From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: from second.openwall.net (second.openwall.net [193.110.157.125]) by inbox.vuxu.org (Postfix) with SMTP id 56EC42678A for ; Tue, 19 Mar 2024 17:01:08 +0100 (CET) Received: (qmail 3902 invoked by uid 550); 19 Mar 2024 15:56:37 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 26165 invoked from network); 19 Mar 2024 15:51:16 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710863734; x=1711468534; darn=lists.openwall.com; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=DGx1H58qIfNkD9UT5CZhxKarZW+XA7o67WT0K2U6/KA=; b=hS1uk90K5TQnvPMT4vga5lTvYoLUk47dTQ9vZH2gllapfKMNE9pUPlBHQ+f7j+vRuu 9IXaC/WhuvXFbFt2IOLPHse/ZVTMGTDjj7fmZAkaD+zzAKb/6wewZM64aGQ3HYsxSQ2I wLASo2wH9IyJuUYFPIZx74QZ173bxr+Bo92AqdsaPVHpx6DFT767Qt0ZwXJDncY5KX7a sVP4IdhHYG4OR2w5FTu8YyJevO1e/56yYF31Amq0XfNtOrihUrnszurINVIu4g0nAY6j mnSjQ3wOjZ4KMwRMZuCk+5vN80XEvVuGgNFSMfb6pEc3bdDRqNTfUALE7sEAvpctmI8q yV3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710863734; x=1711468534; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DGx1H58qIfNkD9UT5CZhxKarZW+XA7o67WT0K2U6/KA=; b=IYVnJoO0hAPtEE+LqYovmh7kg+uBw2Wo8EoTrp0iBR+/baKSvPredDt2feYYomPnLQ ucywnxkPKgvCvyXBNHDqV6hAUE7p4Ftek2Dy0ks3ze80eYTyaaRcf0xzvY82vXKaEr73 d4S3s1dVtM0LmbsKMgmua3UFy3z0dVSAUJOriEdYLt6uCrKs2yhPn/bBFORGwHb70OBM XisWYS4dSKKIX143IE/LQ3yFciPSv5++wK8r/vCZhVUoFNVkr7S2N9pDlV3E8LMfk5Fs 3/yMfqp2xovykoSpnt4/Y7dwYywJYv6eC9FmoX3oiilG6pxM2ERoNo2Zr/+K4SvOdt/v IF4Q== X-Forwarded-Encrypted: i=1; AJvYcCWUKe7vQQDps5qNCtGOSlFv/s0+mg8paFLp/Sd/OmN4TGu0AnUJDx78d1d/Ze3FEgGf0at9Shq8E6UNz1xEUhRYkq7PrW3Fgw== X-Gm-Message-State: AOJu0YwJivgetOW3M++12GsTzuacxJ+t8gmyoLg9MQZD3ALm0sjB7DmD +TxSp6RhxzWakaUcfzt9w4zPl0V3qYH4Gxx8HhoW3ak2EjlOq7Sx4w2WW3kCYxCIciTQW2ROYKJ H/hX91We+H17xK2ZYT20HlLO+5Sg= X-Google-Smtp-Source: AGHT+IHI8UHGxbRNihWr0hd9op2d9WOt32/OfVNSeuwraSZMciOgGYlywPQKX73kRBX94GP6NS3ndDN7AYJafa15thY= X-Received: by 2002:a2e:b619:0:b0:2d6:8cba:c90b with SMTP id r25-20020a2eb619000000b002d68cbac90bmr71602ljn.52.1710863733796; Tue, 19 Mar 2024 08:55:33 -0700 (PDT) MIME-Version: 1.0 References: <20240318213441.GH4163@brightrain.aerifal.cx> <627epdel4gidvu46u5ua2mclieqy3wwqbs7sxjgtgrsmkvn4up@ehu5ru6micnr> <20240319131833.GI4163@brightrain.aerifal.cx> <20240319154222.GK4163@brightrain.aerifal.cx> In-Reply-To: <20240319154222.GK4163@brightrain.aerifal.cx> From: Mike Cui Date: Tue, 19 Mar 2024 08:55:22 -0700 Message-ID: To: Rich Felker Cc: NRK , musl@lists.openwall.com Content-Type: multipart/alternative; boundary="0000000000001cb8e806140581c3" Subject: Re: [musl] Potential bug in __res_msend_rc() wrt to union initialization. --0000000000001cb8e806140581c3 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Mar 19, 2024 at 8:42=E2=80=AFAM Rich Felker wrote= : > On Tue, Mar 19, 2024 at 08:04:31AM -0700, Mike Cui wrote: > > On Tue, Mar 19, 2024 at 6:18=E2=80=AFAM Rich Felker w= rote: > > > > > On Mon, Mar 18, 2024 at 05:01:41PM -0700, Mike Cui wrote: > > > > Yeah I also just went over the C99 spec as well, section 6.7.8, and= I > > > have > > > > to agree with clang developer's interpretation, that "{ 0 }" > > > > only initializes the first member of the union. > > > > > > There is no such thing as "only initializes [part]" in the C language= . > > > The { 0 } *only provides a value for* the first member. The question > > > is about what happens to parts of the object for which the initialize= r > > > did not "provide a value". However, the C99 standard does not clearly > > > describe how the bits of a union that are not part of the member for > > > which a value is provided (usually the first, unless a designated > > > initializer is used) are filled on initialization. > > > > > > You are referring to this paragraph? > > > > 6.7.9 =C2=B621 > > If there are fewer initializers in a brace-enclosed list than there are > > elements or members of an aggregate, or fewer characters in a string > > literal used to initialize an array of known size than there are elemen= ts > > in the array, the remainder of the aggregate shall be initialized > > implicitly the same as objects that have static storage duration. > > > > Folks on the LLVM discourse pointed out this paragraph does not apply t= o > > unions, since unions are not "aggegates" according to the definition in > > 6.2.5p21: > > 21. Arithmetic types and pointer types are collectively called scalar > > types. Array and structure types are collectively called *aggregate* > types. > > No, the part below that you didn't reply to covers unions: > > The full 6.7.9 =C2=B610: 10 If an object that has automatic storage duration is not initialized explicitly, its value is indeterminate. If an object that has static or thread storage duration is not initialized explicitly, then: - if it has pointer type, it is initialized to a null pointer; - if it has arithmetic type, it is initialized to (positive or unsigned) zero; - if it is an aggregate, every member is initialized (recursively) according to these rules, and any padding is initialized to zero bits; - if it is a union, the first named member is initialized (recursively) according to these rules, and any padding is initialized to zero bits; The second part that you quoted applies to "static or thread storage duration". The first sentence specifically says that anything not initialized is indeterminate. The only other paragraph which invokes 6.7.9 p10 is 6.7.9p21, which also does not apply to unions. (p21 ensures that the "ns" array of unions in the code would be zeroed out, but not the "sa" which a single union allocated on the stack.) > > > C11 adds (in 6.7.9 =C2=B610): > > > > > > "if it is a union, the first named member is initialized > > > (recursively) according to these rules, and any padding is > > > initialized to zero bits;" > > > > > > where C99 just had (6.7.8): > > > > > > "if it is a union, the first named member is initialized > > > (recursively) according to these rules." > > > > > > So I think C11 and later actually require the full zero > > > initialization of all bits, and clang is just wrong. > > > > > > > "{ }" apparently is added in C23 as the "universal zero > initializer". So > > > > changing the order moving sin6 up is the only way to be C99 > conformant. > > > > > > Indeed since at the source level we just depend on C99 not C11, this > > > should be changed. But clang needs to be fixed too. > > > > > > Rich > > > > --0000000000001cb8e806140581c3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Tue, Mar 19, 2024 at 8:42=E2=80=AF= AM Rich Felker <dalias@libc.org&g= t; wrote:
On Tue= , Mar 19, 2024 at 08:04:31AM -0700, Mike Cui wrote:
> On Tue, Mar 19, 2024 at 6:18=E2=80=AFAM Rich Felker <dalias@libc.org> wrote:
>
> > On Mon, Mar 18, 2024 at 05:01:41PM -0700, Mike Cui wrote:
> > > Yeah I also just went over the C99 spec as well, section 6.7= .8, and I
> > have
> > > to agree with clang developer's interpretation, that &qu= ot;{ 0 }"
> > > only initializes the first member of the union.
