Building and Attaching to the Decompiler on Windows
This page is to answer and document instructions for this issue on the upstream Ghidra repo https://github.com/NationalSecurityAgency/ghidra/issues/7219
Assume your current working Ghidra repository is at C:\Users\user\src\ghidra.
Following these instructions should get you a working build (modify paths as needed), starting from a Powershell session:
# Navigate to source directory
cd C:\Users\user\src
# Clone repositories
git clone https://github.com/lifting-bits/sleigh
git clone https://github.com/microsoft/vcpkg
# Setup vcpkg and build zlib statically for x86_64 Windows
cd vcpkg
.\bootstrap-vcpkg.bat
.\vcpkg.exe install zlib:x64-windows-static
cd ..
# Create CMakeUserPresets.json for easier config in Visual Studio
cd sleigh
$jsonContent = @'
{
"version": 6,
"configurePresets": [
{
"name": "my-ghidra-head",
"binaryDir": "${sourceDir}/build/${presetName}",
"inherits": "ci-windows",
"architecture": null,
"generator": "Ninja",
"cacheVariables": {
"sleigh_RELEASE_TYPE": "HEAD",
"FETCHCONTENT_SOURCE_DIR_GHIDRASOURCE": "C:/Users/user/src/ghidra",
"sleigh_BUILD_DOCUMENTATION": "OFF",
"CMAKE_TOOLCHAIN_FILE": "C:/Users/user/src/vcpkg/scripts/buildsystems/vcpkg.cmake",
"CMAKE_BUILD_TYPE": "RelWithDebInfo"
}
}
]
}
'@
$jsonContent | Out-File -FilePath "CMakeUserPresets.json" -Encoding utf8Note: Change the value of sleigh_RELEASE_TYPE to stable if you're working off a version of the code closer to a stable release. Source files are add/removed over time, and the sleigh repo tries to update weekly, but sometimes things fall behind. If you have any issues, please open an issue on this repo https://github.com/lifting-bits/sleigh/issues/new
Now, open the sleigh folder in Visual Studio and configure with CMake using the my-ghidra-head preset and select the ghidra.exe (tools\ghidra\ghidra.exe) target.
Press Ctrl+b (or use top menu Build -> Build ghidra.exe) to build just this target (and avoid longer compilation of the other targets). This will build the equivalent decompile.exe binary that appears at Ghidra/Features/Decompiler/os/win_x86_64/decompile.exe in a packaged Ghidra distribution. However, you'll have to rename it from ghidra.exe to decompile.exe (we used the names in the Makefile, rather than the gradle file... I should probably symlink or something).
Make sure to backup/save/rename the original decompile.exe before copying
cp C:\Users\user\src\sleigh\build\my-ghidra-head\toos\ghidra\ghidra.exe ...\decompile.exe
cp C:\Users\user\src\sleigh\build\my-ghidra-head\toos\ghidra\ghidra.pdb ...\decompile.pdbWhen developing in Visual Studio, to view the source files belonging to the ghidra.exe target, you'll need to change the Solution Explorer view from Folder View to CMake Targets View
And then you can expand the tree to find sleigh_ghidra target and easily navigate the source files from the Ghidra repo in which you've already made your changes.
You should also be able to navigate to any referenced Ghidra file using Ctrl+Shift+T (Edit -> Go To -> Go To File...), including header files. The file navigation might be a little awkward because the Ghidra source tree isn't located within the sleigh repository, but it should work 🤞 (if it doesn't, please make an issue with what you expect to happen vs what actually happens).
For debugging, after renaming and copying over ghidra.exe and ghidra.pdb to decompile.exe and decompile.pdb to where Ghidra locates the decompiler, you should be able to use Visual Studio to Attach to Process... to the running decompile.exe process started by the Ghidra GUI and set breakpoints in the source files and hit the Pause button to see the full source code for the current instruction where you've paused in your working directory!