[CRIU] [PATCH v3 00/55] Nested pid namespaces support

Andrey Vagin avagin at virtuozzo.com
Fri Apr 14 17:44:23 PDT 2017


On Fri, Apr 14, 2017 at 11:26:05AM +0300, Kirill Tkhai wrote:
> 
> On 14.04.2017 03:33, Andrey Vagin wrote:
> > On Thu, Apr 13, 2017 at 01:40:51PM -0700, Kirill Tkhai wrote:
> >> I mean --sbs and to look from parallel console on processes states before dump
> > 
> > ======================== Run zdtm/static/pidns00 in ns =========================
> > make[1]: Nothing to be done for 'default'.
> > Start test
> > Test is SUID
> > make[1]: Nothing to be done for 'default'.
> > ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > Pause at pre-dump. Press any key to continue.
> > [1]+  Stopped                 python test/zdtm.py run -t zdtm/static/pidns00 --sbs
> > [root at fc24 criu]# ps axf | grep pidns
> > 11148 pts/1    T      0:00              \_ python test/zdtm.py run -t zdtm/static/pidns00 --sbs
> > 11188 ?        Ss     0:00              |           \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11191 ?        Ss     0:00              |               \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11192 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11194 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11193 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11196 ?        Z      0:00              |                   |   \_ [pidns00] <defunct>
> 
> As I was thinking, there is a zombie. It's need a couple of patches to support them too,
> I'm going to do that in next series.
>

So here is a next round:

diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
index e3ed74b..b4c168c 100644
--- a/test/zdtm/static/pidns00.c
+++ b/test/zdtm/static/pidns00.c
@@ -54,6 +54,13 @@ futex_t *futex;
 
 int child(void)
 {
+       int fd = open("/proc/self/ns/pid", O_RDONLY), i;
+       for (i = 0; i < 3; i++) {
+               unshare(CLONE_NEWPID);
+               if (syscall(__NR_fork))
+                       setns(fd, CLONE_NEWPID);
+       }
+       close(fd);
        futex_wait_while_lt(futex, 1);
        return 0;
 }

======================== Run zdtm/static/pidns00 in ns =========================
make[1]: Nothing to be done for 'default'.
Start test
Test is SUID
make[1]: Nothing to be done for 'default'.
./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
Pause at pre-dump. Press any key to continue.^Z
[1]+  Stopped                 python test/zdtm.py run -t zdtm/static/pidns00 --sbs
[root at fc24 criu]# ps axf | grep pidns00
  684 pts/0    T      0:00  |           \_ vim test/zdtm/static/pidns00.c
 1883 pts/1    T      0:00              \_ python test/zdtm.py run -t zdtm/static/pidns00 --sbs
 1923 ?        Ss     0:00              |           \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1926 ?        Ss     0:00              |               \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1927 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1929 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1932 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1950 ?        S      0:00              |                   |   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1935 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1931 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1943 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1934 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1928 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1937 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1947 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1949 ?        S      0:00              |                   |   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1948 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1940 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1945 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1944 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1930 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1933 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1936 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1942 ?        S      0:00              |                       |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1939 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1938 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1946 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1941 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
 1952 pts/1    S+     0:00              \_ grep --color=auto pidns00


Run criu dump
Pause at pre-restore. Press any key to continue.
Run criu restore
< hangs-s-s-s-s-s-s-s-s >

I really think that you have to improve this test and one more complex test.
In ideal case it should be something like ./test/exhaustive/unix.py


