[CRIU] [PATCH v3 00/55] Nested pid namespaces support

Kirill Tkhai ktkhai at virtuozzo.com
Sat Apr 15 04:49:59 PDT 2017


On 15.04.2017 03:44, Andrey Vagin wrote:
> On Fri, Apr 14, 2017 at 11:26:05AM +0300, Kirill Tkhai wrote:
>>
>> On 14.04.2017 03:33, Andrey Vagin wrote:
>>> On Thu, Apr 13, 2017 at 01:40:51PM -0700, Kirill Tkhai wrote:
>>>> I mean --sbs and to look from parallel console on processes states before dump
>>>
>>> ======================== Run zdtm/static/pidns00 in ns =========================
>>> make[1]: Nothing to be done for 'default'.
>>> Start test
>>> Test is SUID
>>> make[1]: Nothing to be done for 'default'.
>>> ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> Pause at pre-dump. Press any key to continue.
>>> [1]+  Stopped                 python test/zdtm.py run -t zdtm/static/pidns00 --sbs
>>> [root at fc24 criu]# ps axf | grep pidns
>>> 11148 pts/1    T      0:00              \_ python test/zdtm.py run -t zdtm/static/pidns00 --sbs
>>> 11188 ?        Ss     0:00              |           \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11191 ?        Ss     0:00              |               \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11192 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11194 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11193 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11196 ?        Z      0:00              |                   |   \_ [pidns00] <defunct>
>>
>> As I was thinking, there is a zombie. It's need a couple of patches to support them too,
>> I'm going to do that in next series.
>>
> 
> So here is a next round:
> 
> diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
> index e3ed74b..b4c168c 100644
> --- a/test/zdtm/static/pidns00.c
> +++ b/test/zdtm/static/pidns00.c
> @@ -54,6 +54,13 @@ futex_t *futex;
>  
>  int child(void)
>  {
> +       int fd = open("/proc/self/ns/pid", O_RDONLY), i;
> +       for (i = 0; i < 3; i++) {
> +               unshare(CLONE_NEWPID);
> +               if (syscall(__NR_fork))
> +                       setns(fd, CLONE_NEWPID);
> +       }
> +       close(fd);
>         futex_wait_while_lt(futex, 1);
>         return 0;
>  }
> 
> ======================== Run zdtm/static/pidns00 in ns =========================
> make[1]: Nothing to be done for 'default'.
> Start test
> Test is SUID
> make[1]: Nothing to be done for 'default'.
> ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
> Pause at pre-dump. Press any key to continue.^Z
> [1]+  Stopped                 python test/zdtm.py run -t zdtm/static/pidns00 --sbs
> [root at fc24 criu]# ps axf | grep pidns00
>   684 pts/0    T      0:00  |           \_ vim test/zdtm/static/pidns00.c
>  1883 pts/1    T      0:00              \_ python test/zdtm.py run -t zdtm/static/pidns00 --sbs
>  1923 ?        Ss     0:00              |           \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1926 ?        Ss     0:00              |               \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1927 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1929 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1932 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1950 ?        S      0:00              |                   |   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1935 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1931 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1943 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1934 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1928 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1937 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1947 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1949 ?        S      0:00              |                   |   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1948 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1940 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1945 ?        S      0:00              |                   |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1944 ?        S      0:00              |                   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1930 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1933 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1936 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1942 ?        S      0:00              |                       |   |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1939 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1938 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1946 ?        S      0:00              |                       |   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1941 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>  1952 pts/1    S+     0:00              \_ grep --color=auto pidns00
> 
> 
> Run criu dump
> Pause at pre-restore. Press any key to continue.
> Run criu restore
> < hangs-s-s-s-s-s-s-s-s >

The modified test hangs because of there are two children of one parent having the same pid namespace,
and the child_reaper goes the second in parent's children.

This patchset does not build or sort task tree, because all of this will be thrown out after child
reaper functionality will be implemented. I asked Pavel if he need something about this. He doesn't need.
 
> I really think that you have to improve this test and one more complex test.
> In ideal case it should be something like ./test/exhaustive/unix.py

It's not possible at the moment, because of above.

