============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined get_9p_stats_trans() ;local_20 undefined8 -20 ;local_a8 undefined1 -a8 ;local_f8 undefined1 -f8 ;local_100 undefined8 -100 PUSH R13 PUSH R12 PUSH RBP MOV RBP,RDI MOV RDI,RSI SUB RSP,0xf0 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_20+0x108],RAX LEA RAX,[.rodata:DAT_00259fb7] ;= 4Fh O LEA R12=>local_f8,[RSP + 0x10] LEA R13=>local_a8,[RSP + 0x60] MOV RSI,R12 MOV qword ptr [RSP + local_100+0x108],RAX=>.rodata:DAT_00259fb7 ;= 4Fh O CALL .plt:::dbus_message_iter_init_append ;undefined dbus_message_iter_init_app... LEA RDX=>local_100,[RSP + 0x8] MOV RSI,R13 MOV RDI,RBP CALL arg_ipaddr ;undefined arg_ipaddr() TEST AL,AL JZ LAB_001559d0 MOV ESI,0x1 MOV RDI,R13 CALL get_gsh_client ;undefined get_gsh_client() MOV RBP,RAX TEST RAX,RAX JZ LAB_001559f0 CMP qword ptr [RAX + -0x20],0x0 JZ LAB_001559b8 MOV RDX=>.rodata:DAT_00259fb7,qword ptr [RSP + 0x8] ;= 4Fh O MOV ESI,0x1 MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() MOV RDI,qword ptr [RBP + -0x20] MOV RSI,R12 CALL server_dbus_9p_transstats ;undefined server_dbus_9p_transstats() LAB_00155987: MOV RDI,RBP CALL put_gsh_client ;undefined put_gsh_client() LAB_0015598f: MOV RAX,qword ptr [RSP + local_20+0x108] SUB RAX,qword ptr FS:[0x28] JNZ LAB_001559f9 ADD RSP,0xf0 MOV EAX,0x1 POP RBP POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_001559b8: LEA RDX,[.rodata:s_Client_does_not_have_any_9p_acti_00248578] ;= "Client does not have any 9p activ... XOR ESI,ESI MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() JMP LAB_00155987 ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001559d0: MOV RDX=>.rodata:DAT_00259fb7,qword ptr [RSP + 0x8] ;= 4Fh O TEST RDX,RDX JZ LAB_001559f0 LAB_001559da: XOR ESI,ESI MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() JMP LAB_0015598f ?? 66h f ?? 2Eh . ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001559f0: LEA RDX,[.rodata:s_Client_IP_address_not_found_002482c7] ;= "Client IP address not found" JMP LAB_001559da LAB_001559f9: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP Actual src: static bool get_9p_stats_trans(DBusMessageIter *args, DBusMessage *reply, DBusError *error) { struct gsh_client *client = NULL; struct server_stats *server_st = NULL; bool success = true; char *errormsg = "OK"; DBusMessageIter iter; dbus_message_iter_init_append(reply, &iter); client = lookup_client(args, &errormsg); if (client == NULL) { success = false; if (errormsg == NULL) errormsg = "Client IP address not found"; } else { server_st = container_of(client, struct server_stats, client); if (server_st->st._9p == NULL) { success = false; errormsg = "Client does not have any 9p activity"; } } gsh_dbus_status_reply(&iter, success, errormsg); if (success) server_dbus_9p_transstats(server_st->st._9p, &iter); if (client!= NULL) put_gsh_client(client); return true; } Predicted src: static void get_client_reply (GDBusConnection *connection, const gchar *message, gpointer user_data) { GError *error = NULL; GError *error = NULL; GError *error = NULL; if (!g_dbus_message_iter_get_reply (message, &error)) { dbus_message_iter_init (&error); return; } if (!g_dbus_message_iter_next_reply (message, &error)) { dbus_message_iter_init (&error); return; } if (!g_dbus_message_iter_next_reply (message, &error)) { dbus_message_iter_init (&error); return; } g_assert_not_reached (); } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* CL_OutlineTriangulator_Generic::intersects(double, double, double, double, double, double, double, double) * ;************************************************************************************************************************************************************ ;undefined intersects(double param_1, double param_2, double param_3, double param_4, double param_5, double param_6, double param_7, double param_8) ;param_1 double XMM0_Qa ;param_2 double XMM1_Qa ;param_3 double XMM2_Qa ;param_4 double XMM3_Qa ;param_5 double XMM4_Qa ;param_6 double XMM5_Qa ;param_7 double XMM6_Qa ;param_8 double XMM7_Qa SUBSD param_3,param_1 SUBSD param_4,param_2 SUBSD param_8,param_6 SUBSD param_7,param_5 MOVAPD XMM8,param_3 MOVAPD XMM9,param_4 MULSD XMM9,param_7 MULSD XMM8,param_8 SUBSD XMM8,XMM9 PXOR XMM9,XMM9 UCOMISD XMM8,XMM9 JP LAB_00143e2c MOV EAX,0x0 JZ LAB_00143e5c LAB_00143e2c: SUBSD param_2,param_6 SUBSD param_1,param_5 MULSD param_3,param_2 MULSD param_4,param_1 SUBSD param_3,param_4 DIVSD param_3,XMM8 COMISD param_3,XMM9 JBE LAB_00143e5a MOVSD param_4,qword ptr [.rodata:DAT_00163d40] COMISD param_4,param_3 JA LAB_00143e60 LAB_00143e5a: XOR EAX,EAX LAB_00143e5c: RET ?? 0Fh ?? 1Fh ?? 00h LAB_00143e60: MULSD param_7,param_2 MULSD param_8,param_1 SUBSD param_7,param_8 DIVSD param_7,XMM8 COMISD param_7,XMM9 JBE LAB_00143e5a COMISD param_4,param_7 SETA AL RET ;************************************************************************************************************************************************************ ;* CL_OutlineTriangulator_Generic::find_colliding_triangles(CL_OutlineTriangulator_Vertex*, CL_OutlineTriangulator_Vertex*) * ;************************************************************************************************************************************************************ ;undefined find_colliding_triangles(CL_OutlineTriangulator_Vertex * param_1, CL_OutlineTriangulator_Vertex * param_2) ;param_1 CL_OutlineT... RDI ;param_2 CL_OutlineT... RSI ;local_40 undefined8 -40 ;local_48 undefined8 -48 ;local_50 undefined8 -50 ;local_58 undefined8 -58 ;local_60 undefined8 -60 ;local_68 undefined8 -68 ;local_69 undefined1 -69 ;local_6a undefined1 -6a ;local_6b undefined1 -6b ;local_6c undefined1 -6c ;local_6d undefined1 -6d ;local_6e undefined1 -6e ;local_6f undefined1 -6f ;local_70 undefined1 -70 ;local_78 undefined8 -78 ;local_80 undefined8 -80 PUSH R15 Actual src: bool CL_OutlineTriangulator_Generic::intersects( double Ax, double Ay, double Bx, double By, double Cx, double Cy, double Dx, double Dy) { double denominator = ((Bx-Ax)*(Dy-Cy)-(By-Ay)*(Dx-Cx)); if( denominator == 0 ) // parallell { return false; } double r = ((Ay-Cy)*(Dx-Cx)-(Ax-Cx)*(Dy-Cy)) / denominator; double s = ((Ay-Cy)*(Bx-Ax)-(Ax-Cx)*(By-Ay)) / denominator; if( (s > 0.0f && s < 1.0f) && (r > 0.0f && r < 1.0f) ) return true; return false; } Predicted src: bool double_find_double_T(double x1, double y1, double x2, double x3, double y3) { if (x1 == 0.0) return false; if (x1 == 0.0) return false; if (x2 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; if (x3 == 0.0) return false; return true; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined RTSgBufCopyFromBuf() CMP RDI,0xfff JBE LAB_00182458 MOV RAX,-0x100000000000000 PUSH RBP MOV R8,RDI MOV RBP,RSP PUSH R15 PUSH R14 PUSH R13 PUSH R12 PUSH RBX MOV RBX,RDI SUB RSP,0x8 AND R8,RAX JNZ LAB_00182460 MOV R15,RSI CMP RSI,0xfff JBE LAB_00182432 TEST RSI,RAX JNZ LAB_00182432 MOV R13,RDX MOV R14,RDX TEST RDX,RDX JNZ LAB_001823f8 JMP LAB_0018242f ?? 0Fh ?? 1Fh ?? 00h LAB_001823c0: ADD EDX,0x1 MOV dword ptr [RBX + 0xc],EDX CMP ECX,EDX JBE LAB_001823e0 SHL RDX,0x4 ADD RDX,qword ptr [RBX] MOV RAX,qword ptr [RDX] MOV qword ptr [RBX + 0x10],RAX MOV RAX,qword ptr [RDX + 0x8] MOV qword ptr [RBX + 0x18],RAX LAB_001823e0: TEST R12,R12 JZ LAB_00182450 MOV RSI,R15 MOV RDX,R12 ADD R15,R12 CALL .plt:::memcpy ;void * memcpy(void * __dest, void *... SUB R14,R12 JZ LAB_0018242f LAB_001823f8: MOV EDX,dword ptr [RBX + 0xc] MOV ECX,dword ptr [RBX + 0x8] MOV RAX,qword ptr [RBX + 0x18] CMP EDX,ECX JZ LAB_00182448 LAB_00182406: CMP R14,RAX MOV R12,RAX MOV RDI,qword ptr [RBX + 0x10] CMOVBE R12,R14 SUB RAX,R12 MOV qword ptr [RBX + 0x18],RAX JZ LAB_001823c0 ADD R12,RDI MOV RDX,R14 MOV RSI,R15 MOV qword ptr [RBX + 0x10],R12 CALL .plt:::memcpy ;void * memcpy(void * __dest, void *... LAB_0018242f: MOV R8,R13 LAB_00182432: ADD RSP,0x8 MOV RAX,R8 POP RBX POP R12 POP R13 POP R14 POP R15 POP RBP RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00182448: TEST RAX,RAX JNZ LAB_00182406 NOP dword ptr [RAX] LAB_00182450: SUB R13,R14 JMP LAB_0018242f ?? 0Fh ?? 1Fh ?? 00h LAB_00182458: XOR EAX,EAX RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00182460: XOR R8D,R8D JMP LAB_00182432 ?? 66h f Actual src: RTDECL(size_t) RTSgBufCopyFromBuf(PRTSGBUF pSgBuf, const void *pvBuf, size_t cbCopy) { AssertPtrReturn(pSgBuf, 0); AssertPtrReturn(pvBuf, 0); size_t cbLeft = cbCopy; while (cbLeft) { size_t cbThisCopy = cbLeft; void *pvDst = rtSgBufGet(pSgBuf, &cbThisCopy); if (!cbThisCopy) break; memcpy(pvDst, pvBuf, cbThisCopy); cbLeft -= cbThisCopy; pvBuf = (const void *)((uintptr_t)pvBuf + cbThisCopy); } return cbCopy - cbLeft; } Predicted src: static size_t buf_CopyCopy(const void *buf, size_t size, void *buf, size_t size) { size_t size = 0; size_t size = 0; if (buf == NULL) { return -1; } if (buf == NULL) { return -1; } size = buf->size; if (size == 0) { size = buf->size; } if (size == 0) { size = buf->size; } if (size == 0) { size = buf->size; } else { size = buf->size; } if (size == 0) { size = buf->size; } if (size == 0) { size = buf->size; } else { size = buf->size; } if (size == 0) { size = buf->size; } if (size == 0) { size = buf->size; } else { size = buf->size; } return size; } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* Py::PythonExtensionBase::str() * ;************************************************************************************************************************************************************ ;undefined str(void) ;local_20 undefined8 -20 ;local_30 undefined1 -30 ;local_40 undefined8 -40 PUSH R12 MOV EDI,0x1 PUSH RBP PUSH RBX SUB RSP,0x30 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_20+0x48],RAX XOR EAX,EAX LEA RBP=>local_40,[RSP + 0x8] CALL .plt:::__cxa_allocate_exception ;undefined __cxa_allocate_exception() LEA RSI,[.rodata:s_Extension_object_missing_impleme_002426d8] ;= "Extension object missing implemen... MOV RDI,RBP MOV R12,RAX ;try { // try from 0017feba to 0017febe has its CatchHandler @ 0017ff00 LAB_0017feba: CALL std::__cxx11::basic_string,std::allocator>::basic_string ;undefined basic_string(char * param_... ;} // end try from 0017feba to 0017febe MOV RDI,RBP LEA RBX=>local_30,[RSP + 0x18] ;try { // try from 0017fec7 to 0017fecb has its CatchHandler @ 0017feec LAB_0017fec7: CALL Py::RuntimeError::RuntimeError ;undefined RuntimeError(RuntimeError... ;} // end try from 0017fec7 to 0017fecb MOV RDI=>local_40,qword ptr [RSP + 0x8] CMP RDI,RBX JZ LAB_0017fedb CALL .plt:::operator.delete ;void operator.delete(void * param_1) LAB_0017fedb: MOV