modptr7.c
up: index
prev: modptr6.c
next: modptr7a.c
#include <stdio.h>
#include <stdint.h>
#include "capprint.h"
void real_f(int x)
{
fprintf(stderr,"real_f(%d)\n", x);
}
int main()
{
void (*f)(int) = &real_f;
fprintf(stderr,"Original:\t%" PTR_FMT "\n", sptr((void*)f));
uintptr_t uif = (uintptr_t)f;
uif++;
uif--;
f=(void (*)(int))uif;
fprintf(stderr,"Modified:\t%" PTR_FMT "\n", sptr((void*)f));
(*f)(42);
}
Experimental data (what does this mean?)
cerberus-cheri-no-pnvi
cerberus-cheri-revocation-no-pnvi
cerberus-cheri-cornucopia-no-pnvi exit codes: compile 0 / execute 1
Undefined {ub: "UB_CERB003_invalid_function_pointer", loc: "<19:5--19:9>"}
Original: (@disabled, 0x100000386 [rxR,0x100000386-0x100000388] (sentry))
Modified: (@disabled, 0x100000386 [rxR,0x100000386-0x100000388] (notag,sentry))
cerberus-cheri
cerberus-cheri-revocation
cerberus-cheri-cornucopia exit codes: compile 0 / execute 1
Undefined {ub: "UB_CERB003_invalid_function_pointer", loc: "<19:5--19:9>"}
Original: (@empty, 0x100000386 [rxR,0x100000386-0x100000388] (sentry))
Modified: (@empty, 0x100000386 [rxR,0x100000386-0x100000388] (notag,sentry))
clang-riscv-O3-bounds-subobject-safe Original: 0x101ffc [rxR,0x100000-0x104500] (sentry,capmode)
Modified: 0x101ffc [rxR,0x100000-0x104500] (sentry,capmode)
real_f(42)
clang-riscv-O0-bounds-subobject-safe
clang-riscv-O0-bounds-aggressive
clang-riscv-O0-bounds-very-aggressive
clang-riscv-O0-bounds-everywhere-unsafe exit codes: compile 0 / execute 1
Program received signal SIGPROT, CHERI protection violation.
Capability sealed fault caused by register ca3.
0x00000000001020aa in main () at tests/cheri/modptr7.c:15
15 uif++;
#0 0x00000000001020aa in main () at tests/cheri/modptr7.c:15
f = 0x101fe2 <real_f> [rxR,0x100000-0x1044e0] (sentry,capmode)
uif = 277928722986473025117716031337650986978
Original: 0x101fe2 [rxR,0x100000-0x1044e0] (sentry,capmode)
clang-riscv-O3-bounds-conservative Original: 0x10201e [rxR,0x100000-0x104520] (sentry,capmode)
Modified: 0x10201e [rxR,0x100000-0x104520] (sentry,capmode)
real_f(42)
clang-riscv-O0-bounds-conservative
clang-riscv-O0-bounds-references-only exit codes: compile 0 / execute 1
Program received signal SIGPROT, CHERI protection violation.
Capability sealed fault caused by register ca3.
0x000000000010207a in main () at tests/cheri/modptr7.c:15
15 uif++;
#0 0x000000000010207a in main () at tests/cheri/modptr7.c:15
f = 0x101fc2 <real_f> [rxR,0x100000-0x1044a0] (sentry,capmode)
uif = 277928722986468189414437572820952162242
Original: 0x101fc2 [rxR,0x100000-0x1044a0] (sentry,capmode)
clang-morello-O3-bounds-subobject-safe Original: 0x111021 [rxR,0x100000-0x131600] (sentry)
Modified: 0x111021 [rxR,0x100000-0x131600] (sentry)
real_f(42)
clang-morello-O0-bounds-subobject-safe
clang-morello-O0-bounds-aggressive
clang-morello-O0-bounds-very-aggressive
clang-morello-O0-bounds-everywhere-unsafe exit codes: compile 0 / execute 1
Program received signal SIGPROT, CHERI protection violation.
Capability tag fault.
real_f (x=-1336033280) at tests/cheri/modptr7.c:6
6 {
#0 real_f (x=-1336033280) at tests/cheri/modptr7.c:6
No locals.
#1 0x0000000000110f9c in main () at tests/cheri/modptr7.c:19
f = 0x110e61 <real_f> [rxRE,0x100000-0x131400] (invalid,sentry)
uif = 0x110e61 [rxRE,0x100000-0x131400] (invalid,sentry)
Original: 0x110e61 [rxR,0x100000-0x131400] (sentry)
Modified: 0x110e61 [rxR,0x100000-0x131400] (invalid,sentry)
clang-morello-O3-bounds-conservative Original: 0x111061 [rxR,0x100000-0x131640] (sentry)
Modified: 0x111061 [rxR,0x100000-0x131640] (sentry)
real_f(42)
clang-morello-O0-bounds-conservative
clang-morello-O0-bounds-references-only exit codes: compile 0 / execute 1
Program received signal SIGPROT, CHERI protection violation.
Capability tag fault.
real_f (x=-1336033280) at tests/cheri/modptr7.c:6
6 {
#0 real_f (x=-1336033280) at tests/cheri/modptr7.c:6
No locals.
#1 0x0000000000110f64 in main () at tests/cheri/modptr7.c:19
f = 0x110e41 <real_f> [rxRE,0x100000-0x1313c0] (invalid,sentry)
uif = 0x110e41 [rxRE,0x100000-0x1313c0] (invalid,sentry)
Original: 0x110e41 [rxR,0x100000-0x1313c0] (sentry)
Modified: 0x110e41 [rxR,0x100000-0x1313c0] (invalid,sentry)
gcc-morello-O3 exit codes: compile 0 / execute 137
tests/cheri/modptr7.c: In function 'main':
tests/cheri/modptr7.c:13:54: warning: ISO C forbids conversion of function pointer to object pointer type [-Wpedantic]
13 | fprintf(stderr,"Original:\t%" PTR_FMT "\n", sptr((void*)f));
| ^
tests/cheri/modptr7.c:18:54: warning: ISO C forbids conversion of function pointer to object pointer type [-Wpedantic]
18 | fprintf(stderr,"Modified:\t%" PTR_FMT "\n", sptr((void*)f));
| ^
Original: 0x402fb1 [rxRE,0x400000-0x427240] (sentry)
Modified: 0x402fb1 [rxRE,0x400000-0x427240] (invalid,sentry)
gcc-morello-O0 exit codes: compile 0 / execute 137
tests/cheri/modptr7.c: In function 'main':
tests/cheri/modptr7.c:13:54: warning: ISO C forbids conversion of function pointer to object pointer type [-Wpedantic]
13 | fprintf(stderr,"Original:\t%" PTR_FMT "\n", sptr((void*)f));
| ^
tests/cheri/modptr7.c:18:54: warning: ISO C forbids conversion of function pointer to object pointer type [-Wpedantic]
18 | fprintf(stderr,"Modified:\t%" PTR_FMT "\n", sptr((void*)f));
| ^
Original: 0x403805 [rxRE,0x400000-0x4276c0] (sentry)
Modified: 0x403805 [rxRE,0x400000-0x4276c0] (invalid,sentry)