| Message ID | 20190501230126.229218-9-brendanhiggins@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | kunit: introduce KUnit, the Linux kernel unit testing framework | expand |
On 2019-05-01 5:01 p.m., Brendan Higgins wrote: > +/* > + * struct kunit_try_catch - provides a generic way to run code which might fail. > + * @context: used to pass user data to the try and catch functions. > + * > + * kunit_try_catch provides a generic, architecture independent way to execute > + * an arbitrary function of type kunit_try_catch_func_t which may bail out by > + * calling kunit_try_catch_throw(). If kunit_try_catch_throw() is called, @try > + * is stopped at the site of invocation and @catch is catch is called. I found some of the C++ comparisons in this series a bit distasteful but wasn't going to say anything until I saw the try catch.... But looking into the implementation it's just a thread that can exit early which seems fine to me. Just a poor choice of name I guess... [snip] > +static void __noreturn kunit_abort(struct kunit *test) > +{ > + kunit_set_death_test(test, true); > + > + kunit_try_catch_throw(&test->try_catch); > + > + /* > + * Throw could not abort from test. > + * > + * XXX: we should never reach this line! As kunit_try_catch_throw is > + * marked __noreturn. > + */ > + WARN_ONCE(true, "Throw could not abort from test!\n"); > +} > + > int kunit_init_test(struct kunit *test, const char *name) > { > spin_lock_init(&test->lock); > @@ -77,6 +103,7 @@ int kunit_init_test(struct kunit *test, const char *name) > test->name = name; > test->vprintk = kunit_vprintk; > test->fail = kunit_fail; > + test->abort = kunit_abort; There are a number of these function pointers which seem to be pointless to me as you only ever set them to one function. Just call the function directly. As it is, it is an unnecessary indirection for someone reading the code. If and when you have multiple implementations of the function then add the pointer. Don't assume you're going to need it later on and add all this maintenance burden if you never use it.. [snip] > +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch) > +{ > + try_catch->run = kunit_generic_run_try_catch; > + try_catch->throw = kunit_generic_throw; > +} Same here. There's only one implementation of try_catch and I can't really see any sensible justification for another implementation. Even if there is, add the indirection when the second implementation is added. This isn't C++ and we don't need to make everything a "method". Thanks, Logan
On Thu, May 2, 2019 at 8:15 PM Logan Gunthorpe <logang@deltatee.com> wrote: > > > > On 2019-05-01 5:01 p.m., Brendan Higgins wrote: > > +/* > > + * struct kunit_try_catch - provides a generic way to run code which might fail. > > + * @context: used to pass user data to the try and catch functions. > > + * > > + * kunit_try_catch provides a generic, architecture independent way to execute > > + * an arbitrary function of type kunit_try_catch_func_t which may bail out by > > + * calling kunit_try_catch_throw(). If kunit_try_catch_throw() is called, @try > > + * is stopped at the site of invocation and @catch is catch is called. > > I found some of the C++ comparisons in this series a bit distasteful but > wasn't going to say anything until I saw the try catch.... But looking > into the implementation it's just a thread that can exit early which > seems fine to me. Just a poor choice of name I guess... Guilty as charged (I have a long history with C++, sorry). Would you prefer I changed the name? I just figured that try-catch is a commonly understood pattern that describes exactly what I am doing. > > [snip] > > > +static void __noreturn kunit_abort(struct kunit *test) > > +{ > > + kunit_set_death_test(test, true); > > + > > + kunit_try_catch_throw(&test->try_catch); > > + > > + /* > > + * Throw could not abort from test. > > + * > > + * XXX: we should never reach this line! As kunit_try_catch_throw is > > + * marked __noreturn. > > + */ > > + WARN_ONCE(true, "Throw could not abort from test!\n"); > > +} > > + > > int kunit_init_test(struct kunit *test, const char *name) > > { > > spin_lock_init(&test->lock); > > @@ -77,6 +103,7 @@ int kunit_init_test(struct kunit *test, const char *name) > > test->name = name; > > test->vprintk = kunit_vprintk; > > test->fail = kunit_fail; > > + test->abort = kunit_abort; > > There are a number of these function pointers which seem to be pointless > to me as you only ever set them to one function. Just call the function > directly. As it is, it is an unnecessary indirection for someone reading > the code. If and when you have multiple implementations of the function > then add the pointer. Don't assume you're going to need it later on and > add all this maintenance burden if you never use it.. Ah, yes, Frank (and probably others) previously asked me to remove unnecessary method pointers; I removed all the totally unused ones. As for these, I don't use them in this patchset, but I use them in my patchsets that will follow up this one. These in particular are present so that they can be mocked out for testing. > > [snip] > > > +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch) > > +{ > > + try_catch->run = kunit_generic_run_try_catch; > > + try_catch->throw = kunit_generic_throw; > > +} > > Same here. There's only one implementation of try_catch and I can't > really see any sensible justification for another implementation. Even > if there is, add the indirection when the second implementation is > added. This isn't C++ and we don't need to make everything a "method". These methods are for a UML specific implementation in a follow up patchset, which is needed for some features like crash recovery, death tests, and removes dependence on kthreads. I know this probably sounds like premature complexity. Arguably it is in hindsight, but I wrote those features before I pulled out these interfaces (they were actually both originally in this patchset, but I dropped them to make this patchset easier to review). I can remove these methods and add them back in when I actually use them in the follow up patchsets if you prefer. Thanks!
On 2019-05-03 12:48 a.m., Brendan Higgins wrote: > On Thu, May 2, 2019 at 8:15 PM Logan Gunthorpe <logang@deltatee.com> wrote: >> On 2019-05-01 5:01 p.m., Brendan Higgins wrote: >>> +/* >>> + * struct kunit_try_catch - provides a generic way to run code which might fail. >>> + * @context: used to pass user data to the try and catch functions. >>> + * >>> + * kunit_try_catch provides a generic, architecture independent way to execute >>> + * an arbitrary function of type kunit_try_catch_func_t which may bail out by >>> + * calling kunit_try_catch_throw(). If kunit_try_catch_throw() is called, @try >>> + * is stopped at the site of invocation and @catch is catch is called. >> >> I found some of the C++ comparisons in this series a bit distasteful but >> wasn't going to say anything until I saw the try catch.... But looking >> into the implementation it's just a thread that can exit early which >> seems fine to me. Just a poor choice of name I guess... > > Guilty as charged (I have a long history with C++, sorry). Would you > prefer I changed the name? I just figured that try-catch is a commonly > understood pattern that describes exactly what I am doing. It is a commonly understood pattern, but I don't think it's what the code is doing. Try-catch cleans up an entire stack and allows each level of the stack to apply local cleanup. This implementation simply exits a thread and has none of that complexity. To me, it seems like an odd abstraction here as it's really just a test runner that can exit early (though I haven't seen the follow-up UML implementation). I would prefer to see this cleaned up such that the abstraction matches more what's going on but I don't feel that strongly about it so I'll leave it up to you to figure out what's best unless other reviewers have stronger opinions. >> >> [snip] >> >>> +static void __noreturn kunit_abort(struct kunit *test) >>> +{ >>> + kunit_set_death_test(test, true); >>> + >>> + kunit_try_catch_throw(&test->try_catch); >>> + >>> + /* >>> + * Throw could not abort from test. >>> + * >>> + * XXX: we should never reach this line! As kunit_try_catch_throw is >>> + * marked __noreturn. >>> + */ >>> + WARN_ONCE(true, "Throw could not abort from test!\n"); >>> +} >>> + >>> int kunit_init_test(struct kunit *test, const char *name) >>> { >>> spin_lock_init(&test->lock); >>> @@ -77,6 +103,7 @@ int kunit_init_test(struct kunit *test, const char *name) >>> test->name = name; >>> test->vprintk = kunit_vprintk; >>> test->fail = kunit_fail; >>> + test->abort = kunit_abort; >> >> There are a number of these function pointers which seem to be pointless >> to me as you only ever set them to one function. Just call the function >> directly. As it is, it is an unnecessary indirection for someone reading >> the code. If and when you have multiple implementations of the function >> then add the pointer. Don't assume you're going to need it later on and >> add all this maintenance burden if you never use it.. > > Ah, yes, Frank (and probably others) previously asked me to remove > unnecessary method pointers; I removed all the totally unused ones. As > for these, I don't use them in this patchset, but I use them in my > patchsets that will follow up this one. These in particular are > present so that they can be mocked out for testing. Adding indirection and function pointers solely for the purpose of mocking out while testing doesn't sit well with me and I don't think it should be a pattern that's encouraged. Adding extra complexity like this to a design to make it unit-testable doesn't seem like something that makes sense in kernel code. Especially given that indirect calls are more expensive in the age of spectre. Also, mocking these particular functions seems like it's an artifact of how you've designed the try/catch abstraction. If the abstraction was more around an abort-able test runner then it doesn't make sense to need to mock out the abort/fail functions as you will be testing overly generic features of something that don't seem necessary to the implementation. >> >> [snip] >> >>> +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch) >>> +{ >>> + try_catch->run = kunit_generic_run_try_catch; >>> + try_catch->throw = kunit_generic_throw; >>> +} >> >> Same