Example: `pointer_copy_user_ctrlflow_bitwise.c`

up: index
prev: pointer_copy_user_ctrlflow_bytewise.c
next: provenance_equality_uintptr_t_global_xy.c

    #include <stdio.h>
    #include <inttypes.h>
    #include <limits.h>
    int x=1;
    int main() {
      int *p = &x;
      uintptr_t i = (uintptr_t)p;
      int uintptr_t_width = sizeof(uintptr_t) * CHAR_BIT;
      uintptr_t bit, j;
      int k;
      j=0;
      for (k=0; k<uintptr_t_width; k++) {
        bit = (i & (((uintptr_t)1) << k)) >> k;
        if (bit == 1) 
          j = j | ((uintptr_t)1 << k);
        else
          j = j;
      }
      int *q = (int *)j;
      *q = 11; // is this free of undefined behaviour?
      printf("*p=%d  *q=%d\n",*p,*q);  
    }

[link to run test in Cerberus]

Experimental data (what does this mean?)


cerberus-concrete-PVI-plain   *p=11  *q=11

cerberus-concrete-PVI-ae   *p=11  *q=11

cerberus-concrete-PVI-ae-udi   *p=11  *q=11

gcc-8.3-O0   *p=11  *q=11

gcc-8.3-O2   *p=11  *q=11

gcc-8.3-O3   *p=11  *q=11

gcc-8.3-O2-no-strict-aliasing   *p=11  *q=11

gcc-8.3-O3-no-strict-aliasing   *p=11  *q=11

clang-7.0.1-O0   pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign]
      j = j;
      ~ ^ ~
1 warning generated.
*p=11  *q=11

clang-7.0.1-O2   pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign]
      j = j;
      ~ ^ ~
1 warning generated.
*p=11  *q=11

clang-7.0.1-O3   pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign]
      j = j;
      ~ ^ ~
1 warning generated.
*p=11  *q=11

clang-7.0.1-O2-no-strict-aliasing   pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign]
      j = j;
      ~ ^ ~
1 warning generated.
*p=11  *q=11

clang-7.0.1-O3-no-strict-aliasing   pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign]
      j = j;
      ~ ^ ~
1 warning generated.
*p=11  *q=11

icc-19-O0   *p=11  *q=11

icc-19-O2   *p=11  *q=11

icc-19-O3   *p=11  *q=11

icc-19-O2-no-strict-aliasing   *p=11  *q=11

icc-19-O3-no-strict-aliasing   *p=11  *q=11

cerberus-concrete-PVI-plain		p=11 q=11
cerberus-concrete-PVI-ae		p=11 q=11
cerberus-concrete-PVI-ae-udi		p=11 q=11
gcc-8.3-O0		p=11 q=11
gcc-8.3-O2		p=11 q=11
gcc-8.3-O3		p=11 q=11
gcc-8.3-O2-no-strict-aliasing		p=11 q=11
gcc-8.3-O3-no-strict-aliasing		p=11 q=11
clang-7.0.1-O0		pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign] j = j; ~ ^ ~ 1 warning generated. p=11 q=11
clang-7.0.1-O2		pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign] j = j; ~ ^ ~ 1 warning generated. p=11 q=11
clang-7.0.1-O3		pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign] j = j; ~ ^ ~ 1 warning generated. p=11 q=11
clang-7.0.1-O2-no-strict-aliasing		pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign] j = j; ~ ^ ~ 1 warning generated. p=11 q=11
clang-7.0.1-O3-no-strict-aliasing		pointer_copy_user_ctrlflow_bitwise.c:17:9: warning: explicitly assigning value of variable of type 'uintptr_t' (aka 'unsigned long') to itself [-Wself-assign] j = j; ~ ^ ~ 1 warning generated. p=11 q=11
icc-19-O0		p=11 q=11
icc-19-O2		p=11 q=11
icc-19-O3		p=11 q=11
icc-19-O2-no-strict-aliasing		p=11 q=11
icc-19-O3-no-strict-aliasing		p=11 q=11

Example: pointer_copy_user_ctrlflow_bitwise.c

Example: `pointer_copy_user_ctrlflow_bitwise.c`