1、先准備兩個程序,一個匯編、一個C語言
在匯編中沒有定義變量,因為在一個模塊中不會有問題;在C中定義了兩個函數,一些局部變量,一些全局變量;這樣我們要考慮的內容都完備了。
ms.asm mc2.c
.386 int sum(int i){
.model flat int k = i;
extrn c m:near int j = 0;
public _start int s = 0;
.code for(j=1;j<=k;j++) s+=j;
_start: return s;
mov ax,cs }
mov ds,ax
call m int e = 1;
stop: int f = 2;
jmp stop int ar[6000000L];
end _start
extern void m(){
int d;
long c;
c=1;
2、分別編譯成obj文件
ml /c /coff ms.asm //指定生成coff格式的obj文件
cl /c /Fomc.obj mc2.c //指定生成的obj文件名為mc.obj
link /subsystem:windows ms.obj mc.obj //這裡使用32位的鏈接器,要設好lib路徑
現在得到ms.obj mc.obj ms.exe 三個文件
3、分析一下源代碼,顯然程序入口點是_start(在使用/coff參數進行編譯時必須有下劃線),在匯編中調用了C中的m函數,這是需要重定位的。在C中m調用了sum函數,這也是要重定位的。
4、現在利用VC6自帶的dumpbin.exe工具,生成解析文件:
dumpbin /all ms.obj>msobj.txt
dumpbin /all mc.obj>mcobj.txt
dumpbin /all ms.exe>msexe.txt
現在得到三個解析文件,下面逐個分析
*******************************************************************************
*msobj.txt
*******************************************************************************
Microsoft (R) COFF Binary File Dumper Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
Dump of file ms.obj
File Type: COFF OBJECT
FILE HEADER valueS
14C machine (i386) //機器類型為386
3 number of sections //ms.obj文件有三節
41AABB57 time date stamp Mon Nov 29 14:01:59 2004
B2 file pointer to symbol table //符號表的文件偏移是 0B2H
B number of symbols //共 0BH=11 個符號
0 size of optional header
0 characteristics
//第一節的頭部
SECTION HEADER #1
.text name
0 physical address
0 virtual address
D size of raw data //原始數據長度為 0DH=13 個字節
8C file pointer to raw data //其在文件內的偏移為 8Ch
9A file pointer to relocation table //其重定位表在文件內的偏移為9Ah
0 file pointer to line numbers
1 number of relocations //需重定位的項有 1 項
0 number of line numbers
60300020 flags
Code //這是一個代碼段
4 byte align
Execute Read
RAW DATA #1 //這裡列出了原始數據,恰好 13=0DH 個字節
00000000: 66 8C C8 66 8E D8 E8 00 00 00 00 EB FE f..f.........
|-->這是偏移7的位置,查下面的重定位表知道它需要重定位。
當前值是 00 00 00 00 ,E8代表call
RELOCATIONS #1 //這是重定位表
Symbol Symbol
Offset Type Applied To Index Name
-------- ---------------- ----------------- -------- ------
00000007 REL32 00000000 7 _m //清楚的指出_m需要重定位
\ \
\-->在原始數據內的偏移是7 \
\-->7表示_m在符號表中的索引號
//第二節的頭部
SECTION HEADER #2
.data name
D physical address
0 virtual address
0 size of raw data
0 file pointer to raw data
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
C0300040 flags
Initialized Data //這節是初始化的數據段,也就是全局變量段,
4 byte align //上面所有的項都是0,說明匯編中沒有定義全局變量
Read Write //注意,匯編中定義的_start是全局標號,並不是變量!!!
