This project forked from cmu-sei/kaiju
CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is the primary, canonical repository for this project -- file bug reports and wishes here!
License: Other
Describe the bug
A clear and concise description of what the bug is.
The released 10.1 release appears to be built for 10.0.1. If trying to add to Ghidra 10.1, it reports an incompatible version error.
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Describe the bug
Status check reports that it can't load the Z3 libraries. Fn2Hash is unavailable in the CodeBrowser, which I believe is caused by this.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I would expect there to be no error using the distribution in the Github Releases, as it definitely ships with some Z3 libraries.
Screenshots
Desktop (please complete the following information):
Additional context
I would have hoped that there would be some clue about the exception in the Ghidra log, but I'm not seeing anything unfortunately.
If I run the headless analyzer via command line instead it seems to be working fine, or at least it's not showing the exception.
..\..\..\support\analyzeHeadless.bat" /tmp tmpKaijuHeadlessProj -okToDelete -deleteProject -import c:\__\dgs_patch_exe.exe -preScript KaijuSetupScript.java -postScript KaijuExportCSVHeadless.java C:\__\dgs_patch_exe.FnHashes.csv
I get an output, at least, though I can't verify whether it would be different without the error in the GUI.
I also see hashes in Window -> CERT Function Hash Viewer, but again I'm not sure where these actually come from since it doesn't allow me to run the analysis manually.
Anyway, I'm mostly confused here, because it seems to be working somewhat but clearly not entirely; is there anything I can do to diagnose this further?
Describe the bug
When analyzing object-oriented programs, it would be helpful to be able to draw on the strength of Ghidra as well as Pharos + Kaiju. Unfortunately, the same does not work fully so far, because the rules used by Ghidra itself are different from those used when importing analyses with Kaiju. Here, an adaptation to the new Ghidra standard should definitely be made.
To Reproduce
Use a simple program with a medium to large inheritance hierarchy. It is important that there is a lot of RTTI data. Can't provide an example on the fly unfortunately, so I'll try to describe it as best as I can. If I find time, I will post it.
In the first step, run the new RecoverClassesFromRTTIScript.java script provided with Ghidra. This will automatically create many classes, name functions, etc.
Then analyze the binary file with Ghidra. The default settings are sufficient.
Now try to import the file into Ghidra. Because the Ghidra own script RecoverClassesFromRTTIScript.java was already executed before, this can lead to some problems:
For example Ghidra marks class data in a separate struct with the name ClassName_data. This is not done by kaiju. The existing class is rebuilt by kaiju and the encapsulated data is discarded. Here it would be to continue using the structures already created by Ghidra. By the way, this also applies to function names and so on.
Expected behavior
The above described applies generally to the creation or adaptation of existing classes. My suggestion here would be to follow the conventions that the script RecoverClassesFromRTTIScript.java adheres to. This would also have the charm that one could use other scripts provided by Ghidra such as ApplyClassFunctionDefinitionUpdatesScript.java and ApplyClassFunctionSignatureUpdatesScript.java in the further analysis.
Then one could proceed in the future as follows:
Describe the bug
When installing from release 230921, the Kaiju menu contains "GhiHorn is missing z3".
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I expected z3 to be found since it's included in the extension zip file.
Screenshots
If applicable, add screenshots to help explain your problem.
Is your feature request related to a problem? Please describe.
I currently use fn2hash/kaiju to reconcile functions/symbols between a version of an application that doesn't have any symbols, and a version that has debug symbols. As these are slightly different versions compiled on the same OS with the same compiler, it is highly successful.
However, what I don't see within Kaiju is how to "import" or resolve the existing list of fn2hashes against a second application in a useful way. Currently I use a self-built postgres database to match fn2hashes across multiple versions, as my primary use case was resolving symbols from an unlabeled stack trace (it has export symbols + an offset, and my web app resolves the offset into the actual address and then the relevant symbol via fn2hash or some other custom code).
Describe the solution you'd like
fn2hash identifies many of the useful functions, it seems like all it needs is a mechanism to apply fn2hash.csv from one program and all the symbols (and probably other ghidra stuffs would be useful, like creating functions where they don't exist) onto a second program, or perhaps being able to keep a database of multiple fn2hash sets from different programs and being able to match them during the analysis process.
Describe alternatives you've considered
I've considered writing a python script to apply the symbol data naively using just the address of known function matches, but I figured their may be better solutions, so I thought I'd bring it up here and see if it sparked any interest or suggestions.
Additional context
Is your feature request related to a problem? Please describe.
Up to now the generation of initial facts in Pharos is done exclusively with the help of the Rose Framework. This works so far also quite well, with a few cutbacks.
Since a short time very strong scripts and classes are available in Ghidra to get further information about inheritance (here in special respect VBTables) with the help of RTTI data. There is also some additional information about the RTTI structures in relation to different inheritance types. Up to now I was not aware of all values myself. The info seems to come from elaborate researches how the data correlate. On the basis of this the VBTables are determined among other things. This is done with the help of the decompiler API which is of course on a much higher level than the pure assembler code.
Describe the solution you'd like
Following suggestion: Provide us a possibility that we can create the initial facts with the help of Ghidra. This could simplify the quality significantly. Ghidra has likewise a few functions to discover constructures and deconstructures. Furthermore, functions are available to build an inheritance tree based on the RTTI data.
I could imagine that with this information one could create much more initial facts for Pharos. You might only have to solve minor problems with it which could speed up the overall process significantly.
Here you can find the big class in the source code of Ghidra, which solves the main work using the versatile decompiler API.
Describe alternatives you've considered
In my opinion you should put much more effort into using the Ghidra Decompiler API. It could be very helpful for analysis even for normal classes without RTTI data. Perhaps one should invest here some research work.
Additional context
See descriptions above, there is nothing important about it.
Is your feature request related to a problem? Please describe.
This problem is about build.
