1 //===-- COFFDump.cpp - COFF-specific dumper ---------------------*- C++ -*-===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 /// 10 /// \file 11 /// \brief This file implements the COFF-specific dumper for llvm-objdump. 12 /// It outputs the Win64 EH data structures as plain text. 13 /// The encoding of the unwind codes is described in MSDN: 14 /// http://msdn.microsoft.com/en-us/library/ck9asaa9.aspx 15 /// 16 //===----------------------------------------------------------------------===// 17 18 #include "llvm-objdump.h" 19 #include "llvm/Object/COFF.h" 20 #include "llvm/Object/ObjectFile.h" 21 #include "llvm/Support/Format.h" 22 #include "llvm/Support/SourceMgr.h" 23 #include "llvm/Support/Win64EH.h" 24 #include "llvm/Support/raw_ostream.h" 25 #include <algorithm> 26 #include <cstring> 27 #include <system_error> 28 29 using namespace llvm; 30 using namespace object; 31 using namespace llvm::Win64EH; 32 33 // Returns the name of the unwind code. 34 static StringRef getUnwindCodeTypeName(uint8_t Code) { 35 switch(Code) { 36 default: llvm_unreachable("Invalid unwind code"); 37 case UOP_PushNonVol: return "UOP_PushNonVol"; 38 case UOP_AllocLarge: return "UOP_AllocLarge"; 39 case UOP_AllocSmall: return "UOP_AllocSmall"; 40 case UOP_SetFPReg: return "UOP_SetFPReg"; 41 case UOP_SaveNonVol: return "UOP_SaveNonVol"; 42 case UOP_SaveNonVolBig: return "UOP_SaveNonVolBig"; 43 case UOP_SaveXMM128: return "UOP_SaveXMM128"; 44 case UOP_SaveXMM128Big: return "UOP_SaveXMM128Big"; 45 case UOP_PushMachFrame: return "UOP_PushMachFrame"; 46 } 47 } 48 49 // Returns the name of a referenced register. 50 static StringRef getUnwindRegisterName(uint8_t Reg) { 51 switch(Reg) { 52 default: llvm_unreachable("Invalid register"); 53 case 0: return "RAX"; 54 case 1: return "RCX"; 55 case 2: return "RDX"; 56 case 3: return "RBX"; 57 case 4: return "RSP"; 58 case 5: return "RBP"; 59 case 6: return "RSI"; 60 case 7: return "RDI"; 61 case 8: return "R8"; 62 case 9: return "R9"; 63 case 10: return "R10"; 64 case 11: return "R11"; 65 case 12: return "R12"; 66 case 13: return "R13"; 67 case 14: return "R14"; 68 case 15: return "R15"; 69 } 70 } 71 72 // Calculates the number of array slots required for the unwind code. 73 static unsigned getNumUsedSlots(const UnwindCode &UnwindCode) { 74 switch (UnwindCode.getUnwindOp()) { 75 default: llvm_unreachable("Invalid unwind code"); 76 case UOP_PushNonVol: 77 case UOP_AllocSmall: 78 case UOP_SetFPReg: 79 case UOP_PushMachFrame: 80 return 1; 81 case UOP_SaveNonVol: 82 case UOP_SaveXMM128: 83 return 2; 84 case UOP_SaveNonVolBig: 85 case UOP_SaveXMM128Big: 86 return 3; 87 case UOP_AllocLarge: 88 return (UnwindCode.getOpInfo() == 0) ? 2 : 3; 89 } 90 } 91 92 // Prints one unwind code. Because an unwind code can occupy up to 3 slots in 93 // the unwind codes array, this function requires that the correct number of 94 // slots is provided. 95 static void printUnwindCode(ArrayRef<UnwindCode> UCs) { 96 assert(UCs.size() >= getNumUsedSlots(UCs[0])); 97 outs() << format(" 0x%02x: ", unsigned(UCs[0].u.CodeOffset)) 98 << getUnwindCodeTypeName(UCs[0].getUnwindOp()); 99 switch (UCs[0].getUnwindOp()) { 100 case UOP_PushNonVol: 101 outs() << " " << getUnwindRegisterName(UCs[0].getOpInfo()); 102 break; 103 case UOP_AllocLarge: 104 if (UCs[0].getOpInfo() == 0) { 105 outs() << " " << UCs[1].FrameOffset; 106 } else { 107 outs() << " " << UCs[1].FrameOffset 108 + (static_cast<uint32_t>(UCs[2].FrameOffset) << 16); 109 } 110 break; 111 case UOP_AllocSmall: 112 outs() << " " << ((UCs[0].getOpInfo() + 1) * 8); 113 break; 114 case UOP_SetFPReg: 115 outs() << " "; 116 break; 117 case UOP_SaveNonVol: 118 outs() << " " << getUnwindRegisterName(UCs[0].getOpInfo()) 119 << format(" [0x%04x]", 8 * UCs[1].FrameOffset); 120 break; 121 case UOP_SaveNonVolBig: 122 outs() << " " << getUnwindRegisterName(UCs[0].getOpInfo()) 123 << format(" [0x%08x]", UCs[1].FrameOffset 124 + (static_cast<uint32_t>(UCs[2].FrameOffset) << 16)); 125 break; 126 case UOP_SaveXMM128: 127 outs() << " XMM" << static_cast<uint32_t>(UCs[0].getOpInfo()) 128 << format(" [0x%04x]", 16 * UCs[1].FrameOffset); 129 break; 130 case UOP_SaveXMM128Big: 131 outs() << " XMM" << UCs[0].getOpInfo() 132 << format(" [0x%08x]", UCs[1].FrameOffset 133 + (static_cast<uint32_t>(UCs[2].FrameOffset) << 16)); 134 break; 135 case UOP_PushMachFrame: 136 outs() << " " << (UCs[0].getOpInfo() ? "w/o" : "w") 137 << " error code"; 138 break; 139 } 140 outs() << "\n"; 141 } 142 143 static void printAllUnwindCodes(ArrayRef<UnwindCode> UCs) { 144 for (const UnwindCode *I = UCs.begin(), *E = UCs.end(); I < E; ) { 145 unsigned UsedSlots = getNumUsedSlots(*I); 146 if (UsedSlots > UCs.size()) { 147 outs() << "Unwind data corrupted: Encountered unwind op " 148 << getUnwindCodeTypeName((*I).getUnwindOp()) 149 << " which requires " << UsedSlots 150 << " slots, but only " << UCs.size() 151 << " remaining in buffer"; 152 return ; 153 } 154 printUnwindCode(ArrayRef<UnwindCode>(I, E)); 155 I += UsedSlots; 156 } 157 } 158 159 // Given a symbol sym this functions returns the address and section of it. 160 static std::error_code 161 resolveSectionAndAddress(const COFFObjectFile *Obj, const SymbolRef &Sym, 162 const coff_section *&ResolvedSection, 163 uint64_t &ResolvedAddr) { 164 if (std::error_code EC = Sym.getAddress(ResolvedAddr)) 165 return EC; 166 section_iterator iter(Obj->section_begin()); 167 if (std::error_code EC = Sym.getSection(iter)) 168 return EC; 169 ResolvedSection = Obj->getCOFFSection(*iter); 170 return object_error::success; 171 } 172 173 // Given a vector of relocations for a section and an offset into this section 174 // the function returns the symbol used for the relocation at the offset. 175 static std::error_code resolveSymbol(const std::vector<RelocationRef> &Rels, 176 uint64_t Offset, SymbolRef &Sym) { 177 for (std::vector<RelocationRef>::const_iterator I = Rels.begin(), 178 E = Rels.end(); 179 I != E; ++I) { 180 uint64_t Ofs; 181 if (std::error_code EC = I->getOffset(Ofs)) 182 return EC; 183 if (Ofs == Offset) { 184 Sym = *I->getSymbol(); 185 return object_error::success; 186 } 187 } 188 return object_error::parse_failed; 189 } 190 191 // Given a vector of relocations for a section and an offset into this section 192 // the function resolves the symbol used for the relocation at the offset and 193 // returns the section content and the address inside the content pointed to 194 // by the symbol. 