Safe Haskell	None
Language	Haskell2010

Analysis.Context

Contents

Orphan instances

Description

The context stores, among others, information obtained during verification, such as CFGs, invariants, etc. (see Context). Module VerificationReportInterface provides functions for obtaining and interfacing with a Context.

Synopsis

data FContext = FContext {
- f_ctxt :: Context
- f_entry :: Int
- f_init :: FInit
}
mk_fcontext :: Context -> Int -> FContext
read_binary :: String -> String -> IO (Maybe Binary)
data CFG = CFG {
- cfg_blocks :: IntMap [Int]
- cfg_edges :: IntMap IntSet
- cfg_addr_to_blockID :: IntMap Int
- cfg_fresh :: Int
- cfg_instrs :: IntMap [Instruction]
}
data JumpTable = JumpTable {
- jtbl_index :: Operand
- jtbl_bound :: Int
- jtbl_target :: Operand
- jtbl_table :: IntMap Word64
}
data Indirection
- = Indirection_JumpTable JumpTable
- | Indirection_Resolved (Set ResolvedJumpTarget)
- | Indirection_Unresolved
type Indirections = IntMap Indirection
data VerificationResult
- = VerificationSuccess
- | VerificationSuccesWithAssumptions
- | VerificationUnresolvedIndirection
- | VerificationError String
- | Unverified
type Predicate = Sstate SValue SPointer
type Invariants = IntMap Predicate
data NodeInfo
- = Normal
- | UnresolvedIndirection
- | Terminal
type Postconditions = Set (NodeInfo, Predicate)
data PointerDomain
- = Domain_Bases (NESet PointerBase)
- | Domain_Sources (NESet BotSrc)
data MemRelation
- = Separate
- | Aliassing
- | Unknown
data FInit = FInit (Set (StatePart, Maybe SValue)) (Map (SStatePart, SStatePart) MemRelation)
data FReturnBehavior
- = Terminating
- | ReturningWith Predicate
- | UnknownRetBehavior
data SStatePart
- = SSP_Reg Register
- | SSP_Mem SPointer Int
data Context_ = Context_ {
- ctxt__config :: !Config
- ctxt__verbose :: !Bool
- ctxt__syms :: !SymbolTable
- ctxt__sections :: !SectionsInfo
- ctxt__relocs :: !(Set Relocation)
- ctxt__dirname :: !String
- ctxt__name :: !String
- ctxt__start :: !Int
- ctxt__entries :: !Graph
- ctxt__cfgs :: !(IntMap CFG)
- ctxt__calls :: !(IntMap FReturnBehavior)
- ctxt__invs :: !(IntMap Invariants)
- ctxt__posts :: !(IntMap Postconditions)
- ctxt__stateparts :: !(IntMap (Set SStatePart))
- ctxt__inds :: !Indirections
- ctxt__finits :: !(IntMap FInit)
- ctxt__vcs :: !(IntMap VCS)
- ctxt__results :: !(IntMap VerificationResult)
- ctxt__recursions :: !(IntMap IntSet)
- ctxt__runningtime :: !Int64
}
data Context = Context {
- ctxt_binary :: !Binary
- ctxt_ioref :: IORef (IntMap Instruction)
- ctxt_ctxt_ :: !Context_
}
ctxt_config :: Context -> Config
ctxt_verbose :: Context -> Bool
ctxt_syms :: Context -> SymbolTable
ctxt_sections :: Context -> SectionsInfo
ctxt_relocs :: Context -> Set Relocation
ctxt_dirname :: Context -> String
ctxt_name :: Context -> String
ctxt_start :: Context -> Int
ctxt_entries :: Context -> Graph
ctxt_cfgs :: Context -> IntMap CFG
ctxt_calls :: Context -> IntMap FReturnBehavior
ctxt_invs :: Context -> IntMap Invariants
ctxt_posts :: Context -> IntMap Postconditions
ctxt_stateparts :: Context -> IntMap (Set SStatePart)
ctxt_inds :: Context -> Indirections
ctxt_finits :: Context -> IntMap FInit
ctxt_vcs :: Context -> IntMap VCS
ctxt_results :: Context -> IntMap VerificationResult
ctxt_recursions :: Context -> IntMap IntSet
ctxt_runningtime :: Context -> Int64
set_ctxt_syms :: SymbolTable -> Context -> Context
set_ctxt_sections :: SectionsInfo -> Context -> Context
set_ctxt_relocs :: Set Relocation -> Context -> Context
set_ctxt_start :: Int -> Context -> Context
set_ctxt_entries :: Graph -> Context -> Context
set_ctxt_calls :: IntMap FReturnBehavior -> Context -> Context
set_ctxt_inds :: Indirections -> Context -> Context
set_ctxt_posts :: IntMap Postconditions -> Context -> Context
set_ctxt_stateparts :: IntMap (Set SStatePart) -> Context -> Context
set_ctxt_vcs :: IntMap VCS -> Context -> Context
set_ctxt_finits :: IntMap FInit -> Context -> Context
set_ctxt_invs :: IntMap Invariants -> Context -> Context
set_ctxt_cfgs :: IntMap CFG -> Context -> Context
set_ctxt_results :: IntMap VerificationResult -> Context -> Context
set_ctxt_recursions :: IntMap IntSet -> Context -> Context
set_ctxt_runningtime :: Int64 -> Context -> Context
init_finit :: FInit
init_context :: Binary -> IORef (IntMap Instruction) -> Config -> Bool -> String -> String -> Context
purge_context :: Context -> Context_
ctxt_symbol_table :: Context -> IntMap Symbol
read_from_ro_datasection :: Context -> Word64 -> Int -> Maybe Word64
read_from_datasection :: Context -> Word64 -> Int -> Maybe Word64
is_roughly_an_address :: Context -> Word64 -> Bool
find_section_for_address :: Context -> Word64 -> Maybe (String, String, Word64, Word64)
find_section_ending_at :: Context -> Word64 -> Maybe (String, String, Word64, Word64)
fetch_instruction :: Context -> Word64 -> IO (Maybe Instruction)
pp_instruction :: Context -> Instruction -> String
is_assertion :: VerificationCondition -> Bool
is_precondition :: VerificationCondition -> Bool
is_func_constraint :: VerificationCondition -> Bool
is_functionpointers :: VerificationCondition -> Bool
count_instructions_with_assertions :: Set VerificationCondition -> Int
ctxt_continue_on_unknown_instruction :: Context -> Bool
ctxt_generate_pdfs :: Context -> Bool
ctxt_verbose_logs :: Context -> Bool
ctxt_store_preconditions_in_L0 :: Context -> Bool
ctxt_store_assertions_in_L0 :: Context -> Bool
ctxt_max_time :: Context -> Int
ctxt_max_num_of_cases :: Context -> Int
ctxt_max_num_of_bases :: Context -> Int
ctxt_max_num_of_sources :: Context -> Int
ctxt_max_jump_table_size :: Context -> Int
ctxt_max_expr_size :: Context -> Int
ctxt_read_L0 :: String -> String -> IO Context
address_has_instruction :: Integral a => Context -> a -> Bool

Documentation

data FContext Source #

The context augmented with information on the current function

Constructors

FContext
Fields f_ctxt :: Context The context f_entry :: Int The entry address of the current function f_init :: FInit The initialization of the current function

Instances

Instances details

Propagator FContext Predicate Source #
Instance details Defined in Instantiation.SymbolicPropagation Methods tau :: FContext -> [Instruction] -> Maybe [Instruction] -> Predicate -> (Predicate, Set VerificationCondition) Source # join :: FContext -> String -> Predicate -> Predicate -> Predicate Source # implies :: FContext -> Predicate -> Predicate -> Bool Source #
SymbolicExecutable FContext SValue SPointer Source #
Instance details Defined in Instantiation.SymbolicPropagation Methods sseparate :: FContext -> String -> SPointer -> RegionSize -> SPointer -> RegionSize -> Bool Source # senclosed :: FContext -> SPointer -> RegionSize -> SPointer -> RegionSize -> Bool Source # salias :: FContext -> SPointer -> RegionSize -> SPointer -> RegionSize -> Bool Source # ssensitive :: FContext -> SPointer -> RegionSize -> SValue -> Bool Source # sread_from_ro_data :: FContext -> SPointer -> RegionSize -> Maybe SValue Source # smk_mem_addresses :: FContext -> String -> SValue -> Set SPointer Source # sjoin_values :: Foldable t => FContext -> String -> t SValue -> SValue Source # swiden_values :: FContext -> String -> SValue -> SValue Source # sjoin_pointers :: FContext -> [SPointer] -> [SPointer] Source # top :: FContext -> String -> SValue Source # ssemantics :: FContext -> String -> SymbolicOperation SValue -> SValue Source # sflg_semantics :: FContext -> SValue -> Instruction -> FlagStatus -> FlagStatus Source # simmediate :: Integral i => FContext -> i -> SValue Source # smk_init_reg_value :: FContext -> Register -> SValue Source # smk_init_mem_value :: FContext -> String -> SPointer -> RegionSize -> SValue Source # scall :: FContext -> Bool -> Instruction -> State (Sstate SValue SPointer, VCS) () Source # sjump :: FContext -> Instruction -> State (Sstate SValue SPointer, VCS) () Source # stry_jump_targets :: FContext -> SValue -> Maybe (Set ResolvedJumpTarget) Source # stry_immediate :: FContext -> SValue -> Maybe Word64 Source # stry_deterministic :: FContext -> SValue -> Maybe SimpleExpr Source # stry_relocation :: FContext -> SPointer -> RegionSize -> Maybe SValue Source # saddress_has_instruction :: FContext -> Word64 -> Bool Source #

mk_fcontext :: Context -> Int -> FContext Source #

read_binary :: String -> String -> IO (Maybe Binary) Source #

Reading a binary given a filename (ELF or MachO)

data CFG Source #

A control flow graph with blocks and edges. A blockID (represented as an Int) is a unique identifier of a basic block. We store basic blocks twice: once as addresses, and once as instructions.

Constructors

CFG
Fields cfg_blocks :: IntMap [Int] A mapping of blockIDs to instruction addresses cfg_edges :: IntMap IntSet A mapping of blockIDs to sets of blocKIDs cfg_addr_to_blockID :: IntMap Int A mapping of instruction addresses to blockIDs cfg_fresh :: Int A fresh blockID cfg_instrs :: IntMap [Instruction] A mapping of blockIDs to lists of disassembled instructions.

Instances

Instances details

Eq CFG Source #
Instance details Defined in Analysis.Context Methods (==) :: CFG -> CFG -> Bool # (/=) :: CFG -> CFG -> Bool #
Show CFG Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> CFG -> ShowS # show :: CFG -> String # showList :: [CFG] -> ShowS #
Generic CFG Source #
Instance details Defined in Analysis.Context Associated Types type Rep CFG :: Type -> Type # Methods from :: CFG -> Rep CFG x # to :: Rep CFG x -> CFG #
Serialize CFG Source #
Instance details Defined in Analysis.Context Methods put :: Putter CFG # get :: Get CFG #
NFData CFG Source #
Instance details Defined in Analysis.Context Methods rnf :: CFG -> () #
type Rep CFG Source #
Instance details Defined in Analysis.Context type Rep CFG = D1 ('MetaData "CFG" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "CFG" 'PrefixI 'True) ((S1 ('MetaSel ('Just "cfg_blocks") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (IntMap [Int])) :: S1 ('MetaSel ('Just "cfg_edges") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (IntMap IntSet))) :: (S1 ('MetaSel ('Just "cfg_addr_to_blockID") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (IntMap Int)) :: (S1 ('MetaSel ('Just "cfg_fresh") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int) :: S1 ('MetaSel ('Just "cfg_instrs") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (IntMap [Instruction]))))))

data JumpTable Source #

A jump table with : index: an operand containing a bounded index at the beginning of execution of the block bound: the bound on idx trgt: the operand containg the jump target at the end of execution of the block tbl: a table from values of idx to resulting jump targets

Constructors

JumpTable
Fields jtbl_index :: Operand jtbl_bound :: Int jtbl_target :: Operand jtbl_table :: IntMap Word64

Instances

Instances details

Eq JumpTable Source #
Instance details Defined in Analysis.Context Methods (==) :: JumpTable -> JumpTable -> Bool # (/=) :: JumpTable -> JumpTable -> Bool #
Show JumpTable Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> JumpTable -> ShowS # show :: JumpTable -> String # showList :: [JumpTable] -> ShowS #
Generic JumpTable Source #
Instance details Defined in Analysis.Context Associated Types type Rep JumpTable :: Type -> Type # Methods from :: JumpTable -> Rep JumpTable x # to :: Rep JumpTable x -> JumpTable #
Serialize JumpTable Source #
Instance details Defined in Analysis.Context Methods put :: Putter JumpTable # get :: Get JumpTable #
NFData JumpTable Source #
Instance details Defined in Analysis.Context Methods rnf :: JumpTable -> () #
type Rep JumpTable Source #
Instance details Defined in Analysis.Context type Rep JumpTable = D1 ('MetaData "JumpTable" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "JumpTable" 'PrefixI 'True) ((S1 ('MetaSel ('Just "jtbl_index") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Operand) :: S1 ('MetaSel ('Just "jtbl_bound") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)) :: (S1 ('MetaSel ('Just "jtbl_target") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Operand) :*: S1 ('MetaSel ('Just "jtbl_table") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (IntMap Word64)))))

data Indirection Source #

An indirection is either a jump table or a set of resolved jump targets

Constructors

Indirection_JumpTable JumpTable
Indirection_Resolved (Set ResolvedJumpTarget)
Indirection_Unresolved

Instances

Instances details

Eq Indirection Source #
Instance details Defined in Analysis.Context Methods (==) :: Indirection -> Indirection -> Bool # (/=) :: Indirection -> Indirection -> Bool #
Show Indirection Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> Indirection -> ShowS # show :: Indirection -> String # showList :: [Indirection] -> ShowS #
Generic Indirection Source #
Instance details Defined in Analysis.Context Associated Types type Rep Indirection :: Type -> Type # Methods from :: Indirection -> Rep Indirection x # to :: Rep Indirection x -> Indirection #
Serialize Indirection Source #
Instance details Defined in Analysis.Context Methods put :: Putter Indirection # get :: Get Indirection #
NFData Indirection Source #
Instance details Defined in Analysis.Context Methods rnf :: Indirection -> () #
type Rep Indirection Source #
Instance details Defined in Analysis.Context type Rep Indirection = D1 ('MetaData "Indirection" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Indirection_JumpTable" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 JumpTable)) :+: (C1 ('MetaCons "Indirection_Resolved" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Set ResolvedJumpTarget))) :+: C1 ('MetaCons "Indirection_Unresolved" 'PrefixI 'False) (U1 :: Type -> Type)))

type Indirections = IntMap Indirection Source #

Per instruction address, a set of possibly resolved jump targets

data VerificationResult Source #

An enumeration indicating the result of verification over a function

Constructors

VerificationSuccess	Function was succesfully verified
VerificationSuccesWithAssumptions	Function was succesfully verified, but required assertions
VerificationUnresolvedIndirection	Function contains an unresolved indirection
VerificationError String	There was some verification error, e.g., return adresss overwrite
Unverified	The function has not been verified.

