PPC DCB instructions disassembled incorrectly

[psifertex]

From a slack report:

It's a very low impact bug since it's strictly visual, but for the PPC disassembly (which I believe rides on top of capstone?) the disassembly text for dcbf and dcbz instructions gets a bit mangled.

For example, the opcode 7c 00 00 ac should disassemble as dcbf 0, r0 but the disassembly text shows as dcbf , r0 Checking with capstone outside of binja, the output is correct, which leads me to believe this is an issue within binja itself.

[Rot127]

This is fixed in the next and future v6 release:

./cstool -d ppc64be "7c 00 00 ac"
 0  7c 00 00 ac  dcbf   0, r0
    ID: 8 (dcbf)
    op_count: 1
        operands[0].type: MEM
            operands[0].mem.base: REG = 0
            operands[0].mem.offset: REG = r0
        operands[0].access: READ

We cannot give a date yet for the v6 release. But we highly recommend to use the next branch if you can. It provides enormously better disassembly for PPC, ARM, AArch64. Also see the release guide.

[Rot127]

Unfortunately, I don't have time currently to check it myself, but the instructions in: https://github.com/Vector35/binaryninja-api/issues/3983 https://github.com/Vector35/binaryninja-api/issues/3989 https://github.com/Vector35/binaryninja-api/issues/4023 https://github.com/Vector35/binaryninja-api/issues/3968 are probably fixed in next as well.

[XVilka]

By the way, if you are curious about details of the long-running auto-sync project that will be a part of Capstone 6.0, @Rot127 wrote a blog post about why, how, and what was done to modernize Capstone: Auto-Sync - Generating disassembler plugins.