Describe the solution you'd like
support z3 4.8.14.0
Describe alternatives you've considered
IDA
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
The PathAnalyzer is unable to produce any outputs due to: Error: Cannot invoke "kaiju.tools.ghihorn.hornifer.block.HornBlock.getStartAddress()" because "entryBlock" is null even in very basic example applications.
To Reproduce
Steps to reproduce the behavior:
int main(int argc, char **argv) { return argc * 2; }gcc -O0 program.c -o programprogram in Ghidramain function to any location after main
Potential Issue
I think issue has to do with HornFunctionInstance.java:107 where the entryBlock is returned (but is null) then line 108 dereferences the null value (trying to get the startAddress)
...OR...
its an issue with a slight version mismatch between the latest Ghidra available to download ( ghidra_10.2.3_PUBLIC_20230208.zip) vs the Ghidra version the plugin seems to be built for (ghidra_10.2.3_PUBLIC_20230406). I can't find Ghidra ghidra_10.2.3_PUBLIC_20230406.zip anywhere to download (which is in the Kaiju Ghidra plugin filename).
I've built Ghidra from source for the date 20230406 (to try to version match Kaiju) and I've built Kaiju from source but still get this error
Versions
Describe the bug
I installed GhiHorn in Windows as per the below instructions (skipped step 2).
Installation
For the Step 1-b, I added libz3.dll & libz3java.dll in the same path as ghidraRun.bat.
And I skipped Step 2.
But I can see GhiHorn in the CERT menu & able to run Path analyzer. It returned "null" everytime.
Not sure if GhiHorn wasnt properly built (as i skipped step 2) or its something else.
Describe the bug
Paths not showing on GhiHorn PathAnalyzer analysis
To Reproduce
Steps to reproduce the behavior:
Kaiju->GhiHorn
insert start/goal addresses->analyze
Expected behavior
Paths should appear or at least an explicative error message.
Screenshots
Desktop (please complete the following information):
Additional context
GhiHorn was built from source. z3 is installed and working. I've run the tests provided in the autocats repo, which are all working.
If there's a possible way to have a log about what could be going wrong would be helpful to try and troubleshoot.
Hi,
I have an issue when running GhiHorn on my Ghidra on a Go binary. Could you help me to fix that please ?
Build Date: 2023-Jul-11 1640 EDT
Ghidra Version: 10.3.2
Java Home: /home/usr/ghidra/OpenJDK17U-jdk_x64_linux_hotspot_17.0.8_7/jdk-17.0.8+7
JVM Version: Eclipse Adoptium 17.0.8
OS: Linux 6.2.0-37-generic amd64
[2023-11-27 16:55:22]: Looking for path from 00dfdf00 to 00dfe259
[2023-11-27 16:55:22]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 16:55:22]: PathAnalyzer completed.
[2023-11-27 16:55:22]: PathAnalyzer completed.
[2023-11-27 16:55:22]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:08:58]: PathAnalyzer completed.
[2023-11-27 17:14:44]: Looking for all API signatures
[2023-11-27 17:14:44]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 17:14:45]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 17:14:45]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 17:14:46]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 17:14:46]: Error: java.lang.RuntimeException: Unable to create decompiler
[2023-11-27 17:14:46]: ApiAnalyzer completed.
[2023-11-27 17:14:46]: ApiAnalyzer completed.
[2023-11-27 17:14:46]: ApiAnalyzer completed.
[2023-11-27 17:14:46]: ApiAnalyzer completed.
[2023-11-27 17:14:46]: ApiAnalyzer completed.
[2023-11-27 17:14:46]: Error: java.lang.RuntimeException: Unable to create decompiler
Describe the bug
GhiHorn shows: "Warning, Z3 libraries not found, GhiHorn will not run"
Note: The error message is unclear if GhiHorn can't find the z3 jar, or the z3 jar can't find the local libs.
Yet Z3 is installed and seems to work:
~/.ghidra/.ghidra_10.1.1_PUBLIC/Extensions/kaiju/lib$ ls
com.microsoft.z3.jar gson-2.8.6.jar jopt-simple-5.0.4.jar kaiju.jar kaiju-src.zip README.txt
~/.ghidra/.ghidra_10.1.1_PUBLIC/Extensions/kaiju/lib$ z3 -version
Z3 version 4.8.14 - 64 bit
~$ ldconfig -p | grep z3
libz3java.so (libc6,x86-64) => /usr/local/lib/libz3java.so
libz3.so (libc6,x86-64) => /usr/local/lib/libz3.so
~$ lsb_release -r
Release: 21.04
~$ uname -a
Linux 5.11.0-46-generic #51-Ubuntu SMP Thu Jan 6 22:14:29 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
~$ ls /usr/local/lib/ | grep z3
com.microsoft.z3.jar
libz3.a
libz3java.so
libz3.so
Java Jar is present in both the Kaiju dir and elsewhere.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
GhiHorn should run, but gives the above error that it can't find Z3
Additional context
I read about GhiHorn and am very excited to try it. I've used Z3 successfully before (though not from Java). However, GhiHorn can't seem to find the required libs.
This may not be a GhiHorn issue, but simply a Java / z3 issue. I have no means of testing Java z3. The example at https://stackoverflow.com/questions/60403775/how-to-setup-a-java-development-environment-for-z3 seems to be out of date with my Java compiler:
/tmp$ javac -version
javac 17.0.1
/tmp$ javac -cp /usr/local/lib/com.microsoft.z3.jar JavaExample.java
JavaExample.java:611: error: incompatible types: Expr<Sort> cannot be converted to IntExpr
xs[j] = (IntExpr) ctx.mkConst(names[j], types[j]);
^
JavaExample.java:612: error: incompatible types: Expr<Sort> cannot be converted to IntExpr
vars[j] = (IntExpr) ctx.mkBound(2 - j, types[j]); // <-- vars
^
JavaExample.java:1402: error: incompatible types: Expr<Sort> cannot be converted to BitVecExpr
BitVecExpr x = (BitVecExpr) ctx.mkConst("x", bv_type);
^
JavaExample.java:1403: error: incompatible types: Expr<Sort> cannot be converted to BitVecNum
BitVecNum zero = (BitVecNum) ctx.mkNumeral("0", bv_type);
^
JavaExample.java:1427: error: incompatible types: Expr<Sort> cannot be converted to BitVecNum
BitVecExpr c103 = (BitVecNum) ctx.mkNumeral("103", bv_type);
^
Note: JavaExample.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
5 errors
Hello,
I have installed all the dependencies that should make building Kaiju extension possible according to the guidelines that are mentioned here , however I am getting the following error regading the documentation build.
PS C:\Users\workspace\kaiju> gradle
Configure project :
Using Ghidra install directory C:/Users/nxf76051/workspace/ghidra_11.0_PUBLIC_20231222/ghidra_11.0_PUBLIC
Using Java 17 for Ghidra 11.0
Using AUTOCATS test directory null
Targeting operating system 'Windows 11' (windows 11-amd64)
We are adding a dependencyTask :markdownToGhidraHtml FAILED
Task :downloadZ3Source
Download https://github.com/Z3Prover/z3/archive/refs/tags/z3-4.12.1.zipFAILURE: Build failed with an exception.
What went wrong:
A problem was found with the configuration of task ':markdownToGhidraHtml' (type 'MarkdownToGhidraHtmlTask').
Gradle detected a problem with the following location: 'C:\Users\workspace\kaiju\src\main\help\help\topics\kaiju'.
Reason: Task ':processResources' uses this output of task ':markdownToGhidraHtml' without declaring an explicit or implicit dependency. This can lead to incorrect results being produced, depending on what order the tasks are executed.
Possible solutions:
- Declare task ':markdownToGhidraHtml' as an input of ':processResources'.
- Declare an explicit dependency on ':markdownToGhidraHtml' from ':processResources' using Task#dependsOn.
- Declare an explicit dependency on ':markdownToGhidraHtml' from ':processResources' using Task#mustRunAfter.
Please refer to https://docs.gradle.org/8.0.1/userguide/validation_problems.html#implicit_dependency for more details about this problem.
Try:
Run with --stacktrace option to get the stack trace.
Run with --info or --debug option to get more log output.
Run with --scan to get full insights.
- Get more help at https://help.gradle.org
BUILD FAILED in 4s
7 actionable tasks: 2 executed, 5 up-to-date
Any idea what could have gone wrong?
Is your feature request related to a problem? Please describe.
Hey, I maintain (well, "maintain") the Arch Linux AUR package for this extension - however because of how the releases currently happen, there seem to be a couple of minor issues:
Describe the solution you'd like
Depends what would be a good solution, I guess... you could probably, say, make the pipelines manually triggered instead
Describe the bug
I have executed the PathAnalyzer on a RISCV elf file, and I am getting this error message even though I am asking the extenstion to find the path between two addresses where no branches in between (Just to test it).
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I was expecting to see tha path between the start and the end address.
Screenshots
Desktop (please complete the following information):
Cannot invoke "java.time.temporal.Temporal.until(java.time.temporal.Temporal, java.time.temporal.TemporalUnit)" because "startInclusive" is null
java.lang.NullPointerException: Cannot invoke "java.time.temporal.Temporal.until(java.time.temporal.Temporal, java.time.temporal.TemporalUnit)" because "startInclusive" is null
at java.base/java.time.Duration.between(Duration.java:490)
at kaiju.tools.ghihorn.GhiHornProvider.endAnalysis(GhiHornProvider.java:674)
Hi,
I'm running into a problem while using the GhiHorn path analyzer on a ARMv7-M firmware elf (with symbols). The tool emits error "Cannot invoke "ghidra.program.model.pcode.HighVariable.getDataType()" because "highVariable" is null" and doesn't return any results. In the Ghidra 'Decompile' pane the function seems to be decompiled fine and function signature is OK.
Steps to reproduce:
Environment:
Thanks!
Where I should add z3 jar library?
I have a problem with error:
021-12-30 15:06:43 ERROR (EventManager) Plugin Event Error: Error in plugin event listener java.lang.NoClassDefFoundError: Could not initialize class com.microsoft.z3.Native
at com.microsoft.z3.Version.getFullVersion(Version.java:71)
at kaiju.tools.ghihorn.GhiHornProvider.buildAnalysisControlPanel(GhiHornProvider.java:289)
at kaiju.tools.ghihorn.GhiHornProvider.buildMainPanel(GhiHornProvider.java:584)
at kaiju.tools.ghihorn.GhiHornProvider.(GhiHornProvider.java:154)
at kaiju.tools.ghihorn.GhiHornPlugin.programActivated(GhiHornPlugin.java:172)
at ghidra.app.plugin.ProgramPlugin.processEvent(ProgramPlugin.java:138)
at ghidra.framework.plugintool.Plugin.eventSent(Plugin.java:329)
at ghidra.framework.plugintool.mgr.EventManager.sendEvents(EventManager.java:286)
at ghidra.framework.plugintool.mgr.EventManager.lambda$new$3(EventManager.java:49)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.framework.plugintool.mgr.EventManager.fireEvent(EventManager.java:216)
at ghidra.framework.plugintool.PluginTool.firePluginEvent(PluginTool.java:475)
at ghidra.framework.plugintool.Plugin.firePluginEvent(Plugin.java:481)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.fireActivatedEvent(MultiProgramManager.java:281)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.setCurrentProgram(MultiProgramManager.java:254)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.setCurrentProgram(MultiProgramManager.java:196)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.addProgram(MultiProgramManager.java:96)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.lambda$openProgram$6(ProgramManagerPlugin.java:473)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.util.SystemUtilities.runSwingNow(SystemUtilities.java:232)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.openProgram(ProgramManagerPlugin.java:479)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.openPrograms(ProgramManagerPlugin.java:666)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.acceptData(ProgramManagerPlugin.java:130)
at ghidra.framework.plugintool.PluginManager.acceptData(PluginManager.java:48)
at ghidra.framework.plugintool.PluginTool.acceptDomainFiles(PluginTool.java:414)
at ghidra.framework.main.ToolButton.openDomainFiles(ToolButton.java:647)
at ghidra.framework.main.ToolButton$2.end(ToolButton.java:625)
at ghidra.framework.main.ZoomImageRunner$1.end(ZoomImageRunner.java:54)
at org.jdesktop.animation.timing.Animator.end(Animator.java:755)
at org.jdesktop.animation.timing.Animator.stop(Animator.java:660)
at org.jdesktop.animation.timing.Animator.timingEvent(Animator.java:732)
at org.jdesktop.animation.timing.Animator.access$200(Animator.java:75)
at org.jdesktop.animation.timing.Animator$TimerTarget.actionPerformed(Animator.java:1041)
at java.desktop/javax.swing.Timer.fireActionPerformed(Timer.java:311)
at java.desktop/javax.swing.Timer$DoPostEvent.run(Timer.java:243)
at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:318)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:771)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:722)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:716)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:741)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
GhiHorn panel show 'Z3 not found' message
After a program has been analyzed, enabling GhiHorn plugin and opening the program leads to multiple errors which hijack the UI.
