文章目录
- 概念
- 测试源码
- 编译
- 文件内容
- 整体结构
- 程序头
- 节头
- 文件头 + 程序头 + 节区 + 节区头
- 影响程序静态布局的因素
- .text 节区
- .rodata 节区
- .data 节区
- .bss 节区
- 总结
- 参考
概念
程序(program)是存放在磁盘中的可执行文件,在 Linux 中,二进制可执行文件的标准格式叫做 ELF(Executable and Linkable Format)。从名字可以看出,它同时兼容可执行文件和可链接文件。
测试源码
elfdemo.c
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <stdio.h> #include <stdlib.h> static char static_data[16] = "I'm Static Data"; static char raw_static_data[40960]; static const char const_data[16] = "I'm Const Data"; int main(int args, char **argv) { printf("Message In Mainn"); return 0; }
编译
复制代码
1
2gcc -o elfdemo.out elfdemo.c -no-pie
文件内容
复制代码
1
2
3liyongjun@Box20:~/project/c/study/tmp$ ls -l elfdemo.out -rwxrwxr-x 1 liyongjun liyongjun 16744 10月 30 15:35 elfdemo.out
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23liyongjun@Box20:~/project/c/study/tmp$ readelf -h elfdemo.out ELF 头: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 类别: ELF64 数据: 2 补码,小端序 (little endian) Version: 1 (current) OS/ABI: UNIX - System V ABI 版本: 0 类型: EXEC (可执行文件) 系统架构: Advanced Micro Devices X86-64 版本: 0x1 入口点地址: 0x401050 程序头起点: 64 (bytes into file) Start of section headers: 14760 (bytes into file) 标志: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 13 Size of section headers: 64 (bytes) Number of section headers: 31 Section header string table index: 30
-
可执行文件的大小是 16744 字节
-
文件格式是 64 位的 Linux 标准可执行文件(ELF 64-bit LSB executable),目标平台是 x86-64
-
程序的入口地址是 0x401050
-
该文件的 ELF 头的大小是 64 字节
-
文件中有 13 个 Program Header,每个 Program Header 的长度是 56 字节,信息存放在从文件头算起 64 字节的位置(程序头起点)
-
另外还有 31 个 Section Header,每个 Section Header 的大小是 64 字节,信息存放在从文件头算起 14760 字节的位置
根据这些信息,就可以依次定位到每个 Header,再根据 Header 中对每个段的描述,便可解析出文件内容。
- 64 字节 ELF 文件头
- 56 * 13 字节 程序头
- 31 节区
- 64 * 31 字节 节区头
- = 16744 字节
整体结构
程序头
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39liyongjun@Box20:~/project/c/study/tmp$ readelf -l elfdemo.out Elf 文件类型为 EXEC (可执行文件) Entry point 0x401050 There are 13 program headers, starting at offset 64 程序头: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flags Align 00 PHDR 0x0000000000000040 0x0000000000400040 0x0000000000400040 0x00000000000002d8 0x00000000000002d8 R 0x8 01 INTERP 0x0000000000000318 0x0000000000400318 0x0000000000400318 0x000000000000001c 0x000000000000001c R 0x1 [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2] 02 LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000 0x00000000000004d0 0x00000000000004d0 R 0x1000 03 LOAD 0x0000000000001000 0x0000000000401000 0x0000000000401000 0x00000000000001e5 0x00000000000001e5 R E 0x1000 04 LOAD 0x0000000000002000 0x0000000000402000 0x0000000000402000 0x0000000000000178 0x0000000000000178 R 0x1000 05 LOAD 0x0000000000002e10 0x0000000000403e10 0x0000000000403e10 0x0000000000000230 0x000000000000a250 RW 0x1000 06 DYNAMIC 0x0000000000002e20 0x0000000000403e20 0x0000000000403e20 0x00000000000001d0 0x00000000000001d0 RW 0x8 07 NOTE 0x0000000000000338 0x0000000000400338 0x0000000000400338 0x0000000000000020 0x0000000000000020 R 0x8 08 NOTE 0x0000000000000358 0x0000000000400358 0x0000000000400358 0x0000000000000044 0x0000000000000044 R 0x4 09 GNU_PROPERTY 0x0000000000000338 0x0000000000400338 0x0000000000400338 0x0000000000000020 0x0000000000000020 R 0x8 10 GNU_EH_FRAME 0x0000000000002030 0x0000000000402030 0x0000000000402030 0x0000000000000044 0x0000000000000044 R 0x4 11 GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 RW 0x10 12 GNU_RELRO 0x0000000000002e10 0x0000000000403e10 0x0000000000403e10 0x00000000000001f0 0x00000000000001f0 R 0x1 Section to Segment mapping: 段节... 00 01 .interp 02 .interp .note.gnu.property .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt 03 .init .plt .plt.sec .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.gnu.property 08 .note.gnu.build-id .note.ABI-tag 09 .note.gnu.property 10 .eh_frame_hdr 11 12 .init_array .fini_array .dynamic .got
节头
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43liyongjun@Box20:~/project/c/study/tmp$ readelf -S elfdemo.out There are 31 section headers, starting at offset 0x39a8: 节头: [号] 名称 类型 地址 偏移量 大小 全体大小 旗标 链接 信息 对齐 [ 0] NULL 0000000000000000 00000000 0000000000000000 0000000000000000 0 0 0 [ 1] .interp PROGBITS 0000000000400318 00000318 000000000000001c 0000000000000000 A 0 0 1 [ 2] .note.gnu.propert NOTE 0000000000400338 00000338 0000000000000020 0000000000000000 A 0 0 8 [ 3] .note.gnu.build-i NOTE 0000000000400358 00000358 0000000000000024 0000000000000000 A 0 0 4 [ 4] .note.ABI-tag NOTE 000000000040037c 0000037c 0000000000000020 0000000000000000 A 0 0 4 [ 5] .gnu.hash GNU_HASH 00000000004003a0 000003a0 000000000000001c 0000000000000000 A 6 0 8 [ 6] .dynsym DYNSYM 00000000004003c0 000003c0 0000000000000060 0000000000000018 A 7 1 8 [ 7] .dynstr STRTAB 0000000000400420 00000420 000000000000003d 0000000000000000 A 0 0 1 [ 8] .gnu.version VERSYM 000000000040045e 0000045e 0000000000000008 0000000000000002 A 6 0 2 [ 9] .gnu.version_r VERNEED 0000000000400468 00000468 0000000000000020 0000000000000000 A 7 1 8 [10] .rela.dyn RELA 0000000000400488 00000488 0000000000000030 0000000000000018 A 6 0 8 [11] .rela.plt RELA 00000000004004b8 000004b8 0000000000000018 0000000000000018 AI 6 24 8 [12] .init PROGBITS 0000000000401000 00001000 000000000000001b 0000000000000000 AX 0 0 4 [13] .plt PROGBITS 0000000000401020 00001020 0000000000000020 0000000000000010 AX 0 0 16 [14] .plt.sec PROGBITS 0000000000401040 00001040 0000000000000010 0000000000000010 AX 0 0 16 [15] .text PROGBITS 0000000000401050 00001050 0000000000000185 0000000000000000 AX 0 0 16 [16] .fini PROGBITS 00000000004011d8 000011d8 000000000000000d 0000000000000000 AX 0 0 4 [17] .rodata PROGBITS 0000000000402000 00002000 0000000000000030 0000000000000000 A 0 0 16 [18] .eh_frame_hdr PROGBITS 0000000000402030 00002030 0000000000000044 0000000000000000 A 0 0 4 [19] .eh_frame PROGBITS 0000000000402078 00002078 0000000000000100 0000000000000000 A 0 0 8 [20] .init_array INIT_ARRAY 0000000000403e10 00002e10 0000000000000008 0000000000000008 WA 0 0 8 [21] .fini_array FINI_ARRAY 0000000000403e18 00002e18 0000000000000008 0000000000000008 WA 0 0 8 [22] .dynamic DYNAMIC 0000000000403e20 00002e20 00000000000001d0 0000000000000010 WA 7 0 8 [23] .got PROGBITS 0000000000403ff0 00002ff0 0000000000000010 0000000000000008 WA 0 0 8 [24] .got.plt PROGBITS 0000000000404000 00003000 0000000000000020 0000000000000008 WA 0 0 8 [25] .data PROGBITS 0000000000404020 00003020 0000000000000020 0000000000000000 WA 0 0 16 [26] .bss NOBITS 0000000000404040 00003040 000000000000a020 0000000000000000 WA 0 0 32 [27] .comment PROGBITS 0000000000000000 00003040 000000000000002a 0000000000000001 MS 0 0 1 [28] .symtab SYMTAB 0000000000000000 00003070 0000000000000630 0000000000000018 29 48 8 [29] .strtab STRTAB 0000000000000000 000036a0 00000000000001e6 0000000000000000 0 0 1 [30] .shstrtab STRTAB 0000000000000000 00003886 000000000000011f 0000000000000000 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings), I (info), L (link order), O (extra OS processing required), G (group), T (TLS), C (compressed), x (unknown), o (OS specific), E (exclude), l (large), p (processor specific)
文件头 + 程序头 + 节区 + 节区头
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469liyongjun@Box20:~/project/c/study/tmp$ hexdump -C elfdemo.out /* ------------------------------ ELF 文件头 begin -------------------------- */ 00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............| 00000010 02 00 3e 00 01 00 00 00 50 10 40 00 00 00 00 00 |..>.....P.@.....| 00000020 40 00 00 00 00 00 00 00 a8 39 00 00 00 00 00 00 |@........9......| 00000030 00 00 00 00 40 00 38 00 0d 00 40 00 1f 00 1e 00 |....@.8...@.....| /* -------------------------------- 程序头 1 -------------------------------- */ 00000040 06 00 00 00 04 00 00 00 40 00 00 00 00 00 00 00 |........@.......| 00000050 40 00 40 00 00 00 00 00 40 00 40 00 00 00 00 00 |@.@.....@.@.....| 00000060 d8 02 00 00 00 00 00 00 d8 02 00 00 00 00 00 00 |................| 00000070 08 00 00 00 00 00 00 00 /* -------------------------------- 程序头 2 -------------------------------- */ 03 00 00 00 04 00 00 00 |................| 00000080 18 03 00 00 00 00 00 00 18 03 40 00 00 00 00 00 |..........@.....| 00000090 18 03 40 00 00 00 00 00 1c 00 00 00 00 00 00 00 |..@.............| 000000a0 1c 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| /* -------------------------------- 程序头 3 -------------------------------- */ 000000b0 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 |................| 000000c0 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 |..@.......@.....| 000000d0 d0 04 00 00 00 00 00 00 d0 04 00 00 00 00 00 00 |................| 000000e0 00 10 00 00 00 00 00 00 /* -------------------------------- 程序头 4 -------------------------------- */ 01 00 00 00 05 00 00 00 |................| 000000f0 00 10 00 00 00 00 00 00 00 10 40 00 00 00 00 00 |..........@.....| 00000100 00 10 40 00 00 00 00 00 e5 01 00 00 00 00 00 00 |..@.............| 00000110 e5 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 |................| /* -------------------------------- 程序头 5 -------------------------------- */ 00000120 01 00 00 00 04 00 00 00 00 20 00 00 00 00 00 00 |......... ......| 00000130 00 20 40 00 00 00 00 00 00 20 40 00 00 00 00 00 |. @...... @.....| 00000140 78 01 00 00 00 00 00 00 78 01 00 00 00 00 00 00 |x.......x.......| 00000150 00 10 00 00 00 00 00 00 /* -------------------------------- 程序头 6 -------------------------------- */ 01 00 00 00 06 00 00 00 |................| 00000160 10 2e 00 00 00 00 00 00 10 3e 40 00 00 00 00 00 |.........>@.....| 00000170 10 3e 40 00 00 00 00 00 30 02 00 00 00 00 00 00 |.>@.....0.......| 00000180 50 a2 00 00 00 00 00 00 00 10 00 00 00 00 00 00 |P...............| /* -------------------------------- 程序头 7 -------------------------------- */ 00000190 02 00 00 00 06 00 00 00 20 2e 00 00 00 00 00 00 |........ .......| 000001a0 20 3e 40 00 00 00 00 00 20 3e 40 00 00 00 00 00 | >@..... >@.....| 000001b0 d0 01 00 00 00 00 00 00 d0 01 00 00 00 00 00 00 |................| 000001c0 08 00 00 00 00 00 00 00 /* -------------------------------- 程序头 8 -------------------------------- */ 04 00 00 00 04 00 00 00 |................| 000001d0 38 03 00 00 00 00 00 00 38 03 40 00 00 00 00 00 |8.......8.@.....| 000001e0 38 03 40 00 00 00 00 00 20 00 00 00 00 00 00 00 |8.@..... .......| 000001f0 20 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 | ...............| /* -------------------------------- 程序头 9 -------------------------------- */ 00000200 04 00 00 00 04 00 00 00 58 03 00 00 00 00 00 00 |........X.......| 00000210 58 03 40 00 00 00 00 00 58 03 40 00 00 00 00 00 |X.@.....X.@.....| 00000220 44 00 00 00 00 00 00 00 44 00 00 00 00 00 00 00 |D.......D.......| 00000230 04 00 00 00 00 00 00 00 /* -------------------------------- 程序头 10 -------------------------------- */ 53 e5 74 64 04 00 00 00 |........S.td....