A quick-and-dirty fix is to change createBitPattern(isComputed) into createBitPattern(isComputed, false, false). At least, this fixes the isComputed argument.
The problem is illustrated below.
function createBitPattern() {
var ret = 0;
var i;
for (i =0; i< arguments.length; i++) {
ret = (ret << 1)+(arguments[i]?1:0);
}
return ret;
}
function decodeBitPattern(i, len) {
var ret = new Array(len);
for (var j=0; j<len; j++) {
var val = (i & 1)?true:false;
ret[len - j -1] = val;
i = i >> 1;
}
return ret;
}
var currentImpl = decodeBitPattern(createBitPattern(true), 3);
console.log(currentImpl); // [false, false, true]
var quickAndDirtyFix = decodeBitPattern(createBitPattern(true, false, false), 3);
console.log(quickAndDirtyFix); // [true, false, false]
The
binaryPrehook has three bit-encoded argumentsisComputed,isOpAssign,isSwitchCaseComparison.They are decoded correctly in
analysis.js: https://github.com/Samsung/jalangi2/blob/master/src/js/runtime/analysis.js#L529.They are encoded incorrectly in
esnstrument.js: https://github.com/Samsung/jalangi2/blob/master/src/js/instrument/esnstrument.js#L719A quick-and-dirty fix is to change
createBitPattern(isComputed)intocreateBitPattern(isComputed, false, false). At least, this fixes theisComputedargument.The problem is illustrated below.