The decompile results looks wrong, why the refinded Pcode is not complete for this function

[jackniu1234]

I'm trying to use Ghidra's refined pcode to do some data-flow analysis, however, when I dumped the refined pcodes of the below function, it seems that the refined pcodes are not complete. Is there anyway to use some decomiledOptions to fix it?

Here is the function written in C, and compiled into an ELF file with ARM:LE:32:v8 using arm-none-eabi-gcc.

int func(int* p, int sz) {
    p = p + 1;
    if (sz > 10) 
        p = p + 1;
    else
        p = p - 1;
    return *p;
}

The dumped refined pcodes look like:

The decompiled function in "Decompile window" of GUI also looks wrong:

[ghidracadabra]

Can you elaborate on what looks wrong in the decompiled code? The decompiler can perform its own simplifications which result in different (but equivalent) C code than what was originally compiled. Optimizations applied by the compiler can also have a role.

The unused local sz_local is most likely a result of the DWARF analyzer applying information to a local variable that the decompiler optimized away.

[ernieIzde8ski]

These functions might not look the same, but they're logically equivalent, with the compiler/decompiler applying some degree of obfuscation:

Code	Diff	Justification
int func(int* p, int sz) { p = p + 1; if (sz > 10) p = p + 1; else p = p - 1; return *p; }	N/A	Given
int func(int* p, int sz) { p = p; if (sz > 10) p = p + 2; else p = p; return *p; }	Diff int func(int* p, int sz) { - p = p + 1; + p = p; if (sz > 10) - p = p + 1; + p = p + 2; else - p = p - 1; + p = p; return *p; }	Move p + 1 out of the first line.
int func(int* p, int sz) { if (sz > 10) { p = p + 2; } return *p; }	Diff int func(int* p, int sz) { - p = p; if (sz > 10) { p = p + 2; } - else - p = p; return *p; }	Remove identity equalities.
int func(int* p, int sz) { if (10 < sz) { p = p + 2; } return *p; }	Diff int func(int* p, int sz) { - if (sz > 10) { + if (10 < sz) { p = p + 2; } return *p; }	Flip the ordering of the equality.
int func(int* p, int sz) { int sz_local; int *p_local; p_local = p; if (10 < sz) { p_local = p + 2; } return *p_local; }	Diff int func(int* p, int sz) { + int sz_local; + int *p_local; + + p_local = p; if (10 < sz) { - p = p + 2; + p_local = p + 2; } return *p_local; }	Introduce locals. Presumably, sz_local is an artifact like the other user says.