to systematically test
play

to Systematically Test File-System Crash Consistency Ashlie - PowerPoint PPT Presentation

Oct 19, 2023 •39 likes •499 views

CrashMonkey: A Framework to Systematically Test File-System Crash Consistency Ashlie Martinez Vijay Chidambaram University of Texas at Austin Crash Consistency File-system updates change multiple blocks on storage Data blocks, inodes,

  1. CrashMonkey: A Framework to Systematically Test File-System Crash Consistency Ashlie Martinez Vijay Chidambaram University of Texas at Austin

  2. Crash Consistency • File-system updates change multiple blocks on storage • Data blocks, inodes, and superblock may all need updating • Changes need to happen atomically • Need to ensure file system consistent if system crashes • Ensures that data is not lost or corrupted • File data is correct • Links to directories and files unaffected • All free data blocks are accounted for • Techniques: journaling, copy-on-write • Crash consistency is complex and hard to implement 2

  3. Testing Crash Consistency • Randomly power cycling a VM or machine • Random crashes unlikely to reveal bugs • Restarting machine or VM after crash is slow • Killing user space file-system process • Requires special file-system design • Ad-hoc • Despite its importance, no standardized or systematic tests 3

  4. What Really Needs Tested? • Current tests write data to disk each time • Crashing while writing data is not the goal • True goal is to generate disk states that crash could cause 4

  5. CrashMonkey Framework to test crash consistency Works by constructing crash states for given workload Does not require reboot of OS/VM File-system agnostic Modular, extensible Currently tests 100,000 crash states in ~10min 5

  6. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 6

  7. How Consistency Is Tested Today • Power cycle a machine or VM • Crash machine/VM while data is X being written to disk Rebooting – Please Wait... • Reboot machine and check file system • Random and slow ? Write to foo.txt • Run file system in user space • ZFS test strategy • Kill file system user process during write operations • Requires file system have the ability to run in user space 7

  8. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 8

  9. Linux Storage Stack VFS Provides consistent interface across file systems Page Cache Holds recently used files and data File System Ext, NTFS, etc. Generic Block Layer Interface between file systems and device drivers Block Device Driver Device specific driver Disk Cache Caches data on block device Persistent storage device Block Device 9

  10. Linux Writes – Write Flags • Metadata attached to operations sent to device driver • Change how the OS and device driver order operations • Both IO scheduler and disk cache reorder requests • sync – denotes process waiting for this write • Orders writes issued with sync in that process • flush – all data in the device cache should be persisted • If request has data, data may not be persisted at return • Forced Unit Access (FUA) – return when data is persisted • Often paired with flush so all data including request is durable 10

  11. Linux Writes • Data written to disk in epochs • each terminated by flush and/or FUA operations • Reordering within epochs • Operating system adheres to FUA, flush, and sync flags • Block device adheres to FUA and flush flags B: write, C: write, E: write, F: write, G: write, H: FUA, A: write D: flush meta sync sync sync sync flush Epoch 1 Epoch 2 11

  12. Linux Writes – Example echo “Hello World!” > foo.txt Journal: Journal: flush Data 1 Data 2 flush flush commit inode epoch 1 epoch 2 epoch 3 Operating System Block Device 12

  13. Linux Writes – Example echo “Hello World!” > foo.txt Journal: Journal: flush Data 1 Data 2 flush flush commit inode epoch 1 epoch 2 epoch 3 Operating System Block Device Data 2 Data 1 flush epoch 1 13

  14. Linux Writes – Example echo “Hello World!” > foo.txt Journal: Journal: flush Data 1 Data 2 flush flush commit inode epoch 1 epoch 2 epoch 3 Operating System Block Device Journal: Data 2 Data 1 flush flush inode epoch 1 epoch 2 14

  15. Linux Writes – Example echo “Hello World!” > foo.txt Journal: Journal: flush Data 1 Data 2 flush flush commit inode epoch 1 epoch 2 epoch 3 Operating System Block Device Journal: Journal: Data 2 Data 1 flush flush flush commit inode epoch 1 epoch 2 epoch 3 15

  16. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 16

  17. Goals for CrashMonkey • Fast • Ability to intelligently and systematically direct tests toward interesting crash states • File-system agnostic • Works out of the box without the need for recompiling the kernel • Easily extendable and customizable 17

  18. CrashMonkey: Architecture Generated potential crash states User provided file-system operations Crash State 1 User Workload Test Harness Crash State 2 User Kernel File System Generic Block Layer Device Wrapper Records information about user workload Custom RAM Block Device Provides fast writable snapshot capability 18

  19. Constructing Crash States touch foo.txt echo “foo bar baz ” > foo.txt Randomly choose n epochs to permute (n = 2 here) Journal: epoch 1 inode flush Data 1 epoch 2 Data 2 Data 3 flush Journal: epoch 3 inode flush 19

  20. Constructing Crash States touch foo.txt echo “foo bar baz ” > foo.txt Randomly choose n epochs to permute (n = 2 here) Journal: Journal: epoch 1 epoch 1 inode inode Copy epochs [1, n – 1] flush flush Data 1 epoch 2 Data 2 Data 3 flush Journal: epoch 3 inode flush 20

  21. Constructing Crash States touch foo.txt echo “foo bar baz ” > foo.txt Randomly choose n epochs to permute (n = 2 here) Journal: Journal: epoch 1 epoch 1 inode inode Copy epochs [1, n – 1] flush flush epoch 2 Data 1 Data 3 Permute and possibly drop operations from epoch n epoch 2 Data 2 Data 1 Data 3 flush Journal: epoch 3 inode flush 21

  22. CrashMonkey In Action Test Harness User Workload Device Wrapper Base Disk 22

  23. CrashMonkey In Action Workload Setup Test Harness User Workload Device Wrapper mkdir test Base Disk Metadata 23

  24. CrashMonkey In Action Snapshot Device Test Harness User Workload Device Wrapper Writable Snapshot Metadata 24

  25. CrashMonkey In Action Profile Workload Test Harness User Workload Device Wrapper echo “bar baz ” > foo.txt Metadata Data Writable Snapshot Metadata Metadata Data 25

  26. CrashMonkey In Action Export Data Test Harness User Workload Metadata Device Wrapper Data Metadata Data Writable Snapshot Metadata Metadata Data 26

  27. CrashMonkey In Action Restore Snapshot Test Harness User Workload Metadata Data Device Wrapper Metadata Data Crash State Metadata 27

  28. CrashMonkey In Action Reorder Data Test Harness User Workload Metadata Device Wrapper Metadata Data Crash State Metadata 28

  29. CrashMonkey In Action Write Reordered Data to Snapshot Test Harness User Workload Metadata Metadata Device Wrapper Metadata Data Crash State Metadata 29

  30. CrashMonkey In Action Check File-System Consistency Test Harness User Workload Metadata Device Wrapper Metadata Data Crash State Metadata Metadata 30

  31. Testing Consistency • Different types of consistency • File system is inconsistent and unfixable • File system is consistent but garbage data • File system has leaked inodes but is recoverable • File system is consistent and data is good • Currently run fsck on all disk states • Check only certain parts of file system for consistency • Users can define checks for data consistency 31

  32. Customizing CrashMonkey • Customize algorithm class Permuter { public: to construct crash virtual void init_data(vector); states virtual bool gen_one_state(vector); }; • Customize workload: class BaseTestCase { public: • Setup virtual int setup(); • Data writes virtual int run(); virtual int check_test(); • Data consistency tests }; 32

  33. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 33

  34. Results So Far • Testing 100,000 unique disk states takes ~10 minutes • Test creates 10 1KB files in a 10MB ext4 file system • Majority of time spent running fsck • Profiling the workload takes ~1 minute • Happens only once per user-defined test • Want operations to write to disk naturally • sync() adds extra operations to those recorded • Must wait for writeback delay • Decrease delay through /proc file 34

  35. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 35

  36. The Path Ahead • Identify interesting crash states • Focus on states which have reordered metadata • Huge search space from which to select crash states • Avoid testing equivalent crash states • Avoid generating write sequences that are equivalent • Generate write sequences then check for equivalence • Parallelize tests • Each crash state is independent of the others • Optimize test harness to run faster • Check only parts of file system for consistency 36

  37. Outline • Overview • How Consistency is Tested Today • Linux Writes • CrashMonkey • Preliminary Results • Future Plans • Conclusion 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Blind (Uninformed) Search (Where we systematically explore 1. s 0 sense/read initial state

Blind (Uninformed) Search (Where we systematically explore 1. s 0 sense/read initial state

Simple Problem-Solving-Agent Agent Algorithm Blind (Uninformed) Search (Where we systematically explore 1. s 0 sense/read initial state 2. GOAL? select/read goal test alternatives) 3. Succ read successor function 4. solution

447 views • 11 slides
Engineering Best Practices Test, test, test, and test some more; test as you go Start from a

Engineering Best Practices Test, test, test, and test some more; test as you go Start from a

Engineering Best Practices Test, test, test, and test some more; test as you go Start from a known working state, take small steps Make things visible (gdb, printf, logic analyzer) Methodical, systematic approach. Form hypotheses and perform

755 views • 38 slides
TEST STANDARDIZATION: SOME PRACTICAL GUIDANCE Why standardization matters: a review LEARNING

TEST STANDARDIZATION: SOME PRACTICAL GUIDANCE Why standardization matters: a review LEARNING

