10 September 2003 Invited tutorial at ICLP ’03

A Tutorial on Proof Theoretic Foundations

of Logic Programming
Paola Bruscoli and Alessio Guglielmi
Technische Universität Dresden
Hans-Grundig-Str. 25 - 01062 Dresden - Germany
[email protected], [email protected]

Abstract Abstract logic programming is about designing logic programming languages

via the proof theoretic notion of uniform provability. It allows the design of purely
logical, very expressive logic programming languages, endowed with a rich meta theory.
This tutorial intends to expose the main ideas of this discipline in the most direct and
simple way.

1 Introduction

Logic programming is traditionally introduced as an application of the resolution

method. A limitation of this perspective is the difficulty of extending the pure
language of Horn clauses to more expressive languages, without sacrificing logical
purity.
After the work on abstract logic programming of Miller, Nadathur and
other researchers (see especially [7, 8, 6]), we know that this limitation can
largely be overcome by looking at logic programming from a proof theoretic
perspective, through the idea of uniform provability. This way, one can make
the declarative and operational meaning of logic programs coincide for large
fragments of very expressive logics, like several flavours of higher order logics
and linear logics. For these logics, proof theory provides a theoretical support,
which is ‘declarative’ even in absence of a convenient semantics, like in the case
of linear logic.
The essential tool is Gentzen’s sequent calculus [2, 1], for which one al-
ways requires the cut elimination property. Deductive systems can be defined
in absence of their semantics, but they automatically possess the properties
usually requested by computer scientists: a rigorous definition independent of
specific implementations and a rich metatheory allowing formal manipulation.
An important advantage of defining logic programming languages in the sequent
calculus is the universality of this proof theoretic formalism. This allows for a
much easier designing and comparing different languages than the corresponding
situation in which a common formalism is not adopted.
Moreover, given the modularity properties induced by cut elimination and
its consequences, it is conceivable to design tools for logic programming lan-
guages in a modular fashion, which is an obvious advantage. For example, a
compiler can be produced by starting from some core sublanguage and pro-
ceeding by successive additions corresponding to modularly enlarging the core
language. A first large scale language designed according to this principle is
λ-Prolog [3], in intuitionistic higher order logic, and several others are available,
especially in logics derived from linear logic (see [4] for a survey).
2 Paola Bruscoli and Alessio Guglielmi

The purpose of this tutorial is to give a concise, direct and simple introduc-
tion to logic programming via uniform provability. This is a two phase operation:
firstly, the sequent calculus of classical logic is introduced, then uniform prov-
ability and the related concept of abstract logic programming. The idea is that
anybody familiar with classical logic in its basic, common exposition, and who
also knows Prolog, should be able to find enough information for understanding
how Prolog could be designed, and extended, using this proof theoretic method-
ology. The reader who is already acquainted with sequent calculus can skip the
first section.

2 The Sequent Calculus

We deal here with the sequent calculus of first order classical logic; a good
reference is [1]. This is enough to establish all the main ideas of abstract logic
programming. For the higher order case, a great source of trouble is dealing
with unification, but this issue does not directly affect the notion of uniform
provability. The paper [8] studies the sequent calculus of the higher order logic
at the basis of λ-Prolog.

2.1 Classical Logic

A sequent is an expression of the form Γ ` ∆, where Γ and ∆ are multisets

of formulae. We can think of Γ and ∆ as, respectively, a conjunction and a
disjunction of formulae. The symbol ` is called ‘entailment’ and corresponds to
logical implication. Therefore ‘Γ entails ∆’ means that from all formulae in Γ
some of the formulae in ∆ follow.
A rule is a relation among sequents S1 , . . . , Sn and S
S 1 . . . Sn
ρ ,
S
where ρ is the name of the rule, S1 , . . . , Sn are its premises and S is its conclu-
sion. If n = 0 the rule has no premises and we call it an axiom.
A system in the sequent calculus is a finite set of rules, that we can parti-
tion as follows: the axiom, the set of left rules and the set of right rules. Rules
come in pairs for every logical connective, giving meaning to it depending on
whether the connective appears at the left or at the right of the entailment sym-
bol. Some more rules, called ‘structural’, model basic algebraic properties of
sequents, like idempotency; they also belong to the sets of left and right rules.
A further rule, called cut, may be present as well.
A derivation for a formula is obtained by successively applying instances
of the given rules; if all branches of the derivation tree reach axioms then the
derivation is a proof. We take a bottom-up perspective, i.e., we think of proofs
as built from the bottom sequent up.
We focus on classical logic, assuming that the reader is acquainted with
some basic notions related to substitutions, instantiations and the like. We
 A Tutorial on Proof Theoretic Foundations of Logic Programming 3

Axiom Cut
A`A Γ ` ∆, A A, Λ ` Θ
cut
Γ, Λ ` ∆, Θ

Left Rules Right Rules

A, A, Γ ` ∆ Γ ` ∆, A, A
cL cR
A, Γ ` ∆ Γ ` ∆, A

Γ `∆ Γ `∆
wL wR
A, Γ ` ∆ Γ ` ∆, A

Γ ` ∆, A B, Γ ` ∆ A, Γ ` ∆, B
⊃L ⊃R
A ⊃ B, Γ ` ∆ Γ ` ∆, A ⊃ B

A, Γ ` ∆ B, Γ ` ∆ Γ ` ∆, A Γ ` ∆, B
∧LL ∧LR ∧R
A ∧ B, Γ ` ∆ A ∧ B, Γ ` ∆ Γ ` ∆, A ∧ B

A, Γ ` ∆ B, Γ ` ∆ Γ ` ∆, A Γ ` ∆, B
∨L ∨RL ∨RR
A ∨ B, Γ ` ∆ Γ ` ∆, A ∨ B Γ ` ∆, A ∨ B

Γ ` ∆, A A, Γ ` ∆
¬L ¬R
¬A, Γ ` ∆ Γ ` ∆, ¬A

A[x/t], Γ ` ∆ Γ ` ∆, A
∀L ∀R
∀x.A, Γ ` ∆ Γ ` ∆, ∀x.A

A, Γ ` ∆ Γ ` ∆, A[x/t]
∃L ∃R
∃x.A, Γ ` ∆ Γ ` ∆, ∃x.A
where in ∀R and ∃L the variable x is not free in the conclusion

Fig. 1 First Order Classical Sequent Calculus with Multiplicative Cut LK

introduce a system for first-order classical logic, called LK, which is a slight
modification of the system bearing the same name proposed by Gentzen in 1934.
By means of examples we will see how the proof construction process works in
the system and we will shortly discuss cut elimination.
From now on we consider the language of classical logic built over ⊃, ∧, ∨,
¬, ∀, ∃, and we denote formulae by A, B, . . . , and atoms by a, b, . . . , and by p(x),
q(y). The system LK of first order classical sequent calculus with multiplicative
cut is defined in fig. 1. The rules cL and cR are called left and right contraction;
wL and wR are called left and right weakening; the other rules, except for cut,
get the name from the connective they work on.
Regarding the use of the rules ∀R and ∃L , one should remember that bound
variables can always be renamed, i.e., one can consider, say, ∀x.p(x) the same
as ∀y.p(y).
The first example shows the behaviour of several rules, in particular it
shows how several structural rules operate. To see cL in action, please wait until
the next section.
4 Paola Bruscoli and Alessio Guglielmi

2.1.1 Example In LK, the tautologies A ∨ ¬A and ∀x.(q(y) ⊃ p(x)) ⊃ (q(y) ⊃

∀x.p(x)) have these proofs:

q(y) ` q(y) p(x) ` p(x)

wR wL
q(y) ` q(y), p(x) p(x), q(y) ` p(x)
⊃L
A`A q(y) ⊃ p(x), q(y) ` p(x)
¬R ∀L
` A, ¬A ∀x.(q(y) ⊃ p(x)), q(y) ` p(x)
∨RR ∀R
` A, A ∨ ¬A ∀x.(q(y) ⊃ p(x)), q(y) ` ∀x.p(x)
∨RL ⊃R
` A ∨ ¬A, A ∨ ¬A ∀x.(q(y) ⊃ p(x)) ` q(y) ⊃ ∀x.p(x)
cR ⊃R
` A ∨ ¬A and ` ∀x.(q(y) ⊃ p(x)) ⊃ (q(y) ⊃ ∀x.p(x)) .

The second tautology proven above is an instance of one of Hilbert axiom

schemes: ∀x.(A ⊃ B) ⊃ (A ⊃ ∀x.B), where x is not free in A.
In the next example, please pay special attention to the role played by
the provisos of the ∀R and ∃L rules. In case more than one quantifier rule is
applicable during the proof search, try first to apply a rule which has a proviso,
while building a proof bottom-up, i.e., starting from its bottom sequent.
2.1.2 Example We prove in LK that (∀x.p(x) ⊃ q(y)) ≡ ∃x.(p(x) ⊃ q(y)). We
need to prove both implications:

p(x) ` p(x)
wR
p(x) ` p(x), q(y) q(y) ` q(y)
⊃R wL
` p(x), p(x) ⊃ q(y) p(x), q(y) ` q(y)
∃R ⊃R
` p(x), ∃x.(p(x) ⊃ q(y)) q(y) ` p(x) ⊃ q(y)
∀R ∃R
` ∀x.p(x), ∃x.(p(x) ⊃ q(y)) q(y) ` ∃x.(p(x) ⊃ q(y))
⊃L
∀x.p(x) ⊃ q(y) ` ∃x.(p(x) ⊃ q(y))
⊃R
` (∀x.p(x) ⊃ q(y)) ⊃ ∃x.(p(x) ⊃ q(y))

p(x) ` p(x) q(y) ` q(y)

wR wL
p(x) ` p(x), q(y) q(y), p(x) ` q(y)
⊃L
p(x) ⊃ q(y), p(x) ` q(y)
∀L
p(x) ⊃ q(y), ∀x.p(x) ` q(y)
⊃R
p(x) ⊃ q(y) ` ∀x.p(x) ⊃ q(y)
∃L
∃x.(p(x) ⊃ q(y)) ` ∀x.p(x) ⊃ q(y)
⊃R
and ` ∃x.(p(x) ⊃ q(y)) ⊃ (∀x.p(x) ⊃ q(y)) .

