Content uploaded by Marc Bezem

Author content

All content in this area was uploaded by Marc Bezem on Feb 19, 2014

Content may be subject to copyright.

Available via license: CC BY 4.0

Content may be subject to copyright.

ON STREAMS THAT ARE FINITELY RED

MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

Department of Informatics, University of Bergen

e-mail address: bezem@ii.uib.no

Institute of Cybernetics at Tallinn University of Technology

e-mail address: keiko@cs.ioc.ee

Institute of Cybernetics at Tallinn University of Technology

e-mail address: tarmo@cs.ioc.ee

Abstract. Mixing induction and coinduction, we study alternative deﬁnitions of streams

being ﬁnitely red. We organize our deﬁnitions into a hierarchy including also some well-

known alternatives in intuitionistic analysis. The hierarchy collapses classically, but is

intuitionistically of strictly decreasing strength. We characterize the diﬀerences in strength

in a precise way by weak instances of the Law of Excluded Middle.

1. Introduction

Finiteness is a concept that seems as intuitive as it is fundamental in all of mathematics.

At the same time ﬁniteness is notoriously diﬃcult to capture axiomatically. First, due to

compactness, ﬁniteness is not ﬁrst-order deﬁnable. Second, in ZF set theory, there exist

several diﬀerent approximations (as ZF is a ﬁrst-order theory). Tarski [4] is still a very

readable introduction to diﬀerent deﬁnitions of ﬁniteness in set theory without the axioms

of inﬁnity and choice. These include the deﬁnitions by Dedekind, by Kuratowski and the

inductive deﬁnition by Tarski himself: a set Ais ﬁnite if it is in the inductively deﬁned subset

of the powerset of Acontaining the empty set and closed under adding one element of A.

These diﬀerent approximations of ﬁniteness are only equivalent if one assumes additional

axioms. And all this already in the realm of classical mathematics.

It will therefore not come as a surprise that in intuitionistic mathematics the situation is

even more complicated. In this paper, we will study several classically equivalent deﬁnitions

of binary sequences that are almost always zero, that is, there are at most ﬁnitely many

positions where the sequence is one. From the constructive point of view, one has at least

the following main variants.

(1) ∃n. ∀m≥n. (s m) = 0. This deﬁnition expresses that all ﬁnitely many mfor

which (s m) = 1 occur in sbefore some position n. By the decidability of =, they

can all be looked up and counted. This is clearly the strongest deﬁnition giving

1998 ACM Subject Classiﬁcation: F.4.1.

Key words and phrases: Type theory, constructive mathematics, (co)induction, ﬁniteness.

LOGICAL METHODS

IN COMPUTER SCIENCE DOI:10.2168/LMCS-???

c

Marc Bezem, Keiko Nakata, and Tarmo Uustalu

Creative Commons

1

2 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

all information. By the decidability of =, this deﬁnition is also intuitionistically

equivalent to ∃n. ¬¬∀m≥n. (s m) = 0, in spite of the double negation preﬁxing

the universal quantiﬁer.

(2) ∃n. ∀m. #{k≤m|(s k)=1}< n. This deﬁnition is weaker than the ﬁrst one. It

only states that there is an upper bound to the number of ones in the sequence, but

does not provide information on where to ﬁnd them.

(3) ¬(∀n. ¬¬∃m≥n. (s m) = 1). This deﬁnition is equivalent to ¬¬(1). Note that (3)

is stable since it is negative, and therefore does not imply (2). Surprisingly, (3) is

also equivalent to ¬¬(2). The reason is that (1) and (2) are classically equivalent,

do not contain disjunction, and have only existential quantiﬁcation as the main

connective of the formula. Therefore their respective double negation translations

¬¬(1) and ¬¬(2) are constructively equivalent, so also equally weak.

(4) ¬(∀n. ∃m≥n. (s m) = 1). This deﬁnition expresses that the set of positions where

the sequence is one is not inﬁnite. It does not give a clue where to ﬁnd the ones or

how many ones there are. Deﬁnition (4) is the weakest of all: It negates a strong,

positive statement allowing the construction of an inﬁnite subsequence of ones in s.

The variants are listed in decreasing constructive strength. Variants (1) and (2) are

positive and therefore strictly stronger than the negative variants (3) and (4). Reversing the

implications above requires some form of classical logic. For instance we know that (4) =⇒

(2) is not constructively valid. We use the occasion to introduce an argument employed

more rigorously later in this paper. Let sbe an arbitrary binary function. Construct s0

starting from n= 0 by taking (s0n) = 0 as long as (s n) = 0. There is no constructive

way to ﬁnd out whether (s n) is always 0 or not, but if (s n) = 1 for the ﬁrst time, we take

(s0k) = 1 for n <=k <= 2nand (s0k) = 0 for k > 2n. One easily veriﬁes (4) for s0. Now,

if (2) would hold for s0we would be able to decide whether sis constant 0 or not. For if

there are at most nones occurring in s0, the ﬁrst one would occur not later than at n, and

this can constructively be tested. In other words, (4) =⇒(2) implies an instance of the

excluded middle which is not constructively valid.

The paper sets out an expedition to the concept of ﬁniteness from the constructive

point of view, with strong assumptions on the set whose ﬁniteness we study. Namely,

(1) The set is enclosed in another set with decidable equality and carved out by a

predicate (whether a bit-valued function returns 1).

(2) This predicate is decidable.

(3) The enclosing set is traversible.

In one word, therefore, we could summarize our setting as ”searchable”. As we will see in

the paper, even in a searchable setting, there are at least six diﬀerent notions of ”ﬁniteness”.

The remainder of the paper is structured as follows. In the next section, we set up a

basis for our development in the paper. Section 3 introduces a spectrum of deﬁnitions for

sequences being ﬁnitely one. In Section 4, we study relative strength of these deﬁnitions

from the constructive point of view. In Section 5, we relate our analysis to that of ﬁniteness

of sets in Bishop’s set theory due to Coquand and Spiwack [2]. We also corroborate a

conjecture posed by them. We conclude in Section 6.

For methodological uniformity, we prefer to deﬁne all datatypes inductively (rules de-

noted by a single line) or coinductively (rules denoted by a double line).

ON STREAMS THAT ARE FINITELY RED 3

2. Two views of infinite sequences

We may look at binary inﬁnite sequences in two ways. We may view them as bit-valued

functions on natural numbers or, which will amount to the same, as streams of bits, i.e.,

as elements of a coinductive type. Correspondingly, we will use two diﬀerent languages

to speak about them: arithmetic (as is traditional in logic) for bit-valued functions and

the language of inductive and coinductive predicates (as is more customary in functional,

in particular, dependently typed, programming) for bitstreams. As a warming-up, in this

section, we connect the two views, setting up a basis for our development along the way.

