Download Positive and Negative Results for Higher

J. Symbolic Computation (1995) 11, 1000
Positive and Negative Results for Higher-Order
Disunication
D.Lugiez
CRIN-INRIA & LIFIA-IMAG y
(Received 25t h January, 1994)
Abstract
This paper is devoted to higher-order disunication which is the process of solving quantied
formulae built on simply-typed lambda-terms, the equality induced by the and the reductions, boolean connectives and the negation. This problem is motivated by tests of completeness
of denitions in algebraic higher-order specication languages which combine the advantages of
algebraic specication languages and higher-order programming languages. We show that higherorder disunication is not semi-decidable and we prove the undecidability of second-order complement problems which are the formulae expressing the completeness of some scheme, by encoding
Minsky machines. On the other hand, we propose a set of transformation rules to simplify such
formulae, and we show how to extend this set of rules into a quantier elimination procedure
when we assume some restrictions on the formulae that we consider. We prove that second-order
complement problems are decidable when some conditions are imposed on second-order variables
and bound variables, and we are able to prove the decidability of any formula when all the terms
occurring in the formula are patterns, i.e. terms s.t. the arguments of free variables are distinct
bound variables. The quantier elimination process involves classical rules for unication and
their dual through negation, elimination rules for universal variables which are more complex
than their rst-order counter-parts since variables may have arguments, and rules for solving
dependence constraints which state that a function depends only on some of its arguments.
Introduction
The formal verication of systems and programs is a major challenge of Computer
Science and a lot of work has been already devoted to this question. A key part of this
process is the specication step since it allows to describe the behaviour of a program and
to prove properties of this program independently of its implementation. This requires
that specication languages are available and that these languages have some good properties. Firstly a specication language should be simple, expressive and closely related to
what it models. Secondly, it must provide facilities for verication purposes. For example, it is recommended that a specication language is executable and that some basic
proofs can be done easily. Recently, there have been several propositions of higher-order
specication languages which are intended to combine the advantages of two existing
paradigms, i.e. algebraic specication and higher-order programming. These languages
y current address: LIFIA 46 Avenue Felix-Viallet 38031 Grenoble Cedex FRANCE e-mail:
[email protected]
07477171/90/000000 + 00 $03.00/0
c 1995 Academic Press Limited
2
D. LUGIEZ
allow denitions like:
0+x= x
s(x) + y = s(x + y)
0x = 0
s(x) y = x y + y
@(x:F) = x:0
@(x:(F(x) + G(x))) = x:(@(F)(x) + @(G)(x))
@(x:(F(x) G(x))) = x:(@(F)(x) G(x) + F(x) @(G)(x))
which denes basic rst-order objects i.e. the natural numbers together with addition
and multiplication, involving rst-order variables only, and functional higher-order objects i.e. @ the derivative of polynomial functions, involving second-order function variables. On this example, one can see that these languages inherit the simplicity of equational algebraic specication and rewrite systems and the power of expression of lambdacalculus for higher-order functions. The reduction relation associated to these languages
combines rewriting and eta-beta-reduction and have been studied by several authors
[Breazu-Tannen, 1988, Jouannaud and Okada, 1991, Nipkow, 1991, Wolfram, 1991] who
have found that it has the good properties required for dening the operational semantics
of such languages.
However much less work has been devoted to the proof aspects which are required for
verication purposes. Previous works in this direction [Avenhaus and Loria-Saenz, 1994,
Prehofer, 1994b, Nipkow and Qian, 1991, Miller, 1992] deal with equational proofs and
relevant methods like narrowing and unication, but nothing has been done on the fundamental issue (from a specication point of view) of completeness of denitions in this
framework. This step consists in checking that a case denition à la ML, like above, handles all possibilities and that there is no missing case. This is a run of the mill check in
functional language like ML, but the problem is much more complicated for higher-order
algebraic languages since the denitions may contain explicitly lambda-terms when ML
pattern denitions contain rst-order terms only. Therefore completeness tests amount
to solving quantied expressions on lambda-terms and the equality induced by the eta
and beta reductions, denoted by = in the following. Solving quantied formulae on
simply-typed lambda-terms is called higher-order disunication and the formulae related to completeness of denitions fall in the subclass of complement problems. Since
higher-order disunication contains higher-order unication, our goal of checking automatically the completeness of denitions seems to have little chance of success. Indeed,
we prove in this paper that higher-order disunication, contrary to rst-order disunication [Comon and Lescanne, 1989], is even not semi-decidable and that second-order
complement problems are undecidable (by encoding Minsky machines). However, we are
able to prove the decidability of such formulae when some conditions are set on secondorder variables and bound variables, but not on rst-order variables. Moreover, many
denitions encountered in practice involve only patterns, i.e. lambda-terms s.t. the arguments of a free variable are distinct bound variables, and we are also able to give an
algorithm which solves any formula built on = when all terms occurring in the formula
are patterns.
The decision procedures are quantier elimination processes that we describe by sets
of transformation rules. Some of these rules are classical unication rules or the dual
through negation, but the rules for eliminating universal variables are more dicult to
Positive and Negative Results for Higher-Order Disunication
3
design. In rst-order disunication, one has the rule 8Y : (Y 6= t _ P) ! P fY tg
since the disequation Y 6= t is false i Y = t. This cannot be lifted to the higherorder case since we get disequations x1 ; : : :; xn:Y (u1 ; : : :; up ) 6= t which can be solved
only in some special cases. Moreover, to solve these disequations, we must introduce
dependence constraints that express the fact that a function depends or not on some of
its arguments. For example, the above denition of the derivative @ is both a pattern
denition and a second-order linear denition, therefore its completeness can be tested,
yielding the answer that several cases are missing, like the denition of @(x:x), but also
@(x:s(F(x))) with the dependence constraint F depends on its argument.
This paper is devoted to the study of higher-order disunication and gives both decidability and undecidability results, but we shall not discuss any semantics issue related
to higher-order languages, see [Breazu-Tannen, 1988, Jouannaud and Okada, 1991] for
this topic. Section 1 introduces the basic denitions and the undecidability results are
described in section 2. Then the two last sections (4 and 5) describe our decidability
results concerning second-order complement problems and patterns.
1. The framework
Our framework is that of simply typed lambda-calculus and the reader is assumed
to be familiar with the usual notions of this calculus, for a comprehensive survey see
[Hindley and Seldin, 1986] for example.
1.1. Typed lambda-calculus
1.1.1. Types and terms
Types are constructed from a set of base types and the type constructor ! which is
right associative i.e. ! ! stands for ! ( ! ), and the notation 1 : : :n !
denotes 1 ! : : :n ! , therefore each type has the form or 1 : : :; n ! with
a base type. The order ord() of a type is dened by:
ord() = 1 if is a base type
ord( ! ) = Max(1 + ord(); ord())
For each type , we suppose that there is a denumerable set of variables V of type and a nite set of constants C of type . Moreover we shall assume that the signature
C = [C is nite, i.e. there is only a nite number of constants. A lambda-term is an
atom i.e. a variable or a constant, or an abstraction x:t where x is a variable of type
1, t a term of type 2 and the abstraction has type 1 ! 2, or else an application (s t)
where s is a term of type 1 ! 2 , t is a term of type 1 and the application has type
2 .
The order of a term of type is the order of its type, ord(). The term (: : :(a t1 ) : : :tn )
where a is an atom will be written a(t1 ; : : :; tn) or a(tn ). An abstraction x1 : : :xn:t where
t is not an abstraction is written xn :t with the convention that if n = 0 then xn:t stands
for t. The root of a term xn:t is t if t is a variable or a constant, otherwise it is a if
t = a(t1; : : :; tm ). A language is of order n if all constants have order at most n + 1 and
variables have order at most n.
4
D. LUGIEZ
A term is exible if its root is a free variable, it is rigid otherwise. The set of free variables of a term t is denoted by FV (t) and a lambda-term is closed if it does not contain
any free variable. Free variables are denoted with capital letters F; G; X; : : : and bound
variables are denoted with lower-case letters x; y; z; : : :, atoms are denoted by lower-case
letters of the beginning of the alphabet a; b; c; : : :. The notation xn (resp. Xn or un) denotes x1; : : :; xn (resp. X1 ; : : :; Xn or u1 ; : : :; un), and xI denotes some xi1 ; : : :; xip where
I = fi1 ; : : :; ip g. For simplicity, we may drop the subscript n when it is useless.
A free variable X of a term t is linear if it occurs only once in t, for example X is
linear in xy:X(x; g(x; y)) but not in xy:X(x; g(X(x; y); Z)). A term t is linear i each
free variable of t is linear, otherwise it is non-linear.
A position is a sequence of integers and we denote the empty sequence by . A variable F occurs at position in a term t if t = xm :F(un), it occurs at position i:p if
t = xm :a(u1; : : :; up ) and F occurs at position p in ui. The subterm of t at position p,
denoted by tjp is dened
by tj = t and (xn:a(t1 ; : : :; tm ))ji:p = tijp. The height h(t) of
xn :a) = 1
a term t is dened by h(
h(xn :a(t1; : : :; tm )) = 1 + Maxi=1;:::;m (h(ti ))
A substitution is a set fX1 t1 ; : : :; Xn tn g where for each i, Xi is a variable and
ti is a term of the same type dierent from Xi . A substitution is a closed substitution if
all the ti 0 s are closed terms. The domain of is fX1 ; : : :; Xng. The identity substitution
id is the substitution such that Dom(id) = ;. To apply a substitution to a term t is
dened as usual (it may need some renaming of bound variables) and is denoted t.
A context is a closed term with one (or several) hole, more precisely for each type
, we add to C a constant of arity 0 and type , denoted by [ ] and a context is a
closed term build on this signature. For simplicity, we drop the index and a context
is denoted by C[[ ] . The notation C[[ t ] denotes the replacement of [ ] by t (of the
same type as [ ]) and if the context has m occurrences of [ ], ordered from left to right,
C[[ t1; : : :; tm ] denotes the replacement of the rst one by t1 , of the second one by t2 , . . . .
For example, xy:a(a([ ]; x); [ ]) is a context C[[ ] and C[[ b; F ] denotes xy:a(a(b; x); F).
1.1.2. Eta and beta reductions, normal forms
Terms are equivalent if they are identical up to renaming (-conversion), the reduction
relation is the usual eta-beta reduction and the related equality is denoted by = . The
long -normal form is a canonical representation of terms: a term t of type 1 : : : n !
with a base type and n 0, is in long -normal form i t = xn :a(t1; : : :; tm ) where:
xi has type i ,
a is either a constant or one of the xi 's,
a(t1 ; : : :; tm ) has type ,
t1 ; : : :; tm are in long -normal form.
Positive and Negative Results for Higher-Order Disunication
5
Each term is equivalent to a term in long -normal form which can be computed
by reducing t using eta and beta reduction and then by restoring missing arguments
of functional terms using eta-expansion instead of eta-reduction. Throughout the paper,
terms, including contexts, are supposed to be in long -normal form. A type is nitary
if there is only a nite number of closed normal forms of this type (up to renaming)
otherwise it is innitary. We shall consider variables of innitary types y only (in the
other case perform a case analysis on the possible closed instances).
1.1.3. Dependence constraints
The long -normal form of a closed term of type 1 : : : n ! is xn :s where
the free variables of s are included in xn . The fact that some xi occurs or does not
occur in s has a great importance for solving equations or disequations between terms.
