Skip to content

2.72 GDB调试时某些符号出现其他中后缀

https://scz.617.cn/unix/202303022110.txt

Q:

GDB调试时某些符号出现其他中后缀,比如

.isra.124.constprop.226 icmp_echo.part.0 _PyObject_VectorcallTstate.lto_priv.12

nm查看内核调试符号时也会碰上类似的中后缀,这都什么鬼玩意儿?

A: ChatGPT 2023-03-02

.constprop.

A prefix or infix added to symbol names by the GCC compiler when the function or variable is a candidate for constant propagation optimization. It indicates that the function or variable may be safely replaced by its constant value at compile time.

Suppose we have the following C code


int add(int a, int b) { int c = a + b; return c; }

int main() { int x = 2; int y = 3; int z = add(x, y); return z; }


When compiled with GCC and optimized with the "-O2" flag, the compiler will perform constant propagation optimization on the "add" function, because the variables "a" and "b" are constant values at the call site. This means that the compiler can replace the variables "a" and "b" with their constant values (2 and 3, respectively) at compile time, and then compute the result of the "add" function (which is 5) as a constant value.

As a result of this optimization, the compiler will add the ".constprop" symbol to the name of the "add" function, to indicate that it has undergone constant propagation optimization. The resulting assembly code might look something like this


add.constprop: movl $5, %eax ret

main: movl $2, %edi movl $3, %esi call add.constprop movl %eax, %ebx movl %ebx, %eax ret


Here, we can see that the "add" function has been replaced with a single instruction that computes the result of adding the constant values 2 and 3, and the resulting function is named "add.constprop". This is an example of how the ".constprop" symbol is used to indicate that a function has undergone constant propagation optimization.

A: ChatGPT 2023-03-02

.part.

The ".part." infix in symbol names is often used by the GCC compiler to indicate that a particular object file or function has been split as part of the Split DWARF feature. This feature is designed to reduce the size of debug information generated by the compiler, by splitting the debug information into separate files that can be loaded on-demand at debug time.

For example, suppose we have a program "foo" that is compiled with the -gsplit-dwarf flag, which enables the Split DWARF feature. During compilation, the GCC compiler will split the debug information into separate files, and will add the ".part." infix to the symbol names of the split functions and variables.

As an example, suppose we have a function "bar" in the "foo" program that has been split as part of the Split DWARF feature. The symbol name for this function might appear as "bar.part.0" in the object file generated by the compiler. The ".part.0" infix in the symbol name indicates that this function has been split into a separate object file, with debug information stored in a separate ".dwo" file.

When the program is debugged using a debugger that supports the Split DWARF feature, the debugger will load the separate ".dwo" file for the relevant function or variable, in order to provide access to the debug information for that symbol. This can help to reduce the overall size of the executable or shared library, while still allowing for comprehensive debugging information to be available when needed.

A: ChatGPT 2023-03-02

The ".lto_priv." infix in symbol names is often used by the GCC compiler to indicate that a particular object file or function has been transformed as part of the Link-Time Optimization (LTO) feature. This feature is designed to improve code optimization and reduce executable size by performing inter-procedural optimization across different compilation units.

For example, suppose we have a program "foo" that is compiled with the -flto flag, which enables the LTO feature. During compilation, the GCC compiler will perform inter-procedural optimization across different source files, and will add the ".lto_priv." infix to the symbol names of the transformed functions and variables.

As an example, suppose we have a function "bar" in the "foo" program that has been transformed as part of the LTO feature. The symbol name for this function might appear as "bar.lto_priv.12" in the object file generated by the compiler. The ".lto_priv.12" infix in the symbol name indicates that this function has been transformed as part of the LTO feature, and that it is associated with the 12th LTO object file.

When the program is linked using the linker that supports the LTO feature, the linker will perform additional inter-procedural optimization across different compilation units, using the LTO object files generated by the compiler. This can help to improve code optimization and reduce executable size, by allowing the compiler and linker to perform more comprehensive optimization across the entire program.

A: stackoverflow 2013-02-10

What does the GCC function suffix .constprop mean - [2013-02-10] https://stackoverflow.com/questions/14796686/what-does-the-gcc-function-suffix-constprop-mean

They indicate functions which have been cloned during optimization. This file implements constant propagation and merging. It looks for instructions involving only constant operands and replaces them with a constant value instead of an instruction.

If you have a static function and you happen to call it with a certain constant (or constants) for one or some of its parameter(s), gcc can create an optimized version just for that combination of parameter value(s).

A: Tomaz Solc 2020-02-14

Printing .lto_priv symbols in GDB - Tomaz Solc [2020-02-14] https://www.tablix.org/~avian/blog/archives/2020/02/printing_lto_priv_symbols_in_gdb/

You have to quote the names of some variables when debugging a binary that was compiled with link time optimization. You have to put it in quotes so that gdb doesn't try to interpret the dot as an operator.

D: scz 2023-03-02

用单引号包裹符号,不要用双引号。有个不确定的经验,出现中缀时,可用单引号包 裹符号;只有后缀时,即使用单引号包裹符号也无法完成解析,只能删除后缀直接用 原始符号,此情况似乎并无其他变体。一些示例

x/i 'some.lto_priv.2' x/i 'some.lto_priv.2'+134 info symbol 'some.lto_priv.2'+134

注意,单引号只能包裹带中缀的符号变体,不能包裹偏移量。

IDA对带这些带中后缀的符号有自己的处理方式,比如将 _PyObject_VectorcallTstate.lto_priv.12显示成_PyObject_VectorcallTstate_15, 在IDA中看不出前者,只能在GDB中看到前者,这可能产生误导。

关于GDB命令行补齐,参看


3.3 Command Completion https://sourceware.org/gdb/onlinedocs/gdb/Completion.html

16 Examining the Symbol Table https://sourceware.org/gdb/onlinedocs/gdb/Symbols.html


在GDB提示符下连按两次TAB完成命令行补齐,若有多个可选项,会显示它们,若只有 一个可选项,将自动补齐。另一种方式,按"M-?",将显示所有可选项,无论有几个, 并不自动补齐,这是GDB官方文档的说法。

"M-?"是什么意思?

M是Meta的意思,"M-?"就是同时按住Meta和问号键。Windows没有Meta键,此时可以 先按ESC,松开后再按"Shift-?",实测有效。用"M-?"时无需先按一次TAB。

可以用单引号将符号包起来,但不要用双引号,后者有幺蛾子,达不到预期目的。