A Fixed Point Semantics for an Extended CLPLanguage

Miguel Garcıa-Dıaz and Susana Nieva !

Departamento de Sistemas Informaticos y ProgramacionUniversidad Complutense de Madrid, Spain{miguel,nieva}@sip.ucm.es

Abstract. In [10] an extension of traditional Logic Programming was introduced combin-ing two improving approaches. On one hand, extending Horn logic to hereditary Harropformulas, in order to enhance the expressive power, and on the other incorporating con-straints, in order to improve the efficiency. The constraint logic programming languageobtained from such combination was in need of a declarative semantics. In this paper, wepresent a fixed point semantics for it. Taking as starting point the technique used by Millerto interpret intuitionistic implication in goals, we have formulated a novel extension to dealwith universal quantifiers and constraints. The corresponding theorems of soundness andcompleteness are proved.

1 Introduction

One of the main features of Logic Programming (LP) is that, in a logicprogram, the operational interpretation and the mathematical (declarative)meaning agree each other, in the sense that the declarative meaning of a pro-gram can be interpreted operationally as a goal-oriented search for solutions.In [13] the notion of abstract logic programming language is formulated asa formalization of this idea. There the declarative meaning of a program isidentified with the set of goals that can be proved from it by means of uniformproofs in a deduction system. Several logic extensions of Horn logic, both offirst and higher order, have been proved to be abstract logic programminglanguages that enhance the weak expressive power of logic programs basedon Horn clauses ([13,14]). This is also the case of the language HH(C), onwhich the present paper focuses. It was introduced in [10] as a combina-tion of the logic of Hereditary Harrop formulas (HH ) and Constraint LogicProgramming (CLP), obtaining a scheme HH(X ) that may be particularizedwith any constraint system C, providing for an instance HH(C). This languageis not only an extension of traditional LP (based on Horn logic) improvingits expressivity, but also incorporating the e!ciency advantages of CLP [7].HH extends Horn logic including disjunctions, intuitionistic implications anduniversal quantifiers in goals. These constructions are essential in capturingmodule structure, hypothetical queries and data abstraction. On the otherhand, the purpose of the incorporation of the CLP approach is to overcomethe inherent limitations in dealing e!ciently with elements of domains di"er-ent from Herbrand terms. Satisfiability of constraints of particular domainsmay be checked in an e!cient way, apart from the logic. In [6] an interest-ing and useful constraint system that combines real numbers with Herbrandterms is presented as an instance of our scheme.! The authors are partially supported by the Spanish project TIC2002-01167 ‘MELODIAS’.

In addition, in [10] a goal solving procedure for the scheme HH(C) waspresented and it is proved to be sound and complete w.r.t. the intuitionisticdeduction system UC, previously defined. This goal solving procedure couldbe considered an operational semantics of HH(C).

Of course, an operational interpretation is needed in order to specify pro-grams which can be executed with certain e!ciency. But a clear declarativesemantics would simplify the programmer’s work. If the deduction systemis supported by model-theoretic semantics involving more abstract elements,then additional properties of programs can be analyzed in a formal way. Theattempts to provide declarative semantics for LP languages based on math-ematical foundations are extensive and fruitful (see i.e. [11,2,3]). This is alsothe case of CLP [8,5]. In both, LP and CLP , most of the studies are based onfixed point theories, in which it is easy to define program analysis frameworks.

The aim of the present work is to define a fixed point semantics for HH(C).That definition is inspired in the semantics for a fragment of HH describedin [12]. Our purpose is to find a model such that for any program !, finite setof constraints " and goal G, G can be proved in the deduction system UC,if and only if, G is satisfied in that model in the context !!, " ". However, inorder to build such model, it is important to realize that, during the search ofa proof for a goal from a program ! and a set of constraints " , both ! and" may grow. So we will identify the notion of interpretation with functionsthat associate to every pair !!, " " a set of “true” atoms, in such a way that,if ! or " are augmented, the set of true atoms cannot decrease. The modelwe are looking for will be the least fixed point of a continuous operator thattransforms such interpretations.

The rest of this paper is organized as follows: Section 2 gathers the syn-tax of constraint systems, as well as the syntax of programs and goals ofHH(C), and shows some examples of its use as logic programming language.In Section 3 we recapitulate the definition of the proof system UC in HH(C),which permits only uniform proofs of goals from programs and constraints.Section 4 contains the main new results of the paper. A fixed point semanticsfor HH(C) is presented, and soundness and completeness results are obtained.The proofs are compressed, but they can be found extended in the Appendix.Finally a new version of this semantics for an interesting class of constraintsystems is summarized. In Section 5 related works and future research linesare commented.

2 The programming language HH(C)

The purpose of the present section is to briefly describe the syntax of HH(C),introduced in [10]. HH(C) can be regarded as a constraint logic programminglanguage, not founded in Horn logic, as usual, but in the extended logic ofhereditary Harrop formulas. As most CLP languages, it is in fact a parame-terized scheme that can be instantiated by particular constraint systems. Therequirements imposed to such generic constraint systems are gathered below.

Given a signature #, containing constants, function and predicate sym-bols, including the equality predicate #, a constraint system C over # is a

2

pair (LC ,$C), where LC is the set of formulas that play the role of constraints,and $C% P(LC) & LC

1 is the entailment or deduction relation between setsof constraints and constraints. C must fulfill the following conditions:

• LC is a set of first-order formulas built up using the signature #, whichmust specifically include ' (true), ( (false), and the equations t # t! forany #-terms t and t!.

• LC is closed under ),*,+,, and the application of substitutions of termsfor variables.

• $C is compact, i.e., " $C C i" "0 $C C for some finite "0 % " . $C is alsogeneric, i.e., " $C C implies "$ $C C$ for any substitution $. "$ is theresult of applying the substitution $ to each formula in " , avoiding thecapture of free variables.

• All the inference rules related to ),*,+,, and # valid in the intuitionisticfragment of first-order logic are also valid to infer entailments in the senseof $C.

Hereafter, we will consider a fixed signature # and a constraint system Cover #. C will stand for C-constraints and " for finite sets of C-constraints.!

" stands for the conjunction of constraints of " .Let the set of program predicate symbols %P be a set of predicate symbols

such that # -%P = .. In the rest of the paper # and %P are assumed fixed.Let At be the set of atomic formulas built up with the predicate symbols in%P and #-terms. The set G of goals G, and the set D of clauses D over # and%P are defined by the mutually-recursive rules below. Notice that constraintscan be found embedded in goals and clauses.

G ::= A | C | G1 )G2 | G1 /G2 | D * G | C * G| +xG | ,xG,D ::= A | G * A | D1 )D2 | ,xD,

where A 0 At .A program over # and %P is a finite subset of D. The symbol ! will be

used for programs. Let W be the set of programs over # and %P .The following definition will be useful in order to simplify the usage of

program clauses.

Definition 1. Given a clause D, the set of its elaborations, elab(D), is theset of clauses defined by the following rules:

- elab(A)def={' * A}.- elab(D1 )D2)

def= elab(D1) 1 elab(D2).- elab(G * A)def= {G * A}.- elab(,xD)def={,xD! |D! 0 elab(D)}.

This definition is naturally extended to sets S % D: elab(S)def="

D"S elab(D).The clauses of elab(S) for any S are said to be elaborated. Notice that elabo-rated clauses have always the form ,x(G * A)2. A variant of ,x(G * A) isa clause ,y((G * A)[y/x]), where no y 0 y occurs in G * A. F [y/x] is theresult of applying to F the substitution that replaces xi by yi for each xi 0 x.1 Here and in the rest of the paper, given a set S, P(S) denotes its powerset.2 !x is an abbreviation for !x1 . . .!xn, and analogously for "x.

3

One of the outstanding features of the logic programming language HH(C)is its high expressive power. In order to illustrate it, a couple of examples ispresented below, in a Prolog-like notation, enriched with the logic symbols ,and *.

Example 1. Let us consider the constraint system R, consisting of the fieldof real numbers with the usual arithmetic, and predicate symbols =, <,>,2and 3. Taking %P = {triangle, isosceles}, let us consider the singletonprogram !1 with the clause:

triangle(A, B, C):- A > 0, B > 0, C > 0,A < C + B, B < A + C, C < A + B.

The variables A, B and C are intended to be lengths, so that the predicatetriangle(A,B,C) becomes true when it is possible to build a triangle withsides A, B and C. Let !2 be the program:

isosceles(A, B, C):- triangle(A, B, C), A = B.isosceles(A, B, C):- triangle(A, B, C), A = C.isosceles(A, B, C):- triangle(A, B, C), B = C.

Suppose we want to know which conditions over Y guarantee that, for anyX > 1, it is possible to build an isosceles triangle with sides !X,X, Y ". Thegoal which captures that query is:

G 4 (!2 * ,X (X>1*isosceles(X, X, Y))).

In G, similarly as in [12], the program !2 is being used as a module thatis loaded over !1 when solving G. Notice that such goal cannot be writtenin CLP languages based on Horn clauses, because the connectives * and, would not be allowed in goals. Given the program !1 and the goal G,according to the proof theory that will be described in Section 3, 0<Y)Y<=2is a correct answer constraint for G from !1.

Example 2. This example shows an e!cient and reversible program to com-pute Fibonacci numbers. It is borrowed from [10]. The constraint system usedis R again.

fib(N,X):- memfib(0, 1) *(memfib(1, 1) * getfib(N, X, 1)).

getfib(N, X, M):- 0 <= N, N <= M, memfib(N, X).getfib(N, X, M):- N > M, memfib(M-1, F1), memfib(M, F2),

(memfib(M + 1, F1 + F2) * getfib(N, X, M + 1)).

The goal getfib(N,X,M) computes the N-th Fibonacci number in X, assumingthat the Fibonacci numbers fibi, with 0 2 i 2 M, are stored in the localprogram as atoms for memfib. During the computation, atoms memfib forfibi, with M< i 2N, are locally memorized.

Other examples can be found in [10,9,6]. The ones in [9] belong to the higher-order version of HH(C), and those in [6] to the instance HH(RH).

4

3 The calculus UC

We follow the ideas of Miller et al. [13], in which logic programming languagesare identified with those such that non-uniform proofs of goals in a deductionsystem can be discarded. Those languages are called abstract logic program-ming languages. This characterization captures the fact that in LP the searchof a proof for a goal is directed by the structure of such goal. For the classicaland intuitionistic logics there are known deduction systems, based on sequentcalculus, such that certain fragments of those logics have been proved to beabstract logic programming languages, w.r.t. them. For the case of HH(C),the existence of constraints implies the necessity of a di"erent calculus. In [10]a sequent calculus that combines intuitionistic rules for the logic connectiveswith the entailment relation $C is presented, and it is proved to be equivalentto another calculus, designated by UC, such that every UC-proof is uniform,therefore demonstrating that HH(C) is also an abstract logic programminglanguage.

The calculus UC is now briefly described. UC consists of the set of deduc-tion rules below. For any program !, finite set of constraints " , and goal G,the notation !; " $UC G stands for the assertion that there is a proof for thesequent !; " |— G using, in a bottom-up fashion, the rules of the calculus UC.So UC-proofs will be regarded as trees.

UC-Rules

Rules for constraints and atomic goals:

" $C C

!; " |— C(CR)

!; " |— +x(A # A! )G)!; " |— A

(Clause)

where ,x(G * A!) is a variant of some clause in elab(!); the variables of xdo not occur free in the lower sequent; A 4 P (t1, . . . , tn), A! 4 P (s1, . . . , sn),and A # A! denotes the conjunction t1 # s1 ) . . . ) tn # sn.

Rules introducing connectives:

!; " |— G1 !; " |— G2

!; " |— G1 )G2()R)

!; " |— Gi

!; " |— G1 /G2(/R), i 0 {1, 2}

!,D; " |— G

!; " |— D * G(*R)

!; ", C |— G

!; " |— C * G(*CR)

!; ", C |— G[y/x] " $C +yC

!; " |— +xG(+R)

!; " |— G[y/x]!; " |— ,xG

(,R)

In rules (+R) and (,R) the variable y does not occur free in any formula ofthe lower sequent.

When !;C $UC G holds, if C is satisfiable, it is said to be a correct answerconstraint for G from !.

In [10] a goal solving procedure for HH(C) is introduced and proved to besound and complete w.r.t the deducibility $UC.

5

4 Fixed Point Semantics

The goal solving procedure defined in [10] may be regarded as an operationalsemantics for HH (C). However, from the theoretical point of view, the pro-gramming language HH (C) presented lacks a declarative semantics. The onlymeanings that we may associate to programs, so far, are sets of proofs. Inaddition, having in mind that UC is not a traditional sequent calculus due tothe presence of constraints, its correspondence with any of the known logi-cal inference relations (|=) cannot be direct, and the definition of a specificmodel-theoretic semantics merging the intuitionistic behavior of HH and theinterpretation of constraints is a hard task.