| 00000240 38 03 00 00 00 00 00 00 38 03 40 00 00 00 00 00 |8.......8.@.....| 00000250 38 03 40 00 00 00 00 00 20 00 00 00 00 00 00 00 |8.@..... .......| 00000260 20 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 | ...............| /* -------------------------------- 程序头 11 -------------------------------- */ 00000270 50 e5 74 64 04 00 00 00 30 20 00 00 00 00 00 00 |P.td....0 ......| 00000280 30 20 40 00 00 00 00 00 30 20 40 00 00 00 00 00 |0 @.....0 @.....| 00000290 44 00 00 00 00 00 00 00 44 00 00 00 00 00 00 00 |D.......D.......| 000002a0 04 00 00 00 00 00 00 00 /* -------------------------------- 程序头 12 -------------------------------- */ 51 e5 74 64 06 00 00 00 |........Q.td....| 000002b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000002d0 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| /* -------------------------------- 程序头 13 -------------------------------- */ 000002e0 52 e5 74 64 04 00 00 00 10 2e 00 00 00 00 00 00 |R.td............| 000002f0 10 3e 40 00 00 00 00 00 10 3e 40 00 00 00 00 00 |.>@......>@.....| 00000300 f0 01 00 00 00 00 00 00 f0 01 00 00 00 00 00 00 |................| 00000310 01 00 00 00 00 00 00 00 /* --------- 节区 1~31,.interp~.shstrtab 0x318~0x3886 + 0x11f = 0x39a5 --------- */ 2f 6c 69 62 36 34 2f 6c |......../lib64/l| 00000320 64 2d 6c 69 6e 75 78 2d 78 38 36 2d 36 34 2e 73 |d-linux-x86-64.s| 00000330 6f 2e 32 00 00 00 00 00 04 00 00 00 10 00 00 00 |o.2.............| 00000340 05 00 00 00 47 4e 55 00 02 00 00 c0 04 00 00 00 |....GNU.........| 00000350 03 00 00 00 00 00 00 00 04 00 00 00 14 00 00 00 |................| 00000360 03 00 00 00 47 4e 55 00 d3 10 74 c2 34 65 f8 75 |....GNU...t.4e.u| 00000370 f6 d1 88 ce a1 93 a3 c6 6b bb 04 9c 04 00 00 00 |........k.......| 00000380 10 00 00 00 01 00 00 00 47 4e 55 00 00 00 00 00 |........GNU.....| 00000390 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 |................| 000003a0 01 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 |................| 000003b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000003d0 00 00 00 00 00 00 00 00 0b 00 00 00 12 00 00 00 |................| 000003e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000003f0 10 00 00 00 12 00 00 00 00 00 00 00 00 00 00 00 |................| 00000400 00 00 00 00 00 00 00 00 2e 00 00 00 20 00 00 00 |............ ...| 00000410 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000420 00 6c 69 62 63 2e 73 6f 2e 36 00 70 75 74 73 00 |.libc.so.6.puts.| 00000430 5f 5f 6c 69 62 63 5f 73 74 61 72 74 5f 6d 61 69 |__libc_start_mai| 00000440 6e 00 47 4c 49 42 43 5f 32 2e 32 2e 35 00 5f 5f |n.GLIBC_2.2.5.__| 00000450 67 6d 6f 6e 5f 73 74 61 72 74 5f 5f 00 00 00 00 |gmon_start__....| 00000460 02 00 02 00 00 00 00 00 01 00 01 00 01 00 00 00 |................| 00000470 10 00 00 00 00 00 00 00 75 1a 69 09 00 00 02 00 |........u.i.....| 00000480 22 00 00 00 00 00 00 00 f0 3f 40 00 00 00 00 00 |"........?@.....| 00000490 06 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 |................| 000004a0 f8 3f 40 00 00 00 00 00 06 00 00 00 03 00 00 00 |.?@.............| 000004b0 00 00 00 00 00 00 00 00 18 40 40 00 00 00 00 00 |.........@@.....| 000004c0 07 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 |................| 000004d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00001000 f3 0f 1e fa 48 83 ec 08 48 8b 05 e9 2f 00 00 48 |....H...H.../..H| 00001010 85 c0 74 02 ff d0 48 83 c4 08 c3 00 00 00 00 00 |..t...H.........| 00001020 ff 35 e2 2f 00 00 f2 ff 25 e3 2f 00 00 0f 1f 00 |.5./....%./.....| 00001030 f3 0f 1e fa 68 00 00 00 00 f2 e9 e1 ff ff ff 90 |....h...........| 00001040 f3 0f 1e fa f2 ff 25 cd 2f 00 00 0f 1f 44 00 00 |......%./....D..| 00001050 f3 0f 1e fa 31 ed 49 89 d1 5e 48 89 e2 48 83 e4 |....1.I..^H..H..| 00001060 f0 50 54 49 c7 c0 d0 11 40 00 48 c7 c1 60 11 40 |.PTI....@.H..`.@| 00001070 00 48 c7 c7 36 11 40 00 ff 15 72 2f 00 00 f4 90 |.H..6.@...r/....| 00001080 f3 0f 1e fa c3 66 2e 0f 1f 84 00 00 00 00 00 90 |.....f..........| 00001090 b8 40 40 40 00 48 3d 40 40 40 00 74 13 b8 00 00 |.@@@.H=@@@.t....| 000010a0 00 00 48 85 c0 74 09 bf 40 40 40 00 ff e0 66 90 |..H..t..@@@...f.| 000010b0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 |.ff...........@.| 000010c0 be 40 40 40 00 48 81 ee 40 40 40 00 48 89 f0 48 |.@@@.H..@@@.H..H| 000010d0 c1 ee 3f 48 c1 f8 03 48 01 c6 48 d1 fe 74 11 b8 |..?H...H..H..t..| 000010e0 00 00 00 00 48 85 c0 74 07 bf 40 40 40 00 ff e0 |....H..t..@@@...| 000010f0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 |.ff...........@.| 00001100 f3 0f 1e fa 80 3d 35 2f 00 00 00 75 13 55 48 89 |.....=5/...u.UH.| 00001110 e5 e8 7a ff ff ff c6 05 23 2f 00 00 01 5d c3 90 |..z.....#/...]..| 00001120 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 |.ff...........@.| 00001130 f3 0f 1e fa eb 8a f3 0f 1e fa 55 48 89 e5 48 83 |..........UH..H.| 00001140 ec 10 89 7d fc 48 89 75 f0 48 8d 3d d0 0e 00 00 |...}.H.u.H.=....| 00001150 e8 eb fe ff ff b8 00 00 00 00 c9 c3 0f 1f 40 00 |..............@.| 00001160 f3 0f 1e fa 41 57 4c 8d 3d a3 2c 00 00 41 56 49 |....AWL.=.,..AVI| 00001170 89 d6 41 55 49 89 f5 41 54 41 89 fc 55 48 8d 2d |..AUI..ATA..UH.-| 00001180 94 2c 00 00 53 4c 29 fd 48 83 ec 08 e8 6f fe ff |.,..SL).H....o..| 00001190 ff 48 c1 fd 03 74 1f 31 db 0f 1f 80 00 00 00 00 |.H...t.1........| 000011a0 4c 89 f2 4c 89 ee 44 89 e7 41 ff 14 df 48 83 c3 |L..L..D..A...H..