[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJuCfpEQJe7HiNXhv+fH3auvr_-M6VpxhgWTj9q6e5GLkd+8Uw@mail.gmail.com>
Date: Wed, 31 Aug 2022 08:51:10 -0700
From: Suren Baghdasaryan <surenb@...gle.com>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Kent Overstreet <kent.overstreet@...ux.dev>,
Michal Hocko <mhocko@...e.com>,
Vlastimil Babka <vbabka@...e.cz>,
Johannes Weiner <hannes@...xchg.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Mel Gorman <mgorman@...e.de>,
Davidlohr Bueso <dave@...olabs.net>,
Matthew Wilcox <willy@...radead.org>,
"Liam R. Howlett" <liam.howlett@...cle.com>,
David Vernet <void@...ifault.com>,
Peter Zijlstra <peterz@...radead.org>,
Juri Lelli <juri.lelli@...hat.com>,
Laurent Dufour <ldufour@...ux.ibm.com>,
Peter Xu <peterx@...hat.com>,
David Hildenbrand <david@...hat.com>,
Jens Axboe <axboe@...nel.dk>, mcgrof@...nel.org,
masahiroy@...nel.org, nathan@...nel.org, changbin.du@...el.com,
ytcoode@...il.com, Vincent Guittot <vincent.guittot@...aro.org>,
Dietmar Eggemann <dietmar.eggemann@....com>,
Steven Rostedt <rostedt@...dmis.org>,
Benjamin Segall <bsegall@...gle.com>,
Daniel Bristot de Oliveira <bristot@...hat.com>,
Valentin Schneider <vschneid@...hat.com>,
Christopher Lameter <cl@...ux.com>,
Pekka Enberg <penberg@...nel.org>,
Joonsoo Kim <iamjoonsoo.kim@....com>, 42.hyeyoo@...il.com,
Alexander Potapenko <glider@...gle.com>,
Marco Elver <elver@...gle.com>,
Shakeel Butt <shakeelb@...gle.com>,
Muchun Song <songmuchun@...edance.com>, arnd@...db.de,
jbaron@...mai.com, David Rientjes <rientjes@...gle.com>,
Minchan Kim <minchan@...gle.com>,
Kalesh Singh <kaleshsingh@...gle.com>,
kernel-team <kernel-team@...roid.com>,
linux-mm <linux-mm@...ck.org>, iommu@...ts.linux.dev,
kasan-dev@...glegroups.com, io-uring@...r.kernel.org,
linux-arch@...r.kernel.org, xen-devel@...ts.xenproject.org,
linux-bcache@...r.kernel.org, linux-modules@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH 22/30] Code tagging based fault injection
On Wed, Aug 31, 2022 at 3:37 AM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>
> On Tue, 30 Aug 2022 at 23:50, Suren Baghdasaryan <surenb@...gle.com> wrote:
> >
> > From: Kent Overstreet <kent.overstreet@...ux.dev>
> >
> > This adds a new fault injection capability, based on code tagging.
> >
> > To use, simply insert somewhere in your code
> >
> > dynamic_fault("fault_class_name")
> >
> > and check whether it returns true - if so, inject the error.
> > For example
> >
> > if (dynamic_fault("init"))
> > return -EINVAL;
>
> Hi Suren,
>
> If this is going to be used by mainline kernel, it would be good to
> integrate this with fail_nth systematic fault injection:
> https://elixir.bootlin.com/linux/latest/source/lib/fault-inject.c#L109
>
> Otherwise these dynamic sites won't be tested by testing systems doing
> systematic fault injection testing.
Hi Dmitry,
Thanks for the information! Will look into it and try to integrate.
Suren.
>
>
> > There's no need to define faults elsewhere, as with
> > include/linux/fault-injection.h. Faults show up in debugfs, under
> > /sys/kernel/debug/dynamic_faults, and can be selected based on
> > file/module/function/line number/class, and enabled permanently, or in
> > oneshot mode, or with a specified frequency.
