One Function To Fuzz Them All

This post is part of the Input Coverage > Code Coverage series.

Make a single entry point so tests and fuzzers share behavior.

src/lib.rs:

pub fn process(data: &[u8]) {
    // Call your real logic here.
    let s = std::str::from_utf8(data).unwrap_or("");
    let _ = s.len(); // Replace with actual logic.
}

tests/prop.rs:

use proptest::prelude::*;

proptest! {
    #[test]
    fn no_panic_small(
        data in prop::collection::vec(any::<u8>(), 0..4096)
    ) {
        your_crate::process(&data);
    }
}

fuzz/fuzz_targets/target.rs:

#![no_main]
use libfuzzer_sys::fuzz_target;

fuzz_target!(|data: &[u8]| {
    your_crate::process(data);
});

fuzz-afl/src/main.rs:

fn main() {
    #[cfg(feature = "afl")]
    {
        afl::fuzz!(|data: &[u8]| { your_crate::process(data); });
    }
}

Next: From Crash To Test