Any documentation for .init_array function arguments?

Question

I can see lots of copied lore that functions registered with the .init_array section have the command-line arguments argc and argv, like main(), but I am failing to find any actual published documentation online that confirms that this is the case.

Yes, for clarity, the function itself is not "declared in" the .init_array, but a pointer to the function is declared there, "registering" the function, and it is called by some iterator during start-up. Question remains: show me some documentation for the argument list passed in by that iterator.

My intent is to change these arguments from a dynamic library in a subtle but generally safe way, so I want to find the "real deal" in memory - not from /proc/self/.

For more information, follow the link below.

Some Stack-overflow lore: Accessing main arguments outside of main on Linux

Even my favoured Oracle ( docs.oracle.com/cd/E23824_01/html/819-0690/chapter3-8.html ) only mentions that the functions get called, but no promise of what arguments there might be. Same with the elf and gcc documentation, as far as I can see.

In the land of C/C++ UB paranoia, Ideally I need some certainty that this is documented behaviour before I go ahead with it? Does it exist? Can it be implied in some way?

---

Summary of comments/answers so-far:

At least for GNU libc, a relevant change occurred with this patch: BZ #974. https://sourceware.org/pipermail/libc-alpha/2005-July/019240.html (It is mentioned in glibc's ChangeLog.old/ChangeLog.16 entry 2005-04-13 H.J. Lu.) – Ian Abbott

To me, this demonstrates that the glbc maintainers were aware of the requirement to pass argc/argv/env - that it is not accidental - and extended it to main exe registrations. It also tells us that it was working for dynamic libraries prior to that date.

It is an interesting question whether this binds other libc implementers to follow the pattern.

Answer 1

I've found this interesting article about Linux programs' start-up procedure by Patrick Horgan. But I may not guarantee the correctness of this source.

At least, it explains the code behind the .init_array section:

void __libc_csu_init (int argc, char **argv, char **envp) {
  _init ();

  const size_t size = __init_array_end - __init_array_start;
  for (size_t i = 0; i < size; i++) {
      (*__init_array_start [i]) (argc, argv, envp);
  }
}

It appears that __libc_csu_init() function first calculates the number of elements inside .init_array section, and then calls every function pointer with arguments argc, argv and envp. This function (__libc_csu_init()) is called before main().

NOTE: the .init_array section appears to be specific to the ELF binary format.

---

Update

It appears that the implementation of __libc_csu_init() (and, more in general, how .init_array functions are called) is platform-dependent and libc-dependent.

However, GLIBC on Linux appears to correctly call the functions with the desired arguments, as you can see from its source code.

Plus, reading the GLIBC changelog, it appears that this behavior has been introduced in 2005.