Here is an image of what the UI looks like:
Notice the black rim of the dialogs overlapping as I suspect hundreds are being created. The only solution is to kill ghidra with SIGTERM (SIGKILL not required so some signal handling is working).
BINARY: binary.zip
Describe the bug
https://sourcegraph.com/github.com/CERTCC/kaiju/-/blob/src/main/java/kaiju/tools/fse/FnSetExtractor.java?L78
To Reproduce
Here's some logging of a disassembly I didn't initiate or expect:
2023-12-11 12:00:06 WARN (GhidraPluginsConfiguration) Unable to find plugin package 'CERT Kaiju' while restoring plugins from xml
2023-12-11 12:00:08 INFO (PackedDatabaseCache) Packed database cache: /tmp/ed-Ghidra/packed-db-cache
2023-12-11 12:00:08 DEBUG (PackedDatabaseCache) Using cached packed database: /home/ed/ghidra/ghidra_10.4_PUBLIC/Ghidra/Features/Base/data/typeinfo/generic/generic_clib_64.gdt
2023-12-11 12:00:10 ERROR (ObjectPropertyMapDB) Object property class not found: kaiju.hashing.FnHashSaveable
2023-12-11 12:01:01 INFO (ExtensionTableProvider) Extensions Changed!: Please restart Ghidra for extension changes to take effect.
2023-12-11 12:01:06 DEBUG (DefaultProjectData) Closing ProjectData: /home/ed/ghidra_project.rep
2023-12-11 12:01:06 DEBUG (DefaultProjectData) Disposing ProjectData: /home/ed/ghidra_project.rep
2023-12-11 12:01:08 INFO (LoggingInitialization) Using log config file: jar:file:/home/ed/ghidra/ghidra_10.4_PUBLIC/Ghidra/Framework/Generic/lib/Generic.jar!/generic.log4j.xml
2023-12-11 12:01:08 INFO (LoggingInitialization) Using log file: /home/ed/.ghidra/.ghidra_10.4_PUBLIC/application.log
2023-12-11 12:01:08 INFO (Preferences) Loading user preferences: /home/ed/.ghidra/.ghidra_10.4_PUBLIC/preferences
2023-12-11 12:01:08 INFO (Preferences) Loading previous preferences: /home/ed/.ghidra/.ghidra_10.3.2_PUBLIC/preferences
2023-12-11 12:01:08 INFO (ClassSearcher) Searching for classes...
2023-12-11 12:01:10 INFO (ClassSearcher) Class search complete (1166 ms)
2023-12-11 12:01:10 INFO (SSLContextInitializer) Initializing SSL Context
2023-12-11 12:01:10 INFO (SecureRandomFactory) Initializing Random Number Generator...
2023-12-11 12:01:10 INFO (SecureRandomFactory) Random Number Generator initialization complete: NativePRNGNonBlocking
2023-12-11 12:01:10 INFO (ApplicationTrustManagerFactory) Trust manager disabled, cacerts have not been set
2023-12-11 12:01:10 INFO (GhidraRun) User ed started Ghidra.
2023-12-11 12:01:11 DEBUG (RecoverySnapshotMgrPlugin) Recovery snapshot timer set to 5 minute(s)
2023-12-11 12:01:11 INFO (DefaultProject) Opening project: /home/ed/ghidra_project
2023-12-11 12:01:31 INFO (PackedDatabaseCache) Packed database cache: /tmp/ed-Ghidra/packed-db-cache
2023-12-11 12:01:31 DEBUG (PackedDatabaseCache) Using cached packed database: /home/ed/ghidra/ghidra_10.4_PUBLIC/Ghidra/Features/Base/data/typeinfo/generic/generic_clib_64.gdt
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Upgrading Default Settings...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Upgrading Instance Settings...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Fixing Properties...
2023-12-11 12:01:39 INFO (ProgramDB) Updating language version for Program 01a67ebd5435a5e0f0cad1faf893b3a1: x86/little/64/default (Version 2.14
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Updating language...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Preparing for Re-Disassembly...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Clearing Old Instructions...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Performing Re-Disassembly...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Updating Datatype Sizes...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Upgrading Default Settings...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Upgrading Instance Settings...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Fixing Properties...
2023-12-11 12:01:39 INFO (ProgramDB) Updating language version for Program 8D1F0: x86/little/64/default (Version 2.14
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Updating language...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Preparing for Re-Disassembly...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Clearing Old Instructions...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Performing Re-Disassembly...
2023-12-11 12:01:39 INFO (ConsoleTaskMonitor) Updating Datatype Sizes...
2023-12-11 12:01:40 INFO (ConsoleTaskMonitor) Upgrading Symbol Table...
2023-12-11 12:01:45 INFO (ConsoleTaskMonitor) Upgrading Default Settings...
2023-12-11 12:01:45 INFO (ConsoleTaskMonitor) Upgrading Instance Settings...
2023-12-11 12:01:45 INFO (ConsoleTaskMonitor) Fixing Properties...
2023-12-11 12:01:45 INFO (ProgramDB) Updating language version for Program BattleForge.exe: x86/little/32/default (Version 2.14
2023-12-11 12:01:45 INFO (ConsoleTaskMonitor) Updating language...
2023-12-11 12:01:45 INFO (ConsoleTaskMonitor) Preparing for Re-Disassembly...
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Clearing Old Instructions...
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Performing Re-Disassembly...
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 1 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 2 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 3 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 4 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 5 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 6 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 7 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 8 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 9 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 10 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 11 K
2023-12-11 12:01:48 INFO (ConsoleTaskMonitor) Disassembled 12 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 13 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 14 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 15 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 16 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 17 K
2023-12-11 12:01:49 INFO (ConsoleTaskMonitor) Disassembled 18 K
It just says "completed hornification of ..."
Describe the bug
FnSetExtractorPlugin crashes when being configured.
To Reproduce
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428350
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428358
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428360
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428368
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428370
2023-12-11 12:07:36 DEBUG (FnSetExtractor) Skipping Thunk @ 0x00428378
2023-12-11 12:07:36 ERROR (PluginManager) Unexpected Exception: Cannot invoke "java.util.TreeMap.descendingKeySet()" because "fn2hashvec" is null java.lang.NullPointerException: Cannot invoke "java.util.TreeMap.descendingKeySet()" because "fn2hashvec" is null
at kaiju.tools.fse.FnSetExtractorProvider.getTableData(FnSetExtractorProvider.java:103)
at kaiju.tools.fse.FnSetExtractorProvider.<init>(FnSetExtractorProvider.java:63)
at kaiju.tools.fse.FnSetExtractorPlugin.init(FnSetExtractorPlugin.java:88)
at ghidra.framework.plugintool.PluginManager.addPlugins(PluginManager.java:223)
at ghidra.framework.plugintool.PluginManager.addPlugins(PluginManager.java:157)
at ghidra.framework.plugintool.PluginTool.lambda$addPlugins$2(PluginTool.java:884)
at ghidra.framework.plugintool.PluginTool.lambda$checkedRunSwingNow$9(PluginTool.java:1552)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.framework.plugintool.PluginTool.checkedRunSwingNow(PluginTool.java:1550)
at ghidra.framework.plugintool.PluginTool.addPlugins(PluginTool.java:882)
at ghidra.framework.plugintool.DefaultPluginInstaller.addPlugins(DefaultPluginInstaller.java:40)
at ghidra.framework.plugintool.PluginConfigurationModel.addPlugin(PluginConfigurationModel.java:139)
at ghidra.framework.plugintool.dialog.PluginInstallerTableModel.addPlugin(PluginInstallerTableModel.java:170)
at ghidra.framework.plugintool.dialog.PluginInstallerTableModel.setValueAt(PluginInstallerTableModel.java:135)
at java.desktop/javax.swing.JTable.setValueAt(JTable.java:2787)
at java.desktop/javax.swing.JTable.editingStopped(JTable.java:4785)
at java.desktop/javax.swing.AbstractCellEditor.fireEditingStopped(AbstractCellEditor.java:152)
at java.desktop/javax.swing.DefaultCellEditor$EditorDelegate.stopCellEditing(DefaultCellEditor.java:375)
at java.desktop/javax.swing.DefaultCellEditor.stopCellEditing(DefaultCellEditor.java:234)
at java.desktop/javax.swing.DefaultCellEditor$EditorDelegate.actionPerformed(DefaultCellEditor.java:392)
at java.desktop/javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1972)
at java.desktop/javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2313)
at java.desktop/javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:405)
at java.desktop/javax.swing.JToggleButton$ToggleButtonModel.setPressed(JToggleButton.java:411)
at java.desktop/javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:279)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6626)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3389)
at java.desktop/java.awt.Component.processEvent(Component.java:6391)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5001)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.repostEvent(BasicTableUI.java:987)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.mouseReleased(BasicTableUI.java:1203)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6626)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3389)
at java.desktop/java.awt.Component.processEvent(Component.java:6391)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5001)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4948)
at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4575)
at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4516)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2310)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2780)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:773)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:722)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:716)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:97)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:746)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:744)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:743)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:117)
at java.desktop/java.awt.WaitDispatchSupport$2.run(WaitDispatchSupport.java:191)
at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:236)
at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:234)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
at java.desktop/java.awt.WaitDispatchSupport.enter(WaitDispatchSupport.java:234)
at java.desktop/java.awt.Dialog.show(Dialog.java:1080)
at java.desktop/java.awt.Component.show(Component.java:1728)
at java.desktop/java.awt.Component.setVisible(Component.java:1675)
at java.desktop/java.awt.Window.setVisible(Window.java:1036)
at java.desktop/java.awt.Dialog.setVisible(Dialog.java:1016)
at docking.DockingDialog.setVisible(DockingDialog.java:353)
at docking.DockingWindowManager.lambda$doShowDialog$6(DockingWindowManager.java:1801)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at docking.DockingWindowManager.doShowDialog(DockingWindowManager.java:1805)
at docking.DockingWindowManager.showDialog(DockingWindowManager.java:1754)
at docking.AbstractDockingTool.showDialog(AbstractDockingTool.java:158)
at ghidra.framework.project.tool.ExtensionManager.propmtToConfigureNewPlugins(ExtensionManager.java:74)
at ghidra.framework.project.tool.ExtensionManager.checkForNewExtensions(ExtensionManager.java:61)
at ghidra.framework.project.tool.GhidraTool.setVisible(GhidraTool.java:145)
at ghidra.framework.project.tool.WorkspaceImpl.runTool(WorkspaceImpl.java:81)
at ghidra.framework.project.tool.ToolServicesImpl.defaultLaunch(ToolServicesImpl.java:208)
at ghidra.framework.project.tool.ToolServicesImpl.launchTool(ToolServicesImpl.java:234)
at ghidra.framework.main.ToolButton.openDomainFiles(ToolButton.java:564)
