C 中 data 部分和 bss 部分的区别 [英] Difference between data section and the bss section in C
问题描述
通过readelf检查目标文件的反汇编时,看到data和bss段包含相同的偏移地址.数据部分将包含初始化的全局变量和静态变量.BSS 将包含未初始化的全局和静态变量.
When checking the disassembly of the object file through the readelf, I see the data and the bss segments contain the same offset address. The data section will contain the initialised global and static variables. BSS will contain un-initialised global and static variables.
1 #include<stdio.h>
2
3 static void display(int i, int* ptr);
4
5 int main(){
6 int x = 5;
7 int* xptr = &x;
8 printf("\n In main() program! \n");
9 printf("\n x address : 0x%x x value : %d \n",(unsigned int)&x,x);
10 printf("\n xptr points to : 0x%x xptr value : %d \n",(unsigned int)xptr,*xptr);
11 display(x,xptr);
12 return 0;
13 }
14
15 void display(int y,int* yptr){
16 char var[7] = "ABCDEF";
17 printf("\n In display() function \n");
18 printf("\n y value : %d y address : 0x%x \n",y,(unsigned int)&y);
19 printf("\n yptr points to : 0x%x yptr value : %d \n",(unsigned int)yptr,*yptr);
20 }
输出:
SSS:~$ size a.out
text data bss dec hex filename
1311 260 8 1579 62b a.out
在上面的程序中,我没有任何未初始化的数据,但是 BSS 已经占用了 8 个字节.为什么要占用8个字节?同样,当我反汇编目标文件时,
Here in the above program I don't have any un-initialised data but the BSS has occupied 8 bytes. Why does it occupy 8 bytes? Also when I disassemble the object file,
[ 3] .data PROGBITS 00000000 000110 000000 00 WA 0 0 4
[ 4] .bss NOBITS 00000000 000110 000000 00 WA 0 0 4
[ 5] .rodata PROGBITS 00000000 000110 0000cf 00 A 0 0 4
data、rodata 和 bss 具有相同的偏移地址.这是否意味着rodata、data和bss指的是同一个地址?数据段、rodata段和bss段的数据值是否在同一个地址,如果有,如何区分数据段、bss段和rodata段?
data, rodata and bss has the same offset address. Does it mean the rodata, data and bss refer to the same address? Do Data section, rodata section and the bss section contain the data values in the same address, if so how to distinguish the data section, bss section and rodata section?
推荐答案
.bss
部分保证在程序加载到内存时全为零.因此,任何未初始化或初始化为零的全局数据都放置在 .bss
部分中.例如:
The .bss
section is guaranteed to be all zeros when the program is loaded into memory. So any global data that is uninitialized, or initialized to zero is placed in the .bss
section. For example:
static int g_myGlobal = 0; // <--- in .bss section
关于这个的好处是,.bss
部分数据不必包含在磁盘上的 ELF 文件中(即文件中没有整个零区域对于 .bss
部分).取而代之的是,加载器从段头中知道要为 .bss
段分配多少空间,并在将控制权移交给您的程序之前将其清零.
The nice part about this is, the .bss
section data doesn't have to be included in the ELF file on disk (ie. there isn't a whole region of zeros in the file for the .bss
section). Instead, the loader knows from the section headers how much to allocate for the .bss
section, and simply zero it out before handing control over to your program.
注意 readelf
输出:
[ 3] .data PROGBITS 00000000 000110 000000 00 WA 0 0 4
[ 4] .bss NOBITS 00000000 000110 000000 00 WA 0 0 4
.data
被标记为 PROGBITS
.这意味着 ELF 文件中有位"程序数据,加载程序需要为您读取到内存中.另一方面,.bss
被标记为 NOBITS
,这意味着文件中没有任何内容需要作为加载的一部分读入内存.
.data
is marked as PROGBITS
. That means there are "bits" of program data in the ELF file that the loader needs to read out into memory for you. .bss
on the other hand is marked NOBITS
, meaning there's nothing in the file that needs to be read into memory as part of the load.
示例:
// bss.c
static int g_myGlobal = 0;
int main(int argc, char** argv)
{
return 0;
}
用$ gcc -m32 -Xlinker -Map=bss.map -o bss bss.c
使用 $ readelf -S bss
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
:
[13] .text PROGBITS 080482d0 0002d0 000174 00 AX 0 0 16
:
[24] .data PROGBITS 0804964c 00064c 000004 00 WA 0 0 4
[25] .bss NOBITS 08049650 000650 000008 00 WA 0 0 4
:
现在我们在符号表中查找我们的变量:$ readelf -s bss |grep g_myGlobal
Now we look for our variable in the symbol table: $ readelf -s bss | grep g_myGlobal
37: 08049654 4 OBJECT LOCAL DEFAULT 25 g_myGlobal
请注意,g_myGlobal
显示为第 25 部分的一部分.如果我们回顾一下部分标题,我们会看到 25 是 .bss
.
Note that g_myGlobal
is shown to be a part of section 25. If we look back in the section headers, we see that 25 is .bss
.
回答你真正的问题:
在上面的程序中,我没有任何未初始化的数据,但 BSS 已经占用了 8 个字节.为什么要占用8个字节?
Here in the above program I dont have any un-intialised data but the BSS has occupied 8 bytes. Why does it occupy 8 bytes ?
继续我的例子,我们在第 25 节中查找任何符号:
Continuing with my example, we look for any symbol in section 25:
$ readelf -s bss | grep 25
9: 0804825c 0 SECTION LOCAL DEFAULT 9
25: 08049650 0 SECTION LOCAL DEFAULT 25
32: 08049650 1 OBJECT LOCAL DEFAULT 25 completed.5745
37: 08049654 4 OBJECT LOCAL DEFAULT 25 g_myGlobal
第三列是尺寸.我们看到了预期的 4 字节 g_myGlobal
,以及这个 1 字节的 completed.5745
.这可能是 C 运行时初始化中某处的函数静态变量 - 请记住,在调用 main()
之前会发生很多事情".
The third column is the size. We see our expected 4-byte g_myGlobal
, and this 1-byte completed.5745
. This is probably a function-static variable from somewhere in the C runtime initialization - remember, a lot of "stuff" happens before main()
is ever called.
4+1=5 个字节.但是,如果我们回头看看 .bss
部分标题,我们会看到最后一列 Al
是 4.那是部分对齐方式,这意味着该部分在加载时会始终是 4 个字节的倍数.从 5 开始的下一个倍数是 8,这就是 .bss
部分是 8 个字节的原因.
4+1=5 bytes. However, if we look back at the .bss
section header, we see the last column Al
is 4. That is the section alignment, meaning this section, when loaded, will always be a multiple of 4 bytes. The next multiple up from 5 is 8, and that's why the .bss
section is 8 bytes.
另外我们可以查看链接器生成的映射文件,看看哪些目标文件放置在最终输出中的位置.
Additionally We can look at the map file generated by the linker to see what object files got placed where in the final output.
.bss 0x0000000008049650 0x8
*(.dynbss)
.dynbss 0x0000000000000000 0x0 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/../../../../lib/crt1.o
*(.bss .bss.* .gnu.linkonce.b.*)
.bss 0x0000000008049650 0x0 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/../../../../lib/crt1.o
.bss 0x0000000008049650 0x0 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/../../../../lib/crti.o
.bss 0x0000000008049650 0x1 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/32/crtbegin.o
.bss 0x0000000008049654 0x4 /tmp/ccKF6q1g.o
.bss 0x0000000008049658 0x0 /usr/lib/libc_nonshared.a(elf-init.oS)
.bss 0x0000000008049658 0x0 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/32/crtend.o
.bss 0x0000000008049658 0x0 /usr/lib/gcc/x86_64-redhat-linux/4.7.2/../../../../lib/crtn.o
同样,第三列是大小.
我们看到 .bss
的 4 个字节来自 /tmp/ccKF6q1g.o
.在这个简单的例子中,我们知道这是编译我们的 bss.c 文件的临时目标文件.另一个 1 字节来自 crtbegin.o
,它是 C 运行时的一部分.
We see 4 bytes of .bss
came from /tmp/ccKF6q1g.o
. In this trivial example, we know that is the temporary object file from the compilation of our bss.c file. The other 1 byte came from crtbegin.o
, which is part of the C runtime.
最后,既然我们知道这个1字节的神秘bss变量来自crtbegin.o
,并且它的名字是completed.xxxx
,那么它的真实名字是completed
并且它可能是某个函数内部的静态.查看 crtstuff.c
我们找到了罪魁祸首:__do_global_dtors_aux()
中的一个 static _Bool completed
.
Finally, since we know that this 1 byte mystery bss variable is from crtbegin.o
, and it's named completed.xxxx
, it's real name is completed
and it's probably a static inside some function. Looking at crtstuff.c
we find the culprit: a static _Bool completed
inside of __do_global_dtors_aux()
.
这篇关于C 中 data 部分和 bss 部分的区别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!