概念

程序(program)是存放在磁盘中的可执行文件,在 Linux 中,二进制可执行文件的标准格式叫做 ELF(Executable and Linkable Format)。从名字可以看出,它同时兼容可执行文件和可链接文件。

测试源码

elfdemo.c

#include <stdio.h>
#include <stdlib.h>

static char static_data[16] = "I'm Static Data";
static char raw_static_data[40960];
static const char const_data[16] = "I'm Const Data";

int main(int args, char **argv)
{
	printf("Message In Main\n");

	return 0;
}

编译

gcc -o elfdemo.out elfdemo.c -no-pie

文件内容

liyongjun@Box20:~/project/c/study/tmp$ ls -l elfdemo.out 
-rwxrwxr-x 1 liyongjun liyongjun 16744 10月 30 15:35 elfdemo.out
liyongjun@Box20:~/project/c/study/tmp$ readelf -h elfdemo.out 
ELF 头:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  类别:                              ELF64
  数据:                              2 补码,小端序 (little endian)
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI 版本:                          0
  类型:                              EXEC (可执行文件)
  系统架构:                          Advanced Micro Devices X86-64
  版本:                              0x1
  入口点地址:               0x401050
  程序头起点:          64 (bytes into file)
  Start of section headers:          14760 (bytes into file)
  标志:             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         13
  Size of section headers:           64 (bytes)
  Number of section headers:         31
  Section header string table index: 30

  • 可执行文件的大小是 16744 字节

  • 文件格式是 64 位的 Linux 标准可执行文件(ELF 64-bit LSB executable),目标平台是 x86-64

  • 程序的入口地址是 0x401050

  1. 该文件的 ELF 头的大小是 64 字节

  2. 文件中有 13 个 Program Header,每个 Program Header 的长度是 56 字节,信息存放在从文件头算起 64 字节的位置(程序头起点)

  3. 另外还有 31 个 Section Header,每个 Section Header 的大小是 64 字节,信息存放在从文件头算起 14760 字节的位置

根据这些信息,就可以依次定位到每个 Header,再根据 Header 中对每个段的描述,便可解析出文件内容。

  1. 64 字节 ELF 文件头
  2. 56 * 13 字节 程序头
  3. 31 节区
  4. 64 * 31 字节 节区头
  5. = 16744 字节

整体结构

elf文件结构

程序头

liyongjun@Box20:~/project/c/study/tmp$ readelf -l elfdemo.out 

Elf 文件类型为 EXEC (可执行文件)
Entry point 0x401050
There are 13 program headers, starting at offset 64

程序头:
     Type           Offset             VirtAddr           PhysAddr              FileSiz            MemSiz              Flags  Align
  00 PHDR           0x0000000000000040 0x0000000000400040 0x0000000000400040 	0x00000000000002d8 0x00000000000002d8  R      0x8
  01 INTERP         0x0000000000000318 0x0000000000400318 0x0000000000400318 	0x000000000000001c 0x000000000000001c  R      0x1
      [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
  02 LOAD           0x0000000000000000 0x0000000000400000 0x0000000000400000 	0x00000000000004d0 0x00000000000004d0  R      0x1000
  03 LOAD           0x0000000000001000 0x0000000000401000 0x0000000000401000 	0x00000000000001e5 0x00000000000001e5  R E    0x1000
  04 LOAD           0x0000000000002000 0x0000000000402000 0x0000000000402000 	0x0000000000000178 0x0000000000000178  R      0x1000
  05 LOAD           0x0000000000002e10 0x0000000000403e10 0x0000000000403e10 	0x0000000000000230 0x000000000000a250  RW     0x1000
  06 DYNAMIC        0x0000000000002e20 0x0000000000403e20 0x0000000000403e20 	0x00000000000001d0 0x00000000000001d0  RW     0x8
  07 NOTE           0x0000000000000338 0x0000000000400338 0x0000000000400338 	0x0000000000000020 0x0000000000000020  R      0x8
  08 NOTE           0x0000000000000358 0x0000000000400358 0x0000000000400358 	0x0000000000000044 0x0000000000000044  R      0x4
  09 GNU_PROPERTY   0x0000000000000338 0x0000000000400338 0x0000000000400338 	0x0000000000000020 0x0000000000000020  R      0x8
  10 GNU_EH_FRAME   0x0000000000002030 0x0000000000402030 0x0000000000402030 	0x0000000000000044 0x0000000000000044  R      0x4
  11 GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000 	0x0000000000000000 0x0000000000000000  RW     0x10
  12 GNU_RELRO      0x0000000000002e10 0x0000000000403e10 0x0000000000403e10 	0x00000000000001f0 0x00000000000001f0  R      0x1

 Section to Segment mapping:
  段节...
   00     
   01     .interp 
   02     .interp .note.gnu.property .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 
   03     .init .plt .plt.sec .text .fini 
   04     .rodata .eh_frame_hdr .eh_frame 
   05     .init_array .fini_array .dynamic .got .got.plt .data .bss 
   06     .dynamic 
   07     .note.gnu.property 
   08     .note.gnu.build-id .note.ABI-tag 
   09     .note.gnu.property 
   10     .eh_frame_hdr 
   11     
   12     .init_array .fini_array .dynamic .got 

节头

liyongjun@Box20:~/project/c/study/tmp$ readelf -S elfdemo.out 
There are 31 section headers, starting at offset 0x39a8:

