flowchart LR
KeQuerySpeculationControlInformation-0-old<--Match 72%-->KeQuerySpeculationControlInformation-0-new
SC_GPTWritePartitionTable-3-old<--Match 88%-->SC_GPTWritePartitionTable-3-new
CmRenameKey-0-old<--Match 80%-->CmRenameKey-0-new
KiDetectHardwareSpecControlFeatures-0-old<--Match 92%-->KiDetectHardwareSpecControlFeatures-0-new
HalpMiscGetParameters-0-old<--Match 43%-->HalpMiscGetParameters-0-new
subgraph ntoskrnl.exe.x64.10.0.22621.1413
KeQuerySpeculationControlInformation-0-new
SC_GPTWritePartitionTable-3-new
CmRenameKey-0-new
KiDetectHardwareSpecControlFeatures-0-new
HalpMiscGetParameters-0-new
subgraph Added
direction LR
Feature_MSRC76458_DisableTransactedRename__private_IsEnabled
end
end
subgraph ntoskrnl.exe.x64.10.0.22621.1344
KeQuerySpeculationControlInformation-0-old
SC_GPTWritePartitionTable-3-old
CmRenameKey-0-old
KiDetectHardwareSpecControlFeatures-0-old
HalpMiscGetParameters-0-old
subgraph Deleted
direction LR
HalpProcIsSmtDisabled
end
end
pie showData
title Function Matches - 99.9967%
"unmatched_funcs_len" : 2
"matched_funcs_len" : 60698
pie showData
title Matched Function Similarity - 99.9819%
"matched_funcs_with_code_changes_len" : 5
"matched_funcs_with_non_code_changes_len" : 6
"matched_funcs_no_changes_len" : 60687
ghidriff --project-location ghidra_projects --project-name ghidriff --symbols-path symbols --threaded --log-level INFO --file-log-level INFO --log-path ghidriff.log --max-ram-percent 60.0 --max-section-funcs 200 ntoskrnl.exe.x64.10.0.22621.1344 ntoskrnl.exe.x64.10.0.22621.1413
--old ['ntoskrnl.exe.x64.10.0.22621.1344'] --new [['ntoskrnl.exe.x64.10.0.22621.1413']] --engine VersionTrackingDiff --output-path ghidriffs --summary False --project-location ghidra_projects --project-name ghidriff --symbols-path symbols --threaded True --force-analysis False --force-diff False --no-symbols False --log-level INFO --file-log-level INFO --log-path ghidriff.log --va False --max-ram-percent 60.0 --print-flags False --jvm-args None --side-by-side False --max-section-funcs 200 --md-title None
wget https://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/F7E31BA91047000/ntkrnlmp.exe -O ntkrnlmp.exe.x64.10.0.22621.1344
wget https://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/17B6B7221047000/ntkrnlmp.exe -O ntkrnlmp.exe.x64.10.0.22621.1413
--- ntoskrnl.exe.x64.10.0.22621.1344 Meta
+++ ntoskrnl.exe.x64.10.0.22621.1413 Meta
@@ -1,44 +1,44 @@
-Program Name: ntoskrnl.exe.x64.10.0.22621.1344
+Program Name: ntoskrnl.exe.x64.10.0.22621.1413
Language ID: x86:LE:64:default (2.14)
Compiler ID: windows
Processor: x86
Endian: Little
Address Size: 64
Minimum Address: 140000000
Maximum Address: ff0000184f
# of Bytes: 17064868
# of Memory Blocks: 42
-# of Instructions: 2416711
-# of Defined Data: 75956
+# of Instructions: 2416732
+# of Defined Data: 75962
# of Functions: 30350
-# of Symbols: 246381
+# of Symbols: 246384
# of Data Types: 7126
# of Data Type Categories: 580
Analyzed: true
Compiler: visualstudio:unknown
Created With Ghidra Version: 10.4
-Date Created: Fri Dec 08 19:38:26 UTC 2023
+Date Created: Fri Dec 08 19:38:30 UTC 2023
Executable Format: Portable Executable (PE)
-Executable Location: /workspaces/ghidriff/ntoskrnl.exe.x64.10.0.22621.1344
-Executable MD5: 1984a75b49db81a4133679eca2badc11
-Executable SHA256: 1b30d5f89790f8ee0d80d2ed29d1177dd3f58042a89e9efee9be17a4660c7d58
-FSRL: file:///workspaces/ghidriff/ntoskrnl.exe.x64.10.0.22621.1344?MD5=1984a75b49db81a4133679eca2badc11
+Executable Location: /workspaces/ghidriff/ntoskrnl.exe.x64.10.0.22621.1413
+Executable MD5: d36bbf54a97597dad12dc13590601783
+Executable SHA256: 140ae8fda7efff8039514b89f571e6ae27e2c634881e3d3e1dc4b4e37ddbd6c8
+FSRL: file:///workspaces/ghidriff/ntoskrnl.exe.x64.10.0.22621.1413?MD5=d36bbf54a97597dad12dc13590601783
PDB Age: 1
PDB File: ntkrnlmp.pdb
-PDB GUID: fb0913af-0585-f234-bd64-a64a87c62db1
+PDB GUID: 797e613d-b16d-b6c0-e577-95a0cb03f471
PDB Loaded: true
PDB Version: RSDS
PE Property[CompanyName]: Microsoft Corporation
PE Property[FileDescription]: NT Kernel & System
-PE Property[FileVersion]: 10.0.22621.1344 (WinBuild.160101.0800)
+PE Property[FileVersion]: 10.0.22621.1413 (WinBuild.160101.0800)
PE Property[InternalName]: ntkrnlmp.exe
PE Property[LegalCopyright]: © Microsoft Corporation. All rights reserved.
PE Property[OriginalFilename]: ntkrnlmp.exe
PE Property[ProductName]: Microsoft® Windows® Operating System
-PE Property[ProductVersion]: 10.0.22621.1344
+PE Property[ProductVersion]: 10.0.22621.1413
PE Property[Translation]: 4b00409
Preferred Root Namespace Category:
RTTI Found: false
Relocatable: true
SectionAlignment: 4096
Should Ask To Analyze: false
Ghidra ntoskrnl.exe.x64.10.0.22621.1344 Decompiler Options
| Decompiler Option | Value |
|---|---|
| Prototype Evaluation | __fastcall |
Ghidra ntoskrnl.exe.x64.10.0.22621.1344 Specification extensions Options
| Specification extensions Option | Value |
|---|---|
| FormatVersion | 0 |
| VersionCounter | 0 |
Ghidra ntoskrnl.exe.x64.10.0.22621.1344 Analyzers Options
| Analyzers Option | Value |
|---|---|
| ASCII Strings | true |
| ASCII Strings.Create Strings Containing Existing Strings | true |
| ASCII Strings.Create Strings Containing References | true |
| ASCII Strings.Force Model Reload | false |
| ASCII Strings.Minimum String Length | LEN_5 |
| ASCII Strings.Model File | StringModel.sng |
| ASCII Strings.Require Null Termination for String | true |
| ASCII Strings.Search Only in Accessible Memory Blocks | true |
| ASCII Strings.String Start Alignment | ALIGN_1 |
| ASCII Strings.String end alignment | 4 |
| Aggressive Instruction Finder | false |
| Aggressive Instruction Finder.Create Analysis Bookmarks | true |
| Apply Data Archives | true |
| Apply Data Archives.Archive Chooser | [Auto-Detect] |
| Apply Data Archives.Create Analysis Bookmarks | true |
| Apply Data Archives.GDT User File Archive Path | None |
| Apply Data Archives.User Project Archive Path | None |
| Call Convention ID | true |
| Call Convention ID.Analysis Decompiler Timeout (sec) | 60 |
| Call-Fixup Installer | true |
| Condense Filler Bytes | false |
| Condense Filler Bytes.Filler Value | Auto |
| Condense Filler Bytes.Minimum number of sequential bytes | 1 |
| Create Address Tables | true |
| Create Address Tables.Allow Offcut References | false |
| Create Address Tables.Auto Label Table | false |
| Create Address Tables.Create Analysis Bookmarks | true |
| Create Address Tables.Maxmimum Pointer Distance | 16777215 |
| Create Address Tables.Minimum Pointer Address | 4132 |
| Create Address Tables.Minimum Table Size | 2 |
| Create Address Tables.Pointer Alignment | 1 |
| Create Address Tables.Relocation Table Guide | true |
| Create Address Tables.Table Alignment | 4 |
| Data Reference | true |
| Data Reference.Address Table Alignment | 1 |
| Data Reference.Address Table Minimum Size | 2 |
| Data Reference.Align End of Strings | false |
| Data Reference.Ascii String References | true |
| Data Reference.Create Address Tables | true |
| Data Reference.Minimum String Length | 5 |
| Data Reference.References to Pointers | true |
| Data Reference.Relocation Table Guide | true |
| Data Reference.Respect Execute Flag | true |
| Data Reference.Subroutine References | true |
| Data Reference.Switch Table References | false |
| Data Reference.Unicode String References | true |
| Decompiler Parameter ID | false |
| Decompiler Parameter ID.Analysis Clear Level | ANALYSIS |
| Decompiler Parameter ID.Analysis Decompiler Timeout (sec) | 60 |
| Decompiler Parameter ID.Commit Data Types | true |
| Decompiler Parameter ID.Commit Void Return Values | false |
| Decompiler Parameter ID.Prototype Evaluation | __fastcall |
| Decompiler Switch Analysis | true |
| Decompiler Switch Analysis.Analysis Decompiler Timeout (sec) | 60 |
| Demangler Microsoft | true |
| Demangler Microsoft.Apply Function Calling Conventions | true |
| Demangler Microsoft.Apply Function Signatures | true |
| Disassemble Entry Points | true |
| Disassemble Entry Points.Respect Execute Flag | true |
| Embedded Media | true |
| Embedded Media.Create Analysis Bookmarks | true |
| External Entry References | true |
| Function ID | true |
| Function ID.Always Apply FID Labels | false |
| Function ID.Create Analysis Bookmarks | true |
| Function ID.Instruction Count Threshold | 14.6 |
| Function ID.Multiple Match Threshold | 30.0 |
| Function Start Search | true |
| Function Start Search.Bookmark Functions | false |
| Function Start Search.Search Data Blocks | false |
| Non-Returning Functions - Discovered | true |
| Non-Returning Functions - Discovered.Create Analysis Bookmarks | true |
| Non-Returning Functions - Discovered.Function Non-return Threshold | 3 |
| Non-Returning Functions - Discovered.Repair Flow Damage | true |
| Non-Returning Functions - Known | true |
| Non-Returning Functions - Known.Create Analysis Bookmarks | true |
| PDB MSDIA | false |
| PDB MSDIA.Search remote symbol servers | false |
| PDB Universal | true |
| PDB Universal.Search remote symbol servers | false |
| Reference | true |
| Reference.Address Table Alignment | 1 |
| Reference.Address Table Minimum Size | 2 |
| Reference.Align End of Strings | false |
| Reference.Ascii String References | true |
| Reference.Create Address Tables | true |
| Reference.Minimum String Length | 5 |
| Reference.References to Pointers | true |
| Reference.Relocation Table Guide | true |
| Reference.Respect Execute Flag | true |
| Reference.Subroutine References | true |
| Reference.Switch Table References | false |
| Reference.Unicode String References | true |
| Scalar Operand References | true |
| Scalar Operand References.Relocation Table Guide | true |
| Shared Return Calls | true |
| Shared Return Calls.Allow Conditional Jumps | false |
| Shared Return Calls.Assume Contiguous Functions Only | false |
| Stack | true |
| Stack.Create Local Variables | true |
| Stack.Create Param Variables | true |
| Stack.useNewFunctionStackAnalysis | true |
| Subroutine References | true |
| Subroutine References.Create Thunks Early | true |
| Variadic Function Signature Override | false |
| Variadic Function Signature Override.Create Analysis Bookmarks | false |
| Windows x86 PE Exception Handling | true |
| Windows x86 PE RTTI Analyzer | true |
| Windows x86 Thread Environment Block (TEB) Analyzer | true |
| Windows x86 Thread Environment Block (TEB) Analyzer.Starting Address of the TEB | |
| Windows x86 Thread Environment Block (TEB) Analyzer.Windows OS Version | Windows 7 |
| WindowsPE x86 Propagate External Parameters | false |
| WindowsResourceReference | true |
| WindowsResourceReference.Create Analysis Bookmarks | true |
| x86 Constant Reference Analyzer | true |
| x86 Constant Reference Analyzer.Create Data from pointer | false |
| x86 Constant Reference Analyzer.Function parameter/return Pointer analysis | true |
| x86 Constant Reference Analyzer.Max Threads | 2 |
| x86 Constant Reference Analyzer.Min absolute reference | 4 |
| x86 Constant Reference Analyzer.Require pointer param data type | false |
| x86 Constant Reference Analyzer.Speculative reference max | 512 |
| x86 Constant Reference Analyzer.Speculative reference min | 1024 |
| x86 Constant Reference Analyzer.Stored Value Pointer analysis | true |
| x86 Constant Reference Analyzer.Trust values read from writable memory | true |
Ghidra ntoskrnl.exe.x64.10.0.22621.1413 Decompiler Options
| Decompiler Option | Value |
|---|---|
| Prototype Evaluation | __fastcall |
Ghidra ntoskrnl.exe.x64.10.0.22621.1413 Specification extensions Options
| Specification extensions Option | Value |
|---|---|
| FormatVersion | 0 |
| VersionCounter | 0 |
Ghidra ntoskrnl.exe.x64.10.0.22621.1413 Analyzers Options
| Analyzers Option | Value |
|---|---|
| ASCII Strings | true |
| ASCII Strings.Create Strings Containing Existing Strings | true |
| ASCII Strings.Create Strings Containing References | true |
| ASCII Strings.Force Model Reload | false |
| ASCII Strings.Minimum String Length | LEN_5 |
| ASCII Strings.Model File | StringModel.sng |
| ASCII Strings.Require Null Termination for String | true |
| ASCII Strings.Search Only in Accessible Memory Blocks | true |
| ASCII Strings.String Start Alignment | ALIGN_1 |
| ASCII Strings.String end alignment | 4 |
| Aggressive Instruction Finder | false |
| Aggressive Instruction Finder.Create Analysis Bookmarks | true |
| Apply Data Archives | true |
| Apply Data Archives.Archive Chooser | [Auto-Detect] |
| Apply Data Archives.Create Analysis Bookmarks | true |
| Apply Data Archives.GDT User File Archive Path | None |
| Apply Data Archives.User Project Archive Path | None |
| Call Convention ID | true |
| Call Convention ID.Analysis Decompiler Timeout (sec) | 60 |
| Call-Fixup Installer | true |
| Condense Filler Bytes | false |
| Condense Filler Bytes.Filler Value | Auto |
| Condense Filler Bytes.Minimum number of sequential bytes | 1 |
| Create Address Tables | true |
| Create Address Tables.Allow Offcut References | false |
| Create Address Tables.Auto Label Table | false |
| Create Address Tables.Create Analysis Bookmarks | true |
| Create Address Tables.Maxmimum Pointer Distance | 16777215 |
| Create Address Tables.Minimum Pointer Address | 4132 |
| Create Address Tables.Minimum Table Size | 2 |
| Create Address Tables.Pointer Alignment | 1 |
| Create Address Tables.Relocation Table Guide | true |
| Create Address Tables.Table Alignment | 4 |
| Data Reference | true |
| Data Reference.Address Table Alignment | 1 |
| Data Reference.Address Table Minimum Size | 2 |
| Data Reference.Align End of Strings | false |
| Data Reference.Ascii String References | true |
| Data Reference.Create Address Tables | true |
| Data Reference.Minimum String Length | 5 |
| Data Reference.References to Pointers | true |
| Data Reference.Relocation Table Guide | true |
| Data Reference.Respect Execute Flag | true |
| Data Reference.Subroutine References | true |
| Data Reference.Switch Table References | false |
| Data Reference.Unicode String References | true |
| Decompiler Parameter ID | false |
| Decompiler Parameter ID.Analysis Clear Level | ANALYSIS |
| Decompiler Parameter ID.Analysis Decompiler Timeout (sec) | 60 |
| Decompiler Parameter ID.Commit Data Types | true |
| Decompiler Parameter ID.Commit Void Return Values | false |
| Decompiler Parameter ID.Prototype Evaluation | __fastcall |
| Decompiler Switch Analysis | true |
| Decompiler Switch Analysis.Analysis Decompiler Timeout (sec) | 60 |
| Demangler Microsoft | true |
| Demangler Microsoft.Apply Function Calling Conventions | true |
| Demangler Microsoft.Apply Function Signatures | true |
| Disassemble Entry Points | true |
| Disassemble Entry Points.Respect Execute Flag | true |
| Embedded Media | true |
| Embedded Media.Create Analysis Bookmarks | true |
| External Entry References | true |
| Function ID | true |
| Function ID.Always Apply FID Labels | false |
| Function ID.Create Analysis Bookmarks | true |
| Function ID.Instruction Count Threshold | 14.6 |
| Function ID.Multiple Match Threshold | 30.0 |
| Function Start Search | true |
| Function Start Search.Bookmark Functions | false |
| Function Start Search.Search Data Blocks | false |
| Non-Returning Functions - Discovered | true |
| Non-Returning Functions - Discovered.Create Analysis Bookmarks | true |
| Non-Returning Functions - Discovered.Function Non-return Threshold | 3 |
| Non-Returning Functions - Discovered.Repair Flow Damage | true |
| Non-Returning Functions - Known | true |
| Non-Returning Functions - Known.Create Analysis Bookmarks | true |
| PDB MSDIA | false |
| PDB MSDIA.Search remote symbol servers | false |
| PDB Universal | true |
| PDB Universal.Search remote symbol servers | false |
| Reference | true |
| Reference.Address Table Alignment | 1 |
| Reference.Address Table Minimum Size | 2 |
| Reference.Align End of Strings | false |
| Reference.Ascii String References | true |
| Reference.Create Address Tables | true |
| Reference.Minimum String Length | 5 |
| Reference.References to Pointers | true |
| Reference.Relocation Table Guide | true |
| Reference.Respect Execute Flag | true |
| Reference.Subroutine References | true |
| Reference.Switch Table References | false |
| Reference.Unicode String References | true |
| Scalar Operand References | true |
| Scalar Operand References.Relocation Table Guide | true |
| Shared Return Calls | true |
| Shared Return Calls.Allow Conditional Jumps | false |
| Shared Return Calls.Assume Contiguous Functions Only | false |
| Stack | true |
| Stack.Create Local Variables | true |
| Stack.Create Param Variables | true |
