministic programs are equivalent, by showing how to construct a unique sequential algorithm which computes a given monotone and stable function, and describing the conditions on sequential algorithms which correspond to continuity with respect to each order. We illustrate by defining may and must-testing denotational semantics for a sequential functional language with bounded and unbounded choice operators. We prove that these are computationally adequate, despite the non-continuity of the must-testing semantics of unbounded nondeterminism. In the bounded case, we prove that our continuous models are fully abstract with respect to may-and-must testing by identifying a simple universal type, which may also form the basis for models of the untyped lambda-calculus. In the unbounded case we observe that our model contains computable functions which are not denoted by terms, by identifying a further "weak continuity" property of the definable elements, and use this to establish that it is not fully abstract.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1. Introduction

This paper describes denotational models of sequential higher-order functional computation with nondeterminism, which may be given as an explicit choice operation or arise via an under-specified operational semantics or abstract interpretation of a richer language. Interpreting nondeterminism in a sequential setting presents some novel challenges for denotational semantics — for example, accurately representing the branching points within a program at which choices are made. Moreover unbounded nondeterminism allows programs to be written which will always return a value but may take an unbounded number of steps to do so (corresponding to the notion of fairness [Dji76]). Any sound denotational interpretation of such programs will not be a continuous function, meaning that many standard semantic techniques are not available.

We take an approach which relates extensional and intensional representations of nondeterministic functional programs, by developing the theory of biorders (sets with two partial orders) and applying it to nondeterminism, and defining a new notion of ordered concrete data structure — a game-like structure representing the interaction between a program and its environment at a given type. Our key results are based on an isomorphism between the monotone stable functions between the biorders of states of ordered concrete data structures, and the sequential algorithms which compute them. We show that these equivalent representations may be used to give may-and-must testing models of an “observably sequential” functional programming language with nondeterminism, . These models are fully abstract when restricted to bounded choice, as is shown by identifying a simple universal type, of which every other computational type is a retract. However, the model of must-testing for unbounded non-determinism contains a class of elements which are not definable as terms, leading to a failure of full abstraction and suggesting that it could be further refined by restricting to “weakly continuous” functions.

1.1. Related Work:

Extensional Semantics for Non-determinism. There is a large body of research identifying appropriate order-theoretic structures for representing nondeterminism denotationally, and establishing their relationship to notions of testing and equivalence — e.g. [HA80, Plo82]. The principal difficulty which arises when interpreting countable nondeterminism — the non-continuous nature of such a semantics — may be resolved by weakening the continuity properties demanded (e.g. to -continuity [AP86]). However, this admits many undefinable functions and leaves fewer principles with which to reason about program behaviour (not least, proving that a model is adequate).

In this work we focus on the relationship between sequentiality of (higher-order) functions and non-determinism, axiomatizing the structure required to interpret choice in this setting. More specifically, our approach is based on two orders — an extensional order corresponding to the observable input/output behaviour of functions, and a stable order, capturing, in effect, the minimal computation required to produce a given result. This is foreshadowed by Roscoe’s work on the semantics of CSP (in which the stable order is called the “strong order”) [Ros93a, Ros93b] and Berry’s introduction of biorders [Ber78], which combine both orders in constructing models of functional (but deterministic) languages. In previous work, the author has observed that stable and continuous functions on biorders with a (extensionally) greatest element are sequential in the sense of Milner and Vuillemin, and used them to construct fully abstract models of sequential languages such as the lazy -calculus [Lai03]. However, although these models technically carry information about the way higher-order programs evaluate their arguments, this must be recovered from the graphs or traces of the functions they denote, suggesting that an alternative representation would be valuable for program analysis.

