Example: provenance_via_io_uintptr_t_global.c

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <inttypes.h>
int x=1;
int main() {
  int *p = &x;
  uintptr_t i = (uintptr_t) p;
  FILE *f = fopen(
    "provenance_via_io_uintptr_t_global.tmp","w+b");
  printf("Addresses: i=%"PRIuPTR" \n",i);
  // print pointer address to a file
  fprintf(f,"%"PRIuPTR"\n",i);
  rewind(f);
  uintptr_t k;
  // read a pointer address from the file
  int n = fscanf(f,"%"SCNuPTR"\n",&k);
  if (n != 1) exit(EXIT_FAILURE);
  printf("Addresses: k=%"PRIuPTR"\n",k);
  int *r = (int *)k;
  // are r and q now equivalent?  
  *r=12; // is this free of undefined behaviour?                                                           
  _Bool b1 = (r==p); // do they compare equal?                      
  _Bool b2 = (0==memcmp(&r,&p,sizeof(r)));//same reps?
  printf("x=%i *r=%i b1=%s b2=%s\n",x,*r,
         b1?"true":"false",b2?"true":"false");
}
[link to test in Cerberus and Compiler Explorer]

Experimental data (what does this mean?) 



gcc-8.1-O0 Addresses: i=6294768 
Addresses: k=6294768
x=12 *r=12 b1=true b2=true


gcc-8.1-O2 Addresses: i=6294568 
Addresses: k=6294568
x=12 *r=12 b1=true b2=true


gcc-8.1-O3 Addresses: i=6294568 
Addresses: k=6294568
x=12 *r=12 b1=true b2=true


gcc-8.1-O2-no-strict-aliasing Addresses: i=6294568 
Addresses: k=6294568
x=12 *r=12 b1=true b2=true


gcc-8.1-O3-no-strict-aliasing Addresses: i=6294568 
Addresses: k=6294568
x=12 *r=12 b1=true b2=true


clang-6.0-O0 Addresses: i=6295656 
Addresses: k=6295656
x=12 *r=12 b1=true b2=true


clang-6.0-O2 Addresses: i=6295648 
Addresses: k=6295648
x=12 *r=12 b1=true b2=true


clang-6.0-O3 Addresses: i=6295648 
Addresses: k=6295648
x=12 *r=12 b1=true b2=true


clang-6.0-O2-no-strict-aliasing Addresses: i=6295648 
Addresses: k=6295648
x=12 *r=12 b1=true b2=true


clang-6.0-O3-no-strict-aliasing Addresses: i=6295648 
Addresses: k=6295648
x=12 *r=12 b1=true b2=true


clang-6.0-UBSAN Addresses: i=6499200 
Addresses: k=6499200
x=12 *r=12 b1=true b2=true


clang-6.0-ASAN Addresses: i=7433088 
Addresses: k=7433088
x=12 *r=12 b1=true b2=true


clang-6.0-MSAN Addresses: i=7043840 
Addresses: k=7043840
x=12 *r=12 b1=true b2=true


icc-19-O0 Addresses: i=6295160 
Addresses: k=6295160
x=12 *r=12 b1=true b2=true


icc-19-O2 Addresses: i=6309600 
Addresses: k=6309600
x=12 *r=12 b1=true b2=true


icc-19-O3 Addresses: i=6309600 
Addresses: k=6309600
x=12 *r=12 b1=true b2=true


icc-19-O2-no-strict-aliasing Addresses: i=6309600 
Addresses: k=6309600
x=12 *r=12 b1=true b2=true


icc-19-O3-no-strict-aliasing Addresses: i=6309600 
Addresses: k=6309600
x=12 *r=12 b1=true b2=true


cerberus-concrete exit codes: compile 0 / execute 1
provenance_via_io_uintptr_t_global.c:18:20: error: [desug] use of undeclared identifier '__cerbvar_EXIT_FAILURE'. (§6.5.1#2)
  if (n != 1) exit(EXIT_FAILURE);
                   ^


cerberus-symbolic exit codes: compile 0 / execute 1
provenance_via_io_uintptr_t_global.c:18:20: error: [desug] use of undeclared identifier '__cerbvar_EXIT_FAILURE'. (§6.5.1#2)
  if (n != 1) exit(EXIT_FAILURE);
                   ^


gcc-4.9-shadowprov exit codes: compile 0 / execute 134


CHERI:MIPS-O0 Addresses: i=196640 
Addresses: k=196640
x=12 *r=12 b1=true b2=true


