Package: systemd
Version: 232-25+deb9u1
Severity: important


I have an issue with Systemd unsetting the memory limit for my container,
whereupon programs like free and htop report having access to 8 exabyte
of memory.

The setup is the following:

Release: Debian jessie
Kernel: 4.9.65-3+deb9u2~bpo8+1 (jessie backports)
Container provider: libvirt 3.0.0-4~bpo8+1 (jessie backports)
Systemd: 215-17+deb8u7 (jessie)
cgroup hierarchy: legacy

Release: Debian stretch
Systemd: 232-25+deb9u1 (stretch)

There are several containers running on the host, but this problem only
occurs with all the Debian stretch containers. Containers running Debian
jessie or older Ubuntu 12.04 aren't affected.
Each container is configured to cgroup enforced memory limit in it's
libvirt domain file.
<memory unit='KiB'>4194304</memory>
<memory unit='KiB'>2097152</memory>

Steps to reproduce + observations:
1) start a container with virsh -c lxc://
2) virsh -c lxc:// memtune
   reports a hard_limit of 2097152
3) cat
outputs 2147483648
4) nsenter -t <pid> -m -u -i -n -p free  reports 2097152 kB
5) ssh free  reports 9007199254740991 kB
3) cat
outputs 9223372036854771712
6) nsenter -t <pid> -m -u -i -n -p free  reports 9007199254740991 kB
7) virsh -c lxc:// memtune
   reports a hard_limit of unlimited

As far as I can tell it seems to be that systemd unsets the cgroup memory
limit when creating the user session. However why it gets set to
9223372036854771712 instead of the 255G of the host I don't know.

In any case I am looking forward to a better solution than resetting the
limits through cron every minute.

-- Package-specific info:

-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-0.bpo.5-amd64 (SMP w/32 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser         3.115
ii  libacl1         2.2.52-3+b1
ii  libapparmor1    2.11.0-3
ii  libaudit1       1:2.6.7-2
ii  libblkid1       2.29.2-1
ii  libc6           2.24-11+deb9u1
ii  libcap2         1:2.25-1
ii  libcryptsetup4  2:1.7.3-4
ii  libgcrypt20     1.7.6-2+deb9u2
ii  libgpg-error0   1.26-2
ii  libidn11        1.33-1
ii  libip4tc0       1.6.0+snapshot20161117-6
ii  libkmod2        23-2
ii  liblz4-1        0.0~r131-2+b1
ii  liblzma5        5.2.2-1.2+b1
ii  libmount1       2.29.2-1
ii  libpam0g        1.1.8-3.6
ii  libseccomp2     2.3.1-2.1
ii  libselinux1     2.6-3+b3
ii  libsystemd0     232-25+deb9u1
ii  mount           2.29.2-1
ii  procps          2:3.3.12-3
ii  util-linux      2.29.2-1

Versions of packages systemd recommends:
ii  dbus            1.10.24-0+deb9u1
ii  libpam-systemd  232-25+deb9u1

Versions of packages systemd suggests:
pn  policykit-1        <none>
pn  systemd-container  <none>
pn  systemd-ui         <none>

Versions of packages systemd is related to:
pn  dracut           <none>
pn  initramfs-tools  <none>
ii  udev             232-25+deb9u1

-- no debconf information

Pkg-systemd-maintainers mailing list

Reply via email to