To complete the exposition of applications of rules, let’s consider the cut

rule.
 A Tutorial on Proof Theoretic Foundations of Logic Programming 5

2.1.3 Example In LK the formula ∃x.∀y.(p(x) ⊃ p(y)) can be proved this way:
p(z) ` p(z) p(y) ` p(y)
wR wL
p(z) ` p(z), p(y) p(x), p(y) ` p(y)
⊃R ⊃R
` p(z), p(z) ⊃ p(y) p(y) ` p(x) ⊃ p(y)
∀R ∀L
` p(z), ∀y.(p(z) ⊃ p(y)) ∀z.p(z) ` p(x) ⊃ p(y)
∃R ∀R
` p(z), ∃x.∀y.(p(x) ⊃ p(y)) ∀z.p(z) ` ∀y.(p(x) ⊃ p(y))
∀R ∃R
` ∀z.p(z), ∃x.∀y.(p(x) ⊃ p(y)) ∀z.p(z) ` ∃x.∀y.(p(x) ⊃ p(y))
cut
` ∃x.∀y.(p(x) ⊃ p(y)), ∃x.∀y.(p(x) ⊃ p(y))
cR
` ∃x.∀y.(p(x) ⊃ p(y))
The idea behind this proof is to use the cut in order to create two hy-
potheses, one for each branch the proof forks into. In the right branch we
assume ∀z.p(z) and in the left one we assume the contrary, i.e., ¬∀z.p(z) (note
that this is the case when ∀z.p(z) is at the right of the entailment symbol). The
contraction rule at the bottom of the proof ensures that each branch is provided
with the formula to be proved. Of course, it’s easier to prove a theorem when
further hypotheses are available (there is more information, in a sense): the cut
rule creates such information in pairs of opposite formulae.
One should note that the cut rule is unique in the preceding sense. In
fact, all other rules do not create new information. They enjoy the so called
subformula property, which essentially means that all other rules break formulae
into pieces while going up in a proof. In other words, there is no creation of
new formulae, only subformulae of available formulae are used (there are some
technicalities involved in the ∃R rule, but we can ignore them for now).
One should also observe that the cut rule is nothing more than a gener-
alised modus ponens, which is the first inference rule ever appeared in logic.
Systems in the sequent calculus are usually given with cut rules, because cut
rules simplify matters when dealing with semantics and when relating several
different systems together, especially those presented in other styles like natural
deduction. In fact, one useful exercise is to try to prove that LK is indeed classical
logic. No matter which way one chooses, chances are very good that the cut rule
will play a major role. Of course, classical logic is a rather well settled matter,
but this is not so for other logics, or for extensions of classical logic, which are
potentially very interesting for automated deduction and logic programming. In
all cases, the cut rule is a key element when trying to relate different viewpoints
about the same logic, like for example syntax and semantics.

2.2 Cut Elimination

Gentzen’s great achievement has been to show that the cut rule is not necessary
in his calculus: we say that it is admissible. In other words, the other rules
are sufficient for the completeness of the inference system. This is of course
good news for automated deduction. In the example above, a logician who
understands the formula to be proved can easily come up with the hypothesis
6 Paola Bruscoli and Alessio Guglielmi

∀z.p(z), but how is a computer supposed to do so? The formula used is not
in fact a subformula of the formula to be proved. Since it’s the only rule not
enjoying the subformula property, we could say that the cut rule concentrates
in itself all the ‘evil’.
Given its capital importance, we state below Gentzen’s theorem. The
theorem actually gives us more than just the existence of cut free proofs: we
could also transform a proof with cuts into a cut free one by way of a procedure
(so, the theorem is constructive). This turns out to be fundamental for functional
programming, but we will not talk about that in this paper.
2.2.1 Theorem For every proof in LK there exists a proof with the same con-
clusion in which there is no use of the cut rule.
2.2.2 Example By eliminating from the previous example cut rules according
to the cut elimination algorithm you find in [1], you should obtain a much simpler
proof, probably less intuitive from the semantic viewpoint:

p(y) ` p(y)
wL
p(y), p(x) ` p(y)
⊃R
p(y) ` p(x) ⊃ p(y)
wR
p(y) ` p(z), p(x) ⊃ p(y)
⊃R
` p(y) ⊃ p(z), p(x) ⊃ p(y)
∀R
` ∀z.(p(y) ⊃ p(z)), p(x) ⊃ p(y)
∃R
` ∃x.∀y.(p(x) ⊃ p(y)), p(x) ⊃ p(y)
∀R
` ∃x.∀y.(p(x) ⊃ p(y)), ∀y.(p(x) ⊃ p(y))
∃R
` ∃x.∀y.(p(x) ⊃ p(y)), ∃x.∀y.(p(x) ⊃ p(y))
cR .
` ∃x.∀y.(p(x) ⊃ p(y))

We should remark that what happened in the previous example is not very
representative of cut and cut elimination, with respect to the size of the proofs.
In our example, the cut free proof is smaller than the proof with cuts above. In
general, cut free proofs can be immensely bigger than proofs with cuts (there is
a hyperexponential factor between them).
There is a possibility of exploiting this situation to our advantage. In fact,
as we will also see here, cut free proofs correspond essentially to computations.
Since proofs with cuts could prove the same theorems in much shorter ways, one
could think of using cuts in order to speed up computations, or in order to make
them more manageable when analysing them. This would require using cuts as
sort of oracles that could divine the right thing to do to shorten a computation at
certain given states. This could work by asking a human, or a very sophisticated
artificial intelligence mechanism, to make a guess. We will not be dealing with
these aspects in this paper, but one should keep them in mind when assessing the
merits of the proof theoretic point of view on logic programming and automated
deduction, because they open exciting possibilities.
As a last remark, let us notice that cut elimination is not simply a necessary
feature for automated deduction, or in general for all what is related to proof
 A Tutorial on Proof Theoretic Foundations of Logic Programming 7

construction: its use is broader. For example, a cut elimination theorem can be
used to prove the consistency of a system.
2.2.3 Example Prove that LK is consistent. We shall reason by contradiction.
Suppose that LK is inconsistent: we can then find two proofs Π1 and Π2 for
both ` A and ` ¬A. We can then also build the following proof for `:

Π2
A`A
Π1 ¬L
` ¬A ¬A, A `
cut
`A A`
cut .
`
By the cut elimination theorem a proof for ` must exist in which the cut rule
is not used. But this raises a contradiction, since ` is not an axiom, nor is the
conclusion of any rule of LK other than cut.
2.2.4 Example We can reduce the axiom to atomic form. In fact, every axiom
A ` A appearing in a proof can be substituted by a proof

ΠA

A`A
which only uses axioms of the kind a ` a, where A is a generic formula and a
is an atom. To prove this, consider a sequent of the kind A ` A and reason by
induction on the number of logical connectives appearing in A.
Base Case If A is an atom then ΠA = A ` A.
Inductive Cases
If A = B ⊃ C then

ΠB ΠC

ΠA = B`B C`C
wR wL
B ` B, C C, B ` C
⊃L
B ⊃ C, B ` C
⊃R
B⊃C `B⊃C
All other cases are similar:

ΠB ΠC ΠB ΠC

B`B C`C B`B C`C

∧LL ∧LR ∨RL ∨RR
B∧C `B B∧C `C B `B∨C C `B∨C
∧R , ∨L ,
B ∧C ` B∧C B∨C ` B ∨C
8 Paola Bruscoli and Alessio Guglielmi

ΠB ΠB ΠB

B`B B`B B`B

¬L ∀L ∃R
¬B, B ` ∀x.B ` B B ` ∃x.B
¬R , ∀R , ∃L .
¬B ` ¬B ∀x.B ` ∀x.B ∃x.B ` ∃x.B
This example vividly illustrates the internal symmetries of system LK.
These same symmetries are exploited in the cut elimination procedure, but their
use is much more complicated there.
From now on, we will be working with cut free systems, so, with systems
where all the rules enjoy the subformula property. Normally, proof theorists
deal with the problem of showing a cut elimination theorem for a given logic, so
providing the logic programming language designer with a good basis to start
with.
As we will see later on, Horn clauses (as well as hereditary Harrop for-
mulas) are usually dealt with as a fragment of intuitionistic logic, rather than
classical logic. We do not discuss intuitionistic logic here. We just note that
intuitionistic logic is a weaker logic than classical logic, because the famous ter-
tium non datur classical logic tautology A ∨ ¬A does not hold, together with all
its consequences, of course. The reasons for restricting ourselves to intuitionistic
logic are technical. For all our purposes it is enough to say that intuitionistic
logic is the logic whose theorems are proved by system LK with the restriction
that at most one formula always appears at the right of the entailment symbol.
We preferred not to start from intuitionistic logic for two reasons: 1)
classical logic is more familiar to most people, and 2) abstract logic programming
can be defined also for logics for which the one-formula-at-the-right restriction
is not enforced, like linear logic. Sticking to intuitionistic logic allows for a
technical simplification in the operational reading of a deductive system, as we
will see later. And, of course, intuitionistic logic, although weaker than classical
logic, is still more powerful than Horn clauses and hereditary Harrop logics.

3 Abstract Logic Programming

We now informally introduce the main ideas of abstract logic programming by

means of an example, and move to a more precise presentation later on.
Consider clauses of the following form:

∀~x.((b1 ∧ · · · ∧ bh ) ⊃ a),

where ~x is a sequence of variables, h can be 0, and in this case a clause is a fact

∀~x.a. A logic programming problem may be defined as the problem of finding a
substitution σ such that
P ` (a1 ∧ · · · ∧ ak )σ
 A Tutorial on Proof Theoretic Foundations of Logic Programming 9

is provable in some formal system, where k > 0, P is a given collection of clauses

and a1 , . . . , ak are atoms. P is called the program, (a1 ∧ · · · ∧ ak ) is the goal and
σ is the answer substitution.
Let us restrict ourselves to provability in LK. Suppose that P is a multiset
of clauses which contains the clause

∀~x.((b1 ∧ · · · ∧ bh ) ⊃ a);

consider the goal (a1 ∧ · · · ∧ ak ) and suppose that σ is a unifier of a and al ,

for some l such that 1 6 l 6 k. Consider the following derivation ∆, where we
suppose that h > 0:

aσ ` al σ
wL
..
P ` (b1 ∧ · · · ∧ bh )σ .
wR wL
P ` (b1 ∧ · · · ∧ bh )σ, al σ P, aσ ` al σ
⊃L
P, ((b1 ∧ · · · ∧ bh ) ⊃ a)σ ` al σ
∀L
..
.
∀L
P, ∀~x.((b1 ∧ · · · ∧ bh ) ⊃ a) ` al σ
cL
P ` a1 σ P ` al σ P ` ak σ
∧R ··· ∧R ··· ∧R
.. .. ..
. . .
∧R .
P ` (a1 ∧ · · · ∧ ak )σ

∆ has one leaf which is an axiom (aσ ` al σ); one leaf which stands for the logic
programming problem P ` (b1 ∧ · · · ∧ bh )σ and zero or more leaves P ` ai σ, for
1 6 i 6 k and i 6= l. In the special case where h = 0 we consider the derivation
∆0 :
aσ ` al σ
wL
..
.
wL
P, aσ ` al σ
∀L
..
.
∀L
P, ∀~x.a ` al σ
cL
P ` a1 σ P ` al σ P ` ak σ
∧R · · · ∧R · · · ∧R
.. .. ..
. . .
∧R .
P ` (a1 ∧ · · · ∧ ak )σ
For both cases we can consider a special inference rule b, which we call backchain
and which stands for ∆ or ∆0 :
P ` a1 σ · · · P ` al−1 σ P ` (b1 ∧ · · · ∧ bh )σ P ` al+1 σ · · · P ` ak σ
b ,
P ` (a1 ∧ · · · ∧ ak )σ
10 Paola Bruscoli and Alessio Guglielmi

