A CIL Tutorial - Department of Computer Science - ETH Zürich
A CIL Tutorial - Department of Computer Science - ETH Zürich A CIL Tutorial - Department of Computer Science - ETH Zürich
CHAPTER 7. TYPE QUALIFIERS 56 class colorEraserVisitor = object(self) inherit nopCilVisitor method vattr (a : attribute) = match a with | Attr(s, ) when L.mem s color strings → ChangeTo [ ] | → DoChildren end The function eraseColors invokes the visitor colorEraserVisitor on a le. let eraseColors (f : file) : unit = let vis = new colorEraserVisitor in visitCilFile vis f The tut7 function is the entry point for this module. It checks the color types in all functions. let tut7 (f : file) : unit = iterGlobals f (onlyFunctions checkColorTypes); eraseColors f 7.2 test/tut7.c In this test, we declare a global blue integer b, and a local green integer g. We initialize g using the AddColor macro, which is dened in ciltut.h. It simply casts the constant in the second argument to the given color. Then, we attempt to assign g to b, which should elicit a warning from the compiler. # include int blue b; int main() { int green g = AddColor(green, 5); b = g; return 0; } ../test/tut7.c Now, when we attempt to compile this test, we get a warning:
CHAPTER 7. TYPE QUALIFIERS 57 $ ciltutcc enable-tut7 -o tut7 test/tut7.c Warning: test/tut7.c:16: color mismatch: int attribute (( blue )) int attribute (( green )) Which is what we expected. 7.3 Exercises 1. Modify typecheck result and colorTypesCompat to give more information when types do not match. For example, instead of returning TypesMismatch, colorTypesCompat might return PtrIntMismatch when t1 is a TPtr and t2 is a TInt (but the colors still match). 2. Corret the rule for function types in colorTypesCompat. Possibly add (a) new constructor(s) to typecheck result for the case when function types do not match. 3. In combination with the above two exercises. Generalize the type checking code in colorTypesCompat. Instead of checking the color qualiers, however, colorTypesCompat would accept a function argument for deciding whether the set of type attributes on t1 and t2 are compatible. 4. Write the Call case in colorCheckVisitor#vinst. Extract the type of the function from fe. Check the return type of the function against the destination of the return value (rlvo). Check the types of the actual arguments (args) against the types of the formal parameters. Note that there might be more actuals than formals if it is a variable argument function! 5. The attribute syntax in the warning message above could be cleaned up by inheriting from Cil's defaultCilPrinterClass and overriding the methods for printing attributes. 7.4 Further Reading Researchers have added ow-sensitive [3], and insensitive type-qualiers [2], type-qualier inference, and type-qualier polymorphism [1] to languages such as C and Java [4]. In particular, the CCured [5] tool used ow-insensitive type-qualier inference to determine the kind of fat pointer needed to check the correctness of pointer arithmetic in C, among other purposes.
