search

PLSysSec / rlbox

RLBox sandboxing framework
https://rlbox.dev
MIT License
287 stars 21 forks source link

Cannot build against glibc 2.34 with _DYNAMIC_STACK_SIZE_SOURCE #38

Closed rillian closed 2 years ago

rillian commented 2 years ago

As of glibc 2.34, MINSIGSTKSZ is mapped to a sysconf(_SC_SIGSTKSZ) i.e. it's a dynamic value. This fails the constexpr guards in catch2.

/usr/bin/c++  -I/rlbox_sandboxing_api/code/tests/rlbox_glue -I/rlbox_sandboxing_api/_build/_deps/catch2-src/single_include -I/rlbox_sandboxing_api/code/include -I/rlbox_sandboxing_api/code/tests/rlbox_glue/lib -std=c++17 -MD -MT CMakeFiles/test_rlbox_glue.dir/code/tests/test_main.cpp.o -MF CMakeFiles/test_rlbox_glue.dir/code/tests/test_main.cpp.o.d -o CMakeFiles/test_rlbox_glue.dir/code/tests/test_main.cpp.o -c /rlbox_sandboxing_api/code/tests/test_main.cpp
In file included from /usr/include/signal.h:328,
                 from /rlbox_sandboxing_api/_build/_deps/catch2-src/single_include/catch2/catch.hpp:7644,
                 from /rlbox_sandboxing_api/code/tests/test_main.cpp:2:
/rlbox_sandboxing_api/_build/_deps/catch2-src/single_include/catch2/catch.hpp:10376:58: error: call to non-'constexpr' function 'long int sysconf(int)'
10376 |     constexpr static std::size_t sigStackSize = 32768 >= MINSIGSTKSZ ? 32768 : MINSIGSTKSZ;
      |                                                          ^~~~~~~~~~~
In file included from /usr/include/bits/sigstksz.h:24,
                 from /usr/include/signal.h:328,
                 from /rlbox_sandboxing_api/_build/_deps/catch2-src/single_include/catch2/catch.hpp:7644,
                 from /rlbox_sandboxing_api/code/tests/test_main.cpp:2:
/usr/include/unistd.h:640:17: note: 'long int sysconf(int)' declared here
  640 | extern long int sysconf (int __name) __THROW;
      |                 ^~~~~~~

I suppose this is an upstream bug, but wanted to report it here in case anyone else had the same issue.

rillian commented 2 years ago

Here's a quick container description reproducing the issue

# Attempt build on a glibc 2.34 container

FROM fedora:35

RUN dnf install -y git cmake ninja-build gcc gcc-c++

RUN git clone https://github.com/PLSysSec/rlbox_sandboxing_api
WORKDIR rlbox_sandboxing_api

CMD cmake -G Ninja -B _build && cmake --build _build
rillian commented 2 years ago

Looks like this is fixed in Catch2 2.13.5.