CS--1989-18

Higher-Order Logic as theBasis for Logic Programming

Gopalan Nadathur

Department of Computer Science

Duke University

Durham, North Carolina 27708-0129

HIGHER-ORDER HORN CLAUSESGOPALAN NADATHURDuke University, Durham, North CarolinaDALE MILLERUniversity of Pennsylvania, Philadelphia, PennsylvaniaAbstract: A generalization of Horn clauses to a higher-order logic is described and ex-amined as a basis for logic programming. In qualitative terms, these higher-order Hornclauses are obtained from the �rst-order ones by replacing �rst-order terms with simplytyped �-terms and by permitting quanti�cation over all occurrences of function symbolsand some occurrences of predicate symbols. Several proof-theoretic results concerningthese extended clauses are presented. One result shows that although the substitutions forpredicate variables can be quite complex in general, the substitutions necessary in the con-text of higher-order Horn clauses are tightly constrained. This observation is used to showthat these higher-order formulas can specify computations in a fashion similar to �rst-orderHorn clauses. A complete theorem proving procedure is also described for the extension.This procedure is obtained by interweaving higher-order uni�cation with backchaining andgoal reductions, and constitutes a higher-order generalization of SLD-resolution. These re-sults have a practical realization in the higher-order logic programming language called�Prolog.Categories and Subject Descriptors: D.3.1 [Programming Languages]: Formal De�-nitions and Theory | syntax; F.4.1 [Mathematical Logic and Formal Languages]:Mathematical Logic | logic programming; I.2.3 [Arti�cial Intelligence]: Deduction andTheorem Proving | logic programmingGeneral Terms: Languages, TheoryAdditional Key Words and Phrases: Higher-order logic, higher-order uni�cation, Hornclauses, Prolog, SLD-resolutionThe work of G. Nadathur was funded in part by NSF grant MCS-82-19196 and a Burroughscontract. The work of D. Miller was funded by NSF grant CCR-87-05596 and DARPAgrant N000-14-85-K-0018.Authors' current addresses: G. Nadathur, Computer Science Department, Duke Univer-sity, Durham, NC 27706; D. Miller, Department of Computer and Information Science,University of Pennsylvania, Philadelphia, PA 19104-6389.1

1. IntroductionA principled analysis of the nature and role of higher-order notions within logic pro-gramming appears to be absent from the literature on this programming paradigm. Someattempts, such as those in [34], have been made to realize higher-order features akin tothose in functional programming languages, and have even been incorporated into mostexisting versions of the language Prolog. These attempts are, however, unsatisfactory fromtwo perspectives. First, they have relied on the use of ad hoc mechanisms and hence areat variance with one of the strengths of logic programming, namely its basis in logic. Sec-ond, they have not taken full cognizance of the di�erence between the functional and logicprogramming paradigms and, consequently, of potential di�erences between higher-ordernotions in these paradigms.Towards �lling this lacuna, this paper initiates investigations into a logical basis forhigher-order features in logic programming. The principal concern here is that of describingan extension to Horn clauses [33], the basis of languages such as Prolog [32], by using ahigher-order logic. The use of the term \extension" clearly signi�es that there is somecharacter of Horn clauses that is to be retained. This character may most conveniently beenunciated in the context of a generalized version of Horn clauses that is, in some senses,closer to actual realizations of logic programming. Letting A represent an atomic formula,we identify goal formulas as those given by the ruleG ::= A j G1 _G2 j G1 ^G2 j 9xG;and de�nite sentences as the universal closure of atomic formulas and of formulas of theform G � A; the symbol G is used in each case as a syntactic variable for a goal formula.These formulas are related to Horn clauses in the following sense: Within the frameworkof classical �rst-order logic, the negation of a goal formula is equivalent to a set of negativeHorn clauses and, similarly, a de�nite sentence is equivalent to a set of positive Hornclauses. Now, if P is a set of de�nite sentences and ` denotes provability in (classical)�rst-order logic, then the following properties may be noted:(i) P ` 9xG only if there is a term t such that P ` G[t=x], where G[t=x] represents theresult of substituting t for all the free occurrences of x in G.(ii) P ` G1 _G2 only if P ` G1 or P ` G2.(iii) P ` G1 ^G2 only if P ` G1 and P ` G2.(iv) If A is an atomic formula, then P ` A only if either (a) A is a substitution instance ofa formula in P, or (b) there is a substitution instance of the form G � A of a de�nitesentence in P such that P ` G.While the converse of each property above follows from the meanings of the logicalconnectives and quanti�ers, these properties themselves are a consequence of the special2

structure of goal formulas and de�nite sentences. The importance of these properties is inthe role they play in the computational interpretation accorded to these formulas. Logicprogramming is based on construing a collection, P, of de�nite sentences as a programand a goal formula, G, as a query. The idea of a computation in this context is that ofconstructing a proof of the existential closure of G from P and, if this process is successful,of extracting from this proof a substitution instance of G that is provable from P. Theconsistency of this view is apparently dependent on (i). In a more �ne-grained analysis,(i){(iv) collectively support a feature of importance to logic programming, namely theability to construe each formula as contributing to the speci�cation of a search, the na-ture of the search being described through the use of logical connectives and quanti�ers.Thus, (ii) and (iii) permit the interpretation of the propositional connectives _ and ^ asprimitives for specifying non-deterministic or and and branches in a search, and (i) war-rants the conception of the existential quanti�er as the means for describing an in�nite(non-deterministic) or branch where the branches are parameterized by the set of terms.Similarly, (iv) permits us to interpret a de�nite sentence as partially de�ning a procedure:For instance, the formula G � A corresponds to the description that an attempt to solve aprocedure whose name is the predicate head of A may be made by trying to solve the goalG. As a �nal observation, we see that (i){(iv) readily yield a proof procedure, closely re-lated to SLD-resolution [2], that, in fact, forms the computational machinery for realizingthis programming paradigm.The properties discussed above thus appear to play a central role in the context oflogic programming, and it is desirable to retain these while extending the formulas under-lying this programming paradigm. This paper provides one such extension. The formulasdescribed here may, in an informal sense, be characterized as those obtained from �rst-order goal formulas and de�nite sentences by supplanting �rst-order terms with the termsof a typed �-calculus and by permitting quanti�cation over function and predicate sym-bols. These formulas provide for higher-order features of two distinct kinds within logicprogramming. The �rst arises out of the presence of predicate variables. Given the cor-respondence between predicates and procedures in logic programming, this facilitates thewriting of procedures that take other procedures as arguments, a style of programmingoften referred to as higher-order programming. Occurrences of predicate variables are re-stricted and so also are the appearances of logical connectives in terms, but the restrictionsare well motivated from a programming perspective. They may, in fact, be informally un-derstood as follows. First, the name of a procedure de�ned by a de�nite sentence, i.e. thehead of A in a formula of the form G � A, must not be a variable. Second, only thoselogical connectives that may appear in the top-level logical structure of a goal formula arepermitted in terms; the picture here is that when a predicate variable in the body of a pro-cedure declaration is instantiated, the result is expected to be a legitimate goal formula or3

query. The quanti�cation over predicate variables that is permitted and the correspondingenrichment to the term structure are however su�cient to allow a direct emulation withinlogic programming of various higher-order functions (such as the map and reduce functionsof Lisp) that have been found to be useful in the functional programming context.The second, and truly novel, feature of our extension is the provision of �-termsas data structures. There has been a growing interest in recent years in programmingenvironments in which complex syntactic objects such as formulas, programs and proofscan be represented and manipulated easily [6, 11, 31]. In developing environments ofthis kind, programming languages that facilitate the representation and manipulation ofthese kinds of objects play a fundamental role. As is evident from the arguments providedelsewhere [16, 22, 30, 28], the representation of objects involving the notion of binding,i.e. objects such as formulas, programs and proofs, is best achieved through the use of aterm language based on the �-calculus. The task of reasoning about such objects in turnplaces an emphasis on a programming paradigm that provides primitives for examiningthe structure of �-terms and that also supports the notion of search in an intrinsic way.Although the logic programming paradigm is a natural choice from the latter perspective,there is a need to enrich the data structures of a language such as Prolog before it isgenuinely useful as a \metalanguage". The analysis in this paper provides for a languagewith such an enrichment and consequently leads to a language that potentially has severalnovel applications. Detailed experiments in some of the application realms show that thispotential is in fact borne out. The interested reader may refer, for instance, to [7, 13, 20,22, 25, 29] for the results of these experiments.It should be mentioned that the extension to �rst-order Horn clauses described inthis paper is not the only one possible that preserves the spirit of properties (i){(iv).The primary aim here is that of examining the nature and role of higher-order notionswithin logic programming and this underlies the focus on enriching only the nature ofquanti�cation within (�rst-order) Horn clauses. It is possible, however, to consider otherenrichments to the logical structure of these formulas, perhaps after explaining what itmeans to preserve the spirit of properties (i){(iv) if a richer set of connectives is involved.Such a task is undertaken in [23]. Brie y, a proof-theoretic criterion is presented thereinfor determining when a logical language provides the basis for logic programming andthis is used to describe a family of extensions to �rst-order Horn clauses. The \richest"extension described in [23] replaces de�nite sentences by a class of formulas called higher-order hereditary Harrop or hohh formulas. The higher-order de�nite sentences of this paperare a subclass of the latter class of formulas. Further, the use of hohh formulas providesfor notions such as modules, abstract data types and lexical scoping in addition to higher-order features within logic programming. There is, however, a signi�cant distinction tobe made between the theory of the higher-order Horn clauses presented in this paper and4

of the hohh formulas presented in [23]. The distinction, expressed informally, is that theprogramming interpretation of higher-order de�nite sentences accords well with classicallogic, whereas a shift to intuitionistic logic is required in the context of hohh formulas.This shift in semantic commitment may not be acceptable in some applications of logicprogramming. Despite this di�erence, it is to be noted that several of the proof-theoretictechniques presented in this paper have been generalized and utilized in [23]. It is in facta perceived generality of these techniques that justi�es their detailed presentation here.This rest of this paper is organized as follows. In the next section we describe thehigher-order logic used in this paper, summarizing several necessary logical notions in theprocess. The axiomatization presented here for the logic is in the style of Gentzen [9]. Theuse of a sequent calculus, although unusual in the literature on logic programming (see [4]for an exception), has several advantages. One advantage is the simpli�cation of proof-theoretic discussions that we hope this paper demonstrates. In another direction, it is thecasting of our arguments within such a calculus that has been instrumental in the discoveryof the \essential" character of logic programming and thereby in the description of furtherlogical extensions to it [18, 23]. In Section 3, we outline the classes of formulas within thislogic that are our generalizations to �rst-order goal formulas and de�nite sentences. Section4 is devoted to showing that these formulas satisfy properties (i){(iv) above when ` isinterpreted as provability in the higher-order logic. The main problem here is the presenceof predicate variables; substitutions for these kinds of variables may, in general, alter thelogical structure of formulas in which they appear and thus complicate the nature of proofs.Fortunately, as we show in the �rst part of Section 4, predicate variable substitutions canbe tightly constrained in the context of our higher-order formulas. This result is thenused to show that these formulas provide a satisfactory basis for a logic programminglanguage. In Section 5 we describe a theorem-proving procedure that provides the basisfor an interpreter for such a language. This procedure interweaves higher-order uni�cation[15] with backchaining and goal reductions and constitutes a higher-order generalizationto SLD-resolution. These results have been used to describe a logic programming languagecalled �Prolog. A presentation of this language is beyond the scope of this paper but maybe found in [21, 25, 27].2. A Higher-Order LogicThe higher-order logic used in this paper is derived from Church's formulation of thesimple theory of types [5] principally by the exclusion of the axioms concerning in�nity,choice, extensionality and description. Church's logic is particularly suited to our purposessince it is obtained by superimposing logical notions over the calculus of �-conversion. Ouromission of certain axioms is based on a desire for a logic that generalizes �rst-order logic5

by providing a stronger notion of a variable and a term, but at the same time encompassesonly the most primitive logical notions that are relevant in this context; only these notionsappear to be of consequence from the perspective of computational applications. Our logicis closely related to that of [1], the only real di�erences being the inclusion of �-conversionas a rule of inference and the incorporation of a larger number of propositional connectivesand quanti�ers as primitives. We describe this logic below, simultaneously introducing thelogical vocabulary used in the rest of the paper.The Language. The language used is based on a typed �-calculus. The types inthis context are determined by a set S of sorts, that contains at least the sort o andone other sort, and by a set C of type constructors each member of which has a uniquepositive arity: The class of types is then the smallest collection that includes (i) everysort, (ii) (c �1 : : : �n), for every c 2 C of arity n and every �1; : : : ; �n that are types, and(iii) (� ! �) for every � and � that are types. We refer to the types obtained by virtueof (i) and (ii) as atomic types and to those obtained by virtue of (iii) as function types.In an informal sense, each type may be construed as corresponding to a set of objects.Understood in this manner, (�1 ! �2) corresponds to the collection of functions each ofwhose domain and range is determined by �1 and �2, respectively. In writing types, theconvention that ! associates to the right is often used to omit parentheses. In this paper,the letters � and � are used, perhaps with subscripts, as syntactic variables for types. Anarbitrary type is occasionally depicted by an expression of the form (�1 ! � � � ! �n ! �)where � is assumed to be an atomic type. When a type is displayed in this form, we referto �1; : : : ; �n as its argument types and to � as its target type. The use of such a notationfor atomic types is justi�ed by the convention that the argument types may be an emptysequence.We now assume that we are provided with a denumerable set, Var�, of variables foreach type �, and with a collection of constants of arbitrary given types, such that thesubcollection at each type � is denumerable and disjoint from Var�. The latter collectionis assumed to contain at least one member of each type, and to include the following in�nitelist of symbols called the logical constants: > of type o, � of type o ! o, ^, _ and � oftype o! o! o, and, for each �, � and � of type (�! o)! o. The remaining constantsare referred to as parameters. The class of formulas or terms is then de�ned inductivelyas follows:(i) A variable or a constant of type � is a formula of type �.(ii) If x is a variable of type �1 and F is a formula of type �2 then [�x:F ] is a formula oftype �1 ! �2, and is referred to as an abstraction that binds x and whose scope is F .(iii) If F1 is a formula of type �1 ! �2 and F2 is a formula of type �1 then [F1 F2], referredto as the application of F1 to F2, is a formula of type �2.6

