Update safe_sleep.sh for bug when scheduler is paused for more than 1 second

[horner]

fixed a rare condition where the comparison may not be made within the second and then this will loop forever (or at least until a rollover of SECONDS) ;-)

sleep was replaced in #1707

But if safe_sleep.sh is running when a vm is suspended it will not do the comparison within the second and therefore loops forever when the vm is resumed.

[horner]

[andrewrk]

fixed a rare condition

I assume you mean "rare" as in, "not finished cooking" because it happens all the damn time

[paralin]

Is looping infinitely really an effective sleep?

[AXDOOMER]

Why are they not using the sleep command?

[inthesquarehole]

Why does a complete amateur work on code used by so many? Not that I use it, but this is just retarded.

[NicolasDorier]

I would suggest to just use sleep if available instead of doing something as extremely inefficient as that just so the 0.0001% of systems who doesn't have sleep can work.

Or better, just drop a sleep script in the PATH of the systems not supporting sleep by default... This might literally saves us from climate change.

[bybatkhuu]

Came from "primeagen" content, holys**t it's real???
WOW!

[symmetricalbyte]

“A remarkable demonstration of how far one can stretch the boundaries of conventional engineering wisdom.”

[jcastrence]

Ironically named "safe_sleep.sh" 😭

Technically, I guess it is safer to simply not run your code at all.

[Rudxain]

Sadly, this is now vulnerable to code-injection (see SC issue), because != is a string comparison and -lt is a numeric comparison

Bash is taking inspiration from PHP's insanity

[latekvo]

@Rudxain nice catch, I tested it on my end, and it actually allows for RCE

But as far as I see, safe_sleep.sh is never used with user input, so I don't think it's that serious. Still should be fixed in case it's exposed to the user in the future though.

[ngxson]

read -t $1

No external program needed

[andrzejsokolowski]

Doesn't this still take up an entire core of a CPU? Is this malicious code designed to waste as much processor compute time? Isn't this running this comparison billions of times a second? As other people pointed out in this thread, why not use sleep or other alternatives?

[pasabanov]

Isn't this running this comparison billions of times a second?

Not billions - bash is not that fast, but probably millions.
This still takes up an entire thread of the CPU.

why not use sleep or other alternatives?

This is a reasonable question. They previously had code that checked for programs like sleep or ping to use them if available, but they replaced it with this abomination.

[whoreson]

put me in the screenshot

[lachesis]

Under what circumstance is sleep actually not available?