Exception in analysis phase

[sethm]

With the current WE.sinc file, I'm seeing the following exception during analysis phase.

To reproduce, load the COFF file https://archives.loomcom.com/3b2/scsi/scsi-we32k-driver. I am using the latest Ghidra from my we-coff branch (https://github.com/sethm/ghidra/).

java.util.concurrent.ExecutionException: java.lang.IllegalArgumentException: Bit length must be >= 1 and <= 64
    at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122)
    at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191)
    at generic.concurrent.QResult.<init>(QResult.java:40)
    at generic.concurrent.FutureTaskMonitor.run(FutureTaskMonitor.java:78)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:835)
Caused by: java.lang.IllegalArgumentException: Bit length must be >= 1 and <= 64
    at ghidra.program.model.scalar.Scalar.<init>(Scalar.java:62)
    at ghidra.program.util.VarnodeContext.extendValue(VarnodeContext.java:1300)
    at ghidra.program.util.SymbolicPropogator.applyPcode(SymbolicPropogator.java:1095)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:495)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:393)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:191)
    at ghidra.app.plugin.core.analysis.ConstantPropagationAnalyzer.flowConstants(ConstantPropagationAnalyzer.java:401)
    at ghidra.app.plugin.core.analysis.ConstantPropagationAnalyzer.analyzeLocation(ConstantPropagationAnalyzer.java:381)
    at ghidra.app.plugin.core.analysis.ConstantPropagationAnalyzer$1.process(ConstantPropagationAnalyzer.java:274)
    at ghidra.app.plugin.core.analysis.ConstantPropagationAnalyzer$1.process(ConstantPropagationAnalyzer.java:1)
    at generic.concurrent.ConcurrentQ$CallbackCallable.call(ConcurrentQ.java:658)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at generic.concurrent.FutureTaskMonitor.run(FutureTaskMonitor.java:76)
    ... 3 more
ERROR Analyzer Error: Analysis Task: Stack - Bit length must be >= 1 and <= 64 java.lang.IllegalArgumentException: Bit length must be >= 1 and <= 64
    at ghidra.program.model.scalar.Scalar.<init>(Scalar.java:62)
    at ghidra.program.util.VarnodeContext.extendValue(VarnodeContext.java:1300)
    at ghidra.program.util.SymbolicPropogator.applyPcode(SymbolicPropogator.java:1095)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:495)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:393)
    at ghidra.program.util.SymbolicPropogator.flowConstants(SymbolicPropogator.java:191)
    at ghidra.app.cmd.function.NewFunctionStackAnalysisCmd.createStackPointerVariables(NewFunctionStackAnalysisCmd.java:340)
    at ghidra.app.cmd.function.NewFunctionStackAnalysisCmd.analyzeFunction(NewFunctionStackAnalysisCmd.java:191)
    at ghidra.app.cmd.function.NewFunctionStackAnalysisCmd.applyTo(NewFunctionStackAnalysisCmd.java:118)
    at ghidra.app.plugin.core.function.StackVariableAnalyzer.added(StackVariableAnalyzer.java:54)
    at ghidra.app.plugin.core.analysis.AnalysisScheduler.runAnalyzer(AnalysisScheduler.java:190)
    at ghidra.app.plugin.core.analysis.AnalysisTask.applyTo(AnalysisTask.java:39)
    at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:685)
    at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:785)
    at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:664)
    at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:629)
    at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
    at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:101)
    at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:315)
    at java.base/java.lang.Thread.run(Thread.java:835)

[mumbel]

I believe that's got to do with the stack auto-analysis, you can uncheck the box (if still broken) to turn it off to get rid of the messages. I'm not 100% on what's causing it.

Calling convention still doesn't make sense, just new to the architecture, and then turning that into the cspec xml is the issue most likely. Making ghidra happy in regards to %ap, %sp, and %fp seems like it may be an issue as well.

Trying to improve, but looks like I'm still getting that error.

fyi, in the most recent commit, I've added a manual index file and added a basic pattern file (still trying to get this right) that should help in auto-analysis finding more code and creating functions. It potentially could add another pop-up along the lines of unable to match first if you find you're getting a new error.

[sethm]

@mumbel Thanks, I'm testing further now. I definitely have a problem with relocations not working well, but that's because of the way Sys V does relocations with the ".text" symbol. I need to look into how to handle those correctly in the CoffLoader and relocation handler.

[mumbel]

I tried looking into COFF for 80960, but quickly gave up as it was not really close to current structure at all. I have branch with my abandoned attempt

[astrelsky]

@mumbel It seems that the size of the value varnode being used to create the scalar is either 0 and it has a non 0 constant value or the size is negative. Either way in order for that to occur something is very wrong somewhere.

You can add the following to the .pspec to not use the "new" function stack analysis. Maybe it will help.

    <properties>
        <property key="useNewFunctionStackAnalysis" value="false"/>
    </properties>