UnitTestBot · dtim · Jun 28, 2022 · Jun 20, 2022 · Jun 28, 2022
diff --git a/docs/SpeculativeFieldNonNullability.md b/docs/SpeculativeFieldNonNullability.md
@@ -0,0 +1,55 @@
+# Speculative field non-nullability assumptions
+
+## The problem
+
+When a field is used as a base for a dot call (i.e., a method call or a field access),
+the symbolic engine creates a branch corresponding to the potential `NullPointerException`
+that can occur if the value of the field is `null`. For this path, the engine generates
+the hard constraint `addr(field) == null`.
+
+If the field is marked as `@NotNull`, a hard constraint `addr(field) != null` is generated
+for it. If both constraints have been generated simultaneously, the `NPE` branch is discarded
+as the constraint set is unsatisfiable.
+
+If a field does not have `@NotNull` annotation, the `NPE` branch will be kept. This behavior
+is desirable, as it increases the coverage, but it has a downside. It is possible that
+most of generated branches would be `NPE` branches, while useful paths could be lost due to timeout.
+
+Beyond that, in many cases the `null` value of a field can't be generated using the public API
+of the class. This is particularly true for final fields, especially in system classes.
+Automatically generated tests assign `null` values to fields in questions using reflection,
+but these tests may be uninformative as the corresponding `NPE` branches would never occur
+in the real code that limits itself to the public API.
+
+## The solution
+
+To discard irrelevant `NPE` branches, we can speculatively mark fields we as non-nullable even they
+do not have an explicit `@NotNull` annotation. In particular, we can use this approach to final
+fields of system classes, as they are usually correctly initialized and are not equal `null`.
+
+At the same time, we can't always add the "not null" hard constraint for the field: it would break
+some special cases like `Optional<T>` class, which uses the `null` value of its final field
+as a marker of an empty value.
+
+The engine checks for NPE and creates an NPE branch every time the address is used
+as a base of a dot call (i.e., a method call or a field access);
+see `UtBotSymbolicEngine.nullPointerExceptionCheck`). The problem is what at that moment, we would have
+no way to check whether the address corresponds to a final field, as the corresponding node
+of the global graph would refer to a local variable. The only place where we have the complete
+information about the field is this method.
+
+We use the following approach. If the field is final and belongs to a system class,
+we mark it as a speculatively non-nullable in the memory
+(see `org.utbot.engine.Memory.speculativelyNotNullAddresses`). During the NPE check
+we will add the `!isSpeculativelyNotNull(addr(field))` constraint
+to the `NPE` branch together with the usual `addr(field) == null` constraint.
+
+For final fields, these two conditions can't be satisfied at the same time, as we speculatively
+mark final fields as non-nullable. As a result, the NPE branch would be discarded. If a field
+is not final, the condition is satisfiable, so the NPE branch would stay alive.
+
+We limit this approach to the system classes only, because it is hard to speculatively assume
+something about non-nullability of final fields in the user code.
+
+The same approach can be extended for other cases where we want to speculatively consider some
+fields as non-nullable to prevent `NPE` branch generation.
diff --git a/utbot-framework/src/main/kotlin/org/utbot/engine/Extensions.kt b/utbot-framework/src/main/kotlin/org/utbot/engine/Extensions.kt
@@ -18,7 +18,6 @@ import org.utbot.engine.pc.UtSeqSort
 import org.utbot.engine.pc.UtShortSort
 import org.utbot.engine.pc.UtSolverStatusKind
 import org.utbot.engine.pc.UtSolverStatusSAT
-import org.utbot.engine.symbolic.Assumption
 import org.utbot.engine.pc.UtSort
 import org.utbot.engine.pc.mkArrayWithConst
 import org.utbot.engine.pc.mkBool
@@ -31,7 +30,6 @@ import org.utbot.engine.pc.mkLong
 import org.utbot.engine.pc.mkShort
 import org.utbot.engine.pc.mkString
 import org.utbot.engine.pc.toSort
-import org.utbot.framework.UtSettings.checkNpeForFinalFields
 import org.utbot.framework.UtSettings.checkNpeInNestedMethods
 import org.utbot.framework.UtSettings.checkNpeInNestedNotPrivateMethods
 import org.utbot.framework.plugin.api.FieldId
@@ -384,11 +382,7 @@ fun arrayTypeUpdate(addr: UtAddrExpression, type: ArrayType) =
 fun SootField.shouldBeNotNull(): Boolean {
     require(type is RefLikeType)
 
-    if (hasNotNullAnnotation()) return true
-
-    if (!checkNpeForFinalFields && isFinal) return true
-
-    return false
+    return hasNotNullAnnotation()
 }
 
 /**

diff --git a/utbot-framework/src/main/kotlin/org/utbot/engine/Memory.kt b/utbot-framework/src/main/kotlin/org/utbot/engine/Memory.kt
@@ -137,7 +137,17 @@ data class Memory( // TODO: split purely symbolic memory and information about s
         UtFalse,
         UtArraySort(UtAddrSort, UtBoolSort)
     ),
-    private val instanceFieldReadOperations: PersistentSet<InstanceFieldReadOperation> = persistentHashSetOf()
+    private val instanceFieldReadOperations: PersistentSet<InstanceFieldReadOperation> = persistentHashSetOf(),
+
+    /**
+     * Storage for addresses that we speculatively consider non-nullable (e.g., final fields of system classes).
+     * See [org.utbot.engine.UtBotSymbolicEngine.createFieldOrMock] for usage,
+     * and [docs/SpeculativeFieldNonNullability.md] for details.
+     */
+    private val speculativelyNotNullAddresses: UtArrayExpressionBase = UtConstArrayExpression(
+        UtFalse,
+        UtArraySort(UtAddrSort, UtBoolSort)
+    )
 ) {
     val chunkIds: Set<ChunkId>
         get() = initial.keys
@@ -167,6 +177,11 @@ data class Memory( // TODO: split purely symbolic memory and information about s
      */
     fun isTouched(addr: UtAddrExpression): UtArraySelectExpression = touchedAddresses.select(addr)
 
+    /**
+     * Returns symbolic information about whether [addr] corresponds to a final field known to be not null.
+     */
+    fun isSpeculativelyNotNull(addr: UtAddrExpression): UtArraySelectExpression = speculativelyNotNullAddresses.select(addr)
+
     /**
      * @return ImmutableCollection of the initial values for all the arrays we touched during the execution
      */
@@ -260,6 +275,10 @@ data class Memory( // TODO: split purely symbolic memory and information about s
             acc.store(addr, UtTrue)
         }
 
+        val updSpeculativelyNotNullAddresses = update.speculativelyNotNullAddresses.fold(speculativelyNotNullAddresses) { acc, addr ->
+            acc.store(addr, UtTrue)
+        }
+
         return this.copy(
             initial = updInitial,
             current = updCurrent,
@@ -275,7 +294,8 @@ data class Memory( // TODO: split purely symbolic memory and information about s
             updates = updates + update,
             visitedValues = updVisitedValues,
             touchedAddresses = updTouchedAddresses,
-            instanceFieldReadOperations = instanceFieldReadOperations.addAll(update.instanceFieldReads)
+            instanceFieldReadOperations = instanceFieldReadOperations.addAll(update.instanceFieldReads),
+            speculativelyNotNullAddresses = updSpeculativelyNotNullAddresses
         )
     }
 
@@ -955,7 +975,8 @@ data class MemoryUpdate(
     val visitedValues: PersistentList<UtAddrExpression> = persistentListOf(),
     val touchedAddresses: PersistentList<UtAddrExpression> = persistentListOf(),
     val classIdToClearStatics: ClassId? = null,
-    val instanceFieldReads: PersistentSet<InstanceFieldReadOperation> = persistentHashSetOf()
+    val instanceFieldReads: PersistentSet<InstanceFieldReadOperation> = persistentHashSetOf(),
+    val speculativelyNotNullAddresses: PersistentList<UtAddrExpression> = persistentListOf()
 ) {
     operator fun plus(other: MemoryUpdate) =
         this.copy(
@@ -972,7 +993,8 @@ data class MemoryUpdate(
             visitedValues = visitedValues.addAll(other.visitedValues),
             touchedAddresses = touchedAddresses.addAll(other.touchedAddresses),
             classIdToClearStatics = other.classIdToClearStatics,
-            instanceFieldReads = instanceFieldReads.addAll(other.instanceFieldReads)
+            instanceFieldReads = instanceFieldReads.addAll(other.instanceFieldReads),
+            speculativelyNotNullAddresses = speculativelyNotNullAddresses.addAll(other.speculativelyNotNullAddresses),
         )
 }
 

diff --git a/utbot-framework/src/main/kotlin/org/utbot/engine/Mocks.kt b/utbot-framework/src/main/kotlin/org/utbot/engine/Mocks.kt
@@ -184,9 +184,13 @@ class Mocker(
         if (mockAlways(type)) return true // always mock randoms and loggers
         if (mockInfo is UtFieldMockInfo) {
             val declaringClass = mockInfo.fieldId.declaringClass
+            val sootDeclaringClass = Scene.v().getSootClass(declaringClass.name)
 
-            if (Scene.v().getSootClass(declaringClass.name).isArtificialEntity) {
-                return false // see BaseStreamExample::minExample for an example; cannot load java class for such class
+            if (sootDeclaringClass.isArtificialEntity || sootDeclaringClass.isOverridden) {
+                // Cannot load Java class for artificial classes, see BaseStreamExample::minExample for an example.
+                // Wrapper classes that override system classes ([org.utbot.engine.overrides] package) are also
+                // unavailable to the [UtContext] class loader used by the plugin.
+                return false
             }
 
             return when {

diff --git a/utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt b/utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
@@ -77,6 +77,7 @@ import org.utbot.engine.pc.mkBVConst
 import org.utbot.engine.pc.mkBoolConst
 import org.utbot.engine.pc.mkChar
 import org.utbot.engine.pc.mkEq
+import org.utbot.engine.pc.mkFalse
 import org.utbot.engine.pc.mkFpConst
 import org.utbot.engine.pc.mkInt
 import org.utbot.engine.pc.mkNot
@@ -115,6 +116,7 @@ import org.utbot.engine.util.statics.concrete.makeEnumStaticFieldsUpdates
 import org.utbot.engine.util.statics.concrete.makeSymbolicValuesFromEnumConcreteValues
 import org.utbot.framework.PathSelectorType
 import org.utbot.framework.UtSettings
+import org.utbot.framework.UtSettings.checkNpeForFinalFields
 import org.utbot.framework.UtSettings.checkSolverTimeoutMillis
 import org.utbot.framework.UtSettings.enableFeatureProcess
 import org.utbot.framework.UtSettings.pathSelectorStepsLimit
@@ -2199,8 +2201,15 @@ class UtBotSymbolicEngine(
         val chunkId = hierarchy.chunkIdForField(objectType, field)
         val createdField = createField(objectType, addr, field.type, chunkId, mockInfoGenerator)
 
-        if (field.type is RefLikeType && field.shouldBeNotNull()) {
-            queuedSymbolicStateUpdates += mkNot(mkEq(createdField.addr, nullObjectAddr)).asHardConstraint()
+        if (field.type is RefLikeType) {
+            if (field.shouldBeNotNull()) {
+                queuedSymbolicStateUpdates += mkNot(mkEq(createdField.addr, nullObjectAddr)).asHardConstraint()
+            }
+
+            // See docs/SpeculativeFieldNonNullability.md for details
+            if (field.isFinal && field.declaringClass.isLibraryClass && !checkNpeForFinalFields) {
+                markAsSpeculativelyNotNull(createdField.addr)
+            }
         }
 
         return createdField
@@ -2370,6 +2379,10 @@ class UtBotSymbolicEngine(
         queuedSymbolicStateUpdates += MemoryUpdate(touchedAddresses = persistentListOf(addr))
     }
 
