UNPKG

26.7 kBMarkdownView Raw
1readelf
2===
3
4用于显示elf格式文件的信息
5
6## 补充说明
7
8**readelf命令** 用来显示一个或者多个elf格式的目标文件的信息,可以通过它的选项来控制显示哪些信息。这里的elf-file(s)就表示那些被检查的文件。可以支持32位,64位的elf格式文件,也支持包含elf文件的文档(这里一般指的是使用ar命令将一些elf文件打包之后生成的例如lib*.a之类的“静态库”文件)。 
9
10这个程序和objdump提供的功能类似,但是它显示的信息更为具体,并且它不依赖BFD库(BFD库是一个GNU项目,它的目标就是希望通过一种统一的接口来处理不同的目标文件),所以即使BFD库有什么bug存在的话也不会影响到readelf程序。 
11
12运行readelf的时候,除了-v和-H之外,其它的选项必须有一个被指定。 
13
14### ELF文件类型
15
16 **种类型的ELF文件:**
17
181. 可重定位文件:用户和其他目标文件一起创建可执行文件或者共享目标文件,例如lib*.a文件。 
192. 可执行文件:用于生成进程映像,载入内存执行,例如编译好的可执行文件a.out。 
203. 共享目标文件:用于和其他共享目标文件或者可重定位文件一起生成elf目标文件或者和执行文件一起创建进程映像,例如lib*.so文件。 
21
22 **ELF文件作用:**
23
24ELF文件参与程序的连接(建立一个程序)和程序的执行(运行一个程序),所以可以从不同的角度来看待elf格式的文件: 
25
261. 如果用于编译和链接(可重定位文件),则编译器和链接器将把elf文件看作是节头表描述的节的集合,程序头表可选。 
272. 如果用于加载执行(可执行文件),则加载器则将把elf文件看作是程序头表描述的段的集合,一个段可能包含多个节,节头表可选。 
283. 如果是共享文件,则两者都含有。 
29
30 **ELF文件总体组成:**  
31
32elf文件头描述elf文件的总体信息。包括:系统相关,类型相关,加载相关,链接相关。 
33
34* 系统相关表示:elf文件标识的魔术数,以及硬件和平台等相关信息,增加了elf文件的移植性,使交叉编译成为可能。 
35* 类型相关就是前面说的那个类型。 
36* 加载相关:包括程序头表相关信息。 
37* 链接相关:节头表相关信息。 
38
39### 选项
40
41```shell
42-a
43--all 显示全部信息,等价于 -h -l -S -s -r -d -V -A -I.
44
45-h
46--file-header 显示elf文件开始的文件头信息.
47
48-l
49--program-headers
50--segments 显示程序头(段头)信息(如果有的话)。
51
52-S
53--section-headers
54--sections 显示节头信息(如果有的话)。
55
56-g
57--section-groups 显示节组信息(如果有的话)。
58
59-t
60--section-details 显示节的详细信息(-S的)。
61
62-s
63--syms
64--symbols 显示符号表段中的项(如果有的话)。
65
66-e
67--headers 显示全部头信息,等价于: -h -l -S
68
69-n
70--notes 显示note段(内核注释)的信息。
71
72-r
73--relocs 显示可重定位段的信息。
74
75-u
76--unwind 显示unwind段信息。当前只支持IA64 ELF的unwind段信息。
77
78-d
79--dynamic 显示动态段的信息。
80
81-V
82--version-info 显示版本段的信息。
83
84-A
85--arch-specific 显示CPU构架信息。
86
87-D
88--use-dynamic 使用动态段中的符号表显示符号,而不是使用符号段。
89
90-x <number or name>
91--hex-dump=<number or name> 以16进制方式显示指定段内内容。number指定段表中段的索引,或字符串指定文件中的段名。
92
93-w[liaprmfFsoR] or
94--debug-dump[=line,=info,=abbrev,=pubnames,=aranges,=macro,=frames,=frames-interp,=str,=loc,=Ranges] 显示调试段中指定的内容。
95
96-I
97--histogram 显示符号的时候,显示bucket list长度的柱状图。
98
99-v
100--version 显示readelf的版本信息。
101
102-H
103--help 显示readelf所支持的命令行选项。
104
105-W
106--wide 宽行输出。
107
108@file 可以将选项集中到一个文件中,然后使用这个@file选项载入。
109```
110
111### 实例
112
113先给出如下例子:
114
115 **1.对于可执行文件形式的elf格式文件:**
116
1171)查看可执行程序的源代码如下: 
118
119```shell
120root@localhost [test]$ cat main.cpp
121#include <iostream>
122using std::cout;
123using std::endl;
124void my_print();
125
126int main(int argc, char *argv[])
127{
128 my_print();
129 cout<<"hello!"<<endl;
130 return 0;
131}
132
133void my_print()
134{
135 cout<<"print!"<<endl;
136}
137```
138
1392)编译如下: 
140
141```shell
142[root@localhost test]$ g++ main.cpp -o main
143[root@localhost test]$ g++ -g main.cpp -o main.debug
144```
145
1463)编译之后,查看生成的文件: 
147
148```shell
149[root@localhost test]$ ls -l
150总计 64
151-rwxr-xr-x 1 quietheart quietheart 6700 07-07 18:04 main
152-rw-r--r-- 1 quietheart quietheart 201 07-07 18:02 main.cpp
153-rwxr-xr-x 1 quietheart quietheart 38932 07-07 18:04 main.debug
154```
155
156这里,main.debug是带有调试信息的可执行文件,main是一般的可执行文件。 
157
158 **2.对于库文件形式的elf格式文件:**
159
1601)查看库的源代码如下: 
161
162```shell
163//myfile.h
164#ifndef __MYFILE_H
165#define __MYFILE_H
166void printInfo();
167#endif
168
169//myfile.cpp
170#include "myfile.h"
171#include <iostream>
172using std::cout;
173using std::endl;
174void printInfo()
175{
176 cout<<"hello"<<endl;
177}
178```
179
1802)编译如下: 
181
182```shell
183[root@localhost test]$ g++ -c myfile.cpp
184[root@localhost test]$ g++ -shared -fPCI -o libmy.so myfile.o
185[root@localhost test]$ ar -r libmy.a myfile.o
186ar: creating libmy.a
187```
188
1893)编译之后,查看生成的文件: 
190
191[root@localhost test]$ ls -l 
192
193总计 44 
194
195```shell
196-rw-r--r-- 1 quietheart quietheart 2154 07-08 16:14 libmy.a
197-rwxr-xr-x 1 quietheart quietheart 5707 07-08 16:08 libmy.so
198-rwxr-xr-x 1 quietheart quietheart 117 07-08 16:06 myfile.cpp
199-rwxr-xr-x 1 quietheart quietheart 63 07-08 16:08 myfile.h
200-rw-r--r-- 1 quietheart quietheart 2004 07-08 16:08 myfile.o
201libmy.a libmy.so myfile.cpp myfile.h myfile.o
202```
203
204这里,分别生成目标文件myfile.o,共享库文件libmy.so,和静态库文件libmy.a。 
205
206基于以上可执行文件和库,这里给出一些常用的命令。 
207
208 **读取可执行文件形式的elf文件头信息:**
209
210```shell
211[root@localhost test]$ readelf -h main
212ELF Header:
213 Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
214 Class: ELF32
215 Data: 2's complement, little endian
216 Version: 1 (current)
217 OS/ABI: UNIX - System V
218 ABI Version: 0
219 type: exec (Executable file)
220 Machine: Intel 80386
221 Version: 0x1
222 Entry point address: 0x8048580
223 Start of program headers: 52 (bytes into file)
224 Start of section headers: 3232 (bytes into file)
225 Flags: 0x0
226 Size of this header: 52 (bytes)
227 Size of program headers: 32 (bytes)
228 Number of program headers: 8
229 Size of section headers: 40 (bytes)
230 Number of section headers: 29
231 Section header string table index: 26
232```
233
234这里,可见可执行文件的elf文件,其类型为EXEC(可执行文件)。另外,含调试信息的"main.debug"和不含调试信息的"main"除了一些大小信息之外,其内容是一样的。并且由此可见文件的体系结构为Intel 80386。 
235
236 **读取目标文件形式的elf文件头信息:**
237
238```shell
239[root@localhost test]$ readelf -h myfile.o
240ELF Header:
241 Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
242 Class: ELF32
243 Data: 2's complement, little endian
244 Version: 1 (current)
245 OS/ABI: UNIX - System V
246 ABI Version: 0
247 Type: REL (Relocatable file)
248 Machine: Intel 80386
249 Version: 0x1
250 Entry point address: 0x0
251 Start of program headers: 0 (bytes into file)
252 Start of section headers: 516 (bytes into file)
253 Flags: 0x0
254 Size of this header: 52 (bytes)
255 Size of program headers: 0 (bytes)
256 Number of program headers: 0
257 Size of section headers: 40 (bytes)
258 Number of section headers: 15
259 Section header string table index: 12
260```
261
262这里,可见目标文件的elf文件,其类型为REL(可重定位文件)。 
263
264 **读取静态库文件形式的elf文件头信息:**
