In this paper, we address the problem of defining a fixpoint semantics for Constraint Handling Rules (CHR) that captures the behavior of both simplification and propagation rules in a sound and complete way with respect to their declarative semantics. Firstly, we show that the logical reading of states with respect to a set of simplification rules can be characterized by a least fixpoint over the transition system generated by the abstract operational semantics of CHR. Similarly, we demonstrate that the logical reading of states with respect to a set of propagation rules can be characterized by a greatest fixpoint. Then, in order to take advantage of both types of rules without losing fixpoint characterization, we present an operational semantics with persistent.We finally establish that this semantics can be characterized by two nested fixpoints, and we show the resulting language is an elegant framework to program using coinductive reasoning.
lemmatheorem \aliascntresetthelemma \newaliascntpropositiontheorem \aliascntresettheproposition \newaliascntcorollarytheorem \aliascntresetthecorollary \newaliascntdefinitiontheorem \aliascntresetthedefinition \newaliascntexampletheorem \aliascntresettheexample \newaliascntremarktheorem \aliascntresettheremark
(Co-)Inductive semantics for Constraint Handling Rules](Co-)Inductive semantics for Constraint Handling Rules
Rémy Haemmerlé]Rémy Haemmerlé
Technical University of Madrid
HR, coinduction, fixpoint, declarative semantics, persistent constraints.
Owing to its origins in the tradition of Constraint Logic Programming (CLP) [JL87popl], Constraint Handling Rules (CHR) [Fruehwirth98jlp] feature declarative semantics through direct interpretation in classical logic. However, no attempt to provide fixpoint semantics to the whole language, sound and complete w.r.t. this declarative semantics has succeeded so far. This is particularly surprising considering that the fixpoint semantics is an important foundation of the declarative semantics of CLP. It is perhaps because CHR is the combination of two inherently distinct kinds of rules that this formulation is not so simple. On the one hand, the so-called Constraint Simplification Rules (CSR) replace constraints by simpler ones while preserving their meaning. On the other hand, the so-called Constraint Propagation Rules (CPR) add redundant constraints in a monotonic way. Even though in the declarative semantics the two notions merge, one of the main interests of the language comes from the explicit distinction between the two. Indeed, it is well known that propagation rules are useful in practice but have to be managed in a different way from simplification rules to avoid trivial non-termination. (See for instance explanations by \citeNFruehwirth09cambridge or \citeNBRF10iclp.)
Soundness of the operational semantics of CSR (i.e. to each derivation corresponds a deduction) have been proved by \citeNFruehwirth09cambridge, while completeness (i.e. to each deduction corresponds a derivation) has been tackled by \citeNAFM99constraints. However, it is worth noticing that the completeness result is limited to terminating programs. On the other hand, the accuracy of CPR w.r.t. its classical logic semantics is only given through its naive translation into CSR. Since any set of propagation rules trivially loops when seen as simplification rules, the completeness result does not apply to CPR.
It is well known that termination captures least fixpoint (l.f.p.) of states of a transition system. Quite naturally, non-termination captures the greatest fixpoint (g.f.p.). Starting from this observation, we show in this paper that if they are considered independently, CSR and CPR can be characterized by a l.f.p. (or inductive) and g.f.p. (or coinductive) semantics respectively, providing along the way the first completeness result for CPR. Then, in order to take advantage of both types of rules without losing fixpoint characterization, we present an operational semantics similar to the one recently proposed by \citeNBRF10iclp. Subsequently we demonstrate that this new semantics can be characterized by two nested fixpoints and can be implemented in a simple manner to provide the first logically complete system (w.r.t. failures) for a segment of CHR with propagations rules. We show as well this semantics yields an elegant framework for programming with coinductive reasoning on infinite (or non-well founded) objects [BM96csli].
The remainder of this paper is structured as follows: Section 2 states the syntax of CHR and summarizes several semantics. In Section 3, we present two fixpoint semantics for CHR. We show these semantics, which built over the transition system induced by the abstract operational semantics of CHR, offer a characterization of logical reading of queries w.r.t. CSR and CPR, respectively. In Section 4, we define semantics with persistent constraints related to the one recently introduced by \citeNBRF10iclp. We prove this new operational semantics can be characterized by a l.f.p. nested within a g.f.p., and give an implementation via a source-to-source transformation. Finally, in Section 5, we illustrate the power of the language before concluding in Section 6.