at ghidra.framework.main.ToolButton$2.end(ToolButton.java:541)
at ghidra.framework.main.ZoomImageRunner$1.end(ZoomImageRunner.java:54)
at org.jdesktop.animation.timing.Animator.end(Animator.java:755)
at org.jdesktop.animation.timing.Animator.stop(Animator.java:660)
at org.jdesktop.animation.timing.Animator.timingEvent(Animator.java:732)
at org.jdesktop.animation.timing.Animator.access$200(Animator.java:75)
at org.jdesktop.animation.timing.Animator$TimerTarget.actionPerformed(Animator.java:1041)
at java.desktop/javax.swing.Timer.fireActionPerformed(Timer.java:311)
at java.desktop/javax.swing.Timer$DoPostEvent.run(Timer.java:243)
at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:318)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:771)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:722)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:716)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:741)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
2023-12-11 12:07:36 ERROR (PluginConfigurationModel) Error Loading Plugin: Initializing FnSetExtractorPlugin failed: java.lang.NullPointerException: Cannot invoke
"java.util.TreeMap.descendingKeySet()" because "fn2hashvec" is null
ghidra.framework.plugintool.util.PluginException: Initializing FnSetExtractorPlugin failed: java.lang.NullPointerException: Cannot invoke "java.util.TreeMap.descendingKeySet()" because "fn2hashvec" is null
at ghidra.framework.plugintool.PluginManager.addPlugins(PluginManager.java:256)
at ghidra.framework.plugintool.PluginManager.addPlugins(PluginManager.java:157)
at ghidra.framework.plugintool.PluginTool.lambda$addPlugins$2(PluginTool.java:884)
at ghidra.framework.plugintool.PluginTool.lambda$checkedRunSwingNow$9(PluginTool.java:1552)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.framework.plugintool.PluginTool.checkedRunSwingNow(PluginTool.java:1550)
at ghidra.framework.plugintool.PluginTool.addPlugins(PluginTool.java:882)
at ghidra.framework.plugintool.DefaultPluginInstaller.addPlugins(DefaultPluginInstaller.java:40)
at ghidra.framework.plugintool.PluginConfigurationModel.addPlugin(PluginConfigurationModel.java:139)
at ghidra.framework.plugintool.dialog.PluginInstallerTableModel.addPlugin(PluginInstallerTableModel.java:170)
at ghidra.framework.plugintool.dialog.PluginInstallerTableModel.setValueAt(PluginInstallerTableModel.java:135)
at java.desktop/javax.swing.JTable.setValueAt(JTable.java:2787)
at java.desktop/javax.swing.JTable.editingStopped(JTable.java:4785)
at java.desktop/javax.swing.AbstractCellEditor.fireEditingStopped(AbstractCellEditor.java:152)
at java.desktop/javax.swing.DefaultCellEditor$EditorDelegate.stopCellEditing(DefaultCellEditor.java:375)
at java.desktop/javax.swing.DefaultCellEditor.stopCellEditing(DefaultCellEditor.java:234)
at java.desktop/javax.swing.DefaultCellEditor$EditorDelegate.actionPerformed(DefaultCellEditor.java:392)
at java.desktop/javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1972)
at java.desktop/javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2313)
at java.desktop/javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:405)
at java.desktop/javax.swing.JToggleButton$ToggleButtonModel.setPressed(JToggleButton.java:411)
at java.desktop/javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:279)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6626)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3389)
at java.desktop/java.awt.Component.processEvent(Component.java:6391)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5001)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.repostEvent(BasicTableUI.java:987)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.mouseReleased(BasicTableUI.java:1203)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6626)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3389)
at java.desktop/java.awt.Component.processEvent(Component.java:6391)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5001)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4948)
at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4575)
at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4516)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2310)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2780)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4833)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:773)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:722)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:716)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:97)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:746)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:744)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:743)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:117)
at java.desktop/java.awt.WaitDispatchSupport$2.run(WaitDispatchSupport.java:191)
at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:236)
at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:234)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
at java.desktop/java.awt.WaitDispatchSupport.enter(WaitDispatchSupport.java:234)
at java.desktop/java.awt.Dialog.show(Dialog.java:1080)
at java.desktop/java.awt.Component.show(Component.java:1728)
at java.desktop/java.awt.Component.setVisible(Component.java:1675)
at java.desktop/java.awt.Window.setVisible(Window.java:1036)
at java.desktop/java.awt.Dialog.setVisible(Dialog.java:1016)
at docking.DockingDialog.setVisible(DockingDialog.java:353)
at docking.DockingWindowManager.lambda$doShowDialog$6(DockingWindowManager.java:1801)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at docking.DockingWindowManager.doShowDialog(DockingWindowManager.java:1805)
at docking.DockingWindowManager.showDialog(DockingWindowManager.java:1754)
at docking.AbstractDockingTool.showDialog(AbstractDockingTool.java:158)
at ghidra.framework.project.tool.ExtensionManager.propmtToConfigureNewPlugins(ExtensionManager.java:74)
at ghidra.framework.project.tool.ExtensionManager.checkForNewExtensions(ExtensionManager.java:61)
at ghidra.framework.project.tool.GhidraTool.setVisible(GhidraTool.java:145)
at ghidra.framework.project.tool.WorkspaceImpl.runTool(WorkspaceImpl.java:81)
at ghidra.framework.project.tool.ToolServicesImpl.defaultLaunch(ToolServicesImpl.java:208)
at ghidra.framework.project.tool.ToolServicesImpl.launchTool(ToolServicesImpl.java:234)
at ghidra.framework.main.ToolButton.openDomainFiles(ToolButton.java:564)
at ghidra.framework.main.ToolButton$2.end(ToolButton.java:541)
at ghidra.framework.main.ZoomImageRunner$1.end(ZoomImageRunner.java:54)
at org.jdesktop.animation.timing.Animator.end(Animator.java:755)
at org.jdesktop.animation.timing.Animator.stop(Animator.java:660)
at org.jdesktop.animation.timing.Animator.timingEvent(Animator.java:732)
at org.jdesktop.animation.timing.Animator.access$200(Animator.java:75)
at org.jdesktop.animation.timing.Animator$TimerTarget.actionPerformed(Animator.java:1041)
at java.desktop/javax.swing.Timer.fireActionPerformed(Timer.java:311)
at java.desktop/javax.swing.Timer$DoPostEvent.run(Timer.java:243)
at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:318)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:771)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:722)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:716)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:741)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
Caused by: ghidra.util.exception.MultipleCauses: Multiple Causes
at ghidra.framework.plugintool.PluginManager.addPlugins(PluginManager.java:189)
... 110 more
I just wanted to leave this tip for anyone else who encounters the same problem I struggled with for quite a while.
