Created
April 13, 2020 20:49
-
-
Save trylek/66fb3056bf53302f6f7e9cb4057a98f0 to your computer and use it in GitHub Desktop.
CG1-compiled ReadFileNative
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Int32 System.IO.FileStream.ReadFileNative(Microsoft.Win32.SafeHandles.SafeFileHandle, System.Span`1<Byte>, System.Threading.NativeOverlapped*, ref Int32) | |
| Handle: 0x06004CEA | |
| Rid: 19690 | |
| Number of RuntimeFunctions: 1 | |
| Number of fixups: 3 | |
| handle != null (STRING_HANDLE) | |
| Async IO and overlapped parameters inconsistent in call to ReadFileNative. (STRING_HANDLE) | |
| System.Span`1<byte> (TYPE_HANDLE) | |
| Int32 System.IO.FileStream.ReadFileNative(Microsoft.Win32.SafeHandles.SafeFileHandle, System.Span`1<Byte>, System.Threading.NativeOverlapped*, ref Int32) | |
| Size: 317 bytes | |
| Version: 1 | |
| Flags: 0x03 EHANDLER UHANDLER | |
| SizeOfProlog: 0x0010 | |
| CountOfUnwindCodes: 9 | |
| FrameRegister: RAX | |
| FrameOffset: 0x0 | |
| UnwindCode[0]: CodeOffset 0x0010 FrameOffset 0x6210 NextOffset 0x-1 Op 56 | |
| UnwindCode[1]: CodeOffset 0x000C FrameOffset 0x300C NextOffset 0x-1 Op RBX(3) | |
| UnwindCode[2]: CodeOffset 0x000B FrameOffset 0x600B NextOffset 0x-1 Op RSI(6) | |
| UnwindCode[3]: CodeOffset 0x000A FrameOffset 0x700A NextOffset 0x-1 Op RDI(7) | |
| UnwindCode[4]: CodeOffset 0x0009 FrameOffset 0xC009 NextOffset 0x-1 Op R12(12) | |
| UnwindCode[5]: CodeOffset 0x0007 FrameOffset 0xD007 NextOffset 0x-1 Op R13(13) | |
| UnwindCode[6]: CodeOffset 0x0005 FrameOffset 0xE005 NextOffset 0x-1 Op R14(14) | |
| UnwindCode[7]: CodeOffset 0x0003 FrameOffset 0xF003 NextOffset 0x-1 Op R15(15) | |
| UnwindCode[8]: CodeOffset 0x0001 FrameOffset 0x5001 NextOffset 0x-1 Op RBP(5) | |
| Debug Info | |
| Bounds: | |
| IL Offset: 0xFFFFFFFE, Source Types: StackEmpty | |
| IL Offset: 0x0, Source Types: StackEmpty | |
| IL Offset: 0xE, Source Types: StackEmpty | |
| IL Offset: 0x16, Source Types: StackEmpty | |
| IL Offset: 0x1B, Source Types: StackEmpty | |
| IL Offset: 0x23, Source Types: StackEmpty | |
| IL Offset: 0x2A, Source Types: StackEmpty | |
| IL Offset: 0x2D, Source Types: StackEmpty | |
| IL Offset: 0xFFFFFFFF, Source Types: StackEmpty | |
| IL Offset: 0x38, Source Types: StackEmpty | |
| IL Offset: 0x3A, Source Types: StackEmpty | |
| IL Offset: 0x41, Source Types: StackEmpty | |
| IL Offset: 0x44, Source Types: StackEmpty | |
| IL Offset: 0x78, Source Types: StackEmpty | |
| IL Offset: 0x7B, Source Types: StackEmpty | |
| IL Offset: 0x87, Source Types: StackEmpty | |
| IL Offset: 0xFFFFFFFD, Source Types: StackEmpty | |
| IL Offset: 0x89, Source Types: StackEmpty | |
| IL Offset: 0x8D, Source Types: StackEmpty | |
| IL Offset: 0xFFFFFFFD, Source Types: StackEmpty | |
| Variable Locations: | |
| Variable Number: 0 | |
| Start Offset: 0x0 | |
| End Offset: 0x24 | |
| Loc Type: VLT_REG | |
| Register: RCX | |
| Variable Number: 1 | |
| Start Offset: 0x0 | |
| End Offset: 0x24 | |
| Loc Type: VLT_REG | |
| Register: RDX | |
| Variable Number: 2 | |
| Start Offset: 0x0 | |
| End Offset: 0x24 | |
| Loc Type: VLT_REG | |
| Register: R8 | |
| Variable Number: 3 | |
| Start Offset: 0x0 | |
| End Offset: 0x24 | |
| Loc Type: VLT_REG | |
| Register: R9 | |
| Variable Number: 4 | |
| Start Offset: 0x0 | |
| End Offset: 0x24 | |
| Loc Type: VLT_STK | |
| Base Register: RSP | |
| Stack Offset: 40 | |
| Variable Number: 3 | |
| Start Offset: 0x2B | |
| End Offset: 0xC4 | |
| Loc Type: VLT_REG | |
| Register: RBX | |
| Variable Number: 1 | |
| Start Offset: 0x2B | |
| End Offset: 0xD0 | |
| Loc Type: VLT_REG | |
| Register: RDI | |
| Variable Number: 7 | |
| Start Offset: 0xC4 | |
| End Offset: 0xD3 | |
| Loc Type: VLT_REG | |
| Register: RDX | |
| Variable Number: 1 | |
| Start Offset: 0xDE | |
| End Offset: 0xE3 | |
