ReactOS 0.4.15-dev-6694-g4ba8af9
unwind.c
Go to the documentation of this file.
1/*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * PURPOSE: Unwinding related functions
5 * PROGRAMMER: Timo Kreuzer (timo.kreuzer@reactos.org)
6 */
7
8/* INCLUDES *****************************************************************/
9
10#include <rtl.h>
11
12#define NDEBUG
13#include <debug.h>
14
15#define UNWIND_HISTORY_TABLE_NONE 0
16#define UNWIND_HISTORY_TABLE_GLOBAL 1
17#define UNWIND_HISTORY_TABLE_LOCAL 2
18
19#define UWOP_PUSH_NONVOL 0
20#define UWOP_ALLOC_LARGE 1
21#define UWOP_ALLOC_SMALL 2
22#define UWOP_SET_FPREG 3
23#define UWOP_SAVE_NONVOL 4
24#define UWOP_SAVE_NONVOL_FAR 5
25#if 0 // These are deprecated / not for x64
26#define UWOP_SAVE_XMM 6
27#define UWOP_SAVE_XMM_FAR 7
28#else
29#define UWOP_EPILOG 6
30#define UWOP_SPARE_CODE 7
31#endif
32#define UWOP_SAVE_XMM128 8
33#define UWOP_SAVE_XMM128_FAR 9
34#define UWOP_PUSH_MACHFRAME 10
35
36
37typedef unsigned char UBYTE;
38
39typedef union _UNWIND_CODE
40{
41 struct
42 {
43 UBYTE CodeOffset;
44 UBYTE UnwindOp:4;
45 UBYTE OpInfo:4;
46 };
47 USHORT FrameOffset;
48} UNWIND_CODE, *PUNWIND_CODE;
49
50typedef struct _UNWIND_INFO
51{
52 UBYTE Version:3;
53 UBYTE Flags:5;
54 UBYTE SizeOfProlog;
55 UBYTE CountOfCodes;
56 UBYTE FrameRegister:4;
57 UBYTE FrameOffset:4;
58 UNWIND_CODE UnwindCode[1];
59/* union {
60 OPTIONAL ULONG ExceptionHandler;
61 OPTIONAL ULONG FunctionEntry;
62 };
63 OPTIONAL ULONG ExceptionData[];
64*/
65} UNWIND_INFO, *PUNWIND_INFO;
66
67/* FUNCTIONS *****************************************************************/
68
80PRUNTIME_FUNCTION
81NTAPI
82RtlLookupFunctionTable(
83 IN DWORD64 ControlPc,
84 OUT PDWORD64 ImageBase,
85 OUT PULONG Length)
86{
87 PVOID Table;
88 ULONG Size;
89
90 /* Find corresponding file header from code address */
91 if (!RtlPcToFileHeader((PVOID)ControlPc, (PVOID*)ImageBase))
92 {
93 /* Nothing found */
94 return NULL;
95 }
96
97 /* Locate the exception directory */
98 Table = RtlImageDirectoryEntryToData((PVOID)*ImageBase,
99 TRUE,
100 IMAGE_DIRECTORY_ENTRY_EXCEPTION,
101 &Size);
102
103 /* Return the number of entries */
104 *Length = Size / sizeof(RUNTIME_FUNCTION);
105
106 /* Return the address of the table */
107 return Table;
108}
109
110PRUNTIME_FUNCTION
111NTAPI
112RtlpLookupDynamicFunctionEntry(
113 _In_ DWORD64 ControlPc,
114 _Out_ PDWORD64 ImageBase,
115 _In_ PUNWIND_HISTORY_TABLE HistoryTable);
116
122PRUNTIME_FUNCTION
123NTAPI
124RtlLookupFunctionEntry(
125 IN DWORD64 ControlPc,
126 OUT PDWORD64 ImageBase,
127 OUT PUNWIND_HISTORY_TABLE HistoryTable)
128{
129 PRUNTIME_FUNCTION FunctionTable, FunctionEntry;
130 ULONG TableLength;
131 ULONG IndexLo, IndexHi, IndexMid;
132
133 /* Find the corresponding table */
134 FunctionTable = RtlLookupFunctionTable(ControlPc, ImageBase, &TableLength);
135
136 /* If no table is found, try dynamic function tables */
137 if (!FunctionTable)
138 {
139 return RtlpLookupDynamicFunctionEntry(ControlPc, ImageBase, HistoryTable);
140 }
141
142 /* Use relative virtual address */
143 ControlPc -= *ImageBase;
144
145 /* Do a binary search */
146 IndexLo = 0;
147 IndexHi = TableLength;
148 while (IndexHi > IndexLo)
149 {
150 IndexMid = (IndexLo + IndexHi) / 2;
151 FunctionEntry = &FunctionTable[IndexMid];
152
153 if (ControlPc < FunctionEntry->BeginAddress)
154 {
155 /* Continue search in lower half */
156 IndexHi = IndexMid;
157 }
158 else if (ControlPc >= FunctionEntry->EndAddress)
159 {
160 /* Continue search in upper half */
161 IndexLo = IndexMid + 1;
162 }
163 else
164 {
165 /* ControlPc is within limits, return entry */
166 return FunctionEntry;
167 }
168 }
169
170 /* Nothing found, return NULL */
171 return NULL;
172}
173
174static
175__inline
176ULONG
177UnwindOpSlots(
178 _In_ UNWIND_CODE UnwindCode)
179{
180 static const UCHAR UnwindOpExtraSlotTable[] =
181 {
182 0, // UWOP_PUSH_NONVOL
183 1, // UWOP_ALLOC_LARGE (or 3, special cased in lookup code)
184 0, // UWOP_ALLOC_SMALL
185 0, // UWOP_SET_FPREG
186 1, // UWOP_SAVE_NONVOL
187 2, // UWOP_SAVE_NONVOL_FAR
188 1, // UWOP_EPILOG // previously UWOP_SAVE_XMM
189 2, // UWOP_SPARE_CODE // previously UWOP_SAVE_XMM_FAR
190 1, // UWOP_SAVE_XMM128
191 2, // UWOP_SAVE_XMM128_FAR
192 0, // UWOP_PUSH_MACHFRAME
193 2, // UWOP_SET_FPREG_LARGE
194 };
195
196 if ((UnwindCode.UnwindOp == UWOP_ALLOC_LARGE) &&
197 (UnwindCode.OpInfo != 0))
198 {
199 return 3;
200 }
201 else
202 {
203 return UnwindOpExtraSlotTable[UnwindCode.UnwindOp] + 1;
204 }
205}
206
207static
208__inline
209void
210SetReg(
211 _Inout_ PCONTEXT Context,
212 _In_ BYTE Reg,
213 _In_ DWORD64 Value)
214{
215 ((DWORD64*)(&Context->Rax))[Reg] = Value;
216}
217
218static
219__inline
220void
221SetRegFromStackValue(
222 _Inout_ PCONTEXT Context,
223 _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers,
224 _In_ BYTE Reg,
225 _In_ PDWORD64 ValuePointer)
226{
227 SetReg(Context, Reg, *ValuePointer);
228 if (ContextPointers != NULL)
229 {
230 ContextPointers->IntegerContext[Reg] = ValuePointer;
231 }
232}
233
234static
235__inline
236DWORD64
237GetReg(
238 _In_ PCONTEXT Context,
239 _In_ BYTE Reg)
240{
241 return ((DWORD64*)(&Context->Rax))[Reg];
242}
243
244static
245__inline
246void
247PopReg(
248 _Inout_ PCONTEXT Context,
249 _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers,
250 _In_ BYTE Reg)
251{
252 SetRegFromStackValue(Context, ContextPointers, Reg, (PDWORD64)Context->Rsp);
253 Context->Rsp += sizeof(DWORD64);
254}
255
256static
257__inline
258void
259SetXmmReg(
260 _Inout_ PCONTEXT Context,
261 _In_ BYTE Reg,
262 _In_ M128A Value)
263{
264 ((M128A*)(&Context->Xmm0))[Reg] = Value;
265}
266
267static
268__inline
269void
270SetXmmRegFromStackValue(
271 _Out_ PCONTEXT Context,
272 _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers,
273 _In_ BYTE Reg,
274 _In_ M128A *ValuePointer)
275{
276 SetXmmReg(Context, Reg, *ValuePointer);
277 if (ContextPointers != NULL)
278 {
279 ContextPointers->FloatingContext[Reg] = ValuePointer;
280 }
281}
282
283static
284__inline
285M128A
286GetXmmReg(PCONTEXT Context, BYTE Reg)
287{
288 return ((M128A*)(&Context->Xmm0))[Reg];
289}
290
301static
302__inline
303BOOLEAN
304RtlpTryToUnwindEpilog(
305 _Inout_ PCONTEXT Context,
306 _In_ ULONG64 ControlPc,
307 _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers,
308 _In_ ULONG64 ImageBase,
309 _In_ PRUNTIME_FUNCTION FunctionEntry)
310{
311 CONTEXT LocalContext;
312 BYTE *InstrPtr;
313 DWORD Instr;
314 BYTE Reg, Mod;
315 ULONG64 EndAddress;
316
317 /* Make a local copy of the context */
318 LocalContext = *Context;
319
320 InstrPtr = (BYTE*)ControlPc;
321
322 /* Check if first instruction of epilog is "add rsp, x" */
323 Instr = *(DWORD*)InstrPtr;
324 if ( (Instr & 0x00fffdff) == 0x00c48148 )
325 {
326 if ( (Instr & 0x0000ff00) == 0x8300 )
327 {
328 /* This is "add rsp, 0x??" */
329 LocalContext.Rsp += Instr >> 24;
330 InstrPtr += 4;
331 }
332 else
333 {
334 /* This is "add rsp, 0x???????? */
335 LocalContext.Rsp += *(DWORD*)(InstrPtr + 3);
336 InstrPtr += 7;
337 }
338 }
339 /* Check if first instruction of epilog is "lea rsp, ..." */
340 else if ( (Instr & 0x38fffe) == 0x208d48 )
341 {
342 /* Get the register */
343 Reg = (Instr >> 16) & 0x7;
344
345 /* REX.R */
346 Reg += (Instr & 1) * 8;
347
348 LocalContext.Rsp = GetReg(&LocalContext, Reg);
349
350 /* Get adressing mode */
351 Mod = (Instr >> 22) & 0x3;
352 if (Mod == 0)
353 {
354 /* No displacement */
355 InstrPtr += 3;
356 }
357 else if (Mod == 1)
358 {
359 /* 1 byte displacement */
360 LocalContext.Rsp += (LONG)(CHAR)(Instr >> 24);
361 InstrPtr += 4;
362 }
363 else if (Mod == 2)
364 {
365 /* 4 bytes displacement */
366 LocalContext.Rsp += *(LONG*)(InstrPtr + 3);
367 InstrPtr += 7;
368 }
369 }
370
371 /* Loop the following instructions before the ret */
372 EndAddress = FunctionEntry->EndAddress + ImageBase - 1;
373 while ((DWORD64)InstrPtr < EndAddress)
374 {
375 Instr = *(DWORD*)InstrPtr;
376
377 /* Check for a simple pop */
378 if ( (Instr & 0xf8) == 0x58 )
379 {
380 /* Opcode pops a basic register from stack */
381 Reg = Instr & 0x7;
382 PopReg(&LocalContext, ContextPointers, Reg);
383 InstrPtr++;
384 continue;
385 }
386
387 /* Check for REX + pop */
388 if ( (Instr & 0xf8fb) == 0x5841 )
389 {
390 /* Opcode is pop r8 .. r15 */
391 Reg = ((Instr >> 8) & 0x7) + 8;
392 PopReg(&LocalContext, ContextPointers, Reg);
393 InstrPtr += 2;
394 continue;
395 }
396
397 /* Opcode not allowed for Epilog */
398 return FALSE;
399 }
400
401 // check for popfq
402
403 // also allow end with jmp imm, jmp [target], iretq
404
405 /* Check if we are at the ret instruction */
406 if ((DWORD64)InstrPtr != EndAddress)
407 {
408 /* If we went past the end of the function, something is broken! */
409 ASSERT((DWORD64)InstrPtr <= EndAddress);
410 return FALSE;
411 }
412
413 /* Make sure this is really a ret instruction */
414 if (*InstrPtr != 0xc3)
415 {
416 ASSERT(FALSE);
417 return FALSE;
418 }
419
420 /* Unwind is finished, pop new Rip from Stack */
421 LocalContext.Rip = *(DWORD64*)LocalContext.Rsp;
422 LocalContext.Rsp += sizeof(DWORD64);
423
424 *Context = LocalContext;
425 return TRUE;
426}
427
432static
433ULONG64
434GetEstablisherFrame(
435 _In_ PCONTEXT Context,
436 _In_ PUNWIND_INFO UnwindInfo,
437 _In_ ULONG_PTR CodeOffset)
438{
439 ULONG i;
440
441 /* Check if we have a frame register */
442 if (UnwindInfo->FrameRegister == 0)
443 {
444 /* No frame register means we use Rsp */
445 return Context->Rsp;
446 }
447
448 if ((CodeOffset >= UnwindInfo->SizeOfProlog) ||
449 ((UnwindInfo->Flags & UNW_FLAG_CHAININFO) != 0))
450 {
451 return GetReg(Context, UnwindInfo->FrameRegister) -
452 UnwindInfo->FrameOffset * 16;
453 }
454
455 /* Loop all unwind ops */
456 for (i = 0;
457 i < UnwindInfo->CountOfCodes;
458 i += UnwindOpSlots(UnwindInfo->UnwindCode[i]))
459 {
460 /* Skip codes past our code offset */
461 if (UnwindInfo->UnwindCode[i].CodeOffset > CodeOffset)
462 {
463 continue;
464 }
465
466 /* Check for SET_FPREG */
467 if (UnwindInfo->UnwindCode[i].UnwindOp == UWOP_SET_FPREG)
468 {
469 return GetReg(Context, UnwindInfo->FrameRegister) -
470 UnwindInfo->FrameOffset * 16;
471 }
472 }
473
474 return Context->Rsp;
475}
476
477PEXCEPTION_ROUTINE
478NTAPI
479RtlVirtualUnwind(
480 _In_ ULONG HandlerType,
481 _In_ ULONG64 ImageBase,
482 _In_ ULONG64 ControlPc,
483 _In_ PRUNTIME_FUNCTION FunctionEntry,
484 _Inout_ PCONTEXT Context,
485 _Outptr_ PVOID *HandlerData,
486 _Out_ PULONG64 EstablisherFrame,
487 _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers)
488{
489 PUNWIND_INFO UnwindInfo;
490 ULONG_PTR ControlRva, CodeOffset;
491 ULONG i, Offset;
492 UNWIND_CODE UnwindCode;
493 BYTE Reg;
494 PULONG LanguageHandler;
495
496 /* Get relative virtual address */
497 ControlRva = ControlPc - ImageBase;
498
499 /* Sanity checks */
500 if ( (ControlRva < FunctionEntry->BeginAddress) ||
501 (ControlRva >= FunctionEntry->EndAddress) )
502 {
503 return NULL;
504 }
505
506 /* Get a pointer to the unwind info */
507 UnwindInfo = RVA(ImageBase, FunctionEntry->UnwindData);
508
509 /* The language specific handler data follows the unwind info */
510 LanguageHandler = ALIGN_UP_POINTER_BY(&UnwindInfo->UnwindCode[UnwindInfo->CountOfCodes], sizeof(ULONG));
511
512 /* Calculate relative offset to function start */
513 CodeOffset = ControlRva - FunctionEntry->BeginAddress;
514
515 *EstablisherFrame = GetEstablisherFrame(Context, UnwindInfo, CodeOffset);
516
517 /* Check if we are in the function epilog and try to finish it */
518 if ((CodeOffset > UnwindInfo->SizeOfProlog) && (UnwindInfo->CountOfCodes > 0))
519 {
520 if (RtlpTryToUnwindEpilog(Context, ControlPc, ContextPointers, ImageBase, FunctionEntry))
521 {
522 /* There's no exception routine */
523 return NULL;
524 }
525 }
526
527 /* Skip all Ops with an offset greater than the current Offset */
528 i = 0;
529 while ((i < UnwindInfo->CountOfCodes) &&
530 (UnwindInfo->UnwindCode[i].CodeOffset > CodeOffset))
531 {
532 i += UnwindOpSlots(UnwindInfo->UnwindCode[i]);
533 }
534
535RepeatChainedInfo:
536
537 /* Process the remaining unwind ops */
538 while (i < UnwindInfo->CountOfCodes)
539 {
540 UnwindCode = UnwindInfo->UnwindCode[i];
541 switch (UnwindCode.UnwindOp)
542 {
543 case UWOP_PUSH_NONVOL:
544 Reg = UnwindCode.OpInfo;
545 PopReg(Context, ContextPointers, Reg);
546 i++;
547 break;
548
549 case UWOP_ALLOC_LARGE:
550 if (UnwindCode.OpInfo)
551 {
552 Offset = *(ULONG*)(&UnwindInfo->UnwindCode[i+1]);
553 Context->Rsp += Offset;
554 i += 3;
555 }
556 else
557 {
558 Offset = UnwindInfo->UnwindCode[i+1].FrameOffset;
559 Context->Rsp += Offset * 8;
560 i += 2;
561 }
562 break;
563
564 case UWOP_ALLOC_SMALL:
565 Context->Rsp += (UnwindCode.OpInfo + 1) * 8;
566 i++;
567 break;
568
569 case UWOP_SET_FPREG:
570 Reg = UnwindInfo->FrameRegister;
571 Context->Rsp = GetReg(Context, Reg) - UnwindInfo->FrameOffset * 16;
572 i++;
573 break;
574
575 case UWOP_SAVE_NONVOL:
576 Reg = UnwindCode.OpInfo;
577 Offset = UnwindInfo->UnwindCode[i + 1].FrameOffset;
578 SetRegFromStackValue(Context, ContextPointers, Reg, (DWORD64*)Context->Rsp + Offset);
579 i += 2;
580 break;
581
582 case UWOP_SAVE_NONVOL_FAR:
583 Reg = UnwindCode.OpInfo;
584 Offset = *(ULONG*)(&UnwindInfo->UnwindCode[i + 1]);
585 SetRegFromStackValue(Context, ContextPointers, Reg, (DWORD64*)Context->Rsp + Offset);
586 i += 3;
587 break;
588
589 case UWOP_EPILOG:
590 i += 1;
591 break;
592
593 case UWOP_SPARE_CODE:
594 ASSERT(FALSE);
595 i += 2;
596 break;
597
598 case UWOP_SAVE_XMM128:
599 Reg = UnwindCode.OpInfo;
600 Offset = UnwindInfo->UnwindCode[i + 1].FrameOffset;
601 SetXmmRegFromStackValue(Context, ContextPointers, Reg, (M128A*)Context->Rsp + Offset);
602 i += 2;
603 break;
604
605 case UWOP_SAVE_XMM128_FAR:
606 Reg = UnwindCode.OpInfo;
607 Offset = *(ULONG*)(&UnwindInfo->UnwindCode[i + 1]);
608 SetXmmRegFromStackValue(Context, ContextPointers, Reg, (M128A*)Context->Rsp + Offset);
609 i += 3;
610 break;
611
612 case UWOP_PUSH_MACHFRAME:
613 /* OpInfo is 1, when an error code was pushed, otherwise 0. */
614 Context->Rsp += UnwindCode.OpInfo * sizeof(DWORD64);
615
616 /* Now pop the MACHINE_FRAME (RIP/RSP only. And yes, "magic numbers", deal with it) */
617 Context->Rip = *(PDWORD64)(Context->Rsp + 0x00);
618 Context->Rsp = *(PDWORD64)(Context->Rsp + 0x18);
619 ASSERT((i + 1) == UnwindInfo->CountOfCodes);
620 goto Exit;
621 }
622 }
623
624 /* Check for chained info */
625 if (UnwindInfo->Flags & UNW_FLAG_CHAININFO)
626 {
627 /* See https://docs.microsoft.com/en-us/cpp/build/exception-handling-x64?view=msvc-160#chained-unwind-info-structures */
628 FunctionEntry = (PRUNTIME_FUNCTION)&(UnwindInfo->UnwindCode[(UnwindInfo->CountOfCodes + 1) & ~1]);
629 UnwindInfo = RVA(ImageBase, FunctionEntry->UnwindData);
630 i = 0;
631 goto RepeatChainedInfo;
632 }
633
634 /* Unwind is finished, pop new Rip from Stack */
635 if (Context->Rsp != 0)
636 {
637 Context->Rip = *(DWORD64*)Context->Rsp;
638 Context->Rsp += sizeof(DWORD64);
639 }
640
641Exit:
642
643 /* Check if we have a handler and return it */
644 if (UnwindInfo->Flags & (HandlerType & (UNW_FLAG_EHANDLER | UNW_FLAG_UHANDLER)))
645 {
646 *HandlerData = (LanguageHandler + 1);
647 return RVA(ImageBase, *LanguageHandler);
648 }
649
