Attempting to decompile a false-positive function sometimes causes an assertion to fail #370
Description
Ghidra causes an assertion to fail with
/usr/include/c++/15.1.1/bits/stl_vector.h:1263: std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](size_type) [with _Tp = ghidra::ParamTrial; _Alloc = std::allocator<ghidra::ParamTrial>; reference = ghidra::ParamTrial&; size_type = long unsigned int]: Assertion '__n < this->size()' failed.
whenever attempting to decompile certain files. For instance, I attempted to decompile Super Mario Bros for the NES, which led Rizin to detect 3000+ functions. Attempting to decompile some of the functions causes the assertion to fail, while others do not cause a crash. This behavior also occurs in certain large ELF (10K+ functions) files.
This behavior occurs in both rizin itself, and in a custom backend I am using:
//skipped
auto cf = rz_core_file_open(this->core, fpath.c_str(), RZ_PERM_R, 0);
if (!cf) {
abort();
}
rz_core_bin_load(this->core, NULL, 0);
rz_core_perform_auto_analysis(this->core, RZ_CORE_ANALYSIS_DEEP);
this->fcn_list = rz_analysis_function_list(this->core->analysis);
for (unsigned int i = 0; i < rz_list_length(this->fcn_list); ++i) {
auto fcn = static_cast<RzAnalysisFunction*>(rz_list_get_n(this->fcn_list, i));
auto decompRz = rz_ghidra_decompile_annotated_code(this->core, fcn->addr); //crash
Also submitted to rizinorg/rizin#5689, as I am not sure if this is a rizin or rz-ghidra issue.