饼图基地址在gdb中是固定的
[英]pie base address is fixed in gdb
问题描述
I am using ubuntu-13.10 with ASLR enabled 
我正在使用启用了ASLR的ubuntu-13.10
root@ubuntu:/home/meltdown# cat /proc/sys/kernel/randomize_va_space
2
I have compiled a simple hello world program with gcc -pie option. 我用gcc -pie选项编译了一个简单的hello world程序。 if I run this program stand alone, the base address of PIE executable is random. 如果我单独运行此程序,则PIE可执行文件的基址是随机的。 like this. 像这样。
root@ubuntu:/home/meltdown# cat /proc/8872/maps
b758b000-b758c000 rw-p 00000000 00:00 0
b758c000-b773a000 r-xp 00000000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b773a000-b773c000 r--p 001ae000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b773c000-b773d000 rw-p 001b0000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b773d000-b7740000 rw-p 00000000 00:00 0
b7752000-b7756000 rw-p 00000000 00:00 0
b7756000-b7757000 r-xp 00000000 00:00 0 [vdso]
b7757000-b7777000 r-xp 00000000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
b7777000-b7778000 r--p 0001f000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
b7778000-b7779000 rw-p 00020000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
b7779000-b777a000 r-xp 00000000 08:01 14942231 /tmp/a
b777a000-b777b000 r--p 00000000 08:01 14942231 /tmp/a
b777b000-b777c000 rw-p 00001000 08:01 14942231 /tmp/a
bf9f4000-bfa15000 rw-p 00000000 00:00 0 [stack]
however, if I debug this program with gdb, the PIE base address is always same(80000000). 但是,如果我使用gdb调试该程序,则PIE基址始终是相同的(80000000)。
root@ubuntu:/home/meltdown# cat /proc/8840/maps
80000000-80001000 r-xp 00000000 08:01 14942231 /tmp/a
80001000-80002000 r--p 00000000 08:01 14942231 /tmp/a
80002000-80003000 rw-p 00001000 08:01 14942231 /tmp/a
b7e12000-b7e13000 rw-p 00000000 00:00 0
b7e13000-b7fc1000 r-xp 00000000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b7fc1000-b7fc3000 r--p 001ae000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b7fc3000-b7fc4000 rw-p 001b0000 08:01 10749216 /lib/i386-linux-gnu/libc-2.17.so
b7fc4000-b7fc7000 rw-p 00000000 00:00 0
b7fdb000-b7fdd000 rw-p 00000000 00:00 0
b7fdd000-b7fde000 r-xp 00000000 00:00 0 [vdso]
b7fde000-b7ffe000 r-xp 00000000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
b7ffe000-b7fff000 r--p 0001f000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
b7fff000-b8000000 rw-p 00020000 08:01 10749212 /lib/i386-linux-gnu/ld-2.17.so
bffdf000-c0000000 rw-p 00000000 00:00 0 [stack]
can someone explain why?? 有人可以解释为什么吗?
1 个解决方案
解决方案1
3 已采纳 2014-03-03 13:33:27
The gdb debugger, by default, turns off address space layout randomisation. 默认情况下, gdb调试器关闭地址空间布局随机化。 This is partially to ensure you're always debugging the same environment. 这部分是为了确保您始终在调试相同的环境。 From the gdb documentation (search for disable-randomization ): 从gdb文档中 (搜索disable-randomization ):
This option is useful for multiple debugging sessions to make the execution better reproducible and memory addresses reusable across debugging sessions.
It's the same reason why I use srand(42) at the start of my code (only when debugging) rather than srand(time(NULL)) - it provides an absolutely consistent environment from run to run, to make debugging easier. 这就是为什么我在代码开始时(仅在调试时)而不是srand(time(NULL))而不是srand(time(NULL))才使用srand(42)原因-它提供了从运行到运行的绝对一致的环境,从而使调试更加容易。
If you had a very subtle bug that was caused by where your code was located in the address space, it may come and go on different runs within the debugger, unless ASLR was disabled. 如果您有一个非常细微的错误是由代码在地址空间中的位置引起的,则除非禁用了ASLR,否则它可能会在调试器中进行不同的运行。
You can use: 您可以使用:
set disable-randomization off
before starting your program from within gdb to re-enable ASLR, as per the gdb documentation. 根据gdb文档,在从gdb启动程序以重新启用ASLR之前。
I suspect you can also use gdb to attach to an already-running process (which is under the ASLR effect) rather than having gdb start your program from scratch though I tend to prefer the use of ~/.gdbinit to force ASLR to be activated. 我怀疑您也可以使用gdb附加到已在运行的进程中(这受ASLR的影响),而不是让gdb从头开始启动程序,尽管我倾向于使用~/.gdbinit来强制激活ASLR。 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.