For this paper to have some color, we take a bit to be one of the two colors, red and

black:

R:color B:color

In the function-view, an inﬁnite sequence is therefore a function f:nat →color mapping

natural numbers (positions in the sequence) to colors. Our intended notion of equality of

these functions is the extensional function equality deﬁned by

∀n. f n =f0n

f≡f0

In the stream-view, an inﬁnite sequence is a stream s:str where the stream type is deﬁned

coinductively by the following rule:

c:color s:str

c s :str

Two streams sand s0are equal for us, if they are bisimilar. This notion of equality is

deﬁned coinductively by the rule

s∼s0

c s ∼c s0

The two types are isomorphic. Indeed we can deﬁne two functions s2f :str →nat →color

and f2s : (nat →color)→str mediating between the two types. The function s2f is deﬁned

by (structural) recursion by

s2f (c s) 0 = c

s2f (c s) (n+ 1) = s2f s n

while the function f2s is deﬁned by (guarded-by-constructors) corecursion by

f2s f= (f0) (f2s (λn. f (n+ 1)))

We have that ∀f, s. f ≡s2f s⇔f2s f∼s. The ⇒direction is proved by coinduction, the

⇐direction by induction. From this fact it follows immediately that ∀f. f ≡s2f (f2s f)

and ∀s. f2s (s2f s)∼s, i.e., that the function and stream types are isomorphic, as well

as that ∀f, f 0. f ≡f0⇒f2s f∼f2s f0and ∀s, s0. s ∼s0⇒f2s s≡f2s s0, i.e., that the

conversion functions appropriately preserve equality. (In general, we have to ensure that

all functions and predicates we deﬁne on bit-valued functions and bitstreams respect our

notions of equality for them, i.e., extensional function equality and bisimilarity.1)

1The correspondence between extensional function equality and bisimilarity shows that bisimilarity is the

one and only reasonable notion of “extensional stream equality”.

4 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

Properties of binary inﬁnite sequences can now be deﬁned and analyzed in either one of

the two equivalent views. For the stream-view, it is convenient to introduce some operations

and predicates as primitives in our language for streams. We deﬁne

(c s)@0 = c(c s)@(n+ 1) = s@n

s|0=s(c s)|(n+1) =s|n

so that s@ndenotes the color at the position nin sand s|ndenotes the suﬃx of sat n.

We also deﬁne

red (R s)black (B s)

X s

FX s

FX s

FX(c s)

X(c s)GX s

GX(c s)

Here, Fand Gare the “sometime in the future” (“ﬁnally”) and “always in the future”

(“globally”) modalities of linear-time temporal logic. They are stream predicates parame-

terized over stream predicates.2Induction and coinduction give us simple proofs of basic

facts such as the equivalence

∀s. G(λt. ¬X t)s⇔ ¬F X s

and the implication (converse does not hold)

∀s. F(λt. ¬X t)s⇒ ¬G X s

Importantly, we can also prove that

∀s. FX s ⇔ ∃n. X (s|n)

∀s. GX s ⇔ ∀n. X (s|n)

noticing that ∀s, n. s2f (s|n) = λm. s2f s(n+m).

Both modalities are expressible in the function-view, but the deﬁnitions are (perhaps)

less elegant, as they involve explicit arithmetical manipulation of positions:

∀f. F(λs. Y (s2f s)) (f2s f)⇔ ∃n. Y (λm. f (n+m))

∀f. G(λs. Y (s2f s)) (f2s f)⇔ ∀n. Y (λm. f (n+m))

In particular,

∀s. Fred s⇔ ∃n. s2f s n =R

∀s. Gblack s⇔ ∀n. s2f s n =B

Accordingly, we have

∀s. (¬G black s⇒ F red s)⇔(¬(∀n. s2f s n =B)⇒ ∃n. s2f s n =R)

and hence

[∀s. ¬G black s⇒ F red s]⇔[∀f. ¬(∀n. f n =B)⇒ ∃n. f n =R)]

We now have arrived at two equivalent formulations of Markov’s Principle (MP). Markov’s

Principle is an important principle that is neither valid nor inconsistent constructively, but

only classically valid. It is computationally meaningful, however, being realizable by search.

In the function-view (the right-hand side), which is how it is traditionally presented,

Markov’s Principle is the statement that

∀f. ¬(∀n. f n =B)⇒ ∃n. f n =R

2There is no need to see them as “ﬁrst-class” predicate transformers, as there is no real impredicativity

involved: the argument of Fis constantly Xin the deﬁnition of F, and the same is true of the deﬁnition of

G.

ON STREAMS THAT ARE FINITELY RED 5

(or, equivalently, as ∀n. ¬A⇔ ¬∃n. A, the statement ∀f. ¬¬(∃n. f n =R)⇒ ∃n. f n =R.)

The computational interpretation is the natural one: if it cannot be that all positions

in a given inﬁnite sequence are black, then we ﬁnd a red position by exhaustively checking

all positions in the natural order 0,1,2. . .. (Cf. computability theory: this is minimization,

not primitive recursion.)

In the stream-view (the left-hand side), Markov’s Principle is

∀s. ¬G black s⇒ F red s

stating that if a stream sis not all black, then it is eventually red. But, in a certain sense,

it is more than just any equivalent statement to the function-view counterpart. It is a

concise formulation of Markov’s Principle based on the stream view of inﬁnite sequences

and canonical inductive and coinductive predicates on streams. We would therefore like

to think that, for computer scientists, it should be natural to take namely this statement

rather than the traditional arithmetical version as the deﬁnition of Markov’s Principle.

This applies to another important classical axiom of the Lesser Principle of Omniscience

which is meaningful as a special case of the Law of Excluded Middle.

The Lesser Principle of Omniscience (LPO) is the assertion of the statement

∀f. (∀n. f n =B)∨(∃n. f n =R)

that, in the light of what we already learned, is equivalent to

∀s. Gblack s∨ F red s

Again, the latter statement is perhaps more basic for a computer scientist than the for-

mer: it states that any stream is either all black or eventually red (which is constructively

impossible).

As we have constructively A∨B⇒(¬A⇒B), but not vice versa, LPO implies Markov,

but not the other way around.

3. Some notions of “finitely red”

With these preparations done, we can now proceed to possible mathematizations of the

informal property of a given inﬁnite sequence (function for stream s) being “ﬁnitely red”.

We consider six variations. They are all equivalent classically. In Section 4, we will study

their relative strength from the constructive point of view.

3.1. Eventually All Black. The simplest mathematization is: “from some position on,

the sequence is all black”.

In the function view, this is stated as

∃n. ∀m≥n.f m =B

while the stream-view statement is at least as simple, namely, the stream is “ﬁnally” “glob-

ally” black:

F(Gblack)s

The two statements are equivalent.

∀s. F (Gblack )s⇔ ∃n. ∀m≥n. s2f s m =B

6 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

3.2. Boundedly Red. Next comes: “the number of red positions in the sequence is

bounded”.

In the function view, this is stated as

∃n. ∀m. #{k≤m|f k =R}< n

so that for a ﬁxed n,fis red fewer than nup to the m-th position for any m.

The formation of the stream view is similar. We ﬁrst deﬁne a predicate lens, which

states that sis fewer than nred, coinductively by

le(n+1) s

le(n+1) (B s)

lens

le(n+1) (R s)

Then the stream-view is simply:

∃n. lens

Again, the two statements are equivalent

∀s, n. lens⇔ ∀m. #{k≤m|s2f s k =R}< n

3.3. Almost Always Black. The third deﬁnition amounts to the least ﬁxed point of a

weak until operator in linear-time temporal logic. It is also found in the thesis of C. Raf-

falli [5]. We formulate it in the stream view. The weak until operator, WX, is parameterized

over any predicate Xon streams and deﬁned coinductively by

WXs

WX(B s)

X s

WX(R s)

so that WXsholds if, whenever the ﬁrst occurrence of red in sis encountered, Xholds

on the suﬃx after the occurrence. Classically it is equivalent to that sis either all black

or it is eventually red and Xholds on the suﬃx after the ﬁrst occurrence of red (which is

guaranteed to exist as sis eventually red). Our deﬁnition of WXavoids upfront decisions

of LPO, i.e., whether a stream is all black or eventually red.

We then take the least ﬁxed point of WX. Deﬁne µWinductively in terms of WXby

the (Park-style) rule:

WµWs

µWs

As WXis monotone on X, the above deﬁnition makes sense. For the purpose of proof, in

particular to avoid explicitly invoking monotonicity of the underlying predicate transformer

WX, it is however convenient to use Mendler-style rule

(∀s. X s ⇒µWs)WXs

µWs

The Park-style rule is derivable from the Mendler-style rule. As WXis monotone on X, we

can also recover the natural inversion principle for µW.

The statement µWsdoes not give a clue as to where to ﬁnd the red positions in sor

how many of them there are. Nonetheless it refutes that the stream is inﬁnitely often red

(to be formulated below). Therefore µWsexpresses that sis almost always black, and in

the remainder of the paper we phrase µWas almost always black.

The function view corresponding to µWcould be given by the second-order encoding of

induction and coinduction, which is inevitably more verbose and therefore omitted. Instead,

ON STREAMS THAT ARE FINITELY RED 7

in the following subsections, we will take a closer look at WXand µW, giving alternative

characterizations of streams that are almost always black.

3.4. Streamless Red Positions. The fourth deﬁnition is inspired by [2]. It states that

the set of red positions in the sequence is streamless. A set Ais streamless if every stream

over Ahas a duplicate. As equality on Ais decidable for us, this is equivalent to saying

that a set Ais streamless if any duplicate-free colist over Ais ﬁnite.

For any set A, we deﬁne duplicate-free colists over Acoinductively by

hi :colist A

x:A ` :colist (A\ {x})

x ` :colist A

We deﬁne ﬁniteness of colists inductively by

hi ↓

`↓

x ` ↓

For any sequence, namely function for stream s, let Rf(resp. Rs) denote the set of red

positions in f(resp. s). Formally, n∈ Rf(resp. n∈ Rs) if f n =R(resp. s@n=R).

Then, the forth deﬁnition of streams being ﬁnitely red is stated in the stream view as

∀`:colist Rs. ` ↓

or, trivially equivalently in the function view, as

∀`:colist Rf. ` ↓

3.5. Not Not Eventually All Black. In this paper, we are mainly interested in positive

variations. However, two negative variations appear natural to consider for us. One of them

is the double negation of the ﬁrst deﬁnition of eventually all black.

Our ﬁfth deﬁnition is stated in the function view as,

¬¬∃n. ∀m≥n.f m =B

or in the stream view as

¬¬F (Gblack)s

which is equivalent to

¬G (¬G black)s

The last formulation, ¬G (¬G black)s, turns out handy in proofs and we will use either of

them interchangeably.

8 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

3.6. Not Inﬁnitely Often Red. The last deﬁnition of streams being ﬁnitely red is given

by streams not being inﬁnitely often red. So we ﬁrst look at deﬁnitions of streams being

inﬁnitely often red, which admit less variety of deﬁnitions.

A well-known deﬁnition is given by streams that are “globally” “ﬁnally” red, or

G(Fred)s

This deﬁnition is dual to that of eventually-all-black streams, i.e., F(Gblack )s. The modal-

ities Gand Fare ﬂipped, so are the colors red and black. The function view of this is stated

as

∀n. ∀m≥n. f m =R

The function and stream views are equivalent

∀s. G(Fred)s⇔ ∀n. ∃m≥n. s2f s m =R

Similarly, we obtain a deﬁnition of streams being inﬁnitely often red, by dualizing the

deﬁnitions of WXand µW, yielding

UXs

UX(B s)

X s

UX(R s)

UνUs

νUs

The (strong) until operator UXis dual to the weak until operator WX: The statement UXs

says that the suﬃx of safter the ﬁrst occurrence of red must satisfy Xand the occurrence

must exist. Then νUtakes the greatest ﬁxed point of UX, whereas µWis the least ﬁxed

point of WX.

Interestingly, νUis equivalent to G(Fred)

∀s. νUs⇔ G (Fred)s

As we will see in Section 4, µWand F(Gblack) are not equivalent constructively. (Col-

lapsing the two amounts to LPO.)

We conclude this section with the weakest deﬁnition in our spectrum of streams being

ﬁnitely red. Namely,

¬G (Fred)s

or in its equivalent function view

¬(∀n. ∃m≥n. f m =R)

3.7. Accessibility. In this section, we characterize streams that are almost always black

in terms of accessibility of (decidable) relations on natural numbers induced by streams.

We deﬁne accessibility of a binary relation on a set Uby

∀m. n m⇒accm

accn

For any stream s, we deﬁne a decidable relation son natural numbers by taking

nsmto mean that mis the position following the ﬁrst red position from nonward

(including n). Formally,

n≤`∀k. n ≤k < ` ⇒s@k=B s@`=R ` + 1 = m

nsm

An equivalent inductive deﬁnition is:

0(R s)1

0sm

0(B s)m+ 1

nsm

n+ 1 (c s)m+ 1

ON STREAMS THAT ARE FINITELY RED 9

The intuition is that nsmshould hold if and only if, whenever WXs|nis true, then this

is justiﬁed by X s|m. (This means that sis deterministic, but not functional.) This is

what the next lemma proves.

Lemma 3.1. ∀s, n. WXs|n⇔(∀m. n sm⇒X s|m)

Proof. (⇒): We prove ∀s, n, m. n sm⇒ WXs|n⇒X s|mby induction on the proof of

nsm.

The case of s=R s0,n= 0 and m= 1: From the assumption WXs|0, i.e., WXs, we

directly learn that X s0, i.e., X s|1.

The case of s=B s0,n= 0 and m=m0+ 1 and 0 s0m0: The assumption WXs|0, i.e.,

WXs, assures us that WXs0, and by the induction hypothesis we have WXs0|0⇒X s0|m0.

Hence X s0|m0, i.e., X s|m.

The case of s=c s0,n=n0+ 1 and m=m0+ 1 and n0s0m0: The assumption WXs|n

amounts to WXs0|n0. By the induction hypothesis, WXs0|n0⇒X s0|m0, we get that X s0|m0,

i.e., X s|m.

(⇐): We prove ∀s, n. (∀m. n sm⇒X s|m)⇒ WXs|nby coinduction and by case

analysis on n. In case n= 0, we further perform case analysis on the head color of s.3

The case of n= 0 and s=R s0: we know that 0 s1. Hence the assumption

∀m. 0sm⇒X s|mgives us that X s|1, i.e., X s0, from where it follows that WXs, i.e.,

WXs|0.

The case of n= 0 and s=B s0: We know that, if 0 smfor any m, then m=m0+ 1

for some m0and 0 s0m0. Hence the assumption ∀m. 0sm⇒X s|mgives us that

∀m0.0s0m0⇒X s0|m0. By the coinduction hypothesis, it follows that WXs0|0, i.e.,

WXs0, from where we learn WXs, i.e., WXs|0.

The case of n=n0+1 and s=c s0: We observe that nsmif n0s0m0and m=m0+1.

Therefore the assumption ∀m. n sm⇒X s|mgives us that ∀m0. n0s0m0⇒X s0|m0. By

the coinduction hypothesis, we get that WXs0|n0which is the same as WXs|n.

It is noteworthy that this lemma, instantiated at n= 0, gives us a possible arithmetical

deﬁnition of the weak until operator WXthat avoids impredicativity (quantiﬁcation over

predicates). Indeed, it suggests that we could have deﬁned:

WXs⇔ ∀`. (∀k < `. s@k=B)∧s@`=R⇒X s|`+1

To compare, the impredicative deﬁnition is:

WXs⇔ ∃Y. (∀s0. Y (R s0)⇒X s0)∧(∀s0. Y (B s0)⇒Y s0)∧Y s

Further, we have that, for any stream s,sis almost always black, µWs, if and only if

0 is accessible with respect to s. The claim follows from the following lemma.

Lemma 3.2. ∀s, n. µWs|n⇔accsn.

Proof. (⇒): We prove ∀s, n. µWs|n⇒accsnby induction on the proof of µWs|n.4

From this proof, we have that, for some stream predicate X,∀s0. X s0⇒µWs0and WXs|n.

By the induction hypothesis, the former gives us ∀m. X s|m⇒accsmwhile, by the

previous lemma, the latter gives ∀m. n sm⇒X s|m. Putting the two together, we get

∀m. n sm⇒accsm, hence accsn.

3To be fully precise, we prove ∀s0.(∃s, n. s0=s|n∧ ∀m. n sm⇒X s|m)⇒ WXs0by coinduction.

4To be fully precise, we prove ∀s0. µWs0⇒(∀s, n. s0=s|n⇒accsn) by induction on the proof of

µWs0. In further proofs we will use these generalizations of coinduction and induction without comments.

10 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

(⇐): By induction on the proof of accsn. We have ∀m. n sm⇒accsmand by

the induction hypothesis, ∀m. n sm⇒µWs|m. The previous lemma therefore gives us

WµWs|n, hence µWs|n, as required.

Corollary 3.1. ∀s. µWs⇔accs0.

We can in fact rephrase the fourth variant (streams for which the sets of red positions

are streamless) and sixth variant (streams that are not inﬁnitely often red) in terms of s,

as we will do now.

3.7.1. Strong Normalization. Streams whose red positions form streamless sets correspond

to streams sfor which sis strongly normalizing at 0.

For any set Uand any relation on U, we deﬁne (descending) chains in coinductively

by x0:U

hi :chainx0

x0x1`:chainx1

x1`:chainx0

so that x1x2...xnhi :chainx0means that x0x1x2. . . xn. Note that a chain in

may be inﬁnite.

We deﬁne ﬁniteness of chains inductively by

hi ↓

`↓

x ` ↓

We use the same notation for ﬁniteness of colists and chains.

A binary relation on a set Uis strongly normalizing at x:U, SN sx, if any -chain

starting at xis ﬁnite, or ∀`:chainx. ` ↓.

For any stream s,sis strongly normalizing at 0 if and only if Rsis streamless.

Lemma 3.3. ∀s. SN s0⇔ Rsis streamless.

Proof. (⇒): We ﬁrst notice that SN s0 if and only if SN +

s0, where +

sis the transitive

closure of s. Deﬁne a function f:nat →colist nat →colist nat by recursion by

f n hi =hi

f n (m `) = m ` if n<m

f n (m `) = f n ` if n≥m

The computation of f n ` is terminating as `is duplicate-free. (So, f n ` is welldeﬁned.)

Moreover, deﬁne a function g:colist nat →colist nat by corecursion by

ghi =hi g(n `)=(n+ 1) (g(f n `))

We have that, for any duplicate-free colist `over Rs,`is ﬁnite if and only if g ` is ﬁnite,

and moreover g ` is a chain in +

sstarting at 0.

Now, for any given duplicate-free colist `:colist Rs, by our assumption, g ` is ﬁnite,

which implies `is ﬁnite, as required.

(⇐): Deﬁne a function f:colist (nat \ {0})→colist nat by corecursion by

fhi =hi f(n `) = (n−1) (f `)

so that f ` shifts the elements in `by subtracting one.

For any given `:chains0, f ` is a duplicate-free colist over Rs, therefore f ` is ﬁnite

by our assumption. By construction of f,`is ﬁnite, which completes the proof.

ON STREAMS THAT ARE FINITELY RED 11

3.7.2. Antifoundedness. Streams that are inﬁnitely often red correspond to streams sfor

which sis antifounded.

We deﬁne antifoundedness of binary relation on a set Ucoinductively by

nmdivm

divn

so that divnmeans that there is an inﬁnite descending chain in starting from n.

Firstly we rephrase the strong until operator, UX, which, unlike the weak until operator

WX, requires Xto hold at some point.

Lemma 3.4. ∀s, n. UXs|n⇔(∃m. n sm∧X s|m).

Proof. (⇒): By induction on the proof of UXs|n.

The case of s=R s0and n= 0: We have that 0 ≺s1 and X s0and can choose m= 1.

The case of s=B s0and n= 0: We have that UXs0, the induction hypothesis gives

us that there is an m0such that 0 sm0∧X s0|m0. But then we also have that ns

m0+ 1 ∧X s|m0+1, so the desired result is witnessed by m=m0+ 1.

The case of s=c s0and n=n0+ 1: The assumption UXs|namounts to UXs0|n0.

By the induction hypothesis, there is an m0such that n0sm0∧X s0|m0. But then also

nsm0+ 1 ∧X s|m0+1, so we can choose m=m0+ 1.

(⇐): We prove ∀s, n, m. n sm∧X s|m⇒ UXs|nby induction on the proof of nsm.

The case of s=R s0,n= 0 and m= 1: The assumption X s|1, i.e., X s0, implies UXs,

i.e., UXs|0.

