How can I reconstruct types?

[s0i37]

Hello. I cant understand how can I reconstruct types with retdec-decompiler.py. I expected to see struct declaration above function listing (how implemented in snowman decompiler)

[s3rvac]

Hi. We are not sure what do you mean by How can I reconstruct types with retdec-decompiler.py. Could you please elaborate and give us an example (input binary file, decompilation command, expected output, actual output)?

[s0i37]

Ok. I expect to see structure declaration before function. It is similar snowman/smartdec decompiler. For example I want to decompile some function who use some type or struct. I think that decompiler could recognize using fields and types of structure. And I expect somethink like that:

struct s0 {
    signed char f0;
    signed char[3] pad4;
    int32_t f4;
    int32_t f8;
};
struct s0* some_function(struct s0* a1) {
    int32_t edx2;

    __x86_get_pc_thunk_dx();
    a1->f0 = 97;
    a1->f4 = edx2 + 0x2e4f - 0x1ff8;
    a1->f8 = 0x77;
    return a1;
}

However retdec decompiler will return pseudo code like this:

int32_t some_function(int32_t result) {
    // 0x11a9
    int32_t v1; // ebp
    unknown_11a5(v1);
    *(char *)result = 97;
    int32_t v2; // edx
    *(int32_t *)(result + 4) = v2 + 3671;
    *(int32_t *)(result + 8) = 119;
    return result;
}

[s3rvac]

Thank you for the explanation. Could you please also give us the input binary? In some cases, RetDec is able to recognize structured types, but the recognition does not seem to work in this case.

[s0i37]

May be I needed to specify some flag? I used a tiny self-written code:

struct Test {
    char a;
    char *b;
    int c;
};

struct Test* get_struct(struct Test* test)
{
    test->a = 'a';
    test->b = "bb";
    test->c = 0x77;
    return test;
}

a.out.zip

[s3rvac]

Thank you. @PeterMatula, can you please take a look?

[PeterMatula]

In general, we don't reconstruct structure types in a case like this - unless the info about structured types comes from debug information or some other reliable source. Moreover, our work with structures is often incorrect - we do not correctly replace use of its members with use of structure.

We will look into the sample you gave, compare results with Snowman output, and try to figure out how to improve the output. But this will take some time, it is not an easy fix - it requires better implementation of structure type handling.

For now, the answer is NO, you cannot reconstruct structured types in this case.

[PeterMatula]

I added this to a new milestone, since we would like to improve a RetDec <-> {IDA, r2, users} interactions by the end of the summer and this issue is related to it.