Lifting to LLVM IR

.build_number

@@ -1 +1 @@
-1514
+1515

.github/workflows/codecov.yml

@@ -59,7 +59,7 @@ jobs:
         run: |
           mkdir ./build
           cd ./build
-          cmake -DGCOV=ON -DZ3_INTERFACE=on -DBITWUZLA_INTERFACE=on ..
+          cmake -DGCOV=ON -DZ3_INTERFACE=on -DBITWUZLA_INTERFACE=on -DLLVM_INTERFACE=ON -DLLVM_INCLUDE_DIRS=$(llvm-config-12 --includedir) -DLLVM_LIBRARIES=$(llvm-config-12 --libfiles) ..
           sudo make -j3 install
       - name: Unittests
         run: |

.github/workflows/llvm.yml

@@ -0,0 +1,57 @@
+name: Tests on Linux with LLVM
+
+on: [push, pull_request, workflow_dispatch]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v2
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Upgrade pip version
+        run: |
+          python -m pip install -U pip
+      - name: Install dependencies
+        run: |
+          sudo apt-get install python-setuptools libboost-dev
+      - name: Install Z3
+        run: |
+          sudo apt-get install libz3-dev
+          python -m pip install z3-solver
+      - name: Install Capstone
+        run: |
+          wget https://github.com/aquynh/capstone/archive/4.0.2.tar.gz
+          tar -xf ./4.0.2.tar.gz
+          cd ./capstone-4.0.2
+          bash ./make.sh
+          sudo make install
+          cd ../
+      - name: Install Unicorn
+        run: |
+          git clone https://github.com/unicorn-engine/unicorn
+          cd ./unicorn
+          git checkout ec4c6365c3c91703b3725540100023f6a03db742 # 1.0.2-rc2
+          UNICORN_ARCHS="x86 arm aarch64" ./make.sh # we use unicorn to only test some semantics
+          sudo make install
+          cd bindings/python
+          python ./setup.py install --user
+          cd ../../../
+      - name: Install LIEF
+        run: |
+          python -m pip install lief
+      - name: Compile Triton
+        run: |
+          mkdir ./build
+          cd ./build
+          cmake -DLLVM_INTERFACE=ON -DLLVM_INCLUDE_DIRS=$(llvm-config-12 --includedir) -DLLVM_LIBRARIES=$(llvm-config-12 --libfiles) ..
+          sudo make -j3 install
+      - name: Unittests
+        run: |
+          make -C build check

CMakeLists.txt

@@ -25,8 +25,9 @@ include(CMakeDependentOption)
 option(ASAN                 "Enable the ASAN linking"                  OFF)
 option(BITWUZLA_INTERFACE   "Use Bitwuzla as SMT solver"               OFF)
 option(BUILD_SHARED_LIBS    "Build a shared library"                   ON)
-option(MSVC_STATIC          "Use statically-linked runtime library"    OFF)
 option(GCOV                 "Enable code coverage"                     OFF)
+option(LLVM_INTERFACE       "Use LLVM for lifting"                     OFF)
+option(MSVC_STATIC          "Use statically-linked runtime library"    OFF)
 option(Z3_INTERFACE         "Use Z3 as SMT solver"                     ON)
 
 # Define cmake dependent options
@@ -109,6 +110,14 @@ if(BITWUZLA_INTERFACE)
     set(TRITON_BITWUZLA_INTERFACE ON)
 endif()
 
+# Find LLVM
+if(LLVM_INTERFACE)
+    message(STATUS "Compiling with LLVM")
+    find_package(LLVM REQUIRED)
+    include_directories(${LLVM_INCLUDE_DIRS})
+    set(TRITON_LLVM_INTERFACE ON)
+endif()
+
 # Find Capstone
 message(STATUS "Compiling with Capstone")
 find_package(CAPSTONE REQUIRED)

CMakeModules/FindLLVM.cmake

@@ -0,0 +1,20 @@
+# - Try to find LLVM
+# Once done, this will define
+#
+#  LLVM_INCLUDE_DIRS - the LLVM include directories
+#  LLVM_LIBRARIES - link these to use LLVM
+
+if(NOT LLVM_INCLUDE_DIRS)
+    set(LLVM_INCLUDE_DIRS "$ENV{LLVM_INCLUDE_DIRS}")
+endif()
+
+if(NOT LLVM_LIBRARIES)
+    set(LLVM_LIBRARIES "$ENV{LLVM_LIBRARIES}")
+endif()
+
+if(NOT LLVM_INCLUDE_DIRS AND NOT LLVM_LIBRARIES)
+    message(FATAL_ERROR "LLVM not found")
+else()
+    message(STATUS "LLVM includes directory defined: ${LLVM_INCLUDE_DIRS}")
+    message(STATUS "LLVM libraries defined: ${LLVM_LIBRARIES}")
+endif()

src/examples/cpp/CMakeLists.txt

@@ -7,37 +7,37 @@ if (NOT BUILD_SHARED_LIBS)
 endif()
 
 add_executable(taint_reg taint_reg.cpp)
-set_property(TARGET taint_reg PROPERTY CXX_STANDARD 11)
+set_property(TARGET taint_reg PROPERTY CXX_STANDARD 14)
 target_link_libraries(taint_reg triton)
 add_test(TaintRegister taint_reg)
 add_dependencies(check taint_reg)
 
 add_executable(info_reg info_reg.cpp)
-set_property(TARGET info_reg PROPERTY CXX_STANDARD 11)
+set_property(TARGET info_reg PROPERTY CXX_STANDARD 14)
 target_link_libraries(info_reg triton)
 add_test(InfoRegister info_reg)
 add_dependencies(check info_reg)
 
 add_executable(ir ir.cpp)
-set_property(TARGET ir PROPERTY CXX_STANDARD 11)
+set_property(TARGET ir PROPERTY CXX_STANDARD 14)
 target_link_libraries(ir triton)
 add_test(IR ir)
 add_dependencies(check ir)
 
 add_executable(simplification simplification.cpp)
-set_property(TARGET simplification PROPERTY CXX_STANDARD 11)
+set_property(TARGET simplification PROPERTY CXX_STANDARD 14)
 target_link_libraries(simplification triton)
 add_test(Simplification simplification)
 add_dependencies(check simplification)
 
 add_executable(constraint constraint.cpp)
-set_property(TARGET constraint PROPERTY CXX_STANDARD 11)
+set_property(TARGET constraint PROPERTY CXX_STANDARD 14)
 target_link_libraries(constraint triton)
 add_test(Constraint constraint)
 add_dependencies(check constraint)
 
 add_executable(ctest_api ctest_api.cpp)
-set_property(TARGET ctest_api PROPERTY CXX_STANDARD 11)
+set_property(TARGET ctest_api PROPERTY CXX_STANDARD 14)
 target_link_libraries(ctest_api triton)
 add_test(TestAPI ctest_api)
 add_dependencies(check ctest_api)

src/examples/python/synthesizing_obfuscated_expressions.py

@@ -31,8 +31,6 @@
 ## python3 ./synthesizing_obfuscated_expressions.py  0.12s user 0.01s system 99% cpu 0.125 total
 ##
 
-from __future__ import print_function
-
 import sys
 import ctypes
 
@@ -56,18 +54,15 @@ def x_xor_92_obfuscated(x):
 
 
 def main():
-    ctx = TritonContext(ARCH.X86_64)
-
-    try:
-        ctx.setSolver(SOLVER.Z3)
-    except:
-        # NOTE The FORALL node is not supported currently in Bitwuzla. Remove
-        #      this check once it is supported.
+    if VERSION.Z3_INTERFACE is False:
+        # NOTE: The FORALL node is not supported currently in Bitwuzla.
         print("This script requires Z3 as the solver engine. Compile Triton with Z3 support and re-run.")
-
         # Return 0 so the test don't fail.
         sys.exit(0)
 
