@Override
public Instruction execute(ThreadInfo th) {
StackFrame sf = th.getModifiableTopFrame();
IntegerExpression sym_v1 = (IntegerExpression) sf.getOperandAttr(0);
IntegerExpression sym_v2 = (IntegerExpression) sf.getOperandAttr(1);
if (sym_v1 == null && sym_v2 == null)
return super.execute(th); // we'll still do the concrete execution
else {
int v1 = sf.pop();
int v2 = sf.pop();
sf.push(0, false); // for symbolic expressions, the concrete value does not matter
IntegerExpression result = null;
if (sym_v1 != null) {
if (sym_v2 != null) result = sym_v1._or(sym_v2);
else // v2 is concrete
result = sym_v1._or(v2);
} else if (sym_v2 != null) result = sym_v2._or(v1);
sf.setOperandAttr(result);
// System.out.println("Execute IADD: "+result);
return getNext(th);
}
}
public Instruction execute(ThreadInfo ti) {
StackFrame frame = ti.getModifiableTopFrame();
float v = frame.popFloat();
frame.pushLong((long) v);
return getNext(ti);
}
@Override
public Instruction execute(ThreadInfo th) {
IntegerExpression sym_lval =
(IntegerExpression) th.getModifiableTopFrame().getLongOperandAttr();
if (sym_lval == null) {
return super.execute(th);
} else {
// throw new RuntimeException("## Error: symbolic L2F not yet hanled ");
// here we get a hold of the current path condition and
// add an extra mixed constraint sym_dval==sym_ival
ChoiceGenerator<?> cg;
if (!th.isFirstStepInsn()) { // first time around
cg = new PCChoiceGenerator(1); // only one choice
th.getVM().getSystemState().setNextChoiceGenerator(cg);
return this;
} else { // this is what really returns results
cg = th.getVM().getSystemState().getChoiceGenerator();
assert (cg instanceof PCChoiceGenerator) : "expected PCChoiceGenerator, got: " + cg;
}
// get the path condition from the
// previous choice generator of the same type
PathCondition pc;
ChoiceGenerator<?> prev_cg = cg.getPreviousChoiceGenerator();
while (!((prev_cg == null) || (prev_cg instanceof PCChoiceGenerator))) {
prev_cg = prev_cg.getPreviousChoiceGenerator();
}
if (prev_cg == null)
pc = new PathCondition(); // TODO: handling of preconditions needs to be changed
else pc = ((PCChoiceGenerator) prev_cg).getCurrentPC();
assert pc != null;
StackFrame sf = th.getModifiableTopFrame();
sf.popLong();
sf.push(0, false); // for symbolic expressions, the concrete value does not matter
SymbolicReal sym_fval = new SymbolicReal();
sf.setOperandAttr(sym_fval);
pc._addDet(Comparator.EQ, sym_fval, sym_lval);
if (!pc.simplify()) { // not satisfiable
th.getVM().getSystemState().setIgnored(true);
} else {
// pc.solve();
((PCChoiceGenerator) cg).setCurrentPC(pc);
// System.out.println(((PCChoiceGenerator) cg).getCurrentPC());
}
// System.out.println("Execute L2F: " + sf.getLongOperandAttr());
return getNext(th);
}
}
@Override
public Instruction execute(ThreadInfo ti) {
StackFrame frame = ti.getModifiableTopFrame();
int v1 = frame.pop();
int v2 = frame.pop();
frame.push(v1 | v2);
return getNext(ti);
}
@Override
public Instruction execute(ThreadInfo ti) {
StackFrame frame = ti.getModifiableTopFrame();
int v = frame.getLocalVariable(index);
v += increment;
frame.setLocalVariable(index, v, false);
return getNext(ti);
}
protected void push(FeatureExpr ctx, StackFrame frame, ElementInfo ei, int index)
throws ArrayIndexOutOfBoundsExecutiveException {
ei.checkArrayBounds(ctx, index);
Conditional<Byte> value;
Fields f = ei.getFields();
if (f instanceof ByteArrayFields) {
value = ei.getByteElement(index);
} else if (f instanceof BooleanArrayFields) {
value =
ei.getBooleanElement(index)
.mapr(
new Function<Boolean, Conditional<Byte>>() {
@Override
public Conditional<Byte> apply(Boolean v) {
return One.valueOf((byte) (v ? 1 : 0));
}
})
.simplify();
} else {
value = nullValue;
}
frame.push(ctx, value);
}
@Override
public Instruction execute(ThreadInfo th) {
