Incorrect Compiler Identification

RudjiGames / MTuner

MTuner is a C/C++ memory profiler and memory leak finder for Windows, PlayStation 4 and 3, Android and other platforms

BSD 2-Clause "Simplified" License

2.63k stars 145 forks source link

Incorrect Compiler Identification #98

Open forrestsmithfb opened 1 year ago

forrestsmithfb commented 1 year ago

symbolResolverCreate has some logic to determine what type of compiler/toolchain was used. The function hasRichheader is used to determine whether MSVC or GCC was used on Windows.

The function hasRichHeader is pure magic with no documentation. Unfortunately it appears to be an incomplete function. For my exe that function is returning false and the GCC toolchain is selected. This results in no symbols being loaded for my binary.

However my binary was built by MSVC. And if I modify source to force the toolchain to MSVC the symbols are correctly loaded. I'm not sure what hasRichHeader is doing wrong.

Unfortunately I can not share my exe as it's is proprietary and internal. :(

milostosic commented 1 year ago

Thanks for reporting this, it may explain some strange reports from before!

hasRichHeader checks, as the name implies, for presence of rich header which MTuner assumes was generated by MSVC. This is not 100% reliable as it is possible to remove rich header from PE, more info here: https://bytepointer.com/articles/the_microsoft_rich_header.htm

So even without seeing your exe, I guess some part of your build process removes rich header from it. I'd be happy to replace this with something more reliable - suggestions welcome! :)

milostosic commented 1 year ago

Would be curious to know what return statement in hasRichheader is triggered with your exe.

forrestsmithfb commented 1 year ago

It goes through the whole loop to determine roffset, doesn't find the magic value 0x68636952, and returns 0. https://github.com/milostosic/rdebug/blob/master/src/symbols.cpp#L84

Here's the values it did read:

0x0eba1f0e 0xcd09b400 0x4c01b821 0x685421cd 0x70207369 0x72676f72 0x63206d61 0x6f6e6e61 0x65622074 0x6e757220 0x206e6920 0x20534f44 0x65646f6d 0x0000242e

suggestions welcome! :)

Unfortunately I do not. I've never delved into the internals of the PE file format before. :( But here's what ChatGPT suggested? :) https://chat.openai.com/share/1a419c22-24e9-4312-8ed0-c1e3f92f103d

akrieger commented 10 months ago

The 'rich header' appears to be an artifact of link.exe. Binaries linked with lld-link.exe (despite objects being compiled with msvc) do not seem to possess it.