URL: http://www.elsevier.nl/locate/entcs/volume31.html 24 pages

Böhm's Theorem for Berarducci Trees1

Mariangiola Dezani-Ciancaglinia Paula Severib Fer-Jan de Vriesc

a Dipartimento di Informática, Universitá degli Studi di Torino Corso Svizzera 185, 1014-9 Torino, Italia, Em,ail: dezani@di.unito.it

b Centro de Matemática, Facultad de Ciencias, Universidad de la República Oriental del Uruguay, Iguá 4225 CP II4OO, Montevideo, Uruguay, E-mail: severi@cmat.edu.uy

c Computer Science Division, Electrotechnical Laboratory, 1-1-4 Umezono, Tsukuba, Ibaraki 305 Japan, E-mail: ferjan@etl.go.jp

Abstract

We propose an extension of lambda calculus which internally discriminates two lambda terms if and only if they have different Berarducci trees.

1 Introduction

The Lambda Calculus is a theory of functions that serves as a foundation for the functional programming paradigm. Lambda terms in this view are idealized programs. There are essentially two ways of characterizing the meaning of lambda terms. The first one is to run the program and to study the output. The second one is to observe the effect of the program when used as a subprogram in other programs.

With respect to the first approach, traditionally the output of a lambda term was described by its Bohm tree. But also Levv-Longo trees and more recently Berarducci trees have been used. In this paper we will focus on Berarducci trees. These trees provide the possible output of a lambda term in greatest detail.

The idea behind all these different concepts of tree is stable information, that we can recover by reducing the terms. This is the token of information

1 This paper was made possible thanks to the hospitality ETL offered in the March 1999 to both Mariangiola Dezani and Paula Severi.

©2000 Published by Elsevier Science B. V.

which cannot be altered by further reductions but can only be added upon, (As an example the reader may think of the calculation of the \/2- The calculation process merely adds decimals to the already calculated decimal expansion), If one organizes all the stable information that can be obtained from a computation and orders it according to the order it is produced, then it is quite natural to obtain a tree representation of the information implicitly contained in the original term. There exist many tree representations in literature, depending on the possible notions of stable relevant information [16], [17], [3], If only head normal forms are stable, i.e., terms of the shape Xxi... xn.yMi.., .!/„,. then we obtain the notion of Bohm trees [4], If we consider stable weak head normal forms (i.e. also all abstractions) we get the notion of Levv-Longo trees [23], Lastly when all top normal forms (i.e. also applications MN where M never reduces to an abstraction) are viewed as stable we obtain the notion of Berarducci trees [7],

The second approach to the meaning of lambda terms puts lambda terms inside contexts and observes when they reduce to values. This leads to a notion of observational equivalence that is parametric with respect to the set of values considered. Natural choices are the sets of normal forms, head normal forms, weak head normal forms, and top normal forms.

In this paper we will consider the case that the set of values is the set of the top normal forms, that is we will consider Berarducci trees,

1.1 Berarducci Trees

Berarducci trees arise in a natural way when we look at the parsing trees of lambda terms (see for example [25]), In this representation the abstraction with respect to a given variable is an unary operator and the application (explicitly denoted by @) is a binary operator. For example the term (Xx.x)(Xy.y)

is represented bv Xx Xy. As a matter of fact, (Xx.x)(Xy.y) reduces to I I

Xy.y, so we can conclude that if we are looking at lambda terms modulo /3-

equality a better tree representation of (Xx.x)(Xy.y) is | ,

This suggest to draw only the nodes of the parsing tree which will never be changed by /3-reduetion, It is clear that when the root of a parsing tree is an abstraction or a variable (in this last case, the root is also a leaf) it is stable, i.e. it will never change by /3-redueing the corresponding term. The case in which the root is an application node requires more care. But it is immediate to understand that in this case the root is stable if and only if the root of the left subtree will never become an abstraction, or equivalentlv if and only if the subterm in functional position will never reduce to an abstraction (i.e.

to a term of the shape Ax.M). The above discussion justifies the following definitions of zero terms, rootstable terms, rootaetive terms and Berardueei trees.

Definition 1.1 For terms in the pure lambda calculus we define:

(i) a zero term is a term which cannot reduce to an abstraction,

(ii) a rootstable term [16] is a term which cannot reduce to a redex,

(iii) a rootaetive term [16] is a term of which any reduct can reduce to a redex,

(iv) 1Z denotes the set of rootaetive terms in the pure lambda calculus A,

Note that a term is rootaetive if and only if it cannot reduce to a rootstable term. The term III is an example of a term which is neither rootaetive nor rootstable but it is a term which can reduce to a rootstable term,

Rootstable terms have concrete forms which can not change anymore after further reduction: they reduce either to a variable, to an abstraction or to a term of the shape MN where M is a zero term. These forms are called top normal forms in [7], In the terminology of [1] we let rootstable terms take the role of values and rootaetive terms the role of divergent terms.

Definition 1.2 [7] The Berardueei tree T(M) of a lambda term M is defined by coinduction as a possible infinite term in the infinitarv extension Aj° of the pure lambda calculus with a fresh constant ±:

(i) if M ^ x, then T(M) = x

(ii) if M XX.N, then T(M) = \

(iii) if M —.1 /1.1 /•_>. where Mi is a zero term, then T(M) =

T(Mi) T(M2)

(iv) otherwise, (exactly when M is rootaetive) T(M) = ±.

This gives an equivalence relation: two lambda terms are equivalent if and only if they have the same Berardueei tree (modulo «-conversion, as defined in [16]).

1.2 Observational equivalence

A completely different way of comparing lambda terms is observational equivalence [21], in which we say that M is equivalent to N iff:

VC[ ] G A C[M} eU^ C[N} E 11.

Here we put M and N in various contexts and observe whether the behavior of M and N in those contexts is the same, that is whether C[M] and C[N]

can both produce stable information, that is if they both reduce to rootstable terms, Berarducci tree equality implies observational equivalence [24]:

Theorem 1.3 For all M, N E A, T( M) = T{N) implies VC[ ] G A C[M] E u ^ c[n] E tl.

This can be easily seen with help of the fact that

t(c[m]) = t(c[t(m)})

which directly follows from the unique normal form property of the infinitarv lambda calculus extended with a rule like:

M —_L if M is rootactive.

The Berarducci tree of a term is nothing else but its unique normal form in this calculus. The proof of the implication then becomes simply:

c[m} eu^ t(c[m}) = ±<=> T(c[T(m)}) = ±<=>

^ T(C[T(N)}) = ±<=> T(C[N}) =±<=> C[N] E 11.

However the converse is not true: observational equivalence does not imply Berarducci tree equivalence. For example one can check that there is no context C[ ] such that C[00] is rootactive and C[000] is not, or vice versa,

where O = (Xx.xx)(Xx.xx). The terms ilil and ililil have different Berarducci

@ / \ trees, since thev are / \ and @ ±.

-L -L / \

1.3 Summary

In this paper we will define an extension A0a of the pure lambda calculus A and a reduction relation —^30A for which we can prove:

Theorem 1.4 For all M, N E A it holds that

T(M) = T{N)

if and only if

C[M] E Uoa <=> C[N] E Uoa for all C[ ] E Aoa,

where TZoa is the set of rootactive terms in Aoa (with respect to H^oaJ-

The "if" part will be proved by a variation on the Bohm out technique. For the "only if" part we adapt techniques from infinitarv lambda calculus,

1-4 Background

Historically, quoting from [4] (page 215), "the notion of Böhm tree is suggested by the original proof of Böhm's theorem", Böhm's theorem states that given two distinct /^-normal forms there is a context C[ ] such that C[M] = x and C[N] = y, where x, y are arbitrary distinct variables. The method used to find such a context is called the Böhm, out technique [4](Section 10,3),

In [25] Wadsworth, generalizing Böhm's theorem, shows that two lambda terms M, N have the same Böhm tree modulo infinite ^-expansions iff for all contexts C[ ] the following holds:

C[M] has a head normal form C[N] has a head normal form.

The proof technique used to obtain this result is the Böhm out technique. The same property holds even considering Böhm trees modulo finite 77-expansions and normal forms, as shown in [13], More precisely Hvland proves, using the Böhm out technique, that two lambda terms M. N have the same Böhm tree modulo finite ^-expansions iff for all contexts C[ ] the following holds:

C[M] has a normal form C[N] has a normal form.

The results of [25] and [13] can be rephrased as follows: the lambda calculus internally discriminates as Böhm tree modulo infinite (respectively finite) ^-expansions when the set of values is the set of head normal forms (respectively normal forms).

To internally discriminate terms having different Böhm trees Dezani-Intrigila-Zilli [11] add to the pure lambda calculus a non-deterministic choice operator + and an adequate numeral system (as defined in Section 6,4 of [4]), The reduction rules for + are:

M + N —y M and M + N —y N.

Clearly the non-deterministic choice operator allows to gain definability of combinators like Plotkin's parallel-or [22] when one considers may convergence, under which a term converges if at least one of the possible computations (properly reductions) starting from it ends. This extension increases the power of the lambda calculus to detect convergence internally also in those cases in which a term converges as soon as at least one of its subterms does, no matter in which order they are evaluated. This amounts to have the definability of all compact points in a standard model, that is, by Milner's theorem [20], to have a fully abstract interpretation for the language. The numerals play an essential role to discriminate between a term possessing head normal form and its ^-expansion, essentially since they can never be applied to an argument,

while all pure lambda terms can be seen both as functions and as arguments. This result is proved using a variation of the the Böhm out technique as well as characteristic terms and test terms [8].

Instead, Levv-Longo trees correspond to observational equivalence with respect to weak head normal forms in suitably enriched versions of the lambda calculus, as shown in [23], [9], [12], Now, we shortly recall such approaches.

In [23], Sangiorgi considers the embedding of lazy lambda calculus in some concurrent calculi. First, Milner's encoding of lazy lambda calculus in tt-calculus is studied. Then the lazy lambda calculus is enriched with a simple non-deterministic operator, which, when applied to an argument, either gives the argument itself or diverges. In both cases the processes are compared using bisimulation. The proof technique is the Böhm out technique.

On the other side, Boudol and Laneve [9] introduce a "resource conscious" refinement of lambda calculus, in which every argument comes with a multiplicity. The reduction process (which uses explicit substitutions in an essential way) remains deterministic, but a deadlock can appear. The terms are compared by means of the standard observational equivalence. The proof technique is again the Böhm out technique,

Dezani-Tiurvn-Urzyczyn [12] consider the behavior of pure lambda terms inside contexts of the concurrent lambda calculus as defined in [10], This calculus is obtained from the pure lambda calculus (with call-bv-value and call-bv-name variables) by adding the non-deterministic choice operator discussed above and a parallel operator ||, whose main reduction rule is

M —y M' N —y N' M\\N —y M'\\N' ^^

where —y stands for one-step reduction.

The terms are compared by means of the standard observational equivalence, The proof technique is that of characteristic terms and test terms,

2 Extending A-ealeiilus

Besides the pure lambda calculus A and its extension A0a we define the infini-tarv extensions Aj° and AqA in which we can reason about the Berarducci trees of terms of A and Aoa- First we introduce the syntax of these sets and then the reduction rules,

2.1 Syntax

Let a countable set of variables V be given.

Definition 2.1 (i) The set A of pure lambda terms is defined by the induc-

tive grammar:

M :=jMd x | Ax.M | MM, where .r e V.

(ii) The set Aj_ of partial terms is defined by the inductive grammar:

M :=jMd x | ± | A x.M | MM, where .r e V.

(iii) The infinitarv extension Aof Aj_ is defined by the coinductive grammar:

M :=coind x | -L | Xx. M | MM, where .r e V.

(iv) The extension A0a of A with the constants 0, A is defined by the inductive grammar:

X :=ind M | OX | /KX | Xx.X | XM, where M e A.

(v) The extension Aoa of Aoa with partial terms is defined by the inductive grammar:

X :=ind M | OX | /KX | Xx.X | XM, where M e A±.

(vi) The infinitarv extension AqA of Aoa is defined by the inductive grammar:

X :=ind M | OX | /KX | Xx.X | XM, where M e

We will use abbreviations for some lambda terms:

I =Def Xx.x K =Def Xxy.x A =Def Xx.xx

AM =Def Xx.xxM il =Def AA ilM =Def AMAM

These sets of terms play the following roles in this paper. The set Aj° of the finite and the infinite terms contains the Berarducci trees of terms in A (when we do not distinguish between terms and their parsing trees). The set A0a is the set A extended with two constants 0 and A that allow us to discriminate Berarducci trees of pure lambda terms. The set AqA of finite and infinite terms includes the set of Berarducci trees of terms in Aoa-

Note that the syntax of Aj° is given eoinduetively. This implies that Aj° includes besides finite terms only well-formed infinite terms with the property that any node has finite distance (in the parsing trees of terms) to the root. One can think of those terms as build in top down manner in contrast to the inductive bottom up manner (cf, [6]), Alternatively, we can define the set Aj° as the metric completion (cf, [5,16,14]) or the order completion (for example cf, [2]) of the finite set Aj_. From either construction it follows that if all finite prefixes of two terms are the same, then the two terms themselves are equal to each other. The effect of the inductive constructions of Aqa from A and

of AqA from Aj° is that any term of Aoa and AqA contains at most finitely many symbols 0 and A,

Finally note the restriction on the arguments in applications in A0a and AqA . These arguments have to be elements of A and Aj° respectively. This implies that all 0 or A symbols can occur only on the left-spines (the left-most paths in the parsing trees) of terms,

2.2 Rewrite rules

We introduce now the reduction relations of the various calculi in a concise form.

Definition 2.2 Let A' be an extension of the set A, A binary reduction relation R on A' is called compatible if

XlRX2 => A./'. A'i RXr.X-, XlRX2 (XlY)R(X2Y) Vi RY-j => (\)])R(\)',).

The above notion of compatibility restricted to A coincides with the one defined in [4] (Definition 3,1,1),

Definition 2.3 Let —and —>-2 be reduction relations on A',

(i) The reduction relation —>-12 is defined as the union of the reduction — with —y2 ■

(ii) The reduction relation —is the reflexive closure of —h.

(iii) The reduction relation * is the reflexive and transitive closure of —h.

Definition 2.4 Let A' ) A,

(i) We define the binary reduction relation as the least compatible binary relation on A' containing the beta rule:

(Ax.X)M X[M/x],

(ii) A ¡3-redex is a term in A' of the form (Ax.X)M.

Substitution in the infinitarv lambda calculus Aj° needs some attention. We refer to [16,18],

We generalize the notion of zero term given in Definition 1,1 and that of strong zero term [7],2

Definition 2.5 Let A'd A and —a reduction relation on A',

2 Equivalent alternative formulations for strong zero term are unsolvable of order 0 in [19] and strongly unsolvable in [1].

(i) A term in A' is called a zero term with respect to if it cannot ^'-reduce to an abstraction,

(ii) A term in A' is called a strong zero term with respect to if all its substitution instances with terms from A'flAj0 are zero terms with respect to

For example il and il\i for all M in A are strong zero terms with respect to

Definition 2.6 Let A' ) Aoa-

(i) We define the binary reduction relation h>0a as the least compatible relation on A' closed under the two inference rules

M is strong zero with respect to -2-i-1(0)

O(M.X) —^oa M M is strong zero with respect to

A (MAT) N ^

where M, N range over A' fi Aj°.

(ii) An OA-redex is a term in A' of the form 0(MAT) or A(.\IX) where M is a strong zero term in A' fl Aj° with respect to —^

We will use these new rules to discriminate between terms with different Be-rarducci trees. For instance, in order to discriminate the terms fiK and fii, we choose the context A[ ]il These terms reduce as follows:

AOK^ ^p A(0KK)0 —^ok Kfi Xy.il

Ai >,< > -tp A(i 211)i2 Iii il

Hence the context is discriminating as il is rootaetive and Xy.il is not.

Example 2.7 The fact that ± is strong zero with respect to —^ in Aj_ implies in any A' D Aoa that:

(i) 0(±M1...MnN)^oA±M1...Mn

(ii) A(±M1... MnN) —^oa N for all .1/,.....M„. N e A' (n > 0).

We generalize the notion of rootstable and rootaetive term given in Definition 1.1.

Definition 2.8 Let A'd A and —a reduction relation on A'.

(i) A term in A' is called rootstable with respect to —if it cannot ^'-reduce to a ^'-redex.

(ii) A term in A' is called rootactive with respect to if all its reducts can ^'-reduce to ^'-redexes.

Notice that a term is rootactive with respect to —if and only if it can not reduce to a rootstable term with respect to —

The last class of terms we consider are those which block OA-reductions,

Definition 2.9 A term in A' is called a OA-6locker with respect to —if it does not ^'-reduce to MN e A' fl A with M a strong zero term with respect to -tp.

We can characterize the set of rootstable terms for the extended set A0a and the reduction —^oa-

Proposition 2.10 A term X in A0a is rootstable with respect to —^oa if and only if it has one of the following shapes:

• a variable,

• an abstraction,

• an application of the form XM with X a zero term with respect to oa,

• a term of the form OX or kXwith X a OA-blocker with respect to oa-

For example 0(xx)y and A(0(Aa;,X)fi) are zero terms with respect to —^oa and also rootstable terms with respect to —^oa-

A short notation for the set of terms in Aoa which are rootactive with respect to —^oa will be handy.

Definition 2.11 IZoa is the set of of terms in Aoa which are rootactive with respect to —^oa-

Since each term in AqA contains only a finite number of occurrences of 0, A we can prove that all rootactive terms with respect to —^oa reduce to rootactive terms with respect to —tp.

Lemma 2.12 If X e AqA is rootactive with respect to —^oa then there exists a term M e Aj° such that X —M and M is rootactive with respect to

Proof. By Definition 2,l(vi) the more general shape of a term X which can reduce to a OA-redex is:

(Xxl...xn.XYMl...Mm)Nl...Np

where \ stands for 0 or A.l'e AJa . Mu... ,Mm,Nu... ,NP e Af and m,n,p> 0,

If n > p then X reduces to an abstraction, so it is not rootactive with respect to —^oa-

If n < p then X reduces to \ZI\ ... PmNp+1... Np where Z = Y[Ni/x\,... ,Nn/xn] and Pi = Mi[Ni/x\,... ,Nn/xn] for 1 < i < rn. This last term is a OA-redex if and only if Z —^qa NP for some N, P E Aj° such that N is a strong zero term with respect to —tp. We can conclude that A ^^oa NPi... PmNp+1... Xj, if \ = 0 and X PPi ■ ■ ■ Pm,Np+1... Np '•I' \ = A.

The last rule we introduce allows us to equate all rootactive terms.

Definition 2.13 Let A' ) Aj_, We define the reduction relation —as the least compatible binary relation on A' closed under the inference rule:

M is rootactive with respect to —^

where M, N range over A',

Note that the set of rootactive terms with respect to —^is empty, since each rootactive term with respect to —^ reduces to ± using rule (±),

Notation 2.1 Let us summarize the most used reduction relations in this paper.

• The reduction on A,

• The reduction oa on Aoa,

• The reduction on Aj°,

• The reduction —^.loa on AqA .

2.3 Confluence of the reductions —tpoA and —tp±0A

We use the Hindley-Rosen Lemma (Proposition 3,3,5 of [4]) to prove that the reduction relations —^oa on A0a and —^.loa on A0a are confluent. We need a few auxiliary lemmas.

Lemma 2.14 (i) The relation H>oa commutes with the relation in Aoa' (ii) The relation h>oa commutes with the relation —^j. in aqa •'

X-^UYi

Proof. We give the proof for —^.loa- The proof for all references to —>-1.

is similar, just drop

Suppose that C[k{MN)] ^0a C[N] and C[k(MN)] X. We distinguish three eases depending on whether the —^reduction reduces a subterm in C[],M or N.

• A —^j. reduction step in C[ ] can cause substitutions of variables by terms belonging to Ainside M and N. Hence the resulting term will be of the form C'[k(M' N')]. Since M is strong zero (a property closed under substitution), the term M' is strong zero too and k(M'N') can be contracted. This gives rise to the following reduction diagram.

C[k(MN)]-Ac'[A(I'iV')]

C[N}-^->C'[N']

A reduction step in M does not affect the A (MAT), because strong zero terms are closed under reduction. This gives us the diagram:

C[k{MN)]^^C[k{M'N)\

C[N] =C[N]

Finally a —^-reduction step in N commutes trivially:

C[h(MN)]-^—>C[h(MN')]

[iV]-j^C[N>]

Proposition 2.15 There is at most one Ok-redex in a term belonging to Aoa • Hence H>oa is trivially confluent.

Proof. By definition 0 or A symbols in a term belonging to A0a can occur only on the left-spine. Moreover it follows from the conditions on the rules for 0 and A that a prerequisite for OX and AX to be an OA-redex is that X belongs to Aj_. Therefore only the innermost occurrence of 0 or A can be a redex, □

Lemma 2.16 (i) The relation —>73 is confluent in Aoa-(ii) The relation —yb± is confluent in \qa •

Proof. Because the 0 and A symbols are here not reduced they can be thought of as fresh free variables. Hence (i) and (ii) follow from the confluence property for —>79 in A (see [4], Theorem 3,28) and —^j. in Aj_ (see [16,17]) respectively, □

Theorem 2.17 (i) The relation —^oa is confluent in Aoa-(ii) The relation —ß±0A is confluent in Aoa •

Proof. The Hindley-Rosen Lemma [4] states that if we know that two reduction relations —and —>-2 both are confluent, and that —commutes with —y2, then (—U —>-2)* is confluent. The previous three lemmas imply these conditions both for —^ and —>-oa, and for and —>-oa- n

Remark 2.18 The extended calculus Aoa and the reduction rules (0) and (A) were chosen carefully in order to get confluent reduction relations,

• If we had allowed terms like (Ax,0(0a;0))A in Aoa, the extended calculus would not longer have been confluent. The term (Ax,0(0a;0))A can reduce to both OA and O(fiAfi), which cannot be joined,

• The condition on strong zero terms in the new rules (0) and (A) cannot be weakened to zero terms, because of loss of confluence, as shown by the following example: (Ax,A(a;I))I would reduce to both I and A(II). The term A(II) rewrites to the normal form AI and cannot be joined with I,

3 Observational equivalence implies tree equality

In this section we will prove that observational equivalence with respect to the extended calculus Aoa implies equality of Berarducci trees. The proof will be a variant of the Böhm out technique [4] defined for Böhm trees.

Some terminology first: A path3 is a finite string of l's and 2's, The empty path is denoted by (), If a path u is a proper prefix of v we write u < v. Given a tree T and a path u, the subtree T\u, when it exists, is a subtree of T defined inductively thus:

• t I 0 = T

• I I 1 • u = T\u T

• / \ I 1 • u = Ti\u

• / \ \2-u = T2\u Ti T2

The label at the root of a tree T is denoted by p(T) and defined by cases:

/ \ J =@, and p(±) = ±. Ti T2J

3 Synonyms in literature [17] are position and occurrence, we use here the terminology of

Like in Definition 10,4,6 of [4] we will say that a path is useful to discriminate between two terms if looking at the corresponding Berarducci trees the labeled nodes traversed by the path are identical, while the labeled nodes at the end of the path are different.

Definition 3.1 A path u is useful for two trees T,T' if p{T\v) = p(T'\v) for all v < u but p(T\u) p(T\u).

We will use substitutions that map any variable in A to a term in {il, ilil}. More precisely we will consider the substitution defined by

o'n(x) = il for all variables x

and the substitutions Oq, one for each variable x, defined by

( ilil if x = y

il otherwise.

Lemma 3.2 Let M E A be a zero term with respect to —tp and let a be the substitution on or (Jq for some fixed x. Then the substitution instance Ma is a strong zero term with respect to —>p.

Proof. If M is a strong zero term with respect to —^ then so is M'T for all a by definition. Otherwise M is convertible to a term of the shape yN\... Nn for some variable y. Hence Ma = i>.VjT... or Ma = iK>.YjT... which are both strong zero terms with respect to —>73. □

Theorem 3.3 For all M, N E A it holds that

VC[ ] e A0a C[M] E Uoa C[N] E TZ0A T(M) = T{N).

Proof. By contraposition. Let M. N be terms in A such that T(M) ^ T(N). Then there exists a path u that is useful for T(M) and T(N). Depending on what label we see at the root of T(M)\u and T(N)\u, we define a substitution a as follows:

• If T(M)\u = x and T(N)\u = y, let a be Oq,

• If T(M)\u = x and T(N)\u = ± or conversely, let a be Oq,

• In all other cases let a be an.

By induction on the length of u we will define a context C[ ] that can discriminate M and N with respect to a in the sense that either C[Ma] E Uoa and C[Na] if 'Roa- or vice versa.

Base case: u = (),

• If T(M) or T(N) is a leaf, then we choose C[ ] = [ ] as context to discriminate M and N with respect to a. We have four subcases:

• if T(M) = X and T(N) = y then Ma = 00 and Na = ih

■ if T(M) = X and T(N) = ± (or vice versa) then Ma = ilil if TZ0a and Na E TZoa (or vice versa);

• if T(M) is not a leaf and T(N) = x (or vice versa) then M'T TZqa and Na = il E 'Roa (or vice versa);

• if T(M) is not a leaf and T(N) = ± (or vice versa) then M'T TZoa and Na E TZoa (or vice versa),

• If T(M) = // \ and T(N) = | (or vice versa),

t(mi) t(m2) t(n

then we choose C[ ] = A(0[ ]0),

By the shape of T(M) it follows that Mi is a zero term with respect to —tp. Hence M\T is a strong zero term with respect to —^ by Lemma 3,2, We get C[Ma] = A(0(MfMf )fi) ^0a A(Mffi) ^0a while C[Na] = A(0(Ax.NiYil) is rootstable with respect to —^oa being irreducible.

Induction step: u = i • v.

• Suppose T(M) = and

T(MX) T(M2)

T(N)= X \

T(Ni) r(N2) If i = 1 then by the induction hypothesis we have a context C'[ ] that discriminates Mi, Ni with respect to a. Then we define C[ ] = C"[0[ ]], As in the base case we get that Mf is a strong zero term with respect to Now clearly C[Ma] = C'[0 Ma] = C'[0{M?M%)] a C'[Mf], Similarly we see that C[Na] = C'[0{N?N%)] a C"[iVf]. Hence by induction C[ ] discriminates M and N with respect to a.

If on the other hand i = 2, then by the induction hypothesis there is a context C'[ ] that discriminates M2 and N2 with respect to a. We now choose C[ } = C"[A[ ]] to discriminate M and N with respect to a. The proof proceeds now as before. Again .1/, is a zero term with respect to —>■/3, and Mf is a strong zero term with respect to —^ So we can calculate that C[Ma] = C"[A Ma] = C"[A(Mf M2)] C'[M![] and similarly we

see that C[Na] = C'[A(N?N%)] ->p0A C'[N%]. Hence by induction C[ ] discriminates M and N with respect to a.

• Suppose T(M) = | and T(N) = | , Then i = 1,

T(MX) T(iVi)

Let C'[ ] be the context that by induction hypothesis discriminates Mi and Ni. We now choose C[ ] = C'[[ ]<r(a;)]. We observe that C[Ma] = C'KXx.M^aix)] oa C'[Mf] and similarly we see that C[Na] = C'KXx.N^aix)] C'[Nf], Hence by induction C[ ] dis-

criminates M and N with respect to a.

/ \ / \ / \ / \

± X @ Xx @ Xx @ ±

Xx x Xx Xy x @

i i i / \

x Xy x @ @

I / \ / \

x x _L _L x

Fig. 1. Berarducci trees of Ox, Oi, Ok, and x(xQ(Qx))Q.

Recapitulating, given the two terms M. N in A and a path u that is useful to discriminate their Berarducci trees, we have constructed a substitution a and a discriminating context C'[], We now build from C'[ ] and a the new context

C[ ] = (Xxi...xn.C'[ ])<r(a;i)... a(xn),

where X 5 ■ ■ ■ X j-f, is the set of free variables in M and N. Because C[M] = (Xxi...xn.C'[M])o(xi)... a(xn) —^*ßo/K C'[Ma] (being C'[ ] closed) and similarly C[N]

^*ßOA C'[Na] and by construction C'[ ] discriminates M,N with respect to a, we get that C[M] e TZoa and C[N] TLqa-, or vice versa. □

Example 3.4 The Berarducci trees of some terms considered in this example are shown in Figure 1.

