1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
|
/*
* Copyright 2000-2014 JetBrains s.r.o.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.intellij.codeInspection.bytecodeAnalysis;
import gnu.trove.TIntHashSet;
import org.jetbrains.org.objectweb.asm.Handle;
import org.jetbrains.org.objectweb.asm.Type;
import org.jetbrains.org.objectweb.asm.tree.*;
import org.jetbrains.org.objectweb.asm.tree.analysis.AnalyzerException;
import org.jetbrains.org.objectweb.asm.tree.analysis.BasicInterpreter;
import org.jetbrains.org.objectweb.asm.tree.analysis.BasicValue;
import org.jetbrains.org.objectweb.asm.tree.analysis.Frame;
import java.util.*;
import static com.intellij.codeInspection.bytecodeAnalysis.AbstractValues.*;
import static org.jetbrains.org.objectweb.asm.Opcodes.*;
class InOutAnalysis extends Analysis<Result<Key, Value>> {
final ResultUtil<Key, Value> resultUtil =
new ResultUtil<Key, Value>(new ELattice<Value>(Value.Bot, Value.Top));
private final InOutInterpreter interpreter;
private final Value inValue;
protected InOutAnalysis(RichControlFlow richControlFlow, Direction direction, TIntHashSet resultOrigins, boolean stable) {
super(richControlFlow, direction, stable);
interpreter = new InOutInterpreter(direction, richControlFlow.controlFlow.methodNode.instructions, resultOrigins);
inValue = direction instanceof InOut ? ((InOut)direction).inValue : null;
}
@Override
Result<Key, Value> identity() {
return new Final<Key, Value>(Value.Bot);
}
@Override
Result<Key, Value> combineResults(Result<Key, Value> delta, List<Result<Key, Value>> subResults) {
Result<Key, Value> result = null;
for (Result<Key, Value> subResult : subResults) {
if (result == null) {
result = subResult;
} else {
result = resultUtil.join(result, subResult);
}
}
return result;
}
@Override
boolean isEarlyResult(Result<Key, Value> res) {
if (res instanceof Final) {
return ((Final<?, Value>)res).value == Value.Top;
}
return false;
}
@Override
Equation<Key, Value> mkEquation(Result<Key, Value> res) {
return new Equation<Key, Value>(aKey, res);
}
private int id = 0;
@Override
void processState(State state) throws AnalyzerException {
int stateIndex = state.index;
Conf preConf = state.conf;
int insnIndex = preConf.insnIndex;
boolean loopEnter = dfsTree.loopEnters.contains(insnIndex);
Conf conf = loopEnter ? generalize(preConf) : preConf;
List<Conf> history = state.history;
boolean taken = state.taken;
Frame<BasicValue> frame = conf.frame;
AbstractInsnNode insnNode = methodNode.instructions.get(insnIndex);
List<Conf> nextHistory = dfsTree.loopEnters.contains(insnIndex) ? append(history, conf) : history;
Frame<BasicValue> nextFrame = execute(frame, insnNode);
if (interpreter.deReferenced) {
results.put(stateIndex, new Final<Key, Value>(Value.Bot));
computed.put(insnIndex, append(computed.get(insnIndex), state));
return;
}
int opcode = insnNode.getOpcode();
switch (opcode) {
case ARETURN:
case IRETURN:
case LRETURN:
case FRETURN:
case DRETURN:
case RETURN:
BasicValue stackTop = popValue(frame);
if (FalseValue == stackTop) {
results.put(stateIndex, new Final<Key, Value>(Value.False));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else if (TrueValue == stackTop) {
results.put(stateIndex, new Final<Key, Value>(Value.True));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else if (NullValue == stackTop) {
results.put(stateIndex, new Final<Key, Value>(Value.Null));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else if (stackTop instanceof NotNullValue) {
results.put(stateIndex, new Final<Key, Value>(Value.NotNull));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else if (stackTop instanceof ParamValue) {
results.put(stateIndex, new Final<Key, Value>(inValue));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else if (stackTop instanceof CallResultValue) {
Set<Key> keys = ((CallResultValue) stackTop).inters;
results.put(stateIndex, new Pending<Key, Value>(Collections.singleton(new Product<Key, Value>(Value.Top, keys))));
computed.put(insnIndex, append(computed.get(insnIndex), state));
}
else {
earlyResult = new Final<Key, Value>(Value.Top);
}
return;
case ATHROW:
results.put(stateIndex, new Final<Key, Value>(Value.Bot));
computed.put(insnIndex, append(computed.get(insnIndex), state));
