Shellcheck is calling get_mempolicy causing failures

[Martiix]

For bugs

• My shellcheck version (shellcheck --version or "online"): 0.9.0

• [V] The rule's wiki page does not already cover this (e.g. https://shellcheck.net/wiki/SC2086)

• [V] I tried on https://www.shellcheck.net/ and verified that this is still a problem on the latest commit

Shellcheck is trying to run get_mempolicy which is blocked by default in docker. Why is it necessary to run this? It has been a call in shellcheck for a while, however, in the latest archlinux image it has started to actually cause exit codes != 0 and therefore cause CI jobs to fail. It can be bypassed in docker by adding --cap-add=sys_nice, however, we don't want to grant docker unnecessary access to the host. Is there a way to disable this in systemcall in shellcheck?

Here's a snippet or screenshot that shows the problem:

#!/bin/bash
$ docker run -it archlinux:latest bash
$ pacman -Sy shellcheck
$ shellcheck random.sh

Here's what shellcheck currently says:

get_mempolicy: Operation not permitted

Here's what I wanted or expected to see:

Exit code 0

[anordal]

Looks like a Haskell runtime incompatibility with Docker.

The call to get_mempolicy happens before hs_main:

$ ltrace shellcheck random.sh 
get_mempolicy: Operation not permitted
hs_main(2,  …

Same with this Haskell hello-world program:

$ docker run -it archlinux:latest bash
$ pacman -Sy ghc
$ echo 'main = putStrLn "hei verden"' > hello.hs
$ ghc -dynamic hello.hs -o hello
get_mempolicy: Operation not permitted
[1 of 1] Compiling Main             ( hello.hs, hello.o )
Linking hello ...
$ ./hello
get_mempolicy: Operation not permitted
hei verden

I don't know if this is related: https://gitlab.haskell.org/ghc/ghc/-/merge_requests/2369