Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

(Decompiler) No CONCAT & cast when returning a struct, return struct directly

See original GitHub issue

Is your feature request related to a problem? Please describe.

Looking at the following code:

struct foo {
  int a, b, c, d;
};

struct foo bar() {
  struct foo f = {
  a: 1,
  b: 2,
  c: 3,
  d: 4,
  };
  return f;
}

This compiles to

_bar                                         
       100000ef0            PUSH            RBP
       100000ef1            MOV             RBP,RSP
       100000ef4            MOV             RAX,qword ptr [DAT_100000f98] = 0000000400000003h
       100000efb            MOV             qword ptr [RBP + local_10],RAX
       100000eff            MOV             RAX,qword ptr [DAT_100000f90] = 0000000200000001h
       100000f06            MOV             qword ptr [RBP + local_18],RAX
       100000f0a            MOV             RAX,qword ptr [RBP + local_18]
       100000f0e            MOV             RDX,qword ptr [RBP + local_10]
       100000f12            POP             RBP
       100000f13            RET

This decompiles (after I set the type signature) to:

foo _bar(void)
{
  return (foo)CONCAT88(0x400000003,0x200000001);
}

Describe the solution you’d like

I want it to decompile to

foo _bar(void)
{
  foo f = foo{1, 2, 3, 4};
  return f;
}

Ghidra version: 9.0.4 (PUBLIC) OS: macOS

If you point me to the right directions, I will happily try to sent a PR.

Issue Analytics

State:
Created 4 years ago
Reactions:3
Comments:6 (1 by maintainers)

Top GitHub Comments

4reactions

karchermcommented, Apr 16, 2022

This is the output of IDA:

foo __cdecl bar()
{
  foo v0; // ax

  *(_QWORD *)&v0.a = 0x200000001LL;
  *(_QWORD *)&v0.c = 0x400000003LL;
  return v0;
}

And in IDA (that is, in the Hex Rays decompiler plugin), you can use the “split assignment” operation on the two assignments and you will obtain:

foo __cdecl bar()
{
  foo v0;

  v0.a = 1;
  v0.b = 2;
  v0.c = 3;
  v0.d = 4;
  return v0;
}

Having a Ghidra produce equally well readable decompilation output would be great.

2reactions

Wall-AFcommented, Apr 17, 2022

There’s an equivalent issue when the assembly needs to use 2 registers to represent a basic type and as the user you tell Ghidra the actual type, but CONCATs get used instead.

Top Results From Across the Web

Is it safe to return a struct in C or C++? - Stack Overflow

It is safe because the compiler is going to create a copy of struct and return the copy not the local struct in...

function that returns a const struct: kosher C? - Google Groups

I was not able to get it to compile using the C compiler on my platform. It looks like the compiler rejects returning...

Il2CppInspector Tutorial: Working with code in IL2CPP DLL ...

Here we create a new Vector3 object. il2cpp_object_new takes an Il2CppClass* and returns an Il2CppObject* , so we must cast the type definition ......

Your Guide to the CPython Source Code - Real Python

The PyList object's C code does not allocate memory directly. ... It is returned to the parser-tokenizer as the data structure is required ......

Initialize Struct vs Return Struct preference : r/C_Programming

Returning the struct has a nice feature that the other method has not: Because you return a compound literal from your function, every...