diff options
Diffstat (limited to '')
-rw-r--r-- | bruiser/README.md | 13 | ||||
-rw-r--r-- | bruiser/wasm/test/linker/file0.c | 20 | ||||
-rw-r--r-- | bruiser/wasm/test/linker/file0.wasm | bin | 0 -> 264 bytes | |||
-rw-r--r-- | bruiser/wasm/test/linker/file0.wast | 71 | ||||
-rw-r--r-- | bruiser/wasm/test/linker/file1.c | 25 | ||||
-rw-r--r-- | bruiser/wasm/test/linker/file1.wasm | bin | 0 -> 209 bytes | |||
-rw-r--r-- | bruiser/wasm/test/linker/file1.wast | 58 | ||||
-rw-r--r-- | extra-tools/llvm-build.sh | 2 | ||||
-rwxr-xr-x | extra-tools/llvm-wasm | 17 |
9 files changed, 198 insertions, 8 deletions
diff --git a/bruiser/README.md b/bruiser/README.md index b1bdc0c..44023e0 100644 --- a/bruiser/README.md +++ b/bruiser/README.md @@ -9,6 +9,10 @@ It will feature non-blind selective mutations. You can ask it to list informatio For working demos you can skip to the end of the README.<br/> +### Building +Running `make` from bruiser's make or `make bruiser` from the main makefile in the root directory of mutator will take care of that given that you already have all the requirements taken care of.<br/> +It is generally a good idea to run `make deepclean` on bruiser's makefile on every pull since I occasionally have to make changes to Lua's sources or makefile.<br/> + ### How does it work? To put it simply, bruiser is an interactive lua interpreter that uses linenoise for shell-like features(history, tab-completion, auto-suggestion). You get the full power of lua plus the bruiser functions whcih are implemented as lua scripts that call back to the cpp code to get things done.<br/> To put this into perspective, think you run `list vars` in bruiser. It gets you the list of vars but that's it. You can't save them to a file or do anything else with them. With the old way of doing things I had to add a command that did that and then you could do it but what if you wanted to do something else? What then? Well you get the idea. That would also mean that bruiser's language would be made up gradually which would result in something ugly and warrant a lot of rewrites.<br/> @@ -24,18 +28,11 @@ The plan is to add both and for the user to be able to pick which one to use whe The current implementation loads all lua libraries which also includes it's `os` library. To give you an idea, `os.execute()` is very similar to `system()` in C. This decision has been made to speed up testing and the dev process.<br/> Also like `mutatord` and `mutatorclient`, bruiser does not need any sudo access.<br/> -### Non-blind Selective mutation? -Bruiser looks at your code, learns your code and then decides how to mutate your code. That's non-blind selective mutation. Now onto a real explanation:<br/> -`m0` generates two sets of reports. One is the rules it checks on code which is for the better part, at the time of writing this very similar to Misra-c. The second report is the ancestry of the node that caused `m0` to tag a node in the first report. The second report is an experimental first attempt at narrowing down the parts of the code that would be better targets for mutation.<br/> -The second point concerns the mutation operators. The classical mutation operators are blind. Let me demonstrate with an example:<br/> -Imagine we have a classical mutation operator that mutates all `+` operators to `-`. This mutation operator is blind. To put it in simple terms, it takes in text and spits out text with no regards to syntax or semantics.