> Documentation > Release-Notes > Versions > 2.9.0

Table of content

• 2.9.0
  • Highlights
  • Improvements
    • Reven
    • Project Manager
    • Analysis Python API
    • Axion
  • Fixed issues
    • Reven
    • Project Manager
    • Axion
    • Analysis Python API
  • Analysis Python API Compatibility Notes

2.9.0

Highlights

Reven version 2.9 is packed with new features, with a focus on providing the users with more trace navigation and memory analysis handles in the Axion GUI.

Here are some highlights:

• Memory Watchers in Axion GUI: The GUI now allows to create Memory Watchers, that will display the value of a range of memory at all times while browsing a Reven scenario.

• Markers of a transition's location in the trace: To make it easier to tell at a glance where a particular transition falls in the scenario, hovering a transition in any widget now displays its position in the time. Moreover, the transitions displayed in widgets now sport an icon indicating their position relative to the currently selected transition.

• Debugger controls with step out and step over navigation in Axion GUI: Step out / Step over buttons and their corresponding shortcuts allow to quickly find the exit of a function, or to skip over a call in a single action. Due to Reven's timeless nature, it is of course possible to step out/step over backward.

• Step out and step over are also available in the Python API: The new methods Transition.step_out and Transition.step_over bring this capability to the API where it can be used for automation. For example, step_out allows to easily find the return value of a function you're in.

• New sample scripts and notebooks:

  • detect_data_race.ipynb: demonstrates how to use the API to detect data races in programs whose synchronization would depend on critical sections.
  • threadsync.py: traces calls to Windows synchronization APIs such as EnterCriticalSection, WakeConditionVariable or ReleaseMutex.
  • export_bookmarks.ipynb and bk2bp.ipynb: demonstrates how to use the bookmark API to generate a report in HTML or markdown or to generate breakpoints that can be imported into WinDbg.
  • All sample scripts can now be browsed in the documentation.

Improvements

Reven

• High-level OS Specific Information (OSSI) has been enhanced:
  • In Windows scenarios, Reven now presents private symbols from PDBs, as well as symbols from PDB modules. Besides, the performance of PDB parsing has been improved by up to 400%, which translates in a shorter waiting time when loading transitions for the first time in the trace in Axion GUI or the Python API.
  • In Linux scenarios, Reven now loads symbols from debug binaries if available at the standard locations looked up by GDB (such as /usr/lib/debug).

Project Manager

• In Linux scenarios, the debug binaries are now extracted when replaying the Light Filesystem resource.

Analysis Python API

• The reven2.Trace.memory_accesses method now supports fetching memory accesses on the entire trace or on a range of transitions regardless of the address of the memory access. Concretely, this means that the address and size parameters of this method are now optional.

Axion

• The Calltree view now displays bookmark icons next to entries corresponding to a bookmarked transition.
• Hexdump views can now be renamed so that their identification is easier during the analysis. To rename a Hexdump, right-click on it, then choose "rename".
• You can now select which Hexdump view is "active" by clicking the corresponding button in the widget. The active Hexdump is the one which is used when a new address is selected for display. If no Hexdump is active, selecting an address will display it in a new one.
• Shortcut management:
  • Shortcut conflicts are now displayed in the shortcut editor.
  • A modal dialog now warns user upon inputting a shortcut that is associated to multiple actions.
  • Axion no longer saves or loads shortcuts that are the same as the default in the settings. This reduces the probability of a shortcut conflict when upgrading Axion.

Fixed issues

Reven

• The taint now propagates correctly through the bswap instruction.

Project Manager

• Compressed Linux kernel modules files were not copied during the light filesystem extraction of a scenario.

Axion

• Calltree view: The binary name for the root node of the calltree was sometimes mistakenly reported as unknown.
• Calltree view: The current transition display (red line) is now displayed at the correct location in the following situations:
  • when the children of the last call node also have children nodes,
  • when the calltree view has been "locked" by clicking the lock button.
• Closing Axion with a SIGINT or SIGTERM signal is now considered like a normal exit. This allows in particular to save Axion's settings when an Axion session is stopped from the Project Manager.

Analysis Python API

• Some calls to the preview.project_manager API could spuriously fail with a ConnectionError, especially when using a high-latency connection.
• Python dependencies of example scripts are now distributed along reven2, which makes use of these scripts easier, especially in air-gapped networks.

Analysis Python API Compatibility Notes

• The Stack.backtrace method and the BackTrace class have been deprecated and are scheduled for removal in version 2.10. Use str or display on a Stack instance to display a backtrace.