Information Technology Reference
In-Depth Information
Figure 7. The reduction in system crashes observed using Nooks.
reliability
3.
Linux-SD includes Nooks, the shadow driver
recovery manager, and the three shadow
drivers.
The primary goal of Nooks and shadow drivers
is to improve the reliability of an operating sys-
tem and applications. This section evaluates the
ability of Nooks and shadow drivers to tolerate
driver failures. In the experiments reported below,
Nooks is used to isolate three classes of device
drivers: network, sound card, and IDE storage
drivers. Reliability and performance results for
five representatives of the three driver classes are
presented: sb (SoundBlaster 16 sound card), au-
digy (SoundBlaster Audigy sound card), pcnet32
(AMD PCnet32 10/100 Ethernet card), e1000
(Intel Pro/1000 Gigabit Ethernet card), and ide-
disk (IDE disk driver).
Three platforms are used to evaluate Nooks
and shadow drivers, all based on the Linux 2.4.18
kernel:
Nooks was tested with synthetic fault injec-
tion to insert artificial faults into drivers. The
fault injector automatically changes single
instructions in driver code to emulate a vari-
ety of common programming errors, such as
uninitialized local variables, bad parameters,
and inverted test conditions. The output of the
fault injection tests is a metric of coverage ,
not reliability. The tests measure the fraction
of faults (failure causes) that can be detected
and isolated, not the fraction of existing failures
that can be tolerated.
System Survival
This section evaluates Nooks' ability to isolate the
kernel from driver failure. The goal of these tests
is to measure the survival rate of the operating
system. The application-level workload consists
of programs that stress the sound-card driver,
the network driver, and the storage driver. The
first program plays a short MP3 file. The second
performs a series of ICMP-ping and TCP stream-
1.
Linux-Native is the unmodified Linux
kernel.
2.
Linux-Nooks is a version of Linux-Native that
includes the Nooks fault isolation subsystem
and the restart recovery manager. When a
driver fails, this system restarts the driver
but does not attempt to conceal its failure.
Search WWH ::




Custom Search