This repository was archived by the owner on Aug 23, 2022. It is now read-only.
This repository was archived by the owner on Aug 23, 2022. It is now read-only.
Unable to Uplift x86 PE: Check failed 'seg_type' Must be non NULL #740
Description
I am getting the error Check failed: 'seg_type' Must be non NULL when trying to uplift a x86 PE skeleton helloworld file. I am not sure if it is my install, based on the documentation McSema should fully support x86 PEs, I was wondering if there is a test suite corpus that is available that I could test my installation against?
Tool versioning:
- McSema v3.0.23 LLVM 10 - Ubuntu 18.04
- IDA Pro 7.1
Steps to reproduce:
echo 'void main() {};' > hello.c && \
i686-w64-mingw32-gcc hello.c -fPIC -pie -o hello.exe"${MCSEMAPATH}/mcsema/bin/mcsema-disass-3" \
> --disassembler "${IDAPATH}/idat" \
> --arch x86 \
> --os windows \
> --entrypoint main\
> --binary "${WORKDIR}/${TARGET}.exe" \
> --output "${WORKDIR}/${TARGET}.cfg" \
> --log_file "${WORKDIR}/${TARGET}.log""${MCSEMAPATH}/mcsema/bin/mcsema-lift-10.0" \
> --arch x86 \
> --os windows \
> --cfg "${WORKDIR}/${TARGET}.cfg" \
> --output "${WORKDIR}/${TARGET}.bc"\
> --explicit_args \
> --merge_segments \
> --name_lifted_sections \
> -semantics_search_paths "${MCSEMAPATH}/remill/share/remill/10.0/semantics/"
E20210304 14:17:08.631868 19859 Arch.cpp:379] Unable to decode instruction at 4026c0 with bytes ff ff ff ff b0 26 40 00 00 00 00 00 ff ff ff and error: GENERAL_ERROR
E20210304 14:17:08.632352 19859 Arch.cpp:957] DecodeXED() could not decode the following opcodes: (X86 4026c0 (BYTES ff ff ff ff b0 26 40 00 00 00 00 00 ff ff ff) !NO-FUNCTION!)
E20210304 14:17:08.632378 19859 Function.cpp:1644] Could not decode instruction at 4026c0 reachable from instruction 4026bf in function _register_frame_ctor at 4026b0: (X86 4026c0 (BYTES ff ff ff ff b0 26 40 00 00 00 00 00 ff ff ff) !NO-FUNCTION!)
E20210304 14:17:09.014456 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_401010 in function sub_401010__pre_c_init
E20210304 14:17:09.014518 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_4022ca in function sub_4022b0___FindPESectionByName
E20210304 14:17:09.014537 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_402340 in function sub_402340____mingw_GetSectionForAddress
E20210304 14:17:09.014551 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_4023b0 in function sub_4023b0____mingw_GetSectionCount
E20210304 14:17:09.014565 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_4023e0 in function sub_4023e0___FindPESectionExec
E20210304 14:17:09.014585 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_402450 in function sub_402450___GetPEImageBase
E20210304 14:17:09.014602 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_402480 in function sub_402480___IsNonwritableInCurrentImage
E20210304 14:17:09.014619 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 400000 in block inst_402500 in function sub_402500____mingw_enum_import_library_names
E20210304 14:17:09.014639 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_4010b0 in function sub_401010__pre_c_init
E20210304 14:17:09.014963 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_4022ee in function sub_4022b0___FindPESectionByName
E20210304 14:17:09.015137 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_402360 in function sub_402340____mingw_GetSectionForAddress
E20210304 14:17:09.015158 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_4023ce in function sub_4023b0____mingw_GetSectionCount
E20210304 14:17:09.015174 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_40240e in function sub_4023e0___FindPESectionExec
E20210304 14:17:09.015190 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_4024a0 in function sub_402480___IsNonwritableInCurrentImage
E20210304 14:17:09.015213 19859 Optimize.cpp:1252] Missed cross-reference to absolute address 40003c in block inst_40252e in function sub_402500____mingw_enum_import_library_names
F20210304 14:17:09.156836 19859 Segment.cpp:484] Check failed: 'seg_type' Must be non NULL
*** Check failure stack trace: ***
@ 0x85c08c google::LogMessageFatal::~LogMessageFatal()
@ 0x481292 mcsema::DefineDataSegments()
@ 0x471f31 mcsema::LiftCodeIntoModule()
@ 0x487856 main
@ 0x7fd79dcd8bf7 __libc_start_main
@ 0x43897a _start
[1] 19859 abort (core dumped) "${MCSEMAPATH}/mcsema/bin/mcsema-lift-10.0" --arch x86 --os windows --cfgRelevant code:
Lines 479 to 484 in b0f7790
auto seg_type = llvm::dyn_cast<llvm::StructType>(remill::GetValueType(seg));
// This might be null if there are two lifted variables with same name and
// one of them is exported and the exported variable is having xrefs or
// notnull.
CHECK_NOTNULL(seg_type);
seg->setInitializer(FillDataSegment(cfg_module, cfg_seg, seg_type));