The case of s=B s0,n= 0, m=m0+ 1 and 0 s0m0: The assumption X s|mamounts

to X s0|m0. By the induction hypothesis, we have that UXs0|0, from where UXs|0follows in

turn.

The case of s=c s0,n=n0+ 1, m=m0+ 1 and n0s0m0: The assumption X s|m

amounts to X s0|m0. By the induction hypothesis, it holds that UXs0|n0, which is the same

as UXs|n.

Then we have that, for any stream s,sis inﬁnitely often red, νUs, if and only if 0 is

antifounded with respect to s. The claim follows from the following lemma.

Lemma 3.5. ∀s, n. ν Us|n⇔divsn.

Proof. (⇒): By coinduction. From the assumption νUs|n, we have that, for some stream

predicate X,∀s0. X s0⇒νUs0and UXs|n. The former and the coinduction hypothesis

together give us that, ∀m0. X s|m0⇒div sm0. From the latter and the previous lemma,

it follows that there exists an msuch that nsmand X s|m. Hence divsmand we can

also conclude that divsn.

(⇐): By coinduction. From the assumption divsn, we have that there exists some m

such that nsmand divsm. By the coinduction hypothesis, we have νUsm. By the

previous lemma it follows now that UνUsnwhereby we also learn that νUsn.

Corollary 3.2. ∀s. ν Us⇔divs0.

12 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

3.8. Classical ﬁxed point. It turns out that the weak until operator WXreaches the

ﬁxed point by ω-iteration only classically. In fact, we have a stronger result: closure at ω

is equivalent to LPO.

Deﬁne: Fns

Fωs

where F0=False and Fn+1 =WFn, so that Fωis WXiterated ωtimes.

Lemma 3.6. (∀s. WFωs⇒Fωs)⇔(∀s. Fred s∨ G black s).

Proof. (⇒): Deﬁne f:nat →str →str and g:nat →str by corecursion

f n (B s) = B(f(n+ 1) s)f n (R s) = g n

g(n+ 1) = R(g n)g0 = B∞

where B∞denotes a stream of black, deﬁned by corecursion by B∞=B B∞. The compu-

tation of f0slooks for the ﬁrst occurrence of red in s, while keeping track of the number

of black it has seen so far in the second argument. On encountering the ﬁrst red (if exists),

it invokes g, passing nas argument. The stream that g n produces is red up to the n-th

position, followed by an all black stream. The trick is to record the position of the ﬁrst

occurrence of red in sin terms of the number of red in f0s. If sdoes not contain red, then

f0sdoes not either. This way, if we know the bound on the number of red in f0s, then

we know the bound on the depth of the ﬁrst occurrence of red in s. We prove ∀n. F n+1 (g n)

by induction on n, then ∀n, s. WFω(f n s) by coinduction. We deduce ∀s. F ω(f0s) by

our assumption, therefore ∀s. ∃n. F n(f0s) by deﬁnition. For any s, given Fn(f0s) for

some n, however, it suﬃces to examine the initial (n+ 1)-segment of sto know whether s

contains red or not, enabling us to decide whether Fred sor Gblack sholds.

(⇐): For any given s, suppose WFωs. By our assumption, we have either Gblack s

or Fred s. In the case of Gblack s, we immediately have F1s, therefore Fωs. In the case

of Fred s, let nbe the position of the ﬁrst occurrence of red in s, which is guaranteed to

exist by Fred s. From WFωs, we deduce Fωs|n+1, i.e., Fms|n+1 for some m, which yields

Fm+1 s, therefore Fωsas required.

In fact, Fnis equivalent to len. Namely we have that, ∀n, s. F ns⇔le ns. It is an

open question whether there is a constructive closure ordinal.

4. Analysis of the spectrum

In this section, we analyze our spectrum of streams being ﬁnitely red. We have presented

six variants:

(a) Eventually all black

(b) Boundedly red

(c) Almost always black

(d) Streamless red positions

(e) Double negation of eventually all black

(f) Negation of inﬁnitely often red

We have a clear view on relative strength between positive variations. For negative ones,

open questions remain. The overall picture is given in Section 6.

ON STREAMS THAT ARE FINITELY RED 13

We start from downward implications. The six variations above are listed in decreasing

order of constructive strength, except that we do not know whether (d) implies (e): we only

know that (c) implies (d) and (e), both of which imply (f) (lemmata 4.3, 4.4, 4.5 and 4.6)

and that (e) ⇒(d) amounts to Markov’s Principle (Lemma 4.9).

If a stream is eventually all black, then it is boundedly red.

Lemma 4.1. ∀s. F(Gblack )s⇒ ∃n. le ns.

Proof. By induction on the proof of F(Gblack )s.

If a stream is boundedly red, then it is almost always black.

Lemma 4.2. ∀n, s. le ns⇒µWs.

Proof. By induction on n. The case of n= 0 is immediate. The case of n=n0+ 1: We

prove that, ∀s. len0+1 s⇒ WµWsby coinduction and case analysis on the head color of s.

The case of s@0 = Bfollows from the coinduction hypothesis. The case of s@0 = Rfollows

from the main induction hypothesis.

If a stream is almost always black, then the set of its red positions is streamless.

Lemma 4.3. ∀s. µWs⇒ Rsis streamless.

Proof. The claim follows from Corollary 3.1 and Lemma 3.3, since accessibility implies

strong normalization.

If a stream sis almost always black, then it is not the case that sis not eventually all

black.

Lemma 4.4. ∀s. µWs⇒ ¬G (¬G black)s.

Proof. We prove a slightly stronger statement, ∀s. (∀n. ¬G black s|n)⇒ ∀n. µWs|n⇒False,

from which the claim follows. For a given s, we assume ∀n. ¬G black s|n. We prove

∀n. µWs|n⇒False by induction on the proof of µWs|n. We are given as induction hypoth-

esis that, ∀n. X s|n⇒False. We have to prove False, given WXs|n. From our assumption,

however, it suﬃces to prove Gblack s|n. We do so by proving ∀n. WXs|n⇒ G black s|nby

coinduction using the main induction hypothesis.

If the set of red positions of a stream sis streamless, then sis not inﬁnitely often red.

Lemma 4.5. ∀s. Rsis streamless ⇒ ¬νUs.

Proof. The claim follows from Lemma 3.3 and Corollary 3.2, since strong normalization

contradicts antifoundedness.

If it is not the case that a stream sis not eventually all black, then sis not inﬁnitely

often red.

Lemma 4.6. ∀s. ¬G (¬G black )s⇒ ¬νUs.

Proof. Noticing ∀s. νUs⇔ G (Fred)s, the claim follows by contraposition from a tautology

∀s. G(Fred)s⇒ G (¬G black )s.