节头:
  [号] 名称              类型             地址              偏移量		大小              全体大小          旗标   链接   信息   对齐
  [ 0]                   NULL             0000000000000000  00000000 	0000000000000000  0000000000000000           0     0     0
  [ 1] .interp           PROGBITS         0000000000400318  00000318 	000000000000001c  0000000000000000   A       0     0     1
  [ 2] .note.gnu.propert NOTE             0000000000400338  00000338 	0000000000000020  0000000000000000   A       0     0     8
  [ 3] .note.gnu.build-i NOTE             0000000000400358  00000358 	0000000000000024  0000000000000000   A       0     0     4
  [ 4] .note.ABI-tag     NOTE             000000000040037c  0000037c 	0000000000000020  0000000000000000   A       0     0     4
  [ 5] .gnu.hash         GNU_HASH         00000000004003a0  000003a0 	000000000000001c  0000000000000000   A       6     0     8
  [ 6] .dynsym           DYNSYM           00000000004003c0  000003c0 	0000000000000060  0000000000000018   A       7     1     8
  [ 7] .dynstr           STRTAB           0000000000400420  00000420 	000000000000003d  0000000000000000   A       0     0     1
  [ 8] .gnu.version      VERSYM           000000000040045e  0000045e 	0000000000000008  0000000000000002   A       6     0     2
  [ 9] .gnu.version_r    VERNEED          0000000000400468  00000468 	0000000000000020  0000000000000000   A       7     1     8
  [10] .rela.dyn         RELA             0000000000400488  00000488 	0000000000000030  0000000000000018   A       6     0     8
  [11] .rela.plt         RELA             00000000004004b8  000004b8 	0000000000000018  0000000000000018  AI       6    24     8
  [12] .init             PROGBITS         0000000000401000  00001000 	000000000000001b  0000000000000000  AX       0     0     4
  [13] .plt              PROGBITS         0000000000401020  00001020 	0000000000000020  0000000000000010  AX       0     0     16
  [14] .plt.sec          PROGBITS         0000000000401040  00001040 	0000000000000010  0000000000000010  AX       0     0     16
  [15] .text             PROGBITS         0000000000401050  00001050 	0000000000000185  0000000000000000  AX       0     0     16
  [16] .fini             PROGBITS         00000000004011d8  000011d8 	000000000000000d  0000000000000000  AX       0     0     4
  [17] .rodata           PROGBITS         0000000000402000  00002000 	0000000000000030  0000000000000000   A       0     0     16
  [18] .eh_frame_hdr     PROGBITS         0000000000402030  00002030 	0000000000000044  0000000000000000   A       0     0     4
  [19] .eh_frame         PROGBITS         0000000000402078  00002078 	0000000000000100  0000000000000000   A       0     0     8
  [20] .init_array       INIT_ARRAY       0000000000403e10  00002e10 	0000000000000008  0000000000000008  WA       0     0     8
  [21] .fini_array       FINI_ARRAY       0000000000403e18  00002e18 	0000000000000008  0000000000000008  WA       0     0     8
  [22] .dynamic          DYNAMIC          0000000000403e20  00002e20 	00000000000001d0  0000000000000010  WA       7     0     8
  [23] .got              PROGBITS         0000000000403ff0  00002ff0 	0000000000000010  0000000000000008  WA       0     0     8
  [24] .got.plt          PROGBITS         0000000000404000  00003000 	0000000000000020  0000000000000008  WA       0     0     8
  [25] .data             PROGBITS         0000000000404020  00003020 	0000000000000020  0000000000000000  WA       0     0     16
  [26] .bss              NOBITS           0000000000404040  00003040 	000000000000a020  0000000000000000  WA       0     0     32
  [27] .comment          PROGBITS         0000000000000000  00003040 	000000000000002a  0000000000000001  MS       0     0     1
  [28] .symtab           SYMTAB           0000000000000000  00003070 	0000000000000630  0000000000000018          29    48     8
  [29] .strtab           STRTAB           0000000000000000  000036a0 	00000000000001e6  0000000000000000           0     0     1
  [30] .shstrtab         STRTAB           0000000000000000  00003886 	000000000000011f  0000000000000000           0     0     1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
  L (link order), O (extra OS processing required), G (group), T (TLS),
  C (compressed), x (unknown), o (OS specific), E (exclude),
  l (large), p (processor specific)

文件头 + 程序头 + 节区 + 节区头

liyongjun@Box20:~/project/c/study/tmp$ hexdump -C elfdemo.out 
/* ------------------------------ ELF 文件头 begin -------------------------- */
00000000  7f 45 4c 46 02 01 01 00  00 00 00 00 00 00 00 00  |.ELF............|
00000010  02 00 3e 00 01 00 00 00  50 10 40 00 00 00 00 00  |..>.....P.@.....|
00000020  40 00 00 00 00 00 00 00  a8 39 00 00 00 00 00 00  |@........9......|
00000030  00 00 00 00 40 00 38 00  0d 00 40 00 1f 00 1e 00  |....@.8...@.....|
/* -------------------------------- 程序头 1 -------------------------------- */
00000040  06 00 00 00 04 00 00 00  40 00 00 00 00 00 00 00  |........@.......|
00000050  40 00 40 00 00 00 00 00  40 00 40 00 00 00 00 00  |@.@.....@.@.....|
00000060  d8 02 00 00 00 00 00 00  d8 02 00 00 00 00 00 00  |................|
00000070  08 00 00 00 00 00 00 00  
/* -------------------------------- 程序头 2 -------------------------------- */
                                   03 00 00 00 04 00 00 00  |................|
00000080  18 03 00 00 00 00 00 00  18 03 40 00 00 00 00 00  |..........@.....|
00000090  18 03 40 00 00 00 00 00  1c 00 00 00 00 00 00 00  |..@.............|
000000a0  1c 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
/* -------------------------------- 程序头 3 -------------------------------- */
000000b0  01 00 00 00 04 00 00 00  00 00 00 00 00 00 00 00  |................|
000000c0  00 00 40 00 00 00 00 00  00 00 40 00 00 00 00 00  |..@.......@.....|
000000d0  d0 04 00 00 00 00 00 00  d0 04 00 00 00 00 00 00  |................|
000000e0  00 10 00 00 00 00 00 00  
/* -------------------------------- 程序头 4 -------------------------------- */
                                   01 00 00 00 05 00 00 00  |................|
000000f0  00 10 00 00 00 00 00 00  00 10 40 00 00 00 00 00  |..........@.....|
00000100  00 10 40 00 00 00 00 00  e5 01 00 00 00 00 00 00  |..@.............|
00000110  e5 01 00 00 00 00 00 00  00 10 00 00 00 00 00 00  |................|
/* -------------------------------- 程序头 5 -------------------------------- */
00000120  01 00 00 00 04 00 00 00  00 20 00 00 00 00 00 00  |......... ......|
00000130  00 20 40 00 00 00 00 00  00 20 40 00 00 00 00 00  |. @...... @.....|
00000140  78 01 00 00 00 00 00 00  78 01 00 00 00 00 00 00  |x.......x.......|
00000150  00 10 00 00 00 00 00 00  
/* -------------------------------- 程序头 6 -------------------------------- */
                                   01 00 00 00 06 00 00 00  |................|
00000160  10 2e 00 00 00 00 00 00  10 3e 40 00 00 00 00 00  |.........>@.....|
00000170  10 3e 40 00 00 00 00 00  30 02 00 00 00 00 00 00  |.>@.....0.......|
00000180  50 a2 00 00 00 00 00 00  00 10 00 00 00 00 00 00  |P...............|
/* -------------------------------- 程序头 7 -------------------------------- */
00000190  02 00 00 00 06 00 00 00  20 2e 00 00 00 00 00 00  |........ .......|
000001a0  20 3e 40 00 00 00 00 00  20 3e 40 00 00 00 00 00  | >@..... >@.....|
000001b0  d0 01 00 00 00 00 00 00  d0 01 00 00 00 00 00 00  |................|
000001c0  08 00 00 00 00 00 00 00  
/* -------------------------------- 程序头 8 -------------------------------- */
                                   04 00 00 00 04 00 00 00  |................|
000001d0  38 03 00 00 00 00 00 00  38 03 40 00 00 00 00 00  |8.......8.@.....|
000001e0  38 03 40 00 00 00 00 00  20 00 00 00 00 00 00 00  |8.@..... .......|
000001f0  20 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  | ...............|
/* -------------------------------- 程序头 9 -------------------------------- */
00000200  04 00 00 00 04 00 00 00  58 03 00 00 00 00 00 00  |........X.......|
00000210  58 03 40 00 00 00 00 00  58 03 40 00 00 00 00 00  |X.@.....X.@.....|
00000220  44 00 00 00 00 00 00 00  44 00 00 00 00 00 00 00  |D.......D.......|
00000230  04 00 00 00 00 00 00 00  
/* -------------------------------- 程序头 10 -------------------------------- */
                                   53 e5 74 64 04 00 00 00  |........S.td....|
00000240  38 03 00 00 00 00 00 00  38 03 40 00 00 00 00 00  |8.......8.@.....|
00000250  38 03 40 00 00 00 00 00  20 00 00 00 00 00 00 00  |8.@..... .......|
00000260  20 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  | ...............|
/* -------------------------------- 程序头 11 -------------------------------- */
00000270  50 e5 74 64 04 00 00 00  30 20 00 00 00 00 00 00  |P.td....0 ......|
00000280  30 20 40 00 00 00 00 00  30 20 40 00 00 00 00 00  |0 @.....0 @.....|
00000290  44 00 00 00 00 00 00 00  44 00 00 00 00 00 00 00  |D.......D.......|
000002a0  04 00 00 00 00 00 00 00  
/* -------------------------------- 程序头 12 -------------------------------- */
                                   51 e5 74 64 06 00 00 00  |........Q.td....|
000002b0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000002d0  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
/* -------------------------------- 程序头 13 -------------------------------- */
000002e0  52 e5 74 64 04 00 00 00  10 2e 00 00 00 00 00 00  |R.td............|
000002f0  10 3e 40 00 00 00 00 00  10 3e 40 00 00 00 00 00  |.>@......>@.....|
00000300  f0 01 00 00 00 00 00 00  f0 01 00 00 00 00 00 00  |................|
00000310  01 00 00 00 00 00 00 00  
/* --------- 节区 1~31,.interp~.shstrtab 0x318~0x3886 + 0x11f = 0x39a5 --------- */
                                   2f 6c 69 62 36 34 2f 6c  |......../lib64/l|
00000320  64 2d 6c 69 6e 75 78 2d  78 38 36 2d 36 34 2e 73  |d-linux-x86-64.s|
00000330  6f 2e 32 00 00 00 00 00  04 00 00 00 10 00 00 00  |o.2.............|
00000340  05 00 00 00 47 4e 55 00  02 00 00 c0 04 00 00 00  |....GNU.........|
00000350  03 00 00 00 00 00 00 00  04 00 00 00 14 00 00 00  |................|
00000360  03 00 00 00 47 4e 55 00  d3 10 74 c2 34 65 f8 75  |....GNU...t.4e.u|
00000370  f6 d1 88 ce a1 93 a3 c6  6b bb 04 9c 04 00 00 00  |........k.......|
00000380  10 00 00 00 01 00 00 00  47 4e 55 00 00 00 00 00  |........GNU.....|
00000390  03 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00  |................|
000003a0  01 00 00 00 01 00 00 00  01 00 00 00 00 00 00 00  |................|
000003b0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000003d0  00 00 00 00 00 00 00 00  0b 00 00 00 12 00 00 00  |................|
000003e0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000003f0  10 00 00 00 12 00 00 00  00 00 00 00 00 00 00 00  |................|
00000400  00 00 00 00 00 00 00 00  2e 00 00 00 20 00 00 00  |............ ...|
00000410  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000420  00 6c 69 62 63 2e 73 6f  2e 36 00 70 75 74 73 00  |.libc.so.6.puts.|
00000430  5f 5f 6c 69 62 63 5f 73  74 61 72 74 5f 6d 61 69  |__libc_start_mai|
00000440  6e 00 47 4c 49 42 43 5f  32 2e 32 2e 35 00 5f 5f  |n.GLIBC_2.2.5.__|
00000450  67 6d 6f 6e 5f 73 74 61  72 74 5f 5f 00 00 00 00  |gmon_start__....|
00000460  02 00 02 00 00 00 00 00  01 00 01 00 01 00 00 00  |................|
00000470  10 00 00 00 00 00 00 00  75 1a 69 09 00 00 02 00  |........u.i.....|
00000480  22 00 00 00 00 00 00 00  f0 3f 40 00 00 00 00 00  |"........?@.....|
