cisco-talos / ghida Goto Github PK

Can the plugin support disassembly of arm architecture?

I use it to disassemble the arm program and an error occurs:

{"SHOW_SETTINGS": true, "USE_GHIDRA_SERVER": false, "load_save_cached_code": false, "GHIDRA_INSTALLATION_PATH": "D:\Ghidra_9.1.2", "load_save_cached_comments": false}

The Plugin is Amazing. However, i came across this issue on clicking one of the code lines in the decompiled function:

IDAPython: Error while calling Python callback <OnClick>:
Traceback (most recent call last):
  File "C:/Program Files/IDA 7.0/plugins/ghida.py", line 495, in OnClick
    return gl.highlight_symbol_in_DISASM()
  File "C:/Program Files/IDA 7.0/plugins\ghida_plugin\ui.py", line 52, in highlight_symbol_in_DISASM
    symbol = idaapi.get_highlighted_identifier()
  File "C:\Program Files\IDA 7.0\python\ida_kernwin.py", line 190, in get_highlight
    return _ida_kernwin.get_highlight(*args)
TypeError: get_highlight expected 1 arguments, got 0

Ghidra sometimes claim that there are too many branches to recover a jump table, yeilding errors as seen in this thread:

https://reverseengineering.stackexchange.com/questions/25917/what-do-these-2-ghidra-warnings-mean

As this is a commong problem, there are several solutions across the web, with one presents in that very thread.

My question is how can I apply them if I'm using the GhIDA plugin, since they require running scripts on Ghidra.

Sorry this is more of a comment/feedback and not exactly an issue:

I tried it on Ida Pro 7.X and it worked as it supposed to however I also tried it on Ida Free 7.X and for some reason the plugin doesn't even show up in the Ida plugin menu. Any idea why?

I got this error immediately after installation and attempt to decompile an example program in IDA 7.2 (Linux version), and Ghidra is 9.1 and 9.1.2 all gave the same error.

Any ideas how to overcome it?

This error is a showstopper, as there is no decompilation at all.

After I fixed import issues and icon_path error, this error appears:

XML Exporter v5.0.1 : SDK 750GhIDA:: [!] Decompilation wrapper error: module 'sys' has no attribute 'exc_type'

xml exporter i copied from Ghidra ida plugins to the plugins directory. But i don't know how to fix this decompilation wrapper error. Any suggestions?
Ghidra 9.1.2
Ida pro 7.5
Python 3.9.7

Hello,

I have installed GhIDA following the directions - however the plugin does not appear in the plugin list.

I am using IDA Pro 7.6, with Python 3.9, and "GhIDA 0.22 - IDA7.x-Python3." I have also installed both Requests and Pygments.

No error output is provided in the IDA Pro Output bar, however the plugin is still not listed.

Any possible fix is appreciated! Thank you.

the subject..

IDAPython: error executing init.py: nothing to repeat

Refer to the message window to see the full error log.

i have both Python 3x and Python 2x installed, as soon as i launch IDA Pro 7.3 (64-bit) i get this error. License is valid.
Java is correctly installed and PATH is configured (followed the Ghidra installation guide)

Good day. There is a problem as described above. Here is the log from Ida Pro.

  bytes   pages size description
--------- ----- ---- --------------------------------------------
   262144    32 8192 allocating memory for b-tree...
    65536     8 8192 allocating memory for virtual array...
   262144    32 8192 allocating memory for name pointers...
-----------------------------------------------------------------
   589824            total memory allocated