14 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

We now proceed to study strength of upward implications, which are technically more

interesting than downward implications. We know that diﬀerences between the ﬁrst three

positive variants amount to LPO (Lemma 4.7 and 4.8). Moreover, (e) =⇒(d) amounts to

Markov’s Principle (Lemma 4.9) and (f) =⇒(e) to an instance of Double Negation Shift

for a Σ0

1-formula (Lemma 4.10). As immediate corollaries from Section 3.7, we have that

(d) =⇒(c) is equivalent to that SN of sat 0 implies accessibility of 0 with respect to s

(Corollary 4.1) and that (f) =⇒(d) is equivalent to that non-antifoundedness of 0 with

respect to simplies SN of sat 0 (Corollary 4.3).

Lemma 4.7. (∀n, s. le ns⇒ F (Gblack )s)⇔(∀s. Fred s∨ G black s).

Proof. (⇒): Deﬁne f:str →str by corecursion

f(B s) = B(f s)f(R s) = R B∞

so that f s contains (exactly) one red if and only if scontains at least one red. We have

that, ∀s. le2(f s), proved by coinduction and case analysis on the head color of f s. By

our assumption, we have that, ∀s. F(Gblack ) (f s). The proof of F(Gblack ) (f s) tells us

whether f s contains red or not, deciding whether sis eventually red, Fred sor all black,

Gblack s, as required.

(⇐): We prove that, ∀n, s. le ns⇒ F (Gblack )sby induction on n, assuming ∀s. Fred s∨

Gblack s. The case of n= 0 is immediate. The case of n=n0+ 1: Suppose len0+1 s. By

our assumption, we have either Fred sor Gblack s. The latter case immediately yields

F(Gblack)s. For the former case, we prove ∀s. Fred s→len0+1 s→ F (Gblack )sby

induction on Fred sand case analysis on the head color of s, using the main induction

hypothesis.

Lemma 4.8. (∀s. µWs⇒ ∃n. lens)⇔(∀s. Fred s∨ G black s).

Proof. (⇒): We prove ∀s. µWs⇒ ∃n. lensby induction on the proof of µWs, assuming

∀s. Fred s∨G black s. We ﬁrst prove an auxiliary lemma: ∀s0.Fred s0⇒µWs0⇒ ∃n. lens0

by induction on the proof of Fred s0and case analysis on the head color of s0. The case of

s0@0 = Bfollows from the induction hypothesis. The case of s0@0 = Rfollows from the

main induction hypothesis.

Now suppose µWs. We have to prove that there exists some nsuch that lens. By

our assumption, we have either Gblack sor Fred s. The former case follows immediate by

coinduction by taking n= 1. The latter case is closed by the auxiliary lemma just proved.

(⇐): We prove that, ∀s. WFωs⇒Fωs, assuming ∀s. µWs⇒ ∃n. le ns, where Fω

was deﬁned in Section 3.8. Then the case follows from Lemma 3.6. Suppose WFωs. By

Lemma 4.2 and the monotonicity of WXon X, we have WµWs, which yields µWsby

deﬁnition. From our assumption and the equivalence between Fnand len, we conclude

Fωs, as required.

The following claim is corollary from Corollary 3.1 and Lemma 3.3.

Corollary 4.1. (∀s. Rsis streamless ⇒µWs)⇔(∀s. SN s0⇒accs0)

Lemma 4.9. (∀s. ¬G (¬G black )s⇒ Rsis streamless) ⇔(∀s. ¬G black s⇒ F red s)

Proof. (⇒): Deﬁne a function f:str →str by corecursion by

f(R s) = B∞f(B s) = R(f s)

ON STREAMS THAT ARE FINITELY RED 15

so that f s is red until the ﬁrst occurrence of red in sis encountered, from where f s becomes

all black.

For any given s, we assume ¬G black s. We have to prove Fred s. Firstly, we prove

¬G (¬G black) (f s). It suﬃces to prove ∀s. G(¬G black) (f s)⇒ G black s. We do so by

coinduction and case analysis on the head color of s. The case of s@0 = R: This is impossible

as we then have Gblack (f s), contradicting the assumption G(¬G black) (f s). The case of

s@0 = B: From the assumption G(¬G black) (f s), it follows that, G(¬G black) (f s)|1. By

the coinduction hypothesis, we obtain Gblack s|1, hence Gblack s.

Applying our assumption, ∀s. ¬G (¬G black )s⇒ Rsis streamless, to ¬G (¬G black ) (f s)

yields that (f s)is strongly normalizing at 0 by Lemma 3.3. Below we prove Fred s, as-

suming SN (f s)0, which completes the proof.

Deﬁne a function g:nat →colist nat by recursion by

g n = (n+ 1) (g(n+ 1)) if (f s)@n=R

g n =hi if (f s)@n=B

As g0 is a chain in (f s)starting at 0, i.e., g0 : chain(f s)0, by our assumption g0 is ﬁnite.

By construction of g, we have (f s)@n=B, where nis the length of g0. (As g0 is ﬁnite, its

length is welldeﬁned.) By construction of f, we now have s@n=R, which yields Fred s,

as required.

(⇐): For any given s, we assume ¬G (¬G black)s. We have to prove, for any given

`:chains0, `is ﬁnite.

Deﬁne a function f:colist nat →str by corecursion by

fhi =R∞f(n `0) = B(f `0)

By deﬁnition of f, we have that, ∀`0:chains0.Gblack (f `0)⇒ G (¬G black )s, proved

by coinduction. Hence from the assumption ¬G (¬G black)s, we are entitled to conclude

¬(Gblack) (f `). By Markov’s Principle it follows that, Fred (f `). However this means

that `↓, which completes the proof.

Lemma 4.10. (∀s. ¬G (Fred)s⇒ ¬G (¬G black)s)⇔(∀s. G(¬¬F red)s⇒ ¬¬G (Fred)s).

Proof. For any given s, we have

¬¬G (¬¬F red)s⇔ ¬¬¬F (¬F red)s⇔ ¬F (¬F red )s⇔ G (¬¬F red)s

Now the claim follows by taking contrapositions of the respective assumptions, noticing

∀s. ¬G black s⇔ ¬¬F red sand the above equivalence.

The corollary below follows from lemmata 4.5, 4.9 and 4.10.

Corollary 4.2. (∀s. ¬νUs⇒ Rsis streamless) ⇔(∀s. ¬G black s⇒ F red s)

The following claim is corollary from Corollary 3.2 and Lemma 3.3.

Corollary 4.3. (∀s. ¬νUs⇒ Rsis streamless) ⇔(∀s. ¬div 00⇒ ∀`:chains0. ` ↓).

16 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

5. Related work: finiteness of sets of red positions

In [2], Coquand and Spiwack introduce four notions of ﬁniteness of sets in Bishop’s set

theory [3]. For understanding some of their arguments, for example, on page 222, the 9-th

line from below, we had to assume that equality is decidable. Under this assumption their

results may be rendered as follows:

(i) Set Ais enumerated if it is given by a list.

(ii) Set Ais of bounded size if there exists a bound such that any list over Acontains

duplicates whenever its length exceeds the bound.