00000490  06 00 00 00 02 00 00 00  00 00 00 00 00 00 00 00  |................|
000004a0  f8 3f 40 00 00 00 00 00  06 00 00 00 03 00 00 00  |.?@.............|
000004b0  00 00 00 00 00 00 00 00  18 40 40 00 00 00 00 00  |.........@@.....|
000004c0  07 00 00 00 01 00 00 00  00 00 00 00 00 00 00 00  |................|
000004d0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00001000  f3 0f 1e fa 48 83 ec 08  48 8b 05 e9 2f 00 00 48  |....H...H.../..H|
00001010  85 c0 74 02 ff d0 48 83  c4 08 c3 00 00 00 00 00  |..t...H.........|
00001020  ff 35 e2 2f 00 00 f2 ff  25 e3 2f 00 00 0f 1f 00  |.5./....%./.....|
00001030  f3 0f 1e fa 68 00 00 00  00 f2 e9 e1 ff ff ff 90  |....h...........|
00001040  f3 0f 1e fa f2 ff 25 cd  2f 00 00 0f 1f 44 00 00  |......%./....D..|
00001050  f3 0f 1e fa 31 ed 49 89  d1 5e 48 89 e2 48 83 e4  |....1.I..^H..H..|
00001060  f0 50 54 49 c7 c0 d0 11  40 00 48 c7 c1 60 11 40  |.PTI....@.H..`.@|
00001070  00 48 c7 c7 36 11 40 00  ff 15 72 2f 00 00 f4 90  |.H..6.@...r/....|
00001080  f3 0f 1e fa c3 66 2e 0f  1f 84 00 00 00 00 00 90  |.....f..........|
00001090  b8 40 40 40 00 48 3d 40  40 40 00 74 13 b8 00 00  |.@@@.H=@@@.t....|
000010a0  00 00 48 85 c0 74 09 bf  40 40 40 00 ff e0 66 90  |..H..t..@@@...f.|
000010b0  c3 66 66 2e 0f 1f 84 00  00 00 00 00 0f 1f 40 00  |.ff...........@.|
000010c0  be 40 40 40 00 48 81 ee  40 40 40 00 48 89 f0 48  |.@@@.H..@@@.H..H|
000010d0  c1 ee 3f 48 c1 f8 03 48  01 c6 48 d1 fe 74 11 b8  |..?H...H..H..t..|
000010e0  00 00 00 00 48 85 c0 74  07 bf 40 40 40 00 ff e0  |....H..t..@@@...|
000010f0  c3 66 66 2e 0f 1f 84 00  00 00 00 00 0f 1f 40 00  |.ff...........@.|
00001100  f3 0f 1e fa 80 3d 35 2f  00 00 00 75 13 55 48 89  |.....=5/...u.UH.|
00001110  e5 e8 7a ff ff ff c6 05  23 2f 00 00 01 5d c3 90  |..z.....#/...]..|
00001120  c3 66 66 2e 0f 1f 84 00  00 00 00 00 0f 1f 40 00  |.ff...........@.|
00001130  f3 0f 1e fa eb 8a f3 0f  1e fa 55 48 89 e5 48 83  |..........UH..H.|
00001140  ec 10 89 7d fc 48 89 75  f0 48 8d 3d d0 0e 00 00  |...}.H.u.H.=....|
00001150  e8 eb fe ff ff b8 00 00  00 00 c9 c3 0f 1f 40 00  |..............@.|
00001160  f3 0f 1e fa 41 57 4c 8d  3d a3 2c 00 00 41 56 49  |....AWL.=.,..AVI|
00001170  89 d6 41 55 49 89 f5 41  54 41 89 fc 55 48 8d 2d  |..AUI..ATA..UH.-|
00001180  94 2c 00 00 53 4c 29 fd  48 83 ec 08 e8 6f fe ff  |.,..SL).H....o..|
00001190  ff 48 c1 fd 03 74 1f 31  db 0f 1f 80 00 00 00 00  |.H...t.1........|
000011a0  4c 89 f2 4c 89 ee 44 89  e7 41 ff 14 df 48 83 c3  |L..L..D..A...H..|
000011b0  01 48 39 dd 75 ea 48 83  c4 08 5b 5d 41 5c 41 5d  |.H9.u.H...[]A\A]|
000011c0  41 5e 41 5f c3 66 66 2e  0f 1f 84 00 00 00 00 00  |A^A_.ff.........|
000011d0  f3 0f 1e fa c3 00 00 00  f3 0f 1e fa 48 83 ec 08  |............H...|
000011e0  48 83 c4 08 c3 00 00 00  00 00 00 00 00 00 00 00  |H...............|
000011f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00002000  01 00 02 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00002010  49 27 6d 20 43 6f 6e 73  74 20 44 61 74 61 00 00  |I'm Const Data..|
00002020  4d 65 73 73 61 67 65 20  49 6e 20 4d 61 69 6e 00  |Message In Main.|
00002030  01 1b 03 3b 44 00 00 00  07 00 00 00 f0 ef ff ff  |...;D...........|
00002040  88 00 00 00 10 f0 ff ff  b0 00 00 00 20 f0 ff ff  |............ ...|
00002050  60 00 00 00 50 f0 ff ff  74 00 00 00 06 f1 ff ff  |`...P...t.......|
00002060  c8 00 00 00 30 f1 ff ff  e8 00 00 00 a0 f1 ff ff  |....0...........|
00002070  30 01 00 00 00 00 00 00  14 00 00 00 00 00 00 00  |0...............|
00002080  01 7a 52 00 01 78 10 01  1b 0c 07 08 90 01 00 00  |.zR..x..........|
00002090  10 00 00 00 1c 00 00 00  b8 ef ff ff 2f 00 00 00  |............/...|
000020a0  00 44 07 10 10 00 00 00  30 00 00 00 d4 ef ff ff  |.D......0.......|
000020b0  05 00 00 00 00 00 00 00  24 00 00 00 44 00 00 00  |........$...D...|
000020c0  60 ef ff ff 20 00 00 00  00 0e 10 46 0e 18 4a 0f  |`... ......F..J.|
000020d0  0b 77 08 80 00 3f 1a 3a  2a 33 24 22 00 00 00 00  |.w...?.:*3$"....|
000020e0  14 00 00 00 6c 00 00 00  58 ef ff ff 10 00 00 00  |....l...X.......|
000020f0  00 00 00 00 00 00 00 00  1c 00 00 00 84 00 00 00  |................|
00002100  36 f0 ff ff 26 00 00 00  00 45 0e 10 86 02 43 0d  |6...&....E....C.|
00002110  06 5d 0c 07 08 00 00 00  44 00 00 00 a4 00 00 00  |.]......D.......|
00002120  40 f0 ff ff 65 00 00 00  00 46 0e 10 8f 02 49 0e  |@...e....F....I.|
00002130  18 8e 03 45 0e 20 8d 04  45 0e 28 8c 05 44 0e 30  |...E. ..E.(..D.0|
00002140  86 06 48 0e 38 83 07 47  0e 40 6e 0e 38 41 0e 30  |..H.8..G.@n.8A.0|
00002150  41 0e 28 42 0e 20 42 0e  18 42 0e 10 42 0e 08 00  |A.(B. B..B..B...|
00002160  10 00 00 00 ec 00 00 00  68 f0 ff ff 05 00 00 00  |........h.......|
00002170  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00002e10  30 11 40 00 00 00 00 00  00 11 40 00 00 00 00 00  |0.@.......@.....|
00002e20  01 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
00002e30  0c 00 00 00 00 00 00 00  00 10 40 00 00 00 00 00  |..........@.....|
00002e40  0d 00 00 00 00 00 00 00  d8 11 40 00 00 00 00 00  |..........@.....|
00002e50  19 00 00 00 00 00 00 00  10 3e 40 00 00 00 00 00  |.........>@.....|
00002e60  1b 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00002e70  1a 00 00 00 00 00 00 00  18 3e 40 00 00 00 00 00  |.........>@.....|
00002e80  1c 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00002e90  f5 fe ff 6f 00 00 00 00  a0 03 40 00 00 00 00 00  |...o......@.....|
00002ea0  05 00 00 00 00 00 00 00  20 04 40 00 00 00 00 00  |........ .@.....|
00002eb0  06 00 00 00 00 00 00 00  c0 03 40 00 00 00 00 00  |..........@.....|
00002ec0  0a 00 00 00 00 00 00 00  3d 00 00 00 00 00 00 00  |........=.......|
00002ed0  0b 00 00 00 00 00 00 00  18 00 00 00 00 00 00 00  |................|
00002ee0  15 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00002ef0  03 00 00 00 00 00 00 00  00 40 40 00 00 00 00 00  |.........@@.....|
00002f00  02 00 00 00 00 00 00 00  18 00 00 00 00 00 00 00  |................|
00002f10  14 00 00 00 00 00 00 00  07 00 00 00 00 00 00 00  |................|
00002f20  17 00 00 00 00 00 00 00  b8 04 40 00 00 00 00 00  |..........@.....|
00002f30  07 00 00 00 00 00 00 00  88 04 40 00 00 00 00 00  |..........@.....|
00002f40  08 00 00 00 00 00 00 00  30 00 00 00 00 00 00 00  |........0.......|
00002f50  09 00 00 00 00 00 00 00  18 00 00 00 00 00 00 00  |................|
00002f60  fe ff ff 6f 00 00 00 00  68 04 40 00 00 00 00 00  |...o....h.@.....|
00002f70  ff ff ff 6f 00 00 00 00  01 00 00 00 00 00 00 00  |...o............|
00002f80  f0 ff ff 6f 00 00 00 00  5e 04 40 00 00 00 00 00  |...o....^.@.....|
00002f90  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00003000  20 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  | >@.............|
00003010  00 00 00 00 00 00 00 00  30 10 40 00 00 00 00 00  |........0.@.....|
00003020  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00003030  49 27 6d 20 53 74 61 74  69 63 20 44 61 74 61 00  |I'm Static Data.|
00003040  47 43 43 3a 20 28 55 62  75 6e 74 75 20 39 2e 33  |GCC: (Ubuntu 9.3|
00003050  2e 30 2d 31 37 75 62 75  6e 74 75 31 7e 32 30 2e  |.0-17ubuntu1~20.|
