• Documents
  • Authors
  • Tables
  • Other Seers ▼
    RefSeer AckSeer CollabSeer SeerSeer
  • Log in
  • Sign up
  • MetaCart

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

Using Model Checking to Find Serious File System Errors (2004)

Cached

  • Download as a PDF

Download Links

  • [www.usenix.org]
  • [www.cs.princeton.edu]
  • [www.usenix.org.]
  • [systems.cs.columbia.edu]
  • [www.stanford.edu]
  • [www.ssrc.ucsc.edu]
  • [www.cs.ualberta.ca]
  • [www.cs.stanford.edu]
  • [www.stanford.edu]
  • [www.cs.wisc.edu]
  • [systems.cs.columbia.edu]
  • [www.cs.columbia.edu]

    • Other Repositories/Bibliography

  • DBLP
  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Junfeng Yang , Paul Twohey , Dawson Engler
Citations:101 - 11 self
  • Summary
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@INPROCEEDINGS{Yang04usingmodel,
    author = {Junfeng Yang and Paul Twohey and Dawson Engler},
    title = {Using Model Checking to Find Serious File System Errors},
    booktitle = {},
    year = {2004},
    pages = {273--288}
}

Years of Citing Articles

Bookmark

citeulike Connotea Bibsonomy Del.icio.us Digg Reddit

OpenURL

 

Abstract

This paper shows how to use model checking to find serious errors in file systems. Model checking is a formal verification technique tuned for finding corner-case errors by comprehensively exploring the state spaces defined by a system. File systems have two dynamics that make them attractive for such an approach. First, their errors are some of the most serious, since they can destroy persistent data and lead to unrecoverable corruption. Second, traditional testing needs an impractical, exponential number of test cases to check that the system will recover if it crashes at any point during execution. Model checking employs a variety of state-reducing techniques that allow it to explore such vast state spaces efficiently. We built a system, FiSC, for model checking file systems. We applied it to three widely-used, heavily-tested file systems: ext3 [13], JFS [21], and ReiserFS [27]. We found serious bugs in all of them, 32 in total. Most have led to patches within a day of diagnosis. For each file system, FiSC found demonstrable events leading to the unrecoverable destruction of metadata and entire directories, including the file system root directory “/”. 1

Citations

2026 Model Checking - Clarke, Grumberg, et al. - 2000
1130 The model checker SPIN - Holzmann - 1997
514 Bandera: Extracting finite-state models from Java source code - Corbett, Dwyer, et al. - 2000
455 Extended static checking for Java - Flanagan, Leino, et al.
408 Design and implementation of the sun network filesystem - Sandberg, Golgberg, et al.
348 Automatically validating temporal safety properties of interfaces - Ball, Rajamani - 2001
347 Enforcing high-level protocols in low-level software - DeLine, Fähndrich - 2001
324 Model Checking for Programming Languages using VeriSoft - Godefroid - 1997
322 Flow-sensitive type qualifiers - Foster, Terauchi, et al. - 2002
315 Checking System rules using System-specific, Programmer-written Compiler Extensions - Engler, Chelf, et al. - 2000
242 A static analyzer for finding dynamic programming errors. Software—Practice and Experience - Bush, Pincus, et al. - 2000
232 Memory resource management in VMware ESX server - WALDSPURGER
221 Type-based race detection for java - Flanagan, Freund - 2000
217 C.: Protocol Verification as a Hardware Design Aid - Dill, Drexler, et al. - 1992
147 D.L.: CMC: A pragmatic approach to model checking real code - Musuvathi, Park, et al.
74 IRON File Systems - Prabhakaran, Bairavasundaram, et al. - 2005
64 Semantically-Smart Disk Systems - Sivathanu, Prabhakaran, et al. - 2003
50 Model-checking large network protocol implementations - Engler, Musuvathi - 2004
48 Soft Updates: A Solution to the Metadata Update Problem in File Systems - Ganger, McKusick, et al. - 2000
43 Model checking programs - Brat, Havelund, et al.
42 Static Analysis versus Software Model Checking for Bug Finding - Engler, Musuvathi - 2004
38 Path-sensitive program verification in polynomial time - DAS, LERNER, et al. - 2002
35 EXPLODE: A Lightweight, General System for Finding Serious Storage System Errors - Yang, Sar, et al.
26 Verifying a file system implementation - Arkoudas, Zee, et al. - 2004
23 From code to models - HOLZMANN
21 Redo recovery after system crashes - LOMET, TUTTLE - 1995
13 Simple garbage-collector-safety - BOEHM - 1996
7 A theory of redo recovery - Lomet, Tuttle
5 Symbolic Model Checking - K - 1993
5 Using model checking to find serious file system errors - Musuvathi, Engler - 2004
1 Private communication - Kleikamp
1 Using Model Checking to Find Serious File System Errors · 1029 - Sandberg, Kleiman, et al. - 1985
The National Science Foundation
  • About CiteSeerX
  • Submit Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2010 The Pennsylvania State University