package com.code_intelligence.jazzer.driver;

import com.code_intelligence.jazzer.agent.AgentInstaller;
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.autofuzz.FuzzTarget;
import com.code_intelligence.jazzer.driver.FuzzTargetFinder;
import com.code_intelligence.jazzer.instrumentor.CoverageRecorder;
import com.code_intelligence.jazzer.runtime.FuzzTargetRunnerNatives;
import com.code_intelligence.jazzer.runtime.JazzerInternal;
import com.code_intelligence.jazzer.utils.UnsafeProvider;
import java.io.IOException;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import sun.misc.Unsafe;

/* loaded from: input_file:com/code_intelligence/jazzer/driver/FuzzTargetRunner.class */
public final class FuzzTargetRunner {
    private static final String OPENTEST4J_TEST_ABORTED_EXCEPTION = "org.opentest4j.TestAbortedException";
    private static final Unsafe UNSAFE;
    private static final long BYTE_ARRAY_OFFSET;
    private static final int LIBFUZZER_ERROR_EXIT_CODE = 77;
    private static final int LIBFUZZER_CONTINUE = 0;
    private static final int LIBFUZZER_RETURN_FROM_DRIVER = -2;
    private static final Set<Long> ignoredTokens;
    private static final FuzzedDataProviderImpl fuzzedDataProvider;
    private static final Class<?> fuzzTargetClass;
    private static final MethodHandle fuzzTargetMethod;
    private static final boolean useFuzzedDataProvider;
    private static final Object fuzzTargetInstance;
    private static final Method fuzzerTearDown;
    private static final ReproducerTemplate reproducerTemplate;
    private static Predicate<Throwable> findingHandler;
    static final /* synthetic */ boolean $assertionsDisabled;

    static int runOne(byte[] bArr) {
        long allocateMemory = UNSAFE.allocateMemory(bArr.length);
        UNSAFE.copyMemory(bArr, BYTE_ARRAY_OFFSET, (Object) null, allocateMemory, bArr.length);
        try {
            int runOne = runOne(allocateMemory, bArr.length);
            UNSAFE.freeMemory(allocateMemory);
            return runOne;
        } catch (Throwable th) {
            UNSAFE.freeMemory(allocateMemory);
            throw th;
        }
    }

    private static int runOne(long j, int i) {
        byte[] copyToArray;
        Object obj;
        Throwable th = null;
        if (useFuzzedDataProvider) {
            fuzzedDataProvider.setNativeData(j, i);
            copyToArray = null;
            obj = fuzzedDataProvider;
        } else {
            copyToArray = copyToArray(j, i);
            obj = copyToArray;
        }
        try {
            if (fuzzTargetInstance == null) {
                (void) fuzzTargetMethod.invoke(obj);
            } else {
                (void) fuzzTargetMethod.invoke(fuzzTargetInstance, obj);
            }
        } catch (Throwable th2) {
            th = th2;
        }
        if (Opt.mergeInner) {
            return 0;
        }
        if (JazzerInternal.lastFinding != null) {
            th = JazzerInternal.lastFinding;
            JazzerInternal.lastFinding = null;
        }
        if (th == null || th.getClass().getName().equals(OPENTEST4J_TEST_ABORTED_EXCEPTION)) {
            return 0;
        }
        if (Opt.hooks) {
            th = ExceptionUtils.preprocessThrowable(th);
        }
        long computeDedupToken = Opt.dedup ? ExceptionUtils.computeDedupToken(th) : 0L;
        if (Opt.dedup && !ignoredTokens.add(Long.valueOf(computeDedupToken))) {
            return 0;
        }
        if (findingHandler != null) {
            printCrashingInput();
            if (findingHandler.test(th)) {
                return 0;
            }
            return LIBFUZZER_RETURN_FROM_DRIVER;
        }
        temporarilyDisableLibfuzzerExitHook();
        System.err.println();
        System.err.print("== Java Exception: ");
        th.printStackTrace(System.err);
        if (Opt.dedup) {
            System.out.printf(Locale.ROOT, "DEDUP_TOKEN: %016x%n", Long.valueOf(computeDedupToken));
        }
        System.err.println("== libFuzzer crashing input ==");
        printCrashingInput();
        if (fuzzTargetInstance == null) {
            dumpReproducer(copyToArray);
        }
        if (Opt.dedup && Long.compareUnsigned(ignoredTokens.size(), Opt.keepGoing) < 0) {
            return 0;
        }
        if (!Opt.autofuzz.isEmpty() && Opt.dedup) {
            System.err.printf("%nNote: To continue fuzzing past this particular finding, rerun with the following additional argument:%n%n    --ignore=%s%n%nTo ignore all findings of this kind, rerun with the following additional argument:%n%n    --autofuzz_ignore=%s%n", ignoredTokens.stream().map(l -> {
                return Long.toUnsignedString(l.longValue(), 16);
            }).collect(Collectors.joining(",")), Stream.concat(Opt.autofuzzIgnore.stream(), Stream.of(th.getClass().getName())).collect(Collectors.joining(",")));
        }
        System.exit(77);
        throw new IllegalStateException("Not reached");
    }

