We're working on a C program compiled with arm-eabi-gcc under Linux.
We're using a dump of a large structure and we're having problems determining at which adress we should read various fields of our structure (like 50 of them), (memory alignement and padding aren't so predictable to me).
Is there any way to get the memory mapping of the structure produced by a our compiler. An option in gdb? Or any tool helping us find the correspondance between fields and adress in the dump?
You can do it with gdb. As an example, I'll use this source:
struct A {
int a;
char b;
short c;
};
int main() {
struct A a;
}
Loading up the binary in gdb:
(gdb) print (int)&((struct A*)0)->a
$1 = 0
(gdb) print (int)&((struct A*)0)->b
$2 = 4
(gdb) print (int)&((struct A*)0)->c
$3 = 6
UPDATE:
If you need to do it for a large number of fields, then you may find it handy to use GDB's new python interface (you'll need a recent version of GDB to use it, I'm using 7.4). I've created offsets.py:
import gdb
class Offsets(gdb.Command):
def __init__(self):
super (Offsets, self).__init__ ('offsets-of', gdb.COMMAND_DATA)
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
if len(argv) != 1:
raise gdb.GdbError('offsets-of takes exactly 1 argument.')
stype = gdb.lookup_type(argv[0])
print argv[0], '{'
for field in stype.fields():
print ' %s => %d' % (field.name, field.bitpos//8)
print '}'
Offsets()
Then you can add to your .gdbinit:
python
sys.path.insert(0, '/path/to/script/dir')
import offsets
end
Then using it in GDB, like:
(gdb) offsets-of "struct A"
struct A {
a => 0
b => 4
c => 6
}
This script makes a few simplifying assumptions, like that you don't use bitfields, and it doesn't dig into nested structs, but those changes are3 fairly straightforward if you need them.
You can do it from a C program using the standard offsetof() macro, defined in stddef.h. However I'm not sure this is what you want, since you may be unable to run it (compiling it on the host will likely return wrong offsets).
#include <stdio.h>
#include <stddef.h>
struct A {
int a;
char b;
short c;
};
int main() {
printf("Offset of b in A is %zu\n", offsetof(struct A, b));
return 0;
}
However, you may be able to employ some hacks to get the offset from a compiled binary without executing it. Maybe assign a static variable the offset value, and find some way of getting its value.
Seems to me you could write a bit of code like this for the required fields
struct MyStruct S;
int Offset_of_X=((long)&(S.X))-((long)&S);
to calculate the offset in bytes in this compile situation.
This should account for any alignment issues the compiler has.
来源:https://stackoverflow.com/questions/9788679/how-to-get-the-relative-address-of-a-field-in-a-structure-dump-c