7 files changed, 270 insertions, 0 deletions
diff --git a/driver/testdata/BUILD.bazel b/driver/testdata/BUILD.bazel
new file mode 100644
index 00000000..8dd67e12
--- /dev/null
+++ b/driver/testdata/BUILD.bazel
@@ -0,0 +1,10 @@
+java_binary(
+    name = "fuzz_target_mocks",
+    srcs = glob(["test/*.java"]),
+    create_executable = False,
+    visibility = ["//visibility:public"],
+    deps = [
+        "//agent/src/main/java/com/code_intelligence/jazzer/api",
+        "//agent/src/main/java/com/code_intelligence/jazzer/runtime",
+    ],
+)
diff --git a/driver/testdata/test/FuzzTargetWithCoverage.java b/driver/testdata/test/FuzzTargetWithCoverage.java
new file mode 100644
index 00000000..599b1fa8
--- /dev/null
+++ b/driver/testdata/test/FuzzTargetWithCoverage.java
@@ -0,0 +1,28 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+import com.code_intelligence.jazzer.runtime.CoverageMap;
+
+public class FuzzTargetWithCoverage {
+  public static void fuzzerTestOneInput(byte[] input) {
+    // manually increase the first coverage counter
+    byte counter = CoverageMap.mem.get(0);
+    counter++;
+    if (counter == 0)
+      counter--;
+    CoverageMap.mem.put(0, counter);
+  }
+}
diff --git a/driver/testdata/test/FuzzTargetWithDataProvider.java b/driver/testdata/test/FuzzTargetWithDataProvider.java
new file mode 100644
index 00000000..fc5bc1b0
--- /dev/null
+++ b/driver/testdata/test/FuzzTargetWithDataProvider.java
@@ -0,0 +1,114 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+import com.code_intelligence.jazzer.api.FuzzedDataProvider;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.stream.Collectors;
+
+class FuzzTargetWithDataProvider {
+  public static <T extends Comparable<T>> void assertEqual(T a, T b) {
+    if (a.compareTo(b) != 0) {
+      throw new IllegalArgumentException("Expected: " + a + ", got: " + b);
+    }
+  }
+
+  public strictfp static void fuzzerTestOneInput(FuzzedDataProvider data) {
+    assertEqual(true, data.consumeBoolean());
+
+    assertEqual((byte) 0x7F, data.consumeByte());
+    assertEqual((byte) 0x14, data.consumeByte((byte) 0x12, (byte) 0x22));
+
+    assertEqual(0x12345678, data.consumeInt());
+    assertEqual(-0x12345600, data.consumeInt(-0x12345678, -0x12345600));
+    assertEqual(0x12345679, data.consumeInt(0x12345678, 0x12345679));
+
+    assertEqual(true, Arrays.equals(new byte[] {0x01, 0x02}, data.consumeBytes(2)));
+
+    assertEqual("jazzer", data.consumeString(6));
+    assertEqual("ja\u0000zer", data.consumeString(6));
+    assertEqual("€ß", data.consumeString(2));
+
+    assertEqual("jazzer", data.consumeAsciiString(6));
+    assertEqual("ja\u0000zer", data.consumeAsciiString(6));
+    assertEqual("\u0062\u0002\u002C\u0043\u001F", data.consumeAsciiString(5));
+
+    assertEqual(true,
+        Arrays.equals(new boolean[] {false, false, true, false, true}, data.consumeBooleans(5)));
+    assertEqual(true,
+        Arrays.equals(new long[] {0x0123456789abdcefL, 0xfedcba9876543210L}, data.consumeLongs(2)));
+
+    assertEqual((float) 0.28969181, data.consumeProbabilityFloat());
+    assertEqual(0.086814121166605432, data.consumeProbabilityDouble());
+    assertEqual((float) 0.30104411, data.consumeProbabilityFloat());
+    assertEqual(0.96218831486039413, data.consumeProbabilityDouble());
+
+    assertEqual((float) -2.8546307e+38, data.consumeRegularFloat());
+    assertEqual(8.0940194040236032e+307, data.consumeRegularDouble());
+    assertEqual((float) 271.49084, data.consumeRegularFloat((float) 123.0, (float) 777.0));
+    assertEqual(30.859126145478349, data.consumeRegularDouble(13.37, 31.337));
+
+    assertEqual((float) 0.0, data.consumeFloat());
+    assertEqual((float) -0.0, data.consumeFloat());
+    assertEqual(Float.POSITIVE_INFINITY, data.consumeFloat());
+    assertEqual(Float.NEGATIVE_INFINITY, data.consumeFloat());
+    assertEqual(true, Float.isNaN(data.consumeFloat()));
+    assertEqual(Float.MIN_VALUE, data.consumeFloat());
+    assertEqual(-Float.MIN_VALUE, data.consumeFloat());
+    assertEqual(Float.MIN_NORMAL, data.consumeFloat());
+    assertEqual(-Float.MIN_NORMAL, data.consumeFloat());
+    assertEqual(Float.MAX_VALUE, data.consumeFloat());
+    assertEqual(-Float.MAX_VALUE, data.consumeFloat());
+
+    assertEqual(0.0, data.consumeDouble());
+    assertEqual(-0.0, data.consumeDouble());
+    assertEqual(Double.POSITIVE_INFINITY, data.consumeDouble());
+    assertEqual(Double.NEGATIVE_INFINITY, data.consumeDouble());
+    assertEqual(true, Double.isNaN(data.consumeDouble()));
+    assertEqual(Double.MIN_VALUE, data.consumeDouble());
+    assertEqual(-Double.MIN_VALUE, data.consumeDouble());
+    assertEqual(Double.MIN_NORMAL, data.consumeDouble());
+    assertEqual(-Double.MIN_NORMAL, data.consumeDouble());
+    assertEqual(Double.MAX_VALUE, data.consumeDouble());
+    assertEqual(-Double.MAX_VALUE, data.consumeDouble());
+
+    int[] array = {0, 1, 2, 3, 4};
+    assertEqual(4, data.pickValue(array));
+    assertEqual(2, (int) data.pickValue(Arrays.stream(array).boxed().toArray()));
+    assertEqual(3, data.pickValue(Arrays.stream(array).boxed().collect(Collectors.toList())));
+    assertEqual(2, data.pickValue(Arrays.stream(array).boxed().collect(Collectors.toSet())));
+
+    // Buffer is almost depleted at this point.
+    assertEqual(7, data.remainingBytes());
+    assertEqual(true, Arrays.equals(new long[0], data.consumeLongs(3)));
+    assertEqual(7, data.remainingBytes());
+    assertEqual(true, Arrays.equals(new int[] {0x12345678}, data.consumeInts(3)));
+    assertEqual(3, data.remainingBytes());
+    assertEqual(0x123456L, data.consumeLong());
+
+    // Buffer has been fully consumed at this point
+    assertEqual(0, data.remainingBytes());
+    assertEqual(0, data.consumeInt());
+    assertEqual(0.0, data.consumeDouble());
+    assertEqual(-13.37, data.consumeRegularDouble(-13.37, 31.337));
+    assertEqual(true, Arrays.equals(new byte[0], data.consumeBytes(4)));
+    assertEqual(true, Arrays.equals(new long[0], data.consumeLongs(4)));
+    assertEqual("", data.consumeRemainingAsAsciiString());
+    assertEqual("", data.consumeRemainingAsString());
+    assertEqual("", data.consumeAsciiString(100));
+    assertEqual("", data.consumeString(100));
+  }
+}
diff --git a/driver/testdata/test/FuzzTargetWithInit.java b/driver/testdata/test/FuzzTargetWithInit.java
new file mode 100644
index 00000000..86aed82b
--- /dev/null
+++ b/driver/testdata/test/FuzzTargetWithInit.java
@@ -0,0 +1,30 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+class FuzzTargetWithInit {
+  static String[] crashOnString;
+  public static void fuzzerInitialize(String[] args) {
+    crashOnString = args;
+  }
+  public static void fuzzerTestOneInput(byte[] input) {
+    String inputString = new String(input);
+    for (String crashString : crashOnString) {
+      if (inputString.equals(crashString)) {
+        throw new RuntimeException("triggered the exception");
+      }
+    }
+  }
+}
diff --git a/driver/testdata/test/ModifiedUtf8Encoder.java b/driver/testdata/test/ModifiedUtf8Encoder.java
new file mode 100644
index 00000000..b460c81c
--- /dev/null
+++ b/driver/testdata/test/ModifiedUtf8Encoder.java
@@ -0,0 +1,41 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+import java.nio.charset.Charset;
+import java.util.ArrayList;
+
+final class ModifiedUtf8Encoder {
+  // Encodes a string in the JVM's modified UTF-8 encoding.
+  static public byte[] encode(String value) {
+    // Modified UTF-8 is almost the same as CESU-8, the only difference being that the zero
+    // character is coded on two bytes.
+    byte[] cesuBytes = value.getBytes(Charset.forName("CESU-8"));
+    ArrayList<Byte> modifiedUtf8Bytes = new ArrayList<>();
+    for (byte cesuByte : cesuBytes) {
+      if (cesuByte != 0) {
+        modifiedUtf8Bytes.add(cesuByte);
+      } else {
+        modifiedUtf8Bytes.add((byte) 0xC0);
+        modifiedUtf8Bytes.add((byte) 0x80);
+      }
+    }
+    byte[] out = new byte[modifiedUtf8Bytes.size()];
+    for (int i = 0; i < modifiedUtf8Bytes.size(); i++) {
+      out[i] = modifiedUtf8Bytes.get(i);
+    }
+    return out;
+  }
+}
diff --git a/driver/testdata/test/PropertyPrinter.java b/driver/testdata/test/PropertyPrinter.java
new file mode 100644
index 00000000..97345acd
--- /dev/null
+++ b/driver/testdata/test/PropertyPrinter.java
@@ -0,0 +1,22 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+// Class used for testing
+class PropertyPrinter {
+  public static String printProperty(String property) {
+    return System.getProperty(property);
+  }
+}
diff --git a/driver/testdata/test/SimpleFuzzTarget.java b/driver/testdata/test/SimpleFuzzTarget.java
new file mode 100644
index 00000000..5657e416
--- /dev/null
+++ b/driver/testdata/test/SimpleFuzzTarget.java
@@ -0,0 +1,25 @@
+// Copyright 2021 Code Intelligence GmbH
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test;
+
+class SimpleFuzzTarget {
+  public static void fuzzerTestOneInput(byte[] input) {
+    String inputString = new String(input);
+    System.err.println("got input " + inputString);
+    if (inputString.startsWith("crash")) {
+      throw new RuntimeException("exception triggered in fuzz target");
+    }
+  }
+}