Introduction, First-Order Logic · Automated Theorem Proving DAT235 Introduction, First-Order Logic...

Automated Theorem ProvingDAT235

Introduction, First-Order Logic

Reiner Hahnle

Department of Computer Science and EngineeringChalmers University of Technology

31 August 2010

Hahnle ATP DAT235: Prerequisites 100831 1 / 60

Organisational Stuff

Course Home Page

http://www.cse.chalmers.se/edu/course/DAT235/

Google News Group

I Sign up via course home page (follow News link) or:

http://groups.google.com/group/atp10

Give your real name and person number for validation

I Changes, updates, questions, discussions

Passing Criteria

I Oral exam or project/presentation, see course web page





Course Home Page


Google News Group

I Sign up via course home page (follow News link) or:


Give your real name and person number for validation

I Changes, updates, questions, discussions

Passing Criteria

I Oral exam or project/presentation, see course web page2010-09-09

Hahnle ATP DAT235

Organisation


1. Oral examination during exam week on Monday, 18 October. Oralexaminations are taken by appointment and individually. Each oral examtakes about 30 minutes.

2. You may also suggest a small project with relevance to the course andpresent the results in a 20–30 mins talk. If you want to do this, it isessential to contact me as early as possible to obtain my agreement withscope and topic. If possible, the presentations should take place on 18October.

3. Alternatively, you can read a chapter in the HBAR and give a 20-30 minstalk about the highlights. Excluded are Chapters 2 and 3 which are used asa basis for this course and the chapters on history of ATP. Again, contactme as soon as possible to avoid double bookings. If possible, thepresentations should take place on 18 October.



Structure

Course Structure, see also course web page

Topic Lectures Week

Prerequisites 1–3 35–36

Simple Tableaux 4 37

Proof Procedures 5 38

Advanced Tableaux 6–7 38–39

Simple Resolution 8 40

Advanced Resolution 9 41

SAT and SMT solving 10 41

Exam w42, 18 October 2010


Course Literature

[1] Melvin C. Fitting.First-Order Logic and Automated Theorem Proving.Springer-Verlag, New York, second edition, 1996.

[2] John Harrison.Handbook of Practical Logic and Automated Reasoning.Cambridge University Press, 2009.

[3] Alan Robinson and Andrei Voronkov, editors.Handbook of Automated Reasoning.Elsevier Science B.V., 2001.

[4] Leo Bachmair and Harald Ganzinger.Resolution theorem proving.In Robinson and Voronkov, chapter 2, pages 19–99.

[5] Reiner Hahnle.Tableaux and related methods.In Robinson and Voronkov, chapter 3, pages 101–178.


Course Literature

[1] Melvin C. Fitting.First-Order Logic and Automated Theorem Proving.Springer-Verlag, New York, second edition, 1996.

[2] John Harrison.Handbook of Practical Logic and Automated Reasoning.Cambridge University Press, 2009.

[3] Alan Robinson and Andrei Voronkov, editors.Handbook of Automated Reasoning.Elsevier Science B.V., 2001.

[4] Leo Bachmair and Harald Ganzinger.Resolution theorem proving.In Robinson and Voronkov, chapter 2, pages 19–99.

[5] Reiner Hahnle.Tableaux and related methods.In Robinson and Voronkov, chapter 3, pages 101–178.2

010-09-09

Hahnle ATP DAT235

Organisation

Course Literature

1. Suitable as an introduction into the prerequisites part (first 3 lectures) ofthe course. The book is out of print, but there is a copy in the liberary andI have one myself. All concepts are illustrated by Prolog implementations.

2. Like Fitting’s book, this is covers the prerequisites of the course. It is awell-written, thorough (perhaps a slightly verbose) step-by-step intro intoall underlying concepts of ATP. Everything is illustrated with MLimplementations.Available as an e-book from Chalmers library.

3. Collection of in-depth, state-of-art treatments of a comprehensive subjectlist in ATP. Each chapter is usually written by the top experts for the area.Hard copies are available at CTH library and my office. An e-version isavailable via CTH library from ScienceDirect.

4. This is used as a basis for the lectures on Resolution.5. This is used as a basis for the lectures on Tableaux.

Exercises

Exercises

I Will be given on the slides as we go along

I Can also be found, with some additions, on the course web pageI No resources for grading, but:

I Feel free to discuss solution in Google group (add spoiler alert)I You can always ask me in the breaks/after the lectures

I Exercises strongly recommended to ensure understanding

I Some exercise questions asked in similar form in oral exam


Course Evaluation

Web questionnaire after the course


A Framework for Automated Deduction

Natural languageMathematical problemsProgram + specification

Syntax (formal language)first-order logic

temporal logic, etc.

Valid Expressions Provable Expressions

formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness

Modeling AutomatedDeduction







formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness


2010-09-09

Hahnle ATP DAT235

Framework


1. Real phenomena are formalised, i.e., expressed using a formal language.2. As usual, the definition of that formal language is called syntax.3. In the case of software verification, formalisation is comparatively easy as

the problem is already given in a formal language.4. For natural language, formalisation is much more difficult. Mathematics is

somewhere in between.






formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness

Modeling

AutomatedDeduction







formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness

Modeling

AutomatedDeduction

2010-09-09

Hahnle ATP DAT235

Framework


1. Formulas are assigned a semantics using a truth function. Using thesemantics, the adequacy of the formalisation can be checked. This processis called modelling.

2. Syntax + semantics = logic3. When modelling has been done, the provability of formulas implies the

corresponding real phenomenon is true (provided that the formalisation isadequate and up to the realized degree of granularity).

4. The truth function may not be computable.5. Valid means: true in all models (not just satisfiable).






formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness








formalization

Semantic

s

(truth

funct

ion)Calculus

(derivation)

Soundness

Completeness


2010-09-09

Hahnle ATP DAT235

Framework


1. For many logics, the truth function can be characterised (or approximated)using a derivation relation that is sound and complete.

2. The process of finding a derivation is called deduction; the derivation rulesare called a calculus. If the deduction is done automatically, we call thisAutomated Deduction or ATP.

3. Searching for a derivation means searching in large search spaces; efficiencyof the deduction process is therefore of great importance.

4. This frame is shorter than the modelling frame on the last slide. ATPtraditionally does not incorporate the modelled domain.

5. This led to the assumption in the 1960s that it may be possible toconstruct a general problem solver. However, all attempts to do that failed.

6. More recently it became clear that different formalizations have a strongimpact on performance, but this is still a much under-researched area.

Research in Automated Theorem Proving

Proof TheoryI Meta results

about logicsand calculi

CalculiI Complete

and soundsets ofproof rules

I Optimizedproof rules

Implementation

I Proofprocedures

I Proof repre-sentations

I Datastructures

ApplicationsI Software

verification

I Hardwareverification

I Test casegeneration

I Automatedbug finding

I Semanticweb

I Pure math-ematics


Why First-Order Predicate Logic?

Logics that are less expressive than FOL

propositional logic

propositional temporal logic

propositional modal logic

Expressiveness vs. Automation/Performance

Logics that are more expressive than FOL

higher-order predicate logic

first-order temporal logic

program logics (f.o. dynamic logic, f.o. µ-calculus)



Logics that are less expressive than FOL

propositional logic

propositional temporal logic

propositional modal logic

Expressiveness vs. Automation/Performance

Logics that are more expressive than FOL

higher-order predicate logic

first-order temporal logic

program logics (f.o. dynamic logic, f.o. µ-calculus)

2010-09-09

Hahnle ATP DAT235

Framework


1. First-order predicate logic is the most expressive logic for which AD worksreasonably well, i.e., interesting theorems can be deduced automatically.

2. Of course, AD in the less expressive logics is easier. Therefore, if possible,modelling should be done in these less expressive logics.

3. They are often decidable and AD in particular logics are own areas ofresearch (CTL/model checking, PropLog/SAT). However, much of what issaid in this course holds for AD in these logics as well.

4. The more expressive logics can only to a certain extent be handledautomatically. The design of good interactive systems with a good userinterface etc. is important in that area.

5. Nevertheless AD techniques can be used to increase the degree ofautomatisation of these interactive deduction systems. All competitiveinteractive provers incorporate ATPs.

