U0000: 00626803f200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) U0001: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) 018e5e40 SEQW GOTO U0e5e ------------------------------------------------------------------------------------ U0002: 004800013000 tmp7:= ZEROEXT_DSZ64(0x00000000) U0004: 05b900013000 mm7:= unk_5b9(0x00000000) U0005: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0b000240 ? SEQW GOTO U0002 U0006: 014800000000 SYNCWAIT-> URET(0x00) ------------------------------------------------------------------------------------ U0008: 000c6c97e208 tmp14:= SAVEUIP(0x01, U056c) 01890900 SEQW GOTO U0909 ------------------------------------------------------------------------------------ U0009: 0005a407de08 tmp13:= SUB_DSZ32(0x000001a4, tmp8) U000a: 01310023d23d tmp13:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000800) U000c: 00470003dc7d tmp13:= NOTAND_DSZ64(tmp13, tmp1) U000d: 0150015c027d LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp13, U3701) U000e: 000000000000 NOP 06a71180 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U0010: 000c6c97e208 tmp14:= SAVEUIP(0x01, U056c) 0187e100 SEQW GOTO U07e1 ------------------------------------------------------------------------------------ sha256_ret: U0011: 00638e03d200 tmp13:= READURAM(0x008e, 64) U0012: 00652003e23d tmp14:= SHR_DSZ64(tmp13, 0x00000020) U0014: 003d0003df7e tmp13:= MOVEINSERTFLGS_DSZ32(tmp14, tmp13) U0015: 00638d03e200 tmp14:= READURAM(0x008d, 64) U0016: 015d00000ec0 UJMP(tmp11) ------------------------------------------------------------------------------------ U0018: 000c528fe208 tmp14:= SAVEUIP(0x01, U0352) 05091100 SEQW GOTO U0911 ------------------------------------------------------------------------------------ U0019: 0c4b803fd000 tmp13:= RDSEGFLD(TSS, SEL) U001a: 0e7b0f000cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U001c: 00080003203d tmp2:= ZEROEXT_DSZ32(tmp13) U001d: 0da8003f2000 LFNCEWAIT-> unk_da8(0x00000000, tmp2) U001e: 00550e035200 tmp5:= BTS_DSZ64(0x00000000, 0x0000000e) 0291b280 SEQW GOTO U11b2 ------------------------------------------------------------------------------------ U0020: 1c1000e34144 tmp4:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) 01891900 SEQW GOTO U0919 ------------------------------------------------------------------------------------ U0021: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U0022: 0e752003403c tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U0024: 0e754003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040) U0025: 0e756003803c tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000060) U0026: 00008003cf08 tmp12:= ADD_DSZ32(0x00000080, tmp12) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0028: 01e200030021 tmp0:= RCXBTCNTMSK_DSZ8(rcx) 01896900 SEQW GOTO U0969 ------------------------------------------------------------------------------------ U0029: 100800038071 tmp8:= ZEROEXT_DSZ32N(tmp1, r64dst) U002a: 213e08031008 tmp1:= MOVEMERGEFLGS_DSZ32(0x00000008) U002c: 237d00000cb1 GENARITHFLAGS(tmp1, tmp2) U002d: 100100038e32 tmp8:= OR_DSZN(tmp2, tmp8) U002e: 217400001e01 r64dst:= CMOVCC_DSZ64_CONDZ(r64dst, tmp8) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0030: 01e200030021 tmp0:= RCXBTCNTMSK_DSZ8(rcx) 01880100 SEQW GOTO U0801 ------------------------------------------------------------------------------------ U0031: 100543831230 tmp1:= SUB_DSZN(tmp0, IMM_MACRO_43) U0032: 112f00032c72 tmp2:= unk_12f(tmp2, tmp1) U0034: 017000032cb4 tmp2:= SELECTCC_DSZ64_CONDZ(tmp4, tmp2) U0035: 013021034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x00000021) U0036: 110f00033cb3 tmp3:= unk_10f(tmp3, tmp2) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0038: 004100030021 tmp0:= OR_DSZ64(rcx) 01880900 SEQW GOTO U0809 ------------------------------------------------------------------------------------ U0039: 008f06070008 tmp0:= unk_08f(0x00000106) U003a: 01b400030c33 tmp0:= CMOVCC_DSZ16_CONDZ(tmp3, tmp0) U003c: 01b405037233 tmp7:= CMOVCC_DSZ16_CONDZ(tmp3, 0x00000005) U003d: 008000020830 rax:= ADD_DSZ16(tmp0, rax) U003e: 20c40f020808 rax:= AND_DSZ8(0x0000000f, rax) 01e04980 SEQW GOTO U6049 ------------------------------------------------------------------------------------ U0040: 004100030021 tmp0:= OR_DSZ64(rcx) 01898100 SEQW GOTO U0981 ------------------------------------------------------------------------------------ U0041: 00886267e00a tmp14:= ZEROEXT_DSZ16(0x00005962) U0042: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U0044: 286bf2b50270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000006, U5df2) U0045: 000000000000 SYNCFULL-> NOP U0046: 000000000000 NOP 08804580 SEQW GOTO U0045 ------------------------------------------------------------------------------------ U0048: 217401030008 tmp0:= CMOVCC_DSZ64_CONDZ(0x00000001) 0189c100 SEQW GOTO U09c1 ------------------------------------------------------------------------------------ U0049: 1062cd0bb240 tmp11:= MOVEFROMCREG_DSZ64(0x2cd, 32) U004a: 00010107bec8 tmp11:= OR_DSZ32(0x00000101, tmp11) U004c: 3042cd08027b MOVETOCREG_DSZ64(tmp11, 0x2cd, 32) U004d: 0008ff7f401f tmp4:= ZEROEXT_DSZ32(0xffffffffffffffff) U004e: 304281080274 MOVETOCREG_DSZ64(tmp4, 0x281, 32) 01e38d80 SEQW GOTO U638d ------------------------------------------------------------------------------------ U0050: 217501030008 tmp0:= CMOVCC_DSZ64_CONDNZ(0x00000001) 0909c116 SEQW GOTO U09c1 ------------------------------------------------------------------------------------ U0051: 00480003d013 tmp13:= ZEROEXT_DSZ64(tmp7) U0052: 015df5640240 SYNCFULL-> UJMP(U39f5) 0909c116 SEQW SAVEUIP1 U0054 ------------------------------------------------------------------------------------ U0054: 00450803cf08 tmp12:= SUB_DSZ64(0x00000008, tmp12) U0055: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0180514a ? SEQW GOTO U0051 U0056: 000000000000 NOP 0180514a SEQW URET0 ------------------------------------------------------------------------------------ U0058: 000c79b00200 SAVEUIP(0x01, U0c79) 0186f100 SEQW GOTO U06f1 ------------------------------------------------------------------------------------ U0059: 0045000b7dc8 tmp7:= SUB_DSZ64(0x00000200, tmp7) U005a: 00480003503e tmp5:= ZEROEXT_DSZ64(tmp14) U005c: 000802036008 tmp6:= ZEROEXT_DSZ32(0x00000002) U005d: 0088992bb009 tmp11:= ZEROEXT_DSZ16(0x00002a99) U005e: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0c480 SEQW GOTO calc_sha256_start ------------------------------------------------------------------------------------ U0060: 000c20840280 SAVEUIP(0x01, U4120) 01884100 SEQW GOTO U0841 ------------------------------------------------------------------------------------ U0061: 0e2501031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000001) U0062: 004005034d08 tmp4:= ADD_DSZ64(0x00000005, tmp4) U0064: 00c400030eb0 tmp0:= AND_DSZ8(tmp0, tmp10) U0065: 013100031c70 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp0, tmp1) U0066: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) 019ea680 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U0068: 000c6a880280 SAVEUIP(0x01, U426a) 01884100 SEQW GOTO U0841 ------------------------------------------------------------------------------------ U0069: 0e25fc031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0xfffffffffffffffc) U006a: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) U006c: 006353030200 tmp0:= READURAM(0x0053, 64) U006d: 000101030c08 tmp0:= OR_DSZ32(0x00000001, tmp0) U006e: 204353080230 WRITEURAM(tmp0, 0x0053, 32) 019ea680 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U0070: 000000000000 NOP 01a21e00 SEQW GOTO U221e ------------------------------------------------------------------------------------ U0071: 000000000000 NOP U0072: 000c691c0240 SAVEUIP(0x00, generate_#UD) U0074: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01ac1d09 ? SEQW GOTO U2c1d U0075: 100a01040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_VMX_OP_DIS) 01ac1d09 ? SEQW URET0 U0076: 015d111c0240 UJMP(generate_#GP) ------------------------------------------------------------------------------------ U0078: 000c1e0bd248 tmp13:= SAVEUIP(0x00, U221e) 01a65600 SEQW GOTO U2656 ------------------------------------------------------------------------------------ U0079: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U007a: 0ea500030034 tmp0:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U007c: 004002034d08 tmp4:= ADD_DSZ64(0x00000002, tmp4) U007d: 00050103cc08 tmp12:= SUB_DSZ32(0x00000001, tmp0) U007e: 01420e000f00 SYNCFULL-> UFLOWCTRL(MSLOOPCTR, tmp12) 090000ce SEQW URET1 ------------------------------------------------------------------------------------ U0080: 26a03d038000 tmp8:= unk_6a0(0x00000000) 0182c900 SEQW GOTO U02c9 ------------------------------------------------------------------------------------ U0081: 000000000000 NOP U0082: 01420e000fc0 UFLOWCTRL(MSLOOPCTR, tmp15) U0084: 000000000000 SYNCFULL-> NOP U0085: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 08008440 ? SEQW GOTO U0084 U0086: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U0088: 26a03e038000 tmp8:= unk_6a0(0x00000000) 0502c900 SEQW GOTO U02c9 ------------------------------------------------------------------------------------ U0089: 000000000000 NOP U008a: 0e7b2fe40cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U008c: 000800000000 NOP U008d: 000800000000 NOP U008e: 000000000000 LFNCEWAIT-> NOP 030000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0090: 26a03c038000 tmp8:= unk_6a0(0x00000000) 0502c900 SEQW GOTO U02c9 ------------------------------------------------------------------------------------ U0091: 000000000000 NOP U0092: 3e7b49031cb0 LFNCEMARK-> tmp1:= unk_e7b(tmp0, tmp2) U0094: 005000000c71 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp1, tmp1) U0095: 000ca4e7e248 tmp14:= SAVEUIP(0x01, U39a4) U0096: 29a2f51f16b0 tmp1:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) 04399480 SEQW GOTO U3994 ------------------------------------------------------------------------------------ U0098: 26a000038000 tmp8:= unk_6a0(0x00000000) 0902c900 SEQW GOTO U02c9 ------------------------------------------------------------------------------------ U0099: 000000000000 NOP U009a: 390201480200 SYNCFULL-> MOVETOCREG_OR_DSZ64(0x00000001, 0x201) U009c: 390204480200 SYNCFULL-> MOVETOCREG_OR_DSZ64(0x00000001, 0x204) U009d: 304201080240 MOVETOCREG_DSZ64(0x00000000, 0x201, 32) U009e: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 080000ca SEQW URET0 ------------------------------------------------------------------------------------ U00a0: 000c728c0200 SAVEUIP(0x01, U0372) 018a4900 SEQW GOTO U0a49 ------------------------------------------------------------------------------------ U00a1: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U00a2: 0e2500033034 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U00a4: 0e6504035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x00000004) U00a5: 0e650c036034 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x0000000c) U00a6: 004014034d08 tmp4:= ADD_DSZ64(0x00000014, tmp4) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U00a8: 000104038008 tmp8:= OR_DSZ32(0x00000004) 018a6200 SEQW GOTO U0a62 ------------------------------------------------------------------------------------ U00a9: 00a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U00aa: 20430e080230 WRITEURAM(tmp0, 0x000e, 32) U00ac: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U00ad: 186a91c00231 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000003, U2091) U00ae: 39629d480231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x29d) 08b7aa80 SEQW GOTO U37aa ------------------------------------------------------------------------------------ U00b0: 000c91880280 SAVEUIP(0x01, U4291) 01884100 SEQW GOTO U0841 ------------------------------------------------------------------------------------ U00b1: 000100015573 tmpv1:= OR_DSZ32(tmp3, tmpv1) U00b2: 00a100016556 tmpv2:= CONCAT_DSZ16(tmpv2, tmpv1) U00b4: 0021ff7d659f tmpv2:= CONCAT_DSZ32(0xffffffffffffffff, tmpv2) U00b5: 0c6b37800000 WRSEGFLD(0x00000000) U00b6: 0c6b57800016 WRSEGFLD(tmpv2) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U00b8: 00000103f008 tmp15:= ADD_DSZ32(0x00000001) 018a5900 SEQW GOTO U0a59 ------------------------------------------------------------------------------------ U00b9: 0c4b80132000 tmp2:= RDSEGFLD(UNK_SEG_04, SEL) U00ba: 0da200100000 unk_da2(0x00000000) U00bc: 000707038c88 tmp8:= NOTAND_DSZ32(0x00000007, tmp2) U00bd: 0d6200180038 unk_d62(tmp8) U00be: 00881903d008 tmp13:= ZEROEXT_DSZ16(0x00000019) 01c6f980 SEQW GOTO U46f9 ------------------------------------------------------------------------------------ U00c0: 000c95840280 SAVEUIP(0x01, U4195) 03084100 SEQW GOTO U0841 ------------------------------------------------------------------------------------ U00c1: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U00c2: 0c4b80732000 LFNCEWAIT-> tmp2:= RDSEGFLD(SEG_V0, SEL) U00c4: 0d61001b0032 tmp0:= unk_d61(tmp2) U00c5: 0d61001f1032 tmp1:= unk_d61(tmp2) U00c6: 007700030c31 tmp0:= CMOVCC_DSZ64_CONDNB(tmp1, tmp0) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U00c8: 000cad840280 SAVEUIP(0x01, U41ad) 01884100 SEQW GOTO U0841 ------------------------------------------------------------------------------------ U00c9: 0004fc031d88 tmp1:= AND_DSZ32(0x000000fc, tmp6) U00ca: 000530031c48 tmp1:= SUB_DSZ32(0x00000030, tmp1) U00cc: 015114100231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U0414) U00cd: 000703036d88 tmp6:= NOTAND_DSZ32(0x00000003, tmp6) U00ce: 000101036d88 tmp6:= OR_DSZ32(0x00000001, tmp6) 01841480 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U00d0: 000000000000 NOP U00d1: 000000000000 LFNCEMARK-> NOP 04808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U00d2: 000e07000208 WRMSLOOPCTRFBR(0x00000007) U00d4: 05b900003000 SYNCWAIT-> xmm7:= unk_5b9(0x00000000) U00d5: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0a00d44e ? SEQW GOTO U00d4 U00d6: 000000000000 NOP 0a00d44e SEQW URET1 ------------------------------------------------------------------------------------ U00d8: 0fef00000000 LBSYNC(0x00000000) U00d9: 000000000000 LFNCEMARK-> NOP 04808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U00da: 00330003f274 tmp15:= SELECTCC_DSZ32_CONDNB(tmp4, 0x00002000) U00dc: 0042f51c023f SYNCFULL-> MOVETOCREG_DSZ64(tmp15, 0x7f5) U00dd: 00421a1c0231 MOVETOCREG_DSZ64(tmp1, 0x71a) U00de: 015d00000ec0 UJMP(tmp11) ------------------------------------------------------------------------------------ U00e0: 000d0e800000 SAVEUIP_REGOVR(0x01, U00e1, 0x000e) 018b9100 SEQW GOTO U0b91 U00e1: 000804032008 tmp2:= ZEROEXT_DSZ32(0x00000004) U00e2: 000501032c88 tmp2:= SUB_DSZ32(0x00000001, tmp2) U00e4: 0152ec5c0232 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp2, uend) U00e5: 10629f0b1240 tmp1:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U00e6: 086be2000231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U00e2) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U00e8: 008c2c9f2202 tmp2:= SAVEUIP(r64src, 0x01, U072c) 0185610e SEQW GOTO U0561 ------------------------------------------------------------------------------------ U00e9: 000877030010 tmp0:= ZEROEXT_DSZ32(0x0002001c) U00ea: 200a00800280 TESTUSTATE(VMX, !0x4000) 0185610e ? SEQW URET1 U00ec: 200a00000300 TESTUSTATE(VMX, 0x8000) 018c720a ? SEQW GOTO U0c72 U00ed: 00631103c200 tmp12:= READURAM(0x0011, 64) U00ee: 000d01800000 SAVEUIP_REGOVR(0x01, U00f0, 0x0001) 018c720a SEQW URET0 ------------------------------------------------------------------------------------ U00f0: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) 018a6900 SEQW GOTO U0a69 ------------------------------------------------------------------------------------ U00f1: 00080003d030 tmp13:= ZEROEXT_DSZ32(tmp0) U00f2: 09a2c5180332 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000010, 0x6c5) U00f4: 00652003c232 tmp12:= SHR_DSZ64(tmp2, 0x00000020) U00f5: 00850003f034 tmp15:= SUB_DSZ16(tmp4) U00f6: 01890003cf3f tmp12:= ADDSUB_DSZ16_CONDD(tmp15, tmp12) 01adc480 SEQW GOTO U2dc4 ------------------------------------------------------------------------------------ U00f8: 000c5583e288 tmp14:= SAVEUIP(0x01, U4055) 01886100 SEQW GOTO U0861 ------------------------------------------------------------------------------------ U00f9: 1045e01b2848 tmp2:= SUB_DSZN(0x000006e0, rcx) U00fa: 0150fd000232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U00fd) U00fc: 0fef02000000 LBSYNC(0x00000002) U00fd: 00010003ae0a tmp10:= OR_DSZ32(0x00004000, tmp8) U00fe: 00076203ae90 tmp10:= NOTAND_DSZ32(0x00018000, tmp10) 018ae580 SEQW GOTO U0ae5 ------------------------------------------------------------------------------------ U0100: 000c5583e288 tmp14:= SAVEUIP(0x01, U4055) 01856900 SEQW GOTO U0569 ------------------------------------------------------------------------------------ U0101: 0150004c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3300) U0102: 00635c031200 tmp1:= READURAM(0x005c, 64) U0104: 186b115c02f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, generate_#GP) U0105: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 0927114e ? SEQW GOTO generate_#GP U0106: 0051111c0278 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNO(tmp8, generate_#GP) 0927114e SEQW URET1 ------------------------------------------------------------------------------------ U0108: 000c0ae7e248 tmp14:= SAVEUIP(0x01, U390a) 01856900 SEQW GOTO U0569 ------------------------------------------------------------------------------------ U0109: 006342031200 tmp1:= READURAM(0x0042, 64) U010a: 00140f031231 tmp1:= BT_DSZ32(tmp1, 0x0000000f) U010c: 00b600031d71 tmp1:= CMOVCC_DSZ16_CONDB(tmp1, tmp5) U010d: 1929111c0d71 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, tmp5, generate_#GP) U010e: 2d0fc4035008 PORTOUT_DSZ32_ASZ16_SC1(0x000000c4, tmp5) 06b20480 SEQW GOTO U3204 ------------------------------------------------------------------------------------ U0110: 000cee9fe208 tmp14:= SAVEUIP(0x01, U07ee) 01886100 SEQW GOTO U0861 ------------------------------------------------------------------------------------ U0111: 022664031c48 tmp1:= unk_226(0x00000064, tmp1) U0112: 011400000c40 unk_114(tmp1) U0114: 000000231c48 tmp1:= ADD_DSZ32(0x00000800, tmp1) U0115: 006420031231 tmp1:= SHL_DSZ64(tmp1, 0x00000020) U0116: 0004007f5d4f tmp5:= AND_DSZ32(0x0000ff00, tmp5) 01b05680 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U0118: 000cf69fe208 tmp14:= SAVEUIP(0x01, U07f6) 01886100 SEQW GOTO U0861 ------------------------------------------------------------------------------------ U0119: 0062f01f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7f0) U011a: 186a111c0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000000, generate_#GP) U011c: 00633a032200 LFNCEMARK-> tmp2:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U011d: 005620032232 tmp2:= BTR_DSZ64(tmp2, 0x00000020) U011e: 20433a000232 WRITEURAM(tmp2, FSCP_CR_IA32_FEATURE_CTL, 64) 040000ce SEQW URET1 ------------------------------------------------------------------------------------ U0120: 000cf69fe208 tmp14:= SAVEUIP(0x01, U07f6) 01856900 SEQW GOTO U0569 ------------------------------------------------------------------------------------ U0121: 000100072c88 tmp2:= OR_DSZ32(0x00000100, tmp2) U0122: 025400000d80 FETCHFROMEIP0_ASZ64(tmp6) U0124: 20631f030200 tmp0:= READURAM(0x001f, 64) U0125: 005524030230 tmp0:= BTS_DSZ64(tmp0, 0x00000024) U0126: 20431f040230 LFNCEMARK-> WRITEURAM(tmp0, 0x011f, 64) 054e6a80 SEQW GOTO U4e6a ------------------------------------------------------------------------------------ U0128: 000c49200240 SAVEUIP(0x00, U2849) 01886200 SEQW GOTO U0862 ------------------------------------------------------------------------------------ U0129: 006213171200 tmp1:= MOVEFROMCREG_DSZ64(0x513) U012a: 0008ff03f008 tmp15:= ZEROEXT_DSZ32(0x000000ff) U012c: 00210043f7ff tmp15:= CONCAT_DSZ32(tmp15, 0xfffffffffffff000) U012d: 004400034c7f tmp4:= AND_DSZ64(tmp15, tmp1) U012e: 006532031231 tmp1:= SHR_DSZ64(tmp1, 0x00000032) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0130: 008c8a832202 tmp2:= SAVEUIP(r64src, 0x01, U008a) 01abd800 SEQW GOTO U2bd8 ------------------------------------------------------------------------------------ U0131: 000803033008 tmp3:= ZEROEXT_DSZ32(0x00000003) U0132: 006358030200 tmp0:= READURAM(0x0058, 64) U0134: 0e2500070c1c tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp0, 0x00000c00, mode=0x01) U0135: 00080003f000 tmp15:= ZEROEXT_DSZ32(0x00000000) U0136: 186b691c0030 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, generate_#UD) 0184c680 SEQW GOTO U04c6 ------------------------------------------------------------------------------------ U0138: 0c9000e32144 tmp2:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) 018c9100 SEQW GOTO U0c91 ------------------------------------------------------------------------------------ U0139: 00632003f200 tmp15:= READURAM(0x0020, 64) U013a: 00140103f23f tmp15:= BT_DSZ32(tmp15, 0x00000001) U013c: 0033006ff27f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00003b00) U013d: 0000c003ffc9 tmp15:= ADD_DSZ32(0x000020c0, tmp15) U013e: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0140: 000b01838208 tmp8:= UPDATEUSTATE(!0x04) U0141: 000cec8fe288 LFNCEMARK-> tmp14:= SAVEUIP(0x01, U43ec) 04875240 SEQW GOTO U0752 ------------------------------------------------------------------------------------ U0142: 016f00032c81 tmp2:= unk_16f(r64dst, tmp2) U0144: 017000032cb4 tmp2:= SELECTCC_DSZ64_CONDZ(tmp4, tmp2) U0145: 01303f034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x0000003f) U0146: 034f00033cb3 tmp3:= unk_34f(tmp3, tmp2) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0148: 008c95374241 tmp4:= SAVEUIP(r64dst, 0x00, U2d95) 01863100 SEQW GOTO U0631 ------------------------------------------------------------------------------------ U0149: 2042fe1c0236 MOVETOCREG_DSZ64(tmp6, CORE_CR_EFLAGS) U014a: 00240503e232 tmp14:= SHL_DSZ32(tmp2, 0x00000005) U014c: 00001413ff8a tmp15:= ADD_DSZ32(0x00004414, tmp14) U014d: 000c86180200 SAVEUIP(0x00, U0686) U014e: 01420a000fc0 UFLOWCTRL(URET0, tmp15) 01a51e80 SEQW GOTO U251e ------------------------------------------------------------------------------------ U0150: 00631103c200 tmp12:= READURAM(0x0011, 64) 01947e00 SEQW GOTO U147e ------------------------------------------------------------------------------------ U0151: 0e6de807c024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xffffffffffffffe8, mode=0x01, tmp12) U0152: 006210170200 tmp0:= MOVEFROMCREG_DSZ64(0x510) U0154: 00041f030c08 tmp0:= AND_DSZ32(0x0000001f, tmp0) U0155: 00210e2f0230 tmp0:= CONCAT_DSZ32(tmp0, 0x00000b0e) U0156: 000818033008 tmp3:= ZEROEXT_DSZ32(0x00000018) 01b1ec80 SEQW GOTO U31ec ------------------------------------------------------------------------------------ U0158: 00631103c200 tmp12:= READURAM(0x0011, 64) 01947e00 SEQW GOTO U147e ------------------------------------------------------------------------------------ U0159: 2d0bf01f000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000047f0) U015a: 00650d030230 tmp0:= SHR_DSZ64(tmp0, 0x0000000d) U015c: 000408030c08 tmp0:= AND_DSZ32(0x00000008, tmp0) U015d: 000101021c08 rcx:= OR_DSZ32(0x00000001, tmp0) U015e: 000802023008 rbx:= ZEROEXT_DSZ32(0x00000002) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U0160: 2cda00e31144 tmp1:= LDTICKLE_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0161: 23af00031c41 tmp1:= unk_3af(r64dst, tmp1) 0903aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U0162: 01420b000ec0 SYNCFULL-> UFLOWCTRL(URET1, tmp11) U0164: 0dff02000000 unk_dff(0x00000000) U0165: 09023a180280 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(0x00000008, 0x63a) U0166: 09023ed80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x63e) 02a7ae80 SEQW GOTO U27ae ------------------------------------------------------------------------------------ U0168: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0169: 333e00031c41 tmp1:= ADC(r64dst, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U016a: 1c38d3aa5024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_d3, mode=0x0a, rbp) U016c: 1c38cbaa6024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_cb, mode=0x0a, rsi) U016d: 1c38c3aa7024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_c3, mode=0x0a, rdi) U016e: 10c0c3824908 rsp:= ADD_DSZN(IMM_MACRO_c3, rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0170: 2cda00e31144 tmp1:= LDTICKLE_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0171: 23a800031c41 tmp1:= unk_3a8(r64dst, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U0172: 017100020835 rax:= SELECTCC_DSZ64_CONDNZ(tmp5, rax) U0174: 0eff00000000 unk_eff(0x00000000) U0175: 000000000000 SYNCFULL-> NOP U0176: 125600000000 unk_256(0x00000000) 088000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0178: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0179: 333f00031c41 tmp1:= SBB(r64dst, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U017a: 0c4bc0270000 tmp0:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U017c: 104500034cf0 tmp4:= SUB_DSZN(tmp0, tmp3) U017d: 008825035008 tmp5:= ZEROEXT_DSZ16(0x00000025) U017e: 000cc5d00240 SAVEUIP(0x01, U34c5) 01a68c80 SEQW GOTO U268c ------------------------------------------------------------------------------------ U0180: 2cda00e31144 tmp1:= LDTICKLE_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0181: 23a900031c41 tmp1:= unk_3a9(r64dst, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U0182: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U0184: 00082007f008 tmp15:= ZEROEXT_DSZ32(0x00000120) U0185: 00420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U0186: 000848033009 tmp3:= ZEROEXT_DSZ32(0x00002048) 01a7fc80 SEQW GOTO U27fc ------------------------------------------------------------------------------------ U0188: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0189: 300f00831c48 tmp1:= unk_00f(IMM_MACRO_ALIAS_IMMEDIATE, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U018a: 26ed0a03aef9 tmp10:= unk_6ed(tmp9, tmp11) U018c: 052bf503903a tmp9:= unk_52b(tmp10) U018d: 052b5f03b03a tmp11:= unk_52b(tmp10) U018e: 26ed00801e7b r64dst:= unk_6ed(tmp11, tmp9) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0190: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0191: 333e00831c48 tmp1:= ADC(IMM_MACRO_ALIAS_IMMEDIATE, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U0192: 00813f030c08 tmp0:= OR_DSZ16(0x0000003f, tmp0) U0194: 204286100230 MOVETOCREG_DSZ64(tmp0, 0x486) U0195: 00872a03ae90 tmp10:= NOTAND_DSZ16(0x00008080, tmp10) U0196: 20428c10023a SYNCFULL-> MOVETOCREG_DSZ64(tmp10, 0x48c) 09221e80 SEQW GOTO U221e ------------------------------------------------------------------------------------ U0198: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0199: 333f00831c48 tmp1:= SBB(IMM_MACRO_ALIAS_IMMEDIATE, tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U019a: 1008ff7f701f tmp7:= ZEROEXT_DSZ32N(0xffffffffffffffff) U019c: 00543f037237 tmp7:= BT_DSZ64(tmp7, 0x0000003f) U019d: 0cc2ff60027b LFNCEWAIT-> unk_cc2(tmp11, 0x000038ff) U019e: 000c3d5c0280 SAVEUIP(0x00, U573d) 02edac80 SEQW GOTO U6dac ------------------------------------------------------------------------------------ U01a0: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01a1: 1006ff7f1c5f tmp1:= XOR_DSZN(0xffffffffffffffff, tmp1) 0303aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U01a2: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U01a4: 000420037d48 tmp7:= AND_DSZ32(0x00000020, tmp5) U01a5: 00628c138200 tmp8:= MOVEFROMCREG_DSZ64(0x48c) U01a6: 01503e1402b7 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, U453e) 01840480 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U01a8: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01a9: 300500031031 tmp1:= SUB_DSZ32(tmp1) 0183aa40 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U01aa: 0c7ba7000037 WRSEGFLD(tmp7, LDT, SEL+FLGS+LIM) U01ac: 0c4b20137000 tmp7:= RDSEGFLD(UNK_SEG_04, BASE) U01ad: 002100033df0 tmp3:= CONCAT_DSZ32(tmp0, tmp7) U01ae: 0c7b27000033 LFNCEMARK-> WRSEGFLD(tmp3, LDT, BASE) 0517ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U01b0: 089f00830144 tmp0:= LA2LIN_DSZ64(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U01b1: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 030000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01b2: 0c4ba013b000 LFNCEWAIT-> tmp11:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U01b4: 0c7ba700003b WRSEGFLD(tmp11, LDT, SEL+FLGS+LIM) U01b5: 0c4b2013b000 tmp11:= RDSEGFLD(UNK_SEG_04, BASE) U01b6: 0c7b2700003b LFNCEMARK-> WRSEGFLD(tmp11, LDT, BASE) 0517ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U01b8: 22a200030002 tmp0:= unk_2a2(r64src) U01b9: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01ba: 0d61081b3032 tmp3:= unk_d61(tmp2) U01bc: 0d61081f1032 tmp1:= unk_d61(tmp2) U01bd: 007700033cf1 tmp3:= CMOVCC_DSZ64_CONDNB(tmp1, tmp3) U01be: 3e6bc0000033 LFNCEMARK-> unk_e6b(tmp3) 050000ca SEQW URET0 ------------------------------------------------------------------------------------ U01c0: 00bc00030002 tmp0:= unk_0bc(r64src) U01c1: 02e300001070 r64dst:= unk_2e3(tmp0, r64dst) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01c2: 0c6b8b000000 WRSEGFLD(0x00000000, DS, SEL) U01c4: 0c6b88000000 WRSEGFLD(0x00000000, ES, SEL) U01c5: 0c6b8c000000 WRSEGFLD(0x00000000, FS, SEL) U01c6: 0c6b8d000000 LFNCEMARK-> WRSEGFLD(0x00000000, GS, SEL) 051cf180 SEQW GOTO U1cf1 ------------------------------------------------------------------------------------ U01c8: 22a500030042 tmp0:= unk_2a5(r64src, r64dst) U01c9: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 030000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01ca: 0062fe1eb200 LFNCEWAIT-> r11:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U01cc: 23800002bac0 r11:= READAFLAGS(r11) U01cd: 000700036af4 tmp6:= NOTAND_DSZ32(tmp4, r11) U01ce: 004900035030 tmp5:= MOVE_DSZ64(tmp0) 01989180 SEQW GOTO U1891 ------------------------------------------------------------------------------------ U01d0: 22a500830088 tmp0:= unk_2a5(IMM_MACRO_ALIAS_IMMEDIATE, r64src) U01d1: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01d2: 002510032230 tmp2:= SHR_DSZ32(tmp0, 0x00000010) U01d4: 008800032032 tmp2:= ZEROEXT_DSZ16(tmp2) U01d5: 0d61001b0032 tmp0:= unk_d61(tmp2) U01d6: 1e7b64000cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) 05380180 SEQW GOTO U3801 ------------------------------------------------------------------------------------ U01d8: 22ef00030802 tmp0:= unk_2ef(r64src, rax) U01d9: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U01da: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U01dc: 000707037c88 tmp7:= NOTAND_DSZ32(0x00000007, tmp2) U01dd: 0d6200180037 unk_d62(tmp7) U01de: 000000000000 NOP 01bcd480 SEQW GOTO U3cd4 ------------------------------------------------------------------------------------ U01e0: 1c1a00e33144 tmp3:= LDTICKLE_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01e1: 000c74940200 SAVEUIP(0x01, U0574) 03046240 SEQW GOTO U0462 ------------------------------------------------------------------------------------ U01e2: 0c4b200b0000 LFNCEWAIT-> tmp0:= RDSEGFLD(CS, BASE) U01e4: 0c6b29000030 WRSEGFLD(tmp0, UNK_SEG_09, BASE) U01e5: 0c4ba00b0000 tmp0:= RDSEGFLD(CS, SEL+FLGS+LIM) U01e6: 0c6b49000030 SYNCFULL-> WRSEGFLD(tmp0, UNK_SEG_09, FLGS) 092d3080 SEQW