From: Eric Blake <eblake@redhat.com>
To: Alejandro Colomar <alx.manpages@gmail.com>
Cc: linux-man@vger.kernel.org, "Alejandro Colomar" <alx@kernel.org>,
"Bastien Roucariès" <rouca@debian.org>,
glibc <libc-alpha@sourceware.org>, GCC <gcc@gcc.gnu.org>,
"Stefan Puiu" <stefan.puiu@gmail.com>,
"Igor Sysoev" <igor@sysoev.ru>, "Rich Felker" <dalias@libc.org>,
"Andrew Clayton" <andrew@digital-domain.net>,
"Richard Biener" <richard.guenther@gmail.com>,
"Zack Weinberg" <zack@owlfolio.org>,
"Florian Weimer" <fweimer@redhat.com>,
"Joseph Myers" <joseph@codesourcery.com>,
"Jakub Jelinek" <jakub@redhat.com>, "Sam James" <sam@gentoo.org>
Subject: Re: [PATCH] sockaddr.3type: Document that sockaddr_storage is the API to be used
Date: Thu, 6 Apr 2023 11:24:02 -0500 [thread overview]
Message-ID: <qeo4eortjhpardcwgpjf6ryp56ivpzauzceszufkgdc2yrdrp7@ucmx7voexotw> (raw)
In-Reply-To: <9b528ba9-e1c6-1c03-8ec7-177c4dc66e19@gmail.com>
On Wed, Apr 05, 2023 at 02:42:04AM +0200, Alejandro Colomar wrote:
> Hi Eric,
>
> I'm going to reply both your emails here so that GCC is CCed, and they can
> suggest better stuff. I'm worried about sending something to POSIX without
> enough eyes checking it. So this will be a long email.
Because your mail landed in a publicly archived mailing list, the
POSIX folks saw it anyways ;)
...
> >
> > Whether gcc already has all the attributes you need is not my area of
> > expertise. In my skim of the glibc list conversation, I saw mention
> > of attribute [[gnu:transparent_union]] rather than [[__may_alias__]] -
> > if that's a better implementation-defined extension that does what we
> > need, then use it. The standard developers were a bit uncomfortable
> > directly putting [[gnu:transparent_union]] in the standard, but
> > [[__may_alias__]] was noncontroversial (it's in the namespace reserved
> > for the implementation)
>
> Not really; implementation-defined attributes are required to use an
> implementation-defined prefix like 'gnu::'. So [[__may_alias__]] is
> reserved by ISO C, AFAIR. Maybe it would be better to just mention
> attributes without any specific attribute name; being fuzzy about it
> would help avoid making promises that we can't hold.
On this point, the group agreed, and we intentionally loosened to
wording to just mention an implementation-defined extension, rather
than giving any specific attribute name.
...
>
> I would just make it more fuzzy about which standard version did what.
> How about this?:
>
> [[
> Note that defining the sockaddr_storage and sockaddr structures using
> only mechanisms defined in editions of the ISO C standard may produce
> aliasing diagnostics. Because of the large body of existing code
> utilizing sockets in a way that could trigger undefined behavior due
> to strict aliasing rules, this standard mandates that the various socket
> address structures can alias each other for accessing their first member,
The sa_family_t member is not necessarily the first member on all
platforms (it happens to be first in Linux, but as a counter-example,
https://man.freebsd.org/cgi/man.cgi?query=unix&sektion=4 shows
sun_family as the second one-byte field in struct sockaddr_un). The
emphasis is on derefencing the family member (whatever offset it is
at) to learn what cast to use to then safely access the rest of the
storage.
As such, here's the updated wording that the Austin Group tried today
(and we plan on starting a 30-day interpretation feedback window if
there are still adjustments to be made to the POSIX wording):
https://austingroupbugs.net/view.php?id=1641#c6255
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
next prev parent reply other threads:[~2023-04-06 16:24 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-30 17:13 Alejandro Colomar
2023-03-30 19:11 ` Eric Blake
2023-04-05 0:42 ` Alejandro Colomar
2023-04-06 16:24 ` Eric Blake [this message]
2023-04-06 16:31 ` Alejandro Colomar
2023-04-06 18:05 ` Zack Weinberg
2023-04-06 19:37 ` Eric Blake
2023-04-14 16:08 ` Zack Weinberg
2023-04-21 14:58 ` Alejandro Colomar
2023-04-21 15:00 ` Alejandro Colomar
2023-04-21 15:27 ` Eric Blake
2023-04-21 20:27 ` [PATCH v3] sockaddr.3type: POSIX Issue 8 will solve strict-aliasing issues with these types Alejandro Colomar
2023-04-21 20:35 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=qeo4eortjhpardcwgpjf6ryp56ivpzauzceszufkgdc2yrdrp7@ucmx7voexotw \
--to=eblake@redhat.com \
--cc=alx.manpages@gmail.com \
--cc=alx@kernel.org \
--cc=andrew@digital-domain.net \
--cc=dalias@libc.org \
--cc=fweimer@redhat.com \
--cc=gcc@gcc.gnu.org \
--cc=igor@sysoev.ru \
--cc=jakub@redhat.com \
--cc=joseph@codesourcery.com \
--cc=libc-alpha@sourceware.org \
--cc=linux-man@vger.kernel.org \
--cc=richard.guenther@gmail.com \
--cc=rouca@debian.org \
--cc=sam@gentoo.org \
--cc=stefan.puiu@gmail.com \
--cc=zack@owlfolio.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).