Refutations by Matings

IEEE TRANSACTIONS ON COMPUTERS, VOL. c-25, NO. 8, AUGUST 1976

[37] R. B. Stillman, "The concept of weak substution in theorem prov-ing," J. ACM, vol. 20, pp. 648-667, Oct. 1973.

[38] G. J. Sussman and D. U. McDermott, "From Planner to Conniver-A genetic approach," in 1972 Fall Joint Comput. Conf. Proc., vol.41. Montvale, NJ, 1972, pp. 1171-1179.

[39] G. A. Wilson, "An approach to parrallel inferences and parallelsearch," Presented at the IEEE Workshop on Automated TheoremProving, Argonne, IL, June 3-5,1975.

[40] L. T. Wos, D. F. Carson, and G. A. Robinson, "Efficiency and com-pleteness of the set of support strategy in theorem proving," J. Ass.Computer Mach., vol. 12, pp. 687-697, 1965.

[411 L. T. Wos, G. A. Robinson, D. F. Carson, and L. Shalla, "The gonceptofdemodulation in theorem proving," J. ACM, vol. 14, pp.698-709.

[42] L. T. Wos, Argonne Nat. Lab., unpublished notes, approximately1965.

Gerald A. Wilson received the B.A. degreecum laude in experimental psychology fromLehigh University, Bethlehem, PA, in 1967. In

1 1972 and 1976, respectively, he received thel l lM.Sc. and Ph.D. degrees in computer sciencel3la from the University of Maryland, College

Park.During 1967 and 1968 he was on the Techni-

cal Staff of Auerbach Corporation, Philadel-. l lpha, PA. From 1968 to 1970 he served with the

U.S. Public Health Service as a Computer Spe-cialist at the National.nstitute-of-,MentalHealth,-Bethesda,MDTFrom1970 to 1975 he held a research assistantship in the Department ofComputer Science, University of Maryland, College Park. Since 1975 he

has been with the Computer Science Laboratory, Naval Research Lab-oratory, Washington, DC. He is currently doing research in the repre-sentation, management, and use of inference with very large knowledgebases, and in some applications of pattern recognition and cluster anal-ysis.

Dr. Wilson is a member of the Association for Computing Machinery,SIGART, SIGMOD, SIGCUE, Phi Kappa Phi, and an associate memberof Sigma Xi.

.j..rx<.§. - Jack Minker was born in New York, NY, onJuly 4, 1927. He received the B.A. degree cumlaude with honors in mathematics from Brook-lyn College, New York, NY, and the M.S. andPh.D. degrees in mathematics were received

E from, respectively, the University of Wisconsin,Madison, and the University of Pennsylvania,Philadelphia.

In 1967 he joined the University of Mary-land, College Park, and in 1974 became the first

Chairman of the Department ofComputer Science. Prior to joining theUniversity of Maryland he worked in industry at the Bell Aircraft Cor-poration, at RCA as Manager, Advanced Development Section, and atthe Auberbach Corporation.

Dr. Minker has served-as Chairman and Program Chairman of severalnational and international conferences, as ACM National ProgramChairman;and iscurrentlythe ACM coordinator to the NBS and AwardsChairman of the Washington DC Chapter of the ACM. He is a memberof the following societies AAAS, ACM,. ASIS, and SIAM.

Refutations by Matings

PETER B. ANDREWS

Abstract-Occurrences of literals in the initial clauses ofa ref-utation by resolution (with each clause-occurrence used only once)are mated iff their descendants are resolved with each other. Thisleads to an abstract notion of a mating as a relation between: oc-currences of literals in a set of clause-occurrences. The existenceof many refutations with the same mating leads to wasteful re-dundancy in the search for a refutation, so it is natural to focus onthe essential problem of finding appropriate matings.Matings satisfying certain conditions are called acceptable, and

it is proved that a set R of clauses has no model iff some set of oc-currences of clauses in * has an acceptable mating. A mating maybe regarded as a plan for a refutation, but once one has an accept-able plan, one need not actually carry out the refutation. Thus, anew approach to theorem proving may be based on searches foracceptable matings.

Index Terms-Automatic theorem proving, clause-occurrence,cycle, first-order logic, mating, merge, refutation, resolution, un-satisfiability.

Manuscript received August 29, 1975; revised March 18, 1976. Thisresearch was supported by the NSF under Grant DCR71-01953A04. Thispaper was presented at the IEEE Workshop on Automated Theorem-Proving, Argonne National Laboratory, Argonne, IL, June 3-5, 1975.The author is with Carnegie-Mellon University, Pittsburgh, PA 15213.

