Example: cheri_03_ii.c

    #include <stdio.h>
    int main() {
      int x[2];
      int *p = &x[0];
      //is this free of undefined behaviour?
      int *q = p + 11;
      q = q - 10;
      *q = 1;
      printf("x[1]=%i  *q=%i\n",x[1],*q);
    }

[link to run test in Cerberus]

cerberus-concrete-PVI x[1]=1 *q=1 cerberus-concrete-PNVI x[1]=1 *q=1 gcc-8.1-O0 x[1]=1 *q=1 gcc-8.1-O2 x[1]=1 *q=1 gcc-8.1-O3 x[1]=1 *q=1 gcc-8.1-O2-no-strict-aliasing x[1]=1 *q=1 gcc-8.1-O3-no-strict-aliasing x[1]=1 *q=1 clang-6.0-O0 x[1]=1 *q=1 clang-6.0-O2 x[1]=1 *q=1 clang-6.0-O3 x[1]=1 *q=1 clang-6.0-O2-no-strict-aliasing x[1]=1 *q=1 clang-6.0-O3-no-strict-aliasing x[1]=1 *q=1 clang-6.0-UBSAN x[1]=1 *q=1 clang-6.0-ASAN x[1]=1 *q=1 clang-6.0-MSAN x[1]=1 *q=1 icc-19-O0 x[1]=1 *q=1 icc-19-O2 x[1]=1 *q=1 icc-19-O3 x[1]=1 *q=1 icc-19-O2-no-strict-aliasing x[1]=1 *q=1 icc-19-O3-no-strict-aliasing x[1]=1 *q=1 compcert-3.4 x[1]=1 *q=1 compcert-3.4-O x[1]=1 *q=1 kcc-1.0 x[1]=1 *q=1 A pointer (or array subscript) outside the bounds of an object: > in main at cheri_03_ii.c:6:3 Undefined behavior (UB-CEA1): see C11 section 6.5.6:8 http://rvdoc.org/C11/6.5.6 see C11 section J.2:1 item 46 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.18:1 http://rvdoc.org/MISRA-C/8.18 see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1 Found pointer that refers outside the bounds of an object + 1: > in main at cheri_03_ii.c:6:3 Undefined behavior (UB-CEE3): see C11 section 6.3.2.1:1 http://rvdoc.org/C11/6.3.2.1 see C11 section J.2:1 item 19 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1 Found pointer that refers outside the bounds of an object + 1: > in main at cheri_03_ii.c:7:3 Undefined behavior (UB-CEE3): see C11 section 6.3.2.1:1 http://rvdoc.org/C11/6.3.2.1 see C11 section J.2:1 item 19 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1

cerberus-concrete-PVI		x[1]=1 *q=1
cerberus-concrete-PNVI		x[1]=1 *q=1
gcc-8.1-O0		x[1]=1 *q=1
gcc-8.1-O2		x[1]=1 *q=1
gcc-8.1-O3		x[1]=1 *q=1
gcc-8.1-O2-no-strict-aliasing		x[1]=1 *q=1
gcc-8.1-O3-no-strict-aliasing		x[1]=1 *q=1
clang-6.0-O0		x[1]=1 *q=1
clang-6.0-O2		x[1]=1 *q=1
clang-6.0-O3		x[1]=1 *q=1
clang-6.0-O2-no-strict-aliasing		x[1]=1 *q=1
clang-6.0-O3-no-strict-aliasing		x[1]=1 *q=1
clang-6.0-UBSAN		x[1]=1 *q=1
clang-6.0-ASAN		x[1]=1 *q=1
clang-6.0-MSAN		x[1]=1 *q=1
icc-19-O0		x[1]=1 *q=1
icc-19-O2		x[1]=1 *q=1
icc-19-O3		x[1]=1 *q=1
icc-19-O2-no-strict-aliasing		x[1]=1 *q=1
icc-19-O3-no-strict-aliasing		x[1]=1 *q=1
compcert-3.4		x[1]=1 *q=1
compcert-3.4-O		x[1]=1 *q=1
kcc-1.0		x[1]=1 *q=1 A pointer (or array subscript) outside the bounds of an object: > in main at cheri_03_ii.c:6:3 Undefined behavior (UB-CEA1): see C11 section 6.5.6:8 http://rvdoc.org/C11/6.5.6 see C11 section J.2:1 item 46 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.18:1 http://rvdoc.org/MISRA-C/8.18 see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1 Found pointer that refers outside the bounds of an object + 1: > in main at cheri_03_ii.c:6:3 Undefined behavior (UB-CEE3): see C11 section 6.3.2.1:1 http://rvdoc.org/C11/6.3.2.1 see C11 section J.2:1 item 19 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1 Found pointer that refers outside the bounds of an object + 1: > in main at cheri_03_ii.c:7:3 Undefined behavior (UB-CEE3): see C11 section 6.3.2.1:1 http://rvdoc.org/C11/6.3.2.1 see C11 section J.2:1 item 19 http://rvdoc.org/C11/J.2 see CERT-C section ARR30-C http://rvdoc.org/CERT-C/ARR30-C see CERT-C section ARR37-C http://rvdoc.org/CERT-C/ARR37-C see CERT-C section STR31-C http://rvdoc.org/CERT-C/STR31-C see MISRA-C section 8.1:3 http://rvdoc.org/MISRA-C/8.1

Example: cheri_03_ii.c

Example: `cheri_03_ii.c`