Ubuntu 16.10在运行时随机化函数地址

本文介绍了Ubuntu 16.10在运行时随机化函数地址的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在使用-finstrument-functions来分析函数的入口和出口。在函数进入和退出时，我打印输入或退出函数的地址（参数func），然后使用nm将地址解析为符号名称转换。升级到Ubuntu 16.10后，我意识到func参数的地址总是很高，所有函数都用于接近过程地址空间的开始，正如文本部分的预期一样。我查看了/ proc / PID / maps，文本部分现在实际上是从更高的地址开始的，这很奇怪，因为它们与nm显示的范围完全不同，所以直接翻译不再有效。不仅地址高得多，而且它们也是随机的。而这一点，我很难理解：出于安全原因，我理解随机化可写部分的地址，但文本部分不可写。在任何情况下，我的问题是关于文本部分的地址空间：任何想法在Ubuntu 16.10上发生了什么，以及如何禁用此行为？

I was using -finstrument-functions to profile function entry and exit. On function entry and exit, I print the address of the function entered or exited (parameter func) and then use nm to resolve address to symbol name translation. After upgrading to Ubuntu 16.10, I realized that the addresses of the func parameter are always very high; all functions used to be close to the begining of the address space of the process, as expected for the text section. I looked at /proc/PID/maps, the text section now actually starts at a higher address, which is weird because they're in a completely different range than whatever nm shows, so a direct translation doesn't work anymore. Not only are the addresses much higher, but they're also randomized. And this, I have difficulty understanding: I understand randomizing the address of writable sections for security reasons, but the text section is not writable. In any case, my question is regarding the address space of the text section: any idea what happened to yet on Ubuntu 16.10, and how can I disable this behavior?

编辑：事实证明，Canonical通过默认位置独立可执行支持添加到GCC。

It turns out Canonical added to GCC by default position independent executable support. I'm still searching for how to disable this.

谢谢。

the

Ubuntu 16.10在运行时随机化函数地址

问题描述

推荐答案