[SOLVED] How to identify the symbols in the symbol table are my 'application' functions

How to identify the symbols in the symbol table are my 'application' functions

I have an example C program test.c that defines three functions only: main, fn1 and fn2:

void fn1(void){...}
void fn2(void){...}
int main(int argc, char** argv){...}

Compiling and then extracting the symbol table of this program (via nm ./test) gives a ton of symbols:

0000000000601030 B __bss_start
0000000000601030 b completed.8086
0000000000601020 D __data_start
0000000000601020 W data_start
0000000000400430 t deregister_tm_clones
0000000000400420 T _dl_relocate_static_pie
00000000004004a0 t __do_global_dtors_aux
0000000000600e18 t __do_global_dtors_aux_fini_array_entry
0000000000601028 D __dso_handle
0000000000600e20 d _DYNAMIC
0000000000601030 D _edata
0000000000601038 B _end
0000000000400724 T _fini
00000000004005d0 T fn1
00000000004004e0 T fn2
00000000004004d0 t frame_dummy
.... and so on

I can see main, fn1 and fn2 in the output, but is there any way to differentiate these from the other application symbols? Even only looking at the symbols in the text (code) section, there are 16 symbols. I understand in general what these symbols relate to, but I'd like some mechanism to identify them distinct from 'my own'.

The context of my question is Intel Pintools, where I can't find a way to filter my instrumentation pintool written in C++ to the routines within the .text section that I care about (i.e. the application functions). In my pintool, I want to do something like:

VOID Routine(RTN rtn, VOID *v)
{

  if(is_application_function(rtn)){
    // instrument this routine with some calls
  } else {
    // don't instrument
  }

}

How could I possibly implement the is_application_function(RTN rtn)? I can filter it to only my application (checking that the image type == shared) and the .text part (checking that the section name == .text), but after that I can't filter any further... Any ideas?

I wouldn't necessarily be against relatively hacky solutions. Are the additional symbols always constant meaning I could filter them out? Do the additional symbols always reside in a particular region of addresses? Is there a tool that I could run during initialisation, with results read into a white or black-list?

Thanks!

Solution

is there any way to differentiate these from the other application symbols?

No.

I can't find a way to filter my instrumentation pintool written in C++ to the routines within the .text section that I care about

It's your application. Surely you can either use consistent naming, or collect a list of symbols you care about, and use that.