[Webkit-unassigned] [Bug 161244] New: bitwise_cast uses inactive member of union

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=161244

            Bug ID: 161244
           Summary: bitwise_cast uses inactive member of union
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Web Template Framework
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: jfbastien at apple.com

bitwise_cast stores into a union with one type and reads with another, which is technically C++ undefined behavior because it's accessing the wrong active member of the union. The better way to do this is through memcpy, which compilers optimize as well because it's known-size in known-not-to-escape storage.

While we're at it, checking that sizeof(To) == sizeof(From) is good, but we should also check that both types are trivially copyable (can have a ctor, no dtor, and copy is defaulted as if by memcpy for type and all subtypes). Unfortunately that trait isn't implemented consistently in all recent compiler+stdlib implementations, but recent GCC+clang have an equivalent builtin (other compilers simply won't do the check, and will break on bots with the right compilers which is better than the current silent breakage). This builtin hack also avoids #include <type_traits> which really doesn't save much.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160826/31d7347e/attachment.html>