I checked the memory safety in the project BLST-Verification by running the command saw BLST-Verification/proof/x86/memory_safety.saw with SAW v1.0 and received the following error:

[03:29:00.037] Loading file ".../BLST-Verification/proof/x86/memory_safety.saw"
[03:29:00.044] .../BLST-Verification/proof/x86/memory_safety.saw:24:18-24:69: Unbound variable: "m" (.../BLST-Verification/proof/x86/memory_safety.saw:24:68-24:69)
Note that some built-in commands are available only after running
either `enable_deprecated` or `enable_experimental`.

The note looks confusing as enable_experimental was already in the .saw file.
And how can I that error? Thank you.

proof/x86/memory_safety.saw is not a standalone SAW script, and as such, you can't run SAW on it in isolation and expect it to succeed. Rather, it's one component of the overall memory safety proof, which you can run with:

$ saw proof/memory_safety.saw # NOTE: not the same file as proof/x86/memory_safety.saw

Let me know if that works for you. The BLST-Verification repo also provides a Dockerfile, which may be helpful in figuring out how things fit together.

I tried both approached but nothing worked. First, I an the command saw proof/memory_safety.saw and received the following error:

Loading file ".../BLST-Verification/proof/memory_safety.saw"
Loading file ".../BLST-Verification/proof/helpers.saw"
Loading file ".../BLST-Verification/proof/list_utils.saw"
Loading file ".../BLST-Verification/proof/types.saw"
Stack trace:
"llvm_load_module" (.../BLST-Verification/proof/memory_safety.saw:14:6-14:22)
../build/llvm/libblst.a.bc: openBinaryFile: does not exist (No such file or directory)

Then, I tried to use Docker by running the following commands git submodule update --init and got the permission denied error.

Submodule 'blst' (git@github.com:supranational/blst.git) registered for path 'blst'
Submodule 'blst_bulk_addition' (git@github.com:supranational/blst.git) registered for path 'blst_bulk_addition'
Submodule 'blst_patched' (git@github.com:supranational/blst.git) registered for path 'blst_recent'
Submodule 'cryptol-specs' (git@github.com:GaloisInc/cryptol-specs.git) registered for path 'cryptol-specs'
Cloning into '.../BLST-Verification/blst'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
...

Ignoring those error messages, I continued running the command docker-compose run blst and got the following error

Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/src/aggregate.c b/src/aggregate.c
|index 50f6557..b8b7bd4 100644
|--- a/src/aggregate.c
|+++ b/src/aggregate.c
--------------------------
No file to patch.  Skipping patch.
1 out of 1 hunk ignored

I tried both approached but nothing worked. First, I an the command saw proof/memory_safety.saw and received the following error:

Loading file ".../BLST-Verification/proof/memory_safety.saw"
Loading file ".../BLST-Verification/proof/helpers.saw"
Loading file ".../BLST-Verification/proof/list_utils.saw"
Loading file ".../BLST-Verification/proof/types.saw"
Stack trace:
"llvm_load_module" (.../BLST-Verification/proof/memory_safety.saw:14:6-14:22)
../build/llvm/libblst.a.bc: openBinaryFile: does not exist (No such file or directory)

I suspect this is happening because you didn't run the LLVM/x86 build scripts (see here) beforehand. These build scripts are ultimately responsible for creating the aforementioned libblst.a.bc file that SAW needs to perform the memory safety proof.

As a general comment, it may be helpful to use docker_entrypoint.sh as an entrypoint for the proofs, as it will ensure that everything is performed in the intended order. (This is what the Dockerfile uses.) Note that this assumes that you have checked out the submodules, which I'll describe below...

Then, I tried to use Docker by running the following commands git submodule update --init and got the permission denied error.

Submodule 'blst' (git@github.com:supranational/blst.git) registered for path 'blst'
Submodule 'blst_bulk_addition' (git@github.com:supranational/blst.git) registered for path 'blst_bulk_addition'
Submodule 'blst_patched' (git@github.com:supranational/blst.git) registered for path 'blst_recent'
Submodule 'cryptol-specs' (git@github.com:GaloisInc/cryptol-specs.git) registered for path 'cryptol-specs'
Cloning into '.../BLST-Verification/blst'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
...

Ignoring those error messages, I continued running the command docker-compose run blst and got the following error

Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/src/aggregate.c b/src/aggregate.c
|index 50f6557..b8b7bd4 100644
|--- a/src/aggregate.c
|+++ b/src/aggregate.c
--------------------------
No file to patch.  Skipping patch.
1 out of 1 hunk ignored

This is because the BLST-Verification repo uses SSH-based (i.e., git@-based) submodules, such as this one. I'm not entirely sure why the repo is set up that way, but one can run the following command beforehand to ensure that all the submodules are HTTPS-based, which allows anyone to clone them:

$ git config --file=.gitmodules submodule.blst.url https://github.com/supranational/blst && \
  git config --file=.gitmodules submodule.blst_patched.url https://github.com/supranational/blst && \
  git config --file=.gitmodules submodule.blst_bulk_addition.url https://github.com/supranational/blst && \
  git config --file=.gitmodules submodule.cryptol-specs.url https://github.com/GaloisInc/cryptol-specs

Then you should be able to run git submodule update --init (and then docker-compose build && docker-compose run blst) without issues.

Did you manage to resolve this, @banhday?

Sorry for my late reply! The problem was solved by following your post. Thank you very much!!