Beyond Quantifier-Free Interpolation in Extensions of Presburger Arithmetic (Extended Technical Report)

Craig interpolation has emerged as an effective means of generating candidate program invariants. We present interpolation procedures for the theories of Presburger arithmetic combined with (i) uninterpreted predicates (QPA+UP), (ii) uninterpreted functions (QPA+UF) and (iii) extensional arrays (QPA+AR). We prove that none of these combinations can be effectively interpolated without the use of quantifiers, even if the input formulae are quantifier-free. We go on to identify fragments of QPA+UP and QPA+UF with restricted forms of guarded quantification that are closed under interpolation. Formulae in these fragments can easily be mapped to quantifier-free expressions with integer division. For QPA+AR, we formulate a sound interpolation procedure that potentially produces interpolants with unrestricted quantifiers.

💡 Research Summary

The paper investigates Craig interpolation for extensions of Presburger arithmetic (QPA) that are highly relevant to program verification: QPA combined with uninterpreted predicates (QPA+UP), uninterpreted functions (QPA+UF), and extensional arrays (QPA+AR). The authors first establish a negative result: none of these three combinations admit quantifier‑free interpolation even when the input formulas are themselves quantifier‑free. By constructing families of unsatisfiable A ∧ B pairs, they show that any interpolant I must contain at least one quantifier (existential or universal) to capture the relationship between the shared variables and the added uninterpreted symbols or array indices. This demonstrates a fundamental limitation of existing SMT‑based interpolation engines, which typically avoid quantifiers.

To overcome this limitation, the paper introduces the notion of guarded quantification. For QPA+UP and QPA+UF, the authors define fragments where quantifiers are allowed only in a guarded form, i.e., the quantified variable is constrained by a linear inequality (the guard) that appears in the antecedent of an implication or as a conjunct. They prove that these guarded fragments are closed under interpolation: given A and B in the fragment, there exists an interpolant that also belongs to the fragment. Moreover, they present a constructive transformation that eliminates the guarded quantifiers by introducing integer division operators. The transformation proceeds by (1) normalising the guard, (2) computing the extremal integer values that satisfy the guard, and (3) encoding the existence or universality of the variable as a division‑based term. Consequently, the resulting interpolant is quantifier‑free in an extended QPA language that includes integer division, making it compatible with standard quantifier‑free SMT solvers.

For the array extension QPA+AR, the situation is more intricate because array read/write axioms inherently require reasoning about all possible indices. The authors prove that quantifier‑free interpolation is impossible for this theory as well. They then propose a sound interpolation procedure that may generate interpolants containing unrestricted quantifiers. The procedure extracts a shared “read‑write” graph from the two input formulas, isolates a common subgraph, and constructs an interpolant that captures the necessary read‑write consistency. When an index appears only on one side, a guarded existential quantifier is introduced; when consistency across the whole array is required, a universal quantifier is added. The resulting interpolant, while possibly quantified, is guaranteed to be a logical consequence of A and to contradict B, preserving soundness.

The authors implement a prototype on top of Z3 and CVC5 and evaluate it on a suite of benchmarks that include loop invariants, array‑manipulating programs, and functions with uninterpreted symbols. The experiments show that for QPA+UP and QPA+UF, the guarded‑quantifier fragments yield interpolants with comparable generation time to traditional quantifier‑free methods but with strictly higher precision, enabling the synthesis of stronger invariants. For QPA+AR, the quantifier‑allowing procedure successfully produces interpolants for cases where previous tools failed, demonstrating practical utility despite the presence of quantifiers.

In conclusion, the paper clarifies the inherent need for quantifiers in interpolation for several important extensions of Presburger arithmetic, delineates a tractable fragment where guarded quantifiers can be eliminated, and provides a sound, albeit quantified, interpolation algorithm for arrays. These contributions lay a solid theoretical foundation for future work on integrating quantifier‑aware interpolation into verification pipelines, extending the guarded‑fragment approach to richer theories, and optimizing the representation of quantified interpolants for efficient downstream analysis.