//第三節的頭部
SECTION HEADER #3
.drectve name
D physical address
0 virtual address
D size of raw data //原始數據共 0Dh
A4 file pointer to raw data //在obj文件中的偏移為0A4h
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
A00 flags
Info //表明這只是一個信息段,即不是數據也不是代碼,
Remove //只是用來說明某種支持信息
(no align specified)
RAW DATA #3 //看一下原始數據,原來是說明程序的入口點是_start,完全正確
00000000: 2D 65 6E 74 72 79 3A 73 74 61 72 74 20 -entry:start
Linker Directives
-----------------
-entry:start
//符號表
COFF SYMBOL TABLE
000 00000000 DEBUG notype Filename | .file
ms.asm
002 001220FC ABS notype Static | @comp.id
003 00000000 SECT1 notype Static | .text
Section length D, #relocs 1, #linenums 0, checksum 0
005 00000000 SECT2 notype Static | .data
Section length 0, #relocs 0, #linenums 0, checksum 0
007 00000000 UNDEF notype () External | _m
008 00000000 SECT1 notype () External | start
009 00000000 SECT3 notype Static | .drectve
Section length D, #relocs 0, #linenums 0, checksum 0
//可以看到_m被說明為未定義(UNDEF)、外部變量(External)、是個函數 ( () )
//start定義在節1中(SECT1)、是個函數(())、可供外部使用(External)
//字符串信息為0,即不存在
String Table Size = 0x0 bytes
Summary
0 .data
D .drectve
D .text
******************************************************************************
*mc.obj
******************************************************************************
Microsoft (R) COFF Binary File Dumper Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
Dump of file mc.obj
File Type: COFF OBJECT
FILE HEADER valueS
14C machine (i386) //機器類型為386
2 number of sections //mc.obj文件有2節
41AABA2D time date stamp Mon Nov 29 13:57:01 2004
158 file pointer to symbol table //符號表的文件偏移是 158H
C number of symbols //共 0CH=12 個符號
0 size of optional header
0 characteristics
//第一節的頭部
SECTION HEADER #1
.drectve name
0 physical address
0 virtual address
26 size of raw data //原始數據長充為 26H=38 個字節
64 file pointer to raw data //其在文件內的偏移為 64h
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
100A00 flags
Info //這是一個信息段
Remove
1 byte align
//第一節的原始數據
RAW DATA #1 //原來是說明默認庫的信息
00000000: 2D 64 65 66 61 75 6C 74 6C 69 62 3A 4C 49 42 43 -defaultlib:LIBC
00000010: 20 2D 64 65 66 61 75 6C 74 6C 69 62 3A 4F 4C 44 -defaultlib:OLD
00000020: 4E 41 4D 45 53 20 NAMES
Linker Directives
-----------------
-defaultlib:LIBC
-defaultlib:OLDNAMES
//第二節的頭部
SECTION HEADER #2
.text name
0 physical address
0 virtual address
A6 size of raw data //原始數據長充為 0A6H=166 個字節
8A file pointer to raw data //其在文件內的偏移為 8Ah
130 file pointer to relocation table //其重定位表在文件內的偏移為130h
0 file pointer to line numbers
4 number of relocations //需重定位的項有4項
0 number of line numbers
60500020 flags
Code //這是一個代碼段
16 byte align //對齊方式是以16個字節的小段邊緣對齊
Execute Read //該代碼 可讀、可執行
//這點可通過編譯參數/SECTION來改變
//第二節的原始數據
//使用W32Dasm打開mc.obj文件,輸入偏移地址為8Ah(見第二節的頭部說明),反編譯下面這段
//與匯編生成的lst文件對比,可以看出下面的數據從偏移0開始的55 8B到偏移44H的5D C3是sum
//函數的數據。緊跟其後直至最後的是函數 m 的代碼
//這裡可以看出,32位編譯器把所有的代碼按它們在源代碼中出現的順序“堆積”在obj文件中
RAW DATA #2
00000000: 55 8B EC 83 EC 0C 8B 45 08 89 45 F4 C7 45 F8 00 U......E..E..E..
00000010: 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 01 00 00 ....E......E....
00000020: 00 EB 09 8B 4D F8 83 C1 01 89 4D F8 8B 55 F8 3B ....M.....M..U.;
00000030: 55 F4 7F 0B 8B 45 FC 03 45 F8 89 45 FC EB E4 8B U....E..E..E....
00000040: 45 FC 8B E5 5D C3 55 8B EC 83 EC 08 C7 45 FC 01 E...].U......E..
00000050: 00 00 00 C7 45 F8 01 00 00 00 C7 05 00 00 00 00 ....E...........
00000060: 01 00 00 00 C7 05 00 00 00 00 01 00 00 00 6A 05 ..............j.
00000070: E8 00 00 00 00 83 C4 04 C7 45 FC 00 00 00 00 EB .........E......
00000080: 09 8B 45 FC 83 C0 01 89 45 FC 81 7D FC 80 5B ..E.....E..}.€.[
00000090: 00 7D 0F 8B 4D FC 8B 55 FC 89 14 00 00 00 00 .}..M..U........
000000A0: EB DF 8B E5 5D C3 ....].
//第二節的重定位表
RELOCATIONS #2
Symbol Symbol
Offset Type Applied To Index Name
-------- ---------------- ----------------- -------- ------
0000005C DIR32 00000000 7 _e
00000066 DIR32 00000000 6 _f
00000071 REL32 00000000 A _sum
0000009C DIR32 00000000 5 _ar
//可以看到_sum要重定位,所有的全局變量也要重定位,它們各自在上面原始數據中的位置都正確的記錄著
COFF SYMBOL TABLE
000 00000000 DEBUG notype Filename | .file
mc2.c
002 000A1FE8 ABS notype Static | @comp.id
003 00000000 SECT1 notype Static | .drectve
Section length 26, #relocs 0, #linenums 0, checksum 0
005 016E3600 UNDEF notype External | _ar
006 00000004 UNDEF notype External | _f
007 00000004 UNDEF notype External | _e
008 00000000 SECT2 notype Static | .text
Section length A6, #relocs 4, #linenums 0, checksum DB3BC338
00A 00000000 SECT2 notype () External | _sum
00B 00000046 SECT2 notype () External | _m
String Table Size = 0x0 bytes
Summary
26 .drectve
A6 .text
*******************************************************************************
*ms.exe
*******************************************************************************
Microsoft (R) COFF Binary File Dumper Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
//因為ms.exe實際上是一個可執行文件了,這裡的結構就是Windows的PE頭結構
Dump of file ms.exe
PE signature found
File Type: EXECUTABLE IMAGE
FILE HEADER valueS
14C machine (i386) //機器類型為386
2 number of sections //ms.exe文件有2節
41AABAC2 time date stamp Mon Nov 29 13:59:30 2004
0 file pointer to symbol table
0 number of symbols
E0 size of optional header //這裡有個可選頭
10F characteristics
Relocations stripped
Executable
Line numbers stripped
Symbols stripped
32 bit word machine
OPTIONAL HEADER valueS //可選頭說明程序的基本情況,告訴操作系統如何加載它
10B magic #
6.00 linker version
1000 size of code
16E4000 size of initialized data //初始化數據大小,也就是為全局變量分配的空間
0 size of uninitialized data
1000 RVA of entry point //入口點在文件中的偏移,打開ms.exe,查看一下1000h處,呵呵,確實是匯編部分的代碼
1000 base of code //代碼段在文件內的偏移
2000 base of data //數據段在文件內的偏移
400000 image base //告訴操作系統將程序到內存線性地址時,應以止為基址
1000 section alignment //段對齊方式
1000 file alignment //文件對齊方式
4.00 operating system version
0.00 image version
4.00 subsystem version
0 Win32 version
16E6000 size of image //文件鏡像大小
1000 size of headers //PE頭大小,說明真正的文件內容從1000h開始,與前面的各處吻合
0 checksum
2 subsystem (Windows GUI)
0 DLL characteristics
100000 size of stack reserve
1000 size of stack commit