Given an equation 9X1 ; X2 : xyz:X1 (x; z) = xyz:X2 (x; y), and a closed substitution
= fX1 x1x2:s1 ; X2 x1 x2:s2 g, the substitution makes the two sides dierent if
x2 occurs in s1 or s2 but they can be identical if x2 does not occur in the si 's. For example,
the substitution fX1 x1 x2:a(x1; x2); X2 x1 x2:a(x1; x2)g yields xyz:a(x; z) =
xyz:a(x; y) which is clearly false, but the substitution fX1 x1 x2:a(x1; x1); X2
x1x2 :a(x1; x1)g yields xyz:a(x; x) = xyz:a(x; x) which is true. In other words the
existence of a (closed) solution is related to the fact that X1 or X2 depends or not on their
second arguments. Since our semantics considers closed substitutions only, we introduce
the dependence relation in the syntax to accomodate to this problem:
Definition 1. Let X a variable of type 1 : : : n ! , the notation X = X[I] with
I f1; : : :; ng stands for X represents a closed term xn :s s.t. FV (s) = fxi j i 2 I g or
equivalently X is a function which depends exactly on its ith arguments for i 2 I
Example If X has type Nat Nat ! Nat then X = X[f1g] means that X represents
a function which depends only of its rst argument. Therefore the variable X can be
instantiated by terms xy:s with x 2 FV (s) but it cannot be instantiated by terms
xy:s with FV (s) = ; or s.t. y 2 FV (s).
A similar notation will be also used in the quantication part of formulae in section 5
where 9X[I]8Y [J] : ' stands for 9X 8Y : X = X[I] ^ Y = Y [J] ^ '
The expression X = X[I] is a dependence constraint and we shall have to solve conjunctions of dependence constraints. Sometimes, we shall need more exible dependence
constraints to express tha fact that a function depnds on some of its arguments (that we
know in advance) and possibly some other arguments that are still unknown. Therefore
dependence constraints have the form X[Setexp] where the set expression Setexp is generated by the grammar: Setexp ::= I j S j I [ S with I f1; : : :; ng, n being the arity
of X, and S a set variable. Dependence constraints are solved in a straightforward way
(? denotes absurdity):
y nitary types can occur only in very special cases like [C = ;.
6
D. LUGIEZ
X = X[I] ^ X = X[I] ! X = X[I]
X = X[I] ^ X = X[J] ! ?
X = X[I] ^ X = X[J [ S] ! X = X[I]
X = X[I] ^ X = X[J [ S] ! ?
X = X[I [ S] ^ X = X[J [ T] ! X = X[K [ U]
if I 6= J.
if J I
if J 6 I
with K = I [ J
and U a new set variable
1.2. Equational problems
We start with special kinds of formulae which are the most likely to occur, called
equational problems.
Definition 2. An equational problem is some expression 9Xn 8Ym : P with Xn \ Ym =
;, n; m 0 and where P is:
either > (for true) or ? (for false),
or an equation s = t or a disequation s 6= t,
or a conjunction of disjunctions of equations, disequations, > or ?.
The free variables of an equational problem are the variables which are neither bound
nor quantied. The right-hand side of an equation s = t or a disequation s 6= t, is t,
the left-hand side is s.
Example 8Y1 ; Y2; Y3; Y4 : map(x:Z1 (x); Z2) 6= map(z:Y1(z); nil)^
map(x:Z1 (x); Z2) =
6 map(z:Y2 (z); cons(Y3 ; Y4 ))
is an equational problem (with no existential variables, i.e. n = 0) related to the question
of the sucient completeness of the denition of the higher-order function map. The free
variables of this problem are Z1 and Z2 .
An equational problem usually has free variables, and we are interested in solutions of
the equational problem, i.e. assignments to these free variables such that the resulting
formula is equivalent to true. This is formally dened in what follows:
Definition 3. A solution of an equational problem E is a closed substitution such that
Dom() = FV (E ) which satises the requirements:
if E is > then there is no requirement,
if E is ? then no substitution can be a solution,
if E is s = t then s and t are equal modulo -reduction,
if E is s 6= t then s and t are not equal modulo -reduction,
if E is a disjunction d1 _ : : : _ dn then there is some di such that the restriction of
to FV (di ) is a solution of di,
Positive and Negative Results for Higher-Order Disunication
7
if E is a conjunction c1 ^ : : : ^ cn then, for each ci , the restriction of to FV (ci )
is a solution of ci,
if E is 9Xn 8Ym : P then there exists a closed substitution = fX1 s1 ; : : :; Xn
sn g such that for all ground substitutions = fY1 t1 ; : : :; Ym tm g, the substitution is a solution of P.
Example Z
nil is a solution of 9X 8Y1 ; Y2; Y3 : map(x:X(x); Z) 6=
map(z:Y1 (z); cons(Y2 ; Y3 )):
This notion of solution is extended to any quantied formula built on = ; 6= ; ^; _
in a straightforward way. Our purpose is to decide the existence and to compute the
solutions of equational problem. The process of solving quantied formulae on lambda
terms will be called higher-order disunication. When dealing with equational problems,
X is for existential variables, Y for universal variables and Z for free variables, other
names are usually kept for variables with ambiguous status.
Remark 1. The introduction of both free and existential variables is for technical rea-
sons. In some applications, we are interested in a yes or no answer to some question,
therefore free variable are useless but in other applications, we may be interested in the
values of the original variables such that the formula is true, therefore free variables are
required.
A particular class of equational problems deserves a denition because of its great
importance in Computer Science, see [Lassez and Marriot, 1987] for a complete study of
the rst-order case.
Definition 4. A complement problem is an equational problem of the form 9X 8Y :
t 6= t1 ^ : : : ^ t 6= tn where X = FV (t) and Y = [i=1;:::;n FV (ti ).
The next section gives examples of applications of such problems.
1.3. What are equational problems for?
Before stating results on equational problems, we describe the application which has
motivated the study of these formulae.
In higher-order specication languages, case denition looks like:
map(x:F(x); nil) ! nil
map(x:F(x); cons(X; L)) ! cons(F(X); map(x:F(x); L))
where the types are Elt and List of Elt, the signature is nil : List of Elt, cons : Elt List of Elt ! List of Elt and the new function map : (Elt ! Elt) List of Elt !
List of Elt. From a specication point of view a crucial question is: does this denition
cover all possible cases of map? This is known as the completeness of denition issue
and a lot of work has been devoted to this problem see [Thiel, 1984, Thompson, 1986]
8
D. LUGIEZ
for instance. It is well known, that this question is equivalent to solving the equational
problem:
9X1 ; X2 8F; Z; L : map(x:X1 (x); X2 ) 6= map(x:F(x); nil)^
map(x:X1 (x); X2 ) =
6 map(x:F(x); cons(Z; L))
or using our convention for names of universal variables:
9X1 ; X2 8Y1 ; Y2; Y3 ; Y4 : map(x:X1 (x); X2 ) 6= map(x:Y1(x); nil)^
map(x:X1 (x); X2 ) =
6 map(x:Y2(x); cons(Y3 ; Y4))
Moreover, it is possible to compute the missing cases, if any, by dropping the existential
quantier and taking the Xi 's as free variables. This problem belongs to the class of
complement problems which are formulae of the form:
9X 8Y : t 6= t1 ^ : : : ^ t 6= tn
with X = FV (t) and Y = FV (t1 ) [ : : : [ FV (tn ).
Such formulae occur in functional programming but also in logic programming since
one proposal for negation [Barbuti et al., 1990], called explicit negation, relies on complement problems which are used to compute the clauses representing the negative
counter-part p~ of a predicate p. Therefore this approach can be used for lambda-prolog
[Nadathur and Miller, 1990] or ELF [Pfenning, 1989] if higher-order complement problems are as manageable as rst-order ones, which we prove in section 5.
2. Undecidability results
2.1. Higher-order disunification is not semi-decidable
In this section we prove that higher-order disunication is not semi-decidable even
when it is restricted to second-order terms. Let s; t be two second-order terms then the
problem:
9X : s = t
where X = V ar(t) [ V ar(s) is an equational problem, as well as the problem:
8X : s 6= t
where X = V ar(t) [ V ar(s) and the second one is the negation of the rst one.
If solving equational problem were semi-decidable, one could run the procedure on
both problems in parallel, and one of them will stop with success. Therefore secondorder unication would be decidable which is not the case [Goldfarb, 1981]. Looking at
this disappointing result, one could ask whether some simpler problems are decidable,
and a good candidate is the second-order complement problem, which would have useful
practical applications. Unfortunately, this kind of formulae is still too general, as proven
by our next result.
Positive and Negative Results for Higher-Order Disunication
9
2.2. Second-order complement problem is undecidable
2.2.1. Two-counter automata
We show that second-order complement problem is undecidable by encoding twocounter nite state machines. A non-deterministic two-counter automaton without input
is a tuple (Q; q0; QF ; a; ), where:
Q is a nite set of states,
q0 is the initial state,
QF is the set of nal states,
a is the single element of the stack alphabet,
Q f0; 1g2 Q f?1; 0; 1g2 is the transition relation of the automaton.
The notation is for the empty word of the stack alphabet and jj denotes the length
of the word . A conguration of the machine is some triple (C1; q; C2) where C1; C2 2 a
are the values of the counters and q is the current state. The relation ) on the set of congurations is dened by (C1; q; C2) ) (C10 ; q0; C20 ), i there is some (q; x1; x2; q0; y1; y2 ) 2 s.t.:
if jCij = 0 then xi = 0 else xi = 1,
jCi0j = jCij + yi
Moreover we assume that if xi = 0 then yi 0, i.e. the content of a counter cannot
be negative. A computation is a sequence of conguration Conf1 Conf2 : : : Confm s.t.
Conf1 = (; q0; ), and Confi ) Confi+1 . It is accepted if Confm = (C1 ; qf ; C2) with
qf 2 QF . It is well know that it is undecidable whether a two-counter automaton has an
accepting computation or not.
2.2.2. Encoding computations of two-counter automata
We show how to encode this problem as a second-order complement problem. The set
of types is fN at; S tate; S eqC onf g and the set of constants is:
0 : N at
s : N at ! N at
q : S tate for each q 2 Q
# : S eqC onf
h : N at S tate N at S eqC onf ! S eqC onf
From this signature, one realizes immediately that a closed term of type N at is either 0
10
D. LUGIEZ
or some sn (0) which models perfectly the content of a counter (0 for and sn (0) for an ),
that a closed term of type S eqC onf is either # or some h(C11; q1; C21; h(C12; q2 ; C22; h(: : :;
h(C1m ; qm ; C2m; #)))) which models a sequence of congurations Conf1 Conf2 : : :
Confm with Confi = (C1i ; qi; C2i ).
We aim at proving that a two-counter automaton M has an accepting computation
i some complement problem has a solution. To achieve this, we dene a set of terms
t1; : : :; tn and a term t s.t. each closed instance of t is some ti i M has no accepting
computation. Therefore the set of ti is intended to reduce each sequence of congurations
which is not an accepted computation. First we give a simple-minded solution and show
why it does not work. This will explain why the actual encoding is somewhat contorted
and where the diculty lies.
A sequence of conguration is not accepted if it contains some bad move, i.e. it has
the form
Confi+1} :::Conf
Conf
| {z n}
| {z1; :::} Conf
| i {z
beginning
bad move
end
which is encoded by a term of the following form
: : : )))))
h(C| 11 ; q1; {z
C21; h(: :}:; h(C| 1i ; qi; C2i ; h(C{z1i+1; qi+1; C2i+1}; h(|{z}
.
beginning
bad move
end
The end of the sequence can be easily encoded by a rst-order variable Z of type
S eqC onf, but the beginning of the computation requires a second-order variable Y of
type S eqC onf ! S eqC onf and the whole sequence is encoded as Y (h(C1i ; qi; C2i ;
h(C1i+1; qi+1; C2i+1; Z))). The type conditions enforce that each term encoding a bad sequence of the previous form is an instance of this term. Therefore, for each kind of bad
move like add more than 2 to the rst counter for instance, one can introduce the relevant
term tk = Yk (h(bad move; Zk )) and solving the associated linear complement problem
X 6= t1 ^ : : :X 6= tn with X an existential variable of type S eqC onf, amounts to
deciding whether M has an accepted computation or not. Therefore we would get the
undecidability of linear second-order complement problem. But we show in section 4 that
such problems are decidable. Where is the trap? It lies in the mere fact that the terms
Y (some bad move) are intended to represent bad sequence only, but they also encode
good sequences: let Good_Sequence be the closed term encoding an accepted computation
of M, then instantiating Y by z:Good_Sequence returns the value Good_Sequence as
an instance of the above term since z does not appear in Good_Sequence. Therefore one
cannot discriminate between good and bad sequences of congurations. It is interesting
to realize that the existence of lambda terms representing functions which do not depend
on some of their arguments is what invalidates this encoding and makes the decidability
proof for linear complement work.
Now, we give the actual encoding for bad sequences. Since we have to consider pairs
of sequences of congurations, we add a new type P air and a new pairing operator
[ ; ] : S eqC onf S eqC onf ! P air. The pairing of two sequences of congurations is
denoted by [seq1 ; seq2]. The term t is chosen as:
t = [C(#); C(h(0; q0; 0; #))]
where C is a second-order variable of type S eqC onf ! S eqC onf. The argument of C in
Positive and Negative Results for Higher-Order Disunication
11
the second argument does not really matter, provided that the two components of the
pair have dierent values if C is not a constant. Our goal is to reduce all instances of t s.t.
the rst component of C is a not an accepted computation. We perform a case analysis
on how these instances can be reduced and for each case, we give the suitable ti ('s). For
simplicity, the notation stands for some anonymous linear variable (à la ML).
First, we want to get rid of all instances of t coming from the instantiation of C by
some constant. This is achieved by setting t1 = [U; U] with U a rst-order variable
of type S eqC onf. From now on, we consider only the instances of C by a nonconstant function. In the following, we focus on the rst component of pairs (and
point out when the second component is relevant).
We reduce the sequences such that the rst conguration is bad:
the rst counter is not 0 at starting point:
t12 = [h(s(x); ; ; ); ]
the second counter is not 0 at starting point:
t22 = [h( ; ; s(x); ); ]
The state is not the initial state at starting point:
tq2 = [h( ; q; ; ); ]
for each q 6= q0:
In the following, the ti 's match the template [Y ( ); Y ( )] and we can consider instances of Y by non-constant functions. Two properties are essential for assuming this restriction. The rst one is that instances of C by constant functions (in
t = [C(#); C(h(0; q0; 0; #))] are handled by [U; U], therefore we can assume at this
point that C is instantiated by non-constant functions. The second one is that Y
is the head of each component of the ti 's, therefore an instance of Y by a constant
function can't match the current instance of t. The reader can see that this would
not be the case with simpler ti 's of the form [Y (: : :); ] that can't forbid instances
of Y by constant functions.
We reduce sequences containing an increment of the rst counter by 2 or more.
t3 = [Y (h(Z(0); ; ; h(s(s(Z(Z 0 (0)))); ; ; ))); Y ( )]
and the same for the second counter.
We reduce sequences containing an decrement of the rst counter by 2 or more.
t4 = [Y (h(s(s(Z(Z 0 (0)))); ; ; h(Z(0); ; ; ))); Y ( )]
and the same for the second counter.
We reduce the sequences which do not end with a nal state:
t5 = [Y (h( ; q; ; #)); Y ( )]
12
D. LUGIEZ
for each q 62 QF
We reduce the sequences where the increment or decrement is 0 or 1 but where some
move Confi ) Confi+1 is not allowed by . At this point, irreducible instances
contain only moves which change the absolute value of the counters by at most
one, and change state q to state q0 . We show how to eliminate the remaining illegal
sequences: assume that in some step, each counter is not empty, the rst counter is
incremented by 1, the second counter is decremented by 1, the states changes from
q to q0 , but this is not a legal step.
For each 5-tuple s.t. (q; 1; 1; q0; 1; ?1) 62 add the term:
t6 = [Y (h(s(Z(0)); q; s(Z 0 (0)); h(s(s(Z(0))); q0 ; Z 0(0); ))); Y ( )]
By looking at all possibilities whether the counters are empty or not and whether
the counters are decremented or incremented, one complete the set of terms ti using
similar terms.
What remains to do is to prove our claim: any instance of t is reduced i there is no
accepted computation.
2.2.3. The complement problem has a solution iff there is an accepted
computation
The key point is to realize that one can associate a unique instance of t to any (encoding
of) sequence of congurations if only non-constant functions are allowed. A sequence of
congurations is some term h( ; ; ; h(: : :; h( ; ; ; #))) where # occurs once. Therefore
there is only one non-constant solution C s.t. C(#) = h( ; ; ; h(: : :; h( ; ; ; #))), i.e.
C = z:h( ; ; ; h(: : :; h( ; ; ; z))). Moreover, one immediately realizes that the second
component of the instance of t is the initial sequence where # is replaced by h(0; q0; 0; #)
and that this component is not equal to the rst one.
We prove the rst part of the equivalence: if there is no accepted computation then there
is no solution to the complement problem or accordingly each instance of t is reduced.
the instances of t using constant functions C are reduced by [U; U].
the other instances of t are [: : :; : : :] where the rst component matches the rst
component of some ti . Since the variables Y occurring in the ti 's cannot be instantiated by constants (otherwise C should be constant), it is obvious to nd a
match for the second argument from a match for the rst one, which proves that
the instance of t is reducible.
Now, we prove the converse: if there is no solution to the complement problem then
there is no accepted computation. If there were some accepted computation, there the
corresponding instance (by a non-constant C) could not be reduced by any ti (the variables Y cannot be constants), which means that the complement problem would have a
Positive and Negative Results for Higher-Order Disunication
13
solution.
These results are summed up by the following statement:
Theorem 2. The second-order complement problem is undecidable
An interesting remark is that our encoding does not contain any bound variable, therefore the undecidability results holds also for terms built on rst-order terms augmented
with context variables.
3. An overview of higher-order disunication
The undecidability results do not prevent us from trying to solve equational problems
and we can design a quantier elimination scheme for equational problems. First we
describe the principles of this method, then we give a set of rules which can be employed
as a general simplication procedure and we illustrate how these rules work on the map
example. To get decidability results one need some additional hypothesis and we describe
two important decidable cases in section 4 and 5: top-linear complement problems and
problems on patterns.
3.1. Principles of quantifier elimination
Quantier elimination for higher-order terms follows the same scheme as quantier
elimination for rst-order terms.
98'
#
9
#
Bring universal variable at top,
using basic rules and explosion rules.
Eliminate universal variables
Simplication
Constrained substitution
Our procedure is similar to the rst-order one since:
the basic rules are extension of the rules for unication,
the explosion rule is used to perform a case analysis on variables,
but it is dierent since:
case analysis can be performed on universal variables,
elimination rules are distinct since universal variables may have arguments, which
complicates or forbids the elimination process,
14
D. LUGIEZ
dependence constraints are introduced during the rst step and are solved in the
simplication step.
3.2. A set of general computation rules
In this section, we give a set of rules which are useful to simplify equational problems
in order to get simpler ones. Moreover we take for granted the classical logical laws
such as commutativity, associativity, distributivity of boolean connectives, suppression
of useless quantication and the normalization of each term in long -normal form.
We usually drop irrelevant contexts, for example we shall write t = t ! > instead
of 9Xn 8Ym : (t = t _ P) ^ Q ! 9Xn 8Ym : Q. Each term is assumed to be in long
-normal form, but since it leads to tedious notation, we sometimes use a simpler form,
for example we write H(xn) instead of zp :H(xn; zp ).
3.2.1. Basic rules
First, one has a set of basic rules containing rules of higher-order unication and their
dual through negation.
Type checking rules
(TC1) t = s ! ?
(TC2) t 6= s ! >
if the type of t is not the type of s.
Elimination of trivial equations rules
(ET1) t = t ! >
(ET2) t 6= t ! ?
Decomposition rules
(D1) xn:a(t1; : : :; tm ) = xn :a(s1 ; : : :; sm ) ! xn :t1 = xn:s1
^ : : :^
xn :tm = y :sm
(D2) xn:a(t1; : : :; tm ) 6= xn :a(s1 ; : : :; sm ) ! xn :t1 6= xn:s1
_ : : :_
xn :tm 6= y :sm
if a is a constant or belongs to xn.
Clash rules
(C1)
xn :a(tp) = xn:b(sq ) ! ?
(C2) xn :a(tp) 6= xn:b(sq ) ! >
if a and b are distinct constants or variables of xn.
Positive and Negative Results for Higher-Order Disunication
15
3.2.2. The explosion rule
9Xl 8Yn : P ! 9H p 9Xl 8Yn : F = xn :a(H1(xn); : : :; Hk(xn ))^
P fF xn :a(H1(xn); : : :; Hk(xn )g
if F is a free or existential variable of type 1 : : : n ! ,
xi has type i , a(H1(xn ); : : :; Hk(xn )) has type and a 2 C [ xn.
(EX)
To ensure that no solution is lost, all possible choices for a are done.
This rule contains the classical imitation and projection rules. Since all possible choices
for a in [C [ xn are done, the procedure builds a nitely branching tree (see the map
example in section 3.3).
3.2.3. The explosion rule for universal variables
A case analysis can be performed on universal variables too. This rule is useful in some
cases (see section 5) but usually causes non-termination since one universal variable is
replaced by many ones and a formula is replaced by a conjunction of formulae.
(EXUV )
8Y : P ! 8H pl Vai 2C[xn P fY xn:ai(H1i (xn); : : :; Hmi i (xn))g
where the type of Y is 1 : : : n ! , the type of xi is i and the type
of each ai(H1i (xn); : : :; Hmi i (xn)) is .
3.2.4. Correctness and consistency of the rules
A rule is said to be correct if each side has the same set of solutions than the other
one, it is said to be consistent if the set of solution of the right-hand side is included in
the set of solutions of the left-hand side. Before illustrating how to use these rules on
some example, we give the following correctness result:
Proposition 1. Basic rules and the EXUV rule are correct.
Proof. This is obvious because of the semantics of equational problems and of the
existence of the long -normal form. 2
The explosion rule is consistent but not correct since the solutions of the right-hand
side are solutions of the left-hand side but the converse can be false. To overcome this
diculty, one simply makes all possible transformations using all possible choices of a
in C [ xn, building a proof tree in which branching corresponds to the explosion of an
existential or free variable. This ensures that our transformation is complete, i.e. no
solution is lost.
16
D. LUGIEZ
3.3. An example
We show how one can use these rules to simplify equational problems. The reader
will see the limitations of these rules since we shall get stuck at some point because we
cannot get rid of universal variables. The limitations will be overcome and the example
continued later on in section 4. The proposed example is the equational problem related
to the completeness of the map function, given in section 1.2.
9X1 ; X2 8Y1 ; Y2; Y3; Y4 : map(x:X1 (x); X2) 6= map(z:Y1 (z); nil)^
map(x:X1 (x); X2) 6= map(z:Y2 (z); cons(Y3 ; Y4 ))
!Decomposition
9X1 ; X28Y1 ; Y2; Y3; Y4 : (x:X1(x) =
6 x:Y1 (x) _ X2 6= nil)^
map(x:X1 (x); X2) =
6 map(z:Y2 (z); cons(Y3 ; Y4 ))
!Decomposition
9X1 ; X28Y1 ; Y2; Y3; Y4 : (x:X1(x) 6= x:Y1(x) _ X2 6= nil)^
(x:X1(x) =
6 z:Y2 (z) _ X2 =
6 cons(Y3 ; Y4))
At this point the variable X2 is exploded yielding two branches. The rst one corresponds to the explosion X2 = nil and the second one to the explosion X2 = cons(X3 ; X4).
The rst case X2 = nil is continued as follows:
9X1 ; X2 8Y1; Y2 ; Y3; Y4 : (x:X1 (x) 6= x:Y1(x) _ nil 6= nil)^
(x:X1 (x) 6= z:Y2(z) _ nil 6= cons(Y3 ; Y4)) ^ X2 = nil
!Clash
9X1 ; X2 8Y1 : x:X1(x) 6= x:Y1(x) ^ X2 = nil
Although common sense tells us that the last expression should evaluate to ?, none
of the basic rules is applicable and using explosion rules quickly enters an innite loop,
therefore we have to wait for some new rule before achieving our goal. Meanwhile, what
has happened on the other branch X2 = cons(X3 ; X4 )? In fact the same kind of situation
shows in and we get stuck with the formula:
9X1 ; X2; X3 ; X48Y2 ; Y3; Y4 : (x:X1(x) 6= z:Y2 (z) _ X3 6= Y3 _ X4 6= Y4 )
^X2 = cons(X3 ; X4)
The rest of the paper is devoted to several approaches for solving this problem. Since
there is no hope to get a general solution, we shall describe some particular decidable
cases.
4. A decidable case of second-order complement problems
In this section we consider a second-order language, which means that constants have
order 3 at most, and variables have order 2 or 1. For clarity, we shall assume that there is
only one base type, the extension of our results to several base types is easy but tedious.
Positive and Negative Results for Higher-Order Disunication
17
Therefore, a variable has type or type : : : ! with the basic type. We shall
also assume that for each type : : : ! , there are innitely many contexts C[[ ]
of this typey .
4.1. Simple top-linear complement problems
In the following, we are interested in second-order complement problems where secondorder variables are assumed to be top-linear. To dene this notion, we need some terminology: a position p is a top-position of a variable F in t if F occurs in t at position p
and no variable occurs in t at position p0 with p = p0:q and a free variable F of a term t
is top-linear i it has at most one top-position.
Example In x; y:b(F(a; F(a; y)); F(G(y); x); G(y)) the variable F occurs at top-
positions 1 and 2 and at position 1:2, the variable G occurs at top-position 3 and at
position 2:1. Hence F is not top-linear but G is top-linear.
A complement problem where each second-order free variable of the ti 's is top-linear
is called a top-linear complement problem. These problems are decidable when some restrictions are set on the bound variables of the ti 's y :
Definition 5. Let t be top-linear term t, let p1 ; : : :; pk be the top-positions in t, let
Yi (si1 ; : : :; sini ) the subterm of t at position pi , t is simple i there exists a substitution s.t.
top-linear subterm can be simplied, more precisely for i = 1; : : :; k,
Yi (si1 ; : : :; sini ) = Yi0 (x1 ; : : :; xmi ) where
Yi0 is a new variable, linear in t,
fx1; : : :; xmi g is the set of bound variables of t free in Yi (si1 ; : : :; sini ),
only linear or top-linear variables are modied, more precisely Y 2 Dom() ) Y
is linear or top-linear.
Example The term @(x:F(G(x))), needed to dene the derivative of a composition of
function, satises the condition as well as the term x; y:b(Y1 (z:Y2 (y; a); z:z; Y3(y; y; Y4 ))
,Y2(x; y)) but the term x; y:Y1(z:Y2 (y; a; z); z:z) does not.
The intuition supporting the denition of simple term is that a term is simple if one
can erase parts of this term by instantiating free variables in order to get a term s.t. the
arguments of a free variable are distinct bound variables. Moreover, for technical reasons,
we require that the erasing process has no side-eect (hence the linearity restrictions) and
y this is true in all practical applications. For example one constant of type : : : ! and one
constant of type are enough.
y In [Lugiez, 1994b], rst-order variables had to be top-linear too, and bound variables were not dealt
with correctly.
18
D. LUGIEZ
that it preserves sets of bound variables for subterms occurring at top-positions. Several
necessary conditions can be elaborated to ensure that a term is simple, the simplest is:
Proposition 2. If for each Y (un) top-linear subterm of a top-linear t s.t. xp is the set
of bound variables of t free in Y (un ), there exists a substitution s.t.
for i = 1; : : :; p, xi = uji with fj1 ; : : :; jpg f1; : : :; ng and jl 6= jk ,
Y 0 2 Dom() ) Y 0 is linear.
then t is simple.
Proof. For each top-linear subterm Y (un) there exists some as described in the proposition, taking as the union of these 's completed by Y xn :Y 0 (xj1 ; : : :; xjp ) gives a
substitution which satises the denition, since the variables in Dom() are linear for
each . 2
The reader should remark that nding satisfying the rst equations amounts to
solving a second-order matching problem (consider the xi 's as new constants), which is
decidable. Once the solutions of this matching problem have been computed, the second
condition can be checked immediately. An easier but less powerful syntactical criteria for
ensuring simplicity is the following one:
Proposition 3. Let t be a top-linear term with top positions p1 ; : : :; pk, s.t. for each pi
there exists a set of positions P osi with the following properties:
(a) all relevant bound variables are taken into account, i.e. for each x bound variable of
t, free in tjpi the subterm at position pi there exists a unique q 2 P osi s.t. x occurs
in t at position pi:q,
(b) positions are incompatible at top, i.e. if q; r 2 [i P osi then q = j:q0 , r = k:r0 with
j; k two dierent integers,
(c) superuous parts of t can be erased, i.e if q = j1 :j2: : : ::jm where the jl 's are integers,
then tjpi :j1:::jl = Yl (: : :) with Yl a linear free variable of t for l = 1; : : :; m ? 1,
then t is simple.
Proof. (sketch) Let pi be a top-position of t and x1 ; : : :; xp be the bound variables
of t free in tjpi . For each linear variable Yl of t occurring at position pi :j1 : : :jl with
j1 : : :jl : : :jm 2 P osi , set Yl x:xjl+1 . Using this substitution, the subterm at position
pi becomes Yi (s1 ; : : :; sm ) where fx1; : : :; xpg fs1 ; : : :; sm g (use property (a) and (b)).
Then set Yi x:Y 0 (xi1 ; : : :; xip ) for the suitable indexes i1 ; : : :; ip. The fact that Yi can
be non-linear doesn't matter because of the linearity condition required for the Yl 2
From now on, we consider simple top-linear complement problems i.e. top-linear problem 9X 8Y : t 6= t1 ^ : : : ^ t 6= tn s.t. each ti is simple. The algorithm to decide these
problems has three steps:
Positive and Negative Results for Higher-Order Disunication
19
Use basic rules to get a conjunction of disequations where the left-hand side con-
tains existential variables only and the right-hand side is a closed term or has a
universal variable at root.
Eliminate universal variables. This is the key point where the condition simple toplinear is required, and where membership constraints are introduced.
Decide the resulting existential formulae.
Each step is detailed in the next sections.
4.2. Getting universal variables at root
This step consists of using basic rules and explosion rule with the following strategy:
basic rules are used eagerly and the explosion rule is performed on an existential variable
X provided that there is some disequation s 6= t with root(s) = X , t contains some
universal variable and root(t) 62 Y .
Proposition 4. A top-linear complement problem is equivalent to a disjunction of for-
mulae
9X 8Y : C1 ^ : : : ^ Cp
where
either Ci is an equation xn :X(xn ) = t s.t. X is an existential variable occurring
once and FV (t) X ,
or Ci is a disjunction of disequations s 6= t s.t.
FV (s) X ,
either t is a closed term,
or t = x:Y (u), where the universal variable Y does not occur elsewhere at a
top-position.
Proof. First, we show that the computed formula has the required form. Let us consider
formulae 9X 8Y : C1 ^ : : : ^ Cq ^ xn1 X1 (xn1 ) = u1 ^ : : : ^ xnp Xp (xnp ) = up where
the Ci 's are disjunctions of disequations s 6= t s.t.
X1 ; : : :; Xp occur once, FV (ui ) X,
FV (s) X and FV (t) Y . The initial complement problem has this form and applying
the basic rules to such formulae returns a result of the same kind. Since the explosion
rule EX is performed on existential variables only, yielding new existential variables, a
new equation xn :X(xn) = : : :, and replacing the occurrences of X by a term containing existential variables only, the result also has the above form. Finally, since the
initial problem is top-linear, a universal variable can occur only once at a top-position.
Therefore the result of the application of rules has the form stated in the proposition
20
D. LUGIEZ
when no rule is applicable.
Secondly, the process terminates: to each disequation s 6= t one associates the integers
pos; nb where
if t is a closed term then pos = 0 else pos = jp1j + : : :+ jpnj for pi the top-positions
of universal variables,
nb is the number of symbols of s 6= t (excluding the binders xn ).
To a disjunction of disequations dis1 _ : : : _ disq , one associates the pair of multisets
(fpos1 ; : : :; posq g; fnb1; : : :; nbq g). These pairs are lexicographically ordered and the multiset ordering is used to compare the components of pairs. It is easy to see that the application of basic rules decreases this complexity measure, but the case of the explosion
rule EX requires more work. Let s 6= t be a disequation containing X with associated
pos; nb.
if the explosion is X = xn :xi, then pos does not increase and nb decreases (proof
by structural induction on terms containing X).
if the explosion is X = xn :a(H1(xn); : : :; Hp(xn )) then
if root(s) = X and root(t) 6= a, then the clash rule will apply and the disequation vanishes,
if root(s) = X and root(t) = a then the decomposition rule will apply to
(s =
6 t)fX xn:a(H1(xn); : : :; Hp(xn ))g with s = ym :X(u1 ; : : :; un) and
t = ym :a(v1; : : :; vp ) yielding p disequations ym :Hi(u01; : : :; u0n) =
6 ym :vi
where u0i = uifX xn:a(H1(xn ); : : :; Hp (xn))g. Let posi ; nbi be the integers
associated to these disequations. Either t contains no universal variable and
pos = posi for all i or t contains at least one universal variable and pos > posi
since either vi has no universal variable or these universal variables are higher
than the universal variables of t.
if root(s) 6= X then nb may increase but pos does not increase.
Since EX is applied when there is at least one disequation with root X and containing an universal variable, the rst component of the complexity measure is smaller
than the initial one.
In each case, the complexity measure decreases which proves that the transformation
stops. 2
The equations xn :X(xn ) = s are introduced by an explosion rule and are not
relevant for the validity of the formula, therefore we shall not consider these equations
any longer.
Positive and Negative Results for Higher-Order Disunication
21
4.3. Reducing complement problem to existential formulae
Here comes the elimination of universal variables, which is the key part of the procedure. Two main points must be underlined:
membership constraints x 2 s are introduced, and we get formula E k M where E
contains equations and disequations, M contains membership constraints, and k is
an alias for the conjunction ^ that we introduce to make the distinction between
equational constraints and membership constraints clearer.
the hypothesis on complement problems is required to ensure the correctness of
elimination of second-order variables.
Elimination of second-order universal variables
At this point we have disjunctions of the form:
9X 8Y : (xn1 :s1 6= xn1 :Y1 (u1) _ : : : _ xnm :sm 6= xnm :Ym (um ) _ P) k M
where Yi (ui ) is a subterm of some tj at a top-position pji , and where P is a disjunction
of disequations s 6= t where t is either a closed term or a rst-order universal variable
Y.
The assumption that we are dealing with simple top-linear problems, allows to design
two elimination rules for second-order universal variables:
(EUV 1) 9X 8Y : (xn1 :s1 6= xn1 :Y1 (u1) _ : : : _ xnm :sm 6= xnm :Ym (um ) _ P)
! W
> k i=1;:::;m (z1i 2 si _ : : : _ zki i 2 si )
where FV (si ) \ Y = ;, and z1i ; : : :; zki i are the xi's occurring in si but not
in Yi (ui ).
(EUV 2) 9X 8Y : (xn1 :s1 6= xn1 :Y1 (u1) _ : : : _ xnm :sm 6= xnm :Ym (um ) _ P)
! V
P k i=1;:::;m (z1i 62 si ^ : : : ^ zki i 62 si )
where FV (si ) \ Y = ;, and z1i ; : : :; zki i are the xi's occurring in si but not
in Yi (ui ).
Remark 3. If each xj occurring in si occurs in up -like in x; y:F(G(x)) 6= x; y:Y (x; y)-
the related membership constraint is ? in EUV 1, ending this branch, and the related
membership constraint is > in EUV 2.
The membership condition is nothing but a case analysis on whether the left-hand side
of a disequation contains or not some bound variable which does not occur in the righthand side. Therefore if EUV 1 is applicable then EUV 2 is also applicable and conversely
and the transformation process constructs two branches at this point. The correctness of
the process is guaranteed by the proposition:
Proposition 5. Let E s.t. E
is a solution of E1 or E2
!EUV 1 E1 and E !EUV 2 E2, then is a solution of E i
22
D. LUGIEZ
Proof. Let E be:
9X 8Y : (xn1 :s1 6= xn1 :Y1(u1 ) _ : : : _ xnm :sm 6= xnm :Ym (um ) _ P)
where Yi (uip ) is a subterm of some tj at a top-position pji , and where P contains none
of the Yi for i = 1; : : :; m. Since each tj is simple, there is a substitution j s.t. these
subterms are transformed into Yi0(xi ) where xi are the bound variables of ui and Yi0 are
linear. We set = 1 [ : : : [ m in the following. We distinguish two cases:
either is a solution of Wi (z1i 2 si _ : : : _ zki i 2 si ) which implies that there is one
6 xni :Yi(ui ) is false for every instantiation of Yi , hence is a
i s.t. xni :si =
solution of E1,
or is a solution of V (z i 62 s ^ : : : ^ z i 62 s ). Let us consider the instance of
i
1
i
ki
i
the Yi 's obtained with the composition of the substitution and of the substitution
fY10 x1 :s1; : : :; Ym0 xm :sm g. Because of the condition on the zi 's and of
the linearity of the Yi0's, the composition is a closed instantiation of the Yi 's s.t.
all the disequations with universal variables are false. Therefore is a solution of
9X 8Y : P, hence of E2 since it also satises the membership constraint.
Conversely, it is straighforward to see that a solution of E1 or E2 is a solution of E .
2
Elimination of first-order universal variables
The last step is to eliminate the remaining rst-order universal variables. The main
dierence with rst-order disunication is that we must consider membership constraints.
(EUV 3)
9X 8Y : (xn:s 6= xn :Y _ P) ! 9X 8Y : > k W1;:::;n xi 2 s
where FV (xn :s) \ Y = ;
V
(EUV 4) 9X 8Y : (xn :s 6= xn :Y _ P) ! 9X 8Y : P fY sg k 1;:::;n xi 62 s
where FV (xn :s) \ Y = ;
Again the membership constraint is a case analysis on the occurrence of bound variables
in the left-hand side of the disequation. Similar rules can be designed where the rst-order
variable Y is replaced by a term Y (ym ) with Y a second-order variable.
Proposition 6. Let E s.t. E
is a solution of E1 or E2
!EUV 3 E1 and E !EUV 4 E2, then is a solution of E i
Proof. Let a solution of E , then either s contains some xi and the disequation is true
whatever Y is, or no xi occurs in s and the disequation is false for all Y s.t. Y = s,
therefore is a solution of 9X 8Y : P fY sg hence of 9X 8Y : P fY sg. Conversely
if is a solution of Ei , i = 1; 2 it is obvious that it is a solution of E . 2
Positive and Negative Results for Higher-Order Disunication
23
4.4. Deciding existential formulae and membership constraints
4.4.1. Solving membership constraints
New reduction rules are introduced for these new constraints and we shall use the
notation X = X[I] of section 1 to state that X stands for functions which depends on
the arguments i 2 I. As usual boolean rules are used to get disjunctive forms and since
all variables are existentially quantied, we may consider conjunctions only.
x 2 x(t1; : : :; tm ) ! > (m 0)
x 62 x(t1; : : :; tm ) ! ? (m 0)
x 2 s ! ? if s is a closed term not containing x
x 62 s ! > if s is a closed term not containing x
x 2 ym :a(u1; : : :; un) ! x 2 u1 _ : : : _ x 2 un
x 62 ym :a(u1; : : :; un) ! xW62 u1 ^ : : : ^ x 62 un W
x 2 yn :X(u1 ; : : :; un) ! WI f1;:::;ng X = X[I] ^ ( Vi2I x 2 ui )
x 62 ym :X(u1 ; : : :; un) ! I f1;:::;ng X = X[I] ^ ( i2I x 62 ui )
Remark 4. Because of -conversion, we can assume that the variable x is always dif-
ferent from bound variables.
It is straightforward to see that the rules preserve the set of solutions, and that the
following proposition holds:
Proposition 7. Any boolean combination of membership constraints is equivalent to >,
? or a nite disjunction of expressions X1 = X1 [I1] ^ : : : ^ Xp = Xp [Ip ]
Remark 5. For simplicity we have not given the most ecient set of rules from the
computational point of view.
4.4.2. Solving existential conjunctions of disequations
First the basic rules are employed to get rid of Rigid-Rigid disequations, and we have
to deal with four dierent kinds of disequations:
xn :X1(u) 6= xn :X2(v )
xn :X(u) 6= xn:s where s is rigid and contains some Xi 's.
xn :X(u) =
6 xn:t where t is a closed term.
xn :X(u) 6= xn:X(v ) with u 6= v.
The last kind of disequations complicates the resolution process since it forbids solutions like X xn :C where FV (C) \ xn = ;. Therefore we show rst how to solve
conjunctions which do not contain this kind of disequations without using such solutions. Two cases are distinguished, depending on the signature. Either C contains only
24
D. LUGIEZ
constants of arity 0 and one constant of arity 1, or not.
In the rst case each term looks like xn :xi or xn:ai or xn :f n(ai or xi). Therefore
solving disequations amounts to solving linear diophantine (dis)equations on integers (the
unknowns are the exponents of f) which is decidable. One should remark that constrained
disequations may have no solution in this setting, like X1 (X2 (a)) 6= X2 (X1 (a)) k X1 =
X1 [f1g] ^ X2 = X2 [f1g].
In the second case, either C contains only constants of arity 0 and the problem is trivial,
or the following proposition is true:
Proposition 8. For each n, there is some h s.t. there are at least n contexts of height
h.
From now on, we suppose that the signature satises the given property. The key
proposition is the following one:
Proposition 9. Let Conj be an existentially quantied conjunction of disequations of
the rst three kinds, then
either Conj contains a disequation t 6= t (hence has no solution),
or there are innitely many solutions of the form
X1
xn1 :C1[ H1(xn1 ) ]
Xp
xnp :Cp [ Hp(xnp ) ]
.
.
where C1 ; : : :; Cp are xed contexts, X1 ; : : :; Xp are the existential variables of
Conj , and Hi(xni ) stands for any term built on C and xni .
Proof. The proof is by induction on the number of disequations. In the following the
reasoning on contexts strongly relies on the assumption made on the signature C .
Base case: one disequation.
xn1 :X1 (u) 6= t with t a closed term. Then any substitution of the required form
is a solution provided that the height of C1 is greater than the height of t.
xn1 :X1 (u) 6= xn1 :C[[ Xi1 (v1 ); : : :; Xik (vk ) ]
X1 does not occur in Xi1 ; : : :; Xik . Then there exist contexts C1; Ci1 : : :; Cik
s.t. C1 [ 1 ] =
6 C[[ Ci1 [ i1 ] ; : : :; Cik [ ik ] ] for any closed terms 1 ; i1 ; : : :; ik
and we are done.
X1 occurs in Xi1 ; : : :; Xik . Firstly, one instantiates the Xi 6= X1 by terms
6 of the required form, yielding some disequation of the form xn1 :X1 (u) =
xn1 :C[[ X1 (u1 ); : : :; X1(uk ) ] . This last term can be written xn1 :a(t1 ; : : :; tn )
Positive and Negative Results for Higher-Order Disunication
25
with a 2 C and either some ti , say t1 , is a constant of arity 0 and X1 =
xn1 :a(a(: : :); : : :) satises the disequation, or none of the ti is a constant of
arity 0 and X1 = xn1 :a(some constant of arity 0; : : :) validates the disequation.
xn1 :X1 (u) 6= xn2 :X2 (v ). Then there exists two contexts C1[ ] and C2[ ] s.t.
C1 [ 1 ] =
6 C2[ 2 ] for any closed term 1 ; 2, therefore X1 xn1 :C1[ H1(xn1 ) ]
and X2
are.
xn2 :C2[ H2(xn2 ) ] validates the disequation whatever the other Xi 's
Induction step: the property is true for m ? 1 disequations, and we add a new one. The
solution depends on how the new disequation looks like:
xn1 :X1 (u) 6= t with t a closed term. Either X1 is a new variable and we proceed
as in the base case or X1 is subject to the constraint X1 = xn1 :C1[ H(xn1 ) ] . In
this case we replace H by C 0 [ H(xni ) ] s.t. the height of C1 [ C 0[ ] ] is greater
than the height of t which yields solutions of the required form for the new set of
disequations.
xn1 :X1 (u) 6= xn1 :C[[ Xi1 (v1 ); : : :; Xik (vk ) ] . To any new variable, we associate
an arbitrary constraint Xi = xni :Ci[ Hi(xni ) ] . To conclude, we distinguish two
cases:
X1 does not occur in Xi1 ; : : :; Xik . In this case there exist contexts C10 ; Ci01 ; : : :; Ci0k
s.t. C1[ C10 [ 1 ] ] =
6 C[[ Ci01 [ i1 ] ; : : :; Ci0k [ ik ] ] for any closed term
1 ; i1 ; : : :; ik and we are done.
X1 is one of the Xi1 ; : : :; Xik . For simplicity, we assume that no variable different from X1 occurs. Let p be a position of [ ] in C1[ ] , then either p is not
a position of C[[ C1[ ] ; : : :; C1[ ] ] and we are done or p is a position of this
context. Let a be the symbol at position p in this last context and let H be the
variable occurring at position p in xn1 :C1[ H(xni ) ] .
either there is a constant b of arity greater than 0 and dierent from a,
then replacing H by b(H(xni )) yields a solution,
or a is the only function of arity greater than 1 in C . Let a(t1; : : :; tr ) be
the subterm occurring at position p in xn1 :C[[ C1[ ] ; : : :; C1[ ] ] then
either all the ti have root a and an instance of H by a(: : :; b; : : :) yields a
solution, or there is some ti0 with root(ti0 ) 6= a then one instantiates H by
a(: : :; a(: : :); : : :) with a(: : :) as ith
0 argument.
When a variable Xi dierent from X1 occurs, replace Xi by xni :Ci[ H(xni ) ]
and the proof proceeds like above except small changes.
26
D. LUGIEZ
xn1 :X1 (u) 6= xn2 :X2(v ). If there is no constraint on X1 or X2 the problem is
easily solved, otherwise X1 = xn1 :C1[ H1(xn1 ) ] and X2 = xn2 :C2[ H2 (xn2 ) ] .
In this case one can nd two contexts C10 [ ] and C20 [ ] s.t. C1 [ C10 [ 1 ] ] 6=
C2 [ C20 [ 2 ] ] for any closed term 1 ; 2 and we are done.
2
The last thing to do is to use this result in order to get a decision method for the general
case, i.e. in presence of equations xn :X(u) 6= xn :X(v ). The intuition supporting the
last proposition is that if one applies the same function to some values, the results
are distinct i some arguments are distinct and the function depends on one of these
arguments.
Proposition 10. Let 9X W: xn :X(up ) 6= xn :X(vp ) be a disequation, then the disequation has a solution i i=1;:::;p 9X : (xn:ui 6= xn:vi k X = X[fig [ S]) has a
solution.
Proof. We prove each implication:
Necessary condition.
Let be a solution of the disequation, then X = xp :C[[ xi1 ; : : :; xim ] with
m > 0 since constant functions are not solution of the disequation. Since
C[[ ui1 ; : : :; uim ] = X(up ) 6= X(vp ) = C[[ vi1 ; : : :; vim ] , there is some
ij of i1 ; : : :; im s.t. uij 6= vij .
Sucient condition.
Let be a solution of xn :ui 6= xn :vi k X = X[fig [ S], then
X = xp :C[[ : : :; xi; : : : ] for some context C. Therefore X(up ) = C[[ : : :; ui; : : : ]
and X(vp ) = C[[ : : :; vi ; : : : ] with ui 6= vi , i.e. is a solution of the initial
disequation.
2
Therefore, we can state:
Proposition 11. Existential constrained conjunction of disequations are decidable.
Proof. First we get rid of disequations with the same root X by the rule:
9Xm : (xn:X(up ) 6= xn:X(vp ) ^ P) k M
!
W
6 xn:vi ^ P) k X = X[fig [ S] ^ M
i=1;:::;p 9Xm : (xn :ui =
This rule is correct because of proposition 10 and we can use it until there is no disequation of the fourth type, getting either ? or constrained systems which have solution
(use proposition 9). 2
4.4.3. The decidability result
Putting all previous results together, one can state the theorem:
Positive and Negative Results for Higher-Order Disunication
27
Theorem 6. Simple second-order top-linear complement problems are decidable.
Proof. First reduce problems to simpler ones as described in section 4.2, then eliminate
universal variables as in section 4.3 and nally decide the resulting existential formulae
as in section 4.4. The set of solution is preserved since each rule, but EX, is correct, see
proposition 1, and since we consider each possible application of the EX rule. 2
In some sense our result is optimal since it states a decidability result when nonlinear rst-order variables are allowed but section 2.2 gives an undecidability result when
second-order non-linear variables occurs in the ti's.
4.5. The map example (continued)
In section 3.3, the simplication of the formula associated to the completeness of the
denition of the map function ended with two formulae which still contained universal
variables. We show how to proceed with these formulae by eliminating universal variables.
The rst formula was:
9X1 ; X2 8Y1 : x:X1(x) 6= x:Y1(x) ^ X2 = nil
then applying EUV 2 yields ? (the rule is applicable since the bound variable x
occurs in X1 (x)).
The second formula was:
9X1 ; X2; X3 ; X48Y2 ; Y3; Y4 : (x:X1 (x) 6= z:Y2 (z) _ X3 6= Y3 _ X4 6= Y4)
^X2 = cons(X3 ; X4)
again EUV 2 can be applied and one gets ?.
Therefore each case of the explosion rule yields ?, which means that the initial formula
is not valid and that the proposed denition of map is complete.
5. Decidability of equational problems on patterns
5.1. Constrained equational problems on patterns
In this section we discuss how to solve equational problems when each term is a pattern. This class of lambda-terms has been introduced by Dale Miller [Miller, 1991] who
proved that unication of patterns is decidable and unitary. Patterns are now widely
used in current implementation of higher-order logical languages like lambda-prolog and
Elf and appear to be good candidates for extending rst-order languages. Let us recall
the denition of a pattern.
Definition 6. A simply typed lambda-term t is a pattern i the arguments of any free
variable of t are ( equal to) distinct bound variables.
Example x; y:F(x; y), x; y:G(z:x(z); y) are patterns but x; y:F(x; a),
x; y:F(G(x); y) are not.
28
D. LUGIEZ
A key remark is that the replacement of a free variable in a pattern by another pattern
yields a pattern after reduction to long normal form. From now on, we consider
equational problems where each term occurring in an equation or a disequation is a
pattern. For example, the map example given in section 1.2 and dealt with in section 3.3
and 4, is also an equational problem on patterns.
As noticed in section 4, an equation or a disequation may have or have not solutions
if a functional variable F of type 1 : : : n ! depends or not of its arguments. For
example xy:F(x) = xy:G(y) has no solution if F or G depend of their argument
but has a solution if F and G are constant functions. Since we are interested in the
decidability of any formulae on patterns and not equational problems onlyy , we introduce
a new syntax for equational problems which allows to express this key feature of terms.
The notation is similar to the notation X = X[I] dened in section 1 and used in section
4. For simplicity, we shall keep this notation in the quantication of equational problem,
obtaining constrained equational problems, as dened by:
Definition 7. A constrained equational problem on patterns is a formula
Z[I] 9X[J] 8Y [K] : P
where P is a conjunction of disjunction of equations or disequations s.t. each term
occurring in P is a pattern and FV (P) = X [ Y [ Z. A variable appears once in
Z[I] 9X[J] 8Y [K] which is called the prex part of the problem.
By denition Z[I] 9X[J] 8Y [K] : P is equivalent to 9X 8Y : Z1 = Z1 [J1] ^ : : : ^ ZjJ j =
ZjJ j [JjJ j] ^ X1 = X1 [I1] ^ : : : ^ XjI j = XjI j [IjI j] ^ Y1 = Y1 [K1] ^ : : : ^ YjK j = YjK j [JjK j] ^ P
with jI j; jJ j; jK j the cardinals of I; J; K .
There is an easy way to get constrained problems from unconstrained ones, using the
rules:
'
! WI f1;:::;ng Z[I] ' if Z is a free variable of ' of type
1 : : : n ! .
9X ' ! W
I f1;:::;ng 9X[I] ' if X has type 1 : : : n ! .
8Y ' ! VI f1;:::;ng 8Y [I] ' if Y has type 1 : : : n ! .
Since any closed instance of a variable F is a closed instance of some F[I], this transformation preserves the set of solutions.
Remark 7. Constrained formulae have the usual behavior under negation, i.e.
:(Z[I] 9X[J] : ') is equivalent to Z[I] 8X[J] : :' and a similar result holds for negation
of universal formulae.
Proof. 9X[I] : ' is equivalent to 9X : X = X[I] ^ ', therefore the negation is equivalent
to 8X : (X 6= X[I] _ :'). The disjunction is true for the X's not depending of their ith
arguments for i 2 I, therefore the formula is equivalent to 8X[I] : :'. The reasoning
holds also when free variables occur and works for universal formulae too. 2
y a simpler and more ecient procedure for equational problems is described in [Lugiez, 1994a].
Positive and Negative Results for Higher-Order Disunication
29
For simplicity, we shall assume that for each constraint F[I] where F has type occurring in the prex, there are innitely many closed terms of type which satisfy the
constraint, otherwise F is replaced by all its possible instances (yielding a disjunction if
F is free or existential, a conjunction if it is universal). The niteness or inniteness of
this set of closed terms can be decided by looking at all possible closed terms of height
less than some bound (computed from and C ).
5.2. The transformation rules
The scheme of the disunication algorithm can be described as follows:
Basic rules and new rules for eliminating universal variables are used to get problems free of universal variables.
The resulting problems are simplied further to get constrained substitutions which
are our solved forms. These solved forms are similar to the rst-order solved forms
of [Comon and Lescanne, 1989], extended with dependence constraints.
Contrary to second-order complement problems, universal variables can occur in each
side of an equation or disequation, but the restriction that each term is a pattern allows
to devise new rules like the occurrence-test rule or the compatibility rules. The transformation rules are designed for equational problems, and we shall see how to solve any
quantied formulae later on. The rst rules are the basic rules as dened in section 3.2.
which we complete with the following rules:
Occurrence-test rules
(OC1) xn :F(yp ) = xn:t ! ?
if root(t) is not F and F 2 FV (t).
(OC2) xn :F(yp) 6= xn :t ! >
Compatibility rules for Flexible-Flexible cases
F and G are two free, existential or universal variables of the equational problem
s.t. F[I] and G[J] occur in the prex. These rules take into account the dependence
constraints stated in the prex part of the equational problem.
(CO1) xn :F(yp ) 6= xn:G(zq ) ! > (CO2) xn:F(yp ) = xn:G(zq ) ! ?
if fyi j i 2 I g 6= fzj j j 2 J g.
(CO3) xn :F(yp ) 6= xn:F(zp ) ! > (CO4) xn:F(yp ) = xn:F(zp ) ! ?
if 9i 2 I s.t. yi 6= zi .
(CO5) xn :F(yp ) 6= xn:F(zp ) ! ? (CO6) xn:F(yp ) = xn:F(zp ) ! >
if 8i 2 I; yi = zi .
30
D. LUGIEZ
Flexible-Rigid disequation: universal-constant or bound variable case
(EUVD1)
8Y [I] : (xn:Y (yp ) 6= xn :s _ P) ! P fY yp :sg
if xn :s is a closed term s.t. FV (s) = fyi j i 2 I g
(EUVD2)
8Y [I] : (xn:Y (yp ) 6= xn :s _ P) ! >
if xn :s is a closed term s.t. FV (s) =
6 fyi j i 2 I g
Flexible-Flexible disequation: universal-universal case
8Y1 [I] Y2 [J] : (xn :Y1(yp ) 6= xn :Y2(zq ) _ P)
!
yp :H(wk );
8H[K] : P YY12 zq :H(wk )
if fyi j i 2 I g = fzj j j 2 J g = fwl j l 2 K g and K = f1; : : :; kg.
(EUVD3)
The reader should remark that the case of a disequation s.t. the root of each member
is the same universal variable Y , is handled by rules CO3 and CO5, and that the rule
CO1 handles the case fyi j i 2 I g =
6 fzj j j 2 J g.
Flexible-Flexible disequation: universal-free or existential case
9X[I] 8Y [J] : (xn :X(yp ) 6= xn :Y (zq ) _ P)
!
yp :H(wk );
9H[K] : P X
Y zq :H(wk )
if fyi j i 2 I g = fzj j j 2 J g = fwl j l 2 K g and K = f1; : : :; kg.
(EUVD4)
A similar rule exists for free variables and the above remark on rule CO1 holds.
Explosion rules for free or existential variables
The explosion rule for existential or free variables is rephrased as:
Positive and Negative Results for Higher-Order Disunication
(EX)
31
Z[I] 9X[J] 8Y [K] : P ! Z[I] 9X[J] 9H1[J1]; : : :; Hp[Jm ]8Y [K] :
F = xn:a(H1(xn ); : : :; Hm(xn ))^
P fF xn:a(H1(xn ); : : :; Hm (xn))g
F is an existential or free variable occuring in an equation s = t or a disequation s =
6 t s.t. root(s) = F, root(t) is a constant or a bound variable, t
contains an universal variable,
the dependence constraint on F is F[I], and J1 ; : : :; Jm are s.t. (J1 [ : : : [ Jm ) \
f1; : : :; ng = I,
a 2 C [ fxi j i 2 I g.
To ensure that no solution is lost, all possible choices for a and J1; : : :; Jm are done.
Explosion of universal variables
(EXUV)
8Y [I] : (xn :Y (yp ) 6= xn :a(um ) _ P)
!
V
(J1 [:::[Jm )\f1;:::;pg=I 8H1[J1]; : : :; Hm [Jm ] :
(xn :Y (yp ) =
6 xn:a(um ) _ P)fY ym :a(H1(ym ); : : :; Hp (ym ))g
if um contains some existential, free or universal variable of the equational problem.
Universal variables in equations
(EUVE)
Z[I] 9X[J] 8Y [K] : (s1 = t1 _ : : : _ sn = tn _ P)
!
Z[I] 9X[J] 8Y [K] : P
if each si = ti contains a universal variable, P contains no universal variable,
no rule (except explosion rules) is applicable to any si = ti.
5.3. An example
Before giving consistency and correctness results on the above set of rules, we show
how to use these rules. Let us consider the (unconstrained) equational problem:
8Y : (xyz:Y (x; y; z) 6= xyz:Y (x; z; y) _ xyz:Y (x; y; z) 6= xyz:Y (y; x; z)_
xyz:Z(x) 6= xyz:Y (x; y; z))
The rst step is to transform this problem into constrained equational problems. There
are two possible constraints for Z, i.e. Z[;] and Z[f1g], and 8 possible constraints for Y ,
leading to 16 constrained problems and we describe the transformation process on some
of them only. For simplicity we write F[i] instead of F[fig] for integers i.
32
D. LUGIEZ
Constraints Z[;]
Let us see what happens with the problem:
Z[;] 8Y [;] : (xyz:Y (x; y; z) 6= xyz:Y (x; z; y) _ xyz:Y (x; y; z) 6= xyz:Y (y; x; z)_
xyz:Z(x) 6= xyz:Y (x; y; z))
!EUV D3
Z[;] 8H[;] : (xyz:Y (x; y; z) 6= xyz:Y (y; x; z)_
xyz:Z(x) 6= xyz:Y (x; y; z))fY xyz:H g
which is simplied into:
Z[;] 8H[;] : (xyz:H 6= xyz:H _ xyz:Z(x) 6= xyz:H)
!ET 2
Z[;] 8H[;] : xyz:Z(x) 6= xyz:H)
!EUV D4
?
Therefore there is no solution for the constraint Z[;] (even if the other problems with
the constraint Z[;] do not return ?).
Constraints Z[1]
Let us see what happens with the problem:
Z[1] 8Y [2] : (xyz:Y (x; y; z) 6= xyz:Y (x; z; y) _ xyz:Y (x; y; z) 6= xyz:Y (y; x; z)_
xyz:Z(x) 6= xyz:Y (x; y; z))
!CO3
Z[1] 8Y [2] : (xyz:Y (x; y; z) 6= xyz:Y (y; x; z) _ xyz:Z(x) 6= xyz:Y (x; y; z))
!CO3
Z[1] 8Y [2] : xyz:Z(x) 6= xyz:Y (x; y; z)
!CO1
Z[1] : >
The reader may check that all other constrained problems with constraint Z[1] gives
>, which means that the solutions of the initial unconstrained problem are the Z =
x:Z(x) s.t. Z depends on its argument x.
Positive and Negative Results for Higher-Order Disunication
33
5.4. Decidability of Equational problems
5.4.1. Correctness and consistency of rules
Proposition 12. The explosion rule EX is consistent and the other rules are correct.
Proof. This statement is a straightforward consequence of Miller's result on pattern
unication except for EUV E. Miller's result for Flexible-Flexible pairs states that the
unication problem:
xn :F(yp) = xn :G(zq )
has a most general unier F yp :H(wl ); G zq :H(wl ) where fwl g = fyp g \ fzq g.
Moreover the unication problem:
xn :F(yp ) = xn:F(zq )
has a most general unier F yp :H(wl ) where wl = fyi j yi = zi g. Combining these
results and the dependence constraints stated in the prex part yields the consistency
of the compatibility rules. Rules CO1 to CO4 states that two exible terms can not be
uniable if one of them must contain a bound variable which can not appear in the other
one. The two last rules state that bound variables which do not appear actually in the
terms can be dropped. The proof of correctness is similar for the EUV Di's rules. For
example EUV D3 relies on the fact that the equation xn :Y1(yp ) = xn :Y2(zq ) is true
only for instances Y1 = yp :H(wl ); Y2 = zq :H(wl ) for all H s.t. H = H[L] is true when
Y1 and Y2 satisfy the constraints Y1 = Y1 [I] and Y2 = Y2 [J].
The correctness of EUV E requires the following lemma which is used also for the
decidability of the solved forms computed by the transformation process:
Lemma 1. A disjunction 9X[I] 8Y [J] : (s1 = t1 _ : : : _ sm = tm ) where si and ti
are distinct patterns and s.t. no basic, occurrence-test nor compatibility rule is applicable,
has no solution when each equation contains an occurrence of some Yi .
Proof. The proof of this lemma is by induction on the number of universal variables.
Base case: by instantiating free and existential variables one gets equations xn:Y (yp ) =
r with r a closed term. Any instance Y xm :C[[ xI ] for C some context higher than r,
falsies the equation and satises the constraint Y [I]. Moreover no other kind of equation
can happen otherwise occurrence-test or compatibility rules would apply. Therefore any
instance Y xm :C[[ xI ] for C high enough satises the constraint and falsies all
equations.
Induction case: given an instantiation of free and existential variables, by induction hy-
pothesis there exists instantiations of Y1 xn1 :C1[ xn1 ] ; : : :; Yp xnp :Cp [ xnp ]
which falsies all equations which contain only these universal variables. Then the situation is similar to the base case, and one can choose a suitable instance of Yp+1 s.t. the
disjunction is false. 2
The consistency of EXUV rule is also easy: since Y occurs in a disequation s 6= t
with root(s) = Y and root(t) = a, each instance of Y a term with root b 6= a yields
34
D. LUGIEZ
>. Therefore the only instances of Y to consider are the instances with root a. Since Y
is subject to dependence constraints, the term a(H1(: : :); : : :; Hm(: : :)) is subject to the
same constraints which gives the relevant constraints on the Hi's.
The correctness of the EX rules works like in the unconstrained case, and we also
have to consider all possible cases (for a and the possible dependence constraints) for
completeness sake. 2
5.4.2. Termination proof
The rst point to realize is that no universal variable remains when no rule is applicable
and that one gets an expression which can be rewritten as a disjunction of existentially
quantied conjunction of equations or disequations. The second point is that we need a
suitable strategy for the application of rules:
the basic rules, occurrence-test rules, compatibility rules and elimination of universal variable rules have the highest priority,
a universal variable Y is exploded if none of the previous rule is applicable and
if Y occurs in a disequation xn :Y (: : :) =
6 t where root(t) is not a variable and
t contains some free, existential or universal variable. Moreover we set a priority
on universal variables in the following way: the initial variable are ordered arbitrarily Y1 Y2 : : :. When several variables can be exploded, the explosion
takes place on the variable with the highest priority and if H1 ; : : :; Hp are introduced by exploding some universal variable the ordering becomes H1 : : : Hp the previous ordering.
the explosion of an existential or free variable F is performed if no other rule is
applicable and if F occurs in an equation (resp. disequation) xn:F(: : :) = t
(resp. =
6 ) where root(t) is not a variable and s contains some universal variable.
To prove termination, we dene a complexity measure on equational problems and we
show that the application of rules decreases this measure. In fact the complexity may
increase after the application of some rules, but we show that the next applications decrease the complexity to some level less than the initial one. The complexity measure of
a conjunction is the multiset of complexity measure of each conjunct, and the complexity
measure of a disjunction is the triple (NUV; PUV; NSY M) where NUV is the number
of universal variables occurring in the disjunction, if there is no universal variable then
PUV = 0 else PUV = jpj for p top-position of universal variables, NSY M is the
number of symbols (excepting bound variables and the symbol). Triples are ordered
lexicographically.
Proposition 13. The application of rules according to the previous strategy terminates.
Proof. We show that each application of rule leads to a smaller complexity either
immediately or later on.
Positive and Negative Results for Higher-Order Disunication
35
Basic rules, occurrence-test rules and compatibility rules do not increase NUV nor
PUV but decrease NSY M.
The rules for the elimination of universal universal variables in disequation de-
crease NUV except for EUV D4 which does not increase NUV but decreases PUV
since one equation with some universal variable has vanished and since the variable
H replacing Y appears at the same positions in the other equations or disequations.
EUV E decreases NUV .
The case of explosion rules requires more work since explosion rules increase the
complexity measure rst and one gets a smaller complexity than the initial one only
after a sequence of applications of rules.
First, we prove that the universal variables introduced by an explosion rule are
eventually eliminated. The proof is by induction on N = Maxfheight(t) j
xn :Y (yp ) 6= t occurring in the problemg.
Base case: N = 1 then no explosion can take place and all disequations
xn :Y (yp ) 6= t are eliminated by the EUV Di's rules.
Induction step: the induction hypothesis is
each universal variable occurring in disequations xn :Y (yp ) 6= t with
height(t) < N can be eliminated as well as each new introduced universal variable.
Suppose that no rule is applicable and let Y be some exploded variable, then
let us see how disequations xn:Y (yp ) 6= t with t = xn:a(t1 ; : : :; tm ) and
height(t) = N are transformed. The instances Y xn :b(H1(xn ); : : :; Hp(xn))
yield > (and the relevant disjunctions vanish) and the instances
W
Y xn:a(H1(xn ); : : :; Hm(xn )) yields the disjunction i=1;:::;m xn:Hi(yn ) 6=
xn :ti. Some of the Hi can be eliminated directly by the basic or EUV Di's
rules, and the induction hypothesis can be applied to each of the remaining
ones (remember that in patterns no free variable occurs in the scope of another
one and that disequations xn :Hi(yp ) 6= s necessarily come from disequations xn:Y (yp ) 6= t).
Then we show that the explosion of a free or existential variables is followed
by rules which decrease PUV . Let F be the exploded variable, then F occurs in equations (resp. disequations) xm :F(yn) = xm :a(t1; : : :; tp) (resp.
6= ) where at least one ti contains a universal variable.The explosion is either F xn :a(H1(xn); : : :; Hp(xn )) or F xn:b(H1(xn); : : :; Hl (xn)) with
a 6= b, therefore the clash or the decomposition rules eventually apply to this
equation (resp. disequation) since no other rule is applicable when the explosion
rule is applied. This yields either ? (resp. >) or n smaller equations (resp. disequations) xm :Hi(yn ) = xm :ti (resp. 6= ) since either ti has no universal
variable or they occur at smaller positions. Therefore explosion of existential
or free variables eventually decreases PUV .
36
D. LUGIEZ
2
Proposition 14. Any constrained equational problem is equivalent to a (disjunction) of
: C1 ^ : : : ^ Cp where Ci is an equation or a disequation.
9X[J]
formulae: Z[I]
Proof. The previous proposition proves that the process terminates, and that no universal variable may remain, otherwise some rule would apply. Moreover, each rule is
consistent, each rule but EX is correct, see proposition 12, and the fact that we consider
each possible case for EX ensures that no solution is lost. 2
5.4.3. Computing solved forms
The last step is to transform existentially quantied into constrained solved as dened
by:
Definition 8. A constrained solved form is either ?, or X[I] : > or else a formula:
where
Z[I] 9X[J] : 1 = t1 ^ : : : ^ n = tn ^ u1 6= s1 : : : ^ um 6= sm
each term is a pattern,
for all i, i and ti have the same type, i = xni :Fi(xni ) and the variable Fi occurs
once,
uj and sj have the same type for all j ,
uj = ynj :Gj (znj ) and Gj 62 FV (sj ) for all j .
Contrary to the rst-order case, we allow the variables Fi's to be existential. It is
possible to require that Fi is a free variable, at the price of an additional cleaning process.
Example Z[1] 9X1[;]; X2[;] : x:Z(x) = x:f(x; X1 ; X2) ^ X1 6= X2 is a constrained solved form.
Solved forms are computed using a adaptation of the classical rules for pattern unication, i.e. we use basic rules, occurrence-test rules, the explosion rule, compatibility rules
and the new rules:
Flexible-Rigid unification pairs
F is a free or existential variable subject to the constraint F[I].
(FR1) xn:F(yp ) = xn :s ^ P ! yp :F(yp ) = yp :s ^ P fF
if xn:s is a closed term s.t. FV (s) = fyi j i 2 I g
(FR2)
xn:F(yp ) = xn :s ^ P ! ?
if xn:s is a closed term s.t. FV (s) 6= fyi j i 2 I g
yp :sg
Positive and Negative Results for Higher-Order Disunication
37
The rule to deal with equations xn :F(yp ) = xn:s when s contains some existential
or free variable is the explosion rule EX 0 obtained using the denition of EX where the
word universal is replaced by existential or free.
Flexible-Flexible unification pairs
F and G are free or existential variables subject to the constraints F[I] and G[J].
(FF) xn :F(yp ) = xn:G(zq ) ^ P
!
