为什么 __libc_start_main 的地址在 GDB 中总是相同的，即使 ASLR 是打开的？

Question

Breakpoint 1, 0x00007ffff7de8060 in __libc_start_main () from /usr/lib/libc.so.6
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/firstlove/projects/org-ioslide/example/a.out 

Breakpoint 1, 0x00007ffff7de8060 in __libc_start_main () from /usr/lib/libc.so.6
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/firstlove/projects/org-ioslide/example/a.out 

Breakpoint 1, 0x00007ffff7de8060 in __libc_start_main () from /usr/lib/libc.so.6
(gdb) Quit
(gdb) quit
A debugging session is active.

        Inferior 1 [process 16372] will be killed.

Quit anyway? (y or n) y
firstlove-pc% cat /proc/sys/kernel/randomize_va_space
2

IIUC，ASLR 应该随机化所有地址，包括 libc.so，但我发现 __libc_start_main() 的地址在我的 Linux 机器上总是 0x00007ffff7de8060 ，为什么？怎么了？

Answer 1

当您运行 gdb 中的程序时，gdb 会尝试通过禁用地址随机化来帮助您进行调试。您可以使用以下命令启用它（从程序的下一个运行开始生效）：

set disable-randomization off

为什么 __libc_start_main 的地址在 GDB 中总是相同的，即使 ASLR 是打开的？

Why is the address of __libc_start_main always the same inside GDB even though ASLR is on?

c

linux

gdb

libc

aslr