What constitutes ‘the safety of a compiler’? This is a question that keeps us busy on a daily basis. The question however is not that easy to answer, because the safety of a compiler does not exist. Safety is an emergent property – it all depends on how the compiler is used.
We were reminded of this by the appearance of a little toy in our office. It is a give-away toy from a fast food chain. Attached to the arm of the figurine is a small contraption, like a retractable dog leash. Indeed, when you pull it, a cord appears. At the same time, there is a surprisingly solid rattling sound and a pleasant vibration. Soon, however, the fun is over. The cord is no longer than ten centimetres (four inches). Huh!? How much fun is that?
Would this be a cost-cutting measure by the toy maker?
The answer is no. The length of the string is a safety measure. Most certainly, some of the millions of give-away toys will end up in the cradle of a baby. In that environment, a longer cord is a safety hazard. That is why retractable dog leashes come with safety instructions. Give-away toys, or indeed most children’s toys, have no safety instructions; they must be safe by design.
So, the question “How safe is a piece of string?” cannot be answered without the context of its use. When used in a toy, it has to be short to be safe. When used in a dog leash, it can be longer, but then must come with safety instructions. Ignoring these instructions can lead to terrible accidents.
It all depends on how the string is used. Therefore, safety is an emergent property of the string and its use. In the world of functional safety, this is why the use-case of a component is so important.
Not safe by design
The same goes for compilers. Compilers are not safe by design because they can and do contain errors. This is due to their magnificent internal complexity, and the complexity of their construction process. But before a compiler is used, it will not do any damage.
The safe use of a compiler depends on what kind of application you compile, and on the compiler options that are used – in other words, how you use it. This becomes even more important when the compiler must be qualified for use with safety-critical applications. Compiler qualification must be done with the same options that are used to compile the application.
Our day-to-day business is to improve the SuperTest validation suite for C and C++ compilers so that you can use your compiler safely and with confidence for the use-case, including the options, that you choose.
If you want to know more, select the button below to contact us.
Subscribe to our monthly blog!