Error: unknown variant `LZCOUNT`, expected one of `COPY`...... when running the test sample

[SunnyYANGyaya]

please help me i got a troble and i cannot fix it

[Enkelmann]

You will encounter this error message when you use older versions of the cwe_checker with newer versions of Ghidra. There are two possible solutions:

• Switch to an older Ghidra version. Ghidra 10.2.3 does not generate the LZCOUNT P-Code operation and should be fine.
• Switch to a newer cwe_checker version. Right now, you would have to switch to the master branch, because the current stable version of the cwe_checker, v0.8, does not support LZCOUNT.

Which one of the two solutions is better for you depends on your use-case.

[SunnyYANGyaya]

Thank you. I'll try it when I get back in the evening

[SunnyYANGyaya]

thank you (@_@), i am a beginner, and the question may be a bit silly i switch to a newer cwe_checker to 0.9 and everything looks normal. and i also have a question (O.O) What is the purpose of this JSON file? I found an example myself and didn't need JSON, but testing the sample requires JSON to start ghidra.

[vobst]

Concerning the last screenshot, could you maybe run the cwe_checker with the --verbose flag and post the output you get? (No need to take a screenshot if you can copy-paste the text.)

[SunnyYANGyaya]

iot@research:~/install-file/cwe_checker-master/test/bare_metal_samples$ cwe_checker test_sample.bin --verbose INFO Using log config file: jar:file:/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Framework/Generic/lib/Generic.jar!/generic.log4j.xml (LoggingInitialization)
INFO Using log file: /home/iot/.ghidra/.ghidra_10.3.2_PUBLIC/application.log (LoggingInitialization)
INFO Loading user preferences: /home/iot/.ghidra/.ghidra_10.3.2_PUBLIC/preferences (Preferences)
INFO Loading previous preferences: /home/iot/.ghidra/.ghidra_10.1_PUBLIC/preferences (Preferences)
INFO Searching for classes... (ClassSearcher)
INFO Class search complete (817 ms) (ClassSearcher)
INFO Initializing SSL Context (SSLContextInitializer)
INFO Initializing Random Number Generator... (SecureRandomFactory)
INFO Random Number Generator initialization complete: NativePRNGNonBlocking (SecureRandomFactory)
INFO Trust manager disabled, cacerts have not been set (ApplicationTrustManagerFactory)
INFO HEADLESS Script Paths: /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/8051/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/GnuDemangler/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/PIC/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/MicrosoftCodeAnalyzer/ghidra_scripts /home/iot/.local/share/cwe_checker/ghidra/p_code_extractor /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/FileFormats/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/PDB/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Python/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/FunctionID/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/VersionTracking/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/BytePatterns/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger/ghidra_scripts /home/iot/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Base/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/SystemEmulation/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/DATA/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Decompiler/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger-agent-dbgmodel-traceloader/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger-agent-frida/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/JVM/ghidra_scripts /home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/Atmel/ghidra_scripts (HeadlessAnalyzer)
INFO HEADLESS: execution starts (HeadlessAnalyzer)
INFO Creating temporary project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (HeadlessAnalyzer)
INFO Creating project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (DefaultProject)
INFO REPORT: Processing input files: (HeadlessAnalyzer)
INFO project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (HeadlessAnalyzer)
INFO IMPORTING: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (HeadlessAnalyzer)
INFO No load spec found for import file: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (AutoImporter)
ERROR The AutoImporter could not successfully load /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin with the provided import parameters. Please ensure that any specified processor/cspec arguments are compatible with the loader that is used during import and try again. (HeadlessAnalyzer)
ERROR REPORT: Import failed for file: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (HeadlessAnalyzer)

openjdk version "17.0.7" 2023-04-18 OpenJDK Runtime Environment (build 17.0.7+7-Ubuntu-0ubuntu118.04) OpenJDK 64-Bit Server VM (build 17.0.7+7-Ubuntu-0ubuntu118.04, mixed mode)

Ghidra plugin failed with exit code 0 Execution of Ghidra plugin failed.

[vobst]

Ah, thanks I see: To analyze a bare-metal firmware sample the cwe_checker requires some additional information about the target. This is what is contained in the Json file. You can have a look at the contents of bare_metal/stm32f407vg.json to get an idea which kind of information is required. In general you will have to figure out this information manually, e.g., from a SoCs datasheet. The error you get occurs because Ghidra can not properly analyze the binary file without this in information.

For ELF or PE files such information is not required as it can be inferred from the file headers. This is why mini_httpd worked.

[SunnyYANGyaya]

Thank you so much ! (O.O) I am currently trying to understand this perfect code.