(i) When M = il, N = ilil and u = () the above procedure gives us the empty context as a discriminating context for M and N.

(ii) If M = il, N = ilx, and u = (), then we find that C[ } = (Xx.[ ])0 discriminates M and N.

(iii) For M = ilx, N = ily and u = 2 we find that C[} = (XxyA[ })(ilil)il is a discriminating context.

(iv) Let M = ili, N = f^K, and u = 2-1. The discriminating context we obtain is the same mentioned in Section 2, i.e. C[ ] = A[ ]il

(v) In case of M = x(xil(ilx))il, N = y(yil(ily))il, and u = 1 • 2 • 2 • 2, a discriminating context is C[ ] = (Xxy.A(A(A(0[ ]))))(00)0.

This last case shows the power of the constants 0, A. One problem in constructing such discriminating contexts is that different occurrences of the same variable may have to be used to select different arguments. This problem was solved in the original algorithm of Böhm by using suitable combinators which equate ^-convertible terms (see Section 10.4 of [4]) and in [23], [12], [11] by allowing a non-deterministic choice operator. In all these cases the technique is to replace different occurrences of the same variable by different terms. Instead, in the above algorithm for Berarducci trees the selection is performed

bv the two constants 0 and A while the variables always get substituted by il or 00,

4 From Berardueei tree equality to observational equivalence via infinite rewriting

In this section we will represent Berardueei trees explicitly as terms. Then the Berardueei tree t(m) of a term m of A is nothing else but the (possibly infinite) unique normal form of m in the infinitarv extension Aj° as shown in [16,18], In this term interpretation, the previous coinductive construction of Berardueei tree translates into a parallel outermost reduction strategy which replaces occurring outermost rootaetive subterms by ±. Because Berardueei trees of finite terms can be infinite (cf, fii in Figure 1) one has to consider (possibly infinite) strongly convergent reductions. The fact that Aj° is infinitarv confluent and has the unique normal form property has the following corollary:

Corollary 4.1 [24] For all terms M and contexts C[ ] in Aj° it holds that

t(c[m}) = t(c[t(m)}).

The proof is simple, just recognize that the left hand side and the right hand side of the equation represent two ways of reducing to the unique normal form of c[m], It follows immediately from the corollary that Berardueei tree equality in Aj° implies observational equivalence in Aj°. Formulated like this the result is actually stronger than Theorem 1,3, because it quantifies over Aj° instead of A,

The topic of this paper are Berardueei trees of terms in the extension Aoa- The goal of this section is to prove along similar lines as for Aj° that Berardueei tree equality in AqA implies observational equivalence in AqA .

Our first step is to define (possible infinite) strongly convergent reductions for AqA and show that these reductions are infinitarv confluent. Because terms in AqA contain at most a finite number of symbols 0 and A we can base the proof via a few straightforward lemmas on the infinitarv confluence of Ax.

4-1 Strongly convergent reductions in AqA

Infinite reductions that converge to a normal form have the nice property that the depth of the reduced redexes goes to infinity along the reduction. Such reductions are called strongly convergent.

Depending on the reduction order even a strongly convergent reduction to normal form may take more than uj steps. In fact such reductions can be of any countable ordinal length as shown in [15], For example ilx reduces in uj many steps to (((,, ,x)x)x). If we abbreviate this reduction by ilx —(((,, ,x)x)x), then we see that ilxilx ((((■■■ x)x)x)Vlx ((((■■■ x)x)x)(((... x)x)x is

a leftmost outermost reduction to normal form of length lo + u>. Of course depth-first outermost reduction would have found this normal form faster in lu steps.

The definition of a transfinite strongly convergent reduction is somewhat lengthy. Using terminology from topology we can give a concise definition. We first define depth of a redex and distance between two terms. After the definition we give a few concrete instances, enough to apply to the reduction sequences we will encounter later in this section.

In analogy to the subtree T \ u of T at the path u for trees (defined at page 13) we define the subterm X \ u of the term X at the path u, when it exists. We need the extra clauses:

• (OX) | 1 • u = X | u,

• (AX) | 1 • u = X | u.

Similarly we extend the definition of the root label as follows: . p(OX) = 0,

• p( AX) = A.

In this way the set AqA inherits from Definition 3,1 the notion of useful path.

Definition 4.2 • The depth of a subterm Y at path u in X E AqA is the length of the path u.

• The distance d(X, Y) of two terms X, Y E \qA is 0 if X and Y are identical and is 2 k if k is the length of the shortest path useful for X and Y.

With this distance AqA becomes a complete metric space.

Definition 4.3 [15,18] A transfinite reduction with respect to a given reduction relation of length a, where a is any ordinal number, is a function from a to reduction steps in , of the form { Xp Xp+i \ ¡3 < a }, It is weakly continuous (resp, weakly convergent) if the induced function from ordinals to terms is continuous (resp, convergent) with respect to the usual topology on ordinals and the metric on terms. It is strongly continuous (resp, strongly convergent) if it is weakly so, and in addition, for every limit ordinal A < a (resp, A < a) the sequence { dp \ ¡3 < A } of the depths of the redexes it reduces tends to infinity.

This dense definition implies concretely that

• finite reductions are strongly convergent,

• a reduction sequence X0 r Xi ^-r ... is weakly convergent with limit Xw if for all real numbers e > 0 there is a n such that d,(Xn, Xw) < e for all m > n,

• X0 r Xi r ... is strongly convergent if it is weakly convergent and

lililn—s-oo dn — OO,

• composition of a finite number of strongly convergent reduction sequences is again strongly convergent.

Example 4.4 • fii —>p Oil —>p ... is strongly convergent with limit the infinite term (((,,, )I)I)I.

