<html>
    <head>
      <base href="https://bugs.webkit.org/" />
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - bitwise_cast uses inactive member of union"
   href="https://bugs.webkit.org/show_bug.cgi?id=161244">161244</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>bitwise_cast uses inactive member of union
          </td>
        </tr>

        <tr>
          <th>Classification</th>
          <td>Unclassified
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>WebKit
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>WebKit Nightly Build
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>Unspecified
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Unspecified
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>Normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P2
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Web Template Framework
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>webkit-unassigned&#64;lists.webkit.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>jfbastien&#64;apple.com
          </td>
        </tr></table>
      <p>
        <div>
        <pre>bitwise_cast stores into a union with one type and reads with another, which is technically C++ undefined behavior because it's accessing the wrong active member of the union. The better way to do this is through memcpy, which compilers optimize as well because it's known-size in known-not-to-escape storage.

While we're at it, checking that sizeof(To) == sizeof(From) is good, but we should also check that both types are trivially copyable (can have a ctor, no dtor, and copy is defaulted as if by memcpy for type and all subtypes). Unfortunately that trait isn't implemented consistently in all recent compiler+stdlib implementations, but recent GCC+clang have an equivalent builtin (other compilers simply won't do the check, and will break on bots with the right compilers which is better than the current silent breakage). This builtin hack also avoids #include &lt;type_traits&gt; which really doesn't save much.</pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>