| Stack.useNewFunctionStackAnalysis | true |
| Subroutine References | true |
| Subroutine References.Create Thunks Early | true |
| Variadic Function Signature Override | false |
| Variadic Function Signature Override.Create Analysis Bookmarks | false |
| Windows x86 PE Exception Handling | true |
| Windows x86 PE RTTI Analyzer | true |
| Windows x86 Thread Environment Block (TEB) Analyzer | true |
| Windows x86 Thread Environment Block (TEB) Analyzer.Starting Address of the TEB | |
| Windows x86 Thread Environment Block (TEB) Analyzer.Windows OS Version | Windows 7 |
| WindowsPE x86 Propagate External Parameters | false |
| WindowsResourceReference | true |
| WindowsResourceReference.Create Analysis Bookmarks | true |
| x86 Constant Reference Analyzer | true |
| x86 Constant Reference Analyzer.Create Data from pointer | false |
| x86 Constant Reference Analyzer.Function parameter/return Pointer analysis | true |
| x86 Constant Reference Analyzer.Max Threads | 2 |
| x86 Constant Reference Analyzer.Min absolute reference | 4 |
| x86 Constant Reference Analyzer.Require pointer param data type | false |
| x86 Constant Reference Analyzer.Speculative reference max | 512 |
| x86 Constant Reference Analyzer.Speculative reference min | 1024 |
| x86 Constant Reference Analyzer.Stored Value Pointer analysis | true |
| x86 Constant Reference Analyzer.Trust values read from writable memory | true |
| Stat | Value |
|---|---|
| added_funcs_len | 1 |
| deleted_funcs_len | 1 |
| modified_funcs_len | 11 |
| added_symbols_len | 12 |
| deleted_symbols_len | 8 |
| diff_time | 45.660157203674316 |
| deleted_strings_len | 1 |
| added_strings_len | 0 |
| match_types | Counter({'SymbolsHash': 27911, 'StructuralGraphHash': 693, 'ExactInstructionsFunctionHasher': 123, 'ExactBytesFunctionHasher': 100, 'BulkInstructionHash': 2}) |
| items_to_process | 33 |
| diff_types | Counter({'refcount': 7, 'calling': 6, 'address': 6, 'code': 5, 'length': 5, 'called': 3}) |
| unmatched_funcs_len | 2 |
| total_funcs_len | 60700 |
| matched_funcs_len | 60698 |
| matched_funcs_with_code_changes_len | 5 |
| matched_funcs_with_non_code_changes_len | 6 |
| matched_funcs_no_changes_len | 60687 |
| match_func_similarity_percent | 99.9819% |
| func_match_overall_percent | 99.9967% |
pie showData
title Match Types
"SymbolsHash" : 27911
"ExactBytesFunctionHasher" : 100
"ExactInstructionsFunctionHasher" : 123
"BulkInstructionHash" : 2
"StructuralGraphHash" : 693
pie showData
title Diff Stats
"added_funcs_len" : 1
"deleted_funcs_len" : 1
"modified_funcs_len" : 11
pie showData
title Symbols
"added_symbols_len" : 12
"deleted_symbols_len" : 8
pie showData
title Strings
"deleted_strings_len" : 1
"added_strings_len" : 0
--- deleted strings
+++ added strings
@@ -1 +0,0 @@
-u_.TM
| Key | ntoskrnl.exe.x64.10.0.22621.1344 |
|---|---|
| name | HalpProcIsSmtDisabled |
| fullname | HalpProcIsSmtDisabled |
| refcount | 3 |
| length | 174 |
| called | HalpGetCpuInfo HalpIsPartitionCpuManager strstr |
| calling | HalpMiscGetParameters |
| paramcount | 0 |
| address | 140b3f010 |
| sig | undefined HalpProcIsSmtDisabled(void) |
| sym_type | Function |
| sym_source | IMPORTED |
| external | False |
--- HalpProcIsSmtDisabled
+++ HalpProcIsSmtDisabled
@@ -1,34 +0,0 @@
-
-bool HalpProcIsSmtDisabled(longlong param_1)
-
-{
- char cVar1;
- char *pcVar2;
- bool bVar3;
- char local_res10 [24];
-
- bVar3 = false;
- local_res10[0] = '\0';
- cVar1 = HalpGetCpuInfo(0,0,0,local_res10);
- if ((cVar1 == '\0') || (local_res10[0] != '\x02')) {
- if (param_1 == 0) {
- return false;
- }
- }
- else {
- if (param_1 == 0) {
- return false;
- }
- if (((*(uint *)(*(longlong *)(param_1 + 0xf0) + 0xda4) & 0x2000) != 0) &&
- (cVar1 = HalpIsPartitionCpuManager(), cVar1 == '\0')) {
- return true;
- }
- }
- if ((*(char **)(param_1 + 0xd8) != (char *)0x0) &&
- (pcVar2 = strstr(*(char **)(param_1 + 0xd8),"SMT=BLOCKED"), pcVar2 != (char *)0x0)) {
- cVar1 = HalpIsPartitionCpuManager();
- bVar3 = cVar1 == '\0';
- }
- return bVar3;
-}
-
| Key | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| name | Feature_MSRC76458_DisableTransactedRename__private_IsEnabled |
| fullname | Feature_MSRC76458_DisableTransactedRename__private_IsEnabled |
| refcount | 2 |
| length | 94 |
| called | wil_details_FeatureReporting_ReportUsageToService wil_details_FeatureStateCache_GetCachedFeatureEnabledState |
| calling | CmRenameKey |
| paramcount | 0 |
| address | 140424970 |
| sig | undefined Feature_MSRC76458_DisableTransactedRename__private_IsEnabled(void) |
| sym_type | Function |
| sym_source | IMPORTED |
| external | False |
--- Feature_MSRC76458_DisableTransactedRename__private_IsEnabled
+++ Feature_MSRC76458_DisableTransactedRename__private_IsEnabled
@@ -0,0 +1,17 @@
+
+uint Feature_MSRC76458_DisableTransactedRename__private_IsEnabled(void)
+
+{
+ uint uVar1;
+ uint uVar2;
+
+ uVar1 = wil_details_FeatureStateCache_GetCachedFeatureEnabledState
+ (&Feature_MSRC76458_DisableTransactedRename__private_featureState,
+ &Feature_MSRC76458_DisableTransactedRename__private_descriptor);
+ uVar2 = uVar1 >> 3 & 1;
+ wil_details_FeatureReporting_ReportUsageToService
+ (&Feature_MSRC76458_DisableTransactedRename__private_reporting,0x28a59bb,uVar1 >> 8 & 1,
+ uVar1 >> 9 & 1,&Feature_Servicing_CcUninitAsyncRead_39895518_logged_traits,uVar2);
+ return uVar2;
+}
+
Modified functions contain code changes
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | code,length |
| ratio | 0.19 |
| i_ratio | 0.63 |
| m_ratio | 0.67 |
| b_ratio | 0.72 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | KeQuerySpeculationControlInformation | KeQuerySpeculationControlInformation |
| fullname | KeQuerySpeculationControlInformation | KeQuerySpeculationControlInformation |
| refcount | 2 | 2 |
length |
775 | 891 |
| called | HvlQueryL1tfMitigationInformation KeKvaShadowingActive KiIsFbClearSupported RtlCopyMemory memset |
HvlQueryL1tfMitigationInformation KeKvaShadowingActive KiIsFbClearSupported RtlCopyMemory memset |
| calling | ExpQuerySystemInformation | ExpQuerySystemInformation |
| paramcount | 0 | 0 |
| address | 14096a7ac | 14096a7ac |
| sig | undefined KeQuerySpeculationControlInformation(void) | undefined KeQuerySpeculationControlInformation(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- KeQuerySpeculationControlInformation
+++ KeQuerySpeculationControlInformation
@@ -1,86 +1,109 @@
undefined8 KeQuerySpeculationControlInformation(void *param_1,uint param_2,uint *param_3)
{
ulonglong uVar1;
char cVar2;
- uint uVar3;
- int iVar4;
+ int iVar3;
+ uint uVar4;
uint uVar5;
- uint uVar6;
ulonglong _Size;
- ulonglong uVar7;
+ ulonglong uVar6;
undefined8 local_res20;
_Size = (ulonglong)param_2;
- if (3 < param_2) {
- if (7 < param_2) {
- param_2 = 8;
- }
- *param_3 = param_2;
- cVar2 = KiKvaShadow;
- uVar1 = KeFeatureBits2;
- local_res20._4_4_ = 0;
- local_res20._0_4_ =
- KiSpeculationFeatures >> 0x14 & 1 ^ KiSpeculationFeatures >> 0x11 & 2 ^
- KiSpeculationFeatures >> 0x11 & 4;
- uVar6 = 0x10;
- if (((KiSpeculationFeatures & 0x10) != 0) || ((KiSpeculationFeatures & 0x40) != 0)) {
- local_res20._0_4_ = (uint)local_res20 | 8;
- }
- if ((KiSpeculationFeatures & 4) != 0) {
- local_res20._0_4_ = (uint)local_res20 | 0x10;
- }
- if (((KiSpeculationFeatures >> 0x14 & 1) != 0) && ((KiSpeculationFeatures >> 0x15 & 1) != 0)) {
- local_res20._0_4_ = (uint)local_res20 | 0x2000;
- }
- local_res20._0_4_ =
- ((KiSpeculationFeatures & 0x20 | 0x40) << 2 |
- (uint)local_res20 ^ KiSpeculationFeatures * 2 & 0x20 ^ KiSpeculationFeatures & 0x40) ^
- KiSpeculationFeatures * 4 & 0x200 ^ KiSpeculationFeatures >> 0xc & 0x400 ^
- KiSpeculationFeatures >> 0xc & 0x800 ^ ~(KiSpeculationFeatures << 4) & 0x1000 ^
- KiSpeculationFeatures >> 0xb & 0x4000 ^ KiSpeculationFeatures >> 0xb & 0x8000;
- uVar5 = (KiSpeculationFeatures & 1 | 0x80) << 0x10 | (uint)(KeFeatureBits2 << 0x13) & 0x1000000
- | (uint)local_res20;
- if ((KiKvaShadow == '\0') || (uVar3 = 0x26000000, (KeFeatureBits2 & 8) == 0)) {
- uVar3 = 0x24000000;
- }
- uVar7 = KeFeatureBits2 & 0x8000;
- if (((uVar7 == 0) || (KiDisableTsx == 0)) && (KiTsxSupported != 0)) {
- if (((KeFeatureBits2 >> 0x10 & 1) == 0) &&
- ((((byte)KeFeatureBits2 & 0x28) != 8 || (iVar4 = KeKvaShadowingActive(), iVar4 == 0)))) {
- if (uVar7 == 0) {
- local_res20._0_4_ = uVar5 | uVar3;
- }
- else {
- local_res20._0_4_ = uVar5 | uVar3 | 0x8000000;
- }
+ if (param_2 < 4) {
+ *param_3 = 8;
+ return 0xc0000004;
+ }
+ if (7 < param_2) {
+ param_2 = 8;
+ }
+ *param_3 = param_2;
+ cVar2 = KiKvaShadow;
+ uVar1 = KeFeatureBits2;
+ local_res20._4_4_ = 0;
+ local_res20._0_4_ =
+ KiSpeculationFeatures >> 0x14 & 1 ^ KiSpeculationFeatures >> 0x11 & 2 ^
+ KiSpeculationFeatures >> 0x11 & 4;
+ if (((KiSpeculationFeatures & 0x10) != 0) || ((KiSpeculationFeatures & 0x40) != 0)) {
+ local_res20._0_4_ = (uint)local_res20 | 8;
+ }
+ if ((KiSpeculationFeatures & 4) != 0) {
+ local_res20._0_4_ = (uint)local_res20 | 0x10;
+ }
+ if (((KiSpeculationFeatures >> 0x14 & 1) != 0) && ((KiSpeculationFeatures >> 0x15 & 1) != 0)) {
+ local_res20._0_4_ = (uint)local_res20 | 0x2000;
+ }
+ local_res20._0_4_ =
+ ((KiSpeculationFeatures & 0x20 | 0x40) << 2 |
+ (uint)local_res20 ^ KiSpeculationFeatures * 2 & 0x20 ^ KiSpeculationFeatures & 0x40) ^
+ KiSpeculationFeatures * 4 & 0x200 ^ KiSpeculationFeatures >> 0xc & 0x400 ^
+ KiSpeculationFeatures >> 0xc & 0x800 ^ ~(KiSpeculationFeatures << 4) & 0x1000 ^
+ KiSpeculationFeatures >> 0xb & 0x4000 ^ KiSpeculationFeatures >> 0xb & 0x8000;
+ uVar5 = (KiSpeculationFeatures & 1 | 0x80) << 0x10 | (uint)(KeFeatureBits2 << 0x13) & 0x1000000 |
+ (uint)local_res20;
+ if ((KiKvaShadow == '\0') || (uVar4 = 0x26000000, (KeFeatureBits2 & 8) == 0)) {
+ uVar4 = 0x24000000;
+ }
+ uVar6 = KeFeatureBits2 & 0x8000;
+ if (((uVar6 == 0) || (KiDisableTsx == 0)) && (KiTsxSupported != 0)) {
+ if (((KeFeatureBits2 >> 0x10 & 1) == 0) &&
+ ((((byte)KeFeatureBits2 & 0x28) != 8 || (iVar3 = KeKvaShadowingActive(), iVar3 == 0)))) {
+ if (uVar6 == 0) {
+ local_res20._0_4_ = uVar5 | uVar4;
}
else {
- local_res20._0_4_ = uVar5 | uVar3 | 0x10000000;
+ local_res20._0_4_ = uVar5 | uVar4 | 0x8000000;
}
}
else {
- local_res20._0_4_ = uVar5 | uVar3 | 0x18000000;
+ local_res20._0_4_ = uVar5 | uVar4 | 0x10000000;
}
- if (((uVar1 >> 0x10 & 1) == 0) && (KiTsxSupportedAtBoot != 0)) {
- uVar5 = 0;
+ }
+ else {
+ local_res20._0_4_ = uVar5 | uVar4 | 0x18000000;
+ }
+ if (((uVar1 >> 0x10 & 1) == 0) && (KiTsxSupportedAtBoot != 0)) {
+ uVar5 = 0;
+ }
+ else {
+ uVar5 = 0x40000000;
+ }
+ local_res20._0_4_ = (uint)local_res20 | uVar5;
+ HvlQueryL1tfMitigationInformation(&local_res20);
+ uVar5 = ((uint)(uVar1 >> 0x13) ^ local_res20._4_4_) & 7 ^ local_res20._4_4_;
+ if (cVar2 == '\0') {
+LAB_0:
+ uVar4 = 0x410;
+ }
+ else {
+ iVar3 = KiIsFbClearSupported();
+ uVar4 = 0x418;
+ if (iVar3 == 0) goto LAB_0;
+ }
+ local_res20 = CONCAT44(uVar5 & 0xfffffff7 | uVar4,(uint)local_res20);
+ if ((KiSpeculationFeatures >> 0xf & 1) == 0) {
+ uVar5 = uVar5 & 0xfffffef7 | uVar4 | 0x200;
+ }
+ else {
+ if ((((KiSpeculationFeatures >> 0x12 & 1) == 0) && ((KiSpeculationFeatures >> 0x15 & 1) == 0))
+ && ((KiSpeculationFeatures >> 0x1c & 1) == 0)) {
+ if (((KiSpeculationFeatures >> 0x13 & 1) == 0) && ((KiSpeculationFeatures >> 0x1d & 1) == 0))
+ {
+ local_res20 = local_res20 | 0x30000000000;
+ }
+ else {
+ local_res20 = local_res20 & 0xfffffcffffffffff;
+ }
+ goto LAB_1;
}
- else {
- uVar5 = 0x40000000;
- }
- local_res20._0_4_ = (uint)local_res20 | uVar5;
- HvlQueryL1tfMitigationInformation(&local_res20);
- uVar5 = ((uint)(uVar1 >> 0x13) ^ local_res20._4_4_) & 7 ^ local_res20._4_4_;
- if ((cVar2 != '\0') && (iVar4 = KiIsFbClearSupported(), iVar4 != 0)) {
- uVar6 = 0x18;
- }
- local_res20 = CONCAT44(uVar5 & 0xfffffff7 | uVar6,(uint)local_res20);
- memset(param_1,0,_Size);
- RtlCopyMemory(param_1,&local_res20,(ulonglong)param_2);
- return 0;
+ uVar5 = uVar5 & 0xfffffdf7 | uVar4 | 0x100;
}
- *param_3 = 8;
- return 0xc0000004;
+ local_res20 = CONCAT44(uVar5,(uint)local_res20);
+LAB_1:
+ memset(param_1,0,_Size);
+ RtlCopyMemory(param_1,&local_res20,(ulonglong)param_2);
+ return 0;
}
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | code,length,address |
| ratio | 0.23 |
| i_ratio | 0.66 |
| m_ratio | 0.81 |
| b_ratio | 0.88 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | WritePartitionTable | WritePartitionTable |
| fullname | SC_GPT::WritePartitionTable | SC_GPT::WritePartitionTable |
| refcount | 4 | 4 |
length |
1583 | 1569 |
| called | MBR_ENTRY::ComputeChs RtlComputeCrc32 SC_DISK::WriteSectors SC_ENV::Allocate SC_ENV::CreateGuid SC_ENV::Free SC_GPT::ReadHeader memset |
MBR_ENTRY::ComputeChs RtlComputeCrc32 SC_DISK::WriteSectors SC_ENV::Allocate SC_ENV::CreateGuid SC_ENV::Free SC_GPT::ReadHeader memset |
| calling | SC_DISK::WritePartitionTable SC_GPT::CreatePartitionTable SC_GPT::SetPartition |
SC_DISK::WritePartitionTable SC_GPT::CreatePartitionTable SC_GPT::SetPartition |
| paramcount | 3 | 3 |
address |
140660efc | 140660ffc |
| sig | long __thiscall WritePartitionTable(SC_GPT * this, SC_DISK_LAYOUT * param_1, uchar param_2) | long __thiscall WritePartitionTable(SC_GPT * this, SC_DISK_LAYOUT * param_1, uchar param_2) |
| sym_type | Function | Function |
| sym_source | ANALYSIS | ANALYSIS |
| external | False | False |
--- SC_GPT::WritePartitionTable
+++ SC_GPT::WritePartitionTable
@@ -1,344 +1,332 @@
/* public: long __cdecl SC_GPT::WritePartitionTable(class SC_DISK_LAYOUT * __ptr64,unsigned char)
__ptr64 */
long __thiscall SC_GPT::WritePartitionTable(SC_GPT *this,SC_DISK_LAYOUT *param_1,uchar param_2)
{
undefined8 *puVar1;
undefined4 *puVar2;
byte bVar3;
int iVar4;
GPT_HEADER *_Dst;
- undefined8 uVar5;
- undefined4 uVar6;
+ longlong lVar5;
+ undefined8 uVar6;
undefined4 uVar7;
undefined4 uVar8;
- long lVar9;
- longlong lVar10;
- ulonglong uVar11;
+ undefined4 uVar9;
+ uint uVar10;
+ undefined4 uVar11;
+ long lVar12;
+ ulonglong uVar13;
undefined8 *_Dst_00;
- longlong lVar12;
- ulonglong uVar13;
- uint uVar14;
- _GUID *p_Var15;
+ ulonglong uVar14;
+ uint uVar15;
+ longlong lVar16;
+ _GUID *p_Var17;
SC_DISK *this_00;
- uint uVar16;
- ulonglong uVar17;
ulonglong uVar18;
- uint uVar19;
+ ulonglong uVar19;
__uint64 _Var20;
- undefined8 *puVar21;
- uint uVar22;
- ulonglong *puVar23;
- undefined4 *puVar24;
- ulong uVar25;
- uint uVar26;
+ uint uVar21;
+ undefined8 *puVar22;
+ uint uVar23;
+ ulonglong *puVar24;
+ undefined4 *puVar25;
+ ulong uVar26;
+ uint uVar27;
ulonglong local_res8;
int local_68;
undefined4 local_64;
- ulonglong local_60;
+ ulonglong local_58;
local_64 = 0;
- lVar10 = *(longlong *)this;
- _Dst = *(GPT_HEADER **)(lVar10 + 0x108);
+ uVar13 = *(ulonglong *)this;
+ _Dst = *(GPT_HEADER **)(uVar13 + 0x108);
if (param_2 == '\0') {
- bVar3 = *(byte *)(lVar10 + 200);
- uVar25 = 0;
- while (lVar9 = ReadHeader(this,uVar25,_Dst), lVar9 < 0) {
- uVar25 = uVar25 + 1;
- if (2 - ((bVar3 & 1) != 0) <= uVar25) {
- return lVar9;
+ bVar3 = *(byte *)(uVar13 + 200);
+ uVar26 = 0;
+ while (lVar12 = ReadHeader(this,uVar26,_Dst), lVar12 < 0) {
+ uVar26 = uVar26 + 1;
+ if (2 - ((bVar3 & 1) != 0) <= uVar26) {
+ return lVar12;
}
}
local_68 = *(int *)(_Dst + 0x54);
- uVar22 = *(uint *)(_Dst + 0x50);
- local_60 = *(ulonglong *)(_Dst + 0x28);
+ uVar23 = *(uint *)(_Dst + 0x50);
+ local_58 = *(ulonglong *)(_Dst + 0x28);
iVar4 = *(int *)(*(longlong *)this + 0xec);
- uVar16 = -iVar4;
- uVar19 = iVar4 + -1 + uVar22 * local_68 & uVar16;
- uVar26 = uVar19 >> ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x1f);
+ uVar21 = -iVar4;
+ uVar13 = (ulonglong)uVar21;
+ uVar21 = iVar4 + -1 + uVar23 * local_68 & uVar21;
+ uVar27 = uVar21 >> ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x1f);
}
else {
if (*(short *)(_Dst + 0x1fe) == -0x55ab) {
local_64 = *(undefined4 *)(_Dst + 0x1b8);
}
+ uVar23 = *(uint *)(param_1 + 0x28);
+ if (uVar23 < 0x81) {
+ uVar23 = 0x80;
+ }
+ else if (0x400 < uVar23) {
+ return -0x3ffffff3;
+ }
local_68 = 0x80;
- uVar16 = 0x80;
- if (0x80 < *(uint *)(param_1 + 0x28)) {
- uVar16 = *(uint *)(param_1 + 0x28);
- }
- uVar16 = uVar16 * 0x80;
- uVar19 = *(int *)(lVar10 + 0xec) + -1 + uVar16 & -*(int *)(lVar10 + 0xec);
- uVar26 = uVar19 >> ((byte)*(undefined4 *)(lVar10 + 0xf0) & 0x1f);
- uVar22 = uVar19 >> 7;
- local_60 = (ulonglong)(uVar26 + 2);
- }
- uVar11 = (ulonglong)uVar16;
- uVar16 = *(uint *)(param_1 + 4);
- if (uVar22 < uVar16) {
+ uVar21 = *(int *)(uVar13 + 0xec) + -1 + uVar23 * 0x80 & -*(int *)(uVar13 + 0xec);
+ uVar27 = uVar21 >> ((byte)*(undefined4 *)(uVar13 + 0xf0) & 0x1f);
+ uVar23 = uVar21 >> 7;
+ local_58 = (ulonglong)(uVar27 + 2);
+ }
+ uVar10 = *(uint *)(param_1 + 4);
+ if (uVar23 < uVar10) {
return -0x3ffffff3;
}
- uVar18 = 0;
- if (uVar16 != 0) {
+ uVar19 = 0;
+ if (uVar10 != 0) {
do {
- uVar11 = uVar18 * 0x12;
- lVar10 = *(longlong *)(param_1 + uVar18 * 0x90 + 0x50) + -0x4fb97cb2424ca0e2;
- if (lVar10 == 0) {
- lVar10 = *(longlong *)(param_1 + uVar18 * 0x90 + 0x58) + 0x3974c666d53abc7f;
- }
- if (lVar10 == 0) {
- if ((int)uVar18 != -1) {
- uVar11 = *(ulonglong *)(param_1 + uVar18 * 0x90 + 0x40);
+ uVar13 = uVar19 * 0x12;
+ if ((*(longlong *)(param_1 + uVar19 * 0x90 + 0x50) == 0x4fb97cb2424ca0e2) &&
+ (*(longlong *)(param_1 + uVar19 * 0x90 + 0x58) == -0x3974c666d53abc7f)) {
+ if ((int)uVar19 != -1) {
+ uVar13 = *(ulonglong *)(param_1 + uVar19 * 0x90 + 0x40);
if (*(uint *)(*(longlong *)this + 0xec) != 0) {
- uVar11 = (longlong)uVar11 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
+ uVar13 = (longlong)uVar13 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
}
- uVar18 = uVar11 + 2 + (ulonglong)uVar26;
- if (local_60 < uVar18) {
- local_60 = uVar18;
+ uVar19 = uVar13 + 2 + (ulonglong)uVar27;
+ if (local_58 < uVar19) {
+ local_58 = uVar19;
}
}
break;
}
- uVar14 = (int)uVar18 + 1;
- uVar18 = (ulonglong)uVar14;
- } while (uVar14 < uVar16);
- }
- lVar10 = *(longlong *)this;
- if ((*(uint *)(lVar10 + 200) & 1) == 0) {
- uVar18 = (*(longlong *)(lVar10 + 0xf8) - (ulonglong)uVar26) - 2;
+ uVar15 = (int)uVar19 + 1;
+ uVar19 = (ulonglong)uVar15;
+ } while (uVar15 < uVar10);
+ }
+ lVar16 = *(longlong *)this;
+ if ((*(uint *)(lVar16 + 200) & 1) == 0) {
+ uVar19 = (*(longlong *)(lVar16 + 0xf8) - (ulonglong)uVar27) - 2;
}
else {
- uVar18 = *(longlong *)(lVar10 + 0xf8) - 1;
- }
- uVar16 = (2 << ((byte)*(undefined4 *)(lVar10 + 0xf0) & 0x1f)) + uVar19;
- _Dst_00 = (undefined8 *)SC_ENV::Allocate((ulonglong)uVar16,(ulong)uVar11,(uchar)uVar19);
+ uVar19 = *(longlong *)(lVar16 + 0xf8) - 1;
+ }
+ uVar10 = (2 << ((byte)*(undefined4 *)(lVar16 + 0xf0) & 0x1f)) + uVar21;
+ _Dst_00 = (undefined8 *)SC_ENV::Allocate((ulonglong)uVar10,(ulong)uVar13,(uchar)uVar21);
if (_Dst_00 == (undefined8 *)0x0) {
return -0x3fffff66;
}
- memset(_Dst_00,0,(ulonglong)uVar16);
- uVar11 = 0;
+ memset(_Dst_00,0,(ulonglong)uVar10);
+ uVar13 = 0;
local_res8 = 0;
- lVar10 = (longlong)(1 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x1f));
- puVar24 = (undefined4 *)(((ulonglong)uVar16 - lVar10) + (longlong)_Dst_00);
- puVar1 = (undefined8 *)(lVar10 + (longlong)_Dst_00);
+ lVar16 = (longlong)(1 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x1f));
+ puVar25 = (undefined4 *)(((ulonglong)uVar10 - lVar16) + (longlong)_Dst_00);
+ puVar1 = (undefined8 *)(lVar16 + (longlong)_Dst_00);
if (*(int *)(param_1 + 4) != 0) {
- puVar23 = puVar1 + 4;
+ puVar24 = puVar1 + 4;
do {
- lVar10 = uVar11 * 0x90;
- if (*(int *)(param_1 + lVar10 + 0x30) == 0) {
- if (param_1[lVar10 + 0x50] != (SC_DISK_LAYOUT)0x0) goto LAB_0;
+ lVar16 = uVar13 * 0x90;
+ if (*(int *)(param_1 + lVar16 + 0x30) == 0) {
+ if (param_1[lVar16 + 0x50] != (SC_DISK_LAYOUT)0x0) goto LAB_0;
}
- else {
- if (*(int *)(param_1 + lVar10 + 0x30) == 1) {
- lVar12 = *(longlong *)(param_1 + lVar10 + 0x50);
- if (lVar12 == 0) {
- lVar12 = *(longlong *)(param_1 + lVar10 + 0x58);
- }
- if (lVar12 == 0) goto LAB_1;
- }
+ else if (((*(int *)(param_1 + lVar16 + 0x30) != 1) ||
+ (*(longlong *)(param_1 + lVar16 + 0x50) != 0)) ||
+ (*(longlong *)(param_1 + lVar16 + 0x58) != 0)) {
LAB_0:
- p_Var15 = (_GUID *)(param_1 + lVar10 + 0x60);
- lVar12._0_4_ = p_Var15->Data1;
- lVar12._4_2_ = p_Var15->Data2;
- lVar12._6_2_ = p_Var15->Data3;
- if (lVar12 == 0) {
- lVar12 = *(longlong *)p_Var15->Data4;
- }
- if (lVar12 == 0) {
- SC_ENV::CreateGuid(p_Var15);
- p_Var15 = (_GUID *)(param_1 + lVar10 + 0x60);
- uVar11 = local_res8;
- }
- puVar2 = (undefined4 *)(param_1 + lVar10 + 0x50);
- uVar8 = puVar2[1];
- uVar6 = puVar2[2];
- uVar7 = puVar2[3];
- *(undefined4 *)(puVar23 + -4) = *puVar2;
- *(undefined4 *)((longlong)puVar23 + -0x1c) = uVar8;
- *(undefined4 *)(puVar23 + -3) = uVar6;
- *(undefined4 *)((longlong)puVar23 + -0x14) = uVar7;
- uVar8 = *(undefined4 *)&p_Var15->Data2;
- uVar6 = *(undefined4 *)p_Var15->Data4;
- uVar7 = *(undefined4 *)(p_Var15->Data4 + 4);
- *(ulong *)(puVar23 + -2) = p_Var15->Data1;
- *(undefined4 *)((longlong)puVar23 + -0xc) = uVar8;
- *(undefined4 *)(puVar23 + -1) = uVar6;
- *(undefined4 *)((longlong)puVar23 + -4) = uVar7;
- uVar13 = *(ulonglong *)(param_1 + lVar10 + 0x38);
+ p_Var17 = (_GUID *)(param_1 + lVar16 + 0x60);
+ lVar5._0_4_ = p_Var17->Data1;
+ lVar5._4_2_ = p_Var17->Data2;
+ lVar5._6_2_ = p_Var17->Data3;
+ if ((lVar5 == 0) && (*(longlong *)p_Var17->Data4 == 0)) {
+ SC_ENV::CreateGuid(p_Var17);
+ p_Var17 = (_GUID *)(param_1 + lVar16 + 0x60);
+ uVar13 = local_res8;
+ }
+ puVar2 = (undefined4 *)(param_1 + lVar16 + 0x50);
+ uVar11 = puVar2[1];
+ uVar7 = puVar2[2];
+ uVar8 = puVar2[3];
+ *(undefined4 *)(puVar24 + -4) = *puVar2;
+ *(undefined4 *)((longlong)puVar24 + -0x1c) = uVar11;
+ *(undefined4 *)(puVar24 + -3) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + -0x14) = uVar8;
+ uVar11 = *(undefined4 *)&p_Var17->Data2;
+ uVar7 = *(undefined4 *)p_Var17->Data4;
+ uVar8 = *(undefined4 *)(p_Var17->Data4 + 4);
+ *(ulong *)(puVar24 + -2) = p_Var17->Data1;
+ *(undefined4 *)((longlong)puVar24 + -0xc) = uVar11;
+ *(undefined4 *)(puVar24 + -1) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + -4) = uVar8;
+ uVar14 = *(ulonglong *)(param_1 + lVar16 + 0x38);
if (*(uint *)(*(longlong *)this + 0xec) != 0) {
- uVar13 = (longlong)uVar13 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
- }
- *puVar23 = uVar13;
- uVar17 = *(longlong *)(param_1 + lVar10 + 0x38) +
- *(longlong *)(param_1 + lVar10 + 0x40) + -1;
+ uVar14 = (longlong)uVar14 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
+ }
+ *puVar24 = uVar14;
+ uVar18 = *(longlong *)(param_1 + lVar16 + 0x38) +
+ *(longlong *)(param_1 + lVar16 + 0x40) + -1;
if (*(uint *)(*(longlong *)this + 0xec) != 0) {
- uVar17 = (longlong)uVar17 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
- }
- puVar23[1] = uVar17;
- puVar23[2] = *(ulonglong *)(param_1 + lVar10 + 0x70);
- puVar2 = (undefined4 *)(param_1 + lVar10 + 0x78);
- uVar8 = puVar2[1];
- uVar6 = puVar2[2];
- uVar7 = puVar2[3];
- *(undefined4 *)(puVar23 + 3) = *puVar2;
- *(undefined4 *)((longlong)puVar23 + 0x1c) = uVar8;
- *(undefined4 *)(puVar23 + 4) = uVar6;
- *(undefined4 *)((longlong)puVar23 + 0x24) = uVar7;
- puVar2 = (undefined4 *)(param_1 + lVar10 + 0x88);
- uVar8 = puVar2[1];
- uVar6 = puVar2[2];
- uVar7 = puVar2[3];
- *(undefined4 *)(puVar23 + 5) = *puVar2;
- *(undefined4 *)((longlong)puVar23 + 0x2c) = uVar8;
- *(undefined4 *)(puVar23 + 6) = uVar6;
- *(undefined4 *)((longlong)puVar23 + 0x34) = uVar7;
- puVar2 = (undefined4 *)(param_1 + lVar10 + 0x98);
- uVar8 = puVar2[1];
- uVar6 = puVar2[2];
- uVar7 = puVar2[3];
- *(undefined4 *)(puVar23 + 7) = *puVar2;
- *(undefined4 *)((longlong)puVar23 + 0x3c) = uVar8;
- *(undefined4 *)(puVar23 + 8) = uVar6;
- *(undefined4 *)((longlong)puVar23 + 0x44) = uVar7;
- puVar2 = (undefined4 *)(param_1 + lVar10 + 0xa8);
- uVar8 = puVar2[1];
- uVar6 = puVar2[2];
- uVar7 = puVar2[3];
- *(undefined4 *)(puVar23 + 9) = *puVar2;
- *(undefined4 *)((longlong)puVar23 + 0x4c) = uVar8;
- *(undefined4 *)(puVar23 + 10) = uVar6;
- *(undefined4 *)((longlong)puVar23 + 0x54) = uVar7;
- puVar23[0xb] = *(ulonglong *)(param_1 + lVar10 + 0xb8);
- if ((uVar13 < local_60) || (uVar18 < uVar17)) {
- lVar9 = -0x3ffffff3;
- goto LAB_2;
- }
- puVar23 = puVar23 + 0x10;
+ uVar18 = (longlong)uVar18 / (longlong)(ulonglong)*(uint *)(*(longlong *)this + 0xec);
+ }
+ puVar24[1] = uVar18;
+ puVar24[2] = *(ulonglong *)(param_1 + lVar16 + 0x70);
+ puVar2 = (undefined4 *)(param_1 + lVar16 + 0x78);
+ uVar11 = puVar2[1];
+ uVar7 = puVar2[2];
+ uVar8 = puVar2[3];
+ *(undefined4 *)(puVar24 + 3) = *puVar2;
+ *(undefined4 *)((longlong)puVar24 + 0x1c) = uVar11;
+ *(undefined4 *)(puVar24 + 4) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + 0x24) = uVar8;
+ puVar2 = (undefined4 *)(param_1 + lVar16 + 0x88);
+ uVar11 = puVar2[1];
+ uVar7 = puVar2[2];
+ uVar8 = puVar2[3];
+ *(undefined4 *)(puVar24 + 5) = *puVar2;
+ *(undefined4 *)((longlong)puVar24 + 0x2c) = uVar11;
+ *(undefined4 *)(puVar24 + 6) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + 0x34) = uVar8;
+ puVar2 = (undefined4 *)(param_1 + lVar16 + 0x98);
+ uVar11 = puVar2[1];
+ uVar7 = puVar2[2];
+ uVar8 = puVar2[3];
+ *(undefined4 *)(puVar24 + 7) = *puVar2;
+ *(undefined4 *)((longlong)puVar24 + 0x3c) = uVar11;
+ *(undefined4 *)(puVar24 + 8) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + 0x44) = uVar8;
+ puVar2 = (undefined4 *)(param_1 + lVar16 + 0xa8);
+ uVar11 = puVar2[1];
+ uVar7 = puVar2[2];
+ uVar8 = puVar2[3];
+ *(undefined4 *)(puVar24 + 9) = *puVar2;
+ *(undefined4 *)((longlong)puVar24 + 0x4c) = uVar11;
+ *(undefined4 *)(puVar24 + 10) = uVar7;
+ *(undefined4 *)((longlong)puVar24 + 0x54) = uVar8;
+ puVar24[0xb] = *(ulonglong *)(param_1 + lVar16 + 0xb8);
+ if ((uVar14 < local_58) || (uVar19 < uVar18)) {
+ lVar12 = -0x3ffffff3;
+ goto LAB_1;
+ }
+ puVar24 = puVar24 + 0x10;
}
-LAB_1:
- uVar16 = (int)uVar11 + 1;
- uVar11 = (ulonglong)uVar16;
- local_res8 = (ulonglong)uVar16;
- } while (uVar16 < *(uint *)(param_1 + 4));
- }
- p_Var15 = (_GUID *)(param_1 + 8);
- lVar10._0_4_ = p_Var15->Data1;
- lVar10._4_2_ = p_Var15->Data2;
- lVar10._6_2_ = p_Var15->Data3;
- if (lVar10 == 0) {
- lVar10 = *(longlong *)(param_1 + 0x10);
- }
- if (lVar10 == 0) {
- SC_ENV::CreateGuid(p_Var15);
+ uVar21 = (int)uVar13 + 1;
+ uVar13 = (ulonglong)uVar21;
+ local_res8 = (ulonglong)uVar21;
+ } while (uVar21 < *(uint *)(param_1 + 4));
+ }
+ p_Var17 = (_GUID *)(param_1 + 8);
+ lVar16._0_4_ = p_Var17->Data1;
+ lVar16._4_2_ = p_Var17->Data2;
+ lVar16._6_2_ = p_Var17->Data3;
+ if ((lVar16 == 0) && (*(longlong *)(param_1 + 0x10) == 0)) {
+ SC_ENV::CreateGuid(p_Var17);
}
*(ulonglong *)(param_1 + 0x20) =
- (uVar18 - local_60) + 1 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x3f);
- *(uint *)(param_1 + 0x28) = uVar22;
+ (uVar19 - local_58) + 1 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x3f);
+ *(uint *)(param_1 + 0x28) = uVar23;
*_Dst_00 = 0x5452415020494645;
- _Dst_00[5] = local_60;
- uVar11 = (ulonglong)uVar26;
+ _Dst_00[5] = local_58;
+ uVar13 = (ulonglong)uVar27;
*(undefined4 *)(_Dst_00 + 1) = 0x10000;
+ _Dst_00[4] = uVar19 + 1 + uVar13;
*(undefined4 *)((longlong)_Dst_00 + 0xc) = 0x5c;
- _Dst_00[4] = uVar18 + 1 + uVar11;
_Dst_00[3] = 1;
- _Dst_00[6] = uVar18;
- uVar25 = p_Var15->Data1;
- uVar8 = *(undefined4 *)(param_1 + 0xc);
- uVar6 = *(undefined4 *)(param_1 + 0x10);
- uVar7 = *(undefined4 *)(param_1 + 0x14);
- _Dst_00[9] = local_60 - uVar11;
- *(uint *)(_Dst_00 + 10) = uVar22;
- *(ulong *)(_Dst_00 + 7) = uVar25;
- *(undefined4 *)((longlong)_Dst_00 + 0x3c) = uVar8;
- *(undefined4 *)(_Dst_00 + 8) = uVar6;
- *(undefined4 *)((longlong)_Dst_00 + 0x44) = uVar7;
+ _Dst_00[6] = uVar19;
+ uVar11 = *(undefined4 *)(param_1 + 8);
+ uVar7 = *(undefined4 *)(param_1 + 0xc);
+ uVar8 = *(undefined4 *)(param_1 + 0x10);
+ uVar9 = *(undefined4 *)(param_1 + 0x14);
+ *(uint *)(_Dst_00 + 10) = uVar23;
+ *(undefined4 *)(_Dst_00 + 7) = uVar11;
+ *(undefined4 *)((longlong)_Dst_00 + 0x3c) = uVar7;
+ *(undefined4 *)(_Dst_00 + 8) = uVar8;
+ *(undefined4 *)((longlong)_Dst_00 + 0x44) = uVar9;
+ _Dst_00[9] = local_58 - uVar13;
*(int *)((longlong)_Dst_00 + 0x54) = local_68;
- uVar8 = RtlComputeCrc32(0,puVar1,uVar26 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) & 0x1f
- ));
- *(undefined4 *)(_Dst_00 + 0xb) = uVar8;
- uVar8 = RtlComputeCrc32(0,_Dst_00,0x5c);
- *(undefined4 *)(_Dst_00 + 2) = uVar8;
+ uVar11 = RtlComputeCrc32(0,puVar1,uVar27 << ((byte)*(undefined4 *)(*(longlong *)this + 0xf0) &
+ 0x1f));
+ *(undefined4 *)(_Dst_00 + 0xb) = uVar11;
+ uVar11 = RtlComputeCrc32(0,_Dst_00,0x5c);
+ *(undefined4 *)(_Dst_00 + 2) = uVar11;
this_00 = *(SC_DISK **)this;
- if (local_60 - uVar11 == 2) {
- _Var20 = 1;
- puVar21 = _Dst_00;
- uVar25 = uVar26 + 1;
+ _Var20 = 1;
+ if (local_58 - uVar13 == 2) {
+ puVar22 = _Dst_00;
+ uVar26 = uVar27 + 1;
}
else {
- lVar9 = SC_DISK::WriteSectors(this_00,1,1,_Dst_00);
- if (lVar9 < 0) goto LAB_2;
+ lVar12 = SC_DISK::WriteSectors(this_00,1,1,_Dst_00);
+ if (lVar12 < 0) goto LAB_1;
this_00 = *(SC_DISK **)this;
_Var20 = _Dst_00[9];
- puVar21 = puVar1;
- uVar25 = uVar26;
- }
- lVar9 = SC_DISK::WriteSectors(this_00,uVar25,_Var20,puVar21);
- if (-1 < lVar9) {
+ puVar22 = puVar1;
+ uVar26 = uVar27;
+ }
+ lVar12 = SC_DISK::WriteSectors(this_00,uVar26,_Var20,puVar22);
+ if (-1 < lVar12) {
if ((*(uint *)(*(longlong *)this + 200) & 1) == 0) {
- uVar8 = *(undefined4 *)((longlong)_Dst_00 + 4);
- uVar6 = *(undefined4 *)(_Dst_00 + 1);
- uVar7 = *(undefined4 *)((longlong)_Dst_00 + 0xc);
- *puVar24 = *(undefined4 *)_Dst_00;
- puVar24[1] = uVar8;
- puVar24[2] = uVar6;
- puVar24[3] = uVar7;
- uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x14);
- uVar6 = *(undefined4 *)(_Dst_00 + 3);
- uVar7 = *(undefined4 *)((longlong)_Dst_00 + 0x1c);
- puVar24[4] = *(undefined4 *)(_Dst_00 + 2);
- puVar24[5] = uVar8;
- puVar24[6] = uVar6;
- puVar24[7] = uVar7;
- uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x24);
- uVar6 = *(undefined4 *)(_Dst_00 + 5);
- uVar7 = *(undefined4 *)((longlong)_Dst_00 + 0x2c);
- puVar24[8] = *(undefined4 *)(_Dst_00 + 4);
- puVar24[9] = uVar8;
- puVar24[10] = uVar6;
- puVar24[0xb] = uVar7;
- uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x34);
- uVar6 = *(undefined4 *)(_Dst_00 + 7);
- uVar7 = *(undefined4 *)((longlong)_Dst_00 + 0x3c);
- puVar24[0xc] = *(undefined4 *)(_Dst_00 + 6);
- puVar24[0xd] = uVar8;
- puVar24[0xe] = uVar6;
- puVar24[0xf] = uVar7;
- uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x44);
- uVar6 = *(undefined4 *)(_Dst_00 + 9);
- uVar7 = *(undefined4 *)((longlong)_Dst_00 + 0x4c);
- puVar24[0x10] = *(undefined4 *)(_Dst_00 + 8);
- puVar24[0x11] = uVar8;
- puVar24[0x12] = uVar6;
- puVar24[0x13] = uVar7;
- *(undefined8 *)(puVar24 + 0x14) = _Dst_00[10];
- puVar24[0x16] = *(undefined4 *)(_Dst_00 + 0xb);
- uVar5 = *(undefined8 *)(puVar24 + 6);
- puVar24[4] = 0;
- *(longlong *)(puVar24 + 6) = *(longlong *)(puVar24 + 8);
- _Var20 = *(longlong *)(puVar24 + 8) - uVar11;
- *(__uint64 *)(puVar24 + 0x12) = _Var20;
- *(undefined8 *)(puVar24 + 8) = uVar5;
- uVar8 = RtlComputeCrc32(0,puVar24,puVar24[3]);
- puVar24[4] = uVar8;
- lVar9 = SC_DISK::WriteSectors(*(SC_DISK **)this,uVar26 + 1,_Var20,puVar1);
- if (lVar9 < 0) goto LAB_2;
+ uVar11 = *(undefined4 *)((longlong)_Dst_00 + 4);
+ uVar7 = *(undefined4 *)(_Dst_00 + 1);
+ uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0xc);
+ *puVar25 = *(undefined4 *)_Dst_00;
+ puVar25[1] = uVar11;
+ puVar25[2] = uVar7;
+ puVar25[3] = uVar8;
+ uVar11 = *(undefined4 *)((longlong)_Dst_00 + 0x14);
+ uVar7 = *(undefined4 *)(_Dst_00 + 3);
+ uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x1c);
+ puVar25[4] = *(undefined4 *)(_Dst_00 + 2);
+ puVar25[5] = uVar11;
+ puVar25[6] = uVar7;
+ puVar25[7] = uVar8;
+ uVar11 = *(undefined4 *)((longlong)_Dst_00 + 0x24);
+ uVar7 = *(undefined4 *)(_Dst_00 + 5);
+ uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x2c);
+ puVar25[8] = *(undefined4 *)(_Dst_00 + 4);
+ puVar25[9] = uVar11;
+ puVar25[10] = uVar7;
+ puVar25[0xb] = uVar8;
+ uVar11 = *(undefined4 *)((longlong)_Dst_00 + 0x34);
+ uVar7 = *(undefined4 *)(_Dst_00 + 7);
+ uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x3c);
+ puVar25[0xc] = *(undefined4 *)(_Dst_00 + 6);
+ puVar25[0xd] = uVar11;
+ puVar25[0xe] = uVar7;
+ puVar25[0xf] = uVar8;
+ uVar11 = *(undefined4 *)((longlong)_Dst_00 + 0x44);
+ uVar7 = *(undefined4 *)(_Dst_00 + 9);
+ uVar8 = *(undefined4 *)((longlong)_Dst_00 + 0x4c);
+ puVar25[0x10] = *(undefined4 *)(_Dst_00 + 8);
+ puVar25[0x11] = uVar11;
+ puVar25[0x12] = uVar7;
+ puVar25[0x13] = uVar8;
+ *(undefined8 *)(puVar25 + 0x14) = _Dst_00[10];
+ puVar25[0x16] = *(undefined4 *)(_Dst_00 + 0xb);
+ uVar6 = *(undefined8 *)(puVar25 + 6);
+ puVar25[4] = 0;
+ *(longlong *)(puVar25 + 6) = *(longlong *)(puVar25 + 8);
+ _Var20 = *(longlong *)(puVar25 + 8) - uVar13;
+ *(__uint64 *)(puVar25 + 0x12) = _Var20;
+ *(undefined8 *)(puVar25 + 8) = uVar6;
+ uVar11 = RtlComputeCrc32(0,puVar25,puVar25[3]);
+ puVar25[4] = uVar11;
+ lVar12 = SC_DISK::WriteSectors(*(SC_DISK **)this,uVar27 + 1,_Var20,puVar1);
+ if (lVar12 < 0) goto LAB_1;
}
*(uint *)(*(longlong *)this + 200) = *(uint *)(*(longlong *)this + 200) & 0xfffffffd;
if (param_2 != '\0') {
memset(_Dst,0,0x200);
*(undefined4 *)(_Dst + 0x1ca) = 0xffffffff;
*(undefined4 *)(_Dst + 0x1b8) = local_64;
_Dst[0x1c2] = (GPT_HEADER)0xee;
*(undefined4 *)(_Dst + 0x1c6) = 1;
MBR_ENTRY::ComputeChs
((MBR_ENTRY *)(_Dst + 0x1be),(_DISK_GEOMETRY *)(*(longlong *)this + 0xd8));
*(undefined2 *)(_Dst + 0x1fe) = 0xaa55;
- lVar9 = SC_DISK::WriteSectors(*(SC_DISK **)this,1,0,(void *)0x0);
- }
- }
-LAB_2:
+ lVar12 = SC_DISK::WriteSectors(*(SC_DISK **)this,1,0,(void *)0x0);
+ }
+ }
+LAB_1:
SC_ENV::Free(_Dst_00);
- return lVar9;
+ return lVar12;
}
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | code,length,address,called |
| ratio | 0.33 |
| i_ratio | 0.76 |
| m_ratio | 0.91 |
| b_ratio | 0.8 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | CmRenameKey | CmRenameKey |
| fullname | CmRenameKey | CmRenameKey |
| refcount | 2 | 2 |
length |
5796 | 5819 |
called |
Expand for full list:CmpDereferenceKeyControlBlockUnsafe |
Expand for full list:CmpCreateLayerLink |
| calling | NtRenameKey | NtRenameKey |
| paramcount | 0 | 0 |
address |
140a08aa8 | 140a08b18 |
| sig | undefined CmRenameKey(void) | undefined CmRenameKey(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- CmRenameKey called
+++ CmRenameKey called
@@ -6,0 +7 @@
+CmpCleanUpHigherLayerKcbCachesPreCallback
@@ -74,0 +76 @@
+Feature_MSRC76458_DisableTransactedRename__private_IsEnabled
@@ -77 +79 @@
-HvpGetCellContextReinitialize
+HvpGetBinContextInitialize
@@ -83 +84,0 @@
-NtQueryPortInformationProcess--- CmRenameKey
+++ CmRenameKey
@@ -1,1077 +1,1085 @@
/* WARNING: Globals starting with '_' overlap smaller symbols at the same address */
void CmRenameKey(longlong param_1,undefined8 *param_2,undefined param_3)
{
byte *pbVar1;
int *piVar2;
- longlong *plVar3;
- longlong **pplVar4;
- undefined8 uVar5;
- code *pcVar6;
- uint uVar7;
- undefined4 uVar8;
- undefined4 uVar9;
- bool bVar10;
- undefined uVar11;
- undefined4 *puVar12;
- char cVar13;
- byte bVar14;
- byte bVar15;
+ uint uVar3;
+ uint uVar4;
+ longlong *plVar5;
+ longlong **pplVar6;
+ undefined8 uVar7;
+ code *pcVar8;
+ uint uVar9;
+ undefined4 uVar10;
+ undefined4 uVar11;
+ bool bVar12;
+ undefined uVar13;
+ undefined4 *puVar14;
+ char cVar15;
byte bVar16;
byte bVar17;
- ushort uVar18;
- int iVar19;
- int iVar20;
- longlong lVar21;
- undefined8 *puVar22;
- undefined8 *puVar23;
+ byte bVar18;
+ byte bVar19;
+ ushort uVar20;
+ int iVar21;
+ int iVar22;
+ longlong lVar23;
undefined8 *puVar24;
- undefined8 uVar25;
- undefined4 *puVar26;
+ undefined8 *puVar25;
+ undefined8 *puVar26;
+ undefined8 uVar27;
+ undefined4 *puVar28;
undefined8 *P;
- short sVar27;
- void *pvVar28;
- int iVar29;
- undefined8 *puVar30;
- undefined *puVar31;
+ short sVar29;
+ void *pvVar30;
+ undefined8 *puVar31;
undefined *puVar32;
- uint uVar33;
- undefined4 uVar35;
- undefined8 *puVar36;
+ undefined *puVar33;
+ uint uVar34;
+ undefined4 uVar36;
undefined8 *puVar37;
- longlong *plVar38;
- short sVar39;
+ undefined8 *puVar38;
+ longlong *plVar39;
+ short sVar40;
undefined auStack_288 [8];
undefined auStack_280 [24];
undefined8 local_268;
undefined8 local_260;
undefined4 local_258;
uint local_250;
undefined8 **local_248;
char local_238;
undefined2 local_236;
undefined8 *local_230;
undefined local_228;
undefined8 *local_220;
undefined8 *local_218;
undefined8 *local_210;
undefined2 local_208;
uint local_204;
uint local_200;
- int local_1f8 [2];
+ uint local_1f8 [2];
undefined8 *local_1f0;
uint local_1e8;
undefined8 local_1e0;
undefined local_1d8 [16];
undefined4 local_1c8 [2];
undefined8 *local_1c0;
- undefined local_1b8 [16];
+ undefined8 local_1b8;
+ undefined8 local_1b0;
undefined8 local_1a8;
- undefined8 *local_1a0;
- undefined8 local_198;
- undefined8 *local_190;
+ undefined local_1a0 [16];
+ undefined8 local_190;
undefined8 *local_188;
- undefined8 local_180;
- undefined8 local_178;
- longlong local_170;
- undefined8 *local_168;
+ undefined8 *local_180;
+ undefined8 *local_178;
+ undefined8 *local_170;
+ longlong local_168;
undefined4 *local_160;
undefined8 *local_158;
undefined4 local_150;
undefined4 local_14c;
undefined4 local_148;
undefined4 local_144;
undefined8 local_140;
longlong local_138;
int local_130 [2];
undefined8 *local_128;
undefined local_120 [16];
undefined local_110 [16];
undefined local_100 [16];
undefined local_f0 [16];
undefined local_e0 [16];
undefined local_d0 [24];
undefined2 local_b8;
undefined local_b6 [14];
undefined local_a8 [96];
ulonglong local_48;
- undefined8 *puVar34;
+ undefined8 *puVar35;
- puVar31 = auStack_288;
+ puVar32 = auStack_288;
local_48 = __security_cookie ^ (ulonglong)auStack_288;
- puVar37 = (undefined8 *)0x0;
+ puVar38 = (undefined8 *)0x0;
local_208 = CONCAT11(local_208._1_1_,param_3);
- local_168 = (undefined8 *)0x0;
- local_198 = 0;
+ uVar34 = 0xffffffff;
+ local_170 = (undefined8 *)0x0;
+ local_1a8 = 0xffffffff;
local_120._4_12_ = SUB1612(ZEXT816(0),4);
local_120._0_4_ = 0xffff0000;
local_100._4_12_ = SUB1612(ZEXT816(0),4);
local_100._0_4_ = 0xffff0000;
local_e0._4_12_ = SUB1612(ZEXT816(0),4);
local_e0._0_4_ = 0xffff0000;
local_1d8 = ZEXT816(0);
- local_180 = 0;
- local_1a8 = 0;
- local_1e0 = 0;
local_1c8[0] = 0;
- local_178 = 0;
local_140 = 0;
- local_1b8 = ZEXT816(0);
+ local_1a0 = ZEXT816(0);
local_210 = (undefined8 *)0x0;
local_110 = ZEXT816(0);
local_218 = (undefined8 *)0x0;
local_f0 = ZEXT816(0);
local_220 = (undefined8 *)0x0;
local_d0._0_16_ = ZEXT816(0);
+ local_178 = (undefined8 *)0x0;
+ local_1f0 = (undefined8 *)0x0;
+ local_180 = (undefined8 *)0x0;
local_188 = (undefined8 *)0x0;
- local_1f0 = (undefined8 *)0x0;
- local_190 = (undefined8 *)0x0;
- local_1a0 = (undefined8 *)0x0;
local_1c0 = param_2;
- local_170 = param_1;
- HvpGetCellContextReinitialize(&local_198);
- HvpGetCellContextReinitialize(&local_180);
+ local_168 = param_1;
+ HvpGetBinContextInitialize((longlong)&local_1a8 + 4);
+ local_1b8 = (ulonglong)uVar34;
+ HvpGetBinContextInitialize((longlong)&local_1b8 + 4);
+ local_1b0 = (ulonglong)uVar34;
local_160 = (undefined4 *)0x0;
- local_204 = 0xffffffff;
- HvpGetCellContextReinitialize(&local_1a8);
- HvpGetCellContextReinitialize(&local_1e0);
+ local_204 = uVar34;
+ HvpGetBinContextInitialize((longlong)&local_1b0 + 4);
+ local_1e0 = (ulonglong)uVar34;
+ HvpGetBinContextInitialize((longlong)&local_1e0 + 4);
+ local_190 = (ulonglong)uVar34;
local_158 = (undefined8 *)0x0;
- HvpGetCellContextReinitialize(&local_178);
+ HvpGetBinContextInitialize((longlong)&local_190 + 4);
local_138 = 0;
- local_1f8[0] = -1;
- local_1f8[1] = -1;
local_236 = (ushort)local_236._1_1_ << 8;
+ local_1f8[0] = uVar34;
+ local_1f8[1] = uVar34;
memset(local_b6,0,0x66);
local_b8 = 0xfffe;
CmpInitializeKeyNodeStack(local_a8);
CmpInitializeDelayDerefContext(local_1d8);
- uVar5 = _DAT_0;
- cVar13 = CmpIsShutdownRundownActive();
- puVar23 = puVar37;
- puVar24 = puVar37;
- puVar30 = puVar37;
- while (cVar13 == '\0') {
+ uVar7 = _DAT_0;
+ cVar15 = CmpIsShutdownRundownActive();
+ puVar25 = puVar38;
+ puVar26 = puVar38;
+ puVar31 = puVar38;
+ while (cVar15 == '\0') {
CmpLockRegistryExclusive();
- puVar37 = *(undefined8 **)(param_1 + 8);
+ puVar38 = *(undefined8 **)(param_1 + 8);
local_228 = 1;
- puVar30 = (undefined8 *)puVar37[9];
- local_230 = puVar30;
- iVar19 = CmpStartKcbStackForTopLayerKcb(local_120,puVar37);
- puVar32 = auStack_288;
+ puVar31 = (undefined8 *)puVar38[9];
+ local_230 = puVar31;
+ iVar21 = CmpStartKcbStackForTopLayerKcb(local_120,puVar38);
+ puVar33 = auStack_288;
P = local_218;
- puVar22 = local_210;
- puVar34 = local_220;
- if ((((((iVar19 < 0) ||
- (iVar19 = CmpStartKcbStackForTopLayerKcb(local_100,puVar30), puVar32 = auStack_288,
- P = local_218, puVar22 = local_210, puVar34 = local_220, iVar19 < 0)) ||
- (puVar32 = auStack_288, (*(uint *)(puVar37 + 1) & 0x180) != 0)) ||
- ((puVar32 = auStack_288, (*(uint *)(puVar37[4] + 0xa0) & 0x100000) != 0 ||
- (puVar32 = auStack_288, puVar37[4] == CmpMasterHive)))) ||
- ((puVar32 = auStack_288, (*(uint *)(puVar37 + 0x17) & 0x40000) != 0 ||
- (iVar19 = CmpPerformKeyBodyDeletionCheck(param_1,0), puVar32 = auStack_288, P = local_218,
- puVar22 = local_210, puVar34 = local_220, iVar19 < 0)))) ||
- (((*(undefined8 **)(param_1 + 0x38) != puVar23 ||
- (puVar36 = puVar23, puVar24 = puVar23, *(undefined8 **)(param_1 + 0x40) != puVar23)) &&
- ((iVar19 = CmpTransSearchAddTransFromKeyBody(param_1,&local_168), puVar36 = local_168,
- puVar32 = auStack_288, P = local_218, puVar22 = local_210, puVar34 = local_220, iVar19 < 0
- || (iVar19 = CmpPerformKeyBodyDeletionCheck(param_1,local_168), puVar32 = auStack_288,
- P = local_218, puVar22 = local_210, puVar34 = local_220, puVar24 = local_168, iVar19 < 0
+ puVar24 = local_210;
+ puVar35 = local_220;
+ if ((((((iVar21 < 0) ||
+ (iVar21 = CmpStartKcbStackForTopLayerKcb(local_100,puVar31), puVar33 = auStack_288,
+ P = local_218, puVar24 = local_210, puVar35 = local_220, iVar21 < 0)) ||
+ (puVar33 = auStack_288, (*(uint *)(puVar38 + 1) & 0x180) != 0)) ||
+ ((puVar33 = auStack_288, (*(uint *)(puVar38[4] + 0xa0) & 0x100000) != 0 ||
+ (puVar33 = auStack_288, puVar38[4] == CmpMasterHive)))) ||
+ ((puVar33 = auStack_288, (*(uint *)(puVar38 + 0x17) & 0x40000) != 0 ||
+ (iVar21 = CmpPerformKeyBodyDeletionCheck(param_1,0), puVar33 = auStack_288, P = local_218,
+ puVar24 = local_210, puVar35 = local_220, iVar21 < 0)))) ||
+ (((*(undefined8 **)(param_1 + 0x38) != puVar25 ||
+ (puVar37 = puVar25, puVar26 = puVar25, *(undefined8 **)(param_1 + 0x40) != puVar25)) &&
+ ((iVar21 = CmpTransSearchAddTransFromKeyBody(param_1,&local_170), puVar37 = local_170,
+ puVar33 = auStack_288, P = local_218, puVar24 = local_210, puVar35 = local_220, iVar21 < 0
+ || (iVar21 = CmpPerformKeyBodyDeletionCheck(param_1,local_170), puVar33 = auStack_288,
+ P = local_218, puVar24 = local_210, puVar35 = local_220, puVar26 = local_170, iVar21 < 0
)))))) goto LAB_1;
- local_168 = puVar24;
- if ((*(short *)((longlong)puVar37 + 0x42) != (short)puVar23) && (puVar36 != (undefined8 *)0x0))
+ local_170 = puVar26;
+ if ((*(short *)((longlong)puVar38 + 0x42) != (short)puVar25) && (puVar37 != (undefined8 *)0x0))
{
CmpLogUnsupportedOperation(0x1a);
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- puVar22 = local_210;
- puVar34 = local_220;
+ puVar24 = local_210;
+ puVar35 = local_220;
goto LAB_1;
}
- if (puVar36 != (undefined8 *)0x0) {
+ if (puVar37 != (undefined8 *)0x0) {
CmpLogUnsupportedOperation(0x18);
- }
- lVar21 = CmpGetSecurityCacheEntryForKcbStack(local_100,puVar36);
- uVar11 = (undefined)local_208;
- iVar19 = CmpCheckKeySecurityDescriptorAccess(lVar21 + 0x20,(undefined)local_208,4);
- if (iVar19 < 0) goto LAB_2;
+ iVar21 = Feature_MSRC76458_DisableTransactedRename__private_IsEnabled();
+ puVar33 = auStack_288;
+ P = local_218;
+ puVar24 = local_210;
+ puVar35 = local_220;
+ if (iVar21 != 0) goto LAB_1;
+ }
+ lVar23 = CmpGetSecurityCacheEntryForKcbStack(local_100,puVar37);
+ uVar13 = (undefined)local_208;
+ iVar21 = CmpCheckKeySecurityDescriptorAccess(lVar23 + 0x20,(undefined)local_208,4);
+ if (iVar21 < 0) goto LAB_2;
local_260 = (undefined8 *)CONCAT44(local_260._4_4_,1);
local_268 = (undefined4 **)
CONCAT44(local_268._4_4_,
- (-(uint)(*(short *)((longlong)puVar37 + 0x42) != 0) & 0x20019) + 0x10000);
- iVar19 = CmpDoAccessCheckOnLayeredSubtree(local_120,puVar36,0,uVar11);
- bVar10 = false;
- if (iVar19 < 0) {
+ (-(uint)(*(short *)((longlong)puVar38 + 0x42) != 0) & 0x20019) + 0x10000);
+ iVar21 = CmpDoAccessCheckOnLayeredSubtree(local_120,puVar37,0,uVar13);
+ bVar12 = false;
+ if (iVar21 < 0) {
LAB_3:
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
- puVar22 = local_210;
- puVar23 = (undefined8 *)0x0;
- puVar34 = local_220;
+ puVar24 = local_210;
+ puVar25 = (undefined8 *)0x0;
+ puVar35 = local_220;
goto LAB_1;
}
- CmpFlushNotifiesOnKeyBodyList(puVar37,0,local_1d8,1);
- CmpReportNotify(puVar37,puVar36,1,0);
- if (puVar36 != (undefined8 *)0x0) {
- if ((longlong *)puVar37[0x1a] != puVar37 + 0x1a) goto LAB_3;
- puVar22 = (undefined8 *)CmpAllocateUnitOfWork();
- puVar32 = auStack_288;
+ CmpFlushNotifiesOnKeyBodyList(puVar38,0,local_1d8,1);
+ CmpReportNotify(puVar38,puVar37,1,0);
+ if (puVar37 != (undefined8 *)0x0) {
+ if ((longlong *)puVar38[0x1a] != puVar38 + 0x1a) goto LAB_3;
+ puVar24 = (undefined8 *)CmpAllocateUnitOfWork();
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
- puVar23 = (undefined8 *)0x0;
- puVar34 = local_220;
- local_210 = puVar22;
- if (puVar22 != (undefined8 *)0x0) {
- puVar24 = (undefined8 *)CmpAllocateUnitOfWork();
- local_220 = puVar24;
- if (puVar24 != (undefined8 *)0x0) {
- CmpTransEnlistUowInKcb(puVar22,puVar30);
- CmpTransEnlistUowInKcb(puVar24,puVar37);
- iVar19 = CmpTransEnlistUowInCmTrans(puVar22,puVar36);
- if ((-1 < iVar19) && (iVar19 = CmpTransEnlistUowInCmTrans(puVar24,puVar36), -1 < iVar19))
+ puVar25 = (undefined8 *)0x0;
+ puVar35 = local_220;
+ local_210 = puVar24;
+ if (puVar24 != (undefined8 *)0x0) {
+ puVar25 = (undefined8 *)CmpAllocateUnitOfWork();
+ local_220 = puVar25;
+ if (puVar25 != (undefined8 *)0x0) {
+ CmpTransEnlistUowInKcb(puVar24,puVar31);
+ CmpTransEnlistUowInKcb(puVar25,puVar38);
+ iVar21 = CmpTransEnlistUowInCmTrans(puVar24,puVar37);
+ if ((-1 < iVar21) && (iVar21 = CmpTransEnlistUowInCmTrans(puVar25,puVar37), -1 < iVar21))
{
- bVar14 = CmpLockIXLockExclusive(puVar30 + 0x1f,puVar22,0);
- bVar15 = CmpLockIXLockExclusive(puVar30 + 0x21,puVar22,1);
- bVar16 = CmpLockIXLockExclusive(puVar37 + 0x1f,local_220,0);
+ bVar16 = CmpLockIXLockExclusive(puVar31 + 0x1f,puVar24,0);
+ bVar17 = CmpLockIXLockExclusive(puVar31 + 0x21,puVar24,1);
+ bVar18 = CmpLockIXLockExclusive(puVar38 + 0x1f,local_220,0);
local_238 = '\0';
- bVar17 = CmpLockIXLockExclusive(puVar37 + 0x21,local_220,1);
- if ((bVar14 & bVar15 & bVar16 & bVar17) != 0) goto LAB_4;
+ bVar19 = CmpLockIXLockExclusive(puVar38 + 0x21,local_220,1);
+ if ((bVar16 & bVar17 & bVar18 & bVar19) != 0) goto LAB_4;
}
}
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
- puVar23 = (undefined8 *)0x0;
- puVar34 = local_220;
+ puVar25 = (undefined8 *)0x0;
+ puVar35 = local_220;
}
goto LAB_1;
}
- iVar19 = CmpTryAcquireKcbIXLocks(puVar37,1);
- if (iVar19 == -0x3ffffdd3) {
- bVar10 = true;
+ iVar21 = CmpTryAcquireKcbIXLocks(puVar38,1);
+ if (iVar21 == -0x3ffffdd3) {
+ bVar12 = true;
local_238 = '\x01';
}
else {
local_238 = '\0';
- if (iVar19 < 0) goto LAB_2;
- }
- iVar19 = CmpTryAcquireKcbIXLocks(puVar30);
- if (iVar19 == -0x3ffffdd3) {
+ if (iVar21 < 0) goto LAB_2;
+ }
+ iVar21 = CmpTryAcquireKcbIXLocks(puVar31);
+ if (iVar21 == -0x3ffffdd3) {
LAB_5:
- local_268 = (undefined4 **)CONCAT44(local_268._4_4_,local_1b8._0_4_);
- CmpLogTransactionAbortedWithChildName(puVar37,0,4);
- pvVar28 = (void *)0x0;
+ local_268 = (undefined4 **)CONCAT44(local_268._4_4_,local_1a0._0_4_);
+ CmpLogTransactionAbortedWithChildName(puVar38,0,4);
+ pvVar30 = (void *)0x0;
CmpDrainDelayDerefContext(local_1d8);
CmpUnlockRegistry();
- puVar23 = (undefined8 *)0x0;
+ puVar25 = (undefined8 *)0x0;
local_228 = 0;
- iVar19 = CmpAbortRollbackPacket(local_1b8);
- if (iVar19 < 0) goto LAB_3;
- CmpCleanupRollbackPacket(local_1b8);
- local_1b8 = ZEXT816(0);
+ iVar21 = CmpAbortRollbackPacket(local_1a0);
+ if (iVar21 < 0) goto LAB_3;
+ CmpCleanupRollbackPacket(local_1a0);
+ local_1a0 = ZEXT816(0);
if ((void *)local_110._8_8_ != (void *)0x0) {
- SmFreeWrapper((void *)local_110._8_8_,pvVar28);
- }
- puVar24 = puVar23;
+ SmFreeWrapper((void *)local_110._8_8_,pvVar30);
+ }
+ puVar26 = puVar25;
if ((void *)local_f0._8_8_ != (void *)0x0) {
- SmFreeWrapper((void *)local_f0._8_8_,pvVar28);
+ SmFreeWrapper((void *)local_f0._8_8_,pvVar30);
}
}
else {
- if (iVar19 < 0) {
+ if (iVar21 < 0) {
LAB_2:
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
- puVar22 = local_210;
- puVar23 = (undefined8 *)0x0;
- puVar34 = local_220;
+ puVar24 = local_210;
+ puVar25 = (undefined8 *)0x0;
+ puVar35 = local_220;
goto LAB_1;
}
- if (bVar10) goto LAB_5;
+ if (bVar12) goto LAB_5;
LAB_4:
- iVar19 = CmpHashUnicodeComponent(local_1c0);
- uVar33 = *(int *)(puVar30 + 2) * 0x25 + iVar19;
- puVar34 = (undefined8 *)(ulonglong)uVar33;
- local_130[0] = iVar19;
- puVar23 = (undefined8 *)CmpFindKcbInHashEntryByName(puVar30[4],puVar34,puVar30);
- puVar24 = (undefined8 *)0x0;
- local_1f0 = puVar23;
- if (puVar23 == (undefined8 *)0x0) {
- sVar27 = *(short *)((longlong)puVar30 + 0x42);
+ iVar21 = CmpHashUnicodeComponent(local_1c0);
+ uVar34 = *(int *)(puVar31 + 2) * 0x25 + iVar21;
+ puVar35 = (undefined8 *)(ulonglong)uVar34;
+ local_130[0] = iVar21;
+ puVar25 = (undefined8 *)CmpFindKcbInHashEntryByName(puVar31[4],puVar35,puVar31);
+ puVar26 = (undefined8 *)0x0;
+ local_1f0 = puVar25;
+ if (puVar25 == (undefined8 *)0x0) {
+ sVar29 = *(short *)((longlong)puVar31 + 0x42);
local_200 = 0xffffffff;
local_1e8 = 0xffffffff;
local_236 = -1;
- local_1a0 = (undefined8 *)0x0;
- if (sVar27 < 0) {
+ local_188 = (undefined8 *)0x0;
+ if (sVar29 < 0) {
LAB_6:
- local_236 = CONCAT11(local_236._1_1_,(char)puVar24);
- puVar23 = local_1f0;
+ local_236 = CONCAT11(local_236._1_1_,(char)puVar26);
+ puVar25 = local_1f0;
local_200 = local_1e8;
goto LAB_7;
}
do {
- lVar21 = CmpGetKcbAtLayerHeight(local_100,sVar27);
- if ((*(short *)(lVar21 + 0x42) != (short)puVar24) &&
- (puVar23 = local_1a0, sVar39 = local_236, *(char *)(lVar21 + 0x41) == '\x01')) break;
- if (*(int *)(lVar21 + 0x28) != -1) {
- uVar25 = CmpGetKeyNodeForKcb(lVar21,&local_180,1);
- iVar20 = CmpFindSubKeyByNameWithStatus(*(undefined8 *)(lVar21 + 0x20),uVar25,local_1c0);
- if ((*(byte *)(*(longlong *)(lVar21 + 0x20) + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(*(longlong *)(lVar21 + 0x20),&local_180);
+ lVar23 = CmpGetKcbAtLayerHeight(local_100,sVar29);
+ if ((*(short *)(lVar23 + 0x42) != (short)puVar26) &&
+ (puVar25 = local_188, sVar40 = local_236, *(char *)(lVar23 + 0x41) == '\x01')) break;
+ if (*(int *)(lVar23 + 0x28) != -1) {
+ uVar27 = CmpGetKeyNodeForKcb(lVar23,&local_1b8,1);
+ iVar22 = CmpFindSubKeyByNameWithStatus(*(undefined8 *)(lVar23 + 0x20),uVar27,local_1c0);
+ if ((*(byte *)(*(longlong *)(lVar23 + 0x20) + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(*(longlong *)(lVar23 + 0x20),&local_1b8);
}
else {
HvpReleaseCellFlat();
}
- puVar24 = (undefined8 *)0x0;
- if (-1 < iVar20) {
- local_1a0 = *(undefined8 **)(lVar21 + 0x20);
- puVar23 = local_1a0;
- sVar39 = sVar27;
+ puVar26 = (undefined8 *)0x0;
+ if (-1 < iVar22) {
+ local_188 = *(undefined8 **)(lVar23 + 0x20);
+ puVar25 = local_188;
+ sVar40 = sVar29;
break;
}
- if (iVar20 != -0x3fffffcc) {
- puVar32 = auStack_288;
+ if (iVar22 != -0x3fffffcc) {
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
goto LAB_8;
}
- if ((*(short *)(lVar21 + 0x42) != 0) &&
- (puVar23 = puVar24, sVar39 = local_236, *(char *)(lVar21 + 0x41) != '\0')) break;
+ if ((*(short *)(lVar23 + 0x42) != 0) &&
+ (puVar25 = puVar26, sVar40 = local_236, *(char *)(lVar23 + 0x41) != '\0')) break;
}
- sVar27 = sVar27 + -1;
- puVar23 = local_1a0;
- sVar39 = local_236;
- } while (-1 < sVar27);
+ sVar29 = sVar29 + -1;
+ puVar25 = local_188;
+ sVar40 = local_236;
+ } while (-1 < sVar29);
local_200 = local_1e8;
- puVar30 = local_230;
+ puVar31 = local_230;
if (local_1e8 == 0xffffffff) goto LAB_6;
- if ((*(byte *)((longlong)puVar23 + 0x8c) & 1) == 0) {
- puVar24 = (undefined8 *)HvpGetCellPaged(puVar23,local_1e8,&local_198);
+ if ((*(byte *)((longlong)puVar25 + 0x8c) & 1) == 0) {
+ puVar26 = (undefined8 *)HvpGetCellPaged(puVar25,local_1e8,&local_1a8);
}
else {
- puVar24 = (undefined8 *)HvpGetCellFlat();
- }
- iVar20 = CmpGetEffectiveKeyNodeSemantics(puVar23,puVar24);
- puVar32 = auStack_288;
+ puVar26 = (undefined8 *)HvpGetCellFlat();
+ }
+ iVar22 = CmpGetEffectiveKeyNodeSemantics(puVar25,puVar26);
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 != 1) goto LAB_8;
- if ((*(byte *)((longlong)puVar23 + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar23,&local_198);
+ if (iVar22 != 1) goto LAB_8;
+ if ((*(byte *)((longlong)puVar25 + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar25,&local_1a8);
}
else {
HvpReleaseCellFlat();
}
- puVar24 = (undefined8 *)0x0;
- uVar35 = 0;
+ puVar26 = (undefined8 *)0x0;
+ uVar36 = 0;
local_236 = CONCAT11(local_236._1_1_,1);
- puVar23 = local_1f0;
- puVar30 = local_230;
- if (sVar39 != *(short *)((longlong)local_230 + 0x42)) {
- local_1a0 = (undefined8 *)0x0;
+ puVar25 = local_1f0;
+ puVar31 = local_230;
+ if (sVar40 != *(short *)((longlong)local_230 + 0x42)) {
+ local_188 = (undefined8 *)0x0;
local_200 = 0xffffffff;
local_1e8 = 0xffffffff;
goto LAB_7;
}
}
else {
- CmpReferenceKeyControlBlock(puVar23);
- local_200 = *(uint *)(puVar23 + 5);
+ CmpReferenceKeyControlBlock(puVar25);
+ local_200 = *(uint *)(puVar25 + 5);
local_1e8 = local_200;
- iVar20 = CmpStartKcbStackForTopLayerKcb(local_e0,puVar23);
- if (iVar20 < 0) goto LAB_2;
- cVar13 = CmpIsKeyStackDeleted(local_e0,puVar36);
- puVar24 = (undefined8 *)0x0;
- if (cVar13 == '\0') {
- puVar32 = auStack_288;
+ iVar22 = CmpStartKcbStackForTopLayerKcb(local_e0,puVar25);
+ if (iVar22 < 0) goto LAB_2;
+ cVar15 = CmpIsKeyStackDeleted(local_e0,puVar37);
+ puVar26 = (undefined8 *)0x0;
+ if (cVar15 == '\0') {
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
- puVar22 = local_210;
- puVar23 = puVar24;
- puVar34 = local_220;
+ puVar24 = local_210;
+ puVar25 = puVar26;
+ puVar35 = local_220;
goto LAB_1;
}
- puVar23 = local_1f0;
- for (sVar27 = *(short *)((longlong)local_1f0 + 0x42); -1 < sVar27; sVar27 = sVar27 + -1) {
- lVar21 = CmpGetKcbAtLayerHeight(local_e0);
- if ((*(short *)(lVar21 + 0x42) != (short)puVar24) && (*(char *)(lVar21 + 0x41) == '\x01'))
+ puVar25 = local_1f0;
+ for (sVar29 = *(short *)((longlong)local_1f0 + 0x42); -1 < sVar29; sVar29 = sVar29 + -1) {
+ lVar23 = CmpGetKcbAtLayerHeight(local_e0);
+ if ((*(short *)(lVar23 + 0x42) != (short)puVar26) && (*(char *)(lVar23 + 0x41) == '\x01'))
{
local_236 = CONCAT11(local_236._1_1_,1);
break;
}
}
LAB_7:
- uVar35 = SUB84(puVar24,0);
- }
- puVar36 = local_168;
- puVar22 = local_1c0;
- if (local_168 != (undefined8 *)0x0) {
- if (puVar23 == (undefined8 *)0x0) {
+ uVar36 = SUB84(puVar26,0);
+ }
+ puVar37 = local_170;
+ puVar24 = local_1c0;
+ if (local_170 != (undefined8 *)0x0) {
+ if (puVar25 == (undefined8 *)0x0) {
+ local_248 = &local_178;
local_260 = local_1c0;
- local_268 = (undefined4 **)CONCAT44(local_268._4_4_,uVar35);
- local_258 = iVar19;
- local_250 = uVar33;
- local_248 = &local_188;
- iVar19 = CmpCreateKeyControlBlock(puVar30[4],0xffffffff,puVar30,0);
- puVar36 = local_168;
- if (iVar19 < 0) goto LAB_9;
+ local_268 = (undefined4 **)CONCAT44(local_268._4_4_,uVar36);
+ local_258 = iVar21;
+ local_250 = uVar34;
+ iVar21 = CmpCreateKeyControlBlock(puVar31[4],0xffffffff,puVar31,0);
+ puVar37 = local_170;
+ if (iVar21 < 0) goto LAB_9;
}
else {
- CmpReferenceKeyControlBlockUnsafe(puVar23);
- local_188 = local_1f0;
- puVar22 = local_1c0;
+ CmpReferenceKeyControlBlockUnsafe(puVar25);
+ local_178 = local_1f0;
+ puVar24 = local_1c0;
}
P = (undefined8 *)CmpAllocateUnitOfWork();
- puVar23 = local_188;
- puVar32 = auStack_288;
+ puVar25 = local_178;
+ puVar33 = auStack_288;
if (P == (undefined8 *)0x0) goto LAB_8;
- CmpTransEnlistUowInKcb(P,local_188);
- iVar19 = CmpTransEnlistUowInCmTrans(P,puVar36);
- puVar32 = auStack_288;
- if (iVar19 < 0) goto LAB_8;
- CmpLockIXLockExclusive(puVar23 + 0x1f,P,0);
- CmpLockIXLockExclusive(puVar23 + 0x21,P,1);
- uVar18 = CmpNameSize(puVar22);
- local_260 = &local_1a8;
+ CmpTransEnlistUowInKcb(P,local_178);
+ iVar21 = CmpTransEnlistUowInCmTrans(P,puVar37);
+ puVar33 = auStack_288;
+ if (iVar21 < 0) goto LAB_8;
+ CmpLockIXLockExclusive(puVar25 + 0x1f,P,0);
+ CmpLockIXLockExclusive(puVar25 + 0x21,P,1);
+ uVar20 = CmpNameSize(puVar24);
+ local_260 = &local_1b0;
local_268 = &local_160;
- iVar19 = HvAllocateCell(puVar30[4],uVar18 + 0x4c,1,&local_204);
- puVar32 = auStack_288;
- if (iVar19 < 0) goto LAB_8;
- puVar26 = (undefined4 *)CmpGetKeyNodeForKcb(puVar37,&local_1e0,1);
- puVar12 = local_160;
- uVar35 = puVar26[1];
- uVar8 = puVar26[2];
- uVar9 = puVar26[3];
- *local_160 = *puVar26;
- local_160[1] = uVar35;
- local_160[2] = uVar8;
- local_160[3] = uVar9;
- uVar35 = puVar26[5];
- uVar8 = puVar26[6];
- uVar9 = puVar26[7];
- local_160[4] = puVar26[4];
- local_160[5] = uVar35;
- local_160[6] = uVar8;
- local_160[7] = uVar9;
- uVar35 = puVar26[9];
- uVar8 = puVar26[10];
- uVar9 = puVar26[0xb];
- local_160[8] = puVar26[8];
- local_160[9] = uVar35;
- local_160[10] = uVar8;
- local_160[0xb] = uVar9;
- uVar35 = puVar26[0xd];
- uVar8 = puVar26[0xe];
- uVar9 = puVar26[0xf];
- local_160[0xc] = puVar26[0xc];
- local_160[0xd] = uVar35;
- local_160[0xe] = uVar8;
- local_160[0xf] = uVar9;
- *(undefined8 *)(local_160 + 0x10) = *(undefined8 *)(puVar26 + 0x10);
- local_160[0x12] = puVar26[0x12];
- if ((*(byte *)(puVar37[4] + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar37[4],&local_1e0);
+ iVar21 = HvAllocateCell(puVar31[4],uVar20 + 0x4c,1,&local_204);
+ puVar33 = auStack_288;
+ if (iVar21 < 0) goto LAB_8;
+ puVar28 = (undefined4 *)CmpGetKeyNodeForKcb(puVar38,&local_1e0,1);
+ puVar14 = local_160;
+ uVar36 = puVar28[1];
+ uVar10 = puVar28[2];
+ uVar11 = puVar28[3];
+ *local_160 = *puVar28;
+ local_160[1] = uVar36;
+ local_160[2] = uVar10;
+ local_160[3] = uVar11;
+ uVar36 = puVar28[5];
+ uVar10 = puVar28[6];
+ uVar11 = puVar28[7];
+ local_160[4] = puVar28[4];
+ local_160[5] = uVar36;
+ local_160[6] = uVar10;
+ local_160[7] = uVar11;
+ uVar36 = puVar28[9];
+ uVar10 = puVar28[10];
+ uVar11 = puVar28[0xb];
+ local_160[8] = puVar28[8];
+ local_160[9] = uVar36;
+ local_160[10] = uVar10;
+ local_160[0xb] = uVar11;
+ uVar36 = puVar28[0xd];
+ uVar10 = puVar28[0xe];
+ uVar11 = puVar28[0xf];
+ local_160[0xc] = puVar28[0xc];
+ local_160[0xd] = uVar36;
+ local_160[0xe] = uVar10;
+ local_160[0xf] = uVar11;
+ *(undefined8 *)(local_160 + 0x10) = *(undefined8 *)(puVar28 + 0x10);
+ local_160[0x12] = puVar28[0x12];
+ if ((*(byte *)(puVar38[4] + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar38[4],&local_1e0);
}
else {
HvpReleaseCellFlat();
}
- uVar18 = CmpCopyName(puVar12 + 0x13,puVar22);
- *(ushort *)(puVar12 + 0x12) = uVar18;
- if (uVar18 < *(ushort *)puVar22) {
- *(ushort *)((longlong)puVar12 + 2) = *(ushort *)((longlong)puVar12 + 2) | 0x20;
+ uVar20 = CmpCopyName(puVar14 + 0x13,puVar24);
+ *(ushort *)(puVar14 + 0x12) = uVar20;
+ if (uVar20 < *(ushort *)puVar24) {
+ *(ushort *)((longlong)puVar14 + 2) = *(ushort *)((longlong)puVar14 + 2) | 0x20;
}
else {
- *(ushort *)((longlong)puVar12 + 2) = *(ushort *)((longlong)puVar12 + 2) & 0xffdf;
+ *(ushort *)((longlong)puVar14 + 2) = *(ushort *)((longlong)puVar14 + 2) & 0xffdf;
}
*(undefined8 *)(local_160 + 1) = _DAT_0;
- *(uint *)(local_188 + 5) = local_204;
- CmpRebuildKcbCacheFromNode(local_188,local_160,local_1d8,1);
- if ((*(byte *)(puVar30[4] + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar30[4],&local_1a8);
+ *(uint *)(local_178 + 5) = local_204;
+ CmpRebuildKcbCacheFromNode(local_178,local_160,local_1d8,1);
+ if ((*(byte *)(puVar31[4] + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar31[4],&local_1b0);
}
else {
HvpReleaseCellFlat();
}
- puVar30 = local_188;
- puVar22 = local_210;
- puVar34 = local_220;
+ puVar31 = local_178;
+ puVar24 = local_210;
+ puVar35 = local_220;
*(undefined4 *)((longlong)local_210 + 0x44) = 10;
- local_210[0xb] = puVar37;
- local_210[0xc] = local_188;
+ local_210[0xb] = puVar38;
+ local_210[0xc] = local_178;
*(undefined4 *)((longlong)local_220 + 0x44) = 0xb;
- local_220[0xb] = local_188;
+ local_220[0xb] = local_178;
*(undefined4 *)((longlong)P + 0x44) = 0xc;
- P[0xb] = puVar37;
- *(uint *)(P + 9) = *(uint *)(puVar37 + 5) >> 0x1f;
+ P[0xb] = puVar38;
+ *(uint *)(P + 9) = *(uint *)(puVar38 + 5) >> 0x1f;
P[10] = local_210;
- iVar19 = CmAddLogForAction(local_220,1);
- lVar21 = local_170;
- puVar32 = auStack_288;
- if (-1 < iVar19) {
- puVar30[0x1e] = local_168;
- DelistKeyBodyFromKCB(local_170,1);
- *(undefined8 **)(lVar21 + 8) = puVar30;
- EnlistKeyBodyWithKCB(lVar21,2);
+ iVar21 = CmAddLogForAction(local_220,1);
+ lVar23 = local_168;
+ puVar33 = auStack_288;
+ if (-1 < iVar21) {
+ puVar31[0x1e] = local_170;
+ DelistKeyBodyFromKCB(local_168,1);
+ *(undefined8 **)(lVar23 + 8) = puVar31;
+ EnlistKeyBodyWithKCB(lVar23,2);
P = (undefined8 *)0x0;
- local_188 = (undefined8 *)0x0;
- CmpDereferenceKeyControlBlockWithLock(puVar37,local_1d8,0);
+ local_178 = (undefined8 *)0x0;
+ CmpDereferenceKeyControlBlockWithLock(puVar38,local_1d8,0);
local_204 = 0xffffffff;
- puVar32 = auStack_288;
- puVar22 = P;
- puVar34 = P;
+ puVar33 = auStack_288;
+ puVar24 = P;
+ puVar35 = P;
}
goto LAB_10;
}
- if (puVar23 != (undefined8 *)0x0) {
- iVar20 = CmpTryAcquireKcbIXLocks(puVar23,1);
- if (iVar20 == -0x3ffffdd3) {
+ if (puVar25 != (undefined8 *)0x0) {
+ iVar22 = CmpTryAcquireKcbIXLocks(puVar25,1);
+ if (iVar22 == -0x3ffffdd3) {
local_238 = '\x01';
}
else {
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
- }
- iVar20 = CmpPrepareToInvalidateAllHigherLayerKcbs(local_1f0,1,local_1b8);
- if (iVar20 == -0x3ffffdd3) {
+ if (iVar22 < 0) goto LAB_8;
+ }
+ iVar22 = CmpPrepareToInvalidateAllHigherLayerKcbs(local_1f0,1,local_1a0);
+ if (iVar22 == -0x3ffffdd3) {
local_238 = '\x01';
}
else {
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
- }
- iVar20 = CmpPrepareForSubtreeInvalidation(local_1f0,local_1b8);
- if (iVar20 == -0x3ffffdd3) {
+ if (iVar22 < 0) goto LAB_8;
+ }
+ iVar22 = CmpPrepareForSubtreeInvalidation(local_1f0,local_1a0);
+ if (iVar22 == -0x3ffffdd3) {
local_238 = '\x01';
}
else {
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
- }
- }
- iVar20 = CmpPrepareToInvalidateAllHigherLayerKcbs(puVar37,1,local_1b8);
- if (iVar20 == -0x3ffffdd3) {
+ if (iVar22 < 0) goto LAB_8;
+ }
+ }
+ iVar22 = CmpPrepareToInvalidateAllHigherLayerKcbs(puVar38,1,local_1a0);
+ if (iVar22 == -0x3ffffdd3) {
local_238 = '\x01';
}
else {
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
- }
- if (*(short *)((longlong)puVar37 + 0x42) == 0) {
+ if (iVar22 < 0) goto LAB_8;
+ }
+ if (*(short *)((longlong)puVar38 + 0x42) == 0) {
LAB_11:
- puVar23 = local_1f0;
+ puVar25 = local_1f0;
if (local_238 == '\0') {
if (local_1f0 != (undefined8 *)0x0) {
local_14c = 8;
local_258 = CONCAT31(local_258._1_3_,1);
local_260 = (undefined8 *)CONCAT71(local_260._1_7_,1);
local_150 = 1;
local_268 = (undefined4 **)&local_150;
CmpEnumerateAllHigherLayerKcbs
- (local_1f0,NtQueryPortInformationProcess,
+ (local_1f0,CmpCleanUpHigherLayerKcbCachesPreCallback,
CmpInvalidateAllHigherLayerKcbsPostCallback,local_1d8);
- CmpInvalidateSubtree(puVar23,8,local_1d8);
- CmpFlushNotifiesOnKeyBodyList(puVar23,8,local_1d8);
- CmpMarkKeyUnbacked(puVar23,local_1d8);
- CmpDiscardKcb(puVar23,local_1d8);
+ CmpInvalidateSubtree(puVar25,8,local_1d8);
+ CmpFlushNotifiesOnKeyBodyList(puVar25,8,local_1d8);
+ CmpMarkKeyUnbacked(puVar25,local_1d8);
+ CmpDiscardKcb(puVar25,local_1d8);
}
local_144 = 8;
local_258 = CONCAT31(local_258._1_3_,1);
local_260 = (undefined8 *)CONCAT71(local_260._1_7_,1);
local_148 = 1;
local_268 = (undefined4 **)&local_148;
CmpEnumerateAllHigherLayerKcbs
- (puVar37,NtQueryPortInformationProcess,
+ (puVar38,CmpCleanUpHigherLayerKcbCachesPreCallback,
CmpInvalidateAllHigherLayerKcbsPostCallback,local_1d8);
- if (*(short *)((longlong)puVar37 + 0x42) != 0) {
- CmpInvalidateSubtree(puVar37,8,local_1d8,0);
+ if (*(short *)((longlong)puVar38 + 0x42) != 0) {
+ CmpInvalidateSubtree(puVar38,8,local_1d8,0);
}
local_208 = 0;
- if (*(short *)((longlong)puVar37 + 0x42) < 1) goto LAB_12;
+ if (0 < *(short *)((longlong)puVar38 + 0x42)) goto LAB_12;
goto LAB_13;
}
}
else {
- iVar20 = CmpPrepareForSubtreeInvalidation(puVar37);
- if (iVar20 != -0x3ffffdd3) {
- puVar32 = auStack_288;
+ iVar22 = CmpPrepareForSubtreeInvalidation(puVar38);
+ if (iVar22 != -0x3ffffdd3) {
+ puVar33 = auStack_288;
P = local_218;
- if (-1 < iVar20) goto LAB_11;
+ if (-1 < iVar22) goto LAB_11;
goto LAB_8;
}
}
- local_268 = (undefined4 **)CONCAT44(local_268._4_4_,local_1b8._0_4_);
- CmpLogTransactionAbortedWithChildName(puVar37,0,4);
+ local_268 = (undefined4 **)CONCAT44(local_268._4_4_,local_1a0._0_4_);
+ CmpLogTransactionAbortedWithChildName(puVar38,0,4);
if (local_1f0 != (undefined8 *)0x0) {
CmpDereferenceKeyControlBlockWithLock(local_1f0,local_1d8,0);
local_1f0 = (undefined8 *)0x0;
}
- puVar23 = local_1f0;
- pvVar28 = (void *)0x0;
+ puVar25 = local_1f0;
+ pvVar30 = (void *)0x0;
CmpDrainDelayDerefContext(local_1d8);
CmpUnlockRegistry();
- local_228 = SUB81(puVar23,0);
- iVar19 = CmpAbortRollbackPacket(local_1b8);
- puVar32 = auStack_288;
+ local_228 = SUB81(puVar25,0);
+ iVar21 = CmpAbortRollbackPacket(local_1a0);
+ puVar33 = auStack_288;
P = local_218;
- if (iVar19 < 0) goto LAB_8;
- CmpCleanupRollbackPacket(local_1b8);
- local_1b8 = ZEXT816(0);
+ if (iVar21 < 0) goto LAB_8;
+ CmpCleanupRollbackPacket(local_1a0);
+ local_1a0 = ZEXT816(0);
if ((void *)local_110._8_8_ != (void *)0x0) {
- SmFreeWrapper((void *)local_110._8_8_,pvVar28);
- }
- param_1 = local_170;
+ SmFreeWrapper((void *)local_110._8_8_,pvVar30);
+ }
+ param_1 = local_168;
if ((void *)local_f0._8_8_ != (void *)0x0) {
- SmFreeWrapper((void *)local_f0._8_8_,pvVar28);
- param_1 = local_170;
- }
- }
- uVar5 = _DAT_0;
- cVar13 = CmpIsShutdownRundownActive();
- puVar30 = local_230;
+ SmFreeWrapper((void *)local_f0._8_8_,pvVar30);
+ param_1 = local_168;
+ }
+ }
+ uVar7 = _DAT_0;
+ cVar15 = CmpIsShutdownRundownActive();
+ puVar31 = local_230;
}
local_228 = 0;
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- puVar22 = local_210;
- puVar23 = puVar24;
- puVar34 = local_220;
+ puVar24 = local_210;
+ puVar25 = puVar26;
+ puVar35 = local_220;
goto LAB_1;
-LAB_13:
+LAB_12:
do {
- local_170 = CmpGetKcbAtLayerHeight(local_100,local_208);
- puVar23 = (undefined8 *)CmpFindKcbInHashEntryByName(puVar30[4],puVar34,puVar30,local_1c0);
- lVar21 = local_170;
- local_128 = puVar23;
- if (puVar23 == (undefined8 *)0x0) {
- if (*(int *)(local_170 + 0x28) == -1) {
+ local_168 = CmpGetKcbAtLayerHeight(local_100,local_208);
+ puVar25 = (undefined8 *)CmpFindKcbInHashEntryByName(puVar31[4],puVar35,puVar31,local_1c0);
+ lVar23 = local_168;
+ local_128 = puVar25;
+ if (puVar25 == (undefined8 *)0x0) {
+ if (*(int *)(local_168 + 0x28) == -1) {
local_1c8[0] = 0xffffffff;
}
else {
- uVar25 = CmpGetKeyNodeForKcb(local_170,&local_180,1);
- plVar38 = (longlong *)(lVar21 + 0x20);
- iVar20 = CmpFindSubKeyByNameWithStatus(*plVar38,uVar25,local_1c0,local_1c8);
- if ((*(byte *)(*plVar38 + 0x8c) & 1) == 0) {
+ uVar27 = CmpGetKeyNodeForKcb(local_168,&local_1b8,1);
+ plVar39 = (longlong *)(lVar23 + 0x20);
+ iVar22 = CmpFindSubKeyByNameWithStatus(*plVar39,uVar27,local_1c0,local_1c8);
+ if ((*(byte *)(*plVar39 + 0x8c) & 1) == 0) {
HvpReleaseCellPaged();
}
else {
HvpReleaseCellFlat();
}
- if (iVar20 == -0x3fffffcc) {
+ if (iVar22 == -0x3fffffcc) {
local_1c8[0] = 0xffffffff;
}
else {
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
+ if (iVar22 < 0) goto LAB_8;
}
}
local_248 = &local_128;
local_260 = local_1c0;
local_268 = (undefined4 **)((ulonglong)local_268 & 0xffffffff00000000);
- local_258 = iVar19;
- local_250 = uVar33;
- iVar20 = CmpCreateKeyControlBlock
- (*(undefined8 *)(lVar21 + 0x20),local_1c8[0],local_170,local_190);
- puVar32 = auStack_288;
+ local_258 = iVar21;
+ local_250 = uVar34;
+ iVar22 = CmpCreateKeyControlBlock
+ (*(undefined8 *)(lVar23 + 0x20),local_1c8[0],local_168,local_180);
+ puVar33 = auStack_288;
P = local_218;
- if (iVar20 < 0) goto LAB_8;
- puVar30 = local_230;
- puVar23 = local_128;
- if (local_190 != (undefined8 *)0x0) {
- CmpDereferenceKeyControlBlockUnsafe(local_190);
- puVar30 = local_230;
- puVar23 = local_128;
+ if (iVar22 < 0) goto LAB_8;
+ puVar31 = local_230;
+ puVar25 = local_128;
+ if (local_180 != (undefined8 *)0x0) {
+ CmpDereferenceKeyControlBlockUnsafe(local_180);
+ puVar31 = local_230;
+ puVar25 = local_128;
}
}
else {
- CmpReferenceKeyControlBlock(puVar23);
- CmpDereferenceKeyControlBlockUnsafe(local_190);
+ CmpReferenceKeyControlBlock(puVar25);
+ CmpDereferenceKeyControlBlockUnsafe(local_180);
}
local_208 = local_208 + 1;
- local_190 = puVar23;
- } while ((short)local_208 < *(short *)((longlong)puVar37 + 0x42));
- if ((puVar23 == (undefined8 *)0x0) ||
- (iVar19 = CmpAllocateLayerInfoForKcb(puVar23), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)) {
-LAB_12:
- if (((*(short *)((longlong)puVar37 + 0x42) == 0) ||
- ((iVar19 = CmpPromoteKey(local_120,1,0), puVar32 = auStack_288, P = local_218, -1 < iVar19
- && (iVar19 = CmpPromoteSubtree(local_120,0), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)))) &&
- ((iVar19 = HvpMarkCellDirty(puVar30[4],*(undefined4 *)(puVar30 + 5),1), puVar32 = auStack_288
- , P = local_218, -1 < iVar19 &&
- (((((puVar23 = (undefined8 *)CmpGetKeyNodeForKcb(puVar30,&local_178,1), local_158 = puVar23,
- *(int *)((longlong)puVar23 + 0x1c) == -1 ||
- (iVar19 = CmpMarkEntireIndexDirty(puVar30[4]), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)) &&
- ((*(int *)(puVar23 + 4) == -1 ||
- (iVar19 = CmpMarkEntireIndexDirty(puVar30[4]), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)))) &&
- (iVar19 = HvpMarkCellDirty(puVar37[4],*(undefined4 *)(puVar37 + 5),1),
- puVar32 = auStack_288, P = local_218, -1 < iVar19)) &&
+ local_180 = puVar25;
+ } while ((short)local_208 < *(short *)((longlong)puVar38 + 0x42));
+ if ((puVar25 == (undefined8 *)0x0) ||
+ (iVar21 = CmpAllocateLayerInfoForKcb(puVar25), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)) {
+LAB_13:
+ if (((*(short *)((longlong)puVar38 + 0x42) == 0) ||
+ ((iVar21 = CmpPromoteKey(local_120,1,0), puVar33 = auStack_288, P = local_218, -1 < iVar21
+ && (iVar21 = CmpPromoteSubtree(local_120,0), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)))) &&
+ ((iVar21 = HvpMarkCellDirty(puVar31[4],*(undefined4 *)(puVar31 + 5),1), puVar33 = auStack_288
+ , P = local_218, -1 < iVar21 &&
+ (((((puVar25 = (undefined8 *)CmpGetKeyNodeForKcb(puVar31,&local_190,1), local_158 = puVar25,
+ *(int *)((longlong)puVar25 + 0x1c) == -1 ||
+ (iVar21 = CmpMarkEntireIndexDirty(puVar31[4]), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)) &&
+ ((*(int *)(puVar25 + 4) == -1 ||
+ (iVar21 = CmpMarkEntireIndexDirty(puVar31[4]), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)))) &&
+ (iVar21 = HvpMarkCellDirty(puVar38[4],*(undefined4 *)(puVar38 + 5),1),
+ puVar33 = auStack_288, P = local_218, -1 < iVar21)) &&
((local_200 == 0xffffffff ||
- (iVar19 = HvpMarkCellDirty(puVar30[4],local_200,1), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)))))))) {
+ (iVar21 = HvpMarkCellDirty(puVar31[4],local_200,1), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)))))))) {
if ((char)local_236 == '\0') {
- iVar19 = CmpMarkAllChildrenDirty(puVar37[4],*(undefined4 *)(puVar37 + 5));
- puVar32 = auStack_288;
+ iVar21 = CmpMarkAllChildrenDirty(puVar38[4],*(undefined4 *)(puVar38 + 5));
+ puVar33 = auStack_288;
P = local_218;
- if (-1 < iVar19) {
+ if (-1 < iVar21) {
LAB_14:
- uVar18 = CmpNameSize(local_1c0);
- local_260 = &local_1a8;
+ uVar20 = CmpNameSize(local_1c0);
+ local_260 = &local_1b0;
local_268 = &local_160;
- iVar19 = HvAllocateCell(puVar37[4],uVar18 + 0x4c,*(uint *)(puVar37 + 5) >> 0x1f,&local_204
+ iVar21 = HvAllocateCell(puVar38[4],uVar20 + 0x4c,*(uint *)(puVar38 + 5) >> 0x1f,&local_204
);
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = local_218;
- if (-1 < iVar19) {
- puVar26 = (undefined4 *)CmpGetKeyNodeForKcb(puVar37,&local_1e0,1);
- puVar12 = local_160;
- puVar23 = local_1c0;
- uVar35 = puVar26[1];
- uVar8 = puVar26[2];
- uVar9 = puVar26[3];
- *local_160 = *puVar26;
- local_160[1] = uVar35;
- local_160[2] = uVar8;
- local_160[3] = uVar9;
- uVar35 = puVar26[5];
- uVar8 = puVar26[6];
- uVar9 = puVar26[7];
- local_160[4] = puVar26[4];
- local_160[5] = uVar35;
- local_160[6] = uVar8;
- local_160[7] = uVar9;
- uVar35 = puVar26[9];
- uVar8 = puVar26[10];
- uVar9 = puVar26[0xb];
- local_160[8] = puVar26[8];
- local_160[9] = uVar35;
- local_160[10] = uVar8;
- local_160[0xb] = uVar9;
- uVar35 = puVar26[0xd];
- uVar8 = puVar26[0xe];
- uVar9 = puVar26[0xf];
- local_160[0xc] = puVar26[0xc];
- local_160[0xd] = uVar35;
- local_160[0xe] = uVar8;
- local_160[0xf] = uVar9;
- *(undefined8 *)(local_160 + 0x10) = *(undefined8 *)(puVar26 + 0x10);
- local_160[0x12] = puVar26[0x12];
- uVar18 = CmpCopyName(local_160 + 0x13,local_1c0);
- local_208 = *(ushort *)puVar23;
- *(ushort *)(puVar12 + 0x12) = uVar18;
- if (uVar18 < local_208) {
- *(ushort *)((longlong)puVar12 + 2) = *(ushort *)((longlong)puVar12 + 2) | 0x20;
+ if (-1 < iVar21) {
+ puVar28 = (undefined4 *)CmpGetKeyNodeForKcb(puVar38,&local_1e0,1);
+ puVar14 = local_160;
+ puVar25 = local_1c0;
+ uVar36 = puVar28[1];
+ uVar10 = puVar28[2];
+ uVar11 = puVar28[3];
+ *local_160 = *puVar28;
+ local_160[1] = uVar36;
+ local_160[2] = uVar10;
+ local_160[3] = uVar11;
+ uVar36 = puVar28[5];
+ uVar10 = puVar28[6];
+ uVar11 = puVar28[7];
+ local_160[4] = puVar28[4];
+ local_160[5] = uVar36;
+ local_160[6] = uVar10;
+ local_160[7] = uVar11;
+ uVar36 = puVar28[9];
+ uVar10 = puVar28[10];
+ uVar11 = puVar28[0xb];
+ local_160[8] = puVar28[8];
+ local_160[9] = uVar36;
+ local_160[10] = uVar10;
+ local_160[0xb] = uVar11;
+ uVar36 = puVar28[0xd];
+ uVar10 = puVar28[0xe];
+ uVar11 = puVar28[0xf];
+ local_160[0xc] = puVar28[0xc];
+ local_160[0xd] = uVar36;
+ local_160[0xe] = uVar10;
+ local_160[0xf] = uVar11;
+ *(undefined8 *)(local_160 + 0x10) = *(undefined8 *)(puVar28 + 0x10);
+ local_160[0x12] = puVar28[0x12];
+ uVar20 = CmpCopyName(local_160 + 0x13,local_1c0);
+ local_208 = *(ushort *)puVar25;
+ *(ushort *)(puVar14 + 0x12) = uVar20;
+ if (uVar20 < local_208) {
+ *(ushort *)((longlong)puVar14 + 2) = *(ushort *)((longlong)puVar14 + 2) | 0x20;
}
else {
- *(ushort *)((longlong)puVar12 + 2) = *(ushort *)((longlong)puVar12 + 2) & 0xffdf;
- }
- *(undefined8 *)(puVar12 + 1) = uVar5;
+ *(ushort *)((longlong)puVar14 + 2) = *(ushort *)((longlong)puVar14 + 2) & 0xffdf;
+ }
+ *(undefined8 *)(puVar14 + 1) = uVar7;
if ((char)local_236 != '\0') {
- *(byte *)((longlong)puVar12 + 0xd) = *(byte *)((longlong)puVar12 + 0xd) | 3;
- }
- if ((*(byte *)(puVar37[4] + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar37[4],&local_1e0);
+ *(byte *)((longlong)puVar14 + 0xd) = *(byte *)((longlong)puVar14 + 0xd) | 3;
+ }
+ if ((*(byte *)(puVar38[4] + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar38[4],&local_1e0);
}
else {
HvpReleaseCellFlat();
}
- if ((*(byte *)(puVar37[4] + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar37[4],&local_1a8);
+ if ((*(byte *)(puVar38[4] + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar38[4],&local_1b0);
}
else {
HvpReleaseCellFlat();
}
- local_138 = CmpGetNameControlBlock(puVar23,local_130);
- puVar23 = local_158;
+ local_138 = CmpGetNameControlBlock(puVar25,local_130);
+ puVar25 = local_158;
if (local_138 == 0) {
LAB_15:
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
}
else if ((((*(int *)((longlong)local_158 + 0x1c) == -1) ||
- (iVar19 = CmpDuplicateIndex(puVar30[4],*(int *)((longlong)local_158 + 0x1c),0,
- local_1f8), puVar32 = auStack_288, P = local_218,
- -1 < iVar19)) &&
- ((*(int *)(puVar23 + 4) == -1 ||
- (iVar19 = CmpDuplicateIndex(puVar30[4],*(int *)(puVar23 + 4),1,local_1f8 + 1),
- puVar32 = auStack_288, P = local_218, -1 < iVar19)))) &&
+ (iVar21 = CmpDuplicateIndex(puVar31[4],*(int *)((longlong)local_158 + 0x1c),0,
+ local_1f8), puVar33 = auStack_288, P = local_218,
+ -1 < iVar21)) &&
+ ((*(int *)(puVar25 + 4) == -1 ||
+ (iVar21 = CmpDuplicateIndex(puVar31[4],*(int *)(puVar25 + 4),1,local_1f8 + 1),
+ puVar33 = auStack_288, P = local_218, -1 < iVar21)))) &&
((local_200 == 0xffffffff ||
- (cVar13 = CmpRemoveSubKeyFromList
- (puVar30[4],local_1f8 + (local_200 >> 0x1f),local_200),
- puVar32 = auStack_288, P = local_218, cVar13 != '\0')))) {
- uVar7 = local_204 >> 0x1f;
- iVar19 = CmpAddSubKeyToList(puVar30[4],local_1f8 + uVar7,local_204);
- if (iVar19 < 0) {
+ (cVar15 = CmpRemoveSubKeyFromList
+ (puVar31[4],local_1f8 + (local_200 >> 0x1f),local_200),
+ puVar33 = auStack_288, P = local_218, cVar15 != '\0')))) {
+ uVar9 = local_204 >> 0x1f;
+ iVar21 = CmpAddSubKeyToList(puVar31[4],local_1f8 + uVar9,local_204);
+ if (iVar21 < 0) {
LAB_9:
- puVar32 = auStack_288;
+ puVar33 = auStack_288;
P = (undefined8 *)0x0;
}
else {
- if ((*(short *)((longlong)puVar37 + 0x42) == 0) &&
- (cVar13 = CmpRemoveSubKeyFromList
- (puVar30[4],local_1f8 + (*(uint *)(puVar37 + 5) >> 0x1f),
- *(uint *)(puVar37 + 5)), cVar13 == '\0'))
+ if ((*(short *)((longlong)puVar38 + 0x42) == 0) &&
+ (cVar15 = CmpRemoveSubKeyFromList
+ (puVar31[4],local_1f8 + (*(uint *)(puVar38 + 5) >> 0x1f),
+ *(uint *)(puVar38 + 5)), cVar15 == '\0'))
goto LAB_15;
- puVar23 = local_158;
- iVar19 = *(int *)((longlong)local_158 + 0x1c);
- *(int *)((longlong)local_158 + 0x1c) = local_1f8[0];
- iVar20 = *(int *)(local_158 + 4);
- *(int *)(local_158 + 4) = local_1f8[1];
+ puVar25 = local_158;
+ uVar3 = *(uint *)((longlong)local_158 + 0x1c);
+ *(uint *)((longlong)local_158 + 0x1c) = local_1f8[0];
+ uVar4 = *(uint *)(local_158 + 4);
+ *(uint *)(local_158 + 4) = local_1f8[1];
if (local_200 != 0xffffffff) {
piVar2 = (int *)((longlong)local_158 + (ulonglong)(local_200 >> 0x1f) * 4 + 0x14);
*piVar2 = *piVar2 + -1;
}
- piVar2 = (int *)((longlong)local_158 + (ulonglong)uVar7 * 4 + 0x14);
+ piVar2 = (int *)((longlong)local_158 + (ulonglong)uVar9 * 4 + 0x14);
*piVar2 = *piVar2 + 1;
- iVar29 = 0;
- if (*(short *)((longlong)puVar37 + 0x42) == 0) {
+ iVar21 = 0;
+ if (*(short *)((longlong)puVar38 + 0x42) == 0) {
piVar2 = (int *)((longlong)local_158 +
- (ulonglong)(*(uint *)(puVar37 + 5) >> 0x1f) * 4 + 0x14);
+ (ulonglong)(*(uint *)(puVar38 + 5) >> 0x1f) * 4 + 0x14);
*piVar2 = *piVar2 + -1;
}
- local_1f8[0] = iVar19;
- local_1f8[1] = iVar20;
- CmpCleanUpSubKeyInfo(puVar30,0xffffff01);
- if ((*(uint *)((longlong)puVar23 + 0x34) & 0xffff) < (uint)local_208) {
- *(ushort *)((longlong)puVar23 + 0x34) = local_208;
- *(ushort *)(puVar30 + 0x16) = local_208;
- }
- if (*(short *)((longlong)puVar37 + 0x42) == 0) {
- HvFreeCell(puVar37[4],*(undefined4 *)(puVar37 + 5));
+ local_1f8[0] = uVar3;
+ local_1f8[1] = uVar4;
+ CmpCleanUpSubKeyInfo(puVar31,0xffffff01);
+ if ((*(uint *)((longlong)puVar25 + 0x34) & 0xffff) < (uint)local_208) {
+ *(ushort *)((longlong)puVar25 + 0x34) = local_208;
+ *(ushort *)(puVar31 + 0x16) = local_208;
+ }
+ if (*(short *)((longlong)puVar38 + 0x42) == 0) {
+ HvFreeCell(puVar38[4],*(undefined4 *)(puVar38 + 5));
}
else {
- lVar21 = CmpGetKeyNodeForKcb(puVar37,&local_1e0,1);
- *(ushort *)(lVar21 + 2) = *(ushort *)(lVar21 + 2) & 0x20;
- *(undefined2 *)(lVar21 + 0x34) = 0;
- *(uint *)(lVar21 + 0x34) = *(uint *)(lVar21 + 0x34) & 0xff00ffff;
- *(byte *)(lVar21 + 0xd) = *(byte *)(lVar21 + 0xd) & 0x7c | 1;
- *(undefined4 *)(lVar21 + 0x1c) = 0xffffffff;
- *(undefined4 *)(lVar21 + 0x20) = 0xffffffff;
- *(undefined4 *)(lVar21 + 0x28) = 0xffffffff;
- *(undefined4 *)(lVar21 + 0x30) = 0xffffffff;
- *(undefined8 *)(lVar21 + 0x14) = 0;
- *(undefined4 *)(lVar21 + 0x24) = 0;
- *(undefined *)(lVar21 + 0x37) = 0;
- *(undefined8 *)(lVar21 + 0x38) = 0;
- *(undefined4 *)(lVar21 + 0x40) = 0;
- *(undefined2 *)(lVar21 + 0x4a) = 0;
- if ((*(byte *)(puVar37[4] + 0x8c) & 1) == 0) {
- HvpReleaseCellPaged(puVar37[4],&local_1e0);
+ lVar23 = CmpGetKeyNodeForKcb(puVar38,&local_1e0,1);
+ *(ushort *)(lVar23 + 2) = *(ushort *)(lVar23 + 2) & 0x20;
+ *(undefined2 *)(lVar23 + 0x34) = 0;
+ *(uint *)(lVar23 + 0x34) = *(uint *)(lVar23 + 0x34) & 0xff00ffff;
+ *(byte *)(lVar23 + 0xd) = *(byte *)(lVar23 + 0xd) & 0x7c | 1;
+ *(undefined4 *)(lVar23 + 0x1c) = 0xffffffff;
+ *(undefined4 *)(lVar23 + 0x20) = 0xffffffff;
+ *(undefined4 *)(lVar23 + 0x28) = 0xffffffff;
+ *(undefined4 *)(lVar23 + 0x30) = 0xffffffff;
+ *(undefined8 *)(lVar23 + 0x14) = 0;
+ *(undefined4 *)(lVar23 + 0x24) = 0;
+ *(undefined *)(lVar23 + 0x37) = 0;
+ *(undefined8 *)(lVar23 + 0x38) = 0;
+ *(undefined4 *)(lVar23 + 0x40) = 0;
+ *(undefined2 *)(lVar23 + 0x4a) = 0;
+ if ((*(byte *)(puVar38[4] + 0x8c) & 1) == 0) {
+ HvpReleaseCellPaged(puVar38[4],&local_1e0);
}
else {
HvpReleaseCellFlat();
}
}
- uVar7 = local_204;
+ uVar9 = local_204;
local_204 = 0xffffffff;
- *(uint *)(puVar37 + 5) = uVar7;
- if (*(short *)((longlong)puVar37 + 0x42) != 0) {
- plVar38 = (longlong *)puVar37[0x18];
- plVar3 = (longlong *)*plVar38;
- if (((longlong *)plVar3[1] != plVar38) ||
- (pplVar4 = (longlong **)plVar38[1], *pplVar4 != plVar38)) {
- pcVar6 = (code *)swi(0x29);
- (*pcVar6)(3);
- puVar31 = auStack_280;
+ *(uint *)(puVar38 + 5) = uVar9;
+ if (*(short *)((longlong)puVar38 + 0x42) != 0) {
+ plVar39 = (longlong *)puVar38[0x18];
+ plVar5 = (longlong *)*plVar39;
+ if (((longlong *)plVar5[1] != plVar39) ||
+ (pplVar6 = (longlong **)plVar39[1], *pplVar6 != plVar39)) {
+ pcVar8 = (code *)swi(0x29);
+ (*pcVar8)(3);
+ puVar32 = auStack_280;
goto LAB_16;
}
- *pplVar4 = plVar3;
- plVar3[1] = (longlong)pplVar4;
+ *pplVar6 = plVar5;
+ plVar5[1] = (longlong)pplVar6;
CmpDereferenceKeyControlBlockWithLock
- (*(undefined8 *)(*(longlong *)(puVar37[0x18] + 0x18) + 0x10),local_1d8,0
+ (*(undefined8 *)(*(longlong *)(puVar38[0x18] + 0x18) + 0x10),local_1d8,0
);
- *(undefined8 *)(puVar37[0x18] + 0x18) = 0;
- CmpCreateLayerLink(local_190,puVar37);
- }
- puVar34 = puVar37 + 2;
- CmpRemoveKeyHash(puVar37[4],puVar34);
- *(uint *)puVar34 = uVar33;
- CmpInsertKeyHash(puVar37[4],puVar34);
- lVar21 = puVar37[10];
- puVar34 = (undefined8 *)0x0;
- puVar37[10] = local_138;
- if (puVar37[0x25] != 0) {
+ *(undefined8 *)(puVar38[0x18] + 0x18) = 0;
+ CmpCreateLayerLink(local_180,puVar38);
+ }
+ puVar35 = puVar38 + 2;
+ CmpRemoveKeyHash(puVar38[4],puVar35);
+ *(uint *)puVar35 = uVar34;
+ CmpInsertKeyHash(puVar38[4],puVar35);
+ lVar23 = puVar38[10];
+ puVar35 = (undefined8 *)0x0;
+ puVar38[10] = local_138;
+ if (puVar38[0x25] != 0) {
LOCK();
- puVar37[0x25] = puVar37[0x25] | 1;
+ puVar38[0x25] = puVar38[0x25] | 1;
UNLOCK();
}
- local_138 = lVar21;
- if (&DAT_17 < (undefined *)puVar37[0x19]) {
- ExFreePoolWithTag((undefined *)puVar37[0x19],0x624e4d43);
- }
- cVar13 = (char)local_236;
- puVar37[0x19] = 0;
+ local_138 = lVar23;
+ if (&DAT_17 < (undefined *)puVar38[0x19]) {
+ ExFreePoolWithTag((undefined *)puVar38[0x19],0x624e4d43);
+ }
+ cVar15 = (char)local_236;
+ puVar38[0x19] = 0;
if ((char)local_236 != '\0') {
- *(undefined *)((longlong)puVar37 + 0x41) = 3;
- }
- CmpUpdateParentForEachSon(puVar37[4],*(undefined4 *)(puVar37 + 5),0);
- puVar32 = auStack_288;
- if (cVar13 != '\0') {
+ *(undefined *)((longlong)puVar38 + 0x41) = 3;
+ }
+ CmpUpdateParentForEachSon(puVar38[4],*(undefined4 *)(puVar38 + 5),0);
+ puVar33 = auStack_288;
+ if (cVar15 != '\0') {
CmpSubtreeEnumeratorReset(&local_b8);
CmpSubtreeEnumeratorBeginForKcbStack(&local_b8,local_120);
- iVar19 = CmpSubtreeEnumeratorAdvance(&local_b8);
- iVar29 = -0x7fffffe6;
- while (puVar32 = puVar31, iVar19 != iVar29) {
+ iVar22 = CmpSubtreeEnumeratorAdvance(&local_b8);
+ iVar21 = -0x7fffffe6;
+ while (puVar33 = puVar32, iVar22 != iVar21) {
LAB_16:
- *(undefined8 *)(puVar31 + -8) = 0x140a09c2b;
+ *(undefined8 *)(puVar32 + -8) = 0x140a09cb2;
CmpSubtreeEnumeratorGetCurrentKeyStacks(&local_b8,0,&local_140);
- *(undefined8 *)(puVar31 + -8) = 0x140a09c39;
- lVar21 = CmpKeyNodeStackGetEntryAtLayerHeight(local_140);
- pbVar1 = (byte *)(*(longlong *)(lVar21 + 0x10) + 0xd);
+ *(undefined8 *)(puVar32 + -8) = 0x140a09cc0;
+ lVar23 = CmpKeyNodeStackGetEntryAtLayerHeight(local_140);
+ pbVar1 = (byte *)(*(longlong *)(lVar23 + 0x10) + 0xd);
*pbVar1 = *pbVar1 | 3;
- *(undefined8 *)(puVar31 + -8) = 0x140a09c4d;
- iVar19 = CmpSubtreeEnumeratorAdvance(&local_b8);
+ *(undefined8 *)(puVar32 + -8) = 0x140a09cd4;
+ iVar22 = CmpSubtreeEnumeratorAdvance(&local_b8);
}
}
- *(undefined8 *)((longlong)puVar23 + 4) = uVar5;
- lVar21 = puVar30[4];
- puVar30[0x15] = uVar5;
- if ((*(byte *)(lVar21 + 0x8c) & 1) == 0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a09c7d;
- HvpReleaseCellPaged(lVar21,&local_178);
+ *(undefined8 *)((longlong)puVar25 + 4) = uVar7;
+ lVar23 = puVar31[4];
+ puVar31[0x15] = uVar7;
+ if ((*(byte *)(lVar23 + 0x8c) & 1) == 0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a09d04;
+ HvpReleaseCellPaged(lVar23,&local_190);
}
else {
- *(undefined8 *)(puVar32 + -8) = 0x140a09c76;
+ *(undefined8 *)(puVar33 + -8) = 0x140a09cfd;
HvpReleaseCellFlat();
}
- *(undefined8 *)(puVar32 + -8) = 0x140a09c8e;
- local_158 = puVar34;
- CmpSearchForOpenSubKeys(puVar37,1,0);
- puVar30[0x26] = puVar30[0x26] + 1;
- puVar37[0x26] = puVar37[0x26] + 1;
- P = puVar34;
+ *(undefined8 *)(puVar33 + -8) = 0x140a09d15;
+ local_158 = puVar35;
+ CmpSearchForOpenSubKeys(puVar38,1,0);
+ puVar31[0x26] = puVar31[0x26] + 1;
+ puVar38[0x26] = puVar38[0x26] + 1;
+ P = puVar35;
if (local_1e8 != 0xffffffff) {
- uVar5 = puVar30[4];
- *(undefined8 *)(puVar32 + -8) = 0x140a09cad;
- HvFreeCell(uVar5);
+ uVar7 = puVar31[4];
+ *(undefined8 *)(puVar33 + -8) = 0x140a09d34;
+ HvFreeCell(uVar7);
}
}
}
}
}
}
else {
- iVar19 = CmpSubtreeEnumeratorStartForKcbStack(&local_b8,local_120);
- while (puVar32 = auStack_288, P = local_218, -1 < iVar19) {
- iVar19 = CmpSubtreeEnumeratorAdvance(&local_b8);
- if (iVar19 == -0x7fffffe6) goto LAB_14;
+ iVar21 = CmpSubtreeEnumeratorStartForKcbStack(&local_b8,local_120);
+ while (puVar33 = auStack_288, P = local_218, -1 < iVar21) {
+ iVar21 = CmpSubtreeEnumeratorAdvance(&local_b8);
+ if (iVar21 == -0x7fffffe6) goto LAB_14;
CmpSubtreeEnumeratorGetCurrentKeyStacks(&local_b8,0,&local_140);
- puVar23 = (undefined8 *)
+ puVar25 = (undefined8 *)
CmpKeyNodeStackGetEntryAtLayerHeight
- (local_140,*(undefined2 *)((longlong)puVar37 + 0x42));
- iVar19 = HvpMarkCellDirty(*puVar23,*(undefined4 *)(puVar23 + 1),1);
+ (local_140,*(undefined2 *)((longlong)puVar38 + 0x42));
+ iVar21 = HvpMarkCellDirty(*puVar25,*(undefined4 *)(puVar25 + 1),1);
}
}
}
}
LAB_8:
- puVar22 = *(undefined8 **)(puVar32 + 0x78);
- puVar34 = *(undefined8 **)(puVar32 + 0x68);
+ puVar24 = *(undefined8 **)(puVar33 + 0x78);
+ puVar35 = *(undefined8 **)(puVar33 + 0x68);
LAB_10:
- puVar30 = *(undefined8 **)(puVar32 + 0x58);
- puVar23 = puVar24;
+ puVar31 = *(undefined8 **)(puVar33 + 0x58);
+ puVar25 = puVar26;
LAB_1:
- *(undefined8 *)(puVar32 + -8) = 0x140a093d6;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0945d;
CmpSubtreeEnumeratorCleanup(&local_b8);
if (local_158 != (undefined8 *)0x0) {
- lVar21 = puVar30[4];
- if ((*(byte *)(lVar21 + 0x8c) & 1) == 0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a09fbb;
- HvpReleaseCellPaged(lVar21,&local_178);
+ lVar23 = puVar31[4];
+ if ((*(byte *)(lVar23 + 0x8c) & 1) == 0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a042;
+ HvpReleaseCellPaged(lVar23,&local_190);
}
else {
- *(undefined8 *)(puVar32 + -8) = 0x140a093ff;
+ *(undefined8 *)(puVar33 + -8) = 0x140a09486;
HvpReleaseCellFlat();
}
}
- if (puVar23 != (undefined8 *)0x0) {
- if ((*(byte *)((longlong)local_1a0 + 0x8c) & 1) == 0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a09fe1;
- HvpReleaseCellPaged(local_1a0,&local_198);
+ if (puVar25 != (undefined8 *)0x0) {
+ if ((*(byte *)((longlong)local_188 + 0x8c) & 1) == 0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a068;
+ HvpReleaseCellPaged(local_188,&local_1a8);
}
else {
- *(undefined8 *)(puVar32 + -8) = 0x140a09fda;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a061;
HvpReleaseCellFlat();
}
}
- if (local_1f8[0] != -1) {
- uVar5 = puVar30[4];
- *(undefined8 *)(puVar32 + -8) = 0x140a09ff6;
- CmpFreeIndexByCell(uVar5);
- }
- if (local_1f8[1] != -1) {
- uVar5 = puVar30[4];
- *(undefined8 *)(puVar32 + -8) = 0x140a0a007;
- CmpFreeIndexByCell(uVar5);
+ if (local_1f8[0] != 0xffffffff) {
+ uVar7 = puVar31[4];
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a07d;
+ CmpFreeIndexByCell(uVar7);
+ }
+ if (local_1f8[1] != 0xffffffff) {
+ uVar7 = puVar31[4];
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a08e;
+ CmpFreeIndexByCell(uVar7);
}
if (local_204 != 0xffffffff) {
- uVar5 = puVar37[4];
- *(undefined8 *)(puVar32 + -8) = 0x140a0a01a;
- HvFreeCell(uVar5);
+ uVar7 = puVar38[4];
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a0a1;
+ HvFreeCell(uVar7);
}
if (local_138 != 0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a02e;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a0b5;
CmpDereferenceNameControlBlockWithLock(local_138);
}
- if (local_190 != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a046;
- CmpDereferenceKeyControlBlockWithLock(local_190,local_1d8,0);
- }
- puVar37 = local_188;
- if (local_188 != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a05b;
- CmpMarkKeyUnbacked(local_188,local_1d8);
- *(undefined8 *)(puVar32 + -8) = 0x140a0a06a;
- CmpDereferenceKeyControlBlockWithLock(puVar37,local_1d8,0);
+ if (local_180 != (undefined8 *)0x0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a0cd;
+ CmpDereferenceKeyControlBlockWithLock(local_180,local_1d8,0);
+ }
+ puVar38 = local_178;
+ if (local_178 != (undefined8 *)0x0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a0e2;
+ CmpMarkKeyUnbacked(local_178,local_1d8);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a0f1;
+ CmpDereferenceKeyControlBlockWithLock(puVar38,local_1d8,0);
}
if (local_1f0 != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a082;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a109;
CmpDereferenceKeyControlBlockWithLock(local_1f0,local_1d8,0);
}
if (P != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a094;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a11b;
CmpRundownUnitOfWork(P);
- *(undefined8 *)(puVar32 + -8) = 0x140a0a09e;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a125;
ExFreePoolWithTag(P,0x77554d43);
}
- if (puVar34 != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0ab;
- CmpRundownUnitOfWork(puVar34);
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0b5;
- ExFreePoolWithTag(puVar34,0x77554d43);
- }
- if (puVar22 != (undefined8 *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0c2;
- CmpRundownUnitOfWork(puVar22);
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0cc;
- ExFreePoolWithTag(puVar22,0x77554d43);
- }
- pvVar28 = (void *)0x0;
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0d7;
+ if (puVar35 != (undefined8 *)0x0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a132;
+ CmpRundownUnitOfWork(puVar35);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a13c;
+ ExFreePoolWithTag(puVar35,0x77554d43);
+ }
+ if (puVar24 != (undefined8 *)0x0) {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a149;
+ CmpRundownUnitOfWork(puVar24);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a153;
+ ExFreePoolWithTag(puVar24,0x77554d43);
+ }
+ pvVar30 = (void *)0x0;
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a15e;
CmpDrainDelayDerefContext(local_1d8);
- if (puVar32[0x60] != '\0') {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0e3;
+ if (puVar33[0x60] != '\0') {
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a16a;
CmpUnlockRegistry();
}
if ((void *)local_110._8_8_ != (void *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a0f4;
- SmFreeWrapper((void *)local_110._8_8_,pvVar28);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a17b;
+ SmFreeWrapper((void *)local_110._8_8_,pvVar30);
}
if ((void *)local_f0._8_8_ != (void *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a105;
- SmFreeWrapper((void *)local_f0._8_8_,pvVar28);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a18c;
+ SmFreeWrapper((void *)local_f0._8_8_,pvVar30);
}
if ((void *)local_d0._8_8_ != (void *)0x0) {
- *(undefined8 *)(puVar32 + -8) = 0x140a0a116;
- SmFreeWrapper((void *)local_d0._8_8_,pvVar28);
- }
- *(undefined8 *)(puVar32 + -8) = 0x140a0a11f;
- CmpCleanupRollbackPacket(local_1b8);
- *(undefined8 *)(puVar32 + -8) = 0x140a0a131;
- __security_check_cookie(local_48 ^ (ulonglong)puVar32);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a19d;
+ SmFreeWrapper((void *)local_d0._8_8_,pvVar30);
+ }
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a1a6;
+ CmpCleanupRollbackPacket(local_1a0);
+ *(undefined8 *)(puVar33 + -8) = 0x140a0a1b8;
+ __security_check_cookie(local_48 ^ (ulonglong)puVar33);
return;
}
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | code,length,called |
| ratio | 0.55 |
| i_ratio | 0.88 |
| m_ratio | 0.91 |
| b_ratio | 0.92 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | KiDetectHardwareSpecControlFeatures | KiDetectHardwareSpecControlFeatures |
| fullname | KiDetectHardwareSpecControlFeatures | KiDetectHardwareSpecControlFeatures |
| refcount | 4 | 4 |
length |
999 | 1034 |
called |
HviGetEnlightenmentInformation HviGetHypervisorFeatures HviIsAnyHypervisorPresent HviIsHypervisorMicrosoftCompatible __security_check_cookie |
HviGetEnlightenmentInformation HviGetHypervisorFeatures HviIsAnyHypervisorPresent HviIsHypervisorMicrosoftCompatible KiIsBranchConfusionPresent __security_check_cookie |
| calling | KiDetermineRetpolineEnablement KiIsKvaShadowNeededForBranchConfusion KiSetHardwareSpeculationControlFeatures |
KiDetermineRetpolineEnablement KiIsKvaShadowNeededForBranchConfusion KiSetHardwareSpeculationControlFeatures |
| paramcount | 0 | 0 |
| address | 1403ac080 | 1403ac080 |
| sig | undefined KiDetectHardwareSpecControlFeatures(void) | undefined KiDetectHardwareSpecControlFeatures(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- KiDetectHardwareSpecControlFeatures called
+++ KiDetectHardwareSpecControlFeatures called
@@ -4,0 +5 @@
+KiIsBranchConfusionPresent--- KiDetectHardwareSpecControlFeatures
+++ KiDetectHardwareSpecControlFeatures
@@ -1,234 +1,241 @@
/* WARNING: Removing unreachable block (ram,0x0001403ac199) */
/* WARNING: Removing unreachable block (ram,0x0001403ac180) */
/* WARNING: Removing unreachable block (ram,0x0001403ac106) */
/* WARNING: Removing unreachable block (ram,0x0001403ac0cd) */
void KiDetectHardwareSpecControlFeatures
(longlong param_1,byte param_2,uint *param_3,longlong param_4)
{
char cVar1;
byte bVar2;
uint *puVar3;
undefined8 *puVar4;
undefined4 *puVar5;
ulonglong uVar6;
bool bVar7;
undefined auVar8 [16];
char cVar9;
- uint uVar10;
+ int iVar10;
uint uVar11;
uint uVar12;
- bool bVar13;
+ uint uVar13;
bool bVar14;
bool bVar15;
+ bool bVar16;
undefined auStack_a8 [32];
uint local_88;
uint uStack_84;
undefined8 uStack_80;
longlong local_78;
uint *local_70;
undefined local_68 [4];
undefined auStack_64 [8];
undefined4 uStack_5c;
undefined local_58 [16];
ulonglong local_48;
local_48 = __security_cookie ^ (ulonglong)auStack_a8;
cVar1 = *(char *)(param_1 + 0x8d);
- uVar12 = 0;
+ uVar13 = 0;
bVar2 = *(byte *)(param_1 + 0x43);
puVar3 = (uint *)cpuid_basic_info(0);
+ bVar15 = false;
+ uStack_84 = 0x48;
bVar14 = false;
- uStack_84 = 0x48;
- bVar13 = false;
uStack_80 = 4;
auVar8._4_4_ = puVar3[3];
auVar8._0_4_ = puVar3[1];
auVar8._8_4_ = puVar3[2];
auVar8._12_4_ = 0;
_local_68 = auVar8 << 0x20;
local_58 = ZEXT816(0);
if (*puVar3 < 7) {
- uVar11 = 0;
+ uVar12 = 0;
}
else {
puVar4 = (undefined8 *)cpuid_Extended_Feature_Enumeration_info(7);
- uVar11 = *(uint *)(puVar4 + 1);
+ uVar12 = *(uint *)(puVar4 + 1);
auStack_64._4_4_ = *(undefined4 *)((longlong)puVar4 + 0xc);
_local_68 = *puVar4;
uStack_5c = puVar3[2];
- uVar12 = 0;
- if ((uVar11 >> 0x1d & 1) != 0) {
+ uVar13 = 0;
+ if ((uVar12 >> 0x1d & 1) != 0) {
uVar6 = rdmsr(0x10a);
- bVar14 = (uVar6 & 2) == 0;
- if (bVar14) {
- uVar10 = 0;
+ bVar15 = (uVar6 & 2) == 0;
+ if (bVar15) {
+ uVar11 = 0;
}
else {
- uVar10 = 0x201;
- }
- bVar13 = !bVar14;
- bVar14 = (uVar6 & 0x10) != 0 || !bVar14;
- uVar12 = uVar10 | 0x100;
+ uVar11 = 0x201;
+ }
+ bVar14 = !bVar15;
+ bVar15 = (uVar6 & 0x10) != 0 || !bVar15;
+ uVar13 = uVar11 | 0x100;
if ((uVar6 & 0x10) == 0) {
- uVar12 = uVar10;
+ uVar13 = uVar11;
}
if ((uVar6 & 4) != 0) {
- uVar12 = uVar12 | 0x200;
- bVar14 = true;
+ uVar13 = uVar13 | 0x200;
+ bVar15 = true;
}
}
}
if (cVar1 == '\x01') {
puVar3 = (uint *)cpuid(0x80000000);
auStack_64._0_4_ = puVar3[1];
auStack_64._4_4_ = puVar3[3];
uStack_5c = puVar3[2];
if (*puVar3 < 0x80000008) {
- uVar11 = 0;
+ uVar12 = 0;
}
else {
puVar5 = (undefined4 *)cpuid(0x80000008);
- uVar11 = puVar5[1];
+ uVar12 = puVar5[1];
local_68 = (undefined [4])*puVar5;
auStack_64._4_4_ = puVar5[3];
uStack_5c = puVar5[2];
}
- if ((uVar11 >> 0xc & 1) != 0) {
- uVar12 = uVar12 | 4;
- bVar14 = true;
- }
- if ((uVar11 & 0x4000) != 0) {
- bVar14 = true;
- }
- uVar10 = uVar12 | 0x10;
- if ((uVar11 & 0x4000) == 0) {
- uVar10 = uVar12;
- }
- if ((uVar11 & 0x8000) != 0) {
- bVar14 = true;
- }
- uVar12 = uVar10 | 0x40;
- if ((uVar11 & 0x8000) == 0) {
- uVar12 = uVar10;
- }
- uVar10 = uVar12 | 0x80;
- if ((uVar11 & 0x1000000) == 0) {
- uVar10 = uVar12;
- }
- local_88 = uVar10 | 0x180;
- if ((uVar11 & 0x4000000) == 0) {
- local_88 = uVar10;
+ if ((uVar12 >> 0xc & 1) != 0) {
+ uVar13 = uVar13 | 4;
+ bVar15 = true;
+ }
+ if ((uVar12 & 0x4000) != 0) {
+ bVar15 = true;
+ }
+ uVar11 = uVar13 | 0x10;
+ if ((uVar12 & 0x4000) == 0) {
+ uVar11 = uVar13;
+ }
+ if ((uVar12 & 0x8000) != 0) {
+ bVar15 = true;
+ }
+ uVar13 = uVar11 | 0x40;
+ if ((uVar12 & 0x8000) == 0) {
+ uVar13 = uVar11;
+ }
+ uVar11 = uVar13 | 0x80;
+ if ((uVar12 & 0x1000000) == 0) {
+ uVar11 = uVar13;
+ }
+ local_88 = uVar11 | 0x180;
+ if ((uVar12 & 0x4000000) == 0) {
+ local_88 = uVar11;
}
if ((local_88 & 0x80) != 0) {
- bVar14 = true;
+ bVar15 = true;
}
}
else {
- if ((uVar11 & 0x4000000) != 0) {
- bVar14 = true;
- }
- uVar10 = uVar12 | 0x14;
- if ((uVar11 & 0x4000000) == 0) {
- uVar10 = uVar12;
- }
- if ((uVar11 & 0x8000000) != 0) {
- bVar14 = true;
- }
- local_88 = uVar10 | 0x44;
- if ((uVar11 & 0x8000000) == 0) {
- local_88 = uVar10;
- }
- if ((int)uVar11 < 0) {
+ if ((uVar12 & 0x4000000) != 0) {
+ bVar15 = true;
+ }
+ uVar11 = uVar13 | 0x14;
+ if ((uVar12 & 0x4000000) == 0) {
+ uVar11 = uVar13;
+ }
+ if ((uVar12 & 0x8000000) != 0) {
+ bVar15 = true;
+ }
+ local_88 = uVar11 | 0x44;
+ if ((uVar12 & 0x8000000) == 0) {
+ local_88 = uVar11;
+ }
+ if ((int)uVar12 < 0) {
local_88 = local_88 | 0x80;
- bVar14 = true;
+ bVar15 = true;
}
}
bVar7 = true;
if (((param_2 & 1) != 0) || (KiKvaShadowMode == 1)) {
local_88 = local_88 | 0x20;
}
if ((cVar1 == '\x02') && (*(char *)(param_1 + 0x40) == '\x06')) {
if ((((byte)(bVar2 - 0x4e) < 0x1a) && ((0x3010081U >> (bVar2 - 0x4e & 0x1f) & 1) != 0)) ||
((bVar2 == 0x8e || (bVar2 == 0x9e)))) {
local_88 = local_88 | 0x200;
}
if (((byte)(bVar2 - 0x37) < 0x3f) &&
((0x4080404800680001U >> ((ulonglong)(byte)(bVar2 - 0x37) & 0x3f) & 1) != 0)) {
local_88 = local_88 | 0x200;
}
}
+ uVar13 = local_88;
uVar12 = local_88;
- uVar11 = local_88;
local_78 = param_1;
local_70 = param_3;
if (((local_88 & 0x10) == 0) || ((local_88 & 4) == 0)) goto LAB_0;
cVar9 = HviIsHypervisorMicrosoftCompatible();
if (cVar9 == '\0') {
cVar9 = HviIsAnyHypervisorPresent();
- bVar15 = cVar9 == '\0';
+ bVar16 = cVar9 == '\0';
LAB_1:
- if (!bVar15) goto LAB_2;
+ if (!bVar16) goto LAB_2;
bVar7 = false;
LAB_3:
- uVar10 = *(uint *)(local_78 + 0x6cc);
- uVar11 = uVar12;
- if ((uVar10 & 2) != 0) {
- local_88 = uVar12 | 0x400;
- uVar11 = local_88;
- }
- uVar12 = uVar11;
- if (((uVar10 & 4) != 0) &&
- (local_88 = uVar11 | 0x800, uVar12 = local_88, (KiFeatureSettings & 0x4000) != 0)) {
- local_88 = uVar11 | 0x801;
+ uVar11 = *(uint *)(local_78 + 0x6cc);
+ uVar12 = uVar13;
+ if ((uVar11 & 2) != 0) {
+ local_88 = uVar13 | 0x400;
uVar12 = local_88;
}
+ uVar13 = uVar12;
+ if (((uVar11 & 4) != 0) &&
+ (local_88 = uVar12 | 0x800, uVar13 = local_88, (KiFeatureSettings & 0x4000) != 0)) {
+ local_88 = uVar12 | 0x801;
+ uVar13 = local_88;
+ }
if (cVar1 == '\x02') {
- if (((!bVar7) && (!bVar13)) || (uVar11 = uVar12, (uVar10 & 3) != 0)) {
- uVar11 = uVar12 | 0x1000;
- local_88 = uVar11;
+ if (((!bVar7) && (!bVar14)) || (uVar12 = uVar13, (uVar11 & 3) != 0)) {
+ uVar12 = uVar13 | 0x1000;
+ local_88 = uVar12;
}
goto LAB_0;
}
}
else {
HviGetEnlightenmentInformation(local_58);
_local_68 = ZEXT816(0);
HviGetHypervisorFeatures(local_68);
if ((_local_68 & (undefined [16])0x100000000000) != (undefined [16])0x0) {
- bVar15 = (local_58 & (undefined [16])0x1000) == (undefined [16])0x0;
+ bVar16 = (local_58 & (undefined [16])0x1000) == (undefined [16])0x0;
goto LAB_1;
}
LAB_2:
if ((KiFeatureSettings & 0x8000) != 0) goto LAB_3;
}
- uVar11 = uVar12;
- if ((cVar1 == '\x01') && (uVar11 = uVar12 | 0x1000, local_88 = uVar11, (uVar12 & 0x40) != 0)) {
- uVar11 = uVar12 | 0x5000;
- local_88 = uVar11;
+ uVar12 = uVar13;
+ if ((cVar1 == '\x01') &&
+ (uVar12 = uVar13 | 0x1000, local_88 = uVar13 | 0x1000, (uVar13 & 0x40) != 0)) {
+ uVar12 = uVar13 | 0x5000;
+ local_88 = uVar12;
}
LAB_0:
- if (((KeFeatureBits2 >> 0x11 & 1) != 0) && ((KiFeatureSettings & 0x400000) == 0)) {
- uVar11 = uVar11 | 0x2000;
- local_88 = uVar11;
- }
- if ((cVar1 != '\x01') || ((KeFeatureBits2 >> 0x19 & 1) != 0)) {
- uVar11 = uVar11 | 8;
- local_88 = uVar11;
+ if (((KeFeatureBits2 & 0x20000) != 0) && ((KiFeatureSettings & 0x400000) == 0)) {
+ uVar12 = uVar12 | 0x2000;
+ local_88 = uVar12;
+ }
+ iVar10 = KiIsBranchConfusionPresent(local_78);
+ if (iVar10 != 0) {
+ uVar12 = uVar12 | 0x8000;
+ local_88 = uVar12;
+ }
+ if ((cVar1 != '\x01') || ((KeFeatureBits2 & 0x2000000) != 0)) {
+ uVar12 = uVar12 | 8;
+ local_88 = uVar12;
}
if ((KiFeatureSettings & 0x10000) != 0) {
- local_88 = uVar11 & 0xfffff7fe;
+ local_88 = uVar12 & 0xfffff7fe;
}
*local_70 = local_88;
local_70[1] = uStack_84;
local_70[2] = (uint)uStack_80;
local_70[3] = uStack_80._4_4_;
if (param_4 != 0) {
- *(bool *)param_4 = bVar14;
+ *(bool *)param_4 = bVar15;
}
__security_check_cookie(local_48 ^ (ulonglong)auStack_a8);
return;
}
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | code,refcount,length,address,called |
| ratio | 0.53 |
| i_ratio | 0.09 |
| m_ratio | 0.11 |
| b_ratio | 0.43 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | HalpMiscGetParameters | HalpMiscGetParameters |
| fullname | HalpMiscGetParameters | HalpMiscGetParameters |
refcount |
3 | 2 |
length |
1038 | 924 |
called |
HalpInterruptModel HalpInterruptSetMsiOverride HalpIsHvPresent HalpIsHvUsedForReboot HalpIsMicrosoftCompatibleHvLoaded HalpIsPartitionCpuManager HalpIsXboxNanovisorPresent HalpProcIsSmtDisabled atoi strstr |
HalpInterruptModel HalpInterruptSetMsiOverride HalpIsHvPresent HalpIsHvUsedForReboot HalpIsMicrosoftCompatibleHvLoaded HalpIsPartitionCpuManager HalpIsXboxNanovisorPresent atoi strstr |
| calling | HalpMiscInitSystem | HalpMiscInitSystem |
| paramcount | 0 | 0 |
address |
140b3f21c | 140b3f06c |
| sig | undefined HalpMiscGetParameters(void) | undefined HalpMiscGetParameters(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- HalpMiscGetParameters called
+++ HalpMiscGetParameters called
@@ -8 +7,0 @@
-HalpProcIsSmtDisabled--- HalpMiscGetParameters
+++ HalpMiscGetParameters
@@ -1,142 +1,152 @@
void HalpMiscGetParameters(longlong param_1)
{
- char *_Str;
char cVar1;
int iVar2;
char *pcVar3;
- undefined8 uVar4;
+ char *pcVar4;
+ undefined8 uVar5;
iVar2 = HalpInterruptModel();
if (iVar2 == 1) {
HalpMiscDiscardLowMemory = 1;
}
- HalpInterruptBlockHyperthreading = HalpProcIsSmtDisabled(param_1);
- if (param_1 == 0) {
+ if ((param_1 == 0) ||
+ ((((*(uint *)(*(longlong *)(param_1 + 0xf0) + 0xda4) & 0x2000) == 0 ||
+ (cVar1 = HalpIsPartitionCpuManager(), cVar1 != '\0')) &&
+ ((*(char **)(param_1 + 0xd8) == (char *)0x0 ||
+ ((pcVar3 = strstr(*(char **)(param_1 + 0xd8),"SMT=BLOCKED"), pcVar3 == (char *)0x0 ||
+ (cVar1 = HalpIsPartitionCpuManager(), cVar1 != '\0')))))))) {
+ HalpInterruptBlockHyperthreading = 0;
+ if (param_1 == 0) {
+ HalpInterruptBlockHyperthreading = 0;
+ return;
+ }
+ }
+ else {
+ HalpInterruptBlockHyperthreading = 1;
+ if ((*(uint *)(*(longlong *)(param_1 + 0xf0) + 0x84) & 0x200) == 0) {
+ HalpInterruptStartHyperthreadSiblings = 1;
+ }
+ }
+ pcVar3 = *(char **)(param_1 + 0xd8);
+ if (pcVar3 == (char *)0x0) {
return;
}
- if ((HalpInterruptBlockHyperthreading != '\0') &&
- ((*(uint *)(*(longlong *)(param_1 + 0xf0) + 0x84) & 0x200) == 0)) {
- HalpInterruptStartHyperthreadSiblings = 1;
- }
- _Str = *(char **)(param_1 + 0xd8);
- if (_Str == (char *)0x0) {
- return;
- }
- strstr(_Str,"SAFEBOOT:");
- pcVar3 = strstr(_Str,"ONECPU");
- if (pcVar3 != (char *)0x0) {
+ strstr(pcVar3,"SAFEBOOT:");
+ pcVar4 = strstr(pcVar3,"ONECPU");
+ if (pcVar4 != (char *)0x0) {
HalpInterruptProcessorCap = 1;
}
- pcVar3 = strstr(_Str,"USEPHYSICALAPIC");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"USEPHYSICALAPIC");
+ if (pcVar4 != (char *)0x0) {
HalpInterruptPhysicalModeOnly = 1;
}
- pcVar3 = strstr(_Str,"BREAK");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"BREAK");
+ if (pcVar4 != (char *)0x0) {
HalpMiscDebugBreakRequested = 1;
}
- pcVar3 = strstr(_Str,"MAXPROCSPERCLUSTER");
- if (pcVar3 != (char *)0x0) {
- for (; ((cVar1 = *pcVar3, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
- pcVar3 = pcVar3 + 1) {
+ pcVar4 = strstr(pcVar3,"MAXPROCSPERCLUSTER");
+ if (pcVar4 != (char *)0x0) {
+ for (; ((cVar1 = *pcVar4, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
+ pcVar4 = pcVar4 + 1) {
}
- iVar2 = atoi(pcVar3);
+ iVar2 = atoi(pcVar4);
HalpInterruptClusterModeForced = 1;
if (iVar2 != 0) {
HalpInterruptMaxClusterSize = iVar2;
}
}
- pcVar3 = strstr(_Str,"MAXAPICCLUSTER");
- if (pcVar3 != (char *)0x0) {
- for (; ((cVar1 = *pcVar3, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
- pcVar3 = pcVar3 + 1) {
+ pcVar4 = strstr(pcVar3,"MAXAPICCLUSTER");
+ if (pcVar4 != (char *)0x0) {
+ for (; ((cVar1 = *pcVar4, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
+ pcVar4 = pcVar4 + 1) {
}
- iVar2 = atoi(pcVar3);
+ iVar2 = atoi(pcVar4);
if (iVar2 != 0) {
HalpInterruptMaxCluster = iVar2;
}
}
- pcVar3 = strstr(_Str,"X2APICPOLICY=ENABLE");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"X2APICPOLICY=ENABLE");
+ if (pcVar4 != (char *)0x0) {
HalpInterruptX2ApicPolicy = 1;
}
- pcVar3 = strstr(_Str,"X2APICPOLICY=DISABLE");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"X2APICPOLICY=DISABLE");
+ if (pcVar4 != (char *)0x0) {
HalpInterruptX2ApicPolicy = 0;
}
- pcVar3 = strstr(_Str,"USELEGACYAPICMODE");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"USELEGACYAPICMODE");
+ if (pcVar4 != (char *)0x0) {
HalpInterruptX2ApicPolicy = 0;
}
- pcVar3 = strstr(_Str,"SYSTEMWATCHDOGPOLICY=DISABLED");
- if (pcVar3 == (char *)0x0) {
- pcVar3 = strstr(_Str,"SYSTEMWATCHDOGPOLICY=PHYSICALONLY");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"SYSTEMWATCHDOGPOLICY=DISABLED");
+ if (pcVar4 == (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"SYSTEMWATCHDOGPOLICY=PHYSICALONLY");
+ if (pcVar4 != (char *)0x0) {
HalpTimerWatchdogPhysicalOnly = 1;
}
}
else {
HalpTimerWatchdogDisable = 1;
}
- pcVar3 = strstr(_Str,"CONFIGACCESSPOLICY=DISALLOWMMCONFIG");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"CONFIGACCESSPOLICY=DISALLOWMMCONFIG");
+ if (pcVar4 != (char *)0x0) {
HalpAvoidMmConfigAccessMethod = 1;
}
- pcVar3 = strstr(_Str,"MSIPOLICY=FORCEDISABLE");
- if (pcVar3 == (char *)0x0) {
- pcVar3 = strstr(_Str,"FORCEMSI");
- if (pcVar3 == (char *)0x0) goto LAB_0;
- uVar4 = 1;
+ pcVar4 = strstr(pcVar3,"MSIPOLICY=FORCEDISABLE");
+ if (pcVar4 == (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"FORCEMSI");
+ if (pcVar4 == (char *)0x0) goto LAB_0;
+ uVar5 = 1;
}
else {
- uVar4 = 0;
+ uVar5 = 0;
}
- HalpInterruptSetMsiOverride(uVar4);
+ HalpInterruptSetMsiOverride(uVar5);
LAB_0:
cVar1 = HalpIsHvPresent();
if (cVar1 == '\0') {
cVar1 = HalpIsXboxNanovisorPresent();
}
else {
HalpHvPresent = 1;
cVar1 = HalpIsPartitionCpuManager();
if (cVar1 != '\0') {
HalpHvCpuManager = '\x01';
}
cVar1 = HalpIsHvUsedForReboot();
}
if (cVar1 != '\0') {
HalpHvUsedForReboot = 1;
}
- pcVar3 = strstr(_Str,"FIRSTMEGABYTEPOLICY=USEALL");
- if ((pcVar3 != (char *)0x0) ||
+ pcVar4 = strstr(pcVar3,"FIRSTMEGABYTEPOLICY=USEALL");
+ if ((pcVar4 != (char *)0x0) ||
((cVar1 = HalpIsMicrosoftCompatibleHvLoaded(), cVar1 != '\0' && (HalpHvCpuManager == '\0')))) {
HalpMiscDiscardLowMemory = 0;
}
- pcVar3 = strstr(_Str,"USEPLATFORMCLOCK");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"USEPLATFORMCLOCK");
+ if (pcVar4 != (char *)0x0) {
HalpTimerPlatformSourceForced = 1;
}
- pcVar3 = strstr(_Str,"USEPLATFORMTICK");
- if (pcVar3 != (char *)0x0) {
+ pcVar4 = strstr(pcVar3,"USEPLATFORMTICK");
+ if (pcVar4 != (char *)0x0) {
HalpTimerPlatformClockSourceForced = 1;
}
- pcVar3 = strstr(_Str,"GROUPSIZE");
- if (pcVar3 != (char *)0x0) {
- for (; ((cVar1 = *pcVar3, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
- pcVar3 = pcVar3 + 1) {
+ pcVar4 = strstr(pcVar3,"GROUPSIZE");
+ if (pcVar4 != (char *)0x0) {
+ for (; ((cVar1 = *pcVar4, cVar1 != '\0' && (cVar1 != ' ')) && (9 < (byte)(cVar1 - 0x30U)));
+ pcVar4 = pcVar4 + 1) {
}
- HalpMaximumGroupSize = atoi(pcVar3);
+ HalpMaximumGroupSize = atoi(pcVar4);
if (0x3f < HalpMaximumGroupSize - 1U) {
HalpMaximumGroupSize = 0x40;
}
}
HalpSplitLargeNumaNodes = (byte)(*(uint *)(*(longlong *)(param_1 + 0xf0) + 0x84) >> 0x11) & 1;
- strstr(_Str,"HALTPROFILINGPOLICY=BLOCKED");
- strstr(_Str,"HALTPROFILINGPOLICY=RELAXED");
- strstr(_Str,"HALTPROFILINGPOLICY=RESTRICTED");
+ strstr(pcVar3,"HALTPROFILINGPOLICY=BLOCKED");
+ strstr(pcVar3,"HALTPROFILINGPOLICY=RELAXED");
+ strstr(pcVar3,"HALTPROFILINGPOLICY=RESTRICTED");
return;
}
Slightly modified functions have no code changes, rather differnces in:
- refcount
- length
- called
- calling
- name
- fullname
| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,calling |
| ratio | 0.97 |
| i_ratio | 0.9 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | wil_details_FeatureReporting_ReportUsageToService | wil_details_FeatureReporting_ReportUsageToService |
| fullname | wil_details_FeatureReporting_ReportUsageToService | wil_details_FeatureReporting_ReportUsageToService |
refcount |
53 | 54 |
| length | 490 | 490 |
| called | CmFcManagerNotifyFeatureUsage __security_check_cookie _guard_dispatch_icall |
CmFcManagerNotifyFeatureUsage __security_check_cookie _guard_dispatch_icall |
calling |
Expand for full list:Feature_Servicing_LenovoSGDT_Hibernate__private_IsEnabled |
Expand for full list:Feature_Servicing_IommuDisableSpecialPassthroughErrata__private_IsEnabled |
| paramcount | 6 | 6 |
| address | 1402ce1e0 | 1402ce1e0 |
| sig | undefined wil_details_FeatureReporting_ReportUsageToService(undefined param_1, undefined param_2, undefined param_3, undefined param_4, undefined8 param_5, undefined4 param_6) | undefined wil_details_FeatureReporting_ReportUsageToService(undefined param_1, undefined param_2, undefined param_3, undefined param_4, undefined8 param_5, undefined4 param_6) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- wil_details_FeatureReporting_ReportUsageToService calling
+++ wil_details_FeatureReporting_ReportUsageToService calling
@@ -4,0 +5 @@
+Feature_MSRC76458_DisableTransactedRename__private_IsEnabled| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,address,calling |
| ratio | 1.0 |
| i_ratio | 0.77 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | wil_details_FeatureStateCache_GetCachedFeatureEnabledState | wil_details_FeatureStateCache_GetCachedFeatureEnabledState |
| fullname | wil_details_FeatureStateCache_GetCachedFeatureEnabledState | wil_details_FeatureStateCache_GetCachedFeatureEnabledState |
refcount |
16 | 17 |
| length | 45 | 45 |
| called | wil_details_FeatureStateCache_ReevaluateCachedFeatureEnabledState | wil_details_FeatureStateCache_ReevaluateCachedFeatureEnabledState |
calling |
Expand for full list:Feature_Servicing_PVCM_Race2__private_IsEnabled |
Expand for full list:Feature_Servicing_NonPagedQueryLogicalProcessorRelationship__private_IsEnabled |
| paramcount | 0 | 0 |
address |
1405017e4 | 1405018e4 |
| sig | undefined wil_details_FeatureStateCache_GetCachedFeatureEnabledState(void) | undefined wil_details_FeatureStateCache_GetCachedFeatureEnabledState(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- wil_details_FeatureStateCache_GetCachedFeatureEnabledState calling
+++ wil_details_FeatureStateCache_GetCachedFeatureEnabledState calling
@@ -0,0 +1 @@
+Feature_MSRC76458_DisableTransactedRename__private_IsEnabled| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,address,calling |
| ratio | 1.0 |
| i_ratio | 0.71 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | KiIsBranchConfusionPresent | KiIsBranchConfusionPresent |
| fullname | KiIsBranchConfusionPresent | KiIsBranchConfusionPresent |
refcount |
2 | 3 |
| length | 68 | 68 |
| called | HviIsAnyHypervisorPresent | HviIsAnyHypervisorPresent |
calling |
KiOptimizeSpecCtrlSettingsWorker | KiDetectHardwareSpecControlFeatures KiOptimizeSpecCtrlSettingsWorker |
| paramcount | 0 | 0 |
address |
140424100 | 140424120 |
| sig | undefined KiIsBranchConfusionPresent(void) | undefined KiIsBranchConfusionPresent(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- KiIsBranchConfusionPresent calling
+++ KiIsBranchConfusionPresent calling
@@ -0,0 +1 @@
+KiDetectHardwareSpecControlFeatures| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,calling |
| ratio | 1.0 |
| i_ratio | 1.0 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | HvpGetBinContextInitialize | HvpGetBinContextInitialize |
| fullname | HvpGetBinContextInitialize | HvpGetBinContextInitialize |
refcount |
44 | 49 |
| length | 6 | 6 |
| called | ||
calling |
Expand for full list:HvIsCellAllocated |
Expand for full list:HvFreeCell |
| paramcount | 0 | 0 |
| address | 140ae3340 | 140ae3340 |
| sig | undefined HvpGetBinContextInitialize(void) | undefined HvpGetBinContextInitialize(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- HvpGetBinContextInitialize calling
+++ HvpGetBinContextInitialize calling
@@ -0,0 +1 @@
+CmRenameKey| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,address,calling |
| ratio | 1.0 |
| i_ratio | 0.69 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | HalpGetCpuInfo | HalpGetCpuInfo |
| fullname | HalpGetCpuInfo | HalpGetCpuInfo |
refcount |
16 | 15 |
| length | 77 | 77 |
| called | ||
calling |
Expand for full list:HalpTimerConfigureQpcBypass |
Expand for full list:HalpTscCheckAdjustMsrCapability |
| paramcount | 0 | 0 |
address |
1403bfe30 | 1403bfe50 |
| sig | undefined HalpGetCpuInfo(void) | undefined HalpGetCpuInfo(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- HalpGetCpuInfo calling
+++ HalpGetCpuInfo calling
@@ -10 +9,0 @@
-HalpProcIsSmtDisabled| Key | ntoskrnl.exe.x64.10.0.22621.1344 - ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|
| diff_type | refcount,calling |
| ratio | 1.0 |
| i_ratio | 1.0 |
| m_ratio | 1.0 |
| b_ratio | 1.0 |
| match_types | SymbolsHash |
| Key | ntoskrnl.exe.x64.10.0.22621.1344 | ntoskrnl.exe.x64.10.0.22621.1413 |
|---|---|---|
| name | HvpGetCellContextReinitialize | HvpGetCellContextReinitialize |
| fullname | HvpGetCellContextReinitialize | HvpGetCellContextReinitialize |
refcount |
109 | 104 |
| length | 26 | 26 |
| called | HvpGetBinContextInitialize | HvpGetBinContextInitialize |
calling |
Expand for full list:CmSetValueKey |
Expand for full list:CmpAddSubKeyToList |
| paramcount | 0 | 0 |
| address | 14072976c | 14072976c |
| sig | undefined HvpGetCellContextReinitialize(void) | undefined HvpGetCellContextReinitialize(void) |
| sym_type | Function | Function |
| sym_source | IMPORTED | IMPORTED |
| external | False | False |
--- HvpGetCellContextReinitialize calling
+++ HvpGetCellContextReinitialize calling
@@ -9 +8,0 @@
-CmRenameKeyGenerated with ghidriff version: 0.5.1 on 2023-12-08T19:45:11