============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined mlx5_destroy_wq() PUSH R12 PUSH RBP PUSH RBX MOV RBX,RDI CALL .plt:::ibv_cmd_destroy_wq ;undefined ibv_cmd_destroy_wq() MOV R12D,EAX TEST EAX,EAX JZ LAB_0015cff0 MOV EAX,R12D POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_0015cff0: MOV RDI,qword ptr [RBX + 0x18] MOV ECX,dword ptr [RDI + 0x1c0] TEST ECX,ECX JNZ LAB_0015d0b0 MOV EDX,dword ptr [RDI + 0x1bc] TEST EDX,EDX JNZ LAB_0015d0e0 MOV dword ptr [RDI + 0x1bc],0x1 LAB_0015d01a: MOV RDI,qword ptr [RBX + 0x18] MOV ESI,dword ptr [RBX + -0x4] XOR EDX,EDX CALL __mlx5_cq_clean ;undefined __mlx5_cq_clean() MOV RDI,qword ptr [RBX + 0x18] MOV EAX,dword ptr [RDI + 0x1c0] TEST EAX,EAX JNZ LAB_0015d0c8 MOV dword ptr [RDI + 0x1bc],0x0 LAB_0015d044: MOV RAX,qword ptr [RBX] MOV ESI,dword ptr [RBX + -0x4] LEA RBP,[RBX + -0x8] LEA RDI,[RAX + -0x140] CALL mlx5_clear_uidx ;undefined mlx5_clear_uidx() MOV RAX,qword ptr [RBX] MOV RDX,qword ptr [RBX + 0x10] MOVZX ECX,byte ptr [RBX + 0x138] MOV RSI,qword ptr [RBX + 0x130] LEA RDI,[RAX + -0x140] CALL mlx5_free_db ;undefined mlx5_free_db() MOV RAX,qword ptr [RBX] LEA RSI,[RBX + 0x98] LEA RDI,[RAX + -0x140] CALL mlx5_free_actual_buf ;undefined mlx5_free_actual_buf() MOV RDI,qword ptr [RBX + 0xe0] CALL .plt:::free ;void free(void * __ptr) MOV RDI,RBP CALL .plt:::free ;void free(void * __ptr) MOV EAX,R12D POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_0015d0b0: ADD RDI,0x1b8 CALL .plt:::pthread_spin_lock ;int pthread_spin_lock(pthread_spinlo... JMP LAB_0015d01a ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_0015d0c8: ADD RDI,0x1b8 CALL .plt:::pthread_spin_unlock ;int pthread_spin_unlock(pthread_spin... JMP LAB_0015d044 ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_0015d0e0: MOV RAX,qword ptr [->stderr] ;= 00176490 MOV EDX,0x89 MOV ESI,0x1 LEA RDI,[.rodata:s_***_ERROR:_multithreading_violat_00162098] ;= "*** ERROR: multithreading violati... MOV RCX,qword ptr [RAX]=>EXTERNAL:stderr ;=?? CALL .plt:::fwrite ;size_t fwrite(void * __ptr, size_t _... CALL .plt:::abort ;void abort(void) NOP dword ptr CS:[RAX + RAX*0x1] Actual src: int mlx5_destroy_wq(struct ibv_wq *wq) { struct mlx5_rwq *rwq = to_mrwq(wq); int ret; ret = ibv_cmd_destroy_wq(wq); if (ret) return ret; mlx5_spin_lock(&to_mcq(wq->cq)->lock); __mlx5_cq_clean(to_mcq(wq->cq), rwq->rsc.rsn, NULL); mlx5_spin_unlock(&to_mcq(wq->cq)->lock); mlx5_clear_uidx(to_mctx(wq->context), rwq->rsc.rsn); mlx5_free_db(to_mctx(wq->context), rwq->db, wq->pd, rwq->custom_db); mlx5_free_rwq_buf(rwq, wq->context); free(rwq); return 0; } Predicted src: static void cmd_cmd_destroy(cmd_cmd_cmd_t *cmd_cmd) { cmd_cmd_cmd_cmd_t *cmd_cmd; cmd_cmd_cmd_cmd_cmd_t *cmd_cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_t *cmd_cmd; cmd_cmd = cmd_cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd = cmd_cmd->cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd_cmd; cmd_cmd = cmd->cmd_cmd_cmd_cmd; cmd_cmd_cmd = cmd->cmd_cmd_cmd; cmd_cmd_cmd = cmd->cmd_cmd_cmd_cmd; cmd_cmd = cmd_cmd->cmd_cmd_cmd; cmd_cmd_cmd = cmd; cmd_cmd_cmd->cmd_cmd_cmd = cmd_cmd; cmd_cmd_cmd->cmd_cmd_cmd = cmd; cmd_cmd->cmd_cmd_cmd = cmd_cmd; cmd_cmd->cmd_cmd_cmd = cmd; cmd_cmd_cmd->cmd_cmd_cmd_cmd = cmd; cmd_cmd_cmd_cmd->cmd_cmd_cmd = cmd; cmd_cmd_cmd->cmd_cmd_cmd = cmd_cmd_cmd; cmd_cmd_cmd_cmd_cmd_cmd = cmd; cmd_cmd->cmd_cmd_cmd_cmd = cmd_cmd_cmd; cmd_cmd->cmd_cmd_cmd = cmd_cmd_cmd_cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd = cmd; cmd_cmd->cmd_cmd_cmd_cmd_cmd_cmd = cmd_cmd_cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd = cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd = cmd_cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd = cmd; cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd(cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd_cmd ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined CPyDef_default___DefaultPlugin() PUSH R12 XOR ESI,ESI PUSH RBP MOV RBP,RDI SUB RSP,0x8 MOV RAX,qword ptr [->CPyType_default___DefaultPlugin] ;= 015dabc8 MOV RAX=>.bss:CPyType_default___DefaultPlugin,qword ptr [RAX] ;=?? MOV RDI,RAX CALL qword ptr [RAX + 0x130] TEST RAX,RAX JZ LAB_006a5967 MOV R12,RAX LEA RAX,[.bss:default___DefaultPlugin_vtable] ;=?? MOVDQA XMM0,xmmword ptr [.rodata:tuple_undefined_T2II] MOV RSI,RBP MOV qword ptr [R12 + 0x10],RAX=>.bss:default___DefaultPlugin_vtable ;=?? MOV RDI,R12 MOV qword ptr [R12 + 0x18],0x0 MOV qword ptr [R12 + 0x20],0x0 MOVUPS xmmword ptr [R12 + 0x28],XMM0 CALL CPyDef_plugin___Plugin_____init__ ;undefined CPyDef_plugin___Plugin____... CMP AL,0x2 JZ LAB_006a5960 ADD RSP,0x8 MOV RAX,R12 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_006a5960: SUB qword ptr [R12],0x1 JZ LAB_006a5978 LAB_006a5967: XOR R12D,R12D ADD RSP,0x8 MOV RAX,R12 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_006a5978: MOV RDI,R12 CALL .plt:_Py_Dealloc ;undefined _Py_Dealloc() ?? EBh ?? E5h ?? 66h f Actual src: PyObject *CPyDef_default___DefaultPlugin(PyObject *cpy_r_options) { PyObject *self = default___DefaultPlugin_setup(CPyType_default___DefaultPlugin); if (self == NULL) return NULL; char res = CPyDef_plugin___Plugin_____init__(self, cpy_r_options); if (res == 2) { Py_DECREF(self); return NULL; } return self; } Predicted src: PyObject *CPyDef_plugin___init__(PyObject *self, PyObject *const *args, size_t nargs, PyObject *kwnames) { PyObject *obj_self = self; static const char * const kwlist[] = {"t", 0}; static CPyArg_Parser parser = {"O:init", kwlist, 0}; PyObject *obj_self; if (!CPyArg_ParseStackAndKeywordsOneArg(args, nargs, kwnames, &parser, &obj_self)) { return NULL; } PyObject *arg_self; if (likely(Py_TYPE(obj_self) == CPyType_plugin___init)) arg_self = obj_self; else { CPy_TypeError("mypy.init", obj_self); goto fail; } PyObject *arg_self; if (likely(Py_TYPE(obj_self) == CPyType_plugin___init)) arg_self = obj_self; else { CPy_TypeError("mypy.init", obj_self); goto fail; } PyObject *retval = CPyDef_plugin___init__(arg_self, arg_self); return retval; fail: ; CPy_INCREF(Py_None); return NULL; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* otb::TestHelper::SetEpsilonBoundaryChecking(double) * ;************************************************************************************************************************************************************ ;undefined SetEpsilonBoundaryChecking(TestHelper * this, double param_1) ;this TestHelper * RDI ;param_1 double XMM0_Qa UCOMISD param_1,qword ptr [this + 0x50] JP LAB_001663f0 JNZ LAB_001663f0 RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001663f0: MOV RAX,qword ptr [this] MOVSD qword ptr [this + 0x50],param_1 JMP qword ptr [RAX + 0x88] ?? 66h f Actual src: itkSetMacro(EpsilonBoundaryChecking, double); Predicted src: vtkSetMacro(Point, double); ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* js::frontend::ElemOpEmitter::prepareForRhs() * ;************************************************************************************************************************************************************ ;undefined prepareForRhs(ElemOpEmitter * this) ;this ElemOpEmitt... RDI MOV EAX,dword ptr [this + 0x8] SUB EAX,0x8 CMP EAX,0x1 JA LAB_00687ad2 MOV EAX,dword ptr [this + 0xc] TEST EAX,EAX JZ LAB_00687ae0 LAB_00687ad2: MOV EAX,0x1 RET ?? 0Fh ;? -> 00841f0f ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00687ae0: MOV this,qword ptr [this] JMP js::frontend::BytecodeEmitter::emitSuperBase ;undefined emitSuperBase(BytecodeEmit... ?? 0Fh ;? -> 00841f0f Actual src: bool ElemOpEmitter::prepareForRhs() { MOZ_ASSERT(isSimpleAssignment() || isPropInit() || isCompoundAssignment()); MOZ_ASSERT_IF(isSimpleAssignment() || isPropInit(), state_ == State::Key); MOZ_ASSERT_IF(isCompoundAssignment(), state_ == State::Get); if (isSimpleAssignment() || isPropInit()) { // For CompoundAssignment, SuperBase is already emitted by emitGet. if (isSuper()) { if (!bce_->emitSuperBase()) { // [stack] THIS KEY SUPERBASE return false; } } } #ifdef DEBUG state_ = State::Rhs; #endif return true; } Predicted src: bool CManager::Init() { if (m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m.m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_m_mm_m_mm_m_m_m_mm_m_mm_m_mm_m_mm_mm_mm_mm_mm_mm_m_mm_mm_mm_mmm_mm_mmm_mmm_mmmm_mmm_mmm_mmmmmm_mmmmmm_mmmmmmmm_mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined sigbus_hook() MOV ESI,0x13 JMP generic_hook.constprop.0 ;undefined generic_hook.constprop.0() ?? 66h f Actual src: static void sigbus_hook(lua_State *L, lua_Debug *ar) { generic_hook(L, ar, 19); } Predicted src: static int do_command(lua_State *L) { return check_command(L, 1, 1, 1); }