(iii) Set Ais noetherian if the root of the tree of duplicate-free lists over Ais accessible

(cf. Section 3.7).

(iv) Set Ais streamless if every stream over Ahas a duplicate.

These four notions are classically equivalent but of decreasing constructive strength. The

authors conjecture that there exists a set which is streamless but not noetherian (unless

classical logic is assumed). Their hierarchy of ﬁniteness matches pleasantly with our hier-

archy of positive variations of streams being ﬁnitely red, if we look at sets of red positions

in our streams. An important diﬀerence is that Coquand and Spiwack consider sets that

may not be decidable, whereas we work with decidable sets of natural numbers. Moreover

natural numbers are traversible. As a result, our hierarchy becomes tighter than theirs,

allowing us to capture diﬀerences in strength of our hierarchy in terms of weak instances of

the Law of Excluded Middle.

In this section, we rephrase our hierarchy in terms of Coquand and Spiwack’s. Their

streamless sets directly correspond to our streams sfor which the set of red positions, Rs,

is streamless. We will therefore only consider (i) - (iii). Furthermore, we will corrobate

their conjecture by showing that there is a unary predicate which is streamless in recursive

analysis, but not noetherian. Our results in this section assume decidable equality.

Enumerated sets. A set Ais enumerated, enum A, if all its elements can be listed, or

∀x:A. false

enum A

x:Aenum A\ {x}

enum A

Note that a proof of enum Ais essentially an exhaustive duplicate-free list of elements of

A.

It is easy to see that a stream sis eventually all black if and only if the set of red

positions in sis enumerated.

Lemma 5.1. ∀s. F(Gblack )s⇔enum Rs.

Proof. (⇒): Given F(Gblack)s, we can construct a list of the red positions in s, from

which enum Rsfollows.

(⇐): Given enum Rs, we know the position of the last occurrence of red in s, which

yields F(Gblack)s.

Size-bounded sets. A set Ais of bounded size if there exists a natural number nsuch that

any duplicate-free list over Ais of length less than n. Speciﬁcally, we say Ais size-bounded

by nif any duplicate-free list over Ais of length of less than n. Formally,

∀x:A. boundednA\ {x}

boundedn+1 A

ON STREAMS THAT ARE FINITELY RED 17

Lemma 5.2. ∀n, s. le ns⇔bounded nRs.

Proof. For any decidable set Aof natural numbers, we deﬁne a stream sAby

sA@k=Rwhen k∈A

sA@k=Botherwise

so that sAis red exactly at the positions in A.

(⇒): By induction on n. The case of n= 0 is immediate. The case of n=n0+ 1:

We are given as induction hypothesis that, ∀s. len0s⇒boundedn0Rs. We have to prove

boundedn0+1 Rs, given len0+1 s. Suppose x∈ Rs. It suﬃces to prove boundedn0Rs\ {x}.

From len0+1 s, we deduce len0sRs\{x}. By induction hypothesis, we obtain boundedn0Rs\

{x}, as required.

(⇐): We prove ∀n, A. boundednA⇒le nsAby induction on n, from which the case

follows. The case of n= 0 is immediate. The case of n=n0+ 1: We are given as induction

hypothesis that, ∀A. boundedn0A⇒len0sA. We have to prove ∀A. boundedn0+1 A⇒

len0+1 sA. We do so by coinduction and case analysis on the head color of sA. The case

of sA@0 = B: We have boundedn0+1 RsA|1. We close the case by coinduction hypothesis.

The case of sA@0 = R: We have boundedn0RsA|1. We close the case by the main induction

hypothesis.

Noetherian sets. A set Ais Noetherian, Noet A, if, for all x∈A,A\{x}is Noetherian.

Formally,

∀n∈A. Noet A\{n}

Noet A

Then, a stream sis almost always black, µWs, if and only if the set of red positions in

sis Noetherian. To prove this, it is convenient to reformulate Noetherianness by removing

the elements up to n(including n):

∀n∈A. Noet0A\{0, . . . , n}

Noet0A

The two deﬁnitions are equivalent.

Lemma 5.3. ∀A. Noet A⇔Noet0A.

Proof. (⇒): We prove that, ∀A. Noet A⇒ ∀n∈A. Noet0A\{0, . . . , n}by induction

on the proof of Noet A. We are given as induction hypothesis that, ∀n∈A. ∀m∈

A\{n}.Noet0A\{n}\{0, . . . , m}. We have to prove that, ∀n∈A. Noet0A\{0, . . . , n}, which

follows from the induction hypothesis and by case analysis on whether there is m<nsuch

that m∈A.

(⇐): We prove by induction on the proof of Noet0A. We are given as induction

hypothesis that, ∀n∈A. Noet A\{0, . . . , n}. We have to prove ∀n∈A. Noet A\{n}, which

follows from an auxiliary lemma, ∀n, A. Noet A⇒Noet (A∪ {n}), proved by induction.

18 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

Given a set Aof natural numbers, we deﬁne a relation Aon natural numbers such

that nAmif m=`+ 1 with `being the least natural number such that n≤`and `∈A.

Formally, n≤`∀k. n ≤k < ` ⇒k6∈ A ` ∈A ` + 1 = m

nAm

Note that, for any stream s,sis equivalent to Rsby deﬁnition. So our task is to prove

equivalence of Abeing Noetherian and accessibility of 0 with respect to A.

For a relation over a set A,∗denotes the reﬂexive and transitive closure of and

+denotes the transitive closure.

Lemma 5.4. ∀ .(∀n. accn⇔ ∀n. acc+n).

Proof. (⇒): We prove a slightly stronger statement, ∀n. accn⇒ ∀m. n ∗m⇒acc+m

by induction on the proof of accn, from which the claim follows.

(⇐): By induction on the proof of acc+n.

Lemma 5.5. ∀A. Noet0A⇔accA0.

Proof. (⇒): By induction on the proof of Noet0A. We are given as induction hypothesis

that, ∀n∈A. accA\{0,...,n}0. We have to prove ∀n. 0An⇒accAn, which follows from

the induction hypothesis and by observing that, ∀A, n. accA\{0,...,n−1}0⇒accAn.

(⇐): We prove that, ∀A, n. acc+

An⇒Noet0A\{0, . . . , n−1}by induction on the proof

of acc+

An. Then the case follows from lemma 5.4. We are given as induction hypothesis

that, ∀m. n +

Am⇒Noet0A\{0, . . . , m −1}. We have to prove Noet0A\{0, . . . , n −1},

which follows from the induction hypothesis and by case analysis on whether n∈Aor

not.

Combining lemmata 3.2, 5.3 and 5.5, we obtain:

Corollary 5.1. ∀s. µWs⇔Noet Rs.

5.1. Analysis of the conjecture of Coquand and Spiwack. In this subsection we show

that there is a unary predicate that, interpreted in recursive analysis, is streamless but not

noetherian. Since noetherian implies streamless, we conclude that noetherian is strictly

stronger than streamless, at least in recursive analysis. Notations in this subsection comply

with traditional recursive analysis rather than with type theory.

