============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined tti_rnum() PUSH R13 PUSH R12 XOR R12D,R12D PUSH RBP MOV RBP,RDI PUSH RBX SUB RSP,0x8 MOV byte ptr [RDI],0xff NOP dword ptr [RAX + RAX*0x1] LAB_00108968: CALL sim_poll_kbd ;undefined sim_poll_kbd() TEST EAX,EAX JZ LAB_00108968 TEST AH,0x20 JNZ LAB_00108968 CMP EAX,0xfff JLE LAB_001089c2 AND EAX,0x7f CMP AL,0xd JZ LAB_001089d0 CMP AL,0x7e JZ LAB_001089e0 CMP AL,0x60 JZ LAB_001089e0 MOV R13,qword ptr [.data:tti_to_num] ;= 0011d820 MOVSX EBX,AL MOV ESI,EBX MOV RDI=>.rodata:s_0123456789|=@:;}_0011d820,R13 ;= "0123456789|=@:;}" CALL .plt:::strchr ;char * strchr(char * __s, int __c) MOV EDI,0x7 TEST RAX,RAX JZ LAB_001089b5 SUB RAX,R13 MOV EDI,EBX OR EAX,R12D MOV byte ptr [RBP],AL LAB_001089b5: CALL tto_write ;undefined tto_write() CMP byte ptr [RBP],0xff JZ LAB_00108968 XOR EAX,EAX LAB_001089c2: ADD RSP,0x8 POP RBX POP RBP POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 00h LAB_001089d0: MOV byte ptr [RBP],0x7f MOV EDI,0xd JMP LAB_001089b5 ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001089e0: MOVSX EDI,AL MOV R12D,0x10 JMP LAB_001089b5 ?? 0Fh Actual src: t_stat tti_rnum (int8 *c) { int8 raw, flg = 0; char *cp; t_stat r; *c = -1; /* no char yet */ do { r = tti_read (&raw); /* get char */ if (r!= SCPE_OK) /* error? */ return r; if (raw == '\r') /* return? mark */ *c = 0x7F; else if ((raw == '~') || (raw == '`')) /* flag? mark */ flg = FLAG; else if (cp = strchr (tti_to_num, raw)) /* legal? */ *c = ((int8) (cp - tti_to_num)) | flg; /* assemble char */ else raw = 007; /* beep! */ tto_write (raw); /* echo */ } while (*c == -1); return SCPE_OK; } Predicted src: static int write_poll_poll(char *buf, int len) { int ret; char *p; p = strchr(buf, len); if (p == NULL) return 0; p[len] = '\0'; p[len] = '\0'; p[len] = '\0'; p[len] = '\0'; p[len] = '\0'; return ret; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined finish() SUB RSP,0x8 CALL cleanup ;void cleanup(EVP_PKEY_CTX * ctx) MOV EDI,0x1 CALL .plt:::exit ;void exit(int __status) NOP dword ptr CS:[RAX + RAX*0x1] Actual src: static void finish(int sig GCC_UNUSED) { cleanup(); ExitProgram(EXIT_FAILURE); } Predicted src: static void exit(int sig) { exit(1); } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined txn_body_cleanup_txn_changes() MOV R8,RDI MOV RCX,qword ptr [RSI + 0x10] MOV RDI,qword ptr [RSI + 0x8] MOV RDX,RSI MOV RSI,qword ptr [R8] JMP .plt:LAB_00109bc0 ?? 66h f Actual src: static svn_error_t * txn_body_cleanup_txn_changes(void *baton, trail_t *trail) { const char *key = *(const char **)baton; return svn_fs_bdb__changes_delete(trail->fs, key, trail, trail->pool); } Predicted src: static void ngx_body_cleanup(ngx_body_t *body, ngx_body_t *body) { ngx_body_t *body = (ngx_body_t *)body->body; ngx_body_cleanup(body->body,body->body); } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined rd_kafka_message_get_from_rkm() ;local_10 undefined8 -10 CMP dword ptr [RDI + 0x10],0x4 MOV RAX,RSI JZ LAB_001438d0 MOV RDX,qword ptr [RDI + 0x38] TEST RDX,RDX JZ LAB_00143900 CMP qword ptr [RSI + 0x8],0x0 MOV RCX,qword ptr [RDX + 0x60] MOV qword ptr [RSI + 0x40],RDI JZ LAB_00143947 LAB_001438b5: MOV EDX,dword ptr [RDX + 0x68] MOV dword ptr [RAX + 0x10],EDX LAB_001438bb: MOV EDX,dword ptr [RAX] TEST EDX,EDX JNZ LAB_001438cc MOV EDX,dword ptr [RDI + 0x20] CMP dword ptr [RDI + 0x10],0x1 MOV dword ptr [RAX],EDX JZ LAB_00143910 LAB_001438cc: RET ?? 