100000 size of heap reserve
1000 size of heap commit
0 loader flags
10 number of directories
0 [ 0] RVA [size] of Export Directory
0 [ 0] RVA [size] of Import Directory
0 [ 0] RVA [size] of Resource Directory
0 [ 0] RVA [size] of Exception Directory
0 [ 0] RVA [size] of Certificates Directory
0 [ 0] RVA [size] of Base Relocation Directory
0 [ 0] RVA [size] of Debug Directory
0 [ 0] RVA [size] of Architecture Directory
0 [ 0] RVA [size] of Special Directory
0 [ 0] RVA [size] of Thread Storage Directory
0 [ 0] RVA [size] of Load Configuration Directory
0 [ 0] RVA [size] of Bound Import Directory
0 [ 0] RVA [size] of Import Address Table Directory
0 [ 0] RVA [size] of Delay Import Directory
0 [ 0] RVA [size] of Reserved Directory
0 [ 0] RVA [size] of Reserved Directory
//第一節的頭部
SECTION HEADER #1
.text name
B6 virtual size
1000 virtual address
1000 size of raw data
1000 file pointer to raw data //在文件內的偏移是 1000h
0 file pointer to relocation table //可執行文件無重定位表
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
60000020 flags
Code //這是代碼段
Execute Read
//原始數據
//對照lst文件可知,從偏移0開始的66 8C到偏移0Ch的FE結束的是ms.asm編譯的結果,後面
//3 個字節的CC CC CC,是以16字節小段對齊的結果,在正常情況下,不可能執行
//到這3個字節。
//從偏移10h開始的55 8B到54h的5D C3是sum()編譯的結果,56h開始到結束是m()編譯的結果。
//下面看一下應該重定位的項當前的值:
RAW DATA #1
00401000: 66 8C C8 66 8E D8 E8 4B 00 00 00 EB FE CC CC CC f..f...K........
00401010: 55 8B EC 83 EC 0C 8B 45 08 89 45 F4 C7 45 F8 00 U......E..E..E..
00401020: 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 01 00 00 ....E......E....
00401030: 00 EB 09 8B 4D F8 83 C1 01 89 4D F8 8B 55 F8 3B ....M.....M..U.;
00401040: 55 F4 7F 0B 8B 45 FC 03 45 F8 89 45 FC EB E4 8B U....E..E..E....
00401050: 45 FC 8B E5 5D C3 55 8B EC 83 EC 08 C7 45 FC 01 E...].U......E..
00401060: 00 00 00 C7 45 F8 01 00 00 00 C7 05 00 20 40 00 ....E........ @.
00401070: 01 00 00 00 C7 05 04 20 40 00 01 00 00 00 6A 05 ....... @.....j.
00401080: E8 8B FF FF FF 83 C4 04 C7 45 FC 00 00 00 00 EB .........E......
00401090: 09 8B 45 FC 83 C0 01 89 45 FC 81 7D FC 80 5B ..E.....E..}.€.[
004010A0: 00 7D 0F 8B 4D FC 8B 55 FC 89 14 20 20 40 00 .}..M..U.... @.
004010B0: EB DF 8B E5 5D C3 ....].
//下面為了分析,對上面的代碼進行了多次拷貝
//1、對照msobj.txt的重定位指示
//00000007 REL32 ... _m -->這是msobj.txt中的重定位指示
/ 現在它是00 00 00 4B,計算一下:m()開始於56H,
/ EB 4B 00 00 00是call 4B的意思,它的下一條指令
/ 開始於0Bh處,所以call _m轉換計算如下:
/ 56H - 0BH = 4Bh 即為call 4B完全正確!!!
/
RAW DATA #1 / /-->這裡的偏移是0BH
00401000: 66 8C C8 66 8E D8 E8 4B 00 00 00 EB FE CC CC CC f..f...K........
00401010: 55 8B EC 83 EC 0C 8B 45 08 89 45 F4 C7 45 F8 00 U......E..E..E..
00401020: 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 01 00 00 ....E......E....
00401030: 00 EB 09 8B 4D F8 83 C1 01 89 4D F8 8B 55 F8 3B ....M.....M..U.;
00401040: 55 F4 7F 0B 8B 45 FC 03 45 F8 89 45 FC EB E4 8B U....E..E..E....
00401050: 45 FC 8B E5 5D C3 55 8B------------55 是m()的開始,該處偏移是56H
//2、對照mcobj.txt的重定位指示
//0000005C DIR32 00000000 7 _e
//00000066 DIR32 00000000 6 _f
//00000071 REL32 00000000 A _sum
//0000009C DIR32 00000000 5 _ar
//因為mc2.c中代碼編譯結果在ms.exe的代碼段中是從偏移10H處開始的,所以上面的重定位偏移相應
//的都要加上10H成為 6CH 76H 81H ACH
//先看三個與數據段有關的重定位
-->偏移 6CH處現為00 20 40 00,即地址402000H
/ C7 05 00 20 40 00 01 00 00 00 = mov [402000H],1
/ 也就是C程序中的 e = 1 ,其中的e是一個全局變量
/ 注意這裡用了絕對地址402000H,這意味著如果代碼段不是初始化在
/ 402000H處的話,程序將出錯!!!!!!!!
//a、00401060: .... C7 05 00 20 40 00
// 00401070: 01 00 00 00
//b、00401074: C7 05 04 20 40 00 01 00 00 00 //mov word prt [402000H],1
//c、004010A9: 89 14 20 20 40 00 //movDWORD PTR [402020][ecx*4], edx
//b、 c同a ,如果數據段的加載地址不是402000H時將出錯
//再看一下與函數sum()相關的重定位
//00401080: E8 8B FF FF FF //call FF FF FF 8B
//我們知道FF FF FF 8B其實就是-75H的補碼表示法,好,算一下
//call FF FF FF 8B的下一條指令開始於85H
//85H + (-75H)= 10 H
//從前面的分析已經看到,sum()開始於10H,所以這裡就是call _sum
//完全正確,因為是相對位置,所以無論代碼段初始化在什麼地方都不會出錯
SECTION HEADER #2
.data name
16E3620 virtual size
2000 virtual address
1000 size of raw data //原始數據大小為1000H=4096字節
2000 file pointer to raw data //開始於文件偏移2000H處
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
C0000040 flags
Initialized Data //初始化的數據段
Read Write
/-->int e = 1;
/
/ /-->int f = 2;
/ /
/ /
/ / /-->int ar[6000000L];這裡很大的空間
RAW DATA #2 / / /
00402000: 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................
00402010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004020F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004021F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004022F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004023F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402430: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402440: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004024F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004025F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004026F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004027F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402810: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402820: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402870: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402890: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004028F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004029F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402A90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402AF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402B90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402BF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402C90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402CF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402D90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402DF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402E90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402EA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402EB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402EC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402ED0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402EE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402EF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402F90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00402FF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Summary
16E4000 .data
1000 .text
5、結論:
因為在32位程序中,尋址范圍多達32G,因此幾乎所有編譯器在鏈接時都是將各個模塊中的所有可執行代碼集中到最後可執行文件中的一個單一的模塊中,所有的Call、jmp都成為段內間接轉移,因為現在的轉移范圍可以高達32G,沒有跳不到的地方!!!這時指令中的地址是相對地址,無論代碼加載到哪都不會錯,因此在開發操作系統時,當操作系統已經進入到保護模式之後就可以大膽使用這些開發工具進行開發,產生的代碼相互之間的關系不會有任何問題。
同時,編譯器會自動將各模塊中的所有數據組織到一個單一的初始化數據段中,並且在處理與數據相關的重定位時,會將地址填寫為“預計”的內存位置,因為我們開發的操作系統運行時基本上不太可能將數據段恰好加載在正確的位置,因此這裡會產生錯誤,要注意一點,數據段在文件中總是被放在代碼段的後面。
解決的辦法,用MicroSoft的32位鏈接器時可以用/BASE參數,指定程序將在內存中的加載位置,步驟如下:
i、操作系統的開發者先計劃好這段代碼應加載到內存的什麼位置,假設起始地址是loadBase.
ii、鏈接使用link .... /BASE:loadBase ....
iii、刪除掉無用的文件頭,現在你的程序應該可以被直接載入內存中並正確的運行了。