binaryninja-api icon indicating copy to clipboard operation
binaryninja-api copied to clipboard
verified publisher icon Vector35

sub_borrow doesn't have default carry flag handler

Open samrussell opened this issue 1 year ago • 3 comments

Version and Platform (required):

  • Binary Ninja Version: 3.5.4526
  • OS: win10
  • OS 10
  • CPU x64

Bug Description: Extending the gameboy plugin to implement LLIL lifting, the carry flag appears to process correctly on most arithmetic instructions but sub_borrow raises an error

replicating 0000397c 9a sbc A, D

image

in comparison, SUB works fine

00003977 92 sub D

my guess is this was just an oversight and the flag calculation on LowLevelILFunction.sub() can be copied across (unsigned comparison of rhs and result and if result is larger then we have overflowed and set C)

samrussell avatar Feb 27 '24 21:02 samrussell

Does your PR not add support for this?

plafosse avatar Mar 05 '24 14:03 plafosse

Nope, the my PR for the Z80 plugin is a workaround, but this is a binary ninja issue. LLIL_ADC has the carry flag automatically calculated but LLIL_SBB doesn't. From what I can see SBB is just the complement to ADC and the fact that ADC is implemented means SBB should also be implemented in the default Architecture implementation

samrussell avatar Mar 05 '24 14:03 samrussell

I think this might actually be a symptom of the SBB opcode not being fully implemented in x86/x64, which would make it a bug, not an enhancement:

from slack: image

samrussell avatar Apr 23 '24 06:04 samrussell