A very simple, cheap analysis to determine when dereference operations are trivially guarded by a check against a null pointer access. More...
#include <local_safe_pointers.h>
expr cannot be null as of program_point (i.e. A very simple, cheap analysis to determine when dereference operations are trivially guarded by a check against a null pointer access.
In the interests of a very cheap analysis we only search for very local guards – at the moment only if(x != null) { *x } and assume(x != null); *x are handled. Control-flow convergence and possibly-aliasing operations are handled pessimistically.
Definition at line 27 of file local_safe_pointers.h.
Return true if the local-safe-pointers analysis has determined expr cannot be null as of program_point (i.e.
that expr is non-null when the program_point instruction starts executing)
Definition at line 278 of file local_safe_pointers.cpp.
Definition at line 47 of file local_safe_pointers.h.
Compute safe dereference expressions for a given GOTO program.
This populates non_null_expressions mapping instruction location numbers onto a set of expressions that are known to be non-null BEFORE that instruction is executed.
Definition at line 82 of file local_safe_pointers.cpp.
Output non-null expressions per instruction in human-readable format.
Definition at line 189 of file local_safe_pointers.cpp.
Output safely dereferenced expressions per instruction in human-readable format.
For example, if we have an instruction ASSUME x->y->z == a->b and we know expressions x->y, a and other are not null prior to it, this will print {x->y, a}, the intersection of the dereference_exprt s used here and the known-not-null expressions.
Definition at line 233 of file local_safe_pointers.cpp.
Definition at line 39 of file local_safe_pointers.h.