One approach is suggested by the work of Curien, Plotkin and Winskel [CWP97], which describes a fully faithful functor into the category of bidomains from a Cartesian closed category constructed from a model of linear logic based on bistructures. This is a more general representation of bidomains than that given by ordered concrete data structures (i.e. the biorders which are finite-branching states of the latter are strictly included in those which correspond to cliques of the latter). Thus it includes stable and extensionally continuous functions which are not sequential, such as Gustav’s function [Ber78]. As a continuous semantics, it does not capture programs with unbounded nondeterminism.

Intensional Semantics for Non-determinism. Given the success of intensional techniques — in particular, game semantics — in characterizing deterministic sequential computation through fully abstract models of programming languages (with and without side-effects), extending these models with non-determinism by relaxing the determinacy constraint on strategies is a natural step. This was taken by Harmer and McCusker [HM98], who gave a game semantics of Idealized Algol with bounded non-determinism, fully abstract with respect to may-and-must-testing equivalence. This bears clear parallels with our intensional model, e.g. in the separate recording of convergent and divergent traces. Representing the branching behaviour of functional programs without state is more challenging; witness the difficulty of combining innocence with nondeterminism [Har99], resolved in recent work by Tsukada and Ong [TO15] based on a sheaved model, as well as in concurrent games models [RW11] This succeeds in characterizing the definable elements in a model of the -calculus with choice, although it does not capture their observational equivalence in a direct or effective manner. Intensional models of unbounded nondeterminism encounter challenges related to non-continuity — as noted in [HM98] representations of strategies as collections of finite sequences of moves are insufficient to capture the distinction between infinite interactions and finite, but unbounded ones, and Levy [Lev08] describes a semantics of recursively defined nondeterministic programs in terms of their infinite traces. Our model similarly contains representations of infinitary interaction, although these are positions which may be reached by (potentially, many different) ordinal chains of events.

The intensional semantics for nondeterminism developed here is based on concrete data structures, which were introduced by Kahn and Plotkin [KP93], as part of a definition of sequentiality for (deterministic) higher-order functionals (see further discussion in Section 5.2), although they offer an appealing model of computation in their own right, via the notion of sequential algorithm [BC82]. On the one hand, concrete data structures correspond to a positional form of games, and sequential algorithms to positional strategies (see e.g. [HS02]). On the other, sequential algorithms may be related to purely extensional models: in the deterministic case, Cartwright, Curien and Felleisen [CCF94] have established that they compute, and are equivalent to “observably sequential” functions; the author has given a more abstract representation of the latter as bistable functions on bistable biorders [Lai07a, Lai05].

Berry and Curien’s deterministic sequential algorithms give a strongly sequential representation of programs — in each position the data required to compute further is unique (each cell is filled with a unique value). By contrast, we describe a weakly sequential interpretation — which may be required either because evaluation is explicitly non-deterministic, or because evaluation order is not observable — by abandoning this consistency condition. However, this also requires an ordering on cells and values (corresponding to game positions), to reflect the fact that (for example) any program which may diverge in response to a given argument may still diverge in response to an argument with a wider range of behaviours. This notion of an ordered concrete data structure was first introduced in [Lai09], in which stable and continuous functions were shown to correspond to finite-branching sequential algorithms. Extension to unbounded nondeterminism [Lai15] requires a new notion of transfinite (ordinal-indexed) interaction, to distinguish computations which are infinite from those which are finite but unbounded.

1.2. Outline of the Paper

Section 2 recalls and brings together some earlier work by using it to give a biorder semantics of a minimal functional language with non-determinism, . This illustrates some features of sequential nondeterministic higher-order functions, and motivates the rest of the paper which expands and elaborates on this model. Section 3 extends it with infinitary data (natural numbers) and fixed points, allowing the expression of unbounded nondeterminism, and shows that these may be interpreted soundly by introducing notions of completeness and continuity to biorders. Section 4 introduces ordered concrete data structures (ocds), and shows that their sets of states form biorders, and Section 5 shows that these categories are Cartesian closed, by defining the internal hom of two ocds, and showing that its set of states is isomorphic to the biorder of monotone and stable functions between them. Section 6 returns to the semantics of nondeterminism, proving full abstraction and universality results for the models of bounded nondeterminism, and describing by example the role of infinitary proofs in the must-testing semantics of unbounded nondeterminism, leading to a proof that it is not fully abstract.