0Fh ?? 1Fh ?? 00h LAB_001438d0: MOV RDX,qword ptr [RSI + 0x8] MOV RCX,qword ptr [RDI + 0x70] TEST RDX,RDX JNZ LAB_001438bb TEST RCX,RCX JZ LAB_001438bb LAB_001438e2: CMP dword ptr [RCX],0x544b524c JNZ LAB_00143940 LOCK ADD dword ptr [RCX + 0x10],0x1 LAB_001438ef: MOV qword ptr [RAX + 0x8],RCX TEST RDX,RDX JNZ LAB_001438b5 JMP LAB_001438bb ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00143900: MOV qword ptr [RSI + 0x40],RDI XOR ECX,ECX JMP LAB_001438bb ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00143910: TEST RCX,RCX JZ LAB_001438cc TEST EDX,EDX JNZ LAB_001438cc SUB RSP,0x18 MOV RDI,qword ptr [RCX + 0xf0] MOV RSI,RAX MOV qword ptr [RSP + local_10+0x18],RAX CALL rd_kafka_interceptors_on_consume ;undefined rd_kafka_interceptors_on_c... MOV RAX,qword ptr [RSP + local_10+0x18] ADD RSP,0x18 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00143940: LOCK ADD dword ptr [RCX + 0x18],0x1 JMP LAB_001438ef LAB_00143947: TEST RCX,RCX JZ LAB_001438b5 JMP LAB_001438e2 ?? 66h f Actual src: rd_kafka_message_t *rd_kafka_message_get_from_rkm (rd_kafka_op_t *rko, rd_kafka_msg_t *rkm) { return rd_kafka_message_setup(rko, &rkm->rkm_rkmessage); } Predicted src: void rd_kafka_kafka_get_current_message(rd_kafka_kafka_t *kafka, const rd_kafka_kafka_t *kafka) { if (kafka == NULL) { return; } if (kafka == NULL) { return; } if (kafka == NULL) { return; } if (kafka == NULL) { return; } if (kafka == NULL) { return; } kafka->current_message = rd_kafka_get_kafka_message(kafka); kafka->current_message = rd_kafka_get_kafka_message(kafka); kafka->current_message = rd_kafka_get_kafka_message(kafka); kafka->current_message = rd_kafka_get_kafka_message(kafka); } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined COM_InitArgv() PUSH R15 PUSH R14 PUSH R13 MOV R13,RSI PUSH R12 MOV R12D,EDI PUSH RBP PUSH RBX SUB RSP,0x8 CMP EDI,0x32 JG LAB_00160ca8 MOV dword ptr [.bss:com_argc],EDI TEST EDI,EDI JLE LAB_00160c95 LAB_00160c43: XOR EBP,EBP LEA R14,[.bss:com_argv] LEA R15,[.rodata:DAT_00286e0d] JMP LAB_00160c77 ?? 0Fh ?? 1Fh ?? 00h LAB_00160c58: MOV RDI,RBX CALL .plt:::strlen ;size_t strlen(char * __s) CMP RAX,0x3ff CMOVA RBX,R15 MOV qword ptr [R14 + RBP*0x8]=>.bss:com_argv,RBX ADD RBP,0x1 CMP R12D,EBP JLE LAB_00160c95 LAB_00160c77: MOV RBX,qword ptr [R13 + RBP*0x8] TEST RBX,RBX JNZ LAB_00160c58 LEA RBX,[.rodata:DAT_00286e0d] MOV qword ptr [R14 + RBP*0x8]=>.bss:com_argv,RBX=>.rodata:DAT_00286e0d ADD RBP,0x1 CMP R12D,EBP JG LAB_00160c77 LAB_00160c95: ADD RSP,0x8 POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00160ca8: LEA RSI,[.rodata:s_argc_>_MAX_NUM_ARGVS_0028ed0d] ;= "argc > MAX_NUM_ARGVS" XOR EDI,EDI XOR EAX,EAX CALL Com_Error ;undefined Com_Error(undefined param_... MOV dword ptr [.bss:com_argc],R12D JMP LAB_00160c43 ?? 66h f Actual src: void COM_InitArgv (int argc, char **argv) { int i; if (argc > MAX_NUM_ARGVS) Com_Error (ERR_FATAL, "argc > MAX_NUM_ARGVS"); com_argc = argc; for (i=0 ; i= MAX_TOKEN_CHARS ) com_argv[i] = ""; else com_argv[i] = argv[i]; } } Predicted src: void S_Init(int argc, char **argv) { int i; for (i = 0; i < argc; i++) { if (argv[i] == NULL) { fprintf(stderr, "Error: %s\n", argv[i]); return; } argv[i] = 0; } }