00003060  30 34 29 20 39 2e 33 2e  30 00 00 00 00 00 00 00  |04) 9.3.0.......|
00003070  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00003080  00 00 00 00 00 00 00 00  00 00 00 00 03 00 01 00  |................|
00003090  18 03 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
000030a0  00 00 00 00 03 00 02 00  38 03 40 00 00 00 00 00  |........8.@.....|
000030b0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 03 00  |................|
000030c0  58 03 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |X.@.............|
000030d0  00 00 00 00 03 00 04 00  7c 03 40 00 00 00 00 00  |........|.@.....|
000030e0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 05 00  |................|
000030f0  a0 03 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
00003100  00 00 00 00 03 00 06 00  c0 03 40 00 00 00 00 00  |..........@.....|
00003110  00 00 00 00 00 00 00 00  00 00 00 00 03 00 07 00  |................|
00003120  20 04 40 00 00 00 00 00  00 00 00 00 00 00 00 00  | .@.............|
00003130  00 00 00 00 03 00 08 00  5e 04 40 00 00 00 00 00  |........^.@.....|
00003140  00 00 00 00 00 00 00 00  00 00 00 00 03 00 09 00  |................|
00003150  68 04 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |h.@.............|
00003160  00 00 00 00 03 00 0a 00  88 04 40 00 00 00 00 00  |..........@.....|
00003170  00 00 00 00 00 00 00 00  00 00 00 00 03 00 0b 00  |................|
00003180  b8 04 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
00003190  00 00 00 00 03 00 0c 00  00 10 40 00 00 00 00 00  |..........@.....|
000031a0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 0d 00  |................|
000031b0  20 10 40 00 00 00 00 00  00 00 00 00 00 00 00 00  | .@.............|
000031c0  00 00 00 00 03 00 0e 00  40 10 40 00 00 00 00 00  |........@.@.....|
000031d0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 0f 00  |................|
000031e0  50 10 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |P.@.............|
000031f0  00 00 00 00 03 00 10 00  d8 11 40 00 00 00 00 00  |..........@.....|
00003200  00 00 00 00 00 00 00 00  00 00 00 00 03 00 11 00  |................|
00003210  00 20 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |. @.............|
00003220  00 00 00 00 03 00 12 00  30 20 40 00 00 00 00 00  |........0 @.....|
00003230  00 00 00 00 00 00 00 00  00 00 00 00 03 00 13 00  |................|
00003240  78 20 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |x @.............|
00003250  00 00 00 00 03 00 14 00  10 3e 40 00 00 00 00 00  |.........>@.....|
00003260  00 00 00 00 00 00 00 00  00 00 00 00 03 00 15 00  |................|
00003270  18 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.>@.............|
00003280  00 00 00 00 03 00 16 00  20 3e 40 00 00 00 00 00  |........ >@.....|
00003290  00 00 00 00 00 00 00 00  00 00 00 00 03 00 17 00  |................|
000032a0  f0 3f 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.?@.............|
000032b0  00 00 00 00 03 00 18 00  00 40 40 00 00 00 00 00  |.........@@.....|
000032c0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 19 00  |................|
000032d0  20 40 40 00 00 00 00 00  00 00 00 00 00 00 00 00  | @@.............|
000032e0  00 00 00 00 03 00 1a 00  40 40 40 00 00 00 00 00  |........@@@.....|
000032f0  00 00 00 00 00 00 00 00  00 00 00 00 03 00 1b 00  |................|
00003300  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00003310  01 00 00 00 04 00 f1 ff  00 00 00 00 00 00 00 00  |................|
00003320  00 00 00 00 00 00 00 00  0c 00 00 00 02 00 0f 00  |................|
00003330  90 10 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
00003340  0e 00 00 00 02 00 0f 00  c0 10 40 00 00 00 00 00  |..........@.....|
00003350  00 00 00 00 00 00 00 00  21 00 00 00 02 00 0f 00  |........!.......|
00003360  00 11 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
00003370  37 00 00 00 01 00 1a 00  40 40 40 00 00 00 00 00  |7.......@@@.....|
00003380  01 00 00 00 00 00 00 00  46 00 00 00 01 00 15 00  |........F.......|
00003390  18 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.>@.............|
000033a0  6d 00 00 00 02 00 0f 00  30 11 40 00 00 00 00 00  |m.......0.@.....|
000033b0  00 00 00 00 00 00 00 00  79 00 00 00 01 00 14 00  |........y.......|
000033c0  10 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.>@.............|
000033d0  98 00 00 00 04 00 f1 ff  00 00 00 00 00 00 00 00  |................|
000033e0  00 00 00 00 00 00 00 00  a6 00 00 00 01 00 19 00  |................|
000033f0  30 40 40 00 00 00 00 00  10 00 00 00 00 00 00 00  |0@@.............|
00003400  a2 00 00 00 01 00 1a 00  60 40 40 00 00 00 00 00  |........`@@.....|
00003410  00 a0 00 00 00 00 00 00  b2 00 00 00 01 00 11 00  |................|
00003420  10 20 40 00 00 00 00 00  10 00 00 00 00 00 00 00  |. @.............|
00003430  01 00 00 00 04 00 f1 ff  00 00 00 00 00 00 00 00  |................|
00003440  00 00 00 00 00 00 00 00  bd 00 00 00 01 00 13 00  |................|
00003450  74 21 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |t!@.............|
00003460  00 00 00 00 04 00 f1 ff  00 00 00 00 00 00 00 00  |................|
00003470  00 00 00 00 00 00 00 00  cb 00 00 00 00 00 14 00  |................|
00003480  18 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.>@.............|
00003490  dc 00 00 00 01 00 16 00  20 3e 40 00 00 00 00 00  |........ >@.....|
000034a0  00 00 00 00 00 00 00 00  e5 00 00 00 00 00 14 00  |................|
000034b0  10 3e 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.>@.............|
000034c0  f8 00 00 00 00 00 12 00  30 20 40 00 00 00 00 00  |........0 @.....|
000034d0  00 00 00 00 00 00 00 00  0b 01 00 00 01 00 18 00  |................|
000034e0  00 40 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |.@@.............|
000034f0  21 01 00 00 12 00 0f 00  d0 11 40 00 00 00 00 00  |!.........@.....|
00003500  05 00 00 00 00 00 00 00  6b 01 00 00 20 00 19 00  |........k... ...|
00003510  20 40 40 00 00 00 00 00  00 00 00 00 00 00 00 00  | @@.............|
00003520  31 01 00 00 12 00 00 00  00 00 00 00 00 00 00 00  |1...............|
00003530  00 00 00 00 00 00 00 00  43 01 00 00 10 00 19 00  |........C.......|
00003540  40 40 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |@@@.............|
00003550  2b 01 00 00 12 02 10 00  d8 11 40 00 00 00 00 00  |+.........@.....|
00003560  00 00 00 00 00 00 00 00  4a 01 00 00 12 00 00 00  |........J.......|
00003570  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00003580  69 01 00 00 10 00 19 00  20 40 40 00 00 00 00 00  |i....... @@.....|
00003590  00 00 00 00 00 00 00 00  76 01 00 00 20 00 00 00  |........v... ...|
000035a0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000035b0  85 01 00 00 11 02 19 00  28 40 40 00 00 00 00 00  |........(@@.....|
000035c0  00 00 00 00 00 00 00 00  92 01 00 00 11 00 11 00  |................|
000035d0  00 20 40 00 00 00 00 00  04 00 00 00 00 00 00 00  |. @.............|
000035e0  a1 01 00 00 12 00 0f 00  60 11 40 00 00 00 00 00  |........`.@.....|
