site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=4k1YpDDDEdF1UnXa9cs2TuFDTGOvGqUNY2ARKhxndDI=; b=ZpYtcZYzvP04q/jw4os6ZZpdVga8GN0UdduDRZUswq25z0k9oDwb/+yrzcVBwCRir5 XosowZF/sul2VzNb6B2qGAT1hnxvKpPwPz8hfZUbDWEBv6L3xSdaS2Be/grdLl7mBKay 7nhe6ouIXVETpr04hs54erRq0m6AOv/+7JyCc= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=ZV2EncaACTnqxe4JDDLrbzKk0SuR/09YvPjfWc9LNzyJ49DxnntcbeZdeVR/8yHX3A gs+k1yPMa8/nWJZ6uNsqSxWyKPKXdWDRoRUGwudchybN1S/KaOPhCQdrJ3GpeerVeCeT KN7y4OXWVQJBGx2AxT3ifqkq6fuRh6Y3qRQmI= Ed, On Jan 8, 2009, at 10:31 PM, Ed Wynne wrote: The page is 4096 bytes but the size of all commands is just 772. According to the text section, sectname __text segname __TEXT addr 0x00001fc8 size 0x00000035 offset 4040 0x1fc8 = 8136, 0x35 = 53. 4096 - 4040 = 56, our code size (0x35, 53) rounded to a multiple of 4. Load commands 2, 3, etc. go after the text section, e.g. 4096 below. Load command 2 cmd LC_SEGMENT cmdsize 124 segname __DATA vmaddr 0x00002000 vmsize 0x00001000 fileoff 4096 I ran the test on a few more executables with similar results. --- http://twitter.com/wagerlabs _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... It should not be intentionally towards the end of the page. If you look closer, you'll see that the mach-o header, as well as any additional space reserved for library names, comes before the code in the TEXT segment. My understanding is that the Mach-O header always goes at the beginning of the file. According to the docs, the load commands go into page #1. Mach header magic cputype cpusubtype caps filetype ncmds sizeofcmds flags 0xfeedface 7 3 0x00 2 11 772 0x00000085 8136 - 4096 (pagezero) = 4040, exactly our offset above. This is fine, we are on the 2nd page in memory, right after PAGEZERO. This proves that the linker places the first page of code towards the end of the page. Would you agree? This email sent to site_archiver@lists.apple.com