TEST STANDARDIZATION: SOME PRACTICAL GUIDANCE Why standardization matters: a review LEARNING Impact of the testing setting POL and de-centralized testing on standardization examples considerations OBJECTIVES Systematically managing the

558 views • 20 slides
TURN UNCERTAINTIES INTO AN OPPORTUNITY BY INVESTING SYSTEMATICALLY What t is an SIP? A

TURN UNCERTAINTIES INTO AN OPPORTUNITY BY INVESTING SYSTEMATICALLY What t is an SIP? A

An investor education initiative by TURN UNCERTAINTIES INTO AN OPPORTUNITY BY INVESTING SYSTEMATICALLY What t is an SIP? A Systematic Investment Plan or better known as SIP is based on the simple idea of investing a fixed amount at fixed

334 views • 16 slides
Scaling up Chlorhexidine gel for umbilical cord care in Nigeria Systematically studying and

Scaling up Chlorhexidine gel for umbilical cord care in Nigeria Systematically studying and

Scaling up Chlorhexidine gel for umbilical cord care in Nigeria Systematically studying and implementing a scale-up effort Jenna Wright, MPH Broad Branch Associates / Maternal and Child Survival Program December 5, 2017 Olayinka Umar-Farouk,

1.19k views • 13 slides
Information Visualization 9 and 26 how to systematically analyze idiom structure? Marks

Information Visualization 9 and 26 how to systematically analyze idiom structure? Marks

Exercise: Two numbers Visual encoding Information Visualization 9 and 26 how to systematically analyze idiom structure? Marks & Channels How can you visually represent these two numbers? Solo: quickly sketch 3 ideas Pair:

218 views • 3 slides
>> ECOCIDE UNI UNITE TED NA NATIONS ONS The Rome Statute of the International Crime

>> ECOCIDE UNI UNITE TED NA NATIONS ONS The Rome Statute of the International Crime

ECOC OCIDE In World War II people have been killed systematically on a large scale >> GENOCIDE Now our planet is being destroyed systematically on a large scale >> ECOCIDE UNI UNITE TED NA NATIONS ONS The Rome Statute of

595 views • 56 slides
Optimization IIC Technologies Feb-27-2019 Aims - What have we done Aims Systematically,

Optimization IIC Technologies Feb-27-2019 Aims - What have we done Aims Systematically,

S-57 to S-101 Conversion Optimization IIC Technologies Feb-27-2019 Aims - What have we done Aims Systematically, look at how S- 57 ENC can be optimised to prepare data for conversion to S-101 Examine current converter,

376 views • 10 slides
We know where you live Systematically Fingerprinting Low- and Medium-interaction Honeypots at

We know where you live Systematically Fingerprinting Low- and Medium-interaction Honeypots at

We know where you live Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale Alexander Vetterl University of Cambridge alexander.vetterl@cl.cam.ac.uk Introduction Honeypot s: A resource whose value is

477 views • 19 slides
Automatic Techniques to Systematically Discover New Heap Exploitation Primitives Ins Insu Yu

Automatic Techniques to Systematically Discover New Heap Exploitation Primitives Ins Insu Yu

Automatic Techniques to Systematically Discover New Heap Exploitation Primitives Ins Insu Yu Yun , Dhaval Kapil, and Taesoo Kim Georgia Institute of Technology 1 Heap vulnerabilities are the most common, yet serious security issues. %

387 views • 34 slides
BIOINFORMATICS doi:10.1093/bioinformatics/btm227 A graph-based approach to systematically

BIOINFORMATICS doi:10.1093/bioinformatics/btm227 A graph-based approach to systematically

Vol. 23 ISMB/ECCB 2007, pages i577i586 BIOINFORMATICS doi:10.1093/bioinformatics/btm227 A graph-based approach to systematically reconstruct human transcriptional regulatory modules Xifeng Yan 1 , Michael R. Mehan 2, , Yu Huang 2 , Michael

148 views • 10 slides
University of Braslia Abstract This paper systematically surveys the theory and challenges

University of Braslia Abstract This paper systematically surveys the theory and challenges

REVISITING AGGREGATION AND UPDATING OF INPUT -OUTPUT MATRICES Joanlio Rodolpho Teixeira Department of Economics University of Braslia Abstract This paper systematically surveys the theory and challenges to the aggregation and

828 views • 31 slides
Annual Performance Summary 2014 Performance Improvement Plan Describes how we systematically

Annual Performance Summary 2014 Performance Improvement Plan Describes how we systematically

Annual Performance Summary 2014 Performance Improvement Plan Describes how we systematically measure, monitor and improve the performance of the SPBHS over time Specifies performance indicators and target goals for the year

396 views • 26 slides
What is Psychological Skills Training? PST is systematically training of mental skills to

What is Psychological Skills Training? PST is systematically training of mental skills to

What is Psychological Skills Training? PST is systematically training of mental skills to enhance sport performance Why Is PST Important? Key: Psychological factors account primarily for day-to-day fluctuations in performance. Why Are

712 views • 22 slides
Transforming your business systematically from Fragile to Agile ME Case Study Glenn Smyth

Transforming your business systematically from Fragile to Agile ME Case Study Glenn Smyth

Transforming your business systematically from Fragile to Agile ME Case Study Glenn Smyth Founder and CE Fragile to Agile Pty Ltd 14 th December 2015 The best way to predict your future is to invent it Frank Herbert, Dune The best

480 views • 33 slides
Test automation Whenever we alter our code, we should re-test Our collections of test cases

Test automation Whenever we alter our code, we should re-test Our collections of test cases

Test automation Whenever we alter our code, we should re-test Our collections of test cases can be substantial, and each test case can be large: manual testing is slow, error-prone Ideally, we would like a tool or script that lets us

186 views • 7 slides
Improved Bounds on the Dot Product under Random Projection and Random Sign Projection Ata Kab

Improved Bounds on the Dot Product under Random Projection and Random Sign Projection Ata Kab

Improved Bounds on the Dot Product under Random Projection and Random Sign Projection Ata Kab an School of Computer Science The University of Birmingham Birmingham B15 2TT, UK http://www.cs.bham.ac.uk/ axk KDD 2015, Sydney, 10-13

280 views • 23 slides
Computation for Mali licious Adversaries and an Honest Majority Jun Furukawa*, Yehuda Lindell**,

Computation for Mali licious Adversaries and an Honest Majority Jun Furukawa*, Yehuda Lindell**,

Hig igh-Throughput Secure Three-Party Computation for Mali licious Adversaries and an Honest Majority Jun Furukawa*, Yehuda Lindell**, Ariel Nof** and Or Weinstein** *NEC corporation, Israel **Bar-Ilan University, Israel Eurocrypt 2017

699 views • 54 slides
On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model Yannick Seurin

On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model Yannick Seurin

On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model Yannick Seurin ANSSI, France 18 April, EUROCRYPT 2012 Yannick Seurin (ANSSI) Exact Security of Schnorr Signatures EUROCRYPT 2012 1 / 28 Introduction Introduction

1.45k views • 117 slides
Recommendation on Data Missing Not at Random A Doubly Robust Joint Learning Approach Rating

Recommendation on Data Missing Not at Random A Doubly Robust Joint Learning Approach Rating

Recommendation on Data Missing Not at Random A Doubly Robust Joint Learning Approach Rating Matrix Item 1 Item 2 Item 3 ... Item M User 1 4 ... User 2 2 ... User 3 5 ... 5 ... ... ... ... ... ... User N 2 ... 1 Rating

911 views • 26 slides
Thresholds in random CSPs Nike Sun (Berkeley) Counting complexity and phase transitions Simons

Thresholds in random CSPs Nike Sun (Berkeley) Counting complexity and phase transitions Simons

Thresholds in random CSPs Nike Sun (Berkeley) Counting complexity and phase transitions Simons Institute, Berkeley 28 January 2016 Plan for the talk Introduction: random k -SAT model Threshold conjecture, Friedguts theorem Statistical

1.67k views • 142 slides
An Efficient and Parallel Gaussian Sampler for Lattices Chris Peikert Georgia Tech CRYPTO 2010

An Efficient and Parallel Gaussian Sampler for Lattices Chris Peikert Georgia Tech CRYPTO 2010

An Efficient and Parallel Gaussian Sampler for Lattices Chris Peikert Georgia Tech CRYPTO 2010 1 / 10 Lattice-Based Crypto L R n b 2 b 1 2 / 10 Lattice-Based Crypto L R n p 1 p 2 2 / 10 Lattice-Based Crypto L R n b 2 p 1 b 1 =

975 views • 60 slides
Nodal lines of random waves Many questions and few answers M. Sodin (Tel Aviv) Ascona, May 2010

Nodal lines of random waves Many questions and few answers M. Sodin (Tel Aviv) Ascona, May 2010

Nodal lines of random waves Many questions and few answers M. Sodin (Tel Aviv) Ascona, May 2010 1 Random 2D wave : random superposition of solutions to f + 2 f = 0 Examples: Random spherical harmonic of

496 views • 28 slides
Scale-up Graph Processing: A Storage-centric View Eiko Yoneki University of Cambridge Amitabha Roy

Scale-up Graph Processing: A Storage-centric View Eiko Yoneki University of Cambridge Amitabha Roy

Scale-up Graph Processing: A Storage-centric View Eiko Yoneki University of Cambridge Amitabha Roy EPFL SIGMOD GRADES June 23, 2013 Graph Storage Storing and accessing graphs is a challenge Edge traversal produces an access pattern that is

473 views • 13 slides

More recommend