265
266```shell
267[root@localhost test]$ readelf -h libmy.a
268File: libmy.a(myfile.o)
269ELF Header:
270 Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
271 Class: ELF32
272 Data: 2's complement, little endian
273 Version: 1 (current)
274 OS/ABI: UNIX - System V
275 ABI Version: 0
276 Type: REL (Relocatable file)
277 Machine: Intel 80386
278 Version: 0x1
279 Entry point address: 0x0
280 Start of program headers: 0 (bytes into file)
281 Start of section headers: 516 (bytes into file)
282 Flags: 0x0
283 Size of this header: 52 (bytes)
284 Size of program headers: 0 (bytes)
285 Number of program headers: 0
286 Size of section headers: 40 (bytes)
287 Number of section headers: 15
288 Section header string table index: 12
289```
290
291这里,可见静态库文件的elf文件,其类型为REL(可重定位文件)。 
292
293 **读取动态库文件形式的elf文件头信息:**
294
295```shell
296[root@localhost test]$ readelf -h libmy.so
297ELF Header:
298 Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
299 Class: ELF32
300 Data: 2's complement, little endian
301 Version: 1 (current)
302 OS/ABI: UNIX - System V
303 ABI Version: 0
304 Type: DYN (Shared object file)
305 Machine: Intel 80386
306 Version: 0x1
307 Entry point address: 0x550
308 Start of program headers: 52 (bytes into file)
309 Start of section headers: 2768 (bytes into file)
310 Flags: 0x0
311 Size of this header: 52 (bytes)
312 Size of program headers: 32 (bytes)
313 Number of program headers: 5
314 Size of section headers: 40 (bytes)
315 Number of section headers: 27
316 Section header string table index: 24
317```
318
319这里,可见动态库文件的elf文件,其类型为DYN(共享目标文件)。 
320
321 **查看可执行的elf文件程序头表信息:**
322
323```shell
324[root@localhost test]$ readelf -l main
325Elf file type is EXEC (Executable file)
326Entry point 0x8048580
327There are 8 program headers, starting at offset 52
328
329Program Headers:
330 Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
331 PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4
332 INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1
333 Requesting program interpreter: /lib/[ld-linux.so.2]
334 LOAD 0x000000 0x08048000 0x08048000 0x00970 0x00970 R E 0x1000
335 LOAD 0x000970 0x08049970 0x08049970 0x00130 0x001c8 RW 0x1000
336 DYNAMIC 0x000988 0x08049988 0x08049988 0x000e0 0x000e0 RW 0x4
337 NOTE 0x000148 0x08048148 0x08048148 0x00020 0x00020 R 0x4
338 GNU_EH_FRAME 0x000820 0x08048820 0x08048820 0x00044 0x00044 R 0x4
339 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
340
341Section to Segment mapping:
342 Segment Sections...
343 00
344 01 .interp
345 02 .interp .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
346 03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss
347 04 .dynamic
348 05 .note.ABI-tag
349 06 .eh_frame_hdr
350 07
351```
352
353这里,含调试信息的"main.debug"和不含调试信息的"main"其内容是一样的。 
354
355 **查看目标文件的elf文件程序头表信息: **
356
357```shell
358[root@localhost test]$ readelf -l myfile.o
359There are no program headers in this file.