Instances

Instances details

Eq VerificationResult Source #
Instance details Defined in Analysis.Context Methods (==) :: VerificationResult -> VerificationResult -> Bool # (/=) :: VerificationResult -> VerificationResult -> Bool #
Show VerificationResult Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> VerificationResult -> ShowS # show :: VerificationResult -> String # showList :: [VerificationResult] -> ShowS #
Generic VerificationResult Source #
Instance details Defined in Analysis.Context Associated Types type Rep VerificationResult :: Type -> Type # Methods from :: VerificationResult -> Rep VerificationResult x # to :: Rep VerificationResult x -> VerificationResult #
Serialize VerificationResult Source #
Instance details Defined in Analysis.Context Methods put :: Putter VerificationResult # get :: Get VerificationResult #
NFData VerificationResult Source #
Instance details Defined in Analysis.Context Methods rnf :: VerificationResult -> () #
type Rep VerificationResult Source #
Instance details Defined in Analysis.Context type Rep VerificationResult = D1 ('MetaData "VerificationResult" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) ((C1 ('MetaCons "VerificationSuccess" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "VerificationSuccesWithAssumptions" 'PrefixI 'False) (U1 :: Type -> Type)) :+: (C1 ('MetaCons "VerificationUnresolvedIndirection" 'PrefixI 'False) (U1 :: Type -> Type) :+: (C1 ('MetaCons "VerificationError" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 String)) :+: C1 ('MetaCons "Unverified" 'PrefixI 'False) (U1 :: Type -> Type))))

type Predicate = Sstate SValue SPointer Source #

Predicates: symbolic states

type Invariants = IntMap Predicate Source #

Invariants: a mapping of blockIDs to predicates

data NodeInfo Source #

For each leaf-node in a CFG we store the following info. (TODO MOVE?)

Constructors

Normal	The basic block behaves normally, e.g., a ret
UnresolvedIndirection	The basic block ends in an unresolved indirection
Terminal	The basic blocks ends with, e.g., a call to exit()

Instances

Instances details

Eq NodeInfo Source #
Instance details Defined in Analysis.Context Methods (==) :: NodeInfo -> NodeInfo -> Bool # (/=) :: NodeInfo -> NodeInfo -> Bool #
Ord NodeInfo Source #
Instance details Defined in Analysis.Context Methods compare :: NodeInfo -> NodeInfo -> Ordering # (<) :: NodeInfo -> NodeInfo -> Bool # (<=) :: NodeInfo -> NodeInfo -> Bool # (>) :: NodeInfo -> NodeInfo -> Bool # (>=) :: NodeInfo -> NodeInfo -> Bool # max :: NodeInfo -> NodeInfo -> NodeInfo # min :: NodeInfo -> NodeInfo -> NodeInfo #
Show NodeInfo Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> NodeInfo -> ShowS # show :: NodeInfo -> String # showList :: [NodeInfo] -> ShowS #
Generic NodeInfo Source #
Instance details Defined in Analysis.Context Associated Types type Rep NodeInfo :: Type -> Type # Methods from :: NodeInfo -> Rep NodeInfo x # to :: Rep NodeInfo x -> NodeInfo #
Serialize NodeInfo Source #
Instance details Defined in Analysis.Context Methods put :: Putter NodeInfo # get :: Get NodeInfo #
NFData NodeInfo Source #
Instance details Defined in Analysis.Context Methods rnf :: NodeInfo -> () #
type Rep NodeInfo Source #
Instance details Defined in Analysis.Context type Rep NodeInfo = D1 ('MetaData "NodeInfo" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Normal" 'PrefixI 'False) (U1 :: Type -> Type) :+: (C1 ('MetaCons "UnresolvedIndirection" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "Terminal" 'PrefixI 'False) (U1 :: Type -> Type)))

type Postconditions = Set (NodeInfo, Predicate) Source #

Postconditions: for each final block the NodeInfo and the final predicate after execution of the block

data PointerDomain Source #

An abstract domain for pointers

Constructors

Domain_Bases (NESet PointerBase)
Domain_Sources (NESet BotSrc)

