hartley@uvm-gen.UUCP (Stephen J. Hartley) (03/11/88)
I scan this news group every day but don't remember ever seeing a
discussion about this. Are there C compilers provided by any
vendors that generate code to perform run-time checking (toggled
by an option on the command line, say)? I have in mind run-time
checking of the type provided by Pascal compilers, such as checking
an array subscript against the array bounds, checking a pointer for
reasonable values before dereferencing it.
--
Department of Computer Science and Elec. Eng. Stephen J. Hartley
USENET: {decvax,ihnp4,linus}!dartvax!uvm-gen!hartley University of Vermont
CSNET: hartley@uvm.EDU (802) 656-3330, 862-5323chris@mimsy.UUCP (Chris Torek) (03/15/88)
In article <763@uvm-gen.UUCP> hartley@uvm-gen.UUCP (Stephen J. Hartley) writes: >... Are there C compilers provided by any vendors that generate code >to perform run-time checking ... such as checking an array subscript >against the array bounds, checking a pointer for reasonable values >before dereferencing it. I have heard of two such compilers; one is called Safe-C and I cannot recall the name of the other. For some reason this is tied in with a memory of a C interpreter that can dynamically either interpret or compile code: a handy thing to have if you ever write buggy code :-) . In general, pointer and array checking in C is difficult but not impossible. Every pointer must carry around three values (min, max, and current), and some operations must be allowed while others must be prevented. E.g., the dpANS says that int foo[MAX], *p; for (p = &foo[0]; p < &foo[MAX]; p++) is legal; hence, computing the address of foo[MAX] must be allowed, while actually indirecting through *(foo+MAX) must not. At least one of those runtime-checking systems forced one to write for (p = &foo[0]; p <= &foo[MAX - 1]; p++) -- In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163) Domain: chris@mimsy.umd.edu Path: uunet!mimsy!chris
mlandau@bbn.com (Matt Landau) (03/16/88)
In comp.lang.c (<10651@mimsy.UUCP>), chris@mimsy.UUCP (Chris Torek) writes: >I have heard of two such compilers; one is called Safe-C and I cannot >recall the name of the other. For some reason this is tied in with >a memory of a C interpreter that can dynamically either interpret or >compile code: a handy thing to have if you ever write buggy code :-) . That would be Saber-C, from Saber Software in Cambridge MA. I've been using Saber for a while now, and it's a really slick piece of work, not to mention *very* useful for tracking down a fairly obscure class of bugs (trashing random memory due to wild pointers). I've found it reasonably fast and fairly convenient to use (and getting better with each release). It's been absolutely wonderful to be able to test and debug new code in an interpretive environment, without having to write test drivers, recompile constantly, etc. Equally important, the folks at Saber seem really concerned with learning what we still perceive as problems in the system and fixing them. DISCLAIMER: These are my opinions, not those of BBN or any of its subsidiaries. I have no professional association with Saber other than as a reasonably happy user who once in a while gets to beta test new versions. -- Matt Landau Waiting for a flash of enlightenment mlandau@bbn.com in all this blood and thunder
pardo@june.cs.washington.edu (David Keppel) (03/16/88)
In article <763@uvm-gen.UUCP> hartley@uvm-gen (Stephen J. Hartley) writes: > > I scan this news group every day but don't remember ever seeing a >discussion about this. Are there C compilers provided by any >vendors that generate code to perform run-time checking (toggled >by an option on the command line, say)? I have in mind run-time >checking of the type provided by Pascal compilers, such as checking >an array subscript against the array bounds, checking a pointer for >reasonable values before dereferencing it. I think that this is very difficult to do in C. Consider a generic "pointer to char" type that can point into any-ol'-char array. What's "reasonable"? There is an alternative, namely to pass the "reasonable" limits to the pointer when it is assigned, but then this requires the char* to be structure: struct char* { val : real char* lo : real char* hi : real char* } and then what do things like: foo = (char *)33; foo = NULL; mean? We can special case them, but now life has gotten a lot more complicated. I won't go into detail, but things do get wierder. ;-D on (Dereferencing an idea) Pardo
bright@Data-IO.COM (Walter Bright) (03/17/88)
In article <763@uvm-gen.UUCP> hartley@uvm-gen.UUCP (Stephen J. Hartley) writes: >Are there C compilers provided by any >vendors that generate code to perform run-time checking (toggled >by an option on the command line, say)? All 8086 compilers have a compile-time option to insert code that checks for stack overflow. The lack of CPU hardware to check for this is a MAJOR BOTCH! A lot of effort is expended in this direction, and even then it is not 100% reliable (what if an interrupt occurs...). My run-time libraries not only check if the stack pointer is past the end of the stack, but also a 'sentinal' is checked. The sentinal is a word of a known value that is inserted at the end of the stack. If the stack overflows, probabilities are that this word will get trashed. Thus you can check to see if the stack overflowed sometime in the past.
johnson@c10sd1.StPaul.NCR.COM (Wayne D. T. Johnson) (03/23/88)
In article <763@uvm-gen.UUCP> hartley@uvm-gen.UUCP (Stephen J. Hartley) writes: > >Are there C compilers provided by any >vendors that generate code to perform run-time checking (toggled >by an option on the command line, say)? There is no compiler that I know of (but maybe there should be a run time support library that could do some of it.) This is a product known as C-TERP. It is a "C" interpreter. It executes "C" source code in a real-time environment (simuler to a BASIC interpreter) and in the process does some testing of arguments. It will even allow you to "link" in your faviourate (my spelling is terable ain't it) object code to be executed. This is a PC based product but I think a UNIX version is soon (it not already) to be announced. C-Terp is marketed by: Gimpel Software 3207 Hogarth Lane Collegeville, PA. 19426 (215) 584-4261 DIsclaimer: I am in no way related to this company nor am I receiving any payment for this statment. This is a referral, not a commercial. -- Wayne Johnson (voice) 612-638-7665 NCR Comten, Inc. (internet) johnson@ncrcce.StPaul.NCR.COM or Roseville MN 55113 johnson@c10sd1.StPaul.NCR.COM The comments stated here do not reflect the policy of NCR Comten.