| ▲ | ryao a day ago |
| > This is going to silently break so much existing code How much code actually uses unions this way? > especially union based type punning in C code I have never done type punning via the GNU C compiler extension in a way that would break because of this. I always assign a value to it and then get out the value from a new type. Do you know of any code that does things differently to be affected by this? |
|
| ▲ | ndiddy a day ago | parent | next [-] |
| > How much code actually uses unions this way? I see this change caused Mbed-TLS to start failing its test suite when compiled with GCC 15: https://github.com/Mbed-TLS/mbedtls/issues/9814 (kinda scary since it's a security library). Hopefully other projects with less rigorous test suites aren't using {0} in that way. The Github issue mentions that Clang tried a similar optimization a while ago and backed it out after user complaints, so maybe the same thing will happen with GCC. |
| |
| ▲ | ryao a day ago | parent [-] | | GCC’s developers have a strong insistence on standards conformance (minus situations where they explicitly choose to deviate, like type punning in unions) over the status quo. We already went through a much more severe shift with strict aliasing enforcement by GCC and they never changed course. I do not expect this to be any different. |
|
|
| ▲ | a day ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | Calavar a day ago | parent | prev [-] |
| I would guess a lot. People aren't intimately familiar with the standard, and people are lazy when it comes to writing boilerplate like initialization code. And up until now, it just worked, so even a good test suite wouldn't catch it. EDIT: I initially mentioned type punning for arithmetic, but this compiler change wouldn't affect that |
| |
| ▲ | ryao a day ago | parent [-] | | How would that be broken by this? The union will be zero initialized regardless because this change only affects situations where the union members are of different lengths, but for integer to float, the union members should always be the same length or bad things will happen. | | |
| ▲ | Calavar a day ago | parent [-] | | I realized my mistake and I think I edited my comment a split second before you replied, but you're right. That particular type punning scenario wouldn't be affected by this change because 1) the members are the same size, so there's no padding bits 2) the specific union member is going to be initialized to the input parameter, not with the syntax sugar for aggregate zero initialization. | | |
| ▲ | ryao a day ago | parent [-] | | Well, under your original version, I could see someone filling in bit fields in the float like the exponent and sign while leaving the mantissa zeroed, but given that the integer and float would be the same length, there is no section that would be left uninitialized by this change. In order for this change to leave something uninitialized, you would need to have a member of the union after the first member that is longer than the first member. Code that does that and relies on {0} to zero the union seems incredibly rare to me. |
|
|
|