+    ctx = TritonContext(ARCH.X86_64)
+    ctx.setSolver(SOLVER.Z3)
+
     ast = ctx.getAstContext()
 
     ctx.setAstRepresentationMode(AST_REPRESENTATION.PYTHON)

src/libtriton/CMakeLists.txt

@@ -42,6 +42,8 @@ set(LIBTRITON_SOURCE_FILES
     ast/representations/astRepresentation.cpp
     ast/representations/astSmtRepresentation.cpp
     callbacks/callbacks.cpp
+    engines/lifters/liftingToPython.cpp
+    engines/lifters/liftingToSMT.cpp
     engines/solver/solverEngine.cpp
     engines/solver/solverModel.cpp
     engines/symbolic/pathConstraint.cpp
@@ -93,6 +95,10 @@ set(LIBTRITON_HEADER_FILES
     includes/triton/immediate.hpp
     includes/triton/instruction.hpp
     includes/triton/irBuilder.hpp
+    includes/triton/liftingEngine.hpp
+    includes/triton/liftingToLLVM.hpp
+    includes/triton/liftingToPython.hpp
+    includes/triton/liftingToSMT.hpp
     includes/triton/memoryAccess.hpp
     includes/triton/modes.hpp
     includes/triton/modesEnums.hpp
@@ -116,6 +122,7 @@ set(LIBTRITON_HEADER_FILES
     includes/triton/synthesizer.hpp
     includes/triton/taintEngine.hpp
     includes/triton/tritonToBitwuzlaAst.hpp
+    includes/triton/tritonToLLVM.hpp
     includes/triton/tritonToZ3Ast.hpp
     includes/triton/tritonTypes.hpp
     includes/triton/x86.spec
@@ -152,6 +159,15 @@ else()
     set(BITWUZLA_INTERFACE_SOURCE_FILES)
 endif()
 
+if(LLVM_INTERFACE)
+    set(LLVM_INTERFACE_SOURCE_FILES
+        ast/llvm/tritonToLLVM.cpp
+        engines/lifters/liftingToLLVM.cpp
+    )
+else()
+    set(LLVM_INTERFACE_SOURCE_FILES)
+endif()
+
 if(PYTHON_BINDINGS)
     set(LIBTRITON_PYTHON_SOURCE_FILES
         bindings/python/init.cpp
@@ -221,6 +237,7 @@ add_library(triton
     ${LIBTRITON_RESOURCE_FILES}
     ${Z3_INTERFACE_SOURCE_FILES}
     ${BITWUZLA_INTERFACE_SOURCE_FILES}
+    ${LLVM_INTERFACE_SOURCE_FILES}
     ${LIBTRITON_PYTHON_SOURCE_FILES}
     ${LIBTRITON_PYTHON_HEADER_FILES}
 )
@@ -240,14 +257,15 @@ target_link_libraries(triton PUBLIC
     ${PYTHON_LIBRARIES}
     ${Boost_LIBRARIES}
     ${Z3_LIBRARIES}
+    ${LLVM_LIBRARIES}
     ${BITWUZLA_LIBRARIES}
     ${CAPSTONE_LIBRARIES}
     ${LIBTRITON_OTHER_LIBS}
 )
 
 # Workaround to allow building 'namespace linux' (defined by -std=gnu++11)
 if(NOT MSVC AND (CMAKE_CXX_COMPILER_ID MATCHES "Clang" OR CMAKE_CXX_COMPILER_ID STREQUAL "GNU"))
-    target_compile_options(triton PRIVATE -std=c++11)
+    target_compile_options(triton PRIVATE -std=c++14)
 endif()
 
 # Enable static msvc runtime.

src/libtriton/Config.cmake.in

@@ -3,8 +3,9 @@
 include("${CMAKE_CURRENT_LIST_DIR}/tritonTargets.cmake")
 
 set(TRITON_VERSION              @VERSION_MAJOR@.@VERSION_MINOR@)
-set(TRITON_Z3_INTERFACE         @Z3_INTERFACE@)
 set(TRITON_BITWUZLA_INTERFACE   @BITWUZLA_INTERFACE@)
+set(TRITON_LLVM_INTERFACE       @LLVM_INTERFACE@)
+set(TRITON_Z3_INTERFACE         @Z3_INTERFACE@)
 set(TRITON_INCLUDE_DIRS         "@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_INCLUDEDIR@")
 set(TRITON_LIBRARY              "@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@/@CMAKE_SHARED_LIBRARY_PREFIX@triton@CMAKE_SHARED_LIBRARY_SUFFIX@")
 

src/libtriton/api/api.cpp

@@ -284,6 +284,12 @@ namespace triton {
   }
 
 
+  inline void API::checkLifting(void) const {
+    if (!this->lifting)
+      throw triton::exceptions::API("API::checkLifting(): Lifting engine is undefined, you should define an architecture first.");
+  }
+
+
 
