Paper Info
Title
Finding semantic bugs in file systems with an extensible fuzzing framework
Abstract
File systems are too large to be bug free. Although handwritten test suites have been widely used to stress file systems, they can hardly keep up with the rapid increase in file system size and complexity, leading to new bugs being introduced and reported regularly. These bugs come in various flavors: simple buffer overflows to sophisticated semantic bugs. Although bug-specific checkers exist, they generally lack a way to explore file system states thoroughly. More importantly, no turnkey solution exists that unifies the checking effort of various aspects of a file system under one umbrella. In this paper, we highlight the potential of applying fuzzing to find not just memory errors but, in theory, any type of file system bugs with an extensible fuzzing framework: Hydra. Hydra provides building blocks for file system fuzzing, including input mutators, feedback engines, a libOS-based executor, and a bug reproducer with test case minimization. As a result, developers only need to focus on building the core logic for finding bugs of their own interests. We showcase the effectiveness of Hydra with four checkers that hunt crash inconsistency, POSIX violations, logic assertion failures, and memory errors. So far, Hydra has discovered 91 new bugs in Linux file systems, including one in a verified file system (FSCQ), as well as four POSIX violations.
Year
DOI
Venue
2019
10.1145/3341301.3359662
Proceedings of the 27th ACM Symposium on Operating Systems Principles
Keywords
Field
DocType
file systems, fuzzing, semantic bugs
Fuzz testing,Programming language,Computer science,Extensibility,Distributed computing
Conference
ISBN
Citations 
PageRank 
978-1-4503-6873-5
6
0.48
References 
Authors
0
6
Name
Order
Citations
PageRank
Seulbae Kim191.21
Meng Xu221118.89
Sanidhya Kashyap312410.92
Jungyeon Yoon461.83
W. Xu530947.55
Taesoo Kim680951.85