Physical Type Checking for C
Satish Chandra and Thomas Reps
The effectiveness of traditional type checking in C is limited by the
presence of type conversions using type casts. Because the C standard
allows arbitrary type conversions between pointer types, neither C
compilers, nor tools such as lint, can guarantee type safety in
the presence of such type conversions. In particular, by using casts
involving pointers to structures (C
To address these problems, we have developed a stronger form of type
checking for C programs, called physical type checking. Physical
type checking takes into account the layout of C
(Click here to access the paper:
PostScript,
PDF.)
structs
), a programmer can
interpret any memory region to be of any desired type, further
compromising C's weak type system. Not only do type casts make a program
vulnerable to type errors, they hinder program comprehension and
maintenance by creating latent dependencies between seemingly
independent pieces of code.
struct
fields in
memory. This paper describes an inference-based physical type
checking algorithm. Our algorithm can be used to perform static safety
checks, as well as compute useful information for software engineering
applications.