2 Preliminaries on CHR
In this section, we introduce the syntax, the declarative semantics and two different operational semantics for CHR. In the next sections, both operational semantics will be used, the former as theoretical foundation for our different fixpoint semantics, and the latter as a target to implementation purposes.
The formalization of CHR assumes a language of built-in constraints containing the equality , false, and true over some theory and defines user-defined constraints using a different set of predicate symbols. In the following, we will denote variables by upper case letters, , , , …, and (user-defined or built-in) constraints by lowercase letters By a slight abuse of notation, we will confuse conjunction and multiset of constraints, forget braces around multisets and use comma for multiset union. We note the set of free variables of any formula . The notation denotes the existential closure of with the exception of variables in , which remain free. In this paper, we require the non-logical axioms of to be coherent formula (i.e. formulas of the form , where both and stand for possibly empty conjunctions of built-in constraints). Constraint theories verifying such requirements correspond to Saraswat’s simple constraints systems \citeNNSRP91popl.
A CHR program is a finite set of eponymous rules of the form:
where (the kept head), (the removed head) are multisets of user-defined constraints respectively, (the guard) is a conjunction of built-in constraints, is a conjunction of built-in constraints, is a multiset of user-defined constraints and, (the rule name) is an arbitrary identifier assumed unique in the program. Rules, where both heads are empty, are prohibited. Empty kept-head can be omitted together with the symbol . The local variables of rule are the variables occurring in the guard and in the body but not in the head that is . CHR rules are divided into two classes: simplification rules if the removed head is non empty and propagation rules otherwise. Propagation rules can be written using the alternative syntax:
A CHR state is a tuple , where (the CHR store) is a multiset of CHR constraints, (the built-in store) is a conjunction of built-in constraints, and (the global variables) is a set of variables. In the following, will denote the set of states and the set of answers (i.e. states of the form ). A state is consistent if its built-in store is satisfiable within (i.e. there exists an interpretation of which is a model of ), inconsistent otherwise.
2.2 Declarative semantics
We state now the declarative semantics of CHR. The logical reading of a rule and a state is as follows:
, the logical reading of a program within a constraint theory is the conjunction of the logical readings of the rules of with the constraint theory .
2.3 Equivalence-base operational semantics
Here, we recall the equivalence-based operational semantics of \citeNRBF09chr. It is similar to the very abstract semantics of \citeNFruehwirth09cambridge, the most general operational semantics of CHR. We prefer the former because it includes an explicit notion of equivalence, that will simplify many formulations. Because this is the most abstract operational semantics we consider in this paper, we will refer to it as the abstract (operational) semantics. For the sake of generality, we present it in a parametric form, according to some sound equivalence relation.
We will say that an equivalence relation is (logically) sound if two states equivalent w.r.t. have logically equivalent readings in the theory . The equivalence class of some state by will be noted . For a given program and a sound equivalence , the -transition relation, noted , is the least relation satisfying the following rules:
where is a renaming. If such transition is possible with , we will say that the tuple is a propagation redex for the state . The transitive closure of the relation is denoted by . A -derivation is a finite or infinite sequence of the form A -derivation is consistent if so are all the states constituting it. A -transition is confluent if whenever and hold, there exists a state such that and hold as well.
The abstract equivalence is the least equivalence defined over verifying:
Note that this equivalence is logically sound [RBF09chr]. For a given program , the abstract transition systems is defined as the tuple .
2.4 Concrete operational semantics
This section presents the operational semantics of \citeNDKSD07ppdp. In this framework rules are annotated with explicit priorities that reduce the non-determinism in the choice of the rule to apply. As initially proposed by \citeNAbdennadher97cp, this semantics includes a partial control that prevents the trivial looping of propagation rules by restricting their firing only once on same instances. By opposition to the abstract semantics, we will call it concrete (operational) semantics.
