Observational Equivalences for Logic Programs1

Observational Equivalences for 1 Logic Programs Maurizio Gabbrielli, Giorgio Levi, Maria Chiara Meo

Dipartimento di Informatica Universita di Pisa Corso Italia 40, 56125 Pisa, Italia fgabbri,levi,[email protected]

Abstract

We rst introduce a general semantic scheme for logic programs which provides a uniform framework for de ning dierent compositional semantics parametrically wrt a given notion of observable. The equivalence of the operational (top-down) and xpoint (bottom-up) costruction of the semantics is ensured by the scheme (provided a congruence property is veri ed). We then de ne several observational equivalences on logic programs and investigate how they are related. The equivalences are based on various observables (successful derivations, computed answers, partial computed answers and call patterns) and on a notion of program composition. For each observational equivalence we study the relation with a suitable formal semantics, by investigating correctness and full abstraction properties. All the semantics we consider are obtained as instances of the general scheme.

1 Introduction

The rst application of any semantics is to help understanding the meaning of programs, and program understanding is based on our ability to detect when two programs cannot be distinguished by looking at their behaviors. De ning an equivalence on (logic) programs  and a formal semantics S (P) are then two strongly related tasks. A semantics S (P) is correct wrt , if S (P1 ) = S (P2 ) implies P1  P2. S (P) is fully abstract wrt , if the converse holds, i.e. if P1  P2 implies S (P1) = S (P2 ). While full abstraction is known to be a desirable property for any semantics, correctness is a must. Equivalences can be de ned by using logical arguments only, both considering model-theoretic and proof-theoretic properties. However the equivalences we are concerned with must be based on what we can observe from a computation. Indeed, when trying to understand the meaning of programs, when analyzing and transforming programs, we need equivalences (and semantics) which capture the \observational" behaviour of programs. The pure logical reading of programs fails capturing interesting properties of computations. For example, logically equivalent programs can compute dierent answer substitutions for the same goal (example 3.3). Once we have a formalization of program execution (given by the inference rules which specify how derivations are made), we have a choice for the equivalence by de ning an observable, i.e. a property we want observe in the computation. We can be interested in dierent observable properties such as successful derivations, computed answers, partial computed answers, variables sharing, variables ground1 To

appear in Proc. ICSLP 1992

1

ness etc. A given choice of the observable X induces an observational equivalence

X on programs. Namely P1 X P2 i P1 and P2 are observationally indistinguishable according to X. For example, if the observable s denotes a success, P1 s P2

i for any goal G, G is refutable in P1 i it is refutable in P2. It is worth noting that abstract interpretation can simply be understood and formalized, from an abstract point of view, in terms of the choice of a suitable observable (for example groundness of goal variables in the derivation). The most natural observable in the case of logic programs is computed answer substitution, which is usually considered the result of a program execution. Hence any \reference semantics" for logic programs should be correct wrt the observational equivalence based on computed answers. However, as rst shown in [10], this is not the case of the classical van Emden and Kowalski's semantics [27]. The need for a dierent semantics (correct wrt computed answers) gave rise to several new de nitions and was particularly recognized in the case of abstract interpretation [25, 2, 6] and program transformation [20, 3], where also less abstract observables (e.g. partial computed answers) have sometimes to be modeled [6]. In addition to the problem of modeling observational equivalences, there exists an important property which does not hold in the least Herbrand model semantics, i.e. OR-compositionality. A semantics is compositional wrt a (syntactic) program composition operator  when the semantics of the compound construct C1  C2 can be de ned by (semantically) composing the semantics of the constituents C1 and C2. When composition of programs is considered, given an observable property we obtain dierent equivalences depending on which kind of program composition we consider. Given an observable X and a program composition operator , the induced equivalence (;X ) is de ned as follows. P1 (;X ) P2 i for any program Q, P1  Q X P2  Q, (i.e. i P1 and P2 are observationally indistinguishable under any possible context allowed by the composition). Note that if semantics S (P) is correct wrt X and compositional wrt  then S (P) is also correct wrt (;X ) . In the case of logic programs, the least Herbrand model semantics is not compositional wrt the union of programs (i.e. is not OR-compositional). If the observable is successful derivation, OR-compositionality can be understood in logical terms since the set of all the (Herbrand) models is OR-compositional [24] (and correct wrt successful derivations). The only OR-compositional semantics correct wrt computed answers are described in [19, 5, 4]. Clearly, OR-compositionality is a desirable property both for theoretical (compositional semantics of modules) and for practical (modular program analysis and transformation) purposes. Over the last few years we have developed a general approach to the semantics [13], whose aim was modeling the observable behaviors (possibly in a compositional way) for a variety of logic languages, ranging from positive logic programs [10, 11, 5, 4], to general logic programs [26, 16], constraint logic programs [12] and concurrent constraint programs [14]. Our approach is based on the idea of choosing (equivalence classes of) sets of clauses as semantic domains. Denotations (that we call -interpretations) are not interpretations in the conventional mathematicallogic sense and can be computed both by a top-down construction (a success set) and by a bottom-up construction (the least xpoint of suitable continuous immediate consequence operators on -interpretations). The s-semantics [10, 11] was the rst (non-compositional) semantics correct wrt computed answers and which used sets of unit clauses as domain. Gaifman and Shapiro, using a proof-theoretic approach, introduced the idea of using as domain sets of non-unit clauses to achieve ORcompositionality [18] when considering successful derivations. They then de ned (using a dierent semantic domain) a fully abstract OR-compositional semantics 2