Loading processor module C:\Program Files\IDA 7.2\procs\i5164.dll for 8051...OK
Loading type libraries...
Autoanalysis subsystem has been initialized.
Database for file '307.bin' has been loaded.
============================================================
GhIDA Decompiler v0.1
Andrea Marcelli <[email protected]>
Cisco Talos, June 2019
GhIDA Decompiler shortcut key is Ctrl-Alt-D
============================================================
GhIDA:: [DEBUG] Reading GhIDA configuration
('GHIDA_CONF.load_save_cached_code', False)
('GHIDA_CONF.load_save_cached_comments', False)
GhIDA:: [DEBUG] code_cache_path: c:\users\user\appdata\local\temp\decompiled_cache_FE46C519975BC6E312BB1719D93A0A64.json
GhIDA:: [DEBUG] comments_cache_path: c:\users\user\appdata\local\temp\comments_cache_FE46C519975BC6E312BB1719D93A0A64.json
GhIDA:: [DEBUG] Registering handlers
GhIDA [DEBUG] ScreenEAHook initialized
---------------------------------------------------------------------------------------------
Python 2.7.18 (v2.7.18:8d21aa21f2, Apr 20 2020, 13:25:05) [MSC v.1500 64 bit (AMD64)] 
IDAPython 64-bit v1.7.0 final (serial 0) (c) The IDAPython Team <[email protected]>
---------------------------------------------------------------------------------------------
GhIDA:: [DEBUG] DisasmsHandler HELLO
('GHIDA_CONF.global_settings', True)
('GHIDA_CONF.use_ghidra_server', False)
('GHIDA_CONF.ghidra_install_path', 'E:\\ghidra_9.1.2_PUBLIC_20200212\\ghidra_9.1.2_PUBLIC')
('GHIDA_CONF.ghidra_server_url', 'http://localhost:8080/ghidra/api')
('GHIDA_CONF.show_settings', True)
('GHIDA_CONF.load_save_cached_code', False)
('GHIDA_CONF.load_save_cached_comments', False)
GhIDA:: [INFO] Configuration saved to c:\users\user\appdata\local\temp\ghida_config.json
GhIDA:: [DEBUG] EXPORT_XML_FILE: True
GhIDA:: [DEBUG] Exporting IDA project into XML format

XML Exporter v5.0.1 : SDK 720
-----------------------------------------------------------
Exporting XML <PROGRAM> document ....
Processing PROGRAM                 GhIDA:: [DEBUG] compiler name: Unknown
GhIDA:: [DEBUG] new_compiler_name: default
CPU time: 0.0019
Processing MEMORY_MAP              CPU time: 0.0061
Processing CODE                    CPU time: 0.0013
Processing DATA                    CPU time: 0.0507
Processing COMMENTS                CPU time: 0.0032
Processing PROGRAM_ENTRY_POINTS    CPU time: 0.0005
Processing SYMBOL_TABLE            CPU time: 0.0023
Processing FUNCTIONS               CPU time: 0.0041
Processing MARKUP                  CPU time: 0.0275
                             Total CPU time: 0.4666
--------------------------------------
PROGRAM                           1
INFO_SOURCE                       1
PROCESSOR                         1
COMPILER                          1
MEMORY_MAP                        1
MEMORY_SECTION                    4
MEMORY_CONTENTS                   2
CODE                              1
CODE_BLOCK                        9
DATA                              1
DEFINED_DATA                     62
TYPEINFO_CMT                    109
COMMENTS                          1
COMMENT                          27
PROGRAM_ENTRY_POINTS              1
PROGRAM_ENTRY_POINT               8
SYMBOL_TABLE                      1
SYMBOL                           29
FUNCTIONS                         1
FUNCTION                         50
ADDRESS_RANGE                    60
REPEATABLE_CMT                    7
MARKUP                            1
--------------------------------------
Total XML Elements:             379
Database exported to: E:\RABOTA\FE46C519975BC6E312BB1719D93A0A64_vnzEm.xml
GhIDA:: [DEBUG] found 0 symbols
GhIDA:: [INFO] XML exporting completed
GhIDA:: [DEBUG] decompiled cache miss (432)
GhIDA:: [DEBUG] Decompiling 432
GhIDA:: [DEBUG] EXPORT_XML_FILE: False
GhIDA:: [INFO] Ghidra headless (timeout: 1000s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [INFO] Ghidra analysis completed!
GhIDA:: [!] No JSON object could be decoded
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

With what it can be connected ? Incorrect compiler or Something is missing from my installation. The thing is that if I upload it directly through the hydra, then the file will decompile, but you must explicitly indicate where the code is in this file.

Using windows 10, IDA pro 7.5 and Ghidra 9.1.2

Is it because the 16 bit x86 is not supported on GhIDA (even though Ghidra supports it) or is this a bug?

Possible file format: ELF for ARM (Shared object) (D:\Program Files (x86)\IDA_Pro_v7.0_Portable\loaders\elf.dll)

bytes pages size description

262144 32 8192 allocating memory for b-tree...
65536 8 8192 allocating memory for virtual array...
262144 32 8192 allocating memory for name pointers...

589824 total memory allocated

Loading file 'C:\xxxxxxx\xxxxxx' into database...
Detected file format: ELF for ARM (Shared object)
Loading processor module D:\Program Files (x86)\IDA_Pro_v7.0_Portable\procs\arm.dll for arm...OK
Autoanalysis subsystem has been initialized.
[uEmu]: Init plugin
[uEmu]: Run plugin
[uEmu]: Unicorn version [ 1.0.1 ]
[uEmu]: CPU arch set to [ armle ]
D:\Program Files (x86)\IDA_Pro_v7.0_Portable\plugins\vx_target_standalone.py: PLUGIN_ENTRY was not defined or the class name 'uEmuPlugin' was already used in 'uEmu.py'
Assuming __cdecl calling convention by default
0. Creating a new segment (00000000-00002C0C) ... ... OK

1. Creating a new segment (0000AE14-0000B038) ... ... OK
2. Creating a new segment (00000AC0-00000AD0) ... ... OK
   Additional segment (00000AD0-00002C0C) ...
3. Creating a new segment (00000AD0-00002C0C) ... ... OK
4. Creating a new segment (00000AD0-00000CB8) ... ... OK
   Additional segment (00000CB8-00002C0C) ...
   Deleting segment (00000CB8-00002C0C) ...
5. Creating a new segment (00000CB8-00002C0C) ... ... OK
6. Creating a new segment (00000CB8-00002958) ... ... OK
   Additional segment (00002958-00002C0C) ...
   Deleting segment (00002958-00002C0C) ...
7. Creating a new segment (00002958-00002C0C) ... ... OK
8. Creating a new segment (00002958-00002968) ... ... OK
   Additional segment (00002968-00002C0C) ...
   Deleting segment (00002968-00002C0C) ...
9. Creating a new segment (00002968-00002C0C) ... ... OK
10. Creating a new segment (00002968-00002C06) ... ... OK
    Additional segment (00002C06-00002C0C) ...
    Deleting segment (00002C06-00002C0C) ...
11. Creating a new segment (00002C06-00002C0C) ... ... OK
12. Creating a new segment (00002C08-00002C0C) ... ... OK
13. Creating a new segment (0000AE14-0000AE18) ... ... OK
    Additional segment (0000AE18-0000B038) ...
    Deleting segment (0000AE18-0000B038) ...
14. Creating a new segment (0000AE18-0000B038) ... ... OK
15. Creating a new segment (0000AE18-0000AE1C) ... ... OK
    Additional segment (0000AE1C-0000B038) ...
    Deleting segment (0000AE1C-0000B038) ...
16. Creating a new segment (0000AE1C-0000B038) ... ... OK
17. Creating a new segment (0000AE1C-0000AE20) ... ... OK
    Additional segment (0000AE20-0000B038) ...
    Deleting segment (0000AE20-0000B038) ...
18. Creating a new segment (0000AE20-0000B038) ... ... OK
19. Creating a new segment (0000AE20-0000AE34) ... ... OK
    Additional segment (0000AE34-0000B038) ...
    Deleting segment (0000AE34-0000B038) ...
20. Creating a new segment (0000AE34-0000B038) ... ... OK
21. Creating a new segment (0000AF3C-0000B000) ... ... OK
    Additional segment (0000B000-0000B038) ...
22. Creating a new segment (0000B000-0000B038) ... ... OK
23. Creating a new segment (0000B000-0000B00C) ... ... OK
    Additional segment (0000B00C-0000B038) ...
    Deleting segment (0000B00C-0000B038) ...
24. Creating a new segment (0000B00C-0000B038) ... ... OK
    Deleting segment (0000B00C-0000B038) ...
25. Creating a new segment (0000B00C-0000B038) ... ... OK
26. Creating a new segment (0000B038-0000B039) ... ... OK
27. Creating a new segment (0000B03C-0000B0E4) ... ... OK
    Assuming __cdecl calling convention by default
    Type library 'gnulnx_arm' loaded. Applying types...
    Types applied to 1 names.
28. Creating a new segment (0000B0E4-0000B100) ... ... OK
    Adding relocations...
    Plan FLIRT signature: ARM library little endian
    autoload.cfg: armlibl.sig autoloads armv12.til
    Type library 'armv12' loaded. Applying types...
    Types applied to 0 names.
    Marking typical code sequences...
    Flushing buffers, please wait...ok
    File 'C:\xxxxxxx\xxxxxx' has been successfully loaded into the database.
    IDA is analysing the input file...
    You may start to explore the input file right now.
    Hex-Rays Decompiler plugin has been loaded (v7.0.0.170914)
    License: 56-3E5B-5634-29 Jiang Ying, Personal license (1 user)
    The hotkeys are F5: decompile, Ctrl-F5: decompile all.
    Please check the Edit/Plugins menu for more informaton.
    IDAPython Hex-Rays bindings initialized.
    ============================================================
    GhIDA Decompiler v0.1
    Andrea Marcelli [email protected]
    Cisco Talos, June 2019
    GhIDA Decompiler shortcut key is Ctrl-Alt-D
    ============================================================
    GhIDA:: [DEBUG] Reading GhIDA configuration
    ('GHIDA_CONF.load_save_cached_code', False)
    ('GHIDA_CONF.load_save_cached_comments', False)
    GhIDA:: [DEBUG] code_cache_path: c:\users\admini1\appdata\local\temp\decompiled_cache_1DC83C421557F6E549C8A9370EAFD4F8.json
    GhIDA:: [DEBUG] comments_cache_path: c:\users\admini1\appdata\local\temp\comments_cache_1DC83C421557F6E549C8A9370EAFD4F8.json
    GhIDA:: [DEBUG] Registering handlers
    GhIDA [DEBUG] ScreenEAHook initialized
    ================================================================================
    Keypatch v2.2 (c) Nguyen Anh Quynh & Thanh Nguyen, 2016
    Keypatch is using Keystone v0.9.1
    Keypatch Patcher's shortcut key is Ctrl-Alt-K
    Use the same hotkey Ctrl-Alt-K to open 'Fill Range' window on a selected range of code
    To revert (undo) the last patching, choose menu Edit | Keypatch | Undo last patching
    Keypatch Search is available from menu Edit | Keypatch | Search
    Find more information about Keypatch at http://keystone-engine.org/keypatch
    ================================================================================
    [uEmu]: Init plugin
    [uEmu]: Run plugin
    [uEmu]: Unicorn version [ 1.0.1 ]
    [uEmu]: CPU arch set to [ armle ]
    [uEmu]: Init plugin
    D:\Program Files (x86)\IDA_Pro_v7.0_Portable\plugins\vx_target_standalone.py: PLUGIN_ENTRY was not defined or the class name 'uEmuPlugin' was already used in 'uEmu.py'
    ================================================================================
    [uEmu]: UI ready. Run plugin
    [uEmu]: Unicorn version [ 1.0.1 ]
    [uEmu]: CPU arch set to [ armle ]
    [uEmu]: UI ready. Run plugin
    [uEmu]: Unicorn version [ 1.0.1 ]
    [uEmu]: CPU arch set to [ armle ]
    [uEmu]: UI ready. Run plugin
    [uEmu]: Unicorn version [ 1.0.1 ]
    [uEmu]: CPU arch set to [ armle ]