000035f0  65 00 00 00 00 00 00 00  d7 00 00 00 10 00 1a 00  |e...............|
00003600  60 e0 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |`.@.............|
00003610  b1 01 00 00 12 02 0f 00  80 10 40 00 00 00 00 00  |..........@.....|
00003620  05 00 00 00 00 00 00 00  6f 01 00 00 12 00 0f 00  |........o.......|
00003630  50 10 40 00 00 00 00 00  2f 00 00 00 00 00 00 00  |P.@...../.......|
00003640  c9 01 00 00 10 00 1a 00  40 40 40 00 00 00 00 00  |........@@@.....|
00003650  00 00 00 00 00 00 00 00  d5 01 00 00 12 00 0f 00  |................|
00003660  36 11 40 00 00 00 00 00  26 00 00 00 00 00 00 00  |6.@.....&.......|
00003670  da 01 00 00 11 02 19 00  40 40 40 00 00 00 00 00  |........@@@.....|
00003680  00 00 00 00 00 00 00 00  ab 01 00 00 12 02 0c 00  |................|
00003690  00 10 40 00 00 00 00 00  00 00 00 00 00 00 00 00  |..@.............|
000036a0  00 63 72 74 73 74 75 66  66 2e 63 00 64 65 72 65  |.crtstuff.c.dere|
000036b0  67 69 73 74 65 72 5f 74  6d 5f 63 6c 6f 6e 65 73  |gister_tm_clones|
000036c0  00 5f 5f 64 6f 5f 67 6c  6f 62 61 6c 5f 64 74 6f  |.__do_global_dto|
000036d0  72 73 5f 61 75 78 00 63  6f 6d 70 6c 65 74 65 64  |rs_aux.completed|
000036e0  2e 38 30 36 30 00 5f 5f  64 6f 5f 67 6c 6f 62 61  |.8060.__do_globa|
000036f0  6c 5f 64 74 6f 72 73 5f  61 75 78 5f 66 69 6e 69  |l_dtors_aux_fini|
00003700  5f 61 72 72 61 79 5f 65  6e 74 72 79 00 66 72 61  |_array_entry.fra|
00003710  6d 65 5f 64 75 6d 6d 79  00 5f 5f 66 72 61 6d 65  |me_dummy.__frame|
00003720  5f 64 75 6d 6d 79 5f 69  6e 69 74 5f 61 72 72 61  |_dummy_init_arra|
00003730  79 5f 65 6e 74 72 79 00  65 6c 66 64 65 6d 6f 2e  |y_entry.elfdemo.|
00003740  63 00 72 61 77 5f 73 74  61 74 69 63 5f 64 61 74  |c.raw_static_dat|
00003750  61 00 63 6f 6e 73 74 5f  64 61 74 61 00 5f 5f 46  |a.const_data.__F|
00003760  52 41 4d 45 5f 45 4e 44  5f 5f 00 5f 5f 69 6e 69  |RAME_END__.__ini|
00003770  74 5f 61 72 72 61 79 5f  65 6e 64 00 5f 44 59 4e  |t_array_end._DYN|
00003780  41 4d 49 43 00 5f 5f 69  6e 69 74 5f 61 72 72 61  |AMIC.__init_arra|
00003790  79 5f 73 74 61 72 74 00  5f 5f 47 4e 55 5f 45 48  |y_start.__GNU_EH|
000037a0  5f 46 52 41 4d 45 5f 48  44 52 00 5f 47 4c 4f 42  |_FRAME_HDR._GLOB|
000037b0  41 4c 5f 4f 46 46 53 45  54 5f 54 41 42 4c 45 5f  |AL_OFFSET_TABLE_|
000037c0  00 5f 5f 6c 69 62 63 5f  63 73 75 5f 66 69 6e 69  |.__libc_csu_fini|
000037d0  00 70 75 74 73 40 40 47  4c 49 42 43 5f 32 2e 32  |.puts@@GLIBC_2.2|
000037e0  2e 35 00 5f 65 64 61 74  61 00 5f 5f 6c 69 62 63  |.5._edata.__libc|
000037f0  5f 73 74 61 72 74 5f 6d  61 69 6e 40 40 47 4c 49  |_start_main@@GLI|
00003800  42 43 5f 32 2e 32 2e 35  00 5f 5f 64 61 74 61 5f  |BC_2.2.5.__data_|
00003810  73 74 61 72 74 00 5f 5f  67 6d 6f 6e 5f 73 74 61  |start.__gmon_sta|
00003820  72 74 5f 5f 00 5f 5f 64  73 6f 5f 68 61 6e 64 6c  |rt__.__dso_handl|
00003830  65 00 5f 49 4f 5f 73 74  64 69 6e 5f 75 73 65 64  |e._IO_stdin_used|
00003840  00 5f 5f 6c 69 62 63 5f  63 73 75 5f 69 6e 69 74  |.__libc_csu_init|
00003850  00 5f 64 6c 5f 72 65 6c  6f 63 61 74 65 5f 73 74  |._dl_relocate_st|
00003860  61 74 69 63 5f 70 69 65  00 5f 5f 62 73 73 5f 73  |atic_pie.__bss_s|
00003870  74 61 72 74 00 6d 61 69  6e 00 5f 5f 54 4d 43 5f  |tart.main.__TMC_|
00003880  45 4e 44 5f 5f 00 00 2e  73 79 6d 74 61 62 00 2e  |END__...symtab..|
00003890  73 74 72 74 61 62 00 2e  73 68 73 74 72 74 61 62  |strtab..shstrtab|
000038a0  00 2e 69 6e 74 65 72 70  00 2e 6e 6f 74 65 2e 67  |..interp..note.g|
000038b0  6e 75 2e 70 72 6f 70 65  72 74 79 00 2e 6e 6f 74  |nu.property..not|
000038c0  65 2e 67 6e 75 2e 62 75  69 6c 64 2d 69 64 00 2e  |e.gnu.build-id..|
000038d0  6e 6f 74 65 2e 41 42 49  2d 74 61 67 00 2e 67 6e  |note.ABI-tag..gn|
000038e0  75 2e 68 61 73 68 00 2e  64 79 6e 73 79 6d 00 2e  |u.hash..dynsym..|
000038f0  64 79 6e 73 74 72 00 2e  67 6e 75 2e 76 65 72 73  |dynstr..gnu.vers|
00003900  69 6f 6e 00 2e 67 6e 75  2e 76 65 72 73 69 6f 6e  |ion..gnu.version|
00003910  5f 72 00 2e 72 65 6c 61  2e 64 79 6e 00 2e 72 65  |_r..rela.dyn..re|
00003920  6c 61 2e 70 6c 74 00 2e  69 6e 69 74 00 2e 70 6c  |la.plt..init..pl|
00003930  74 2e 73 65 63 00 2e 74  65 78 74 00 2e 66 69 6e  |t.sec..text..fin|
00003940  69 00 2e 72 6f 64 61 74  61 00 2e 65 68 5f 66 72  |i..rodata..eh_fr|
00003950  61 6d 65 5f 68 64 72 00  2e 65 68 5f 66 72 61 6d  |ame_hdr..eh_fram|
00003960  65 00 2e 69 6e 69 74 5f  61 72 72 61 79 00 2e 66  |e..init_array..f|
00003970  69 6e 69 5f 61 72 72 61  79 00 2e 64 79 6e 61 6d  |ini_array..dynam|
00003980  69 63 00 2e 67 6f 74 00  2e 67 6f 74 2e 70 6c 74  |ic..got..got.plt|
00003990  00 2e 64 61 74 61 00 2e  62 73 73 00 2e 63 6f 6d  |..data..bss..com|
000039a0  6d 65 6e 74 00 00 00 00  
/* ------------ 节区头 1~31,64 * 31 = 1984 字节, 0x39a8~0x4168(结束)------------ */
                                   00 00 00 00 00 00 00 00  |ment............|
000039b0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000039e0  00 00 00 00 00 00 00 00  1b 00 00 00 01 00 00 00  |................|
000039f0  02 00 00 00 00 00 00 00  18 03 40 00 00 00 00 00  |..........@.....|
00003a00  18 03 00 00 00 00 00 00  1c 00 00 00 00 00 00 00  |................|
00003a10  00 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
00003a20  00 00 00 00 00 00 00 00  23 00 00 00 07 00 00 00  |........#.......|
00003a30  02 00 00 00 00 00 00 00  38 03 40 00 00 00 00 00  |........8.@.....|
00003a40  38 03 00 00 00 00 00 00  20 00 00 00 00 00 00 00  |8....... .......|
00003a50  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003a60  00 00 00 00 00 00 00 00  36 00 00 00 07 00 00 00  |........6.......|
00003a70  02 00 00 00 00 00 00 00  58 03 40 00 00 00 00 00  |........X.@.....|
00003a80  58 03 00 00 00 00 00 00  24 00 00 00 00 00 00 00  |X.......$.......|
00003a90  00 00 00 00 00 00 00 00  04 00 00 00 00 00 00 00  |................|
00003aa0  00 00 00 00 00 00 00 00  49 00 00 00 07 00 00 00  |........I.......|
00003ab0  02 00 00 00 00 00 00 00  7c 03 40 00 00 00 00 00  |........|.@.....|
00003ac0  7c 03 00 00 00 00 00 00  20 00 00 00 00 00 00 00  ||....... .......|
00003ad0  00 00 00 00 00 00 00 00  04 00 00 00 00 00 00 00  |................|
00003ae0  00 00 00 00 00 00 00 00  57 00 00 00 f6 ff ff 6f  |........W......o|
00003af0  02 00 00 00 00 00 00 00  a0 03 40 00 00 00 00 00  |..........@.....|
00003b00  a0 03 00 00 00 00 00 00  1c 00 00 00 00 00 00 00  |................|
00003b10  06 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003b20  00 00 00 00 00 00 00 00  61 00 00 00 0b 00 00 00  |........a.......|
00003b30  02 00 00 00 00 00 00 00  c0 03 40 00 00 00 00 00  |..........@.....|
00003b40  c0 03 00 00 00 00 00 00  60 00 00 00 00 00 00 00  |........`.......|
00003b50  07 00 00 00 01 00 00 00  08 00 00 00 00 00 00 00  |................|
00003b60  18 00 00 00 00 00 00 00  69 00 00 00 03 00 00 00  |........i.......|
00003b70  02 00 00 00 00 00 00 00  20 04 40 00 00 00 00 00  |........ .@.....|
00003b80  20 04 00 00 00 00 00 00  3d 00 00 00 00 00 00 00  | .......=.......|
00003b90  00 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
