Why do the addresses in my assembler dump differ from the addresses of registers?

Question

I have a very basic program that I compiled with

gcc -m32 -g -o hello32.out hello.c

When I run disassemble main in gdb I get the following

Answer 1

Your GCC makes PIE executables by default, so there is no fixed base address in the file (and disassembly shows it relative to 0, i.e. offsets rather than absolute addresses).

Once the kernel's ELF program loader has created a running process from the executable (and chosen a virtual address as the base), GDB can show you the actual runtime virtual addresses.

Build with -fno-pie -no-pie to get position-dependent executables where the runtime address is known from the executable metadata. (You should definitely prefer -fno-pie for i386 code: without RIP-relative addressing the extra performance / code-size cost of position-independent code is significantly worse than for x86-64.)

---

Related: 32-bit absolute addresses no longer allowed in x86-64 Linux? for more about PIE (both 32-bit and 64-bit x86, and in general.)

GDB - Address of breakpoint is similar to this but not exactly a duplicate.