Reasoning in Complex Theories and Applications Viorica - PowerPoint PPT Presentation

Reminder: Variables Predicate logic admits the formulation of abstract, schematic assertions. (Object) variables are the technical tool for schematization. We assume that X is a given countably infinite set of symbols which we use for (the denotation of) variables. 21

Terms Terms over Σ (Σ-terms) are formed according to these syntactic rules: , x ∈ X s , t , u , v ::= x (variable) | f ( s 1 , ..., s n ) , f / n ∈ Ω (functional term) By T Σ ( X ) we denote the set of Σ-terms (over X ). A term not containing any variable is called a ground term. Example 1: Σ 1 = ( { f /2, g /1, c /0 } , { P /2 } ) Terms: f ( g ( x ), y ), g ( f ( x , c )), c Example 2: Σ 2 = ( { +/2, s /1, 0/0 } , {≤ /2 } ) Terms: x + s ( y ), s (0 + s ( z )), 0 22

Reminder: Atoms Atoms (atomic formulas) over Σ are formed according to this syntax: , p / m ∈ Π A , B ::= p ( s 1 , ..., s m ) h i | ( s ≈ t ) (equation) Whenever we admit equations as atomic formulas we are in the realm of first-order logic with equality. Example 1: Σ 1 = ( { f /2, g /1, c /0 } , { P /2 } ) Atoms: P ( f ( g ( x ), y ), g ( f ( x , c ))), P ( c , c ) Example 2: Σ 2 = ( { +/2, s /1, 0/0 } , {≤ /2 } ) Atoms: x + s ( y ) ≤ s (0 + s ( z )), s (0) ≤ 0 23

Reminder: Literals and clauses Literals: L ::= A (positive literal) | ¬ A (negative literal) Clauses ⊥ C , D ::= (empty clause) | L 1 ∨ . . . ∨ L k , k ≥ 1 (non-empty clause) 24

Reminder: General First-Order Formulas F Σ ( X ) is the set of first-order formulas over Σ defined as follows: ⊥ F , G , H ::= (falsum) | ⊤ (verum) | (atomic formula) A | ¬ F (negation) | ( F ∧ G ) (conjunction) | ( F ∨ G ) (disjunction) | ( F → G ) (implication) | ( F ↔ G ) (equivalence) A | (universal quantification) x F E | (existential quantification) x F 25

Conventions In what follows we will use the following conventions: constants (0-ary function symbols) are denoted with a , b , c , d , ... function symbols with arity ≥ 1 are denoted • f , g , h , ... if the formulae are interpreted into arbitrary algebras • +, − , s , ... if the intended interpretation is into numerical domains predicate symbols with arity 0 are denoted p , q , r , s , ... predicate symbols with arity ≥ 1 are denoted • P , Q , R , ... if the formulae are interpreted into arbitrary algebras • ≤ , ≥ , < , > if the intended interpretation is into numerical domains variables are denoted x , y , z , ... 26

Reminder: Σ -algebras, valuations Σ -algebra A = ( A , { f A : A a ( f ) → A } f ∈ Ω , { P A ⊆ A a ( P ) } P ∈ Pred ) Valuation in a Σ -algebra A = ( A , { f A } f ∈ Ω , { P A } P ∈ Pred ) : β : X → A extends in a canonical way to terms 27

Reminder: Σ -algebras, valuations Σ -algebra A = ( A , { f A : A a ( f ) → A } f ∈ Ω , { P A ⊆ A a ( P ) } P ∈ Pred ) Valuation in a Σ -algebra A = ( A , { f A } f ∈ Ω , { P A } P ∈ Pred ) : β : X → A extends in a canonical way to terms: Example 1: Σ 1 = ( { f /2, g /1, c /0 } , { P /2 } ) A 1 = ( { a , b } , { f A , g A , c A } , { P A } ) f A : A 2 → A f A ( a , a ) = f A ( a , b ) = a , f A ( b , a ) = f A ( b , b ) = b , g A : A → A g A ( a ) = b , g A ( b ) = a , c A = a ∈ A P A ⊆ A 2 P A = { ( b , a ) } . Valuation in A 1 . β : X → { a , b } with β ( x ) = a , β ( y ) = b ( A 1 , β )( f ( g ( x ), y )) = f A ( g A ( β ( x )), β ( y )) = f A ( g A ( a ), b ) = b 28

Reminder: Σ -algebras, valuations Σ -algebra A = ( A , { f A : A a ( f ) → A } f ∈ Ω , { P A ⊆ A a ( P ) } P ∈ Pred ) Valuation in a Σ -algebra A = ( A , { f A } f ∈ Ω , { P A } P ∈ Pred ) : β : X → A extends in a canonical way to terms: Example 1: Σ 1 = ( { f /2, g /1, c /0 } , { P /2 } ) A 1 = ( { a , b } , { f A , g A , c A } , { P A } ) f A : A 2 → A f A ( a , a ) = f A ( a , b ) = a , f A ( b , a ) = f A ( b , b ) = b , g A : A → A g A ( a ) = b , g A ( b ) = a , c A = a ∈ A P A ⊆ A 2 P A = { ( b , a ) } . Valuation in A 1 . β : X → { a , b } with β ( x ) = a , β ( y ) = b ( A 1 , β )( f ( g ( x ), y )) = f A ( g A ( β ( x )), β ( y )) = f A ( g A ( a ), b ) = b Example 2: Σ 2 = ( { +/2, s /1, 0/0 } , {≤ /2 } ) A 2 = ( Z , { +, s , 0 } , {≤} ) Valuation in A 2 . β : X → Z with β ( x ) = 4, β ( y ) = 5 ( A 2 , β )(+( s ( x ), y )) = s ( β ( x )) + β ( y ) = s (4) + 5 = 5 + 5 = 10 29

Reminder: Σ -algebras, valuations Σ -algebra A = ( A , { f A : A a ( f ) → A } f ∈ Ω , { P A ⊆ A a ( P ) } P ∈ Pred ) Valuation in a Σ -algebra A = ( A , { f A } f ∈ Ω , { P A } P ∈ Pred ) : β : X → A extends in a canonical way to formulae: P A ⊆ A 2 P A = { ( b , a ) } ; Example 1: A 1 = ( { a , b } , { f A , g A , c A } , { P A } ) f A : A 2 → A f A ( a , a ) = f A ( a , b ) = a , f A ( b , a ) = f A ( b , b ) = b , g A : A → A g A ( a ) = b , g A ( b ) = a , c A = a ∈ A β : X → { a , b } with β ( x ) = a , β ( y ) = b A ( A 1 , β )( xP ( f ( g ( x ), x ), c )) = min { ( A 1 , β [ x �→ d ]) P ( f ( g ( x ), x ), c ) | d ∈{ a , b }} = min { P A ( f A ( g A ( a ), a ), c A ), P A ( f A ( g A ( b ), b ), c A ) } = min { P A ( f A ( b , a ), a ), P A ( f A ( a , b ), a ) } = min(1, 0) = 0 E ( A 1 , β )( xP ( f ( g ( x ), x ), c )) = max { ( A 1 , β [ x �→ d ]) P ( f ( g ( x ), x ), c ) | d ∈{ a , b }} = max { P A ( f A ( g A ( a ), a ), c A ), P A ( f A ( g A ( b ), b ), c A ) } = max { P A ( f A ( b , a ), a ), P A ( f A ( a , b ), a ) } = max(1, 0) = 1 30

Reminder: Satisfiability, Validity, Entailment ( A , β ) | = F iff ( A , β )( F ) = 1 A | = F iff ( A , β )( F ) = 1 for all β : X → A F is valid iff | = F iff ( A , β )( F ) = 1 for all A and all β : X → A Validity Satisfiability F is satisfiable iff ( A , β )( F ) = 1 for some A and β : X → A Note: F valid iff ¬ F is unsatisfiable Entailment: A A F | = G iff ( A β : X → A if ( A , β ) | = F then ( A , β ) | = G ). A A N | A β : X → A if ( A , β ) | = F for all F ∈ N then ( A , β ) | = G iff ( = G ). Note: F | F ∧ ¬ G unsatisfiable F ∧ ¬ G | = ⊥ = G iff iff Validity/Satisfiability/Entailment are undecidable in first-order logic 31

Reminder: Satisfiability, Validity, Entailment ( A , β ) | = F iff ( A , β )( F ) = 1 A | = F iff ( A , β )( F ) = 1 for all β : X → A F is valid iff | = F iff ( A , β )( F ) = 1 for all A and all β : X → A Validity Satisfiability F is satisfiable iff ( A , β )( F ) = 1 for some A and β : X → A Note: F valid iff ¬ F is unsatisfiable Entailment: A A F | = G iff ( A β : X → A if ( A , β ) | = F then ( A , β ) | = G ). A A N | A β : X → A if ( A , β ) | = F for all F ∈ N then ( A , β ) | = G iff ( = G ). In applications, when testing validity/satisfiability/entailment we want to test it w.r.t. a specific class of models (e.g. only those satisfying a set of axioms) Note: F | F ∧ ¬ G unsatisfiable F ∧ ¬ G | = ⊥ = G iff iff ... associated with the theory corresponding to the application. Validity/Satisfiability/Entailment are undecidable in first-order logic 32

Logical theories Syntactic view Axiomatized by a set F of (closed) first-order Σ-formulae. the models of F : Mod( F ) = {A ∈ Σ-alg | A | = G , for all G in F} F ⊆ Th(Mod( F )) (typically strict) Semantic view M ⊆ Mod(Th( M )) (typically strict) given a class M of Σ-algebras the first-order theory of M : Th( M ) = { G ∈ F Σ ( X ) closed | M | = G } Th(Mod( F )) the set of formulae true in all models of F represents exactly the set of consequences of F 33

Examples 1. Groups. Σ = ( { e /0, ∗ /2, i /1 } , ∅ ) 8 A x ∗ ( y ∗ z ) ≈ ( x ∗ y ) ∗ z x , y , z > > F = < A x ∗ i ( x ) ≈ e ∧ i ( x ) ∗ x ≈ e x (group axioms) > > A : x ∗ e ≈ x ∧ e ∗ x ≈ x x Mod( F ): the class of all groups; F ⊂ Th(Mod( F )) 2. Linear integer arithmetic. Σ = ( { 0/0, s /1, +/2 } , {≤ /2 } ) Z + = ( Z , 0, s , +, ≤ ) the standard interpretation of integers. { Z + } ⊂ Mod(Th( Z + )) 34

Examples 3. Uninterpreted function symbols. Σ = (Ω, Pred) M = Σ-alg: the class of all Σ-structures The theory of uninterpreted function symbols is Th(Σ-alg) the family of all first-order formulae which are true in all Σ-algebras. 4. Lists. Σ = ( { car/1, cdr/1, cons/2 } , ∅ ) 8 car(cons( x , y )) ≈ x > > < F = ≈ cdr(cons( x , y )) y > > : cons(car( x ), cdr( x )) ≈ x Mod( F ): the class of all models of F Th Lists = Th(Mod( F )) theory of lists (axiomatized by F ) 35

Decidable theories Σ = (Ω, Pred) be a signature. M : class of Σ-algebras. T = Th( M ) is decidable iff there is an algorithm which, for every closed first-order formula φ , can decide (after a finite number of steps) whether φ is in T or not. F : class of (closed) first-order formulae. The theory T = Th(Mod( F )) is decidable iff there is an algorithm which, for every closed first-order formula φ , can decide (in finite time) whether F | = φ or not. 36

Examples Undecidable theories • Peano arithmetic A Axiomatized by: x ¬ ( x + 1 ≈ 0) (zero) A A x y ( x + 1 ≈ y + 1 → x ≈ y (successor) A A F [0] ∧ ( x ( F [ x ] → F [ x + 1]) → xF [ x ]) (induction) A x ( x + 0 ≈ x ) (plus zero) A x , y ( x + ( y + 1) ≈ ( x + y ) + 1) (plus successor) A x , y ( x ∗ 0 ≈ 0) (times zero) A x , y ( x ∗ ( y + 1) ≈ x ∗ y + x ) (times successor) E 3 ∗ y + 5 > 2 ∗ y expressed as z ( z � = 0 ∧ 3 ∗ y + 5 ≈ 2 ∗ y + z ) Intended interpretation: ( N , { 0, 1, +, ∗} , {≈ , ≤} ) (does not capture true arithmetic by G¨ odel’s incompleteness theorem) • Th(( Z , { 0, 1, +, ∗} , {≤} )) • Th(Σ-alg) 37

Examples In order to obtain decidability results: • Restrict the signature • Enrich axioms • Look at certain fragments 38

Examples In order to obtain decidability results: • Restrict the signature • Enrich axioms • Look at certain fragments Decidable theories • Presburger arithmetic decidable in 3EXPTIME [Presburger’29] Signature: ( { 0, 1, + } , {≈ , ≤} ) (no ∗ ) Axioms { (zero), (successor), (induction), (plus zero), (plus successor) } • Th( Z + ) Z + = ( Z , 0, s , +, ≤ ) the standard interpretation of integers. 39

Examples In order to obtain decidability results: • Restrict the signature • Enrich axioms • Look at certain fragments Decidable theories • The theory of real numbers (with addition and multiplication) is decidable in 2EXPTIME [Tarski’30] 40

Examples In order to obtain decidability results: • Restrict the signature • Enrich axioms • Look at certain fragments 41

Problems T : first-order theory in signature Σ; L class of (closed) Σ-formulae Given φ in L , is it the case that T | = φ ? Common restrictions on L Pred = ∅ { φ ∈ L | T | = φ } A L = { xA ( x ) | A atomic } word problem A L = { x ( A 1 ∧ . . . ∧ A n → B ) | A i , B atomic } uniform word problem Th A Horn A L = { xC ( x ) | C ( x ) clause } clausal validity problem Th A ,cl A L = { x φ ( x ) | φ ( x ) unquantified } universal validity problem Th A E L = { xA 1 ∧ . . . ∧ A n | A i atomic } unification problem Th E A E L = { xA 1 ∧ . . . ∧ A n | A i atomic } unification with constants Th x A E 42

T -validity T first-order theory in signature Σ; L class of (closed) Σ-formulae Common restrictions on L Pred = ∅ { φ ∈ L | T | = φ } A L = { x ( A 1 ∧ . . . ∧ A n → B ) | A i , B atomic } uniform word problem Th A Horn A L = { xC ( x ) | C ( x ) clause } clausal validity problem Th A ,cl A L = { x φ ( x ) | φ ( x ) unquantified } universal validity problemTh A Remarks: • T -validity for Th ,cl decidable iff T -validity for Th decidable A A • For convex theories: T -validity for Th ,Horn decidable iff T -validity for Th ,cl decidable. A A 43

Convex theories Definition A first-order Σ-theory T is Σ 0 -convex (Σ 0 ⊆ Σ) iff n m ^ _ whenever T | = A i → B j , where A 1 , . . . , A n are Σ-atoms, i =1 j =1 and B 1 , . . . , B m are Σ 0 -atoms n ^ there exists k ∈ { 1, . . . , m } such that T | A i → B k , = i =1 Examples: LI ( Q ) – theory of rational numbers with linear arithmetic: 1. LI ( Q ) is convex with respect to equality atoms, i.e. n ^ _ ^ t i ≈ t ′ A i → t k ≈ t ′ if LI ( Q ) | = A i → i then LI ( Q ) | = k for some k i j i =1 2. LI ( Q ) is not convex with respect to inequality atoms: LI ( Q ) | = x ≤ y ∨ y ≤ x but Q �| = x ≤ y and Q �| = y ≤ x . 3. Theories axiomatized by sets of Horn clauses are convex 4. Any theory T such that Mod( T ) closed under products is convex. 44

T -validity vs. T -satisfiability T -validity: Let T be a first-order theory in signature Σ Let L be a class of (closed) Σ-formulae Given φ in L , is it the case that T | = φ ? Remark: T | = φ iff T ∪ ¬ φ unsatisfiable Every T -validity problem has a dual T -satisfiability problem: T -satisfiability: Let T be a first-order theory in signature Σ Let L be a class of (closed) Σ-formulae ¬L = {¬ φ | φ ∈ L} Given ψ in ¬L , is it the case that T ∪ ψ is satisfiable? 45

T -validity vs. T -satisfiability Common restrictions on L / ¬L L ¬L A E { xA ( x ) | A atomic } { x ¬ A ( x ) | A atomic } A E { x ( A 1 ∧ . . . ∧ A n → B ) | A i , B atomic } { x ( A 1 ∧ . . . ∧ A n ∧¬ B ) | A i , B atomic } x W L i | L i literals } x V L ′ A E { { i | L ′ i literals } A E { x φ ( x ) | φ ( x ) unquantified } { x φ ′ ( x ) | φ ′ ( x ) unquantified } validity problem for universal formulae ground satisfiability problem 46

T -validity vs. T -satisfiability Common restrictions on L / ¬L L ¬L A E { xA ( x ) | A atomic } { x ¬ A ( x ) | A atomic } A E { x ( A 1 ∧ . . . ∧ A n → B ) | A i , B atomic } { x ( A 1 ∧ . . . ∧ A n ∧¬ B ) | A i , B atomic } x W L i | L i literals } x V L ′ A E { { i | L ′ i literals } A E { x φ ( x ) | φ ( x ) unquantified } { x φ ′ ( x ) | φ ′ ( x ) unquantified } validity problem for universal formulae ground satisfiability problem In what follows we will focus on the problem of checking the satisfiability of conjunctions of ground literals 47

SMT tools SAT problems Given: conjunction φ of prop. clauses Task: check if φ satisfiable Method: DPLL • deterministic choices first unit resolution pure literal assignment • case distinction (splitting) • heuristics selection criteria for splitting backtracking conflict-driven learning 48

SMT tools SAT problems SMT problems Given: conjunction φ of prop. clauses Given: conjunction φ of clauses Task: check if φ | = T ⊥ Task: check if φ satisfiable Method: DPLL Method: DPLL( T ) • deterministic choices first • Boolean assignment found unit resolution using DPLL • ... and checked for T -satisfiability pure literal assignment • case distinction (splitting) • the assignment can be partial • heuristics and checked before splitting selection criteria for splitting • usual heuristics are used: backtracking non-chronological backtracking conflict-driven learning learning 49

SMT tools SAT problems SMT problems Given: conjunction φ of prop. clauses Given: conjunction φ of clauses Task: check if φ satisfiable Task: check if φ | = T ⊥ Method: DPLL( T ) Method: DPLL • deterministic choices first • Boolean assignment found unit resolution using DPLL pure literal assignment • ... and checked for T -satisfiability • case distinction (splitting) • the assignment can be partial • heuristics and checked before splitting • usual heuristics are used: selection criteria for splitting backtracking non-chronological backtracking conflict-driven learning learning Systems implementing such specialized satisfiability problems: Yices, Barcelogic Tools, CVC lite, haRVey, Math-SAT,... are called (S)atisfiability (M)odulo (T)heory solvers. 50

T -satisfiability vs. Constraint Solving The field of constraint solving also deals with satisfiability problems But be careful: • in constraint solving one is interested if a formula is satisfiable in a given, fixed model of T . • in T -satisfiability one is interested if a formula is satisfiable in any model of T at all. 51

Useful theories Many example of theories in which ground satisfiability is decidable: • The empty theory (no axioms) UIF (Σ) • linear (rational or integer) arithmetic • theories axiomatizing common datatypes (lists, arrays) • algebraic counterparts of modal logics (Boolean algebras with operators) 52

Useful theories Example 1: McCarthy’s theory of arrays. Sorts: a (arrays), i (index) and e (elements) Functions: write : a × i × e → a, read : a × i → e Axioms: read(write( a , i , e ), i ) = e i � = j → read(write( a , i , e ), j ) = read( a , j ) A a = b ↔ i (read( a , i ) = read( b , i )) - the full first-order theory of arrays is undecidable - the ground satisfiability problem is decidable (in NP) 53

Useful theories Example 2: The theory of acyclic lists Axioms: car(cons( x , y ) = x cdr(cons( x , y ) = y cons(car( x ), cdr( x )) = x t ( x ) � = x t contains only cons - the full first-order theory is decidable (but non-elementary) - the ground satisfiability problem is decidable (in PTIME) 54

Useful theories Example 2: The theory of acyclic lists Axioms: car(cons( x , y ) = x cdr(cons( x , y ) = y cons(car( x ), cdr( x )) = x t ( x ) � = x t contains only cons - the full first-order theory is decidable (but non-elementary) - the ground satisfiability problem is decidable (in PTIME) 55

Tractability Main issue: Reduce the search space Here: Datalog Locality 56

Example 1: Deductive Databases Deductive database Inference rules: Facts: Query: 57

Example 1: Deductive Databases Deductive database Example: reachability in graphs S ( x ) R ( x ) E ( x , y ) Inference rules: R ( x ) R ( y ) Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) Query: R ( d ) b S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) c a d 58

Example 1: Deductive Databases Deductive database Example: reachability in graphs S ( x ) R ( x ) E ( x , y ) Inference rules: R ( x ) R ( y ) Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) Query: R ( d ) b S ( a ), E ( a , c ), E ( a , d ), E ( c , d ), E ( b , c ), c R ( a ) a d 59

Example 1: Deductive Databases Deductive database Example: reachability in graphs S ( x ) R ( x ) E ( x , y ) Inference rules: R ( x ) R ( y ) Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) Query: R ( d ) b S ( a ), E ( a , c ), E ( a , d ), E ( c , d ), E ( b , c ), c R ( a ), R ( c ) a d 60

Example 1: Deductive Databases Deductive database Example: reachability in graphs S ( x ) R ( x ) E ( x , y ) Inference rules: R ( x ) R ( y ) Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) Query: R ( d ) b S ( a ), E ( a , c ), E ( a , d ), E ( c , d ), E ( b , c ), c R ( a ), R ( c ), R ( d ) a d 61

Example 1: Deductive Databases Deductive database �→ Datalog (Horn clauses, no function symbols) S ( x ) → R ( x ) R ( x ) ∧ E ( x , y ) → R ( y ) Inference rules: | {z } set K of Horn clauses Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) | {z } set F of ground atoms Query: R ( d ) | {z } ground atom G F | K ∪ F | K ∪ F ∪ ¬ G | = ⊥ = K G iff = G iff 62

Example 1: Deductive Databases Deductive database �→ Datalog (Horn clauses, no function symbols) Inference rules: S ( x ) → R ( x ) R ( x ) ∧ E ( x , y ) → R ( y ) | {z } set K of Horn clauses Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) | {z } set F of ground atoms Query: R ( d ) | {z } ground atom G S ( a ) S ( x ) → R ( x ) R ( a ) E ( a , c ) R ( x ) ∧ E ( x , y ) → R ( y ) R ( c ) E ( c , d ) R ( x ) ∧ E ( x , y ) → R ( y ) Ex: R ( d ) 63

Example 1: Deductive Databases Deductive database �→ Datalog (Horn clauses, no function symbols) S ( x ) → R ( x ) R ( x ) ∧ E ( x , y ) → R ( y ) Inference rules: | {z } set K of Horn clauses Facts: S ( a ), E ( a , c ), E ( c , d ), E ( d , c ), E ( b , c ) | {z } set F of ground atoms Query: R ( d ) | {z } Necessary: instances of Rules containing ground atom G ground. terms in Facts, Query S ( a ) S ( x ) → R ( x ) R ( a ) E ( a , c ) R ( x ) ∧ E ( x , y ) → R ( y ) R ( c ) E ( c , d ) R ( x ) ∧ E ( x , y ) → R ( y ) Ex: R ( d ) 64

Example 2: A theory of doubly-linked lists Reasoning about doubly-linked lists cf. also [Necula, McPeak 2005] A p ( p � = null ∧ p .next � = null → p .next.prev = p ) A p ( p � = null ∧ p .prev � = null → p .prev.next = p ) ∧ c � =null ∧ c .next � =null ∧ d � =null ∧ d .next � =null ∧ c .next= d .next ∧ c � = d | = ⊥ 65

Example 2: A theory of doubly-linked lists Reasoning about doubly-linked lists cf. also [Necula, McPeak 2005] ( c � =null ∧ c .next � =null → c .next.prev= c ) ( c .next � =null ∧ c .next.next � =null → c .next.next.prev= c .next) ( d � =null ∧ d .next � =null → d .next.prev= d ) ( d .next � =null ∧ d .next.next � =null → d .next.next.prev= d .next) ∧ c � =null ∧ c .next � =null ∧ d � =null ∧ d .next � =null ∧ c .next= d .next ∧ c � = d | = ⊥ 66

Local Reasoning K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C ⇐ = always ⇒ = locality 67

Local Reasoning K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C Local theories [Givan, McAllester’92] capture PTIME 68

Local Reasoning K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C Local theories [Givan, McAllester’92] capture PTIME Many examples (also for the equational case) 8 - theory of free function symbols s ( x ) = y → p ( y ) = x > > < - theory of successor / predecessor p ( y ) = x → s ( x ) = y > > : s ( x ) = s ( y ) → x = y - theory of lists with cons, car, cdr - a theory of lattices [Skolem 1920] 69

� � Locality, tractability K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C K local theory � � � � � [McAllester et al.’92,’93] � � � � � � � [Basin, Ganzinger’96] Horn theory of K in PTIME Saturation 70

Locality, tractability, embeddability K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C ⇐ = always ⇒ = locality K [ C ] ∧ ¬ C has model ⇒ K ∪ ¬ C has model. All terms → ֒ Subterms of C Subterms of C 71

� � � Locality, tractability, embeddability K set of Horn clauses; K is local, if for ground Horn clauses C , K | iff K [ C ] | = C = C [Ganzinger’01] � Emb( K ) K local theory � � � ����������� � � [Skolem’20] � [McAllester et al.’92,’93] � � � � � � � [Evans’53,Burris’95] [Basin, Ganzinger’96] Horn theory of K in PTIME Saturation 72

Structure • Reasoning in standard theories Preliminaries: Logic, theories, models Decidable logical theories and theory fragments Tractability • Reasoning in combinations of theories disjoint signature non-disjoint signature • Theory extensions • Applications 73

Reasoning in combinations of theories A Here: L = { xC ( x ) | C ( x ) clause } We focus on the following (equivalent) problems: • T -validity of clauses • T -satisfiability of (existentially quantified) conjunctions of literals where T is a combination of theories 74

Problems The combined decidability problem • let T i be a first-order theory in signature Σ i For i = 1, 2 • assume the T i -validity problem for universal formulae is decidable L T 2 be a combination of T 1 and T 2 Let T 1 Question: L T 2 -validity problem for universal formulae decidable? Is the T 1 75

Problems The combined decidability problem • let T i be a first-order theory in signature Σ i For i = 1, 2 • assume the T i ground satisfiability problem is decidable L T 2 be a combination of T 1 and T 2 Let T 1 Question: L T 2 ground satisfiability problem decidable? Is the T 1 76

Goal: Modularity Modular Reasoning Example: T 0 : Σ 0 -theory. lists ( R ) ∪ arrays ( R ) T 1 T 0 T 2 T i : Σ i -theory; T 0 ⊆ T i Σ 0 ⊆ Σ i . Can use provers for T 1 , T 2 as blackboxes to prove theorems in T 1 ∪ T 2 ? Which information needs to be exchanged between the provers? 77

The combined decidability problem L T 2 defined? Main issue: How is T 1 Here: put together the axioms Syntactic view: T 1 + T 2 = T 1 ∪ T 2 ⊆ F Σ 1 ∪ Σ 2 ( X ) Mod( T 1 ∪ T 2 ) = {A ∈ (Σ 1 ∪ Σ 2 )-alg | A | = G , for all G in T 1 ∪ T 2 } where Σ 1 ∪ Σ 2 = (Ω 1 , Pred 1 ) ∪ (Ω 2 , Pred 2 ) = (Ω 1 ∪ Ω 2 , Pred 1 ∪ Pred 2 ) 78

The combined decidability problem L T 2 defined? Main issue: How is T 1 Here: put together the axioms Syntactic view: T 1 + T 2 = T 1 ∪ T 2 ⊆ F Σ 1 ∪ Σ 2 ( X ) Mod( T 1 ∪ T 2 ) = {A ∈ (Σ 1 ∪ Σ 2 )-alg | A | = G , for all G in T 1 ∪ T 2 } where Σ 1 ∪ Σ 2 = (Ω 1 , Pred 1 ) ∪ (Ω 2 , Pred 2 ) = (Ω 1 ∪ Ω 2 , Pred 1 ∪ Pred 2 ) Semantic view: Let M i = Mod( T i ), i = 1, 2 M 1 + M 2 = {A ∈ (Σ 1 ∪ Σ 2 )-alg | A | Σ i ∈ M i for i = 1, 2 } 79

The combined decidability problem L T 2 defined? Main issue: How is T 1 Here: put together the axioms Syntactic view: T 1 + T 2 = T 1 ∪ T 2 ⊆ F Σ 1 ∪ Σ 2 ( X ) Mod( T 1 ∪ T 2 ) = {A ∈ (Σ 1 ∪ Σ 2 )-alg | A | = G , for all G in T 1 ∪ T 2 } where Σ 1 ∪ Σ 2 = (Ω 1 , Pred 1 ) ∪ (Ω 2 , Pred 2 ) = (Ω 1 ∪ Ω 2 , Pred 1 ∪ Pred 2 ) A ∈ Mod( T 1 ∪ T 2 ) iff A ∈ M 1 + M 2 Semantic view: Let M i = Mod( T i ), i = 1, 2 M 1 + M 2 = {A ∈ (Σ 1 ∪ Σ 2 )-alg | A | Σ i ∈ M i for i = 1, 2 } 80

Combinations of theories Definition. A theory is consistent if it has at least one model. Question: Is the union of two consistent theories always consistent? Answer: No. (Not even when the two theories have disjoint signatures) Σ 1 = (Ω 1 , ∅ ), Σ 2 = ( { c /0, d /0 } , ∅ ), c , d �∈ Ω 1 Example: E T 1 = { x , y , z ( x �≈ y ∧ x �≈ z ∧ y �≈ z ) } A T 2 = { x ( x ≈ c ∨ x ≈ d ) } A ∈ Mod( T 1 ) | A | ≥ 3. iff B ∈ Mod( T 2 ) iff | A | ≤ 2. 81

Combinations of theories • let T i be a first-order theory in signature Σ i For i = 1, 2 • s.t. the ground satisfiability problem for T i is decidable Question: Is the ground decidability problem for T 1 ∪ T 2 decidable? 82

Combinations of theories For i = 1, 2 • let T i be a first-order theory in signature Σ i • s.t. the ground satisfiability problem for T i is decidable Question: Is the ground decidability problem for T 1 ∪ T 2 decidable? In general: No (restrictions needed for affirmative answer) Theorem [Bonacina, Ghilardi et.al, IJCAR 2006] There are theories T 1 , T 2 with disjoint signatures and decidable ground satis- fiability problem such that ground satisfiability in T 1 ∪ T 2 is unsatisfiable. Idea: It is undecidable whether a constraint Γ 1 is satisfiable in an infinite model of T 1 . If T 2 has only infinite models then the ground satisfiability problem for T 1 ∪ T 2 requires exactly that. 83

Combination of theories over disjoint signatures The Nelson/Oppen procedure Given: T 1 , T 2 first-order theories with signatures Σ 1 , Σ 2 Assume that Σ 1 ∩ Σ 2 = ∅ (share only ≈ ) P i decision procedures for satisfiability of ground formulae w.r.t. T i φ quantifier-free formula over Σ 1 ∪ Σ 2 Task: Check whether φ is satisfiable w.r.t. T 1 ∪ T 2 Note: Restrict to conjunctive quantifier-free formulae φ �→ DNF ( φ ) DNF ( φ ) satisfiable in T iff one of the disjuncts satisfiable in T 84

