6.0 file structure
Compilation source files are divided into several parts. These parts are Code, Data, not initialized Data, Constants, Resource, and Relocations, the resource part is created by the resource file, and there will be more discussions later. The Relocation section is not important to us (it contains information that makes PE-Loader can load the program in the memory). The important part is Code, DATA, not initialized Data and Constants. Maybe you have guess, the Code section contains code. DATA is equipped with data and has read and write permissions. The entire DATA portion is included in the EXE file and can be initialized with data.
Not initialized Data did not have content during startup, and even included in the EXE file itself. It is just part of the memory "assigned". This part also has read and write permissions. The Constants and Data are part of the Data, but read only. Although this part can be used as a constant, it is more simple and faster in the inclusion file, and is used as a direct value.
6.1 Section Indicators (some representatives)
In your source file (* .asm), you can define some of the partial identifier:
.code; the Code section thus starts. Data; DATA section This start. Data ?; Not initialized Data section This starts. Const; constants section
The executable (* .exe, *. DLL and other) is (in Win32) Portable Execution Format (PE), I will not discuss it in detail but is important. Some Sections use some attributes in the PE header:
Section name, RVA, Offset, original size, virtual size, and logo. RVA (relative virtual address) is the relative memory address that will be loaded. It is relative to the base address that is loaded relative to the program. This address is also in the PE header, but can be changed by PE-Loader (use the Relocation section). Offset is the original Offset of the EXE file itself in initialization data. The virtual size is the size of the program will reach in memory. The logo is read / write / executable.
3. 2 cases
This has an example program:
.DATANUMBER1 DD 12033HNUMBER2 DW 100H, 200H, 300H, 400HNumber3 DB "Blabla", 0.data? Value Dd? .code Mov Eax, Number1Mov Ecx, Offset Number2Add Ax, Word PTR [ECX 4] MOV Value, EAX
This program cannot be compiled but it doesn't matter.
In your assembler, all things you put in "Some" will enter the EXE file and are in a memory address when the program is loaded. On the DATA section above, there are 3 tags: Number1, Number2, Number3. These tags save their OFFSET in the program so you can use them in your program to indicate location.
DD puts a DWORD directly there, DW is Word and DB is Byte. You can also use a DB string because it is actually a string Byte value. In the example, the DATA section will turn into memory:
33, 20, 01, 100, 01, 02, 100, 03, 100, 04, 62, 6C, 61, 62, 6C, 61, 100 (all of which are hexadecimal)
(Each value bit one byte)
I have given some of these numbers. Number1 points to the memory address of BYTE 33, Number2 points to the position of the red 00, Number3 is a green 62. Now, if you write this in your program: MOV Eax, Number1
It is actually:
MOV ECX, DWORD PTR [12033h "memory address]
But this:
MOV ECX, Offset Number1
means:
MOV ECX, 12033H memory address
In the first example, ECX obtains the value of NUMBER1's memory address. In the second, ECX is called a memory address (OFFSET) itself. The following two examples have the same effect:
(1) MOV ECX, NUMBER1
(2) MOV ECX, OFFSET NUMBER1MOV ECX, DWORD PTR [ECX] (or Mov ECX, [ECX])
Let us return to the previous example:
.DATANUMBER1 DD 12033HNUMBER2 DW 100H, 200H, 300H, 400HNumber3 DB "Blabla", 0.data? Value Dd? .code Mov Eax, Number1Mov Ecx, Offset Number2Add Ax, Word PTR [ECX 4] MOV Value, EAX
The label can be used in Number1, Number2, and Number3, but it contains 0 when it starts. Because it does not initialize the Data section. This advantage is that all things you defined in .Data are not in memory in the executable file.
.DATA? MANYBYTES1 DB 5000 DUP (?)
.DATAMANYBYTES2 DB 5000 DUP (0)
(5000dup means: 5000 copies. Values DB 4, 4, 4, 4, 4, 4, and value DB 7dup (4))
Manybytes1 will not in the file itself, just 5,000 pre-allocated bytes in memory. But ManyBytes2 will make the file 5000 bytes in the executable. Although your file will contain 5,000 zero, it is not used.
The Code section is assembled (translated into original code) and places it in an executable (Of course, in memory).