return;
default:
}
if (opcode == IFNONNULL && popValue(frame) instanceof ParamValue) {
int nextInsnIndex = inValue == Value.Null ? insnIndex + 1 : methodNode.instructions.indexOf(((JumpInsnNode)insnNode).label);
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
if (opcode == IFNULL && popValue(frame) instanceof ParamValue) {
int nextInsnIndex = inValue == Value.NotNull ? insnIndex + 1 : methodNode.instructions.indexOf(((JumpInsnNode)insnNode).label);
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
if (opcode == IFEQ && popValue(frame) == InstanceOfCheckValue && inValue == Value.Null) {
int nextInsnIndex = methodNode.instructions.indexOf(((JumpInsnNode)insnNode).label);
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
if (opcode == IFNE && popValue(frame) == InstanceOfCheckValue && inValue == Value.Null) {
int nextInsnIndex = insnIndex + 1;
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
if (opcode == IFEQ && popValue(frame) instanceof ParamValue) {
int nextInsnIndex = inValue == Value.True ? insnIndex + 1 : methodNode.instructions.indexOf(((JumpInsnNode)insnNode).label);
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
if (opcode == IFNE && popValue(frame) instanceof ParamValue) {
int nextInsnIndex = inValue == Value.False ? insnIndex + 1 : methodNode.instructions.indexOf(((JumpInsnNode)insnNode).label);
State nextState = new State(++id, new Conf(nextInsnIndex, nextFrame), nextHistory, true, false);
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, new int[]{nextState.index}));
pending.push(new ProceedState<Result<Key, Value>>(nextState));
return;
}
// general case
int[] nextInsnIndices = controlFlow.transitions[insnIndex];
List<State> nextStates = new ArrayList<State>(nextInsnIndices.length);
int[] subIndices = new int[nextInsnIndices.length];
for (int i = 0; i < nextInsnIndices.length; i++) {
int nextInsnIndex = nextInsnIndices[i];
Frame<BasicValue> nextFrame1 = nextFrame;
if (controlFlow.errorTransitions.contains(new Edge(insnIndex, nextInsnIndex))) {
nextFrame1 = new Frame<BasicValue>(frame);
nextFrame1.clearStack();
nextFrame1.push(new BasicValue(Type.getType("java/lang/Throwable")));
}
nextStates.add(new State(++id, new Conf(nextInsnIndex, nextFrame1), nextHistory, taken, false));
subIndices[i] = id;
}
pending.push(new MakeResult<Result<Key, Value>>(state, myIdentity, subIndices));
for (State nextState : nextStates) {
pending.push(new ProceedState<Result<Key, Value>>(nextState));
}
}
private Frame<BasicValue> execute(Frame<BasicValue> frame, AbstractInsnNode insnNode) throws AnalyzerException {
interpreter.deReferenced = false;
switch (insnNode.getType()) {
case AbstractInsnNode.LABEL:
case AbstractInsnNode.LINE:
case AbstractInsnNode.FRAME:
return frame;
default:
Frame<BasicValue> nextFrame = new Frame<BasicValue>(frame);
nextFrame.execute(insnNode, interpreter);
return nextFrame;
}
}
private static Conf generalize(Conf conf) {
Frame<BasicValue> frame = new Frame<BasicValue>(conf.frame);
for (int i = 0; i < frame.getLocals(); i++) {
BasicValue value = frame.getLocal(i);
Class<?> valueClass = value.getClass();
if (valueClass != BasicValue.class && valueClass != ParamValue.class) {
frame.setLocal(i, new BasicValue(value.getType()));
}
}
BasicValue[] stack = new BasicValue[frame.getStackSize()];
for (int i = 0; i < frame.getStackSize(); i++) {
stack[i] = frame.getStack(i);
}
frame.clearStack();
for (BasicValue value : stack) {
Class<?> valueClass = value.getClass();
if (valueClass != BasicValue.class && valueClass != ParamValue.class) {
frame.push(new BasicValue(value.getType()));
} else {
frame.push(value);
}
}
return new Conf(conf.insnIndex, frame);
}
}
class InOutInterpreter extends BasicInterpreter {
final Direction direction;
final InsnList insns;
final TIntHashSet resultOrigins;
final boolean nullAnalysis;
boolean deReferenced = false;
InOutInterpreter(Direction direction, InsnList insns, TIntHashSet resultOrigins) {
this.direction = direction;
this.insns = insns;
this.resultOrigins = resultOrigins;
nullAnalysis = (direction instanceof InOut) && (((InOut)direction).inValue) == Value.Null;
}
@Override
public BasicValue newOperation(AbstractInsnNode insn) throws AnalyzerException {