+    private fun markAsSpeculativelyNotNull(addr: UtAddrExpression) {
+        queuedSymbolicStateUpdates += MemoryUpdate(speculativelyNotNullAddresses = persistentListOf(addr))
+    }
+
     /**
      * Add a memory update to reflect that a field was read.
      *
@@ -3290,9 +3303,11 @@ class UtBotSymbolicEngine(
     private fun nullPointerExceptionCheck(addr: UtAddrExpression) {
         val canBeNull = addrEq(addr, nullObjectAddr)
         val canNotBeNull = mkNot(canBeNull)
+        val notMarked = mkEq(memory.isSpeculativelyNotNull(addr), mkFalse())
+        val notMarkedAndNull = mkAnd(notMarked, canBeNull)
 
         if (environment.method.checkForNPE(environment.state.executionStack.size)) {
-            implicitlyThrowException(NullPointerException(), setOf(canBeNull))
+            implicitlyThrowException(NullPointerException(), setOf(notMarkedAndNull))
         }
 
         queuedSymbolicStateUpdates += canNotBeNull.asHardConstraint()

diff --git a/utbot-framework/src/test/kotlin/org/utbot/examples/AbstractTestCaseGeneratorTest.kt b/utbot-framework/src/test/kotlin/org/utbot/examples/AbstractTestCaseGeneratorTest.kt
@@ -88,7 +88,6 @@ abstract class AbstractTestCaseGeneratorTest(
         UtSettings.checkSolverTimeoutMillis = 0
         UtSettings.checkNpeInNestedMethods = true
         UtSettings.checkNpeInNestedNotPrivateMethods = true
-        UtSettings.checkNpeForFinalFields = true
         UtSettings.substituteStaticsWithSymbolicVariable = true
         UtSettings.useAssembleModelGenerator = true
         UtSettings.saveRemainingStatesForConcreteExecution = false

diff --git a/utbot-framework/src/test/kotlin/org/utbot/examples/collections/OptionalsTest.kt b/utbot-framework/src/test/kotlin/org/utbot/examples/collections/OptionalsTest.kt
@@ -482,4 +482,14 @@ class OptionalsTest : AbstractTestCaseGeneratorTest(
             coverage = DoNotCalculate
         )
     }
+
+    @Test
+    fun testOptionalOfPositive() {
+        check(
+            Optionals::optionalOfPositive,
+            eq(2),
+            { value, result -> value > 0 && result != null && result.isPresent && result.get() == value },
+            { value, result -> value <= 0 && result != null && !result.isPresent }
+        )
+    }
 }
diff --git a/utbot-framework/src/test/kotlin/org/utbot/examples/math/OverflowAsErrorTest.kt b/utbot-framework/src/test/kotlin/org/utbot/examples/math/OverflowAsErrorTest.kt
@@ -211,6 +211,7 @@ internal class OverflowAsErrorTest : AbstractTestCaseGeneratorTest(
     }
 
     @Test
+    @Disabled("Flaky branch count mismatch (1 instead of 2)")
     fun testLongMulOverflow() {
         // This test has solver timeout.
         // Reason: softConstraints, containing limits for Int values, hang solver.

diff --git a/utbot-sample/src/main/java/org/utbot/examples/collections/Optionals.java b/utbot-sample/src/main/java/org/utbot/examples/collections/Optionals.java
@@ -314,4 +314,8 @@ public boolean equalOptionalsDouble(OptionalDouble left, OptionalDouble right) {
             return false;
         }
     }
+
+    public Optional<Integer> optionalOfPositive(int value) {
+        return value > 0 ? Optional.of(value) : Optional.empty();
+    }
 }
diff --git a/utbot-summary-tests/src/test/kotlin/examples/SummaryTestCaseGeneratorTest.kt b/utbot-summary-tests/src/test/kotlin/examples/SummaryTestCaseGeneratorTest.kt
@@ -6,7 +6,6 @@ import org.utbot.common.workaround
 import org.utbot.examples.AbstractTestCaseGeneratorTest
 import org.utbot.examples.CoverageMatcher
 import org.utbot.examples.DoNotCalculate
-import org.utbot.framework.UtSettings.checkNpeForFinalFields
 import org.utbot.framework.UtSettings.checkNpeInNestedMethods
 import org.utbot.framework.UtSettings.checkNpeInNestedNotPrivateMethods
 import org.utbot.framework.UtSettings.checkSolverTimeoutMillis
@@ -96,7 +95,6 @@ open class SummaryTestCaseGeneratorTest(
             checkSolverTimeoutMillis = 0
             checkNpeInNestedMethods = true
             checkNpeInNestedNotPrivateMethods = true
-            checkNpeForFinalFields = true
         }
         val utMethod = UtMethod.from(method)
         val testCase = executionsModel(utMethod, mockStrategy)