Example: provenance_union_punning_2_auto_yx.c

up: index
prev: provenance_union_punning_2_auto_xy.c
next: provenance_union_punning_3_global.c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

    #include <stdio.h>
    #include <string.h> 
    #include <inttypes.h>
    typedef union { uintptr_t ui; int *p; } un;
    int main() {
      int y=2, x=1;
      un u; 
      int *px = &x;
      uintptr_t i = (uintptr_t)px;
      i = i + sizeof(int);
      u.ui = i;
      int *p = u.p;
      int *q = &y;
      printf("Addresses: p=%p q=%p\n",(void*)p,(void*)q);
      if (memcmp(&p, &q, sizeof(p)) == 0) {
        *p = 11;  // does this have undefined behaviour?
        printf("x=%d y=%d *p=%d *q=%d\n",x,y,*p,*q);
      }
      return 0;
    }
[link to run test in Cerberus]

Experimental data (what does this mean?) 



cerberus-concrete-PVI-plain Addresses: p=(@71, 0xffffeddc) q=(@71, 0xffffeddc)
x=1 y=11 *p=11 *q=11


cerberus-concrete-PVI-ae Undefined behaviour: the operand of the unary '*' operator has an invalid value at 16:5-7


cerberus-concrete-PVI-ae-udi Undefined behaviour: out of bounds pointer at memory store at 16:5-12


gcc-8.3-O0 Addresses: p=0x7ffeefbff2fc q=0x7ffeefbff2fc
x=1 y=11 *p=11 *q=11


gcc-8.3-O2 Addresses: p=0x7ffeefbff300 q=0x7ffeefbff2f8


gcc-8.3-O3 Addresses: p=0x7ffeefbff300 q=0x7ffeefbff2f8


gcc-8.3-O2-no-strict-aliasing Addresses: p=0x7ffeefbff2c0 q=0x7ffeefbff2b8


gcc-8.3-O3-no-strict-aliasing Addresses: p=0x7ffeefbff2c0 q=0x7ffeefbff2b8


clang-7.0.1-O0 Addresses: p=0x7ffeefbff2f8 q=0x7ffeefbff2f8
x=1 y=11 *p=11 *q=11


clang-7.0.1-O2 Addresses: p=0x7ffeefbff2f0 q=0x7ffeefbff2e8


clang-7.0.1-O3 Addresses: p=0x7ffeefbff2f0 q=0x7ffeefbff2e8


clang-7.0.1-O2-no-strict-aliasing Addresses: p=0x7ffeefbff2c0 q=0x7ffeefbff2b8


clang-7.0.1-O3-no-strict-aliasing Addresses: p=0x7ffeefbff2c0 q=0x7ffeefbff2b8


icc-19-O0 Addresses: p=0x7fffffffe698 q=0x7fffffffe690


icc-19-O2 Addresses: p=0x6046c4 q=0x6046c4
x=1 y=2 *p=11 *q=11


icc-19-O3 Addresses: p=0x6046c4 q=0x6046c4
x=1 y=2 *p=11 *q=11


icc-19-O2-no-strict-aliasing Addresses: p=0x6046c4 q=0x6046c4
x=1 y=2 *p=11 *q=11


icc-19-O3-no-strict-aliasing Addresses: p=0x6046c4 q=0x6046c4
x=1 y=2 *p=11 *q=11