Is it possible to support Catch2 test framework? #2219

qathy · 2024-10-04T14:12:04Z

qathy
Oct 4, 2024

Working on a project with a bunch of tests built with Catch2 framework, I ran on a link issue which really seems to come from an incompatibility between AFL++ and Catch2.

At least, Catch::Matchers::StdString::StartsWithMatcher produces a large bunch of error messages at link time.

Of course, I may work around temporarily this issue not building the tests, but that's not really practical as I expected to benchmark several fuzzing tools using the same test case.

Any help would be thankfully welcome.

Answered by vanhauser-thc

Apr 23, 2025

If you just instrument tests then you do not need to fuzz with coverage. I understand that instrumenting the whole program will slow the fuzzing down. you could create a CFG and just instrument the functions a test is calling. If that is not an option, sure base your tests as fuzzing harnesses, but you will have to instrument the whole base code (you can skip or just instrument specific extra libraries though)

View full answer

vanhauser-thc · 2024-10-07T08:07:29Z

vanhauser-thc
Oct 7, 2024
Maintainer

I have no clue what Catch2 is. but instrumenting tests does not make sense, or are you trying to create harness functions that are based on Catch2 (whatever that is)?
you give way too less context and erros to help you

3 replies

qathy Apr 22, 2025
Author

Sorry for the time passing by. I was sort of caught by other subjects and had not much time to dedicate to fuzzing.

As I can't imagine how to fuzz the fully fledged binaries (far too big), I focussed on tests (which are mainly intermediate tests - not really at "unit" level nor at "integration" level).
And as most of them are now written using Catch2 test framework (probably quite similar in usage as Google Tests framework), it would be far easier to somewhat "recycle" those tests for fuzzing.
In the past, we also used Boost UnitTest framework. I didn't try yet if Boost UnitTest and AFL++ work well together.

I understand quite well that my original question lacks of context and precise error.
This was just sort of a first contact. May be part of what's following will help with this respect.

I don't really get your point

instrumenting tests does not make sense

As it seems to me absolutely impossible to instrument (and especially to interpret and exploit the results of this instrumentation) for a large scale multi-process client-server software solution, built from millions of lines of C++ code, instrumenting tests does make sens for me.
Each test may be seen as a standalone software, with a reduced and focused scope.
If "test" is inappropriate, may be should I call it a "demo". That's not exactly the same concept.
Our small "demos" are also standalone binaries, doing only a very small part of the overall solution, and written in plain C/C++.
But we currently have fewer of such demos than plain tests, and I guess they cover far fewer features than those covered by tests.
Anyway, analyzing the results of reduced scope binaries would be far more accessible than working on the overall solution.

Of course, I may be wrong regarding this focus/scope notion and the ability for AFL++ to synthesize the results even on a very big application.

vanhauser-thc Apr 23, 2025
Maintainer

If you just instrument tests then you do not need to fuzz with coverage. I understand that instrumenting the whole program will slow the fuzzing down. you could create a CFG and just instrument the functions a test is calling. If that is not an option, sure base your tests as fuzzing harnesses, but you will have to instrument the whole base code (you can skip or just instrument specific extra libraries though)

Answer selected by qathy

qathy Apr 24, 2025
Author

Thank you for this hint.
I did not imagine it would be possible to restrain the instrumentation to a small part of the sources, and anyway use the full solution.
I'm not sure how this could work and behave, but that's an interesting point.
I'll try to follow this track.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Is it possible to support Catch2 test framework? #2219

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment 3 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

Is it possible to support Catch2 test framework? #2219

Uh oh!

qathy Oct 4, 2024

Replies: 1 comment · 3 replies

Uh oh!

vanhauser-thc Oct 7, 2024 Maintainer

Uh oh!

qathy Apr 22, 2025 Author

Uh oh!

vanhauser-thc Apr 23, 2025 Maintainer

Uh oh!

qathy Apr 24, 2025 Author

qathy
Oct 4, 2024

Replies: 1 comment 3 replies

vanhauser-thc
Oct 7, 2024
Maintainer

qathy Apr 22, 2025
Author

vanhauser-thc Apr 23, 2025
Maintainer

qathy Apr 24, 2025
Author