| 1 | #include <stdint.h> |
|---|
| 2 | |
|---|
| 3 | int global = 10; |
|---|
| 4 | |
|---|
| 5 | int main() { |
|---|
| 6 | int count = 5; |
|---|
| 7 | int *count_p = &count; |
|---|
| 8 | |
|---|
| 9 | // Add some metadata in the top byte (this will crash unless the |
|---|
| 10 | // test is running with TBI enabled, but we won't dereference it) |
|---|
| 11 | |
|---|
| 12 | intptr_t scratch = (intptr_t)count_p; |
|---|
| 13 | scratch |= (3ULL << 60); |
|---|
| 14 | int *count_invalid_p = (int *)scratch; |
|---|
| 15 | |
|---|
| 16 | int (*main_p)() = main; |
|---|
| 17 | scratch = (intptr_t)main_p; |
|---|
| 18 | scratch |= (3ULL << 60); |
|---|
| 19 | int (*main_invalid_p)() = (int (*)())scratch; |
|---|
| 20 | |
|---|
| 21 | int *global_p = &global; |
|---|
| 22 | scratch = (intptr_t)global_p; |
|---|
| 23 | scratch |= (3ULL << 60); |
|---|
| 24 | int *global_invalid_p = (int *)scratch; |
|---|
| 25 | |
|---|
| 26 | return count; // break here |
|---|
| 27 | } |
|---|
| 28 | |
|---|