GOTO U2d30 ------------------------------------------------------------------------------------ U01e8: 1c1a00e33144 tmp3:= LDTICKLE_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01e9: 000c74940200 SAVEUIP(0x01, U0574) 01846a40 SEQW GOTO U046a ------------------------------------------------------------------------------------ U01ea: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U01ec: 0c4bc063a000 tmp10:= RDSEGFLD(SS_KERNM, UNK_FLD_0c) U01ed: 10810003f026 tmp15:= OR_DSZN(rsi) U01ee: 10400003aebf tmp10:= ADD_DSZN(tmp15, tmp10) 01b43c80 SEQW GOTO U343c ------------------------------------------------------------------------------------ U01f0: 1c1a00e33144 tmp3:= LDTICKLE_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01f1: 000c74940200 SAVEUIP(0x01, U0574) 01896240 SEQW GOTO U0962 ------------------------------------------------------------------------------------ U01f2: 1062d00b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d0, 32) U01f4: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U01f5: 026400030c3f tmp0:= IMUL64L_DSZ64(tmp15, tmp0) U01f6: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) 01daca80 SEQW GOTO U5aca ------------------------------------------------------------------------------------ U01f8: 1c1a00e33144 tmp3:= LDTICKLE_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U01f9: 000c74940200 SAVEUIP(0x01, U0574) 01897240 SEQW GOTO U0972 ------------------------------------------------------------------------------------ U01fa: 00240303e231 tmp14:= SHL_DSZ32(tmp1, 0x00000003) U01fc: 2d4f301f5f8a PORTOUT_DSZ64_ASZ16_SC1(0x00004730, tmp14, tmp5) U01fd: 0000050b1271 tmp1:= ADD_DSZ32(tmp1, 0x00002205) U01fe: 304200000c75 MOVETOCREG_DSZ64(tmp5, tmp1) 01b39880 SEQW GOTO U3398 ------------------------------------------------------------------------------------ U0200: 0c9a00e33144 tmp3:= LDTICKLE_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0201: 004100030021 tmp0:= OR_DSZ64(rcx) 01897a40 SEQW GOTO U097a ------------------------------------------------------------------------------------ U0202: 000424031c50 tmp1:= AND_DSZ32(0x00007f00, tmp1) U0204: 013e00031cb1 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp2) U0205: 013500031d71 tmp1:= CMOVCC_DSZ32_CONDNZ(tmp1, tmp5) U0206: 004724035d50 tmp5:= NOTAND_DSZ64(0x00007f00, tmp5) 01b05680 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U0208: 002100033081 tmp3:= CONCAT_DSZ32(r64dst, r64src) U0209: 212f00002873 rax:= unk_12f(tmp3, rcx) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U020a: 2d9bc0031008 tmp1:= unk_d9b(0x000000c0) U020c: 000701071c50 tmp1:= NOTAND_DSZ32(0x00400001, tmp1) U020d: 000100035c75 tmp5:= OR_DSZ32(tmp5, tmp1) U020e: 2d9fc0035008 tmp5:= unk_d9f(0x000000c0) 01d6f880 SEQW GOTO U56f8 ------------------------------------------------------------------------------------ U0210: 0c1a00e33144 tmp3:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0211: 004100030021 tmp0:= OR_DSZ64(rcx) 01898a40 SEQW GOTO U098a ------------------------------------------------------------------------------------ U0212: 2d0bbc1b100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000046bc) U0214: 00078a031c50 tmp1:= NOTAND_DSZ32(0x0003c000, tmp1) U0215: 000100031c75 tmp1:= OR_DSZ32(tmp5, tmp1) U0216: 2d0fbc1b100a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x000046bc, tmp1) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U0218: 008c0aa30221 tmp0:= SAVEUIP(rcx, 0x01, U080a) U0219: 004100033002 tmp3:= OR_DSZ64(r64src) 01899440 SEQW GOTO U0994 ------------------------------------------------------------------------------------ U021a: 0004f9032d50 tmp2:= AND_DSZ32(0x003ff000, tmp5) U021c: 013000232232 tmp2:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000800) U021d: 004100031c72 tmp1:= OR_DSZ64(tmp2, tmp1) U021e: 004200000cf1 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, tmp3) 03320080 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U0220: 0c5a00e33144 tmp3:= LDTICKLE_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0221: 000c74940200 SAVEUIP(0x01, U0574) 01899240 SEQW GOTO U0992 ------------------------------------------------------------------------------------ U0222: 00c100035c75 tmp5:= OR_DSZ8(tmp5, tmp1) U0224: 00635c031200 tmp1:= READURAM(0x005c, 64) U0225: 006513031231 tmp1:= SHR_DSZ64(tmp1, 0x00000013) U0226: 0004e1031c50 tmp1:= AND_DSZ32(0x00200000, tmp1) 01b05680 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U0228: 0c5a00e33144 tmp3:= LDTICKLE_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0229: 008c74970221 tmp0:= SAVEUIP(rcx, 0x01, U0574) 01899440 SEQW GOTO U0994 ------------------------------------------------------------------------------------ U022a: 000701031c48 tmp1:= NOTAND_DSZ32(0x00000001, tmp1) U022c: 00c100031c75 tmp1:= OR_DSZ8(tmp5, tmp1) U022d: 2d0f1833100a PORTOUT_DSZ32_ASZ16_SC1(0x00004c18, tmp1) U022e: 00080143c008 tmp12:= ZEROEXT_DSZ32(0x00001001) 01b23480 SEQW GOTO U3234 ------------------------------------------------------------------------------------ U0230: 102f08030202 tmp0:= unk_02f(r64src, 0x00000008) U0231: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 050000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U0232: 0e25780392b2 LFNCEMARK-> tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000278) U0234: 000400039e4a tmp9:= AND_DSZ32(0x00004000, tmp9) U0235: 006205078200 tmp8:= MOVEFROMCREG_DSZ64(0x105) U0236: 090205040e78 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(tmp8, tmp9, 0x105) 0313b180 SEQW GOTO U13b1 ------------------------------------------------------------------------------------ U0238: 1008000228a0 rdx:= ZEROEXT_DSZ32N(rax, rdx) U0239: 102e0f022222 rdx:= SAR_DSZN(rdx, 0x0000000f) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U023a: 013e05037dc8 tmp7:= MOVEMERGEFLGS_DSZ32(0x00000005, tmp7) U023c: 013506037237 tmp7:= CMOVCC_DSZ32_CONDNZ(tmp7, 0x00000006) U023d: 013e0003de37 tmp13:= MOVEMERGEFLGS_DSZ32(tmp7, tmp8) U023e: 01350403d23d tmp13:= CMOVCC_DSZ32_CONDNZ(tmp13, 0x00000004) 01ad6980 SEQW GOTO U2d69 ------------------------------------------------------------------------------------ U0240: 00e800030020 tmp0:= MOVSX_DSZ8(rax) U0241: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U0242: 1c4000637035 tmp7:= LDZX_DSZN_ASZ32_SC1(tmp5, mode=0x18) U0244: 01511434023b UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U0d14) U0245: 086b147402f2 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x0000000d, U0d14) U0246: 207e00037cb7 tmp7:= unk_07e(tmp7, tmp2) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0248: 20b6ff030008 tmp0:= CMOVCC_DSZ16_CONDB(0x000000ff) U0249: 00c800020830 rax:= ZEROEXT_DSZ8(tmp0, rax) 0b0000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U024a: 01080083e010 SYNCWAIT-> tmp14:= READUIP_REGOVR(0x01) U024c: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 0522850e ? SEQW GOTO U2285 U024d: 0e6500078037 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, mode=0x01) U024e: 0e6508075037 LFNCEMARK-> tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008, mode=0x01) 0522850e SEQW URET1 ------------------------------------------------------------------------------------ U0250: 108500030840 tmp0:= SUB_DSZN(0x00000000, rcx) U0251: 11180a800230 unk_118(tmp0, IMM_MACRO_0a) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U0252: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U0254: 006358030200 tmp0:= READURAM(0x0058, 64) U0255: 004000331c08 tmp1:= ADD_DSZ64(0x00000c00, tmp0) U0256: 0e6508075c48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000008, mode=0x01) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0258: 00c506031808 tmp1:= SUB_DSZ8(0x00000006, rax) U0259: 013efa7f1c5f tmp1:= MOVEMERGEFLGS_DSZ32(0xfffffffffffffffa, tmp1) 0189d140 SEQW GOTO U09d1 ------------------------------------------------------------------------------------ U025a: 00632003f200 tmp15:= READURAM(0x0020, 64) U025c: 00140103f23f tmp15:= BT_DSZ32(tmp15, 0x00000001) U025d: 0033006ff27f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00003b00) U025e: 00000003fffe tmp15:= ADD_DSZ32(tmp14, tmp15) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0260: 000900000000 MOVE_DSZ32(0x00000000) U0261: 000c72fc0200 SAVEUIP(0x01, U1f72) 0189fa40 SEQW GOTO U09fa ------------------------------------------------------------------------------------ U0262: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0264: 189f00835144 LFNCEMARK-> tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0265: 0006100be050 tmp14:= XOR_DSZ32(0xc0000000, r64dst) U0266: 0088f50fef8a tmp14:= ZEROEXT_DSZ16(0x000043f5, tmp14) 040000ca SEQW URET0 ------------------------------------------------------------------------------------ U0268: 059bd8039012 tmm1:= PSHUFD(mm0) U0269: 059bd8038011 tmm0:= PSHUFD(mm2) 018a0440 SEQW GOTO U0a04 ------------------------------------------------------------------------------------ U026a: 007d20039234 tmp9:= MOVEINSERTFLGS_DSZ64(tmp4, 0x00000020) U026c: 003304034239 tmp4:= SELECTCC_DSZ32_CONDNB(tmp9, 0x00000004) U026d: 023600039d39 tmp9:= CMOVCC_DSZ32_CONDP(tmp9, tmp4) U026e: 025e00000e40 unk_25e(tmp9) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0270: 15110003f801 tmm7:= unk_511(xmmdst, xmm0) U0271: 151000001fc2 xmm2:= unk_510(xmmsrc, tmm7) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U0272: 0e2800040032 STADPPHYS_DSZ32_ASZ64_SC1(tmp2, mode=0x01, 0x00000000) U0274: 0a635308033e unk_a63(tmp14, 0x00008253) U0275: 20432c000236 WRITEURAM(tmp6, 0x002c, 64) U0276: 0008c07be00a tmp14:= ZEROEXT_DSZ32(0x00005ec0) 01bdc280 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ U0278: 0dc600e3a144 tmp10:= unk_dc6(r64base, r64idx) U0279: 052600838e81 tmm0:= unk_526(xmmdst, tmm2) 018a2140 SEQW GOTO U0a21 ------------------------------------------------------------------------------------ U027a: 10628f0f7240 tmp7:= MOVEFROMCREG_DSZ64(0x38f, 32) U027c: 000700037df1 tmp7:= NOTAND_DSZ32(tmp1, tmp7) U027d: 19028f0f7c37 SYNCFULL-> tmp7:= MOVETOCREG_OR_DSZ64(tmp7, tmp0, 0x38f) U027e: 3a628f0f72b7 tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x00000008, 0x38f) 088000ce SEQW URET1 ------------------------------------------------------------------------------------ U0280: 0dc600e3a144 tmp10:= unk_dc6(r64base, r64idx) U0281: 000c169c0200 SAVEUIP(0x01, U0716) 0186f140 SEQW GOTO U06f1 ------------------------------------------------------------------------------------ U0282: 00240b030237 tmp0:= SHL_DSZ32(tmp7, 0x0000000b) U0284: 000762070430 tmp0:= NOTAND_DSZ32(tmp0, 0x04000000) U0285: 0001000228b0 rdx:= OR_DSZ32(tmp0, rdx) U0286: 000801061008 rcx:= ZEROEXT_DSZ32(0x00000101) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U0288: 0dc600e3a144 tmp10:= unk_dc6(r64base, r64idx) U0289: 000cd69c0200 SAVEUIP(0x01, U07d6) 0186f140 SEQW GOTO U06f1 ------------------------------------------------------------------------------------ U028a: 1062e60b3240 tmp3:= MOVEFROMCREG_DSZ64(0x2e6, 32) U028c: 186b695c02b3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000009, generate_#UD) U028d: 1062850b3240 tmp3:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U028e: 186a699c02b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000000a, generate_#UD) 01a7c980 SEQW GOTO U27c9 ------------------------------------------------------------------------------------ U0290: 000000000000 NOP U0291: 06a805838008LFNCEMARK->WRTAGW-> tmm0:= unk_6a8(IMM_MACRO_ALIAS_STi) 04c26161 SEQW GOTO U4261 ------------------------------------------------------------------------------------ U0292: 000000039000 tmp9:= ADD_DSZ32(0x00000000) U0294: 000818031008 tmp1:= ZEROEXT_DSZ32(0x00000018) U0295: 0008820f2009 tmp2:= ZEROEXT_DSZ32(0x00002382) U0296: 000ce2b3e248 tmp14:= SAVEUIP(0x01, U2ce2) 01e58680 SEQW GOTO U6586 ------------------------------------------------------------------------------------ U0298: 00084f031008 tmp1:= ZEROEXT_DSZ32(0x0000004f) U0299: 000c2c6fd208 LFNCEMARK-> tmp13:= SAVEUIP(0x00, U1b2c) 048a3240 SEQW GOTO U0a32 ------------------------------------------------------------------------------------ U029a: 000506035808 tmp5:= SUB_DSZ32(0x00000006, rax) U029c: 0350111c0275 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp5, generate_#GP) U029d: 002410035220 tmp5:= SHL_DSZ32(rax, 0x00000010) U029e: 01420a000d40 SYNCMARK-> UFLOWCTRL(URET0, tmp5) 0d0000ce SEQW URET1 ------------------------------------------------------------------------------------ U02a0: 00084f031008 tmp1:= ZEROEXT_DSZ32(0x0000004f) U02a1: 000c4c6fd208 LFNCEMARK-> tmp13:= SAVEUIP(0x00, U1b4c) 048a3a40 SEQW GOTO U0a3a ------------------------------------------------------------------------------------ U02a2: 076f0003a038 tmm2:= unk_76f(tmm0) U02a4: 1042c108027a LFNCEWAIT-> MOVETOCREG_DSZ64(tmp10, 0x2c1, 32) U02a5: 00628013a200 tmp10:= MOVEFROMCREG_DSZ64(0x480) U02a6: 00436200023a WRITEURAM(tmp10, 0x0062, 64) 02101280 SEQW GOTO U1012 ------------------------------------------------------------------------------------ U02a8: 073a00030000 mm0:= unk_73a(0x00000000) U02a9: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U02aa: 07470003903a tmm1:= unk_747(tmm2) U02ac: 04ef02020e39 xmm0:= MOVHLPS(tmm1, tmm0) U02ad: 00636203a200 tmp10:= READURAM(0x0062, 64) U02ae: 20428010023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, 0x480) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U02b0: 04b481839280 tmm1:= FMOV(0x00004081) U02b1: 24b49183e200 tmm6:= FMOV(0x00000091) 018000f5 SEQW UEND1 ------------------------------------------------------------------------------------ U02b2: 000802014008 tmpv0:= ZEROEXT_DSZ32(0x00000002) U02b4: 2d0f40014008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, tmpv0) U02b5: 2d0b40014008 tmpv0:= PORTIN_DSZ32_ASZ16_SC1(0x00000040) U02b6: 086bb5080214 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000000, U02b5) 090000ca SEQW URET0 ------------------------------------------------------------------------------------ U02b8: 000cb98be208 tmp14:= SAVEUIP(0x01, U02b9) 018a4131 SEQW GOTO U0a41 ------------------------------------------------------------------------------------ U02b9: 04b491839200 tmm1:= FMOV(0x00000091) 018a4131 SEQW UEND0 ------------------------------------------------------------------------------------ U02ba: 000802014008 tmpv0:= ZEROEXT_DSZ32(0x00000002) U02bc: 2d0f40014008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, tmpv0) U02bd: 2d0b40014008 tmpv0:= PORTIN_DSZ32_ASZ16_SC1(0x00000040) U02be: 086bbd080214 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000000, U02bd) 090000ce SEQW URET1 ------------------------------------------------------------------------------------ U02c0: 26a040038000 tmp8:= unk_6a0(0x00000000) U02c1: 04b47d809e00 mm7:= FMOV(tmm0) 030000f5 SEQW UEND1 ------------------------------------------------------------------------------------ U02c2: 00620c015200 LFNCEWAIT-> tmpv1:= MOVEFROMCREG_DSZ64(0x00c) U02c4: 000400115548 tmpv1:= AND_DSZ32(0x00000400, tmpv1) U02c5: 006265014200 tmpv0:= MOVEFROMCREG_DSZ64(0x065) U02c6: 013100014515 tmpv0:= SELECTCC_DSZ32_CONDNZ(tmpv1, tmpv0) 01850d80 SEQW GOTO U050d ------------------------------------------------------------------------------------ U02c8: 26a03f038000 tmp8:= unk_6a0(0x00000000) U02c9: 06dc7d809e00 mm7:= unk_6dc(tmm0) 018000f5 SEQW UEND1 ------------------------------------------------------------------------------------ U02ca: 006267014200 tmpv0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U02cc: 006265015200 tmpv1:= MOVEFROMCREG_DSZ64(0x065) U02cd: 104500014515 tmpv0:= SUB_DSZN(tmpv1, tmpv0) U02ce: 204267000214 MOVETOCREG_DSZ64(tmpv0, CORE_CR_CUR_RIP) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U02d0: 000000000000 NOP U02d1: 000000000000 NOP 01a76940 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U02d2: 0c4ba0254000 tmpv0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U02d4: 0c6ba2000014 WRSEGFLD(tmpv0, CS, SEL+FLGS+LIM) U02d5: 0c4b20254000 tmpv0:= RDSEGFLD(UNK_SEG_09, BASE) U02d6: 0c6b22000014 WRSEGFLD(tmpv0, CS, BASE) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ sidt_xlat: U02d8: 0c4b603b1000 tmp1:= RDSEGFLD(IDT, LIMIT) U02d9: 0c4b203b3000 tmp3:= RDSEGFLD(IDT, BASE) 018c1240 SEQW GOTO U0c12 ------------------------------------------------------------------------------------ U02da: 0c4ba0294000 tmpv0:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U02dc: 0c6ba3000014 WRSEGFLD(tmpv0, SS, SEL+FLGS+LIM) U02dd: 0c4b20294000 tmpv0:= RDSEGFLD(SS_USERM, BASE) U02de: 0c6b23000014 WRSEGFLD(tmpv0, SS, BASE) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U02e0: 000b01833200 tmp3:= UPDATEUSTATE(!0x04) U02e1: 006384034200 LFNCEMARK-> tmp4:= READURAM(0x0084, 64) U02e2: 006382031200 tmp1:= READURAM(0x0082, 64) 048bb296 SEQW SAVEUIP1 U02e4 SEQW GOTO U0bb2 U02e4: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U02e5: 008703030c08 tmp0:= NOTAND_DSZ16(0x00000003, tmp0) U02e6: 004804821008 rcx:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_RIP) 0181ca80 SEQW GOTO U01ca ------------------------------------------------------------------------------------ U02e8: 0c9000e32144 tmp2:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U02e9: 000c8a800200 SAVEUIP(0x01, U008a) 01abd840 SEQW GOTO U2bd8 ------------------------------------------------------------------------------------ U02ea: 0c4ba0254000 tmpv0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U02ec: 0c7ba2000014 WRSEGFLD(tmpv0, CS, SEL+FLGS+LIM) U02ed: 0c4b20254000 tmpv0:= RDSEGFLD(UNK_SEG_09, BASE) U02ee: 0c7b22000014 WRSEGFLD(tmpv0, CS, BASE) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U02f0: 0cb0002b2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, mode=0x0a) U02f1: 000c62cc0240 SAVEUIP(0x01, U3362) 01abd840 SEQW GOTO U2bd8 ------------------------------------------------------------------------------------ U02f2: 0c4ba0294000 tmpv0:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U02f4: 0c7ba3000014 WRSEGFLD(tmpv0, SS, SEL+FLGS+LIM) U02f5: 0c4b20294000 tmpv0:= RDSEGFLD(SS_USERM, BASE) U02f6: 0c7b23000014 WRSEGFLD(tmpv0, SS, BASE) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U02f8: 000c0403d288 tmp13:= SAVEUIP(0x00, U4004) U02f9: 000c94b3e208 tmp14:= SAVEUIP(0x01, U0c94) 03086940 SEQW GOTO U0869 ------------------------------------------------------------------------------------ U02fa: 0c4ba0094000 LFNCEWAIT-> tmpv0:= RDSEGFLD(CS, SEL+FLGS+LIM) U02fc: 0c7ba9000014 WRSEGFLD(tmpv0, UNK_SEG_09, SEL+FLGS+LIM) U02fd: 0c4b20094000 tmpv0:= RDSEGFLD(CS, BASE) U02fe: 0c7b29000014 WRSEGFLD(tmpv0, UNK_SEG_09, BASE) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0300: 0cb0002b2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, mode=0x0a) U0301: 10c00b833908 tmp3:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) 018c9240 SEQW GOTO U0c92 ------------------------------------------------------------------------------------ U0302: 3042ff0c0271 MOVETOCREG_DSZ64(tmp1, 0x3ff, 32) U0304: 3042ff0c0270 MOVETOCREG_DSZ64(tmp0, 0x3ff, 32) U0305: 3062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U0306: 386a4e400270 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000005, uret0) 09030580 SEQW GOTO U0305 ------------------------------------------------------------------------------------ U0308: 1c1000e33144 tmp3:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0309: 000b03838208 LFNCEMARK-> tmp8:= UPDATEUSTATE(!0x0c) U030a: 000cec8fe288 tmp14:= SAVEUIP(0x01, U43ec) 04859580 SEQW GOTO U0595 ------------------------------------------------------------------------------------ U030c: 000800021035 rcx:= ZEROEXT_DSZ32(tmp5) U030d: 006520022215 rdx:= SHR_DSZ64(tmpv1, 0x00000020) U030e: 000800020015 rax:= ZEROEXT_DSZ32(tmpv1) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0310: 000cde200200 SAVEUIP(0x00, U08de) U0311: 000c2ef40200 SAVEUIP(0x01, U1d2e) 01ac2440 SEQW GOTO U2c24 ------------------------------------------------------------------------------------ U0312: 1062d00b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2d0, 32) U0314: 2e758077100d tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bd80) U0315: 004000031c72 tmp1:= ADD_DSZ64(tmp2, tmp1) U0316: 2e7d8077100d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000bd80, tmp1) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0318: 1c0800220027 STAD_DSZN_ASZ32_SC1(rdi, mode=0x08, rax) U0319: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U031a: 06200203e03d tmm6:= unk_620(tmm5) U031c: 072c0003803e tmp8:= PINTMOVDTMM2I_DSZ32(tmm6) U031d: 00861e074e0a tmp4:= XOR_DSZ16(0x0000411e, tmp8) U031e: 015100000e34 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, tmp8) 01b6b880 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ vmresume_xlat: U0320: 000001038008 tmp8:= ADD_DSZ32(0x00000001) U0321: 000918030008 LFNCEMARK-> tmp0:= MOVE_DSZ32(0x00000018) 04bd1c40 SEQW GOTO U3d1c ------------------------------------------------------------------------------------ U0322: 072a00033008 mm3:= unk_72a(0x00000000) U0324: 00e401034233 tmp4:= SHL_DSZ8(tmp3, 0x00000001) U0325: 00c109034d08 tmp4:= OR_DSZ8(0x00000009, tmp4) U0326: 27410003e034 tmm6:= unk_741(mm4) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ vmlaunch_xlat: U0328: 000000038000 tmp8:= ADD_DSZ32(0x00000000) U0329: 000914030008 LFNCEMARK-> tmp0:= MOVE_DSZ32(0x00000014) 04bd1c40 SEQW GOTO U3d1c ------------------------------------------------------------------------------------ U032a: 00810203cf08 tmp12:= OR_DSZ16(0x00000002, tmp12) U032c: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U032d: 008402033c88 tmp3:= AND_DSZ16(0x00000002, tmp2) U032e: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 0197fd80 SEQW GOTO U17fd ------------------------------------------------------------------------------------ vmwrite_r64_mem_xlat: U0330: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0331: 000c428be208 tmp14:= SAVEUIP(0x01, U0242) 018cda40 SEQW GOTO U0cda ------------------------------------------------------------------------------------ U0332: 06200c03e03d tmm6:= unk_620(tmm5) U0334: 072c0003203e tmp2:= PINTMOVDTMM2I_DSZ32(tmm6) U0335: 00861e074c8a tmp4:= XOR_DSZ16(0x0000411e, tmp2) U0336: 015100000cb4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, tmp2) 01b6f880 SEQW GOTO U36f8 ------------------------------------------------------------------------------------ U0338: 0008f5078010 tmp8:= ZEROEXT_DSZ32(0x80000301) U0339: 000841335008 tmp5:= ZEROEXT_DSZ32(0x00000c41) U033a: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01813180 ? SEQW GOTO U0131 U033c: 015d3d380240 SYNCFULL-> UJMP(U2e3d) ------------------------------------------------------------------------------------ U033d: 00435c000231 WRITEURAM(tmp1, 0x005c, 64) U033e: 000000000000 NOP 08378080 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U0340: 0008f7078010 tmp8:= ZEROEXT_DSZ32(0x80000603) U0341: 0008d4175008 tmp5:= ZEROEXT_DSZ32(0x000005d4) 01813140 SEQW GOTO U0131 ------------------------------------------------------------------------------------ U0342: 0008e20bb009 tmp11:= ZEROEXT_DSZ32(0x000022e2) U0344: 000e0103c208 tmp12:= WRMSLOOPCTRFBR(0x00000001) U0345: 000ca1b3e208 tmp14:= SAVEUIP(0x01, U0ca1) U0346: 008837038010 tmp8:= ZEROEXT_DSZ16(0x0000fc01) 01b9a680 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U0348: 000d00000000 SAVEUIP_REGOVR(0x00, U0349, 0x0000) 01a51d31 SEQW GOTO U251d U0349: 300000001002 r64dst:= ADD_DSZ32(r64src) 01a51d31 SEQW UEND0 ------------------------------------------------------------------------------------ U034a: 00480003903a tmp9:= ZEROEXT_DSZ64(tmp10) U034c: 05fa3903ffff tmm7:= SHUFPD(tmm7, tmm7) U034d: 052bf503903f tmp9:= unk_52b(tmp15) U034e: 052b5f03b03f tmp11:= unk_52b(tmp15) 01a36280 SEQW GOTO U2362 ------------------------------------------------------------------------------------ U0350: 000000000000 NOP U0351: 000000000000 NOP 01808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U0352: 3c0a00634c72 tmp4:= LDTICKLE_DSZ32_ASZ32_SC1(tmp2, tmp1, mode=0x18) U0354: 301f00000074 unk_01f(tmp4, r64dst) U0355: 101f00034074 tmp4:= unk_01f(tmp4, r64dst) U0356: 3c0800634c72 STAD_DSZ32_ASZ32_SC1(tmp2, tmp1, mode=0x18, tmp4) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0358: 000000000000 NOP U0359: 000000000000 NOP 01808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U035a: 0008f07f200f tmp2:= ZEROEXT_DSZ32(0x0000fff0) U035c: 00628e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x78e) U035d: 000000031c72 tmp1:= ADD_DSZ32(tmp2, tmp1) U035e: 204267000231 MOVETOCREG_DSZ64(tmp1, CORE_CR_CUR_RIP) 01c3ae80 SEQW GOTO U43ae ------------------------------------------------------------------------------------ U0360: 0c5000e34144 tmp4:= LDZX_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0361: 000001038008 tmp8:= ADD_DSZ32(0x00000001) 0188fa40 SEQW GOTO U08fa ------------------------------------------------------------------------------------ U0362: 1062080b2240 tmp2:= MOVEFROMCREG_DSZ64(0x208, 32) U0364: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U0365: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) U0366: 013100035d72 tmp5:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp5) 01a81480 SEQW GOTO U2814 ------------------------------------------------------------------------------------ U0368: 0c5000e34144 tmp4:= LDZX_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0369: 000001038008 tmp8:= ADD_DSZ32(0x00000001) 018b2a40 SEQW GOTO U0b2a ------------------------------------------------------------------------------------ U036a: 000414032c88 tmp2:= AND_DSZ32(0x00000014, tmp2) U036c: 0151c60c02f2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U63c6) U036d: 000540032d48 tmp2:= SUB_DSZ32(0x00000040, tmp5) U036e: 03517d4402b2 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp2, U517d) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0370: 0c5000e34144 tmp4:= LDZX_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0371: 000001038008 tmp8:= ADD_DSZ32(0x00000001) 018b3240 SEQW GOTO U0b32 ------------------------------------------------------------------------------------ U0372: 0cc1ff60027b unk_cc1(tmp11, 0x000038ff) U0374: 0c1000e30144 tmp0:= LDZX_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0375: 0062c51f2200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0376: 000c616fd208 tmp13:= SAVEUIP(0x00, U1b61) 02e31680 SEQW GOTO U6316 ------------------------------------------------------------------------------------ U0378: 0c5000e34144 tmp4:= LDZX_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0379: 000001038008 tmp8:= ADD_DSZ32(0x00000001) 050b3a40 SEQW GOTO U0b3a ------------------------------------------------------------------------------------ U037a: 00428c100238 LFNCEMARK-> MOVETOCREG_DSZ64(tmp8, 0x48c) U037c: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) U037d: 07c200008235 mm0:= unk_7c2(mm5, 0x00000000) U037e: 04b471809e40 LFNCEWAIT-> mm7:= FMOV(tmm1) 0321fe80 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U0380: 004900000000 MOVE_DSZ64(0x00000000) U0381: 00880083c008 tmp12:= ZEROEXT_DSZ16(IMM_MACRO_ALIAS_IMMEDIATE) 0187c140 SEQW GOTO U07c1 ------------------------------------------------------------------------------------ U0382: 00000003d000 tmp13:= ADD_DSZ32(0x00000000) U0384: 213e0803b008 tmp11:= MOVEMERGEFLGS_DSZ32(0x00000008) U0385: 237d00000f7b GENARITHFLAGS(tmp11, tmp13) U0386: 10080000107c r64dst:= ZEROEXT_DSZ32N(tmp12, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0388: 000000000000 NOP U0389: 000000000000 NOP 01a76940 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U038a: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U038c: 00000003d000 tmp13:= ADD_DSZ32(0x00000000) U038d: 213e0803b008 tmp11:= MOVEMERGEFLGS_DSZ32(0x00000008) U038e: 237d00000f7b GENARITHFLAGS(tmp11, tmp13) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0390: 0dd600e3c144 tmp12:= unk_dd6(r64base, r64idx) U0391: 07cf01001f01 xmm2:= unk_7cf(xmmdst, tmm4) 019948b1 SEQW UEND0 ------------------------------------------------------------------------------------ U0392: 0052940c0236 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U0394) 019948b1 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U0394: 286a54e502b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000b, U5954) U0395: 00080d032008 tmp2:= ZEROEXT_DSZ32(0x0000000d) U0396: 27010003e032 LFNCEMARK-> tmm6:= unk_701(mm2) 05194880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U0398: 0dd600e3c144 tmp12:= unk_dd6(r64base, r64idx) U0399: 07cf00001f01 xmm2:= unk_7cf(xmmdst, tmm4) 01b2cdb1 SEQW UEND0 ------------------------------------------------------------------------------------ U039a: 000d00800000 SAVEUIP_REGOVR(0x01, U039c, 0x0000) 01b2cdb1 SEQW GOTO U32cd U039c: 006373036200 tmp6:= READURAM(0x0073, 64) U039d: 30429e0c0276 MOVETOCREG_DSZ64(tmp6, 0x39e, 32) U039e: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 019b0a80 SEQW GOTO U1b0a ------------------------------------------------------------------------------------ U03a0: 000850030010 tmp0:= ZEROEXT_DSZ32(0x0001000e) U03a1: 00080e031008 LFNCEMARK-> tmp1:= ZEROEXT_DSZ32(0x0000000e) 048b7240 SEQW GOTO U0b72 ------------------------------------------------------------------------------------ U03a2: 00e100032c72 tmp2:= CONCAT_DSZ8(tmp2, tmp1) U03a4: 008800031c72 tmp1:= ZEROEXT_DSZ16(tmp2, tmp1) U03a5: 001510031231 tmp1:= BTS_DSZ32(tmp1, 0x00000010) U03a6: 2d0fd843100a PORTOUT_DSZ32_ASZ16_SC1(0x000050d8, tmp1) 01d6f880 SEQW GOTO U56f8 ------------------------------------------------------------------------------------ U03a8: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U03a9: 300f00031c41 tmp1:= unk_00f(r64dst, tmp1) U03aa: 3c1800e31144 STAD_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp1) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03ac: 000000080000 MSSTOP-> NOP U03ad: 025eff000200 unk_25e(0x000000ff) U03ae: 1c1000e34144 tmp4:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) 019f24ac SEQW GOTO U1f24 ------------------------------------------------------------------------------------ U03b0: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U03b1: 330801000c48 unk_308(0x00000001, tmp1) U03b2: 130801031c48 tmp1:= unk_308(0x00000001, tmp1) 0183aa80 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U03b4: 04b400038e80 tmm0:= FMOV(tmm2) U03b5: 04b400039ec0 tmm1:= FMOV(tmm3) U03b6: 015d00000c80 UJMP(tmp2) ------------------------------------------------------------------------------------ U03b8: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U03b9: 330aff7c0c5f unk_30a(0xffffffffffffffff, tmp1) U03ba: 130aff7f1c5f tmp1:= unk_30a(0xffffffffffffffff, tmp1) 0183aa80 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U03bc: 000cd0600240 SAVEUIP(0x00, U38d0) U03bd: 00631e014200 tmpv0:= READURAM(0x001e, 64) 01b34d55 SEQW SAVEUIP1 U03be SEQW GOTO U334d U03be: 015d00000fc0 UJMP(tmp15) ------------------------------------------------------------------------------------ U03c0: 114b00030091 tmp0:= unk_14b(tmp2, r64src) U03c1: 013215030230 tmp0:= SELECTCC_DSZ32_CONDBE(tmp0, 0x00000015) U03c2: 021e00000c00 SIGEVENT(tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03c4: 00080002f000 r15:= ZEROEXT_DSZ32(0x00000000) U03c5: 0008c01b0008 tmp0:= ZEROEXT_DSZ32(0x000006c0) U03c6: 00a105030c08 tmp0:= CONCAT_DSZ16(0x00000005, tmp0) 01cfd080 SEQW GOTO U4fd0 ------------------------------------------------------------------------------------ U03c8: 004100030001 