Once contain “inc edi” or “dec edi”，TritonContext.disassembly(block, start) generate TypeError: x8664Cpu::disassembly(): Failed to disassemble the given code.

[imliuxin]

ctx = TritonContext(ARCH.X86_64) ctx.setMode(MODE.ALIGNED_MEMORY, True)

block = BasicBlock(list) r=ctx.disassembly(block, start) #once list contain “inc edi” or “dec edi”，it will collapse

How to do it？

[JonathanSalwan]

Can you provide a poc?

[imliuxin]

poc.zip

from triton     import TritonContext, ARCH, MemoryAccess, CPUSIZE, Instruction, OPCODE, MODE

import sys
import string
import random
import socket
from triton import *

if __name__ == '__main__':
    # Set the architecture
    ctx = TritonContext(ARCH.X86_64)

    # Set a symbolic optimization mode
    ctx.setMode(MODE.ALIGNED_MEMORY, True)
    receive=bytes([0xb8,0x58,0x20,0x33,0x16,0xa,0x47,0xa,0x66,0x98])
    #receive = bytes([0xb8, 0x58, 0x20, 0x33, 0x16, 0xa, 0x4f, 0xa, 0x66, 0x98])
    b=receive.split(b'\n')
    print(b)
    list=[]
    i=0
    while i<len(b):
        inst=Instruction(b[i])
        list.append(inst)
        i=i+1
    print(list)
    block = BasicBlock(list)
    r=ctx.disassembly(block, 0x008435B1)
    sblock = ctx.simplify(block)
    ctx.disassembly(sblock, 0x008435B1)

[JonathanSalwan]

Looks like your opcodes are more X86 than X86_64?

from triton import *

if __name__ == '__main__':
    # Set the architecture
    ctx = TritonContext(ARCH.X86)
    # Set a symbolic optimization mode
    ctx.setMode(MODE.ALIGNED_MEMORY, True)
    receive=bytes([0xb8,0x58,0x20,0x33,0x16,0xa,0x47,0xa,0x66,0x98])
    #receive = bytes([0xb8, 0x58, 0x20, 0x33, 0x16, 0xa, 0x4f, 0xa, 0x66, 0x98])
    b=receive.split(b'\n')
    l=[]
    i=0
    while i<len(b):
        print(b[i])
        inst=Instruction(b[i])
        l.append(inst)
        i=i+1

    block = BasicBlock(l)
    ctx.disassembly(block, 0x008435B1)
    print(block)
    print('-------------')
    sblock = ctx.simplify(block)
    ctx.disassembly(sblock, 0x008435B1)
    print(sblock)