Address of element within a structure from elf executable

Question

Is it possible to obtain the address of an element within a structure from an ELF executable not compile for debug?

Example, given the following code:

typedef struct {
   int tokyo;
   int paris;
   int london;
}cities;

cities  places;

Both nm and readelf give the start address of the variable 'places', and readelf also gives the sizeof:

    Num:    Value  Size Type    Bind   Vis      Ndx Name
1994983: d0003ae8    12 OBJECT  GLOBAL DEFAULT   23 cities

However what I need is the address of each element within the structure. So from above what I want is:

d0003ae8    cities.tokyo
d0003aec    cities.paris
d0003af0    cities.london

My only route at present is to compile with dwarf2 debug info, use readelf (-wliao) to dump out the .debug_info section, and then parse the type tree from a DW_TAG_variable adding up base_type sizes. Example readelf:

 <1><e00b>: Abbrev Number: 5 (DW_TAG_structure_type)
     DW_AT_byte_size   : 12
     DW_AT_decl_file   : 3  
     DW_AT_decl_line   : 25 
 <2><e013>: Abbrev Number: 6 (DW_TAG_member)
     DW_AT_name        : tokyo
     DW_AT_decl_file   : 3  
     DW_AT_decl_line   : 15 
     DW_AT_type        : <df04>
 <2><e02e>: Abbrev Number: 6 (DW_TAG_member)
     DW_AT_name        : paris
     DW_AT_decl_file   : 3  
     DW_AT_decl_line   : 16 
     DW_AT_type        : <df04> 
 <2><e02e>: Abbrev Number: 6 (DW_TAG_member)
     DW_AT_name        : london
     DW_AT_decl_file   : 3  
     DW_AT_decl_line   : 16 
     DW_AT_type        : <df04> 

I need to find a way of doing this without access to the source code, and with debug info turned off..

Any help or pointers appreciated.

Thanks, Chris

Answer 1

No, there is no way to do this. ELF alone does not describe types or offsets.

If you know the types of the fields of the structure and the ABI of the architecture for which the object is built, you can recreate the layout.