Instances

Instances details

Eq PointerDomain Source #
Instance details Defined in Analysis.Context Methods (==) :: PointerDomain -> PointerDomain -> Bool # (/=) :: PointerDomain -> PointerDomain -> Bool #
Ord PointerDomain Source #
Instance details Defined in Analysis.Context Methods compare :: PointerDomain -> PointerDomain -> Ordering # (<) :: PointerDomain -> PointerDomain -> Bool # (<=) :: PointerDomain -> PointerDomain -> Bool # (>) :: PointerDomain -> PointerDomain -> Bool # (>=) :: PointerDomain -> PointerDomain -> Bool # max :: PointerDomain -> PointerDomain -> PointerDomain # min :: PointerDomain -> PointerDomain -> PointerDomain #
Show PointerDomain Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> PointerDomain -> ShowS # show :: PointerDomain -> String # showList :: [PointerDomain] -> ShowS #
Generic PointerDomain Source #
Instance details Defined in Analysis.Context Associated Types type Rep PointerDomain :: Type -> Type # Methods from :: PointerDomain -> Rep PointerDomain x # to :: Rep PointerDomain x -> PointerDomain #
ToJSON PointerDomain Source #
Instance details Defined in OutputGeneration.JSON Methods toJSON :: PointerDomain -> Value # toEncoding :: PointerDomain -> Encoding # toJSONList :: [PointerDomain] -> Value # toEncodingList :: [PointerDomain] -> Encoding #
Serialize PointerDomain Source #
Instance details Defined in Analysis.Context Methods put :: Putter PointerDomain # get :: Get PointerDomain #
NFData PointerDomain Source #
Instance details Defined in Analysis.Context Methods rnf :: PointerDomain -> () #
type Rep PointerDomain Source #
Instance details Defined in Analysis.Context type Rep PointerDomain = D1 ('MetaData "PointerDomain" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Domain_Bases" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (NESet PointerBase))) :+: C1 ('MetaCons "Domain_Sources" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (NESet BotSrc))))

data MemRelation Source #

A function initialisation consists of a mapping of registers to symbolic pointers TODO

Constructors

Separate
Aliassing
Unknown

Instances

Instances details

Eq MemRelation Source #
Instance details Defined in Analysis.Context Methods (==) :: MemRelation -> MemRelation -> Bool # (/=) :: MemRelation -> MemRelation -> Bool #
Ord MemRelation Source #
Instance details Defined in Analysis.Context Methods compare :: MemRelation -> MemRelation -> Ordering # (<) :: MemRelation -> MemRelation -> Bool # (<=) :: MemRelation -> MemRelation -> Bool # (>) :: MemRelation -> MemRelation -> Bool # (>=) :: MemRelation -> MemRelation -> Bool # max :: MemRelation -> MemRelation -> MemRelation # min :: MemRelation -> MemRelation -> MemRelation #
Show MemRelation Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> MemRelation -> ShowS # show :: MemRelation -> String # showList :: [MemRelation] -> ShowS #
Generic MemRelation Source #
Instance details Defined in Analysis.Context Associated Types type Rep MemRelation :: Type -> Type # Methods from :: MemRelation -> Rep MemRelation x # to :: Rep MemRelation x -> MemRelation #
Serialize MemRelation Source #
Instance details Defined in Analysis.Context Methods put :: Putter MemRelation # get :: Get MemRelation #
NFData MemRelation Source #
Instance details Defined in Analysis.Context Methods rnf :: MemRelation -> () #
type Rep MemRelation Source #
Instance details Defined in Analysis.Context type Rep MemRelation = D1 ('MetaData "MemRelation" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Separate" 'PrefixI 'False) (U1 :: Type -> Type) :+: (C1 ('MetaCons "Aliassing" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "Unknown" 'PrefixI 'False) (U1 :: Type -> Type)))

data FInit Source #

Constructors

FInit (Set (StatePart, Maybe SValue)) (Map (SStatePart, SStatePart) MemRelation)

Instances

Instances details

Eq FInit Source #
Instance details Defined in Analysis.Context Methods (==) :: FInit -> FInit -> Bool # (/=) :: FInit -> FInit -> Bool #
Ord FInit Source #
Instance details Defined in Analysis.Context Methods compare :: FInit -> FInit -> Ordering # (<) :: FInit -> FInit -> Bool # (<=) :: FInit -> FInit -> Bool # (>) :: FInit -> FInit -> Bool # (>=) :: FInit -> FInit -> Bool # max :: FInit -> FInit -> FInit # min :: FInit -> FInit -> FInit #
Show FInit Source #	Show function initialisation
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> FInit -> ShowS # show :: FInit -> String # showList :: [FInit] -> ShowS #
Generic FInit Source #
Instance details Defined in Analysis.Context Associated Types type Rep FInit :: Type -> Type # Methods from :: FInit -> Rep FInit x # to :: Rep FInit x -> FInit #
Serialize FInit Source #
Instance details Defined in Analysis.Context Methods put :: Putter FInit # get :: Get FInit #
NFData FInit Source #
Instance details Defined in Analysis.Context Methods rnf :: FInit -> () #
type Rep FInit Source #
Instance details Defined in Analysis.Context type Rep FInit = D1 ('MetaData "FInit" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "FInit" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Set (StatePart, Maybe SValue))) :*: S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Map (SStatePart, SStatePart) MemRelation))))

data FReturnBehavior Source #

A function call

Constructors

Terminating	The function does never return
ReturningWith Predicate	The function returns withg the symbolic changes stored in the predicate
UnknownRetBehavior	It is unknown whether the function returns or not

Instances

Instances details

Eq FReturnBehavior Source #
Instance details Defined in Analysis.Context Methods (==) :: FReturnBehavior -> FReturnBehavior -> Bool # (/=) :: FReturnBehavior -> FReturnBehavior -> Bool #
Ord FReturnBehavior Source #
Instance details Defined in Analysis.Context Methods compare :: FReturnBehavior -> FReturnBehavior -> Ordering # (<) :: FReturnBehavior -> FReturnBehavior -> Bool # (<=) :: FReturnBehavior -> FReturnBehavior -> Bool # (>) :: FReturnBehavior -> FReturnBehavior -> Bool # (>=) :: FReturnBehavior -> FReturnBehavior -> Bool # max :: FReturnBehavior -> FReturnBehavior -> FReturnBehavior # min :: FReturnBehavior -> FReturnBehavior -> FReturnBehavior #
Show FReturnBehavior Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> FReturnBehavior -> ShowS # show :: FReturnBehavior -> String # showList :: [FReturnBehavior] -> ShowS #
Generic FReturnBehavior Source #
Instance details Defined in Analysis.Context Associated Types type Rep FReturnBehavior :: Type -> Type # Methods from :: FReturnBehavior -> Rep FReturnBehavior x # to :: Rep FReturnBehavior x -> FReturnBehavior #
Serialize FReturnBehavior Source #
Instance details Defined in Analysis.Context Methods put :: Putter FReturnBehavior # get :: Get FReturnBehavior #
NFData FReturnBehavior Source #
Instance details Defined in Analysis.Context Methods rnf :: FReturnBehavior -> () #
type Rep FReturnBehavior Source #
Instance details Defined in Analysis.Context type Rep FReturnBehavior = D1 ('MetaData "FReturnBehavior" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Terminating" 'PrefixI 'False) (U1 :: Type -> Type) :+: (C1 ('MetaCons "ReturningWith" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Predicate)) :+: C1 ('MetaCons "UnknownRetBehavior" 'PrefixI 'False) (U1 :: Type -> Type)))

data SStatePart Source #

A symbolic state part

Constructors

SSP_Reg Register	A register
SSP_Mem SPointer Int

Instances

Instances details

Eq SStatePart Source #
Instance details Defined in Analysis.Context Methods (==) :: SStatePart -> SStatePart -> Bool # (/=) :: SStatePart -> SStatePart -> Bool #
Ord SStatePart Source #
Instance details Defined in Analysis.Context Methods compare :: SStatePart -> SStatePart -> Ordering # (<) :: SStatePart -> SStatePart -> Bool # (<=) :: SStatePart -> SStatePart -> Bool # (>) :: SStatePart -> SStatePart -> Bool # (>=) :: SStatePart -> SStatePart -> Bool # max :: SStatePart -> SStatePart -> SStatePart # min :: SStatePart -> SStatePart -> SStatePart #
Show SStatePart Source #
Instance details Defined in Analysis.Context Methods showsPrec :: Int -> SStatePart -> ShowS # show :: SStatePart -> String # showList :: [SStatePart] -> ShowS #
Generic SStatePart Source #
Instance details Defined in Analysis.Context Associated Types type Rep SStatePart :: Type -> Type # Methods from :: SStatePart -> Rep SStatePart x # to :: Rep SStatePart x -> SStatePart #
Serialize SStatePart Source #
Instance details Defined in Analysis.Context Methods put :: Putter SStatePart # get :: Get SStatePart #
NFData SStatePart Source #
Instance details Defined in Analysis.Context Methods rnf :: SStatePart -> () #
type Rep SStatePart Source #
Instance details Defined in Analysis.Context type Rep SStatePart = D1 ('MetaData "SStatePart" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "SSP_Reg" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Register)) :+: C1 ('MetaCons "SSP_Mem" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 SPointer) :*: S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)))

data Context_ Source #

The context datastructure.

S: Information Statically obtained by reading from the binary

D: Information Dynamically updated during verification

Constructors

Context_

Fields

ctxt__config :: !Config
S: the configuration file in ./config
ctxt__verbose :: !Bool
S: is verbose output requested?
ctxt__syms :: !SymbolTable
S: the symbol table: a mapping of addresses to function names for external functions
ctxt__sections :: !SectionsInfo
S: information on segments/section
ctxt__relocs :: !(Set Relocation)
S: relocation entries
ctxt__dirname :: !String
S: the name of the directory where the .dump, .entry, .sections and .symbols files reside
ctxt__name :: !String
S: the name of the binary
ctxt__start :: !Int
S: the address of the _start symbol
ctxt__entries :: !Graph
D: a graph with an edge (e0,e1) if entry address e0 calls entry address e1, and e0 and e1 have not been verified yet
ctxt__cfgs :: !(IntMap CFG)
D: the currently known control flow graphs per function entry
ctxt__calls :: !(IntMap FReturnBehavior)
D: the currently known and verified entry addresses of functions mapped to return-information
ctxt__invs :: !(IntMap Invariants)
D: the currently known invariants
ctxt__posts :: !(IntMap Postconditions)
D: the currently known postconditions
ctxt__stateparts :: !(IntMap (Set SStatePart))
D: the state parts read from/written to be the function
ctxt__inds :: !Indirections
D: the currently known indirections
ctxt__finits :: !(IntMap FInit)
D: the currently known function initialisations
ctxt__vcs :: !(IntMap VCS)
D: the verification conditions
ctxt__results :: !(IntMap VerificationResult)
D: the verification result
ctxt__recursions :: !(IntMap IntSet)
D: a mapping from function entries to the set of mutually recursive functions entries they occur in
ctxt__runningtime :: !Int64
D: running time of lifting effort

Instances

Instances details

Generic Context_ Source #
Instance details Defined in Analysis.Context Associated Types type Rep Context_ :: Type -> Type # Methods from :: Context_ -> Rep Context_ x # to :: Rep Context_ x -> Context_ #
Serialize Context_ Source #
Instance details Defined in Analysis.Context Methods put :: Putter Context_ # get :: Get Context_ #
NFData Context_ Source #
Instance details Defined in Analysis.Context Methods rnf :: Context_ -> () #
type Rep Context_ Source #
Instance details Defined in Analysis.Context type Rep Context_ = D1 ('MetaData "Context_" "Analysis.Context" "foxdec-0.1.0.0-F8J4QQ8bsQELJyhc4kJb0m" 'False) (C1 ('MetaCons "Context_" 'PrefixI 'True) ((((S1 ('MetaSel ('Just "ctxt__config") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Config) :: S1 ('MetaSel ('Just "ctxt__verbose") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Bool)) :: (S1 ('MetaSel ('Just "ctxt__syms") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 SymbolTable) :: (S1 ('MetaSel ('Just "ctxt__sections") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 SectionsInfo) :: S1 ('MetaSel ('Just "ctxt__relocs") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (Set Relocation))))) :: ((S1 ('MetaSel ('Just "ctxt__dirname") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 String) :: S1 ('MetaSel ('Just "ctxt__name") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 String)) :: (S1 ('MetaSel ('Just "ctxt__start") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Int) :: (S1 ('MetaSel ('Just "ctxt__entries") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Graph) :: S1 ('MetaSel ('Just "ctxt__cfgs") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap CFG)))))) :: (((S1 ('MetaSel ('Just "ctxt__calls") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap FReturnBehavior)) :: S1 ('MetaSel ('Just "ctxt__invs") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap Invariants))) :: (S1 ('MetaSel ('Just "ctxt__posts") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap Postconditions)) :: (S1 ('MetaSel ('Just "ctxt__stateparts") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap (Set SStatePart))) :: S1 ('MetaSel ('Just "ctxt__inds") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Indirections)))) :: ((S1 ('MetaSel ('Just "ctxt__finits") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap FInit)) :: S1 ('MetaSel ('Just "ctxt__vcs") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap VCS))) :: (S1 ('MetaSel ('Just "ctxt__results") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap VerificationResult)) :: (S1 ('MetaSel ('Just "ctxt__recursions") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 (IntMap IntSet)) :*: S1 ('MetaSel ('Just "ctxt__runningtime") 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Int64)))))))

data Context Source #

Constructors

Context
Fields ctxt_binary :: !Binary ctxt_ioref :: IORef (IntMap Instruction) ctxt_ctxt_ :: !Context_

ctxt_config :: Context -> Config Source #

ctxt_verbose :: Context -> Bool Source #

ctxt_syms :: Context -> SymbolTable Source #

ctxt_sections :: Context -> SectionsInfo Source #

ctxt_relocs :: Context -> Set Relocation Source #

ctxt_dirname :: Context -> String Source #

ctxt_name :: Context -> String Source #

ctxt_start :: Context -> Int Source #

ctxt_entries :: Context -> Graph Source #

ctxt_cfgs :: Context -> IntMap CFG Source #

ctxt_calls :: Context -> IntMap FReturnBehavior Source #

ctxt_invs :: Context -> IntMap Invariants Source #

ctxt_posts :: Context -> IntMap Postconditions Source #

ctxt_stateparts :: Context -> IntMap (Set SStatePart) Source #

ctxt_inds :: Context -> Indirections Source #

ctxt_finits :: Context -> IntMap FInit Source #

ctxt_vcs :: Context -> IntMap VCS Source #

ctxt_results :: Context -> IntMap VerificationResult Source #

ctxt_recursions :: Context -> IntMap IntSet Source #

ctxt_runningtime :: Context -> Int64 Source #

set_ctxt_syms :: SymbolTable -> Context -> Context Source #

set_ctxt_sections :: SectionsInfo -> Context -> Context Source #

set_ctxt_relocs :: Set Relocation -> Context -> Context Source #

set_ctxt_start :: Int -> Context -> Context Source #

set_ctxt_entries :: Graph -> Context -> Context Source #

set_ctxt_calls :: IntMap FReturnBehavior -> Context -> Context Source #

set_ctxt_inds :: Indirections -> Context -> Context Source #

set_ctxt_posts :: IntMap Postconditions -> Context -> Context Source #

set_ctxt_stateparts :: IntMap (Set SStatePart) -> Context -> Context Source #

set_ctxt_vcs :: IntMap VCS -> Context -> Context Source #

set_ctxt_finits :: IntMap FInit -> Context -> Context Source #

set_ctxt_invs :: IntMap Invariants -> Context -> Context Source #

set_ctxt_cfgs :: IntMap CFG -> Context -> Context Source #

set_ctxt_results :: IntMap VerificationResult -> Context -> Context Source #

set_ctxt_recursions :: IntMap IntSet -> Context -> Context Source #

set_ctxt_runningtime :: Int64 -> Context -> Context Source #

init_finit :: FInit Source #

intialize an empty context based on the command-line parameters

init_context :: Binary -> IORef (IntMap Instruction) -> Config -> Bool -> String -> String -> Context Source #

