Linear-Logic Based Analysis of Constraint Handling Rules with Disjunction

Linear-Logic Based Analysis of Constraint Handling Rules with Disjunction

HARIOLF BETZ and THOM FRÜHWIRTH
University of Ulm
Abstract

Constraint Handling Rules (CHR) is a declarative committed-choice programming language with a strong relationship to linear logic. Its generalization CHR with Disjunction (CHR) is a multi-paradigm declarative programming language that allows the embedding of horn programs.

We analyse the assets and the limitations of the classical declarative semantics of CHR before we motivate and develop a linear-logic declarative semantics for CHR and CHR.

We show how to apply the linear-logic semantics to decide program properties and to prove operational equivalence of CHR programs across the boundaries of language paradigms.

Constraint Handling Rules, Linear Logic, Declarative Semantics
\newdef

example[theorem]Example \newdefdefinition[theorem]Definition \categoryF.3.1Theory of ComputationLogics and Meanings of Programs[Specifying and Verifying and Reasoning about Programs] \categoryF.3.2Theory of ComputationLogics and Meanings of Programs[Semantics of Programming Languages] \termsLanguages, Theory, Verification

{bottomstuff}

1 Introduction

A declarative semantics is a highly desirable property for a programming language. It offers a clean theoretical foundation for the language, allows to prove program properties such as correctness and operational equivalence and guarantees platform independence. Declarative programs tend to be shorter and clearer as they contain, ideally, only information about the modeled problem and not about control.

Constraint Handling Rules (CHR) [Frühwirth (1994), Frühwirth (1998), Frühwirth (2009)] is a declarative committed-choice general-purpose programming language developed in the 1990s as a portable language extension to implement user-defined constraint solvers. Operationally, it mixes rule-based multiset rewriting over constraints with calls to a built-in constraint solver with at least rudimentary capabilities. It is Turing complete and it has been shown that every algorithm can be implemented in CHR with optimal time complexity [Sneyers et al. (2005)]. Hence, it makes an efficient stand-alone general-purpose programming language.

Constraint Handling Rules with Disjunction (CHR) [Abdennadher and Schütz (1998)] extends the inherently non-deterministic formalism of CHR with the possibility to include backtracking search and thus to embed horn programs. It features both don’t-care and don’t-know non-determinism. We can justly describe it as a multi-paradigm declarative programming language.

Owing to its heritage in logic programming and constraint logic programming, CHR features a declarative semantics in classical logic. We have shown that for certain classes of programs, the classical declarative semantics of CHR reflects the functionality of a program but poorly [Betz and Frühwirth (2005)]. Operationally, CHR is a state transition system whereas the classical declarative semantics considers all states in a derivation as logically equivalent. Hence, the directionality of the rules, the inherent non-determinism of their execution and any change of state eludes this declarative semantics.

Linear logic is a sub-structural logical formalism [Girard (1987)] that has been shown to bear a close relationship to concurrent committed-choice systems [Miller (1992), Fages et al. (2001)]. It shows that it is well-suited to model the committed-choice rules of CHR. It furthermore allows a faithful embedding of classical logic, so we can straightforwardly embed the constraint theory underlying the built-in constraint solver into linear logic. Linear logic thus enables us to model the two reasoning mechanisms of CHR in a single formalism. Moreover, it shows that we can encode CHR into linear logic in a way that preserves its characteristic dichotomy of don’t-know and don’t-care non-determinism.

In this article, we propose a linear-logic semantics for CHR and CHR that incorporates all the features mentioned above. We found the semantics on the intuitionistic segment of linear logic as it suffices for our purpose while being easier to handle than the full segment. We propose two variants of the semantics. The first variant is based on introducing proper axioms in the sequent calculus of linear logic. The second variant is similar to the semantics previously published in \citeNDBLP:conf/cp/BetzF05 and \citeNBetz07. The first formulation allows for considerably more elegant proofs, in particular of its soundness and completeness. The second formulation allows to perform a broader range of reasoning tasks. As we formalize and prove the equivalence of both representations, so we can use either representation according to the respective application.