RSI=>.data.rel.ro:Py::RuntimeError::typeinfo,qword ptr [->Py::RuntimeError::typeinfo] ;= 002a5cd8 ;= 00293fb8 XOR EDX,EDX MOV RDI,R12 LAB_0017fee7: CALL .plt:::__cxa_throw ;undefined __cxa_throw() ;catch() {... } // from try @ 0017fec7 with catch @ 0017feec LAB_0017feec: MOV RBP,RAX MOV RDI,qword ptr [RSP + 0x8] CMP RDI,RBX JZ LAB_0017ff03 CALL .plt:::operator.delete ;void operator.delete(void * param_1) JMP LAB_0017ff03 ;catch() {... } // from try @ 0017feba with catch @ 0017ff00 LAB_0017ff00: MOV RBP,RAX LAB_0017ff03: MOV RDI,R12 CALL .plt:::__cxa_free_exception ;undefined __cxa_free_exception() MOV RDI,RBP CALL .plt:::_Unwind_Resume ;undefined _Unwind_Resume() NOP Actual src: Py::Object PythonExtensionBase::str() { missing_method( str ); return Py::None(); } Predicted src: PyObject * PyBaseBaseBase::str(void) { PyObject *self = Py_BuildValue("i", 0); if (self == NULL) return NULL; return Py_BuildValue("i", self); } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined bufferevent_remove_from_rate_limit_group_internal_() PUSH R12 PUSH RBP MOV EBP,ESI PUSH RBX MOV RSI,qword ptr [RDI + 0x1d0] MOV RBX,RDI TEST RSI,RSI JZ LAB_00115f21 MOV RAX,qword ptr [->evthread_lock_fns_] ;= 00135120 XOR EDI,EDI CALL qword ptr [RAX + 0x18]=>.bss:evthread_lock_fns_[24] LAB_00115f21: MOV RAX,qword ptr [RBX + 0x1e8] TEST RAX,RAX JZ LAB_00115fac MOV R12,qword ptr [RAX + 0x10] TEST R12,R12 JZ LAB_00115fac MOV RSI,qword ptr [R12 + 0x110] TEST RSI,RSI JZ LAB_00115f56 MOV RAX,qword ptr [->evthread_lock_fns_] ;= 00135120 XOR EDI,EDI CALL qword ptr [RAX + 0x18]=>.bss:evthread_lock_fns_[24] MOV RAX,qword ptr [RBX + 0x1e8] LAB_00115f56: MOV qword ptr [RAX + 0x10],0x0 SUB dword ptr [R12 + 0x70],0x1 MOV RAX,qword ptr [RBX + 0x1e8] MOV RDX,qword ptr [RAX] TEST RDX,RDX JZ LAB_00115f8c MOV RDX,qword ptr [RDX + 0x1e8] MOV RAX,qword ptr [RAX + 0x8] MOV qword ptr [RDX + 0x8],RAX MOV RAX,qword ptr [RBX + 0x1e8] MOV RDX,qword ptr [RAX] LAB_00115f8c: MOV RAX,qword ptr [RAX + 0x8] MOV qword ptr [RAX],RDX MOV RSI,qword ptr [R12 + 0x110] TEST RSI,RSI JZ LAB_00115fac MOV RAX,qword ptr [->evthread_lock_fns_] ;= 00135120 XOR EDI,EDI CALL qword ptr [RAX + 0x20]=>.bss:evthread_lock_fns_[32] LAB_00115fac: TEST EBP,EBP JNZ LAB_00115fd0 LAB_00115fb0: MOV RSI,qword ptr [RBX + 0x1d0] TEST RSI,RSI JZ LAB_00115fc8 MOV RAX,qword ptr [->evthread_lock_fns_] ;= 00135120 XOR EDI,EDI CALL qword ptr [RAX + 0x20]=>.bss:evthread_lock_fns_[32] LAB_00115fc8: POP RBX XOR EAX,EAX POP RBP POP R12 RET ?? 90h LAB_00115fd0: MOV RDI,RBX MOV ESI,0x4 CALL .plt:bufferevent_unsuspend_read_ ;undefined bufferevent_unsuspend_read_() MOV ESI,0x4 MOV RDI,RBX CALL .plt:bufferevent_unsuspend_write_ ;undefined bufferevent_unsuspend_writ... JMP LAB_00115fb0 ?? 0Fh Actual src: int bufferevent_remove_from_rate_limit_group_internal_(struct bufferevent *bev, int unsuspend) { struct bufferevent_private *bevp = BEV_UPCAST(bev); BEV_LOCK(bev); if (bevp->rate_limiting && bevp->rate_limiting->group) { struct bufferevent_rate_limit_group *g = bevp->rate_limiting->group; LOCK_GROUP(g); bevp->rate_limiting->group = NULL; --g->n_members; LIST_REMOVE(bevp, rate_limiting->next_in_group); UNLOCK_GROUP(g); } if (unsuspend) { bufferevent_unsuspend_read_(bev, BEV_SUSPEND_BW_GROUP); bufferevent_unsuspend_write_(bev, BEV_SUSPEND_BW_GROUP); } BEV_UNLOCK(bev); return 0; } Predicted src: int read_lock_lock_lock_from_lock_lock_from_lock( read_lock_lock_lock_t *lock) { read_lock_lock_lock_t *lock; int ret; lock = (read_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_lock_loc