[LLDB/Bug/Enhancement] on intel IBT(e.g. endbr64), LLDB fails to resolve symbol names for dynamic calls breaking on PLT/GOT stubs (e.g., ___lldb_unnamed_symbolXX) #164049
Description
Component: Debugger Core / Symbolication
Description
when endbr64 will be inserted into PLT table. Instead of displaying the intended unresolved symbol name (e.g., printf@plt), LLDB falls back to a generic, unhelpful label. Here is a reproduce example.
Steps to Reproduce
- Create a minimal C program (test.cpp):
#include <cstdio>
using namespace std;
int main(){
printf("1\n");
printf("2\n");
printf("3\n");
return 0;
}- compile with IBT or without IBT:
g++ ./src/test.cpp -fcf-protection=full -o test_with_ibt
g++ ./src/test.cpp -fcf-protection=none -o test_without_ibt
- use lldb to disasm main function:
# with IBT, notice the ___lldb_unnamed_symbol39
test_with_ibt`main:
-> 0x555555555149 <+0>: endbr64
0x55555555514d <+4>: pushq %rbp
0x55555555514e <+5>: movq %rsp, %rbp
0x555555555151 <+8>: leaq 0xeac(%rip), %rax
0x555555555158 <+15>: movq %rax, %rdi
0x55555555515b <+18>: callq 0x555555555050 ; ___lldb_unnamed_symbol39
0x555555555160 <+23>: leaq 0xe9f(%rip), %rax
0x555555555167 <+30>: movq %rax, %rdi
# without IBT, notice the symbol stub for: puts
test_without_ibt`main:
-> 0x555555555139 <+0>: pushq %rbp
0x55555555513a <+1>: movq %rsp, %rbp
0x55555555513d <+4>: leaq 0xec0(%rip), %rax
0x555555555144 <+11>: movq %rax, %rdi
0x555555555147 <+14>: callq 0x555555555030 ; symbol stub for: puts
0x55555555514c <+19>: leaq 0xeb3(%rip), %rax
0x555555555153 <+26>: movq %rax, %rdi
behavior in gdb
In gdb, when disasm with layout asm , puts@plt is recognized as the jump destination
Test env
lldb version 20.1.2
GNU gdb (Ubuntu 15.0.50.20240403-0ubuntu1) 15.0.50.20240403-git