> Another question is that why is zombie there, which is strange, because it's not connected
> with criu.
> 
> > 11195 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11197 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> > 11205 pts/1    S+     0:00              \_ grep --color=auto pidns
> > 
> > Run criu dump
> > Pause at pre-restore. Press any key to continue.
> > Run criu restore
> > 
> > 
> >> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
> >> От: Andrey Vagin
> >> Отправлено: 13 апреля 2017 г. 23:28:42
> >> Кому: Kirill Tkhai
> >> Копия: criu at openvz.org; Pavel Tikhomirov; Pavel Emelianov
> >> Тема: Re: [PATCH v3 00/55] Nested pid namespaces support
> >>  
> >> On Thu, Apr 13, 2017 at 12:06:59PM +0300, Kirill Tkhai wrote:
> >>> On 13.04.2017 02:39, Andrei Vagin wrote:
> >>>> On Tue, Apr 11, 2017 at 03:10:27PM +0300, Kirill Tkhai wrote:
> >>>>> On 11.04.2017 07:26, Andrei Vagin wrote:
> >>>>>> [root at fc24 criu]# python test/zdtm.py run -t zdtm/static/pidns00 --iter 1
> >>>>>> Checking feature ns_pid
> >>>>>> === Run 1/1 ================ zdtm/static/pidns00
> >>>>>>
> >>>>>> ======================== Run zdtm/static/pidns00 in ns ==================
> >> =======
> >>>>>> make[1]: Nothing to be done for 'default'.
> >>>>>> Start test
> >>>>>> Test is SUID
> >>>>>> make[1]: Nothing to be done for 'default'.
> >>>>>> ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> >>>>>> Run criu dump
> >>>>>> Run criu restore
> >>>>>> ################ Test zdtm/static/pidns00 FAIL at CRIU restore ##########
> >> #######
> >>>>>> ##################################### FAIL ##############################
> >> #######
> >>>>>> [root at fc24 criu]# dmesg -c
> >>>>>> [439441.751893] traps: pidns00[27458] general protection ip:7f9b3183d642
> >> sp:7ffc2d9587c0 error:0
> >>>>>> [439441.751900]  in libc.so.6[7f9b31806000+1bd000]
> >>>>>> [439441.768416] systemd-journald[13102]: Successfully sent stream file
> >> descriptor to service manager.
> >>>>>> [439441.886503] systemd-journald[13102]: Compressed data object 1176 ->
> >> 652 using LZ4
> >>>>>> [439441.887834] systemd-journald[13102]: Compressed data object 1658 ->
> >> 653 using LZ4
> >>>>>> [439441.889093] systemd-journald[13102]: Compressed data object 3128 ->
> >> 1774 using LZ4
> >>>>>> [439442.037519] criu[27482]: segfault at 12 ip 000000000047e4d3 sp
> >> 00007ffc190820a8 error 4 in criu[400000+117000]
> >>>>>> [439442.058973] systemd-journald[13102]: Successfully sent stream file
> >> descriptor to service manager.
> >>>>>> [439442.211795] systemd-journald[13102]: Compressed data object 1150 ->
> >> 665 using LZ4
> >>>>>> [439442.213101] systemd-journald[13102]: Compressed data object 5493 ->
> >> 1619 using LZ4
> >>>>>> [root at fc24 criu]#
> >>>>>> [root at fc24 criu]# git diff
> >>>>>> diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
> >>>>>> index e3ed74b..e86d488 100644
> >>>>>> --- a/test/zdtm/static/pidns00.c
> >>>>>> +++ b/test/zdtm/static/pidns00.c
> >>>>>> @@ -54,6 +54,11 @@ futex_t *futex;
> >>>>>>
> >>>>>>  int child(void)
> >>>>>>  {
> >>>>>> +       int fd = open("/proc/self/ns/pid", O_RDONLY);
> >>>>>> +       unshare(CLONE_NEWPID);
> >>>>>> +       if (fork())
> >>>>>> +               setns(fd, CLONE_NEWPID);
> >>>>>> +       close(fd);
> >>>>>>         futex_wait_while_lt(futex, 1);
> >>>>>>         return 0;
> >>>>>>  }
> >>>>>
> >>>>> The below fixes the issue. Thanks for finding this!
> >>>>>
> >>>>> diff --git a/criu/pstree.c b/criu/pstree.c
> >>>>> index b2703dd01..d032957ae 100644
> >>>>> --- a/criu/pstree.c
> >>>>> +++ b/criu/pstree.c
> >>>>> @@ -844,7 +844,7 @@ int get_free_pid(struct ns_id *ns)
> >>>>>             node = rb_next(&prev->ns[level].node);
> >>>>>             if (node == NULL)
> >>>>>                     return pid;