Python 2.7.13 (v2.7.13:a06454b1afa1, Dec 17 2016, 20:53:40) [MSC v.1500 64 bit (AMD64)]
IDAPython v1.7.0 final (serial 0) (c) The IDAPython Team [email protected]

Using FLIRT signature: ARM library little endian
Propagating type information...
Function argument information has been propagated
The initial autoanalysis has been finished.
GhIDA:: [DEBUG] DisasmsHandler HELLO
('GHIDA_CONF.global_settings', True)
('GHIDA_CONF.use_ghidra_server', False)
('GHIDA_CONF.ghidra_install_path', 'E:\ghidra_9.0')
('GHIDA_CONF.ghidra_server_url', 'http://localhost:8080/ghidra/api')
('GHIDA_CONF.show_settings', True)
('GHIDA_CONF.load_save_cached_code', False)
('GHIDA_CONF.load_save_cached_comments', False)
GhIDA:: [INFO] Configuration saved to c:\users\admini~1\appdata\local\temp\ghida_config.json
GhIDA:: [DEBUG] EXPORT_XML_FILE: True
GhIDA:: [DEBUG] Exporting IDA project into XML format

XML Exporter v5.0.1 : SDK 700

Exporting XML document ....
Processing PROGRAM GhIDA:: [DEBUG] compiler name: GNU C++
GhIDA:: [DEBUG] new_compiler_name: gcc
CPU time: 0.0047
Processing DATATYPES CPU time: 0.0008
Processing MEMORY_MAP CPU time: 0.0250
Processing REGISTER_VALUES CPU time: 0.0141
Processing CODE CPU time: 0.0025
Processing DATA CPU time: 0.1220
Processing COMMENTS CPU time: 0.0146
Processing PROGRAM_ENTRY_POINTS CPU time: 0.0006
Processing SYMBOL_TABLE CPU time: 0.0122
Processing FUNCTIONS CPU time: 0.0151
Processing MARKUP CPU time: 0.0439
Total CPU time: 1.1215

PROGRAM 1
INFO_SOURCE 1
PROCESSOR 1
COMPILER 1
DATATYPES 1
STRUCTURE 3
MEMBER 12
UNION 1
MEMORY_MAP 1
MEMORY_SECTION 19
MEMORY_CONTENTS 16
REGISTER_VALUES 1
REGISTER_VALUE_RANGE 254
CODE 1
CODE_BLOCK 23
DATA 1
DEFINED_DATA 476
TYPEINFO_CMT 327
COMMENTS 1
COMMENT 229
PROGRAM_ENTRY_POINTS 1
PROGRAM_ENTRY_POINT 7
SYMBOL_TABLE 1
SYMBOL 229
FUNCTIONS 1
FUNCTION 66
ADDRESS_RANGE 66
STACK_FRAME 16
STACK_VAR 65
MARKUP 1
MEMORY_REFERENCE 140

Total XML Elements: 1963
Database exported to: C:\Users\Administrator\Desktop\huaweiQ2_pro\1DC83C421557F6E549C8A9370EAFD4F8_cEskL.xml
GhIDA:: [DEBUG] found 0 symbols
GhIDA:: [INFO] XML exporting completed
GhIDA:: [DEBUG] decompiled cache miss (dec)
GhIDA:: [DEBUG] Decompiling dec
GhIDA:: [DEBUG] EXPORT_XML_FILE: False
GhIDA:: [INFO] Ghidra headless (timeout: 300s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [!] 'module' object has no attribute 'killpg'
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

Python Version: 3.8.2
IDA Pro Version: 7.5
OS: Windows 10 Education
Build: 19042.867
Version: 20H2

# Import error
Location: IDAPro7.5\plugins\ghida_plugin
ERROR: Cannot import and find the modules that are in init.py

Solution:
Open init.py in an editor.
Add a '.' in front of all the modules in the form 'module' import statments.
ex: from .comments_cache import *
Directs IDA's python3 instance to explicitly look in the current directory for those module

# Queue error
Location: IDAPro7.5\plugins\ghida_plugin
ERROR: Cannot find 'Queue'

Solution:
Open lib.py in an editor.
Change 'import Queue' to 'import queue'
Now it was successfully found and import queue

# Error finding requests and pygments
Location:
ERROR: ModuleNotFoundError: No module named 'requests'

Solution: IDK

IDA Pro 7.2
Ghidra Master Build (Last Commit)

WIndows 10 - 20H2
IDA 7.5_pack3
GHIDRA 9.2.1 and 9.3
PYTHON 3.9.1

Tried multiple small binaries.

The analysis completes very fast and I can see the XML is populated, however I get this in the IDA log:

GhIDA:: [INFO] XML exporting completed
GhIDA:: [INFO] Ghidra headless (timeout: 5000s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [INFO] Ghidra analysis completed!
GhIDA:: [!] Expecting value: line 1 column 1 (char 0)
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

Everything prob works using terminal:

But when I use it in IDA:

Log: https://paste.md-5.net/afihacifeq.css
EDIT: I use Windows 10 Pro 21H1, IDA Pro 7.6, Ghidra 10.1.2_PUBLIC, Python 3.8 and WSL2 (Ubuntu)

ida_lines.tag_remove(regcmt + " ", 0) => ida_lines.tag_remove(regcmt + " ")
ida_lines.tag_remove(rptcmt + " ", 0) => ida_lines.tag_remove(rptcmt + " ")

Thanks, best regards,

Environment: Windows10, IDA Pro 7.3, ghidra 9.0.4, python2.7.16

error log

GhIDA:: [DEBUG] found 0 symbols
GhIDA:: [INFO] XML exporting completed
GhIDA:: [DEBUG] decompiled cache miss (3560)
GhIDA:: [DEBUG] Decompiling 3560
GhIDA:: [DEBUG] EXPORT_XML_FILE: False
GhIDA:: [INFO] Ghidra headless (timeout: 300s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [INFO] Ghidra analysis completed!
GhIDA:: [!] No JSON object could be decoded
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

System Information

• GhIDA Versions:
  • Release v0.1
  • Master at commit d153e0d
• OS: Windows 10 Professional 1909
• Virtualization Host: VMWare Workstation Pro 15.5.2
• Ghidra: 9.1.2
• IDA Pro: 7.3
• JDK Versions:
  • 13.0.2
  • 11.0.6
• Python Version: 2.7.13

Symptoms

When attempting to perform analysis on the GreenBug Trojan, the Hexrays decompiler decompiles successfully, while the Ghidra decompiler displays the following error:

GhIDA:: [!] Decompilation error - timeout reached
GhIDA:: [!] No JSON object could be decoded
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

I found some test samples from the "Practical Malware Analysis" book (specifically Lab13-01.exe), and observed something interesting. The Ghidra headless analysis will succeed, but only after the full 300 seconds times out. If the decompilation is interrupted by clicking "Cancel" after a few seconds, the decompilation will still succeed. However, the decompilation will finish successfully within seconds for some binaries.

I believe I'm experiencing something similar to #3 (comment). However, fixes in this comment, as well as other fixes in #3 didn't fix my problem.

am trying to use GhIDA in my local computer with:
IDA Pro 7.5
Ghidra 9.1.2
python3.7

I found several issues as:

lib.py: import Queue, does not work because in python3 it is named to queue.
ghida.py: the custom icon idaapi.load_custom_icon needs a path not data.

But the main problem is the following:

GhIDA decompilation wrapper error module 'sys' has no attribute 'exc_type'

Any idea?

Hi, I have a problem with running this problem, because of weird python import issue:

C:\Program Files\IDA Pro 7.4\plugins\ghida.py: No module named 'comments_cache'
Traceback (most recent call last):
  File "C:\Program Files\IDA Pro 7.4\python\3\ida_idaapi.py", line 593, in IDAPython_ExecScript
    exec(code, g)
  File "C:/Program Files/IDA Pro 7.4/plugins/ghida.py", line 37, in <module>
    import ghida_plugin as gl
  File "C:/Program Files/IDA Pro 7.4/plugins\ghida_plugin\__init__.py", line 26, in <module>
    from comments_cache import *
ModuleNotFoundError: No module named 'comments_cache'

I know that:

• module exists,
• can be imported if we are running python shell in ghida_plugin dir, but not from parent directory where ghida.py is located
• I'm guessing is somehow related how __init__.py works :/

There is no option to demangle function names in decompiler view. Would it be possible to add one?

I use IDA pro 7.5, Ghidra 9.2.2 lastest, python 3.7.9
I'm trying to test decompile function in IDA with GhidraDec but not working any function :(

XML Exporter v5.0.1 : SDK 750
-----------------------------------------------------------
Exporting XML <PROGRAM> document ....
Processing PROGRAM                 CPU time: 0.0010
Processing DATATYPES               CPU time: 0.0010
Processing MEMORY_MAP              CPU time: 0.0560
Processing REGISTER_VALUES         CPU time: 0.0020
Processing CODE                    CPU time: 0.0020
Processing DATA                    CPU time: 0.0620
Processing COMMENTS                CPU time: 0.0050
Processing PROGRAM_ENTRY_POINTS    CPU time: 0.0000
Processing SYMBOL_TABLE            CPU time: 0.0030
Processing FUNCTIONS               CPU time: 0.0050
Processing MARKUP                  CPU time: 0.0080
                             Total CPU time: 0.6618
--------------------------------------
PROGRAM                           1
INFO_SOURCE                       1
PROCESSOR                         1
COMPILER                          1
DATATYPES                         1
STRUCTURE                         4
MEMBER                           13
MEMORY_MAP                        1
MEMORY_SECTION                    8
MEMORY_CONTENTS                   8
REGISTER_VALUES                   1
REGISTER_VALUE_RANGE             24
CODE                              1
CODE_BLOCK                       34
DATA                              1
DEFINED_DATA                    103
TYPEINFO_CMT                     92
COMMENTS                          1
COMMENT                          41
PROGRAM_ENTRY_POINTS              1
PROGRAM_ENTRY_POINT               1
SYMBOL_TABLE                      1
SYMBOL                           53
FUNCTIONS                         1
FUNCTION                         30
ADDRESS_RANGE                    30
STACK_FRAME                      16
STACK_VAR                         5
MARKUP                            1
MEMORY_REFERENCE                  1
--------------------------------------
Total XML Elements:             477
Database exported to: D:\C_Data\Desktop\TestJS\b47183de13c96177deeeb1983faf4172_OGHFm.xml
GhIDA:: [INFO] XML exporting completed
GhIDA:: [INFO] Ghidra headless (timeout: 300s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [INFO] Ghidra analysis completed!
GhIDA:: [!] Expecting value: line 1 column 1 (char 0)
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

Thanks for the Project.
when I use GhIDA Decompiler, got a "Ghidra headless analysis failed" error.
many times with various files. same error.

GhIDA:: [INFO] Ghidra headless (timeout: 300s)
GhIDA:: [INFO] Waiting Ghidra headless analysis to finish...
GhIDA:: [!] 'module' object has no attribute 'killpg'
GhIDA:: [!] Ghidra headless analysis failed
GhIDA:: [!] Decompilation interrupted.

IDA Version： 7.2.181105 Windows
Python Version：Python 2.7.15
Ghidra Path ：C:\Program Files\ghidra_9.0.4
Java Version：jdk-11.0.4

and I also have this error

GhIDA:: [DEBUG] Reading GhIDA configuration
('GHIDA_CONF.load_save_cached_code', True)
('GHIDA_CONF.load_save_cached_comments', True)
GhIDA:: [DEBUG] code_cache_path: c:\users\edz\appdata\local\temp\decompiled_cache_3407694CA26AC630BBAD34D07BAFE340.json
GhIDA:: [DEBUG] loading decomp cache from json
GhIDA:: [!] error while loading code from c:\users\edz\appdata\local\temp\decompiled_cache_3407694CA26AC630BBAD34D07BAFE340.json
GhIDA:: [DEBUG] comments_cache_path: c:\users\edz\appdata\local\temp\comments_cache_3407694CA26AC630BBAD34D07BAFE340.json
GhIDA:: [DEBUG] loading comments cache from json
GhIDA:: [!] error while loading comments from c:\users\edz\appdata\local\temp\comments_cache_3407694CA26AC630BBAD34D07BAFE340.json
GhIDA:: [DEBUG] Registering handlers
GhIDA [DEBUG] ScreenEAHook initialized

running command line
"C:\Program Files\ghidra_9.0.4\support\analyzeHeadless.bat" . Temp -import C:\Users\EDZ\source\repos\ConsoleApplication1\test\3407694CA26AC630BBAD34D07BAFE340_JVLNU.xml -scriptPath "C:\Program Files\IDA 7.2\plugins\ghida_plugin\ghidra_plugin" -postScript FunctionDecompile.py 411357 c:\users\edz\appdata\local\temp\411357_5ddduh -noanalysis -deleteProject

Hi, because Ida is slowly moving to python3, it would be nice to have this plugin ported to python3.

I started working on this (diff), but I have still some unresolved issues which requires deeper debug, like decompilation is failing - probably somebody from authors of this plugin should check diff.

Hi,

I want to decompile code for Renesas SH processors. Both IDA and Ghidra support it as Module 'Renesas SH2A', but GhIDA says its not supported by Ghidra..

XML Exporter v5.0.1 : SDK 760
-----------------------------------------------------------
Exporting XML <PROGRAM> document ....
Processing PROGRAM                 WARNING: Segments do not have same addressing model!
GhIDA [!] unknown compiler not supported by Ghidra
GhIDA:: [!] export_xml cancelled

GhIDA:: [!] XML Export cancelled!
GhIDA:: [!] Decompilation wrapper error