Proof Manipulations for Logic Programming Proof Systems

Proof Manipulations for Logic Programming ProofSystems

Tatjana Lutovac James Harland

Department of Computer ScienceRoyal Melbourne Institute of Technology

GPO Box 2476V, Melbourne, 3001, [email protected], [email protected]

Abstract. Logic programs consist of formulas of mathematical logic and variousproof-theoretic techniques can be used to design and analyse execution modelsfor such programs. In this paper we present some initial workon the problem ofmaking systematic the design of logic programming languages. In particular, weidentify and discuss several key properties of proofs. A important aspect of thisexamination is a a more precise specification of sequent calculi inference rulesin order to studypermutation properties, which are key aspect of the design oflogic programming systems. We also show how this specification can be used tomanipulate proofs, as well as to establish properties of sets of inference rules.In addition we describe how Boolean expressions can be used to detect unusedformulae in a proof, which is important for debugging purposes.

Keywords: sequent calculi, logic programming,search strategies, substructural logic.

1 Introduction

It is well known that logic programming may be thought of as the application of thetechniques of mathematical logic to programming tasks. Logic programs may be con-sidered as collections of formulas and their computation may be identified as searchingfor proofs: given a programP and a goalG we attempt to satisfyG by searching for aproof ofP ! G using the inference rules of a given logic.

There have been various proof-theoretic approaches to the design of logic program-ming languages [1, 2, 5, 7, 12, 16, 21] and a corresponding variety of languages imple-mented (Prolog [24], Lolli[12], LinLog[1],�Prolog[20], Forum[18], Lygon[26], amongothers). However, despite many similarities in such analyses, the issue of a criterionfor the identification of logic programming languages remains problematic. The mostcommon proof-theoretic characterisation of logic programming languages is viagoal-directed proofs[17]. In particular, logic programming languages are identified by thefinding fragments of the logic for which the strategy of searching only for goal-directedproofs is complete. The properties of such proofs have been thoroughly investigatedfor various fragments of first and higher-order intuitionistic logic (for Horn clauses andfor a generalisation of them known ashereditary Harrop formulas[17]), as well as forfragments of classical logic [19, 8] and linear logic [12, 1,2, 21].

These analyses exhibit many points of similarity, as well assome specific points ofdifference, which can generally be traced to particular inference rules and their proper-ties. For example, linear logic inherits a number of the properties of the classical infer-ence rules (and in some cases, the very rules themselves); however, the lack of arbitrarycontraction rules in linear logic significantly changes theoverall analysis from that ofclassical logic.1 Also, the determination of an appropriate notion of goal-directed proofin the presence of presence of multiple-conclusioned sequents is not obvious, and thereare a number of different approaches to this issue[21, 12, 18, 19], which include restrict-ing attention to a single-conclusioned version, requiring“don’t care” nondeterminism inthe choice of goal formula (as in Forum[18]) or allowing “don’t know” nondeterminismin such choice (as in Lygon[21,11]). It should also be noted that single-conclusionedand multiple-conclusioned systems for the same logic (suchas LJ and LM for intuition-istic logic) can lead to different logic programming languages [9].

Thus when seeking to extend such an analysis to a new logic, itis important to beable to isolate the critical properties of the set of inference rules, i.e. to determine whichproperties may be specific to the inference rules in question, and which are common topreviously analysed systems. In addition, it should be noted that the completeness ofgoal-directed proofs, whilst important, is not generally sufficient; often further proper-ties are imposed on proofs. A common such property is requiring proofs to besimple[16], i.e. all occurrences of the left implication rule musthave the right-hand premisebeing an axiom. As discussed and analysed in [27], there are anumber of other suchproperties of proofs which desirable in a logic programmingsystem (such as the exis-tential property, lack of contraction in succedents, etc.), some of which follow from thecompleteness of goal-directed proofs (e.g. the existential property), and some of whichdo not (e.g. the completeness of simple proofs).

In this paper we present some initial work on the problem of making systematic thedesign of logic programming languages. In particular, we identify and discuss severalkey properties of proofs. A important aspect of this examination is a a more precisespecification of sequent calculi inference rules in order tostudy permutation properties(which are generally used, in one form or another, to prove the completeness propertiesof goal-directed proofs and simple proofs). Whilst such analyses for classical logic [3,13] and linear logic [4, 5] are well-known, it is not difficultto find inference rules whichcannot be analysed by these methods, such as the one below.` �; ; �` �} ; �; ?Æ

Whilst this is a combination of the} and contraction rules for linear logic, similarrules can be found in LM (see, for example, [25]), a multiple-conclusioned system forintuitionistic logic.

We also discuss the detection of unnecessary part of a proof;this knowledge isparticularly useful when composing programs (and hence proofs) and for debuggingpurposes.

