jimmy-sonny
commented
4 years ago The issue is related to os.killpg in ghida_plugin/lib.py when the analysis exceeds the timeout.
Closed mackbyk closed 4 years ago
jimmy-sonny
commented
4 years ago The issue is related to os.killpg in ghida_plugin/lib.py when the analysis exceeds the timeout.
jimmy-sonny
commented
4 years ago This issue is a duplicate of #3.
jimmy-sonny
commented
4 years ago Closing the issue, #3 has been fixed.
Thanks for reporting the bug.
Possible file format: ELF for ARM (Shared object) (D:\Program Files (x86)\IDA_Pro_v7.0_Portable\loaders\elf.dll)
bytes pages size description
262144 32 8192 allocating memory for b-tree... 65536 8 8192 allocating memory for virtual array... 262144 32 8192 allocating memory for name pointers...
589824 total memory allocated
Loading file 'C:\xxxxxxx\xxxxxx' into database... Detected file format: ELF for ARM (Shared object) Loading processor module D:\Program Files (x86)\IDA_Pro_v7.0_Portable\procs\arm.dll for arm...OK Autoanalysis subsystem has been initialized. [uEmu]: Init plugin [uEmu]: Run plugin [uEmu]: Unicorn version [ 1.0.1 ] [uEmu]: CPU arch set to [ armle ] D:\Program Files (x86)\IDA_Pro_v7.0_Portable\plugins\vx_target_standalone.py: PLUGIN_ENTRY was not defined or the class name 'uEmuPlugin' was already used in 'uEmu.py' Assuming __cdecl calling convention by default
Creating a new segment (0000B0E4-0000B100) ... ... OK Adding relocations... Plan FLIRT signature: ARM library little endian autoload.cfg: armlibl.sig autoloads armv12.til Type library 'armv12' loaded. Applying types... Types applied to 0 names. Marking typical code sequences... Flushing buffers, please wait...ok File 'C:\xxxxxxx\xxxxxx' has been successfully loaded into the database. IDA is analysing the input file... You may start to explore the input file right now. Hex-Rays Decompiler plugin has been loaded (v7.0.0.170914) License: 56-3E5B-5634-29 Jiang Ying, Personal license (1 user) The hotkeys are F5: decompile, Ctrl-F5: decompile all. Please check the Edit/Plugins menu for more informaton. IDAPython Hex-Rays bindings initialized.
GhIDA Decompiler v0.1 Andrea Marcelli anmarcel@cisco.com Cisco Talos, June 2019 GhIDA Decompiler shortcut key is Ctrl-Alt-D
GhIDA:: [DEBUG] Reading GhIDA configuration ('GHIDA_CONF.load_save_cached_code', False) ('GHIDA_CONF.load_save_cached_comments', False) GhIDA:: [DEBUG] code_cache_path: c:\users\admini~1\appdata\local\temp\decompiled_cache_1DC83C421557F6E549C8A9370EAFD4F8.json GhIDA:: [DEBUG] comments_cache_path: c:\users\admini~1\appdata\local\temp\comments_cache_1DC83C421557F6E549C8A9370EAFD4F8.json GhIDA:: [DEBUG] Registering handlers GhIDA [DEBUG] ScreenEAHook initialized
Keypatch v2.2 (c) Nguyen Anh Quynh & Thanh Nguyen, 2016 Keypatch is using Keystone v0.9.1 Keypatch Patcher's shortcut key is Ctrl-Alt-K Use the same hotkey Ctrl-Alt-K to open 'Fill Range' window on a selected range of code To revert (undo) the last patching, choose menu Edit | Keypatch | Undo last patching Keypatch Search is available from menu Edit | Keypatch | Search Find more information about Keypatch at http://keystone-engine.org/keypatch
[uEmu]: Init plugin [uEmu]: Run plugin [uEmu]: Unicorn version [ 1.0.1 ] [uEmu]: CPU arch set to [ armle ] [uEmu]: Init plugin D:\Program Files (x86)\IDA_Pro_v7.0_Portable\plugins\vx_target_standalone.py: PLUGIN_ENTRY was not defined or the class name 'uEmuPlugin' was already used in 'uEmu.py'
[uEmu]: UI ready. Run plugin [uEmu]: Unicorn version [ 1.0.1 ] [uEmu]: CPU arch set to [ armle ] [uEmu]: UI ready. Run plugin [uEmu]: Unicorn version [ 1.0.1 ] [uEmu]: CPU arch set to [ armle ] [uEmu]: UI ready. Run plugin [uEmu]: Unicorn version [ 1.0.1 ] [uEmu]: CPU arch set to [ armle ]
Python 2.7.13 (v2.7.13:a06454b1afa1, Dec 17 2016, 20:53:40) [MSC v.1500 64 bit (AMD64)] IDAPython v1.7.0 final (serial 0) (c) The IDAPython Team idapython@googlegroups.com
Using FLIRT signature: ARM library little endian Propagating type information... Function argument information has been propagated The initial autoanalysis has been finished. GhIDA:: [DEBUG] DisasmsHandler HELLO ('GHIDA_CONF.global_settings', True) ('GHIDA_CONF.use_ghidra_server', False) ('GHIDA_CONF.ghidra_install_path', 'E:\ghidra_9.0') ('GHIDA_CONF.ghidra_server_url', 'http://localhost:8080/ghidra/api') ('GHIDA_CONF.show_settings', True) ('GHIDA_CONF.load_save_cached_code', False) ('GHIDA_CONF.load_save_cached_comments', False) GhIDA:: [INFO] Configuration saved to c:\users\admini~1\appdata\local\temp\ghida_config.json GhIDA:: [DEBUG] EXPORT_XML_FILE: True GhIDA:: [DEBUG] Exporting IDA project into XML format
XML Exporter v5.0.1 : SDK 700
Exporting XML document ....
Processing PROGRAM GhIDA:: [DEBUG] compiler name: GNU C++
GhIDA:: [DEBUG] new_compiler_name: gcc
CPU time: 0.0047
Processing DATATYPES CPU time: 0.0008
Processing MEMORY_MAP CPU time: 0.0250
Processing REGISTER_VALUES CPU time: 0.0141
Processing CODE CPU time: 0.0025
Processing DATA CPU time: 0.1220
Processing COMMENTS CPU time: 0.0146
Processing PROGRAM_ENTRY_POINTS CPU time: 0.0006
Processing SYMBOL_TABLE CPU time: 0.0122
Processing FUNCTIONS CPU time: 0.0151
Processing MARKUP CPU time: 0.0439
Total CPU time: 1.1215
PROGRAM 1 INFO_SOURCE 1 PROCESSOR 1 COMPILER 1 DATATYPES 1 STRUCTURE 3 MEMBER 12 UNION 1 MEMORY_MAP 1 MEMORY_SECTION 19 MEMORY_CONTENTS 16 REGISTER_VALUES 1 REGISTER_VALUE_RANGE 254 CODE 1 CODE_BLOCK 23 DATA 1 DEFINED_DATA 476 TYPEINFO_CMT 327 COMMENTS 1 COMMENT 229 PROGRAM_ENTRY_POINTS 1 PROGRAM_ENTRY_POINT 7 SYMBOL_TABLE 1 SYMBOL 229 FUNCTIONS 1 FUNCTION 66 ADDRESS_RANGE 66 STACK_FRAME 16 STACK_VAR 65 MARKUP 1 MEMORY_REFERENCE 140
Total XML Elements: 1963 Database exported to: C:\Users\Administrator\Desktop\huaweiQ2_pro\1DC83C421557F6E549C8A9370EAFD4F8_cEskL.xml GhIDA:: [DEBUG] found 0 symbols GhIDA:: [INFO] XML exporting completed GhIDA:: [DEBUG] decompiled cache miss (dec) GhIDA:: [DEBUG] Decompiling dec GhIDA:: [DEBUG] EXPORT_XML_FILE: False GhIDA:: [INFO] Ghidra headless (timeout: 300s) GhIDA:: [INFO] Waiting Ghidra headless analysis to finish... GhIDA:: [!] 'module' object has no attribute 'killpg' GhIDA:: [!] Ghidra headless analysis failed GhIDA:: [!] Decompilation interrupted.