0

I am using gdb disassemble my_fun

#    0x7ffff5792a60 <PRIVATE0000000000579168>:  push   %r12
# => 0x7ffff5792a62 <PRIVATE0000000000579168+2>:    push   %r13
#    0x7ffff5792a64 <PRIVATE0000000000579168+4>:    push   %r14

I notice that the memory location of instructions e.g. 0x7ffff5792a60 is the same in different gdb debug sessions.

How is it possible? Is it a virtual memory address? Are we guaranteed to have the same memory address? Does it depend on how the application is compiled?

colinfang
  • 20,909
  • 19
  • 90
  • 173
  • Depending on your operating system, your program may be loaded to different addresses on each invocation. Some compilers may also do this for you, to prevent certain security attacks. – Clearer Jan 25 '18 at 13:47
  • Yes it's a virtual address. It's not guaranteed to be the same if you have ASLR/PIE. – Jester Jan 25 '18 at 13:47
  • didnt we just see this question almost verbatim recently? – old_timer Jan 25 '18 at 16:23

1 Answers1

2

I notice that the memory location of instructions e.g. 0x7ffff5792a60 is the same in different gdb debug sessions.

This is true because by default gdb disables randomization of the virtual address space. You can try to enable randomization with set disable-randomization off and likely your will see another instruction at address 0x7ffff5792a60. See documentation:

set disable-randomization on

This option (enabled by default in GDB) will turn off the native randomization of the virtual address space of the started program. This option is useful for multiple debugging sessions to make the execution better reproducible and memory addresses reusable across debugging sessions.

ks1322
  • 33,961
  • 14
  • 109
  • 164
  • Note that even with randomization enabled the addresses in the main executable will not be randomized, unless the executable is built with `-pie` flag (which some GCC versions add by default, while other versions don't). – Employed Russian Jan 26 '18 at 03:19