Skip to main content

Browse the archive

https://github.com/trailofbits/manticore
05 April 2024, 22:53:39 UTC
sort by:
Revision Author Date Message Commit Date
ab61572 sschriner 16 August 2022, 16:45:11 UTC Add the youtube .sol file to the example folder 16 August 2022, 16:45:11 UTC
e771ce0 Eric Kilmer 07 August 2022, 17:29:09 UTC Rework logging setup (#2575) This allows projects to have more control over how Manticore logs are handled. However, this also means that you need to explicitly enable logging in Manticore scripts to see the logs. See `manticore/__main__.py` file changes in this commit. * Initialize Manticore logger for all tests Co-authored-by: kokrui <kokruiwong@gmail.com> 07 August 2022, 17:29:09 UTC
fa640b7 Eric Kilmer 01 August 2022, 15:03:04 UTC ethereum: Improve some error messages when preconditions don't hold (#2576) 01 August 2022, 15:03:04 UTC
04cc68d dependabot[bot] 26 July 2022, 19:03:06 UTC Bump actions/checkout from 2 to 3 (#2572) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 26 July 2022, 19:03:06 UTC
1537c1a dependabot[bot] 26 July 2022, 18:51:08 UTC Bump actions/setup-node from 1 to 3 (#2574) * Bump actions/setup-node from 1 to 3 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 3. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v1...v3) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update .github/workflows/osx.yml Use node 16 * Update .github/workflows/release.yml Use node 16 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> 26 July 2022, 18:51:08 UTC
f037b5d dependabot[bot] 26 July 2022, 18:25:45 UTC Bump trailofbits/gh-action-pip-audit from 0.0.4 to 1.0.0 (#2570) Bumps [trailofbits/gh-action-pip-audit](https://github.com/trailofbits/gh-action-pip-audit) from 0.0.4 to 1.0.0. - [Release notes](https://github.com/trailofbits/gh-action-pip-audit/releases) - [Commits](https://github.com/trailofbits/gh-action-pip-audit/compare/v0.0.4...v1.0.0) --- updated-dependencies: - dependency-name: trailofbits/gh-action-pip-audit dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 26 July 2022, 18:25:45 UTC
5aa27fc dependabot[bot] 26 July 2022, 18:25:40 UTC Bump pypa/gh-action-pypi-publish from 1.2.2 to 1.5.1 (#2571) Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.2.2 to 1.5.1. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.2.2...v1.5.1) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 26 July 2022, 18:25:40 UTC
9283e62 dependabot[bot] 26 July 2022, 18:25:13 UTC Bump actions/setup-python from 2 to 4 (#2573) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 4. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 26 July 2022, 18:25:13 UTC
528b95a William Woodruff 26 July 2022, 17:49:51 UTC Dependabot: Automatically upgrade GitHub Actions (#2569) 26 July 2022, 17:49:51 UTC
2c50966 Eric Kilmer 25 July 2022, 06:56:46 UTC Loosen test dependency version constraints (#2568) Only use a lower bound (not sure if the lower bound actually means anything with regards to what Manticore _requires_, but better keep it around just in case) 25 July 2022, 06:56:46 UTC
8f7eff8 Eric Kilmer 25 July 2022, 06:56:36 UTC Loosen crytic-compile version restrictions (#2567) Allow any newer release than 0.2.2 25 July 2022, 06:56:36 UTC
8470ed4 Eric Kilmer 21 July 2022, 06:51:31 UTC Update to Unicorn v2.0.0 (#2564) * Retry coveralls upload Fix flaky gateway timeout * Update to Unicorn v2.0.0 Fix CPUID errors with latest glibc Fix new syscall in glibc 21 July 2022, 06:51:31 UTC
1b8c1eb Eric Kilmer 21 July 2022, 06:50:47 UTC Retry coveralls upload (#2565) Fix flaky gateway timeout 21 July 2022, 06:50:47 UTC
3404267 Shumin Guo 05 July 2022, 18:58:49 UTC Use python3.7 instead of python3 (#2562) python3 will give `ModuleNotFoundError: No module named 'manticore'` error. 05 July 2022, 18:58:49 UTC
2918710 William Woodruff 16 June 2022, 20:38:19 UTC workflows/pip-audit: use our official action (#2561) Signed-off-by: William Woodruff <william@trailofbits.com> 16 June 2022, 20:38:19 UTC
dc99880 lordidiot 01 June 2022, 19:00:57 UTC Fix plugin docs (#2554) * update did_fork_state doc * update did_evm_read/write_memory_callback doc 01 June 2022, 19:00:57 UTC
b054328 Eric Kilmer 01 June 2022, 18:58:52 UTC Use protobuf version 3 (#2558) Protobuf introduced major version 4.21.0, which contains breaking changes This is a quick fix which pins protobuf to 3.20.1 before we eventually migrate the codebase to proto4 Co-authored-by: kokrui <kokruiwong@gmail.com> 01 June 2022, 18:58:52 UTC
2de39b8 lordidiot 25 May 2022, 14:33:54 UTC Add `psubq` instruction (x86) (#2553) * psubq tests 25 May 2022, 14:33:54 UTC
9e11bc9 Eric Kilmer 18 May 2022, 14:31:28 UTC Capstone 5 updates (5.0.0rc2) (#1701) * Use latest tagged capstone==5.0.0rc2 * Fix aarch64 * Fix ARM * New x86 instrution test Co-authored-by: feliam <felipe.andres.manzano@gmail.com> Co-authored-by: Boyan MILANOV <boyan.milanov@trailofbits.com> 18 May 2022, 14:31:28 UTC
f8ad2df lordidiot 16 May 2022, 18:15:22 UTC Add syscall implementation for `sys_newfstatat` (#2545) * add newfstatat syscall * add newfstatat syscall tests 16 May 2022, 18:15:22 UTC
