Abstracts over the concrete type of IllegalValue
.
Abstracts over the concrete type of IllegalValue
.
This type needs to be refined whenever the class IllegalValue
is refined or the type DomainValue
is refined.
Abstracts over the concrete type of ReturnAddressValue
.
Abstracts over the concrete type of ReturnAddressValue
. Needs to be fixed
by some sub-trait/sub-class. In the simplest case (i.e., when neither the
Value
trait nor the ReturnAddressValue
trait was refined) it is sufficient
to write:
type DomainReturnAddressValue = ReturnAddressValue
Abstracts over the concrete type of Value
.
Abstracts over the concrete type of Value
. Needs to be refined by traits that
inherit from Domain
and which extend Domain
's Value
trait.
A simple type alias of the type DomainValue
; used to facilitate comprehension.
A simple type alias of the type DomainValue
; used to facilitate comprehension.
A type alias for Iterable
s of ExceptionValue
s; used to facilitate comprehension.
A type alias for Iterable
s of ExceptionValue
s; used to facilitate comprehension.
Represents a value that has no well defined state/type.
Represents a value that has no well defined state/type. Such values are the result of a join of two incompatible values and are generally only found in registers (in the locals) and then identify a value that is dead.
org.opalj.ai.Domain.Value for further details.
An instruction's current register values/locals are represented using an array.
An instruction's current register values/locals are represented using an array.
An instruction's operands are represented using a list where the first element of the list represents the top level operand stack value.
An instruction's operands are represented using a list where the first element of the list represents the top level operand stack value.
Stores a single return address (i.e., a program counter/index into the code array).
Stores a single return address (i.e., a program counter/index into the code array).
Though the framework completely handles all aspects related to return address
values, it is nevertheless necessary that this class inherits from Value
as return addresses are stored on the stack/in the registers. However,
if the Value
trait should be refined, all additional methods may – from
the point-of-view of OPAL-AI - just throw an OperationNotSupportedException
as these additional methods will never be called by OPAL-AI.
A collection of (not furhter stored) return address values.
A collection of (not furhter stored) return address values. Primarily used when we join the executions of subroutines.
Abstracts over a concrete operand stack value or a value stored in one of the local variables/registers.
Abstracts over a concrete operand stack value or a value stored in one of the local variables/registers.
In general, subclasses and users of a Domain
should not have/declare
a direct dependency on Value
. Instead they should use DomainValue
as otherwise
extensibility of a Domain
may be hampered or even be impossible. The only
exceptions are, of course, classes that directly inherit from this class.
If you directly extend/refine this trait (i.e., in a subclass of the Domain
trait
you write something like trait Value extends super.Value
), make sure that
you also extend all classes/traits that inherit from this type
(this may require a deep mixin composition and that you refine the type
DomainType
accordingly).
However, OPAL was designed such that extending this class should – in general
– not be necessary. It may also be easier to encode the desired semantics – as
far as possible – as part of the domain.
Standard inheritance from this trait is always supported and is the primary mechanism to model an abstract domain's lattice w.r.t. some special type of value. In general, the implementation should try to avoid creating new instances of values unless strictly required to model the domain's semantics. This will greatly improve the overall performance as this framework heavily uses reference-based equality checks to speed up the evaluation.
OPAL does not rely on any special equality semantics w.r.t. values and
never directly or indirectly calls a Value
's equals
or eq
method. Hence,
a domain can encode equality such that it best fits its need.
However, some of the provided domains rely on the following semantics for equals:
Two domain values have to be equal (==
) iff they represent the same
information. This includes additional information, such as, the value of
the origin.
E.g., a value (AnIntegerValue
) that represents an arbitrary Integer
value
has to return true
if the domain value with which it is compared also
represents an arbitrary Integer
value (AnIntegerValue
). However,
it may still be necessary to use multiple objects to represent an arbitrary
integer value if, e.g., constraints should be attached to specific values.
For example, after a comparison of an integer value with a predefined
value (e.g., AnIntegerValue < 4
) it is possible to constrain the respective
value on the subsequent paths (< 4 on one path and >= 4 on the other path).
To make that possible, it is however necessary to distinguish the
AnIntegervalue
from some other AnIntegerValue
to avoid constraining
unrelated values.
public void foo(int a,int b) { if(a < 4) { z = a - 2 // here a is constrained (< 4), b and z are unconstrained } else { z = a + 2 // here a is constrained (>= 4), b and z are unconstrained } }
In general, equals
is only defined for values belonging to the same
domain. If values need to be compared across domains, they need to be adapted
to a target domain first.
Creates a non-null object that represent a ArithmeticException
and that has the
given origin
.
Creates a non-null object that represent a ArithmeticException
and that has the
given origin
.
If the ArithmeticException
was created by the VM while evaluating an instruction
with the program counter pc
you use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
Creates a non-null object that represent a ArrayIndexOutOfBoundsException
and that has the
given origin
.
Creates a non-null object that represent a ArrayIndexOutOfBoundsException
and that has the
given origin
.
If the ArrayIndexOutOfBoundsException
was created by the VM while evaluating an instruction
with the program counter pc
you use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
Creates a non-null object that represent a ArrayStoreException
and that has the
given origin
.
Creates a non-null object that represent a ArrayStoreException
and that has the
given origin
.
If the ArrayStoreException
was created by the VM while evaluating an instruction
with the program counter pc
you use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
Creates a non-null object that represent a ClassCastException
and that has the
given origin
.
Creates a non-null object that represent a ClassCastException
and that has the
given origin
.