    public static int startLibFuzzer(List<String> list) {
        SignalHandler.initialize();
        return startLibFuzzer((byte[][]) list.stream().map(str -> {
            return str.getBytes(StandardCharsets.UTF_8);
        }).toArray(i -> {
            return new byte[i];
        }));
    }

    public static void registerFindingHandler(Predicate<Throwable> predicate) {
        findingHandler = predicate;
    }

    private static void shutdown() {
        if (!Opt.coverageDump.isEmpty() || !Opt.coverageReport.isEmpty()) {
            if (!Opt.coverageDump.isEmpty()) {
                CoverageRecorder.dumpJacocoCoverage(Opt.coverageDump);
            }
            if (!Opt.coverageReport.isEmpty()) {
                CoverageRecorder.dumpCoverageReport(Opt.coverageReport);
            }
        }
        if (fuzzerTearDown == null) {
            return;
        }
        System.err.println("calling fuzzerTearDown function");
        try {
            fuzzerTearDown.invoke(null, new Object[0]);
        } catch (InvocationTargetException e) {
            System.err.print("== Java Exception in fuzzerTearDown: ");
            e.getCause().printStackTrace(System.err);
            System.exit(77);
        } catch (Throwable th) {
            th.printStackTrace(System.err);
            System.exit(1);
        }
    }

    private static void dumpReproducer(byte[] bArr) {
        String encodeToString;
        if (bArr == null) {
            if (!$assertionsDisabled && !useFuzzedDataProvider) {
                throw new AssertionError();
            }
            fuzzedDataProvider.reset();
            bArr = fuzzedDataProvider.consumeRemainingAsBytes();
        }
        try {
            String hexString = toHexString(MessageDigest.getInstance("SHA-1").digest(bArr));
            if (!Opt.autofuzz.isEmpty()) {
                fuzzedDataProvider.reset();
                FuzzTarget.dumpReproducer(fuzzedDataProvider, Opt.reproducerPath, hexString);
                return;
            }
            if (useFuzzedDataProvider) {
                fuzzedDataProvider.reset();
                FuzzedDataProvider makeFuzzedDataProviderProxy = RecordingFuzzedDataProvider.makeFuzzedDataProviderProxy(fuzzedDataProvider);
                try {
                    (void) fuzzTargetMethod.invokeExact(makeFuzzedDataProviderProxy);
                    if (JazzerInternal.lastFinding == null) {
                        System.err.println("Failed to reproduce crash when rerunning with recorder");
                    }
                } catch (Throwable th) {
                }
                try {
                    encodeToString = RecordingFuzzedDataProvider.serializeFuzzedDataProviderProxy(makeFuzzedDataProviderProxy);
                } catch (IOException e) {
                    System.err.print("ERROR: Failed to create reproducer: ");
                    e.printStackTrace(System.err);
                    System.exit(1);
                    throw new IllegalStateException("Not reached");
                }
            } else {
                encodeToString = Base64.getEncoder().encodeToString(bArr);
            }
            reproducerTemplate.dumpReproducer(encodeToString, hexString);
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException("SHA-1 not available", e2);
        }
    }

    private static String toHexString(byte[] bArr) {
        String bigInteger = new BigInteger(1, bArr).toString(16);
        return String.join("", Collections.nCopies((2 * bArr.length) - bigInteger.length(), "0")) + bigInteger;
    }

    private static void dumpAllStackTraces() {
        ExceptionUtils.dumpAllStackTraces();
    }

    private static byte[] copyToArray(long j, int i) {
        byte[] bArr = new byte[i];
        UNSAFE.copyMemory((Object) null, j, bArr, BYTE_ARRAY_OFFSET, i);
        return bArr;
    }

    private static int startLibFuzzer(byte[][] bArr) {
        return FuzzTargetRunnerNatives.startLibFuzzer(bArr, FuzzTargetRunner.class);
    }

    private static void printCrashingInput() {
        FuzzTargetRunnerNatives.printCrashingInput();
    }

    private static void temporarilyDisableLibfuzzerExitHook() {
        FuzzTargetRunnerNatives.temporarilyDisableLibfuzzerExitHook();
    }

    static {
        $assertionsDisabled = !FuzzTargetRunner.class.desiredAssertionStatus();
        AgentInstaller.install(Opt.hooks);
        UNSAFE = UnsafeProvider.getUnsafe();
        BYTE_ARRAY_OFFSET = UNSAFE.arrayBaseOffset(byte[].class);
        ignoredTokens = new HashSet(Opt.ignore);
        fuzzedDataProvider = FuzzedDataProviderImpl.withNativeData();
        String findFuzzTargetClassName = FuzzTargetFinder.findFuzzTargetClassName();
        if (findFuzzTargetClassName == null) {
            System.err.println("Missing argument --target_class=<fuzz_target_class>");
            System.exit(1);
            throw new IllegalStateException("Not reached");
        }
        try {
            FuzzTargetRunner.class.getClassLoader().setDefaultAssertionStatus(true);
            fuzzTargetClass = Class.forName(findFuzzTargetClassName, false, FuzzTargetRunner.class.getClassLoader());
            JazzerInternal.onFuzzTargetReady(findFuzzTargetClassName);
            try {
                FuzzTargetFinder.FuzzTarget findFuzzTarget = FuzzTargetFinder.findFuzzTarget(fuzzTargetClass);
                try {
                    fuzzTargetMethod = MethodHandles.lookup().unreflect(findFuzzTarget.method);
                    useFuzzedDataProvider = findFuzzTarget.useFuzzedDataProvider;
                    fuzzerTearDown = findFuzzTarget.tearDown.orElse(null);
                    reproducerTemplate = new ReproducerTemplate(fuzzTargetClass.getName(), useFuzzedDataProvider);
                    try {
                        fuzzTargetInstance = findFuzzTarget.newInstance.call();
                        if (Opt.hooks) {
                            CoverageRecorder.updateCoveredIdsWithCoverageMap();
                        }
                        Runtime.getRuntime().addShutdownHook(new Thread(FuzzTargetRunner::shutdown));
                    } catch (Throwable th) {
                        System.err.print("== Java Exception during initialization: ");
                        th.printStackTrace(System.err);
                        System.exit(1);
                        throw new IllegalStateException("Not reached");
                    }
                } catch (IllegalAccessException e) {
                    throw new IllegalStateException(e);
                }
            } catch (IllegalArgumentException e2) {
                System.err.printf("ERROR: %s%n", e2.getMessage());
                System.exit(1);
                throw new IllegalStateException("Not reached");
            }
        } catch (ClassNotFoundException e3) {
            System.err.printf("ERROR: '%s' not found on classpath:%n%n%s%n%nAll required classes must be on the classpath specified via --cp.%n", findFuzzTargetClassName, System.getProperty("java.class.path"));
            System.exit(1);
            throw new IllegalStateException("Not reached");
        }
    }
}