| 000011b0 01 48 39 dd 75 ea 48 83 c4 08 5b 5d 41 5c 41 5d |.H9.u.H...[]AA]| 000011c0 41 5e 41 5f c3 66 66 2e 0f 1f 84 00 00 00 00 00 |A^A_.ff.........| 000011d0 f3 0f 1e fa c3 00 00 00 f3 0f 1e fa 48 83 ec 08 |............H...| 000011e0 48 83 c4 08 c3 00 00 00 00 00 00 00 00 00 00 00 |H...............| 000011f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00002000 01 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00002010 49 27 6d 20 43 6f 6e 73 74 20 44 61 74 61 00 00 |I'm Const Data..| 00002020 4d 65 73 73 61 67 65 20 49 6e 20 4d 61 69 6e 00 |Message In Main.| 00002030 01 1b 03 3b 44 00 00 00 07 00 00 00 f0 ef ff ff |...;D...........| 00002040 88 00 00 00 10 f0 ff ff b0 00 00 00 20 f0 ff ff |............ ...| 00002050 60 00 00 00 50 f0 ff ff 74 00 00 00 06 f1 ff ff |`...P...t.......| 00002060 c8 00 00 00 30 f1 ff ff e8 00 00 00 a0 f1 ff ff |....0...........| 00002070 30 01 00 00 00 00 00 00 14 00 00 00 00 00 00 00 |0...............| 00002080 01 7a 52 00 01 78 10 01 1b 0c 07 08 90 01 00 00 |.zR..x..........| 00002090 10 00 00 00 1c 00 00 00 b8 ef ff ff 2f 00 00 00 |............/...| 000020a0 00 44 07 10 10 00 00 00 30 00 00 00 d4 ef ff ff |.D......0.......| 000020b0 05 00 00 00 00 00 00 00 24 00 00 00 44 00 00 00 |........$...D...| 000020c0 60 ef ff ff 20 00 00 00 00 0e 10 46 0e 18 4a 0f |`... ......F..J.| 000020d0 0b 77 08 80 00 3f 1a 3a 2a 33 24 22 00 00 00 00 |.w...?.:*3$"....| 000020e0 14 00 00 00 6c 00 00 00 58 ef ff ff 10 00 00 00 |....l...X.......| 000020f0 00 00 00 00 00 00 00 00 1c 00 00 00 84 00 00 00 |................| 00002100 36 f0 ff ff 26 00 00 00 00 45 0e 10 86 02 43 0d |6...&....E....C.| 00002110 06 5d 0c 07 08 00 00 00 44 00 00 00 a4 00 00 00 |.]......D.......| 00002120 40 f0 ff ff 65 00 00 00 00 46 0e 10 8f 02 49 0e |@...e....F....I.| 00002130 18 8e 03 45 0e 20 8d 04 45 0e 28 8c 05 44 0e 30 |...E. ..E.(..D.0| 00002140 86 06 48 0e 38 83 07 47 0e 40 6e 0e 38 41 0e 30 |..H.8..G.@n.8A.0| 00002150 41 0e 28 42 0e 20 42 0e 18 42 0e 10 42 0e 08 00 |A.(B. B..B..B...| 00002160 10 00 00 00 ec 00 00 00 68 f0 ff ff 05 00 00 00 |........h.......| 00002170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00002e10 30 11 40 00 00 00 00 00 00 11 40 00 00 00 00 00 |0.@.......@.....| 00002e20 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 00002e30 0c 00 00 00 00 00 00 00 00 10 40 00 00 00 00 00 |..........@.....| 00002e40 0d 00 00 00 00 00 00 00 d8 11 40 00 00 00 00 00 |..........@.....| 00002e50 19 00 00 00 00 00 00 00 10 3e 40 00 00 00 00 00 |.........>@.....| 00002e60 1b 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00002e70 1a 00 00 00 00 00 00 00 18 3e 40 00 00 00 00 00 |.........>@.....| 00002e80 1c 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00002e90 f5 fe ff 6f 00 00 00 00 a0 03 40 00 00 00 00 00 |...o......@.....| 00002ea0 05 00 00 00 00 00 00 00 20 04 40 00 00 00 00 00 |........ .@.....| 00002eb0 06 00 00 00 00 00 00 00 c0 03 40 00 00 00 00 00 |..........@.....| 00002ec0 0a 00 00 00 00 00 00 00 3d 00 00 00 00 00 00 00 |........=.......| 00002ed0 0b 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................| 00002ee0 15 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00002ef0 03 00 00 00 00 00 00 00 00 40 40 00 00 00 00 00 |.........@@.....| 00002f00 02 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................| 00002f10 14 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 |................| 00002f20 17 00 00 00 00 00 00 00 b8 04 40 00 00 00 00 00 |..........@.....| 00002f30 07 00 00 00 00 00 00 00 88 04 40 00 00 00 00 00 |..........@.....| 00002f40 08 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 |........0.......| 00002f50 09 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................| 00002f60 fe ff ff 6f 00 00 00 00 68 04 40 00 00 00 00 00 |...o....h.@.....| 00002f70 ff ff ff 6f 00 00 00 00 01 00 00 00 00 00 00 00 |...o............| 00002f80 f0 ff ff 6f 00 00 00 00 5e 04 40 00 00 00 00 00 |...o....^.@.....| 00002f90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00003000 20 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 | >@.............| 00003010 00 00 00 00 00 00 00 00 30 10 40 00 00 00 00 00 |........0.@.....| 00003020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003030 49 27 6d 20 53 74 61 74 69 63 20 44 61 74 61 00 |I'm Static Data.| 00003040 47 43 43 3a 20 28 55 62 75 6e 74 75 20 39 2e 33 |GCC: (Ubuntu 9.3| 00003050 2e 30 2d 31 37 75 62 75 6e 74 75 31 7e 32 30 2e |.0-17ubuntu1~20.| 00003060 30 34 29 20 39 2e 33 2e 30 00 00 00 00 00 00 00 |04) 9.3.0.......| 00003070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003080 00 00 00 00 00 00 00 00 00 00 00 00 03 00 01 00 |................| 00003090 18 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 000030a0 00 00 00 00 03 00 02 00 38 03 40 00 00 00 00 00 |........8.@.....| 000030b0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 03 00 |................| 000030c0 58 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |X.@.............| 000030d0 00 00 00 00 03 00 04 00 7c 03 40 00 00 00 00 00 |........|.@.....| 000030e0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 05 00 |................| 000030f0 a0 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 00003100 00 00 00 00 03 00 06 00 c0 03 40 00 00 00 00 00 |..........@.....| 00003110 00 00 00 00 00 00 00 00 00 00 00 00 03 00 07 00 |................| 00003120 20 04 40 00 00 00 00 00 00 00 00 00 00 00 00 00 | .@.............| 00003130 00 00 00 00 03 00 08 00 5e 04 40 00 00 00 00 00 |........^.@.....| 00003140 00 00 00 00 00 00 00 00 00 00 00 00 03 00 09 00 |................| 00003150 68 04 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |h.@.............| 00003160 00 00 00 00 03 00 0a 00 88 04 40 00 00 00 00 00 |..........@.....| 00003170 00 00 00 00 00 00 00 00 00 00 00 00 03 00 0b 00 |................| 00003180 b8 04 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 00003190 00 00 00 00 03 00 0c 00 00 10 40 00 00 00 00 00 |..........@.....| 000031a0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 0d 00 |................| 000031b0 20 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 | .@.............| 000031c0 00 00 00 00 03 00 0e 00 40 10 40 00 00 00 00 00 |........@.@.....| 000031d0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 0f 00 |................| 000031e0 50 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |P.@.............| 000031f0 00 00 00 00 03 00 10 00 d8 11 40 00 00 00 00 00 |..........@.....| 00003200 00 00 00 00 00 00 00 00 00 00 00 00 03 00 11 00 |................| 00003210 00 20 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |. @.............| 00003220 00 00 00 00 03 00 12 00 30 20 40 00 00 00 00 00 |........0 @.....| 00003230 00 00 00 00 00 00 00 00 00 00 00 00 03 00 13 00 |................| 00003240 78 20 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |x @.............| 00003250 00 00 00 00 03 00 14 00 10 3e 40 00 00 00 00 00 |.........>@.....| 00003260 00 00 00 00 00 00 00 00 00 00 00 00 03 00 15 00 |................| 00003270 18 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.>@.............| 00003280 00 00 00 00 03 00 16 00 20 3e 40 00 00 00 00 00 |........ >@.....| 00003290 00 00 00 00 00 00 00 00 00 00 00 00 03 00 17 00 |................| 000032a0 f0 3f 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.?@.............| 000032b0 00 00 00 00 03 00 18 00 00 40 40 00 00 00 00 00 |.........@@.....| 000032c0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 19 00 |................| 000032d0 20 40 40 00 00 00 00 00 00 00 00 00 00 00 00 00 | @@.............| 000032e0 00 00 00 00 03 00 1a 00 40 40 40 00 00 00 00 00 |........@@@.....| 000032f0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 1b 00 |................| 00003300 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003310 01 00 00 00 04 00 f1 ff 00 00 00 00 00 00 00 00 |................| 00003320 00 00 00 00 00 00 00 00 0c 00 00 00 02 00 0f 00 |................| 00003330 90 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 00003340 0e 00 00 00 02 00 0f 00 c0 10 40 00 00 00 00 00 |..........@.....| 00003350 00 00 00 00 00 00 00 00 21 00 00 00 02 00 0f 00 |........!.......| 00003360 00 11 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 00003370 37 00 00 00 01 00 1a 00 40 40 40 00 00 00 00 00 |7.......@@@.....| 00003380 01 00 00 00 00 00 00 00 46 00 00 00 01 00 15 00 |........F.......| 00003390 18 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.>@.............| 000033a0 6d 00 00 00 02 00 0f 00 30 11 40 00 00 00 00 00 |m.......0.@.....| 000033b0 00 00 00 00 00 00 00 00 79 00 00 00 01 00 14 00 |........y.......| 000033c0 10 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.>@.............| 000033d0 98 00 00 00 04 00 f1 ff 00 00 00 00 00 00 00 00 |................| 000033e0 00 00 00 00 00 00 00 00 a6 00 00 00 01 00 19 00 |................| 000033f0 30 40 40 00 00 00 00 00 10 00 00 00 00 00 00 00 |0@@.............| 00003400 a2 00 00 00 01 00 1a 00 60 40 40 00 00 00 00 00 |........`@@.....| 00003410 00 a0 00 00 00 00 00 00 b2 00 00 00 01 00 11 00 |................| 00003420 10 20 40 00 00 00 00 00 10 00 00 00 00 00 00 00 |. @.............| 00003430 01 00 00 00 04 00 f1 ff 00 00 00 00 00 00 00 00 |................| 00003440 00 00 00 00 00 00 00 00 bd 00 00 00 01 00 13 00 |................| 00003450 74 21 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |t!@.............| 00003460 00 00 00 00 04 00 f1 ff 00 00 00 00 00 00 00 00 |................| 00003470 00 00 00 00 00 00 00 00 cb 00 00 00 00 00 14 00 |................| 00003480 18 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.>@.............| 00003490 dc 00 00 00 01 00 16 00 20 3e 40 00 00 00 00 00 |........ >@.....| 000034a0 00 00 00 00 00 00 00 00 e5 00 00 00 00 00 14 00 |................| 000034b0 10 3e 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.>@.............| 000034c0 f8 00 00 00 00 00 12 00 30 20 40 00 00 00 00 00 |........0 @.....| 000034d0 00 00 00 00 00 00 00 00 0b 01 00 00 01 00 18 00 |................| 000034e0 00 40 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |.@@.............| 000034f0 21 01 00 00 12 00 0f 00 d0 11 40 00 00 00 00 00 |!.........@.....| 00003500 05 00 00 00 00 00 00 00 6b 01 00 00 20 00 19 00 |........k... ...| 00003510 20 40 40 00 00 00 00 00 00 00 00 00 00 00 00 00 | @@.............| 00003520 31 01 00 00 12 00 00 00 00 00 00 00 00 00 00 00 |1...............| 00003530 00 00 00 00 00 00 00 00 43 01 00 00 10 00 19 00 |........C.......| 00003540 40 40 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |@@@.............| 00003550 2b 01 00 00 12 02 10 00 d8 11 40 00 00 00 00 00 |+.........@.....| 00003560 00 00 00 00 00 00 00 00 4a 01 00 00 12 00 00 00 |........J.......| 00003570 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003580 69 01 00 00 10 00 19 00 20 40 40 00 00 00 00 00 |i....... @@.....