Premium
SafeType: detecting type violations for type‐basedalias analysis of C
Author(s) -
Ireland Iain,
Amaral José Nelson,
Silvera Raúl,
Cui Shimin
Publication year - 2016
Publication title -
software: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.437
H-Index - 70
eISSN - 1097-024X
pISSN - 0038-0644
DOI - 10.1002/spe.2388
Subject(s) - alias , computer science , compiler , programming language , memory safety , type inference , static analysis , benchmark (surveying) , type safety , spec# , context (archaeology) , java , compile time , database , inference , artificial intelligence , paleontology , geodesy , biology , geography
Summary To improve the ability of compilers to determine alias relations in a program, the C standard restricts the types of expressions that may access objects in memory. In practice, however, many existing C programs do not conform to these restrictions, making type‐based alias analysis unsound for those programs. As a result, type‐based alias analysis is frequently disabled. Existing approaches for verifying type safety exist within larger frameworks designed to verify overall memory safety, requiring both static analysis and runtime checks. This paper describes the motivation for analyzing the safety of type‐based alias analysis independently; presents SafeType, a purely static approach to detection of violations of the C standard's restrictions on memory accesses; describes an implementation of SafeType in the IBM XL C compiler, with flow‐sensitive and context‐sensitive queries to handle variables with type void * ; evaluates that implementation, showing that it scales to programs with hundreds of thousands of lines of code; and uses SafeType to identify a previously unreported violation in the 470.lbm benchmark in SPEC CPU2006. Copyright © 2015 John Wiley & Sons, Ltd.