>> Another question is that why is zombie there, which is strange, because it's not connected
>> with criu.
>>
>>> 11195 ?        S      0:00              |                   \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11197 ?        S      0:00              |                       \_ ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>> 11205 pts/1    S+     0:00              \_ grep --color=auto pidns
>>>
>>> Run criu dump
>>> Pause at pre-restore. Press any key to continue.
>>> Run criu restore
>>>
>>>
>>>> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
>>>> От: Andrey Vagin
>>>> Отправлено: 13 апреля 2017 г. 23:28:42
>>>> Кому: Kirill Tkhai
>>>> Копия: criu at openvz.org; Pavel Tikhomirov; Pavel Emelianov
>>>> Тема: Re: [PATCH v3 00/55] Nested pid namespaces support
>>>>  
>>>> On Thu, Apr 13, 2017 at 12:06:59PM +0300, Kirill Tkhai wrote:
>>>>> On 13.04.2017 02:39, Andrei Vagin wrote:
>>>>>> On Tue, Apr 11, 2017 at 03:10:27PM +0300, Kirill Tkhai wrote:
>>>>>>> On 11.04.2017 07:26, Andrei Vagin wrote:
>>>>>>>> [root at fc24 criu]# python test/zdtm.py run -t zdtm/static/pidns00 --iter 1
>>>>>>>> Checking feature ns_pid
>>>>>>>> === Run 1/1 ================ zdtm/static/pidns00
>>>>>>>>
>>>>>>>> ======================== Run zdtm/static/pidns00 in ns ==================
>>>> =======
>>>>>>>> make[1]: Nothing to be done for 'default'.
>>>>>>>> Start test
>>>>>>>> Test is SUID
>>>>>>>> make[1]: Nothing to be done for 'default'.
>>>>>>>> ./pidns00 --pidfile=pidns00.pid --outfile=pidns00.out
>>>>>>>> Run criu dump
>>>>>>>> Run criu restore
>>>>>>>> ################ Test zdtm/static/pidns00 FAIL at CRIU restore ##########
>>>> #######
>>>>>>>> ##################################### FAIL ##############################
>>>> #######
>>>>>>>> [root at fc24 criu]# dmesg -c
>>>>>>>> [439441.751893] traps: pidns00[27458] general protection ip:7f9b3183d642
>>>> sp:7ffc2d9587c0 error:0
>>>>>>>> [439441.751900]  in libc.so.6[7f9b31806000+1bd000]
>>>>>>>> [439441.768416] systemd-journald[13102]: Successfully sent stream file
>>>> descriptor to service manager.
>>>>>>>> [439441.886503] systemd-journald[13102]: Compressed data object 1176 ->
>>>> 652 using LZ4
>>>>>>>> [439441.887834] systemd-journald[13102]: Compressed data object 1658 ->
>>>> 653 using LZ4
>>>>>>>> [439441.889093] systemd-journald[13102]: Compressed data object 3128 ->
>>>> 1774 using LZ4
>>>>>>>> [439442.037519] criu[27482]: segfault at 12 ip 000000000047e4d3 sp
>>>> 00007ffc190820a8 error 4 in criu[400000+117000]
>>>>>>>> [439442.058973] systemd-journald[13102]: Successfully sent stream file
>>>> descriptor to service manager.
>>>>>>>> [439442.211795] systemd-journald[13102]: Compressed data object 1150 ->
>>>> 665 using LZ4
>>>>>>>> [439442.213101] systemd-journald[13102]: Compressed data object 5493 ->
>>>> 1619 using LZ4
>>>>>>>> [root at fc24 criu]#
>>>>>>>> [root at fc24 criu]# git diff
>>>>>>>> diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
>>>>>>>> index e3ed74b..e86d488 100644
>>>>>>>> --- a/test/zdtm/static/pidns00.c
>>>>>>>> +++ b/test/zdtm/static/pidns00.c
>>>>>>>> @@ -54,6 +54,11 @@ futex_t *futex;
>>>>>>>>
>>>>>>>>  int child(void)
>>>>>>>>  {
>>>>>>>> +       int fd = open("/proc/self/ns/pid", O_RDONLY);
>>>>>>>> +       unshare(CLONE_NEWPID);
>>>>>>>> +       if (fork())
>>>>>>>> +               setns(fd, CLONE_NEWPID);
>>>>>>>> +       close(fd);
>>>>>>>>         futex_wait_while_lt(futex, 1);
>>>>>>>>         return 0;
>>>>>>>>  }
>>>>>>>
>>>>>>> The below fixes the issue. Thanks for finding this!
>>>>>>>
>>>>>>> diff --git a/criu/pstree.c b/criu/pstree.c
>>>>>>> index b2703dd01..d032957ae 100644
>>>>>>> --- a/criu/pstree.c
>>>>>>> +++ b/criu/pstree.c
>>>>>>> @@ -844,7 +844,7 @@ int get_free_pid(struct ns_id *ns)
>>>>>>>             node = rb_next(&prev->ns[level].node);
>>>>>>>             if (node == NULL)