tmp0:= OR_DSZ64(r64dst) U03c9: 100800001042 r64dst:= ZEROEXT_DSZ32N(r64src, r64dst) U03ca: 1008000020b0 rax:= ZEROEXT_DSZ32N(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03cc: 3d0b00035c88 tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U03cd: 00059c071e08 tmp1:= SUB_DSZ32(0x0000019c, tmp8) U03ce: 01508d4c0231 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U138d) 092e2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U03d0: 004100030001 tmp0:= OR_DSZ64(r64dst) U03d1: 007c00001042 r64dst:= unk_07c(r64src, r64dst) U03d2: 007c000020b0 rax:= unk_07c(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03d4: 1d40004b2c40 tmp2:= LDZX_DSZN_ASZ32_SC4(tmp1, 0x00000000, mode=0x12) U03d5: 086b912d0032 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000000, U4b91) U03d6: 00c400032cb3 tmp2:= AND_DSZ8(tmp3, tmp2) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U03d8: 004100030001 tmp0:= OR_DSZ64(r64dst) U03d9: 00bc00001042 r64dst:= unk_0bc(r64src, r64dst) U03da: 00fc000020b0 rax:= unk_0fc(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03dc: 20426c000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x06c) U03dd: 1062bc0b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2bc, 32) U03de: 3962bc4b2232 tmp2:= MOVETOCREG_BTS_DSZ64(tmp2, 0x00000001, 0x2bc) 080000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03e0: 004100030001 tmp0:= OR_DSZ64(r64dst) U03e1: 00fc00001042 r64dst:= unk_0fc(r64src, r64dst) U03e2: 00bc000020b0 rax:= unk_0bc(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03e4: 00480103a008 tmp10:= ZEROEXT_DSZ64(0x00000001) U03e5: 2d0fd403a008 PORTOUT_DSZ32_ASZ16_SC1(0x000000d4, tmp10) U03e6: 000000000000 NOP 01ba7680 SEQW GOTO U3a76 ------------------------------------------------------------------------------------ U03e8: 100100030007 tmp0:= OR_DSZN(rdx) U03e9: 1008000071e0 rdx:= ZEROEXT_DSZ32N(rax, rdx) U03ea: 100800020830 rax:= ZEROEXT_DSZ32N(tmp0, rax) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03ec: 000000000000 NOP U03ed: 000000000000 NOP U03ee: 000c52335200 tmp5:= SAVEUIP(0x00, U0c52) 01dee880 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U03f0: 3c1a00e30144 tmp0:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U03f1: 3c1800e01144 STAD_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, r64dst) U03f2: 100800001070 r64dst:= ZEROEXT_DSZ32N(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U03f4: 0525008380b8 tmm0:= unk_525(tmm0, xmmsrc) U03f5: 056500839e01 tmm1:= unk_565(xmmdst, tmm0) U03f6: 172f00021039 xmm1:= unk_72f(tmm1) 018a2480 SEQW GOTO U0a24 ------------------------------------------------------------------------------------ U03f8: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U03f9: 301f00800231 unk_01f(tmp1, IMM_MACRO_ALIAS_IMMEDIATE) U03fa: 101f00831231 tmp1:= unk_01f(tmp1, IMM_MACRO_ALIAS_IMMEDIATE) 0183aa80 SEQW GOTO U03aa ------------------------------------------------------------------------------------ U03fc: 0c640060003a unk_c64(tmp10) U03fd: 20430b00023a WRITEURAM(tmp10, 0x000b, 64) U03fe: 004c442f02ba tmp0:= SAVEUIP(tmp10, 0x00, U4b44) 0197c580 SEQW GOTO U17c5 ------------------------------------------------------------------------------------ U0400: 004100030001 tmp0:= OR_DSZ64(r64dst) U0401: 100800001042 r64dst:= ZEROEXT_DSZ32N(r64src, r64dst) U0402: 3000000020b0 rax:= ADD_DSZ32(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0404: 04b411838200 LFNCEWAIT-> tmm0:= FMOV(0x00000011) U0405: 04b431808fc0 mm0:= FMOV(tmm7) U0406: 04b491838200 tmm0:= FMOV(0x00000091) 0217ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U0408: 004100030001 tmp0:= OR_DSZ64(r64dst) U0409: 00bc00001042 r64dst:= unk_0bc(r64src, r64dst) U040a: 23e0000020b0 rax:= unk_3e0(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U040c: 00620003d200 tmp13:= MOVEFROMCREG_DSZ64(0x000) U040d: 00141103923d tmp9:= BT_DSZ32(tmp13, 0x00000011) U040e: 003247039439 tmp9:= SELECTCC_DSZ32_CONDB(tmp9, 0x00010000) 0198d680 SEQW GOTO U18d6 ------------------------------------------------------------------------------------ U0410: 004100030001 tmp0:= OR_DSZ64(r64dst) U0411: 00fc00001042 r64dst:= unk_0fc(r64src, r64dst) U0412: 23a0000020b0 rax:= unk_3a0(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0414: 20620003d200 tmp13:= MOVEFROMCREG_DSZ64(0x000) U0415: 021e0303d23d tmp13:= SIGEVENT(tmp13, 0x00000003) U0416: 015d00000f80 SYNCFULL-> UJMP(tmp14) ------------------------------------------------------------------------------------ U0418: 004100030001 tmp0:= OR_DSZ64(r64dst) U0419: 007c00001042 r64dst:= unk_07c(r64src, r64dst) U041a: 2360000020b0 rax:= unk_360(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U041c: 186b2144037f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000015, U2121) U041d: 0062011ff200 tmp15:= MOVEFROMCREG_DSZ64(0x701) U041e: 2962019c033f MOVETOCREG_BTS_DSZ64(tmp15, 0x00000012, 0x701) 01a12180 SEQW GOTO U2121 ------------------------------------------------------------------------------------ U0420: 0c9000e30144 tmp0:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0421: 22a200030070 tmp0:= unk_2a2(tmp0, r64dst) U0422: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0424: 0c4bc023a000 tmp10:= RDSEGFLD(ES, UNK_FLD_0c) U0425: 10810003f027 tmp15:= OR_DSZN(rdi) U0426: 10400003aebf tmp10:= ADD_DSZN(tmp15, tmp10) 01b43c80 SEQW GOTO U343c ------------------------------------------------------------------------------------ rdrand_xlat: U0428: 00082b034008 tmp4:= ZEROEXT_DSZ32(0x0000002b) U0429: 0008c4072010 tmp2:= ZEROEXT_DSZ32(0x40004e00) U042a: 000839130008 tmp0:= ZEROEXT_DSZ32(0x00000439) 01986180 SEQW GOTO rdrand_impl ------------------------------------------------------------------------------------ U042c: 006324030200 tmp0:= READURAM(0x0024, 64) U042d: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U042e: 0004fe070c10 tmp0:= AND_DSZ32(0x80fffffc, tmp0) 01daca80 SEQW GOTO U5aca ------------------------------------------------------------------------------------ rdseed_xlat: U0430: 000830034008 tmp4:= ZEROEXT_DSZ32(0x00000030) U0431: 0008c5072010 tmp2:= ZEROEXT_DSZ32(0x40004e80) U0432: 00083d130008 tmp0:= ZEROEXT_DSZ32(0x0000043d) 01986180 SEQW GOTO rdrand_impl ------------------------------------------------------------------------------------ U0434: 033a046fc008 tmp12:= STC(0x00001b04) U0435: 0008df071010 tmp1:= ZEROEXT_DSZ32(0x70000000) U0436: 000906032008 tmp2:= MOVE_DSZ32(0x00000006) 019aca80 SEQW GOTO U1aca ------------------------------------------------------------------------------------ U0438: 0c9000e30144 tmp0:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0439: 22a500030070 tmp0:= unk_2a5(tmp0, r64dst) U043a: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U043c: 0dff01000000 LFNCEWAIT-> unk_dff(0x00000000) U043d: 09023a980200 MOVETOCREG_OR_DSZ64(0x00000002, 0x63a) U043e: 09023ed80240 MOVETOCREG_OR_DSZ64(0x00000007, 0x63e) 0227ae80 SEQW GOTO U27ae ------------------------------------------------------------------------------------ U0440: 0c9000e30144 tmp0:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0441: 22a500830c08 tmp0:= unk_2a5(IMM_MACRO_ALIAS_IMMEDIATE, tmp0) U0442: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0444: 0dff03000000 unk_dff(0x00000000) U0445: 09023a580200 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(0x00000001, 0x63a) U0446: 09023ed802c0 MOVETOCREG_OR_DSZ64(0x0000000f, 0x63e) 02a7ae80 SEQW GOTO U27ae ------------------------------------------------------------------------------------ U0448: 00bc00030002 tmp0:= unk_0bc(r64src) U0449: 22ef00030830 tmp0:= unk_2ef(tmp0, rax) U044a: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U044c: 004400033d76 tmp3:= AND_DSZ64(tmp6, tmp5) U044d: 000a04000200 TESTUSTATE(UCODE, 0x0004) 07076d4e ? SEQW GOTO U076d U044e: 286a14e50233 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000003, U5914) 07076d4e SEQW URET1 ------------------------------------------------------------------------------------ U0450: 0cd000e30144 tmp0:= LDZX_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0451: 22ef00030830 tmp0:= unk_2ef(tmp0, rax) U0452: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0454: 000a10800200 TESTUSTATE(UCODE, !0x0010) 0185ac32 ? SEQW GOTO U05ac U0455: 006300037c40 tmp7:= READURAM(tmp1) U0456: 104800002037 rax:= ZEROEXT_DSZ64N(tmp7) 0185ac32 SEQW UEND0 ------------------------------------------------------------------------------------ U0458: 1c1a00e33144 tmp3:= LDTICKLE_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0459: 102d01033233 tmp3:= ROR_DSZN(tmp3, 0x00000001) U045a: 000c74940200 SAVEUIP(0x01, U0574) 01895280 SEQW GOTO U0952 ------------------------------------------------------------------------------------ U045c: 1088000269a6 rsi:= ZEROEXT_DSZ16N(rsi, rsi) U045d: 1088000279e7 rdi:= ZEROEXT_DSZ16N(rdi, rdi) U045e: 108800021861 rcx:= ZEROEXT_DSZ16N(rcx, rcx) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0460: 004100033002 tmp3:= OR_DSZ64(r64src) U0461: 004c0aa00200 SAVEUIP(0x01, U080a) U0462: 112200030021 tmp0:= RCXBTCNTMSK_DSZ32(rcx) 01896480 SEQW GOTO U0964 ------------------------------------------------------------------------------------ U0464: 237d3f000e88 GENARITHFLAGS(0x0000003f, tmp10) U0465: 108800021874 rcx:= ZEROEXT_DSZ16N(tmp4, rcx) U0466: 0fff00000000 SYNCWAIT-> SFENCE(0x00000000) 0b0000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0468: 004100033002 tmp3:= OR_DSZ64(r64src) U0469: 004c0aa00200 SAVEUIP(0x01, U080a) U046a: 112200030021 tmp0:= RCXBTCNTMSK_DSZ32(rcx) 01897480 SEQW GOTO U0974 ------------------------------------------------------------------------------------ U046c: 0001c8032c90 tmp2:= OR_DSZ32(0x00100000, tmp2) U046d: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U046e: 002100035d72 tmp5:= CONCAT_DSZ32(tmp2, tmp5) 01b7c880 SEQW GOTO U37c8 ------------------------------------------------------------------------------------ U0470: 0c9a00e33144 tmp3:= LDTICKLE_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0471: 00c800830008 tmp0:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0472: 000c74940200 SAVEUIP(0x01, U0574) 01898280 SEQW GOTO U0982 ------------------------------------------------------------------------------------ U0474: 200a24800200 TESTUSTATE(VMX, !0x0024) 01d7ad0e ? SEQW GOTO U57ad U0475: 0062bb1f3200 tmp3:= MOVEFROMCREG_DSZ64(0x7bb) U0476: 186b119c02b3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000a, generate_#GP) 01d7ad0e SEQW URET1 ------------------------------------------------------------------------------------ U0478: 0c9a00e33144 tmp3:= LDTICKLE_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0479: 004100030021 tmp0:= OR_DSZ64(rcx) U047a: 000c74940200 SAVEUIP(0x01, U0574) 01898280 SEQW GOTO U0982 ------------------------------------------------------------------------------------ U047c: 002406031231 tmp1:= SHL_DSZ32(tmp1, 0x00000006) U047d: 000704331231 tmp1:= NOTAND_DSZ32(tmp1, 0x00000c04) U047e: 004000035d71 tmp5:= ADD_DSZ64(tmp1, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U0480: 0cd000e30144 tmp0:= LDZX_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0481: 00ef00030030 tmp0:= unk_0ef(tmp0) U0482: 008800001070 r64dst:= ZEROEXT_DSZ16(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0484: 02220003d031 tmp13:= unk_222(tmp1) U0485: 00052003d23d tmp13:= SUB_DSZ32(tmp13, 0x00000020) U0486: 0064ff7fdf5f tmp13:= SHL_DSZ64(0xffffffffffffffff, tmp13) 01878d80 SEQW GOTO U078d ------------------------------------------------------------------------------------ U0488: 2062fe1f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U0489: 000100135d48 tmp5:= OR_DSZ32(0x00000400, tmp5) U048a: 2a62fe1c0335 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp5, 0x00000010, CORE_CR_EFLAGS) 09221e80 SEQW GOTO U221e ------------------------------------------------------------------------------------ U048c: 000407031d48 tmp1:= AND_DSZ32(0x00000007, tmp5) U048d: 013506031231 tmp1:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x00000006) U048e: 1929119c0271 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000006, generate_#GP) 07320080 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U0490: 1c1000e30144 tmp0:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0491: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0492: 1f3f06eb0024 tmp0:= unk_f3f(rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0494: 000405031c48 tmp1:= AND_DSZ32(0x00000005, tmp1) U0495: 1929115c0271 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000005, generate_#GP) U0496: 000401035d48 tmp5:= AND_DSZ32(0x00000001, tmp5) 01b39880 SEQW GOTO U3398 ------------------------------------------------------------------------------------ U0498: 1c1000e30144 tmp0:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0499: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U049a: 1f0f006b0024 tmp0:= unk_f0f(rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U049c: 000000032c72 tmp2:= ADD_DSZ32(tmp2, tmp1) U049d: 002500032cb5 tmp2:= SHR_DSZ32(tmp5, tmp2) U049e: 0151111c0272 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) 07321c80 SEQW GOTO U321c ------------------------------------------------------------------------------------ U04a0: 0cb0006b0024 tmp0:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, mode=0x1a) U04a1: 10c00b824908 rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U04a2: 0088000071f0 rdx:= ZEROEXT_DSZ16(tmp0, rdx) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04a4: 000802039008 tmp9:= ZEROEXT_DSZ32(0x00000002) U04a5: 000808032008 tmp2:= ZEROEXT_DSZ32(0x00000008) U04a6: 000803030008 tmp0:= ZEROEXT_DSZ32(0x00000003) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U04a8: 0cb0006b0024 tmp0:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, mode=0x1a) U04a9: 10c00b824908 rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U04aa: 0088000020b0 rax:= ZEROEXT_DSZ16(tmp0, r64src) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04ac: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U04ad: 014300340cc0 AETTRACE(0x0d, tmp3) set_carry_uend: U04ae: 203d01000008 MOVEINSERTFLGS_DSZ32(0x00000001) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U04b0: 051b0803a491 tmm2:= unk_51b(mm2, mm0) U04b1: 051b0d03b491 tmm3:= unk_51b(mm2, mm0) U04b2: 044f00011ebb mm2:= unk_44f(tmm3, tmm2) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04b4: 000802032008 tmp2:= ZEROEXT_DSZ32(0x00000002) U04b5: 000d32800000 SAVEUIP_REGOVR(0x01, U04b6, 0x0032) U04b6: 000c9d9c0200 SAVEUIP(0x01, U079d) 019d8e80 SEQW GOTO U1d8e ------------------------------------------------------------------------------------ U04b8: 0d7600e38144 tmp8:= unk_d76(r64base, r64idx) U04b9: 051b0803ae11 tmm2:= unk_51b(mm2, tmm0) U04ba: 051b0d03be11 tmm3:= unk_51b(mm2, tmm0) 0184b280 SEQW GOTO U04b2 ------------------------------------------------------------------------------------ U04bc: 39629e880200 MOVETOCREG_BTS_DSZ64(0x00000002, 0x29e) U04bd: 000834030009 tmp0:= ZEROEXT_DSZ32(0x00002034) U04be: 000c9d9c0200 SAVEUIP(0x01, U079d) 018b9980 SEQW GOTO U0b99 ------------------------------------------------------------------------------------ U04c0: 0dd600e3c144 tmp12:= unk_dd6(r64base, r64idx) U04c1: 05abdd03803c tmm0:= unk_5ab(tmm4) U04c2: 05ab8803c03c tmm4:= unk_5ab(tmm4) 018a0a80 SEQW GOTO U0a0a ------------------------------------------------------------------------------------ U04c4: 00040003fc09 tmp15:= AND_DSZ32(0x00002000, tmp0) U04c5: 01300013f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000400) U04c6: 20420c00023f MOVETOCREG_DSZ64(tmp15, 0x00c) 01c79980 SEQW GOTO U4799 ------------------------------------------------------------------------------------ U04c8: 05fa88039042 tmm1:= SHUFPD(xmmsrc, xmmdst) U04c9: 05fadd03a042 tmm2:= SHUFPD(xmmsrc, xmmdst) U04ca: 04cf00001e7a xmm2:= unk_4cf(tmm2, tmm1) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04cc: 000a01800200 TESTUSTATE(UCODE, !UST_MSLOOPCTR_NONZERO) 0184cc8c ? SEQW URET1 U04cd: 0e7d0001303f STADSTGBUF_DSZ64_ASZ16_SC1(tmp15, tmp7) U04ce: 00002003ffc8 tmp15:= ADD_DSZ32(0x00000020, tmp15) 0184cc8c SEQW GOTO U04cc ------------------------------------------------------------------------------------ U04d0: 0dd600e38144 tmp8:= unk_dd6(r64base, r64idx) U04d1: 05fa88039078 tmm1:= SHUFPD(tmm0, xmmdst) U04d2: 05fadd03a078 tmm2:= SHUFPD(tmm0, xmmdst) 0184ca80 SEQW GOTO U04ca ------------------------------------------------------------------------------------ U04d4: 000a01800200 TESTUSTATE(UCODE, !UST_MSLOOPCTR_NONZERO) 0184d48c ? SEQW URET1 U04d5: 0e750001303f tmp7:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp15) U04d6: 00002003ffc8 tmp15:= ADD_DSZ32(0x00000020, tmp15) 0184d48c SEQW GOTO U04d4 ------------------------------------------------------------------------------------ U04d8: 0dd600e39144 tmp9:= unk_dd6(r64base, r64idx) U04d9: 15110003f801 tmm7:= unk_511(xmmdst, xmm0) U04da: 151000001ff9 xmm2:= unk_510(tmm1, tmm7) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04dc: 000a01800200 TESTUSTATE(UCODE, !UST_MSLOOPCTR_NONZERO) 0184dc8c ? SEQW URET1 U04dd: 0e7d0000003f STADSTGBUF_DSZ64_ASZ16_SC1(tmp15, 0x00000000) U04de: 00002003ffc8 tmp15:= ADD_DSZ32(0x00000020, tmp15) 0184dc8c SEQW GOTO U04dc ------------------------------------------------------------------------------------ U04e0: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U04e1: 004800831008 tmp1:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U04e2: 26f00083b042 tmm3:= unk_6f0(xmmsrc, xmmdst) 018a1d80 SEQW GOTO U0a1d ------------------------------------------------------------------------------------ U04e4: 120801031008 tmp1:= unk_208(0x00000001) U04e5: 1207af034010 tmp4:= unk_207(0x00080000) U04e6: 100000034c74 tmp4:= ADD_DSZN(tmp4, tmp1) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U04e8: 0d1600e39144 tmp9:= unk_d16(r64base, r64idx) U04e9: 05fa00039e79 tmm1:= SHUFPD(tmm1, tmm1) U04ea: 05f800801e41 xmm2:= unk_5f8(xmmdst, tmm1) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04ec: 12050003f000 tmp15:= unk_205(0x00000000) U04ed: 017e00034ff4 tmp4:= MOVEMERGEFLGS_DSZ64(tmp4, tmp15) U04ee: 017400001074 r64dst:= CMOVCC_DSZ64_CONDZ(tmp4, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04f0: 04b200839080 tmm1:= unk_4b2(xmmsrc) U04f1: 04b30083a040 tmm2:= unk_4b3(xmmdst) U04f2: 069000001eb9 xmm2:= unk_690(tmm1, tmm2) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U04f4: 0008001f0008 tmp0:= ZEROEXT_DSZ32(0x00000700) U04f5: 000818033008 tmp3:= ZEROEXT_DSZ32(0x00000018) U04f6: 0e6de8072024 LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xffffffffffffffe8, mode=0x01, tmp2) 0331f180 SEQW GOTO U31f1 ------------------------------------------------------------------------------------ U04f8: 0dc600e3a144 tmp10:= unk_dc6(r64base, r64idx) U04f9: 052600838e81 tmm0:= unk_526(xmmdst, tmm2) U04fa: 05a600820e01 xmm0:= unk_5a6(xmmdst, tmm0) 01882a80 SEQW GOTO U082a ------------------------------------------------------------------------------------ U04fc: 2962b4000200 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x0b4) U04fd: 000a00100200 TESTUSTATE(UCODE, 0x0400) 04271289 ? SEQW URET0 U04fe: 000ce4940200 SAVEUIP(0x01, U05e4) 04271289 SEQW GOTO U2712 ------------------------------------------------------------------------------------ U0500: 05fa3903b082 tmm3:= SHUFPD(xmmsrc, xmmsrc) U0501: 26f70003b03b tmm3:= unk_6f7(tmm3) U0502: 26f70003a002 tmm2:= unk_6f7(xmmsrc) 018a2d80 SEQW GOTO U0a2d ------------------------------------------------------------------------------------ U0504: 1928fd200320 CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000010, U28fd) U0505: 1928fd600320 CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000011, U28fd) U0506: 1928fda00320 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000012, U28fd) 0960d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U0508: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0509: 05fa8803c042 tmm4:= SHUFPD(xmmsrc, xmmdst) U050a: 05fadd039042 tmm1:= SHUFPD(xmmsrc, xmmdst) 01883d80 SEQW GOTO U083d ------------------------------------------------------------------------------------ U050c: 006265014200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(0x065) U050d: 006267015200 tmpv1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U050e: 104500014554 tmpv0:= SUB_DSZN(tmpv0, tmpv1) 020000ce SEQW URET1 ------------------------------------------------------------------------------------ U0510: 1d2700e38144 tmp8:= unk_d27(r64base, r64idx) U0511: 160400038038 tmm0:= unk_604(tmm0) U0512: 260f05808238 mm0:= unk_60f(tmm0, IMM_MACRO_ALIAS_STi) 018000f6 SEQW UEND1 ------------------------------------------------------------------------------------ U0514: 00621a015200 tmpv1:= MOVEFROMCREG_DSZ64(0x01a) U0515: 006265014200 tmpv0:= MOVEFROMCREG_DSZ64(0x065) U0516: 104500014554 tmpv0:= SUB_DSZN(tmpv0, tmpv1) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0518: 1d2700e38144 tmp8:= unk_d27(r64base, r64idx) U0519: 160400038038 tmm0:= unk_604(tmm0) U051a: 260f05808e08 mm0:= unk_60f(IMM_MACRO_ALIAS_STi, tmm0) 018000f6 SEQW UEND1 ------------------------------------------------------------------------------------ U051c: 006209016200 tmpv2:= MOVEFROMCREG_DSZ64(0x009) U051d: 000020016216 tmpv2:= ADD_DSZ32(tmpv2, 0x00000020) U051e: 204200000594 SYNCFULL-> MOVETOCREG_DSZ64(tmpv0, tmpv2) 090000ca SEQW URET0 ------------------------------------------------------------------------------------ U0520: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0521: 189f0083a144 LFNCEMARK-> tmp10:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0522: 0ca40860003a unk_ca4(tmp10) 0483fc80 SEQW GOTO U03fc ------------------------------------------------------------------------------------ U0524: 006209016200 tmpv2:= MOVEFROMCREG_DSZ64(0x009) U0525: 000001016588 tmpv2:= ADD_DSZ32(0x00000001, tmpv2) U0526: 282209c163d6 tmpv2:= MOVETOCREG_AND_DSZ64(tmpv2, 0x0000001f, 0x009) 01851d80 SEQW GOTO U051d ------------------------------------------------------------------------------------ U0528: 025eff000200 unk_25e(0x000000ff) U0529: 062300038000 tmm0:= unk_623(0x00000000) U052a: 0d9e00e38144 tmp8:= unk_d9e(r64base, r64idx) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U052c: 006209016200 tmpv2:= MOVEFROMCREG_DSZ64(0x009) U052d: 000040016216 tmpv2:= ADD_DSZ32(tmpv2, 0x00000040) U052e: 204200000595 SYNCFULL-> MOVETOCREG_DSZ64(tmpv1, tmpv2) 090000ce SEQW URET1 ------------------------------------------------------------------------------------ U0530: 073a00030000 mm0:= unk_73a(0x00000000) U0531: 0084007f0c0b tmp0:= AND_DSZ16(0x00007f00, tmp0) U0532: 20428c100230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x48c) 05008e80 SEQW GOTO U008e ------------------------------------------------------------------------------------ U0534: 006209016200 tmpv2:= MOVEFROMCREG_DSZ64(0x009) U0535: 000001016588 tmpv2:= ADD_DSZ32(0x00000001, tmpv2) U0536: 282209c163d6 tmpv2:= MOVETOCREG_AND_DSZ64(tmpv2, 0x0000001f, 0x009) 01852d80 SEQW GOTO U052d ------------------------------------------------------------------------------------ U0538: 025eff000200 unk_25e(0x000000ff) U0539: 073a00030000 mm0:= unk_73a(0x00000000) U053a: 0c9800e30144 STAD_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U053c: 006408016216 tmpv2:= SHL_DSZ64(tmpv2, 0x00000008) U053d: 006538017214 tmpv3:= SHR_DSZ64(tmpv0, 0x00000038) U053e: 29028b000597 MOVETOCREG_OR_DSZ64(tmpv3, tmpv2, 0x08b) 01e5b980 SEQW GOTO U65b9 ------------------------------------------------------------------------------------ U0540: 1d2700e38144 tmp8:= unk_d27(r64base, r64idx) U0541: 160400038038 tmm0:= unk_604(tmm0) U0542: 268a0583fe08 tmp15:= FCOM2(IMM_MACRO_ALIAS_STi, tmp8) 018000f6 SEQW UEND1 ------------------------------------------------------------------------------------ U0544: 1062380b1240 tmp1:= MOVEFROMCREG_DSZ64(0x238, 32) U0545: 1a6238080c31 MOVETOCREG_BTR_DSZ64(tmp1, tmp0, 0x238) U0546: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U0548: 1d2700e38144 tmp8:= unk_d27(r64base, r64idx) U0549: 160400038038 tmm0:= unk_604(tmm0) U054a: 260a9583f238 tmm7:= unk_60a(tmm0, IMM_MACRO_95) 018000f6 SEQW UEND1 ------------------------------------------------------------------------------------ U054c: 025214180236 UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp6, U0614) U054d: 05b90003803f tmm0:= unk_5b9(tmm7) U054e: 25ff0003e038 LFNCEMARK-> tmm6:= unk_5ff(tmm0) 05061680 SEQW GOTO U0616 ------------------------------------------------------------------------------------ U0550: 0c4e006019c2 r64dst:= unk_c4e(r64src, rdi) U0551: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0552: 0c6e086019c2 r64dst:= unk_c6e(r64src, rdi) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0554: 076b0003303f mm3:= unk_76b(tmm7) U0555: 07430003efb3 tmm6:= unk_743(mm3, tmm6) U0556: 048500038ffe tmm0:= unk_485(tmm6, tmm7) 01ee7280 SEQW GOTO U6e72 ------------------------------------------------------------------------------------ U0558: 025eff000200 unk_25e(0x000000ff) U0559: 069200038000 tmm0:= unk_692(0x00000000) U055a: 0d1e00e38144 tmp8:= unk_d1e(r64base, r64idx) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U055c: 000800022000 rdx:= ZEROEXT_DSZ32(0x00000000) U055d: 006538030230 tmp0:= SHR_DSZ64(tmp0, 0x00000038) U055e: 004101020c08 rax:= OR_DSZ64(0x00000001, tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0560: 008c24b32202 tmp2:= SAVEUIP(r64src, 0x01, U0c24) U0561: 000900000000 MOVE_DSZ32(0x00000000) U0562: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) 05455680 SEQW GOTO U4556 ------------------------------------------------------------------------------------ U0564: 05fa3903ffff tmm7:= SHUFPD(tmm7, tmm7) U0565: 07d00003fff1 tmm7:= unk_7d0(mm1, tmm7) U0566: 05b90000103f xmm2:= unk_5b9(tmm7) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0568: 000cee9fe208 tmp14:= SAVEUIP(0x01, U07ee) U0569: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U056a: 000cd52c0240 SAVEUIP(0x00, U2bd5) 01886280 SEQW GOTO U0862 ------------------------------------------------------------------------------------ U056c: 1d4813ac5d32 STAD_DSZN_ASZ32_SC4(tmp2, tmp4, IMM_MACRO_13, mode=0x0b, rax) U056d: 1d49002c1d32 r64dst:= STADTICKLE_DSZN_ASZ32_SC4(tmp2, tmp4, mode=0x0b) U056e: 1d490bad1d32 tmp2:= STADTICKLE_DSZN_ASZ32_SC4(tmp2, tmp4, IMM_MACRO_ALIAS_DATASIZE, mode=0x0b) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0570: 008403032088 tmp2:= AND_DSZ16(0x00000003, r64src) U0571: 000c7db00200 SAVEUIP(0x01, U0c7d) U0572: 000ca4140200 SAVEUIP(0x00, U05a4) 01886480 SEQW GOTO U0864 ------------------------------------------------------------------------------------ U0574: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0575: 189f00838144 tmp8:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0576: 1c0800633038 STAD_DSZN_ASZ32_SC1(tmp8, mode=0x18, tmp3) 01880c80 SEQW GOTO U080c ------------------------------------------------------------------------------------ U0578: 025eff000200 unk_25e(0x000000ff) U0579: 0c4b80670000 tmp0:= RDSEGFLD(DS_KERNM, SEL) U057a: 0c9800e30144 STAD_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U057c: 3062870b2240 tmp2:= MOVEFROMCREG_DSZ64(0x287, 32) U057d: 000804030009 tmp0:= ZEROEXT_DSZ32(0x00002004) U057e: 00250c031232 tmp1:= SHR_DSZ32(tmp2, 0x0000000c) 01945280 SEQW GOTO U1452 ------------------------------------------------------------------------------------ U0580: 0c4b80670000 tmp0:= RDSEGFLD(DS_KERNM, SEL) U0581: 0cb8fc2b0024 STAD_DSZ16_ASZ32_SC1(SS, rsp, 0xfffffffffffffffc, mode=0x0a, tmp0) U0582: 10c504024908 rsp:= SUB_DSZN(0x00000004, rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0584: 39629d480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x29d) U0585: 000806030008 tmp0:= ZEROEXT_DSZ32(0x00000006) U0586: 000ca9035200 tmp5:= SAVEUIP(0x00, U00a9) 01dee880 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U0588: 0c4b80670000 tmp0:= RDSEGFLD(DS_KERNM, SEL) U0589: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U058a: 1f0f002b0024 tmp0:= unk_f0f(rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U058c: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U058d: 000d80880000 SAVEUIP_REGOVR(0x01, U058e, 0x0280) U058e: 000c82a802c0 SAVEUIP(0x01, U6a82) 019ab680 SEQW GOTO U1ab6 ------------------------------------------------------------------------------------ U0590: 1c1000e33144 tmp3:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0591: 000b05038200 LFNCEMARK-> tmp8:= UPDATEUSTATE(0x14) U0592: 000c41d3e208 tmp14:= SAVEUIP(0x01, U1441) U0594: 000b02800200 UPDATEUSTATE(!0x08) U0595: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0596: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 01d9f280 SEQW GOTO U59f2 ------------------------------------------------------------------------------------ U0598: 00c800831008 tmp1:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0599: 00084803b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000048) U059a: 0008461b000b tmp0:= ZEROEXT_DSZ32(0x00006646) 04b43a80 SEQW GOTO U343a ------------------------------------------------------------------------------------ U059c: 04960003d23d tmm5:= unk_496(tmm5, 0x00000000) U059d: 04940003ef80 tmm6:= unk_494(tmm6) U059e: 26a631808fbd mm0:= unk_6a6(tmm5, tmm6) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U05a0: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05a1: 00080803b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000008) U05a2: 0008461b000b tmp0:= ZEROEXT_DSZ32(0x00006646) 04b43a80 SEQW GOTO U343a ------------------------------------------------------------------------------------ U05a4: 008403033048 tmp3:= AND_DSZ16(0x00000003, r64dst) U05a5: 008500035cb3 tmp5:= SUB_DSZ16(tmp3, tmp2) U05a6: 035120080275 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp5, U2220) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U05a8: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05a9: 00081803b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000018) U05aa: 0008955b000b tmp0:= ZEROEXT_DSZ32(0x00007695) 04842480 SEQW GOTO U0424 ------------------------------------------------------------------------------------ U05ac: 00633d002200 rax:= READURAM(0x003d, 64) U05ad: 000a04002202 rax:= TESTUSTATE(r64src, UCODE, 0x0004) 01a21e72 ? SEQW GOTO U221e U05ae: 0062f81c2200 rax:= MOVEFROMCREG_DSZ64(0x7f8) 01a21e72 SEQW UEND0 ------------------------------------------------------------------------------------ U05b0: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05b1: 00083803b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000038) U05b2: 000801730008 tmp0:= ZEROEXT_DSZ32(0x00001c01) 04842480 SEQW GOTO U0424 ------------------------------------------------------------------------------------ U05b4: 00635c031200 tmp1:= READURAM(0x005c, 64) U05b5: 386a984c0331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000011, U3398) U05b6: 3d0f687b5008 SYNCFULL-> PORTOUT_DSZ32_ASZ16_SC1(0x00001e68, tmp5) 09339880 SEQW GOTO U3398 ------------------------------------------------------------------------------------ U05b8: 00c800831008 tmp1:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U05b9: 00084003b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000040) U05ba: 00088513000a tmp0:= ZEROEXT_DSZ32(0x00004485) 04b43980 SEQW GOTO U3439 ------------------------------------------------------------------------------------ U05bc: 00621b172200 tmp2:= MOVEFROMCREG_DSZ64(0x51b) U05bd: 0004410b2c90 tmp2:= AND_DSZ32(0xffff0000, tmp2) U05be: 