Argosy: verifying layered storage systems with recovery refinement

Chajed, Tej; Tassarotti, Joseph; Kaashoek, M. Frans; Zeldovich, Nickolai

doi:10.1145/3314221.3314585

Cited by 6 publications

(9 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Two tangentially related systems with similar aims to AbsFAT are the work of Koh et al [16] towards verifying the operating system components involved in a networked server, and the work of Chajed et al [4] on Argosy, a verified system for stacking storage layers. While these systems are executable, they do not offer the sort of support for constructing and simplifying proofs about filesystem clients that AbsFAT does.…”

Section: Related Workmentioning

confidence: 99%

Separation Logic-Based Verification Atop a Binary-Compatible Filesystem Model

Mehta

Cook

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Filesystems have held the interest of the formal verification community for a while, with several high-performance filesystems constructed with accompanying proofs of correctness. However, the question of verifying an existing filesystem and incorporating filesystem-specific guarantees remains unexplored, leaving those application developers underserved who need to work with a specific filesystem known to be fit for their purpose. In this work, we present an implementation of a verified filesystem which matches the specification of an existing filesystem, and with our new model AbsFAT tie it to the reasoning framework of separation logic in order to verify properties of programs which use the filesystem. This work is intended to match the target filesystem, FAT32, at a binary level and return the same data and error codes returned by mature FAT32 implementations, considered canonical. We provide a logical framework for reasoning about program behavior when filesystem calls are involved in terms of separation logic, and adapt it to simplify and automate the proof process in ACL2. By providing this framework, we encourage and facilitate greater adoption of software verification by application developers.

show abstract

Section: Related Workmentioning

confidence: 99%

Separation Logic-Based Verification Atop a Binary-Compatible Filesystem Model

Mehta

Cook

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Verified crash safety. Recently several verification frameworks have tackled the problem of crash safety of sequential systems, including verified file systems [5,7,10,34]. These systems address many issues, including handling crashes during recovery and giving an abstract specification that covers non-crashing and crashing execution separately.…”

Section: Related Workmentioning

confidence: 99%

“…This requirement is enforced in two ways: first, the crash invariant is also a crash invariant for recovery, as specified by CrashInv ; and second, the idempotence condition requires that the crash invariant be itself crash invariant by only referring to durable resources. The requirement that recovery maintain a crash invariant corresponds to the idempotence principle identified in previous sequential verification systems [5,7,31,34].…”

Section: Verifying Refinementmentioning

confidence: 99%

“…Several existing verified storage systems address many aspects of crash safety [5,7,10,34], but they support only sequential execution. There has also been great progress in verifying concurrent systems [4,13,14,20,23,41], but none support crash safety reasoning.…”

Section: Introductionmentioning

confidence: 99%

“…Our prototypes of Perennial and Goose have some limitations. Perennial does not currently support composing layers of abstraction; we believe that extending multilayered frameworks like CertiKOS [13] and Argosy [5] to the concurrent crash setting is feasible. Perennial proofs only cover safety properties and not liveness, as is typical in concurrent verification.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Verifying concurrent, crash-safe systems with Perennial

Chajed¹,

Tassarotti

Kaashoek³

et al. 2019

Proceedings of the 27th ACM Symposium on Operating Systems Principles

Self Cite

View full text Add to dashboard Cite

This paper introduces Perennial, a framework for verifying concurrent, crash-safe systems. Perennial extends the Iris concurrency framework with three techniques to enable crash-safety reasoning: recovery leases, recovery helping, and versioned memory. To ease development and deployment of applications, Perennial provides Goose, a subset of Go and a translator from that subset to a model in Perennial with support for reasoning about Go threads, data structures, and file-system primitives. We implemented and verified a crash-safe, concurrent mail server using Perennial and Goose that achieves speedup on multiple cores. Both Perennial and Iris use the Coq proof assistant, and the mail server and the framework's proofs are machine checked. CCS Concepts • Software and its engineering → Software verification; Concurrency control; Software fault tolerance.

show abstract

A Complete Inference System for Skip-free Guarded Kleene Algebra with Tests

Schmid

Kappé

Silva

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Guarded Kleene Algebra with Tests (GKAT) is a fragment of Kleene Algebra with Tests (KAT) that was recently introduced to reason efficiently about imperative programs. In contrast to KAT, GKAT does not have an algebraic axiomatization, but relies on an analogue of Salomaa’s axiomatization of Kleene Algebra. In this paper, we present an algebraic axiomatization and prove two completeness results for a large fragment of GKAT consisting of skip-free programs.

show abstract

Argosy: verifying layered storage systems with recovery refinement

Cited by 6 publications

References 23 publications

Separation Logic-Based Verification Atop a Binary-Compatible Filesystem Model

Separation Logic-Based Verification Atop a Binary-Compatible Filesystem Model

Verifying concurrent, crash-safe systems with Perennial

A Complete Inference System for Skip-free Guarded Kleene Algebra with Tests

Contact Info

Product

Resources

About