search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.16k stars 4.72k forks source link

When compiling NativeAOT, is the deferred information stored in a PDB file with field pointers like in C++? #97346

Closed dadavadd closed 8 months ago

dadavadd commented 9 months ago

NativeAOT PDB file loaded into IDA:

image

C++ pdb loaded into IDA: image

Or does information about the fields disappear during compilation, even from a PDB file?

ghost commented 9 months ago

Tagging subscribers to this area: @agocke, @MichalStrehovsky, @jkotas See info in area-owners.md if you want to be subscribed.

Issue Details
NativeAOT PDB file loaded into IDA: ![image](https://github.com/dotnet/runtime/assets/111659964/c25f3976-3ede-4e58-b63a-535b695f133f) C++ pdb loaded into IDA: ![image](https://github.com/dotnet/runtime/assets/111659964/f134ecf5-c075-4a7e-8675-1689692b2b07) Or does the information about the fields disappear during compilation?
Author: dadavadd
Assignees: -
Labels: `untriaged`, `area-NativeAOT-coreclr`
Milestone: -
SingleAccretion commented 9 months ago

Yes, the AOT compiler does produce debugging information for fields, among other things. It can also produce information needed by reflection for fields that may be reflected on (this is usually a rather small subset of all fields) in a custom format that is stored directly in the binary.

dadavadd commented 9 months ago

Yes, the AOT compiler does produce debugging information for fields, among other things. It can also produce information needed by reflection for fields that may be reflected on (this is usually a rather small subset of all fields) in a custom format that is stored directly in the binary.

Is there any way to view them in IDA PRO while loading debugging information (.pdb)?

SingleAccretion commented 9 months ago

I do not know (this would be an IDA question). I would presume that the "shape" of debug information produced is sufficiently different from C++'s that it is not picked up by the decompiler by default.

dadavadd commented 9 months ago

Indeed, this is noticeable with strings. They are marked in ida pro as "unk_1234567".

I do not know (this would be an IDA question). I would presume that the "shape" of debug information produced is sufficiently different from C++'s that it is not picked up by the decompiler by default.

Indeed, this is noticeable with strings. They are marked in ida pro as "unk_1234567".

MichalStrehovsky commented 9 months ago

Indeed, this is noticeable with strings. They are marked in ida pro as "unk_1234567".

The string in Native AOT look nothing like typical strings in native languages - first is a pointer to the vtable, next is the size of the string, followed by the characters. IDA would need to learn to understand these.

Thealexbarney commented 9 months ago

I remember back in the CoreRT days IDA was a lot better at loading debug info. It got worse somewhere along the way, although I seem to recall IDA loading a lot more stuff from DWARF info compared to PDBs back then.

MichalStrehovsky commented 8 months ago

I think the question has been answered and I don't see anything else actionable.