[LLVMbugs] [Bug 13346] New: memory corruption with casts to union values

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Thu Jul 12 15:33:31 PDT 2012


             Bug #: 13346
           Summary: memory corruption with casts to union values
           Product: clang
           Version: 3.1
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: -New Bugs
        AssignedTo: unassignedclangbugs at nondot.org
        ReportedBy: vk at vedantk.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Suppose you have a union with members of different sizes. If you try to cast a
value of a smaller type to the union type, clang allows some memory surrounding
the smaller value to enter the union.

Technically, C99 forbids casts to union values, but gcc handles this case

Here is a test case;

#include <stdint.h>
#include <assert.h>

union value {
    uint32_t a;
    uint64_t b;

void test1() {
    uint32_t x = 0x12341234;
    uint32_t y = 0xffffffff;

    union value v = ((union value) y);
    assert(v.a == 0xffffffff); /* OK */
    assert(v.b == 0x00000000ffffffff); /* gcc OK, but clang fails */

    union value z = *((union value*) &y);
    assert(z.a == 0xffffffff); /* OK */
    assert(z.b == 0x12341234ffffffff); /* Expected result */

    assert(z.b == 0x00000000ffffffff); /* (both compilers expected to fail, and
do) */

int main() {
    return 0;

Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list