| Loc Type: VLT_REG | |
| Register: RDI | |
| Variable Number: 7 | |
| Start Offset: 0xDE | |
| End Offset: 0xE6 | |
| Loc Type: VLT_REG | |
| Register: RDX | |
| Variable Number: 0 | |
| Start Offset: 0x2B | |
| End Offset: 0xFC | |
| Loc Type: VLT_REG | |
| Register: RSI | |
| Variable Number: 4 | |
| Start Offset: 0x2B | |
| End Offset: 0x109 | |
| Loc Type: VLT_STK | |
| Base Register: RBP | |
| Stack Offset: 48 | |
| Variable Number: 4 | |
| Start Offset: 0x121 | |
| End Offset: 0x127 | |
| Loc Type: VLT_STK | |
| Base Register: RBP | |
| Stack Offset: 48 | |
| push rbp | |
| UWOP_PUSH_NONVOL RBP(5) | |
| push r15 | |
| UWOP_PUSH_NONVOL R15(15) | |
| push r14 | |
| UWOP_PUSH_NONVOL R14(14) | |
| push r13 | |
| UWOP_PUSH_NONVOL R13(13) | |
| push r12 | |
| UWOP_PUSH_NONVOL R12(12) | |
| push rdi | |
| UWOP_PUSH_NONVOL RDI(7) | |
| push rsi | |
| UWOP_PUSH_NONVOL RSI(6) | |
| push rbx | |
| UWOP_PUSH_NONVOL RBX(3) | |
| sub rsp, 56 | |
| UWOP_ALLOC_SMALL 56 | |
| lea rbp, [rsp + 112] | |
| xor eax, eax | |
| mov qword ptr [rbp - 72], rax | |
| mov rsi, rcx | |
| mov rdi, rdx | |
| mov rbx, r9 | |
| mov r14, qword ptr [r8] | |
| mov r15d, dword ptr [r8 + 8] | |
| mov r12, qword ptr [ (STRING_HANDLE)] | |
| mov r13, qword ptr [r12] | |
| test rdi, rdi | |
| jne 0x005F | |
| call qword ptr [System.Diagnostics.Debug (STATIC_BASE_GC)] | |
| mov rcx, qword ptr [rax + 5712] | |
| mov rdx, qword ptr [handle != null (STRING_HANDLE)] | |
| mov rdx, qword ptr [rdx] | |
| mov r8, r13 | |
| mov rax, qword ptr [rcx] | |
| mov rax, qword ptr [rax + 72] | |
| call qword ptr [rax + 32] | |
| movzx eax, byte ptr [rsi + 108] | |
| test eax, eax | |
| je 0x006C | |
| test rbx, rbx | |
| jne 0x007F | |
| test eax, eax | |
| jne 0x007B | |
| test rbx, rbx | |
| sete al | |
| movzx eax, al | |
| jmp 0x0084 | |
| xor eax, eax | |
| jmp 0x0084 | |
| mov eax, 1 | |
| mov r12, qword ptr [r12] | |
| test al, al | |
| jne 0x00B0 | |
| call qword ptr [System.Diagnostics.Debug (STATIC_BASE_GC)] | |
| mov rcx, qword ptr [rax + 5712] | |
| mov rdx, qword ptr [Async IO and overlapped parameters inconsistent in call to ReadFileNative. (STRING_HANDLE)] | |
| mov rdx, qword ptr [rdx] | |
| mov r8, r12 | |
| mov rax, qword ptr [rcx] | |
| mov rax, qword ptr [rax + 72] | |
| call qword ptr [rax + 32] | |
| xor r9d, r9d | |
| mov dword ptr [rbp - 64], r9d | |
| mov qword ptr [rbp - 72], r14 | |
| mov rdx, r14 | |
| cmp byte ptr [rsi + 108], 0 | |
| jne 0x00DE | |
| xor r9d, r9d | |
| mov qword ptr [rsp + 32], r9 | |
| lea r9, [rbp - 64] | |
| mov rcx, rdi | |
| mov r8d, r15d | |
| call qword ptr [Int32 Interop+Kernel32.ReadFile(System.Runtime.InteropServices.SafeHandle, Byte*, Int32, ref Int32, IntPtr) (METHOD_ENTRY)] | |
| jmp 0x00F2 | |
| mov qword ptr [rsp + 32], rbx | |
| mov rcx, rdi | |
| mov r8d, r15d | |
| xor r9d, r9d | |
| call qword ptr [Int32 Interop+Kernel32.ReadFile(System.Runtime.InteropServices.SafeHandle, Byte*, Int32, IntPtr, System.Threading.NativeOverlapped*) (METHOD_ENTRY)] | |
| xor ecx, ecx | |
| mov qword ptr [rbp - 72], rcx | |
| test eax, eax | |
| jne 0x0121 | |
| mov rcx, rsi | |
| call qword ptr [Int32 System.IO.FileStream.GetLastWin32ErrorAndDisposeHandleIfInvalid() (METHOD_ENTRY)] | |
| mov rsi, qword ptr [rbp + 48] | |
| mov dword ptr [rsi], eax | |
| mov eax, 4294967295 | |
| lea rsp, [rbp - 56] | |
| pop rbx | |
| pop rsi | |
| pop rdi | |
| pop r12 | |
| pop r13 | |
| pop r14 | |
| pop r15 | |
| pop rbp | |
| ret | |
| xor eax, eax | |
| mov rsi, qword ptr [rbp + 48] | |
| mov dword ptr [rsi], eax | |
| mov eax, dword ptr [rbp - 64] | |
| lea rsp, [rbp - 56] | |
| pop rbx | |
| pop rsi | |
| pop rdi | |
| pop r12 | |
| pop r13 | |
| pop r14 | |
| pop r15 | |
| pop rbp | |
| ret |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment