Simple Type Theory with Undefinedness, Quotation, and Evaluation
aa r X i v : . [ m a t h . L O ] D ec Simple Type Theory withUndefinedness, Quotation, andEvaluation ∗ William M. Farmer † Abstract
This paper presents a version of simple type theory called Q uqe0 thatis based on Q , the elegant formulation of Church’s type theory createdand extensively studied by Peter B. Andrews. Q uqe0 directly formalizesthe traditional approach to undefinedness in which undefined expressionsare treated as legitimate, nondenoting expressions that can be compo-nents of meaningful statements. Q uqe0 is also equipped with a facility forreasoning about the syntax of expressions based on quotation and evalu-ation . Quotation is used to refer to a syntactic value that represents thesyntactic structure of an expression, and evaluation is used to refer to thevalue of the expression that a syntactic value represents. With quotationand evaluation it is possible to reason in Q uqe0 about the interplay of thesyntax and semantics of expressions and, as a result, to formalize in Q uqe0 syntax-based mathematical algorithms. The paper gives the syntax andsemantics of Q uqe0 as well as a proof system for Q uqe0 . The proof system isshown to be sound for all formulas and complete for formulas that do notcontain evaluations. The paper also illustrates some applications of Q uqe0 . Keywords:
Church’s type theory, undefinedness, reasoning about syn-tax, quotation, evaluation, truth predicates, substitution. ∗ This research was supported by NSERC. † Address: Department of Computing and Software, McMaster University, 1280 Main StreetWest, Hamilton, Ontario L8S 4K1, Canada. E-mail: [email protected] . ontents sub ǫǫǫǫ . . . . . . . . . . . . . . . . . . . . . . . 277.2 Evaluation-Free Wffs . . . . . . . . . . . . . . . . . . . . . . . . . 287.3 Properties of not-free-in oǫǫ . . . . . . . . . . . . . . . . . . . . . . 307.4 Properties of cleanse ǫǫ . . . . . . . . . . . . . . . . . . . . . . . . 317.5 Properties of sub ǫǫǫǫ . . . . . . . . . . . . . . . . . . . . . . . . . 347.6 Example: Double Substitution . . . . . . . . . . . . . . . . . . . 417.7 Example: Variable Renaming . . . . . . . . . . . . . . . . . . . . 427.8 Limitations of sub ǫǫǫǫ . . . . . . . . . . . . . . . . . . . . . . . . . 43
10 Some Metatheorems 57 Q . . . . . . . . . . . . . . . . . . . 5710.2 Other Metatheorems . . . . . . . . . . . . . . . . . . . . . . . . . 612
12 Applications 69
13 Conclusion 76
Acknowledgments 81References 82
List of Tables
Introduction
A huge portion of mathematical reasoning is performed by algorithmically ma-nipulating the syntactic structure of mathematical expressions. For example,the derivative of a function is commonly obtained using an algorithm that re-peatedly applies syntactic differentiation rules to an expression that representsthe function. The specification and analysis of a syntax-based mathematicalalgorithm requires the ability to reason about the interplay of how the expres-sions are manipulated and what the manipulations mean mathematically. Thisis challenging to do in a traditional logic like first-order logic or simple typetheory because there is no mechanism for directly referring to the syntax of theexpressions in the logic.The standard approach for reasoning in a logic about a language L of ex-pressions is to introduce another language L syn to represent the syntax of L .The expressions in L syn denote certain syntactic values (e.g., syntax trees) thatrepresent the syntactic structures of the expressions in L . We will thus call L syn a syntax language . A syntax language like L syn is usually presented asan inductive type . The members of L are mapped by a quotation function tomembers of L syn , and members of L syn are mapped by an evaluation function to members of L . The language L syn provides the means to indirectly reasonabout the members of L as syntactic objects, and the quotation and evalua-tion functions link this reasoning directly to L itself. In computer science thisapproach is called a deep embedding [8]. The components of the standard ap-proach — a syntax language, quotation function, and evaluation function —form an instance of a syntax framework [28], a mathematical structure thatmodels systems for reasoning about the syntax of a interpreted language.We will say that an implementation of the standard approach is global when L is the entire language of the logic and is local otherwise. For example, the useof G¨odel numbers to represent the syntactic structure of expressions is usuallya global approach since every expression is assigned a G¨odel number. We willalso say that an implementation of the standard approach is internal when thequotation and evaluation functions are expressed as operators in the logic and is external when they are expressed only in the metalogic. Let the replete approach be the standard approach restricted to implementations that are both global andinternal. The components of an implementation of the replete approach forman instance of a replete syntax framework [28].It is a straightforward task to implement the local approach in a traditionallogic, but two significant shortcomings cannot be easily avoided. First, theimplementation must be external since the quotation function, and often theevaluation function as well, can only be expressed in the metalogic, not in thelogic itself. Second, the constructed syntax framework works only for L ; an-other language (e.g., a larger language that includes L ) requires a new syntaxframework. For instance, each time a defined constant is added to L , the syn-tax language, quotation function, and evaluation function must all be extended.See [25] for a more detailed presentation of the local approach.Implementing the replete approach is much more ambitious: quotation and4valuation operators are added to the logic and then a syntax framework is builtfor the entire language of the logic. We will write the quotation and evaluationoperators applied to an expression e as p e q and J e K , respectively. The repleteapproach provides the means to directly reason about the syntax of the entirelanguage of the logic in the logic itself. Moreover, the syntax framework does nothave to be extended whenever the language of the logic is extended, and it canbe used to express syntactic side conditions, schemas, substitution operations,and other such things directly in the logic. In short, the replete approach enablessyntax-based reasoning to be moved from the metalogic to the logic itself.At first glance, the replete approach appears to solve the whole problem ofhow to reason about the interplay of syntax and semantics. However, the repleteapproach comes with an entourage of challenging problems that stand in theway of an effective implementation. Of these, we are most concerned with thefollowing two:1. Evaluation Problem.
Since a replete syntax framework works for the en-tire language of the logic, the evaluation operator is applicable to syntaxvalues that represent formulas and thus is effectively a truth predicate.Hence, by the proof of Alfred Tarski’s theorem on the undefinability oftruth [63, 64, 65], if the evaluation operator is total in the context ofa sufficiently strong theory like first-order Peano arithmetic, then it ispossible to express the liar paradox using the quotation and evaluationoperators. Therefore, the evaluation operator must be partial and thelaw of disquotation cannot hold universally (i.e., for some expressions e , J p e q K = e ). As a result, reasoning with evaluation is cumbersome andleads to undefined expressions.2. Variable Problem.
The variable x is not free in the expression p x + 3 q (or in any quotation). However, x is free in J p x + 3 q K because J p x +3 q K = x + 3. If the value of a constant c is p x + 3 q , then x is freein J c K because J c K = J p x + 3 q K = x + 3. Hence, in the presence of anevaluation operator, whether or not a variable is free in an expression maydepend on the values of the expression’s components. As a consequence,the substitution of an expression for the free occurrences of a variable inanother expression depends on the semantics (as well as the syntax) of theexpressions involved and must be integrated with the proof system of thelogic. Hence a logic with quotation and evaluation requires a semantics-dependent form of substitution in which side conditions, like whether avariable is free in an expression, are proved within the proof system. Thisis a major departure from traditional logic.See [25] for a more detailed presentation of the replete approach including dis-cussion of some other problems that come with it. There are several implementations of the replete approach in programminglanguages. The most well-known example is the Lisp programming language The replete approach is called the global approach in [25]. nbg ) set theory. It admits undefined expressions, has a richtype system, and contains the machinery of a replete syntax framework. As faras we know, there is no implementation of the replete approach in simple typetheory. See [30, 45] for research moving in this direction. Such an implementa-tion would require significant changes to the logic:1. A syntax language that represents the set of expressions of the logic mustbe defined in the logic.2. The syntax and semantics of the logic must be modified to admit quotationand evaluation operators.3. The proof system of the logic must be extended to include the means toreason about quotation, evaluation, and substitution.Moreover, these changes must provide solutions to the Evaluation and VariableProblems.The purpose of this paper is to demonstrate how the replete approach canbe implemented in Church’s type theory [12], a version of simple type theorywith lambda-notation introduced by Alonzo Church in 1940. We start with Q , an especially elegant version of Church’s type theory formulated by PeterB. Andrews and meticulously described and analyzed in [2]. Since evaluationunavoidably leads to undefined expressions, we modify Q so that it formalizesthe traditional approach to undefinedness [19]. This version of Q with unde-fined expressions called Q u0 is presented in [23]. ( Q u0 is a simplified version of lutins [16, 17, 18], the logic of the the imps theorem proving system [26, 27].)And, finally, we modify Q u0 so that it implements the replete approach. Thisversion of Q with undefined expressions, quotation, and evaluation called Q uqe0 is presented in this paper. Q uqe0 consists of three principal components: a syntax, a semantics, and aproof system. The syntax and semantics of Q uqe0 are relatively straightforwardextensions of the syntax and semantics of Q u0 . However, the proof system of Q uqe0 is significantly more complicated than the proof system of Q u0 . This is becausethe Variable Problem discussed above necessitates that the proof system employa semantics-dependent substitution mechanism. The proof system of Q uqe0 canbe used to effectively reason about quotations and evaluations, but unlike theproof systems of Q and Q u0 it is not complete. However, we do show that it iscomplete for formulas that do not contain evaluations.The paper is organized as follows. The syntax of Q uqe0 is defined in section 2.A Henkin-style general models semantics for Q uqe0 is presented in section 3. Sec-tion 4 introduces several important defined logical constants and abbreviations.Section 5 shows that Q uqe0 embodies the structure of a replete syntax framework.6ection 6 finishes the specification of the logical constants of Q uqe0 and definesthe notion of a normal general model for Q uqe0 . The substitution mechanismfor Q uqe0 is presented in section 7. Section 8 defines P uqe , the proof system of Q uqe0 . P uqe is proved in section 9 to be sound with respect to the semantics of Q uqe0 . Several metatheorems of P uqe are proved in section 10. P uqe is proved insection 11 to be complete with respect to the semantics of Q uqe0 for evaluation-free formulas. Some applications of Q uqe0 are illustrated in section 12. And thepaper ends with some final remarks in section 13 including a brief discussion onrelated and future work.The great majority of the definitions for Q uqe0 are derived from those for Q given in [2]. In fact, many Q uqe0 definitions are exactly the same as the Q definitions. Of these, we repeat only the most important and least obviousdefinitions for Q ; for the others the reader is referred to [2]. The syntax of Q uqe0 includes the syntax of Q u0 plus machinery for reasoningabout the syntax of expressions (i.e., wffs in Andrews’ terminology) based onquotation and evaluation. A type symbol of Q uqe0 is defined inductively as follows:1. ı is a type symbol.2. o is a type symbol.3. ǫ is a type symbol.4. If α and β are type symbols, then ( αβ ) is a type symbol.5. If α and β are type symbols, then h αβ i is a type symbol.Let T denote the set of type symbols. α, β, γ, . . . are syntactic variables rangingover type symbols. When there is no loss of meaning, matching pairs of paren-theses in type symbols may be omitted. We assume that type combination ofthe form ( αβ ) associates to the left so that a type of the form (( αβ ) γ ) may bewritten as αβγ .The primitive symbols of Q uqe0 are the following:1. Improper symbols : [, ], λ , c , q , e .2. A denumerable set of variables of type α for each α ∈ T : f α , g α , h α , x α , y α , z α , f α , g α , h α , x α , y α , z α , . . . .3. Logical constants : see Table 1.4. An unspecified set of nonlogical constants of various types.7 (( oα ) α ) for all α ∈ T ι ( α ( oα )) for all α ∈ T with α = o pair (( h αβ i β ) α ) for all α, β ∈ T var ( oǫ ) con ( oǫ ) app (( ǫǫ ) ǫ ) abs (( ǫǫ ) ǫ ) cond ((( ǫǫ ) ǫ ) ǫ ) quot ( ǫǫ ) eval (( ǫǫ ) ǫ ) eval-free ( oǫ ) not-free-in (( oǫ ) ǫ ) cleanse ( ǫǫ ) sub ((( ǫǫ ) ǫ ) ǫ ) wff α ( oǫ ) for all α ∈ T Table 1: Logical ConstantsThe types of variables and constants are indicated by their subscripts. f α , g α , h α , x α , y α , z α , . . . are syntactic variables ranging over variables of type α . Note 1 (Iota Constants)
Only ι ı ( o ı ) is a primitive logical constant in Q ;each other ι α ( oα ) is a nonprimitive logical constant in Q defined according toan inductive scheme presented by Church in [12] (see [2, pp. 233–4]). We willsee in the next section that the iota constants have a different semantics in Q uqe0 than in Q . As a result, it is not possible to define the iota constants in Q uqe0 asthey are defined in Q , and thus they must be primitive in Q uqe0 . Notice that ι o ( oo ) is not a primitive logical constant of Q uqe0 . It has been left out because itserves no useful purpose. It can be defined as a nonprimitive logical constantas in [2, p. 233] if desired. Following Andrews, we will call the expressions of Q uqe0 well-formed formulas(wffs) . We are now ready to define a wff of type α ( wff α ) of Q uqe0 . A α , B α , C α , . . . are syntactic variables ranging over wffs of type α . A wff α is defined inductivelyas follows:1. A variable of type α is a wff α .2. A primitive constant of type α is a wff α .3. [ A αβ B β ] is a wff α .4. [ λ x β A α ] is a wff αβ .5. [ c A o B α C α ] is a wff α . 8. [ q A α ] is a wff ǫ .7. [ e A ǫ x α ] is a wff α .A wff of the form [ A αβ B β ], [ λ x β A α ], [ c A o B α C α ], [ q A α ], or [ e A ǫ x α ] is calleda function application , a function abstraction , a conditional , a quotation , or an evaluation , respectively. A formula is a wff o . A α is evaluation-free if eachoccurrence of an evaluation in A α is within a quotation. When there is noloss of meaning, matching pairs of square brackets in wffs may be omitted. Weassume that wff combination of the form [ A αβ B β ] associates to the left so thata wff [[ C γβα A α ] B β ] may be written as C γβα A α B β .The size of A α is the number of variables and primitive constants occurringin A α . The complexity of A α is the ordered pair ( m, n ) of natural numbers suchthat m is the number of evaluations occurring in A α that are not within a quo-tation and n is the size of A α . Complexity pairs are ordered lexicographically.The complexity of an evaluation-free wff is a pair (0 , n ) where n is the size ofthe wff. Note 2 (Type ǫ ) The type ǫ denotes an inductively defined set D ǫ of valuescalled constructions that represent the syntactic structures of wffs. The con-stants app ǫǫǫ , abs ǫǫǫ , cond ǫǫǫǫ , quot ǫǫ , and eval ǫǫǫ are used to build wffs thatdenote constructions representing function applications, function abstractions,conditionals, quotations, and evaluations, respectively. An alternate approachwould be to have a type ǫ α of constructions that represent the syntactic struc-tures of wffs α for each α ∈ T . Note 3 (Type ( αβ ) ) A type ( αβ ) denotes a set of partial and total functionsfrom values of α to values of type β . β → α is an alternate notation for ( αβ ). Note 4 (Type h αβ i ) A type h αβ i denotes the set of ordered pairs h a, b i where a is a value of type α and b is a value of type β . α × β is an alternate notation for h αβ i . The constant pair h αβ i βα is used to construct ordered pairs of type h αβ i . Note 5 (Conditionals)
We will see that [ c A o B α C α ] is a conditional thatis not strict with respect to undefinedness. For instance, if A o is true, then[ c A o B α C α ] denotes the value of B α even when C α is undefined. We constructconditionals using a primitive wff constructor instead of using a primitive ordefined constant since constants always denote functions that are effectivelystrict with respect to undefinedness. Note 6 (Evaluation Syntax)
The sole purpose of the variable x α in an eval-uation [ e A ǫ x α ] is to designate the type of the evaluation. We will see in thenext section that this evaluation is defined (true if α = o ) only if A ǫ denotesa construction representing a wff α . Hence, if A ǫ does denote a constructionrepresenting a wff α , [ e A ǫ x β ] is undefined (false if α = o ) for all β ∈ T with β = α . 9 ind Syntax Syntactic Representation Variable x α [ q x α ]Primitive constant c α [ q c α ]Function application [ A αβ B β ] [ app ǫǫǫ E ( A αβ ) E ( B β )]Function abstraction [ λ x β A α ] [ abs ǫǫǫ E ( x β ) E ( A α )]Conditional [ c A o B α C α ] [ cond ǫǫǫǫ E ( A o ) E ( B α ) E ( C α )]Quotation [ q A α ] [ quot ǫǫ E ( A α )]Evaluation [ e A ǫ x α ] [ eval ǫǫǫ E ( A ǫ ) E ( x α )]Table 2: Seven Kinds of Wffs The semantics of Q uqe0 is obtained by making three principal changes to thesemantics of Q u0 : (1) The semantics of the type ǫ is defined to be a domain D ǫ of values such that, for each wff A α of Q uqe0 , there is a unique member of D ǫ that represents the syntactic structure of A α . (2) The semantics of the typeconstructor h αβ i is defined to be a domain of ordered pairs. (3) The valuationfunction for wffs is extended to include conditionals, quotations, and evaluationsin its domain. Let E be the function from the set of wffs to the set of wffs ǫ defined inductivelyas follows:1. E ( x α ) = [ q x α ].2. E ( c α ) = [ q c α ] where c α is a primitive constant.3. E ([ A αβ B β ]) = [ app ǫǫǫ E ( A αβ ) E ( B β )].4. E ([ λ x β A α ]) = [ abs ǫǫǫ E ( x β ) E ( A α )].5. E ([ c A o B α C α ]) = [ cond ǫǫǫǫ E ( A o ) E ( B α ) E ( C α )].6. E ([ q A α ]) = [ quot ǫǫ E ( A α )].7. E ([ e A ǫ x α ]) = [ eval ǫǫǫ E ( A ǫ ) E ( x α )]. E is obviously an injective, total function whose range is a proper subset of theset of wffs ǫ . The wff ǫ E ( A α ) represents the syntactic structure of the wff A α .The seven kinds of wffs and their syntactic representations are given in Table 2.A frame of Q uqe0 is a collection {D α | α ∈ T } of nonempty domains suchthat:1. D o = { T , F } . 10. {E ( A α ) | A α is a wff } ⊆ D ǫ .3. For α, β ∈ T , D ( αβ ) is some set of total functions from D β to D α if α = o and is some set of partial and total functions from D β to D α if α = o .4. For α, β ∈ T , D h αβ i is the set of all ordered pairs h a, b i such that a ∈ D α and b ∈ D β . D ı is the domain of individuals , D o is the domain of truth values , D ǫ is the domain of constructions , and, for α, β ∈ T , D ( αβ ) is a function domain and D h αβ i is a ordered pair domain . For all α ∈ T , the identity relation on D α is thetotal function q ∈ D oαα such that, for all x, y ∈ D α , q ( x )( y ) = T iff x = y . Forall α ∈ T with α = o , the unique member selector on D α is the partial function f ∈ D α ( oα ) such that, for all s ∈ D oα , if the predicate s represents a singleton { x } ⊆ D α , then f ( s ) = x , and otherwise f ( s ) is undefined. For all α, β ∈ T ,the pairing function on D α and D β is the total function f ∈ D h αβ i βα such that,for all a ∈ D α and b ∈ D β , f ( a )( b ) = h a, b i , the ordered pair of a and b . Note 7 (Function Domains)
In a Q frame a function domain D αβ containsonly total functions, while in a Q uqe0 (and Q u0 ) frame a function domain D oβ contains only total functions but a function domain D αβ with α = o containspartial functions as well as total functions. An interpretation h{D α | α ∈ T } , J i of Q uqe0 consists of a frame and an inter-pretation function J that maps each primitive constant of Q uqe0 of type α to anelement of D α such that:1. J ( Q oαα ) is the identity relation on D α for all α ∈ T .2. J ( ι α ( oα ) ) is the unique member selector on D α for all α ∈ T with α = o .3. J ( pair h αβ i βα ) is the pairing function on D α and D β for all α, β ∈ T .The other 12 logical constants involving the type ǫ will be specified later viaaxioms in section 6.1. Note 8 (Definite Description Operators)
The ι α ( oα ) in Q are descriptionoperators : if A oα denotes a singleton, then the value of ι α ( oα ) A oα is the uniquemember of the singleton, and otherwise the value of ι α ( oα ) A oα is unspecified . Incontrast, the ι α ( oα ) in Q uqe0 (and Q u0 ) are definite description operators : if A oα denotes a singleton, then the value of ι α ( oα ) A oα is the unique member of thesingleton, and otherwise the value of ι α ( oα ) A oα is undefined .An assignment into a frame {D α | α ∈ T } is a function ϕ whose domain isthe set of variables of Q uqe0 such that, for each variable x α , ϕ ( x α ) ∈ D α . Givenan assignment ϕ , a variable x α , and d ∈ D α , let ϕ [ x α d ] be the assignment ψ such that ψ ( x α ) = d and ψ ( y β ) = ϕ ( y β ) for all variables y β = x α . Givenan interpretation M = h{D α | α ∈ T } , J i , assign ( M ) is the set of assignmentsinto the frame of M . 11 .3 General and Evaluation-Free Models An interpretation M = h{D α | α ∈ T } , J i is a general model for Q uqe0 if there isa binary valuation function V M such that, for each assignment ϕ ∈ assign ( M )and wff D δ , either V M ϕ ( D δ ) ∈ D δ or V M ϕ ( D δ ) is undefined and the followingconditions are satisfied for all assignments ϕ ∈ assign ( M ) and all wffs D δ :1. Let D δ be a variable of Q uqe0 . Then V M ϕ ( D δ ) = ϕ ( D δ ).2. Let D δ be a primitive constant of Q uqe0 . Then V M ϕ ( D δ ) = J ( D δ ).3. Let D δ be [ A αβ B β ]. If V M ϕ ( A αβ ) is defined, V M ϕ ( B β ) is defined, and thefunction V M ϕ ( A αβ ) is defined at the argument V M ϕ ( B β ), then V M ϕ ( D δ ) = V M ϕ ( A αβ )( V M ϕ ( B β )) , the value of the function V M ϕ ( A αβ ) at the argument V M ϕ ( B β ). Otherwise, V M ϕ ( D δ ) = F if α = o and V M ϕ ( D δ ) is undefined if α = o .4. Let D δ be [ λ x β B α ]. Then V M ϕ ( D δ ) is the (partial or total) function f ∈ D αβ such that, for each d ∈ D β , f ( d ) = V M ϕ [ x α d ] ( B α ) if V M ϕ [ x α d ] ( B α )is defined and f ( d ) is undefined if V M ϕ [ x α d ] ( B α ) is undefined.5. Let D δ be [ c A o B α C α ]. If V M ϕ ( A o ) = T and V M ϕ ( B α ) is defined, then V M ϕ ( D δ ) = V M ϕ ( B α ). If V M ϕ ( A o ) = T and V M ϕ ( B α ) is undefined, then V M ϕ ( D δ ) is undefined. If V M ϕ ( A o ) = F and V M ϕ ( C α ) is defined, then V M ϕ ( D δ ) = V M ϕ ( C α ). If V M ϕ ( A o ) = F and V M ϕ ( C α ) is undefined, then V M ϕ ( D δ ) is undefined.6. Let D δ be [ q A α ]. Then V M ϕ ( D δ ) = E ( A α ).7. Let D δ be [ e A ǫ x α ]. If V M ϕ ( A ǫ ) is defined, E − ( V M ϕ ( A ǫ )) is an evaluation-free wff α , and V M ϕ ( E − ( V M ϕ ( A ǫ ))) is defined, then V M ϕ ( D δ ) = V M ϕ ( E − ( V M ϕ ( A ǫ ))) . Otherwise, V M ϕ ( D δ ) = F if α = o and V M ϕ ( D δ ) is undefined if α = o . Proposition 3.3.1
General models for Q uqe0 exist. Proof
It is easy to construct an interpretation M = h{D α | α ∈ T } , J i that isa general model for Q uqe0 for which D αβ is the set of all total functions from D β to D α if α = o and is the set of all partial and total functions from D β to D α if α = o for all α, β ∈ T . ✷ An interpretation M = h{D α | α ∈ T } , J i is an evaluation-free model for Q uqe0 if there is a binary valuation function V M such that, for each assignment12 ∈ assign ( M ) and evaluation-free wff D δ , either V M ϕ ( D δ ) ∈ D δ or V M ϕ ( D δ )is undefined and conditions 1–6 above are satisfied for all assignments ϕ ∈ assign ( M ) and all evaluation-free wffs D δ . A general model is also an evaluation-free model. Note 9 (Valuation Function) In Q , if M is a general model, then V M istotal and the value of V M on a function abstraction is always a total function.In Q uqe0 , if M is a general model, then V M is partial and the value of V M on afunction abstraction can be either a partial or a total function. Proposition 3.3.2
Let M be a general model for Q uqe0 . Then V M is definedon all variables, primitive constants, function applications of type o , functionabstractions, conditionals of type o , quotations, and evaluations of type o and isdefined on only a proper subset of function applications of type α = o , a propersubset of conditionals of type α = o , and a proper subset of evaluations of type α = o . Note 10 (Traditional Approach) Q uqe0 satisfies the three principles of thetraditional approach to undefinedness stated in [19]. Like other traditionallogics, Q only satisfies the first principle. Note 11 (Theories of Quotation)
The semantics of the quotation operator q is based on the disquotational theory of quotation [9]. According to thistheory, a quotation of an expression e is an expression that denotes e itself.In our definition of a syntax framework, [ q A α ] denotes a value that represents A α as a syntactic entity. Andrew Polonsky presents in [55] a set of axioms forquotation operators of this kind. There are several other theories of quotationthat have been proposed [9]. Note 12 (Theories of Truth) [ e A ǫ x o ] asserts the truth of the formula repre-sented by A ǫ . Thus the evaluation operator e is a truth predicate [32]. A truthpredicate is the face of a theory of truth : the properties of a truth predicatecharacterize a theory of truth [43]. What truth is and how it can be formalizedis a fundamental research area of logic, and avoiding inconsistencies derivedfrom the liar paradox and similar statements is one of the major research issuesin the area (see [37]). Note 13 (Evaluation Semantics)
An evaluation of type α is undefined (falseif α = o ) whenever its (first) argument represents a non-evaluation-free wff α .This idea avoids the Evaluation Problem discussed in section 1. The origin ofthis idea is found in Tarski’s famous paper on the concept of truth [63, 64, 65,Theorem III]. See [36] for a different approach for overcoming the EvaluationProblem in which the argument of an evaluation is restricted to wffs that onlycontain positive occurrences of evaluations. V M ϕ ( A α ) ≃ V M ϕ ( B α ) means either V M ϕ ( A α ) and V M ϕ ( B α ) are both definedand equal or V M ϕ ( A α ) and V M ϕ ( B α ) are both undefined. Given a set X of13ariables, A α is independent of X in M if V M ϕ ( A α ) ≃ V M ϕ ′ ( A α ) for all ϕ, ϕ ′ ∈ assign ( M ) such that ϕ ( x α ) = ϕ ′ ( x α ) whenever x α X . A α is semanticallyclosed if A α is independent of X in every general model for Q uqe0 where X isthe set of all variables. A sentence is a semantically closed formula. A α is invariable if V M ϕ ( A α ) is the same value or undefined for every general model M for Q uqe0 and every ϕ ∈ assign ( M ). If A α is invariable, A α is said to denote the value V M ϕ ( A α ) when V M ϕ ( A α ) is defined and to be undefined otherwise. Proposition 3.3.3
A wff that contains variables only within a quotation or thesecond argument of an evaluation is semantically closed.
Proposition 3.3.4
Quotations and tautologous formulas are invariable.
Let H be a set of wffs o and M be a general model for Q uqe0 . A o is valid in M , written M | = A o , if V M ϕ ( A o ) = T for all assignments ϕ ∈ assign ( M ). M isa general model for H , written M | = H , if M | = B o for all B o ∈ H . We write H | = A o to mean M | = A o for every general model M for H . We write | = A o to mean ∅ | = A o .Now let A o be evaluation-free, H be a set of evaluation-free wffs o , and M be an evaluation-free model for Q uqe0 . A o is valid in M , written M | = A o , if V M ϕ ( A o ) = T for all assignments ϕ ∈ assign ( M ). M is an evaluation-free modelfor H , written M | = H , if M | = B o for all B o ∈ H . We write H | = ef A o tomean M | = A o for every evaluation-free model M for H . We write | = ef A o tomean ∅ | = ef A o . Note 14 (Semantically Closed)
Andrews shows in [2] that Q is undecid-able. Hence it is undecidable whether a formula of Q is valid in all generalmodels for Q . By similar reasoning, it is undecidable whether a formula of Q uqe0 is valid in all general models for Q uqe0 . This implies that it is undecidablewhether a conditional of the form c A o c α x α , where c α is a primitive constant,is semantically closed. (Primitive constants are semantically closed by Proposi-tion 3.3.3.) Therefore, more generally, it is undecidable whether a given wff issemantically closed. See also Note 18 in section 7. An interpretation M = h{D α | α ∈ T } , J i is a standard model for Q uqe0 if D αβ is the set of all total functions from D β to D α if α = o and is the set of all partial and total functions from D β to D α if α = o for all α, β ∈ T . Lemma 3.4.1
A standard model for Q uqe0 is also a general model for Q uqe0 . Proof
Let M be a standard model for Q uqe0 . It is easy to show that V M ϕ ( D δ )is well defined by induction on the complexity of D δ . ✷ By the proof of Proposition 3.3.1, standard models for Q uqe0 exist. A generalmodel for Q uqe0 is a nonstandard model for Q uqe0 if it is not a standard model.14 Definitions and Abbreviations
As Andrews does in [2, p. 212], we introduce in Table 3 several defined logicalconstants and abbreviations. The former includes constants for true and false,the propositional connectives, a canonical undefined wff, the projection func-tions for pairs, and some predicates for values of type ǫ . The latter includesnotation for equality, the propositional connectives, universal and existentialquantification, defined and undefined wffs, quasi-equality, definite description,conditionals, quotation, and evaluation.[ ∃ x α A o ] asserts that there is a unique x α that satisfies A o .[I x α A o ] is called a definite description . It denotes the unique x α that satisfies A o . If there is no or more than one such x α , it is undefined. Following BertrandRussell and Church, Andrews denotes this definite description operator as aninverted lower case iota ( ι ). We represent this operator by an (inverted) capitaliota (I).[ A α ↓ ] says that A α is defined, and similarly, [ A α ↑ ] says that A α is unde-fined. [ A α ≃ B α ] says that A α and B α are quasi-equal , i.e., that A α and B α are either both defined and equal or both undefined. The defined constant ⊥ α is a canonical undefined wff of type α . Note 15 (Definedness Notation) In Q , [ A α ↓ ] is always true, [ A α ↑ ] is al-ways false, [ A α ≃ B α ] is always equal to [ A α = B α ], and ⊥ α denotes anunspecified value. In this section we will show that Q uqe0 with a fixed general model and assignmentis an instance of a replete syntax framework [28]. We assume that the reader isfamiliar with the definitions in [28].Fix a general model M = h{D α | α ∈ T } , J i for Q uqe0 and an assignment ϕ ∈ assign ( M ). Let L to be the set of wffs, L α to be the set of wffs α , and D = S α D α . Choose some value ⊥ 6∈ D . Define W M ϕ : L → D ∪ {⊥} to befunction such that, for all wffs D δ , W M ϕ ( D δ ) = V M ϕ ( D δ ) if V M ϕ ( D δ ) is definedand W M ϕ ( D δ ) = ⊥ otherwise. It is then easy to prove the following threepropositions: Proposition 5.0.2 I = ( L , D ∪ {⊥} , W M ϕ ) is an interpreted language. Proposition 5.0.3 R = ( D ǫ ∪ {⊥} , E ) is a syntax representation of L . Proposition 5.0.4 ( L ǫ , I ) is a syntax language for R . We will now define quotation and evaluation functions. Let Q : L → L ǫ be the injective, total function that maps each wff D δ to its quotation p D δ q .Let E : L ǫ → L be the partial function that maps each wff ǫ A ǫ to J A ǫ K α if V M ϕ ( J A ǫ K α ) is defined for some α ∈ T and is undefined otherwise. E is welldefined since E − ( V M ϕ ( A ǫ )) is a wff of a most one type.15 A α = B α ] stands for [ Q oαα A α B α ].[ A o ≡ B o ] stands for [ Q ooo A o B o ]. T o stands for [ Q ooo = Q ooo ]. F o stands for [ λx o T o ] = [ λx o x o ].[ ∀ x α A o ] stands for [ λy α T o ] = [ λ x α A o ]. ∧ ooo stands for [ λx o λy o [[ λg ooo [ g ooo T o T o ]] = [ λg ooo [ g ooo x o y o ]]]].[ A o ∧ B o ] stands for [ ∧ ooo A o B o ]. ⊃ ooo stands for [ λx o λy o [ x o = [ x o ∧ y o ]]].[ A o ⊃ B o ] stands for [ ⊃ ooo A o B o ]. ∼ oo stands for [ Q ooo F o ].[ ∼ A o ] stands for [ ∼ oo A o ]. ∨ ooo stands for [ λx o λy o [ ∼ [[ ∼ x o ] ∧ [ ∼ y o ]]]].[ A o ∨ B o ] stands for [ ∨ ooo A o B o ].[ ∃ x α A o ] stands for [ ∼ [ ∀ x α ∼ A o ]].[ ∃ x α A o ] stands for [ ∃ x α [[ λ x α A o ] = Q oαα x α ]].[ A α = B α ] stands for [ ∼ [ A α = B α ]].[ A α ↓ ] stands for [ A α = A α ].[ A α ↑ ] stands for [ ∼ [ A α ↓ ]].[ A α ≃ B α ] stands for [ A α ↓ ∨ B α ↓ ] ⊃ [ A α = B α ].[I x α A o ] stands for [ ι α ( oα ) [ λ x α A o ]] where α = o . ⊥ o stands for F o . ⊥ α stands for [I x α [ x α = x α ]] where α = o .[ if A o B α C α ] stands for [ c A o B α C α ]. p A α q stands for [ q A α ]. J A ǫ K α stands for [ e A ǫ x α ]. fst ( α h αβ i ) stands for λz h αβ i I x α ∃ y β [ z h αβ i = pair h αβ i βα x α y β ]. snd ( β h αβ i ) stands for λz h αβ i I y β ∃ x α [ z h αβ i = pair h αβ i βα x α y β ]. var α ( oǫ ) stands for λx ǫ [ var ( oǫ ) x ǫ ∧ wff α ( oǫ ) x ǫ ]. con α ( oǫ ) stands for λx ǫ [ con ( oǫ ) x ǫ ∧ wff α ( oǫ ) x ǫ ]. eval-free α ( oǫ ) stands for λx ǫ [ eval-free oǫ x ǫ ∧ wff αoǫ x ǫ ]. syn-closed ( oǫ ) stands for λx ǫ ∀ y ǫ [ var oǫ y ǫ ⊃ not-free-in oǫǫ y ǫ x ǫ ].Table 3: Definitions and Abbreviations16 heorem 5.0.5 (Replete Syntax Framework) F = ( D ǫ ∪ {⊥} , E , L ǫ , Q, E ) is a replete syntax framework for ( L , I ) . Proof F is a syntax framework since it satisfies the following conditions:1. R is a syntax representation of L by Proposition 5.0.3.2. ( L ǫ , I ) is a syntax language for R by Proposition 5.0.4.3. For all p D δ q ∈ L , W M ϕ ( Q ( D δ )) = W M ϕ ( p D δ q )) = V M ϕ ( p D δ q )) = E ( D δ ) , i.e., the Quotation Axiom holds.4. For all p A ǫ q ∈ L ǫ , W M ϕ ( E ( A ǫ ))= W M ϕ ( J A ǫ K α )= V M ϕ ( J A ǫ K α )= V M ϕ ( E − ( V M ϕ ( A ǫ )))= W M ϕ ( E − ( W M ϕ ( A ǫ )))if E ( A ǫ ) is defined, i.e., the Evaluation Axiom holds.Finally, F is replete since L is both the object and full language of F and F hasbuild-in quotation and evaluation. ✷ In a general or evaluation-free model, the first three logical constants are spec-ified as part of the definition of an interpretation, but the remaining 12 logicalconstants, which involve the type ǫ , are not specified. In this section, eachof these latter logical constants is specified below via a set of formulas called specifying axioms . Formula schemas are used to present the specifying axioms. Specification 1 (Quotation) p A α q = E ( A α ) . Specification 2 ( var oǫ ) var oǫ p x α q . ∼ [ var oǫ p A α q ] where A α is not a variable.17 pecification 3 ( con oǫ ) con oǫ p c α q where c α is a primitive constant.2. ∼ [ con oǫ p A α q ] where A α is not a primitive constant. Specification 4 ( ǫ ) ∼ [ var oǫ A ǫ ∧ con oǫ A ǫ ].2. ∼ [ var oǫ A ǫ ∧ A ǫ = app ǫǫǫ D ǫ E ǫ ] . ∼ [ var oǫ A ǫ ∧ A ǫ = abs ǫǫǫ D ǫ E ǫ ] . ∼ [ var oǫ A ǫ ∧ A ǫ = cond ǫǫǫǫ D ǫ E ǫ F ǫ ] . ∼ [ var oǫ A ǫ ∧ A ǫ = quot ǫǫ D ǫ ] . ∼ [ var oǫ A ǫ ∧ A ǫ = eval ǫǫǫ D ǫ E ǫ ] . ∼ [ con oǫ A ǫ ∧ A ǫ = app ǫǫǫ D ǫ E ǫ ] . ∼ [ con oǫ A ǫ ∧ A ǫ = abs ǫǫǫ D ǫ E ǫ ] . ∼ [ con oǫ A ǫ ∧ A ǫ = cond ǫǫǫǫ D ǫ E ǫ F ǫ ] . ∼ [ con oǫ A ǫ ∧ A ǫ = quot ǫǫ D ǫ ] . ∼ [ con oǫ A ǫ ∧ A ǫ = eval ǫǫǫ D ǫ E ǫ ] . app ǫǫǫ A ǫ B ǫ = abs ǫǫǫ D ǫ E ǫ . app ǫǫǫ A ǫ B ǫ = cond ǫǫǫ D ǫ E ǫ F ǫ . app ǫǫǫ A ǫ B ǫ = quot ǫǫ D ǫ . app ǫǫǫ A ǫ B ǫ = eval ǫǫǫ D ǫ E ǫ . abs ǫǫǫ A ǫ B ǫ = cond ǫǫǫǫ D ǫ E ǫ F ǫ . abs ǫǫǫ A ǫ B ǫ = quot ǫǫ D ǫ . abs ǫǫǫ A ǫ B ǫ = eval ǫǫǫ D ǫ E ǫ . cond ǫǫǫǫ A ǫ B ǫ C ǫ = quot ǫ D ǫ . cond ǫǫǫǫ A ǫ B ǫ C ǫ = eval ǫǫ D ǫ E ǫ . quot ǫǫ A ǫ = eval ǫǫǫ D ǫ E ǫ . p x α q = p y β q where x α = y α .23. p c α q = p d β q where c α and d α are different primitive constants.184. app ǫǫǫ A ǫ B ǫ = app ǫǫǫ D ǫ E ǫ ⊃ [ A ǫ = D ǫ ∧ B ǫ = E ǫ ] . abs ǫǫǫ A ǫ B ǫ = abs ǫǫǫ D ǫ E ǫ ⊃ [ A ǫ = D ǫ ∧ B ǫ = E ǫ ] . cond ǫǫǫ A ǫ B ǫ C ǫ = cond ǫǫǫ D ǫ E ǫ F ǫ ⊃ [ A ǫ = D ǫ ∧ B ǫ = E ǫ ∧ C ǫ = F ǫ ] . quot ǫǫ A ǫ = quot ǫǫ D ǫ ⊃ A ǫ = D ǫ . eval ǫǫǫ A ǫ B ǫ = eval ǫǫǫ D ǫ E ǫ ⊃ [ A ǫ = D ǫ ∧ B ǫ = E ǫ ] .
29. [ A o ∧ A o ∧ A o ∧ A o ∧ A o ∧ A o ∧ A o ] ⊃ ∀ x ǫ [ p oǫ x ǫ ] where: A o is ∀ x ǫ [ var oǫ x ǫ ⊃ p oǫ x ǫ ]. A o is ∀ x ǫ [ con oǫ x ǫ ⊃ p oǫ x ǫ ]. A o is ∀ x ǫ ∀ y ǫ [[ p oǫ x ǫ ∧ p oǫ y ǫ ∧ [ app ǫǫǫ x ǫ y ǫ ] ↓ ] ⊃ p oǫ [ app ǫǫǫ x ǫ y ǫ ]]. A o is ∀ x ǫ ∀ y ǫ [[ p oǫ x ǫ ∧ p oǫ y ǫ ∧ [ abs ǫǫǫ x ǫ y ǫ ] ↓ ] ⊃ p oǫ [ abs ǫǫǫ x ǫ y ǫ ]]. A o is ∀ x ǫ ∀ y ǫ ∀ z ǫ [[ p oǫ x ǫ ∧ p oǫ y ǫ ∧ p oǫ z ǫ ∧ [ cond ǫǫǫǫ x ǫ y ǫ z ǫ ] ↓ ] ⊃ p oǫ [ cond ǫǫǫǫ x ǫ y ǫ z ǫ ]]. A o is ∀ x ǫ [ p oǫ x ǫ ⊃ p oǫ [ quot ǫǫ x ǫ ]]. A o is ∀ x ǫ ∀ y ǫ [[ p oǫ x ǫ ∧ p oǫ y ǫ ∧ [ eval ǫǫǫ x ǫ y ǫ ] ↓ ] ⊃ p oǫ [ eval ǫǫǫ x ǫ y ǫ ]]. Specification 5 ( eval-free oǫ ) var oǫ A ǫ ⊃ eval-free oǫ A ǫ . con oǫ A ǫ ⊃ eval-free oǫ A ǫ .
3. [ app ǫǫǫ A ǫ B ǫ ] ↓ ⊃ eval-free oǫ [ app ǫǫǫ A ǫ B ǫ ] ≡ [ eval-free oǫ A ǫ ∧ eval-free oǫ B ǫ ] .
4. [ abs ǫǫǫ A ǫ B ǫ ] ↓ ⊃ eval-free oǫ [ abs ǫǫǫ A ǫ B ǫ ] ≡ eval-free oǫ B ǫ .
5. [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] ↓ ⊃ eval-free oǫ [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] ≡ [ eval-free oǫ A ǫ ∧ eval-free oǫ B ǫ ∧ eval-free oǫ C ǫ ] . A ǫ ↓ ⊃ eval-free oǫ [ quot ǫǫ A ǫ ] . ∼ [ eval-free oǫ [ eval ǫǫǫ A ǫ B ǫ ]] . Specification 6 ( wff αoǫ ) wff αoǫ p x α q . wff αoǫ p c α q where c α is a primitive constant.3. [ wff αβoǫ A ǫ ∧ wff βoǫ B ǫ ] ⊃ wff αoǫ [ app ǫǫǫ A ǫ B ǫ ] .
19. [ wff ιoǫ A ǫ ∨ wff ooǫ A ǫ ∨ wff ǫoǫ A ǫ ∨ wff h αβ i oǫ A ǫ ] ⊃ [ app ǫǫǫ A ǫ B ǫ ] ↑ .
5. [ wff αβoǫ A ǫ ∧ ∼ [ wff βoǫ B ǫ ]] ⊃ [ app ǫǫǫ A ǫ B ǫ ] ↑ .
6. [ var αoǫ A ǫ ∧ wff βoǫ B ǫ ] ⊃ wff βαoǫ [ abs ǫǫǫ A ǫ B ǫ ] . ∼ [ var oǫ A ǫ ] ⊃ [ abs ǫǫǫ A ǫ B ǫ ] ↑ .
8. [ wff ooǫ A ǫ ∧ wff αoǫ B ǫ ∧ wff αoǫ C ǫ ] ⊃ wff αoǫ [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] .
9. [ ∼ [ wff ooǫ A ǫ ] ∨ [ wff αoǫ B ǫ ∧ wff βoǫ C ǫ ]] ⊃ [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] ↑ where α = β .10. A ǫ ↓ ⊃ wff ǫoǫ [ quot ǫǫ A ǫ ] .
11. [ wff ǫoǫ A ǫ ∧ var αoǫ B ǫ ] ⊃ wff αoǫ [ eval ǫǫǫ A ǫ B ǫ ] .
12. [ ∼ [ wff ǫoǫ A ǫ ] ∨ ∼ [ var oǫ B ǫ ]] ⊃ [ eval ǫǫǫ A ǫ B ǫ ] ↑ . ∼ [ wff αoǫ A ǫ ∧ wff βoǫ A ǫ ] where α = β . Specification 7 ( not-free-in oǫǫ ) var oǫ A ǫ ⊃ ∼ [ not-free-in oǫǫ A ǫ A ǫ ] .
2. [ var oǫ A ǫ ∧ var oǫ B ǫ ∧ A ǫ = B ǫ ] ⊃ not-free-in oǫǫ A ǫ B ǫ .
3. [ var oǫ A ǫ ∧ con oǫ B ǫ ] ⊃ not-free-in oǫǫ A ǫ B ǫ .
4. [ var oǫ A ǫ ∧ [ app ǫǫǫ B ǫ C ǫ ] ↓ ] ⊃ not-free-in oǫǫ A ǫ [ app ǫǫǫ B ǫ C ǫ ] ≡ [ not-free-in oǫǫ A ǫ B ǫ ∧ not-free-in oǫǫ A ǫ C ǫ ] .
5. [ abs ǫǫǫ A ǫ B ǫ ] ↓ ⊃ not-free-in oǫǫ A ǫ [ abs ǫǫǫ A ǫ B ǫ ] .
6. [ var oǫ A ǫ ∧ [ abs ǫǫǫ B ǫ C ǫ ] ↓ ∧ A ǫ = B ǫ ] ⊃ not-free-in oǫǫ A ǫ [ abs ǫǫǫ B ǫ C ǫ ] ≡ not-free-in oǫǫ A ǫ C ǫ .
7. [ var oǫ A ǫ ∧ [ cond ǫǫǫǫ D ǫ E ǫ F ǫ ] ↓ ] ⊃ not-free-in oǫǫ A ǫ [ cond ǫǫǫǫ D ǫ E ǫ F ǫ ] ≡ [ not-free-in oǫǫ A ǫ D ǫ ∧ not-free-in oǫǫ A ǫ E ǫ ∧ not-free-in oǫǫ A ǫ F ǫ ] .
8. [ var oǫ A ǫ ∧ B ǫ ↓ ] ⊃ not-free-in oǫǫ A ǫ [ quot ǫǫ B ǫ ] .
9. [ var oǫ A ǫ ∧ var αoǫ C ǫ ∧ [ eval ǫǫǫ B ǫ C ǫ ] ↓ ] ⊃ not-free-in oǫǫ A ǫ [ eval ǫǫǫ B ǫ C ǫ ] ≡ [ syn-closed oǫ B ǫ ∧ eval-free ǫoǫ B ǫ ∧ eval-free αoǫ J B ǫ K ǫ ∧ not-free-in oǫǫ A ǫ J B ǫ K ǫ ] . ∼ [ var oǫ A ǫ ] ⊃ not-free-in oǫǫ A ǫ B ǫ . pecification 8 ( cleanse ǫǫ ) var oǫ A ǫ ⊃ cleanse ǫǫ A ǫ = A ǫ . con oǫ A ǫ ⊃ cleanse ǫǫ A ǫ = A ǫ .
3. [ app ǫǫǫ A ǫ B ǫ ] ↓ ⊃ cleanse ǫǫ [ app ǫǫǫ A ǫ B ǫ ] ≃ app ǫǫǫ [ cleanse ǫǫ A ǫ ] [ cleanse ǫǫ B ǫ ] .
4. [ abs ǫǫǫ A ǫ B ǫ ] ↓ ⊃ cleanse ǫǫ [ abs ǫǫǫ A ǫ B ǫ ] ≃ abs ǫǫǫ A ǫ [ cleanse ǫǫ B ǫ ] .
5. [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] ↓ ⊃ cleanse ǫǫ [ cond ǫǫǫǫ A ǫ B ǫ C ǫ ] ≃ cond ǫǫǫǫ [ cleanse ǫǫ A ǫ ] [ cleanse ǫǫ B ǫ ] [ cleanse ǫǫ C ǫ ] . cleanse ǫǫ [ quot ǫǫ A ǫ ] ≃ [ quot ǫǫ A ǫ ] .
7. [ var αoǫ B ǫ ∧ [ eval ǫǫǫ A ǫ B ǫ ] ↓ ] ⊃ cleanse ǫǫ [ eval ǫǫǫ A ǫ B ǫ ] ≃ if [ syn-closed oǫ E ǫ ∧ eval-free αoǫ J E ǫ K ǫ ] J E ǫ K ǫ ⊥ ǫ where E ǫ is [ cleanse ǫǫ A ǫ ] . Specification 9 ( sub ǫǫǫǫ )
1. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ B ǫ = cleanse ǫǫ A ǫ .
2. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ var oǫ C ǫ ∧ B ǫ = C ǫ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ C ǫ = C ǫ .
3. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ con oǫ C ǫ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ C ǫ = C ǫ .
4. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ [ app ǫǫǫ D ǫ E ǫ ] ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ app ǫǫǫ D ǫ E ǫ ] ≃ app ǫǫǫ [ sub ǫǫǫǫ A ǫ B ǫ D ǫ ] [ sub ǫǫǫǫ A ǫ B ǫ E ǫ ] .
5. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ [ abs ǫǫǫ B ǫ E ǫ ] ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ abs ǫǫǫ B ǫ E ǫ ] ≃ abs ǫǫǫ B ǫ [ cleanse ǫǫ A ǫ ] .
6. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ var oǫ D ǫ ∧ B ǫ = D ǫ ∧ [ abs ǫǫǫ D ǫ E ǫ ] ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ abs ǫǫǫ D ǫ E ǫ ] ≃ if [ not-free-in oǫǫ B ǫ E ǫ ∨ not-free-in oǫǫ D ǫ A ǫ ][ abs ǫǫǫ D ǫ [ sub ǫǫǫǫ A ǫ B ǫ E ǫ ]] ⊥ ǫ .
21. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ [ cond ǫǫǫǫ D ǫ E ǫ F ǫ ] ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ cond ǫǫǫǫ D ǫ E ǫ F ǫ ] ≃ cond ǫǫǫǫ [ sub ǫǫǫǫ A ǫ B ǫ D ǫ ] [ sub ǫǫǫǫ A ǫ B ǫ E ǫ ] [ sub ǫǫǫǫ A ǫ B ǫ F ǫ ] .
8. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ C ǫ ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ quot ǫǫ C ǫ ] = quot ǫǫ C ǫ .
9. [ wff αoǫ A ǫ ∧ var αoǫ B ǫ ∧ var βoǫ E ǫ ∧ [ eval ǫǫǫ D ǫ E ǫ ] ↓ ] ⊃ sub ǫǫǫǫ A ǫ B ǫ [ eval ǫǫǫ D ǫ E ǫ ] ≃ if [ syn-closed oǫ E ǫ ∧ eval-free βoǫ J E ǫ K ǫ ] E ǫ ⊥ ǫ where: E ǫ is [ sub ǫǫǫǫ A ǫ B ǫ D ǫ ] . E ǫ is [ sub ǫǫǫǫ A ǫ B ǫ J E ǫ K ǫ ] .
10. [ wff αoǫ A ǫ ∧ ∼ [ var αoǫ B ǫ ] ⊃ [ sub ǫǫǫǫ A ǫ B ǫ C ǫ ] ↑ . Let S be the total set of specifying axioms given above. A general model M for Q uqe0 is normal if M | = A o for all A o ∈ S . We write H | = n A o to mean M | = A o for every normal general model M for H where H is a set of wffs o .We write | = n A o to mean ∅ | = n A o . A o is valid in Q uqe0 if | = n A o .An evaluation-free model M for Q uqe0 is normal if M | = A o for all evaluation-free A o ∈ S . We write H | = efn A o to mean M | = A o for every normal evaluation-free model M for H where A o is evaluation-free and H is a set of evaluation-freewffs o . We write | = efn A o to mean ∅ | = efn A o .Since standard models exist, normal general models (and hence normalevaluation-free models) exist by Corollary 6.2.3 given below. Proposition 6.2.1
Let M be a normal general model for Q uqe0 . Then V M ϕ ( E ( A α )) = E ( A α ) for all ϕ ∈ assign ( M ) and A α . Proof
Immediate from the Specification 1 and the semantics of quotation. ✷ Note 16 (Construction Literals)
The previous proposition says that a wffof the form E ( A α ) denotes itself. Thus each image of E is a literal : its valueis directly represented by its syntax. Quotation can be viewed as an operationthat constructs literals for syntactic values. Florian Rabe explores in [57] a kindof quotation that constructs literals for syntactic values. Note 17 (Quasiquotation)
Quasiquotation is a parameterized form of quo-tation in which the parameters serve as holes in a quotation that are filled withthe values of expressions. It is a very powerful syntactic device for specifying ex-pressions and defining macros. Quasiquotation was introduced by Willard VanOrman Quine in 1940 in the first version of his book
Mathematical Logic [56]. It22as been extensively employed in the Lisp family of programming languages [4]. A quasiquotation in Q uqe0 is a wff of the form E ( A α ) where some of its subwffshave been replaced by wffs ǫ . As an example, suppose A α is ∧ ooo F o T o and so E ( A α ) is app ǫǫǫ [ app ǫǫǫ p ∧ ooo q E ( F o )] E ( T o ) . Then app ǫǫǫ [ app ǫǫǫ p ∧ ooo q B ǫ ] C ǫ is a quasiquotation that we will write in the more suggestive form p ∧ ooo ⌊ B ǫ ⌋⌊ C ǫ ⌋ q . ⌊ B ǫ ⌋ and ⌊ C ǫ ⌋ are holes in the quotation p A α q that are filled with the valuesof B ǫ and C ǫ . For instance, if B ǫ and C ǫ are p D o q and p E o q , then p ∧ ooo ⌊ B ǫ ⌋⌊ C ǫ ⌋ q = p ∧ ooo ⌊ p D o q ⌋⌊ p E o q ⌋ q = p ∧ ooo D o E o q . Lemma 6.2.2
Let M be a standard model, c α , . . . , c α be the 11 logi-cal constants var oǫ , con oǫ , app ǫǫǫ , abs ǫǫǫ , cond ǫǫǫǫ , quot ǫǫ , eval ǫǫǫ , eval-free oǫ , not-free-in oǫǫ , cleanse ǫǫ , and sub ǫǫǫǫ , and d αβ be the logical constant wff αoǫ for each α ∈ T . Then there are unique functions f ∈ D α , . . . , f ∈ D α and g α ∈ D β for each α ∈ T such that the members of S are satisfied when c α , . . . , c α and d αβ for each α ∈ T are interpreted in M by f , . . . , f and g α for each α ∈ T ,respectively. Proof
Let M = h{D α | α ∈ T } , J i be a standard model for Q uqe0 . Then D ǫ = {E ( A α ) | A α is a wff } by the Proposition 6.3.1 stated below. f is thepredicate p ∈ D oǫ such that, for all wffs A α , p ( E ( A α )) = T iff A α is a variable. f is the predicate p ∈ D oǫ such that, for all wffs A α , p ( E ( A α )) = T iff A α is aprimitive constant. f is the function f ∈ D ǫǫǫ such that, for all wffs A α and B β , if [ A α B β ]is a wff, then f ( E ( A α ))( E ( B β )) is the wff [ app ǫǫǫ E ( A α ) E ( B β )], and otherwise f ( E ( A α ))( E ( B β )) is undefined. f is the function f ∈ D ǫǫǫ such that, forall wffs A α and B β , if [ λ A α B β ] is a wff, then f ( E ( A α ))( E ( B β )) is the wff[ abs ǫǫǫ E ( A α ) E ( B β )], and otherwise f ( E ( A α ))( E ( B β )) is undefined. f is thefunction f ∈ D ǫǫǫǫ such that, for all wffs A o , B α , and C α , if [ c A o B α C α ] is awff, then f ( E ( A o ))( E ( B α ))( E ( C α )) is the wff [ cond ǫǫǫǫ A o B α C α ], and otherwise f ( E ( A o ))( E ( B α ))( E ( C α )) is undefined. f is the function f ∈ D ǫǫ such that,for all wffs A α , f ( E ( A α )) is the wff [ quot ǫǫ E ( A α )]. f is the function f ∈ D ǫǫǫ such that, for all wffs A α and B β , if [ e A α B β ] is a wff, then f ( E ( A α ))( E ( B β ))is the wff [ eval ǫǫǫ E ( A α ) E ( B β )], and otherwise f ( E ( A α ))( E ( B β )) is undefined. f is the predicate p ∈ D oǫ such that, for all wffs A α , p ( E ( A α )) = T iff A α is evaluation-free. And, for each α , g α is the predicate p ∈ D oǫ such that, for In Lisp, the standard symbol for quasiquotation is the backquote ( ‘ ) symbol, and thus inLisp, quasiquotation is usually called backquote . A β , p ( E ( A β )) = T iff β = α . All of these functions above clearly satisfythe specifying axioms in S that pertain to them. f is the unique function constructed by defining f ( E ( A α ))( E ( B β )) forall wffs A α and B β by recursion on the complexity of B β in accordance withSpecification 7. f and f are constructed similarly. ✷ Corollary 6.2.3 If M is a standard model for Q uqe0 , then there is normal stan-dard model M ′ for Q uqe0 having the same frame as M . A normal general model or evaluation-free model is a general or evaluation-free model M = h{D α | α ∈ T } , J i in which the structure of the domain D ǫ isaccessible via the logical constants involving ǫ . From this point on, we will onlybe interested in general and evaluation-free models that are normal. Let M = h{D α | α ∈ T } , J i be a normal general model and d ∈ D ǫ . The con-struction d is standard if d = E ( A α ) for some wff A α and is nonstandard if it isnot standard. That is, if d is nonstandard, then d ∈ D ǫ \ {E ( A α ) | A α is a wff } .One might think that Specification 4.29, the induction principle for thetype ǫ , would rule out the possibility of nonstandard constructions in M . Thisis the case only when D oǫ contains all possible predicates. Thus the followingproposition holds: Proposition 6.3.1 If M is a normal standard model for Q uqe0 , then D ǫ = {E ( A α ) | A α is a wff } , i.e., M contains no nonstandard constructions. The variables of type ǫ in the specifying axioms given by Specifications 1–9 thus range over both standard and nonstandard constructions in a normalgeneral model with nonstandard constructions. We will examine some basicresults about having nonstandard constructions present in a normal generalmodel. Lemma 6.3.2
Let M be a normal general model for Q uqe0 and ϕ ∈ assign ( M ) .Suppose V M ϕ ( A ǫ ) is a nonstandard construction. Then V M ϕ ( J A ǫ K γ ) = F if γ = o and V M ϕ ( J A ǫ K γ ) is undefined if γ = o . Proof
Immediate from the semantics of evaluation. ✷ Lemma 6.3.3
Let M be a normal general model for Q uqe0 and ϕ ∈ assign ( M ) .1. If V M ϕ ( app ǫǫǫ x ǫ y ǫ ) is defined, then ϕ ( x ǫ ) and ϕ ( y ǫ ) are standard construc-tions iff V M ϕ ( app ǫǫǫ x ǫ y ǫ ) is a standard construction.2. If V M ϕ ( abs ǫǫǫ x ǫ y ǫ ) is defined, then ϕ ( x ǫ ) and ϕ ( y ǫ ) are standard construc-tions iff V M ϕ ( abs ǫǫǫ x ǫ y ǫ ) is a standard construction. . If V M ϕ ( cond ǫǫǫǫ x ǫ y ǫ z ǫ ) is defined, then ϕ ( x ǫ ) , ϕ ( y ǫ ) , and ϕ ( z ǫ ) are stan-dard constructions iff V M ϕ ( app ǫǫǫ x ǫ y ǫ z ǫ ) is a standard construction.4. ϕ ( x ǫ ) is a standard construction iff V M ϕ ( quot ǫǫ x ǫ ) is a standard construc-tion.5. If V M ϕ ( eval ǫǫǫ x ǫ y ǫ ) is defined, then ϕ ( x ǫ ) and ϕ ( y ǫ ) are standard con-structions iff V M ϕ ( eval ǫǫǫ x ǫ y ǫ ) is a standard construction. ProofPart 1
Let V M ϕ ( app ǫǫǫ x ǫ y ǫ ) be defined. Assume ϕ ( x ǫ ) and ϕ ( y ǫ ) are standardconstructions. Then ϕ ( x ǫ ) = E ( A αβ ) and ϕ ( y ǫ ) = E ( B β ) for some wffs A αβ and B β by Specifications 6.4 and 6.5. Hence, by the definition of E , V M ϕ ( app ǫǫǫ x ǫ y ǫ )= V M ϕ ( app ǫǫǫ E ( A αβ ) E ( B β ))= V M ϕ ( E ( A αβ B β )) , which is clearly a standard construction.Now assume V M ϕ ( app ǫǫǫ x ǫ y ǫ ) is a standard construction. Then, by Specifi-cations 4.1–21 and Specifications 6.4 and 6.5, V M ϕ ( app ǫǫǫ )( ϕ ( x ǫ ))( ϕ ( y ǫ ))= V M ϕ ( app ǫǫǫ x ǫ y ǫ )= V M ϕ ( app ǫǫǫ E ( A αβ ) E ( B β ))= V M ϕ ( app ǫǫǫ )( E ( A αβ ))( E ( B β ))for some wffs A αβ and B β . Hence ϕ ( x ǫ ) = E ( A αβ ) and ϕ ( y ǫ ) = E ( B β ) bySpecification 4.24 and are thus standard constructions. Parts 2–5
Similar to Part 1. ✷ Let ϕ ∈ assign ( M ). Suppose V M ϕ ( sub ǫǫǫǫ x ǫ y ǫ z ǫ ) is a standard construc-tion. Does this imply that ϕ ( x ǫ ), ϕ ( y ǫ ), and ϕ ( z ǫ ) are standard construc-tions? The answer is no: Let ϕ ( x ǫ ) = E ( c α ) for some constant c α and ϕ ( y ǫ ) = ϕ ( z ǫ ) be a nonstandard construction such that V M ϕ ( var αoǫ y ǫ ) = T .Then V M ϕ ( sub ǫǫǫǫ x ǫ y ǫ z ǫ ) = E ( c α ) by Specifications 3.1, 6.2, 8.2, and 9.1.However, the following result does hold: Lemma 6.3.4
Let M be a normal general model for Q uqe0 and ϕ ∈ assign ( M ) .If ϕ ( x ǫ ) , ϕ ( y ǫ ) , and V M ϕ ( sub ǫǫǫǫ x ǫ y ǫ z ǫ ) are standard constructions and V M ϕ ( eval-free oǫ z ǫ ) = T , then ϕ ( z ǫ ) is a standard construction. Proof
Let V M ϕ ( sub ǫǫǫǫ x ǫ y ǫ z ǫ ) = E ( A α ) for some wff A α . Then the proof ofthe lemma is by induction on the size of A α . ✷ .4 Example: Infinite Dependency Having specified the logical constant var oǫ in this section, we are now ready topresent the following simple, but very interesting example.Let M = h{D α | α ∈ T } , J i be a normal general model for Q uqe0 with D ǫ = {E ( A α ) | A α is a wff } and ϕ ∈ assign ( M ). Let A o be the simple formula ∀ x ǫ [ var ooǫ x ǫ ⊃ J x ǫ K o ]involving evaluation. If we forget about evaluation, A o looks like a semanti-cally close formula — which is not the case! By the semantics of universalquantification V M ϕ ( A o ) = T iff V M ϕ [ x ǫ ( B α )] ( var ooǫ x ǫ ⊃ J x ǫ K o ) = T for every wff B α . If B α is not a variable of type o , then V M ϕ [ x ǫ ( B α )] ( var ooǫ x ǫ ) = F , and so V M ϕ [ x ǫ ( B α )] ( var ooǫ x ǫ ⊃ J x ǫ K o ) = T . If B α is a variable y o , then V M ϕ [ x ǫ ( y o )] ([ var ooǫ x ǫ ⊃ J x ǫ K o ])= V M ϕ [ x ǫ ( y o )] ( J x ǫ K o )= V M ϕ [ x ǫ ( y o )] ( E − ( V M ϕ [ x ǫ ( y o )] ( x ǫ )))= V M ϕ [ x ǫ ( y o )] ( E − ( E ( y o )))= V M ϕ [ x ǫ ( y o )] ( y o )= ϕ ( y o ) . Hence V M ϕ ( A o ) = T iff ϕ ( y o ) = T for all variables y o of type o . Therefore, notonly is A o not semantically closed, its value in M depends on the values assignedto infinitely many variables. In contrast, the value of any evaluation-free wffdepends on at most finitely many variables. Our next task is to construct a proof system P uqe for Q uqe0 based on the proofsystem of Q u0 . We need a mechanism for substituting a wff A α for a free variable x α in another wff B α so that we can perform beta-reduction in P uqe . Beta-reduction is performed in the proof system of Q in a purely syntactic way usingthe basic properties of lambda-notation stated as Axioms 4 –4 in [2]. Due to theVariable Problem discussed in section 1, P uqe requires a semantics-dependentform of substitution. There is no easy way of extending or modifying Axioms4 –4 to cover all function abstractions that contain evaluations. Instead, wewill utilize a form of explicit substitution [1]. We will also utilize as well thebasic properties of lambda-notation that remain valid in Q uqe0 .The law of beta-reduction for Q u0 is expressed as the schema A α ↓ ⊃ [[ λ x α B β ] A α ≃ S x α A α B β ]where A α is free for x α in B β and S x α A α B β is the result of substituting A α foreach free occurrence of x α in B β . The law of beta-reduction for Q uqe0 will be Andrews uses S . (with a dot) instead of S for substitution in [2]. A α ↓ ∧ sub ǫǫǫǫ p A α q p x α q p B β q = p C β q ] ⊃ [ λ x α B β ] A α ≃ C β without the syntactic side condition that A α is free for x α in B β and with theresult of the substitution expressed by the wff sub ǫǫǫǫ p A α q p x α q p B β q . Thelogical constant sub ǫǫǫǫ was specified in the previous section. We will prove inthis section that the law of beta-reduction for Q uqe0 stated above — in whichsubstitution is represented by sub ǫǫǫǫ — is valid in Q uqe0 . sub ǫǫǫǫ The specification of sub ǫǫǫǫ needs to satisfy the following requirements:
Requirement 1
When sub ǫǫǫǫ p A α q p x α q p B β q is defined, its value mustrepresent the wff β that results from substituting A α for each free occurrenceof x α in B β . More precisely, for any normal general model M for Q uqe0 , if M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↓ , then V M ϕ ( J sub ǫǫǫǫ p A α q p x α q p B β q K β ) ≃ V M ϕ [ x α M ϕ ( A α )] ( B β )must be true for all ϕ ∈ assign ( M ) such that V M ϕ ( A α ) is defined. Satisfy-ing this requirement is straightforward when A α and B β are evaluation-free. Since the semantics of evaluation involves a double application of V M ϕ , the specification of sub ǫǫǫǫ p A α q p x α q p B β q must include a doublesubstitution when B β is an evaluation. Requirement 2 sub ǫǫǫǫ p A α q p x α q p B β q must be undefined when sub-stitution would result in a variable capture. To avoid variable capture weneed to check whether a variable does not occur freely in a wff. We havespecified the logical constant not-free-in oǫǫ to do this.
Requirement 3
When sub ǫǫǫǫ p A α q p x α q p B β q is defined, its value mustrepresent an evaluation-free wff β . Otherwise J sub ǫǫǫǫ p A α q p x α q p B β q K β will be undefined. We will “cleanse” any evaluations that remain after asubstitution by effectively replacing each wff of the form p J A ǫ K α q with[ if [ eval-free αoǫ A ǫ ] A ǫ ⊥ ǫ ] . We have specified the logical constant cleanse ǫǫ to do this. Requirement 4
When sub ǫǫǫǫ p A α q p x α q p B β q is defined, its value mustbe semantically closed. That is, the variables occurring in A α or B β mustnot be allowed to escape outside of a quotation. To avoid such variableescape when a wff of the form p J A ǫ K α q is cleansed as noted above, weneed to enforce that A ǫ is semantically closed. We have used the definedconstant syn-closed oǫ to do this. 27 equirement 5 sub ǫǫǫǫ p A α q p x α q p B β q is defined in the casescorresponding to when substitution is defined in Q . More precisely, sub ǫǫǫǫ p A α q p x α q p B β q is defined whenever A α and B β are evaluation-free, A α is defined, and substituting A α for each free occurrence of x α in B β does not result in a variable capture.We will prove a series of lemmas that show (1) the properties that not-free-in oǫǫ , cleanse ǫǫ , and sub ǫǫǫǫ have and (2) that sub ǫǫǫǫ satisfies Require-ments 1–5. Proposition 7.2.1 (Meaning of eval-free αoǫ ) Let M be a normal generalmodel for Q uqe0 . M | = eval-free αoǫ p A α q iff A α is evaluation-free. Proof
Immediate from the specification of eval-free αoǫ . ✷ Lemma 7.2.2 (Evaluation-Free)
Let M be a normal general model for Q uqe0 and A α and B β be evaluation-free.1. not-free-in oǫǫ p x α q p B β q , syn-closed oǫ p A α q , cleanse ǫǫ p B β q , and sub ǫǫǫǫ p A α q p x α q p B β q are invariable.2. If M | = not-free-in oǫǫ p x α q p B β q , then B β is independent of { x α } in M .3. If M | = not-free-in oǫǫ p x α q p B β q , then M | = sub ǫǫǫǫ p A α q p x α q p B β q = p B β q .4. M | = cleanse ǫǫ p B β q = p B β q .5. Either M | = sub ǫǫǫǫ p A α q p x α q p B β q = p C β q for some evaluation-free C β or M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↑ .6. M | = ∼ [ not-free-in oǫǫ p x α q p B β q ] for at most finitely many variables x α . Proof
Parts 1–5 follow straightforwardly by induction on the size of p B β q .Part 6 follows from the fact that M | = ∼ [ not-free-in oǫǫ p x α q p B β q ] implies p x α q occurs in p B β q . ✷ By virtue of Lemma 7.2.2 (particularly part 1), several standard defini-tions of predicate logic that are not applicable to wffs in general are appli-cable to evaluation-free wffs. Let A α , B β , and C o be evaluation-free wffs.A variable x α is bound in B β if not-free-in oǫǫ p x α q p B β q denotes T and is free in B β if not-free-in oǫǫ p x α q p B β q denotes F . A α is syntactically closed if syn-closed oǫ p A α q denotes T . A universal closure of C o is a formula ∀ x α · · · ∀ x nα n C o such that y β is free in C o iff y β ∈ { x α , . . . , x nα n } .28 emma 7.2.3 (Universal Closures) Let M be a normal general model for Q uqe0 , A o be an evaluation-free formula, and B o be a universal closure of A o .1. B o is syntactically closed.2. M | = A o iff M | = B o . Proof
Part 1 follows from the definitions of universal closure and syntacticallyclosed. Part 2 follows from the semantics of universal quantification. ✷ Note 18 (Syntactically Closed)
It is clearly decidable whether anevaluation-free wff is syntactically closed. Is it also decidable whether anon-evaluation-free wff A α is syntactically closed (i.e., | = syn-closed oǫ p A α q holds)? Since Q uqe0 is undecidable, it follows that it is undecidable whether | = syn-closed oǫ p A α q holds when A α has the form J if B o p c α q p x α q K α , where c α is a primitive constant. Therefore, it undecidable whether a non-evaluation-free wff is syntactically closed. Lemma 7.2.4 (Semantically Closed)
Let M be a normal general model for Q uqe0 .1. If A α is evaluation-free and syntactically closed, then A α is semanticallyclosed.2. If A ǫ is semantically closed, then either M | = A ǫ = p B β q for some B β or M | = J A ǫ K γ ≃ ⊥ γ for all γ ∈ T .3. If A ǫ is semantically closed, M | = syn-closed oǫ A ǫ , and M | = eval-free αoǫ A ǫ , then J A ǫ K α is semantically closed. ProofPart 1
Follows immediately from part 2 of Lemma 7.2.2.
Part 2
Assume A ǫ is semantically closed. Let ϕ ∈ assign ( M ). If V M ϕ ( A ǫ ) isundefined or E − ( V M ϕ ( A ǫ )) is undefined, then M | = J A ǫ K γ ≃ ⊥ γ for all γ ∈ T .So we may assume E − ( V M ϕ ( A ǫ )) is some wff B β . Then V M ϕ ( p B β q ) = E ( B β ) = E ( E − ( V M ϕ ( A ǫ ))) = V M ϕ ( A ǫ ). The hypothesis implies E − ( V M ϕ ( A ǫ )) does notdepend on ϕ . Hence M | = A ǫ = p B β q . Part 3
Assume (a) A ǫ is semantically closed, (b) M | = syn-closed oǫ A ǫ , and(c) M | = eval-free αoǫ A ǫ . (a) and part 2 of this lemma imply either there issome B α such that (d) M | = A ǫ = p B α q or M | = J A ǫ K α ≃ ⊥ α . ⊥ α issemantically closed, so we may assume (d). (b), (c), and (d) imply (e) M | = syn-closed oǫ p B α q and (f) M | = eval-free oǫ p B α q . (f) implies B α is evaluation-free by Proposition 7.2.1, and this and (e) imply B α is syntactically closed bypart 1 of Lemma 7.2.2. Thus B α is semantically closed by part 1 of this lemma.Therefore, J A ǫ K α is semantically closed since M | = B α ≃ J p B α q K α by (f) and M | = J p B α q K α = J A ǫ K α by (d). ✷ .3 Properties of not-free-in oǫǫ Lemma 7.3.1 (Not Free In)
Let M be a normal general model for Q uqe0 .1. If X is a set of variables such that M | = not-free-in oǫǫ p x α q p B β q for all x α ∈ X , then B β is independent of X in M .2. If M | = not-free-in oǫǫ p x α q p B β q , then V M ϕ ( B β ) ≃ V M ϕ [ x α d ] ( B β ) for all ϕ ∈ assign ( M ) and all d ∈ D α . ProofPart 1
Let X be a set of variables. Without loss of generality, we may assumethat X is nonempty. We will show that, if M | = not-free-in oǫǫ p x α q p D δ q for all x α ∈ X [designated H ( p D δ q , X )] , then D δ is independent of X in M [designated C ( D δ , X )] . Our proof is by induction on the complexity of D δ . There are 9 cases correspond-ing to the 9 parts of Specification 7 used to specify not-free-in oǫǫ p x α q p D δ q . Case 1 : D δ is a variable x α . Assume H ( p x α q , X ) is true. Then x α X by the specification of not-free-in oǫǫ . Hence C ( x α , X ) is obviously true. Case 2 : D δ is a primitive constant c α . Then C ( c α , X ) is true since everyprimitive constant is semantically closed by Proposition 3.3.3. Case 3 : D δ is A αβ B β . Assume H ( p A αβ B β q , X ) is true. Then H ( p A αβ q , X ) and H ( p B β q , X ) are true by the specification of not-free-in oǫǫ . Hence C ( A αβ , X ) and C ( B β , X ) are true by the induc-tion hypothesis. These imply C ( A αβ B β , X ) by the semantics of functionapplication. Case 4 : D δ is λ x α A β . Assume H ( p λ x α A β q , X ) is true. C ( λ x α A β , { x α } )is true by the semantics of function abstraction. H ( p λ x α A β q , X ) implies H ( p A β q , X \ { x α } ) by the specification of not-free-in oǫǫ . Hence C ( A β , X \{ x α } ) is true by the induction hypothesis. This implies C ( λ x α A β , X \{ x α } ) by the semantics of function abstraction. Therefore, C ( λ x α A β , X )holds. Case 5 : D δ is if A o B α C α . Similar to Case 3. Case 6 : D δ is p A α q . Then C ( p A α q , X ) is true since every quotation issemantically closed by Proposition 3.3.3.30 ase 7 : D δ is J A ǫ K α . Assume H ( p J A ǫ K α q , X ) is true. Then (a) M | = syn-closed oǫ p A ǫ q , (b) M | = eval-free ǫoǫ p A ǫ q , (c) M | = eval-free αoǫ A ǫ ,and (d) H ( A ǫ , X ) by the specification of not-free-in oǫǫ and the fact X is nonempty. (a) and (b) imply (e) A ǫ is semantically closed by Propo-sition 7.2.1 and part 1 of Lemma 7.2.4. (e) and part 2 of Lemma 7.2.4implies either J A ǫ K α is semantically closed or (f) E − ( V M ϕ ( A ǫ )) is de-fined for all ϕ ∈ assign ( M ). So we may assume (f). (c) and (f) imply(g) E − ( V M ϕ ( A ǫ )) is an evaluation-free wff α for all ϕ ∈ assign ( M ), andthus the complexity of E − ( V M ϕ ( A ǫ )) is less than the complexity of J A ǫ K α (for any ϕ ∈ assign ( M )). Hence (d) implies C ( E − ( V M ϕ ( A ǫ )) , X ) by theinduction hypothesis. Let ϕ, ϕ ′ ∈ assign ( M ) such that ϕ ( x α ) = ϕ ′ ( x α )whenever x α X . Then V M ϕ ( J A ǫ K β ) (1) ≃ V M ϕ ( E − ( V M ϕ ( A ǫ ))) (2) ≃ V M ϕ ′ ( E − ( V M ϕ ( A ǫ ))) (3) ≃ V M ϕ ′ ( E − ( V M ϕ ′ ( A ǫ ))) (4) ≃ V M ϕ ′ ( J A ǫ K β ) . (5)(2) is by (g) and the semantics of evaluation; (3) is by C ( E − ( V M ϕ ( A ǫ ))) , X ); (4) is by (e); and (5) is again by (g) and the se-mantics of evaluation. This implies C ( J A ǫ K β , X ). Part 2
This part of the lemma is the special case of part 1 when X is asingleton. ✷ cleanse ǫǫ Lemma 7.4.1 (Cleanse)
Let M be a normal general model for Q uqe0 .1. If M | = [ cleanse ǫǫ p D δ q ] ↓ , then cleanse ǫǫ p D δ q is semantically closed and M | = eval-free δoǫ [ cleanse ǫǫ p D δ q ] .
2. Either
M | = cleanse ǫǫ p A α q = p B α q for some evaluation-free B α or M | = J cleanse ǫǫ p A α q K γ ≃ ⊥ γ for all γ ∈ T .3. If C γ contains an evaluation J A ǫ K α not in a quotation such that, for somevariable x β , M | = ∼ [ not-free-in oǫǫ p x β q p A ǫ q ] , then M | = [ cleanse ǫǫ p C γ q ] ↑ .
4. If
M | = [ cleanse ǫǫ p D δ q ] ↓ , then M | = J cleanse ǫǫ p D δ q K δ ≃ D δ roof Let A ( p D δ q ) mean cleanse ( p D δ q ). Part 1
Our proof is by induction on the complexity of D δ . There are 7 casescorresponding to the 7 parts of Specification 8 used to specify A ( p D δ q ). Cases 1, 2, and 6 : D δ is a variable, primitive constant, or quotation.Then M | = A ( p D δ q ) = p D δ q by the specification of cleanse ǫǫ . Hence A ( p D δ q ) is semantically closed since a quotation is semantically closed byProposition 3.3.3 and M | = eval-free δoǫ A ( p D δ q ) since a variable, primitiveconstant, or quotation is evaluation-free. Case 3 : D δ is A αβ B β . Assume M | = A ( p A αβ B β q ) ↓ . Then M | = A ( p A αβ q ) ↓ and M | = A ( p B β q ) ↓ by the specification of cleanse ǫǫ . It follows that A ( p A αβ B β q ) is semantically closed and M | = eval-free αoǫ A ( p A αβ B β q ) by the induction hypothesis and the specificationof cleanse ǫǫ . Case 4 : D δ is λ x β A α . Similar to Case 3. Case 5 : D δ is if A o B α C α . Similar to the proof of Case 3. Case 7 : D δ is J A ǫ K α . Assume (a) M | = A ( p J A ǫ K α q ) ↓ . (a) implies(b) M | = syn-closed oǫ A ( p A ǫ q ), (c) M | = eval-free αoǫ J A ( p A ǫ q ) K ǫ , and(d) M | = A ( p J A ǫ K α q ) ≃ J A ( p A ǫ q ) K ǫ by the specification of cleanse ǫǫ . (a) implies (e) M | = A ( p A ǫ q ) ↓ ,and (e) implies (f) A ( p A ǫ q ) is semantically closed and (g) M | = eval-free ǫoǫ A ( p A ǫ q ) by the induction hypothesis. (b), (f), and (g) imply (h) J A ( p A ǫ q ) K ǫ is semantically closed by part 3 of Lemma 7.2.4. Therefore, A ( p J A ǫ K α q ) is semantically closed by (d) and (h). Part 2
Follows easily from part 1 of this lemma and part 2 of Lemma 7.2.4.
Part 3
Follows immediately from the specification of cleanse ǫǫ . Part 4
Assume
M | = A ( p D δ q ) ↓ [designated H ( p D δ q )] . We must show that
M | = J A ( p D δ q ) K δ ≃ D δ [designated C ( p D δ q )] . Our proof is by induction on the complexity of D δ . There are 7 cases correspond-ing to the 7 parts of Specification 8 used to specify A ( p D δ q ). Let ϕ ∈ assign ( M ). Case 1 : D δ is x α . Then V M ϕ ( J A ( p x α q ) K α ) (1) ≃ V M ϕ ( J p x α q K α ) (2) ≃ V M ϕ ( x α ) . (3)322) is by the specification of cleanse ǫǫ , and (3) is by the fact that x α isevaluation-free and the semantics of evaluation. Therefore, C ( p x α q ) holds. Case 2 : D δ is a primitive constant c α . Similar to Case 1. Case 3 : D δ is A αβ B β . H ( p A αβ B β q ) implies H ( p A αβ q ) and H ( p B β q )by the specification of cleanse ǫǫ . These imply C ( p A αβ q ) and C ( p B β q ) bythe induction hypothesis. Then V M ϕ ( J A ( p A αβ B β q ) K α ) (1) ≃ V M ϕ ( J app ǫǫǫ A ( p A αβ q ) A ( p B β q ) K α ) (2) ≃ V M ϕ ( J A ( p A αβ q ) K αβ J A ( p B β q ) K β ) (3) ≃ V M ϕ ( A αβ B β ) . (4)(2) is by the specification of cleanse ǫǫ ; (3) is by the semantics of app ǫǫǫ and evaluation; and (4) is by C ( p A αβ q ) and C ( p B β q ). Therefore, C ( p A αβ B β q ) holds. Case 4 : D δ is λ x β A α . H ( p λ x β A α q ) implies H ( p A α q ) by the specifica-tion of cleanse ǫǫ . This implies C ( p A α q ) by the induction hypothesis and A ( p A α q ) is semantically closed by part 1 of this lemma. Then V M ϕ ( J A ( p λ x β A α q ) K αβ ) (1) ≃ V M ϕ ( J abs ǫǫǫ p x β q A ( p A α q ) K αβ ) (2) ≃ V M ϕ ( λ x β J A ( p A α q ) K α ) (3) ≃ V M ϕ ( λ x β A α ) . (4)(2) is by the specification of cleanse ǫǫ ; (3) is by the semantics of abs ǫǫǫ andevaluation and the fact that A ( p A α q ) is semantically closed; and (4) is by C ( p A α q ). Therefore, C ( p λ x β A α q ) holds. Case 5 : D δ is if A o B α C α . Similar to Case 3. Case 6 : D δ is p A α q . Similar to Case 1. Case 7 : D δ is J A ǫ K α . H ( p A ǫ q ) is true by the proof for Case 7 of Part 1,and hence C ( p A ǫ q ) is true by the induction hypothesis. Then V M ϕ ( J A ( p J A ǫ K α q ) K α ) (1) ≃ V M ϕ ( JJ A ( p A ǫ q ) K ǫ K α ) (2) ≃ V M ϕ ( J A ǫ K α ) . (3)(2) is by M | = A ( p J A ǫ K α q ) ≃ J A ( p A ǫ q ) K ǫ shown in the proof for Case 7 of Part 1, and (3) is by C ( p A ǫ q ). Therefore, C ( p J A ǫ K α q ) holds. ✷ .5 Properties of sub ǫǫǫǫ Lemma 7.5.1 (Substitution)
Let M be a normal general model for Q uqe0 .1. If M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↓ , then sub ǫǫǫǫ p A α q p x α q p B β q is se-mantically closed and M | = eval-free βoǫ [ sub ǫǫǫǫ p A α q p x α q p B β q ] .
2. Either
M | = sub ǫǫǫǫ p A α q p x α q p B β q = p C β q for some evaluation-free C β or M | = J sub ǫǫǫǫ p A α q p x α q p B β q K γ ≃ ⊥ γ for all γ ∈ T .3. If M | = sub ǫǫǫǫ p A α q p x α q B ǫ = p C β q for some C β and M | = eval-free βoǫ B ǫ , then M | = B ǫ = p D β q for some evaluation-free D β .4. If C γ contains an evaluation J B ǫ K β not in a quotation such that, for somevariable y γ with x α = y γ , M | = ∼ [ not-free-in oǫǫ p y γ q [ sub ǫǫǫǫ p A α q p x α q p B ǫ q ]] , then M | = [ sub ǫǫǫǫ p A α q p x α q p C γ q ] ↑ .
5. If
M | = sub ǫǫǫǫ p A α q p x α q p D δ q = p E δ q for some E δ and M | = not-free-in oǫǫ p x α q p D δ q , then M | = J sub ǫǫǫǫ p A α q p x α q p D δ q K δ ≃ D δ .
6. If
M | = sub ǫǫǫǫ p A α q p x α q p D δ q = p E δ q for some E δ , then V M ϕ ( J sub ǫǫǫǫ p A α q p x α q p D δ q K δ ) ≃ V M ϕ [ x α M ϕ ( A α )] ( D δ ) for all ϕ ∈ assign ( M ) such that V M ϕ ( A α ) is defined.7. M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↓ whenever A α and B β are evaluation-free, V M ϕ ( A α ) is defined, and substituting A α for each free occurrence of x α in B β does not result in a variable capture. Proof
Let S ( p D δ q ) mean sub ǫǫǫǫ p A α q p x α q p D δ q . Part 1
Similar to the proof of part 1 of Lemma 7.4.1.
Part 2
Follows easily from part 1 of this lemma and part 2 of Lemma 7.2.4.
Part 3
Follows from Lemma 6.3.4.
Part 4
Follows immediately from the specification of sub ǫǫǫǫ .34 art 5
Assume
M | = S ( p D δ q ) = p E δ q for some E δ [designated H ( p D δ q )]and M | = not-free-in oǫǫ p x α q p D δ q [designated H ( p D δ q )] . We must show that
M | = J S ( p D δ q ) K δ ≃ D δ [designated C ( p D δ q )] . Our proof is by induction on the complexity of D δ . There are 9 cases correspond-ing to the 9 parts of Specification 9 used to specify S ( p D δ q ). Let ϕ ∈ assign ( M ). Case 1 : D δ is x α . By the specification of not-free-in oǫǫ , H ( p x α q ) doesnot hold in this case. Case 2 : D δ is y β where x α = y β . Then V M ϕ ( J S ( p y β q ) K β ) (1) ≃ V M ϕ ( J p y β q K β ) (2) ≃ V M ϕ ( y β ) . (3)(2) is by the specification of sub ǫǫǫǫ , and (3) is by semantics of evaluationand the fact that y β is evaluation-free. Therefore, C ( p y β q ) holds. Case 3 : D δ is a primitive constant c β . Similar to Case 2. Case 4 : D δ is B βγ D δ . H ( p B βγ D δ q ) implies H ( p B βγ q ) and H ( p D δ q )by the specification of sub ǫǫǫǫ . H ( p B βγ D δ q ) implies H ( p B βγ q ) and H ( p D δ q ) by the specification of not-free-in oǫǫ . These imply C ( p B βγ q )and C ( p D δ q ) by the induction hypothesis. Then V M ϕ ( J S ( p B βγ D δ q ) K β ) (1) ≃ V M ϕ ( J app ǫǫǫ S ( p B βγ q ) S ( p D δ q ) K α ) (2) ≃ V M ϕ ( J S ( p B βγ q ) K βγ J S ( p D δ q ) K γ ) (3) ≃ V M ϕ ( B βγ D δ ) . (4)(2) is by the specification of sub ǫǫǫǫ ; (3) is by the semantics of app ǫǫǫ andevaluation; and (4) is by C ( p B βγ q ) and C ( p D δ q ). Therefore, C ( p B βγ D δ q )holds. Case 5 : D δ is λ x α B β . H ( p λ x α B β q ) implies M | = [ cleanse ǫǫ p B β q ] ↓ bythe specification of sub ǫǫǫǫ . This implies that cleanse ǫǫ p B β q is semantically35losed by part 1 of Lemma 7.4.1. Then V M ϕ ( J S ( λ x α B β ) K βα ) (1) ≃ V M ϕ ( J abs ǫǫǫ p x α q cleanse ǫǫ p B β q K βα ) (2) ≃ V M ϕ ( λ x α J cleanse ǫǫ p B β q K β ) (3) ≃ V M ϕ ( λ x α B β ) . (4)(2) is by the specification of sub ǫǫǫǫ ; (3) is by the semantics of abs ǫǫǫ andevaluation and the fact that cleanse ǫǫ p B β q is semantically closed; and (4)is by part 4 of Lemma 7.4.1. Therefore, C ( p λ x α B β q ) holds. Case 6 : D δ is λ y β B γ where x α = y β . H ( p λ y β B γ q ) implies V M ϕ ( S ( p λ y β B γ q )) ≃ V M ϕ ( abs ǫǫǫ p y β q S ( p B γ q ))and H ( p B γ q ) by the specification of sub ǫǫǫǫ . H ( p λ y β B γ q ) implies H ( p B γ q ) by the specification of not-free-in oǫǫ . These imply C ( p B γ q )by the induction hypothesis and S ( p B γ q ) is semantically closed by part 1of this lemma. Then V M ϕ ( J S ( λ y β B γ ) K γβ ) (1) ≃ V M ϕ ( J abs ǫǫǫ p y β q S ( p B γ q ) K γβ ) (2) ≃ V M ϕ ( λ y β J S ( p B γ q ) K γ ) (3) ≃ V M ϕ ( λ y β B γ ) . (4)(2) is by the equation shown above; (3) is by the semantics of abs ǫǫǫ andevaluation and the fact that S ( p B γ q ) is semantically closed; and (4) is by C ( p B γ q ). Therefore, C ( p λ y β B γ q ) holds. Case 7 : D δ is if A o B α C α . Similar to Case 4. Case 8 : D δ is p B β q . Similar to Case 2. Case 9 : D δ is J B ǫ K β . H ( p J B ǫ K β q ) implies(a) M | = eval-free βoǫ J S ( p B ǫ q ) K ǫ and (b) M | = S ( p J B ǫ K β q ) = S ( J S ( p B ǫ q ) K ǫ )by the specification of sub ǫǫǫǫ . (a), (b), and H ( p J B ǫ K β q ) imply H ( J S ( p B ǫ q ) K ǫ ) by part 3 of this lemma, and so (c) M | = J S ( p B ǫ q ) K ǫ = p C β q for some evaluation-free C β . H ( J S ( p B ǫ q ) K ǫ ) implies H ( p B ǫ q )by the specification of sub ǫǫǫǫ . By the specification of not-free-in oǫǫ , H ( p J B ǫ K β q ) implies M | = syn-closed oǫ p B ǫ q (hence H ( p B ǫ q ) by the def-inition of syn-closed oǫ ), M | = eval-free ǫoǫ p B ǫ q , and H ( J p B ǫ q K ǫ ) (hence36 ( B ǫ ) by the semantics of evaluation). H ( p B ǫ q ) and H ( p B ǫ q ) imply C ( p B ǫ q ) by the induction hypothesis, and so (d) M | = J S ( p B ǫ q ) K ǫ ≃ B ǫ .(c) and (d) imply (e) M | = B ǫ = p C β q . H ( J S ( p B ǫ q ) K ǫ ) and (c) imply H ( p C β q ). H ( B ǫ ) and (e) implies H ( p C β q ). H ( p C β q ) and H ( p C β q )imply C ( p C β q ) by the inductive hypothesis. Then V M ϕ ( J S ( p J B ǫ K β q ) K β ) (1) ≃ V M ϕ ( J S ( J S ( p B ǫ q ) K ǫ ) K β ) (2) ≃ V M ϕ ( J S ( p C β q ) K β ) (3) ≃ V M ϕ ( C β ) (4) ≃ V M ϕ ( J p C β q K β ) (5) ≃ V M ϕ ( J B ǫ K β ) . (6)(2) is by (b); (3) is by (d) and (e); (4) is by C ( p C β q ); (5) is by thesemantics of evaluation and the fact C β is evaluation-free; and (6) is by(e). Therefore, C ( p J B ǫ K β q ) holds. Part 6
Assume
M | = S ( p D δ q ) = p E δ q for some E δ [designated H ( p D δ q )]We must show that M | = V M ϕ ( J S ( p D δ q ) K δ ) ≃ V M ϕ [ x α M ϕ ( A α )] ( D δ ) for all ϕ ∈ assign ( M ) suchthat V M ϕ ( A α ) is defined [designated C ( p D δ q )].Our proof is by induction on the complexity of D δ . There are 9 cases correspond-ing to the 9 parts of Specification 9 used to specify S ( p D δ q ). Let ϕ ∈ assign ( M )such that V M ϕ ( A α ) is defined. Case 1 : D δ is x α . Then V M ϕ ( J S ( p x α q ) K α ) (1) ≃ V M ϕ ( J cleanse ǫǫ p A α q K α ) (2) ≃ V M ϕ ( A α ) (3) ≃ V M ϕ [ x α M ϕ ( A α )] ( x α ) . (4)(2) is by the specification of sub ǫǫǫǫ ; (3) is by H ( p x α q ) and part 4 ofLemma 7.4.1; and (4) is by the semantics of variables. Therefore, C ( p x α q )holds. 37 ase 2 : D δ is y β where x α = y β . Then V M ϕ ( J S ( p y β q ) K β ) (1) ≃ V M ϕ ( J p y β q K β ) (2) ≃ V M ϕ ( y β ) (3) ≃ V M ϕ [ x α M ϕ ( A α )] ( y β ) . (4)(2) is by the specification of sub ǫǫǫǫ ; (3) is by the semantics of evaluationand that fact that y β is evaluation-free; and (4) follows from x α = y β .Therefore, C ( p y β q ) holds. Case 3 : D δ is a primitive constant c β . Similar to Case 2. Case 4 : D δ is B βγ D δ . H ( p B βγ D δ q ) implies H ( p B βγ q ) and H ( p D δ q ) bythe specification of sub ǫǫǫǫ . These imply C ( p B βγ q ) and C ( p D δ q ) by theinduction hypothesis. Then V M ϕ ( J S ( p B βγ D δ q ) K β ) (1) ≃ V M ϕ ( J app ǫǫǫ S ( p B βγ q ) S ( p D δ q ) K α ) (2) ≃ V M ϕ ( J S ( p B βγ q ) K βγ J S ( p D δ q ) K γ ) (3) ≃ V M ϕ ( J S ( p B βγ q ) K βγ )( V M ϕ ( J S ( p D δ q ) K γ )) (4) ≃ V M ϕ [ x α M ϕ ( A α )] ( B βγ )( V M ϕ [ x α M ϕ ( A α )] ( D δ )) (5) ≃ V M ϕ [ x α M ϕ ( A α )] ( B βγ D δ ) . (6)(2) is by the specification of sub ǫǫǫǫ ; (3) is by the semantics of app ǫǫǫ andevaluation; (4) and (6) are by the semantics of application; and (5) is by C ( p B βγ q ) and C ( p D δ q ). Therefore, C ( p B βγ D δ q ) holds. Case 5 : D δ is λ x α B β . H ( p λ x α B β q ) implies M | = [ cleanse ǫǫ p B β q ] ↓ bythe specification of sub ǫǫǫǫ . This implies that cleanse ǫǫ p B β q is semanticallyclosed by part 1 of Lemma 7.4.1. Then V M ϕ ( J S ( λ x α B β ) K βα ) (1) ≃ V M ϕ ( J abs ǫǫǫ p x α q cleanse ǫǫ p B β q K βα ) (2) ≃ V M ϕ ( λ x α J cleanse ǫǫ p B β q K β ) (3) ≃ V M ϕ ( λ x α B β ) (4) ≃ V M ϕ [ x α M ϕ ( A α )] ( λ x α B β ) . (5)(2) is by the specification of sub ǫǫǫǫ ; (3) is by the semantics of abs ǫǫǫ andevaluation and the fact that cleanse ǫǫ p B β q is semantically closed; (4) isby part 4 of Lemma 7.4.1; and (5) is by the fact that V M ϕ [ x α d ] ( B β ) ≃ V M ϕ [ x α M ϕ ( A α )][ x α d ] ( B β )for all d ∈ D α . Therefore, C ( p λ x α B β q ) holds.38 ase 6 : D δ is λ y β B γ where x α = y β . H ( p λ y β B γ q ) implies(a) V M ϕ ( S ( p λ y β B γ q )) ≃ V M ϕ ( abs ǫǫǫ p y β q S ( p B γ q )) ,H ( p B γ q ), and either ( ∗ ) M | = not-free-in oǫǫ p x α q p B γ q or ( ∗∗ ) M | = not-free-in oǫǫ p y β q p A α q by the specification of sub ǫǫǫǫ . H ( p B γ q ) implies C ( p B γ q ) by the induction hypothesis and (b) S ( p B γ q ) is semanticallyclosed by part 1 of this lemma. Then V M ϕ ( J S ( λ y β B γ ) K γβ ) (1) ≃ V M ϕ ( J abs ǫǫǫ p y β q S ( p B γ q ) K γβ ) (2) ≃ V M ϕ ( λ y β J S ( p B γ q ) K γ ) (3) ≃ V M ϕ [ x α M ϕ ( A α )] ( λ y β B γ ) . (4)(2) is by (a); (3) is by (b) and the semantics of abs ǫǫǫ and evaluation; and(4) is by separate arguments for the two cases ( ∗ ) and ( ∗∗ ). In case ( ∗ ), V M ϕ [ y α d ] ( J S ( p B γ q ) K γ ) (1) ≃ V M ϕ [ y α d ] ( B γ ) (2) ≃ V M ϕ [ y α d ][ x α M ϕ ( A α )] ( B γ ) (3) ≃ V M ϕ [ x α M ϕ ( A α )][ y α d ] ( B γ ) (4)for all d ∈ D α . (2) is by ( ∗ ), H ( p B γ q ), and part 5 of this lemma; (3) isby ( ∗ ) and part 2 of Lemma 7.3.1; and (4) follows from x α = y β . In case( ∗∗ ), V M ϕ [ y α d ] ( J S ( p B γ q ) K γ ) (1) ≃ V M ϕ [ y α d ][ x α M ϕ [ y α d ] ( A α )] ( B γ ) (2) ≃ V M ϕ [ y α d ][ x α M ϕ ( A α )] ( B γ ) (3) ≃ V M ϕ [ x α M ϕ ( A α )][ y α d ] ( B γ ) (4)for all d ∈ D α . (2) is by C ( p B γ q ); (3) is by ( ∗∗ ) and part 2 of Lemma 7.3.1;and (4) follows from x α = y β . Therefore, C ( p λ y β B γ q ) holds. Case 7 : D δ is if A o B α C α . Similar to Case 4. Case 8 : D δ is p B β q . Similar to Case 2. Case 9 : D δ is J B ǫ K β . H ( p J B ǫ K β q ) implies(a) M | = eval-free βoǫ J S ( p B ǫ q ) K ǫ and (b) M | = S ( p J B ǫ K β q ) = S ( J S ( p B ǫ q ) K ǫ )39y the specification of sub ǫǫǫǫ . (a), (b), and H ( p J B ǫ K β q ) imply H ( J S ( p B ǫ q ) K ǫ ) by part 3 of this lemma, and so (c) M | = J S ( p B ǫ q ) K ǫ = p C β q for some evaluation-free C β . H ( J S ( p B ǫ q ) K ǫ ) implies H ( p B ǫ q ) bythe specification of sub ǫǫǫǫ . H ( p B ǫ q ) implies C ( p B ǫ q ) by the inductionhypothesis, and so(d) V M ϕ ( J S ( p B ǫ q ) K ǫ ) ≃ V M ϕ [ x α M ϕ ( A α )] ( B ǫ ) . (c) and (d) imply(e) V M ϕ [ x α M ϕ ( A α )] ( B ǫ ) = V M ϕ ( p C β q ) = V M ϕ [ x α M ϕ ( A α )] ( p C β q )since p C β q is semantically closed. H ( J S ( p B ǫ q ) K ǫ ) and (c) imply H ( p C β q ),and H ( p C β q ) implies C ( p C β q ) by the inductive hypothesis. V M ϕ ( J S ( p J B ǫ K β q ) K β ) (1) ≃ V M ϕ ( J S ( J S ( p B ǫ q ) K ǫ ) K β ) (2) ≃ V M ϕ ( J S ( p C β q ) K β ) (3) ≃ V M ϕ [ x α M ϕ ( A α )] ( C β ) (4) ≃ V M ϕ [ x α M ϕ ( A α )] ( J p C β q K β ) (5) ≃ V M ϕ [ x α M ϕ ( A α )] ( J B ǫ K β ) . (6)(2) is by (b); (3) is by (d) and (e); (4) is by C ( p C β q ); (5) is by thesemantics of evaluation and the fact C β is evaluation-free; and (6) is by(e). Therefore, C ( p J B ǫ K β q ) holds. Part 7
Follows from the specifications of not-free-in oǫǫ , cleanse ǫǫ , and sub ǫǫǫǫ . ✷ The five requirements for sub ǫǫǫǫ are satisfied as follows:1. Requirement 1 is satisfied by Specification 9 for sub ǫǫǫǫ . Part 6 ofLemma 7.5.1 verifies that sub ǫǫǫǫ performs substitution correctly.2. Requirement 2 is satisfied by Specification 7 for not-free-in oǫǫ and Spec-ification 9.6 for sub ǫǫǫǫ . Part 6 of Lemma 7.5.1 verifies that, when sub ǫǫǫǫ p A α q p x α q p B β q is defined, variables are not captured.3. Requirement 3 is satisfied by Specification 8 for cleanse ǫǫ and Specifications9.1, 9.5, and 9.9 for sub ǫǫǫǫ . Part 1 of Lemma 7.5.1 verifies that, when sub ǫǫǫǫ p A α q p x α q p B β q is defined, it represents an evaluation-free wff β .4. Requirement 4 is satisfied by Specification 7.9 for not-free-in oǫǫ , Speci-fication 8.7 for cleanse ǫǫ , and Specification 9.9 for sub ǫǫǫǫ . Part 1 ofLemma 7.5.1 verifies that, when sub ǫǫǫǫ p A α q p x α q p B β q is defined, it issemantically closed. 40. Requirement 5 is satisfied by Specifications 7–9. Part 7 of Lemma 7.5.1verifies that sub ǫǫǫǫ p A α q p x α q p B β q is defined in the cases correspondingto when substitution is defined in Q .As a consequence of sub ǫǫǫǫ satisfying Requirements 1–5, we can now provethat the law of beta-reduction for Q uqe0 is valid in Q uqe0 : Theorem 7.5.2 (Law of Beta-Reduction)
Let M be a normal generalmodel for Q uqe0 . Then M | = [ A α ↓ ∧ sub ǫǫǫǫ p A α q p x α q p B β q = p C β q ] ⊃ [ λ x α B β ] A α ≃ C β . Proof
Let ϕ ∈ assign ( M ). Assume (a) V M ϕ ( A α ) is defined and(b) V M ϕ ( sub ǫǫǫǫ p A α q p x α q p B β q = p C β q ) = T . We must show V M ϕ ([ λ x α B β ] A α ) ≃ V M ϕ ( C β ) . (b) implies(c) M | = sub ǫǫǫǫ p A α q p x α q p B β q = p C β q and (d) C β is evaluation-free by part 1 of Lemma 7.5.1. Then V M ϕ ([ λ x α B β ] A α ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( B β ) (2) ≃ V M ϕ ( J sub ǫǫǫǫ p A α q p x α q p B β q K β ) (3) ≃ V M ϕ ( J p C β q K β ) (4) ≃ V M ϕ ( C β ) . (5)(2) is by (a) and the semantics of function application and function abstraction;(3) is by (c) and part 6 of Lemma 7.5.1; (4) is by (b); and (5) is by (d) and thesemantics of evaluation. Therefore, V M ϕ ([ λ x α B β ] A α ) ≃ V M ϕ ( C β ). ✷ We mentioned above that sub ǫǫǫǫ p A α q p x α q p B β q may involve a “double sub-stitution” when B β is an evaluation. The following example explores this pos-sibility when B β is the simple evaluation J x ǫ K o .Let M be any normal general model for Q uqe0 , ϕ ∈ assign ( M ), and A o bean evaluation-free wff in which x ǫ is not free. Then V M ϕ ( sub ǫǫǫǫ pp A o qq p x ǫ q p J x ǫ K o q ) (1)= V M ϕ ( sub ǫǫǫǫ pp A o qq p x ǫ q J sub ǫǫǫǫ pp A o qq p x ǫ q p x ǫ q K ǫ ) (2)= V M ϕ ( sub ǫǫǫǫ pp A o qq p x ǫ q J pp A o qq K ǫ ) (3)= V M ϕ ( sub ǫǫǫǫ pp A o qq p x ǫ q p A o q ) (4)= V M ϕ ( p A o q ) . (5)412) is by the specification of sub ǫǫǫǫ , the fact that p A o q is syntactically closed,and the fact that A o is evaluation-free; (3) is by the specification of sub ǫǫǫǫ ;(4) is by the semantics of evaluation and the fact that p A o q is evaluation-free;and (5) is by the specification of sub ǫǫǫǫ and the fact that x ǫ is not free in A o .Therefore, M | = sub ǫǫǫǫ pp A o qq p x ǫ q p J x ǫ K o q ) = p A o q and only the first substitution has an effect.Now consider the evaluation-free wff x ǫ = x ǫ (in which the variable x ǫ isfree). Then V M ϕ ( sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q p J x ǫ K o q ) (1)= V M ϕ ( sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q J sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q p x ǫ q K ǫ ) (2)= V M ϕ ( sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q J pp x ǫ = x ǫ qq K ǫ ) (3)= V M ϕ ( sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q p x ǫ = x ǫ q ) (4)= V M ϕ ( pp x ǫ = x ǫ q = p x ǫ = x ǫ qq ) . (5)(1)–(4) are by the same reasoning as above, and (5) is by the specification of sub ǫǫǫǫ . Therefore, M | = sub ǫǫǫǫ pp x ǫ = x ǫ qq p x ǫ q p J x ǫ K o q = pp x ǫ = x ǫ q = p x ǫ = x ǫ qq and both substitutions have an effect. In predicate logics like Q , bound variables can be renamed in a wff (in certainways) without changing the meaning the wff. For example, when the variable x α is renamed to the variable y α (or any other variable of type α ) in the evaluation-free wff λx α x α , the result is the wff λy α y α . λx α x α and λy α y α are logicallyequivalent to each other, i.e., M | = λx α x α = λy α y α . In fact, a variable renaming that permutes the names of the variables occurringin an evaluation-free wff of Q uqe0 without changing the names of the wff’s freevariables preserves the meaning of the wff.Unfortunately, meaning-preserving variable renamings do not exist for allthe non-evaluation-free wffs of Q uqe0 . As an example, consider the two non-evaluation-free wffs λx ǫ J x ǫ K h ǫǫ i and λy ǫ J y ǫ K h ǫǫ i where x ǫ and y ǫ are distinctvariables. Obviously, λy ǫ J y ǫ K h ǫǫ i is obtained from λx ǫ J x ǫ K h ǫǫ i by renaming x ǫ to be y ǫ . If we forget about evaluation, we would expect that λx ǫ J x ǫ K h ǫǫ i and λy ǫ J y ǫ K h ǫǫ i are logically equivalent — but they are not! Let A ǫ be42 pair h ǫǫ i ǫǫ x ǫ y ǫ q , and suppose ϕ ( x ǫ ) = E ( x ǫ ) and ϕ ( y ǫ ) = E ( y ǫ ). Then V M ϕ ([ λx ǫ J x ǫ K h ǫǫ i ] A ǫ ) ≃ V M ϕ [ x ǫ ϕ [ A ǫ ] ] ( J x ǫ K h ǫǫ i ) ≃ V M ϕ [ x ǫ ϕ [ A ǫ ] ] ( E − ( V M ϕ [ x ǫ ϕ [ A ǫ ] ] ( x ǫ ))) ≃ V M ϕ [ x ǫ ϕ [ A ǫ ] ] ( E − ( E ( pair h ǫǫ i ǫǫ x ǫ y ǫ ))) ≃ V M ϕ [ x ǫ ϕ [ A ǫ ] ] ( pair h ǫǫ i ǫǫ x ǫ y ǫ )= hE ( pair h ǫǫ i ǫǫ x ǫ y ǫ ) , E ( y ǫ ) i . Similarly, V M ϕ ([ λy ǫ J y ǫ K h ǫǫ i ] A ǫ ) ≃ hE ( x ǫ ) , E ( pair h ǫǫ i ǫǫ x ǫ y ǫ ) i . Therefore, λx ǫ J x ǫ K h ǫǫ i and λy ǫ J y ǫ K h ǫǫ i are not logically equivalent, but the func-tions V M ϕ ( λx ǫ J x ǫ K h ǫǫ i ) and V M ϕ ( λy ǫ J y ǫ K h ǫǫ i ) are equal on constructions of theform E ( B h ǫǫ i ) where B h ǫǫ i is semantically closed.This example proves the following proposition: Proposition 7.7.1
Alpha-conversion is not valid in Q uqe0 for some non-evaluation-free wffs. Note 19 (Nominal Data Types)
Since alpha-conversion is not universallyvalid in Q uqe0 , it is not clear whether techniques for managing variable namingand binding — such as higher-order abstract syntax [46, 52] and nominal tech-niques [29, 53] — are applicable to Q uqe0 . However, the paper [48] does combinequotation/evaluation techniques with nominal techniques. sub ǫǫǫǫ Theorem 7.5.2 shows beta-reduction can be computed using sub ǫǫǫǫ . However,it is obviously not possible to use sub ǫǫǫǫ to compute a beta-reduction when thecorresponding application of sub ǫǫǫǫ is undefined. There are thus two questionsthat concern us:1. When is an application of sub ǫǫǫǫ undefined?2. When an application of sub ǫǫǫǫ is undefined, is the the corresponding beta-reduction ever valid in Q uqe0 .Let M be a normal general model for Q uqe0 . There are two cases in which M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↑ will be true. The first case occurs when thenaive substitution of A α for the free occurrences of x α in B β causes a variablecapture. In this case the corresponding beta-reduction is not valid unless thebound variables in B β are renamed so that the variable capture is avoided. Thiscan always be done if B β is evaluation-free, but as we showed in the previous43ubsection it is not always possible to rename variables in a non-evaluation-freewff.The second case in which M | = [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↑ will be true occurswhen the naive cleansing of evaluations in the result of the substitution causesa variable to escape outside of a quotation. This happens when the body of anevaluation is not semantically closed after the first substitution. In this case, thecorresponding beta-reduction may be valid. We will illustrate this possibilitywith three examples. Example 1
Let A αǫǫ be the wff λx ǫ λy ǫ J app ǫǫǫ x ǫ y ǫ K α and B αβ and C β be syntactically closed evaluation-free wffs. Then M | = A αǫǫ p B αβ qp C β q ≃ B αβ C β . However, we also have
M | = [ sub ǫǫǫǫ p B αβ q p x ǫ q p A αǫǫ q ] ↑ since the body of the evaluation contains y ǫ after the first substitution. Hencethe beta-reduction of A αǫǫ p B αβ qp C β q is valid in Q uqe0 , but the correspondingapplication of sub ǫǫǫǫ is undefined.This is a significant limitation. It means, for instance, that using sub ǫǫǫǫ wecannot instantiate a formula with more than one variable within an evaluation(not in a quotation). An instance of specification 9.9 where the syntactic vari-ables are replaced with variables is an example of a formula with this property.In some cases this limitation can be overcome by instantiating all the vari-ables of type ǫ within an evaluation together as a group. For example, let A ′ αǫǫ be the wff λx h ǫǫ i D α where D α is J app ǫǫǫ [ fst ǫ h ǫǫ i x h ǫǫ i ][ snd ǫ h ǫǫ i x h ǫǫ i ] K α . Then V M ϕ ( sub ǫǫǫǫ p pair h ǫǫ i ǫǫ p B αβ q p C β qq p x h ǫǫ i q p D α q ) ≃ V M ϕ ( app ǫǫǫ [ fst ǫ h ǫǫ i [ pair h ǫǫ i ǫǫ p B αβ q p C β q ]][ snd ǫ h ǫǫ i [ pair h ǫǫ i ǫǫ p B αβ q p C β q ]]) ≃ V M ϕ ( app ǫǫǫ p B αβ q p C β q ) ≃ V M ϕ ( p B αβ C β q )for all ϕ ∈ assign ( M ). Hence M | = sub ǫǫǫǫ p pair h ǫǫ i ǫǫ p B αβ q p C β qq p x ǫ q p D α q = p B αβ C β q , M | = A ′ αǫǫ [ pair h ǫǫ i ǫǫ p B αβ q p C β q ] ≃ B αβ C β . The main reason we have introduced pairs in Q uqe0 is to allow us to expressfunction abstractions like A αǫǫ in a form like A ′ αǫǫ that can be beta-reducedusing sub ǫǫǫǫ . Example 2
Let C α be the wff [ λx ǫ x ǫ ] J x ǫ K α . Then M | = [ λx ǫ x ǫ ] J x ǫ K α ≃ J x ǫ K α but M | = [ sub ǫǫǫǫ p J x ǫ K α q p x ǫ q p x ǫ q ] ↑ since M | = [ cleanse ǫǫ J x ǫ K α ] ↑ . We will overcome this limitation of sub ǫǫǫǫ byincluding[ λx ǫ x ǫ ] A α ≃ A α and the other basic properties of lambda-notation in the axioms of P uqe . Theseproperties will be presented as schemas similar to Axioms 4 –4 in [2]. Example 3
Let C α be the wff [ λx ǫ J x ǫ K α ] x ǫ . Then M | = [ λx ǫ J x ǫ K α ] x ǫ ≃ J x ǫ K α but M | = [ sub ǫǫǫǫ p x ǫ q p x ǫ q p J x ǫ K α q ] ↑ since the body of the evaluation contains x ǫ after the first substitution. We willovercome this limitation of sub ǫǫǫǫ by including[ λx α B β ] x α ≃ B α in the axioms of P uqe . Now that we have defined a mechanism for substitution, we are ready to presentthe proof system of Q uqe0 called P uqe . It is derived from P u , the proof systemof Q u0 . The presence of undefinedness makes P u moderately more complicatedthan P , the proof system of Q , but the presence of the type ǫ and quotationand evaluation makes P uqe significantly more complicated than P u . A largepart of the complexity of Q uqe0 is due to the difficulty of beta-reducing wffs thatinvolve evaluations. 45 .1 Axioms P uqe consists of a set of axioms and a set of rules of inference. The axioms aregiven in this section, while the rules of inference are given in the next section.The axioms are organized into groups. The members of each group are presentedusing one or more formula schemas. A group is called an “Axiom” even thoughit consists of infinitely many formulas. Axiom 1 (Truth Values) [ G oo T o ∧ G oo F o ] ≡ ∀ x o [ G oo x o ] . Axiom 2 (Leibniz’ Law)A α = B α ⊃ [ H oα A α ≡ H oα B α ] . Axiom 3 (Extensionality) [ F αβ ↓ ∧ G αβ ↓ ] ⊃ F αβ = G αβ ≡ ∀ x β [ F αβ x β ≃ G αβ x β ] . Axiom 4 (Beta-Reduction)
1. [ A α ↓ ∧ sub ǫǫǫǫ p A α q p x α q p B β q = p C β q ] ⊃ [ λ x α B β ] A α ≃ C β .
2. [ λ x α x α ] A α ≃ A α .3. A α ↓ ⊃ [ λ x α y β ] A α ≃ y β where x α = y β .4. A α ↓ ⊃ [ λ x α c β ] A α ≃ c α where c β is a primitive constant.5. [ λ x α [ B αβ C β ]] A α ≃ [[ λ x α B αβ ] A α ][[ λ x α C β ] A α ].6. A α ↓ ⊃ [ λ x α [ λ x α B β ]] A α = λ x α B β . A α ↓ ∧ [ not-free-in oǫǫ p x α q p B γ q ∨ not-free-in oǫǫ p y β q p A α q ] ⊃ [ λ x α [ λ y β B γ ]] A α = λ y β [[ λ x α B γ ] A α ] where x α = y α .8. [ λ x α [ if B o C β D β ]] A α ≃ if [ λ x α B o ] A α ] [ λ x α C β ] A α ] [ λ x α D β ] A α ].9. A α ↓ ⊃ [ λ x α p B β q ] A α ≃ p B β q .10. [ λ x α B β ] x α ≃ B β . Axiom 5 (Tautologous Formulas)A o where A o is tautologous. Axiom 6 (Definedness) x α ↓ . c α ↓ where c α is a primitive constant. A oβ B β ↓ .
4. [ A αβ ↑ ∨ B β ↑ ] ⊃ A αβ B β ≃ ⊥ α .
5. [ λ x α B β ] ↓ .
6. [ if A o B o C o ] ↓ . p A α q ↓ . J A ǫ K o ↓ . J pp A α qq K ǫ ↓ . ∼ [ eval-free αoǫ A ǫ ] ⊃ J A ǫ K α ≃ ⊥ α . ⊥ α ↑ where α = o . Axiom 7 (Quasi-Equality) A α ≃ A α . Axiom 8 (Definite Description) ∃ x α A o ≡ [I x α A o ] ↓ where α = o .2. [ ∃ x α A o ∧ sub ǫǫǫǫ p I x α A o q p x α q p A o q = p B o q ] ⊃ B o where α = o . Axiom 9 (Ordered Pairs)
1. [ pair h αβ i βα A α B β = pair h αβ i βα C α D β ] ≡ [ A α = C α ∧ B β = D β ] . A h αβ i ↓ ⊃ ∃ x α ∃ y α [ A h αβ i = pair h αβ i βα x α y β ] . Axiom 10 (Conditionals)
1. [ if T o B α C α ] ≃ B α .
2. [ if F o B α C α ] ≃ C α . J if A o B ǫ C ǫ K α ≃ if A o J B ǫ K α J C ǫ K α . Axiom 11 (Evaluation) J p x α q K α = x α . J p c α q K α = c α where c α is primitive constant.3. wff αβoǫ A ǫ ⊃ J app ǫǫǫ A ǫ B ǫ K α ≃ J A ǫ K αβ J B ǫ K β . Notice that, for α = o , c α ↓ is false if c α is the defined constant ⊥ α . not-free-in oǫǫ p x α q p B ǫ q ⊃ J abs ǫǫǫ p x α q B ǫ K βα ≃ λ x α J B ǫ K β . J cond ǫǫǫǫ A ǫ B ǫ C ǫ K α ≃ if J A ǫ K o J B ǫ K α J C ǫ K α .6. J quot ǫǫ A ǫ K ǫ ↓ ⊃ J quot ǫǫ A ǫ K ǫ = A ǫ . Axiom 12 (Specifying Axioms)A o where A o is a specifying axiom in Specifications 1–9. Note 20 (Overview of Axioms)
Axioms 1–4 of Q uqe0 correspond to the firstfour axioms of Q . Axioms 1 and 2 say essentially the same thing as the firstand second axioms of Q (see the next note). A modification of the third axiomof Q , Axiom 3 is the axiom of extensionality for partial and total functions.Axiom 4 is the law of beta-reduction for functions that may be partial and ar-guments that may be undefined. Axiom 4.1 expresses the law of beta-reductionwith substitution represented by the logical constant sub ǫǫǫǫ . Axioms 4.2–9 ex-press the law of beta-reduction using the basic properties of lambda-notation.Axiom 4.10 is an additional property of lambda-notation.Axiom 5 provides the tautologous formulas that are needed to dischargethe definedness conditions and substitution conditions on instances of Axiom 4.Axiom 6 deals with the definedness properties of wffs; the first five parts ofAxiom 6 address the three principles of the traditional approach. Axiom 7states the reflexivity law for quasi-equality. Axioms 8 and 9 state the propertiesof the logical constants ι α ( oα ) and pair h αβ i βα ) , respectively. Axiom 10 statesthe properties of conditionals. Axioms 11 states the properties of evaluation.Axiom 12 gives the specifying axioms of the 12 logical constants involving thetype ǫ . Note 21 (Schemas vs. Universal Formulas)
The proof systems P and P u are intended to be mimimalist axiomatizations of Q and Q u0 . For instance,in both systems the first three axiom groups are single universal formulas thatexpress three different fundamental ideas. In contrast, the first three axiomgroups of P uqe are formula schemas that present all the instances of the threeuniversal formulas. The instances of the these universal formulas are obtainedin P and P u by substitution. Formulas schemas are employed in P uqe insteadof universal formulas for the sake of convenience and uniformity. In fact, theonly axiom presented as a single formula in Axioms 1–12 is Specification 4.29,the principle of induction for type ǫ . Note 22 (Syntactic Side Conditions)
The syntactic conditions placed onthe syntactic variables in the schemas in Axioms 1–12 come in a few simpleforms:1. A syntactic variable A α can be any wff of type α .2. A syntactic variable x α can be any variable of type α .48. A syntactic variable c α with the condition “ c α is a primitive constant”can be any primitive constant of type α ,4. A syntactic variable A α with the condition “ A α is a not a variable” canbe any wff of type α that is not a variable.5. A syntactic variable A α with the condition “ A α is a not a primitive con-stant” can be any wff of type α that is not a primitive constant.6. Two variables must be distinct.7. Two primitive constants must be distinct.8. Two types must be distinct.Notice that none of these syntactic side conditions refer to notions concerningfree variables and substitution. Q uqe0 has just two rules of inference: Rule 1 (Quasi-Equality Substitution)
From A α ≃ B α and C o inferthe result of replacing one occurrence of A α in C o by an occurrence of B α ,provided that the occurrence of A α in C o is not within a quotation, notthe first argument of a function abstraction, and not the second argumentof an evaluation. Rule 2 (Modus Ponens)
From A o and A o ⊃ B o infer B o . Note 23 (Overview of Rules of Inference) Q uqe0 has the same two rules ofinference as Q u0 . Rule 1 (Quasi-Equality Substitution) corresponds to Q ’s singlerule of inference, which is equality substitution. These rules are exactly the sameexcept that the Q uqe0 rule requires only quasi-equality ( ≃ ) between the targetwff and the substitution wff, while the Q rule requires equality (=). Rule 2(Modus Ponens) is a primitive rule of inference in Q uqe0 , but modus ponens is aderived rule of inference in Q . Modus ponens must be primitive in Q uqe0 sinceit is needed to discharge the definedness conditions and substitution conditionson instances of Axiom 4, the law of beta-reduction. Let A o be a formula and H be a set of sentences (i.e., semantically closedformulas) of Q uqe0 . A proof of A o from H in P uqe is a finite sequence of wffs o ,ending with A o , such that each member in the sequence is an axiom of P uqe , amember of H , or is inferred from preceding members in the sequence by a ruleof inference of P uqe . We write H ⊢ A o to mean there is a proof of A o from H in P uqe . ⊢ A o is written instead of ∅ ⊢ A o . A o is a theorem of P uqe if ⊢ A o .49ow let H be a set of syntactically closed evaluation-free formulas of Q uqe0 .(Recall that a syntactically closed evaluation-free formula is also semanticallyclosed by Lemma 7.2.4.) An evaluation-free proof of A o from H in P uqe isa proof of A o from H that is a sequence of evaluation-free wffs o . We write H ⊢ ef A o to mean there is an evaluation-free proof of A o from H in P uqe .Obviously, H ⊢ ef A o implies H ⊢ A o . ⊢ ef A o is written instead of ∅ ⊢ ef A o . H is consistent in P uqe if there is no proof of F o from H in P uqe . Note 24 (Proof from Hypotheses)
Andrews employs in [2] a more compli-cated notion of a “proof from hypotheses” in which a hypothesis is not requiredto be semantically or syntactically closed. We have chosen to use the simpler no-tion since it is difficult to define Andrews’ notion in the presence of evaluationsand we can manage well enough in this paper with having only semantically orsyntactically closed hypotheses. P uqe is sound for Q uqe0 if H ⊢ A o implies H | = n A o whenever A o is a formulaand H is a set of sentences of Q uqe0 . We will prove that the proof system P uqe is sound for Q uqe0 by showing that its axioms are valid in every normal generalmodel for Q uqe0 and its rules of inference preserve validity in every normal generalmodel for Q uqe0 . Lemma 9.1.1
Each axiom of P uqe is valid in every normal general model for Q uqe0 . Proof
Let M = h{D α | α ∈ T } , J i be a normal general model for Q uqe0 and ϕ ∈ assign ( M ). There are 16 cases, one for each group of axioms. Axiom 1
The proof is similar to the proof of 5402 for Axiom 1 in [2, p. 241]when V M ϕ ( G oo ) is defined. The proof is straightforward when V M ϕ ( G oo ) isundefined. Axiom 2
The proof is similar to the proof of 5402 for Axiom 2 in [2, p. 242]when V M ϕ ( H oα ) is defined. The proof is straightforward when V M ϕ ( H oα ) isundefined. Axiom 3
The proof is similar to the proof of 5402 for Axiom 3 in [2, p. 242].
Axiom 4Axiom 4.1
Each instance of Axiom 4.1 is valid in M by Theorem 7.5.2. Axiom 4.2
We must show(a) V M ϕ ([ λ x α x α ] A α ) ≃ V M ϕ ( A α )50o prove Axiom 4.2 is valid in M . If V M ϕ ( A α ) is undefined, then clearly(a) is true. So assume (b) V M ϕ ( A α ) is defined. Then V M ϕ ([ λ x α x α ] A α ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( x α ) (2) ≃ V M ϕ ( A α ) (3)(2) is by (b) and the semantics of function application and function ab-straction, and (3) is by the semantics of variables. Axiom 4.3
Assume (a) V M ϕ ( A α ) is defined and (b) x α = y β . We mustshow V M ϕ ([ λ x α y β ] A α ) ≃ V M ϕ ( y β )to prove Axiom 4.3 is valid in M . Then V M ϕ ([ λ x α y β ] A α ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( y β ) (2) ≃ V M ϕ ( y β ) . (3)(2) is by (a) and the semantics of function application and function ab-straction, and (3) is by (b) and the semantics of variables. Axiom 4.4
Similar to Axiom 4.3.
Axiom 4.5
We must show(a) V M ϕ ([ λ x α [ B αβ C β ]] A α ) ≃ V M ϕ ([[ λ x α B αβ ] A α ][[ λ x α C β ] A α ])to prove Axiom 4.5 is valid in M . If V M ϕ ( A α ) is undefined, then clearly(a) is true. So assume (b) V M ϕ ( A α ) is defined. Then V M ϕ ([ λ x α [ B αβ C β ]] A α ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( B αβ C β ) (2) ≃ V M ϕ [ x α M ϕ ( A α )] ( B αβ )( V M ϕ [ x α M ϕ ( A α )] ( C β )) (3) ≃ V M ϕ ([ λ x α B αβ ] A α )( V M ϕ ([ λ x α C β ] A α )) (4) ≃ V M ϕ ([[ λ x α B αβ ] A α ][[ λ x α C β ] A α ]) . (5)(2) and (4) are by (b) and the semantics of function application and func-tion abstraction, and (3) and (5) are by the semantics of function appli-cation. 51 xiom 4.6 Assume (a) V M ϕ ( A α ) is defined. We must show V M ϕ ([ λ x α [ λ x α B β ]] A α )( d ) ≃ V M ϕ ( λ x α B β )( d ) , where d ∈ D α , to prove Axiom 4.6 is valid in M . V M ϕ ([ λ x α [ λ x α B β ]] A α )( d ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( λ x α B β )( d ) (2) ≃ V M ϕ [ x α M ϕ ( A α )][ x α d ] ( B β ) (3) ≃ V M ϕ [ x α d ] ( B β ) (4) ≃ V M ϕ ( λ x α B β ])( d ) . (5)(2) is by (a) and the semantics of function application and function ab-straction; (3) and (5) are by the semantics of function abstraction; and(4) is by ϕ [ x α
7→ V M ϕ ( A α )][ x α d ] = ϕ [ x α d ] . Axiom 4.7
Assume (a) V M ϕ ( A α ) is defined, (b) x α = y β , and(c) M | = not-free-in oǫǫ p x α q p B γ q or M | = not-free-in oǫǫ p y β q p A α q . We must show V M ϕ ([ λ x α [ λ y β B γ ]] A α )( d ) ≃ V M ϕ ( λ y β [[ λ x α B γ ] A α ])( d ) , where d ∈ D β , to prove Axiom 4.7 is valid in M . V M ϕ ([ λ x α [ λ y β B γ ]] A α )( d ) (1) ≃ V M ϕ [ x α M ϕ ( A α )] ( λ y β B γ )( d ) (2) ≃ V M ϕ [ x α M ϕ ( A α )][ y β d ] ( B γ ) (3) ≃ V M ϕ [ y β d ][ x α M ϕ ( A α )] ( B γ ) (4) ≃ V M ϕ [ y β d ][ x α M ϕ [ y β d ] ( A α )] ( B γ ) (5) ≃ V M ϕ [ y β d ] ([ λ x α B γ ] A α ) (6) ≃ V M ϕ ( λ y β [[ λ x α B γ ] A α ])( d ) (7)(2) and (6) are by (a) and the semantics of function application and func-tion abstraction; (3) and (7) are by the semantics of function abstraction;(4) is by (b); and (5) is by (c) and part 2 of Lemma 7.3.1. Axiom 4.8
Similar to Axiom 4.5.52 xiom 4.9
Similar to Axiom 4.3.
Axiom 4.10
We must show V M ϕ ([ λ x α B β ] x α ) ≃ V M ϕ ( B β )to prove Axiom 4.10 is valid in M . V M ϕ ([ λ x α B β ] x α ) (1) ≃ V M ϕ [ x α ϕ ( x α )] ( B β ) (2) ≃ V M ϕ ( B β ) (3)(2) is by the semantics of function application, function abstraction, vari-ables; and (3) is by ϕ = ϕ [ x α ϕ ( x α )]. Axiom 5
The propositional constants T o and F o and the propositional con-nectives ∧ ooo , ∨ ooo , and ⊃ ooo have their usual meanings in a general model.Hence any tautologous formula is valid in M . Axiom 6
M | = A α ↓ iff V M ϕ ( A α ) is defined for all ϕ ∈ assign ( M ). HenceAxioms 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6,7, and 6.8 are valid in M by conditions 1,2, 3, 3, 4, 5, 6, and 7 in the definition of a general model. Axiom 6.9 is validin M by the fact that quotations are evaluation-free and conditions 6 and 7 indefinition of a general model. Axiom 6.10 is valid in M by Proposition 7.2.1and condition 7 in the definition of a general model. Axiom 6.11 is valid in M since J ( ι α ( oα ) ) is a unique member selector on D α and λx α [ x α = x α ] representsthe empty set. Axiom 7
Clearly, V M ϕ ( A α ≃ A α ) = T iff V M ϕ ( A α ) ≃ V M ϕ ( A α ), which isalways true. Hence M | = A α ≃ A α . Axiom 8Axiom 8.1
Axiom 8.1 is valid in M since J ( ι α ( oα ) ) is a unique memberselector on D α . Axiom 8.2
Assume (a) V M ϕ ( ∃ x α A o ) = T and V M ϕ ( sub ǫǫǫǫ p I x α A o q p x α q p A o q = p B o q ) = T . We must show V M ϕ ( B o ) = T to prove that Axiom 8.2 is valid in M .Axiom 8.1 and (a) implies V M ϕ (I x α A o ) is defined. (a) and the fact that J ( ι α ( oα ) ) is a unique member selector on D α implies V M ϕ ([ λ x α A o ][I x α A o ]) = T . Then V M ϕ ([ λ x α A o ][I x α A o ] = B o ) by the proof for Axiom 4. Thus V M ϕ ( B o ) = T . 53 xiom 9 Axiom 9.1 is valid in M since J ( pair h αβ i βα ) is a pairing functionon D α and D β . Axiom 9.2 is valid in M since every p ∈ D h αβ i is a pair h a, b i where a ∈ D α and b ∈ D β and J ( pair h αβ i βα ) is a pairing function on D α and D β . Axiom 10
Axioms 10.1 and 10.2 are valid in M by condition 5 in the definitionof a general model. V M ϕ ( A o ) = T implies V M ϕ ( J if A o B ǫ C ǫ K α ) ≃ V M ϕ ( J B ǫ K α )and V M ϕ ( A o ) = F implies V M ϕ ( J if A o B ǫ C ǫ K α ) ≃ V M ϕ ( J C ǫ K α ) by conditions 5and 7 in the definition of a general model. Hence Axiom 10.3 is valid in M . Axiom 11Axioms 11.1 and 11.2
Immediate by condition 7 in the definition of ageneral model since variables and primitive constants are evaluation-free.
Axiom 11.3
Assume V M ϕ ( wff αβoǫ A ǫ ) = T . This implies (a) V M ϕ ( A ǫ ) = E ( C αβ ) for some C αβ . We must show X ≃ Y where X is V M ϕ ( J app ǫǫǫ A ǫ B ǫ K α )and Y is V M ϕ ( J A ǫ K αβ J B ǫ K β ) . First, assume (b) V M ϕ ( B ǫ ) = E ( D β ) for some D β . If (c) C αβ D β isevaluation-free, then V M ϕ ( J app ǫǫǫ A ǫ B ǫ K α ) (1) ≃ V M ϕ ( J app ǫǫǫ E ( C αβ ) E ( D β ) K α ) (2) ≃ V M ϕ ( J E ( C αβ D β ) K α ) (3) ≃ V M ϕ ( C αβ D β ) (4) ≃ V M ϕ ( C αβ )( V M ϕ ( D β )) (5) ≃ V M ϕ ( J E ( C αβ ) K αβ )( V M ϕ ( J E ( D β ) K β )) (6) ≃ V M ϕ ( J A ǫ K αβ )( V M ϕ ( J B ǫ K β )) (7) ≃ V M ϕ ( J A ǫ K αβ J B ǫ K β ) . (8)(2) and (7) are by (a), (b), and Proposition 6.2.1; (3) is by the definitionof E ; (4) and (6) are by (c) and the semantics of evaluation; and (5) and(8) are by the semantics of function application. Hence X ≃ Y . If C αβ D β is not evaluation-free, then C αβ or D β is not evaluation-free. Then X and Y are both undefined by the semantics of evaluation and the beginningand end of the derivation above. Hence X ≃ Y .Second, assume V M ϕ ( B ǫ ) = E ( D γ ) with γ = β . Then X is undefined bySpecifications 6.4 and 6.5, the semantics of evaluation, and the beginningof the derivation above, and Y is undefined by the semantics of evaluation54nd function application and the end of the derivation above. Hence X ≃ Y .Third, assume V M ϕ ( B ǫ ) = d where d is a nonstandard construction.Then X is undefined by Lemmas 6.3.2 and 6.3.3, and Y is undefinedby Lemma 6.3.2 and the semantics of function application. Hence X ≃ Y in this case, and therefore, in every case. Axiom 11.4
Let(a) V M ϕ ( not-free-in oǫǫ p x α q p B ǫ q ) = T and d ∈ D α . It suffices to show X ( d ) ≃ Y ( d ) where X is V M ϕ ( J abs ǫǫǫ p x α q B ǫ K βα )and Y is V M ϕ ( λ x α J B ǫ K β ) . First, assume (b) V M ϕ ( B ǫ ) = E ( C β ) for some C β . This implies(c) V M ϕ [ x α d ] ( B ǫ ) = E ( C β ) by (a) and part 2 of Lemma 7.3.1. If (d) C β is evaluation-free, then V M ϕ ( J abs ǫǫǫ p x α q B ǫ K βα )( d ) (1) ≃ V M ϕ ( J abs ǫǫǫ p x α q E ( C β ) K βα )( d ) (2) ≃ V M ϕ ( J E ( λ x α C β ) K βα )( d ) (3) ≃ V M ϕ ( λ x α C β )( d ) (4) ≃ V M ϕ [ x α d ] ( C β ) (5) ≃ V M ϕ [ x α d ] ( J E ( C β ) K β ) (6) ≃ V M ϕ [ x α d ] ( J B ǫ K β ) (7) ≃ V M ϕ ( λ x α J B ǫ K β )( d ) . (8)(2) is by (b) and Proposition 6.2.1; (3) is by the definition of E ; (4) and (6)are by the semantics of evaluation and (d); (5) and (8) are by the semanticsof function abstraction; and (7) is by (c) and and Proposition 6.2.1. Hence X ( d ) ≃ Y ( d ). If C β is not evaluation-free, then X ( d ) and Y ( d ) are bothundefined by the semantics of evaluation and the beginning and end ofthe derivation above. Hence X ( d ) ≃ Y ( d ).Second, assume V M ϕ ( B ǫ ) = E ( C γ ) for some C γ where γ = β . Then X ( d ) is undefined by the semantics of evaluation and the beginning of thederivation above, and Y ( d ) is undefined by the semantics of evaluationand the end of the derivation above. Hence X ( d ) ≃ Y ( d ).Third, assume V M ϕ ( B ǫ ) is a nonstandard construction. Then X ( d ) is un-defined by Lemmas 6.3.2 and 6.3.3, and Y ( d ) is undefined by Lemma 6.3.2.Hence X ( d ) ≃ Y ( d ) in this case, and therefore, in every case.55 xiom 11.5 Similar to Axiom 11.3.
Axiom 11.6
First, assume V M ϕ ( A ǫ ) = E ( B α ) for some B α . Then V M ϕ ( J quot ǫǫ A ǫ K ǫ ) . (1) ≃ V M ϕ ( J quot ǫǫ E ( B α ) K ǫ ) . (2) ≃ V M ϕ ( J E ( p B α q ) K ǫ ) . (3) ≃ V M ϕ ( p B α q ) . (4) ≃ V M ϕ ( A ǫ ) . (5)(2) is by Proposition 6.2.1; (3) is by the definition of E ; (4) by the semanticsof evaluation and the fact that quotations are evaluation-free; and (5) isby Specification 1. Hence V M ϕ ( J quot ǫǫ A ǫ K ǫ ) = V M ϕ ( A ǫ ) since V M ϕ ( A ǫ ) isdefined.Second, assume V M ϕ ( A ǫ ) = E ( B α ) for all B α . Then V M ϕ ( quot ǫǫ A ǫ ) = E ( A α ) for all B α by Lemma 6.3.3. Hence V M ϕ ( J quot ǫǫ A ǫ K ǫ ) is undefinedby Lemma 6.3.2. Therefore, Axiom 11.6 is valid in M in both cases. Axiom 12
Each axiom of this group is a specifying axiom and thus is validin M since M is normal. ✷ Lemma 9.1.2
Each rule of inference of P uqe preserves validity in every normalgeneral model for Q uqe0 . Proof
Let M be a normal general model for Q uqe0 . We must show that Rules1 and 2 preserve validity in M . Rule 1
Suppose C o and C ′ o are wffs such that C ′ o is the result of replacing oneoccurrence of A α in C o by an occurrence of B α , provided that the occurrenceof A α in C o is not within a quotation, not the first argument of a functionabstraction, and not the second argument of an evaluation. Then it easilyfollows that V M ϕ ( A α ) ≃ V M ϕ ( B α ) for all ϕ ∈ assign ( M ) implies V M ϕ ( C o ) = V M ϕ ( C ′ o ) for all ϕ ∈ assign ( M ) by induction on the size of C o . M | = A α ≃ B α implies V M ϕ ( A α ) ≃ V M ϕ ( B α ) for all ϕ ∈ assign ( M ), and hence M | = C o implies V M ϕ ( C o ) = V M ϕ ( C ′ o ) = T for all ϕ ∈ assign ( M ). Therefore, M | = A α ≃ B α and M | = C o implies M | = C ′ o , and so Rule 1 preserves validity in M . Rule 2
Since ⊃ ooo has its usual meaning in a general model, Rule 2 obviouslypreserves validity in M . ✷ Theorem 9.2.1 (Soundness Theorem) P uqe is sound for Q uqe0 . roof Assume
H ⊢ A o and M | = H where A o is a formula of Q uqe0 , H is aset of sentences of Q uqe0 , and M is a normal general model for Q uqe0 . We mustshow that M | = A o . By Lemma 9.1.1, each axiom of P uqe is valid in M , and byLemma 9.1.2, each rule of inference of P uqe preserve validity in M . Therefore, H ⊢ A o implies M | = A o . ✷ Theorem 9.2.2 (Consistency Theorem)
Let H be a set of sentences of Q uqe0 . If H has a normal general model, then H is consistent in P uqe . Proof
Let M be a normal general model for H . Assume that H is inconsistentin P uqe , i.e., that H ⊢ F o . Then, by the Soundness Theorem, H | = n F o andhence M | = F o . This means that V M ϕ ( F o ) = T and thus V M ϕ ( F o ) = F (for anyassignment ϕ ), which contradicts the definition of a general model. ✷
10 Some Metatheorems
We will prove several metatheorems of Q uqe0 . Most of them will be metatheoremsthat we need in order to prove the evaluation-free completeness of Q uqe0 insection 11 and the results in section 12. Q Most of the metatheorems we prove in this subsection are analogs of the metathe-orems of Q proven in section 52 of [2]. There will be two versions for many ofthem, the first restricted to evaluation-free proofs and the second unrestricted.In this subsection, let H ef be a set of syntactically closed evaluation-free formu-las of Q uqe0 and H be a set of sentences of Q uqe0 . Proposition 10.1.1 (Analog of 5200 in [2]) ⊢ ef A α ≃ A α where A α is evaluation-free.2. ⊢ A α ≃ A α . Proof
By Axiom 7 for both parts. ✷ Theorem 10.1.2 (Tautology Theorem: Analog of 5234)
1. Let A o , . . . , A no , B o be evaluation-free. If H ef ⊢ ef A o , . . . , H ef ⊢ ef A no and [ A o ∧ · · · ∧ A no ] ⊃ B o is tautologous for n ≥ , then H ef ⊢ ef B o . Also, if B o is tautologous, then H ef ⊢ ef B o .2. If H ⊢ A o , . . . , H ⊢ A no and [ A o ∧ · · · ∧ A no ] ⊃ B o is tautologous for n ≥ , then H ⊢ B o . Also, if B o is tautologous, then H ⊢ B o . Proof
Follows from Axiom 5 (Tautologous Formulas) and Rule 2 (ModusPonens) for both parts. ✷ emma 10.1.3 ⊢ ef [ A α = B α ] ⊃ [ A α ≃ B α ] where A α and B α are evaluation-free.2. ⊢ [ A α = B α ] ⊃ [ A α ≃ B α ] . Proof
Follows from the definition of ≃ and the Tautology Theorem for bothparts. ✷ Lemma 10.1.4
1. If H ef ⊢ ef A α ↓ or H ef ⊢ ef B α ↓ , then H ef ⊢ ef A α ≃ B α implies H ef ⊢ ef A α = B α where A α and B α are evaluation-free.2. If H ⊢ A α ↓ or H ⊢ B α ↓ , then H ⊢ A α ≃ B α implies H ⊢ A α = B α . Proof
Follows from the definition of ≃ and the Tautology Theorem for bothparts. ✷ Corollary 10.1.5 ⊢ ef T o . Proof
By the definition of T o , Axiom 6.2, Lemma 10.1.4, and Proposition 10.1.1. ✷ Both versions of the Quasi-Equality Rules (analog of the Equality Rules(5201)) follow from Lemma 10.1.1 and Rule 1. By virtue of Lemmas 10.1.3 andthe Quasi-Equality Rules, Rule 1 is valid if the hypothesis A α ≃ B α is replacedby B α ≃ A α , A α = B α , or B α = A α , Proposition 10.1.6 ⊢ ef A o ↓ where A o is evaluation-free.2. ⊢ A o ↓ . Proof
By Axioms 6.1–3 and 6.5–8 for both parts. ✷ Lemma 10.1.7
Let A α and B β be evaluation-free. Either ⊢ ef [ sub ǫǫǫǫ p A α q p x α q p B β q ] ↑ or ⊢ ef sub ǫǫǫǫ p A α q p x α q p B β q = p C β q for some (evaluation-free) wff C β . Proof
Follows from Axiom 6.11, Axiom 10, Lemma 10.1.3, Specifications 7–9,the Tautology Theorem, and Rule 1. ✷ When A α and B β are evaluation-free, let S x α A α B β be the wff sub ǫǫǫǫ p A α q p x α q p B β q denotes if sub ǫǫǫǫ p A α q p x α q p B β q is defined and be un-defined otherwise. 58 heorem 10.1.8 (Beta-Reduction Theorem: Analog of 5207) ⊢ ef A α ↓ ⊃ [ λ x α B β ] A α ≃ S x α A α B β , provided S x α A α B β is defined, where A α and B β are evaluation-free.2. ⊢ [ A α ↓ ∧ sub ǫǫǫǫ p A α q p x α q p B β q = p C β q ] ⊃ [ λ x α B β ] A α ≃ C β . Proof
Part 1 is by Axiom 4, Lemma 10.1.7, and the Tautology Theorem.Part 2 is immediately by Axiom 4.1. ✷ Theorem 10.1.9 (Universal Instantiation: Analog of 5215)
1. If H ef ⊢ ef A α ↓ and H ef ⊢ ef ∀ x α B o , then H ef ⊢ ef S x α A α B o , provided S x α A α B β is defined, where A α and B β are evaluation-free.2. If H ⊢ A α ↓ , H ⊢ sub ǫǫǫǫ p A α q p x α q p B o q = p C o q , and H ⊢ ∀ x α B o , then H ⊢ C o .3. If H ⊢ [ λ x α B o ] A α = C o and H ⊢ ∀ x α B o , then H ⊢ C o .4. If H ⊢ ∀ x α B o , then H ⊢ B o . ProofPart 1 H ef ⊢ ef λ x α T o = λ x α B o . (1) H ef ⊢ ef [ λ x α T o ] A α ≃ [ λ x α B o ] A α . (2) H ef ⊢ ef T o ≃ S x α A α B β . (3) H ef ⊢ ef S x α A α B β . (4)(1) is by the definition of ∀ ; (2) follows from (1) by the Quasi-Equality Rules; (3)follows from (2) by the first hypothesis, the Beta-Reduction Theorem (part 1),and Rule 1; and (4) follows from (3) and Corollary 10.1.5 by Rule 1. Part 2
Similar to Part 1.
Part 3
Similar to Part 1.
Part 4
Follows from Axiom 4.10, Lemma 10.1.4, and part 3 of this theorem. ✷ Theorem 10.1.10 (Universal Generalization: Analog of 5220)
1. If H ef ⊢ ef A o , then H ef ⊢ ef ∀ x α A o where A o is evaluation-free.2. If H ⊢ A o , then H ⊢ ∀ x α A o . roofPart 1 H ef ⊢ ef A o (1) H ef ⊢ ef T o = A o (2) H ef ⊢ ef λx α T o = λx α T o (3) H ef ⊢ ef ∀ x α A o . (4)(1) is by hypothesis; (2) follows from (1) by the Tautology Theorem; (3) is byAxiom 6.5, Lemma 10.1.4, and Proposition 10.1.1; and (4) follows from (2) and(3) by Rule 1 and the definition of ∀ . Part 2
Similar to Part 1. ✷ Lemma 10.1.11 (Analog of 5209) If ⊢ ef A α ↓ and ⊢ ef B β ≃ C β , then ⊢ ef S x α A α [ B β ≃ C β ] , provided S x α A α [ B β ≃ C β ] is defined. Proof
Similar to the proof of 5209 in [2]. It uses Proposition 10.1.1, theBeta-Reduction Theorem (part 1), and Rule 1. ✷ Corollary 10.1.12 If ⊢ ef A α ↓ and ⊢ ef B o = C o , then ⊢ ef S x α A α [ B o = C o ] ,provided S x α A α [ B o = C o ] is defined. Proof
By Lemma 10.1.3, Lemma 10.1.11, Proposition 10.1.6, and the TautologyTheorem. ✷ Lemma 10.1.13 (Analog of 5205) ⊢ ef f αβ = λ y β [ f αβ y β ] . Proof
Similar to the proof of 5205 in [2]. It uses Axiom 3, Axioms 6.1 and6.5, Corollary 10.1.12, Lemmas 10.1.3 and 10.1.4, the Quasi-Equality Rules, theBeta-Reduction Theorem (part 1), and Rule 1. ✷ Lemma 10.1.14 (Analog of 5206) ⊢ ef λ x β A α = λ z β S x β z β A α , provided z β isnot free in A α and S x β z β A α is defined. Proof
Similar to the proof of 5206 in [2]. It employs Axioms 6.1 and 6.5,Corollary 10.1.12, Lemma 10.1.13, the Beta-Reduction Theorem (part 1), andRule 1. ✷ Analogs of α -conversion, β -conversion, and η -conversion in [2] for evaluation-free proof are obtained directly from Lemma 10.1.14, the Beta-Reduction The-orem (part 1), Lemma 10.1.13 using Lemma 10.1.11 and Rule 1. Theorem 10.1.15 (Deduction Theorem: Analog of 5240)
Let A o and H o be syntactically closed evaluation-free formulas. If H ef ∪ { H o } ⊢ ef A o , then H ef ⊢ ef H o ⊃ A o . Proof
Similar to the proof of 5240 in [2]. It uses Axioms 1–3 and 6, the Tau-tology Theorem, the Beta-Reduction Theorem (part 1), Universal Instantiation(part 1), Universal Generalization, α -conversion, and Rule 1. ✷ The metatheorems we prove in this subsection are not analogs of metatheoremsof Q ; they involve ordered pairs, quotation, and evaluation. Lemma 10.2.1 (Ordered Pairs) ⊢ ef ∀ x α ∀ y β [ pair h αβ i βα x α y β ] ↓ .2. ⊢ ef ∀ x α ∀ y β [ fst α h αβ i [ pair h αβ i βα x α y β ] = x α ] .3. ⊢ ef ∀ x α ∀ y β [ snd β h αβ i [ pair h αβ i βα x α y β ] = v β ] .4. ⊢ ef ∀ z h αβ i [ pair h αβ i βα [ fst α h αβ i z h αβ i ][ snd β h αβ i z h αβ i ] = z h αβ i ] . Proof
These four metatheorems of Q uqe0 can be straightforwardly proved usingthe definitions of fst α h αβ i and snd β h αβ i and Axioms 8 and 9. ✷ Theorem 10.2.2 (Injectiveness of Quotation) If ⊢ ef p A α q = p B α q , then A α = B α . Proof
Assume ⊢ ef p A α q = p B α q . By Specification 1 and Rule 1, this implies ⊢ ef E ( A α ) = E ( B β ). From this and Specifications 4.1–28, we can prove that A α = B α by induction on the size of A α . ✷ Theorem 10.2.3 (Disquotation Theorem) If D δ is evaluation-free, then ⊢ J p D δ q K α ≃ D δ . Proof
The proof is by induction on the size of D δ . Case 1 : D δ is x α . Then ⊢ J p x α q K α = x α by Axiom 11.1. Case 2 : D δ is a primitive constant c α . Then ⊢ J p c α q K α = c α by Ax-iom 11.2. Case 3 : D δ is A αβ B β . Assume (a) A αβ B β is evaluation-free. (a) implies(b) A αβ and B β are evaluation-free. Then we can derive the conclusionof the theorem as follows: ⊢ J p A αβ B β q K α ≃ J p A αβ B β q K α . (1) ⊢ J p A αβ B β q K α ≃ J E ( A αβ B β ) K α . (2) ⊢ J p A αβ B β q K α ≃ J app ǫǫǫ E ( A αβ ) E ( B β ) K α . (3) ⊢ J p A αβ B β q K α ≃ J app ǫǫǫ p A αβ q p B β q K α . (4) ⊢ J app ǫǫǫ p A αβ q p B β q K α ≃ J p A αβ q K αβ J p B β q K β . (5) ⊢ J p A αβ B β q K α ≃ J p A αβ q K αβ J p B β q K β . (6) ⊢ J p A αβ B β q K α ≃ A αβ B β . (7)(1) is by Proposition 10.1.1; (2) and (4) follow from the (1) and (3),respectively, and Specification 1 by Rule 1; (3) follows from (2) by thedefinition of E ; (5) is by Axiom 11.3; (6) follows from (4) and (5) byRule 1; (7) follows from (b), the induction hypothesis, and (6) by Rule 1.61 ase 4 : D δ is λ x β A α . Similar to Case 2. It is necessary to use the factthat E ( A α ) is semantically closed. Case 5 : D δ is if A o B α C α . Similar to Case 2. Case 6 : D δ is p A α q . Then we can derive the conclusion of the theoremas follows: ⊢ J pp A α qq K ǫ ≃ J pp A α qq K ǫ . (1) ⊢ J pp A α qq K ǫ ≃ J E ( p A α q ) K ǫ . (2) ⊢ J pp A α qq K ǫ ≃ J quot ǫǫ E ( A α ) K ǫ . (3) ⊢ J pp A α qq K ǫ ≃ J quot ǫǫ p A α q K ǫ . (4) ⊢ J quot ǫǫ p A α q K ǫ ≃ if J quot ǫǫ p A α q K ǫ ↓ p A α q ⊥ ǫ . (5) ⊢ J quot ǫǫ p A α q K ǫ ≃ if J pp A α qq K ǫ ↓ p A α q ⊥ ǫ . (6) ⊢ J pp A α qq K ǫ ↓ . (7) ⊢ J quot ǫǫ p A α q K ǫ ≃ p A α q . (8) ⊢ J pp A α qq K ǫ ≃ p A α q . (9)(1) is by Proposition 10.1.1; (2) and (4) follow from the (1) and (3),respectively, and Specification 1 by Rule 1; (3) follows from (2) by thedefinition of E ; (5) is by Axiom 11.6; (6) follows from (4) and (5) byRule 1; (7) is by Axiom 6.8; (8) follows from (6) and (7) by Axiom 10.1and Rule 1; and (9) follows from (4) and (8) by Rule 1. Case 7 : D δ is J A ǫ K α . The theorem holds trivially in this case since D δ is not evaluation-free. ✷
11 Completeness P uqe is complete for Q uqe0 if H | = n A o implies H ⊢ A o whenever A o is a formulaand H is a set of sentences of Q uqe0 . However, P uqe is actually not complete for Q uqe0 . For instance, let A o be the sentence[ λx ǫ λy ǫ J app ǫǫǫ x ǫ y ǫ K α ] p ∼ oo qp T o q = F o . Then, as observed in subsection 7.8, | = n A o holds but ⊢ A o does not hold. P uqe is evaluation-free complete for Q uqe0 if H | = efn A o implies H ⊢ ef A o whenever A o is an evaluation-free formula and H is a set of syntactically closedevaluation-free formulas of Q uqe0 . We will prove that P uqe is evaluation-freecomplete. Our proof will closely follow the proof of Theorem 22 (Henkin’sCompleteness Theorem for Q u0 ) in [23] which itself is based on the proof of 5502(Henkin’s Completeness and Soundness Theorem) in [2].62 For any set S , let card( S ) be the cardinality of S . Let L ( Q uqe0 ) be the set ofwffs of Q uqe0 , let κ = card( L ( Q uqe0 )), let C α be a well-ordered set of cardinality κ of new primitive constants of type α for each α ∈ T , and let C = S α ∈T C α .Define Q uqe0 to be the logic that extends Q uqe0 as follows. The syntax of Q uqe0 is obtained from the syntax of Q uqe0 by adding the members of C to the primi-tive constants of Q uqe0 without extending the set of quotations of Q uqe0 . That is, p c α q is not a wff of Q uqe0 for all c α ∈ C , and E is still only defined on the wffsof Q uqe0 . Let L ( Q uqe0 ) be the set of wffs of Q uqe0 . Obviously, card( L ( Q uqe0 )) = κ .The semantics of Q uqe0 is the same as the semantics of Q uqe0 except that ageneral or evaluation-free model for Q uqe0 is a general or evaluation-free model h{D α | α ∈ T } , J i for Q uqe0 where the domain of J has been extended to in-clude C . Let P uqe be the proof system that is obtained from P uqe by replacingthe phrase “primitive constant” with the phrase “primitive constant not in C ”in each formula schema in Specifications 1–9 and Axioms 1–12 except Axiom6.2. Since L ( Q uqe0 ) is a proper superset of L ( Q uqe0 ), the axioms of P uqe are aproper superset of the axioms of P uqe . P uqe has the same rules of inference as P uqe . Let H ⊢ ef A o mean there is an evaluation-free proof of A o from H in P uqe . Assume Q uqe0 inherits all the other definitions of Q uqe0 .An xwff of Q uqe0 is a syntactically closed evaluation-free wff of Q uqe0 . An xwff α is an xwff of type α . Let H be a set of xwffs o of Q uqe0 . H is evaluation-freecomplete in P uqe if, for every xwff o A o of Q uqe0 , either H ⊢ ef A o or H ⊢ ef ∼ A o . H is evaluation-free extensionally complete in P uqe if, for every xwff o of theform A αβ = B αβ of Q uqe0 , there is an xwff C β such that:1. H ⊢ ef C β ↓ .2. H ⊢ ef [ A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ C β ≃ B αβ C β ]] ⊃ [ A αβ = B αβ ]. Lemma 11.1.1 (Extension Lemma)
Let G be a set of xwffs o of Q uqe0 con-sistent in P uqe . Then there is a set H of xwffs o of Q uqe0 such that:1. G ⊆ H .2. H is consistent in P uqe .3. H is evaluation-free complete in P uqe .4. H is evaluation-free extensionally complete in P uqe . Proof
The proof is very close to the proof of 5500 in [2]. By transfiniteinduction, a set G τ of xwffs α is defined for each ordinal τ ≤ κ . The maindifference between our proof and the proof of 5500 is that, in case (c) of thedefinition of G τ +1 , G τ +1 = G τ ∪ {∼ [ A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ c β ≃ B αβ c β ]] } c β is the first constant in C β that does not occur in G τ or A αβ = B αβ .(Notice that ⊢ ef c β ↓ by Axiom 6.2.)To prove that G τ +1 is consistent in P uqe assuming G τ is consistent in P uqe when G τ +1 is obtained by case (c) , it is necessary to show that, if G τ ⊢ ef A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ c β ≃ B αβ c β ] , then G τ ⊢ ef A αβ = B αβ . Assume the hypothesis of this statement. Let P be anevaluation-free proof of A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ c β ≃ B αβ c β ]from a finite subset S of G τ , and let x β be a variable that does not occur in P or S . Since c β does not occur in G τ , A αβ , or B αβ and c β ∈ C , the result ofsubstituting x β for each occurrence of c β in P is an evaluation-free proof of A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ x β ≃ B αβ x β ]from S . Therefore, S ⊢ ef A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ x β ≃ B αβ x β ] . This implies
S ⊢ ef A αβ ↓ , S ⊢ ef B αβ ↓ , S ⊢ ef ∀ x β [ A αβ x β ≃ B αβ x β ]by the Tautology Theorem and Universal Generalization. It follows from thesethat G τ ⊢ ef A αβ = B αβ by Axiom 3, the Tautology Theorem, and Rule 1.The rest of the proof is essentially the same as the proof of 5500. ✷ A general or evaluation-free model h{D α | α ∈ T } , J i for Q uqe0 is frugal ifcard( D α ) ≤ card( L ( Q uqe0 )) for all α ∈ T . Theorem 11.2.1 (Henkin’s Theorem for P uqe ) Every set of syntacticallyclosed evaluation-free formulas of Q uqe0 consistent in P uqe has a frugal normalevaluation-free model. Proof
The proof is very close to the proof of Theorem 21 in [23]. Let G be aset of xwffs α of Q uqe0 consistent in P uqe , and let H be a set of xwffs α of Q uqe0 that satisfies the four statements of the Extension Lemma. Step 1
We define simultaneously, by recursion on γ ∈ T , a frame {D α | α ∈ T } and a partial function V whose domain is the set of xwffs of Q uqe0 so that thefollowing conditions hold for all γ ∈ T :(1 γ ) D γ = {V ( A γ ) | A γ is a xwff γ and H ⊢ ef A γ ↓} .642 γ ) V ( A γ ) is defined iff H ⊢ ef A γ ↓ for all xwffs A γ .(3 γ ) V ( A γ ) = V ( B γ ) iff H ⊢ ef A γ = B γ for all xwffs A γ and B γ .Let V ( x ) ≃ V ( y ) mean either V ( x ) and V ( y ) are both defined and equal or V ( x )and V ( y ) are both undefined. Step 1.1
We define D ı and V on xwffs ı . For each xwff A ı , if H ⊢ ef A ı ↓ , let V ( A ı ) = { B ı | B ı is a xwff ı and H ⊢ ef A ı = B ı } , and otherwise let V ( A ı ) be undefined. Also, let D ı = {V ( A ı ) | A ı is a xwff ı and H ⊢ ef A ı ↓} . (1 ı ), (2 ı ), and (3 ı ) are clearly satisfied. Step 1.2
We define D o and V on xwffs o . For each xwff A o , if H ⊢ ef A o ,let V ( A o ) = T , and otherwise let V ( A o ) = F . Also, let D o = { T , F } . By theconsistency and evaluation-free completeness of H , exactly one of H ⊢ ef A o and H ⊢ ef ∼ A o holds. By Proposition 10.1.6, H ⊢ ef A o ↓ for all wffs A o . Hence (1 o ),(2 o ), and (3 o ) are satisfied. Step 1.3
We define D ǫ and V on xwffs ǫ . Let D ǫ = {E ( A α ) | A α is a wff of Q uqe0 } . Choose a mapping f from { A ǫ | A ǫ is an xwff ǫ and H ⊢ ef A ǫ ↓} to D ǫ such that:1. f ( A ǫ ) = f ( B ǫ ) iff H ⊢ ef A ǫ = B ǫ .2. If H ⊢ ef A ǫ = E ( C γ ), then f ( A ǫ ) = E ( C γ ).3. If H ⊢ ef wff αoǫ A ǫ , then f ( A ǫ ) = E ( C α ) for some wff C α .It is possible to choose such a mapping by Lemma 10.2.2, Specification 6.13, andthe fact that card( L ( Q uqe0 )) = card( L ( Q uqe0 )). For each xwff A ǫ , if H ⊢ ef A ǫ ↓ ,let V ( A ǫ ) = f ( A ǫ ), and otherwise let V ( A ǫ be undefined. (2 ǫ ) and (3 ǫ ) areclearly satisfied; (1 ǫ ) is satisfied since, for all wffs A α of Q uqe0 , E ( A α ) is anxwff ǫ by the definition of E and Specification 7 and H ⊢ ef E ( A α ) ↓ by Axiom6.7 and Specification 1. Step 1.4
We define D αβ and V on xwffs αβ for all α, β ∈ T . Now suppose that D α and D β are defined and that the conditions hold for α and β . For each xwff A αβ , if H ⊢ ef A αβ ↓ , let V ( A αβ ) be the (partial or total) function from D β to D α whose value, for any argument V ( B β ) ∈ D β , is V ( A αβ B β ) if V ( A αβ B β ) isdefined and is undefined if V ( A αβ B β ) is undefined, and otherwise let V ( A αβ ) beundefined. We must show that this definition is independent of the particularxwff B β used to represent the argument. So suppose V ( B β ) = V ( C β ); then65 ⊢ ef B β = C β by (3 β ), so H ⊢ ef A αβ B β ≃ A αβ C β by Lemma 10.1.3 andthe Quasi-Equality Rules, and so V ( A αβ B β ) ≃ V ( A αβ C β ) by (2 α ) and (3 α ).Finally, let D αβ = {V ( A αβ ) | A αβ is a xwff αβ and H ⊢ ef A αβ ↓} . (1 αβ ) and (2 αβ ) are clearly satisfied; we must show that (3 αβ ) is satisfied. Sup-pose V ( A αβ ) = V ( B αβ ). Then H ⊢ ef A αβ ↓ and H ⊢ ef B αβ ↓ . Since H isevaluation-free extensionally complete, there is a C β such that H ⊢ ef C β ↓ and H ⊢ ef [ A αβ ↓ ∧ B αβ ↓ ∧ [ A αβ C β ≃ B αβ C β ]] ⊃ [ A αβ = B αβ ] . Then V ( A αβ C β ) ≃ V ( A αβ )( V ( C β )) ≃ V ( B αβ )( V ( C β )) ≃ V ( B αβ C β ) , so H ⊢ ef A αβ C β ≃ B αβ C β by (2 α ) and (3 α ), and so H ⊢ ef A αβ = B αβ . Now suppose H ⊢ ef A αβ = B αβ . Then, for all xwffs C β ∈ D β , H ⊢ ef A αβ C β ≃ B αβ C β by Lemma 10.1.3 and the Quasi-Equality Rules, and so V ( A αβ )( V ( C β )) ≃V ( A αβ C β ) ≃ V ( B αβ C β ) ≃ V ( B αβ )( V ( C β )) . Hence V ( A αβ ) = V ( B αβ ). Step 1.5
