Add option to disable time limit in eval-in-sandbox

On systems without SIGALRM, the other features of eval-in-sandbox may still be useful. This adds the option to set #:time-limit to #f to indicate no timeout. * NEWS: updated * module/ice-9/sandbox.scm (eval-in-sandbox): allow #:time-limit key to be #f to disable time limit * doc/ref/api-evaluation.texi (eval-in-sandbox): update documentation * test-suite/tests/sandbox.scm ("eval-in-sandbox"): throw unsupported if no SIGALARM ("eval-in-sandbox no timeout"): new tests for eval-in-sandbox
2025-06-26 21:20:30 +02:00 · 2023-07-04 10:26:49 -07:00 · 2023-07-04 10:26:49 -07:00 · 8d388c97e7
commit 8d388c97e7
parent 68af1c93e7
4 changed files with 73 additions and 20 deletions
--- a/module/ice-9/sandbox.scm
+++ b/module/ice-9/sandbox.scm
@ -6,18 +6,18 @@
 ;;;; modify it under the terms of the GNU Lesser General Public
 ;;;; License as published by the Free Software Foundation; either
 ;;;; version 3 of the License, or (at your option) any later version.
-;;;; 
+;;;;
 ;;;; This library is distributed in the hope that it will be useful,
 ;;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
 ;;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 ;;;; Lesser General Public License for more details.
-;;;; 
+;;;;
 ;;;; You should have received a copy of the GNU Lesser General Public
 ;;;; License along with this library; if not, write to the Free Software
 ;;;; Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

 ;;; Commentary:
-;;; 
+;;;
 ;;; Code:

 (define-module (ice-9 sandbox)
@ -217,9 +217,9 @@ respectively."
                          (module (make-sandbox-module bindings))
                          (sever-module? #t))
  "Evaluate the Scheme expression @var{exp} within an isolated
-\"sandbox\".  Limit its execution to @var{time-limit} seconds of
-wall-clock time, and limit its allocation to @var{allocation-limit}
-bytes.
+\"sandbox\".  When @var{time-limit} is true, limit its execution to
+@var{time-limit} seconds of wall-clock time. Limit its allocation to
+@var{allocation-limit} bytes.

 The evaluation will occur in @var{module}, which defaults to the result
 of calling @code{make-sandbox-module} on @var{bindings}, which itself
@ -256,10 +256,19 @@ allocation limit is exceeded, an exception will be thrown to the
  (dynamic-wind
    (lambda () #t)
    (lambda ()
-      (call-with-time-and-allocation-limits
-       time-limit allocation-limit
-       (lambda ()
-         (eval exp module))))
+      (if time-limit
+        (call-with-time-and-allocation-limits
+         time-limit allocation-limit
+         (lambda ()
+           (eval exp module)))
+
+        (call-with-allocation-limit
+         allocation-limit
+         (lambda ()
+           (eval exp module))
+         (lambda ()
+           (scm-error 'limit-exceeded "with-resource-limits"
+                      "Allocation limit exceeded" '() #f)))))
    (lambda () (when sever-module? (sever-module! module)))))