PDB/CodeView: How to connect S_GPROC32 with coressponding func address in a DLL?

I was wondering if someone familiar with CodeView/PDB/PE-COFF can answer on the following question: How to connect qsort’s S_GPROC32 with corresponding address in a DLL?

I have a simple program calling a qsort() from ucrtbased.dll.
When there is a Symbol Table, it is trivial to relocate the symbol/connect the PC of function begin in the .text section with the symbol (DLLBase+Sym.Value()). When compiling it with Debug Symbols, the symbol table is empty/stripped away.
$ llvm-readobj --symbols ucrtbased.dll
Symbols [
]

By using:
$ llvm-readobj --coff-debug-directory ucrtbased.dll
we can see that ucrtbased.pdb is PDB file describing this DLL.

By exploring the PDB we can find the symbol:
$ llvm-pdbutil dump --symbols ucrtbased.pdb
900 | S_GPROC32 [size = 48] qsort
parent = 0, end = 1588, addr = 0001:763792, code size = 1805
type = 0x24B6 (void (void*, unsigned __int64, u...), debug start = 45, debug end = 1781, flags = none

But it is not very clear to me how to connect this symbol information with the .text section of the DLL.

The addresses are stored as section indices and section offsets, so the “addr = 0001:763792” portion. Presumably, the .text is section 1. The offset is in decimal, and IMO it should be in hex to make it easier to match against PC values, but that was the choice at the time. The PDB also contains a copy of the section table, so you can translate these numbers to RVAs relatively easily.

I know you aren’t using clang, but it can be used to gain more insight into the structure of the records. See this assembly fragment: https://gcc.godbolt.org/z/TaEd5zPT5

.short 4423 # Record kind: S_GPROC32_ID

.secrel32 “?foo@@YAXXZ” # Function section relative address

.secidx “?foo@@YAXXZ

Those directives are documented here:
https://llvm.org/docs/Extensions.html

Thanks Reid!

The offset is in decimal, and IMO it should be in hex to make it easier to match against PC values, but that was the choice at the time.

I agree with this.