[linux-2.6-block.git] / Documentation / fault-injection / fault-injection.rst

===========================================
Fault injection capabilities infrastructure
===========================================

See also drivers/md/md-faulty.c and "every_nth" module option for scsi_debug.


Available fault injection capabilities
--------------------------------------

- failslab

  injects slab allocation failures. (kmalloc(), kmem_cache_alloc(), ...)

- fail_page_alloc

  injects page allocation failures. (alloc_pages(), get_free_pages(), ...)

- fail_futex

  injects futex deadlock and uaddr fault errors.

- fail_make_request

  injects disk IO errors on devices permitted by setting
  /sys/block/<device>/make-it-fail or
  /sys/block/<device>/<partition>/make-it-fail. (generic_make_request())

- fail_mmc_request

  injects MMC data errors on devices permitted by setting
  debugfs entries under /sys/kernel/debug/mmc0/fail_mmc_request

- fail_function

  injects error return on specific functions, which are marked by
  ALLOW_ERROR_INJECTION() macro, by setting debugfs entries
  under /sys/kernel/debug/fail_function. No boot option supported.

- NVMe fault injection

  inject NVMe status code and retry flag on devices permitted by setting
  debugfs entries under /sys/kernel/debug/nvme*/fault_inject. The default
  status code is NVME_SC_INVALID_OPCODE with no retry. The status code and
  retry flag can be set via the debugfs.


Configure fault-injection capabilities behavior
-----------------------------------------------

debugfs entries
^^^^^^^^^^^^^^^

fault-inject-debugfs kernel module provides some debugfs entries for runtime
configuration of fault-injection capabilities.

- /sys/kernel/debug/fail*/probability:

	likelihood of failure injection, in percent.

	Format: <percent>

	Note that one-failure-per-hundred is a very high error rate
	for some testcases.  Consider setting probability=100 and configure
	/sys/kernel/debug/fail*/interval for such testcases.

- /sys/kernel/debug/fail*/interval:

	specifies the interval between failures, for calls to
	should_fail() that pass all the other tests.

	Note that if you enable this, by setting interval>1, you will
	probably want to set probability=100.

- /sys/kernel/debug/fail*/times:

	specifies how many times failures may happen at most.
	A value of -1 means "no limit".

- /sys/kernel/debug/fail*/space:

	specifies an initial resource "budget", decremented by "size"
	on each call to should_fail(,size).  Failure injection is
	suppressed until "space" reaches zero.

- /sys/kernel/debug/fail*/verbose

	Format: { 0 | 1 | 2 }

	specifies the verbosity of the messages when failure is
	injected.  '0' means no messages; '1' will print only a single
	log line per failure; '2' will print a call trace too -- useful
	to debug the problems revealed by fault injection.

- /sys/kernel/debug/fail*/task-filter:

	Format: { 'Y' | 'N' }

	A value of 'N' disables filtering by process (default).
	Any positive value limits failures to only processes indicated by
	/proc/<pid>/make-it-fail==1.

- /sys/kernel/debug/fail*/require-start,
  /sys/kernel/debug/fail*/require-end,
  /sys/kernel/debug/fail*/reject-start,
  /sys/kernel/debug/fail*/reject-end:

	specifies the range of virtual addresses tested during
	stacktrace walking.  Failure is injected only if some caller
	in the walked stacktrace lies within the required range, and
	none lies within the rejected range.
	Default required range is [0,ULONG_MAX) (whole of virtual address space).
	Default rejected range is [0,0).

- /sys/kernel/debug/fail*/stacktrace-depth:

	specifies the maximum stacktrace depth walked during search
	for a caller within [require-start,require-end) OR
	[reject-start,reject-end).

- /sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem:

	Format: { 'Y' | 'N' }

	default is 'N', setting it to 'Y' won't inject failures into
	highmem/user allocations.

- /sys/kernel/debug/failslab/ignore-gfp-wait:
- /sys/kernel/debug/fail_page_alloc/ignore-gfp-wait:

	Format: { 'Y' | 'N' }

	default is 'N', setting it to 'Y' will inject failures
	only into non-sleep allocations (GFP_ATOMIC allocations).

- /sys/kernel/debug/fail_page_alloc/min-order:

	specifies the minimum page allocation order to be injected
	failures.