090213d40232 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp2, 0x00000003, 0x513) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U05c0: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05c1: 00080003b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000000) U05c2: 00088513000a tmp0:= ZEROEXT_DSZ32(0x00004485) 04b43980 SEQW GOTO U3439 ------------------------------------------------------------------------------------ U05c4: 006272172200 tmp2:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_BASE) U05c5: 006273173200 tmp3:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U05c6: 386b4ec002b3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000b, uret0) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U05c8: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05c9: 00081003b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000010) U05ca: 00089d5b000b tmp0:= ZEROEXT_DSZ32(0x0000769d) 0481ea80 SEQW GOTO U01ea ------------------------------------------------------------------------------------ U05cc: 000c82380280 SAVEUIP(0x00, do_vmexit_ovr_enter_rip) U05cd: 20637303b200 tmp11:= READURAM(0x0073, 64) U05ce: 2042521f3236 SYNCFULL-> tmp3:= MOVETOCREG_DSZ64(tmp6, 0x752) 09614d80 SEQW GOTO U614d ------------------------------------------------------------------------------------ U05d0: 008800031022 tmp1:= ZEROEXT_DSZ16(rdx) U05d1: 00083003b008 LFNCEMARK-> tmp11:= ZEROEXT_DSZ32(0x00000030) U05d2: 0008e92f0009 tmp0:= ZEROEXT_DSZ32(0x00002be9) 0481ea80 SEQW GOTO U01ea ------------------------------------------------------------------------------------ U05d4: 000803032008 tmp2:= ZEROEXT_DSZ32(0x00000003) U05d5: 000800038000 tmp8:= ZEROEXT_DSZ32(0x00000000) U05d6: 104804834008 tmp4:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) 018a7d80 SEQW GOTO U0a7d ------------------------------------------------------------------------------------ U05d8: 213e04032008 tmp2:= MOVEMERGEFLGS_DSZ32(0x00000004) U05d9: 000804834008 tmp4:= ZEROEXT_DSZ32(IMM_MACRO_ALIAS_RIP) U05da: 00507a280232 UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp2, U0a7a) 01a21e80 SEQW GOTO U221e ------------------------------------------------------------------------------------ U05dc: 086bd8290370 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000014, U4ad8) U05dd: 000cd8a80280 SAVEUIP(0x01, U4ad8) U05de: 006357016200 tmpv2:= READURAM(0x0057, 64) 085f4a80 SEQW GOTO U5f4a ------------------------------------------------------------------------------------ U05e0: 20631e03b200 tmp11:= READURAM(0x001e, 64) U05e1: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71172 ? SEQW GOTO generate_#GP U05e2: 10480000203b rax:= ZEROEXT_DSZ64N(tmp11) 01a71172 SEQW UEND0 ------------------------------------------------------------------------------------ U05e4: 0062f01ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7f0) U05e5: 086b5c1802bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000008, U065c) U05e6: 000c5c1bd208 tmp13:= SAVEUIP(0x00, U065c) 01ddb680 SEQW GOTO U5db6 ------------------------------------------------------------------------------------ U05e8: 00622917b200 tmp11:= MOVEFROMCREG_DSZ64(0x529) U05e9: 100ac2000200 TESTUSTATE(SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 01a83c72 ? SEQW GOTO U283c U05ea: 10480000203b rax:= ZEROEXT_DSZ64N(tmp11) 01a83c72 SEQW UEND0 ------------------------------------------------------------------------------------ U05ec: 00553e030200 tmp0:= BTS_DSZ64(0x00000000, 0x0000003e) U05ed: 104211080270 MOVETOCREG_DSZ64(tmp0, 0x211, 32) U05ee: 2042f81c023a SYNCFULL-> MOVETOCREG_DSZ64(tmp10, 0x7f8) 09670e80 SEQW GOTO U670e ------------------------------------------------------------------------------------ U05f0: 189f00838144 tmp8:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U05f1: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U05f2: 000c76200200 SAVEUIP(0x00, U0876) 01831180 SEQW GOTO U0311 ------------------------------------------------------------------------------------ U05f4: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U05f5: 3962df880270 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000006, ROB1_CR_ICECTLPMR) U05f6: 021e32000200 SIGEVENT(0x00000032) 01879d80 SEQW GOTO U079d ------------------------------------------------------------------------------------ U05f8: 000b10831208 tmp1:= UPDATEUSTATE(!0x40) U05f9: 00481083f008 LFNCEMARK-> tmp15:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION) U05fa: 100ac0000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON | UST_VMX_GUEST) 04de16c0 ? SEQW GOTO U5e16 U05fc: 10480483c008 tmp12:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) U05fd: 00251c03023f tmp0:= SHR_DSZ32(tmp15, 0x0000001c) U05fe: 00010003dc31 tmp13:= OR_DSZ32(tmp1, tmp0) 01a8a180 SEQW GOTO U28a1 ------------------------------------------------------------------------------------ U0600: 1c0000231027 tmp1:= LDZX_DSZN_ASZ32_SC1(rdi, mode=0x08) U0601: 300500000831 SUB_DSZ32(tmp1, rax) U0602: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0604: 296230180300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x630) U0605: 204231180200 MOVETOCREG_DSZ64(0x00000000, 0x631) U0606: 000c99240240 SAVEUIP(0x00, U2999) 01cbe680 SEQW GOTO U4be6 ------------------------------------------------------------------------------------ U0608: 1c0000631026 tmp1:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) U0609: 100800020831 rax:= ZEROEXT_DSZ32N(tmp1, rax) U060a: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U060c: 00040703bec8 tmp11:= AND_DSZ32(0x00000007, tmp11) U060d: 01516070027b UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U3c60) U060e: 00630703f200 tmp15:= READURAM(0x0007, 64) 01de9480 SEQW GOTO U5e94 ------------------------------------------------------------------------------------ U0610: 108100034021 tmp4:= OR_DSZN(rcx) U0611: 015066100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U0466) U0612: 021e3f000200 SIGEVENT(0x0000003f) 01b3f680 SEQW GOTO U33f6 ------------------------------------------------------------------------------------ U0614: 362e00038008 LFNCEMARK-> tmm0:= unk_62e(0x00000000) U0615: 153c00038e00 tmm0:= unk_53c(tmm0) U0616: 00950f039239 tmp9:= BTS_DSZ16(tmp9, 0x0000000f) 04123680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U0618: 000d00800000 SAVEUIP_REGOVR(0x01, U0619, 0x0000) 01a66a32 SEQW GOTO U266a U0619: 207f00037cb7 tmp7:= unk_07f(tmp7, tmp2) U061a: 104800002037 rax:= ZEROEXT_DSZ64N(tmp7) 01a66a32 SEQW UEND0 ------------------------------------------------------------------------------------ U061c: 07c20003ceb4 tmm4:= unk_7c2(mm4, tmm2) U061d: 069d71809f00 mm7:= unk_69d(tmm4) U061e: 27430003e000 LFNCEMARK-> tmm6:= unk_743(0x00000000) 05194880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U0620: 000c957fa200 tmp10:= SAVEUIP(0x00, U1f95) U0621: 100a40831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01a7694a ? SEQW GOTO generate_#UD U0622: 000848030010 tmp0:= ZEROEXT_DSZ32(0x00010003) 01a7694a SEQW URET0 ------------------------------------------------------------------------------------ U0624: 07c20003c03a tmm4:= unk_7c2(tmm2) U0625: 04b400038200 tmm0:= FMOV(0x00000000) U0626: 186af5a80236 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000002, U2af5) 01e35c80 SEQW GOTO U635c ------------------------------------------------------------------------------------ U0628: 000d00000000 SAVEUIP_REGOVR(0x00, U0629, 0x0000) 01a51d32 SEQW GOTO U251d U0629: 181f00830144 tmp0:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U062a: 100800001070 r64dst:= ZEROEXT_DSZ32N(tmp0, r64dst) 01a51d32 SEQW UEND0 ------------------------------------------------------------------------------------ U062c: 362e0003f008 LFNCEMARK-> tmm7:= unk_62e(0x00000000) U062d: 153c0003ffc0 tmm7:= unk_53c(tmm7) U062e: 0252d4380236 UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp6, U0ed4) 04123680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U0630: 008c1d134281 tmp4:= SAVEUIP(r64dst, 0x00, U441d) U0631: 00091203f008 tmp15:= MOVE_DSZ32(0x00000012) U0632: 29620000033f MOVETOCREG_BTS_DSZ64(tmp15, 0x00000010, 0x000) 01826280 SEQW GOTO U0262 ------------------------------------------------------------------------------------ U0634: 07900003c072 tmm4:= unk_790(mm2, xmmdst) U0635: 07900003fff2 tmm7:= unk_790(mm2, tmm7) U0636: 0048d40fd00a tmp13:= ZEROEXT_DSZ64(0x000043d4) 01834480 SEQW GOTO U0344 ------------------------------------------------------------------------------------ U0638: 000000000000 NOP U0639: 000000000000 NOP U063a: 000000000000 NOP 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U063c: 000d02800000 SAVEUIP_REGOVR(0x01, U063d, 0x0002) 01ab150a SEQW GOTO lbsync_full U063d: 00a10043200a tmp2:= CONCAT_DSZ16(0x00005000) U063e: 0cdb00032032 tmp2:= unk_cdb(tmp2) 01ab150a SEQW URET0 ------------------------------------------------------------------------------------ U0640: 000000000000 NOP U0641: 000000000000 NOP U0642: 000000000000 NOP 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0644: 0007ff3f2c88 tmp2:= NOTAND_DSZ32(0x00000fff, tmp2) U0645: 000004031c48 tmp1:= ADD_DSZ32(0x00000004, tmp1) U0646: 2d0f1027100a PORTOUT_DSZ32_ASZ16_SC1(0x00004910, tmp1) 01aba280 SEQW GOTO U2ba2 ------------------------------------------------------------------------------------ U0648: 000000000000 NOP U0649: 000000000000 NOP U064a: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U064c: 0008f003f008 tmp15:= ZEROEXT_DSZ32(0x000000f0) U064d: 00a12d63f23f tmp15:= CONCAT_DSZ16(tmp15, 0x0000182d) U064e: 20430708023f WRITEURAM(tmp15, 0x0007, 32) 01a0a880 SEQW GOTO U20a8 ------------------------------------------------------------------------------------ U0650: 000000000000 NOP U0651: 000000000000 NOP U0652: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U0654: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) U0655: 07c200008235 mm0:= unk_7c2(mm5, 0x00000000) U0656: 00428c100238 MOVETOCREG_DSZ64(tmp8, 0x48c) 01a1fe80 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U0658: 000000000000 NOP U0659: 000000000000 NOP U065a: 000000000000 NOP 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U065c: 29628903f200 tmp15:= MOVETOCREG_BTS_DSZ64(0x089) U065d: 286a446d023f SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000001, U5b44) U065e: 00628903f200 tmp15:= MOVEFROMCREG_DSZ64(0x089) 08865d80 SEQW GOTO U065d ------------------------------------------------------------------------------------ udbgwr_xlat: U0660: 0021000328a3 tmp2:= CONCAT_DSZ32(rbx, rdx) U0661: 004901031008 tmp1:= MOVE_DSZ64(0x00000001) U0662: 10628c0f3240 tmp3:= MOVEFROMCREG_DSZ64(0x38c, 32) 018b5a80 SEQW GOTO U0b5a ------------------------------------------------------------------------------------ U0664: 000000000000 NOP U0665: 000000000000 NOP U0666: 000800000000 NOP 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0668: 04290083a002 tmm2:= unk_429(xmmsrc) U0669: 04690083b001 tmm3:= unk_469(xmmdst) U066a: 069300001ebb xmm2:= unk_693(tmm3, tmm2) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U066c: 04b40003fe00 tmm7:= FMOV(tmm0) U066d: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U066e: 27000003c033 LFNCEMARK-> tmm4:= unk_700(mm3) 0501a280 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U0670: 05b900038802 tmm0:= unk_5b9(xmmsrc, xmm0) U0671: 05d200038078 tmm0:= unk_5d2(tmm0, xmmdst) U0672: 05e600001e20 xmm2:= unk_5e6(xmm0, tmm0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0674: 00c800015016 tmpv1:= ZEROEXT_DSZ8(tmpv2) U0675: 006404014216 tmpv0:= SHL_DSZ64(tmpv2, 0x00000004) U0676: 008830014510 tmpv0:= ZEROEXT_DSZ16(0x0000c802, tmpv0) 01e5b980 SEQW GOTO U65b9 ------------------------------------------------------------------------------------ U0678: 00084f030010 tmp0:= ZEROEXT_DSZ32(0x0001000d) U0679: 00080d031008 LFNCEMARK-> tmp1:= ZEROEXT_DSZ32(0x0000000d) U067a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 04e98e80 SEQW GOTO U698e ------------------------------------------------------------------------------------ U067c: 000804036008 tmp6:= ZEROEXT_DSZ32(0x00000004) U067d: 204274000010 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x000) U067e: 000c26200200 SAVEUIP(0x00, U0826) 04ab3e80 SEQW GOTO U2b3e ------------------------------------------------------------------------------------ U0680: 195f00830144 tmp0:= unk_95f(r64base, r64idx) U0681: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0682: 1f4500601030 r64dst:= unk_f45(tmp0) U0684: 1f450be11030 tmp2:= unk_f45(tmp0) 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U0685: 000000000000 NOP U0686: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U0688: 1d5900e01144 r64dst:= STADTICKLE_DSZN_ASZ32_SC4(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0689: 195f00830144 tmp0:= unk_95f(r64base, r64idx) U068a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U068c: 1d790be11030 tmp2:= STADTICKLE_DSZ64_ASZ32_SC1(tmp0) 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U068d: 000000000000 NOP U068e: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U0690: 195f00830144 tmp0:= unk_95f(r64base, r64idx) U0691: 114b00030c11 tmp0:= unk_14b(tmp2, tmp0) U0692: 013215030230 tmp0:= SELECTCC_DSZ32_CONDBE(tmp0, 0x00000015) U0694: 021e00000c00 SIGEVENT(tmp0) 093210b0 SEQW UEND0 ------------------------------------------------------------------------------------ U0695: 000000000000 NOP U0696: 000e80000208 SYNCFULL-> WRMSLOOPCTRFBR(0x00000080) 093210b0 SEQW GOTO uend0 ------------------------------------------------------------------------------------ U0698: 2cda00e30144 tmp0:= LDTICKLE_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0699: 00bc00031001 tmp1:= unk_0bc(r64dst) U069a: 2cd800e31144 STAD_DSZ8_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp1) U069c: 00fc00001070 r64dst:= unk_0fc(tmp0, r64dst) 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U069d: 000000000000 NOP U069e: 015d14100200 UJMP(U0414) ------------------------------------------------------------------------------------ U06a0: 23a500000802 unk_3a5(r64src, rax) U06a1: 00fc00030081 tmp0:= unk_0fc(r64dst, r64src) U06a2: 217500002c02 rax:= CMOVCC_DSZ64_CONDNZ(r64src, tmp0) U06a4: 00bc00031802 tmp1:= unk_0bc(r64src, rax) 0187ed00 SEQW GOTO U07ed ------------------------------------------------------------------------------------ U06a5: 002510030233 tmp0:= SHR_DSZ32(tmp3, 0x00000010) U06a6: 015d00000cc0 UJMP(tmp3) ------------------------------------------------------------------------------------ U06a8: 20c500000802 SUB_DSZ8(r64src, rax) U06a9: 00bc00030081 tmp0:= unk_0bc(r64dst, r64src) U06aa: 217500002c02 rax:= CMOVCC_DSZ64_CONDNZ(r64src, tmp0) U06ac: 00c800031802 tmp1:= ZEROEXT_DSZ8(r64src, rax) 0187ed00 SEQW GOTO U07ed ------------------------------------------------------------------------------------ U06ad: 296270c00280 MOVETOCREG_BTS_DSZ64(0x0000000b, 0x070) U06ae: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U06b0: 23a500000802 unk_3a5(r64src, rax) U06b1: 007c00030081 tmp0:= unk_07c(r64dst, r64src) U06b2: 217500002c02 rax:= CMOVCC_DSZ64_CONDNZ(r64src, tmp0) U06b4: 00bc00031802 tmp1:= unk_0bc(r64src, rax) 0187ed00 SEQW GOTO U07ed ------------------------------------------------------------------------------------ U06b5: 206322030200 tmp0:= READURAM(0x0022, 64) U06b6: 015d00000c00 UJMP(tmp0) ------------------------------------------------------------------------------------ U06b8: 00eb00030020 tmp0:= unk_0eb(rax) U06b9: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U06ba: 0cc000631c23 tmp1:= LDZX_DSZ8_ASZ32_SC1(rbx, tmp0, mode=0x18) U06bc: 00c800020831 rax:= ZEROEXT_DSZ8(tmp1, rax) 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U06bd: 000000000000 NOP jump_tmp3: U06be: 015d00000cc0 UJMP(tmp3) ------------------------------------------------------------------------------------ U06c0: 22af00030802 tmp0:= unk_2af(r64src, rax) U06c1: 002510031230 tmp1:= SHR_DSZ32(tmp0, 0x00000010) U06c2: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) U06c4: 0088000228b1 rdx:= ZEROEXT_DSZ16(tmp1, rdx) 090000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U06c5: 000000000000 NOP uret1: U06c6: 014800800000 SYNCFULL-> URET(0x01) ------------------------------------------------------------------------------------ U06c8: 017e000360a0 tmp6:= MOVEMERGEFLGS_DSZ64(rax, r64src) U06c9: 111f00035da2 tmp5:= unk_11f(rdx, tmp6) U06ca: 122f00020d42 rax:= unk_22f(r64src, tmp5) U06cc: 111400022822 rdx:= unk_114(rdx, rax) 01a051b0 SEQW UEND0 ------------------------------------------------------------------------------------ U06cd: 000000000000 NOP U06ce: 000c261c02c0 SAVEUIP(0x00, U6726) 01a051b0 SEQW GOTO U2051 ------------------------------------------------------------------------------------ U06d0: 010901031008 tmp1:= unk_109(0x00000001) U06d1: 0052d2180231 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, U06d2) 01a21e40 SEQW GOTO U221e ------------------------------------------------------------------------------------ U06d2: 0062fe1f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U06d4: 0a62fe9c02b5 MOVETOCREG_BTR_DSZ64(tmp5, 0x0000000a, CORE_CR_EFLAGS) 01a1fe32 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U06d5: 1c0000634c72 tmp4:= LDZX_DSZN_ASZ32_SC1(tmp2, tmp1, mode=0x18) U06d6: 301400000074 BT_DSZ32(tmp4, r64dst) 01a1fe32 SEQW UEND0 ------------------------------------------------------------------------------------ U06d8: 00bc00030020 tmp0:= unk_0bc(rax) U06d9: 007c00020800 rax:= unk_07c(rax) U06da: 02e400830230 tmp0:= unk_2e4(tmp0, IMM_MACRO_ALIAS_IMMEDIATE) U06dc: 20c000020830 rax:= ADD_DSZ8(tmp0, rax) 052aacb0 SEQW UEND0 ------------------------------------------------------------------------------------ U06dd: 000000000000 NOP U06de: 00423e180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x63e) 052aacb0 SEQW GOTO U2aac ------------------------------------------------------------------------------------ U06e0: 1c30006b1025 tmp1:= LDZX_DSZN_ASZ32_SC1(SS, rbp, mode=0x1a) U06e1: 10c00b830948 tmp0:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rbp) U06e2: 10c800024930 rsp:= ZEROEXT_DSZ8N(tmp0, rsp) U06e4: 100800025971 rbp:= ZEROEXT_DSZ32N(tmp1, rbp) 01a711b0 SEQW UEND0 ------------------------------------------------------------------------------------ U06e5: 000000000000 NOP U06e6: 004265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) 01a711b0 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U06e8: 0dd600e39144 tmp9:= unk_dd6(r64base, r64idx) U06e9: 04b200839e40 tmm1:= unk_4b2(tmm1) U06ea: 04b30083a040 tmm2:= unk_4b3(xmmdst) U06ec: 069000001eb9 xmm2:= unk_690(tmm1, tmm2) 01dee8b0 SEQW UEND0 ------------------------------------------------------------------------------------ U06ed: 000000000000 NOP U06ee: 000c52335200 tmp5:= SAVEUIP(0x00, U0c52) 01dee8b0 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U06f0: 000cf48c0200 SAVEUIP(0x01, U03f4) U06f1: 074700038020 tmm0:= unk_747(xmm0) U06f2: 078708038e22 tmm0:= unk_787(xmm2, tmm0) U06f4: 152400838078 tmm0:= unk_524(tmm0, xmmdst) 01a7118c SEQW URET1 ------------------------------------------------------------------------------------ U06f5: 213f00000035 unk_13f(tmp5) U06f6: 0042fe1c0235 MOVETOCREG_DSZ64(tmp5, CORE_CR_EFLAGS) 01a7118c SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U06f8: 04ef0d039081 tmm1:= MOVHLPS(xmmdst, xmmsrc) U06f9: 04ef0803c081 tmm4:= MOVHLPS(xmmdst, xmmsrc) U06fa: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U06fc: 26b700001f39 xmm2:= unk_6b7(tmm1, tmm4) 019ea6b0 SEQW UEND0 ------------------------------------------------------------------------------------ U06fd: 000000000000 NOP U06fe: 2d0f0027000a PORTOUT_DSZ32_ASZ16_SC1(0x00004900, tmp0) 019ea6b0 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U0700: 000000000000 NOP U0701: 04b405838200LFNCEMARK->WRTAGW-> tmm0:= FMOV(0x00000005) U0702: 04b40d809240 mm7:= FMOV(0x0000200d) U0704: 06a80003f008 tmm7:= unk_6a8(0x00000000) 0342813e SEQW GOTO U4281 ------------------------------------------------------------------------------------ U0705: 000000000000 NOP U0706: 125400000f80 LFNCEWAIT-> FETCHFROMEIP0_ASZ64(tmp14) 0342813e SEQW UEND3 ------------------------------------------------------------------------------------ U0708: 0d8700e38144 tmp8:= unk_d87(r64base, r64idx) U0709: 06630003e038 LFNCEMARK-> tmm6:= unk_663(tmm0) U070a: 000800000000 NOP U070c: 000000000000 LFNCEWAIT-> NOP 020079b0 SEQW UEND0 ------------------------------------------------------------------------------------ U070d: 000000000000 NOP U070e: 000c8eac0240 SAVEUIP(0x01, U2b8e) 020079b0 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U0710: 23800003c000 tmp12:= READAFLAGS(0x00000000) U0711: 0742058382bc WRTAGW-> tmm0:= unk_742(tmm4, IMM_MACRO_ALIAS_STi) U0712: 000800000000 NOP U0714: 048f05808238 mm0:= unk_48f(tmm0, IMM_MACRO_ALIAS_STi) 0183f5b0 SEQW UEND0 ------------------------------------------------------------------------------------ U0715: 000000000000 NOP U0716: 052500838eb8 tmm0:= unk_525(tmm0, tmm2) 0183f5b0 SEQW GOTO U03f5 ------------------------------------------------------------------------------------ U0718: 006377031200 tmp1:= READURAM(0x0077, 64) U0719: 186a699c0771 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000036, generate_#UD) U071a: 025eff000200 unk_25e(0x000000ff) U071c: 0ddd00e00144 unk_ddd(r64base, r64idx) 018251b0 SEQW UEND0 ------------------------------------------------------------------------------------ U071d: 125700000d00 unk_257(tmp4) U071e: 108800021871 rcx:= ZEROEXT_DSZ16N(tmp1, rcx) 018251b0 SEQW GOTO U0251 ------------------------------------------------------------------------------------ sldt_m16_xlat: U0720: 000d07800000 SAVEUIP_REGOVR(0x01, U0721, 0x0007) 018ba200 SEQW GOTO U0ba2 U0721: 025eff000200 unk_25e(0x000000ff) U0722: 0c4b80732000 tmp2:= RDSEGFLD(SEG_V0, SEL) U0724: 0c9800e32144 STAD_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp2) 088725b0 SEQW UEND0 ------------------------------------------------------------------------------------ U0725: 1062eb0b0240 SYNCFULL-> tmp0:= MOVEFROMCREG_DSZ64(0x2eb, 32) U0726: 386a4e000230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, uret0) 088725b0 SEQW GOTO U0725 ------------------------------------------------------------------------------------ U0728: 000d0f800000 SAVEUIP_REGOVR(0x01, U0729, 0x000f) 02da1a00 SEQW GOTO U5a1a U0729: 0c8000632032 LFNCEWAIT-> tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, mode=0x18) U072a: 000800000000 NOP U072c: 00086217d009 tmp13:= ZEROEXT_DSZ32(0x00002562) 0cc6f90e SEQW GOTO U46f9 ------------------------------------------------------------------------------------ U072d: 186ab85d03bc SYNCMARK-> BTUJB_DIRECT_NOTTAKEN(tmp12, 0x00000019, U67b8) U072e: 386ad40003bc BTUJB_DIRECT_NOTTAKEN(tmp12, 0x00000018, U30d4) 0cc6f90e SEQW URET1 ------------------------------------------------------------------------------------ U0730: 000b03033208 tmp3:= UPDATEUSTATE(0x0c) 018bb100 SEQW GOTO U0bb1 ------------------------------------------------------------------------------------ U0731: 006320030200 tmp0:= READURAM(0x0020, 64) U0732: 006528030230 tmp0:= SHR_DSZ64(tmp0, 0x00000028) U0734: 00041f030c08 tmp0:= AND_DSZ32(0x0000001f, tmp0) U0735: 013e00030e30 tmp0:= MOVEMERGEFLGS_DSZ32(tmp0, tmp8) U0736: 013501023230 rbx:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x00000001) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ sysexit_xlat: U0738: 000b03033208 tmp3:= UPDATEUSTATE(0x0c) U0739: 006374030200 LFNCEMARK-> tmp0:= READURAM(0x0074, 64) U073a: 008703031c08 tmp1:= NOTAND_DSZ16(0x00000003, tmp0) U073c: 0150111c0271 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) U073d: 0049092718a2 ROVR<- tmp1:= MOVE_DSZ64(rdx, rdx) 041d689d SEQW SAVEUIP1 U073e U073e: 004100032021 tmp2:= OR_DSZ64(rcx) 041d689d SEQW GOTO U1d68 ------------------------------------------------------------------------------------ U0740: 025c000008a2 unk_25c(rdx, rdx) U0741: 025c00000861 LFNCEMARK-> unk_25c(rcx, rcx) U0742: 000b03833208 tmp3:= UPDATEUSTATE(!0x0c) 04873980 SEQW GOTO U0739 ------------------------------------------------------------------------------------ U0744: 04b40000af00 mm0:= FMOV(tmm4) U0745: 015148640236 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U1948) U0746: 04b49183e200 tmm6:= FMOV(0x00000091) 01994880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U0748: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0749: 186b691c0330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000010, generate_#UD) U074a: 0c4b20672000 tmp2:= RDSEGFLD(DS_KERNM, BASE) U074c: 100800002032 rax:= ZEROEXT_DSZ32N(tmp2) 018e59b0 SEQW UEND0 ------------------------------------------------------------------------------------ U074d: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) U074e: 000806037008 tmp7:= ZEROEXT_DSZ32(0x00000006) 018e59b0 SEQW GOTO U0e59 ------------------------------------------------------------------------------------ U0750: 000b07038200 tmp8:= UPDATEUSTATE(0x1c) U0751: 000c41d3e208 LFNCEMARK-> tmp14:= SAVEUIP(0x01, U1441) U0752: 008800832008 tmp2:= ZEROEXT_DSZ16(IMM_MACRO_ALIAS_IMMEDIATE) U0754: 1a2f00833000 tmp3:= unk_a2f(0x00000000) U0755: 100800033033 tmp3:= ZEROEXT_DSZ32N(tmp3) U0756: 000b06000200 UPDATEUSTATE(0x18) 01c8a880 SEQW GOTO U48a8 ------------------------------------------------------------------------------------ U0758: 004932130008 tmp0:= MOVE_DSZ64(0x00000432) U0759: 000807034008 tmp4:= ZEROEXT_DSZ32(0x00000007) U075a: 00080603a008 tmp10:= ZEROEXT_DSZ32(0x00000006) 01c74a96 SEQW SAVEUIP1 U075c SEQW GOTO U474a U075c: 29280c700230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000001, U1c0c) U075d: 000cecdc0200 LFNCEMARK-> SAVEUIP(0x01, uend) 04816472 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U075e: 04cf00001ebb xmm2:= unk_4cf(tmm3, tmm2) 04816472 SEQW UEND0 ------------------------------------------------------------------------------------ U0760: 004935130008 tmp0:= MOVE_DSZ64(0x00000435) U0761: 000808034008 tmp4:= ZEROEXT_DSZ32(0x00000008) U0762: 00080f03a008 tmp10:= ZEROEXT_DSZ32(0x0000000f) 01c74a96 SEQW SAVEUIP1 U0764 SEQW GOTO U474a U0764: 006510035234 tmp5:= SHR_DSZ64(tmp4, 0x00000010) U0765: 01512e200235 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U082e) U0766: 2929e1990230 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000002, U56e1) 01875d80 SEQW GOTO U075d ------------------------------------------------------------------------------------ U0768: 10490003a082 tmp10:= MOVE_DSZ64(r64src, r64src) U0769: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U076a: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 04a711c0 ? SEQW GOTO generate_#GP U076c: 20431e00023a WRITEURAM(tmp10, 0x001e, 64) 0197ec0e SEQW GOTO uend ------------------------------------------------------------------------------------ U076d: 004400034d7a tmp4:= AND_DSZ64(tmp10, tmp5) U076e: 0929a6110cf4 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, tmp3, U44a6) 0197ec0e SEQW URET1 ------------------------------------------------------------------------------------ U0770: 10490003b082 tmp11:= MOVE_DSZ64(r64src, r64src) U0771: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U0772: 100ac2800200 TESTUSTATE(SYS, !UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 0497ce80 ? SEQW GOTO U17ce U0774: 20631f036200 tmp6:= READURAM(0x001f, 64) U0775: 00651d036236 tmp6:= SHR_DSZ64(tmp6, 0x0000001d) U0776: 000438036d88 tmp6:= AND_DSZ32(0x00000038, tmp6) 019f5280 SEQW GOTO U1f52 ------------------------------------------------------------------------------------ U0778: 00470f037088 tmp7:= NOTAND_DSZ64(0x0000000f, r64src) U0779: 1062a10b8240 LFNCEMARK-> tmp8:= MOVEFROMCREG_DSZ64(0x2a1, 32) U077a: 100ac2000200 TESTUSTATE(SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 04d882d6 ? SEQW SAVEUIP1 U077c ? SEQW GOTO U5882 U077c: 0151111c0277 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, generate_#GP) U077d: 00650c033238 tmp3:= SHR_DSZ64(tmp8, 0x0000000c) U077e: 00040f033cc8 tmp3:= AND_DSZ32(0x0000000f, tmp3) 042c3580 SEQW GOTO U2c35 ------------------------------------------------------------------------------------ U0780: 104900037082 tmp7:= MOVE_DSZ64(r64src, r64src) U0781: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U0782: 000bff031200 tmp1:= UPDATEUSTATE(0xfc) 0485f980 SEQW GOTO U05f9 ------------------------------------------------------------------------------------ U0784: 00631f032200 tmp2:= READURAM(0x001f, 64) U0785: 000707032c88 tmp2:= NOTAND_DSZ32(0x00000007, tmp2) U0786: 00431f080232 WRITEURAM(tmp2, 0x001f, 32) 01ba8180 SEQW GOTO U3a81 ------------------------------------------------------------------------------------ rdtscp_xlat: U0788: 000833033008 tmp3:= ZEROEXT_DSZ32(0x00000033) U0789: 006303035200 LFNCEMARK-> tmp5:= READURAM(0x0003, 64) U078a: 200a00880200 TESTUSTATE(VMX, !0x0200) 04a769c0 ? SEQW GOTO generate_#UD U078c: 000c0c0c0200 SAVEUIP(0x00, U030c) 018caa0e SEQW GOTO U0caa ------------------------------------------------------------------------------------ U078d: 00050003dc7d tmp13:= SUB_DSZ32(tmp13, tmp1) U078e: 0151111c027d UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, generate_#GP) 018caa0e SEQW URET1 ------------------------------------------------------------------------------------ U0790: 000d00800000 SAVEUIP_REGOVR(0x01, U0791, 0x0000) 01a66900 SEQW GOTO U2669 U0791: 007f00037cb7 tmp7:= unk_07f(tmp7, tmp2) U0792: 1c4800637035 STAD_DSZN_ASZ32_SC1(tmp5, mode=0x18, tmp7) clear_aflags_uend0: U0794: 203d00000000 LFNCEWAIT-> MOVEINSERTFLGS_DSZ32(0x00000000) 025c62b0 SEQW UEND0 ------------------------------------------------------------------------------------ U0795: 000d108c0000 SAVEUIP_REGOVR(0x01, U0796, 0x0310) U0796: 000ca6f80200 SAVEUIP(0x01, patch_runs_load_loop) 025c62b0 SEQW GOTO U5c62 ------------------------------------------------------------------------------------ U0798: 000d00000000 SAVEUIP_REGOVR(0x00, U0799, 0x0000) 01a51d00 SEQW GOTO U251d U0799: 189f00830144 tmp0:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U079a: 1c0000601030 r64dst:= LDZX_DSZN_ASZ32_SC1(tmp0, mode=0x18) U079c: 300000000001 ADD_DSZ32(r64dst) 030e5eb0 SEQW UEND0 ------------------------------------------------------------------------------------ U079d: 000800030008 tmp0:= ZEROEXT_DSZ32(0x00000000) U079e: 00626803f200 LFNCEWAIT-> tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) 030e5eb0 SEQW GOTO U0e5e ------------------------------------------------------------------------------------ U07a0: 000d00000000 SAVEUIP_REGOVR(0x00, U07a1, 0x0000) 01a51d00 SEQW GOTO U251d U07a1: 189f00830144 tmp0:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U07a2: 1c0800601030 STAD_DSZN_ASZ32_SC1(tmp0, mode=0x18, r64dst) U07a4: 300000000001 ADD_DSZ32(r64dst) 06de94b0 SEQW UEND0 ------------------------------------------------------------------------------------ U07a5: 00430708023f LFNCEWTMRK-> WRITEURAM(tmp15, 0x0007, 32) U07a6: 000000000000 NOP 06de94b0 SEQW GOTO U5e94 ------------------------------------------------------------------------------------ U07a8: 000d00000000 SAVEUIP_REGOVR(0x00, U07a9, 0x0000) 01a51d00 SEQW GOTO U251d U07a9: 0a5f00830144 tmp0:= unk_a5f(r64base, r64idx) U07aa: 1e2500001030 r64dst:= LDPPHYSTICKLE_DSZN_ASZ64_SC1(tmp0) U07ac: 300000000001 ADD_DSZ32(r64dst) 019ea6b0 SEQW UEND0 ------------------------------------------------------------------------------------ U07ad: 00080a030008 