> >
> > Signed-off-by: Kent Overstreet <kent.overstreet@...ux.dev>
> > ---
> > include/asm-generic/codetag.lds.h | 3 +-
> > include/linux/dynamic_fault.h | 79 +++++++
> > include/linux/slab.h | 3 +-
> > lib/Kconfig.debug | 6 +
> > lib/Makefile | 2 +
> > lib/dynamic_fault.c | 372 ++++++++++++++++++++++++++++++
> > 6 files changed, 463 insertions(+), 2 deletions(-)
> > create mode 100644 include/linux/dynamic_fault.h
> > create mode 100644 lib/dynamic_fault.c
> >
> > diff --git a/include/asm-generic/codetag.lds.h b/include/asm-generic/codetag.lds.h
> > index 64f536b80380..16fbf74edc3d 100644
> > --- a/include/asm-generic/codetag.lds.h
> > +++ b/include/asm-generic/codetag.lds.h
> > @@ -9,6 +9,7 @@
> > __stop_##_name = .;
> >
> > #define CODETAG_SECTIONS() \
> > - SECTION_WITH_BOUNDARIES(alloc_tags)
> > + SECTION_WITH_BOUNDARIES(alloc_tags) \
> > + SECTION_WITH_BOUNDARIES(dynamic_fault_tags)
> >
> > #endif /* __ASM_GENERIC_CODETAG_LDS_H */
> > diff --git a/include/linux/dynamic_fault.h b/include/linux/dynamic_fault.h
> > new file mode 100644
> > index 000000000000..526a33209e94
> > --- /dev/null
> > +++ b/include/linux/dynamic_fault.h
> > @@ -0,0 +1,79 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +
> > +#ifndef _LINUX_DYNAMIC_FAULT_H
> > +#define _LINUX_DYNAMIC_FAULT_H
> > +
> > +/*
> > + * Dynamic/code tagging fault injection:
> > + *
> > + * Originally based on the dynamic debug trick of putting types in a special elf
> > + * section, then rewritten using code tagging:
> > + *
> > + * To use, simply insert a call to dynamic_fault("fault_class"), which will
> > + * return true if an error should be injected.
> > + *
> > + * Fault injection sites may be listed and enabled via debugfs, under
> > + * /sys/kernel/debug/dynamic_faults.
> > + */
> > +
> > +#ifdef CONFIG_CODETAG_FAULT_INJECTION
> > +
> > +#include <linux/codetag.h>
> > +#include <linux/jump_label.h>
> > +
> > +#define DFAULT_STATES() \
> > + x(disabled) \
> > + x(enabled) \
> > + x(oneshot)
> > +
> > +enum dfault_enabled {
> > +#define x(n) DFAULT_##n,
> > + DFAULT_STATES()
> > +#undef x
> > +};
> > +
> > +union dfault_state {
> > + struct {
> > + unsigned int enabled:2;
> > + unsigned int count:30;
> > + };
> > +
> > + struct {
> > + unsigned int v;
> > + };
> > +};
> > +
> > +struct dfault {
> > + struct codetag tag;
> > + const char *class;
> > + unsigned int frequency;
> > + union dfault_state state;
> > + struct static_key_false enabled;
> > +};
> > +
> > +bool __dynamic_fault_enabled(struct dfault *df);
> > +
> > +#define dynamic_fault(_class) \
> > +({ \
> > + static struct dfault \
> > + __used \
> > + __section("dynamic_fault_tags") \
> > + __aligned(8) df = { \
> > + .tag = CODE_TAG_INIT, \
> > + .class = _class, \
> > + .enabled = STATIC_KEY_FALSE_INIT, \
> > + }; \
> > + \
> > + static_key_false(&df.enabled.key) && \
> > + __dynamic_fault_enabled(&df); \
> > +})
> > +
> > +#else
> > +
> > +#define dynamic_fault(_class) false
> > +
