为什么 Linux/gnu 链接器选择地址 0x400000? [英] Why Linux/gnu linker chose address 0x400000?

问题描述

我正在 Linux x86_64 上试验 ELF 可执行文件和 gnu 工具链:

I'm experimenting with ELF executables and the gnu toolchain on Linux x86_64:

我已经链接并(手动)剥离了一个Hello World"测试:

I've linked and stripped (by hand) a "Hello World" test.s:

        .global _start
        .text
_start:
        mov     $1, %rax
        ...

转换为 267 字节的 ELF64 可执行文件...

into a 267 byte ELF64 executable...

0000000: 7f45 4c46 0201 0100 0000 0000 0000 0000  .ELF............
0000010: 0200 3e00 0100 0000 d400 4000 0000 0000  ..>.......@.....
0000020: 4000 0000 0000 0000 0000 0000 0000 0000  @...............
0000030: 0000 0000 4000 3800 0100 4000 0000 0000  ....@.8...@.....
0000040: 0100 0000 0500 0000 0000 0000 0000 0000  ................
0000050: 0000 4000 0000 0000 0000 4000 0000 0000  ..@.......@.....
0000060: 0b01 0000 0000 0000 0b01 0000 0000 0000  ................
0000070: 0000 2000 0000 0000 0000 0000 0000 0000  .. .............
0000080: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000090: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000a0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000b0: 0400 0000 1400 0000 0300 0000 474e 5500  ............GNU.
00000c0: c3b0 cbbd 0abf a73c 26ef e960 fc64 4026  .......<&..`.d@&
00000d0: e242 8bc7 48c7 c001 0000 0048 c7c7 0100  .B..H......H....
00000e0: 0000 48c7 c6fe 0040 0048 c7c2 0d00 0000  ..H....@.H......
00000f0: 0f05 48c7 c03c 0000 0048 31ff 0f05 4865  ..H..<...H1...He
0000100: 6c6c 6f2c 2057 6f72 6c64 0a              llo, World.

它有一个程序头(LOAD)，没有节:

It has one program header (LOAD) and no sections:

There are 1 program headers, starting at offset 64

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  LOAD           0x0000000000000000 0x0000000000400000 0x0000000000400000
                 0x000000000000010b 0x000000000000010b  R E    200000

这似乎在地址 0x400000 处加载了整个文件(文件偏移量 0 到 0x10b - elf 标头和所有文件).

This seems to load the entire file (file offset 0 thru 0x10b - elf header and all) at address 0x400000.

入口点是:

 Entry point address:               0x4000d4

它对应文件中的 0xd4 偏移量，我们可以看到该地址是机器码的开始 (mov $1, %rax1)

Which corresponds to 0xd4 offset in the file, and as we can see that address is the start of the machine code (mov $1, %rax1)

我的问题是 gnu 链接器为什么(如何)选择地址 0x400000 将文件映射到?

My question is why (how) did the gnu linker choose address 0x400000 to map the file to?

推荐答案

起始地址通常由链接描述文件设置.

The start address is usually set by a linker script.

例如，在 GNU/Linux 上，查看 /usr/lib/ldscripts/elf_x86_64.x 我们看到:

For example, on GNU/Linux, looking at /usr/lib/ldscripts/elf_x86_64.x we see:

...
PROVIDE (__executable_start = SEGMENT_START("text-segment", 0x400000)); 
    . = SEGMENT_START("text-segment", 0x400000) + SIZEOF_HEADERS;

值 0x400000 是此平台上 SEGMENT_START() 函数的默认值.

The value 0x400000 is the default value for the SEGMENT_START() function on this platform.

您可以通过浏览链接器手册找到有关链接器脚本的更多信息:

You can find out more about linker scripts by browsing the linker manual:

% info ld Scripts

这篇关于为什么 Linux/gnu 链接器选择地址 0x400000?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！