Certain conventions concerning formulas are employed in this paper. First, lower-caseletters are used, perhaps with subscripts, to denote formulas that are variables; such ausage may occur at the level of either the object or the meta language. Similarly, upper-case letters are used to denote parameters at the object level and arbitrary formulas inthe meta language. Second, in the interest of readability, the brackets that surroundexpressions formed by virtue of (ii) and (iii) above are often omitted. These may berestored by using the conventions that abstraction is right associative, application is leftassociative and application has smaller scope than abstraction. Finally, although eachformula is speci�ed only in conjunction with a type, the types of formulas are seldomexplicitly mentioned. Such omissions are justi�ed on the basis that the types are eitherinferable from the context or inessential to the discussion at hand.The rules of formation serve to identify the well-formed subparts of each formula.Speci�cally, G is said to occur in, or to be a subformula of, F if (a) G is F , or (b) Fis �x:F1 and G occurs in F1, or (c) F is [F1 F2] and G occurs in either F1 or F2. Anoccurrence of a variable x in F is either bound or free depending on whether it is or is notan occurrence in the scope of an abstraction that binds x. x is a bound (free) variable of Fif it has at least one bound (free) occurrence in F . F is a closed formula just in case it hasno free variables. We write F(F ) to denote the set of free variables of F . This notation isgeneralized to sets of formulas and sets of pairs of formulas in the following way: F(D) isSfF(F ) j F 2 Dg if D is a set of formulas and SfF(F1)[F(F2) j hF1; F2i 2 Dg if D is aset of pairs of formulas.The type o has a special signi�cance. Formulas of this type correspond to propositions,and a formula of type �1 ! � � � ! �n ! o is a predicate of n arguments whose ithargument is of type �i. In accordance with the informal interpretation of types, predicatesmay be thought of as representing sets of n-tuples or relations. The logical constants areintended to be interpreted in the following manner: > corresponds to the tautologousproposition, the (propositional) connectives �, _, ^, and � correspond, respectively, tonegation, disjunction, conjunction, and implication, and the family of constants � and �are, respectively, existential and universal quanti�ers, viewed as propositional functions ofpropositional functions. There are certain notational conventions pertaining to the logicalconstants that �nd use below. First, disjunction, conjunction and implication are writtenas in�x operations; e.g. [_F G] is usually written as [F _G]. Second, the expressions [9x:F ]and [8x:F ] serve as abbreviations for [��x:F ] and [��x:F ]; these abbreviations illustratethe use of � and � along with abstractions to create the operations of existential anduniversal quanti�cation familiar in the context of �rst-order logic. Finally �x is sometimesused as an abbreviation for a sequence of variables x1; : : : ; xn. In such cases, the expression9�x:F serves as a shorthand for 9x1: : : : 9xn:F . Similar interpretations are to be bestowedupon 8�x:F and ��x:F . 7

The Calculus of �-Conversion. In the interpretation intended for the language, � isto correspond to the abstraction operation and juxtaposition to the operation of functionapplication. These intentions are formalized by the rules of �-conversion. To de�ne theserules, we need the operation of replacing all free occurrences of a variable x in the formulaF by a formula G of the same type as x. This operation is denoted by SxG F and may bemade explicit as follows:(i) If F is a variable or a constant, then SxG F is G if F is x and F otherwise.(ii) If F is of the form �y:C, then SxG F is F if y is x and �y:SxGC otherwise.(iii) If F is of the form [C D], then SxG F = [(SxGC) (SxGD)].In performing this operation of replacement, there is the danger that the free variables ofG become bound inadvertently. The term \G is free for x in F" describes the situations inwhich the operation is logically correct, i.e. those situations where x does not occur free inthe scope of an abstraction in F that binds a free variable of G. The rules of �-conversion,�-conversion and �-conversion are then, respectively, the following operations on formulas:(1) Replacing a subformula �x:F by �y:Sxy F provided y is free for x in F and y is notfree in F .(2) Replacing a subformula [�x:F ]G by SxG F provided G is free for x in F and vice versa.(3) Replacing a subformula �x:[F x] by F provided x is not free in F and vice versa.The rules above, collectively referred to as the �-conversion rules, are used to de�nethe following relations on formulas.2.1. De�nition. F �-conv (�-conv, �) G just in case there is a sequence of applicationsof the �-conversion (respectively �- and �-conversion, �-conversion) rules that transformsF into G.The three relations thus de�ned are evidently equivalence relations. They correspond, infact, to notions of equality between formulas based on the following informal interpretationof the �-conversion rules: �-conversion asserts that the choice of name for the variablebound by an abstraction is unimportant, �-conversion relates an application to the resultof evaluating the application, and �-conversion describes a weak notion of extensionalityfor formulas. In this paper we use the strongest of these notions, i.e. we consider F and Gequal just in case F �-conv G. There are certain distinctions to be made between formulasby omitting the rules of �-conversion, but we feel that these are not important in ourcontext.A formula F is said to be a �-normal form if it does not have a subformula of theform [�x:A]B, and a �-normal form if, in addition, it does not have a subformula of theform �x:[Ax] with x not occurring free in A. If F is a �-normal form (�-normal form)8

and G �-conv (�-conv) F , then F is said to be a �-normal (�-normal) form of G. Fromthe Church-Rosser Theorem, described in, e.g., [3] for a �-calculus without type symbolsbut applicable to the language under consideration as well, it follows that a �-normal(�-normal) form of a formula is unique up to a renaming of bound variables. Further,it is known [1, 8] that a �-normal form exists for every formula in the typed �-calculus;this may be obtained by repeatedly replacing subformulas of the form [�x:A]B by SxB A,preceded, perhaps, by some �-conversion steps. Such a formula may be converted into a�-normal form by replacing each subformula of the form �x:[Ax] where x does not occurfree in A by A. In summary, any formula F may be converted into a �-normal form thatis unique up to �-conversions. We denote such a form by �norm(F ). Occasionally, weneed to talk of a unique normal form and, in such cases, we use �(F ) to designate what wecall the principal normal form of F . Determining this form essentially requires a namingconvention for bound variables and a convention such as that in [1] will su�ce for ourpurposes.The existence of a �-normal form for each formula provides a mechanism for deter-mining whether two formulas are equal by virtue of the �-conversion rules. These normalforms also facilitate the discussion of properties of formulas in terms of a representative foreach of the equivalence classes that has a convenient structure. In this context, we notethat a �-normal form is a formula that has the structure�x1: : : : �xn:[AF1 : : : Fm]where A is a constant or variable, and, for 1 � i � m, Fi also has the same form. Werefer to the sequence x1; : : : ; xn as the binder, to A as the head and to F1; : : : ; Fm as thearguments of such a formula; in particular instances, the binder may be empty, and theformula may also have no arguments. Such a formula is said to be rigid if its head, i.e.A, is either a constant or a variable that appears in the binder, and exible otherwise. Aformula having the above structure is also a �-normal form if Fm is not identical to xnand, further, each of the Fis also satisfy this constraint. In subsequent sections, we shallhave use for the structure of �-normal forms of type o. To describe this, we �rst identify anatom as a �-normal form whose leftmost symbol that is not a bracket is either a variableor a parameter. Then, a �-normal form of type o is one of the following: (i) >, (ii) anatom, (iii) �F , where F is a �-normal form of type o, (iv) [F _ G], [F ^ G], or [F � G]where F and G are �-normal forms of type o, or (v) �P or �P , where P is a �-normalform.Substitutions. A substitution is a set of the form fhxi; Fii j 1 � i � ng, where, for1 � i � n, each xi is a distinct variable and Fi is a formula in principal normal form ofthe same type as, but distinct from, xi; this substitution is a substitution for fx1; : : : ; xng,9

and its range is fF1; : : : ; Fng. A substitution may be viewed as a type preserving mappingon variables that is the identity everywhere except the points explicitly speci�ed. Thismapping may be extended to the class of all formulas in a manner consistent with thisview: If � = fhxi; Fii j 1 � i � ng and G is any formula, then�(G) = �([�x1: : : : �xn:G]F1 : : : Fn)This de�nition is independent of the order in which we take the pairs from �. Further, givenour notion of equality between formulas, the application of a substitution to a formula Gis evidently a formalization of the idea of replacing the free occurrences of x1; : : : ; xn in Gsimultaneously by the formulas F1; : : : ; Fn.We need certain terminology pertaining to substitutions, and we summarize these here.A formula F is said to be an instance of another formula G if it results from applying asubstitution to G. The restriction of a substitution � to a set of variables V, denoted by� " V, is given as follows � " V = fhx; F i j hx; F i 2 � and x 2 Vg:It is evident that �(G) = (� " F(G))(G). The composition of two substitutions �1 and�2, written as �1 � �2, is precisely the composition of �1 and �2 when these are viewedas mappings: �1 � �2(G) = �1(�2(G)). Two substitutions, �1 and �2 are said to be equalrelative to a set of variables V if it is the case that �1 " V = �2 " V; this relationship isdenoted by �1 =V �2. �1 is said to be less general than �2 relative to V, a relationshipdenoted by �1 �V �2, if there is a substitution � such that �1 =V � � �2. Finally, weshall sometimes talk of the result of applying a substitution to sets of formulas and tosets of pairs of formulas. In the �rst case, we mean the set that results from applying thesubstitution to each formula in the set, and, in the latter case, we mean the set of pairsthat results from the application of the substitution to each element in each pair.The Formal System. The notion of derivation used in this paper is formalized bymeans of the sequent calculus LKH that is a higher-order extension to the logistic classicalcalculus LK of [9]. A sequent within the calculus LKH is an expression of the formF1; : : : ; Fn �! G1; : : : ; Gmwhere n � 0, m � 0, and, for 1 � i � n and 1 � j � m, Fi and Gj are formulas; thelisting F1; : : : ; Fn is the antecedent of the sequent, and G1; : : : ; Gm forms its succedent.The initial sequents or axioms of the calculus are �! > and the sequents of the formA �! A0 where A and A0 are atomic formulas such that A � A0. The inference �guresare the arrangements of sequents that result from the schemata in Figures 2.1 and 2.210

by replacing (i) the �s and �s by �nite sequences of formulas of type o, (ii) A and Bby formulas of type o, (iii) A0, in the schemata designated by �, by a formula resultingby a sequence of �-conversions from the formula that replaces A in the lower sequent ofthe schema, and, �nally, (iv) P , C, and y in the schemata designated by ��IS, ��IS,��IA, and ��IA by, respectively, a formula of type � ! o, a formula of type �, and aparameter or variable of type � that does not occur free in any formulas substituted intothe lower sequent, for some choice of �. An inference �gure is classi�ed as a structural oran operational one, depending on whether it results from a schema in Figure 2.1 or 2.2. Inthe operational inference �gures, we designate the formula substituted for the expressioncontaining the logical constant as the principal formula of the �gure. Some operationalinference �gures contain two upper sequents, and these are referred to, respectively, as theleft and right upper sequents of the �gure.Thinning: in the antecedent� �! �A;� �! � in the succedent� �! �� �! �; AContraction: in the antecedentA;A;� �! �A;� �! � in the succedent� �! �; A;A� �! �; AInterchange: in the antecedent�1; B;A;�2 �! ��1; A;B;�2 �! � in the succedent� �! �1; A;B;�2� �! �1; B;A;�2�: in the antecedentA0;� �! �A;� �! � in the succedent� �! �; A0� �! �; AFigure 2.1: The LKH Structural Inference Figure SchemataIntrinsic to a sequent calculus is the notion of a derivation or proof �gure. Theseare tree-like arrangements of sequents that combine to form inference �gures such that(i) each sequent, with the exception of one called the endsequent, is the upper sequent ofexactly one inference �gure, (ii) each sequent is the lower sequent of at most one inference�gure and those sequents that are not the lower sequents of any inference �gure are initialsequents. Such an arrangement constitutes a derivation for its endsequent. If there is a11

� �! �; A ��IA�A;� �! � A;� �! � ��IS� �! �;�AA;� �! � B;� �! � _�IAA _ B;� �! �� �! �; A _�IS� �! �; A _B � �! �; B _�IS� �! �; A _BA;� �! � ^�IAA ^B;� �! � B;� �! � ^�IAA ^B;� �! �� �! �; A � �! �; B ^�IS� �! �; A ^ B�1 �! �1; A B;�2 �! �2 ��IAA � B;�1;�2 �! �1;�2A;� �! �; B ��IS� �! �; A � B�([P y]);� �! � ��IA�P;� �! � � �! �; �([P C]) ��IS� �! �;�P�([P C]);� �! � ��IA�P;� �! � � �! �; �([P y]) ��IS� �! �;�PFigure 2.2: The LKH Operational Inference Figure Schemataderivation for � �! A, where A is a formula, then A is said to be provable from �. A pathin a derivation is a sequence of sequents whose �rst member is the endsequent and whoselast member is an initial sequent, and of which every member except the �rst is the uppersequent of an inference �gure whose lower sequent is the preceding member. The height of12

the proof �gure is the length of the longest path in the �gure. Each sequent occurrencey ina derivation is on a unique path, and we refer to the number of sequents that precede it onthis path as its distance from the endsequent. The notion of a derivation is relativized toparticular sequent calculi by the choice of initial sequents and inference �gures, and we usethis observation in Section 4. Our current focus is on the calculus LKH, and we intendunquali�ed uses of the term \derivation" below to be read as LKH-derivation.It is of interest to note that if �-conversion is added as a rule of inference to thesystem T of [1], then the resulting system is equivalent to the calculus LKH in the sensedescribed in [9]. Speci�cally, let us say that the associated formula of the sequent � �! �is ^� � _� if neither the antecedent nor the succedent is empty, _� if only the antecedentis empty, ^� � p^�p if only the succedent is empty, and p^�p if the antecedent and thesuccedent are both empty; p is a designated propositional variable here, and [^�] and [_�]are to be read as conjunctions and disjunctions of the formulas in � and � respectively. Itis then the case that a derivation exists for � �! � if and only if its associated formulais a theorem of T with the rule of �-conversion; we assume here that the symbols ^, �and � are introduced via abbreviations in T .The reader familiar with [9] may notice several similarities between the calculi LKand LKH. One di�erence between these is the absence of the Cut inference �gure inLKH. This omission is justi�ed by the cut-elimination result for the version of higher-order logic under consideration [1]. Another, apparently super�cial, di�erence is in theuse in LKH of �-conversion to capture the notion of substitution in inference �gurespertaining to quanti�ers. The only signi�cant di�erence, then is in the richer syntax offormulas and the presence of the � inference �gures in LKH. We note in particular thatthe presence of predicate variables in formulas of LKH enables substitutions to changetheir logical structure. As a result, it is possible to describe several complex derivations ina concise form in this higher-order logic. However, this facet makes the task of constructingsatisfactory proof procedures for this logic a di�cult one. In fact, as we shall see shortly,considerable care must be taken even in enunciating and verifying the proof-theoreticproperties of our higher-order formulas.3. Higher-Order De�nite Sentences and Goal FormulasUsing the higher-order logic of the previous section, the desired generalizations to �rst-order de�nite sentences and goal formulas may be identi�ed. Intrinsic to this identi�cationis the notion of a positive formula. As made precise by the following de�nition, these arethe formulas in which the symbols �, � and � do not appear.y The quali�cation \occurrence" will henceforth be assumed implicitly where necessary.13

3.1. De�nition. The class of positive formulas, PF , is the smallest collection of formulassuch that (i) each variable and each constant other than �, � and � is in PF , and (ii) theformulas �x:A and [AB] are in PF if A and B are in PF . The Positive Herbrand Universe,H+, is the collection of all �-normal formulas in PF , and the Herbrand Base, HB, is thecollection of all closed formulas in H+.As will become apparent shortly,HB in our context plays the same role as the HerbrandUniverse does in the context of other discussions of logic programming: it is the domainof terms that is used in describing the results of computations.3.2. De�nition. A higher-order goal formula is a formula of type o in H+. A positiveatom is an atomic goal formula, i.e. an atom in H+. A higher-order de�nite formula isany formula of the form 8�x:G � A where G is a goal formula, A is a rigid positive atom;in particular, �x may be an empty sequence, i.e. the quanti�cation may be absent. Such aformula is a higher-order de�nite sentence if it is closed, i.e. if �x contains all the variablesfree in G and A. The quali�cation \higher-order" used in this de�nition is intended todistinguish the formulas de�ned from the �rst-order formulas of the same name and maybe omitted if, by so doing, no confusion should arise.A formula is a positive atom if it is either > or of the form [AF1 : : : Fn] where A is aparameter or a variable and, for 1 � i � n, Fi is a positive formula, and is a rigid positiveatom if, in the latter case, A is also a parameter. It is easily veri�ed that a goal formulamust be one of the following: (i) a positive atom, (ii) A _B or A^B, where A and B aregoal formulas, or (iii) �P where P is a predicate in H+; in the last case, we observe thatit is equivalent to a formula of the form 9x:G where G is a goal formula. Thus, we see thatthe top-level logical structure of de�nite sentences and goal formulas in the higher-ordersetting is quite similar to those in the �rst-order context. The �rst-order formulas are,in fact, contained in the corresponding higher-order formulas under an implicit encodingthat essentially assigns types to the �rst-order terms and predicates. To be precise, if i isa sort other that o, the encoding assigns the type i to variables and constants, the typei ! � � � ! i ! i, with n + 1 occurrences of i, to each n-ary function symbol, and thetype i! � � � ! i! o, with n occurrences of i, to each n-ary predicate symbol. Looked atdi�erently, our formulas contain within them a many-sorted version of �rst-order de�nitesentences and goal formulas. However, they do embody a genuine generalization to the�rst-order formulas in that they may contain complex terms that are constructed by theuse of abstractions and applications and, further, may also include quanti�cations overvariables that correspond to functions and predicates. The following examples serve toillustrate these additional facets.3.3. Example. Let list be a 1-ary type constructor and let int be a sort. Further, letnil and cons be parameters of type (list int) and int! (list int)! (list int) respectively,14

and let mapfun be a parameter of type (int ! int) ! (list int) ! (list int) ! o. Thenthe two formulas below are de�nite sentences:8f:[> � [mapfun f nil nil]],8f:8x:8l1:8l2:[[mapfun f l1 l2] � [mapfun f [cons x l1] [cons [f x] l2]]];f is evidently a function variable in these formulas. If 1, 2, and and g are parameters oftype int, int, and int! int! int respectively, the following is a goal formula:9l:[mapfun [�x:[g x 1]] [cons 1 [cons 2nil]] l].Observe that this formula contains the higher-order term �x:[g x 1].3.4. Example. Let primrel be a parameter of type (i ! i ! o) ! o and let rel,wife, mother, jane, and mary be parameters of appropriate types. The following arethen de�nite sentences:[> � [mother janemary]], [> � [wife john jane]];[> � [primrelmother]], [> � [primrel wife]], 8r:[[primrel r] � [rel r]],8r:8s:[[[primrel r] ^ [primrel s]] � [rel [�x:�y:9z:[[r x z] ^ [s z y]]]]].Observe that the last de�nite sentence contains the predicate variables r and s. Further,the complex term that appears as the argument of the predicate rel in this de�nite sentencecontains an existential quanti�er and a conjunction. The formula9r:[[rel r] ^ [r johnmary]]is a goal formula in this context. It is a goal formula in which a predicate variable occurs\extensionally", i.e. in a position where a substitution made for it can a�ect the top-levellogical structure of the formula.In the next section, we examine some of the properties of higher-order de�nite sen-tences and goal formulas. To preview the main results there, we introduce the followingde�nition.3.5. De�nition. A substitution ' is a positive substitution if its range is contained inH+. It is a closed positive substitution if its range is contained in HB.Now let P be a �nite collection of de�nite sentences, and let G be a goal formula whosefree variables are contained in the listing �x. We shall see, then, that 9�x:G is provable fromP just in case there is a closed positive substitution ' for �x such that '(G) is provablefrom P. This observation shall also facilitate the description of a simple proof procedurethat may be used to extract substitutions such as '. From these observations it will follow15

that our de�nite sentences and goal formulas provide the basis for a generalization to theprogramming paradigm of �rst-order logic.4. Properties of Higher-Order De�nite SentencesAs observed in Section 3, one di�erence between the top-level logical structure of�rst-order and higher-order goal formulas is that, in the higher-order context, predicatevariables may appear as the heads of atomic goals. A consequence of this di�erence is thatsome of the proofs that can be constructed for goal formulas from de�nite sentences in thehigher-order setting have quite a di�erent character from any in the �rst-order case. Anillustration of this fact is provided by the following derivation of the goal formula 9y:[P y]from the de�nite sentence 8x:[x � [P A]].[P B] �! [P B] ��IS[P B] �! 9y:[P y] ��IS�! 9y:[P y];�[P B] [P A] �! [P A] ��IS[P A] �! 9y:[P y] ��IA�[P B] � [P A] �! 9y:[P y]; 9y:[P y] Contraction�[P B] � [P A] �! 9y:[P y] ��IA8x:[x � [P A]] �! 9y:[P y]It is easily observed that the top-level logical structure of a �rst-order formula remainsinvariant under any substitutions that are made for its free variables. It may then beseen that in a derivation whose endsequent contains only �rst-order de�nite formulas inthe antecedent and only �rst-order goal formulas in the succedent, every other sequentmust have only de�nite formulas and atoms in the antecedent and goal formulas in thesuccedent. This is, however, not the case in the higher-order context, as illustrated by theabove derivation. Consider, for instance, the penultimate sequent in this derivation thatis reproduced below: �[P B] � [P A] �! 9y:[P y]: (�)The formula �[P B] � [P A] that appears in the antecedent of this sequent is neither ade�nite formula nor an atom. Looking closely at this sequent also reveals why this mightbe a cause for concern from the perspective of our current endeavor. Although this sequenthas a derivation, we observe that there is no term t such that�[P B] � [P A] �! [P t]16

has a derivation. Now, if all derivations of8x:[x � [P A]] �! 9y:[P y]involve the derivation of (�), or of sequents similar to (�) in the sense just outlined, thenthere would be no proof of 9y:[P y] from 9x:[x � [P A]] from which an \answer" may be ex-tracted. Thus, it would be the case that one of the properties critical to the computationalinterpretation of de�nite sentences is false.We show in this section that problems of the sort alluded to in the previous paragraphdo not arise, and that, in fact, higher-order de�nite sentences and goal formulas resemblethe corresponding �rst-order formulas in several proof-theoretic senses. The method thatwe adopt in demonstrating this may be described as follows. Let us identify the followinginference �gure schemata �(P C);� �! � ��IA+�P;� �! �� �! �; �(P C) ��IS+� �! �;�Pwhere we expect only closed positive formulas, i.e. formulas from HB, to be substitutedfor C. These are evidently subcases of ��IA and ��IS. We shall show that if there isany derivation at all of a sequent � �! � where � consists only of de�nite sentences and� consists only of closed goal formulas, then there is one in which every inference �gureobtained from ��IA or ��IS is also an instance of ��IA+ and ��IS+ respectively. Theseschemata are of interest because in any of their instances, if the lower sequent has onlyclosed positive atoms and de�nite sentences in the antecedent and closed goal formulasin the succedent then so too does the upper sequent. Derivations of the sort mentioned,therefore, bear structural similarities to those in the �rst-order case, a fact that may beexploited to show that higher-order de�nite sentences and goal formulas retain many ofthe computational properties of their �rst-order counterparts.The result that we prove below is actually of interest quite apart from the purposes ofthis paper. The so-called cut-elimination theorems have been of interest in the context oflogic because they provide an insight into the nature of deduction and often are the basis forits mechanization. In the context of �rst-order logic, for instance, this theorem leads to thesubformula property: if a sequent has a derivation, then it has one in which every formulain any intermediate sequent is a subformula of some formula in the endsequent. Severalother useful structural properties of deduction in the �rst-order context ow from this17

observation, and the traditional proof procedures for �rst-order logic are based on it. Asis evident from the example at the beginning of this section, the subformula property doesnot hold (under any acceptable interpretation) for higher-order logic even though the logicadmits a cut-elimination theorem; predicate terms containing connectives and quanti�ersmay be generalized upon in the course of a derivation, and thus intermediate sequentsmay have formulas whose structure cannot be predicted from the formulas in the �nalone. For this reason, the usefulness of cut-elimination as a mechanism for analyzing andautomating deduction in higher-order logic has been generally doubted. However, Theorem4.1 below shows that there is useful structural information about proofs in higher-orderlogic to be obtained from the cut-elimination theorem for this logic, and is one of fewresults of this sort. This theorem permits us to observe that in the restricted setting ofhigher-order Horn clauses proofs for every derivable sequent can be constructed withoutever having to generalize on predicate terms containing the logical constants �, �, and�. This observation in turn provides information about the structure of each sequent ina derivation and constitutes a restriction on substitution terms that is su�cient to enablethe description of a complete theorem proving procedure for higher-order Horn clauses.A Simpli�ed Sequent Calculus. Part of the discussion above is given a precise formby the following theorem:4.1. Theorem. Let � be a sequence of formulas that are either de�nite sentences orclosed positive atoms of type o, and let � be a sequence of closed goal formulas. Then� �! � has an LKH-derivation only if it has one in which(i) the only inference �gures that appear are Contraction, Interchange, Thinning, _�IS,^�IS, ��IS, ��IA and ��IA, and(ii) each occurrence of the �gure ��IA or ��IS is also an occurrence of the �gure ��IA+or ��IS+.The proof of this theorem is obtained by describing a transformation from an arbitraryLKH-derivation of � �! � into a derivation of the requisite kind. This transformation isperformed by replacing the formulas in each sequent by what we might call their \positivecorrelates" and by removing certain parts of the derivation that become unnecessary as aresult. The following de�nition describes the manner in which the formulas in the succedentof each sequent are transformed.4.2. De�nition. Let x; y 2 Varo and, for each �, let z� 2 Var(�!o). The function poson formulas is then de�ned as follows:(i) If F is a constant or a variable 18

pos(F ) = 8><>:�x:>; if F is �;�x:�y:>; if F is �;�z�:>; if F is � of type ((�! o)! o);F; otherwise.(ii) pos([F1 F2]) = [pos(F1) pos(F2)].(iii) pos(�x:F ) = �x:pos(F ).Further, pc is the mapping on formulas de�ned as follows: If F is a formula, pc(F ) =�(pos(F )).From the de�nition above it follows easily that F(pc(F )) � F(pos(F )) = F(F ). Thusif F is a closed formula, then pc(F ) 2 HB. The properties of pc stated in the followinglemma are similarly easily argued for; these properties will be used in the proof of the maintheorem.4.3. Lemma. Let F be a �-normal formula of type o.(i) If F is an atom, then pc(F ) is a positive atom.(ii) If F is �F1, F1 � F2, or �P , then pc(F ) = >.(iii) If F is G �H where � is either _ or ^, then pc(F ) = pc(G) � pc(H).(iv) If F is �P , then pc(F ) = � pc(P )In the lemma below, we argue that pc and � commute as operations on formulas. Thisobservation is of interest because it yields the property of pc that is stated in Corollary4.5 and is needed in the proof of the Theorem 4.1.4.4. Lemma. For any formula F , pc(�(F )) = �(pc(F )).Proof. Given any formula B of the same type as x, an easy induction on the structureof a formula G veri�es the following facts: If B is free for x in G, then pos(B) is free forx in pos(G) and pos(SxB G) = Sxpos(B) pos(G). Now, let us say that a formula H resultsdirectly from a formula G by an application of a rule of �-conversion if the subformula of Gthat is replaced by virtue of one of these rules is G itself. We claim that if H does indeedresult from G in such a manner, then pos(H) also results from pos(G) in a similar manner.This claim is easily proved from the following observations:(i) If G is �x:G1 and H is �y:Sxy G1, pos(G) is �x:pos(G1) and pos(H) is �y:Sxy pos(G1).Further if y is free for x in G1 then y is free for x in pos(G1).(ii) If G is [�x:G1]G2 and H is SxG2 G1 then pos(F ) is [[�x:pos(G1)] pos(G2)] and pos(H)is Sxpos(G2) pos(G1). Further if G2 is free for x in G1 then pos(G2) is free for x inpos(G1).(iii) If G is of type �! � then pos(G) is also of type �! �. If G is �y:[H y] then pos(G)is �y:[pos(H) y] and, further, y 2 F(pos(H)) only if y 2 F(H).19

