================
@@ -620,6 +621,8 @@ CrossTranslationUnitContext::ASTLoader::loadFromSource(
auto Diags = llvm::makeIntrusiveRefCnt<DiagnosticsEngine>(DiagID, *DiagOpts,
DiagClient);
+ // This runs the driver which isn't expected to be free of sandbox
violations.
+ auto BypassSandbox = llvm::sys::sandbox::scopedDisable();
----------------
jansvoboda11 wrote:
I'm not sure. We already have a sandbox disablement due to the driver here:
https://github.com/llvm/llvm-project/blob/5c3f02cbb344ffcd6766c1959e7851d1afec118f/clang/tools/driver/cc1gen_reproducer_main.cpp#L119-L120
and that doesn't have a FIXME. I'm not sure how actionable these FIXMEs would
be, since the driver performs _lots_ of FS operations and some don't have an
equivalent on the VFS layer (`access()` comes to mind). Currently there'd be
little upside in resolving the FIXMEs (even though it makes sense conceptually).
I don't have a strong opinion, but if we decide to go forward with the FIXMEs,
wouldn't it make sense to put them on the driver and have the sandbox
disablement somewhere in the `clangDriver` library?
https://github.com/llvm/llvm-project/pull/175097
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