We need some prerequisites from recursion theory. By {i}nwe denote the partial

recursive function with Kleene index iapplied to n. We deﬁne H(i) to be the halting

predicate, that is, H(i) is equivalent to ∃k T (i, i, k), with Kleene’s T-predicate. Another

familiar notation for H(i) we use is {i}i↓(convergence), whereas {i}i↑expresses the

opposite (divergence). We denote binary lists as in [2] by [b0;...;bn−1], and assume them to

be encoded as natural numbers in some obvious, recursive way.

We call a binary list [b0;...;bn−1] a partial solution to the halting problem if H(i)⇐⇒

bi= 1 for all i<n. Let AH(l) abbreviate that lis a partial solution to the halting problem.

Note that the predicate AHis not decidable. Distinct elements of AHhave diﬀerent lengths.

We view a stream over AHsimply as a (total) function on the natural numbers whose values

satisfy AH.

We ﬁrst show that any recursive stream over AHhas duplicates. Classically this would

follow from the unsolvability of the halting problem. Constructively, we ﬁrst deﬁne a partial

ON STREAMS THAT ARE FINITELY RED 19

recursive function ψas follows. Computing ψ(x, y) starts by computing {x}0,...,{x}(y+1).

If there is a duplicate in this sequence, we put ψ(x, y) = y+1. Otherwise, let [b0;...;bn−1] be

a binary list of maximal length among the binary lists encoded by {x}0,...,{x}(y+ 1). If

n≤ywe let the computation of ψ(x, y) diverge. If y < n, we look at byand diagonalize over

H: we let the computation of ψ(x, y) converge if by= 0, and diverge otherwise. Clearly, ψ

is a partial recursive function. By the S-m-n Theorem there exists a total recursive function

fsuch that {f(x)}y=ψ(x, y). Now, if sis a stream in AHwith Kleene index i, then s

has duplicates among its ﬁrst f(i) + 2 values. Since this is a decidable property, we may

prove it by contradiction. Assume shas no duplicates among its ﬁrst f(i) + 2 values. Then

{i}0,...,{i}(f(i) + 1) are distinct numbers satisfying AH. This means that the longest

binary list l= [b0;...;bn−1] encoded by these values has length n>f(i). Both bf(i)= 0

and bf(i)= 1 conﬂict with AH(l) because of the diagonalization in the deﬁnition of ψ.

Contradiction, and hence the stream shas duplicates.

Coquand and Spiwack deﬁne noetherian by ﬁrst deﬁning inductively NAas the smallest

set containing all lists lover Ahaving duplicates or satisfying a:: l∈Nfor all a∈A. Then

Ais noetherian if the empty list is in NA. To see that our AHis not noetherian, deﬁne the

following recursive set S:

S={[l0;...;ln−1]|li=ljfor some 0 ≤i < j < n}

We stress that Scontains all lists of natural numbers containing duplicates, including lists of

elements of AHencoded as natural numbers. Let ll be a list over AHand assume l:: ll ∈S

for all l∈AH. It is decidable whether ll has duplicates or not. If so, we have ll ∈S. If

not, let [b0;...;bn−1] be the longest list in ll. Deﬁne li= [b0;...;bn−1;i] for i= 0,1. Then

li:: ll not in Sand hence li/∈AHfor i= 0,1. By the deﬁnition of AHthis would mean

¬(H(n)⇐⇒ i= 1) for i= 0,1, which is absurd. Hence we have ll ∈Sand Ssatisﬁes

both closure conditions deﬁning NAH. Since Sdoes clearly not contain the empty list, it

follows that AHis not noetherian.

The above construction yields an unprovability result if one formalizes the notions of

[2] in a theory like HAω, see [6, Ch. 9]. (A very subtle point here is the inductive deﬁnition

of NA. Since the second-order quantiﬁcation in HAωis weak, NAbecomes slightly larger

than in type theory, but this makes our result that AHis not noetherian just stronger.) It

is possible to completely eliminate recursion theory from our argument by abstracting from

Hand proving ¬¬∀n(H(n)∨ ¬H(n)) from the assumption that AHis streamless implies

that AHis noetherian. This will be elaborated by Coquand in a forthcoming paper and

will settle the conjecture.

6. Conclusion

The following diagram summarizes our current understanding of the constructive in-

terrelations between the various notions of ﬁniteness. Implications that are annotated have

not been proved constructively; the annotations explain which principle is suﬃcient and, in

20 MARC BEZEM, KEIKO NAKATA, AND TARMO UUSTALU

some cases, necessary to prove the implication.

F(Gblack)s

∃n. lens

⇔LPO

V^

µWs

⇔LPO

W_

"*

SN s0

"*

⇐BI

V^

¬ G (¬ G black)s

⇔MP

W_

¬G (Fred)s

⇐Σ0

1−DNS

V^

We do not know whether the implication SN s0⇒ ¬G (¬G black )sholds. The implica-

tion SN s0⇒µWscan be proved by a very weak instance of Bar Induction (BI, see [6,

Ch. 4]), as observed in [2]. Since Rsis decidable, non-constructivity of SN s0⇒µWs

is even more diﬃcult to prove than the conjecture by Coquand and Spiwack.

Acknowledgements. We would like to thank Thierry Coquand, Arnaud Spiwack and Nils

Anders Danielsson for a fruitful discussion in a late stage of the preparation of this paper.

K. Nakata and T. Uustalu’s research was supported by the European Regional De-

velopment Fund (ERDF) through the Estonian Centre of Excellence in Computer Science

(EXCS). M. Bezem’s visit to Estonia in Feb. 2011 was supported by the same project.

References

[1] Nakata, K., Uustalu, T.: Resumptions, weak bisimilarity and big-step semantics for While with inter-

active I/O: an exercise in mixed induction-coinduction. In Aceto, L., Sobocinski, P., eds.: Proc. of 7th

Wksh. on Structural Operational Semantics, SOS 2010 (Paris, Aug. 2010), Electron. Proc. in Theor.

Comput. Sci., vol. 32, pp. 57–75, 2010.

[2] Coquand, T., Spiwack, A.: Constructively ﬁnite? In Laureano Lamb´an, L., Romero, A., and Rubio, J.,

eds.: Scientiﬁc contributions in honor of Mirian Andr´es G´omez Servicio de Publicaciones, Universidad

de La Rioja, Spain, 2010.

[3] Bishop, E.: Foundations of Constructive Analysis. Mcgraw-Hill, New York, 1967.

[4] Tarski, A.: Sur les ensembles ﬁnis. Fundamenta Mathematicae, vol. 6, pp. 45–95, 1924.

[5] Raﬀalli, C.: L’ Arithm´etiques Fonctionnelle du Second Ordre avec Points Fixes. Th´ese de l’universit´e

Paris VII, 1994.

[6] Troelstra, A.S., van Dalen, D.: Constructivism in Mathematics Volume I and II, North-Holland, 1988.