1 Introduction

Explicit and effective model representations as well as model building out of a set of first-order clauses have a long tradition [3, 10, 12, 16, 20, 24, 32, 41, 48, 50, 51]. In addition, they naturally arise out of decision procedures for decidable first-order clause set fragments [1,2,3, 11, 14, 15, 18, 19, 22, 25,26,27,28,29,30,31, 33, 36, 38, 39, 43, 44, 46, 52,53,55]. The problem we are studying here is to the best of our knowledge new: given a finite set of consistent ground literals, find a finite representation of an overall, typically infinite Herbrand style interpretation, satisfying those ground literals. Of course, there are trivial solutions to this problem, e.g., by assigning any missing ground literal to true or false. Projecting the results of [23] to first-order logic results in such a trivial solution. However such a solution will not fit our motivating application: the family of SCL calculi [6, 7, 9, 21, 37] where we here concentrate on the case of first-order logic without equality. Similar to CDCL [40], SCL computes resolution inferences with respect to a partial ground model, i.e., a consistent sequence of first-order ground literals. The number of ground literals considered by SCL is finite at any point in time, thanks to an upper bound ground literal \(\beta \) with respect to a well-founded (quasi)-ordering. For the purpose of this paper we simply consider the number of symbols in a literal with respect to \(\le \). In this context SCL either produces the empty clause with respect to \(\beta \) or a partial model satisfying all first-order clause instances smaller than \(\beta \). In case of such a partial model we want to extend it to an overall interpretation for the clause set and then check whether this interpretation is a model for the first-order clause set considered, or, if not, find a suitable extension to \(\beta \) that then covers false clauses with respect to the generated interpretation. So all considered ground literals are instances of existing literals from some clause set. Therefore, we look for a solution that respects the term structure of the ground literals. Our approach starts with a universal relation and then refines it according to the term structure of the considered ground literals until it fits all ground literals,

For illustration, consider the following very simple example. For the three first-order clauses

$$\begin{array}{l} \lnot P(x) \vee P(g(g(x)) \qquad \qquad P(a)\\ \lnot P(g(g(g(g(a)))))\\ \end{array}$$

an SCL run with \(\beta = P(g(g(g(a))))\), i.e., exclusively atoms smaller or equal P(g(g(g(a)))) are dealt with, where for the ordering we simply count symbols, a partial model generated by SCL could be

$$\begin{aligned}{}[P(a),P(g(g(a))),P(g(a))^1, P(g(g(g(a))))] \end{aligned}$$

where the third literal is decided and the others are propagated from the above clauses. It is a model for all ground instances with literals smaller or equal P(g(g(g(a)))), hence, excluding \(\lnot P(g(g(g(g(a)))))\). Our model building calculus would start with state

$$\begin{aligned} (\{P(a),P(g(g(a))),P(g(a)), P(g(g(g(a))))\}; \emptyset ; \{P(x)\}; \emptyset ) \end{aligned}$$

meaning that the initial model assumption for P is the universal relation, i.e., P holds on all ground terms. Processed ground literals are moved from the first to the second component of the state and final literal interpretation literals from the third to the fourth component by the algorithm. Thus finally, all processed ground literals are moved to the second component and the final literal model is contained in the fourth component while the other two are empty. One application of rule Solve, see page 7, immediately establishes the model P(x), because it satisfies all ground literals. Of course, this interpretation does not satisfy the three clauses without the restriction to instances bounded by \(\beta \). Still, we can use our interpretation to find the smallest clause instance falsified by it, in our example \(\lnot P(g(g(g(g(a)))))\), and use the maximal literal in that clause as our new \(\beta = P(g(g(g(g(a)))))\). Running SCL with the new \(\beta \) will immediately yield the contradiction. Now consider a small modification of the three clauses where we replace the final unit clause by a disjunction.

$$\begin{array}{l} \lnot P(x) \vee P(g(g(x)) \qquad \qquad P(a)\\ \lnot P(g(g(g(g(a)))))\vee \lnot P(g(g(g(a))))\\ \end{array}$$

Running SCL on this clause set with \(\beta =P(g(g(g(a))))\) may yield the same partial model as before and hence the same overall interpretation P(x). Again the final clause is falsified by the interpretation yielding a new minimal \(\beta = P(g(g(g(g(a)))))\). Running SCL again with this \(\beta \) yields a final partial model

$$\begin{aligned}{}[P(a),P(g(g(a))),P(g(g(g(g(a))))),\lnot P(g(g(g(a)))), \lnot P(g(a))^1] \end{aligned}$$

and now starting with this ground model

$$\begin{aligned} (\{P(a),P(g(g(a))),P(g(g(g(g(a))))),\lnot P(g(g(g(a)))),\lnot P(g(a))\} ;\emptyset ;\{P(x)\}; \emptyset ) \end{aligned}$$

the initial candidate interpretation P(x) needs to be refined, because it has positive and negative instances among the set of ground literals. Refining means, we exhaustively instantiate P(x) until no model candidate atom has both positive and negative instances by rule Refine, see page 6. This eventually yields

$$ \begin{array}{l} (\emptyset ;\{P(a),P(g(g(a))),P(g(g(g(g(a))))),\lnot P(g(g(g(a)))),\lnot P(g(a))\};\\ \emptyset ; \{P(a),\lnot P(g(a)),P(g(g(a))),\lnot P(g(g(g(a)))), P(g(g(g(g(x)))))\}) \end{array} $$

which in fact covers all ground literals and constitutes a model for the three clauses.

The paper is now organized as follows: after fixing some notions and notation in Sect. 2, and a short introduction to SCL, Sect. 3, our contributions are contained in Sect. 4. Important results are: (i) out of a set of ground literals we can generate in polynomial time an overall interpretation, Lemma 4, Lemma 8 and Lemma 5; (ii) our literal model representation satisfies the well-known requirements for explicit model representations [10], in particular supports effective clause evaluation, see page 13; (iii) the literal model representation can effectively be used to find a new minimal \(\beta \) in case it does not satisfy the clause set, Lemma 13. The paper ends with a discussion of the obtained results and further research directions, Sect. 5.

2 Preliminaries

We assume a first-order language without equality over a signature \(\varSigma = (\varOmega , \varPi )\) of operator symbols and predicates, respectively. All signature symbols come with a fixed arity. Terms, atoms, literals, clauses and clause sets are defined as usual, where in particular clauses are identified both as disjunctions and multisets of literals. Then N denotes a clause set; CD denote clauses; LKH denote literals; AB denote atoms; PQR denote predicates; ts terms; fgh function symbols; abc constants; and xyz variables. We write f/1 or R/2 for a function symbol of arity 1 or predicate symbol of arity 2, respectively. The complement of a literal is denoted by the function \({\text {comp}}\). The atom of a literal by the function \({\text {atom}}\), i.e., \({\text {atom}}(\lnot A) = A\) and \({\text {atom}}(A) = A\). Semantic entailment \(\models \) is defined as usual where variables in clauses are assumed to be universally quantified. Substitutions \(\sigma , \tau \) are total mappings from variables to terms, where \({\text {dom}}(\sigma ) := \{x \mid x\sigma \ne x\}\) is finite and \({\text {codom}}(\sigma ) := \{ t\mid x\sigma = t, x\in {\text {dom}}(\sigma )\}\). Their application is extended to literals, clauses, and sets of such objects in the usual way. A term, atom, clause, or a set of these objects is ground if it does not contain any variable. A substitution \(\sigma \) is ground if \({\text {codom}}(\sigma )\) is ground. A substitution \(\sigma \) is grounding for a term t, literal L, clause C if \(t\sigma \), \(L\sigma \), \(C\sigma \) is ground, respectively. A literal L is an atom instance of a literal K if \({\text {atom}}(K)\sigma = {\text {atom}}(L) \) for some \(\sigma \). A term, literal is called linear if any variable occurs at most once in the term, literal. The function \({\text {mgu}}\) denotes the most general unifier of two terms, atoms, literals. We assume that any \({\text {mgu}}\) of two terms or literals does not introduce any fresh variables and is idempotent.