boolean propagate = resultOrigins.contains(insns.indexOf(insn));
if (propagate) {
switch (insn.getOpcode()) {
case ICONST_0:
return FalseValue;
case ICONST_1:
return TrueValue;
case ACONST_NULL:
return NullValue;
case LDC:
Object cst = ((LdcInsnNode)insn).cst;
if (cst instanceof Type) {
Type type = (Type)cst;
if (type.getSort() == Type.OBJECT || type.getSort() == Type.ARRAY) {
return new NotNullValue(Type.getObjectType("java/lang/Class"));
}
if (type.getSort() == Type.METHOD) {
return new NotNullValue(Type.getObjectType("java/lang/invoke/MethodType"));
}
}
else if (cst instanceof String) {
return new NotNullValue(Type.getObjectType("java/lang/String"));
}
else if (cst instanceof Handle) {
return new NotNullValue(Type.getObjectType("java/lang/invoke/MethodHandle"));
}
break;
case NEW:
return new NotNullValue(Type.getObjectType(((TypeInsnNode)insn).desc));
default:
}
}
return super.newOperation(insn);
}
@Override
public BasicValue unaryOperation(AbstractInsnNode insn, BasicValue value) throws AnalyzerException {
boolean propagate = resultOrigins.contains(insns.indexOf(insn));
switch (insn.getOpcode()) {
case GETFIELD:
case ARRAYLENGTH:
case MONITORENTER:
if (nullAnalysis && value instanceof ParamValue) {
deReferenced = true;
}
return super.unaryOperation(insn, value);
case CHECKCAST:
if (value instanceof ParamValue) {
return new ParamValue(Type.getObjectType(((TypeInsnNode)insn).desc));
}
break;
case INSTANCEOF:
if (value instanceof ParamValue) {
return InstanceOfCheckValue;
}
break;
case NEWARRAY:
case ANEWARRAY:
if (propagate) {
return new NotNullValue(super.unaryOperation(insn, value).getType());
}
break;
default:
}
return super.unaryOperation(insn, value);
}
@Override
public BasicValue binaryOperation(AbstractInsnNode insn, BasicValue value1, BasicValue value2) throws AnalyzerException {
switch (insn.getOpcode()) {
case IALOAD:
case LALOAD:
case FALOAD:
case DALOAD:
case AALOAD:
case BALOAD:
case CALOAD:
case SALOAD:
case PUTFIELD:
if (nullAnalysis && value1 instanceof ParamValue) {
deReferenced = true;
}
break;
default:
}
return super.binaryOperation(insn, value1, value2);
}
@Override
public BasicValue ternaryOperation(AbstractInsnNode insn, BasicValue value1, BasicValue value2, BasicValue value3) throws AnalyzerException {
switch (insn.getOpcode()) {
case IASTORE:
case LASTORE:
case FASTORE:
case DASTORE:
case AASTORE:
case BASTORE:
case CASTORE:
case SASTORE:
if (nullAnalysis && value1 instanceof ParamValue) {
deReferenced = true;
}
default:
}
return super.ternaryOperation(insn, value1, value2, value3);
}
@Override
public BasicValue naryOperation(AbstractInsnNode insn, List<? extends BasicValue> values) throws AnalyzerException {
boolean propagate = resultOrigins.contains(insns.indexOf(insn));
int opCode = insn.getOpcode();
int shift = opCode == INVOKESTATIC ? 0 : 1;
switch (opCode) {
case INVOKESPECIAL:
case INVOKEINTERFACE:
case INVOKEVIRTUAL:
if (nullAnalysis && values.get(0) instanceof ParamValue) {
deReferenced = true;
return super.naryOperation(insn, values);
}
}
if (propagate) {
switch (opCode) {
case INVOKESTATIC:
case INVOKESPECIAL:
case INVOKEVIRTUAL:
case INVOKEINTERFACE:
boolean stable = opCode == INVOKESTATIC || opCode == INVOKESPECIAL;
MethodInsnNode mNode = (MethodInsnNode)insn;
Method method = new Method(mNode.owner, mNode.name, mNode.desc);
Type retType = Type.getReturnType(mNode.desc);
boolean isRefRetType = retType.getSort() == Type.OBJECT || retType.getSort() == Type.ARRAY;
if (!Type.VOID_TYPE.equals(retType)) {
if (direction instanceof InOut) {
InOut inOut = (InOut)direction;
HashSet<Key> keys = new HashSet<Key>();
for (int i = shift; i < values.size(); i++) {
if (values.get(i) instanceof ParamValue) {
keys.add(new Key(method, new InOut(i - shift, inOut.inValue), stable));
}
}
if (isRefRetType) {
keys.add(new Key(method, new Out(), stable));
}
if (!keys.isEmpty()) {
return new CallResultValue(retType, keys);
}
}
else if (isRefRetType) {
HashSet<Key> keys = new HashSet<Key>();
keys.add(new Key(method, new Out(), stable));
return new CallResultValue(retType, keys);
}
}
break;
case MULTIANEWARRAY:
return new NotNullValue(super.naryOperation(insn, values).getType());
default:
}
}
return super.naryOperation(insn, values);
}
}
|
