Physical type checking for C

@article{Chandra1999PhysicalTC,
  title={Physical type checking for C},
  author={Satish Chandra and T. Reps},
  journal={ACM SIGSOFT Softw. Eng. Notes},
  year={1999},
  volume={24},
  pages={66-75}
}
  • S. Chandra, T. Reps
  • Published 6 September 1999
  • Computer Science
  • ACM SIGSOFT Softw. Eng. Notes
The effectiveness of traditional type checking in C is limited by the presence of type conversions using type casts. Because the C standard allows arbitrary type conversions between pointer types, neither C compilers, nor tools such as lint, can guarantee type safety in the presence of such type conversions. In particular, by using casts involving pointers to structures (C structs), a programmer can interpret any memory region to be of any desired type, further compromising C's weak type system… 

SafeType: detecting type violations for type‐basedalias analysis of C

TLDR
SafeType is presented, a purely static approach to detection of violations of the C standard's restrictions on memory accesses, and an implementation of SafeType in the IBM XL C compiler is described, showing that it scales to programs with hundreds of thousands of lines of code.

The ccured type system and type inference

TLDR
This report formalizes the semantics of CCured and presents experimental evidence that such a combination of static analysis and run-time checking for C can make real system software memory-safe with a reasonable performance cost and can make programming errors in instances where some existing tools like Purify cannot.

CCured: type-safe retrofitting of legacy code

TLDR
This paper describes the CCured type system, which extends that of C by separating pointer types according to their usage, and presents a surprisingly simple type inference algorithm that is able to infer the appropriate pointer kinds for existing C programs.

Securing C Programs by Dynamic Type Checking

TLDR
Experimental results show that a model of dynamic type checking on this type system to capture run-time type errors can catch most errors, including those may become system vulnerabilities and the overhead is moderate.

Taming C Pointers

TLDR
Experimental evidence is presented that such a combination of static analysis and run-time checking for C can make system software like Apache modules, Linux device drivers, and network server software memory-safe with a reasonable performance cost and can find programming errors in instances where some existing tools like Purify cannot.

CCured: type-safe retrofitting of legacy software

TLDR
CCured extends C's type system by separating pointer types according to their usage, and it uses a surprisingly simple type inference algorithm that is able to infer the appropriate pointer kinds for existing C programs.

Debugging via run-time type checking

TLDR
This research involves the design and implementation of a tool to provide new kinds of run-time checks based on type information to help C/C++ programmers find errors in their programs that manifest themselves as bad run- time types, in the same way that Purify helps programmers find mistakes in their program that manifest itself as badRun-time memory accesses.

CCured in the real world

TLDR
This paper has extended the CCured type inference algorithm to recognize and verify statically a large number of type casts and presents a new instrumentation scheme that splits CCured's metadata into a separate data structure whose shape mirrors that of the original user data.

Checking type safety of foreign function calls

TLDR
The goal of the system is to prevent foreign function calls from introducing type and memory safety violations into an otherwise safe language, and it targets OCaml's FFI to C, which is relatively lightweight and illustrates some interesting challenges in multi-lingual type inference.

Run-Time Type Checking for Binary Programs

TLDR
Because the Hobbes type checker does not rely on source code, it is effective in many situations where similar tools are not, such as when full source code is not available or when C source is linked with program fragments written in assembly or other languages.
...

References

SHOWING 1-10 OF 30 REFERENCES

Coping with type casts in C

TLDR
An approach for making sense of type casts in C, in terms of understanding their purpose and identifying fragile code, and a notion of physical subtyping, which provides a model that explains these idioms.

Lint, a C Program Checker

TLDR
This document discusses the use of lint, gives an overview of the implementa- tion, and gives some hints on the writing of machine independent C code.

Efficient context-sensitive pointer analysis for C programs

TLDR
An efficient technique for context-sensitive pointer analysis that is applicable to real C programs and based on a low-level representation of memory locations that safely handles all the features of C.

Efficient context-sensitive pointer analysis for c programs

TLDR
An efficient technique for context-sensitive pointer analysis that is applicable to real C programs and based on a low-level representation of memory locations that safely handles all the features of C.

Towards an ML-Style Polymorphic Type System for C

TLDR
It is shown that ML-style polymorphism can be integrated smoothly into a dialect of C, which is called Polymorphic C, and a type soundness theorem is proved that gives a rigorous and useful characterization of well-typed Poly Morphic C programs in terms of what can go wrong when they are evaluated.

Program decomposition for pointer aliasing: a step toward practical analyses

TLDR
A technique is presented that partitions the statements of a program to allow separate, and therefore possibly different, pointer aliasing analysis methods to be used on independent parts of the program, which enables exploration of tradeoff between algorithm efficiency and precision.

Polymorphic components for monomorphic languages

TLDR
It is shown how to obtain polymorphic software components for ordinary languages like C or Modula-2 using generic type inference in a software component library, based on the use of free (undeclared) names in a component.

Static detection of dynamic memory errors

Many important classes of bugs result from invalid assumptions about the results of functions and the values of parameters and global variables. Using traditional methods, these bugs cannot be

C++ Programming Language

TLDR
Bjarne Stroustrup makes C even more accessible to those new to the language, while adding advanced information and techniques that even expert C programmers will find invaluable.

Physical type checking for C

The effectiveness of traditional type checking in C is limited by the presence of type conversions using type casts. Because the C standard allows arbitrary type conversions between pointer types, ...