StackFrame sf = th.getModifiableTopFrame();
RealExpression sym_v1 = (RealExpression) sf.getOperandAttr(1);
RealExpression sym_v2 = (RealExpression) sf.getOperandAttr(3);
if (sym_v1 == null && sym_v2 == null) { // both conditions are concrete
return super.execute(th);
} else { // at least one condition is symbolic
Instruction nxtInstr =
IFInstrSymbHelper.getNextInstructionAndSetPCChoiceDouble(
th, this, sym_v1, sym_v2, Comparator.LT, Comparator.EQ, Comparator.GT);
return nxtInstr;
}
}
@Override
public Instruction execute(ThreadInfo ti) {
StackFrame sf = ti.getModifiableTopFrame();
IntegerExpression sym_v1 = (IntegerExpression) sf.getOperandAttr(1);
IntegerExpression sym_v2 = (IntegerExpression) sf.getOperandAttr(0);
if ((sym_v1 == null) && (sym_v2 == null)) { // both conditions are concrete
// System.out.println("Execute IF_ICMPLT: The conditions are concrete");
return super.execute(ti);
} else { // at least one condition is symbolic
Instruction nxtInstr =
IFInstrSymbHelper.getNextInstructionAndSetPCChoice(
ti, this, sym_v1, sym_v2, Comparator.LT, Comparator.GE);
return nxtInstr;
}
}
@MJI
public void $init(MJIEnv env, int objref, FeatureExpr ctx) {
ThreadInfo ti = env.getThreadInfo();
StackFrame caller = ti.getCallerStackFrame();
Instruction insn = caller.getPC().getValue();
InsnExecCount a = insn.getAttr(InsnExecCount.class);
if (a == null) {
a = new InsnExecCount();
insn.addAttr(a);
}
SystemState ss = env.getSystemState();
if (!ss.hasRestorer(a)) {
env.getSystemState().putRestorer(a, new InsnCountRestorer(a));
}
a.count++;
env.setIntField(ctx, objref, "id", new One<>(a.count));
}
protected void popValue(StackFrame frame) {
value = Double.longBitsToDouble(frame.popLong());
}
public Conditional<Boolean> popConditionValue(FeatureExpr ctx, StackFrame frame) {
final Conditional<Integer> v1 = frame.pop(ctx);
final Conditional<Integer> v2 = frame.pop(ctx);
return maprIf(v1, v2);
}
@SuppressWarnings("deprecation")
@Override
public Instruction execute(ThreadInfo ti) {
StackFrame sf = ti.getModifiableTopFrame();
IntegerExpression sym_v = (IntegerExpression) sf.getOperandAttr();
if (sym_v == null) { // the condition is concrete
return super.execute(ti);
} else { // the condition is symbolic
ChoiceGenerator<?> cg;
if (!ti.isFirstStepInsn()) { // first time around
cg = new PCChoiceGenerator(matches.length + 1);
((PCChoiceGenerator) cg).setOffset(this.position);
((PCChoiceGenerator) cg).setMethodName(this.getMethodInfo().getCompleteName());
ti.getVM().getSystemState().setNextChoiceGenerator(cg);
return this;
} else { // this is what really returns results
cg = ti.getVM().getSystemState().getChoiceGenerator();
assert (cg instanceof PCChoiceGenerator) : "expected PCChoiceGenerator, got: " + cg;
}
sym_v = (IntegerExpression) sf.getOperandAttr();
sf.pop();
PathCondition pc;
// pc is updated with the pc stored in the choice generator above
// get the path condition from the
// previous choice generator of the same type
// TODO: could be optimized to not do this for each choice
ChoiceGenerator<?> prev_cg = cg.getPreviousChoiceGeneratorOfType(PCChoiceGenerator.class);
if (prev_cg == null) pc = new PathCondition();
else pc = ((PCChoiceGenerator) prev_cg).getCurrentPC();
assert pc != null;
int idx = (Integer) cg.getNextChoice();
if (idx == matches.length) { // default branch
lastIdx = DEFAULT;
for (int i = 0; i < matches.length; i++) pc._addDet(Comparator.NE, sym_v, matches[i]);
if (!pc.simplify()) { // not satisfiable
ti.getVM().getSystemState().setIgnored(true);
} else {
// pc.solve();
((PCChoiceGenerator) cg).setCurrentPC(pc);
// System.out.println(((PCChoiceGenerator) cg).getCurrentPC());
}
return mi.getInstructionAt(target);
} else {
lastIdx = idx;
// System.out.println("index "+idx);
pc._addDet(Comparator.EQ, sym_v, matches[idx]);
// System.out.println(sym_v + "eq"+ matches[idx]);
// System.out.println("pc after "+pc);
if (!pc.simplify()) { // not satisfiable
ti.getVM().getSystemState().setIgnored(true);
} else {
// pc.solve();
((PCChoiceGenerator) cg).setCurrentPC(pc);
// System.out.println(((PCChoiceGenerator) cg).getCurrentPC());
}
return mi.getInstructionAt(targets[idx]);
}
}
}
@Override
public Instruction execute(ThreadInfo th) {
StackFrame sf = th.getModifiableTopFrame();
IntegerExpression sym_v1 = (IntegerExpression) sf.getOperandAttr(0);
IntegerExpression sym_v2 = (IntegerExpression) sf.getOperandAttr(1);
int v1, v2;
if (sym_v1 == null && sym_v2 == null)
return super.execute(th); // we'll still do the concrete execution
// result is symbolic
if (sym_v1 == null && sym_v2 != null) {
v1 = sf.pop();
v2 = sf.pop();
if (v1 == 0) return th.createAndThrowException("java.lang.ArithmeticException", "div by 0");
sf.push(0, false);
IntegerExpression result = sym_v2._div(v1);
sf.setOperandAttr(result);
return getNext(th);
}
// div by zero check affects path condition
// sym_v1 is non-null and should be checked against zero
ChoiceGenerator<?> cg;
boolean condition;
if (!th.isFirstStepInsn()) { // first time around
cg = new PCChoiceGenerator(2);
((PCChoiceGenerator) cg).setOffset(this.position);
((PCChoiceGenerator) cg).setMethodName(this.getMethodInfo().getFullName());
th.getVM().setNextChoiceGenerator(cg);
return this;
} else { // this is what really returns results
cg = th.getVM().getChoiceGenerator();
assert (cg instanceof PCChoiceGenerator) : "expected PCChoiceGenerator, got: " + cg;
condition = (Integer) cg.getNextChoice() == 0 ? false : true;
}
v1 = sf.pop();
v2 = sf.pop();
sf.push(0, false);
PathCondition pc;
ChoiceGenerator<?> prev_cg = cg.getPreviousChoiceGeneratorOfType(PCChoiceGenerator.class);
if (prev_cg == null) pc = new PathCondition();
else pc = ((PCChoiceGenerator) prev_cg).getCurrentPC();
assert pc != null;
if (condition) { // check div by zero
pc._addDet(Comparator.EQ, sym_v1, 0);
if (pc.simplify()) { // satisfiable
((PCChoiceGenerator) cg).setCurrentPC(pc);
return th.createAndThrowException("java.lang.ArithmeticException", "div by 0");
} else {
th.getVM().getSystemState().setIgnored(true);
return getNext(th);
}
} else {
pc._addDet(Comparator.NE, sym_v1, 0);
if (pc.simplify()) { // satisfiable
((PCChoiceGenerator) cg).setCurrentPC(pc);
// set the result
IntegerExpression result;
if (sym_v2 != null) result = sym_v2._div(sym_v1);
else result = sym_v1._div_reverse(v2);
sf = th.getModifiableTopFrame();
sf.setOperandAttr(result);
return getNext(th);
} else {
th.getVM().getSystemState().setIgnored(true);
return getNext(th);
}
}
}
@Override
public Instruction execute(ThreadInfo ti) {
// We may need to add the case where we have a smybolic index and a concrete array
IntegerExpression indexAttr = null;
ArrayExpression arrayAttr = null;
StackFrame frame = ti.getModifiableTopFrame();
int arrayRef = peekArrayRef(ti); // need to be polymorphic, could be LongArrayStore
if (arrayRef == MJIEnv.NULL) {
return ti.createAndThrowException("java.lang.NullPointerException");
}
// Retrieve the array expression if it was previously in the pathcondition, and store it as an
// array attr
PCChoiceGenerator temp_cg =
(PCChoiceGenerator) ti.getVM().getLastChoiceGeneratorOfType(PCChoiceGenerator.class);
if (temp_cg != null) {
if (temp_cg
.getCurrentPC()
.arrayExpressions
.containsKey(ti.getElementInfo(ti.getModifiableTopFrame().peek(2)).toString())) {
ti.getModifiableTopFrame()
.setOperandAttr(
2,
temp_cg
.getCurrentPC()
.arrayExpressions
.get(ti.getElementInfo(ti.getModifiableTopFrame().peek(2)).toString()));
}
}
// If only the value is symbolic, we use the concrete instruction
if (peekArrayAttr(ti) == null || !(peekArrayAttr(ti) instanceof ArrayExpression)) {