In this section, alternative semantics based on a fixed point construction,widely utilized in LP and CLP, are introduced. For the traditional LP lan-guage, given a program P there is a continuous operator TP transformingmodels (sets of atoms) such that a goal G can be proved from P , if and onlyif, G “is true” in the least fixed point of TP [17]. As analyzed in [12], forthe fragment of HH that includes implications in goals, the situation is morecomplex, since while building a proof for a goal G the program ! may beaugmented. Therefore programs play the role of contexts, and interpretationsbecome monotonous functions mapping each program into a set of atoms.Instead of a family {T"}""W of continuous operators, there is a unique op-erator T , and the main result is that G can be proved from !, if and onlyif, G “is true” in the least fixed point of T at the context !. In the presentpaper we extend this approach for the language HH(C). New di!culties arisesince the universal quantifier, as well as constraints, are allowed in goals, andthen embedded into programs. When proving a goal G from a program !there is also the presence of a set of constraints " ; both ! and " may resultaugmented, therefore the notion of context is extended to pairs !!, " ". So aninterpretation of ! and " should depend on interpretations of !!!, " !" with!! % !, " ! % " . In this reason, interpretations are defined as monotonousfunctions able to interpret every pair !!, " ". A continuous operator trans-forming such interpretations is defined. We prove that for any !, " and G,!; " $UC G if and only if G is satisfied by the least fixed point of this operatorat the context !!, " ".

4.1 Interpretations

Let us assume that #, %P , a constraint system C over # and a set %P ofprogram predicate symbols have been chosen.

Definition 2. An interpretation I is a function I : W&P(LC) 5 P(At) thatis monotonous, i. e. for any !1, !2 and "1, "2 such that !1 & "1 % !2 & "2,I(!1, "1) % I(!2, "2) holds. Let I denote the set of interpretations.

So, interpretations are notions of truth. I(!, " ) is the set of atoms thatare true for I in the context !!, " ". The property that, when !!, " " be-comes greater, the set of true atoms cannot decrease, is guaranteed by themonotonicity of interpretations.

6

Definition 3. For any I1, I2 0 I, I1 6 I2 if for each ! and " , I1(!, " ) %I2(!, " ) holds.

It is straightforward to check that (I,6) is a poset, i. e. 6 is a partial order.However, in order to define fixed point semantics, the set of interpretations

needs to be a complete lattice, not just a poset.

Lemma 1. The poset (I,6) is a complete lattice. Furthermore, given S % I,its least upper bound and greatest lower bound, denoted by

#S and

!S, are

characterized by the following equations:

(#

S)(!, " ) ="

I"S I(!, " ) for any ! and ",(!

S)(!, " ) =$

I"S I(!, " ) for any ! and ".

Proof. The claim follows from the fact that I is a set of monotonic functionswhose range, P(At), is a complete lattice. 78

As a particular case, (I,6) has an infimum!

I, denoted by I#, the constantfunction ..

The following definition formalizes the notion of a goal G being “true” foran interpretation I in a context !!, " ".

Definition 4. Given I 0 I, ! and " , a goal G is forced by I, ! and " ifI, !, " !! G, where !! is the relation recursively defined depending on thestructure of G, as follows:

• I, !, " !! C9*def" $C C.

• I, !, " !! A9*defA 0 I(!, " ).

• I, !, " !! G1 )G29*def

I, !, " !! Gi for each i 0 {1, 2}.• I, !, " !! G1 /G29*

defI, !, " !! Gi for some i 0 {1, 2}.

• I, !, " !! D * G9*defI, ! 1 {D}, " !! G.

• I, !, " !! C * G9*defI, !, " 1 {C} !! G.

• I, !, " !! +xG9*def there is a constraint C and a variable y such that:– y does not occur free in !, " , +xG.– " $C +yC.– I, !, " 1 {C} !! G[y/x].

• I, !, " !! ,xG9*def there is a variable y such that:– y does not occur free in !, " , ,xG.– I, !, " !! G[y/x].

Since the deduction system UC has a constraint-oriented formulation,when a proof of an existential quantified goal +xG must be found, insteadof guessing a witness of x, by means of a substitution [t/x] or by the coun-terpart constraint x # t, some extra generality is necessary. Any satisfiableconstraint C may be considered,that represents a property characterizing x,v.g. x2 # 2. The semantics of a program provides for information regardingthe goals which can be proved from it. So, the definition of the forcing relationfor the case +xG should exhibit the same generality of the rule (+R).

Defined this way, the relation !! has several properties that will help usto prove other more significant results.

7

Lemma 2. If I1, I2 0 I and I1 6 I2, then for any G, !, and " , I1, !, " !! Gimplies I2, !, " !! G.

Proof. The proof is inductive on the structure of G. Only a few cases areconsidered here, the rest can be found in the Appendix.

• G 4 A, atomic goal. I1, !, " !! A 9* A 0 I1(!, " ). I1 6 I2 impliesthat I1(!, " ) % I2(!, " ), so A 0 I2(!, " ) and therefore I2, !, " !! A.

• G 4 ,xG!. I1, !, " !! ,xG! 9* there is a variable y such that: ydoes not occur free in !, " , ,xG! and I1, !, " !! G![y/x]. By inductionhypothesis, it holds that I2, !, " !! G![y/x], so I2, !, " !! ,xG!. 78

The following lemma states a usual property of this kind of semanticapproach.

Lemma 3. Let {Ii}i$0 be a denumerable family of interpretations such thatI0 6 I1 6 I2 6 . . ., and let G be a goal. Then, for any ! and " ,#

i$0 Ii, !, " !! G * +k 3 0 such that Ik, !, " !! G.

Proof. We already know that#

i$0 Ii(!, " ) ="

i$0 Ii(!, " ). The proof isinductive on the structure of G. Here we deal with a few cases, the rest canbe found in the Appendix.

• G 4 C 0 LC .#

i$0 Ii, !, " !! C 9* " $C C 9* Ik, !, " !! C,independently of k.

• G 4 C * G!.#

i$0 Ii, !, " !! C * G! 9*#

i$0 Ii, !, " 1 {C} !! G!.By induction hypothesis, there is k 3 0 such that Ik, !, " 1 {C} !! G!.Therefore, Ik, !, " !! C * G!. 78

As it has been mentioned before, the semantic approach we are formulat-ing is based in searching for a model such that !; " $UC G i" G is true insuch model in the context !!, " ". We have shown that each interpretationprovides for a version of truth of goals in such contexts. The next step is todefine an operator over interpretations whose least fixed point supplies thedesired version of truth.

