Type safety

from Wikipedia, the free encyclopedia

Type safety is a term used in computer science , especially in the area of programming languages . It denotes the state (of program execution) in which the data types are used according to their definitions in the programming language used and no type violations occur.

description

Establishing type safety is the task of the compiler or the interpreter . Type checking is the process of checking the use of data types within the type system in order to identify any type violations.

For example , the types involved do not necessarily have to be identical in the case of assignments , since whole numbers can be assigned to floating point variables. However, the types involved must be assignment-compatible .

If the corresponding type errors are recognized at runtime at the latest , one speaks of "type-safe programming languages".

Use

In software development , static type safety is an essential factor that increases the code quality and the reliability of the developed program . Type-safe programs have a high level of operational security and information security . Static typing also facilitates the workflow for code refactoring . Occasionally it is argued that the aspects of type safety can also be demonstrated by sufficient test coverage.

The widespread programming language C , in contrast to the likewise very widespread programming language Java, has only limited type-safety. It is therefore often the view that less experienced or inattentive programmers in C can create faulty or easily vulnerable program code .

Static and dynamic type safety

The typed programming languages , there are those with type checks during compilation ( typed statically ) and those in which strict type tests only to maturity can take place ( dynamically typed ), such as in Smalltalk . The first concept generates program code that runs faster , which is particularly necessary for larger software systems , the latter allows more efficient and flexible data modeling , such as in object-oriented programming . Many modern programming languages ​​such as Oberon or C # therefore support both concepts.

Examples

C ++

The following examples illustrate how cast operators in the C ++ programming language, if used incorrectly, can compromise type safety. The first example shows how basic data types can be converted incorrectly:

#include <iostream>
using namespace std;

int main()
{
    int ival = 5;                                 // integer
    float fval = reinterpret_cast<float&>(ival);  // reinterpret Bitmuster
    cout << fval << endl;                         // Gibt integer als float aus
    return 0;
}

In this example, reinterpret_cast explicitly prevents the compiler from doing a safe conversion from an integer to a floating point value. When the program runs , it will print a garbage floating point value. The problem could have been avoided by writing float fval = ival instead . The next example shows how object references can be converted incorrectly:

#include <iostream>
using namespace std;

class Parent
{
public:
    virtual ~Parent() {}  // Virtueller Destruktor für RTTI
};

class Child1 : public Parent
{
public:
    int a;
};

class Child2 : public Parent
{
public:
    float b;
};

int main()
{
    Child1 c1;
    c1.a = 5;
    Parent & p = c1;                        // Der upcast ist immer sicher
    Child2 & c2 = static_cast<Child2&>(p);  // Ungültiger downcast
    cout << c2.b << endl;                   // Gibt Datenmüll aus
    return 0;
}

The two child classes have members of different types . If you pass a Parent class pointer to a child class pointer , the resulting pointer may not point to a valid object of the correct type. In the example this leads to the garbage data being output. The problem could have been avoided by replacing static_cast with dynamic_cast , which produces an Ausception triggers.

Individual evidence

  1. Hans J. Schneider: History of programming languages ( Memento of the original from July 9, 2016 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. , Friedrich-Alexander-Universität Erlangen-Nurnberg (2012), accessed on July 9, 2016 @1@ 2Template: Webachiv / IABot / www2.cs.fau.de
  2. ^ Aaron Greenhouse: A Programmer-Oriented Approach to Safe Concurrency , Carnegie Mellon University Pittsburgh (May 2003), accessed July 9, 2016
  3. Hanspeter Mössenböck : Object-Oriented Programming in Oberon-2 , see also keyword "Smalltalk", accessed on July 9, 2016
  4. Hanspeter Mössenböck , Niklaus Wirth : The Programming Language Oberon-2 , Institute for Computer Systems, ETH Zurich (October 1993), accessed on July 9, 2016
  5. Hanspeter Mössenböck : Object-oriented Programming in Oberon ( Memento of the original from September 27, 2016 in the Internet Archive ) Info: The archive link was automatically inserted and not yet checked. Please check the original and archive link according to the instructions and then remove this notice. , ETH Zurich, Institute for Computer Systems (November 19, 1997), accessed on July 9, 2016 @1@ 2Template: Webachiv / IABot / www.statlab.uni-heidelberg.de
  6. cppreference.com: reinterpret_cast conversion
  7. cppreference.com: dynamic_cast conversion