============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined gfal2_bring_online_poll_list() PUSH R14 MOV R14,RCX PUSH R13 MOV R13D,ESI MOV RSI,R8 PUSH R12 MOV R12,RDX PUSH RBP MOV RBP,RDI PUSH RBX MOV RBX,R8 CALL .plt:gfal2_start_scope_cancel ;undefined gfal2_start_scope_cancel() TEST EAX,EAX JS LAB_0011121e TEST R12,R12 JZ LAB_001111c8 CMP qword ptr [R12],0x0 JZ LAB_001111c8 TEST RBP,RBP JZ LAB_001111c8 MOV RDX,R12 MOV R8,RBX MOV RCX,R14 MOV ESI,R13D MOV RDI,RBP CALL .plt:gfal_plugin_bring_online_poll_listG ;undefined gfal_plugin_bring_online_p... MOV R12D,EAX JMP LAB_0011120a ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001111c8: TEST R13D,R13D JLE LAB_00111204 LEA EAX,[R13 + -0x1] LEA R12,[.rodata:s_context_or/and_urls_are_incorrec_00117e00] ;= "context or/and urls are incorrect... LEA R13,[RBX + RAX*0x8 + 0x8] NOP dword ptr [RAX] LAB_001111e0: XOR EAX,EAX CALL .plt:gfal2_get_core_quark ;undefined gfal2_get_core_quark() MOV RDI,RBX MOV RCX=>.rodata:s_context_or/and_urls_are_incorrec_00117e00,R12 ;= "context or/and urls are incorrect... MOV EDX,0xe MOV ESI,EAX ADD RBX,0x8 XOR EAX,EAX CALL .plt:::g_set_error ;undefined g_set_error() CMP RBX,R13 JNZ LAB_001111e0 LAB_00111204: MOV R12D,0xffffffff LAB_0011120a: MOV RDI,RBP CALL .plt:gfal2_end_scope_cancel ;undefined gfal2_end_scope_cancel() LAB_00111212: POP RBX MOV EAX,R12D POP RBP POP R12 POP R13 POP R14 RET LAB_0011121e: MOV R12D,0xffffffff JMP LAB_00111212 ?? 66h f Actual src: int gfal2_bring_online_poll_list(gfal2_context_t context, int nbfiles, const char *const *urls, const char *token, GError **errors) { int res = -1; GFAL2_BEGIN_SCOPE_CANCEL(context, -1, errors); if (urls == NULL || *urls == NULL || context == NULL) { int i; for (i = 0; i < nbfiles; ++i) { g_set_error(&errors[i], gfal2_get_core_quark(), EFAULT, "context or/and urls are incorrect arguments"); } res = -1; } else { res = gfal_plugin_bring_online_poll_listG(context, nbfiles, urls, token, errors); } GFAL2_END_SCOPE_CANCEL(context); return res; } Predicted src: gboolean g_list_get_list (G_GNUC_UNUSED GAsyncResult *list, GError **error) { g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); g_return_val_if_fail (list!= NULL, FALSE); return TRUE; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined gimp_curves_tool_key_press() PUSH R13 MOV R13,RDX PUSH R12 MOV R12,RSI PUSH RBP MOV RBP,RDI CALL gimp_curves_tool_get_type ;undefined gimp_curves_tool_get_type() MOV RDI,RBP MOV RSI,RAX CALL .plt:::g_type_check_instance_cast ;undefined g_type_check_instance_cast() CMP qword ptr [RBP + 0x58],0x0 JZ LAB_0024f7fd MOV RDI,qword ptr [RAX + 0x2c8] TEST RDI,RDI JZ LAB_0024f7fd MOV RSI,R12 CALL .plt:::gtk_widget_event ;undefined gtk_widget_event() TEST EAX,EAX JNZ LAB_0024f830 LAB_0024f7fd: CALL gimp_tool_get_type ;undefined gimp_tool_get_type() MOV RDI,qword ptr [.bss:gimp_curves_tool_parent_class] MOV RSI,RAX CALL .plt:::g_type_check_class_cast ;undefined g_type_check_class_cast() MOV RDX,R13 MOV RSI,R12 MOV RDI,RBP MOV RAX,qword ptr [RAX + 0xd8] POP RBP POP R12 POP R13 JMP RAX ?? 