<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/131653>131653</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            MSan false positive on x86_64
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            false-positive
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          k-kashapov
      </td>
    </tr>
</table>

<pre>
    Consider the following program:

test.c:
```c
#include <stdio.h>
#include <stdarg.h>
#include <stdint.h>

int test_args(int count, ...);
typedef struct test_str { int64_t a; int64_t b; } test_str;

void msan_va_args(int count, ...) {
    va_list ap;
    va_start(ap, count);
    int c = va_arg(ap, int);
    printf("c = %d\n", c);
    va_end(ap);
}

int main(int argc, char **argv) {
    test_str str;
    test_args(4, str, str, str, str);
}
```

nosan.c:
```c
#include <stdarg.h>
#include <stdint.h>

void msan_va_args(int count, ...);

int test_args(int count, ...) {
    int tmp = 9;
    msan_va_args(1, tmp);
    return 0;
}
```
Notice, that we passed an initialized argument to the function here.

Compile it whith following instrumentation:
```bash
$ clang-19 test.c -ggdb3 -c -o obj/test.o -fsanitize=memory,undefined
$ clang-19 nosan.c -ggdb3 -c -o obj/nosan.o
$ clang-19 obj/nosan.o obj/test.o -o a.out -fsanitize=memory,undefined
```
So, `nosan.c` is compiled without MemorySanitizer instrumentation.

We get an output:
```
$ ./a.out
==28083==WARNING: MemorySanitizer: use-of-uninitialized-value
 #0 0x5db78e2d5003 in msan_va_args /home/user/test_san/test.c:12:5
    #1 0x5db78e2d4c63 in test_args /home/user/test_san/nosan.c:8:5
    #2 0x5db78e2d512d in main /home/user/test_san/test.c:18:5
    #3 0x778b7a229d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
 #4 0x778b7a229e3f in __libc_start_main csu/../csu/libc-start.c:392:3
 #5 0x5db78e23d2e4 in _start (/home/user/test_san/a.out+0x322e4)

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/user/test_san/test.c:13:5 in msan_va_args
Exiting
```

Is this an expected behaviour? If not, how should memory sanitizer behave, when linked against a non-instrumented code?

@vitalybuka @EugeneZelenko 
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJyUVs1u27wSfRp6M5BBkZJ_Fl44cX3RRbpocFHcuzEocSSxkUiBpJykT_-BlOK_poU_QIBEcubM8MycgYRzqtaIG5I_kHw3E4NvjN28JC_CNaI3x1lh5Pvm0WinJFrwDUJl2ta8Kl1Db01tRUf4ltDweHR-Xk7LBR2fMiwYV7psB4lA-KPzUpl5Q_iXz46Erf94prQ_ndGt0h5CyIOwtSNsFdalGbQn7BHm8zlha8IfQl7vPUqswHk7lJOP8xbI8gGU9ovs4EEQfl4UYUGWu5PpiEPo9miUhM4JfTiKv8QN0IRuAQCO4tAq50H0I8i057ywnrCV6IPX5L4-m0RQIHwHY6CTqbox7K3SviJsRRgbHQjLJckfNWEsYl-ZH8UBtZzQpn2y3J0Z7YTS06WErcuI0AgLhG0J2wpbH6_vd2LzRNNpd-InCxjh9PPXdRIfbTMmpI0T-r6Wur9v7qzhqeZ39NkFH9G662MlLni_iZcGX9_1V7Wx6Aergf6JkG_GqxKjZyM8vCL0wjmUIDQorbwSrfoVlrYeOgx5mFGxgy69MhoatDgfL_Voul61CMrDa6N8cyFrpYNQAoAIXjfkF8I1keMMylboOknXMAofkrqWBYekhMSAKX4Sto8nBpLKiZDgLyR812Fn7Dthj4OWWCmN8hZvKvtngOORufW4OryJbUDMzeDvSeKC7GcTiCYL-tGDCwrKQTnyJuFV-SagPkWg5wnZ3rI30f0DoUYfCmUG3w_-htTpOnPC9jHXsOY7wndsRVd8_Pyx_f7t67f_EL69jRm2BoeJqZJBXzRCchTtgKG5COMU6Fsui-UKmcwp5aD0VVMCYfvGdEjYfnBoJ_4OTugPKoMMU0b4Np_6lTCeXqBm5SKinrTyV8iztFfXkOwy0ZTJmKhQ-s4Eb9A40LflclUsBWNruaoC2uHQqqIcR_ChFG17iPilGwjbBz3v3buT2LuQZu9bwvafOYSRss1DvHQxkZxdRkP-e7TbQONnMEiiQbwDXweW-YSZn_ngkmEWMaMxxKn_Z1LGVmIP9I0zhlmYNbEZn__79LT9_r9_3Ul3VoAHWm7bi9Dtlzflla5_n_JfHfhGuaAOfOux9CihwEYclRks4Xv4WoE2cdw25hVcY4ZWwqhgcCflRZc4Hl8b1NAq_RKGYS2CJEGANjo5qxMllEYi4fsxCZLRo_KifS-GFwEko1-GGjX-H1vULwZmcsPlmq_FDDfpMmOMZ8slnTUbmq-zvMBqxRlNc7peVmVWYR7ePKMSZ2rDKMspT5fpii5SOi94RjOxKAVWWZrSimQUO6Haedseu7mx9Uw5N-Am5eki57NWFNi6-IfGWCVah0lvnPIq3JWFvza7CZ5JMdSOZDT8bbgzlle-xc3Ts9AQneHDGYyGt9XisMhmg203jfe9C2OJ7Qnb18o3QzEvTRfasz1-vJLemp9YesL2MckgkSnP44b9EwAA___3ESot">