195 static std::error_code 196 getSectionContents(const COFFObjectFile *Obj, 197 const std::vector<RelocationRef> &Rels, uint64_t Offset, 198 ArrayRef<uint8_t> &Contents, uint64_t &Addr) { 199 SymbolRef Sym; 200 if (std::error_code EC = resolveSymbol(Rels, Offset, Sym)) 201 return EC; 202 const coff_section *Section; 203 if (std::error_code EC = resolveSectionAndAddress(Obj, Sym, Section, Addr)) 204 return EC; 205 if (std::error_code EC = Obj->getSectionContents(Section, Contents)) 206 return EC; 207 return object_error::success; 208 } 209 210 // Given a vector of relocations for a section and an offset into this section 211 // the function returns the name of the symbol used for the relocation at the 212 // offset. 213 static std::error_code resolveSymbolName(const std::vector<RelocationRef> &Rels, 214 uint64_t Offset, StringRef &Name) { 215 SymbolRef Sym; 216 if (std::error_code EC = resolveSymbol(Rels, Offset, Sym)) 217 return EC; 218 if (std::error_code EC = Sym.getName(Name)) 219 return EC; 220 return object_error::success; 221 } 222 223 static void printCOFFSymbolAddress(llvm::raw_ostream &Out, 224 const std::vector<RelocationRef> &Rels, 225 uint64_t Offset, uint32_t Disp) { 226 StringRef Sym; 227 if (!resolveSymbolName(Rels, Offset, Sym)) { 228 Out << Sym; 229 if (Disp > 0) 230 Out << format(" + 0x%04x", Disp); 231 } else { 232 Out << format("0x%04x", Disp); 233 } 234 } 235 236 static void 237 printSEHTable(const COFFObjectFile *Obj, uint32_t TableVA, int Count) { 238 if (Count == 0) 239 return; 240 241 const pe32_header *PE32Header; 242 if (error(Obj->getPE32Header(PE32Header))) 243 return; 244 uint32_t ImageBase = PE32Header->ImageBase; 245 uintptr_t IntPtr = 0; 246 if (error(Obj->getVaPtr(TableVA, IntPtr))) 247 return; 248 const support::ulittle32_t *P = (const support::ulittle32_t *)IntPtr; 249 outs() << "SEH Table:"; 250 for (int I = 0; I < Count; ++I) 251 outs() << format(" 0x%x", P[I] + ImageBase); 252 outs() << "\n\n"; 253 } 254 255 static void printLoadConfiguration(const COFFObjectFile *Obj) { 256 // Skip if it's not executable. 257 const pe32_header *PE32Header; 258 if (error(Obj->getPE32Header(PE32Header))) 259 return; 260 if (!PE32Header) 261 return; 262 263 const coff_file_header *Header; 264 if (error(Obj->getCOFFHeader(Header))) 265 return; 266 // Currently only x86 is supported 267 if (Header->Machine != COFF::IMAGE_FILE_MACHINE_I386) 268 return; 269 270 const data_directory *DataDir; 271 if (error(Obj->getDataDirectory(COFF::LOAD_CONFIG_TABLE, DataDir))) 272 return; 273 uintptr_t IntPtr = 0; 274 if (DataDir->RelativeVirtualAddress == 0) 275 return; 276 if (error(Obj->getRvaPtr(DataDir->RelativeVirtualAddress, IntPtr))) 277 return; 278 279 auto *LoadConf = reinterpret_cast<const coff_load_configuration32 *>(IntPtr); 280 outs() << "Load configuration:" 281 << "\n Timestamp: " << LoadConf->TimeDateStamp 282 << "\n Major Version: " << LoadConf->MajorVersion 283 << "\n Minor Version: " << LoadConf->MinorVersion 284 << "\n GlobalFlags Clear: " << LoadConf->GlobalFlagsClear 285 << "\n GlobalFlags Set: " << LoadConf->GlobalFlagsSet 286 << "\n Critical Section Default Timeout: " << LoadConf->CriticalSectionDefaultTimeout 287 << "\n Decommit Free Block Threshold: " << LoadConf->DeCommitFreeBlockThreshold 288 << "\n Decommit Total Free Threshold: " << LoadConf->DeCommitTotalFreeThreshold 289 << "\n Lock Prefix Table: " << LoadConf->LockPrefixTable 290 << "\n Maximum Allocation Size: " << LoadConf->MaximumAllocationSize 291 << "\n Virtual Memory Threshold: " << LoadConf->VirtualMemoryThreshold 292 << "\n Process Affinity Mask: " << LoadConf->ProcessAffinityMask 293 << "\n Process Heap Flags: " << LoadConf->ProcessHeapFlags 294 << "\n CSD Version: " << LoadConf->CSDVersion 295 << "\n Security Cookie: " << LoadConf->SecurityCookie 296 << "\n SEH Table: " << LoadConf->SEHandlerTable 297 << "\n SEH Count: " << LoadConf->SEHandlerCount 298 << "\n\n"; 299 printSEHTable(Obj, LoadConf->SEHandlerTable, LoadConf->SEHandlerCount); 300 outs() << "\n"; 301 } 302 303 // Prints import tables. The import table is a table containing the list of 304 // DLL name and symbol names which will be linked by the loader. 305 static void printImportTables(const COFFObjectFile *Obj) { 306 import_directory_iterator I = Obj->import_directory_begin(); 307 import_directory_iterator E = Obj->import_directory_end(); 308 if (I == E) 309 return; 310 outs() << "The Import Tables:\n"; 311 for (; I != E; I = ++I) { 312 const import_directory_table_entry *Dir; 313 StringRef Name; 314 if (I->getImportTableEntry(Dir)) return; 315 if (I->getName(Name)) return; 316 317 outs() << format(" lookup %08x time %08x fwd %08x name %08x addr %08x\n\n", 318 static_cast<uint32_t>(Dir->ImportLookupTableRVA), 319 static_cast<uint32_t>(Dir->TimeDateStamp), 320 static_cast<uint32_t>(Dir->ForwarderChain), 321 static_cast<uint32_t>(Dir->NameRVA), 322 static_cast<uint32_t>(Dir->ImportAddressTableRVA)); 323 outs() << " DLL Name: " << Name << "\n"; 324 outs() << " Hint/Ord Name\n"; 325 const import_lookup_table_entry32 *entry; 326 if (I->getImportLookupEntry(entry)) 327 return; 328 for (; entry->data; ++entry) { 329 if (entry->isOrdinal()) { 330 outs() << format(" % 6d\n", entry->getOrdinal()); 331 continue; 332 } 333 uint16_t Hint; 334 StringRef Name; 335 if (Obj->getHintName(entry->getHintNameRVA(), Hint, Name)) 336 return; 337 outs() << format(" % 6d ", Hint) << Name << "\n"; 338 } 339 outs() << "\n"; 340 } 341 } 342 343 // Prints export tables. The export table is a table containing the list of 344 // exported symbol from the DLL. 345 static void printExportTable(const COFFObjectFile *Obj) { 346 outs() << "Export Table:\n"; 347 export_directory_iterator I = Obj->export_directory_begin(); 348 export_directory_iterator E = Obj->export_directory_end(); 349 if (I == E) 350 return; 351 StringRef DllName; 352 uint32_t OrdinalBase; 353 if (I->getDllName(DllName)) 354 return; 355 if (I->getOrdinalBase(OrdinalBase)) 356 return; 357 outs() << " DLL name: " << DllName << "\n"; 358 outs() << " Ordinal base: " << OrdinalBase << "\n"; 359 outs() << " Ordinal RVA Name\n"; 360 for (; I != E; I = ++I) { 361 uint32_t Ordinal; 362 if (I->getOrdinal(Ordinal)) 363 return; 364 uint32_t RVA; 365 if (I->getExportRVA(RVA)) 366 return; 367 outs() << format(" % 4d %# 8x", Ordinal, RVA); 368 369 StringRef Name; 370 if (I->getSymbolName(Name)) 371 continue; 372 if (!Name.empty()) 373 outs() << " " << Name; 374 outs() << "\n"; 375 } 376 } 377 378 // Given the COFF object file, this function returns the relocations for .pdata 379 // and the pointer to "runtime function" structs. 