make_object deliberately does a partial memset (offsetof(object, orbit)) for ABI compatibility with pre-v1.2 callers. This is documented at the function itself, but the v1.1+ wrappers that delegate to it (make_cat_object, make_planet, make_ephem_object ) don't surface that caveat to their callers. The result: their output object has an uninitialized orbit substructure for non-orbital types, even though the rest of the struct is zeroed.
For C consumers who never read obj.orbit on a non-orbital object, this is benign. For downstream language binders that treat the object struct as a plain-old data value (Rust, Zig, anything with derive-able introspection), it's a silent UB hazard: reading the union-typed sub-fields (novas_planet, novas_reference_plane, novas_reference_system) of an uninitialized orbit.system triggers undefined behavior because the bytes may not correspond to any defined enum discriminant.
I'd suggest a bit of docs surfacing the caveat at each affected wrapper.
Once we move to v2 and you don't need ABI compat, we can fix this, of course.
make_objectdeliberately does a partial memset (offsetof(object, orbit)) for ABI compatibility with pre-v1.2 callers. This is documented at the function itself, but the v1.1+ wrappers that delegate to it (make_cat_object,make_planet,make_ephem_object) don't surface that caveat to their callers. The result: their outputobjecthas an uninitializedorbitsubstructure for non-orbital types, even though the rest of the struct is zeroed.For C consumers who never read
obj.orbiton a non-orbital object, this is benign. For downstream language binders that treat theobjectstruct as a plain-old data value (Rust, Zig, anything with derive-able introspection), it's a silent UB hazard: reading the union-typed sub-fields (novas_planet,novas_reference_plane,novas_reference_system) of an uninitializedorbit.systemtriggers undefined behavior because the bytes may not correspond to any defined enum discriminant.I'd suggest a bit of docs surfacing the caveat at each affected wrapper.
Once we move to v2 and you don't need ABI compat, we can fix this, of course.