示例#1
0
int f (int x, int y, Tstr s) {
  int a, b;
  int * p;
  int i;
  if (x > 0) {
    p =  &x;
    a = 0;
    s.a = 3;
    i =  Frama_C_interval (5, 15);
    T[i] = 1;
  }
  else {
    p =  &y;
    b = 0;
    i =  Frama_C_interval (10, 20);
    T[i] = 2;
  }
  i = 0;
  x = 5;
  y = 10;
  /* It can be interesting to see that selecting T[i]
   * is not the same than selecting T[0] even if i=0 */
  *p = i;
  x = 4;
  return *p;
}
示例#2
0
int main(){
  a = Frama_C_interval(3,17);
  b = Frama_C_interval(-3,17);
  c = Frama_C_interval(13,27);
  or1 = a | b;
  or2 = a | c;
  or3 = b | c;

  and1 = a & b;
  and2 = a & c;
  and3 = b & c;

  uand4 = 0xFFFFFFF8U & (unsigned int) c;

  xor1 = a ^ a;
  xor2 = a ^ b;

  unsigned i1 = s * 2;
  unsigned i2 = s * 4;
  unsigned v1 = i1 & i2;
  unsigned v2 = i1 | i2;
  
  unsigned mask07 = (16 * s + 13) & 0x7;
  unsigned mask0f = (16 * s + 13) & 0xF;
  unsigned mask1f = (16 * s + 13) & 0x1F;

  return 0;
}
示例#3
0
文件: for_loops.c 项目: mmcco/frama-c 
void main_2 () {
  int i,j;
  int nSelectors = Frama_C_interval(0,100);
  int w=0,v = 0;
  
  for (j = 0; j < nSelectors; j++) { if (Frama_C_interval(0,1)) w += 1;
    Frama_C_show_each_F(w);}
   // w widens to top_int
  
}
示例#4
0
/* Exhibits incompatible states between the cvalue and the symbolic location
   domains during a subdivided evaluation: some subdivisions are indeed
   unreachable. This tests deeply relies on the strategy chosen to subdivide. */
void main3() {
  int t[2] = {0, 2};
  int i = Frama_C_interval(0, 1);
  int x = i / t[i];
  int y = i / t[i]; /* Due to the previous line, i=0 is impossible; the alarm
                       will get inconsistent statuses during the subdivision,
                       and should no longer appear for the complete evaluation
                       with the symbolic locations domain. */
}
示例#5
0
int main(void) {
  uint8_t in[200];
  for (size_t i = 0; i < 200; i++) {
    in[i] = Frama_C_interval(0, 255);
  }
  uint8_t out[BYTES];
  //  uint8_t out256[256 / 8];
  //  uint8_t out384[384 / 8];
  //  uint8_t out512[512 / 8];

  uint8_t invalid;

  void* maybeout = Frama_C_nondet_ptr(&invalid, (void*)0);
  size_t outlen;
  void* maybein = Frama_C_nondet_ptr(&invalid, (void*)0);
  size_t inlen = Frama_C_interval(0, 4294967295);

  int err = 0;
  int fn = Frama_C_interval(0, 3);
  switch (fn) {
    case 0:
      FN(sha3_224);
      //@assert err < 0;
      break;
    case 1:
      FN(sha3_256);
      //@assert err < 0;
      break;
    case 2:
      FN(sha3_384);
      //@assert err < 0;
      break;
    case 3:
      FN(sha3_512);
      //@assert err < 0;
      break;
  }
  //@assert err < 0;

  //  sha3_256(out256, 256 / 8, in, Frama_C_interval(0, 200));
  //  sha3_384(out384, 384 / 8, in, Frama_C_interval(0, 200));
  //  sha3_512(out512, 512 / 8, in, Frama_C_interval(0, 200));
}
示例#6
0
/* Exhibits incompatible states between the cvalue and the equality domain.
   Relies on the absence of precise backward propagation for 2*i. */
int main2 () {
  int t[2];
  int i = Frama_C_interval(0, 1);
  t[0] = i;
  int x = t[(2*i)/2];
  int y = -1;
  if (i > 0)
    y = t[(2*i)/2]; /* Incompatible states, revealed by inconsistent statuses
                       on the alarm for index bounds. */
  return y;
}
示例#7
0
文件: for_loops.c 项目: mmcco/frama-c 
void g () {
  int j;
  int T[1000];
  int nSelectors = Frama_C_interval(0,1000);
  int w=0;
  Frama_C_dump_each();
  for (j = 0; j < nSelectors; j++) T[j] = 1;
  Frama_C_dump_each();
  for (j = 0; j < nSelectors; j++) w += T[j];
  return;
}
示例#8
0
文件: for_loops.c 项目: mmcco/frama-c 
void main () {
  int i,j;
  int nSelectors = Frama_C_interval(0,0x7FFFFFFF);
  int w=0,v = 0;
  
  for (j = 0; j <= nSelectors; j++) 
    { v = j ;
      while (v>0) v--;
      Frama_C_show_each_F(j);}
  
}
示例#9
0
/* Exhibits incompatible states between the cvalue and the equality domains.
   Based on the absence of precise backward propagation for x*x. */
void main1 () {
  int x = Frama_C_interval(0, 10);
  int y = x * x;
  int z = -1;
  if (y < 9) {
    if (x > 2)
      z = x * x; /* Incompatible states, revealed by the evaluation of x*x. */
    else
      z = -2;
  }
  else
    z = -3;
}
示例#10
0
void other() {
  i = Frama_C_float_interval(-133.0,142.0);
  s = Frama_C_float_interval(-133.0,142.0);
  r = 1 + t[(int)(i*i+2.0)];
  z = (int)(10000.0 * (s - s));
  zf = s - s;
  s2 = s + s;
  sq = s * s;
  h = s * (1 - s);
  rbits2 = access_bits(i);

  x = Frama_C_interval(0,42);
  y = (1 / x) * x;
}
示例#11
0
void g1 (){
  int t1[20], t2[20], t3[20], t4[20], t5[20], t6[20], i, j;
  for (int i=0; i<20; i++)
    if (rand) { t1[i]=1; t2[i]=2; t3[i]=3; t4[i]=4; t5[i]=5; t6[i]=6; }
  //@ assert \initialized(&t1[..]);
  //@ assert \initialized(&t2[4..]);

  i=Frama_C_interval(3,6);
  j=Frama_C_interval(12,15);
  //@ assert \initialized(&t3[i..j]); // under: t3[6..12]; over t3[3..15]

  i=Frama_C_interval(3,7);
  j=Frama_C_interval(7,15);
  //@ assert \initialized(&t4[i..j]); // under t4[7]; over t4[3..15]

  i=Frama_C_interval(7,9);
  j=Frama_C_interval(4,6);
  //@ assert \initialized(&t5[i..j]); // Empty range

  i=Frama_C_interval(7,9);
  j=Frama_C_interval(4,7);
  //@ assert \initialized(&t6[i..j]); // t6[7] or empty
}
示例#12
0
int main(void) {
  modulo(Frama_C_interval(0, 0x7fffffff), Frama_C_interval(1, 0x7fffffff));
}