plugin crashes Ida and Ida64.

[paxcut]

I managed to get plugin compiled but had to first rename 'Ghidra' folder to 'decompile'. After that cmake ran fine and following the steps in MakeGhidraDec.bat I was able to produce the dlls. I copied the dlls to plugin folder in Ida and ran it. I have been using Ghidra for a while so I set the options to my Ghidra installation but when I ran the plugin Ida hard crashes with no errors. After debugging it looks like the call to decompiler.exe from Ghidra is exiting abnormally which causes Ida to crash. Has anyone got this plugin to work? If so how? Any information would be appreciated.

[GregoryMorse]

Which Ghidra version and IDA version are you using? It has not been updated for a while and was using an older Ghidra when tested. Thanks for the folder rename issue, will note this. I will probably shortly update the plugin to the latest Ghidra 9.2 and IDA 7.5 SP3 versions, my guess is Ghidra changed the protocol slightly hence decompiler.exe exiting abnormally and causing Ida to crash is a more general stability exception handling type bug. What kind of binary were you decompiling?

[paxcut]

I see,

I wasn't aware of the older Ghidra requirement so I was using 9.2 as this is a fairly new plugin (to me at least). I have older versions of Ghidra as well so I'll try those. Ida is version 7.3 though I'll be switching to 7.5 sp3 soon.
Your assessment seems right on the mark and the binaries were just small Pe windows executables (x86 and amd64) test files that I keep for testing, nothing fancy. I'll follow your suggestion and will post about the outcome. This plugin is very interesting as it uses Ghidra, RetDec and Ida for the first time I believe.

I look forward to the updates you mentioned and if I may be so bold as to suggest that perhaps writing a bit of an explanation about you use these three amazing techs together and the advantages of doing so may bring the attention that your contribution deserves.

Thank you for your time and your helpful comments.

[GregoryMorse]

For the record - RetDec IDA Plugin was used just to get a IDA plugin "template" codebase up and going very quickly. Things have diverged a bit and probably it could even be entirely removed, but it never seemed necessary to spend time on that aspect.

The problem with the project, is that the Ghidra source is tightly integrated, and I should fix the cmake capability, namely to download the specified Ghidra build, extract it and build the necessary files rather than have them literally built in or hard coded in from 1.0 I think even...

The reason this was done for now is I was experimenting with custom patches to deal with some tricky 16-bit NE files I wanted to decompile. But it would be better to add a custom Ghidra patch part of cmake to apply such patches rather than use stale distributed Ghidra code.

So yes this really is a good next step for the project - the first thing I would do with Ghidra 9.2 is integrate it into cmake properly and hopefully integrated in as maximally a backward and forward compatible way as possible. The protocol has to be somewhat built in though as the Java layer was removed and replaced by C++ code. I imagine on the IDA side of things, things are not too bad as long as using the right SDK - obviously it should not crash, but the incompatible Ghidra compiled in with the Ghidra binary in use could return garbage data or something that would cause some simple protocol cases that were assumed and not yet handled.

My plan is to fix the project and even release binaries for 7.5 with Ghidra 9.2 sometime in the near future.

[paxcut]

I totally misread the role of retdec but I think I understand a bit better now after your explanation. Thank you for that.

I am beginning to suspect that the problem is entirely my fault and has nothing to do with Ghidra's version or anything in your code. A while back I was working on improving Ghida's (an Ida plugin for Ghidra) output for PS2 Mips variant (r5900) code and may have messed Ghidra's auto analysis. I wanted to make the plugin run faster so I looked for ways to disable most of the analyzers and I seem to have forgotten what I did. I'm sure it'll come back to me in time but I feel bad about my presumption on the origin of the problem. I'll close this for now as I think that once I fix Ghidra the plugin will run as intended. I believe that this plugin will show many people that free tools can be as high quality and more versatile than the really expensive ones out there. Good luck on this and future endeavors and many thanks for your courtesy and hospitality.

[mupfdev]

I have IDA Version 7.0.170914. Unfortunately it crashes every single time I hit decompile. I also tried multiple versions of Ghidra.

[GregoryMorse]

I have IDA Version 7.0.170914. Unfortunately it crashes every single time I hit decompile. I also tried multiple versions of Ghidra.

So this of course is possible. The protocol for Ghidra keeps changing and doesn't have a built in version in the protocol. It's a common cause of crashes most of which were fixed. Of course it could also be on the IDA side. The easiest way to find it is to load the project in visual studio, build, deploy to your Ida plug-ins folder. Then load your Ida project, attach to the process for debugging with VS and when it crashes the line of code should be pinpointed. Do you have the specific target and function, is this possible to provide. If I work on this again likely I will update to the newest Ghidra. As I imagine, it's tied to the specific version last integrated. The goal is to make the protocol as forward dnd backward compatible as possible and at least not to crash. But it's hard to keep up with all the Ida sdk and ghidra changes.

[mupfdev]

I tried it real quick, but wasn't able to compile it. I might have a closer look later on.

What's the last Ghidra version that is supposed to work?