0Fh ;? -> 00841f0f ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_0024f830: POP RBP MOV EAX,0x1 POP R12 POP R13 RET ?? 0Fh Actual src: static gboolean gimp_curves_tool_key_press (GimpTool *tool, GdkEventKey *kevent, GimpDisplay *display) { GimpCurvesTool *c_tool = GIMP_CURVES_TOOL (tool); if (tool->display && c_tool->graph) { if (gtk_widget_event (c_tool->graph, (GdkEvent *) kevent)) return TRUE; } return GIMP_TOOL_CLASS (parent_class)->key_press (tool, kevent, display); } Predicted src: static gboolean gimp_tool_tool_get_event (GimpTool *tool, GimpTool *tool) { GimpTool *tool = GIMP_TOOL_TOOL (tool); if (tool->priv->event) return FALSE; if (tool->priv->event) return FALSE; return FALSE; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined proto_register_irc() SUB RSP,0x8 LEA RDX,[.rodata:s_irc_03795c22+16] ;= "irc" LEA RSI,[.rodata:DAT_034f9416] ;= 49h I LEA RDI,[.rodata:s_Internet_Relay_Chat_038c6d1f] ;= "Internet Relay Chat" CALL .plt:proto_register_protocol ;undefined proto_register_protocol() MOV EDX,0xc LEA RSI,[.data:hf.2] MOV EDI,EAX MOV dword ptr [.data:proto_irc],EAX ;= FFFFFFFFh CALL .plt:proto_register_field_array ;undefined proto_register_field_array() MOV ESI,0x5 LEA RDI,[.data:ett.1] CALL .plt:proto_register_subtree_array ;undefined proto_register_subtree_arr... MOV EDI,dword ptr [.data:proto_irc] ;= FFFFFFFFh CALL .plt:expert_register_protocol ;undefined expert_register_protocol() LEA RSI,[.data:ei.0] MOV EDX,0x6 MOV RDI,RAX CALL .plt:expert_register_field_array ;undefined expert_register_field_array() LEA RSI,[.rodata:TAG_DELIMITER] ;= 0001h LEA RDI,[.bss:pbrk_tag_delimiter] ;=?? ADD RSP,0x8 JMP .plt:::ws_mempbrk_compile ;undefined ws_mempbrk_compile() ?? 66h f Actual src: void proto_register_irc(void) { static hf_register_info hf[] = { { &hf_irc_response, { "Response", "irc.response", FT_STRING, STR_ASCII, NULL, 0x0, "Line of response message", HFILL }}, { &hf_irc_request, { "Request", "irc.request", FT_STRING, STR_ASCII, NULL, 0x0, "Line of request message", HFILL }}, { &hf_irc_request_prefix, { "Prefix", "irc.request.prefix", FT_STRING, STR_ASCII, NULL, 0x0, "Request prefix", HFILL }}, { &hf_irc_request_command, { "Command", "irc.request.command", FT_STRING, STR_ASCII, NULL, 0x0, "Request command", HFILL }}, { &hf_irc_request_command_param, { "Parameter", "irc.request.command_parameter", FT_STRING, STR_ASCII, NULL, 0x0, "Request command parameter", HFILL }}, { &hf_irc_request_trailer, { "Trailer", "irc.request.trailer", FT_STRING, STR_ASCII, NULL, 0x0, "Request trailer", HFILL }}, { &hf_irc_response_prefix, { "Prefix", "irc.response.prefix", FT_STRING, STR_ASCII, NULL, 0x0, "Response prefix", HFILL }}, { &hf_irc_response_command, { "Command", "irc.response.command", FT_STRING, STR_ASCII, NULL, 0x0, "Response command", HFILL }}, { &hf_irc_response_num_command, { "Command", "irc.response.num_command", FT_UINT16, BASE_DEC, NULL, 0x0, "Response (numeric) command", HFILL }}, { &hf_irc_response_command_param, { "Parameter", "irc.response.command_parameter", FT_STRING, STR_ASCII, NULL, 0x0, "Response command parameter", HFILL }}, { &hf_irc_response_trailer, { "Trailer", "irc.response.trailer", FT_STRING, STR_ASCII, NULL, 