Definition 5. The operator T : I :5 I transforms interpretations as fol-lows. For any I 0 I, !, " and A 0 At , A 0 T (I)(!, " ) if there is a variant,x(G * A!) of a clause in elab(!) such that the variables x do not occur freein !, " , A, and I, !, " !! +x(A # A! )G).

Lemma 4 (Monotonicity of T ). Let I1, I2 0 I such that I1 6 I2. Then,T (I1) 6 T (I2).

Lemma 5 (Continuity of T ). Let {Ii}i$0 be a denumerable family of in-terpretations such that I0 6 I1 6 I2 6 . . .. Then T (

%

i$0

Ii) =%

i$0

T (Ii).

Proof. Let us deal with both inclusions.

;) This inclusion is always a consequence of the monotonicity of T .

8

%) Let !, " and A 0 T (#

i$0 Ii)(!, " ). Due to the definition of T , there isa variant ,x(G * A!) of a clause of elab(!) such that the variables x donot occur free in !, " , A, and

#i$0 Ii, !, " !! +x(A # A! ) G). Thanks

to Lemma 3, there exists k 3 0 such that Ik, !, " !! +x(A # A! )G), andtherefore A 0 T (Ik)(!, " ). So, we have proved that T (

#i$0 Ii)(!, " ) %"

k$0 T (Ik)(!, " ) = (#

k$0 T (Ik))(!, " ), for any ! and " , thus T (#

i$0 Ii)6

#k$0 T (Ik). 78

Theorem 1. The operator T has a least fixed point, which is#

i$0 T i(I#).

Proof. The claim is an immediate consequence of Lemmas 4 and 5, and theKnaster-Tarski fixed point theorem. 78

From now on, lfp(T ) denotes the least fixed point of T .

Example 3. Let !3 be the program in Example 2. Figure 1 shows some of thegoals that are forced by the first interpretations T i(I#) in the contexts !!, " ",where " = {z1 = 1, z2 = 1, x = z1 + z2}, !!

3 = !3 1 {mf (0, 1),mf (1, 1)} and!!!

3 = !3 1 {mf (0, 1),mf (1, 1),mf (2, z1 + z2)}.

#∆, Γ $ T (I!) T 2(I!) T 3(I!) T 4(I!) T 5(I!)

#∆3, Γ $ . . . . . . . . . mf (0, 1) % fib(2, x). . . . . . . . . (mf (1, 1) % gf (2, x, 1)) . . .

#∆"3, Γ $ mf (0, z1), . . . mf (2, z1 + z2) gf (2, x, 1) . . .

mf (1, z2) . . . % gf (2, x, 2) . . . . . .#∆""

3 , Γ $ mf (2, x) gf (2, x, 2) . . . . . . . . .

Fig. 1. Steps leading to T 5(I!), ∆3, Γ !! fib(2, x).

The chart contains the main steps leading to T 5(I#), !3, " !! fib(2, x).memfib is abbreviated with mf, and getfib with gf.

4.2 Soundness and Completeness

The following theorem states the soundness and completeness we were lookingfor, establishing the full connection between the fixed point semantics pre-sented and the calculus UC. The definitions below will be used in its proof.

Let S = {!!, ", G" 0 W & P(LC) & G | lfp(T ), !, " !! G}. We definethe function ord : S :5 IN as follows. Given any !!, ", G" 0 S, Lemma3 guarantees that the set of natural numbers k such that T k(I#), !, " !! Gis nonempty. Therefore, it is possible to define ord(!!, ", G") as the leastelement of such set. Let us consider the partial order (S, <) defined as follows.Given any !!1, "1, G1" , !!2, "2, G2" 0 S, !!1, "1, G1" < !!2, "2, G2" if

- ord(!!1, "1, G1") < ord(!!2, "2, G2"), or- ord(!!1, "1, G1") = ord(!!2, "2, G2") and G1 is a strict subformula of a

goal G!2, where G!

2 is obtained by renaming the free variables in G2.

Such partial order is well-founded, because (IN, <) is also well-founded andformulas are finite sequences of symbols.

9

Theorem 2. For any !, " and G goal, lfp(T ), !, " !! G 9* !; " $UC G.

Proof. The whole proof can be found in the Appendix. Only the cases whenG is atomic or an existential quantification are considered below.

9) Let h be the height of a UC-proof for !; " $UC G. The claim is provedinductively on h. For the base case h = 1 and G 4 C (see the Appendix).For the inductive case, we suppose that !; " |— G has a proof of heighth. Let us prove that lfp(T ), !, " !! G by case analysis on the UC-ruleemployed in the bottom of such proof.– (Clause). It must be the case that there exist a variant ,x(G * A!)

of a clause of elab(!), such that the variables in x do not occur freein !, " , A, and that the sequent !; " |— +x(A # A! )G) has a proofof height h: 1. By induction hypothesis, lfp(T ), !, " !! +x(A # A! )G). Using the definition of the operator T , the latter implies A 0T (lfp(T ))(!, " ), which is equivalent to T (lfp(T )), !, " !! A. But sinceT (lfp(T )) = lfp(T ), the proof is complete.

– (+R). G must be of the form +xG!, and there must be a constraint Cand a variable y not occurring free in !, " , +xG!, such that !; ", C |—G![y/x] has a proof of height h:1 and " $C +yC. By induction hypoth-esis, lfp(T ), !, " 1 {C} !! G![y/x], and therefore lfp(T ), !, " !! +xG!.

*) By induction on the order (S, <). Let us take !!, ", G" 0 S and as-sume that, for any other !!!, " !, G!" 0 S, !!!, " !, G!" < !!, ", G" implies!!; " ! $UC G!. Then, let us conclude !; " $UC G by case analysis on thestructure of G.– G 4 A. !!, ", A" 0 S implies that lfp(T ), !, " !! A.

Let k = ord(!!, ", A"), so T k(I#), !, " !! A, which is equivalent toA 0 (T k(I#))(!, " ). This implies that there is a variant ,x(G * A!) ofa clause of elab(!) such that the variables x do not occur free in !, " ,A, and T k%1(I#), !, " !! +x(A # A! )G). So !!, ",+x(A # A! )G)"< !!, ", A", and the induction hypothesis can be applied, obtainingthat !; " $UC +x(A # A! )G). Using the rule (Clause) with the elab-orated clause ,x(G * A!), it follows that !; " $UC A.

– G 4 +xG!. Then !!, ", G" 0 S implies that there is a constraintC and a variable y such that y does not occur free in !, " , +xG!," $C +yC ! and lfp(T ), !, "1{C} !! G![y/x]. Clearly, ord(!!, ", G") =ord(!!, " 1 {C}, G![y/x]") and G![y/x] is a renaming of a strict sub-formula of G, so !!, " 1 {C}, G![y/x]" < !!, ", G". Therefore, by theinduction hypothesis we obtain !; ", C $UC G![y/x]. Thanks to therule (+R), it follows that !; " $UC G. 78

This fixed point semantics supplies a framework in which properties ofprograms can be easily analyzed. For instance, two programs can be comparedusing the interpretation lfp(T ). Let us consider that two programs ! and !!

are said to be equivalent if, for any " and G, !; " $UC G 9* !!; " $UCG. In other words, for every " , the same goals can be deduced from them.Then the problem of check the equivalence between ! and !! can be reducedto prove that lfp(T )(!, " ) = lfp(T )(!!, " ), for every " . This is due to the

10

previous results, since intuitively lfp(T ) provides the atoms that can be provedfrom a program in the context of a set of constraints.

Example 4. Let ! = {,x(x 3 0 * p(x)),,x(x < 0 * p(x))}, and !! ={,x(x 3 0 / x < 0 * p(x))}, two programs for the instance HH (R). ! and!! are not equivalent because lfp(T )(!, .) = ., but p(y) 0 lfp(T )(!!, .). Thishappens because the entailment relation in the constraint system R is classi-cal deduction, but, for programs, an intuitionistic interpretation approach isconsidered.

On the contrary, if ! and !! are such that {,x(q(x) * p(x)),,x(q!(x) *p(x))} % !, and {,x(q(x) / q!(x) * p(x))} % !!, these programs could beequivalent.

4.3 Models

At this stage, lfp(T ) has already been proved to be a sound and completesemantics with respect to UC in a sense. However, instead of having a uniquemodel, it would also be desirable to provide for a more general notion of modelsuch that !, " $UC G i" G is true in the context !!, " " for every model. Suchnotion of model is provided below, together with the expected results.

Definition 6. Given D 4 ,x(G * A), an interpretation I is a model ofD, denoted by I ! D, if for any !, " and A! 0 At such that D is a vari-ant of a clause in elab(!) and no variable x 0 x occurs free in !, ", A!, ifI, !, " !! +x(G )A # A!) then A! 0 I(!, " ).

Intuitively, an interpretation I is model of an elaborated clause D if,whenever D is available, I gathers all the atoms possibly inferred by usingthe clause D.

Definition 7. An interpretation I is said to be a model if I ! D holds forevery elaborated clause D.

Lemma 6. For any interpretation I, I 0 I is a model 9* T (I) 6 I.

Proof. T (I) 6 I 9* for any ! and " , T (I)(!, " ) % I(!, " ) 9* for any!, " , A and any variant ,x(G * A!) of a clause in elab(!) such that thevariables x do not occur free in !, " , A, if I, !, " !! +x(A # A! ) G) thenA 0 I(!, " ). However, by Definition 6, this is equivalent to say that I ! Dfor any elaborated clause D, i. e., I is a model. 78

Lemma 7. For any I 0 I, if T (I) 6 I then lfp(T ) 6 I.

Proof. It is well known that, for continuous operators in complete lattices,any postfixed point is greater (or equal to) the least fixed point. 78

Theorem 3. For any " , ! and G,

!; " $UC G 9* I, !, " !! G holds for every model I.

Proof. I, !, " !! G for every model I 9* I, !, " !! G for every I such thatT (I) 6 I, thanks to Lemma 6 9* lfp(T ), !, " !! G, from Lemmas 2 and 79* !; " $UC G, by virtue of Theorem 2. 78

11

4.4 Considering particular classes of constraint systems

A fixed point semantics has just been presented for HH(C) for any generalconstraint system C. In it, the constraint system has been used as a blackbox, through the entailment relation $C, which is a syntactic tool. See, forexample, the cases C and +xG of Definition 4. The conditions imposed inSection 2 are meant as minimal requirements for a C to be a constraint system,but in many useful cases C satisfies additional properties. For example, it ismany times the case when LC is the whole set of first-order formulas over asignature, and " $C C holds i" AxC 1 " $ C, where AxC is a suitable set offirst-order axioms and $ is the entailment relation of classical first-order logicwith equality. There are many well known constraint systems of this form.For instance, CFT , where AxCFT is Smolka and Treinen’s axiomatization ofthe domain of feature trees [15]; or R, where AxR is Tarski’s axiomatizationof the real numbers [16]. See also the system RH defined in [6]. In these cases,the syntactic relation $C has a clear connection with the inference relation|= in classical logic, and the requirements specified by $C in the precedingsemantics can be replaced by conditions over |=.

As in the frame of CLP we are interested in generalized conditions forthe constraint systems that would guarantee the existence of semantics forconstraints, based on a model theory, and that could be incorporated to thefixed point semantics of logic programs.

Usually the semantics of constraint logic programs are based on the as-sumption that the domain of computation (model), which is the structureused to interpret the constraints; the solver, which checks if a constraint issatisfiable; and the constraint theory, that describes the logical semantics ofthe constraints, agree. See [8] for details.

Now we will focus on constraint systems for which an additional conditionis required. This condition represents the same idea of agreement mentionedbefore, and it is specified now. Some notation is introduced for that purpose.

Given a constraint system C over a signature #, the C-constraints will beinterpreted by means of a #-structure AC consisting of a carrier set and aninterpretation over it for every symbol of #. An assignment for AC , denoted&, is a function mapping variables into elements of the carrier of AC . [[ ]]AC

#is a boolean function that applied to a constraint C produces the classicalinterpretation of C under AC and &.

AC and C are said to agree if for any " , C and &, " $C C if and only if[[!

" * C]]AC# = true.

We have defined a semantics for this class of constraint systems, basedon a notion of forcing similar to that in Definition 4, but in which the setsof constraints are replaced by the assignments making them true in AC. Theintroduction of the whole theory leads to several intermediate definitions andtechnical lemmas that are not developed here. However, the main ideas andresults are summarized.

Let us assume that AC and C agree, and that & henceforth denotes assign-ments for AC . Constraints will be interpreted by the sets of such assignmentsthat make them true. Formally, given a constraint C, the set [[C]] is defined as

12

{& : dom(&) = free(C) | [[C]]# = true}3, where dom(&) is the set of variablesmapped by &. Such definition is directly extended to finite sets of constraints,i. e. [[" ]] = [[

!" ]]. Notice that " $C C i" [[" ]] % [[C]].

