<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/143587>143587</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [tysan] False positive with placement new
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          zygoloid
      </td>
    </tr>
</table>

<pre>
    [Testcase](https://godbolt.org/z/5qzYG63od):
```c++
#include <new>

struct X {
  X *p;
};
struct Y {
  Y *p;
};
union U {
  X head;
  Y tail;
};

int main() {
  U u;
  new (&u) X{.p = 0};
  new (&u) Y{.p = 0};
}
```
(reduced from libc++'s `std::variant` implementation). This results in a false-positive diagnostics with `-fsanitize=type`:
```console
==1==ERROR: TypeSanitizer: type-aliasing-violation on address 0x7fffaf0dc548 (pc 0x5e6468605ff7 bp 0x7fffaf0dc4f0 sp 0x7fffaf0dc480 tid 1)
WRITE of size 8 at 0x7fffaf0dc548 with type p1 _ZTS1Y (in Y at offset 0) accesses an existing object of type p1 _ZTS1X (in X at offset 0)
    #0 0x5e6468605ff6 (/app/output.s+0x2aff6)
```

Adding an explicit `u.head.~X()` call before the second placement new doesn't make a difference. Presumably type sanitizer isn't properly modeling `new` expressions (nor destructor / pseudo-destructor calls).
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJxsVM1u6zYTfRp6M7BBUdbfwgvlc_Shqxa5uWjSTUGJQ5stTaoaKomz6LMXIztpkl5AAInhmaPD4ZnRRO4QEHeiuBHFfqXndIzT7vV8iD46s-qjOfPZPVIaNKEo9kLVx5RGEnkrVCdUd4imjz5t4nQQqnsVqiv-en38f5lHI1TDMNmKUl6-Qagb_mQrVO7C4GeDIPL_BXwW-S2HZUtpmocEDyAqBgLvVDuKfEmr9pfNFfX4jnr8EWoOLgb4_oHqiNpczjglaee_pAjZupDgpF0QqhaqeU_-DvNbZsBnWE7LmREPorrZjCDyPch3ov-gHn-E4s2HAi2VqSc084AG7BRP4F3_VjZVEYhSUjJc17x90pPTIYlSgjuNHk8Ykk4uBqGaDdwfHcGENPtE4AJosNoTrsdILrknBOP0IURKbiB4dunI3GtLOrjkXlHk-3QekUV9ecQYKHrkUL4X-T67LLd3dz_fibyF-_OI364kEweYZq290-TCYf3kol9EQgygjZmQCORLZa3VVpqh2NZctXEA-VJguS3rUhbWVtCPH2FbK4E-R2oJyRnI2Hey_fXup_tbiBbIvSLUoNPXvyx3ZnEwZvD7b_ffMjZR7QI8MjpaS5hA8tvpYUAiJNAB8MVRcuEAsf8DB8Z9Jnm4kjx8IVk8ASBULj9frby4pNPjKFQX5zTOaUNC3cgXpa0tL7mfPCLb1hjWsOgZvRtc4uebN2zwzd8PF--yMwbtPfRo44SQjgiEQwwGRq-HxTCLTU1ECkJVbPw_ETQYZy1OGAbcwC9sopPu_fly0TeHTOCuSeMUR5z8GU7RoGddopTc1KVkefzELgbie4Y4gcFL-8YJhOpgJJxNXH-IsmZiE6_MLjdN3ugV7rJq2xS1aup6ddxJbAwaaUstrcUq75vKZGVZb622WZNlK7dTUhWyzGTWZKWqN5jJAocBZZ31VVNtxVbiSTu_8f7pxONr5Yhm3GXbvKirldc9elomo1JcouVUKMWDctpx0rqfDyS20jtK9C9NcskvIzWdSQdR7KHjvoP3vlt896n-q3nyuy9z1aXj3G-GeBKqY-7rsh6nyLYTqlsUkVDdVfLTTv0TAAD__2zfxBY">