How to determine if a concrete register value is known? #1305
Description
Hey.
I have experimented with the slicing code and I stumbled over this little issue. Essentially I compute some small slices and try to determine if the analysis could find a concrete register value.
This is the code I have:
from triton import *
CODE = {
0x993: bytes.fromhex("48 89 45 58"), # mov %rax,0x58(%rbp)
0x997: bytes.fromhex("49 0f af c7"), # imul %r15,%rax
0x99b: bytes.fromhex("48 8d 78 58"), # lea 0x58(%rax),%rdi
}
ctx = TritonContext()
ctx.setArchitecture(ARCH.X86_64)
ctx.setMode(MODE.ALIGNED_MEMORY, True)
ctx.setAstRepresentationMode(AST_REPRESENTATION.PYTHON)
for pc, opcode in CODE.items():
insn = Instruction()
insn.setOpcode(opcode)
insn.setAddress(pc)
ctx.processing(insn)
expr = ctx.getSymbolicRegisters().get(REG.X86_64.RDI)
slice = ctx.sliceExpressions(expr)
for (_, v) in sorted(slice.items()):
print(v.getDisassembly())
if v.isRegister():
print(ctx.getSymbolicRegisterValue(v.getOrigin()))
print("----")This prints the following:
0x997: imul rax, r15
0
----
0x99b: lea rdi, [rax + 0x58]
88
----
Two questions:
- Is there a proper way to determine if the symbolic value is in fact a known concrete value? It seems the library outputs zero in this case?
- Why does it think
rdiis 0x58? It seems it just assumed r15 to be zero for some reason. I was under the impression that everything is symbolic unless explicitly made concrete. Can I somehow make everything symbolic?