Mon Jul 27 21:33:38 CEST 2015 Triton (https://github.com/JonathanSalwan/Triton) is an opensource Pin-based concolic execution framework and our main difficulty was to check our semantics. Thanks to @rh0main who developed a semantics tester to check if everything is good. Basically, this tester performs a symbolic and concrete trace at the same time and computes the symbolic expression of all registers/flags at each program point. Then, it applies a diff between the symbolic result and the concrete result (cpu values). If there is a difference between these two results, it mean that something is wrong. Here is a trace about the semantics testing. As you can see (grep KO) there are still some issues on flags and stuffs which will be fixed as soon as possible :). Triton tool: https://github.com/JonathanSalwan/Triton/blob/master/examples/semanticsTesting.py [OK] 0x40db40: push rbp [OK] 0x40db41: mov rbp, rsi [OK] 0x40db44: push rbx [OK] 0x40db45: mov ebx, edi [OK] 0x40db47: xor edi, edi [OK] 0x40db49: sub rsp, 0x18 [OK] 0x40db4d: call 0xefc2a0 [OK] 0xefc2a0: push rbp [OK] 0xefc2a1: mov rbp, rdi [OK] 0xefc2a4: push rbx [OK] 0xefc2a5: sub rsp, 0x8 [OK] 0xefc2a9: lea rbx, ptr [rip+0x47e7c8] [OK] 0xefc2b0: mov rdi, rbx [OK] 0xefc2b3: call 0x40b3c0 [OK] 0x40b3c0: jmp qword ptr [rip+0xf6ceca] [OK] 0x40b3c6: push 0x4f [OK] 0x40b3cb: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffd632880: sub rsp, 0x18 [OK] 0x7f5ffd632884: mov edx, 0x1 [OK] 0x7f5ffd632889: xor eax, eax [OK] 0x7f5ffd63288b: mov dword ptr [rsp+0xc], 0x0 [OK] 0x7f5ffd632893: lock cmpxchg dword ptr [rdi], edx [OK] 0x7f5ffd6328a4: add rsp, 0x18 [OK] 0x7f5ffd6328a8: ret [OK] 0xefc2b8: mov eax, 0xffffffff [OK] 0xefc2bd: cmp rbp, rax [OK] 0xefc2c0: jz 0xefc2c9 [OK] 0xefc2c2: mov qword ptr [rip+0x47e3a7], rbp [OK] 0xefc2c9: cmp byte ptr [rip+0x47e3b0], 0x0 [OK] 0xefc2d0: jnz 0xefc300 [OK] 0xefc2d2: mov rdi, rbx [OK] 0xefc2d5: mov byte ptr [rip+0x47e3a4], 0x1 [OK] 0xefc2dc: call 0x40b030 [OK] 0x40b030: jmp qword ptr [rip+0xf6d092] [OK] 0x40b036: push 0x16 [OK] 0x40b03b: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffd6328b0: xor eax, eax [OK] 0x7f5ffd6328b2: xchg dword ptr [rdi], eax [OK] 0x7f5ffd6328b4: test eax, eax [OK] 0x7f5ffd6328b6: js 0x7f5ffd6328ba [OK] 0x7f5ffd6328b8: ret [OK] 0xefc2e1: mov byte ptr [rip+0x47e399], 0x0 [OK] 0xefc2e8: call 0x420230 [OK] 0x420230: sub rsp, 0x8 [OK] 0x420234: call 0xefb590 [OK] 0xefb590: cmp qword ptr [rip+0x47f078], 0x0 [OK] 0xefb5a0: push rbp [OK] 0xefb5a1: mov edi, 0x40 [OK] 0xefb5a6: push rbx [OK] 0xefb5a7: sub rsp, 0x8 [OK] 0xefb5ab: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0x7f5ffc56ea72: lea rax, ptr [rip+0x318bc7] [OK] 0x7f5ffc56ea79: cmp rbx, rax [OK] 0x7f5ffc56ea7c: setnz al [OK] 0x7f5ffc56ea7f: or rbp, 0x1 [OK] 0x7f5ffc56ea83: movzx eax, al [OK] 0x7f5ffc56ea86: shl rax, 0x2 [OK] 0x7f5ffc56ea8a: or rbp, rax [OK] 0x7f5ffc56ea8d: mov rax, rdx [OK] 0x7f5ffc56ea90: or rax, 0x1 [OK] 0x7f5ffc56ea94: mov qword ptr [rcx+0x8], rbp [OK] 0x7f5ffc56ea98: mov qword ptr [r12+0x8], rax [OK] 0x7f5ffc56ea9d: mov eax, dword ptr [rip+0x31add9] [OK] 0x7f5ffc56eaa3: mov qword ptr [r12+rdx*1], rdx [OK] 0x7f5ffc56eaa7: lea r12, ptr [rcx+0x10] [OK] 0x7f5ffc56eaab: test eax, eax [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xefb5b0: test rax, rax [OK] 0xefb5b3: mov rbx, rax [OK] 0xefb5b6: jz 0xefb685 [OK] 0xefb5bc: xor eax, eax [OK] 0xefb5be: mov ecx, 0x8 [OK] 0xefb5c3: mov rdi, rbx [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c6: rep stosq qword ptr [rdi] [OK] 0xefb5c9: mov rdi, rbx [OK] 0xefb5cc: call 0xf20760 [OK] 0xf20760: push rbx [OK] 0xf20761: lea rsi, ptr [rdi+0x18] [OK] 0xf20765: mov rbx, rdi [OK] 0xf20768: mov qword ptr [rdi], 0x0 [OK] 0xf2076f: mov qword ptr [rdi+0x8], 0x0 [OK] 0xf20777: mov qword ptr [rdi+0x10], 0x0 [OK] 0xf2077f: mov qword ptr [rdi+0x18], 0x0 [OK] 0xf20787: mov qword ptr [rdi+0x20], 0x0 [OK] 0xf2078f: xor edi, edi [OK] 0xf20791: call 0xf01770 [OK] 0xf01770: mov rax, qword ptr [rsi] [OK] 0xf01773: push rbx [OK] 0xf01774: mov rbx, rdi [OK] 0xf01777: test rax, rax [OK] 0xf01798: mov edi, 0x2000 [OK] 0xf0179d: or rbx, 0x1 [OK] 0xf017a1: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0x7f5ffc56e7a0: mov rdi, rbx [OK] 0x7f5ffc56e7a3: mov qword ptr [rsp+0x10], r10 [OK] 0x7f5ffc56e7a8: mov dword ptr [rsp+0x8], r8d [OK] 0x7f5ffc56e7ad: call 0x7f5ffc56d2a0 [OK] 0x7f5ffc56d2cb: or dword ptr [rdi+0x4], 0x1 [OK] 0x7f5ffc56d2cf: lea rcx, ptr [rdi+0x58] [OK] 0x7f5ffc56d2d3: lea r9, ptr [rdi+0x50] [OK] 0x7f5ffc56d2d7: lea r8, ptr [rdi+0x8] [OK] 0x7f5ffc56d2db: nop dword ptr [rax+rax*1], eax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d382: mov rax, qword ptr [rbx+0x8] [OK] 0x7f5ffc56d386: mov r14, qword ptr [rbx+0x10] [OK] 0x7f5ffc56d38a: mov rbp, rax [OK] 0x7f5ffc56d38d: and rbp, 0xfffffffffffffffa [OK] 0x7f5ffc56d391: lea r12, ptr [rbx+rbp*1] [OK] 0x7f5ffc56d395: mov r13, qword ptr [r12+0x8] [OK] 0x7f5ffc56d39a: and r13, 0xfffffffffffffff8 [OK] 0x7f5ffc56d39e: test al, 0x1 [OK] 0x7f5ffc56d3e2: cmp qword ptr [r15+0x58], r12 [OK] 0x7f5ffc56d3e6: jz 0x7f5ffc56d400 [OK] 0x7f5ffc56d3e8: test byte ptr [r12+r13*1+0x8], 0x1 [OK] 0x7f5ffc56d3ee: jz 0x7f5ffc56d2f8 [OK] 0x7f5ffc56d3f4: and qword ptr [r12+0x8], 0xfffffffffffffffe [OK] 0x7f5ffc56d3fa: jmp 0x7f5ffc56d33a [OK] 0x7f5ffc56d33a: mov rax, qword ptr [r15+0x68] [OK] 0x7f5ffc56d33e: cmp rbp, 0x3ff [OK] 0x7f5ffc56d345: mov qword ptr [r15+0x68], rbx [OK] 0x7f5ffc56d349: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56d35f: mov rdx, rbp [OK] 0x7f5ffc56d362: mov qword ptr [rbx+0x18], rcx [OK] 0x7f5ffc56d366: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56d36a: or rdx, 0x1 [OK] 0x7f5ffc56d36e: test r14, r14 [OK] 0x7f5ffc56d371: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc56d375: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d2e0: xor ebx, ebx [OK] 0x7f5ffc56d2e2: xchg qword ptr [r8], rbx [OK] 0x7f5ffc56d2e5: test rbx, rbx [OK] 0x7f5ffc56d2e8: jnz 0x7f5ffc56d382 [OK] 0x7f5ffc56d2ee: jmp 0x7f5ffc56d420 [OK] 0x7f5ffc56d420: add r8, 0x8 [OK] 0x7f5ffc56d424: lea rax, ptr [r8-0x8] [OK] 0x7f5ffc56d428: cmp r9, rax [OK] 0x7f5ffc56d42b: jnz 0x7f5ffc56d2e0 [OK] 0x7f5ffc56d431: add rsp, 0x28 [OK] 0x7f5ffc56d435: pop rbx [OK] 0x7f5ffc56d436: pop rbp [OK] 0x7f5ffc56d437: pop r12 [OK] 0x7f5ffc56d439: pop r13 [OK] 0x7f5ffc56d43b: pop r14 [OK] 0x7f5ffc56d43d: pop r15 [OK] 0x7f5ffc56d43f: ret [OK] 0x7f5ffc56e89f: cmp rsi, qword ptr [rbx+0x878] [OK] 0x7f5ffc56e8a6: jnbe 0x7f5ffc56ef3e [OK] 0x7f5ffc56e8ac: and rsi, 0xfffffffffffffff8 [OK] 0x7f5ffc56e8b0: cmp rbp, 0x3ff [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf017a6: add rax, 0x8 [OK] 0xf017aa: mov qword ptr [rax-0x8], rbx [OK] 0xf017ae: pop rbx [OK] 0xf017af: ret [OK] 0xf20796: mov qword ptr [rbx], rax [OK] 0xf20799: mov qword ptr [rbx+0x8], rax [OK] 0xf2079d: add rax, 0x1ff8 [OK] 0xf207a3: mov qword ptr [rbx+0x10], rax [OK] 0xf207a7: pop rbx [OK] 0xf207a8: ret [OK] 0xefb5d1: mov edi, 0x80 [OK] 0xefb5d6: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xefb5db: test rax, rax [OK] 0xefb5de: jz 0xefb6d3 [OK] 0xefb5e4: mov rdx, rax [OK] 0xefb5e7: mov qword ptr [rax+0x8], 0x0 [OK] 0xefb5ef: add rdx, 0x10 [OK] 0xefb5f3: jz 0xefb6ca [OK] 0xefb5f9: mov rcx, rdx [OK] 0xefb5fc: mov qword ptr [rdx+0x8], 0x0 [OK] 0xefb604: add rcx, 0x10 [OK] 0xefb608: jz 0xefb6c1 [OK] 0xefb60e: mov rdx, rcx [OK] 0xefb611: mov qword ptr [rcx+0x8], 0x0 [OK] 0xefb619: add rdx, 0x10 [OK] 0xefb61d: jz 0xefb6b8 [OK] 0xefb623: mov rcx, rdx [OK] 0xefb626: mov qword ptr [rdx+0x8], 0x0 [OK] 0xefb62e: add rcx, 0x10 [OK] 0xefb632: jz 0xefb6b2 [OK] 0xefb634: mov rdx, rcx [OK] 0xefb637: mov qword ptr [rcx+0x8], 0x0 [OK] 0xefb63f: add rdx, 0x10 [OK] 0xefb643: jz 0xefb6ac [OK] 0xefb645: mov rcx, rdx [OK] 0xefb648: mov qword ptr [rdx+0x8], 0x0 [OK] 0xefb650: add rcx, 0x10 [OK] 0xefb654: jz 0xefb6a6 [OK] 0xefb656: mov qword ptr [rcx+0x8], 0x0 [OK] 0xefb65e: add rcx, 0x10 [OK] 0xefb662: jz 0xefb66c [OK] 0xefb664: mov qword ptr [rcx+0x8], 0x0 [OK] 0xefb66c: mov qword ptr [rbx+0x28], rax [OK] 0xefb670: mov dword ptr [rbx+0x30], 0x8 [OK] 0xefb677: mov dword ptr [rbx+0x34], 0x0 [OK] 0xefb67e: mov dword ptr [rbx+0x38], 0x0 [OK] 0xefb685: mov qword ptr [rip+0x47ef84], rbx [OK] 0xefb68c: add rsp, 0x8 [OK] 0xefb690: pop rbx [OK] 0xefb691: pop rbp [OK] 0xefb692: ret [OK] 0x420239: call 0xf01500 [OK] 0xf01500: cmp qword ptr [rip+0x479218], 0x0 [OK] 0xf01510: push rbx [OK] 0xf01511: mov edi, 0x440 [OK] 0xf01516: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf0151b: test rax, rax [OK] 0xf0151e: mov rbx, rax [OK] 0xf01521: jz 0xf0152b [OK] 0xf01523: mov rdi, rax [OK] 0xf01526: call 0xed7c70 [OK] 0xed7c70: push rbx [OK] 0xed7c71: mov rbx, rdi [OK] 0xed7c74: call 0xee7cc0 [OK] 0xee7cc0: push r15 [OK] 0xee7cc2: lea rsi, ptr [rip+0x79f6b] [OK] 0xee7cc9: push r14 [OK] 0xee7ccb: push r13 [OK] 0xee7ccd: push r12 [OK] 0xee7ccf: push rbp [OK] 0xee7cd0: push rbx [OK] 0xee7cd1: mov rbx, rdi [OK] 0xee7cd4: lea r15, ptr [rbx+0x218] [OK] 0xee7cdb: sub rsp, 0x18 [OK] 0xee7cdf: call 0xf21d40 [OK] 0xf21d40: mov r8, rdi [OK] 0xf21d43: mov esi, 0x100 [OK] 0xf21d48: test r8b, 0x1 [OK] 0xf21d4c: jnz 0xf21e00 [OK] 0xf21d52: test dil, 0x2 [OK] 0xf21d56: jnz 0xf21e20 [OK] 0xf21d5c: test dil, 0x4 [OK] 0xf21d60: jnz 0xf21e40 [OK] 0xf21d66: mov ecx, esi [OK] 0xf21d68: xor eax, eax [OK] 0xf21d6a: shr ecx, 0x3 [OK] 0xf21d6d: test sil, 0x4 [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d71: rep stosq qword ptr [rdi] [OK] 0xf21d80: test sil, 0x2 [OK] 0xf21d90: and esi, 0x1 [OK] 0xf21d98: lea rdi, ptr [r8+0x100] [OK] 0xf21d9f: mov esi, 0x100 [OK] 0xf21da4: test dil, 0x1 [OK] 0xf21da8: jnz 0xf21e58 [OK] 0xf21dae: test dil, 0x2 [OK] 0xf21db2: jnz 0xf21e78 [OK] 0xf21db8: test dil, 0x4 [OK] 0xf21dbc: jnz 0xf21e90 [OK] 0xf21dc2: mov ecx, esi [OK] 0xf21dc4: xor eax, eax [OK] 0xf21dc6: shr ecx, 0x3 [OK] 0xf21dc9: test sil, 0x4 [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21dcd: rep stosq qword ptr [rdi] [OK] 0xf21ddc: test sil, 0x2 [OK] 0xf21dec: and esi, 0x1 [OK] 0xf21df4: mov qword ptr [r8+0x200], 0x0 [OK] 0xf21dff: ret [OK] 0xee7ce4: mov rdi, r15 [OK] 0xee7ce7: call 0xf23590 [OK] 0xf23590: lea rax, ptr [rdi+0x20] [OK] 0xf23594: mov dword ptr [rdi+0x18], 0x0 [OK] 0xf2359b: mov dword ptr [rdi+0x1c], 0x10 [OK] 0xf235a2: mov dword ptr [rdi+0x68], 0x0 [OK] 0xf235a9: mov dword ptr [rdi+0x6c], 0x10 [OK] 0xf235b0: mov qword ptr [rdi+0x10], rax [OK] 0xf235b4: lea rax, ptr [rdi+0x70] [OK] 0xf235b8: mov dword ptr [rdi+0xb8], 0x0 [OK] 0xf235c2: mov dword ptr [rdi+0xbc], 0x10 [OK] 0xf235cc: mov dword ptr [rdi+0x108], 0x0 [OK] 0xf235d6: mov qword ptr [rdi+0x60], rax [OK] 0xf235da: lea rax, ptr [rdi+0xc0] [OK] 0xf235e1: mov dword ptr [rdi+0x10c], 0x10 [OK] 0xf235eb: mov qword ptr [rdi+0xb0], rax [OK] 0xf235f2: lea rax, ptr [rdi+0x110] [OK] 0xf235f9: mov qword ptr [rdi+0x100], rax [OK] 0xf23600: jmp 0x40b620 [OK] 0x40b620: jmp qword ptr [rip+0xf6cd9a] [OK] 0x7f5ffd6371e0: mov qword ptr [rdi], 0x0 [OK] 0x7f5ffd6371e7: mov qword ptr [rdi+0x8], 0x0 [OK] 0x7f5ffd6371ef: ret [OK] 0xee7cec: lea r13, ptr [rbx+0x208] [OK] 0xee7cf3: mov dword ptr [rbx+0x390], 0x0 [OK] 0xee7cfd: mov qword ptr [rbx+0x398], 0x0 [OK] 0xee7d08: mov dword ptr [rbx+0x3a0], 0x0 [OK] 0xee7d12: mov qword ptr [rbx+0x3a8], 0x0 [OK] 0xee7d1d: mov r12d, 0x6 [OK] 0xee7d23: mov rdi, r13 [OK] 0xee7d26: mov rbp, rbx [OK] 0xee7d29: lea r14, ptr [rbx+0x10] [OK] 0xee7d2d: call 0x40b620 [OK] 0x40b620: jmp qword ptr [rip+0xf6cd9a] [OK] 0x7f5ffd6371e0: mov qword ptr [rdi], 0x0 [OK] 0x7f5ffd6371e7: mov qword ptr [rdi+0x8], 0x0 [OK] 0x7f5ffd6371ef: ret [OK] 0xee7d32: lea esi, ptr [r12*4+0x8] [OK] 0xee7d3a: mov dword ptr [rbx+0x368], 0x6 [OK] 0xee7d44: mov rdi, rbx [OK] 0xee7d47: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf22032: mov edi, 0x2000 [OK] 0xf22037: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf2203c: test rax, rax [OK] 0xf2203f: jz 0xf22049 [OK] 0xf22041: lea rdx, ptr [rax+0x10] [OK] 0xf22045: mov qword ptr [rax+0x8], rdx [OK] 0xf22049: mov qword ptr [rax], rbp [OK] 0xf2204c: mov qword ptr [rbx], rax [OK] 0xf2204f: mov rcx, qword ptr [rax+0x8] [OK] 0xf22053: add r12, rcx [OK] 0xf22056: mov qword ptr [rax+0x8], r12 [OK] 0xf2205a: mov rax, rcx [OK] 0xf2205d: pop rbx [OK] 0xf2205e: pop rbp [OK] 0xf2205f: pop r12 [OK] 0xf22061: ret [OK] 0xee7d4c: mov dword ptr [rax+0x4], r12d [OK] 0xee7d50: mov qword ptr [rbp+0x370], rax [OK] 0xee7d57: mov rdi, rbx [OK] 0xee7d5a: mov r12d, dword ptr [rbx+0x368] [OK] 0xee7d61: lea esi, ptr [r12*4+0x8] [OK] 0xee7d69: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf2201c: jz 0xf22032 [OK] 0xf2201e: mov rax, qword ptr [rbp+0x8] [OK] 0xf22022: lea rcx, ptr [rbp+0x2000] [OK] 0xf22029: lea rdx, ptr [rax+r12*1] [OK] 0xf2202d: cmp rdx, rcx [OK] 0xf22068: mov qword ptr [rbp+0x8], rdx [OK] 0xf2206c: jmp 0xf22000 [OK] 0xf22000: pop rbx [OK] 0xf22001: pop rbp [OK] 0xf22002: pop r12 [OK] 0xf22004: ret [OK] 0xee7d6e: mov dword ptr [rax+0x4], r12d [OK] 0xee7d72: add rbp, 0x8 [OK] 0xee7d76: mov qword ptr [rbp+0x378], rax [OK] 0xee7d7d: cmp rbp, r14 [OK] 0xee7d80: mov dword ptr [rax], 0x1 [OK] 0xee7d86: jz 0xee7da8 [OK] 0xee7d88: mov r12d, dword ptr [rbx+0x368] [OK] 0xee7d8f: mov rdi, rbx [OK] 0xee7d92: lea esi, ptr [r12*4+0x8] [OK] 0xee7d9a: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf2201c: jz 0xf22032 [OK] 0xf2201e: mov rax, qword ptr [rbp+0x8] [OK] 0xf22022: lea rcx, ptr [rbp+0x2000] [OK] 0xf22029: lea rdx, ptr [rax+r12*1] [OK] 0xf2202d: cmp rdx, rcx [OK] 0xf22068: mov qword ptr [rbp+0x8], rdx [OK] 0xf2206c: jmp 0xf22000 [OK] 0xf22000: pop rbx [OK] 0xf22001: pop rbp [OK] 0xf22002: pop r12 [OK] 0xf22004: ret [OK] 0xee7d9f: jmp 0xee7d4c [OK] 0xee7d4c: mov dword ptr [rax+0x4], r12d [OK] 0xee7d50: mov qword ptr [rbp+0x370], rax [OK] 0xee7d57: mov rdi, rbx [OK] 0xee7d5a: mov r12d, dword ptr [rbx+0x368] [OK] 0xee7d61: lea esi, ptr [r12*4+0x8] [OK] 0xee7d69: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf2201c: jz 0xf22032 [OK] 0xf2201e: mov rax, qword ptr [rbp+0x8] [OK] 0xf22022: lea rcx, ptr [rbp+0x2000] [OK] 0xf22029: lea rdx, ptr [rax+r12*1] [OK] 0xf2202d: cmp rdx, rcx [OK] 0xf22068: mov qword ptr [rbp+0x8], rdx [OK] 0xf2206c: jmp 0xf22000 [OK] 0xf22000: pop rbx [OK] 0xf22001: pop rbp [OK] 0xf22002: pop r12 [OK] 0xf22004: ret [OK] 0xee7d6e: mov dword ptr [rax+0x4], r12d [OK] 0xee7d72: add rbp, 0x8 [OK] 0xee7d76: mov qword ptr [rbp+0x378], rax [OK] 0xee7d7d: cmp rbp, r14 [OK] 0xee7d80: mov dword ptr [rax], 0x1 [OK] 0xee7da8: mov rdi, r13 [OK] 0xee7dab: call 0x40b0f0 [OK] 0x40b0f0: jmp qword ptr [rip+0xf6d032] [OK] 0x40b0f6: push 0x22 [OK] 0x40b0fb: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f6013b96097: test rax, rax [OK] 0x7f6013b9609a: mov r11d, dword ptr [rsp+0x8c] [OK] 0x7f6013b960a2: jnz 0x7f6013b96793 [OK] 0x7f6013b960a8: mov r10, qword ptr [rsp+0x80] [OK] 0x7f6013b960b0: mov edx, dword ptr [r10] [OK] 0x7f6013b960b3: jmp 0x7f6013b96000 [OK] 0x7f5ffd637200: push rbp [OK] 0x7f5ffd637201: push rbx [OK] 0x7f5ffd637202: mov rbx, rdi [OK] 0x7f5ffd637205: sub rsp, 0x18 [OK] 0x7f5ffd637209: mov rax, qword ptr [rip+0x204db8] [OK] 0x7f5ffd637210: mov rax, qword ptr fs:[rax+0x48] [OK] 0x7f5ffd637215: test rax, rax [OK] 0x7f5ffd637218: jz 0x7f5ffd637260 [OK] 0x7f5ffd63721a: lea rbp, ptr [rax+0x30] [OK] 0x7f5ffd63721e: cmp qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd637222: jz 0x7f5ffd63723d [OK] 0x7f5ffd637224: mov edx, 0x1 [OK] 0x7f5ffd637229: xor eax, eax [OK] 0x7f5ffd63722b: mov dword ptr [rsp+0xc], 0x0 [OK] 0x7f5ffd637233: lock cmpxchg dword ptr [rbx], edx [OK] 0x7f5ffd637237: jnz 0x7f5ffd637250 [OK] 0x7f5ffd637239: mov qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd63723d: add dword ptr [rbx+0x4], 0x1 [OK] 0x7f5ffd637241: add rsp, 0x18 [OK] 0x7f5ffd637245: pop rbx [OK] 0x7f5ffd637246: pop rbp [OK] 0x7f5ffd637247: ret [OK] 0xee7db0: lea rsi, ptr [rbx+0x390] [OK] 0xee7db7: mov edx, 0x80000000 [OK] 0xee7dbc: mov rdi, rbx [OK] 0xee7dbf: call 0xee3c50 [OK] 0xee3c50: push rbp [OK] 0xee3c51: push rbx [OK] 0xee3c52: mov rbx, rsi [OK] 0xee3c55: sub rsp, 0x18 [OK] 0xee3c59: mov rax, qword ptr [rsi+0x8] [OK] 0xee3c5d: test rax, rax [OK] 0xee3ca8: mov ebp, dword ptr [rdi+0x368] [OK] 0xee3cae: mov qword ptr [rsp+0x8], rdx [OK] 0xee3cb3: lea esi, ptr [rbp*4+0x8] [OK] 0xee3cba: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf2201c: jz 0xf22032 [OK] 0xf2201e: mov rax, qword ptr [rbp+0x8] [OK] 0xf22022: lea rcx, ptr [rbp+0x2000] [OK] 0xf22029: lea rdx, ptr [rax+r12*1] [OK] 0xf2202d: cmp rdx, rcx [OK] 0xf22068: mov qword ptr [rbp+0x8], rdx [OK] 0xf2206c: jmp 0xf22000 [OK] 0xf22000: pop rbx [OK] 0xf22001: pop rbp [OK] 0xf22002: pop r12 [OK] 0xf22004: ret [OK] 0xee3cbf: mov rdx, qword ptr [rsp+0x8] [OK] 0xee3cc4: mov dword ptr [rax+0x4], ebp [OK] 0xee3cc7: mov qword ptr [rbx+0x8], rax [OK] 0xee3ccb: jmp 0xee3c62 [OK] 0xee3c62: test rdx, rdx [OK] 0xee3c65: mov ecx, 0x1 [OK] 0xee3c6a: js 0xee3c98 [OK] 0xee3c6c: mov dword ptr [rbx], ecx [OK] 0xee3c6e: mov dword ptr [rax+0x8], edx [KO] 0xee3c71: shr rdx, 0x20 (1 error) Register : cf Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (ite (= (_ bv32 64) (_ bv0 64)) (_ bv0 1) (ite (= ((_ extract 63 63) #4002) (_ bv1 1)) (_ bv1 1) (_ bv0 1))) [OK] 0xee3c75: mov rax, qword ptr [rbx+0x8] [OK] 0xee3c79: mov dword ptr [rax+0xc], edx [OK] 0xee3c7c: mov rdx, qword ptr [rbx+0x8] [OK] 0xee3c80: cmp dword ptr [rdx+0xc], 0x1 [KO] 0xee3c84: sbb eax, eax (1 error) Register : cf Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (ite (bvult ((_ extract 31 0) (_ bv39414776 64)) ((_ extract 31 0) (_ bv39414776 64))) (_ bv1 1) (_ bv0 1)) [OK] 0xee3c86: add eax, 0x2 [OK] 0xee3c89: mov dword ptr [rdx], eax [OK] 0xee3c8b: add rsp, 0x18 [OK] 0xee3c8f: pop rbx [OK] 0xee3c90: pop rbp [OK] 0xee3c91: ret [OK] 0xee7dc4: mov rdi, r13 [OK] 0xee7dc7: lea rbp, ptr [rbx+0x3a0] [OK] 0xee7dce: call 0x40b7d0 [OK] 0x40b7d0: jmp qword ptr [rip+0xf6ccc2] [OK] 0x40b7d6: push 0x90 [OK] 0x40b7db: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffd637270: mov eax, dword ptr [rdi+0x4] [OK] 0x7f5ffd637273: sub eax, 0x1 [OK] 0x7f5ffd637276: test eax, eax [OK] 0x7f5ffd637278: mov dword ptr [rdi+0x4], eax [OK] 0x7f5ffd637280: mov qword ptr [rdi+0x8], 0x0 [OK] 0x7f5ffd637288: xchg dword ptr [rdi], eax [OK] 0x7f5ffd63728a: test eax, eax [OK] 0x7f5ffd63727d: ret [OK] 0xee7dd3: mov rdi, r13 [OK] 0xee7dd6: mov dword ptr [rsp], 0x1 [OK] 0xee7ddd: mov qword ptr [rsp+0x8], 0x0 [OK] 0xee7de6: call 0x40b0f0 [OK] 0x40b0f0: jmp qword ptr [rip+0xf6d032] [OK] 0x7f5ffd637200: push rbp [OK] 0x7f5ffd637201: push rbx [OK] 0x7f5ffd637202: mov rbx, rdi [OK] 0x7f5ffd637205: sub rsp, 0x18 [OK] 0x7f5ffd637209: mov rax, qword ptr [rip+0x204db8] [OK] 0x7f5ffd637210: mov rax, qword ptr fs:[rax+0x48] [OK] 0x7f5ffd637215: test rax, rax [OK] 0x7f5ffd637218: jz 0x7f5ffd637260 [OK] 0x7f5ffd63721a: lea rbp, ptr [rax+0x30] [OK] 0x7f5ffd63721e: cmp qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd637222: jz 0x7f5ffd63723d [OK] 0x7f5ffd637224: mov edx, 0x1 [OK] 0x7f5ffd637229: xor eax, eax [OK] 0x7f5ffd63722b: mov dword ptr [rsp+0xc], 0x0 [OK] 0x7f5ffd637233: lock cmpxchg dword ptr [rbx], edx [OK] 0x7f5ffd637237: jnz 0x7f5ffd637250 [OK] 0x7f5ffd637239: mov qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd63723d: add dword ptr [rbx+0x4], 0x1 [OK] 0x7f5ffd637241: add rsp, 0x18 [OK] 0x7f5ffd637245: pop rbx [OK] 0x7f5ffd637246: pop rbp [OK] 0x7f5ffd637247: ret [OK] 0xee7deb: mov rdx, 0xffffffffffffffff [OK] 0xee7df2: mov rsi, rbp [OK] 0xee7df5: mov rdi, rbx [OK] 0xee7df8: call 0xee3cd0 [OK] 0xee3cd0: push rbp [OK] 0xee3cd1: push rbx [OK] 0xee3cd2: mov rbx, rsi [OK] 0xee3cd5: sub rsp, 0x18 [OK] 0xee3cd9: mov rax, qword ptr [rsi+0x8] [OK] 0xee3cdd: test rax, rax [OK] 0xee3d10: mov ebp, dword ptr [rdi+0x368] [OK] 0xee3d16: mov qword ptr [rsp+0x8], rdx [OK] 0xee3d1b: lea esi, ptr [rbp*4+0x8] [OK] 0xee3d22: call 0xf21fc0 [OK] 0xf21fc0: add qword ptr [rdi+0x200], rsi [OK] 0xf21fc7: cmp rsi, 0xf8 [OK] 0xf21fce: jnbe 0xf22008 [OK] 0xf21fd0: mov rax, rsi [OK] 0xf21fd3: push r12 [OK] 0xf21fd5: shr rax, 0x3 [OK] 0xf21fd9: and esi, 0x7 [OK] 0xf21fdc: lea edx, ptr [rax+0x1] [OK] 0xf21fdf: push rbp [OK] 0xf21fe0: cmovz edx, eax [OK] 0xf21fe3: push rbx [OK] 0xf21fe4: mov eax, edx [OK] 0xf21fe6: lea rbx, ptr [rdi+rax*8] [OK] 0xf21fea: mov rax, qword ptr [rbx+0x100] [OK] 0xf21ff1: test rax, rax [OK] 0xf22010: mov rbp, qword ptr [rbx] [OK] 0xf22013: shl edx, 0x3 [OK] 0xf22016: mov r12d, edx [OK] 0xf22019: test rbp, rbp [OK] 0xf2201c: jz 0xf22032 [OK] 0xf2201e: mov rax, qword ptr [rbp+0x8] [OK] 0xf22022: lea rcx, ptr [rbp+0x2000] [OK] 0xf22029: lea rdx, ptr [rax+r12*1] [OK] 0xf2202d: cmp rdx, rcx [OK] 0xf22068: mov qword ptr [rbp+0x8], rdx [OK] 0xf2206c: jmp 0xf22000 [OK] 0xf22000: pop rbx [OK] 0xf22001: pop rbp [OK] 0xf22002: pop r12 [OK] 0xf22004: ret [OK] 0xee3d27: mov rdx, qword ptr [rsp+0x8] [OK] 0xee3d2c: mov dword ptr [rax+0x4], ebp [OK] 0xee3d2f: mov qword ptr [rbx+0x8], rax [OK] 0xee3d33: jmp 0xee3ce2 [OK] 0xee3ce2: mov dword ptr [rbx], 0x1 [OK] 0xee3ce8: mov dword ptr [rax+0x8], edx [KO] 0xee3ceb: shr rdx, 0x20 (2 error) Register : cf Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (ite (= (_ bv32 64) (_ bv0 64)) (_ bv1 1) (ite (= ((_ extract 63 63) #4558) (_ bv1 1)) (_ bv1 1) (_ bv0 1))) Register : of Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (ite (= (_ bv32 64) (_ bv1 64)) ((_ extract 0 0) (bvlshr ((_ extract 63 0) (_ bv18446744073709551615 64)) (bvsub (_ bv64 64) (_ bv1 64)))) (_ bv0 1)) [OK] 0xee3cef: mov rax, qword ptr [rbx+0x8] [OK] 0xee3cf3: mov dword ptr [rax+0xc], edx [OK] 0xee3cf6: mov rdx, qword ptr [rbx+0x8] [OK] 0xee3cfa: cmp dword ptr [rdx+0xc], 0x1 [OK] 0xee3cfe: sbb eax, eax [OK] 0xee3d00: add eax, 0x2 [OK] 0xee3d03: mov dword ptr [rdx], eax [OK] 0xee3d05: add rsp, 0x18 [OK] 0xee3d09: pop rbx [OK] 0xee3d0a: pop rbp [OK] 0xee3d0b: ret [OK] 0xee7dfd: mov rdi, r13 [OK] 0xee7e00: call 0x40b7d0 [OK] 0x40b7d0: jmp qword ptr [rip+0xf6ccc2] [OK] 0x7f5ffd637270: mov eax, dword ptr [rdi+0x4] [OK] 0x7f5ffd637273: sub eax, 0x1 [OK] 0x7f5ffd637276: test eax, eax [OK] 0x7f5ffd637278: mov dword ptr [rdi+0x4], eax [OK] 0x7f5ffd637280: mov qword ptr [rdi+0x8], 0x0 [OK] 0x7f5ffd637288: xchg dword ptr [rdi], eax [OK] 0x7f5ffd63728a: test eax, eax [OK] 0x7f5ffd63727d: ret [OK] 0xee7e05: mov rdx, rsp [OK] 0xee7e08: mov rcx, rbp [OK] 0xee7e0b: mov rsi, rbp [OK] 0xee7e0e: mov rdi, rbx [OK] 0xee7e11: call 0x4675d0 [OK] 0x4675d0: push r14 [OK] 0x4675d2: mov r14, rdx [OK] 0x4675d5: push r13 [OK] 0x4675d7: mov r13, rcx [OK] 0x4675da: push r12 [OK] 0x4675dc: push rbp [OK] 0x4675dd: mov rbp, rsi [OK] 0x4675e0: push rbx [OK] 0x4675e1: cmp qword ptr [rsi+0x8], 0x0 [OK] 0x4675e6: mov rbx, rdi [OK] 0x4675e9: jz 0x467620 [OK] 0x4675eb: lea r12, ptr [rbx+0x208] [OK] 0x4675f2: mov rdi, r12 [OK] 0x4675f5: call 0x40b0f0 [OK] 0x40b0f0: jmp qword ptr [rip+0xf6d032] [OK] 0x7f5ffd637200: push rbp [OK] 0x7f5ffd637201: push rbx [OK] 0x7f5ffd637202: mov rbx, rdi [OK] 0x7f5ffd637205: sub rsp, 0x18 [OK] 0x7f5ffd637209: mov rax, qword ptr [rip+0x204db8] [OK] 0x7f5ffd637210: mov rax, qword ptr fs:[rax+0x48] [OK] 0x7f5ffd637215: test rax, rax [OK] 0x7f5ffd637218: jz 0x7f5ffd637260 [OK] 0x7f5ffd63721a: lea rbp, ptr [rax+0x30] [OK] 0x7f5ffd63721e: cmp qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd637222: jz 0x7f5ffd63723d [OK] 0x7f5ffd637224: mov edx, 0x1 [OK] 0x7f5ffd637229: xor eax, eax [OK] 0x7f5ffd63722b: mov dword ptr [rsp+0xc], 0x0 [OK] 0x7f5ffd637233: lock cmpxchg dword ptr [rbx], edx [OK] 0x7f5ffd637237: jnz 0x7f5ffd637250 [OK] 0x7f5ffd637239: mov qword ptr [rbx+0x8], rbp [OK] 0x7f5ffd63723d: add dword ptr [rbx+0x4], 0x1 [OK] 0x7f5ffd637241: add rsp, 0x18 [OK] 0x7f5ffd637245: pop rbx [OK] 0x7f5ffd637246: pop rbp [OK] 0x7f5ffd637247: ret [OK] 0x4675fa: mov rdi, rbx [OK] 0x4675fd: mov rcx, r13 [OK] 0x467600: mov rdx, r14 [OK] 0x467603: mov rsi, rbp [OK] 0x467606: call 0xee7cb0 [OK] 0xee7cb0: jmp 0xee7980 [OK] 0xee7980: push r15 [OK] 0xee7982: push r14 [OK] 0xee7984: push r13 [OK] 0xee7986: push r12 [OK] 0xee7988: mov r12, rcx [OK] 0xee798b: push rbp [OK] 0xee798c: push rbx [OK] 0xee798d: mov rbx, rdi [OK] 0xee7990: sub rsp, 0x48 [OK] 0xee7994: mov r9, qword ptr [rsi+0x8] [OK] 0xee7998: test r9, r9 [OK] 0xee799b: jz 0xee7b90 [OK] 0xee79a1: mov r13d, dword ptr [rsi] [OK] 0xee79a4: mov r15, qword ptr [rdx+0x8] [OK] 0xee79a8: test r15, r15 [OK] 0xee7bc0: mov eax, dword ptr [rdx] [OK] 0xee7bc2: cmp eax, 0x80000000 [OK] 0xee7bc7: jz 0xee7c98 [OK] 0xee7bcd: test eax, eax [OK] 0xee7bcf: mov r15, qword ptr [rbx+0x388] [OK] 0xee7bd6: js 0xee7c68 [OK] 0xee7bdc: mov dword ptr [r15+0x8], eax [OK] 0xee7be0: mov ebp, 0x1 [OK] 0xee7be5: jmp 0xee79b3 [OK] 0xee79b3: cmp ebp, r13d [OK] 0xee7a60: mov r8d, dword ptr [r15] [OK] 0xee7a63: mov esi, dword ptr [r9] [OK] 0xee7a66: mov rax, qword ptr [rbx+0x370] [OK] 0xee7a6d: mov r13d, esi [OK] 0xee7a70: cmp r8d, esi [OK] 0xee7a73: mov edx, dword ptr [rax+0x4] [OK] 0xee7a76: cmovnb r13d, r8d [OK] 0xee7a7a: add r13d, 0x1 [OK] 0xee7a7e: cmp r13d, edx [OK] 0xee7ac8: mov edx, esi [OK] 0xee7aca: lea rsi, ptr [r9+0x8] [OK] 0xee7ace: lea r9, ptr [rsp+0x30] [OK] 0xee7ad3: mov r10d, r13d [OK] 0xee7ad6: lea rcx, ptr [r15+0x8] [OK] 0xee7ada: lea rdi, ptr [rbx+0x218] [OK] 0xee7ae1: mov qword ptr [rsp+0x8], r9 [OK] 0xee7ae6: lea r9, ptr [rax+0x8] [OK] 0xee7aea: mov qword ptr [rsp], r10 [OK] 0xee7aee: call 0xf23770 [OK] 0xf23770: push r14 [OK] 0xf23772: cmp rdx, r8 [OK] 0xf23775: push r12 [OK] 0xf23777: mov r12, r8 [OK] 0xf2377a: cmovnb r12, rdx [OK] 0xf2377e: push rbp [OK] 0xf2377f: test r12, r12 [OK] 0xf23782: push rbx [OK] 0xf23783: mov rbp, qword ptr [rsp+0x30] [OK] 0xf23788: jz 0xf23822 [OK] 0xf2378e: lea rbx, ptr [rip+0x3ff1b] [OK] 0xf23795: xor eax, eax [OK] 0xf23797: xor edi, edi [OK] 0xf23799: nop dword ptr [rax], eax [OK] 0xf237a0: cmp rdx, rax [OK] 0xf237a3: mov r10, rbx [OK] 0xf237a6: cmovnbe r10, rsi [OK] 0xf237aa: cmp r8, rax [OK] 0xf237ad: mov r11d, dword ptr [r10] [OK] 0xf237b0: mov r10, rbx [OK] 0xf237b3: cmovnbe r10, rcx [OK] 0xf237b7: mov r14d, dword ptr [r10] [OK] 0xf237ba: add r14d, r11d [OK] 0xf237bd: add edi, r14d [OK] 0xf237c0: cmp r14d, edi [OK] 0xf237c3: mov dword ptr [r9+rax*4], edi [OK] 0xf237c7: setnbe dil [OK] 0xf237cb: cmp r11d, r14d [OK] 0xf237ce: setnbe r10b [OK] 0xf237d2: add rax, 0x1 [OK] 0xf237d6: add rsi, 0x4 [OK] 0xf237da: or edi, r10d [OK] 0xf237dd: add rcx, 0x4 [OK] 0xf237e1: cmp rax, r12 [OK] 0xf237e4: movzx edi, dil [OK] 0xf237a0: cmp rdx, rax [OK] 0xf237a3: mov r10, rbx [OK] 0xf237a6: cmovnbe r10, rsi [OK] 0xf237aa: cmp r8, rax [OK] 0xf237ad: mov r11d, dword ptr [r10] [OK] 0xf237b0: mov r10, rbx [OK] 0xf237b3: cmovnbe r10, rcx [OK] 0xf237b7: mov r14d, dword ptr [r10] [OK] 0xf237ba: add r14d, r11d [OK] 0xf237bd: add edi, r14d [OK] 0xf237c0: cmp r14d, edi [OK] 0xf237c3: mov dword ptr [r9+rax*4], edi [OK] 0xf237c7: setnbe dil [OK] 0xf237cb: cmp r11d, r14d [OK] 0xf237ce: setnbe r10b [OK] 0xf237d2: add rax, 0x1 [OK] 0xf237d6: add rsi, 0x4 [OK] 0xf237da: or edi, r10d [OK] 0xf237dd: add rcx, 0x4 [OK] 0xf237e1: cmp rax, r12 [OK] 0xf237e4: movzx edi, dil [OK] 0xf237e8: jnz 0xf237a0 [OK] 0xf237ea: lea rdx, ptr [rax+0x1] [OK] 0xf237ee: mov dword ptr [r9+rax*4], edi [OK] 0xf237f2: mov qword ptr [rbp], rdx [OK] 0xf237f6: mov ecx, dword ptr [r9+rax*4] [OK] 0xf237fa: test ecx, ecx [OK] 0xf237fc: jz 0xf2380c [OK] 0xf237fe: jmp 0xf23816 [OK] 0xf23816: pop rbx [OK] 0xf23817: pop rbp [OK] 0xf23818: pop r12 [OK] 0xf2381a: mov eax, 0x1 [OK] 0xf2381f: pop r14 [OK] 0xf23821: ret [OK] 0xee7af3: mov ecx, dword ptr [rsp+0x30] [OK] 0xee7af7: mov edx, ebp [OK] 0xee7af9: mov rsi, r12 [OK] 0xee7afc: mov rdi, rbx [OK] 0xee7aff: call 0xee7510 [OK] 0xee7510: push rbp [OK] 0xee7511: mov rbp, rdi [OK] 0xee7514: push rbx [OK] 0xee7515: mov rbx, rsi [OK] 0xee7518: sub rsp, 0x18 [OK] 0xee751c: test ecx, ecx [OK] 0xee751e: jz 0xee7555 [OK] 0xee7520: mov r9, qword ptr [rdi+0x370] [OK] 0xee7527: lea eax, ptr [rcx-0x1] [OK] 0xee752a: mov esi, eax [OK] 0xee752c: mov edi, dword ptr [r9+rsi*4+0x8] [OK] 0xee7531: test edi, edi [OK] 0xee7533: jz 0xee7551 [OK] 0xee7535: jmp 0xee756d [OK] 0xee756d: mov eax, ecx [OK] 0xee756f: nop [OK] 0xee7570: cmp eax, 0x1 [OK] 0xee7573: jz 0xee75c0 [OK] 0xee7575: mov dword ptr [rbx], edx [OK] 0xee7577: mov rdx, qword ptr [rbx+0x8] [OK] 0xee757b: mov rcx, qword ptr [rbp+0x370] [OK] 0xee7582: mov qword ptr [rbx+0x8], rcx [OK] 0xee7586: mov qword ptr [rbp+0x370], rdx [OK] 0xee758d: mov rdx, qword ptr [rbx+0x8] [OK] 0xee7591: mov dword ptr [rdx], eax [OK] 0xee7593: cmp qword ptr [rbp+0x370], 0x0 [OK] 0xee7566: add rsp, 0x18 [OK] 0xee756a: pop rbx [OK] 0xee756b: pop rbp [OK] 0xee756c: ret [OK] 0xee7b04: add rsp, 0x48 [OK] 0xee7b08: pop rbx [OK] 0xee7b09: pop rbp [OK] 0xee7b0a: pop r12 [OK] 0xee7b0c: pop r13 [OK] 0xee7b0e: pop r14 [OK] 0xee7b10: pop r15 [OK] 0xee7b12: ret [OK] 0x46760b: pop rbx [OK] 0x46760c: pop rbp [OK] 0x46760d: mov rdi, r12 [OK] 0x467610: pop r12 [OK] 0x467612: pop r13 [OK] 0x467614: pop r14 [OK] 0x467616: jmp 0x40b7d0 [OK] 0x40b7d0: jmp qword ptr [rip+0xf6ccc2] [OK] 0x7f5ffd637270: mov eax, dword ptr [rdi+0x4] [OK] 0x7f5ffd637273: sub eax, 0x1 [OK] 0x7f5ffd637276: test eax, eax [OK] 0x7f5ffd637278: mov dword ptr [rdi+0x4], eax [OK] 0x7f5ffd637280: mov qword ptr [rdi+0x8], 0x0 [OK] 0x7f5ffd637288: xchg dword ptr [rdi], eax [OK] 0x7f5ffd63728a: test eax, eax [OK] 0x7f5ffd63727d: ret [OK] 0xee7e16: add rsp, 0x18 [OK] 0xee7e1a: pop rbx [OK] 0xee7e1b: pop rbp [OK] 0xee7e1c: pop r12 [OK] 0xee7e1e: pop r13 [OK] 0xee7e20: pop r14 [OK] 0xee7e22: pop r15 [OK] 0xee7e24: ret [OK] 0xed7c79: mov dword ptr [rbx+0x3b0], 0x0 [OK] 0xed7c83: mov qword ptr [rbx+0x3b8], 0x0 [OK] 0xed7c8e: mov dword ptr [rbx+0x3c0], 0x0 [OK] 0xed7c98: mov qword ptr [rbx+0x3c8], 0x0 [OK] 0xed7ca3: mov dword ptr [rbx+0x3d0], 0x0 [OK] 0xed7cad: mov qword ptr [rbx+0x3d8], 0x0 [OK] 0xed7cb8: mov dword ptr [rbx+0x3e0], 0x0 [OK] 0xed7cc2: mov qword ptr [rbx+0x3e8], 0x0 [OK] 0xed7ccd: mov dword ptr [rbx+0x3f0], 0x1 [OK] 0xed7cd7: mov qword ptr [rbx+0x3f8], 0x0 [OK] 0xed7ce2: mov dword ptr [rbx+0x400], 0x0 [OK] 0xed7cec: mov qword ptr [rbx+0x408], 0x0 [OK] 0xed7cf7: mov dword ptr [rbx+0x410], 0x1 [OK] 0xed7d01: mov qword ptr [rbx+0x418], 0x0 [OK] 0xed7d0c: mov dword ptr [rbx+0x420], 0x0 [OK] 0xed7d16: mov qword ptr [rbx+0x428], 0x0 [OK] 0xed7d21: mov dword ptr [rbx+0x430], 0x1 [OK] 0xed7d2b: mov qword ptr [rbx+0x438], 0x0 [OK] 0xed7d36: pop rbx [OK] 0xed7d37: ret [OK] 0xf0152b: mov qword ptr [rip+0x4791ee], rbx [OK] 0xf01532: pop rbx [OK] 0xf01533: ret [OK] 0x42023e: add rsp, 0x8 [OK] 0x420242: jmp 0xf0b3c0 [OK] 0xf0b3c0: push r12 [OK] 0xf0b3c2: mov edi, 0x60 [OK] 0xf0b3c7: push rbp [OK] 0xf0b3c8: push rbx [OK] 0xf0b3c9: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf0b3ce: test rax, rax [OK] 0xf0b3d1: mov rbx, rax [OK] 0xf0b3d4: jz 0xf0b825 [OK] 0xf0b3da: mov byte ptr [rax], 0x0 [OK] 0xf0b3dd: mov edi, 0xc0 [OK] 0xf0b3e2: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0x7f5ffc56ea72: lea rax, ptr [rip+0x318bc7] [OK] 0x7f5ffc56ea79: cmp rbx, rax [OK] 0x7f5ffc56ea7c: setnz al [OK] 0x7f5ffc56ea7f: or rbp, 0x1 [OK] 0x7f5ffc56ea83: movzx eax, al [OK] 0x7f5ffc56ea86: shl rax, 0x2 [OK] 0x7f5ffc56ea8a: or rbp, rax [OK] 0x7f5ffc56ea8d: mov rax, rdx [OK] 0x7f5ffc56ea90: or rax, 0x1 [OK] 0x7f5ffc56ea94: mov qword