- /sys/kernel/debug/fail_futex/ignore-private:

	Format: { 'Y' | 'N' }

	default is 'N', setting it to 'Y' will disable failure injections
	when dealing with private (address space) futexes.

- /sys/kernel/debug/fail_function/inject:

	Format: { 'function-name' | '!function-name' | '' }

	specifies the target function of error injection by name.
	If the function name leads '!' prefix, given function is
	removed from injection list. If nothing specified ('')
	injection list is cleared.

- /sys/kernel/debug/fail_function/injectable:

	(read only) shows error injectable functions and what type of
	error values can be specified. The error type will be one of
	below;
	- NULL:	retval must be 0.
	- ERRNO: retval must be -1 to -MAX_ERRNO (-4096).
	- ERR_NULL: retval must be 0 or -1 to -MAX_ERRNO (-4096).

- /sys/kernel/debug/fail_function/<functiuon-name>/retval:

	specifies the "error" return value to inject to the given
	function for given function. This will be created when
	user specifies new injection entry.

Boot option
^^^^^^^^^^^

In order to inject faults while debugfs is not available (early boot time),
use the boot option::

	failslab=
	fail_page_alloc=
	fail_make_request=
	fail_futex=
	mmc_core.fail_request=<interval>,<probability>,<space>,<times>

proc entries
^^^^^^^^^^^^

- /proc/<pid>/fail-nth,
  /proc/self/task/<tid>/fail-nth:

	Write to this file of integer N makes N-th call in the task fail.
	Read from this file returns a integer value. A value of '0' indicates
	that the fault setup with a previous write to this file was injected.
	A positive integer N indicates that the fault wasn't yet injected.
	Note that this file enables all types of faults (slab, futex, etc).
	This setting takes precedence over all other generic debugfs settings
	like probability, interval, times, etc. But per-capability settings
	(e.g. fail_futex/ignore-private) take precedence over it.

	This feature is intended for systematic testing of faults in a single
	system call. See an example below.

How to add new fault injection capability
-----------------------------------------

- #include <linux/fault-inject.h>

- define the fault attributes

  DECLARE_FAULT_ATTR(name);

  Please see the definition of struct fault_attr in fault-inject.h
  for details.

- provide a way to configure fault attributes

- boot option

  If you need to enable the fault injection capability from boot time, you can
  provide boot option to configure it. There is a helper function for it:

	setup_fault_attr(attr, str);

- debugfs entries

  failslab, fail_page_alloc, and fail_make_request use this way.
  Helper functions:

	fault_create_debugfs_attr(name, parent, attr);

- module parameters

  If the scope of the fault injection capability is limited to a
  single kernel module, it is better to provide module parameters to
  configure the fault attributes.

- add a hook to insert failures

  Upon should_fail() returning true, client code should inject a failure:

	should_fail(attr, size);

Application Examples
--------------------

- Inject slab allocation failures into module init/exit code::

    #!/bin/bash

    FAILTYPE=failslab
    echo Y > /sys/kernel/debug/$FAILTYPE/task-filter
    echo 10 > /sys/kernel/debug/$FAILTYPE/probability
    echo 100 > /sys/kernel/debug/$FAILTYPE/interval
    echo -1 > /sys/kernel/debug/$FAILTYPE/times
    echo 0 > /sys/kernel/debug/$FAILTYPE/space
    echo 2 > /sys/kernel/debug/$FAILTYPE/verbose
    echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-wait

    faulty_system()
    {
	bash -c "echo 1 > /proc/self/make-it-fail && exec $*"
    }

    if [ $# -eq 0 ]
    then
	echo "Usage: $0 modulename [ modulename ... ]"
	exit 1
    fi

    for m in $*
    do
	echo inserting $m...
	faulty_system modprobe $m

	echo removing $m...
	faulty_system modprobe -r $m
    done

------------------------------------------------------------------------------

- Inject page allocation failures only for a specific module::

    #!/bin/bash

    FAILTYPE=fail_page_alloc
    module=$1

    if [ -z $module ]
    then
	echo "Usage: $0 <modulename>"
	exit 1
    fi

    modprobe $module

    if [ ! -d /sys/module/$module/sections ]
    then
	echo Module $module is not loaded
	exit 1
    fi

    cat /sys/module/$module/sections/.text > /sys/kernel/debug/$FAILTYPE/require-start
    cat /sys/module/$module/sections/.data > /sys/kernel/debug/$FAILTYPE/require-end

    echo N > /sys/kernel/debug/$FAILTYPE/task-filter
    echo 10 > /sys/kernel/debug/$FAILTYPE/probability
    echo 100 > /sys/kernel/debug/$FAILTYPE/interval
    echo -1 > /sys/kernel/debug/$FAILTYPE/times
    echo 0 > /sys/kernel/debug/$FAILTYPE/space
    echo 2 > /sys/kernel/debug/$FAILTYPE/verbose
    echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-wait
    echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-highmem
    echo 10 > /sys/kernel/debug/$FAILTYPE/stacktrace-depth

    trap "echo 0 > /sys/kernel/debug/$FAILTYPE/probability" SIGINT SIGTERM EXIT

    echo "Injecting errors into the module $module... (interrupt to stop)"
    sleep 1000000

------------------------------------------------------------------------------

- Inject open_ctree error while btrfs mount::

    #!/bin/bash

    rm -f testfile.img
    dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1
    DEVICE=$(losetup --show -f testfile.img)
    mkfs.btrfs -f $DEVICE
    mkdir -p tmpmnt

    FAILTYPE=fail_function
    FAILFUNC=open_ctree
    echo $FAILFUNC > /sys/kernel/debug/$FAILTYPE/inject
    echo -12 > /sys/kernel/debug/$FAILTYPE/$FAILFUNC/retval
    echo N > /sys/kernel/debug/$FAILTYPE/task-filter
    echo 100 > /sys/kernel/debug/$FAILTYPE/probability
    echo 0 > /sys/kernel/debug/$FAILTYPE/interval
    echo -1 > /sys/kernel/debug/$FAILTYPE/times
    echo 0 > /sys/kernel/debug/$FAILTYPE/space
    echo 1 > /sys/kernel/debug/$FAILTYPE/verbose

    mount -t btrfs $DEVICE tmpmnt
    if [ $? -ne 0 ]
    then
	echo "SUCCESS!"
    else
	echo "FAILED!"
	umount tmpmnt
    fi

    echo > /sys/kernel/debug/$FAILTYPE/inject

    rmdir tmpmnt
    losetup -d $DEVICE
    rm testfile.img


Tool to run command with failslab or fail_page_alloc
----------------------------------------------------
In order to make it easier to accomplish the tasks mentioned above, we can use
tools/testing/fault-injection/failcmd.sh.  Please run a command
"./tools/testing/fault-injection/failcmd.sh --help" for more information and
see the following examples.

Examples:

Run a command "make -C tools/testing/selftests/ run_tests" with injecting slab
allocation failure::

	# ./tools/testing/fault-injection/failcmd.sh \
		-- make -C tools/testing/selftests/ run_tests

Same as above except to specify 100 times failures at most instead of one time
at most by default::

	# ./tools/testing/fault-injection/failcmd.sh --times=100 \
		-- make -C tools/testing/selftests/ run_tests

Same as above except to inject page allocation failure instead of slab
allocation failure::

	# env FAILCMD_TYPE=fail_page_alloc \
		./tools/testing/fault-injection/failcmd.sh --times=100 \
		-- make -C tools/testing/selftests/ run_tests

Systematic faults using fail-nth
---------------------------------

The following code systematically faults 0-th, 1-st, 2-nd and so on
capabilities in the socketpair() system call::

  #include <sys/types.h>
  #include <sys/stat.h>
  #include <sys/socket.h>
  #include <sys/syscall.h>
  #include <fcntl.h>
  #include <unistd.h>
  #include <string.h>
  #include <stdlib.h>
  #include <stdio.h>
  #include <errno.h>

  int main()
  {
	int i, err, res, fail_nth, fds[2];
	char buf[128];

	system("echo N > /sys/kernel/debug/failslab/ignore-gfp-wait");
	sprintf(buf, "/proc/self/task/%ld/fail-nth", syscall(SYS_gettid));
	fail_nth = open(buf, O_RDWR);
	for (i = 1;; i++) {
		sprintf(buf, "%d", i);
		write(fail_nth, buf, strlen(buf));
		res = socketpair(AF_LOCAL, SOCK_STREAM, 0, fds);
		err = errno;
		pread(fail_nth, buf, sizeof(buf), 0);
		if (res == 0) {
			close(fds[0]);
			close(fds[1]);
		}
		printf("%d-th fault %c: res=%d/%d\n", i, atoi(buf) ? 'N' : 'Y',
			res, err);
		if (atoi(buf))
			break;
	}
	return 0;
  }