We define D h αβ i and V on xwffs h αβ i for all α, β ∈ T . Now supposethat D α and D β are defined and that the conditions hold for α and β . For eachxwff A h αβ i , if H ⊢ ef A h αβ i ↓ , let V ( A h αβ i ) = hV ( fst α h αβ i A h αβ i ) , V ( snd β h αβ i A h αβ i ) i , and otherwise let V ( A h αβ i ) be undefined. Also, let D h αβ i = {V ( A h αβ i ) | A h αβ i is a xwff h αβ i and H ⊢ ef A h αβ i ↓} . (1 h αβ i ) and (2 h αβ i ) are clearly satisfied; we must show that (3 h αβ i ) is satisfied. V ( A h αβ i ) = V ( B h αβ i ) (1)iff h ( V ( fst α h αβ i A h αβ i ) , V ( snd β h αβ i A h αβ i )) , ( V ( fst α h αβ i B h αβ i ) , V ( snd β h αβ i B h αβ i )) i (2)iff V ( fst α h αβ i A h αβ i ) = V ( fst α h αβ i B h αβ i ) and V ( snd β h αβ i A h αβ i ) = V ( snd β h αβ i B h αβ i ) (3)iff H ⊢ ef fst α h αβ i A h αβ i = fst α h αβ i B h αβ i and H ⊢ ef snd β h αβ i A h αβ i = snd β h αβ i B h αβ i (4)iff H ⊢ ef pair h αβ i βα [ fst α h αβ i A h αβ i ] [ snd β h αβ i A h αβ i ] = pair h αβ i βα [ fst α h αβ i B h αβ i ] [ snd β h αβ i B h αβ i ] (5)iff H ⊢ ef A h αβ i = B h αβ i . (6)(2) is by the definition of V on xwffs h αβ i ; (3) is by definition of ordered pairs;(4) is by (3 α ) and (3 β ); (5) is by Axiom 9.1; and (6) is by Axioms 9.1 and 9.2.Hence (3 h αβ i ) is satisfied. 66 tep 2 We claim that M = h{D α | α ∈ T } , Vi is an interpretation. For eachprimitive constant c γ of Q uqe0 , c γ is an xwff γ and H ⊢ ef c γ ↓ by Axiom 6.2, andthus V maps each primitive constant of Q uqe0 of type γ into D γ by (1 γ ) and (2 γ ). Step 2.1
We must show V ( Q oαα ) = J ( Q oαα ), i.e., that V ( Q oαα ) is theidentity relation on D α . Let V ( A α ) and V ( B α ) be arbitrary members of D α . Then V ( A α ) = V ( B α ) iff H ⊢ ef A α = B α iff H ⊢ ef Q oαα A α B α iff T = V ( Q oαα A α B α ) = V ( Q oαα )( V ( A α ))( V ( B α )) . Thus V ( Q oαα ) is the identityrelation on D α . Step 2.2
We must show that V ( ι α ( oα ) ) = J ( ι α ( oα ) ), i.e., that, for α = o , V ( ι α ( oα ) ) is the unique member selector on D α . For α = o , let V ( A oα ) be anarbitrary member of D oα and x α be a variable that does not occur in A oα . Sup-pose V ( A oα ) = V ( Q oαα B α ). We must show that V ( ι α ( oα ) )( V ( A oα )) = V ( B α ).The hypothesis implies H ⊢ ef A oα = Q oαα B α , so H ⊢ ef ∃ x α [ A oα x α ] by thedefinition of ∃ , and so H ⊢ ef A oα [I x α A oα ] by Axiom 8.1 and Axiom 8.2.Hence H ⊢ ef Q oαα B α [I x α A oα ] by Rule 1, and so V ( B α ) = V (I x α A oα ) = V ( ι α ( oα ) A oα ) = V ( ι α ( oα ) )( V ( A oα )).Now suppose that V ( ∀ x α [ A oα = Q oαα x α ]) = T . We must show that V ( ι α ( oα ) )( V ( A oα )) is undefined. The hypothesis implies H ⊢ ef ∀ x α [ A oα = Q oαα x α ], so H ⊢ ef ∼ [ ∃ x α [ A oα x α ]] by the definition of ∃ , and so H ⊢ ef [I x α [ A oα x α ]] ↑ by Axiom 8.1. Hence V (I x α [ A oα x α ]) ≃ V ( ι α ( oα ) A oα ) ≃V ( ι α ( oα ) )( V ( A oα )) is undefined. Step 2.4
We must show that V ( pair h αβ i βα ) = J ( pair h αβ i βα ). Let V ( A α ) be an arbitrary member of D α and V ( B β ) be an arbitrary mem-ber of D β . We must show that V ( pair h αβ i βα A α , B β ) = hV ( A α ) , V ( B β ) i . V ( fst α h αβ i [ pair h αβ i βα A α , B β ]) = V ( A α ) iff H ⊢ ef fst α h αβ i [ pair h αβ i βα A α , B β ] = A α , which holds by the definition of fst α h αβ i and Axiom 9.1. Similarly, V ( snd β h αβ i [ pair h αβ i βα A α , B β ]) = V ( B β ) holds by the definition of snd β h αβ i andAxiom 9.1. Hence V ( pair h αβ i βα A α , B β )= hV ( fst α h αβ i [ pair h αβ i βα A α , B β ]) , V ( snd β h αβ i [ pair h αβ i βα A α , B β ]) i = hV ( A α ) , V ( B β ) i . Thus M is an interpretation. Step 3
We claim further that M is an evaluation-free model for Q uqe0 . Foreach assignment ϕ ∈ assign ( M ) and evaluation-free wff D δ , let D ϕδ = S x δ ··· x nδn E δ ··· E nδn D δ = S x δ E δ S x δ E δ · · · S x nδn E nδn D δ where x δ · · · x nδ n are the free variables of D δ and E iδ i is the first xwff (in somefixed enumeration) of L ( Q uqe0 ) such that ϕ ( x iδ i ) = V ( E iδ i ) for all i with 1 ≤ i ≤ n .Since each E iδ i is syntactically closed, D ϕδ is always defined.67et V M ϕ ( D δ ) ≃ V ( D ϕδ ). D ϕδ is clearly a xwff δ , so V M ϕ ( D δ ) ∈ D δ if V M ϕ ( D δ )is defined. We will show that the six conditions of an evaluation-free model aresatisfied as follows:.1. Let D δ be a variable x δ . Choose E δ so that ϕ ( x δ ) = V ( E δ ) as above.Then V M ϕ ( D δ ) = V M ϕ ( x δ ) = V ( x ϕδ ) = V ( E δ ) = ϕ ( x δ ).2. Let D δ be a primitive constant. Then V M ϕ ( D δ ) = V ( D ϕδ ) = V ( D δ ) = J ( D δ ).3. Let D δ be [ A αβ B β ]. If V M ϕ ( A αβ ) is defined, V M ϕ ( B β ) is defined, and V M ϕ ( A αβ ) is defined at V M ϕ ( B β ), then V M ϕ ( D δ ) = V M ϕ ( A αβ B β ) = V ( A ϕαβ B ϕβ ) = V ( A ϕαβ )( V ( B ϕβ )) = V M ϕ ( A αβ )( V M ϕ ( B β )). Now assume V M ϕ ( A αβ ) is undefined, V M ϕ ( B β ) is undefined, or V M ϕ ( A αβ ) is not definedat V M ϕ ( B β ). Then H ⊢ ef A ϕαβ ↑ , H ⊢ ef B ϕβ ↑ , or V ( A ϕαβ B ϕβ ) is undefined. H ⊢ ef A ϕαβ ↑ or H ⊢ ef B ϕβ ↑ implies H ⊢ ef A ϕαβ B ϕβ ≃ ⊥ α by Axiom 6.4.If α = o , then V M ϕ ( D δ ) = V M ϕ ( A αβ B β ) = V ( A ϕαβ B ϕβ ) = V ( F o ) = F . If α = o , then V M ϕ ( D δ ) ≃ V M ϕ ( A αβ B β ) ≃ V ( A ϕαβ B ϕβ ) ≃ V ( ⊥ α ) is undefinedby Axiom 6.11.4. Let D δ be [ λ x α B β ]. Let V ( E α ) be an arbitrary member of D α , and so E α is an xwff and H ⊢ ef E α ↓ . Given an assignment ϕ ∈ assign ( M ),let ψ = ϕ [ x α
7→ V ( E α )]. It follows from the Beta-Reduction Theo-rem (part 1) that H ⊢ ef [ λ x α B β ] ϕ E α ≃ B ψβ . Then V M ϕ ( D δ )( V ( E α )) ≃V M ϕ ([ λ x α B β ])( V ( E α )) ≃ V ([ λ x α B β ] ϕ )( V ( E α )) ≃ V ([ λ x α B β ] ϕ E α )) ≃V ( B ψβ ) ≃ V M ψ ( B β ) as required.5. Let D δ be [ c A o B α C α ]. If V M ϕ ( A o ) = T , then V M ϕ ( D δ ) ≃V M ϕ ( c A o B α C α ) ≃ V ([ c A o B α C α ] ϕ ) ≃ V ( c A ϕo B ϕα C ϕα ) ≃ V ( c T o B ϕα C ϕα ) ≃V ( B ϕα ) ≃ V M ϕ ( B α ) by Axiom 10.1. Similarly, if V M ϕ ( A o ) = F , then V M ϕ ( D δ ) ≃ V M ϕ ( B α ) by Axiom 10.2.6. Let D δ be [ q A α ]. Then V M ϕ ( D δ ) = V M ϕ ([ q A α ]) = V ([ q A α ] ϕ ) = V ([ q A α ]) = E ( A α ).Thus M is an evaluation-free model for Q uqe0 . Step 4
We must show that M is normal and frugal. If A o is an evaluation-free specifying axiom given by Specifications 1–9, then H ⊢ ef A o by Ax-iom 12, so V ( A o ) = T and M | = A o , and so M is normal. Clearly,(a) card( D α ) ≤ card( L ( Q uqe0 )) since V maps a subset of the xwffs α of Q uqe0 onto D α and (b) card( L ( Q uqe0 )) = card( L ( Q uqe0 )), and so M is frugal. Step 5
We must show that M is a frugal normal evaluation-free model for G . We have shown that M is a frugal normal evaluation-free model for Q uqe0 .Clearly, M is also a frugal normal evaluation-free model for Q uqe0 . If A o ∈ G ,68hen A o ∈ H , so H ⊢ ef A o , so V ( A o ) = T and M | = A o , and so M is anevaluation-free model for G . ✷ Theorem 11.3.1 (Evaluation-Free Completeness Theorem for P uqe ) P uqe is evaluation-free complete for Q uqe0 . Proof
Let A o be an evaluation-free formula and H be a set of syntacticallyclosed evaluation-free formulas of Q uqe0 . Assume H | = efn A o , and let B o be auniversal closure of A o . Then B o is syntactically closed and H | = efn B o byLemma 7.2.3. Suppose H ∪ {∼ B o } is consistent in P uqe . Then, by Henkin’sTheorem, there is a normal evaluation-free model M for H ∪ {∼ B o } , and so M | = ∼ B o . Since M is also a normal evaluation-free model for H , M | = B o .From this contradiction it follows that H∪{∼ B o } is inconsistent in P uqe . Hence H ⊢ ef B o by the Deduction Theorem and the Tautology Theorem. Therefore, H ⊢ ef A o by Universal Instantiation (part 1) and Axiom 6.1. ✷
12 Applications
We will now look at some applications of the machinery in Q uqe0 for reasoningabout the interplay of the syntax and semantics of Q uqe0 expressions (i.e., wffs).We will consider three kinds of applications. The first kind uses the type ǫ machinery to reason about the syntactic structure of wffs; see the examplesin subsection 12.1. The second kind uses evaluation applied to variables oftype ǫ to express syntactic variables as employed, for example, in schemas;see the examples in subsections 12.2 and 12.3. The third kind uses the fullmachinery of Q uqe0 to formalize syntax-based mathematical algorithms in themanner described in [25]; see the example in subsection 12.4. We will illustrate how the type ǫ machinery in Q uqe0 can be used to reason aboutthe syntactic structure of wffs by defining some useful constants for analyzingand manipulating implications , i.e., formulas of the form A o ⊃ B o .Let implies ǫǫǫ be a defined constant that stands for λx ǫ λy ǫ [ app ǫǫǫ [ app ǫǫǫ p ⊃ ooo q x ǫ ] y ǫ ] . Lemma 12.1.1
For all formulas A o and B o , ⊢ implies ǫǫǫ p A o q p B o q = p A o ⊃ B o q . roof ⊢ implies ǫǫǫ p A o q p B o q ≃ implies ǫǫǫ p A o q p B o q . (1) ⊢ implies ǫǫǫ p A o q p B o q ≃ [ λx ǫ λy ǫ [ app ǫǫǫ [ app ǫǫǫ p ⊃ ooo q x ǫ ] y ǫ ]] p A o q p B o q . (2) ⊢ implies ǫǫǫ p A o q p B o q ≃ app ǫǫǫ [ app ǫǫǫ p ⊃ ooo q p A o q ] p B o q . (3) ⊢ implies ǫǫǫ p A o q p B o q ≃ app ǫǫǫ p ⊃ ooo A o q p B o q . (4) ⊢ implies ǫǫǫ p A o q p B o q = p ⊃ ooo A o B o q . (5) ⊢ implies ǫǫǫ p A o q p B o q = p A o ⊃ B o q . (6)(1) is by Proposition 10.1.1; (2) follows from (1) by the definition of implies ǫǫǫ ;(3) follows from (2) and Axioms 4.2–5 and 6.6 by Rules 1 and 2; (4) follows from(3) by Specification 1; (5) follows from (4) by Specification 1; and (6) followsfrom (5) by abbreviation. ✷ That is, implies ǫǫǫ is an implication constructor : the application of it tothe syntactic representations of two formulas A o and B o denotes the syntacticrepresentation of the implication A o ⊃ B o .Let is-implication oǫ be a defined constant that stands for λx ǫ ∃ y ǫ ∃ z ǫ [ x ǫ = implies ǫǫǫ y ǫ z ǫ ] . That is, is-implication oǫ is an implication recognizer : the application of it to thesyntactic representation of a formula A o has the value T iff A o has the form B o ⊃ C o .Let antecedent ǫǫ and succedent ǫǫ be the defined constants that, respectively,stand for λx ǫ I y ǫ ∃ z ǫ [ x ǫ = implies ǫǫǫ y ǫ z ǫ ]and λx ǫ I z ǫ ∃ y ǫ [ x ǫ = implies ǫǫǫ y ǫ z ǫ ] . Then ⊢ antecedent ǫǫ p A o ⊃ B o q = p A o q and ⊢ succedent ǫǫ p A o ⊃ B o q = p B o q . That is, antecedent ǫǫ and succedent ǫǫ are implication deconstructors : the ap-plications of them to the syntactic representation of a formula A o denote thesyntactic representations of the antecedent and succedent, respectively, of A o if A o is an implication and are undefined otherwise.70et converse ǫǫ be a defined constant that stands for λx ǫ [ implies ǫǫǫ [ succedent ǫǫ x ǫ ] [ antecedent ǫǫ x ǫ ]] . Then ⊢ converse ǫǫ p A o ⊃ B o q = p B o ⊃ A o q . That is, converse ǫǫ is an implication converser : the application of it to thesyntactic representation of a formula A o denotes the syntactic representation ofthe converse of A o if A o is an implication and is undefined otherwise. The value of a wff of the form J x ǫ K α ranges over the values of wffs of type α .Thus wffs like J x ǫ K α can be used in other wffs as syntactic variables. It is thuspossible to express schemas as single wffs in Q uqe0 . As an example, let us considerthe law of excluded middle (LEM) which is usually written as a formula schemalike A o ∨ ∼ A o where A o ranges over all formulas. LEM can be naively represented in Q uqe0 as ∀ x ǫ [ J x ǫ K o ∨ ∼ J x ǫ K o ] . The variable x ǫ ranges over the syntactic representations of all wffs, not justformulas. However, J x ǫ K o is false when the value of x ǫ is not an evaluation-freeformula. A more intensionally correct representation of LEM is ∀ x ǫ [ eval-free ooǫ x ǫ ⊃ [ J x ǫ K o ∨ ∼ J x ǫ K o ]]where x ǫ is restricted to the syntactic representations of evaluation-free formu-las. This representation of LEM is a theorem of P uqe : Lemma 12.2.1 ⊢ ∀ x ǫ [ eval-free ooǫ x ǫ ⊃ [ J x ǫ K o ∨ ∼ J x ǫ K o ]] . Proof ⊢ x o ∨ ∼ x o . (1) ⊢ ∀ x o [ x o ∨ ∼ x o ] . (2) ⊢ [ λx o [ x o ∨ ∼ x o ]][ if [ eval-free ooǫ x ǫ ] J x ǫ K o ⊥ o ] ≃ [ if [ eval-free ooǫ x ǫ ] J x ǫ K o ⊥ o ] ∨ ∼ [ if [ eval-free ooǫ x ǫ ] J x ǫ K o ⊥ o ] . (3) ⊢ [ if [ eval-free ooǫ x ǫ ] J x ǫ K o ⊥ o ] ∨ ∼ [ if [ eval-free ooǫ x ǫ ] J x ǫ K o ⊥ o ] . (4) ⊢ eval-free ooǫ x ǫ ⊃ [ J x ǫ K o ∨ ∼ J x ǫ K o ] . (5) ⊢ ∀ x ǫ [ eval-free ooǫ x ǫ ⊃ [ J x ǫ K o ∨ ∼ J x ǫ K o ]] . (6)(1) is by Axiom 5; (2) follows from (1) by Universal Generalization; (3) followsfrom Axioms 4.2–4 and Proposition 10.1.6 by Rules 1 and 2; (4) follows from(2) and (3) by Universal Instantiation (part 3); (5) follows from (4) by theAxiom 10 and the Tautology Theorem; and (6) follows from (5) by UniversalGeneralization. ✷ Axiom 4.1, the law of beta-reduction for Q uqe0 , can be expressed as the followingschema whose only syntactic variables are α and β : ∀ x ǫ ∀ y ǫ ∀ z ǫ ∀ z ′ ǫ [ J x ǫ K α ↓ ∧ [ var αoǫ y ǫ ] ∧ [ wff βoǫ z ǫ ] ∧ [ wff βoǫ z ′ ǫ ] ∧ sub ǫǫǫǫ x ǫ y ǫ z ǫ = z ′ ǫ ] ⊃ J app ǫǫǫ [ abs ǫǫǫ y ǫ z ǫ ] x ǫ K β ≃ J z ′ ǫ K β Each instance of this schema (for a chosen α and β ) is valid in Q uqe0 but notprovable in P uqe . Moreover, the instances of an instance A o of this schema arenot provable in P uqe from A o since A o contains the evaluation J app ǫǫǫ [ abs ǫǫǫ y ǫ z ǫ ] x ǫ K β in which more than one variable is free.Using the technique of grouping variables together described in Example 1in subsection 7.8, we can also express Axiom 4.1 as the following schema thatcontains just the single variable x hh ǫǫ ih ǫǫ ii : ∀ x hh ǫǫ ih ǫǫ ii [[ J X ǫ K α ↓ ∧ [ var αoǫ Y ǫ ] ∧ [ wff βoǫ Z ǫ ] ∧ [ wff βoǫ Z ′ ǫ ] ∧ sub ǫǫǫǫ X ǫ Y ǫ Z ǫ = Z ′ ǫ ] ⊃ J app ǫǫǫ [ abs ǫǫǫ Y ǫ Z ǫ ] X ǫ K β ≃ J Z ′ ǫ K β ]where: X ǫ is fst ǫ h ǫǫ i [ fst h ǫǫ ihh ǫǫ ih ǫǫ ii x hh ǫǫ ih ǫǫ ii ] Y ǫ is snd ǫ h ǫǫ i [ fst h ǫǫ ihh ǫǫ ih ǫǫ ii x hh ǫǫ ih ǫǫ ii ] Z ǫ is fst ǫ h ǫǫ i [ snd h ǫǫ ihh ǫǫ ih ǫǫ ii x hh ǫǫ ih ǫǫ ii ] Z ′ ǫ is snd ǫ h ǫǫ i [ snd h ǫǫ ihh ǫǫ ih ǫǫ ii x hh ǫǫ ih ǫǫ ii ] . Like the first schema, each instance of this second schema is valid in Q uqe0 butnot provable in P uqe . However, unlike the first schema, the instances of aninstance A o of the second schema are provable in P uqe from A o . Suppose A is an algorithm that, given two formulas A o and B o as input, returnsas output (1) B o if A o is T o , (2) A o if B o is T o , (3) F o if either A o or B o is F o , or (4) A o ∧ B o otherwise. Although this is a trivial algorithm, we can use itto illustrate how a syntax-based mathematical algorithm can be formalized in Q uqe0 . As described in [25] we need to do the following three things to formalize A in Q uqe0 .1. Define an operator O A in Q uqe0 as a constant that represents A .2. Prove in P uqe that O A is mathematically correct.3. Devise a mechanism for using O A in Q uqe0 .72et and ǫǫǫ be a defined constant that stands for λx ǫ λy ǫ [ app ǫǫǫ [ app ǫǫǫ p ∧ ooo q x ǫ ] y ǫ ] . Then ⊢ and ǫǫǫ p A o q p B o q = p A o ∧ B o q for all formulas A o and B o as shown by a derivation similar to the one for implies ǫǫǫ in the proof of Lemma 12.1.1. Define O A to be and-simp ǫǫǫ , a definedconstant that stands for λx ǫ λy ǫ [ if [ x ǫ = p T o q ] y ǫ [ if [ y ǫ = p T o q ] x ǫ [ if [ x ǫ = p F o q ] p F o q [ if [ y ǫ = p F o q ] p F o q [ and ǫǫǫ x ǫ y ǫ ]]]]] . The sentence ∀ x ǫ ∀ y ǫ [[ wff ooǫ x ǫ ∧ wff ooǫ y ǫ ] ⊃ [[ x ǫ = p T o q ⊃ and-simp ǫǫǫ x ǫ y ǫ = y ǫ ] ∧ [ y ǫ = p T o q ⊃ and-simp ǫǫǫ x ǫ y ǫ = x ǫ ] ∧ [[ x ǫ = p F o q ∨ y ǫ = p F o q ] ⊃ and-simp ǫǫǫ x ǫ y ǫ = p F o q ] ∧ [[ x ǫ = p T o q ∧ y ǫ = p T o q ∧ x ǫ = p F o q ∧ y ǫ = p F o q ] ⊃ and-simp ǫǫǫ x ǫ y ǫ = and ǫǫǫ x ǫ y ǫ ]]] , called CompBehavior , specifies the intended computational behavior of O A . Theorem 12.4.1 (Computational Behavior of and-simp ǫǫǫ ) ⊢ CompBehavior . Proof
CompBehavior follows easily in P uqe from the definition of and-simp ǫǫǫ . ✷ Hence O A represents A by virtue of having the same computational behavior asthat of A .Let us make the following definitions: P o is J and ǫǫǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] [ snd ǫ h ǫǫ i x h ǫǫ i ] K o . Q o is J and-simp ǫǫǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] [ snd ǫ h ǫǫ i x h ǫǫ i ] K o . R o is J fst ǫ h ǫǫ i x h ǫǫ i K o ∧ J snd ǫ h ǫǫ i x h ǫǫ i K o .73 o is [ if [[ fst ǫ h ǫǫ i x h ǫǫ i ] = p T o q ] J snd ǫ h ǫǫ i x h ǫǫ i K o [ if [[ snd ǫ h ǫǫ i x h ǫǫ i ] = p T o q ] J fst ǫ h ǫǫ i x h ǫǫ i K o [ if [[ fst ǫ h ǫǫ i x h ǫǫ i ] = p F o q ] J p F o q K o [ if [[ snd ǫ h ǫǫ i x h ǫǫ i ] = p F o q ] J p F o q K o P o ]]]].The formula ∀ x h ǫǫ i [[ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ [ Q o ≡ R o ]] , called MathMeaning , expresses the intended mathematical meaning of O A . Wewill show that MathMeaning is a theorem of P uqe via a series of lemmas.The first lemma asserts that the analog of the MathMeaning for and ǫǫǫ is atheorem of P uqe : Lemma 12.4.2 ⊢ ∀ x h ǫǫ i [[ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ [ P o ≡ R o ]] . Proof ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ P o (1) ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ J app ǫǫǫ [ app ǫǫǫ p ∧ ooo q [ fst ǫ h ǫǫ i x h ǫǫ i ]] [ snd ǫ h ǫǫ i x h ǫǫ i ] K o . (2) ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ J [ app ǫǫǫ p ∧ ooo q [ fst ǫ h ǫǫ i x h ǫǫ i ]] K oo J snd ǫ h ǫǫ i x h ǫǫ i K o . (3) ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ J p ∧ ooo q K ooo J fst ǫ h ǫǫ i x h ǫǫ i K o J snd ǫ h ǫǫ i x h ǫǫ i K o . (4) ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ ∧ ooo J fst ǫ h ǫǫ i x h ǫǫ i K o J snd ǫ h ǫǫ i x h ǫǫ i K o . (5) ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ P o ≡ R o . (6) ⊢ ∀ x h ǫǫ i [[ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ [ P o ≡ R o ]] . (7)(1) is by Lemmas 10.1.4, Propositions 10.1.1 and 10.1.6, and the TautologyTheorem; (2) follows from (1) by the definition of and ǫǫǫ , Axioms 4.2–5, andLemma 10.2.1; (3) and (4) follow from (2) and (3), respectively, by Axiom 11.3,Lemma 10.2.1, and Specification 6; (5) follows from (4) by Axiom 11.2; (6) isby abbreviation; and (7) is by Universal Generalization. ✷ The second lemma shows how Q o can be reduced: Lemma 12.4.3 ⊢ Q o ≡ S o . Proof
The right side of the equation is obtained from the left side in three steps.First, and-simp ǫǫǫ is replaced by its definition. Second, the resulting formula isbeta-reduced using Axioms 4.2–5 and 4.8 and parts 2 and 3 of Lemma 10.2.1.And third, evaluations are pushed inward using Axiom 10.3. ✷ The next lemma consists of five theorems of P uqe :74 emma 12.4.4 ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [ Q o ≡ R o ] .2. ⊢ x h ǫǫ i = [ pair h oo i oo p F o q p T o q ] ⊃ [ Q o ≡ R o ] .3. ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p F o q ] ⊃ [ Q o ≡ R o ] .4. ⊢ x h ǫǫ i = [ pair h oo i oo p F o q p F o q ] ⊃ [ Q o ≡ R o ] .5. ⊢ [ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ∧ x h ǫǫ i = [ pair h oo i oo p F o q p T o q ] ∧ x h ǫǫ i = [ pair h oo i oo p T o q p F o q ] ∧ x h ǫǫ i = [ pair h oo i oo p F o q p F o q ] ∧ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]]] ⊃ [ Q o ≡ R o ] . ProofPart 1 ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [[ λx h ǫǫ i [ Q o ≡ R o ]] x h ǫǫ i ≡ [ λx h ǫǫ i [ Q o ≡ R o ]][ pair h oo i oo p T o q p T o q ]] . (1) ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [[ Q o ≡ R o ] ≡ [ λx h ǫǫ i [ Q o ≡ R o ]][ pair h oo i oo p T o q p T o q ]] . (2) ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [[ Q o ≡ R o ] ≡ [ λx h ǫǫ i [ S o ≡ R o ]][ pair h oo i oo p T o q p T o q ]] . (3) ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [[ Q o ≡ R o ] ≡ [ J p T o q K o ≡ J p T o q K o ∧ J p T o q K o ]] . (4) ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [[ Q o ≡ R o ] ≡ T o ] . (5) ⊢ x h ǫǫ i = [ pair h oo i oo p T o q p T o q ] ⊃ [ Q o ≡ R o ] . (6)(1) is by Axiom 2; (2) follows from (1) by Axiom 4.10; (3) follows from (2) byLemma 12.4.3 and Rule 1; (4) follows from (3) by Lemma 10.2.1, part 2 of theBeta-Reduction Theorem, Axiom 10.1, and the Tautology Theorem; (5) follows(4) by Axiom 11.2 and the Tautology Theorem; (6) follows from (5) by theTautology Theorem. Part 2
Similar to Part 1.
Part 3
Similar to Part 1.
Part 4
Similar to Part 1.
Part 5
Let A o be the antecedent of the implication in part 5 of the lemma. ⊢ P o ≡ R o (1) ⊢ A o ⊃ [ P o ≡ R o ] (2) ⊢ A o ⊃ [ S o ≡ R o ] (3) ⊢ A o ⊃ [ Q o ≡ R o ] (4)751) is by Lemma 12.4.2 and part 4 of Universal Instantiation; (2) follows from (1)by the Tautology Theorem; (3) follows from (2) by Axiom 10.2, Lemma 10.2.1,and the Tautology Theorem; and (4) follows from (3) by Lemma 12.4.3 andRule 1. ✷ Finally, the theorem below shows that
MathMeaning is a theorem of P uqe : Theorem 12.4.5 (Mathematical Meaning of and-simp ǫǫǫ ) ⊢ MathMeaning . Proof ⊢ [ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]] ⊃ [ Q o ≡ R o ]follows from Lemmas 10.2.1 and 12.4.4 and the Tautology Theorem. Then ⊢ ∀ x h ǫǫ i [[ wff ooǫ [ fst ǫ h ǫǫ i x h ǫǫ i ] ∧ wff ooǫ [ snd ǫ h ǫǫ i x h ǫǫ i ]]] ⊃ [ Q o ≡ R o ]]follows from this by Universal Generalization. ✷ Hence O A is mathematically correct.While A manipulates formulas, and-simp ǫǫǫ manipulates syntactic represen-tations of formulas. An application of O A has the form and-simp ǫǫǫ p A o q p B o q .Its value can be computed by expanding its definition, beta-reducing using Ax-iom 4, and then rewriting the resulting wff using Axiom 10 and Specification 1.If A o and B o are evaluation-free, its meaning can be obtained by instantiatingthe universal formula MathMeaning with the wff h p A o q , p B o q i and then simpli-fying.
13 Conclusion
We have presented a version of simple type theory called Q uqe0 that admits un-defined expressions, quotations, and evaluations. Q uqe0 is based on Q , a versionof Church’s type theory [12] developed by Peter B. Andrews [2]. Q uqe0 directlyformalizes the traditional approach to undefinedness [19] in which undefinedexpressions are treated as legitimate, nondenoting expressions that can be com-ponents of meaningful statements. It has the same facility for reasoning aboutundefinedness as Q u0 [23] that is derived from Q . In addition, it has a facility forreasoning about the syntax of expressions based on quotation and evaluation.The syntax of Q uqe0 differs from the syntax of Q by having the followingnew machinery: a base type ǫ that denotes a domain of syntactic values, aquotation operator, an evaluation operator, and several constants involving thetype ǫ . Q uqe0 also has some additional new machinery for ordered pairs and con-ditionals: a type constructor for forming types that denote domains of ordered76airs, a constant for forming ordered pairs, and an expression constructor forforming conditionals. The semantics of Q uqe0 is based on Henkin-style generalmodels [41] that include partial functions as well as total functions and in whichexpressions may be undefined. The expression constructor for conditionals isnonstrict with respect to undefinedness. An application of the quotation opera-tor to an expression denotes a syntactic value that represents the expression. Anapplication of the evaluation operator to an expression E denotes the value ofthe expression represented by the value of E . To avoid the Evaluation Problemmentioned in the Introduction, an evaluation J p A ǫ q K α is undefined when A ǫ isnot evaluation-free.The syntax and semantics of Q uqe0 are modest modifications of the syntaxand semantics of Q u0 , but P uqe , the proof system of Q uqe0 , is a major modifica-tion of P u , the proof system of Q u0 . The substitution operation that is neededto perform beta-reduction is defined in the metalogic of Q u0 , while it is repre-sented in Q uqe0 by a primitive constant sub ǫǫǫǫ . To avoid the Variable Problemmentioned in the Introduction, sub ǫǫǫǫ defines a semantics-dependent form ofsubstitution. Moreover, the syntactic side conditions concerning free variablesand substitution that are expressed in the metalogic of a traditional logic areexpressed in the language of Q uqe0 . We prove that P uqe is sound with respectto the semantics of Q uqe0 (Theorem 9.2.1), but it is not complete. However, itis complete for evaluation-free formulas (Theorem 11.3.1). Q uqe0 is not complete because it is not possible to beta-reduce all applica-tions of function abstraction. There are two ways of performing beta-reductionin Q uqe0 . The first way uses the specifying axioms of the primitive constant sub ǫǫǫǫ to perform substitution as expressed by Axiom 4.1. This first way worksfor all applications of function abstraction involving just evaluation-free wffs,but it works for only some applications involving evaluations. The second wayuses the basic properties of lambda-notation as expressed by Axioms 4.2–10.Like the first way, this second way works for all applications of function ab-straction involving just evaluation-free wffs, but it works for only some appli-cations involving evaluations. However, the two ways complement each otherbecause they work for different applications of function abstraction involvingevaluations. The construction of Q uqe0 demonstrates how the replete approach to reasoningabout syntax [25] — in which it is possible to reason about the syntax of theentire language of the logic using quotation and evaluation operators defined inthe logic — can be implemented in Church’s type theory [12]. Moreover, theimplementation ideas employed in Q uqe0 can be applied to other traditional logicslike first-order logic. Even though the proof system of Q uqe0 is not complete, itis powerful enough to be useful. We have illustrated how Q uqe0 can be usedto (1) reason about the syntactic structure of expressions, (2) represent andinstantiate schemas with syntactic variables, and (3) formalize syntax-basedmathematical algorithms in the sense given in [25]. We believe Q uqe0 is the first77mplementation of the replete approach in a traditional logic.The most innovative and complex part of Q uqe0 is the semantics-based form ofsubstitution represented by the primitive constant sub ǫǫǫǫ . It provides the meansto instantiate both variables occurring in evaluations and variables resultingfrom evaluations. In particular, it enables schemas expressed using evaluation(e.g., as given in subsections 12.2 and 12.3) to be instantiated. We showedthat the substitution mechanism is correct by proving the law of beta-reductionformulated using sub ǫǫǫǫ (Theorem 7.5.2). The proof of this theorem is intricateand involves many lemmas. Q uqe0 is intended primarily for theoretical purposes; it is not designed tobe used in practice. A more practical version of Q uqe0 could be obtained byextending it in some of the ways discussed in [24]. For instance, Q uqe0 could beextended to include type variables as in the logic of the hol theorem provingsystem [34] and its successors [40, 44, 51] or subtypes as in the logic of the imps theorem proving system [26, 27]. These additions would significantly raise thepractical expressivity of the logic but would further raise the complexity of thelogic. Many of these kinds of practical measures are implemented together inthe logic Chiron [21, 22], a derivative of von-Neumann-Bernays-G¨odel ( nbg )set theory that admits undefined expressions, has a rich type system, and isequipped with a facility of reasoning about syntax that is very similar to Q uqe0 ’s. Reasoning in Logic about Syntax
Reasoning in a logic about syntax begins with Kurt G¨odel’s famous use of
G¨odelnumbers in [33] to encode expressions. G¨odel, Tarski, and others used reason-ing about syntax to show some of the limits of formal logic by reflecting themetalogic of a logic into the logic itself.
Reflection is a technique to embed rea-soning about a reasoning system (i.e., metareasoning) in the reasoning systemitself. It very often involves the syntactic manipulation of expressions. Reflec-tion has been employed in logic both for theoretical purposes [42] and practicalpurposes [39].The technique of deep embedding is used to reason in a logic about the syntaxof a particular language [8, 13, 68]. This is usually done with the local approachbut could also be done with the global approach. A deep embedding can alsoprovide a basis for formalizing syntax-based mathematical algorithms. Exam-ples include the ring tactic implemented in Coq [14] and Wojciech Jedynak’ssemiring solver in Agda [49, 50, 67].Florian Rabe proposes in [57] a method for freely adding literals for thevalues in a given semantic domain. This method can be used for reasoningabout syntax by choosing a language of expressions as the semantic domain.Rabe’s approach provides a quotation operation that is more general than thequotation operation we have defined for Q uqe0 . However, his approach does notprovide an escape from obstacles like the Evaluation Problem and the VariableProblem described in section 1. 78 easoning in the Lambda Calculus about Syntax Corrado B¨ohm and Alessandro Berarducci present in [6] a method for represent-ing an inductive type of values as a collection of lambda-terms. Then functionsdefined on the members of the inductive type can also be represented as lambdaterms. Both the lambda terms representing the values and those representingthe functions defined on the values can be typed in the second-order lambda cal-culus (System F) [31, 58] as shown in [6]. C. B¨ohm and his collaborators presentin [5, 7] a second, more powerful method for representing inductive types as col-lections of lambda-terms in which the lambda terms are not as easily typeableas in the first method. These two methods provide the means to efficientlyformalize syntax-based mathematical algorithms in the lambda calculus.Using the fact that inductive types can be directly represented in the lambdacalculus, Torben Æ. Mogensen in [47] represents the inductive type of lambdaterms in lambda calculus itself as well as defines an evaluation operator in thelambda calculus. He thus shows that the replete approach to reasoning aboutsyntax, minus the presence of a built-in quotation operator, can be realized inthe lambda calculus. (See Henk Barendregt’s survey paper [3] on the impact ofthe lambda calculus for a nice description of this work.)
Metaprogramming
Metaprogramming is writing computer programs to manipulate and generatecomputer programs in some programming language L . Metaprogramming isespecially useful when the “metaprograms” can be written in L itself. This isfacilitated by implementing in L metareasoning techniques for L that involvethe manipulation of program code. See [15] for a survey of how this kind of “re-flection” can be done for the major programming paradigms. The programminglanguages we mentioned in the Introduction support metaprogramming: Lisp,Agda [49, 50], Elixir [54], F quote , back-quote , and eval in the Lisp programming language. Thus metaprogramminglanguages take, more or less, the replete approach to reasoning about the syn-tax of programs. The metaprogramming language Archon [61] developed byAaron Stump offers an interesting alternate approach in which program code ismanipulated directly instead of manipulating representations of computer code. Theories of Truth
Truth is a major subject in philosophy [32]. A theory of truth seeks to explainwhat truth is and how the liar and other related paradoxes can be resolved. A semantics theory of truth defines a truth predicate for a formal language, whilean axiomatic theory of truth [37, 38] specifies a truth predicate for a formallanguage by means of an axiomatic theory. We have mentioned in Note 12 thatan evaluation of the form J A ǫ K o is a truth predicate on wffs ǫ A ǫ that represent79ormulas. Thus Q uqe0 provides a semantic theory of truth via it semantics andan axiomatic theory of truth via its proof system P uqe .Since our goal is not to explicate the nature of truth, it is not surprisingthat the semantic and axiomatic theories of truth provided by Q uqe0 are notvery innovative. Theories of truth — starting with Tarski’s work [63, 64, 65]in the 1930s — have traditionally been restricted to the truth of sentences, i.e.,formulas with no free variables. However, the Q uqe0 semantic and axiomatictheories of truth admit formulas with free variables. Q uqe0 in thesense given in [25]?2. Can a logic equipped with the machinery of Q uqe0 for reasoning aboutundefinedness and syntax be effectively implemented as a software system?3. Can the replete approach to reasoning about syntax serve as a basis tointegrate axiomatic and algorithmic mathematics?We will discuss each of these research questions in turn. Formalizing Syntax-Based Mathematical Algorithms
We conjecture that it is possible to formalize nontrivial syntax-based mathe-matical algorithms in Q uqe0 in the sense given in [25]. We intend to work out thedetails for the well-known algorithm for the symbolic differentiation of polyno-mials as described in [25]. First, we will define a theory R of the real numbersin Q uqe0 . Second, we will define in R the basic ideas of calculus including thenotions of a derivative and a polynomial. Third, we will define a constant in R that represents the symbolic differentiation algorithm for polynomials. Fourth,we will specify in R the intended computational behavior of the algorithm andprove that the constant satisfies that specification. Fifth, we will specify in R the intended mathematical meaning of the algorithm and prove that the con-stant satisfies that specification. And, finally, we will show how the constantcan be used to compute derivatives of polynomial functions in R .Polynomial functions are total (i.e., they are defined at all points on the realline) and their derivatives are also total. Hence no issues of definedness arise inthe specification of the mathematical meaning of the differentiation algorithmfor polynomials. However, functions more general than polynomial functionsas well as their derivatives may be undefined at some points. This means thatspecifying the mathematical meaning of a symbolic differentiation algorithm formore general functions will require using the undefinedness facility of Q uqe0 .80 mplementation of the Q uqe0 Machinery
It remains an open question whether a logic like Q uqe0 can be effectively im-plemented as a computer program. The undefinedness component of Q uqe0 hasbeen implemented in the imps theorem proving system [26, 27] which has beensuccessfully used to prove hundreds of theorems in traditional mathematics, es-pecially in mathematical analysis. However, quotation and evaluation wouldadd another level of complexity to a theorem proving system like imps that candeal directly with undefinedness.There are three approaches for implementing the syntax reasoning machin-ery of Q uqe0 . The first is to implement part of the machinery of Q uqe0 in anexisting implementation of Church’s type theory such as John Harrison’s HOLLight [40] in order to conduct experiments concerning reasoning about syntax.For example, a worthy experiment would be to formalize a syntax-based math-ematical algorithm like the symbolic differentiation algorithm for polynomialsmentioned above. The second is to directly implement Q uqe0 — a version of Q uqe0 with perhaps some practical additions — to test the entire design of Q uqe0 .And the third is to implement Q uqe0 ’s syntax reasoning machinery as part ofthe implementation of a general purpose logic for mechanized mathematics. Wehave engineered Chiron [21, 22] to be just such as logic. It contains essentiallythe same syntax reasoning machinery as Q uqe0 , and we have a rudimentary im-plementation of it [11].Implementing the ideas in Q uqe0 will be challenging. Reasoning about theinterplay of syntax and semantics in a logic instead of a metalogic is tricky. Itis easy for both developers and users to become confused — just ask any Lispprogrammer. A practical proof system will require new axioms and rules ofinference as well as an effective means to perform substitution in the presenceof evaluations. The latter, as we have seen, is fraught with difficulties. Finally,new notation and user-interface techniques are needed to shield the user, asmuch as possible, from low-level syntactic manipulations. Integration of Axiomatic and Algorithmic Mathematics
The MathScheme project [11], led by Jacques Carette and the author, is a long-term project being pursued at McMaster University with the aim of producinga framework in which formal deduction and symbolic computation are tightlyintegrated. A key part of the framework is the notion of a biform theory [10, 20]that is a combination of an axiomatic theory and an algorithm theory. A biformtheory is a basic unit of mathematical knowledge that consists of a set of con-cepts that denote mathematical values, transformers that denote syntax-basedalgorithms, and facts about the concepts and transformers. Since transformersmanipulate the syntax of expressions, biform theories are difficult to formalizein a traditional logic. One of the main goals of the MathScheme project is tosee if a logic like Q uqe0 that implements the replete approach to syntax reasoningcan be used develop a library of biform theories.81 cknowledgments The author is grateful to Marc Bender, Jacques Carette, Michael Kohlhase,Pouya Larjani, and Florian Rabe for many valuable discussions on the use ofquotation and evaluation in logic. Peter Andrews deserves special thanks forwriting
An Introduction to Mathematical Logic and Type Theory: To Truththrough Proof [2]. The ideas embodied in Q uqe0 heavily depend on the presen-tation of Q given in this superb textbook. References [1] M. Abadi, L. Cardelli, P.-L. Curien, and J.-J. L´evy. Explicit substitution.
Journal of Functional Programming , 1:375–416, 1991.[2] P. B. Andrews.
An Introduction to Mathematical Logic and Type Theory:To Truth through Proof, Second Edition . Kluwer, 2002.[3] H. Barendregt. The impact of the lambda calculus in logic and computerscience.
Bulletin of Symbolic Logic , 3:181–215, 1997.[4] A. Bawden. Quasiquotation in Lisp. In O. Danvy, editor,
Proceedings of the1999 ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation , pages 4–12, 1999. Technical report BRICS-NS-99-1, University of Aarhus, 1999.[5] A. Berarducci and C. B¨ohm. A self-interpreter of lambda calculus havinga normal form. In E. B¨orger, G. J¨ager, H. Kleine B¨uning, S. Martini, andM. M. Richter, editors,
Computer Science Logic , volume 702 of
LectureNotes in Computer Science , pages 85–99. Springer, 1993.[6] C. B¨ohm and A. Berarducci. Automatic synthesis of typed lambda-programs on term algebras.
Theoretical Computer Science , 39:135–154,1985.[7] C. B¨ohm, A. Piperno, and S. Guerrini. Lambda-definition of function(al)sby normal forms. In D. Sannella, editor,
Programming Languages andSystems — ESOP’94 , volume 788 of
Lecture Notes in Computer Science ,pages 135–149. Springer, 1994.[8] R. Boulton, A. Gordon, M. Gordon, J. Harrison, J. Herbert, and J. Van Tas-sel. Experience with embedding hardware description languages in HOL.In V. Stavridou, T. F. Melham, and R. T. Boute, editors,
Proceedings ofthe IFIP TC10/WG 10.2 International Conference on Theorem Proversin Circuit Design: Theory, Practice and Experience , volume A-10 of
IFIPTransactions A: Computer Science and Technology , pages 129–156. North-Holland, 1993.[9] H. Cappelen and E. LePore. Quotation. In E. N. Zalta, editor,
The StanfordEncyclopedia of Philosophy . Spring 2012 edition, 2012.8210] J. Carette and W. M. Farmer. High-level theories. In A. Autexier, J. Camp-bell, J. Rubio, M. Suzuki, and F. Wiedijk, editors,
Intelligent ComputerMathematics , volume 5144 of
Lecture Notes in Computer Science , pages232–245. Springer, 2008.[11] J. Carette, W. M. Farmer, and R. O’Connor. Mathscheme: Project de-scription. In J. H. Davenport, W. M. Farmer, F. Rabe, and J. Urban,editors,
Intelligent Computer Mathematics , volume 6824 of
Lecture Notesin Computer Science , pages 287–288. Springer, 2011.[12] A. Church. A formulation of the simple theory of types.
Journal of SymbolicLogic , 5:56–68, 1940.[13] E. Contejean, P. Courtieu, J. Forest, O. Pons, and X. Urbain. Certificationof automated termination proofs. In
Frontiers of Combining Systems , vol-ume 4720 of
Lecture Notes in Computer Science , pages 148–162. Springer,2007.[14] Coq Development Team.
The Coq Proof AssistantReference Manual, Version 8.4 , 2012. Available at http://coq.inria.fr/distrib/V8.4/refman/ .[15] F.-N. Demers and J. Malenfant. Reflection in logic, functional and object-oriented programming: A short comparative study. In
IJCAI ’95 Workshopon Reflection and Metalevel Architectures and their Applications in AI ,pages 29–38, 1995.[16] W. M. Farmer. A partial functions version of Church’s simple theory oftypes.
Journal of Symbolic Logic , 55:1269–91, 1990.[17] W. M. Farmer. A simple type theory with partial functions and subtypes.
Annals of Pure and Applied Logic , 64:211–240, 1993.[18] W. M. Farmer. Theory interpretation in simple type theory. In J. Heeringet al., editor,
Higher-Order Algebra, Logic, and Term Rewriting , volume816 of
Lecture Notes in Computer Science , pages 96–123. Springer, 1994.[19] W. M. Farmer. Formalizing undefinedness arising in calculus. In D. Basinand M. Rusinowitch, editors,
Automated Reasoning—IJCAR 2004 , volume3097 of
Lecture Notes in Computer Science , pages 475–489. Springer, 2004.[20] W. M. Farmer. Biform theories in Chiron. In M. Kauers, M. Kerber, R. R.Miner, and W. Windsteiger, editors,
Towards Mechanized MathematicalAssistants , volume 4573 of
Lecture Notes in Computer Science , pages 66–79. Springer, 2007.[21] W. M. Farmer. Chiron: A multi-paradigm logic. In R. Matuszewski andA. Zalewska, editors,
From Insight to Proof: Festschrift in Honour of An-drzej Trybulec , volume 10(23) of
Studies in Logic, Grammar and Rhetoric ,pages 1–19. University of Bia lystok, 2007.8322] W. M. Farmer. Chiron: A set theory with types, undefinedness, quotation,and evaluation. SQRL Report No. 38, McMaster University, 2007. Revised2012. Available at http://imps.mcmaster.ca/doc/chiron-tr.pdf .[23] W. M. Farmer. Andrews’ type system with undefinedness. InC. Benzm¨uller, C. Brown, J. Siekmann, and R. Statman, editors,
Rea-soning in Simple Type Theory: Festschrift in Honor of Peter B. Andrewson his 70th Birthday , Studies in Logic, pages 223–242. College Publications,2008.[24] W. M. Farmer. The seven virtues of simple type theory.
Journal of AppliedLogic , 6:267–286, 2008.[25] W. M. Farmer. The formalization of syntax-based mathematical algorithmsusing quotation and evaluation. In J. Carette, D. Aspinall, C. Lange,P. Sojka, and W. Windsteiger, editors,
Intelligent Computer Mathematics ,volume 7961 of
Lecture Notes in Computer Science , pages 35–50. Springer,2013.[26] W. M. Farmer, J. D. Guttman, and F. J. Thayer. IMPS: An InteractiveMathematical Proof System.
Journal of Automated Reasoning , 11:213–248,1993.[27] W. M. Farmer, J. D. Guttman, and F. J. Thayer F´abrega. IMPS: Anupdated system description. In M. McRobbie and J. Slaney, editors,
Auto-mated Deduction—CADE-13 , volume 1104 of
Lecture Notes in ComputerScience , pages 298–302. Springer, 1996.[28] W. M. Farmer and P. Larjani. Frameworks for reasoning about syntax thatutilize quotation and evaluation. McSCert Report No. 9, McMaster Uni-versity, 2013. Available at http://imps.mcmaster.ca/doc/syntax.pdf .[29] M. J. Gabbay and A. M. Pitts. A new approach to abstract syntax involvingbinders.
Formal Aspects of Computing , 13:341–363, 2002.[30] M. Giese and B. Buchberger. Towards practical reflection for formal math-ematics. RISC Report Series 07-05, Research Institute for Symbolic Com-putation (RISC), Johannes Kepler University, 2007.[31] J.-Y. Girard.
Interpr´etation fonctionelle et ´elimination des coupures del’arithmtique d’ordre sup´erieur . PhD thesis, Universit´e Paris 7, 1972.[32] M. Glanzberg. Truth. In E. N. Zalta, editor,
The Stanford Encyclopedia ofPhilosophy . Spring 2013 edition, 2013.[33] K. G¨odel. ¨Uber formal unentscheidbare S¨atze der Principia Mathemat-ica und verwandter Systeme I.
Monatshefte f¨ur Mathematik und Physik ,38:173–198, 1931. 8434] M. J. C. Gordon and T. F. Melham.
Introduction to HOL: A TheoremProving Environment for Higher Order Logic . Cambridge University Press,1993.[35] J. Grundy, T. Melham, and J. O’Leary. A reflective functional language forhardware design and theorem proving.
Journal of Functional Programming ,16, 2006.[36] V. Halbach. Reducing compositional to disquotational truth.
The Reviewof Symbolic Logic , 2:786–798, 2009.[37] V. Halbach.
Axiomatic Theories of Truth . Cambridge University Press,2011.[38] V. Halbach and G. E. Leigh. Axiomatic theories of truth. In E. N. Zalta,editor,
The Stanford Encyclopedia of Philosophy . Winter 2013 edition, 2013.[39] J. Harrison. Metatheory and reflection in theorem proving: A survey andcritique. Technical Report CRC-053, SRI Cambridge, 1995. Available at .[40] J. Harrison. HOL Light: An overview. In S. Berghofer, T. Nipkow, C. Ur-ban, and M. Wenzel, editors,
Theorem Proving in Higher Order Logics ,volume 5674 of
Lecture Notes in Computer Science , pages 60–66. Springer,2009.[41] L. Henkin. Completeness in the theory of types.
Journal of Symbolic Logic ,15:81–91, 1950.[42] P. Koellner. On reflection principles.
Annals of Pure and Applied Logic ,157:206–219, 2009.[43] H. Leitgeb. What theories of truth should be like (but cannot be).
Philos-ophy Compass , 2:276–290, 2007.[44] Lemma 1 Ltd.
ProofPower: Description , 2000. Available at .[45] T. Melham, R. Cohn, and I. Childs. On the semantics ofReFLect as a basis for a reflective theorem prover. preprint, http://arxiv.org/abs/1309.5742 , 2013.[46] D. Miller. Abstract syntax for variable binders: An overview. In J. Lloydet al., editor,
Computational Logic — CL 2000 , volume 1861 of
LectureNotes in Computer Science , pages 239–253. Springer, 2000.[47] T. Æ. Mogensen. Efficient self-interpretation in lambda calculus.
Journalof Functional Programming , 2:345–364, 1994.[48] A. Nanevski and F. Pfenning. Staged computation with names and neces-sity.
Journal of Functional Programmming , 15:893–939, 2005.8549] U. Norell.
Towards a Practical Programming Language based on DependentType Theory . PhD thesis, Chalmers University of Technology, 2007.[50] U. Norell. Dependently typed programming in Agda. In A. Kennedy andA. Ahmed, editors,
Proceedings of TLDI’09 , pages 1–2. ACM, 2009.[51] L. C. Paulson.
Isabelle: A Generic Theorem Prover , volume 828 of
LectureNotes in Computer Science . Springer, 1994.[52] F. Pfenning and C. Elliot. Higher-order abstract syntax. In
Proceedingsof the ACM SIGPLAN 1988 conference on Programming Language designand Implementation , pages 199–208. ACM Press, 1988.[53] A. M. Pitts. Nominal Logic, a first order theory of names and binding.
Information and Computation , 186:165–193, 2003.[54] Plataformatec. Elixir. http://elixir-lang.org/ , 2015.[55] A. Polonsky. Axiomatizing the Quote. In M. Bezem, editor,
ComputerScience Logic (CSL’11) — 25th International Workshop/20th Annual Con-ference of the EACSL , volume 12 of
Leibniz International Proceedings inInformatics (LIPIcs) , pages 458–469. Schloss Dagstuhl — Leibniz-Zentrumf¨ur Informatik, 2011.[56] W. V. O. Quine.
Mathematical Logic: Revised Edition . Harvard UniversityPress, 2003.[57] F. Rabe. Generic literals. In M. Kerber, J. Carette, C. Kaliszyk, F. Rabe,and V. Sorge, editors,
Intelligent Computer Mathematics , volume 9150 of
Lecture Notes in Computer Science , pages 102–117. Springer, 2015.[58] J. C. Reynolds. Towards a theory of type structure. In B. Robinet, editor,
Programming Symposium , volume 19 of
Lecture Notes in Computer Science ,pages 408–425. Springer, 1974.[59] Rice University Programming Languages Team. Metaocaml:A compiled, type-safe, multi-stage programming language. , 2011.[60] T. Sheard and S. P. Jones. Template meta-programming for Haskell.
ACMSIGPLAN Notices , 37:60–75, 2002.[61] A. Stump. Directly reflective meta-programming.
Higher-Order and Sym-bolic Computation , 22:115–144, 2009.[62] W. Taha and T. Sheard. MetaML and multi-stage programming with ex-plicit annotations.
Theoretical Computer Science , 248:211–242, 2000.[63] A. Tarski. Poj (cid:9) ecie prawdy w j (cid:9) ezykach nauk dedukcyjnych (The conceptof truth in the languages of the deductive sciences).
Prace TowarzystwaNaukowego Warszawskiego , 3(34), 1933.8664] A. Tarski. Der Wahrheitsbegriff in den formalisierten Sprachen.
StudiaPhilosophica , 1:261–405, 1935.[65] A. Tarski. The concept of truth in formalized languages. In J. Corco-ran, editor,
Logic, Semantics, Meta-Mathematics , pages 152–278. Hackett,second edition, 1983.[66] The F http://fsharp.org/ , 2015.[67] P. van der Walt. Reflection in Agda. Master’s thesis, Universiteit Utrecht,2012.[68] M. Wildmoser and T. Nipkow. Certifying machine code safety: Shallowversus deep embedding. In K. Slind, A. Bunker, and G. Gopalakrishnan,editors,
Theorem Proving in Higher Order Logics (TPHOLs 2004) , volume3223 of