modeling computed answers [19]. The -semantics [5, 4] is the real compositional generalization of the s-semantics and uses non-unit clauses as domain. In this paper, following the approach of [13], we rst de ne a semantic scheme which generalize -semantics and provides a uniform framework for de ning dierent compositional semantics for logic programs parametrically wrt a given notion of observable. The scheme allows both top-down (operational) and bottom-up ( xpoint) de nitions of the semantics and ensures the equivalence of the two characterizations, provided a congruence property is veri ed. Moreover the scheme allows to treat in an uniform way both \concrete" and \abstract" semantics such as those arising in semantic based program analysis. Indeed, an abstract semantics is simply obtained by considering an \abstract" notion of observable (e.g. groundness, terms rigidity, variables sharing etc.). The correctness of an abstract semantics wrt a concrete one is usually stated by using a Galois connection which relates the two semantics [7]. It is worth noting that in our framework, since all the semantics are instances of the same scheme, their relations can be uniformly understood in terms of abstractions. Therefore, the relation between dierent semantics (not necessarily a concrete and an abstract one) can be formally expressed by using Galois connections. We then consider various program equivalence notions and investigate how they are related to study their discriminating power. A systematic comparison of various program equivalences has already been given in [24], which, however, considers only equivalences based on logical properties or on the semantics in [27]. We have already argued that all these equivalences are too weak to correctly characterize computed answers. For example, programs P1 = fp(X); p(a); q(a); q(b)g and P2 = fp(X); q(a); q(b)g are identi ed by all the equivalences considered in [24] and the same is true for programs Q1 = fq(X) : ?q(X); q(X)g and Q2 = fq(X) : ?q(X)g. However, programs P1 and P2 have dierent computed answers (see example 3.3) and, if we consider the OR-composition of programs, Q1 and Q2 are dierent too (see example 3.7). Some equivalences which consider OR-composition have already been studied in [18, 19]. However programs R1 = fp(a); q(b); r(X; Y ) : ?p(X); q(Y )g and R2 = fp(a); q(b); r(X; Y ) : ?q(Y ); p(X)g are identi ed by all the equivalences considered in [18, 19], while, if we consider \partial computed answers" with a given selection rule, they can be distinguished (see example 5.1). We extend the study of [24] and [18, 19] by introducing new equivalences, which are able to capture dierences such as those of the previous programs, and by analyzing their relationships. The new equivalences are obtained both considering new observables such as partial computed answers and call patterns and by considering non-standard TP operators. For each observational equivalence we study how it is related to a suitable formal semantics (obtained as a speci c instance of the general scheme) by investigating correctness and full abstraction properties. For partial answers and call patterns, we rephrase in our semantic framework some results given in [17] and we show a semantics [17] which models partial answers when considering also the selection rule (and hence allows to distinguish programs R1 and R2). Having related each observational equivalence to a suitable xpoint semantics and therefore to an immediate consequence operator, we then study the equivalences induced by these operators and their relations to the observational ones. The notion of program composition we consider is [ , which is a generalization of program union where the set of predicates   speci es which predicates can be shared by dierent programs ( is the set of all predicates). If = , [ is the standard union [, while if = ; the composition is allowed only on programs which do not share predicate symbols. A program P can be composed, by means of 3

[ , with other programs which may further specify the predicates in . Formally, if Pred(P) \ Pred(Q)  then P [ Q = P [ Q, otherwise P [ Q is not de ned [5, 4]. The observables we analyze are successful derivations (denoted by s), computed answers (ca), partial computed answers (p), correct partial answers (cp), call patterns (pt) and correct call patterns (cpt). Successful derivations and computed answers are independent from the selection rule, while this is not the case for partial computed answers and call patterns. We then denote the various equivalences by ( ;X;R) ; where denotes the composition ([ ), X 2 fs; ca; p; cp; pt; cptg denotes the observable, and R is the selection rule. When R is not speci ed we will omit the third parameter. The reader is assumed to be familiar with the terminology and the basic results on the semantics of logic programs [22, 1]. We assume a given signature S which contains a denumerable set F of function symbols and a set  of predicate symbols. If t and t0 are terms, t  t0 i there exists a substitution # such that t# = t0 .  is a preorder and the associated equivalence is called variance. These de nitions can be extended in the obvious way to clauses. If c1 = A : ?B1 ; : : :; Bn and c2 = C : ?D1 ; : : :; Dn , c1 subsumes c2 i there exists # such that A# = C and fB1#; : : :; Bn#g  fD1 ; : : :; Dng. By Pred(E) we denote the set of predicates occurring in the expression E. The ordinal powers f  (X) of a monotonic function f on a complete lattice are de ned as usual, namely f 0 (X) = X, f +1 (X) = F 

f(f (X)) for any ordinal  and f (X) = < f  (X) for limit ordinal. When considering the TP operators, we use the standard notation TP "  = (TP ) (;). We de ne (f + g)(X) = f(X) [ g(X) for f, g generic functions, and [ P]](X) = (TP + id)! (X) where id denotes the identity function. The closure operator [ P]] introduced in [21] denotes the function corresponding to deductions in any number of step. When considering a function fP obtained by a program P (such as TP or [ P]]) we de ne fP1 = fP2 i 8X, fP1 (X) = fP2 (X). The equality of the fP 's induces an equivalence on programs in the obvious way, namely P1 and P2 are equivalent # wrt a given fP i fP1 = fP2 . If G is a goal, G ; P;R B1 ; : : :; Bn denotes an SLD derivation of the resolvent B1 ; : : :; Bn in the program P which uses the selection rule R. # is the substitution , composition of the mgu's, restricted to the variables of G (denoted by jG ). If R is omitted, no speci c selection rule is assumed (and the # 2 denotes the refutation de nition is independent from the selection rule). G ; P of G in P with computed answer substitution #. ~t, X~ denote tuples of terms and variables respectively, while B~ denotes a (possibly empty) conjunction of atoms. The proofs of the results given in this paper are in [15].

