skip to main content
research-article

Reasoning about the POSIX file system: local update and global pathnames

Published:23 October 2015Publication History
Skip Abstract Section

Abstract

We introduce a program logic for specifying a core sequential subset of the POSIX file system and for reasoning abstractly about client programs working with the file system. The challenge is to reason about the combination of local directory update and global pathname traversal (including '..' and symbolic links) which may overlap the directories being updated. Existing reasoning techniques are either based on first-order logic and do not scale, or on separation logic and can only handle linear pathnames (no '..' or symbolic links). We introduce fusion logic for reasoning about local update and global pathname traversal, introducing a novel effect frame rule to propagate the effect of a local update on overlapping pathnames. We apply our reasoning to the standard recursive remove utility (rm -r), discovering bugs in well-known implementations.

References

  1. POSIX.1-2008, IEEE 1003.1-2008, The Open Group Base Specifications Issue 7. URL http://pubs.opengroup. org/onlinepubs/9699919799/.Google ScholarGoogle Scholar
  2. K. Arkoudas, K. Zee, V. Kuncak, and M. Rinard. Verifying a File System Implementation. In LNCS: Formal Methods and Software Engineering. Springer Berlin Heidelberg, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  3. N. Biri and D. Galmiche. Models and separation logics for resource trees. Journal of Logic and Computation, 17(4):687– 726, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. R. Bornat, C. Calcagno, P. O’Hearn, and M. Parkinson. Permission Accounting in Separation Logic. In Proceedings of the 32Nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. R. Bornat, C. Calcagno, and H. Yang. Variables as Resource in Separation Logic. Electronic Notes in Theoretical Computer Science, 155:247–276, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. J. Boyland. Checking Interference with Fractional Permissions. In Static Analysis, Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. C. Calcagno, P. Gardner, and U. Zarfaty. Context Logic and Tree Update. In Proceedings of the 32Nd ACM SIGPLANSIGACT Symposium on Principles of Programming Languages, POPL, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. L. Cardelli and A. D. Gordon. Ambient logic. Mathematical Structures in Computer Science, 2003.Google ScholarGoogle Scholar
  9. P. da Rocha Pinto, T. Dinsdale-Young, M. Dodds, P. Gardner, and M. Wheelhouse. A Simple Abstraction for Complex Concurrent Indexes. In Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. T. Dinsdale-Young, M. Dodds, P. Gardner, M. Parkinson, and V. Vafeiadis. Concurrent Abstract Predicates. In ECOOP. Springer Berlin Heidelberg, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. T. Dinsdale-Young, L. Birkedal, P. Gardner, M. Parkinson, and H. Yang. Views: Compositional Reasoning for Concurrent Programs. In Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. M. Dodds, X. Feng, M. Parkinson, and V. Vafeiadis. Deny-Guarantee Reasoning. In Proceedings of the 18th European Symposium on Programming Languages and Systems: Held As Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009, ESOP, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. G. Ernst, G. Schellhorn, D. Haneberg, J. Pfähler, and W. Reif. Verification of a Virtual Filesystem Switch. In Verified Software: Theories, Tools, Experiments, Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. K. Fisher, N. Foster, D. Walker, and K. Q. Zhu. Forest: A Language and Toolkit for Programming with Filestores. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming, ICFP, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. L. Freitas, Z. Fu, and J. Woodcock. POSIX File Store in Z/Eves: An Experiment in the Verified Software Repository. Engineering of Complex Computer Systems, IEEE International Conference, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. L. Freitas, J. Woodcock, and A. Butterfield. POSIX and the Verification Grand Challenge: A Roadmap. 2014 19th International Conference on Engineering of Complex Computer Systems, 0:153–162, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. P. Gardner, S. Maffeis, and G. D. Smith. Towards a Program Logic for JavaScript. In Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. P. Gardner, G. Ntzik, and A. Wright. Local Reasoning for the POSIX File System. In Programming Languages and Systems, Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. W. H. Hesselink and M. Lali. Formalizing a Hierarchical File System. REFINE, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. A. Hobor and J. Villard. The Ramifications of Sharing in Data Structures. In Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. R. Joshi and G. J. Holzmann. A Mini Challenge: Build a Verifiable Filesystem. Formal Aspects of Computing, 19(2): 269–272, 2007. Google ScholarGoogle ScholarCross RefCross Ref
  22. C. Morgan and B. Sufrin. Specification of the UNIX Filing System. Software Engineering, IEEE Transactions on, 1984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. G. Ntzik and P. Gardner. Reasoning about the POSIX File System: Local Update and Global Pathnames. Technical report, Imperial College London, 2015. URL http://hdl. handle.net/10044/1/25816.Google ScholarGoogle Scholar
  24. J. C. Reynolds. Separation Logic: A Logic for Shared Mutable Data Structures. In Logic in Computer Science, 2002. Proceedings. 17th Annual IEEE Symposium on, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Reasoning about the POSIX file system: local update and global pathnames

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 50, Issue 10
        OOPSLA '15
        October 2015
        953 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2858965
        • Editor:
        • Andy Gill
        Issue’s Table of Contents
        • cover image ACM Conferences
          OOPSLA 2015: Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
          October 2015
          953 pages
          ISBN:9781450336895
          DOI:10.1145/2814270

        Copyright © 2015 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 23 October 2015

        Check for updates

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!