Comments (11)
astrelsky
commented on August 23, 2024
One of those 5 xrefs is inheriting the class that should be there. May you check those addresses and see if one is valid and show the data there?
from ghidra-cpp-class-analyzer.
TheAifam5
commented on August 23, 2024
All 5 xrefs are pointing to classes defined by CppClassAnalyzer. Field __base_type points to the 02084150 and super___class_type_info -> super_type_info -> _vptr points to the __cxa_free_exception in all of those xrefs.
01ff7740:
02084150:
2020-04-08 19:45:29 ERROR (TypeInfoFactory) Unknown Exception ghidra.program.model.data.InvalidDataTypeException: The TypeInfo at 02084150 is not valid
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getModel(SiClassTypeInfoModel.java:35)
at ghidra.app.cmd.data.rtti.gcc.factory.TypeInfoFactory.getTypeInfo(TypeInfoFactory.java:108)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractSiClassTypeInfoModel.getParentModels(AbstractSiClassTypeInfoModel.java:43)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getParentModels(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractSiClassTypeInfoModel.getVirtualParents(AbstractSiClassTypeInfoModel.java:78)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVirtualParents(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.setupVtablePrefixes(VtableModel.java:252)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:103)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:71)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.getValidVtable(ClassTypeInfoUtils.java:142)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.findVtable(ClassTypeInfoUtils.java:105)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:77)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVtable(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:31)
at ghidra.app.cmd.data.rtti.ClassTypeInfo.getVtable(ClassTypeInfo.java:68)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.setupVftables(AbstractCppClassAnalyzer.java:133)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.added(AbstractCppClassAnalyzer.java:101)
at ghidra.app.plugin.core.analysis.AnalysisScheduler.runAnalyzer(AnalysisScheduler.java:190)
at ghidra.app.plugin.core.analysis.AnalysisTask.applyTo(AnalysisTask.java:39)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:685)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:785)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:664)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:629)
at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:101)
at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:315)
at java.base/java.lang.Thread.run(Thread.java:830)
2020-04-08 19:45:29 ERROR (MessageLog) Exception appended to MessageLog ghidra.util.exception.AssertException: SiClassTypeInfo at 01ff7740 has an invalid parent located at relocation 02084150
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractSiClassTypeInfoModel.getParentModels(AbstractSiClassTypeInfoModel.java:73)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getParentModels(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractSiClassTypeInfoModel.getVirtualParents(AbstractSiClassTypeInfoModel.java:78)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVirtualParents(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.setupVtablePrefixes(VtableModel.java:252)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:103)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:71)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.getValidVtable(ClassTypeInfoUtils.java:142)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.findVtable(ClassTypeInfoUtils.java:105)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:77)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVtable(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:31)
at ghidra.app.cmd.data.rtti.ClassTypeInfo.getVtable(ClassTypeInfo.java:68)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.setupVftables(AbstractCppClassAnalyzer.java:133)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.added(AbstractCppClassAnalyzer.java:101)
at ghidra.app.plugin.core.analysis.AnalysisScheduler.runAnalyzer(AnalysisScheduler.java:190)
at ghidra.app.plugin.core.analysis.AnalysisTask.applyTo(AnalysisTask.java:39)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:685)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:785)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:664)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:629)
at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:101)
at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:315)
at java.base/java.lang.Thread.run(Thread.java:830)
from ghidra-cpp-class-analyzer.
astrelsky
commented on August 23, 2024
The way each type_info is identified is by leveraging the fact that each one starts with a _vptr pointing to its vtable. So a __class_type_info instances first member will be a pointer to __class_type_info::vtable, an __si_class_type_info instance's will be __si_class_type_info::vtable, etc. Assuming std::exception::~exception * has been optimized away to __cxa_free_exception * I think it is safe to assume that this is supposed to be the type_info for a custom exception with the default destructor. If it was a standard exception the typename would start with St but I can see it starts with 18.
Is this a binary which you have the rights to distribute and is not malicious? It would ensure I can easily reproduce this. If not I can hackup some code later tonight if time allows or this weekend with some custom exceptions and see if I can figure out what is going on.
from ghidra-cpp-class-analyzer.
TheAifam5
commented on August 23, 2024
I don’t have rights to publish the binary but I can share more info via email.
Contact me on [email protected]
from ghidra-cpp-class-analyzer.
astrelsky
commented on August 23, 2024
I don’t have rights to publish the binary but I can share more info via email.
Contact me on [email protected]
I will contact you later this afternoon.
It appears I have forgotten two important questions. Is this a static or dynamic binary? Also, is the issue present using ghidra 9.1? Knowing whether it is present in 9.1 will help rule out further issues related to the recent demangler changes in ghidra.
from ghidra-cpp-class-analyzer.
TheAifam5
commented on August 23, 2024
Its a shared library (.so). I never used 9.1 version so I can’t tell. I‘m using Ghidra from master branch.
from ghidra-cpp-class-analyzer.
astrelsky
commented on August 23, 2024
Its a shared library (.so). I never used 9.1 version so I can’t tell. I‘m using Ghidra from master branch.