If you are on macOS and are continually getting errors like
Warning: Z3 libraries not found, GhiHorn will not run
and
java.lang.NoClassDefFoundError: Could not initialize class com.microsoft.z3.Native
try the following solution
Z3Prover/z3#294 (comment)
TLDR: instead of using env vars to specify the location of the dylib files, just move or link the dylibs to where they will be looked for.
ln -s libz3.dylib /usr/local/lib
sudo ln -s libz3java.dylib /Library/Java/Extensions
When running PathAnalyzer on a particular x86 binary (DLL with exports, imports, and post-OOAnalyzer), during function hornifcation an error occurs. It's not clear which function is causing this nor is it clear where this error message is coming from! I checked strings for Z3 and Kaiju, but couldnt find this error message. The search path is intraprocedural and the function has no external calls (another question is does the entire program need to be hornified or can only a subset of functions?).
I'm not sure reproducing this without additional logging (such as per function debug prints) or the binary itself will be possible, but I'm available to give more information if needed.
I'm trying build kaiju for ghidra 10.0.4.
Unfortunately without success
Could not add file 'C:\kaiju\buildSrc.gradle\7.3.3\executionHistory\executionHistory.lock' to ZIP 'C:\kaiju\dist\ghidra_10.0.4_PUBLIC_20211228_kaiju.zip'.
Completely optional, not sure how many people use latest Ghidra - but Arch gets updates pretty quickly (and doesn't officially support downgrading), so adding a build for Ghidra 10.3 would be cool
Describe the bug
When trying to open code browser I get a slew of errors (that I have to click through) about Ghidra failing to compute hashes then a large error at the end. Code browser opens fine after I click through all that, no noticeable hiccups once it is open but it is annoying to click through a bunch of error message boxes.
To Reproduce
Exception caught while computing hashes or similar which I have to go through and close each (pain on a tiling window manager)Expected behavior
I only expect it to load the codebrowser normally, not make me click through a bunch of errors and then the main error (described below).
Screenshots
Environment:
Additional context
Here is the error:
no libz3java in java.library.path: [/usr/java/packages/lib, /usr/lib64, /lib64, /lib, /usr/lib]
java.lang.UnsatisfiedLinkError: no libz3java in java.library.path: [/usr/java/packages/lib, /usr/lib64, /lib64, /lib, /usr/lib]
at java.base/java.lang.ClassLoader.loadLibrary(ClassLoader.java:2670)
at java.base/java.lang.Runtime.loadLibrary0(Runtime.java:830)
at java.base/java.lang.System.loadLibrary(System.java:1873)
at com.microsoft.z3.Native.<clinit>(Native.java:17)
at com.microsoft.z3.Version.getFullVersion(Version.java:71)
at kaiju.tools.ghihorn.GhiHornProvider.buildAnalysisControlPanel(GhiHornProvider.java:292)
at kaiju.tools.ghihorn.GhiHornProvider.buildMainPanel(GhiHornProvider.java:572)
at kaiju.tools.ghihorn.GhiHornProvider.<init>(GhiHornProvider.java:157)
at kaiju.tools.ghihorn.GhiHornPlugin.programActivated(GhiHornPlugin.java:172)
at ghidra.app.plugin.ProgramPlugin.processEvent(ProgramPlugin.java:138)
at ghidra.framework.plugintool.Plugin.eventSent(Plugin.java:329)
at ghidra.framework.plugintool.mgr.EventManager.sendEvents(EventManager.java:286)
at ghidra.framework.plugintool.mgr.EventManager.lambda$new$3(EventManager.java:49)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.framework.plugintool.mgr.EventManager.fireEvent(EventManager.java:216)
at ghidra.framework.plugintool.PluginTool.firePluginEvent(PluginTool.java:475)
at ghidra.framework.plugintool.Plugin.firePluginEvent(Plugin.java:481)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.fireActivatedEvent(MultiProgramManager.java:278)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.setCurrentProgram(MultiProgramManager.java:251)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.setCurrentProgram(MultiProgramManager.java:193)
at ghidra.app.plugin.core.progmgr.MultiProgramManager.addProgram(MultiProgramManager.java:93)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.lambda$openProgram$6(ProgramManagerPlugin.java:489)
at ghidra.util.Swing.doRun(Swing.java:292)
at ghidra.util.Swing.runNow(Swing.java:208)
at ghidra.util.Swing.runNow(Swing.java:163)
at ghidra.util.SystemUtilities.runSwingNow(SystemUtilities.java:232)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.openProgram(ProgramManagerPlugin.java:495)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.openPrograms(ProgramManagerPlugin.java:781)
at ghidra.app.plugin.core.progmgr.ProgramManagerPlugin.acceptData(ProgramManagerPlugin.java:139)
at ghidra.framework.plugintool.PluginManager.acceptData(PluginManager.java:48)
at ghidra.framework.plugintool.PluginTool.acceptDomainFiles(PluginTool.java:414)
at ghidra.framework.project.tool.ToolServicesImpl.launchDefaultTool(ToolServicesImpl.java:195)
at ghidra.framework.main.projectdata.actions.ProjectDataOpenDefaultToolAction.actionPerformed(ProjectDataOpenDefaultToolAction.java:40)
at ghidra.framework.main.projectdata.actions.ProjectDataOpenDefaultToolAction.actionPerformed(ProjectDataOpenDefaultToolAction.java:28)