This article is structured as follows: 2 In Sect. 2, we recall the syntax and operational semantics of CHR. 3 In Sect. 3, we introduce the intuitionistic segment of linear logic. 4 In Sect. 4, we develop a linear-logic semantics for constraint handling rules, and we show its soundness and completeness with respect to the operational semantics. 5 In Sect. 5, we extend our semantics to CHR and prove its soundness and completeness. We show that the linear-logic semantics allows in general for less precise reasoning over CHR than over CHR. We then introduce a well-behavedness property for CHR programs that amends this limitation. In Sect. 6, we show how our semantics can be applied to reason about program observables as well as to compare programs even across the boundaries of programming paradigms. In Sect. 7, we discuss related work before we conclude in Sect. 8.

2 Constraint Handling Rules

In this section, we recall the syntax and the operational semantics of Constraint Handling Rules.

2.1 The Syntax of CHR

We distinguish two disjoint classes of atomic constraints: atomic built-in constraints and atomic user-defined constraints. We denote the former as and the latter as , where are -ary constraint symbols and is a sequence of terms. Built-in constraints and user-defined constraint are possibly empty conjunctions of their respective atomic constraints. A conjunction of atomic constraints in general, irrespective of their class, is called a goal111Note that the term goal is used in CHR for historical reasons and does not imply that program execution is understood as proof search.. Empty goals and empty constraints are denoted as .

The syntax of constraints is summarized in Def. 2.1.

{definition}

[Constraint Syntax] Let denote an -ary atomic built-in or user-defined constraint, respectively, where is an -ary sequence of terms: Built-in constraint: User-defined constraint: Goal:

stands for the empty constraint or the empty goal, respectively. The set of built-in constraints furthermore contains at least falsity , and the binary constraint , standing for syntactic equality. For any two goals , the goal equivalence relation denotes equivalence with respect to the associativity and commutativity of and the neutrality of the identity element .

Both built-in and user-defined constraints are special cases of goals. The goal equivalence relation does not account for idempotence, thus implicitly imposing a multiset semantics on goals. For example, . We denote the set of variables occurring in a goal as .

A CHR program is a set of rules adhering to the following definition:

{definition}

[Rule Syntax] {longenum}

A CHR rule is of the form

The rule head consists of the kept head and the removed head . Both are user-defined constraints. At least one of them must be non-empty. The guard G is a built-in constraint. The rule body is of the form , where is a built-in constraint and is a user-defined constraint. serves as an identifier for the rule.

The identifier is operationally irrelevant and can be omitted along with the . An empty guard can be omitted along with the . A rule with an empty kept head can be written as . Such a rule is called a simplification rule. A rule where the removed head is empty can be written as . Such a rule is called a propagation rule. A rule where neither nor are empty is called a simpagation rule.

A variant of a rule  with variables  is of the form where is an arbitrary sequence of pairwise distinct variables.

A CHR program is a set of CHR rules.

In anticipation of Section 2.2, we point out that propagation rules may cause trivial non-termination of programs as they do not in general eliminate the pre-condition of their firing. Hence, precautions have to be taken. We refer the reader to \citeNDBLP:conf/cp/Abdennadher97 and \citeNDBLP:conf/iclp/DuckSBH04 for the most common approach based on keeping a history of applied rules and to \citeNDBLP:journals/tplp/BetzRF10 for a more recent approach based on finite representations of infinite program states and computations.

2.2 The Equivalence-Based Semantics

In this section, we recall the operational semantics of CHR. Several formalizations of the operational semantics exist in the literature. We choose the so-called equivalence-based semantics as it contains all the elements that we represent in our linear-logic semantics while allowing for elegant proofs of theoretical properties.

Operationally, built-in and user-defined constraints are handled separately. For the handling of built-in constraints, CHR requires a so-called predefined constraint handler whereas user-defined constraints are handled by the actual user program. We assume that the predefined solver implements a complete and decidable first-order constraint theory over the built-in constraints.

{definition}

[Constraint Theory] A constraint theory is a decidable theory of intuitionistic logic over the built-in constraints. We assume that it is given as a set of formulas of the form

called -axioms where are possibly empty built-in constraints and are possibly empty sets of variables.

It should be noted that defining constraint theories explicitly over intuitionistic rather than full classical logic is non-standard. It is, however, an unproblematic decision because in the operational semantics only judgements over conjunctions of positive literals are considered. Furthermore, this decision allows us to restrict ourselves to the intuitionistic fragment of linear logic when translating constraint theories into linear logic.