Ah. If the library has any external dependencies, such as libstdc++.so, have they been imported into the project and resolved? The analyzer is supposed to open the external library in ghidra, in the background if not already open, read the data it needs and then close it if it was in the background. However, if it was unable to verify a type_info because the library wasn't present in the project the analyzer is supposed to ignore it, keep analyzing and then inform the user when analysis is complete.
from ghidra-cpp-class-analyzer.
TheAifam5
commented on August 23, 2024
I never imported dependencies but I will give a try. It does not break the analysis but I see a lot if errors related to this issue.
from ghidra-cpp-class-analyzer.
astrelsky
commented on August 23, 2024
I never imported dependencies but I will give a try. It does not break the analysis but I see a lot if errors related to this issue.
Oh my. I've found my mistake.
I built up the message to inform the user and then did nothing with it. 🤦♂️
I am able to recreate the problem rather easily. This does appear to be the problem.
from ghidra-cpp-class-analyzer.
astrelsky
commented on August 23, 2024
This should be fixed by 7ab80c2. If you encounter anymore problems feel free to reopen this.
If you get any "Transaction has not been started" errors let me know. I think I got them all though. It is best to open and analyze the external libraries first though.
from ghidra-cpp-class-analyzer.
TheAifam5
commented on August 23, 2024
The problem still exists. The libstdc++.so.6 is analyzed with default options + all RTTI options enabled. I also noticed that, even the imports are loaded and the functions are in <EXTERNAL> rather in the specific import library.
All imports expanded, except the <EXTERNAL>:
2020-04-12 16:52:29 INFO (ProgramManagerPlugin) Opened program in CodeBrowser tool: Game:/libstdc++.so.6
2020-04-12 16:52:29 ERROR (TypeInfoFactory) Unknown Exception ghidra.program.model.data.InvalidDataTypeException: The TypeInfo at 020af0b0 is not valid
at ghidra.app.cmd.data.rtti.gcc.typeinfo.ClassTypeInfoModel.getModel(ClassTypeInfoModel.java:35)
at ghidra.app.cmd.data.rtti.gcc.factory.TypeInfoFactory.getTypeInfo(TypeInfoFactory.java:108)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.BaseClassTypeInfoModel.getClassModel(BaseClassTypeInfoModel.java:125)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.VmiClassTypeInfoModel.getVirtualParents(VmiClassTypeInfoModel.java:173)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractSiClassTypeInfoModel.getVirtualParents(AbstractSiClassTypeInfoModel.java:88)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVirtualParents(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.setupVtablePrefixes(VtableModel.java:252)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:103)
at ghidra.app.cmd.data.rtti.gcc.VtableModel.<init>(VtableModel.java:71)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.getValidVtable(ClassTypeInfoUtils.java:142)
at ghidra.app.cmd.data.rtti.gcc.ClassTypeInfoUtils.findVtable(ClassTypeInfoUtils.java:105)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:77)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.SiClassTypeInfoModel.getVtable(SiClassTypeInfoModel.java:14)
at ghidra.app.cmd.data.rtti.gcc.typeinfo.AbstractClassTypeInfoModel.getVtable(AbstractClassTypeInfoModel.java:31)
at ghidra.app.cmd.data.rtti.ClassTypeInfo.getVtable(ClassTypeInfo.java:68)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.setupVftables(AbstractCppClassAnalyzer.java:136)
at ghidra.app.plugin.prototype.CppCodeAnalyzerPlugin.AbstractCppClassAnalyzer.added(AbstractCppClassAnalyzer.java:104)
at ghidra.app.plugin.core.analysis.AnalysisScheduler.runAnalyzer(AnalysisScheduler.java:190)
at ghidra.app.plugin.core.analysis.AnalysisTask.applyTo(AnalysisTask.java:39)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:685)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:785)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:664)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:629)
at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:101)
at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:315)
at java.base/java.lang.Thread.run(Thread.java:830)
from ghidra-cpp-class-analyzer.
Related Issues (20)
- Binary 10.1.2 release HOT 1
- Resource Leak
- Extension won't install for Ghidra version 10.1.3 HOT 2
- Extension doesn't appear in the Experimental Plugin List HOT 12
- When process comes to cppclassanalyzer.plugin.ClassTypeInfoManagerPlugin.getExternalClassTypeInfo(ClassTypeInfoManagerPlugin.java:331), it haven't ProjectClassTypeInfoManager instancies in heap. HOT 7
- Add Drag n drop handlers
- Plugin: ClassTypeInfoManager name collision
- Duplicated data types with GNU Demangler HOT 6
- Ghidra 10.1.4: "String index out of range: 0" when trying to analyze an executable HOT 3
- `UnresolvedClassTypeInfoException`: Unable to locate archived data HOT 5
- Analysis failure, unable to copy some library ClassTypeInfo data to a project archive HOT 8
- Everything seems to be working fine, but RTTI finds no results. HOT 14
- Error using `TypeInfo *` in structs HOT 2
- Clone method implemented incorrectly for TypeInfoFactoryDataType HOT 3
- Class analyzer errors while analyzing binary HOT 6
- 10.2 Build
- Plugin Related Analysis Tools do not Appear. HOT 4
- 10.2 plugin incompatible with Ghidra 10.3 HOT 6
- getManagerNode is null in analyzer
- Fails to progress due to demangle exception HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ghidra-cpp-class-analyzer.