test-network: disable several more sandbox features when running with sanitizers

These settings also imply seccomp.
Hopefully fixes #39567.

test/test-network/systemd-networkd-tests.py

@@ -487,7 +487,19 @@ def create_service_dropin(service, command, additional_settings=None):
     if ubsan_options:
         drop_in += [f'Environment=UBSAN_OPTIONS="{ubsan_options}"']
     if asan_options or lsan_options or ubsan_options:
-        drop_in += ['SystemCallFilter=']
+        # Disable system call filter when running with sanitizers, as they seem to call filtered syscall at
+        # the very end of the execution and stuck the process. See issue #39567.
+        drop_in += [
+            'LockPersonality=no',
+            'ProtectClock=no',
+            'ProtectKernelLogs=no',
+            'RestrictAddressFamilies=',
+            'RestrictNamespaces=no',
+            'RestrictRealtime=no',
+            'RestrictSUIDSGID=no',
+            'SystemCallArchitectures=',
+            'SystemCallFilter=',
+        ]
     if use_valgrind or asan_options or lsan_options or ubsan_options:
         drop_in += ['MemoryDenyWriteExecute=no']
     if use_valgrind: