Segmentation fault when opening windows binaries about iaito HOT 17 CLOSED

Yes. My bad.. i fixed it later because neither this or the previous code is how breakpoints are suposed to be iterated and i wasnt expecting an unconditional loop there. O:)

from iaito.

So is iaito built by you? If so, can you provide a backtrace from the debugger or recompile with asan to get some context here?

from iaito.

Yep, I build it myself, I'll try to debug it.

from iaito.

How do I build it with debug symbols?

from iaito.

you can use qtcreator, debug builds are made by default, otherwise you can specify the profile when building with cmake or qmake, in theory you can do qmake CONFIG+=debug to get a debug build with symbols and such. hope that works

from iaito.

qmake doesn't work, it doesn't find the qt project file, but I edited the build.sh script, it should now compile a debug build. Hopefully I'll be able to post the backtrace from gdb tomorrow.

from iaito.

Hmm... I'm still doing something wrong, and I can't find a CMakeLists.txt to build with cmake..

from iaito.

it's in src. the issue with qmake is usually related to use the one from the distro (debian?) instead of the official sdk. yeah, the whole qt ecosystem sucks

from iaito.

ah, ok, thanks. Yeah, qt kinda sucks, I tried to learn it a few times but I didn't find anything in the documentation 🤷‍♂️

from iaito.

Here is my gdb output: https://pastebin.com/LLvd5fEq The segmentation fault occured during analysis. It opened fine when disabling analysis

from iaito.

If you are not running iaito in debugger mode i dont see why it should be messing with breakpoints. i assume this is not an issue in r2.

the line affected is:

2243 if (auto bpi = core->dbg->bp->bps_idx[i]) {

From what i read in the code the bps_idx_count should be 16, and all the items inside this array of pointers should be NULL so it shouldnt be crashing, this if statement, looks wrong with my C eye because assignments in conditionals should have double parenthesis..

actually the bps_idx array is conceptually broken and should just use the API as the comment above say, as well as use the linked list instead of that fixed array 🤦

thanks for pointing out that error. So after this i would go for making this code less repulsive by using the following code instead in the getBreakpoints() function:

for (int i = 0;; i++) {
  RBreakpointItem *bpi = r_bp_get_index(core->dbg->bp, i);
  if (!bpi) break;
  ret.push_back(breakpointDescriptionFromR2(i, bpi);
}

i will look into the debugger mess in the next release. but this code will probably wont compile in r2-5.6.

Can you test this change and report back if its fixed? if not, the other thing you can do is:

RListIter *iter;
RBreakpointItem *bpi;
r_list_foreach (core->dbg->bps, iter, bpi) {
  ret.push_back(breakpointDescriptionFromR2(i, bpi);
}

thanks!

from iaito.

Ok, I'll try

from iaito.

any update here?

from iaito.

Didn't check, totally forgot that, sry, will test that as soon as I'm at home

from iaito.

Ok, I finally checked it,

for (int i = 0;; i++) {
  RBreakpointItem *bpi = r_bp_get_index(core->dbg->bp, i);
  if (!bpi) break;
  ret.push_back(breakpointDescriptionFromR2(i, bpi);
}

fixed the segfault

from iaito.

Please submit a pr. And i think it will be better to continue instead of break

from iaito.

By using continue you just made an endless loop.

from iaito.