Fixes for analysis of reflection and Unsafe

  * Refactored the list of fields that can't be accessed via reflection
    to use the single rules for all cases (engine, concrete executor,
    codegen)

  * Updated this list for Java 11 classes

  * Added a check to avoid marking reflection-inaccessible static fields
    as meaningful (they can't be reflexively created by the codegen anyway)

  * Added `jdk.internal` to the list of system packages to avoid
    mocking, disabled mocking for classes that can't be accessed via
    reflection

  * Added a wrapper for `SecurityManager` and override for two related
    methods in [Class]

Author: dtim

utbot-core/src/main/kotlin/org/utbot/common/ReflectionUtil.kt

@@ -72,4 +72,4 @@ inline fun <reified R> Field.withAccessibility(block: () -> R): R {
         isAccessible = prevAccessibility
         setModifiers(this, prevModifiers)
     }
-}
+}

utbot-framework-api/src/main/kotlin/org/utbot/framework/plugin/api/Api.kt

@@ -922,7 +922,7 @@ open class FieldId(val declaringClass: ClassId, val name: String) {
         return result
     }
 
-    override fun toString() = safeJField.toString()
+    override fun toString() = safeJField?.toString() ?: "[unresolved] $declaringClass.$name"
 }
 
 inline fun <T> withReflection(block: () -> T): T {

utbot-framework/src/main/java/org/utbot/engine/overrides/Class.java

@@ -7,4 +7,14 @@ public class Class {
     public static boolean desiredAssertionStatus() {
         return true;
     }
+
+    private void checkMemberAccess(SecurityManager sm, int which,
+                                   java.lang.Class<?> caller, boolean checkProxyInterfaces) {
+        // Do nothing to allow everything
+    }
+
+    private void checkPackageAccess(SecurityManager sm, final ClassLoader ccl,
+                                    boolean checkProxyInterfaces) {
+        // Do nothing to allow everything
+    }
 }

utbot-framework/src/main/java/org/utbot/engine/overrides/security/UtSecurityManager.java

@@ -0,0 +1,16 @@
+package org.utbot.engine.overrides.security;
+
+import java.security.Permission;
+
+/**
+ * Overridden implementation for [java.lang.SecurityManager] class
+ */
+public class UtSecurityManager {
+    public void checkPermission(Permission perm) {
+        // Do nothing to allow everything
+    }
+
+    public void checkPackageAccess(String pkg) {
+        // Do nothing to allow everything
+    }
+}

utbot-framework/src/main/kotlin/org/utbot/engine/MockStrategy.kt

@@ -45,6 +45,7 @@ private val systemPackages = setOf(
     "sun.reflect", // we cannot mock Reflection since mockers are using it during the execution
     "java.awt",
     "sun.misc",
+    "jdk.internal",
     "kotlin.jvm.internal",
     "kotlin.internal"
 )

utbot-framework/src/main/kotlin/org/utbot/engine/Mocks.kt

@@ -19,6 +19,7 @@ import kotlin.reflect.KFunction2
 import kotlin.reflect.KFunction5
 import kotlinx.collections.immutable.persistentListOf
 import org.utbot.engine.util.mockListeners.MockListenerController
+import org.utbot.framework.util.isInaccessibleViaReflection
 import soot.BooleanType
 import soot.RefType
 import soot.Scene
@@ -183,6 +184,7 @@ class Mocker(
         if (isUtMockAssume(mockInfo)) return false // never mock UtMock.assume invocation
         if (isUtMockAssumeOrExecuteConcretely(mockInfo)) return false // never mock UtMock.assumeOrExecuteConcretely invocation
         if (isOverriddenClass(type)) return false  // never mock overriden classes
+        if (type.isInaccessibleViaReflection) return false // never mock classes that we can't process with reflection
         if (isMakeSymbolic(mockInfo)) return true // support for makeSymbolic
         if (type.sootClass.isArtificialEntity) return false // never mock artificial types, i.e. Maps$lambda_computeValue_1__7
         if (!isEngineClass(type) && (type.sootClass.isInnerClass || type.sootClass.isLocal || type.sootClass.isAnonymous)) return false // there is no reason (and maybe no possibility) to mock such classes

utbot-framework/src/main/kotlin/org/utbot/engine/ObjectWrappers.kt

@@ -13,6 +13,7 @@ import org.utbot.engine.overrides.collections.AssociativeArray
 import org.utbot.engine.overrides.collections.RangeModifiableUnlimitedArray
 import org.utbot.engine.overrides.collections.UtHashMap
 import org.utbot.engine.overrides.collections.UtHashSet
+import org.utbot.engine.overrides.security.UtSecurityManager
 import org.utbot.engine.overrides.strings.UtNativeString
 import org.utbot.engine.overrides.strings.UtString
 import org.utbot.engine.overrides.strings.UtStringBuffer
@@ -86,6 +87,8 @@ val classToWrapper: MutableMap<TypeToBeWrapped, WrapperType> =
         putSootClass(java.util.stream.BaseStream::class, UT_STREAM.className)
         putSootClass(java.util.stream.Stream::class, UT_STREAM.className)
         // TODO primitive streams https://github.com/UnitTestBot/UTBotJava/issues/146
+
+        putSootClass(java.lang.SecurityManager::class, utSecurityManagerClass)
     }
 