1 In fact, the lack of general contraction in linear succedents actually simplifies the analysis ofgoals.

We may thus consider this work as an initial requirements analysis of the propertiesof proofs of interest to logic programming. It is envisaged that the results of this analysiscan then be implemented and utilized by means of an automatedproof assistant such asTwelf [22, 23], possibly in conjunction with constraint logic programming techniques[15].

2 Properties of ProofsComputation, in the context of logic programming, is proof search: for a given programand goal, computation determines whether or not the goal is provable. However, thisprocess involves more than just the existence or non-existence of the proof, as usuallyit is desired to extract some kind of extra information from the proof (if one exists).Such properties of a proof include, among others, identification of the strategy applied(where more than one strategy is applicable), recognition of families of proofs whichcontain a common structure, finding all possible proofs as well as proofs which leadto different answers, generating answer substitution for the (existentially quantified)variables of the goal, minimisation of unnecessary parts ofthe proof, distribution offormulae amongst the multiplicative branches, and recognition of “unused” formulae.Hence, it is not simply a matter of finding a proof, but of providing the appropriate“contextual” information about provability.

Here we illustrate some ideas about extracting informationfrom proofs throughexamples in linear logic.

Example 1: Minimisation of unnecessary parts of a proofWhen a goal succeeds, and hence a proof is found, it is often useful to have some

information about the reasons for its success (such as the calculation of an answer sub-stitution). It can also be useful to know whether there are any redundant parts of theproof. We restrict our attention to goal formulasi.e. for a given program we concentrateon detection of unused formulas of a given provable goal. Forexample, consider theprovable sequentp ` q;>. Note that there is no meaningful information that can beextracted from the proof, apart from the presence of>. However, for a sequent such asp ` p;> the> is clearly redundant, and hence it is useful to be able to deduce this.For a more detailed example, consider the proof below.

s ` s!s ` s !L r ` r p ` p ` >; tp ` p>; t Rr}p ` r; t; > p }Lr}p `?r; t; > p ?Rr}p `?r; t; ((> p)� q) �Rr}p `?r}t; ((> p)� q) }R!s; r}p `?r}t; ((> p)� q) s R!s; r}p ` (?r}t) } (((> p)� q) s) }RAs we have >; t is a subproof of this proof,t is anunusedsubformula of the goal.

Such a formula can be omitted or replaced with another formula. Also, due to the choice

of formula for the�R rule,q is unused as well. Hence we may think of the underlinedparts of the goal (?r}t) } (((> p)� q)s)as necessary parts of the goal, in that the search process establishes that(?r } ((> p) s)succeeds, and hence deducing the success ofG. Furthermore, we can refine this processby omitting> and?, resulting in the goalG0 = r}(p s) .

In this way the computation process finds a goalG0 which contains no� connective,no ? connective and no constant>, such that bothP ` G0 andG0 ` G are provable.This may be thought of the calculation aninterpolant goalG0 fromP andG. Note thatthe transformation fromG to G0 does not alter the search strategy used, in that the orderof application of the rules is not changed.s ` s!s ` s !L r ` r p ` pr}p ` r; p }L!s; r}p ` r; p s R!s; r}p ` r } (p s) }R

This goalG0 can be thought of as a representative of a family of goals whose deriva-tions, for the given program, will require no effort to establish. For the above example,the obligatory part2 of the goal isr } (p s) while a general template for successfulgoals based onG could be( [?℄ r [}}℄ ) } ( (( [>℄ p) [�4℄) s )where} and4 are arbitrary formulas, and[ ℄ denotes parts of the original goal that canbe omitted.

Example 2: Unused formulas in the�R rule

An important property of the�R rule:� ` i; �� ` 1 � 2; � �R (i = 1; 2)

is that one of the formulas 1 and 2 does not appear in the premise of the rule. So,in a completed proof tree, for every application of the�R rule such a subformula is acandidate to be omitted (as irrelevant) from the proof. Thussubformulasp and ?qare eligible for elimination respectively from the proofsD1 andD2 below. The “new”goals aref?r}?q; sg andf?r}p; sg. Their computational truth, from the given program,will require no effort to establish - we need just to omit boxed inferences:

2 i.e., the minimal information which must be present in the goal

s ` s!s ` s !L!s; !(r}p); !(?�Æ t) ` s wL!s; !(r}p); !(?�Æ t) ` ?r; ?q; s wR!s; !(r}p); !(?�Æ t) ` ?r; p�?q; s �R!s; !(r}p); !(?�Æ t) ` ?r}(p�?q); s }Rr ` r!s; r ` r W !L!s; r ` ?r ?R p ` p;? t ` tt `?t ?R?�Æ t; p ` p; ?t �ÆL!(?�Æ t); p ` p; ?t !L!s; !(?�Æ t); r}p ` ?r; p; ?t }L!s; !(?�Æ t); !(r}p) ` ?r; p; ?t !L!s; !(r}p); !(?�Æ t) ` ?r; p�?q; ?t �R!s; !(r}p); !(?�Æ t) ` ?r}(p�?q); ?t }R