Now let F 0 result from F by a rule of �-conversion. By making use of the claimabove and by inducing on the structure of F , it may be shown that pos(F 0) results frompos(F ) by a similar rule. From this it follows that pos(�(F )) results from pos(F ) by theapplication of the rules of �-conversion. Hence �(pos(�(F ))) = �(pos(F )). Noting furtherthat �(pos(F )) = �(�(pos(F ))), the lemma is proved.4.5. Corollary. If P and C are formulas of appropriate types, thenpc(�([P C])) = �([pc(P ) pc(C)]).Proof. The claim is evident from the following equalities:pc(�([P C])) = �(pc([P C])) by Lemma 4.4= �([pos(P ) pos(C)]) using de�nitions= �([�(pos(P )) �(pos(C))]) by properties of �-conversion= �([pc(P ) pc(C)]) using de�nitions.While the mapping pc will adequately serve the purpose of transforming formulas inthe succedent of each sequent in the proof of Theorem 4.1, it does not su�ce as a meansfor transforming formulas in the antecedent. It may be observed that if F is a de�niteformula then pc(F ) = >. The transformation to be e�ected on formulas in the antecedentmust be such that it preserves de�nite formulas. In order to describe such a mapping,we �nd it useful �rst to identify the following class of formulas that contains the class ofde�nite formulas.4.6. De�nition. A formula of type o is an implicational formula just in case it has oneof the following forms(i) F � A, where F and A are �-normal formulas and in addition A is a rigid atom, or(ii) 8x:F , where F is itself an implicational formula.We now de�ne a function on implicational formulas whose purpose is to transformthese formulas into de�nite formulas.4.7. De�nition. The function posi on implicational formulas is de�ned as follows(i) If F is H � A then posi(F ) = pos(H) � pos(A).(ii) If F is 8x:F1 then posi(F ) = 8x:posi(F1)If F is an implicational formula then pci(F ) = �(posi(F )).From the de�nition, it is evident that if F is a de�nite formula, posi(F ) = F and,hence, pci(F ) = �(F ). While this is not true when F is an arbitrary implicational formula,it is clear that pci(F ) is indeed a de�nite formula. The following lemma states an additionalproperty of pci that will be useful in the proof of Theorem 4.1.20

4.8. Lemma. If F is an implicational formula and x and C are, respectively, a variableand a formula of the same type, thenpci(�([�x:F ]C)) = �([�x:pci(F )] pc(C)).Proof. An easy induction on the structure of F shows that �([�x:F ]C) is an implica-tional formula. Hence posi is de�ned on this formula and, consequently, the left-hand sideof the equality is de�ned. We now claim thatposi(�([�x:F ]C)) �-conv [�x:posi(F )] pos(C).Given this claim, it is clear that�(posi(�([�x:F ]C))) = �([�x:posi(F )] pos(C)),and the lemma follows by observing that �([�x:A]B) = �([�x:�(A)] �(B)).Thus, it only remains to show the claim. Given any implicational formula F1, weobserve that if F1 � F2 then posi(F1) � posi(F2). In trying to show the claim, we maytherefore assume that the bound variables of F are distinct from x and from the freevariables of C. Making such an assumption, we now induce on the structure of F :(a) F is of the form H � A. In this case �([�x:F ]C) � �(SxC H) � �(SxC A). Using thede�nition of posi and arguments similar to those in Lemma 4.4, we see thatposi(�(SxC H) � �(SxC A)) �-conv Sxpos(C) pos(H) � Sxpos(C) pos(A)The claim easily follows from these observations.(b)F is of the form 8y:F 0. Since the bound variables of F are distinct from x and the freevariables of C, we see that�([�x:F ]C) � 8y:�([�x:F 0]C).Using the inductive hypothesis and the de�nitions of �-conversion and of posi we seethat posi(�([�x:F ]C)) �-conv 8y:[[�x:posi(F 0)] pos(C)].Observing that F(C) = F(pos(C)), it is clear that8y:[[�x:posi(F 0)] pos(C)] �-conv [�x:[8y:posi(F 0)]] pos(C).The claim is now apparent from the de�nition of posi.Using the two mappings pc and pci, the desired transformation on sequents may nowbe stated. This is the content of the following de�nition.4.9. De�nition. First, we extend pci to the class of all formulas of type o:pco(F ) = � pci(F ); if F is an implicational formula;pc(F ); otherwise.The mapping pcs on sequents is then de�ned as follows: pcs(� �! �) is the sequent thatresults by replacing each formula F in � by pco(F ) and each formula G in � by pc(G).21

We are now in a position to describe, in a precise manner, the transformation ofLKH-derivations alluded to immediately after the statement of Theorem 4.1. We do thisbelow, thereby proving the theorem.Proof of Theorem 4.1We assume initially that every formula in � and � is in principalnormal form; we indicate how this requirement may be relaxed at the end. Now, a simpleinductive argument on the heights of derivations convinces us of the following fact: If �0and �0 are �nite sequences of formulas that are obtained from � and �, respectively, byreplacing each formula by one of its �-normal forms, then � �! � has a derivation onlyif �0 �! �0 has a derivation in which the inference �gure � does not appear. Since everyformula in � and � is in �-normal form, we may assume that � �! � has a derivationin which no use is made of the inference �gure �. Further, since every formula in � and� is closed, we may assume that each instance of the schemata ��IA and ��IS in thisderivation is obtained by substituting a closed formula for C; if a variable y does appearfree in the formula substituted for C, then we replace each free occurrence of y in it and inthe sequents in the derivation by a parameter of the same type as y that does not alreadyappear in the derivation; it is easy to see that the result is still a derivation of the samekind, and that its endsequent is still � �! �. Let T be such a derivation. We show belowthat T can be transformed into a derivation satisfying the requirements of the theorem.To de�ne the transformation, we need to distinguish between what we call the essentialand the inessential sequents in T. A sequent (occurrence) is considered inessential if itappears above the lower sequent of a ��IS, � �IS or ��IS inference �gure along anypath in the derivation. A sequent is essential if it is not inessential. We claim that everyformula in the antecedent of an essential sequent is either a rigid atom or an implicationalformula. Observe that from this claim it also follows that each essential sequent, except theendsequent, is the upper sequent of one of the �gures Contraction, Interchange, Thinning,_�IS, ^�IS, ��IS, ��IA or ��IA.The claim is proved by inducing on the distance of an essential sequent from theendsequent. If this distance is 0, the claim is obviously true. Assuming then that theclaim is true if the distance is d, we verify it for distance d + 1. Given the inductivehypothesis, we only need to consider the cases when the sequent in question is the uppersequent of an inference �gure in which there is a formula in the antecedent of an uppersequent that is not in the antecedent of the lower sequent, i.e. one of the �gures ��IS,_�IA, ^�IA, ��IA, ��IS, ��IA, and ��IA. The cases of ��IS and ��IS are ruledout, given that we are considering essential sequents. Also, since the antecedent of thelower sequent contains only implicational formulas and rigid atoms, the �gure in questioncannot be one of _�IA, ^�IA, or ��IA. The only cases that remain are � �IA and22

��IA. In the �rst case, i.e. when the inference �gure in question is�1 �! �1; F G;�2 �! �2F � G;�1;�2 �! �1;�2the principal formula must be an implicational formula, and G must therefore be a rigidatom. From this it is clear that the claim holds in this case. If the inference �gure is��IA, i.e. of the form �(P C);� �! ��P;� �! �the principal formula must again be an implicational formula, and so P must be of theform �x:F where F is an implicational formula. But then it is easily seen that �(P C)must be an implicational formula and the claim is veri�ed.Now let e(T) be the structure that results from removing all the inessential sequentsfrom T; e(T) is a derivation of � �! � but for the fact that some of its leaf sequents arenot axioms: Such sequents are of the form � �! �; P , where P is �F , �B or F � G.Let pe(T) be the result of replacing each � �! � in e(T) by pcs(� �! �). We claimthat each pair of upper sequent(s) and lower sequent in pe(T) is an instance of the sameinference �gure schema as the corresponding pair in e(T). To show this, we consider eachof the possible cases in e(T) and check the corresponding pairs in pe(T). The claim iseasily veri�ed if the pair is an instance of Contraction, Interchange or Thinning. The casesfor _�IS and ^�IS are similarly clear, given Lemma 4.3. If the pair is an instance of��IA, the principal formula is an implicational formula of the form F � A. Observingthen that pci(F � A) = pc(F ) � pc(A), the claim follows in this case as well. If the pairfrom e(T) is an instance of ��IS, i.e. of the form� �! �; �(P C)� �! �;�Pthe claim follows from Lemma 4.3 and Corollary 4.5; pc(�P ) = � pc(P ) andpc(�(P C)) = �(pc(P ) pc(C)).We note further that, since C is a closed formula, pc(C) 2 HB and so the corresponding�gure in pe(T) is actually an instance of ��IS+. Finally, let the pair in e(T) be an instanceof ��IA, i.e. of the form �(P C);� �! ��P;� �! �By our earlier observations �P is an implicational formula, and hence P is of the form�x:F , where F is an implicational formula. Using Lemma 4.8, we see that23

pci(�([�x:F ]C)) = �([�x:pci(F )] pc(C)).Noting now that pci(� [�x:F ]) � [� [�x:pci(F )]] and that pc(C) 2 HB, it is clear that thecorresponding pair in pe(T) is also an instance of ��IA, and in fact of ��IA+.Given the forms of formulas in � and �, we observe that pcs(� �! �) = � �! �.We also note that if A is an atomic formula and A � A0, then pco(A) = pc(A0). Thuswe may conclude, from the above considerations and Lemma 4.3, that pe(T) would be aderivation of � �! � of the sort required by the theorem but for the fact that some ofits leaf sequents are of the form � �! �;>. However, we may adjoin derivations of theform �! > sequence of Thinningsand Interchanges� �! �;>above sequents of this sort to obtain a genuine LKH-derivation that satis�es the theorem.The above argument is adequate in the case that each formula in � and � is inprincipal normal form. If this is not the case, then we proceed as follows. First weconstruct a derivation of the requisite sort for �0 �! �0, where �0 and �0 are obtainedfrom � and � respectively by placing each formula in principal normal form. A simpleinductive argument then su�ces to show that this derivation may be converted into onefor � �! � by replacing some of the formulas in the derivation by formulas that theyconvert to via the rule of �-conversion.4.10. Example. An illustration of the transformation described in the proof of Theorem4.1 may be provided by considering the derivation presented at the beginning of thissection. This would be transformed into the following:�! > Thinning�! >; 9y:[P y] Interchange�! 9y:[P y];> [P A] �! [P A] ��IS[P A] �! 9y:[P y] ��IA> � [P A] �! 9y:[P y]; 9y:[P y] Contraction> � [P A] �! 9y:[P y] ��IA8x:[x � [P A]] �! 9y:[P y]The content of Theorem 4.1 may be expressed by the description of a simpli�edsequent calculus for de�nite sentences and goal formulas. Let LKHD be the subcalculusof LKH with exactly the same initial sequents but with inference �gures restricted to24

being instances of the schemata Contraction, Interchange, Thinning, _�IS, ^�IS, ��IS+,��IA, and ��IA+. In the discussions below we shall be concerned with derivations forsequents of the form � �! �, where � is any �nite sequence of de�nite sentences andclosed positive atoms and � is a �nite sequence of closed goal formulas. By virtue ofTheorem 4.1 we see that such a sequent has an LKH-derivation exactly when it has anLKHD-derivation. In considering questions about derivations for such a sequent we may,therefore, restrict our attention to the calculus LKHD, and we implicitly do so below.Proofs from Higher-Order De�nite Sentences. We now use the preceding resultsto demonstrate that higher-order de�nite sentences and goal formulas retain the proof-theoretic properties of the corresponding �rst-order formulas that were discussed in Section1. In this endeavor, we use the characteristics of the higher-order formulas observed in thetwo lemmas below. The �rst lemma subsumes the statement that a �nite set of higher-orderde�nite sentences is consistent.4.11. Lemma. If � is a �nite sequence of de�nite sentences and closed positive atoms,then there can be no derivation for � �! .Proof. Suppose the claim is false. Then there is a least h and a � of the requisite sortsuch that � �! has a derivation of height h. Since � �! is not an initial sequent, h isevidently not 1. Consider now by cases the inference �gures of which � �! could be thelower sequent, i.e. the �gures Contraction, Thinning and Interchange in the antecedent,��IA+, and � �IA. In each of these cases it is easily observed that there must be a�nite sequence of de�nite sentences and closed positive atoms �0 such that �0 �! has aderivation of height < h. This contradicts the leastness of h.The lemma below relates the notions of classical and intuitionistic provability of agoal formula from a set of de�nite sentences.4.12. Lemma. Let � be a �nite sequence of de�nite sentences and closed positive atomsand let G be a closed goal formula. Then � �! G has a derivation only if it has one inwhich there is at most one formula in the succedent of each sequent.Proof. We claim that a slightly stronger statement is true: A sequent of the form� �! G1; : : : ; Gn, where � consists only of de�nite sentences and closed positive atomsand G1; : : : ; Gn are closed goal formulas, has a derivation only if there is an i such that1 � i � n and � �! Gi has a derivation in which at most one formula appears in thesuccedent of each sequent.The claim is proved by an induction on the heights of derivations for sequents of thesort hypothesized in it. If the height is 1, then n = 1 and the claim is obviously true. Letus, therefore, assume the height is h + 1 and consider the possible cases for the inference�gure that appears at the end of the derivation. If this �gure is a Contraction, Thinning25

or Interchange in the succedent, the claim follows directly from the inductive hypothesis;in the case of Thinning, we only need to observe that, by Lemma 4.11, n > 1. The casesof Contraction, Thinning, and Interchange in the antecedent, _�IS, ^�IS, ��IS+ and��IA+, also follow from the hypothesis with a little further argument. Consider, forinstance the case when the �gure is an ^�IS. The derivation at the end then has thefollowing form:� �! G1; : : : ; Gn�1; G1n � �! G1; : : : ; Gn�1; G2n� �! G1; : : : ; Gn�1; G1n ^G2nBy the hypothesis, there must be a derivation of the requisite sort either for � �! Gifor some i, 1 � i � n� 1, or for both � �! G1n and � �! G2n. In the former case theclaim follows directly, and in the latter case we use the two derivations together with an^�IS inference �gure to construct a derivation of the requisite sort for � �! G1n ^G2n.The only remaining case is that of ��IA, i.e. when the inference �gure in question isof the form �1 �! G1; : : : ; Gk; G A;�2 �! Gk+1; : : : ; GnG � A;�1;�2 �! G1; : : : ; GnFrom Lemma 4.11 it follows that k < n. By the hypothesis, we see that there is a derivationof the requisite sort either for �1 �! Gi for some i between 1 and k or for �1 �! G.In the former case, by adjoining a sequence of Thinning and Interchange �gures below thederivation for �1 �! Gi we obtain the required derivation for G � A;�1;�2 �! Gi.In the latter case, using the induction hypothesis again we see that there is a derivationof the required sort for A;�2 �! Gj for some j between k + 1 and n. This deriva-tion may be combined with the one for �1 �! G to obtain the required derivation forG � A;�1;�2 �! Gj .Lemmas 4.11 and 4.12 permit us to further restrict our sequent calculus in the contextof de�nite sentences. To make the picture precise, let us assume that � is a �nite sequenceof de�nite sentences and closed positive atoms, and that G is a goal formula such that� �! G has a derivation. Then, using Lemma 4.12 we see that this sequent has a deriva-tion in which there is no occurrence of Contraction or Interchange in the succedent. UsingLemma 4.11 it may be seen that such a derivation is also one in which the �gure Thinningin the succedent does not appear. Thus, in considering questions about derivability forsequents of the sort described above, we may dispense with the structural inference �gurespertaining to the succedent. This fact is made use of in the proof of Theorem 4.14 andin the discussions that follow it. We present this theorem after introducing a convenientnotational convention. 26

4.13. De�nition. Let D be the de�nite sentence 8�x:G � A. Then jDj denotes the setof all closed positive instances of G � A, i.e.jDj = f'(G � A) j ' is a closed positive substitution for �xg.This notation is extended to sets of de�nite sentences: If P is such a set,jPj = SfjDj j D 2 Pg.From this de�nition it readily follows that jDj and jPj are both collections of de�nitesentences.4.14. Theorem. Let � be a �nite sequence of de�nite sentences and closed positiveatoms, and let G be a closed goal formula. Then there is a derivation for � �! G if andonly if(i) G is G1 ^G2 and there are derivations for � �! G1 and � �! G2, or(ii) G is G1 _G2 and there is a derivation for either � �! G1 or � �! G2, or(iii) G is �P and there is a C 2 HB such that � �! �(P C) has a derivation, or(iv) G is an atom and either G is >, or G � A for some A in �, or, for some de�nitesentence D in �, G0 � A 2 jDj, G � A, and there is a derivation for � �! G0.Proof. (�) As we have noted, there is a derivation for a sequent of the sort describedin the Theorem only if there is one in which there are no structural �gures pertaining tothe succedent. An induction on the heights of such derivations now proves the theorem inthis direction.If � �! G has a derivation of height 1, then G is > or � is A and G � A. In eithercase the theorem is true. For the case when the height is h+1, we consider each possibilityfor the last inference �gure in the derivation. If it is one of ^�IS, _�IS or ��IS+, thetheorem is evidently true. If it is a Contraction in the antecedent, i.e. of the formF; F;� �! GF;� �! Gwe see that the upper sequent is of the kind described in the theorem and, in fact, has aderivation of height h. A recourse to the induction hypothesis now completes the proof.For instance, assume that G is of the form G1_G2. By the hypothesis, there is a derivationfor F; F;� �! Gi for i = 1 or i = 2. By adjoining below this derivation a Contraction inthe antecedent, we obtain a derivation for F;� �! Gi. The analysis for the cases whenG has a di�erent structure follows an analogous pattern.In the cases when the last inference �gure is a Thinning or an Interchange in theantecedent, the argument is similar to that of Contraction. If the �gure is ��IA+, i.e. ofthe form �(P C);� �! G�P;� �! G27

we see that �(P C) and �P are both de�nite sentences and, further, that j�(P C)j � j�P j.Applying the induction hypothesis to the upper sequent, the proof may now be completedby arguments similar to those outlined in the case of Contraction in the antecedent.The only remaining case is that of ��IA. In this case, by Lemma 4.11 we observethat the derivation at the end has the following form�1 �! G0 A;�2 �! GG0 � A;�1;�2 �! GThe right upper sequent of this inference �gure is evidently of the form required forthe induction hypothesis. Once again using arguments similar to those in the case ofContraction in the antecedent, the proof may be completed in all cases except whenG � A. But if G � A, we observe that the theorem is still true, since a derivationfor G0 � A;�1;�2 �! G0 may be constructed by adjoining a sequence of Thinning andInterchange inference �gures below the derivation for �1 �! G0.(�) The only case that needs explicit consideration here is that when, for some de�nitesentence D in �, there is a G0 � A 2 jDj such that G � A and � �! G0 has a derivation.In this case a derivation for � �! G may be constructed as follows:� �! G0 A �! G ��IAG0 � A;� �! G sequence of ��IA+D;� �! G sequence of Interchangesand a Contraction� �! GIn Section 1 we outlined the proof-theoretic properties of �rst-order de�nite sentencesand goal formulas that play a pivotal role in their use as a basis for programming. Theorem4.14 demonstrates that our higher-order generalizations of these formulas retain theseproperties. Thus, if G is a higher-order goal formula whose free variables are included inthe listing x1; : : : ; xn and P is a �nite set of higher-order de�nite sentences, we see fromclause (iii) of Theorem 4.14 that 9x1: : : :9xn:G is provable from P just in case there is aclosed positive substitution ' for x1; : : : ; xn such that '(G) is provable from P. Hence,sets of higher-order de�nite sentences and higher-order goal formulas may be construed,respectively, as programs and queries in a manner exactly analogous to the �rst-ordercase. Furthermore, clauses (i) { (iii) show that ^, _ and the existential quanti�er provideprimitives for search speci�cation in exactly the same way as in the �rst-order setting.Finally, by virtue of (iv), higher-order de�nite sentences provide the basis for de�ningnondeterministic procedures. Notice that in a de�nite sentence of form 8�x:(G � A), the28

head of A must be a parameter, and construing this formula as a procedure de�ning thishead of A, therefore, makes good sense.Theorem 4.14 also provides the skeleton for a procedure that may be used for deter-mining whether a goal formula is provable from a set of de�nite sentences. In essence,clauses (i) { (iii) describe the means by which the search for a proof of a complex goalformula may be reduced to the search for proofs of a set of atoms. The search for a proof ofan atomic goal may be progressed by \backchaining" on de�nite sentences in the mannerindicated by clause (iv). A precise description of this proof procedure requires the expli-cation of the notion of higher-order uni�cation, and we undertake this task in the nextsection. We note, however, that the steps mentioned above must simplify the search insome manner if they are to be e�ective in �nding a proof. That they do have this e�ectmay be seen by associating a measure, indexed by a �nite set of de�nite sentences, witheach goal formula. For this purpose, we identify the notion of a reduced path in a derivationas a sequence of sequents that results by the removal of the lower sequents of structuralinference �gures from a path in the derivation; intuitively, the length of a reduced path isa count of the number of operational inference �gures that appear along the correspondingpath. Letting the true height of a derivation be the length of the longest reduced path inthe derivation, the required measure may be de�ned as follows.4.15. De�nition. Let � be a �nite sequence of de�nite sentences, and let G be a closedgoal formula. Further, let k be the least among the true heights of derivations for � �! Gin which there appear no structural inference �gures pertaining to the succedent; if no suchderivation exists, k = !. Then ��(G) = � 2k; if k < !;!; otherwise.The measure is extended to be relative to a �nite set, P, of de�nite sentences by de�ning�P(G) = ��(G) where � is a listing of the members of P. This extension is clearlyindependent of the particular listing chosen.The properties of this measure that are of interest from the perspective of describinga proof procedure are stated in the following Lemma.4.16. Lemma. Let P be a �nite set of de�nite sentences and let G be a closed goalformula that is provable from P. Then �P (G) > 0 and �P(G) < !. Further,(i) If G is an atom other than > then there is a G0 � G 2 jPj such that �P (G0) < �P (G).(ii) If G is G1 _G2 then �P (Gi) < �P(G) for i = 1 or i = 2.(iii) If G is G1 ^G2 then �P (G1) + �P(G2) < �P(G).(iv) If G is �P then for some C 2 HB it is the case that �P(�(P C)) < �P(�P ).29

Proof. �P(G) is obviously greater that 0. Since G is provable from P, it is also obviousthat �P (G) < !. Now let � be a �nite sequence of de�nite sentences such that � �! Ghas a derivation of true height h. A reexamination of the proof of Lemma 4.14 revealsthe following facts: If G is G1 _ G2, then � �! Gi has a derivation of true height < hfor i = 1 or i = 2. If G is G1 ^ G2, then � �! Gi has a derivation of true height < hfor i = 1 and i = 2. If G is �P , then there is a C 2 HB such that � �! �(P C) has aderivation of true height < h. If G is an atom, then there is a G0 � G 2 jPj such that� �! G0 has a derivation of true height < h. From these observations, the rest of thelemma follows easily.5. Searching for Proofs from De�nite SentencesWe now turn to the task of describing a procedure for determining whether thereis a proof for the existential closure of a goal formula from a set of de�nite sentences.As already noted, the description of such a procedure requires a consideration of theproblem of unifying two higher-order formulas. This problem has been studied by severalresearchers, and in most extensive detail by [15]. In the �rst part of this section, wesummarize this problem and detail those aspects of its solution in [15] that are pertinentto our current endeavor. We then introduce the notion of a P-derivation. P-derivationsare a generalization to the higher-order context of the notion of SLD-derivations describedin [2] and prevalent in most discussions of �rst-order de�nite sentences. At one level,they are intended to be syntactic objects for demonstrating the existence of a proof for agoal formula and our discussions show their correctness from this perspective. At anotherlevel, they are intended to provide a basis for an actual proof procedure | a symbolmanipulating procedure that searches for P-derivations would constitute an interpreterfor a programming paradigm that is based on higher-order de�nite sentences | and weexplore some of their properties that are pertinent to the description of such a procedure.The Higher-Order Uni�cation Problem. Let us call a pair of formulas of the sametype a disagreement pair. A disagreement set is then a �nite set, fhFi; Hii j 1 � i � ng,of disagreement pairs, and a uni�er for the set is a substitution � such that, for 1 � i �n, �(Fi) = �(Hi). The higher-order uni�cation problem is then the following: Given adisagreement set, we desire to determine whether it has uni�ers, and to explicitly providea uni�er if it does have one.The problem described above is a generalization of the well-known uni�cation problemfor �rst-order terms. The higher-order uni�cation problem has several properties that are,in a certain sense, divergent from those of the problem in the �rst-order case. For instance,the question of whether a uni�er exists for an arbitrary disagreement set in the higher-order context is an undecidable question [10, 14, 17], whereas the corresponding question30