tmp0:= ZEROEXT_DSZ32(0x0000000a) U07ae: 1929b45c0235 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, 0x00000001, patch_load_error) 019ea6b0 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U07b0: 000d00000000 SAVEUIP_REGOVR(0x00, U07b1, 0x0000) 01a51d00 SEQW GOTO U251d U07b1: 0a5f00830144 tmp0:= unk_a5f(r64base, r64idx) U07b2: 1e2d00001030 STADPPHYSTICKLE_DSZN_ASZ64_SC1(tmp0, r64dst) U07b4: 300000000001 ADD_DSZ32(r64dst) 0907b5b0 SEQW UEND0 ------------------------------------------------------------------------------------ U07b5: 2d0ba4015008 tmpv1:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U07b6: 286b66f103d5 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmpv1, 0x0000001f, U5c66) 0907b5b0 SEQW GOTO U07b5 ------------------------------------------------------------------------------------ U07b8: 00090003000c tmp0:= MOVE_DSZ32(0x00008000) U07b9: 008100030c20 tmp0:= OR_DSZ16(rax, tmp0) U07ba: 192812410220 CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000001, U6012) U07bc: 19280c810220 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000002, U600c) 0866d20e SEQW GOTO U66d2 ------------------------------------------------------------------------------------ U07bd: 000407031d48 tmp1:= AND_DSZ32(0x00000007, tmp5) U07be: 192811dc0271 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000007, generate_#GP) 0866d20e SEQW URET1 ------------------------------------------------------------------------------------ U07c0: 00090003c000 tmp12:= MOVE_DSZ32(0x00000000) U07c1: 000bff000200 LFNCEMARK-> UPDATEUSTATE(0xfc) U07c2: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 049ee180 SEQW GOTO U1ee1 ------------------------------------------------------------------------------------ U07c4: 004080035f88 tmp5:= ADD_DSZ64(0x00000080, tmp14) U07c5: 00080003603d tmp6:= ZEROEXT_DSZ32(tmp13) U07c6: 0008552f8009 tmp8:= ZEROEXT_DSZ32(0x00002b55) 01ded580 SEQW GOTO rc4_decrypt ------------------------------------------------------------------------------------ U07c8: 000904834008 tmp4:= MOVE_DSZ32(IMM_MACRO_ALIAS_RIP) U07c9: 014310a00200 LFNCEMARK-> AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U07ca: 23800003a000 tmp10:= READAFLAGS(0x00000000) U07cc: 0008010f1008 tmp1:= ZEROEXT_DSZ32(0x00000301) 01df8a32 SEQW GOTO U5f8a ------------------------------------------------------------------------------------ U07cd: 000800020000 rax:= ZEROEXT_DSZ32(0x00000000) U07ce: 000800022000 rdx:= ZEROEXT_DSZ32(0x00000000) 01df8a32 SEQW UEND0 ------------------------------------------------------------------------------------ U07d0: 0dd600e3a144 tmp10:= unk_dd6(r64base, r64idx) U07d1: 04290083a03a tmm2:= unk_429(tmm2) U07d2: 04690083b001 tmm3:= unk_469(xmmdst) U07d4: 069300001ebb xmm2:= unk_693(tmm3, tmm2) 018c7ab0 SEQW UEND0 ------------------------------------------------------------------------------------ U07d5: 000000000000 NOP U07d6: 052500838eb8 tmm0:= unk_525(tmm0, tmm2) 018c7ab0 SEQW GOTO U0c7a ------------------------------------------------------------------------------------ U07d8: 0dd600e38144 tmp8:= unk_dd6(r64base, r64idx) U07d9: 05b900038838 tmm0:= unk_5b9(tmm0, xmm0) U07da: 05d200038078 tmm0:= unk_5d2(tmm0, xmmdst) U07dc: 05e600001e20 xmm2:= unk_5e6(xmm0, tmm0) 01e149b0 SEQW UEND0 ------------------------------------------------------------------------------------ U07dd: 000000000000 NOP U07de: 000c917c0200 SAVEUIP(0x00, do_smm_vmexit_ovr_enter_rip) 01e149b0 SEQW GOTO U6149 ------------------------------------------------------------------------------------ U07e0: 000c91a7e248 tmp14:= SAVEUIP(0x01, U2991) U07e1: 0f5400e30004 tmp0:= unk_f54(r64base) U07e2: 006513031230 tmp1:= SHR_DSZ64(tmp0, 0x00000013) U07e4: 0007170b1c50 tmp1:= NOTAND_DSZ32(0xe0000001, tmp1) U07e5: 0008c6033010 tmp3:= ZEROEXT_DSZ32(0x000ffff8) 01890d4e SEQW GOTO U090d ------------------------------------------------------------------------------------ U07e6: 110500033cf2 tmp3:= unk_105(tmp2, tmp3) 01890d4e SEQW URET1 ------------------------------------------------------------------------------------ U07e8: 300500000802 SUB_DSZ32(r64src, rax) U07e9: 100800030081 tmp0:= ZEROEXT_DSZ32N(r64dst, r64src) U07ea: 217500002c02 rax:= CMOVCC_DSZ64_CONDNZ(r64src, tmp0) U07ec: 100800031802 tmp1:= ZEROEXT_DSZ32N(r64src, rax) U07ed: 217400020c60 rax:= CMOVCC_DSZ64_CONDZ(rax, tmp1) 01838ab1 SEQW UEND0 ------------------------------------------------------------------------------------ U07ee: 2e6b2003bcb0 tmp11:= unk_e6b(tmp0, tmp2) 01838ab1 SEQW GOTO U038a ------------------------------------------------------------------------------------ U07f0: 0c9000e30144 tmp0:= LDZX_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U07f1: 22af00030830 tmp0:= unk_2af(tmp0, rax) U07f2: 002510031230 tmp1:= SHR_DSZ32(tmp0, 0x00000010) U07f4: 008800020830 rax:= ZEROEXT_DSZ16(tmp0, rax) U07f5: 0088000228b1 rdx:= ZEROEXT_DSZ16(tmp1, rdx) 01838ab1 SEQW UEND0 ------------------------------------------------------------------------------------ U07f6: 2e6b4003bcb0 tmp11:= unk_e6b(tmp0, tmp2) 01838ab1 SEQW GOTO U038a ------------------------------------------------------------------------------------ U07f8: 1c1000e37144 tmp7:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U07f9: 017e00036de0 tmp6:= MOVEMERGEFLGS_DSZ64(rax, tmp7) U07fa: 111f00035da2 tmp5:= unk_11f(rdx, tmp6) U07fc: 122f00020d77 rax:= unk_22f(tmp7, tmp5) U07fd: 111400022822 rdx:= unk_114(rdx, rax) 01879db1 SEQW UEND0 ------------------------------------------------------------------------------------ U07fe: 021eb5000200 SIGEVENT(0x000000b5) 01879db1 SEQW GOTO U079d ------------------------------------------------------------------------------------ U0800: 01e200830008 tmp0:= RCXBTCNTMSK_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0801: 00c508031230 tmp1:= SUB_DSZ8(tmp0, 0x00000008) U0802: 016900033c02 tmp3:= unk_169(r64src, tmp0) U0804: 036a01032202 tmp2:= unk_36a(r64src, 0x00000001) U0805: 016800032c72 tmp2:= unk_168(tmp2, tmp1) 01a78a4e SEQW GOTO U278a ------------------------------------------------------------------------------------ U0806: 038f00033033 tmp3:= unk_38f(tmp3) 01a78a4e SEQW URET1 ------------------------------------------------------------------------------------ U0808: 00c800830008 tmp0:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0809: 00a100033081 tmp3:= CONCAT_DSZ16(r64dst, r64src) 01897d55 SEQW SAVEUIP1 U080a SEQW GOTO U097d U080a: 1008000020b3 rax:= ZEROEXT_DSZ32N(tmp3, r64src) U080c: 213e00034034 tmp4:= MOVEMERGEFLGS_DSZ32(tmp4) U080d: 237d00000cf4 GENARITHFLAGS(tmp4, tmp3) 01840cb1 SEQW UEND0 ------------------------------------------------------------------------------------ U080e: 000802036008 tmp6:= ZEROEXT_DSZ32(0x00000002) 01840cb1 SEQW GOTO U040c ------------------------------------------------------------------------------------ U0810: 00c800032020 tmp2:= ZEROEXT_DSZ8(rax) U0811: 02e600830c88 tmp0:= unk_2e6(IMM_MACRO_ALIAS_IMMEDIATE, tmp2) U0812: 00fc00020830 rax:= unk_0fc(tmp0, rax) U0814: 236000000c00 unk_360(tmp0) U0815: 00bc00020830 rax:= unk_0bc(tmp0, rax) 0558e4b1 SEQW UEND0 ------------------------------------------------------------------------------------ U0816: 0150c50402f0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U61c5) 0558e4b1 SEQW GOTO U58e4 ------------------------------------------------------------------------------------ hlt_xlat: U0818: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 04a71100 ? SEQW GOTO generate_#GP U0819: 00090c030008 LFNCEMARK-> tmp0:= MOVE_DSZ32(0x0000000c) U081a: 000807033008 tmp3:= ZEROEXT_DSZ32(0x00000007) U081c: 000d43800000 SAVEUIP_REGOVR(0x01, U081d, 0x0043) U081d: 000c8da002c0 SAVEUIP(0x01, U688d) 051d8e72 SEQW GOTO U1d8e ------------------------------------------------------------------------------------ U081e: 025e00000c80 LFNCEMARK-> unk_25e(tmp2) 051d8e72 SEQW UEND0 ------------------------------------------------------------------------------------ U0820: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0821: 004800831008 tmp1:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U0822: 26b00083b042 tmm3:= unk_6b0(xmmsrc, xmmdst) U0824: 04ef0103c03b tmm4:= MOVHLPS(tmm3) U0825: 26ad00801efc xmm2:= unk_6ad(tmm4, tmm3) 052019b1 SEQW UEND0 ------------------------------------------------------------------------------------ U0826: 015011000270 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U2011) 052019b1 SEQW GOTO U2019 ------------------------------------------------------------------------------------ U0828: 052600838081 tmm0:= unk_526(xmmdst, xmmsrc) U0829: 05a600820e01 xmm0:= unk_5a6(xmmdst, tmm0) U082a: 05a30003b800 tmm3:= unk_5a3(xmm0) U082c: 076b0003003b mm0:= unk_76b(tmm3) U082d: 203d00000030 MOVEINSERTFLGS_DSZ32(tmp0) 01ac1db1 SEQW UEND0 ------------------------------------------------------------------------------------ U082e: 00081c03d008 tmp13:= ZEROEXT_DSZ32(0x0000001c) 01ac1db1 SEQW GOTO U2c1d ------------------------------------------------------------------------------------ U0830: 0dd600e3a144 tmp10:= unk_dd6(r64base, r64idx) U0831: 04ef0d039e81 tmm1:= MOVHLPS(xmmdst, tmm2) U0832: 04ef0803ce81 tmm4:= MOVHLPS(xmmdst, tmm2) U0834: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0835: 26b700001f39 xmm2:= unk_6b7(tmm1, tmm4) 0717ecb1 SEQW UEND0 ------------------------------------------------------------------------------------ U0836: 004200000e7a LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp10, tmp9) 0717ecb1 SEQW GOTO uend ------------------------------------------------------------------------------------ U0838: 0dd600e38144 tmp8:= unk_dd6(r64base, r64idx) U0839: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U083a: 05fa8803c078 tmm4:= SHUFPD(tmm0, xmmdst) U083c: 05fadd039078 tmm1:= SHUFPD(tmm0, xmmdst) U083d: 26f700001f39 xmm2:= unk_6f7(tmm1, tmm4) 01a711b1 SEQW UEND0 ------------------------------------------------------------------------------------ U083e: 0dff07000000 unk_dff(0x00000000) 01a711b1 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U0840: 000c59880280 SAVEUIP(0x01, U4259) U0841: 04b41183f200 tmm7:= FMOV(0x00000011) U0842: 24b405838240LFNCEMARK->WRTAGW-> tmm0:= FMOV(0x00002005) U0844: 04b435839200 LFNCEMARK-> tmm1:= FMOV(0x00000035) U0845: 068a0183fe39 tmp15:= FCOM2(tmp9, tmp8) 0444a68d SEQW URET1 ------------------------------------------------------------------------------------ U0846: 000877030010 tmp0:= ZEROEXT_DSZ32(0x0002001c) 0444a68d SEQW GOTO U44a6 ------------------------------------------------------------------------------------ U0848: 0c1000e30144 tmp0:= LDZX_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0849: 000400031c18 tmp1:= AND_DSZ32(0xffffffffffff0000, tmp0) U084a: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U084c: 070700038030 tmm0:= unk_707(mm0) U084d: 06910003e038 LFNCEMARK-> tmm6:= unk_691(tmm0) 04808e4e SEQW GOTO U008e ------------------------------------------------------------------------------------ U084e: 186b699c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, generate_#UD) 04808e4e SEQW URET1 ------------------------------------------------------------------------------------ U0850: 043200000e00 unk_432(tmm0) U0851: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U0852: 04b491838200 tmm0:= FMOV(0x00000091) U0854: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 03085231 ? SEQW GOTO U0852 U0855: 000000000000 NOP 03085231 SEQW UEND0 ------------------------------------------------------------------------------------ U0856: 014800800000 LFNCEWAIT-> URET(0x01) ------------------------------------------------------------------------------------ U0858: 00633a030200 tmp0:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U0859: 0007b0030430 tmp0:= NOTAND_DSZ32(tmp0, 0x00080001) U085a: 0151691c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#UD) U085c: 000835034008 tmp4:= ZEROEXT_DSZ32(0x00000035) U085d: 000841030008 tmp0:= ZEROEXT_DSZ32(0x00000041) 0322147e SEQW GOTO U2214 ------------------------------------------------------------------------------------ U085e: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 0322147e SEQW UEND3 ------------------------------------------------------------------------------------ U0860: 000c0ae7e248 tmp14:= SAVEUIP(0x01, U390a) U0861: 008cd62f2242 tmp2:= SAVEUIP(r64src, 0x00, U2bd6) U0862: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0864: 100a04000200 TESTUSTATE(SYS, UST_8086_MODE) 01a76909 ? SEQW GOTO generate_#UD U0865: 104804839008 tmp9:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) 01a76909 SEQW URET0 ------------------------------------------------------------------------------------ U0866: 000000000000 NOP U0868: 000c0283e288 tmp14:= SAVEUIP(0x01, U4002) U0869: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U086a: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U086c: 1c0000633032 tmp3:= LDZX_DSZN_ASZ32_SC1(tmp2, mode=0x18) U086d: 0c800be32032 tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, IMM_MACRO_ALIAS_DATASIZE, mode=0x18) 01abd972 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U086e: 1008000020b2 rax:= ZEROEXT_DSZ32N(tmp2, r64src) 01abd972 SEQW UEND0 ------------------------------------------------------------------------------------ U0870: 006302033200 tmp3:= READURAM(0x0002, 64) U0871: 0c4b20372000 tmp2:= RDSEGFLD(GS, BASE) U0872: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a711c0 ? SEQW GOTO generate_#GP U0874: 0c7b2d000033 WRSEGFLD(tmp3, GS, BASE) U0875: 204302000232 LFNCEMARK-> WRITEURAM(tmp2, 0x0002, 64) 04808e72 SEQW GOTO U008e ------------------------------------------------------------------------------------ U0876: 0c880063b038 STAD_DSZ16_ASZ32_SC1(tmp8, mode=0x18, tmp11) 04808e72 SEQW UEND0 ------------------------------------------------------------------------------------ U0878: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0879: 186b691c0330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000010, generate_#UD) U087a: 100100032002 tmp2:= OR_DSZN(r64src) U087c: 025c00000c80 unk_25c(tmp2) U087d: 0c7b2f800032 LFNCEMARK-> WRSEGFLD(tmp2) 04808e4a SEQW GOTO U008e ------------------------------------------------------------------------------------ U087e: 04b441808e00 mm0:= FMOV(tmm0) 04808e4a SEQW URET0 ------------------------------------------------------------------------------------ U0880: 00090d030008 tmp0:= MOVE_DSZ32(0x0000000d) U0881: 000c5a831240 tmp1:= SAVEUIP(0x01, U205a) U0882: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a711c0 ? SEQW GOTO generate_#GP U0884: 00627517f200 tmp15:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U0885: 0088f633e008 tmp14:= ZEROEXT_DSZ16(0x00000cf6) 050b9a72 SEQW GOTO U0b9a ------------------------------------------------------------------------------------ U0886: 125e20024233 LFNCEMARK-> rsp:= unk_25e(tmp3, 0x00000020) 050b9a72 SEQW UEND0 ------------------------------------------------------------------------------------ U0888: 000826036008 tmp6:= ZEROEXT_DSZ32(0x00000026) U0889: 000936030008 ROVR<- tmp0:= MOVE_DSZ32(0x00000036) 01a711dd SEQW SAVEUIP1 U088a U088a: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a711dd ? SEQW GOTO generate_#GP U088c: 000cc2e80200 SAVEUIP(0x01, U1ac2) U088d: 0088f633e008 tmp14:= ZEROEXT_DSZ16(0x00000cf6) 019d8e72 SEQW GOTO U1d8e ------------------------------------------------------------------------------------ U088e: 05f90000103f xmm2:= MOVUPD(tmm7) 019d8e72 SEQW UEND0 ------------------------------------------------------------------------------------ mov_cr0_r64_xlat: U0890: 10490003a082 tmp10:= MOVE_DSZ64(r64src, r64src) U0891: 0062c51f7200 tmp7:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0892: 000bff000200 UPDATEUSTATE(0xfc) 01ac2192 SEQW SAVEUIP0 U0894 SEQW GOTO U2c21 U0894: 000600032efa tmp2:= XOR_DSZ32(tmp10, tmp11) U0895: 0004d8074c90 tmp4:= AND_DSZ32(0x60000000, tmp2) U0896: 013008034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x00000008) 01c67480 SEQW GOTO U4674 ------------------------------------------------------------------------------------ U0898: 10490003a082 tmp10:= MOVE_DSZ64(r64src, r64src) U0899: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U089a: 100ac2000200 TESTUSTATE(SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 04f6e2d2 ? SEQW SAVEUIP0 U089c ? SEQW GOTO U76e2 U089c: 0062c51fb200 tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U089d: 000600038efa tmp8:= XOR_DSZ32(tmp10, tmp11) U089e: 0004c9038e10 tmp8:= AND_DSZ32(0x001000b0, tmp8) 019eec80 SEQW GOTO U1eec ------------------------------------------------------------------------------------ U08a0: 00a130031202 tmp1:= CONCAT_DSZ16(r64src, 0x00000030) U08a1: 10490003a082 tmp10:= MOVE_DSZ64(r64src, r64src) 01a5ee40 SEQW GOTO U25ee ------------------------------------------------------------------------------------ U08a2: 000800015000 tmpv1:= ZEROEXT_DSZ32(0x00000000) U08a4: 006314014200 tmpv0:= READURAM(0x0014, 64) U08a5: 004700014515 tmpv0:= NOTAND_DSZ64(tmpv1, tmpv0) U08a6: 006515015214 tmpv1:= SHR_DSZ64(tmpv0, 0x00000015) 019c9e80 SEQW GOTO U1c9e ------------------------------------------------------------------------------------ U08a8: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U08a9: 1c0000630026 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) U08aa: 1c0800230027 STAD_DSZN_ASZ32_SC1(rdi, mode=0x08, tmp0) U08ac: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) U08ad: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 0b2e2ab1 SEQW UEND0 ------------------------------------------------------------------------------------ U08ae: 017100035d71 SYNCWAIT-> tmp5:= SELECTCC_DSZ64_CONDNZ(tmp1, tmp5) 0b2e2ab1 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U08b0: 108100034021 tmp4:= OR_DSZN(rcx) U08b1: 01505e100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U045e) U08b2: 021e3b000200 SIGEVENT(0x0000003b) U08b4: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U08b5: 213e0003a000 tmp10:= MOVEMERGEFLGS_DSZ32(0x00000000) 01bcc872 SEQW GOTO U3cc8 ------------------------------------------------------------------------------------ U08b6: 05fa39001fff xmm2:= SHUFPD(tmm7, tmm7) 01bcc872 SEQW UEND0 ------------------------------------------------------------------------------------ U08b8: 108100034021 tmp4:= OR_DSZN(rcx) U08b9: 01505e100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U045e) U08ba: 021e3b000200 SIGEVENT(0x0000003b) U08bc: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U08bd: 213e0003a000 tmp10:= MOVEMERGEFLGS_DSZ32(0x00000000) 01a02072 SEQW GOTO U2020 ------------------------------------------------------------------------------------ U08be: 05ba01001fff xmm2:= unk_5ba(tmm7, tmm7) 01a02072 SEQW UEND0 ------------------------------------------------------------------------------------ rsm_xlat: U08c0: 006205079200 tmp9:= MOVEFROMCREG_DSZ64(0x105) U08c1: 186b699c0239 BTUJNB_DIRECT_NOTTAKEN(tmp9, 0x00000002, generate_#UD) U08c2: 00635c039200 LFNCEMARK-> tmp9:= READURAM(0x005c, 64) 0530b880 SEQW GOTO U30b8 ------------------------------------------------------------------------------------ U08c4: 0040840b5f88 tmp5:= ADD_DSZ64(0x00000284, tmp14) U08c5: 0005840b6f48 tmp6:= SUB_DSZ32(0x00000284, tmp13) U08c6: 000859038008 tmp8:= ZEROEXT_DSZ32(0x00000059) 01ded580 SEQW GOTO rc4_decrypt ------------------------------------------------------------------------------------ vmxoff_xlat: U08c8: 00081a030008 tmp0:= ZEROEXT_DSZ32(0x0000001a) U08c9: 000811034008 LFNCEMARK-> tmp4:= ZEROEXT_DSZ32(0x00000011) U08ca: 006357037200 tmp7:= READURAM(0x0057, 64) U08cc: 00081703d008 tmp13:= ZEROEXT_DSZ32(0x00000017) U08cd: 00631f035200 LFNCEWAIT-> tmp5:= READURAM(0x001f, 64) 02ae9a72 SEQW GOTO U2e9a ------------------------------------------------------------------------------------ U08ce: 14300000107f xmm2:= unk_430(tmm7, xmmdst) 02ae9a72 SEQW UEND0 ------------------------------------------------------------------------------------ encls_xlat: U08d0: 00093c030008 tmp0:= MOVE_DSZ32(0x0000003c) U08d1: 000cce480200 LFNCEMARK-> SAVEUIP(0x00, U12ce) U08d2: 000a00c00200 TESTUSTATE(UCODE, !0x1000) 04e48680 ? SEQW GOTO U6486 U08d4: 00070103f808 tmp15:= NOTAND_DSZ32(0x00000001, rax) U08d5: 1929691c027f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000004, generate_#UD) 01e48672 SEQW GOTO U6486 ------------------------------------------------------------------------------------ U08d6: 05fa52001fff xmm2:= SHUFPD(tmm7, tmm7) 01e48672 SEQW UEND0 ------------------------------------------------------------------------------------ U08d8: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U08d9: 000900000000 MOVE_DSZ32(0x00000000) 05251d51 SEQW SAVEUIP0 U08da SEQW GOTO U251d U08da: 0dff07000000 LFNCEMARK-> unk_dff(0x00000000) U08dc: 0a5f00830144 tmp0:= unk_a5f(r64base, r64idx) U08dd: 1d2b00001030 LFNCEWTMRK-> r64dst:= unk_d2b(tmp0) 06c50172 SEQW GOTO U4501 ------------------------------------------------------------------------------------ U08de: 1008000020bb rax:= ZEROEXT_DSZ32N(tmp11, r64src) 06c50172 SEQW UEND0 ------------------------------------------------------------------------------------ U08e0: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U08e1: 000900000000 MOVE_DSZ32(0x00000000) 05251d51 SEQW SAVEUIP0 U08e2 SEQW GOTO U251d U08e2: 0dff07000000 LFNCEMARK-> unk_dff(0x00000000) U08e4: 0a5f00830144 tmp0:= unk_a5f(r64base, r64idx) U08e5: 1d2f00001030 LFNCEWTMRK-> r64dst:= unk_d2f(tmp0) 06c5014a SEQW GOTO U4501 ------------------------------------------------------------------------------------ U08e6: 0e6d08035037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008, tmp5) 06c5014a SEQW URET0 ------------------------------------------------------------------------------------ U08e8: 0c4b20630000 tmp0:= RDSEGFLD(SS_KERNM, BASE) U08e9: 0c4ba0631000 tmp1:= RDSEGFLD(SS_KERNM, SEL+FLGS+LIM) U08ea: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U08ec: 0e6d00070035 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, mode=0x01, tmp0) U08ed: 0e6d08071035 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000008, mode=0x01, tmp1) 01ae2ab1 SEQW UEND0 ------------------------------------------------------------------------------------ U08ee: 00553b035235 tmp5:= BTS_DSZ64(tmp5, 0x0000003b) 01ae2ab1 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U08f0: 0a6f00838004 tmp8:= unk_a6f(r64base) U08f1: 000975032010 LFNCEMARK-> tmp2:= MOVE_DSZ32(0x00020003) U08f2: 002189032432 tmp2:= CONCAT_DSZ32(tmp2, 0x00038003) 04c55092 SEQW SAVEUIP0 U08f4 SEQW GOTO U4550 U08f4: 0cd300631178 tmp1:= LEA_DSZ8_ASZ32_SC1(DS, tmp8, r64idx, mode=0x18) U08f5: 1d0400600178 LFNCEMARK-> unk_d04(tmp8, r64idx) U08f6: 00621e173200 tmp3:= MOVEFROMCREG_DSZ64(0x51e) 04da9580 SEQW GOTO U5a95 ------------------------------------------------------------------------------------ U08f8: 004100034002 tmp4:= OR_DSZ64(r64src) U08f9: 000000038000 tmp8:= ADD_DSZ32(0x00000000) U08fa: 004810833008 tmp3:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION) U08fc: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U08fd: 292925750261 CMPUJNZ_DIRECT_NOTTAKEN(rcx, 0x00000005, U5d25) 0304ec72 SEQW GOTO U04ec ------------------------------------------------------------------------------------ U08fe: 100800020830 LFNCEWAIT-> rax:= ZEROEXT_DSZ32N(tmp0, rax) 0304ec72 SEQW UEND0 ------------------------------------------------------------------------------------ U0900: 1062850b1240 tmp1:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U0901: 186a699c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#UD) U0902: 00635c030200 tmp0:= READURAM(0x005c, 64) U0904: 00542e030230 tmp0:= BT_DSZ64(tmp0, 0x0000002e) U0905: 0053691c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp0, generate_#UD) 0b54f272 SEQW GOTO U54f2 ------------------------------------------------------------------------------------ U0906: 006520022235 SYNCWAIT-> rdx:= SHR_DSZ64(tmp5, 0x00000020) 0b54f272 SEQW UEND0 ------------------------------------------------------------------------------------ U0908: 000c91a7e248 tmp14:= SAVEUIP(0x01, U2991) U0909: 0f1400e30004 tmp0:= unk_f14(r64base) U090a: 00250c031230 tmp1:= SHR_DSZ32(tmp0, 0x0000000c) U090c: 0008fc3f3008 tmp3:= ZEROEXT_DSZ32(0x00000ffc) U090d: 000400034c33 tmp4:= AND_DSZ32(tmp3, tmp0) U090e: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 0183d480 SEQW GOTO U03d4 ------------------------------------------------------------------------------------ U0910: 000cd59be208 tmp14:= SAVEUIP(0x01, U06d5) U0911: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0912: 102a00030001 tmp0:= unk_02a(r64dst) U0914: 006e03031230 tmp1:= SAR_DSZ64(tmp0, 0x00000003) U0915: 0044fb831c48 tmp1:= AND_DSZ64(IMM_MACRO_fb, tmp1) U0916: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0918: 100100034002 tmp4:= OR_DSZN(r64src) U0919: 121f00030034 tmp0:= unk_21f(tmp4) U091a: 01df00030030 tmp0:= unk_1df(tmp0) U091c: 00e403031230 tmp1:= SHL_DSZ8(tmp0, 0x00000003) U091d: 102500032c74 tmp2:= SHR_DSZN(tmp4, tmp1) U091e: 01df00032032 tmp2:= unk_1df(tmp2) 01802980 SEQW GOTO U0029 ------------------------------------------------------------------------------------ U0920: 3c1a00e30144 tmp0:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0921: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0922: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0924: 23a000031c01 tmp1:= unk_3a0(r64dst, tmp0) U0925: 3c0800631032 STAD_DSZ32_ASZ32_SC1(tmp2, mode=0x18, tmp1) U0926: 00fc00001070 r64dst:= unk_0fc(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0928: 3c1a00e30144 tmp0:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0929: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U092a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U092c: 300000031070 tmp1:= ADD_DSZ32(tmp0, r64dst) U092d: 3c0800631032 STAD_DSZ32_ASZ32_SC1(tmp2, mode=0x18, tmp1) U092e: 100800001070 r64dst:= ZEROEXT_DSZ32N(tmp0, r64dst) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0930: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0931: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0932: 300500000831 SUB_DSZ32(tmp1, rax) U0934: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0935: 100800033831 tmp3:= ZEROEXT_DSZ32N(tmp1, rax) U0936: 217400034c41 tmp4:= CMOVCC_DSZ64_CONDZ(r64dst, tmp1) 01a16480 SEQW GOTO U2164 ------------------------------------------------------------------------------------ U0938: 3c1a00e31144 tmp1:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0939: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U093a: 20c500000831 SUB_DSZ8(tmp1, rax) U093c: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U093d: 00bc00038001 tmp8:= unk_0bc(r64dst) U093e: 21f400034c78 tmp4:= CMOVCC_DSZ8_CONDZ(tmp8, tmp1) 01a16880 SEQW GOTO U2168 ------------------------------------------------------------------------------------ U0940: 3c1a00e34144 tmp4:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0941: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0942: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0944: 000800036034 tmp6:= ZEROEXT_DSZ32(tmp4) U0945: 002100030822 tmp0:= CONCAT_DSZ32(rdx, rax) U0946: 0021000318e1 tmp1:= CONCAT_DSZ32(rcx, rbx) 0199b980 SEQW GOTO U19b9 ------------------------------------------------------------------------------------ U0948: 3d4600e38144 tmp8:= unk_d46(r64base, r64idx) U0949: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U094a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U094c: 076c00030038 tmp0:= PINTMOVDTMM2I_DSZ64(tmm0) U094d: 004500034830 tmp4:= SUB_DSZ64(tmp0, rax) U094e: 04ef0b039e00 tmm1:= MOVHLPS(tmm0) 01dd9580 SEQW GOTO U5d95 ------------------------------------------------------------------------------------ U0950: 102d01033202 tmp3:= ROR_DSZN(r64src, 0x00000001) U0951: 000c0aa00200 SAVEUIP(0x01, U080a) U0952: 132e01033233 tmp3:= RCL_DSZ32(tmp3, 0x00000001) U0954: 017e00032cc0 tmp2:= MOVEMERGEFLGS_DSZ64(tmp3) U0955: 102d01033233 tmp3:= ROR_DSZN(tmp3, 0x00000001) U0956: 000821034008 tmp4:= ZEROEXT_DSZ32(0x00000021) 0187e680 SEQW GOTO U07e6 ------------------------------------------------------------------------------------ U0958: 00ad09033202 tmp3:= ROR_DSZ16(r64src, 0x00000009) U0959: 03ae01033233 tmp3:= RCL_DSZ16(tmp3, 0x00000001) U095a: 017e00032cc0 tmp2:= MOVEMERGEFLGS_DSZ64(tmp3) U095c: 00ed01033233 tmp3:= ROR_DSZ8(tmp3, 0x00000001) U095d: 00fc000020b3 rax:= unk_0fc(tmp3, r64src) U095e: 004c0ca00200 SAVEUIP(0x01, U080c) 01895680 SEQW GOTO U0956 ------------------------------------------------------------------------------------ U0960: 004100033002 tmp3:= OR_DSZ64(r64src) U0961: 004c0aa00200 SAVEUIP(0x01, U080a) U0962: 112200830008 tmp0:= RCXBTCNTMSK_DSZ32(IMM_MACRO_ALIAS_IMMEDIATE) U0964: 102d01032233 tmp2:= ROR_DSZN(tmp3, 0x00000001) U0965: 132e01032232 tmp2:= RCL_DSZ32(tmp2, 0x00000001) U0966: 102d01032232 tmp2:= ROR_DSZN(tmp2, 0x00000001) 01897580 SEQW GOTO U0975 ------------------------------------------------------------------------------------ U0968: 01e200830008 tmp0:= RCXBTCNTMSK_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0969: 016b01032202 tmp2:= unk_16b(r64src, 0x00000001) U096a: 036a01032232 tmp2:= unk_36a(tmp2, 0x00000001) U096c: 016b01032232 tmp2:= unk_16b(tmp2, 0x00000001) U096d: 00c508031230 tmp1:= SUB_DSZ8(tmp0, 0x00000008) U096e: 016900032c72 tmp2:= unk_169(tmp2, tmp1) 01a78980 SEQW GOTO U2789 ------------------------------------------------------------------------------------ U0970: 004100033002 tmp3:= OR_DSZ64(r64src) U0971: 004c0aa00200 SAVEUIP(0x01, U080a) U0972: 112200830008 tmp0:= RCXBTCNTMSK_DSZ32(IMM_MACRO_ALIAS_IMMEDIATE) U0974: 132e01032233 tmp2:= RCL_DSZ32(tmp3, 0x00000001) U0975: 004100034c00 tmp4:= OR_DSZ64(0x00000000, tmp0) U0976: 102f00033c33 tmp3:= unk_02f(tmp3, tmp0) 01803180 SEQW GOTO U0031 ------------------------------------------------------------------------------------ U0978: 0c9a00e33144 tmp3:= LDTICKLE_DSZ16_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0979: 00c800830008 tmp0:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U097a: 000c74940200 SAVEUIP(0x01, U0574) U097c: 00a100033cc1 tmp3:= CONCAT_DSZ16(r64dst, tmp3) U097d: 002c00033c33 tmp3:= ROL_DSZ32(tmp3, tmp0) U097e: 001410033233 tmp3:= BT_DSZ32(tmp3, 0x00000010) 01898580 SEQW GOTO U0985 ------------------------------------------------------------------------------------ U0980: 00c800830008 tmp0:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0981: 008c0aa33202 tmp3:= SAVEUIP(r64src, 0x01, U080a) U0982: 00a100033cc1 tmp3:= CONCAT_DSZ16(r64dst, tmp3) U0984: 002d00033c33 tmp3:= ROR_DSZ32(tmp3, tmp0) U0985: 00041f034c08 tmp4:= AND_DSZ32(0x0000001f, tmp0) U0986: 01303f034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x0000003f) 01880680 SEQW GOTO U0806 ------------------------------------------------------------------------------------ U0988: 0c1a00e33144 tmp3:= LDTICKLE_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0989: 004800830008 tmp0:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U098a: 002100032cc1 tmp2:= CONCAT_DSZ32(r64dst, tmp3) U098c: 012f00033c32 tmp3:= unk_12f(tmp2, tmp0) U098d: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U098e: 189f00838144 tmp8:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) 01a16c80 SEQW GOTO U216c ------------------------------------------------------------------------------------ U0990: 004c0aa00200 SAVEUIP(0x01, U080a) U0991: 004100033002 tmp3:= OR_DSZ64(r64src) U0992: 00c800830008 