CHERI:MIPS-O2 Addresses: i=196640 
Addresses: k=196640
x=12 *r=12 b1=true b2=true


CHERI:MIPS-O2-no-strict-aliasing Addresses: i=196640 
Addresses: k=196640
x=12 *r=12 b1=true b2=true


CHERI:CHERI-O0-uintcap-addr-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-uintcap-addr-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-no-strict-aliasing-uintcap-addr-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O0-uintcap-offset-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-uintcap-offset-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-no-strict-aliasing-uintcap-offset-exact-equals exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O0-uintcap-addr exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-uintcap-addr exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-no-strict-aliasing-uintcap-addr exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O0-uintcap-offset exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-uintcap-offset exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

CHERI:CHERI-O2-no-strict-aliasing-uintcap-offset exit codes: compile 0 / execute -1
Terminated with signal 34: In-address space security exception

RV-Match exit codes: compile 0 / execute 139
Addresses: i=0 
Addresses: k=0
Printing an unspecified value:
      > in printf at provenance_via_io_uintptr_t_global.c:11:3
        in main at provenance_via_io_uintptr_t_global.c:11:3

    Unspecified value or behavior (USP-STDIO2):
        see C11 section 7.21.6.1:8 http://rvdoc.org/C11/7.21.6.1

Printing an unspecified value:
      > in fprintf at provenance_via_io_uintptr_t_global.c:13:3
        in main at provenance_via_io_uintptr_t_global.c:13:3

    Unspecified value or behavior (USP-STDIO2):
        see C11 section 7.21.6.1:8 http://rvdoc.org/C11/7.21.6.1

Conversion from an integer to non-null pointer:
      > in main at provenance_via_io_uintptr_t_global.c:20:3

    Implementation defined behavior (IMPL-CCV13):
        see C11 section 6.3.2.3:5 http://rvdoc.org/C11/6.3.2.3
        see CERT section INT36-C http://rvdoc.org/CERT/INT36-C

Dereferencing a null pointer:
      > in main at provenance_via_io_uintptr_t_global.c:22:3

    Undefined behavior (UB-CER3):
        see C11 section 6.5.3.2:4 http://rvdoc.org/C11/6.5.3.2
        see C11 section J.2:1 item 43 http://rvdoc.org/C11/J.2
        see CERT-C section EXP34-C http://rvdoc.org/CERT-C/EXP34-C
        see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1

Execution failed (configuration dumped)


ch2o provenance_via_io_uintptr_t_global.c:4:10: fatal error: inttypes.h: No such file or directory
 #include <inttypes.h>
          ^~~~~~~~~~~~
compilation terminated.


compcert-3.2 Addresses: i=6295656 
Addresses: k=6295656
x=12 *r=12 b1=true b2=true


compcert-3.2-O Addresses: i=6295656 
Addresses: k=6295656
x=12 *r=12 b1=true b2=true


compcert-3.2-interp Time 0: calling main()
--[step_internal_function]-->
Time 1: in function main, statement
  p = &x;
  i = (unsigned int) p;
  f = fopen(__stringlit_2, __stringlit_1);
  printf(__stringlit_3, i);
  fprintf(f, __stringlit_4, i);
  rewind(f);
  n = fscanf(f, __stringlit_4, &k);
  if (n != 1) {
    exit(1);
  }
  printf(__stringlit_5, k);
  r = (int *) k;
  *r = 12;
  b1 = r == p;
  b2 = 0 == memcmp(&r, &p, sizeof(int *));
  printf(__stringlit_8, x, *r, 
         b1 ? __stringlit_7 : __stringlit_6,
         b2 ? __stringlit_7 : __stringlit_6);
  return 0;
--[step_seq]-->
Time 2: in function main, statement
  p = &x;
  i = (unsigned int) p;
  f = fopen(__stringlit_2, __stringlit_1);
  printf(__stringlit_3, i);
  fprintf(f, __stringlit_4, i);
  rewind(f);
  n = fscanf(f, __stringlit_4, &k);
  if (n != 1) {
    exit(1);
  }
  printf(__stringlit_5, k);
  r = (int *) k;
  *r = 12;
  b1 = r == p;
  b2 = 0 == memcmp(&r, &p, sizeof(int *));
  printf(__stringlit_8, x, *r, 
         b1 ? __stringlit_7 : __stringlit_6,
         b2 ? __stringlit_7 : __stringlit_6);
--[step_seq]-->
Time 3: in function main, statement p = &x;
--[step_do_1]-->
Time 4: in function main, expression p = &x
--[red_var_local]-->
Time 5: in function main, expression <loc p> = &x
--[red_var_global]-->
Time 6: in function main, expression <loc p> = &<loc x>
--[red_addrof]-->
Time 7: in function main, expression <loc p> = <ptr x>
--[red_assign]-->
Time 8: in function main, expression <ptr x>
--[step_do_2]-->
Time 9: in function main, statement /*skip*/;
--[step_skip_seq]-->
Time 10: in function main, statement
  i = (unsigned int) p;
  f = fopen(__stringlit_2, __stringlit_1);
  printf(__stringlit_3, i);
  fprintf(f, __stringlit_4, i);
  rewind(f);
  n = fscanf(f, __stringlit_4, &k);
  if (n != 1) {
    exit(1);
  }
  printf(__stringlit_5, k);
  r = (int *) k;
  *r = 12;
  b1 = r == p;
  b2 = 0 == memcmp(&r, &p, sizeof(int *));
  printf(__stringlit_8, x, *r, 
         b1 ? __stringlit_7 : __stringlit_6,
         b2 ? __stringlit_7 : __stringlit_6);
--[step_seq]-->
Time 11: in function main, statement i = (unsigned int) p;
--[step_do_1]-->
Time 12: in function main, expression i = (unsigned int) p
--[red_var_local]-->
Time 13: in function main, expression <loc i> = (unsigned int) p
--[red_var_local]-->
Time 14: in function main, expression <loc i> = (unsigned int) <loc p>
--[red_rvalof]-->
Time 15: in function main, expression <loc i> = (unsigned int) <ptr x>
--[red_cast]-->
Time 16: in function main, expression <loc i> = <ptr x>
--[red_assign]-->
Time 17: in function main, expression <ptr x>
--[step_do_2]-->
Time 18: in function main, statement /*skip*/;
--[step_skip_seq]-->
Time 19: in function main, statement
  f = fopen(__stringlit_2, __stringlit_1);
  printf(__stringlit_3, i);
  fprintf(f, __stringlit_4, i);
  rewind(f);
  n = fscanf(f, __stringlit_4, &k);
  if (n != 1) {
    exit(1);
  }
  printf(__stringlit_5, k);
  r = (int *) k;
  *r = 12;
  b1 = r == p;
  b2 = 0 == memcmp(&r, &p, sizeof(int *));
  printf(__stringlit_8, x, *r, 
         b1 ? __stringlit_7 : __stringlit_6,
         b2 ? __stringlit_7 : __stringlit_6);
--[step_seq]-->
Time 20: in function main, statement f = fopen(__stringlit_2, __stringlit_1);
--[step_do_1]-->
Time 21: in function main, expression f = fopen(__stringlit_2, __stringlit_1)
--[red_var_local]-->
Time 22: in function main, expression
  <loc f> = fopen(__stringlit_2, __stringlit_1)
--[red_var_global]-->
Time 23: in function main, expression
  <loc f> = <loc fopen>(__stringlit_2, __stringlit_1)
--[red_rvalof]-->
Time 24: in function main, expression
  <loc f> = <ptr fopen>(__stringlit_2, __stringlit_1)
--[red_var_global]-->
Time 25: in function main, expression
  <loc f> = <ptr fopen>(<loc __stringlit_2>, __stringlit_1)
--[red_rvalof]-->
Time 26: in function main, expression
  <loc f> = <ptr fopen>(<ptr __stringlit_2>, __stringlit_1)
--[red_var_global]-->
Time 27: in function main, expression
  <loc f> = <ptr fopen>(<ptr __stringlit_2>, <loc __stringlit_1>)
--[red_rvalof]-->
Time 28: in function main, expression
  <loc f> = <ptr fopen>(<ptr __stringlit_2>, <ptr __stringlit_1>)
--[red_call]-->
Time 29: calling fopen(<ptr __stringlit_2>, <ptr __stringlit_1>)
Stuck state: calling fopen(<ptr __stringlit_2>, <ptr __stringlit_1>)
ERROR: Undefined behavior
In file included from provenance_via_io_uintptr_t_global.c:1:
In file included from /usr/include/stdio.h:64:
In file included from /usr/include/_stdio.h:68:
/usr/include/sys/cdefs.h:81:2: warning: "Unsupported compiler detected" [-W#warnings]
#warning "Unsupported compiler detected"
 ^
1 warning generated.