<br/> -`bruiser` will not be using classical blind mutation operators.<br/> - ### Useful Lua Scripts The dir named `lua-scripts` houses demos, examples and useful lua scripts for bruiser.<br/> If you happen to write a Lua script for bruiser that you think other people will find useful, then please add it to `lua-scripts` on your fork and make a PR.<br/> -### Exampless +### Examples First you should clone the mutator repo and run `git submodule init` and `git submodule update` to get the third-party repos that enable mutator to run.<br/> To build bruiser you can either run the makefile in bruiser's directory, then run `make` or just run the makefile at mutator's root directory and run `make bruiser`.<br/> After building bruiser, you can run it like any other mutator tool. So for example if you want to run bruiser on its test file run:<br/> diff --git a/bruiser/wasm/test/linker/file0.c b/bruiser/wasm/test/linker/file0.c new file mode 100644 index 0000000..5eb172b --- /dev/null +++ b/bruiser/wasm/test/linker/file0.c @@ -0,0 +1,20 @@ +#include <stdio.h> +#include <inttypes.h> +#include "file1.c" + +#define CODE_SECTION_0_0 "constant_0_0" +#define CODE_SECTION_0_1 "constant_0_1" +#define CODE_SECTION_0_2 "constant_0_2" +#define CODE_SECTION_0_3 "constant_0_3" +#define CODE_SECTION_0_4 "constant_0_4" + +int g_int_0_0 = 0; +int g_int_0_1 = 1; + +int dummy_f_0_0(int n) { + return n*4; +} + +int main (int argc, char** argv) { + return 123; +} diff --git a/bruiser/wasm/test/linker/file0.wasm b/bruiser/wasm/test/linker/file0.wasm Binary files differnew file mode 100644 index 0000000..4d1f04f --- /dev/null +++ b/bruiser/wasm/test/linker/file0.wasm diff --git a/bruiser/wasm/test/linker/file0.wast b/bruiser/wasm/test/linker/file0.wast new file mode 100644 index 0000000..0fd44fe --- /dev/null +++ b/bruiser/wasm/test/linker/file0.wast @@ -0,0 +1,71 @@ +(module + (type $FUNCSIG$ii (func (param i32) (result i32))) + (type $FUNCSIG$iii (func (param i32 i32) (result i32))) + (import "env" "printf" (func $printf (param i32 i32) (result i32))) + (table 0 anyfunc) + (memory $0 1) + (data (i32.const 16) "external symbol\00") + (data (i32.const 32) "\n\00\00\00") + (data (i32.const 36) "\0b\00\00\00") + (data (i32.const 40) "\00\00\00\00") + (data (i32.const 44) "\01\00\00\00") + (export "memory" (memory $0)) + (export "print" (func $print)) + (export "dummy_f_1_0" (func $dummy_f_1_0)) + (export "dymmy_f_1_1" (func $dymmy_f_1_1)) + (export "dummy_f_0_0" (func $dummy_f_0_0)) + (export "main" (func $main)) + (func $print (; 1 ;) + (drop + (call $printf + (i32.const 16) + (i32.const 0) + ) + ) + ) + (func $dummy_f_1_0 (; 2 ;) (param $0 i32) (result i32) + (local $1 i32) + (set_local $1 + (i32.const 1) + ) + (block $label$0 + (loop $label$1 + (br_if $label$0 + (i32.lt_s + (get_local $0) + (i32.const 1) + ) + ) + (set_local $1 + (i32.mul + (get_local $0) + (get_local $1) + ) + ) + (set_local $0 + (i32.add + (get_local $0) + (i32.const -1) + ) + ) + (br $label$1) + ) + ) + (get_local $1) + ) + (func $dymmy_f_1_1 (; 3 ;) (param $0 i32) (result i32) + (i32.shl + (get_local $0) + (i32.const 1) + ) + ) + (func $dummy_f_0_0 (; 4 ;) (param $0 i32) (result i32) + (i32.shl + (get_local $0) + (i32.const 2) + ) + ) + (func $main (; 5 ;) (param $0 i32) (param $1 i32) (result i32) + (i32.const 123) + ) +) diff --git a/bruiser/wasm/test/linker/file1.c b/bruiser/wasm/test/linker/file1.c new file mode 100644 index 0000000..233eaad --- /dev/null +++ b/bruiser/wasm/test/linker/file1.c @@ -0,0 +1,25 @@ +#include <stdio.h> +#include <inttypes.h> +#if 1 +void print(void) { + printf("external symbol"); +} +#endif + +#define CODE_SECTION_1_0 "constant_1_0" +#define CODE_SECTION_1_1 "constant_1_1" +#define CODE_SECTION_1_2 "constant_1_2" +#define CODE_SECTION_1_3 "constant_1_3" +#define CODE_SECTION_1_4 "constant_1_4" + +int g_int_1_0 = 10; +int g_int_1_1 = 11; + +int dummy_f_1_0(int n) { + if (n >= 1) return dummy_f_1_0(n-1) * n; + else return 1; +} + +int dymmy_f_1_1(int n) { + return n*2; +} diff --git a/bruiser/wasm/test/linker/file1.wasm b/bruiser/wasm/test/linker/file1.wasm Binary files differnew file mode 100644 index 0000000..8433b31 --- /dev/null +++ b/bruiser/wasm/test/linker/file1.wasm diff --git a/bruiser/wasm/test/linker/file1.wast b/bruiser/wasm/test/linker/file1.wast new file mode 100644 index 0000000..ec2cad7 --- /dev/null +++ b/bruiser/wasm/test/linker/file1.wast @@ -0,0 +1,58 @@ +(module + (type $FUNCSIG$ii (func (param i32) (result i32))) + (type $FUNCSIG$iii (func (param i32 i32) (result i32))) + (import "env" "printf" (func $printf (param i32 i32) (result i32))) + (table 0 anyfunc) + (memory $0 1) + (data (i32.const 16) "external symbol\00") + (data (i32.const 32) "\n\00\00\00") + (data (i32.const 36) "\0b\00\00\00") + (export "memory" (memory $0)) + (export "print" (func $print)) + (export "dummy_f_1_0" (func $dummy_f_1_0)) + (export "dymmy_f_1_1" (func $dymmy_f_1_1)) + (func $print (; 1 ;) + (drop + (call $printf + (i32.const 16) + (i32.const 0) + ) + ) + ) + (func $dummy_f_1_0 (; 2 ;) (param $0 i32) (result i32) + (local $1 i32) + (set_local $1 + (i32.const 1) + ) + (block $label$0 + (loop $label$1 + (br_if $label$0 + (i32.lt_s + (get_local $0) + (i32.const 1) + ) + ) + (set_local $1 + (i32.mul + (get_local $0) + (get_local $1) + ) + ) + (set_local $0 + (i32.add + (get_local $0) + (i32.const -1) + ) + ) + (br $label$1) + ) + ) + (get_local $1) + ) + (func $dymmy_f_1_1 (; 3 ;) (param $0 i32) (result i32) + (i32.shl + (get_local $0) + (i32.const 1) + ) + ) +) diff --git a/extra-tools/llvm-build.sh b/extra-tools/llvm-build.sh new file mode 100644 index 0000000..9830cb5 --- /dev/null +++ b/extra-tools/llvm-build.sh @@ -0,0 +1,2 @@ +#!/bin/bash +"cmake" -G "Unix Makefiles" ../llvm -DLLVM_ENABLE_RTTI=1 -DCMAKE_BUILD_TYPE=Release -DLLDB_TEST_C_COMPILER=cc -DLLDB_TEST_CXX_COMPILER=g++ -DLLVM_EXPERIMENTAL_TARGETS_TO_BUILD=WebAssembly -DLLVM_ENABLE_ASSERTIONS=1 diff --git a/extra-tools/llvm-wasm b/extra-tools/llvm-wasm new file mode 100755 index 0000000..bf31f7a --- /dev/null +++ b/extra-tools/llvm-wasm @@ -0,0 +1,17 @@ +#!/bin/bash +# needs wabt, binaryen and clang's wasm backend to work. +# https://github.com/WebAssembly/binaryen +# https://github.com/WebAssembly/wabt +# as far as i know, up to clang 6, you need to +# explicitly ask for the wasm backend to be built. +# you can look at llvm-build.sh in this directory for the +# llvm/clang build command i use. + +fullname=$1 +namelength=${#fullname} +offset=$((${#fullname} - 2)) +filename=${fullname:0:$offset} +"clang" -emit-llvm --target=wasm32 -Oz "$1" -c +"llc" -asm-verbose=false -o $filename.s $filename.bc +"s2wasm" $filename.s > $filename.wast +"wast2wasm" $filename.wast -o $filename.wasm |