1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package dexfuzz.program.mutators;
18
19import dexfuzz.Log;
20import dexfuzz.MutationStats;
21import dexfuzz.program.MInsn;
22import dexfuzz.program.MutatableCode;
23import dexfuzz.program.Mutation;
24import dexfuzz.rawdex.formats.ContainsConst;
25
26import java.util.ArrayList;
27import java.util.List;
28import java.util.Random;
29
30public class ConstantValueChanger extends CodeMutator {
31  /**
32   * Every CodeMutator has an AssociatedMutation, representing the
33   * mutation that this CodeMutator can perform, to allow separate
34   * generateMutation() and applyMutation() phases, allowing serialization.
35   */
36  public static class AssociatedMutation extends Mutation {
37    public int constInsnIdx;
38    public long newConstant;
39
40    @Override
41    public String getString() {
42      StringBuilder builder = new StringBuilder();
43      builder.append(constInsnIdx).append(" ");
44      builder.append(newConstant);
45      return builder.toString();
46    }
47
48    @Override
49    public void parseString(String[] elements) {
50      constInsnIdx = Integer.parseInt(elements[2]);
51      newConstant = Long.parseLong(elements[3]);
52    }
53  }
54
55  // The following two methods are here for the benefit of MutationSerializer,
56  // so it can create a CodeMutator and get the correct associated Mutation, as it
57  // reads in mutations from a dump of mutations.
58  @Override
59  public Mutation getNewMutation() {
60    return new AssociatedMutation();
61  }
62
63  public ConstantValueChanger() { }
64
65  public ConstantValueChanger(Random rng, MutationStats stats, List<Mutation> mutations) {
66    super(rng, stats, mutations);
67    likelihood = 70;
68  }
69
70  // A cache that should only exist between generateMutation() and applyMutation(),
71  // or be created at the start of applyMutation(), if we're reading in mutations from
72  // a file.
73  private List<MInsn> constInsns = null;
74
75  private void generateCachedConstInsns(MutatableCode mutatableCode) {
76    if (constInsns != null) {
77      return;
78    }
79
80    constInsns = new ArrayList<MInsn>();
81    for (MInsn mInsn : mutatableCode.getInstructions()) {
82      if (mInsn.insn.info.format instanceof ContainsConst) {
83        constInsns.add(mInsn);
84      }
85    }
86  }
87
88  @Override
89  protected boolean canMutate(MutatableCode mutatableCode) {
90    for (MInsn mInsn : mutatableCode.getInstructions()) {
91      if (mInsn.insn.info.format instanceof ContainsConst) {
92        return true;
93      }
94    }
95
96    Log.debug("Method contains no const instructions.");
97    return false;
98  }
99
100  @Override
101  protected Mutation generateMutation(MutatableCode mutatableCode) {
102    generateCachedConstInsns(mutatableCode);
103
104    // Pick a random const instruction.
105    int constInsnIdx = rng.nextInt(constInsns.size());
106    MInsn constInsn = constInsns.get(constInsnIdx);
107
108    // Get the constant.
109    long oldConstant = ((ContainsConst)constInsn.insn.info.format).getConst(constInsn.insn);
110
111    long newConstant = oldConstant;
112
113    // Make a new constant.
114    while (newConstant == oldConstant) {
115      newConstant = rng.nextLong()
116          % ((ContainsConst)constInsn.insn.info.format).getConstRange();
117    }
118
119    AssociatedMutation mutation = new AssociatedMutation();
120    mutation.setup(this.getClass(), mutatableCode);
121    mutation.constInsnIdx = constInsnIdx;
122    mutation.newConstant = newConstant;
123    return mutation;
124  }
125
126  @Override
127  protected void applyMutation(Mutation uncastMutation) {
128    // Cast the Mutation to our AssociatedMutation, so we can access its fields.
129    AssociatedMutation mutation = (AssociatedMutation) uncastMutation;
130    MutatableCode mutatableCode = mutation.mutatableCode;
131
132    generateCachedConstInsns(mutatableCode);
133
134    MInsn constInsn = constInsns.get(mutation.constInsnIdx);
135
136    long oldConstant = ((ContainsConst)constInsn.insn.info.format).getConst(constInsn.insn);
137
138    Log.info("Changed constant value #" + oldConstant + " to #" + mutation.newConstant
139        + " in " + constInsn);
140
141    stats.incrementStat("Changed constant value");
142
143    // Set the new constant.
144    ((ContainsConst)constInsn.insn.info.format).setConst(constInsn.insn, mutation.newConstant);
145
146    // Clear cache.
147    constInsns = null;
148  }
149}
150