tmp0:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0994: 00043f034c08 tmp4:= AND_DSZ32(0x0000003f, tmp0) U0995: 006f00033c33 tmp3:= unk_06f(tmp3, tmp0) U0996: 00c540032230 tmp2:= SUB_DSZ8(tmp0, 0x00000040) 01814280 SEQW GOTO U0142 ------------------------------------------------------------------------------------ U0998: 020801033008 tmp3:= unk_208(0x00000001) U0999: 0207af034010 LFNCEMARK-> tmp4:= unk_207(0x00080000) U099a: 100000034cf4 tmp4:= ADD_DSZN(tmp4, tmp3) U099c: 0151111c0274 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, generate_#GP) U099d: 0062fe1f0200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U099e: 238000030c00 tmp0:= READAFLAGS(tmp0) 02d85d80 SEQW GOTO U585d ------------------------------------------------------------------------------------ U09a0: 0207f5032008 tmp2:= unk_207(0x000000f5) U09a1: 0008ff7f301f tmp3:= ZEROEXT_DSZ32(0xffffffffffffffff) U09a2: 0208f5032c88 tmp2:= unk_208(0x000000f5, tmp2) U09a4: 020dff773cdf tmp3:= unk_20d(0xfffffffffffffdff, tmp3) U09a5: 021e00000c80 SIGEVENT(tmp2) U09a6: 0201ff373cde tmp3:= unk_201(0xffffffffffffcdff, tmp3) 01b15c80 SEQW GOTO U315c ------------------------------------------------------------------------------------ U09a8: 0208f5032008 tmp2:= unk_208(0x000000f5) U09a9: 021eff7f3c9f LFNCEMARK-> tmp3:= SIGEVENT(0xffffffffffffffff, tmp2) U09aa: 020dff773cdf tmp3:= unk_20d(0xfffffffffffffdff, tmp3) U09ac: 0201ff373cde tmp3:= unk_201(0xffffffffffffcdff, tmp3) U09ad: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U09ae: 1c30006b0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x1a) 01e5d680 SEQW GOTO U65d6 ------------------------------------------------------------------------------------ U09b0: 000f08032008 tmp2:= unk_00f(0x00000008) U09b1: 020c01031200 tmp1:= unk_20c(0x00000001) U09b2: 020d00033c40 tmp3:= unk_20d(tmp1) U09b4: 1928115c0233 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000001, generate_#GP) U09b5: 0150911c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U2791) U09b6: 000110032c88 tmp2:= OR_DSZ32(0x00000010, tmp2) 01881e80 SEQW GOTO U081e ------------------------------------------------------------------------------------ U09b8: 0062fe1f2200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U09b9: 000f9a032c90 tmp2:= unk_00f(0x00040000, tmp2) U09ba: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 022769c0 ? SEQW GOTO generate_#UD U09bc: 006335033200 tmp3:= READURAM(0x0035, 64) U09bd: 186b695c06b3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000029, generate_#UD) U09be: 2a62fe1c0332 LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp2, 0x00000010, CORE_CR_EFLAGS) 05008e80 SEQW GOTO U008e ------------------------------------------------------------------------------------ U09c0: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) U09c1: 100802832008 tmp2:= ZEROEXT_DSZ32N(IMM_MACRO_02) U09c2: 108501031848 tmp1:= SUB_DSZN(0x00000001, rcx) U09c4: 013000030c31 tmp0:= SELECTCC_DSZ32_CONDZ(tmp1, tmp0) U09c5: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U09c6: 017100034cb0 tmp4:= SELECTCC_DSZ64_CONDNZ(tmp0, tmp2) 01871d80 SEQW GOTO U071d ------------------------------------------------------------------------------------ U09c8: 00c40f032220 tmp2:= AND_DSZ8(rax, 0x0000000f) U09c9: 23c000031000 tmp1:= LAHF(0x00000000) U09ca: 00c50a034c88 tmp4:= SUB_DSZ8(0x0000000a, tmp2) U09cc: 00fb00035034 tmp5:= SETCC_CONDNB(tmp4) U09cd: 008400431c48 tmp1:= AND_DSZ16(0x00001000, tmp1) U09ce: 008100033c75 tmp3:= OR_DSZ16(tmp5, tmp1) 01803980 SEQW GOTO U0039 ------------------------------------------------------------------------------------ U09d0: 003d06031200 tmp1:= MOVEINSERTFLGS_DSZ32(0x00000006) U09d1: 238000030000 tmp0:= READAFLAGS(0x00000000) U09d2: 00c066032808 tmp2:= ADD_DSZ8(0x00000066, rax) U09d4: 038000033032 tmp3:= READAFLAGS(tmp2) U09d5: 008100033cf0 tmp3:= OR_DSZ16(tmp0, tmp3) U09d6: 008410034cc8 tmp4:= AND_DSZ16(0x00000010, tmp3) 01e03980 SEQW GOTO U6039 ------------------------------------------------------------------------------------ U09d8: 1c30006b0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x1a) U09d9: 125e0703a224 tmp10:= unk_25e(rsp, 0x00000007) U09da: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U09dc: 10c00b824908 rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U09dd: 189f00831144 tmp1:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U09de: 1c0800630031 STAD_DSZN_ASZ32_SC1(tmp1, mode=0x18, tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U09e0: 1c38fbaa0024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, rax) U09e1: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U09e2: 1c38f3aa1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, rcx) U09e4: 1c38ebaa2024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_eb, mode=0x0a, rdx) U09e5: 1c38e3aa3024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_e3, mode=0x0a, rbx) U09e6: 1c38dbaa4024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_db, mode=0x0a, rsp) 01816a80 SEQW GOTO U016a ------------------------------------------------------------------------------------ U09e8: 1c30002b0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) U09e9: 1008000279f0 rdi:= ZEROEXT_DSZ32N(tmp0, rdi) U09ea: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U09ec: 1c300bab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U09ed: 1008000269b0 rsi:= ZEROEXT_DSZ32N(tmp0, rsi) U09ee: 1c3013ab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_13, mode=0x0a) 01da3580 SEQW GOTO U5a35 ------------------------------------------------------------------------------------ U09f0: 08bf00831000 tmp1:= unk_8bf(SS, IMM_MACRO_ALIAS_DISPLACEMENT) U09f1: 008100031031 tmp1:= OR_DSZ16(tmp1) U09f2: 10c500031031 tmp1:= SUB_DSZN(tmp1) U09f4: 000800830008 tmp0:= ZEROEXT_DSZ32(IMM_MACRO_ALIAS_IMMEDIATE) U09f5: 00041f030c08 tmp0:= AND_DSZ32(0x0000001f, tmp0) U09f6: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 01e7d580 SEQW GOTO U67d5 ------------------------------------------------------------------------------------ U09f8: 000900000000 MOVE_DSZ32(0x00000000) U09f9: 000c8cec0200 SAVEUIP(0x01, U1b8c) U09fa: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a769c0 ? SEQW GOTO generate_#UD U09fc: 00635c030200 tmp0:= READURAM(0x005c, 64) U09fd: 186a691c03b0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000018, generate_#UD) U09fe: 006341031200 tmp1:= READURAM(0x0041, 64) 01884e80 SEQW GOTO U084e ------------------------------------------------------------------------------------ U0a00: 0d7600e39144 tmp9:= unk_d76(r64base, r64idx) U0a01: 059bd8039039 tmm1:= PSHUFD(tmm1) U0a02: 059bd8038011 tmm0:= PSHUFD(mm2) U0a04: 051b0803ae78 tmm2:= unk_51b(tmm0, tmm1) U0a05: 051b0d03be78 tmm3:= unk_51b(tmm0, tmm1) U0a06: 044f00011ebb mm2:= unk_44f(tmm3, tmm2) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0a08: 05abdd038002 tmm0:= unk_5ab(xmmsrc) U0a09: 05ab8803c002 tmm4:= unk_5ab(xmmsrc) U0a0a: 05ab88039001 tmm1:= unk_5ab(xmmdst) U0a0c: 05fa8803ae7c tmm2:= SHUFPD(tmm4, tmm1) U0a0d: 05abdd039001 tmm1:= unk_5ab(xmmdst) U0a0e: 05fa8803be78 tmm3:= SHUFPD(tmm0, tmm1) 01875e80 SEQW GOTO U075e ------------------------------------------------------------------------------------ U0a10: 0dd600e39144 tmp9:= unk_dd6(r64base, r64idx) U0a11: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a12: 004800831008 tmp1:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U0a14: 26b00083b079 tmm3:= unk_6b0(tmm1, xmmdst) U0a15: 04ef0103c03b tmm4:= MOVHLPS(tmm3) U0a16: 26ad00801efc xmm2:= unk_6ad(tmm4, tmm3) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0a18: 0dd600e39144 tmp9:= unk_dd6(r64base, r64idx) U0a19: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a1a: 004800831008 tmp1:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U0a1c: 26f00083b079 tmm3:= unk_6f0(tmm1, xmmdst) U0a1d: 052b0803903b tmp9:= unk_52b(tmp11) U0a1e: 057a00039039 tmm1:= unk_57a(tmm1) 01818a80 SEQW GOTO U018a ------------------------------------------------------------------------------------ U0a20: 052600838081 tmm0:= unk_526(xmmdst, xmmsrc) U0a21: 056600839e01 tmm1:= unk_566(xmmdst, tmm0) U0a22: 172f00021039 xmm1:= unk_72f(tmm1) U0a24: 05a30003be40 tmm3:= unk_5a3(tmm1) U0a25: 076b0003003b mm0:= unk_76b(tmm3) U0a26: 203d00000030 MOVEINSERTFLGS_DSZ32(tmp0) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0a28: 0dd600e39144 tmp9:= unk_dd6(r64base, r64idx) U0a29: 05fa3903be79 tmm3:= SHUFPD(tmm1, tmm1) U0a2a: 26f70003b03b tmm3:= unk_6f7(tmm3) U0a2c: 26f70003a039 tmm2:= unk_6f7(tmm1) U0a2d: 05fa9303befb tmm3:= SHUFPD(tmm3, tmm3) U0a2e: 04c300001ebb xmm2:= ORPD(tmm3, tmm2) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0a30: 004501031008 tmp1:= SUB_DSZ64(0x00000001) U0a31: 000c9207d208 LFNCEMARK-> tmp13:= SAVEUIP(0x00, U0192) U0a32: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a34: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a35: 1c1200e00144 unk_c12(r64base, r64idx) U0a36: 188f3b83003b tmp0:= unk_88f(tmp11) 01ec2980 SEQW GOTO U6c29 ------------------------------------------------------------------------------------ U0a38: 004501031008 tmp1:= SUB_DSZ64(0x00000001) U0a39: 000ca52fd248 LFNCEMARK-> tmp13:= SAVEUIP(0x00, U2ba5) U0a3a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a3c: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a3d: 188f3b83203b tmp2:= unk_88f(tmp11) U0a3e: 1c000063003b tmp0:= LDZX_DSZN_ASZ32_SC1(tmp11, mode=0x18) 01ea1680 SEQW GOTO U6a16 ------------------------------------------------------------------------------------ U0a40: 000c1e8be248 tmp14:= SAVEUIP(0x01, U221e) U0a41: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a42: 189f00830144 tmp0:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a44: 1c2400600030 unk_c24(tmp0) U0a45: 360f05839200 WRTAGW-> tmm1:= unk_60f(IMM_MACRO_ALIAS_STi) U0a46: 1c3c00639030 tmp9:= unk_c3c(tmp0) 019cbea1 SEQW GOTO uret1 ------------------------------------------------------------------------------------ U0a48: 000c9a840200 SAVEUIP(0x01, U019a) U0a49: 014310a00200 LFNCEMARK-> AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a4a: 0c1300e31144 tmp1:= LEA_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0a4c: 00c40f030c48 tmp0:= AND_DSZ8(0x0000000f, tmp1) U0a4d: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a4e: 0151111c0270 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) 050000ce SEQW URET1 ------------------------------------------------------------------------------------ U0a50: 000000000000 NOP U0a51: 06a80583d008 WRTAGW-> tmm5:= unk_6a8(IMM_MACRO_ALIAS_STi) U0a52: 26a00003f000 LFNCEMARK-> tmp15:= unk_6a0(0x00000000) U0a54: 07ea00030008 mm0:= unk_7ea(0x00000000) U0a55: 06240003b208 tmm3:= unk_624(0x00000000) U0a56: 072c0003203b tmp2:= PINTMOVDTMM2I_DSZ32(tmm3) 019b6c80 SEQW GOTO U1b6c ------------------------------------------------------------------------------------ U0a58: 00000003f000 tmp15:= ADD_DSZ32(0x00000000) U0a59: 24b50003f000 LFNCEMARK-> tmm7:= unk_4b5(0x00000000) U0a5a: 04b40583e200 WRTAGW-> tmm6:= FMOV(0x00000005) U0a5c: 04b40d809240 mm7:= FMOV(0x0000200d) U0a5d: 06a80003f008 tmm7:= unk_6a8(0x00000000) U0a5e: 072a00030008 mm0:= unk_72a(0x00000000) 01be4180 SEQW GOTO U3e41 ------------------------------------------------------------------------------------ U0a60: 072a00030008 mm0:= unk_72a(0x00000000) U0a61: 002403038230 tmp8:= SHL_DSZ32(tmp0, 0x00000003) U0a62: 24b50003a000 LFNCEMARK-> tmm2:= unk_4b5(0x00000000) U0a64: 04b40583f200 WRTAGW-> tmm7:= FMOV(0x00000005) U0a65: 06a80003a008 tmm2:= unk_6a8(0x00000000) U0a66: 049600038208 tmm0:= unk_496(0x00000000) 01bc99a0 SEQW GOTO U3c99 ------------------------------------------------------------------------------------ sldt_r16_xlat: U0a68: 0c4b801f2000 tmp2:= RDSEGFLD(LDT, SEL) U0a69: 000c6ea00200 SAVEUIP(0x01, U086e) U0a6a: 000c440402c0 SAVEUIP(0x00, U6144) U0a6c: 100ac4800200 TESTUSTATE(SYS, !UST_8086_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 01a7694c ? SEQW URET1 U0a6d: 100a04000200 TESTUSTATE(SYS, UST_8086_MODE) 01a7694c ? SEQW GOTO generate_#UD U0a6e: 01482f130008 tmp0:= URET(0x0000042f, 0x00) ------------------------------------------------------------------------------------ U0a70: 1c1000e30144 tmp0:= LDZX_DSZN_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0a71: 189f00831144 tmp1:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a72: 100500030070 tmp0:= SUB_DSZN(tmp0, r64dst) U0a74: 0350567402b0 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp0, U5d56) U0a75: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a76: 1c000be30031 tmp0:= LDZX_DSZN_ASZ32_SC1(tmp1, IMM_MACRO_ALIAS_DATASIZE, mode=0x18) 01c49980 SEQW GOTO U4499 ------------------------------------------------------------------------------------ U0a78: 000803032008 tmp2:= ZEROEXT_DSZ32(0x00000003) U0a79: 104804834008 tmp4:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) U0a7a: 000806033008 tmp3:= ZEROEXT_DSZ32(0x00000006) U0a7c: 00629e1f8200 tmp8:= MOVEFROMCREG_DSZ64(0x79e) U0a7d: 000900036008 LFNCEMARK-> tmp6:= MOVE_DSZ32(0x00000000) U0a7e: 02030103a200 tmp10:= unk_203(0x00000001) 04a41580 SEQW GOTO U2415 ------------------------------------------------------------------------------------ U0a80: 00090e030008 tmp0:= MOVE_DSZ32(0x0000000e) U0a81: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U0a82: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 04a711c0 ? SEQW GOTO generate_#GP U0a84: 189f00836144 tmp6:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a85: 108800036036 tmp6:= ZEROEXT_DSZ16N(tmp6) U0a86: 0c4bc0638000 tmp8:= RDSEGFLD(SS_KERNM, UNK_FLD_0c) 01a7a180 SEQW GOTO U27a1 ------------------------------------------------------------------------------------ U0a88: 189f00834144 tmp4:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0a89: 0c4bc0635000 tmp5:= RDSEGFLD(SS_KERNM, UNK_FLD_0c) U0a8a: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a711c0 ? SEQW GOTO generate_#GP U0a8c: 108802034234 tmp4:= ZEROEXT_DSZ16N(tmp4, 0x00000002) U0a8d: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a8e: 104000035d74 tmp5:= ADD_DSZN(tmp4, tmp5) 01a5e980 SEQW GOTO U25e9 ------------------------------------------------------------------------------------ U0a90: 000920031008 tmp1:= MOVE_DSZ32(0x00000020) U0a91: 0062f61fb200 LFNCEMARK-> tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U0a92: 000b01800200 UPDATEUSTATE(!0x04) 04c49d92 SEQW SAVEUIP0 U0a94 SEQW GOTO U449d U0a94: 2042f61c023a MOVETOCREG_DSZ64(tmp10, CORE_CR_CR0) 0197ea0e SEQW GOTO U17ea ------------------------------------------------------------------------------------ U0a95: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U0a96: 2d0f1447f00a PORTOUT_DSZ32_ASZ16_SC1(0x00005114, tmp15) 0197ea0e SEQW URET1 ------------------------------------------------------------------------------------ U0a98: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0a99: 1c0000231027 tmp1:= LDZX_DSZN_ASZ32_SC1(rdi, mode=0x08) U0a9a: 1c0000630026 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) U0a9c: 300500000c31 SUB_DSZ32(tmp1, tmp0) U0a9d: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) U0a9e: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U0aa0: 10a50103f221 tmp15:= SHR_DSZN(rcx, 0x00000001) U0aa1: 000803632009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00003803) U0aa2: 10840103e848 tmp14:= AND_DSZN(0x00000001, rcx) U0aa4: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0aa5: 013e586b0fc8 tmp0:= MOVEMERGEFLGS_DSZ32(0x00001a58, tmp15) U0aa6: 10a403039221 tmp9:= SHL_DSZN(rcx, 0x00000003) 01c6c480 SEQW GOTO U46c4 ------------------------------------------------------------------------------------ U0aa8: 10a50203f221 tmp15:= SHR_DSZN(rcx, 0x00000002) U0aa9: 000802432009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00003002) U0aaa: 10840303e848 tmp14:= AND_DSZN(0x00000003, rcx) U0aac: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0aad: 013e586b0fc8 tmp0:= MOVEMERGEFLGS_DSZ32(0x00001a58, tmp15) U0aae: 10a402039221 tmp9:= SHL_DSZN(rcx, 0x00000002) 01c6c480 SEQW GOTO U46c4 ------------------------------------------------------------------------------------ U0ab0: 10a50303f221 tmp15:= SHR_DSZN(rcx, 0x00000003) U0ab1: 000801232009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00002801) U0ab2: 10840703e848 tmp14:= AND_DSZN(0x00000007, rcx) U0ab4: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0ab5: 013e586b0fc8 tmp0:= MOVEMERGEFLGS_DSZ32(0x00001a58, tmp15) U0ab6: 10a401039221 tmp9:= SHL_DSZN(rcx, 0x00000001) 01c6c480 SEQW GOTO U46c4 ------------------------------------------------------------------------------------ U0ab8: 10a50403f221 tmp15:= SHR_DSZN(rcx, 0x00000004) U0ab9: 000800032009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00002000) U0aba: 10840f03e848 tmp14:= AND_DSZN(0x0000000f, rcx) U0abc: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0abd: 013e586b0fc8 tmp0:= MOVEMERGEFLGS_DSZ32(0x00001a58, tmp15) U0abe: 10a400039221 tmp9:= SHL_DSZN(rcx, 0x00000000) 01c6c480 SEQW GOTO U46c4 ------------------------------------------------------------------------------------ U0ac0: 10a50103f221 tmp15:= SHR_DSZN(rcx, 0x00000001) U0ac1: 000803632009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00003803) U0ac2: 10840103e848 tmp14:= AND_DSZN(0x00000001, rcx) U0ac4: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0ac5: 013e256b0fc9 tmp0:= MOVEMERGEFLGS_DSZ32(0x00003a25, tmp15) U0ac6: 10a403039221 tmp9:= SHL_DSZN(rcx, 0x00000003) 01c7d080 SEQW GOTO U47d0 ------------------------------------------------------------------------------------ U0ac8: 10a50203f221 tmp15:= SHR_DSZN(rcx, 0x00000002) U0ac9: 000802432009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00003002) U0aca: 10840303e848 tmp14:= AND_DSZN(0x00000003, rcx) U0acc: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0acd: 013e256b0fc9 tmp0:= MOVEMERGEFLGS_DSZ32(0x00003a25, tmp15) U0ace: 10a402039221 tmp9:= SHL_DSZN(rcx, 0x00000002) 01c7d080 SEQW GOTO U47d0 ------------------------------------------------------------------------------------ U0ad0: 10a50303f221 tmp15:= SHR_DSZN(rcx, 0x00000003) U0ad1: 000801232009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00002801) U0ad2: 10840703e848 tmp14:= AND_DSZN(0x00000007, rcx) U0ad4: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0ad5: 013e256b0fc9 tmp0:= MOVEMERGEFLGS_DSZ32(0x00003a25, tmp15) U0ad6: 10a401039221 tmp9:= SHL_DSZN(rcx, 0x00000001) 01c7d080 SEQW GOTO U47d0 ------------------------------------------------------------------------------------ U0ad8: 10a50403f221 tmp15:= SHR_DSZN(rcx, 0x00000004) U0ad9: 000800032009 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00002000) U0ada: 10840f03e848 tmp14:= AND_DSZN(0x0000000f, rcx) U0adc: 00856203143f tmp1:= SUB_DSZ16(tmp15, 0x00018000) U0add: 013e256b0fc9 tmp0:= MOVEMERGEFLGS_DSZ32(0x00003a25, tmp15) U0ade: 10a400039221 tmp9:= SHL_DSZN(rcx, 0x00000000) 01c7d080 SEQW GOTO U47d0 ------------------------------------------------------------------------------------ rdmsr_xlat: U0ae0: 107d31038848 tmp8:= MOVEINSERTFLGS_DSZ64(0x00000031, rcx) U0ae1: 000800031000 LFNCEMARK-> tmp1:= ZEROEXT_DSZ32(0x00000000) U0ae2: 100ac2035231 tmp5:= TESTUSTATE(tmp1, SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 04e77dd2 ? SEQW SAVEUIP0 U0ae4 ? SEQW GOTO U677d U0ae4: 00076503ae10 tmp10:= NOTAND_DSZ32(0x0001c000, tmp8) U0ae5: 02280003ae80 tmp10:= MSR2CR(tmp10) U0ae6: 000c86180200 SAVEUIP(0x00, U0686) 01bce180 SEQW GOTO U3ce1 ------------------------------------------------------------------------------------ vmxon_xlat: U0ae8: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0ae9: 189f00832144 LFNCEMARK-> tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0aea: 0062c51f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0aec: 186b695c02f1 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, generate_#UD) U0aed: 0062f61f3200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U0aee: 0007f3073433 tmp3:= NOTAND_DSZ32(tmp3, 0x80000021) 0418de80 SEQW GOTO U18de ------------------------------------------------------------------------------------ vmptrld_xlat: U0af0: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0af1: 014310a36208 LFNCEMARK-> tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0af2: 100ac3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 04a86980 ? SEQW GOTO U2869 U0af4: 000c69200240 SAVEUIP(0x00, U2869) U0af5: 000800034008 tmp4:= ZEROEXT_DSZ32(0x00000000) U0af6: 000815130008 tmp0:= ZEROEXT_DSZ32(0x00000415) 01e66280 SEQW GOTO U6662 ------------------------------------------------------------------------------------ vmclear_xlat: U0af8: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0af9: 014310a36208 LFNCEMARK-> tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0afa: 100ac3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 04ddb980 ? SEQW GOTO U5db9 U0afc: 000cb9740280 SAVEUIP(0x00, U5db9) U0afd: 000802034008 tmp4:= ZEROEXT_DSZ32(0x00000002) U0afe: 000813130008 tmp0:= ZEROEXT_DSZ32(0x00000413) 01e66280 SEQW GOTO U6662 ------------------------------------------------------------------------------------ U0b00: 006343033200 tmp3:= READURAM(0x0043, 64) U0b01: 006354031200 LFNCEMARK-> tmp1:= READURAM(0x0054, 64) U0b02: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 04a769c0 ? SEQW GOTO generate_#UD U0b04: 186b695c06f3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000002d, generate_#UD) U0b05: 00631003e200 tmp14:= READURAM(0x0010, 64) U0b06: 000100032020 tmp2:= OR_DSZ32(rax) 01c82080 SEQW GOTO U4820 ------------------------------------------------------------------------------------ vmcall_xlat: U0b08: 000912032008 tmp2:= MOVE_DSZ32(0x00000012) U0b09: 000832030032ROVR<-LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(tmp2) 049d015d SEQW SAVEUIP1 U0b0a SEQW GOTO U1d01 U0b0a: 000c39240240 SAVEUIP(0x00, U2939) U0b0c: 00080103d008 tmp13:= ZEROEXT_DSZ32(0x00000001) U0b0d: 100a23040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_USER_MODE | UST_SMM | UST_VMX_OP_DIS) 0180724a ? SEQW GOTO U0072 U0b0e: 006356039200 tmp9:= READURAM(0x0056, 64) 0180724a SEQW URET0 ------------------------------------------------------------------------------------ enclu_xlat: U0b10: 100a00800240 TESTUSTATE(SYS, !0x2000) 01f5c600 ? SEQW GOTO enclu_impl U0b11: 1062df0be240 tmp14:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U0b12: 00542e03e23e tmp14:= BT_DSZ64(tmp14, 0x0000002e) U0b14: 00070103f808 tmp15:= NOTAND_DSZ32(0x00000001, rax) U0b15: 00330003fffe tmp15:= SELECTCC_DSZ32_CONDNB(tmp14, tmp15) U0b16: 0928f991023f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000002, probe_mode_force_sgx_eenter_eresume) 01f5c680 SEQW GOTO enclu_impl ------------------------------------------------------------------------------------ U0b18: 2d0bd843100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U0b19: 00080d030008 tmp0:= ZEROEXT_DSZ32(0x0000000d) U0b1a: 000802037008 tmp7:= ZEROEXT_DSZ32(0x00000002) U0b1c: 386b650c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U3365) U0b1d: 20631f03f200 tmp15:= READURAM(0x001f, 64) U0b1e: 00560a03f23f tmp15:= BTR_DSZ64(tmp15, 0x0000000a) 018e0d80 SEQW GOTO U0e0d ------------------------------------------------------------------------------------ U0b20: 00c800832008 tmp2:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0b21: 000703030c88 LFNCEWTMRK-> tmp0:= NOTAND_DSZ32(0x00000003, tmp2) U0b22: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U0b24: 0062fe1f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U0b25: 006311036200 tmp6:= READURAM(0x0011, 64) U0b26: 0e6570076d8a tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, 0x00000270, mode=0x01) 01814980 SEQW GOTO U0149 ------------------------------------------------------------------------------------ U0b28: 004100034002 tmp4:= OR_DSZ64(r64src) U0b29: 000000038000 tmp8:= ADD_DSZ32(0x00000000) U0b2a: 00471f030048 tmp0:= NOTAND_DSZ64(0x0000001f, r64dst) U0b2c: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U0b2d: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0b2e: 021e47000200 SIGEVENT(0x00000047) 01b8ed80 SEQW GOTO U38ed ------------------------------------------------------------------------------------ U0b30: 004100034002 tmp4:= OR_DSZ64(r64src) U0b31: 000000038000 tmp8:= ADD_DSZ32(0x00000000) U0b32: 186ba0090301 BTUJNB_DIRECT_NOTTAKEN(r64dst, 0x00000010, U62a0) U0b34: 00641d030201 LFNCEMARK-> tmp0:= SHL_DSZ64(r64dst, 0x0000001d) U0b35: 00621c171200 tmp1:= MOVEFROMCREG_DSZ64(0x51c) U0b36: 00653f033231 tmp3:= SHR_DSZ64(tmp1, 0x0000003f) 04629580 SEQW GOTO U6295 ------------------------------------------------------------------------------------ U0b38: 004100034002 tmp4:= OR_DSZ64(r64src) U0b39: 000000038000 tmp8:= ADD_DSZ32(0x00000000) U0b3a: 000900000000 MOVE_DSZ32(0x00000000) U0b3c: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U0b3d: 00563f030201 tmp0:= BTR_DSZ64(r64dst, 0x0000003f) U0b3e: 004505031c08 tmp1:= SUB_DSZ64(0x00000005, tmp0) 018d9c80 SEQW GOTO U0d9c ------------------------------------------------------------------------------------ U0b40: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U0b41: 104804836008 tmp6:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) U0b42: 00091083e008 tmp14:= MOVE_DSZ32(IMM_MACRO_ALIAS_INSTRUCTION) U0b44: 00240103e23e tmp14:= SHL_DSZ32(tmp14, 0x00000001) U0b45: 00151303e23e tmp14:= BTS_DSZ32(tmp14, 0x00000013) U0b46: 00882e67ef88 tmp14:= ZEROEXT_DSZ16(0x0000192e, tmp14) 01ae9180 SEQW GOTO U2e91 ------------------------------------------------------------------------------------ U0b48: 0c5000e3c144 tmp12:= LDZX_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U0b49: 100a00840200 TESTUSTATE(SYS, !UST_VMX_OP_DIS) 018b4e40 ? SEQW GOTO U0b4e U0b4a: 00450103f008 tmp15:= SUB_DSZ64(0x00000001) U0b4c: 20435700023f WRITEURAM(tmp15, 0x0057, 64) U0b4d: 20435600023f WRITEURAM(tmp15, 0x0056, 64) U0b4e: 20431100023c LFNCEMARK-> WRITEURAM(tmp12, 0x0011, 64) 05079480 SEQW GOTO clear_aflags_uend0 ------------------------------------------------------------------------------------ U0b50: 00635303f200 tmp15:= READURAM(0x0053, 64) U0b51: 000804030008 tmp0:= ZEROEXT_DSZ32(0x00000004) U0b52: 086b9e9c027f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000006, U079e) U0b54: 006262174200 tmp4:= MOVEFROMCREG_DSZ64(0x562) U0b55: 0047ff3f4d08 tmp4:= NOTAND_DSZ64(0x00000fff, tmp4) U0b56: 004040030d08 tmp0:= ADD_DSZ64(0x00000040, tmp4) 01eb4c80 SEQW GOTO U6b4c ------------------------------------------------------------------------------------ udbgrd_xlat: U0b58: 004900031000 tmp1:= MOVE_DSZ64(0x00000000) U0b59: 10628c0f3240 tmp3:= MOVEFROMCREG_DSZ64(0x38c, 32) U0b5a: 0007060b3433 tmp3:= NOTAND_DSZ32(tmp3, 0xa0000000) U0b5c: 01508d080233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U028d) U0b5d: 00635c033200 tmp3:= READURAM(0x005c, 64) U0b5e: 086a8d880233 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000002, U028d) 01828a80 SEQW GOTO U028a ------------------------------------------------------------------------------------ U0b60: 100a20000200 TESTUSTATE(SYS, UST_SMM) 018b6400 ? SEQW GOTO U0b64 U0b61: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0b62: 186b699c0330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000012, generate_#UD) U0b64: 002501030221 tmp0:= SHR_DSZ32(rcx, 0x00000001) U0b65: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U0b66: 20635b030200 tmp0:= READURAM(0x005b, 64) 01855c80 SEQW GOTO U055c ------------------------------------------------------------------------------------ U0b68: 100a20000200 TESTUSTATE(SYS, UST_SMM) 018b6c00 ? SEQW GOTO U0b6c U0b69: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0b6a: 186b699c0330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000012, generate_#UD) U0b6c: 000816032008 LFNCEMARK-> tmp2:= ZEROEXT_DSZ32(0x00000016) U0b6d: 100a02800200 TESTUSTATE(SYS, !UST_USER_MODE) 04686e40 ? SEQW GOTO U686e U0b6e: 015d111c0240 UJMP(generate_#GP) ------------------------------------------------------------------------------------ U0b70: 00084f030010 tmp0:= ZEROEXT_DSZ32(0x0001000d) U0b71: 00080d031008 LFNCEMARK-> tmp1:= ZEROEXT_DSZ32(0x0000000d) U0b72: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0b74: 20635b036200 tmp6:= READURAM(0x005b, 64) U0b75: 006538036236 tmp6:= SHR_DSZ64(tmp6, 0x00000038) U0b76: 000400034da0 tmp4:= AND_DSZ32(rax, tmp6) 01ccd080 SEQW GOTO U4cd0 ------------------------------------------------------------------------------------ U0b78: 0062c51f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0b79: 186b699c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, generate_#UD) U0b7a: 100a80800200 LFNCEMARK-> TESTUSTATE(SYS, !UST_VMX_GUEST) 050b7e80 ? SEQW GOTO U0b7e U0b7c: 006343031200 tmp1:= READURAM(0x0043, 64) U0b7d: 186b691c0771 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000034, generate_#UD) U0b7e: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 01ab6e80 SEQW GOTO U2b6e ------------------------------------------------------------------------------------ U0b80: 20635b030200 tmp0:= READURAM(0x005b, 64) U0b81: 006538036230 tmp6:= SHR_DSZ64(tmp0, 0x00000038) U0b82: 006323032200 tmp2:= READURAM(0x0023, 64) U0b84: 004400072c88 tmp2:= AND_DSZ64(0x00000100, tmp2) U0b85: 004100036db2 tmp6:= OR_DSZ64(tmp2, tmp6) U0b86: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 01b3c180 SEQW GOTO U33c1 ------------------------------------------------------------------------------------ U0b88: 20635b030200 tmp0:= READURAM(0x005b, 64) U0b89: 006538036230 tmp6:= SHR_DSZ64(tmp0, 0x00000038) U0b8a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0b8c: 0062f61fb200 tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U0b8d: 000851030010 tmp0:= ZEROEXT_DSZ32(0x0001000f) U0b8e: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) 01cc7080 SEQW GOTO U4c70 ------------------------------------------------------------------------------------ lidt_xlat: U0b90: 000d06800000 SAVEUIP_REGOVR(0x01, U0b91, 0x0006) U0b91: 000c3e0402c0 SAVEUIP(0x00, U613e) U0b92: 000900000000 MOVE_DSZ32(0x00000000) U0b94: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U0b95: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0b96: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U0b98: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 01ce8288 SEQW URET0 ------------------------------------------------------------------------------------ U0b99: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U0b9a: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01ce8288 ? SEQW GOTO do_vmexit_ovr_enter_rip U0b9c: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 019f9100 ? SEQW GOTO do_smm_vmexit_ovr_enter_rip U0b9d: 000800000000 NOP U0b9e: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ str_m16_xlat: U0ba0: 000d0f800000 SAVEUIP_REGOVR(0x01, U0ba1, 0x000f) U0ba1: 000c219c0200 SAVEUIP(0x01, U0721) U0ba2: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 018a6a80 ? SEQW GOTO U0a6a U0ba4: 100147030010 tmp0:= OR_DSZN(0x00010000) U0ba5: 01506a280230 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U0a6a) U0ba6: 0c4b20730000 tmp0:= RDSEGFLD(SEG_V0, BASE) U0ba8: 0c4ba0731000 tmp1:= RDSEGFLD(SEG_V0, SEL+FLGS+LIM) 0188ea00 SEQW GOTO U08ea ------------------------------------------------------------------------------------ U0ba9: 2d0b3c21400a tmpv0:= PORTIN_DSZ32_ASZ16_SC1(0x0000483c) U0baa: 000000014500 tmpv0:= ADD_DSZ32(0x00000000, tmpv0) U0bac: 106286095240 tmpv1:= MOVEFROMCREG_DSZ64(0x286, 32) U0bad: 00019e015415 