/////////
// Special case for non-exit edges of x86 REP/REPNZ prefixes (for loops using ecx)
if (stmt.getSource().getType() == RTLGoto.Type.STRING_LENGTH_CHECK) {
BasedNumberElement loopCounter = getValue(arch.loopCounter());
if (loopCounter.isTop() || loopCounter.isNumberTop()) {
X86Instruction instr = (X86Instruction)Program.getProgram().getInstruction(stmt.getAddress());
BasedNumberValuation post = copyThisState();
if (instr.hasEsiBasedMemorySource()) {
logger.debug(stmt.getLabel() + ": ecx is unknown in REP/REPNZ, widening esi");
post.setValue(arch.stringSource(), new BasedNumberElement(
getValue(arch.stringSource()).getRegion(),
NumberElement.getTop(arch.getAddressBitWidth())));
}
if (instr.hasEdiBasedMemoryTarget()) {
logger.debug(stmt.getLabel() + ": ecx is unknown in REP/REPNZ, widening edi");
post.setValue(arch.stringTarget(), new BasedNumberElement(
getValue(arch.stringTarget()).getRegion(),
NumberElement.getTop(arch.getAddressBitWidth())));
}