ptr [rcx+0x8], rbp [OK] 0x7f5ffc56ea98: mov qword ptr [r12+0x8], rax [OK] 0x7f5ffc56ea9d: mov eax, dword ptr [rip+0x31add9] [OK] 0x7f5ffc56eaa3: mov qword ptr [r12+rdx*1], rdx [OK] 0x7f5ffc56eaa7: lea r12, ptr [rcx+0x10] [OK] 0x7f5ffc56eaab: test eax, eax [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf0b3e7: test rax, rax [OK] 0xf0b3ea: jz 0xf0b831 [OK] 0xf0b3f0: mov rdx, rax [OK] 0xf0b3f3: mov dword ptr [rax], 0x0 [OK] 0xf0b3f9: mov dword ptr [rax+0x4], 0x0 [OK] 0xf0b400: add rdx, 0x18 [OK] 0xf0b404: mov qword ptr [rax+0x8], 0x0 [OK] 0xf0b40c: mov qword ptr [rax+0x10], 0x0 [OK] 0xf0b414: jz 0xf0b931 [OK] 0xf0b41a: mov rcx, rdx [OK] 0xf0b41d: mov dword ptr [rdx], 0x0 [OK] 0xf0b423: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b42a: add rcx, 0x18 [OK] 0xf0b42e: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b436: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b43e: jz 0xf0b928 [OK] 0xf0b444: mov rdx, rcx [OK] 0xf0b447: mov dword ptr [rcx], 0x0 [OK] 0xf0b44d: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b454: add rdx, 0x18 [OK] 0xf0b458: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b460: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b468: jz 0xf0b91f [OK] 0xf0b46e: mov rcx, rdx [OK] 0xf0b471: mov dword ptr [rdx], 0x0 [OK] 0xf0b477: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b47e: add rcx, 0x18 [OK] 0xf0b482: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b48a: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b492: jz 0xf0b916 [OK] 0xf0b498: mov rdx, rcx [OK] 0xf0b49b: mov dword ptr [rcx], 0x0 [OK] 0xf0b4a1: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b4a8: add rdx, 0x18 [OK] 0xf0b4ac: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b4b4: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b4bc: jz 0xf0b90d [OK] 0xf0b4c2: mov rcx, rdx [OK] 0xf0b4c5: mov dword ptr [rdx], 0x0 [OK] 0xf0b4cb: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b4d2: add rcx, 0x18 [OK] 0xf0b4d6: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b4de: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b4e6: jz 0xf0b904 [OK] 0xf0b4ec: mov dword ptr [rcx], 0x0 [OK] 0xf0b4f2: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b4f9: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b501: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b509: add rcx, 0x18 [OK] 0xf0b50d: jz 0xf0b52c [OK] 0xf0b50f: mov dword ptr [rcx], 0x0 [OK] 0xf0b515: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b51c: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b524: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b52c: mov edi, 0xc0 [OK] 0xf0b531: mov qword ptr [rbx+0x8], rax [OK] 0xf0b535: mov dword ptr [rbx+0x10], 0x8 [OK] 0xf0b53c: mov dword ptr [rbx+0x14], 0x0 [OK] 0xf0b543: mov dword ptr [rbx+0x18], 0x0 [OK] 0xf0b54a: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0x7f5ffc56ec4d: mov ecx, eax [OK] 0x7f5ffc56ec4f: add rdx, 0x10 [OK] 0x7f5ffc56ec53: add eax, eax [OK] 0x7f5ffc56ec55: not ecx [OK] 0x7f5ffc56ec57: and esi, ecx [OK] 0x7f5ffc56ec59: mov dword ptr [rbx+r8*4+0x858], esi [OK] 0x7f5ffc56ec61: jmp 0x7f5ffc56eb58 [OK] 0x7f5ffc56eb58: test eax, eax [OK] 0x7f5ffc56eb5a: setz r11b [OK] 0x7f5ffc56eb5e: cmp eax, esi [OK] 0x7f5ffc56eb60: setnbe cl [OK] 0x7f5ffc56eb63: or r11b, cl [OK] 0x7f5ffc56eb66: jz 0x7f5ffc56ec3c [OK] 0x7f5ffc56eb6c: jmp 0x7f5ffc56eb83 [OK] 0x7f5ffc56ec4d: mov ecx, eax [OK] 0x7f5ffc56ec4f: add rdx, 0x10 [OK] 0x7f5ffc56ec53: add eax, eax [OK] 0x7f5ffc56ec55: not ecx [OK] 0x7f5ffc56ec57: and esi, ecx [OK] 0x7f5ffc56ec59: mov dword ptr [rbx+r8*4+0x858], esi [OK] 0x7f5ffc56ec61: jmp 0x7f5ffc56eb58 [OK] 0x7f5ffc56eb58: test eax, eax [OK] 0x7f5ffc56eb5a: setz r11b [OK] 0x7f5ffc56eb5e: cmp eax, esi [OK] 0x7f5ffc56eb60: setnbe cl [OK] 0x7f5ffc56eb63: or r11b, cl [OK] 0x7f5ffc56ec4d: mov ecx, eax [OK] 0x7f5ffc56ec4f: add rdx, 0x10 [OK] 0x7f5ffc56ec53: add eax, eax [OK] 0x7f5ffc56ec55: not ecx [OK] 0x7f5ffc56ec57: and esi, ecx [OK] 0x7f5ffc56ec59: mov dword ptr [rbx+r8*4+0x858], esi [OK] 0x7f5ffc56ec61: jmp 0x7f5ffc56eb58 [OK] 0x7f5ffc56eb58: test eax, eax [OK] 0x7f5ffc56eb5a: setz r11b [OK] 0x7f5ffc56eb5e: cmp eax, esi [OK] 0x7f5ffc56eb60: setnbe cl [OK] 0x7f5ffc56eb63: or r11b, cl [OK] 0x7f5ffc56eb66: jz 0x7f5ffc56ec3c [OK] 0x7f5ffc56eb6c: jmp 0x7f5ffc56eb83 [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf0b54f: test rax, rax [OK] 0xf0b552: jz 0xf0b8f5 [OK] 0xf0b558: mov rdx, rax [OK] 0xf0b55b: mov dword ptr [rax], 0x0 [OK] 0xf0b561: mov dword ptr [rax+0x4], 0x0 [OK] 0xf0b568: add rdx, 0x18 [OK] 0xf0b56c: mov qword ptr [rax+0x8], 0x0 [OK] 0xf0b574: mov qword ptr [rax+0x10], 0x0 [OK] 0xf0b57c: jz 0xf0b8ec [OK] 0xf0b582: mov rcx, rdx [OK] 0xf0b585: mov dword ptr [rdx], 0x0 [OK] 0xf0b58b: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b592: add rcx, 0x18 [OK] 0xf0b596: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b59e: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b5a6: jz 0xf0b8e3 [OK] 0xf0b5ac: mov rdx, rcx [OK] 0xf0b5af: mov dword ptr [rcx], 0x0 [OK] 0xf0b5b5: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b5bc: add rdx, 0x18 [OK] 0xf0b5c0: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b5c8: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b5d0: jz 0xf0b8da [OK] 0xf0b5d6: mov rcx, rdx [OK] 0xf0b5d9: mov dword ptr [rdx], 0x0 [OK] 0xf0b5df: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b5e6: add rcx, 0x18 [OK] 0xf0b5ea: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b5f2: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b5fa: jz 0xf0b8d1 [OK] 0xf0b600: mov rdx, rcx [OK] 0xf0b603: mov dword ptr [rcx], 0x0 [OK] 0xf0b609: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b610: add rdx, 0x18 [OK] 0xf0b614: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b61c: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b624: jz 0xf0b8c8 [OK] 0xf0b62a: mov rcx, rdx [OK] 0xf0b62d: mov dword ptr [rdx], 0x0 [OK] 0xf0b633: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b63a: add rcx, 0x18 [OK] 0xf0b63e: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b646: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b64e: jz 0xf0b8bf [OK] 0xf0b654: mov dword ptr [rcx], 0x0 [OK] 0xf0b65a: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b661: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b669: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b671: add rcx, 0x18 [OK] 0xf0b675: jz 0xf0b694 [OK] 0xf0b677: mov dword ptr [rcx], 0x0 [OK] 0xf0b67d: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b684: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b68c: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b694: lea rbp, ptr [rbx+0x38] [OK] 0xf0b698: mov qword ptr [rbx+0x20], rax [OK] 0xf0b69c: mov dword ptr [rbx+0x28], 0x8 [OK] 0xf0b6a3: mov dword ptr [rbx+0x2c], 0x0 [OK] 0xf0b6aa: mov dword ptr [rbx+0x30], 0x0 [OK] 0xf0b6b1: mov rdi, rbp [OK] 0xf0b6b4: call 0xecb3a0 [OK] 0xecb3a0: push rbp [OK] 0xecb3a1: mov rbp, rdi [OK] 0xecb3a4: mov edi, 0x20 [OK] 0xecb3a9: push rbx [OK] 0xecb3aa: sub rsp, 0x8 [OK] 0xecb3ae: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0x7f5ffc56e721: mov rdx, qword ptr [r12+0x18] [OK] 0x7f5ffc56e726: cmp r12, qword ptr [rdx+0x10] [OK] 0x7f5ffc56e72a: jnz 0x7f5ffc56f7ca [OK] 0x7f5ffc56e730: or qword ptr [r12+rbp*1+0x8], 0x1 [OK] 0x7f5ffc56e736: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56e73a: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56e73e: lea rax, ptr [rip+0x318efb] [OK] 0x7f5ffc56e745: cmp rbx, rax [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xecb3b3: test rax, rax [OK] 0xecb3b6: mov rbx, rax [OK] 0xecb3b9: jz 0xecb50d [OK] 0xecb3bf: mov qword ptr [rax], 0x0 [OK] 0xecb3c6: mov dword ptr [rax+0x8], 0x0 [OK] 0xecb3cd: mov edi, 0x180 [OK] 0xecb3d2: mov dword ptr [rax+0xc], 0x0 [OK] 0xecb3d9: mov dword ptr [rax+0x10], 0x0 [OK] 0xecb3e0: mov qword ptr [rax+0x18], 0x0 [OK] 0xecb3e8: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xecb3ed: test rax, rax [OK] 0xecb3f0: mov rdx, rax [OK] 0xecb3f3: jz 0xecb518 [OK] 0xecb3f9: mov rsi, rdx [OK] 0xecb3fc: xor eax, eax [OK] 0xecb3fe: mov ecx, 0x6 [OK] 0xecb403: mov rdi, rdx [OK] 0xecb406: add rsi, 0x30 [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40a: rep stosq qword ptr [rdi] [OK] 0xecb40d: mov dword ptr [rdx+0x10], 0x13 [OK] 0xecb414: jz 0xecb549 [OK] 0xecb41a: mov r8, rsi [OK] 0xecb41d: xor eax, eax [OK] 0xecb41f: mov ecx, 0x6 [OK] 0xecb424: mov rdi, rsi [OK] 0xecb427: add r8, 0x30 [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42b: rep stosq qword ptr [rdi] [OK] 0xecb42e: mov dword ptr [rsi+0x10], 0x13 [OK] 0xecb435: jz 0xecb540 [OK] 0xecb43b: mov rsi, r8 [OK] 0xecb43e: xor eax, eax [OK] 0xecb440: mov ecx, 0x6 [OK] 0xecb445: mov rdi, r8 [OK] 0xecb448: add rsi, 0x30 [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44c: rep stosq qword ptr [rdi] [OK] 0xecb44f: mov dword ptr [r8+0x10], 0x13 [OK] 0xecb457: jz 0xecb537 [OK] 0xecb45d: mov r8, rsi [OK] 0xecb460: xor eax, eax [OK] 0xecb462: mov ecx, 0x6 [OK] 0xecb467: mov rdi, rsi [OK] 0xecb46a: add r8, 0x30 [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb46e: rep stosq qword ptr [rdi] [OK] 0xecb471: mov dword ptr [rsi+0x10], 0x13 [OK] 0xecb478: jz 0xecb52e [OK] 0xecb47e: mov rsi, r8 [OK] 0xecb481: xor eax, eax [OK] 0xecb483: mov ecx, 0x6 [OK] 0xecb488: mov rdi, r8 [OK] 0xecb48b: add rsi, 0x30 [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb48f: rep stosq qword ptr [rdi] [OK] 0xecb492: mov dword ptr [r8+0x10], 0x13 [OK] 0xecb49a: jz 0xecb528 [OK] 0xecb4a0: mov r8, rsi [OK] 0xecb4a3: xor eax, eax [OK] 0xecb4a5: mov ecx, 0x6 [OK] 0xecb4aa: mov rdi, rsi [OK] 0xecb4ad: add r8, 0x30 [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b1: rep stosq qword ptr [rdi] [OK] 0xecb4b4: mov dword ptr [rsi+0x10], 0x13 [OK] 0xecb4bb: jz 0xecb522 [OK] 0xecb4bd: xor eax, eax [OK] 0xecb4bf: mov rdi, r8 [OK] 0xecb4c2: mov ecx, 0x6 [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4c7: rep stosq qword ptr [rdi] [OK] 0xecb4ca: mov dword ptr [r8+0x10], 0x13 [OK] 0xecb4d2: add r8, 0x30 [OK] 0xecb4d6: jz 0xecb4ed [OK] 0xecb4d8: mov ecx, 0x6 [OK] 0xecb4dd: xor eax, eax [OK] 0xecb4df: mov rdi, r8 [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e2: rep stosq qword ptr [rdi] [OK] 0xecb4e5: mov dword ptr [r8+0x10], 0x13 [OK] 0xecb4ed: mov qword ptr [rbx], rdx [OK] 0xecb4f0: mov dword ptr [rbx+0x8], 0x8 [OK] 0xecb4f7: mov dword ptr [rbx+0xc], 0x0 [OK] 0xecb4fe: mov dword ptr [rbx+0x10], 0x0 [OK] 0xecb505: mov qword ptr [rbx+0x18], 0x0 [OK] 0xecb50d: mov qword ptr [rbp], rbx [OK] 0xecb511: add rsp, 0x8 [OK] 0xecb515: pop rbx [OK] 0xecb516: pop rbp [OK] 0xecb517: ret [OK] 0xf0b6b9: mov edi, 0xc0 [OK] 0xf0b6be: call 0xefc640 [OK] 0xefc640: test rdi, rdi [OK] 0xefc643: jz 0xefc710 [OK] 0xefc649: push rbp [OK] 0xefc64a: push rbx [OK] 0xefc64b: lea rbx, ptr [rdi+0x8] [OK] 0xefc64f: sub rsp, 0x18 [OK] 0xefc653: mov rdi, rbx [OK] 0xefc656: call 0x40b650 [OK] 0x40b650: jmp qword ptr [rip+0xf6cd82] [OK] 0xefc65b: test rax, rax [OK] 0xefc65e: mov rbp, rax [OK] 0xefc661: jz 0xefc742 [OK] 0xefc667: mov qword ptr [rax], rbx [OK] 0xefc66a: mov rax, qword ptr fs:[0x0] [OK] 0xefc673: lea rax, ptr [rax-0x10] [OK] 0xefc67a: add rbx, qword ptr [rax] [OK] 0xefc67d: cmp rbx, 0x186a0 [OK] 0xefc684: mov qword ptr [rax], rbx [OK] 0xefc687: jnle 0xefc698 [OK] 0xefc689: add rsp, 0x18 [OK] 0xefc68d: lea rax, ptr [rbp+0x8] [OK] 0xefc691: pop rbx [OK] 0xefc692: pop rbp [OK] 0xefc693: ret [OK] 0xf0b6c3: test rax, rax [OK] 0xf0b6c6: jz 0xf0b86e [OK] 0xf0b6cc: mov rdx, rax [OK] 0xf0b6cf: mov dword ptr [rax], 0x0 [OK] 0xf0b6d5: mov dword ptr [rax+0x4], 0x0 [OK] 0xf0b6dc: add rdx, 0x18 [OK] 0xf0b6e0: mov qword ptr [rax+0x8], 0x0 [OK] 0xf0b6e8: mov qword ptr [rax+0x10], 0x0 [OK] 0xf0b6f0: jz 0xf0b865 [OK] 0xf0b6f6: mov rcx, rdx [OK] 0xf0b6f9: mov dword ptr [rdx], 0x0 [OK] 0xf0b6ff: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b706: add rcx, 0x18 [OK] 0xf0b70a: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b712: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b71a: jz 0xf0b85c [OK] 0xf0b720: mov rdx, rcx [OK] 0xf0b723: mov dword ptr [rcx], 0x0 [OK] 0xf0b729: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b730: add rdx, 0x18 [OK] 0xf0b734: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b73c: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b744: jz 0xf0b853 [OK] 0xf0b74a: mov rcx, rdx [OK] 0xf0b74d: mov dword ptr [rdx], 0x0 [OK] 0xf0b753: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b75a: add rcx, 0x18 [OK] 0xf0b75e: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b766: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b76e: jz 0xf0b84a [OK] 0xf0b774: mov rdx, rcx [OK] 0xf0b777: mov dword ptr [rcx], 0x0 [OK] 0xf0b77d: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b784: add rdx, 0x18 [OK] 0xf0b788: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b790: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b798: jz 0xf0b841 [OK] 0xf0b79e: mov rcx, rdx [OK] 0xf0b7a1: mov dword ptr [rdx], 0x0 [OK] 0xf0b7a7: mov dword ptr [rdx+0x4], 0x0 [OK] 0xf0b7ae: add rcx, 0x18 [OK] 0xf0b7b2: mov qword ptr [rdx+0x8], 0x0 [OK] 0xf0b7ba: mov qword ptr [rdx+0x10], 0x0 [OK] 0xf0b7c2: jz 0xf0b83b [OK] 0xf0b7c4: mov dword ptr [rcx], 0x0 [OK] 0xf0b7ca: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b7d1: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b7d9: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b7e1: add rcx, 0x18 [OK] 0xf0b7e5: jz 0xf0b804 [OK] 0xf0b7e7: mov dword ptr [rcx], 0x0 [OK] 0xf0b7ed: mov dword ptr [rcx+0x4], 0x0 [OK] 0xf0b7f4: mov qword ptr [rcx+0x8], 0x0 [OK] 0xf0b7fc: mov qword ptr [rcx+0x10], 0x0 [OK] 0xf0b804: mov qword ptr [rbx+0x40], rax [OK] 0xf0b808: mov dword ptr [rbx+0x48], 0x8 [OK] 0xf0b80f: mov dword ptr [rbx+0x4c], 0x0 [OK] 0xf0b816: mov dword ptr [rbx+0x50], 0x0 [OK] 0xf0b81d: mov qword ptr [rbx+0x58], 0x0 [OK] 0xf0b825: mov qword ptr [rip+0x46ef34], rbx [OK] 0xf0b82c: pop rbx [OK] 0xf0b82d: pop rbp [OK] 0xf0b82e: pop r12 [OK] 0xf0b830: ret [OK] 0xefc2ed: mov byte ptr [rip+0x47e33d], 0x1 [OK] 0xefc2f4: add rsp, 0x8 [OK] 0xefc2f8: pop rbx [OK] 0xefc2f9: pop rbp [OK] 0xefc2fa: ret [OK] 0x40db52: lea rsi, ptr [rip+0xb2d663] [OK] 0x40db59: mov edi, 0x1 [OK] 0x40db5e: call 0xefc280 [OK] 0xefc280: test rsi, rsi [OK] 0xefc283: mov byte ptr [rip+0x47e3b6], dil [OK] 0xefc28a: jz 0xefc298 [OK] 0xefc28c: test dil, dil [OK] 0xefc28f: jz 0xefc298 [OK] 0xefc291: mov qword ptr [rip+0x47c548], rsi [OK] 0xefc298: ret [OK] 0x40db63: mov rsi, rbp [OK] 0x40db66: mov edi, ebx [OK] 0x40db68: call 0x41f9d0 [OK] 0x41f9d0: push r15 [OK] 0x41f9d2: push r14 [OK] 0x41f9d4: push r13 [OK] 0x41f9d6: mov r13d, edi [OK] 0x41f9d9: push r12 [OK] 0x41f9db: push rbp [OK] 0x41f9dc: push rbx [OK] 0x41f9dd: sub rsp, 0x18 [OK] 0x41f9e1: cmp edi, 0x1 [OK] 0x41f9e4: mov qword ptr [rsp+0x8], rsi [OK] 0x41fb08: add rsp, 0x18 [OK] 0x41fb0c: pop rbx [OK] 0x41fb0d: pop rbp [OK] 0x41fb0e: pop r12 [OK] 0x41fb10: pop r13 [OK] 0x41fb12: pop r14 [OK] 0x41fb14: pop r15 [OK] 0x41fb16: ret [OK] 0x40db6d: call 0xefc060 [OK] 0xefc060: push rbp [OK] 0xefc061: push rbx [OK] 0xefc062: sub rsp, 0x18 [OK] 0xefc066: mov rdi, rsp [OK] 0xefc069: mov rbx, rsp [OK] 0xefc06c: call 0xf0a840 [OK] 0xf0a840: push r12 [OK] 0xf0a842: mov r12, qword ptr [rip+0x46ff17] [OK] 0xf0a849: push rbp [OK] 0xf0a84a: lea rbp, ptr [rip+0x470237] [OK] 0xf0a851: push rbx [OK] 0xf0a852: mov rbx, rdi [OK] 0xf0a855: mov qword ptr [rdi], 0x0 [OK] 0xf0a85c: mov rdi, rbp [OK] 0xf0a85f: call 0x40b3c0 [OK] 0x40b3c0: jmp qword ptr [rip+0xf6ceca] [OK] 0x7f5ffd632880: sub rsp, 0x18 [OK] 0x7f5ffd632884: mov edx, 0x1 [OK] 0x7f5ffd632889: xor eax, eax [OK] 0x7f5ffd63288b: mov dword ptr [rsp+0xc], 0x0 [OK] 0x7f5ffd632893: lock cmpxchg dword ptr [rdi], edx [OK] 0x7f5ffd6328a4: add rsp, 0x18 [OK] 0x7f5ffd6328a8: ret [OK] 0xf0a864: lea rsi, ptr [r12+0x58] [OK] 0xf0a869: mov rdi, rbx [OK] 0xf0a86c: call 0xece520 [OK] 0xece520: push r15 [OK] 0xece522: push r14 [OK] 0xece524: mov r14, rsi [OK] 0xece527: push r13 [OK] 0xece529: push r12 [OK] 0xece52b: mov r12, rdi [OK] 0xece52e: push rbp [OK] 0xece52f: push rbx [OK] 0xece530: sub rsp, 0x18 [OK] 0xece534: mov rax, qword ptr [rsi] [OK] 0xece537: test rax, rax [OK] 0xece540: mov rbp, qword ptr [r12] [OK] 0xece544: test rbp, rbp [OK] 0xece54f: mov rax, qword ptr [r14] [OK] 0xece552: mov qword ptr [r12], rax [OK] 0xece556: add rsp, 0x18 [OK] 0xece55a: mov rax, r12 [OK] 0xece55d: pop rbx [OK] 0xece55e: pop rbp [OK] 0xece55f: pop r12 [OK] 0xece561: pop r13 [OK] 0xece563: pop r14 [OK] 0xece565: pop r15 [OK] 0xece567: ret [OK] 0xf0a871: mov rdi, rbp [OK] 0xf0a874: call 0x40b030 [OK] 0x40b030: jmp qword ptr [rip+0xf6d092] [OK] 0x7f5ffd6328b0: xor eax, eax [OK] 0x7f5ffd6328b2: xchg dword ptr [rdi], eax [OK] 0x7f5ffd6328b4: test eax, eax [OK] 0x7f5ffd6328b6: js 0x7f5ffd6328ba [OK] 0x7f5ffd6328b8: ret [OK] 0xf0a879: mov rax, rbx [OK] 0xf0a87c: pop rbx [OK] 0xf0a87d: pop rbp [OK] 0xf0a87e: pop r12 [OK] 0xf0a880: ret [OK] 0xefc071: call 0xeca840 [OK] 0xeca840: mov eax, dword ptr [rip+0x4afdaa] [OK] 0xeca846: ret [OK] 0xefc076: lea rsi, ptr [rip+0x65ceb] [OK] 0xefc07d: mov edx, eax [OK] 0xefc07f: mov rdi, rsp [OK] 0xefc082: call 0xecfa50 [OK] 0xecfa50: mov rdi, qword ptr [rdi] [OK] 0xecfa53: test rdi, rdi [OK] 0xecfa60: mov eax, edx [OK] 0xecfa62: ret [OK] 0xefc087: mov edi, eax [OK] 0xefc089: call 0xeca830 [OK] 0xeca830: mov dword ptr [rip+0x4afdba], edi [OK] 0xeca836: ret [OK] 0xefc08e: lea rsi, ptr [rip+0x5800b] [OK] 0xefc095: mov edx, 0x1 [OK] 0xefc09a: mov rdi, rsp [OK] 0xefc09d: call 0xecf810 [OK] 0xecf810: mov rdi, qword ptr [rdi] [OK] 0xecf813: test rdi, rdi [OK] 0xecf820: mov eax, edx [OK] 0xecf822: ret [OK] 0xefc0a2: movzx edi, al [OK] 0xefc0a5: call 0xf06f30 [OK] 0xf06f30: mov byte ptr [rip+0x4718c9], dil [OK] 0xf06f37: ret [OK] 0xefc0aa: lea rsi, ptr [rip+0x3f0fb] [OK] 0xefc0b1: xor edx, edx [OK] 0xefc0b3: mov rdi, rsp [OK] 0xefc0b6: call 0xecfa50 [OK] 0xecfa50: mov rdi, qword ptr [rdi] [OK] 0xecfa53: test rdi, rdi [OK] 0xecfa60: mov eax, edx [OK] 0xecfa62: ret [OK] 0xefc0bb: cmp eax, 0xffffffff [OK] 0xefc0be: mov rdi, 0xffffffffffffffff [OK] 0xefc0c5: jz 0xefc0cd [OK] 0xefc0c7: mov edi, eax [OK] 0xefc0c9: shl rdi, 0x14 [OK] 0xefc0cd: call 0xefc3c0 [OK] 0xefc3c0: mov qword ptr [rip+0x47e2a9], rdi [OK] 0xefc3c7: ret [OK] 0xefc0d2: lea rsi, ptr [rip+0x65c97] [OK] 0xefc0d9: xor edx, edx [OK] 0xefc0db: mov rdi, rbx [OK] 0xefc0de: call 0xecfa50 [OK] 0xecfa50: mov rdi, qword ptr [rdi] [OK] 0xecfa53: test rdi, rdi [OK] 0xecfa60: mov eax, edx [OK] 0xecfa62: ret [OK] 0xefc0e3: mov edi, eax [OK] 0xefc0e5: call 0xefc360 [OK] 0xefc360: mov qword ptr [rip+0x47e2e9], rdi [OK] 0xefc367: ret [OK] 0xefc0ea: mov rdi, rbx [OK] 0xefc0ed: call 0xecb090 [OK] 0xecb090: push r15 [OK] 0xecb092: push r14 [OK] 0xecb094: push r13 [OK] 0xecb096: push r12 [OK] 0xecb098: push rbp [OK] 0xecb099: push rbx [OK] 0xecb09a: sub rsp, 0x8 [OK] 0xecb09e: mov rbp, qword ptr [rdi] [OK] 0xecb0a1: test rbp, rbp [OK] 0xecb0ac: add rsp, 0x8 [OK] 0xecb0b0: pop rbx [OK] 0xecb0b1: pop rbp [OK] 0xecb0b2: pop r12 [OK] 0xecb0b4: pop r13 [OK] 0xecb0b6: pop r14 [OK] 0xecb0b8: pop r15 [OK] 0xecb0ba: ret [OK] 0xefc0f2: add rsp, 0x18 [OK] 0xefc0f6: pop rbx [OK] 0xefc0f7: pop rbp [OK] 0xefc0f8: ret [OK] 0x40db72: mov rbx, qword ptr [rip+0xf6b7d7] [OK] 0x40db79: test rbx, rbx [OK] 0x40dce8: cmp byte ptr [rip+0xf6b651], 0x0 [OK] 0x40dcef: jnz 0x40db8f [OK] 0x40dcf5: lea rdi, ptr [rip+0xb2d4d5] [OK] 0x40dcfc: call 0x41f640 [OK] 0x41f640: push rbp [OK] 0x41f641: lea rsi, ptr [rip+0xb1bab5] [OK] 0x41f648: mov rbp, rdi [OK] 0x41f64b: push rbx [OK] 0x41f64c: sub rsp, 0x8 [OK] 0x41f650: mov rbx, qword ptr [rip+0xf58979] [OK] 0x41f657: mov rdi, rbx [OK] 0x41f65a: call 0x40b3e0 [OK] 0x40b3e0: jmp qword ptr [rip+0xf6ceba] [OK] 0x40b3e6: push 0x51 [OK] 0x40b3eb: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffdbd2e70: push rbp [OK] 0x7f5ffdbd2e71: mov rbp, rdi [OK] 0x7f5ffdbd2e74: push rbx [OK] 0x7f5ffdbd2e75: mov rbx, rsi [OK] 0x7f5ffdbd2e78: sub rsp, 0x8 [OK] 0x7f5ffdbd2e7c: test rsi, rsi [OK] 0x7f5ffdbd2e7f: jz 0x7f5ffdbd2ea8 [OK] 0x7f5ffdbd2e81: mov rdi, rsi [OK] 0x7f5ffdbd2e84: call 0x7f5ffdb97d60 [OK] 0x7f5ffdbd2e89: mov rsi, rbx [OK] 0x7f5ffdbd2e8c: mov rdi, rbp [OK] 0x7f5ffdbd2e8f: mov rdx, rax [OK] 0x7f5ffdbd2e92: call 0x7f5ffdb985b0 [OK] 0x7f5ffdb985b0: jmp qword ptr [rip+0x2936ea] [OK] 0x7f5ffdb985b6: push 0x191 [OK] 0x7f5ffdb985bb: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbd2a10: push r15 [OK] 0x7f5ffdbd2a12: push r14 [OK] 0x7f5ffdbd2a14: mov r14, rdx [OK] 0x7f5ffdbd2a17: push r13 [OK] 0x7f5ffdbd2a19: push r12 [OK] 0x7f5ffdbd2a1b: push rbp [OK] 0x7f5ffdbd2a1c: push rbx [OK] 0x7f5ffdbd2a1d: mov rbx, rdi [OK] 0x7f5ffdbd2a20: sub rsp, 0x38 [OK] 0x7f5ffdbd2a24: lea r15, ptr [rsp+0x20] [OK] 0x7f5ffdbd2a29: mov qword ptr [rsp+0x8], rsi [OK] 0x7f5ffdbd2a2e: mov rsi, rdi [OK] 0x7f5ffdbd2a31: mov rdi, r15 [OK] 0x7f5ffdbd2a34: call 0x7f5ffdb99480 [OK] 0x7f5ffdb99480: jmp qword ptr [rip+0x292f82] [OK] 0x7f5ffdb99486: push 0x27e [OK] 0x7f5ffdb9948b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbd2360: push rbp [OK] 0x7f5ffdbd2361: mov rax, rsi [OK] 0x7f5ffdbd2364: mov rbp, rdi [OK] 0x7f5ffdbd2367: push rbx [OK] 0x7f5ffdbd2368: mov rbx, rsi [OK] 0x7f5ffdbd236b: sub rsp, 0x8 [OK] 0x7f5ffdbd236f: mov rdx, qword ptr [rsi] [OK] 0x7f5ffdbd2372: mov byte ptr [rdi], 0x0 [OK] 0x7f5ffdbd2375: mov qword ptr [rbp+0x8], rsi [OK] 0x7f5ffdbd2379: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd237d: mov rdi, qword ptr [rax+0xd8] [OK] 0x7f5ffdbd2384: test rdi, rdi [OK] 0x7f5ffdbd2387: jz 0x7f5ffdbd2398 [OK] 0x7f5ffdbd2389: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd238c: test esi, esi [OK] 0x7f5ffdbd238e: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd2390: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdb98456: push 0x17b [OK] 0x7f5ffdb9845b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffdb99576: push 0x28d [OK] 0x7f5ffdb9957b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbd2395: mov rdx, qword ptr [rbx] [OK] 0x7f5ffdbd2398: mov rax, rbx [OK] 0x7f5ffdbd239b: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd239f: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd23a2: test esi, esi [OK] 0x7f5ffdbd23a4: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd23a6: mov byte ptr [rbp], 0x1 [OK] 0x7f5ffdbd23aa: add rsp, 0x8 [OK] 0x7f5ffdbd23ae: pop rbx [OK] 0x7f5ffdbd23af: pop rbp [OK] 0x7f5ffdbd23b0: ret [OK] 0x7f5ffdbd2a39: cmp byte ptr [rsp+0x20], 0x0 [OK] 0x7f5ffdbd2a3e: jz 0x7f5ffdbd2a98 [OK] 0x7f5ffdbd2a40: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2a43: mov rdx, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2a47: lea r13, ptr [rbx+rdx*1] [OK] 0x7f5ffdbd2a4b: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffdbd2a4f: cmp rax, r14 [OK] 0x7f5ffdbd2a52: mov qword ptr [rsp+0x18], rax [OK] 0x7f5ffdbd2bc0: mov rdi, qword ptr [r13+0xe8] [OK] 0x7f5ffdbd2bc7: mov rdx, r14 [OK] 0x7f5ffdbd2bca: mov rsi, qword ptr [rsp+0x8] [OK] 0x7f5ffdbd2bcf: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2bd2: call qword ptr [rax+0x60] [OK] 0x7f5ffdbd1480: mov rcx, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd1484: mov rax, rsi [OK] 0x7f5ffdbd1487: mov esi, 0x1 [OK] 0x7f5ffdbd148c: mov rdi, rax [OK] 0x7f5ffdbd148f: jmp 0x7f5ffdb99000 [OK] 0x7f5ffdb99000: jmp qword ptr [rip+0x2931c2] [OK] 0x7f5ffdb99006: push 0x236 [OK] 0x7f5ffdb9900b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffc55f360: push r13 [OK] 0x7f5ffc55f362: mov r13, rdx [OK] 0x7f5ffc55f365: push r12 [OK] 0x7f5ffc55f367: mov r12, rsi [OK] 0x7f5ffc55f36a: imul r12, rdx [OK] 0x7f5ffc55f36e: push rbp [OK] 0x7f5ffc55f36f: mov rbp, rsi [OK] 0x7f5ffc55f372: push rbx [OK] 0x7f5ffc55f373: sub rsp, 0x8 [OK] 0x7f5ffc55f377: test r12, r12 [OK] 0x7f5ffc55f37a: jz 0x7f5ffc55f470 [OK] 0x7f5ffc55f380: mov eax, dword ptr [rcx] [OK] 0x7f5ffc55f382: mov r9, rdi [OK] 0x7f5ffc55f385: mov rbx, rcx [OK] 0x7f5ffc55f388: and eax, 0x8000 [OK] 0x7f5ffc55f38d: jnz 0x7f5ffc55f3ef [OK] 0x7f5ffc55f38f: mov r8, qword ptr [rcx+0x88] [OK] 0x7f5ffc55f396: mov rdx, qword ptr fs:[0x10] [OK] 0x7f5ffc55f39f: cmp rdx, qword ptr [r8+0x8] [OK] 0x7f5ffc55f3a3: jz 0x7f5ffc55f3ea [OK] 0x7f5ffc55f3a5: mov esi, 0x1 [OK] 0x7f5ffc55f3aa: cmp dword ptr [rip+0x32d403], 0x0 [OK] 0x7f5ffc55f3bc: cmpxchg dword ptr [r8], esi [OK] 0x7f5ffc55f3d8: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3df: mov qword ptr [rax+0x8], rdx [OK] 0x7f5ffc55f3e3: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3ea: add dword ptr [r8+0x4], 0x1 [OK] 0x7f5ffc55f3ef: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc55f3f5: test eax, eax [OK] 0x7f5ffc55f440: mov dword ptr [rbx+0xc0], 0xffffffff [OK] 0x7f5ffc55f44a: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55f451: mov rdx, r12 [OK] 0x7f5ffc55f454: mov rsi, r9 [OK] 0x7f5ffc55f457: mov rdi, rbx [OK] 0x7f5ffc55f45a: call qword ptr [rax+0x38] [OK] 0x7f5ffc5694d0: push r14 [OK] 0x7f5ffc5694d2: xor eax, eax [OK] 0x7f5ffc5694d4: test rdx, rdx [OK] 0x7f5ffc5694d7: push r13 [OK] 0x7f5ffc5694d9: push r12 [OK] 0x7f5ffc5694db: push rbp [OK] 0x7f5ffc5694dc: push rbx [OK] 0x7f5ffc5694dd: mov rbx, rdx [OK] 0x7f5ffc5694e0: jz 0x7f5ffc569546 [OK] 0x7f5ffc5694e2: mov eax, dword ptr [rdi] [OK] 0x7f5ffc5694e4: mov rbp, rdi [OK] 0x7f5ffc5694e7: mov r12, rsi [OK] 0x7f5ffc5694ea: and eax, 0xa00 [OK] 0x7f5ffc5694ef: cmp eax, 0xa00 [OK] 0x7f5ffc5694f4: jz 0x7f5ffc5695c0 [OK] 0x7f5ffc5694fa: mov rdx, qword ptr [rdi+0x30] [OK] 0x7f5ffc5694fe: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffc569502: cmp rdx, rdi [OK] 0x7f5ffc569550: xor r14d, r14d [OK] 0x7f5ffc569553: mov r13, rbx [OK] 0x7f5ffc569556: lea rax, ptr [r14+r13*1] [OK] 0x7f5ffc56955a: test rax, rax [OK] 0x7f5ffc56955d: jz 0x7f5ffc569540 [OK] 0x7f5ffc56955f: mov rax, qword ptr [rbp+0xd8] [OK] 0x7f5ffc569566: mov esi, 0xffffffff [OK] 0x7f5ffc56956b: mov rdi, rbp [OK] 0x7f5ffc56956e: call qword ptr [rax+0x18] [OK] 0x7f5ffc56a150: push r12 [OK] 0x7f5ffc56a152: push rbp [OK] 0x7f5ffc56a153: push rbx [OK] 0x7f5ffc56a154: mov ecx, dword ptr [rdi] [OK] 0x7f5ffc56a156: mov rbx, rdi [OK] 0x7f5ffc56a159: test cl, 0x8 [OK] 0x7f5ffc56a15c: jnz 0x7f5ffc56a2c0 [OK] 0x7f5ffc56a162: test ch, 0x8 [OK] 0x7f5ffc56a165: mov ebp, esi [OK] 0x7f5ffc56a1b8: cmp qword ptr [rdi+0x20], 0x0 [OK] 0x7f5ffc56a2e0: mov rdi, rbx [OK] 0x7f5ffc56a2e3: call 0x7f5ffc56ae30 [OK] 0x7f5ffc56ae30: push rbx [OK] 0x7f5ffc56ae31: cmp qword ptr [rdi+0x38], 0x0 [OK] 0x7f5ffc56ae36: mov rbx, rdi [OK] 0x7f5ffc56ae40: test byte ptr [rdi], 0x2 [OK] 0x7f5ffc56ae43: jz 0x7f5ffc56ae4f [OK] 0x7f5ffc56ae45: mov eax, dword ptr [rdi+0xc0] [OK] 0x7f5ffc56ae4b: test eax, eax [OK] 0x7f5ffc56ae61: lea rdx, ptr [rbx+0x84] [OK] 0x7f5ffc56ae68: lea rsi, ptr [rbx+0x83] [OK] 0x7f5ffc56ae6f: mov rdi, rbx [OK] 0x7f5ffc56ae72: pop rbx [OK] 0x7f5ffc56ae73: xor ecx, ecx [OK] 0x7f5ffc56ae75: jmp 0x7f5ffc56adb0 [OK] 0x7f5ffc56adb0: push rbp [OK] 0x7f5ffc56adb1: mov rbp, rsi [OK] 0x7f5ffc56adb4: push rbx [OK] 0x7f5ffc56adb5: mov rbx, rdi [OK] 0x7f5ffc56adb8: sub rsp, 0x18 [OK] 0x7f5ffc56adbc: mov rdi, qword ptr [rdi+0x38] [OK] 0x7f5ffc56adc0: mov eax, dword ptr [rbx] [OK] 0x7f5ffc56adc2: test rdi, rdi [OK] 0x7f5ffc56adcb: test ecx, ecx [OK] 0x7f5ffc56adcd: mov qword ptr [rbx+0x38], rbp [OK] 0x7f5ffc56add1: mov qword ptr [rbx+0x40], rdx [OK] 0x7f5ffc56add5: jnz 0x7f5ffc56ade8 [OK] 0x7f5ffc56add7: or eax, 0x1 [OK] 0x7f5ffc56adda: mov dword ptr [rbx], eax [OK] 0x7f5ffc56addc: add rsp, 0x18 [OK] 0x7f5ffc56ade0: pop rbx [OK] 0x7f5ffc56ade1: pop rbp [OK] 0x7f5ffc56ade2: ret [OK] 0x7f5ffc56a2e8: mov rdx, qword ptr [rbx+0x38] [OK] 0x7f5ffc56a2ec: mov ecx, dword ptr [rbx] [OK] 0x7f5ffc56a2ee: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56a2f2: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc56a2f6: mov qword ptr [rbx+0x10], rdx [OK] 0x7f5ffc56a2fa: jmp 0x7f5ffc56a1c7 [KO] 0x7f5ffc56a1c7: test ch, 0x1 (2 error) Register : pd Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (_ bv1 1) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv0 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv1 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv2 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv3 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv4 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv5 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv6 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11033) (_ bv7 8)))) Register : zf Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (ite (= ((_ extract 7 0) #11033) (_ bv0 8)) (_ bv1 1) (_ bv0 1)) [OK] 0x7f5ffc56a1ca: jnz 0x7f5ffc56a31a [OK] 0x7f5ffc56a1d0: mov rsi, qword ptr [rbx+0x40] [OK] 0x7f5ffc56a1d4: cmp rsi, rdx [OK] 0x7f5ffc56a1d7: jz 0x7f5ffc56a2a8 [OK] 0x7f5ffc56a1dd: mov rax, qword ptr [rbx+0x10] [OK] 0x7f5ffc56a1e1: mov qword ptr [rbx+0x30], rsi [OK] 0x7f5ffc56a1e5: mov esi, dword ptr [rbx+0xc0] [OK] 0x7f5ffc56a1eb: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56a1ef: mov qword ptr [rbx+0x18], rax [OK] 0x7f5ffc56a1f3: mov eax, ecx [KO] 0x7f5ffc56a1f5: or ah, 0x8 (3 error) Register : rax Symbolic Value : 00000000fbad208f Concrete Value : 00000000fbad2887 Expression : (concat ((_ extract 63 8) ((_ extract 63 0) (_ bv4222427271 64))) (bvor ((_ extract 7 0) (_ bv4222427271 64)) (_ bv8 8))) Register : pd Symbolic Value : 0000000000000000 Concrete Value : 0000000000000001 Expression : (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (_ bv1 1) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv0 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv1 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv2 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv3 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv4 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv5 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv6 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #11088) (_ bv7 8)))) Register : sf Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (ite (= ((_ extract 7 7) #11088) (_ bv1 1)) (_ bv1 1) (_ bv0 1)) [OK] 0x7f5ffc56a1f8: mov qword ptr [rbx+0x28], rdx [OK] 0x7f5ffc56a1fc: mov qword ptr [rbx+0x20], rdx [OK] 0x7f5ffc56a200: test esi, esi [OK] 0x7f5ffc56a202: mov dword ptr [rbx], eax [OK] 0x7f5ffc56a204: jnle 0x7f5ffc56a178 [OK] 0x7f5ffc56a20a: and ecx, 0x202 [OK] 0x7f5ffc56a210: jz 0x7f5ffc56a178 [OK] 0x7f5ffc56a216: mov qword ptr [rbx+0x30], rdx [OK] 0x7f5ffc56a21a: jmp 0x7f5ffc56a178 [OK] 0x7f5ffc56a178: cmp ebp, 0xffffffff [OK] 0x7f5ffc56a290: mov rsi, qword ptr [rbx+0x20] [OK] 0x7f5ffc56a294: mov rdi, rbx [OK] 0x7f5ffc56a297: pop rbx [OK] 0x7f5ffc56a298: pop rbp [OK] 0x7f5ffc56a299: pop r12 [OK] 0x7f5ffc56a29b: sub rdx, rsi [OK] 0x7f5ffc56a29e: jmp 0x7f5ffc569e90 [OK] 0x7f5ffc569e90: xor eax, eax [OK] 0x7f5ffc569e92: test rdx, rdx [OK] 0x7f5ffc569e95: push rbx [OK] 0x7f5ffc569e96: mov rbx, rdx [OK] 0x7f5ffc569e99: jnz 0x7f5ffc569ea0 [OK] 0x7f5ffc569e9b: pop rbx [OK] 0x7f5ffc569e9c: ret [OK] 0x7f5ffc569571: cmp eax, 0xffffffff [OK] 0x7f5ffc569574: jz 0x7f5ffc569610 [OK] 0x7f5ffc56957a: mov rcx, qword ptr [rbp+0x40] [OK] 0x7f5ffc56957e: sub rcx, qword ptr [rbp+0x38] [OK] 0x7f5ffc569582: xor edx, edx [OK] 0x7f5ffc569584: cmp rcx, 0x7f [OK] 0x7f5ffc569592: mov r14, r13 [OK] 0x7f5ffc569595: sub r14, rdx [OK] 0x7f5ffc569648: mov rdx, r14 [OK] 0x7f5ffc56964b: mov rsi, r12 [OK] 0x7f5ffc56964e: mov rdi, rbp [OK] 0x7f5ffc569651: call 0x7f5ffc5686b0 [OK] 0x7f5ffc5686b0: push r12 [OK] 0x7f5ffc5686b2: mov r12, rsi [OK] 0x7f5ffc5686b5: push rbp [OK] 0x7f5ffc5686b6: mov rbp, rdx [OK] 0x7f5ffc5686b9: push rbx [OK] 0x7f5ffc5686ba: test dword ptr [rdi], 0x1000 [OK] 0x7f5ffc5686c0: mov rbx, rdi [OK] 0x7f5ffc568728: mov rax, qword ptr [rdi+0x10] [OK] 0x7f5ffc56872c: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc568730: cmp rax, rsi [OK] 0x7f5ffc5686d0: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc5686d7: mov rdx, rbp [OK] 0x7f5ffc5686da: mov rdi, rbx [OK] 0x7f5ffc5686dd: mov rsi, r12 [OK] 0x7f5ffc5686e0: call qword ptr [rax+0x78] [OK] 0x7f5ffc569000: push r13 [OK] 0x7f5ffc569002: mov r13, rdx [OK] 0x7f5ffc569005: push r12 [OK] 0x7f5ffc569007: mov r12, rdi [OK] 0x7f5ffc56900a: push rbp [OK] 0x7f5ffc56900b: push rbx [OK] 0x7f5ffc56900c: sub rsp, 0x8 [OK] 0x7f5ffc569010: test rdx, rdx [OK] 0x7f5ffc569013: jle 0x7f5ffc569088 [OK] 0x7f5ffc569015: mov rbp, rsi [OK] 0x7f5ffc569018: mov rbx, rdx [OK] 0x7f5ffc56901b: jmp 0x7f5ffc56902b [OK] 0x7f5ffc56902b: test byte ptr [r12+0x74], 0x2 [OK] 0x7f5ffc569031: mov edi, dword ptr [r12+0x70] [OK] 0x7f5ffc569036: mov rdx, rbx [OK] 0x7f5ffc569039: mov rsi, rbp [OK] 0x7f5ffc56903c: jnz 0x7f5ffc56908c [OK] 0x7f5ffc56903e: call 0x7f5ffc5cfe40 [OK] 0x7f5ffc5cfe40: cmp dword ptr [rip+0x2bc96d], 0x0 [OK] 0x7f5ffc5cfe47: jnz 0x7f5ffc5cfe59 [OK] 0x7f5ffc5cfe49: mov eax, 0x1 [OK] 0x7f5ffc5cfe50: cmp rax, 0xfffffffffffff001 [OK] 0x7f5ffc5cfe56: jnb 0x7f5ffc5cfe89 [OK] 0x7f5ffc5cfe58: ret [OK] 0x7f5ffc569043: test rax, rax [OK] 0x7f5ffc569020: sub rbx, rax [OK] 0x7f5ffc569023: add rbp, rax [OK] 0x7f5ffc569026: test rbx, rbx [OK] 0x7f5ffc569080: mov rax, r13 [OK] 0x7f5ffc569083: sub rax, rbx [OK] 0x7f5ffc569086: jmp 0x7f5ffc569053 [OK] 0x7f5ffc569053: mov rdx, qword ptr [r12+0x90] [OK] 0x7f5ffc56905b: test rdx, rdx [OK] 0x7f5ffc56906b: add rsp, 0x8 [OK] 0x7f5ffc56906f: pop rbx [OK] 0x7f5ffc569070: pop rbp [OK] 0x7f5ffc569071: pop r12 [OK] 0x7f5ffc569073: pop r13 [OK] 0x7f5ffc569075: ret [OK] 0x7f5ffc5686e3: movzx edi, word ptr [rbx+0x80] [OK] 0x7f5ffc5686ea: mov rbp, rax [OK] 0x7f5ffc5686ed: test di, di [OK] 0x7f5ffc5686f0: jnz 0x7f5ffc568760 [OK] 0x7f5ffc5686f2: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc5686f8: mov rdx, qword ptr [rbx+0x38] [OK] 0x7f5ffc5686fc: test eax, eax [OK] 0x7f5ffc5686fe: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc568702: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc568706: mov qword ptr [rbx+0x10], rdx [OK] 0x7f5ffc56870a: mov qword ptr [rbx+0x28], rdx [OK] 0x7f5ffc56870e: mov qword ptr [rbx+0x20], rdx [OK] 0x7f5ffc568788: test dword ptr [rbx], 0x202 [OK] 0x7f5ffc568718: mov qword ptr [rbx+0x30], rdx [OK] 0x7f5ffc56871c: mov rax, rbp [OK] 0x7f5ffc56871f: pop rbx [OK] 0x7f5ffc568720: pop rbp [OK] 0x7f5ffc568721: pop r12 [OK] 0x7f5ffc568723: ret [OK] 0x7f5ffc569656: sub r13, rax [OK] 0x7f5ffc569659: cmp r14, rax [OK] 0x7f5ffc56959e: test r13, r13 [OK] 0x7f5ffc569540: mov rax, rbx [OK] 0x7f5ffc569543: sub rax, r13 [OK] 0x7f5ffc569546: pop rbx [OK] 0x7f5ffc569547: pop rbp [OK] 0x7f5ffc569548: pop r12 [OK] 0x7f5ffc56954a: pop r13 [OK] 0x7f5ffc56954c: pop r14 [OK] 0x7f5ffc56954e: ret [OK] 0x7f5ffc55f45d: cmp rax, 0xffffffffffffffff [OK] 0x7f5ffc55f461: mov rdx, rax [OK] 0x7f5ffc55f464: setz sil [OK] 0x7f5ffc55f468: jmp 0x7f5ffc55f402 [OK] 0x7f5ffc55f402: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55f408: jnz 0x7f5ffc55f420 [OK] 0x7f5ffc55f40a: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f411: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55f490: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f497: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55f49f: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f4a6: cmp dword ptr [rip+0x32d307], 0x0 [OK] 0x7f5ffc55f4b7: dec dword ptr [r8] [OK] 0x7f5ffc55f4d2: jmp 0x7f5ffc55f420 [OK] 0x7f5ffc55f420: cmp rdx, r12 [OK] 0x7f5ffc55f480: add rsp, 0x8 [OK] 0x7f5ffc55f484: mov rax, r13 [OK] 0x7f5ffc55f487: pop rbx [OK] 0x7f5ffc55f488: pop rbp [OK] 0x7f5ffc55f489: pop r12 [OK] 0x7f5ffc55f48b: pop r13 [OK] 0x7f5ffc55f48d: ret [OK] 0x7f5ffdbd2bd5: cmp r14, rax [OK] 0x7f5ffdbd2bd8: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2bdb: jnz 0x7f5ffdbd2b97 [OK] 0x7f5ffdbd2bdd: jmp 0x7f5ffdbd2bac [OK] 0x7f5ffdbd2bac: mov r12, rbx [OK] 0x7f5ffdbd2baf: add r12, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2bb3: jmp 0x7f5ffdbd2a8f [OK] 0x7f5ffdbd2a8f: mov qword ptr [r12+0x10], 0x0 [OK] 0x7f5ffdbd2a98: mov rax, qword ptr [rsp+0x28] [OK] 0x7f5ffdbd2a9d: mov rdx, qword ptr [rax] [OK] 0x7f5ffdbd2aa0: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd2aa4: test byte ptr [rax+0x19], 0x20 [OK] 0x7f5ffdbd2aa8: mov rbp, rax [OK] 0x7f5ffdbd2aab: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2aad: call 0x7f5ffdb97b20 [OK] 0x7f5ffdb97b20: jmp qword ptr [rip+0x293c32] [OK] 0x7f5ffdb97b26: push 0xe8 [OK] 0x7f5ffdb97b2b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdb9b880: sub rsp, 0x8 [OK] 0x7f5ffdb9b884: call 0x7f5ffdb987d0 [OK] 0x7f5ffdb987d0: jmp qword ptr [rip+0x2935da] [OK] 0x7f5ffdb987d6: push 0x1b3 [OK] 0x7f5ffdb987db: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdb9b950: lea rdi, ptr [rip+0x28edc1] [OK] 0x7f5ffdb9b957: call 0x7f5ffdb97fa0 [OK] 0x7f5ffdb97fa0: jmp qword ptr [rip+0x2939f2] [OK] 0x7f5ffdb97fa6: push 0x130 [OK] 0x7f5ffdb97fab: jmp 0x7f5ffdb96c90 [OK] 0x7f6013b9ef00: mov rsi, qword ptr fs:[0x8] [OK] 0x7f6013b9ef09: mov rax, qword ptr [rip+0x210050] [OK] 0x7f6013b9ef10: cmp qword ptr [rsi], rax [OK] 0x7f6013b9ef13: jnz 0x7f6013b9ef2b [OK] 0x7f6013b9ef15: mov rax, qword ptr [rdi] [OK] 0x7f6013b9ef18: shl rax, 0x4 [OK] 0x7f6013b9ef1c: mov rax, qword ptr [rsi+rax*1] [OK] 0x7f6013b9ef20: cmp rax, 0xffffffffffffffff [OK] 0x7f6013b9ef24: jz 0x7f6013b9ef30 [OK] 0x7f6013b9ef26: add rax, qword ptr [rdi+0x8] [OK] 0x7f6013b9ef2a: ret [OK] 0x7f5ffdb9b95c: add rax, 0x0 [OK] 0x7f5ffdb9b962: ret [OK] 0x7f5ffdb9b889: mov eax, dword ptr [rax+0x8] [OK] 0x7f5ffdb9b88c: test eax, eax [OK] 0x7f5ffdb9b88e: setnz al [OK] 0x7f5ffdb9b891: add rsp, 0x8 [OK] 0x7f5ffdb9b895: ret [OK] 0x7f5ffdbd2ab2: test al, al [OK] 0x7f5ffdbd2ab4: jnz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ab6: mov rdi, qword ptr [rbp+0xe8] [OK] 0x7f5ffdbd2abd: test rdi, rdi [OK] 0x7f5ffdbd2ac0: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ac2: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2ac5: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd2ac8: cmp eax, 0xffffffff [OK] 0x7f5ffdbd2acb: jz 0x7f5ffdbd2cd0 [OK] 0x7f5ffdbd2ad1: add rsp, 0x38 [OK] 0x7f5ffdbd2ad5: mov rax, rbx [OK] 0x7f5ffdbd2ad8: pop rbx [OK] 0x7f5ffdbd2ad9: pop rbp [OK] 0x7f5ffdbd2ada: pop r12 [OK] 0x7f5ffdbd2adc: pop r13 [OK] 0x7f5ffdbd2ade: pop r14 [OK] 0x7f5ffdbd2ae0: pop r15 [OK] 0x7f5ffdbd2ae2: ret [OK] 0x7f5ffdbd2e97: add rsp, 0x8 [OK] 0x7f5ffdbd2e9b: mov rax, rbp [OK] 0x7f5ffdbd2e9e: pop rbx [OK] 0x7f5ffdbd2e9f: pop rbp [OK] 0x7f5ffdbd2ea0: ret [OK] 0x41f65f: mov rsi, rbp [OK] 0x41f662: mov rdi, rax [OK] 0x41f665: call 0x40b3e0 [OK] 0x40b3e0: jmp qword ptr [rip+0xf6ceba] [OK] 0x7f5ffdbd2e70: push rbp [OK] 0x7f5ffdbd2e71: mov rbp, rdi [OK] 0x7f5ffdbd2e74: push rbx [OK] 0x7f5ffdbd2e75: mov rbx, rsi [OK] 0x7f5ffdbd2e78: sub rsp, 0x8 [OK] 0x7f5ffdbd2e7c: test rsi, rsi [OK] 0x7f5ffdbd2e7f: jz 0x7f5ffdbd2ea8 [OK] 0x7f5ffdbd2e81: mov rdi, rsi [OK] 0x7f5ffdbd2e84: call 0x7f5ffdb97d60 [OK] 0x7f5ffdbd2e89: mov rsi, rbx [OK] 0x7f5ffdbd2e8c: mov rdi, rbp [OK] 0x7f5ffdbd2e8f: mov rdx, rax [OK] 0x7f5ffdbd2e92: call 0x7f5ffdb985b0 [OK] 0x7f5ffdb985b0: jmp qword ptr [rip+0x2936ea] [OK] 0x7f5ffdbd2a10: push r15 [OK] 0x7f5ffdbd2a12: push r14 [OK] 0x7f5ffdbd2a14: mov r14, rdx [OK] 0x7f5ffdbd2a17: push r13 [OK] 0x7f5ffdbd2a19: push r12 [OK] 0x7f5ffdbd2a1b: push rbp [OK] 0x7f5ffdbd2a1c: push rbx [OK] 0x7f5ffdbd2a1d: mov rbx, rdi [OK] 0x7f5ffdbd2a20: sub rsp, 0x38 [OK] 0x7f5ffdbd2a24: lea r15, ptr [rsp+0x20] [OK] 0x7f5ffdbd2a29: mov qword ptr [rsp+0x8], rsi [OK] 0x7f5ffdbd2a2e: mov rsi, rdi [OK] 0x7f5ffdbd2a31: mov rdi, r15 [OK] 0x7f5ffdbd2a34: call 0x7f5ffdb99480 [OK] 0x7f5ffdb99480: jmp qword ptr [rip+0x292f82] [OK] 0x7f5ffdbd2360: push rbp [OK] 0x7f5ffdbd2361: mov rax, rsi [OK] 0x7f5ffdbd2364: mov rbp, rdi [OK] 0x7f5ffdbd2367: push rbx [OK] 0x7f5ffdbd2368: mov rbx, rsi [OK] 0x7f5ffdbd236b: sub rsp, 0x8 [OK] 0x7f5ffdbd236f: mov rdx, qword ptr [rsi] [OK] 0x7f5ffdbd2372: mov byte ptr [rdi], 0x0 [OK] 0x7f5ffdbd2375: mov qword ptr [rbp+0x8], rsi [OK] 0x7f5ffdbd2379: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd237d: mov rdi, qword ptr [rax+0xd8] [OK] 0x7f5ffdbd2384: test rdi, rdi [OK] 0x7f5ffdbd2387: jz 0x7f5ffdbd2398 [OK] 0x7f5ffdbd2389: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd238c: test esi, esi [OK] 0x7f5ffdbd238e: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd2390: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbd2395: mov rdx, qword ptr [rbx] [OK] 0x7f5ffdbd2398: mov rax, rbx [OK] 0x7f5ffdbd239b: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd239f: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd23a2: test esi, esi [OK] 0x7f5ffdbd23a4: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd23a6: mov byte ptr [rbp], 0x1 [OK] 0x7f5ffdbd23aa: add rsp, 0x8 [OK] 0x7f5ffdbd23ae: pop rbx [OK] 0x7f5ffdbd23af: pop rbp [OK] 0x7f5ffdbd23b0: ret [OK] 0x7f5ffdbd2a39: cmp byte ptr [rsp+0x20], 0x0 [OK] 0x7f5ffdbd2a3e: jz 0x7f5ffdbd2a98 [OK] 0x7f5ffdbd2a40: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2a43: mov rdx, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2a47: lea r13, ptr [rbx+rdx*1] [OK] 0x7f5ffdbd2a4b: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffdbd2a4f: cmp rax, r14 [OK] 0x7f5ffdbd2a52: mov qword ptr [rsp+0x18], rax [OK] 0x7f5ffdbd2bc0: mov rdi, qword ptr [r13+0xe8] [OK] 0x7f5ffdbd2bc7: mov rdx, r14 [OK] 0x7f5ffdbd2bca: mov rsi, qword ptr [rsp+0x8] [OK] 0x7f5ffdbd2bcf: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2bd2: call qword ptr [rax+0x60] [OK] 0x7f5ffdbd1480: mov rcx, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd1484: mov rax, rsi [OK] 0x7f5ffdbd1487: mov esi, 0x1 [OK] 0x7f5ffdbd148c: mov rdi, rax [OK] 0x7f5ffdbd148f: jmp 0x7f5ffdb99000 [OK] 0x7f5ffdb99000: jmp qword ptr [rip+0x2931c2] [OK] 0x7f5ffc55f360: push r13 [OK] 0x7f5ffc55f362: mov r13, rdx [OK] 0x7f5ffc55f365: push r12 [OK] 0x7f5ffc55f367: mov r12, rsi [OK] 0x7f5ffc55f36a: imul r12, rdx [OK] 0x7f5ffc55f36e: push rbp [OK] 0x7f5ffc55f36f: mov rbp, rsi [OK] 0x7f5ffc55f372: push rbx [OK] 0x7f5ffc55f373: sub rsp, 0x8 [OK] 0x7f5ffc55f377: test r12, r12 [OK] 0x7f5ffc55f37a: jz 0x7f5ffc55f470 [OK] 0x7f5ffc55f380: mov eax, dword ptr [rcx] [OK] 0x7f5ffc55f382: mov r9, rdi [OK] 0x7f5ffc55f385: mov rbx, rcx [OK] 0x7f5ffc55f388: and eax, 0x8000 [OK] 0x7f5ffc55f38d: jnz 0x7f5ffc55f3ef [OK] 0x7f5ffc55f38f: mov r8, qword ptr [rcx+0x88] [OK] 0x7f5ffc55f396: mov rdx, qword ptr fs:[0x10] [OK] 0x7f5ffc55f39f: cmp rdx, qword ptr [r8+0x8] [OK] 0x7f5ffc55f3a3: jz 0x7f5ffc55f3ea [OK] 0x7f5ffc55f3a5: mov esi, 0x1 [OK] 0x7f5ffc55f3aa: cmp dword ptr [rip+0x32d403], 0x0 [OK] 0x7f5ffc55f3bc: cmpxchg dword ptr [r8], esi [OK] 0x7f5ffc55f3d8: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3df: mov qword ptr [rax+0x8], rdx [OK] 0x7f5ffc55f3e3: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3ea: add dword ptr [r8+0x4], 0x1 [OK] 0x7f5ffc55f3ef: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc55f3f5: test eax, eax [OK] 0x7f5ffc55f3f7: jz 0x7f5ffc55f440 [OK] 0x7f5ffc55f3f9: cmp eax, 0xffffffff [OK] 0x7f5ffc55f44a: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55f451: mov rdx, r12 [OK] 0x7f5ffc55f454: mov rsi, r9 [OK] 0x7f5ffc55f457: mov rdi, rbx [OK] 0x7f5ffc55f45a: call qword ptr [rax+0x38] [OK] 0x7f5ffc5694d0: push r14 [OK] 0x7f5ffc5694d2: xor eax, eax [OK] 0x7f5ffc5694d4: test rdx, rdx [OK] 0x7f5ffc5694d7: push r13 [OK] 0x7f5ffc5694d9: push r12 [OK] 0x7f5ffc5694db: push rbp [OK] 0x7f5ffc5694dc: push rbx [OK] 0x7f5ffc5694dd: mov rbx, rdx [OK] 0x7f5ffc5694e0: jz 0x7f5ffc569546 [OK] 0x7f5ffc5694e2: mov eax, dword ptr [rdi] [OK] 0x7f5ffc5694e4: mov rbp, rdi [OK] 0x7f5ffc5694e7: mov r12, rsi [OK] 0x7f5ffc5694ea: and eax, 0xa00 [OK] 0x7f5ffc5694ef: cmp eax, 0xa00 [OK] 0x7f5ffc5694f4: jz 0x7f5ffc5695c0 [OK] 0x7f5ffc5694fa: mov rdx, qword ptr [rdi+0x30] [OK] 0x7f5ffc5694fe: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffc569502: cmp rdx, rdi [OK] 0x7f5ffc569550: xor r14d, r14d [OK] 0x7f5ffc569553: mov r13, rbx [OK] 0x7f5ffc569556: lea rax, ptr [r14+r13*1] [OK] 0x7f5ffc56955a: test rax, rax [OK] 0x7f5ffc56955d: jz 0x7f5ffc569540 [OK] 0x7f5ffc56955f: mov rax, qword ptr [rbp+0xd8] [OK] 0x7f5ffc569566: mov esi, 0xffffffff [OK] 0x7f5ffc56956b: mov rdi, rbp [OK] 0x7f5ffc56956e: call qword ptr [rax+0x18] [OK] 0x7f5ffc56a150: push r12 [OK] 0x7f5ffc56a152: push rbp [OK] 0x7f5ffc56a153: push rbx [OK] 0x7f5ffc56a154: mov ecx, dword ptr [rdi] [OK] 0x7f5ffc56a156: mov rbx, rdi [OK] 0x7f5ffc56a159: test cl, 0x8 [OK] 0x7f5ffc56a15c: jnz 0x7f5ffc56a2c0 [KO] 0x7f5ffc56a162: test ch, 0x8 (2 error) Register : pd Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (_ bv1 1) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv0 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv1 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv2 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv3 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv4 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv5 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv6 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #13412) (_ bv7 8)))) Register : zf Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (ite (= ((_ extract 7 0) #13412) (_ bv0 8)) (_ bv1 1) (_ bv0 1)) [OK] 0x7f5ffc56a165: mov ebp, esi [OK] 0x7f5ffc56a167: jz 0x7f5ffc56a1b8 [OK] 0x7f5ffc56a169: cmp qword ptr [rdi+0x20], 0x0 [OK] 0x7f5ffc56a16e: jz 0x7f5ffc56a2e0 [OK] 0x7f5ffc56a174: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc56a178: cmp ebp, 0xffffffff [OK] 0x7f5ffc56a290: mov rsi, qword ptr [rbx+0x20] [OK] 0x7f5ffc56a294: mov rdi, rbx [OK] 0x7f5ffc56a297: pop rbx [OK] 0x7f5ffc56a298: pop rbp [OK] 0x7f5ffc56a299: pop r12 [OK] 0x7f5ffc56a29b: sub rdx, rsi [OK] 0x7f5ffc56a29e: jmp 0x7f5ffc569e90 [OK] 0x7f5ffc569e90: xor eax, eax [OK] 0x7f5ffc569e92: test rdx, rdx [OK] 0x7f5ffc569e95: push rbx [OK] 0x7f5ffc569e96: mov rbx, rdx [OK] 0x7f5ffc569e99: jnz 0x7f5ffc569ea0 [OK] 0x7f5ffc569e9b: pop rbx [OK] 0x7f5ffc569e9c: ret [OK] 0x7f5ffc569571: cmp eax, 0xffffffff [OK] 0x7f5ffc569574: jz 0x7f5ffc569610 [OK] 0x7f5ffc56957a: mov rcx, qword ptr [rbp+0x40] [OK] 0x7f5ffc56957e: sub rcx, qword ptr [rbp+0x38] [OK] 0x7f5ffc569582: xor edx, edx [OK] 0x7f5ffc569584: cmp rcx, 0x7f [OK] 0x7f5ffc569592: mov r14, r13 [OK] 0x7f5ffc569595: sub r14, rdx [OK] 0x7f5ffc569648: mov rdx, r14 [OK] 0x7f5ffc56964b: mov rsi, r12 [OK] 0x7f5ffc56964e: mov rdi, rbp [OK] 0x7f5ffc569651: call 0x7f5ffc5686b0 [OK] 0x7f5ffc5686b0: push r12 [OK] 0x7f5ffc5686b2: mov r12, rsi [OK] 0x7f5ffc5686b5: push rbp [OK] 0x7f5ffc5686b6: mov rbp, rdx [OK] 0x7f5ffc5686b9: push rbx [OK] 0x7f5ffc5686ba: test dword ptr [rdi], 0x1000 [OK] 0x7f5ffc5686c0: mov rbx, rdi [OK] 0x7f5ffc568728: mov rax, qword ptr [rdi+0x10] [OK] 0x7f5ffc56872c: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc568730: cmp rax, rsi [OK] 0x7f5ffc5686d0: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc5686d7: mov rdx, rbp [OK] 0x7f5ffc5686da: mov rdi, rbx [OK] 0x7f5ffc5686dd: mov rsi, r12 [OK] 0x7f5ffc5686e0: call qword ptr [rax+0x78] [OK] 0x7f5ffc569000: push r13 [OK] 0x7f5ffc569002: mov r13, rdx [OK] 0x7f5ffc569005: push r12 [OK] 0x7f5ffc569007: mov r12, rdi [OK] 0x7f5ffc56900a: push rbp [OK] 0x7f5ffc56900b: push rbx [OK] 0x7f5ffc56900c: sub rsp, 0x8 [OK] 0x7f5ffc569010: test rdx, rdx [OK] 0x7f5ffc569013: jle 0x7f5ffc569088 [OK] 0x7f5ffc569015: mov rbp, rsi [OK] 0x7f5ffc569018: mov rbx, rdx [OK] 0x7f5ffc56901b: jmp 0x7f5ffc56902b [OK] 0x7f5ffc56902b: test byte ptr [r12+0x74], 0x2 [OK] 0x7f5ffc569031: mov edi, dword ptr [r12+0x70] [OK] 0x7f5ffc569036: mov rdx, rbx [OK] 0x7f5ffc569039: mov rsi, rbp [OK] 0x7f5ffc56903c: jnz 0x7f5ffc56908c [OK] 0x7f5ffc56903e: call 0x7f5ffc5cfe40 [OK] 0x7f5ffc5cfe40: cmp dword ptr [rip+0x2bc96d], 0x0 [OK] 0x7f5ffc5cfe47: jnz 0x7f5ffc5cfe59 [OK] 0x7f5ffc5cfe49: mov eax, 0x1 [OK] 0x7f5ffc5cfe50: cmp rax, 0xfffffffffffff001 [OK] 0x7f5ffc5cfe56: jnb 0x7f5ffc5cfe89 [OK] 0x7f5ffc5cfe58: ret [OK] 0x7f5ffc569043: test rax, rax [OK] 0x7f5ffc569020: sub rbx, rax [OK] 0x7f5ffc569023: add rbp, rax [OK] 0x7f5ffc569026: test rbx, rbx [OK] 0x7f5ffc569080: mov rax, r13 [OK] 0x7f5ffc569083: sub rax, rbx [OK] 0x7f5ffc569086: jmp 0x7f5ffc569053 [OK] 0x7f5ffc569053: mov rdx, qword ptr [r12+0x90] [OK] 0x7f5ffc56905b: test rdx, rdx [OK] 0x7f5ffc56906b: add rsp, 0x8 [OK] 0x7f5ffc56906f: pop rbx [OK] 0x7f5ffc569070: pop rbp [OK] 0x7f5ffc569071: pop r12 [OK] 0x7f5ffc569073: pop r13 [OK] 0x7f5ffc569075: ret [OK] 0x7f5ffc5686e3: movzx edi, word ptr [rbx+0x80] [OK] 0x7f5ffc5686ea: mov rbp, rax [OK] 0x7f5ffc5686ed: test di, di [OK] 0x7f5ffc5686f0: jnz 0x7f5ffc568760 [OK] 0x7f5ffc5686f2: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc5686f8: mov rdx, qword ptr [rbx+0x38] [OK] 0x7f5ffc5686fc: test eax, eax [OK] 0x7f5ffc5686fe: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc568702: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc568706: mov qword ptr [rbx+0x10], rdx [OK] 0x7f5ffc56870a: mov qword ptr [rbx+0x28], rdx [OK] 0x7f5ffc56870e: mov qword ptr [rbx+0x20], rdx [OK] 0x7f5ffc568788: test dword ptr [rbx], 0x202 [OK] 0x7f5ffc568718: mov qword ptr [rbx+0x30], rdx [OK] 0x7f5ffc56871c: mov rax, rbp [OK] 0x7f5ffc56871f: pop rbx [OK] 0x7f5ffc568720: pop rbp [OK] 0x7f5ffc568721: pop r12 [OK] 0x7f5ffc568723: ret [OK] 0x7f5ffc569656: sub r13, rax [OK] 0x7f5ffc569659: cmp r14, rax [OK] 0x7f5ffc56959e: test r13, r13 [OK] 0x7f5ffc569540: mov rax, rbx [OK] 0x7f5ffc569543: sub rax, r13 [OK] 0x7f5ffc569546: pop rbx [OK] 0x7f5ffc569547: pop rbp [OK] 0x7f5ffc569548: pop r12 [OK] 0x7f5ffc56954a: pop r13 [OK] 0x7f5ffc56954c: pop r14 [OK] 0x7f5ffc56954e: ret [OK] 0x7f5ffc55f45d: cmp rax, 0xffffffffffffffff [OK] 0x7f5ffc55f461: mov rdx, rax [OK] 0x7f5ffc55f464: setz sil [OK] 0x7f5ffc55f468: jmp 0x7f5ffc55f402 [OK] 0x7f5ffc55f402: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55f408: jnz 0x7f5ffc55f420 [OK] 0x7f5ffc55f40a: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f411: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55f490: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f497: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55f49f: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f4a6: cmp dword ptr [rip+0x32d307], 0x0 [OK] 0x7f5ffc55f4b7: dec dword ptr [r8] [OK] 0x7f5ffc55f4d2: jmp 0x7f5ffc55f420 [OK] 0x7f5ffc55f420: cmp rdx, r12 [OK] 0x7f5ffc55f480: add rsp, 0x8 [OK] 0x7f5ffc55f484: mov rax, r13 [OK] 0x7f5ffc55f487: pop rbx [OK] 0x7f5ffc55f488: pop rbp [OK] 0x7f5ffc55f489: pop r12 [OK] 0x7f5ffc55f48b: pop r13 [OK] 0x7f5ffc55f48d: ret [OK] 0x7f5ffdbd2bd5: cmp r14, rax [OK] 0x7f5ffdbd2bd8: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2bdb: jnz 0x7f5ffdbd2b97 [OK] 0x7f5ffdbd2bdd: jmp 0x7f5ffdbd2bac [OK] 0x7f5ffdbd2bac: mov r12, rbx [OK] 0x7f5ffdbd2baf: add r12, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2bb3: jmp 0x7f5ffdbd2a8f [OK] 0x7f5ffdbd2a8f: mov qword ptr [r12+0x10], 0x0 [OK] 0x7f5ffdbd2a98: mov rax, qword ptr [rsp+0x28] [OK] 0x7f5ffdbd2a9d: mov rdx, qword ptr [rax] [OK] 0x7f5ffdbd2aa0: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd2aa4: test byte ptr [rax+0x19], 0x20 [OK] 0x7f5ffdbd2aa8: mov rbp, rax [OK] 0x7f5ffdbd2aab: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2aad: call 0x7f5ffdb97b20 [OK] 0x7f5ffdb97b20: jmp qword ptr [rip+0x293c32] [OK] 0x7f5ffdb9b880: sub rsp, 0x8 [OK] 0x7f5ffdb9b884: call 0x7f5ffdb987d0 [OK] 0x7f5ffdb987d0: jmp qword ptr [rip+0x2935da] [OK] 0x7f5ffdb9b950: lea rdi, ptr [rip+0x28edc1] [OK] 0x7f5ffdb9b957: call 0x7f5ffdb97fa0 [OK] 0x7f5ffdb97fa0: jmp qword ptr [rip+0x2939f2] [OK] 0x7f6013b9ef00: mov rsi, qword ptr fs:[0x8] [OK] 0x7f6013b9ef09: mov rax, qword ptr [rip+0x210050] [OK] 0x7f6013b9ef10: cmp qword ptr [rsi], rax [OK] 0x7f6013b9ef13: jnz 0x7f6013b9ef2b [OK] 0x7f6013b9ef15: mov rax, qword ptr [rdi] [OK] 0x7f6013b9ef18: shl rax, 0x4 [OK] 0x7f6013b9ef1c: mov rax, qword ptr [rsi+rax*1] [OK] 0x7f6013b9ef20: cmp rax, 0xffffffffffffffff [OK] 0x7f6013b9ef24: jz 0x7f6013b9ef30 [OK] 0x7f6013b9ef26: add rax, qword ptr [rdi+0x8] [OK] 0x7f6013b9ef2a: ret [OK] 0x7f5ffdb9b95c: add rax, 0x0 [OK] 0x7f5ffdb9b962: ret [OK] 0x7f5ffdb9b889: mov eax, dword ptr [rax+0x8] [OK] 0x7f5ffdb9b88c: test eax, eax [OK] 0x7f5ffdb9b88e: setnz al [OK] 0x7f5ffdb9b891: add rsp, 0x8 [OK] 0x7f5ffdb9b895: ret [OK] 0x7f5ffdbd2ab2: test al, al [OK] 0x7f5ffdbd2ab4: jnz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ab6: mov rdi, qword ptr [rbp+0xe8] [OK] 0x7f5ffdbd2abd: test rdi, rdi [OK] 0x7f5ffdbd2ac0: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ac2: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2ac5: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd2ac8: cmp eax, 0xffffffff [OK] 0x7f5ffdbd2acb: jz 0x7f5ffdbd2cd0 [OK] 0x7f5ffdbd2ad1: add rsp, 0x38 [OK] 0x7f5ffdbd2ad5: mov rax, rbx [OK] 0x7f5ffdbd2ad8: pop rbx [OK] 0x7f5ffdbd2ad9: pop rbp [OK] 0x7f5ffdbd2ada: pop r12 [OK] 0x7f5ffdbd2adc: pop r13 [OK] 0x7f5ffdbd2ade: pop r14 [OK] 0x7f5ffdbd2ae0: pop r15 [OK] 0x7f5ffdbd2ae2: ret [OK] 0x7f5ffdbd2e97: add rsp, 0x8 [OK] 0x7f5ffdbd2e9b: mov rax, rbp [OK] 0x7f5ffdbd2e9e: pop rbx [OK] 0x7f5ffdbd2e9f: pop rbp [OK] 0x7f5ffdbd2ea0: ret [OK] 0x41f66a: lea rsi, ptr [rip+0xb12fc7] [OK] 0x41f671: mov rdi, rax [OK] 0x41f674: call 0x40b3e0 [OK] 0x40b3e0: jmp qword ptr [rip+0xf6ceba] [OK] 0x7f5ffdbd2e70: push rbp [OK] 0x7f5ffdbd2e71: mov rbp, rdi [OK] 0x7f5ffdbd2e74: push rbx [OK] 0x7f5ffdbd2e75: mov rbx, rsi [OK] 0x7f5ffdbd2e78: sub rsp, 0x8 [OK] 0x7f5ffdbd2e7c: test rsi, rsi [OK] 0x7f5ffdbd2e7f: jz 0x7f5ffdbd2ea8 [OK] 0x7f5ffdbd2e81: mov rdi, rsi [OK] 0x7f5ffdbd2e84: call 0x7f5ffdb97d60 [OK] 0x7f5ffdbd2e89: mov rsi, rbx [OK] 0x7f5ffdbd2e8c: mov rdi, rbp [OK] 0x7f5ffdbd2e8f: mov rdx, rax [OK] 0x7f5ffdbd2e92: call 0x7f5ffdb985b0 [OK] 0x7f5ffdb985b0: jmp qword ptr [rip+0x2936ea] [OK] 0x7f5ffdbd2a10: push r15 [OK] 0x7f5ffdbd2a12: push r14 [OK] 0x7f5ffdbd2a14: mov r14, rdx [OK] 0x7f5ffdbd2a17: push r13 [OK] 0x7f5ffdbd2a19: push r12 [OK] 0x7f5ffdbd2a1b: push rbp [OK] 0x7f5ffdbd2a1c: push rbx [OK] 0x7f5ffdbd2a1d: mov rbx, rdi [OK] 0x7f5ffdbd2a20: sub rsp, 0x38 [OK] 0x7f5ffdbd2a24: lea r15, ptr [rsp+0x20] [OK] 0x7f5ffdbd2a29: mov qword ptr [rsp+0x8], rsi [OK] 0x7f5ffdbd2a2e: mov rsi, rdi [OK] 0x7f5ffdbd2a31: mov rdi, r15 [OK] 0x7f5ffdbd2a34: call 0x7f5ffdb99480 [OK] 0x7f5ffdb99480: jmp qword ptr [rip+0x292f82] [OK] 0x7f5ffdbd2360: push rbp [OK] 0x7f5ffdbd2361: mov rax, rsi [OK] 0x7f5ffdbd2364: mov rbp, rdi [OK] 0x7f5ffdbd2367: push rbx [OK] 0x7f5ffdbd2368: mov rbx, rsi [OK] 0x7f5ffdbd236b: sub rsp, 0x8 [OK] 0x7f5ffdbd236f: mov rdx, qword ptr [rsi] [OK] 0x7f5ffdbd2372: mov byte ptr [rdi], 0x0 [OK] 0x7f5ffdbd2375: mov qword ptr [rbp+0x8], rsi [OK] 0x7f5ffdbd2379: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd237d: mov rdi, qword ptr [rax+0xd8] [OK] 0x7f5ffdbd2384: test rdi, rdi [OK] 0x7f5ffdbd2387: jz 0x7f5ffdbd2398 [OK] 0x7f5ffdbd2389: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd238c: test esi, esi [OK] 0x7f5ffdbd238e: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd2390: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbd2395: mov rdx, qword ptr [rbx] [OK] 0x7f5ffdbd2398: mov rax, rbx [OK] 0x7f5ffdbd239b: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd239f: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd23a2: test esi, esi [OK] 0x7f5ffdbd23a4: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd23a6: mov byte ptr [rbp], 0x1 [OK] 0x7f5ffdbd23aa: add rsp, 0x8 [OK] 0x7f5ffdbd23ae: pop rbx [OK] 0x7f5ffdbd23af: pop rbp [OK] 0x7f5ffdbd23b0: ret [OK] 0x7f5ffdbd2a39: cmp byte ptr [rsp+0x20], 0x0 [OK] 0x7f5ffdbd2a3e: jz 0x7f5ffdbd2a98 [OK] 0x7f5ffdbd2a40: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2a43: mov rdx, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2a47: lea r13, ptr [rbx+rdx*1] [OK] 0x7f5ffdbd2a4b: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffdbd2a4f: cmp rax, r14 [OK] 0x7f5ffdbd2a52: mov qword ptr [rsp+0x18], rax [OK] 0x7f5ffdbd2bc0: mov rdi, qword ptr [r13+0xe8] [OK] 0x7f5ffdbd2bc7: mov rdx, r14 [OK] 0x7f5ffdbd2bca: mov rsi, qword ptr [rsp+0x8] [OK] 0x7f5ffdbd2bcf: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2bd2: call qword ptr [rax+0x60] [OK] 0x7f5ffdbd1480: mov rcx, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd1484: mov rax, rsi [OK] 0x7f5ffdbd1487: mov esi, 0x1 [OK] 0x7f5ffdbd148c: mov rdi, rax [OK] 0x7f5ffdbd148f: jmp 0x7f5ffdb99000 [OK] 0x7f5ffdb99000: jmp qword ptr [rip+0x2931c2] [OK] 0x7f5ffc55f360: push r13 [OK] 0x7f5ffc55f362: mov r13, rdx [OK] 0x7f5ffc55f365: push r12 [OK] 0x7f5ffc55f367: mov r12, rsi [OK] 0x7f5ffc55f36a: imul r12, rdx [OK] 0x7f5ffc55f36e: push rbp [OK] 0x7f5ffc55f36f: mov rbp, rsi [OK] 0x7f5ffc55f372: push rbx [OK] 0x7f5ffc55f373: sub rsp, 0x8 [OK] 0x7f5ffc55f377: test r12, r12 [OK] 0x7f5ffc55f37a: jz 0x7f5ffc55f470 [OK] 0x7f5ffc55f380: mov eax, dword ptr [rcx] [OK] 0x7f5ffc55f382: mov r9, rdi [OK] 0x7f5ffc55f385: mov rbx, rcx [OK] 0x7f5ffc55f388: and eax, 0x8000 [OK] 0x7f5ffc55f38d: jnz 0x7f5ffc55f3ef [OK] 0x7f5ffc55f38f: mov r8, qword ptr [rcx+0x88] [OK] 0x7f5ffc55f396: mov rdx, qword ptr fs:[0x10] [OK] 0x7f5ffc55f39f: cmp rdx, qword ptr [r8+0x8] [OK] 0x7f5ffc55f3a3: jz 0x7f5ffc55f3ea [OK] 0x7f5ffc55f3a5: mov esi, 0x1 [OK] 0x7f5ffc55f3aa: cmp dword ptr [rip+0x32d403], 0x0 [OK] 0x7f5ffc55f3bc: cmpxchg dword ptr [r8], esi [OK] 0x7f5ffc55f3d8: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3df: mov qword ptr [rax+0x8], rdx [OK] 0x7f5ffc55f3e3: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3ea: add dword ptr [r8+0x4], 0x1 [OK] 0x7f5ffc55f3ef: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc55f3f5: test eax, eax [OK] 0x7f5ffc55f3f7: jz 0x7f5ffc55f440 [OK] 0x7f5ffc55f3f9: cmp eax, 0xffffffff [OK] 0x7f5ffc55f44a: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55f451: mov rdx, r12 [OK] 0x7f5ffc55f454: mov rsi, r9 [OK] 0x7f5ffc55f457: mov rdi, rbx [OK] 0x7f5ffc55f45a: call qword ptr [rax+0x38] [OK] 0x7f5ffc5694d0: push r14 [OK] 0x7f5ffc5694d2: xor eax, eax [OK] 0x7f5ffc5694d4: test rdx, rdx [OK] 0x7f5ffc5694d7: push r13 [OK] 0x7f5ffc5694d9: push r12 [OK] 0x7f5ffc5694db: push rbp [OK] 0x7f5ffc5694dc: push rbx [OK] 0x7f5ffc5694dd: mov rbx, rdx [OK] 0x7f5ffc5694e0: jz 0x7f5ffc569546 [OK] 0x7f5ffc5694e2: mov eax, dword ptr [rdi] [OK] 0x7f5ffc5694e4: mov rbp, rdi [OK] 0x7f5ffc5694e7: mov r12, rsi [OK] 0x7f5ffc5694ea: and eax, 0xa00 [OK] 0x7f5ffc5694ef: cmp eax, 0xa00 [OK] 0x7f5ffc5694f4: jz 0x7f5ffc5695c0 [OK] 0x7f5ffc5694fa: mov rdx, qword ptr [rdi+0x30] [OK] 0x7f5ffc5694fe: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffc569502: cmp rdx, rdi [OK] 0x7f5ffc569550: xor r14d, r14d [OK] 0x7f5ffc569553: mov r13, rbx [OK] 0x7f5ffc569556: lea rax, ptr [r14+r13*1] [OK] 0x7f5ffc56955a: test rax, rax [OK] 0x7f5ffc56955d: jz 0x7f5ffc569540 [OK] 0x7f5ffc56955f: mov rax, qword ptr [rbp+0xd8] [OK] 0x7f5ffc569566: mov esi, 0xffffffff [OK] 0x7f5ffc56956b: mov rdi, rbp [OK] 0x7f5ffc56956e: call qword ptr [rax+0x18] [OK] 0x7f5ffc56a150: push r12 [OK] 0x7f5ffc56a152: push rbp [OK] 0x7f5ffc56a153: push rbx [OK] 0x7f5ffc56a154: mov ecx, dword ptr [rdi] [OK] 0x7f5ffc56a156: mov rbx, rdi [OK] 0x7f5ffc56a159: test cl, 0x8 [OK] 0x7f5ffc56a15c: jnz 0x7f5ffc56a2c0 [KO] 0x7f5ffc56a162: test ch, 0x8 (2 error) Register : pd Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (_ bv1 1) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv0 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv1 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv2 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv3 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv4 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv5 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv6 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #15661) (_ bv7 8)))) Register : zf Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (ite (= ((_ extract 7 0) #15661) (_ bv0 8)) (_ bv1 1) (_ bv0 1)) [OK] 0x7f5ffc56a165: mov ebp, esi [OK] 0x7f5ffc56a167: jz 0x7f5ffc56a1b8 [OK] 0x7f5ffc56a169: cmp qword ptr [rdi+0x20], 0x0 [OK] 0x7f5ffc56a16e: jz 0x7f5ffc56a2e0 [OK] 0x7f5ffc56a174: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc56a178: cmp ebp, 0xffffffff [OK] 0x7f5ffc56a290: mov rsi, qword ptr [rbx+0x20] [OK] 0x7f5ffc56a294: mov rdi, rbx [OK] 0x7f5ffc56a297: pop rbx [OK] 0x7f5ffc56a298: pop rbp [OK] 0x7f5ffc56a299: pop r12 [OK] 0x7f5ffc56a29b: sub rdx, rsi [OK] 0x7f5ffc56a29e: jmp 0x7f5ffc569e90 [OK] 0x7f5ffc569e90: xor eax, eax [OK] 0x7f5ffc569e92: test rdx, rdx [OK] 0x7f5ffc569e95: push rbx [OK] 0x7f5ffc569e96: mov rbx, rdx [OK] 0x7f5ffc569e99: jnz 0x7f5ffc569ea0 [OK] 0x7f5ffc569e9b: pop rbx [OK] 0x7f5ffc569e9c: ret [OK] 0x7f5ffc569571: cmp eax, 0xffffffff [OK] 0x7f5ffc569574: jz 0x7f5ffc569610 [OK] 0x7f5ffc56957a: mov rcx, qword ptr [rbp+0x40] [OK] 0x7f5ffc56957e: sub rcx, qword ptr [rbp+0x38] [OK] 0x7f5ffc569582: xor edx, edx [OK] 0x7f5ffc569584: cmp rcx, 0x7f [OK] 0x7f5ffc569592: mov r14, r13 [OK] 0x7f5ffc569595: sub r14, rdx [OK] 0x7f5ffc569648: mov rdx, r14 [OK] 0x7f5ffc56964b: mov rsi, r12 [OK] 0x7f5ffc56964e: mov rdi, rbp [OK] 0x7f5ffc569651: call 0x7f5ffc5686b0 [OK] 0x7f5ffc5686b0: push r12 [OK] 0x7f5ffc5686b2: mov r12, rsi [OK] 0x7f5ffc5686b5: push rbp [OK] 0x7f5ffc5686b6: mov rbp, rdx [OK] 0x7f5ffc5686b9: push rbx [OK] 0x7f5ffc5686ba: test dword ptr [rdi], 0x1000 [OK] 0x7f5ffc5686c0: mov rbx, rdi [OK] 0x7f5ffc568728: mov rax, qword ptr [rdi+0x10] [OK] 0x7f5ffc56872c: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc568730: cmp rax, rsi [OK] 0x7f5ffc5686d0: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc5686d7: mov rdx, rbp [OK] 0x7f5ffc5686da: mov rdi, rbx [OK] 0x7f5ffc5686dd: mov rsi, r12 [OK] 0x7f5ffc5686e0: call qword ptr [rax+0x78] [OK] 0x7f5ffc569000: push r13 [OK] 0x7f5ffc569002: mov r13, rdx [OK] 0x7f5ffc569005: push r12 [OK] 0x7f5ffc569007: mov r12, rdi [OK] 0x7f5ffc56900a: push rbp [OK] 0x7f5ffc56900b: push rbx [OK] 0x7f5ffc56900c: sub rsp, 0x8 [OK] 0x7f5ffc569010: test rdx, rdx [OK] 0x7f5ffc569013: jle 0x7f5ffc569088 [OK] 0x7f5ffc569015: mov rbp, rsi [OK] 0x7f5ffc569018: mov rbx, rdx [OK] 0x7f5ffc56901b: jmp 0x7f5ffc56902b [OK] 0x7f5ffc56902b: test byte ptr [r12+0x74], 0x2 [OK] 0x7f5ffc569031: mov edi, dword ptr [r12+0x70] [OK] 0x7f5ffc569036: mov rdx, rbx [OK] 0x7f5ffc569039: mov rsi, rbp [OK] 0x7f5ffc56903c: jnz 0x7f5ffc56908c [OK] 0x7f5ffc56903e: call 0x7f5ffc5cfe40 [OK] 0x7f5ffc5cfe40: cmp dword ptr [rip+0x2bc96d], 0x0 [OK] 0x7f5ffc5cfe47: jnz 0x7f5ffc5cfe59 [OK] 0x7f5ffc5cfe49: mov eax, 0x1 [OK] 0x7f5ffc5cfe50: cmp rax, 0xfffffffffffff001 [OK] 0x7f5ffc5cfe56: jnb 0x7f5ffc5cfe89 [OK] 0x7f5ffc5cfe58: ret [OK] 0x7f5ffc569043: test rax, rax [OK] 0x7f5ffc569020: sub rbx, rax [OK] 0x7f5ffc569023: add rbp, rax [OK] 