search

ioi / isolate

Sandbox for securely executing untrusted programs
Other
1.05k stars 157 forks source link

Scala compilation hangs #90

Closed hermanzdosilovic closed 4 years ago

hermanzdosilovic commented 4 years ago

Hi,

I am trying to compile a simple Scala hello, world program with isolate.

To install Scala on my Arch Linux PC I used this package. I have also installed isolate from the latest commit at the time of this writing.

Steps to reproduce:

  1. Save following source code as Main.scala: 
    object Main {
def main(args: Array[String]) = {
    println("hello, world")
}
}
  2. Initialize: isolate --cg --init
  3. Copy Main.scala to box: sudo cp Main.scala /var/local/lib/isolate/0/box/
  4. Run compilation: isolate --cg -p --run -- /usr/bin/scalac -verbose Main.scala

I have added the -verbose flag to better understand what is happening with the scalac.

Compilation and execution of the above hello, world program works as expected when I do not use isolate.

From my understanding after seeing the verbose output from scalac in both isolate and "native" compilation, they produce the same output but it seems there is some last step(s) that scalac needs to do before producing the class files but it does not finish in the case with isolate.

Please let me know if you need any more details from my side regarding this issue.

Can you please help me understand what is happening here and how can this be resolved?

Thank you in advance.

Best regards, Herman

gollux commented 4 years ago

Can you strace it inside the box?

hermanzdosilovic commented 4 years ago

I have run strace both in the box (isolate --cg -p --run -- /usr/bin/strace /usr/bin/scalac Main.scala) and outside (strace scalac Main.scala). You can find coresponding output in the attachment.

native.txt isolate.txt

gollux commented 4 years ago

Could you try it with strace -f, please?

hermanzdosilovic commented 4 years ago

Here they are, outputs with strace -f.

native.txt isolate.txt

gollux commented 4 years ago

Thanks. For whatever reason, Scala compiler calls ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}, which is essentially the C function tcsetattr(). You probably left stdin/stdout connected to the parent process's terminal, so the sandboxed compiler runs essentially as a background session of that terminal, so it gets the SIGTTOU signal when it tries to adjust settings of the terminal.

I think that redirecting stdin from /dev/null and stdout to a file should fix the problem.

hermanzdosilovic commented 4 years ago

Thank you very much @gollux!

I can now confirm that both compilation and execution works but I need to redirect stdin from /dev/null:

Compilation:

isolate --cg -p -i /dev/null --run -- /usr/bin/scalac Main.scala

Execution:

isolate --cg -p -i /dev/null --run -- /usr/bin/scala Main

Also, for others who might have the same problem, these also work:

$ echo "" | isolate --cg -p --run -- /usr/bin/scalac Main.scala
$ isolate --cg -p --run -- /usr/bin/scalac Main.scala < /dev/null