A position is a word over the naturals with empty word \(\epsilon \). The set of positions of a term, atom is inductively defined by: \({\text {pos}}(x) = \{\epsilon \}\) if x is a variable, \({\text {pos}}(f(t_1,\ldots ,t_n)) = \{\epsilon \}\cup \bigcup _{i = 1}^n\{ip\mid p\in pos(t_i)\}\) for terms, and \({\text {pos}}(P(t_1,\ldots ,t_n)) = \{\epsilon \}\cup \bigcup _{i = 1}^n\{ip\mid p\in pos(t_i)\}\) for atoms. For a position \(p\in {\text {pos}}(t)\) we define \(t|_p=t\) if \(p=\epsilon \) and \(f(t_1,\ldots ,t_n)|_p = t_i|_{p'}\) if \(p = ip'\). Moreover, we define by \(t[s]_p\) the term, atom one receives by replacing the subterm \(t|_p\) at position p of t with the term s. The size of a term t, atom A is defined by \({\text {size}}(t) = |{\text {pos}}(t)|\) or \({\text {size}}(A) = |{\text {pos}}(A)|\). The size of a substitution \(\sigma \) is defined by \({\text {size}}(\sigma ) = \sum _{x\in {\text {dom}}(\sigma )} {\text {size}}(x\sigma )\). The size of a set of terms, atoms, substitution is the sum of the size of its members. A position \(p\in {\text {pos}}(t)\) is maximal in t if for any other position \(q\in {\text {pos}}(t)\) we have \(|q|\le |p|\). The depth of a position p is 0 if \(p = \epsilon \) and |p| otherwise. The depth of a term t, atom A is the maximal depth of any position in t, A, i.e., \({\text {depth}}(t) = \max \{|p| \mid p \in {\text {pos}}(t)\}\) and \({\text {depth}}(A) = \max \{|p| \mid p \in {\text {pos}}(A)\}\), respectively. The depth of a term s in a term t is the depth of a maximal position p such that \(t|_p=s\).

Two literals are inconsistent if they have different sign and their atoms are unifiable. A set of literals is consistent if it does not contain a pair of inconsistent literals. A literal interpretation M is a finite set of consistent literals. A literal interpretation \(\mathcal {I}\) is complete with respect to a signature \(\varSigma \) if for any \(\varSigma \) ground atom A there is a literal \(K\in \mathcal {I}\) such that \({\text {atom}}(K)\sigma = A\) for some \(\sigma \). A literal interpretation \(\mathcal {I}\) satisfies a ground literal K, \(\mathcal {I}\models K\) if there is an \(L\in \mathcal {I}\) such that \(L\sigma = K\) for some \(\sigma \). It satisfies a non-ground literal K if it satisfies all groundings of K.

We overload notation for sets where “, ” is overloaded for disjoint union, and disjoint addition, e.g., “\(\varGamma _1,\varGamma _2\)” stands for \(\varGamma _1 \cup \varGamma _2\) and \(\varGamma _1,L\) stands for the set \(\varGamma _1\cup \{L\}\).

3 SCL: Clause Learning from Simple Models

The family of SCL calculi (short “Simple Clause Learning”) [6, 9, 21, 37] lifts CDCL (Conflict-Driven Clause Learning) from propositional logic [34, 42, 49] to variants of first-order logic. The idea is to have superposition-style resolutions on non-ground, first-order clauses but instead of the usual static order that guides them, SCL uses as its guide ground partial models \(\varGamma \), i.e., sequences of ground literals, also called trails. A trail for a clause set N is constructed/extended by guessing literals via so called Decisions and by propagating literals based on the current trail and the current clauses in N [9]. This construction continues until we determine that \(\varGamma \) falsifies a ground instance \(C \sigma \) of a clause \(C \in N\). The conflict between \(\varGamma \) and C is then resolved by applying Resolution to C and the clauses used for propagation during the construction of \(\varGamma \). At the end of these resolutions, SCL learns a new clause D and a prefix \(\varGamma '\) of \(\varGamma \) from which D can be propagated to start the construction of the next trail, which is guaranteed to never encounter the same conflict due to D. Furthermore D is not redundant, in particular, not subsumed by any clause.

The maximal length of the trail is always finitely bounded by all literals being smaller than a fixed ground literal \(\beta \). In case all ground literals have been explored and not clause is falsified this constitutes a so called stuck state. In a stuck state the trail is model for all ground clause instantiations smaller \(\beta \), but not in general.

In its first, original version [21], the focus of the SCL calculus is on deciding the Bernays-Schoenfinkel class without equality. Moreover, the original version is already a sound and refutationally complete semi-decision procedure for general first-order logic without equality that guarantees non-redundant clause learning. Subsequently, SCL has been extended to handle theories [6] and first-order logic with equality [37].

In the meantime, there exists a refined version [9] unifying and extending the previous versions [6, 37] for first-order logic called SCL(FOL). In particular, this version introduces a refined Backtrack rule and a refined reasonable strategy criterion. In parallel we proved correctness and soundness of SCL(FOL) in Isabelle [5]. The Isabelle SCL(FOL) version relaxes some of the original requirements. SCL computations are performed with respect to a quasi-ordering \(\preceq \) on ground atoms where the strict part is well-founded. We adopt this setting also in this paper by instantiating \(\preceq \) with symbol counting and \(\le \). SCL(FOL) is only allowed to add literals L to the trail \(\varGamma \) with \({\text {atom}}(L) \preceq \beta \) for some atom \(\beta \). Note that the bounding atom \(\beta \) may grow, but only if we reach a stuck state, where \(\varGamma \models {\text {gnd}}^{\preceq \beta }(N)\) and where the function \({\text {gnd}}^{\preceq \beta }\) computes the set of all ground instances of a clause set where the grounding is restricted to produce literals L with \({\text {atom}}(L) \preceq \beta \). This guarantees that SCL(FOL) (with a reasonable strategy) will always find a refutation if the input clause set is unsatisfiable. Moreover, for a fixed \(\beta \), SCL(FOL) turns into a decision procedure for \({\text {gnd}}^{\preceq \beta }(N)\). And even if we allow \(\beta \) to grow, SCL(FOL) regularly visits partial models \(\varGamma \) that at least satisfy \({\text {gnd}}^{\preceq \beta }(N)\), that may even be extendable to full models for N, or at least guide the selection for our next bounding literal \(\beta '\) [8].

4 Generating Models

A motivation for our model generating algorithm is the extension of SCL ground trail \(\varGamma \) out of a stuck state to a complete literal interpretations. Such an interpretation either satisfies the considered clause set, or it falsifies some clause. The latter information can then be used to extend the SCL search for a model or a contradiction. Our extension from \(\varGamma \) is not trivial, e.g., by assigning all atoms beyond \(\varGamma \) to true. Instead, it respects the literal structure in \(\varGamma \) and naturally extends it to a complete literal interpretation.

The starting point is simply a set of ground literals and the finite signature used to build the set. The algorithm is presented by three abstract rewrite rules operating on a state in a non-deterministic way. The state is a tuple \((\varGamma ;\varDelta ;\mathcal {I};M)\) where \(\varGamma \), \(\varDelta \) are consistent sets of ground literals, M is a set of linear literals that defines a partial interpretation such that \(M \models L\) for each \(L \in \varDelta \) and M does not have any conflict with \(\varGamma \); \(\mathcal {I}\) is a set of linear atoms such that \(\mathcal {I}\cup M\) represents a complete literal interpretation; initially M is empty and \(\mathcal {I}\) the set \(\{P(x_1,\ldots ,x_n)\}\) for some predicate P and linear atom \(P(x_1,\ldots ,x_n)\), denoting the universal relation for P. Processed literals/atoms are moved by the rewrite rules from \(\varGamma \) to \(\varDelta \) and \(\mathcal {I}\) to M, respectively. The rewrite calculus then builds an overall interpretation of P according to \(\varGamma \) where we assume that \(\varGamma \) only contains P literals. So given a set of ground literals for each occurring predicate a separate run starting with the respective literals is needed.

The start state is \((\varGamma ; \emptyset ; \{P(x_1,\ldots ,x_n)\}; \emptyset )\) for a finite consistent set of ground literals \(\varGamma \) over P and linear atom \(P(x_1,\ldots ,x_n)\) and a final state is \((\emptyset ;\varDelta ;\emptyset ;M)\) where we will show \(M\models \varGamma \). We assume a finite signature \(\varSigma \).

The first rule Refine covers the situation where some atom A in \(\mathcal {I}\) has both positive and negative instances in \(\varGamma \). Since \(\varGamma \) is consistent, the atom A can be split into instances \(A_i\) of itself and each of the resulting instances is guaranteed to eventually have only positive or negative instances in \(\varGamma \). Note that this may require repeated applications of the rule Refine.

figure a

Due to refinement and the construction of the final complete literal interpretation it may happen that certain atoms in \(\mathcal {I}\) do not have any instances in \(\varGamma \). They are then moved to the final representation of the interpretation by rule Clean.

figure b

Actually, the atom \(P(t_1,\ldots ,t_n)\) could be added positively or negatively to the final literal interpretation. In favor of Theorem 12 we stick here to adding all literals without instances positively. If all instances of some atom in \(\mathcal {I}\) from \(\varGamma \) have an identical sign, they are solved and both the atom and the instances can be removed from \(\mathcal {I}\) and \(\varGamma \) by rule Solve, respectively.

figure c

Example 1

Let \(\varSigma =(\{a/0,f/1,g/1\},\{P/3\})\) be a signature. Now consider \(\varGamma =\{K,L\}\) where \(K=P(a,f(a),a)\), \(L=\lnot P(a,g(a),a)\) over the signature \(\varSigma \). An execution trace of \(\Rightarrow _{\text {mod}}\) is as follows:

$$\begin{array}{rll} 1: &{} &{} (\{K,L\}; \emptyset ; \{P(x_1,x_2,x_3)\}; \emptyset )\\ 2: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\{K,L\}; \emptyset ; \{P(x_1,a,x_3),P(x_1,f(y_1),x_3),P(x_1,g(y_2),x_3)\}; \emptyset )\\ 3: &{} \Rightarrow _{\text {mod}}^{\text {Clean}} &{} (\{K,L\}; \emptyset ; \{P(x_1,f(y_1),x_3),P(x_1,g(y_2),x_3)\}; \{P(x_1,a,x_3)\})\\ 4: &{} \Rightarrow _{\text {mod}}^{\text {Solve}} &{} (\{L\}; \{K\}; \{P(x_1,g(y_2),x_3)\}; \{P(x_1,a,x_3),P(x_1,f(y_1),x_3)\})\\ 5: &{} \Rightarrow _{\text {mod}}^{\text {Solve}} &{} (\emptyset ; \{K,L\}; \emptyset ; \{P(x_1,a,x_3),P(x_1,f(y_1),x_3),\lnot P(x_1,g(y_2),x_3)\}) \end{array}$$

Step 1:  The initial state \((\varGamma ; \varDelta ; \mathcal {I}; M)\) consists of the set \(\varGamma =\{K,L\}\), the empty set \(\varDelta \), the set \(\mathcal {I}\) containing only \(P(x_1,x_2,x_3)\) which generalizes all literals over \(\varSigma \) with predicate P, and the empty set of literals M.

Step 2:  Both K and L are atom instances of \(P(x_1,x_2,x_3)\), but with opposite signs. Moreover, the terms \(K|_{2}=f(a)\) and \(L|_{2}=g(a)\) are not unifiable, and the position \(p=2\) is the minimal variable position in \(P(x_1,x_2,x_3)\) for which this is the case, and the preconditions of rule Refine are met. A refinement of \(P(x_1,x_2,x_3)\) in position 2 takes place and \(P(x_1,x_2,x_3)\) is replaced by literals differing from it only in position 2 by replacing \(x_2\) by every constant and function symbol occurring in \(\varSigma \). The resulting atoms are \(P(x_1,a,x_3)\), \(P(x_1,f(y_1),x_3)\), and \(P(x_1,g(y_2),x_3)\) and they cover again all P ground instances.

Step 3:  The literal \(P(x_1,a,x_3)\in \mathcal {I}\) has no atom instance on \(\varGamma \) and is moved to M by means of rule Clean.

Step 4:  The positive literal K is the only instance of \(P(x_1,f(y_1),x_3)\) on \(\varGamma \), and the preconditions of rule Solve are met. The literal K is moved from \(\varGamma \) to \(\varDelta \), and \(P(x_1,f(y_1),x_3)\) is moved from \(\mathcal {I}\) to M.

Step 5:  The negative literal L is the only atom instance of \(P(x_1,g(y_2),x_3)\) with negative sign, and the preconditions of rule Solve are met. The literal L is moved from \(\varGamma \) to \(\varDelta \), whereas \(P(x_1,g(y_2),x_3)\) is removed from \(\mathcal {I}\) and added to M with negative sign. Now both \(\varGamma \) and \(\mathcal {I}\) are empty, and the execution stops with the linear complete literal interpretation \(M=\{P(x_1,a,x_3),P(x_1,f(y_1),x_3)\), \(\lnot P(x_1,g(y_2),x_3)\}\).

Next we prove that \(\Rightarrow _{\text {mod}}\) always computes an overall interpretation and model of the initial \(\varGamma \). The basis for these results is the notion of a sound state below. We then show by induction on the length of a \(\Rightarrow _{\text {mod}}\) derivation that the initial state is sound and any follower state is sound assuming its start state is sound.

Definition 2

(Sound State). A state \((\varGamma ; \varDelta ; \mathcal {I}; M)\) is sound, if the following invariants hold:

  1. 1.

    All literals in \(\mathcal {I}\cup M\) are linear.

  2. 2.

    The atoms of any two different literals from \(\mathcal {I}\cup M\) are not unifiable.

  3. 3.

    For any ground atom A over P there is an atom B in \(\mathcal {I}\cup M\) such that \(A = B\sigma \) for some \(\sigma \).

  4. 4.

    Any literal \(L\in \varDelta \) is an instance of a literal \(K\in M\).

  5. 5.

    Any literal \(L\in \varGamma \) is an atom instance of a literal \(K\in \mathcal {I}\).

  6. 6.

    The maximal depth of an atom in \(\mathcal {I}\cup M\) is at most one larger than the maximal depth of a ground atom in \(\varGamma \cup \varDelta \).

Lemma 3

(Soundness of Initial State). The initial state \((\varGamma ; \emptyset ; \{P(x_1,\ldots ,x_n)\}; \emptyset )\) is sound.

Proof

Invariants 1 to 6 given in Definition 2 hold in the initial state:

1. Only \(P(x_1,\ldots ,x_n)\in \mathcal {I}\cup M\) which is linear by definition.

2. Holds trivially, because \(\mathcal {I}\cup M\) contains only \(P(x_1,\ldots ,x_n)\).

3. The atom \(P(x_1,\ldots ,x_n)\in \mathcal {I}\cup M\) generalizes all ground atoms over \(\varSigma \) with predicate P.

4. Holds trivially, because \(\varDelta =\emptyset \).

5. The atom B of \(P(x_1,\ldots ,x_n)\in \mathcal {I}\) generalizes all ground atoms over \(\varSigma \) with predicate P, and any \({\text {atom}}(L)\in \varGamma \) is one of those.

6. Holds trivially, because the maximal depth of \(P(x_1,\ldots ,x_n)\in \mathcal {I}\) is equal to one.    \(\square \)

Lemma 4

(Soundness of \(\Rightarrow _{\textbf{mod}}\) Rules). The rules of \(\Rightarrow _{\text {mod}}\) preserve state soundness.

Proof

The proof is carried out by induction over the number of rule applications. By the induction hypothesis, we assume Invariants 1 to 6 given in Definition 2 hold in a state \((\varGamma '; \varDelta '; \mathcal {I}'; M')\) and show that after the application of any rule they are still met in the resulting state \((\varGamma ; \varDelta ; \mathcal {I}; M)\).

Rule Refine. The literal \(L=P(t_1,\ldots ,t_n)\in \mathcal {I}'\) is replaced by literals \(L_i\) differing from L solely in the position p, which now contains either a constant symbol or a function symbol whose arguments are fresh different variables.

1. The literal L is linear by the induction hypothesis. The variables introduced in the literals \(L_i\) are fresh and different, hence all literals \(L_i\) are linear, too. The literals in \(M'\) are linear by the induction hypothesis and \(M'\) remains unaffected. Therefore, all literals in \(\mathcal {I}\cup M\) are linear as well.

2. By the induction hypothesis, no two atoms in \(\mathcal {I}'\cup M'\) are unifiable. This holds in particular for the atom of L and any other atom in \(\mathcal {I}'\cup M'\). The terms \(L_i|_p\) are not unifiable by the definition of rule Refine, hence their atoms are not unifiable. Since the literals \(L_i\) are instances of L, their atoms are not unifiable with any atom in \((\mathcal {I}'\cup M')\setminus \{L\}\) and thus of \(\mathcal {I}\cup M\). Moreover, the atoms \(\mathcal {I}' \cup M' \setminus \{L\}\) are by induction hypothesis not unifiable with each other.

3. Let A be any ground atom. By the induction hypothesis, there exists a literal K in \(\mathcal {I}' \cup M'\) such that A is an instance of \({\text {atom}}(K)\), i.e., there exists a substitution \(\sigma \) such that \(A = {\text {atom}}(K) \sigma \). If K is not the literal L that is refined, then K is still in \(\mathcal {I}\cup M\) and so the property holds for atom A. If K is the literal L that is refined on position p with \(x = L|_p\), then we know that atom A has a term \(A|_p = f_i(s_1,\ldots , s_{k_i})\) at position p. This means A is also an instance of the literal \(L_i = P(t_1 ,\ldots , t_n )\{x \mapsto f_i (y_{i_1}, \ldots , y_{k_i} )\}\) that was newly added to \(\mathcal {I}\) such that \(A = {\text {atom}}(L_i) \sigma _i\), where \(\sigma _i = \sigma \cup \{y_{i_1} \mapsto s_1, \ldots , y_{k_i} \mapsto s_{k_i}\}\). Hence the property holds for all ground atoms.

4. Both \(\varDelta '\) and \(M'\) remain unaffected, and Invariant 4 still holds.

5. The set \(\varGamma '\) remains unaffected by rule Refine, and its atoms are ground atoms over P. By the induction hypothesis, for any atom A in \(\varGamma '\) there exist a literal K in \(\mathcal {I}'\) with \({\text {atom}}(K)=B'\) and a \(\sigma \) such that \(B'\sigma =A\). If K is not the literal L that is refined, then K is still in \(\mathcal {I}\) and so the property holds for atom A. If K is the literal L that is refined at position p with \(x = L|_p\), then we know that atom A has a term \(A|_p = f_i(s_1,\ldots ,s_{k_i})\) at position p. This means A is also an instance of the literal \(L_i = P(t_1 ,\ldots , t_n )\{x \mapsto f_i (y_{i_1},\ldots , y_{k_i} )\}\) that was newly added to \(\mathcal {I}\) such that \(A = {\text {atom}}(L_i) \sigma _i\) where \(\sigma _i = \sigma \cup \{y_{i_1} \mapsto s_1, \ldots , y_{k_i} \mapsto s_{k_i}\}\). Hence the property holds for all atoms A in \(\varGamma \).

6. By the definition of rule Refine, the depth of any literal \(L_i\) added to \(\mathcal {I}'\) can be at most the depth of \(P(t_1,\ldots ,t_n)\) plus one, due to the introduction of a function symbol at position p. Therefore, the maximal depth of the literals in \(\mathcal {I}'\) may increase at most by one. However, the depth of any atom in \(\varGamma '\) which is an instance of \(P(t_1,\ldots ,t_n)\) is at least equal to the one of \(P(t_1,\ldots ,t_n)\). Furthermore, \(\varGamma '\), \(\varDelta '\), and \(M'\) remain unaltered, and therefore Invariant 6 still holds after the application of rule Refine.

Rule Clean.

13,5,6. The sets \(\varGamma '\) and \(\varDelta '\) remain unaltered. The literal \(P(t_1,\ldots ,t_n)\) in \(\mathcal {I}'\) is moved from \(\mathcal {I}'\) to \(\mathcal {I}\). It remains unaffected, just as any other literal in \(\mathcal {I}'\cup M'\), and by the induction hypothesis, Invariants 13, 5, and 6 hold.

4. The ground set \(\varDelta '\) remains unchanged, and no literal is removed from \(M'\), therefore Invariant 4 still holds after executing rule Clean.

Rule Solve.

13,6. The literal \(P(t_1,\ldots ,t_n)\) is moved from \(\mathcal {I}'\) to M, either with positive or negative sign. Its atom remains unaffected, just as any other literal in \(\mathcal {I}'\cup M'\), and by the induction hypothesis, Invariants 13, and 6 hold.

4. The literals added to \(\varDelta \) are ground instances of \(\#P(t_1,\ldots ,t_n)\) added to M, and Invariant 4 is met after the application of rule Solve.

5. The literals removed from \(\varGamma '\) are ground instances of \(\#P(t_1,\ldots ,t_n)\) and \(P(t_1,\ldots ,t_n)\) is removed from \(\mathcal {I}'\). Therefore, Invariant 5 still holds after applying rule Solve.

6. The removal of \(P(t_1,\ldots ,t_n)\) from \(\mathcal {I}'\) and the addition of \(\#P(t_1,\ldots ,t_n)\) to M do not affect the maximal depth of the atoms in \(\mathcal {I}'\cup M'\), and \(\varGamma '\cup \varDelta '\) remains unaffected. Therefore, Invariant 6 still holds after applying rule Solve.    \(\square \)

Next we show termination and that \(\Rightarrow _{\text {mod}}\) does not get stuck and always ends in a final state. From now on we only consider sound states.

Lemma 5

(Termination and Runtime). \(\Rightarrow _{\text {mod}}\) terminates in polynomial time \(O({\text {size}}(\varGamma )^2)\) with respect to the size of \(\varGamma \).

Proof

For a state \((\{L_1,\ldots ,L_n\};\varDelta ;\mathcal {I};M)\) let \(\mathcal {I}'\) be a multiset of literals \(\{K_1\), \(\ldots \), \(K_n\}\) out of literals from \(\mathcal {I}\) such that \({\text {atom}}(L_i) = {\text {atom}}(K_i)\sigma _i\) for some \(\sigma _i\). Note that for a given \(\{L_1,\ldots ,L_n\}\) and \(\mathcal {I}\) the multiset \(\mathcal {I}'\) is unique. This is a result of a sound state and Invariant 2.2. Let

$$\begin{aligned} \delta (\{L_1,\ldots ,L_n\},\{K_1,\ldots ,K_n\}) = \sum _{1\le i\le n} {\text {size}}(\sigma _i). \end{aligned}$$

Now the measure \((\delta (\{L_1,\ldots ,L_n\},\{K_1,\ldots ,K_n\}), |\mathcal {I}|)\) with \(>_{\text {lex}}\) strictly decreases with each rule application: The rules Clean and Solve strictly decrease the number of \(L_i\) and/or \(|\mathcal {I}|\). For the rule Refine the atom \(P(t_1,\ldots ,t_n)\) has at least two different instances among the \(L_i\) and after application of the rule the respective \(\sigma _i\) for all those instances decrease in size by one.

There are at most \({\text {size}}(\varGamma )\) many applications of Refine possible and for each of these applications at most \({\text {size}}(\varGamma )\) many applications of Clean or Solve are possible, resulting in the above upper bound. Please recall that the number of symbols in \(\varOmega \) is also bound by \({\text {size}}(\varGamma )\).    \(\square \)

Lemma 6

(No Stuck States). If for a state \((\varGamma ; \varDelta ; \mathcal {I}; M)\) we have \(\varGamma \ne \emptyset \) or \(\mathcal {I}\ne \emptyset \) then at least one \(\Rightarrow _{\text {mod}}\) rule is applicable.

Proof

Suppose \(\varGamma \ne \emptyset \) and \(L\in \varGamma \). By soundness, Definition 2.5, there exists a literal \(K\in \mathcal {I}\) such that \({\text {atom}}(L)\) is an instance of K. If in addition \(\mathcal {I}\) contains a literal H of sign opposite to the one of L where \({\text {atom}}(H)\) is an instance of K and a minimal variable position p in K such that \({\text {atom}}(L)|_p\) and \({\text {atom}}(H)|_p\) are not unifiable, the preconditions of rule Refine are met. If instead all literals \(H\in \varGamma \), whose atoms are an instance of K, have the same sign as L, rule Solve can be applied. By Definition 2.5, it can not happen that \(\varGamma \ne \emptyset \) and \(\mathcal {I}=\emptyset \). Now assume \(\varGamma =\emptyset \) and \(\mathcal {I}\ne \emptyset \) and let L be a literal in \(\mathcal {I}\). No atom instance of L is contained in \(\varGamma \), and the preconditions of rule Clean are met.    \(\square \)

A consequence of Lemma 6 is that \(\Rightarrow _{\text {mod}}\) always makes progress, i.e., in any non-terminal state, a rule is applicable. Finally, we prove that \(\Rightarrow _{\text {mod}}\) in fact produces an overall interpretation satisfying the literals from the initial state.

Lemma 7

(All Literals are Considered). Let \((\varGamma _0; \emptyset ; \{P(x_1,\ldots ,x_n)\}; \emptyset )\) be an initial state. Then for any (possibly non-final) state \((\varGamma ; \varDelta ; \mathcal {I}; M)\) obtained during the execution of \(\Rightarrow _{\text {mod}}\) on the initial state, it holds that \(\varGamma \cup \varDelta =\varGamma _0\).

Proof

In the initial state \((\varGamma _0; \varDelta _0; \{P(x_1,\ldots ,x_n)\}; \emptyset )\), this is obviously the case since \(\varDelta _0=\emptyset \). For proving that this property holds throughout the execution of \(\Rightarrow _{\text {mod}}\), we assume that it holds in a state \((\varGamma '; \varDelta '; \mathcal {I}'; M')\) and show that after applying one rule, it is still met in the resulting state \((\varGamma ; \varDelta ; \mathcal {I}; M)\).

Refine, Clean.Both \(\varGamma '\) and \(\varDelta '\) remain unaltered, hence \(\varGamma \cup \varDelta =\varGamma _0\).

Solve.Literals are moved from \(\varGamma _0\) to \(\varDelta \), hence \(\varGamma \cup \varDelta =\varGamma _0\cup \varDelta _0=\varGamma _0\).    \(\square \)

Lemma 8

(Complete Linear Literal Model). Let \((\varGamma _0; \emptyset ; \{P(x_1,\ldots ,x_n)\}; \emptyset )\) be an initial state and \((\emptyset ; \varDelta ; \emptyset ; M)\) a final state generated by executing \(\Rightarrow _{\text {mod}}\) on it. Then M is a complete linear literal model of \(\varGamma _0\).

Proof

M is a complete linear literal interpretation by Definition 2.1-3, Lemma 4. By Lemma 7, we have \(\varDelta =\varGamma _0\). By Definition 2.4, the literals in M generalize all literals in \(\varDelta \) and hence in \(\varGamma _0\). This proves that M is a model of \(\varGamma _0\).    \(\square \)

Our rules are not deterministic, and several factors affect the model obtained by running \(\Rightarrow _{\text {mod}}\) with the same initial state \((\varGamma _0; \emptyset ; P(x_1,\ldots ,x_n); \emptyset )\). If the preconditions of multiple rules are met in a non-final state \((\varGamma ; \varDelta ; \mathcal {I}; M)\), we are free to choose the order in which we execute them. If there are literals \(L,K\in \mathcal {I}\) meeting the preconditions of Refine with respect to the same minimal variable position p, either may be chosen. Thus applying \(\Rightarrow _{\text {mod}}\) to the same trail twice might give us two literal interpretations of different size as shown by an example.

Example 9

(Model Size). Consider the signature \(\varSigma =(\{a/0,g/1\},\{R/2\})\) and \(\varGamma _0 = \{L_1,L_2,L_3,L_4,L_5,L_6\}\) where \(L_1=\lnot R(a,a)\), \(L_2=R(a,g(a))\), \(L_3=R(g(a),g(g(a)))\), \(L_4=R(a,g(g(a)))\), \(L_5=\lnot R(g(a),g(a))\), and \(L_6=\lnot R(g(a),a)\}\). A possible run is shown below. The variables or literals we refine in the next step or apply Solve or Clean to, respectively, are underlined.

$$\begin{array}{rll} 0: &{} &{} (\varGamma _0; \emptyset ; \{R(\underline{x},y)\}; \emptyset )\\ 1: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma _0; \emptyset ; \{R(a,\underline{y}),R(g(z),y)\}; \emptyset )\\ 2: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma _0; \emptyset ; \{\underline{R(a,a)},\underline{R(a,g(u))},R(g(z),y)\}; \emptyset )\\ 3: &{} \Rightarrow _{\text {mod}}^{\text {Solve*}} &{} (\varGamma _1; \varDelta _1; \{R(g(z),\underline{y})\}; M_1)\\ 4: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma _1; \varDelta _1; \{\underline{R(g(z),a)},R(g(z),g(v))\}; M_1)\\ 5: &{} \Rightarrow _{\text {mod}}^{\text {Solve}} &{} (\varGamma _2; \varDelta _2; \{R(g(z),g(\underline{v}))\}; M_2)\\ 6: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma _2; \varDelta _2; \{\underline{R(g(z),g(a))},\underline{R(g(z),g(g(w)))}\}; M_2)\\ 7: &{} \Rightarrow _{\text {mod}}^{\text {Solve*}} &{} (\varGamma _3; \varDelta _3; \emptyset ; M_3) \end{array}$$

The initial state is given by \((\varGamma _0; \emptyset ; \{R(x,y)\}; \emptyset )\) (step 0). We choose to refine x at position \(p=1\) in R(xy), since \(L_1\) and \(L_3\) are instances of its atom with differing signs and \(L_1|_1\) and \(L_3|_1\) are not unifiable. Rule Refine replaces R(xy) by R(ay) and R(g(z), y) (step 1). Similarly, we refine the variable y at position \(p=2\) in R(ay), since \(L_1\) and \(L_2\) are instances of it having different sign and \(L_1|_2\) and \(L_2|_2\) are not unifiable (step 2). Then rule Solve can be applied twice, namely to R(aa) and its negative instance \(L_1\in \varGamma _0\), and to R(ag(u)) and its positive instances \(L_2,L_4\in \varGamma _0\). We obtain \(\varGamma _1=\varGamma _0\setminus \{L_1,L_2,L_4\}\), \(\varDelta _1=\{L_1,L_2,L_4\}\), and \(M_1=\{\lnot R(a,a),R(a,g(u))\}\) (step 3). Next, the variable y at position \(p=2\) in R(g(z), y) is refined, since \(L_3\) and \(L_5\) are instances of it having opposite sign and their subterms at position 2 are not unifiable. The literal R(g(z), y) is replaced by R(g(z), a) and R(g(z), g(v)) (step 4). Since \(\varGamma _1\) contains only a positive instance of R(g(z), a), namely \(L_6\), rule Solve is applied resulting in \(\varGamma _2=\varGamma _1\setminus \{L_6\}\), \(\varDelta _2=\varDelta _1\cup \{L_6\}\), and \(M_2=M_1\cup \{\lnot R(g(z),a)\}\) (step 5). The trail \(\varGamma _2\) contains instances \(L_3\) and \(L_5\) of R(g(z), g(v)) with different sign. Variable v at position 2 1 is chosen for refinement, since \(L_3|_{2\,1}\) and \(L_5|_{2\,1}\) are not unifiable, and R(g(z), g(v)) is replaced by R(g(z), g(a)) and R(g(z), g(g(w))) (step 6). Now \(\varGamma _2\) contains only a positive instance of R(g(z), g(a)) and a negative one of R(g(z), g(g(w))), and rule Solve is applicable. This gives us \(\varGamma _3=\varGamma _2\setminus \{L_3,L_5\}=\emptyset \), \(\varDelta _3=\varDelta _2\cup \{L_3,L_5\}=\varGamma _0\), and \(M_3=M_2\cup \{\lnot R(g(z),g(a)),R(g(z),g(g(w)))\}\) with 5 literals (step 7).

The choice of the variable to be refined in step 1 is not deterministic, and the following steps might lead to a different model. A different run for \(\varGamma _0'=\varGamma _0\) could be as follows:

$$\begin{array}{rll} 0: &{} &{} (\varGamma '_0; \emptyset ; \{R(x,\underline{y})\}; \emptyset )\\ 1: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma '_0; \emptyset ; \{\underline{R(x,a)},R(x,g(z))\}; \emptyset )\\ 2: &{} \Rightarrow _{\text {mod}}^{\text {Solve}} &{} (\varGamma '_1; \varDelta '_1; \{R(\underline{x},g(z))\}; M'_1)\\ 3: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma '_1; \varDelta '_1; \{\underline{R(a,g(z))},R(g(u),g(z))\}; M'_1)\\ 4: &{} \Rightarrow _{\text {mod}}^{\text {Solve}} &{} (\varGamma '_2; \varDelta '_2; \{R(g(u),g(\underline{z}))\}; M'_2)\\ 5: &{} \Rightarrow _{\text {mod}}^{\text {Refine}} &{} (\varGamma '_2; \varDelta '_2; \{\underline{R(g(u),g(a))},\underline{R(g(u),g(g(v)))}\}; M'_2)\\ 6: &{} \Rightarrow _{\text {mod}}^{\text {Solve*}} &{} (\varGamma '_3; \varDelta '_3; \emptyset ; M'_3) \end{array}$$

The first refinement step involves \(p=2\), \(y=R(x,y)|_2\) motivated by \(L_1\) and \(L_2\) (step 1). Now we can execute Solve on R(xy) since it has only negative instances on \(\varGamma _0'\), which are \(L_1\) and \(L_6\) obtaining \(\varGamma _1'=\varGamma _0\setminus \{L_1,L_6\}\), \(\varDelta _1'=\varDelta _0\cup \{L_1,L_6\}\), and \(M_1'=\{\lnot R(x,a)\}\) (step 2). The variable x at position 1 of R(xg(z)) is refined, since \(L_2\) and \(L_5\) are a positive and negative instance, respectively, of R(g(u), g(z)) and their subterms at position 1 are not unifiable, by replacing R(xg(z)) by R(ag(z)) and R(g(u), g(z)) (step 3). Now rule Solve can be executed on R(ag(z)), which generalizes \(L_2\) and \(L_4\), which are both positive. This results in \(\varGamma '_2=\varGamma '_1\setminus \{L_2,L_4\}\), \(\varDelta '_2=\varDelta '_1\cup \{L_2,L_4\}\), and \(M'_2=M'_1\cup \{R(a,g(z))\}\) (step 4). Next, a Refine step on z at position 2 1 in R(g(u), g(z)) is executed due to \(L_3\) and \(L_5\), which are instances of R(g(u), g(z)) of opposite sign and whose subterms at position 2 1 are not unifiable. The literal R(g(u), g(z)) is replaced by R(g(u), g(a)) and R(g(u), g(g(v))) (step 5), which have one instance each in \(\varGamma '_2\). Rule Solve is applied twice, resulting in \(\varGamma '_3=\varGamma '_2\setminus \{L_3,L_5\}=\emptyset \), \(\varDelta '_3=\varDelta '_2\cup \{L_3,L_5\}=\varGamma '_0\), and \(M'_3=M'_2\cup \{\lnot R(g(u),g(a)),R(g(u),g(g(v)))\}\) with 4 literals.

So \(M_3\) and \(M'_3\) not only differ syntactically, but also contain a different number of literals. Refining x before y led to \(\lnot R(a,a),\lnot R(g(z),a)\in M_3\), whereas refining y before x resulted in \(\lnot R(x,a)\in M'_3\), which generalizes both \(\lnot R(a,a)\) and \(\lnot R(g(z),a)\).

In summary, \(\Rightarrow _{\text {mod}}\) computes an overall interpretation out of the initial finite set of consistent ground literals in polynomial time. We shortly compare our model representation formalism with the long standing literature, in particular [10, 17]. They suggested four postulates which should ideally be met by any model representation formalism:

  • Uniqueness. Each model representation M specifies a single interpretation over \(\varSigma \).

  • Atom Test. There exists a fast procedure to evaluate arbitrary ground atoms over the signature \(\varSigma \) in M.

  • Formula Evaluation. There exists an algorithm deciding the truth value of an arbitrary formula over \(\varSigma \) in M.

  • Equivalence Test. There exists an algorithm deciding whether two representations M and \(M'\) over \(\varSigma \) describe the same interpretation.

The model M obtained by \(\Rightarrow _{\text {mod}}\) is a complete linear literal interpretation. Our representation formalism is therefore a special case of an atomic representation (ARM) [10] if we leave out negative literals which are implicit for ARMs. The validity of the four model building postulates has been shown for ARMs [10]. So the models computed by \(\Rightarrow _{\text {mod}}\) satisfy the four model building postulates. Clause evaluation for our linear literal models M is straightforward: a clause C is valid iff there is no substitution \(\sigma \) such that for each \(L\in C\) there is a literal \(K\in M\) such that \(L\sigma \) and \(K\sigma \) are complementary. Recall that this is a consequence of the fact that our literal interpretations are explicit and complete: for any ground atom A over \(\varSigma \) there is a literal K in M such that A is a literal instance of K. The respective procedure for ARMs is more involved [45], whereas in our case established techniques for hyper-resolution apply [35, 47, 56].

Finally, we show consequences out of our model building procedure for non-ground literals and the SCL calculus: if the computed interpretation does not satisfy all clauses, then it can be used to effectively compute a minimal extension to the ground literal restriction of the SCL calculus.

Theorem 10

(Non-ground Guarantees). Let \(\varGamma \) be a set of consistent ground literals. Let M be a model generated by \(\Rightarrow _{\text {mod}}\) from \(\varGamma \). Let L be a (potentially non-ground,) linear literal with \({\text {depth}}({\text {atom}}(L))=d\). Let \(\epsilon = 1\) if L has a position p of depth d (i.e., \(|p| = d\)) such that \(L|_p\) is a constant. Otherwise, \(\epsilon = 0\). Let \(\varGamma \) contain all ground instances \(L \sigma \) of L (i.e., \(L \sigma \in \varGamma \)) with \({\text {depth}}({\text {atom}}(L \sigma )) \le d + \epsilon \). Let \(\varGamma \) contain no ground instance of \({\text {comp}}(L)\), i.e., for all \(K \in \varGamma \) it holds that K is not unifiable with \({\text {comp}}(L)\). Then \(M \models L\).

Proof

Proof by contradiction. We assume that all our assumptions hold, but that \(M \not \models L\). By Definition 2.3 and Lemmas 3 and 4, \(M \not \models L\) if there exists a \(K \in M\) that is unifiable with \({\text {comp}}(L)\). Moreover, \(\varGamma \) contains no ground instances of \({\text {comp}}(L)\) by assumption. We will now prove by induction that we can only reach states \((\varGamma ';\varDelta ;\mathcal {I};M)\) where \(A \in \mathcal {I}\) is unifiable with \({\text {atom}}(L)\) if A has depth \(\le d + \epsilon \) and \(\varGamma '\) contains all ground instances \(L \sigma \) of L such that \({\text {atom}}(L \sigma )\) is also a ground instance of A and \({\text {depth}}({\text {atom}}(L \sigma )) \le d + \epsilon \). (Note that there always exists at least one such ground instance because A has depth \(\le d + \epsilon \).) This property guarantees that Clean can never be applied to an atom \(A \in \mathcal {I}\) that is unifiable with \({\text {atom}}(L)\) and that Solve is only applicable to an atom \(A \in \mathcal {I}\) that is unifiable with \({\text {atom}}(L)\) if there is also an instance \({\text {atom}}(L \sigma )\) of A in \(\varGamma '\) that ensures that we assign A with the correct polarity. The induction base holds trivially because in the state \((\varGamma ; \emptyset ; \{P(x_1,\ldots ,x_n)\}; \emptyset )\) the only atom in \(\mathcal {I}\) is \(P(x_1,\ldots ,x_n)\) and it has the minimal depth 1 and \(\varGamma \) contains by assumption all ground instances of L with depth \(\le d + \epsilon \). For the induction step, we assume that \((\varGamma ';\varDelta ;\mathcal {I};M)\) is a sound state that satisfies our property and prove that any direct successor state \((\varGamma '';\varDelta ';\mathcal {I}';M')\) must again satisfy our property. We prove this by case distinction:

1) Clean and Solve only remove elements A from \(\mathcal {I}\) and all positive and negative instances of A from \(\varGamma ''\). This together with Definition 2.2 guarantees that the literals removed from \(\varGamma ''\) do not match with any of the remaining elements of \(\mathcal {I}'\). Therefore, the property still holds.

2) Refine on A, but A is not unifiable with \({\text {atom}}(L)\). Trivial, because any of the new elements in \(\mathcal {I}'\) will also not be unifiable with L.

3) Refine on A, A is unifiable with \({\text {atom}}(L)\), and \({\text {depth}}(A) \le d + \epsilon \), and the position p of the refined variable has depth \(|p| < d + \epsilon \). This means by induction that \(\varGamma ' = \varGamma ''\) contains all ground instances \(L \sigma \) of L such that \({\text {atom}}(L \sigma )\) is also a ground instance of A and \({\text {depth}}({\text {atom}}(L \sigma )) \le d + \epsilon \). Moreover, any new atom \(A' \in \mathcal {I}' \setminus \mathcal {I}\) has at most depth \(|p| +1\) so still \(\le d + \epsilon \). And lastly, since \(A'\) is an instance of A, \(\varGamma '\) contains all ground instances \(L \sigma \) of L such that \({\text {atom}}(L \sigma )\) is also a ground instance of \(A'\) and \({\text {depth}}({\text {atom}}(L \sigma )) \le d + \epsilon \).

4) Refine on A, A is unifiable with \({\text {atom}}(L)\), \({\text {depth}}(A) = d + \epsilon \), and the position p of the refined variable has depth \(|p| = d + \epsilon \). Let \(A^* = {\text {mgu}}(A,{\text {atom}}(L))\) as well as \(L^* = A^*\) and \(L' = A\) if L is positive or else \(L^* = \lnot A^*\) and \(L' = \lnot A\). This means by induction that \(\varGamma ' = \varGamma ''\) contains all ground instances \(L^* \sigma \) with \({\text {depth}}({\text {atom}}(L^* \sigma )) \le d + \epsilon \) and that they all have the same polarity as L. Moreover, any variable in A has either a position q with depth \(|q| = d + \epsilon \) or there exist no \((A \tau ), (\lnot A \tau ') \in \varGamma '\) such that \((A \tau )|_q\) and \((A \tau ')|_q\) are not unifiable. However, this means we also know that any ground instance \((L^*[x_q]_q) \sigma \) of \((L^*[x_q]_q)\) must be in \(\varGamma ' = \varGamma ''\) if q is the variable position of \(x_q\) in A with \(|q| < d + \epsilon \). Note that due to linearity of L and A (and assuming disjoint variables) \(A^*|_q \ne A|_q\) if and only if there exist \(q', q''\) such that \(q = q' q''\), \(A|_{q'}\) is the position of a variable \(x_{q'}\), \(|q'| < d + \epsilon \), \(L|_{q'}\) is defined and not a variable, and \(A^*|_{q'} = L|_{q'}\). This means that we get \(L'\)/A if we replace all positions q in \(L^*\)/\(A^*\) with \(A|_q\) if \(A|_q = x_q\) and \(|q| < d + \epsilon \). If we use this together with the previous fact for all variable positions \(|q| < d + \epsilon \), then we get that any ground instance \(L' \sigma \) of \(L'\) must be in \(\varGamma ' = \varGamma ''\) and therefore Refine is not applicable. A contradiction.

5) Refine on A, A is unifiable with \({\text {atom}}(L)\), and \({\text {depth}}(A) > d + \epsilon \). This case is impossible by induction hypothesis!    \(\square \)

The preconditions of Theorem 10 may look unrelated to its conlusion at first sight. The first example shows why \(\varGamma \) needs to contain all ground instances \(L \sigma \) of L of depth \({\text {depth}}(L)\). The reason is that Refine may lead to an atom K in \(\mathcal {I}\) that is unifiable with \({\text {comp}}(L)\) but \(\varGamma \) contains no ground instances of \({\text {comp}}(K)\). In our example this is P(xf(y)). The second example shows why \(\varGamma \) needs to contain all ground instances \(L \sigma \) of L of depth \({\text {depth}}(L) + 1\) if L has a constant at a position p with depth \(d = {\text {depth}}(L)\). The reason is that an application of Refine may lead to an atom K in \(\mathcal {I}\) that is unifiable with \({\text {comp}}(L)\) but has no ground instances of \({\text {comp}}(K)\). In our example this is P(f(x), y).

