https://bugzilla.novell.com/show_bug.cgi?id=757783 https://bugzilla.novell.com/show_bug.cgi?id=757783#c0 Summary: clone() with CLONE_NEWPID leaks kernel memory Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86-64 OS/Version: openSUSE 12.1 Status: NEW Severity: Critical Priority: P5 - None Component: Kernel AssignedTo: kernel-maintainers@forge.provo.novell.com ReportedBy: ccrssaa@karelia.ru QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120312 Firefox/11.0 SeaMonkey/2.8 Server with vsftpd running started to die in agony with kswapd eating 100% cpu after upgrading to openSUSE 12.1. Turned out that vsftpd isolates each process using CLONE_NEWPID and 3.1.9-1.4 kernel does not free pid_namespace slabs. Reproducible: Always Steps to Reproduce: 1. test.c: #include <stdio.h> #include <errno.h> #include <signal.h> #include <sched.h> #include <linux/sched.h> #include <unistd.h> #include <sys/syscall.h> int main(int argc, char *argv[]) { int i, ret; for (i = 0; i < 10000; i++) { if (0 == (ret = syscall(__NR_clone, CLONE_NEWPID | CLONE_NEWIPC | CLONE_NEWNET | SIGCHLD, NULL))) return 0; if (-1 == ret) { perror("clone"); break; } } return 0; } simulates vsftpd sysdeputil.c 2. gcc -Wall test.c 3. run ./a.out as root Actual Results: # cat /proc/slabinfo | grep namespace pid_namespace 0 0 2112 3 2 : tunables 24 12 8 : slabdata 0 0 0 user_namespace 0 0 1072 7 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2560 3 2 : tunables 24 12 8 : slabdata 0 0 0 # ./a.out # sleep 60 # cat /proc/slabinfo | grep namespace pid_namespace 10000 10002 2112 3 2 : tunables 24 12 8 : slabdata 3334 3334 0 user_namespace 0 0 1072 7 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2560 3 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace slabs are freed but pid_namespace stays forever. Expected Results: # ./a.out # sleep 60 # cat /proc/slabinfo | grep namespace pid_namespace 0 0 2112 3 2 : tunables 24 12 8 : slabdata 0 0 0 net_namespace 0 0 2944 2 2 : tunables 24 12 8 : slabdata 0 0 0 TWIMC: switched from vsftpd to proftpd as a workaround. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.