An identified constraint is a pair noted , associating a CHR constraint with an integer . For any identified constraints, we define the functions and , and extend them to sequences and sets of identified constraints. A token is a tuple , where is a rule name and is a sequence of integers. A concrete CHR state is a tuple of the form where is a multiset of CHR and built-in constraints, is a multiset of identified constraints, is a conjunction of built-in constraints, is a set of tokens and is an integer. We assume moreover that the identifier of each identified constraints in the CHR store is unique and smaller than . For any program , the concrete transition relation, , is defined as following:
if is a built-in constraint and .
if is a CHR constraint.
if is a rule in of priority renamed with fresh variables, is a substitution such that , , , , is satisfiable within , and . Furthermore, no rule of priority bigger than exists for which the above conditions hold.
3 Transition system semantics for pure CSR and CPR
In this section, we propose a fixpoint semantics for both CSR and CPR programs. We call it transition system semantics because it is defined as a fixpoint over the abstract transition system, built in a way similar to -calculus formula [CGP00mit]. The proofs of this section are only sketched. Detailed versions can be found in a technical report [Haemmerle11clip].
Before formally introducing the semantics, we recall some standard notation and results about fixpoints in an arbitrary complete lattice . 111For more details about fixpoints, one can refer, for example, to \citeANPLloyd87springer’s Book \citeNNLloyd87springer.. A function is monotonic if whenever . An element is a fixpoint for if . The least fixpoint (resp. the greastest fixpoint) of is its fixpoint satisfying (resp. ) whenever is a fixpoint for . It is denoted by (resp. ). \citeANPTarski55’s \citeNNTarski55 celebrated fixpoint theorem ensures that monotonic functions have both a least and a greatest fixpoint.
3.1 Inductive semantics for CSR
In this section, we give a first fixpoint semantics limited to CSR. It is call inductive, since it is defined as a lfp.
Definition \thedefinition (Inductive transition system semantics for CSR)
For a given program and an given sound equivalence relation , the existential immediate cause operator is defined as:
The inductive (transition system) semantics of a CSR program is the set:
The existential immediate cause operator being clearly monotonic, Tarski’s theorem ensures the inductive semantics of a CSR program is well defined. For a given program , is exactly the set of states that can be rewritten by to a consistent answer. Remark that since answers cannot be rewritten by any program, any state in has at least one terminating derivation.
Consider the program consisting of the two following rules:
We can pick the sets of consistent states of the respective form and , where denotes copies of a constraint . Both sets are fixpoints of , but only the former is the least fixpoint. Note, that no state of the form or are in such fixpoints.
We next present a theorem that uses fixpoints semantics to reformulate results on CSR logical semantics [Fruehwirth98jlp, AFM99constraints]. It says that a state that has at least one answer is in the inductive semantics of a confluent CSR program if and only if its logical reading is satisfiable within the theory . Notice that because in the context of this paper, we do not require to be ground complete, we have to content ourselves with satisfiability instead of validity. Nonetheless, we will see in Section 5, that satisfiability is particularly useful to express coinductive definitions such as bisimulation.
Let be program such that is confluent. Let be a state having at least one answer. We have
[Proof sketch] As we have said previously, is the set of states that can be rewritten to a consistent answer. Hence it is sufficient to prove:
or equivalently, the contrapositive:
“If” and “only if” directions are respective corollaries of soundness and completeness for CHR (Lemma 3.20 and Theorem 3.25 in \citeANPFruehwirth09cambridge’s book \citeNNFruehwirth09cambridge).
Our inductive semantics for CSR has strong connections with the fixpoint semantics of \citeNGM09tocl. In contrast to ours, this semantics focuses on input/output behaviour and is not formally related to logical semantics, although it is constructed in similar way as a l.f.p. over the abstract transition system. However, because it does not distinguish propagation from simplification rules, this semantics cannot characterize reasonable programs using propagations. Indeed, it has been later extended to handle propagation rules by adding into the states an explicit token store à la \citeNAbdennadher97cp in order to remember the propagation history [GMT08chr]. Nonetheless, such an extension leads to a quite complicated model which is moreover incomplete w.r.t. logical semantics.
3.2 Coinductive semantics for CPR
We continue by giving a similar characterization for CPR. This semantics is defined by the g.f.p. of a universal version of the cause operator presented in Section 3.1. Hence we call it coinductive.