where P ` (b1 ∧ · · · ∧ bh )σ may be absent if h = 0. The rule degenerates to an

axiom when h = 0 and k = 1.
A backchain rule, when read from bottom to top, reduces one logic pro-
gramming problem to zero or more logic programming problems. Please notice
that every application of a backchain rule is associated to a substitution (in the
case above it is σ) which allows us to use an axiom leaf. We can consider each
such substitution as the answer substitution produced by the particular instance
of the b rule. It is not necessarily an mgu! Of course, the ‘best’ choice might
be an mgu, which in the first-order case is unique up to variable renaming. The
composition of all answer substitutions gives us the final answer substitution to
a particular logic programming problem.
We can look for proofs solving a logic programming problem that are
entirely built by instances of b rules. We speak of proof search space for a given
logic programming problem, and we mean a tree whose nodes are derivations,
whose root is the logic programming problem, and such that children nodes are
obtained by their fathers by adding an instance of b; every time b is applied,
the associated substitution is computed and applied to the whole derivation.
3.1 Example Consider the logic programming problem P ` p(x), where
P = {∀y.(q(y) ∧ r(y) ⊃ p(y)),
q(1),
r(1),
r(2)}.
The proof search space of proofs for this problem is shown in fig. 2. Every
branch corresponds to a possible solution, where the substitution applied to
the conclusion is the answer substitution (it is shown explicitly,  is the empty
substitution). The left and centre computations are successful, because a proof
is found at the end; the right computation instead fails: there is no proof for
the logic programming problem P ` q(2).
Infinite computations may be obtained as well, as the following example
shows.
3.2 Example Consider the logic programming problem
P ` a,
where P = {a ∧ b ⊃ a}. The search space of proofs for this problem is shown in
fig. 3.
So far, we did not define what a backchaining rule is, we only said that the
rule transforms one logic programming problem into several ones. This takes
care of an obvious intuition about the recursivity of logic programming, but it’s
not enough. Of course, given a formula to prove and a deductive system, like
LK, there are in general several ways of reducing one logic programming problem
into several others. The notions we are going to introduce address specifically
the problem of choosing which rules to use.
The next, crucial, intuition, is to consider a goal as a set of instructions
for organising a computation. For example, the goal A ∧ B, to be proven by
 A Tutorial on Proof Theoretic Foundations of Logic Programming 11

b b
P ` r(1) P ` q(1)
b b
P ` q(1) ∧ r(1) P ` q(1) ∧ r(1)
b b
P ` p(x)[y/x][x/1] P ` p(x)[y/x][x/1]

P ` r(1) P ` q(1) P ` q(2)

b b b
P ` q(1) ∧ r(1) P ` q(1) ∧ r(1) P ` q(2) ∧ r(2)
b b b
P ` p(x)[y/x][x/1] P ` p(x)[y/x][x/1] P ` p(x)[y/x][x/2]

P ` q(x) ∧ r(x)
b
P ` p(x)[y/x]

P ` p(x)

Fig. 2 Proof search space for example 3.1

..
.

P `a∧b P`b
b
P `a∧b P`b
b
P `a∧b
b
P`a

P `a∧b P`b
b
P `a∧b
b
P`a

P `a∧b
b
P`a

P`a

Fig. 3 Proof search space for example 3.2

using program P, tells the interpreter to organise the computation as the search
for a proof of A and a search for a proof of B, both by using program P. This
12 Paola Bruscoli and Alessio Guglielmi

situation is exactly what the intuitionistic version of the rule ∧R describes:

Γ `A Γ `B
∧R .
Γ `A∧B

However, given a program P and a goal A∧B, i.e., given a sequent P ` A∧B
to be proved, an interpreter based on LK has more options: it can use left rules by
operating over the program P. Clearly, this does not correspond to our intuition
as to how a logic programming interpreter should work.
In [7] the authors take a clear course of action:
1) They define what strategy for searching for proofs could correspond to
a sensible, operational notion similar to the one adopted by Prolog; this leads to
the idea of uniform proof, a uniform proof being a proof where the operational,
sensible strategy is adopted.
2) They turn their attention to the question: when does uniform prov-
ability correspond to (normal, unrestricted) provability? For the languages and
deductive systems where the two notions coincide, they speak of abstract logic
programming languages.
We devote the next two subsections to uniform proofs and abstract logic
programming languages.

3.1 Uniform Proofs

Let’s now move to a more formal presentation of these ideas. We introduce

a new sequent system, where structural rules have been eliminated, and their
‘functionality’ is included in the structure of sequents.
Sequent system MNP S, from the names of its authors Miller, Nadathur,
Pfenning and Scedrov is built on sequents of the kind

Γ ` ∆,

where Γ and ∆ are sets of formulae (and not multisets as in system LK). > and
⊥ are formulae different from atoms. Axioms and inference rules of MNP S are
shown in fig. 4. In MNP S negation is obtained through ¬A ≡ A ⊃ ⊥.
The reader should be able to relate the new system to LK, and then to
any other presentation of classical logic. The exercise is not entirely trivial, and
very useful for understanding the subtleties of the sequent calculus. However, it
is not central to this tutorial.
3.1.1 Exercise Prove that MNP S and LK are equivalent (consider > ≡ A ∨ ¬A
and ⊥ ≡ A ∧ ¬A, for example).
As we said at the end of Section 2, we are mostly interested in intuitionistic
logic, i.e., the logic produced by the deductive systems we have seen so far, in
 A Tutorial on Proof Theoretic Foundations of Logic Programming 13

Axioms
a, Γ ` ∆, a ⊥, Γ ` ∆, ⊥ Γ ` ∆, >

Left Rules Right Rules

Γ ` ∆, A B, Γ ` Θ A, Γ ` ∆, B
⊃L ⊃R
A ⊃ B, Γ ` ∆, Θ Γ ` ∆, A ⊃ B

A, B, Γ ` ∆ Γ ` ∆, A Γ ` ∆, B
∧L ∧R
A ∧ B, Γ ` ∆ Γ ` ∆, A ∧ B

A, Γ ` ∆ B, Γ ` ∆ Γ ` ∆, A Γ ` ∆, B
∨L ∨RL ∨RR
A ∨ B, Γ ` ∆ Γ ` ∆, A ∨ B Γ ` ∆, A ∨ B

A[x/t], Γ ` ∆ Γ ` ∆, A
∀L ∀R
∀x.A, Γ ` ∆ Γ ` ∆, ∀x.A

A, Γ ` ∆ Γ ` ∆, A[x/t]
∃L ∃R
∃x.A, Γ ` ∆ Γ ` ∆, ∃x.A

Γ ` ∆, ⊥
⊥R where A 6= ⊥
Γ ` ∆, A
where in ∀R and ∃L the variable x is not free in the conclusion

Fig. 4 Sequent system MNP S

the special case when every sequent contains at most one formula at the right of
the entailment symbol `. From the operational viewpoint, this makes immediate
sense, because it corresponds to always having one goal to prove.
Actually, the whole truth is more complicated than this, because, as we
said, several formulae at the right of entailment just correspond to their dis-
junction. In the case of a disjunction, the intuitionistic restriction forces an im-
mediate choice about which of the disjuncts the interpreter has to prove (check
the rule ∨R , and keep in mind that cR is not available, neither explicitly nor
implicitly). Restricting oneself to the intuitionistic case is the key to a technical
simplification in the notion of uniform provability. In cases where this simpli-
fication is not desirable, like for linear logic, one can introduce a more refined
notion of uniform provability [5, 6].
A proof in MNP S, where each sequent has a singleton set as its right-hand
side, is called an I-proof (intuitionistic proof).
A uniform proof is an I-proof in which each occurrence of a sequent whose
right-hand side contains a non-atomic formula is the lower sequent of the infer-
ence rule that introduces its top-level connective.
In other words: until a goal is not reduced to atomic form, keep reducing
it; when a goal is in atomic form, then you can use left inference rules.
3.1.2 Example In MNP S, the formula (a ∨ b) ⊃ (((a ∨ b) ⊃ ⊥) ⊃ ⊥) admits the
14 Paola Bruscoli and Alessio Guglielmi

following uniform proof:

a`a b`b
∨RL ∨RR
a `a∨b a, ⊥ ` ⊥ b`a∨b b, ⊥ ` ⊥
⊃L ⊃L
a, (a ∨ b) ⊃ ⊥ ` ⊥ b, (a ∨ b) ⊃ ⊥ ` ⊥
∨L
a ∨ b, (a ∨ b) ⊃ ⊥ ` ⊥
⊃R
a ∨ b ` ((a ∨ b) ⊃ ⊥) ⊃ ⊥
⊃R .
` (a ∨ b) ⊃ (((a ∨ b) ⊃ ⊥) ⊃ ⊥)

We can get back to our informal introduction of backchaining, and we can

note that not only does it reduce logic programming problems to further logic
programming problems, but it does so by only producing (segments of) uniform
proofs.
Now that we have the notion of uniform provability, it is time to check
its limits, namely, we should try to answer the question: Is uniform provability
enough to prove everything we can prove in unrestricted provability? The answer
is, both for classical and intuitionistic logic, no.
3.1.3 Example There is no uniform proof for ¬∀x.p(x) ⊃ ∃x.¬p(x). In fact, the
following derivation is compulsory, if we require uniformity:

p(t) ` ∀x.p(x) ⊥, p(t) ` ⊥

⊃L
¬∀x.p(x), p(t) ` ⊥
⊃R
¬∀x.p(x) ` ¬p(t)
∃R
¬∀x.p(x) ` ∃x.¬p(x)
⊃R .
` ¬∀x.p(x) ⊃ ∃x.¬p(x)

There is no proof for its left premise, being t different from x, by the proviso of
the ∀R rule.
3.1.4 Example There is no uniform proof for (a ∨ b) ⊃ (b ∨ a). In fact the
following derivation is compulsory if we require uniformity:

a`b b`b
∨L
a∨b`b
∨RR
a∨b`b∨a
⊃R .
` (a ∨ b) ⊃ (b ∨ a)

Another derivation exists, similar to this one, where the rule ∨RL is applied
instead of ∨RR .
3.1.5 Example Let A be a generic formula; the formula A ⊃ ((A ⊃ ⊥) ⊃ ⊥)
doesn’t always admit a uniform proof in MNP S, it may or may not have one,
depending on the formula A. Example 3.1.2 shows a case where a uniform proof
exists, for A = a ∨ b. If one considers A = ∀x.(p(x) ∨ q(x)) instead, there is no
way of building a uniform proof. The following derivation does not lead to a
 A Tutorial on Proof Theoretic Foundations of Logic Programming 15

uniform proof, because the premise is not provable (and the same happens if we
apply ∨RR instead of ∨RL ):

∀x.(p(x) ∨ q(x)) ` p(x)

∨RL
∀x.(p(x) ∨ q(x)) ` p(x) ∨ q(x)
∀R
∀x.(p(x) ∨ q(x)) ` ∀x.(p(x) ∨ q(x)) ∀x.(p(x) ∨ q(x)), ⊥ ` ⊥
⊃L
∀x.(p(x) ∨ q(x)), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
⊃R
∀x.(p(x) ∨ q(x)) ` (∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥
⊃R .
` ∀x.(p(x) ∨ q(x)) ⊃ ((∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥)

Choosing to proceed on a different formula on the left of the entailment symbol,

while building up the proof, doesn’t improve the situation. Modulo applicability
of ∨RR instead of ∨RL , we get the following two cases:

p(t) ∨ q(t) ` p(x)

∨RL
p(t) ∨ q(t) ` p(x) ∨ q(x)
∀R
p(t) ∨ q(t) ` ∀x.(p(x) ∨ q(x)) p(t) ∨ q(t), ⊥ ` ⊥
⊃L
p(t) ∨ q(t), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
∀L
∀x.(p(x) ∨ q(x)), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
⊃R
∀x.(p(x) ∨ q(x)) ` (∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥
⊃R ,
` ∀x.(p(x) ∨ q(x)) ⊃ ((∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥)

where the premise is not provable, no matter which term t we choose (it cannot
be t = x, of course), and

p(t) ` ∀x.(p(x) ∨ q(x)) p(t), ⊥ ` ⊥ q(t) ` ∀x.(p(x) ∨ q(x)) q(t), ⊥ ` ⊥

⊃L ⊃L
p(t), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥ q(t), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
∨L
p(t) ∨ q(t), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
∀L
∀x.(p(x) ∨ q(x)), ∀x.(p(x) ∨ q(x)) ⊃ ⊥ ` ⊥
⊃R
∀x.(p(x) ∨ q(x)) ` (∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥
⊃R ,
` ∀x.(p(x) ∨ q(x)) ⊃ ((∀x.(p(x) ∨ q(x)) ⊃ ⊥) ⊃ ⊥)

where again some premises are not provable. This exhausts all possible cases for
that specific A.
These examples tell us that the language matters as much as the deductive
system as far as uniform provability goes.

3.2 Abstract Logic Programming Languages

The question is now for which languages uniform provability and (unrestricted)
provability coincide. Several languages of goals and clauses can be defined (not
necessarily with formulae in MNP S). Also, we could consider several intuition-
istic sequent systems, different from MNP S, for which uniform provability can
16 Paola Bruscoli and Alessio Guglielmi

be contemplated. Our objective now is to define sort of a completeness notion

which allows us to say, for a particular language, that looking for uniform proofs
is equivalent to looking for proofs. Since the search for uniform proofs is compu-
tationally motivated, we have a powerful guide to assist us in the syntax-driven
definition of logic programming languages.
Consider a language D of clauses and a language G of goals, both of them
subsets of a language for which an entailment relation ` is defined; let P be a
finite set of clauses, called program; we say that hD, G, `i is an abstract logic
programming language if, whenever P ` G is provable, then there is a uniform
proof for it, for every program P and goal G.
The property of being an abstract logic programming language is usually
proved by examining the permutability relations between pairs of inference rules
in the sequent system which defines `. For example, consider the following
fragment of derivation:
B, Γ ` C
∨RL
Γ `A B, Γ ` C ∨ D
⊃L ;
A ⊃ B, Γ ` C ∨ D
it clearly cannot be part of a uniform proof. The problem can be fixed if we
permute the ⊃L and ∨RL rules, like this:
Γ `A B, Γ ` C
⊃L
A ⊃ B, Γ ` C
∨RL .
A ⊃ B, Γ ` C ∨ D
3.2.1 Example Consider goals in the set G generated by the grammar:
G := A | D ⊃ A | G ∨ G,
D := A | G ⊃ A | ∀x.D,
where A stands for any atom and D is the set of clauses. We want to define in
MNP S a backchain rule for the language considered. Remember that a backchain
rule has two properties: 1) read from bottom to top, it transforms one logic
programming problem into several ones (or zero); 2) it only produces uniform
proofs.
The most general case is the following:
P, D ` Gσ P, a0 σ, D ` a
⊃L
P, (G ⊃ a0 )σ, D ` a
∀L
..
.
P, D ` Gσ ∀L
b = P, ∀~x.(G ⊃ a0 ), D ` a ,
P ` G1 ∨ · · · ∨ Gh ⊃R
P `D⊃a
(∨RL or ∨RR )
..
.
(∨RL or ∨RR )
P ` G1 ∨ · · · ∨ Gh
 A Tutorial on Proof Theoretic Foundations of Logic Programming 17

where a0 σ = a. Special cases are

P ` Gσ P, a0 σ ` a
⊃L
P, (G ⊃ a0 )σ ` a
∀L
..
P ` Gσ .
b = ∀L
P ` G1 ∨ · · · ∨ Gh P, ∀~x.(G ⊃ a0 ) ` a
(∨RL or ∨RR )
..
.
(∨RL or ∨RR )
P ` G1 ∨ · · · ∨ Gh

and
P, a0 σ, D ` a
∀L
..
.
∀L
P, ∀~x.a0 , D ` a
b = ⊃R ,
P ` G1 ∨ · · · ∨ Gh P `D⊃a
(∨RL or ∨RR )
..
.
(∨RL or ∨RR )
P ` G1 ∨ · · · ∨ Gh
or a combination of the last two. Please observe that in the derivations above
clauses ∀~x.(G ⊃ a0 ) at the left of the entailment can be singled out thanks to the
implicit use of contraction (P is a set!).
3.2.2 Exercise Consider the following languages of goals and clauses:

G := A | D ⊃ A | G ∨ G,
D := A | G ⊃ A | ∀x.D,

where A are atoms. Prove that hD, G, `i is an abstract logic programming

language, where ` is entailment as it is defined by (the intuitionistic fragment
of) MNP S.
We now present two examples of well known languages, Horn clauses and
hereditary Harrop formulas. It is proved in [7] that both admit uniform proofs
and are, therefore, abstract logic programming languages with respect to uniform
provability in MNP S.
Horn clauses are given by:

G := > | A | G ∧ G | G ∨ G | ∃x.G,
D := A | G ⊃ A | D ∧ D | ∀x.D.

