为什么 PE 格式位置依赖？

Question

可执行文件需要首选加载地址并因此保留位置相关代码而不是简单地在整个文件中使用 RVA 是否有任何充分的理由？
对我来说，这看起来像是一个重大的设计缺陷，我不明白怎么会有人想出这个主意。

Answer 1

我猜原因是历史多于实际。

引用 Matt Pietrek，来自他著名的“Peering Inside the PE”：

It's common knowledge that Windows NT has a VAX® VMS® and UNIX® heritage. Many of the Windows NT creators designed and coded for those platforms before coming to Microsoft. When it came time to design Windows NT, it was only natural that they tried to minimize their bootstrap time by using previously written and tested tools. The executable and object module format that these tools produced and worked with is called COFF (an acronym for Common Object File Format). [...] The COFF format by itself was a good starting point, but needed to be extended to meet all the needs of a modern operating system like Windows NT or Windows 95. The result of this updating is the Portable Executable format.

所以PE格式是基于COFF格式的，后来有了relocations的概念：它们允许系统（更准确地说是系统的Loader）通过patching position dependent在运行时rebase一个PE地址。

official PE documentation 明确将重定位命名为 "COFF Relocations" 所以我猜 PE 重定位是从 COFF 继承的，而不是 PE 格式本身带来的新添加。

总而言之，我的猜测是位置无关的 PE 被丢弃了（如果曾经考虑过的话），因为 COFF 格式已经有了实现相同功能的重定位概念。