2. Non-determinism and Weak Sequentiality

Consider , the simply-typed -calculus over a single base type with two ground type constants — (representing divergence) and (representing immediate termination, due to error, deadlock etc.) — and a binary choice operation , which we write infix. Programs (closed terms of type ) may be reduced by leftmost outermost reduction, of to and to either or . If every such reduction of terminates with then we say that must converge, () and if some reduction of terminates with then we say that may converge ().

Alternatively, these may and must convergence predicates may be defined via the “big step” reduction rules in Table 1 (in which the rules in the top row apply to both may and must convergence predicates).

 
Table 1. Big-step rules for May and Must Testing

They are used as the basis for the following notions of observational approximation on terms of :

May Testing:

if for all compatible program contexts , implies .

Must Testing:

if for all compatible program contexts , implies .

May-and-Must Testing:

if and .

We obtain an equivalence by the intersection of each approximation relation with its converse. For example, let be the type , which contains as its equivalence classes (in each case) the values and , the error and divergence terms and and the non-deterministic choice . We have and .

We make the following observations:

  • The notions of approximation and equivalence are extensional, in the sense that closed programs of function type will be observationally equivalent if and only if they are equivalent when applied to any closed term. So, in particular, there are only finitely many equivalence classes at each type.

  • In this finitary setting, may testing and must testing (and thus the corresponding notions of approximation and equivalence) are dual, in the sense that if and only if . So one model will suffice for both.

  • The operational semantics for must-testing is the same as that given for Unary PCF in e.g. [Loa98]. Unary PCF is the simply-typed -calculus over a ground type containing a single value, and a single binary operator on this type which tests both of its arguments for convergence to that value. The latter is usually regarded as a sequential composition, but since the order of evaluation is not observable, the arguments may be evaluated in either order, or in parallel, or non-deterministically.

By relating non-determinism to Unary PCF we may use some important facts about the latter — including that its observational equivalence is decidable [Loa98], and that it has a universal model in the category of biorders and monotone stable functions [Lai03]. Conversely, our sequential algorithms model may be seen as a solution to the problem of giving a corresponding intensional semantics of Unary PCF.

Unary PCF (and thus ) is a simple example of a weakly sequential functional language: for any term there is some such that implies , but this sequentiality index may not be unique. As is shown in this instance, weak sequentiality may arise because evaluation is non-deterministic, or because the order of evaluation is underspecified or unobservable. Other examples of weakly sequential languages include PCF itself (for which the fully abstract model is known to not be effectively presentable [Loa00]), and the call-by-value and lazy -calculi [Abr90] — e.g. in the absence of side-effects such as mutable state, a call-by-value application may be evaluated by first evaluating to a value, then , or vice-versa (or, indeed, non-deterministically or in parallel) — which do have effectively presentable fully abstract models based on biorders [Lai03].

Intensional (game) semantics are typically based on explicitly sequential representations of interaction such as sequences of moves: one of the aims of the current work is to investigate a model of higher-order computation which is intrinsically weakly sequential. The following example illustrates why this is needed to give fully abstract semantics of non-deterministic functional programs. Define the following terms of type

  • , (i.e. )

  • ,

  • ,

  • .

Each of these terms is (may or must) observationally distinguishable from the others — and are strict in their first argument and so may be distinguished from and (which are strict in the second) by application to and . When applied to truth values, and return their first argument and so may be distinguished from and (which return their second argument) by application to and . However the terms and are may-and-must equivalent — both may test their arguments in either order, and return either one of them. Note that they are observationally distinguishable using mutable state (e.g. in erratic Idelaized Algol), by using an imperative variable to record the order in which the arguments were tested after the function returns.

2.1. Biorders and Stable Functions

Turning to denotational semantics, we recall, redefine and develop the notion of biorder [Ber78, CWP97]. At its most basic a biorder is a set with two partial orders, related as follows:

Definition 2.1.

A biorder is a set with two partial orders (the extensional and stable orders) such that any non-empty set which is bounded above in the stable order (for which we may write ) has a greatest lower bound in that order, which is also a least upper bound for in the extensional order.

Note that it is a consequence of this definition that the stable order is contained in the reverse of the extensional order (unlike [Ber78], which also gives a more restrictive definition). This will draw out the contrast between stable and extensional continuity, which both play a role in our semantics.

We shall say that a biorder is extensionally pointed if it has an extensionally least element, , stably pointed if it has a stably least element (note that the latter element is greatest in the extensional order), and just pointed if it has both.

Key constructions on biorders include:

  • For any family of biorders , the (set-theoretic) product and disjoint sum with both orders defined pointwise.

  • If is a biorder, its stable lifting is given by adding a new element to which is least with respect to the stable order (and thus greatest with respect to the extensional order).

From these constructions we obtain the empty biorder, the one-element biorder and its stable lifting — the (pointed) biorder , with two elements such that and . For any set , we write for the disjoint sum (in which the extensional and stable orders are both the discrete order).

To define a category of biorders, we recall Berry’s notion of stable function.

Definition 2.2.

A function between partial orders is stable if it it is monotone and for any and there exists such that and for all , implies .

The relationship between stability and bounded infima may be summed up as follows:

Lemma 2.3.

If partial orders and have bounded infima then is stable if and only if it preserves all bounded infima.

Proof.

From left-to-right, suppose is bounded above by , then taking there exists such that and for all , and thus as required.

From right-to left, given , take . ∎

We define a category in which objects are biorders, and morphisms from to are functions from to which are monotone stable — i.e. monotone with respect to the extensional order and stable with respect to the stable order. This concrete category is Cartesian closed — the product of biorders is a cartesian product and the internal hom is the biorder consisting of the set of monotone stable functions from to with the extensional (Scott) and stable (Berry) orders on functions — i.e.

if for all ,

if for all and .

The infimum of a stably bounded set of monotone stable functions is given pointwise — i.e. , which is clearly stable and monotone, and a -supremum for .

It is well known (and an interesting exercise to prove) that stability of implies stability of its currying and vice-versa. Thus and are naturally isomorphic and so is Cartesian closed, as is its subcategory of pointed objects. So, in particular, it contains may and must testing denotational semantics of in which the ground type is interpreted as the biorder , the choice operator as the extensional join operator (which is monotone stable), and the constants and as and (respectively) in the may-testing model and and in the must-testing model.

Proposition 2.4 (Computational Adequacy).

if and only if and if and only if

Proof is simple based on strong normalization of the -calculus and soundness of the reduction rules. We will give a proof of adequacy for a conservative extension of this model (Proposition 3.23).

2.2. Sequentiality and Universality

Sequentiality for higher-order functions may be defined in a variety of ways, which will be discussed further in later sections: via Kahn-Plotkin sequentiality indices [KP93] (see Section 5.2), via correspondence with an explicitly sequential representation such as games or sequential algorithms (Section 5), or via universality and full abstraction results for an interpretation of a sequential language (here, for and in Section 6 for a more expressive extension). First, we recall from [Lai03] a simple result establishing that conditionally multiplicative functions on biorders are sequential in the “first-order” sense of Milner and Vuillemin.

Definition 2.5.

Let be pointed biorders. A function is strict if and -strict if implies .

Proposition 2.6.

[Milner-Vuillemin Sequentiality]Any strict morphism is -strict for some .

Proof.

Define (for and ), the insertion by if and , otherwise.

Then is stably bounded above by , and has stable greatest lower bound so and so by stability of , for some . Hence for all , as . ∎

Note that a function may be -strict for several values of (for example, the function from to sending to ). In other words our model contains weakly sequential functions, as expected.