2d0be73 lordidiot 04 May 2022, 20:39:17 UTC Fix newstat and newfstat (#2544) ## newstat - Currently `sys_newstat`'s implementation is based on `sys_stat64` - This is inaccurate because `sys_stat64` is expected to return a `struct stat64` back to userland [ref1](https://elixir.bootlin.com/linux/v5.17.5/source/fs/stat.c#L521) [ref2](https://elixir.bootlin.com/linux/v5.17.5/source/arch/x86/include/uapi/asm/stat.h#L42) - Instead, `sys_newstat` is supposed to return a `struct stat` [ref1](https://elixir.bootlin.com/linux/v5.17.5/source/fs/stat.c#L380) [ref2](https://elixir.bootlin.com/linux/v5.17.5/source/arch/x86/include/uapi/asm/stat.h#L83) - This causes issues because the two structs have different definitions, and in practice causes errors in the loader. For example "LD_LIBRARY_PATH" environment variable does not work. I suspect https://github.com/trailofbits/manticore/issues/489 might be related as well but I have yet to test. - To fix this we can reuse the `sys_newfstat` implementation, which returns the correct `struct stat` structure to userland ## newfstat - Currently `sys_newfstat` returns a structure based on the x86_64 version of `struct stat` [ref1](https://elixir.bootlin.com/linux/v5.17.5/source/arch/x86/include/uapi/asm/stat.h#L83) - This does not account for the different `struct stat` definition on 32-bit x86 [ref1](https://elixir.bootlin.com/linux/v5.17.5/source/arch/x86/include/uapi/asm/stat.h#L10) (Notice the `#ifdef`) 04 May 2022, 20:39:17 UTC
904f336 Eric Hennenfent 01 March 2022, 17:36:01 UTC Switch to stable Black (#2536) * Switch to stable Black version `black` has recently stabilized on version 22, which means that we can loosen the version restrictions a bit to get upstream bugfixes, without needing to worry about our formatting breaking unexpectedly. In 2023, they may issue a new release with breaking changes, but we won't be automatically upgraded. There have been a large number of formatting changes since 20.8.b1, which is the last version we standardized on. This will likely require rebase of several of the existing PRs, but with relatively few of them currently active, I think it's as good a time as any. More info about black's further development in their [stability policy](https://black.readthedocs.io/en/latest/the_black_code_style/index.html#stability-policy) * Add new formatting changes Mostly docstrings and exponentiation 01 March 2022, 17:36:01 UTC
6c553a4 kokrui 24 February 2022, 18:40:39 UTC Fix typo in Manticore.linux constructor docstring (#2535) 24 February 2022, 18:40:39 UTC
c3eabe0 Eric Hennenfent 17 February 2022, 20:05:30 UTC Revert CI changes made in #2526 We briefly disabled `pip-audit` on PRs to get the release PR to pass, as https://github.com/trailofbits/pip-audit/issues/81 hasn't been merged yet and the version of Manticore we told it to look at hadn't been published to PyPI yet. 17 February 2022, 20:05:30 UTC
9ed66b6 Eric Hennenfent 17 February 2022, 20:01:54 UTC Release Manticore 0.3.7 (#2526) * Bump Version Numbers * Disable pip audit on PR * Update CHANGELOG.md 17 February 2022, 20:01:54 UTC
6212a7a Boyan MILANOV 17 February 2022, 18:18:57 UTC Optimise forking when there is only 1 solution (#2527) * Optimise forking when there is only 1 solution * Update etherum test * Add test for forking on a unique solution * Replace strlen test with dedicated fork test * Fix typo * Fix output filename in test 17 February 2022, 18:18:57 UTC
49f7ebc Eric Hennenfent 17 February 2022, 17:56:14 UTC Epoll Implementation (#2529) * Use my capstone dev branch until fixes are merged into next * Fix aarch64 * Fix ARM * Update Capstone commit to fix arm64 LD1 instruction immediates * Ignore coverage tracking for defensive assertions and exceptions * ENDBR64 as nop * Add lacking x86 tests * New x86 instrution test * Disable write back once we hit our stop in Unicorn emulation * Make emulator reinitialize after write backs are disabled * Fix linting on test_general Extremely strange that my local black==19.10b0 doesn't catch this, but the one on GH actions does * Add a Rust/Unicorn resumption test * Make rusticorn binary actually check behavior * Run CI on chess branch * Support for pread64 syscall * Delete duplicated test method * Fix addresses and improve error handling * Fix issue with sphinx autodoc Sphinx doesn't handle side-effects of importing * Add last_executed_pc property to abstract CPU Helpful for knowing the exact last executed instruction address. * Optionally skip publishing mem read/writes in CPU * Shallow copy AMD64RegFile but keep concrete register values The copied RegisterFile should be read-only and used to keep track of concrete register values at a certain instant * Remove call to pkg_resources that breaks custom installation * Fix mypy * Fix Unicorn resume * Update unicorn to latest 1.0.2 * Update capstone to latest 4.0.2 * Correctly process memory maps * Synchronize data from manticore to unicorn upon resume * Fix some issues with FS register and segments * Fix some synchronization with CPUID instruction as compared to Unicorn * X86 syscall instruction breakout for semantics * Implementation of epoll * Fix test missed during merge * Fix more tests missed during merge * staticmethods to get syscall info * Revert some unrelated changes * Revert more unrelated changes * Revert MORE unrelated changes * Unstage changes to ARM/x86 CPUs * Remove fast_crash parameter (unrelated to this PR) * Add tests Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> Co-authored-by: feliam <felipe.andres.manzano@gmail.com> 17 February 2022, 17:56:14 UTC
a50b856 Eric Hennenfent 16 February 2022, 17:29:06 UTC Split off ENDBR32/64 from CHESS branch (#2533) Seeing as they're fancy NOP's, I don't think there's any reason not to merge them into `master`, and thus avoid aggressively concretizing the state in order to emulate them under Unicorn. 16 February 2022, 17:29:06 UTC
2e2258c Eric Hennenfent 16 February 2022, 17:28:52 UTC Update to crytic-compile 0.2.2 (#2530) * Update to crytic-compile 0.2.2 This PR bumps our required version of `crytic-compile` to the latest release (0.2.2). Tweaks the initialization routine in `ethereum/manticore.py` in order to account for breaking changes in https://github.com/crytic/crytic-compile/pull/223 * Delete accidental files This reverts commit e5fe245d06f9dcf9196cc85525d9b18e1a4db80b. * Fix variable name reuse 16 February 2022, 17:28:52 UTC
793b1de Boyan MILANOV 11 February 2022, 08:17:13 UTC Also ignore missing unicorn registers in the fallback emulator (#2531) 11 February 2022, 08:17:13 UTC
bf2fba3 Boyan MILANOV 04 February 2022, 10:08:16 UTC x86 FXSAVE & FXRSTOR support (#2511) * Add SMT simplifications for bitvec subtraction * Add X86 support for FXSAVE and FXRSTOR * Unicorn emulator: ignore floating point registers than aren't yet supported in unicorn * Emulator: Also ignore MXCSR_MASK register * Add logic to translate floating point registers values from (mantissa,exponent) to bitfield 04 February 2022, 10:08:16 UTC
9321100 Boyan MILANOV 20 January 2022, 17:07:53 UTC Fix `BitVecExtract` simplification for constant folding (#2524) * Fix BitVecExtract simplification for constant folding * Lint * Add test for extract constant folding * Lint * Test: pass BitVecExtract args with keywords 20 January 2022, 17:07:53 UTC
8202c30 Emilio López 18 January 2022, 18:38:19 UTC Add pip-audit action workflow (#2513) This adds a new GitHub Actions workflow. This workflow runs pip-audit on the repository on each new commit and pull request to the `master` branch, as well as every Tuesday morning. If any known vulnerable dependency is found, this workflow will fail. 18 January 2022, 18:38:19 UTC
b050fdf Boyan MILANOV 04 January 2022, 14:26:57 UTC Add EXPLICIT fork policy (#2514) Add a new fork policy called "EXPLICIT" that allows to specify arbitrary concrete values for the expression on whom we are forking. * Add EXPLICIT fork policy allowing to provide our own concrete values * Add feasibility checks for the EXPLICIT concretisation policy * Add few type hints * Don't pass kwargs to BaseException * Only use lists in StateBase.concretize() 04 January 2022, 14:26:57 UTC
fac371c Boyan MILANOV 16 December 2021, 16:34:12 UTC Enforce crytic-compile==0.2.1 (#2512) 16 December 2021, 16:34:12 UTC
285ab50 Nikita Sobolev 05 December 2021, 16:12:24 UTC Improve namedtuple definition (#2506) While working on https://github.com/python/mypy/pull/11206 I found that `Regspec` definition is not ideal. It is recommended to use the same string name, as variable name. For example, it affects how `pickle` works. Related https://github.com/trailofbits/manticore/pull/2501 Related https://github.com/trailofbits/manticore/commit/6e036f3034b76bbecf36b5469e49294e038ff705 05 December 2021, 16:12:24 UTC
da67723 Boyan MILANOV 23 November 2021, 09:14:45 UTC Add SMT simplifications for bitvec subtraction (#2504) * Add SMT simplifications for bitvec subtraction * Replace operator SUB by built-in '-' * Use '==' instead of 'is' to test bitvector equality * Lint * Use custom exception when __bool__ fails to evaluate expression 23 November 2021, 09:14:45 UTC
52007a8 Boyan MILANOV 18 November 2021, 08:37:17 UTC Fix handling of the program base address in Linux (#2500) * Fix handling of the program base address in Linux: * Distinguish interpreter and program base addresses * Serialize base addresses correctly * Add typing to base address fields in Linux platform Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 18 November 2021, 08:37:17 UTC
9f55b09 Eric Hennenfent 15 November 2021, 20:01:38 UTC Bump Sphinx version to 4.3.0 (#2503) * Require Sphinx 3.0 or greater The problems we're seeing with ReadTheDocs builds right now are probably [caused by an outdated version of Sphinx](https://blog.readthedocs.com/build-errors-docutils-0-18/) that it's falling back to in order to provide Python2 compatibility. * Add explicit requirements file 15 November 2021, 20:01:38 UTC
0101bde Eric Hennenfent 10 November 2021, 23:22:45 UTC Solver Improvements (#2502) In the course of my investigation, I found that the SMT2 definitions were being converted to text properly, but not making it all the way to the solver. This seems to be an issue with Python's unbuffered pipe implementation. I'm not sure what the exact issue is, but switching to buffered I/O and adding explicit calls to flush has fixed the tests. * Fix invalid escape characters * Add debug logs for solver errors * Optimize imports * Split buffer on newlines We're going to have to take this out before merging but hopefully it'll help figure out what's going wrong * Clear the debug buffer upon reset * Make sure we flush data sent to the solver * Fix typo * Try buffering I/O with the solver * Move _clear_buffers out of loop * Remove debugging code 10 November 2021, 23:22:45 UTC
6e036f3 Nikita Sobolev 08 November 2021, 21:40:56 UTC Improves `namedtuple` definition (#2501) I am working on new `mypy` feature and it identified a problem with your `namedtuple` definitions. https://github.com/python/mypy/pull/11206#issuecomment-962573633 By standard first string arg should match variable name. 08 November 2021, 21:40:56 UTC
522f8ba Eric Kilmer 15 September 2021, 13:13:48 UTC Add methods for getting list of (un)implemented system calls (#2491) This is primarily a helper function that is useful in evaluating the capabilities of Manticore on Linux * Add Linux Kernel version constant to syscalls list * Add method for getting unimplemented syscalls This is specific per architecture 15 September 2021, 13:13:48 UTC
b73986b Eric Hennenfent 13 September 2021, 14:16:26 UTC Unpin Truffle Version, Use Latest crytic-compile (#2490) This PR allows us to support Truffle version 5.3.14, which is now supported by the [latest release of crytic-compile](https://github.com/crytic/crytic-compile/releases/tag/0.2.1) 13 September 2021, 14:16:26 UTC
7c905c8 Eric Kilmer 10 September 2021, 18:03:51 UTC Add last_executed_pc property to abstract CPU (#2475) Helpful for knowing the exact last executed instruction address. * Fix some types * Set last_executed_pc to insn.address when disagreement on PC and insn This should be correct since some hook has intercepted the events for the instruction and "executed" it for us. * Simplify instruction publish event call * Add more documentation for last executed pc/instruction 10 September 2021, 18:03:51 UTC
4d880cd G-11-P 07 September 2021, 17:46:32 UTC Bump Node from 13.x to 16.x (#2484) * Update ci.yml * Update ci.yml * Revert "Update ci.yml" This reverts commit 1d7c80efb5c583bd0e03d9b0457f90f04162e236. Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 07 September 2021, 17:46:32 UTC
cdf8ae8 Eric Kilmer 07 September 2021, 16:30:34 UTC Copy/Snapshot a RegisterFile (#2489) This is useful for referencing the state of the registers at a certain point in time. Internally, this is used to check the concrete values of registers. Symbolic values should also work but require more testing and care. Symbolic values containing memory references are undefined and are likely not accurate if execution occurs after the snapshot. 07 September 2021, 16:30:34 UTC
2228a74 Eric Kilmer 07 September 2021, 16:26:36 UTC Add more logging messages around solver errors (#2485) Helps with debugging if/when things go bad during solving * Fix typing error 07 September 2021, 16:26:36 UTC
892f0fe Eric Kilmer 07 September 2021, 16:26:10 UTC Add manticore reference property to States (#2486) This was added a while ago when loading states from their serialized form in https://github.com/trailofbits/manticore/pull/1609 and this PR makes this feature a bit more robust. 07 September 2021, 16:26:10 UTC
df9cfaf Eric Kilmer 07 September 2021, 16:25:36 UTC Option to kill Manticore if any state fails on unrecoverable error (#2487) This is useful for having more strict runs of Manticore where we want to know about any unrecoverable errors encountered during state exploration. 07 September 2021, 16:25:36 UTC
aae7bcd Eric Kilmer 07 September 2021, 16:25:11 UTC Optionally publish events for memory reads (#2488) This is useful if you have multiple plugins and don't want them to capture memory reads that are executed by other plugins. Removed some type hints in the comments because they caused cascading errors, and fixing those cascading errors should be a part of another PR. 07 September 2021, 16:25:11 UTC
38bb3d2 Eric Kilmer 24 August 2021, 21:00:12 UTC Install Python3.7 in Docker image (#2482) Manticore now requires Python 3.7 24 August 2021, 21:00:12 UTC
f1b5de2 Alan Chang 16 August 2021, 23:46:28 UTC Prioritize LD_LIBRARY_PATH over system default path (#2476) * prioritize LD_LIBRARY_PATH * fall back to absolute path if env fails 16 August 2021, 23:46:28 UTC
1c920b8 Alan Chang 16 August 2021, 21:28:37 UTC track parent in state descriptors (#2479) 16 August 2021, 21:28:37 UTC
36b3024 Eric Hennenfent 04 August 2021, 22:36:25 UTC Switch to Python 3.7 (#2472) * Add version info to installations * Let's try a newer version? * Use fixed yices release * Really? No relative path support? * Can't handle newer C compilers Ugh we should really do something about that * Let's try 3.8 * Back to 3.7 3.6 is EOL soon, so we can justify jumping up to a more recent version, but 3.8 might still be too new for some people. * Find & Replace 3.6 -> 3.7 * Bump setup-python version * Fix additional 3.6 usage 04 August 2021, 22:36:25 UTC
1f7b8dc Alan Chang 31 July 2021, 16:41:29 UTC Fix loading custom interpreters for ELF binaries (#2473) * strip trailing null bytes 31 July 2021, 16:41:29 UTC
a9b8585 Eric Hennenfent 30 July 2021, 22:27:45 UTC Create CITATION.cff 30 July 2021, 22:27:45 UTC
7144c73 Alan Chang 22 July 2021, 14:53:40 UTC Track last_pc in StateDescriptors (#2471) Start tracking `_last_pc` inside StateDescriptors. This is helpful for figuring out which instruction causes a state to fork. 22 July 2021, 14:53:40 UTC
dc5e57b Sonya 22 July 2021, 14:52:59 UTC Expose Result Register for Native CPU (#2470) * get_return_reg * rename get_return_reg to get_result_reg * function_abi property * function_abi move + syscall_abi 22 July 2021, 14:52:59 UTC
378f8e8 Eric Kilmer 13 July 2021, 18:19:48 UTC Install pinned version of truffle to fix CI (#2467) 13 July 2021, 18:19:48 UTC
fb2765f Gustavo Grieco 06 July 2021, 16:05:14 UTC Use fixed owner and attacker accounts in multi_tx_analysis (#2464) 06 July 2021, 16:05:14 UTC
2a56484 Eric Hennenfent 10 June 2021, 19:56:28 UTC Manticore 0.3.6 (#2456) * Manticore 0.3.6 * Create release.yml * Bump point release number for development releases * Don't include coveralls in release run * Update nightly build notice * Update CHANGELOG.md * Add changelog line for #2420 10 June 2021, 19:56:28 UTC