650 return NULL;
651}
652
664BOOLEAN
665NTAPI
666RtlpUnwindInternal(
667 _In_opt_ PVOID TargetFrame,
668 _In_opt_ PVOID TargetIp,
669 _In_ PEXCEPTION_RECORD ExceptionRecord,
670 _In_ PVOID ReturnValue,
671 _In_ PCONTEXT ContextRecord,
672 _In_opt_ struct _UNWIND_HISTORY_TABLE *HistoryTable,
673 _In_ ULONG HandlerType)
674{
675 DISPATCHER_CONTEXT DispatcherContext;
676 PEXCEPTION_ROUTINE ExceptionRoutine;
677 EXCEPTION_DISPOSITION Disposition;
678 PRUNTIME_FUNCTION FunctionEntry;
679 ULONG_PTR StackLow, StackHigh;
680 ULONG64 ImageBase, EstablisherFrame;
681 CONTEXT UnwindContext;
682
683 /* Get the current stack limits and registration frame */
684 RtlpGetStackLimits(&StackLow, &StackHigh);
685
686 /* If we have a target frame, then this is our high limit */
687 if (TargetFrame != NULL)
688 {
689 StackHigh = (ULONG64)TargetFrame + 1;
690 }
691
692 /* Copy the context */
693 UnwindContext = *ContextRecord;
694
695 /* Set up the constant fields of the dispatcher context */
696 DispatcherContext.ContextRecord = &UnwindContext;
697 DispatcherContext.HistoryTable = HistoryTable;
698 DispatcherContext.TargetIp = (ULONG64)TargetIp;
699
700 /* Start looping */
701 while (TRUE)
702 {
703 /* Lookup the FunctionEntry for the current RIP */
704 FunctionEntry = RtlLookupFunctionEntry(UnwindContext.Rip, &ImageBase, NULL);
705 if (FunctionEntry == NULL)
706 {
707 /* No function entry, so this must be a leaf function. Pop the return address from the stack.
708 Note: this can happen after the first frame as the result of an exception */
709 UnwindContext.Rip = *(DWORD64*)UnwindContext.Rsp;
710 UnwindContext.Rsp += sizeof(DWORD64);
711
712 /* Copy the context back for the next iteration */
713 *ContextRecord = UnwindContext;
714 continue;
715 }
716
717 /* Save Rip before the virtual unwind */
718 DispatcherContext.ControlPc = UnwindContext.Rip;
719
720 /* Do a virtual unwind to get the next frame */
721 ExceptionRoutine = RtlVirtualUnwind(HandlerType,
722 ImageBase,
723 UnwindContext.Rip,
724 FunctionEntry,
725 &UnwindContext,
726 &DispatcherContext.HandlerData,
727 &EstablisherFrame,
728 NULL);
729
730 /* Check, if we are still within the stack boundaries */
731 if ((EstablisherFrame < StackLow) ||
732 (EstablisherFrame >= StackHigh) ||
733 (EstablisherFrame & 7))
734 {
736
737 /* If we are handling an exception, we are done here. */
738 if (HandlerType == UNW_FLAG_EHANDLER)
739 {
740 ExceptionRecord->ExceptionFlags |= EXCEPTION_STACK_INVALID;
741 return FALSE;
742 }
743
744 __debugbreak();
745 RtlRaiseStatus(STATUS_BAD_STACK);
746 }
747
748 /* Check if we have an exception routine */
749 if (ExceptionRoutine != NULL)
750 {
751 /* Check if this is the target frame */
752 if (EstablisherFrame == (ULONG64)TargetFrame)
753 {
754 /* Set flag to inform the language handler */
755 ExceptionRecord->ExceptionFlags |= EXCEPTION_TARGET_UNWIND;
756 }
757
758 /* Log the exception if it's enabled */
759 RtlpCheckLogException(ExceptionRecord,
760 ContextRecord,
761 &DispatcherContext,
762 sizeof(DispatcherContext));
763
764 /* Set up the variable fields of the dispatcher context */
765 DispatcherContext.ImageBase = ImageBase;
766 DispatcherContext.FunctionEntry = FunctionEntry;
767 DispatcherContext.LanguageHandler = ExceptionRoutine;
768 DispatcherContext.EstablisherFrame = EstablisherFrame;
769 DispatcherContext.ScopeIndex = 0;
770
771 /* Store the return value in the unwind context */
772 UnwindContext.Rax = (ULONG64)ReturnValue;
773
774 /* Loop all nested handlers */
775 do
776 {
778 /* Call the language specific handler */
779 Disposition = ExceptionRoutine(ExceptionRecord,
780 (PVOID)EstablisherFrame,
781 ContextRecord,
782 &DispatcherContext);
783
784 /* Clear exception flags for the next iteration */
785 ExceptionRecord->ExceptionFlags &= ~(EXCEPTION_TARGET_UNWIND |
786 EXCEPTION_COLLIDED_UNWIND);
787
788 /* Check if we do exception handling */
789 if (HandlerType == UNW_FLAG_EHANDLER)
790 {
791 if (Disposition == ExceptionContinueExecution)
792 {
793 /* Check if it was non-continuable */
794 if (ExceptionRecord->ExceptionFlags & EXCEPTION_NONCONTINUABLE)
795 {
796 __debugbreak();
797 RtlRaiseStatus(EXCEPTION_NONCONTINUABLE_EXCEPTION);
798 }
799
800 /* Execution continues */
801 return TRUE;
802 }
803 else if (Disposition == ExceptionNestedException)
804 {
806 __debugbreak();
807 }
808 }
809
810 if (Disposition == ExceptionCollidedUnwind)
811 {
813 __debugbreak();
814 }
815
816 /* This must be ExceptionContinueSearch now */
817 if (Disposition != ExceptionContinueSearch)
818 {
819 __debugbreak();
820 RtlRaiseStatus(STATUS_INVALID_DISPOSITION);
821 }
822 } while (ExceptionRecord->ExceptionFlags & EXCEPTION_COLLIDED_UNWIND);
823 }
824
825 /* Check, if we have left our stack (8.) */
826 if ((EstablisherFrame < StackLow) ||
827 (EstablisherFrame > StackHigh) ||
828 (EstablisherFrame & 7))
829 {
831 __debugbreak();
832
833 if (UnwindContext.Rip == ContextRecord->Rip)
834 {
835 RtlRaiseStatus(STATUS_BAD_FUNCTION_TABLE);
836 }
837 else
838 {
839 ZwRaiseException(ExceptionRecord, ContextRecord, FALSE);
840 }
841 }
842
843 if (EstablisherFrame == (ULONG64)TargetFrame)
844 {
845 break;
846 }
847
848 /* We have successfully unwound a frame. Copy the unwind context back. */
849 *ContextRecord = UnwindContext;
850 }
851
852 if (ExceptionRecord->ExceptionCode != STATUS_UNWIND_CONSOLIDATE)
853 {
854 ContextRecord->Rip = (ULONG64)TargetIp;
855 }
856
857 /* Set the return value */
858 ContextRecord->Rax = (ULONG64)ReturnValue;
859
860 /* Restore the context */
861 RtlRestoreContext(ContextRecord, ExceptionRecord);
862
863 /* Should never get here! */
864 ASSERT(FALSE);
865 return FALSE;
866}
867
868VOID
869NTAPI
870RtlUnwindEx(
871 _In_opt_ PVOID TargetFrame,
872 _In_opt_ PVOID TargetIp,
873 _In_opt_ PEXCEPTION_RECORD ExceptionRecord,
874 _In_ PVOID ReturnValue,
875 _In_ PCONTEXT ContextRecord,
876 _In_opt_ struct _UNWIND_HISTORY_TABLE *HistoryTable)
877{
878 EXCEPTION_RECORD LocalExceptionRecord;
879
880 /* Capture the current context */
881 RtlCaptureContext(ContextRecord);
882
883 /* Check if we have an exception record */
884 if (ExceptionRecord == NULL)
885 {
886 /* No exception record was passed, so set up a local one */
887 LocalExceptionRecord.ExceptionCode = STATUS_UNWIND;
888 LocalExceptionRecord.ExceptionAddress = (PVOID)ContextRecord->Rip;
889 LocalExceptionRecord.ExceptionRecord = NULL;
890 LocalExceptionRecord.NumberParameters = 0;
891 ExceptionRecord = &LocalExceptionRecord;
892 }
893
894 /* Set unwind flags */
895 ExceptionRecord->ExceptionFlags = EXCEPTION_UNWINDING;
896 if (TargetFrame == NULL)
897 {
898 ExceptionRecord->ExceptionFlags |= EXCEPTION_EXIT_UNWIND;
899 }
900
901 /* Call the internal function */
902 RtlpUnwindInternal(TargetFrame,
903 TargetIp,
904 ExceptionRecord,
905 ReturnValue,
906 ContextRecord,
907 HistoryTable,
908 UNW_FLAG_UHANDLER);
909}
910
911VOID
912NTAPI
913RtlUnwind(
914 _In_opt_ PVOID TargetFrame,
915 _In_opt_ PVOID TargetIp,
916 _In_opt_ PEXCEPTION_RECORD ExceptionRecord,
917 _In_ PVOID ReturnValue)
918{
919 CONTEXT Context;
920
921 RtlUnwindEx(TargetFrame,
922 TargetIp,
923 ExceptionRecord,
924 ReturnValue,
925 &Context,
926 NULL);
927}
928
929ULONG
930NTAPI
931RtlWalkFrameChain(OUT PVOID *Callers,
932 IN ULONG Count,
933 IN ULONG Flags)
934{
935 CONTEXT Context;
936 ULONG64 ControlPc, ImageBase, EstablisherFrame;
937 ULONG64 StackLow, StackHigh;
938 PVOID HandlerData;
939 ULONG i, FramesToSkip;
940 PRUNTIME_FUNCTION FunctionEntry;
941
942 DPRINT("Enter RtlWalkFrameChain\n");
943
944 /* The upper bits in Flags define how many frames to skip */
945 FramesToSkip = Flags >> 8;
946
947 /* Capture the current Context */
948 RtlCaptureContext(&Context);
949 ControlPc = Context.Rip;
950
951 /* Get the stack limits */
952 RtlpGetStackLimits(&StackLow, &StackHigh);
953
954 /* Check if we want the user-mode stack frame */
955 if (Flags & 1)
956 {
957 }
958
959 _SEH2_TRY
960 {
961 /* Loop the frames */
962 for (i = 0; i < FramesToSkip + Count; i++)
963 {
964 /* Lookup the FunctionEntry for the current ControlPc */
965 FunctionEntry = RtlLookupFunctionEntry(ControlPc, &ImageBase, NULL);
966
967 /* Is this a leaf function? */
968 if (!FunctionEntry)
969 {
970 Context.Rip = *(DWORD64*)Context.Rsp;
971 Context.Rsp += sizeof(DWORD64);
972 DPRINT("leaf funtion, new Rip = %p, new Rsp = %p\n", (PVOID)Context.Rip, (PVOID)Context.Rsp);
973 }
974 else
975 {
976 RtlVirtualUnwind(UNW_FLAG_NHANDLER,
977 ImageBase,
978 ControlPc,
979 FunctionEntry,
980 &Context,
981 &HandlerData,
982 &EstablisherFrame,
983 NULL);
984 DPRINT("normal funtion, new Rip = %p, new Rsp = %p\n", (PVOID)Context.Rip, (PVOID)Context.Rsp);
985 }
986
987 /* Check if we are in kernel mode */
988 if (RtlpGetMode() == KernelMode)
989 {
990 /* Check if we left the kernel range */
991 if (!(Flags & 1) && (Context.Rip < 0xFFFF800000000000ULL))
992 {
993 break;
994 }
995 }
996 else
997 {
998 /* Check if we left the user range */
999 if ((Context.Rip < 0x10000) ||
1000 (Context.Rip > 0x000007FFFFFEFFFFULL))
1001 {
1002 break;
1003 }
1004 }
1005
1006 /* Check, if we have left our stack */
1007 if ((Context.Rsp <= StackLow) || (Context.Rsp >= StackHigh))
1008 {
1009 break;
1010 }
1011
1012 /* Continue with new Rip */
1013 ControlPc = Context.Rip;
1014
1015 /* Save value, if we are past the frames to skip */
1016 if (i >= FramesToSkip)
1017 {
1018 Callers[i - FramesToSkip] = (PVOID)ControlPc;
1019 }
1020 }
1021 }
1022 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1023 {
1024 DPRINT1("Exception while getting callers!\n");
1025 i = 0;
1026 }
1027 _SEH2_END;
1028
1029 DPRINT("RtlWalkFrameChain returns %ld\n", i);
1030 return i;
1031}
1032
1036#undef RtlGetCallersAddress
1037VOID
1038NTAPI
1039RtlGetCallersAddress(
1040 OUT PVOID *CallersAddress,
1041 OUT PVOID *CallersCaller )
1042{
1043 PVOID Callers[4];
1044 ULONG Number;
1045
1046 /* Get callers:
1047 * RtlWalkFrameChain -> RtlGetCallersAddress -> x -> y */
1048 Number = RtlWalkFrameChain(Callers, 4, 0);
1049
1050 *CallersAddress = (Number >= 3) ? Callers[2] : NULL;
1051 *CallersCaller = (Number == 4) ? Callers[3] : NULL;
1052
1053 return;
1054}
1055
1056static
1057VOID
1058RtlpCaptureNonVolatileContextPointers(
1059 _Out_ PKNONVOLATILE_CONTEXT_POINTERS NonvolatileContextPointers,
1060 _In_ ULONG64 TargetFrame)
1061{
1062 CONTEXT Context;
1063 PRUNTIME_FUNCTION FunctionEntry;
1064 ULONG64 ImageBase;
1065 PVOID HandlerData;
1066 ULONG64 EstablisherFrame;
1067
1068 /* Zero out the nonvolatile context pointers */
1069 RtlZeroMemory(NonvolatileContextPointers, sizeof(*NonvolatileContextPointers));
1070
1071 /* Capture the current context */
1072 RtlCaptureContext(&Context);
1073
1074 do
1075 {
1076 /* Make sure nothing fishy is going on. Currently this is for kernel mode only. */
1077 ASSERT((LONG64)Context.Rip < 0);
1078 ASSERT((LONG64)Context.Rsp < 0);
1079
1080 /* Look up the function entry */
1081 FunctionEntry = RtlLookupFunctionEntry(Context.Rip, &ImageBase, NULL);
1082 if (FunctionEntry != NULL)
1083 {
1084 /* Do a virtual unwind to the caller and capture saved non-volatiles */
1085 RtlVirtualUnwind(UNW_FLAG_EHANDLER,
1086 ImageBase,
1087 Context.Rip,
1088 FunctionEntry,
1089 &Context,
1090 &HandlerData,
1091 &EstablisherFrame,
1092 NonvolatileContextPointers);
1093
1094 ASSERT(EstablisherFrame != 0);
1095 }
1096 else
1097 {
1098 Context.Rip = *(PULONG64)Context.Rsp;
1099 Context.Rsp += 8;
1100 }
1101
1102 /* Continue until we reach user mode */
1103 } while ((LONG64)Context.Rip < 0);
1104
1105 /* If the caller did the right thing, we should get past the target frame */
1106 ASSERT(EstablisherFrame >= TargetFrame);
1107}
1108
1109VOID
1110RtlSetUnwindContext(
1111 _In_ PCONTEXT Context,
1112 _In_ DWORD64 TargetFrame)
1113{
1114 KNONVOLATILE_CONTEXT_POINTERS ContextPointers;
1115
1116 /* Capture pointers to the non-volatiles up to the target frame */
1117 RtlpCaptureNonVolatileContextPointers(&ContextPointers, TargetFrame);
1118
1119 /* Copy the nonvolatiles to the captured locations */
1120 *ContextPointers.R12 = Context->R12;
1121 *ContextPointers.R13 = Context->R13;
1122 *ContextPointers.R14 = Context->R14;
1123 *ContextPointers.R15 = Context->R15;
1124 *ContextPointers.Xmm6 = Context->Xmm6;
1125 *ContextPointers.Xmm7 = Context->Xmm7;
1126 *ContextPointers.Xmm8 = Context->Xmm8;
1127 *ContextPointers.Xmm9 = Context->Xmm9;
1128 *ContextPointers.Xmm10 = Context->Xmm10;
1129 *ContextPointers.Xmm11 = Context->Xmm11;
1130 *ContextPointers.Xmm12 = Context->Xmm12;
1131 *ContextPointers.Xmm13 = Context->Xmm13;
1132 *ContextPointers.Xmm14 = Context->Xmm14;
1133 *ContextPointers.Xmm15 = Context->Xmm15;
1134}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
ReturnValue
UINT32 void void ** ReturnValue
Definition: acevents.h:216
HandlerType
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn UINT32 *TableIdx UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE ACPI_HANDLE ACPI_HANDLE *OutHandle ACPI_HANDLE *OutHandle void *Context void *Context ACPI_EVENT_HANDLER Handler UINT32 UINT32 ACPI_GPE_HANDLER void *Context UINT32 HandlerType
Definition: acpixf.h:817
DPRINT1
#define DPRINT1
Definition: precomp.h:8
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
RtlpCheckLogException
VOID NTAPI RtlpCheckLogException(IN PEXCEPTION_RECORD ExceptionRecord, IN PCONTEXT ContextRecord, IN PVOID ContextData, IN ULONG Size)
Definition: libsupp.c:201
RtlpGetMode
KPROCESSOR_MODE NTAPI RtlpGetMode(VOID)
Definition: libsupp.c:53
RtlPcToFileHeader
PVOID NTAPI RtlPcToFileHeader(IN PVOID PcValue, PVOID *BaseOfImage)
Definition: libsupp.c:659
ExceptionContinueSearch
@ ExceptionContinueSearch
Definition: compat.h:91
ExceptionCollidedUnwind
@ ExceptionCollidedUnwind
Definition: compat.h:93
ExceptionNestedException
@ ExceptionNestedException
Definition: compat.h:92
ExceptionContinueExecution
@ ExceptionContinueExecution
Definition: compat.h:90
PEXCEPTION_ROUTINE
EXCEPTION_ROUTINE * PEXCEPTION_ROUTINE
Definition: compat.h:709
RtlImageDirectoryEntryToData
#define RtlImageDirectoryEntryToData
Definition: compat.h:809
EXCEPTION_DISPOSITION
enum _EXCEPTION_DISPOSITION EXCEPTION_DISPOSITION
_SEH2_END
#define _SEH2_END
Definition: filesup.c:22
_SEH2_TRY
#define _SEH2_TRY
Definition: filesup.c:19
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
RVA
#define RVA(m, b)
Definition: freeldr.h:24
Table
ASMGENDATA Table[]
Definition: genincdata.c:61
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
UNW_FLAG_NHANDLER
#define UNW_FLAG_NHANDLER
Definition: gs_support.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
__debugbreak
void __cdecl __debugbreak(void)
Definition: intrin_ppc.h:698
ASSERT
#define ASSERT(a)
Definition: mode.c:44
PULONG64
unsigned __int64 * PULONG64
Definition: imports.h:198
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
_Inout_
#define _Inout_
Definition: ms_sal.h:378
_Outptr_
#define _Outptr_
Definition: ms_sal.h:427
_Inout_opt_
#define _Inout_opt_
Definition: ms_sal.h:379
_Out_
#define _Out_
Definition: ms_sal.h:345
_In_
#define _In_
Definition: ms_sal.h:308
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
KernelMode
#define KernelMode
Definition: asm.h:34
Disposition
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: cmfuncs.h:56
