0

I have the linux CPP compiled binary. Based on class(symbol) name, how can I know the size of symbol at runtime, memory it would occupy; Using any disassembly tool? Or any other methods?

(It may be pointing to extra heap memory which is not my concern. But the class member storing pointer to heap should get calculated).

TorukMakto
  • 2,066
  • 2
  • 24
  • 38
  • Do you mean the size the object once created takes up, or the space that your class implementation (code) takes up? Those are two completely different questions. – Mats Petersson Sep 30 '14 at 08:18
  • 1
    Try `sizeof(myclass)`? – Mats Petersson Sep 30 '14 at 08:19
  • @Mats Petersson: Object once created takes up – TorukMakto Sep 30 '14 at 08:19
  • @MatsPetersson: I just got a binary. So can't use sizeof – TorukMakto Sep 30 '14 at 08:20
  • 1
    The size returned by the `sizeof` operator *is* the size an object will take up if you create an instance of the class. – Some programmer dude Sep 30 '14 at 08:21
  • 1
    I doubt there is a way to do that from binary (well, you can perhaps find where `new myclass` is called, and determine from that, but you can't necessarily know if it's `new myclass[2];` or some such either) – Mats Petersson Sep 30 '14 at 08:21
  • 1
    However, if all you have is only an object file (for example) then you can't really get the size of any class since there are no classes, only code and possibly data. There are no classes or structures. – Some programmer dude Sep 30 '14 at 08:22
  • I mean, if you open a binary in disassembler, you get all symbol names, and more information. I am just not sure how to get the size of that symbol object. I have a feeling that it should be possible using objdump --syms, but cant understand how to read it – TorukMakto Sep 30 '14 at 08:25
  • Perhaps you could subtract the address of the next symbol in symtab from the one whose size you want? Won't work if it's the last symbol... – eerorika Sep 30 '14 at 08:27
  • 1
    But the object file doesn't really contain the sizes of the classes used by the C++ code that was used to create the object file. You might have symbol names of exported symbols, but all that will tell you that you have exported symbols with the specified names. If the source contained a class `X`, the only traces left of that class is the *code* from the class, not the data. To get the size of the data, you have to decipher the assembler code and *guess* what types and sizes the data might have. The member variables themselves are *not* in the object file. – Some programmer dude Sep 30 '14 at 08:39

1 Answers1

3

The binary needs to be compiled with debugging symbols to find that information. You can read the info from the DWARF debugging symbols. Here's a demonstration:

Given this code:

#include <iostream>
struct MyType {
    int a, b,c;
    float d;
};


int main(int argc, char *argv[])
{
    struct MyType t;
    std::cout << sizeof(t);

}

You can compile it with g++ -g demo.c

Dump the debugging symbols with

 objdump -W ./a.out

There will be a section like

 <1><13c7>: Abbrev Number: 20 (DW_TAG_structure_type)
    <13c8>   DW_AT_name        : (indirect string, offset: 0x8af): MyType
    <13cc>   DW_AT_byte_size   : 16
    <13cd>   DW_AT_decl_file   : 1
    <13ce>   DW_AT_decl_line   : 2
    <13cf>   DW_AT_sibling     : <0x13fc>

There we go, MyType has a size of 16.

If the binary doesn't have debugging symbols, you're rather out of luck. You'd have to know a place where the code deals with the size of the type your're interested in, disassemble the binary, find that part of the code.

nos
  • 223,662
  • 58
  • 417
  • 506