 /**
@@ -187,6 +190,9 @@ private val wrappers = mapOf(
     wrap(java.util.stream.BaseStream::class) { _, addr -> objectValue(STREAM_TYPE, addr, CommonStreamWrapper()) },
     wrap(java.util.stream.Stream::class) { _, addr -> objectValue(STREAM_TYPE, addr, CommonStreamWrapper()) },
     // TODO primitive streams https://github.com/UnitTestBot/UTBotJava/issues/146
+
+    // Security-related wrappers
+    wrap(SecurityManager::class) { type, addr -> objectValue(type, addr, SecurityManagerWrapper()) },
 ).also {
     // check every `wrapped` class has a corresponding value in [classToWrapper]
     it.keys.all { key ->

utbot-framework/src/main/kotlin/org/utbot/engine/SecurityManagerWrapper.kt

@@ -0,0 +1,37 @@
+package org.utbot.engine
+
+import org.utbot.engine.overrides.security.UtSecurityManager
+import org.utbot.framework.plugin.api.UtAssembleModel
+import org.utbot.framework.plugin.api.UtModel
+import org.utbot.framework.plugin.api.UtStatementModel
+import org.utbot.framework.plugin.api.classId
+import org.utbot.framework.util.nextModelName
+import soot.Scene
+import soot.SootClass
+import soot.SootMethod
+
+val utSecurityManagerClass: SootClass
+    get() = Scene.v().getSootClass(UtSecurityManager::class.qualifiedName)
+
+class SecurityManagerWrapper : BaseOverriddenWrapper(utSecurityManagerClass.name) {
+    private val baseModelName: String = "securityManager"
+
+    override fun Traverser.overrideInvoke(
+        wrapper: ObjectValue,
+        method: SootMethod,
+        parameters: List<SymbolicValue>
+    ): List<InvokeResult>? {
+        // We currently do not overload any [SecurityManager] method symbolically
+        return null
+    }
+
+    override fun value(resolver: Resolver, wrapper: ObjectValue): UtModel = resolver.run {
+        val classId = wrapper.type.classId
+        val addr = holder.concreteAddr(wrapper.addr)
+        val modelName = nextModelName(baseModelName)
+
+        val instantiationChain = mutableListOf<UtStatementModel>()
+        val modificationChain = mutableListOf<UtStatementModel>()
+        return UtAssembleModel(addr, classId, modelName, instantiationChain, modificationChain)
+    }
+}

utbot-framework/src/main/kotlin/org/utbot/engine/Traverser.kt

@@ -98,6 +98,7 @@ import org.utbot.framework.plugin.api.util.signature
 import org.utbot.framework.plugin.api.util.utContext
 import org.utbot.framework.util.executableId
 import org.utbot.framework.util.graph
+import org.utbot.framework.util.isInaccessibleViaReflection
 import java.lang.reflect.ParameterizedType
 import kotlin.collections.plus
 import kotlin.collections.plusAssign
@@ -631,7 +632,7 @@ class Traverser(
 
         // so, we have to make an update for the local $r0
 
-        return if (stmt is JAssignStmt) {
+        return if (stmt is JAssignStmt && stmt.leftOp is JimpleLocal) {
             val local = stmt.leftOp as JimpleLocal
 
             localMemoryUpdate(local.variable to symbolicValue)
@@ -1798,6 +1799,8 @@ class Traverser(
      */
     private fun isStaticFieldMeaningful(field: SootField) =
         !Modifier.isSynthetic(field.modifiers) &&
+            // we don't want to set fields that cannot be set via reflection anyway
+            !field.fieldId.isInaccessibleViaReflection &&
             // we don't want to set fields from library classes
             !workaround(IGNORE_STATICS_FROM_TRUSTED_LIBRARIES) {
                 ignoreStaticsFromTrustedLibraries && field.declaringClass.isFromTrustedLibrary()

utbot-framework/src/main/kotlin/org/utbot/framework/codegen/model/constructor/tree/CgMethodConstructor.kt

@@ -70,7 +70,6 @@ import org.utbot.framework.codegen.model.util.equalTo
 import org.utbot.framework.codegen.model.util.get
 import org.utbot.framework.codegen.model.util.inc
 import org.utbot.framework.codegen.model.util.isAccessibleFrom
-import org.utbot.framework.codegen.model.util.isInaccessible
 import org.utbot.framework.codegen.model.util.length
 import org.utbot.framework.codegen.model.util.lessThan
 import org.utbot.framework.codegen.model.util.nullLiteral
@@ -139,6 +138,7 @@ import org.utbot.framework.plugin.api.util.objectClassId
 import org.utbot.framework.plugin.api.util.stringClassId
 import org.utbot.framework.plugin.api.util.voidClassId
 import org.utbot.framework.plugin.api.util.wrapIfPrimitive
+import org.utbot.framework.util.isInaccessibleViaReflection
 import org.utbot.framework.util.isUnit
 import org.utbot.summary.SummarySentenceConstants.TAB
 import java.lang.reflect.InvocationTargetException
@@ -273,7 +273,7 @@ internal class CgMethodConstructor(val context: CgContext) : CgContextOwner by c
         }
     }
 
-    private fun <E> Map<FieldId, E>.accessibleFields(): Map<FieldId, E> = filterKeys { !it.isInaccessible }
+    private fun <E> Map<FieldId, E>.accessibleFields(): Map<FieldId, E> = filterKeys { !it.isInaccessibleViaReflection }
 
     /**
      * @return expression for [java.lang.Class] of the given [classId]