at docking.action.ContextSpecificAction.actionPerformed(ContextSpecificAction.java:71)
at docking.ExecutableAction.execute(ExecutableAction.java:40)
at docking.action.MultipleKeyAction.actionPerformed(MultipleKeyAction.java:142)
at java.desktop/javax.swing.SwingUtilities.notifyAction(SwingUtilities.java:1810)
at docking.KeyBindingOverrideKeyEventDispatcher.actionInProgress(KeyBindingOverrideKeyEventDispatcher.java:214)
at docking.KeyBindingOverrideKeyEventDispatcher.dispatchKeyEvent(KeyBindingOverrideKeyEventDispatcher.java:116)
at java.desktop/java.awt.DefaultKeyboardFocusManager.preDispatchKeyEvent(DefaultKeyboardFocusManager.java:1133)
at java.desktop/java.awt.DefaultKeyboardFocusManager.typeAheadAssertions(DefaultKeyboardFocusManager.java:1009)
at java.desktop/java.awt.DefaultKeyboardFocusManager.dispatchEvent(DefaultKeyboardFocusManager.java:835)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:4892)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2321)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2772)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4843)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:772)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:95)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:745)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:743)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:742)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
---------------------------------------------------
Build Date: 2021-Sep-28 1538 EDT
Ghidra Version: 10.0.4
Java Home: /usr/lib/jvm/openjdk11
JVM Version: Void 11.0.12
OS: Linux 5.13.10_1 amd64
Workstation: <unknown>
Thanks!
Unfortunately I encounter some version of this message with every binary I try using the GhiHorn PathAnalyser on. Is there a way around this? Is this a problem with Ghidra or Kaiju?
Could not complete analysis: Failed to generate variables for p-code: (register, 0x1106, 10) INDIRECT (const, 0x0, 10)
, (const, 0xd3, 4). This is an issue with Ghidra's HighConstant class
---------------------------------------------------
Build Date: 2023-Feb-08 1242 EST
Ghidra Version: 10.2.3
Java Home: /usr/lib/jvm/java-17-openjdk-amd64
JVM Version: Private Build 17.0.6
OS: Linux 5.19.0-38-generic amd64
Kaiju: 230331
Ghidra: 10.2.3
Describe the bug
Using Ghidra 11 and the latest version of Cert Kaiju I was trying to run headless auto analysis of a bunch of executables and it stalled out on the first 32 bit executable running Kaiju's DisasmImprovements. Executable is 14 MB and I let it run for 9 hours before giving killing it and disabling that auto analysis step.
The log is largely composed of these two messages with different addresses:
2023-12-30 20:15:10 DEBUG (X86ImproverStrategy) Created instructions at: [[00a7cf28, 00a7cf2a] ]
2023-12-30 20:15:12 DEBUG (X86ImproverStrategy) Created instructions at: [[00a7cfab, 00a7cfad] ]
2023-12-30 20:15:12 DEBUG (X86ImproverStrategy) Created alignment at: [00a7cffd, 00a7cfff]
2023-12-30 20:15:12 DEBUG (X86ImproverStrategy) Created alignment at: [00a7d02e, 00a7d02f]
Executable I was analyzing is attached (in a zip):
definitelynotstellaris_1.3.0.exe.zip
Running analysis with Disasm Improvements disabled completes in 12 minutes
INFO Fn2Hash analysis complete: Found hashes for 72344 functions. (FnHashAnalyzer)
INFO -----------------------------------------------------
ASCII Strings 1.327 secs
Apply Data Archives 0.807 secs
Call Convention ID 1.469 secs
Call-Fixup Installer 2.909 secs
Create Address Tables 0.031 secs
Create Address Tables - One Time 5.729 secs
Create Function 12.876 secs
Data Reference 6.751 secs
Decompiler Switch Analysis 129.277 secs
Demangler Microsoft 1.025 secs
Disassemble 38.140 secs
Disassemble Entry Points 2.076 secs
Disassemble Entry Points - One Time 0.038 secs
Embedded Media 0.120 secs
External Entry References 0.004 secs
Function ID 21.855 secs
Function Start Pre Search 0.105 secs
Function Start Search 16.280 secs
Function Start Search After Code 5.734 secs
Function Start Search After Data 3.724 secs
Function Start Search delayed - One Time 0.000 secs
Kaiju Function Hashing 130.078 secs
Non-Returning Functions - Discovered 38.514 secs
Non-Returning Functions - Known 0.009 secs
PDB MSDIA 0.006 secs
Reference 9.038 secs
Scalar Operand References 27.109 secs
Shared Return Calls 8.639 secs
Stack 109.708 secs
Subroutine References 4.381 secs
Subroutine References - One Time 0.075 secs
Windows x86 PE Exception Handling 18.702 secs
Windows x86 PE RTTI Analyzer 0.684 secs
Windows x86 Thread Environment Block (TEB) Analyzer 0.018 secs
WindowsResourceReference 1.375 secs
X86 Function Callee Purge 3.729 secs
x86 Constant Reference Analyzer 108.891 secs
-----------------------------------------------------
Total Time 711 secs
-----------------------------------------------------
(AutoAnalysisManager)
To Reproduce
Steps to reproduce the behavior:
Expected behavior
This seems extremely excessive runtime for default enabled behavior
Screenshots
N/A
Desktop (please complete the following information):
Smartphone (please complete the following information):
N/A
Additional context
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.