I have a problem with decompiling an obfuscated switch
After decompiling it, I get strange results like this:
Also, when I click Other → Specify Switch Idiom and change the input register from the correct one (rax) to any other, I get good switch, but it uses the wrong variable for it.
I checked the microcode, and it’s simply optimizing it from a jtbl into a set of gotos at the stage from MMAT_PREOPTIMIZED to MMAT_LOCOPT
How to make IDA show the correct switch?
Hi @DiveriX,
Could you share the sample IDB with us? (You can send it through our support channel).
It would help us give you some more tailored advice.
We cannot repro “while (1);”.
There is “while(1) {…}” but it seems to be correct.
Could you tell me if you have any plugins installed that may alter the decompiler output?
No, I absolutely have no plugins, except preinstalled
(post deleted by author)
Could you post the decompiler output for the function in question? I wonder why we cannot repro your case.
For example this function, same problem, no switch
// attributes: thunk
__int64 __fastcall sub_661AACF0(__int64 a1, __int64 a2, __int64 a3, unsigned __int8 a4)
{
return a4 + 12LL;
}