RFR: 8351382: New test containers/docker/TestMemoryWithSubgroups.java is failing [v3]
Severin Gehwolf
sgehwolf at openjdk.org
Mon Mar 17 13:54:55 UTC 2025
On Mon, 17 Mar 2025 13:38:18 GMT, Sergey Chernyshev <schernyshev at openjdk.org> wrote:
>> The new test fails in rootless Docker mode after [JDK-8343191](https://bugs.openjdk.org/browse/JDK-8343191):
>>
>> containers/docker/TestMemoryWithSubgroups.java
>>
>> [STDERR]
>>
>> Resource limits are not supported and ignored on cgroups V1 rootless systems
>>
>> [STDOUT]
>>
>> mkdir: cannot create directory '/sys/fs/cgroup/memory/test': Permission denied
>> sh: /sys/fs/cgroup/memory/test/memory.limit_in_bytes: No such file or directory
>> sh: /sys/fs/cgroup/memory/test/cgroup.procs: No such file or directory
>>
>> The test TestMemoryWithSubgroups.java uses `--privileged` mode to modify process' cgroup, that has no effect in rootless mode. The test has to be skiped.
>>
>> The fix is to query `info -f {{println .SecurityOptions}}` and check whether it has `name=rootless` in the output.
>
> Sergey Chernyshev has updated the pull request incrementally with one additional commit since the last revision:
>
> fix Podman emulating Docker CLI.
Seems a good solution. Please add a comment and this should be good to go if it now also passes Oracle CI. Thanks!
test/hotspot/jtreg/containers/docker/TestMemoryWithSubgroups.java line 58:
> 56: return (getEngineInfo("{{.Host.Security.Rootless}}").contains("true") ||
> 57: getEngineInfo("{{.SecurityOptions}}").contains("name=rootless"));
> 58: }
Please add a comment why need to check both (i.e. `docker => .SecurityOptions; podman => .Host.Security.Rootless`. Now it's no longer clear why we query two different values.
-------------
PR Review: https://git.openjdk.org/jdk/pull/23948#pullrequestreview-2690593281
PR Review Comment: https://git.openjdk.org/jdk/pull/23948#discussion_r1998777994
More information about the hotspot-runtime-dev
mailing list