Commit Graph

2065 Commits

Author SHA1 Message Date
Kevin Quick
87d055cfff
Merge pull request #201 from GaloisInc/dgb_1617637498-0
Comment and haddock fixes; make errors generic
2021-04-05 10:43:24 -07:00
Kevin Quick
05f10ed6c9
Update ElfLoader error messages to be more generic. 2021-04-05 08:45:00 -07:00
Kevin Quick
72ddaaf1d8
[symbolic] Fix comment reference in Testing module. 2021-04-05 08:45:00 -07:00
Kevin Quick
b5c5ebcf42
Comment/haddock updates in ElfLoader. 2021-04-05 08:44:59 -07:00
Kevin Quick
3a63547a0f
Haddock spelling fix 2021-04-05 08:44:59 -07:00
Kevin Quick
e09c40cb1c
Merge pull request #199 from GaloisInc/crucible-mkmemvar
Match recent Crucible
2021-04-04 21:28:07 -07:00
Kevin Quick
0c14c7151b
[symbolic] update doctests for FnBindings newtype wrapper. 2021-04-03 23:16:39 -07:00
Kevin Quick
c9b06090d2
[refinement] add memory variable name for mkMemVar call. 2021-04-03 23:15:28 -07:00
Kevin Quick
1fc277415d
Fix .gitignore update. 2021-04-03 18:16:25 -07:00
Kevin Quick
2df7ce1126
[symbolic] add memory variable name to Crucible mkMemVar call. 2021-04-03 16:12:55 -07:00
Kevin Quick
8fb68d439e
[symbolic] Update for What4 removal of BaseNatType 2021-04-03 16:12:04 -07:00
Kevin Quick
e94a29c28a
Add darcs and darcs boring to gitignore. 2021-04-03 16:11:00 -07:00
Sam Breese
8a0c760886
x86: Add semantics for SHA256 instructions (#196)
* Add semantics for SHA256 instructions

* Use an additional helper function

* Address comments
2021-03-30 18:32:35 -04:00
Joe Hendrix
44a69c8a54
Merge pull request #197 from GaloisInc/jhx/vec
New vector operations; CI updates
2021-03-24 22:00:49 -07:00
Joe Hendrix
fb7dbe7ae7 Update CI to cabal 3.4 2021-03-23 22:45:06 -07:00
Joe Hendrix
9b75887a9d Update CI to use GHC 8.10.4 2021-03-23 22:37:22 -07:00
Joe Hendrix
cfc3c646f3 Add new vector operations to macaw-symbolic 2021-03-23 22:36:25 -07:00
Joe Hendrix
de766c5f31 Update submodule versions 2021-03-23 22:08:21 -07:00
Joe Hendrix
7f32ea5b42 Vector operations; widthEqSym 2021-03-23 21:58:37 -07:00
Joe Hendrix
19f0e9814e Remove unused import 2021-03-23 21:58:15 -07:00
Tristan Ravitch
3f85e01b67
Raise the upper bound on the optparse dependency (#195) 2021-03-20 09:17:54 -07:00
Tristan Ravitch
92bf4c2595
Lift the version bound on the lumberjack dependency (#194) 2021-03-19 18:38:58 -07:00
Andrei Stefanescu
aa7bfc8c22
Remove isValidPtr checks in doPtrSub and doPtrEq. (#193)
The operations are correct even when the pointers are not valid LLVM
pointers.
2021-03-19 13:24:44 -07:00
Sam Breese
bd11e25695
symbolic: Some special-case handling for bitwise operations (#192)
* Handle XOR of pointer and bitvector

* Remove comment
2021-03-03 17:52:17 -05:00
Tristan Ravitch
486a474ad1
Remove the old macaw-arm (#191)
Most of the code was removed long ago, but two test binaries were left over
somehow. Remove them.
2021-03-01 13:30:27 -08:00
Tristan Ravitch
dbb4c83f08
Add a testing framework for macaw-symbolic (#184)
The new test suites cover x86_64, PowerPC, and ARM. They test that the semantics are actually correct (rather than just seeing if symbolic execution produces any result). The `Data.Macaw.Symbolic.Testing` module in macaw-symbolic provides some common utilities for symbolic execution engine setup, while there are tailored test harnesses for each architecture.

The semantics of the test harnesses are documented in each architecture test suite, but they:
1. Discover all of the test binaries (which are generated from the included makefiles)
2. Treat each function whose name begins with `test_` as a test entry point
3. Symbolically executes each test case with fully symbolic register states
4. Extracts the return value after symbolic execution, which is treated as the predicate to an assertion that must be proved
    - If the test case is in the `pass` subdirectory, it is proved and expected to hold
    - If the test case is in the `fail` subdirectory, it is proved and expected to not hold.

Each test harness supports two options for debugging:
- Dumping generated SMT queries
- Dumping generated Macaw IR for inspection

This testing uncovered a bug in the (previously untested) macaw-aarch32-symbolic code. It required a number of submodule updates to:

- Adapt to some what4 changes
- Fix a bug in the LLVM memory model that lets these tests pass
- Adapt to changes to some crucible APIs

This change also modifies the CI configuration to install SMT solvers earlier (which are now needed for all of the symbolic package tests).
2021-03-01 09:21:44 -08:00
robdockins
a58f1e25dd
Update to follow changes in What4. Nat is no longer a base type (#190)
Nat is no longer a what4 base type, so we have to adapt various APIs to accommodate that. The template haskell in macaw-semmc is updated to remove Nat cases. Changes to the `SymFn` type required removing a type parameter.