> > +#endif /* CODETAG_FAULT_INJECTION */
> > +
> > +#define memory_fault() dynamic_fault("memory")
> > +
> > +#endif /* _LINUX_DYNAMIC_FAULT_H */
> > diff --git a/include/linux/slab.h b/include/linux/slab.h
> > index 89273be35743..4be5a93ed15a 100644
> > --- a/include/linux/slab.h
> > +++ b/include/linux/slab.h
> > @@ -17,6 +17,7 @@
> > #include <linux/types.h>
> > #include <linux/workqueue.h>
> > #include <linux/percpu-refcount.h>
> > +#include <linux/dynamic_fault.h>
> >
> >
> > /*
> > @@ -468,7 +469,7 @@ static inline void slab_tag_dec(const void *ptr) {}
> >
> > #define krealloc_hooks(_p, _do_alloc) \
> > ({ \
> > - void *_res = _do_alloc; \
> > + void *_res = !memory_fault() ? _do_alloc : NULL; \
> > slab_tag_add(_p, _res); \
> > _res; \
> > })
> > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> > index 2790848464f1..b7d03afbc808 100644
> > --- a/lib/Kconfig.debug
> > +++ b/lib/Kconfig.debug
> > @@ -1982,6 +1982,12 @@ config FAULT_INJECTION_STACKTRACE_FILTER
> > help
> > Provide stacktrace filter for fault-injection capabilities
> >
> > +config CODETAG_FAULT_INJECTION
> > + bool "Code tagging based fault injection"
> > + select CODE_TAGGING
> > + help
> > + Dynamic fault injection based on code tagging
> > +
> > config ARCH_HAS_KCOV
> > bool
> > help
> > diff --git a/lib/Makefile b/lib/Makefile
> > index 99f732156673..489ea000c528 100644
> > --- a/lib/Makefile
> > +++ b/lib/Makefile
> > @@ -231,6 +231,8 @@ obj-$(CONFIG_CODE_TAGGING) += codetag.o
> > obj-$(CONFIG_ALLOC_TAGGING) += alloc_tag.o
> > obj-$(CONFIG_PAGE_ALLOC_TAGGING) += pgalloc_tag.o
> >
> > +obj-$(CONFIG_CODETAG_FAULT_INJECTION) += dynamic_fault.o
> > +
> > lib-$(CONFIG_GENERIC_BUG) += bug.o
> >
> > obj-$(CONFIG_HAVE_ARCH_TRACEHOOK) += syscall.o
> > diff --git a/lib/dynamic_fault.c b/lib/dynamic_fault.c
> > new file mode 100644
> > index 000000000000..4c9cd18686be
> > --- /dev/null
> > +++ b/lib/dynamic_fault.c
> > @@ -0,0 +1,372 @@
> > +// SPDX-License-Identifier: GPL-2.0-only
> > +
> > +#include <linux/ctype.h>
> > +#include <linux/debugfs.h>
> > +#include <linux/dynamic_fault.h>
> > +#include <linux/kernel.h>
> > +#include <linux/module.h>
> > +#include <linux/seq_buf.h>
> > +
> > +static struct codetag_type *cttype;
> > +
> > +bool __dynamic_fault_enabled(struct dfault *df)
> > +{
> > + union dfault_state old, new;
> > + unsigned int v = df->state.v;
> > + bool ret;
> > +
> > + do {
> > + old.v = new.v = v;
> > +
> > + if (new.enabled == DFAULT_disabled)
> > + return false;
> > +
> > + ret = df->frequency
> > + ? ++new.count >= df->frequency
> > + : true;
> > + if (ret)
> > + new.count = 0;
> > + if (ret && new.enabled == DFAULT_oneshot)
> > + new.enabled = DFAULT_disabled;
> > + } while ((v = cmpxchg(&df->state.v, old.v, new.v)) != old.v);
> > +
> > + if (ret)
> > + pr_debug("returned true for %s:%u", df->tag.filename, df->tag.lineno);
> > +
> > + return ret;
> > +}
> > +EXPORT_SYMBOL(__dynamic_fault_enabled);
> > +
> > +static const char * const dfault_state_strs[] = {
> > +#define x(n) #n,
> > + DFAULT_STATES()
> > +#undef x
> > + NULL
> > +};
> > +
> > +static void dynamic_fault_to_text(struct seq_buf *out, struct dfault *df)
> > +{
> > + codetag_to_text(out, &df->tag);
> > + seq_buf_printf(out, "class:%s %s \"", df->class,
> > + dfault_state_strs[df->state.enabled]);
> > +}
> > +
> > +struct dfault_query {
> > + struct codetag_query q;
> > +
> > + bool set_enabled:1;
> > + unsigned int enabled:2;
> > +
> > + bool set_frequency:1;
> > + unsigned int frequency;
> > +};
> > +
> > +/*
> > + * Search the tables for _dfault's which match the given
> > + * `query' and apply the `flags' and `mask' to them. Tells
> > + * the user which dfault's were changed, or whether none
> > + * were matched.
> > + */
> > +static int dfault_change(struct dfault_query *query)
> > +{
> > + struct codetag_iterator ct_iter;
> > + struct codetag *ct;
> > + unsigned int nfound = 0;
> > +
> > + codetag_lock_module_list(cttype, true);
> > + codetag_init_iter(&ct_iter, cttype);
> > +
> > + while ((ct = codetag_next_ct(&ct_iter))) {
> > + struct dfault *df = container_of(ct, struct dfault, tag);
> > +
> > + if (!codetag_matches_query(&query->q, ct, ct_iter.cmod, df->class))
> > + continue;
> > +
> > + if (query->set_enabled &&
> > + query->enabled != df->state.enabled) {
> > + if (query->enabled != DFAULT_disabled)
> > + static_key_slow_inc(&df->enabled.key);
> > + else if (df->state.enabled != DFAULT_disabled)
> > + static_key_slow_dec(&df->enabled.key);
> > +
> > + df->state.enabled = query->enabled;
> > + }
> > +
> > + if (query->set_frequency)
> > + df->frequency = query->frequency;
> > +
> > + pr_debug("changed %s:%d [%s]%s #%d %s",
> > + df->tag.filename, df->tag.lineno, df->tag.modname,
> > + df->tag.function, query->q.cur_index,
> > + dfault_state_strs[df->state.enabled]);
> > +
> > + nfound++;
> > + }
> > +
> > + pr_debug("dfault: %u matches", nfound);
> > +
> > + codetag_lock_module_list(cttype, false);
> > +
> > + return nfound ? 0 : -ENOENT;
> > +}
> > +
> > +#define DFAULT_TOKENS() \
> > + x(disable, 0) \
> > + x(enable, 0) \
> > + x(oneshot, 0) \
> > + x(frequency, 1)
> > +
> > +enum dfault_token {
> > +#define x(name, nr_args) TOK_##name,
> > + DFAULT_TOKENS()
> > +#undef x
> > +};
> > +
> > +static const char * const dfault_token_strs[] = {
> > +#define x(name, nr_args) #name,
> > + DFAULT_TOKENS()
> > +#undef x
> > + NULL
> > +};
> > +
> > +static unsigned int dfault_token_nr_args[] = {
> > +#define x(name, nr_args) nr_args,
> > + DFAULT_TOKENS()
> > +#undef x
> > +};
> > +
> > +static enum dfault_token str_to_token(const char *word, unsigned int nr_words)
> > +{
> > + int tok = match_string(dfault_token_strs, ARRAY_SIZE(dfault_token_strs), word);
> > +
> > + if (tok < 0) {
> > + pr_debug("unknown keyword \"%s\"", word);
> > + return tok;
> > + }
> > +
> > + if (nr_words < dfault_token_nr_args[tok]) {
> > + pr_debug("insufficient arguments to \"%s\"", word);
> > + return -EINVAL;
> > + }
> > +
> > + return tok;
> > +}
> > +
> > +static int dfault_parse_command(struct dfault_query *query,
> > + enum dfault_token tok,
> > + char *words[], size_t nr_words)
> > +{
> > + unsigned int i = 0;
> > + int ret;
> > +
> > + switch (tok) {
> > + case TOK_disable:
> > + query->set_enabled = true;
> > + query->enabled = DFAULT_disabled;
> > + break;
> > + case TOK_enable:
> > + query->set_enabled = true;
> > + query->enabled = DFAULT_enabled;
> > + break;
> > + case TOK_oneshot:
> > + query->set_enabled = true;
> > + query->enabled = DFAULT_oneshot;
> > + break;
> > + case TOK_frequency:
> > + query->set_frequency = 1;
> > + ret = kstrtouint(words[i++], 10, &query->frequency);
> > + if (ret)
> > + return ret;
> > +
> > + if (!query->set_enabled) {
> > + query->set_enabled = 1;
> > + query->enabled = DFAULT_enabled;
> > + }
> > + break;
> > + }
> > +
> > + return i;
> > +}
> > +
> > +static int dynamic_fault_store(char *buf)
> > +{
> > + struct dfault_query query = { NULL };
> > +#define MAXWORDS 9
> > + char *tok, *words[MAXWORDS];
> > + int ret, nr_words, i = 0;
> > +
> > + buf = codetag_query_parse(&query.q, buf);
> > + if (IS_ERR(buf))
> > + return PTR_ERR(buf);
> > +
> > + while ((tok = strsep_no_empty(&buf, " \t\r\n"))) {
> > + if (nr_words == ARRAY_SIZE(words))
> > + return -EINVAL; /* ran out of words[] before bytes */
> > + words[nr_words++] = tok;
> > + }
> > +
> > + while (i < nr_words) {
> > + const char *tok_str = words[i++];
> > + enum dfault_token tok = str_to_token(tok_str, nr_words - i);
> > +
> > + if (tok < 0)
> > + return tok;
> > +
> > + ret = dfault_parse_command(&query, tok, words + i, nr_words - i);
> > + if (ret < 0)
> > + return ret;
> > +
> > + i += ret;
> > + BUG_ON(i > nr_words);
> > + }
> > +
> > + pr_debug("q->function=\"%s\" q->filename=\"%s\" "
> > + "q->module=\"%s\" q->line=%u-%u\n q->index=%u-%u",
> > + query.q.function, query.q.filename, query.q.module,
> > + query.q.first_line, query.q.last_line,
> > + query.q.first_index, query.q.last_index);
> > +
> > + ret = dfault_change(&query);
> > + if (ret < 0)
> > + return ret;
> > +
> > + return 0;
> > +}
> > +
> > +struct dfault_iter {
> > + struct codetag_iterator ct_iter;
> > +
> > + struct seq_buf buf;
> > + char rawbuf[4096];
> > +};
> > +
> > +static int dfault_open(struct inode *inode, struct file *file)
> > +{
> > + struct dfault_iter *iter;
> > +
> > + iter = kzalloc(sizeof(*iter), GFP_KERNEL);
> > + if (!iter)
> > + return -ENOMEM;
> > +
> > + codetag_lock_module_list(cttype, true);
> > + codetag_init_iter(&iter->ct_iter, cttype);
> > + codetag_lock_module_list(cttype, false);
> > +
> > + file->private_data = iter;
> > + seq_buf_init(&iter->buf, iter->rawbuf, sizeof(iter->rawbuf));
> > + return 0;
> > +}
> > +
> > +static int dfault_release(struct inode *inode, struct file *file)
> > +{
> > + struct dfault_iter *iter = file->private_data;
> > +
> > + kfree(iter);
> > + return 0;
> > +}
> > +
> > +struct user_buf {
