cbmc/symex__dereference__state_8cpp_source.html

 /*******************************************************************\


 Module: Symbolic Execution of ANSI-C


 Author: Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #include "symex_dereference_state.h"


 const symbolt *

 symex_dereference_statet::get_or_create_failed_symbol(const exprt &expr)

 {

   if(is_ssa_expr(expr))

   {

     const ssa_exprt &ssa_expr=to_ssa_expr(expr);

     if(ssa_expr.get_original_expr().id()!=ID_symbol)

       return nullptr;


     const symbolt &ptr_symbol=

       ns.lookup(to_ssa_expr(expr).get_object_name());


     const irep_idt &failed_symbol = ptr_symbol.type.get(ID_C_failed_symbol);


     const symbolt *symbol;

     if(!failed_symbol.empty() && !ns.lookup(failed_symbol, symbol))

     {

       symbolt sym=*symbol;

       symbolt *sym_ptr=nullptr;

       const ssa_exprt sym_expr =

         state.rename_ssa<L1>(ssa_exprt{sym.symbol_expr()}, ns).get();

       sym.name = sym_expr.get_identifier();

       state.symbol_table.move(sym, sym_ptr);

       return sym_ptr;

     }

   }

   else if(expr.id()==ID_symbol)

   {

     const symbolt &ptr_symbol=

       ns.lookup(to_symbol_expr(expr).get_identifier());


     const irep_idt &failed_symbol = ptr_symbol.type.get(ID_C_failed_symbol);


     const symbolt *symbol;

     if(!failed_symbol.empty() && !ns.lookup(failed_symbol, symbol))

     {

       symbolt sym=*symbol;

       symbolt *sym_ptr=nullptr;

       const ssa_exprt sym_expr =

         state.rename_ssa<L1>(ssa_exprt{sym.symbol_expr()}, ns).get();

       sym.name = sym_expr.get_identifier();

       state.symbol_table.move(sym, sym_ptr);

       return sym_ptr;

     }

   }


   return nullptr;

 }


 std::vector<exprt>

 symex_dereference_statet::get_value_set(const exprt &expr) const

 {

   return state.value_set.get_value_set(expr, ns);

 }

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

dstringt::empty
bool empty() const
Definition: dstring.h:89

exprt
Base class for all expressions.
Definition: expr.h:56

goto_statet::value_set
value_sett value_set
Uses level 1 names, and is used to do dereferencing.
Definition: goto_state.h:51

goto_symex_statet::symbol_table
symbol_tablet symbol_table
contains symbols that are minted during symbolic execution, such as dynamically created objects etc.
Definition: goto_symex_state.h:67

goto_symex_statet::rename_ssa
renamedt< ssa_exprt, level > rename_ssa(ssa_exprt ssa, const namespacet &ns)
Version of rename which is specialized for SSA exprt.
Definition: goto_symex_state.cpp:152

irept::get
const irep_idt & get(const irep_idt &name) const
Definition: irep.cpp:44

irept::id
const irep_idt & id() const
Definition: irep.h:388

namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:148

ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17

ssa_exprt::get_original_expr
const exprt & get_original_expr() const
Definition: ssa_expr.h:33

symbol_exprt::get_identifier
const irep_idt & get_identifier() const
Definition: std_expr.h:160

symbol_tablet::move
virtual bool move(symbolt &symbol, symbolt *&new_symbol) override
Move a symbol into the symbol table.
Definition: symbol_table.cpp:67

symbolt
Symbol table entry.
Definition: symbol.h:28

symbolt::symbol_expr
class symbol_exprt symbol_expr() const
Produces a symbol_exprt for a symbol.
Definition: symbol.cpp:121

symbolt::type
typet type
Type of symbol.
Definition: symbol.h:31

symbolt::name
irep_idt name
The unique identifier.
Definition: symbol.h:40

symex_dereference_statet::ns
const namespacet & ns
Definition: symex_dereference_state.h:35

symex_dereference_statet::state
goto_symext::statet & state
Definition: symex_dereference_state.h:34

symex_dereference_statet::get_value_set
std::vector< exprt > get_value_set(const exprt &expr) const override
Just forwards a value-set query to state.value_set
Definition: symex_dereference_state.cpp:79

symex_dereference_statet::get_or_create_failed_symbol
const symbolt * get_or_create_failed_symbol(const exprt &expr) override
Get or create a failed symbol for the given pointer-typed expression.
Definition: symex_dereference_state.cpp:29

value_sett::get_value_set
std::vector< exprt > get_value_set(exprt expr, const namespacet &ns) const
Gets values pointed to by expr, including following dereference operators (i.e.
Definition: value_set.cpp:390

L1
@ L1
Definition: renamed.h:24

to_ssa_expr
const ssa_exprt & to_ssa_expr(const exprt &expr)
Cast a generic exprt to an ssa_exprt.
Definition: ssa_expr.h:145

is_ssa_expr
bool is_ssa_expr(const exprt &expr)
Definition: ssa_expr.h:125

to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition: std_expr.h:272

symex_dereference_state.h
Symbolic Execution of ANSI-C.