The decompiler generates much more readable text by dividing complex conditions into smaller chunks. The output is longer but hey, sometimes it makes sense to be verbose! :)
int __stdcall SCStartRequestOnStream(_STREAM_OBJECT *a1, _DEVICE_EXTENSION *a2)
{
char *v2; // ebx@1
int result; // eax@6
v2 = (char *)&a2->SpinLock;
KefAcquireSpinLockAtDpcLevel(&a2->SpinLock);
if ( a1->ReadyForNextDataReq && a1->DataPendingQueue.Flink != &a1->DataPendingQueue )
{
SCDequeueAndStartStreamDataRequest(a1);
KefAcquireSpinLockAtDpcLevel(v2);
}
if ( a1->ReadyForNextControlReq && a1->ControlPendingQueue.Flink != &a1->ControlPendingQueue )
result = SCDequeueAndStartStreamControlRequest(a1);
else
result = KefReleaseSpinLockFromDpcLevel(v2);
return result;
}
Better tail call recognition
A much better recognition of tail call optimization leads to less JUMPOUT() calls in the output. The call arguments are recognized correctly. The function return value is not lost anymore.
The previous version of the decompiler failed to create a 16-bit variable that was stored by the compiler in bx. This had some very nasty consequences: the function prototype had an incorrect input argument (ebx) and the calling convention was wrong. While it was possible to correct it by specifying the function prototype manually, the new version lifts this burden from you.
The new version takes care of this situation much better. It uses a more fine-grained approach to variable allocation. It created a small 16-bit variable v4. No more ugly LOWORD() macro, the output is cleaner. The correctly determined function prototype will help when decompiling other functions as well because there will be less parasitic arguments and less confusion.
signed int __thiscall sub_600112F7(void *this, int a2, int a3)
{
unsigned __int16 v4; // bx@1
v10 = this;
v4 = *(_WORD *)(a2 + 12);
signed int __userpurge sub_600112F7<eax>(int a1<ecx>, int a2<ebx>, int a3, int a4)
{
v10 = a1;
LOWORD(a2) = *(_WORD *)(a3 + 12);
Better recognition of inline functions
Sorry for a long sample, the previous version of the decompiler was not handling strlen() well enough. It is a never ending fight and perfection is impossible, but we still continue to work on it. Recognition of inline functions is an incredibly hard problem, but the new version has a better engine to recognize them. There is plenty of room for improvement, to put it mildly.
Sometimes compilers copy structures by DWORD's, regardless of member types. The previous version of the decompiler diligently represented these assignments in the best form it could. However, using a structure copy operation is much better, it is concise and precise.
Finally the decompiler has proper support for union fields. Previously analysing code with unions could quickly turn into a nightmare because the decompiler would just use the first union field and would not allow you to change it. The code, while it had the field names, was very misleading because these names could be completely wrong. This is what we have on the left sample.
The new version is much better in this aspect. First, it tries to determine the best union field using several heuristic rules. It checks the disassembly listing for 'structure offset' operands, checks the current context to select the best fit union field. In many cases no user intervention is required. However, if the decompiler fails to pick the corrent union field, the user can always correct it by selecting the desired union field manually. Even complex situations like a union with another nested union or structure are supported. Anonymous nested unions are represented correctly too.
NOTE: these are just some selected examples that can be illustrated as a side-by-side difference. Hex-Rays Decompiler v1.6 includes are many other improvements and new features that are not mentioned on this page - simply because there was nothing to compare them with. Also, some improvements have already been illustrated in the previous comparisons. Please refer to the for more details.
iv class="cmptell"> The decompiler knows how to use the macro it the output to get rid of typecasts. As soon as the variable types are correctly set, it replaces casts with a simple macro call.
We added recognition of macros. While not all cases are handled yet, it usually works quite well. Saves you from the mental effort of recognizing these macros yourself.
No more cryptic offsets anymore. As an additional bonus, the decompiler automatically determines variable types because it can use the . By the way, KPCR fields are recognized too, you just need to load the corresponding til file!
While it is not pure C, we feel that using C++ style structure copying operations in the output adds to clarity. The above sample is almost perfect, this only possible improvement is to _this to this. The new decompiler can do that, read our for more info.
There is a common compiler optimization that reuses the same call instruction for different calls. Of the left side, the WinHelpA() call is used in two different situations. The decompiler had to use a goto statement because it could not represent the code with constructs.
