<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/54476>54476</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            MemorySanitizer reports false positive for uninitialized values in padding
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          psamolysov-intel
      </td>
    </tr>
</table>

<pre>
    We have the following code compiled for x86-64:

```c++
#include <cstdint>
#include <cstdio>
#include <vector>

struct  Demo {
  uint32_t Size;
  uint8_t Flag;
};

int main(int argc, char **argv) {
  static constexpr char EncodingTable[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
                                          "abcdefghijklmnopqrstuvwxyz"
                                          "0123456789+/";
  std::vector<Demo> V{{{1024, 1}}};
  for (size_t i = 0; i < V.size() * sizeof(Demo); i++) {
    auto idx = reinterpret_cast<const unsigned char *>(V.data())[i];
    printf("%c ", EncodingTable[idx >= sizeof(EncodingTable) ? 0 : idx]);
  }
  printf("\n");

  return 0;
}
```
If the code is compiled with MemorySanitizer support:

```
clang++ -fsanitize=memory -fno-omit-frame-pointer -fno-optimize-sibling-calls -O2 -g -o reproducer reproducer.cpp
```

The sanitizer reports about uninitialized value:

```
./reproducer
==246571==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x4ad8f2 in main reproducer.cpp:18:19
    #1 0x7fdd9c63b0b2 in __libc_start_main glibc-2.31/csu/../csu/libc-start.c:308:16
    #2 0x41d2dd in _start (reproducer+0x41d2dd)
```

Line 18:

```c++
    printf("%c ", EncodingTable[idx >= sizeof(EncodingTable) ? 0 : idx]);
```

The problem is the following: structure `Demo` has the last member with the `uint8_t` type, by default the structure is aligned by 8 bytes and 3 bytes were added at the end of the structure as padding. When an instance of the structure is created, nothing is written in the padding bytes, so they aren't initialized and MemorySanitizer reports about this. If the structure is defined as packed, so without any padding:

```c++
struct __attribute__ ((packed)) Demo {
  uint32_t Size;
  uint8_t Flag;
};
```
The sanitizer emits no report, everything works as expected.

This behavior of the sanitizer makes any structure with padding unusable.

One observation, if bytes are just read from the structure, MemorySanitizer emits no report:

```c++
  std::vector<Demo> V{{{1024, 1}}};
  for (size_t i = 0; i < V.size() * sizeof(Demo); i++) {
    auto idx = reinterpret_cast<const unsigned char *>(V.data())[i];
    printf("%d ", idx);
  }
  printf("\n");

  return 0;
```

But if we use an uninitialized value as an index, MemorySanitizer emits the report quoted above.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJztV0tz2zYQ_jXUBUMOCehBHXSQJTt1m1eT1G570YAEKMGmCAYAJSu_vrugHqZitZ5OpqdqKAhcLPb57QLKtNhN7iVZ8Y0kbiVJoctSb1W1JLkWEoZ1rUopgG7IUzoMh_2ATYN4HsSHcRi3Tx7QK3xaKmWqyssGRARsllsnVOUCdn1xVV9Y3MjcaXNa9KN1pskdIXO51iQY7XUS0oASRheOfFbfZMA69BTINyVfHsnBaH6a-xG4yJqrKqApTrlZgk8zkq-4IQEFw6ZA2gR0_FynddypHAJVWSefatOyX1cQPojiF56VMhhcBYM5eANfSqdXs_n1zZufbn_-5e279x8-_vrp85ff7u5__-NPWDxIfe0HtvAsF7JYrtTDY7mudP3VWNdstk-7b_9OXpxQ1h8MR-nYJ_QGpbBn7goEAJseEjPDJEB-yB0GxT9JTPsYuARD3D4nAQgkCLCFDEFGlI9KDOt-OiN3Ea4Agw8znRJ81QUQvB469qx7qHUzQQhvnCZKPHmhRkISpamNdIucW4dIwySRprJqWQGmj4kFdNH0LhLc8VYzPoMrBVl7ZjkhtQGRhWehAR3kxP_Ovst2a8I1WnE0v8uDlrMbEsM4RYtRk_ftoAyDtp92tA5mlVc6PsMuAX9dYyofyxPAuyXavt4WvtJ9fSt7KvGtcivyDqJsdp95pRxYboht6lobd6no29e85NWyzQkJC7vfDO6vvTSgVTrUa-XCwvC1DGvtU7On106tgT20KishQGHOy9KS8AMl4ZKEGhyrjRZNDhtO0yiv6xdtaccv4KA9OgHbwAdLeKYbzL_CBV7CmiAbXjby792LoApOmvcsDKAxp_3hYJS08_vpp_e3799gQs-CiKTGylAXYUd32Oo-wgs6X0zipz4XaUGJqnwzOveZTZMUh3FnXwL7RoUQ43zIsjjzuxeLUmX5AhqUcQsvaomEkEYsAY9y28AYRcepX_TcUQ4aWOz1DDt6KNqXCCqE1-C5sZyfhYdeHVgQpZdT9FZVknhf_vk4-U-L7yKgwEXYvsai6RyVKKY9khoDh9Yw9q1qGMOp2nKW0H4I1EIGWPRVhkRg2J9LyOp2tURvsh2Bbs6b0nmmk1hQCqjxfQt4UhicBFIlCNvPtxLYuBDAwdvdElZ1cSYIbKqBC-yOyP1KViADcgmZrHL5PTc2CCO5kwKtq7Rb4d0AqFujnJO41e_Yi2xNQVarkb6DU1RCxxpBq39WdGj2eafpFinosRG5fcEcCI_CKHg_8sfWMNCGgcWdvNodrHkVtvaXicWCO2dU1ji5WBAPs_QgH8-DH3jZ6OKr26okdEkLcd6HA32TG2l2bdy32jxa9BxuGnD-ShF1MQrhySTc5RQcsodUHkWv-aNHzO5ZPD0aD7lrqsZigXSEfoAq1ZmVZgP3HF2hQao4oA8kPDSAbUAIXBGNXnfThcznaT538HXl__-149T5xKHzYev64ZeGl5rfFZQVJH0r8RjDfvHCEYqo9J1EyKfLeUd4tIknXxvtsIwzvZFRT0yYGLMx7znlSjm51BwKXoIFtbZA30if1RdssdiV9qjuNaacrJyrLQIIr7M3SwB9k0Vw8cFTr9wcfkJo8A-AL3hV1jbYx24G_f5o2FtNeJoOBlSMCjYej1nMMpbSTLIkl30puCx6Jc9kaSd416e0klviRfjoz3tqQmO4WTOaJAlN2CBKOc_7glOWJ4OUwp-qfizhiC4jtCPSZtkzE29S1iwtLJbKOnta5NZjSU7avxY9QOBKm0lt-VqXO6s3IYKw7HkbJt6HvwDZmSXR">