e4cb8c6 Eric Hennenfent 10 June 2021, 19:47:43 UTC Fix IntrospectionAPIPlugin Name (#2459) Closes #2442 10 June 2021, 19:47:43 UTC
5e4d358 Gustavo Grieco 10 June 2021, 19:09:33 UTC Portfolio of parallel solvers (#2420) * First attempt to have parallel solvers * busy waiting * fix * fixes * linted * fixed mypy types * fixed tests * fixes * linted * fixed mypy types * adjusted the number of workers * randomize solvers * simplified code * fix * fixes * use portfolio by default * use the portfolio solver by default in the detectors (and reverted last commit) * rewrote the recv function * fixes * fixes * use the portfolio solver by default in the general evm tests * fix * more fixes * fixes * fix * fix * fix * fix * fixes * fix * code refactoring * mypy fix * linted code Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 10 June 2021, 19:09:33 UTC
2380d5e Eric Hennenfent 09 June 2021, 20:23:51 UTC Replace Quick mode with Thorough mode (#2457) * Replace Quick mode with Thorough mode Replaces the `quick_mode` flag with `thorough_mode` and inverts the logic. Closes #2424. * Run truffle tests in thorough mode * Use thorough mode for failing test 09 June 2021, 20:23:51 UTC
5205fa3 Eric Kilmer 02 June 2021, 13:30:22 UTC Fix incorrect comparison for symbolic file wildcards (#2454) * Add tests for symbolic file wildcard handling * Add example script and assertions for fileio.c in `examples` directory 02 June 2021, 13:30:22 UTC
c128872 Gustavo Grieco 25 May 2021, 16:42:36 UTC Reduce the number of calls to the SMT solver in EVM (#2411) * extracted relevant code * fix * linted code * fixed types * fixes * fix * fixes * fix * regex fix * fix code climate * use solve_one_n_batched to reduce solver usage * remove some useless calls to solve_one * use solve_one_n_batched to show memory values * used solve_one_n_batched in save_input_symbols * clean-up * clean-up * Fix type hints * Lint Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 25 May 2021, 16:42:36 UTC
9167952 Eric Kilmer 11 May 2021, 17:19:43 UTC Fixes to Unicorn emulation - start/stop/resume (#1796) * Disable write back once we hit our stop in Unicorn emulation * Make emulator reinitialize after write backs are disabled * Fix linting on test_general Extremely strange that my local black==19.10b0 doesn't catch this, but the one on GH actions does * Add a Rust/Unicorn resumption test * Make rusticorn binary actually check behavior * Delete duplicated test method * Fix addresses and improve error handling * Fix Unicorn resume * Update unicorn to latest 1.0.2 * Update capstone to latest 4.0.2 * Correctly process memory maps * Synchronize data from manticore to unicorn upon resume * Fix some issues with FS register and segments * Fix some synchronization with CPUID instruction as compared to Unicorn * X86 syscall instruction breakout for semantics Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 11 May 2021, 17:19:43 UTC
809bc76 Feist Josselin 10 May 2021, 18:17:50 UTC Add support for multiple compilation units (#2444) * Add support for multiple compilation units See https://github.com/crytic/crytic-compile/pull/167 * update setup.py * Use crytic-compile@master * Update setup.py 10 May 2021, 18:17:50 UTC
eb4f208 Gustavo Grieco 20 April 2021, 16:29:18 UTC Basic solver stats (#2415) * Implemented basic solver stats * added assert * improved stats * added assert * measure time in EVM * removed redundant code * linted * fixed tests * check if manticore executed * fix * fixes 20 April 2021, 16:29:18 UTC
b4d129f Gustavo Grieco 07 April 2021, 18:30:25 UTC Fix the generation of EVM tests (#2426) * Update run_tests.sh * Add note for why commit was pinned Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> 07 April 2021, 18:30:25 UTC
47326e6 Gustavo Grieco 02 April 2021, 18:47:48 UTC Disabled EVM events in testcases by default (#2417) * disabled EVM events in testcases by default * fix test 02 April 2021, 18:47:48 UTC
2e990ba Gustavo Grieco 01 April 2021, 20:32:18 UTC added proper timeouts for cvc4 and boolector (#2418) 01 April 2021, 20:32:18 UTC
9bfb3ac Gustavo Grieco 26 March 2021, 21:42:33 UTC Removed use of global solver from Native Memory (#2414) * removed use of global solver from Memory * removed unecessary _publish calls 26 March 2021, 21:42:33 UTC
fd83be7 Gustavo Grieco 26 March 2021, 18:35:30 UTC Support to use boolector as the SMT solver (#2410) * initial support for boolector * renamed Boolector class * fixed boolector expression parsing and linted code * added basic boolector tests * removed value_fmt 26 March 2021, 18:35:30 UTC
fd69381 Gustavo Grieco 24 March 2021, 20:22:24 UTC Update CI and suggest to use pip3 instead of pip (#2409) 24 March 2021, 20:22:24 UTC
3da969b Eric Kilmer 12 March 2021, 16:02:53 UTC Expressions use keyword-only arguments for init (#2395) A better way to enforce correct initialization of the objects 12 March 2021, 16:02:53 UTC
29061a2 Eric Kilmer 12 March 2021, 14:27:30 UTC Use Slots on all Expression objects (#2394) * XSlotted metaclass to force all Expressions to use slots * Add test for slots. Also small refactor for abstract classes and operands arguments * Remove pickle data file belonging to deleted test 12 March 2021, 14:27:30 UTC
