============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined e_attachment_bar_interface_init() LEA RAX,[attachment_bar_get_private] MOV qword ptr [RDI + 0x10],RAX=>attachment_bar_get_private LEA RAX,[attachment_bar_get_store] MOV qword ptr [RDI + 0x18],RAX=>attachment_bar_get_store LEA RAX,[attachment_bar_get_path_at_pos] MOV qword ptr [RDI + 0x20],RAX=>attachment_bar_get_path_at_pos LEA RAX,[attachment_bar_get_selected_paths] MOV qword ptr [RDI + 0x28],RAX=>attachment_bar_get_selected_paths LEA RAX,[attachment_bar_path_is_selected] MOV qword ptr [RDI + 0x30],RAX=>attachment_bar_path_is_selected LEA RAX,[attachment_bar_select_path] MOV qword ptr [RDI + 0x38],RAX=>attachment_bar_select_path LEA RAX,[attachment_bar_unselect_path] MOV qword ptr [RDI + 0x40],RAX=>attachment_bar_unselect_path LEA RAX,[attachment_bar_select_all] MOV qword ptr [RDI + 0x48],RAX=>attachment_bar_select_all LEA RAX,[attachment_bar_unselect_all] MOV qword ptr [RDI + 0x50],RAX=>attachment_bar_unselect_all LEA RAX,[attachment_bar_update_actions] MOV qword ptr [RDI + 0x78],RAX=>attachment_bar_update_actions RET ?? 90h Actual src: static void e_attachment_bar_interface_init (EAttachmentViewInterface *iface) { iface->get_private = attachment_bar_get_private; iface->get_store = attachment_bar_get_store; iface->get_path_at_pos = attachment_bar_get_path_at_pos; iface->get_selected_paths = attachment_bar_get_selected_paths; iface->path_is_selected = attachment_bar_path_is_selected; iface->select_path = attachment_bar_select_path; iface->unselect_path = attachment_bar_unselect_path; iface->select_all = attachment_bar_select_all; iface->unselect_all = attachment_bar_unselect_all; iface->update_actions = attachment_bar_update_actions; } Predicted src: static void geary_iface_init (GtkTreeModel *iface) { iface->get_iface = G_TYPE_INSTANCE_GET_PRIVATE (iface); iface->get_path = G_TYPE_INSTANCE_get_path; iface->get_path = G_TYPE_INSTANCE_get_path; iface->get_path = G_TYPE_INSTANCE_get_path; iface->get_path = G_TYPE_INSTANCE_get_path; iface->get_path = G_TYPE_INSTANCE_get_path; iface->get_path = G_path_path_get_path; iface->get_path = G_path_get_path_path; iface->get_path = G_path_path_get_path; iface->get_path = G_path_path_get_path; iface->get_path = G_path_path_path; iface->get_path = G_path_path; iface->get_path = G_path_path_path; iface->get_path = G_path_path_path; iface->get_path = G_path_path_path_path; iface->get_path = G_path_path_path; iface->get_path = G_path_path_path; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* ONScripter::brCommand() * ;************************************************************************************************************************************************************ ;undefined brCommand(ONScripter * this) ;this ONScripter * RDI PUSH R12 MOV ESI,0x1 PUSH RBP PUSH RBX MOV RBX,this CALL ONScripter::enterTextDisplayMode ;undefined enterTextDisplayMode(ONScr... LEA this,[RBX + 0xcb8] CALL FontInfo::newLine ;undefined newLine(FontInfo * this) MOV RBX,qword ptr [RBX + 0xbf8] MOVSXD RDX,dword ptr [RBX + 0x1c] MOV this,dword ptr [RBX + 0x18] CMP