Example 5. Let C = R and AR be the #-structure whose carrier is IR andthat interprets constants for real numbers and arithmetic symbols in thenatural way. If C 4 x<x+y <y = 1, then [[C]] = {& : {x, y} 5 IR2 | (&(x))2 +(&(y))2 = 1}. Once each variable is associated to a coordinate axis, this can beassimilated to the set {!x, y" 0 IR2 | x2+y2 = 1}, the circle of radius 1 centeredat the origin of the real plane. Thus, the syntactic object x < x + y < y = 1 isreplaced by the circle which is its intended meaning in AR.

As in the case of !! , we are looking for a model I and a relation !!C suchthat for any !, " and G, !; " $UC G i" I, !, [[" ]] !!CG. Several technicalitiesare required in the proof of such result, but the foundations are in some sensesimilar to those for the preceding semantics. A new notion of interpretation Iis defined. Interpretations are monotonous functions applied to pairs !!, &".An operator T that transforms such interpretations is defined, whose leastfixed point is the model we were looking for. The main result is the followingtheorem.

Theorem 4. For any !, " and G, lfp(T ), !, " !! G9* lfp(T ), !, [[" ]] !!CG.Therefore, !; " $UC G 9* lfp(T ), !, [[" ]] !!CG.

5 Conclusions

In previous papers [10,9] combinations of HH and CLP were proposed, pro-ducing first and higher order schemes HH(C) parametric w.r.t. the constraintsystem. These amalgamated languages gather the expressivity and the e!-ciency advantages of HH and CLP, respectively. A proof system that mergesinference rules from intuitionistic sequent calculus with the entailment rela-tion of a constraint system was defined. This proof system guarantees uniformproofs, which are the basis of abstract logic programming languages [13]. Agoal solving procedure that is sound and complete w.r.t. the proof systemwas also presented. Such procedure could be seen as an operational seman-tics of HH(C), however the absence of a more declarative semantics for thisnew language was evident. In this paper we have defined semantics for HH(C)based on fixed point constructions as is usually done in the LP and CLPfields [11,2,3,8,5].

As far as we know, our work is the first published attempt to give declara-tive semantics to an amalgamated logic that combines the Hereditary Harropfragment of intuitionistic first-order logic with a constraint system. Due tothe embedding of implications and universal quantifiers inside goals (and soinside programs), finding a fixed point semantics becomes a hard task, furtherobstructed by the presence of constraints.

In [12] a model theory is presented for an extension of Horn clauses includ-ing implications in goals based on a fixed point construction, and it is proved3 free(O) is the set of free variables in O, where O stands for a formula or set of formulas.

13

that the operational meaning of implication is sound and complete w.r.t. thissemantics. Our approach is close to this framework, but it incorporates thesemantics of universal quantifiers in goals and solves the new di!culties dueto the presence of constraints.

A semantics for the fragment of '-prolog —that is based on the higher-order logic HH without constraints—, in which classical and intuitionistictheories coincide, is presented in [18]. But this is not the case if implicationsand universal quantifiers are considered.

Referring to CLP, most of the defined semantics use di"erent fixed pointconstructions. For instance in [8] fixed point semantics constitute a bridgebetween operational and algebraic semantics. This is also our aim. But noticethat in traditional CLP the programs are limited to be Horn clauses withconstraints. So in the frame of constraint systems which are complete w.r.t.a theory, programs (with embedded constraints) may be interpreted usingclassical logical inference. However, this is not the case in our language. Aclassical theory can be considered for the constraint system, but anyway theintuitionism remains, even in the interpretation of pure programs.

We are now researching for more abstract model theories based on indexedcategories or uniform algebras [4,1], that could provide a pure model-theoreticsemantics, not so directly connected with the operational semantics. Modelsshould provide for meanings of constraints, programs and goals in a homoge-neous way, and the expected general result would claim that C is a correctanswer constraint for G from !, if and only if, every model satisfying ! andC satisfies G.

Acknowledgements We appreciate the comments and suggestions fromJames Lipton concerning the presented work.

References

1. G. Amato and J. Lipton. Indexed categories and bottom-up semantics of logic programs.In R. Nieuwenhuis and A. Voronkov, editors, LPAR’01, LNCS 2250, pages 438–454.Springer, 2001.

2. A. Bossi, M. Gabrielli, G. Levi, and M. C. Meo. A compositional semantics for logicprograms. Theoretical Computer Science, 122(1-2):3–47, 1994.

3. M. Comini, G. Levi, and M. C. Meo. A theory of observables for logic programs.Information and Computation, 69(1–2):23–80, 2001.

4. S. E. Finkelstein, P. Freyd, and J. Lipton. A new framework for declarative program-ming. Theoretical Computer Science, 300(1–3):91–160, 2003.

5. M. Gabbrielli, G. M. Dore, and G. Levi. Observable semantics for constraint logicprograms. Journal of Logic and Computation, 5(2):133–171, 1995.

6. M. Garcıa-Dıaz and S. Nieva. Solving mixed quantified constraints over a domain basedon real numbers and Herbrand terms. In Z. Hu and M. Rodrıguez-Artalejo, editors,FLOPS’02, LNCS 2441, pages 103–118. Springer, 2002.

7. J. Jaffar and M. J. Maher. Constraint logic programming: a survey. Journal of LogicProgramming, 19/20:503–581, 1994.

8. J. Jaffar, M. J. Maher, K. Marriott, and P. J. Stuckey. The semantics of constraintlogic programs. Journal of Logic Programming, 37(1-3):1–46, 1998.

9. J. Leach and S. Nieva. A higher-order logic programming language with constraints.In H. Kuchen and K. Ueda, editors, FLOPS’01, LNCS 2024, pages 108–122. Springer,2001.

14

10. J. Leach, S. Nieva, and M. Rodrıguez-Artalejo. Constraint logic programming withhereditary Harrop formulas. Theory and Practice of Logic Programming, 1(4):409–445,2001.

11. J. W. Lloyd. Foundations of logic programming. Springer-Verlag, 1987.12. D. Miller. A logical analysis of modules in logic programming. Journal of Logic Pro-

gramming, 6(1-2):79–108, 1989.13. D. Miller, G. Nadathur, F. Pfenning, and A. Scedrov. uniform proofs as a foundation

for logic programming. Annals of Pure and Applied Logic, 51:125–157, 1991.14. G. Nadathur. A proof procedure for the logic of hereditary Harrop formulas. Journal

of Automated Reasoning, 11:111–145, 1993.15. G. Smolka and R. Treinen. Records for logic programming. Journal of Logic Program-

ming, 18(3):229–258, 1994.16. A. Tarski. A decision method for elementary algebra and geometry. University of

California Press, 1951.17. M. H. van Emden and R. A. Kowalski. The semantics of predicate logic as a program-

ming language. Journal of the ACM, 23(4):733–742, 1976.18. D. A. Wolfram. A semantics for λ-prolog. Theoretical Computer Science, 136:277–288,

1994.

15

Appendix

Lemma 2. If I1, I2 0 I and I1 6 I2, then for any goal G, !, and " ,I1, !, " !! G implies I2, !, " !! G.

Proof. The proof is inductive on the structure of G:

• G 4 C 0 LC .I1, !, " !! C 9* " $C C 9* I2, !, " !! C.

• G 4 A, atomic goal.I1, !, " !! A 9* A 0 I1(!, " ). I1 6 I2 implies that I1(!, " ) %I2(!, " ), so A 0 I2(!, " ) and therefore I2, !, " !! A.

• G 4 G1 )G2.I1, !, " !! G1 )G2 9* I1, !, " !! Gi for each i 0 {1, 2}. In both casesthe induction hypothesis can be used, so I2, !, " !! Gi for each i 0 {1, 2},which implies that I2, !, " !! G1 )G2.

• G 4 G1 /G2.I1, !, " !! G1 /G2 9* there is i 0 {1, 2} such that I1, !, " !! Gi. Byinduction hypothesis, I2, !, " !! Gi, which implies that I2, !, " !! G1/G2.

• G 4 D * G!.I1, !, " !! D * G! 9* I1, ! 1 {D}, " !! G!. By induction hypothesis,I2, ! 1 {D}, " !! G! holds, which implies that I2, !, " !! D * G!.

• G 4 C * G!.I1, !, " !! C * G! 9* I1, !, " 1 {C} !! G!. By induction hypothesis,I2, !, " 1 {C} !! G! holds, which implies that I2, !, " !! C * G!.

• G 4 +xG!.I1, !, " !! +xG! 9* there is a C-constraint C and a variable y suchthat:– y does not occur free in !, " , +xG!.– " $C +yC.– I1, !, " 1 {C} !! G![y/x].

By induction hypothesis, for the same C and y it holds that I2, !, " 1{C} !! G![y/x], therefore I2, !, " !! +xG!.

• G 4 ,xG!.I1, !, " !! ,xG! 9* there is a variable y such that: y does not occurfree in !, " , ,xG! and I1, !, " !! G![y/x]. By induction hypothesis, itholds that I2, !, " !! G![y/x], therefore I2, !, " !! ,xG!. 78

Lemma 3. Let {Ii}i$0 be a denumerable family of interpretations suchthat I0 6 I1 6 I2 6 . . ., and let G be a goal. Then, for any ! and " ,#

i$0 Ii, !, " !! G implies that there exists k 3 0 such that Ik, !, " !! G.

Proof. We already know that (#

i$0 Ii)(!, " ) ="

i$0 Ii(!, " ). By inductionon the structure of G:

• G 4 C 0 LC .#i$0 Ii, !, " !! C 9* " $C C 9* Ik, !, " !! C is true independently

of k 3 0.

16

• G 4 A, atomic formula.#i$0 Ii, !, " !! A 9* A 0 (

#i$0 Ii)(!, " ) =

"i$0 Ii(!, " ). Therefore,

there exists k 3 0 such that A 0 Ik(!, " ), hence, for that k, Ik, !, " !! A.• G 4 G1 )G2.#

i$0 Ii, !, " !! G1 ) G2 9*#

i$0 Ii, !, " !! Gj for each j 0 {1, 2}. Inboth cases the induction hypothesis can be used, so there exist k1, k2 3 0such that Ikj , !, " !! Gj for each j 0 {1, 2}. Let k = max(k1, k2). ThenIk, !, " !! Gj for each j 0 {1, 2} in virtue of Lemma 2, and thereforeIk, !, " !! G1 )G2.

• G 4 G1 /G2.#i$0 Ii, !, " !! G1/G29* there is j 0 {1, 2} such that

#i$0 Ii, !, " !! Gj .

The induction hypothesis can be used, so there exist k 3 0 such thatIk, !, " !! Gj , and therefore Ik, !, " !! G1 /G2.

• G 4 D * G!.#i$0 Ii, !, " !! D * G! 9*

#i$0 Ii, ! 1 {D}, " !! G!. By induction

hypothesis, there is k 3 0 such that Ik, ! 1 {D}, " !! G!. Therefore,Ik, !, " !! D * G!.

• G 4 C * G!.#i$0 Ii, !, " !! C * G! 9*

#i$0 Ii, !, " 1 {C} !! G!. By induction

hypothesis, there is k 3 0 such that Ik, !, " 1 {C} !! G!. Therefore,Ik, !, " !! C * G!.

• G 4 +xG!.#i$0 Ii, !, " !! +xG! 9* there is a C-constraint C and a variable y such

that:– y does not occur free in !, " , +xG!.– " $C +yC.–

#i$0 Ii, !, " 1 {C} !! G![y/x].

By induction hypothesis, it holds that there is a k 3 0 such that Ik, !, " 1{C} !! G![y/x]. Therefore Ik, !, " !! +xG!.

• G 4 ,xG!.#i$0 Ii, !, " !! ,xG! 9* there is a variable y such that:– y does not occur free in !, " , ,xG!.–

#i$0 Ii, !, " !! G![y/x].

By induction hypothesis, it happens that there exists k 3 0 such thatIk, !, " !! G![y/x]. Therefore Ik, !, " !! ,xG!. 78

Lemma 4 (Monotonicity of T ). Let I1, I2 0 I such that I1 6 I2. Then,T (I1) 6 T (I2).

Proof. Let us consider any !, " and A 0 T (I1)(!, " ). The latter implies thatthere is a variant ,x(G * A!) of a clause of elab(!), such that the variables xdo not occur free in !, " , A, and I1, !, " !! +x(A # A! )G). Using Lemma2 and the fact that I1 6 I2, we obtain I2, !, " !! +x(A # A! ) G), whichimplies A 0 T (I2)(!, " ). Since no particular choice was made for A, !, " ,this argument proves T (I1)(!, " ) % T (I2)(!, " ) for any ! and " , thereforeT (I1) 6 T (I2). 78

Theorem 2. For any !, " and G, lfp(T ), !, " !! G 9* !; " $UC G.

17

Proof. Both implications are proved by induction.

9) Let h be the height of a UC-proof for !; " $UC G. The claim is provedinductively on h.– Base case: h = 1. The only possibility is that G 4 C 0 LC . Then

!; " $UC C implies that " $C C, and therefore lfp(T ), !, " !! Cholds.

– Inductive case. Assuming that !; " |— G has a proof of height h, let usprove that lfp(T ), !, " !! G by case analysis on the UC-rule employedin the bottom of such proof.

(Clause) So there is a variant ,x(G * A!) of a clause of elab(!) such thatthe variables in x do not occur free in !, " , A, and that the sequent!; " |— +x(A # A! )G) has a proof of height h: 1. By inductionhypothesis, lfp(T ), !, " !! +x(A # A! ) G). Using the definitionof the operator T , the latter implies that A 0 (T (lfp(T )))(!, " ),which is equivalent to T (lfp(T )), !, " !! A. But since T (lfp(T )) =lfp(T ), the proof is complete.

()R) It must be the case that there are G1, G2 such that G 4 G1 )G2

and the sequents !; " |— Gi have a proof of height less than h foreach i 0 {1, 2}. By induction hypothesis, lfp(T ), !, " !! Gi holdsfor i 0 {1, 2}, which implies lfp(T ), !, " !! G.

(/R) Then there are G1, G2 such that G 4 G1 / G2 and the sequent!; " |— Gi has a proof of height h : 1 for some i 0 {1, 2}. Byinduction hypothesis, lfp(T ), !, " !! Gi, hence lfp(T ), !, " !! G.

(*R) In this case, G 4 D * G! for some D and G!, and the sequent!,D; " |— G! has a proof of height h:1. By induction hypothesis,lfp(T ), ! 1 {D}, " !! G!. Therefore lfp(T ), !, " !! D * G!.

(*CR) It must be the case that there are C and G! such that G 4 C * G!

and the sequent !; ", C |— G! has a proof of height h:1. By induc-tion hypothesis, lfp(T ), !, "1{C}!! G!. So, lfp(T ), !, " !! C * G!.

(+R) G must be of the form +xG!, and there must exist C and a variabley not occurring free in !, " , +xG!, such that !; ", C |— G![y/x]has a proof of height h:1 and " $C +yC. By induction hypothesis,lfp(T ), !, " 1 {C} !! G![y/x], and therefore lfp(T ), !, " !! +xG!.

(,R) G must be of the form ,xG!, and there must exist a variable y notoccurring free in !, " , ,xG! such that !; " |— G![y/x] has a proofof height h : 1. By induction hypothesis, lfp(T ), !, " !! G![y/x],and therefore lfp(T ), !, " !! ,xG!.

*) By induction on the order (S, <). Let us take !!, ", G" 0 S and as-sume that, for any other !!!, " !, G!" 0 S, !!!, " !, G!" < !!, ", G" implies!!; " ! $UC G!. Then, let us conclude !; " $UC G by case analysis on thestructure of G.– G 4 C 0 LC . Then !!, ", C" 0 S implies that " $C C, and therefore

!; " $UC C.– G 4 A. In this case !!, ", A" 0 S implies that lfp(T ), !, " !! A.

Let k = ord(!!, ", A"), so T k(I#), !, " !! A, which is equivalent toA 0 T k(I#)(!, " ). This implies that there is ,x(G * A!) 0 elab(!)such that the variables x do not occur free in !, " , A, and in addition

18

T k%1(I#), !, " !! +x(A # A! )G). Due to the way in which the orderin S is defined, !!, ",+x(A # A! )G)" < !!, ", A", so the inductionhypothesis can be applied, obtaining that !; " $UC +x(A # A! )G).Using the rule (Clause) with the clause ,x(G * A!), it follows that!; " $UC A.

– G 4 G1 ) G2. Then !!, ", G" 0 S implies lfp(T ), !, " !! G1 andlfp(T ), !, " !! G2. It is obvious that ord(!!, ", G") = ord(!!, ", G1" =ord(!!, ", G2") and G1, G2 are strict subformulas of G, and hence!!, ", G1" , !!, ", G2" < !!, ", G". Therefore, by the induction hy-pothesis we obtain !; " $UC G1 and !; " $UC G2. Thanks to the rule()R), it follows that !; " $UC G.

– G 4 G1 /G2. Then !!, ", G" 0 S implies that there is i 0 {1, 2} suchthat lfp(T ), !, " !! Gi. Clearly, ord(!!, ", G") = ord(!!, ", Gi") andGi is a strict subformula of G, so !!, ", Gi" < !!, ", G". Therefore, bythe induction hypothesis we obtain !; " $UC Gi for some i 0 {1, 2}.Thanks to the rule (/Ri), it follows that !; " $UC G.

– G 4 D * G!. Then !!, ", G" 0 S implies that lfp(T ), !1{D}, " !! G!.Clearly, ord(!!, ", G") = ord(!! 1 {D}, ", G!") and G! is a strict sub-formula of G, so !! 1 {D}, ", G!" < !!, ", G". Therefore, by the induc-tion hypothesis we obtain !,D; " $UC G!. Thanks to the rule (*R),it follows that !; " $UC G.

– G 4 C * G!. Then !!, ", G" 0 S implies that lfp(T ), !, "1{C} !! G!.Clearly, ord(!!, ", G") = ord(!!, " 1 {C}, G!") and G! is a strict sub-formula of G, so !!, " 1 {C}, G!" < !!, ", G". Therefore, by the induc-tion hypothesis we obtain !; ", C $UC G!. Thanks to the rule (*CR),it follows that !; " $UC G.

– G 4 +xG!. Then !!, ", G" 0 S implies that there is a constraint Cand a variable y such that:< y does not occur free in !, " , +xG!.< " $C +yC.< lfp(T ), !, " 1 {C !} !! G![y/x].

Clearly, ord(!!, ", G") = ord(!!, " 1 {C !}, G![y/x]") and G![y/x] isa renaming of a strict subformula of G, so !!, " 1 {C}, G![y/x]" <!!, ", G". Therefore, by the induction hypothesis we obtain !; ", C $UCG![y/x]. Thanks to the rule (+R), it follows that !; " $UC G.

– G 4 ,xG!. Then !!, ", G" 0 S implies that there is a variable y suchthat:< y does not occur free in !, " , ,xG!.< lfp(T ), !, " !! G![y/x].

Clearly, ord(!!, ", G") = ord(!!, ", G![y/x]") and G![y/x][x/y] 4 G!

is a strict subformula of G, so !!, ", G![y/x]" < !!, ", G". Therefore,by the induction hypothesis we obtain !; " $UC G![y/x]. Thanks tothe rule (,R), it follows that !; " $UC G. 78

19