Add break statement in switch statement of HLIL window

[pr0xy-t]

Add break statement in switch statement of HLIL window

fuga.zip When I analyze this binary (fuga.o) , the break statement is not displayed in the switch statement of the HLIL window as shown in below picture. I want the break statement to be displayed in the HLIL window because I mainly look at the HLIL window to analyze. If I only look at the HLIL window, I cannot tell whether the break statement exists or not in terms of the semantics of the program.

That is , I would like the break statement to be added to the switch statement in the HLIL window, just as it is displayed in the pseudo c window.

[ccarpenter04]

Wow, I never noticed that but you're right, the HLIL isn't clear about where breaks are happening at all.

[D0ntPanic]

HLIL is not C. Switch statements in HLIL do not have fallthrough, so break statements will not appear at the end of cases. This is intentional and not a bug. If you want C, use the Pseudo-C view.

[ccarpenter04]

HLIL is not C. Switch statements in HLIL do not have fallthrough, so break statements will not appear at the end of cases. This is intentional and not a bug. If you want C, use the Pseudo-C view.

Where are the syntax guidelines for HLIL documented?

[psifertex]

From an API perspective, everything should be documented via: https://api.binary.ninja/_modules/binaryninja/highlevelil.html#HighLevelILInstruction

which has all instructions and their possible operands.

From just a reading perspective:

https://docs.binary.ninja/dev/bnil-overview.html#reading-il

[psifertex]

And yes, I did just point to source as documentation as if this were some open source project. 😉

We do plan on expanding the documentation of HLIL to match those for LLIL and MLIL but for now the previous links are the best (and you'll notice much of the content is duplicated there anyway).

[pr0xy-t]

HLIL is not C. Switch statements in HLIL do not have fallthrough, so break statements will not appear at the end of cases. This is intentional and not a bug. If you want C, use the Pseudo-C view.

OK. I understood about HLIL not having a fallthrough syntax.

Then, when I analyze the attached program, the "case 4" is not correct, is it?

switch4.zip

[pr0xy-t]

And, I think the "psedo c" window is also wrong when analyzing that file.

[psifertex]

Good catch -- that is 100% a bug and we need to fix it. Re-opening.

[D0ntPanic]

The HLIL control flow recovery system was not validating that default cases cover all values not covered by other cases and do not overlap with other cases. This is fixed in 3.4.4198.

There is currently no support for representing a fall through into a default case directly, so the decompiler now emits an if statement to cover it below the switch.

[pr0xy-t]

@D0ntPanic Thanks for fixing the bug :)

What do you think about a idea to use HLIL_GOTO when doing HLIL control flow recovery? In this case, I think the output looks a little cleaner since no if statements are generated.