0x0, "Response trailer", HFILL }}, { &hf_irc_ctcp, { "CTCP Data", "irc.ctcp", FT_STRING, STR_ASCII, NULL, 0x0, "Placeholder to dissect CTCP data", HFILL }} }; static gint *ett[] = { &ett_irc, &ett_irc_request, &ett_irc_request_command, &ett_irc_response, &ett_irc_response_command }; static ei_register_info ei[] = { { &ei_irc_missing_end_delimiter, { "irc.missing_end_delimiter", PI_MALFORMED, PI_ERROR, "Missing ending tag delimiter (0x01)", EXPFILL }}, { &ei_irc_tag_data_invalid, { "irc.tag_data_invalid", PI_PROTOCOL, PI_WARN, "Tag data outside of NOTICE or PRIVMSG command", EXPFILL }}, { &ei_irc_prefix_missing_ending_space, { "irc.prefix_missing_ending_space", PI_MALFORMED, PI_ERROR, "Prefix missing ending ", EXPFILL }}, { &ei_irc_request_command, { "irc.request.command.missing", PI_MALFORMED, PI_ERROR, "Request has no command", EXPFILL }}, { &ei_irc_numeric_request_command, { "irc.request.command.numeric", PI_PROTOCOL, PI_WARN, "Numeric command not allowed in request", EXPFILL }}, { &ei_irc_response_command, { "irc.response.command.missing", PI_MALFORMED, PI_ERROR, "Response has no command", EXPFILL }}, }; expert_module_t* expert_irc; proto_irc = proto_register_protocol("Internet Relay Chat", "IRC", "irc"); proto_register_field_array(proto_irc, hf, array_length(hf)); proto_register_subtree_array(ett, array_length(ett)); expert_irc = expert_register_protocol(proto_irc); expert_register_field_array(expert_irc, ei, array_length(ei)); /* compile patterns */ ws_mempbrk_compile(&pbrk_tag_delimiter, TAG_DELIMITER); } Predicted src: static void proto_register_register(void) { static const char *name[] = { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { { ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined asn1_skip_tlv() ;local_30 undefined8 -30 ;local_34 undefined4 -34 PUSH R14 PUSH R13 PUSH R12 XOR R12D,R12D PUSH RBP MOV RBP,RSI PUSH RBX MOV RBX,RDI SUB RSP,0x10 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_30+0x38],RAX XOR EAX,EAX MOV RDX,RSP CALL asn1_decode_tag ;undefined asn1_decode_tag() CMP EAX,0x1 JZ LAB_0010bff8 LAB_0010bfd2: MOV RAX,qword ptr [RSP + local_30+0x38] SUB RAX,qword ptr FS:[0x28] JNZ LAB_0010c035 ADD RSP,0x10 MOV EAX,R12D POP RBX POP RBP POP R12 POP R13 POP R14 RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_0010bff8: LEA RDX=>local_34,[RSP + 0x4] MOV RSI,RBP MOV RDI,RBX CALL asn1_decode_length ;undefined asn1_decode_length() MOV R12D,EAX CMP EAX,0x1 JZ LAB_0010c018 LAB_0010c010: XOR R12D,R12D JMP LAB_0010bfd2 ?? 0Fh ?? 1Fh ?? 00h LAB_0010c018: MOV R13D,dword ptr [RSP + local_34+0x38] MOV R14D,dword ptr [RBX] MOV RDI,RBP ADD R14D,R13D CALL bytestring_get_size ;undefined bytestring_get_size() CMP R14D,EAX JA LAB_0010c010 ADD dword ptr [RBX],R13D JMP LAB_0010bfd2 LAB_0010c035: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP word ptr [RAX + RAX*0x1] Actual src: int asn1_skip_tlv(unsigned *pos, const bytestring_t *tlvlist) { unsigned tag; if (asn1_decode_tag(pos,tlvlist,&tag)!=BYTESTRING_OK) return BYTESTRING_ERROR; return asn1_skip_value(pos,tlvlist); } Predicted src: static int read_length(lua_State *L) { size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; size_t len; len = len; len = len; len = len; len = len; len = len; len = len + len; len = len + len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; len = len; return len; } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined erts_get_schedulers_binds() PUSH R13 MOV ESI,0x7 PUSH R12 MOV R12,RDI LEA RDI,[.rodata:s_unbound_0043355b] ;= "unbound" PUSH RBP PUSH RBX SUB RSP,0x8 CALL am_atom_put ;undefined am_atom_put() CMP qword ptr [R12 + 0x78],0x0 MOV RBP,RAX MOV RAX,qword ptr [ERTS_LOW_WRITE:erts_no_schedulers] LEA RSI,[RAX + 0x1] JZ LAB_003025d4 MOV RAX,qword ptr [R12 + 0x58] MOV RBX,qword ptr [R12 + 0x50] MOV RDX,qword ptr [ERTS_LOW_WRITE:erts_no_schedulers] SUB RAX,0x18 CMP RBX,RAX LEA RSI,[RDX + 0x1] CMOVNC RAX,RBX SUB RAX,RBX SAR RAX,0x3 CMP RAX,RSI JNC LAB_00302660 LAB_003025d4: XOR EDX,EDX MOV RDI,R12 CALL erts_heap_alloc ;undefined erts_heap_alloc() MOV RDX,qword ptr [ERTS_LOW_WRITE:erts_no_schedulers] MOV RBX,RAX LAB_003025e8: SHL RDX,0x6 LEA R13,[.bss:cpuinfo_rwmtx] LEA R12,[RBX + 0x2] MOV qword ptr [RBX],RDX MOV RDI=>.bss:cpuinfo_rwmtx,R13 CALL ethr_rwmutex_rlock ;undefined ethr_rwmutex_rlock() CMP qword ptr [ERTS_LOW_WRITE:erts_no_schedulers],0x0 MOV EAX,0x1 MOV RSI,qword ptr [.bss:scheduler2cpu_map] JZ LAB_00302645 NOP dword ptr [RAX + RAX*0x1] LAB_00302620: MOVSXD RDX,dword ptr [RSI + RAX*0x8 + 0x4] MOV RCX,RBP TEST EDX,EDX JS LAB_00302634 SHL RDX,0x4 LEA RCX,[RDX + 0xf] LAB_00302634: MOV qword ptr [RBX + RAX*0x8],RCX ADD RAX,0x1 CMP qword ptr [ERTS_LOW_WRITE:erts_no_schedulers],RAX JNC LAB_00302620 LAB_00302645: MOV RDI=>.bss:cpuinfo_rwmtx,R13 CALL ethr_rwmutex_runlock ;undefined ethr_rwmutex_runlock() ADD RSP,0x8 MOV RAX,R12 POP RBX POP RBP POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00302660: LEA RAX,[RBX + RSI*0x8] MOV qword ptr [R12 + 0x50],RAX JMP LAB_003025e8 ?? 66h f Actual src: Eterm erts_get_schedulers_binds(Process *c_p) { int ix; ERTS_DECL_AM(unbound); Eterm *hp = HAlloc(c_p, erts_no_schedulers+1); Eterm res = make_tuple(hp); *(hp++) = make_arityval(erts_no_schedulers); erts_rwmtx_rlock(&cpuinfo_rwmtx); for (ix = 1; ix <= erts_no_schedulers; ix++) *(hp++) = (scheduler2cpu_map[ix].bound_id >= 0 ? make_small(scheduler2cpu_map[ix].bound_id) : AM_unbound); erts_rwmtx_runlock(&cpuinfo_rwmtx); return res; } Predicted src: static void get_lock_lock_lock(void *data, size_t size) { size_t i; size_t i; for (i = 0; i < size; i++) { if (get_lock_lock(get_lock_lock_lock(get_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock))) return; if (get_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock))) return; } for (i = 0; i < size; i++) { if (get_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock_lock(get_lock_lock_lock_lock))) return; } if (get_lock_lock_lock_lock_lock(get_lock_lock_lock_lock_lock(get_lock_lock_lock_lock_lock)) { return; } for (i = 0; i < size; i++) { if (get_lock_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock(get_lock_lock_lock_lock_lock_lock_lock_lock(get_lock_lock_lock_lock_lock_lock(get_lock_lock_lock_lock_lock))) return; } return; }