-16th Nov 2020
+Monday 16th Nov 2020
Formally proving tiny bits of qemu using Frama-C
-[in medias res]
+\f
In early October I was talking to one of the developers of Frama-C,
which is a modular framework for verifying C programs. It's been on
I will provide links to tutorials etc at the end.
\f
+= OVERVIEW OF FRAMA-C ECOSYSTEM =
+
+The name stands for "Framework for Static Analysis of the C language".
+
+It's modular, with a core program that reads C source code
+and turns it into Abstract Syntax Trees. And a set of plugins
+to do static analysis by annotating these syntax trees.
+Plugins can cooperate, so analysis can be passed between
+plugins.
+
+The following slides are taken from David Mentré‘s 2016 presentation.
+
+\f
I decided to spend a day or two last month seeing if I could formally
prove some code inside qemu, and I arbitrarily picked one of the
smallest pieces of code in the "util/" subdirectory:
checked it, and it's correct - the code is bug-free.
\f
-= OVERVIEW OF FRAMA-C ECOSYSTEM =
-
-Let's interrupt this and talk about Frama-C. The name stands
-for "Framework for Static Analysis of the C language".
-
-It's modular, with a core program that reads C source code
-and turns it into Abstract Syntax Trees. And a set of plugins
-to do static analysis by annotating these syntax trees.
-Plugins can cooperate, so analysis can be passed between
-plugins.
-
-The following slides are taken from David Mentré‘s 2016 presentation.
-
-\f
-= BACK TO RANGE.C =
-
Going back to what we proved so far:
/*@
git.annexia.org / libguestfs-talks.git / commitdiff