Support for fuzzing C++ projects – member functions excluded from func_gadgets.json

[mcc0612mcc0612]

During the function gadget extraction stage, eliminate_irrelative_ast is invoked in parse_header_ast to filter out unrelated AST nodes. However, CXXMethodDecl is excluded in the current logic, which causes all member functions to be omitted from func_gadgets.json.

 // src/execution/ast.rs
 pub fn parse_header_ast(header: &Path, deopt: &Deopt) -> eyre::Result<Node> {
      let mut ast = Executor::extract_header_ast(header, deopt)?;
      let headers = read_all_files_in_dir(&deopt.get_library_build_header_path()?)?;
      let _ = eliminate_irrelative_ast(&mut ast, &headers);  // 这里使用了你询问的函数
      Ok(ast)
  }

/// elimitate the irrelative asts that included in this file.
fn eliminate_irrelative_ast<'a>(ast: &'a mut Node, headers: &Vec<PathBuf>) -> &'a Node {
    ast.inner.retain_mut(|child| match &child.kind {
        Clang::EnumDecl(el) => is_defined_in_headers(&el.loc, headers),
        Clang::FunctionDecl(fd) => is_defined_in_headers(&fd.loc, headers),
        Clang::RecordDecl(rd) => is_defined_in_headers(&rd.loc, headers),
        Clang::CXXRecordDecl(crd) => is_defined_in_headers(&crd.loc, headers),
        Clang::TypedefDecl(td) => is_defined_in_headers(&td.loc, headers),
        Clang::LinkageSpecDecl(lsd) => {
            if is_defined_in_headers(&lsd.loc, headers) {
                eliminate_irrelative_ast(child, headers);
                return true;
            }
            false
        }
        _ => false,
    });
    ast
}

Besides, I didn't find CXXMethodDecl in enum Clang defined in src/ast/mod.rs.

Since member functions are a core trait of C++ programming, excluding them significantly limits PromptFuzz’s applicability to real-world C++ projects. Is it a engineering defect or Is there a specific reason it was excluded?

[Yunlongs]

@mcc0612mcc0612 Thanks for reaching out and raising your questions. PromptFuzz currently only support fuzzing on real-word C libraries. Current version of PromptFuzz only supported limited C++ Features that are necessary to write fuzzing harnesses for wrapping C APIs.

Supporting whole C++ features reuqires a lot of engineer works on PromptFuzz, which involves support these nodes in AST-based analysis and harness synthesis. Multi-language support is a critical feature for further enhancing PromptFuzz. But due to my limited free time, I think I couldn't finish it recently.

If anyone want to participate in or have ideas about the Multi-language feature development, I can provide my help.