It is known that .bss section was not stored in the disk, but the .bss section in memory should be initialized to zero. but where should it take in the memory? Is there any information displayed in the ELF header or the Is the .bss section likely to appear next to the data section, or something else??
To know where the bss segment will be in memory, it is sufficient to run
readelf -S program, and check the Addr column on the
In most cases, you will also see that the initialized data section (
.data) comes immediately before. That is, you will see that Addr+Size of the
.data section matches the starting address of the
However, that is not always necessarily the case. These are historical conventions, and the ELF specification (to be read alongside the platform specific supplement, for instance Chapter 5 in the one covering 32-bit x86 machines) allows for much more sophisticated configurations, and not all of them are supported by Linux.
For instance, the section may not be called
.bss at all. The only 2 properties that make a BSS section such are:
- The section is marked with
SHT_NOBITS(that is, it takes space in memory but none on the storage) which shows up as
- It maps to a loadable (
PT_LOAD), readable (
PF_R), and writeable (
PF_W) segment. Such a segment is also shorter on storage than it is in memory (
You can have multiple BSS sections: PowerPC executables may have
.sbss2 for uninitialized data variables.
Finally, the BSS section is not necessarily adjacent to the data section or the heap. If you check the Linux kernel (more in particular the
load_elf_binary function) you can see that the BSS sections (or more precisely, the segment it maps to) may even be interleaved with code and initialized data. The Linux kernel manages to sort that out.
The BSS is between the data and the heap, as detailed in this marvelous article.
You can find out the size of each section using
cnicutar@lemon:~$ size try text data bss dec hex filename 1108 496 16 1620 654 try