Calculating function summary using Frama-C's value analysis

Asked Jan 06 '16 at 22:39

Active Jan 06 '16 at 22:45

Viewed 105 times

Let's say we have the following code sample:

int a(int x){
    if (x < 0){
        return -50;
    }
    if (x >= 0 && x <= 3600){
        return x - 100;
    }

    return x + 100;
}

int main(){
    int q = Frama_C_interval(50, 5000); 

    return a(q);
}

By running the frama-c value analysis tool I can deduce the interval of the result of a() which turns out to be [-50, 5100] as expected. What I'd like to calculate now is the function summary of a() i.e. the relation between the input and the output. The result I am looking for in the above example would look something like this:

[50,3600] -> [-50, 3500]
[3601,5000] -> [3701, 5100]

Note that I am interested in a context based summary so other cases in function a() are of less interest.

What would be the best way to achieve this?

edited Jan 06 '16 at 22:45

asked Jan 06 '16 at 22:39

Maor Veitsman

1,424
8
18

2

This is possible using the programmatic API and/or a sufficiently well-crafted `main` function. In both cases, you will have to write OCaml code to extract the possible values for the outputs. Did you already have a look at what is available in module `Db.Value`? – byako Jan 06 '16 at 23:41
Thank you for your help! I will have a look at the API, however crafting a main function would be simpler in my use case. – Maor Veitsman Jan 08 '16 at 15:39

Calculating function summary using Frama-C's value analysis

0 Answers0