If the ClassCastException
was created by the VM while evaluating an instruction
with the program counter pc
you use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
The class tag can be used to create type safe arrays or to extract the concrete type of the domain value.
The class tag can be used to create type safe arrays or to extract the concrete type of the domain value.
val DomainReferenceValue(v) = value // of type "DomainValue" // v is now of the type DomainReferenceValue
The class tag for the type DomainValue
.
The class tag for the type DomainValue
.
Required to generate instances of arrays in which values of type
DomainValue
can be stored in a type-safe manner.
In the sub-trait or class that fixes the type of DomainValue
it is necessary
to implement this abstract val
using:
val DomainValueTag : ClassTag[DomainValue] = implicitly
(As of Scala 2.10 it is necessary that you do not use implicit
in the subclass -
it will compile, but fail at runtime.)
Creates a non-null object that represent an IllegalMonitorStateException
and that has the
given origin
.
Creates a non-null object that represent an IllegalMonitorStateException
and that has the
given origin
.
If the IllegalMonitorStateException
was created by the VM while evaluating an instruction
with the program counter pc
you should use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
The result of the merge of two incompatible values has
to be reported as a MetaInformationUpdate[DomainIllegalValue]
.
The result of the merge of two incompatible values has
to be reported as a MetaInformationUpdate[DomainIllegalValue]
.
Creates a non-null object that represent a NegativeArraySizeException
and that has the
given origin
.
Creates a non-null object that represent a NegativeArraySizeException
and that has the
given origin
.
If the NegativeArraySizeException
was created by the VM while evaluating an instruction
with the program counter pc
you use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
Creates a non-null object that represent a NullPointerException
and that has the
given origin
.
Creates a non-null object that represent a NullPointerException
and that has the
given origin
.
If the NullPointerException
was created by the VM while evaluating an instruction
with the program counter pc
you should use the method ValueOriginForVMLevelValue to
translate that pc
to the appropriate ValueOrigin.
Factory method to create an instance of a ReturnAddressValue
.
Factory method to create an instance of a ReturnAddressValue
.
The singleton instance of the IllegalValue
.
The singleton instance of the IllegalValue
.
The singleton instance of ReturnAddressValues
The singleton instance of ReturnAddressValues
Creates a non-null object that represent a Throwable
object and that has the
given origin
.
Creates a non-null object that represent a Throwable
object and that has the
given origin
.
If the Throwable
was created by the VM while evaluating an instruction with
the program counter pc
you should use the method ValueOriginForVMLevelValue
to translate that pc
to the appropriate ValueOrigin.
The result of merging two values should never be reported as a
StructuralUpdate
if the computed value is an IllegalValue
.
The result of merging two values should never be reported as a
StructuralUpdate
if the computed value is an IllegalValue
. The JVM semantics guarantee
that the value will not be used and, hence, continuing the interpretation is meaningless.
This method is solely defined for documentation purposes and to catch implementation errors early on.
Merges the given domain value v1
with the domain value v2
and returns
the merged value which is v1
if v1
is an abstraction of v2
, v2
if v2
is an abstraction of v1
or some other value if a new value is computed that
abstracts over both values.
Merges the given domain value v1
with the domain value v2
and returns
the merged value which is v1
if v1
is an abstraction of v2
, v2
if v2
is an abstraction of v1
or some other value if a new value is computed that
abstracts over both values.
This operation is commutative.
Returns a string representation of the properties associated with the instruction with the respective program counter.
Returns a string representation of the properties associated with the instruction with the respective program counter.
Associating properties with an instruction and maintaining those properties
is, however, at the sole responsibility of the Domain
.
This method is predefined to facilitate the development of support tools and is not used by the abstract interpretation framework.
Domain
s that define (additional) properties should (abstract
) override
this method and should return a textual representation of the property.
Creates a summary of the given domain values by summarizing and
joining the given values
.
Creates a summary of the given domain values by summarizing and
joining the given values
. For the precise details
regarding the calculation of a summary see Value.summarize(...)
.
The program counter that will be used for the summary value if a new value is returned that abstracts over/summarizes the given values.
An Iterable
over one or more values.
The current algorithm is generic and should satisfy most needs, but it is not very efficient. However, it should be easy to tailor it for a specific domain/domain values, if need be.
Returns the type(type bounds) of the given value.
Returns the type(type bounds) of the given value.
In general a single value can have multiple type bounds which depend on the
control flow.
However, all types that the value represents must belong to the same
computational type category. I.e., it is possible that the value either has the
type "NullPointerException
or IllegalArgumentException
", but it will never have
– at the same time – the (Java) types int
and long
. Furthermore,
it is possible that the returned type(s) is(are) only an upper bound of the
real type unless the type is a primitive type.
This default implementation always returns org.opalj.ai.UnknownType.
typeOfValue
This method is typically not implemented by a single Domain
trait/object, but is
instead implemented collaboratively by all domains that implement the semantics
of certain values. To achieve that, other Domain
traits that implement a
concrete domain's semantics have to abstract override
this method and only
return the value's type if the domain knows anything about the type. If a method
that overrides this method has no knowledge about the given value, it should
delegate this call to its super method.
Example
trait FloatValues extends Domain[...] { ... abstract override def typeOfValue(value: DomainValue): TypesAnswer = value match { case r: FloatValue ⇒ IsFloatValue case _ ⇒ super.typeOfValue(value) } }
Defines factory methods for those exceptions that are (also) created by the JVM when the evaluation of a specific bytecode instruction fails (e.g.,
idiv
,checkcast
,monitorexit
,return
...).