here. There's only one implementation of try_catch and I can't >> really see any sensible justification for another implementation. Even >> if there is, add the indirection when the second implementation is >> added. This isn't C++ and we don't need to make everything a "method". > > These methods are for a UML specific implementation in a follow up > patchset, which is needed for some features like crash recovery, death > tests, and removes dependence on kthreads. > > I know this probably sounds like premature complexity. Arguably it is > in hindsight, but I wrote those features before I pulled out these > interfaces (they were actually both originally in this patchset, but I > dropped them to make this patchset easier to review). I can remove > these methods and add them back in when I actually use them in the > follow up patchsets if you prefer. Yes, remove them now and add them back when you use them in follow-up patches. If reviewers find problems with the follow-up patches or have a better suggestion on how to do what ever it is you are doing, then you just have this unnecessary code and there's wasted developer time and review bandwidth that will need to be spent cleaning it up. Thanks, Logan
On Fri, May 3, 2019 at 5:33 AM Logan Gunthorpe <logang@deltatee.com> wrote: > > > > On 2019-05-03 12:48 a.m., Brendan Higgins wrote: > > On Thu, May 2, 2019 at 8:15 PM Logan Gunthorpe <logang@deltatee.com> wrote: > >> On 2019-05-01 5:01 p.m., Brendan Higgins wrote: > >>> +/* > >>> + * struct kunit_try_catch - provides a generic way to run code which might fail. > >>> + * @context: used to pass user data to the try and catch functions. > >>> + * > >>> + * kunit_try_catch provides a generic, architecture independent way to execute > >>> + * an arbitrary function of type kunit_try_catch_func_t which may bail out by > >>> + * calling kunit_try_catch_throw(). If kunit_try_catch_throw() is called, @try > >>> + * is stopped at the site of invocation and @catch is catch is called. > >> > >> I found some of the C++ comparisons in this series a bit distasteful but > >> wasn't going to say anything until I saw the try catch.... But looking > >> into the implementation it's just a thread that can exit early which > >> seems fine to me. Just a poor choice of name I guess... > > > > Guilty as charged (I have a long history with C++, sorry). Would you > > prefer I changed the name? I just figured that try-catch is a commonly > > understood pattern that describes exactly what I am doing. > > It is a commonly understood pattern, but I don't think it's what the > code is doing. Try-catch cleans up an entire stack and allows each level > of the stack to apply local cleanup. This implementation simply exits a > thread and has none of that complexity. To me, it seems like an odd > abstraction here as it's really just a test runner that can exit early > (though I haven't seen the follow-up UML implementation). Yeah, that is closer to what the UML specific version does, but that's a conversation for another time. > > I would prefer to see this cleaned up such that the abstraction matches > more what's going on but I don't feel that strongly about it so I'll > leave it up to you to figure out what's best unless other reviewers have > stronger opinions. Cool. Let's revisit this with the follow-up patchset. > > >> > >> [snip] > >> > >>> +static void __noreturn kunit_abort(struct kunit *test) > >>> +{ > >>> + kunit_set_death_test(test, true); > >>> + > >>> + kunit_try_catch_throw(&test->try_catch); > >>> + > >>> + /* > >>> + * Throw could not abort from test. > >>> + * > >>> + * XXX: we should never reach this line! As kunit_try_catch_throw is > >>> + * marked __noreturn. > >>> + */ > >>> + WARN_ONCE(true, "Throw could not abort from test!\n"); > >>> +} > >>> + > >>> int kunit_init_test(struct kunit *test, const char *name) > >>> { > >>> spin_lock_init(&test->lock); > >>> @@ -77,6 +103,7 @@ int kunit_init_test(struct kunit *test, const char *name) > >>> test->name = name; > >>> test->vprintk = kunit_vprintk; > >>> test->fail = kunit_fail; > >>> + test->abort = kunit_abort; > >> > >> There are a number of these function pointers which seem to be pointless > >> to me as you only ever set them to one function. Just call the function > >> directly. As it is, it is an unnecessary indirection for someone reading > >> the code. If and when you have multiple implementations of the function > >> then add the pointer. Don't assume you're going to need it later on and > >> add all this maintenance burden if you never use it.. > > > > Ah, yes, Frank (and probably others) previously asked me to remove > > unnecessary method pointers; I removed all the totally unused ones. As > > for these, I don't use them in this patchset, but I use them in my > > patchsets that will follow up this one. These in particular are > > present so that they can be mocked out for testing. > > Adding indirection and function pointers solely for the purpose of > mocking out while testing doesn't sit well with me and I don't think it > should be a pattern that's encouraged. Adding extra complexity like this > to a design to make it unit-testable doesn't seem like something that > makes sense in kernel code. Especially given that indirect calls are > more expensive in the age of spectre. Indirection is a pretty common method to make something mockable or fakeable. Nevertheless, probably an easier discussion to have once we have some examples to discuss. > > Also, mocking these particular functions seems like it's an artifact of > how you've designed the try/catch abstraction. If the abstraction was > more around an abort-able test runner then it doesn't make sense to need > to mock out the abort/fail functions as you will be testing overly > generic features of something that don't seem necessary to the > implementation. > > >> > >> [snip] > >> > >>> +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch) > >>> +{ > >>> + try_catch->run = kunit_generic_run_try_catch; > >>> + try_catch->throw = kunit_generic_throw; > >>> +} > >> > >> Same here. There's only one implementation of try_catch and I can't > >> really see any sensible justification for another implementation. Even > >> if there is, add the indirection when the second implementation is > >> added. This isn't C++ and we don't need to make everything a "method". > > > > These methods are for a UML specific implementation in a follow up > > patchset, which is needed for some features like crash recovery, death > > tests, and removes dependence on kthreads. > > > > I know this probably sounds like premature complexity. Arguably it is > > in hindsight, but I wrote those features before I pulled out these > > interfaces (they were actually both originally in this patchset, but I > > dropped them to make this patchset easier to review). I can remove > > these methods and add them back in when I actually use them in the > > follow up patchsets if you prefer. > > Yes, remove them now and add them back when you use them in follow-up > patches. If reviewers find problems with the follow-up patches or have a > better suggestion on how to do what ever it is you are doing, then you > just have this unnecessary code and there's wasted developer time and > review bandwidth that will need to be spent cleaning it up. Fair enough. Next patchset will have the remaining unused indirection you pointed out removed. Thanks!
diff --git a/include/kunit/test.h b/include/kunit/test.h index e441270561ece..1b77caeb5d51f 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -12,6 +12,7 @@ #include <linux/types.h> #include <linux/slab.h> #include <kunit/kunit-stream.h> +#include <kunit/try-catch.h> struct kunit_resource; @@ -166,15 +167,27 @@ struct kunit { /* private: internal use only. */ const char *name; /* Read only after initialization! */ + struct kunit_try_catch try_catch; spinlock_t lock; /* Gaurds all mutable test state. */ bool success; /* Protected by lock. */ + bool death_test; /* Protected by lock. */ struct list_head resources; /* Protected by lock. */ void (*vprintk)(const struct kunit *test, const char *level, struct va_format *vaf); void (*fail)(struct kunit *test, struct kunit_stream *stream); + void (*abort)(struct kunit *test); }; +static inline void kunit_set_death_test(struct kunit *test, bool death_test) +{ + unsigned long flags; + + spin_lock_irqsave(&test->lock, flags); + test->death_test = death_test; + spin_unlock_irqrestore(&test->lock, flags); +} + int