An example output::

	1-th fault Y: res=-1/23
	2-th fault Y: res=-1/23
	3-th fault Y: res=-1/12
	4-th fault Y: res=-1/12
	5-th fault Y: res=-1/23
	6-th fault Y: res=-1/23
	7-th fault Y: res=-1/23
	8-th fault Y: res=-1/12
	9-th fault Y: res=-1/12
	10-th fault Y: res=-1/12
	11-th fault Y: res=-1/12
	12-th fault Y: res=-1/12
	13-th fault Y: res=-1/12
	14-th fault Y: res=-1/12
	15-th fault Y: res=-1/12
	16-th fault N: res=0/12
Commit	Line	Data
10ffebbe	1	===========================================
de1ba09b AM	2	Fault injection capabilities infrastructure
	3	===========================================
	4
1892ce4c	5	See also drivers/md/md-faulty.c and "every_nth" module option for scsi_debug.
de1ba09b AM	6
	7
	8	Available fault injection capabilities
	9	--------------------------------------
	10
10ffebbe	11	- failslab
de1ba09b AM	12
	13	injects slab allocation failures. (kmalloc(), kmem_cache_alloc(), ...)
	14
10ffebbe	15	- fail_page_alloc
de1ba09b AM	16
	17	injects page allocation failures. (alloc_pages(), get_free_pages(), ...)
	18
10ffebbe	19	- fail_futex
ab51fbab DB	20
	21	injects futex deadlock and uaddr fault errors.
	22
10ffebbe	23	- fail_make_request
de1ba09b	24
5d0ffa2b	25	injects disk IO errors on devices permitted by setting
de1ba09b AM	26	/sys/block/<device>/make-it-fail or
	27	/sys/block/<device>/<partition>/make-it-fail. (generic_make_request())
	28
10ffebbe	29	- fail_mmc_request
1e4cb22b PF	30
	31	injects MMC data errors on devices permitted by setting
	32	debugfs entries under /sys/kernel/debug/mmc0/fail_mmc_request
	33
10ffebbe	34	- fail_function
4b1a29a7 MH	35
	36	injects error return on specific functions, which are marked by
	37	ALLOW_ERROR_INJECTION() macro, by setting debugfs entries
	38	under /sys/kernel/debug/fail_function. No boot option supported.
	39
10ffebbe	40	- NVMe fault injection
cf4182f3 TT	41
	42	inject NVMe status code and retry flag on devices permitted by setting
	43	debugfs entries under /sys/kernel/debug/nvme*/fault_inject. The default
	44	status code is NVME_SC_INVALID_OPCODE with no retry. The status code and
	45	retry flag can be set via the debugfs.
	46
	47
de1ba09b AM	48	Configure fault-injection capabilities behavior
	49	-----------------------------------------------
	50
10ffebbe MCC	51	debugfs entries
10ffebbe MCC	52	^^^^^^^^^^^^^^^
de1ba09b AM	53
	54	fault-inject-debugfs kernel module provides some debugfs entries for runtime
	55	configuration of fault-injection capabilities.
	56
156f5a78	57	- /sys/kernel/debug/fail*/probability:
de1ba09b AM	58
de1ba09b AM	59	likelihood of failure injection, in percent.
10ffebbe	60
de1ba09b AM	61	Format: <percent>
de1ba09b AM	62
5d0ffa2b DM	63	Note that one-failure-per-hundred is a very high error rate
5d0ffa2b DM	64	for some testcases. Consider setting probability=100 and configure
156f5a78	65	/sys/kernel/debug/fail*/interval for such testcases.
de1ba09b	66
156f5a78	67	- /sys/kernel/debug/fail*/interval:
de1ba09b AM	68
	69	specifies the interval between failures, for calls to
	70	should_fail() that pass all the other tests.
	71
	72	Note that if you enable this, by setting interval>1, you will
	73	probably want to set probability=100.
	74
156f5a78	75	- /sys/kernel/debug/fail*/times:
de1ba09b AM	76
	77	specifies how many times failures may happen at most.
	78	A value of -1 means "no limit".
	79
156f5a78	80	- /sys/kernel/debug/fail*/space:
de1ba09b AM	81
	82	specifies an initial resource "budget", decremented by "size"
	83	on each call to should_fail(,size). Failure injection is
	84	suppressed until "space" reaches zero.
	85
156f5a78	86	- /sys/kernel/debug/fail*/verbose
de1ba09b AM	87
de1ba09b AM	88	Format: { 0 \| 1 \| 2 }
10ffebbe	89
5d0ffa2b DM	90	specifies the verbosity of the messages when failure is
	91	injected. '0' means no messages; '1' will print only a single
	92	log line per failure; '2' will print a call trace too -- useful
	93	to debug the problems revealed by fault injection.
de1ba09b	94
156f5a78	95	- /sys/kernel/debug/fail*/task-filter:
de1ba09b	96
5d0ffa2b	97	Format: { 'Y' \| 'N' }
10ffebbe	98
5d0ffa2b	99	A value of 'N' disables filtering by process (default).
de1ba09b AM	100	Any positive value limits failures to only processes indicated by
	101	/proc/<pid>/make-it-fail==1.
	102
10ffebbe MCC	103	- /sys/kernel/debug/fail*/require-start,
	104	/sys/kernel/debug/fail*/require-end,
	105	/sys/kernel/debug/fail*/reject-start,
	106	/sys/kernel/debug/fail*/reject-end:
de1ba09b AM	107
	108	specifies the range of virtual addresses tested during
	109	stacktrace walking. Failure is injected only if some caller
329409ae AM	110	in the walked stacktrace lies within the required range, and
	111	none lies within the rejected range.
	112	Default required range is [0,ULONG_MAX) (whole of virtual address space).
	113	Default rejected range is [0,0).
de1ba09b	114
156f5a78	115	- /sys/kernel/debug/fail*/stacktrace-depth:
de1ba09b AM	116
de1ba09b AM	117	specifies the maximum stacktrace depth walked during search
5d0ffa2b DM	118	for a caller within [require-start,require-end) OR
5d0ffa2b DM	119	[reject-start,reject-end).
de1ba09b	120
156f5a78	121	- /sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem:
de1ba09b	122
5d0ffa2b	123	Format: { 'Y' \| 'N' }
10ffebbe	124
5d0ffa2b	125	default is 'N', setting it to 'Y' won't inject failures into
de1ba09b AM	126	highmem/user allocations.
de1ba09b AM	127
156f5a78 GL	128	- /sys/kernel/debug/failslab/ignore-gfp-wait:
156f5a78 GL	129	- /sys/kernel/debug/fail_page_alloc/ignore-gfp-wait:
de1ba09b	130
5d0ffa2b	131	Format: { 'Y' \| 'N' }
10ffebbe	132
5d0ffa2b	133	default is 'N', setting it to 'Y' will inject failures
de1ba09b AM	134	only into non-sleep allocations (GFP_ATOMIC allocations).
de1ba09b AM	135
156f5a78	136	- /sys/kernel/debug/fail_page_alloc/min-order:
54114994 AM	137
	138	specifies the minimum page allocation order to be injected
	139	failures.
	140
ab51fbab DB	141	- /sys/kernel/debug/fail_futex/ignore-private:
	142
	143	Format: { 'Y' \| 'N' }
10ffebbe	144
ab51fbab DB	145	default is 'N', setting it to 'Y' will disable failure injections
	146	when dealing with private (address space) futexes.
	147
4b1a29a7 MH	148	- /sys/kernel/debug/fail_function/inject:
	149
	150	Format: { 'function-name' \| '!function-name' \| '' }
10ffebbe	151
4b1a29a7 MH	152	specifies the target function of error injection by name.
	153	If the function name leads '!' prefix, given function is
	154	removed from injection list. If nothing specified ('')
	155	injection list is cleared.
	156
	157	- /sys/kernel/debug/fail_function/injectable:
	158
	159	(read only) shows error injectable functions and what type of
	160	error values can be specified. The error type will be one of
	161	below;
	162	- NULL: retval must be 0.