> > + char __user *buf; /* destination user buffer */
> > + size_t size; /* size of requested read */
> > + ssize_t ret; /* bytes read so far */
> > +};
> > +
> > +static int flush_ubuf(struct user_buf *dst, struct seq_buf *src)
> > +{
> > + if (src->len) {
> > + size_t bytes = min_t(size_t, src->len, dst->size);
> > + int err = copy_to_user(dst->buf, src->buffer, bytes);
> > +
> > + if (err)
> > + return err;
> > +
> > + dst->ret += bytes;
> > + dst->buf += bytes;
> > + dst->size -= bytes;
> > + src->len -= bytes;
> > + memmove(src->buffer, src->buffer + bytes, src->len);
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +static ssize_t dfault_read(struct file *file, char __user *ubuf,
> > + size_t size, loff_t *ppos)
> > +{
> > + struct dfault_iter *iter = file->private_data;
> > + struct user_buf buf = { .buf = ubuf, .size = size };
> > + struct codetag *ct;
> > + struct dfault *df;
> > + int err;
> > +
> > + codetag_lock_module_list(iter->ct_iter.cttype, true);
> > + while (1) {
> > + err = flush_ubuf(&buf, &iter->buf);
> > + if (err || !buf.size)
> > + break;
> > +
> > + ct = codetag_next_ct(&iter->ct_iter);
> > + if (!ct)
> > + break;
> > +
> > + df = container_of(ct, struct dfault, tag);
> > + dynamic_fault_to_text(&iter->buf, df);
> > + seq_buf_putc(&iter->buf, '\n');
> > + }
> > + codetag_lock_module_list(iter->ct_iter.cttype, false);
> > +
> > + return err ?: buf.ret;
> > +}
> > +
> > +/*
> > + * File_ops->write method for <debugfs>/dynamic_fault/conrol. Gathers the
> > + * command text from userspace, parses and executes it.
> > + */
> > +static ssize_t dfault_write(struct file *file, const char __user *ubuf,
> > + size_t len, loff_t *offp)
> > +{
> > + char tmpbuf[256];
> > +
> > + if (len == 0)
> > + return 0;
> > + /* we don't check *offp -- multiple writes() are allowed */
> > + if (len > sizeof(tmpbuf)-1)
> > + return -E2BIG;
> > + if (copy_from_user(tmpbuf, ubuf, len))
> > + return -EFAULT;
> > + tmpbuf[len] = '\0';
> > + pr_debug("read %zu bytes from userspace", len);
> > +
> > + dynamic_fault_store(tmpbuf);
> > +
> > + *offp += len;
> > + return len;
> > +}
> > +
> > +static const struct file_operations dfault_ops = {
> > + .owner = THIS_MODULE,
> > + .open = dfault_open,
> > + .release = dfault_release,
> > + .read = dfault_read,
> > + .write = dfault_write
> > +};
> > +
> > +static int __init dynamic_fault_init(void)
> > +{
> > + const struct codetag_type_desc desc = {
> > + .section = "dynamic_fault_tags",
> > + .tag_size = sizeof(struct dfault),
> > + };
> > + struct dentry *debugfs_file;
> > +
> > + cttype = codetag_register_type(&desc);
> > + if (IS_ERR_OR_NULL(cttype))
> > + return PTR_ERR(cttype);
> > +
> > + debugfs_file = debugfs_create_file("dynamic_faults", 0666, NULL, NULL, &dfault_ops);
> > + if (IS_ERR(debugfs_file))
> > + return PTR_ERR(debugfs_file);
> > +
> > + return 0;
> > +}
> > +module_init(dynamic_fault_init);
> > --
> > 2.37.2.672.g94769d06f0-goog
> >
Powered by blists - more mailing lists