Existing binary analysis tools suffer from limited generality and reliability, while custom development incurs prohibitively high engineering costs. This paper introduces the first modular machine-code analysis framework deeply integrated with a statically typed functional programming language (Haskell). It enforces architectural invariants at the type level, employs a functional optimization pipeline to improve maintainability, and incorporates an SMT-driven symbolic execution engine to enhance semantic correctness. The framework unifies support for program slicing, dynamic instrumentation, binary rewriting, and formal verification—natively interoperating with LLVM IR, x86 binary lifting, and mixed C/assembly verification. Validated over a decade of industrial deployment, it significantly improves toolchain interoperability, developer productivity, and semantic reliability. It has been successfully applied to security auditing, vulnerability discovery, and trustworthy compiler verification.

When attempting to understand the behavior of an executable, a binary analyst can make use of many different techniques. These include program slicing, dynamic instrumentation, binary-level rewriting, symbolic execution, and formal verification, all of which can uncover insights into how a piece of machine code behaves. As a result, there is no one-size-fits-all binary analysis tool, so a binary analysis researcher will often combine several different tools. Sometimes, a researcher will even need to design new tools to study problems that existing frameworks are not well equipped to handle. Designing such tools from complete scratch is rarely time- or cost-effective, however, given the scale and complexity of modern ISAs. We present Macaw, a modular framework that makes it possible to rapidly build reliable binary analysis tools across a range of use cases. Statically typed functional programming techniques are used pervasively throughout Macaw -- these range from using functional optimization passes to encoding tricky architectural invariants at the type level to statically check correctness properties. The level of assurance that functional programming ideas afford us allow us to iterate rapidly on Macaw while still having confidence that the underlying semantics are correct. Over a decade of development, we have used Macaw to support an industrial research team in building tools for machine code-related tasks. As such, the name 'Macaw' refers not just to the framework, but also a suite of tools that are built on top of it. We describe Macaw in depth and describe the different static and dynamic analyses that it performs, many powered by an SMT-based symbolic execution engine. We put a particular focus on interoperability between machine code and higher-level languages, including binary lifting from x86 to LLVM, as well verifying the correctness of mixed C and assembly code.