A Portable Compiler-Integrated Approach to Permanent Checking

Program checking technology is now a mature technology, but is not yet used on a large scale. We identify one cause of this gap in the decoupling of checking tools from the everyday development tools. To radically change the situation, we explore the integration of simple user-defined checks into the core of every development process: the compiler. The checks we implement express constrained reachability queries in the control flow graph taking the form "from x to y avoiding z", where x, y, and z are native code patterns containing a blend of syntactic, semantic and dataflow information. Compiler integration enables continuous checking throughout development, but also a pervasive propagation of checking technology. This integration poses some interesting challenges, but opens up new perspectives. Factorizing analyses between checking and compiling improves both the efficiency and the expressiveness of the checks. Minimalist user properties and language-independent code pattern matching ensure that our approach can be integrated almost for free in any compiler for any language. We illustrate this approach with a full-fledged checking compiler for C. We demonstrate the need for permanent checking by partially analyzing two different releases of the Linux kernel