9H[L]
: yp :F(yp ) = yp :H(wl ) ^ zq :G(zq ) = zq :H(wl )^
yp :H(wl );
P FG zq :H(wl )
if fyi j i 2 I g = fzj j j 2 J g = fwk j k 2 Lg et L = f1; : : :; lg
The reader should remark that exible-exible pairs with the same variable are handled by the compatibility rules CO4 and CO6.
These rules terminate when using the same strategy as for pattern unication (same
proof). Our last preliminary result is that solved forms are decidable, which is stated by
the next lemma:
Lemma 2. It is decidable when a constrained solved form has a solution.
Proof. The case with ? and > is obvious, let us deal with solved forms like: Z[I] 9X[J] :
1 = t1 ^ : : : ^ n = tn ^ u1 6= s1 : : : ^ um 6= sm
A straightforward adaptation of the proof of lemma 1 (use negation) shows that the
conjunction of disequations u1 6= s1 : : : ^ um 6= sm has innitely many solutions
G1 wn1 :C1[ wI1 ] ; : : :; Gl wnl :Cl [ wIl ] if the dependence constraints on the Gi 's
are G1[I1]; : : :; Gl[Il ]. Now let xp :F(xp) = xp :t be an equation s.t. the variable F
occurs once in the equational part and is subject to the constraint F[I]. Since F occurs
once, it is always possible to satisfy the equation and the only condition to check is that
the constraint F[I] is satisable. This amounts to checking that xi 2 t is true for each
i 2 I which is easily decided by the rules:
x 2 ym :x(: : :) ! >
x 2 ym :a(un) ! xW2 u1 _ : : : _ x 2 um
x 2 ym :F(un) ! j 2J x 2 uj if F[J] is the constraint on F.
It is easy to see that the rules are correct and terminate with either > or ?. Therefore
a solved form has a solution i the membership constraints xi 2 tj evaluate to > for each
i 2 Ij if Fj [Ij ] is the constraint on F. 2
Example Z[1] 9X1 [;]; X2[;] : x:Z(x) = x:f(x; X1; X2 ) ^ X1 6= X2 has solutions.
The reader may check that the disequation has innitely many solutions and that the
membership constraint x 2 f(x; X1 ; X2) returns >.
38
D. LUGIEZ
Remark 8. The rules for solving membership constraints can be used to get rid of the
equations xnj :Fj (xnj ) = tj with Fj an existential variable subject to the constraint Fj [I].
Either all membership constraints xi 2 tj returns > for i 2 I and we simply drop the
equation or one of them returns ? and the solved form is equivalent to ?.
Gathering all previous results, we can state our main decidability result:
Theorem 9. Constrained equational problems on pattern are decidable.
This results has two consequences:
Theorem 10. Equational problems on patterns are decidable.
Proof. Obvious from the transformation of an equational problem into constrained
equational problems. 2
and
Theorem 11. Any quantied equational formulae on patterns is decidable.
Proof. First, we transform formulae into constrained formulae. Then the previous results show that X[I] 9Z[J] 8Y [K] : ' can be transformed into X[I] 9W[L] : formulae,
which means that -using repeated negation- X[I] 8Z[J] 9Y [K] : ' formulae are equivalent to X[I] 8W[L] : 0 formulae therefore to X[I] 9U[M] : '0 formulae. This process
can be iterated in order to get rid of any alternation of quantier, starting innermost,
which yields the decidability result. 2
Conclusion
Before sketching some possible improvements of our work, we discuss previous approaches to similar works.
Higher-order unication has been extensively studied because of its importance in automated deduction. Most of the results are negative except for some very restricted cases
and even second-order logic which does not allow the composition of higher-order variable
has no unication algorithm [Amiot, 1994]. Recently, several authors [Prehofer, 1994b,
Avenhaus and Loria-Saenz, 1994] have tried to extend what is done for solving equations
on rst-order terms in a higher-order algebraic framework and their solution is to consider only terms which belong to some subclasses with good properties. These classes are
dened by imposing some technical conditions on the terms being used, in order to have a
decision procedure for unication. Unfortunately it is often impossible to impose that the
resolution process, usually a narrowing-like procedure, constructs terms which stay in the
given subclass. More progress has been done in the question of higher-order matching,
which has been conjectured to be decidable, since third-order and fourth-order matching
have been proved decidable [Dowek, 1992, Padovani, 1995]. All these results involve only
existential quantication, when our work deals with more complex formulae.
Another interesting approach to unication is Miller's work on prex unication
[Miller, 1992] which allows quantication in front of unication problems. This allows
him to gain expressive power (constants can be simulated by variables) and to see bound
Positive and Negative Results for Higher-Order Disunication
39
variables as universal variables. A main point in his work is his skolemization technique
which is proved correct for unication problems, that is, provable in the formal system of type theory. However, there are some fundamental dierences with our results,
mainly due to dierent motivations. Quantied unication comes from higher-order proof
schemes when equational problems were initiated by the study of specication languages
where the set of constants is given. Therefore using quantication for dening constants
is not relevant for us, and we are interested in decidable fragments when Miller's approach deals with unrestricted unication which is undecidable. On the other hand we
are dealing with formulae which are much more complex than unication problems since
we may have boolean connectives and negation. For example, it is not yet clear if the
skolemization process used in Miller's work can be used in our approach. Even the very
particular formulae involved by completeness of denitions are usually more complicated
than unication problems. For example, in the rst-order case, unication problems can
be decidable when complement problems are undecidable if some axioms are involved
(see the associativity axiom for example).
A simple improvement of our work is to extend the denition of patterns in order
to allow repeated bound variables in the arguments of a free variable, as in Prehofer's
work [Prehofer, 1994a]. In this case, pattern's unication is nitary instead of unitary,
and technical changes only are required to adapt our method to this case. Another
possible extension of our work is to have an innite set of constants, since we know that
rst-order disunication is also decidable in this case. This extension is easy since the
constants which are relevant are the constants which actually occur in the formula being
solved. The explosion rule can be restricted to these constants and a new unknown one.
We don't need to know explicitly what this constant is, since it is relevant only when
it clashes with other constants which can be handled by new constraints on the roots
of terms. Therefore our approach will work also in this case which we do not detail any
more.
A more interesting extension is to consider a richer type system. The rst one is
related to ML like languages where types are constructed from constants, type variables
and type constructors (like !), which gives a simple approach to polymorphism. Since
type inference is decidable in this framework provided some assumptions on typing letrec
constructs, our results are likely to hold in this framework. In this case, types have to
be dealt with explicitely: for example X of type with a type variable is in normal
form, but if is instantiated by ! then its normal form is x : :X(x), therefore
there is some work to do on types before solving equations and disequations. A much
more dicult problem is to lift the results to lambda-calculi with polymorphic and/or
dependent types and there is not yet any hint whether this is possible or not. Such type
systems are of considerable importance, and will be investigated in further research.
Aknowledgment
The author thanks the referees for their careful reading of the manuscript and their
corrections and suggestions.
References
Amiot, 1994 Amiot, G. (1994). Unication et logique du second ordre. PhD thesis, Université Paris 7
(France).
40
D. LUGIEZ
Avenhaus and Loria-Saenz, 1994 Avenhaus, J. and Loria-Saenz, C. (1994). Higher-order conditional
rewriting and narrowing. In Jouannaud, J. P. ., editor, Proceedings of the 1st International conference Constraints in Computational Logics, number 845 in Lecture Notes in Computer Science,
pages 269284. Springer-Verlag.
Barbuti et al., 1990 Barbuti, R., Mancarella, P., Pedreschi, D., and Turini, F. (1990). Transformational
approach to negation in logic programming. Journal of Logic Programming, 8(3):201228.
Breazu-Tannen, 1988 Breazu-Tannen, V. (1988). Combining algebra and higher-order types. In Proceedings 3rd IEEE Symposium on Logic in Computer Science, Edinburgh (UK), pages 8290.
Comon and Lescanne, 1989 Comon, H. and Lescanne, P. (1989). Equational problems and disunication.
Journal of Symbolic Computation, 7:371425.
Dowek, 1992 Dowek, G. (1992). Third order matching is decidable. In Proceedings of LICS'92, SantaCruz (California, USA).
Goldfarb, 1981 Goldfarb, D. (1981). The undecidability of the second order unication problem. Theoretical Computer Science, 13:225230.
Hindley and Seldin, 1986 Hindley, J. R. and Seldin, J. P. (1986). Introduction to Combinators and
Lambda-calculus. Cambridge University.
Jouannaud and Okada, 1991 Jouannaud, J. and Okada, M. (1991). A computation model for executable
higher-order algebraic specication languages. In Proceedings 6th IEEE Symposium on Logic in
Computer Science, Amsterdam (The Netherlands), pages 350361.
Lassez and Marriot, 1987 Lassez, J.-L. and Marriot, K. (1987). Explicit representation of terms dened
by counter examples. Journal of Automated Reasoning, 3(3):117.
Lugiez, 1994a Lugiez, D. (1994a). Decidable and undecidablecase of higher-orderdisunication. Technical
report, CRIN.
Lugiez, 1994b Lugiez, D. (1994b). Higher-order disunication: some decidable cases. In Jouannaud,
J. P., editor, Proceedings of the 1st International conference Constraints in Computational Logics,
number 845 in Lecture Notes in Computer Science, pages 121135. Springer-Verlag.
Miller, 1991 Miller, D. (1991). A logic programming language with lambda abstraction, function variables
and simple unication. In P.Schroeder-Heister, editor, Extension of Logic Programming, volume
475 of Lecture Notes in Computer Science, pages 253281. Springer-Verlag.
Miller, 1992 Miller, D. (1992). Unication under a mixed prex. Journal of Symbolic Computation,
14:321358.
Nadathur and Miller, 1990 Nadathur, G. and Miller, D. (1990). Higher-order horn clauses. Journal of
the ACM, 37(4):777814.
Nipkow, 1991 Nipkow, T. (1991). Higher-order critical pairs. In Proceedings 6th IEEE Symposium on
Logic in Computer Science, Amsterdam (The Netherlands), pages 342349.
Nipkow and Qian, 1991 Nipkow, T. and Qian, Z. (1991). Modular higher-order E-unication. In Book,
R. V., editor, Proceedings 4th Conference on Rewriting Techniques and Applications, Como (Italy),
volume 488 of Lecture Notes in Computer Science, pages 200214. Springer-Verlag.
Padovani, 1995 Padovani, V. (1995). On equivalence classes of interpolation equations. In Proceedings of
the second international conference on type lambda calculi and applications, volume 902 of Lecture
Notes in Computer Science, pages 335349. Springer-Verlag.
Pfenning, 1989 Pfenning, F. (1989). Elf: A language for logic denition and veried meta-programming.
In Proceedings of IEEE Symposium on Logic in Computer Science, pages 313322. IEEE.
Prehofer, 1994a Prehofer, C. (1994a). Decidable higher-order unication problems. In Automated Deduction: CADE-12 - Proc. of the 12th International Conference on Automated Deduction, volume
814 of Lecture Notes in Articial Intelligence.
Prehofer, 1994b Prehofer, C. (1994b). Solving higher-order equations. In Proceedings of the 9th Symp.
Logic in Computer Science, pages 507516. IEEE.
Thiel, 1984 Thiel, J.-J. (1984). Stop losing sleep over incomplete data type specications. In Proceeding
11th ACM Symp. on Principles of Programming Languages, pages 7682. ACM.
Thompson, 1986 Thompson, S. (1986). Laws in miranda. In Proc. 86 ACM Conf. Lisp and Functional
Programming, Cambridge, Mass.
Wolfram, 1991 Wolfram, D. (1991). Rewriting and equational unication: the higher-order case. In Book,
R. V., editor, Proceedings 4th Conference on Rewriting Techniques and Applications, Como (Italy),
volume 488 of Lecture Notes in Computer Science, pages 2536. Springer-Verlag.