0

Is it possible to find out all instances of static initialization in a elf dynamic library. I can dump the array of function pointers in .init_array section via objdump command like this. 

objdump -s -j .init_array <libname.so>

Is there a way to map these function pointers back to function names. I have unstripped library with debug symbols. I want to eliminate static initialization as much as possible to improve my library load time.

Arpit Aggarwal
  • 841
  • 8
  • 18
  • Even if you could identify any functions that are called from the `.init_array`, they would not necessarily be all the instances of static initialization in the DSO. See [How to count static initializer in an ELF file?](https://stackoverflow.com/q/15532590/1362568) – Mike Kinghan Mar 10 '19 at 19:36
  • That's okay, I can do the same thing for .init and .ctors sections as well. But is there a way to find out function names from function pointers? – Arpit Aggarwal Mar 11 '19 at 05:21

1 Answers1

2

On x86-64, .init_array contains a list of 8-byte little-endian pointers to static initializers/constructors. The example below has 4 initializers with the addresses - 0x1160, 0x11a7, 0x1231 and 0x12bb:

$ objdump -s -j .init_array a.out

a.out:     file format elf64-x86-64

Contents of section .init_array:
 3d88 60110000 00000000 a7110000 00000000  `...............
 3d98 31120000 00000000 bb120000 00000000  1...............

You can find the initializer function by providing an address from .init_array to objdump. E.g. the address 0x11a7 points to the special function _GLOBAL__sub_I_a (static initializer for the global variable a):

$ objdump -S --start-address=0x11a7 a.out | head

a.out:     file format elf64-x86-64


Disassembly of section .text:

00000000000011a7 <_GLOBAL__sub_I_a>:
    11a7:       f3 0f 1e fa             endbr64
    11ab:       55                      push   %rbp
    11ac:       48 89 e5                mov    %rsp,%rbp
roolebo
  • 819
  • 9
  • 15