| blob | 6a37508fd4d01dc43889199bd4f55bacf57f311d |
1 /* timeout -- run a command with bounded time
2 Copyright (C) 2008-2011 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
18 /* timeout - Start a command, and kill it if the specified timeout expires
20 We try to behave like a shell starting a single (foreground) job,
21 and will kill the job if we receive the alarm signal we setup.
22 The exit status of the job is returned, or one of these errors:
23 EXIT_TIMEDOUT 124 job timed out
24 EXIT_CANCELED 125 internal error
25 EXIT_CANNOT_INVOKE 126 error executing job
26 EXIT_ENOENT 127 couldn't find job to exec
28 Caveats:
29 If user specifies the KILL (9) signal is to be sent on timeout,
30 the monitor is killed and so exits with 128+9 rather than 124.
32 If you start a command in the background, which reads from the tty
33 and so is immediately sent SIGTTIN to stop, then the timeout
34 process will ignore this so it can timeout the command as expected.
35 This can be seen with `timeout 10 dd&` for example.
36 However if one brings this group to the foreground with the `fg`
37 command before the timer expires, the command will remain
38 in the stop state as the shell doesn't send a SIGCONT
39 because the timeout process (group leader) is already running.
40 To get the command running again one can Ctrl-Z, and do fg again.
41 Note one can Ctrl-C the whole job when in this state.
42 I think this could be fixed but I'm not sure the extra
43 complication is justified for this scenario.
45 Written by Pádraig Brady. */
47 #include <config.h>
48 #include <getopt.h>
49 #include <stdio.h>
50 #include <sys/types.h>
51 #include <signal.h>
52 #include <sys/wait.h>
62 #if HAVE_SETRLIMIT
63 /* FreeBSD 5.0 at least needs <sys/types.h> and <sys/time.h> included
64 before <sys/resource.h>. Currently "system.h" includes <sys/time.h>. */
65 # include <sys/resource.h>
66 #endif
68 /* NonStop circa 2011 lacks both SA_RESTART and siginterrupt. */
69 #ifndef SA_RESTART
70 # define SA_RESTART 0
71 #endif
84 /* for long options with no corresponding short option, use enum */
85 enum
86 {
88 };
91 {
98 };
100 /* Start the timeout after which we'll receive a SIGALRM.
101 Round DURATION up to the next representable value.
102 Treat out-of-range values as if they were maximal,
103 as that's more useful in practice than reporting an error.
104 '0' means don't timeout. */
105 static void
107 {
108 /* timer_settime() provides potentially nanosecond resolution.
109 setitimer() is more portable (to Darwin for example),
110 but only provides microsecond resolution and thus is
111 a little more awkward to use with timespecs, as well as being
112 deprecated by POSIX. Instead we fallback to single second
113 resolution provided by alarm(). */
115 #if HAVE_TIMER_SETTIME
118 timer_t timerid;
120 {
123 else
124 {
127 }
128 }
129 else
131 #endif
136 else
137 {
140 }
142 }
144 /* send sig to group but not ourselves.
145 * FIXME: Is there a better way to achieve this? */
146 static int
148 {
151 }
153 static void
155 {
157 {
160 }
162 {
164 {
167 }
169 {
170 /* Start a new timeout after which we'll send SIGKILL. */
174 }
176 /* Send the signal directly to the monitored child,
177 in case it has itself become group leader,
178 or is not running in a separate group. */
180 /* The normal case is the job has remained in our
181 newly created process group, so send to all processes in that. */
185 {
189 }
190 }
193 }
195 void
197 {
200 program_name);
201 else
202 {
230 `s' for seconds (the default), `m' for minutes, `h' for hours \
240 }
242 }
244 /* Given a floating point value *X, and a suffix character, SUFFIX_CHAR,
245 scale *X by the multiplier implied by SUFFIX_CHAR. SUFFIX_CHAR may
246 be the NUL byte or `s' to denote seconds, `m' for minutes, `h' for
247 hours, or `d' for days. If SUFFIX_CHAR is invalid, don't modify *X
248 and return false. Otherwise return true. */
250 static bool
252 {
256 {
272 }
277 }
279 static double
281 {
286 /* Nonnegative interval. */
288 /* No extra chars after the number and an optional s,m,h,d char. */
290 /* Check any suffix char and update timeout based on the suffix. */
292 {
295 }
298 }
300 static void
302 {
307 more likely to work cleanly. */
315 }
317 int
319 {
334 {
336 {
351 case_GETOPT_HELP_CHAR;
358 }
359 }
368 /* Ensure we're in our own group so all subprocesses can be killed.
369 Note we don't just put the child in a separate group as
370 then we would need to worry about foreground and background groups
371 and propagating signals between them. */
375 /* Setup handlers before fork() so that we
376 handle any signals caused by child, without races. */
384 {
387 }
392 /* exec doesn't reset SIG_IGN -> SIG_DFL. */
398 /* exit like sh, env, nohup, ... */
402 }
403 else
404 {
405 pid_t wait_result;
415 {
416 /* shouldn't happen. */
419 }
420 else
421 {
425 {
427 #if HAVE_SETRLIMIT && defined RLIMIT_CORE
429 {
430 /* exit with the signal flag set, but avoid core files. */
432 {
435 }
436 else
438 }
439 #endif
441 }
442 else
443 {
444 /* shouldn't happen. */
447 }
448 }
452 else
454 }
455 }