search

wargio / r2dec-js

radare2 plugin - converts asm to pseudo-C code.
514 stars 50 forks source link

Cutter segfaults after install #208

Closed expenses closed 4 years ago

expenses commented 4 years ago

after installing the git versions of radare2 and cutter, running r2pm init and r2pm install r2dec, cutter now ends with Thread 10 "Cutter" received signal SIGSEGV, Segmentation fault. after I open the decompiler window.

~ r2 -v
radare2 4.4.0-git 24021 @ linux-x86-64 git.4.3.1-79-gbed2cb1f40
commit: bed2cb1f40fb3376fd23c1d89f2da81d52ae5141 build: 2020-03-20__14:38:26
~ Cutter -v
Cutter 1.10.2
~ gdb Cutter
GNU gdb (GDB) 9.1
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from Cutter...
(No debugging symbols found in Cutter)
(gdb) run
Starting program: /usr/bin/Cutter
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7ffff1372700 (LWP 75638)]
[New Thread 0x7fffeb307700 (LWP 75639)]
[New Thread 0x7fffe3fff700 (LWP 75640)]
[New Thread 0x7fffeab06700 (LWP 75641)]
[New Thread 0x7fffea305700 (LWP 75642)]
[New Thread 0x7fffe8a3f700 (LWP 75643)]
Plugins are loaded from "/home/ashley/.local/share/RadareOrg/Cutter/plugins"
Loaded 0 plugin(s).
Plugins are loaded from "/usr/local/share/RadareOrg/Cutter/plugins"
Plugins are loaded from "/usr/share/RadareOrg/Cutter/plugins"
[New Thread 0x7fffe37fe700 (LWP 75645)]
Warning: r_bin_file_hash: file exceeds bin.hashlimit
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls (aac)
[x] Analyze len bytes of instructions for references (aar)
[x] Check for objc references
[x] Check for vtables
[x] Type matching analysis for all functions (aaft)
[x] Propagate noreturn information
[x] Use -AA or aaaa to perform additional experimental analysis.
[New Thread 0x7fffe2ffd700 (LWP 75646)]
[Thread 0x7fffe2ffd700 (LWP 75646) exited]
[New Thread 0x7fffe27fc700 (LWP 75647)]

Thread 10 "Cutter" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe27fc700 (LWP 75647)]
0x00007ffff7e2d611 in r_core_cmd () from /usr/lib/libr_core.so
(gdb) backtrace
#0  0x00007ffff7e2d611 in r_core_cmd () from /usr/lib/libr_core.so
#1  0x00007ffff7e29c91 in r_core_cmd_str () from /usr/lib/libr_core.so
#2  0x00007ffff01dae90 in duk_r2cmd (ctx=0x7fffc40137e0) at core_pdd.c:67
#3  0x00007ffff0196132 in duk__handle_call_raw (thr=0x7fffc40137e0, idx_func=<optimized out>, call_flags=<optimized out>) at duk_js_call.c:2231
#4  0x00007ffff0186e74 in duk_handle_call_unprotected (call_flags=8, idx_func=3, thr=0x7fffc40137e0) at duk_js_call.c:2385
#5  duk__executor_handle_call (call_flags=8, nargs=1, idx=3, thr=0x7fffc40137e0) at duk_js_executor.c:2655
#6  duk__js_execute_bytecode_inner (entry_act=0x7fffc400ab40, entry_thread=<optimized out>) at duk_js_executor.c:4729
#7  0x00007ffff019544a in duk_js_execute_bytecode (exec_thr=0x7fffc40137e0) at duk_js_executor.c:2917
#8  0x00007ffff0195f3d in duk__handle_call_raw (thr=0x7fffc40137e0, idx_func=<optimized out>, call_flags=<optimized out>) at duk_js_call.c:2203
#9  0x00007ffff01be7cd in duk_eval_raw (thr=thr@entry=0x7fffc40137e0,
    src_buffer=src_buffer@entry=0x7fffe27fb5f0 "try{if(typeof r2dec_main == 'function'){r2dec_main(\"--as-json\".split(/\\s+/));}else{console.log('Fatal error. Cannot use R2_HOME_DATADIR.');}}catch(_____e){console.log(_____e.stack||_____e);}", src_length=src_length@entry=0, flags=flags@entry=3848)
    at duk_api_compile.c:43
#10 0x00007ffff01dab86 in duk_r2dec (core=<optimized out>, input=input@entry=0x7ffff01e0d69 "--as-json") at core_pdd.c:171
#11 0x00007ffff01dad2d in _cmd_pdd (input=0x7fffc4015883 "j", core=0x7ffff022c010) at core_pdd.c:273
#12 r_cmd_pdd (user=0x7ffff022c010, input=0x7fffc4015880 "pddj") at core_pdd.c:285
#13 0x00007ffff7ebad76 in r_cmd_call () from /usr/lib/libr_core.so
#14 0x00007ffff7e2c2a2 in ?? () from /usr/lib/libr_core.so
#15 0x00007ffff7e2cfff in ?? () from /usr/lib/libr_core.so
#16 0x00007ffff7e2d800 in r_core_cmd () from /usr/lib/libr_core.so
#17 0x00007ffff7e29c91 in r_core_cmd_str () from /usr/lib/libr_core.so
#18 0x00007ffff7eee238 in ?? () from /usr/lib/libr_core.so
#19 0x00007ffff6aa7618 in ?? () from /usr/lib/libr_util.so
#20 0x00007ffff550e46f in start_thread () from /usr/lib/libpthread.so.0
#21 0x00007ffff50dd3d3 in clone () from /usr/lib/libc.so.6
wargio commented 4 years ago

wow. can i have pddi of the function? seems that there was an issue with some js not catched.

expenses commented 4 years ago

How do I get the pddi?

wargio commented 4 years ago

just open the binary on cutter and in the console run pddi. it's a fast method to avoid to share the bin. but if you want you can share the bin instead of pddi output.

(pddi needs to be used in the terminal)

wargio commented 4 years ago

still no pddi. i\m closing this since i can't debug it.