2 A general semantic scheme

The scheme is a generalization of the -open semantics introduced in [5, 4] to get compositionality wrt program union. The standard semantics based on atoms are not compositional wrt union of programs since the information necessary to achieve compositionality can (syntactically) only be expressed by clauses. Let P1 = fp(X) : ?r(X)g and P2 = fr(a)g. The least Herbrand model semantics of P1 [ P2 cannot be obtained from the semantics of P1 and P2 since P1 has an empty model. The semantics of P1 should contain also the clause p(X) : ?r(X). The open semantics is then de ned on domains consisting of (equivalence classes) of sets of clauses (?interpretations). If we abstract from the speci c equivalences in [5, 4], the open semantics can be viewed as a semantic framework for correctly modeling (;X ) equivalences. 4

Depending on the observable X and the composition operator , the semantics for (;X ) can be obtained from the general scheme by de ning a speci c equivalence relation  on sets of clauses and therefore a semantic domain. We denote by C the set of all the clauses (on the given signature). A ?interpretation is an equivalence class I= where I  C . We can then de ne the top-down semantics ~ : ?p(X) ~ j p2 O (P), parametrically wrt . We use the notation Id = fp(X) ~  and X are distinct variablesg. De nition 2.1 Let P be a program, R be a fair selection rule and  be an equivalence relation on }(C ). Assume P  = P [ Id. Then O (P) = fA : ?B1 ; : : :; Bm 2 C j

# ~ ; 9 # s:t: p(X) P;R D1 ; : : :; Dk ;P  ;R B1 ; : : :; Bm ; m  0; ~ and X~ distinct variables A = p(X)# g= Note that O (P) is a ?interpretation and that de nition 2.1 is independent from the fair selection rule R considered. Moreover O (P) is the set of all the resultants ~ in P  . [23], obtained from goals of the form p(X) O (P) can equivalently be de ned as the least xpoint of an operator TP (I) (parametric wrt ). We require S  to beSa congruence wrt [, i.e. for i = 1; 2 : : :, if I1  Ji , Ii ; Ji  C , then i=1;2;::: Ii  i=1;2;::: Ji (all our de nitions of  satisfy such a requirement). Since  is a congruence,the set of ?interpretations = is a complete lattice. Let us de ne (I) = fag where a is the renamed apart S version of any element in I 2 = . Then for any X  = we can de ne tX = [ I 2X (I)]= and for I; J 2 = , I v J i I t J = J. The relation v is an ordering on = and (= ; v) is a complete lattice (with t as glb). De nition 2.2 Let P be a program and let I 2 (= ; v). Then TP (I) = [?((I))]= where, for Q  C , ?P (Q) is de ned as follows ?P (Q) = f(A : ?B1;1 ; : : :; B1;m1 ; : : :; Bn;1; : : :; Bn;mn )# 2 C j 9A:-B1; : : :; Bn 2 P for i = 1; : : :; n 9 Bi0 : ?Bi;1 ; : : :; Bi;mi 2 Q [ Id ; mi  0; such that # =mgu ((B1 ; : : :; Bn ), (B10 ; : : :; Bn0 )) g Moreover we de ne [ P]] = (TP + id)! . In general, we require the de nition of TP (I) to be independent from the element chosen in the equivalence class I, i.e. we require that for Y  J, ?P (Y )  ?P (J). Also in this case all our de nitions of  satisfy this property. The following theorem shows a general property of our scheme stating the equivalence of the top-down and the bottom-up constructions of the semantics. This simpli es the treatment in speci c cases since usually it is easier to prove the requirements of the theorem than the stated equivalence. Theorem 2.3 Let P be a program and  be an equivalence on }(C) such that if I  J then ?P (I)  ?P (J). Moreover assume  being a congruence wrt in nite unions. Then TP " ! is the least xpoint of TP on the complete lattice (= ; v) and TP " ! = O (P). By instantiating TP with a suitable  equivalence, we can de ne various xpoint semantics, as in the case of the operator in [8]. As previously argued, semantics arising in abstract interpretation can be obtained as well by considering suitable observables. Moreover note that our framework can be extended to constraint logic programs in a straightforward way. In the following, for each observable X and 5

composition operator  considered we introduce a suitable (X;) equivalence to obtain a correct (in some cases fully abstract) semantics for (X;) . For example (weak) subsumption equivalence [24] can be used for the observable X = s and program union ( = [), but is too coarse and hence not correct when considering X = ca (see example 3.7). Variance is correct wrt X = ca, but is too ne an equivalence, since it would distinguish clauses such as H : ?A; B and H : ?B; A. Such a distinction is necessary when considering as observables partial answers with a given selection rule. In general, we assume that no equivalence ner than variance is used as  (this is consistent with the fact that clauses are renamed apart during derivations). The equivalences on sets of clauses  are subscripted by a pair (; X) denoting the composition and the observable. When no subscript is speci ed  denotes variance.

3 No compositions

In this section we consider [; as composition operator, i.e union of programs which do not share predicate symbols, with successful derivations (s) and computed answers (ca) as observables. We rst consider (;;s) and (;;ca) showing their relations to the s-semantics and the Herbrand semantics. For the sake of brevity, we give below the formal de nition of the two equivalences for the general case.

De nition 3.1 Let P1 ; P2 be programs. Let G be a goal and Q be a program such that Pi [ Q is de ned, for i = 1; 2. Then  P1 ( ;s) P2 if 8 G, 8 Q, G ;# P1 [ Q 2 i G ; P2 [ Q 2,  P1 ( ;ca) P2 if 8 G, 8 Q, G ;# P1 [ Q 2 i G ;# P2 [ Q 2. Note that the case = ; is equivalent to considering no composition at all. Hence in this case the only information we need in an interpretation I is given by the unit clauses contained in I. Formally, for I; J  C , we can then de ne I (;;ca) J i I and J contain the same unit clauses modulo variance and I (;;s) J i I and J have the same ground instances of unit clauses. Equivalences coarser than (;;ca) and ner than (;;s) arise when considering abstract semantics. Note that for (;;ca) all the previous de nitions boil down to the case of the s-semantics. For any I 2 =(;;ca) , the set of unit clauses (modulo variance) of any

element in I can be considered the canonical representative of the equivalence class of I. TP(;;ca) is then exactly the immediate consequence operator of [10] and its least xpoint is the s-semantics [10, 11]. In the case of (;;s) the canonical representative of an equivalence class J is obtained by taking the set of the ground instances of the unit clauses of an element in J. Then TP(;;s) (on canonical representatives) is the standard immediate consequence operator TP [27] and its least xpoint the (;;cais ) and usual least Herbrand model semantics. In the following we consider T P TP(;;s) de ned on canonical representatives. According to de nition 3.1, (;;s) is the equivalence induced by successful derivations, while (;;ca) is induced by computed answers. By standard results [1, 22] M(P) (the canonical representative of O(;;s) (P)) is correct and fully abstract wrt (;;s). Moreover, by the strong completeness theorem in [10, 11], the s-semantics O(;;ca) (P) is correct and fully abstract wrt (;;ca) . We extend now to TP (;;ca) some results for the ground operator TP [24], about the discrimination power of the various equivalences. Proposition 3.2 shows that the \non-ground" equivalences are in general strictly ner than their ground versions. 6

