Stack variable accessed with `lea` + `add` not resolved properly

[clubby789]

Version and Platform (required):

• Binary Ninja Version: [e.g. 4.0.4000-dev] (if version is stable, please also test the latest development build via the "Update Channel" option)
• OS: Manjaro Linux
• OS Version: 6.6.30-2-MANJARO
• CPU Architecture: x64

Bug Description: I have a Rust binary that uses this sequence of instructions to access an array of 8 pointers (at stack - 0x58 -> stack - 0x20):

movzx   ecx, byte [rbx+r15]
lea     rax, [rsp+r15*8] {var_88}
add     rax, 0x30

However, this is lifted to HLIL as

    void var_88
    result = &var_88 + (r15 << 3) + 0x30;

Steps To Reproduce: Please provide all steps required to reproduce the behavior:

1. Download the attached binary demo.zip
2. Navigate to 0x88de
3. Open HLIL, see above output

Expected Behavior: The actual variable/array to be displayed, i.e.

result = var_50[r15];

[emesare]

Looks to be the same issue as https://github.com/Vector35/binaryninja-api/issues/5315

<HighLevelILAdd: &var_88 + (r15 << 3) + 0x30> : <HighLevelILAdd: &var_88 + (r15 << 3)> & <HighLevelILConst: 0x30>

[xusheng6]

Yeah this is actually a duplicate of https://github.com/Vector35/binaryninja-api/issues/5315. However, I am keeping this issue open because it involves a x64 binary which is more accessible

[negasora]

Here's a minimized case: lea_add.bndb.zip

Note that there's a stack variable var_20 that should be referenced but instead we're basing off of var_50

[plafosse]

The fundamental issue here is that we don't have in the MLIL Translator a path that simplifies AddressOf(SomeVariable) + Offset to AddressOf(SomeOtherVariable)