From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755167AbcGEOe7 (ORCPT ); Tue, 5 Jul 2016 10:34:59 -0400 Received: from mx1.redhat.com ([209.132.183.28]:60517 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754753AbcGEOe5 (ORCPT ); Tue, 5 Jul 2016 10:34:57 -0400 Date: Tue, 5 Jul 2016 16:34:52 +0200 From: Oleg Nesterov To: Xishi Qiu Cc: ebiederm@xmission.com, Linux MM , LKML Subject: Re: is pid_namespace leak in v3.10? Message-ID: <20160705143452.GA20099@redhat.com> References: <577B9CC5.3090404@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <577B9CC5.3090404@huawei.com> User-Agent: Mutt/1.5.24 (2015-08-30) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 05 Jul 2016 14:34:56 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07/05, Xishi Qiu wrote: > > I find pid_namespace leak by "cat /proc/slabinfo | grep pid_namespace". > The kernel version is RHEL 7.1 (kernel v3.10 stable). > The following is the test case, after several times, the count of pid_namespace > become very large, is it correct? Apparently not, > I also test mainline, and the count will increase too, but it seems stably later. And I can't reproduce the problem with the latest rhel7 kernel. And just in case, I have no idea what actually slub reports as "active_objs" but certainly this is not the number of allocated "in use" objects, so it is fine if this counter doesn't go to zero when your test-case exits. But it should not grow "too much". > BTW, this patch doesn't help. > 24c037ebf5723d4d9ab0996433cee4f96c292a4d > exit: pidns: alloc_pid() leaks pid_namespace if child_reaper is exiting Sure, it can't help, your test-case doesn't fork other processes which could race with the exiting sub-namespace init. > int main() > { > pid_t pid, child_pid; > int i, status; > void *stack; > > for (i = 0; i < 100; i++) { > stack = malloc(8192); > pid = clone(&test, (char *)stack + 8192, CLONE_NEWPID|SIGCHLD, 0); > } > > sleep(5); is this sleep() really needed to trigger the problem? Oleg.