Comments (6)
s3rvac
commented on June 17, 2024
(I have moved this issue from avast/retdec to avast/retdec-idaplugin as the issue concerns our IDA plugin.)
from retdec-idaplugin.
silverbacknet
commented on June 17, 2024
I'd run the exact commandline in the error message in a command window and see what it tells you and when it fails, hopefully the dialog allows you to just ctrl-c to copy it (standard ones do). Watch the memory usage, as well.
from retdec-idaplugin.
PeterMatula
commented on June 17, 2024
@mendax47 can you try what @silverbacknet suggested?
from retdec-idaplugin.
mendax47
commented on June 17, 2024
Checking if file is a Mach-O Universal static library...
Checking if file is an archive...
RUN: D:\retdec\bin\retdec-ar-extractor C:\Users***\Desktop\Test\GGDEMO\GGDEMO.exe --arch-magic
Not an archive, going to the next step.
Gathering file information...
RUN: D:\retdec\bin\retdec-fileinfo -c C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe.json --similarity C:\Users\Mendax47\Desktop\Test\GGDEMO\GGDEMO.exe --no-hashes=all --crypto D:\retdec\bin..\share\retdec\support\generic\yara_patterns\signsrch\signsrch.yara --crypto D:\retdec\bin..\share\retdec\support\generic\yara_patterns\signsrch\signsrch.yarac --max-memory-half-ram
Input file : C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe
File format : PE
File class : 64-bit
File type : Executable file
Architecture : x86-64
Endianness : Little endian
Image base address : 0x140000000
Entry point address : 0x140001260
Entry point offset : 0x660
Entry point section name : .text
Entry point section index: 0
Bytes on entry point : 4883ec28e8bf0200004883c428e97afeffffcccc4883ec28e83308000085c0742165488b042530000000488b4808eb05483b
Detected tool : MSVC (compiler), 34 from 34 significant nibbles (100%)
Detected tool : Microsoft (linker), dos header style
Rich header offset : 0x80
Rich header key : 0x2a1ac2b2
Rich header signature : 0104646f0000000a0103646f000000050105646f0000008d0101646f00000002010568520000002601046852
0000001001036852000000080101698400000003000100000000005201056984000000020100698400000001
00ff6984000000010102698400000001
Overlay offset : 0x9ee00
Overlay size : 0x1d30
Overlay entropy : 7.323
Trying to unpack C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe into C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe-unpacked.tmp by using generic unpacker...
RUN: D:\retdec\bin\retdec-unpacker C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe -o C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe-unpacked.tmp --max-memory-half-ram
No matching plugins found for 'MSVC'
No matching plugins found for 'Microsoft'
Unpacking by using generic unpacker: nothing to do
'upx' not available: nothing to do
Decompiling C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe into C:\Users*\Desktop\Test\GGDEMO\GGDEMO.exe.bc...
RUN: D:\retdec\bin\retdec-bin2llvmir -provider-init -decoder -verify -x87-fpu -main-detection -idioms-libgcc -inst-opt -cond-branch-opt -syscalls -stack -constants -param-return -local-vars -inst-opt -simple-types -generate-dsm -remove-asm-instrs -class-hierarchy -select-fncs -inst-opt -x86-addr-spaces -value-protect -instcombine -tbaa -targetlibinfo -basicaa -domtree -simplifycfg -domtree -early-cse -lower-expect -targetlibinfo -tbaa -basicaa -globalopt -mem2reg -instcombine -simplifycfg -basiccg -domtree -early-cse -lazy-value-info -jump-threading -correlated-propagation -simplifycfg -instcombine -simplifycfg -reassociate -domtree -loops -loop-simplify -lcssa -loop-rotate -licm -lcssa -instcombine -scalar-evolution -loop-simplifycfg -loop-simplify -aa -loop-accesses -loop-load-elim -lcssa -indvars -loop-idiom -loop-deletion -memdep -gvn -memdep -sccp -instcombine -lazy-value-info -jump-threading -correlated-propagation -domtree -memdep -dse -dce -bdce -adce -die -simplifycfg -instcombine -strip-dead-prototypes -globaldce -constmerge -constprop -instnamer -domtree -instcombine -instcombine -tbaa -targetlibinfo -basicaa -domtree -simplifycfg -domtree -early-cse -lower-expect -targetlibinfo -tbaa -basicaa -globalopt -mem2reg -instcombine -simplifycfg -basiccg -domtree -early-cse -lazy-value-info -jump-threading -correlated-propagation -simplifycfg -instcombine -simplifycfg -reassociate -domtree -loops -loop-simplify -lcssa -loop-rotate -licm -lcssa -instcombine -scalar-evolution -loop-simplifycfg -loop-simplify -aa -loop-accesses -loop-load-elim -lcssa -indvars -loop-idiom -loop-deletion -memdep -gvn -memdep -sccp -instcombine -lazy-value-info -jump-threading -correlated-propagation -domtree -memdep -dse -dce -bdce -adce -die -simplifycfg -instcombine -strip-dead-prototypes -globaldce -constmerge -constprop -instnamer -domtree -instcombine -inst-opt -simple-types -stack-ptr-op-remove -idioms -global-to-local -dead-global-assign -instcombine -inst-opt -idioms -phi2seq -value-protect -disable-inlining -disable-simplify-libcalls -config-path C:\Users\Mendax47\Desktop\Test\GGDEMO\GGDEMO.exe.json -max-memory-half-ram -o C:\Users***\Desktop\Test\GGDEMO\GGDEMO.exe.bc
Running phase: Initialization ( 0.02s )
Running phase: LLVM ( 0.04s )
Running phase: Providers initialization ( 0.04s )
Running phase: Input binary to LLVM IR decoding ( 1.77s )
from retdec-idaplugin.
s3rvac
commented on June 17, 2024
@mendax47 Would it be possible for you to share the input binary file (GGDEMO.exe) with us? Also, how much RAM do you have?
@PeterMatula Can you please take a look at the output above? Although there is no error message, it seems as if retdec-bin2llvmir crashed in phase Input binary to LLVM IR decoding.
from retdec-idaplugin.
PeterMatula
commented on June 17, 2024
After 3503eb6, plugin no longer uses launch_process. Release v1.0 will come shortly.
from retdec-idaplugin.
Related Issues (20)
- Loading of output C file FAILED on Mac HOT 2
- Can help compile a mac version, A Mac IDA7.0 is here HOT 4
- retdec 4.0 unrecognized arguments HOT 5
- lauch_process ... failed with error code 2 HOT 6
- launch_process(...) failed with error code 1 HOT 3
- retdec not loading HOT 2
- How to compile the c file generated by retdec-idaplugin? HOT 1
- Default invocation broken for 32bit targets HOT 4
- Compilation failed during configure-msvc step for yara HOT 1
- Build with old SDK
- Continued support for IDA 7.2-7.4 HOT 2
- Please support IDA 7.7 HOT 8
- The compiled version from release doees not work HOT 4
- Unable to parse decompilation output: The document is empty. HOT 6
- Build failures on macOS HOT 3
- IDA7.7 v1.0 release does not work HOT 6
- Decompile Pesudo Code No Longer Works HOT 1
- this dll let plugin crash
- GLIBC_2.34 error with IDAPro v8.3
- I don't see parameters being used within the code.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from retdec-idaplugin.