>>>>>>>                     return pid;
>>>>>>> -          next = rb_entry(node, struct pid, ns[0].node);
>>>>>>> +          next = rb_entry(node, struct pid, ns[level].node);
>>>>>>
>>>>>> Now criu restore hangs
>>>>>>
>>>>>>  8270 pts/0    T      0:00              \_ python test/zdtm.py run -t zdtm/
>>>> static/pidns00
>>>>>>  8281 pts/0    T      0:00              |   \_ ./zdtm_ct zdtm.py
>>>>>>  8282 pts/0    S      0:00              |       \_ python2 zdtm.py
>>>>>>  8284 pts/0    T      0:00              |           \_ python2 zdtm.py
>>>>>>  8343 pts/0    S      0:00              |               \_ ../criu/criu
>>>> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
>>>> /criu/test/zdtm/static/pidns00.pid --ro
>>>>>>  8348 pts/0    S      0:00              |                   \_ ../criu/criu
>>>> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
>>>> /criu/test/zdtm/static/pidns00.pid
>>>>>>  8361 pts/0    S      0:00              |                   |   \_ ../criu/
>>>> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
>>>> root/git/criu/test/zdtm/static/pidns00.
>>>>>>  8367 pts/0    S      0:00              |                   |   \_ ../criu/
>>>> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
>>>> root/git/criu/test/zdtm/static/pidns00.
>>>>>>  8369 pts/0    S      0:00              |                   |   \_ ../criu/
>>>> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
>>>> root/git/criu/test/zdtm/static/pidns00.
>>>>>>  8370 pts/0    S      0:00              |                   |   \_ ../criu/
>>>> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
>>>> root/git/criu/test/zdtm/static/pidns00.
>>>>>>  8349 pts/0    S      0:00              |                   \_ ../criu/criu
>>>> restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /root/git
>>>> /criu/test/zdtm/static/pidns00.pid
>>>>>>  8362 pts/0    S      0:00              |                       \_ ../criu/
>>>> criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile /
>>>> root/git/criu/test/zdtm/static/pidns00.
>>>>>>  8363 pts/0    S      0:00              |                           \_ ../
>>>> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
>>>> /root/git/criu/test/zdtm/static/pidn
>>>>>>  8366 pts/0    S      0:00              |                           |   \_
>>>> ../criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4
>>>> --pidfile /root/git/criu/test/zdtm/static/
>>>>>>  8364 pts/0    S      0:00              |                           \_ ../
>>>> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
>>>> /root/git/criu/test/zdtm/static/pidn
>>>>>>  8365 pts/0    S      0:00              |                           \_ ../
>>>> criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4 --pidfile
>>>> /root/git/criu/test/zdtm/static/pidn
>>>>>>  8368 pts/0    S      0:00              |                               \_
>>>> ../criu/criu restore -o restore.log -D dump/zdtm/static/pidns00/29/1 -v4
>>>> --pidfile /root/git/criu/test/zdtm/static/
>>>>>>  8371 pts/0    R+     0:00              \_ ps axf
>>>>>
>>>>> Could you start the test with --sbs? I suppose, zombies are there for some
>>>> reasons, and they are not appropriate dumped.
>>>>
>>>> --sbs doesn't help, I tried to wait a few seconds between each step.
>>>>
>>>> I run pidns00 with the next patch:
>>>> diff --git a/test/zdtm/static/pidns00.c b/test/zdtm/static/pidns00.c
>>>> index e3ed74b..e86d488 100644
>>>> --- a/test/zdtm/static/pidns00.c
>>>> +++ b/test/zdtm/static/pidns00.c
>>>> @@ -54,6 +54,11 @@ futex_t *futex;
>>>>  
>>>>  int child(void)
>>>>  {
>>>> +       int fd = open("/proc/self/ns/pid", O_RDONLY);
>>>> +       unshare(CLONE_NEWPID);
>>>> +       if (fork())
>>>> +               setns(fd, CLONE_NEWPID);
>>>> +       close(fd);
>>>>         futex_wait_while_lt(futex, 1);
>>>>         return 0;
>>>>  }
>>>>


More information about the CRIU mailing list