360```
361
362这里可知,可重定位的目标文件,它没程序头表。 
363
364 **查看静态库文件的elf文件程序头表信息:**
365
366```shell
367[root@localhost test]$ readelf -l libmy.a
368File: libmy.a(myfile.o)
369There are no program headers in this file.
370```
371
372这里可知,可重定位的静态库文件,它没程序头表。 
373
374 **查看动态库文件的elf文件程序头表信息:**
375
376```shell
377[root@localhost test]$ readelf -l libmy.so
378Elf file type is DYN (Shared object file)
379Entry point 0x550
380There are 5 program headers, starting at offset 52
381
382Program Headers:
383 Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
384 LOAD 0x000000 0x00000000 0x00000000 0x007f4 0x007f4 R E 0x1000
385 LOAD 0x0007f4 0x000017f4 0x000017f4 0x0011c 0x00128 RW 0x1000
386 DYNAMIC 0x000810 0x00001810 0x00001810 0x000e0 0x000e0 RW 0x4
387 GNU_EH_FRAME 0x000738 0x00000738 0x00000738 0x0002c 0x0002c R 0x4
388 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
389
390Section to Segment mapping:
391 Segment Sections...
392 00 .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
393 01 .ctors .dtors .jcr .data.rel.ro .dynamic .got .got.plt .bss
394 02 .dynamic
395 03 .eh_frame_hdr
396 04
397```
398
399这里可知,做为共享目标文件的动态库,它程序头表。 
400
401 **查看一个可执行的elf文件的节信息:**
402
403```shell
404[root@localhost test]$ readelf -S main
405There are 29 section headers, starting at offset 0xca0:
406Section Headers:
407 [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
408 [ 0] NULL 00000000 000000 000000 00 0 0 0
409 [ 1] .interp PROGBITS 08048134 000134 000013 00 A 0 0 1
410 [ 2] .note.ABI-tag NOTE 08048148 000148 000020 00 A 0 0 4
411 [ 3] .gnu.hash GNU_HASH 08048168 000168 000030 04 A 4 0 4
412 [ 4] .dynsym DYNSYM 08048198 000198 0000d0 10 A 5 1 4
413 [ 5] .dynstr STRTAB 08048268 000268 000183 00 A 0 0 1
414 [ 6] .gnu.version VERSYM 080483ec 0003ec 00001a 02 A 4 0 2
415 [ 7] .gnu.version_r VERNEED 08048408 000408 000060 00 A 5 2 4
416 [ 8] .rel.dyn REL 08048468 000468 000010 08 A 4 0 4
417 [ 9] .rel.plt REL 08048478 000478 000048 08 A 4 11 4
418 [10] .init PROGBITS 080484c0 0004c0 000017 00 AX 0 0 4
419 [11] .plt PROGBITS 080484d8 0004d8 0000a0 04 AX 0 0 4
420 [12] .text PROGBITS 08048580 000580 000268 00 AX 0 0 16
421 [13] .fini PROGBITS 080487e8 0007e8 00001c 00 AX 0 0 4
422 [14] .rodata PROGBITS 08048804 000804 00001a 00 A 0 0 4
423 [15] .eh_frame_hdr PROGBITS 08048820 000820 000044 00 A 0 0 4
424 [16] .eh_frame PROGBITS 08048864 000864 00010c 00 A 0 0 4
425 [17] .ctors PROGBITS 08049970 000970 00000c 00 WA 0 0 4
426 [18] .dtors PROGBITS 0804997c 00097c 000008 00 WA 0 0 4
427 [19] .jcr PROGBITS 08049984 000984 000004 00 WA 0 0 4
428 [20] .dynamic DYNAMIC 08049988 000988 0000e0 08 WA 5 0 4
429 [21] .got PROGBITS 08049a68 000a68 000004 04 WA 0 0 4
