CMakeSonar: A Static Approach to Detecting CMake Bugs with a Fine-Grained Type System

Haotian Han; Zihang Zhong; Qingan Li; Jingling Xue; Mengting Yuan

doi:10.1145/3798218

journal article Apr 10, 2026

CMakeSonar: A Static Approach to Detecting CMake Bugs with a Fine-Grained Type System

Haotian Han

Proceedings of the ACM on Programming Languages Vol. 10 No. OOPSLA1 pp. 513-539 · Association for Computing Machinery (ACM)

View at Publisher Save 10.1145/3798218

Abstract

As build systems and their scripts grow in size and complexity, detecting bugs in build configurations becomes increasingly challenging due to the rich functionality and weak typing of build scripting languages. This paper introduces CMakeSonar, the first static approach to precisely identifying semantic bugs in CMake scripts. CMakeSonar addresses this challenge by (1) designing a fine-grained type system that captures the runtime semantics of CMake values, and (2) performing a flow-sensitive analysis that detects inconsistent and ill-typed value usages by solving type constraints. Our approach identifies configuration and usage errors that can silently affect build correctness, portability, and deployment safety. In our evaluation, CMakeSonar identifies 155 bugs across 36 real-world CMake projects on GitHub, of which 23 have been accepted and fixed by developers. With a false positive rate of 4.32% and a recall of 97.48%, CMakeSonar demonstrates that precise static analysis can effectively uncover high-impact bugs in untyped build systems.

Topics

No keywords indexed for this article. Browse by subject →

References

43

[1]

10.1145/1926385.1926437

[2]

Anthropic Inc. 2025. Claude Sonnet 4. https://www.anthropic.com/claude

[3]

Ellen Arteca Max Schäfer and Frank Tip. 2023. A statistical approach for finding property-access errors. https://doi.org/10.48550/arXiv.2306.08741 10.48550/arXiv.2306.08741 10.48550/arxiv.2306.08741

[4]

10.48550/arxiv.2403.17134

[5]

Brett Cannon. 2005. Localized type inference of atomic types in python. California Polytechnic State University.

[6]

10.1145/3652588.3663317

[7]

10.1145/3597503.3639184

[8]

cmake-format contributers. 2012. CMake-Lint. https://cmake-format.readthedocs.io/en/latest/cmake-lint.html

[9]

10.48550/arxiv.2106.14316

[10]

10.1145/3211346.3211349

[11]

Dropbox. 2017. Pyannotate: Auto-generate PEP-484 annotations.. https://github. com/dropbox/pyannotate

[12]

10.1145/3540250.3549126

[13]

Facebook. 2014. Flow: A Static Type Checker for JavaScript. https://flow.org/

[14]

Facebook. 2017. Pyre-check: Performant type-checking for python.. https://github.com/facebook/pyre-check

[15]

Facebook. 2023. Buck2. https://github.com/facebook/buck2

[16]

10.1145/3395363.3397388

[17]

GitHub Inc. 2025. GitHub. https://github.com/

[18]

Google Inc. 2015. Bazel. https://github.com/bazelbuild/bazel

[19]

Google, Inc. 2015. Pytype: A static type analyzer for Python code.. https://github.com/google/pytype

[20]

10.48550/arxiv.2407.13648

[21]

10.1145/332740.332743

[22]

Haotian Han et al. 2026. CMakeSonar Data. https://github.com/orgs/CMakeSonar/repositories

[23]

Haotian Han Zihang Zhong Qingan Li Jingling Xue and Mengting Yuan. 2026. Software Artifact for "CMakeSonar : A Static Approach to Detecting CMake Bugs with a Fine-Grained Type System". https://doi.org/10.1145/3747415 10.1145/3747415 10.1145/3747415

[24]

10.1007/978-3-319-96142-2_2

[25]

Instagram. 2017. MonkeyType. https://github.com/Instagram/MonkeyType

[26]

Kitware Inc. 2024. CMake. https://cmake.org/

[27]

10.4230/lipics.ecoop.2020.15

[28]

Jukka Lehtosalo et al. 2012. mypy - Optional Static Typing for Python. http://mypy-lang.org/

[29]

LLVM Project. 2003. LLVM. https://github.com/llvm/llvm-project

[30]

Microsoft. 2012. TypeScript: JavaScript With Syntax for Types. https://www.typescriptlang.org/

[31]

Microsoft. 2019. Pyright: Static Type Checker for Python. https://github.com/microsoft/pyright

[32]

10.1145/3510003.3510124

[33]

Neil Mitchell. 2011. Shake Build System. https://shakebuild.com/

[34]

10.1145/3290331

[35]

10.1145/3510457.3513064

[36]

10.1145/3691620.3695545

[37]

Jussi Pakkanen. 2013. Meson Build System. https://github.com/mesonbuild/meson

[38]

10.1145/3510003.3510038

[39]

10.1145/2908080.2908127

[40]

10.1145/2351676.2351749

[41]

10.1145/3468264.3468574

[42]

10.48550/arxiv.2005.02161

[43]

Chen Yang Ziqi Wang Yanjie Jiang Lin Yang Yuteng Zheng Jianyi Zhou and Junjie Chen. 2025. Reflective Unit Test Generation for Precise Type Error Detection with Large Language Models. https://doi.org/10.48550/arXiv.2507.02318 10.48550/arXiv.2507.02318 10.48550/arxiv.2507.02318

Metrics

0

Citations

43

References

Details

Published: Apr 10, 2026
Vol/Issue: 10(OOPSLA1)
Pages: 513-539

Authors

H

Haotian Han

Wuhan University, Wuhan, China

Z

Zihang Zhong

Wuhan University, Wuhan, China

Q

Qingan Li

Wuhan University, Wuhan, China

J

Jingling Xue

University of New South Wales, Sydney, Australia

M

Mengting Yuan

Wuhan University, Wuhan, China

Funding

National Key R&D Program of China Award: 2022YFB4400704

Cite This Article

Haotian Han, Zihang Zhong, Qingan Li, et al. (2026). CMakeSonar: A Static Approach to Detecting CMake Bugs with a Fine-Grained Type System. Proceedings of the ACM on Programming Languages, 10(OOPSLA1), 513-539. https://doi.org/10.1145/3798218

CMakeSonar: A Static Approach to Detecting CMake Bugs with a Fine-Grained Type System

You May Also Like