> >
> > There is no such thing as "only initializes [part]" in = the C language.
> > The { 0 } *only provides a value for* the first member. The quest= ion
> > is about what happens to parts of the object for which the initia= lizer
> > did not "provide a value". However, the C99 standard do= es not clearly
> > describe how the bits of a union that are not part of the member = for
> > which a value is provided (usually the first, unless a designated=
> > initializer is used) are filled on initialization.
> >
> > You are referring to this paragraph?
>
> 6.7.9 =C2=B621
> If there are fewer initializers in a brace-enclosed list than there ar= e
> elements or members of an aggregate, or fewer characters in a string > literal used to initialize an array of known size than there are eleme= nts
> in the array, the remainder of the aggregate shall be initialized
> implicitly the same as objects that have static storage duration.
>
> Folks on the LLVM discourse pointed out this paragraph does not apply = to
> unions, since unions are not "aggegates" according to the de= finition in
> 6.2.5p21:
> 21. Arithmetic types and pointer types are collectively called scalar<= br> > types. Array and structure types are collectively called *aggregate* t= ypes.

No, the part below that you didn't reply to covers unions:


The full 6.7.9 =C2=B610:
10 If an object that has automatic storage duration is not init= ialized explicitly, its value is indeterminate. If an object that has static or thread storage duration is n= ot initialized explicitly, then:
- if it has pointer type, it is initialized to = a null pointer;
- if it has arithmetic type, it is initialized to= (positive or unsigned) zero;
- if it is an aggregate, every memb= er is initialized (recursively) according to these rules, and any padding is initialized to zero bits;
- if it is a union, = the first named member is initialized (recursively) according to these rules, and any padding is initialized to zero bits;

The second part that you quoted applies to "static or thread storage= duration". The first sentence specifically says that anything not ini= tialized is indeterminate.
The only other paragraph=C2=A0which in= vokes 6.7.9 p10 is 6.7.9p21, which also does not apply to unions. (p21 ensu= res that the "ns" array of unions in the code would be zeroed out= , but not the "sa" which a single union allocated on the stack.)<= /div>

=C2=A0
> > C11 adds (in 6.7.9 =C2=B610):
> >
> >=C2=A0 =C2=A0 =C2=A0"if it is a union, the first named member= is initialized
> >=C2=A0 =C2=A0 =C2=A0(recursively) according to these rules, and an= y padding is
> >=C2=A0 =C2=A0 =C2=A0initialized to zero bits;"
> >
> > where C99 just had (6.7.8):
> >
> >=C2=A0 =C2=A0 =C2=A0"if it is a union, the first named member= is initialized
> >=C2=A0 =C2=A0 =C2=A0(recursively) according to these rules."<= br> > >
> > So I think C11 and later actually require the full zero
> > initialization of all bits, and clang is just wrong.
> >
> > > "{ }" apparently is added in C23 as the "univ= ersal zero initializer". So
> > > changing the order moving sin6 up is the only way to be C99 = conformant.
> >
> > Indeed since at the source level we just depend on C99 not C11, t= his
> > should be changed. But clang needs to be fixed too.
> >
> > Rich
> >
--0000000000001cb8e806140581c3--