A bug when decompile obfuscated code

[fjqisba]

Describe the bug Unable to output correct decompilation results.

To Reproduce Use ghidra to decompile a simple code:

00401009  | 68 07679D2F       | push 0x2F9D6707
0040100E  | 68 9BB115D9       | push 0xD915B19B
00401013  | 68 27104000       | push 0x401027
00401018  | 8B4C24 06         | mov ecx,dword ptr ss:[esp+6]
0040101C  | C7840C EB26F898 0 | mov dword ptr ss:[esp+ecx-6707D915],501000
00401027  | 58                | pop eax
00401028  | C3                | ret

Expected behavior After executing the code,EAX should be 0x501000. However, the output result of ghidra is 0x401027

Additional context I think the reason for the error is ghidra performed constant propagation prematurely before performing stack variable detection.

[sad-dev]

FWIW, the emulator returns EAX = 0x501000 with the bytes

68 07 67 9D 2F 68 9B B1 15 D9 68 27 10 40 00 8B 4C 24 06 C7 84 0C EB 26 F8 98 00 10 50 00 58 C3

At the mov dword ptr ss:[esp + ecx - 0x6707D915], 0x501000instruction, ecx=0x6707D915. The instruction thus behaves like `mov dword ptr ss:[esp], 0x501000``which the decompiler misses

[fjqisba]

In fact, I already understand the cause of the problem.This is an article I wrote in Chinese. https://bbs.kanxue.com/thread-278727.htm You may need to read it through a translator. I just want to report some issues.....so developers may notice more when writing decompilers