EDX,this JGE LAB_00124540 MOV RBP,qword ptr [RBX + 0x10] LAB_00124523: LEA EAX,[RDX + 0x1] MOV dword ptr [RBX + 0x1c],EAX MOV EAX,0x2 MOV byte ptr [RBP + RDX*0x1],0xa POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00124540: ADD this,this MOVSXD this,this CALL .plt:::operator.new[] ;void * operator.new[](ulong param_1) MOV R12,qword ptr [RBX + 0x10] MOVSXD RDX,dword ptr [RBX + 0x18] MOV this,RAX MOV RBP,RAX MOV RSI,R12 CALL .plt:::memcpy ;void * memcpy(void * __dest, void *... MOV this,R12 CALL .plt:::operator.delete[] ;void operator.delete[](void * param_1) MOV qword ptr [RBX + 0x10],RBP MOVSXD RDX,dword ptr [RBX + 0x1c] SHL dword ptr [RBX + 0x18],1 JMP LAB_00124523 ?? 90h Actual src: int ONScripter::brCommand() { enterTextDisplayMode(); sentence_font.newLine(); current_page->add( 0x0a ); return RET_CONTINUE; } Predicted src: void CInfo::new(void) { m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); m_info.size(); } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* ResourceManager::downloadLicenseFinished() * ;************************************************************************************************************************************************************ ;undefined downloadLicenseFinished(ResourceManager * this) ;this ResourceMan... RDI LEA RAX,[.bss:ScQApp] ;=?? MOV RDX,this LEA RCX,[.rodata:s_1downloadLicenseFinished()_00f70b32] ;= "1downloadLicenseFinished()" LEA RSI,[.rodata:s_2finished()_00f3e05a] ;= "2finished()" MOV RAX=>.bss:ScQApp,qword ptr [RAX] ;=?? MOV this,qword ptr [RAX + 0x68] JMP .plt:::QObject::disconnect ;undefined disconnect(QObject * param... ?? 66h f Actual src: void ResourceManager::downloadLicenseFinished() { disconnect(ScQApp->dlManager(), SIGNAL(finished()), this, SLOT(downloadLicenseFinished())); } Predicted src: void KisManager::slot(void) { d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_dd->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_d->m_dd->m_d->m_d->m_d->m_d->m_ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined cmdServerSigChild() MOV RDI,qword ptr [.bss:serverLocal[24]] MOV EAX,dword ptr [RDI] TEST EAX,EAX JZ LAB_0014d0c0 PUSH RBP MOV RBP,RSI PUSH RBX XOR EBX,EBX SUB RSP,0x8 JMP LAB_0014d08e ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_0014d080: MOV RDI,qword ptr [.bss:serverLocal[24]] ADD EBX,0x1 CMP dword ptr [RDI],EBX JBE LAB_0014d0b8 LAB_0014d08e: MOV ESI,EBX CALL lstGet ;undefined lstGet() MOV EDX,dword ptr [RBP + 0x10] CMP dword ptr [RAX],EDX JNZ LAB_0014d080 MOV RDI,qword ptr [.bss:serverLocal[24]] MOV ESI,EBX ADD EBX,0x1 CALL lstRemoveIdx ;undefined lstRemoveIdx() MOV RDI,qword ptr [.bss:serverLocal[24]] CMP dword ptr [RDI],EBX JA LAB_0014d08e LAB_0014d0b8: ADD RSP,0x8 POP RBX POP RBP RET ?? 90h LAB_0014d0c0: RET ?? 