Example: pointer_from_integer_1p.c

up: index
prev: pointer_from_integer_1ig.c
next: pointer_from_integer_1i.c

1
2
3
4
5
6
7
8
9
10
11
12
13

    #include <stdio.h>
    #include <stdint.h>
    #include "charon_address_guesses.h"
    void f(int *p) {
      int j=5;
      *p=7;
      printf("j=%d\n",j); 
    }
    int main() {
      uintptr_t i = ADDRESS_PFI_1P;
      int *p = (int*)i;
      f(p);
    }
[link to run test in Cerberus]

Experimental data (what does this mean?) 



cerberus-concrete-PVI Undefined behaviour: the operand of the unary '*' operator has an invalid value at 6:3-5


cerberus-concrete-PNVI Undefined behaviour: the operand of the unary '*' operator has an invalid value at 6:3-5


gcc-8.1-O0 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


gcc-8.1-O2 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


gcc-8.1-O3 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


gcc-8.1-O2-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


gcc-8.1-O3-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-O0 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-O2 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-O3 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-O2-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-O3-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


clang-6.0-UBSAN exit codes: compile 0 / execute 1
pointer_from_integer_1p.c:6:3: runtime error: store to misaligned address 0x00000000002a for type 'int', which requires 4 byte alignment
0x00000000002a: note: pointer points here
<memory cannot be printed>
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==14629==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x00000000002a (pc 0x000000420cc0 bp 0x000000420ce0 sp 0x7fffffffdbf0 T14629)
==14629==The signal is caused by a WRITE memory access.
==14629==Hint: address points to the zero page.
    #0 0x420cbf in main (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-UBSAN.out+0x420cbf)
    #1 0x7ffff6ee582f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #2 0x4029c8 in _start (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-UBSAN.out+0x4029c8)

UndefinedBehaviorSanitizer can not provide additional info.
==14629==ABORTING


clang-6.0-ASAN exit codes: compile 0 / execute 1
AddressSanitizer:DEADLYSIGNAL
=================================================================
==14643==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000002a (pc 0x0000004e720c bp 0x0000004e7280 sp 0x7fffffffdbf0 T0)
==14643==The signal is caused by a WRITE memory access.
==14643==Hint: address points to the zero page.
    #0 0x4e720b in main (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-ASAN.out+0x4e720b)
    #1 0x7ffff6ee582f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #2 0x419d78 in _start (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-ASAN.out+0x419d78)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-ASAN.out+0x4e720b) in main
==14643==ABORTING


clang-6.0-MSAN exit codes: compile 0 / execute 77
MemorySanitizer:DEADLYSIGNAL
==14657==ERROR: MemorySanitizer: SEGV on unknown address 0x00000000002a (pc 0x00000048dbe1 bp 0x00000048dc60 sp 0x7fffffffdbf0 T14657)
==14657==The signal is caused by a WRITE memory access.
==14657==Hint: address points to the zero page.
    #0 0x48dbe0 in main (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-MSAN.out+0x48dbe0)
    #1 0x7ffff6ee582f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #2 0x41a728 in _start (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-MSAN.out+0x41a728)

MemorySanitizer can not provide additional info.
SUMMARY: MemorySanitizer: SEGV (/local/scratch/pes20/repos/rsem/csem/charon2/pointer_from_integer_1p.c.clang-6.0-MSAN.out+0x48dbe0) in main
==14657==ABORTING


icc-19-O0 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


icc-19-O2 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


icc-19-O3 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


icc-19-O2-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


icc-19-O3-no-strict-aliasing exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


compcert-3.4 exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


compcert-3.4-O exit codes: compile 0 / execute 139
Segmentation fault (core dumped)


kcc-1.0 exit codes: compile 0 / execute 139
Conversion from an integer to non-null pointer:
      > in main at pointer_from_integer_1p.c:11:3

    Implementation defined behavior (IMPL-CCV13):
        see C11 section 6.3.2.3:5 http://rvdoc.org/C11/6.3.2.3
        see CERT section INT36-C http://rvdoc.org/CERT/INT36-C