   /* Architecture API ============================================================================== */
 
@@ -555,6 +561,10 @@ namespace triton {
     if (this->taint == nullptr)
       throw triton::exceptions::API("API::initEngines(): Not enough memory.");
 
+    this->lifting = new(std::nothrow) triton::engines::lifters::LiftingEngine(this->astCtxt, this->symbolic);
+    if (this->lifting == nullptr)
+      throw triton::exceptions::API("API::initEngines(): Not enough memory.");
+
     this->irBuilder = new(std::nothrow) triton::arch::IrBuilder(&this->arch, this->modes, this->astCtxt, this->symbolic, this->taint);
     if (this->irBuilder == nullptr)
       throw triton::exceptions::API("API::initEngines(): Not enough memory.");
@@ -567,12 +577,14 @@ namespace triton {
   void API::removeEngines(void) {
     if (this->isArchitectureValid()) {
       delete this->irBuilder;
+      delete this->lifting;
       delete this->solver;
       delete this->symbolic;
       delete this->taint;
 
       this->astCtxt   = nullptr;
       this->irBuilder = nullptr;
+      this->lifting   = nullptr;
       this->solver    = nullptr;
       this->symbolic  = nullptr;
       this->taint     = nullptr;
@@ -621,12 +633,12 @@ namespace triton {
 
   /* AST representation API ========================================================================= */
 
-  triton::uint32 API::getAstRepresentationMode(void) const {
+  triton::ast::representations::mode_e API::getAstRepresentationMode(void) const {
     return this->astCtxt->getRepresentationMode();
   }
 
 
-  void API::setAstRepresentationMode(triton::uint32 mode) {
+  void API::setAstRepresentationMode(triton::ast::representations::mode_e mode) {
     this->astCtxt->setRepresentationMode(mode);
   }
 
@@ -1043,12 +1055,6 @@ namespace triton {
   }
 
 
-  std::ostream& API::printSlicedExpressions(std::ostream& stream, const triton::engines::symbolic::SharedSymbolicExpression& expr, bool assert_) {
-    this->checkSymbolic();
-    return this->symbolic->printSlicedExpressions(stream, expr, assert_);
-  }
-
-
   std::vector<triton::engines::symbolic::SharedSymbolicExpression> API::getTaintedSymbolicExpressions(void) const {
     this->checkSymbolic();
     return this->symbolic->getTaintedSymbolicExpressions();
@@ -1363,4 +1369,33 @@ namespace triton {
     return synth.synthesize(node, constant, subexpr, opaque);
   }
 
+
+
+  /* Lifters engine API ================================================================================= */
+
+  std::ostream& API::liftToLLVM(std::ostream& stream, const triton::ast::SharedAbstractNode& node) {
+    this->checkLifting();
+    #ifdef TRITON_LLVM_INTERFACE
+    return this->lifting->liftToLLVM(stream, node);
+    #endif
+    throw triton::exceptions::API("API::liftToLLVM(): Triton not built with LLVM");
+  }
+
+
+  std::ostream& API::liftToLLVM(std::ostream& stream, const triton::engines::symbolic::SharedSymbolicExpression& expr) {
+    return this->liftToLLVM(stream, expr->getAst());
+  }
+
+
+  std::ostream& API::liftToPython(std::ostream& stream, const triton::engines::symbolic::SharedSymbolicExpression& expr) {
+    this->checkLifting();
+    return this->lifting->liftToPython(stream, expr);
+  }
+
+
+  std::ostream& API::liftToSMT(std::ostream& stream, const triton::engines::symbolic::SharedSymbolicExpression& expr, bool assert_) {
+    this->checkLifting();
+    return this->lifting->liftToSMT(stream, expr, assert_);
+  }
+
 }; /* triton namespace */