It was shown in [Lai03] that any (Milner-Vuillemin) sequential and order-extensional model of Unary PCF in a CCC which interprets the ground type as the two-point order, is universal (i.e. every element is denoted by a term) and thus fully abstract. We sketch a simplified version of the proof here, which is the basis for a proof of universality for an infinitary extension of in Section 6.

Proposition 2.7.

The biorder semantics of are universal.

Proof.

By duality, we may give the proof for the must-testing model only. For any types and , and , write if there is a definable retraction from to – that is, there are terms and such that .

The following facts are evident:

  • If then universality at type implies universality at type .

  • Universality holds at type , since the only elements of are the functions denoted by , and .

So it suffices to prove for all types , that for some , by induction on , for which the key step is to show that , which follows from these two facts:

  • — by the retraction , and . For each element (i.e. we have .

  • by the retraction , and . For any element ,
    by stability.

Proposition 2.8 (Full abstraction).

iff and iff .

Proof.

This follows from adequacy, universality and extensionality of the model following standard arguments as in [Plo77]. ∎

Thus, we have given a fully abstract semantics of a simple, sequential non-deterministic functional language using biorders. In the remainder of the paper, we will extend it to a a fully expressive model of computation, and give an intensional characterization of its types and programs.

3. and its semantics

is too limited to describe generalized higher-order non-deterministic computation because it lacks infinitary datatypes. In particular, this means that there is no real distinction between may and must testing (witness the formal duality between them) and there is no possibility of describing unbounded nondeterminism and comparing it with the binary choice operation. Thus we define a new prototypical language by extending with a type of natural number values — i.e. terms of type do not have computational effects (nondeterminism or non-termination). Maintaining this distinction between computation and value types (as in call-by-push-value [Lev04]) simplifies programming with non-determinism and allows construction of fully-abstract semantics of richer languages by CPS interpretation.

Types of are either pointed (computation) types or possibly unpointed (value) types , given by the grammars:

Terms are formed by extending with the following constants and operations:

  • Expressions of type , given by the grammar .

  • Equality testing: given expressions , .

  • Fixed point combinators: for each pointed type .

  • Unbounded Choice: , which nondeterministically chooses a numeral to which its argument is applied.

may be regarded as a target language for continuation-passing-style translation of languages with bounded and unbounded nondeterminism, with as the return or answer type. Most simply, by defining the type of natural number computations to be the type , we may express the language SPCF (observably sequential PCF [CF92]) extended with bounded (binary) or unbounded (natural number) choice. For example, we may define

SPCF is itself an extension of PCF with a simple non-local control operator () and some error terms which immediately abort computation (in this case, a single such term, ). It provides a complete syntactic representation of the (strongly) observably sequential functions (and the corresponding deterministic sequential algorithms) [CCF94, Lai07a] as demonstrated by full abstraction and universality results — this paper may be seen as an extension of these results to weakly observably sequential functions and non-deterministic sequential algorithms.

3.1. Operational Semantics

We give may and must testing operational semantics for programs (closed terms of type ) by extending the rules for (Table 1) with the additional rules in Table 2.

Table 2. Operational Semantics for

The definitions of may, must and may-and-must approximation and equivalence extend directly from . Also as in , the presence of the error element makes the language extensional — any terms of function type are observationally equivalent if (and only if) applying to the same argument returns equivalent results. (This is essentially Milner’s Context Lemma [Mil77] and may be proved using the same techniques.) In particular, we will use the result for must-equivalence in Section 6.

Lemma 3.1 (Function Extensionality).

For any closed terms , if for all then .

3.2. Unbounded Nondeterminism

gives us a setting in which we may express programs with unbounded non-determinism — they may evaluate to (countably) infinitely many different values without diverging. Evidently, we may express bounded choice up to may-and-must-equivalence using unbounded choice — e.g. . Conversely:

Proposition 3.2.

is macro-expressible up to may-testing equivalence in bounded .

Proof.

The terms and are may-equivalent. (They denote the same elements in our fully abstract model of may-testing.) ∎

Note that this equivalence fails with respect to must-equivalence (evaluation may always take the right hand branch of the binary choice and so diverge), as will any such attempt to define countable choice using bounded choice (a term which reduces to infinitely many different values will have an infinite reduction path by König’s lemma and may therefore diverge). In other words:

Proposition 3.3.

is not macro-expressible up to must-testing using binary choice.

Formal proof of this claim is straightforward in our fully abstract model.

Remark 3.4 (Fairness).

One reason for studying unbounded nondeterminism is its close connection with the notion of fairness, according to which an event will eventually occur, even if it is not possible to bound the number of steps taken before this happens. For example, suppose we wish to implement a type with constants (which supplies a coin to its argument) and which tosses its first argument and chooses its second or third argument depending on whether the result is heads or tails, and passes the tossed coin to it.

A necessary condition for an implementation of to be fair is that tossing a new coin will eventually come up heads, but may require an unbounded number of tosses to do so. In other words, a program which repeatedly tosses a coin and increments a counter until it gets a head, and then returns the contents of the counter may return any number value (but not diverge) — i.e. is must-equivalent to . So a fair coin may be used to express unbounded choice and is therefore not definable in bounded by Proposition 3.3. Conversely, in unbounded we may implement a coin which passes the fairness test, e.g. by defining the macros , and .

Remark 3.5 (Abstract Interpretation).

Another setting in which unbounded nondeterminism may arise is in the “abstract interpretation” of a domain with infinitely many states as a finite domain — the “concretization” of such an abstract interpretation may then represent a single abstract state as an unbounded choice of concrete states. Observe that in , countable nondeterminism may be used to define an embedding-projection pair from the type to — the terms and satisfy and . In other words, there is a Galois insertion between and , giving an abstract interpretation of the former, infinitary type inside the latter, finitary one, which we may use to define, inductively, a Galois connection between each pointed type of and the corresponding type of obtained by erasing all instances of .

3.3. Continuity

A challenge encountered in defining and reasoning about an adequate denotational semantics of must-testing for programs with unbounded non-determinism is that it cannot be continuous with respect to the must ordering (on must-equivalence classes of terms).

For instance, define , so that iff . It is easy to see (and prove using our fully abstract model) that for each , and that the -least upper bound for this chain of terms (up to must-equivalence) is the term . However, whereas may diverge for all , must converge — i.e. cannot denote a function which is continuous with respect to the must-ordering.

Another example shows that function application is not continuous in the function component either — or in other words, that least-upper bounds of chains of functions are not given pointwise, in general. For instance, let , which nondeterministically supplies to its argument a numeral greater than or equal to . It is evident that for each , and that the -least upper bound for this chain of terms (up to must-equivalence) is the term . However, diverges for all , but must converge.

This suggests that we cannot define well-behaved fixed points for functions by taking least fixed points of chains of approximants with respect to the must-approximation ordering. This problem will be resolved semantically by defining least fixed points with respect to the stable order rather than the extensional (observational) order. Application is stably-continuous with respect to chains of functions, although not their arguments. (The defined above denote a stable chain in our model, but the do not.)

3.4. Complete Biorders

To extend our model of to we require biorders which are directed complete with respect to at least one of their orders, in order to define least fixed points with respect to that order. We now define these notions of complete biorder.

Definition 3.6.

An -indexed family of elements of a biorder is -directed if for all there exists such that . is extensionally complete if the extensional order is directed complete — i.e. every such family has a least upper bound, and for any -directed -indexed families and , for all implies .

It is not hard to show that the product, disjoint sum, lifting and function-space preserve extensional completeness.

The requirements for a biorder to be stably complete are slightly more involved. They include a “bounded distributivity condition” requiring certain bounded meets to distribute over directed joins, which will be used to define CCCs of stably complete biorders.