0x7f5ffc569026: test rbx, rbx [OK] 0x7f5ffc569080: mov rax, r13 [OK] 0x7f5ffc569083: sub rax, rbx [OK] 0x7f5ffc569086: jmp 0x7f5ffc569053 [OK] 0x7f5ffc569053: mov rdx, qword ptr [r12+0x90] [OK] 0x7f5ffc56905b: test rdx, rdx [OK] 0x7f5ffc56906b: add rsp, 0x8 [OK] 0x7f5ffc56906f: pop rbx [OK] 0x7f5ffc569070: pop rbp [OK] 0x7f5ffc569071: pop r12 [OK] 0x7f5ffc569073: pop r13 [OK] 0x7f5ffc569075: ret [OK] 0x7f5ffc5686e3: movzx edi, word ptr [rbx+0x80] [OK] 0x7f5ffc5686ea: mov rbp, rax [OK] 0x7f5ffc5686ed: test di, di [OK] 0x7f5ffc5686f0: jnz 0x7f5ffc568760 [OK] 0x7f5ffc5686f2: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc5686f8: mov rdx, qword ptr [rbx+0x38] [OK] 0x7f5ffc5686fc: test eax, eax [OK] 0x7f5ffc5686fe: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc568702: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc568706: mov qword ptr [rbx+0x10], rdx [OK] 0x7f5ffc56870a: mov qword ptr [rbx+0x28], rdx [OK] 0x7f5ffc56870e: mov qword ptr [rbx+0x20], rdx [OK] 0x7f5ffc568788: test dword ptr [rbx], 0x202 [OK] 0x7f5ffc568718: mov qword ptr [rbx+0x30], rdx [OK] 0x7f5ffc56871c: mov rax, rbp [OK] 0x7f5ffc56871f: pop rbx [OK] 0x7f5ffc568720: pop rbp [OK] 0x7f5ffc568721: pop r12 [OK] 0x7f5ffc568723: ret [OK] 0x7f5ffc569656: sub r13, rax [OK] 0x7f5ffc569659: cmp r14, rax [OK] 0x7f5ffc56959e: test r13, r13 [OK] 0x7f5ffc569540: mov rax, rbx [OK] 0x7f5ffc569543: sub rax, r13 [OK] 0x7f5ffc569546: pop rbx [OK] 0x7f5ffc569547: pop rbp [OK] 0x7f5ffc569548: pop r12 [OK] 0x7f5ffc56954a: pop r13 [OK] 0x7f5ffc56954c: pop r14 [OK] 0x7f5ffc56954e: ret [OK] 0x7f5ffc55f45d: cmp rax, 0xffffffffffffffff [OK] 0x7f5ffc55f461: mov rdx, rax [OK] 0x7f5ffc55f464: setz sil [OK] 0x7f5ffc55f468: jmp 0x7f5ffc55f402 [OK] 0x7f5ffc55f402: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55f408: jnz 0x7f5ffc55f420 [OK] 0x7f5ffc55f40a: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f411: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55f490: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f497: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55f49f: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f4a6: cmp dword ptr [rip+0x32d307], 0x0 [OK] 0x7f5ffc55f4b7: dec dword ptr [r8] [OK] 0x7f5ffc55f4d2: jmp 0x7f5ffc55f420 [OK] 0x7f5ffc55f420: cmp rdx, r12 [OK] 0x7f5ffc55f480: add rsp, 0x8 [OK] 0x7f5ffc55f484: mov rax, r13 [OK] 0x7f5ffc55f487: pop rbx [OK] 0x7f5ffc55f488: pop rbp [OK] 0x7f5ffc55f489: pop r12 [OK] 0x7f5ffc55f48b: pop r13 [OK] 0x7f5ffc55f48d: ret [OK] 0x7f5ffdbd2bd5: cmp r14, rax [OK] 0x7f5ffdbd2bd8: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2bdb: jnz 0x7f5ffdbd2b97 [OK] 0x7f5ffdbd2bdd: jmp 0x7f5ffdbd2bac [OK] 0x7f5ffdbd2bac: mov r12, rbx [OK] 0x7f5ffdbd2baf: add r12, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2bb3: jmp 0x7f5ffdbd2a8f [OK] 0x7f5ffdbd2a8f: mov qword ptr [r12+0x10], 0x0 [OK] 0x7f5ffdbd2a98: mov rax, qword ptr [rsp+0x28] [OK] 0x7f5ffdbd2a9d: mov rdx, qword ptr [rax] [OK] 0x7f5ffdbd2aa0: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd2aa4: test byte ptr [rax+0x19], 0x20 [OK] 0x7f5ffdbd2aa8: mov rbp, rax [OK] 0x7f5ffdbd2aab: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2aad: call 0x7f5ffdb97b20 [OK] 0x7f5ffdb97b20: jmp qword ptr [rip+0x293c32] [OK] 0x7f5ffdb9b880: sub rsp, 0x8 [OK] 0x7f5ffdb9b884: call 0x7f5ffdb987d0 [OK] 0x7f5ffdb987d0: jmp qword ptr [rip+0x2935da] [OK] 0x7f5ffdb9b950: lea rdi, ptr [rip+0x28edc1] [OK] 0x7f5ffdb9b957: call 0x7f5ffdb97fa0 [OK] 0x7f5ffdb97fa0: jmp qword ptr [rip+0x2939f2] [OK] 0x7f6013b9ef00: mov rsi, qword ptr fs:[0x8] [OK] 0x7f6013b9ef09: mov rax, qword ptr [rip+0x210050] [OK] 0x7f6013b9ef10: cmp qword ptr [rsi], rax [OK] 0x7f6013b9ef13: jnz 0x7f6013b9ef2b [OK] 0x7f6013b9ef15: mov rax, qword ptr [rdi] [OK] 0x7f6013b9ef18: shl rax, 0x4 [OK] 0x7f6013b9ef1c: mov rax, qword ptr [rsi+rax*1] [OK] 0x7f6013b9ef20: cmp rax, 0xffffffffffffffff [OK] 0x7f6013b9ef24: jz 0x7f6013b9ef30 [OK] 0x7f6013b9ef26: add rax, qword ptr [rdi+0x8] [OK] 0x7f6013b9ef2a: ret [OK] 0x7f5ffdb9b95c: add rax, 0x0 [OK] 0x7f5ffdb9b962: ret [OK] 0x7f5ffdb9b889: mov eax, dword ptr [rax+0x8] [OK] 0x7f5ffdb9b88c: test eax, eax [OK] 0x7f5ffdb9b88e: setnz al [OK] 0x7f5ffdb9b891: add rsp, 0x8 [OK] 0x7f5ffdb9b895: ret [OK] 0x7f5ffdbd2ab2: test al, al [OK] 0x7f5ffdbd2ab4: jnz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ab6: mov rdi, qword ptr [rbp+0xe8] [OK] 0x7f5ffdbd2abd: test rdi, rdi [OK] 0x7f5ffdbd2ac0: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ac2: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2ac5: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd2ac8: cmp eax, 0xffffffff [OK] 0x7f5ffdbd2acb: jz 0x7f5ffdbd2cd0 [OK] 0x7f5ffdbd2ad1: add rsp, 0x38 [OK] 0x7f5ffdbd2ad5: mov rax, rbx [OK] 0x7f5ffdbd2ad8: pop rbx [OK] 0x7f5ffdbd2ad9: pop rbp [OK] 0x7f5ffdbd2ada: pop r12 [OK] 0x7f5ffdbd2adc: pop r13 [OK] 0x7f5ffdbd2ade: pop r14 [OK] 0x7f5ffdbd2ae0: pop r15 [OK] 0x7f5ffdbd2ae2: ret [OK] 0x7f5ffdbd2e97: add rsp, 0x8 [OK] 0x7f5ffdbd2e9b: mov rax, rbp [OK] 0x7f5ffdbd2e9e: pop rbx [OK] 0x7f5ffdbd2e9f: pop rbp [OK] 0x7f5ffdbd2ea0: ret [OK] 0x41f679: lea rsi, ptr [rip+0xb1ba85] [OK] 0x41f680: mov rdi, rbx [OK] 0x41f683: call 0x40b3e0 [OK] 0x40b3e0: jmp qword ptr [rip+0xf6ceba] [OK] 0x7f5ffdbd2e70: push rbp [OK] 0x7f5ffdbd2e71: mov rbp, rdi [OK] 0x7f5ffdbd2e74: push rbx [OK] 0x7f5ffdbd2e75: mov rbx, rsi [OK] 0x7f5ffdbd2e78: sub rsp, 0x8 [OK] 0x7f5ffdbd2e7c: test rsi, rsi [OK] 0x7f5ffdbd2e7f: jz 0x7f5ffdbd2ea8 [OK] 0x7f5ffdbd2e81: mov rdi, rsi [OK] 0x7f5ffdbd2e84: call 0x7f5ffdb97d60 [OK] 0x7f5ffdbd2e89: mov rsi, rbx [OK] 0x7f5ffdbd2e8c: mov rdi, rbp [OK] 0x7f5ffdbd2e8f: mov rdx, rax [OK] 0x7f5ffdbd2e92: call 0x7f5ffdb985b0 [OK] 0x7f5ffdb985b0: jmp qword ptr [rip+0x2936ea] [OK] 0x7f5ffdbd2a10: push r15 [OK] 0x7f5ffdbd2a12: push r14 [OK] 0x7f5ffdbd2a14: mov r14, rdx [OK] 0x7f5ffdbd2a17: push r13 [OK] 0x7f5ffdbd2a19: push r12 [OK] 0x7f5ffdbd2a1b: push rbp [OK] 0x7f5ffdbd2a1c: push rbx [OK] 0x7f5ffdbd2a1d: mov rbx, rdi [OK] 0x7f5ffdbd2a20: sub rsp, 0x38 [OK] 0x7f5ffdbd2a24: lea r15, ptr [rsp+0x20] [OK] 0x7f5ffdbd2a29: mov qword ptr [rsp+0x8], rsi [OK] 0x7f5ffdbd2a2e: mov rsi, rdi [OK] 0x7f5ffdbd2a31: mov rdi, r15 [OK] 0x7f5ffdbd2a34: call 0x7f5ffdb99480 [OK] 0x7f5ffdb99480: jmp qword ptr [rip+0x292f82] [OK] 0x7f5ffdbd2360: push rbp [OK] 0x7f5ffdbd2361: mov rax, rsi [OK] 0x7f5ffdbd2364: mov rbp, rdi [OK] 0x7f5ffdbd2367: push rbx [OK] 0x7f5ffdbd2368: mov rbx, rsi [OK] 0x7f5ffdbd236b: sub rsp, 0x8 [OK] 0x7f5ffdbd236f: mov rdx, qword ptr [rsi] [OK] 0x7f5ffdbd2372: mov byte ptr [rdi], 0x0 [OK] 0x7f5ffdbd2375: mov qword ptr [rbp+0x8], rsi [OK] 0x7f5ffdbd2379: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd237d: mov rdi, qword ptr [rax+0xd8] [OK] 0x7f5ffdbd2384: test rdi, rdi [OK] 0x7f5ffdbd2387: jz 0x7f5ffdbd2398 [OK] 0x7f5ffdbd2389: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd238c: test esi, esi [OK] 0x7f5ffdbd238e: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd2390: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbd2395: mov rdx, qword ptr [rbx] [OK] 0x7f5ffdbd2398: mov rax, rbx [OK] 0x7f5ffdbd239b: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd239f: mov esi, dword ptr [rax+0x20] [OK] 0x7f5ffdbd23a2: test esi, esi [OK] 0x7f5ffdbd23a4: jnz 0x7f5ffdbd23b8 [OK] 0x7f5ffdbd23a6: mov byte ptr [rbp], 0x1 [OK] 0x7f5ffdbd23aa: add rsp, 0x8 [OK] 0x7f5ffdbd23ae: pop rbx [OK] 0x7f5ffdbd23af: pop rbp [OK] 0x7f5ffdbd23b0: ret [OK] 0x7f5ffdbd2a39: cmp byte ptr [rsp+0x20], 0x0 [OK] 0x7f5ffdbd2a3e: jz 0x7f5ffdbd2a98 [OK] 0x7f5ffdbd2a40: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2a43: mov rdx, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2a47: lea r13, ptr [rbx+rdx*1] [OK] 0x7f5ffdbd2a4b: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffdbd2a4f: cmp rax, r14 [OK] 0x7f5ffdbd2a52: mov qword ptr [rsp+0x18], rax [OK] 0x7f5ffdbd2bc0: mov rdi, qword ptr [r13+0xe8] [OK] 0x7f5ffdbd2bc7: mov rdx, r14 [OK] 0x7f5ffdbd2bca: mov rsi, qword ptr [rsp+0x8] [OK] 0x7f5ffdbd2bcf: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2bd2: call qword ptr [rax+0x60] [OK] 0x7f5ffdbd1480: mov rcx, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd1484: mov rax, rsi [OK] 0x7f5ffdbd1487: mov esi, 0x1 [OK] 0x7f5ffdbd148c: mov rdi, rax [OK] 0x7f5ffdbd148f: jmp 0x7f5ffdb99000 [OK] 0x7f5ffdb99000: jmp qword ptr [rip+0x2931c2] [OK] 0x7f5ffc55f360: push r13 [OK] 0x7f5ffc55f362: mov r13, rdx [OK] 0x7f5ffc55f365: push r12 [OK] 0x7f5ffc55f367: mov r12, rsi [OK] 0x7f5ffc55f36a: imul r12, rdx [OK] 0x7f5ffc55f36e: push rbp [OK] 0x7f5ffc55f36f: mov rbp, rsi [OK] 0x7f5ffc55f372: push rbx [OK] 0x7f5ffc55f373: sub rsp, 0x8 [OK] 0x7f5ffc55f377: test r12, r12 [OK] 0x7f5ffc55f37a: jz 0x7f5ffc55f470 [OK] 0x7f5ffc55f380: mov eax, dword ptr [rcx] [OK] 0x7f5ffc55f382: mov r9, rdi [OK] 0x7f5ffc55f385: mov rbx, rcx [OK] 0x7f5ffc55f388: and eax, 0x8000 [OK] 0x7f5ffc55f38d: jnz 0x7f5ffc55f3ef [OK] 0x7f5ffc55f38f: mov r8, qword ptr [rcx+0x88] [OK] 0x7f5ffc55f396: mov rdx, qword ptr fs:[0x10] [OK] 0x7f5ffc55f39f: cmp rdx, qword ptr [r8+0x8] [OK] 0x7f5ffc55f3a3: jz 0x7f5ffc55f3ea [OK] 0x7f5ffc55f3a5: mov esi, 0x1 [OK] 0x7f5ffc55f3aa: cmp dword ptr [rip+0x32d403], 0x0 [OK] 0x7f5ffc55f3bc: cmpxchg dword ptr [r8], esi [OK] 0x7f5ffc55f3d8: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3df: mov qword ptr [rax+0x8], rdx [OK] 0x7f5ffc55f3e3: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f3ea: add dword ptr [r8+0x4], 0x1 [OK] 0x7f5ffc55f3ef: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc55f3f5: test eax, eax [OK] 0x7f5ffc55f3f7: jz 0x7f5ffc55f440 [OK] 0x7f5ffc55f3f9: cmp eax, 0xffffffff [OK] 0x7f5ffc55f44a: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55f451: mov rdx, r12 [OK] 0x7f5ffc55f454: mov rsi, r9 [OK] 0x7f5ffc55f457: mov rdi, rbx [OK] 0x7f5ffc55f45a: call qword ptr [rax+0x38] [OK] 0x7f5ffc5694d0: push r14 [OK] 0x7f5ffc5694d2: xor eax, eax [OK] 0x7f5ffc5694d4: test rdx, rdx [OK] 0x7f5ffc5694d7: push r13 [OK] 0x7f5ffc5694d9: push r12 [OK] 0x7f5ffc5694db: push rbp [OK] 0x7f5ffc5694dc: push rbx [OK] 0x7f5ffc5694dd: mov rbx, rdx [OK] 0x7f5ffc5694e0: jz 0x7f5ffc569546 [OK] 0x7f5ffc5694e2: mov eax, dword ptr [rdi] [OK] 0x7f5ffc5694e4: mov rbp, rdi [OK] 0x7f5ffc5694e7: mov r12, rsi [OK] 0x7f5ffc5694ea: and eax, 0xa00 [OK] 0x7f5ffc5694ef: cmp eax, 0xa00 [OK] 0x7f5ffc5694f4: jz 0x7f5ffc5695c0 [OK] 0x7f5ffc5694fa: mov rdx, qword ptr [rdi+0x30] [OK] 0x7f5ffc5694fe: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffc569502: cmp rdx, rdi [OK] 0x7f5ffc569550: xor r14d, r14d [OK] 0x7f5ffc569553: mov r13, rbx [OK] 0x7f5ffc569556: lea rax, ptr [r14+r13*1] [OK] 0x7f5ffc56955a: test rax, rax [OK] 0x7f5ffc56955d: jz 0x7f5ffc569540 [OK] 0x7f5ffc56955f: mov rax, qword ptr [rbp+0xd8] [OK] 0x7f5ffc569566: mov esi, 0xffffffff [OK] 0x7f5ffc56956b: mov rdi, rbp [OK] 0x7f5ffc56956e: call qword ptr [rax+0x18] [OK] 0x7f5ffc56a150: push r12 [OK] 0x7f5ffc56a152: push rbp [OK] 0x7f5ffc56a153: push rbx [OK] 0x7f5ffc56a154: mov ecx, dword ptr [rdi] [OK] 0x7f5ffc56a156: mov rbx, rdi [OK] 0x7f5ffc56a159: test cl, 0x8 [OK] 0x7f5ffc56a15c: jnz 0x7f5ffc56a2c0 [KO] 0x7f5ffc56a162: test ch, 0x8 (2 error) Register : pd Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (bvxor (_ bv1 1) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv0 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv1 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv2 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv3 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv4 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv5 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv6 8)))) ((_ extract 0 0) (bvlshr ((_ extract 7 0) #17910) (_ bv7 8)))) Register : zf Symbolic Value : 0000000000000001 Concrete Value : 0000000000000000 Expression : (ite (= ((_ extract 7 0) #17910) (_ bv0 8)) (_ bv1 1) (_ bv0 1)) [OK] 0x7f5ffc56a165: mov ebp, esi [OK] 0x7f5ffc56a167: jz 0x7f5ffc56a1b8 [OK] 0x7f5ffc56a169: cmp qword ptr [rdi+0x20], 0x0 [OK] 0x7f5ffc56a16e: jz 0x7f5ffc56a2e0 [OK] 0x7f5ffc56a174: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc56a178: cmp ebp, 0xffffffff [OK] 0x7f5ffc56a290: mov rsi, qword ptr [rbx+0x20] [OK] 0x7f5ffc56a294: mov rdi, rbx [OK] 0x7f5ffc56a297: pop rbx [OK] 0x7f5ffc56a298: pop rbp [OK] 0x7f5ffc56a299: pop r12 [OK] 0x7f5ffc56a29b: sub rdx, rsi [OK] 0x7f5ffc56a29e: jmp 0x7f5ffc569e90 [OK] 0x7f5ffc569e90: xor eax, eax [OK] 0x7f5ffc569e92: test rdx, rdx [OK] 0x7f5ffc569e95: push rbx [OK] 0x7f5ffc569e96: mov rbx, rdx [OK] 0x7f5ffc569e99: jnz 0x7f5ffc569ea0 [OK] 0x7f5ffc569e9b: pop rbx [OK] 0x7f5ffc569e9c: ret [OK] 0x7f5ffc569571: cmp eax, 0xffffffff [OK] 0x7f5ffc569574: jz 0x7f5ffc569610 [OK] 0x7f5ffc56957a: mov rcx, qword ptr [rbp+0x40] [OK] 0x7f5ffc56957e: sub rcx, qword ptr [rbp+0x38] [OK] 0x7f5ffc569582: xor edx, edx [OK] 0x7f5ffc569584: cmp rcx, 0x7f [OK] 0x7f5ffc569592: mov r14, r13 [OK] 0x7f5ffc569595: sub r14, rdx [OK] 0x7f5ffc569648: mov rdx, r14 [OK] 0x7f5ffc56964b: mov rsi, r12 [OK] 0x7f5ffc56964e: mov rdi, rbp [OK] 0x7f5ffc569651: call 0x7f5ffc5686b0 [OK] 0x7f5ffc5686b0: push r12 [OK] 0x7f5ffc5686b2: mov r12, rsi [OK] 0x7f5ffc5686b5: push rbp [OK] 0x7f5ffc5686b6: mov rbp, rdx [OK] 0x7f5ffc5686b9: push rbx [OK] 0x7f5ffc5686ba: test dword ptr [rdi], 0x1000 [OK] 0x7f5ffc5686c0: mov rbx, rdi [OK] 0x7f5ffc568728: mov rax, qword ptr [rdi+0x10] [OK] 0x7f5ffc56872c: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc568730: cmp rax, rsi [OK] 0x7f5ffc5686d0: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc5686d7: mov rdx, rbp [OK] 0x7f5ffc5686da: mov rdi, rbx [OK] 0x7f5ffc5686dd: mov rsi, r12 [OK] 0x7f5ffc5686e0: call qword ptr [rax+0x78] [OK] 0x7f5ffc569000: push r13 [OK] 0x7f5ffc569002: mov r13, rdx [OK] 0x7f5ffc569005: push r12 [OK] 0x7f5ffc569007: mov r12, rdi [OK] 0x7f5ffc56900a: push rbp [OK] 0x7f5ffc56900b: push rbx [OK] 0x7f5ffc56900c: sub rsp, 0x8 [OK] 0x7f5ffc569010: test rdx, rdx [OK] 0x7f5ffc569013: jle 0x7f5ffc569088 [OK] 0x7f5ffc569015: mov rbp, rsi [OK] 0x7f5ffc569018: mov rbx, rdx [OK] 0x7f5ffc56901b: jmp 0x7f5ffc56902b [OK] 0x7f5ffc56902b: test byte ptr [r12+0x74], 0x2 [OK] 0x7f5ffc569031: mov edi, dword ptr [r12+0x70] [OK] 0x7f5ffc569036: mov rdx, rbx [OK] 0x7f5ffc569039: mov rsi, rbp [OK] 0x7f5ffc56903c: jnz 0x7f5ffc56908c [OK] 0x7f5ffc56903e: call 0x7f5ffc5cfe40 [OK] 0x7f5ffc5cfe40: cmp dword ptr [rip+0x2bc96d], 0x0 [OK] 0x7f5ffc5cfe47: jnz 0x7f5ffc5cfe59 [OK] 0x7f5ffc5cfe49: mov eax, 0x1 [OK] 0x7f5ffc5cfe50: cmp rax, 0xfffffffffffff001 [OK] 0x7f5ffc5cfe56: jnb 0x7f5ffc5cfe89 [OK] 0x7f5ffc5cfe58: ret [OK] 0x7f5ffc569043: test rax, rax [OK] 0x7f5ffc569020: sub rbx, rax [OK] 0x7f5ffc569023: add rbp, rax [OK] 0x7f5ffc569026: test rbx, rbx [OK] 0x7f5ffc569080: mov rax, r13 [OK] 0x7f5ffc569083: sub rax, rbx [OK] 0x7f5ffc569086: jmp 0x7f5ffc569053 [OK] 0x7f5ffc569053: mov rdx, qword ptr [r12+0x90] [OK] 0x7f5ffc56905b: test rdx, rdx [OK] 0x7f5ffc56906b: add rsp, 0x8 [OK] 0x7f5ffc56906f: pop rbx [OK] 0x7f5ffc569070: pop rbp [OK] 0x7f5ffc569071: pop r12 [OK] 0x7f5ffc569073: pop r13 [OK] 0x7f5ffc569075: ret [OK] 0x7f5ffc5686e3: movzx edi, word ptr [rbx+0x80] [OK] 0x7f5ffc5686ea: mov rbp, rax [OK] 0x7f5ffc5686ed: test di, di [OK] 0x7f5ffc5686f0: jnz 0x7f5ffc568760 [OK] 0x7f5ffc5686f2: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc5686f8: mov rdx, qword ptr [rbx+0x38] [OK] 0x7f5ffc5686fc: test eax, eax [OK] 0x7f5ffc5686fe: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc568702: mov qword ptr [rbx+0x8], rdx [OK] 0x7f5ffc568706: mov qword ptr [rbx+0x10], rdx [OK] 0x7f5ffc56870a: mov qword ptr [rbx+0x28], rdx [OK] 0x7f5ffc56870e: mov qword ptr [rbx+0x20], rdx [OK] 0x7f5ffc568788: test dword ptr [rbx], 0x202 [OK] 0x7f5ffc568718: mov qword ptr [rbx+0x30], rdx [OK] 0x7f5ffc56871c: mov rax, rbp [OK] 0x7f5ffc56871f: pop rbx [OK] 0x7f5ffc568720: pop rbp [OK] 0x7f5ffc568721: pop r12 [OK] 0x7f5ffc568723: ret [OK] 0x7f5ffc569656: sub r13, rax [OK] 0x7f5ffc569659: cmp r14, rax [OK] 0x7f5ffc56959e: test r13, r13 [OK] 0x7f5ffc569540: mov rax, rbx [OK] 0x7f5ffc569543: sub rax, r13 [OK] 0x7f5ffc569546: pop rbx [OK] 0x7f5ffc569547: pop rbp [OK] 0x7f5ffc569548: pop r12 [OK] 0x7f5ffc56954a: pop r13 [OK] 0x7f5ffc56954c: pop r14 [OK] 0x7f5ffc56954e: ret [OK] 0x7f5ffc55f45d: cmp rax, 0xffffffffffffffff [OK] 0x7f5ffc55f461: mov rdx, rax [OK] 0x7f5ffc55f464: setz sil [OK] 0x7f5ffc55f468: jmp 0x7f5ffc55f402 [OK] 0x7f5ffc55f402: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55f408: jnz 0x7f5ffc55f420 [OK] 0x7f5ffc55f40a: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f411: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55f490: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f497: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55f49f: mov r8, qword ptr [rbx+0x88] [OK] 0x7f5ffc55f4a6: cmp dword ptr [rip+0x32d307], 0x0 [OK] 0x7f5ffc55f4b7: dec dword ptr [r8] [OK] 0x7f5ffc55f4d2: jmp 0x7f5ffc55f420 [OK] 0x7f5ffc55f420: cmp rdx, r12 [OK] 0x7f5ffc55f480: add rsp, 0x8 [OK] 0x7f5ffc55f484: mov rax, r13 [OK] 0x7f5ffc55f487: pop rbx [OK] 0x7f5ffc55f488: pop rbp [OK] 0x7f5ffc55f489: pop r12 [OK] 0x7f5ffc55f48b: pop r13 [OK] 0x7f5ffc55f48d: ret [OK] 0x7f5ffdbd2bd5: cmp r14, rax [OK] 0x7f5ffdbd2bd8: mov rax, qword ptr [rbx] [OK] 0x7f5ffdbd2bdb: jnz 0x7f5ffdbd2b97 [OK] 0x7f5ffdbd2bdd: jmp 0x7f5ffdbd2bac [OK] 0x7f5ffdbd2bac: mov r12, rbx [OK] 0x7f5ffdbd2baf: add r12, qword ptr [rax-0x18] [OK] 0x7f5ffdbd2bb3: jmp 0x7f5ffdbd2a8f [OK] 0x7f5ffdbd2a8f: mov qword ptr [r12+0x10], 0x0 [OK] 0x7f5ffdbd2a98: mov rax, qword ptr [rsp+0x28] [OK] 0x7f5ffdbd2a9d: mov rdx, qword ptr [rax] [OK] 0x7f5ffdbd2aa0: add rax, qword ptr [rdx-0x18] [OK] 0x7f5ffdbd2aa4: test byte ptr [rax+0x19], 0x20 [OK] 0x7f5ffdbd2aa8: mov rbp, rax [OK] 0x7f5ffdbd2aab: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2aad: call 0x7f5ffdb97b20 [OK] 0x7f5ffdb97b20: jmp qword ptr [rip+0x293c32] [OK] 0x7f5ffdb9b880: sub rsp, 0x8 [OK] 0x7f5ffdb9b884: call 0x7f5ffdb987d0 [OK] 0x7f5ffdb987d0: jmp qword ptr [rip+0x2935da] [OK] 0x7f5ffdb9b950: lea rdi, ptr [rip+0x28edc1] [OK] 0x7f5ffdb9b957: call 0x7f5ffdb97fa0 [OK] 0x7f5ffdb97fa0: jmp qword ptr [rip+0x2939f2] [OK] 0x7f6013b9ef00: mov rsi, qword ptr fs:[0x8] [OK] 0x7f6013b9ef09: mov rax, qword ptr [rip+0x210050] [OK] 0x7f6013b9ef10: cmp qword ptr [rsi], rax [OK] 0x7f6013b9ef13: jnz 0x7f6013b9ef2b [OK] 0x7f6013b9ef15: mov rax, qword ptr [rdi] [OK] 0x7f6013b9ef18: shl rax, 0x4 [OK] 0x7f6013b9ef1c: mov rax, qword ptr [rsi+rax*1] [OK] 0x7f6013b9ef20: cmp rax, 0xffffffffffffffff [OK] 0x7f6013b9ef24: jz 0x7f6013b9ef30 [OK] 0x7f6013b9ef26: add rax, qword ptr [rdi+0x8] [OK] 0x7f6013b9ef2a: ret [OK] 0x7f5ffdb9b95c: add rax, 0x0 [OK] 0x7f5ffdb9b962: ret [OK] 0x7f5ffdb9b889: mov eax, dword ptr [rax+0x8] [OK] 0x7f5ffdb9b88c: test eax, eax [OK] 0x7f5ffdb9b88e: setnz al [OK] 0x7f5ffdb9b891: add rsp, 0x8 [OK] 0x7f5ffdb9b895: ret [OK] 0x7f5ffdbd2ab2: test al, al [OK] 0x7f5ffdbd2ab4: jnz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ab6: mov rdi, qword ptr [rbp+0xe8] [OK] 0x7f5ffdbd2abd: test rdi, rdi [OK] 0x7f5ffdbd2ac0: jz 0x7f5ffdbd2ad1 [OK] 0x7f5ffdbd2ac2: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd2ac5: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd2ac8: cmp eax, 0xffffffff [OK] 0x7f5ffdbd2acb: jz 0x7f5ffdbd2cd0 [OK] 0x7f5ffdbd2ad1: add rsp, 0x38 [OK] 0x7f5ffdbd2ad5: mov rax, rbx [OK] 0x7f5ffdbd2ad8: pop rbx [OK] 0x7f5ffdbd2ad9: pop rbp [OK] 0x7f5ffdbd2ada: pop r12 [OK] 0x7f5ffdbd2adc: pop r13 [OK] 0x7f5ffdbd2ade: pop r14 [OK] 0x7f5ffdbd2ae0: pop r15 [OK] 0x7f5ffdbd2ae2: ret [OK] 0x7f5ffdbd2e97: add rsp, 0x8 [OK] 0x7f5ffdbd2e9b: mov rax, rbp [OK] 0x7f5ffdbd2e9e: pop rbx [OK] 0x7f5ffdbd2e9f: pop rbp [OK] 0x7f5ffdbd2ea0: ret [OK] 0x41f688: mov edi, 0x6d [OK] 0x41f68d: call 0x40b5a0 [OK] 0x40b5a0: jmp qword ptr [rip+0xf6cdda] [OK] 0x40b5a6: push 0x6d [OK] 0x40b5ab: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffc52c780: lea rsi, ptr [rip+0x35ae41] [OK] 0x7f5ffc52c787: sub rsp, 0x8 [OK] 0x7f5ffc52c78b: mov edx, 0x1 [OK] 0x7f5ffc52c790: call 0x7f5ffc52c670 [OK] 0x7f5ffc52c670: push r13 [OK] 0x7f5ffc52c672: push r12 [OK] 0x7f5ffc52c674: mov r12d, edx [OK] 0x7f5ffc52c677: push rbp [OK] 0x7f5ffc52c678: mov rbp, rsi [OK] 0x7f5ffc52c67b: push rbx [OK] 0x7f5ffc52c67c: mov ebx, edi [OK] 0x7f5ffc52c67e: sub rsp, 0x8 [OK] 0x7f5ffc52c682: call 0x7f5ffc52cc90 [OK] 0x7f5ffc52cc90: push r12 [OK] 0x7f5ffc52cc92: push rbp [OK] 0x7f5ffc52cc93: push rbx [OK] 0x7f5ffc52cc94: lea rdi, ptr [rip+0x35a0f5] [OK] 0x7f5ffc52cc9b: call 0x7f5ffc5143e0 [OK] 0x7f5ffc5143e0: jmp qword ptr [rip+0x372c52] [OK] 0x7f6013b9ef00: mov rsi, qword ptr fs:[0x8] [OK] 0x7f6013b9ef09: mov rax, qword ptr [rip+0x210050] [OK] 0x7f6013b9ef10: cmp qword ptr [rsi], rax [OK] 0x7f6013b9ef13: jnz 0x7f6013b9ef2b [OK] 0x7f6013b9ef15: mov rax, qword ptr [rdi] [OK] 0x7f6013b9ef18: shl rax, 0x4 [OK] 0x7f6013b9ef1c: mov rax, qword ptr [rsi+rax*1] [OK] 0x7f6013b9ef20: cmp rax, 0xffffffffffffffff [OK] 0x7f6013b9ef24: jz 0x7f6013b9ef30 [OK] 0x7f6013b9ef26: add rax, qword ptr [rdi+0x8] [OK] 0x7f6013b9ef2a: ret [OK] 0x7f5ffc52cca0: mov rbx, qword ptr [rax+0x40] [OK] 0x7f5ffc52cca7: test rbx, rbx [OK] 0x7f5ffc52cd48: pop rbx [OK] 0x7f5ffc52cd49: pop rbp [OK] 0x7f5ffc52cd4a: pop r12 [OK] 0x7f5ffc52cd4c: ret [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f9 Concrete Value : 00000000000001fa Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv250 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f8 Concrete Value : 00000000000001f9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv249 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f7 Concrete Value : 00000000000001f8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv248 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f6 Concrete Value : 00000000000001f7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv247 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f5 Concrete Value : 00000000000001f6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv246 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f4 Concrete Value : 00000000000001f5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv245 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f3 Concrete Value : 00000000000001f4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv244 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f2 Concrete Value : 00000000000001f3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv243 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f1 Concrete Value : 00000000000001f2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv242 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001f0 Concrete Value : 00000000000001f1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv241 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ef Concrete Value : 00000000000001f0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv240 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf21af0: push r12 [OK] 0xf21af2: lea rax, ptr [rip+0x458c27] [OK] 0xf21af9: push rbp [OK] 0xf21afa: push rbx [OK] 0xf21afb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0xf21b00: mov rbx, rdi [OK] 0xf21b03: mov rbp, qword ptr [rax] [OK] 0xf21b3d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0xf21b79: pop rbx [OK] 0xf21b7a: pop rbp [OK] 0xf21b7b: pop r12 [OK] 0xf21b7d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf21af0: push r12 [OK] 0xf21af2: lea rax, ptr [rip+0x458c27] [OK] 0xf21af9: push rbp [OK] 0xf21afa: push rbx [OK] 0xf21afb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0xf21b00: mov rbx, rdi [OK] 0xf21b03: mov rbp, qword ptr [rax] [OK] 0xf21b3d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0xf21b79: pop rbx [OK] 0xf21b7a: pop rbp [OK] 0xf21b7b: pop r12 [OK] 0xf21b7d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf21af0: push r12 [OK] 0xf21af2: lea rax, ptr [rip+0x458c27] [OK] 0xf21af9: push rbp [OK] 0xf21afa: push rbx [OK] 0xf21afb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0xf21b00: mov rbx, rdi [OK] 0xf21b03: mov rbp, qword ptr [rax] [OK] 0xf21b3d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0xf21b79: pop rbx [OK] 0xf21b7a: pop rbp [OK] 0xf21b7b: pop r12 [OK] 0xf21b7d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ee Concrete Value : 00000000000001ef Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv239 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf21480: jmp 0x40b2c0 [OK] 0x40b2c0: jmp qword ptr [rip+0xf6cf4a] [OK] 0x40b2c6: push 0x3f [OK] 0x40b2cb: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f6013b96097: test rax, rax [OK] 0x7f6013b9609a: mov r11d, dword ptr [rsp+0x8c] [OK] 0x7f6013b960a2: jnz 0x7f6013b96793 [OK] 0x7f6013b960a8: mov r10, qword ptr [rsp+0x80] [OK] 0x7f6013b960b0: mov edx, dword ptr [r10] [OK] 0x7f6013b960b3: jmp 0x7f6013b96000 [OK] 0x7f5ffd6371f0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ed Concrete Value : 00000000000001ee Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv238 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf212b0: mov rdi, qword ptr [rdi] [OK] 0xf212b3: test rdi, rdi [OK] 0xf212b6: jz 0xf212c8 [OK] 0xf212b8: sub rdi, 0x8 [OK] 0xf212bc: jmp 0xefc5a0 [OK] 0xefc5a0: push rbp [OK] 0xefc5a1: mov rbp, rdi [OK] 0xefc5a4: push rbx [OK] 0xefc5a5: sub rsp, 0x8 [OK] 0xefc5a9: mov rax, qword ptr fs:[0x0] [OK] 0xefc5b2: lea rax, ptr [rax-0x10] [OK] 0xefc5b9: lea rdi, ptr [rbp-0x8] [OK] 0xefc5bd: mov rbx, rax [OK] 0xefc5c0: mov rax, qword ptr [rax] [OK] 0xefc5c3: sub rax, qword ptr [rbp-0x8] [OK] 0xefc5c7: mov qword ptr [rbx], rax [OK] 0xefc5ca: call 0x40b580 [OK] 0x40b580: jmp qword ptr [rip+0xf6cdea] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56da54: cmp rbx, qword ptr [rdx+0x10] [OK] 0x7f5ffc56da58: jnz 0x7f5ffc56e2ed [OK] 0x7f5ffc56da5e: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56da62: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56da66: cmp qword ptr [rbx+0x8], 0x3ff [OK] 0xefc5cf: cmp qword ptr [rbx], 0xfffffffffffe7960 [OK] 0xefc5d6: jl 0xefc5e0 [OK] 0xefc5d8: add rsp, 0x8 [OK] 0xefc5dc: pop rbx [OK] 0xefc5dd: pop rbp [OK] 0xefc5de: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ec Concrete Value : 00000000000001ed Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv237 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001eb Concrete Value : 00000000000001ec Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv236 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ea Concrete Value : 00000000000001eb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv235 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x87df60: push rbp [OK] 0x87df61: push rbx [OK] 0x87df62: mov rbx, rdi [OK] 0x87df65: lea rdi, ptr [rdi+0x20] [OK] 0x87df69: sub rsp, 0x8 [OK] 0x87df6d: call 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x87df72: add rsp, 0x8 [OK] 0x87df76: mov rdi, rbx [OK] 0x87df79: pop rbx [OK] 0x87df7a: pop rbp [OK] 0x87df7b: jmp 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x87df60: push rbp [OK] 0x87df61: push rbx [OK] 0x87df62: mov rbx, rdi [OK] 0x87df65: lea rdi, ptr [rdi+0x20] [OK] 0x87df69: sub rsp, 0x8 [OK] 0x87df6d: call 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x87df72: add rsp, 0x8 [OK] 0x87df76: mov rdi, rbx [OK] 0x87df79: pop rbx [OK] 0x87df7a: pop rbp [OK] 0x87df7b: jmp 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x87df60: push rbp [OK] 0x87df61: push rbx [OK] 0x87df62: mov rbx, rdi [OK] 0x87df65: lea rdi, ptr [rdi+0x20] [OK] 0x87df69: sub rsp, 0x8 [OK] 0x87df6d: call 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x87df72: add rsp, 0x8 [OK] 0x87df76: mov rdi, rbx [OK] 0x87df79: pop rbx [OK] 0x87df7a: pop rbp [OK] 0x87df7b: jmp 0x4524c0 [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e9 Concrete Value : 00000000000001ea Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv234 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e8 Concrete Value : 00000000000001e9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv233 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e7 Concrete Value : 00000000000001e8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv232 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e6 Concrete Value : 00000000000001e7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv231 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e5 Concrete Value : 00000000000001e6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv230 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e4 Concrete Value : 00000000000001e5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv229 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e3 Concrete Value : 00000000000001e4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv228 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e2 Concrete Value : 00000000000001e3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv227 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e1 Concrete Value : 00000000000001e2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv226 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001e0 Concrete Value : 00000000000001e1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv225 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001df Concrete Value : 00000000000001e0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv224 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001de Concrete Value : 00000000000001df Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv223 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xf01650: push r14 [OK] 0xf01652: mov r14, rdi [OK] 0xf01655: push r13 [OK] 0xf01657: push r12 [OK] 0xf01659: push rbp [OK] 0xf0165a: push rbx [OK] 0xf0165b: mov rbx, qword ptr [rdi] [OK] 0xf0165e: test rbx, rbx [OK] 0xf01720: pop rbx [OK] 0xf01721: pop rbp [OK] 0xf01722: pop r12 [OK] 0xf01724: pop r13 [OK] 0xf01726: pop r14 [OK] 0xf01728: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x4524c0: push r12 [OK] 0x4524c2: lea rax, ptr [rip+0xf28257] [OK] 0x4524c9: push rbp [OK] 0x4524ca: push rbx [OK] 0x4524cb: cmp qword ptr [rdi+0x8], 0x0 [OK] 0x4524d0: mov rbx, rdi [OK] 0x4524d3: mov rbp, qword ptr [rax] [OK] 0x45250d: cmp qword ptr [rbx+0x18], 0x0 [OK] 0x452549: pop rbx [OK] 0x45254a: pop rbp [OK] 0x45254b: pop r12 [OK] 0x45254d: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001dd Concrete Value : 00000000000001de Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv222 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001dc Concrete Value : 00000000000001dd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv221 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001db Concrete Value : 00000000000001dc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv220 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001da Concrete Value : 00000000000001db Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv219 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d9 Concrete Value : 00000000000001da Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv218 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d8 Concrete Value : 00000000000001d9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv217 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d7 Concrete Value : 00000000000001d8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv216 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d6 Concrete Value : 00000000000001d7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv215 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d5 Concrete Value : 00000000000001d6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv214 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xecb090: push r15 [OK] 0xecb092: push r14 [OK] 0xecb094: push r13 [OK] 0xecb096: push r12 [OK] 0xecb098: push rbp [OK] 0xecb099: push rbx [OK] 0xecb09a: sub rsp, 0x8 [OK] 0xecb09e: mov rbp, qword ptr [rdi] [OK] 0xecb0a1: test rbp, rbp [OK] 0xecb0ac: add rsp, 0x8 [OK] 0xecb0b0: pop rbx [OK] 0xecb0b1: pop rbp [OK] 0xecb0b2: pop r12 [OK] 0xecb0b4: pop r13 [OK] 0xecb0b6: pop r14 [OK] 0xecb0b8: pop r15 [OK] 0xecb0ba: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d4 Concrete Value : 00000000000001d5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv213 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d3 Concrete Value : 00000000000001d4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv212 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d2 Concrete Value : 00000000000001d3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv211 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d1 Concrete Value : 00000000000001d2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv210 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001d0 Concrete Value : 00000000000001d1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv209 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001cf Concrete Value : 00000000000001d0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv208 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ce Concrete Value : 00000000000001cf Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv207 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001cd Concrete Value : 00000000000001ce Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv206 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001cc Concrete Value : 00000000000001cd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv205 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001cb Concrete Value : 00000000000001cc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv204 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ca Concrete Value : 00000000000001cb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv203 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c9 Concrete Value : 00000000000001ca Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv202 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c8 Concrete Value : 00000000000001c9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv201 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c7 Concrete Value : 00000000000001c8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv200 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c6 Concrete Value : 00000000000001c7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv199 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c5 Concrete Value : 00000000000001c6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv198 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c4 Concrete Value : 00000000000001c5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv197 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c3 Concrete Value : 00000000000001c4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv196 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c2 Concrete Value : 00000000000001c3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv195 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c1 Concrete Value : 00000000000001c2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv194 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001c0 Concrete Value : 00000000000001c1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv193 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001bf Concrete Value : 00000000000001c0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv192 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001be Concrete Value : 00000000000001bf Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv191 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001bd Concrete Value : 00000000000001be Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv190 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001bc Concrete Value : 00000000000001bd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv189 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001bb Concrete Value : 00000000000001bc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv188 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ba Concrete Value : 00000000000001bb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv187 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b9 Concrete Value : 00000000000001ba Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv186 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b8 Concrete Value : 00000000000001b9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv185 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b7 Concrete Value : 00000000000001b8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv184 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b6 Concrete Value : 00000000000001b7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv183 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b5 Concrete Value : 00000000000001b6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv182 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b4 Concrete Value : 00000000000001b5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv181 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b3 Concrete Value : 00000000000001b4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv180 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b2 Concrete Value : 00000000000001b3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv179 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b1 Concrete Value : 00000000000001b2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv178 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001b0 Concrete Value : 00000000000001b1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv177 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001af Concrete Value : 00000000000001b0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv176 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ae Concrete Value : 00000000000001af Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv175 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ad Concrete Value : 00000000000001ae Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv174 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ac Concrete Value : 00000000000001ad Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv173 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001ab Concrete Value : 00000000000001ac Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv172 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001aa Concrete Value : 00000000000001ab Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv171 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a9 Concrete Value : 00000000000001aa Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv170 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a8 Concrete Value : 00000000000001a9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv169 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a7 Concrete Value : 00000000000001a8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv168 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a6 Concrete Value : 00000000000001a7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv167 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a5 Concrete Value : 00000000000001a6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv166 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a4 Concrete Value : 00000000000001a5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv165 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a3 Concrete Value : 00000000000001a4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv164 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a2 Concrete Value : 00000000000001a3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv163 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a1 Concrete Value : 00000000000001a2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv162 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000001a0 Concrete Value : 00000000000001a1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv161 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019f Concrete Value : 00000000000001a0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv160 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019e Concrete Value : 000000000000019f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv159 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019d Concrete Value : 000000000000019e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv158 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019c Concrete Value : 000000000000019d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv157 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019b Concrete Value : 000000000000019c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv156 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000019a Concrete Value : 000000000000019b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv155 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000199 Concrete Value : 000000000000019a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv154 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000198 Concrete Value : 0000000000000199 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv153 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000197 Concrete Value : 0000000000000198 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv152 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000196 Concrete Value : 0000000000000197 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv151 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000195 Concrete Value : 0000000000000196 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv150 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000194 Concrete Value : 0000000000000195 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv149 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000193 Concrete Value : 0000000000000194 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv148 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000192 Concrete Value : 0000000000000193 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv147 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000191 Concrete Value : 0000000000000192 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv146 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000190 Concrete Value : 0000000000000191 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv145 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018f Concrete Value : 0000000000000190 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv144 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018e Concrete Value : 000000000000018f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv143 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018d Concrete Value : 000000000000018e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv142 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018c Concrete Value : 000000000000018d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv141 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018b Concrete Value : 000000000000018c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv140 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000018a Concrete Value : 000000000000018b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv139 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000189 Concrete Value : 000000000000018a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv138 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000188 Concrete Value : 0000000000000189 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv137 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000187 Concrete Value : 0000000000000188 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv136 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000186 Concrete Value : 0000000000000187 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv135 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000185 Concrete Value : 0000000000000186 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv134 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000184 Concrete Value : 0000000000000185 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv133 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000183 Concrete Value : 0000000000000184 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv132 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000182 Concrete Value : 0000000000000183 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv131 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000181 Concrete Value : 0000000000000182 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv130 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000180 Concrete Value : 0000000000000181 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv129 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017f Concrete Value : 0000000000000180 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv128 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017e Concrete Value : 000000000000017f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv127 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017d Concrete Value : 000000000000017e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv126 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017c Concrete Value : 000000000000017d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv125 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017b Concrete Value : 000000000000017c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv124 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000017a Concrete Value : 000000000000017b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv123 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000179 Concrete Value : 000000000000017a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv122 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000178 Concrete Value : 0000000000000179 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv121 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000177 Concrete Value : 0000000000000178 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv120 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000176 Concrete Value : 0000000000000177 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv119 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000175 Concrete Value : 0000000000000176 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv118 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000174 Concrete Value : 0000000000000175 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv117 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000173 Concrete Value : 0000000000000174 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv116 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000172 Concrete Value : 0000000000000173 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv115 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000171 Concrete Value : 0000000000000172 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv114 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000170 Concrete Value : 0000000000000171 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv113 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016f Concrete Value : 0000000000000170 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv112 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016e Concrete Value : 000000000000016f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv111 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016d Concrete Value : 000000000000016e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv110 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016c Concrete Value : 000000000000016d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv109 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016b Concrete Value : 000000000000016c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv108 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000016a Concrete Value : 000000000000016b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv107 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000169 Concrete Value : 000000000000016a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv106 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000168 Concrete Value : 0000000000000169 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv105 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000167 Concrete Value : 0000000000000168 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv104 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000166 Concrete Value : 0000000000000167 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv103 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000165 Concrete Value : 0000000000000166 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv102 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000164 Concrete Value : 0000000000000165 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv101 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000163 Concrete Value : 0000000000000164 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv100 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000162 Concrete Value : 0000000000000163 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv99 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000161 Concrete Value : 0000000000000162 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv98 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000160 Concrete Value : 0000000000000161 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv97 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015f Concrete Value : 0000000000000160 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv96 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015e Concrete Value : 000000000000015f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv95 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015d Concrete Value : 000000000000015e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv94 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015c Concrete Value : 000000000000015d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv93 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015b Concrete Value : 000000000000015c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv92 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000015a Concrete Value : 000000000000015b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv91 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000159 Concrete Value : 000000000000015a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv90 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000158 Concrete Value : 0000000000000159 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv89 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000157 Concrete Value : 0000000000000158 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv88 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000156 Concrete Value : 0000000000000157 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv87 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000155 Concrete Value : 0000000000000156 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv86 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000154 Concrete Value : 0000000000000155 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv85 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000153 Concrete Value : 0000000000000154 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv84 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000152 Concrete Value : 0000000000000153 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv83 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000151 Concrete Value : 0000000000000152 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv82 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000150 Concrete Value : 0000000000000151 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv81 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014f Concrete Value : 0000000000000150 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv80 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014e Concrete Value : 000000000000014f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv79 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014d Concrete Value : 000000000000014e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv78 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014c Concrete Value : 000000000000014d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv77 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014b Concrete Value : 000000000000014c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv76 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000014a Concrete Value : 000000000000014b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv75 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000149 Concrete Value : 000000000000014a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv74 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000148 Concrete Value : 0000000000000149 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv73 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000147 Concrete Value : 0000000000000148 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv72 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000146 Concrete Value : 0000000000000147 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv71 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000145 Concrete Value : 0000000000000146 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv70 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000144 Concrete Value : 0000000000000145 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv69 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000143 Concrete Value : 0000000000000144 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv68 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000142 Concrete Value : 0000000000000143 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv67 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000141 Concrete Value : 0000000000000142 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv66 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000140 Concrete Value : 0000000000000141 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv65 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013f Concrete Value : 0000000000000140 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv64 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013e Concrete Value : 000000000000013f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv63 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013d Concrete Value : 000000000000013e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv62 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013c Concrete Value : 000000000000013d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv61 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013b Concrete Value : 000000000000013c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv60 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000013a Concrete Value : 000000000000013b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv59 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000139 Concrete Value : 000000000000013a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv58 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000138 Concrete Value : 0000000000000139 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv57 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000137 Concrete Value : 0000000000000138 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv56 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000136 Concrete Value : 0000000000000137 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv55 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000135 Concrete Value : 0000000000000136 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv54 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000134 Concrete Value : 0000000000000135 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv53 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000133 Concrete Value : 0000000000000134 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv52 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000132 Concrete Value : 0000000000000133 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv51 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000131 Concrete Value : 0000000000000132 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv50 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000130 Concrete Value : 0000000000000131 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv49 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012f Concrete Value : 0000000000000130 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv48 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012e Concrete Value : 000000000000012f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv47 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012d Concrete Value : 000000000000012e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv46 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012c Concrete Value : 000000000000012d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv45 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012b Concrete Value : 000000000000012c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv44 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000012a Concrete Value : 000000000000012b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv43 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000129 Concrete Value : 000000000000012a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv42 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000128 Concrete Value : 0000000000000129 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv41 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000127 Concrete Value : 0000000000000128 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv40 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000126 Concrete Value : 0000000000000127 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv39 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000125 Concrete Value : 0000000000000126 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv38 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000124 Concrete Value : 0000000000000125 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv37 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000123 Concrete Value : 0000000000000124 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv36 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000122 Concrete Value : 0000000000000123 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv35 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000121 Concrete Value : 0000000000000122 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv34 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000120 Concrete Value : 0000000000000121 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv33 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011f Concrete Value : 0000000000000120 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv32 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011e Concrete Value : 000000000000011f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv31 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011d Concrete Value : 000000000000011e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv30 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011c Concrete Value : 000000000000011d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv29 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011b Concrete Value : 000000000000011c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv28 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000011a Concrete Value : 000000000000011b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv27 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000119 Concrete Value : 000000000000011a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv26 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000118 Concrete Value : 0000000000000119 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv25 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000117 Concrete Value : 0000000000000118 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv24 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000116 Concrete Value : 0000000000000117 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv23 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0xa7fa40: push rbp [OK] 0xa7fa41: push rbx [OK] 0xa7fa42: mov rbx, rdi [OK] 0xa7fa45: lea rdi, ptr [rdi+0x18] [OK] 0xa7fa49: sub rsp, 0x18 [OK] 0xa7fa4d: mov rsi, qword ptr [rdi+0x10] [OK] 0xa7fa51: call 0xa7ee40 [OK] 0xa7ee40: push r15 [OK] 0xa7ee42: push r14 [OK] 0xa7ee44: push r13 [OK] 0xa7ee46: push r12 [OK] 0xa7ee48: push rbp [OK] 0xa7ee49: push rbx [OK] 0xa7ee4a: sub rsp, 0x58 [OK] 0xa7ee4e: test rsi, rsi [OK] 0xa7ee51: mov qword ptr [rsp+0x18], rdi [OK] 0xa7ee56: mov qword ptr [rsp+0x30], rsi [OK] 0xa7f8e3: add rsp, 0x58 [OK] 0xa7f8e7: pop rbx [OK] 0xa7f8e8: pop rbp [OK] 0xa7f8e9: pop r12 [OK] 0xa7f8eb: pop r13 [OK] 0xa7f8ed: pop r14 [OK] 0xa7f8ef: pop r15 [OK] 0xa7f8f1: ret [OK] 0xa7fa56: mov rax, qword ptr [rbx] [OK] 0xa7fa59: lea rdi, ptr [rax-0x18] [OK] 0xa7fa5d: cmp rdi, qword ptr [rip+0x8f84b4] [OK] 0xa7fa6d: cmp qword ptr [rip+0x8f8543], 0x0 [OK] 0xa7fa75: lea rdx, ptr [rdi+0x10] [OK] 0xa7fa79: jz 0xa7faae [OK] 0xa7fa7b: or eax, 0xffffffff [KO] 0xa7fa7e: lock xadd dword ptr [rdx], eax (1 error) Register : rax Symbolic Value : 00000000ffffffff Concrete Value : 0000000000000000 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0xa7fa82: test eax, eax [OK] 0xa7fa84: jnle 0xa7fa66 [OK] 0xa7fa86: lea rsi, ptr [rsp+0xf] [OK] 0xa7fa8b: call 0x40b2f0 [OK] 0x40b2f0: jmp qword ptr [rip+0xf6cf32] [OK] 0x40b2f6: push 0x42 [OK] 0x40b2fb: jmp 0x40aec0 [OK] 0x40aec0: push qword ptr [rip+0xf6d142] [OK] 0x40aec6: jmp qword ptr [rip+0xf6d144] [OK] 0x7f5ffdbf82c0: jmp 0x7f5ffdb97750 [OK] 0x7f5ffdb97750: jmp qword ptr [rip+0x293e1a] [OK] 0x7f5ffdb97756: push 0xab [OK] 0x7f5ffdb9775b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdb9b0c0: test rdi, rdi [OK] 0x7f5ffdb9b0c3: jz 0x7f5ffdb9b0d0 [OK] 0x7f5ffdb9b0c5: jmp 0x7f5ffdb97d20 [OK] 0x7f5ffdb97d20: jmp qword ptr [rip+0x293b32] [OK] 0x7f5ffdb97d26: push 0x108 [OK] 0x7f5ffdb97d2b: jmp 0x7f5ffdb96c90 [OK] 0xa7fa90: jmp 0xa7fa66 [OK] 0xa7fa66: add rsp, 0x18 [OK] 0xa7fa6a: pop rbx [OK] 0xa7fa6b: pop rbp [OK] 0xa7fa6c: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000115 Concrete Value : 0000000000000116 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv22 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000114 Concrete Value : 0000000000000115 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv21 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000113 Concrete Value : 0000000000000114 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv20 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000112 Concrete Value : 0000000000000113 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv19 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000111 Concrete Value : 0000000000000112 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv18 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000110 Concrete Value : 0000000000000111 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv17 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010f Concrete Value : 0000000000000110 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv16 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010e Concrete Value : 000000000000010f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv15 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010d Concrete Value : 000000000000010e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv14 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010c Concrete Value : 000000000000010d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv13 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010b Concrete Value : 000000000000010c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv12 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000010a Concrete Value : 000000000000010b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv11 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000109 Concrete Value : 000000000000010a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv10 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000108 Concrete Value : 0000000000000109 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv9 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000107 Concrete Value : 0000000000000108 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv8 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000106 Concrete Value : 0000000000000107 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv7 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000105 Concrete Value : 0000000000000106 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv6 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000104 Concrete Value : 0000000000000105 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv5 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000103 Concrete Value : 0000000000000104 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv4 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000102 Concrete Value : 0000000000000103 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv3 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000101 Concrete Value : 0000000000000102 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv2 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000100 Concrete Value : 0000000000000101 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv1 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ff Concrete Value : 0000000000000100 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv1 8)) ((_ extract 7 0) (_ bv0 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000fe Concrete Value : 00000000000000ff Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv255 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000fd Concrete Value : 00000000000000fe Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv254 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000fc Concrete Value : 00000000000000fd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv253 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000fb Concrete Value : 00000000000000fc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv252 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000fa Concrete Value : 00000000000000fb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv251 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f9 Concrete Value : 00000000000000fa Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv250 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f8 Concrete Value : 00000000000000f9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv249 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f7 Concrete Value : 00000000000000f8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv248 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f6 Concrete Value : 00000000000000f7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv247 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f5 Concrete Value : 00000000000000f6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv246 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f4 Concrete Value : 00000000000000f5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv245 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f3 Concrete Value : 00000000000000f4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv244 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f2 Concrete Value : 00000000000000f3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv243 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f1 Concrete Value : 00000000000000f2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv242 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000f0 Concrete Value : 00000000000000f1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv241 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ef Concrete Value : 00000000000000f0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv240 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ee Concrete Value : 00000000000000ef Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv239 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ed Concrete Value : 00000000000000ee Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv238 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ec Concrete Value : 00000000000000ed Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv237 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000eb Concrete Value : 00000000000000ec Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv236 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ea Concrete Value : 00000000000000eb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv235 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e9 Concrete Value : 00000000000000ea Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv234 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e8 Concrete Value : 00000000000000e9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv233 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e7 Concrete Value : 00000000000000e8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv232 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e6 Concrete Value : 00000000000000e7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv231 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e5 Concrete Value : 00000000000000e6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv230 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e4 Concrete Value : 00000000000000e5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv229 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e3 Concrete Value : 00000000000000e4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv228 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e2 Concrete Value : 00000000000000e3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv227 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e1 Concrete Value : 00000000000000e2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv226 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000e0 Concrete Value : 00000000000000e1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv225 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000df Concrete Value : 00000000000000e0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv224 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000de Concrete Value : 00000000000000df Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv223 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000dd Concrete Value : 00000000000000de Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv222 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000dc Concrete Value : 00000000000000dd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv221 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000db Concrete Value : 00000000000000dc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv220 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000da Concrete Value : 00000000000000db Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv219 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d9 Concrete Value : 00000000000000da Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv218 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d8 Concrete Value : 00000000000000d9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv217 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d7 Concrete Value : 00000000000000d8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv216 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d6 Concrete Value : 00000000000000d7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv215 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d5 Concrete Value : 00000000000000d6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv214 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d4 Concrete Value : 00000000000000d5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv213 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d3 Concrete Value : 00000000000000d4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv212 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d2 Concrete Value : 00000000000000d3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv211 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d1 Concrete Value : 00000000000000d2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv210 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000d0 Concrete Value : 00000000000000d1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv209 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000cf Concrete Value : 00000000000000d0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv208 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ce Concrete Value : 00000000000000cf Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv207 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000cd Concrete Value : 00000000000000ce Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv206 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000cc Concrete Value : 00000000000000cd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv205 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000cb Concrete Value : 00000000000000cc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv204 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ca Concrete Value : 00000000000000cb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv203 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c9 Concrete Value : 00000000000000ca Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv202 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c8 Concrete Value : 00000000000000c9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv201 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c7 Concrete Value : 00000000000000c8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv200 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c6 Concrete Value : 00000000000000c7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv199 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c5 Concrete Value : 00000000000000c6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv198 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c4 Concrete Value : 00000000000000c5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv197 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c3 Concrete Value : 00000000000000c4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv196 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c2 Concrete Value : 00000000000000c3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv195 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c1 Concrete Value : 00000000000000c2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv194 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000c0 Concrete Value : 00000000000000c1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv193 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000bf Concrete Value : 00000000000000c0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv192 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000be Concrete Value : 00000000000000bf Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv191 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000bd Concrete Value : 00000000000000be Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv190 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000bc Concrete Value : 00000000000000bd Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv189 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000bb Concrete Value : 00000000000000bc Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv188 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ba Concrete Value : 00000000000000bb Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv187 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b9 Concrete Value : 00000000000000ba Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv186 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b8 Concrete Value : 00000000000000b9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv185 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b7 Concrete Value : 00000000000000b8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv184 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b6 Concrete Value : 00000000000000b7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv183 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b5 Concrete Value : 00000000000000b6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv182 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b4 Concrete Value : 00000000000000b5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv181 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b3 Concrete Value : 00000000000000b4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv180 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b2 Concrete Value : 00000000000000b3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv179 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b1 Concrete Value : 00000000000000b2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv178 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000b0 Concrete Value : 00000000000000b1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv177 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000af Concrete Value : 00000000000000b0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv176 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ae Concrete Value : 00000000000000af Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv175 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ad Concrete Value : 00000000000000ae Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv174 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ac Concrete Value : 00000000000000ad Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv173 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000ab Concrete Value : 00000000000000ac Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv172 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000aa Concrete Value : 00000000000000ab Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv171 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a9 Concrete Value : 00000000000000aa Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv170 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a8 Concrete Value : 00000000000000a9 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv169 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a7 Concrete Value : 00000000000000a8 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv168 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a6 Concrete Value : 00000000000000a7 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv167 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a5 Concrete Value : 00000000000000a6 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv166 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a4 Concrete Value : 00000000000000a5 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv165 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a3 Concrete Value : 00000000000000a4 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv164 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x417cd0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x417cd0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a2 Concrete Value : 00000000000000a3 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv163 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a1 Concrete Value : 00000000000000a2 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv162 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 00000000000000a0 Concrete Value : 00000000000000a1 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv161 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009f Concrete Value : 00000000000000a0 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv160 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009e Concrete Value : 000000000000009f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv159 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009d Concrete Value : 000000000000009e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv158 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009c Concrete Value : 000000000000009d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv157 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009b Concrete Value : 000000000000009c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv156 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000009a Concrete Value : 000000000000009b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv155 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000099 Concrete Value : 000000000000009a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv154 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000098 Concrete Value : 0000000000000099 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv153 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000097 Concrete Value : 0000000000000098 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv152 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000096 Concrete Value : 0000000000000097 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv151 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000095 Concrete Value : 0000000000000096 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv150 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000094 Concrete Value : 0000000000000095 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv149 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000093 Concrete Value : 0000000000000094 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv148 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000092 Concrete Value : 0000000000000093 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv147 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000091 Concrete Value : 0000000000000092 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv146 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000090 Concrete Value : 0000000000000091 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv145 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008f Concrete Value : 0000000000000090 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv144 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008e Concrete Value : 000000000000008f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv143 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008d Concrete Value : 000000000000008e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv142 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008c Concrete Value : 000000000000008d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv141 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008b Concrete Value : 000000000000008c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv140 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000008a Concrete Value : 000000000000008b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv139 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000089 Concrete Value : 000000000000008a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv138 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000088 Concrete Value : 0000000000000089 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv137 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000087 Concrete Value : 0000000000000088 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv136 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000086 Concrete Value : 0000000000000087 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv135 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000085 Concrete Value : 0000000000000086 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv134 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x6a9990: push rbp [OK] 0x6a9991: push rbx [OK] 0x6a9992: mov rbx, rdi [OK] 0x6a9995: lea rdi, ptr [rdi+0x18] [OK] 0x6a9999: sub rsp, 0x18 [OK] 0x6a999d: mov rsi, qword ptr [rdi+0x10] [OK] 0x6a99a1: call 0x6a8d90 [OK] 0x6a8d90: push r15 [OK] 0x6a8d92: push r14 [OK] 0x6a8d94: push r13 [OK] 0x6a8d96: push r12 [OK] 0x6a8d98: push rbp [OK] 0x6a8d99: push rbx [OK] 0x6a8d9a: sub rsp, 0x58 [OK] 0x6a8d9e: test rsi, rsi [OK] 0x6a8da1: mov qword ptr [rsp+0x18], rdi [OK] 0x6a8da6: mov qword ptr [rsp+0x30], rsi [OK] 0x6a9833: add rsp, 0x58 [OK] 0x6a9837: pop rbx [OK] 0x6a9838: pop rbp [OK] 0x6a9839: pop r12 [OK] 0x6a983b: pop r13 [OK] 0x6a983d: pop r14 [OK] 0x6a983f: pop r15 [OK] 0x6a9841: ret [OK] 0x6a99a6: mov rax, qword ptr [rbx] [OK] 0x6a99a9: lea rdi, ptr [rax-0x18] [OK] 0x6a99ad: cmp rdi, qword ptr [rip+0xcce564] [OK] 0x6a99bd: cmp qword ptr [rip+0xcce5f3], 0x0 [OK] 0x6a99c5: lea rdx, ptr [rdi+0x10] [OK] 0x6a99c9: jz 0x6a99fe [OK] 0x6a99cb: or eax, 0xffffffff [KO] 0x6a99ce: lock xadd dword ptr [rdx], eax (1 error) Register : rax Symbolic Value : 00000000ffffffff Concrete Value : 0000000000000000 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x6a99d2: test eax, eax [OK] 0x6a99d4: jnle 0x6a99b6 [OK] 0x6a99d6: lea rsi, ptr [rsp+0xf] [OK] 0x6a99db: call 0x40b2f0 [OK] 0x40b2f0: jmp qword ptr [rip+0xf6cf32] [OK] 0x7f5ffdbf82c0: jmp 0x7f5ffdb97750 [OK] 0x7f5ffdb97750: jmp qword ptr [rip+0x293e1a] [OK] 0x7f5ffdb9b0c0: test rdi, rdi [OK] 0x7f5ffdb9b0c3: jz 0x7f5ffdb9b0d0 [OK] 0x7f5ffdb9b0c5: jmp 0x7f5ffdb97d20 [OK] 0x7f5ffdb97d20: jmp qword ptr [rip+0x293b32] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x6a99e0: jmp 0x6a99b6 [OK] 0x6a99b6: add rsp, 0x18 [OK] 0x6a99ba: pop rbx [OK] 0x6a99bb: pop rbp [OK] 0x6a99bc: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000084 Concrete Value : 0000000000000085 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv133 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000083 Concrete Value : 0000000000000084 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv132 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000082 Concrete Value : 0000000000000083 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv131 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000081 Concrete Value : 0000000000000082 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv130 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000080 Concrete Value : 0000000000000081 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv129 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007f Concrete Value : 0000000000000080 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv128 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007e Concrete Value : 000000000000007f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv127 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007d Concrete Value : 000000000000007e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv126 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007c Concrete Value : 000000000000007d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv125 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007b Concrete Value : 000000000000007c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv124 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000007a Concrete Value : 000000000000007b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv123 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000079 Concrete Value : 000000000000007a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv122 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000078 Concrete Value : 0000000000000079 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv121 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000077 Concrete Value : 0000000000000078 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv120 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000076 Concrete Value : 0000000000000077 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv119 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000075 Concrete Value : 0000000000000076 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv118 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000074 Concrete Value : 0000000000000075 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv117 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000073 Concrete Value : 0000000000000074 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv116 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000072 Concrete Value : 0000000000000073 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv115 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000071 Concrete Value : 0000000000000072 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv114 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000070 Concrete Value : 0000000000000071 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv113 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006f Concrete Value : 0000000000000070 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv112 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006e Concrete Value : 000000000000006f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv111 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006d Concrete Value : 000000000000006e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv110 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006c Concrete Value : 000000000000006d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv109 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006b Concrete Value : 000000000000006c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv108 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000006a Concrete Value : 000000000000006b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv107 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000069 Concrete Value : 000000000000006a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv106 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000068 Concrete Value : 0000000000000069 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv105 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000067 Concrete Value : 0000000000000068 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv104 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000066 Concrete Value : 0000000000000067 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv103 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000065 Concrete Value : 0000000000000066 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv102 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000064 Concrete Value : 0000000000000065 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv101 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000063 Concrete Value : 0000000000000064 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv100 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000062 Concrete Value : 0000000000000063 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv99 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000061 Concrete Value : 0000000000000062 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv98 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000060 Concrete Value : 0000000000000061 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv97 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005f Concrete Value : 0000000000000060 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv96 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005e Concrete Value : 000000000000005f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv95 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005d Concrete Value : 000000000000005e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv94 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005c Concrete Value : 000000000000005d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv93 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005b Concrete Value : 000000000000005c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv92 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000005a Concrete Value : 000000000000005b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv91 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000059 Concrete Value : 000000000000005a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv90 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000058 Concrete Value : 0000000000000059 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv89 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000057 Concrete Value : 0000000000000058 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv88 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000056 Concrete Value : 0000000000000057 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv87 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000055 Concrete Value : 0000000000000056 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv86 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000054 Concrete Value : 0000000000000055 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv85 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000053 Concrete Value : 0000000000000054 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv84 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000052 Concrete Value : 0000000000000053 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv83 