- Page 7 and 8: Introduction The C Intermediate Lan
- Page 9 and 10: References [1] clang: a C language
- Page 11 and 12: CHAPTER 0. OVERVIEW AND ORGANIZATIO
- Page 13 and 14: Chapter 1 The AST The Concrete Synt
- Page 15 and 16: CHAPTER 1. THE AST 13 1.2 Printing
- Page 17 and 18: References [1] Andrew W. Appel. Mod
- Page 19 and 20: CHAPTER 2. VISITING THE AST 17 open
- Page 21 and 22: CHAPTER 2. VISITING THE AST 19 $ ci
- Page 23 and 24: Chapter 3 Dataow Analysis Dataow An
- Page 25 and 26: CHAPTER 3. DATAFLOW ANALYSIS 23 Cod
- Page 27 and 28: CHAPTER 3. DATAFLOW ANALYSIS 25 let
- Page 29 and 30: CHAPTER 3. DATAFLOW ANALYSIS 27 and
- Page 31 and 32: CHAPTER 3. DATAFLOW ANALYSIS 29 let
- Page 33 and 34: CHAPTER 3. DATAFLOW ANALYSIS 31 DoC
- Page 35 and 36: CHAPTER 3. DATAFLOW ANALYSIS 33 tes
- Page 37 and 38: References [1] Aws Albarghouthi, Ra
- Page 39 and 40: CHAPTER 4. INSTRUMENTATION 37 type
- Page 41 and 42: CHAPTER 4. INSTRUMENTATION 39 metho
- Page 43 and 44: CHAPTER 4. INSTRUMENTATION 41 $ cil
- Page 45 and 46: CHAPTER 5. INTERPRETED CONSTRUCTORS
- Page 47 and 48: CHAPTER 5. INTERPRETED CONSTRUCTORS
- Page 49 and 50: Chapter 6 Overriding Functions When
- Page 51 and 52: CHAPTER 6. OVERRIDING FUNCTIONS 49
- Page 53 and 54: References [1] Kumar Avijit, Pratee
- Page 55 and 56: CHAPTER 7. TYPE QUALIFIERS 53 let c
- Page 57: CHAPTER 7. TYPE QUALIFIERS 55 let w
- Page 61 and 62: Chapter 8 Dependant Type Qualiers O
- Page 63 and 64: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 65 and 66: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 67 and 68: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 69 and 70: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 71 and 72: CHAPTER 8. DEPENDANT TYPE QUALIFIER
- Page 73 and 74: Chapter 9 Type Qualier Inference In
- Page 75 and 76: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 77 and 78: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 79 and 80: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 81 and 82: CHAPTER 9. TYPE QUALIFIER INFERENCE
- Page 83 and 84: Chapter 10 Adding a New Kind of Sta
- Page 85 and 86: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 87 and 88: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 89 and 90: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 91 and 92: CHAPTER 10. ADDING A NEW KIND OF ST
- Page 93 and 94: Chapter 11 Program Verication In th
- Page 95 and 96: CHAPTER 11. PROGRAM VERIFICATION 93
- Page 97 and 98: CHAPTER 11. PROGRAM VERIFICATION 95
- Page 99 and 100: CHAPTER 11. PROGRAM VERIFICATION 97
- Page 101 and 102: CHAPTER 11. PROGRAM VERIFICATION 99
- Page 103 and 104: CHAPTER 11. PROGRAM VERIFICATION 10
- Page 105 and 106: CHAPTER 11. PROGRAM VERIFICATION 10
- Page 107 and 108: Chapter 12 Comments CIL has a very
CHAPTER 7. TYPE QUALIFIERS 56<br />
class colorEraserVisitor = object(self)<br />
inherit nopCilVisitor<br />
method vattr (a : attribute) =<br />
match a with<br />
| Attr(s, ) when L.mem s color strings → ChangeTo [ ]<br />
| → DoChildren<br />
end<br />
The function eraseColors invokes the visitor colorEraserVisitor on a le.<br />
let eraseColors (f : file) : unit =<br />
let vis = new colorEraserVisitor in<br />
visitCilFile vis f<br />
The tut7 function is the entry point for this module. It checks the color types in all functions.<br />
let tut7 (f : file) : unit =<br />
iterGlobals f (onlyFunctions checkColorTypes);<br />
eraseColors f<br />
7.2 test/tut7.c<br />
In this test, we declare a global blue integer b, and a local green integer g. We initialize g using<br />
the AddColor macro, which is dened in ciltut.h. It simply casts the constant in the second<br />
argument to the given color. Then, we attempt to assign g to b, which should elicit a warning from<br />
the compiler.<br />
# include <br />
int blue b;<br />
int main()<br />
{<br />
int green g = AddColor(green, 5);<br />
b = g;<br />
return 0;<br />
}<br />
../test/tut7.c<br />
Now, when we attempt to compile this test, we get a warning:
Change language