430 [22] .got.plt PROGBITS 08049a6c 000a6c 000030 04 WA 0 0 4
431 [23] .data PROGBITS 08049a9c 000a9c 000004 00 WA 0 0 4
432 [24] .bss NOBITS 08049aa0 000aa0 000098 00 WA 0 0 8
433 [25] .comment PROGBITS 00000000 000aa0 000114 00 0 0 1
434 [26] .shstrtab STRTAB 00000000 000bb4 0000e9 00 0 0 1
435 [27] .symtab SYMTAB 00000000 001128 000510 10 28 53 4
436 [28] .strtab STRTAB 00000000 001638 0003f4 00 0 0 1
437Key to Flags:
438 W (write), A (alloc), X (execute), M (merge), S (strings)
439 I (info), L (link order), G (group), x (unknown)
440 O (extra OS processing required) o (OS specific), p (processor specific)
441```
442
443这里,main是可执行文件,不含调试信息。 
444
445 **查看一个包含调试信息的可执行的elf文件的节信息:**
446
447```shell
448[root@localhost test]$ readelf -S main.debug
449There are 37 section headers, starting at offset 0x88c8:
450
451Section Headers:
452 [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
453 [ 0] NULL 00000000 000000 000000 00 0 0 0
454 [ 1] .interp PROGBITS 08048134 000134 000013 00 A 0 0 1
455 [ 2] .note.ABI-tag NOTE 08048148 000148 000020 00 A 0 0 4
456 [ 3] .gnu.hash GNU_HASH 08048168 000168 000030 04 A 4 0 4
457 [ 4] .dynsym DYNSYM 08048198 000198 0000d0 10 A 5 1 4
458 [ 5] .dynstr STRTAB 08048268 000268 000183 00 A 0 0 1
459 [ 6] .gnu.version VERSYM 080483ec 0003ec 00001a 02 A 4 0 2
460 [ 7] .gnu.version_r VERNEED 08048408 000408 000060 00 A 5 2 4
461 [ 8] .rel.dyn REL 08048468 000468 000010 08 A 4 0 4
462 [ 9] .rel.plt REL 08048478 000478 000048 08 A 4 11 4
463 [10] .init PROGBITS 080484c0 0004c0 000017 00 AX 0 0 4
464 [11] .plt PROGBITS 080484d8 0004d8 0000a0 04 AX 0 0 4
465 [12] .text PROGBITS 08048580 000580 000268 00 AX 0 0 16
466 [13] .fini PROGBITS 080487e8 0007e8 00001c 00 AX 0 0 4
467 [14] .rodata PROGBITS 08048804 000804 00001a 00 A 0 0 4
468 [15] .eh_frame_hdr PROGBITS 08048820 000820 000044 00 A 0 0 4
469 [16] .eh_frame PROGBITS 08048864 000864 00010c 00 A 0 0 4
470 [17] .ctors PROGBITS 08049970 000970 00000c 00 WA 0 0 4
471 [18] .dtors PROGBITS 0804997c 00097c 000008 00 WA 0 0 4
472 [19] .jcr PROGBITS 08049984 000984 000004 00 WA 0 0 4
473 [20] .dynamic DYNAMIC 08049988 000988 0000e0 08 WA 5 0 4
474 [21] .got PROGBITS 08049a68 000a68 000004 04 WA 0 0 4
475 [22] .got.plt PROGBITS 08049a6c 000a6c 000030 04 WA 0 0 4
476 [23] .data PROGBITS 08049a9c 000a9c 000004 00 WA 0 0 4
477 [24] .bss NOBITS 08049aa0 000aa0 000098 00 WA 0 0 8
478 [25] .comment PROGBITS 00000000 000aa0 000114 00 0 0 1
479 [26] .debug_aranges PROGBITS 00000000 000bb4 000020 00 0 0 1
480 [27] .debug_pubnames PROGBITS 00000000 000bd4 000028 00 0 0 1
481 [28] .debug_info PROGBITS 00000000 000bfc 0067aa 00 0 0 1
482 [29] .debug_abbrev PROGBITS 00000000 0073a6 000726 00 0 0 1
