Cgroup mem max: bytes or MiB?

Documentations says `--cgroup_mem_max` is in bytes:
https://github.com/google/nsjail/blame/0fbbb9566635e3f6c33697d2b34c950709d609ac/README.md#L250

Found this in `config.proto` saying its in MiB
https://github.com/google/nsjail/blob/f7554882fe44db576e688b9b21e4f46f5229da30/config.proto#L199

Than I decided to test this in my nsjail container:
```
root@d4a84b28ab73:/# echo "
> int main () {
>     long x[10000000000];
> }
> " > ml.cpp
root@d4a84b28ab73:/# g++ ml.cpp -o ml_exec
root@d4a84b28ab73:/# time nsjail -Mo --user 99999 --group 99999 --chroot / --time_limit 1 --cgroup_mem_max 1000000 --max_cpus 1 --cgroup_pids_max 1 --exec_file ml_exec
```
And as a surprise, I got
`[I][2020-07-16T04:10:50+0000] pid=61 ([STANDALONE MODE]) exited with status: 0, (PIDs left: 0)`
But,
```
root@d4a84b28ab73:/# time nsjail -Mo --user 99999 --group 99999 --chroot / --time_limit 1 --cgroup_mem_max 1024 --max_cpus 1 --cgroup_pids_max 1 --exec_file ml_exec
```
Got expected 
`[I][2020-07-16T04:10:30+0000] pid=59 ([STANDALONE MODE]) terminated with signal: SIGKILL (9), (PIDs left: 0)`

Am I doing something wrong or is it actually in MiB, not bytes? 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cgroup mem max: bytes or MiB? #146

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Cgroup mem max: bytes or MiB? #146

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions