diff --git a/prog/encodingexec_test.go b/prog/encodingexec_test.go
index 25960b33..5ff80b69 100644
--- a/prog/encodingexec_test.go
+++ b/prog/encodingexec_test.go
@@ -90,6 +90,49 @@ func TestSerializeForExec(t *testing.T) {
 				instrEOF,
 			},
 		},
+		{
+			"syz_test$align2(&(0x7f0000000000)={0x42, {[0x43]}, {[0x44]}})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 1, 0x42, 0, 0,
+				instrCopyin, dataOffset + 1, argConst, 2, 0x43, 0, 0,
+				instrCopyin, dataOffset + 4, argConst, 2, 0x44, 0, 0,
+				callID("syz_test$align2"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
+		{
+			"syz_test$align3(&(0x7f0000000000)={0x42, {0x43}, {0x44}})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 1, 0x42, 0, 0,
+				instrCopyin, dataOffset + 1, argConst, 1, 0x43, 0, 0,
+				instrCopyin, dataOffset + 4, argConst, 1, 0x44, 0, 0,
+				callID("syz_test$align3"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
+		{
+			"syz_test$align4(&(0x7f0000000000)={{0x42, 0x43}, 0x44})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 1, 0x42, 0, 0,
+				instrCopyin, dataOffset + 1, argConst, 2, 0x43, 0, 0,
+				instrCopyin, dataOffset + 4, argConst, 1, 0x44, 0, 0,
+				callID("syz_test$align4"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
+		{
+			"syz_test$align5(&(0x7f0000000000)={{0x42, []}, {0x43, [0x44, 0x45, 0x46]}, 0x47})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 8, 0x42, 0, 0,
+				instrCopyin, dataOffset + 8, argConst, 8, 0x43, 0, 0,
+				instrCopyin, dataOffset + 16, argConst, 2, 0x44, 0, 0,
+				instrCopyin, dataOffset + 18, argConst, 2, 0x45, 0, 0,
+				instrCopyin, dataOffset + 20, argConst, 2, 0x46, 0, 0,
+				instrCopyin, dataOffset + 24, argConst, 1, 0x47, 0, 0,
+				callID("syz_test$align5"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
 		{
 			"syz_test$union0(&(0x7f0000000000)={0x1, @f2=0x2})",
 			[]uint64{
@@ -99,6 +142,24 @@ func TestSerializeForExec(t *testing.T) {
 				instrEOF,
 			},
 		},
+		{
+			"syz_test$union1(&(0x7f0000000000)={@f1=0x42, 0x43})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 4, 0x42, 0, 0,
+				instrCopyin, dataOffset + 8, argConst, 1, 0x43, 0, 0,
+				callID("syz_test$union1"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
+		{
+			"syz_test$union2(&(0x7f0000000000)={@f1=0x42, 0x43})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 4, 0x42, 0, 0,
+				instrCopyin, dataOffset + 4, argConst, 1, 0x43, 0, 0,
+				callID("syz_test$union2"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
 		{
 			"syz_test$array0(&(0x7f0000000000)={0x1, [@f0=0x2, @f1=0x3], 0x4})",
 			[]uint64{
@@ -152,7 +213,7 @@ func TestSerializeForExec(t *testing.T) {
 			},
 		},
 		{
-			"syz_test$bf(&(0x7f0000000000)={0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42})",
+			"syz_test$bf0(&(0x7f0000000000)={0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42})",
 			[]uint64{
 				instrCopyin, dataOffset + 0, argConst, 2, 0x42, 0, 10,
 				instrCopyin, dataOffset + 8, argConst, 8, 0x42, 0, 0,
@@ -162,7 +223,18 @@ func TestSerializeForExec(t *testing.T) {
 				instrCopyin, dataOffset + 24, argConst, 2, 0x42, 0, 11,
 				instrCopyin, dataOffset + 26, argConst, 2, 0x4200, 0, 11,
 				instrCopyin, dataOffset + 28, argConst, 1, 0x42, 0, 0,
-				callID("syz_test$bf"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				callID("syz_test$bf0"), 1, argConst, ptrSize, dataOffset, 0, 0,
+				instrEOF,
+			},
+		},
+		{
+			"syz_test$bf1(&(0x7f0000000000)={{0x42, 0x42, 0x42}, 0x42})",
+			[]uint64{
+				instrCopyin, dataOffset + 0, argConst, 4, 0x42, 0, 10,
+				instrCopyin, dataOffset + 0, argConst, 4, 0x42, 10, 10,
+				instrCopyin, dataOffset + 0, argConst, 4, 0x42, 20, 10,
+				instrCopyin, dataOffset + 4, argConst, 1, 0x42, 0, 0,
+				callID("syz_test$bf1"), 1, argConst, ptrSize, dataOffset, 0, 0,
 				instrEOF,
 			},
 		},
diff --git a/sys/test.txt b/sys/test.txt
index aa9ea1ab..68ca85db 100644
--- a/sys/test.txt
+++ b/sys/test.txt
@@ -6,16 +6,23 @@
 syz_test()
 
 # Integer types.
+
 syz_test$int(a0 intptr, a1 int8, a2 int16, a3 int32, a4 int64)
 
 # Opt arguments
+
 syz_test$opt0(a0 intptr[opt])
 syz_test$opt1(a0 ptr[in, intptr, opt])
 syz_test$opt2(a0 vma[opt])
 
-# Struct alignment.
+# Alignment and padding
+
 syz_test$align0(a0 ptr[in, syz_align0])
 syz_test$align1(a0 ptr[in, syz_align1])
+syz_test$align2(a0 ptr[in, syz_align2])
+syz_test$align3(a0 ptr[in, syz_align3])
+syz_test$align4(a0 ptr[in, syz_align4])
+syz_test$align5(a0 ptr[in, syz_align5])
 
 syz_align0 {
 	f0	int16
@@ -33,22 +40,93 @@ syz_align1 {
 	f4	int64
 } [packed]
 
-# Unions.
+syz_align2_packed {
+	f0	array[int16, 1]
+} [packed]
 
-syz_test$union0(a0 ptr[in, syz_union_struct])
-
-syz_union_struct {
-	f	int64
-	u	syz_union0
+syz_align2_not_packed {
+	f0	array[int16, 1]
 }
 
+syz_align2 {
+	f0	int8
+	f1	syz_align2_packed
+	f2	syz_align2_not_packed
+}
+
+syz_align3_noalign {
+	f0	int8
+}
+
+syz_align3_align4 {
+	f0	int8
+} [align_4]
+
+syz_align3 {
+	f0	int8
+	f1	syz_align3_noalign
+	f2	syz_align3_align4
+}
+
+syz_align4_internal {
+	f0	int8
+	f1	int16
+} [packed, align_4]
+
+syz_align4 {
+	f0	syz_align4_internal
+	f1	int8
+}
+
+syz_align5_internal {
+	f0	int64
+	f1	array[int16, 0:3]
+}
+
+syz_align5 {
+	f0	syz_align5_internal
+	f1	syz_align5_internal
+	f2	int8
+} [packed]
+
+# Unions
+
+syz_test$union0(a0 ptr[in, syz_union0_struct])
+syz_test$union1(a0 ptr[in, syz_union1_struct])
+syz_test$union2(a0 ptr[in, syz_union2_struct])
+
 syz_union0 [
 	f0	int64
 	f1	array[int64, 10]
 	f2	int8
 ]
 
-# Arrays.
+syz_union0_struct {
+	f	int64
+	u	syz_union0
+}
+
+syz_union1 [
+	f0	int64
+	f1	int32
+]
+
+syz_union1_struct {
+	f0	syz_union1
+	f1	int8
+} [packed]
+
+syz_union2 [
+	f0	int64
+	f1	int32
+] [varlen]
+
+syz_union2_struct {
+	f0	syz_union2
+	f1	int8
+} [packed]
+
+# Arrays
 
 syz_test$array0(a0 ptr[in, syz_array_struct])
 syz_test$array1(a0 ptr[in, syz_array_trailing])
@@ -77,7 +155,7 @@ syz_array_blob {
 	f2	int16
 }
 
-# Length.
+# Length
 
 syz_test$length0(a0 ptr[in, syz_length_int_struct])
 syz_test$length1(a0 ptr[in, syz_length_const_struct])
@@ -178,7 +256,7 @@ syz_length_bytesize_struct {
 	f5	bytesize8[f0, int8]
 }
 
-# Big endian.
+# Big endian
 
 syz_test$end0(a0 ptr[in, syz_end_int_struct])
 syz_test$end1(a0 ptr[in, syz_end_var_struct])
@@ -199,18 +277,18 @@ syz_end_var_struct {
 	f2	flags[syz_end_flags, int64be]
 } [packed]
 
-# Vma type.
+# Vma type
 
 syz_test$vma0(v0 vma, l0 len[v0], v1 vma[5], l1 len[v1], v2 vma[7:9], l2 len[v2])
 
-# Text type.
+# Text type
 
 syz_test$text_x86_real(a0 ptr[in, text[x86_real]], a1 len[a0])
 syz_test$text_x86_16(a0 ptr[in, text[x86_16]], a1 len[a0])
 syz_test$text_x86_32(a0 ptr[in, text[x86_32]], a1 len[a0])
 syz_test$text_x86_64(a0 ptr[in, text[x86_64]], a1 len[a0])
 
-# Regression tests.
+# Regression tests
 
 syz_test$regression0(a0 ptr[inout, syz_regression0_struct])
 
@@ -218,11 +296,11 @@ syz_regression0_struct {
 	f0	buffer[out]
 }
 
-# Bitfields.
+# Bitfields
 
 syz_bf_flags = 0, 1, 2
 
-syz_bf_struct {
+syz_bf_struct0 {
 	f0	flags[syz_bf_flags, int16:10]
 	f1	int64
 	f2	const[0x42, int16:5]
@@ -233,4 +311,16 @@ syz_bf_struct {
 	f7	int8
 }
 
-syz_test$bf(a0 ptr[in, syz_bf_struct])
+syz_bf_struct1_internal {
+	f0	int32:10
+	f1	int32:10
+	f2	int32:10
+}
+
+syz_bf_struct1 {
+	f0	syz_bf_struct1_internal
+	f1	int8
+}
+
+syz_test$bf0(a0 ptr[in, syz_bf_struct0])
+syz_test$bf1(a0 ptr[in, syz_bf_struct1])