Home/ Questions/Q 8884989
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T21:11:57+00:00

readelf -l /bin/bash gives me this: Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz

  • 0

readelf -l /bin/bash gives me this:

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000400040 0x0000000000400040
                 0x00000000000001f8 0x00000000000001f8  R E    8
  INTERP         0x0000000000000238 0x0000000000400238 0x0000000000400238
                 0x000000000000001a 0x000000000000001a  R      1
      [Requesting program interpreter: /lib/ld-linux-x86-64.so.2]
  LOAD           0x0000000000000000 0x0000000000400000 0x0000000000400000
                 0x00000000000aeef4 0x00000000000aeef4  R E    200000
  LOAD           0x00000000000afde0 0x00000000006afde0 0x00000000006afde0
                 0x0000000000003cec 0x000000000000d3c8  RW     200000
  DYNAMIC        0x00000000000afdf8 0x00000000006afdf8 0x00000000006afdf8
                 0x0000000000000200 0x0000000000000200  RW     8
  NOTE           0x0000000000000254 0x0000000000400254 0x0000000000400254
                 0x0000000000000044 0x0000000000000044  R      4
  GNU_EH_FRAME   0x000000000009dbc0 0x000000000049dbc0 0x000000000049dbc0
                 0x0000000000002bb4 0x0000000000002bb4  R      4
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000000 0x0000000000000000  RW     8
  GNU_RELRO      0x00000000000afde0 0x00000000006afde0 0x00000000006afde0
                 0x0000000000000220 0x0000000000000220  R      1

Why is MemSiz not equal to FileSiz for some LOAD segments? What should be done with the memory region included by MemSiz but not FileSiz?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The loadable segment in question appears to be the program’s data segment.

    The data segment in an program contains space for both initialized and
    uninitialized program variables. Values for initialized variables are
    stored in the program’s executable. Uninitialized program variables do not
    need to stored anywhere; instead space is reserved for them in a
    special zero-sized section named “.bss”.

    The file size of an executable’s data segment can thus be less than
    its in-memory size.

    To illustrate:

    /*
 * Space for the intialized variable 'x' would be reserved the
 * executable's ".data" section, along with its initial value.
 */
int x = 42;

/*
 * Space for the uninitialized variable 'y' would be reserved in
 * the ".bss" section; no file space would be allocated in the
 * executable.
 */
int y;

    On unix-like systems, the portion of the data segment mapped to the
    “.bss” section would be zero-filled at program load time.

    • 0