Example 3: Possible answer substitutionsIn some situations (different) witnesses can be recognisedby the analysis of the

structure of a sequent to be proved. In the following proofs the answer substitution isdirectly connected with the formula choice for the� rule and vice versa.p(a) ` p(a) s ` s q(b) } (>�Æ s) ` > >Rq(b) } (>�Æ s); (>�Æ s) ` s �ÆLq(b) } (>�Æ s); p(a)}(>�Æ s) ` p(a); s }Lq(b) } (>�Æ s); p(a) } (>�Æ s) ` 9x p(x); s 9Rq(b) } (>�Æ s); p(a) } (>�Æ s) ` 9x p(x)� 9y q(y); s �Rq(b) ` q(b) s ` s p(a) } (>�Æ s) ` > >Rp(a) } (>�Æ s); (>�Æ s) ` s �ÆLq(b) } (>�Æ s); p(a)}(>�Æ s) ` q(b); s }Lq(b) } (>�Æ s); p(a) } (>�Æ s) ` 9y q(y); s 9Rq(b) } (>�Æ s); p(a) } (>�Æ s) ` 9x p(x)� 9y q(y); s �R

For the sequent!p(a); q(b); (8z)(q(z)�Æ p(z)) ` 9x p(x) a simple inspectionof its structure indicatesa andb as potential answers forx. An analysis of the proof(recalling that in the step (�) the formulap(b) must be used in this subproof) eliminatesa as answer forx, and so there are no proofs which provide answer substitutionx a.q(b) ` q(b) p(b) ` p(b)!p(a); p(b) ` p(b) w!l!p(a); p(b) ` 9x p(x) 9R �!p(a); q(b); q(b)�Æ p(b) ` 9x p(x) �ÆL!p(a); q(b); 8z q(z)�Æ p(z) ` 9x p(x) 8L3 Proof Manipulations for Extracting Information

There have been variousproof manipulationswhich enable extraction of informationfrom a proof, and which are, therefore, a necessary tool in the analysis of logic pro-gramming systems. In this section we discuss two proof manipulations of particularinterest:permutations, andprocedures for detection and elimination of unused formu-las.

3.1 Permutations

Thepermutationof two adjacent inference rules of a given proof is reversingtheir orderin the proof but without disturbing the rest of the proof (modulo some duplication ofsome proof branches and a renaming of certain free variables) as a result of which weget a proofequivalentto the given one:

....` a; ; d; � ....` b;�` ; d; a b; �;� ` }d; a b; �;� }....

() ....` ; d; a; �` }d; a; � } ....` b;�` }d; a b; �;� ....

In going from the left poof above to the right one, we say that the rule} is permuteddownpast the rule (or conversely that the rule is permuted up past the} rule).

Permutations are essential proof manipulations. The dynamics of the proof that re-sults from the permutation analysis clearly has a strong influence on the operational se-mantics of the resulting logic programming language. For example, Lygon[26] is basedon the search strategy thatsomepermutations of right-hand side rules will lead to aproof, whereas Forum[18] is based on the search strategy that anypermutation of right-hand rules will lead to a proof. Here we give a brief overview of some applications ofpermutations in a logic programming context.

The permutation properties of the inference rules of a givenlogical fragment havea direct impact on the definition of proof search strategies which deal with the orderof inference rules. Such properties can be used to either prove that, for a given set ofinference rules, a given search strategy will find all possible proofs, or construct anexample of a provable sequent which can not be proved with that strategy. Strategieswhich pass this test may be amenable to further analysis, such as minimising the amountof branching in the proof, or delaying certain choices untilthe optimum amount ofinformation is available.

For example, consider the problem of multiple answers. A logic program for whichthere are many proofs of the same goal (and hence there are goals which return the sameanswer substitution many times) is generally considered tobe somewhat deficient. Dif-ferent proofs are generally only considered interesting ifthey lead to different answers.

For example, consider the sequentp(a);8yq(y) ` p(y); q(b) ` 9xp(x) in intuitionisticlogic. All uniform proofs3 can be classified into two groups, depending on the answersubstitution forx. A representative of each class is below (the others are variations,depending on the order of application of the rules!L, wL and8L).

