Example: provenance_multiple_2_global.c
#include <stdio.h>
int y[2], x[2];
int main() {
int *p = &(x[0]) + (&(y[1])-&(y[0]));
*p = 11; // is this free of undefined behaviour?
printf("x[1]=%d *p=%d\n",x[1],*p);
return 0;
}
[link to test in Cerberus and Compiler Explorer]
Experimental data (what does this mean?)
gcc-8.1-O0 |   | x[1]=11 *p=11
|
gcc-8.1-O2 |   | x[1]=11 *p=11
|
gcc-8.1-O3 |   | x[1]=11 *p=11
|
gcc-8.1-O2-no-strict-aliasing |   | x[1]=11 *p=11
|
gcc-8.1-O3-no-strict-aliasing |   | x[1]=11 *p=11
|
clang-6.0-O0 |   | x[1]=11 *p=11
|
clang-6.0-O2 |   | x[1]=11 *p=11
|
clang-6.0-O3 |   | x[1]=11 *p=11
|
clang-6.0-O2-no-strict-aliasing |   | x[1]=11 *p=11
|
clang-6.0-O3-no-strict-aliasing |   | x[1]=11 *p=11
|
clang-6.0-UBSAN |   | x[1]=11 *p=11
|
clang-6.0-ASAN |   | x[1]=11 *p=11
|
clang-6.0-MSAN |   | x[1]=11 *p=11
|
icc-19-O0 |   | x[1]=11 *p=11
|
icc-19-O2 |   | x[1]=11 *p=11
|
icc-19-O3 |   | x[1]=11 *p=11
|
icc-19-O2-no-strict-aliasing |   | x[1]=11 *p=11
|
icc-19-O3-no-strict-aliasing |   | x[1]=11 *p=11
|
cerberus-concrete |   | BEGIN EXEC[0] Defined {value: "Specified(0)", stdout: "x[1]=11 *p=11\n", blocked: "false"} END EXEC[0] Time spent: 0.021511 seconds
|
cerberus-symbolic |   | exit codes: compile 0 / execute 1
cerberus: internal error, uncaught exception: Failure("Mem.apply_shift_path_element: symbolic array index ==> IV(Prov_none, IVop(+, IVconcrete(0), IVptrdiff(signed int[2], (PVbase(3, {y}), [SPE_array(signed int,IVconcrete(1))]), (PVbase(3, {y}), [SPE_array(signed int,IVconcrete(0))]))))")
|
gcc-4.9-shadowprov |   | x[1]=11 *p=11
|
CHERI:MIPS-O0 |   | x[1]=11 *p=11
|
CHERI:MIPS-O2 |   | x[1]=11 *p=11
|
CHERI:MIPS-O2-no-strict-aliasing |   | x[1]=11 *p=11
|
CHERI:CHERI-O0-uintcap-addr-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-uintcap-addr-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-no-strict-aliasing-uintcap-addr-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O0-uintcap-offset-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-uintcap-offset-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-no-strict-aliasing-uintcap-offset-exact-equals |   | x[1]=11 *p=11
|
CHERI:CHERI-O0-uintcap-addr |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-uintcap-addr |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-no-strict-aliasing-uintcap-addr |   | x[1]=11 *p=11
|
CHERI:CHERI-O0-uintcap-offset |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-uintcap-offset |   | x[1]=11 *p=11
|
CHERI:CHERI-O2-no-strict-aliasing-uintcap-offset |   | x[1]=11 *p=11
|
RV-Match |   | exit codes: compile 0 / execute 1
|
ch2o |   | x[1]=11 *p=11
|
compcert-3.2 |   | x[1]=11 *p=11
|
compcert-3.2-O |   | x[1]=11 *p=11
|
compcert-3.2-interp |   | Time 0: calling main() --[step_internal_function]--> Time 1: in function main, statement p = &*(. + 0) + (&*(. + .) - &*(. + .)); *p = 11; printf(__stringlit_1, *(. + 1), *p); return 0; return 0; --[step_seq]--> Time 2: in function main, statement p = &*(. + 0) + (&*(. + .) - &*(. + .)); *p = 11; printf(__stringlit_1, *(. + 1), *p); return 0; --[step_seq]--> Time 3: in function main, statement p = &*(. + 0) + (&*(. + .) - &*(. + .)); --[step_do_1]--> Time 4: in function main, expression p = &*(. + 0) + (&*(. + .) - &*(. + .)) --[red_var_local]--> Time 5: in function main, expression <loc p> = &*(. + 0) + (&*(. + .) - &*(. + .)) --[red_var_global]--> Time 6: in function main, expression <loc p> = &*(. + 0) + (&*(. + .) - &*(. + .)) --[red_rvalof]--> Time 7: in function main, expression <loc p> = &*(<ptr x> + 0) + (&*(. + .) - &*(. + .)) --[red_binop]--> Time 8: in function main, expression <loc p> = &*<ptr x> + (&*(. + .) - &*(. + .)) --[red_deref]--> Time 9: in function main, expression <loc p> = &<loc x> + (&*(. + .) - &*(. + .)) --[red_addrof]--> Time 10: in function main, expression <loc p> = <ptr x> + (&*(. + .) - &*(. + .)) --[red_var_global]--> Time 11: in function main, expression <loc p> = <ptr x> + (&*(. + .) - &*(. + .)) --[red_rvalof]--> Time 12: in function main, expression <loc p> = <ptr x> + (&*(. + .) - &*(. + .)) --[red_binop]--> Time 13: in function main, expression <loc p> = <ptr x> + (&*<ptr y+4> - &*(. + .)) --[red_deref]--> Time 14: in function main, expression <loc p> = <ptr x> + (&<loc y+4> - &*(. + .)) --[red_addrof]--> Time 15: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - &*(. + .)) --[red_var_global]--> Time 16: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - &*(. + .)) --[red_rvalof]--> Time 17: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - &*(. + .)) --[red_binop]--> Time 18: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - &*<ptr y>) --[red_deref]--> Time 19: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - &<loc y>) --[red_addrof]--> Time 20: in function main, expression <loc p> = <ptr x> + (<ptr y+4> - <ptr y>) --[red_binop]--> Time 21: in function main, expression <loc p> = <ptr x> + 1 --[red_binop]--> Time 22: in function main, expression <loc p> = <ptr x+4> --[red_assign]--> Time 23: in function main, expression <ptr x+4> --[step_do_2]--> Time 24: in function main, statement /*skip*/; --[step_skip_seq]--> Time 25: in function main, statement *p = 11; printf(__stringlit_1, *(. + 1), *p); return 0; --[step_seq]--> Time 26: in function main, statement *p = 11; --[step_do_1]--> Time 27: in function main, expression *p = 11 --[red_var_local]--> Time 28: in function main, expression *<loc p> = 11 --[red_rvalof]--> Time 29: in function main, expression *<ptr x+4> = 11 --[red_deref]--> Time 30: in function main, expression <loc x+4> = 11 --[red_assign]--> Time 31: in function main, expression 11 --[step_do_2]--> Time 32: in function main, statement /*skip*/; --[step_skip_seq]--> Time 33: in function main, statement printf(__stringlit_1, *(. + 1), *p); return 0; --[step_seq]--> Time 34: in function main, statement printf(__stringlit_1, *(. + 1), *p); --[step_do_1]--> Time 35: in function main, expression printf(__stringlit_1, *(. + 1), *p) --[red_var_global]--> Time 36: in function main, expression printf(<loc __stringlit_1>, *(. + 1), *p) --[red_rvalof]--> Time 37: in function main, expression printf(<ptr __stringlit_1>, *(. + 1), *p) --[red_var_global]--> Time 38: in function main, expression printf(<ptr __stringlit_1>, *(. + 1), *p) --[red_rvalof]--> Time 39: in function main, expression printf(<ptr __stringlit_1>, *(<ptr x> + 1), *p) --[red_binop]--> Time 40: in function main, expression printf(<ptr __stringlit_1>, *<ptr x+4>, *p) --[red_deref]--> Time 41: in function main, expression printf(<ptr __stringlit_1>, <loc x+4>, *p) --[red_rvalof]--> Time 42: in function main, expression printf(<ptr __stringlit_1>, 11, *p) --[red_var_local]--> Time 43: in function main, expression printf(<ptr __stringlit_1>, 11, *<loc p>) --[red_rvalof]--> Time 44: in function main, expression printf(<ptr __stringlit_1>, 11, *<ptr x+4>) --[red_deref]--> Time 45: in function main, expression printf(<ptr __stringlit_1>, 11, <loc x+4>) --[red_rvalof]--> Time 46: in function main, expression printf(<ptr __stringlit_1>, 11, 11) x[1]=11 *p=11 Time 46: observable event: extcall printf(& __stringlit_1, 11, 11) -> 14 --[red_builtin]--> Time 47: in function main, expression 14 --[step_do_2]--> Time 48: in function main, statement /*skip*/; --[step_skip_seq]--> Time 49: in function main, statement return 0; --[step_return_1]--> Time 50: in function main, expression 0 --[step_return_2]--> Time 51: returning 0 Time 51: program terminated (exit code = 0) In file included from provenance_multiple_2_global.c:1: In file included from /usr/include/stdio.h:64: In file included from /usr/include/_stdio.h:68: /usr/include/sys/cdefs.h:81:2: warning: "Unsupported compiler detected" [-W#warnings] #warning "Unsupported compiler detected" ^ 1 warning generated.
|