每个进程所分配的内存由很多部分组成,通常称之为“段segment”,与术语“区section”可以相互替代,段是对unix系统中进程虚拟内存的逻辑划分
进程内存布局,包含以下段
文本段包含了进程运行的程序机器语言指令
初始化数据段
未初始化数据段,出于历史原因,也叫BSS段
堆heap
栈stack
size命令可显示二进制可执行文件的文本段,初始化数据段,非初始化数据段的段大小
[root@localhost df]# size -h
Usage: size [option(s)] [file(s)]
Displays the sizes of sections inside binary files
If no input file(s) are specified, a.out is assumed
The options are:
-A|-B --format={sysv|berkeley} Select output style (default is berkeley)
-o|-d|-x --radix={8|10|16} Display numbers in octal, decimal or hex
-t --totals Display the total sizes (Berkeley only)
--common Display total size for *COM* syms
--target=<bfdname> Set the binary file format
@<file> Read options from <file>
-h --help Display this information
-v --version Display the program's version
size: supported targets: elf64-x86-64 elf32-i386 a.out-i386-linux pei-i386 pei-x86-64 elf64-l1om elf64-little elf64-big elf32-little elf32-big srec symbolsrec verilog tekhex binary ihex
[root@250-shiyan bin]# pwd
/usr/bin
[root@250-shiyan bin]# size tee
text data bss dec hex filename
20311 1184 392 21887 557f tee
20311+1184+392=21887(十进制)=557f(十六进制)
[root@250-shiyan bin]# readelf -a tee
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x401280
Start of program headers: 64 (bytes into file)
Start of section headers: 22328 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 8
Size of section headers: 64 (bytes)
Number of section headers: 29
Section header string table index: 28
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000400200 00000200
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 000000000040021c 0000021c
0000000000000020 0000000000000000 A 0 0 4
[ 3] .note.gnu.build-i NOTE 000000000040023c 0000023c
0000000000000024 0000000000000000 A 0 0 4
[ 4] .gnu.hash GNU_HASH 0000000000400260 00000260
0000000000000038 0000000000000000 A 5 0 8
[ 5] .dynsym DYNSYM 0000000000400298 00000298
0000000000000528 0000000000000018 A 6 1 8
[ 6] .dynstr STRTAB 00000000004007c0 000007c0
0000000000000263 0000000000000000 A 0 0 1
[ 7] .gnu.version VERSYM 0000000000400a24 00000a24
000000000000006e 0000000000000002 A 5 0 2
[ 8] .gnu.version_r VERNEED 0000000000400a98 00000a98
0000000000000050 0000000000000000 A 6 1 8
[ 9] .rela.dyn RELA 0000000000400ae8 00000ae8
0000000000000108 0000000000000018 A 5 0 8
[10] .rela.plt RELA 0000000000400bf0 00000bf0
00000000000003d8 0000000000000018 A 5 12 8
[11] .init PROGBITS 0000000000400fc8 00000fc8
0000000000000018 0000000000000000 AX 0 0 4
[12] .plt PROGBITS 0000000000400fe0 00000fe0
00000000000002a0 0000000000000010 AX 0 0 4
[13] .text PROGBITS 0000000000401280 00001280
0000000000002c28 0000000000000000 AX 0 0 16
[14] .fini PROGBITS 0000000000403ea8 00003ea8
000000000000000e 0000000000000000 AX 0 0 4
[15] .rodata PROGBITS 0000000000403ec0 00003ec0
0000000000000980 0000000000000000 A 0 0 32
[16] .eh_frame_hdr PROGBITS 0000000000404840 00004840
00000000000001d4 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000404a18 00004a18
0000000000000754 0000000000000000 A 0 0 8
[18] .ctors PROGBITS 0000000000605170 00005170
0000000000000010 0000000000000000 WA 0 0 8
[19] .dtors PROGBITS 0000000000605180 00005180
0000000000000010 0000000000000000 WA 0 0 8
[20] .jcr PROGBITS 0000000000605190 00005190
0000000000000008 0000000000000000 WA 0 0 8
[21] .data.rel.ro PROGBITS 00000000006051a0 000051a0
00000000000000e8 0000000000000000 WA 0 0 32
[22] .dynamic DYNAMIC 0000000000605288 00005288
0000000000000190 0000000000000010 WA 6 0 8
[23] .got PROGBITS 0000000000605418 00005418
0000000000000060 0000000000000008 WA 0 0 8
[24] .got.plt PROGBITS 0000000000605478 00005478
0000000000000160 0000000000000008 WA 0 0 8
[25] .data PROGBITS 00000000006055e0 000055e0
0000000000000040 0000000000000000 WA 0 0 16
[26] .bss NOBITS 0000000000605620 00005620
0000000000000188 0000000000000000 WA 0 0 32
[27] .gnu_debuglink PROGBITS 0000000000000000 00005620
0000000000000010 0000000000000000 0 0 4
[28] .shstrtab STRTAB 0000000000000000 00005630
0000000000000101 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
There are no section groups in this file.
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000400040 0x0000000000400040
0x00000000000001c0 0x00000000000001c0 R E 8
INTERP 0x0000000000000200 0x0000000000400200 0x0000000000400200
0x000000000000001c 0x000000000000001c R 1
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000
0x000000000000516c 0x000000000000516c R E 200000
LOAD 0x0000000000005170 0x0000000000605170 0x0000000000605170
0x00000000000004b0 0x0000000000000638 RW 200000
DYNAMIC 0x0000000000005288 0x0000000000605288 0x0000000000605288
0x0000000000000190 0x0000000000000190 RW 8
NOTE 0x000000000000021c 0x000000000040021c 0x000000000040021c
0x0000000000000044 0x0000000000000044 R 4
GNU_EH_FRAME 0x0000000000004840 0x0000000000404840 0x0000000000404840
0x00000000000001d4 0x00000000000001d4 R 4
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 8
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
03 .ctors .dtors .jcr .data.rel.ro .dynamic .got .got.plt .data .bss
04 .dynamic
05 .note.ABI-tag .note.gnu.build-id
06 .eh_frame_hdr
07
Dynamic section at offset 0x5288 contains 20 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x000000000000000c (INIT) 0x400fc8
0x000000000000000d (FINI) 0x403ea8
0x000000006ffffef5 (GNU_HASH) 0x400260
0x0000000000000005 (STRTAB) 0x4007c0
0x0000000000000006 (SYMTAB) 0x400298
0x000000000000000a (STRSZ) 611 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000003 (PLTGOT) 0x605478
0x0000000000000002 (PLTRELSZ) 984 (bytes)
0x0000000000000014 (PLTREL) RELA
0x0000000000000017 (JMPREL) 0x400bf0
0x0000000000000007 (RELA) 0x400ae8
0x0000000000000008 (RELASZ) 264 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000006ffffffe (VERNEED) 0x400a98
0x000000006fffffff (VERNEEDNUM) 1
0x000000006ffffff0 (VERSYM) 0x400a24
0x0000000000000000 (NULL) 0x0
Relocation section '.rela.dyn' at offset 0xae8 contains 11 entries:
Offset Info Type Sym. Value Sym. Name + Addend
000000605418 000700000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0
000000605420 000d00000006 R_X86_64_GLOB_DAT 0000000000000000 program_invocation_sho + 0
000000605428 001700000006 R_X86_64_GLOB_DAT 0000000000000000 optind + 0
000000605438 003200000006 R_X86_64_GLOB_DAT 00000000006055f0 exit_failure + 0
000000605440 003300000006 R_X86_64_GLOB_DAT 0000000000404560 version_etc_copyright + 0
000000605448 003400000006 R_X86_64_GLOB_DAT 0000000000402310 close_stdout + 0
000000605450 002900000006 R_X86_64_GLOB_DAT 0000000000000000 program_invocation_nam + 0
000000605458 002a00000006 R_X86_64_GLOB_DAT 0000000000000000 stderr + 0
000000605460 003500000006 R_X86_64_GLOB_DAT 0000000000605638 program_name + 0
000000605468 003600000006 R_X86_64_GLOB_DAT 00000000006055e8 Version + 0
000000605470 003100000006 R_X86_64_GLOB_DAT 0000000000000000 stdout + 0
Relocation section '.rela.plt' at offset 0xbf0 contains 41 entries:
Offset Info Type Sym. Value Sym. Name + Addend
000000605490 000100000007 R_X86_64_JUMP_SLO 0000000000000000 fileno + 0
000000605498 000200000007 R_X86_64_JUMP_SLO 0000000000000000 memset + 0
0000006054a0 000300000007 R_X86_64_JUMP_SLO 0000000000000000 mbrtowc + 0
0000006054a8 000400000007 R_X86_64_JUMP_SLO 0000000000000000 close + 0
0000006054b0 000500000007 R_X86_64_JUMP_SLO 0000000000000000 abort + 0
0000006054b8 000600000007 R_X86_64_JUMP_SLO 0000000000000000 __fprintf_chk + 0
0000006054c0 000800000007 R_X86_64_JUMP_SLO 0000000000000000 textdomain + 0
0000006054c8 000900000007 R_X86_64_JUMP_SLO 0000000000000000 exit + 0
0000006054d0 000a00000007 R_X86_64_JUMP_SLO 0000000000000000 __printf_chk + 0
0000006054d8 000b00000007 R_X86_64_JUMP_SLO 0000000000000000 bindtextdomain + 0
0000006054e0 000c00000007 R_X86_64_JUMP_SLO 0000000000000000 setvbuf + 0
0000006054e8 000f00000007 R_X86_64_JUMP_SLO 0000000000000000 read + 0
0000006054f0 001000000007 R_X86_64_JUMP_SLO 0000000000000000 malloc + 0
0000006054f8 001100000007 R_X86_64_JUMP_SLO 0000000000000000 fopen + 0
000000605500 001200000007 R_X86_64_JUMP_SLO 0000000000000000 __libc_start_main + 0
000000605508 001300000007 R_X86_64_JUMP_SLO 0000000000000000 _exit + 0
000000605510 001400000007 R_X86_64_JUMP_SLO 0000000000000000 __cxa_atexit + 0
000000605518 001500000007 R_X86_64_JUMP_SLO 0000000000000000 free + 0
000000605520 001600000007 R_X86_64_JUMP_SLO 0000000000000000 strlen + 0
000000605528 001800000007 R_X86_64_JUMP_SLO 0000000000000000 __ctype_get_mb_cur_max + 0
000000605530 001900000007 R_X86_64_JUMP_SLO 0000000000000000 fputs_unlocked + 0
000000605538 001a00000007 R_X86_64_JUMP_SLO 0000000000000000 __ctype_b_loc + 0
000000605540 001b00000007 R_X86_64_JUMP_SLO 0000000000000000 fdopen + 0
000000605548 001c00000007 R_X86_64_JUMP_SLO 0000000000000000 strrchr + 0
000000605550 001d00000007 R_X86_64_JUMP_SLO 0000000000000000 fwrite_unlocked + 0
000000605558 001e00000007 R_X86_64_JUMP_SLO 0000000000000000 __fpending + 0
000000605560 001f00000007 R_X86_64_JUMP_SLO 0000000000000000 memcpy + 0
000000605568 002100000007 R_X86_64_JUMP_SLO 0000000000000000 signal + 0
000000605570 002200000007 R_X86_64_JUMP_SLO 0000000000000000 getopt_long + 0
000000605578 002300000007 R_X86_64_JUMP_SLO 0000000000000000 mbsinit + 0
000000605580 002400000007 R_X86_64_JUMP_SLO 0000000000000000 __errno_location + 0
000000605588 002500000007 R_X86_64_JUMP_SLO 0000000000000000 dcgettext + 0
000000605590 002600000007 R_X86_64_JUMP_SLO 0000000000000000 __stack_chk_fail + 0
000000605598 002700000007 R_X86_64_JUMP_SLO 0000000000000000 calloc + 0
0000006055a0 002800000007 R_X86_64_JUMP_SLO 0000000000000000 fclose + 0
0000006055a8 002b00000007 R_X86_64_JUMP_SLO 0000000000000000 fwrite + 0
0000006055b0 002c00000007 R_X86_64_JUMP_SLO 0000000000000000 realloc + 0
0000006055b8 002d00000007 R_X86_64_JUMP_SLO 0000000000000000 setlocale + 0
0000006055c0 002e00000007 R_X86_64_JUMP_SLO 0000000000000000 error + 0
0000006055c8 002f00000007 R_X86_64_JUMP_SLO 0000000000000000 fcntl + 0
0000006055d0 003000000007 R_X86_64_JUMP_SLO 0000000000000000 iswprint + 0
There are no unwind sections in this file.
Symbol table '.dynsym' contains 55 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND
1: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fileno@GLIBC_2.2.5 (2)
2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND memset@GLIBC_2.2.5 (2)
3: 0000000000000000 0 FUNC GLOBAL DEFAULT UND mbrtowc@GLIBC_2.2.5 (2)
4: 0000000000000000 0 FUNC GLOBAL DEFAULT UND close@GLIBC_2.2.5 (2)
5: 0000000000000000 0 FUNC GLOBAL DEFAULT UND abort@GLIBC_2.2.5 (2)
6: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __fprintf_chk@GLIBC_2.3.4 (3)
7: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
8: 0000000000000000 0 FUNC GLOBAL DEFAULT UND textdomain@GLIBC_2.2.5 (2)
9: 0000000000000000 0 FUNC GLOBAL DEFAULT UND exit@GLIBC_2.2.5 (2)
10: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (3)
11: 0000000000000000 0 FUNC GLOBAL DEFAULT UND bindtextdomain@GLIBC_2.2.5 (2)
12: 0000000000000000 0 FUNC GLOBAL DEFAULT UND setvbuf@GLIBC_2.2.5 (2)
13: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND program_invocation_short_@GLIBC_2.2.5 (2)
14: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND __progname_full@GLIBC_2.2.5 (2)
15: 0000000000000000 0 FUNC GLOBAL DEFAULT UND read@GLIBC_2.2.5 (2)
16: 0000000000000000 0 FUNC GLOBAL DEFAULT UND malloc@GLIBC_2.2.5 (2)
17: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fopen@GLIBC_2.2.5 (2)
18: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (2)
19: 0000000000000000 0 FUNC GLOBAL DEFAULT UND _exit@GLIBC_2.2.5 (2)
20: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __cxa_atexit@GLIBC_2.2.5 (2)
21: 0000000000000000 0 FUNC GLOBAL DEFAULT UND free@GLIBC_2.2.5 (2)
22: 0000000000000000 0 FUNC GLOBAL DEFAULT UND strlen@GLIBC_2.2.5 (2)
23: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND optind@GLIBC_2.2.5 (2)
24: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __ctype_get_mb_cur_max@GLIBC_2.2.5 (2)
25: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fputs_unlocked@GLIBC_2.2.5 (2)
26: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __ctype_b_loc@GLIBC_2.3 (4)
27: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fdopen@GLIBC_2.2.5 (2)
28: 0000000000000000 0 FUNC GLOBAL DEFAULT UND strrchr@GLIBC_2.2.5 (2)
29: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fwrite_unlocked@GLIBC_2.2.5 (2)
30: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __fpending@GLIBC_2.2.5 (2)
31: 0000000000000000 0 FUNC GLOBAL DEFAULT UND memcpy@GLIBC_2.2.5 (2)
32: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND __progname@GLIBC_2.2.5 (2)
33: 0000000000000000 0 FUNC GLOBAL DEFAULT UND signal@GLIBC_2.2.5 (2)
34: 0000000000000000 0 FUNC GLOBAL DEFAULT UND getopt_long@GLIBC_2.2.5 (2)
35: 0000000000000000 0 FUNC GLOBAL DEFAULT UND mbsinit@GLIBC_2.2.5 (2)
36: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __errno_location@GLIBC_2.2.5 (2)
37: 0000000000000000 0 FUNC GLOBAL DEFAULT UND dcgettext@GLIBC_2.2.5 (2)
38: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (5)
39: 0000000000000000 0 FUNC GLOBAL DEFAULT UND calloc@GLIBC_2.2.5 (2)
40: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fclose@GLIBC_2.2.5 (2)
41: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND program_invocation_name@GLIBC_2.2.5 (2)
42: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND stderr@GLIBC_2.2.5 (2)
43: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fwrite@GLIBC_2.2.5 (2)
44: 0000000000000000 0 FUNC GLOBAL DEFAULT UND realloc@GLIBC_2.2.5 (2)
45: 0000000000000000 0 FUNC GLOBAL DEFAULT UND setlocale@GLIBC_2.2.5 (2)
46: 0000000000000000 0 FUNC GLOBAL DEFAULT UND error@GLIBC_2.2.5 (2)
47: 0000000000000000 0 FUNC GLOBAL DEFAULT UND fcntl@GLIBC_2.2.5 (2)
48: 0000000000000000 0 FUNC GLOBAL DEFAULT UND iswprint@GLIBC_2.2.5 (2)
49: 0000000000000000 0 OBJECT GLOBAL DEFAULT UND stdout@GLIBC_2.2.5 (2)
50: 00000000006055f0 4 OBJECT GLOBAL DEFAULT 25 exit_failure
51: 0000000000404560 47 OBJECT GLOBAL DEFAULT 15 version_etc_copyright
52: 0000000000402310 183 FUNC GLOBAL DEFAULT 13 close_stdout
53: 0000000000605638 8 OBJECT GLOBAL DEFAULT 26 program_name
54: 00000000006055e8 8 OBJECT GLOBAL DEFAULT 25 Version
Histogram for `.gnu.hash' bucket list length (total of 3 buckets):
Length Number % of total Coverage
0 1 ( 33.3%)
1 1 ( 33.3%) 20.0%
2 0 ( 0.0%) 20.0%
3 0 ( 0.0%) 20.0%
4 1 ( 33.3%) 100.0%
Version symbols section '.gnu.version' contains 55 entries:
Addr: 0000000000400a24 Offset: 0x000a24 Link: 5 (.dynsym)
000: 0 (*local*) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
004: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 3 (GLIBC_2.3.4) 0 (*local*)
008: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 3 (GLIBC_2.3.4) 2 (GLIBC_2.2.5)
00c: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
010: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
014: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
018: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 4 (GLIBC_2.3) 2 (GLIBC_2.2.5)
01c: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
020: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
024: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 5 (GLIBC_2.4) 2 (GLIBC_2.2.5)
028: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
02c: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5)
030: 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 1 (*global*) 1 (*global*)
034: 1 (*global*) 1 (*global*) 1 (*global*)
Version needs section '.gnu.version_r' contains 1 entries:
Addr: 0x0000000000400a98 Offset: 0x000a98 Link: 6 (.dynstr)
000000: Version: 1 File: libc.so.6 Cnt: 4
0x0010: Name: GLIBC_2.4 Flags: none Version: 5
0x0020: Name: GLIBC_2.3 Flags: none Version: 4
0x0030: Name: GLIBC_2.3.4 Flags: none Version: 3
0x0040: Name: GLIBC_2.2.5 Flags: none Version: 2
Notes at offset 0x0000021c with length 0x00000020:
Owner Data size Description
GNU 0x00000010 NT_GNU_ABI_TAG (ABI version tag)
Notes at offset 0x0000023c with length 0x00000024:
Owner Data size Description
GNU 0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring)
[root@250-shiyan bin]# less /proc/kallsyms 大约有7万多行,内核符号的地址
ffffffff81003230 t xen_write_cr4
ffffffff81003250 t xen_write_msr_safe
ffffffff810032e0 t xen_restart
ffffffff81003310 t xen_emergency_restart
ffffffff81003340 t xen_machine_halt
ffffffff81003370 t xen_crash_shutdown
ffffffff810033a0 t xen_panic_event
ffffffff810033d0 T xen_hvm_init_shared_info
ffffffff81003490 T xen_cpuid_base
ffffffff81003560 t xen_read_cr0
ffffffff81003590 t xen_apic_icr_write
ffffffff810035b0 t xen_apic_write
ffffffff810035d0 t cvt_gate_to_trap
ffffffff810036c0 t xen_convert_trap_info
[root@250-shiyan bin]# pmap -x 14644
14644: sshd: root@pts/0
Address Kbytes RSS Dirty Mode Mapping
00007f979d216000 964 944 944 rw--- [ anon ]
00007f979d3a0000 1280 4 4 rw-s- zero (deleted)
00007f979d4e0000 16 16 0 r-x-- pam_limits.so
00007f979d4e4000 2044 0 0 ----- pam_limits.so
00007f979d6e3000 4 4 4 r---- pam_limits.so
00007f979d6e4000 4 4 4 rw--- pam_limits.so
00007f979d6e5000 8 8 0 r-x-- pam_keyinit.so
[root@250-shiyan bin]# pmap -d 14644
14644: sshd: root@pts/0
Address Kbytes Mode Offset Device Mapping
00007f979d216000 964 rw--- 0000000000000000 000:00000 [ anon ]
00007f979d3a0000 1280 rw-s- 0000000000000000 000:00004 zero (deleted)
00007f979d4e0000 16 r-x-- 0000000000000000 0fd:00000 pam_limits.so
00007f979d4e4000 2044 ----- 0000000000004000 0fd:00000 pam_limits.so