Re: [PATCH RFC fs/namespace] Make kern_unmount() use synchronize_rcu_expedited()

From: Christoph Bartoschek
Date: Tue Apr 26 2022 - 03:00:02 EST

Next message: Yu Zhao: "Re: [PATCH v10 12/14] mm: multi-gen LRU: debugfs interface"
Previous message: Srinivasa Rao Mandadapu: "Re: [PATCH v10 00/12] Add soundcard support for sc7280 based platforms."
Next in thread: Paul E. McKenney: "Re: [PATCH RFC fs/namespace] Make kern_unmount() use synchronize_rcu_expedited()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The regression that has been introduced with commit
e1eb26fa62d04ec0955432be1aa8722a97cb52e7 has hit us when building with Bazel
using the linux-sandbox
(https://github.com/bazelbuild/bazel/blob/master/src/main/tools/linux-sandbox.cc).
The sandbox tries to isolate build steps from each other and to ensure that
builds are hermetic and therefore sets up new namespaces for each step. For
large software packages and even with the time spend building we run out of
namespaces on larger machines that allow for enough parallelism. I have reduced
the sandbox to a simple test case:

#define _GNU_SOURCE
#include <errno.h>
#include <sched.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/wait.h>

int pid1main(void *) {
return 0;
}

int main(void) {
int clone_flags = CLONE_NEWUSER | CLONE_NEWIPC | SIGCHLD;
void * stack = malloc(1024*1024);
const pid_t child_pid = clone(pid1main, stack + 1024*1024, clone_flags, NULL);

if (child_pid < 0) {
perror("clone");
}
int ret = waitpid(child_pid, NULL, 0);
if (ret < 0) {
perror("waitpid");
return ret;
}
return 0;
}

Run it with
$ gcc clone-test.cc
$ seq 1 10000000 | parallel --halt now,fail=1 -j32 $PWD/a.out
clone: No space left on device
waitpid: No child processes
parallel: This job failed:
/usr/local/google/home/bartoschek/linux-sandbox-test/a.out 53070

I run the test on kernel v5.18-rc4.
Depending on your configured limits you will soon get an ENOSPC even though
never more than 32 additional namespaces should be in use by parallel.
During execution the whole system can become quite unresponsive.
This does not happen without e1eb26fa62d04ec0955432be1aa8722a97cb52e7.

I see that the issue was already reported in 2020:
http://merlin.infradead.org/pipermail/linux-nvme/2020-September/019565.html

Would it be possible to revert e1eb26fa62d04ec0955432be1aa8722a97cb52e7? It
seems to make the kernel less deterministic and hard to reason about active
namespaces.

Christoph

Next message: Yu Zhao: "Re: [PATCH v10 12/14] mm: multi-gen LRU: debugfs interface"
Previous message: Srinivasa Rao Mandadapu: "Re: [PATCH v10 00/12] Add soundcard support for sc7280 based platforms."
Next in thread: Paul E. McKenney: "Re: [PATCH RFC fs/namespace] Make kern_unmount() use synchronize_rcu_expedited()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]