	163	- ERRNO: retval must be -1 to -MAX_ERRNO (-4096).
	164	- ERR_NULL: retval must be 0 or -1 to -MAX_ERRNO (-4096).
	165
	166	- /sys/kernel/debug/fail_function/<functiuon-name>/retval:
	167
	168	specifies the "error" return value to inject to the given
	169	function for given function. This will be created when
	170	user specifies new injection entry.
	171
10ffebbe MCC	172	Boot option
10ffebbe MCC	173	^^^^^^^^^^^
de1ba09b AM	174
de1ba09b AM	175	In order to inject faults while debugfs is not available (early boot time),
10ffebbe	176	use the boot option::
de1ba09b AM	177
	178	failslab=
	179	fail_page_alloc=
1e4cb22b	180	fail_make_request=
ab51fbab	181	fail_futex=
199e3f4b	182	mmc_core.fail_request=<interval>,<probability>,<space>,<times>
de1ba09b	183
10ffebbe MCC	184	proc entries
10ffebbe MCC	185	^^^^^^^^^^^^
e41d5818	186
10ffebbe MCC	187	- /proc/<pid>/fail-nth,
10ffebbe MCC	188	/proc/self/task/<tid>/fail-nth:
e41d5818	189
9049f2f6	190	Write to this file of integer N makes N-th call in the task fail.
bfc74093 AM	191	Read from this file returns a integer value. A value of '0' indicates
	192	that the fault setup with a previous write to this file was injected.
	193	A positive integer N indicates that the fault wasn't yet injected.
e41d5818 DV	194	Note that this file enables all types of faults (slab, futex, etc).
	195	This setting takes precedence over all other generic debugfs settings
	196	like probability, interval, times, etc. But per-capability settings
	197	(e.g. fail_futex/ignore-private) take precedence over it.
	198
	199	This feature is intended for systematic testing of faults in a single
	200	system call. See an example below.
	201
de1ba09b AM	202	How to add new fault injection capability
	203	-----------------------------------------
	204
10ffebbe	205	- #include <linux/fault-inject.h>
de1ba09b	206
10ffebbe	207	- define the fault attributes
de1ba09b	208
2d87948a	209	DECLARE_FAULT_ATTR(name);
de1ba09b AM	210
	211	Please see the definition of struct fault_attr in fault-inject.h
	212	for details.
	213
10ffebbe	214	- provide a way to configure fault attributes
de1ba09b AM	215
	216	- boot option
	217
	218	If you need to enable the fault injection capability from boot time, you can
5d0ffa2b	219	provide boot option to configure it. There is a helper function for it:
de1ba09b	220
5d0ffa2b	221	setup_fault_attr(attr, str);
de1ba09b AM	222
	223	- debugfs entries
	224
	225	failslab, fail_page_alloc, and fail_make_request use this way.
5d0ffa2b	226	Helper functions:
de1ba09b	227
dd48c085	228	fault_create_debugfs_attr(name, parent, attr);
de1ba09b AM	229
	230	- module parameters
	231
	232	If the scope of the fault injection capability is limited to a
	233	single kernel module, it is better to provide module parameters to
	234	configure the fault attributes.
	235
10ffebbe	236	- add a hook to insert failures
de1ba09b	237
10ffebbe	238	Upon should_fail() returning true, client code should inject a failure:
de1ba09b	239
5d0ffa2b	240	should_fail(attr, size);
de1ba09b AM	241
	242	Application Examples
	243	--------------------
	244
10ffebbe	245	- Inject slab allocation failures into module init/exit code::
de1ba09b	246
10ffebbe	247	#!/bin/bash
de1ba09b	248
10ffebbe MCC	249	FAILTYPE=failslab
	250	echo Y > /sys/kernel/debug/$FAILTYPE/task-filter
	251	echo 10 > /sys/kernel/debug/$FAILTYPE/probability
	252	echo 100 > /sys/kernel/debug/$FAILTYPE/interval
	253	echo -1 > /sys/kernel/debug/$FAILTYPE/times
	254	echo 0 > /sys/kernel/debug/$FAILTYPE/space
	255	echo 2 > /sys/kernel/debug/$FAILTYPE/verbose
	256	echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-wait
de1ba09b	257
10ffebbe MCC	258	faulty_system()
10ffebbe MCC	259	{
18584870	260	bash -c "echo 1 > /proc/self/make-it-fail && exec $*"
10ffebbe	261	}
de1ba09b	262
10ffebbe MCC	263	if [ $# -eq 0 ]
10ffebbe MCC	264	then
18584870 AM	265	echo "Usage: $0 modulename [ modulename ... ]"
18584870 AM	266	exit 1
10ffebbe	267	fi
18584870	268
10ffebbe MCC	269	for m in $*
10ffebbe MCC	270	do
18584870 AM	271	echo inserting $m...
18584870 AM	272	faulty_system modprobe $m
de1ba09b	273
18584870 AM	274	echo removing $m...
18584870 AM	275	faulty_system modprobe -r $m
10ffebbe	276	done
de1ba09b AM	277
	278	------------------------------------------------------------------------------
	279
10ffebbe	280	- Inject page allocation failures only for a specific module::
de1ba09b	281
10ffebbe	282	#!/bin/bash
de1ba09b	283
10ffebbe MCC	284	FAILTYPE=fail_page_alloc
10ffebbe MCC	285	module=$1
de1ba09b	286
10ffebbe MCC	287	if [ -z $module ]
10ffebbe MCC	288	then
18584870 AM	289	echo "Usage: $0 <modulename>"
18584870 AM	290	exit 1
10ffebbe	291	fi
de1ba09b	292
10ffebbe	293	modprobe $module
de1ba09b	294
10ffebbe MCC	295	if [ ! -d /sys/module/$module/sections ]
10ffebbe MCC	296	then
18584870 AM	297	echo Module $module is not loaded
18584870 AM	298	exit 1
10ffebbe	299	fi
18584870	300
10ffebbe MCC	301	cat /sys/module/$module/sections/.text > /sys/kernel/debug/$FAILTYPE/require-start
10ffebbe MCC	302	cat /sys/module/$module/sections/.data > /sys/kernel/debug/$FAILTYPE/require-end
18584870	303
10ffebbe MCC	304	echo N > /sys/kernel/debug/$FAILTYPE/task-filter
	305	echo 10 > /sys/kernel/debug/$FAILTYPE/probability
	306	echo 100 > /sys/kernel/debug/$FAILTYPE/interval
	307	echo -1 > /sys/kernel/debug/$FAILTYPE/times
	308	echo 0 > /sys/kernel/debug/$FAILTYPE/space
	309	echo 2 > /sys/kernel/debug/$FAILTYPE/verbose
	310	echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-wait
	311	echo 1 > /sys/kernel/debug/$FAILTYPE/ignore-gfp-highmem
	312	echo 10 > /sys/kernel/debug/$FAILTYPE/stacktrace-depth
18584870	313
10ffebbe	314	trap "echo 0 > /sys/kernel/debug/$FAILTYPE/probability" SIGINT SIGTERM EXIT
18584870	315
10ffebbe MCC	316	echo "Injecting errors into the module $module... (interrupt to stop)"
10ffebbe MCC	317	sleep 1000000
de1ba09b	318
4b1a29a7 MH	319	------------------------------------------------------------------------------
4b1a29a7 MH	320
10ffebbe MCC	321	- Inject open_ctree error while btrfs mount::
	322
	323	#!/bin/bash
	324
	325	rm -f testfile.img
	326	dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1
	327	DEVICE=$(losetup --show -f testfile.img)
	328	mkfs.btrfs -f $DEVICE
	329	mkdir -p tmpmnt
	330
	331	FAILTYPE=fail_function
	332	FAILFUNC=open_ctree
	333	echo $FAILFUNC > /sys/kernel/debug/$FAILTYPE/inject
	334	echo -12 > /sys/kernel/debug/$FAILTYPE/$FAILFUNC/retval
	335	echo N > /sys/kernel/debug/$FAILTYPE/task-filter
	336	echo 100 > /sys/kernel/debug/$FAILTYPE/probability
	337	echo 0 > /sys/kernel/debug/$FAILTYPE/interval
	338	echo -1 > /sys/kernel/debug/$FAILTYPE/times
	339	echo 0 > /sys/kernel/debug/$FAILTYPE/space
	340	echo 1 > /sys/kernel/debug/$FAILTYPE/verbose
	341
