File systems serve as the foundation for data storage and access, making their reliability crucial to maintaining system correctness and data integrity. However, building robust file systems remains a significant challenge. Despite numerous testing and verification techniques, file system bugs continue to emerge. To detect file system bugs and improve reliability, we tackle three key aspects: new coverage metrics for testing, a novel model checking approach, and enhanced scalability for file system verification. We begin by introducing input and output coverage (IOCov) as metrics for evaluating and improving file system testing, along with IOCov to compute them. We integrated IOCov into existing file system testing workflows, achieving broader input coverage and improving the detection of crash consistency bugs. Next, we present Metis, a file system model checking framework designed to explore diverse inputs under different file system states. Using a reference file system (RefFS), Metis compares the behaviors of two file systems and reports any discrepancies as potential bugs. Metis leverages Swarm Verification (SV) to scale state exploration by distributing parallel verification tasks (VTs) across multiple cores and machines. Finally, we describe Containerized Swarm Verification (CoSV), in which each VT runs in a container and is managed by an orchestrator. CoSV enhances the scalability of SV by packaging each VT as a self-contained unit, allowing for easy adaptation to dynamic resource availability. In addition, CoSV ensures fault isolation across VTs to prevent faults in one task from interfering with the execution of others.

Our thesis is that effective file system testing requires coverage metrics to guide evaluation, new techniques for thorough checking, and scalable parallelism to explore large state spaces. Overall, input/output coverage helps developers evaluate file system testing, while model checking systematically verifies states, and containerized swarm verification scales this process through efficient, fault-isolated parallelism.