purge_context :: Context -> Context_ Source #

purge the context before exporting it (may save a lot of disk space)

ctxt_symbol_table :: Context -> IntMap Symbol Source #

Getting the symbol table

read_from_ro_datasection Source #

Arguments

:: Context	The context
-> Word64	An address
-> Int	Size, i.e., the number of bytes to read
-> Maybe Word64

Reading from a read-only data section.

Reads maximally up to 8 bytes. Returns Nothing if the given address is out-of-range.

read_from_datasection Source #

Arguments

:: Context	The context
-> Word64	An address
-> Int	Size, i.e., the number of bytes to read
-> Maybe Word64

Reading from a writable data section.

Reads maximally up to 8 bytes. Returns Nothing if the given address is out-of-range.

is_roughly_an_address Source #

Arguments

:: Context	The context
-> Word64	An address
-> Bool

Is the immediate roughly in range to be an address?

find_section_for_address Source #

Arguments

:: Context	The context
-> Word64	An address
-> Maybe (String, String, Word64, Word64)

Find a section for an address (see SectionsInfo)

find_section_ending_at Source #

Arguments

:: Context	The context
-> Word64	An address
-> Maybe (String, String, Word64, Word64)

Find a section ending at address (see SectionsInfo)

fetch_instruction Source #

Arguments

:: Context	The context
-> Word64	An address
-> IO (Maybe Instruction)

Fetching an instruction

Returns Nothing if the given address is out-of-range.

pp_instruction Source #

Arguments

:: Context	The context
-> Instruction	An instruction
-> String

Pretty printing an instruction

is_assertion :: VerificationCondition -> Bool Source #

Is the given verification condition an assertion?

is_precondition :: VerificationCondition -> Bool Source #

Is the given verification condition a precondition?

is_func_constraint :: VerificationCondition -> Bool Source #

Is the given verification condition a function constraint?

is_functionpointers :: VerificationCondition -> Bool Source #

Is the given verification condition a function pointer introduction?

count_instructions_with_assertions :: Set VerificationCondition -> Int Source #

Count the number of assertions in the set of verification conditions.

ctxt_continue_on_unknown_instruction :: Context -> Bool Source #

ctxt_generate_pdfs :: Context -> Bool Source #

ctxt_verbose_logs :: Context -> Bool Source #

ctxt_store_preconditions_in_L0 :: Context -> Bool Source #

ctxt_store_assertions_in_L0 :: Context -> Bool Source #

ctxt_max_time :: Context -> Int Source #

ctxt_max_num_of_cases :: Context -> Int Source #

ctxt_max_num_of_bases :: Context -> Int Source #

ctxt_max_num_of_sources :: Context -> Int Source #

ctxt_max_jump_table_size :: Context -> Int Source #

ctxt_max_expr_size :: Context -> Int Source #

ctxt_read_L0 Source #

Arguments

:: String	The directory name
-> String	The file name of the binary
-> IO Context

Read in the .L0 file from a file with the given file name. May produce an error if no L0 can be read from the file. Returns the L0 stored in the .L0 file.

address_has_instruction :: Integral a => Context -> a -> Bool Source #

Returns true iff an instruction can be fetched from the address.

Orphan instances

Show VerificationCondition Source #
Instance details Methods showsPrec :: Int -> VerificationCondition -> ShowS # show :: VerificationCondition -> String # showList :: [VerificationCondition] -> ShowS #
Serialize ResolvedJumpTarget Source #
Instance details Methods put :: Putter ResolvedJumpTarget # get :: Get ResolvedJumpTarget #
Serialize Relocation Source #
Instance details Methods put :: Putter Relocation # get :: Get Relocation #
Serialize SymbolTable Source #
Instance details Methods put :: Putter SymbolTable # get :: Get SymbolTable #
Serialize Symbol Source #
Instance details Methods put :: Putter Symbol # get :: Get Symbol #
Serialize SectionsInfo Source #
Instance details Methods put :: Putter SectionsInfo # get :: Get SectionsInfo #
Serialize VerificationCondition Source #
Instance details Methods put :: Putter VerificationCondition # get :: Get VerificationCondition #
NFData ResolvedJumpTarget Source #
Instance details Methods rnf :: ResolvedJumpTarget -> () #
NFData Relocation Source #
Instance details Methods rnf :: Relocation -> () #
NFData SymbolTable Source #
Instance details Methods rnf :: SymbolTable -> () #
NFData Symbol Source #
Instance details Methods rnf :: Symbol -> () #
NFData SectionsInfo Source #
Instance details Methods rnf :: SectionsInfo -> () #
NFData VerificationCondition Source #
Instance details Methods rnf :: VerificationCondition -> () #