binaryninja-api icon indicating copy to clipboard operation
binaryninja-api copied to clipboard
verified publisher icon Vector35

Incorrect stack adjustment calculated for function

Open CouleeApps opened this issue 3 weeks ago • 1 comments

Version and Platform (required):

  • Binary Ninja Version: 5.2.8614
  • Edition: Ultimate
  • OS: macOS
  • OS Version: 15.5
  • CPU Architecture: M1

Bug Description: The stack adjustment on this function should be trivial to calculate but is being resolved with an incorrect value. Image

Stack offset of 8 on exit, subtract 4 for the return address, so it should be 4. But it is calculated as 0, confidence 255, and all callers of this function have mismatched stack pointers.

Steps To Reproduce:

  1. Open this binary: Archive.zip
  2. Navigate to Dog::Dog (0x00401ee0)
  3. Python:
>>> current_function.stack_adjustment
OffsetWithConfidence(value=0, confidence=255)
  1. Observe stack frame offset in LLIL and see that it really shouldn't be 0
  2. Observe call site at _main (0x0040626a) and see that the stack misaligns right after the branches join

Expected Behavior: I expected the stack offsets to resolve properly

Additional Information: Seems like this is MLIL's doing? Quick step through in the debugger shows that StackAdjustmentResolver gets 4 as its estimate, but MLIL translator ignores that and goes with 0 instead.

CouleeApps avatar Nov 19 '25 20:11 CouleeApps