Fault injection

From Wikipedia, the free encyclopedia

In software testing, fault injection is a technique for improving the coverage of a test by randomly introducing failures, or faults, at a lower architectural layer than the software being tested, in order to test error handling code paths that might otherwise rarely be followed. It is often used with stress testing, and along with stress testing is widely considered to be an important part of developing robust software.

In the testing of operating systems for example, fault injection is often performed by a driver (kernel-mode software) that intercepts system calls (calls into the kernel) and randomly returning a failure for some of the calls. This type of fault injection is useful for testing low level user mode software. For higher level software, various methods are used to inject faults. In managed code, it is common to use instrumentation.

Depending on the complexity of the API for the level where faults are injected, fault injection tests often must be carefully designed to minimize the number of false positives. Even a well designed fault injection test can sometimes produce situations that are impossible in the normal operation of the software. For example, imagine there are two API functions, Commit and PrepareForCommit, such that alone, each of these functions can possibly fail, but if PrepareForCommit is called and succeeds, a subsequent call to Commit is guaranteed to succeed. Now consider the following code:

error = PrepareForCommit();
if (error == SUCCESS)
{
    error = Commit();
    assert(error == SUCCESS);
}

Often, it will be infeasible for the fault injection implementation to keep track of enough state to make the guarantee that the API functions make. In this example, a fault injection test of the above code might hit the assert, whereas this would never happen in normal operation.