• 0(00) ^oa SI —tpSl —tp ■ ■ ■ is weakly convergent but not strongly convergent, as the depth of the reduced redexes is always zero,

• Let B denote A.r.I(.r.r). Then BB -+p I(BB) -+p BB -+p I(BB) -+p ...

is not weakly convergent,

• Weakly convergent reductions are not confluent: Y(Xy.K(Kyx)z) can reduce to the normal forms of both Y(Xy.Kyx) and Y(Xy.Kyz) which don't have a common reduct. Here Y is the Turing fixpoint combinator, i.e. Y = [Xxy ,y{xxy)){Xxy ,y{xxy)).

• Q ->± ±, BB ->± ±, and Y(Xy(K(Kyx)z)) ->± ±.

All this restricts to reductions in Aj°: a reduction in Aj° is strongly convergent if it is strongly convergent in AqA .

Definition 4.5 Let be a reduction relation. Then denotes a strongly convergent reduction with respect to —

4-2 Confluence of strongly convergent reductions in AqA

We will prove confluence of strongly convergent reductions in AqA along the same lines as we proved confluence of finite reductions in Aoa •

Lemma 4.6 (i) The relation H>oa commutes with the relation

(ii) There is at most one OA-redex in a term belonging to AqA .

(iii) The relation —frp± is confluent.

Proof.

(i) Similar to the finite case considered in Lemma 2,14, After construction of the three base cases the proof proceeds now by induction to the ordinal length of —»^j,. The limit ordinals are the interesting case: we construct

C^MN^-^C^M^)]-^^^^)].............CX[A(MXNX)}

c w —ji—"Cl t^] —ji—"..............................^ w

Observe that the depth of the occurrences of A in the terms on the top row becomes fixed after a while. If that would not be the case, then by the strong convergence property there would be no A present in the limit. Now it is routine to verify that the reduction in the bottom row inherits the strongly convergent property of the reduction in the top row,

(ii) As in Lemma 2,15,

(iii) One can use the infinitarv confluence property for Aj° proved in [16,17] in combination with the same observation as for the finite version (Lemma 2,16),

Theorem 4.7 The relation —oa is confluent in AqA :

/3±0a

/j±oa

Proof. Similar to the proof of Theorem 2,17 using the Hindley-Rosen Lemma and Lemma 4,6, □

Corollary 4.8 Every term vn has a unique normal form.

Proof. One can construct a normal form by a depth-first outermost strategy in which ± steps have priority over /3, 0 and A steps. Hence inside rootaetive terms no reduction will take place, and instead they will sooner or later be replaced as a whole by ±. The resulting reduction is strongly convergent: if not, there would be a rootaetive subterm at some stage that would not be replaced by ±. But the strategy was depth-first outermost, so this cannot happen. Uniqueness follows from previous confluence result, □

4-3 From tree equivalence to observational equivalence

We have now all the machinery to pull the rabbit out of the hat. First we will extend the tree definition of Berarducci tree from terms in A to terms in AqA and we show the correspondence with the unique normal forms. We conclude with a proof that Berarducci tree equality in AqA implies observational equivalence in AqA .

Definition 4.9 The Berarducci tree T( A') of a term X e AqA is defined by cases as follows:

(i) if X H^oa x then T(X) = x

(ii) if X ± then T(X) = ±

(iii) if X ^*0OA Xx.Y then T{x) = \

(iv) if X YM and Y is a zero term with respect to H^oa then

T(x)= X \ . T(Y) T(M)

(v) if X —OF and Y is a OA-blocker with respect to joa then T(X)

(vi) if X —^qa ^ an<i Y is a OA-blocker with respect to —^oa then T(X)

(vii) otherwise (exactly when X is rootactive with respect to —^oa), T(X)

For example A(xOi) —»¡3oa A(x((, ,, 1)1)) with the following tree structure:

@ I / \

Corollary 4.10 The parse tree of the infinite normal form of a term X E AqA is given by T{X), i.e. the Berarducci tree of X.

Proof. By coinduction on the structure of Berarducci tree of a term X E AqA using Lemma 2,12 to match the last clause of Definition 4,9 with rule (±). □

Corollary 4.11 For all terms X E \qA and context C[ ] E \qA it holds that T(C{T(X)]) = T(C{X]).

Proof. From C[X] we can construct a normal form via depth-first outermost reduction. By Theorem 4,8 this normal form is equal to the normal form obtained by first reducing X to normal form T(X) and then reducing C[T(X)] to normal form, as shown in the following diagram (identifying terms with their parse trees):

C[X] ß±0\ C[T(X)]

ß±oa

ß±oa

T(c[x])—T(c[T(x)\)

Finally we can prove that Berarducci tree equality in AqA implies observational equivalence in AqA .

Theorem 4.12 For all X,Y E Aj°, T(X) = T(Y) implies

VC[ ] e A0\ . C[X\ E U%A± 4=> C[Y] G ^0xa • where TZ qA± is the set of terms in \qA which are rootactive with respect to

^ 1oa •

Proof. Let X,Y be terms in Aj°. Suppose T(X) = T(Y). Let C[ ] be a context in AqA . Using the previous corollary we get:

T(c[x}) = r(c[T(x)}) = T(C[T(Y)])

= T(C[Y\).

Suppose C[X] E TZ%A±. Then T(C[X]) = ±. Hence also T(C[Y]) = ±. And so we find that C[Y] E 1ZqA±. We conclude that X and Y are observational equivalent, □

Specializing the above theorem to the case X, Y E A and C[ ] E Aoa we obtain the converse of Theorem 3,3, i.e.:

Theorem 4.13 For all M,N E A, T(M) = T(N) implies VC[ ] G Aoa. C[M] G TZ0a C[N] E U0A.

