Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. - - PowerPoint PPT Presentation

automated theorem proving 2 4 first order theorem proving
SMART_READER_LITE
LIVE PREVIEW

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. - - PowerPoint PPT Presentation

Sep 18, 2023 490 likes •1.04k views

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 23, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk. Available for

slide-1
SLIDE 1

Automated Theorem Proving 2/4: First-Order Theorem Proving

A.L. Lamprecht

Course Program Semantics and Verfication 2020, Utrecht University

September 23, 2020

slide-2
SLIDE 2

Lecture Notes

“Automated Reasoning” by Gerard A.W. Vreeswijk. Available for download on the course website. My slides are largely based on them.

slide-3
SLIDE 3

In This Course

  • Propositional theorem proving (last Monday),

Chapter 2 of the lecture notes

  • First-order theorem proving (today),

Chapter 3 of the lecture notes

  • Clause sets and resolution (next Monday),

Chapters 4 and 5 of the lecture notes

  • Satisfiability checkers, SAT/SMT (next Wednesday),

Chapter 6 of the lecture notes, additional material

slide-4
SLIDE 4

Recap: Propositional Theorem Proving

  • The nature of theorem proving.
  • Searching for counterexamples, refutation trees, semantic

tableaux.

  • Turning refutation trees into proofs.
  • NP-completeness of propositional theorem proving.
slide-5
SLIDE 5

Recap FOL

This lecture assumes familiarity with the syntax and semantics of first-order logics. In particular:

  • well-formed formulas,
  • interpretation of constants,
  • scope of a quantifier,

function symbols and predicate symbols,

  • free and bound variables,
  • interpretation of well-formed formulas,
  • closed well-formed formulas (sentences),
  • variable assignments,
  • fair substitutions,
  • first-order models,
  • first-order domains,
  • first-order countermodels

(Recap was homework.)

slide-6
SLIDE 6

Recap FOL

  • Predicate logic: first-order logic without further restrictions on

the semantics of the of the formulas

  • Completeness of predicate logic has been proven.
  • Church’s thesis on computability, connecting algorithms and

symbol-manipulating mechanisms.

  • Undecidability of predicate logic has been proven.
  • Semi-decidability of predicate logic: There exist algorithms

that prove precisely all formulas that are valid in the predicate

  • logic. (Basis of ATP!)
  • Incompleteness of arithmetic: Any first-order logic that is

expressive as arithmetic cannot be axiomatized.

slide-7
SLIDE 7

Recap FOL

  • “first order”: quantifiers range over variables
  • “second order”: quantifiers can also range over predicate

variables

  • ...
  • Higher-order logics are more difficult to manage.
  • Most higher-order theories can be translated into first-order

theories.

  • FOL suffices for the expression of most mathematical theories.
  • Dealing with FOL is difficult enough.
  • Most efforts of ATP research in this area.
slide-8
SLIDE 8

Reduction Rules for FOL

(Additional) refutation rules that describe how quantified formulas can be made true or false: Reduction rules for building a refutation tree If (∀x)φ, then φ[t/x] for all terms t. If (∀x)φ is false, then φ[c/x] is false for some constant c. If (∃x)φ, then φ[c/x] for some constant c. If (∃x)φ is false, then φ[t/x] is false for all terms t.

slide-9
SLIDE 9

FOL Proofs: Idea

The idea behind making a universal statement (∀x)(P) true is that we make all instances true, one at a time: (∀x)(P) ≡ (∀x)(P) ∧ P[a/x] (spawn formula with t = a) ≡ (∀x)(P) ∧ P[a/x] ∧ P[b/x] (spawn with t = b) ≡ (∀x)(P) ∧ P[a/x] ∧ P[b/x] ∧ P[f (a)/x] (spawn with t = f (a)) ≡ (∀x)(P) ∧ P[a/x] ∧ P[b/x] ∧ P[f (a)/x] ∧ P[f (b)/x] (spawn with t = f (b)) . . .

slide-10
SLIDE 10

Herbrand Domain

  • (∀x)p on the LHS may generate a potentially infinite number
  • f different terms.
  • A ground term is a term without variables.
  • The Herbrand domain of a formula is the set of all possible

ground terms that can be made with constants and function symbols that occur in the formula.

  • If a term has no constants, then a fresh constant c0 is used to

prevent the Herbrand domain from being empty.

  • Generalizable to sets of formulas and terms.
slide-11
SLIDE 11

Herbrand Domain (Examples)

Set of formulas Constants and Herbrand domain and terms function symbols {(∀x)(p x, a)} {a} {a} {(∀x)(pf (x), a)} {a, f } {a, f (a), f (f (a)), . . .} {(∀x)(pf (x))} {f } {c0, f (c0), f (f (c0)), . . .} {(∀x)(pg(x, y))} {g} {c0, g(c0, c0), g(g(c0, c0), c0), . . .} {(∀x)(pg(x, y)), qf (c3)} {f , g, c3} {c3, f (c3), g(c3, c3), g(f (c3), c3), g(c3, f (c3)), f (g(c3, c3)), g(g(c3, c3), c3), . . .}

slide-12
SLIDE 12

Exercise

Determine the Herbrand domain of the following formulas.

1 Px, a 2 (∀x)(Px ⊃ Qf (x), a) 3 Rg(f (x), y), z

slide-13
SLIDE 13

Solution

1 D(Px, a) = {a} 2 D((∀x)Px ⊃ Qf (x), a) = {f n(a)|n ≥ 0} =

{a, f (a), f (f (a)), . . .}

3 D(Rg(f (x), y), z) is the set H such that c0 ∈ H, f (t) ∈ H if

t ∈ H, and g(t1, t2) ∈ H if {t1, t2} ⊆ H. I.e., H = {c0, f (c0), g(c0, c0), f (c0), f 2(c0), f (g(c0, c0)), . . ..

slide-14
SLIDE 14

Analytic Refutation Rules for FOL

Previous rules, plus:

slide-15
SLIDE 15

Gentzen System for FOL

Previous rules, plus:

slide-16
SLIDE 16

FOL Reduction and Complexity

  • Reduction rules of propositional logic reduce the complexity of

the formula (sub-formula property).

  • “left-∀” and “right-∃” lack this property, they do not reduce

the complexity of the formula they operate on.

  • In fact, reductions may go on forever and branches may grow

indefinitely, which is inherent to the undecidability of predicate logic.

  • However, never-ending scenarios are a worst-case scenario.
  • In many cases, it is possible to guess with substitutions must

be made to steer the refutation to an end.

slide-17
SLIDE 17

Cases

In the following we will look at FOL theorem proving with:

  • No functions and no equality
  • Functions and no equality
  • Functions and equality
slide-18
SLIDE 18

No Functions and No Equality

  • If a sentence contains no function and no equality symbols, its

Herbrand domain is a finite but non-empty set of constants.

  • Set may grow, but does not do so excessively.
  • It is no problem to substitute all variables and constants that

have been encountered in the refutation so far.

slide-19
SLIDE 19

Example: (∀x)(p x) ⊢ pa

  • Only applicable rule: left-∀
  • Herbrand domain: {a}, thus t = a
slide-20
SLIDE 20

Example: p ⊢ (∀x)(qx)

Only applicable rule: right-∀, with a fresh constant c1: LHS ∩ RHS = ∅, so that we have found a counterexample model M with domain D = {1}, such that c1 and all other constants are mapped to 1, and Predicate Extension p true q ∅

slide-21
SLIDE 21

Example: (∀x)(p x) ⊢ (∃x)(p x)

  • Two reductions possible: “left-∀,” and “right-∃”.
  • For both, need to choose a term from the Herbrand domain.
  • No such term, since the Herbrand domain of is empty.
  • Use an arbitrary constant c0 to kick off the refutation:
slide-22
SLIDE 22

Example: (∃x)(p x) ⊢ (∀x)(p x)

Refutation of the converse direction: Counterexample model M with: Predicate Extension p {c1} and domain D = {1, 2}, such that c1 and c2 are interpreted as 1 and 2. Then M | = p(c1) but M p(c2).

slide-23
SLIDE 23

Many-on-One Variants of left-∀ and right-∃

Instead of using “left-∀” and “right-∃,” use:

  • “left+-∀”, meaning one or more applications of “left-∀”,
  • “right+-∃”, meaning one or more applications of “right-∃”.

Do not enable reductions that would otherwise be impossible, but can reduce the size of the refutation trees.

slide-24
SLIDE 24

Example

slide-25
SLIDE 25

Sound- and Completeness

  • Soundness: if a sequent is falsifiable, then all refutation trees

for that sequent have at least one branch that cannot be closed.

  • Completeness: if a sequent is valid (i.e., not falsifiable), then

every refutation tree closes.

  • Sound- and completeness: a sequent is valid if and only if all

refutations close.

  • Proof sketch in the lecture notes.
slide-26
SLIDE 26

Functions (No Equality)

  • Function symbols complicate theorem proving, because it is

possible to produce many terms with the help of only a few function symbols: HerbrandDomain(pf (a)) = {a, f (a), f (f (a)), f (f (f (a))), . . .}

  • All terms thus generated could, in principle, be used by left-∀
  • r right-∃ as long as at least one branch remains open.
slide-27
SLIDE 27

Example

  • Situation: two constants a and b, and a one-place function

symbol f .

  • The formula (∀x)(p x) may be “unfolded” as follows:

(∀x)(p x) ≡ (∀x)(p x) ≡ (∀x)(p x) ∧ pa ≡ (∀x)(p x) ∧ pb ∧ pa ≡ (∀x)(p x) ∧ pf (a) ∧ pb ∧ pa ≡ (∀x)(p x) ∧ pf (b) ∧ pf (a) ∧ pb ∧ pa ≡ (∀x)(p x) ∧ pf (f (a)) ∧ pf (b) ∧ pf (a) ∧ pb ∧ pa ≡ (∀x)(p x) ∧ . . . ∧ pf (f (a)) ∧ pf (b) ∧ pf (a) ∧ pb ∧ pa

slide-28
SLIDE 28

Number of Generated Formulas

  • Problem: left+-∀ or right+-∃ do not reduce the formula they
  • perate on.
  • Candidate terms in a general first-order language:

c1, x1, f 1

1 (c1), f 1 1 (x1), c2, x2, f 1 1 (c2), f 1 1 (x2), f 1 2 (c1), f 1 2 (x1), . . .

  • Countably infinite, but it will take a while to encounter the

right terms to close a refutation tree (if at all possible).

  • But: counterexamples need only be constructed from the

Herbrand domain of the formula!

slide-29
SLIDE 29

Example: (∀x)(p x ⊃ pf (x)); pa ⊢ pf (f (a))

  • Herbrand domain (infinite): {a, f (a), f (f (a)), . . .}
  • Impossible to substitute all terms at once.
  • Take care when applying left+-∀ or right+-∃
slide-30
SLIDE 30
slide-31
SLIDE 31

Naive Refutation

  • For us (humans) it is often obvious which terms to pick.
  • A naive algorithm would proceed differently (example):
slide-32
SLIDE 32

Free-Variable Substitutions

  • (Human) strategy: postpone term substitutions until we see

an opportunity to close a branch.

  • When encountering a left-∀, for instance, do not substitute a

specific term, but instead mark it with a place-holder, i.e., a fresh variable vi (and replace later).

  • Advantage: rules out left+-∀ and right+-∃.
  • Problem 1: Unclear if this works when branches split.
  • Problem 2: left-∃ and right-∀ become problematic, since they

need fresh constants.

slide-33
SLIDE 33

Skolem Functions

  • Solution to Problem 2: Indicate that constants on a branch

with postponed substitutions v1, . . . , vn depend on the value

  • f v1, . . . , vn.
  • For example, if a branch contains the constants a, d, e and

pending variables v1, . . . , vn, do not introduce a fresh constant c, but a fresh function ς, and indicate that ς depends on v1, . . . , vn by writing ς(v1, . . . , vn).

  • I.e. run proofs with fresh variables vi and fresh function

symbols ςi.

slide-34
SLIDE 34

Analytic Refutation Rules for FOL with Postponed Substitutions

slide-35
SLIDE 35

Example: (∃w, ∀x)(Rx, w, f (x, w)) ⊢ (∃w, ∀x, ∃y)(Rx, w, y)

slide-36
SLIDE 36

Example (cont’d)

The last node of the refutation tree has the predicate R on the left and on the right, and the branch would close if these predicates were equal, i.e, if v2 = ς2(v1), ς1 = v1, and f (v2, ς1) = v3. This can be realized with the substitution ς1/v1, ς2(ς1)/v2, f (ς2(ς1), ς1)/v3:

slide-37
SLIDE 37

Exercise

Prove the following sequents with semantic tableaux with postponed substitutions.

1 (∀x)(p x) ⊢ (∀x)(p x) 2 (∃x)[p x ⊃ (∀x)(p x)]

slide-38
SLIDE 38

Solution (1)

Two possible solutions:

slide-39
SLIDE 39

Solution (2)

slide-40
SLIDE 40

Unification

  • With free-variable substitutions, we need an algorithm that

computes for us if two terms can be made equal, and if so, how.

  • The process of trying to make two terms equal is called

unification.

  • Unification is an important process in ATP because it also

plays an important role in resolution.

Definition (Unification)

A unification of terms t1 and t2 is a substitution σ that makes t1σ and t2σ syntactically equal.

slide-41
SLIDE 41

Difference between Terms

The differences between two terms t1 and t2 can be expressed by a set D = {(s1

1, s1 2), . . . , (sn 1, sn 2)}

  • f pairs of terms, such that
  • si

1 = si 2

  • Every si

1 is a sub-term of t1 and every si 2 is a sub-term of t2.

  • The terms t′

1 and t′ 2 that are created when all si j ’s are replaced

by a similar token are syntactically equal.

  • All the si

j ’s are as large as possible.

slide-42
SLIDE 42

Unification Algorithm

slide-43
SLIDE 43

Unification Example

Let t1 = g(f (h(b), y), h(c)), t2 = g(f (z, d), h(h(x))) The differences between t1 and t2 are s1

1, s1 2 = h(b), z

s2

1, s2 2 = y, d

s3

1, s3 2 = c, h(x)

If we would like to unify t1 and t2, then h(b) should be equal to z, y should be equal to d, and c should be equal to h(x). The first two requirements can be fulfilled by the (partial) substitution h(b)/z and d/y. The third requirement cannot be fulfilled, however,because s3

1 is a

constant while s3

2 starts with a function symbol.

slide-44
SLIDE 44

Exercise

Explain why the unification algorithm always halts. (Hint: consider the total number of variables in t1 and t2.)

slide-45
SLIDE 45

Solution

  • The total number of variables is finite.
  • The algorithm chooses a pair of terms in each iteration.
  • It will either halt the procedure (because not reasonable

substitution is possible), or substitute (eliminate) one of the variables to make the terms equal, possibly up until the point where the input terms are unified.

  • Thus, if it never halts within the iteration, the loop condition

will eventually be false and the algorithm will thus terminate.

slide-46
SLIDE 46

Functions and Equality

  • Almost all realistic problems involve equalities.
  • Unfortunately, equality makes things rather complicated...
  • Additional rules for dealing with equality:
slide-47
SLIDE 47

Functions and Equality

  • Important: The left and right replacement rules are

directional, permit only the left-to-right use of equalities.

  • Further, the predicate P can be the equality predicate itself.
  • Sound and complete (proof out of scope).
slide-48
SLIDE 48

Example (proof of transitivity of =)

slide-49
SLIDE 49

Exercise

Prove the following formulas by refutation. (Function and predicate substitution are not needed.)

1 Symmetry: (∀x)((∀y)(x = y ⊃ y = x)) 2 Existential reflexivity: (∀x)((∃y)(x = y))

slide-50
SLIDE 50

Solution (1)

  • (∀x)((∀y)(x = y ⊃ y = x))

(replace quantified x by a new constant, ς1) |

  • (∀y)(ς1 = y ⊃ y = ς1)

(replace quantified y by a new constant, ς2) |

  • ς1 = ς2 ⊃ ς2 = ς1

(right-⊃) | ς1 = ς2 ◦ ς2 = ς1 (right replacement of ς1 with ς1 = ς2) | ς1 = ς2 ◦ ς2 = ς2 (left replacement of ς1 with ς1 = ς2) | ς2 = ς2 ◦ ς2 = ς2 ×

slide-51
SLIDE 51

Solution (2)

  • (∀x)((∃y)(x = y))

(replace quantified x by a new constant, ς1) |

  • (∃y)(ς1 = y)

(replace quantified y by the same constant, ς1. [We work with conventional tableaus.]) |

  • ς1 = ς1

(left-= with ς1) | ς1 = ς1 ◦ ς1 = ς1 ×

slide-52
SLIDE 52

Heuristics

  • Moving from propositional to first order logic: gain of

expressive power at the price of proof complexity.

  • Equalities make it even worse.
  • Heuristics needed to prioritize the schedule of logic operations.
  • “Guidelines” for the ATP algorithm to decide which branches

to explore first, which sequents to analyze first, and which term-substitutions to make first.

slide-53
SLIDE 53

In This Course

  • Propositional theorem proving (last Monday),

Chapter 2 of the lecture notes

  • First-order theorem proving (today),

Chapter 3 of the lecture notes

  • Clause sets and resolution (next Monday),

Chapters 4 and 5 of the lecture notes

  • Satisfiability checkers, SAT/SMT (next Wednesday),

Chapter 6 of the lecture notes, additional material

slide-54
SLIDE 54

Homework

The following homework exercises are useful to review today’s content in preparation for the next lecture:

  • Sec. 3.6 Problem 2 (c)-(d) (page 72)
  • Sec. 3.8 Problems 2–3 (pages 75/76)