Support for fuzzing C++ projects – member functions excluded from func_gadgets.json #43
Description
During the function gadget extraction stage, eliminate_irrelative_ast is invoked in parse_header_ast to filter out unrelated AST nodes. However, CXXMethodDecl is excluded in the current logic, which causes all member functions to be omitted from func_gadgets.json.
// src/execution/ast.rs
pub fn parse_header_ast(header: &Path, deopt: &Deopt) -> eyre::Result<Node> {
let mut ast = Executor::extract_header_ast(header, deopt)?;
let headers = read_all_files_in_dir(&deopt.get_library_build_header_path()?)?;
let _ = eliminate_irrelative_ast(&mut ast, &headers); // 这里使用了你询问的函数
Ok(ast)
}
/// elimitate the irrelative asts that included in this file.
fn eliminate_irrelative_ast<'a>(ast: &'a mut Node, headers: &Vec<PathBuf>) -> &'a Node {
ast.inner.retain_mut(|child| match &child.kind {
Clang::EnumDecl(el) => is_defined_in_headers(&el.loc, headers),
Clang::FunctionDecl(fd) => is_defined_in_headers(&fd.loc, headers),
Clang::RecordDecl(rd) => is_defined_in_headers(&rd.loc, headers),
Clang::CXXRecordDecl(crd) => is_defined_in_headers(&crd.loc, headers),
Clang::TypedefDecl(td) => is_defined_in_headers(&td.loc, headers),
Clang::LinkageSpecDecl(lsd) => {
if is_defined_in_headers(&lsd.loc, headers) {
eliminate_irrelative_ast(child, headers);
return true;
}
false
}
_ => false,
});
ast
}Besides, I didn't find CXXMethodDecl in enum Clang defined in src/ast/mod.rs.
Since member functions are a core trait of C++ programming, excluding them significantly limits PromptFuzz’s applicability to real-world C++ projects. Is it a engineering defect or Is there a specific reason it was excluded?