> >>>>> -          next = rb_entry(node, struct pid, ns[0].node);
> >>>>> +          next = rb_entry(node, struct pid, ns[level].node);
> >>>>
> >>>> Now criu restore hangs
> >>>>
> >>>>  8270 pts/0    T      0:00              \_ python test/zdtm.py run -t zdtm/
> >> static/pidns00
> >>>>  8281 pts/0    T      0:00              |   \_ ./zdtm_ct zdtm.py
> >>>>  8282 pts/0    S      0:00              |       \_ python2 zdtm.py
> >>>>  8284 pts/0    T      0:00              |           \_ python2 zdtm.py
> >>>>  8343 pts/0    S      0:00              |               \_ ../criu/criu
> >> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
> >> /criu/test/zdtm/static/pidns00.pid --ro
> >>>>  8348 pts/0    S      0:00              |                   \_ ../criu/criu
> >> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
> >> /criu/test/zdtm/static/pidns00.pid
> >>>>  8361 pts/0    S      0:00              |                   |   \_ ../criu/
> >> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
> >> root/git/criu/test/zdtm/static/pidns00.
> >>>>  8367 pts/0    S      0:00              |                   |   \_ ../criu/
> >> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
> >> root/git/criu/test/zdtm/static/pidns00.
> >>>>  8369 pts/0    S      0:00              |                   |   \_ ../criu/
> >> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
> >> root/git/criu/test/zdtm/static/pidns00.
> >>>>  8370 pts/0    S      0:00              |                   |   \_ ../criu/
> >> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
> >> root/git/criu/test/zdtm/static/pidns00.
> >>>>  8349 pts/0    S      0:00              |                   \_ ../criu/criu
> >> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
> >> /criu/test/zdtm/static/pidns00.pid
> >>>>  8362 pts/0    S      0:00              |                       \_ ../criu/
> >> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
> >> root/git/criu/test/zdtm/static/pidns00.
> >>>>  8363 pts/0    S      0:00              |                           \_ ../
> >> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
> >> /root/git/criu/test/zdtm/static/pidn
> >>>>  8366 pts/0    S      0:00              |                           |   \_
> >> ../criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4
> >> --pidfile /root/git/criu/test/zdtm/static/
> >>>>  8364 pts/0    S      0:00              |                           \_ ../
> >> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
> >> /root/git/criu/test/zdtm/static/pidn
> >>>>  8365 pts/0    S      0:00              |                           \_ ../
> >> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
> >> /root/git/criu/test/zdtm/static/pidn
> >>>>  8368 pts/0    S      0:00              |                               \_
> >> ../criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4
> >> --pidfile /root/git/criu/test/zdtm/static/
> >>>>  8371 pts/0    R+     0:00              \_ ps axf
> >>>
> >>> Could you start the test with --sbs? I suppose, zombies are there for some
> >> reasons, and they are not appropriate dumped.
> >>
> >> --sbs doesn't help, I tried to wait a few seconds between each step.
> >>
> >> I run pidns00 with the next patch:
> >> diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
> >> index e3ed74b..e86d488 100644
> >> --- a/test/zdtm/static/pidns00.c
> >> +++ b/test/zdtm/static/pidns00.c
> >> @@ -54,6 +54,11 @@ futex_t *futex;
> >>  
> >>  int child(void)
> >>  {
> >> +       int fd = open("/proc/self/ns/pid", O_RDONLY);
> >> +       unshare(CLONE_NEWPID);
> >> +       if (fork())
> >> +               setns(fd, CLONE_NEWPID);
> >> +       close(fd);
> >>         futex_wait_while_lt(futex, 1);
> >>         return 0;
> >>  }
> >>


More information about the CRIU mailing list