This patch provides several functions for implement fail-injection
capabilities.
Signed-off-by: Akinobu Mita <[email protected]>
include/linux/should_fail.h | 44 ++++++++++++++++++++++++++++
lib/Kconfig.debug | 4 ++
lib/Makefile | 1
lib/should_fail.c | 69 ++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 118 insertions(+)
Index: work-failmalloc/include/linux/should_fail.h
===================================================================
--- /dev/null
+++ work-failmalloc/include/linux/should_fail.h
@@ -0,0 +1,44 @@
+#ifndef _LINUX_SHOULD_FAIL_H
+#define _LINUX_SHOULD_FAIL_H
+
+#ifdef CONFIG_SHOULD_FAIL
+
+#include <linux/types.h>
+#include <asm/atomic.h>
+
+struct should_fail_data {
+
+ /* how often it should fail in percent. */
+ unsigned long probability;
+
+ /* the interval of failures. */
+ unsigned long interval;
+
+ /*
+ * how many times failures may happen at most.
+ * A value of '-1' means infinity.
+ */
+ atomic_t times;
+
+ /*
+ * the size of free space where memory can be allocated safely.
+ * A value of '0' means infinity.
+ */
+ atomic_t space;
+
+ unsigned long count;
+};
+
+#define DEFINE_SHOULD_FAIL(name) \
+ struct should_fail_data name = { .times = ATOMIC_INIT(-1), }
+
+int should_fail(struct should_fail_data *data, unsigned long size);
+int setup_should_fail(struct should_fail_data *data, char *str);
+
+#else
+
+#define should_fail(data, size) (0)
+
+#endif /* CONFIG_SHOULD_FAIL */
+
+#endif /* _LINUX_SHOULD_FAIL_H */
Index: work-failmalloc/lib/should_fail.c
===================================================================
--- /dev/null
+++ work-failmalloc/lib/should_fail.c
@@ -0,0 +1,69 @@
+#include <linux/kernel.h>
+#include <linux/init.h>
+#include <linux/random.h>
+#include <linux/stat.h>
+#include <linux/types.h>
+#include <linux/fs.h>
+#include <linux/module.h>
+#include <linux/should_fail.h>
+
+int setup_should_fail(struct should_fail_data *data, char *str)
+{
+ unsigned long probability;
+ unsigned long interval;
+ int times;
+ int space;
+
+ /* "<probability>,<interval>,<times>,<space>" */
+ if (sscanf(str, "%lu,%lu,%d,%d", &probability, &interval, ×,
+ &space) < 4)
+ return 0;
+
+ data->probability = probability;
+ data->interval = interval;
+ atomic_set(&data->times, times);
+ atomic_set(&data->space, space);
+
+ return 1;
+}
+
+#define failure_probability(data) (data)->probability
+#define failure_interval(data) (data)->interval
+#define max_failures(data) (data)->times
+#define current_space(data) (data)->space
+#define atomic_dec_not_zero(v) atomic_add_unless((v), -1, 0)
+
+/*
+ * This function is almost taken from failmalloc-1.0
+ * http://www.nongnu.org/failmalloc/
+ */
+
+int should_fail(struct should_fail_data *data, unsigned long size)
+{
+ if (atomic_read(&max_failures(data)) == 0)
+ return 0;
+
+ if (atomic_read(¤t_space(data)) > size) {
+ atomic_sub(size, ¤t_space(data));
+ return 0;
+ }
+
+ if (failure_interval(data) > 1) {
+ data->count++;
+ if (data->count % failure_interval(data))
+ return 0;
+ }
+
+ if (failure_probability(data) == 100 ||
+ INT_MAX / 100 * failure_probability(data) > get_random_int())
+ goto fail;
+
+ return 0;
+
+fail:
+
+ if (atomic_read(&max_failures(data)) != -1)
+ atomic_dec_not_zero(&max_failures(data));
+
+ return 1;
+}
Index: work-failmalloc/lib/Kconfig.debug
===================================================================
--- work-failmalloc.orig/lib/Kconfig.debug
+++ work-failmalloc/lib/Kconfig.debug
@@ -368,3 +368,7 @@ config RCU_TORTURE_TEST
at boot time (you probably don't).
Say M if you want the RCU torture tests to build as a module.
Say N if you are unsure.
+
+config SHOULD_FAIL
+ bool
+
Index: work-failmalloc/lib/Makefile
===================================================================
--- work-failmalloc.orig/lib/Makefile
+++ work-failmalloc/lib/Makefile
@@ -51,6 +51,7 @@ obj-$(CONFIG_TEXTSEARCH_FSM) += ts_fsm.o
obj-$(CONFIG_SMP) += percpu_counter.o
obj-$(CONFIG_SWIOTLB) += swiotlb.o
+obj-$(CONFIG_SHOULD_FAIL) += should_fail.o
hostprogs-y := gen_crc32table
clean-files := crc32table.h
--
Akinobu Mita <[email protected]> writes:
> + if (failure_probability(data) == 100 ||
> + INT_MAX / 100 * failure_probability(data) > get_random_int())
I don't think it's a good idea to use get_random_int here. It's a secure
quite heavyweight random simulator that eats up precious entropy.
I would use something simple with an option for the user to specify the seed
(default jiffies maybe) for reproducibility.
e.g. the perfmon patchkit that was just posted had a reasonable simple
pseudo RND for lib/. Maybe you can reuse that.
-Andi