Example 11

(1) Let \(\varGamma = \{ \lnot P(a,a), \lnot P(f(a),a), P(a,f(a))\}\) with signature \(\varSigma = (\{a/0,f/1\},\{P\})\). Then for the input state \((\varGamma ;\emptyset ;P(x,y);\emptyset )\) the calculus returns the model \(M = \{\lnot P(x,a), P(x,f(y))\}\) because we first need to apply Refine to position 2. Although for \(\lnot P(f(x),y)\) there is no inconsistent atom in \(\varGamma \), \(M \not \models \lnot P(f(x),y)\).

(2) Let \(\varGamma = \{ \lnot P(a,a), \lnot P(a,b), \lnot P(b,a), P(b,b) \}\) with signature \(\varSigma = (\{a/0\), b/0, \(f/1\}\), \(\{P\})\). Then for the input state \((\varGamma ;\emptyset ;P(x,y);\emptyset )\) the calculus can return the model \(M = \{\lnot P(a,y), P(f(x),y), \lnot P(b,a), P(b,b), P(b,f(y)) \}\) if we first apply Refine to position 1. And although for \(\lnot P(x,a)\) there is no inconsistent atom in \(\varGamma \), \(M \not \models \lnot P(x,a)\).

Theorem 12

(Non-ground Guarantees by Clean). Let \(\varGamma \) be a consistent set of ground literals. Let M be a model generated by \(\Rightarrow _{\text {mod}}\) from \(\varGamma \). Let d be the maximal depth of any negative literal in \(\varGamma \). Let A be a linear atom with \({\text {depth}}(A)\le d\). Let \(\varGamma \) contain all ground instances of \(A \sigma \) with \({\text {depth}}(A \sigma ) \le d\). Then \(M \models A\).

Proof

Note that the most general unifier of any two linear literals \(K,K'\) has depth \({\text {depth}}(K{\text {mgu}}(K,K')) = \max ({\text {depth}}(K),{\text {depth}}(K'))\). Firstly, we show that rule Solve can never add a negative literal \(\lnot B\) to the model that is unifiable with \(\lnot A\). In this case, Solve is only applicable if \(\varGamma \) contains a ground instance \(\lnot B\sigma \) and no ground instance \(B\sigma \). The first condition implies \({\text {depth}}(\lnot B) \le d\) and if B and A are unifiable \(A{\text {mgu}}(A,B)\) has depth \(\le d\). However, since \(\varGamma \) contains all ground instances of A with depth \(\le d\) this also means \(\varGamma \) contains all ground instances of \(A{\text {mgu}}(A,B)\) with depth \(\le d\). This means that our assumptions guarantee that the second condition for Solve is not satisfied if \(\lnot B\) is unifiable with \(\lnot A\). So Solve will not add a literal \(\lnot B\) that is unifiable with \(\lnot A\). Secondly, in addition to Solve, only Clean adds literals to M. All literals added by Clean are atoms, so they cannot unify with \(\lnot A\). Hence, \(M \models L\).    \(\square \)

Lemma 13

(Lower Bound for SCL Refutations). Let \(\varGamma \) be the ground partial model of an SCL stuck state for the input clause set N and bounded by \(\preceq \) and \(\beta \). This means in particular that (i) every literal \(L \in \varGamma \) is ground and bounded by \(\preceq \) and \(\beta \) (i.e., \(L \preceq \beta \)), (ii) every ground atom \(A \preceq \beta \) is defined by \(\varGamma \) (i.e., \(A \in \varGamma \) or \(\lnot A \in \varGamma \)), and (iii) for every clause \(C \in N\) and every grounding \(\sigma \) of C either \(\varGamma \models C \sigma \) or there exists a literal \(L \in C \sigma \) such that \(L \not \preceq \beta \). Let M be a complete interpretation (i.e., for every ground atom A, \(M \models A\) or \(M \models \lnot A\)) that models \(\varGamma \) (i.e., \(M \models \varGamma \)) but not the clause set N (i.e., \(M \not \models N\)). Let \(\beta '\) be a smallest ground literal according to \(\preceq \) such that there exists a clause \(C \in N\), a grounding \(\tau \), where \(L \preceq \beta '\) holds for any literal \(L \in C \tau \), and \(M \not \models C \tau \). Then there exists no \(\beta ^* \prec \beta '\) such that an SCL run on N and bounded by \(\prec \) and \(\beta ^*\) finds a refutation.

Proof

The assumptions for \(\beta '\) and the completeness of M imply that \(M \models C \sigma \) for all clauses \(C \in N\) and all groundings \(\sigma \), where \(L \preceq \beta ^*\) for any literal \(L \in C \sigma \). This means one valid SCL run for N, \(\preceq \), and \(\beta ^*\) can simply decide all ground atoms \(A \preceq \beta ^*\) according to M, i.e., according to whether \(M \models A\) or \(M \models \lnot A\), without encountering any conflicts and ending in a stuck state with a set \(\varGamma '\) such that \(\varGamma ' \models {\text {gnd}}^{\preceq \beta ^*}(N)\), where the function \({\text {gnd}}^{\preceq \beta ^*}\) computes the set of all ground instances of a clause set where the grounding is restricted to produce literals L with \(L \preceq \beta ^*\). The existence of this stuck state proves that \({\text {gnd}}^{\preceq \beta ^*} N\) is satisfiable and that there exists no refutation for it. Hence, no SCL run for N, \(\preceq \), and \(\beta ^*\) can find a refutation.    \(\square \)

5 Conclusion and Future Work

Explicit model building is always a compromise between the expressivity of the used language, its computational properties and the effort to actually compute the model. Satisfiability of first-order logic clause sets is not even semi-decidable, so there cannot be a general solution. In the context of SCL, efficient model building and efficient clause evaluation are important aspects and our quite simple model building language, namely complete linear literal interpretations, nicely serves these two purposes. Still there may be room for improvement. For example, the three clauses

$$\begin{array}{l} \lnot R(x,x) \qquad \qquad R(x,g(x))\\ \lnot R(x,y)\vee \lnot R(y,z) \vee R(x,z)\\ \end{array}$$

do not have a finite model. Linear literal interpretations have the finite model property so there cannot be a finite representation of a model within this language. It needs a more expressive language. For example, assuming an additional constant a and a bound \(\beta = R(g(a),g(g(a)))\) a partial model computed by SCL would be

$$\begin{aligned}{}[\lnot R(a,a), R(a,g(a)), R(g(a),g(g(a))), R(a,g(g(a))), \lnot R(g(a),g(a)), \lnot R(g(a), a)^1] \end{aligned}$$

The respective overall model could be represented by the linear Horn clause set

$$\begin{array}{cc} \lnot R(a,a) &{} R(a,g(a))\\ \lnot R(x,y) \rightarrow \lnot R(g(x),y) &{} R(x,y) \rightarrow R(x,g(y))\\ \lnot R(x,y) \rightarrow \lnot R(g(x),g(y)) &{} R(x,y) \rightarrow R(g(x),g(y))\\ \end{array}$$

or by terms with exponents and constraints [4, 13]

$$\begin{array}{cc} i\ge j \parallel \lnot R(g^i(a),g^j(a)) &{} i < j \parallel R(g^i(a),g^j(a))\\ \end{array}.$$

However, it is an open question how such representations can be actually computed out of a set of ground literals and how they can be used to efficiently test validity of clauses.

The rule Clean may actually add the respective literal wither positively or negatively to M. In practice, such literals could be marked in M. Then in case of starting from an SCL stuck trail where M is not a model for the clause set, a small but useful extension is to check whether flipping the sign of some of these literals turn M into a model.

In summary, we have presented an algorithm that computes in polynomial time out of a finite consistent set of ground literals \(\varGamma \) a complete linear literal interpretation M such that \(M\models \varGamma \). Furthermore, M can be effectively used to evaluate clauses and to determine a minimal extension to the ground literal restriction \(\beta \) out of an SCL stuck state.