3 A uniform proof [17] of a sequentP ` G means a goal-directed proof, in a sense that the goalG is decomposed uniformly, based only on its structure and without reference to the programP, until atomic goals are reached. The program is only consulted when atomic goals are to beproved.

q(b) ` q(b) Ax p(b) ` p(b) Axp(a); p(b) ` p(b) wLp(a); q(b)! p(b); q(b) ` p(b) ! Lp(a);8yq(y)! p(y); q(b) ` p(b) 8Lp(a);8yq(y)! p(y); q(b) ` 9xp(x) 9R p(a) ` p(a) Axp(a); q(b) ` p(a) wLp(a);8yq(y)! p(y); q(b) ` p(a) wLp(a);8yq(y)! p(y); q(b) ` 9xp(x) 9RClearly, the question of finding all proofs which lead to different answers have someoverlap with the question of finding all equivalent proofs modulo inference permu-tations. Since proofs from the same equivalence class lead to the same answer, it issufficient to generate just one of them, which than will be representative for the wholeclass.

Note also that some non-uniform permutations may also be useful. In the first ex-ample above, the reasons for choosingx b are not obvious at the time the rule isapplied:

....p(a); 8yq(y)! p(y); q(b) ` p(b)p(a);8yq(y)! p(y); q(b) ` 9xp(x) 9RThis substitution arises from the formulas8yq(y) ! p(y); q(b). If asked by a user toexplain why that substitution was generated, an implementation could choose to pro-duce the permutation below, which is not uniform, but demonstrates the origin of thesubstitution more directly, as indicated by the step(�).q(b) ` q(b) Ax p(b) ` p(b) Axp(a); p(b) ` p(b) wLp(a); p(b) ` 9xp(x) 9Rp(a); q(b) ` p(b); q(b) ` 9xp(x) ` Lp(a);8yq(y) ` p(y); q(b) ` 9xp(x) 8L (�)The problem of permutation analysis is not new ([3, 13, 5]. However, there are someinference rules of interest which cannot be analysed by the existing framework. Onesuch situation is illustrated by the example below, where}0 presents a mix of} andwrules from linear logic, and where the possible permutationof ? and}0 in the outlinedsubproof can not be detected using the existing definitions ([13] or Definitions 2.1-2.4of [5]):` �; ; �` �}0 ; �; ?Æ }0

schema-rule

....`?A; ?A;B; �`?A;B; � ?`?A}0B; �; ?A }0 =) ....`?A; ?A;B; �`?A; ?A}0B; �; ?A }0`?A}0B; �; ?A ?It is our contention that a more precise specification of the structure of sequent calculusrules is needed, as it is proposed by the following definition(we assume, for simplicity,one-sided inference systems, i.e. that the antecedents arealways empty):

Definition 1 The structure of sequent calculus inference rules:� An active formulaof rule I is a formula in a premise, that does not exist in the con-clusion. Theactive partof the i-th premise of an inferenceI (denoted byAiI ) is the(possibly empty) multiset of its active formulas.� A quasi-active formulaof an inferenceI is a formula occurrence whose presence ina premise is necessary (but not sufficient4) for the rule application, and which is copiedunchanged into the conclusion of the rule. Thequasi-active partof the i-th premise ofan inferenceI (denoted byQAiI ) is the (possibly empty) multiset of its quasi-activeformulas.� A principal formulaof rule I is a formula occurrence of a conclusion that does notexist in premise(s) and that is a result of the disappearanceof some active formulas ofI . Theprincipal partof an inferenceI (denoted byPI ) is the (possibly empty) multisetof its principal formulas.� A formula occurrence of ruleI that does not exist in a premise and that is not aprincipal formula, is called anextra formula. Theextra partof an inferenceI (denotedby EI ) is the (possibly empty) multiset of its extra formulas.� The contextof the i-th premise of an inferenceI (denoted byCiI ) is the (possiblyempty) multiset - complement of its active and quasi-activepart.

The above definition is illustrated through examples in the Table below:A1 A2 QA1 QA2 P E C1 C2` � ` �` �;� mix � �` A;� ` B;�` AB;�;� A B AB � �` A;� ` B;�` A&B;� & A B A&B � �` A;� ` A?;�` �;� ut A A? � �` �` �; ?F w? ?F �`?F; ?F; �`?F; � ? ?F ?F �According to the context of premises and conclusion, binaryrules can be distinguishedas:multiplicativerules where the context of each premise is copied unchanged into theconclusion (rules;mix; ut in above table);strong additiverules where the context ofeach premise and of the conclusion are identical (rule&). Note that there are alsoweakadditiverules where some part of the context of the premise and of the conclusion areidentical.

Given this definition, the problem is then to determine when two inferences canbe permuted, and, if so, whether the resulting (sub)proof has the same premises andconclusion as the original. Note that it is possible for two inferences to be permuted,but for the latter condition not to hold.