CHR itself is a transition system over equivalence classes of program states, which are defined as follows:

{definition}

[CHR State]

  1. A CHR state is a tuple of the form where is a goal called constraint store and is a set of variables called global variables.

  2. For a CHR state , where is a user-defined constraint and is a built-in constraint, we call

    1.  the local variables of S and

    2.  the strictly local variables of S.

  3. A variant of a state with local variables is a state of the form , where is a sequence of pairwise distinct variables that do not occur in .

The state transition system that formalizes the operational semantics builds on the following definition of equivalence between CHR states:

{definition}

[Equivalence of CHR States]

In the following, let denote arbitrary user-defined constraints, built-in constraints, goals, sets of variables a variable and a term. State equivalence, written as , is the smallest equivalence relation over CHR states that satisfies all of the following conditions:

  1. (Goal Transformation)

  2. (Equality as Substitution)

  3. (Application of CT) Let be the strictly local variables of . If then:

  4. (Neutrality of Redundant Global Variables)

  5. (Equivalence of Failed States) For all goals and all sets of variables :

Where there is no ambiguity, we usually write rather than .

While we generally impose a multiset semantics over goals, Definition 2.2.3 implicitly restores the set semantics for built-in constraints within states. When discussing pure CHR – as opposed to its generalization CHR (cf. Sect.5) – we will usually consider states in the following normal form:

{definition}

[Normal Form of CHR States] A CHR state is considered in normal form if it is of the form where is a user-defined constraint called the user-defined store and is a built-in constraint called the built-in store. Such a state is usually written in ternary notation: .

Any state with an inconsistent built-in store is called a failed state as formalized in the following definiton:

{definition}

[Failed State] Any CHR state for some is called a failed state. We use as the default representative for the set of failed states.

The following lemma states several properties following from Def. 2.2 that have been presented and proven in \citeNRaiser2009a:

Lemma 2.1 (Properties of State Equivalence)

The following properties hold in general: {longenum}

(Renaming of Local Variables)

for and and does not occur in or .

(Partial Substitution) Let be a user-defined constraint where some occurrences of are substituted with :

(Logical Equivalence) If

then , where are the local variables of , respectively.

Lemma 2.1.2.1 allows us to assume without loss of generality that the local variables of any two specific states are renamed apart. Concerning Lemma 2.1.2.1, note that logical equivalence of and is a necessary but not a sufficient condition for state equivalence. The linear logic semantics will enable us to formulate a similar condition that is both necessary and sufficient (cf. Sect. 4.2).

The task of deciding equivalence – and more so: non-equivalence – is not always trivial using the axiomatic definition. We quote Theorem 2.2 which gives a necessary, sufficient, and decidable criterion. It uses the following notion of matching:

{definition}

[Matching of Constraints] For user-defined constraints , the matching relation holds if and only if and there exists a permutation such that

The following theorem has been published and proven in [Raiser et al. (2009)].

Theorem 2.2 (Criterion for )

Consider CHR states with local variables  that have been renamed apart. Then if and only if:

We define the notion of local variables of CHR rules, which is necessary for the definition of the operational semantics:

{definition}

[Local Variables in Rules] For a CHR rule , we call the set

the local variables of .

The transition system constituting the operational semantics of CHR is specified in the following definition:

{definition}

[Transition System of ]

CHR is a state transition system over equivalence classes of CHR states defined by the following transition rule, where is a variant of a CHR rule whose local variables are renamed apart from any variable in :

If the applied rule is obvious from the context or irrelevant, we write transition simply as . We denote its reflexive-transitive closure as . In the following, we sometimes write instead of to preserve clarity.

The required disjointness of the local variables from all variables occurring in the pre-transition state outside enforces that fresh variables are introduced for the local variables of the rule. When reasoning about programs, we usually refer to the following observables:

{definition}

[Computables States and Constraints] Let be a CHR state, be a program, and be a constraint theory. We distinguish three sets of observables:

Computable states:
Answers:
Data-sufficient answers:

For all three sets, if the respective constraint theory is clear from the context or not important, it may be omitted from the identifier of the respective set.

