msan fails on FreeBSD with ASLR enabled

[emaste]

Disabling ASLR should not be a requirement for using msan on FreeBSD.

Right now it fails with

This sanitizer is not compatible with enabled ASLR and binaries compiled with PIE

The check was added in e2ed800.

If I downgrade the error to a warning locally I see:

$ ./a.out
This sanitizer is not compatible with enabled ASLR and binaries compiled with PIE
Running anyway
FATAL: Code 0x3dd1ab38d9b0 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
==81625==Process memory map follows:
        0x3dd1ab35b000-0x3dd1ab38c000   /usr/home/emaste/src/samples/llvm/msan/a.out
        0x3dd1ab38c000-0x3dd1ab3eb000   /usr/home/emaste/src/samples/llvm/msan/a.out
        0x3dd1ab3eb000-0x3dd1ab3ec000   /usr/home/emaste/src/samples/llvm/msan/a.out
        0x3dd1ab3ec000-0x3dd1ab3ef000   /usr/home/emaste/src/samples/llvm/msan/a.out
...

The "Code" address 0x3dd1ab38d9b0 is within the second address range 0x3dd1ab38c000-0x3dd1ab3eb000 for a.out.

[emaste]

Perhaps relevant comment about ASLR on Linux and PIE binaries: #21032 (comment)

[emaste]

I see CheckASLR calls in:

• compiler-rt/lib/dfsan/dfsan.cpp
• compiler-rt/lib/msan/msan.cpp
• compiler-rt/lib/memprof/memprof_rtl.cpp
• compiler-rt/lib/tsan/rtl/tsan_rtl.cpp
• compiler-rt/lib/tsan/rtl-old/tsan_rtl.cpp
• compiler-rt/lib/asan/asan_rtl.cpp

so this is not limited to msan; I haven't yet investigated how other sanitizers behave with ASLR on (and the check disabled).

In general it can be preferable to debug or run diagnostics with ASLR disabled (so that results are reproducible), although it should also be possible to override if desired. lldb for example has settings set target.disable-aslr false to run with ASLR enabled.

There are a couple of issues with CheckASLR for FreeBSD:

• it checks the kern.elf64.aslr.pie_enable sysctl (and kern.elf32.aslr.pie_enable) but these indicate the default ASLR on/off state for PIE binaries only; the default for "regular" ET_EXEC binaries is set by kern.elf64.aslr.enable and kern.elf32.aslr.enable.
• the sysctls indicate default settings, but ASLR can be enabled/disabled on a per-process basis
• we could improve user-friendliness by taking the same approach as Linux PPC, and re-execing the target with ASLR disabled, if necessary.

[emaste]

Review for first two bullets above: https://reviews.llvm.org/D117521

[emaste]

I have committed a change implementing bullet 3 above, in emaste/freebsd@96fe7c8 and emaste/freebsd@930a7c2. This will need more work for upstream as I believe we still support (in LLVM) FreeBSD versions without elf_aux_info / AT_EXEC_PATH. (See llvm/lib/Support/Unix/Path.inc std::string getMainExecutable())

[emaste]

elf_aux_info / AT_EXEC_PATH is (now) available in all supported FreeBSD releases

[DimitryAndric]

See also #73439.