![Page 1: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/1.jpg)
ENS Paris-Saclay
2019 - 2020
Logical Aspects of AI
Lecture 3 - Combining decision procedures
Sylvain Conchon
LRI (UMR 8623), Universite Paris-SudEquipe Toccata, INRIA Saclay – Ile-de-France
1
![Page 2: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/2.jpg)
Road map
Lecture 3
1. Theory Combination
2. Quantifiers
3. Extra material
2
![Page 3: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/3.jpg)
THEORY COMBINATION
![Page 4: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/4.jpg)
Combination of Theories
In CDCL(T), the theory T is usually combination of theories
For instance,
x+ 2 = y ⇒ f(read(write(a, x, 3), y − 2)) = f(y − x+ 1)
4
![Page 5: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/5.jpg)
Union of theories
Given two signatures Σ1 and Σ2, and two consistent theories T1and T2 over Σ1 and Σ2, respectively
I Is the union T1 ∪ T2 consistent?
Undecidable in the general case
I Can we build a decision procedure for T1 ∪ T2 from decisionprocedures of T1 and T2?
Methods exist only for restricted classes of theories
5
![Page 6: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/6.jpg)
Union of theories
Given two signatures Σ1 and Σ2, and two consistent theories T1and T2 over Σ1 and Σ2, respectively
I Is the union T1 ∪ T2 consistent?
Undecidable in the general case
I Can we build a decision procedure for T1 ∪ T2 from decisionprocedures of T1 and T2?
Methods exist only for restricted classes of theories
5
![Page 7: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/7.jpg)
Union of theories
Given two signatures Σ1 and Σ2, and two consistent theories T1and T2 over Σ1 and Σ2, respectively
I Is the union T1 ∪ T2 consistent?
Undecidable in the general case
I Can we build a decision procedure for T1 ∪ T2 from decisionprocedures of T1 and T2?
Methods exist only for restricted classes of theories
5
![Page 8: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/8.jpg)
Union of theories
Given two signatures Σ1 and Σ2, and two consistent theories T1and T2 over Σ1 and Σ2, respectively
I Is the union T1 ∪ T2 consistent?
Undecidable in the general case
I Can we build a decision procedure for T1 ∪ T2 from decisionprocedures of T1 and T2?
Methods exist only for restricted classes of theories
5
![Page 9: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/9.jpg)
Union of theories
Given two signatures Σ1 and Σ2, and two consistent theories T1and T2 over Σ1 and Σ2, respectively
I Is the union T1 ∪ T2 consistent?
Undecidable in the general case
I Can we build a decision procedure for T1 ∪ T2 from decisionprocedures of T1 and T2?
Methods exist only for restricted classes of theories
5
![Page 10: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/10.jpg)
Robinson Joint Consistency Theorem
Given two consistent theories T1 and T2 over Σ1 and Σ2,respectively
Theorem:
T1 ∪ T2 is not consistent if there exists a formula ϕ over Σ1 ∩ Σ2
such that T1 |= ϕ and T2 |= ¬ϕ
6
![Page 11: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/11.jpg)
Union of Disjoint Theories
When Σ1 and Σ2 are disjoints signatures
Theorem [Tinelli]:
T1 ∪ T2 is consistent if T1 and T2 have a infinite model
7
![Page 12: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/12.jpg)
Lowenheim-Skolem Upward Theorem
Given a signature Σ and a theory T over Σ.
Theorem:
If T has an infinite model of cardinality κ, then T has a model ofcardinality κ′, for any κ′ ≥ κ
I used to align cardinalities of models
I useful to prove completeness of combination methods
8
![Page 13: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/13.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1).
9
![Page 14: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/14.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1).
9
![Page 15: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/15.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1).
9
![Page 16: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/16.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1).
9
![Page 17: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/17.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1).
9
![Page 18: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/18.jpg)
Union of Disjoint Theories
Proof. Let A1 and A2 models of T1 and T2, respectively
By the Lowenheim-Skolem Upward theorem, if T1 and T2 have aninfinite model then they also have models of any infinite cardinality.We can thus assume that A1 and A2 have the same cardinality.
By the Joint Consistency theorem, if T1 ∪ T2 is not consistent thenthere exists a formula ψ such that A1 |= ψ et A2 |= ¬ψ (1).
Now, as Σ1 and Σ2 are disjoint, T1 ∩ T2-formulas can only beequational formulas, that is ψ only contains literals of the formx = y or x 6= y.
It is a well-known result in model theory that the reducts of anytwo models to the empty signature are isomorphic when they havethe same cardinality (any one-to-one correspondence works)
Consequently, either A1 and A2 are model of ψ or neither of themdoes, which contradicts (1). 9
![Page 19: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/19.jpg)
Naive Combination of Decision Procedures
Assume T1 is the theory of (integer) arithmetic and T2 the theoryof arrays, defined by the following axioms
v[i← e][i] = ei 6= j ⇒ v[i← e][j] = v[i]
Is the following formula ψ (T1 ∪ T2)-satisfiable?
v[i← v[j]][i] 6= v[i] ∧ i+ j ≤ 2j ∧ j + 4i ≤ 5i
10
![Page 20: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/20.jpg)
Naive Combination of Decision Procedures
First step : decompose ψ in two pure formulas ψ1 and ψ2 of T1and T2
ψ1 = v[i← v[j]][i] 6= v[i]ψ2 = i+ j ≤ 2j ∧ j + 4i ≤ 5i
11
![Page 21: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/21.jpg)
Naive Combination of Decision Procedures
ψ1 = v[i← v[j]][i] 6= v[i]ψ2 = i+ j ≤ 2j ∧ j + 4i ≤ 5i
Second step : use the decision procedures of T1 and T2 todetermine the satisfiability of ψ1 and ψ2, respectively
I ψ1 is satisfiable
I ψ2 is satisfiable
But is ψ satisfiable?
12
![Page 22: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/22.jpg)
Naive Combination of Decision Procedures
ψ1 = v[i← v[j]][i] 6= v[i]ψ2 = i+ j ≤ 2j ∧ j + 4i ≤ 5i
Second step : use the decision procedures of T1 and T2 todetermine the satisfiability of ψ1 and ψ2, respectively
I ψ1 is satisfiable
I ψ2 is satisfiable
But is ψ satisfiable?
12
![Page 23: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/23.jpg)
Naive Combination of Decision Procedures
ψ1 = v[i← v[j]][i] 6= v[i]ψ2 = i+ j ≤ 2j ∧ j + 4i ≤ 5i
Second step : use the decision procedures of T1 and T2 todetermine the satisfiability of ψ1 and ψ2, respectively
I ψ1 is satisfiable
I ψ2 is satisfiable
But is ψ satisfiable?
12
![Page 24: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/24.jpg)
Naive Combination of Decision Procedures
ψ1 = v[i← v[j]][i] 6= v[i]ψ2 = i+ j ≤ 2j ∧ j + 4i ≤ 5i
Second step : use the decision procedures of T1 and T2 todetermine the satisfiability of ψ1 and ψ2, respectively
I ψ1 is satisfiable
I ψ2 is satisfiable
But is ψ satisfiable?
12
![Page 25: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/25.jpg)
Naive Combination of Decision Procedures
ψ = v[i← v[j]][i] 6= v[i] ∧ i+ j ≤ 2j ∧ j + 4i ≤ 5i
ψ is unsatisfiable
Proof.
i+ j ≤ 2j ∧ j + 4i ≤ 5i implies i = j
v[i← v[j]][i] 6= v[i] ∧ i = j implies v[i] 6= v[i]
The problem is that ψ1 and ψ2 are not independent, they aresharing variables and the equality predicate
Solution: compute the implied formula i = j
13
![Page 26: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/26.jpg)
Naive Combination of Decision Procedures
ψ = v[i← v[j]][i] 6= v[i] ∧ i+ j ≤ 2j ∧ j + 4i ≤ 5i
ψ is unsatisfiable
Proof.
i+ j ≤ 2j ∧ j + 4i ≤ 5i implies i = j
v[i← v[j]][i] 6= v[i] ∧ i = j implies v[i] 6= v[i]
The problem is that ψ1 and ψ2 are not independent, they aresharing variables and the equality predicate
Solution: compute the implied formula i = j
13
![Page 27: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/27.jpg)
Naive Combination of Decision Procedures
ψ = v[i← v[j]][i] 6= v[i] ∧ i+ j ≤ 2j ∧ j + 4i ≤ 5i
ψ is unsatisfiable
Proof.
i+ j ≤ 2j ∧ j + 4i ≤ 5i implies i = j
v[i← v[j]][i] 6= v[i] ∧ i = j implies v[i] 6= v[i]
The problem is that ψ1 and ψ2 are not independent, they aresharing variables and the equality predicate
Solution: compute the implied formula i = j
13
![Page 28: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/28.jpg)
Craig Interpolation Theorem
Given two pure formulas ϕ1 and ϕ2 over Σ1 and Σ2, respectively
Theorem:
If ϕ1 ∧ ϕ2 is T1 ∪ T2-unsatisfiable then there exists a sentence ψover Σ1 ∩ Σ2 such that
1) |=T1 ϕ1 ⇒ ψ
2) ϕ2 ∧ ψ is T2-unsatisfiable
I ψ is an interpolant
Computing interpolants is the basis of combination methods likeNelson-Oppen
14
![Page 29: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/29.jpg)
Craig Interpolation Theorem
Given two pure formulas ϕ1 and ϕ2 over Σ1 and Σ2, respectively
Theorem:
If ϕ1 ∧ ϕ2 is T1 ∪ T2-unsatisfiable then there exists a sentence ψover Σ1 ∩ Σ2 such that
1) |=T1 ϕ1 ⇒ ψ
2) ϕ2 ∧ ψ is T2-unsatisfiable
I ψ is an interpolant
Computing interpolants is the basis of combination methods likeNelson-Oppen
14
![Page 30: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/30.jpg)
Nelson-Oppen (NO) Combination Methods
Let Σ1 and Σ2 two disjoint signatures
Input. ψ a conjunction of literals over Σ1 ∪ Σ2
Step 1. Purify ψ into a equisatisfiable formula ψ1 ∧ ψ2 such thatψi ∈ Σi
Step 2. Guess a partition of the variables of ψ1 and ψ2. Express itas a conjunction of literals ϕ.
Example. The partition {x1}, {x2, x3}, {x4} is representedas x1 6= x2, x1 6= x4, x2 6= x4, x2 = x3
Step 3. Decide whether ψi ∧ ϕ is satisfiable by using individualdecision procedures
Output. yes if all the decision procedures return yes, no otherwise
15
![Page 31: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/31.jpg)
NO in Practice
A simple and elegant correctness proof of NO has been given byTinelli and Harandi in 1996
Correctness becomes an issue for deterministic and efficientimplementations
I purification with term sharing
I deducing the equalities to be shared
I theory state normalization
I deduction by lookup
I Relevant equation selection
I etc.
16
![Page 32: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/32.jpg)
Deterministic Combination Algorithm
We present a deterministic version of NO at a description levelhigh-enough to enjoy a simple correctness proof, and low-enoughto describe crucial implementation details
I The algorithm is described as a set of inference rules
I Specific rules for optimizations
I Strategies as regular expressions
I Shostak pattern for efficient deduction
17
![Page 33: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/33.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 34: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/34.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 35: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/35.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 36: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/36.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 37: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/37.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 38: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/38.jpg)
NO : State of the Algorithm
The internal state of the algorithm is represented by configurationsof the form
〈V | ∆ | Γ | Φ1, . . . ,Φn〉
I Γ is a set of literals of the form a = b or a 6= b, where a and bare terms in the union of theories T1 ∪ · · · ∪ Tn
I ∆ is a set of literals of the form x = y or x 6= y, where x andy are variables
I Each Φi is a set equations of the form x = a where x is avariable and a is a term in Ti
I V is a set of variables that appear in Γ and ∆
We also use the symbol ⊥ as a configuration
18
![Page 39: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/39.jpg)
Purification
Abstract〈V | ∆ | Γ ] {a = b} | . . . ,Φi, . . .〉
〈V ∪ {z} | ∆ | Γ ∪ {a[π 7→ z] = b} | . . . ,Φi ∪ {z = aπ}, . . .〉
where aπ ∈ Ti and z is a fresh variable
Share〈V | ∆ | Γ ] {a = b} | Φ1, . . . ,Φn〉
〈V | ∆ | Γ ∪ {a[π 7→ z] = b} | Φ1, . . . ,Φn〉
where aπ ∈ Ti and z is a fresh variable and Φi,∆ |=Ti z = aπ
19
![Page 40: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/40.jpg)
Equality Propagation
Arrange〈V | ∆ | Γ ] {x ./ y} | Φ1, . . . ,Φn〉〈V | ∆ ∪ {x ./ y} | Γ | Φ1, . . . ,Φn〉
Deduct〈V | ∆ | Γ | Φ1, . . . ,Φn〉
〈V | ∆ ∪ x = y | Γ | Φ1, . . . ,Φn〉
if Φi,∆ |=Ti x = y and ∆ 6|= x = y
Contradict〈V | ∆ | Γ | Φ1, . . . ,Φn〉
⊥if Φi ∧∆ is not Ti-satisfiable
20
![Page 41: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/41.jpg)
Example
f(x) = x ∧ f(2x− f(x)) 6= x
V ∆ Γ Φ1 Φ2 Rulef(x) = x
x ∅ f(2x− f(x)) 6= x ∅ ∅y = x
x, y ∅ f(2x− f(x)) 6= x y = f(x) ∅ Ab1
x, y y = x f(2x− f(x)) 6= x y = f(x) ∅ Arx, y y = x f(2x− y) 6= x y = f(x) ∅ Sh1
x, y, z y = x f(z) 6= x y = f(x) z = 2x− y Ab2
x, y, z, u y = x u 6= xy = f(x)u = f(z)
z = 2x− y Ab1
x, y, z, uy = xu 6= x
∅ y = f(x)u = f(z)
z = 2x− y Ar
x, y, z, uy = xu 6= xz = x
∅ y = f(x)u = f(z)
z = 2x− y De2
⊥ Co121
![Page 42: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/42.jpg)
Convex Theories
Rule Deduct is applicable only if a theory can always infer aunique equality from Φi ∧∆. This property is called convexity
Convex Theories.
A theory T is convex if and only if for all finite set Γ of literals,and for all non-empty disjunction
∨i∈I xi = yi of variables
Γ |=T∨i∈I
xi = yi iff Γ |=T xi = yi for some i ∈ I
22
![Page 43: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/43.jpg)
Convexity
Some theories are convex
I Linear rational arithmeticI Equational theories
Many theories are not convex
I Linear integer arithmetic
y = 1, z = 2, 1 ≤ x ≤ 2 |= x = y ∨ x = z
I Non linear arithmetic
x2 = 1, y = 1, z = −1 |= x = y ∨ x = z
I Theory of Bit-vectors
I Theory of Arrays
v1 = a[i← v2][j], v3 = a[j] |= v1 = v2 ∨ v1 = v3
23
![Page 44: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/44.jpg)
Correctness (I)
A configuration 〈V | ∆ | Γ | Φ1, . . . ,Φn〉 is satisfiable if theformula Γ ∧ Φ1 ∧ · · · ∧ Φn ∧∆ is satisfiable. ⊥ is unsatisfiable
Satisfiability of a conjunction of literals Γ is thus equivalent to thesatisfiability of the initial configuration 〈V | ∅ | Γ | ∅〉
We write C ⇒ C′ if the configuration C can be reduced to C′ byone of the inference rules. A configuration that cannot be reducedis called irreducible. It is proper if it is not ⊥
Theorem [Correctness]
A set of literals Γ is satisfiable iff there exists an irreducible andproper configuration C such that 〈V | ∅ | Γ | ∅〉 ⇒∗ C.
24
![Page 45: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/45.jpg)
Correctness: Termination
Theorem
The reduction relation ⇒ is terminating
Proof.
We consider the measure (|Γ|, |∆|) on configurations defined by
I |Γ| is the sum total of sizes of its termsI |∆| is the number of equivalence classes represented by ∆
Notice that given a fix number of variables, the ordering on |∆| iswell-founded (there is only a finite number of classes)
It is immediate to see that
I |Γ| decreases by Abstract and ArrangeI |Γ| is constant by Deduct and |∆| decreases
25
![Page 46: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/46.jpg)
Correctness (III): Finite Models
Assume T1 is a Σ1-theory whose models have at most 2 elements,and T2 is a Σ2-theory admitting models of any cardinality
I Let f ∈ Σ1 and g ∈ Σ2 such that
6|=T1 ∀x, y.f(x) = f(y) and 6|=T2 ∀x, y.g(x) = g(y)
(f and g are not constant functions)I Let Γ = {f(x) 6= f(y), g(x) 6= g(z), g(y) 6= g(z)}
Running NO from 〈V | ∅ | Γ | ∅〉, we reach the final configuration
〈V ′ | ∆ | ∅ | Φ1,Φ2〉
with∆ = {x1 6= y1, x2 6= z2, y2 6= z2}Φ1 = {x1 = f(x), y1 = f(y)}Φ2 = {x2 = g(x), y2 = g(y), z2 = g(z)}
26
![Page 47: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/47.jpg)
Correctness (III): Finite Models (cont)
x and y are the only variables shared variables, and only x = y orx 6= y can be shared
I x = y is impossible since the procedure would have reach ⊥I with x 6= y, ∆ ∪ Φ1 and ∆ ∪ Φ2 are satisfiables, but it is
straightforward to check that
Γ |=T1∪T2 x 6= y ∧ x 6= z ∧ y 6= z
Γ is thus unsatisfiable since T1 ∪ T2 (as T1) has only modelswith at most 2 elements.
NO is unsound for theories with finite models only
27
![Page 48: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/48.jpg)
Correctness (IV): Stably Infinite Theories
NO can only combine decision procedures for theories that haveinfinite models
Stably Infinite Theories
A theory T is stably infinite if every T -satisfiable formula issatisfiable in an infinite model
Example. Theories with only finite models are not stably infinite
∀x, y, z. x = y ∨ x = z ∨ y = z
This condition also ensures that union of two consistent, disjoint,stably infinite theories is consistent
28
![Page 49: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/49.jpg)
Correctness (V): Tinelli-Harandi’s theorem
An arrangement ∆(V ) of a set of variables V is a set of formulasof the form x = y or x 6= y such that for all pairs of variablesx, y ∈ V we have ∆(V ) |= x = y or ∆(V ) |= x 6= y
Given two stably-infinite theories T1 and T2 over two disjointsignatures Σ1 and Σ2
Theorem[Tinelli-Harandi (1996)]
Let Φ1 and Φ2 two sets of Σ1 and Σ2-literals. Let V be the set ofthe variables shared by Φ1 and Φ2, and ∆(V ) an arrangement onV . If Φ1 ∧∆(V ) is T1-satisfiable and Φ2 ∧∆(V ) is T2-satisfiablethen Φ1 ∧ Φ2 is (T1 ∪ T2)-satisfiable
29
![Page 50: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/50.jpg)
Correctness (VI): Irreducible
Lemma Every proper irreducible configuration is satisfiable
Proof. Let 〈V | ∆ | Γ | Φ1, . . . ,Φn〉 be such a configuration.
Since Abtract and Arrange cannot be applied, Γ is empty.Since Contradict does not apply, ∆ ∧ Φi is Ti-satisfiable. If∆(V ) is an arrangement then Tinelli-Harandi’s Theorem finishesthe proof. Otherwise, let ∆′ = ∆ ∪ {x1 6= y1, . . . , xk 6= yk} themaximal satisfiable extension of ∆ such that ∆ 6|= xi 6= yi. ∆′(V )is an arrangement and ∆′ |= ∆.
If Φi ∧∆′ is not Ti-satisfiable then Φi |=Ti ∆+ −→ ¬∆− ∨ δ whereδ is the clause x1 = y1 ∨ · · · ∨ xk = yk and ∆+ (resp. ∆−)(dis)equations of ∆. Since Ti is convex, Φi |=Ti, ∆+ −→ x = ywhere x = y ∈ ¬∆− ∨ δ. Since Deduct does not apply, we have∆ |= x = y and (since ∆ |= ∆−) ∆ |= δ, which contradict thesatisfiability of ∆′
30
![Page 51: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/51.jpg)
Correctness (VII): Final Proof
Lemma [Equisatisfiability]
If C ⇒ C′ then C and C′ are equisatisfiables
Theorem [Correctness]
A set of literals Γ is satisfiable iff there exists an irreducible andproper configuration C such that 〈V | ∅ | Γ | ∅〉 ⇒∗ C.
Proof.
It suffices to prove that a configuration C is satisfiable if and only ifthere exists a proper irreducible configuration C′ such that C ⇒∗ C′.
By induction over the terminating relation ⇒.
If C is irreducible, we conclude by the Lemma on irreducibility. If Creduces to C′ then C′ is equisatisfiable and we conclude by theinduction hypothesis on C′.
31
![Page 52: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/52.jpg)
Non-Convex Theories (I)
We first adapt Deduct for dealing with disjunctions of equalities
Deduct〈V | ∆ | Γ | Φ0, . . . ,Φn〉〈V | ∆ ∪ δ | Γ | Φ0, . . . ,Φn〉
if Φi,∆ |=Ti δ qand ∆ 6|= δ
where δ is a disjunction of equalities between variables
32
![Page 53: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/53.jpg)
Non-Convex Theories (II)
We also add a branching rule
Branch〈V | ∆ ] {x1 = y1 ∨ · · · ∨ xk = yk} | Γ | Φ0, . . . ,Φn〉
〈V | ∆ ∪ {xi = yi} | Γ | Φ0, . . . ,Φn〉
if ∆ 6|= xi = yi (1 ≤ i ≤ k)
The correctness proof requires only a small number ofmodifications
33
![Page 54: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/54.jpg)
Splitting on Demand
Case splits for non-convex theories can be lifted to the SAT solver
When Mode = search
T-LearnM |=T
∨xi = yi xi and yi are shared variables
F := F ∪ {∨xi = yi}
34
![Page 55: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/55.jpg)
Delayed Theory Propagation
I Nondeterministic NO
I Create a set of interface equalities x = y between sharedvariables
I Use SAT solver to guess the partition
Main disavantages
I The number of additional equality literals is quadratic in thenumber of shared variables
I Extension to quantified formulas
35
![Page 56: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/56.jpg)
Model-Based Theory Combination
Instead of propagating disjunctions when
Γ |=T u1 = v1 ∨ . . . un = vn
Use a candidate model M of T that satisfies Γ and propagate allequalities implied by M
if M |= T ∧ Γ ∧ ui = vi then propagate ui = vi
If other theories do not agree with that choice, then backtrack tofix the model
I In practive, the number of inter-theory equalities that matteris small, but intra-theory equalities does matter
I Backtracking is usually cheapI Limit the number of equalities implied by M
36
![Page 57: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/57.jpg)
Efficient Deduction of Implied Equalities
In rule Deduct, when the theory is convex, we have to find a pairof new variables (x, y) such that
∆,Φi |=Ti, x = y
Generic Solution:
For every pair of variables (x, y), use the decision procedure of Tito check whether ∆ ∪ Φi ∪ {x 6= y} is Ti-satisfiable
This solution may be very expensive; for some convex theories thereexists efficient algorithms for computing new implied equalities.
For that, the decision procedures maintain a union-find datastructure on terms such that a new equality x = y can beefficiently deduced by checking that find(x) = find(y) is true.
37
![Page 58: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/58.jpg)
State Normalization
To maintain its union-find data structure the decision procedureuses a normalization function (which is theory dependent). Anormalization step is represented by the relation
(∆,Φi)� (∆,Φ′i)
Intuitively, Φi can be simplified, with the use of ∆, into a “more”normalized equivalent set Φ′i.
Three conditions are necessary
1. The relation � must be terminating
2. Φi ∧∆ and Φ′i ∧∆ must be equisatisfiable3. Completeness of �:
if Φi,∆ |=Ti x = y and ∆ 6|= x = y then there exists Φ′i suchthat (Φi,∆)�∗ (Φ′i,∆) and {x = t, y = t} ⊆ Φ′i
Norm〈V | ∆ | Γ | . . . ,Φi, . . .〉〈V | ∆ | Γ | . . . ,Φ′i, . . .〉
if (∆,Φ)� (∆,Φ′)
38
![Page 59: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/59.jpg)
State Normalization
To maintain its union-find data structure the decision procedureuses a normalization function (which is theory dependent). Anormalization step is represented by the relation
(∆,Φi)� (∆,Φ′i)
Intuitively, Φi can be simplified, with the use of ∆, into a “more”normalized equivalent set Φ′i.
Three conditions are necessary
1. The relation � must be terminating2. Φi ∧∆ and Φ′i ∧∆ must be equisatisfiable
3. Completeness of �:if Φi,∆ |=Ti x = y and ∆ 6|= x = y then there exists Φ′i suchthat (Φi,∆)�∗ (Φ′i,∆) and {x = t, y = t} ⊆ Φ′i
Norm〈V | ∆ | Γ | . . . ,Φi, . . .〉〈V | ∆ | Γ | . . . ,Φ′i, . . .〉
if (∆,Φ)� (∆,Φ′)
38
![Page 60: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/60.jpg)
State Normalization
To maintain its union-find data structure the decision procedureuses a normalization function (which is theory dependent). Anormalization step is represented by the relation
(∆,Φi)� (∆,Φ′i)
Intuitively, Φi can be simplified, with the use of ∆, into a “more”normalized equivalent set Φ′i.
Three conditions are necessary
1. The relation � must be terminating2. Φi ∧∆ and Φ′i ∧∆ must be equisatisfiable3. Completeness of �:
if Φi,∆ |=Ti x = y and ∆ 6|= x = y then there exists Φ′i suchthat (Φi,∆)�∗ (Φ′i,∆) and {x = t, y = t} ⊆ Φ′i
Norm〈V | ∆ | Γ | . . . ,Φi, . . .〉〈V | ∆ | Γ | . . . ,Φ′i, . . .〉
if (∆,Φ)� (∆,Φ′)
38
![Page 61: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/61.jpg)
State Normalization
To maintain its union-find data structure the decision procedureuses a normalization function (which is theory dependent). Anormalization step is represented by the relation
(∆,Φi)� (∆,Φ′i)
Intuitively, Φi can be simplified, with the use of ∆, into a “more”normalized equivalent set Φ′i.
Three conditions are necessary
1. The relation � must be terminating2. Φi ∧∆ and Φ′i ∧∆ must be equisatisfiable3. Completeness of �:
if Φi,∆ |=Ti x = y and ∆ 6|= x = y then there exists Φ′i suchthat (Φi,∆)�∗ (Φ′i,∆) and {x = t, y = t} ⊆ Φ′i
Norm〈V | ∆ | Γ | . . . ,Φi, . . .〉〈V | ∆ | Γ | . . . ,Φ′i, . . .〉
if (∆,Φ)� (∆,Φ′)38
![Page 62: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/62.jpg)
Efficient Deduction Rule
We implement ∆ as a union-find data structure and we write ∆(x)the representative of the variable x
Using state normalization, new equalities between variables can bedireclty extracted from the union-find data structure
TDeduct〈V | ∆ | Γ | . . . ,Φi ∪ {x = a, y = a}, . . .〉
〈V | ∆ ∪ {x = y} | Γ | . . . ,Φi ∪ {x = a, y = a}, . . .〉
if ∆(x) 6= ∆(y)
NO is correct if Deduct is replaces by Norm and TDeduct
39
![Page 63: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/63.jpg)
Normalization for Shostak Theories (I)
A Shostak theory T is a convex theory for which there exists acanonizer and a solver
A canonizer σ is a function that for every term u returns a uniquerepresentative σ(u) in the equivalence class of u. A canonizer mustsatisfy the following conditions:
1. T |= u = v iff σ(u) = σ(v)
2. σ(σ(u)) = σ(u)
3. if x occurs in σ(u) then x occurs in u
4. if σ(u) = u then σ(v) = v for every sub-terms v of u
40
![Page 64: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/64.jpg)
General Solutions of Equations
A general solution of a statisfiable equation u = v is a set ofequations of the triangular form
x1 = t1, . . . , xk = tk
where xi are variables occuring in u and v but not in ti, such that
|=T u = v ←→ (∃y1 . . . ym) (x1 = t1 ∧ · · · ∧ xk = tk)
where y1, . . . , ym are the ti’s variables
41
![Page 65: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/65.jpg)
Solvers
A solver for a theory T is an algorithm that takes a T -equationu = v as input, and returns unsat if this equation is notT -satisfiable, and its general solution if it is T -satisfiable
Examples of theories equipped with solvers found in practice:
linear arithmetic over the rationals, theory of records
42
![Page 66: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/66.jpg)
Normalization for Shostak Theories (II)
We use the canonizer and the solvers of a Shostak theory to bringΦ into a triangular form {x1 = t1, . . . , xk = tk}
Example:
1. Assume Φ and ∆ are of the form
Φ = {x1 = u− v, x2 = 2v − u, x3 = 2u− v, x4 = 2v}∆ = {x1 = x2}
2. Solve x1 = x2, that is u− v = 2v − u
u− v = 2v − u ⇒ {u = 3t, v = 2t}
3. Substitute u and v in Φ, and canonize the right parts
Φ′ = {x1 = t, x2 = t, x3 = 4t, x4 = 4t}
4. Apply TDeduct to infer x3 = x4
43
![Page 67: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/67.jpg)
Normalization for Shostak Theories (II)
We use the canonizer and the solvers of a Shostak theory to bringΦ into a triangular form {x1 = t1, . . . , xk = tk}
Example:
1. Assume Φ and ∆ are of the form
Φ = {x1 = u− v, x2 = 2v − u, x3 = 2u− v, x4 = 2v}∆ = {x1 = x2}
2. Solve x1 = x2, that is u− v = 2v − u
u− v = 2v − u ⇒ {u = 3t, v = 2t}
3. Substitute u and v in Φ, and canonize the right parts
Φ′ = {x1 = t, x2 = t, x3 = 4t, x4 = 4t}
4. Apply TDeduct to infer x3 = x4
43
![Page 68: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/68.jpg)
Normalization for Shostak Theories (III)
Rule Norm for a Shostak theory Ti is implemented by acombination of the following rules
Canon〈V | ∆ | Γ | . . . ,Φi ] {x = a}, . . .〉
〈V | ∆ | Γ | . . . ,Φi ∪ {x = canoni(a)}, . . .〉
if a 6= canoni(a)
Solvei〈V | Γ | ∆ | . . . ,Φi ∪ {x = a, y = b}, . . .〉
〈V | Γ | ∆ | . . . , (Φi ∪ {x = a, y = b} ∪ solve(a = b))2, . . .〉
if ∆(x) = ∆(y) and a 6= b and a = b is Ti-satisfiable
44
![Page 69: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/69.jpg)
QUANTIFIERS
![Page 70: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/70.jpg)
Quantified Formulas
Consider the following axiomatization (in Alt-Ergo’s syntax) for anordering relation le
logic le: int,int -> prop
axiom refl: forall x:int. le(x,x)
axiom trans:
forall x,y,z:int. le(x,y) and le(y,z) -> le(x,z)
axiom antisym:
forall x,y:int. le(x,y) and le(y,x) -> x = y
and some goals we want to prove:
goal g1: le(2,5) and le(5,10) -> le(2,10)
goal g2:
forall a:int.
le(a,5) and le(5,8) and le(8,a) -> a=5
46
![Page 71: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/71.jpg)
Quantified Formulas
Consider the following axiomatization (in Alt-Ergo’s syntax) for anordering relation le
logic le: int,int -> prop
axiom refl: forall x:int. le(x,x)
axiom trans:
forall x,y,z:int. le(x,y) and le(y,z) -> le(x,z)
axiom antisym:
forall x,y:int. le(x,y) and le(y,x) -> x = y
and some goals we want to prove:
goal g1: le(2,5) and le(5,10) -> le(2,10)
goal g2:
forall a:int.
le(a,5) and le(5,8) and le(8,a) -> a=5
46
![Page 72: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/72.jpg)
Guiding Quantifier Instantiation
Many SMT solvers handle universal formulas through aninstantiation mechanism
Questions:
I How to find good instances to prove a goal?
I How to limit the (prohibitive) number of instances?
A possible answer: find good heuristics!
I In practice, heuristics for choosing new instances are based ontriggers : lists of patterns (terms with variables) that guide(or restrict) instantiations to known ground terms that have agiven form
47
![Page 73: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/73.jpg)
Guiding Quantifier Instantiation
Many SMT solvers handle universal formulas through aninstantiation mechanism
Questions:
I How to find good instances to prove a goal?
I How to limit the (prohibitive) number of instances?
A possible answer: find good heuristics!
I In practice, heuristics for choosing new instances are based ontriggers : lists of patterns (terms with variables) that guide(or restrict) instantiations to known ground terms that have agiven form
47
![Page 74: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/74.jpg)
Guiding Quantifier Instantiation
Many SMT solvers handle universal formulas through aninstantiation mechanism
Questions:
I How to find good instances to prove a goal?
I How to limit the (prohibitive) number of instances?
A possible answer: find good heuristics!
I In practice, heuristics for choosing new instances are based ontriggers : lists of patterns (terms with variables) that guide(or restrict) instantiations to known ground terms that have agiven form
47
![Page 75: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/75.jpg)
Guiding Quantifier Instantiation
Many SMT solvers handle universal formulas through aninstantiation mechanism
Questions:
I How to find good instances to prove a goal?
I How to limit the (prohibitive) number of instances?
A possible answer: find good heuristics!
I In practice, heuristics for choosing new instances are based ontriggers : lists of patterns (terms with variables) that guide(or restrict) instantiations to known ground terms that have agiven form
47
![Page 76: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/76.jpg)
Triggers: Example
If P(x) is used as trigger in the following axiom ax1
logic P,Q,R: int -> prop
axiom ax1: forall x:int. (P(x) or Q(x)) -> R(x)
goal g3: P(1) -> R(1)
goal g4: Q(2) -> R(2)
then, among the set of known terms {P(1), R(1), P(2), R(2)},only P(1) can be used to create the following instance of ax1
( P(1) or Q(1) ) -> R(1)
which implies that only goal g3 is proved
48
![Page 77: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/77.jpg)
Explicit Triggers
SMT solvers’ input syntax provides the possibility for a user tospecify its own triggers
For instance, in Alt-Ergo, the list of terms [f(x), Q(y)] is anexplicit trigger for the following axiom ax2
logic P,Q,R: int -> prop
logic f: int -> int
axiom ax2:
forall x,y:int [f(x), Q(y)].
P(f(x)) and Q(y) -> R(x)
49
![Page 78: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/78.jpg)
Matching
We use a matching algorithm to create new instances of universalformulas
Given a ground term t and a pattern p, the matching algorithmreturns a set S of substitutions over the variables of p such that
t = σ(p) for all σ ∈ S
50
![Page 79: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/79.jpg)
Limitation of Matching
Purely syntactic matching is very limited!