As the transition system does not allow transitions from an empty user-defined store (nor from failed states), the data-sufficient answers are a subset of the answers of any state . The following property follows directly:

Property 2.3 (Hierarchy of Observables)

For any state , program and constraint theory , we have:

Confluence is an important property in transition systems. We define it in the usual manner:

{definition}

[Confluence] A CHR program is confluent if for all states such that and , there exists a state such that and .

Confluence restricts the number of possible answers to a query:

Property 2.4

Let be a confluent CHR program. Then for every CHR state , we have and , where denotes cardinality. {proof}[sketch] We assume that for some states and some confluent program , we have and and . Applying Def. 2.2 leads to a contradiction.

A necessary, sufficent and decidable criterion for confluence has been given in \citeNAbdennadher96onconfluence. Example 2.2 presents a standard CHR example program to illustrate our definitions.

{example}

The following program implements a solver for the (user-defined) partial-order constraint . Rule implements idempotence of identical constraints, implements reflexivity, symmmetry and transitivity of the partial-order relation:

The following is a sample derivation, starting from an initial state . According to the usual practice, all variables occurring in the initial state are global. Equivalence transformations are stated explicitly:

(1)
(2)
(3)
(4)

Usually, we do not make equivalence transformations explicit and list only states where local variables are eliminated as far as possible such as the labeled states (1)-(4). The derivation is then reduced to:

(1)
(2)
(3)
(4)

With respect to our observables, we have:

The set is infinite as the operational semantics allows potentially unlimited applications of .

3 Intuitionistic Linear Logic

Linear logic was introduced by \citeNDBLP:journals/tcs/Girard87. Unlike classical logic, linear logic does not allow free copying or discarding of assumptions. It furthermore features a fine distinction between internal and external choice and a faithful embedding of classical logic. In this section, we recall the intuitionistic fragment of linear logic, which is easier to handle than the full fragment but sufficient for our declarative semantics. It allows for a straightforward, faithful embedding of intuitionistic logic.

3.1 Definition

We will give the formal definition in terms of a sequent calculus. The calculus is based on binary sequents of the form

where is a multiset of formulas (written without braces) called antecedent and is a formula called consequent. A sequent represents the fact that assuming the formulas in , we can conclude . A proof tree – or simply: proof – is a finite labeled tree whose nodes are labeled with sequents such that the relationship between every sequent node and its direct children corresponds to one of the inference rules of the calculus. We distinguish a special set of sequents called axioms. A proof tree is called complete if all its leaves are axioms. We call a sequent valid if there exists a complete proof tree with at the root.

The following two structural rules are common to many logical systems. They establish reflexivity and a form of transitivity of the judgement relation.

The tokens of (intuitionistic) linear logic are commonly considered as representing resources rather than truths. This terminology reflects the fact that assumptions may not be copied nor discarded freely in linear logic, but must be used exactly once. From a different point of view, we might say that linear logic consumes assumptions in judgements and is aware of their multiplicities.

Multiplicative conjunction is distinguished from classical or intuitionistic conjunction as it lacks idempotence. Hence, represents exactly one instance of and one instance of . The formula is not equivalent to . Multiplicative conjunction is introduced by the following inference rules:

The constant represents the empty resource and is consequently the neutral element with respect to multiplicative conjunction.

Linear implication allows the application of modus ponens where the preconditions of a linear implication are consumed on application. For example, the sequent is valid whereas is not. The following inference rules introduce :

The ! (“bang”) modality marks stable facts or unlimited resources, thus recovering propositions in the classical (or intuitionistic) sense. Like an classical proposition, a banged resource may be freely copied or discarded. Hence, is a valid sequent. Four inference rules introduce the bang:

{example}

We can model the fact that one cup of coffee () is one euro () as . A “bottomless cup” is an offer including an unlimited number of refills. We assume that any natural number of refills is possible. We model this as . From this, we may judge that it is possible to get two cups of coffee for one euro: . Fig. 1 gives an examplary proof tree, proving this judgement.

Figure 1: A sample proof tree

In classical (and intuitionistic) logic, internal choice is an aspect of conjunction, as exemplified by the judgement . This is inherited by the additive conjunction of linear logic. The formula expresses a choice between and , i.e. the sequents and are valid, but is not.

The (“top”) is the resource that all other resources can be mapped to, i.e. for every , the implication is a tautology. It is hence the neutral element with respect to additive conjunction.

External choice is an aspect of classical (and intuitionistic) disjunction. In linear logic, it is represented by the additive disjunction . Analogous to classical logic, is not valid. However, is valid.

Analogous to falsity in the classical sense, absurdity is a constant that yields every other resource. It is the neutral element with respect to .

{example}

We assume that, besides coffee, the cafeteria offers also pie () at the price of one euro per piece: . We infer that for one euro, we have the choice between an arbitrary amount of coffee and a piece of pie: . Let us furthermore assume that rather than with euros, we can also pay with dollars () at a ratio: . We may infer either one of one dollar or one euro buys us a choice between an arbitrary amount of coffee and one pie.:

We can extend intuitionistic linear logic into a first-order system with the quantifiers and . Their introduction rules are the same as in classical logic. In the following rules, stands for an arbitrary term whereas stands for a variable that is not free in , or :

3.2 Properties of Intuitionistic Linear Logic

The resulting first-order system allows for a faithful embedding of intuitionistic first order logic. This is widely considered one of the most important features of linear logic. The following translation from intuitionistic logic into intuitionistic linear logic is a variant of a translation proposed by \citeNDBLP:journals/mscs/Negri95:

{definition}

is a translation from formulas of intuitionistic logic to formulas of intuitionistic linear logic, recursively defined by the following rules:

 ::=
 ::=
 ::=
 ::=
 ::=
 ::=
 ::=
 ::=

stands for an atomic proposition. The definition is extended to sets and multisets of formulas in the obvious manner. It has been proven in \citeNDBLP:journals/mscs/Negri95 that an intuitionistic sequent is valid if and only if is valid in linear logic.

We distinguish two sorts of axioms in the sequent calculus. The axiom and the constant axioms , , and constitute the logical axioms of intuitionistic linear logic. All axioms we add to the system on top of these are called non-logical axioms or proper axioms. We usually use the letter to denote the set of proper axioms.

We express the fact that a judgement is provable using a non-empty set of proper axioms by indexing the judgement relation with the set of proper axioms: .

{definition}

[Linear-Logic Equivalence] {longenum}

We call two linear-logic formulas logically equivalent if both and are provable. We write this as .

For any set of proper axioms , we call two linear-logic formulas logically equivalent modulo if both and are provable. We write this as .

As a well-behaved logical system, linear logic features a cut-elimination theorem [Girard (1987)]:

Theorem 3.1 (Cut Elimination Theorem)
{longenum}

If a sequent has a proof that does not contain any proper axioms, then it has a proof that contains neither proper axioms nor the rule.

If a sequent has a proof containing proper axioms, then it has a proof where the rule is only used at the leaves such that one of its premises is an axiom.

A proof without any applications of is called cut-free. A proof where is only applied at the leaves is called cut-reduced.

A important consequence of cut elminiation is the subformula property. We quote a weak formulation of the property, which will suffice for our purpose: Every formula in a cut-free proof of a sequent is a subformula of either or , modulo variable renaming. In a cut-reduced proof of a sequent , every formula is a subformula of or , modulo variable renaming, or there exists a proper axiom such that is a subformula of or , modulo variable renaming.

4 A Linear-Logic Semantics for CHR

In this section, we motivate and develop the linear-logic semantics for Constraint Handling Rules. We firstly recall the classical declarative semantics in Sect. 4.1. Then we motivate and present a linear-logic semantics based on proper axioms in Sect. 4.2. We will henceforth call this the axiomatic linear-logic semantics for CHR. Its soundness with respect to the operational semantics is shown in Sect. 4.3. We continue in Sect. 4.4 by introducing the notion of state entailment, which we use to formulate and prove the completeness of our semantics in Sect. 4.5. Finally, in Sect. 4.6, we show an alternative linear-logic semantics that encodes programs and contraints theories into linear logic.

4.1 Analysis of the Classical Declarative Semantics

CHR is founded on a classical declarative semantics, which is reflected in its very syntax. In this section, we recall the classical declarative semantics and discuss its assets and limitations.

In the following, stands for existential quantification of all variables except those in , where is a set of variables. The classical declarative semantics is given in the following table, where stand for translation to classical logic:

States:   ::=
Rules:   ::=
Programs:   ::=

denotes the local variables of the respective rule. The following lemma – cited from \citeNFruhwirth03 – establishes the relationship between the logical readings of programs, constraint theories and states:

Lemma 4.1 ((Logical Equivalence of States))

Let be a CHR program and be a state. Then for all computable states and of , the following holds: .

The declarative semantics of CHR must be distinguished from LP languages and related paradigms as CHR is not based on the notion of execution as proof search. Declaratively, execution of a CHR program means stepwise transformation of the information contained in the state under logical equivalence as defined by the program’s logical reading and the constraint theory . Founding CHR on such a declarative semantics is an obvious choice for several reasons:

Firstly, the notion of execution as proof search naturally implies a notion of search. This stands in contrast to the committed-choice execution of CHR. Furthermore, the forward-reasoning approach faithfully captures the one-sided variable matching between rule heads and constraints in CHR, as opposed to unification. For example, a CHR state (where is a variable) does not match with the rule head (where is a constant) just as we cannot apply modus ponens on a fact and an implication . In contrast, an LP goal would be unified with a rule head , accounting for the fact that application of the rule might lead to a proof of an instance of .

There are, however, several limitations to the classical declarative semantics of CHR, which shall be discussed in the following:

Directionality

One limitation lies in the fact that the classical declarative semantics does not capture the inherent directionality of CHR rules. Rather, all states within a computation are considered logically equivalent. Consider e.g. the minimal CHR program

In this program, we can compute a state from a state but not vice versa. This is not captured in its logical reading which e.g. implies . The classical declarative semantics cannot be used e.g. to show that the state is not a computable state .

Dynamic Change

Any program state that does not only contain declarative information about a supposedly static object world but also meta-information about the program state eludes the semantics. Consider the following program which computes the minimum of a set:

On a fixed-point execution, the program correctly computes the minimum of all arguments of constraints found in the store at the beginning of the computation. Its logical reading, however, is unhelpful at best:

Deliberate Non-Determinism

Any program that makes deliberate use of the inherent non-determinism of CHR has a misleading declarative semantics as well. Consider the following program, which simulates a coin throw in an appropriate probabilistic semantics of CHR (cf. \citeNDBLP:journals/entcs/FruhwirthPW02). (Note that is a variable, and are constants.)

The logical reading of this program implies . From this follows and – since and are distinct constants – falsity . The program’s logical reading is thus inconsistent, trivially implying anything.

Multiplicities

Finally, while CHR faithfully keeps track of the multiplicities of constraints, this aspect eludes the classical semantics. Consider the idempotence rule from Example 2.2, which removes multiple occurrences of the same constraint:

The logical reading of this rule is a tautology, falsely suggesting that the rule is redundant:

In conclusion, the classical declarative semantics is a powerful tool to prove the soundness and a certain notion of completeness of any program whose states contain only model information about a static object world and no explicit meta-information. It faithfully captures the logical theory behind those programs. However, it is not adequate to capture the logic behind programs that deal with any form of meta-information, make deliberate use of non-determinism or rely on the multiplicities of constraints. As it does not capture the inherent directionality of CHR rules, it is not suitable to prove safety conditions, i.e. to show that a certain intermediate or final state cannot be derived from a certain initial state.

4.2 The Axiomatic Linear-Logic Semantics for CHR

Our linear-logic semantics is based on two observations: Firstly, the difference in behaviour between built-in and user-defined constraints in CHR resembles the difference between linear and banged atoms in linear logic. Secondly, the application of simplification rules on user-defined constraints resembles the application of modus ponens in linear logic.

Building on the first observation, we define an adequate representation of CHR constraints in linear logic. Translation to linear logic will be denoted as . For atomic constraints, the choice is obvious:

Classical conjunction is mapped to multiplicative conjunction for both built-in and user-defined constraints.

This mapping is motivated by the fact that multiplicative conjunction is aware of multiplicities and has no notion of weakening, thus capturing the multiset semantics of user-defined constraints. For any built-in constraint , the mapping equals the translation quoted in Def. 3.2: . Accordingly, we map the empty goal to and falsity to . The translation of CHR states is analogous to the classical case:

The translation of constraints, goals and states is summed up in Fig. 2.

Atomic built-in constraints: Atomic user-defined constraints: Falsity: Empty constraint/goal: Constraints/goals: States:

Figure 2: Translation of constraints, goals and states
Proper axioms

The constraint theory , the interaction between equality constraints (which are by definition built-in) and user-defined constraints, and programs are translated to proper axioms. Firstly, we define a set of proper axioms encoding the constraint theory as well as modelling the interaction between equality and user-defined constraints.

{definition}

[()] For built-in constraints and sets of variables such that , the following is a proper axiom:

We denote the set of all such axioms as .

{definition}

[()] If is an n-ary user-defined constraint and are terms such that is the th argument of then

is a proper axiom. We denote the set of all such axioms as .

{definition}

[()] If is a variant of a rule with local variables , the sequent

is a proper axiom. For a program , we denote the set of all axioms derived from its rules as .

The existential quantification of the local variables corresponds to the fact that these variables are by definition disjoint from , assuring that fresh variables are introduced for the local variables of the rule. Fig. 3 sums up the three sets of proper axioms, represented as inference rules.

Figure 3: The axiomatic linear-logic semantics, represented as inference rules

In anticipation of the soundness theorem presented in Sect. 4.3, we give an example of a CHR derivation and show that it corresponds to a valid linear logic judgement:

{example}

Let be the partial-order constraint solver from Example 2.2 and let be a minimal constraint theory. We observe that under , we have:

This corresponds to the judgement or , respectively, where . The following is a proof of this judgement:

The sequent is a tautology and as such could be derived without proper axioms, but it is also trivially included in .

While the soundness result for our semantics is straightforward, defining completeness is not quite as simple. Consider the following example:

{example}

In the proof tree given in Example 4.2 we use the following proper axiom from :

This implies:

We observe, however, that is untrue.

In the following section, we prove the soundness of our semantics. In Sect. 4.4, we develop the notion of state entailment. We will apply this notion to specify and prove a completeness result in Sect. 4.5.

4.3 Soundness of the Linear Logic Semantics

In this section, we prove the soundness of the axiomatic linear-logic semantics for CHR with respect to the operational semantics.

Lemma 4.2 (())

Let be a constraint theory and . For arbitrary CHR states , we have:

{proof}

[sketch] We prove that state equivalence implies linear judgement by showing that every of the conditions given for in Def. 2.2 implies : Def. 2.2.1 implies linear judgement since multiplicative conjunction is associatice, commutative and invariant w.r.t. , thus corresponding to goal equivalence. For Def. 2.2.2, linear judgement is guaranteed, as allow us to prove . For Def. 2.2.3, it is similarly guaranteed by . Def. 2.2.4 implies linear judgement since the addition or removal of a global variable not occurring in a state does not change the logical reading of the state. W.r.t. Def. 2.2.5, linear judgement holds since is valid for any . All the above arguments can be shown to apply in the reverse direction as well, thus proving compliance with the implicit symmetry of . The implicit reflexivity and transitivity of state equivalence comply with linear judgement due to the and rules.

Theorem 4.3 states the soundness of our semantics.

Theorem 4.3 (Soundness)

Let be a program, be a constraint theory, and . Then for arbitrary states , we have:

{proof}

Let be states such that . According to Def. 2.2, there exists a variant of a rule with fresh variables and states , such that and . Consequently, contains:

From which we prove:

The local variables of are by Def. 2.2 disjoint from . Hence, we have:

This corresponds to . Lemma 4.2 proves that . As the judgement relation is transitive and reflexive, we can generalize the relationship to the reflexive-transitive closure .

4.4 State Entailment

In this section, we define the notion of entailment, which we will use to formulate our theorem of completeness. We present it alongside various properties that follow from it and that will be used in upcoming sections.

{definition}

State entailment, written as , is the smallest partial-order relation over equivalence classes of CHR states that satisfies the following conditions:

  1. (Weakening of the Built-In Store) For states with local variables such that , we have:

  2. (Omission of Global Variables)

To simplify notation, we often write instead of . Theorem 4.4 gives a decidable criterion for state entailment. The criterion requires that the global variables of the entailed state are contained in the global variables of the entailing state. This is never a problem, as we may choose representatives of the respective equivalence classes that satisfy the condition.

Theorem 4.4 (Criterion for )

Let