Example [Nelson & Oppen, 1979] Theories R theory of rationals Σ R = {≤ , +, − , 0, 1 } ≈ L Σ L = { car, cdr, cons } ≈ theory of lists E theory of equality (UIF) Σ: free function and predicate symbols ≈ 85

Example [Nelson & Oppen, 1979] Theories R theory of rationals Σ R = {≤ , +, − , 0, 1 } ≈ L theory of lists Σ L = { car, cdr, cons } ≈ E ≈ theory of equality (UIF) Σ: free function and predicate symbols Problems: A 1. R∪L∪E | = x , y ( x ≤ y ∧ y ≤ x +car(cons(0, x )) ∧ P ( h ( x ) − h ( y )) → P (0)) 2. Is the following conjunction: c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d )) ∧ ¬ P (0) satisfiable in R ∪ L ∪ E ? 86

An Example R L E {≤ , +, − , 0, 1 } { car, cdr, cons } F ∪ P Σ Axioms x + 0 ≈ x car(cons( x , y )) ≈ x x − x ≈ 0 cdr(cons( x , y )) ≈ y at( x ) ∨ cons(car( x ), cdr( x )) ≈ x (univ. + is A , C quantif.) ≤ is R , T , A ¬ at(cons( x , y )) x ≤ y ∨ y ≤ x x ≤ y → x + z ≤ y + z Is the following conjunction: c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d )) ∧ ¬ P (0) satisfiable in R ∪ L ∪ E ? 87

Step 1: Purification Given: φ conjunctive quantifier-free formula over Σ 1 ∪ Σ 2 Task: Find φ 1 , φ 2 s.t. φ i is a pure Σ i -formula and φ 1 ∧ φ 2 equivalent with φ f ( s 1 , . . . , s n ) ≈ g ( t 1 , . . . , t m ) �→ u ≈ f ( s 1 , . . . , s n ) ∧ u ≈ g ( t 1 , . . . , t m ) f ( s 1 , . . . , s n ) �≈ g ( t 1 , . . . , t m ) �→ u ≈ f ( s 1 , . . . , s n ) ∧ v ≈ g ( t 1 , . . . , t m ) ∧ u �≈ v ( ¬ ) P ( . . . , s i , . . . ) �→ ( ¬ ) P ( . . . , u , . . . ) ∧ u ≈ s i ( ¬ ) P ( . . . , s i [ t ], . . . ) �→ ( ¬ ) P ( . . . , s i [ t �→ u ], . . . ) ∧ u ≈ t where t ≈ f ( t 1 , . . . , t n ) Termination: Obvious Correctness: φ 1 ∧ φ 2 and φ satisfiable in exactly the same models of T 1 ∪ T 2 88

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d )) ∧ ¬ P (0) 89

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d )) ∧ ¬ P (0) | {z } c 1 90

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P (0) | {z } | {z } c 1 c 2 91

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 92

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) 93

Step 1: Purification c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) satisfiable satisfiable satisfiable 94

Step 2: Propagation c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) deduce and propagate equalities between constants entailed by components 95

Step 2: Propagation c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) c 1 ≈ c 5 96

Step 2: Propagation c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) c 1 ≈ c 5 c 1 ≈ c 5 c ≈ d 97

Step 2: Propagation c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) c 1 ≈ c 5 c 1 ≈ c 5 c ≈ d c ≈ d c 3 ≈ c 4 98

Step 2: Propagation c ≤ d ∧ d ≤ c + car(cons(0, c )) ∧ P ( h ( c ) − h ( d ) ) ∧ ¬ P ( 0 ) |{z} | {z } |{z} |{z} c 5 c 1 c 3 c 4 | {z } c 2 R L E c ≤ d c 1 ≈ car(cons( c 5 , c )) P ( c 2 ) d ≤ c + c 1 ¬ P ( c 5 ) c 2 ≈ c 3 − c 4 c 3 ≈ h ( c ) c 5 ≈ 0 c 4 ≈ h ( d ) c 1 ≈ c 5 c 1 ≈ c 5 c ≈ d c ≈ d c 3 ≈ c 4 c 2 ≈ c 5 ⊥ 99

The Nelson-Oppen algorithm φ conjunction of literals Step 1. Purification T 1 ∪ T 2 ∪ φ �→ ( T 1 ∪ φ 1 ) ∪ ( T 2 ∪ φ 2 ): where φ i is a pure Σ i -formula and φ 1 ∧ φ 2 is equisatisfiable with φ . Step 2. Propagation. The decision procedure for ground satisfiability for T 1 and T 2 fairly exchange information concerning entailed unsatisfiability of constraints in the shared signature i.e. clauses over the shared variables. until an inconsistency is detected or a saturation state is reached. 100