Add structurally aware fuzzing support (grpc#27405)

* Add a dependency on libprotobuf-mutator

* Changes for structured fuzzing

* fuzznificent

* add a config that will build fuzzers

* bazel run --config=fuzzer_asan //path/to:fuzzer fuzzes!

* fixes

* Automated change: Fix sanity tests

* Automated change: Fix sanity tests

* fixes

* fix

* sanitizer fix

* fix directory

* regen stuff

* compile error

* remove fuzzers from cmake build

* Automated change: Fix sanity tests

* review feedback

* remove unnecessary load

* review feedback

* review feedback

Co-authored-by: ctiller <[email protected]>

Author: ctiller

CMakeLists.txt

@@ -519,3 +519,15 @@ def grpc_test_only_deps():
             ],
             build_file = "@com_github_grpc_grpc//third_party:constantly.BUILD",
         )
+
+    if "com_google_libprotobuf_mutator" not in native.existing_rules():
+        http_archive(
+            name = "com_google_libprotobuf_mutator",
+            sha256 = "b847c71723d8ce0b747aa661d7f3a07f1d16c595bf9c0202f30febc2f9a24a06",
+            urls = [
+                "https://github.com/google/libprotobuf-mutator/archive/ffd86a32874e5c08a143019aad1aaf0907294c9f.tar.gz",
+                "https://storage.googleapis.com/grpc-bazel-mirror/github.com/google/libprotobuf-mutator/archive/ffd86a32874e5c08a143019aad1aaf0907294c9f.tar.gz",
+            ],
+            strip_prefix = "libprotobuf-mutator-ffd86a32874e5c08a143019aad1aaf0907294c9f",
+            build_file = "@com_github_grpc_grpc//third_party:libprotobuf_mutator.BUILD",
+        )

bazel/grpc_deps.bzl

@@ -18,6 +18,8 @@ licenses(["notice"])
 
 grpc_package(name = "test/core/promise")
 
+load("//test/core/util:grpc_fuzzer.bzl", "grpc_proto_fuzzer")
+
 grpc_cc_test(
     name = "poll_test",
     srcs = ["poll_test.cc"],
@@ -249,3 +251,16 @@ grpc_cc_test(
         "//test/core/util:grpc_suppressions",
     ],
 )
+
+grpc_proto_fuzzer(
+    name = "promise_fuzzer",
+    srcs = ["promise_fuzzer.cc"],
+    corpus = "promise_fuzzer_corpus",
+    language = "C++",
+    proto = "promise_fuzzer.proto",
+    tags = ["no_windows"],
+    uses_polling = False,
+    deps = [
+        "//test/core/util:grpc_test_util",
+    ],
+)

build_autogenerated.yaml

@@ -0,0 +1,21 @@
+// Copyright 2021 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "src/libfuzzer/libfuzzer_macro.h"
+#include "test/core/promise/promise_fuzzer.pb.h"
+
+bool squelch = true;
+bool leak_check = true;
+
+DEFINE_PROTO_FUZZER(const promise_fuzzer::Msg&) {}

test/core/promise/BUILD

@@ -0,0 +1,20 @@
+// Copyright 2021 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package promise_fuzzer;
+
+message Msg {
+}

test/core/promise/promise_fuzzer.cc

@@ -0,0 +1 @@
+