Definition 3.7.

A stable upper bound for a set of stably directed, -indexed families over a biorder is an -indexed, stably directed family such that for all and , , and for all , .

is stably complete if the stable order is directed complete and for any stably bounded set of stably directed -indexed families of elements, .

A biorder is bicomplete if it is both extensionally and stably complete.

It is easy to see that the coproduct and product of families of stably complete domains are stably complete. To show that lifting preserves stable completeness (so in particular is stably complete) is a little harder. Note that the above distributivity property does not hold in general for unbounded sets of stably directed families over (i.e. it is not a completely distributive lattice) — take, for example the set of families with if and otherwise, which satisfies and .

Lemma 3.8.

If is stably complete then is stably complete.

Proof.

We check that the bounded distributivity property holds. Suppose the set of -indexed directed families is bounded above by . By definition, . If then defining , we have a set of -indexed directed sets of elements of , bounded above by and so by stable completeness of .

So we need to consider the case in which (a) and (b) . We claim that this implies for all and and so in fact as required. To prove the claim, choose any . There exists such that by and such that by . Because , we have , and hence for all as required. ∎

Lemma 3.9.

If is stably complete then is stably complete.

Proof.

Joins of stably directed sets, are defined pointwise (i.e. function application is continuous with respect to functions). To show that these are stable, we need to show that they commute appropriately with bounded meets using the bounded distributivity property. Suppose is a stably directed set of monotone stable functions from to , and is a set of elements stably bounded above by . Then the set of stably directed -indexed sets is stably bounded above by — for any , we have for all and for any there exists with and so . Thus, by the bounded distributivity condition: . ∎

So, in particular, the full subcategory of consisting of bicomplete biorders is Cartesian closed. We define the following subcategories of in which morphisms are continuous:

  • — objects are extensionally complete biorders and morphisms from to are functions from to which are continuously stable — i.e. they are monotone stable and preserve suprema of extensionally directed sets.

  • — objects are stably complete biorders and morphisms from to are functions from to which are stably continuous — i.e. they are monotone stable and preserve suprema of stably directed sets.

Each of these categories is Cartesian closed, with products given pointwise, and internal homs given the by relevant biorder of functions — i.e. is the restriction of to continuously stable functions and is the restriction of to stably continuous functions. We need to check that in each case this defines an object of our category — i.e. is (respectively) extensionally complete or stably complete. We give the second (more interesting) case.

Lemma 3.10.

If and are stably complete then is stably complete.

Proof.

The proof follows that of Lemma 3.9. We also need to show that if is a set of continuously stable functions, stably bounded above by a continuous function , we need to show that is continuous: if is a stably directed set then for all , and so as required. ∎

Finally, we need to check that the isomorphism of biorders restricts to each of our categories — i.e. is respectively continuously stable or stably continuous if and only if is continuously stable/stably continuous. This is straightforward, based on these properties for the Scott and Berry orders. Thus we have shown:

Proposition 3.11.

The categories and are Cartesian closed.

As an example we show that for any set , the function space corresponds to a powerdomain biorder on , justifying the identification of the type with the type of natural number computations.

Definition 3.12.

Given a set , let be the biorder consisting of subsets of , with the extensional order being inclusion and the stable order discrete.

(This is an instance of a more general powerdomain construction on biorders.) There is an evident strict morphism sending to . To show that this is an isomorphism by giving an inverse, we define:

Definition 3.13.

Given monotone stable let be the set of such that is -strict (the sequentiality indices of ). By Proposition 2.6 this is non-empty if and only if is strict.

Lemma 3.14.

If for all then .

Proof.

If is not strict then . Otherwise, noting that implies , we have by stability of . ∎

Proposition 3.15.

The biorders and are isomorphic in .

Proof.

By Lemma 3.14, if and only if for some , and thus we may define an inverse to by , if and , otherwise. ∎

is continuously stable (so ) but not stably continuous (cf. the non-continuity of unbounded choice with respect to must testing).

Lemma 3.16.

If is stably continuous then is finite.

Proof.

Given define by if and otherwise. Then and so if is stably continuous, for some finite . Then for all , -strictness of entails that . Thus and thus is finite. ∎

So defining to be the restriction ofn to finite subsets of , we have: .

3.5. Denotational Semantics of

To interpret recursive higher-order programs, we require fixed points of endomorphisms , where is extensionally or stably complete and pointed. These may be obtained in standard fashion, as (extensional or stable) suprema of the chain of approximants . In the categories and , which are cpo-enriched, the fixed point is reached at , whereas in the category of biorders and monotone stable functions it may be necessary to continue the chain beyond , but it will still reach a stationary point [AP86].

Proposition 3.17.

If is stably (resp. extensionally) complete and pointed then every monotone stable function has -least (resp. -least) fixed points.

Proof.

Define the chain of stable approximants for each ordinal by:

  • ,

  • ,

  • if .

By Hartog’s Lemma this has a stationary point, which is a -least fixed point for — evidently if is -continuous (preserves suprema of -chains) then this stationary point is . ∎

We now have the basis for may-testing and must-testing semantics of in our categories of biorders — more precisely:

  • May-testing and must-testing semantics of unbounded in the category of bicomplete biorders and monotone stable functions. (As we have noted, unbounded choice is expressible up to may-testing in bounded , so the bounded/unbounded distinction is moot in this case and we focus on must-testing for unbounded nondeterminism).

  • A must-testing semantics of bounded in the category of extensionally complete and stably continuous functions.

  • A may-testing semantics of bounded/unbounded in the category of stably complete and continuously stable functions.

(Pointed) types are interpreted as (pointed) biorders : denotes the biorder , the type denotes the discrete biorder of natural numbers and the relevant function-space. Terms denote morphisms from to , derived from the Cartesian closed structure of each category, together with:

  • The extensional join operation: denotes the bounded (binary) join and denotes the infinite join .

  • Error: In the must-testing models, denotes the extensionally least element . In the may-testing model, it denotes the stably least element (greatest extensional element) .

  • Fixed points: denotes a least fixed point of the function . In the must-testing models it denotes the stably least fixed point and in the may-testing models it denotes the extensionally least fixed point.

3.6. Computational Adequacy

Soundness of the reduction rules with respect to the denotational semantics follows from the structure identified in our categories, yielding:

Proposition 3.18.

implies and implies .

We establish the converse for terms of type (computational adequacy) by defining “approximation relations” in the style of Plotkin [Plo85]. The models in which this proof is not completely standard are those which are not -cpo-enriched — in particular, the case of unbounded nondeterminism with must-testing, which we give here. Plotkin’s proof still adapts to this case because fixed point combinators denote least upper bounds of stable chains, which are defined pointwise at function type.

For each type we define a relation between elements of and closed terms of type :

  • if .

  • if implies .

  • if implies .

We want to show that every program is approximated by its denotation, for which we use the following two lemmas, proved by straightforward induction on type structure.

Lemma 3.19.

If implies then implies .

Lemma 3.20.

If is a stable chain of functions such that for all then .

The key lemma for our proof establishes that the fixed point combinator is approximated by its denotation.

Lemma 3.21.

For any pointed type ,

Proof.

We show by induction on that for each approximant to — i.e. if, then .

  • For , we have .

  • If then by hypothesis , and so . Since implies , by Lemma 3.19.

  • For , we have by Lemma 3.20.

So as required. ∎

The rest of the proof is now standard — the approximation relation is extended to open terms by defining if and implies .

Proposition 3.22.

If then

Proof.

By structural induction on .

  • If is a value or application then by definition of the approximation relation

  • If and , then by hypothesis, and implies and so by Lemma 3.19 above.

  • If , then for any , either or for all