4 except for the exchange rule

We thus arrive at the following definition:

Definition 2 (permutation position)Two inferencesI andJ of a given proof� inwhichJ directly followsI in � are:

1. in theweak permutation positioniff AJ ;QAJ � ContextI ;QAI2. in thestrong permutation positioniff 9k 2 f1; 2g AJ ; QAJ � ContextkI ; QAkI

and (AJ 6� ContextkI )) (AJnContextkI � EJ)The valuek = 1 corresponds tostrong-leftwhile k = 2 to strong-rightpermutationposition. Note that for a unary ruleI the strong permutation position implies the strong-left position (k = 1) only.

For example, in the first of the following proofs, the and} rules are in the weakpermutation position only, becauseA};QA} = fa?; b?g � Context;QA =fa?; b?; g and the active formulas of the} rule (formulas a? andb?) belong todifferent premises of the rule. In the second proof, the active formulas of the} rulebelong to same premise of the rule, and hence the rules are, at the same time, in theweak and strong permutation position.` a; a? ` b; b?`? ; b; b? w?` a b; a?; ? ; b? ` b?}a?; a b; ? }

weak perm pos. for and} ` a; a? ` b; b?`? ; b; b? w?` a b; a?; ? ; b? ` b?}? ; a b; a? }strong and weak permutation pos. for and}

We can then show how these notions can be used to determine when inferences canbe permuted. In particular, two inferences must be in the strong permutation position inorder to be permuted.

The strong permutation position takes into account more carefully the distribution offormulas fromAJ ; QAJ between the multisetContextI ; QAI . The demandAJ ; QAJ �ContextkI ; QAkI interrupts further analysis in the situation where active and/or quasi-active formulas of J belong to different premises of I. Such asituation can not be“recognised” in the weak permutation position:i) ii) iii)` a; a? ` b; b?` a b; a?; b? ` a?}b?; a b }

weak (6) strong)rules not permutable

` a; a? ` b; b?`? ; b; b? w?` a b; a?; ? ; b? ` b?}? ; a b; a? }strong () weak)rules permutable

....` A;B;C` A;B;C �D �` A}B;C �D }strong (, weak)rules permutable

The condition(AJ 6� ContextkI ) ) (AJnContextkI � EJ) ensures that the sit-uations in which quasi-active formula(s) of upper inference I , which has(have) been“consumed” by lowerJ (i.e. used as the active formulae(s) forJ) are acceptable (for

the further permutation analysis) iff such formula(s) can be restored again through theextra partEJ (in that way it(they) remains available forI , after the eventual reversingof the order ofI andJ). As an example, consider rule}0 which presents a mix of} andw rules from linear logic:` �; ; �` �}0 ; �; ?Æ }0

schema-rule

....`?A; ?A;B; �`?A;B; � ?`?A}0B; �; ?A }0 =) ....`?A; ?A;B; �`?A; ?A}0B; �; ?A }0`?A}0B; �; ?A ?The notion ofstrong permutation positionis suitable for the analysis of possible

permutations in a given proofi.e. when we have the concrete instances of a given in-ference rule. Such permutations and inference movements ina given proof are essentialfor rearranging proofs to satisfy or obey particular strategies. It also helps us to detectother proofs of a given sequent which differ only in the orderof inference rules.

The notion ofweak permutation positionis suitable for recognition of non-permutablerules in a given proof tree, as well as for recognition of pairs of schema-rules which rep-resent rules that can never be permutable. Also, because of its simplicity, can be usedduring the applications of particular strategies for bottom-up construction of proofs (forthe choice of formula to be decomposed next).

In [5] Galmiche and Perrier also use the notion of permutation position (Defini-tion 3.1. and Definition 3.2 of [5] ) as a precondition for the further checking of per-mutabilities of given rules. According to our specificationof inference rules, Galmiche-Perrier’s condition (“the principal part of upper ruleI is disjoint of the active part ofthe premise of lower ruleJ” (condition�), Definition 3.1 of [5]) corresponds to thecondition AJ ;QAJ � ContextI . It is shown in [14] that in the absence of quasi-active formulae, the Galmiche-Perrier condition corresponds to the weak permutationposition, and this condition is similarly more suitable foranalysis on the level of givenschema-rules than for the possible permutations of a given proof.

Given these notions, it is then not hard to show that two inferences which are in thestrong permutation position are always permutable, as wellas to determine conditionsunder which the two (sub)proofs have the same premises and conclusion. However,these results are rather lengthy to state, and hence are beyond the scope of this paper.Full details, including formal statements and proofs of these and other results may befound in [14].

3.2 Detection and Elimination of Unused Formulas

In order to facilitate theoretical analysis as well as systematic mechanical implemen-tations, we propose a formal account for detection of unusedformulas originated fromformula choices for the�R rule. Our technique for doing this is to extend some se-quent calculus rules with Boolean constraints and to attachcertain Boolean expressionsto some formulas in the proof tree, in the manner of [10].

