Home » Linux » where should the .bss section of ELF file take in memory?

where should the .bss section of ELF file take in memory?

Posted by: admin January 30, 2018 Leave a comment


It is known that .bss section was not stored in the disk, but the .bss section in memory should be initialized to zero. but where should it take in the memory? Is there any information displayed in the ELF header or the Is the .bss section likely to appear next to the data section, or something else??


To know where the bss segment will be in memory, it is sufficient to run readelf -S program, and check the Addr column on the .bss row.

In most cases, you will also see that the initialized data section (.data) comes immediately before. That is, you will see that Addr+Size of the .data section matches the starting address of the .bss section.

However, that is not always necessarily the case. These are historical conventions, and the ELF specification (to be read alongside the platform specific supplement, for instance Chapter 5 in the one covering 32-bit x86 machines) allows for much more sophisticated configurations, and not all of them are supported by Linux.

For instance, the section may not be called .bss at all. The only 2 properties that make a BSS section such are:

  1. The section is marked with SHT_NOBITS (that is, it takes space in memory but none on the storage) which shows up as NOBITS in readelf‘s output.
  2. It maps to a loadable (PT_LOAD), readable (PF_R), and writeable (PF_W) segment. Such a segment is also shorter on storage than it is in memory (p_filesz < p_memsz).

You can have multiple BSS sections: PowerPC executables may have .sbss and .sbss2 for uninitialized data variables.

Finally, the BSS section is not necessarily adjacent to the data section or the heap. If you check the Linux kernel (more in particular the load_elf_binary function) you can see that the BSS sections (or more precisely, the segment it maps to) may even be interleaved with code and initialized data. The Linux kernel manages to sort that out.


The BSS is between the data and the heap, as detailed in this marvelous article.

enter image description here

You can find out the size of each section using size:

cnicutar@lemon:~$ size try
   text    data     bss     dec     hex filename
   1108     496      16    1620     654 try