dd57db8 Eric Kilmer 09 March 2021, 13:39:19 UTC Allow double-adding exact same config option (#2397) The config system is a little brittle when Manticore tries to import all platform modules since we set the config options upon import and declaring the same config option in two different platforms will cause issues. This is a bit of a band-aid over the real problem, which might look something like moving shared config options to a separate file that each platform can import. Looks to be some related refactoring work here #1636 09 March 2021, 13:39:19 UTC
d575cf7 Eric Kilmer 02 March 2021, 14:31:54 UTC Don't run OSX tests on PR 02 March 2021, 14:31:54 UTC
d55f30d Eric Hennenfent 01 March 2021, 18:23:45 UTC Attempt to Fix solc Installation MacOS (#2392) * Attempt to Fix solc Installation Prefer `solc-select` over `brew` for installing Solidity 0.4.x, as the latter doesn't seem to work on MacOS. * Fix logic for tui test Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> 01 March 2021, 18:23:45 UTC
d85a9a2 Sonya 08 February 2021, 18:38:19 UTC Syscall specific hooks (#2389) * Non state specific functioning * State specific functioning * Add None to add_hook call in hook decorator * Moved will/did_invoke_syscall * Added functionality for hooking by function name to state specific hooks * Added functionality for hooking by sys function name to non state specific hooks * State specific tests 08 February 2021, 18:38:19 UTC
5a258f4 Eric Hennenfent 27 January 2021, 16:17:22 UTC TUI Support Infrastructure (#1620) * Support for TUI (#1605) * Update worker thread for server creation * Add necessary files for TUI connectivity * Add necessary files for TUI connectivity * Update MonitorWorker * Update protocol * Blacken * Update setup.py dependencies * Remove state debugging messages * Update setup.py to build protobuf protocol upon install * Remove previously generated state_pb2.py * Change subprocess.Popen to subprocess.check_output * Remove extraneous output * First attempt at fixing protobuf installation It might work, it might not. We'll let the CI sort it out. * Can't forget the f-string * Error on missing protoc * Disable auto-generation of protobuf file * Ignore pb2_errors * Disable monitor start See if this makes the EVM tests pass Co-authored-by: Eric Hennenfent <ecapstone@gmail.com> * Add log monitoring * Log monitoring via TCP * Swittch to rendering state lists directly * Extraneous line * Switch log buffer to multiprocessing queue * Create state transition events Should make it possible to track movements between state lists * Plug new events into context This will break the state merging plugin (but I'll fix it eventually) * move most enums to their own module * Blacken * Add DaemonThread from TUI branch * Add interface for registering daemon threads * Timestamp StateDescriptor upon updates * Capture return value * Blacken * Add solver wrapper to StateBase * Add `solve` events to all instances of SelectedSolver.instance() * Remove executor constraints from WASM * Add solve events to memory.py * Add intermittent execution event * Be more generous with states whose initialization we missed * Add Native callback for updating state descriptor * Fix state killing * Blacken * codecov: Remove outdated 'yml' entry in CI From these commits https://github.com/codecov/codecov-action/commit/ebea5cacdf7d0b843f66bcb1ae27d8f27b758e81 https://github.com/codecov/codecov-action/commit/49c86d6a5fd072b05c31a42baa67b8fb2e87c8f7 * Add solve event to evm Make warning messages better Debug GH actions Revert "Debug GH actions" This reverts commit f575eea3c3a09dbf2cd2b8e81940fc4297fdf039. Fix some pycharm-detected problems Make symbolic function error message more verbose Add solve to published events Loud errors in callbacks by default Trying to find out what's killing truffle Revert "Trying to find out what's killing truffle" This reverts commit 8bd02245ccc2ce54c9161072eba231880c084874. Revert "Make symbolic function error message more verbose" This reverts commit bd3e90cdb0dfabf0ac874badad723be50998f63b. Debugging Truffle Restore introspector Add try_except on every callback Unconditionally print error message Add traceback Update event.py Debug subscriptions Debug arguments to callbacks Different debug msg 1ast arg Print statement debugging... Pass in `None` as state Revert "Add try_except on every callback" This reverts commit 1c689dd43c619ba322cda5e7283686308c8db4e0. * Drop solve events outside of a state context Forgot did_solve Remove traceback * Fix must/cannot_be_null usage * Fix missing solve event * Partially restore old did_fork_state ABI * Called internally * Clone iterators instead of creating a list * Use isgenerator instead of checking if iterable * Fix snapshot restoration * Slightly improve Unicorn test API usage * Temporarily disable property verifier tests * improper skip arg * Add simple tests for introspection API * Add test for custom introspector, improve base introspection test * Add intermittent update timestamp * Only allow daemon registration and introspection registration at initialization * Add docs to manticore.py * Add docs for plugin, add update_state_descriptor to EVM * Fix renamed will_start_run --> will_run * Docstrings for DaemonThread and EventSolver * Docs for enums * Improve pretty printer, add some mypy fixes * Don't run daemon threads if run is called multiple times * If at first you don't succeed, destroy all the evidence you tried. * Test the pretty printer * Add StateDescriptor to RTD * Add newlines for RTD parsing * Update to work with new state introspection API * Add termination messages * Also capture killed state messages * Make info logs debug logs * Apply suggestions from code review Newlines for doc comments Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> * Add some type hints to manticore.py * Add some type hints to plugin.py * Fix type hint for get_state * Add termination message from TUI PR * Add example script * Add docstrings to the example script * Pass introspection plugin type as an argument * Unskip property verifier tests * Add mypy-requests type hints * Remove itertools.tee The problem with usign tee is that only the first callback to use the iterator can write to it. In `ready_states`, the `save_state` after the `yield` statement is ignored for all others. * Make generator cloning a little bit more robust Now Manticore will give up and return the original argument instead of blowing up if it can't clone the generator * Clean up invalidated unit tests We now fire `introspect` for the first time before we have any states * Debug missing Truffle & Examples coverage * Merge coverage from XML file * Switch coverage to JSON, ignore debug logging and NotImplemented code * Fix copy commands * Move .coverage files directly * Set examples to append coverage * FLAG_NAME doesn't work the way we'd like * Use plugin dict to store introspector * Appease mypy * Fix missing property on unique name * Grab EVM PC * Blacken * Run black on all files if the git diff command fails * Fix mypy errors * Make plugin logging even less verbose * Move log capture and state monitoring to daemon threads * Use the config module for host & port * Fix worker configuration and add test for TUI API * Fix log messages breaking native tests * Split up base Manticore tests and logging tests The verbosity changes seem to be taking hold when they shouldn't * Merge LogTCPHandler and MonitorTCPHandler * Confirm that logging tests return to base level * Fix mypy * Switch back to using a deque for log buffering in the default case * Fix deque API * Update state_pb2.py * Reformat programatically generated files * Drop max verbosity in logging tests Haven't been able to figure out why, but somehow other loggers get "stuck" at this high verbosity and the integration tests try to print out the values of every single register. * Fix duplicated code from bad merge * Remove is_main from state_monitor * Add comment about log buffer size * Remove vestigial is_main * Blacken Co-authored-by: Philip Wang <powdercheeze@gmail.com> Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> 27 January 2021, 16:17:22 UTC
334b3aa Eric Kilmer 12 January 2021, 20:38:16 UTC Fix coveralls upload (#2387) 12 January 2021, 20:38:16 UTC
21a8491 Tim Gates 12 January 2021, 16:56:02 UTC docs: fix simple typo, straigth -> straight (#2381) There is a small typo in manticore/platforms/evm.py. Should read `straight` rather than `straigth`. 12 January 2021, 16:56:02 UTC
089e089 feliam 05 January 2021, 17:02:54 UTC Attempt to allow symbolic balances from the start (#1818) 05 January 2021, 17:02:54 UTC
abf8a8b Eric Hennenfent 08 December 2020, 19:44:56 UTC Fix state.cpu.PC member (#1825) Closes #1822 08 December 2020, 19:44:56 UTC
6325e48 feliam 07 December 2020, 23:13:54 UTC Bump black and mypy (#1824) 07 December 2020, 23:13:54 UTC
5ea4f90 Eric Hennenfent 06 November 2020, 22:04:44 UTC Manticore 0.3.5 (#1808) * Update changelog and version numbers * Update CHANGELOG.md * Fix missing link to #1816 Definitely worth noting that we don't track gas anymore by default. * Fix date 06 November 2020, 22:04:44 UTC
be91243 feliam 06 November 2020, 21:06:10 UTC Fix yices timeout argument (#1817) 06 November 2020, 21:06:10 UTC
5b5f37c Feist Josselin 06 November 2020, 19:22:06 UTC Detect default solver (#1820) * Detect default solver: try yices, if not present use z3 * Update solver.py * Update message about solver selection Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 06 November 2020, 19:22:06 UTC
c8e5e25 Eric Hennenfent 30 October 2020, 21:07:19 UTC Ignore Gas Calculations by Default (#1816) As I understand it, this is necessary to get the [building secure contracts](https://github.com/crytic/building-secure-contracts) repo passing by default. It's also a frequent first step for real-world EVM analysis, so perhaps it will save some time. The tests are performing suspiciously well locally. I would have expected some changes to be required. Let's see how GH Actions handles them. 30 October 2020, 21:07:19 UTC
2152023 William Woodruff 06 October 2020, 21:07:25 UTC native/cpu/x86: Add support for CPUID EAX=80000000h (#1811) 06 October 2020, 21:07:25 UTC
ca50424 Rodothea Myrsini (Romy) Tsoupidi 22 September 2020, 21:01:46 UTC Change types.FunctionType=<class 'function'> (#1803) Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 22 September 2020, 21:01:46 UTC
1480f4b Eric Hennenfent 22 September 2020, 17:37:35 UTC Fix test regressions (#1804) * band-aid parsing of CLI version * Blacken 22 September 2020, 17:37:35 UTC
