chore: update/extend tests; explicitly set mutation framework usage

Author: oetr

examples/BUILD.bazel

@@ -123,17 +123,22 @@ java_fuzz_target_test(
     target_class = "com.example.ExampleValueProfileFuzzer",
 )
 
-java_fuzz_target_test(
-    name = "MazeFuzzer",
+[java_fuzz_target_test(
+    name = "MazeFuzzer_" + mode,
     srcs = [
         "src/main/java/com/example/MazeFuzzer.java",
     ],
     allowed_findings = ["com.example.MazeFuzzer$$TreasureFoundException"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     target_class = "com.example.MazeFuzzer",
-)
-
-java_fuzz_target_test(
-    name = "ExampleOutOfMemoryFuzzer",
+    verify_crash_reproducer = True if mode == "classic" else False,
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
+
+[java_fuzz_target_test(
+    name = "ExampleOutOfMemoryFuzzer_" + mode,
     timeout = "short",
     srcs = [
         "src/main/java/com/example/ExampleOutOfMemoryFuzzer.java",
@@ -142,23 +147,33 @@ java_fuzz_target_test(
         "com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow",
         "java.lang.OutOfMemoryError",
     ],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     fuzzer_args = ["--jvm_args=-Xmx512m"],
     target_class = "com.example.ExampleOutOfMemoryFuzzer",
-)
-
-java_fuzz_target_test(
-    name = "ExampleStackOverflowFuzzer",
+    verify_crash_reproducer = True if mode == "classic" else False,
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
+
+[java_fuzz_target_test(
+    name = "ExampleStackOverflowFuzzer_" + mode,
     srcs = [
         "src/main/java/com/example/ExampleStackOverflowFuzzer.java",
     ],
     allowed_findings = [
         "com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow",
         "java.lang.StackOverflowError",
     ],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     target_class = "com.example.ExampleStackOverflowFuzzer",
     # Crashes with a segfault before any stack trace printing is reached.
     target_compatible_with = SKIP_ON_MACOS,
-)
+    verify_crash_reproducer = True if mode == "classic" else False,
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 # WARNING: This fuzz target uses a vulnerable version of log4j, which could result in the execution
 # of arbitrary code during fuzzing if executed with an older JDK. Use at your own risk.
@@ -207,27 +222,32 @@ java_fuzz_target_test(
     ],
 )
 
-java_fuzz_target_test(
-    name = "JpegImageParserFuzzer",
+[java_fuzz_target_test(
+    name = "JpegImageParserFuzzer_" + mode,
     size = "enormous",
     srcs = [
         "src/main/java/com/example/JpegImageParserFuzzer.java",
     ],
     allowed_findings = ["java.lang.NegativeArraySizeException"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     fuzzer_args = [
         "-fork=2",
     ],
     tags = ["exclusive-if-local"],
     target_class = "com.example.JpegImageParserFuzzer",
     # The exit codes of the forked libFuzzer processes are not picked up correctly.
     target_compatible_with = SKIP_ON_MACOS,
+    verify_crash_reproducer = True if mode == "classic" else False,
     deps = [
         "@maven//:org_apache_commons_commons_imaging",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
-java_fuzz_target_test(
-    name = "GifImageParserFuzzer",
+[java_fuzz_target_test(
+    name = "GifImageParserFuzzer_" + mode,
     srcs = [
         "src/main/java/com/example/GifImageParserFuzzer.java",
     ],
@@ -236,11 +256,16 @@ java_fuzz_target_test(
         "java.lang.IllegalArgumentException",
         "java.lang.OutOfMemoryError",
     ],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     target_class = "com.example.GifImageParserFuzzer",
+    verify_crash_reproducer = True if mode == "classic" else False,
     deps = [
         "@maven//:org_apache_commons_commons_imaging",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 java_fuzz_target_test(
     name = "TiffImageParserFuzzer",
@@ -355,19 +380,24 @@ java_fuzz_target_test(
     ],
 )
 
