Symbolic execution tool
Thanks to our external contributors!
crytic-compile
0.2.2 #2530
FXSAVE
/FXRSTOR
concrete support on x86 #2511
last_executed_pc
property to CPU #2475
will/did_read_memory
events #2488
ENDBR
-style NOPs #2533
epoll
-related syscalls #2529
fast_fail
config to exit after first state exception #2487
Concretize
#2527
Thanks to our external contributors!
Thanks to our external contributors!
selfdestruct
and call
#1801
strlen
models #1725
stat
support for file descriptors #1780
sendto
#1791
Thanks to our external contributors!
manticore-verifier
script for checking properties of smart contracts #1717
__format__
to EVM accounts #1613
gaslimit
--> gas
#1652
/proc/self/maps
#1639
llseek
#1640
arm_fadvise64_64
#1648
accept
#1618
open
#1657
strcpy
#1681
__slots__
to reduce memory usage in expression system #1635
policy
argument from ManticoreBase, added outputspace_url
to optionally separate working files from output files #1651
get_related
logic #1674
Thanks to our external contributors!
Thanks to our external contributors!
ADDMOD
and MULMOD
#1531
recvfrom
syscall #1514
will_write_memory
event to write_bytes
#1535
did_execute_instruction
event #1529
Thanks to our external contributors!
getdents
syscall #1472
fast_crash
configuration setting that causes Manticore to immediately produce a finding on memory unsafety #1485
issymbolic
into SMTLib to improve performance #1456
FileNotFound
Error on state loading #1480
Thanks to our external contributors!
We've completed a major refactor of the core executor that reorganizes Manticore's state machine to be more amenable toward use with the multiprocesssing module. This refactor introduces some small API changes:
finalize
method to dump test cases from a runwill_start_run
event has been renamed to will_run
solver
module requires explicitly accessing the Z3Solver singleton. from manticore.core.smtlib import solver
becomes:from manticore.core.smtlib.solver import Z3Solver
solver = Z3Solver.instance()
manticore.running_states
has been renamed to manticore._busy_states
For more information about changes to the state machine, see the diagram in core/manticore.py
We've run the black
autoformatter on the master branch of Manticore, and added a check for compliance to our CI. To ensure your code is properly formatted, run black -t py36 -l 100 .
in your Manticore directory before committing.
Contractor nkaretnikov spent several months adding support for AArch64 on Linux. As this is a brand new architecture, we've left in most of the debugging assertions, which may slow it down slightly. We look forward to getting feedback on this architecture so we can eventually remove the debugging assertions.
movhps
on x86 (#1444)Thanks to our external contributors!
Manticore 0.2.5 added Unicorn preloading for quickly performing concrete emulation of native binaries until a target address is reached. In the EVM engine, apart from some fixes, this release added support for creating contracts from Truffle JSON artifacts (see json_create_contract).
Full changelog below.
json_create_contract
- support creating EVM contracts from Truffle JSON artifacts (#1376)last_return
(#1341)_check_jumpdest
when run with detectors - this bug could lead to not detecting an int overflow due to tainting made by another detector (#1347)sys_lseek
(#1355)m.regiser_plugin(VerboseTraceStdout())
)--evm.oog <opt>
(see --help
); also, the gas calculations has been decoupled into its own methods (#1279)Transaction.is_human
usage and changed it to a property (#1323)make_symbolic_address
not preconstraining the symbolic address to be within all already-known addresses (#1318)m.running_states
or m.terminated_states
were generated (#1326)m.resolve(symbol)
(#1302)stdin_size
CLI argument has been moved to config constant and so has to be passed using --native.stdin_size
instead of --stdin_size
(#1337)sys_arch_prctl
syscall when wrong code
value was passed and raise a NotImplementedError instead of asserting for not supported code values (#1319)timeout
has to be passed using core.timeout
now (#1337)__main__
now fetches manticore version from installed modules (#1310)