SibylFS

Ridge, Tom; Sheets, David; Tuerk, Thomas; Giugliano, Andrea; Madhavapeddy, Anil; Sewell, Peter

doi:10.1145/2815400.2815411

Cited by 40 publications

(9 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Using the Cogent Why Proof Engineering Matters language and its certifying compiler (Section 3.1.1), Amani et al (2016) developed a file system called BilbyFS in Isabelle/HOL with executable code in C; they also implemented and verified the legacy Linux file system ext2. Ridge et al (2015) developed a specification of POSIX file systems in HOL4, which they tested against real-world file system behavior.…”

Section: Proof Engineering For Program Verificationmentioning

confidence: 99%

QED at Large: A Survey of Engineering of Formally Verified Software

Ringer

Palmskog

Sergey

et al. 2019

FNT in Programming Languages

View full text Add to dashboard Cite

Development of formal proofs of correctness of programs can increase actual and perceived reliability and facilitate better understanding of program specifications and their underlying assumptions. Tools supporting such development have been available for over 40 years, but have only recently seen wide practical use. Projects based on construction of machine-checked formal proofs are now reaching an unprecedented scale, comparable to large software projects, which leads to new challenges in proof development and maintenance. Despite its increasing importance, the field of proof engineering is seldom considered in its own right; related theories, techniques, and tools span many fields and venues. This survey of the literature presents a holistic understanding of proof engineering for program correctness, covering impact in practice, foundations, proof automation, proof organization, and practical proof development.

show abstract

Section: Proof Engineering For Program Verificationmentioning

confidence: 99%

QED at Large: A Survey of Engineering of Formally Verified Software

Ringer

Palmskog

Sergey

et al. 2019

FNT in Programming Languages

View full text Add to dashboard Cite

show abstract

“…It is a matter of engineering effort to produce a better symbolic filesystem. It would be interesting to link our symbolic system up with SibylFS [Ridge et al 2015] or Forest [Fisher et al 2011], or to use Ntzik et al 's reasoning [2017;. We can also imagine implementing a read-only filesystem that allows access to the real, underlying filesystem, but treats writes (and other dangerous operations, like execve) as noops.…”

Section: Simulating Posixmentioning

confidence: 99%

Executable formal semantics for the POSIX shell

Greenberg

Blatt²

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

The POSIX shell is a widely deployed, powerful tool for managing computer systems. The shell is the expert's control panel, a necessary tool for configuring, compiling, installing, maintaining, and deploying systems. Even though it is powerful, critical infrastructure, the POSIX shell is maligned and misunderstood. Its power and its subtlety are a dangerous combination.We define a formal, mechanized, executable small-step semantics for the POSIX shell, which we call Smoosh. We compared Smoosh against seven other shells that aim for some measure of POSIX compliance (bash, dash, zsh, OSH, mksh, ksh93, and yash). Using three test suites-the POSIX test suite, the Modernish test suite and shell diagnosis, and a test suite of our own device-we found Smoosh's semantics to be the most conformant to the POSIX standard. Modernish judges Smoosh to have the fewest bugs (just one, from using dash's parser) and no quirks. To show that our semantics is useful beyond yielding a conformant, executable shell, we also implemented a symbolic stepper to illuminate the subtle behavior of the shell.Smoosh will serve as a foundation for formal study of the POSIX shell, supporting research on and development of new shells, new tooling for shells, and new shell designs.Additional Key Words and Phrases: command line interfaces, POSIX, formalization, small-step semantics * Work done while at Pomona College. 1 A misunderstanding of expansion in a Steam script wiped hard drives:

show abstract

“…Yang et al [25], [26] applied model checking to existing file systems to find semantic bugs. SybylFS [27] detects buggy behaviors not allowed when a sequence of system calls is executed. To identify buggy behaviors, SybylFS defines a mathematical model of file sys-tem behavior and validates the trace of the execution of the sequence of system calls.…”

Section: Related Workmentioning

confidence: 99%

File Systems are Hard to Test — Learning from Xfstests

Aota

Kono

2019

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Modern file systems, such as ext4, btrfs, and XFS, are evolving and enable the introduction of new features to meet ever-changing demands and improve reliability. File system developers are struggling to eliminate all software bugs, but the operating system community points out that file systems are a hotbed of critical software bugs. This paper analyzes the code coverage of xfstests, a widely used suite of file system tests, on three major file systems (ext4, btrfs, and XFS). The coverage is 72.34%, and the uncovered code runs into 23,232 lines of code. To understand why the code coverage is low, the uncovered code is manually examined line by line. We identified three major causes, peculiar to file systems, that hinder higher coverage. First, covering all the features is difficult because each file system provides a wide variety of file-system specific features, and some features can be tested only on special storage devices. Second, covering all the execution paths is difficult because they depend on file system configurations and internal on-disk states. Finally, the code for maintaining backward-compatibility is executed only when a file system encounters old formats. Our findings will help file system developers improve the coverage of test suites and provide insights into fostering the development of new methodologies for testing file systems.

show abstract

SibylFS

Cited by 40 publications

References 22 publications

QED at Large: A Survey of Engineering of Formally Verified Software

QED at Large: A Survey of Engineering of Formally Verified Software

Executable formal semantics for the POSIX shell

File Systems are Hard to Test — Learning from Xfstests

Contact Info

Product

Resources

About