Definition 3 A Boolean expressione is determined by the following grammar:e =0 j 1 j x j x^ y , wherex; y range over Boolean variables. A B-pair is a pair of Booleanexpressions, denoted as[e1; e2℄. We denote by(� � )[e1e2℄ the labelling of a formula�� with a B-pair[e1; e2℄. We denote byL(F ) the set of all B-pairs attached to formulaF .

The rules of the sequent calculus are extended to include therelationships betweenB-pairs i.e. their Boolean variables. The rules�R; w?R; ?R; and&R additionallycontainside constraintson B-pairs. A right arrow! , besides the inference name,points to the side constraint(s).premise(s) on lusion rule-name! side constraint(s)

premise(s) on lusion rule-name "Below we present the right inference rules which have side constraint(s). For nota-

tional simplicity a lack of labels of a formula, simultaneously in the conclusion and thepremises, in any of the proposed rules, implies that the labels currently applicable to theformula are not changed. For example, the�R rule does not alter the B-pairs attached(if any) to the formulas in�; � and�. In the rules?R and&R, the labels from the con-clusion are duplicated with the new names (this is similar towhat happens in practicewith bound variables).� ` �; �� ` (�� )[x;y℄; � �R ! [x; y℄ = [0; 1℄; 8[xi; yi℄ 2 L() [xi; yi℄ = [1; 1℄� ` ; �� ` (�� )[x;y℄; � �R ! [x; y℄ = [1; 0℄; 8[xi; yi℄ 2 L(�) [xi; yi℄ = [1; 1℄� ` �� ` ?�; � w?R ! 8[xi; yi℄ 2 L(�) [xi; yi℄ = [1; 1℄� ` ?��1; ?��2; �� ` ?�; � ?R ! 8[xi; yi℄ 2 L(�) [xi; yi℄ = [xi1 ^ xi2; yi1 ^ yi2℄

where�1 and�2 rename each[xi; yi℄ 2 L(�) to [xi1; yi1℄ and[xi2; yi2℄ respectively� ` ?�; ?�; �� ` ?�; � ?R "whereL(�) = ;� ` �;��1; � � ` ;��2; �� ` �&;�;� &R ! 8[xi; yi℄ 2 L(�) [xi; yi℄ = [xi1 ^ xi2; yi1 ^ yi2℄

whereL(�) = ; and�1 and�2 rename each[xi; yi℄ 2 L(�) to [xi1; yi1℄ and[xi2; yi2℄ respectively

Possible values that a B-pair[xi; yi℄ allocated to a formulaF1 � F2 can obtainare:[1; 0℄, [0; 1℄, [0; 0℄, [1; 1℄. Value[1; 0℄ (respectively[0; 1℄) indicates that formulaF1(respectivelyF2) is unused upwards from the proof step where the assignment tookplace. Value[0; 0℄ denotes that there is no unused subformulas ofF1 � F2 while value[1; 1℄ implies that the whole formulaF1 � F2 is unused upwards from the proof stepwhere the assignment took place.

The rules�R andw?R assign, through side constraints, the value(s) to the B-pairs.The formula choice for the�R rule is reflected in the state of the B-pair of the principalformula as well as the B-pairs allocated to the subformula deleted by the rule. The rulew?R assigns the value[1; 1℄ to the B-pair of every subformula of the form�� whichis being deleted. The side constraints for the rules&R and ?R are logical links betweenthe B-pairs of context formulas in the premises and conclusion. It is possible for unusedpremises formulas of an&R inference to be different. For example, consider derivationsD1 andD2 mentioned in the Example 2 of section 2. They disagree on unused formulas,so the proof below has no unused formulas:D1 D2!s; !(r}p); !(?�Æ t) ` ?r}(p�?q); s&?t &RHence, in calculating the conclusion’s unused formulas, the side constraint for&Rmust “insist” on the conjunction of the premise’s unused formulas. Similarly, for a ?R inference we need to co-ordinate unused formulas of the two copies of the copiedformula.

Informally, the algorithm for detection of unused formulasincludes the labelling ofa sequent to be proved, and than simultaneous (bottom-up) construction of a proof treeand maintaining of B-pairs and side constraints. The success of a proof constructioninvolves passing (in top-down direction) through side constraints and calculating thefinal valuesof B-pairs.5

For example, the application of the above algorithm on the sequents; d}(r p) ` ?d (p� s); ((p r) � q) � sresults in the computation illustrated above. To save space, we denoted}(r p) asF1,?d(p�s) asF2, and(pr)� q asF3. The B-pairs that appear at the root of the prooftree receive the following values:[x; y℄ = [1; 0℄; [x1; y1℄ = [1; 0℄; [x1; y1℄ = [1; 0℄.Hence, for the given goal the underlined (sub)formulas are irrelevant.s; d}(r p) ` ?d ( p � s); ((p r) � q ) � s

++++[x2; y2℄ = [0; 1℄ s ` ss ` (p� s)[x2;y2℄ �R d ` d r ` r p ` pr; p ` p r R "r p ` p r L "F1 ` d; (p r) }L "F1 ` d; F [x1;y1℄3 �R! [x1; y1℄ = [1; 0℄F1 ` ?d; F [x1;y1℄3 ?R "s; F1 ` F [x2;y2℄2 ; F [x1;y1℄3 R "s; F1 ` F [x2;y2℄2 ; (F [x1;y1℄3 � s)[x;y℄ �R! [x; y℄ = [1; 0℄+++++++[x; y℄ = [1; 0℄[x1; y1℄ = [1; 0℄

The new proof tree can be easily constructed by omitting the�R inferences:5 Note that, in the example below,+ arrows correspond to this part of the algorithm. The final

values of B-pairs are boxed.

s ` s d ` d r ` r p ` pr; p ` p r Rr p ` p r Ld } r p ` d; p r }Ld } (r p) ` ?d; p r ?Rs; d}(r p) ` ?d s; p r R4 Conclusions and Future Work

We have proposed a more detailed specification of inference rules, in order to enable amore precise analysis of their permutation properties. We have also shown how Booleanexpressions can be used to extract information about the necessary and unnecessaryformulas in a proof. Note that it is straightforward to implement this latter techniqueusing constraint logic programming techniques [15].

Given that computation in the logic programming context is proof search, an in-teresting question that arises is to determine what can be inferred from a failed proofattempt. The traditional answer for logic programmers isabduction; rather than merelyreporting an answer of “no” to a query, a specification (usually in the form of a set of for-mulae) of the necessary changes to the program is given, which, if carried out, wouldenable the original goal to succeed. In proof-theoretic terms, we can consider such atransformation to be one which takes apartial proofD(i.e. , a derivation in which someleaves are not axioms) to a completed proof which retains (atleast relatively) the or-der of inference rules ofD and whose conclusion contains the conclusion ofD. This isachieved by the replacement of each non-axiom leaf` S with a proof of` S; (where is possibly empty multiset of formulas dependent onS and on the structure of in-ference rules of a given proof system) and then by, eventually, adaptationof subproofbelow` S.

For example, consider the partial proof below and its resulting adaption, which hasinserted some intermediate steps (inserted inferences areboxed).` a; a? Ax ` a; b?` a; a?&b? &` a� b; a?&b? �` (a� b)}(a?&b?) } 7�! ` a; a? Ax` a; a?; ?(a? b) w

` a; a? Ax ` b; b? Ax` a; b?; a? b ` a; b?; ?(a? b) ?` a; a?&b?; ?(a? b) &` a� b; a?&b?; ?(a? b) �` (a� b)}(a?&b?); ?(a? b) }If we allow interpretation of a non-axiom leaf` S as a hypothesis of, say, a proofD thenthe above transformation is known ashypothesis elimination[2]. In general, eliminationof a hypothesis H from a proof� is the problem of searching for a proof (without anyhypotheses) of hypothesisH, which will replace it in� . For decidable proof systemsit is clear that we can always find at least one such proof, if itexists, by determiningwhether or not H is provable. The situation is more complicated when a hypothesis

` H (or H2 ` H1) is an unprovable sequent, or the proof system is not decidable. Insuch situations the problem is to find the simplest proof (without hypotheses) whoseconclusion incorporatesH (H1;H2) . Clearly this process depends on the hypothesisitself, as well as on the structure of inference rules of a given proof system. Andreoliand Pareschi have given such a procedure for one fragment of propositional classicallogic [2].

Developing general methods for hypothesis elimination is research still in progress.The key point is to determine the minimal extension sufficient to provide provability ofa given unprovable sequent. The example below points out some possible extensionsand additions of the unprovable sequent` p; q in different logics:

classical logic:p ` p Axp ` p; q w two-sided linear logic:p ` p Ax q ` q Axp}q ` p; q } ` p; q;> > 0 ` p; q 0The development of such a method would form an integral part of a suite of tools

which could be used to analyse both successful and unsuccessful proof attempts, andthus form the basis of a proof-theoretic programming environment for logic program-ming systems.

References

1. Andreoli J.-M.Logic Programming with focusing proofs in linear logic, Journal of Logicand Computation, 2:3:297-347, 1992.