66h f Actual src: static void cmdServerSigChild(const int signalType, siginfo_t *signalInfo, void *context) { (void)signalType; (void)context; ASSERT(signalInfo->si_code == CLD_EXITED); // Find the process and remove it for (unsigned int processIdx = 0; processIdx < lstSize(serverLocal.processList); processIdx++) { if (*(int *)lstGet(serverLocal.processList, processIdx) == signalInfo->si_pid) lstRemoveIdx(serverLocal.processList, processIdx); } } Predicted src: static int Get_server(void *data, void *data, size_t len) { if (!data) return -1; if (!data) return -1; return 0; } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined glfwSetWindowAspectRatio() SUB RSP,0x8 TEST RDI,RDI JZ LAB_0010ffe2 TEST ESI,ESI JZ LAB_0010ffc3 TEST EDX,EDX JZ LAB_00110001 LEA RAX,[.bss:_glfw] ;=?? MOV ECX,dword ptr [RAX]=>.bss:_glfw ;=?? TEST ECX,ECX JZ LAB_0010ff90 CMP ESI,-0x1 JZ LAB_0010ff6c CMP EDX,-0x1 JZ LAB_0010ff6c TEST ESI,ESI JLE LAB_0010ffa8 TEST EDX,EDX JLE LAB_0010ffa8 LAB_0010ff6c: CMP qword ptr [RDI + 0x48],0x0 MOV dword ptr [RDI + 0x68],ESI MOV dword ptr [RDI + 0x6c],EDX JZ LAB_0010ff80 LAB_0010ff79: ADD RSP,0x8 RET ?? 66h f ?? 90h LAB_0010ff80: MOV EAX,dword ptr [RDI + 0x8] TEST EAX,EAX JZ LAB_0010ff79 ADD RSP,0x8 JMP _glfwPlatformSetWindowAspectRatio ;undefined _glfwPlatformSetWindowAspe... LAB_0010ff90: XOR ESI,ESI MOV EDI,0x10001 XOR EAX,EAX ADD RSP,0x8 JMP _glfwInputError ;undefined _glfwInputError(undefined... ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_0010ffa8: MOV ECX,EDX MOV EDI,0x10004 MOV EDX,ESI XOR EAX,EAX LEA RSI,[.rodata:s_Invalid_window_aspect_ratio_%i:%_001368d0] ;= "Invalid window aspect ratio %i:%i" ADD RSP,0x8 JMP _glfwInputError ;undefined _glfwInputError(undefined... LAB_0010ffc3: LEA RCX,[.rodata:__PRETTY_FUNCTION__.28] ;= "glfwSetWindowAspectRatio" MOV EDX,0x26d LEA RSI,[.rodata:s_./src/window.c_0013613d] ;= "./src/window.c" LEA RDI,[.rodata:s_numer_!=_0_001361c1] ;= "numer!= 0" CALL .plt:::__assert_fail ;void __assert_fail(char * __assertio... LAB_0010ffe2: LEA RCX,[.rodata:__PRETTY_FUNCTION__.28] ;= "glfwSetWindowAspectRatio" MOV EDX,0x26c LEA RSI,[.rodata:s_./src/window.c_0013613d] ;= "./src/window.c" LEA RDI,[.rodata:s_window_!=_NULL_0011a4a4] ;= "window!= NULL" CALL .plt:::__assert_fail ;void __assert_fail(char * __assertio... LAB_00110001: LEA RCX,[.rodata:__PRETTY_FUNCTION__.28] ;= "glfwSetWindowAspectRatio" MOV EDX,0x26e LEA RSI,[.rodata:s_./src/window.c_0013613d] ;= "./src/window.c" LEA RDI,[.rodata:s_denom_!=_0_001361cc] ;= "denom!= 0" CALL .plt:::__assert_fail ;void __assert_fail(char * __assertio... ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined glfwGetFramebufferSize() TEST RDI,RDI Actual src: GLFWAPI void glfwSetWindowAspectRatio(GLFWwindow* handle, int numer, int denom) { _GLFWwindow* window = (_GLFWwindow*) handle; assert(window!= NULL); assert(numer!= 0); assert(denom!= 0); _GLFW_REQUIRE_INIT(); if (numer!= GLFW_DONT_CARE && denom!= GLFW_DONT_CARE) { if (numer <= 0 || denom <= 0) { _glfwInputError(GLFW_INVALID_VALUE, "Invalid window aspect ratio %i:%i", numer, denom); return; } } window->numer = numer; window->denom = denom; if (window->monitor ||!window->resizable) return; _glfwPlatformSetWindowAspectRatio(window, numer, denom); } Predicted src: int _window_window_window_window_window(window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_window_windowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindowwindo