Vesal Vojdani

Bio: Vesal Vojdani is an academic researcher from University of Tartu. The author has contributed to research in topics: Static analysis & Abstract interpretation. The author has an hindex of 9, co-authored 17 publications receiving 208 citations. Previous affiliations of Vesal Vojdani include Technische Universität München.

Static race detection for device drivers: the Goblint approach

Abstract: Device drivers rely on fine-grained locking to ensure safe access to shared data structures. For human testers, concurrency makes such code notoriously hard to debug; for automated reasoning, dynamically allocated memory and low-level pointer manipulation poses significant challenges. We present a flexible approach to data race analysis, implemented in the open source Goblint static analysis framework, that combines different pointer and value analyses in order to handle a wide range of locking idioms, including locks allocated dynamically as well as locks stored in arrays. To the best of our knowledge, this is the most ambitious effort, having lasted well over ten years, to create a fully automated static race detection tool that can deal with most of the intricate locking schemes found in Linux device drivers. Our evaluation shows that these analyses are sufficiently precise, but practical use of these techniques requires inferring environmental and domain-specific assumptions.

Side-Effecting Constraint Systems: A Swiss Army Knife for Program Analysis

Abstract: Side-effecting constraint systems were originally introduced for the analysis of multi-threaded code [22]. In this paper, we show how this formalism provides a unified framework for realizing efficient interprocedural analyses where the amount of context-sensitivity can be tweaked and where the context-sensitive analyses of local properties can be combined with flow-insensitive analyses of global properties, e.g., about the heap. Side-effecting constraint systems thus form the ideal basis for building general-purpose infrastructures for static analysis. One such infrastructure is the analyzer generator Goblint, which we used to practically evaluate this approach on real-world examples.

Static Data Race Analysis of Heap-Manipulating C Programs

Abstract: 8

Region Analysis for Race Detection

Abstract: Automatic race detection of C programs requires fast, yet sufficiently precise analysis of dynamic memory. Therefore, we present a region-based pointer analysis which seeks to identify disjoint regions of dynamically allocated objects to ensure that write accesses to the same region are always protected by the same mutexes. Our approach has been implemented within the interprocedural analyzer of concurrent C programs GobLint and we have successfully applied it on code from the Linux kernel, such as the access vector cache. This code relies on a synchronized hash table where an array of doubly linked lists is protected by an array of locks.

Static analysis of interrupt-driven programs synchronized via the priority ceiling protocol

Abstract: We consider programs for embedded real-time systems which use priority-driven preemptive scheduling with task priorities adjusted dynamically according to the immediate ceiling priority protocol. For these programs, we provide static analyses for detecting data races between tasks running at different priorities as well as methods to guarantee transactional execution of procedures. Beyond that, we demonstrate how general techniques for value analyses can be adapted to this setting by developing a precise analysis of affine equalities.

FM 2006 : Formal Methods : 14th International Symposium on Formal Methods Hamilton, Canada, August 21-27, 2006 : proceedings

Abstract: Invited Talk.- The Embedded Systems Design Challenge.- Interactive Verification.- The Mondex Challenge: Machine Checked Proofs for an Electronic Purse.- Interactive Verification of Medical Guidelines.- Certifying Airport Security Regulations Using the Focal Environment.- Proving Safety Properties of an Aircraft Landing Protocol Using I/O Automata and the PVS Theorem Prover: A Case Study.- Invited Talk.- Validating the Microsoft Hypervisor.- Formal Modelling of Systems.- Interface Input/Output Automata.- Properties of Behavioural Model Merging.- Automatic Translation from Circus to Java.- Quantitative Refinement and Model Checking for the Analysis of Probabilistic Systems.- Real Time.- Modeling and Validating Distributed Embedded Real-Time Systems with VDM++.- Towards Modularized Verification of Distributed Time-Triggered Systems.- Industrial Experience.- A Story About Formal Methods Adoption by a Railway Signaling Manufacturer.- Partially Introducing Formal Methods into Object-Oriented Development: Case Studies Using a Metrics-Driven Approach.- Specification Refinement.- Compositional Class Refinement in Object-Z.- A Proposal for Records in Event-B.- Pointfree Factorization of Operation Refinement.- A Formal Template Language Enabling Metaproof.- Progrmming Languages.- Dynamic Frames: Support for Framing, Dependencies and Sharing Without Restrictions.- Type-Safe Two-Level Data Transformation.- Algebra.- Feature Algebra.- Education.- Using Domain-Independent Problems for Introducing Formal Methods.- Formal Modelling of Systems.- Compositional Binding in Network Domains.- Formal Modeling of Communication Protocols by Graph Transformation.- Feature Specification and Static Analysis for Interaction Resolution.- A Fully General Operational Semantics for UML 2.0 Sequence Diagrams with Potential and Mandatory Choice.- Formal Aspects of Java.- Towards Automatic Exception Safety Verification.- Enforcer - Efficient Failure Injection.- Automated Boundary Test Generation from JML Specifications.- Formal Reasoning About Non-atomic Java Card Methods in Dynamic Logic.- Programming Languages.- Formal Verification of a C Compiler Front-End.- A Memory Model Sensitive Checker for C#.- Changing Programs Correctly: Refactoring with Specifications.- Mechanical Verification of Recursive Procedures Manipulating Pointers Using Separation Logic.- Model Checking.- Model-Based Variable and Transition Orderings for Efficient Symbolic Model Checking.- Exact and Approximate Strategies for Symmetry Reduction in Model Checking.- Monitoring Distributed Controllers: When an Efficient LTL Algorithm on Sequences Is Needed to Model-Check Traces.- PSL Model Checking and Run-Time Verification Via Testers.- Industry Day: Abstracts of Invited Talks.- Formal Methods for Security: Lightweight Plug-In or New Engineering Discipline.- Formal Methods in the Security Business: Exotic Flowers Thriving in an Expanding Niche.- Connector-Based Software Development: Deriving Secure Protocols.- Model-Based Security Engineering for Real.- Cost Effective Software Engineering for Security.- Formal Methods and Cryptography.- Verified Software Grand Challenge.

Data representation synthesis

Abstract: We consider the problem of specifying combinations of data structures with complex sharing in a manner that is both declarative and results in provably correct code. In our approach, abstract data types are specified using relational algebra and functional dependencies. We describe a language of decompositions that permit the user to specify different concrete representations for relations, and show that operations on concrete representations soundly implement their relational specification. It is easy to incorporate data representations synthesized by our compiler into existing systems, leading to code that is simpler, correct by construction, and comparable in performance to the code it replaces.

Progress on Software Verification: SV-COMP 2022

Abstract: Abstract The 11th edition of the Competition on Software Verification (SV-COMP 2022) provides the largest ever overview of tools for software verification. The competition is an annual comparative evaluation of fully automatic software verifiers for C and Java programs. The objective is to provide an overview of the state of the art in terms of effectiveness and efficiency of software verification, establish standards, provide a platform for exchange to developers of such tools, educate PhD students on reproducibility approaches and benchmarking, and provide computing resources to developers that do not have access to compute clusters. The competition consisted of 15 648 verification tasks for C programs and 586 verification tasks for Java programs. Each verification task consisted of a program and a property (reachability, memory safety, overflows, termination). The new category on data-race detection was introduced as demonstration category. SV-COMP 2022 had 47 participating verification systems from 33 teams from 11 countries.

Static race detection for device drivers: the Goblint approach

Abstract: Device drivers rely on fine-grained locking to ensure safe access to shared data structures. For human testers, concurrency makes such code notoriously hard to debug; for automated reasoning, dynamically allocated memory and low-level pointer manipulation poses significant challenges. We present a flexible approach to data race analysis, implemented in the open source Goblint static analysis framework, that combines different pointer and value analyses in order to handle a wide range of locking idioms, including locks allocated dynamically as well as locks stored in arrays. To the best of our knowledge, this is the most ambitious effort, having lasted well over ten years, to create a fully automated static race detection tool that can deal with most of the intricate locking schemes found in Linux device drivers. Our evaluation shows that these analyses are sufficiently precise, but practical use of these techniques requires inferring environmental and domain-specific assumptions.

Software Verification: 10th Comparative Evaluation (SV-COMP 2021)

Abstract: SV-COMP 2021 is the 10th edition of the Competition on Software Verification (SV-COMP), which is an annual comparative evaluation of fully automatic software verifiers for C and Java programs. The competition provides a snapshot of the current state of the art in the area, and has a strong focus on reproducibility of its results. The competition was based on 15 201 verification tasks for C programs and 473 verification tasks for Java programs. Each verification task consisted of a program and a property (reachability, memory safety, overflows, termination). SV-COMP 2021 had 30 participating verification systems from 27 teams from 11 countries.