380 static bool getPDataSection(const COFFObjectFile *Obj, 381 std::vector<RelocationRef> &Rels, 382 const RuntimeFunction *&RFStart, int &NumRFs) { 383 for (const SectionRef &Section : Obj->sections()) { 384 StringRef Name; 385 if (error(Section.getName(Name))) 386 continue; 387 if (Name != ".pdata") 388 continue; 389 390 const coff_section *Pdata = Obj->getCOFFSection(Section); 391 for (const RelocationRef &Reloc : Section.relocations()) 392 Rels.push_back(Reloc); 393 394 // Sort relocations by address. 395 std::sort(Rels.begin(), Rels.end(), RelocAddressLess); 396 397 ArrayRef<uint8_t> Contents; 398 if (error(Obj->getSectionContents(Pdata, Contents))) 399 continue; 400 if (Contents.empty()) 401 continue; 402 403 RFStart = reinterpret_cast<const RuntimeFunction *>(Contents.data()); 404 NumRFs = Contents.size() / sizeof(RuntimeFunction); 405 return true; 406 } 407 return false; 408 } 409 410 static void printWin64EHUnwindInfo(const Win64EH::UnwindInfo *UI) { 411 // The casts to int are required in order to output the value as number. 412 // Without the casts the value would be interpreted as char data (which 413 // results in garbage output). 414 outs() << " Version: " << static_cast<int>(UI->getVersion()) << "\n"; 415 outs() << " Flags: " << static_cast<int>(UI->getFlags()); 416 if (UI->getFlags()) { 417 if (UI->getFlags() & UNW_ExceptionHandler) 418 outs() << " UNW_ExceptionHandler"; 419 if (UI->getFlags() & UNW_TerminateHandler) 420 outs() << " UNW_TerminateHandler"; 421 if (UI->getFlags() & UNW_ChainInfo) 422 outs() << " UNW_ChainInfo"; 423 } 424 outs() << "\n"; 425 outs() << " Size of prolog: " << static_cast<int>(UI->PrologSize) << "\n"; 426 outs() << " Number of Codes: " << static_cast<int>(UI->NumCodes) << "\n"; 427 // Maybe this should move to output of UOP_SetFPReg? 428 if (UI->getFrameRegister()) { 429 outs() << " Frame register: " 430 << getUnwindRegisterName(UI->getFrameRegister()) << "\n"; 431 outs() << " Frame offset: " << 16 * UI->getFrameOffset() << "\n"; 432 } else { 433 outs() << " No frame pointer used\n"; 434 } 435 if (UI->getFlags() & (UNW_ExceptionHandler | UNW_TerminateHandler)) { 436 // FIXME: Output exception handler data 437 } else if (UI->getFlags() & UNW_ChainInfo) { 438 // FIXME: Output chained unwind info 439 } 440 441 if (UI->NumCodes) 442 outs() << " Unwind Codes:\n"; 443 444 printAllUnwindCodes(ArrayRef<UnwindCode>(&UI->UnwindCodes[0], UI->NumCodes)); 445 446 outs() << "\n"; 447 outs().flush(); 448 } 449 450 /// Prints out the given RuntimeFunction struct for x64, assuming that Obj is 451 /// pointing to an executable file. 452 static void printRuntimeFunction(const COFFObjectFile *Obj, 453 const RuntimeFunction &RF) { 454 if (!RF.StartAddress) 455 return; 456 outs() << "Function Table:\n" 457 << format(" Start Address: 0x%04x\n", 458 static_cast<uint32_t>(RF.StartAddress)) 459 << format(" End Address: 0x%04x\n", 460 static_cast<uint32_t>(RF.EndAddress)) 