This commit also adds macaw-refinement to CI (which requires installing SMT solvers); that code had to be updated due to the what4 changes.


Co-authored-by: Tristan Ravitch <tristan@galois.com>
2021-02-19 15:44:56 -08:00
Joe Hendrix
7b27f83640
Merge pull request #189 from GaloisInc/jhx/relax-registeruse
Relax stack read/write matching in registeruse.
2021-01-29 20:08:59 -08:00
Joe Hendrix
8756d2e9d3 Minor layout changes 2021-01-29 12:01:16 -08:00
Joe Hendrix
4abbe8817f Relax constraints on stack read/write for register use. 2021-01-29 12:00:58 -08:00
Tristan Ravitch
196a81ad29
Fix a bug in the AArch32-specific simplifier (#188)
Some important simplifications for classification were failing to fire because
other simplifications fired first, short circuiting the search.  It turns out
that more than one rule may apply at any given step (and it is important to
apply all of the rules that can be applied).  This commit modifies the
simplifier to apply rules until saturation.
2021-01-27 23:55:44 -08:00
Joe Hendrix
aa2cdc44c2
Merge pull request #187 from GaloisInc/jhx/lookuptable
Provide jumptable layout info
2021-01-27 18:34:19 -08:00
Joe Hendrix
6d1e47623d Provide jumptable layout info 2021-01-27 15:27:53 -08:00
Tristan Ravitch
6a0a890b9f
Merge pull request #186 from GaloisInc/tr/pate-arm
aarch32: Change the register context
2021-01-16 21:39:07 -08:00
Tristan Ravitch
52f3efb2c9 aarch32: Change the register context
The previous implementation used all of the registers defined in ASL translator.
It turns out that we don't actually use all of them in macaw; the significant
difference is that the `__memory` pseudo-location is used by asl-translator, but
not macaw (as macaw handles memory through implicit context).  This change
modifies the register assignment to include everything except memory (which
requires an update to the asl-translator submodule).
2021-01-16 17:42:01 -08:00
Daniel Matichuk
cd5dfe8c65
macaw-symbolic: record original block endings when making a CFG slice (#185)
* reify block exit in macaw extension

* add return address to block end classification

* use global variable to retain block endings

* update to mkBlockSliceCFG signature

* add haddocks for MacawBlockEnd

Co-authored-by: Tristan Ravitch <tristan@galois.com>
2021-01-11 16:56:54 -08:00
Sam Breese
d5e4a441cd
x86: Add semantics for aesimc (#177)
* x86: Add semantics for aesimc

* x86: Use safeSymbol rather than userSymbol
2021-01-11 13:24:16 -05:00
Sam Breese
2bd0633ba8
x86: Fix semantics for pinsrw, add semantics for pinsr{b,d,q} (#183)
* x86: Fix semantics for pinsrw, add semantics for pinsr{b,d,q}

* x86: Add comments on exec_pinsrx parameters
2020-12-22 15:44:55 -05:00
Tristan Ravitch
765d2e43cb
ci: Have the CI build and test more things (#181)
- Use an explicit package-level build step for each architecture, which will
build utility binaries and not just the tests/libraries
- Enable builds/tests for the PowerPC backend
- Build macaw-aarch32-symbolic
2020-12-19 17:16:04 -08:00
Tristan Ravitch
a84fa82d90
Export the DwarfExpr constructor (#182)
This enables client code to decode the rest of the DWARF structure (which may
produce errors that we don't want to expose in the macaw-provided API).
2020-12-10 12:55:03 -08:00
Kevin Quick
e6901d7693
Merge pull request #180 from GaloisInc/elfedit_fixes
Updates to PPC tests for new elf-edit API.
2020-12-06 22:44:25 -08:00
Kevin Quick
acd6e180fc
Merge branch 'master' into elfedit_fixes 2020-12-06 14:10:49 -08:00
Kevin Quick
10867f8130
Merge pull request #179 from GaloisInc/refinement_scheduler_bump
Bump upper bound for scheduler in refinement.
2020-12-06 14:07:02 -08:00
Kevin Quick
2ba115324d
Bump upper bound for scheduler in refinement. 2020-12-06 10:54:47 -08:00
Kevin Quick
6cfc78d114
Updates to PPC tests for new elf-edit API. 2020-12-06 10:53:36 -08:00
brianhuffman
7761a6f6e1
Merge pull request #178 from GaloisInc/prettyprinter
Switch from `ansi-wl-pprint` to the `prettyprinter` package.
2020-12-03 13:06:04 -08:00
Brian Huffman
b3af7d63e9 Use OverloadedStrings for the prettyprinter Doc type. 2020-12-02 17:23:47 -08:00
Brian Huffman
1550533d02 Update 8.8.4 freeze file to let it use up-to-date hackage snapshots. 2020-12-02 14:52:25 -08:00
Brian Huffman
2a620d41de Switch from ansi-wl-pprint to the prettyprinter package.
This patch relies on the following submodule updates:
- GaloisInc/what4#77
- GaloisInc/elf-edit#20
- GaloisInc/crucible#586
- GaloisInc/asl-translator#28

This patch updates the following packages:
- macaw-base
- macaw-symbolic
- macaw-x86
- macaw-x86-symbolic
- macaw-aarch32
- macaw-ppc
- macaw-semmc
- macaw-refinement
2020-12-02 11:38:19 -08:00
Sam Breese
2a56e404bd
x86: Special case for sbb with duplicated operand (#176)
This better handles cases like sbb rax, rax, where we know that the result will be -cf regardless of the value in rax.
2020-11-18 04:19:27 -05:00