Vmlinux ELF finds offsets for members of a given structure

Question

Vmlinux ELF finds offsets for members of a given structure

In Linux kernel, I need to find the offsets of the member variables of the structure being used. For example, for init_task, which is of type task_struct, I need the offsets of its pid and tasks.

I only have vmlinux for this. I can refer to the open source kernel code, but it may be different from the build I have.

Is it possible to get offsets without a source?

EDIT: vmlinux is for ARM and I can't always run C code on the target device.

+2

linux elf

Naseer 12 Sep '09 at 17:59

source to share

3 answers

6.47 Offset

GCC implements a syntax extension for C and C ++ to implement the offset macro.

 primary:
         "__builtin_offsetof" "(" typename "," offsetof_member_designator ")"

 offsetof_member_designator:
           identifier
         | offsetof_member_designator "." identifier
         | offsetof_member_designator "[" expr "]"

This extension is sufficient to

 #define offsetof(type, member)  __builtin_offsetof (type, member)

is a suitable definition for a macro offset. In C ++, the type can be dependent. In either case, a member can consist of a single identifier or sequence of element access and an array reference.

+1

DigitalRoss 12 Sep 09 at 18:19

source to share

Found another solution with arm-eabi-gdb - I can do print & init_task and print & init_task.pid and the difference is the offset.

0

Naseer 13 Sep '09 at 12:37

source to share

ephemient · Accepted Answer · 2009-09-14T01:27:50+0000

The size and location of structures is present in the debug information of the compiled object files (if you compile with -g

and not strip

).

pahole (aka "poke-a-hole", packaged like dev-util/dwarves

Gentoo) reads the debug information of a DWARF object to output information about "holes" in structures - this might be a good starting point for you.

Vmlinux ELF finds offsets for members of a given structure

6.47 Offset

More articles: