This class represents an entry in the exception table (.pdata section) for the x86-64 architecture.
More...
#include <RuntimeFunctionX64.hpp>
|
| struct | unwind_info_t |
| | This structure represents the UNWIND_INFO which records the effects a function has on the stack pointer, and where the nonvolatile registers are saved on the stack. More...
|
| |
|
| enum class | UNWIND_FLAGS : uint8_t { EXCEPTION_HANDLER = 1
, TERMINATE_HANDLER = 2
, CHAIN_INFO = 4
} |
| |
| enum class | UNWIND_OPCODES : uint32_t {
PUSH_NONVOL = 0
, ALLOC_LARGE = 1
, ALLOC_SMALL = 2
, SET_FPREG = 3
,
SAVE_NONVOL = 4
, SAVE_NONVOL_FAR = 5
, EPILOG = 6
, SPARE = 7
,
SAVE_XMM128 = 8
, SAVE_XMM128_FAR = 9
, PUSH_MACHFRAME = 10
} |
| |
| enum class | UNWIND_REG : uint32_t {
RAX = 0
, RCX
, RDX
, RBX
,
RSP
, RBP
, RSI
, RDI
,
R8
, R9
, R10
, R11
,
R12
, R13
, R14
, R15
} |
| |
| enum class | ARCH { UNKNOWN = 0
, ARM64
, X86_64
} |
| | Arch discriminator for the subclasses. More...
|
| |
This class represents an entry in the exception table (.pdata section) for the x86-64 architecture.
Reference: https://learn.microsoft.com/en-us/cpp/build/exception-handling-x64
◆ UNWIND_FLAGS
| Enumerator |
|---|
| EXCEPTION_HANDLER | The function has an exception handler that should be called when looking for functions that need to examine exceptions.
|
| TERMINATE_HANDLER | The function has a termination handler that should be called when unwinding an exception.
|
| CHAIN_INFO | The chained info payload references a previous RUNTIME_FUNCTION
|
◆ UNWIND_OPCODES
| Enumerator |
|---|
| PUSH_NONVOL | Push a nonvolatile integer register, decrementing RSP by 8. The operation info is the number of the register. Because of the constraints on epilogs, PUSH_NONVOL unwind codes must appear first in the prolog and correspondingly, last in the unwind code array. This relative ordering applies to all other unwind codes except UNWIND_OPCODES::PUSH_MACHFRAME.
|
| ALLOC_LARGE | Allocate a large-sized area on the stack. There are two forms. If the operation info equals 0, then the size of the allocation divided by 8 is recorded in the next slot, allowing an allocation up to 512K - 8. If the operation info equals 1, then the unscaled size of the allocation is recorded in the next two slots in little-endian format, allowing allocations up to 4GB - 8.
|
| ALLOC_SMALL | Allocate a small-sized area on the stack. The size of the allocation is the operation info field * 8 + 8, allowing allocations from 8 to 128 bytes.
|
| SET_FPREG | Establish the frame pointer register by setting the register to some offset of the current RSP. The offset is equal to the Frame Register offset (scaled) field in the UNWIND_INFO * 16, allowing offsets from 0 to 240. The use of an offset permits establishing a frame pointer that points to the middle of the fixed stack allocation, helping code density by allowing more accesses to use short instruction forms. The operation info field is reserved and shouldn't be used.
|
| SAVE_NONVOL | Save a nonvolatile integer register on the stack using a MOV instead of a PUSH. This code is primarily used for shrink-wrapping, where a nonvolatile register is saved to the stack in a position that was previously allocated. The operation info is the number of the register. The scaled-by-8 stack offset is recorded in the next unwind operation code slot, as described in the note above.
|
| SAVE_NONVOL_FAR | Save a nonvolatile integer register on the stack with a long offset, using a MOV instead of a PUSH. This code is primarily used for shrink-wrapping, where a nonvolatile register is saved to the stack in a position that was previously allocated. The operation info is the number of the register. The unscaled stack offset is recorded in the next two unwind operation code slots, as described in the note above.
|
| EPILOG | This entry is only revelant for version 2. It describes the function epilog.
|
| SPARE | Reserved Originally SAVE_XMM128_FAR in version 1, but deprecated and removed.
|
| SAVE_XMM128 | Save all 128 bits of a nonvolatile XMM register on the stack. The operation info is the number of the register. The scaled-by-16 stack offset is recorded in the next slot.
|
| SAVE_XMM128_FAR | Save all 128 bits of a nonvolatile XMM register on the stack with a long offset. The operation info is the number of the register. The unscaled stack offset is recorded in the next two slots.
|
| PUSH_MACHFRAME | Push a machine frame. This unwind code is used to record the effect of a hardware interrupt or exception.
|
◆ UNWIND_REG
| Enumerator |
|---|
| RAX | |
| RCX | |
| RDX | |
| RBX | |
| RSP | |
| RBP | |
| RSI | |
| RDI | |
| R8 | |
| R9 | |
| R10 | |
| R11 | |
| R12 | |
| R13 | |
| R14 | |
| R15 | |
◆ RuntimeFunctionX64() [1/3]
| LIEF::PE::RuntimeFunctionX64::RuntimeFunctionX64 |
( |
uint32_t | rva_start, |
|
|
uint32_t | rva_end, |
|
|
uint32_t | unwind_rva ) |
|
inline |
◆ RuntimeFunctionX64() [2/3]
◆ RuntimeFunctionX64() [3/3]
◆ ~RuntimeFunctionX64()
| LIEF::PE::RuntimeFunctionX64::~RuntimeFunctionX64 |
( |
| ) |
|
|
default |
◆ classof()
| static bool LIEF::PE::RuntimeFunctionX64::classof |
( |
const ExceptionInfo * | info | ) |
|
|
inlinestatic |
◆ clone()
| std::unique_ptr< ExceptionInfo > LIEF::PE::RuntimeFunctionX64::clone |
( |
| ) |
const |
|
inlineoverridevirtual |
◆ operator=() [1/2]
◆ operator=() [2/2]
◆ rva_end()
| uint32_t LIEF::PE::RuntimeFunctionX64::rva_end |
( |
| ) |
const |
|
inline |
◆ size()
| uint32_t LIEF::PE::RuntimeFunctionX64::size |
( |
| ) |
const |
|
inline |
Size of the function (in bytes)
◆ to_string()
| std::string LIEF::PE::RuntimeFunctionX64::to_string |
( |
| ) |
const |
|
overridevirtual |
◆ unwind_info() [1/3]
◆ unwind_info() [2/3]
| const unwind_info_t * LIEF::PE::RuntimeFunctionX64::unwind_info |
( |
| ) |
const |
|
inline |
Detailed unwind information.
◆ unwind_info() [3/3]
| void LIEF::PE::RuntimeFunctionX64::unwind_info |
( |
unwind_info_t | info | ) |
|
|
inline |
◆ unwind_rva()
| uint32_t LIEF::PE::RuntimeFunctionX64::unwind_rva |
( |
| ) |
const |
|
inline |
The documentation for this class was generated from the following file:
Public Types inherited from LIEF::PE::ExceptionInfo
1.13.0