for �rst-order terms is decidable. As another example, it has been shown [12] that mostgeneral uni�ers do not always exist for uni�able higher-order disagreement pairs. Despitethese characteristics of the problem, a systematic search can be made for uni�ers of a givendisagreement set, and we discuss this aspect below.Huet, in [15], describes a procedure for determining the existence of uni�ers for agiven disagreement set and shows that, whenever uni�ers do exist, the procedure maybe used to provide some of them. The basis for this procedure is in the fact that thereare certain disagreement sets for which at least one uni�er may easily be provided and,similarly, there are other disagreement sets for which it is easily manifest that no uni�erscan exist. Given an arbitrary disagreement set, the procedure then attempts to reduce itto a disagreement set of one of these two kinds. This reduction proceeds by an iterativeuse of two kinds of simplifying functions, called SIMPL and MATCH, on disagreementsets. Since our notion of a P-derivation uses these functions in an intrinsic way, we devotesome e�ort to describing them below.In presenting the functions SIMPL and MATCH and in analyzing their properties,the normal form for formulas that is introduced by the following de�nition is useful.5.1. De�nition. A �-normal form ~F = �x1: : : : �xn:[H A1 : : : Am] is said to be a ��-longform if the type of H is of the form �1 ! � � � ! �m ! �0, where �0 is an atomic type,and, for 1 � i � m, Ai is also a ��-long form. If F is a formula such that F �-conv ~F , then~F is said to be a ��-long form of F . Given a ��-long form F = ��x:[H A1 : : :Am], a countof the number of occurrences of applications in F is provided by the following recursivelyde�ned measure on F : �(F ) = m+ mXi=1 �(Ai):It is clear that every formula has a ��-long form; such a form may be obtained by�rst converting the formula to a �-normal form, and then performing a sequence of �-expansions. We shall write ~F below to denote a ��-long form of a formula F . The formulathus denoted is ambiguous only up to a renaming of bound variables. To see this, letF1 = �x1 : : : �xm:[HA1 : : : Ar] and F2 = �y1: : : : �yn:[H 0B1 : : : Bs] be two ��-long formssuch that F1 �-conv F2. Observing that F1 and F2 must have the same �-normal forms, itis clear that �x1 : : : �xm:H � �y1: : : : �yn:H 0, and hence m = n and r = s. Furthermore,for all i, 1 � i � r, it must be the case that �x1 : : : �xm:Ai �-conv �y1 : : : �ym:Bi. A simpleargument by induction on the measure in De�nition 5.1 then shows that F1 � F2. Thisobservation permits us to extend the measure � to arbitrary formulas. For any formula F ,we may de�ne �(F ) = �( ~F ). Given the uniqueness of ��-long forms up to �-conversionsand the fact that �(F1) = �(F2) for any ��-long forms F1 and F2 such that F1 � F2, it31

follows that this extension of � is well-de�ned.Given any formula F and any substitution �, it is apparent that �(F ) = �( ~F ). Theinterest in the ��-long form of representation of formulas stems from the fact that thee�ects of substitutions on formulas in this form can be analyzed easily. As an instance ofthis, we observe the following lemma that is the basis of the �rst phase of simpli�cation inthe search for uni�ers for a given disagreement set. In this lemma, and in the rest of thissection, we use the notation U(D) to denote the set of uni�ers for a disagreement set D.A proof of this lemma is contained in [15] and also in [25].5.2. Lemma. Let F1 = ��x:[H1A1 : : : Ar] and F2 = ��x:[H2B1 : : : Bs] be two rigid��-long forms of the same type. Then � 2 U(fhF1; F2ig) if and only if(i) H1 = H2 (and, therefore, r = s), and(ii) � 2 U(fh��x:Ai; ��x:Bii j 1 � i � rg).Let us say that F is rigid ( exible) just in case ~F is rigid ( exible), and let us referto the arguments of ~F as the arguments of F . If F1 and F2 are two formulas of the sametype, it is evident that ��-long forms of F1 and F2 must have binders of the same length.Furthermore, we may, by a sequence of �-conversions, arrange their binders to be identical.If F1 and F2 are both rigid, then Lemma 5.2 provides us a means for either determiningthat F1 and F2 have no uni�ers or for reducing the problem of �nding uni�ers for F1 and F2to that of �nding uni�ers for the arguments of these formulas. This, in fact, is the natureof the simpli�cation e�ected on a given uni�cation problem by the function SIMPL.5.3. De�nition. The function SIMPL on sets of disagreement pairs is de�ned as follows:(1) If D = ; then SIMPL(D) = ;.(2) If D = fhF1; F2ig, and(a) if F1 is a exible formula then SIMPL(D) = D; otherwise(b) if F2 is a exible formula then SIMPL(D) = fhF2; F1ig;(c) otherwise F1 and F2 are both rigid formulas. Let ��x:[C1A1 : : : Ar] and ��x:[C2B1 : : : Bs] be ��-long forms for F1 and F2. If C1 6= C2 then SIMPL(D) = F;otherwise SIMPL(D) = SIMPL(fh��x:Ai; ��x:Bii j 1 � i � rg).(3) Otherwise D has at least two members. Let D = fhFi; Gii j 1 � i � ng.(a) If SIMPL(fhFi; Giig) = F for some i then SIMPL(D) = F;(b) Otherwise SIMPL(D) = nSi=1 SIMPL(fhFi; Giig).Clearly, SIMPL transforms a given disagreement set into either the marker F or adisagreement set consisting solely of \ exible- exible" or \ exible-rigid" formulas. By anabuse of terminology, we shall regard F as a disagreement set that has no uni�ers. The32

intention, then, is that SIMPL transforms the given set into a simpli�ed set that has thesame uni�ers. The following lemma shows that SIMPL achieves this purpose in a �nitenumber of steps.5.4. Lemma. SIMPL is a total computable function on sets of disagreement pairs.Further, if D is a set of disagreement pairs then � 2 U(D) if and only if SIMPL(D) 6= Fand � 2 U(SIMPL(D)).Proof. We de�ne a measure on sets of disagreement pairs in the following fashion. IfD = fhFi; Gii j 1 � i � ng, then (D) = n+ nXi=1 �(Fi):The lemma follows from Lemma 5.2 by an induction on this measure.The �rst phase in the process of �nding uni�ers for a given disagreement set D thusconsists of evaluating SIMPL(D). If the result of this is F, D has no uni�ers. On theother hand, if the result is a set that is either empty or has only exible- exible pairs, atleast one uni�er can be provided easily for the set, as we shall see in the proof of Theorem5.14; such a set is, therefore, referred to as a solved set. If the set has at least one exible-rigid pair, then a substitution for the head of the exible formula needs to be consideredso as to make the heads of the two formulas in the pair identical. There are essentiallytwo kinds of \elementary" substitutions that may be employed for this purpose. The �rstkind of substitution is the one that makes the head of the exible formula \imitate" thatof the rigid formula. In the context of �rst-order terms this is, in fact, the only kind ofsubstitution that needs to be considered. If the head of the exible formula is a higher-order variable, however, there is also another possibility. This is that of \projecting" oneof the arguments of the exible formula into the head position, in the hope that the headof the resulting formula becomes identical to the head of the rigid one or may be made soby a subsequent substitution. There are, thus, a set of substitutions, each of which may beinvestigated separately as a component of a complete uni�er. The purpose of the functionMATCH that is de�ned below is to produce these substitutions.5.5. De�nition. Let V be a set of variables, let F1 be a exible formula, let F2 be arigid formula of the same type as F1, and let ��x:[f A1 : : : Ar], and ��x:[C B1 : : : Bs] be��-long forms of F1 and F2. Further, let the type of f be �1 ! � � � ! �r ! �, where � isprimitive and, for 1 � i � r, let wi be a variable of type �i. The functions IMIT, PROJ,and MATCH are then de�ned as follows:(i) If C is a variable (appearing also in �x), then IMIT(F1; F2;V) = ;; otherwiseIMIT(F1; F2;V) = ffhf; �w1 : : : �wr:[C [h1 w1 : : : wr] : : : [hs w1 : : : wr]]igg;33

where h1; : : : ; hs are variables of appropriate types not contained in V [fw1; : : : ; wrg.(ii) For 1 � i � r, if �i is not of the form �1 ! : : :! �t ! � then PROJi(F1; F2;V) = ;;otherwise,PROJi(F1; F2;V) = ffhf; �w1 : : : �wr:[wi [h1 w1 : : : wr] : : : [ht w1 : : : wr]]igg;where h1; : : : ; ht are variables of appropriate type not contained in V [ fw1; : : : ; wrg.(iii) MATCH(F1; F2;V) = IMIT(F1; F2;V) [ ( S1�i�rPROJi(F1; F2;V)).The purpose of MATCH is to suggest a set of substitutions that may form \initialsegments" of uni�ers and, in this process, bring the search for a uni�er closer to resolu-tion. To describe the sense in which MATCH achieves this purpose precisely, we need thefollowing measure on substitutions:5.6. De�nition. Let ' = fhfi; Tii j 1 � i � ng be a substitution. We de�ne a measureon ' as follows: �(') = n+ nXi=1 �(Ti):The correctness of MATCH is now stated in the lemma below. We omit a proof ofthis lemma, referring the interested reader to [15] or [25].5.7. Lemma. Let V be a set of variables, let F1 be a exible formula and let F2 bea rigid formula of the same type as F1. If there is a substitution � 2 U(fhF1; F2ig) thenthere is a substitution ' 2 MATCH(F1; F2;V) and a corresponding substitution �0 suchthat(i) � =V �0 � ', and(ii) �(�0) < �(�).yA uni�cation procedure may now be described based on an iterative use of SIMPLand MATCH. A procedure that searches for a P-derivation, a notion that we describenext, actually embeds such a uni�cation procedure within it.P-Derivations. Let the symbols G, D, � and V, perhaps with subscripts, denote setsof formulas of type o, disagreement sets, substitutions and sets of variables, respectively.The relation of being \P-derivable from" between tuples of the form hG;D; �;Vi is de�nedin the following manner.y This lemma may actually be strengthened: If f 2 V, where f is the head of ~F1 thenthere is exactly one ' corresponding to each �.34

5.8. De�nition. Let P be a set of de�nite sentences. We say a tuple hG2;D2; �2;V2i isP-derivable from the tuple hG1;D1; �1;V1i if D1 6= F and, in addition, one of the followingsituations holds:(1) (Goal reduction step) �2 = ;, D2 = D1, and there is a goal formula G 2 G1 such that(a) G is > and G2 = G1 � fGg and V2 = V1, or(b) G is G1 ^G2 and G2 = (G1 � fGg) [ fG1; G2g and V2 = V1, or(c) G is G1 _G2 and, for i = 1 or i = 2, G2 = (G1 � fGg) [ fGig and V2 = V1, or(d) G is �P and for some variable y =2 V1 it is the case that V2 = V1 [ fyg andG2 = (G1 � fGg) [ f�norm(P y)g.(2) (Backchaining step) Let G 2 G1 be a rigid positive atom, and let D 2 P be suchthat D � 8x1: : : : 8xn:G0 � A for some sequence of variables x1; : : : ; xn for whichno xi 2 V1. Then �2 = ;, V2 = V1 [ fx1; : : : ; xng, G2 = (G1 � fGg) [ fG0g, andD2 = SIMPL(D1 [ fhG;Aig).(3) (Uni�cation step) D1 is not a solved set and for some exible-rigid pair hF1; F2i 2 D1,either MATCH(F1; F2;V1) = ; and D2 = F, or there is a � 2 MATCH(F1; F2;V1)and it is the case that �2 = �, G2 = �(G1), D2 = SIMPL(�(D1)), and, if � = fhx; T ig,V2 = V1 [ F(T ).Let us call a �nite set of goal formulas a goal set, and a disagreement set that isF or consists solely of pairs of positive formulas a positive disagreement set. If G1 is agoal set and D1 is a positive disagreement set then it is clear, from an inspection of theabove de�nition, the de�nitions 5.3 and 5.5, and the fact that a positive formula remainsa positive formula under a positive substitution, that G2 is a goal set and D2 a positivedisagreement set for any tuple hG2;D2; �2;V2i that is P-derivable from hG1;D1; �1;V1i.5.9. De�nition. Let G be a goal set. Then we say that a sequence hGi;Di; �i;Vii1�i�nis a P-derivation sequence for G just in case G1 = G, V1 = F(G1), D1 = ;, �1 = ;, and, for1 � i < n, hGi+1;Di+1; �i+1;Vi+1i is P-derivable from hGi;Di; �i;Vii.From our earlier observations, and an easy induction on the length of the sequence, itis clear that in a P-derivation sequence for a goal set G each Gi is a goal set and each Diis a positive disagreement set. We make implicit use of this observation in our discussionsbelow. In particular, we intend unquali�ed uses of the symbols G and D to be read assyntactic variables for goal sets and positive disagreement sets, respectively.A P-derivation sequence hGi;Di; �i;Vii1�i�n terminates, i.e. is not contained in alonger sequence, if(a) Gn is either empty or is a goal set consisting solely of exible atoms and Dn is eitherempty or consists solely of exible- exible pairs, or35

(b) Dn = F.In the former case we say that it is a successfully terminated sequence.5.10. De�nition. A P-derivation sequence, hGi;Di; �i;Vii1�i�n, for G that is a success-fully terminated sequence is called a P-derivation of G and �n � � � � � �1 is called its answersubstitution. If G = fGg then we also say that the sequence is a P-derivation of G.5.11. Example. Let P be the set of de�nite sentences in Example 3.3. Further, let f1be a variable of type int! int and let G be the goal formula[mapfun f1 [cons 1 [cons 2nil]] [cons [g1 1] [cons [g 1 2]nil]]]:Then the tuple hG1;D1; ;;V1i is P-derivable from hfGg; ;; ;; ff1gi by a backchaining step,if V1 = ff1; f2; l1; l2; xg;G1 = f[mapfun f2 l1 l2]g, andD1 = fhf1; f2i; hx; 1i; h[f1 x]; [g 1 1]i; hl1; [cons 2 nil]i; hl2; [cons [g 1 2] nil]ig,where f2, l1, l2, and x are variables. Similarly, ifV2 = V1 [ fh1; h2g,G2 = f[mapfun f2 l1 l2]g,�2 = fhf1; �w:[g [h1w][h2w]]ig, andD2 = fhl1; [cons 2nil]i; hl2; [cons [g 1 2]nil]i; hx; 1i;h[h1 x]; 1i; h[h2 x]; 1i; hf2; �w:[g [h1 w] [h2w]]ig,then the tuple hG2;D2; �2;V2i is P-derivable from hG1;D1; ;;V1i by a uni�cation step. Itis, in fact, obtained by picking the exible-rigid pair h[f1 x]; [g 1 1]i from D1 and using thesubstitution provided by IMIT for this pair. If the substitution provided by PROJ1 waspicked instead, we would obtain the tuple hG2;F; fhf1; �w:wig;V1i.There are several P-derivations of G, and all of them have the same answer substitu-tion: fhf1; �w:[g w 1]ig.5.12. Example. Let P be a set of de�nite sentences that contains the de�nite sentence8x:[x � [P A]], where P and A are parameters of type int! o and int, respectively. Then,the following sequence of tuples constitutes a P-derivation of 9y:[P y]:hf9y:[P y]g; ;; ;; ;i; hf[P y]g; ;; ;; fygi; hfxg; fhy;Aig; ;; fy; xgi; hfxg; ;; fhy;Aig; fy; xgi:Notice that this is a successfully terminated sequence, even though the �nal goal setcontains a exible atom. We shall see, in Theorem 5.14, that a goal set that contains36

only exible atoms can be \solved" rather easily. In this particular case, for instance, the�nal goal set may be solved by applying the substitution fhx;>ig to it.As mentioned at the beginning of this section, a P-derivation of a goal formula G isintended to be an object that demonstrates the provability of G from the set of de�nitesentences P. Our next endeavor, culminating in the Theorems 5.14 and 5.18, is to showthat this notion is true to our intention. In the process, we shall see that a P-derivation of Gencodes enough information to make it possible to extract the result of a computation. Weshall also observe some properties of P-derivations that are of interest from the perspectiveof constructing a procedure that searches for such a derivation of a goal formula.5.13. Lemma. Let hG2;D2; �2;V2i be P-derivable from hG1;D1; �1;V1i, and let D2 6= F.Further let � 2 U(D2) be a positive substitution such that every closed positive instanceof the formulas in �(G2) is provable from P. Then(i) � � �2 2 U(D1), and(ii) every closed positive instance of the formulas in � � �2(G1) is provable from P.Proof. The lemma is proved by considering the cases in De�nition 5.9.A goal reduction or a backchaining step. In these cases �2 = ; and so � � �2 = �. Further,in a goal reduction step D2 = D1, and in a backchaining step D1 � D2. From theseobservations and the assumptions in the lemma, it follows that (i) is true. Similarly, itis clear that all the closed positive instances of � � �2(G) of each G 2 G1 that is also anelement of G2 are provable from P. To verify (ii), therefore, we only need to establish thetruth of the previous statement for the case when the G 2 G1 is not in G2, and we do thisbelow by considering the possibilities for such a G.In the case that G is >, the argument is obvious. If G is G1 _G2, then� � �2(G) = � � �2(G1) _ � � �2(G2) = �(G1) _ �(G2):Thus the closed positive instances of � � �2(G) are of the form G0 _G00 where G0 and G00are closed positive instances of �(G1) and �(G2) respectively. Noting that either �(G1) or�(G2) is an element of �(G2), the argument may be completed using the assumptions inthe lemma and Theorem 4.14. A similar argument may be provided for the case when Gis G1 ^G2.Before considering the remaining cases, we de�ne a substitution that is parameterizedby a substitution and a sequence of variables. Let c� be an arbitrary parameter of type �.If �y is a sequence of variables and � is a substitution, then��y = fhx; c�i j x is a variable of type � such that x 2 F(� � �(yi)) for some yi in �yg:37

We note that if F is a positive formula all of whose free variables are included in the list�y and if � is a positive substitution, then ��y � � � �(F ) is a closed positive formula.Now let the G under consideration be �P . Any closed positive instance of � � �2(G)may be written in the form � (� ��(P )) for a suitable �; note that then � ��(P ) must itselfbe a closed positive formula. From De�nition 5.9, we see that, for some y, �norm(P y) 2 G2and hence �(P y) 2 �(G2). It is easily seen that �y � � ��(P y) is a closed positive instanceof �(P y) and is, therefore, provable from P. But now we observe that�y � � � �(P y) = �([� � �(P ) �y � � � �(y)]):Using Theorem 4.14 it then follows that � (� � �(P )), is provable from P. The choice of �having been arbitrary, we may thus conclude that any closed positive instance of � � �2(G)is provable from P.The only other case to consider is when G is removed by a backchaining step. In thiscase, by De�nition 5.9 and Lemma 5.4, there must be a D 2 P such thatD � 8�x:G0 � A; G0 2 G2; and �(G) = �(A):Once again, we observe that any closed positive instance of � � �2(G) may be written as� � �(G) for a suitably chosen �. Now ��x � � � �(G0 � A) is a closed positive instance ofG0 � A, and hence is a member of jPj. Further,��x � � � �(G0 � A) = ��x � � � �(G0) � ��x � � � �(A) = ��x � � � �(G0) � � � �(G):Finally, ��x����(G0) is evidently a closed positive instance of �(G0),and is therefore provablefrom P. Using these facts in conjunction with Theorem 4.14 we may now conclude that� � �(G) is provable from P.A uni�cation step. We note �rst that D2 6= F. Hence, in either of these cases, it followsfrom Lemma 5.4 that if � 2 U(D2) then � 2 U(�2(D1)). But then, it is easy to see that� ��2 2 U(D1). Since G2 = �2(G1) it is evident that every closed instance of a goal formulain � � �2(G1) is also a closed instance of a goal formula in �(G2). From this the second partof the lemma is obvious.5.14. Theorem. (Soundness of P-derivations) Let hGi;Di; �i;Vii1�i�n be a P-derivationof G, and let � be its answer substitution. Then there is a positive substitution � suchthat(i) � 2 U(Dn), and(ii) all the closed positive instances of the goal formulas in �(Gn) are provable from P.Further, if � is a positive substitution satisfying (i) and (ii), then every closed positiveinstance of � � �(G) is provable from P. 38

Proof. The second part of the theorem follows easily from Lemma 5.13 and a backwardinduction on i, the index of each tuple in the given P-derivation sequence. For the �rstpart we exhibit a substitution | that is a simple modi�cation of the one in Lemma 3.5 in[15] | and then show that it satis�es the requirements.Let h� 2 Var� be a chosen variable for each atomic type �. Then for each type � weidentify a formula E� in the following fashion:(a) If � is o, then E� = >.(b) If � is an atomic type other than o, then E� = h�.(c) If � is the function type �1 ! � � � ! �k ! � where � is an atomic type, thenE� = �x1: : : : �xk:E�; where, for 1 � i � k, xi is a variable of type �i that is distinctfrom h�i .Now let = fhy; E�i j y 2 Var�g. Finally, letting V = F(Gn)[F(Dn), we de�ne � = " V.We note that any goal formula in Gn is of the form [P C1 : : : Cn] where P is a variablewhose type is of the form �1 ! � � � ! �n ! o. From this it is apparent that if G 2 Gnthen any ground instance of �(G) is identical to >. Thus, it is clear that � satis�es (ii).If Dn is empty then � 2 U(Dn). Otherwise, let hF1; F2i 2 Dn. Since F1 and F2 are two exible formulas, it may be seen that �(F1) and �(F2) are of the form �y11: : : : �y1m1 :E�1 ,and �y21: : : : �y2m2 :E�2 respectively, where �i is a primitive type and E�i =2 fyi1; : : : ; yimigfor i = 1; 2. Since F1 and F2 have the same types and substitution is a type preservingmapping, it is clear that �1 = �2, m1 = m2 and, for 1 � i � m1, y1i and y2i are variablesof the same type. But then evidently �(F1) = �(F2).In order to show a converse of the above theorem, we need the observation containedin the following lemma that may be veri�ed by a routine inspection of De�nition 5.9.5.15. Lemma. Let hG2;D2; �2;V2i be P-derivable from hG1;D1; �1;V1i and let D2 6= F.Then V1 � V2 and if F(G1) [ F(D1) � V1, then F(G2) [ F(D2) � V2.We also need a measure of complexity corresponding to a goal set and a uni�er. Inde�ning such a measure, we use those introduced in De�nitions 4.15 and 5.6.5.16. De�nition.(i) Let G be a set of closed goal formulas. Then �P(G) = PG2G �P(G).(ii) Let G be a set of goal formulas and let � be a positive substitution such that eachformula in �(G) is closed. Then �P (G; �) = h�P (�(G)); �(�)i.(iii) � is the lexicographic ordering on the collection of pairs of natural numbers, i.e.hm1; n1i � hm2; n2i if either m1 < m2 or m1 = m2 and n1 < n2.If G is a �nite set of closed goal formulas such that each member of G is provable from39

P, then it is easily seen that �P(G) < !. We make implicit use of this fact in the proof ofthe following lemma.5.17. Lemma. Let hG1;D1; �1;V1i be a tuple that is not a terminated P-derivationsequence and for which F(G1) [ F(D1) � V1. Further, let there be a positive substitution�1 2 U(D1) such that, for each G1 2 G1, �1(G1) is a closed goal formula that is provablefrom P. Then there is a tuple hG2;D2; �2;V2i that is P-derivable from hG1;D1; �1;V1i anda positive substitution �2 such that(i) �2 2 U(D2),(ii) �1 =V1 �2 � �2,(iii) for each G2 2 G2, �2(G2) is a closed goal formula that is provable from P, and(iv) �P (G2; �2) � �P (G1; �1).In addition, when there are several tuples that are P-derivable from hG1;D1; �1;V1i, sucha tuple and such a substitution exist for every choice of (1) the kind of step, (2) thegoal formula in a goal reduction or backchaining step, and (3) the exible-rigid pair in auni�cation step.Proof. Since hG1;D1; �1;V1i is not a terminated P-derivation sequence, it is clear thatthere must be a tuple hG2;D2; �2;V2i that is P-derivable from it. We consider below thevarious ways in which such a tuple may result to show that there must exist a tuple, and acorresponding substitution, satisfying the requirements of the lemma. From this argumentit will also be evident that this is the case no matter how the choices mentioned in thelemma are exercised.Goal reduction step. If there is tuple that is P-derivable from hG1;D1; �1;V1i by such astep, then there must be a goal formula in G1 of the form >, G1 _ G2, G1 ^ G2, or �P .Let us consider the �rst three cases �rst. In these cases, we letD2 = D1; �2 = ;; V2 = V1; and �2 = �1:Since �1 2 U(D1), it is obvious that �2 2 U(D2). Further, �1 =V1 �2 � �2; in fact,�1 = �2 � �2. Now we consider each of the cases in turn to provide a value for G2 that,together with the assignments provided above, meets the requirements of the lemma.(a) If > 2 G1, then let G2 = G1�f>g. hG2;D2; �2;V2i is obviously a tuple that is P-derivablefrom hG1;D1; �1;V1i. The observations above show that this tuple and �2 satisfy con-ditions (i) and (ii) in the lemma. That (iii) is true follows from the facts that G2 � G1and �2 = �1. Observing additionally that �P(>) > 0, (iv) follows.(b) Let G1 _G2 2 G1. We note here that�1(G1 _G2) = �1(G1) _ �1(G2) = �2(G1) _ �2(G2);40

and, further, that �2(G1) and �2(G2) are closed goal formulas. Using Theorem 4.14and the assumption that �1(G1_G2) is provable from P, we see that �2(Gi) is provablefrom P for i = 1 or i = 2. Further, by Lemma 4.16, it is the case that for the same i�P (�1(Gi)) < �P(�1(G1 _G2)):Setting G2 = (G1 � fG1 _G2g) [ fGig;we obtain a tuple that is P-derivable from hG1;D1; �1;V1i and that together with �2satis�es the requirements in the lemma.(c) If G1 ^G2 2 G1, let G2 = (G1 � fG1 ^G2g) [ fG1; G2g. By arguments similar to thosein (b), it follows that hG2;D2; �2;V2i and �2 meet the requirements in the lemma.The only case remaining is when �P 2 G1. Here we choose a variable y such thaty =2 V1, and letG2 = (G1 � f�Pg) [ f�norm(P y)g; D2 = D1; �2 = ;; and V2 = V1 [ fyg:Evidently hG2;D2; �2;V2i is a tuple that is P-derivable from hG1;D1; �1;V1i. Now if welet P 0 = �1(P ), we see that �P 0 2 �1(G1). Thus, by assumption, P 0 is a closed positiveformula and �P 0 is provable from P. From Theorem 4.14 and Lemma 4.16 it follows thatthere is a closed positive formula C such that �(P 0C) is provable from P and, in fact,�P(�(P 0C)) < �P (�P 0). Setting �2 = �1 � fhy; Cig;we see that hG2;D2; �2;V2i and �2 meet the requirements in the lemma: Since y =2 V1 andF(D1) � V1, �2 2 U(D2) and �1 =V1 �2. Since F(G1) � V1, (iii) is satis�ed for eachG 2 G2 that is also in G1. For the only other G 2 G2, i.e. �norm(P y), it is apparent that�2(G) = �(P 0C) and so (iii) is satis�ed in this case too. From these observations and thefact that �P (�(P 0C)) < �P(�1(�P )), (iv) also follows.Backchaining step. For this step to be applicable, there must be a rigid positive atomG 2 G1. Let Ga = �1(G). By assumption, Ga is a closed positive atom that is provablefrom P. Therefore, by Theorem 4.14, there must be a formula G00 � Ga 2 jPj such thatG00 is provable from P; in fact, by Lemma 4.16, �P(G00) < �P(Ga). Since G00 � Ga 2 jPj,there must be a D 2 P such thatD � 8x1: : : :8xn:G0 � A;where x1; : : : ; xn are not members of V1, and a positive substitution ' for fx1; : : : ; xngsuch that Ga = '(A) and G00 = '(G0). Now, settingG2 = (G1 � fGg) [ fG0g, �2 = ;,41

D2 = SIMPL(D1 [ (fhG;Aig), V2 = V1 [ fx1; : : : ; xng,we obtain the tuple hG2;D2; �2;V2i that is P-derivable from hG1;D1; �1;V1i. Letting �2 =�1 � ', we see that this tuple and �2 also meet the requirements in the lemma: Sincexi =2 V1 for 1 � i � n, �1 =V1 �2 =V1 �2 � �2:Thus (ii) is satis�ed. Also, since F(D1) � V1, �2 2 U(D1). Noting that '(A) is a closedformula and that F(G) � V1,�2(G) = �1(G) = '(A) = �2(A):From these observations and Lemma 5.4, it is clear that �2 2 U(D2), i.e. (i) is satis�ed.Now, since F(G1) � V1, �2(G1) = �1(G1) for each G1 2 G2 that is also in G1. Thus (iii) istrue by assumption for such a G1. For the only other formula in G2, i.e. G0, this followsby observing that �2(G0) = '(G0) = G00;G00 is by assumption provable from P. Finally, (iv) follows by observing that�P(�2(G0)) = �P(G00) < �P(Ga) = �P(�1(G)):Uni�cation step. For this case to be applicable, there must be a exible-rigid pair in D1.Let hF1; F2i be an arbitrary such pair. By Lemma 5.7, there is a (positive) substitution' 2 MATCH(F1; F2;V1) and a (positive) substitution � such that �1 =V1 � �' and �(�) <�(�1). Setting G2 = '(G1); D2 = SIMPL('(D1)); �2 = ';and choosing V2 appropriately, we see that there is a tuple hG2;D2; �2;V2i that is P-derivablefrom hG1;D1; �1;V1i. Letting �2 = � we see easily that the other requirements of the lemmaare also satis�ed: Since F(D1) � V1, it is clear that�1(D1) = �2 � �2(D1) = �2(�2(D1)):Noting that �1 2 U(D1), (i) follows from Lemma 5.4. (ii) is evidently true. Since F(G1) �V1, we see that �1(G1) = �2 � �2(G1) = �2(�2(G1)) = �2(G2):That every G2 2 �2(G2) is a closed goal formula that is provable from P now followstrivially from the assumptions. Finally�P(G2; �2) � �P (G1; �1)42

since �P (�2(G2)) = �P(�1(G1)) and �(�2) < �(�1).5.18. Theorem. (Completeness of P-derivations) Let ' be a closed positive substitutionfor the free variables of G such that '(G) is provable from P. Then there is a P-derivationof G with an answer substitution � such that ' �F(G) �.Proof. From Lemmas 5.17 and 5.15 and the assumption of the theorem, it is evident thatthere is a P-derivation sequence hGi;Di; �i;Vii1�i for fGg and a sequence of substitutions�i such that(i) �1 = ',(ii) �i+1 satis�es the equation �i =Vi �i+1 � �i+1,(iii) �i 2 U(Di), and(iv) �P (Gi+1; �i+1) � �P(Gi; �i).From (iv) and the de�nition of � it is clear that the sequence must terminate. From (iii)and Lemmas 5.4 and 5.7 it is evident, then, that it must be a successfully terminatedsequence, i.e. a P-derivation of G. Using (i), (ii) and Lemma 5.15, an induction on thelength n of the sequence then reveals that ' �V1 �n�� � ���1. But F(G) = V1 and �n�� � ���1is the answer substitution for the sequence.P-derivations, thus, provide the basis for describing the proof procedure that we de-sired at the outset. Given a goal formula G, such a procedure starts with the tuplehfGg; ;; ;;F(G)i and constructs a P-derivation sequence. If the procedure performs an ex-haustive search, and if there is a proof of G from P, it will always succeed in constructinga P-derivation of G from which a result may be extracted. A breadth-�rst search may beinappropriate if the procedure is intended as an interpreter for a programming languagebased on our de�nite sentences. By virtue of Lemma 5.17, we see that there are certaincases in which the procedure may limit its choices without adverse e�ects. The followingchoices are, however, critical:(i) Choice of disjunct in a goal reduction step involving a disjunctive goal,(ii) Choice of de�nite sentence in a backchaining step, and(iii) Choice of substitution in a uni�cation step.When it encounters such choices, the procedure may, with an accompanying loss of com-pleteness, perform a depth-�rst search with backtracking. The particular manner in whichto exercise these choices is very much an empirical question, a question to be settled onlyby experimentation.43

6. ConclusionIn this paper we have concerned ourselves with the provision of higher-order featureswithin logic programming. An approach that has been espoused elsewhere in this regardis to leave the basis of �rst-order logic programming languages unchanged and to providesome of the functionality of higher-order features through special mechanisms built into theinterpreter. This approach is exempli�ed by the presence of \extra-logical" predicates suchas univ and functor in most current implementations of Prolog [32]. While this approachhas the advantage that usable \higher-order" extensions may be provided rapidly, it hasthe drawbacks that the logical basis of the resulting language is no longer clear and,further, that the true nature and utility of higher-order features within logic programmingis obscured.We have explored an alternative approach based on strengthening the underlying logic.In a precise sense, we have abstracted out those properties of �rst-order Horn clauses thatappear to be essential to their computational interpretation, and have described a class ofhigher-order formulas that retain these properties. Towards realizing a higher-order logicprogramming language based on these formulas, we have also discussed the structure of atheorem-proving procedure for them. These results have been used elsewhere [21, 25] inthe description of a language called �Prolog. Although space does not permit a detaileddiscussion of this language, it needs to be mentioned that an experimental implementationfor it exists, and has in fact been widely distributed. This implementation has, amongother things, provided us with insights into the practical aspects of the trade-o�s to bemade in designing an actual theorem-proving procedure based on the discussions in Section5 [25]. Its existence has also stimulated research into applications of the truly novel featureof the extension discussed in this paper: the use of �-terms as data structures in a logicprogramming language.This work has suggested several questions of both a theoretical and a practical na-ture, some of which are currently being examined. One theoretical question that has beenaddressed is that of providing for a stronger use of logical connectives within logic program-ming. Our approach in this regard has been to understand the desired \search" semanticsfor each logical connective and to then identify classes of formulas within appropriatelychosen proofs systems that permit a match between the declarative and search-relatedmeanings for the connectives. One extension along these lines to the classical theory ofHorn clauses is provided by the intuitionistic theory of hereditary Harrop formulas. The�rst-order version of these formulas is presented in [18, 19] and the higher-order versionis discussed in detail in [23]. These formulas result from allowing certain occurrencesof universal quanti�ers and implications into goals and program clauses and provide themeans for realizing new notions of abstractions within logic programming. The higher-44

order version of hereditary Harrop formulas has been incorporated into the current versionof �Prolog [27] and has provided signi�cant enrichments to it as a programming language.A second theoretical issue is the provision of a richer term language within �Prolog.The use of simply typed �-terms has turned out to be a limiting factor in the programmingcontext, and we have therefore incorporated a form of polymorphism inspired by ML [11,24]. A complete theoretical analysis for this extension is, however, yet to be provided.Further, there is reason to believe that a term language that permits an explicit quanti�-cation over types, e.g. the one discussed in [8], may be a better choice in this context. Ina similar vein, a richer term language like the one provided in [30], may also be consideredas the basis for the data structures of �Prolog.Among the practical questions, an important one that is being addressed is the de-scription of an e�cient implementation for a �Prolog-like language [26]. The key pursuitin this respect is to devise data structures for �-terms that will support reasonable im-plementations of the reduction mechanism of functional programming on the one hand,and of the uni�cation and backchaining mechanisms of logic programming on the other.Another issue of interest is the harnessing of the richness added to the logic programmingparadigm by the use of �-terms as data structures. As already indicated, ongoing researchhas been focused on exploiting such a language in areas that include theorem proving, typeinference, program transformation, and computational linguisitics.Acknowledgements. This paper is based on Nadathur's doctoral dissertation. Theauthors gratefully acknowledge helpful comments provided on this work by Jean Gallier,Andre Scedrov and Richard Statman.References[1] Andrews, P. B. Resolution in type theory. Journal of Symbolic Logic 36 (1971) 414 {432.[2] Apt, K. R., and van Emden, M. H. Contributions to the theory of logic programming.J. ACM 29, 3 (1982) 841 { 862.[3] Barendregt, H.P. The Lambda Calculus: Its Syntax and Semantics, North HollandPublishing Co., 1981.[4] Bowen, K. A. Programming with full �rst-order logic. Machine Intelligence 10, Hayes,J. E., Michie, D. and Pao, Y-H, eds., Halsted Press, (a subsidiary of John Wiley &Sons, Inc.), New York, 1982, 421 { 440.[5] Church, A. A formulation of the simple theory of types. Journal of Symbolic Logic 5(1940) 56 { 68. 45

[6] Constable, R. L., Allen, S. F., Bromley, H. M., Cleaveland, W. R., Cremer, J. F.,Harper, R. W., Howe, D. J., Knoblock, T. B., Mendler, N. P., Panangaden, P., Sasaki,J. T., and Smith, S. F. Implementing Mathematics with the Nuprl Proof DevelopmentSystem, Prentice-Hall, 1986.[7] Felty, A., and Miller, D. Specifying theorem provers in a higher-order logic program-ming language. Proceedings of the 9th International Conference on Automated De-duction, 1988, LNCS 310, Springer-Verlag, 61 { 80.[8] Fortune, S., Leivant, D., and O'Donnell, M. The expressiveness of simple and second-order type structures. J. ACM 30, 1 (1983) 151 { 185.[9] Gentzen, G. Investigations into logical deduction. The Collected Papers of GerhardGentzen, Szabo, M. E., ed., North-Holland Publishing Co., 1969, 68 { 131.[10] Goldfarb, W. D. The undecidability of the second-order uni�cation problem. Theoret-ical Computer Science 13 (1981) 225 { 230.[11] Gordon, M., Milner, A., and Wadsworth, C. Edinburgh LCF: A Mechanized Logic ofComputation, LNCS 78, Springer-Verlag, 1972.[12] Gould, W. E. A matching procedure for !-order logic. Scienti�c Report No. 4, A F CR L (1976) 66 { 781.[13] Hannan, J. and Miller, D. Uses of higher-order uni�cation for implementing programtransformers. Proceedings of the Fifth International Conference and Symposium onLogic Programming, 1988, MIT Press, 942 { 959.[14] Huet, G. P. The undecidability of uni�cation in third order logic. Information andControl 22, 3 (1973) 257 { 267.[15] Huet, G. P. A uni�cation algorithm for typed �-calculus. Theoretical Computer Science1 (1975) 27 { 57.[16] Huet, G. and Lang, B. Proving and Applying Program Transformations Expressedwith Second-Order Logic. Acta Informatica 11 (1978) 31{55.[17] Lucchesi, C. L. The undecidability of the uni�cation problem for third order languages.Report C S R R 2059, Dept. of Applied Analysis and Computer Science, University ofWaterloo, 1972.[18] Miller, D. Hereditary Harrop formulas and logic programming. Proceedings of the VIIIInternational Congress of Logic, Methodology, and Philosophy of Science, Moscow,August 1987, 153 { 156.[19] Miller, D. A logical analysis of modules in logic programming. Journal of Logic Pro-gramming 6 (1989) 79 { 108.[20] Miller, D., and Nadathur, G. Some uses of higher-order logic in computational linguis-46

tics. Proceedings of the 24th Annual Meeting of the Association for ComputationalLinguistics, Association for Computational Linguistics, Morristown, New Jersey, 1986,247 { 255.[21] Miller, D. and Nadathur, G. Higher-order logic programming. Proceedings of the ThirdInternational Logic Programming Conference, London, 1986, LNCS 225, Springer Ver-lag, 448 { 462.[22] Miller, D., and Nadathur, G. A logic programming approach to manipulating formulasand programs. IEEE Symposium on Logic Programming, 1987, 379 { 388.[23] Miller, D., Nadathur, G., Pfenning, F. and Scedrov, A. Uniform proofs as a foundationfor logic programming. To appear in the Annals of Pure and Applied Logic.[24] Milner, R. A theory of type polymorphism in programming. Journal of Computer andSystem Sciences 17 (1978) 348 { 375.[25] Nadathur, G. A higher-order logic as the basis for logic programming. Ph.D. Disser-tation, University of Pennsylvania, May 1987.[26] Nadathur, G. and Jayaraman, B. Towards a WAM model for �Prolog. Proceedingsof the North American Conference on Logic Programming, MIT Press, 1989, 1180 {1198.[27] Nadathur, G. and Miller, D. An overview of �Prolog. Proceedings of the Fifth Inter-national Conference on Logic Programming, 1988, MIT Press, 810 { 827.[28] Paulson, L. C. Natural deduction as higher-order resolution. The Journal of LogicProgramming 3, 3 (1986) 237 { 258.[29] Pfenning, F. Partial polymorphic type inference and higher-order uni�cation. Pro-ceedings of the 1988 ACM Conference on Lisp and Functional Programming, 1988,153 { 163.[30] Pfenning, F. and Elliot, C. Higher-order abstract syntax. Proceedings of the ACM-SIGPLAN Conference on Programming Language Design and Implementation, 1988,199 { 208.[31] Scherlis, W. and Scott, D. First steps towards inferential programming. In Informa-tion Processing, Mason, R. E. A., ed., Elsevier Science Publishers, North-Holland,Amsterdam, 1983, 199 { 212.[32] Sterling, L., and Shapiro, E. The Art of Prolog: Advanced Programming Techniques.MIT Press, Cambridge MA, 1986.[33] van Emden, M. H., and Kowalski, R. A. The semantics of predicate logic as a pro-gramming language. J. ACM 23, 4 (1976) 733 { 742.[34] Warren, D. H. D. Higher-order extensions to Prolog: Are they needed? Machine In-47

telligence 10, Hayes, J. E., Michie, D. and Pao, Y-H, eds., Halsted Press, (a subsidiaryof John Wiley & Sons, Inc.), New York, 1982, 441 { 454.

48