Verifying a File System Implementation

  • Konstantine Arkoudas
  • Karen Zee
  • Viktor Kuncak
  • Martin Rinard
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3308)


We present a correctness proof for a basic file system implementation. This implementation contains key elements of standard Unix file systems such as inodes and fixed-size disk blocks. We prove the implementation correct by establishing a simulation relation between the specification of the file system (which models the file system as an abstract map from file names to sequences of bytes) and its implementation (which uses fixed-size disk blocks to store the contents of the files). We used the Athena proof system to represent and validate our proof. Our experience indicates that Athena’s use of block-structured natural deduction, support for structural induction and proof abstraction, and seamless integration with high-performance automated theorem provers were essential to our ability to successfully manage a proof of this size.


Model Check Reachable State Natural Deduction Read Operation Correctness Proof 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Arkoudas, K.: Denotational Proof Languages. PhD dissertation, MIT (2000)Google Scholar
  3. 3.
    Arkoudas, K.: Specification, abduction, and proof. In: Second International Symposium on Automated Technology for Verification and Analysis, Taiwan (October 2004)Google Scholar
  4. 4.
    Arkoudas, K., Bringsjord, S.: Metareasoning for multi-agent epistemic logics. In: 5th workshop on Computational Logic in Multi-agent Systems, Lisbon, Portugal (September 2004)Google Scholar
  5. 5.
    Arkoudas, K., Khurshid, S., Marinov, D., Rinard, M.: Integrating model checking and theorem proving for relational reasoning. In: 7th International Seminar on Relational Methods in Computer Science (2003)Google Scholar
  6. 6.
    Arkoudas, K., Rinard, M.: Deductive runtime certification. In: Proceedings of the 2004 Workshop on Runtime Verification, Barcelona, Spain (April 2004)Google Scholar
  7. 7.
    Arkoudas, K., Zee, K., Kuncak, V., Rinard, M.: On verifying a file system implementation. Technical Report 946, MIT CSAIL (May 2004)Google Scholar
  8. 8.
    Armando, A., Bonacina, M.P., Ranise, S., Rusinowitch, M., Sehgal, A.K.: High-performance deduction for verification: a case study in the theory of arrays. In: Autexier, S., Mantel, H. (eds.) Notes of the Workshop on Verification, Third Federated Logic Conference (FLoC 2002), pp. 103–112 (2002)Google Scholar
  9. 9.
    Arvizo, T.: A virtual machine for a type-ω denotational proof language. Masters thesis, MIT (June 2002)Google Scholar
  10. 10.
    Ball, T., Majumdar, R., Millstein, T., Rajamani, S.K.: Automatic predicate abstraction of C programs. In: Proc. ACM PLDI (2001)Google Scholar
  11. 11.
    Barrett, C.W., Dill, D.L., Stump, A.: A framework for cooperating decision procedures. In: McAllester, D. (ed.) CADE 2000. LNCS, vol. 1831, pp. 79–98. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Börger, E., Gräedel, E., Gurevich, Y.: The Classical Decision Problem. Springer, Heidelberg (1997)zbMATHGoogle Scholar
  13. 13.
    Brucker, A.D., Rittinger, F., Wolff, B.: A cvs-server security architecture: Concepts and formal analysis. Technical Report 182, Institut für Informatik Albert-Ludwigs-Universität Freiburg, HOL-Z distribution (December 2003),
  14. 14.
    Chan, W., Anderson, R.J., Beame, P., Burns, S., Modugno, F., Notkin, D., Reese, J.D.: Model checking large software specifications. IEEE TSE, 498–520 (July 1998)Google Scholar
  15. 15.
    Das, M., Lerner, S., Seigle, M.: ESP: Path-sensitive program verification in polynomial time. In: Proc. ACM PLDI (2002)Google Scholar
  16. 16.
    de Roever, W.-P., Engelhardt, K.: Data Refinement: Model-oriented proof methods and their comparison. Cambridge Tracts in Theoretical Computer Science, vol. 47. Cambridge University Press, Cambridge (1998)zbMATHCrossRefGoogle Scholar
  17. 17.
    DeLine, R., Fähndrich, M.: Enforcing high-level protocols in low-level software. In: Proc. ACM PLDI (2001)Google Scholar
  18. 18.
    Fradet, P., Métayer, D.L.: Shape types. In: Proc. 24th ACM POPL (1997)Google Scholar
  19. 19.
    Gordon, M.J.C., Melham, T.F.: Introduction to HOL, a theorem proving environment for higher-order logic. Cambridge University Press, Cambridge (1993)zbMATHGoogle Scholar
  20. 20.
    Hao, M.: Using a denotational proof language to verify dataflow analyses. Masters thesis, MIT (September 2002)Google Scholar
  21. 21.
    Jackson, D.: Alloy: a lightweight object modelling notation. ACM TOSEM 11(2), 256–290 (2002)CrossRefGoogle Scholar
  22. 22.
    Kaufmann, M., Manolios, P., Moore, J.S. (eds.): Computer-Aided Reasoning: ACL2 Case Studies. Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  23. 23.
    Khurshid, S., Jackson, D.: Exploring the design of an intentional naming scheme with an automatic constraint analyzer. In: 15th IEEE ASE (2000)Google Scholar
  24. 24.
    Klarlund, N., Møller, A., Schwartzbach, M.I.: MONA implementation secrets. In: Proc. 5th International Conference on Implementation and Application of Automata. LNCS (2000)Google Scholar
  25. 25.
    Kuncak, V., Rinard, M.: Boolean algebra of shape analysis constraints. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 59–72. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Lam, P., Kuncak, V., Rinard, M.: Generalized typestate checking using set interfaces and pluggable analyses. SIGPLAN Notices 39, 46–55 (2004)CrossRefGoogle Scholar
  27. 27.
    Larus, J.R., Hilfinger, P.N.: Detecting conflicts between structure accesses. In: Proc. ACM PLDI, Atlanta, GA (June 1988)Google Scholar
  28. 28.
    McKusick, M.K., Joy, W.N., Leffler, S.J., Fabry, R.S.: A fast file system for UNIX. Computer Systems 2(3), 181–197 (1984)Google Scholar
  29. 29.
    Meira, S.R.L., Cavalcanti, A.L.C., Santos, C.S.: The unix filing system: A MooZ specification. In: Lano, K., Haughton, H. (eds.) Object-oriented Specification Case Studies, ch. 4, pp. 80–109. Prentice-Hall, Englewood Cliffs (1994)Google Scholar
  30. 30.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002)Google Scholar
  31. 31.
    Owre, S., Shankar, N., Rushby, J.M., Stringer-Calvert, D.W.J.: PVS Language Reference. SRI International, Computer Science Laboratory, 333 Ravenswood Avenue, Menlo Park CA 94025Google Scholar
  32. 32.
    Pelletier, F.J.: A Brief History of Natural Deduction. History and Philosophy of Logic 20, 1–31 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    Sagiv, M., Reps, T., Wilhelm, R.: Parametric shape analysis via 3-valued logic. ACM TOPLAS 24(3), 217–298 (2002)CrossRefGoogle Scholar
  34. 34.
    Thompson, K.: UNIX implementation. The Bell System Technical Journal, 57(6 (part 2)) (1978)Google Scholar
  35. 35.
    Voronkov, A., et al.: The anatomy of Vampire (implementing bottom-up procedures with code trees). JAR 15(2), 237–265 (1995)zbMATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Weidenbach, C.: Combining superposition, sorts and splitting. In: Robinson, A., Voronkov, A. (eds.) Handbook of Automated Reasoning, ch. 27, vol. II, pp. 1965–2013. Elsevier, Amsterdam (2001)CrossRefGoogle Scholar
  37. 37.
    Wenzel, M.: Isabelle/Isar — a versatile environment for human-readable formal proof documents. PhD thesis, Technische Universitaet Muenchen (2002)Google Scholar
  38. 38.
    Wing, J.M., Vaziri-Farahani, M.: A case study in model checking software systems. Science of Computer Programming 28, 273–299 (1997)CrossRefGoogle Scholar
  39. 39.
    Woodcock, J., Davies, J.: Using Z. Prentice-Hall, Inc., Englewood Cliffs (1996)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Konstantine Arkoudas
    • 1
  • Karen Zee
    • 1
  • Viktor Kuncak
    • 1
  • Martin Rinard
    • 1
  1. 1.MIT Computer Science and AI Lab 

Personalised recommendations