Static Analysis of C for Hybrid Type Checking

Hybrid type checking[5] is an approach to enforcing the welltypedness of programs that, where possible, uses static analysis to determine the types of expressions, and run-time checking when the precision of static analysis is insufficeint. This approach is useful for dependent type systems in which types are parameterized by run-time values of expressions. Deputy is a dependent type system for C that allows the user to describe bounded pointers, tagged unions, and null-terminated strings. Deputy runs in two phases. In the first phase, simple typing rules are applied. The typing rules prescribe the insertion of run-time checks for certain operations. In the second phase, static analysis is used to identify checks that must either always succeed or always fail. The former may safely be removed, and the latter signify typing errors. This report describes the second phase of Deputy.