A call to __sanitizer_sandbox_on_notify() should kill the background thread

[GoogleCodeExporter]

When Chromium sandbox is being enabled, it makes several checks for the process 
to be single-threaded.
Right now these checks are off under TSan, but I think a better idea is to make 
__sanitizer_sandbox_on_notify() kill our background thread.

Original issue reported on code.google.com by gli...@google.com on 26 Mar 2014 at 8:17

[GoogleCodeExporter]

Yes. Disabling the check doesn't even work in some cases.

The single-threadness checks are of two kinds:

1. Before fork(), so that we don't fork with threads.
2. Before using prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER,..) to enable 
seccomp-bpf.

It's ok to disable (1) before engaging TSAN, but it's not ok to disable (2), 
because seccomp-bpf can only sandbox one thread (creating threads after that 
inherits the policy though).

We're working on a solution for (2) in the kernel, where we could sandbox 
multiple threads at the same time.

One could also argue that it should be ok for testing to enable the sandbox 
only on the main thread and leave TSAN unsandboxed. For pure testing it may be 
adequate, but I'm a little worried about creating a complex logic that could 
regress into something unsafe.

Original comment by jln@chromium.org on 26 Mar 2014 at 8:24

[GoogleCodeExporter]

Fixed by http://llvm.org/viewvc/llvm-project?revision=207114&view=revision

Original comment by dvyu...@google.com on 24 Apr 2014 at 2:47

• Changed state: Fixed

[GoogleCodeExporter]

Adding Project:ThreadSanitizer as part of GitHub migration.

Original comment by gli...@google.com on 30 Jul 2015 at 9:21

• Added labels: ProjectThreadSanitizer