tavianator wrote: > ! Oh wow! ... Should the commented out line cause a type violation too?
No, `out->i = out->i->n;` is fine because the type of the expression `out->i->n` is just `struct inner *`, so that's the type that will be given to the storage for `out->i`. (Because `out` is dynamically allocated, it has no declared type and writes will set the effective type.) But `memcpy(&out->i, &out->i->n, sizeof(out->i))` is specified to exactly copy the effective type from the source to the destination (again because `out` is dynamically allocated). The type that gets copied includes knowledge of exactly which struct field it is (`struct inner::n`), and TySan is faithfully copying that over. The later access with type `struct outer::i` doesn't match. There are more details in this paper, for example: https://web.archive.org/web/20190219170809/https://trust-in-soft.com/wp-content/uploads/2017/01/vmcai.pdf https://github.com/llvm/llvm-project/pull/108385 _______________________________________________ llvm-branch-commits mailing list llvm-branch-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