483 [30] .debug_line PROGBITS 00000000 007acc 0003e1 00 0 0 1
484 [31] .debug_frame PROGBITS 00000000 007eb0 00009c 00 0 0 4
485 [32] .debug_str PROGBITS 00000000 007f4c 000735 00 0 0 1
486 [33] .debug_loc PROGBITS 00000000 008681 0000f3 00 0 0 1
487 [34] .shstrtab STRTAB 00000000 008774 000151 00 0 0 1
488 [35] .symtab SYMTAB 00000000 008e90 000590 10 36 61 4
489 [36] .strtab STRTAB 00000000 009420 0003f4 00 0 0 1
490Key to Flags:
491 W (write), A (alloc), X (execute), M (merge), S (strings)
492 I (info), L (link order), G (group), x (unknown)
493 O (extra OS processing required) o (OS specific), p (processor specific)
494```
495
496可见,相对非调试版本的可执行文件,多了".debug*"段的信息。 
497
498 **查看一个目标文件的elf文件的节信息:**
499
500```shell
501[root@localhost test]$ readelf -S myfile.o
502There are 15 section headers, starting at offset 0x204:
503
504Section Headers:
505 [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
506 [ 0] NULL 00000000 000000 000000 00 0 0 0
507 [ 1] .text PROGBITS 00000000 000034 00009e 00 AX 0 0 4
508 [ 2] .rel.text REL 00000000 000744 000060 08 13 1 4
509 [ 3] .data PROGBITS 00000000 0000d4 000000 00 WA 0 0 4
510 [ 4] .bss NOBITS 00000000 0000d4 000001 00 WA 0 0 4
511 [ 5] .ctors PROGBITS 00000000 0000d4 000004 00 WA 0 0 4
512 [ 6] .rel.ctors REL 00000000 0007a4 000008 08 13 5 4
513 [ 7] .rodata PROGBITS 00000000 0000d8 000006 00 A 0 0 1
514 [ 8] .eh_frame PROGBITS 00000000 0000e0 00008c 00 A 0 0 4
515 [ 9] .rel.eh_frame REL 00000000 0007ac 000028 08 13 8 4
516 [10] .comment PROGBITS 00000000 00016c 00002e 00 0 0 1
517 [11] .note.GNU-stack PROGBITS 00000000 00019a 000000 00 0 0 1
518 [12] .shstrtab STRTAB 00000000 00019a 00006a 00 0 0 1
519 [13] .symtab SYMTAB 00000000 00045c 000180 10 14 14 4
520 [14] .strtab STRTAB 00000000 0005dc 000166 00 0 0 1
521Key to Flags:
522 W (write), A (alloc), X (execute), M (merge), S (strings)
523 I (info), L (link order), G (group), x (unknown)
524 O (extra OS processing required) o (OS specific), p (processor specific)
525
526
527```shell
528
529 **查看一个静态库文件的elf文件的节信息:**
530
531```shell
532[root@localhost test]$ readelf -S libmy.a
533File: libmy.a(myfile.o)
534There are 15 section headers, starting at offset 0x204:
535
536Section Headers:
537 [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
538 [ 0] NULL 00000000 000000 000000 00 0 0 0
539 [ 1] .text PROGBITS 00000000 000034 00009e 00 AX 0 0 4
540 [ 2] .rel.text REL 00000000 000744 000060 08 13 1 4
541 [ 3] .data PROGBITS 00000000 0000d4 000000 00 WA 0 0 4
542 [ 4] .bss NOBITS 00000000 0000d4 000001 00 WA 0 0 4
543 [ 5] .ctors PROGBITS 00000000 0000d4 000004 00 WA 0 0 4
544 [ 6] .rel.ctors REL 00000000 0007a4 000008 08 13 5 4
545 [ 7] .rodata PROGBITS 00000000 0000d8 000006 00 A 0 0 1
546 [ 8] .eh_frame PROGBITS 00000000 0000e0 00008c 00 A 0 0 4
547 [ 9] .rel.eh_frame REL 00000000 0007ac 000028 08 13 8 4
548 [10] .comment PROGBITS 00000000 00016c 00002e 00 0 0 1
549 [11] .note.GNU-stack PROGBITS 00000000 00019a 000000 00 0 0 1
550 [12] .shstrtab STRTAB 00000000 00019a 00006a 00 0 0 1
551 [13] .symtab SYMTAB 00000000 00045c 000180 10 14 14 4
552 [14] .strtab STRTAB 00000000 0005dc 000166 00 0 0 1
553Key to Flags:
554 W (write), A (alloc), X (execute), M (merge), S (strings)
555 I (info), L (link order), G (group), x (unknown)
556 O (extra OS processing required) o (OS specific), p (processor specific)
557```
558
559 **查看一个动态库文件的elf文件的节信息:**
560
561```shell
562[root@localhost test]$ readelf -S libmy.so
563There are 27 section headers, starting at offset 0xad0:
564
565Section Headers:
566 [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
567 [ 0] NULL 00000000 000000 000000 00 0 0 0
568 [ 1] .gnu.hash GNU_HASH 000000d4 0000d4 00003c 04 A 2 0 4
569 [ 2] .dynsym DYNSYM 00000110 000110 000120 10 A 3 1 4
570 [ 3] .dynstr STRTAB 00000230 000230 000199 00 A 0 0 1
571 [ 4] .gnu.version VERSYM 000003ca 0003ca 000024 02 A 2 0 2
572 [ 5] .gnu.version_r VERNEED 000003f0 0003f0 000050 00 A 3 2 4
573 [ 6] .rel.dyn REL 00000440 000440 0000b0 08 A 2 0 4
574 [ 7] .rel.plt REL 000004f0 0004f0 000010 08 A 2 9 4
575 [ 8] .init PROGBITS 00000500 000500 000017 00 AX 0 0 4
576 [ 9] .plt PROGBITS 00000518 000518 000030 04 AX 0 0 4
577 [10] .text PROGBITS 00000550 000550 0001c4 00 AX 0 0 16
578 [11] .fini PROGBITS 00000714 000714 00001c 00 AX 0 0 4
579 [12] .rodata PROGBITS 00000730 000730 000006 00 A 0 0 1
580 [13] .eh_frame_hdr PROGBITS 00000738 000738 00002c 00 A 0 0 4
581 [14] .eh_frame PROGBITS 00000764 000764 000090 00 A 0 0 4
582 [15] .ctors PROGBITS 000017f4 0007f4 00000c 00 WA 0 0 4
583 [16] .dtors PROGBITS 00001800 000800 000008 00 WA 0 0 4
584 [17] .jcr PROGBITS 00001808 000808 000004 00 WA 0 0 4
585 [18] .data.rel.ro PROGBITS 0000180c 00080c 000004 00 WA 0 0 4
586 [19] .dynamic DYNAMIC 00001810 000810 0000e0 08 WA 3 0 4
587 [20] .got PROGBITS 000018f0 0008f0 00000c 04 WA 0 0 4
588 [21] .got.plt PROGBITS 000018fc 0008fc 000014 04 WA 0 0 4
589 [22] .bss NOBITS 00001910 000910 00000c 00 WA 0 0 4
590 [23] .comment PROGBITS 00000000 000910 0000e6 00 0 0 1
591 [24] .shstrtab STRTAB 00000000 0009f6 0000da 00 0 0 1
592 [25] .symtab SYMTAB 00000000 000f08 000410 10 26 48 4
593 [26] .strtab STRTAB 00000000 001318 000333 00 0 0 1
594Key to Flags:
595 W (write), A (alloc), X (execute), M (merge), S (strings)
596 I (info), L (link order), G (group), x (unknown)
597 O (extra OS processing required) o (OS specific), p (processor specific)
598```
599
600