	342	mount -t btrfs $DEVICE tmpmnt
	343	if [ $? -ne 0 ]
	344	then
4b1a29a7	345	echo "SUCCESS!"
10ffebbe	346	else
4b1a29a7 MH	347	echo "FAILED!"
4b1a29a7 MH	348	umount tmpmnt
10ffebbe	349	fi
4b1a29a7	350
10ffebbe	351	echo > /sys/kernel/debug/$FAILTYPE/inject
4b1a29a7	352
10ffebbe MCC	353	rmdir tmpmnt
	354	losetup -d $DEVICE
	355	rm testfile.img
4b1a29a7 MH	356
4b1a29a7 MH	357
c24aa64d AM	358	Tool to run command with failslab or fail_page_alloc
	359	----------------------------------------------------
	360	In order to make it easier to accomplish the tasks mentioned above, we can use
	361	tools/testing/fault-injection/failcmd.sh. Please run a command
	362	"./tools/testing/fault-injection/failcmd.sh --help" for more information and
	363	see the following examples.
	364
	365	Examples:
	366
	367	Run a command "make -C tools/testing/selftests/ run_tests" with injecting slab
10ffebbe	368	allocation failure::
c24aa64d AM	369
	370	# ./tools/testing/fault-injection/failcmd.sh \
	371	-- make -C tools/testing/selftests/ run_tests
	372
	373	Same as above except to specify 100 times failures at most instead of one time
10ffebbe	374	at most by default::
c24aa64d AM	375
	376	# ./tools/testing/fault-injection/failcmd.sh --times=100 \
	377	-- make -C tools/testing/selftests/ run_tests
	378
	379	Same as above except to inject page allocation failure instead of slab
10ffebbe	380	allocation failure::
c24aa64d AM	381
	382	# env FAILCMD_TYPE=fail_page_alloc \
	383	./tools/testing/fault-injection/failcmd.sh --times=100 \
10ffebbe	384	-- make -C tools/testing/selftests/ run_tests
e41d5818 DV	385
	386	Systematic faults using fail-nth
	387	---------------------------------
	388
	389	The following code systematically faults 0-th, 1-st, 2-nd and so on
10ffebbe MCC	390	capabilities in the socketpair() system call::
	391
	392	#include <sys/types.h>
	393	#include <sys/stat.h>
	394	#include <sys/socket.h>
	395	#include <sys/syscall.h>
	396	#include <fcntl.h>
	397	#include <unistd.h>
	398	#include <string.h>
	399	#include <stdlib.h>
	400	#include <stdio.h>
	401	#include <errno.h>
	402
	403	int main()
	404	{
e41d5818 DV	405	int i, err, res, fail_nth, fds[2];
	406	char buf[128];
	407
	408	system("echo N > /sys/kernel/debug/failslab/ignore-gfp-wait");
	409	sprintf(buf, "/proc/self/task/%ld/fail-nth", syscall(SYS_gettid));
	410	fail_nth = open(buf, O_RDWR);
9049f2f6	411	for (i = 1;; i++) {
e41d5818 DV	412	sprintf(buf, "%d", i);
	413	write(fail_nth, buf, strlen(buf));
	414	res = socketpair(AF_LOCAL, SOCK_STREAM, 0, fds);
	415	err = errno;
bfc74093	416	pread(fail_nth, buf, sizeof(buf), 0);
e41d5818 DV	417	if (res == 0) {
	418	close(fds[0]);
	419	close(fds[1]);
	420	}
bfc74093 AM	421	printf("%d-th fault %c: res=%d/%d\n", i, atoi(buf) ? 'N' : 'Y',
	422	res, err);
	423	if (atoi(buf))
e41d5818 DV	424	break;
	425	}
	426	return 0;
10ffebbe MCC	427	}
	428
	429	An example output::
	430
	431	1-th fault Y: res=-1/23
	432	2-th fault Y: res=-1/23
	433	3-th fault Y: res=-1/12
	434	4-th fault Y: res=-1/12
	435	5-th fault Y: res=-1/23
	436	6-th fault Y: res=-1/23
	437	7-th fault Y: res=-1/23
	438	8-th fault Y: res=-1/12
	439	9-th fault Y: res=-1/12
	440	10-th fault Y: res=-1/12
	441	11-th fault Y: res=-1/12
	442	12-th fault Y: res=-1/12
	443	13-th fault Y: res=-1/12
	444	14-th fault Y: res=-1/12
	445	15-th fault Y: res=-1/12
	446	16-th fault N: res=0/12