-java_fuzz_target_test(
-    name = "JacksonCborFuzzer",
+[java_fuzz_target_test(
+    name = "JacksonCborFuzzer_" + mode,
     srcs = [
         "src/main/java/com/example/JacksonCborFuzzer.java",
     ],
     allowed_findings = ["java.lang.NullPointerException"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     target_class = "com.example.JacksonCborFuzzer",
+    verify_crash_reproducer = True if mode == "classic" else False,
     deps = [
         "@maven//:com_fasterxml_jackson_core_jackson_core",
         "@maven//:com_fasterxml_jackson_core_jackson_databind",
         "@maven//:com_fasterxml_jackson_dataformat_jackson_dataformat_cbor",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 java_fuzz_target_test(
     name = "FastJsonFuzzer",
@@ -499,8 +529,10 @@ java_binary(
         ":ExampleFuzzer_target_deploy.jar",
         ":ExampleValueProfileFuzzer_target_deploy.jar",
         ":FastJsonFuzzer_target_deploy.jar",
-        ":JacksonCborFuzzer_target_deploy.jar",
-        ":JpegImageParserFuzzer_target_deploy.jar",
+        ":JacksonCborFuzzer_classic_target_deploy.jar",
+        ":JacksonCborFuzzer_mutationFramework_target_deploy.jar",
+        ":JpegImageParserFuzzer_classic_target_deploy.jar",
+        ":JpegImageParserFuzzer_mutationFramework_target_deploy.jar",
         ":JsonSanitizerDenylistFuzzer_target_deploy.jar",
     ],
 )

examples/junit/src/test/java/com/example/BUILD.bazel

@@ -49,10 +49,11 @@ java_fuzz_target_test(
     ],
 )
 
-java_fuzz_target_test(
-    name = "ByteFuzzTest",
+[java_fuzz_target_test(
+    name = "ByteFuzzTest_" + mode,
     srcs = ["ByteFuzzTest.java"],
     allowed_findings = ["org.opentest4j.AssertionFailedError"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     fuzzer_args = [
         "-runs=0",
     ],
@@ -67,7 +68,10 @@ java_fuzz_target_test(
         "//src/main/java/com/code_intelligence/jazzer/junit:fuzz_test",
         "@maven//:org_junit_jupiter_junit_jupiter_api",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 java_fuzz_target_test(
     name = "PerExecutionLifecycleFuzzTest",
@@ -94,10 +98,11 @@ java_fuzz_target_test(
     ],
 )
 
-java_fuzz_target_test(
-    name = "PerExecutionLifecycleWithFindingFuzzTest",
+[java_fuzz_target_test(
+    name = "PerExecutionLifecycleWithFindingFuzzTest_" + mode,
     srcs = ["PerExecutionLifecycleWithFindingFuzzTest.java"],
     allowed_findings = ["java.io.IOException"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     expected_warning_or_error = "ERROR: com.example.TestSuccessfulException: Lifecycle methods invoked as expected",
     fuzzer_args = [
         "-runs=3",
@@ -116,7 +121,10 @@ java_fuzz_target_test(
         "@maven//:com_google_truth_truth",
         "@maven//:org_junit_jupiter_junit_jupiter_api",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 java_fuzz_target_test(
     name = "PerTestLifecycleFuzzTest",
@@ -183,13 +191,14 @@ java_fuzz_target_test(
 )
 
 # Verifies that fuzzer command-line arguments are honored for @FuzzTests.
-java_fuzz_target_test(
-    name = "CommandLineFuzzTest",
+[java_fuzz_target_test(
+    name = "CommandLineFuzzTest_" + mode,
     srcs = ["CommandLineFuzzTest.java"],
     allowed_findings = ["java.lang.Error"],
+    env = {"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {},
     fuzzer_args = [
         # Ignore the first two findings.
-        "--ignore=d5e250a5298b81e6,d86371e6d41739ec",
+        "--ignore=d5abe997b6e1c738,c4c41efd6aa94d6c",
     ],
     target_class = "com.example.CommandLineFuzzTest",
     verify_crash_reproducer = False,
@@ -201,7 +210,10 @@ java_fuzz_target_test(
         "//src/main/java/com/code_intelligence/jazzer/junit:fuzz_test",
         "@maven//:org_junit_jupiter_junit_jupiter_api",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 # Verify that Mockito is properly ignored.
 # Using version 5+ could otherwise introduce cyclic instrumentation.
@@ -285,11 +297,11 @@ java_fuzz_target_test(
     ],
 )
 
-java_fuzz_target_test(
-    name = "JavaBinarySeedFuzzTest",
+[java_fuzz_target_test(
+    name = "JavaBinarySeedFuzzTest_" + mode,
     srcs = ["JavaBinarySeedFuzzTest.java"],
     allowed_findings = ["java.lang.Error"],
-    env = {"JAZZER_FUZZ": "1"},
+    env = {"JAZZER_FUZZ": "1"} | ({"JAZZER_MUTATOR_FRAMEWORK": "false"} if mode == "classic" else {}),
     target_class = "com.example.JavaBinarySeedFuzzTest",
     verify_crash_reproducer = False,
     runtime_deps = [
@@ -300,7 +312,10 @@ java_fuzz_target_test(
         "@maven//:org_junit_jupiter_junit_jupiter_api",
         "@maven//:org_junit_jupiter_junit_jupiter_params",
     ],
-)
+) for mode in [
+    "classic",
+    "mutationFramework",
+]]
 
 [
     java_fuzz_target_test(

examples/junit/src/test/java/com/example/ByteFuzzTest.java

@@ -19,10 +19,11 @@
 import static org.junit.jupiter.api.Assertions.fail;
 
 import com.code_intelligence.jazzer.junit.FuzzTest;
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 
 class ByteFuzzTest {
   @FuzzTest
-  void byteFuzz(byte[] data) {
+  void byteFuzz(byte @NotNull [] data) {
     if (data.length < 1) {
       return;
     }

examples/junit/src/test/java/com/example/JavaBinarySeedFuzzTest.java

@@ -22,6 +22,7 @@
 import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 import com.code_intelligence.jazzer.junit.FuzzTest;
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Base64;
@@ -52,7 +53,7 @@ protected Object convert(Object source, Class<?> targetType)
 
   @ValueSource(strings = {"red herring", "tH15_1S-4_53Cr3T.fl4Ga"})
   @FuzzTest
-  void fuzzTheFlag(@ConvertWith(Utf8BytesConverter.class) byte[] bytes)
+  void fuzzTheFlag(@ConvertWith(Utf8BytesConverter.class) byte @NotNull [] bytes)
       throws NoSuchAlgorithmException {
     assumeTrue(bytes.length > 0);
     MessageDigest digest = MessageDigest.getInstance("SHA-256");

examples/junit/src/test/java/com/example/PerExecutionLifecycleWithFindingFuzzTest.java

@@ -20,6 +20,7 @@
 
 import com.code_intelligence.jazzer.junit.FuzzTest;
 import com.code_intelligence.jazzer.junit.Lifecycle;
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
@@ -35,7 +36,7 @@ static void beforeAll() {
   }
 
   @FuzzTest(maxExecutions = RUNS, lifecycle = Lifecycle.PER_EXECUTION)
-  void lifecycleFuzz(byte[] data) throws IOException {
+  void lifecycleFuzz(byte @NotNull [] data) throws IOException {
     addEvent("lifecycleFuzz");
     if (data.length != 0) {
       throw new IOException(

examples/src/main/java/com/example/ExampleOutOfMemoryFuzzer.java

@@ -16,10 +16,12 @@
 
 package com.example;
 
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
+
 public class ExampleOutOfMemoryFuzzer {
   public static long[] leak;
 
-  public static void fuzzerTestOneInput(byte[] input) {
+  public static void fuzzerTestOneInput(byte @NotNull [] input) {
     if (input.length == 0) {
       return;
     }

examples/src/main/java/com/example/GifImageParserFuzzer.java

@@ -16,6 +16,7 @@
 
 package com.example;
 
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 import java.io.IOException;
 import java.util.HashMap;
 import org.apache.commons.imaging.ImageReadException;
@@ -25,7 +26,7 @@
 // Found https://issues.apache.org/jira/browse/IMAGING-277 and
 // https://issues.apache.org/jira/browse/IMAGING-278.
 public class GifImageParserFuzzer {
-  public static void fuzzerTestOneInput(byte[] input) {
+  public static void fuzzerTestOneInput(byte @NotNull [] input) {
     try {
       new GifImageParser().getBufferedImage(new ByteSourceArray(input), new HashMap<>());
     } catch (IOException | ImageReadException ignored) {

examples/src/main/java/com/example/JacksonCborFuzzer.java

@@ -16,6 +16,7 @@
 
 package com.example;
 
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.dataformat.cbor.CBORFactory;
 import java.io.IOException;
@@ -24,7 +25,7 @@
 // https://github.com/FasterXML/jackson-databind/pull/3032 if executed with
 // `--keep_going=3 -seed=2735196724`.
 public class JacksonCborFuzzer {
-  public static void fuzzerTestOneInput(byte[] input) {
+  public static void fuzzerTestOneInput(byte @NotNull [] input) {
     CBORFactory factory = new CBORFactory();
     ObjectMapper mapper = new ObjectMapper(factory);
     mapper.enableDefaultTyping();

examples/src/main/java/com/example/JpegImageParserFuzzer.java

@@ -16,6 +16,7 @@
 
 package com.example;
 
+import com.code_intelligence.jazzer.mutation.annotation.NotNull;
 import java.io.IOException;
 import java.util.HashMap;
 import org.apache.commons.imaging.ImageReadException;
@@ -24,7 +25,7 @@
 
 // Found https://issues.apache.org/jira/browse/IMAGING-275.
 public class JpegImageParserFuzzer {
-  public static void fuzzerTestOneInput(byte[] input) {
+  public static void fuzzerTestOneInput(byte @NotNull [] input) {
     try {
       new JpegImageParser().getBufferedImage(new ByteSourceArray(input), new HashMap<>());
     } catch (IOException | ImageReadException ignored) {