| 00003590 00 00 00 00 00 00 00 00 76 01 00 00 20 00 00 00 |........v... ...| 000035a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000035b0 85 01 00 00 11 02 19 00 28 40 40 00 00 00 00 00 |........(@@.....| 000035c0 00 00 00 00 00 00 00 00 92 01 00 00 11 00 11 00 |................| 000035d0 00 20 40 00 00 00 00 00 04 00 00 00 00 00 00 00 |. @.............| 000035e0 a1 01 00 00 12 00 0f 00 60 11 40 00 00 00 00 00 |........`.@.....| 000035f0 65 00 00 00 00 00 00 00 d7 00 00 00 10 00 1a 00 |e...............| 00003600 60 e0 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |`.@.............| 00003610 b1 01 00 00 12 02 0f 00 80 10 40 00 00 00 00 00 |..........@.....| 00003620 05 00 00 00 00 00 00 00 6f 01 00 00 12 00 0f 00 |........o.......| 00003630 50 10 40 00 00 00 00 00 2f 00 00 00 00 00 00 00 |P.@...../.......| 00003640 c9 01 00 00 10 00 1a 00 40 40 40 00 00 00 00 00 |........@@@.....| 00003650 00 00 00 00 00 00 00 00 d5 01 00 00 12 00 0f 00 |................| 00003660 36 11 40 00 00 00 00 00 26 00 00 00 00 00 00 00 |6.@.....&.......| 00003670 da 01 00 00 11 02 19 00 40 40 40 00 00 00 00 00 |........@@@.....| 00003680 00 00 00 00 00 00 00 00 ab 01 00 00 12 02 0c 00 |................| 00003690 00 10 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............| 000036a0 00 63 72 74 73 74 75 66 66 2e 63 00 64 65 72 65 |.crtstuff.c.dere| 000036b0 67 69 73 74 65 72 5f 74 6d 5f 63 6c 6f 6e 65 73 |gister_tm_clones| 000036c0 00 5f 5f 64 6f 5f 67 6c 6f 62 61 6c 5f 64 74 6f |.__do_global_dto| 000036d0 72 73 5f 61 75 78 00 63 6f 6d 70 6c 65 74 65 64 |rs_aux.completed| 000036e0 2e 38 30 36 30 00 5f 5f 64 6f 5f 67 6c 6f 62 61 |.8060.__do_globa| 000036f0 6c 5f 64 74 6f 72 73 5f 61 75 78 5f 66 69 6e 69 |l_dtors_aux_fini| 00003700 5f 61 72 72 61 79 5f 65 6e 74 72 79 00 66 72 61 |_array_entry.fra| 00003710 6d 65 5f 64 75 6d 6d 79 00 5f 5f 66 72 61 6d 65 |me_dummy.__frame| 00003720 5f 64 75 6d 6d 79 5f 69 6e 69 74 5f 61 72 72 61 |_dummy_init_arra| 00003730 79 5f 65 6e 74 72 79 00 65 6c 66 64 65 6d 6f 2e |y_entry.elfdemo.| 00003740 63 00 72 61 77 5f 73 74 61 74 69 63 5f 64 61 74 |c.raw_static_dat| 00003750 61 00 63 6f 6e 73 74 5f 64 61 74 61 00 5f 5f 46 |a.const_data.__F| 00003760 52 41 4d 45 5f 45 4e 44 5f 5f 00 5f 5f 69 6e 69 |RAME_END__.__ini| 00003770 74 5f 61 72 72 61 79 5f 65 6e 64 00 5f 44 59 4e |t_array_end._DYN| 00003780 41 4d 49 43 00 5f 5f 69 6e 69 74 5f 61 72 72 61 |AMIC.__init_arra| 00003790 79 5f 73 74 61 72 74 00 5f 5f 47 4e 55 5f 45 48 |y_start.__GNU_EH| 000037a0 5f 46 52 41 4d 45 5f 48 44 52 00 5f 47 4c 4f 42 |_FRAME_HDR._GLOB| 000037b0 41 4c 5f 4f 46 46 53 45 54 5f 54 41 42 4c 45 5f |AL_OFFSET_TABLE_| 000037c0 00 5f 5f 6c 69 62 63 5f 63 73 75 5f 66 69 6e 69 |.__libc_csu_fini| 000037d0 00 70 75 74 73 40 40 47 4c 49 42 43 5f 32 2e 32 |.puts@@GLIBC_2.2| 000037e0 2e 35 00 5f 65 64 61 74 61 00 5f 5f 6c 69 62 63 |.5._edata.__libc| 000037f0 5f 73 74 61 72 74 5f 6d 61 69 6e 40 40 47 4c 49 |_start_main@@GLI| 00003800 42 43 5f 32 2e 32 2e 35 00 5f 5f 64 61 74 61 5f |BC_2.2.5.__data_| 00003810 73 74 61 72 74 00 5f 5f 67 6d 6f 6e 5f 73 74 61 |start.__gmon_sta| 00003820 72 74 5f 5f 00 5f 5f 64 73 6f 5f 68 61 6e 64 6c |rt__.__dso_handl| 00003830 65 00 5f 49 4f 5f 73 74 64 69 6e 5f 75 73 65 64 |e._IO_stdin_used| 00003840 00 5f 5f 6c 69 62 63 5f 63 73 75 5f 69 6e 69 74 |.__libc_csu_init| 00003850 00 5f 64 6c 5f 72 65 6c 6f 63 61 74 65 5f 73 74 |._dl_relocate_st| 00003860 61 74 69 63 5f 70 69 65 00 5f 5f 62 73 73 5f 73 |atic_pie.__bss_s| 00003870 74 61 72 74 00 6d 61 69 6e 00 5f 5f 54 4d 43 5f |tart.main.__TMC_| 00003880 45 4e 44 5f 5f 00 00 2e 73 79 6d 74 61 62 00 2e |END__...symtab..| 00003890 73 74 72 74 61 62 00 2e 73 68 73 74 72 74 61 62 |strtab..shstrtab| 000038a0 00 2e 69 6e 74 65 72 70 00 2e 6e 6f 74 65 2e 67 |..interp..note.g| 000038b0 6e 75 2e 70 72 6f 70 65 72 74 79 00 2e 6e 6f 74 |nu.property..not| 000038c0 65 2e 67 6e 75 2e 62 75 69 6c 64 2d 69 64 00 2e |e.gnu.build-id..| 000038d0 6e 6f 74 65 2e 41 42 49 2d 74 61 67 00 2e 67 6e |note.ABI-tag..gn| 000038e0 75 2e 68 61 73 68 00 2e 64 79 6e 73 79 6d 00 2e |u.hash..dynsym..| 000038f0 64 79 6e 73 74 72 00 2e 67 6e 75 2e 76 65 72 73 |dynstr..gnu.vers| 00003900 69 6f 6e 00 2e 67 6e 75 2e 76 65 72 73 69 6f 6e |ion..gnu.version| 00003910 5f 72 00 2e 72 65 6c 61 2e 64 79 6e 00 2e 72 65 |_r..rela.dyn..re| 00003920 6c 61 2e 70 6c 74 00 2e 69 6e 69 74 00 2e 70 6c |la.plt..init..pl| 00003930 74 2e 73 65 63 00 2e 74 65 78 74 00 2e 66 69 6e |t.sec..text..fin| 00003940 69 00 2e 72 6f 64 61 74 61 00 2e 65 68 5f 66 72 |i..rodata..eh_fr| 00003950 61 6d 65 5f 68 64 72 00 2e 65 68 5f 66 72 61 6d |ame_hdr..eh_fram| 00003960 65 00 2e 69 6e 69 74 5f 61 72 72 61 79 00 2e 66 |e..init_array..f| 00003970 69 6e 69 5f 61 72 72 61 79 00 2e 64 79 6e 61 6d |ini_array..dynam| 00003980 69 63 00 2e 67 6f 74 00 2e 67 6f 74 2e 70 6c 74 |ic..got..got.plt| 00003990 00 2e 64 61 74 61 00 2e 62 73 73 00 2e 63 6f 6d |..data..bss..com| 000039a0 6d 65 6e 74 00 00 00 00 /* ------------ 节区头 1~31,64 * 31 = 1984 字节, 0x39a8~0x4168(结束)------------ */ 00 00 00 00 00 00 00 00 |ment............| 000039b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000039e0 00 00 00 00 00 00 00 00 1b 00 00 00 01 00 00 00 |................| 000039f0 02 00 00 00 00 00 00 00 18 03 40 00 00 00 00 00 |..........@.....| 00003a00 18 03 00 00 00 00 00 00 1c 00 00 00 00 00 00 00 |................