Closed UCFoxi closed 4 months ago
Would you mind providing me the program that causes the crash for you? Everything seems to work fine on my end. Keep in mind though that creating a Signature for large files may indeed take a while, where IDA becomes unresponsive (but it will still return a result after a while).
As far as I know, IDA doesn't handle multithreading that well, and the Signature creation process is currently done by the main thread, which causes IDA to become unresponsive. That might be outdated info though, let's see how IDA reacts to multithreading.
This seems to occur when trying to generate signatures for functions that are too ambiguous or too many XREFs.
For example, it took the plugin about 6 minutes to generate this:
Signature for 14260B9F7: 48 8B 05 ? ? ? ? 48 85 C0 0F 85 ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 4C 8D 0D ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 4C 8D 05 ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 15 ? ? ? ? 49 8D 43 ? 49 89 43 ? 48 8D 0D ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 05 ? ? ? ? 49 89 43 ? 49 C7 43 ? ? ? ? ? C7 44 24 ? ? ? ? ? C7 44 24 ? ? ? ? ? C7 44 24 ? ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? E8 ? ? ? ? 48 8B D0 4C 8D 05 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 89 05 ? ? ? ? 48 83 C4 ? C3 CC CC CC CC CC CC CC CC CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 4C 8B DC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 0F 85 ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 4C 8D 0D ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 4C 8D 05 ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 15 ? ? ? ? 49 8D 43 ? 49 89 43 ? 48 8D 0D ? ? ? ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 05 ? ? ? ? 49 89 43 ? 48 8D 05 ? ? ? ? 49 89 43 ? 49 C7 43 ? ? ? ? ? C7 44 24 ? ? ? ? ? C7 44 24 ? ? ? ? ? C7 44 24 ? ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? 48 8B 05 ? ? ? ? 48 85 C0 75 ? 48 8D 15 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 05 ? ? ? ? 48 83 C4 ? C3 CC 48 83 EC ? B9
A completely unacceptable and unusable signature, without its length because it's signaturing parts of the compiler padding (the int 3 CC arrays).
If you'd like an example program that causes the behavior, you can use this EXE of Ready or Not. https://mega.nz/file/sL9DSKpZ#qFxtzgeVEgvJzSce9h2Y4BD2FK303FXsZ7MPsGe_CeA
Jump to 142278E10 (FName::Fname) and then attempt to do a Find Shortest XREF signature.
Because the function is called over 13,000 times, the plugin takes almost an infinite amount of time to make a deterministic approach to find the "shortest" XRef.
Simple solution I'd imagine for both scenarios is to just add a pop-up window like P47R!CK's signature finder had with a cancel button that sets a boolean flag that the signature while loop reads each iteration, and if it's set to true then just bail out. Also probably adding int3 as an invalid opcode for the scanner is necessary as well.
Thanks for the heads up @gir489returns ! I see. That is indeed a large file. I'll definitely add an option to abort signature generation when reaching the end of a function. That abort dialog would be a wise option too. I'll see what I can do.
I published a release v1.0.1/2 addressing those issues. Please check if this is what you had in mind.
Also added some progress text for xref searching. It takes like 7-8 seconds on my computer to sig that function from above, finding the best sig would take more than a day lol
Hi @A200K. I had been testing 1.0.1, I haven't encountered CC signatures anymore, but I did get a hang a few times even pressing cancel, but it looks like 1.0.2 fixed it? I'll try it again and see if it hangs again.
Indeed, when iterating a lot of xrefs, it will now instantly abort with 1.0.2. Thanks for testing!
^^