runc incompatibility: `cannot set swap limit without the memory limit`

[AkihiroSuda]

runc (v1.1.4) accepts the following .linux.resources configuration, but crun (v1.5) rejects with cannot set swap limit without the memory limit

    "resources": {
      "devices": [
        {
          "allow": false,
          "access": "rwm"
        }
      ],
      "memory": {
        "swap": 0
      }
    }

[kolyshkin]

runc does reject such configuration, too, but only for cgroup v2.

[AkihiroSuda]

runc does reject such configuration, too, but only for cgroup v2.

Doesn't seem rejected (runc v1.1.4, Ubuntu 22.04, kernel 5.15, cgroup v2 unified)

[giuseppe]

how should it be handled? Reading the memory limit?

[AkihiroSuda]

runc just treats "memory": { "swap": 0 } as "memory": {} (unset).

https://github.com/opencontainers/runc/blob/5fd4c4d144137e991c4acebb2146ab1483a97925/libcontainer/specconv/spec_linux.go#L712-L713

[flouthoc]

While checking the runc source code I see it adds expection while validating when swap is set to 0 here

• https://github.com/opencontainers/runc/blob/main/libcontainer/cgroups/fs2/memory.go#L36 and
• https://github.com/opencontainers/runc/blob/main/libcontainer/cgroups/utils.go#L431

Once I remove these check runc fails same as crun, however while reading about the values https://facebookmicrosites.github.io/cgroup2/docs/memory-controller.html#using-swap I think setting memory.swap.max to 0 is still allowed as a way to disable the swap as compared to default value which is max.

[flouthoc]

Okay I think if runc accepts 0 as a valid value of memory.swap.max from config then it never applies it, so there is a bug in runc as well afaics ( if 0 is a valid value for memory.swap.max as per [1]). I found where is it going wrong, but I want others to take a look at [1] before creating any changes there.

1: https://facebookmicrosites.github.io/cgroup2/docs/memory-controller.html#using-swap