Re: RFC Hanging clean-up of a namespace

All of lore.kernel.org
 help / color / mirror / Atom feed

From: ebiederm@xmission.com (Eric W. Biederman)
To: Hans Schillstrom <hans.schillstrom@ericsson.com>
Cc: Hagen Paul Pfeifer <hagen@jauu.net>,
	David Miller <davem@davemloft.net>,
	"equinox\@diac24.net" <equinox@diac24.net>,
	"netdev\@vger.kernel.org" <netdev@vger.kernel.org>
Subject: Re: RFC Hanging clean-up of a namespace
Date: Fri, 20 Jan 2012 12:55:27 -0800	[thread overview]
Message-ID: <m1r4yurt4w.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <201201201251.25032.hans.schillstrom@ericsson.com> (Hans Schillstrom's message of "Fri, 20 Jan 2012 12:51:24 +0100")

Hans Schillstrom <hans.schillstrom@ericsson.com> writes:

> On Friday 20 January 2012 11:08:37 Eric W. Biederman wrote:
>> Hans Schillstrom <hans.schillstrom@ericsson.com> writes:
>> 
>> > On Thursday 19 January 2012 22:40:53 Hagen Paul Pfeifer wrote:
>> >> * Eric W. Biederman | 2012-01-19 13:24:13 [-0800]:
>> >> 
>> >> >This thread is a fascinating disconnect from reality all of the way
>> >> >around.
>> >> >
>> >> >- inet_twsk_purge already implements throwing out of timewait sockets
>> >> >  when a network namespaces is being cleaned up.  So the RFC is nonsense.
>> >> 
>> >> This is how it is implemented, not how it should be. TIME_WAIT is not the
>> >> problem, it is there to keep the stack from sending wrong RST messages. Maybe
>> >> the 2*MSL could be fixed by a more accurate 2*RTT.
>> >> 
>> >
>> > I was only refering to my printk's i.e. the last sockets leaving the namespace was
>> > from tcp_timer() with state 7, 2 minutes after free_nsproxy() was called.
>> > (and assumed that was the time_wait)
>> 
>> Which kernel are you running?  
>
>  3.2.0 
>
>> I can't find a mention of a function
>> named tcp_timer() anywhere in the kernel since 2.6.16 when the kernel
>> was put into git.
>
> Sorry, it was tcp_write_timer() in tcp_timer.c

Now that is different.  It sounds like your socket is flushing pending
writes that haven't made it to the network and is having trouble.   I
can't imagine an argument for not writing everything in the socket
buffers to the network if at all possible.

> We had a number of procs. with tcp connections open, and kill proc 1 (lxc-init)
> i.e. all procs. in the ns got killed within a few ms. 
> (or at least no visible traces left)

My current hypothesis is that the namespace actually didn't get freed
until the tcp socket finished closing.  You can check by looking at when
__put_net and then cleanup_net are called.

> We started with 2.6.32 but the cleanup process didn't work we always end up
> with ref-counts on loopback

Yeah a bunch of references get transfered to the loopback device so any
reference count buglets in the ip stack show up that way.

I have been wondering if there is a good way to guarantee network
device ref counts are balanced.  Because those problems are a royal pain
to track down.

Eric

next prev parent reply	other threads:[~2012-01-20 20:52 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-01-19 11:07 RFC Hanging clean-up of a namespace Hans Schillstrom
2012-01-19 13:31 ` David Lamparter
2012-01-19 17:40 ` David Miller
2012-01-19 19:01   ` David Lamparter
2012-01-19 19:06     ` David Miller
2012-01-19 19:25       ` David Lamparter
2012-01-19 19:31         ` David Miller
2012-01-19 19:53           ` David Lamparter
2012-01-19 20:27             ` David Miller
2012-01-19 21:03               ` David Lamparter
2012-01-19 21:24               ` Eric W. Biederman
2012-01-19 21:40                 ` David Lamparter
2012-01-19 21:40                 ` Hagen Paul Pfeifer
2012-01-19 21:47                   ` David Lamparter
2012-01-19 22:10                     ` Rick Jones
2012-01-19 22:16                     ` Hagen Paul Pfeifer
2012-01-19 22:37                     ` David Miller
2012-01-20  6:08                   ` Hans Schillstrom
2012-01-20 10:08                     ` Eric W. Biederman
2012-01-20 11:51                       ` Hans Schillstrom
2012-01-20 20:55                         ` Eric W. Biederman [this message]
2012-01-23  6:07                           ` Hans Schillstrom
2012-01-23  6:25                             ` Eric W. Biederman
2012-01-23  6:58                               ` Hans Schillstrom
2012-01-23  7:17                                 ` Eric W. Biederman
2012-01-23  7:30                                   ` Hans Schillstrom
2012-01-23  7:55                                     ` Eric W. Biederman
2012-01-19 19:40   ` Hans Schillström

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m1r4yurt4w.fsf@fess.ebiederm.org \
    --to=ebiederm@xmission.com \
    --cc=davem@davemloft.net \
    --cc=equinox@diac24.net \
    --cc=hagen@jauu.net \
    --cc=hans.schillstrom@ericsson.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.