How to dry run an instruction?

[hexpell]

Before processing an instruction to change the state of the CPU, I want to inspect the instruction that if it's reading or writing any memory address, get the concrete memory address value and perform some other actions, for example populate the memory region with some concrete value from some trace data etc.

But I found it difficult to do this with Triton, specifically to get the MemoryAccess without changing the state of the CPU. Basically what I want is TritonContext::processing(inst) but a "dryrun" version. I tried using TritonContext::disassembly(inst) but it doesn't populate the MemoryAccess states, until I call processing:

from triton import *
ctx = TritonContext()
ctx.setArchitecture(ARCH.X86_64)
ctx.setMode(MODE.ALIGNED_MEMORY, True)
ctx.setAstRepresentationMode(AST_REPRESENTATION.PYTHON)

# Setup stack
ctx.setConcreteRegisterValue(ctx.registers.rsp, 0x7fffffff)
ctx.setConcreteRegisterValue(ctx.registers.rbp, 0x7fffffff)

inst = Instruction(0x401110, b"\x55") #  push   rbp
ctx.disassembly(inst)

inst
# 0x401110: push rbp

inst.isMemoryWrite()
# False

inst.getStoreAccess()
# []

ctx.processing(inst)
inst.isMemoryWrite()
# True

inst.getStoreAccess()
# [([@0x7ffffff7]:64 bv[63..0], 0x7fffffff)]

[JonathanSalwan]

for example populate the memory region with some concrete value from some trace data etc.

This code illustrates the way about how to use Triton with a DBI and it's the same concept if you want to synch it with a trace or whatever. The idea is to define a memory callback (see addCallback() and mem_read() in the previous code) and sync registers at every processing (see synch_regs).

That's it. There is no dryrun way of what you are looking for.

Hope it helps

[hexpell]

That's what I'm looking for. Thanks for the quick response!