none
DLL rebase

Toutes les réponses

  • In partial answer to 1 and 2:

     

    Processes have a limited amount of address space.  Most of the time, when running 32-bit, a process has roughly 2GB (<0x7fffffff) of proccess address space to play with, and 2GB (>0x8000000) of kernel-mode stuff.

     

    So, all your memory allocations, file mappings, DLLs that you load, and all that junk occur within the application's 2GB window.

     

    As far as rebasing: DLL's specify where they like to be loaded.  If you try to load a DLL whose base address is already in use in some other allocation, whether that's a malloc, a file mapping, another dll, etc, the load either has to fail or the DLL needs to be re-based.

    vendredi 1 février 2008 19:44
  • Simple explanation/example of dll rebasing.

     

    You have 2 dll's.     One.dll and Two.dll,  both of the dll's were compiled in visual studio .net 2005.  In visual studio 2005 (and most microsoft compilers.. 2k3,  sdk.. etc)  the default the "preferred" base address(the preffered memory location the dll is loaded to) is 0x10000000.  

     

    Consider the following scenario.

    1.  Run MyTestApp.exe

    2.  LoadLibrary("One.dll");       

    3   LoadLibrary("Two.dll");      

     

    One.dll is loaded up at 0x10000000.  Two.dll tries to load up at 0x10000000, but cannot because One.dll is already using that address space.  When this situation occurs Two.dll is "rebased",  the operating system will pick a new location to load the dll up at. Part of the loading process require the operating system to apply "fixups" so Two.dll runs correctly at a location other than 0x10000000.  A dll is essentially optimized to load up at its "preferred" base address and applying "fixups" has some overhead to it.

     

    Simply put, your dll's will load slightly faster if you configure a "preferred" base address which doesn't collide with a "preferred" base addresses of another dll your process loads. 

     

    John

    samedi 2 février 2008 01:27
  • Thanks John Schoen,

     

     

    Your reply is great! Two more comments,

     

    1. "preferred" base address, you mean process individual virtual address, not global physical address?

     

    2. What is "fixup"? Finding an appropriate address to load the DLL, any else major work in "fixup" process?

     

     John Schoen wrote:

    Simple explanation/example of dll rebasing.

     

    You have 2 dll's.     One.dll and Two.dll,  both of the dll's were compiled in visual studio .net 2005.  In visual studio 2005 (and most microsoft compilers.. 2k3,  sdk.. etc)  the default the "preferred" base address(the preffered memory location the dll is loaded to) is 0x10000000.  

     

    Consider the following scenario.

    1.  Run MyTestApp.exe

    2.  LoadLibrary("One.dll");       

    3   LoadLibrary("Two.dll");      

     

    One.dll is loaded up at 0x10000000.  Two.dll tries to load up at 0x10000000, but cannot because One.dll is already using that address space.  When this situation occurs Two.dll is "rebased",  the operating system will pick a new location to load the dll up at. Part of the loading process require the operating system to apply "fixups" so Two.dll runs correctly at a location other than 0x10000000.  A dll is essentially optimized to load up at its "preferred" base address and applying "fixups" has some overhead to it.

     

    Simply put, your dll's will load slightly faster if you configure a "preferred" base address which doesn't collide with a "preferred" base addresses of another dll your process loads. 

     

    John

     

     

    regards,

    George

    samedi 2 février 2008 08:27
  • Thanks David Tyler Hunt,

     

     

    Great reply! Two more comments.

     

    1.

     

    The address you mentioned in your below reply should all mean virtual address, not physical address, right?

     

    2.

     

    In the article I learned from MSDN,

     

    http://msdn2.microsoft.com/en-us/library/ms810432.aspx

     

    there is something about fixup process related to rebase, do you know what is fixup doing? After reading the related section in the above article in MSDN, I am still confused.

     

     David Tyler Hunt wrote:

    In partial answer to 1 and 2:

     

    Processes have a limited amount of address space.  Most of the time, when running 32-bit, a process has roughly 2GB (<0x7fffffff) of proccess address space to play with, and 2GB (>0x8000000) of kernel-mode stuff.

     

    So, all your memory allocations, file mappings, DLLs that you load, and all that junk occur within the application's 2GB window.

     

    As far as rebasing: DLL's specify where they like to be loaded.  If you try to load a DLL whose base address is already in use in some other allocation, whether that's a malloc, a file mapping, another dll, etc, the load either has to fail or the DLL needs to be re-based.

     

     

    regards,

    George

    samedi 2 février 2008 08:30
  • Yes. Process address space is virtual.

    As far as what specifically is done with respect to fixups, I'm not clear on that myself.  You can probably get an idea of some of the various fixups a rebaser needs to perform by reading the PE (portable executable - the format Windows executables use) spec, and scattered in various articles on MSDN.

     

    A PE spec:

    http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx

    lundi 4 février 2008 21:18
  • Thanks all the same, David!


    I have though of learning PE format for a long time. Your recomemnded link is really good stuff!

     David Tyler Hunt wrote:

    Yes. Process address space is virtual.

    As far as what specifically is done with respect to fixups, I'm not clear on that myself.  You can probably get an idea of some of the various fixups a rebaser needs to perform by reading the PE (portable executable - the format Windows executables use) spec, and scattered in various articles on MSDN.

     

    A PE spec:

    http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx




    regards,
    George
    jeudi 7 février 2008 06:08
  • Hi guys,

    I would like to know where I can actually find the latest rebase application. I have an older version that used to work on older versions of Windows XP but it doesnt work on Windows XP SP3. I get a "command not recognized" message.

    Is there any reliable source to download this file?

    Thank you in advance.
    mardi 26 janvier 2010 01:06
  • In Vista and above, the base address is dynamically rebased by the operating system.  So even system dlls that have a specific, usually unique, base address will get rebased per windows session.  I know this for a fact by working with them, but I will try to find the link and post it.
    mardi 26 janvier 2010 06:07