kunit_init_test(struct kunit *test, const char *name); int kunit_run_tests(struct kunit_module *module); diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h new file mode 100644 index 0000000000000..e85abe044b6b5 --- /dev/null +++ b/include/kunit/try-catch.h @@ -0,0 +1,91 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * An API to allow a function, that may fail, to be executed, and recover in a + * controlled manner. + * + * Copyright (C) 2019, Google LLC. + * Author: Brendan Higgins <brendanhiggins@google.com> + */ + +#ifndef _KUNIT_TRY_CATCH_H +#define _KUNIT_TRY_CATCH_H + +#include <linux/types.h> + +typedef void (*kunit_try_catch_func_t)(void *); + +struct kunit; + +/* + * struct kunit_try_catch - provides a generic way to run code which might fail. + * @context: used to pass user data to the try and catch functions. + * + * kunit_try_catch provides a generic, architecture independent way to execute + * an arbitrary function of type kunit_try_catch_func_t which may bail out by + * calling kunit_try_catch_throw(). If kunit_try_catch_throw() is called, @try + * is stopped at the site of invocation and @catch is catch is called. + * + * struct kunit_try_catch provides a generic interface for the functionality + * needed to implement kunit->abort() which in turn is needed for implementing + * assertions. Assertions allow stating a precondition for a test simplifying + * how test cases are written and presented. + * + * Assertions are like expectations, except they abort (call + * kunit_try_catch_throw()) when the specified condition is not met. This is + * useful when you look at a test case as a logical statement about some piece + * of code, where assertions are the premises for the test case, and the + * conclusion is a set of predicates, rather expectations, that must all be + * true. If your premises are violated, it does not makes sense to continue. + */ +struct kunit_try_catch { + /* private: internal use only. */ + void (*run)(struct kunit_try_catch *try_catch); + void __noreturn (*throw)(struct kunit_try_catch *try_catch); + struct kunit *test; + struct completion *try_completion; + int try_result; + kunit_try_catch_func_t try; + kunit_try_catch_func_t catch; + void *context; +}; + +/* + * Exposed to be overridden for other architectures. + */ +void kunit_try_catch_init_internal(struct kunit_try_catch *try_catch); + +static inline void kunit_try_catch_init(struct kunit_try_catch *try_catch, + struct kunit *test, + kunit_try_catch_func_t try, + kunit_try_catch_func_t catch) +{ + try_catch->test = test; + kunit_try_catch_init_internal(try_catch); + try_catch->try = try; + try_catch->catch = catch; +} + +static inline void kunit_try_catch_run(struct kunit_try_catch *try_catch, + void *context) +{ + try_catch->context = context; + try_catch->run(try_catch); +} + +static inline void __noreturn kunit_try_catch_throw( + struct kunit_try_catch *try_catch) +{ + try_catch->throw(try_catch); +} + +static inline int kunit_try_catch_get_result(struct kunit_try_catch *try_catch) +{ + return try_catch->try_result; +} + +/* + * Exposed for testing only. + */ +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch); + +#endif /* _KUNIT_TRY_CATCH_H */ diff --git a/kunit/Makefile b/kunit/Makefile index 60a9ea6cb4697..1f7680cfa11ad 100644 --- a/kunit/Makefile +++ b/kunit/Makefile @@ -1,6 +1,7 @@ obj-$(CONFIG_KUNIT) += test.o \ string-stream.o \ - kunit-stream.o + kunit-stream.o \ + try-catch.o obj-$(CONFIG_KUNIT_TEST) += string-stream-test.o diff --git a/kunit/test.c b/kunit/test.c index 01e82c18b2fa6..5eace2a527a4e 100644 --- a/kunit/test.c +++ b/kunit/test.c @@ -6,10 +6,9 @@ * Author: Brendan Higgins <brendanhiggins@google.com> */ -#include <linux/sched.h> #include <linux/sched/debug.h> -#include <os.h> #include <kunit/test.h> +#include <kunit/try-catch.h> static bool kunit_get_success(struct kunit *test) { @@ -32,6 +31,18 @@ static void kunit_set_success(struct kunit *test, bool success) spin_unlock_irqrestore(&test->lock, flags); } +static bool kunit_get_death_test(struct kunit *test) +{ + unsigned long flags; + bool death_test; + + spin_lock_irqsave(&test->lock, flags); + death_test = test->death_test; + spin_unlock_irqrestore(&test->lock, flags); + + return death_test; +} + static int kunit_vprintk_emit(const struct kunit *test, int level, const char *fmt, @@ -70,6 +81,21 @@ static void kunit_fail(struct kunit *test, struct kunit_stream *stream) kunit_stream_commit(stream); } +static void __noreturn kunit_abort(struct kunit *test) +{ + kunit_set_death_test(test, true); + + kunit_try_catch_throw(&test->try_catch); + + /* + * Throw could not abort from test. + * + * XXX: we should never reach this line! As kunit_try_catch_throw is + * marked __noreturn. + */ + WARN_ONCE(true, "Throw could not abort from test!\n"); +} + int kunit_init_test(struct kunit *test, const char *name) { spin_lock_init(&test->lock); @@ -77,6 +103,7 @@ int kunit_init_test(struct kunit *test, const char *name) test->name = name; test->vprintk = kunit_vprintk; test->fail = kunit_fail; + test->abort = kunit_abort; return 0; } @@ -122,16 +149,111 @@ static void kunit_run_case_cleanup(struct kunit *test, } /* - * Performs all logic to run a test case. + * Handles an unexpected crash in a test case. */ -static bool kunit_run_case(struct kunit *test, - struct kunit_module *module, - struct kunit_case *test_case) +static void kunit_handle_test_crash(struct kunit *test, + struct kunit_module *module, + struct kunit_case *test_case) { - kunit_set_success(test, true); + kunit_err(test, "%s crashed", test_case->name); + /* + * TODO(brendanhiggins@google.com): This prints the stack trace up + * through this frame, not up to the frame that caused the crash. + */ + show_stack(NULL, NULL); + + kunit_case_internal_cleanup(test); +} +struct kunit_try_catch_context { + struct kunit *test; + struct kunit_module *module; + struct kunit_case *test_case; +}; + +static void kunit_try_run_case(void *data) +{ + struct kunit_try_catch_context *ctx = data; + struct kunit *test = ctx->test; + struct kunit_module *module = ctx->module; + struct kunit_case *test_case = ctx->test_case; + + /* + * kunit_run_case_internal may encounter a fatal error; if it does, + * abort will be called, this thread will exit, and finally the parent + * thread will resume control and handle any necessary clean up. + */ kunit_run_case_internal(test, module, test_case); + /* This line may never be reached. */ kunit_run_case_cleanup(test, module, test_case); +} + +static void kunit_catch_run_case(void *data) +{ + struct kunit_try_catch_context *ctx = data; + struct kunit *test = ctx->test; + struct kunit_module *module = ctx->module; + struct kunit_case *test_case = ctx->test_case; + int try_exit_code = kunit_try_catch_get_result(&test->try_catch); + + if (try_exit_code) { + kunit_set_success(test, false); + /* + * Test case could not finish, we have no idea what state it is + * in, so don't do clean up. + */ + if (try_exit_code == -ETIMEDOUT) + kunit_err(test, "test case timed out\n"); + /* + * Unknown internal error occurred preventing test case from + * running, so there is nothing to clean up. + */ + else + kunit_err(test, "internal error occurred preventing test case from running: %d\n", + try_exit_code); + return; + } + + if (kunit_get_death_test(test)) { + /* + * EXPECTED DEATH: kunit_run_case_internal encountered + * anticipated fatal error. Everything should be in a safe + * state. + */ + kunit_run_case_cleanup(test, module, test_case); + } else { + /* + * UNEXPECTED DEATH: kunit_run_case_internal encountered an + * unanticipated fatal error. We have no idea what the state of + * the test case is in. + */ + kunit_handle_test_crash(test, module, test_case); + kunit_set_success(test, false); + } +} + +/* + * Performs all logic to run a test case. It also catches most errors that + * occurs in a test case and reports them as failures. + */ +static bool kunit_run_case_catch_errors(struct kunit *test, + struct kunit_module *module, + struct kunit_case *test_case) +{ + struct kunit_try_catch *try_catch = &test->try_catch; + struct kunit_try_catch_context context; + + kunit_set_success(test, true); + kunit_set_death_test(test, false); + + kunit_try_catch_init(try_catch, + test, + kunit_try_run_case, + kunit_catch_run_case); + context.test = test; + context.module = module; + context.test_case = test_case; + kunit_try_catch_run(try_catch, &context); return kunit_get_success(test); } @@ -148,7 +270,7 @@ int kunit_run_tests(struct kunit_module *module) return ret; for (test_case = module->test_cases; test_case->run_case; test_case++) { - success = kunit_run_case(&test, module, test_case); + success = kunit_run_case_catch_errors(&test, module, test_case); if (!success) all_passed = false; diff --git a/kunit/try-catch.c b/kunit/try-catch.c new file mode 100644 index 0000000000000..c4cdb30880714 --- /dev/null +++ b/kunit/try-catch.c @@ -0,0 +1,96 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * An API to allow a function, that may fail, to be executed, and recover in a + * controlled manner. + * + * Copyright (C) 2019, Google LLC. + * Author: Brendan Higgins <brendanhiggins@google.com> + */ + +#include <kunit/try-catch.h> +#include <kunit/test.h> +#include <linux/completion.h> +#include <linux/kthread.h> + +static void __noreturn kunit_generic_throw(struct kunit_try_catch *try_catch) +{ + try_catch->try_result = -EFAULT; + complete_and_exit(try_catch->try_completion, -EFAULT); +} + +static int kunit_generic_run_threadfn_adapter(void *data) +{ + struct kunit_try_catch *try_catch = data; + + try_catch->try(try_catch->context); + + complete_and_exit(try_catch->try_completion, 0); +} + +static void kunit_generic_run_try_catch(struct kunit_try_catch *try_catch) +{ + DECLARE_COMPLETION_ONSTACK(try_completion); + struct kunit *test = try_catch->test; + struct task_struct *task_struct; + int exit_code, status; + + try_catch->try_completion = &try_completion; + try_catch->try_result = 0; + task_struct = kthread_run(kunit_generic_run_threadfn_adapter, + try_catch, + "kunit_try_catch_thread"); + if (IS_ERR(task_struct)) { + try_catch->catch(try_catch->context); + return; + } + + /* + * TODO(brendanhiggins@google.com): We should probably have some type of + * variable timeout here. The only question is what that timeout value + * should be. + * + * The intention has always been, at some point, to be able to label + * tests with some type of size bucket (unit/small, integration/medium, + * large/system/end-to-end, etc), where each size bucket would get a + * default timeout value kind of like what Bazel does: + * https://docs.bazel.build/versions/master/be/common-definitions.html#test.size + * There is still some debate to be had on exactly how we do this. (For + * one, we probably want to have some sort of test runner level + * timeout.) + * + * For more background on this topic, see: + * https://mike-bland.com/2011/11/01/small-medium-large.html + */ + status = wait_for_completion_timeout(&try_completion, + 300 * MSEC_PER_SEC); /* 5 min */ + if (status < 0) { + kunit_err(test, "try timed out\n"); + try_catch->try_result = -ETIMEDOUT; + } + + exit_code = try_catch->try_result; + + if (!exit_code) + return; + + if (exit_code == -EFAULT) + try_catch->try_result = 0; + else if (exit_code == -EINTR) + kunit_err(test, "wake_up_process() was never called\n"); + else if (exit_code) + kunit_err(test, "Unknown error: %d\n", exit_code); + + try_catch->catch(try_catch->context); +} + +void kunit_generic_try_catch_init(struct kunit_try_catch *try_catch) +{ + try_catch->run = kunit_generic_run_try_catch; + try_catch->throw = kunit_generic_throw; +} + +void __weak kunit_try_catch_init_internal(struct kunit_try_catch *try_catch) +{ + kunit_generic_try_catch_init(try_catch); +} +
Add support for aborting/bailing out of test cases, which is needed for implementing assertions. An assertion is like an expectation, but bails out of the test case early if the assertion is not met. The idea with assertions is that you use them to state all the preconditions for your test. Logically speaking, these are the premises of the test case, so if a premise isn't true, there is no point in continuing the test case because there are no conclusions that can be drawn without the premises. Whereas, the expectation is the thing you are trying to prove. Signed-off-by: Brendan Higgins <brendanhiggins@google.com> --- include/kunit/test.h | 13 ++++ include/kunit/try-catch.h | 91 +++++++++++++++++++++++++ kunit/Makefile | 3 +- kunit/test.c | 138 +++++++++++++++++++++++++++++++++++--- kunit/try-catch.c | 96 ++++++++++++++++++++++++++ 5 files changed, 332 insertions(+), 9 deletions(-) create mode 100644 include/kunit/try-catch.h create mode 100644 kunit/try-catch.c