| 00003a10 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 00003a20 00 00 00 00 00 00 00 00 23 00 00 00 07 00 00 00 |........#.......| 00003a30 02 00 00 00 00 00 00 00 38 03 40 00 00 00 00 00 |........8.@.....| 00003a40 38 03 00 00 00 00 00 00 20 00 00 00 00 00 00 00 |8....... .......| 00003a50 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003a60 00 00 00 00 00 00 00 00 36 00 00 00 07 00 00 00 |........6.......| 00003a70 02 00 00 00 00 00 00 00 58 03 40 00 00 00 00 00 |........X.@.....| 00003a80 58 03 00 00 00 00 00 00 24 00 00 00 00 00 00 00 |X.......$.......| 00003a90 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................| 00003aa0 00 00 00 00 00 00 00 00 49 00 00 00 07 00 00 00 |........I.......| 00003ab0 02 00 00 00 00 00 00 00 7c 03 40 00 00 00 00 00 |........|.@.....| 00003ac0 7c 03 00 00 00 00 00 00 20 00 00 00 00 00 00 00 ||....... .......| 00003ad0 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................| 00003ae0 00 00 00 00 00 00 00 00 57 00 00 00 f6 ff ff 6f |........W......o| 00003af0 02 00 00 00 00 00 00 00 a0 03 40 00 00 00 00 00 |..........@.....| 00003b00 a0 03 00 00 00 00 00 00 1c 00 00 00 00 00 00 00 |................| 00003b10 06 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003b20 00 00 00 00 00 00 00 00 61 00 00 00 0b 00 00 00 |........a.......| 00003b30 02 00 00 00 00 00 00 00 c0 03 40 00 00 00 00 00 |..........@.....| 00003b40 c0 03 00 00 00 00 00 00 60 00 00 00 00 00 00 00 |........`.......| 00003b50 07 00 00 00 01 00 00 00 08 00 00 00 00 00 00 00 |................| 00003b60 18 00 00 00 00 00 00 00 69 00 00 00 03 00 00 00 |........i.......| 00003b70 02 00 00 00 00 00 00 00 20 04 40 00 00 00 00 00 |........ .@.....| 00003b80 20 04 00 00 00 00 00 00 3d 00 00 00 00 00 00 00 | .......=.......| 00003b90 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 00003ba0 00 00 00 00 00 00 00 00 71 00 00 00 ff ff ff 6f |........q......o| 00003bb0 02 00 00 00 00 00 00 00 5e 04 40 00 00 00 00 00 |........^.@.....| 00003bc0 5e 04 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |^...............| 00003bd0 06 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 |................| 00003be0 02 00 00 00 00 00 00 00 7e 00 00 00 fe ff ff 6f |........~......o| 00003bf0 02 00 00 00 00 00 00 00 68 04 40 00 00 00 00 00 |........h.@.....| 00003c00 68 04 00 00 00 00 00 00 20 00 00 00 00 00 00 00 |h....... .......| 00003c10 07 00 00 00 01 00 00 00 08 00 00 00 00 00 00 00 |................| 00003c20 00 00 00 00 00 00 00 00 8d 00 00 00 04 00 00 00 |................| 00003c30 02 00 00 00 00 00 00 00 88 04 40 00 00 00 00 00 |..........@.....| 00003c40 88 04 00 00 00 00 00 00 30 00 00 00 00 00 00 00 |........0.......| 00003c50 06 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003c60 18 00 00 00 00 00 00 00 97 00 00 00 04 00 00 00 |................| 00003c70 42 00 00 00 00 00 00 00 b8 04 40 00 00 00 00 00 |B.........@.....| 00003c80 b8 04 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................| 00003c90 06 00 00 00 18 00 00 00 08 00 00 00 00 00 00 00 |................| 00003ca0 18 00 00 00 00 00 00 00 a1 00 00 00 01 00 00 00 |................| 00003cb0 06 00 00 00 00 00 00 00 00 10 40 00 00 00 00 00 |..........@.....| 00003cc0 00 10 00 00 00 00 00 00 1b 00 00 00 00 00 00 00 |................| 00003cd0 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................| 00003ce0 00 00 00 00 00 00 00 00 9c 00 00 00 01 00 00 00 |................| 00003cf0 06 00 00 00 00 00 00 00 20 10 40 00 00 00 00 00 |........ .@.....| 00003d00 20 10 00 00 00 00 00 00 20 00 00 00 00 00 00 00 | ....... .......| 00003d10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00003d20 10 00 00 00 00 00 00 00 a7 00 00 00 01 00 00 00 |................| 00003d30 06 00 00 00 00 00 00 00 40 10 40 00 00 00 00 00 |........@.@.....| 00003d40 40 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |@...............| 00003d50 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00003d60 10 00 00 00 00 00 00 00 b0 00 00 00 01 00 00 00 |................| 00003d70 06 00 00 00 00 00 00 00 50 10 40 00 00 00 00 00 |........P.@.....| 00003d80 50 10 00 00 00 00 00 00 85 01 00 00 00 00 00 00 |P...............| 00003d90 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00003da0 00 00 00 00 00 00 00 00 b6 00 00 00 01 00 00 00 |................| 00003db0 06 00 00 00 00 00 00 00 d8 11 40 00 00 00 00 00 |..........@.....| 00003dc0 d8 11 00 00 00 00 00 00 0d 00 00 00 00 00 00 00 |................| 00003dd0 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................| 00003de0 00 00 00 00 00 00 00 00 bc 00 00 00 01 00 00 00 |................| 00003df0 02 00 00 00 00 00 00 00 00 20 40 00 00 00 00 00 |......... @.....| 00003e00 00 20 00 00 00 00 00 00 30 00 00 00 00 00 00 00 |. ......0.......| 00003e10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00003e20 00 00 00 00 00 00 00 00 c4 00 00 00 01 00 00 00 |................| 00003e30 02 00 00 00 00 00 00 00 30 20 40 00 00 00 00 00 |........0 @.....| 00003e40 30 20 00 00 00 00 00 00 44 00 00 00 00 00 00 00 |0 ......D.......| 00003e50 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |................| 00003e60 00 00 00 00 00 00 00 00 d2 00 00 00 01 00 00 00 |................| 00003e70 02 00 00 00 00 00 00 00 78 20 40 00 00 00 00 00 |........x @.....| 00003e80 78 20 00 00 00 00 00 00 00 01 00 00 00 00 00 00 |x ..............| 00003e90 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003ea0 00 00 00 00 00 00 00 00 dc 00 00 00 0e 00 00 00 |................| 00003eb0 03 00 00 00 00 00 00 00 10 3e 40 00 00 00 00 00 |.........>@.....| 00003ec0 10 2e 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003ed0 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003ee0 08 00 00 00 00 00 00 00 e8 00 00 00 0f 00 00 00 |................| 00003ef0 03 00 00 00 00 00 00 00 18 3e 40 00 00 00 00 00 |.........>@.....| 00003f00 18 2e 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003f10 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003f20 08 00 00 00 00 00 00 00 f4 00 00 00 06 00 00 00 |................| 00003f30 03 00 00 00 00 00 00 00 20 3e 40 00 00 00 00 00 |........ >@.....| 00003f40 20 2e 00 00 00 00 00 00 d0 01 00 00 00 00 00 00 | ...............| 00003f50 07 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003f60 10 00 00 00 00 00 00 00 fd 00 00 00 01 00 00 00 |................| 00003f70 03 00 00 00 00 00 00 00 f0 3f 40 00 00 00 00 00 |.........?@.....| 00003f80 f0 2f 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |./..............| 00003f90 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003fa0 08 00 00 00 00 00 00 00 02 01 00 00 01 00 00 00 |................| 00003fb0 03 00 00 00 00 00 00 00 00 40 40 00 00 00 00 00 |.........@@.....| 00003fc0 00 30 00 00 00 00 00 00 20 00 00 00 00 00 00 00 |.0...... .......| 00003fd0 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 |................| 00003fe0 08 00 00 00 00 00 00 00 0b 01 00 00 01 00 00 00 |................| 00003ff0 03 00 00 00 00 00 00 00 20 40 40 00 00 00 00 00 |........ @@.....| 00004000 20 30 00 00 00 00 00 00 20 00 00 00 00 00 00 00 | 0...... .......| 00004010 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00004020 00 00 00 00 00 00 00 00 11 01 00 00 08 00 00 00 |................| 00004030 03 00 00 00 00 00 00 00 40 40 40 00 00 00 00 00 |........@@@.....| 00004040 40 30 00 00 00 00 00 00 20 a0 00 00 00 00 00 00 |@0...... .......| 00004050 00 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 |........ .......| 00004060 00 00 00 00 00 00 00 00 16 01 00 00 01 00 00 00 |................| 00004070 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |0...............| 00004080 40 30 00 00 00 00 00 00 2a 00 00 00 00 00 00 00 |@0......*.......| 00004090 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 000040a0 01 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 |................| 000040b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000040c0 70 30 00 00 00 00 00 00 30 06 00 00 00 00 00 00 |p0......0.......| 000040d0 1d 00 00 00 30 00 00 00 08 00 00 00 00 00 00 00 |....0...........| 000040e0 18 00 00 00 00 00 00 00 09 00 00 00 03 00 00 00 |................| 000040f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00004100 a0 36 00 00 00 00 00 00 e6 01 00 00 00 00 00 00 |.6..............| 00004110 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| 00004120 00 00 00 00 00 00 00 00 11 00 00 00 03 00 00 00 |................| 00004130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00004140 86 38 00 00 00 00 00 00 1f 01 00 00 00 00 00 00 |.8..............| 00004150 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................| * 00004168
影响程序静态布局的因素
认识了可执行文件的整体结构,我们继续讨论影响静态布局(节区布局)的因素。上面的 31 个节区中,有几个节区与源程序的关系非常密切,下面就详细说说这几个节区。
.text 节区
该节区存储了源文件编译生成的机器指令。对开发者来说,这可能是最重要的一个节区,所有的程序逻辑都放在这里。
但开发者对该节区能做的控制却很少,能影响它的因素只有开发者写的程序逻辑,以及编译时使用的选项。比如,使用 -O1 优化选项编译程序可以生成尽量紧凑的 .text 节区,而用 -O2 优化选项会使编译器倾向于生成执行速度更快的指令组合,但有可能让 .text 节区的体积轻微地增大。
.rodata 节区
该节区存储了程序中的常量数据,比如示例程序中的常量数组:
复制代码
1
2static char static_data[16] = "I'm Static Data";
以及 printf 语句中的常量字符串 Message In Main,有 objdump 的结果为证:
复制代码
1
2
3
4
5
6
7
8
9
10liyongjun@Box20:~/project/c/study/tmp$ objdump -s elfdemo.out elfdemo.out: 文件格式 elf64-x86-64 ...... Contents of section .rodata: 402000 01000200 00000000 00000000 00000000 ................ 402010 49276d20 436f6e73 74204461 74610000 I'm Const Data.. 402020 4d657373 61676520 496e204d 61696e00 Message In Main. ......
通过 readelf -l elfdemo.out 可以看到,程序在运行时,.rodata 节区被加载到 04 段内,而该段的属性如 Flags 列所显示的,只有 R(读),而没有 W(写)权限,当程序试图修改该地址处的内容,会触发 Segment Violation 而令程序终止,由此实现对该节区内数据的保护。
但需要注意的是,只有静态和全局的 const 数据才能享受这样的待遇。在某函数内声明的局部只读变量,只能靠编译器的语义检查报告错误或警告,而不会通过设置存储区权限来防止修改。例如,某函数内的如下代码片段,会被编译器认为存在语法错误而编译失败:
复制代码
1
2
3const int const_value = 100; const_value = 200;
但是,并不能阻止使用下面代码修改已经使用 const 修饰过的变量值:
复制代码
1
2
3
4const int const_value = 100; int * ptr = (int *)&const_value; *ptr = 200;
因为在函数内部声明的 const_value,本质上还是一个函数内的局部变量,存储区在该函数的栈帧内,而程序对该内存区拥有修改的权限。
相应地,用同样方法试图修改全局或静态常量数据的值,如下所示:
复制代码
1
2
3char * pc = (char *)const_data; *pc = 'X';
编译器并不会报告任何错误,编译可以通过。但当程序运行到第二行代码时,就会因为 Segment Violation 而崩溃,原因在于程序对该位置的内存区没有修改权限。
.data 节区
全局已初始化变量、静态已初始化变量
该节区在运行时被加载到标号为 05 的段内,权限设置为 R(可读)和 W(可写)。
.bss 节区
该节区存储了所有未初始化或初始化为 0 的全局和静态变量。比如示例程序中的如下变量,就会被放入这个节区中
复制代码
1
2static char raw_static_data[40960];
仔细观察这个节区的信息,就会发现,虽然该节区的大小是 0xa020 字节,但它之后的 .comment 节区与该节区有相同的 offset 值,也就是说,.bss 节区在可执行文件中不占据任何空间,加载到内存区之后才会被分配内存。
再仔细观察程序头的信息,也可以进一步验证这个结果。在程序头信息中,.bss 在标号 05 的段中,而该段的 FileSiz 值为 0x230, MemSiz 值为 0xa250, 差值刚好是 .bss 节区的大小。
该节区设计的初衷就是为了节省目标文件的存储空间。变量未被初始化,或者虽然被初始化了,但值为 0,就没必要浪费空间,再在目标文件中存储大量的 0 值。
总结
.rodata: 全局 const 变量、字符串常量
.data:全局已初始化变量、静态已初始化变量
.bss: 未初始化 或 初始化为 0 的全局 和 静态 变量
参考
深入程序布局内部,增强应用控制能力
最后
以上就是无私心锁最近收集整理的关于程序的静态布局的全部内容,更多相关程序内容请搜索靠谱客的其他文章。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复