I. INTRODUCTION

IT is our purpose to isolate some of the essentialproblems of showing.that a set of clauses in first-

order logic has no model, and to avoid certain irrelevanciesassociated with traditional methods using deductions. Inthe process we may shed some new light on the ancientlogical question: "What makes a wff contradictory?." Theideas which we shall discuss grow very naturally out of theresolution method [5], with which we assume the readeris familiar. However, as in [1], we depart from the notationof [51 by regarding substitutions as functions and writingall functions to the left of their arguments.A clause is a set of literals, although we sometimes write

the clause IA,B,.- -,El as A v B v... v E. A deduction byresolution from a set eV of clauses is a sequence of clauses,each of which is in f (and is called an initial clause) or isa resolvent [5, sect. 5.11] of preceding clauses in the se-quence. Of course, a clause may occur more than once ina deduction, and we shall find it convenient to speak of

801

IEEE TRANSACTIONS ON COMPUTERS, AUGUST 1976

occurrences of clauses, or clause-occurrences. Formally,we may regard a clause-occurrence as an ordered pair(n,C), where n is a natural number and C is a clause.Similarly, we may speak of literal-occurrences. We shallsay that the literal-occurrence (i,L ) occurs in the clause-occurrence (j,C) iff i = j and L E C. For the sake ofbrevity we shall sometimes not distinguish carefully be-tween the clause-occurrence (n,C) and the clause C; sim-ilarly with literals. We denote by c (L) the clause-occur-rence in which the literal-occurrence L occurs, and writeL E c(L). If T is a set of clause-occurrences, let L(T) bethe set of literal-occurrences in members of T.We may assume that with each noninitial clause-oc-

currence in a deduction is given an explicit statement asto which preceding clause-occurrences it is a resolvent of.We shall say that a deduction is simple iff each clause-occurrence except the final one in the deduction is usedexactly once as a premise of an application of the rule ofinference. Clearly, at the cost of introducing repetitionsof clauses, starting with clauses in the set eV, each deductionfrom e can be replaced by one or more simple deductionsfrom V containing the same clauses. A simple deductioncan conveniently be represented as a tree, as in [1].

Let a simple deduction ]J from a set X of clauses begiven. If a clause C is a resolvent of clauses G and H, wemay write G = A U IB1,- - -,BP}, H = E U {-D1,. * , Dq},and C = uA U TE, where A and E are clauses and Bi andDi are atoms for each relevant i, p > 1, q > 1, a and r aresubstitutions (determined by the definition of resolvent),and aB1 = * ^ * = oBp = rD1 = **. = rDq. IfL E A (or L CE), we say that the occurrence of o-L (or -L) in C is an im-mediate descendant of the occurrence ofL in G (or in H)and that for 1 < i < p and 1 < j < q, the literals Bi and-DJ are resolved with each other. We let the descendancerelation on L (O) be the reflexive and transitive closure ofthe relation of immediate descendance, and say that twoliteral-occurrences are mated iff they have descendantswhich are resolved with each other. Let T be the set ofoccurrences of initial clauses in the deduction, and let .

= I(L,K)I L and K are in L(T) and are mated in the de-duction}. The symmetric relation JR on 1(T) is called themating of T induced by the deduction. We write LAK toindicate that (L,K) E A.Example: Let ez be the set containing clauses (1), (2),

and (3) below (taken from an example due to Quine [4]),and let T be the set of clause-occurrences containing (1),(2), (3) and (4). c is an individual constant; gis a singularyfunction constant; w, x, y, and z are individual variables.The mating of T induced by the refutation of eV givenbelow is indicated in Fig. 1 by lines drawn between matedliteral-occurrences.

(1) -Fxc v -Fxz v -Fzx.(2) F(gw)w v Fwc.(3) Fy(gy) v Fyc.(4) -Fxc v -Fxz v -Fzx 1 repeated.(5) -Fc(gc) v Fcc 1, 2.(6) Fcc 3, 5.(7) ° 4,6.

(1) - Fxc V - Fxz

(2) F (gw) w

(3)

VzFx

Fy (gy)

V FWc

(4)

Fig. 1.

The notion of a mating appears to be very natural andfundamental. The same basic idea appeared in slightlydifferent form in [2, sect. 6], before the advent of the res-olution method.One may in a similar way define the merging induced

by a simple deduction as the relation which holds betweentwo literal-occurrences in L(T) iff their descendants aremerged [1] or factored [8]. The mating and merging in-duced by a deduction are in many ways the essential fea-tures of it, and deductions with the same matings andmergings may be regarded as equivalent. In [9, theorem4.1] it is shown that the same (up to alphabetic changes offree variables) clauses are derived in equivalent deduc-tions.

If a simple deduction is a refutation (derivation of theempty clause a), every literal-occurrence in the set ofinitial clause-occurrences has a mate, and the mergingrelation can be defined in terms of the mating: two li-teral-occurrences are merged iff they have a common mate.(Note that merged literal-occurrences have exactly thesame mates.) Thus, the merging induced by a refutationis determined by the mating, and need not-be consideredindependently.The existence of many different equivalent refutations

of a set of clauses often leads to much wasteful redundancyin the search for a refutation. We wish to find ways to avoidthose theorem-proving problems which arise from theexistence of many equivalent refutations, and concentrateon the essential problem of finding appropriate matings.Thus, instead of first finding a refutation, and then seeingwhat mating it induces, it would be desirable to first finda mating which could serve as a plan for a refutation. Ofcourse, ifwe had some criterion which would assure us thatthe plan would work, then we would not actually have tofind a refutation; we would already know that the set ofclauses has no model! We shall indeed find such a criterion.First we need the concept of an abstract mating.

Definition: A mating A for a set T of clause-occur-rences is a symmetric binary relation on L (T), such thatwith each clause-occurrence C in T there is associated asubstitution 0c for individual variables such that ifK andL are literal-occurrences and KAiL, then c(K)K and 0,(L)Lare complementary literals. (Thus, in propositional cal-culus, where all literals are ground literals, we simply re-quire that mated literals be complementary.)With the aid of Fig. 2, where the required substitutions

have been made into the clause-occurrences in Fig. 1, it iseasy to see that the mating in Fig. 1 satisfies this definition.

802

ANDREWS: REFUTATIONS BY MATINGS

v

(1) F(gc) c V - F(gc) c V - Fc (gc)

(2) F (gc) c

(3) Fc(gc)

(4)

Fig. 2.

In Theorem 1 below we shall show that the "mating in-duced by a deduction" is always a mating in the sense justdefined, so the terminology should cause no confusion.

In order to find conditions on a mating which willguarantee that the set of clauses has no model, we considerconditions satisfied by matings induced by simple refu-tations. It is easy to see that such matings satisfy the fol-lowing conditions:

Condition 1: Every literal-occurrence has a mate.Condition 2: No literal is mated to a literal in the same

. clause-occurrence.Condition 1 clearly does not hold for arbitrary deduc-

tions, but holds for refutations, since a literal with no matewould have a descendant in the derived clause, which couldnot be empty. Condition 2 is due to the fact that in a simplededuction, no clause-occurrence can be resolved with itself.The mating depicted in Fig. 3 satisfies Conditions 1 and

2, but the ground clauses have a model, so some furtherconditions are needed. We note that there is a cycle (a termwhich we shall define precisely later, but whose meaningis presumably intuitively clear) in Fig. 3, so we might betempted to require that a mating have no cycles. However,the matings in Figs. 4 and 1 do contain cycles, and are

matings induced by refutations.Consideration of these and other examples suggests that

the crucial condition satisfied by the matings of Figs. 1 and4, but not by that of Fig. 3, is the following.

Condition 3: Every cycle contains merged literals.Condition 2 now becomes redundant, for it is natural todefine a cycle (as in Section II) in such a way that if li-teral-occurrences K and L from the same clause-occur-rence are mated, then K and L constitute a cycle, whichof course does not contain merged literals. Thus, Condition3 may be regarded as a strengthening of Condition 2.The mating depicted in Fig. 5 satisfies Conditions 1 and

3, but is not a mating induced by a refutation. Neverthe-less, the set of clauses has no model, which is what we really

care about. In Theorem 2 below we shall show that a setof clauses has no model iff there is a mating ofsome no4-empty finite set of occurrences of clauses in satisfyingConditions 1 and 3.

IL THE MAIN THEOREM

We now provide a precise definition of our condition onmatings, and show in Theorem 1 that the mating inducedby a refutation must be a mating which satisfies the con-

dition. This result and the lemma following it provide the

(1) P v- Q

(2) - P v Q

Fig. 3.

(1) S VP I_ _ .p V Q

(2) - S V P P v. < Q

(3)

(4)

Fig. 4.

(1) Fx V F (gu)

(2) Fy V F (gz)

(3) Fw

Fig. 5.

essential ingredients for the proof of the main theorem(Theorem 2).

Definitions: Let X be a mating of a set T of clause-occurrences.

1) A path in At is a finite or infinite sequence(L1,L2, * *) of members of L (T) such that if i is odd, thenLiJ.MLi+, and if i is even, then Li and Li+, are distinctmembers of the same clause-occurrence.

2) A cycle in A is a finite path (L1, - * ,L, ) such that zis even, and Lz and L1 are distinct members of the sameclause occurrence. (Note that if (L1,L2,L3,L4, * .*,Lz) isa cycle, then (L3,L4, * * ,LZ,L1,L2) is also a cycle. We saythat the latter cycle is obtained from the former by rota-tion.)

3) A path (L1,L2,L3, -.) contains a merge iff it hasterms Li, Lj, and Lt, with i # j, such that LiAtLt andLj.ALt.

4) A is an acceptable mating iff it satisfies each of thefollowing conditions:

a) Every literal-occurrence in L (T) has a mate.b) Every cycle contains a merge.

Theorem 1: Let O be a simple deduction by resolutionin first-order logic, let T be the set of occurrences of initialclauses in X, and let A be the mating ofT induced by 0.Then At is a mating satisfying condition b) and A is ac-ceptable ifD is a refutation.

Proof: The proof is for all D, T, and At by inductionon the number r of clause-occurrences in T. Since we havedefined the mating induced by a deduction and (abstract)matings independently, as part of the proofwe show thatthe induced mating is a mating.

If r = 1, then only one clause (which-is o ifD is a refu-tation) occurs in D, At is empty, and the theorem is va-cuously true.

If r > 1, then D must contain distinct initial clause-occurrences G and H, and a resolvent C of G and H. LetD' be the deduction obtained from D by deleting G and H,and treating C as an initial clause-occurrence. The in-

803


ductive hypothesis applies to the mating M' induced byO' of the set T' of initial clause-occurrences of O'.As in Section I, we may write G = A U {B1, . * * ,Bp}, H

= E U I D1, * * * ,Dq}, and C = oA U rE. It follows fromthe definition of the mating induced by a deduction thatno literal in A U E has a mate in G U H.We first check that A is a mating. For each Q E T', let

OQ be the substitution associated with Q by A'. Let 0G =OcO a and 0H = OCO r. Suppose K and L are literal-occur-rences such that KAtL.

Case 1: c(K) and c(L) are both in T'. Then KAt'L, soOc(K)K and 0,(L)L are complementary.

Case 2: At least one ofK or L is in G U H. By symmetrywe may assume, without loss of generality, thatK E G. IfK E A, then L G L(T n T') and (aK)At'L, so 0O(K)K =OGK = Oc(aK) and Oc(L)L are complementary. OtherwiseK=Bi forsomei <p, soL = - Dj forsomej < q, 500c(L)L= OHDj = (0cor)-Dj = Oc(-.rDj) = OC(-o-Bi) =

'(OcTu)Bi = OGBi = -Oc(K)K, so Oc(L) and Oc(K)K arecomplementary. Thus, A is a mating.Note that.L(T) = L(TTnT) U A U E U jB1, ***,Bp,

-DD1,.-., sDq . For each literal-occurrence L C£(Tn T') U A U E, define the literal-occurrence pL as fol-lows: pL = L ifL E L(TT nT'); pL is the occurrence of aLin C if L E A; pL is the occurrence of rL in C if L E E.Thus, pL C L (T'), pL is a descendant of L, and for all Kand L in the domain of p, KAL iff (pK)At' (pL).

Brief consideration of the various cases shows that ifevery member of £ (T') has a mate under ', then everymember ofL (T) has a mate under At. Thus, a) is true if YJis a refutation.To check b), suppose there is a cycle @ = (L1, ... ,Lz)

in At which does not contain a merge. First note that @must contain some literal-occurrence which is not in G UH. Otherwise @ would contain only literal-occurrences in.B1, . . ,Bp, sD1, * * *, EDq, since every literal-occurrencein @ has a mate in 0. @ also contains at least two distinctliteral-occurrences from some clause-occurrence, so @would contain a merge.By rotating @, if necessary, we may assume that L1 and

L, are not in G U H. Let (@' be the sequence obtained fromCO by deleting all literal-occurrences in B1, ...,BP,,D, * * *, Dq I from @, and replacing each literal-occur-rence L in A U E by pL (which is in C). We shall see that@' is a path in '.

Let A = fA1, *** Am and E = fE1, - * -,E}, and let *Lserve as (an ambiguous) notation for an arbitrary mate ofa literal-occurrence L. Since in a path a literal-occurrenceof a new clause-occurrence always occurs at an even termof the path, @'is obtained from @ by replacing in @ eachsubpath 13 = (Li+1,Li+2, * - *,Li+s) of @ such that i > 0, iand s are even, Li+, EC (T'), Li+s C£(T'), and Li+jE G U H for 1 < j < s, by a path 3' which is defined asfollows:

1) If S has the form (*K,K,L, *L), where K and L aredistinct members of A or distinct members of E, then 13'is (*K,pK,pL,*L).

2) If 3 has the form (*Ah,Ah,Bi, 'Dj,Ek, *Ek), then 3'is (*Ah,PAh,PEk,*Ek).

3) If 3 has the form (*Ek,Ek, 'Dj,Bi,Ah, *Ah ), then 3'is (*Ek,pEk,pAh,*Ah).Note that a path of the form (*Ah,Ah,Bi, -Dj, -Dk,

... ), where j s k, could not be a subpath of @9, since theterms -Dj, -Dk, and Bi constitute a merge. Thus, it canbe seen that every subpath 13 of @ of the specified sortmust have one of the forms 1), 2), or 3).

In case 1), if the literal-occurrences pK and pL wereidentical members of (9, then *K would be a mate (underA') ofpL as well as pK, so we would have (*K)AtL as wellas (*K)AtK, and @ would contain a merge. Thus, pK andpL are distinct literal-occurrences of (, so 3' is a path.Similarly, it can be seen that 1' is a path in cases 2) and 3),so 6 must be a path in A', and is a cycle since it has thesame ends as (9.

Every literal-occurrence in @' has the form pL for someliteral-occurrence L in (, and if (9' contained a merge(under A') consisting of terms pLi, pLj, and pLt with(pLi)At'(pLt) and (pLj)At'(pLt), then we would haveLiJALt and LjALt, so @ would contain a merge (under At).Thus, @' is a cycle in At' which contains no merge. How-ever, this contradicts the inductive hypothesis, so everycycle in A must contain a merge. This proves b) andcompletes the proof of the theorem.

If so is an assignment of truth values to atoms (i.e., afunction from the set of atoms into the set IT,F of truthvalues), and A is an atom, literal, or clause, we denote by'V,A the truth value ofA with respect to sp. This is definedin the usual way, with a clause being treated as thedisjunction of its literals. If 'V,A = T, we write F A, andsay that (p satisfies A.Lemma: IfT is a finite nonempty set of occurrences of

ground clauses which has an acceptable mating A, thenno assignment of truth values to atoms satisfies each clausein T.

Proof: Suppose there is an assignment (p of truthvalues to atoms which satisfies each clause in T. Note thatA must have an infinite path (L1,L2,L3, - - ) such that foreach i > 1, F- , Lj iff i is odd. For if C is any clause-occur-rence in T, there is some literal occurrence L1 E C suchthat F , L1. Given Li with i odd, Li has a mate Li+1 by a),and 'VfLi 1 = F since F Li by inductive hypothesis, andmated ground literals are complementary. Given Li withi even, CVLi = F by inductive hypothesis, but so satisfiesc(Li), so there is a literal-occurrence Li+, E c(Li) such thatF p Li+1; thus Li+I and Li are distinct members of the sameclause-occurrence.

Since T is finite, some subpath of this path must be acycle. To see this, note that for some even i, Li+1 must bethe same as Lj for some j < i, since F , Li+ 1 and there areonly finitely many literal-occurrences L in L(T) such thatFpOL. Since FLj,L must be odd, so (Lj,Lj+1, ***,Li) is acycle.

Choose a cycle @ = (K1, - - ,K, ) such that F z Ki iff i isodd for 1 < i < z, with z as small as possible. (Clearly 4 <z, since K1 cannot be in the same clause with its mate K2.)

Since A is acceptable, by b) @ contains terms Ki, Kj, andKt, with i # j, such that KiAtKt and Kj1AKt. Thus, CV,,K1= 'VKj, so i and j are both even or both odd.

804

ANDREWS: REFUTATIONS BY MATINGS

First consider the case in which i and j are both odd. tis even since cVKt 5s CcV>,Ki, Kt-1 is a term of @ andKt-1 Kt. Let p = t - land let q be i or j so that q # p.Thus, Kp.lKp+1 and KqAtKp+1 (since Kp+1 = Kt). p andq are odd, and by rotating the cycle, if necessary, we mayassume that 1 < p < q < z. The subpath O =(Kp)Kp+ly *...*Kq-1,Kq ) of e is strictly shorter than @. Let0t = (Kq,Kp+1, - - Kq-1) be the sequence obtained fromO by deleting the last term of 0, and replacing the firstterm of ] by Kq. Since KqAKp+i , and Kq-i and Kq aredistinct members of the same clause-occurrence, D' is acycle and satisfies the condition on @. This contradicts theminimality of the length of @.The case in which i and j are both even is similar. t is

odd, Kt+1 is a term of @, and Kt.MKt+1. Let q = t + 1 andlet p be i or ] so that p $ q. Thus, Kq-iAtKq, Kq-iAtKp,p and q are even, and we may assume that 1 < p < q < z.Let ) be the subpath (Kp,Kp ,Kq-2, Kq-i,Kq) of@, and let D' = (Kq_,Kp, *Kq-2) be obtained from])by deleting the last two terms of] and replacing the firstterm of ] by Kq-i. 0)' is seen to be a cycle satisfying thecondition on & and shorter than @, so again a contradictionis obtained.

This completes the proof of the lemma.Theorem 2: Let eV be a set of clauses in first-order logic.

N has no model if and only if there is an acceptable matingof a nonempty finite set T of occurrences of clauses whichare in &.

Proof: If V has no model, then by the CompactnessTheorem for first-order logic N has a finite subset with nomodel, and hence by the Resolution Theorem [5], e has arefutation !R by resolution, which we may assume to besimple. By Theorem 1, the mating induced by ? of the setT of occurrences of initial clauses of 1? is acceptable.

Suppose there is an acceptable mating X of a nonemptyfinite set T of occurrences of clauses which are in eV. Aassociates with each clause-occurrence C in T a substitu-tion 0c. Let a be the substitution which replaces each in-dividual variable by the individual constant b, and for eachC E T, let pC be the clause-occurrence cKcC). Let T' =fpC C C T {pC I C C T); thus T' is a set of occurrencesof ground clauses.

For each literal-occurrence L in a clause-occurrence Cin T, let pL be the occurrence of u(GcL) in pC. (Note thatwhen pK = pL, K, and L may be distinct members ofL(T), although c(K) must be the same as c(L).) Let At' =I(pL,pK)WLAtK}. Clearly A' is a mating for T'.Example: Let A be the mating of Fig. 1; then ' is the

mating of Fig. 6, which is related to Fig. 2.We shall show that At' is an acceptable mating. First

note that every member of£ (T') has the form pL for someL E I (T). If pL is an arbitrary member of L( T'), then Lhas a mate K since At is acceptable, so pK is a mate for pL.Thus, a) is true for '.To prove b), let ] = (K1,* ,K,) be an arbitrary cycle

in '. For each odd i < z, Ki J/t'Ki+1, so we can choose L,and Li+1 in 1(T) such that Li.ALi+1, pLi = Ki, and pLi+1= Ki+1. Since (pL1, .--.,pL,) is the cycle ] in At', @ =(L1, * *,) must be a cycle in At, for if pLi and pLi are

(1) F(gc) c v Fc(gc)

[(2) F(gc) c

(3) Fc (gc)

v

V Fcc

(4)

Fig. 6.

distinct members of the same clause-occurrence of-T', thenLi and LJ are distinct members of the same clause-occur-rence of T. Since At is acceptable, by b) there are terms Li,Lj, and Lt, with i # j, in @ such that LjAtLt and Lj1tLt.Hence, Ki.X'Kt and Kj1tKt, so ] contains a merge.Now suppose $ has a model -3. The ground clauses oc-

curring in T' are all substitution instances of clauses in &V,which are valid in 3, so these ground clauses are all truein 1. Thus, the assignment of truth values to ground atomsdetermined by 53 satisfies each clause occurring in T.Since A' is acceptable, this contradicts the lemma.Therefore, eV has no model.

III. REMARKSIt is our hope and expectation that Theorem 2 can serve

as a basis for a variety of sophisticated new approaches totheorem proving, but we shall confine our present dis-cussion to a few general remarks.

It might at first appear that in order to establish that aset Y of clauses has no model by this theorem, one mustfirst choose a set T of occurrences of clauses in S, and thenseek an acceptable mating X for T. However, the theoremcan be applied in other ways more amenable to imple-mentation. One might, for example, generate by an itera-tive process a set 'U of occurrences of substitution instancesof clauses from X, and a mating At of 'i such that matedliteral-occurrences are complementary and A satisfiescondition b) at each stage, and seek to progressively enlargeA and 'U until every literal-occurrence in 'U has a mateunder At. Of course, when an acceptable mating At for 'Uis found, it is established that 'U, and hence A, has nomodel.Without discussing various heuristic strategies which

might be used to govern the choices made at various stepsin this process, or ways in which the process can be repre-sented more economically and carried out more efficiently,we may describe the basic steps of such a process as follows:

Step 0: As a preliminary step, progressively delete from& any clauses containing literals pure in 9 [5, sect. 7.11,until no literal is pure in W. (This will assure that every li-teral in a clause of e will have a potential mate in a clauseof S.) If the resulting set eV is empty, halt and declare that9 has a model.Step 1: Initially, choose a clause of C from eS, let 'U

contain an occurrence of C, and let At be empty.Step 2: Choose a literal-occurrence L1 in L('U) which

has no mate (under the mating At).Step 3: Choose a literal-occurrence L2 in a clause C oc-

805


curring in 'U or in & such that L1 and L2 have comple-mentary substitution instances. (If no such literal-occur-rence L2 exists, terminate this branch of the search treeand backtrack to explore another branch of the searchtree.)

Step 4: If the clause-occurrence C containing L2 is notin 2U, let C' be an alphabetic variant of C which has novariables in common with members of 'U, and add an oc-currence of C' to 'U. Now let L2 be the literal of C' corre-sponding to the former literal L2 in C.

Step 5: Let f be the most general unifier of the atoms ofL1 and L2. Replace each occurrence of a clause D in 'U byan occurrence of oD, and replace each pair (J,K) in A by(aJ, aK). (If K and L are literals occurring in the sameclause-occurrence of 'U and oK = rL, then aK and CLbecome identified within the pairs of A.)Step 6: Add (aL1,a-L2) and (o-L2,aoL1) to A.Step 7: Check whether at satisfies condition b). If so, go

to Step 9.Step 8: Introduce merges into all cycles of A which

contain no merges until condition b) is satisfied. If thisproves impossible, backtrack to Step 3 and try a new choicefor L2.Step 9: If every literal occurrence in C( U) has a mate,

halt and declare that V has no model.Step 10: If chosen strategy so dictates, temporarily

abandon this branch of the search tree and try another.Otherwise, return to Step 2.

Undoubtedly various ideas relevant to the efficientimplementation of such a process have already occurredto the perceptive reader. The clause chosen in Step 1should be necessary to a refutation, the literal L1 chosenin Step 2 should have as few potential mates as possible,the literal L2 chosen in Step 3 should usually be taken froma clause of 'U rather than S when possible, the mating Areally need not be symmetric in its internal representation,etc. We shall leave to the future further discussion of theseand other matters, such as how best to check condition b).

It may be observed that the basic process describedabove has some elements in common with the linked con-junct method of Davis [2] and the model elimination pro-cedure of Loveland [3], although they of course use dif-ferent criteria to test for successful termination. A questionto be investigated is whether the ideas behind variousresolution strategies have any relevance in the presentcontext, and, if so, how they may be incorporated intorefutation systems based on matings.The papers of Shostak [6] and Sickel [7], which are based

on concepts closely related to those we have been dis-

1 There is a natural correspondence between Shostak's clause graphsand matings. The mating corresponding to a clause graph G is I(A,B)lAand B are literal-occurrences whose cells are on opposite shores ofsomebridge in G.j. Matings which correspond to clause graphs in this way havethe special property that literals with a common mate have exactly thesame mates, so the correspondence between matings and clause graphsis not quite one-to-one, but this appears to be unimportant. Cycles whichcontain merges correspond to sequences ofnodes and bridges in a clausegraph which are like Shostak's loops, except that some bridge is crossedtwice. Cycles which contain no merges correspond to Shostak's loops.Thus, the restriction of Theorem 2 to propositional calculus provides analternative formulation of [6, theorem 1].

(1) K

(2) L

(3) - K V - L,

(4)

(5)

(6)

L

K

(7)

V M

V

-M

Fig. 7.

v N

V N

v N

v - N

cussing, contain a number of interesting ideas.1 Sickel'sdevice of discarding literals and representing the initial setof clauses in terms of a Clause Interconnectivity Graphshowing potential matings and unifying substitutionsprovides not only an economical representation, but avaluable new perspective.

Since the clauses occurring in the set 'U above are sub-stitution instances of clauses in XS, it is natural to askwhether any of them need occur more than once; i.e., could'U be a set of clauses, rather than occurrences of clauses?An equivalent question is whether Theorem 2 can bemodified when & is a get of ground clauses to assert thatX has no model iff & has a nonempty finite subset whichhas an acceptable mating. The answer to these questionsis negative, as shown by the following example.

Example:(1) K v M.(2) L v N.(3) -K v -L.(4) -M v -N.(5) L v M.(6) K v N.(7) -M v N 4 repeated.(8) K v -N 1,4.(9) K 6, 8.(10) L v-M 2,7.(11) L 5, 10.(12) -L 3, 9.(13) o 11, 12.

The example gives a simple refutation of the set efocontaining clauses (1)-(6), so go is contradictory. Themating of clause-occurrences (1)-(7) induced by this ref-utation is shown in Fig.7and is acceptable by Theoremi.Suppose there were an acceptable mating of a subset T

of .O (without repetitions of clauses). It is easily seen thateach proper subset W of go is satisfiable. (Take any clausenot in 'W, make both its literals false, and easily extend thisassignment to one which satisfies all other clauses in e%o.)Since T must not be satisfiable, it must include everyclause in eo, so T = No. The only mating of clauses (1)-(6)in which each literal-occurrence has a mate is that shown

806

IEEE TRANSACTIONS ON COMPUTERS, VOL. c-25, NO. 8, AUGUST 1976

(1) K V M

(2) L

I(3) - K v - L

(4) -M

(5) L V M

(6) K

REFERENCES

V N

v -N

V N

Fig. 8.

in Fig. 8. However, the mating of Fig. 8 contains the cycle(3 - L,5L,5M, 4 M, 4 - N,6N,6K,3 K) (where nJdenotes the occurrence of literal J in clause n), which doesnot contain a merge, so the mating is not acceptable.

Thus, ifT is any set of occurrences of clauses in SO whichhas an acceptable mating, then some clause must occurmore than once in T. Also, by Theorem 1 we see that everyrefutation of eo by resolution uses some clause more thanonce.

[1] P. B. Andrews, "Resolution with merging," J. Ass. Comput. Mach.,vol. 15, pp. 367-381, 1968.

[21 M. Davis, "Eliminating the irrelevant from mechanical proofs," inExperimental Arithmetic, High Speed Computingand Mathematics(Proceedings ofSymposia in Applied Mathematics), vol. XV. NewYork: Amer. Math. Soc., 1963, pp. 15-30.

[3] D. W. Loveland, "Mechanical theorem-proving by model elimina-tion," J. Ass. Comput. Mach. vol. 15, pp. 236-251, 1968.

[4] W. V. Quine, "A proof procedure for quantification theory," J.Symbol. Logic, vol. 20, pp. 141-149,1955.

[5] J. A. Robinson, "A machine-oriented logic based on the resolutionprinciple," J. Ass. Comput. Mach,, vol. 12 pp. 23-41, 1965.

[6] R. E. Shostak, "Refutation graphs," Artificial Intelligence, vol. 7,pp. 51-64, Spring 1976.

[7] S. Sickel, "A search technique for clause interconnectivity graphs,"this issue, pp. 823-835.

[8] L. Wos, D. Carson, and G. Robinson, "The unit preference strategyin theorem proving," in 1964 Fall Joint Comput. Conf., AFIPS Conf.Proc. vol. 26. Washington, DC: Spartan, 1964, pp. 615-621.

[9] R. A. Yates, B. Raphael, and T. P. Hart, "Resolution graphs," Arti-ficial Intelligence, vol. 1, pp. 257-289, 1970.

Peter B. Andrews was born in New York,NY, in 1937. He received the B.A. degree inmathematics from Dartmouth College, Hano-ver, NH, in 1959, and the Ph.D. degree in math-ematics from Princeton University, Princeton,NJ, in 1964.He joined the faculty of Carnegie-Mellon

Ai l I g University, Pittsburgh, PA, in 1963, and is cur-rently Associate Professor of Mathematics

* ~i~there. His specialty is symbolic logic, and hisresearch interests center on type theory and onautomatic theorem proving.

A Problem-Oriented Search Procedure for Theorem Proving

DANIEL H. FISHMAN

Abstract-In,this paper we argue that if search procedures areto use problem-specific information to direct a search, then theymust have complete control over the deductive process. This in-cludes the freedom to select any pair of clauses to interact as wellas the freedom to select the literals upon which to attempt the in-teraction. We give examples to indicate the nature of inferencerules which are incompatible with such search procedures. We thenpresent a framework for a search procedure to indicate whereproblem-specific information may be utilized. Finally, we augmentthe search procedure to prevent the generation of certain redun-dant inferences. The augmentation makes use of lemmas to avoidreplicating deduction sequences in solving multiple instances ofthe same subproblem at distinct places in the search space.Index Terms-Problem solving, resolution, search procedures.

Manuscript received September 5- 1975; revised March 12,1976. Thispaper was presented at the IEEE Workshop on Automated TheoremProving, Argonne National Laboratory, Argonne, IL, June 3-5, 1975.The author is with Bell Laboratories, Murray Hill, NJ 07974.

I. INTRODUCTIONTHE COMBINATORIAL EXPLOSION associated

with theorem proving methods is well known. At-tempts to reduce the combinatorial explosion associatedwith the resolution principle [15] have resulted in a large.number of refinements of resolution. Some of the refine-ments developed are: set of support [20], hyper-resolution[16], semantic resolution and A-ordering [18], linear res-olution [10], model elimination [111, first-literal resolution[6], SL -resolution [8], locking [11, among many others.

In addition to the development of inference rules whichattempt to improve efficiency by making syntactic re-strictions on the pairs of clauses which may interact, or byordering the literals in each clause in some way, there hasalso been some effort to devise search strategies whichattempt to order the inferences into some optimal order.Strategies which have been devised for theorem proving

807

Documents

Refutations by Matings