Module monitor

Expand description

Process monitoring and output collection.

Monitors the sandboxed child process using pidfd and collects stdout/stderr. Uses poll() to multiplex between:

pidfd - Signals when child exits (no race conditions vs waitpid)
stdout pipe - Data from child’s stdout
stderr pipe - Data from child’s stderr
timeout - Kills child if deadline exceeded

§Output Limits

If stdout or stderr exceeds max_output, the child is killed with SIGKILL and status is set to OutputLimitExceeded. This prevents memory exhaustion from runaway output.

§Exit Detection

Uses waitid(P_PIDFD, ...) to get detailed exit information:

CLD_EXITED - Normal exit with exit code
CLD_KILLED / CLD_DUMPED - Killed by signal

Structs§

Output: Output from a sandboxed execution.

Enums§

Status: Status of the sandboxed execution.

Functions§

monitor: Monitor the child process and collect output.
write_stdin: Write stdin data to the child process.

Module monitor

Module monitor Copy item path

§Output Limits

§Exit Detection

Structs§

Enums§

Functions§

Module monitor