Why First-Order Predicate Logic? More Arguments

FOL is very well understood and can be restricted as well as extended:

I Syntactically simpler fragments can be decidable

I Extensions can increase expressivity

Bernays-Schonfinkel prefix class ∃∗∀∗Range-restricted (guarded) first-order logic

First-order logic with reachability

First-order logic

Well-understood and efficient FOL ATP algorithms can be modified


Potted History of AD

-1950 Proof-theory (basis of AD) by Skolem, Herbrand, Gentzen1954 First machine-generated proof1955ff Semantic tableaux (Beth, Hintikka)1958 First prover for first-order logic (Prawitz)1960 Davis-Putnam-Logeman-Loveland procedure1963 Term unification (J. A. Robinson)1963ff Resolution, inverse method (Maslov)1963ff Modern tableaux (Smullyan, Lis)1968 Model elimination (Loveland)1971ff Connection method (Bibel), Matings (Andrews)1970ff Prolog, Refinements of resolution1985ff Deduction in non-classical logics, Renaissance of tableaux methods1987 Tableaux with unification1988ff Saturation calculi FOL w/ equality, Term indexing1990ff “Hybrid”, instance-based inference methods2005ff SMT (“Satisfiability modulo theories”) solvers


Organisation

Framework

History

First-Order LogicSyntaxSubstitutionsUnificationSemanticsFormalisationMeta ResultsNormal Form


Syntax of First-Order Logic

Definition (First-order signature)

Σ = 〈FΣ,PΣ〉, where FΣ, PΣ non-empty, disjoint, countable sets offunction/predicate symbols

I Each element FΣ ∪ PΣ has non-negative arity

I 0-ary function symbols called constant (term)

I Var is infinite set of object or individual variables

Example

Σ≤ = 〈{0, 1, 2, . . . , a, b, f }, {in iv, leq}〉,

a, b, 0, 1, 2, . . . are 0-ary (constants)f is unaryleq is binary — allow concrete syntax · ≤ ·in iv is ternary — allow concrete syntax · ∈ [· , ·]








Example

Σ≤ = 〈{0, 1, 2, . . . , a, b, f }, {in iv, leq}〉,


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax


The signature of a logic is similar as the signature of a program: predicatesymbols correspond to boolean methods and function symbols to others.

There are important differences, though: logic predicates and functions

never have side effects. In our simple version of FOL we also have no

types: functions can be arbitarily composed. Only boolean predicates

have a special syntactic role.







Example

Σ≤ = 〈{0, 1, 2, . . . , a, b, f }, {in iv, leq}〉,



Syntax of First-Order Logic Cont’d

Definition (Sets of Terms TΣ and Atoms AΣ over Σ)

Inductive definition

1. Var ⊆ TΣ

2. If t1, . . . , tn ∈ TΣ, f ∈ FΣ n-ary, then f (t1, . . . , tn) ∈ TΣ

3. If t1, . . . , tn ∈ TΣ, p ∈ PΣ n-ary, then p(t1, . . . , tn) ∈ AΣ

I A variable-free term (atom) is called ground term (atom)

I T 0Σ (A0

Σ) is the set of all ground terms (atoms) over Σ

Example

f (x), f (f (0)) ∈ TΣ≤

a, f (f (0)) ∈ T 0Σ≤

a ≤ f (b), 3 ∈ [f (2), 4] ∈ A0Σ≤



Definition (Sets of Terms TΣ and Atoms AΣ over Σ)

Inductive definition

1. Var ⊆ TΣ

2. If t1, . . . , tn ∈ TΣ, f ∈ FΣ n-ary, then f (t1, . . . , tn) ∈ TΣ

3. If t1, . . . , tn ∈ TΣ, p ∈ PΣ n-ary, then p(t1, . . . , tn) ∈ AΣ

I A variable-free term (atom) is called ground term (atom)

I T 0Σ (A0

Σ) is the set of all ground terms (atoms) over Σ

Example

f (x), f (f (0)) ∈ TΣ≤

a, f (f (0)) ∈ T 0Σ≤

a ≤ f (b), 3 ∈ [f (2), 4] ∈ A0Σ≤

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax


1. “Inductive definition” means that we mean the smallest set of objects thatsatisfies the generation principle.

2. In other words, no non-standard objects like cyclic terms or terms over alarger signature.

3. When it is obvious “Inductive definition” not added explicitly.


I true, false are logical constantsI ∨, ∧, ¬ are connectivesI ∀, ∃ are quantifiers

Definition (First-order formulas LΣ over Σ)

1. true, false ∈ LΣ

2. AΣ ⊂ LΣ

3. If ϕ ∈ LΣ then ¬ϕ ∈ LΣ

4. If ϕ1, . . . , ϕn ∈ LΣ, n ≥ 2, ϕi no disjunction, then(ϕ1 ∨ · · · ∨ ϕn) ∈ LΣ is disjunctionIf ϕ1, . . . , ϕn ∈ LΣ, n ≥ 2, ϕi no conjunction, then(ϕ1 ∧ · · · ∧ ϕn) ∈ LΣ is conjunction

5. If ϕ ∈ LΣ, x ∈ Var then (∀x)ϕ ∈ LΣ, (∃x)ϕ ∈ LΣ

ϕ is scope of quantifier ∀x , resp., ∃xAny occurrence of x in ϕ is called bound



I true, false are logical constantsI ∨, ∧, ¬ are connectivesI ∀, ∃ are quantifiers

Definition (First-order formulas LΣ over Σ)

1. true, false ∈ LΣ

2. AΣ ⊂ LΣ

3. If ϕ ∈ LΣ then ¬ϕ ∈ LΣ

4. If ϕ1, . . . , ϕn ∈ LΣ, n ≥ 2, ϕi no disjunction, then(ϕ1 ∨ · · · ∨ ϕn) ∈ LΣ is disjunctionIf ϕ1, . . . , ϕn ∈ LΣ, n ≥ 2, ϕi no conjunction, then(ϕ1 ∧ · · · ∧ ϕn) ∈ LΣ is conjunction

5. If ϕ ∈ LΣ, x ∈ Var then (∀x)ϕ ∈ LΣ, (∃x)ϕ ∈ LΣ

ϕ is scope of quantifier ∀x , resp., ∃xAny occurrence of x in ϕ is called bound

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax


1. Traditional short-hand symbols used instead of Java/JML-style.2. Strictly speaking we have families of disjunctions and conjunctions for all

arities > 1, but we use the same symbol for all of them. It is no restrictionto exclude nested disjunctions and conjunctions, because these operatorsare associative.

3. Analogy between quantifed formulas and local variable declarations.4. Scope is smallest formula following the variable declaration

Use brackets when scope needs to be extended.

Syntax Example

“Sticks and stones may break your bones,but words will never hurt”

Signature

I weapon, word, hurts unary predicate symbols

I stone, stick, blockhead constants

Formula that expresses the proverb

(∀ x)(weapon(x)→ hurts(x)) ∧(∀ x)(word(x)→ ¬hurts(x)) ∧weapon(stick) ∧ weapon(stone) ∧ word(blockhead)

Note efficiency of the formalization :-)


Syntax Example

“Sticks and stones may break your bones,but words will never hurt”

Signature

I weapon, word, hurts unary predicate symbols

I stone, stick, blockhead constants

Formula that expresses the proverb


Note efficiency of the formalization :-)

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax

Syntax Example

1. Efficiency: subsumed sticks and stones under category “weapon” to avoidrepetition.

2. It is not necessary to give a concrete instance of the predicate word.


Definition (Free variable, Sentence)

Occurrence of variable x in a formula is free when:

I occurrence of x not bound

I occurrence of x not of the form (∀x) or (∃x)

ϕ ∈ LΣ is a sentence if it has no free variable occurrences;

aka closed formula

Can assume variables don’t occur bound and free:

Replace (∀x , y)p(y , z) ∨ (∃w)q(w , y)

with (∀x , y ′)p(y ′, z) ∨ (∃w)q(w , y)

Renaming of bound variables aka α-conversionConvention: use caps for free variable occurrences



Definition (Free variable, Sentence)

Occurrence of variable x in a formula is free when:

I occurrence of x not bound

I occurrence of x not of the form (∀x) or (∃x)

ϕ ∈ LΣ is a sentence if it has no free variable occurrences;

aka closed formula

Can assume variables don’t occur bound and free:

Replace (∀x , y)p(y , z) ∨ (∃w)q(w , y)

with (∀x , y ′)p(y ′, z) ∨ (∃w)q(w , y)

Renaming of bound variables aka α-conversionConvention: use caps for free variable occurrences

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax


1. Can even assume that variables occur either bound or free or not at all:

Replace (∀x)p

with p


Definition (Literals)

Formulas of the form ¬p, p, where p ∈ AΣ, are literalsAtoms are positive literals, negated atoms negative literals

Abbreviations

I Write (∀x1, . . . , xn)ϕ for (∀x1) · · · (∀xn)ϕ, similar for ∃I ϕ→ ψ for ¬ϕ ∨ ψI ϕ↔ ψ for (ϕ ∧ ψ) ∨ (¬ϕ ∧ ¬ψ)

Example

¬

∈AΣ≤︷︸︸︷Y ≤ X→ (∃z)

scope of ∃z︷︸︸︷(¬z ≤ X ∧ ¬Y ≤ z)

¬Y ≤ X is a (negative) literal

(∀x , y)(¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)) is a sentence — Semantics?



Definition (Ground, Size)

A formula w/o variable occurrences is ground (implies quantifier-free).

The size of a formula is its length as a string.

I When parsing formulas use precedence: quantifiers > ∧ > ∨ > →I Can use brackets, but omit when unambiguous

Definition (Subformula)

If a formula is fully bracketed, then a subformula is any substring that isitself a formula.

Definition (Complement)

The complement of a formula ϕ is ϕ =

{ψ if ϕ of the form ¬ψ¬ϕ otherwise



Definition (Ground, Size)

A formula w/o variable occurrences is ground (implies quantifier-free).

The size of a formula is its length as a string.

I When parsing formulas use precedence: quantifiers > ∧ > ∨ > →I Can use brackets, but omit when unambiguous

Definition (Subformula)

If a formula is fully bracketed, then a subformula is any substring that isitself a formula.

Definition (Complement)

The complement of a formula ϕ is ϕ =

{ψ if ϕ of the form ¬ψ¬ϕ otherwise

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Syntax


1. If a formula is not fully bracketed, then the subformula definition can giveunwanted results:

In (∀ x)p(x) ∧ q only p(x) is a subformula, but the above definition wouldalso admit p(x) ∧ q.

Where is Propositional Logic?

Obtain propositional logic as special case of FOL

A first-order formula is called propositional when

I it is ground (no variables, no quantifiers)

I it contains no function symbols

Consequence: only 0-ary predicate symbols

Example

p ∧ (q ∨ ¬r) is propositional, but not p(a), p(X )


Substitutions

Definition (Substitution)

Substitution is mapping σ : Var→ TΣ

Substitution domain dm(σ) = {x ∈ Var | σ(x) 6= x}Substitution range rg(σ): vars in

⋃x∈dm(σ){σ(x)}

For substitution w/ finite domain {x1, . . . , xn}: {x1/σ(x1), . . . , xn/σ(xn)}

Definition (Extension of σ to terms and (sets of) formulas)

I σ(s) = s, s 0-ary function or predicate symbol

I σ(true) = true, σ(false) = false

I σ(s(t1, . . . , tn)) = s(σ(t1), . . . , σ(tn)), s ∈ FΣ ∪ PΣ, arity of s ≥ 1

I σ(¬ϕ) = ¬σ(ϕ)

I σ(ϕ1 • · · · • ϕn) = σ(ϕ) • · · · • σ(ϕn), • ∈ {∧,∨}


Substitutions

Definition (Substitution)

Substitution is mapping σ : Var→ TΣ

Substitution domain dm(σ) = {x ∈ Var | σ(x) 6= x}Substitution range rg(σ): vars in

⋃x∈dm(σ){σ(x)}

For substitution w/ finite domain {x1, . . . , xn}: {x1/σ(x1), . . . , xn/σ(xn)}

Definition (Extension of σ to terms and (sets of) formulas)

I σ(s) = s, s 0-ary function or predicate symbol

I σ(true) = true, σ(false) = false

I σ(s(t1, . . . , tn)) = s(σ(t1), . . . , σ(tn)), s ∈ FΣ ∪ PΣ, arity of s ≥ 1

I σ(¬ϕ) = ¬σ(ϕ)

I σ(ϕ1 • · · · • ϕn) = σ(ϕ) • · · · • σ(ϕn), • ∈ {∧,∨}

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Substitutions

Substitutions

1. At the core of ATP technology: replace parts of formulas2. We want to replace, say, x in p(x) with a term t.

Usually, we want to do this in a minimalistic way, that is only change x butnot any other variable. Therefore, we need the technical notion domainthat tells which variables are affected by a given substitution.

Range is sometimes called variable range. It tells us which variables areintroduced by a substitution.

3. So far, substitutions are defined as homomorphisms on formulas, but . . .

Substitutions Cont’d

Quantified formula hides scope like local variable declaration

σx(y) =

{x x = yσ(y) x 6= y

hence, dm(σx) = dm(σ)\{x}

I σ((Qx)ϕ) = (Qx)σx(ϕ), Q ∈ {∃, ∀}I σ({ϕ1, . . . , ϕn}) = {σ(ϕ1), . . . , σ(ϕn)}I (σ ◦ τ)(x) = σ(τ(x)) = (τσ)(x)

Customary to write ϕσ instead of σ(ϕ)

Example

ϕ = ¬Y ≤ X → (∃z)(¬z ≤ X ∧ ¬Y ≤ z)σ = {X/a, Y /W , z/c}ϕσ = ¬W ≤ a→ (∃z)(¬z ≤ a ∧ ¬W ≤ z)


Substitutions Cont’d

An unwanted effect

(∀x)p(x ,Y ){Y /x} = (∀x)p(x , x)

Definition (Free substitution)

A substitution is free for ϕ, if for all occurrences Y of free variables in ϕ,Y is not in the scope of a quantifier that binds a variable in σ(Y ).

Substitutions easily made free by renaming of bound variables

Composition of free substitutions easy to compute:

Theorem

If σ is free for ϕ and τ is free for ϕσ, then ϕ(στ) = (ϕσ)τ .

Proof is exercise.


Special Cases of Substitutions

Definition (Grounding Substitution)

A grounding substitution σ for ϕ replaces all free variables in a formulaby ground terms: σ(x) ∈ T 0

Σ for all free variables in ϕ.

Definition (Variable Renaming)

A variable renaming of a formula ϕ is a substitution ν with:

I ν(x) ∈ Var for all x ∈ Var

I ν is injective

I ν(x) does not occur in ϕ for free variables x of ϕ

Definition (Idempotent Substitution)

A substitution σ is idempotent if σσ = σ.(This is the case iff vars in range and domain are disjoint.)


Unification

Definition (Unifier, Unifying Substitution, MGU)

A substitution σ is a unifier of a non-empty set of terms T if |Tσ| = 1.

Moreover, σ is most general unifier (MGU) of T , if:

1. σ is unifier of T and

2. for all unifiers ν of T there is a substitution ρ such that ν = σρ

Example

{X/c, Y /a, Z/c} is a unifier of {f (X , a), f (Z ,Y )}, but not an MGUAn MGU is {X/Z , Y /a}

{f (X ,X ), f (Y , g(Y ))} not unifiable, because t 6= g(t) for all t ∈ TΣ

{f (X ), g(Y )} not unifiable, because f (t) 6= g(t ′) for all t, t ′ ∈ TΣ


Unification






Example

{X/c , Y /a, Z/c} is a unifier of {f (X , a), f (Z ,Y )}, but not an MGUAn MGU is {X/Z , Y /a}



2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification

Unification

1. An MGU does not loose any information when it is used to unify twoexpressions, because any other unifier can be recovered from it.

2. There are (infinitely) many MGUs for each pair of unifiable terms with atleast one variable: obtain by adding suitable variable renaming.

Unification






Example

{X/c, Y /a, Z/c} is a unifier of {f (X , a), f (Z ,Y )}, but not an MGUAn MGU is {X/Z , Y /a}




Unification Cont’d

Theorem

If two terms are unifiable, then they have an MGU.

Proof Sketch.

For t, t ′ ∈ TΣ, let t ≤ t ′ (“more general than”) iff tσ = t ′ for some σ

1. If t, t ′ are unifiable with u, then t ≤ u, t ′ ≤ u2. Build a lattice over terms based on ≤3. In a lattice the lub t t t ′ ≤ u always exists and yields MGU

Complications:

1. ≤ is not partial order on TΣ

2. Must define t u t ′ in suitable way (“most specific generalisation”)3. Must ensure that < (strict order derived from ≤) is well-founded4. Show lattice property5. Extract MGU for variable-disjoint t, t ′

6. Lift restriction on variable-disjointness



Theorem


Proof Sketch.



Complications:




2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


Why is ≤ no partial order on TΣ?Anti-symmetry does not hold: x ≤ y & y ≤ x does not imply x = y .

Standard way to obtain PO:condense non-identical elements into equivalence class

t ∼ t ′ iff t ≤ t ′ & t ′ ≤ t is ER on TΣ.

(t ∼ t ′ iff there is injective ν : Var→ Var with tν = t ′.)

≤ is now partial order on TΣ/ ∼ (write [t] for t/ ∼) with:

[t] ≤ [t ′] iff t ≤ t ′ f.a. t ∈ [t], t ′ ∈ [t ′]Proof this as an exercise!

What are the minimal and maximal elements of TΣ/ ∼ wrt ≤?Minimal: [x ] = Var (just one, like anonymous variables in Prolog)

Maximal: {[t] | t ∈ T 0Σ} (no top element!)


Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)

3. Must ensure that < (strict order derived from ≤) is well-founded4. Show lattice property5. Extract MGU for variable-disjoint t, t ′




Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)

3. Must ensure that < (strict order derived from ≤) is well-founded4. Show lattice property5. Extract MGU for variable-disjoint t, t ′


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


t u t ′ =

{f (t1 u t ′1, . . . , tn u t ′n) t = f (t1, . . . , tn), t ′ = f (t ′1, . . . , t

′n)

nv(t, t ′) else (nv : TΣ × TΣ → Var injective)

u on TΣ/ ∼ defined as: [t] u [t ′] = [t u t ′]Definition of u is well-formed, because # of function symbols decreasing.The variable nv(t, t ′) is new, but fixed for each given pair of terms t, t ′!Examples of u:f (g(x), y) u f (h(y), y) = f (u, z)f (x , x) u f (x , x) = f (w ,w)f (x , y) u f (x , x) = f (w , z)TΣ/ ∼ is lower semi-lattice with glb u.

Proof this as an exercise!


Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)3. Must ensure that < (strict order derived from ≤) is well-founded

4. Show lattice property5. Extract MGU for variable-disjoint t, t ′




Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)3. Must ensure that < (strict order derived from ≤) is well-founded

4. Show lattice property5. Extract MGU for variable-disjoint t, t ′


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


By t > t ′, there is σ with σ(t ′) = t, but not vv.

If σ(x) is not a variable for some x , then t contains more functionsymbols than t ′; otherwise, since σ cannot be injective, t must containless different variables than t ′.

Thus, > decreases the number of function symbols or increases the

number of different variables; both must stop after a finite number of

steps.


Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)3. Must ensure that < (strict order derived from ≤) is well-founded4. Show lattice property

5. Extract MGU for variable-disjoint t, t ′




Theorem


Proof Sketch.



Complications:


2. Must define t u t ′ in suitable way (“most specific generalisation”)3. Must ensure that < (strict order derived from ≤) is well-founded4. Show lattice property

5. Extract MGU for variable-disjoint t, t ′


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


TΣ/ ∼ ∪{>} with ≤ is a lattice (> > [t] f.a. t)

Standard (non-constructive) result: If ≤ is well-founded PO with

maximal element and (T ,≤) is lower semi-lattice, then (T ,≤) is lattice.


Theorem


Proof Sketch.



Complications:






Theorem


Proof Sketch.



Complications:




2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


MGU σ of variable-disjoint unifiable terms t, t ′ given by anyσ(t) = σ(t ′) = t ∈ [t] t [t ′]:

Let > 6= [t] = [t] t [t ′] (not >, because t, t ′ are unifiable).

Then exist σ(t) = σ′(t ′) = t for any t ∈ [t].

σ = σ ∪ σ′ (var.-disjointness) is unifier of t and t ′.

σ is MGU: directly from lub property.


Theorem


Proof Sketch.



Complications:






Theorem


Proof Sketch.



Complications:




2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


Let x1, . . . , xn occur in t, t ′.Obtain MGU ρ of variable-disjoint termsf (ν(t), ν(x1), . . . , ν(xn)) and f (ν′(t), ν′(x1), . . . , ν′(xn)),where ν, ν′ variable renamings, f new.

Now σ with σ(xi ) = ρ(ν(xi )) = ρ(ν′(xi )) is MGU.

Properties of MGUs

Some Properties of MGUs

1. If σ is MGU and ν variable renaming, then σν is MGU

1.1 MGUs can be assumed to be idempotent1.2 MGUs can be assumed to be in solved form:

In {x1/t1, . . . , xn/tn} each xi has single occurrence

2. If σ is MGU of T , then |Tσ| can be exponential in |T |

Example

h(x1, x2, . . . , xn, f (y0, y0), . . . , f (yn−1, yn−1), yn)

h(f (x0, x0), . . . , f (xn−1, xn−1), y1, . . . , yn, xn)

Any MGU contains {y0/x0, y1/f (x0, x0), y2/f (f (x0, x0), f (x0, x0)), . . .}Exponential size and time!


Properties of MGUs

Some Properties of MGUs

1. If σ is MGU and ν variable renaming, then σν is MGU

1.1 MGUs can be assumed to be idempotent1.2 MGUs can be assumed to be in solved form:

In {x1/t1, . . . , xn/tn} each xi has single occurrence

2. If σ is MGU of T , then |Tσ| can be exponential in |T |

Example


h(f (x0, x0), . . . , f (xn−1, xn−1), y1, . . . , yn, xn)

Any MGU contains {y0/x0, y1/f (x0, x0), y2/f (f (x0, x0), f (x0, x0)), . . .}Exponential size and time!

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification

Properties of MGUs

1. Any element of [t t t ′] is the result of applying an MGU to t, t ′: MGUsare closed under variable renamings.

Structure of TΣ/ ∼ also makes clear that MGU is unique up to renaming(injective ν : Var→ Var), because non-renaming substitutions move up inTΣ/ ∼ and thus wouldn’t give lub.

Associativity of lattice operators imply that the MGU of a finite set ofterms can be composed from the MGUs of subsets in any desired sequence.

1.1: Idempotency equivalent to range and domain disjoint. This canobviously be achieved by variable renaming. 1.2: Now solved form is trivial.

MGUs Cont’d

Triangular Form of Unifiers

Allow variables to appear both on left and right, but:once a variable appears on the left it cannot appear on the right.

Example


h(f (x0, x0), . . . , f (xn−1, xn−1), y1, . . . , yn, xn)

MGU in triangular form has polynomial size〈y0/x0, yn/f (yn−1, yn−1), . . . , y1/f (x0, x0), xn/f (xn−1, xn−1), . . . , x1/f (x0, x0)〉

I Still exponential time needed to check whether xn, yn unify

I One solution: use DAGs to represent terms

I Unification decidable in linear time


MGUs Cont’d

Triangular Form of Unifiers

Allow variables to appear both on left and right, but:once a variable appears on the left it cannot appear on the right.

Example


h(f (x0, x0), . . . , f (xn−1, xn−1), y1, . . . , yn, xn)

MGU in triangular form has polynomial size〈y0/x0, yn/f (yn−1, yn−1), . . . , y1/f (x0, x0), xn/f (xn−1, xn−1), . . . , x1/f (x0, x0)〉

I Still exponential time needed to check whether xn, yn unify

I One solution: use DAGs to represent terms

I Unification decidable in linear time

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification

MGUs Cont’d

Linear-time algorithms are technically involved.Much effort was spent in late 1970s and early 80s to design low (worstcase) complexity unification algorithms. None of them is used in practice.Why?

1. Having lower asymptotic complexity pays off only when unifying long termsof a certain “bad” shape which do not occur frequently in practice. On theother hand, higher constants are a disadvantage in all other cases.

2. Algorithms require complex datastructures to represent terms that areincompatible with other representations in theorem provers.

3. Deciding non- unifiability is in practice the much more important andcommon case. This led to hashing schemata for terms that proved veryeffective.

Computation of MGUs

A Rule Set to Compute MGUs

T = {s1?= t1, . . . , sn

?= tn} unification problem, σ in solved form

{t ?= t} ∪ T σ

T σ(Trivial)

{t ?= x} ∪ T σ

{x ?= t} ∪ T σ

t 6∈ Var (Orient)

{f (s1, . . . , sn)?= f (t1, . . . , tn)} ∪ T σ

{s1?= t1, . . . , sn

?= tn} ∪ T σ

(Decompose)

{f (s1, . . . , sn)?= g(t1, . . . , tm)} ∪ T σ

>(Clash)

{x ?= t} ∪ T σ

>x occurs in t (Occur Check)

{x ?= t} ∪ T σ x occurs not in t

T{x/t} σ{x/t} ∪ {x/t}(Variable Elimination)


Computation of MGUs

A Rule Set to Compute MGUs

T = {s1?= t1, . . . , sn

?= tn} unification problem, σ in solved form

{t ?= t} ∪ T σ

T σ(Trivial)

{t ?= x} ∪ T σ

{x ?= t} ∪ T σ

t 6∈ Var (Orient)

{f (s1, . . . , sn)?= f (t1, . . . , tn)} ∪ T σ

{s1?= t1, . . . , sn

?= tn} ∪ T σ

(Decompose)

{f (s1, . . . , sn)?= g(t1, . . . , tm)} ∪ T σ

>(Clash)

{x ?= t} ∪ T σ

>x occurs in t (Occur Check)

{x ?= t} ∪ T σ x occurs not in t

T{x/t} σ{x/t} ∪ {x/t}(Variable Elimination)

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification

Computation of MGUs

How to prove that this rule set actually computes an MGU?

The idea is to add a third slot in the rules that maintains the set of those

positions where the terms differ and for which an MGU has been

computed already. This is empty in the beginning and increased in the

(Variable Elimination) rule. All rules keep it as an invariant. In addition,

one argues that all difference pairs are eventually reached. This is

ensured, because the other rules push down the in lattice.

Computation of MGUs Cont’d

Theorem

Any sequence of rule applications terminates either with > or with {}|σ.In the latter case, σ is an MGU for T in solved form.

Example

{f (g(x , y), y)?= f (z , h(z))} {}

{g(x , y)?= z , y

?= h(z)} {}

{z ?= g(x , y), y

?= h(z)} {}

{y ?= h(g(x , y))} {z/g(x , y)}

>



Theorem

Any sequence of rule applications terminates either with > or with {}|σ.In the latter case, σ is an MGU for T in solved form.

Example

{f (g(x , y), y)?= f (z , h(z))} {}

{g(x , y)?= z , y

?= h(z)} {}

{z ?= g(x , y), y

?= h(z)} {}

{y ?= h(g(x , y))} {z/g(x , y)}

>2010-09-09

Hahnle ATP DAT235

First-Order Logic

Unification


{f (g(x , y), y)?= f (z , h(w))} {}

{g(x , y)?= z , y

?= h(w)} {}

{z ?= g(x , y), y

?= h(w)} {}

{y ?= h(w)} {z/g(x , y)}

{} {z/g(x , h(w)), y/h(w)}

Robinson’s Algorithm (1963)

while s1 6= t1 { // (Trivial)let s ′, t ′ be first sub-terms where s1, t1 differ; // (Trivial, Decompose)i f (neither of s ′, t ′ is variable) { return >; // (Clash)} e l se {

let x be a variable; // (Orient)let t be the other term;

i f (x occurs in t) { return >; // (Occur Check)} e l se { // (Variable Elimination)σ := σ{x/t} ∪ {x/t};T := T{x/t};

}

}

}

Robinson’s algorithm is one particular rule application strategy


Organisation

Framework

History



Semantics of First-Order Logic

Definition (First-Order Structure)

First-order structure M = 〈D, I〉 over Σ consists of domain D 6= ∅ andinterpretation I such that:

I for each n-ary f ∈ FΣ is I(f ) : Dn → DI for each n-ary p ∈ PΣ is I(p) ⊆ Dn

Example (M≤ over Σ = Σ≤ )

D = IRI(0) = 0I(a) = −1I(b) = 1

I(f ) =

{IR→ IRx 7→ x2

〈r1, r2〉 ∈ I(≤) iff r1 ≤IR r2

〈r1, r2, r3〉 ∈ I(· ∈ [· , ·]) iff r2 ∈ [r1, r3] in IR



Definition (First-Order Structure)

First-order structure M = 〈D, I〉 over Σ consists of domain D 6= ∅ andinterpretation I such that:

I for each n-ary f ∈ FΣ is I(f ) : Dn → DI for each n-ary p ∈ PΣ is I(p) ⊆ Dn

Example (M≤ over Σ = Σ≤ )

D = IRI(0) = 0I(a) = −1I(b) = 1

I(f ) =

{IR→ IRx 7→ x2

〈r1, r2〉 ∈ I(≤) iff r1 ≤IR r2

〈r1, r2, r3〉 ∈ I(· ∈ [· , ·]) iff r2 ∈ [r1, r3] in IR

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Semantics


1. A structure fixes a domain of discourse and an interpretation of the terms.Domain also called universe.Connectives and quantifier semantics is “built-in” and not variable.The domain needs not be countable. Whether the intended domain can beaxiomatized by FOL is a different question.

2. What is the meaning of the formula on bottom of slide 32 in M≤?Density of real numbers.

Semantics Cont’d

Definition (Variable Assignment (with modification at x))

Variable assignment (for M): β : Var→ D

βdx (y) =

{d x = yβ(y) otherwise

Extend M and β to Terms/Formulas

xM,β = β(x) for x ∈ Var

f (t1, . . . , tn)M,β = I (f )(t1M,β, . . . , tn

M,β)M, β |= true for all M and βM, β |= p(t1, . . . , tn) iff 〈t1

M,β, . . . , tnM,β〉 ∈ I(p)

M, β |= ¬ϕ iff not M, β |= ϕM, β |= ϕ1 ∧ · · · ∧ ϕn iff M, β |= ϕi f.a. 1 ≤ i ≤ nM, β |= ϕ1 ∨ · · · ∨ ϕn iff M, β |= ϕi f.s. 1 ≤ i ≤ nM, β |= (∀x)ϕ iff M, βdx |= ϕ f.a. d ∈ DM, β |= (∃x)ϕ iff M, βdx |= ϕ f.s. d ∈ D


Semantics Cont’d



βdx (y) =




f (t1, . . . , tn)M,β = I (f )(t1M,β, . . . , tn


M,β, . . . , tnM,β〉 ∈ I(p)


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Semantics

Semantics Cont’d

1. Variable assignment fixes the meaning of free variables.The modified variable assignment is needed to handle quantifiers whosescope is over a local variable x . This is analogous to a runtime stack withvalues of local variables. We encountered this technicality already whenextending substitutions to quantified formulas.

Semantics Cont’d



βdx (y) =




f (t1, . . . , tn)M,β = I (f )(t1M,β, . . . , tn


M,β, . . . , tnM,β〉 ∈ I(p)



Semantics Cont’d



βdx (y) =




f (t1, . . . , tn)M,β = I (f )(t1M,β, . . . , tn


M,β, . . . , tnM,β〉 ∈ I(p)


2010-09-09

Hahnle ATP DAT235

First-Order Logic

Semantics

Semantics Cont’d

1. Variable assignment fixes the meaning of free variables.The modified variable assignment is needed to handle quantifiers whosescope is over a local variable x . This is analogous to a runtime stack withvalues of local variables. We encountered this technicality already whenextending substitutions to quantified formulas.

2. Case for false not needed, because excluded by inductive definition:M, β |= false for no M and β

Semantics Cont’d

Definition (Satisfaction, Validity)

M, β satisfy ϕ ∈ LΣ when M, β |= ϕ.

M is a model of ϕ when M, β |= ϕ for all β.

ϕ ∈ LΣ is valid if each Σ-structure is a model of ϕ: write |= ϕ.

Example

ψ = ∀x , y [¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)]

M≤ model of ψ (IR is dense); ψ not valid

∀x p(x)→ ∃y p(y) valid


Semantics Cont’d

Definition (Satisfaction, Validity)

M, β satisfy ϕ ∈ LΣ when M, β |= ϕ.

M is a model of ϕ when M, β |= ϕ for all β.

ϕ ∈ LΣ is valid if each Σ-structure is a model of ϕ: write |= ϕ.

Example

ψ = ∀x , y [¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)]

M≤ model of ψ (IR is dense); ψ not valid

∀x p(x)→ ∃y p(y) valid2010-09-09

Hahnle ATP DAT235

First-Order Logic

Semantics

Semantics Cont’d

Exercise in formalisation:Intermediate Value Theorem:Let f be a continous function on [a, b].Then f takes on every value in [min(f (a), f (b)), max(f (a), f (b))].You can make simplifying assumptions, like f (a) < f (b).There are many possibilities to define continuity of a function. Not all areeasy to express in FOL!Try to use only the signature Σ≤ and the symbols occurring in thestatement of the theorem.

If you are ambituous, try to formalize a proof. You need total order,

density, and closedness of the reals.

Semantics Example

“Sticks and stones may break your bones, but words will never hurt”

I weapon, word, hurts unary predicate symbolsI stone, stick, blockhead constants


Satisfiable? Valid?

D = {towel, rosebud}I(stick) = I(stone) = towelI(blockhead) = rosebudI(word) = {〈rosebud〉}I(weapon) = {〈towel〉}I(hurts) = {〈towel〉}

Cannot access domain objects from formulas!


Semantics Cont’d

Definition (Logical Consequence, Equivalence)

ϕ ∈ LΣ is logical consequence of Ψ ⊂ LΣ if each structure that is amodel for all ψ ∈ Ψ is also model of ϕ.

Write Ψ |= ϕ (note that |= is overloaded)

Two formulas are equivalent if they are consequences of each other.

Two formulas are satisfiability equivalent if they are either bothsatisfiable (possibly in different structures) or both unsatisfiable.

Equivalence implies satisfiability equivalence

Example

(∃x)(∃y)p(x , y) and (∃y)(∃x)p(x , y) are equivalent.

(∃x)p(x) and p(c) are only satisfiability equivalent. — Why?


Semantics of Propositional Logic

Propositional Logic

I No quantifiers

I No function symbols

I Only 0-ary predicates (propositional variables)

Consequence: domain is irrelevant, require only interpretation I of p

Represent I : Σ→ 2D0= {∅, 〈〉} as I = {p ∈ Σ | I(p) 6= ∅} ⊆ Σ



Propositional Logic

I No quantifiers

I No function symbols

I Only 0-ary predicates (propositional variables)

Consequence: domain is irrelevant, require only interpretation I of p

Represent I : Σ→ 2D0= {∅, 〈〉} as I = {p ∈ Σ | I(p) 6= ∅} ⊆ Σ

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Semantics


1. D0 = {〈〉} is the set consisting of the empty tuple.2. A propositional interpretation is identified with the set of propositional

variables it makes true.

Example of Formalisation in FOL

A Theorem in Elementary Set Theory

(1) S ∩ Q = ∅ (2) P ⊆ Q ∪ R(3) P = ∅ ; Q 6= ∅ (4) Q ∪ R ⊆ S

(5) P ∩ R 6= ∅

Formalisation of Set Theory in FOL

I Atom p(x) models x ∈ PRecall that M, β |= p(x) iff β(x) ∈ I(p) ⊆ D

I conjunction ∼ intersection, disjunction ∼ union

I implication ∼ subset relation, existential quantifier ∼ non-empty set

Example

(1) ¬∃x(s(x) ∧ q(x)) (2) ∀x(p(x)→ (q(x) ∨ r(x)))(3) ¬∃x(p(x))→ ∃y(q(y)) (4) ∀x((q(x) ∨ r(x))→ s(x))

(5) ∃x(p(x) ∧ r(x))


Organisation

Framework

History



Meta Results: Complexity

Propositional Logic

I The relation � is decidable and co-NP-complete

I Deciding satisfiability of a formula is an NP-complete problem

First-Order Logic

I The relation � is undecidable

I The sets of valid and unsatisfiable formulas are recursivelyenumerable

I The set of satisfiable formulas is not recursively enumerable


Meta Results: Characterizing Logical Consequence

Theorem (Deduction Theorem)

For any ϕ ∈ LΣ and sentences Ψ ⊂ LΣ:

Ψ |= ϕ iff Ψ ∪ {¬ϕ} is unsatisfiable.

If Ψ finite, this holds iff |=∧ψ∈Ψ ψ → ϕ.

Special case: ϕ is valid iff ¬ϕ is unsatisfiable.

Example

Ψ must be sentences:

Ψ = {p(Y )}, ϕ = (∀x)p(x)

Ψ |= ϕ, but {p(Y ), ¬(∀x)p(x)} satisfiable

(use M = 〈{a, b}, I〉, where I(p) = {〈b〉}, β(Y ) = b)








Example


Ψ = {p(Y )}, ϕ = (∀x)p(x)



2010-09-09

Hahnle ATP DAT235

First-Order Logic

Meta Results


The Deduction Theorem is extremely important for ATP, because itallows to reduce the meta-level consequence relation to the object level.

It is usually combined with the well-known principle of proof bycontradiction which reduces validity to unsatisfiability.

The second crucial reduction is discussed on the next slide.







Example


Ψ = {p(Y )}, ϕ = (∀x)p(x)




Meta Results: Representing Structures Syntactically

Cannot Prove Validity Based on Semantic Definitions

I Uncountably many structures

I Content of domain inaccessible from formulas

Herbrand’s Idea: work with structures based on the formula signature

Definition (Term Structure)

Assume FΣ contains at least one constant: T 0Σ 6= ∅.

A Σ-term structure is a structure whose domain is D = T 0Σ .

I Now tM,β ∈ T 0Σ and β(x) ∈ T 0

Σ

I Identify variable assignments with ground substitutions


Herbrand Structures

Interpretation in Σ-Term Structures

I It is natural to fix tM,β = β(t)

Call Σ-term structures with this property Herbrand structure.

I As in prop. logic, identify interpretations with sets of ground atoms:

{p(t1, . . . , tn) ∈ A0Σ | 〈t1, . . . , tn〉 ∈ I(p)} ⊆ A0

Σ

I Semantics of propositional connectives unaffected

I How to interpret quantified formulas?

Skolem Symbols

When does M, β |= (∃x)ϕ hold?

I there must be some ground term t such that M, β |= ϕ{x/t}I but interpretation of t must not be “committed”: use fresh symbol


Herbrand Structures

Interpretation in Σ-Term Structures

I It is natural to fix tM,β = β(t)

Call Σ-term structures with this property Herbrand structure.

I As in prop. logic, identify interpretations with sets of ground atoms:

{p(t1, . . . , tn) ∈ A0Σ | 〈t1, . . . , tn〉 ∈ I(p)} ⊆ A0

Σ

I Semantics of propositional connectives unaffected

I How to interpret quantified formulas?

Skolem Symbols

When does M, β |= (∃x)ϕ hold?

I there must be some ground term t such that M, β |= ϕ{x/t}I but interpretation of t must not be “committed”: use fresh symbol

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Meta Results

Herbrand Structures

1. For ground terms we have tM,β = t2. The problem is to assign a domain element for the value of x that makes

(∃ x)ϕ(x) true. If we take a ground term t, then we cannot in generalassign t itself as the denotation of t anymore. Hence, this bijection willnot satisfy tM,β = β(t).

Herbrand Structures Cont’d

Definition (Skolem-Extension of Signature)

Given signature Σ for a set of first-order formulas.

Fsko has countably many function symbols for each arity disjoint with FΣ.

The Skolem-extension of Σ is Σ∗ = 〈PΣ∗ , FΣ∗〉, where:PΣ∗ = PΣ and FΣ∗ = FΣ ∪ Fsko.

Later we will prove:

Theorem

Let Σ∗ be Skolem-extension for a LΣ-formula ϕ.

Then ϕ is satisfiable iff there is a Herbrand structure H over Σ∗ that is amodel of ϕ.


Herbrand Structures: Example

Example

ϕ = q ∧ p(0) ∧ (∀x)(p(x)→ p(s(s(x))))

Ground terms over signature Σ of ϕ are T 0Σ = {0, s(0), s(s(0)), . . .}

A0Σ = {q, p(0), p(s(0)), p(s2(0)), . . .}

Define an Herbrand structure H = (T 0Σ , I):

Let I(q) = {q}Let I = {p(0), p(s2(0)), p(s4(0)), . . .}Then I = I(p) ∪ I(q) = {q, p(0), p(s2(0)), p(s4(0)), . . .}H is a model of ϕ

When the domain T 0Σ of an Herbrand structure is fixed, identify H with I

A model that is also an Herbrand structure is called Herbrand model



Example

ϕ = q ∧ p(0) ∧ (∀x)(p(x)→ p(s(s(x))))

Ground terms over signature Σ of ϕ are T 0Σ = {0, s(0), s(s(0)), . . .}

A0Σ = {q, p(0), p(s(0)), p(s2(0)), . . .}

Define an Herbrand structure H = (T 0Σ , I):

Let I(q) = {q}Let I = {p(0), p(s2(0)), p(s4(0)), . . .}Then I = I(p) ∪ I(q) = {q, p(0), p(s2(0)), p(s4(0)), . . .}H is a model of ϕ

When the domain T 0Σ of an Herbrand structure is fixed, identify H with I

A model that is also an Herbrand structure is called Herbrand model

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Meta Results


Note that we do need the extended signature to construct an Herbrand

model for ϕ. This is due to the fact that ϕ contains only “universal”

subformulas. This can be stated as a theorem.

Herbrand’s Theorem

Definition (Universal Formula)

A universal formula is a sentence of the form (∀x1, . . . , xk)ϕ where ϕ isquantifier-free.

For universal formulas Skolem-extensions are not required

Theorem (Herbrand’s Theorem)

A set Ψ of universal Σ-formulas has a model iff

Ψ has an Herbrand model over Σ iff

The set Σ(Ψ) of all ground instances of Ψ has an Herbrand model

Σ(Ψ) = {ϕ{x1/t1, . . . , xn/tn} | (∀x1, . . . , xn)ϕ ∈ Ψ, ti ∈ T 0Σ , 1 ≤ i ≤ n}

Example

Σ(Ψ) for Ψ = {q, p(0), (∀x)(p(x)→ p(s2(x)))}:{q, p(0), p(0)→ p(s2(0)), p(s(0))→ p(s3(0)), . . .}Hahnle ATP DAT235: Prerequisites 100831 47 / 60


Definition (Universal Formula)

A universal formula is a sentence of the form (∀x1, . . . , xk)ϕ where ϕ isquantifier-free.

For universal formulas Skolem-extensions are not required

Theorem (Herbrand’s Theorem)

A set Ψ of universal Σ-formulas has a model iff

Ψ has an Herbrand model over Σ iff

The set Σ(Ψ) of all ground instances of Ψ has an Herbrand model

Σ(Ψ) = {ϕ{x1/t1, . . . , xn/tn} | (∀x1, . . . , xn)ϕ ∈ Ψ, ti ∈ T 0Σ , 1 ≤ i ≤ n}

Example

Σ(Ψ) for Ψ = {q, p(0), (∀x)(p(x)→ p(s2(x)))}:{q, p(0), p(0)→ p(s2(0)), p(s(0))→ p(s3(0)), . . .}

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Meta Results


1. For universal formulas an even more restrictive class of structures thanterm structures is sufficient: Herbrand structures.

2. Herbrand’s Theorem is extremely important for ATP, because itreduces—in a sense—semantics to syntax. Only ground instances andHerbrand structures need to be considered.

3. Proof sketch:(i) to (iii): observe that any ground term denotes some value, therefore,Σ(Ψ) has a model. Compute all ground atoms I that are consequences ofΣ(Ψ). This set, seen as an Herbrand interpretation, is easily shown tosatisfy Σ(Ψ) (eg, by structural induction).(iii) to (ii): by definition of Herbrand model and the fact that variableassignments are grounding substitutions in Herbrand models.(ii) to (i): trivial.

Meta Results: Compactness

Definition (Compactness)

A logic is compact provided that any set Φ of formulas has a model iff allfinite subsets of Φ have a model.

Theorem (Compactness of First-Order Logic)

First-order logic is compact.

Corollary

A set Ψ of universal formulas is unsatisfiable iff there is an unsatisfiablefinite set Ψ ⊆ Σ(Ψ) of ground instances of Ψ.

This follows from compactness and Herbrand’s Theorem



Definition (Compactness)

A logic is compact provided that any set Φ of formulas has a model iff allfinite subsets of Φ have a model.

Theorem (Compactness of First-Order Logic)

First-order logic is compact.

Corollary

A set Ψ of universal formulas is unsatisfiable iff there is an unsatisfiablefinite set Ψ ⊆ Σ(Ψ) of ground instances of Ψ.

This follows from compactness and Herbrand’s Theorem

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Meta Results


1. The contraposition of Compactness (+ Deduction Theorem) says:A set of formulas is unsatisfiable iff it has already a finite subset that isunsatisfiable.This yields the strong version of Herbrand’s Theorem (the Corollary). Toshow unsatisfiability, we only need a finite number of ground substitutions.These turn out to be obtainable from MGUs. It is sufficient to look at allpossible MGUs between all atoms of a large enough number of newinstances of universal formula. These are finitely many!During this course we will proof several constructive versions of thistheorem.

2. Note that a satisfiable universal formula needs not have a finite Herbrandmodel as ϕ on the previous slide shows.In general a satisfiable formula needs not have a finite model at all.

Meta Results: Replacement Theorem

Theorem (Replacement Theorem)

Let ϕ, ψ, ψ′ ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ].Assume ψ and ψ′ are equivalent.Let ϕ′ be the result of replacing the occurrence of ψ in ϕ with ψ′, thatis, ϕ′ = ϕ[ψ′].Then ϕ and ϕ′ are equivalent.

Can be weakened to “logical consequence”.

Example

Cannot be weakened to “satisfiability equivalent”:

ϕ = p ∧ q, ψ = q, ψ′ = ¬p, then ϕ′ = p ∧ ¬p


Normal Form

Normal Forms of Formulas, cf. Compilation

Rewrite formulas into (satisfiability) equivalent simpler form

I Less connectives and quantifiers, more regular syntactic structure

I Simpler datastructures often more efficient

I Easier to define optimized proof rules

I Caveat: preserve semantics, avoid information loss


Clauses

Definition (Clause)

A clause is one of the following universal formulas:

I false, denoted with symbol 2I (∀x1, . . . , xn)(L1 ∨ · · · ∨ Lm), m ≥ 1, Li literals

Clause Notation

I Disjunction associative & commutative:identify clause with multiset of literals {{L1, . . . , Lm}}

I Universal quantification over all free variables implicit

I Empty multiset {{}} = empty clause 2 = false

I Hence, notation C ⊆ D, L ∈ C , etc., well-defined

I Clause with exactly one literal occurrence: unit clause


Clauses

Definition (Clause)

A clause is one of the following universal formulas:

I false, denoted with symbol 2I (∀x1, . . . , xn)(L1 ∨ · · · ∨ Lm), m ≥ 1, Li literals

Clause Notation

I Disjunction associative & commutative:identify clause with multiset of literals {{L1, . . . , Lm}}

I Universal quantification over all free variables implicit

I Empty multiset {{}} = empty clause 2 = false

I Hence, notation C ⊆ D, L ∈ C , etc., well-defined

I Clause with exactly one literal occurrence: unit clause

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form

Clauses

Universal formulas played already a role in Herbrand’s Theorem.

Further syntactic restrictions are essential for efficient theorem proving

methods.

Normal Forms: Conjunctive Normal Form

Definition (CNF)

A formula ϕ is in conjunctive normal form (CNF) if it is of the form

r∧i=1

Ci , where the Ci are clauses

Identify CNF formula with finite set of clauses {C1, . . . ,Cr}


Clause Instantiation

Definition (σ-Instance)

Let domain dm(σ) of substitution σ be variables of clauseC = {{L1, . . . , Lm}}.Cσ = {{L1σ, . . . , Lmσ}} σ-instance of C .

If σ is variable renaming: Cσ new instance of C .

If σ is ground substitution: Cσ ground instance of C .

σ-instance is not ((∀x1, . . . , xn)(L1 ∨ · · · ∨ Lm))σ, but(∀y1, . . . , yn)(L1σ ∨ · · · ∨ Lmσ), where {y1, . . . , yn} = rg(σ)

Theorem

Every LΣ-formula ϕ can be transformed into a LΣ∗-formula ϕ∗ in CNFthat is satisfiability equivalent to ϕ.



Definition (σ-Instance)

Let domain dm(σ) of substitution σ be variables of clauseC = {{L1, . . . , Lm}}.Cσ = {{L1σ, . . . , Lmσ}} σ-instance of C .

If σ is variable renaming: Cσ new instance of C .

If σ is ground substitution: Cσ ground instance of C .

σ-instance is not ((∀x1, . . . , xn)(L1 ∨ · · · ∨ Lm))σ, but(∀y1, . . . , yn)(L1σ ∨ · · · ∨ Lmσ), where {y1, . . . , yn} = rg(σ)

Theorem

Every LΣ-formula ϕ can be transformed into a LΣ∗-formula ϕ∗ in CNFthat is satisfiability equivalent to ϕ.

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form


In the resulting clause instances their quantifier prefix is implicitly stillpresent.

In the case of ground instances, of course, no quantifiers present, because

the range of a ground substitution is the empty set.

Computing CNF Step by Step

Example

(∀u)(∀x)( ((∀y)p(y , u)→ p(x ,Y )) ∧ (∀x)p(x , u) )

Step 1: Expand → and ↔(∀u)(∀x)( (¬(∀y)p(y , u) ∨ p(x ,Y )) ∧ (∀x)p(x , u) )

Step 2: Renaming of Bound Variables

Any variable bound at most once and no variable appears bound and free

(∀u)(∀x)( (¬(∀w)p(w , u) ∨ p(x ,Y )) ∧ (∀z)p(z , u) )

Step 3: Push ¬ inwards: Negation Normal Form (NNF)

Use De Morgan’s laws and ¬∃ ≡ ∀¬, ¬∀ ≡ ∃¬

(∀u)(∀x)( ((∃w)¬p(w , u) ∨ p(x ,Y )) ∧ (∀z)p(z , u) )


Computing CNF Step by Step Cont’d

Step 4: Eliminate ∃-formulas: Skolemization

M, β |= (∃x)ϕ iff M, βdx |= ϕ for some d ∈ D

I use syntactic representation td of d to replace (∃x)ϕ with ϕ{x/td}I ensure existence of suitable interpretation by using fresh f ∈ Fsko

I td depends on free variables in (∃x)ϕ, so taketd = f (x1, . . . , xn) where {x1, . . . , xn} free vars of (∃x)ϕ

Replace subformula (∃x)ϕ (free vars {x1, . . . , xn}) by ϕ{x/f (x1, . . . , xn)}

Preserves satisfiability over suitable Σ∗-structure (f (x1, . . . , xn)M∗,β = d)

Example

(∀u)(∀x)( ((∃w)¬p(w , u) ∨ p(x ,Y )) ∧ (∀z)p(z , u) )(∀u)(∀x)( (¬p(f (u), u) ∨ p(x ,Y )) ∧ (∀z)p(z , u) )


About Skolemization

Result of Skolemization depends on chosen subformula

(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y

Pushing ∃ in first (“miniscoping”) can help

(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)

Re-Using Skolem Symbols

Assume Skolem symbols of same arity are ordered f1, f2, . . .

When replacing subformula ψ = (∃x)ϕ of LΣ∗-formula use fi s.th.:

1. i > j for all fj of same arity occurring in ψ

2. if fψ = fψ′ then ψ, ψ′ are renamings of each other


About Skolemization


(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y


(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)






2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form

About Skolemization

1. Working from outside in (that is, Skolemizing outermost quantifiers first)tends to give better results.

About Skolemization


(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y


(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)







About Skolemization


(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y


(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)






2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form

About Skolemization


2. Minimizing the scope can get rid of free variables in the scope.“Miniscoping” also called “antiprenexing”.It is not sound to “prenex” the existential quantifier over conjunctions ingeneral, but “antiprenexing” is ok.

About Skolemization


(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y


(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)







About Skolemization


(∀x)(∃y)(∃z)p(x , y , z)(∀x)p(x , f (x), g(x))

(∀x)p(x , k(x), h(x , k(x)))

y , z

z , y


(∃x)(p(x) ∧ q(y))(∃x)p(x) ∧ q(y) p(c) ∧ q(y)

p(f (y)) ∧ q(y)






2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form

About Skolemization


2. Minimizing the scope can get rid of free variables in the scope.“Miniscoping” also called “antiprenexing”.It is not sound to “prenex” the existential quantifier over conjunctions ingeneral, but “antiprenexing” is ok.

3. It is enough when f is new in the context of the scope of its quantifier.This relaxation is expressed in the second condition.Associating Skolem symbols with subformulas also makes theimplementation more efficient, because they can be allocated up front.

Computing CNF Step by Step Cont’d

Step 5: Pull ∀ out: Prenex Normal Form (PNF)

(∀u)(∀x)( (¬p(f (u), u) ∨ p(x ,Y )) ∧ (∀z)p(z , u) )

(∀u, x , z)( (¬p(f (u), u) ∨ p(x ,Y )) ∧ p(z , u) )

This is sound, because of bound variable renaming (step 2)

Step 6: Compute CNF of Scope

Use distributivity of ∨, ∧(∀u, x , z)( (¬p(f (u), u) ∨ p(x ,Y )) ∧ p(z , u) )

Using clause notation:{{{¬p(f (u), u), p(x , y)}}, {{p(z , u)}}}


Complexity of Normal Form Computation

Steps 1 (elimination of ↔) and 6 (propositional CNF) can lead to“exponential blowup”

Example

(p1 ∧ q1) ∨ (p2 ∧ q2) ∨ · · · ∨ (pn ∧ qn)

is transformed into 2n clauses(p1 ∨ p2 ∨ · · · ∨ pn) ∧(p1 ∨ p2 ∨ · · · ∨ qn) ∧

· · ·(q1 ∨ q2 ∨ · · · ∨ qn)

Idea: introduce abbreviations for subformulas to render them “flat”


Structure Preserving CNF Translation

Theorem (Replacing complex subformulas by abbreviations)

Let ϕ, ψ ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ]

{x1, . . . , xn} the free variables of ψ, p n-ary predicate symbol fresh for ϕ

Then ϕ satisfiability equivalent to:

(∀x1, . . . , xn)(p(x1, . . . , xn)↔ ψ) ∧ ϕ[p(x1, . . . , xn)]

I Follows directly from Replacement Theorem and definition of ↔I Apply whenever ψ is disjunction, conjunction, equivalence: nesting

depth of ϕ reduced

I Linear # of logical connectives in ϕ:after |ϕ| many steps fixed logical nesting depth of 3 obtained

I Steps 1+6 now depth-bound, remaining steps 2–5 are polynomial



Theorem (Replacing complex subformulas by abbreviations)

Let ϕ, ψ ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ]

{x1, . . . , xn} the free variables of ψ, p n-ary predicate symbol fresh for ϕ

Then ϕ satisfiability equivalent to:

(∀x1, . . . , xn)(p(x1, . . . , xn)↔ ψ) ∧ ϕ[p(x1, . . . , xn)]

I Follows directly from Replacement Theorem and definition of ↔I Apply whenever ψ is disjunction, conjunction, equivalence: nesting

depth of ϕ reduced

I Linear # of logical connectives in ϕ:after |ϕ| many steps fixed logical nesting depth of 3 obtained

I Steps 1+6 now depth-bound, remaining steps 2–5 are polynomial

2010-09-09

Hahnle ATP DAT235

First-Order Logic

Normal Form


1. Replacement theorem gives equivalence, but first have to extend signatureand fix suitable interpretation to accomodate new symbol.Hence, only satisfiability equivalence. But this happens already forskolemization.

2. There are a linear number of new abbreviations, each at most linear in sizeof (free variables in) ϕ, hence result is at most quadratic.

3. Generating a “good” short CNF is difficult (for example choosing the rightSkolem term). One could give a course just on this problem.

Normal Forms: Summary

I Simpler syntax helps todetect new refinements

I Efficient implementability

I Completeness proofs staymanagable

I Comparability (mostdeduction proceduresimplemented on clauses)

I Proofs hard to read for humans

I Some uses (verification) needproofs on non-clausal level:information loss, decompilation

I For some non-classical logics aCNF is unknown

I Some uses (knowledgecompilation) require modelpreservation: CNF exponential

I Computing a “good” CNF isdifficult

Computing CNF neglected & underresearched topic


Introduction, First-Order Logic · Automated Theorem Proving DAT235 Introduction, First-Order Logic...

Documents

Transcript of Introduction, First-Order Logic · Automated Theorem Proving DAT235 Introduction, First-Order Logic...