Question about Linux process memory layout
I am talking about Intel 32-bit platform. Linux kernel version 2.6.31-14.
#include <stdio.h>
#include <stdlib.h>
int init_global_var = 10; /* Initialized global variable */
int global_var; /* Uninitialized global variable */
static int init_static_var = 20; /* Initialized static variable in global scope */
static int static_var; /* Uninitialized static variable in global scope */
int main(int argc, char **argv, char **envp)
{
static int init_static_local_var = 30; /* Initialized static local variable */
static int static_local_var; /* Uninitialized static local variable */
int init_local_var = 40; /* Initialized local variable */
int local_va开发者_开发问答r; /* Uninitialized local variable */
char *dynamic_var = (char*)malloc(100); /* Dynamic variable */
printf("Address of initialized global variable: %p\n", &init_global_var);
printf("Address of uninitialized global variable: %p\n", &global_var);
printf("Address of initialized static variable in global scope: %p\n", &init_static_var);
printf("Address of uninitialized static variable in global scope: %p\n", &static_var);
printf("Address of initialized static variable in local scope: %p\n", &init_static_local_var);
printf("Address of uninitialized static variable in local scope: %p\n", &static_local_var);
printf("Address of initialized local variable: %p\n", &init_local_var);
printf("Address of uninitialized local variable: %p\n", &local_var);
printf("Address of function (code): %p\n", &main);
printf("Address of dynamic variable: %p\n", dynamic_var);
printf("Address of environment variable: %p\n", &envp[0]);
char* p=0x0;
printf("%s\n",p);
exit(0);
}
Output:
naman@naman-laptop ~> ./a.out
Address of initialized global variable: 0x804a020
Address of uninitialized global variable: 0x804a03c
Address of initialized static variable in global scope: 0x804a024
Address of uninitialized static variable in global scope: 0x804a034
Address of initialized static variable in local scope: 0x804a028
Address of uninitialized static variable in local scope: 0x804a038
Address of initialized local variable: 0xbfc11cbc
Address of uninitialized local variable: 0xbfc11cb8
Address of function (code): 0x8048484
Address of dynamic variable: 0x8223008
Address of environment variable: 0xbfc11d7c
fish: Job 1, “./a.out” terminated by signal SIGSEGV (Address boundary error)
In the above code, I have the following confusion.
Why does the code lie at 0x8048484 instead of somewhere near the start of virtual memory like, say, 0x00000400? As far as I know, the layout should be like this:
Low memory........................................HighMemory
Text Data BSS Heap.....................Stack Env
So,text should not lie so far down the memory. It should be close to the lower memory, shouldn't it?
Why does the code lie at 0x8048484
Because default load address (begin of ELF file will be loaded at this address) is 0x8000000 (or 0x8048000). This default is fixed in default linker (ld) script and can be changed via linker options.
Note, this is 0x08000000 or 0x08048000 (128 megabytes) and not a 0x80000000 (2 gigabytes).
Here is some discussion about this limit http://cboard.cprogramming.com/tech-board/101129-why-address-space-0-0x08000000-process-unused.html at forums and http://books.google.com/books?id=Id9cYsIdjIwC&pg=PA111&lpg=PA111&dq=linker+0x08000000 in books. Also http://lkml.org/lkml/2002/2/20/194 at lkml with good description:
"0x8048000 is the typical starting point for the text segment according to the System V Intel 386 ABI specification (http://stage.caldera.com/developer/devspecs/abi386-4.pdf)."
When is an a.out not an a.out? When it is actually an ELF. Try elfinfo --all a.out for details.
加载中,请稍侯......
精彩评论