Definition \thedefinition (Coinductive transition system semantics for CPR)
For a given program and an given sound equivalence relation , the universal (immediate) cause operator is defined as:
The coinductive (transition system) semantics of a CPR program is the set:
Note that contrary to the inductive semantics, the coinductive one is not just a reformulation of the existing semantics. Indeed the universal essence of the operator conveys that the meaning we give to CPR states relies on all of its derivations, whereas the existential essence of the operator makes explicit the fact that the classical meaning states dependent on existence of a successful derivation. This semantic subtlety is fundamental for CPR completeness (Section 3.2).
As it is the case for , the operator is obviously monotonic. Our semantics is therefore well defined. Notice, that is precisely the set of states that cannot be rewritten to an inconsistent states. As illustrated by the following example, states belonging to have in general only non-terminating derivations w.r.t. the abstract operational semantics.
Let be the usual constraints theoryover integers and be the program:
The greatest fixpoint of is the set of consistent states that does not contain a CHR constraint where is negative or null. Note the empty set is also a fixpoint but not the greatest. Note that states such as , which are in the greatest fixpoint, have only infinite derivations.
We give next a theorem that states the accuracy of the coinductive semantics w.r.t. the logical reading of CPR. Remark that for the completeness direction, we have to ensure that a sufficient number of constraints is provided for launching each rule of the derivation. To state the theorem we assume the following notation ( stand for the scalar product of the multiset by ):
Theorem 3.2 (Soundness and completeness of coinductive semantics for CPR)
Let be a CPR program and be some integer greater than the maximal number of constraints occurring in the head of any rule of . We have:
The proof of the theorem is based on the following completeness lemma, that ensures that to each intuitionistic deduction in the theory corresponds a CPR derivation w.r.t. the program . In the following, we use the notation and to emphasize that a deduction within a theory is done in the classical logic model framework and the intuitionistic proof framework, respectively. Fortunately, both lines of reasoning coincide in our setting. This remarkable property is due to the fact we are reasoning in a fragment of classical logic, known as coherent logic, where classical provability coincides with intuitionistic provability.
Lemma \thelemma (Intuitionistic completeness of CPR)
Let be a CPR program and be some integer greater than the maximal number of constraints occurring in the heads of . Let and (resp. and ) be two multiset of CHR (resp. built-in) constraints. If , then there exist and such that and .
[Proof sketch] By structural induction on the proof tree of . For the case where is a logical axiom, we use the reflexivity of . For the case where is a non-logical axiom from , we use the definition of . For the case where is a non-logical axiom corresponding to a propagation rule , we choose and , and apply . For the case where ends with a cut or a right introduction of a conjunction, we use induction hypothesis and the fact that constraints are never consumed along a CPR derivation. Other cases are more straightforward.
[Proof sketch of Theorem 3.2] As we have noted previously, is the set of states that cannot be rewritten to an inconsistent states. Hence it is sufficient to prove:
or equivalently the contrapositive:
The “if” direction is direct by soundness of CHR. For the “only if” direction, since is a coherent logic theory (i.e. a set of formulas of the form , where both and are conjunctions of atomic propositions), it can be assumed without loss of generality that (See \citeANPBC05lpar’s work about coherent logic \citeNNBC05lpar). The result is then direct, by Section 3.2.
The coinductive semantics for CPR, has strong similarities with the fixpoint semantics of CLP [JL87popl]. Both are defined by fixpoint of somehow dual operators and fully abstract the logical meaning of programs. Nonetheless the coinductive semantics of CPR is not compositional. That is not a particular drawback of our semantics, since the logical semantics we characterize is neither compositional. Indeed, if the logical readings of two states are independently consistent, then one cannot ensure that so is their conjunction. It should be noticed that this non-compositionality prevents the immediate cause operators to be defined over the -base (i.e. the cross product of the set of CHR constraints and the set of conjunctions of built-in constraints) as it is done for CLP, and requires a definition over set of states.
4 Transition system semantics for CHR with persistent constraints
In this section, we aim at obtaining a fixpoint semantics for the whole language. Nonetheless, one has to notice that the completeness result for CSR needs, among other things, the termination of , while the equivalent result for CPR is based on the monotonic evolution of the constraints store along derivations. Hence combining naively CSR and CPR will break both properties, leading consequently to an incomplete model. In order to provide an accurate fixpoint semantics to programs combining both kinds of rules (meanwhile removing unsatisfactory scalar product in the wording of CPR completeness), we introduce a notion of persistent constraints, following ideas of \citeNBRF10iclp for their semantics . Persistent constraints are special CHR constraints acting as classical logic statements (i.e. they are not consumable and their multiplicity does not matter). Since they act as linear logic statements (i.e. they are consumable and their multiplicity matters), usual CHR constraints are called linear. Because it combines persistent and linear constraints in a slightly less transparent way that , we call this semantics hybrid, and note it . Due to the space limitations, the (non-trivial) proofs of the section are omitted, but can be found in the extended version of this paper.
4.1 Hybrid operational semantics
On the contrary of , the kind of a constraint (linear or persistent) in , is not dynamically determined according the type of rules from which it was produced, but statically fixed. Hence, we will assume the set of CHR constraints symbols is divided in two: the linear symbols and the persistent symbols. Naturally, CHR constraints built from the linear (resp. persistent) symbols are called linear (resp. persistent) constraints. A hybrid rule is a CHR rule where the kept head contains only persistent constraints and the removed head contains only linear constraints. We will denote by , the set of purely persistent states (i.e. states of the form where is a set of persistent constraints). will refer to the set of simplification rules of a hybrid program , respectively.
The hybrid semantics is expressed as a particular instance of the equivalence based semantics presented in Section 2.3. It uses the abstract state equivalence extended by a contraction rule enforcing the impotency of persistent constraints.
Definition \thedefinition (Hybrid operational transition)
The hybrid equivalence is the smallest relation, , over states containing satisfying the following rule:
The hybrid transition system is defined as the tuple .
The hybrid programs are programs where propagation rules “commute” with simplification rules in the sense of abstract rewriting systems [terese03]. In other words, derivations can be permuted so that simplification rules are fired first, and propagation rules fire only when simplification rule firings are exhausted. Indeed, the syntactical restriction prevents the propagation head constraints to be consumed by simplification rules, hence once a propagation rule is applicable, then it will be so for ever. Of course, number of CHR programs do not respect the hybrid syntax and therefore cannot be run in our framework. Nonetheless, what we loose with this restriction, we compensate by pioneering a logically complete approach to solve the problem of trivial non-termination (see next Theorem 4.3).
4.2 Hybrid transition system semantics
We present the transition system semantics for hybrid programs. This semantics is expressed by fixpoints over the hybrid transition system. It is built using the immediate cause operators we have defined in the previous section.
Definition \thedefinition (Hybrid transition system semantics)
The hybrid (transition system) semantics of a hybrid program is defined as:
The theorem we give next states soundness and completeness of the hybrid transition system semantics of confluent programs, provided the states respect a data-sufficiency property. In this paper, we do not address the problem of proving confluence of hybrid programs, but claim it can be tackled by extending straightforwardly the work of \citeNAFM99constraints or by adequately instanstiating the notion of abstract critical pair we proposed in a previous work [HF07rta].
Definition \thedefinition (Data-sufficient state)
A hybrid state is data-sufficient w.r.t. a hybrid program if any state accessible form can be simplified (i.e. rewritten by ) into a purely persistent sate (i.e. for any state , if , then there exists a sate s.t. ).
This property ensures there is at least one computation where propagation rules are applied only once all linear constraints have been completely simplified. It is a natural extension of the eponymous property for CSR [AFM99constraints].
Theorem 4.1 ((Soundness and completeness of hybrid transition system semantics))
Let be a hybrid program such that is confluent. Let be a data-sufficient state w.r.t. . We have:
The following proposition states that it is sufficient to consider only one fair derivation. This result is fundamental to allow the hybrid semantics to be efficiently implemented.
Definition \thedefinition (Propagation fair derivation)
A derivation is propagation fair if for any propagation redex of a state in the derivation, there exist two states , such that the transition from to is a propagation application where the reduced redex is identical or stronger to (i.e. the reduced redex is of the form with ).
Proposition \theproposition (Soundness and completeness of propagation fair derivations)
Let be a hybrid program such that is confluent and terminating. Let be a data-sufficient state. holds if and only if there is a consistent propagation fair derivation starting from .