Strictness can be shown by counterexamples similar to the one of example 3.3. The relations between the equivalences for the non-ground case are in proposition 3.4. Proposition 3.2 Let P be a program. Then (;;ca) is strictly ner than (;;s) . Moreover theequivalence wrt TP(;;ca) and [ P]](;;ca) are strictly ner than the equivalence wrt TP (;;s) and [ P]](;;s) respectively. Example 3.3 Let us consider the programs P1 = fp(x); q(a); q(b)g and P2 = fp(x); p(a); q(a); q(b)g. Since M(P1) = M(P2), P1 (;;s) P2 while P1 6(;;ca) P2 since for the goal p(Y ) only the program P2 computes the answer Y=a. Proposition 3.4 Let P1; P2 be programs. Then 1. if TP1(;;ca) + id = TP2(;;ca) + id then [ P1] (;;ca) = [ P2] (;;ca) and the converse does not hold,

2. [ P1] (;;ca) = [ P2] (;;ca) i P1 (;ca) P2 ( is the set of all the predicates, see corollary 4.11) 3. if [ P1] (;;ca) = [ P2] (;;ca) then P1 (;;ca) P2 and the converse does not hold, 4. the equivalence (;;ca) is dierent from (neither coarser nor ner than) the equivalences induced by TP(;;s) , TP(;;s) + id and [ P]](;;s) .

A result in [24] states that if clause c1 subsumes clause c2 then Tc2  Tc1 and hence TP1 = TP2 i P1 and P2 aresubsumption equivalent. Therefore, by proposition 3.2 the equivalence wrt the TP (;;ca) operator is strictly ner than subsumption equivalence. Indeed, as shown by proposition 3.6 and by example 3.7, clause c1 (;;caif) (Q) there subsumes clause c2 we can only prove that for every atom A in T c 2 exists a more general atom B in Tc1 (;;ca) (Q) and we cannot prove Tc1 (;;ca)  Tc2 (;;ca) . De nition 3.5 Let A; B be sets of atoms. A  B i 8 X 2 A; 9; 9 Y 2 B s.t. Y # = X . If f; g are functions de ned on sets of atoms, f  g i 8A; f(A)  g(A). )  T (;;ca) . Moreover, programs Proposition 3.6 If c1 subsumes c2, then T(c;2;ca(;;ca c1 ) P1 and P2 are subsumption equivalent i TP1  TP2(;;ca) and TP2(;;ca)  TP1(;;ca) . Example 3.7 Consider programs Q1 = fc1g and Q2 = fc2 g where c1 = q(X) : ?q(X) and c2 = q(X) : ?q(X); q(X). c1 subsumes c2 (and vice versa). However TQ1(;;ca) 6 TQ2(;;ca) since if Z = fq(f(a; X)); q(f(X; b))g then q(f(a; b)) 2 TQ2(;;ca) (Z) n TQ1(;;ca) (Z). Note that Q1 (;;ca) Q2 and Q1 [ Z and Q2 [ Z are subsumption equivalent. However, Q1 [ Z 6(;;ca) Q2 [ Z since the goal q(X) can compute the answer X=f(a; b) in Q2 [ Z only (and therefore Q1 6( ;ca) Q2 for

= fqg). From previous example we have also that (weak) subsumption equivalence does not imply (;;ca) . Therefore, when considering computed answers, (weak) subsumption equivalent clauses cannot be considered equivalent because the logical meaning of subsumption is not adequate to replace the operational meaning of SLD (clause c2, which is a tautology, cannot be deleted nor replaced by c1 in Q2 [ Z) . This discrepancy is of the same nature of the weakness of the completeness theorem for SLD resolution (only answers more general than correct answers can be computed [22]). (Weak) subsumption equivalence is perfectly adequate to model successful derivations. Indeed if P1 and P2 are (weak) subsumption equivalent, (id+)TP1 = (id+)TP2 [24] and therefore the programs have the same least Herbrand model and the same successful derivations. 7

4 Compositional equivalences

We consider the general case with [ as composition operator. We rst de ne a syntactic equivalence ' on clauses which is correct wrt ( ;ca) (for any ) and hence can be used to de ne ?interpretations for the compositional case when considering computed answers. Two semantics correct wrt ( ;ca) and ( ;s) are then obtained from the general scheme by de ning the equivalences ( ;ca) and ( ;s) on sets of clauses. Moreover we show the relation of ' and ( ;ca) to previous equivalences.

De nition 4.1 Let c = H : ?B1 ; : : :; Bn be a clause. An atom Bi is relevant in c i either it shares variables with H or, inductively, it shares variables with an atom Bj relevant in c. The multiset of relevant atoms in c is denoted by Rel(c).

De nition 4.2 Let c1 = A1 : ?B1 ; : : :; Bn ; c2 = A2 : ?D1 ; : : :; Dm be two clauses which do not share variables. Let us denote by + multiset inclusion and by Set(M) the set of the elements in the multiset M . Then c1 c c2 i c1 subsumes c2 and there exists a renaming  such that A1 = A2 , Rel(c2 ) + Rel(c1 ) and Set(Rel(c2 )) = Set(Rel(c1 )). ' denotes the equivalence induced by c . De nition 4.3 Let P1 ; P2 be programs. Then P1  P2 i 8c2 2 P2; 9c1 2 P1 such that c1 c c2 : We denote by 'p the equivalence induced by  . It is worth noting that relevant atoms in clause bodies are considered as multisets and that clauses equivalent up to ' are subsumption equivalent and have the same multiset of relevant atoms (up to renaming). Indeed, as shown by example 3.7, a relevant atom cannot be deleted (even if subsumed by another atom in the clause) without changing the computed answers semantics of the clause (therefore c2 c c1 while c1 6c c2). The example can be generalized to show that also relevant atoms which contain local variables only cannot be deleted. By corollary 4.6, if P1 c P2 then P1 behaves as P2 under any composition, while if P1 'p P2 then the two sets of clauses are indistinguishable (up to ( ;ca) ). As a consequence, ' can be used to correctly de ne the equivalence ( ;ca). Note that while ' (on clauses) gives the same equivalence as the TP(;;ca) 's equality (proposition 4.4), this is not the case for 'p (proposition 4.5).

Proposition 4.4 Let P1 = fc1g and P2 = fc2g be programs. Then TP1(;;ca) =  TP2(;;ca) i c1 ' c2 : Proposition 4.5 Let P1 ; P2 be programs. If P1  P2 then for any set of atoms X , TP1(;;ca) (X)  TP2(;;ca) (X) and the converse does not hold.

Corollary 4.6 Let P1; P2; Q be programs such that P1  P2. If G ;# P2[Q 2 then # G; P1 [Q 2. Moreover if P1 'p P2 then P1 ( ;ca) P2 for any . ~  g. In order to get compositionality Let C = fH : ?B~ 2 C j Pred(B) wrt [ we need only the information given by clauses in C . Then we de ne for I; J  C , I ( ;ca) J i I \ C 'p J \ C . Note that for = ;, ( ;ca) is the same of (;;ca) of section 3. Theorem 4.7 shows that O( ;ca) (P) is compositional wrt program union and correctly models computed answers. Therefore (corollary 4.8) it is correct wrt ( ;ca) . Similar results (using a dierent semantic domain based on clauses) have already been given in [5, 4]. 8

Theorem 4.7 Let P1; P2 be programs. If P1 [ P2 is de ned then O( ;ca) ((O( ;ca) (P1) t O( ;ca) (P2))) = O( ;ca) (P1 [ P2). Moreover P1 ( ;ca) (O( ;ca) (P1)). Corollary 4.8 Let P1 ; P2 be programs. If O( ;ca) (P1 ) = O( ;ca) (P2) then P1 ( ;ca) P2. It is easy to show that the converse of the corollary does not hold, i.e. the semantics O( ;ca) (P) is not fully abstract wrt ( ;ca) . The diculty here is related to the use of clauses in the semantic domain (note that the full abstractness result in [19] was obtained using a domain not containing clauses). We now show the relation of ( ;ca) to other equivalences. It is easy to prove that if  then ( ;ca) is strictly ner than ( ;ca) . Theorem 4.9 and corollary 4.11 show one interesting result which relate the [ P]](;;ca) semantics to the ( ;ca) equivalence. When we consider the semantics of a program P as the function [ P]](;;ca) restricted to sets of atoms Q such that Pred(Q)  , such a semantics is correct and fully abstract wrt to ( ;ca). Therefore the semantics [ P]](;;ca) is correct and fully abstract wrt (;ca) where  is the set of all the predicates. Example 4.10 shows that the hypothesis Pred(Q)  in theorem 4.9 is necessary. Theorem 4.9 If P1 and P2 are programs then for any , P1 ( ;ca) P2 i for any set of atoms Q, such that Pred(Q)  , [ P1] (;;ca) (Q) = [ P2] (;;ca) (Q). Example 4.10 Let P1 = fp : ?qg and P2 = fg: Then P1 (;;ca) P2, but [ P1] (;;ca) (fqg) 6= [ P2] (;;ca) (fqg) Corollary 4.11 If P1 and P2 are programs then P1 (;ca) P2 i [ P1] (;;ca) = [ P2] (;;ca) . Results similar to those of proposition 3.4 can be shown to hold for the operator TP( ;ca) , and the equivalences induced by TP( ;ca) (+id) and by [ P]]( ;ca) are strictly ner when considering a larger set . Finally let us consider the equivalence ( ;s). As previously discussed, weak subsumption equivalence can be used to de ne ?interpretations, since we are concerned with successful derivations only. Then we can de ne for I; J  C , I ( ;s) J i I \ C is weakly subsumption equivalent to J \ C . Theorem 4.12 states correctness and full abstraction of the resulting semantics. A dierent fully abstract invariant wrt ( ;s) was already given in [18]. Theorem 4.12 Let P1; P2 be programs. Then O( ;s) (P1) = O( ;s) (P2 ) i P1 ( ;s) P2 .

5 Partial answers and call patterns

A xpoint semantics for partial answers has been already de ned in [9] and then extended in [17] to consider also correct partial answers, call patterns and selection rules. In subsection 5.1 we show how the results of [17] can be obtained in our framework by considering suitable instances of the semantic scheme. In particular we show a fully abstract semantics for partial answers. Observables and equivalences depending on the selection rule are considered in subsection 5.2. A partial answer is the substitution computed by a derivation which is not yet terminated. A distinction can be made between a partial answer and a correct 9

partial answer for a goal G. The rst is the restriction to the variables in G of the composition of the mgu's computed in any partial derivation for G, while the second requires also that the derivation be part of a successful derivation. For example, programs P1 = fr(a) : ?qg and P2 = fq; r(a) : ?qg have the same partial answers for the goal r(x), but not the same correct partial answers. Note that if # is a correct partial answer for the goal G in program P, then 9X:G#, for X = V ar(G#), is a logical consequence of P. This is not the case for partial answers. As shown by example 5.1 (correct) partial answers depend on the selection rule. We then give the following de nition. Example 5.1 The program P = fp(a); q(b); r(X; Y ) : ?p(X); q(Y )g has correct partial answers X=a or Y=b for the goal r(X; Y ) depending on the (leftmost or rightmost) selection rule.

De nition 5.2 Let P be a program, R be a selection rule and G be a goal. The # substitution # is an R-partial answer for G in P i G ; P;R B1 ; : : :; Bn, n  0. #

# is a correct R-partial answer for the goal G i G ;P;R B1 ; : : :; Bn ; P 2, n  0. Moreover, # is a (correct) partial answer for G in P i there exists a rule R such that # is a (correct) R-partial answer for G in P .

It is interesting to study equivalences based on partial answers, since these notions are useful in abstract interpretation [6]. Another observable which arises in the framework of program analysis is \call patterns". According to the procedural interpretation of logic programs, a selected atom p(t~) in a derivation can be considered a \call" of the procedure p with parameter ~t. A \call pattern" is therefore any selected atom in a derivation. Also in this case we can be concerned with the selection rule and the correct call patterns. The formal de nition of (correct)(R-) call pattern can then be obtained from de nition 5.2 by replacing \the substitution #" by \the atom Bi #, 1  i  n". 5.1

Without selection rules

We rst consider the case where the selection rule is not speci ed. Let us formally introduce the four equivalences induced by these observables. De nition 5.3 Let P1; P2 and Q be programs such that Pi [ Q is de ned, for i = 1; 2. Then we de ne P1 ( ;p) P2, P1 ( ;cp) P2 , P1 ( ;pt) P2 and P1 ( ;cpt) P2 i 8 G, 8 Q, G has the same set of (respectively) partial answers, correct partial answers, call patterns and correct call patterns in P1 [ Q and in P2 [ Q. For the sake of simplicity, we consider only the case = ;. The compositional case can be obtained by techniques similar to those used in the above sections. Suitable instances of the semantic scheme can be used to model (correct) partial answers and call patterns. The key issue is that we can extract from the clauses in O (P) all the information needed to obtain these observables for any goal G. For example, # is a partial answer for the goal p(t~) i there exists a clause H : ?B1 ; : : :; Bn in (O (P)) such that # = jp(t~) for = mgu(p(t~); H). # is a correct partial answer if there exists such a clause and there exist n atoms C1; : : :; Cn in (O (P)) such that (B1 ; : : :; Bn ) uni es with (C1 ; : : :; Cn). Note that, when considering partial answers, we need only the information in the heads of the clauses in O (P). For correct partial answers instead we have to consider also the bodies. For example, if P = fq(X); p(X) : ?q(X); q(a) : ?r(a)g then O (P) = [P [ 10

fp(X); p(a) : ?r(a)g]= . Therefore X=a is the mgu of p(X) and the head of a clause in O (P). However X=a is not a correct partial answer. We can then de ne the equivalences (;;p) , (;;cp) and the semantics for partial answers as follows. De nition 5.4 Let P be a program. For I; J  C we de ne I (;;p) J i 8H : ?B~ 2 I 9K : ?C~ 2 J such that H = K for a renaming . The partial answer semantics S(;;p) (P) and the correct partial answer semantics S(;;cp) (P) of P are then de ned as S(;;p) (P) = O(;;p) (P) and S(;;cp) (P) = O(;ca) (P). It is possible to prove that # is a partial answer for the goal G = A1 ; : : :; Ak in the program P i for j = 1; : : :; k 9Hj 2 (S(;;p) (P)) such that # = jG and

= mgu((A1 ; : : :; Ak ); (H1; : : :; Hk )). A similar characterization can be given for correct partial answer, considering heads of clauses in (P(;;cp)(P)) and requiring also that the conjunction of the bodies of such clauses unify with a conjunction of unit clauses taken from (S(;;cp) (P)). The information needed to model call patterns can be obtained from the clauses in O (P) as well. For example C is a call pattern for the atomic goal A in the program P, i 9 H : ?B1 ; : : :; Bn 2 O (P) such that C = Bi #, 1  i  n, where # = mgu(A; H). Note that we only need the information on the relation between the head and the various atoms in the body (i.e. the clause H : ?B1 ; : : :; Bn is equivalent to the set of clauses fH : ?B1 ; : : :; H : ?Bn g). When considering correct call patterns we need to keep all the information on the clause bodies (viewed as multisets). The equivalence (;;p) and the semantics for call patterns are then de ned as follows.

De nition 5.5 Let P be a program. Let us de ne, for I; J  C, I (;;pt) J i 8H : ?B1 ; : : :; Bn 2 I for i = 1; : : :; n, 9K : ?C1 ; : : :; Cm 2 J such that H : ?Bi = (K : ?Cj )i for 1  j  m, i renaming and vice versa. Moreover, (;;cpt) is variance on clauses considering bodies as multisets. The call patterns semantics C; (P) and the correct call pattern semantics C(;;cpt)(P) are de ned as C;(P)= O(;;pt) (P) and C(;;cpt) (P) = O(;;cpt) (P). The following theorem shows the correctness of all the semantics considered and the full abstraction of S(;;p) (P) (wrt the appropriate x equivalences). The same theorem was already obtained in [17] by using a slightly dierent de nition of the semantic domain. Note that the equivalences considered in this section are all dierent and no one is contained in any other. The relations to the equivalence (;ca) are shown by proposition 5.7

Theorem 5.6 Let P1; P2 be programs. For x 2 f(;; p); (;; cp); (;; pt); (;;cpt)g the following facts hold. 1) For any I 2 Sx (P1), I x P1. 2) If Sx (P1)= Sx (P2 ) then P1 x P2. 3) S(;;p) (P1) =S(;;p) (P2 ) i P1 (;;p) P2 . Proposition 5.7 Let P1; P2 be programs. If P1 (;ca) P2 then P1 (;;p) P2 and P1 (;;cp) P2. 5.2

Introducing a selection rule

We will consider in this section equivalences based on partial answers with a given selection rule R, showing a correct and fully abstract semantics for them originally de ned in [17]. Such a semantic is de ned both top-down and bottom up, and the equivalence of the two constructions holds only when considering local selection 11

rules. A local selection rule was de ned in [28] as a rule which selects in a resolvent N~ always one of the most recently introduced atoms in the derivation from the goal to N~ (the atom A is introduced in the resolvent M~ if A is in the body of the clause used to obtain M~ from its parent in the derivation). This de nition is modi ed in [17] by requiring also that a xed ordering is given (by means of a bijection  on the set of integer numbers) for the selection of atoms in the bodies, and hence for the selection of one the most recently introduced atoms. Note that PROLOG leftmost rule is local and in general local rules produce SLD trees with a simple structure, suitable for ecient searching techniques [28]. When considering the selection rule, the ordering of atoms in the body of a clause is relevant. We will therefore consider ?interpretations as sets of clauses modulo variance (denoted by ). In order to take into account the selection rule, de nition 2.1 can easily be changed by deleting Id (which was used exactly to get the independence from the selection rule). Adapting de nition 2.2 is more complicate and the formal de nition of the T(P;R ) operator for the rule R is given in [17]. The intuition is that since R is local, the ordering  can also be used \locally" on the body of any clause used in the bottom-up \computation" de ned by T(P;R ) . For example, considering as R the leftmost rule, if H : ?B1 ; : : :; Bn 2 P and for any k, 1  k  n, 9 k ? 1 unit clauses A1 ; : : :; Ak?1 2 ~ Bk+1 ; : : :; Bn )# 2 T(P;R ) (X) where X and 9 Ak : ?B~ 2 X [ Id, then (H : ?B; # = mgu((B1 ; : : :; Bk )(A1 ; : : :; Ak )). In [17] is proved that the operator T(P;R ) is continuous on the lattice of -interpretations and that its least xpoint T(P;R ) " ! is equal to the top-down semantics O(;R ) (P).

De nition 5.8 [17] Let P be a positive program and R be a local selection rule. Then we de ne

# ~ ; O(;R) (P) = fA : ?B1 ; : : :; Bm 2 C j 9# s:t: p(X) P;R B1 ; : : :; Bm ; m  0;

~ for X~ distinct variables A = p(X)#; g When considering R-partial answers, we only need the information from the heads of clauses in O(;R) (P). However, we need to distinguish between partial answers (obtained by heads of clauses with non-empty bodies in O(;R) (P)) and computed answers (obtained by unit clauses in O(;R) (P)). Consider for example the clause p(X; Y ) : ?q(X); r(Y ) with the leftmost selection rule. Clearly if Y=b is a partial answer for r(Y ) and X=a is an answer for q(X); then fX=a; Y=bg is a partial answer for p(X; Y ), while this is not the case if X=a is a partial answer (and not an answer) for q(X). A correct and fully abstract semantics (theorem 5.10) S(;;p;R) (P) for R-partial answers and computed answers is obtained from O(;R ) (P) as follows. Results based on O(;R) (P), similar to those of the previous subsections, can be shown to hold for R-correct partial answers and R-call patterns.

De nition 5.9 [17] Let P be a positive program and R be a local selection rule. The R-partial answer semantics S(;;p;R) (P) of P is (] denotes the disjoint union) S(;;p;R) (P) = S ] T where T = fA j A 2 I for I 2 O(;R) (P)g= S = fA j 9A : ?B1 ; : : :; Bn 2 I [ Id for I 2 O(;R) (P)g= Theorem 5.10 [17] Let P1; P2 be programs and R be a local selection rule. Then S(;;p;R) (P1) = S(;;p;R) (P2) i for any goal G, G has the same computed answers and the same R-partial answers in P1 and in P2.

12

TP1(;;s) = TP2(;;s)

TP1(;;ca) = TP2(;;ca)



?

?

?

T (;;s) + id = T (;;s) + id

 T (;;ca) + id = T (;;ca) + id P P

P2

P1

TP1(;;cp) = TP2(;;cp)



 T (;;cp) + id = T (;;cp) + id P P

2

1

2

1

?

[ P1] (;;cp) = [ P2] (;;cp)

? ?

j= P1 , P2

[ P1] (;;s) = [ P2] (;;s) P1 (;s) P2 O(;s) (P1) = O(;s) (P2 )

?

M(P1 ) = M(P2) P1 (;;s) P2



?

[ P1] (;;ca) = [ P2] (;;ca) P1 (;ca) P2





O(;ca) (P1) = O(;ca) (P2) O(;;cp) (P1) = O(;;cp) (P2)

P  A PPP @  PP  A @ PP A P @  PP R @ ? q P  A  A  + U  A O(;;ca) (P1 ) = O(;;ca) (P2) P1 (;;cp) P2 O(;;p) (P1) = O(;;p) (P2 )

P1 (;;ca) P2

P1 (;;p) P2

Figure 1. A ?! B means that A is strictly ner than B. Equivalences included in a box coincide. The leftmost column is from [24] (apart from O(;s) (P)).

6 Conclusions

Some of the relations among the various equivalences we have studied are illustrated by gure 1. Equivalences in columns from the right to the left correspond to increasingly more abstract observables (partial answers, computed answers and successful derivations respectively). Fully abstract semantics wrt (;X ) are those for which the equivalence S (P1 ) = S (P2 ) is in the same box as P1 (;X ) P2 . Moving from the top to the bottom in each column abstraction grows. In the rst two columns, below compositional observational equivalence, compositionality is lost at the expense of abstraction. In the third column note that since O(;;cp) (P) = O(;ca) (P), O(;;cp) (P) is also compositional. O(;;p) (P) is an abstraction of O(;;cp) (P). The general scheme O (P) captures several observational equivalences. For example, its instance O(;;ca) (P) (the s-semantics) is correct and fully abstract wrt computed answers. O(;ca) (P) is correct wrt computed answers with the composition [ . O(;;p) (P) is correct and fully abstract wrt partial answers. O(;;pt) (P) is correct wrt call patterns. Hence O (P) can be taken as the basic semantic framework for program transformation and program analysis (where dierent observables correspond to dierent \collecting" semantics). Since O (P) has both a procedu13

ral and a xpoint de nition, equivalent top-down and bottom-up techniques are available. Finally note that most of the equivalences considered are undecidable. However some of them are decidable for speci c classes of programs. For example, for Datalog programs the equivalence ( ;ca) is decidable.

Acknowledgments Part of this work was carried out while the rst author was visiting IIAS, FUJITSU Ltd. Tokyo. He would like to thank all the people at IIAS and in particular Jiro Tanaka and Hiroyasu Sugano.

