Problem Empty disassembly

[maskelihileci]

Environment information

• Operating System: Windows 10 22H2
• Cutter version: 2.3.2-HEAD-1d07ebc
• Obtained from: https://github.com/rizinorg/cutter/releases
• File format: pe64
• Type: EXEC (Executable file)

Describe the bug

My friend, after analyzing the large files, we cannot see anything in the disassembly , the disassembly is empty as in the picture. This error only occurs when large files are analyzed.

Expected behavior

The Disassembly section should not be empty, regardless of whether the file is large or small.

Screenshots

Additional context

There are two things I would like to add: When I save the project with an empty disassembly section and close the application, it continues to run in the background with full power consumption. When I kill the application and load the saved project, the empty disassembly section appears and the problem disappears.

[XVilka]

@maskelihileci could you please retry with the latest version or share the file? You can grab the latest dev build from here: https://github.com/rizinorg/cutter/actions/runs/7354662953/artifacts/1138965087

[maskelihileci]

The same problem persists, this time the decompiler works properly. There is no need to upload any files. If there is an application on your computer that is larger than 50MB in size, the same problem will occur.

[wargio]

this is the latest dev?

[maskelihileci]

bu en son geliştirici mi?

https://github.com/rizinorg/cutter/issues/3275#issuecomment-1871924287

I downloaded this resource.

[wargio]

Try the latest https://github.com/rizinorg/cutter/actions/runs/7354662953/artifacts/1138965087

[maskelihileci]

Try the latest https://github.com/rizinorg/cutter/actions/runs/7354662953/artifacts/1138965087

I already tried that.

[wargio]

you still have the same issue?

[maskelihileci]

you still have the same issue?

yes

[ghost]

Same here, opened a 50MB executable but Cutter refuses to disassemble Edit: Latest dev build fixed my problem

[wargio]

always on windows?

[wargio]

@stever9487 Please try https://github.com/rizinorg/cutter/pull/3280

[XVilka]

You can try this version on Windows: https://github.com/rizinorg/cutter/actions/runs/7438987036/artifacts/1152599763

[XVilka]

Nevermind, I can confirm the bug. Curiously, both decompiler and graph work, but not disassembly...

[Rot127]

@maskelihileci I cannot reproduce the issue.

My steps were:

• Download last release 2.3.2-HEAD-1d07ebc
• Open C:\Windows\System32\MRT.exe (170MB something)
• Running analysis
• Decompilation, graphs and disassembly work fine.
• Close again (cutter closes correctly)

Windows build info:

Edition Windows 10 Pro
Version 22H2
OS build    19045.3758

Can you maybe check with this binary again, to see if it works for you?

[Rot127]

So I tried the binary @XVilka used (https://github.com/yt-dlp/FFmpeg-Builds) and still cannot reproduce the issue.

But had some similar behavior. In my case the list of function names was not loaded directly. It took ~5min until it was there. Until than it looked like your disassembler box, a simple grey background. Similar for other things. E.g. couldn't select another function during this time. Although, the whole time the GUI was responsive.

Also that Cutter is a zombie process after closing, was just a problem of enormous resource use in my case. After waiting for ~5-7min it was gone.

The Windows VM in use here had 2 cores with 1.1GHz + 4GB memory. Rizin used roughly 3GB mem at its peak.

Can you please open your file again and let it sit for 5-10min after the aaa analysis? Just so we can make sure it is not a performance issue? Also please check the process manager during this time. If the used memory increases, it is an indicator that something is still done in the background.

@XVilka If you find time, please try this as well.

[XVilka]

Just waited and it still the same - decompiler and graph tabs work, while disassembly is empty:

[wargio]

probably caused by the recent changes on the api

[XVilka]

I wonder if it's because of the core->block changes in librz/core/disasm.c

[XVilka]

It is not specific to Windows - if you open that file either on macOS or Linux build it happens too.

[XVilka]

Cutter uses rz_core_print_disasm(), maybe some recent changes in how it works.

[Rot127]

@XVilka I couldn't reproduce it under Linux as well.

[Rot127]

Can you guys check what your Qt version your Cutter uses?

In Cutter under Help -> About Cutter. Cutter uses a different mutex for Qt version < 5.14.0. Might be some deadlock issue.

[maskelihileci]

Tested and the problem has been fixed, thank you for your effort.