4.3 Implementation of the hybrid semantics
We continue by addressing the question of implementing the hybrid semantics in a sound and complete way. For this purpose, we assume without loss of generality that the constraint symbols , , , , and are fresh w.r.t. the program we consider. The implementation of a hybrid program consists in a source-to-source translation intended to be executed in the concrete semantics . This transformation is given in detail in LS 1. In order to be executed an hybrid state has to be translated into a concrete state as follows: if and are multisets of linear and persistent constraints respectively, then
Before going further, let us give some intuition about the behaviour of the translation. If a rule needs two occurrences of the same persistent constraint, step 1 will insert an equivalent rule which needs only one occurrence of the constraint. In the translation each persistent constraint can be applied in three different successive states: fresh, indicated by , frozen, indicated by , and alive, indicated by . Step 2 ensures, on the one hand, that only alive constraints can be used to launch a rule, and on the other hand, that the persistent constraints of the right-hand side are inserted as fresh. Each frozen and alive constraint is associated to a time stamp indicating the order in which it has been asserted. The fresh constraints are time stamped and marked as frozen as soon as possible by stamp, the rule of highest priority (the constraint indicating the next available time stamp). Only if no other rule can be applied, the unfreeze rule turns the oldest frozen constraint into an alive constraint while preserving its time stamp (the constraint indicating the next constraint to be unfrozen). Rule set prevents trivial loops, by removing the youngest occurrence of two identical persistent constraints. From a proof point of view, the application of this last rule corresponds to the detection of a cycle in a coinduction proof, the persistent constraints representing coinduction hypothesises [BM96csli].
The two following theorems state that our implementation is sound and complete w.r.t. failure. Theorem 4.2 shows furthermore that the implementation we propose here is sound w.r.t. finite success. It is worth noting that it is hopeless to look for a complete implementation w.r.t. to success, since the problem to know if a data-sufficient state is in the coinductive semantics is undecidable. The intuition behind this claim is that otherwise it would possible to solve the halting problem.
Theorem 4.2 (Soundness w.r.t. success and failure)
Let be a hybrid program such that is confluent, and let be a terminating derivation. holds if and only if is satisfiable within .
Theorem 4.3 (Completeness w.r.t. failure)
Let be a hybrid program such that is confluent and terminating. Let be a data-sufficient state. If , then any concrete derivation starting form finitely fails.
The implementation we propose has strong connections with the co-SLD, an implementation of the g.f.p. semantics of Logic Programming proposed by \citeNSMBG06iclp. Both are based on a dynamic synthesis of coinductive hypothesises and a cycle detection in proofs. But because it is limited to rational recursion, the co-SLD is logically incomplete w.r.t. both successes and failures (i.e. there are queries true and false w.r.t. the logical reading of a program that cause the interpreter to loop). That contrasts with CHR, where any coherent constraint system can be used without loosing logical completeness w.r.t. failures.
In this section, we illustrate the power of CHR for coinductive reasoning when it is provided with its fixpoint semantics. In particular we show it yields an elegant framework to realize coinductive equality proofs for languages and regular expressions as presented by \citeNRutten98concur.
5.1 Coinductive language equality proof
Firstly, let us introduce the classical notion of binary automaton in a slightly different way from usual. A binary automaton is a pair where is a possibly infinite set of states and is a function called destructor. Let us assume some automaton . For any state such that , we write , and , and . is the language accepted by a state . A bisimulation between states is a relation verifying:
Contrary to the standard definition, in the present setting, an automaton does not have an initial state and may have an infinite number of states. As represented here, an automaton is a particular coalgebra [BM96csli]. Due to the space limitations, we will not enter in details in the topic of coalgebra222We invite unfamiliar readers to refer to the gentle introduction of \citeNRutten98concur., but only state the following Coinductive Proof Principle [Rutten98concur, BM96csli] which gives rise to the representation of automata as coalgebra:
In order to prove the equality of the languages recognized by two states and , it is sufficient to establish the existence of a bisimulation relation in that includes the pair .
A nice application of CPR consists in the possibility to directly represent coalgebra and prove bisimulation between states. For instance, one can easily represent a finite automaton using variables for states and binary user-defined constraints (of main symbol ) for the destructor function. LS 2 gives an example of an automaton and its representation as a multiset of CHR constraints.
Once the automaton representation is fixed, one can translate the definition of bisimulation into a single propagation rule:
Using coinductive proof principle and Theorem 3.2, it is simple to prove two states of the coalgebra represented by accept or not the same language. For example, to conclude that and recognize the same language while and do not, one can prove the execution of never reaches inconsistent states, while there are inconsistent derivations starting from .
5.2 Coinductive solver for regular expressions
We have just shown that CPR yields a nice framework for coinductive reasoning about coalgebra. Nonetheless the explicit representation of an automaton by user defined constraints (as in LS 2) would limit ourselves to finite state automata. One simple idea to circumvent this limitation is to implictly represent infinite states automata. For instance, one can represent states using regular expressions and implement the computation of the destructor function using derivatives [Rutten98concur].
Let us assume the following syntax for regular expressions:
where and are characters, and stand for the Kleene star and the concatenation operators respectively, and a list corresponds to the alternation of its elements. Here follows a possible implementation of the destructor function333A complete version of program can be found in technical report version of the paper.:
where unifies its third argument with the Boolean disjunction of its two first elements and unifies its last argument with the ordered union of the lists given as first arguments. Now one can adapt the encoding of bisimulation given in the previous subsection as follows:
We are now able to prove equality of regular expression using the implementation of CHR hybrid semantics provided in Section 4.3. For example, the following state leads to an irreducible consistent state. This implies thanks to the Coinductive Proof Principle together with Theorem 4.1 and Theorem 4.2 that the two regular expressions recognize the same language/
It should be underlined that the use of simplification rules instead of propagation rules for encoding the destructor function is essential here in order to avoid rapid saturation of the memory by useless constraints. Notice that on the one hand, the confluence of the set of simplification rules needed by the theorems of Section 4 can be easily inferred, since the program is deterministic. On the other hand, termination of the the set of simplification rules, which is required by Theorem 4.3 can be easily established by using, for instance, techniques we have recently proposed for single-headed programs [HLH11ppdp].
Of course, no one should be surprised that equivalence of regular expressions is decidable. The interesting point here is that the notion of coalgebra and bisimulation can be casted naturally in CHR. Moreover, it is worth noticing the program given has the properties required by a constraint solver. Firstly the program is effective, i.e. it can actually prove or disprove if that two expressions are equal. The first part of the claim can be proved using Kleene theorem [Rutten98concur] and the idempotency and commutativity of the alternation, enforced here by the merge/3 predicate. The second part is direct by the completeness w.r.t. failures. Secondly, the program is incremental: it can deal with partially instanciated expressions by freezing some computations provided without enough information. Last, but not least, one can easily add to the system new expressions (as for instance , , or ). For this purpose it is just necessary to provide a new simplification rule for computing the result of the corresponding destructor function. For example, we can add to the program the following rule and prove as previously that and recognize the same language while and do not:
We have defined a l.f.p. semantics for CHR simplification rules and a g.f.p. semantics for CHR propagations rules, and proved both to be accurate w.r.t. the logical reading of the rules. By using a hybrid operational semantics with persistent constraints similar to the one of Betz et al., we were able to characterize CHR programs combining both simplification and propagation rules by a fixpoint semantics without losing completeness w.r.t. to logical semantics. In doing so, we have improved noticeably results about logical semantics of CHR. Subsequently we proposed an implementation of this hybrid semantics and showed it yields an elegant framework for programming with coinductive reasoning.
The observation that non-termination of all derivations starting from a given state ensures this latter to be in the coinductive semantics of an hybrid program, suggests that the statics analysis of universal non-termination of a CHR program might be worth investigating. The comparison of CHR to other coinductive programming frameworks such that the circular coinductive rewriting of \citeNGLR00ase may suggest it should be possible to improve completeness with respect to success of the implementation proposed here.
The research leading to these results has received funding from the Madrid Regional Government under the CM project P2009/TIC/1465 (PROMETIDOS), the Spanish Ministry of Science under the MEC project TIN-2008-05624 DOVES, and the European Seventh Framework Programme FP/2007-2013 under grant agreement 215483 (S-CUBE).
We are grateful to César Sánchez, for interesting discussions about coinduction, and to Santiago Zanella Béguelin, for referring us to \citeANPBC05lpar’s work. At the end, we would like to thank reviewers for their helpful and constructive comments.