Program Factories

To generate Program instances based on certain criteria rather than programming them manually every time, program factories are introduced. They allow to generate ready-made Program instances with a straight forward interface, requiring only the expected size of the program, and the runtime environment parameters the programs are expected to be run under (variable memory size, string table size, string table item length limit). The generic interface for these factories is governed by a Program Factory Base class, while concrete implementations may offer more (optional) customization options beyond it, steering the generation process towards specific requirements.

In this document, the Program Factory Base as well as the Random Program Factory classes are introduced. The latter generates programs randomly, but in a valid way. More factories may be added in the future on a per-need-basis.

Program Factory Base

This is the base class for all program factories. It dictates a simple interface requiring the size of the expected programs to be generated, and the runtime environment they are expected to be executed under. The central call for all factories is the generate() function, which returns the generated Program instances.

class ProgramFactoryBase

Base class for program factories.

Program factories generate programs based on high level parameters and criteria. A concrete implementation of a factory can have a multitude of parameterization options that define the characteristics of the generated programs.

Subclassed by beast::RandomProgramFactory

Public Functions

~ProgramFactoryBase()

Default virtual destructor.

Ensures vtable consistency.

generate(uint32_t size, uint32_t memory_size, uint32_t string_table_size, uint32_t string_table_item_length) = 0

Generates a program based on the factory’s semantics.

Generates a Program instance that follows the factory’s concrete implementation’s characteristics. The given parameters that define a runtime-parameterization are used to make an educated guess on how to make the generated program executable. For example, only variables may be declared or used whose indices lie within the expected memory size to avoid illogical program traits. The concrete use of these parameters, if any, depends on the respective implementation of the factory though.

Return
The generated Program instance
Parameters
  • size: The maximum size of the program to generate, in bytes
  • memory_size: The memory size the generated program would be executed with
  • string_table_size: The string table size the generated program would be executed with
  • string_table_item_length: The string table item length the generated program would be executed with

Random Program Factory

This concrete implementation of the Program Factory Base interface class generated random programs. These programs make use of the full scope of operators available in the BEAST library. All Program instances generated by this factory adhere to proper OpCodes (no invalid OpCodes are used), and correctly align their parameters, bit-wise and semantically. This means that per operator, all parameters are in the correct position and have reasonable values based on the environment passed to the generate() function:

  • Variables are only declared/used in the range of the passed in variable memory space
  • String table entries are only read/written in the range of the passed in string table size
  • String table entry content is only generated with valid lengths (although still random)

Also, expected parameter ranges are adhered to (operands are distinguished between int32_t, int8_t, and bool accordingly). Program instances generated by this class likely don’t make sense logically, but semantically they are correct. These programs can be used as seed material for random recombination, ensuring that at least the semantic layer is close to what is executable within the BEAST environment.

Future plans for this class include adding an option to exclude specific operators from the generation process.

class RandomProgramFactory : public beast::ProgramFactoryBase

Generates random programs with a valid structure.

This implementation of the abstract ProgramFactoryBase class can be used to generate Program instances that have a random, albeit valid structure. Only valid operators are used in the respective programs, the operators are aligned correctly, and variable indices, string table indices, and string lengths are all within bounds of the passed in runtime environment parameters.

Public Functions

generate(uint32_t size, uint32_t memory_size, uint32_t string_table_size, uint32_t string_table_item_length)

Generates a program consisting of random but valid operators and operands.

The programs generated by this function make use of the full operator set supported by the BEAST library.

Return
A randomly generated, but valid program
Parameters
  • size: The maximum size of the program to generate, in bytes
  • memory_size: The memory size the generated program would be executed with
  • string_table_size: The string table size the generated program would be executed with
  • string_table_item_length: The string table item length the generated program would be executed with