[lldb-dev] ASLR disabled by default - thoughts?

Chandler Carruth chandlerc at google.com
Thu Aug 14 17:34:15 PDT 2014

On Thu, Aug 14, 2014 at 7:29 AM, Todd Fiala <tfiala at google.com> wrote:

> Hey all,
> Regarding this bug:
> http://llvm.org/bugs/show_bug.cgi?id=20658
> We've been discussing the idea of having ASLR disabled by default when
> launching processes within lldb.  Currently it looks like the default
> behavior is to have it enabled, and require explicitly disabling to get
> that behavior for the process.
> It seems like it might make more sense to have it disabled by default -
> that way code references would likely be static across debugger runs, which
> seems to be more what we want when tracking down issues across code runs.
> Any thoughts on this?

My strong preference: disable ASLR by default.

1) It matches the behavior of most debuggers today.
2) There are not many options when a bug vanishes under the debugger: ASLR,
threading interactions, or ptrace behavior changes (or equivalent on any
other platform). I don't think this is hard for someone to realize.

Also, please fix the spelling of the flag here. '--disable-aslr=False'
would be... a really terrible interface. ;]

> The counterargument I could make for changing it would be (aside from
> legacy compatibility issues perhaps on the MacOSX/iOS side) - taking the
> exe out of its native state on the OS.  If a bug is ASLR sensitive, the
> user might miss it.  And so behavior in the debugger could differ from the
> exe in its native state.  Not sure how relevant that is for the majority of
> usages, though.

I think this is both rare and easy to diagnose as indicated above.

> I'll be fixing the fact that Linux is ignoring this altogether.  But while
> I'm in there, I could flip the default if we wanted to do it.  If not
> globally, we'd probably pursue defaulting it on Linux (and Ed seems to like
> it for FreeBSD as well, so maybe for not Apple in that case?)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-dev/attachments/20140814/084fd414/attachment.html>

More information about the lldb-dev mailing list