2. J.M. Andreoli, R. PareschiLogic programming with sequent systems: A linear Logic Ap-proach., in P.Schr�oder-Heister ed., Proceedings of Workshop to Extensions ofLogic Pro-gramming 1-30, T�ubingen, 1989. Published as by Springer-Verlag as Lecture Notes in Arti-ficial Intelligence 475.

3. Curry H.,The permutability of rules in the classical inferential calculus, Journal of SymbolicLogic 17:245-248, 1952.

4. Galmiche D. Canonical Proofs for Linear Logic Programming Frameworks, in A.Momigliano and M. Ornaghi, ed., Proof-Theoretical Extensions of Logic Programming 2-10, Post-Conference Workshop for ICLP’94, Santa Margherita Ligure, Italy, June 1994.

5. Galmiche D. and Perrier G.On proof normalisation in Linear Logic, Theoretical ComputerScience 135:67-110, 1994.

6. Girard J.-Y.Proof-nets: the Parallel syntax for Proof-theory, Logic and Algebra, MarcelDekker, New York, 1995.

7. Harland J.A Proof-theoretic Analysis of Goal-directed Provability, Journal of Logic andComputation 4:1:69-88, 1994.

8. Harland J.On Goal-Directed Provability in Classical Logic, Computer Languages 23:2-4:161-178, 1997.

9. Harland J., Lutovac T., Winikoff M.Goal-Directed Proof Search in Multiple-ConclusionedIntuitionistic Logic, Proceedings of the First International Conference on ComputationalLogic 254-268, London, July, 2000.

10. Harland J., Pym D., Resource-distribution via Boolean constraints (extended abstract), Pro-ceedings of the International Conference on Automated Deduction (CADE-14) 222-236, W.

McCune (ed.), Townsville, July, 1997. Published by Springer-Verlag as Lecture Notes inComputer Science 1249.

11. Harland J., Pym D., Winikoff M.Programming in Lygon: An Overview, Proceedings of theInternational Conference on Algebraic Methodology and Software Technology (AMAST)391-405, M. Wirsing and M. Nivat (eds.), July, 1996. Published by Springer-Verlag as Lec-ture Notes in Computer Science 1101.

12. Hodas J.S. and Miller D.Logic programming in a Fragment of Intuitionistic Linear Logic,Journal of Information and Computation 110:2:327-365, 1994.

13. Kleene S.C.Permutability of Inferences in Gentzen’s Calculi LK and LJ, Memoirs of theAmerican Mathematical Society 10:1-26, 1952.

14. Lutovac T., Harland J.Towards the Automation of the Design of Logic ProgrammingLanguages, Technical Report TR-97-30, Department of Computer Science, RMIT Uni-versity, 1997. http://www.cs.rmit.edu.au/�jah/publications/perms-tr.ps.gz.

15. Marriot, K., Stuckey, P.Programming with Constraints, MIT Press, 1998.16. Miller D. A logical analysis of modules in logic programming, Journal of Logic Program-

ming 6:79-108, 1989.17. Miller D., Nadathur G., Pfenning F.,Scedrov A.Uniform proofs as a Foundation for Logic

Programming, Annals of Pure and Applied Logic 51:125-157, 1991.18. Miller D. Forum: A multiple-conclusion specification-logic, Theoretical Computer Science

165:1:201-232, 1996.19. Nadathur G.Uniform Provability in Classical Logic, Journal of Logic and Computation

8:2:209-230, 1998.20. Nadathur G. and Miller D.An overview of�Prolog, In Kenneth A. Bowen and Robert

A. Kowalski, editors, Fifth International Logic Programming Conference 810-827, Seattle,Washington, August 1988. Published by MIT Press.

21. Pym D., Harland J.A Uniform Proof-theoretic Investigation of Linear Logic Programming,Journal of Logic and Computation, 4:2:175-207, 1994.

22. Frank Pfenning and Carsten Schurmann,Twelf — a meta-logical framework for deduc-tive systems, H. Ganzinger, editor, Proceedings of the 16th International Conference onAutomated Deduction (CADE-16), pages 202–206, Trento, Italy, July 1999. Published bySpringer-Verlag as Lecture Notes in Artificial Intelligence 1632.

23. Carsten Schurmann,Automating the Meta-Theory of Deductive Systems, PhD thesis,Carnegie-Mellon University, 2000.

24. Sterling L., Shapiro E.The Art of Prolog, MIT Press, 1986.25. Wallen L.A.Automated Proof Search in Non-classical Logic, MIT Press, 1990.26. Winikoff M., Harland J.Implementing the Linear Logic Programming Language Lygon, Pro-

ceedings of the International Logic Programming Symposium66-80, Portland, Oregon, De-cember, 1995.

27. Winikoff M., Logic Programming with Linear Logic, PhD Thesis, Department of ComputerScience, The University of Melbourne, March, 1997.