Re: [musl] Potential bug in __res_msend_rc() wrt to union initialization.

[Mike Cui <cuicui@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 3812 bytes --]

On Tue, Mar 19, 2024 at 8:42 AM Rich Felker <dalias@libc.org> wrote:

> On Tue, Mar 19, 2024 at 08:04:31AM -0700, Mike Cui wrote:
> > On Tue, Mar 19, 2024 at 6:18 AM Rich Felker <dalias@libc.org> wrote:
> >
> > > On Mon, Mar 18, 2024 at 05:01:41PM -0700, Mike Cui wrote:
> > > > Yeah I also just went over the C99 spec as well, section 6.7.8, and I
> > > have
> > > > to agree with clang developer's interpretation, that "{ 0 }"
> > > > only initializes the first member of the union.
> > >
> > > There is no such thing as "only initializes [part]" in the C language.
> > > The { 0 } *only provides a value for* the first member. The question
> > > is about what happens to parts of the object for which the initializer
> > > did not "provide a value". However, the C99 standard does not clearly
> > > describe how the bits of a union that are not part of the member for
> > > which a value is provided (usually the first, unless a designated
> > > initializer is used) are filled on initialization.
> > >
> > > You are referring to this paragraph?
> >
> > 6.7.9 ¶21
> > If there are fewer initializers in a brace-enclosed list than there are
> > elements or members of an aggregate, or fewer characters in a string
> > literal used to initialize an array of known size than there are elements
> > in the array, the remainder of the aggregate shall be initialized
> > implicitly the same as objects that have static storage duration.
> >
> > Folks on the LLVM discourse pointed out this paragraph does not apply to
> > unions, since unions are not "aggegates" according to the definition in
> > 6.2.5p21:
> > 21. Arithmetic types and pointer types are collectively called scalar
> > types. Array and structure types are collectively called *aggregate*
> types.
>
> No, the part below that you didn't reply to covers unions:
>
>
The full 6.7.9 ¶10:

10 If an object that has automatic storage duration is not initialized
explicitly, its value is indeterminate. If an object that has static or
thread storage duration is not initialized explicitly, then:
- if it has pointer type, it is initialized to a null pointer;
- if it has arithmetic type, it is initialized to (positive or unsigned)
zero;
- if it is an aggregate, every member is initialized (recursively)
according to these rules, and any padding is initialized to zero bits;
- if it is a union, the first named member is initialized (recursively)
according to these rules, and any padding is initialized to zero bits;

The second part that you quoted applies to "static or thread storage
duration". The first sentence specifically says that anything not
initialized is indeterminate.
The only other paragraph which invokes 6.7.9 p10 is 6.7.9p21, which also
does not apply to unions. (p21 ensures that the "ns" array of unions in the
code would be zeroed out, but not the "sa" which a single union allocated
on the stack.)



> > > C11 adds (in 6.7.9 ¶10):
> > >
> > >     "if it is a union, the first named member is initialized
> > >     (recursively) according to these rules, and any padding is
> > >     initialized to zero bits;"
> > >
> > > where C99 just had (6.7.8):
> > >
> > >     "if it is a union, the first named member is initialized
> > >     (recursively) according to these rules."
> > >
> > > So I think C11 and later actually require the full zero
> > > initialization of all bits, and clang is just wrong.
> > >
> > > > "{ }" apparently is added in C23 as the "universal zero
> initializer". So
> > > > changing the order moving sin6 up is the only way to be C99
> conformant.
> > >
> > > Indeed since at the source level we just depend on C99 not C11, this
> > > should be changed. But clang needs to be fixed too.
> > >
> > > Rich
> > >
>

[-- Attachment #2: Type: text/html, Size: 4952 bytes --]