An Infinite Needle in a Finite Haystack: Finding Infinite Counter-Models in Deductive Verification

First-order logic, and quantifiers in particular, are widely used in deductive verification. Quantifiers are essential for describing systems with unbounded domains, but prove difficult for automated solvers. Significant effort has been dedicated to finding quantifier instantiations that establish unsatisfiability, thus ensuring validity of a system's verification conditions. However, in many cases the formulas are satisfiable: this is often the case in intermediate steps of the verification process. For such cases, existing tools are limited to finding finite models as counterexamples. Yet, some quantified formulas are satisfiable but only have infinite models. Such infinite counter-models are especially typical when first-order logic is used to approximate inductive definitions such as linked lists or the natural numbers. The inability of solvers to find infinite models makes them diverge in these cases. In this paper, we tackle the problem of finding such infinite models. These models allow the user to identify and fix bugs in the modeling of the system and its properties. Our approach consists of three parts. First, we introduce symbolic structures as a way to represent certain infinite models. Second, we describe an effective model finding procedure that symbolically explores a given family of symbolic structures. Finally, we identify a new decidable fragment of first-order logic that extends and subsumes the many-sorted variant of EPR, where satisfiable formulas always have a model representable by a symbolic structure within a known family. We evaluate our approach on examples from the domains of distributed consensus protocols and of heap-manipulating programs. Our implementation quickly finds infinite counter-models that demonstrate the source of verification failures in a simple way, while SMT solvers and theorem provers such as Z3, cvc5, and Vampire diverge

Explicit fixed-points in provability logic

Smyslem této diplomové práce je prozkoumat explicitní výpoty pevn ých bod v logice dokazatelnosti GL. Vta o pevných bodech zní: Pro kadou modální formuli A(p) v ní kadý výskyt atomu p je vázán modálním operátorem ¤, existuje formule D obsahující pouze výrokové atomy obsaené v A(p), neobsahující výrokový atom p, a taková, e v GL je dokazatelné D ' A(D). Formule D je navíc ur- ena a na dokazatelnou ekvivalenci jednoznan. Nejprve vyslovíme nkolik speciálních pípad vty o pevných bodech a poté podrobnji prozkoumáme vtu v plném znní. Dále ukáeme jednu sémantickou a dv syntaktické konstrukce pevných bod a dokáeme jejich korektnost. V práci se zabýváme také nkterými sloitostními aspekty konstrukce, pedevím uvádíme jednoduché horní odhady délky a modální sloitosti získaných pevných bod.The aim of this diploma thesis is to discuss the explicit calculations of xed-points in provability logic GL. The xed-point theorem reads: For every modal formula A(p) such that each occurrence of p is under the scope of ¤, there is a formula D containing only sentence letters contained in A(p), not containing the sentence letter p, such that GL proves D ' A(D). Moreover, D is unique up to the provable equivalence. Firstly, we establish some special cases of the theorem and then we will look more closely at the full theorem. We show one semantic and two syntactic full xed-point constructions and prove their correctness. We also discuss some complexity aspects connected with the constructions and present basic upper bounds on length and modal depth of the constructed xed-points.Katedra logikyDepartment of LogicFaculty of ArtsFilozofická fakult