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000051 Concrete Value : 0000000000000052 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv82 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000050 Concrete Value : 0000000000000051 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv81 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004f Concrete Value : 0000000000000050 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv80 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004e Concrete Value : 000000000000004f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv79 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004d Concrete Value : 000000000000004e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv78 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004c Concrete Value : 000000000000004d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv77 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004b Concrete Value : 000000000000004c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv76 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000004a Concrete Value : 000000000000004b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv75 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000049 Concrete Value : 000000000000004a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv74 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000048 Concrete Value : 0000000000000049 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv73 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000047 Concrete Value : 0000000000000048 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv72 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000046 Concrete Value : 0000000000000047 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv71 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000045 Concrete Value : 0000000000000046 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv70 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000044 Concrete Value : 0000000000000045 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv69 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000043 Concrete Value : 0000000000000044 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv68 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000042 Concrete Value : 0000000000000043 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv67 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000041 Concrete Value : 0000000000000042 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv66 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000040 Concrete Value : 0000000000000041 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv65 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003f Concrete Value : 0000000000000040 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv64 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003e Concrete Value : 000000000000003f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv63 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003d Concrete Value : 000000000000003e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv62 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003c Concrete Value : 000000000000003d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv61 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003b Concrete Value : 000000000000003c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv60 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000003a Concrete Value : 000000000000003b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv59 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000039 Concrete Value : 000000000000003a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv58 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000038 Concrete Value : 0000000000000039 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv57 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000037 Concrete Value : 0000000000000038 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv56 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000036 Concrete Value : 0000000000000037 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv55 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000035 Concrete Value : 0000000000000036 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv54 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000034 Concrete Value : 0000000000000035 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv53 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000033 Concrete Value : 0000000000000034 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv52 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000032 Concrete Value : 0000000000000033 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv51 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000031 Concrete Value : 0000000000000032 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv50 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000030 Concrete Value : 0000000000000031 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv49 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002f Concrete Value : 0000000000000030 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv48 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002e Concrete Value : 000000000000002f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv47 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002d Concrete Value : 000000000000002e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv46 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002c Concrete Value : 000000000000002d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv45 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002b Concrete Value : 000000000000002c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv44 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000002a Concrete Value : 000000000000002b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv43 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000029 Concrete Value : 000000000000002a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv42 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000028 Concrete Value : 0000000000000029 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv41 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000027 Concrete Value : 0000000000000028 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv40 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000026 Concrete Value : 0000000000000027 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv39 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000025 Concrete Value : 0000000000000026 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv38 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000024 Concrete Value : 0000000000000025 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv37 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000023 Concrete Value : 0000000000000024 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv36 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000022 Concrete Value : 0000000000000023 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv35 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000021 Concrete Value : 0000000000000022 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv34 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000020 Concrete Value : 0000000000000021 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv33 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001f Concrete Value : 0000000000000020 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv32 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001e Concrete Value : 000000000000001f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv31 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001d Concrete Value : 000000000000001e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv30 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001c Concrete Value : 000000000000001d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv29 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001b Concrete Value : 000000000000001c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv28 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000001a Concrete Value : 000000000000001b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv27 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000019 Concrete Value : 000000000000001a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv26 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000018 Concrete Value : 0000000000000019 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv25 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000017 Concrete Value : 0000000000000018 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv24 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000016 Concrete Value : 0000000000000017 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv23 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000015 Concrete Value : 0000000000000016 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv22 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x458120: mov rdi, qword ptr [rdi] [OK] 0x458123: test rdi, rdi [OK] 0x458130: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbf82e0: mov rdi, qword ptr [rdi] [OK] 0x7f5ffdbf82e3: sub rdi, 0x18 [OK] 0x7f5ffdbf82e7: cmp rdi, qword ptr [rip+0x2327e2] [OK] 0x7f5ffdbf82ee: jnz 0x7f5ffdbf82f1 [OK] 0x7f5ffdbf82f0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbd6470: push rbx [OK] 0x7f5ffdbd6471: mov rbx, rdi [OK] 0x7f5ffdbd6474: sub rsp, 0x10 [OK] 0x7f5ffdbd6478: mov rax, qword ptr [rip+0x254379] [OK] 0x7f5ffdbd647f: lea rdx, ptr [rax+0x18] [OK] 0x7f5ffdbd6483: add rax, 0x40 [OK] 0x7f5ffdbd6487: mov qword ptr [rdi+0x58], rax [OK] 0x7f5ffdbd648b: mov rax, qword ptr [rip+0x254556] [OK] 0x7f5ffdbd6492: mov qword ptr [rdi], rdx [OK] 0x7f5ffdbd6495: add rax, 0x10 [OK] 0x7f5ffdbd6499: mov qword ptr [rdi+0x8], rax [OK] 0x7f5ffdbd649d: mov rax, qword ptr [rdi+0x50] [OK] 0x7f5ffdbd64a1: lea rdi, ptr [rax-0x18] [OK] 0x7f5ffdbd64a5: cmp rdi, qword ptr [rip+0x254624] [OK] 0x7f5ffdbd64ac: jnz 0x7f5ffdbd64ee [OK] 0x7f5ffdbd64ae: mov rax, qword ptr [rip+0x2547ab] [OK] 0x7f5ffdbd64b5: lea rdi, ptr [rbx+0x40] [OK] 0x7f5ffdbd64b9: add rax, 0x10 [OK] 0x7f5ffdbd64bd: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffdbd64c1: call 0x7f5ffdb987f0 [OK] 0x7f5ffdbd64c6: lea rax, ptr [rip+0x251d6b] [OK] 0x7f5ffdbd64cd: lea rdi, ptr [rbx+0x58] [OK] 0x7f5ffdbd64d1: mov qword ptr [rbx], rax [OK] 0x7f5ffdbd64d4: mov rax, qword ptr [rip+0x25457d] [OK] 0x7f5ffdbd64db: add rax, 0x10 [OK] 0x7f5ffdbd64df: mov qword ptr [rbx+0x58], rax [OK] 0x7f5ffdbd64e3: call 0x7f5ffdb98970 [OK] 0x7f5ffdb98970: jmp qword ptr [rip+0x29350a] [OK] 0x7f5ffdb98976: push 0x1cd [OK] 0x7f5ffdb9897b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbaba30: mov rax, qword ptr [rip+0x27f3f9] [OK] 0x7f5ffdbaba37: push rbx [OK] 0x7f5ffdbaba38: xor esi, esi [OK] 0x7f5ffdbaba3a: mov rbx, rdi [OK] 0x7f5ffdbaba3d: add rax, 0x10 [OK] 0x7f5ffdbaba41: mov qword ptr [rdi], rax [OK] 0x7f5ffdbaba44: call 0x7f5ffdb98210 [OK] 0x7f5ffdb98210: jmp qword ptr [rip+0x2938ba] [OK] 0x7f5ffdb98216: push 0x157 [OK] 0x7f5ffdb9821b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbab960: push r12 [OK] 0x7f5ffdbab962: mov r12d, esi [OK] 0x7f5ffdbab965: push rbp [OK] 0x7f5ffdbab966: mov rbp, rdi [OK] 0x7f5ffdbab969: push rbx [OK] 0x7f5ffdbab96a: mov rbx, qword ptr [rdi+0x28] [OK] 0x7f5ffdbab96e: test rbx, rbx [OK] 0x7f5ffdbab98c: pop rbx [OK] 0x7f5ffdbab98d: pop rbp [OK] 0x7f5ffdbab98e: pop r12 [OK] 0x7f5ffdbab990: ret [OK] 0x7f5ffdbaba49: mov rdi, rbx [OK] 0x7f5ffdbaba4c: call 0x7f5ffdb96f30 [OK] 0x7f5ffdb96f30: jmp qword ptr [rip+0x29422a] [OK] 0x7f5ffdb96f36: push 0x29 [OK] 0x7f5ffdb96f3b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbab9c0: push r12 [OK] 0x7f5ffdbab9c2: push rbp [OK] 0x7f5ffdbab9c3: mov rbp, rdi [OK] 0x7f5ffdbab9c6: push rbx [OK] 0x7f5ffdbab9c7: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffdbab9cb: test rdi, rdi [OK] 0x7f5ffdbaba18: mov qword ptr [rbp+0x28], 0x0 [OK] 0x7f5ffdbaba20: pop rbx [OK] 0x7f5ffdbaba21: pop rbp [OK] 0x7f5ffdbaba22: pop r12 [OK] 0x7f5ffdbaba24: ret [OK] 0x7f5ffdbaba51: mov rdi, qword ptr [rbx+0xc8] [OK] 0x7f5ffdbaba58: lea rax, ptr [rbx+0x40] [OK] 0x7f5ffdbaba5c: cmp rdi, rax [OK] 0x7f5ffdbaba76: lea rdi, ptr [rbx+0xd0] [OK] 0x7f5ffdbaba7d: pop rbx [OK] 0x7f5ffdbaba7e: jmp 0x7f5ffdb987f0 [OK] 0x7f5ffdbd64e8: add rsp, 0x10 [OK] 0x7f5ffdbd64ec: pop rbx [OK] 0x7f5ffdbd64ed: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c768: mov rdi, r13 [OK] 0x7f5ffc52c76b: call 0x7f5ffc514430 [OK] 0x7f5ffc514430: jmp qword ptr [rip+0x372c2a] [OK] 0x7f5ffc571100: mov rax, qword ptr [rip+0x315de1] [OK] 0x7f5ffc571107: mov rax, qword ptr [rax] [OK] 0x7f5ffc57110a: test rax, rax [OK] 0x7f5ffc57110d: jnz 0x7f5ffc571182 [OK] 0x7f5ffc57110f: test rdi, rdi [OK] 0x7f5ffc571112: jz 0x7f5ffc571180 [OK] 0x7f5ffc571114: mov rax, qword ptr [rdi-0x8] [OK] 0x7f5ffc571118: lea rsi, ptr [rdi-0x10] [OK] 0x7f5ffc57111c: test al, 0x2 [OK] 0x7f5ffc57111e: jnz 0x7f5ffc571140 [OK] 0x7f5ffc56dd40: mov rax, qword ptr [r13+0x10] [OK] 0x7f5ffc56dd44: mov rdx, qword ptr [r13+0x18] [OK] 0x7f5ffc56dd48: cmp r13, qword ptr [rax+0x18] [OK] 0x7f5ffc56dd4c: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd52: cmp r13, qword ptr [rdx+0x10] [OK] 0x7f5ffc56dd56: jnz 0x7f5ffc56e1bf [OK] 0x7f5ffc56dd5c: mov qword ptr [rax+0x18], rdx [OK] 0x7f5ffc56dd60: mov qword ptr [rdx+0x10], rax [OK] 0x7f5ffc56dd64: cmp qword ptr [r13+0x8], 0x3ff [OK] 0x7f5ffc56dd6c: jbe 0x7f5ffc56dd7b [OK] 0x7f5ffc56dd6e: mov rdx, qword ptr [r13+0x20] [OK] 0x7f5ffc56dd72: test rdx, rdx [OK] 0x7f5ffc56dd75: jnz 0x7f5ffc56e3b7 [OK] 0x7f5ffc56dd7b: add rbp, r14 [OK] 0x7f5ffc56dd7e: jmp 0x7f5ffc56da99 [OK] 0x7f5ffc56da99: mov rax, qword ptr [r12+0x68] [OK] 0x7f5ffc56da9e: lea rdx, ptr [r12+0x58] [OK] 0x7f5ffc56daa3: cmp rdx, qword ptr [rax+0x18] [OK] 0x7f5ffc56daa7: jnz 0x7f5ffc56e2b1 [OK] 0x7f5ffc56daad: cmp rbp, 0x3ff [OK] 0x7f5ffc56dab4: mov qword ptr [rbx+0x10], rax [OK] 0x7f5ffc56dab8: mov qword ptr [rbx+0x18], rdx [OK] 0x7f5ffc56dabc: jbe 0x7f5ffc56dace [OK] 0x7f5ffc56dabe: mov qword ptr [rbx+0x20], 0x0 [OK] 0x7f5ffc56dac6: mov qword ptr [rbx+0x28], 0x0 [OK] 0x7f5ffc56dace: mov qword ptr [r12+0x68], rbx [OK] 0x7f5ffc56dad3: mov qword ptr [rax+0x18], rbx [OK] 0x7f5ffc56dad7: mov rax, rbp [OK] 0x7f5ffc56dada: or rax, 0x1 [OK] 0x7f5ffc56dade: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffc56dae2: mov qword ptr [rbx+rbp*1], rbp [OK] 0x7f5ffc56dae6: cmp rbp, 0xffff [OK] 0x7f5ffc52c770: jmp 0x7f5ffc52c687 [OK] 0x7f5ffc52c687: mov r13, qword ptr [rbp] [OK] 0x7f5ffc52c68b: test r13, r13 [OK] 0x7f5ffc52c68e: jz 0x7f5ffc52c6e0 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x458140: mov rdi, qword ptr [rdi] [OK] 0x458143: test rdi, rdi [OK] 0x458150: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x458120: mov rdi, qword ptr [rdi] [OK] 0x458123: test rdi, rdi [OK] 0x458130: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbf82e0: mov rdi, qword ptr [rdi] [OK] 0x7f5ffdbf82e3: sub rdi, 0x18 [OK] 0x7f5ffdbf82e7: cmp rdi, qword ptr [rip+0x2327e2] [OK] 0x7f5ffdbf82ee: jnz 0x7f5ffdbf82f1 [OK] 0x7f5ffdbf82f0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbd6470: push rbx [OK] 0x7f5ffdbd6471: mov rbx, rdi [OK] 0x7f5ffdbd6474: sub rsp, 0x10 [OK] 0x7f5ffdbd6478: mov rax, qword ptr [rip+0x254379] [OK] 0x7f5ffdbd647f: lea rdx, ptr [rax+0x18] [OK] 0x7f5ffdbd6483: add rax, 0x40 [OK] 0x7f5ffdbd6487: mov qword ptr [rdi+0x58], rax [OK] 0x7f5ffdbd648b: mov rax, qword ptr [rip+0x254556] [OK] 0x7f5ffdbd6492: mov qword ptr [rdi], rdx [OK] 0x7f5ffdbd6495: add rax, 0x10 [OK] 0x7f5ffdbd6499: mov qword ptr [rdi+0x8], rax [OK] 0x7f5ffdbd649d: mov rax, qword ptr [rdi+0x50] [OK] 0x7f5ffdbd64a1: lea rdi, ptr [rax-0x18] [OK] 0x7f5ffdbd64a5: cmp rdi, qword ptr [rip+0x254624] [OK] 0x7f5ffdbd64ac: jnz 0x7f5ffdbd64ee [OK] 0x7f5ffdbd64ae: mov rax, qword ptr [rip+0x2547ab] [OK] 0x7f5ffdbd64b5: lea rdi, ptr [rbx+0x40] [OK] 0x7f5ffdbd64b9: add rax, 0x10 [OK] 0x7f5ffdbd64bd: mov qword ptr [rbx+0x8], rax [OK] 0x7f5ffdbd64c1: call 0x7f5ffdb987f0 [OK] 0x7f5ffdbd64c6: lea rax, ptr [rip+0x251d6b] [OK] 0x7f5ffdbd64cd: lea rdi, ptr [rbx+0x58] [OK] 0x7f5ffdbd64d1: mov qword ptr [rbx], rax [OK] 0x7f5ffdbd64d4: mov rax, qword ptr [rip+0x25457d] [OK] 0x7f5ffdbd64db: add rax, 0x10 [OK] 0x7f5ffdbd64df: mov qword ptr [rbx+0x58], rax [OK] 0x7f5ffdbd64e3: call 0x7f5ffdb98970 [OK] 0x7f5ffdb98970: jmp qword ptr [rip+0x29350a] [OK] 0x7f5ffdbaba30: mov rax, qword ptr [rip+0x27f3f9] [OK] 0x7f5ffdbaba37: push rbx [OK] 0x7f5ffdbaba38: xor esi, esi [OK] 0x7f5ffdbaba3a: mov rbx, rdi [OK] 0x7f5ffdbaba3d: add rax, 0x10 [OK] 0x7f5ffdbaba41: mov qword ptr [rdi], rax [OK] 0x7f5ffdbaba44: call 0x7f5ffdb98210 [OK] 0x7f5ffdb98210: jmp qword ptr [rip+0x2938ba] [OK] 0x7f5ffdbab960: push r12 [OK] 0x7f5ffdbab962: mov r12d, esi [OK] 0x7f5ffdbab965: push rbp [OK] 0x7f5ffdbab966: mov rbp, rdi [OK] 0x7f5ffdbab969: push rbx [OK] 0x7f5ffdbab96a: mov rbx, qword ptr [rdi+0x28] [OK] 0x7f5ffdbab96e: test rbx, rbx [OK] 0x7f5ffdbab98c: pop rbx [OK] 0x7f5ffdbab98d: pop rbp [OK] 0x7f5ffdbab98e: pop r12 [OK] 0x7f5ffdbab990: ret [OK] 0x7f5ffdbaba49: mov rdi, rbx [OK] 0x7f5ffdbaba4c: call 0x7f5ffdb96f30 [OK] 0x7f5ffdb96f30: jmp qword ptr [rip+0x29422a] [OK] 0x7f5ffdbab9c0: push r12 [OK] 0x7f5ffdbab9c2: push rbp [OK] 0x7f5ffdbab9c3: mov rbp, rdi [OK] 0x7f5ffdbab9c6: push rbx [OK] 0x7f5ffdbab9c7: mov rdi, qword ptr [rdi+0x28] [OK] 0x7f5ffdbab9cb: test rdi, rdi [OK] 0x7f5ffdbaba18: mov qword ptr [rbp+0x28], 0x0 [OK] 0x7f5ffdbaba20: pop rbx [OK] 0x7f5ffdbaba21: pop rbp [OK] 0x7f5ffdbaba22: pop r12 [OK] 0x7f5ffdbaba24: ret [OK] 0x7f5ffdbaba51: mov rdi, qword ptr [rbx+0xc8] [OK] 0x7f5ffdbaba58: lea rax, ptr [rbx+0x40] [OK] 0x7f5ffdbaba5c: cmp rdi, rax [OK] 0x7f5ffdbaba76: lea rdi, ptr [rbx+0xd0] [OK] 0x7f5ffdbaba7d: pop rbx [OK] 0x7f5ffdbaba7e: jmp 0x7f5ffdb987f0 [OK] 0x7f5ffdbd64e8: add rsp, 0x10 [OK] 0x7f5ffdbd64ec: pop rbx [OK] 0x7f5ffdbd64ed: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000014 Concrete Value : 0000000000000015 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv21 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000013 Concrete Value : 0000000000000014 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv20 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000012 Concrete Value : 0000000000000013 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv19 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbf82e0: mov rdi, qword ptr [rdi] [OK] 0x7f5ffdbf82e3: sub rdi, 0x18 [OK] 0x7f5ffdbf82e7: cmp rdi, qword ptr [rip+0x2327e2] [OK] 0x7f5ffdbf82ee: jnz 0x7f5ffdbf82f1 [OK] 0x7f5ffdbf82f0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000011 Concrete Value : 0000000000000012 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv18 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000010 Concrete Value : 0000000000000011 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv17 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000f Concrete Value : 0000000000000010 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv16 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000e Concrete Value : 000000000000000f Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv15 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000d Concrete Value : 000000000000000e Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv14 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000c Concrete Value : 000000000000000d Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv13 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000b Concrete Value : 000000000000000c Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv12 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 000000000000000a Concrete Value : 000000000000000b Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv11 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000009 Concrete Value : 000000000000000a Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv10 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000008 Concrete Value : 0000000000000009 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv9 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000007 Concrete Value : 0000000000000008 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv8 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbf82e0: mov rdi, qword ptr [rdi] [OK] 0x7f5ffdbf82e3: sub rdi, 0x18 [OK] 0x7f5ffdbf82e7: cmp rdi, qword ptr [rip+0x2327e2] [OK] 0x7f5ffdbf82ee: jnz 0x7f5ffdbf82f1 [OK] 0x7f5ffdbf82f0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000006 Concrete Value : 0000000000000007 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv7 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000005 Concrete Value : 0000000000000006 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv6 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000004 Concrete Value : 0000000000000005 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv5 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000003 Concrete Value : 0000000000000004 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv4 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000002 Concrete Value : 0000000000000003 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv3 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac48f: jz 0x7f5ffdbac498 [OK] 0x7f5ffdbac491: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x417cd0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x417cd0: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f5ffdbac470: cmp qword ptr [rip+0x27e910], 0x0 [OK] 0x7f5ffdbac478: jz 0x7f5ffdbac4e9 [OK] 0x7f5ffdbac47a: lea rax, ptr [rip+0x29349b] [OK] 0x7f5ffdbac481: mov edx, 0xffffffff [KO] 0x7f5ffdbac486: lock xadd dword ptr [rax], edx (1 error) Register : rdx Symbolic Value : 0000000000000001 Concrete Value : 0000000000000002 Expression : ((_ zero_extend 32) (bvadd (concat ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv0 8)) ((_ extract 7 0) (_ bv2 8))) ((_ extract 31 0) (_ bv4294967295 64)))) [OK] 0x7f5ffdbac48a: mov eax, edx [OK] 0x7f5ffdbac48c: cmp eax, 0x2 [OK] 0x7f5ffdbac498: sub rsp, 0x8 [OK] 0x7f5ffdbac49c: mov rdi, qword ptr [rip+0x27e92d] [OK] 0x7f5ffdbac4a3: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbac4a8: mov rdi, qword ptr [rip+0x27e551] [OK] 0x7f5ffdbac4af: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbac4b4: mov rdi, qword ptr [rip+0x27e595] [OK] 0x7f5ffdbac4bb: call 0x7f5ffdb98450 [OK] 0x7f5ffdb98450: jmp qword ptr [rip+0x29379a] [OK] 0x7f5ffdbd1fa0: push rbx [OK] 0x7f5ffdbd1fa1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fa4: mov rbx, rdi [OK] 0x7f5ffdbd1fa7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd1fab: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd1fb3: test rdi, rdi [OK] 0x7f5ffdbd1fb6: jz 0x7f5ffdbd1fd8 [OK] 0x7f5ffdbd1fb8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd1fbb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16a0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16a4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd1fbe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd1fd8: mov rax, rbx [OK] 0x7f5ffdbd1fdb: pop rbx [OK] 0x7f5ffdbd1fdc: ret [OK] 0x7f5ffdbac4c0: mov rdi, qword ptr [rip+0x27e3c9] [OK] 0x7f5ffdbac4c7: call 0x7f5ffdb98da0 [OK] 0x7f5ffdb98da0: jmp qword ptr [rip+0x2932f2] [OK] 0x7f5ffdb98da6: push 0x210 [OK] 0x7f5ffdb98dab: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbd41e0: push rbx [OK] 0x7f5ffdbd41e1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41e4: mov rbx, rdi [OK] 0x7f5ffdbd41e7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd41eb: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd41f3: test rdi, rdi [OK] 0x7f5ffdbd41f6: jz 0x7f5ffdbd4218 [OK] 0x7f5ffdbd41f8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41fb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16b0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16b4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd41fe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd4218: mov rax, rbx [OK] 0x7f5ffdbd421b: pop rbx [OK] 0x7f5ffdbd421c: ret [OK] 0x7f5ffdbac4cc: mov rdi, qword ptr [rip+0x27e2fd] [OK] 0x7f5ffdbac4d3: call 0x7f5ffdb98da0 [OK] 0x7f5ffdb98da0: jmp qword ptr [rip+0x2932f2] [OK] 0x7f5ffdbd41e0: push rbx [OK] 0x7f5ffdbd41e1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41e4: mov rbx, rdi [OK] 0x7f5ffdbd41e7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd41eb: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd41f3: test rdi, rdi [OK] 0x7f5ffdbd41f6: jz 0x7f5ffdbd4218 [OK] 0x7f5ffdbd41f8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41fb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16b0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16b4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd41fe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd4218: mov rax, rbx [OK] 0x7f5ffdbd421b: pop rbx [OK] 0x7f5ffdbd421c: ret [OK] 0x7f5ffdbac4d8: mov rdi, qword ptr [rip+0x27e6c1] [OK] 0x7f5ffdbac4df: call 0x7f5ffdb98da0 [OK] 0x7f5ffdb98da0: jmp qword ptr [rip+0x2932f2] [OK] 0x7f5ffdbd41e0: push rbx [OK] 0x7f5ffdbd41e1: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41e4: mov rbx, rdi [OK] 0x7f5ffdbd41e7: mov rax, qword ptr [rax-0x18] [OK] 0x7f5ffdbd41eb: mov rdi, qword ptr [rdi+rax*1+0xe8] [OK] 0x7f5ffdbd41f3: test rdi, rdi [OK] 0x7f5ffdbd41f6: jz 0x7f5ffdbd4218 [OK] 0x7f5ffdbd41f8: mov rax, qword ptr [rdi] [OK] 0x7f5ffdbd41fb: call qword ptr [rax+0x30] [OK] 0x7f5ffdbd16b0: mov rdi, qword ptr [rdi+0x40] [OK] 0x7f5ffdbd16b4: jmp 0x7f5ffdb99570 [OK] 0x7f5ffdb99570: jmp qword ptr [rip+0x292f0a] [OK] 0x7f5ffc55e410: test rdi, rdi [OK] 0x7f5ffc55e413: push rbx [OK] 0x7f5ffc55e414: mov rbx, rdi [OK] 0x7f5ffc55e417: jz 0x7f5ffc55e4f8 [OK] 0x7f5ffc55e41d: mov eax, dword ptr [rdi] [OK] 0x7f5ffc55e41f: and eax, 0x8000 [OK] 0x7f5ffc55e424: jnz 0x7f5ffc55e483 [OK] 0x7f5ffc55e426: mov rdx, qword ptr [rdi+0x88] [OK] 0x7f5ffc55e42d: mov r8, qword ptr fs:[0x10] [OK] 0x7f5ffc55e436: cmp r8, qword ptr [rdx+0x8] [OK] 0x7f5ffc55e43a: jz 0x7f5ffc55e47f [OK] 0x7f5ffc55e43c: mov esi, 0x1 [OK] 0x7f5ffc55e441: cmp dword ptr [rip+0x32e36c], 0x0 [OK] 0x7f5ffc55e452: cmpxchg dword ptr [rdx], esi [OK] 0x7f5ffc55e46d: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e474: mov qword ptr [rax+0x8], r8 [OK] 0x7f5ffc55e478: mov rdx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e47f: add dword ptr [rdx+0x4], 0x1 [OK] 0x7f5ffc55e483: mov rax, qword ptr [rbx+0xd8] [OK] 0x7f5ffc55e48a: mov rdi, rbx [OK] 0x7f5ffc55e48d: call qword ptr [rax+0x60] [OK] 0x7f5ffc568550: push rbx [OK] 0x7f5ffc568551: mov rdx, qword ptr [rdi+0x28] [OK] 0x7f5ffc568555: mov rbx, rdi [OK] 0x7f5ffc568558: mov rsi, qword ptr [rdi+0x20] [OK] 0x7f5ffc56855c: cmp rdx, rsi [OK] 0x7f5ffc56858f: mov rsi, qword ptr [rbx+0x8] [OK] 0x7f5ffc568593: sub rsi, qword ptr [rbx+0x10] [OK] 0x7f5ffc568597: jnz 0x7f5ffc5685b0 [OK] 0x7f5ffc568599: mov qword ptr [rbx+0x90], 0xffffffffffffffff [OK] 0x7f5ffc5685a4: xor eax, eax [OK] 0x7f5ffc5685a6: pop rbx [OK] 0x7f5ffc5685a7: ret [OK] 0x7f5ffc55e490: xor edx, edx [OK] 0x7f5ffc55e492: test eax, eax [OK] 0x7f5ffc55e494: setnz dl [OK] 0x7f5ffc55e497: neg edx [OK] 0x7f5ffc55e499: test dword ptr [rbx], 0x8000 [OK] 0x7f5ffc55e49f: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4a1: mov rcx, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4a8: sub dword ptr [rcx+0x4], 0x1 [OK] 0x7f5ffc55e4ac: jnz 0x7f5ffc55e4f0 [OK] 0x7f5ffc55e4ae: mov rax, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4b5: mov qword ptr [rax+0x8], 0x0 [OK] 0x7f5ffc55e4bd: mov rsi, qword ptr [rbx+0x88] [OK] 0x7f5ffc55e4c4: cmp dword ptr [rip+0x32e2e9], 0x0 [OK] 0x7f5ffc55e4d4: dec dword ptr [rsi] [OK] 0x7f5ffc55e4ee: data16 nop [OK] 0x7f5ffc55e4f0: mov eax, edx [OK] 0x7f5ffc55e4f2: pop rbx [OK] 0x7f5ffc55e4f3: ret [OK] 0x7f5ffdbd41fe: cmp eax, 0xffffffff [OK] 0x7f5ffdbd4218: mov rax, rbx [OK] 0x7f5ffdbd421b: pop rbx [OK] 0x7f5ffdbd421c: ret [OK] 0x7f5ffdbac4e4: add rsp, 0x8 [OK] 0x7f5ffdbac4e8: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c730: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52c734: mov rdi, qword ptr [rcx+0x10] [OK] 0x7f5ffc52c738: mov esi, ebx [OK] 0x7f5ffc52c73a: ror rax, 0x11 [OK] 0x7f5ffc52c73e: xor rax, qword ptr fs:[0x30] [OK] 0x7f5ffc52c747: call rax [OK] 0x7f6013b9c120: push rbp [OK] 0x7f6013b9c121: mov rbp, rsp [OK] 0x7f6013b9c124: push r15 [OK] 0x7f6013b9c126: push r14 [OK] 0x7f6013b9c128: push r13 [OK] 0x7f6013b9c12a: push r12 [OK] 0x7f6013b9c12c: push rbx [OK] 0x7f6013b9c12d: sub rsp, 0x38 [OK] 0x7f6013b9c131: mov dword ptr [rbp-0x34], 0x0 [OK] 0x7f6013b9c138: mov qword ptr [rbp-0x58], 0x0 [OK] 0x7f6013b9c140: mov qword ptr [rbp-0x50], 0x0 [OK] 0x7f6013b9c148: mov rax, qword ptr [rip+0x2127b1] [OK] 0x7f6013b9c14f: sub rax, 0x1 [OK] 0x7f6013b9c153: mov qword ptr [rbp-0x48], rax [OK] 0x7f6013b9c157: js 0x7f6013b9c364 [OK] 0x7f6013b9c15d: lea rax, ptr [rax+rax*8] [OK] 0x7f6013b9c161: lea rsi, ptr [rip+0x211e98] [OK] 0x7f6013b9c168: shl rax, 0x4 [OK] 0x7f6013b9c16c: lea rax, ptr [rsi+rax*1+0x8] [OK] 0x7f6013b9c171: mov qword ptr [rbp-0x40], rax [OK] 0x7f6013b9c175: jmp 0x7f6013b9c1a0 [OK] 0x7f6013b9c1a0: lea rdi, ptr [rip+0x212761] [OK] 0x7f6013b9c1a7: call qword ptr [rip+0x212d5b] [OK] 0x7f6013b9c1ad: mov rax, qword ptr [rbp-0x40] [OK] 0x7f6013b9c1b1: mov esi, dword ptr [rax] [OK] 0x7f6013b9c1b3: test esi, esi [OK] 0x7f6013b9c1b5: jz 0x7f6013b9c180 [OK] 0x7f6013b9c1b7: mov rcx, qword ptr [rax-0x8] [OK] 0x7f6013b9c1bb: movzx eax, byte ptr [rcx+0x315] [OK] 0x7f6013b9c1c2: shr al, 0x3 [OK] 0x7f6013b9c1c5: and eax, 0x1 [OK] 0x7f6013b9c1c8: cmp eax, dword ptr [rbp-0x34] [OK] 0x7f6013b9c1cb: jnz 0x7f6013b9c180 [OK] 0x7f6013b9c1cd: cmp qword ptr [rbp-0x48], 0x0 [OK] 0x7f6013b9c1d2: mov edi, esi [OK] 0x7f6013b9c1d4: setz r8b [OK] 0x7f6013b9c1d8: shl rdi, 0x3 [OK] 0x7f6013b9c1dc: cmp rdi, qword ptr [rbp-0x58] [OK] 0x7f6013b9c1e0: jbe 0x7f6013b9c214 [OK] 0x7f6013b9c1e2: cmp qword ptr [rbp-0x58], 0x0 [OK] 0x7f6013b9c1e7: jnz 0x7f6013b9c3f0 [OK] 0x7f6013b9c1ed: lea rax, ptr [rdi+0x1e] [OK] 0x7f6013b9c1f1: mov ebx, 0x10 [OK] 0x7f6013b9c1f6: xor edx, edx [OK] 0x7f6013b9c1f8: mov qword ptr [rbp-0x58], rdi [KO] 0x7f6013b9c1fc: div rbx (2 error) Register : rax Symbolic Value : 0000000000000000 Concrete Value : 0000000000000006 Expression : ((_ extract 63 0) (bvudiv (concat ((_ extract 63 0) (_ bv0 64)) ((_ extract 63 0) (_ bv0 64))) ((_ zero_extend 64) ((_ extract 63 0) (_ bv16 64))))) Register : rdx Symbolic Value : 0000000000000000 Concrete Value : 000000000000000e Expression : ((_ extract 63 0) (bvurem (concat ((_ extract 63 0) (_ bv0 64)) ((_ extract 63 0) (_ bv0 64))) ((_ zero_extend 64) ((_ extract 63 0) (_ bv16 64))))) [OK] 0x7f6013b9c1ff: shl rax, 0x4 [OK] 0x7f6013b9c203: sub rsp, rax [OK] 0x7f6013b9c206: lea rax, ptr [rsp+0xf] [OK] 0x7f6013b9c20b: mov qword ptr [rbp-0x50], rax [OK] 0x7f6013b9c20f: and qword ptr [rbp-0x50], 0xfffffffffffffff0 [OK] 0x7f6013b9c214: xor ebx, ebx [OK] 0x7f6013b9c216: jmp 0x7f6013b9c229 [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c229: cmp qword ptr [rcx+0x28], rcx [OK] 0x7f6013b9c22d: jnz 0x7f6013b9c220 [OK] 0x7f6013b9c22f: cmp ebx, esi [OK] 0x7f6013b9c231: jnb 0x7f6013b9c490 [OK] 0x7f6013b9c237: mov rdi, qword ptr [rbp-0x50] [OK] 0x7f6013b9c23b: mov eax, ebx [OK] 0x7f6013b9c23d: mov qword ptr [rdi+rax*8], rcx [OK] 0x7f6013b9c241: mov dword ptr [rcx+0x3dc], ebx [OK] 0x7f6013b9c247: add ebx, 0x1 [OK] 0x7f6013b9c24a: add dword ptr [rcx+0x310], 0x1 [OK] 0x7f6013b9c251: mov rcx, qword ptr [rcx+0x18] [OK] 0x7f6013b9c255: test rcx, rcx [OK] 0x7f6013b9c258: jnz 0x7f6013b9c229 [OK] 0x7f6013b9c25a: cmp ebx, esi [OK] 0x7f6013b9c25c: jnz 0x7f6013b9c456 [OK] 0x7f6013b9c262: mov r14, qword ptr [rbp-0x50] [OK] 0x7f6013b9c266: mov rcx, qword ptr [rbp-0x48] [OK] 0x7f6013b9c26a: xor edx, edx [OK] 0x7f6013b9c26c: mov esi, ebx [OK] 0x7f6013b9c26e: mov rdi, r14 [OK] 0x7f6013b9c271: call 0x7f6013b9be90 [OK] 0x7f6013b9be90: push rbp [OK] 0x7f6013b9be91: mov rbp, rsp [OK] 0x7f6013b9be94: push r15 [OK] 0x7f6013b9be96: push r14 [OK] 0x7f6013b9be98: push r13 [OK] 0x7f6013b9be9a: push r12 [OK] 0x7f6013b9be9c: push rbx [OK] 0x7f6013b9be9d: mov rbx, rsi [OK] 0x7f6013b9bea0: sub rsp, 0x58 [OK] 0x7f6013b9bea4: cmp rsi, 0x1 [OK] 0x7f6013b9bea8: mov qword ptr [rbp-0x50], rdi [OK] 0x7f6013b9beac: mov qword ptr [rbp-0x40], rsi [OK] 0x7f6013b9beb0: mov qword ptr [rbp-0x60], rdx [OK] 0x7f6013b9beb4: mov qword ptr [rbp-0x58], rsp [OK] 0x7f6013b9beb8: jz 0x7f6013b9bfe0 [OK] 0x7f6013b9bebe: lea rdx, ptr [rsi+rsi*1] [OK] 0x7f6013b9bec2: test rcx, rcx [OK] 0x7f6013b9bec5: setz cl [OK] 0x7f6013b9bec8: xor esi, esi [OK] 0x7f6013b9beca: lea rax, ptr [rdx+0x10] [OK] 0x7f6013b9bece: movzx ecx, cl [OK] 0x7f6013b9bed1: mov dword ptr [rbp-0x48], ecx [OK] 0x7f6013b9bed4: and rax, 0xfffffffffffffff0 [OK] 0x7f6013b9bed8: sub rsp, rax [OK] 0x7f6013b9bedb: mov rdi, rsp [OK] 0x7f6013b9bede: mov qword ptr [rbp-0x38], rsp [OK] 0x7f6013b9bee2: call 0x7f6013ba5f60 [OK] 0x7f6013b9bee7: mov ecx, dword ptr [rbp-0x48] [OK] 0x7f6013b9beea: mov eax, ebx [OK] 0x7f6013b9beec: mov r8, qword ptr [rbp-0x50] [OK] 0x7f6013b9bef0: sub eax, 0x1 [OK] 0x7f6013b9bef3: mov dword ptr [rbp-0x64], eax [OK] 0x7f6013b9bef6: mov r14d, ecx [OK] 0x7f6013b9bef9: lea r11d, ptr [rcx+0x1] [OK] 0x7f6013b9befd: mov r15d, ecx [OK] 0x7f6013b9bf00: jmp 0x7f6013b9bf48 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfef: mov dword ptr [rbp-0x68], ecx [OK] 0x7f6013b9bff2: mov ecx, eax [OK] 0x7f6013b9bff4: mov r10d, r11d [OK] 0x7f6013b9bff7: sub ecx, r15d [OK] 0x7f6013b9bffa: lea rsi, ptr [r8+r10*8] [OK] 0x7f6013b9bffe: mov dword ptr [rbp-0x80], r11d [OK] 0x7f6013b9c002: lea rdx, ptr [rcx*8] [OK] 0x7f6013b9c00a: mov qword ptr [rbp-0x48], rcx [OK] 0x7f6013b9c00e: mov qword ptr [rbp-0x78], r10 [OK] 0x7f6013b9c012: mov qword ptr [rbp-0x70], r8 [OK] 0x7f6013b9c016: mov qword ptr [rbp-0x50], r10 [OK] 0x7f6013b9c01a: call 0x7f6013ba5dc0 [OK] 0x7f6013b9c01f: mov qword ptr [r13], rbx [OK] 0x7f6013b9c023: mov r13, qword ptr [rbp-0x60] [OK] 0x7f6013b9c027: mov r10, qword ptr [rbp-0x50] [OK] 0x7f6013b9c02b: mov r8, qword ptr [rbp-0x70] [OK] 0x7f6013b9c02f: mov r9, qword ptr [rbp-0x78] [OK] 0x7f6013b9c033: mov r11d, dword ptr [rbp-0x80] [OK] 0x7f6013b9c037: test r13, r13 [OK] 0x7f6013b9c03a: mov ecx, dword ptr [rbp-0x68] [OK] 0x7f6013b9c078: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9c07c: movzx edx, word ptr [rax+r10*2] [OK] 0x7f6013b9c081: mov rax, qword ptr [rbp-0x40] [OK] 0x7f6013b9c085: sub rax, r14 [OK] 0x7f6013b9c088: cmp rdx, rax [OK] 0x7f6013b9c098: mov rbx, qword ptr [rbp-0x38] [OK] 0x7f6013b9c09c: mov rdx, qword ptr [rbp-0x48] [OK] 0x7f6013b9c0a0: mov dword ptr [rbp-0x78], r11d [OK] 0x7f6013b9c0a4: mov qword ptr [rbp-0x70], r8 [OK] 0x7f6013b9c0a8: mov dword ptr [rbp-0x50], ecx [OK] 0x7f6013b9c0ab: lea rsi, ptr [rbx+r10*2] [OK] 0x7f6013b9c0af: lea rdi, ptr [rbx+r14*2] [OK] 0x7f6013b9c0b3: add rdx, rdx [OK] 0x7f6013b9c0b6: call 0x7f6013ba5dc0 [OK] 0x7f6013b9c0bb: mov ecx, dword ptr [rbp-0x50] [OK] 0x7f6013b9c0be: mov r8, qword ptr [rbp-0x70] [OK] 0x7f6013b9c0c2: mov r11d, dword ptr [rbp-0x78] [OK] 0x7f6013b9c0c6: mov word ptr [rbx+r12*2], cx [OK] 0x7f6013b9c0cb: jmp 0x7f6013b9bf48 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfa0: add rdx, 0x8 [OK] 0x7f6013b9bfa4: cmp rbx, rsi [OK] 0x7f6013b9bfa7: jz 0x7f6013b9bfef [OK] 0x7f6013b9bfa9: mov rsi, qword ptr [rdx] [OK] 0x7f6013b9bfac: test rsi, rsi [OK] 0x7f6013b9bfaf: jnz 0x7f6013b9bfa0 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf7a: jnb 0x7f6013b9bf08 [OK] 0x7f6013b9bf7c: nop dword ptr [rax], eax [OK] 0x7f6013b9bf80: mov r12d, eax [OK] 0x7f6013b9bf83: lea r13, ptr [r8+r12*8] [OK] 0x7f6013b9bf87: mov r9, qword ptr [r13] [OK] 0x7f6013b9bf8b: mov rdx, qword ptr [r9+0x3b8] [OK] 0x7f6013b9bf92: test rdx, rdx [OK] 0x7f6013b9bf95: jnz 0x7f6013b9bfa9 [OK] 0x7f6013b9bf97: jmp 0x7f6013b9bfb1 [OK] 0x7f6013b9bfb1: mov rdx, qword ptr [r9+0x3c0] [OK] 0x7f6013b9bfb8: test rdx, rdx [OK] 0x7f6013b9bfbb: jnz 0x7f6013b9c0d0 [OK] 0x7f6013b9bfc1: sub eax, 0x1 [OK] 0x7f6013b9bfc4: cmp r15d, eax [OK] 0x7f6013b9bfc7: jb 0x7f6013b9bf80 [OK] 0x7f6013b9bfc9: mov r14d, r11d [OK] 0x7f6013b9bfcc: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bfd0: mov r15d, r11d [OK] 0x7f6013b9bfd3: mov r9, r14 [OK] 0x7f6013b9bf1b: mov rdx, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf1f: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf23: xor esi, esi [OK] 0x7f6013b9bf25: mov dword ptr [rbp-0x50], r11d [OK] 0x7f6013b9bf29: mov qword ptr [rbp-0x48], r8 [OK] 0x7f6013b9bf2d: sub rdx, r9 [OK] 0x7f6013b9bf30: lea rdi, ptr [rax+r14*2] [OK] 0x7f6013b9bf34: add rdx, rdx [OK] 0x7f6013b9bf37: call 0x7f6013ba5f60 [OK] 0x7f6013b9bf3c: mov r11d, dword ptr [rbp-0x50] [OK] 0x7f6013b9bf40: mov r8, qword ptr [rbp-0x48] [OK] 0x7f6013b9bf44: add r11d, 0x1 [OK] 0x7f6013b9bf48: mov rax, qword ptr [rbp-0x38] [OK] 0x7f6013b9bf4c: lea rdi, ptr [r8+r14*8] [OK] 0x7f6013b9bf50: lea rax, ptr [rax+r14*2] [OK] 0x7f6013b9bf54: movzx ecx, word ptr [rax] [OK] 0x7f6013b9bf57: add ecx, 0x1 [OK] 0x7f6013b9bf5a: mov word ptr [rax], cx [OK] 0x7f6013b9bf5d: mov rax, qword ptr [rdi] [OK] 0x7f6013b9bf60: mov rbx, qword ptr [rax+0x28] [OK] 0x7f6013b9bf64: cmp rbx, rax [OK] 0x7f6013b9bf67: jnz 0x7f6013b9bf08 [OK] 0x7f6013b9bf69: cmp dword ptr [rbx+0x3dc], 0xffffffff [OK] 0x7f6013b9bf70: jz 0x7f6013b9bf08 [OK] 0x7f6013b9bf72: mov edx, dword ptr [rbp-0x64] [OK] 0x7f6013b9bf75: cmp r15d, edx [OK] 0x7f6013b9bf78: mov eax, edx [OK] 0x7f6013b9bf08: mov r14d, r11d [OK] 0x7f6013b9bf0b: cmp r14, qword ptr [rbp-0x40] [OK] 0x7f6013b9bf0f: mov r15d, r11d [OK] 0x7f6013b9bf12: mov r9, r14 [OK] 0x7f6013b9bfdc: mov rsp, qword ptr [rbp-0x58] [OK] 0x7f6013b9bfe0: lea rsp, ptr [rbp-0x28] [OK] 0x7f6013b9bfe4: pop rbx [OK] 0x7f6013b9bfe5: pop r12 [OK] 0x7f6013b9bfe7: pop r13 [OK] 0x7f6013b9bfe9: pop r14 [OK] 0x7f6013b9bfeb: pop r15 [OK] 0x7f6013b9bfed: pop rbp [OK] 0x7f6013b9bfee: ret [OK] 0x7f6013b9c276: lea rdi, ptr [rip+0x21268b] [OK] 0x7f6013b9c27d: call qword ptr [rip+0x212c8d] [OK] 0x7f6013b9c283: test ebx, ebx [OK] 0x7f6013b9c285: jz 0x7f6013b9c18d [OK] 0x7f6013b9c28b: sub ebx, 0x1 [OK] 0x7f6013b9c28e: mov r13, r14 [OK] 0x7f6013b9c291: lea r14, ptr [r14+rbx*8+0x8] [OK] 0x7f6013b9c296: nop word ptr [rax+rax*1], ax [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x415c80: cmp byte ptr [rip+0xf63579], 0x0 [OK] 0x415c87: jnz 0x415c9a [OK] 0x415c89: push rbp [OK] 0x415c8a: mov rbp, rsp [OK] 0x415c8d: call 0x415c10 [OK] 0x415c10: mov eax, 0x13791ff [OK] 0x415c15: push rbp [OK] 0x415c16: sub rax, 0x13791f8 [OK] 0x415c1c: cmp rax, 0xe [OK] 0x415c20: mov rbp, rsp [OK] 0x415c23: jnbe 0x415c27 [OK] 0x415c25: pop rbp [OK] 0x415c26: ret [OK] 0x415c92: pop rbp [OK] 0x415c93: mov byte ptr [rip+0xf63566], 0x1 [OK] 0x415c9a: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0xf324e4: sub rsp, 0x8 [OK] 0xf324e8: add rsp, 0x8 [OK] 0xf324ec: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffde44470: cmp byte ptr [rip+0x204e29], 0x0 [OK] 0x7f5ffde44477: jnz 0x7f5ffde444a0 [OK] 0x7f5ffde44479: cmp qword ptr [rip+0x204b6f], 0x0 [OK] 0x7f5ffde44481: push rbp [OK] 0x7f5ffde44482: mov rbp, rsp [OK] 0x7f5ffde44485: jz 0x7f5ffde44493 [OK] 0x7f5ffde44487: mov rdi, qword ptr [rip+0x204d72] [OK] 0x7f5ffde4448e: call 0x7f5ffde44360 [OK] 0x7f5ffde44360: jmp qword ptr [rip+0x204e6a] [OK] 0x7f5ffde44366: push 0x37 [OK] 0x7f5ffde4436b: jmp 0x7f5ffde43fe0 [OK] 0x7f5ffde43fe0: push qword ptr [rip+0x205022] [OK] 0x7f5ffde43fe6: jmp qword ptr [rip+0x205024] [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffde44493: call 0x7f5ffde44400 [OK] 0x7f5ffde44400: lea rax, ptr [rip+0x204e90] [OK] 0x7f5ffde44407: lea rdi, ptr [rip+0x204e82] [OK] 0x7f5ffde4440e: push rbp [OK] 0x7f5ffde4440f: sub rax, rdi [OK] 0x7f5ffde44412: mov rbp, rsp [OK] 0x7f5ffde44415: cmp rax, 0xe [OK] 0x7f5ffde44419: jnbe 0x7f5ffde4441d [OK] 0x7f5ffde4441b: pop rbp [OK] 0x7f5ffde4441c: ret [OK] 0x7f5ffde44498: pop rbp [OK] 0x7f5ffde44499: mov byte ptr [rip+0x204e00], 0x1 [OK] 0x7f5ffde444a0: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffde47174: sub rsp, 0x8 [OK] 0x7f5ffde47178: add rsp, 0x8 [OK] 0x7f5ffde4717c: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffdb99cf0: cmp byte ptr [rip+0x292ac9], 0x0 [OK] 0x7f5ffdb99cf7: jnz 0x7f5ffdb99d20 [OK] 0x7f5ffdb99cf9: cmp qword ptr [rip+0x290de7], 0x0 [OK] 0x7f5ffdb99d01: push rbp [OK] 0x7f5ffdb99d02: mov rbp, rsp [OK] 0x7f5ffdb99d05: jz 0x7f5ffdb99d13 [OK] 0x7f5ffdb99d07: mov rdi, qword ptr [rip+0x2927b2] [OK] 0x7f5ffdb99d0e: call 0x7f5ffdb97ed0 [OK] 0x7f5ffdb97ed0: jmp qword ptr [rip+0x293a5a] [OK] 0x7f5ffdb97ed6: push 0x123 [OK] 0x7f5ffdb97edb: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca64: mov rdx, qword ptr [rbx+0x8] [OK] 0x7f5ffc52ca68: mov rdi, qword ptr [rbx+0x10] [OK] 0x7f5ffc52ca6c: mov eax, 0x4 [OK] 0x7f5ffc52ca71: cmp dword ptr fs:[0x18], 0x0 [OK] 0x7f5ffc52ca7d: cmpxchg qword ptr [rbx], r13 [OK] 0x7f5ffc52ca81: cmp rax, 0x4 [OK] 0x7f5ffc52ca85: jnz 0x7f5ffc52ca56 [OK] 0x7f5ffc52ca87: mov r15, qword ptr [rip+0x35fa52] [OK] 0x7f5ffc52ca8e: xor esi, esi [OK] 0x7f5ffc52ca90: ror rdx, 0x11 [OK] 0x7f5ffc52ca94: xor rdx, qword ptr fs:[0x30] [OK] 0x7f5ffc52ca9d: call rdx [OK] 0x7f5ffdbef670: lea rax, ptr [rip+0x23a3d9] [OK] 0x7f5ffdbef677: mov qword ptr [rdi], rax [OK] 0x7f5ffdbef67a: jmp 0x7f5ffdb98120 [OK] 0x7f5ffdb98120: jmp qword ptr [rip+0x293932] [OK] 0x7f5ffdb98126: push 0x148 [OK] 0x7f5ffdb9812b: jmp 0x7f5ffdb96c90 [OK] 0x7f5ffdbef600: mov rax, qword ptr [rip+0x23b6c9] [OK] 0x7f5ffdbef607: add rax, 0x10 [OK] 0x7f5ffdbef60b: mov qword ptr [rdi], rax [OK] 0x7f5ffdbef60e: ret [OK] 0x7f5ffc52ca9f: cmp r15, qword ptr [rip+0x35fa3a] [OK] 0x7f5ffc52caa6: jnz 0x7f5ffc52ca24 [OK] 0x7f5ffc52caac: sub rbx, 0x20 [OK] 0x7f5ffc52cab0: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca64: mov rdx, qword ptr [rbx+0x8] [OK] 0x7f5ffc52ca68: mov rdi, qword ptr [rbx+0x10] [OK] 0x7f5ffc52ca6c: mov eax, 0x4 [OK] 0x7f5ffc52ca71: cmp dword ptr fs:[0x18], 0x0 [OK] 0x7f5ffc52ca7d: cmpxchg qword ptr [rbx], r13 [OK] 0x7f5ffc52ca81: cmp rax, 0x4 [OK] 0x7f5ffc52ca85: jnz 0x7f5ffc52ca56 [OK] 0x7f5ffc52ca87: mov r15, qword ptr [rip+0x35fa52] [OK] 0x7f5ffc52ca8e: xor esi, esi [OK] 0x7f5ffc52ca90: ror rdx, 0x11 [OK] 0x7f5ffc52ca94: xor rdx, qword ptr fs:[0x30] [OK] 0x7f5ffc52ca9d: call rdx [OK] 0x7f5ffdbef680: lea rax, ptr [rip+0x23a369] [OK] 0x7f5ffdbef687: mov qword ptr [rdi], rax [OK] 0x7f5ffdbef68a: jmp 0x7f5ffdb98120 [OK] 0x7f5ffdb98120: jmp qword ptr [rip+0x293932] [OK] 0x7f5ffdbef600: mov rax, qword ptr [rip+0x23b6c9] [OK] 0x7f5ffdbef607: add rax, 0x10 [OK] 0x7f5ffdbef60b: mov qword ptr [rdi], rax [OK] 0x7f5ffdbef60e: ret [OK] 0x7f5ffc52ca9f: cmp r15, qword ptr [rip+0x35fa3a] [OK] 0x7f5ffc52caa6: jnz 0x7f5ffc52ca24 [OK] 0x7f5ffc52caac: sub rbx, 0x20 [OK] 0x7f5ffc52cab0: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca64: mov rdx, qword ptr [rbx+0x8] [OK] 0x7f5ffc52ca68: mov rdi, qword ptr [rbx+0x10] [OK] 0x7f5ffc52ca6c: mov eax, 0x4 [OK] 0x7f5ffc52ca71: cmp dword ptr fs:[0x18], 0x0 [OK] 0x7f5ffc52ca7d: cmpxchg qword ptr [rbx], r13 [OK] 0x7f5ffc52ca81: cmp rax, 0x4 [OK] 0x7f5ffc52ca85: jnz 0x7f5ffc52ca56 [OK] 0x7f5ffc52ca87: mov r15, qword ptr [rip+0x35fa52] [OK] 0x7f5ffc52ca8e: xor esi, esi [OK] 0x7f5ffc52ca90: ror rdx, 0x11 [OK] 0x7f5ffc52ca94: xor rdx, qword ptr fs:[0x30] [OK] 0x7f5ffc52ca9d: call rdx [OK] 0x7f5ffdbee990: lea rax, ptr [rip+0x23ae19] [OK] 0x7f5ffdbee997: mov qword ptr [rdi], rax [OK] 0x7f5ffdbee99a: jmp 0x7f5ffdb98120 [OK] 0x7f5ffdb98120: jmp qword ptr [rip+0x293932] [OK] 0x7f5ffdbef600: mov rax, qword ptr [rip+0x23b6c9] [OK] 0x7f5ffdbef607: add rax, 0x10 [OK] 0x7f5ffdbef60b: mov qword ptr [rdi], rax [OK] 0x7f5ffdbef60e: ret [OK] 0x7f5ffc52ca9f: cmp r15, qword ptr [rip+0x35fa3a] [OK] 0x7f5ffc52caa6: jnz 0x7f5ffc52ca24 [OK] 0x7f5ffc52caac: sub rbx, 0x20 [OK] 0x7f5ffc52cab0: cmp rbx, r12 [OK] 0x7f5ffc52cab3: jnb 0x7f5ffc52ca5f [OK] 0x7f5ffc52cab5: nop dword ptr [rax], eax [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffdb99d13: call 0x7f5ffdb99c80 [OK] 0x7f5ffdb99c80: lea rax, ptr [rip+0x292b38] [OK] 0x7f5ffdb99c87: lea rdi, ptr [rip+0x292b2a] [OK] 0x7f5ffdb99c8e: push rbp [OK] 0x7f5ffdb99c8f: sub rax, rdi [OK] 0x7f5ffdb99c92: mov rbp, rsp [OK] 0x7f5ffdb99c95: cmp rax, 0xe [OK] 0x7f5ffdb99c99: jnbe 0x7f5ffdb99c9d [OK] 0x7f5ffdb99c9b: pop rbp [OK] 0x7f5ffdb99c9c: ret [OK] 0x7f5ffdb99d18: pop rbp [OK] 0x7f5ffdb99d19: mov byte ptr [rip+0x292aa0], 0x1 [OK] 0x7f5ffdb99d20: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffdbfc794: sub rsp, 0x8 [OK] 0x7f5ffdbfc798: add rsp, 0x8 [OK] 0x7f5ffdbfc79c: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffd842940: cmp byte ptr [rip+0x2fa7c9], 0x0 [OK] 0x7f5ffd842947: jnz 0x7f5ffd842970 [OK] 0x7f5ffd842949: cmp qword ptr [rip+0x2fa69f], 0x0 [OK] 0x7f5ffd842951: push rbp [OK] 0x7f5ffd842952: mov rbp, rsp [OK] 0x7f5ffd842955: jz 0x7f5ffd842963 [OK] 0x7f5ffd842957: mov rdi, qword ptr [rip+0x2fa79a] [OK] 0x7f5ffd84295e: call 0x7f5ffd8425a0 [OK] 0x7f5ffd8425a0: jmp qword ptr [rip+0x2fab42] [OK] 0x7f5ffd8425a6: push 0xc [OK] 0x7f5ffd8425ab: jmp 0x7f5ffd8423f0 [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffd842963: call 0x7f5ffd8428d0 [OK] 0x7f5ffd8428d0: lea rax, ptr [rip+0x2fa840] [OK] 0x7f5ffd8428d7: lea rdi, ptr [rip+0x2fa832] [OK] 0x7f5ffd8428de: push rbp [OK] 0x7f5ffd8428df: sub rax, rdi [OK] 0x7f5ffd8428e2: mov rbp, rsp [OK] 0x7f5ffd8428e5: cmp rax, 0xe [OK] 0x7f5ffd8428e9: jnbe 0x7f5ffd8428ed [OK] 0x7f5ffd8428eb: pop rbp [OK] 0x7f5ffd8428ec: ret [OK] 0x7f5ffd842968: pop rbp [OK] 0x7f5ffd842969: mov byte ptr [rip+0x2fa7a0], 0x1 [OK] 0x7f5ffd842970: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffd8af048: sub rsp, 0x8 [OK] 0x7f5ffd8af04c: add rsp, 0x8 [OK] 0x7f5ffd8af050: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffd631780: lea rax, ptr [rip+0x20aaf1] [OK] 0x7f5ffd631787: mov edi, dword ptr [rax] [OK] 0x7f5ffd631789: jmp 0x7f5ffd6316e0 [OK] 0x7f5ffd6316e0: jmp qword ptr [rip+0x20aa4a] [OK] 0x7f5ffd6316e6: push 0x23 [OK] 0x7f5ffd6316eb: jmp 0x7f5ffd6314a0 [OK] 0x7f5ffe05e670: cmp edi, 0x3ff [OK] 0x7f5ffe05e676: jnbe 0x7f5ffe05e69e [OK] 0x7f5ffe05e678: mov edi, edi [OK] 0x7f5ffe05e67a: lea rdx, ptr [rip+0x208c5f] [OK] 0x7f5ffe05e681: shl rdi, 0x4 [OK] 0x7f5ffe05e685: mov rcx, qword ptr [rdx+rdi*1] [OK] 0x7f5ffe05e689: test cl, 0x1 [OK] 0x7f5ffe05e68c: jz 0x7f5ffe05e69e [OK] 0x7f5ffe05e68e: mov eax, ecx [OK] 0x7f5ffe05e690: add ecx, 0x1 [OK] 0x7f5ffe05e693: lock cmpxchg qword ptr [rdx+rdi*1], rcx [OK] 0x7f5ffe05e699: jnz 0x7f5ffe05e69e [OK] 0x7f5ffe05e69b: xor eax, eax [OK] 0x7f5ffe05e69d: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c300: mov r15d, edx [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffd632700: cmp byte ptr [rip+0x209ad9], 0x0 [OK] 0x7f5ffd632707: jnz 0x7f5ffd632730 [OK] 0x7f5ffd632709: cmp qword ptr [rip+0x2098df], 0x0 [OK] 0x7f5ffd632711: push rbp [OK] 0x7f5ffd632712: mov rbp, rsp [OK] 0x7f5ffd632715: jz 0x7f5ffd632723 [OK] 0x7f5ffd632717: mov rdi, qword ptr [rip+0x209a52] [OK] 0x7f5ffd63271e: call 0x7f5ffd631720 [OK] 0x7f5ffd631720: jmp qword ptr [rip+0x20aa2a] [OK] 0x7f5ffd631726: push 0x27 [OK] 0x7f5ffd63172b: jmp 0x7f5ffd6314a0 [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffd632723: call 0x7f5ffd632690 [OK] 0x7f5ffd632690: lea rax, ptr [rip+0x209b38] [OK] 0x7f5ffd632697: lea rdi, ptr [rip+0x209b2a] [OK] 0x7f5ffd63269e: push rbp [OK] 0x7f5ffd63269f: sub rax, rdi [OK] 0x7f5ffd6326a2: mov rbp, rsp [OK] 0x7f5ffd6326a5: cmp rax, 0xe [OK] 0x7f5ffd6326a9: jnbe 0x7f5ffd6326ad [OK] 0x7f5ffd6326ab: pop rbp [OK] 0x7f5ffd6326ac: ret [OK] 0x7f5ffd632728: pop rbp [OK] 0x7f5ffd632729: mov byte ptr [rip+0x209ab0], 0x1 [OK] 0x7f5ffd632730: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffd6386c0: sub rsp, 0x8 [OK] 0x7f5ffd6386c4: add rsp, 0x8 [OK] 0x7f5ffd6386c8: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffe057a90: cmp byte ptr [rip+0x20f829], 0x0 [OK] 0x7f5ffe057a97: jnz 0x7f5ffe057ac0 [OK] 0x7f5ffe057a99: cmp qword ptr [rip+0x20f54f], 0x0 [OK] 0x7f5ffe057aa1: push rbp [OK] 0x7f5ffe057aa2: mov rbp, rsp [OK] 0x7f5ffe057aa5: jz 0x7f5ffe057ab3 [OK] 0x7f5ffe057aa7: mov rdi, qword ptr [rip+0x20f7c2] [OK] 0x7f5ffe057aae: call 0x7f5ffe056a40 [OK] 0x7f5ffe056a40: jmp qword ptr [rip+0x21081a] [OK] 0x7f5ffe056a46: push 0x49 [OK] 0x7f5ffe056a4b: jmp 0x7f5ffe0565a0 [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffe057ab3: call 0x7f5ffe057a20 [OK] 0x7f5ffe057a20: lea rax, ptr [rip+0x20f8a0] [OK] 0x7f5ffe057a27: lea rdi, ptr [rip+0x20f892] [OK] 0x7f5ffe057a2e: push rbp [OK] 0x7f5ffe057a2f: sub rax, rdi [OK] 0x7f5ffe057a32: mov rbp, rsp [OK] 0x7f5ffe057a35: cmp rax, 0xe [OK] 0x7f5ffe057a39: jnbe 0x7f5ffe057a3d [OK] 0x7f5ffe057a3b: pop rbp [OK] 0x7f5ffe057a3c: ret [OK] 0x7f5ffe057ab8: pop rbp [OK] 0x7f5ffe057ab9: mov byte ptr [rip+0x20f800], 0x1 [OK] 0x7f5ffe057ac0: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffe062b14: sub rsp, 0x8 [OK] 0x7f5ffe062b18: add rsp, 0x8 [OK] 0x7f5ffe062b1c: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c2c6: jz 0x7f6013b9c390 [OK] 0x7f6013b9c2cc: test byte ptr [rip+0x21198d], 0x2 [OK] 0x7f6013b9c2d3: jnz 0x7f6013b9c3a7 [OK] 0x7f6013b9c2d9: test rax, rax [OK] 0x7f6013b9c2dc: jz 0x7f6013b9c313 [OK] 0x7f6013b9c2de: mov r12, qword ptr [rax+0x8] [OK] 0x7f6013b9c2e2: mov rax, qword ptr [rbx+0x120] [OK] 0x7f6013b9c2e9: add r12, qword ptr [rbx] [OK] 0x7f6013b9c2ec: mov rdx, qword ptr [rax+0x8] [OK] 0x7f6013b9c2f0: shr rdx, 0x3 [OK] 0x7f6013b9c2f4: test edx, edx [OK] 0x7f6013b9c2f6: lea r15d, ptr [rdx-0x1] [OK] 0x7f6013b9c303: mov edx, r15d [OK] 0x7f6013b9c306: call qword ptr [r12+rdx*8] [OK] 0x7f5ffd41af50: cmp byte ptr [rip+0x212249], 0x0 [OK] 0x7f5ffd41af57: jnz 0x7f5ffd41af80 [OK] 0x7f5ffd41af59: cmp qword ptr [rip+0x212097], 0x0 [OK] 0x7f5ffd41af61: push rbp [OK] 0x7f5ffd41af62: mov rbp, rsp [OK] 0x7f5ffd41af65: jz 0x7f5ffd41af73 [OK] 0x7f5ffd41af67: mov rdi, qword ptr [rip+0x21220a] [OK] 0x7f5ffd41af6e: call 0x7f5ffd41aa80 [OK] 0x7f5ffd41aa80: jmp qword ptr [rip+0x2126d2] [OK] 0x7f5ffd41aa86: push 0x28 [OK] 0x7f5ffd41aa8b: jmp 0x7f5ffd41a7f0 [OK] 0x7f5ffd41a7f0: push qword ptr [rip+0x212812] [OK] 0x7f5ffd41a7f6: jmp qword ptr [rip+0x212814] [OK] 0x7f5ffc52ca10: push r15 [OK] 0x7f5ffc52ca12: push r14 [OK] 0x7f5ffc52ca14: push r13 [OK] 0x7f5ffc52ca16: xor r13d, r13d [OK] 0x7f5ffc52ca19: push r12 [OK] 0x7f5ffc52ca1b: push rbp [OK] 0x7f5ffc52ca1c: mov rbp, rdi [OK] 0x7f5ffc52ca1f: push rbx [OK] 0x7f5ffc52ca20: sub rsp, 0x8 [OK] 0x7f5ffc52ca24: mov r14, qword ptr [rip+0x35ab9d] [OK] 0x7f5ffc52ca2b: test r14, r14 [OK] 0x7f5ffc52ca2e: jz 0x7f5ffc52cac4 [OK] 0x7f5ffc52ca34: nop dword ptr [rax], eax [OK] 0x7f5ffc52ca38: mov rax, qword ptr [r14+0x8] [OK] 0x7f5ffc52ca3c: lea r12, ptr [r14+0x10] [OK] 0x7f5ffc52ca40: shl rax, 0x5 [OK] 0x7f5ffc52ca44: lea rbx, ptr [r14+rax*1-0x10] [OK] 0x7f5ffc52ca49: cmp rbx, r12 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52ca5d: jb 0x7f5ffc52cab8 [OK] 0x7f5ffc52ca5f: test rbp, rbp [OK] 0x7f5ffc52ca50: cmp qword ptr [rbx+0x18], rbp [OK] 0x7f5ffc52ca54: jz 0x7f5ffc52ca64 [OK] 0x7f5ffc52ca56: sub rbx, 0x20 [OK] 0x7f5ffc52ca5a: cmp rbx, r12 [OK] 0x7f5ffc52cab8: mov r14, qword ptr [r14] [OK] 0x7f5ffc52cabb: test r14, r14 [OK] 0x7f5ffc52cabe: jnz 0x7f5ffc52ca38 [OK] 0x7f5ffc52cac4: mov rcx, qword ptr [rip+0x35ab05] [OK] 0x7f5ffc52cacb: test rcx, rcx [OK] 0x7f5ffc52cace: jz 0x7f5ffc52cb1c [OK] 0x7f5ffc52cad0: mov rax, qword ptr [rcx+0x8] [OK] 0x7f5ffc52cad4: lea rdx, ptr [rcx+0x10] [OK] 0x7f5ffc52cad8: shl rax, 0x5 [OK] 0x7f5ffc52cadc: lea rax, ptr [rcx+rax*1-0x10] [OK] 0x7f5ffc52cae1: cmp rax, rdx [OK] 0x7f5ffc52cae4: jnb 0x7f5ffc52caff [OK] 0x7f5ffc52cae6: jmp 0x7f5ffc52cb14 [OK] 0x7f5ffc52cb14: mov rcx, qword ptr [rcx] [OK] 0x7f5ffc52cb17: test rcx, rcx [OK] 0x7f5ffc52cb1a: jnz 0x7f5ffc52cad0 [OK] 0x7f5ffc52cb1c: test rbp, rbp [OK] 0x7f5ffc52cb1f: jz 0x7f5ffc52cb37 [OK] 0x7f5ffc52cb21: add rsp, 0x8 [OK] 0x7f5ffc52cb25: mov rdi, rbp [OK] 0x7f5ffc52cb28: pop rbx [OK] 0x7f5ffc52cb29: pop rbp [OK] 0x7f5ffc52cb2a: pop r12 [OK] 0x7f5ffc52cb2c: pop r13 [OK] 0x7f5ffc52cb2e: pop r14 [OK] 0x7f5ffc52cb30: pop r15 [OK] 0x7f5ffc52cb32: jmp 0x7f5ffc5e8eb0 [OK] 0x7f5ffc5e8eb0: mov r9, qword ptr [rip+0x2a36e1] [OK] 0x7f5ffc5e8eb7: push rbp [OK] 0x7f5ffc5e8eb8: mov rbp, rsp [OK] 0x7f5ffc5e8ebb: test r9, r9 [OK] 0x7f5ffc5e8ebe: jz 0x7f5ffc5e8ee1 [OK] 0x7f5ffc5e8ec0: cmp qword ptr [r9+0x20], rdi [OK] 0x7f5ffc5e8ec4: mov r10, rdi [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8ed0: cmp qword ptr [rdx+0x20], r10 [OK] 0x7f5ffc5e8ed4: jz 0x7f5ffc5e8ee9 [OK] 0x7f5ffc5e8ed6: mov r9, rdx [OK] 0x7f5ffc5e8ed9: mov rdx, qword ptr [r9] [OK] 0x7f5ffc5e8edc: test rdx, rdx [OK] 0x7f5ffc5e8edf: jnz 0x7f5ffc5e8ed0 [OK] 0x7f5ffc5e8ee1: leave [OK] 0x7f5ffc5e8ee2: ret [OK] 0x7f5ffd41af73: call 0x7f5ffd41aee0 [OK] 0x7f5ffd41aee0: lea rax, ptr [rip+0x2122a8] [OK] 0x7f5ffd41aee7: lea rdi, ptr [rip+0x21229a] [OK] 0x7f5ffd41aeee: push rbp [OK] 0x7f5ffd41aeef: sub rax, rdi [OK] 0x7f5ffd41aef2: mov rbp, rsp [OK] 0x7f5ffd41aef5: cmp rax, 0xe [OK] 0x7f5ffd41aef9: jnbe 0x7f5ffd41aefd [OK] 0x7f5ffd41aefb: pop rbp [OK] 0x7f5ffd41aefc: ret [OK] 0x7f5ffd41af78: pop rbp [OK] 0x7f5ffd41af79: mov byte ptr [rip+0x212220], 0x1 [OK] 0x7f5ffd41af80: ret [OK] 0x7f6013b9c30a: test r15d, r15d [OK] 0x7f6013b9c30d: lea edx, ptr [r15-0x1] [OK] 0x7f6013b9c311: jnz 0x7f6013b9c300 [OK] 0x7f6013b9c313: mov rax, qword ptr [rbx+0xa8] [OK] 0x7f6013b9c31a: test rax, rax [OK] 0x7f6013b9c31d: jz 0x7f6013b9c328 [OK] 0x7f6013b9c31f: mov rax, qword ptr [rax+0x8] [OK] 0x7f6013b9c323: add rax, qword ptr [rbx] [OK] 0x7f6013b9c326: call rax [OK] 0x7f5ffd42a1f8: sub rsp, 0x8 [OK] 0x7f5ffd42a1fc: add rsp, 0x8 [OK] 0x7f5ffd42a200: ret [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c390: cmp qword ptr [rbx+0xa8], 0x0 [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c2a0: mov rbx, qword ptr [r13] [OK] 0x7f6013b9c2a4: movzx eax, byte ptr [rbx+0x314] [OK] 0x7f6013b9c2ab: test al, 0x8 [OK] 0x7f6013b9c2ad: jz 0x7f6013b9c33d [OK] 0x7f6013b9c2b3: and eax, 0xfffffff7 [OK] 0x7f6013b9c2b6: mov byte ptr [rbx+0x314], al [OK] 0x7f6013b9c2bc: mov rax, qword ptr [rbx+0x110] [OK] 0x7f6013b9c2c3: test rax, rax [OK] 0x7f6013b9c390: cmp qword ptr [rbx+0xa8], 0x0 [OK] 0x7f6013b9c328: mov esi, dword ptr [rbp-0x34] [OK] 0x7f6013b9c32b: test esi, esi [OK] 0x7f6013b9c32d: jnz 0x7f6013b9c33d [OK] 0x7f6013b9c32f: mov ecx, dword ptr [rip+0x211a4b] [OK] 0x7f6013b9c335: test ecx, ecx [OK] 0x7f6013b9c337: jnz 0x7f6013b9c4ce [OK] 0x7f6013b9c33d: add r13, 0x8 [OK] 0x7f6013b9c341: sub dword ptr [rbx+0x310], 0x1 [OK] 0x7f6013b9c348: cmp r13, r14 [OK] 0x7f6013b9c34b: jnz 0x7f6013b9c2a0 [OK] 0x7f6013b9c351: sub qword ptr [rbp-0x40], 0x90 [OK] 0x7f6013b9c359: sub qword ptr [rbp-0x48], 0x1 [OK] 0x7f6013b9c35e: jns 0x7f6013b9c1a0 [OK] 0x7f6013b9c364: mov edx, dword ptr [rbp-0x34] [OK] 0x7f6013b9c367: test edx, edx [OK] 0x7f6013b9c369: jnz 0x7f6013b9c43a [OK] 0x7f6013b9c36f: mov eax, dword ptr [rip+0x211a0b] [OK] 0x7f6013b9c375: test eax, eax [OK] 0x7f6013b9c43a: test byte ptr [rip+0x21181f], 0x80 [OK] 0x7f6013b9c441: jnz 0x7f6013b9c510 [OK] 0x7f6013b9c447: lea rsp, ptr [rbp-0x28] [OK] 0x7f6013b9c44b: pop rbx [OK] 0x7f6013b9c44c: pop r12 [OK] 0x7f6013b9c44e: pop r13 [OK] 0x7f6013b9c450: pop r14 [OK] 0x7f6013b9c452: pop r15 [OK] 0x7f6013b9c454: pop rbp [OK] 0x7f6013b9c455: ret [OK] 0x7f5ffc52c749: jmp 0x7f5ffc52c690 [OK] 0x7f5ffc52c690: mov rax, qword ptr [r13+0x8] [OK] 0x7f5ffc52c694: mov rdx, rax [OK] 0x7f5ffc52c697: shl rdx, 0x5 [OK] 0x7f5ffc52c69b: test rax, rax [OK] 0x7f5ffc52c69e: lea rcx, ptr [r13+rdx*1-0x10] [OK] 0x7f5ffc52c6a3: jz 0x7f5ffc52c6cf [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c6be: jz 0x7f5ffc52c730 [OK] 0x7f5ffc52c6c0: cmp r8, 0x2 [OK] 0x7f5ffc52c6c4: jz 0x7f5ffc52c710 [OK] 0x7f5ffc52c6c6: sub rcx, 0x20 [OK] 0x7f5ffc52c6ca: test rax, rax [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c6be: jz 0x7f5ffc52c730 [OK] 0x7f5ffc52c6c0: cmp r8, 0x2 [OK] 0x7f5ffc52c6c4: jz 0x7f5ffc52c710 [OK] 0x7f5ffc52c6c6: sub rcx, 0x20 [OK] 0x7f5ffc52c6ca: test rax, rax [OK] 0x7f5ffc52c6a5: sub rax, 0x1 [OK] 0x7f5ffc52c6a9: mov qword ptr [r13+0x8], rax [OK] 0x7f5ffc52c6ad: mov r8, qword ptr [rcx] [OK] 0x7f5ffc52c6b0: cmp r8, 0x3 [OK] 0x7f5ffc52c6b4: jz 0x7f5ffc52c750 [OK] 0x7f5ffc52c6ba: cmp r8, 0x4 [OK] 0x7f5ffc52c6be: jz 0x7f5ffc52c730 [OK] 0x7f5ffc52c6c0: cmp r8, 0x2 [OK] 0x7f5ffc52c6c4: jz 0x7f5ffc52c710 [OK] 0x7f5ffc52c6c6: sub rcx, 0x20 [OK] 0x7f5ffc52c6ca: test rax, rax [OK] 0x7f5ffc52c6cd: jnz 0x7f5ffc52c6a5 [OK] 0x7f5ffc52c6cf: mov rax, qword ptr [r13] [OK] 0x7f5ffc52c6d3: test rax, rax [OK] 0x7f5ffc52c6d6: mov qword ptr [rbp], rax [OK] 0x7f5ffc52c6da: jnz 0x7f5ffc52c768 [OK] 0x7f5ffc52c6e0: test r12b, r12b [OK] 0x7f5ffc52c6e3: jz 0x7f5ffc52c704 [OK] 0x7f5ffc52c6e5: lea rbp, ptr [rip+0x35716c] [OK] 0x7f5ffc52c6ec: lea r12, ptr [rip+0x35716d] [OK] 0x7f5ffc52c6f3: cmp rbp, r12 [OK] 0x7f5ffc52c6f6: jnb 0x7f5ffc52c704 [OK] 0x7f5ffc52c6f8: call qword ptr [rbp] [OK] 0x7f5ffc56b780: push r13 [OK] 0x7f5ffc56b782: xor edi, edi [OK] 0x7f5ffc56b784: push r12 [OK] 0x7f5ffc56b786: push rbp [OK] 0x7f5ffc56b787: mov rbp, qword ptr fs:[0x10] [OK] 0x7f5ffc56b790: push rbx [OK] 0x7f5ffc56b791: sub rsp, 0x8 [OK] 0x7f5ffc56b795: call 0x7f5ffc56b4a0 [OK] 0x7f5ffc56b4a0: push r15 [OK] 0x7f5ffc56b4a2: push r14 [OK] 0x7f5ffc56b4a4: push r13 [OK] 0x7f5ffc56b4a6: xor r13d, r13d [OK] 0x7f5ffc56b4a9: push r12 [OK] 0x7f5ffc56b4ab: push rbp [OK] 0x7f5ffc56b4ac: mov ebp, edi [OK] 0x7f5ffc56b4ae: push rbx [OK] 0x7f5ffc56b4af: sub rsp, 0x28 [OK] 0x7f5ffc56b4b3: test edi, edi [OK] 0x7f5ffc56b53e: mov rbx, qword ptr [rip+0x31cb1b] [OK] 0x7f5ffc56b545: xor r15d, r15d [OK] 0x7f5ffc56b548: mov r14d, dword ptr [rip+0x31e249] [OK] 0x7f5ffc56b54f: test rbx, rbx [OK] 0x7f5ffc56b552: jz 0x7f5ffc56b6a7 [OK] 0x7f5ffc56b558: mov r12, qword ptr fs:[0x10] [OK] 0x7f5ffc56b561: jmp 0x7f5ffc56b57b [OK] 0x7f5ffc56b57b: test ebp, ebp [OK] 0x7f5ffc56b57d: mov qword ptr [rip+0x31e20c], rbx [OK] 0x7f5ffc56b5e3: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc56b5e9: test eax, eax [OK] 0x7f5ffc56b6f0: mov rax, qword ptr [rbx+0x20] [OK] 0x7f5ffc56b6f4: cmp qword ptr [rbx+0x28], rax [OK] 0x7f5ffc56b6f8: jnbe 0x7f5ffc56b602 [OK] 0x7f5ffc56b6fe: jmp 0x7f5ffc56b620 [OK] 0x7f5ffc56b620: test ebp, ebp [OK] 0x7f5ffc56b680: mov edx, dword ptr [rip+0x31e112] [OK] 0x7f5ffc56b686: mov qword ptr [rip+0x31e0ff], 0x0 [OK] 0x7f5ffc56b691: cmp r14d, edx [OK] 0x7f5ffc56b694: jnz 0x7f5ffc56b568 [OK] 0x7f5ffc56b69a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b69e: test rbx, rbx [OK] 0x7f5ffc56b57b: test ebp, ebp [OK] 0x7f5ffc56b57d: mov qword ptr [rip+0x31e20c], rbx [OK] 0x7f5ffc56b5e3: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc56b5e9: test eax, eax [OK] 0x7f5ffc56b6f0: mov rax, qword ptr [rbx+0x20] [OK] 0x7f5ffc56b6f4: cmp qword ptr [rbx+0x28], rax [OK] 0x7f5ffc56b6f8: jnbe 0x7f5ffc56b602 [OK] 0x7f5ffc56b6fe: jmp 0x7f5ffc56b620 [OK] 0x7f5ffc56b620: test ebp, ebp [OK] 0x7f5ffc56b680: mov edx, dword ptr [rip+0x31e112] [OK] 0x7f5ffc56b686: mov qword ptr [rip+0x31e0ff], 0x0 [OK] 0x7f5ffc56b691: cmp r14d, edx [OK] 0x7f5ffc56b694: jnz 0x7f5ffc56b568 [OK] 0x7f5ffc56b69a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b69e: test rbx, rbx [OK] 0x7f5ffc56b57b: test ebp, ebp [OK] 0x7f5ffc56b57d: mov qword ptr [rip+0x31e20c], rbx [OK] 0x7f5ffc56b5e3: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc56b5e9: test eax, eax [OK] 0x7f5ffc56b6f0: mov rax, qword ptr [rbx+0x20] [OK] 0x7f5ffc56b6f4: cmp qword ptr [rbx+0x28], rax [OK] 0x7f5ffc56b6f8: jnbe 0x7f5ffc56b602 [OK] 0x7f5ffc56b6fe: jmp 0x7f5ffc56b620 [OK] 0x7f5ffc56b620: test ebp, ebp [OK] 0x7f5ffc56b680: mov edx, dword ptr [rip+0x31e112] [OK] 0x7f5ffc56b686: mov qword ptr [rip+0x31e0ff], 0x0 [OK] 0x7f5ffc56b691: cmp r14d, edx [OK] 0x7f5ffc56b694: jnz 0x7f5ffc56b568 [OK] 0x7f5ffc56b69a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b69e: test rbx, rbx [OK] 0x7f5ffc56b6a1: jnz 0x7f5ffc56b57b [OK] 0x7f5ffc56b6a7: test ebp, ebp [OK] 0x7f5ffc56b6b4: test r13d, r13d [OK] 0x7f5ffc56b6d4: add rsp, 0x28 [OK] 0x7f5ffc56b6d8: mov eax, r15d [OK] 0x7f5ffc56b6db: pop rbx [OK] 0x7f5ffc56b6dc: pop rbp [OK] 0x7f5ffc56b6dd: pop r12 [OK] 0x7f5ffc56b6df: pop r13 [OK] 0x7f5ffc56b6e1: pop r14 [OK] 0x7f5ffc56b6e3: pop r15 [OK] 0x7f5ffc56b6e5: ret [OK] 0x7f5ffc56b79a: mov rbx, qword ptr [rip+0x31c8bf] [OK] 0x7f5ffc56b7a1: mov r12d, eax [OK] 0x7f5ffc56b7a4: test rbx, rbx [OK] 0x7f5ffc56b7a7: jz 0x7f5ffc56b867 [OK] 0x7f5ffc56b7ad: nop dword ptr [rax], eax [OK] 0x7f5ffc56b7b0: mov edx, dword ptr [rbx] [OK] 0x7f5ffc56b7b2: test dl, 0x2 [OK] 0x7f5ffc56b850: mov dword ptr [rbx+0xc0], 0xffffffff [OK] 0x7f5ffc56b85a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b85e: test rbx, rbx [OK] 0x7f5ffc56b7b0: mov edx, dword ptr [rbx] [OK] 0x7f5ffc56b7b2: test dl, 0x2 [OK] 0x7f5ffc56b7b5: jnz 0x7f5ffc56b850 [OK] 0x7f5ffc56b7bb: and edx, 0x1008 [OK] 0x7f5ffc56b7c1: cmp edx, 0x8 [OK] 0x7f5ffc56b7c4: jz 0x7f5ffc56b850 [OK] 0x7f5ffc56b7ca: mov eax, dword ptr [rbx+0xc0] [OK] 0x7f5ffc56b7d0: test eax, eax [OK] 0x7f5ffc56b850: mov dword ptr [rbx+0xc0], 0xffffffff [OK] 0x7f5ffc56b85a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b85e: test rbx, rbx [OK] 0x7f5ffc56b7b0: mov edx, dword ptr [rbx] [OK] 0x7f5ffc56b7b2: test dl, 0x2 [OK] 0x7f5ffc56b7b5: jnz 0x7f5ffc56b850 [OK] 0x7f5ffc56b7bb: and edx, 0x1008 [OK] 0x7f5ffc56b7c1: cmp edx, 0x8 [OK] 0x7f5ffc56b850: mov dword ptr [rbx+0xc0], 0xffffffff [OK] 0x7f5ffc56b85a: mov rbx, qword ptr [rbx+0x68] [OK] 0x7f5ffc56b85e: test rbx, rbx [OK] 0x7f5ffc56b861: jnz 0x7f5ffc56b7b0 [OK] 0x7f5ffc56b867: add rsp, 0x8 [OK] 0x7f5ffc56b86b: mov eax, r12d [OK] 0x7f5ffc56b86e: pop rbx [OK] 0x7f5ffc56b86f: pop rbp [OK] 0x7f5ffc56b870: pop r12 [OK] 0x7f5ffc56b872: pop r13 [OK] 0x7f5ffc56b874: ret [OK] 0x7f5ffc52c6fb: add rbp, 0x8 [OK] 0x7f5ffc52c6ff: cmp rbp, r12 [OK] 0x7f5ffc52c702: jb 0x7f5ffc52c6f8 [OK] 0x7f5ffc52c704: mov edi, ebx [OK] 0x7f5ffc52c706: call 0x7f5ffc5ae7a0 [OK] 0x7f5ffc5ae7a0: movsxd rdx, edi [OK] 0x7f5ffc5ae7a3: mov r10, qword ptr [rip+0x2d86be] [OK] 0x7f5ffc5ae7aa: mov r9d, 0xe7 [OK] 0x7f5ffc5ae7b0: mov r8d, 0x3c [OK] 0x7f5ffc5ae7b6: jmp 0x7f5ffc5ae7d1 [OK] 0x7f5ffc5ae7d1: mov rdi, rdx [OK] 0x7f5ffc5ae7d4: mov eax, r9d