Configuration

The decompiler has a configuration file. It is installed into the 'cfg' subdirectory of the IDA installation. The configuration file is named 'hexrays.cfg'. It is a simple text file, which can be edited to your taste. Currently the following keywords are defined:

• LOCTYPE_BGCOLOR

  Background color of local type declarations. Currently this color is not used.
  Default: default background of the disassembly view

• VARDECL_BGCOLOR

  Background color of local variable declarations. It is specified as a hexadecimal number 0xBBGGRR where BB is the blue component, GG is the green component, and RR is the red component. Color -1 means the default background color (usually white).
  Default: default background of the disassembly view

• FUNCBODY_BGCOLOR

  Background color of the function body. It is specified the same way as VARDECL_BGCOLOR.
  Default: default background of the disassembly view

• MARK_BGCOLOR

  Background color of the function if it is marked as decompiled. It is specified the same way as VARDECL_BGCOLOR.
  Default: very light green

• BLOCK_INDENT

  Number of spaces to use for block indentations.
  Default: 2

• COMMENT_INDENT

  The position to start indented comments.
  Default: 48

• RIGHT_MARGIN

  As soon as the line length approaches this value, the decompiler will try to split it. However, it some cases the line may be longer.
  Default: 120

• MAX_NCOMMAS

  In order to keep the expressions relatively simple, the decompiler limits the number of comma operators in an expression. If there are too many of them, the decompiler will add a goto statement and replace the expression with a block statement. For example, instead of

    if ( cond || (x=*p,y=func(),x+y>0) )
      body;
  

  we may end up with:

    if ( cond )
      goto LABEL;
    x = *p;
    y = func();
    if ( x + y > 0 )
  LABEL:
      body;
  

  
  Default: 8

• DEFAULT_RADIX

  Specifies the default radix for numeric constants. Possible values: 0, 10, 16. Zero means "decimal for signed, hex for unsigned".
  Default: 0

• MAX_FUNCSIZE

  Specifies the maximal decompilable function size, in KBs. Only reachable basic blocks are taken into consideration.
  Default: 64

• HEXOPTIONS

  Combination of various analysis and display options:

  • HO_JUMPOUT_HELPERS

    If enabled, the decompiler will handle out-of-function jumps by generating a call to the JUMPOUT() function. If disables, such functions will not be decompiled.
    Default: enabled

  • HO_DISPLAY_CASTS

    If enabled, the decompiler will display cast operators in the output listing.
    Default: enabled

  • HO_HIDE_UNORDERED

    If enabled, the decompiler will hide unordered floating point comparisons. If this option is turned off, unordered comparisons will be displayed as calls to a helper function: __UNORDERED__(a, b)
    Default: enabled

  • HO_SSE_INTRINSICS

    If enabled, the decompiler will generate intrinsic functions for SSE instructions that use XMM/MMX registers. If this option is turned off, these instructions will be displayed using inline assembly.
    Default: enabled

  • HO_IGNORE_OVERLAPS

    If enabled, the decompiler will produce output even if the local variable allocation has failed. In this case the output may be wrong and will contain some overlapped variables.
    Default: enabled

  • HO_FAST_STRUCTURAL

    If enabled, fast structural analysis will be used. It generates less number of nested if-statements but may occasionally produce some unnecessary gotos. It is much faster on huge functions.

  • HO_CONST_STRINGS

    Only print string literals if they reside in read-only memory (e.g. .rodata segment). When off, all strings are printed as literals. You can override decompiler's decision by adding 'const' or 'volatile' to the string variable's type declaration.

  • HO_SIGNBIT_CHECKS

    Convert signed comparisons of unsigned variables with zero into bit checks.
    Before:

    (signed int)x < 0

    After:

    (x & 0x80000000) != 0

    For signed variables, perform the opposite conversion.

  • HO_UNMERGE_TAILS

    Reverse effects of branch tail optimizations: reduce number of gotos by duplicating code

  • HO_KEEP_CURLIES

    Keep curly braces for single-statement blocks

  • HO_DEL_ADDR_CMPS

    Optimize away address comparisons.
    Example:

    &a < &b

    will be replaced by 0 or 1.
    This optimization works only for non-relocatable files.

  • HO_SHOW_CSTR_CASTS

    Print casts from string literals to pointers to char/uchar. For example:

    (unsigned __int8 *)"Hello"

  • HO_ESC_CLOSES_VIEW

    Pressing Esc closes the pseudocode view

  • HO_SPOIL_FLAGREGS

    Assume all functions spoil flag registers ZF,CF,SF,OF,PF (including functions with explicitely specified spoiled lists)

  • HO_KEEP_INDIRECT_READS

    Keep all indirect memory reads (even with unused results) so as not to lose possible invalid address access

  • HO_KEEP_EH_CODE

    Keep exception related code (e.g. calls to _Unwind_SjLj_Register)

  • HO_SHOW_PAC_INSNS

    Translate ARMv8.3 Pointer Authentication instructions into intrinsic function calls (otherwise ignore all PAC instructions)

  • HO_KEEP_POTENTIAL_DIV0

    Preserve potential divisions by zero (if not set, all unused divisions will be deleted)

  • HO_MIPS_ADDSUB_TRAP

    Generate the integer overflow trap call for 'add', 'sub', 'neg' insns

  • HO_MIPS_IGN_DIV0_TRAP

    Ignore the division by zero trap generated by the compiler (only for MIPS)

  • HO_HONEST_READFLAGS

    Consider __readflags as depending on cpu flags default: off, because the result is correct but awfully unreadable

  • HO_NON_FATAL_INTERR

    Permit decompilation after an internal error (normally the decompiler does not permit new decompilations after an internal error in the current session)

  • HO_SINGLE_LINE_PROTO

    Never use multiline function declarations, even for functions with a long argument list

  • HO_DECOMPILE_LIBFUNCS

    Decompile library functions too (in batch mode)

  • HO_PROP_VOLATILE_LDX

    Propagate ldx instructions without checking for volatile memory access

• WARNINGS

  Specifies the warning messages that should be displayed after decompilation. Please refer to hexrays.cfg file for the details.
  Default: all warnings are on

• CMPFUNCS

  Specified list of function names that are considered "strcmp-like". For them the decompiler will prefer to use comparison against zero like

  strcmp(a, b) == 0
  

  as a condition. Underscores, j_ prefixes and _NN suffixes will be ignored when comparing function names

• MSVC Control Flow Guard names

  • CFGUARD_CHECK

    Name of Control Flow Guard check function. Calls of this function will not be included into the pseudocode.
    Default: "guard_check_icall_fptr"

  • CFGUARD_DISPATCH

    Name of Control Flow Guard dispatch function. Each call of this function will be replaced by 'call rax' instruction when generating pseudocode.
    Default: "guard_dispatch_icall_fptr"