Stack Overflow
Stack Overflow

Questions tagged [frama-c]

Frama-C is an Open Source suite of tools dedicated to the analysis of C source code.

Frama-C offers ready-to-use analyses for C programs: call graph, value analysis, functional dependencies, Program Dependence Graph, runtime monitoring, etc. It also allows the verification of functional properties, temporal logic, and much more. Results can be expressed in plain text, in SARIF, or in Frama-C's graphical interface.

Each analysis is implemented as a plug-in, and plug-ins inside the platform can use the results of one another. Frama-C is Open Source and extensible: new analyses can be implemented in OCaml as additional plug-ins that take advantage of existing ones. They communicate using the ACSL specification language, which also enables describing what the program is supposed to do.

Most provided analyses in Frama-C are sound: used within a delimited perimeter, all the behaviors that can happen at run-time are included in the behaviors statically predicted by Frama-C. Notwithstanding the possibility of bugs, plug-ins must be used as documented for the property to hold. This makes it possible to use Frama-C for the formal verification of C programs.

447 questions
2
votes
1 answer

scanf not working as expected in Frama-C

In the program below, function dec uses scanf to read an arbitrary input from the user. dec is called from main and depending on the input it returns 1 or 0 and accordingly an operation will be performed. However, the value analysis indicates that…
karan
  • 67
  • 4
2
votes
1 answer

Merge C source files as CIL

I would like to merge C source files as I was doing with CIL and the cilly script. Does Frama-c provide this scripting functionality ?
Yaroe
  • 21
  • 2
2
votes
1 answer

Invalid location in Frama-c value analysis

I am trying to analyze some program that resemble the following using the value analysis: int main(int argc, char **argv){ char *argv0 = argv[0]; char x = argv0[1]; char y = argv0[2]; return 0; } After normalization and analysis the program…
rsaill
  • 91
  • 1
  • 7
2
votes
1 answer

Slicing using frama-c

I'm using frama-c in order to do some experiments on program slicing. The tool is great and there are a lot of different types of slicing (by result or by statement, for example). I'm using a program data structure like: typedef struct ComplexData…
Luke
  • 25
  • 3
2
votes
1 answer

Frama-C preprocessor inserts \old to every pointer reference in ensures clause

I'm using Frama-C version Silicon-20161101. Every time a reference a pointer value *x in an ensures clause the preprocessor inserts *\old(x) unnecessarily. For example // File swap.c: /*@ requires \valid(a) && \valid(b); @ ensures A: *a ==…
cdalves
  • 21
  • 3
2
votes
0 answers

Calculate dependencies between different c files with frama-c

I am trying to compute the variable dependencies in a project with different c files. Each of those files has a main function, and they are not calling each other. However they have shared variables and I need to calculate the final dependencies…
J. Abe
  • 45
  • 6
2
votes
1 answer

Db.Value.AfterTable.find api change for Frama-C Aluminium

I am trying to migrate a plugin for Frama-C Fluorine version to Frama-C Aluminium. When doing so, I cannot find the appropriate replacement for function Db.Value.AfterTable.find, the closest one I found is Db.Value.AfterTable_By_Callstack.find.…
Trúc Nguyễn Lâm
  • 371
  • 2
  • 9
2
votes
1 answer

Frama-C Aluminum "Unbound module GMenu"

On Fedora 21, I compiled the Frama-C Aluminum distribution from source after installing all its prerequisites. My version of OCaml is 4.02.3. Frama-C and the Frama-C GUI work fine. I am trying to follow section 2.3, "The ViewCfg plug-in" of the…
gsp
  • 67
  • 1
  • 5
2
votes
1 answer

What does the message "unreachable entry point" mean?

I have a file containing several ACSL assertions (file.c): #include #include void foo() { int a=0; //@ assert(a==0); } void print(const char* text) { int a=0; //@ assert(a==0); printf("%s\n",text); } int…
Paddre
  • 798
  • 1
  • 9
  • 19
2
votes
1 answer

Is "\NearestEven" available in frama-c Aluminium-20160501?

The ACSL implementation (Version 1.11 Implementation in Aluminium-20160501) lists \NearestEven as a rounding mode (page 23). However, it doesn't appear to be still available at runtime. When I ran the following code: /*@ requires 0x1p-967 <= C <=…
user4233211
2
votes
1 answer

Implementation of frama-clang

So far I've found the STANCE project (Stance project website) a reader (found on the website) and a presentation (also found on the website). Also, apparently there will be a frama-c day taking place on June 20th where frama-clang is going to be…
Paddre
  • 798
  • 1
  • 9
  • 19
2
votes
1 answer

Frama-C: No splitting of if-statement

I have the following problem when analyzing if-conditions with my plugin. When I analyze code like if ((a && b) || c) Frama-C creates code like this: if (a) { if (b){ goto _LOR; } else{ goto _LAND; } } else{ …
Thomas Böhm
  • 1,456
  • 1
  • 15
  • 27
2
votes
2 answers

Frama-C Plugin: Resolve array-values

I'm working on a frama-c plugin that should resolve the values of all kinds of varibles. I managed to dereference pointers and structs and typedefs and print the correspoinding values. Now I'm struggling with getting the values of an array. Here…
Thomas Böhm
  • 1,456
  • 1
  • 15
  • 27
2
votes
1 answer

frama-c : how to assume malloc succeeds?

I would like to analyze my program assuming malloc successfully returns an allocated buffer. When I run the value plugin with the command /Users/philippeantoine/.opam/4.02.3/bin/frama-c -val testalloc.c on this simple program : #include…
Philippe Antoine
  • 31
  • 4
2
votes
1 answer

Slicing for multiple asserts

Is it possible to use Frama-C's slicing plugin to slice for more than one assertion? E.g. given the following code: #include "assert.h" int main() { double a=3; double b=4; b=a+b; double c=123; //@ assert(b>=0); double d=a/b; …
Paddre
  • 798
  • 1
  • 9
  • 19
1 2 3
29 30