Benchexec

Latest version: v3.29

Safety actively analyzes 714875 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 3 of 12

3.17

Not secure
- Even more robust handling of child cgroups created within a run
Despite the improvements from BenchExec 3.13 there could be crashes
because sometimes cgroups vanish while we iterate over them.
Avoiding this did not fully work, maybe due to some delays in the kernel,
so now we handle this.
- Actually fix handling of non-printable characters in environment variables.
The fix that was part of BenchExec 3.12 only worked if a non-printable character
was the first character of the value of the environment variable.

3.16

Not secure
This release works only on Python 3.7 and newer!

- Improve performance of the "Merging results" step of `table-generator`.
In the common case of all run sets having the same set of tasks,
this step is now much faster.
- Avoid deadlock in `table-generator` for cases with many child processes
and heavy system load.
- On systems with many cores and if there are many input files or columns,
`table-generator` will now use more than 32 child processes.
- Support the scoring schema used in SV-COMP'23 for witness validators,
and show the witness category as part of the task identifier in tables.
Note that just like for the category `correct-unconfirmed`
external postprocessing of the results is necessary for this.
- If the pattern inside a `<propertyfile>` tag in the benchmark definition
does not match a file,
BenchExec now terminates with an error instead of just logging a warning.
- Improved logging in `table-generator`.
The log messages about missing run results and missing properties,
which could occur many times in certain use cases, are now omitted.
Instead, some numbers about the size of the resulting tables
and the number of missing results will be logged.

3.15

Not secure
- Updated installation instructions for Debian.
Manual installation of the package is needed
because `dpkg` on Debian is incompatible with our PPA on Launchpad.
- Some improvements to tool-info modules.

This release does not change the minimum supported Python version,
but we would like to remind you
that BenchExec will soon stop supporting Python 3.6.

3.14

Not secure
- Added a workaround for the known glibc deadlock described in [656](https://github.com/sosy-lab/benchexec/issues/656).
In most cases BenchExec should detect the deadlock
and continue benchmarking after a timeout of 60s.
- We noticed a [performance problem in Python](https://github.com/python/cpython/issues/98493)
that affects `benchexec` in container mode on machines with many cores
and added an optimization that reduces its impact.
- Improved handling of non-existent mount points.
This makes BenchExec easier to use within Podman containers,
and we now recommend Podman over Docker in our
[documentation](https://github.com/sosy-lab/benchexec/blob/main/doc/container.md#using-benchexec-in-a-dockerpodman-container).
- `table-generator` no longer attempts to spawn a large number of threads
(failing due to the limit on open files)
on machines with many cores.
- Many new and improved tool-info modules.

This release does not change the minimum supported Python version,
but we would like to remind you
that BenchExec will soon stop supporting Python 3.6.

3.13

Not secure
- More robust handling of child cgroups created within a run
Note that it is not safe to execute an untrusted tool inside a BenchExec run
and give it access to cgroups
(e.g., with `--no-container` or `--full-access /sys/fs/cgroups`).
However, some users want to execute trusted tools with cgroup access
(e.g., nesting `runexec`) and we aim to support this.
It was found that BenchExec could hang or crash in certain cases
where child cgroups were created by the process within a run
and used to freeze processes (done by nested `runexec`, for example),
or were made inaccessible using file-system permissions.
This lead to incomplete run cleanup and processes left running
or hanging in an unkillable state.
This release fixes such situations and users who allow cgroup access
within runs are strongly recommended to upgrade.
- Fix incomplete rewriting of numbers into roman numerals
in the new LaTeX output for statistics.

This release does not change the minimum supported Python version,
but we would like to remind you
that BenchExec will soon stop supporting Python 3.6.

3.12

Not secure
- Compatibility with Python 3.10
**Note that it is expected that this is one of the last releases
that supports Python 3.6.**
- Export of statistics as LaTex commands in table-generator:
All those values that exist in the statistics table on the Summary tab of our HTML tables
can be exported as a series of LaTeX commands with `--format=statistics-tex`.
These can then be included in a paper and the commands can be used
to retrieve the statistics values
([documentation](https://github.com/sosy-lab/benchexec/blob/main/doc/table-generator.md#latex-export)).
The script `contrib/statistics-tex.py` that provided a subset of this functionality so far
is removed.
Thanks to [Sowasvonbot](https://github.com/Sowasvonbot) for implementing this!
- Slight improvements for mounting overlayfs:
- Avoid redundant mount points that could prevent certain nested mounts.
- Avoid a warning in the kernel log.
- Fix handling of non-printable characters in environment variables.
- Slight improvements for the HTML tables:
- Use of color for categories in filters
- More informative tooltip in quantile plots (thanks [leventeBajczi](https://github.com/leventeBajczi))
- Added and improved tool-info modules

Page 3 of 12

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.