From 6b5bc34c0738e5df93937bec9de4c677bafb1841 Mon Sep 17 00:00:00 2001
From: jpwang <jpwang@smail.nju.edu.cn>
Date: Mon, 3 Nov 2025 19:28:32 +0800
Subject: [PATCH 1/2] Model `Object.clone()` in PTA for better precision

---
 .../pta/plugin/natives/NativeModeller.java    |  3 +-
 .../pta/plugin/natives/ObjectModel.java       | 48 +++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java

diff --git a/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java b/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
index 13b20248b..7cb7d377f 100644
--- a/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
+++ b/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
@@ -36,6 +36,7 @@ public void setSolver(Solver solver) {
         addPlugin(new ArrayModel.AnalysisModel(solver),
                 new ArrayModel.IRModel(solver),
                 new UnsafeModel(solver),
-                new DoPriviledgedModel(solver));
+                new DoPriviledgedModel(solver),
+                new ObjectModel(solver));
     }
 }
diff --git a/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java b/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java
new file mode 100644
index 000000000..310cc24d5
--- /dev/null
+++ b/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java
@@ -0,0 +1,48 @@
+/*
+ * Tai-e: A Static Analysis Framework for Java
+ *
+ * Copyright (C) 2022 Tian Tan <tiantan@nju.edu.cn>
+ * Copyright (C) 2022 Yue Li <yueli@nju.edu.cn>
+ *
+ * This file is part of Tai-e.
+ *
+ * Tai-e is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation, either version 3
+ * of the License, or (at your option) any later version.
+ *
+ * Tai-e is distributed in the hope that it will be useful,but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
+ * Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with Tai-e. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package pascal.taie.analysis.pta.plugin.natives;
+
+import pascal.taie.analysis.pta.core.solver.Solver;
+import pascal.taie.analysis.pta.plugin.util.IRModelPlugin;
+import pascal.taie.analysis.pta.plugin.util.InvokeHandler;
+import pascal.taie.analysis.pta.plugin.util.InvokeUtils;
+import pascal.taie.ir.exp.Var;
+import pascal.taie.ir.stmt.Copy;
+import pascal.taie.ir.stmt.Invoke;
+import pascal.taie.ir.stmt.Stmt;
+
+import java.util.List;
+
+public class ObjectModel extends IRModelPlugin {
+    ObjectModel(Solver solver) {
+        super(solver);
+    }
+
+    @InvokeHandler(signature = "<java.lang.Object: java.lang.Object clone()>")
+    public List<Stmt> objectClone(Invoke invoke) {
+        Var result = invoke.getResult();
+        return result != null
+                ? List.of(new Copy(result, InvokeUtils.getVar(invoke, InvokeUtils.BASE)))
+                : List.of();
+    }
+}

From 2e3c5414365ace7a37237cd2521e53e7a92758dd Mon Sep 17 00:00:00 2001
From: jpwang <jpwang@smail.nju.edu.cn>
Date: Sun, 7 Dec 2025 13:22:27 +0800
Subject: [PATCH 2/2] Rename `ObjectModel` to `ObjectCloneModel`

---
 .../taie/analysis/pta/plugin/natives/NativeModeller.java      | 2 +-
 .../natives/{ObjectModel.java => ObjectCloneModel.java}       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename src/main/java/pascal/taie/analysis/pta/plugin/natives/{ObjectModel.java => ObjectCloneModel.java} (94%)

diff --git a/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java b/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
index 7cb7d377f..ea4edb64b 100644
--- a/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
+++ b/src/main/java/pascal/taie/analysis/pta/plugin/natives/NativeModeller.java
@@ -37,6 +37,6 @@ public void setSolver(Solver solver) {
                 new ArrayModel.IRModel(solver),
                 new UnsafeModel(solver),
                 new DoPriviledgedModel(solver),
-                new ObjectModel(solver));
+                new ObjectCloneModel(solver));
     }
 }
diff --git a/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java b/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectCloneModel.java
similarity index 94%
rename from src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java
rename to src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectCloneModel.java
index 310cc24d5..ee22e9088 100644
--- a/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectModel.java
+++ b/src/main/java/pascal/taie/analysis/pta/plugin/natives/ObjectCloneModel.java
@@ -33,8 +33,8 @@
 
 import java.util.List;
 
-public class ObjectModel extends IRModelPlugin {
-    ObjectModel(Solver solver) {
+public class ObjectCloneModel extends IRModelPlugin {
+    ObjectCloneModel(Solver solver) {
         super(solver);
     }