[compiler-rt] [tsan] Lazily call 'personality' to minimize sandbox violations (PR #79334)
Thurston Dang via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 24 10:50:24 PST 2024
================
@@ -267,6 +267,14 @@ static void ReExecIfNeeded() {
if (reexec) {
// Don't check the address space since we're going to re-exec anyway.
} else if (!CheckAndProtect(false, false, false)) {
+ // ASLR personality check.
+ // N.B. 'personality' is sometimes forbidden by sandboxes, so we only call
+ // this as a last resort (when the memory mapping is incompatible and TSan
+ // would fail anyway).
+ int old_personality = personality(0xffffffff);
----------------
thurstond wrote:
Ah, I see! I've added `compiler-rt/test/sanitizer_common/TestCases/Linux/sandbox_forbidden_functions.cpp`. I tested that the test failed with TSan in the absence of this fix, and passes with this fix.
Note that it does have a false positive when TSan is run with high-entropy ASLR: in that environment, calling 'personality' (to check/disable ASLR) is the intended behavior.
https://github.com/llvm/llvm-project/pull/79334
More information about the llvm-commits
mailing list