ZwRaiseException
NTSYSAPI NTSTATUS NTAPI ZwRaiseException(_In_ PEXCEPTION_RECORD ExceptionRecord, _In_ PCONTEXT Context, _In_ BOOLEAN SearchFrames)
RtlRaiseStatus
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
RtlCaptureContext
NTSYSAPI VOID NTAPI RtlCaptureContext(_Out_ PCONTEXT ContextRecord)
Count
int Count
Definition: noreturn.cpp:7
EstablisherFrame
_IRQL_requires_same_ _In_ PVOID EstablisherFrame
Definition: ntbasedef.h:653
ContextRecord
_IRQL_requires_same_ _In_ PVOID _Inout_ struct _CONTEXT * ContextRecord
Definition: ntbasedef.h:654
DispatcherContext
_IRQL_requires_same_ _In_ PVOID _Inout_ struct _CONTEXT _In_ PVOID DispatcherContext
Definition: ntbasedef.h:655
Offset
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
RtlpGetStackLimits
VOID NTAPI RtlpGetStackLimits(PULONG_PTR StackBase, PULONG_PTR StackLimit)
Number
_In_opt_ PENTER_STATE_SYSTEM_HANDLER _In_opt_ PVOID _In_ LONG _In_opt_ LONG volatile * Number
Definition: ntpoapi.h:207
STATUS_INVALID_DISPOSITION
#define STATUS_INVALID_DISPOSITION
Definition: ntstatus.h:275
STATUS_UNWIND
#define STATUS_UNWIND
Definition: ntstatus.h:276
STATUS_UNWIND_CONSOLIDATE
#define STATUS_UNWIND_CONSOLIDATE
Definition: ntstatus.h:220
STATUS_BAD_FUNCTION_TABLE
#define STATUS_BAD_FUNCTION_TABLE
Definition: ntstatus.h:491
STATUS_BAD_STACK
#define STATUS_BAD_STACK
Definition: ntstatus.h:277
IMAGE_DIRECTORY_ENTRY_EXCEPTION
#define IMAGE_DIRECTORY_ENTRY_EXCEPTION
Definition: pedump.c:262
LONG
long LONG
Definition: pedump.c:60
USHORT
unsigned short USHORT
Definition: pedump.c:61
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
UBYTE
unsigned char UBYTE
Definition: rsym64.h:4
PRUNTIME_FUNCTION
struct _RUNTIME_FUNCTION * PRUNTIME_FUNCTION
UNW_FLAG_EHANDLER
@ UNW_FLAG_EHANDLER
Definition: rsym64.h:108
UNW_FLAG_CHAININFO
@ UNW_FLAG_CHAININFO
Definition: rsym64.h:110
UNW_FLAG_UHANDLER
@ UNW_FLAG_UHANDLER
Definition: rsym64.h:109
RUNTIME_FUNCTION
struct _RUNTIME_FUNCTION RUNTIME_FUNCTION
DPRINT
#define DPRINT
Definition: sndvol32.h:71
Exit
static void Exit(void)
Definition: sock.c:1330
_CONTEXT
Definition: nt_native.h:1406
_DISPATCHER_CONTEXT
Definition: ketypes.h:1023
_EXCEPTION_RECORD
Definition: compat.h:207
_EXCEPTION_RECORD::ExceptionRecord
struct _EXCEPTION_RECORD * ExceptionRecord
Definition: compat.h:210
_EXCEPTION_RECORD::ExceptionCode
DWORD ExceptionCode
Definition: compat.h:208
_EXCEPTION_RECORD::NumberParameters
DWORD NumberParameters
Definition: compat.h:212
_EXCEPTION_RECORD::ExceptionFlags
DWORD ExceptionFlags
Definition: compat.h:209
_EXCEPTION_RECORD::ExceptionAddress
PVOID ExceptionAddress
Definition: compat.h:211
_RUNTIME_FUNCTION
Definition: rsym64.h:89
_UNWIND_INFO
Definition: cpu_x86_64.c:61
_UNWIND_INFO::CountOfCodes
UBYTE CountOfCodes
Definition: unwind.c:55
_UNWIND_INFO::FrameRegister
UBYTE FrameRegister
Definition: unwind.c:56
_UNWIND_INFO::Version
UBYTE Version
Definition: unwind.c:52
_UNWIND_INFO::SizeOfProlog
UBYTE SizeOfProlog
Definition: unwind.c:54
_UNWIND_INFO::UnwindCode
UNWIND_CODE UnwindCode[1]
Definition: cpu_x86_64.c:68
_UNWIND_INFO::FrameOffset
UBYTE FrameOffset
Definition: unwind.c:57
_UNWIND_INFO::Flags
UBYTE Flags
Definition: unwind.c:53
PDWORD64
uint64_t * PDWORD64
Definition: typedefs.h:67
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
LONG64
int64_t LONG64
Definition: typedefs.h:68
DWORD64
uint64_t DWORD64
Definition: typedefs.h:67
NTAPI
#define NTAPI
Definition: typedefs.h:36
PVOID
void * PVOID
Definition: typedefs.h:50
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
ALIGN_UP_POINTER_BY
#define ALIGN_UP_POINTER_BY(ptr, align)
Definition: umtypes.h:85
_UNWIND_CODE
Definition: cpu_x86_64.c:50
_UNWIND_CODE::UnwindOp
BYTE UnwindOp
Definition: cpu_x86_64.c:54
_UNWIND_CODE::CodeOffset
BYTE CodeOffset
Definition: cpu_x86_64.c:53
_UNWIND_CODE::FrameOffset
USHORT FrameOffset
Definition: cpu_x86_64.c:57
_UNWIND_CODE::UnwindOp
UBYTE UnwindOp
Definition: unwind.c:44
_UNWIND_CODE::OpInfo
UBYTE OpInfo
Definition: unwind.c:45
_UNWIND_CODE::CodeOffset
UBYTE CodeOffset
Definition: unwind.c:43
_UNWIND_CODE::OpInfo
BYTE OpInfo
Definition: cpu_x86_64.c:55
RtlVirtualUnwind
PEXCEPTION_ROUTINE NTAPI RtlVirtualUnwind(_In_ ULONG HandlerType, _In_ ULONG64 ImageBase, _In_ ULONG64 ControlPc, _In_ PRUNTIME_FUNCTION FunctionEntry, _Inout_ PCONTEXT Context, _Outptr_ PVOID *HandlerData, _Out_ PULONG64 EstablisherFrame, _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers)
Definition: unwind.c:479
GetXmmReg
static __inline M128A GetXmmReg(PCONTEXT Context, BYTE Reg)
Definition: unwind.c:286
RtlGetCallersAddress
VOID NTAPI RtlGetCallersAddress(OUT PVOID *CallersAddress, OUT PVOID *CallersCaller)
Definition: unwind.c:1039
RtlpUnwindInternal
BOOLEAN NTAPI RtlpUnwindInternal(_In_opt_ PVOID TargetFrame, _In_opt_ PVOID TargetIp, _In_ PEXCEPTION_RECORD ExceptionRecord, _In_ PVOID ReturnValue, _In_ PCONTEXT ContextRecord, _In_opt_ struct _UNWIND_HISTORY_TABLE *HistoryTable, _In_ ULONG HandlerType)
Definition: unwind.c:666
UWOP_EPILOG
#define UWOP_EPILOG
Definition: unwind.c:29