461 << format(" Unwind Info Address: 0x%04x\n", 462 static_cast<uint32_t>(RF.UnwindInfoOffset)); 463 uintptr_t addr; 464 if (Obj->getRvaPtr(RF.UnwindInfoOffset, addr)) 465 return; 466 printWin64EHUnwindInfo(reinterpret_cast<const Win64EH::UnwindInfo *>(addr)); 467 } 468 469 /// Prints out the given RuntimeFunction struct for x64, assuming that Obj is 470 /// pointing to an object file. Unlike executable, fields in RuntimeFunction 471 /// struct are filled with zeros, but instead there are relocations pointing to 472 /// them so that the linker will fill targets' RVAs to the fields at link 473 /// time. This function interprets the relocations to find the data to be used 474 /// in the resulting executable. 475 static void printRuntimeFunctionRels(const COFFObjectFile *Obj, 476 const RuntimeFunction &RF, 477 uint64_t SectionOffset, 478 const std::vector<RelocationRef> &Rels) { 479 outs() << "Function Table:\n"; 480 outs() << " Start Address: "; 481 printCOFFSymbolAddress(outs(), Rels, 482 SectionOffset + 483 /*offsetof(RuntimeFunction, StartAddress)*/ 0, 484 RF.StartAddress); 485 outs() << "\n"; 486 487 outs() << " End Address: "; 488 printCOFFSymbolAddress(outs(), Rels, 489 SectionOffset + 490 /*offsetof(RuntimeFunction, EndAddress)*/ 4, 491 RF.EndAddress); 492 outs() << "\n"; 493 494 outs() << " Unwind Info Address: "; 495 printCOFFSymbolAddress(outs(), Rels, 496 SectionOffset + 497 /*offsetof(RuntimeFunction, UnwindInfoOffset)*/ 8, 498 RF.UnwindInfoOffset); 499 outs() << "\n"; 500 501 ArrayRef<uint8_t> XContents; 502 uint64_t UnwindInfoOffset = 0; 503 if (error(getSectionContents( 504 Obj, Rels, SectionOffset + 505 /*offsetof(RuntimeFunction, UnwindInfoOffset)*/ 8, 506 XContents, UnwindInfoOffset))) 507 return; 508 if (XContents.empty()) 509 return; 510 511 UnwindInfoOffset += RF.UnwindInfoOffset; 512 if (UnwindInfoOffset > XContents.size()) 513 return; 514 515 auto *UI = reinterpret_cast<const Win64EH::UnwindInfo *>(XContents.data() + 516 UnwindInfoOffset); 517 printWin64EHUnwindInfo(UI); 518 } 519 520 void llvm::printCOFFUnwindInfo(const COFFObjectFile *Obj) { 521 const coff_file_header *Header; 522 if (error(Obj->getCOFFHeader(Header))) 523 return; 524 525 if (Header->Machine != COFF::IMAGE_FILE_MACHINE_AMD64) { 526 errs() << "Unsupported image machine type " 527 "(currently only AMD64 is supported).\n"; 528 return; 529 } 530 531 std::vector<RelocationRef> Rels; 532 const RuntimeFunction *RFStart; 533 int NumRFs; 534 if (!getPDataSection(Obj, Rels, RFStart, NumRFs)) 535 return; 536 ArrayRef<RuntimeFunction> RFs(RFStart, NumRFs); 537 538 bool IsExecutable = Rels.empty(); 539 if (IsExecutable) { 540 for (const RuntimeFunction &RF : RFs) 541 printRuntimeFunction(Obj, RF); 542 return; 543 } 544 545 for (const RuntimeFunction &RF : RFs) { 546 uint64_t SectionOffset = 547 std::distance(RFs.begin(), &RF) * sizeof(RuntimeFunction); 548 printRuntimeFunctionRels(Obj, RF, SectionOffset, Rels); 549 } 550 } 551 552 void llvm::printCOFFFileHeader(const object::ObjectFile *Obj) { 553 const COFFObjectFile *file = dyn_cast<const COFFObjectFile>(Obj); 554 printLoadConfiguration(file); 555 printImportTables(file); 556 printExportTable(file); 557 } 558
