Example: pointer_from_integer_1pg.c

up: index
prev: provenance_via_io_uintptr_t_global.c
next: pointer_from_integer_1ig.c

1
2
3
4
5
6
7
8
9
10
11
12
13
14

    #include <stdio.h>
    #include <stdint.h>
    #include "charon_address_guesses.h"
    void f(int *p) {
      int j=5;
      if (p==&j) 
        *p=7;
      printf("j=%d &j=%p\n",j,(void*)&j); 
    }
    int main() {
      uintptr_t i = ADDRESS_PFI_1PG;
      int *p = (int*)i;
      f(p);
    }
[link to run test in Cerberus]

Experimental data (what does this mean?) 



cerberus-concrete-PVI-plain EXECUTION 0:
Undefined behaviour: the operand of the unary '*' operator has an invalid value at 7:5-7

EXECUTION 1 (exit = Specified(0)):
j=5 &j=(@73, 0xffffede4)


cerberus-concrete-PVI-ae EXECUTION 0:
Undefined behaviour: the operand of the unary '*' operator has an invalid value at 7:5-7

EXECUTION 1 (exit = Specified(0)):
j=5 &j=(@73, 0xffffede4)


cerberus-concrete-PVI-ae-udi EXECUTION 0:
Undefined behaviour: the operand of the unary '*' operator has an invalid value at 7:5-7

EXECUTION 1 (exit = Specified(0)):
j=5 &j=(@73, 0xffffede4)


gcc-8.3-O0 j=5 &j=0x7ffeefbff30c


gcc-8.3-O2 j=5 &j=0x7ffeefbff32c


gcc-8.3-O3 j=5 &j=0x7ffeefbff32c


gcc-8.3-O2-no-strict-aliasing j=5 &j=0x7ffeefbff2ec


gcc-8.3-O3-no-strict-aliasing j=5 &j=0x7ffeefbff2ec


clang-7.0.1-O0 j=7 &j=0x7ffeefbff2f4


clang-7.0.1-O2 j=5 &j=0x7ffeefbff31c


clang-7.0.1-O3 j=5 &j=0x7ffeefbff31c


clang-7.0.1-O2-no-strict-aliasing j=5 &j=0x7ffeefbff2dc


clang-7.0.1-O3-no-strict-aliasing j=5 &j=0x7ffeefbff2dc


icc-19-O0 j=7 &j=0x7fffffffe6c0


icc-19-O2 j=5 &j=0x7fffffffe604


icc-19-O3 j=5 &j=0x7fffffffe604


icc-19-O2-no-strict-aliasing j=5 &j=0x7fffffffe604


icc-19-O3-no-strict-aliasing j=5 &j=0x7fffffffe604