70,037
社区成员
发帖
与我相关
我的任务
分享关于VC编译生成的COD文件和MAP文件的分析问题
问题如下:
1.COD文件是什么?
2.MAP文件是什么?
3.若想分析它们代码的作用,应该看哪方面有针对性的资料?(比如针对VC编译生成代码的分析方法祥解)
谢谢。
源代码如下:
#include <stdio.h>
void foo(char * p)
{ p = "world, hello!\n";
}
void __cdecl main()
{ char *p = "hello, world!\n";
foo(p);
printf("%s", p);
}
用VC编译后生成的COD文件如下:
TITLE D:\ZycoDEV\src\samples\hello\hello.cpp
.386P
include listing.inc
if @Version gt 510
.model FLAT
else
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
_BSS SEGMENT DWORD USE32 PUBLIC 'BSS'
_BSS ENDS
$$SYMBOLS SEGMENT BYTE USE32 'DEBSYM'
$$SYMBOLS ENDS
$$TYPES SEGMENT BYTE USE32 'DEBTYP'
$$TYPES ENDS
_TLS SEGMENT DWORD USE32 PUBLIC 'TLS'
_TLS ENDS
; COMDAT ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ??_C@_02DILL@?$CFs?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ?foo@@YGXPAD@Z
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
; COMDAT _main
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
FLAT GROUP _DATA, CONST, _BSS
ASSUME CS: FLAT, DS: FLAT, SS: FLAT
endif
PUBLIC ?foo@@YGXPAD@Z ; foo
PUBLIC ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ ; `string'
; COMDAT ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@
; File D:\ZycoDEV\src\samples\hello\hello.cpp
_DATA SEGMENT
??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ DB 'world, hello!', 0aH, 00H ; `string'
_DATA ENDS
; COMDAT ?foo@@YGXPAD@Z
_TEXT SEGMENT
_p$ = 8
?foo@@YGXPAD@Z PROC NEAR ; foo, COMDAT
; 31 : {
00000 55 push ebp
00001 8b ec mov ebp, esp
; 32 : p = "world, hello!\n";
00003 c7 45 08 00 00
00 00 mov DWORD PTR _p$[ebp], OFFSET FLAT:??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ ; `string'
; 33 : }
0000a 5d pop ebp
0000b c2 04 00 ret 4
?foo@@YGXPAD@Z ENDP ; foo
_TEXT ENDS
PUBLIC _main
PUBLIC ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ ; `string'
PUBLIC ??_C@_02DILL@?$CFs?$AA@ ; `string'
EXTRN _printf:NEAR
; COMDAT ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@
; File D:\ZycoDEV\src\samples\hello\hello.cpp
_DATA SEGMENT
??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ DB 'hello, world!', 0aH, 00H ; `string'
_DATA ENDS
; COMDAT ??_C@_02DILL@?$CFs?$AA@
_DATA SEGMENT
??_C@_02DILL@?$CFs?$AA@ DB '%s', 00H ; `string'
_DATA ENDS
; COMDAT _main
_TEXT SEGMENT
_p$ = -4
_main PROC NEAR ; COMDAT
; 36 : {
00000 55 push ebp
00001 8b ec mov ebp, esp
00003 51 push ecx
; 37 : char *p = "hello, world!\n";
00004 c7 45 fc 00 00
00 00 mov DWORD PTR _p$[ebp], OFFSET FLAT:??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ ; `string'
; 38 : foo(p);
0000b 8b 45 fc mov eax, DWORD PTR _p$[ebp]
0000e 50 push eax
0000f e8 00 00 00 00 call ?foo@@YGXPAD@Z ; foo
; 39 : printf("%s", p);
00014 8b 4d fc mov ecx, DWORD PTR _p$[ebp]
00017 51 push ecx
00018 68 00 00 00 00 push OFFSET FLAT:??_C@_02DILL@?$CFs?$AA@ ; `string'
0001d e8 00 00 00 00 call _printf
00022 83 c4 08 add esp, 8
; 40 : }
00025 8b e5 mov esp, ebp
00027 5d pop ebp
00028 c3 ret 0
_main ENDP
_TEXT ENDS
END
生成MAP文件如下:
hello
Timestamp is 3cfc118f (Tue Jun 04 09:02:07 2002)
Preferred load address is 00400000
Start Length Name Class
0001:00000000 000004a5H .text CODE
0002:00000000 00000018H .idata$5 DATA
0002:00000018 00000024H .rdata DATA
0002:0000003c 00000014H .idata$2 DATA
0002:00000050 00000014H .idata$3 DATA
0002:00000064 00000018H .idata$4 DATA
0002:0000007c 00000040H .idata$6 DATA
0002:000000bc 00000000H .edata DATA
0003:00000000 00000023H .data DATA
0004:00000000 00000004H .CRT$XCA DATA
0004:00000004 00000004H .CRT$XCZ DATA
0004:00000008 00000004H .CRT$XTA DATA
0004:0000000c 00000004H .CRT$XTZ DATA
Address Publics by Value Rva+Base Lib:Object
0001:00000000 ?foo@@YGXPAD@Z 00401000 f hello.obj
0001:00000010 _main 00401010 f hello.obj
0001:00000040 _mainCRTStartup 00401040 f zycocrt:main.obj
0001:000000b8 _printf 004010b8 f zycocrt:zycocrt.dll
0001:000000be _exit 004010be f zycocrt:zycocrt.dll
0001:000000d0 _ParseCmdLine@8 004010d0 f zycocrt:entry.obj
0001:000001e0 _FillArgvArray@12 004011e0 f zycocrt:entry.obj
0001:000002c0 __mainCRTEntry 004012c0 f zycocrt:entry.obj
0001:00000360 _wmain 00401360 f zycocrt:wmain.obj
0001:000003e0 __initterm 004013e0 f zycocrt:crtinit.obj
0001:00000410 __crtinit@4 00401410 f zycocrt:crtinit.obj
0001:00000458 __getargs@12 00401458 f zycocrt:zycocrt.dll
0001:0000045e _wcscpy 0040145e f zycocrt:zycocrt.dll
0001:00000464 _wcslen 00401464 f zycocrt:zycocrt.dll
0001:00000470 __chkstk 00401470 f zycocrt:chkstk.obj
0001:000004a0 __alloca_probe 004014a0 f zycocrt:chkstk.obj
0002:00000000 __imp__exit 00402000 zycocrt:zycocrt.dll
0002:00000004 __imp___getargs@12 00402004 zycocrt:zycocrt.dll
0002:00000008 __imp__wcscpy 00402008 zycocrt:zycocrt.dll
0002:0000000c __imp__wcslen 0040200c zycocrt:zycocrt.dll
0002:00000010 __imp__printf 00402010 zycocrt:zycocrt.dll
0002:00000014 \177zycocrt_NULL_THUNK_DATA 00402014 zycocrt:zycocrt.dll
0002:0000003c __IMPORT_DESCRIPTOR_zycocrt 0040203c zycocrt:zycocrt.dll
0002:00000050 __NULL_IMPORT_DESCRIPTOR 00402050 zycocrt:zycocrt.dll
0003:00000000 ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ 00403000 hello.obj
0003:00000010 ??_C@_02DILL@?$CFs?$AA@ 00403010 hello.obj
0003:00000014 ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ 00403014 hello.obj
0004:00000000 ___xc_a 00404000 zycocrt:markers.obj
0004:00000004 ___xc_z 00404004 zycocrt:markers.obj
0004:00000008 ___xt_a 00404008 zycocrt:markers.obj
0004:0000000c ___xt_z 0040400c zycocrt:markers.obj
entry point at 0001:00000040
Static symbols
1.COD文件是什么?
2.MAP文件是什么?
3.若想分析它们代码的作用,应该看哪方面有针对性的资料?(比如针对VC编译生成代码的分析方法祥解)
谢谢。
源代码如下:
#include <stdio.h>
void foo(char * p)
{ p = "world, hello!\n";
}
void __cdecl main()
{ char *p = "hello, world!\n";
foo(p);
printf("%s", p);
}
用VC编译后生成的COD文件如下:
TITLE D:\ZycoDEV\src\samples\hello\hello.cpp
.386P
include listing.inc
if @Version gt 510
.model FLAT
else
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
CONST SEGMENT DWORD USE32 PUBLIC 'CONST'
CONST ENDS
_BSS SEGMENT DWORD USE32 PUBLIC 'BSS'
_BSS ENDS
$$SYMBOLS SEGMENT BYTE USE32 'DEBSYM'
$$SYMBOLS ENDS
$$TYPES SEGMENT BYTE USE32 'DEBTYP'
$$TYPES ENDS
_TLS SEGMENT DWORD USE32 PUBLIC 'TLS'
_TLS ENDS
; COMDAT ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ??_C@_02DILL@?$CFs?$AA@
_DATA SEGMENT DWORD USE32 PUBLIC 'DATA'
_DATA ENDS
; COMDAT ?foo@@YGXPAD@Z
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
; COMDAT _main
_TEXT SEGMENT PARA USE32 PUBLIC 'CODE'
_TEXT ENDS
FLAT GROUP _DATA, CONST, _BSS
ASSUME CS: FLAT, DS: FLAT, SS: FLAT
endif
PUBLIC ?foo@@YGXPAD@Z ; foo
PUBLIC ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ ; `string'
; COMDAT ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@
; File D:\ZycoDEV\src\samples\hello\hello.cpp
_DATA SEGMENT
??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ DB 'world, hello!', 0aH, 00H ; `string'
_DATA ENDS
; COMDAT ?foo@@YGXPAD@Z
_TEXT SEGMENT
_p$ = 8
?foo@@YGXPAD@Z PROC NEAR ; foo, COMDAT
; 31 : {
00000 55 push ebp
00001 8b ec mov ebp, esp
; 32 : p = "world, hello!\n";
00003 c7 45 08 00 00
00 00 mov DWORD PTR _p$[ebp], OFFSET FLAT:??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ ; `string'
; 33 : }
0000a 5d pop ebp
0000b c2 04 00 ret 4
?foo@@YGXPAD@Z ENDP ; foo
_TEXT ENDS
PUBLIC _main
PUBLIC ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ ; `string'
PUBLIC ??_C@_02DILL@?$CFs?$AA@ ; `string'
EXTRN _printf:NEAR
; COMDAT ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@
; File D:\ZycoDEV\src\samples\hello\hello.cpp
_DATA SEGMENT
??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ DB 'hello, world!', 0aH, 00H ; `string'
_DATA ENDS
; COMDAT ??_C@_02DILL@?$CFs?$AA@
_DATA SEGMENT
??_C@_02DILL@?$CFs?$AA@ DB '%s', 00H ; `string'
_DATA ENDS
; COMDAT _main
_TEXT SEGMENT
_p$ = -4
_main PROC NEAR ; COMDAT
; 36 : {
00000 55 push ebp
00001 8b ec mov ebp, esp
00003 51 push ecx
; 37 : char *p = "hello, world!\n";
00004 c7 45 fc 00 00
00 00 mov DWORD PTR _p$[ebp], OFFSET FLAT:??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ ; `string'
; 38 : foo(p);
0000b 8b 45 fc mov eax, DWORD PTR _p$[ebp]
0000e 50 push eax
0000f e8 00 00 00 00 call ?foo@@YGXPAD@Z ; foo
; 39 : printf("%s", p);
00014 8b 4d fc mov ecx, DWORD PTR _p$[ebp]
00017 51 push ecx
00018 68 00 00 00 00 push OFFSET FLAT:??_C@_02DILL@?$CFs?$AA@ ; `string'
0001d e8 00 00 00 00 call _printf
00022 83 c4 08 add esp, 8
; 40 : }
00025 8b e5 mov esp, ebp
00027 5d pop ebp
00028 c3 ret 0
_main ENDP
_TEXT ENDS
END
生成MAP文件如下:
hello
Timestamp is 3cfc118f (Tue Jun 04 09:02:07 2002)
Preferred load address is 00400000
Start Length Name Class
0001:00000000 000004a5H .text CODE
0002:00000000 00000018H .idata$5 DATA
0002:00000018 00000024H .rdata DATA
0002:0000003c 00000014H .idata$2 DATA
0002:00000050 00000014H .idata$3 DATA
0002:00000064 00000018H .idata$4 DATA
0002:0000007c 00000040H .idata$6 DATA
0002:000000bc 00000000H .edata DATA
0003:00000000 00000023H .data DATA
0004:00000000 00000004H .CRT$XCA DATA
0004:00000004 00000004H .CRT$XCZ DATA
0004:00000008 00000004H .CRT$XTA DATA
0004:0000000c 00000004H .CRT$XTZ DATA
Address Publics by Value Rva+Base Lib:Object
0001:00000000 ?foo@@YGXPAD@Z 00401000 f hello.obj
0001:00000010 _main 00401010 f hello.obj
0001:00000040 _mainCRTStartup 00401040 f zycocrt:main.obj
0001:000000b8 _printf 004010b8 f zycocrt:zycocrt.dll
0001:000000be _exit 004010be f zycocrt:zycocrt.dll
0001:000000d0 _ParseCmdLine@8 004010d0 f zycocrt:entry.obj
0001:000001e0 _FillArgvArray@12 004011e0 f zycocrt:entry.obj
0001:000002c0 __mainCRTEntry 004012c0 f zycocrt:entry.obj
0001:00000360 _wmain 00401360 f zycocrt:wmain.obj
0001:000003e0 __initterm 004013e0 f zycocrt:crtinit.obj
0001:00000410 __crtinit@4 00401410 f zycocrt:crtinit.obj
0001:00000458 __getargs@12 00401458 f zycocrt:zycocrt.dll
0001:0000045e _wcscpy 0040145e f zycocrt:zycocrt.dll
0001:00000464 _wcslen 00401464 f zycocrt:zycocrt.dll
0001:00000470 __chkstk 00401470 f zycocrt:chkstk.obj
0001:000004a0 __alloca_probe 004014a0 f zycocrt:chkstk.obj
0002:00000000 __imp__exit 00402000 zycocrt:zycocrt.dll
0002:00000004 __imp___getargs@12 00402004 zycocrt:zycocrt.dll
0002:00000008 __imp__wcscpy 00402008 zycocrt:zycocrt.dll
0002:0000000c __imp__wcslen 0040200c zycocrt:zycocrt.dll
0002:00000010 __imp__printf 00402010 zycocrt:zycocrt.dll
0002:00000014 \177zycocrt_NULL_THUNK_DATA 00402014 zycocrt:zycocrt.dll
0002:0000003c __IMPORT_DESCRIPTOR_zycocrt 0040203c zycocrt:zycocrt.dll
0002:00000050 __NULL_IMPORT_DESCRIPTOR 00402050 zycocrt:zycocrt.dll
0003:00000000 ??_C@_0P@GFBK@world?0?5hello?$CB?6?$AA@ 00403000 hello.obj
0003:00000010 ??_C@_02DILL@?$CFs?$AA@ 00403010 hello.obj
0003:00000014 ??_C@_0P@GOCC@hello?0?5world?$CB?6?$AA@ 00403014 hello.obj
0004:00000000 ___xc_a 00404000 zycocrt:markers.obj
0004:00000004 ___xc_z 00404004 zycocrt:markers.obj
0004:00000008 ___xt_a 00404008 zycocrt:markers.obj
0004:0000000c ___xt_z 0040400c zycocrt:markers.obj
entry point at 0001:00000040
Static symbols
...全文
请发表友善的回复…
发表回复
T34 2002-06-13
- 打赏
- 举报
COD不知道.
MAP包含了程序内的符号,文件,行号等信息,在用VC生成RELEASE版时,最好同时生成MAP文件,以便发生CRASH后根据CRASHDUMP定位出错位置.
格式可以看John Robbins的Debugging Applications(Microsoft Press),还有一个工具CrashFinder,就是用MAP文件找CRASH地址的.
MAP包含了程序内的符号,文件,行号等信息,在用VC生成RELEASE版时,最好同时生成MAP文件,以便发生CRASH后根据CRASHDUMP定位出错位置.
格式可以看John Robbins的Debugging Applications(Microsoft Press),还有一个工具CrashFinder,就是用MAP文件找CRASH地址的.
