package frama-c

  1. Overview
  2. Docs

Description

Frama-C gathers several analysis techniques in a single collaborative framework, based on analyzers (called "plug-ins") that can build upon the results computed by other analyzers in the framework. Thanks to this approach, Frama-C provides sophisticated tools, including:

  • an analyzer based on abstract interpretation (Eva plug-in);
  • a program proof framework based on weakest precondition calculus (WP plug-in);
  • a program slicer (Slicing plug-in);
  • a tool for verification of temporal (LTL) properties (Aoraï plug-in);
  • a runtime verification tool (E-ACSL plug-in);
  • several tools for code base exploration and dependency analysis (plug-ins From, Impact, Metrics, Occurrence, Scope, etc.). These plug-ins communicate between each other via the Frama-C API and via ACSL (ANSI/ISO C Specification Language) properties.

README

README.md

Frama-C is a platform dedicated to the analysis of source code written in C.

A Collaborative Platform

Frama-C gathers several analysis techniques in a single collaborative platform, consisting of a kernel providing a core set of features (e.g., a normalized AST for C programs) plus a set of analyzers, called plug-ins. Plug-ins can build upon results computed by other plug-ins in the platform.

Thanks to this approach, Frama-C provides sophisticated tools, including:

  • an analyzer based on abstract interpretation, aimed at verifying the absence of run-time errors (Eva);

  • a program proof framework based on weakest precondition calculus (WP);

  • a program slicer (Slicing);

  • a tool for verification of temporal (LTL) properties (Aoraï);

  • a runtime verification tool (E-ACSL);

  • several tools for code base exploration and dependency analysis (From, Impact, Metrics, Occurrence, Scope, etc.).

These plug-ins share a common language and can exchange information via ACSL (ANSI/ISO C Specification Language) properties. Plug-ins can also collaborate via their APIs.

Installation

Frama-C is available through opam, the OCaml package manager. If you have it, simply run:

opam install frama-c

or, for opam versions less than 2.1.0:

opam install depext # handles external (non-OCaml) dependencies
opam depext frama-c --install

Frama-C is developed mainly in Linux, often tested in macOS (via Homebrew), and occasionally tested on Windows (via the Windows Subsystem for Linux).

For detailed installation instructions and troubleshooting, see INSTALL.md.

Development branch

To install the development branch of Frama-C (updated nightly):

opam pin add frama-c --dev-repo

This command will pin the development version of Frama-C and try to install it. If installation fails due to missing external dependencies, try using the same commands from the Installation section to get the external dependencies and then install Frama-C.

Distribution packages

Some Linux distributions have a frama-c package, kindly provided by distribution packagers. Note that they may not correspond to the latest Frama-C release.

Usage

Frama-C can be run from the command-line, or via its graphical interface.

Simple usage

The recommended usage for simple files is one of the following lines:

frama-c file.c -<plugin> [options]
frama-c-gui file.c

Where -<plugin> is one of the several Frama-C plug-ins, e.g. -eva, or -wp, or -metrics, etc. Plug-ins can also be run directly from the GUI.

To list all plug-ins, run:

frama-c -plugins

Each plug-in has a help command (-<plugin>-help or -<plugin>-h) that describes its own options.

Finally, the list of options governing the behavior of Frama-C's kernel itself is available through

frama-c -kernel-help
Complex scenarios

For more complex usage scenarios (lots of files and directories, with several preprocessing directives), we recommend splitting Frama-C's usage in two parts:

  1. Parsing the input files and saving the result to a file;

  2. Loading the parsing results and then running the analyses or the GUI.

Parsing typically involves giving extra arguments to the C preprocessor, so the -cpp-extra-args option is often useful, as in the example below:

frama-c *.c *.h -cpp-extra-args="-D<define> -I<include>" -save parsed.sav

The results are then loaded into Frama-C for further analyses or for inspection via the GUI:

frama-c -load parsed.sav -<plugin> [options]
frama-c-gui -load parsed.sav -<plugin> [options]

Further reference

  • Links to user and developer manuals, Frama-C archives, and plug-in manuals are available at
    https://frama-c.com/html/get-frama-c.html

  • The Frama-C documentation page contains links to all manuals and plugins description, as well as tutorials, courses and more.

  • StackOverflow has several questions with the frama-c tag, which is monitored by several members of the Frama-C community.

  • The Frama-c-discuss mailing list is used for announcements and general discussions.

  • The Frama-C blog has several posts about new developments of Frama-C, as well as general discussions about the C language, undefined behavior, floating-point computations, etc.

  • The Frama-C public repository contains a daily snapshot of the development version of Frama-C, as well as the issues tracking system, for reporting bugs. These contribution guidelines detail how to submit issues or create merge requests.

Dependencies (20)

  1. conf-gtksourceview3 os != "macos"
  2. lablgtk3-sourceview3 os != "macos"
  3. lablgtk3 >= "3.1.0" & os != "macos"
  4. ppx_import
  5. ppx_deriving_yaml >= "0.2.0"
  6. ppx_deriving_yojson
  7. ppx_deriving
  8. zarith >= "1.5"
  9. yaml >= "3.0.0"
  10. why3 >= "1.6.0" & < "1.7~"
  11. ocamlgraph >= "1.8.8"
  12. ocamlfind
  13. ocaml >= "4.11.1"
  14. menhir >= "20181006" & build
  15. conf-graphviz post
  16. alt-ergo
  17. alt-ergo-free
  18. dune-site >= "3.2.0"
  19. dune-configurator
  20. dune >= "3.2.0" | (>= "3.5.0" & os = "macos")

Dev Dependencies (3)

  1. yojson >= "1.6.0" & (>= "2.0.1" | !with-test)
  2. ocamlgraph with-test & < "2.1.0"
  3. conf-time with-test

Used by (4)

  1. frama-c-metacsl >= "0.5~beta" & < "0.6"
  2. frama-clang
  3. pilat < "1.2" | >= "1.6"
  4. why < "2.32"

Conflicts (4)

  1. result < "1.5"
  2. pilat <= "1.6"
  3. mlmpfr < "4.1.0-bugfix2"
  4. cairo2 < "0.6.2"