f46f78b Eric Hennenfent 09 September 2020, 15:32:46 UTC State Introspection API (#1775) * Create state transition events Should make it possible to track movements between state lists * Plug new events into context This will break the state merging plugin (but I'll fix it eventually) * move most enums to their own module * Blacken * Add DaemonThread from TUI branch * Add interface for registering daemon threads * Timestamp StateDescriptor upon updates * Capture return value * Blacken * Add solver wrapper to StateBase * Add `solve` events to all instances of SelectedSolver.instance() * Remove executor constraints from WASM * Add solve events to memory.py * Add intermittent execution event * Be more generous with states whose initialization we missed * Add Native callback for updating state descriptor * Fix state killing * Blacken * codecov: Remove outdated 'yml' entry in CI From these commits https://github.com/codecov/codecov-action/commit/ebea5cacdf7d0b843f66bcb1ae27d8f27b758e81 https://github.com/codecov/codecov-action/commit/49c86d6a5fd072b05c31a42baa67b8fb2e87c8f7 * Add solve event to evm Make warning messages better Debug GH actions Revert "Debug GH actions" This reverts commit f575eea3c3a09dbf2cd2b8e81940fc4297fdf039. Fix some pycharm-detected problems Make symbolic function error message more verbose Add solve to published events Loud errors in callbacks by default Trying to find out what's killing truffle Revert "Trying to find out what's killing truffle" This reverts commit 8bd02245ccc2ce54c9161072eba231880c084874. Revert "Make symbolic function error message more verbose" This reverts commit bd3e90cdb0dfabf0ac874badad723be50998f63b. Debugging Truffle Restore introspector Add try_except on every callback Unconditionally print error message Add traceback Update event.py Debug subscriptions Debug arguments to callbacks Different debug msg 1ast arg Print statement debugging... Pass in `None` as state Revert "Add try_except on every callback" This reverts commit 1c689dd43c619ba322cda5e7283686308c8db4e0. * Drop solve events outside of a state context Forgot did_solve Remove traceback * Fix must/cannot_be_null usage * Fix missing solve event * Partially restore old did_fork_state ABI * Called internally * Clone iterators instead of creating a list * Use isgenerator instead of checking if iterable * Fix snapshot restoration * Slightly improve Unicorn test API usage * Temporarily disable property verifier tests * improper skip arg * Add simple tests for introspection API * Add test for custom introspector, improve base introspection test * Add intermittent update timestamp * Only allow daemon registration and introspection registration at initialization * Add docs to manticore.py * Add docs for plugin, add update_state_descriptor to EVM * Fix renamed will_start_run --> will_run * Docstrings for DaemonThread and EventSolver * Docs for enums * Improve pretty printer, add some mypy fixes * Don't run daemon threads if run is called multiple times * If at first you don't succeed, destroy all the evidence you tried. * Test the pretty printer * Add StateDescriptor to RTD * Add newlines for RTD parsing * Make info logs debug logs * Apply suggestions from code review Newlines for doc comments Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> * Add some type hints to manticore.py * Add some type hints to plugin.py * Fix type hint for get_state * Add termination message from TUI PR * Add example script * Add docstrings to the example script * Pass introspection plugin type as an argument * Unskip property verifier tests * Add mypy-requests type hints * Remove itertools.tee The problem with usign tee is that only the first callback to use the iterator can write to it. In `ready_states`, the `save_state` after the `yield` statement is ignored for all others. * Make generator cloning a little bit more robust Now Manticore will give up and return the original argument instead of blowing up if it can't clone the generator * Clean up invalidated unit tests We now fire `introspect` for the first time before we have any states * Debug missing Truffle & Examples coverage * Merge coverage from XML file * Switch coverage to JSON, ignore debug logging and NotImplemented code * Fix copy commands * Move .coverage files directly * Set examples to append coverage * FLAG_NAME doesn't work the way we'd like * Use plugin dict to store introspector * Appease mypy * Fix missing property on unique name * Grab EVM PC * Blacken * Run black on all files if the git diff command fails Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com> 09 September 2020, 15:32:46 UTC
76ccb04 wolflo 08 September 2020, 15:56:37 UTC Fix EVM account existence checks for selfdestruct and call (#1801) * Add account_exists method to EVMWorld * Update acct existence check in EVM.CALL_gas * Update acct existence check in EVM.SELFDESTRUCT_gas 08 September 2020, 15:56:37 UTC
a41c19a Eric Kilmer 27 August 2020, 22:26:52 UTC Add partial implementation of sendto syscall (#1791) * Add partial implementation of sendto syscall This partial implementation does not handle dest_addr and addrlen arguments, which means this sendto acts like a regular send syscall * Adjust comments and add type hints 27 August 2020, 22:26:52 UTC
2eaf7c0 Feist Josselin 25 August 2020, 23:27:22 UTC crytic-compile: use latest release (#1795) manticore-verifier: enable crytic-comoile cli flags 25 August 2020, 23:27:22 UTC
6d590e1 wolflo 25 August 2020, 23:26:00 UTC Update gas metering for calls to empty accounts (#1774) * Update gas metering for calls to empty accounts * Add test for call gas costs Co-authored-by: Eric Hennenfent <eric.hennenfent@trailofbits.com> 25 August 2020, 23:26:00 UTC
3a256d7 George Hotz 20 August 2020, 15:41:01 UTC Fix BitVec with symbolic offset and fix TranslatorSmtlib.unique thread safety (#1792) * minor fixes * fix spacing * always put it through BitVecExtract 20 August 2020, 15:41:01 UTC
back to top