my $vfork_spawn = <<'VFORK_SPAWN';
#include <sys/types.h>
#include <sys/uio.h>
+#include <sys/time.h>
+#include <sys/resource.h>
#include <unistd.h>
#include <alloca.h>
#include <signal.h>
* whatever we'll need in the future.
* Be sure to update PublicInbox::SpawnPP if this changes
*/
-int public_inbox_fork_exec(int in, int out, int err,
- SV *file, SV *cmdref, SV *envref)
+int pi_fork_exec(int in, int out, int err,
+ SV *file, SV *cmdref, SV *envref, SV *rlimref)
{
AV *cmd = (AV *)SvRV(cmdref);
AV *env = (AV *)SvRV(envref);
+ AV *rlim = (AV *)SvRV(rlimref);
const char *filename = SvPV_nolen(file);
pid_t pid;
char **argv, **envp;
pid = vfork();
if (pid == 0) {
int sig;
+ I32 i, max;
REDIR(in, 0);
REDIR(out, 1);
REDIR(err, 2);
for (sig = 1; sig < NSIG; sig++)
signal(sig, SIG_DFL); /* ignore errors on signals */
+
+ max = av_len(rlim);
+ for (i = 0; i < max; i += 3) {
+ struct rlimit rl;
+ SV **res = av_fetch(rlim, i, 0);
+ SV **soft = av_fetch(rlim, i + 1, 0);
+ SV **hard = av_fetch(rlim, i + 2, 0);
+
+ rl.rlim_cur = SvIV(*soft);
+ rl.rlim_max = SvIV(*hard);
+ if (setrlimit(SvIV(*res), &rl) < 0)
+ xerr("sertlimit");
+ }
+
/*
* don't bother unblocking, we don't want signals
* to the group taking out a subprocess
unless (defined $vfork_spawn) {
require PublicInbox::SpawnPP;
no warnings 'once';
- *public_inbox_fork_exec = *PublicInbox::SpawnPP::public_inbox_fork_exec
+ *pi_fork_exec = *PublicInbox::SpawnPP::pi_fork_exec
}
# n.b. we never use absolute paths with this
my $in = $opts->{0} || 0;
my $out = $opts->{1} || 1;
my $err = $opts->{2} || 2;
- my $pid = public_inbox_fork_exec($in, $out, $err, $f, $cmd, \@env);
+ my $rlim = [];
+
+ foreach my $l (qw(RLIMIT_CPU RLIMIT_CORE RLIMIT_DATA)) {
+ defined(my $v = $opts->{$l}) or next;
+ my ($soft, $hard);
+ if (ref($v)) {
+ ($soft, $hard) = @$v;
+ } else {
+ $soft = $hard = $v;
+ }
+ my $r = eval "require BSD::Resource; BSD::Resource::$l();";
+ unless (defined $r) {
+ warn "$l undefined by BSD::Resource: $@\n";
+ next;
+ }
+ push @$rlim, $r, $soft, $hard;
+ }
+ my $pid = pi_fork_exec($in, $out, $err, $f, $cmd, \@env, $rlim);
$pid < 0 ? undef : $pid;
}
use POSIX qw(dup2 :signal_h);
# Pure Perl implementation for folks that do not use Inline::C
-sub public_inbox_fork_exec ($$$$$$) {
- my ($in, $out, $err, $f, $cmd, $env) = @_;
+sub pi_fork_exec ($$$$$$) {
+ my ($in, $out, $err, $f, $cmd, $env, $rlim) = @_;
my $old = POSIX::SigSet->new();
my $set = POSIX::SigSet->new();
$set->fillset or die "fillset failed: $!";
$pid = -1;
}
if ($pid == 0) {
+ while (@$rlim) {
+ my ($r, $soft, $hard) = splice(@$rlim, 0, 3);
+ BSD::Resource::setrlimit($r, $soft, $hard) or
+ warn "failed to set $r=[$soft,$hard]\n";
+ }
if ($in != 0) {
dup2($in, 0) or die "dup2 failed for stdin: $!";
}
isnt($?, 0, '$? set properly: '.$?);
}
+SKIP: {
+ eval {
+ require BSD::Resource;
+ defined(BSD::Resource::RLIMIT_CPU())
+ } or skip 'BSD::Resource::RLIMIT_CPU missing', 3;
+ my ($r, $w);
+ pipe($r, $w) or die "pipe: $!";
+ my $cmd = ['sh', '-c', 'while true; do :; done'];
+ my $opt = { RLIMIT_CPU => [ 1, 1 ], RLIMIT_CORE => 0, 1 => fileno($w) };
+ my $pid = spawn($cmd, undef, $opt);
+ close $w or die "close(w): $!";
+ my $rset = '';
+ vec($rset, fileno($r), 1) = 1;
+ ok(select($rset, undef, undef, 5), 'child died before timeout');
+ is(waitpid($pid, 0), $pid, 'XCPU child process reaped');
+ isnt($?, 0, 'non-zero exit status');
+}
+
done_testing();
1;