revoke3.c

Example: `revoke3.c`

up: index
prev: revoke2.c
next: revoke4.c

    #include <inttypes.h>
    #include <stdio.h>
    #include <stdlib.h>
    #include "capprint.h"
    
    int main()
    {
        void *p = malloc(10);
        intptr_t *tp = malloc(sizeof(intptr_t));
        intptr_t t = (intptr_t) p;
        *tp=t;
        fprintf(stderr,"Before free: %" PTR_FMT "\n", sptr((void*)*tp));
        free(p);
        fprintf(stderr,"After free: %" PTR_FMT "\n", sptr((void*)*tp));
    }

Experimental data (what does this mean?)


cerberus-cheri-revocation-no-pnvi   Before free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
After free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca] (invalid))
 
cerberus-cheri-revocation   Before free: (@85, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
After free: (@empty, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca] (invalid))
 
cerberus-cheri-no-pnvi
cerberus-cheri-cornucopia-no-pnvi   Before free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
After free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
 
cerberus-cheri
cerberus-cheri-cornucopia   Before free: (@85, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
After free: (@empty, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])
 
clang-riscv-O0-bounds-conservative
clang-riscv-O3-bounds-conservative
clang-riscv-O0-bounds-references-only
clang-riscv-O0-bounds-subobject-safe
clang-riscv-O3-bounds-subobject-safe
clang-riscv-O0-bounds-aggressive
clang-riscv-O0-bounds-very-aggressive
clang-riscv-O0-bounds-everywhere-unsafe   Before free: 0x40a1d000 [rwRW,0x40a1d000-0x40a1d00a]
After free: 0x40a1d000 [rwRW,0x40a1d000-0x40a1d00a]
 
clang-morello-O0-bounds-conservative
clang-morello-O3-bounds-conservative
clang-morello-O0-bounds-references-only
clang-morello-O0-bounds-subobject-safe
clang-morello-O3-bounds-subobject-safe
clang-morello-O0-bounds-aggressive
clang-morello-O0-bounds-very-aggressive
clang-morello-O0-bounds-everywhere-unsafe   Before free: 0x40c1d000 [rwRW,0x40c1d000-0x40c1d00a]
After free: 0x40c1d000 [rwRW,0x40c1d000-0x40c1d00a]
 
gcc-morello-O0
gcc-morello-O3   Before free: 0x40000010 [rwRW,0x40000010-0x4000001a]
After free: 0x40000010 [rwRW,0x40000010-0x4000001a]

cerberus-cheri-revocation-no-pnvi		Before free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca]) After free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca] (invalid))

cerberus-cheri-revocation		Before free: (@85, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca]) After free: (@empty, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca] (invalid))

cerberus-cheri-no-pnvi cerberus-cheri-cornucopia-no-pnvi		Before free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca]) After free: (@disabled, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])

cerberus-cheri cerberus-cheri-cornucopia		Before free: (@85, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca]) After free: (@empty, 0xffffe6c0 [rwRW,0xffffe6c0-0xffffe6ca])

clang-riscv-O0-bounds-conservative clang-riscv-O3-bounds-conservative clang-riscv-O0-bounds-references-only clang-riscv-O0-bounds-subobject-safe clang-riscv-O3-bounds-subobject-safe clang-riscv-O0-bounds-aggressive clang-riscv-O0-bounds-very-aggressive clang-riscv-O0-bounds-everywhere-unsafe		Before free: 0x40a1d000 [rwRW,0x40a1d000-0x40a1d00a] After free: 0x40a1d000 [rwRW,0x40a1d000-0x40a1d00a]

clang-morello-O0-bounds-conservative clang-morello-O3-bounds-conservative clang-morello-O0-bounds-references-only clang-morello-O0-bounds-subobject-safe clang-morello-O3-bounds-subobject-safe clang-morello-O0-bounds-aggressive clang-morello-O0-bounds-very-aggressive clang-morello-O0-bounds-everywhere-unsafe		Before free: 0x40c1d000 [rwRW,0x40c1d000-0x40c1d00a] After free: 0x40c1d000 [rwRW,0x40c1d000-0x40c1d00a]

gcc-morello-O0 gcc-morello-O3		Before free: 0x40000010 [rwRW,0x40000010-0x4000001a] After free: 0x40000010 [rwRW,0x40000010-0x4000001a]

Example: revoke3.c

Example: `revoke3.c`