Defining the Undefinedness of C ∗ Chris Hathhorn Chucky Ellison Grigore Ros, u University of Missouri, USA University of Illinois at Urbana-Champaign, USA
[email protected] {celliso2, grosu}@illinois.edu Abstract Our work is an extension to Ellison and Ros, u [6]. In that paper, We present a “negative” semantics of the C11 language—a seman- the authors focused on giving semantics to correct programs and tics that does not just give meaning to correct programs, but also showed how their formal definition could yield a number of tools rejects undefined programs. We investigate undefined behavior in for exploring program evaluation. But the evaluation they performed C and discuss the techniques and special considerations needed for was against defined programs, and the completeness they claimed formally specifying it. We have used these techniques to modify and was for defined programs. In this work, in contrast, we focus on extend a semantics of C into one that captures undefined behavior. identifying undefined programs. We cover the issues we faced in The amount of semantic infrastructure and effort required to achieve moving a complete but overspecified semantics (in the sense that it this was unexpectedly high, in the end nearly doubling the size of gave meaning to undefined programs) to one capable of catching the original semantics. From our semantics, we have automatically the core-language undefined behaviors. extracted an undefinedness checker, which we evaluate against other To the best of our knowledge, ours is the most comprehensive popular analysis tools, using our own test suite in addition to a semantic treatment of undefinedness in C.