References

[1] K. R. Apt. Introduction to Logic Programming. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, volume B: Formal Models and Semantics. Elsevier, Amsterdam and The MIT Press, Cambridge, 1990. [2] R. Barbuti, R. Giacobazzi, and G. Levi. A General Framework for Semanticsbased Bottom-up Abstract Interpretation of Logic Programs. Technical Report TR 12/91, Dipartimento di Informatica, Universita di Pisa, 1991. To appear in ACM Transactions on Programming Languages and Systems. [3] A. Bossi and N. Cocco. Basic transformation operations for logic programs which preserve computed answer substitutions. To appear in Journal of Logic Programming, 1991. [4] A. Bossi, M. Gabbrielli, G. Levi, and M. C. Meo. Contributions to the Semantics of Open Logic Programs. In Proceedings of the Int'l Conf. on Fifth Generation Computer Systems 1992, pages 570{580. ICOT, Tokyo 1992. [5] A. Bossi and M. Menegus. Una Semantica Composizionale per Programmi Logici Aperti. In P. Asirelli, editor, Proc. Sixth Italian Conf. on Logic Programming, pages 95{109, 1991. [6] M. Codish, D. Dams, and E. Yardeni. Bottom-up Abstract Interpretation of Logic Programs. Technical report, Dept. of Computer Science, The Weizmann Institute, Rehovot, 1990. To appear in Theoretical Computer Science. [7] P. Cousot and R. Cousot. Abstract Interpretation: A Uni ed Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In Proc. Fourth ACM Symp. POPL, pages 238{252, 1977. [8] S. Debray and R. Ramakrishnan. Generalized Horn Clause Programs. Technical report, Dept. of Computer Science, The University of Arizona, 1991. [9] M. Falaschi and G. Levi. Finite failures and partial computations in concurrent logic languages. Theoretical Computer Science, 75:45{66, 1990. [10] M. Falaschi, G. Levi, M. Martelli, and C. Palamidessi. A new Declarative Semantics for Logic Languages. In R. A. Kowalski and K. A. Bowen, editors, Proc. Fifth Int'l Conf. on Logic Programming, pages 993{1005. The MIT Press, Cambridge, Mass., 1988. 14

[11] M. Falaschi, G. Levi, M. Martelli, and C. Palamidessi. Declarative Modeling of the Operational Behavior of Logic Languages. Theoretical Computer Science, 69(3):289{318, 1989. [12] M. Gabbrielli and G. Levi. Modeling Answer Constraints in Constraint Logic Programs. In K. Furukawa, editor, Proc. Eighth Int'l Conf. on Logic Programming, pages 238{ 252. The MIT Press, Cambridge, Mass., 1991. [13] M. Gabbrielli and G. Levi. On the Semantics of Logic Programs. In J. Leach Albert, B. Monien, and M. Rodriguez-Artalejo, editors, 18th Int'l Colloquium on Automata, Languages an Programming, volume 510 of Lecture Notes in Computer Science, pages 1{19. Springer-Verlag, Berlin, 1991. [14] M. Gabbrielli and G. Levi. Unfolding and Fixpoint Semantics of Concurrent Constraint Programs. Technical Report TR 2/91, Dipartimento di Informatica, Universita di Pisa, 1991. To appear in Theoretical Computer Science. [15] M. Gabbrielli, G. Levi, and M. C. Meo. Observational Equivalences for Logic Programs. Technical Report, Dipartimento di Informatica, Universita di Pisa, 1992. [16] M. Gabbrielli, G. Levi, and D. Turi. A Two Steps Semantics for Logic Programs with Negation. In Proceedings of the Int'l Conf. on Logic Programming and Automated Reasoning, Lecture Notes in Arti cial Intelligence. Springer-Verlag, Berlin, 1992. [17] M. Gabbrielli and M. C. Meo. Fixpoint Semantics for Partial Computed Answer Substitutions and Call Patterns. In H. Kirchner and G. Levi, editors, Proceedings of Third Int'l Conf. on Algebraic and Logic Programming, Lecture Notes in Computer Science. Springer-Verlag, Berlin, 1992. [18] H. Gaifman and E. Shapiro. Fully abstract compositional semantics for logic programs. In Proc. Sixteenth Annual ACM Symp. on Principles of Programming Languages, pages 134{142. ACM, 1989. [19] H. Gaifman and E. Shapiro. Proof theory and semantics of logic programs. In Proc. Fourth IEEE Symp. on Logic In Computer Science, pages 50{62. IEEE Computer Society Press, 1989. [20] T. Kawamura and T. Kanamori. Preservation of Stronger Equivalence in Unfold/Fold Logic Programming Transformation. In Proc. Int'l Conf. on Fifth Generation Computer Systems, pages 413{422. ICOT, Tokyo, 1988. [21] J.-L. Lassez and M. J. Maher. Closures and Fairness in the Semantics of Programming Logic. Theoretical Computer Science, 29:167{184, 1984. [22] J. W. Lloyd. Foundations of Logic Programming. Springer-Verlag, Berlin, 1987. Second edition. [23] J. W. Lloyd and J. C. Shepherdson. Partial Evaluation in Logic Programming. Journal of Logic Programming, 11:217{242, 1991. [24] M. J. Maher. Equivalences of Logic Programs. In J. Minker, editor, Foundations of Deductive Databases and Logic Programming, pages 627{658. Morgan Kaufmann, Los Altos, Ca., 1988. 15

[25] K. Marriott and H. Sndergaard. Semantics-based Data ow Analysis of Logic Programs. In G. Ritter, editor, Information Processing 89. North-Holland, 1989. [26] D. Turi. Extending S-Models to Logic Programs with Negation. In K. Furukawa, editor, Proc. Eighth Int'l Conf. on Logic Programming, pages 397{411. The MIT Press, Cambridge, Mass., 1991. [27] M. H. van Emden and R. A. Kowalski. The semantics of predicate logic as a programming language. Journal of the ACM, 23(4):733{742, 1976. [28] L. Vieille. Recursive query processing: the power of logic. Theoretical Computer Science, 69:1{53, 1989.

16