Consider for instance the following formulas:
logic P,R : int -> prop
logic f : int -> int
axiom ax : forall x:int [P(f(x))]. P(f(x)) -> R(x)
goal g1 : forall a:int. P(a) -> a = f(2) -> R(2)
The trigger P(f(x)) prevents the creation of instances of axiom ax
since there is no ground term of the form P(f( )) in the problem
To prove such goals, we need to extend the matching algorithm tofind substitutions modulo (ground) equalities
51
![Page 80: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/80.jpg)
E-Matching
Given a set of ground equations E, a ground term t and a patternp, the e-matching algorithm returns a set S of substitutions overthe variables of p such that
E |= t = σ(p) for all σ ∈ S
In the previous example
logic P,R : int -> prop
logic f : int -> int
axiom ax : forall x:int [P(f(x))]. P(f(x)) -> R(x)
goal g1 : forall a:int. P(a) -> a = f(2) -> R(2)
e-matching takes advantage of ground equality a = f(2) andreturns the substitution σ = {x 7→ 2} which is used to create theinstance P(f(2)) -> R(2) of axiom ax
52
![Page 81: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/81.jpg)
Ground Terms
Known ground terms are extracted from literals assumed or impliedby the SAT solver
Instantiation based mechanisms are strongly impacted by thenumber and the relevance of known ground terms :
I more ground terms, more instances of lemmas
I irrelevant ground terms, irrelevant instances
53
![Page 82: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/82.jpg)
Ground Terms and Linear CNF
The shape of formulas to be proved, and in particular theconversion process used to produce a CNF, has a strong impact onthe number of known ground terms
Consider for instance the following formula
A ∨ (B ∧ C)
When A is assumed to be true, terms of A become known and therest of the (terms of the) formula (B ∧ C) can be ignored
However, because of the shape of the CNF conversion
(A ∨X) ∧ (X ⇔ (B ∧ C))
the SMT solver will assign a value to X (even when A is true) andterms from B and C will be considered has known terms :-(
54
![Page 83: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/83.jpg)
Ground Terms and Linear CNF
The shape of formulas to be proved, and in particular theconversion process used to produce a CNF, has a strong impact onthe number of known ground terms
Consider for instance the following formula
A ∨ (B ∧ C)
When A is assumed to be true, terms of A become known and therest of the (terms of the) formula (B ∧ C) can be ignored
However, because of the shape of the CNF conversion
(A ∨X) ∧ (X ⇔ (B ∧ C))
the SMT solver will assign a value to X (even when A is true) andterms from B and C will be considered has known terms :-(
54
![Page 84: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/84.jpg)
EXTRA MATERIAL
![Page 85: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/85.jpg)
First-Order Logic : Signature and Terms
I A signature Σ is a finite set of function and predicate symbolswith an arity
I Constants are just function symbols of arity 0
I We assume that Σ contains the binary predicate =
I We assume a set V of variables, distinct from Σ
I T (Σ,V) is the set of terms, i.e. the smallest set whichcontains V and such that f(t1, . . . , tn) ∈ T (Σ,V) whenevert1, . . . , tn ∈ T (Σ,V) and f ∈ Σ
I T (Σ, ∅) is the set of ground terms
I Terms are just trees. Given a term t and a position π in atree, we write tπ for the sub-term of t at position π. We alsowrite t[π 7→ t′] for the replacement of the sub-term of t atposition π by the term t′
56
![Page 86: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/86.jpg)
First-Order Logic : Formulas
I An atomic formula is P (t1, . . . , tn), where t1, . . . , tn are termsin T (Σ,V) and P is a predicate symbol of Σ
I Literals are atomic formulas or their negation
I Formulas are inductively constructed from atomic formulaswith the help of Boolean connectives and quantifiers ∀ and ∃
I Ground formulas contain only ground terms
I A variable is free if it is not bound by a quantifier
I A sentence is a formula with no free variables
57
![Page 87: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/87.jpg)
First-Order Logic : Models
A model M for a signature Σ is defined by
I a domain DM
I an interpretation fM for each function symbol f ∈ Σ
I a subset PM of DnM for each predicate P ∈ Σ of arity n
I an assignment M(x) for each variable x ∈ V
The cardinality of model M is the the cardinality of DM
58
![Page 88: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/88.jpg)
First-Order Logic : Semantics
Interpretation of terms:
M[x] = M(x)M[f(t1, . . . , tn)] = fM(M[t1], . . . ,M[tn])
Interpretation of formulas:
M |= t1 = t2 = M[t1] =M[t2]M |= P (t1, . . . , tn) = (M[t1], . . . ,M[tn]) ∈ PMM |= ¬F = M 6|= FM |= F1 ∧ F2 = M |= F1 and M |= F2
M |= F1 ∨ F2 = M |= F1 or M |= F2
M |= ∀x.F = M{x 7→ v} |= F for all v ∈ DMM |= ∃x.F = M{x 7→ v} |= F for some v ∈ DM
59
![Page 89: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/89.jpg)
First-Order Logic : Validity
I A formula F is satisfiable if there a model M such thatM |= F , otherwise F is unsatisfiable
I A formula F is valid if ¬F is unsatisfiable
60
![Page 90: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/90.jpg)
First-Order Logic : Theories
A first-order theory T over a signature Σ is a set of sentences
A theory is consistent if it has (at least) a model
A formula F is satisfiable in T (or T -satisfiable) if there exists amodel M for T ∧ F , written M |=T F
A formula F is T -validity, denoted |=T F , if ¬F is T-unsatisfiable
61
![Page 91: Logical Aspects of AI Lecture 3 - Combining decision ...conchon/ENSPSaclay/lecture3.pdf · Logical Aspects of AI Lecture 3 - Combining decision procedures Sylvain Conchon LRI (UMR](https://reader036.vdocuments.net/reader036/viewer/2022081614/5fc017db1157b017354212dc/html5/thumbnails/91.jpg)
Decision Procedures
A decision procedure is an algorithm used to determine whether aformula F in a theory T is satisfiable
Many decision procedures work on conjunctions of (ground) literals
62