5 Conclusion

In this paper we study equivalence relations on the pure lambda calculus. In denotational semantics we consider equivalent two terms with the same meaning, In operational semantics the equivalent terms are those which behave in the same way when put in given contexts. Here we take as meaning of a term its Berarducci tree, and the behavior that we observe is whether or not a term has a rootstable form. As expected denotational equivalence implies operational equivalence, or more concretely put, Berarducci tree equality implies observational equivalence. The converse is not true for the pure lambda calculus, because the set of contexts is not expressive enough. One way of increasing the expressivity is by enlarging the set of contexts. We do this by defining an extension A0a of the pure lambda calculus for which we can show that Berarducci tree equality of pure lambda terms coincides with observational equivalence. This means that Berarducci tree equality of pure lambda terms is fully abstract [20] for the extended lambda calculus. The above result does not holds for terms of the extended lambda calculus. For example O(Afi) and 0(00) have different Berarducci trees but their behavior is the same in all contexts of A0a- We plan to look for a calculus which allow to observe the differences between all terms of Aqa not semantieallv equal.

In [23] Sangiorgi proves that adding well-formed operators to pure lambda ealeulus we cannot discriminate more than Lévv-Longo trees do. As a matter of fact, our operators A, 0 are not well-formed according to the Groote-Vaandrager format allowed in [23], The reason is that this format does not allow a premise asking for a term to be a strong zero term. In this respect our development completely agrees with that of Sangiorgi, We criticize only the following sentence from the introduction of [23]:

"well-formed operators, intuitively operators whose behavior only depends on the semantics - not on the syntax - of their operands",

We think that the reduction rules of A, O depend on the semantics of their operands, since the notion of being a strong zero term is a semantical one, as shown by the observation that all and only the strong zero terms are equated to bottom in the Plotkin-Seott-Engeler models [19],

References

[1] S. Abramsky and C.-H. L. Ong. Full abstraction in the lazy lambda calculus. Inform, and Com,put,., 105(2):159-267, 1993.

[2] R. M. Amadio and P.-L. Curien. Domains and lambda-calculi. Cambridge University Press, Cambridge, 1998.

[3] F. Barbanera, M. Dezani-Ciancaglini, and F.-J. d. Vries. Types for trees. In PROCOMET'98 (Shelter Island, 1998), pages 6-29. Chapman k Hall, London, 1998.

[4] H. P. Barendregt. The lambda calculus Its syntax and semantics. North-Holland Publishing Co., Amsterdam, revised edition, 1984.

[5] M. Barr. Terminal coalgebras in well-founded set theory. Theoret. Comput. Sci, 114(2):299—315, 1993.

[6] J. Barwise and L. Moss. Vicious circles. CSLI Lecture Notes Number 60, CSLI Publications, Stanford, 1996.

[7] A. Berarducci. Infinite A-calculus and non-sensible models. In Logic and algebra (Pontignano, 1994), pages 339-377. Dekker, New York, 1996.

[8] G. Boudol. Lambda-calculi for (strict) parallel functions. Inform,, and Comput., 108(1):51—127, 1994.

[9] G. Boudol and C. Laneve. The discriminating power of multiplicities in the A-calculus. Inform,, and Comput., 126(1):83—102, 1996.

[10] M. Dezani-Ciancaglini, U. de'Liguoro, and A. Piperno. A filter model for concurrent A-calculus. SIAM J. Comput., 27(5):1376-1419 (electronic), 1998.

[11] M. Dezani-Ciancaglini, B. Intrigila, and M. Venturini-Zilli. Bohm's theorem for Bohm trees. In ICTCS'98 (Prato, 1998), pages 1-23. World Scientific, Oxford, 1998.

[12] M. Dezani-Ciancaglini, J. Tiuryn, and P. Urzyczyn. Discrimination by parallel observers: the algorithm. Inform. and Compute 150(2):153—186, 1999.

[13] M. Hyland. A syntactic characterization of the equality in some models for the lambda calculus. J. london Math. Soc. (2), 12(3):361-370, 1975/76.

[14] B. Jacobs and J. Rutten. A tutorial on (co)algebras and (co)induction. Bulletin of EAT CS, 62:222-259, 1997.

[15] R. Kennaway, J. W. Klop, R. Sleep, and F.-J. d. Vries. Transfinite reductions in orthogonal term rewriting systems. Inform. and Comput., 119(1):18—38, 1995.

[16] R. Kennaway, J. W. Klop, R. Sleep, and F.-J. d. Vries. Infinitary lambda calculus. Theoret. Comput. Sei., 175(1):93—125, 1997.

[17] R. Kennaway, V. v. Oostrom, and F.-J. d. Vries. Meaningless terms in rewriting. ,J. Funet. logic Programming, Article 1:35 pp, 1999. (electronic) http: //www. cs.tu-berlin.de/journal/jflp/articles/1999/A99-01/A99-01.html.

[18] R. Kennaway and F.-J. d. Vries. Infinitary rewriting. To appear as chapter in a book on rewriting edited by J. W. Klop. Draft is available at http://www. etl.go.jp/~ferjan/drafts.html, 2000.

[19] G. Longo. Set-theoretical models of A-calculus: theories, expansions, isomorphisms. Ann. Pure Appl. logic, 24(2):153-188, 1983.

[20] R. Milner. Fully abstract models of typed A-calculi. Theoret. Comput. Sei., 4:1-22, 1977.

[21] J.-H. Morris. lambda calculus models of programming languages. PhD thesis, M.I.T., 1968.

[22] G. Plotkin. LCF considered as a programming language. Theoret. Comput. Sei., 5:223-256, 1977.

[23] D. Sangiorgi. The lazy lambda calculus in a concurrency scenario. Inform. and Comput., 111(1):120—153, 1994.

[24] F.-J. d. Vries. Böhm trees, bisimulations and observations in lambda calculus. In Second Fuji International Workshop on Functional and logic Programming Workshop, pages 230-245. World Scientific, Singapore, 1997.

[25] C. P. Wadsworth. The relation between computational and denotational properties for Scott's Doo-models of the lambda-calculus. SIAM J. Comput., 5(3):488-521, 1976.