Example: prov2a.c

up: index
prev: prov2.c
next: ghost1.c

    #include <stdio.h>
    #include <string.h>
    #include "capprint.h"
    
    int y=2, x=1;
    
    int main()
    {
        int *p = &x + 1;
        int *q = &y ;
        fprintf(stderr,"Addresses: p=%" PTR_FMT " q=%" PTR_FMT "\n ", sptr((void*)p), sptr((void*)q));
        if(memcmp(&p, &q, sizeof(p)) == 0) {
            *p = 11; // does this have undefined behaviour ?
            fprintf(stderr,"x=%d y=%d *p=%d *q=%d\n",x,y,*p,*q);
        } else
            fprintf(stderr,"memcpy(&p,&q) != 0\n");
    
        if(p == q) {
            *p = 11; // does this have undefined behaviour ?
            fprintf(stderr,"x=%d y=%d *p=%d *q=%d\n",x,y,*p,*q);
        } else
            fprintf(stderr,"p != q\n");    
    }

Experimental data (what does this mean?)

cerberus-cheri-no-pnvi
cerberus-cheri-revocation-no-pnvi
cerberus-cheri-cornucopia-no-pnvi
 
Addresses: p=(@disabled, 0xffffe7b4 [rwRW,0xffffe7b0-0xffffe7b4]) q=(@disabled, 0xffffe7b4 [rwRW,0xffffe7b4-0xffffe7b8])
 memcpy(&p,&q) != 0
x=1 y=11 *p=11 *q=11
 
cerberus-cheri
cerberus-cheri-revocation
cerberus-cheri-cornucopia
 
exit codes: compile 0 / execute 1
Undefined {ub: "UB_CERB002b_out_of_bound_store", loc: "<19:9--19:16>"}
Addresses: p=(@69, 0xffffe7b4 [rwRW,0xffffe7b0-0xffffe7b4]) q=(@68, 0xffffe7b4 [rwRW,0xffffe7b4-0xffffe7b8])
 memcpy(&p,&q) != 0
 
clang-riscv-O3-bounds-subobject-safe
 
Addresses: p=0x104468 [rwRW,0x104464-0x104468] q=0x104460 [rwRW,0x104460-0x104464]
 memcpy(&p,&q) != 0
p != q
 
clang-riscv-O3-bounds-conservative
clang-riscv-O0-bounds-subobject-safe
clang-riscv-O0-bounds-aggressive
clang-riscv-O0-bounds-very-aggressive
clang-riscv-O0-bounds-everywhere-unsafe
 
Addresses: p=0x104488 [rwRW,0x104484-0x104488] q=0x104480 [rwRW,0x104480-0x104484]
 memcpy(&p,&q) != 0
p != q
 
clang-riscv-O0-bounds-conservative
clang-riscv-O0-bounds-references-only
 
Addresses: p=0x104438 [rwRW,0x104434-0x104438] q=0x104430 [rwRW,0x104430-0x104434]
 memcpy(&p,&q) != 0
p != q
 
clang-morello-O3-bounds-subobject-safe
 
Addresses: p=0x1315c8 [rwRW,0x1315c4-0x1315c8] q=0x1315c0 [rwRW,0x1315c0-0x1315c4]
 memcpy(&p,&q) != 0
p != q
 
clang-morello-O0-bounds-subobject-safe
clang-morello-O0-bounds-aggressive
clang-morello-O0-bounds-very-aggressive
clang-morello-O0-bounds-everywhere-unsafe
 
Addresses: p=0x131498 [rwRW,0x131494-0x131498] q=0x131490 [rwRW,0x131490-0x131494]
 memcpy(&p,&q) != 0
p != q
 
clang-morello-O3-bounds-conservative
 
Addresses: p=0x131608 [rwRW,0x131604-0x131608] q=0x131600 [rwRW,0x131600-0x131604]
 memcpy(&p,&q) != 0
p != q
 
clang-morello-O0-bounds-conservative
clang-morello-O0-bounds-references-only
 
Addresses: p=0x131448 [rwRW,0x131444-0x131448] q=0x131440 [rwRW,0x131440-0x131444]
 memcpy(&p,&q) != 0
p != q
 
gcc-morello-O3
 
exit codes: compile 0 / execute 137
tests/cheri/prov2a.c: In function 'main':
tests/cheri/prov2a.c:13:9: warning: array subscript 1 is outside array bounds of 'int[1]' [-Warray-bounds]
   13 |         *p = 11; // does this have undefined behaviour ?
      |         ^~
tests/cheri/prov2a.c:5:10: note: while referencing 'x'
    5 | int y=2, x=1;
      |          ^
tests/cheri/prov2a.c:19:9: warning: array subscript 1 is outside array bounds of 'int[1]' [-Warray-bounds]
   19 |         *p = 11; // does this have undefined behaviour ?
      |         ^~
tests/cheri/prov2a.c:5:10: note: while referencing 'x'
    5 | int y=2, x=1;
      |          ^
Addresses: p=0x4275cc [rwRW,0x4275c8-0x4275cc] q=0x4275cc [rwRW,0x4275cc-0x4275d0]
 memcpy(&p,&q) != 0
 
gcc-morello-O0
 
Addresses: p=0x427bd0 [rwRW,0x427bcc-0x427bd0] q=0x427bc8 [rwRW,0x427bc8-0x427bcc]
 memcpy(&p,&q) != 0
p != q