// In this case, the array isn't symbolic
if (peekIndexAttr(ti) == null || !(peekIndexAttr(ti) instanceof IntegerExpression)) {
return super.execute(ti);
}
}
ChoiceGenerator<?> cg;
if (!ti.isFirstStepInsn()) { // first time around
cg = new PCChoiceGenerator(3);
((PCChoiceGenerator) cg).setOffset(this.position);
((PCChoiceGenerator) cg).setMethodName(this.getMethodInfo().getFullName());
ti.getVM().setNextChoiceGenerator(cg);
return this;
} else { // this is what really returns results
cg = ti.getVM().getChoiceGenerator();
assert (cg instanceof PCChoiceGenerator) : "expected PCChoiceGenerator, got: " + cg;
}
PathCondition pc;
ChoiceGenerator<?> prev_cg = cg.getPreviousChoiceGeneratorOfType(PCChoiceGenerator.class);
if (prev_cg == null) pc = new PathCondition();
else pc = ((PCChoiceGenerator) prev_cg).getCurrentPC();
assert pc != null;
if (peekIndexAttr(ti) == null || !(peekIndexAttr(ti) instanceof IntegerExpression)) {
int index = ti.getTopFrame().peek(1);
indexAttr = new IntegerConstant(index);
} else {
indexAttr = (IntegerExpression) peekIndexAttr(ti);
}
assert (indexAttr != null) : "indexAttr shouldn't be null in FASTORE instruction";
if (peekArrayAttr(ti) == null || !(peekArrayAttr(ti) instanceof ArrayExpression)) {
// In this case, the array isn't symbolic
if (peekIndexAttr(ti) == null || !(peekIndexAttr(ti) instanceof IntegerExpression)) {
return super.execute(ti);
} else {
// We create a symbolic array out of the concrete array
ElementInfo arrayInfo = ti.getElementInfo(arrayRef);
arrayAttr = ArrayExpression.create(arrayInfo.toString(), arrayInfo.arrayLength());
// We add the constraints about all the elements of the array
for (int i = 0; i < arrayInfo.arrayLength(); i++) {
float arrValue = arrayInfo.getFloatElement(i);
pc._addDet(
Comparator.EQ,
new SelectExpression(arrayAttr, new IntegerConstant(i)),
new RealConstant(arrValue));
}
}
} else {
arrayAttr = (ArrayExpression) peekArrayAttr(ti);
}
assert (arrayAttr != null) : "arrayAttr shouldn't be null in FASTORE instruction";
if ((Integer) cg.getNextChoice() == 1) { // check bounds of the index
pc._addDet(Comparator.GE, indexAttr, arrayAttr.length);
if (pc.simplify()) { // satisfiable
((PCChoiceGenerator) cg).setCurrentPC(pc);
return ti.createAndThrowException(
"java.lang.ArrayIndexOutOfBoundsException", "index greater than array bounds");
} else {
ti.getVM().getSystemState().setIgnored(true);
return getNext(ti);
}
} else if ((Integer) cg.getNextChoice() == 2) {
pc._addDet(Comparator.LT, indexAttr, new IntegerConstant(0));
if (pc.simplify()) { // satisfiable
((PCChoiceGenerator) cg).setCurrentPC(pc);
return ti.createAndThrowException(
"java.lang.ArrayIndexOutOfBoundsException", "index smaller than array bounds");
} else {
ti.getVM().getSystemState().setIgnored(true);
return getNext(ti);
}
} else {
pc._addDet(Comparator.LT, indexAttr, arrayAttr.length);
pc._addDet(Comparator.GE, indexAttr, new IntegerConstant(0));
if (pc.simplify()) { // satisfiable
((PCChoiceGenerator) cg).setCurrentPC(pc);
RealExpression sym_value = null;
if (frame.getOperandAttr(0) == null
|| !(frame.getOperandAttr(0) instanceof RealExpression)) {
float value = frame.popFloat();
sym_value = new RealConstant(value);
} else {
// The value is symbolic.
sym_value = (RealExpression) frame.getOperandAttr(0);
frame.popFloat();
}
// We create a new arrayAttr, and inherits information from the previous attribute
ArrayExpression newArrayAttr = new ArrayExpression(arrayAttr);
frame.pop(2); // We pop the array and the index
RealStoreExpression se = new RealStoreExpression(arrayAttr, indexAttr, sym_value);
pc._addDet(Comparator.EQ, se, newArrayAttr);
pc.arrayExpressions.put(newArrayAttr.getRootName(), newArrayAttr);
return getNext(ti);
} else {
ti.getVM().getSystemState().setIgnored(true);
return getNext(ti);
}
}
}
