國立高雄大學圖資館 |

語系: 繁體中文

說明(常見問題)

圖資館首頁

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Automatic detection of serious stora...

Stanford University.

Automatic detection of serious storage system errors via model checking.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Automatic detection of serious storage system errors via model checking.
作者:	Yang, Junfeng.
面頁冊數:	131 p.
附註:	Adviser: Dawson Engler.
附註:	Source: Dissertation Abstracts International, Volume: 68-12, Section: B, page: 8157.
Contained By:	Dissertation Abstracts International68-12B.
標題:	Computer Science.
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3292433
ISBN:	9780549357254

Automatic detection of serious storage system errors via model checking.
Yang, Junfeng.

Automatic detection of serious storage system errors via model checking. - 131 p.

Adviser: Dawson Engler.

Thesis (Ph.D.)--Stanford University, 2008.

Storage systems such as file systems, databases, and RAID (Redundant Array of Inexpensive Disks) systems have a simple, basic contract: you give them data, they do not lose or corrupt it. Often they store the only copy of data, making its irrevocable loss intolerable. Unfortunately, storage system code is exceptionally hard to get right, in part because it must correctly recover from any crash at any program point, no matter how their state was smeared across volatile and persistent memory. This dissertation presents FiSC and EXPLODE, two systems that are tailored to effectively, systematically check real storage systems for errors. FiSC is designed to check file systems. It adapts ideas from model checking, a comprehensive, heavyweight formal verification technique to make its checking systematic. It comes with a set of generic and file-system-specific checks that are applicable to many file systems. We applied FiSC to four widely used, heavily tested Linux file systems: ext3, JFS, ReiserFS and XFS. We found serious bugs in each of them, 33 in total, most of which led to Linux kernel patches within a few days of diagnosis. For each file system, FiSC found demonstrable events leading to the unrecoverable destruction of entire directory trees, including the file system root directory "/" (i.e. all data in the file system). FiSC shows that model checking can practically, effectively find interesting errors in real file systems.

ISBN: 9780549357254Subjects--Topical Terms:

212513
Computer Science.

Automatic detection of serious storage system errors via model checking.
LDR:04303nmm _2200265 _450 001 206831
005 20090413125716.5
008 090730s2008 ||||||||||||||||| ||eng d
020 $a 9780549357254
035 $a 00372043
040 $a UMI $c UMI
100 $a Yang, Junfeng. $3 321765
245 1 0 $a Automatic detection of serious storage system errors via model checking.
300 $a 131 p.
500 $a Adviser: Dawson Engler.
500 $a Source: Dissertation Abstracts International, Volume: 68-12, Section: B, page: 8157.
502 $a Thesis (Ph.D.)--Stanford University, 2008.
520 $a Storage systems such as file systems, databases, and RAID (Redundant Array of Inexpensive Disks) systems have a simple, basic contract: you give them data, they do not lose or corrupt it. Often they store the only copy of data, making its irrevocable loss intolerable. Unfortunately, storage system code is exceptionally hard to get right, in part because it must correctly recover from any crash at any program point, no matter how their state was smeared across volatile and persistent memory. This dissertation presents FiSC and EXPLODE, two systems that are tailored to effectively, systematically check real storage systems for errors. FiSC is designed to check file systems. It adapts ideas from model checking, a comprehensive, heavyweight formal verification technique to make its checking systematic. It comes with a set of generic and file-system-specific checks that are applicable to many file systems. We applied FiSC to four widely used, heavily tested Linux file systems: ext3, JFS, ReiserFS and XFS. We found serious bugs in each of them, 33 in total, most of which led to Linux kernel patches within a few days of diagnosis. For each file system, FiSC found demonstrable events leading to the unrecoverable destruction of entire directory trees, including the file system root directory "/" (i.e. all data in the file system). FiSC shows that model checking can practically, effectively find interesting errors in real file systems.
520 $a While being more lightweight than a traditional model checking approach, FiSC still requires a heavily intrusive port of the checked Linux system to run inside the model checker FiSC uses, making it difficult to check other storage systems; in the best case, checking a new file system may take a week. Improving upon FiSC, EXPLODE uses a novel in-situ checking architecture that checks live storage systems running in their native environments, by interlacing the control it needs for systematic checking throughout the checked system (instead of "shoehorning" the checked system to run inside the model checker). This architecture gets most of FiSC's model checking benefits and drastically reduces the checking overhead: in the best case, clients write a few tens of C++ code to check a new storage system. This reduction enables EXPLODE to check many more storage systems than FiSC. Even for the same systems checked by both FiSC and EXPLODE, setting them up for checking in EXPLODE often takes just a few minutes, several orders of magnitude reduction compared to a week's effort in FiSC. Since the in-situ architecture simplifies checking of new storage systems, E XPLODE provides a flexible checking interface that allows developers to easily write new checkers and check new storage systems or compose complicated storage stacks from existing components for checking. We applied EXPLODE to a broader range of real-world storage systems (without requiring source code): three version control systems, Berkeley DB, the Linux NFS V3 implementation, ten Linux file systems, a RAID system, and the popular VMware GSX virtual machine. As with FiSC, we found serious bugs in every system checked, 36 bugs in total, typically with little effort. One interesting result is that EXPLODE detects that the checked version of VMware GSX server on Linux makes it impossible for storage systems to enjoy correct crash recovery however GSX is configured.
590 $a School code: 0212.
650 $a Computer Science. $3 212513
690 $a 0984
710 $a Stanford University. $3 212607
773 0 $g 68-12B. $t Dissertation Abstracts International
790 $a 0212
790 1 0 $a Engler, Dawson, $e advisor
791 $a Ph.D.
792 $a 2008
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3292433 $z http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3292433