2nd International Workshop on the Theory and Practice of Algebraic Specifications, Amsterdam 1997

We introduce computational systems to formalise the notion of rewriting directed by user deﬁned strategies. This provides a semantics for ELAN , an environment dedicated to prototype, experiment and study the combination of different deduction systems for constraint solving, theorem proving and logic programming paradigms. Formally, a computational system can be represented as a rewrite theory in rewriting logic together with a notion of strategy to select relevant computations. We show how conveniently the strategies can also be speciﬁed using again computational systems. Several non-trivial examples of strategy description are described including a search space library and its use for solving problems like game winning strategies.


Introduction
ELAN is an environment dedicated to prototype, experiment and study the combination of different deduction systems for constraint solving, theorem proving and logic programming paradigms.Its evaluation mechanism is rewriting, whose elegance and expressiveness as a computational paradigm are no more to be stressed as evidenced by systems like ASF+SDF [Kli93] or OBJ3 [GKK + 87].Less evident is the difficulty that comes from the absence of explicit control mechanism over rewriting.In many existing rewriting-based languages or systems, the term reduction strategy is hard-wired and is not accessible to the designer of an application.Indeed controlling rewriting is a fundamental issue as soon as one wants to use rewriting as a specification language.We show in this paper how the control can itself be specified using rewriting.
The ELAN language is based on the concept of computational systems [KKV95, Vit94, BKK + 96b] given by a signature providing the syntax, a set of conditional rewrite rules describing the deduction mechanism, and a strategy to guide application of rewrite rules.Formally, this is a rewrite theory in rewriting logic [Mes92], [MOM93a], together with a notion of strategy to select relevant computations.Each ELAN module defines its own signature, labelled rewrite rules and strategies.ELAN is implemented in C++.
We first show in Section 2 how non-deterministic computations are handled in ELAN and combined with deterministic ones.Then Section 3 describes the strategy language of ELAN which provides some predefined primitives and the possibility for the user to define his own strategies in a very flexible way using the same paradigm of rewriting.For instance the user may want to develop his own search space library and use it for solving different problems.This is illustrated in Section 4. The conclusion addresses some further research perspectives.

Evaluation with rules and strategies
ELAN is a system for prototyping non-deterministic computations thanks to rules and strategies.An ELAN program is composed of a signature part describing operators with their types, a set of rules and a set of strategies.Strategies Theory and Practice of Algebraic Specifications ASF+SDF'97 is one of the main originality of ELAN compared to other algebraic specification languages based on rewriting.A strategy is a way to describe which computations the user is interested in, and specifies where a given rule should be applied in the term to be reduced.We describe informally here the evaluation mechanism and how it deals with rewrite rules and strategies.
Rules are labelled conditional rewrite rules with local variable affectations ` : l r if v where y := S u `is the rule label, l and r the respective left and right-hand sides, v the condition and y := S u a local affectation, assigning to the local variable y the result of the strategy S applied to the term u.
For applying such a rule on a term t, say at top position, first l is matched against t, using if necessary, associative commutative matching (if some operators in the signature are declared as associative and commutative).Then the expressions in where and if parts, instantiated with the matching substitution, are evaluated in order.When there is no failure, this usually instantiates the local variables (such as y) in where expressions, and this extends the matching substitution.When every condition is satisfied, the replacement by the instantiated left-hand side is performed.Indeed the power of this mechanism comes from the fact that where expressions may invoke strategy evaluation.Application of a rewrite rule in ELAN yields, in general, several results.This is first due to equational matching (for instance AC-matching) and second to the where assignment, since it may itself return several possible assignments for variables, due to the use of strategies.When a rewrite rule or a strategy returns an empty set of terms, we say that it fails.
Thus the language provides a way to handle this non-determinism.This is done using a few basic strategy operators: first (or dc) standing for first non-failing result, and dk standing for dont know choose.For a rewrite rule ` : l r the strategy first(`) returns the first non-failing result of the application of the rule.On the contrary, if the `rule is applied using the dk(`) strategy, then all possible results are computed and returned by the strategy.
The implementation handles these several results by an appropriate back-chaining operation.This is extended to the application of several rules: the dk strategy results in the application of all substrategies and yields the concatenation of all results; the application of the first strategy returns the set of results of the first non-failing rule application.If all sub-strategies fail, then it fails too, i.e. it yields the empty set.
Strategies can be described using dk and first operators, a concatenation operator ;, as well as with the elementary strategies that are rule labels and the strategies fail for failure, and id for identity.Iterators are also provided and user defined strategies operators as well as their semantics can be expressed in the language.This is done using rewriting itself as detailed in the next section.

The strategy language
We are now describing how strategies can be specified using rewriting itself.This is done at two levels.First, the user defined strategies are specified using rewrite rules that can themselves be controlled by (meta) strategies.Second, the operational semantics of the strategy language is also defined as a rewrite theory with strategy, making the whole language description supported by the single concept of computational system.
We are using in this section the basic notions of rewriting logic and of proof terms.Our notations are consistent with the ones of [KKV95,Mes92,MOM93b].
The notion of strategy as subset of proof terms of a rewrite theory was proposed in [KKV95,Vit94].The set of (closed) proof terms is defined as the set of terms T F L f ;g built on function symbols F of the rewrite theory, labels L and the symbol ';' standing for concatenation.The symbol : is defined on T F T F and : t t 0 means that there is a chain of rewrite steps from the term t to the term t 0 encoded by the proof term .It is easy to see that for each proof term 2 , the sets: dom = f t j 9 t 0 s:t: : t t 0 g and cod = f t 0 j 9 t s:t: : t t 0 g are either both singletons or both empty.Thus, we can also define a partial function : T F 7 !T F, such that t = t 0 when dom = f t g and cod = f t 0 g .A strategy S is defined as a subset of .The definition of the symbol : is extended to strategies as follows: S : t t 0 if there exists 2 S; such that : t t 0 and S t = ft 0 j 2 S; : t t 0 g: The definition of domain can be extended too: domS = f t j 9 t 0 2 T F ; 9 2 S; s:t: : t t 0 g : An arbitrary strategy S could be very complicated or irregular from the computational point of view (for instance a non-recursive set).This is why we concentrate on describing special subclasses of strategies and define two subclasses of general strategies, called elementary and defined strategies whose operational semantics are given using rewriting logic.The main difference between these two classes is that elementary strategies are predefined in ELAN while defined strategies are user-definable, and may be recursive, parameterised and typed as well.

Elementary strategies
The first step is the construction of elementary strategies, where an elementary strategy S is an element of the set of terms T F L f ; ; id; dc; dk; rst; failg.Roughly speaking, elementary strategies represent non-recursive nondeterministic computations.We already introduced the strategy operators ; ; dc; dk; rst; fail; id.In addition, lS 1 ; : : : ; S n corresponds to an application of a rewrite rule labelled by `2 L , which also applies substrategies S i on values of variables x i after matching and before replacing the matched subterm by the instantiated right-hand side of the rewrite rule.fS 1 ; : : : ; S n is an application of substrategies S i to subterms t i of the term ft 1 ; : : : ; t n with root The description of operational semantics of elementary strategies is achieved through the definition of an interpreter described by labeled rewrite rules, given in this volume (see [BK97]).
Elementary strategies can be given sorts, based on the set of sorts S defined in the user's rewrite theory.This introduces new strategy sorts hs 0 7 !s 00 i for the sort of all elementary strategies transforming terms of sort s 0 into terms of sort s 00 .

Defined strategies
The goal is now to be able to define new strategies by rewrite rules.Let us take the very easy example of map, that can be defined by a strategy rewrite rule in the following way: mapS dcnil; S : mapS 1 The right-hand side of this definition means that whenever the strategy map with an argument S (i.e.mapS) is applied to a term t, either t is nil, or the strategy S is applied on the head of t (i.e.t should be a non-empty list) and mapS is further applied on the tail of t.
This strategy definition can be formulated also using the strategy application symbol : mapS nil nil 2 mapS a:as S a: mapS as The difference relies on the fact that a list, which the functional map is applied on, is an explicit argument in the second (or third) definition, while in the first one, it is implicit.
Rule 1 applied without care may lead to infinite computations, for example when taking a left-most inner-most reduction strategy.This justifies the concept of meta-strategies, i.e. strategies which control the execution by rewriting of defined strategies.Such a strategy can be either constructed by enriching the strategy interpreter, or explicitly defined by the user from labelled rules on strategies.
A rule like mapS dcnil; S : mapS defines recursively the strategy map.Indeed other rules involving map can be written, to express in particular some equivalence on defined strategies, for instance the distributivity of map on the concatenation ; or its application on the identity: mapS 1 ; mapS 2 mapS 1 ; S 2 mapid id Moreover, properties of strategies can be described by rewrite rules such as: id ; S S S ; id S rstS; S S dkS; S S In ELAN, a strategy definition is given by: A set of strategy symbols F D with signatures: d : s 1 ; : : : ; s n h s 0 7 !s 00 i where s 1 ; : : : ; s n are strategy sorts of the arguments, and hs 0 7 !s 00 i is the sort of the result.
A finite set of rewrite rules: -either in an implicit form dS 1 ; : : : ; S n S -or in an explicit form dS 1 ; : : : ; S n x S x: where d 2 F D , S i for i = 1 ; : : : ; nare elementary strategies, x : s 0 is a new variable in X , S is a term built from defined strategy symbols, elementary strategy symbols, rule labels and variables.
The interpreter for elementary strategies is expanded in both cases of the previous definition with new rules, labelled with DSTR: DSTR dS 1 ; : : : ; S n x S x Different evaluation modes for strategy application are offered via different possibilities for labels.A rewrite rule on strategy labelled by is applied just as unlabelled rules on terms in an innermost-outermost way.A rewrite rule on strategy labelled by the special label is applied in a lazy way using the built-in strategy of the interpreter of strategies, described in [BK97].A rewrite rule on strategy labelled by ` is applied just as labelled rules on terms with a user-defined strategy built from these labels.
Example 1 The definition of the strategy map is for instance given by the definition of the strategy symbol map : h s 7 !sihlist s 7 !list s i and by the rule mapS dcnil; S mapS; where S : hs 7 !si and s 2 S .The following rule: DSTR List list s mapS x dcnil; S mapS x is added to the strategy evaluator.
This way of expressing strategies is extremely powerful and can be used for defining simple strategies like the following ones, where the variables in use have the sorts: x : hs 7 !si; x s: h list s 7 !list s i; y s: h u 7 !vi.
iterate : hs 7 !sihs 7 !si iteratex dkx; iteratex; id repeat : hs 7 !sihs 7 !si repeatx rstx; repeatx; id map1 : h s 7 !sihlist s 7 !list s i map1x rstnil; x map1x map2 : h list s 7 !list s ihlist s 7 !list s i map2nil nil map2x:xs x map2xs The iterate strategy differs from repeat in a such way that it returns all intermediate forms during the normalisation of a term by the application of a strategy x, while repeat returns only the last one (i.e.normal form).The strategy map1 applies a fixed strategy x on all elements of a list and produces a new list of transformed elements.The strategy map2 is driven by a list of strategies which are respectively applied to elements of a list of same length.

A search space library
Describing deduction processes is very convenient using computational systems which have indeed been created for this purpose.In the earlier version of the ELAN language, strategy definition was only possible using nullary strategy operators.This was already quite powerful and we have used this first version of the system to describe (and execute) several non-trivial computational systems.In particular, we have shown in [KM95] how saturation-based theorem provers like completion can be easily and efficiently implemented using rewrite rules and strategies.We have also implemented a mechanical theorem prover for first-order predicate calculus [BKK96a] and more recently the predicate prover of the B system [CK97].
We are now using the full power of user defined strategies for specifying a strategy library that provides primitives for depth-first search in a computation tree.Two natural applications of this strategy library are examples of a winning strategy for a tic-tac-toe game, and a guided strategy helping to find out a path (or, all paths) towards an exit of a labyrinth.
The strategy library supports four primitives for depth-first search.The current situation of the partially discovered search tree is represented by a path from the initial state (the root of the tree) to the current state (the left-most leaf).It also remembers all possible alternatives (or, choice points) met along this path.Each step of the path is represented by a list of states, where its head is the currently chosen state, and the rest represents all non-explored alternative states.The limitation of this approach is that the number of successive (alternative) states of any state should be finite, i.e. the search tree has a finite degree.Each step of the path is a list of states, thus, the whole path could be naturally represented as list list state .This sort also describes the current situation during the depth-first search in this tree.We define four primitive strategies over the sort list list state , which develop and maintain this search tree.Their intended semantics are the following: callS applies the strategy S on the current state, where S is a strategy transforming a state into a state, i.e. of the sort hstate 7 !statei.All possible results of this application, if there are any, are formed into a new step (level) attached to the current path.
next throws away the current state and continues searching with the next possibility of the previous step (the latest choice-point).
exit leaves the current state ignoring all alternatives and it returns the control to the previous step of the current path.
cut eliminates all alternative states of the latest step.
For better understanding the definitions in Figure 1, let us recall that on the left-hand sides, the variable state represents the current state, the variable level represents all alternatives of the current state, i.e. state:level : list state is one step of the path, where the others steps are recorded in the variable space.The only non-trivial strategy among the four primitives is the strategy callS, which uses the function symbol set of to collect all results of an application of a strategy S.

Tic-tac-toe game
The use of the depth-first search library is illustrated by the definition of a game winning strategy for a simple game with a finite search space.The solution described below is split into game-dependent and independent parts.The gameindependent part does not rely on rules of a particular game.These particularities are hidden in the game-dependent kernel.
The particular game chosen for this example is the tic-tac-toe game with the play-board of the size 3 3.Two players with different signs alternatively put one sign on the board.The winner is the player who succeeds in having 3 signs in a same column, row, or diagonal.
The game-dependent part defines the state (Figure 2) as a pair encoding in its first component the next player f next player's sign g j@,@,@j, f playboard : 1,st row g j@,@,@j, f playboard : 2,nd row g j@,@,@j f playboard : 3,rd row g : ( Sign Sign Sign Sign Sign Sign Sign Sign Sign Sign ) state; end Figure 2: A state of tic-tac-toe game and in its second component the play-board.There are three basic strategies win, putrow; column, moves, all of the sort hstate 7 !statei.nxt is a function that switches players.Their definitions are given in a straightforward exhaustive way, thus, we show only a small part of them in Figure 3.
The strategy win : hstate 7 !statei tries to put the last sign and to win the game.It fails, if there is no correct winning move.The deterministic strategy putrow; column puts the sign on the field with coordinates row and column, if it is possible.The non-deterministic strategy moves generates all possible moves (according to the game rules) from the current situation.
The game-independent part specifies the winning strategy movetowin using an auxiliary strategy findloosing in Figure 4.The strategy movetowin, first of all, tries to apply the basic strategy winsearching a winning move.This application is realised by calling the library primitive callwin.It succeeds if there is a winning move.Otherwise, the strategy movetowin produces the set of all possible moves by callmoves.These successive possibilities are filtered by the strategy findloosing removing all winning configurations of the adversary.If there is at least one possible move such that the adversary's configuration is not winning, the strategy findloosing succeeds, and all alternative Theory and Practice of Algebraic Specifications ASF+SDF'97  Otherwise, the strategy findloosing fails, and movetowin fails also.These two mutually recursive strategies represent the kernel of the game-independent part.The winning strategy movetowin may be encapsulated by a strategy guess, which either proposes to the player a winning move, or, if there is no winning move, proposes one of the non-winning configuration chosen with an heuristic strategy.The strategy heuristic saying what to do if we are not in a winning configuration, depends on the particular game and some defensive tactic.When no specific heuristic is proposed, it can be replaced by the strategy id. Figure 5 illustrates the use of these strategies on a small game session.With a similar encoding of the game state and rules, we can also specify other games, such as the nim-game in [CELM96].

Labyrinths
Another application of our strategy library is a definition of a strategy helping to find out an exit from a labyrinth.An alternative re-formulation of this problem could be to find a path (or, all paths) between two nodes of a graph.As in the previous section, we split the solution into a part dependent on the labyrinth and an independent one.
The dependent part contains a specification of a state, which is a pair of coordinates, and a definition of four basic moves in the labyrinth.They are realized as state transforming strategies left; right; up; down of sort hstate 7 !statei such that these strategies fail, if some movement in a given state is not possible (because of a wall).All exits of the labyrinth are specified by a strategy exitable, which fails, if the current state has 'no exit doors'.Otherwise, it is equivalent to the identity strategy.

Conclusion
The definition of the strategy language described in this paper is related to a view of strategies in reflective logics (in particular, rewriting logic) developed in [CM96].From this point of view, the strategy language described here can be classified as an internal strategy language, whose semantics and implementation are described in the same logic, while the strategy language available in the first distribution of ELAN and described in [Vit94,Vit96] as a built-in one.
Another question which comes with the reflective approach is how to control computation at the meta-level.
Theory and Practice of Algebraic Specifications ASF+SDF'97  Roughly speaking, there are two levels of rewriting: the object (or first-order term) level, and the meta-level that controls the object-level.The first solution is that the meta-level computation (i.e. the evaluation of strategies) is controlled by a built-in strategy.But computation at the meta-level can also be controlled by meta-strategies.Using a reflective logic allows using the same formalism at all levels, which might be viewed as an advantage of a reflective approach.
From the specification point of view, writting programs in ELAN forces to think about the actions and their control in the same unified way, thus enforcing an equation of the form "Program = Logic + Control Logic".What needs to be done is to develop a methodological way to construct program in this way in order to facilitate the use of these concepts by programmers.
The capability offered by this definition of strategies by rewrite rules leads also to a new approach to strategies compilation.This is a promising direction of our current research.

Figure 4 :
Figure 4: A winning strategy