One important limitation of Horn clauses is the inability of dealing with

modules. Assume that we want to evaluate a goal, say G1 ∧ G2 , in a complex
program composed of several parts, say D0 , D1 and D2 . Then, an interpreter for
Horn clauses, as defined before, will need to evaluate the sequent D0 , D1 , D2 `
G1 ∧ G2 , or, in other words it is necessary for the entire goal to have access to
all pieces of the program since the very beginning.
18 Paola Bruscoli and Alessio Guglielmi

This is often not desirable in practice, since we might know, as program-

mers, that specific chunks of the program will exclusively be necessary to evaluate
distinct goals, for example D1 for G1 and D2 for G2 .
The language of hereditary Harrop formulas extends that of Horn clauses,
in particular by providing implication in goals, thus realising a notion of module.
Universal quantification in goals creates private variables for these modules.
Hereditary Harrop formulas are given by:
G := > | A | G ∧ G | G ∨ G | ∃x.G | ∀x.G | D ⊃ G,
D := A | G ⊃ A | D ∧ D | ∀x.D.
In this language we can better structure the information in modules, as
the following example shows.
3.2.3 Example An interpreter evaluates D0 ⊃ (∀x.(D1 ⊃ G1 ) ∧ ∀y.(D2 ⊃ G2 ))
by producing the derivation
D0 , D1 ` G1 D0 , D2 ` G2
⊃R ⊃R
D0 ` D1 ⊃ G1 D0 ` D2 ⊃ G2
∀R ∀R
D0 ` ∀x.(D1 ⊃ G1 ) D0 ` ∀y.(D2 ⊃ G2 )
∧R
D0 ` ∀x.(D1 ⊃ G1 ) ∧ ∀y.(D2 ⊃ G2 )
⊃R
` D0 ⊃ (∀x.(D1 ⊃ G1 ) ∧ ∀y.(D2 ⊃ G2 )) .
The programs D1 and D2 are now split in two different branches of the derivation,
together with the goals that are supposed to access them. Moreover, the variables
x and y are private to the modules D1 and D2 and their respective goals G1 and
G2 , thanks to the proviso of the ∀R rule.
The theory of programming languages teaches us that these abstraction
properties are very important. One can go much further than this by moving to
higher orders. There we can quantify over functions and relations, thus allowing
to define abstract data types in a very convenient way. It is beyond the scope of
this tutorial to deal with the higher order case, it should suffice to say that the
methodology shown above doesn’t need any modification and carries through
graciously. The reference paper is [8].

4 Conclusions
In this tutorial we have presented the proof theoretic perspective on logic pro-
gramming introduced by [7]. We just stuck to the basic notions and we tried to
come up with a less formal, and, hopefully, easier to understand exposition than
what is already available.
Given its introductory nature, we have been forced to leave out several new
exciting, recent developments, especially in connection to linear logic. Indeed,
the methodology of uniform proofs and abstract logic programming lends itself
naturally to applications in new logics, for new languages. Its grounds in proof
theory make it especially useful for logics whose semantics are too complicated,
or simply unavailable.
 A Tutorial on Proof Theoretic Foundations of Logic Programming 19

On the other hand, we believe that understanding this relatively new

methodology in the old, familiar playground of classical logic is the best way
of getting a feeling for it without having to invest too much time in its study.

References

[1] J. Gallier. Constructive logics. Part I: A tutorial on proof systems and typed λ-calculi.
Theoretical Computer Science, 110:249–339, 1993.
[2] G. Gentzen. Investigations into logical deduction. In M. E. Szabo, editor, The Collected
Papers of Gerhard Gentzen, pages 68–131. North-Holland, Amsterdam, 1969.
[3] D. Miller. Documentation for lambda prolog. URL:
http://www.lix.polytechnique.fr/Labo/Dale.Miller/lProlog/docs.html.
[4] D. Miller. Overview of linear logic programming. Accepted as a chapter for a book on
linear logic, edited by Thomas Ehrhard, Jean-Yves Girard, Paul Ruet, and Phil Scott.
Cambridge University Press. URL:
http://www.lix.polytechnique.fr/Labo/Dale.Miller/papers/llp.pdf.
[5] D. Miller. A multiple-conclusion meta-logic. In S. Abramsky, editor, Ninth Annual
IEEE Symp. on Logic in Computer Science, pages 272–281, Paris, July 1994.
[6] D. Miller. Forum: A multiple-conclusion specification logic. Theoretical Computer
Science, 165:201–232, 1996.
[7] D. Miller, G. Nadathur, F. Pfenning, and A. Scedrov. Uniform proofs as a foundation
for logic programming. Annals of Pure and Applied Logic, 51:125–157, 1991.
[8] G. Nadathur and D. Miller. Higher-order Horn clauses. Journal of the ACM, 37(4):777–
814, 1990.

Typeset with Xy-pic