X-Git-Url: http://mj.ucw.cz/gitweb/?a=blobdiff_plain;ds=inline;f=box%2Fbox.c;h=892cc53eb9b8bee98fb369f7b4e8810a342375ad;hb=b07a7c4bf08db2928e1845c4e60798f7c9ad8b65;hp=323e07e77e9d270dc85d43f0092a346deba41ed1;hpb=3d702b1d81216efd198f8816c13c24466107327a;p=moe.git

diff --git a/box/box.c b/box/box.c
index 323e07e..892cc53 100644
--- a/box/box.c
+++ b/box/box.c
@@ -24,6 +24,7 @@
 #include <sys/sysinfo.h>
 #include <sys/syscall.h>
 #include <sys/resource.h>
+#include <linux/ptrace.h>
 
 #define NONRET __attribute__((noreturn))
 #define UNUSED __attribute__((unused))
@@ -37,6 +38,7 @@ static int pass_environ;
 static int file_access;
 static int verbose;
 static int memory_limit;
+static int stack_limit;
 static char *redir_stdin, *redir_stdout, *redir_stderr;
 static char *set_cwd;
 
@@ -120,10 +122,12 @@ box_exit(int rc)
       meta_printf("killed:1\n");
 
       struct rusage rus;
-      int stat;
-      int p = wait4(box_pid, &stat, 0, &rus);
+      int p, stat;
+      do
+	p = wait4(box_pid, &stat, 0, &rus);
+      while (p < 0 && errno == EINTR);
       if (p < 0)
-	fprintf(stderr, "UGH: Lost track of the process\n");
+	fprintf(stderr, "UGH: Lost track of the process (%m)\n");
       else
 	final_stats(&rus);
     }
@@ -826,23 +830,27 @@ sample_mem_peak(void)
 static void
 boxkeeper(void)
 {
-  int syscall_count = 0;
+  int syscall_count = (filter_syscalls ? 0 : 1);
   struct sigaction sa;
 
   is_ptraced = 1;
+
   bzero(&sa, sizeof(sa));
   sa.sa_handler = signal_int;
   sigaction(SIGINT, &sa, NULL);
+
   gettimeofday(&start_time, NULL);
   ticks_per_sec = sysconf(_SC_CLK_TCK);
   if (ticks_per_sec <= 0)
     die("Invalid ticks_per_sec!");
+
   if (timeout || wall_timeout)
     {
       sa.sa_handler = signal_alarm;
       sigaction(SIGALRM, &sa, NULL);
       alarm(1);
     }
+
   for(;;)
     {
       struct rusage rus;
@@ -1028,15 +1036,22 @@ box_inside(int argc, char **argv)
   else
     dup2(1, 2);
   setpgrp();
+
   if (memory_limit)
     {
       rl.rlim_cur = rl.rlim_max = memory_limit * 1024;
       if (setrlimit(RLIMIT_AS, &rl) < 0)
-	die("setrlimit: %m");
+	die("setrlimit(RLIMIT_AS): %m");
     }
+
+  rl.rlim_cur = rl.rlim_max = (stack_limit ? (rlim_t)stack_limit * 1024 : RLIM_INFINITY);
+  if (setrlimit(RLIMIT_STACK, &rl) < 0)
+    die("setrlimit(RLIMIT_STACK): %m");
+
   rl.rlim_cur = rl.rlim_max = 64;
   if (setrlimit(RLIMIT_NOFILE, &rl) < 0)
-    die("setrlimit: %m");
+    die("setrlimit(RLIMIT_NOFILE): %m");
+
   char **env = setup_environment();
   if (filter_syscalls)
     {
@@ -1064,6 +1079,7 @@ Options:\n\
 -E <var>=<val>\tSet the environment variable <var> to <val>; unset it if <var> is empty\n\
 -f\t\tFilter system calls (-ff=very restricted)\n\
 -i <file>\tRedirect stdin from <file>\n\
+-k <size>\tLimit stack size to <size> KB (default: 0=unlimited)\n\
 -m <size>\tLimit address space to <size> KB\n\
 -M <file>\tOutput process information to <file> (name:value)\n\
 -o <file>\tRedirect stdout to <file>\n\
@@ -1088,7 +1104,7 @@ main(int argc, char **argv)
   int c;
   uid_t uid;
 
-  while ((c = getopt(argc, argv, "a:c:eE:fi:m:M:o:p:r:s:t:Tvw:x:")) >= 0)
+  while ((c = getopt(argc, argv, "a:c:eE:fi:k:m:M:o:p:r:s:t:Tvw:x:")) >= 0)
     switch (c)
       {
       case 'a':
@@ -1107,6 +1123,9 @@ main(int argc, char **argv)
       case 'f':
 	filter_syscalls++;
 	break;
+      case 'k':
+	stack_limit = atol(optarg);
+	break;
       case 'i':
 	redir_stdin = optarg;
 	break;