OPAL: null-value in operandsArray

Question

I am currently developing a static analysis of Java code using the OPAL framework. I want to analyze the following Java method:

private void indirectCaller2b(double d, Object o1, Object o2) {
    indirectCaller1(d, o1, o2);
}

I know, that indirectCaller2b is only called with the parameters (double, ArrayList, LinkedList).

Having this in mind, I constructed an IndexedSeq of DomainValues, which I pass to the perform-method ob BaseAI. It looks like this:

Vector({ai.native_methods_parameter_type_approximation.PublicClass, null}[@0;t=101], ADoubleValue, {_ <: java.util.ArrayList, null}[@-4;t=102], {_ <: java.util.LinkedList, null}[@-5;t=103])

The this-parameter ({ai.native_methods_parameter_type_approximation.PublicClass, null}[@0;t=101]) was created with the following code:

domain.TypedValue(0, project.classFile(caller).thisType)

The other domain values were created using the parameterToValueIndex method:

org.opalj.ai.parameterToValueIndex(caller.isStatic, caller.descriptor, index), t)

Here, caller stands for the method indirectCaller2b and t is the known runtime type of the parameter (ArrayList for parameter index 1 and LinkedList for parameter index 2).

When I now perform the abstract interpretation of the method with

BaseAI.perform(classFile, caller, domain)(Some(parameters))

and print the stack index at the program counter, where the call of indirectCaller1 happens with the following code,

for (i <- 0 to analysisResult.operandsArray(pc).size - 1) {
      println(s"stack index $i: ${analysisResult.operandsArray(pc)(i)}")
}

I get the following output:

stack index 0: null

stack index 1: {_ <: java.util.LinkedList, null}[@-5;t=103]

stack index 2: ADoubleValue

stack index 3: {ai.native_methods_parameter_type_approximation.PublicClass, null}[@0;t=101]

This is a bit confusing, since I just pass the arguments of indirectCaller2b to indirectCaller1. Therefore, the output should be the same as the IndexedSeq is passed to the perform method.

But in the output, parameter after the double parameter is LinkedList instead of ArrayList. The ArrayList parameter somehow disappeared, and the last parameter on the operandStack is "null".

Can anyone explain me, how this can happen?

Answer 1

Representation of "this"

To get the correct representation for the "this" reference you should use the method

InitializedObjectValue(
    origin:     ValueOrigin,
    objectType: ObjectType    ): DomainReferenceValue

to create a representation of the this value. The difference is that in this case the AI will try to use the information that (a) the value is guaranteed to be non-null and is also guaranteed to be initialized. In particular the former property is often interesting and generally leads to more precise results.

Initializing Locals

The function: org.opalj.ai.parameterToValueIndex only calculates the logical origin information (the "pc" that is associated with the value to make it possible to identify the respective values as parameters later on).

To correctly map operands to locals you can either use the method mapOperandsToParameters or you just add all values to an IndexedSeq but add another null value for computational type category 2 values.