UBYTE
unsigned char UBYTE
Definition: unwind.c:37
PopReg
static __inline void PopReg(_Inout_ PCONTEXT Context, _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers, _In_ BYTE Reg)
Definition: unwind.c:247
RtlUnwind
VOID NTAPI RtlUnwind(_In_opt_ PVOID TargetFrame, _In_opt_ PVOID TargetIp, _In_opt_ PEXCEPTION_RECORD ExceptionRecord, _In_ PVOID ReturnValue)
Definition: unwind.c:913
UWOP_SAVE_NONVOL
#define UWOP_SAVE_NONVOL
Definition: unwind.c:23
RtlpCaptureNonVolatileContextPointers
static VOID RtlpCaptureNonVolatileContextPointers(_Out_ PKNONVOLATILE_CONTEXT_POINTERS NonvolatileContextPointers, _In_ ULONG64 TargetFrame)
Definition: unwind.c:1058
RtlUnwindEx
VOID NTAPI RtlUnwindEx(_In_opt_ PVOID TargetFrame, _In_opt_ PVOID TargetIp, _In_opt_ PEXCEPTION_RECORD ExceptionRecord, _In_ PVOID ReturnValue, _In_ PCONTEXT ContextRecord, _In_opt_ struct _UNWIND_HISTORY_TABLE *HistoryTable)
Definition: unwind.c:870
UNWIND_CODE
union _UNWIND_CODE UNWIND_CODE
UWOP_SPARE_CODE
#define UWOP_SPARE_CODE
Definition: unwind.c:30
GetEstablisherFrame
static ULONG64 GetEstablisherFrame(_In_ PCONTEXT Context, _In_ PUNWIND_INFO UnwindInfo, _In_ ULONG_PTR CodeOffset)
Definition: unwind.c:434
PUNWIND_INFO
struct _UNWIND_INFO * PUNWIND_INFO
UWOP_SAVE_NONVOL_FAR
#define UWOP_SAVE_NONVOL_FAR
Definition: unwind.c:24
RtlWalkFrameChain
ULONG NTAPI RtlWalkFrameChain(OUT PVOID *Callers, IN ULONG Count, IN ULONG Flags)
Definition: unwind.c:931
RtlpLookupDynamicFunctionEntry
PRUNTIME_FUNCTION NTAPI RtlpLookupDynamicFunctionEntry(_In_ DWORD64 ControlPc, _Out_ PDWORD64 ImageBase, _In_ PUNWIND_HISTORY_TABLE HistoryTable)
Definition: dynfntbl.c:271
SetXmmReg
static __inline void SetXmmReg(_Inout_ PCONTEXT Context, _In_ BYTE Reg, _In_ M128A Value)
Definition: unwind.c:259
SetReg
static __inline void SetReg(_Inout_ PCONTEXT Context, _In_ BYTE Reg, _In_ DWORD64 Value)
Definition: unwind.c:210
SetRegFromStackValue
static __inline void SetRegFromStackValue(_Inout_ PCONTEXT Context, _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers, _In_ BYTE Reg, _In_ PDWORD64 ValuePointer)
Definition: unwind.c:221
RtlLookupFunctionEntry
PRUNTIME_FUNCTION NTAPI RtlLookupFunctionEntry(IN DWORD64 ControlPc, OUT PDWORD64 ImageBase, OUT PUNWIND_HISTORY_TABLE HistoryTable)
Locates the RUNTIME_FUNCTION entry corresponding to a code address. http://msdn.microsoft....
Definition: unwind.c:124
UnwindOpSlots
static __inline ULONG UnwindOpSlots(_In_ UNWIND_CODE UnwindCode)
Definition: unwind.c:177
UWOP_PUSH_MACHFRAME
#define UWOP_PUSH_MACHFRAME
Definition: unwind.c:34
UWOP_ALLOC_LARGE
#define UWOP_ALLOC_LARGE
Definition: unwind.c:20
UNWIND_INFO
struct _UNWIND_INFO UNWIND_INFO
GetReg
static __inline DWORD64 GetReg(_In_ PCONTEXT Context, _In_ BYTE Reg)
Definition: unwind.c:237
PUNWIND_CODE
union _UNWIND_CODE * PUNWIND_CODE
RtlpTryToUnwindEpilog
static __inline BOOLEAN RtlpTryToUnwindEpilog(_Inout_ PCONTEXT Context, _In_ ULONG64 ControlPc, _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers, _In_ ULONG64 ImageBase, _In_ PRUNTIME_FUNCTION FunctionEntry)
Helper function that tries to unwind epilog instructions.
Definition: unwind.c:304
UWOP_ALLOC_SMALL
#define UWOP_ALLOC_SMALL
Definition: unwind.c:21
UWOP_SAVE_XMM128
#define UWOP_SAVE_XMM128
Definition: unwind.c:32
SetXmmRegFromStackValue
static __inline void SetXmmRegFromStackValue(_Out_ PCONTEXT Context, _Inout_opt_ PKNONVOLATILE_CONTEXT_POINTERS ContextPointers, _In_ BYTE Reg, _In_ M128A *ValuePointer)
Definition: unwind.c:270
UWOP_SAVE_XMM128_FAR
#define UWOP_SAVE_XMM128_FAR
Definition: unwind.c:33
RtlSetUnwindContext
VOID RtlSetUnwindContext(_In_ PCONTEXT Context, _In_ DWORD64 TargetFrame)
Definition: unwind.c:1110
RtlLookupFunctionTable
PRUNTIME_FUNCTION NTAPI RtlLookupFunctionTable(IN DWORD64 ControlPc, OUT PDWORD64 ImageBase, OUT PULONG Length)
Locates the table of RUNTIME_FUNCTION entries for a code address.
Definition: unwind.c:82
UWOP_PUSH_NONVOL
#define UWOP_PUSH_NONVOL
Definition: unwind.c:19
UWOP_SET_FPREG
#define UWOP_SET_FPREG
Definition: unwind.c:22
Size
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
Value
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:413
EXCEPTION_NONCONTINUABLE_EXCEPTION
#define EXCEPTION_NONCONTINUABLE_EXCEPTION
Definition: winbase.h:328
FunctionTable
static WLX_DISPATCH_VERSION_1_4 FunctionTable
Definition: wlx.c:722
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
M128A
M128A
Definition: ketypes.h:925
EXCEPTION_EXIT_UNWIND
#define EXCEPTION_EXIT_UNWIND
Definition: rtltypes.h:156
EXCEPTION_NONCONTINUABLE
#define EXCEPTION_NONCONTINUABLE
Definition: rtltypes.h:154
EXCEPTION_STACK_INVALID
#define EXCEPTION_STACK_INVALID
Definition: rtltypes.h:157
EXCEPTION_UNWINDING
#define EXCEPTION_UNWINDING
Definition: rtltypes.h:155
EXCEPTION_TARGET_UNWIND
#define EXCEPTION_TARGET_UNWIND
Definition: rtltypes.h:159
EXCEPTION_COLLIDED_UNWIND
#define EXCEPTION_COLLIDED_UNWIND
Definition: rtltypes.h:160
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
CHAR
char CHAR
Definition: xmlstorage.h:175
BYTE
unsigned char BYTE
Definition: xxhash.c:193