00003ba0  00 00 00 00 00 00 00 00  71 00 00 00 ff ff ff 6f  |........q......o|
00003bb0  02 00 00 00 00 00 00 00  5e 04 40 00 00 00 00 00  |........^.@.....|
00003bc0  5e 04 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |^...............|
00003bd0  06 00 00 00 00 00 00 00  02 00 00 00 00 00 00 00  |................|
00003be0  02 00 00 00 00 00 00 00  7e 00 00 00 fe ff ff 6f  |........~......o|
00003bf0  02 00 00 00 00 00 00 00  68 04 40 00 00 00 00 00  |........h.@.....|
00003c00  68 04 00 00 00 00 00 00  20 00 00 00 00 00 00 00  |h....... .......|
00003c10  07 00 00 00 01 00 00 00  08 00 00 00 00 00 00 00  |................|
00003c20  00 00 00 00 00 00 00 00  8d 00 00 00 04 00 00 00  |................|
00003c30  02 00 00 00 00 00 00 00  88 04 40 00 00 00 00 00  |..........@.....|
00003c40  88 04 00 00 00 00 00 00  30 00 00 00 00 00 00 00  |........0.......|
00003c50  06 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003c60  18 00 00 00 00 00 00 00  97 00 00 00 04 00 00 00  |................|
00003c70  42 00 00 00 00 00 00 00  b8 04 40 00 00 00 00 00  |B.........@.....|
00003c80  b8 04 00 00 00 00 00 00  18 00 00 00 00 00 00 00  |................|
00003c90  06 00 00 00 18 00 00 00  08 00 00 00 00 00 00 00  |................|
00003ca0  18 00 00 00 00 00 00 00  a1 00 00 00 01 00 00 00  |................|
00003cb0  06 00 00 00 00 00 00 00  00 10 40 00 00 00 00 00  |..........@.....|
00003cc0  00 10 00 00 00 00 00 00  1b 00 00 00 00 00 00 00  |................|
00003cd0  00 00 00 00 00 00 00 00  04 00 00 00 00 00 00 00  |................|
00003ce0  00 00 00 00 00 00 00 00  9c 00 00 00 01 00 00 00  |................|
00003cf0  06 00 00 00 00 00 00 00  20 10 40 00 00 00 00 00  |........ .@.....|
00003d00  20 10 00 00 00 00 00 00  20 00 00 00 00 00 00 00  | ....... .......|
00003d10  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
00003d20  10 00 00 00 00 00 00 00  a7 00 00 00 01 00 00 00  |................|
00003d30  06 00 00 00 00 00 00 00  40 10 40 00 00 00 00 00  |........@.@.....|
00003d40  40 10 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |@...............|
00003d50  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
00003d60  10 00 00 00 00 00 00 00  b0 00 00 00 01 00 00 00  |................|
00003d70  06 00 00 00 00 00 00 00  50 10 40 00 00 00 00 00  |........P.@.....|
00003d80  50 10 00 00 00 00 00 00  85 01 00 00 00 00 00 00  |P...............|
00003d90  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
00003da0  00 00 00 00 00 00 00 00  b6 00 00 00 01 00 00 00  |................|
00003db0  06 00 00 00 00 00 00 00  d8 11 40 00 00 00 00 00  |..........@.....|
00003dc0  d8 11 00 00 00 00 00 00  0d 00 00 00 00 00 00 00  |................|
00003dd0  00 00 00 00 00 00 00 00  04 00 00 00 00 00 00 00  |................|
00003de0  00 00 00 00 00 00 00 00  bc 00 00 00 01 00 00 00  |................|
00003df0  02 00 00 00 00 00 00 00  00 20 40 00 00 00 00 00  |......... @.....|
00003e00  00 20 00 00 00 00 00 00  30 00 00 00 00 00 00 00  |. ......0.......|
00003e10  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
00003e20  00 00 00 00 00 00 00 00  c4 00 00 00 01 00 00 00  |................|
00003e30  02 00 00 00 00 00 00 00  30 20 40 00 00 00 00 00  |........0 @.....|
00003e40  30 20 00 00 00 00 00 00  44 00 00 00 00 00 00 00  |0 ......D.......|
00003e50  00 00 00 00 00 00 00 00  04 00 00 00 00 00 00 00  |................|
00003e60  00 00 00 00 00 00 00 00  d2 00 00 00 01 00 00 00  |................|
00003e70  02 00 00 00 00 00 00 00  78 20 40 00 00 00 00 00  |........x @.....|
00003e80  78 20 00 00 00 00 00 00  00 01 00 00 00 00 00 00  |x ..............|
00003e90  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003ea0  00 00 00 00 00 00 00 00  dc 00 00 00 0e 00 00 00  |................|
00003eb0  03 00 00 00 00 00 00 00  10 3e 40 00 00 00 00 00  |.........>@.....|
00003ec0  10 2e 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003ed0  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003ee0  08 00 00 00 00 00 00 00  e8 00 00 00 0f 00 00 00  |................|
00003ef0  03 00 00 00 00 00 00 00  18 3e 40 00 00 00 00 00  |.........>@.....|
00003f00  18 2e 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003f10  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003f20  08 00 00 00 00 00 00 00  f4 00 00 00 06 00 00 00  |................|
00003f30  03 00 00 00 00 00 00 00  20 3e 40 00 00 00 00 00  |........ >@.....|
00003f40  20 2e 00 00 00 00 00 00  d0 01 00 00 00 00 00 00  | ...............|
00003f50  07 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003f60  10 00 00 00 00 00 00 00  fd 00 00 00 01 00 00 00  |................|
00003f70  03 00 00 00 00 00 00 00  f0 3f 40 00 00 00 00 00  |.........?@.....|
00003f80  f0 2f 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |./..............|
00003f90  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003fa0  08 00 00 00 00 00 00 00  02 01 00 00 01 00 00 00  |................|
00003fb0  03 00 00 00 00 00 00 00  00 40 40 00 00 00 00 00  |.........@@.....|
00003fc0  00 30 00 00 00 00 00 00  20 00 00 00 00 00 00 00  |.0...... .......|
00003fd0  00 00 00 00 00 00 00 00  08 00 00 00 00 00 00 00  |................|
00003fe0  08 00 00 00 00 00 00 00  0b 01 00 00 01 00 00 00  |................|
00003ff0  03 00 00 00 00 00 00 00  20 40 40 00 00 00 00 00  |........ @@.....|
00004000  20 30 00 00 00 00 00 00  20 00 00 00 00 00 00 00  | 0...... .......|
00004010  00 00 00 00 00 00 00 00  10 00 00 00 00 00 00 00  |................|
00004020  00 00 00 00 00 00 00 00  11 01 00 00 08 00 00 00  |................|
00004030  03 00 00 00 00 00 00 00  40 40 40 00 00 00 00 00  |........@@@.....|
00004040  40 30 00 00 00 00 00 00  20 a0 00 00 00 00 00 00  |@0...... .......|
00004050  00 00 00 00 00 00 00 00  20 00 00 00 00 00 00 00  |........ .......|
00004060  00 00 00 00 00 00 00 00  16 01 00 00 01 00 00 00  |................|
00004070  30 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |0...............|
00004080  40 30 00 00 00 00 00 00  2a 00 00 00 00 00 00 00  |@0......*.......|
00004090  00 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
000040a0  01 00 00 00 00 00 00 00  01 00 00 00 02 00 00 00  |................|
000040b0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000040c0  70 30 00 00 00 00 00 00  30 06 00 00 00 00 00 00  |p0......0.......|
000040d0  1d 00 00 00 30 00 00 00  08 00 00 00 00 00 00 00  |....0...........|
000040e0  18 00 00 00 00 00 00 00  09 00 00 00 03 00 00 00  |................|
000040f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00004100  a0 36 00 00 00 00 00 00  e6 01 00 00 00 00 00 00  |.6..............|
00004110  00 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
00004120  00 00 00 00 00 00 00 00  11 00 00 00 03 00 00 00  |................|
00004130  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00004140  86 38 00 00 00 00 00 00  1f 01 00 00 00 00 00 00  |.8..............|
00004150  00 00 00 00 00 00 00 00  01 00 00 00 00 00 00 00  |................|
*
00004168

影响程序静态布局的因素

认识了可执行文件的整体结构,我们继续讨论影响静态布局(节区布局)的因素。上面的 31 个节区中,有几个节区与源程序的关系非常密切,下面就详细说说这几个节区。

.text 节区

该节区存储了源文件编译生成的机器指令。对开发者来说,这可能是最重要的一个节区,所有的程序逻辑都放在这里。

但开发者对该节区能做的控制却很少,能影响它的因素只有开发者写的程序逻辑,以及编译时使用的选项。比如,使用 -O1 优化选项编译程序可以生成尽量紧凑的 .text 节区,而用 -O2 优化选项会使编译器倾向于生成执行速度更快的指令组合,但有可能让 .text 节区的体积轻微地增大。

.rodata 节区

该节区存储了程序中的常量数据,比如示例程序中的常量数组:

static char static_data[16] = "I'm Static Data";

以及 printf 语句中的常量字符串 Message In Main,有 objdump 的结果为证:

liyongjun@Box20:~/project/c/study/tmp$ objdump -s elfdemo.out 

elfdemo.out:     文件格式 elf64-x86-64
......         
Contents of section .rodata:
 402000 01000200 00000000 00000000 00000000  ................
 402010 49276d20 436f6e73 74204461 74610000  I'm Const Data..
 402020 4d657373 61676520 496e204d 61696e00  Message In Main.
......

通过 readelf -l elfdemo.out 可以看到,程序在运行时,.rodata 节区被加载到 04 段内,而该段的属性如 Flags 列所显示的,只有 R(读),而没有 W(写)权限,当程序试图修改该地址处的内容,会触发 Segment Violation 而令程序终止,由此实现对该节区内数据的保护。

但需要注意的是,只有静态和全局的 const 数据才能享受这样的待遇。在某函数内声明的局部只读变量,只能靠编译器的语义检查报告错误或警告,而不会通过设置存储区权限来防止修改。例如,某函数内的如下代码片段,会被编译器认为存在语法错误而编译失败:

const int const_value = 100;
const_value = 200;

但是,并不能阻止使用下面代码修改已经使用 const 修饰过的变量值:

const int const_value = 100;
int * ptr = (int *)&const_value;
*ptr = 200;

因为在函数内部声明的 const_value,本质上还是一个函数内的局部变量,存储区在该函数的栈帧内,而程序对该内存区拥有修改的权限。

相应地,用同样方法试图修改全局或静态常量数据的值,如下所示:

char * pc = (char *)const_data;
*pc = 'X';

编译器并不会报告任何错误,编译可以通过。但当程序运行到第二行代码时,就会因为 Segment Violation 而崩溃,原因在于程序对该位置的内存区没有修改权限

.data 节区

全局已初始化变量、静态已初始化变量

该节区在运行时被加载到标号为 05 的段内,权限设置为 R(可读)和 W(可写)。

.bss 节区

该节区存储了所有未初始化或初始化为 0 的全局和静态变量。比如示例程序中的如下变量,就会被放入这个节区中

static char raw_static_data[40960];

仔细观察这个节区的信息,就会发现,虽然该节区的大小是 0xa020 字节,但它之后的 .comment 节区与该节区有相同的 offset 值,也就是说,.bss 节区在可执行文件中不占据任何空间,加载到内存区之后才会被分配内存。

再仔细观察程序头的信息,也可以进一步验证这个结果。在程序头信息中,.bss 在标号 05 的段中,而该段的 FileSiz 值为 0x230, MemSiz 值为 0xa250, 差值刚好是 .bss 节区的大小。

该节区设计的初衷就是为了节省目标文件的存储空间。变量未被初始化,或者虽然被初始化了,但值为 0,就没必要浪费空间,再在目标文件中存储大量的 0 值。

总结

.rodata: 全局 const 变量、字符串常量

.data:全局已初始化变量、静态已初始化变量

.bss: 未初始化 或 初始化为 0 的全局 和 静态 变量

参考

深入程序布局内部,增强应用控制能力