tmpv1:= OR_DSZ32(tmpv1, 0x000506c0) U0bae: 013500014554 tmpv0:= CMOVCC_DSZ32_CONDNZ(tmpv0, tmpv1) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0bb0: 000b03833208 tmp3:= UPDATEUSTATE(!0x0c) U0bb1: 000c88e00200 LFNCEMARK-> SAVEUIP(0x01, U1888) U0bb2: 0062ff1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7ff) U0bb4: 186b691c0232 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000000, generate_#UD) U0bb5: 004d09272924 tmp2:= unk_04d(rsp, rsp) U0bb6: 006381030200 tmp0:= READURAM(0x0081, 64) 040000ce SEQW URET1 ------------------------------------------------------------------------------------ U0bb8: 100a20000280 TESTUSTATE(SYS, UST_SMM | 0x4000) 0197ea00 ? SEQW GOTO U17ea U0bb9: 000c3c100200 SAVEUIP(0x00, U043c) U0bba: 000cecdc0200 SAVEUIP(0x01, uend) U0bbc: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 019c1c88 ? SEQW URET0 U0bbd: 006379039200 tmp9:= READURAM(0x0079, 64) U0bbe: 000802034008 tmp4:= ZEROEXT_DSZ32(0x00000002) 019c1c88 SEQW GOTO U1c1c ------------------------------------------------------------------------------------ U0bc0: 00c800832008 tmp2:= ZEROEXT_DSZ8(IMM_MACRO_ALIAS_IMMEDIATE) U0bc1: 104804834008 LFNCEMARK-> tmp4:= ZEROEXT_DSZ64N(IMM_MACRO_ALIAS_RIP) U0bc2: 008800036008 tmp6:= ZEROEXT_DSZ16(0x00000000) U0bc4: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01be3400 ? SEQW GOTO U3e34 U0bc5: 000800000000 NOP U0bc6: 000800000000 NOP U0bc8: 020601030200 tmp0:= unk_206(0x00000001) 01d55100 SEQW GOTO U5551 ------------------------------------------------------------------------------------ write_port_4c: U0bc9: 0008c0077010 tmp7:= ZEROEXT_DSZ32(0x4000004c) U0bca: 000802038008 tmp8:= ZEROEXT_DSZ32(0x00000002) U0bcc: 0d0f00038037 PORTOUT_DSZ32_ASZ16_SC1(tmp7, tmp8) U0bcd: 0d0b00038037 tmp8:= PORTIN_DSZ32_ASZ16_SC1(tmp7) U0bce: 086bcd2c0238 BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x00000000, U0bcd) 0186c680 SEQW GOTO uret1 ------------------------------------------------------------------------------------ wmptrst_xlat: U0bd0: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0bd1: 014310a36208 tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0bd2: 100ac3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 018bd680 ? SEQW GOTO U0bd6 U0bd4: 000816130008 tmp0:= ZEROEXT_DSZ32(0x00000416) U0bd5: 000801034008 tmp4:= ZEROEXT_DSZ32(0x00000001) 01e66251 SEQW SAVEUIP0 U0bd6 SEQW GOTO U6662 U0bd6: 006356033200 tmp3:= READURAM(0x0056, 64) U0bd8: 0c4800633035 STAD_DSZ64_ASZ32_SC1(tmp5, mode=0x18, tmp3) 01879400 SEQW GOTO clear_aflags_uend0 ------------------------------------------------------------------------------------ U0bd9: 0e7d0003303c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp3) U0bda: 0e7d2003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp4) U0bdc: 0e7d4003503c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040, tmp5) U0bdd: 0e7d6003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000060, tmp6) U0bde: 00008003cf08 tmp12:= ADD_DSZ32(0x00000080, tmp12) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ cpuid_xlat: U0be0: 00090a030008 tmp0:= MOVE_DSZ32(0x0000000a) U0be1: 100a02800200 LFNCEMARK-> TESTUSTATE(SYS, !UST_USER_MODE) 04c76040 ? SEQW GOTO U4760 U0be2: 006323032200 tmp2:= READURAM(0x0023, 64) U0be4: 006205071200 tmp1:= MOVEFROMCREG_DSZ64(0x105) U0be5: 00250d032232 tmp2:= SHR_DSZ32(tmp2, 0x0000000d) U0be6: 000700032cb1 tmp2:= NOTAND_DSZ32(tmp1, tmp2) U0be8: 186a119c0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000002, generate_#GP) 01c76000 SEQW GOTO U4760 ------------------------------------------------------------------------------------ U0be9: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U0bea: 286a360802b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000008, U1236) U0bec: 386b7a5c02b2 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000009, U377a) U0bed: 06a045039000 tmp9:= unk_6a0(0x00000000) U0bee: 049500038e78 tmm0:= unk_495(tmm0, tmm1) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U0bf0: 100ac0831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 0c869600 ? SEQW GOTO U0696 U0bf1: 00081e038008 SYNCMARK-> tmp8:= ZEROEXT_DSZ32(0x0000001e) U0bf2: 000c10480240 SAVEUIP(0x00, uend0) U0bf4: 000d28830008 tmp0:= SAVEUIP_REGOVR(0x01, U0bf5, 0x0028) 019d9009 SEQW GOTO U1d90 U0bf5: 100a02032200 tmp2:= TESTUSTATE(SYS, UST_USER_MODE) 019d9009 ? SEQW URET0 U0bf6: 006343034200 tmp4:= READURAM(0x0043, 64) U0bf8: 386b108806b4 SYNCMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp4, 0x0000002a, uend0) U0bf9: 00632f037200 tmp7:= READURAM(0x002f, 64) 0c1ba140 SEQW GOTO U1ba1 ------------------------------------------------------------------------------------ U0bfa: 00638c014200 tmpv0:= READURAM(0x008c, 64) U0bfc: 386a065d03d4 BTUJB_DIRECT_NOTTAKEN(tmpv0, 0x0000001d, U7706) U0bfd: 106261094240 tmpv0:= MOVEFROMCREG_DSZ64(0x261, 32) U0bfe: 000c065c02c0 SAVEUIP(0x00, U7706) 01b34d80 SEQW GOTO U334d ------------------------------------------------------------------------------------ U0c00: 189f00830144 tmp0:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0c01: 014310a00200 LFNCEMARK-> AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0c02: 0ce700639030 tmp9:= unk_ce7(tmp0) U0c04: 052b0803d039 tmp13:= unk_52b(tmp9) U0c05: 05ba00039e40 tmm1:= unk_5ba(tmm1) U0c06: 07aa0003603d mm6:= unk_7aa(tmm5) U0c08: 24b40003d000 WRTAGW-> tmm5:= FMOV(0x00000000) U0c09: 0004ff030d88 tmp0:= AND_DSZ32(0x000000ff, tmp6) 01f00260 SEQW GOTO U7002 ------------------------------------------------------------------------------------ U0c0a: 00940b032239 tmp2:= BT_DSZ16(tmp9, 0x0000000b) U0c0c: 003200033c32 tmp3:= SELECTCC_DSZ32_CONDB(tmp2, tmp0) U0c0d: 27430003e033 LFNCEMARK-> tmm6:= unk_743(mm3) U0c0e: 203d0b000008 MOVEINSERTFLGS_DSZ32(0x0000000b) 04b92e80 SEQW GOTO U392e ------------------------------------------------------------------------------------ sgdt_xlat: U0c10: 0c4b601b1000 tmp1:= RDSEGFLD(GDT, LIMIT) U0c11: 0c4b201b3000 tmp3:= RDSEGFLD(GDT, BASE) U0c12: 189f00832144 tmp2:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U0c14: 00082e130008 tmp0:= ZEROEXT_DSZ32(0x0000042e) U0c15: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0c16: 200a40800200 TESTUSTATE(VMX, !0x0040) 01e14580 ? SEQW GOTO U6145 U0c18: 0c8800631032 STAD_DSZ16_ASZ32_SC1(tmp2, mode=0x18, tmp1) U0c19: 1c4802633032 STAD_DSZN_ASZ32_SC1(tmp2, 0x00000002, mode=0x18, tmp3) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U0c1a: 0052192c0276 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U2b19) U0c1c: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U0c1d: 008401033232 tmp3:= AND_DSZ16(tmp2, 0x00000001) U0c1e: 015048640233 LFNCEWAIT-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 03123580 SEQW GOTO U1235 ------------------------------------------------------------------------------------ U0c20: 000d07800000 SAVEUIP_REGOVR(0x01, U0c21, 0x0007) 02da1a00 SEQW GOTO U5a1a U0c21: 0c8000632032 LFNCEWAIT-> tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, mode=0x18) U0c22: 000800000000 NOP U0c24: 0d61001b0032 LFNCEWAIT-> tmp0:= unk_d61(tmp2) U0c25: 000800000000 NOP U0c26: 000800000000 NOP U0c28: 1e7bc403bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U0c29: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) 0401b240 SEQW GOTO U01b2 ------------------------------------------------------------------------------------ U0c2a: 1062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U0c2c: 0001aa071c10 tmp1:= OR_DSZ32(0x28000000, tmp0) U0c2d: 0001090b0c10 tmp0:= OR_DSZ32(0xa8000040, tmp0) U0c2e: 000c20600200 SAVEUIP(0x00, U1820) 01a97180 SEQW GOTO U2971 ------------------------------------------------------------------------------------ U0c30: 000bff033200 tmp3:= UPDATEUSTATE(0xfc) U0c31: 006374030200 LFNCEMARK-> tmp0:= READURAM(0x0074, 64) U0c32: 008703030c08 tmp0:= NOTAND_DSZ16(0x00000003, tmp0) U0c34: 0150111c0270 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, generate_#GP) U0c35: 006376031200 tmp1:= READURAM(0x0076, 64) U0c36: 104a08035230 tmp5:= TESTUSTATE(tmp0, SYS, UST_OP_SIZE_32BIT) 040c3980 ? SEQW GOTO U0c39 U0c38: 000b01800200 UPDATEUSTATE(!0x04) U0c39: 006375032200 tmp2:= READURAM(0x0075, 64) U0c3a: 100a04000200 TESTUSTATE(SYS, UST_8086_MODE) 01a07dc0 ? SEQW GOTO U207d U0c3c: 0062fe1f6200 tmp6:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U0c3d: 000781036d90 tmp6:= NOTAND_DSZ32(0x00030200, tmp6) U0c3e: 000909240000 ROVR<- MOVE_DSZ32(0x00000000) 0198949e SEQW SAVEUIP1 U0c40 SEQW GOTO U1894 U0c40: 000805033008 tmp3:= ZEROEXT_DSZ32(0x00000005) U0c41: 104904834008 LFNCEMARK-> tmp4:= MOVE_DSZ64(IMM_MACRO_ALIAS_RIP) U0c42: 100a20000200 TESTUSTATE(SYS, UST_SMM) 04ae3dc0 ? SEQW GOTO U2e3d U0c44: 000801032008 tmp2:= ZEROEXT_DSZ32(0x00000001) U0c45: 008804136008 tmp6:= ZEROEXT_DSZ16(0x00000404) U0c46: 000c16200200 LFNCEWAIT-> SAVEUIP(0x00, U0816) U0c48: 00621c037200 tmp7:= MOVEFROMCREG_DSZ64(0x01c) U0c49: 004700037dca tmp7:= NOTAND_DSZ64(0x00004000, tmp7) U0c4a: 004286000200 MOVETOCREG_DSZ64(0x00000000, 0x086) 01e53880 SEQW GOTO U6538 ------------------------------------------------------------------------------------ U0c4c: 00635c031200 tmp1:= READURAM(0x005c, 64) U0c4d: 005517031231 tmp1:= BTS_DSZ64(tmp1, 0x00000017) U0c4e: 00435c000231 LFNCEMARK-> WRITEURAM(tmp1, 0x005c, 64) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U0c50: 000cea140200 SAVEUIP(0x00, U05ea) U0c51: 000c2df40200 SAVEUIP(0x01, U1d2d) 01ac2440 SEQW GOTO U2c24 ------------------------------------------------------------------------------------ U0c52: 1062dc0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2dc, 32) U0c54: 086b52700230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U0c52) U0c55: 1902db880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2db) U0c56: 2d0b18030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00000018) U0c58: 00bc00030030 tmp0:= unk_0bc(tmp0) U0c59: 002403031230 tmp1:= SHL_DSZ32(tmp0, 0x00000003) U0c5a: 000514032c08 tmp2:= SUB_DSZ32(0x00000014, tmp0) U0c5c: 015384140232 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp2, U0584) U0c5d: 0000041722b1 tmp2:= ADD_DSZ32(tmp1, 0x00004504) U0c5e: 015d00000c80 UJMP(tmp2) ------------------------------------------------------------------------------------ U0c60: 000cea140200 SAVEUIP(0x00, U05ea) U0c61: 000c2df40200 SAVEUIP(0x01, U1d2d) U0c62: 0062c51fb200 LFNCEMARK-> tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0c64: 100ac2800200 TESTUSTATE(SYS, !UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 018000c8 ? SEQW URET0 U0c65: 00631a035200 tmp5:= READURAM(0x001a, 64) U0c66: 006319036200 tmp6:= READURAM(0x0019, 64) U0c68: 000868032008 tmp2:= ZEROEXT_DSZ32(0x00000068) 019f918c SEQW URET1 ------------------------------------------------------------------------------------ U0c69: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U0c6a: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 019f918c ? SEQW GOTO do_smm_vmexit_ovr_enter_rip U0c6c: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01ce8200 ? SEQW GOTO do_vmexit_ovr_enter_rip U0c6d: 000800000000 NOP U0c6e: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ mov_r64_cr8_xlat: U0c70: 1062880b3240 LFNCEWAIT-> tmp3:= MOVEFROMCREG_DSZ64(UCODE_CR_X2APIC_TPR, 32) U0c71: 100ac2000200 TESTUSTATE(SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 02590472 ? SEQW GOTO U5904 U0c72: 002504002233 rax:= SHR_DSZ32(tmp3, 0x00000004) 02590472 SEQW UEND0 ------------------------------------------------------------------------------------ U0c74: 0e6d00037e7c LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, tmp9, tmp7) 024bf5b0 SEQW UEND0 ------------------------------------------------------------------------------------ U0c75: 00634703e200 tmp14:= READURAM(0x0047, 64) U0c76: 000800033000 tmp3:= ZEROEXT_DSZ32(0x00000000) 024bf5b0 SEQW GOTO U4bf5 ------------------------------------------------------------------------------------ U0c78: 0e2d00037e7c LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, tmp9, tmp7) 02082ab0 SEQW UEND0 ------------------------------------------------------------------------------------ U0c79: 0525008380b8 tmm0:= unk_525(tmm0, xmmsrc) U0c7a: 05a500820e01 xmm0:= unk_5a5(xmmdst, tmm0) 02082ab0 SEQW GOTO U082a ------------------------------------------------------------------------------------ U0c7c: 0ead00037e7c LFNCEWAIT-> STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, tmp9, tmp7) 02038cb0 SEQW UEND0 ------------------------------------------------------------------------------------ U0c7d: 0084fc7c209f rax:= AND_DSZ16(0xfffffffffffffffc, r64src) U0c7e: 0081000020b3 rax:= OR_DSZ16(tmp3, r64src) 02038cb0 SEQW GOTO U038c ------------------------------------------------------------------------------------ wrmsr_xlat: U0c80: 000900000000 MOVE_DSZ32(0x00000000) U0c81: 107d30038848 LFNCEMARK-> tmp8:= MOVEINSERTFLGS_DSZ64(0x00000030, rcx) U0c82: 002100035822 tmp5:= CONCAT_DSZ32(rdx, rax) U0c84: 000800000000 NOP U0c85: 000800000000 NOP U0c86: 100ac2031200 tmp1:= TESTUSTATE(SYS, UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 01e77dd2 ? SEQW SAVEUIP0 U0c88 ? SEQW GOTO U677d U0c88: 0004130b2850 tmp2:= AND_DSZ32(0xc0000f80, rcx) U0c89: 000500232c88 tmp2:= SUB_DSZ32(0x00000800, tmp2) U0c8a: 0150fd000232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U00fd) 0180f980 SEQW GOTO U00f9 ------------------------------------------------------------------------------------ U0c8c: 0008d8070010 tmp0:= ZEROEXT_DSZ32(0x60000000) U0c8d: 2042f61c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) U0c8e: 00882647e009 tmp14:= ZEROEXT_DSZ16(0x00003126) 01cf2480 SEQW GOTO U4f24 ------------------------------------------------------------------------------------ U0c90: 008800032002 tmp2:= ZEROEXT_DSZ16(r64src) U0c91: 104100033024 tmp3:= OR_DSZN(rsp) U0c92: 000c8623d208 tmp13:= SAVEUIP(0x00, U0886) 01abd896 SEQW SAVEUIP1 U0c94 SEQW GOTO U2bd8 U0c94: 3e7bea280cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U0c95: 000800000024 ZEROEXT_DSZ32(rsp) U0c96: 000800000000 NOP U0c98: 0c4b402b0000 LFNCEWAIT-> tmp0:= RDSEGFLD(SS_USERM, FLGS) U0c99: 00423c1c0230 MOVETOCREG_DSZ64(tmp0, 0x73c) U0c9a: 000800000000 NOP U0c9c: 0c4ba02b0000 SYNCMARK-> tmp0:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U0c9d: 0c6ba3000030 WRSEGFLD(tmp0, SS, SEL+FLGS+LIM) U0c9e: 0c4b202b0000 tmp0:= RDSEGFLD(SS_USERM, BASE) U0ca0: 0c6b23000030 SYNCWAIT-> WRSEGFLD(tmp0, SS, BASE) 0a2d3d48 SEQW URET0 ------------------------------------------------------------------------------------ U0ca1: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0a2d3d48 SEQW GOTO U2d3d ------------------------------------------------------------------------------------ U0ca2: 000c7cbbe248 tmp14:= SAVEUIP(0x01, U2e7c) U0ca4: 000800000000 NOP U0ca5: 000800000000 NOP U0ca6: 015d00000ec0 UJMP(tmp11) ------------------------------------------------------------------------------------ rdtsc_xlat: U0ca8: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U0ca9: 004c0d0c0200 SAVEUIP(0x00, U030d) U0caa: 100a02800200 ROVR<- TESTUSTATE(SYS, !UST_USER_MODE) 018caede ? SEQW SAVEUIP1 U0cac ? SEQW GOTO U0cae U0cac: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0cad: 186a119c0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000002, generate_#GP) U0cae: 100ac0830200 tmp0:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01b04180 ? SEQW GOTO U3041 U0cb0: 00080c032008 tmp2:= ZEROEXT_DSZ32(0x0000000c) U0cb1: 200a00870233 tmp0:= TESTUSTATE(tmp3, VMX, !0x0100) 01bf2540 ? SEQW GOTO U3f25 U0cb2: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U0cb4: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U0cb5: 200a80015200 tmpv1:= TESTUSTATE(VMX, 0x0080) 01b04140 ? SEQW GOTO U3041 U0cb6: 006357014200 tmpv0:= READURAM(0x0057, 64) U0cb8: 0e6560015508 SYNCMARK-> tmpv1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv0, 0x00000060) 0c304100 SEQW GOTO U3041 ------------------------------------------------------------------------------------ U0cb9: 07ea00032038 mm2:= unk_7ea(tmm0) U0cba: 000500032c8b tmp2:= SUB_DSZ32(0x00006000, tmp2) U0cbc: 07c200038e32 tmm0:= unk_7c2(mm2, tmm0) U0cbd: 02522c180236 UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp6, U062c) U0cbe: 25ff0003e03f LFNCEMARK-> tmm6:= unk_5ff(tmm7) 05062e80 SEQW GOTO U062e ------------------------------------------------------------------------------------ rdpmc_xlat: U0cc0: 002c02033221 tmp3:= ROL_DSZ32(rcx, 0x00000002) U0cc1: 00c0600b1273 tmp1:= ADD_DSZ8(tmp3, 0x00002260) U0cc2: 106200037c40 tmp7:= MOVEFROMCREG_DSZ64(tmp1) U0cc4: 0007bf071850 tmp1:= NOTAND_DSZ32(0x40000003, rcx) U0cc5: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U0cc6: 100a02800200 TESTUSTATE(SYS, !UST_USER_MODE) 018ccac0 ? SEQW GOTO U0cca U0cc8: 000400072c88 tmp2:= AND_DSZ32(0x00000100, tmp2) U0cc9: 0150111c0272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, generate_#GP) U0cca: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 018cd080 ? SEQW GOTO U0cd0 U0ccc: 00080f030008 tmp0:= ZEROEXT_DSZ32(0x0000000f) U0ccd: 00080b032008 tmp2:= ZEROEXT_DSZ32(0x0000000b) U0cce: 200a10800200 TESTUSTATE(VMX, !0x0010) 01bf25c0 ? SEQW GOTO U3f25 U0cd0: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U0cd1: 1928115c02f3 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x0000000d, generate_#GP) U0cd2: 000a000a0237 rax:= TESTUSTATE(tmp7, UCODE, 0x0200) 0187cdc0 ? SEQW GOTO U07cd U0cd4: 006520022237 rdx:= SHR_DSZ64(tmp7, 0x00000020) 0181bab0 SEQW UEND0 ------------------------------------------------------------------------------------ U0cd5: 021e17000200 SIGEVENT(0x00000017) U0cd6: 000c820fd208 tmp13:= SAVEUIP(0x00, U0382) 0181bab0 SEQW GOTO U01ba ------------------------------------------------------------------------------------ vmwrite_r64_r64_xlat: U0cd8: 000c448be208 tmp14:= SAVEUIP(0x01, U0244) U0cd9: 104100037002 tmp7:= OR_DSZN(r64src) U0cda: 026900032040 tmp2:= RDVMCSPLA(r64dst) U0cdc: 00040033ac88 tmp10:= AND_DSZ32(0x00000c00, tmp2) U0cdd: 00250803a23a tmp10:= SHR_DSZ32(tmp10, 0x00000008) U0cde: 000074338e88 tmp8:= ADD_DSZ32(0x00000c74, tmp10) U0ce0: 000c86180200 SAVEUIP(0x00, U0686) U0ce1: 00080003d038 tmp13:= ZEROEXT_DSZ32(tmp8) U0ce2: 01420a000f40 SYNCMARK-> UFLOWCTRL(URET0, tmp13) U0ce4: 014310a36208 tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U0ce5: 00635603c200 tmp12:= READURAM(0x0056, 64) U0ce6: 004001031f08 tmp1:= ADD_DSZ64(0x00000001, tmp12) U0ce8: 10650f03b201 tmp11:= SHR_DSZN(r64dst, 0x0000000f) U0ce9: 0004fe0f9c88 tmp9:= AND_DSZ32(0x000003fe, tmp2) U0cea: 100ac3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 018cf580 ? SEQW GOTO U0cf5 U0cec: 000a00400200 TESTUSTATE(UCODE, 0x1000) 018cf500 ? SEQW GOTO U0cf5 U0ced: 003d19130208 tmp0:= MOVEINSERTFLGS_DSZ32(0x00000419) U0cee: 000800000000 NOP U0cf0: 000806034008 SYNCWAIT-> tmp4:= ZEROEXT_DSZ32(0x00000006) 0a666210 SEQW SAVEUIP0 U0cf1 SEQW GOTO U6662 U0cf1: 000c86180200 SAVEUIP(0x00, U0686) U0cf2: 00080003d038 tmp13:= ZEROEXT_DSZ32(tmp8) U0cf4: 01420a000f40 UFLOWCTRL(URET0, tmp13) U0cf5: 0052ae100231 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, set_carry_uend) 048d768d SEQW URET1 ------------------------------------------------------------------------------------ U0cf6: 000d35a40380 SAVEUIP_REGOVR(0x01, U0cf8, 0xc935) 048d768d SEQW GOTO U0d76 U0cf8: 000cfe840240 SAVEUIP(0x01, U21fe) 05208d00 SEQW GOTO U208d ------------------------------------------------------------------------------------ U0cf9: 0c4b80274000 tmp4:= RDSEGFLD(UNK_SEG_09, SEL) U0cfa: 0c6bc9000034 LFNCEMARK-> WRSEGFLD(tmp4, UNK_SEG_09, UNK_FLD_0c) U0cfc: 00080b000000ROVR<-LFNCEWAIT-> NOP 020d041c SEQW SAVEUIP1 U0cfd SEQW GOTO U0d04 U0cfd: 000800000000 NOP U0cfe: 000800000000 NOP U0d00: 000d08800000 SAVEUIP_REGOVR(0x01, U0d01, 0x0008) 018d041d SEQW GOTO U0d04 U0d01: 10c00c02493c ROVR<- rsp:= ADD_DSZN(tmp12, rsp) 018d041d SEQW SAVEUIP1 U0d02 U0d02: 000c6de00200 SAVEUIP(0x01, U186d) U0d04: 0c4ba073b000 tmp11:= RDSEGFLD(SEG_V0, SEL+FLGS+LIM) U0d05: 00651003423b tmp4:= SHR_DSZ64(tmp11, 0x00000010) U0d06: 00161b03b23b tmp11:= BTR_DSZ32(tmp11, 0x0000001b) U0d08: 006428031234 tmp1:= SHL_DSZ64(tmp4, 0x00000028) U0d09: 004400234d08 tmp4:= AND_DSZ64(0x00000800, tmp4) U0d0a: 00151103b23b tmp11:= BTS_DSZ32(tmp11, 0x00000011) U0d0c: 00161003b23b tmp11:= BTR_DSZ32(tmp11, 0x00000010) U0d0d: 002405034234 tmp4:= SHL_DSZ32(tmp4, 0x00000005) U0d0e: 00010003bef4 tmp11:= OR_DSZ32(tmp4, tmp11) U0d10: 2e6b60031ef1 tmp1:= unk_e6b(tmp1, tmp11) U0d11: 00300003bef1 tmp11:= SELECTCC_DSZ32_CONDO(tmp1, tmp11) U0d12: 0c6b9780003b WRSEGFLD(tmp11) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U0d14: 00084b030010 tmp0:= ZEROEXT_DSZ32(0x00010007) U0d15: 000811034008 tmp4:= ZEROEXT_DSZ32(0x00000011) U0d16: 004164031001 ROVR<- tmp1:= OR_DSZ64(r64dst) 019d059e SEQW SAVEUIP1 U0d18 SEQW GOTO U1d05 U0d18: 00080c03d008 tmp13:= ZEROEXT_DSZ32(0x0000000c) 01ad6e00 SEQW GOTO U2d6e ------------------------------------------------------------------------------------ U0d19: 2d0fc843100a PORTOUT_DSZ32_ASZ16_SC1(0x000050c8, tmp1) U0d1a: 2d0bd043400a tmp4:= PORTIN_DSZ32_ASZ16_SC1(0x000050d0) U0d1c: 2d0bcc43600a LFNCEWAIT-> tmp6:= PORTIN_DSZ32_ASZ16_SC1(0x000050cc) U0d1d: 00054a0b5d10 tmp5:= SUB_DSZ32(0xffffffff, tmp4) U0d1e: 017e00036d76 tmp6:= MOVEMERGEFLGS_DSZ64(tmp6, tmp5) U0d20: 013400036d36 tmp6:= CMOVCC_DSZ32_CONDZ(tmp6, tmp4) U0d21: 2d0fd043600a PORTOUT_DSZ32_ASZ16_SC1(0x000050d0, tmp6) U0d22: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U0d24: 000c3037d208 tmp13:= SAVEUIP(0x00, U0d30) U0d25: 2d0bd043800a tmp8:= PORTIN_DSZ32_ASZ16_SC1(0x000050d0) U0d26: 0ea51e036038 tmp6:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp8, 0x0000001e) U0d28: 0e2500034038 LFNCEWAIT-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8) U0d29: 0e6508035038 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000008) U0d2a: 386a11ec0236 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000003, U3b11) U0d2c: 286ae62402f6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000c, U19e6) U0d2d: 186a5d0402b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000008, U215d) U0d2e: 186a8d480276 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000005, U228d) U0d30: 000020038e08 tmp8:= ADD_DSZ32(0x00000020, tmp8) U0d31: 000400036d8e LFNCEMARK-> tmp6:= AND_DSZ32(0x0000c000, tmp6) U0d32: 015134340236 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U0d34) 048d2680 SEQW GOTO U0d26 ------------------------------------------------------------------------------------ U0d34: 000000000000 NOP 08ca9c00 SEQW GOTO U4a9c ------------------------------------------------------------------------------------ U0d35: 005249340238 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp8, U0d49) U0d36: 0c4b200bf000 tmp15:= RDSEGFLD(CS, BASE) U0d38: 0c6b2900003f WRSEGFLD(tmp15, UNK_SEG_09, BASE) U0d39: 0c4ba00bf000 tmp15:= RDSEGFLD(CS, SEL+FLGS+LIM) U0d3a: 0c6b4900003f LFNCEMARK-> WRSEGFLD(tmp15, UNK_SEG_09, FLGS) U0d3c: 0c4b4027f000 LFNCEWAIT-> tmp15:= RDSEGFLD(UNK_SEG_09, FLGS) U0d3d: 0042f51c023f MOVETOCREG_DSZ64(tmp15, 0x7f5) U0d3e: 0c4b6027f000 tmp15:= RDSEGFLD(UNK_SEG_09, LIMIT) U0d40: 00421010023f LFNCEMARK-> MOVETOCREG_DSZ64(tmp15, 0x410) U0d41: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U0d42: 0042001c023f MOVETOCREG_DSZ64(tmp15, 0x700) U0d44: 0c4bc027f000 LFNCEWAIT-> tmp15:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U0d45: 000800000000 NOP U0d46: 000800000000 NOP U0d48: 00428e1c023f SYNCMARK-> MOVETOCREG_DSZ64(tmp15, 0x78e) U0d49: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U0d4a: 00626703a200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U0d4c: 004500036ebf tmp6:= SUB_DSZ64(tmp15, tmp10) U0d4d: 017e00036d36 tmp6:= MOVEMERGEFLGS_DSZ64(tmp6, tmp4) U0d4e: 00050003aebf tmp10:= SUB_DSZ32(tmp15, tmp10) U0d50: 00760003feb6 tmp15:= CMOVCC_DSZ64_CONDB(tmp6, tmp10) U0d51: 00421a1c023f SYNCWAIT-> MOVETOCREG_DSZ64(tmp15, 0x71a) 0aad664e SEQW GOTO U2d66 ------------------------------------------------------------------------------------ U0d52: 000a00400240 TESTUSTATE(UCODE, 0x3000) 0aad664e ? SEQW URET1 U0d54: 006312014200 tmpv0:= READURAM(0x0012, 64) U0d55: 286bc5e80254 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000007, U1ac5) U0d56: 0008070d5008 tmpv1:= ZEROEXT_DSZ32(0x00000307) 01ebfd96 SEQW SAVEUIP1 U0d58 SEQW GOTO U6bfd U0d58: 000cc5e80200 SAVEUIP(0x01, U1ac5) 01b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U0d59: 0e250c03b020 tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(rax, 0x0000000c) U0d5a: 086a5620003b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000000, U0856) U0d5c: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U0d5d: 00054a0b9ed0 tmp9:= SUB_DSZ32(0xffffffff, tmp11) U0d5e: 0150be700239 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, uret1) U0d60: 00640803b23b LFNCEWAIT-> tmp11:= SHL_DSZ64(tmp11, 0x00000008) U0d61: 00088c07900d tmp9:= ZEROEXT_DSZ32(0x0000a18c) U0d62: 0004f0072e48 tmp2:= AND_DSZ32(0x000001f0, tmp9) U0d64: 0e2500032cbb tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp2) U0d65: 386bb46c0272 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000005, U3bb4) U0d66: 000504032e48 tmp2:= SUB_DSZ32(0x00000004, tmp9) U0d68: 00080f03a008 tmp10:= ZEROEXT_DSZ32(0x0000000f) U0d69: 002400037eb7 tmp7:= SHL_DSZ32(tmp7, tmp10) U0d6a: 002410039e88 tmp9:= SHL_DSZ32(0x00000010, tmp10) U0d6c: 000100039e77 tmp9:= OR_DSZ32(tmp7, tmp9) U0d6d: 0e2d00039cbb STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp2, tmp9) U0d6e: 00010103ae88 tmp10:= OR_DSZ32(0x00000001, tmp10) U0d70: 000844039008 tmp9:= ZEROEXT_DSZ32(0x00000044) U0d71: 00a113039e48 tmp9:= CONCAT_DSZ16(0x00000013, tmp9) U0d72: 0e2500032e7b tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp9) U0d74: 000400032cba tmp2:= AND_DSZ32(tmp10, tmp2) U0d75: 092972340df2 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp7, U0d72) 0688564e SEQW GOTO U0856 ------------------------------------------------------------------------------------ U0d76: 000a00400240 TESTUSTATE(UCODE, 0x3000) 0688564e ? SEQW URET1 U0d78: 006312014200 tmpv0:= READURAM(0x0012, 64) U0d79: 086bf8f00254 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000007, U0cf8) U0d7a: 0008270d5008 tmpv1:= ZEROEXT_DSZ32(0x00000327) 01ebfd96 SEQW SAVEUIP1 U0d7c SEQW GOTO U6bfd U0d7c: 000cf8b00200 SAVEUIP(0x01, U0cf8) 01b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U0d7d: 000c960c0280 SAVEUIP(0x00, U4396) U0d7e: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U0d80: 23800003ae80 tmp10:= READAFLAGS(tmp10) U0d81: 000c19bfe288 tmp14:= SAVEUIP(0x01, U4f19) U0d82: 100a80832200 tmp2:= TESTUSTATE(SYS, !UST_VMX_GUEST) 018d8580 ? SEQW GOTO U0d85 U0d84: 006343032200 tmp2:= READURAM(0x0043, 64) U0d85: 0004000b9e88 tmp9:= AND_DSZ32(0x00000200, tmp10) U0d86: 100a40830200 tmp0:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 018d8980 ? SEQW GOTO U0d89 U0d88: 00634c030200 tmp0:= READURAM(0x004c, 64) U0d89: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U0d8a: 002407032232 tmp2:= SHL_DSZ32(tmp2, 0x00000007) U0d8c: 000400039e72 tmp9:= AND_DSZ32(tmp2, tmp9) U0d8d: 000807030009 tmp0:= ZEROEXT_DSZ32(0x00002007) U0d8e: 0151b4100239 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U04b4) U0d90: 200a20000200 TESTUSTATE(VMX, 0x0020) 018d9800 ? SEQW GOTO U0d98 U0d91: 00621d039200 tmp9:= MOVEFROMCREG_DSZ64(0x01d) U0d92: 000402039e48 tmp9:= AND_DSZ32(0x00000002, tmp9) U0d94: 002408039239 tmp9:= SHL_DSZ32(tmp9, 0x00000008) U0d95: 000400039e7a tmp9:= AND_DSZ32(tmp10, tmp9) U0d96: 015098340239 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U0d98) 09626e80 SEQW GOTO U626e ------------------------------------------------------------------------------------ U0d98: 000d02800000 SAVEUIP_REGOVR(0x01, U0d99, 0x0002) 052b150a SEQW GOTO lbsync_full U0d99: 10629f0b2240 tmp2:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U0d9a: 086b841c0232 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000000, U0784) 052b150a SEQW URET0 ------------------------------------------------------------------------------------ U0d9c: 0153111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp1, generate_#GP) U0d9d: 002403033230 tmp3:= SHL_DSZ32(tmp0, 0x00000003) U0d9e: 0000c0473273 tmp3:= ADD_DSZ32(tmp3, 0x000031c0) 0186be92 SEQW SAVEUIP0 U0da0 SEQW GOTO jump_tmp3 U0da0: 0fcf00000034 unk_fcf(tmp4) 01ab1200 SEQW GOTO U2b12 ------------------------------------------------------------------------------------ U0da1: 000b01800200 UPDATEUSTATE(!0x04) U0da2: 1928d2100d73 CMPUJZ_DIRECT_NOTTAKEN(tmp3, tmp5, U24d2) U0da4: 000400032cf5 tmp2:= AND_DSZ32(tmp5, tmp3) U0da5: 186a111c0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000000, generate_#GP) U0da6: 00448a031d50 tmp1:= AND_DSZ64(0x0003c000, tmp5) U0da8: 00650e031231 tmp1:= SHR_DSZ64(tmp1, 0x0000000e) U0da9: 0054490b1c48 tmp1:= BT_DSZ64(0x00000249, tmp1) U0daa: 0053111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp1, generate_#GP) U0dac: 004484071d50 tmp1:= AND_DSZ64(0x0f000000, tmp5) U0dad: 006518031231 tmp1:= SHR_DSZ64(tmp1, 0x00000018) U0dae: 00543f031c48 tmp1:= BT_DSZ64(0x0000003f, tmp1) U0db0: 0053111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp1, generate_#GP) U0db1: 006520031235 tmp1:= SHR_DSZ64(tmp5, 0x00000020) U0db2: 00040f031c48 tmp1:= AND_DSZ32(0x0000000f, tmp1) U0db4: 005407031c48 tmp1:= BT_DSZ64(0x00000007, tmp1) U0db5: 0053111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp1, generate_#GP) U0db6: 006524031235 tmp1:= SHR_DSZ64(tmp5, 0x00000024) U0db8: 00040f031c48 tmp1:= AND_DSZ32(0x0000000f, tmp1) U0db9: 005407031c48 tmp1:= BT_DSZ64(0x00000007, tmp1) U0dba: 0053111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp1, generate_#GP) U0dbc: 186a111c02f5 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x0000000c, generate_#GP) U0dbd: 386bb9200235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U38b9) U0dbe: 0008d12fe009 tmp14:= ZEROEXT_DSZ32(0x00002bd1) 01db2680 SEQW GOTO U5b26 ------------------------------------------------------------------------------------ U0dc0: 000000000000 NOP U0dc1: 204300000230 WRITEURAM(tmp0, 0x0000, 64) U0dc2: 038000030030 tmp0:= READAFLAGS(tmp0) U0dc4: 00a100030c08 tmp0:= CONCAT_DSZ16(0x00000000, tmp0) 01d2cd00 SEQW GOTO U52cd ------------------------------------------------------------------------------------ U0dc5: 002100034822 tmp4:= CONCAT_DSZ32(rdx, rax) U0dc6: 104800034034 tmp4:= ZEROEXT_DSZ64N(tmp4) U0dc8: 00635c031200 tmp1:= READURAM(0x005c, 64) U0dc9: 001410031231 tmp1:= BT_DSZ32(tmp1, 0x00000010) U0dca: 013e00031c74 tmp1:= MOVEMERGEFLGS_DSZ32(tmp4, tmp1) U0dcc: 00760003efb1 tmp14:= CMOVCC_DSZ64_CONDB(tmp1, tmp14) U0dcd: 0e250c03503e tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x0000000c) U0dce: 00635303f200 tmp15:= READURAM(0x0053, 64) U0dd0: 00040103efc8 tmp14:= AND_DSZ32(0x00000001, tmp15) U0dd1: 000500035d7e tmp5:= SUB_DSZ32(tmp14, tmp5) U0dd2: 00470103ffc8 tmp15:= NOTAND_DSZ64(0x00000001, tmp15) U0dd4: 20435308023f WRITEURAM(tmp15, 0x0053, 32) U0dd5: 006420035235 tmp5:= SHL_DSZ64(tmp5, 0x00000020) U0dd6: 004306040235 WRITEURAM(tmp5, 0x0106, 64) U0dd8: 00630d030200 tmp0:= READURAM(0x000d, 64) U0dd9: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U0dda: 00bc00030c30 tmp0:= unk_0bc(tmp0, tmp0) U0ddc: 006420030230 tmp0:= SHL_DSZ64(tmp0, 0x00000020) U0ddd: 00430d040230 WRITEURAM(tmp0, 0x010d, 64) U0dde: 000d10800000 SAVEUIP_REGOVR(0x01, U0de0, 0x0010) 01ddea80 SEQW GOTO U5dea U0de0: 100a00000280 TESTUSTATE(SYS, 0x4000) 01d4c500 ? SEQW GOTO U54c5 U0de1: 0008e03b900d tmp9:= ZEROEXT_DSZ32(0x0000aee0) U0de2: 001500035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000000) U0de4: 0e7d00035039 STADSTGBUF_DSZ64_ASZ16_SC1(tmp9, tmp5) 02ac2a00 SEQW GOTO U2c2a ------------------------------------------------------------------------------------ U0de5: 006204015200 LFNCEWAIT-> tmpv1:= MOVEFROMCREG_DSZ64(0x004) U0de6: 000700095548 tmpv1:= NOTAND_DSZ32(0x00000200, tmpv1) U0de8: 000410016508 tmpv2:= AND_DSZ32(0x00000010, tmpv0) U0de9: 002405016216 tmpv2:= SHL_DSZ32(tmpv2, 0x00000005) U0dea: 090204000556 MOVETOCREG_OR_DSZ64(tmpv2, tmpv1, 0x004) U0dec: 000a08015200 tmpv1:= TESTUSTATE(UCODE, 0x0008) 018df600 ? SEQW GOTO U0df6 U0ded: 0004001d5ec8 tmpv1:= AND_DSZ32(0x00000700, tmp11) U0dee: 0005001d5548 tmpv1:= SUB_DSZ32(0x00000700, tmpv1) U0df0: 01f800015015 tmpv1:= SETCC_CONDZ(tmpv1) U0df1: 006343016200 tmpv2:= READURAM(0x0043, 64) U0df2: 00541b016216 tmpv2:= BT_DSZ64(tmpv2, 0x0000001b) U0df4: 00fa00016016 tmpv2:= SETCC_CONDB(tmpv2) U0df5: 000100015595 tmpv1:= OR_DSZ32(tmpv1, tmpv2) U0df6: 000a08816200 tmpv2:= TESTUSTATE(UCODE, !0x0008) 018dfa80 ? SEQW GOTO U0dfa U0df8: 000a10800200 TESTUSTATE(UCODE, !0x0010) 018dfa00 ? SEQW GOTO U0dfa U0df9: 000400416dca tmpv2:= AND_DSZ32(0x00005000, tmp7) U0dfa: 000100015556 tmpv1:= OR_DSZ32(tmpv2, tmpv1) U0dfc: 000410016508 tmpv2:= AND_DSZ32(0x00000010, tmpv0) U0dfd: 002405016216 tmpv2:= SHL_DSZ32(tmpv2, 0x00000005) U0dfe: 017000016595 tmpv2:= SELECTCC_DSZ64_CONDZ(tmpv1, tmpv2) U0e00: 00631f015200 LFNCEWAIT-> tmpv1:= READURAM(0x001f, 64) U0e01: 004700095548 tmpv1:= NOTAND_DSZ64(0x00000200, tmpv1) U0e02: 004100015556 tmpv1:= OR_DSZ64(tmpv2, tmpv1) U0e04: 00431f000215 WRITEURAM(tmpv1, 0x001f, 64) 01bdfecc SEQW URET1 ------------------------------------------------------------------------------------ U0e05: 076c00036038 tmp6:= PINTMOVDTMM2I_DSZ64(tmm0) U0e06: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01bdfecc ? SEQW GOTO U3dfe U0e08: 000cfe77d248 tmp13:= SAVEUIP(0x00, U3dfe) U0e09: 100a00000280 TESTUSTATE(SYS, 0x4000) 01b8b240 ? SEQW GOTO U38b2 U0e0a: 0044ff3f8d88 tmp8:= AND_DSZ64(0x00000fff, tmp6) U0e0c: 108000038e3b tmp8:= ADD_DSZN(tmp11, tmp8) 01c63900 SEQW GOTO U4639 ------------------------------------------------------------------------------------ U0e0d: 00080e030008 tmp0:= ZEROEXT_DSZ32(0x0000000e) U0e0e: 000801037008 tmp7:= ZEROEXT_DSZ32(0x00000001) U0e10: 0053654c027f UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp15, U3365) U0e11: 20431f00023f WRITEURAM(tmp15, 0x001f, 64) U0e12: 00c500030c42 tmp0:= SUB_DSZ8(r64src, tmp1) U0e14: 006508032202 tmp2:= SHR_DSZ64(r64src, 0x00000008) U0e15: 000800020000 rax:= ZEROEXT_DSZ32(0x00000000) U0e16: 000800022000 rdx:= ZEROEXT_DSZ32(0x00000000) U0e18: 005271340270 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U2d71) U0e19: 002508031231 tmp1:= SHR_DSZ32(tmp1, 0x00000008) U0e1a: 00c50003fc72 tmp15:= SUB_DSZ8(tmp2, tmp1) U0e1c: 00527134027f UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, U2d71) U0e1d: 0047ff03fc88 tmp15:= NOTAND_DSZ64(0x000000ff, tmp2) U0e1e: 01517134027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2d71) U0e20: 1062050bf240 tmp15:= MOVEFROMCREG_DSZ64(0x205, 32) U0e21: 07470003903f tmm1:= unk_747(tmm7) U0e22: 1062060bf240 tmp15:= MOVEFROMCREG_DSZ64(0x206, 32) U0e24: 074601039e7f tmm1:= unk_746(tmm7, tmm1) U0e25: 000c26380200 SAVEUIP(0x00, U0e26) U0e26: 015028380230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U0e28) 01e74080 SEQW GOTO U6740 ------------------------------------------------------------------------------------ U0e28: 074700038032 tmm0:= unk_747(mm2) 01f66110 SEQW SAVEUIP0 U0e29 SEQW GOTO U7661 U0e29: 076f00020039 xmm0:= unk_76f(tmm1) U0e2a: 047701039039 tmm1:= unk_477(tmm1) U0e2c: 076f00022039 xmm2:= unk_76f(tmm1) U0e2d: 203d00000000 MOVEINSERTFLGS_DSZ32(0x00000000) 01c809b1 SEQW UEND0 ------------------------------------------------------------------------------------ U0e2e: 006200035e00 tmp5:= MOVEFROMCREG_DSZ64(tmp8) 01c809b1 SEQW GOTO U4809 ------------------------------------------------------------------------------------ U0e30: 106200035e00 tmp5:= MOVEFROMCREG_DSZ64(tmp8) 01c80900 SEQW GOTO U4809 ------------------------------------------------------------------------------------ U0e31: 021e87000200 SIGEVENT(0x00000087) U0e32: 0c4800634037 STAD_DSZ64_ASZ32_SC1(tmp7, mode=0x18, tmp4) U0e34: 006201070200 tmp0:= MOVEFROMCREG_DSZ64(0x101) U0e35: 0c4808630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000008, mode=0x18, tmp0) U0e36: 006202070200 tmp0:= MOVEFROMCREG_DSZ64(0x102) U0e38: 0c4810630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000010, mode=0x18, tmp0) U0e39: 0062b1030200 tmp0:= MOVEFROMCREG_DSZ64(0x0b1) U0e3a: 0c4818630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000018, mode=0x18, tmp0) U0e3c: 006352030200 tmp0:= READURAM(0x0052, 64) U0e3d: 0c4820630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000020, mode=0x18, tmp0) U0e3e: 006280030200 tmp0:= MOVEFROMCREG_DSZ64(0x080) U0e40: 0c4828630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000028, mode=0x18, tmp0) U0e41: 006281030200 tmp0:= MOVEFROMCREG_DSZ64(0x081) U0e42: 0c4830630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000030, mode=0x18, tmp0) U0e44: 006282030200 tmp0:= MOVEFROMCREG_DSZ64(0x082) U0e45: 0c4838630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000038, mode=0x18, tmp0) U0e46: 006283030200 tmp0:= MOVEFROMCREG_DSZ64(0x083) U0e48: 0c4840630237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000040, mode=0x18, tmp0) U0e49: 0c4848600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000048, mode=0x18, 0x00000000) U0e4a: 0c4850600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000050, mode=0x18, 0x00000000) U0e4c: 0c4858600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000058, mode=0x18, 0x00000000) U0e4d: 0c4860600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000060, mode=0x18, 0x00000000) U0e4e: 0c4868600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000068, mode=0x18, 0x00000000) U0e50: 0c4870600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000070, mode=0x18, 0x00000000) U0e51: 0c4878600237 STAD_DSZ64_ASZ32_SC1(tmp7, 0x00000078, mode=0x18, 0x00000000) U0e52: 015d39500200 UJMP(U1439) ------------------------------------------------------------------------------------ U0e54: 2d0fb4031008 LFNCEWAIT-> PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, tmp1) U0e55: 000d00800000 SAVEUIP_REGOVR(0x01, U0e56, 0x0000) 022b1540 SEQW GOTO lbsync_full U0e56: 00a10103000c tmp0:= CONCAT_DSZ16(0x00008001) U0e58: 0d0b00030030 tmp0:= PORTIN_DSZ32_ASZ16_SC1(tmp0) 02bc6000 SEQW GOTO U3c60 ------------------------------------------------------------------------------------ U0e59: 00626803f200 LFNCEWAIT-> tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) U0e5a: 00a103137237 tmp7:= CONCAT_DSZ16(tmp7, 0x00000403) U0e5c: 00480003503f tmp5:= ZEROEXT_DSZ64(tmp15) 01eba110 SEQW SAVEUIP0 U0e5d SEQW GOTO U6ba1 U0e5d: 00480003f035 tmp15:= ZEROEXT_DSZ64(tmp5) U0e5e: 00151f030230 tmp0:= BTS_DSZ32(tmp0, 0x0000001f) U0e60: 00630e031200 tmp1:= READURAM(0x000e, 64) U0e61: 006530031231 SYNCFULL-> tmp1:= SHR_DSZ64(tmp1, 0x00000030) U0e62: 00a100031ff1 tmp1:= CONCAT_DSZ16(tmp1, tmp15) U0e64: 002100031c31 tmp1:= CONCAT_DSZ32(tmp1, tmp0) U0e65: 20430e000231 WRITEURAM(tmp1, 0x000e, 64) U0e66: 0008663b0008 tmp0:= ZEROEXT_DSZ32(0x00000e66) U0e68: 00a18a030c08 tmp0:= CONCAT_DSZ16(0x0000008a, tmp0) U0e69: 204307000230 WRITEURAM(tmp0, 0x0007, 64) U0e6a: 290200c003c0 MOVETOCREG_OR_DSZ64(0x0000001f, 0x000) U0e6c: 2902b4400200 MOVETOCREG_OR_DSZ64(0x00000001, 0x0b4) U0e6d: 00635c030200 tmp0:= READURAM(0x005c, 64) U0e6e: 001408030230 tmp0:= BT_DSZ32(tmp0, 0x00000008) U0e70: 00330203f230 tmp15:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000002) U0e71: 004501030008 tmp0:= SUB_DSZ64(0x00000001) U0e72: 004700030c3f tmp0:= NOTAND_DSZ64(tmp15, tmp0) U0e74: 204370000230 WRITEURAM(tmp0, 0x0070, 64) U0e75: 3042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U0e76: 29a208000630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x008) U0e78: 1062c20b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2c2, 32) U0e79: 3962c2480270 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000005, 0x2c2) U0e7a: 3062cf0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cf, 32) U0e7c: 3902cf880230 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp0, 0x00000002, 0x2cf) 085d5500 SEQW GOTO U5d55 ------------------------------------------------------------------------------------ U0e7d: 000100035024 tmp5:= OR_DSZ32(rsp) U0e7e: 0042cb000010 MOVETOCREG_DSZ64(0x00000017, 0x000) U0e80: 18ff00024e64 rsp:= unk_8ff(SS, rsp, tmp9) U0e81: 10c800024024 rsp:= ZEROEXT_DSZ8N(rsp) U0e82: 1c30002b4024 tmp4:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) U0e84: 0cb00bab8024 tmp8:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U0e85: 1c3013ab1024 tmp1:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_13, mode=0x0a) U0e86: 008800031031 tmp1:= ZEROEXT_DSZ16(tmp1) U0e88: 1c301bab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_1b, mode=0x0a) U0e89: 008800030030 tmp0:= ZEROEXT_DSZ16(tmp0) U0e8a: 1c3023ab9024 tmp9:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_23, mode=0x0a) U0e8c: 008800039039 tmp9:= ZEROEXT_DSZ16(tmp9) U0e8d: 1c302bab6024 tmp6:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_2b, mode=0x0a) U0e8e: 008800036036 tmp6:= ZEROEXT_DSZ16(tmp6) U0e90: 0e7b09000c80 unk_e7b(tmp2) U0e91: 0e7b08000c40 unk_e7b(tmp1) U0e92: 0e7b0b000c00 unk_e7b(tmp0) U0e94: 0e7b0c000e40 unk_e7b(tmp9) U0e95: 0e7b0d000d80 unk_e7b(tmp6) U0e96: 008800033033 tmp3:= ZEROEXT_DSZ16(tmp3) U0e98: 100800024034 rsp:= ZEROEXT_DSZ32N(tmp4) U0e99: 29029edc0200 MOVETOCREG_OR_DSZ64(0x00000003, 0x79e) U0e9a: 0e7b0a000e00 LFNCEMARK-> unk_e7b(tmp8) U0e9c: 0c4b402b1000 LFNCEWAIT-> tmp1:= RDSEGFLD(SS_USERM, FLGS) U0e9d: 00423c1c0231 MOVETOCREG_DSZ64(tmp1, 0x73c) U0e9e: 0c4b40271000 tmp1:= RDSEGFLD(UNK_SEG_09, FLGS) U0ea0: 2042f51c0231 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x7f5) U0ea1: 000ceaf40240 SAVEUIP(0x01, U3dea) 08187140 SEQW GOTO U1871 ------------------------------------------------------------------------------------ U0ea2: 204200000036 MOVETOCREG_DSZ64(tmp6, 0x000) U0ea4: 000c06c3e248 tmp14:= SAVEUIP(0x01, U3006) U0ea5: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 07184d40 ? SEQW GOTO U184d U0ea6: 3e7bea000cb0 LFNCEWTMRK-> unk_e7b(tmp0, tmp2) U0ea8: 0c4b402b1000 LFNCEWAIT-> tmp1:= RDSEGFLD(SS_USERM, FLGS) 02185000 SEQW GOTO U1850 ------------------------------------------------------------------------------------ U0ea9: 00635c032200 tmp2:= READURAM(0x005c, 64) U0eaa: 000400072c88 tmp2:= AND_DSZ32(0x00000100, tmp2) U0eac: 1062df0bd240 tmp13:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U0ead: 017000039f72 tmp9:= SELECTCC_DSZ64_CONDZ(tmp2, tmp13) U0eae: 086ab8b802f9 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000e, U0eb8) U0eb0: 0e6580079f08 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000080, mode=0x01) U0eb1: 0042f81c0239 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp9, 0x7f8) U0eb2: 0e65e8079f0a tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002e8, mode=0x01) U0eb4: 1042f91c0279 LFNCEMARK-> MOVETOCREG_DSZ64(tmp9, 0x7f9, 32) U0eb5: 000800000000 NOP U0eb6: 000800000000 NOP U0eb8: 0e6570079f0a LFNCEWAIT-> tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000270, mode=0x01) U0eb9: 000800000000 NOP U0eba: 000800000000 NOP U0ebc: 086bc4b802fd LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp13, 0x0000000e, U0ec4) U0ebd: 0e657807af0a tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000278, mode=0x01) U0ebe: 00040007ae88 tmp10:= AND_DSZ32(0x00000100, tmp10) U0ec0: 000700079e48 tmp9:= NOTAND_DSZ32(0x00000100, tmp9) U0ec1: 000100039e7a tmp9:= OR_DSZ32(tmp10, tmp9) U0ec2: 0e65b0077f0a tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b0, mode=0x01) U0ec4: 213f00000039 unk_13f(tmp9) U0ec5: 0042fe1c0239 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp9, CORE_CR_EFLAGS) U0ec6: 017000039f72 tmp9:= SELECTCC_DSZ64_CONDZ(tmp2, tmp13) U0ec8: 086ac9b807f9 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000003e, U0ec9) 04461800 SEQW GOTO U4618 ------------------------------------------------------------------------------------ U0ec9: 20436b00023b WRITEURAM(tmp11, 0x006b, 64) U0eca: 00e100039d74 tmp9:= CONCAT_DSZ8(tmp4, tmp5) U0ecc: 00a100039e77 tmp9:= CONCAT_DSZ16(tmp7, tmp9) U0ecd: 002100039e76 tmp9:= CONCAT_DSZ32(tmp6, tmp9) U0ece: 20432c000239 WRITEURAM(tmp9, 0x002c, 64) U0ed0: 00096567000a tmp0:= MOVE_DSZ32(0x00005965) U0ed1: 20436c000233 WRITEURAM(tmp3, 0x006c, 64) U0ed2: 00a1db030c08 tmp0:= CONCAT_DSZ16(0x000000db, tmp0) 01a42e80 SEQW GOTO U242e ------------------------------------------------------------------------------------ U0ed4: 00628c135200 tmp5:= MOVEFROMCREG_DSZ64(0x48c) U0ed5: 0087200b5d48 tmp5:= NOTAND_DSZ16(0x00000220, tmp5) U0ed6: 00428c100235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, 0x48c) U0ed8: 000000000000 LFNCEWAIT-> NOP 02194800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U0ed9: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U0eda: 0c4bc027e000 tmp14:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U0edc: 104501030c3e ROVR<- tmp0:= SUB_DSZN(tmp14, tmp0) 01a1781c SEQW SAVEUIP1 U0edd SEQW GOTO U2178 U0edd: 0d6800031d48 unk_d68(0x00000000, tmp5, tmp1) U0ede: 0d6808030d48 unk_d68(0x00000008, tmp5, tmp0) U0ee0: 0d6810020d48 unk_d68(0x00000010, tmp5, rax) U0ee1: 0d6818023d48 unk_d68(0x00000018, tmp5, rbx) U0ee2: 0d6820021d48 unk_d68(0x00000020, tmp5, rcx) U0ee4: 0d6828022d48 unk_d68(0x00000028, tmp5, rdx) U0ee5: 0d6830026d48 unk_d68(0x00000030, tmp5, rsi) U0ee6: 0d6838027d48 unk_d68(0x00000038, tmp5, rdi) U0ee8: 0d6840025d48 unk_d68(0x00000040, tmp5, rbp) U0ee9: 0d6848024d48 unk_d68(0x00000048, tmp5, rsp) U0eea: 0d6850028d48 unk_d68(0x00000050, tmp5, r8) U0eec: 0d6858029d48 unk_d68(0x00000058, tmp5, r9) U0eed: 0d686002ad48 unk_d68(0x00000060, tmp5, r10) U0eee: 0d686802bd48 unk_d68(0x00000068, tmp5, r11) U0ef0: 0d687002cd48 unk_d68(0x00000070, tmp5, r12) U0ef1: 0d687802dd48 unk_d68(0x00000078, tmp5, r13) U0ef2: 0d688002ed48 unk_d68(0x00000080, tmp5, r14) U0ef4: 0d688802fd48 unk_d68(0x00000088, tmp5, r15) U0ef5: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) U0ef6: 0d6890030d48 unk_d68(0x00000090, tmp5, tmp0) U0ef8: 000df1800000 SAVEUIP_REGOVR(0x01, U0ef9, 0x00f1) 01851400 SEQW GOTO U0514 U0ef9: 104500030c7e tmp0:= SUB_DSZN(tmp14, tmp1) U0efa: 0d68b0030d48 unk_d68(0x000000b0, tmp5, tmp0) U0efc: 006263030200 tmp0:= MOVEFROMCREG_DSZ64(0x063) U0efd: 0d6898030d48 unk_d68(0x00000098, tmp5, tmp0) U0efe: 0d68a0000d48 unk_d68(0x000000a0, tmp5, 0x00000000) U0f00: 0d68a8000d48 unk_d68(0x000000a8, tmp5, 0x00000000) U0f01: 0d68b8000d48 unk_d68(0x000000b8, tmp5, 0x00000000) U0f02: 000d01000000 SAVEUIP_REGOVR(0x00, U0f04, 0x0001) 018cb280 SEQW GOTO U0cb2 U0f04: 0d68c0030d48 unk_d68(0x000000c0, tmp5, tmp0) U0f05: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 01a00a40 ? SEQW GOTO U200a U0f06: 0000c8030d48 tmp0:= ADD_DSZ32(0x000000c8, tmp5) U0f08: 0d2808030e74 unk_d28(tmp4, tmp9, tmp0) 03200d00 SEQW GOTO U200d ------------------------------------------------------------------------------------ U0f09: 002508031230 tmp1:= SHR_DSZ32(tmp0, 0x00000008) U0f0a: 2822a0d803f1 LFNCEWAIT-> MOVETOCREG_AND_DSZ64(tmp1, 0x0000001f, 0x6a0) U0f0c: 2042a4180200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x6a4) U0f0d: 000800000000 NOP U0f0e: 000800000000 NOP U0f10: 2042a1180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x6a1) U0f11: 002510031230 tmp1:= SHR_DSZ32(tmp0, 0x00000010) U0f12: 002504030230 tmp0:= SHR_DSZ32(tmp0, 0x00000004) U0f14: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U0f15: 002100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U0f16: 204322000230 WRITEURAM(tmp0, 0x0022, 64) U0f18: 006308030200 tmp0:= READURAM(0x0008, 64) U0f19: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) U0f1a: 013f00030030 tmp0:= unk_13f(tmp0) U0f1c: 006301031200 tmp1:= READURAM(0x0001, 64) U0f1d: 017e00031c31 tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp0) U0f1e: 206322030200 tmp0:= READURAM(0x0022, 64) U0f20: 000800030030 tmp0:= ZEROEXT_DSZ32(tmp0) U0f21: 0928b5180030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U06b5) U0f22: 01420e000c00 SYNCFULL-> UFLOWCTRL(MSLOOPCTR, tmp0) U0f24: 006308030200 tmp0:= READURAM(0x0008, 64) U0f25: 006300013200 tmp7:= READURAM(0x0000, 64) U0f26: 013f00030030 tmp0:= unk_13f(tmp0) U0f28: 017e00030c13 tmp0:= MOVEMERGEFLGS_DSZ64(tmp7, tmp0) U0f29: 206322013200 tmp7:= READURAM(0x0022, 64) U0f2a: 006520013213 tmp7:= SHR_DSZ64(tmp7, 0x00000020) U0f2c: 000800000000 NOP U0f2d: 000800000000 NOP U0f2e: 015d000004c0 UJMP(tmp7) ------------------------------------------------------------------------------------ U0f30: 00630f039200 tmp9:= READURAM(0x000f, 64) U0f31: 002100039e39 LFNCEWAIT-> tmp9:= CONCAT_DSZ32(tmp9, tmp8) U0f32: 2e7d805f900d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000b780, tmp9) 0298d096 SEQW SAVEUIP1 U0f34 SEQW GOTO U18d0 U0f34: 00080103c008 tmp12:= ZEROEXT_DSZ32(0x00000001) 091a3d00 SEQW GOTO U1a3d ------------------------------------------------------------------------------------ U0f35: 000883035010 tmp5:= ZEROEXT_DSZ32(0x00030400) U0f36: 2042a1180235 SYNCFULL-> MOVETOCREG_DSZ64(tmp5, 0x6a1) U0f38: 000800036034 tmp6:= ZEROEXT_DSZ32(tmp4) U0f39: 0e6500035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U0f3a: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) U0f3c: 2042a4180235 MOVETOCREG_DSZ64(tmp5, 0x6a4) U0f3d: 100a00000280 TESTUSTATE(SYS, 0x4000) 018f4140 ? SEQW GOTO U0f41 U0f3e: 0e7d00035033 STADSTGBUF_DSZ64_ASZ16_SC1(tmp3, tmp5) U0f40: 000020033cc8 tmp3:= ADD_DSZ32(0x00000020, tmp3) U0f41: 29a2a5180635 MOVETOCREG_SHR_DSZ64(tmp5, 0x00000020, 0x6a5) U0f42: 01600103c23c SYNCWAIT-> tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0b0f3980 SEQW GOTO U0f39 ------------------------------------------------------------------------------------ U0f44: 00050103cc08 tmp12:= SUB_DSZ32(0x00000001, tmp0) U0f45: 01420e000f00 SYNCFULL-> UFLOWCTRL(MSLOOPCTR, tmp12) U0f46: 00088103a010 tmp10:= ZEROEXT_DSZ32(0x00030200) U0f48: 0042a118023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, 0x6a1) U0f49: 008500739c4b tmp9:= SUB_DSZ16(0x00007c00, tmp1) U0f4a: 002502039239 tmp9:= SHR_DSZ32(tmp9, 0x00000002) U0f4c: 0042a0180239 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp9, 0x6a0) U0f4d: 000800034036 tmp4:= ZEROEXT_DSZ32(tmp6) U0f4e: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) U0f50: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U0f51: 0e6500035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U0f52: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) U0f54: 006530035235 tmp5:= SHR_DSZ64(tmp5, 0x00000030) U0f55: 0004ff0f5d48 tmp5:= AND_DSZ32(0x000003ff, tmp5) U0f56: 002400035df5 tmp5:= SHL_DSZ32(tmp5, tmp7) U0f58: 000100031c75 tmp1:= OR_DSZ32(tmp5, tmp1) U0f59: 00000a037dc8 tmp7:= ADD_DSZ32(0x0000000a, tmp7) U0f5a: 00051e035dc8 tmp5:= SUB_DSZ32(0x0000001e, tmp7) U0f5c: 013ea41b0d48 tmp0:= MOVEMERGEFLGS_DSZ32(0x000006a4, tmp5) U0f5d: 013400130230 tmp0:= CMOVCC_DSZ32_CONDZ(tmp0, 0x00000400) U0f5e: 204200000c31 MOVETOCREG_DSZ64(tmp1, tmp0) U0f60: 013000037df5 tmp7:= SELECTCC_DSZ32_CONDZ(tmp5, tmp7) U0f61: 013000031c75 tmp1:= SELECTCC_DSZ32_CONDZ(tmp5, tmp1) U0f62: 01600103c23c SYNCWAIT-> tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0b0f5180 SEQW GOTO U0f51 ------------------------------------------------------------------------------------ U0f64: 2042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U0f65: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U0f66: 0008be071010 tmp1:= ZEROEXT_DSZ32(0x40000000) U0f68: 0d0f00000031 PORTOUT_DSZ32_ASZ16_SC1(tmp1, 0x00000000) U0f69: 000004031c48 tmp1:= ADD_DSZ32(0x00000004, tmp1) U0f6a: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 018f6880 ? SEQW GOTO U0f68 U0f6c: 000a08800200 TESTUSTATE(UCODE, !0x0008) 018f7400 ? SEQW GOTO U0f74 U0f6d: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U0f6e: 0008c7071010 tmp1:= ZEROEXT_DSZ32(0x400050a0) U0f70: 0d0f00000031 PORTOUT_DSZ32_ASZ16_SC1(tmp1, 0x00000000) U0f71: 000004031c48 tmp1:= ADD_DSZ32(0x00000004, tmp1) U0f72: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 018f7080 ? SEQW GOTO U0f70 U0f74: 00080803b008 tmp11:= ZEROEXT_DSZ32(0x00000008) U0f75: 20437300023b WRITEURAM(tmp11, 0x0073, 64) U0f76: 006320031200 tmp1:= READURAM(0x0020, 64) U0f78: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U0f79: 00c800031031 tmp1:= ZEROEXT_DSZ8(tmp1) U0f7a: 000501031c48 tmp1:= SUB_DSZ32(0x00000001, tmp1) U0f7c: 2d0f18031008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, tmp1) U0f7d: 2dcbc0031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x000000c0) U0f7e: 001503031231 tmp1:= BTS_DSZ32(tmp1, 0x00000003) U0f80: 2dcfc0031008 PORTOUT_DSZ8_ASZ16_SC1(0x000000c0, tmp1) U0f81: 2d0b08032008 tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x00000008) U0f82: 006335031200 tmp1:= READURAM(0x0035, 64) U0f84: 005430031231 tmp1:= BT_DSZ64(tmp1, 0x00000030) U0f85: 003310031231 tmp1:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00000010) U0f86: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U0f88: 2d0f08032008 PORTOUT_DSZ32_ASZ16_SC1(0x00000008, tmp2) U0f89: 006377031200 tmp1:= READURAM(0x0077, 64) U0f8a: 00652b031231 tmp1:= SHR_DSZ64(tmp1, 0x0000002b) U0f8c: 00241f031231 tmp1:= SHL_DSZ32(tmp1, 0x0000001f) U0f8d: 2d0f3c031008 PORTOUT_DSZ32_ASZ16_SC1(0x0000003c, tmp1) U0f8e: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) 01a1a196 SEQW SAVEUIP1 U0f90 SEQW GOTO U21a1 U0f90: 006335031200 tmp1:= READURAM(0x0035, 64) U0f91: 186a5d2c06b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000028, U2b5d) U0f92: 00080903b008 tmp11:= ZEROEXT_DSZ32(0x00000009) U0f94: 20437308023b WRITEURAM(tmp11, 0x0073, 32) 04ee1600 SEQW GOTO fit_load_start ------------------------------------------------------------------------------------ U0f95: 29626dc00340 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000017, 0x06d) U0f96: 2a621c0372f7 tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x0000000c, 0x01c) U0f98: 003304037237 tmp7:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000004) U0f99: 204270000237 MOVETOCREG_DSZ64(tmp7, 0x070) U0f9a: 0e6548072f0a tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000248, mode=0x01) U0f9c: 004346000232 WRITEURAM(tmp2, 0x0046, 64) U0f9d: 00141f032232 tmp2:= BT_DSZ32(tmp2, 0x0000001f) U0f9e: 00620003a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x000) U0fa0: 0073e1032432 tmp2:= SELECTCC_DSZ64_CONDNB(tmp2, 0x00200000) U0fa1: 290200000cba LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp10, tmp2, 0x000) U0fa2: 0e6500072f0d tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000500, mode=0x01) U0fa4: 01420f000c80 SYNCWTMRK-> UFLOWCTRL(USTATE, tmp2) U0fa5: 003d00032cb2 tmp2:= MOVEINSERTFLGS_DSZ32(tmp2, tmp2) U0fa6: 00635703a200 tmp10:= READURAM(0x0057, 64) U0fa8: 0e25d4070f09 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d4, mode=0x01) U0fa9: 000407030c08 tmp0:= AND_DSZ32(0x00000007, tmp0) U0faa: 20631f03f200 tmp15:= READURAM(0x001f, 64) U0fac: 00470703ffc8 tmp15:= NOTAND_DSZ64(0x00000007, tmp15) U0fad: 00410003fff0 tmp15:= OR_DSZ64(tmp0, tmp15) U0fae: 20431f00023f WRITEURAM(tmp15, 0x001f, 64) U0fb0: 0e25cc074f09 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001cc, mode=0x01) 01826a14 SEQW SAVEUIP1 U0fb1 SEQW GOTO U026a U0fb1: 000800000000 NOP U0fb2: 000800000000 NOP U0fb4: 000a10000200 SYNCWAIT-> TESTUSTATE(UCODE, 0x0010) 0a0fb800 ? SEQW GOTO U0fb8 U0fb5: 0e65a8070f0a tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002a8, mode=0x01) U0fb6: 00433e000230 WRITEURAM(tmp0, 0x003e, 64) U0fb8: 000a20000200 TESTUSTATE(UCODE, 0x0020) 018fbc00 ? SEQW GOTO U0fbc U0fb9: 0e6508070f0b tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000308, mode=0x01) U0fba: 0e6d08030e8b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp10, 0x00000308, tmp0) U0fbc: 0e2550070f0a tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000250, mode=0x01) U0fbd: 003100030c32 tmp0:= SELECTCC_DSZ32_CONDNO(tmp2, tmp0) U0fbe: 004309000230 WRITEURAM(tmp0, 0x0009, 64) U0fc0: 0e6580071f0a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000280, mode=0x01) U0fc1: 027300031c72 tmp1:= SELECTCC_DSZ64_CONDNP(tmp2, tmp1) U0fc2: 0e253c070f0a tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x0000023c, mode=0x01) U0fc4: 0001e1030c10 tmp0:= OR_DSZ32(0x00200000, tmp0) U0fc5: 02310023f232 tmp15:= SELECTCC_DSZ32_CONDNS(tmp2, 0x00000800) U0fc6: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U0fc8: 00620003a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x000) 024e8400 SEQW GOTO U4e84 ------------------------------------------------------------------------------------ U0fc9: 00621b178200 tmp8:= MOVEFROMCREG_DSZ64(0x51b) U0fca: 008820078e08 tmp8:= ZEROEXT_DSZ16(0x00000120, tmp8) U0fcc: 0e6500079038 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, mode=0x01) U0fcd: 008818078e08 tmp8:= ZEROEXT_DSZ16(0x00000118, tmp8) U0fce: 0e6500078038 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, mode=0x01) U0fd0: 0e75a0031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000a0) U0fd1: 0e7580032008 tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000080) U0fd2: 00560b037239 tmp7:= BTR_DSZ64(tmp9, 0x0000000b) U0fd4: 00533a1c0277 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp7, U273a) U0fd5: 00080e030008 tmp0:= ZEROEXT_DSZ32(0x0000000e) U0fd6: 1929b41c0c77 CMPUJNZ_DIRECT_NOTTAKEN(tmp7, tmp1, patch_load_error) U0fd8: 00080f030008 tmp0:= ZEROEXT_DSZ32(0x0000000f) U0fd9: 1929b41c0cb8 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp8, tmp2, patch_load_error) U0fda: 004707038e08 tmp8:= NOTAND_DSZ64(0x00000007, tmp8) U0fdc: 004274140238 MOVETOCREG_DSZ64(tmp8, PMH_CR_EMRR_BASE) U0fdd: 004275140239 MOVETOCREG_DSZ64(tmp9, PMH_CR_EMRR_MASK) U0fde: 004400032e39 tmp2:= AND_DSZ64(tmp9, tmp8) U0fe0: 0e7da0039008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000a0, tmp9) U0fe1: 00621b178200 tmp8:= MOVEFROMCREG_DSZ64(0x51b) U0fe2: 008830078e08 tmp8:= ZEROEXT_DSZ16(0x00000130, tmp8) U0fe4: 0e6500077038 tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, mode=0x01) U0fe5: 008828078e08 tmp8:= ZEROEXT_DSZ16(0x00000128, tmp8) U0fe6: 0e6500078038 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, mode=0x01) U0fe8: 000810030008 tmp0:= ZEROEXT_DSZ32(0x00000010) U0fe9: 004400031e37 tmp1:= AND_DSZ64(tmp7, tmp8) U0fea: 004400031c79 tmp1:= AND_DSZ64(tmp9, tmp1) U0fec: 1929b41c0cb1 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, tmp2, patch_load_error) U0fed: 0046ff7f1ddf tmp1:= XOR_DSZ64(0xffffffffffffffff, tmp7) U0fee: 004100031e31 tmp1:= OR_DSZ64(tmp1, tmp8) U0ff0: 004400031c79 tmp1:= AND_DSZ64(tmp9, tmp1) U0ff1: 1929b41c0cb1 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, tmp2, patch_load_error) U0ff2: 004262140238 MOVETOCREG_DSZ64(tmp8, 0x562) U0ff4: 004263140237 MOVETOCREG_DSZ64(tmp7, 0x563) 01816414 SEQW SAVEUIP1 U0ff5 SEQW GOTO U0164 U0ff5: 0e7dc0038008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000c0, tmp8) U0ff6: 0e7de0037008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000e0, tmp7) U0ff8: 2d4f10038008 PORTOUT_DSZ64_ASZ16_SC1(0x00000010, tmp8) U0ff9: 000804030008 tmp0:= ZEROEXT_DSZ32(0x00000004) 01e0aa51 SEQW SAVEUIP0 U0ffa SEQW GOTO U60aa U0ffa: 006263170200 tmp0:= MOVEFROMCREG_DSZ64(0x563) U0ffc: 2d4f10030008 PORTOUT_DSZ64_ASZ16_SC1(0x00000010, tmp0) U0ffd: 000805030008 tmp0:= ZEROEXT_DSZ32(0x00000005) U0ffe: 000c2a640200 SAVEUIP(0x00, U192a) 01e0aa80 SEQW GOTO U60aa ------------------------------------------------------------------------------------ U1000: 002509032235 tmp2:= SHR_DSZ32(tmp5, 0x00000009) U1001: 000400632c88 tmp2:= AND_DSZ32(0x00001800, tmp2) U1002: 013100037df2 tmp7:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp7) U1004: 000100037df2 tmp7:= OR_DSZ32(tmp2, tmp7) U1005: 01512c2802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U4a2c) U1006: 286a08000337 BTUJB_DIRECT_NOTTAKEN(tmp7, 0x00000010, U1008) 01ca2c80 SEQW GOTO U4a2c ------------------------------------------------------------------------------------ U1008: 072f00033e38 LFNCEWAIT-> mm3:= unk_72f(tmm0, tmm0) U1009: 000800000000 NOP U100a: 000800000000 NOP U100c: 004286100233 LFNCEMARK-> MOVETOCREG_DSZ64(tmp3, 0x486) 04194d00 SEQW GOTO U194d ------------------------------------------------------------------------------------ U100d: 01501240023a UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp10, U1012) U100e: 29291140023a CMPUJNZ_DIRECT_NOTTAKEN(tmp10, 0x00000001, U1011) U1010: 1062c10b5240 tmp5:= MOVEFROMCREG_DSZ64(0x2c1, 32) U1011: 3042c0080275 MOVETOCREG_DSZ64(tmp5, 0x2c0, 32) U1012: 00635c03a200 tmp10:= READURAM(0x005c, 64) U1014: 00551703a23a tmp10:= BTS_DSZ64(tmp10, 0x00000017) U1015: 20435c00023a SYNCMARK-> WRITEURAM(tmp10, 0x005c, 64) 0cdda640 SEQW GOTO U5da6 ------------------------------------------------------------------------------------ U1016: 004403039ec8 tmp9:= AND_DSZ64(0x00000003, tmp11) U1018: 0062c61f8200 tmp8:= MOVEFROMCREG_DSZ64(0x7c6) U1019: 004703038e08 tmp8:= NOTAND_DSZ64(0x00000003, tmp8) U101a: 004100038e39 tmp8:= OR_DSZ64(tmp9, tmp8) U101c: 0042c61c0238 MOVETOCREG_DSZ64(tmp8, 0x7c6) U101d: 292921800239 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x00000002, U1021) U101e: 006311039200 LFNCEMARK-> tmp9:= READURAM(0x0011, 64) U1020: 0e65c8079e4c tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000004c8, mode=0x01) U1021: 000d89a80000 SYNCWTMRK-> SAVEUIP_REGOVR(0x01, U1022, 0x0a89) 0ed95540 SEQW GOTO U5955 U1022: 0062c31b8200 tmp8:= MOVEFROMCREG_DSZ64(0x6c3) U1024: 000408039ec8 tmp9:= AND_DSZ32(0x00000008, tmp11) U1025: 002405039239 tmp9:= SHL_DSZ32(tmp9, 0x00000005) U1026: 0902c3180e78 MOVETOCREG_OR_DSZ64(tmp8, tmp9, 0x6c3) U1028: 00634303a200 tmp10:= READURAM(0x0043, 64) U1029: 00542103a23a tmp10:= BT_DSZ64(tmp10, 0x00000021) U102a: 017e00035eb5 tmp5:= MOVEMERGEFLGS_DSZ64(tmp5, tmp10) U102c: 286a3540023b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000001, U1035) U102d: 286b35c0023b BTUJNB_DIRECT_NOTTAKEN(tmp11, 0x00000003, U1035) U102e: 006343039200 tmp9:= READURAM(0x0043, 64) U1030: 000120036d88 tmp6:= OR_DSZ32(0x00000020, tmp6) U1031: 286a35c00679 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000027, U1035) U1032: 000101036d88 tmp6:= OR_DSZ32(0x00000001, tmp6) U1034: 00151f036236 tmp6:= BTS_DSZ32(tmp6, 0x0000001f) U1035: 006377038200 tmp8:= READURAM(0x0077, 64) U1036: 00542b038238 tmp8:= BT_DSZ64(tmp8, 0x0000002b) U1038: 005339400238 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp8, U1039) 01904500 SEQW GOTO U1045 ------------------------------------------------------------------------------------ U1039: 000800038030 tmp8:= ZEROEXT_DSZ32(tmp0) U103a: 000405078e08 tmp8:= AND_DSZ32(0x00000105, tmp8) U103c: 01513d400238 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U103d) 01904500 SEQW GOTO U1045 ------------------------------------------------------------------------------------ U103d: 0e25e00382b2 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e0) U103e: 008402038e08 tmp8:= AND_DSZ16(0x00000002, tmp8) U1040: 002408038238 tmp8:= SHL_DSZ32(tmp8, 0x00000008) U1041: 00631f039200 tmp9:= READURAM(0x001f, 64) U1042: 004100039e39 tmp9:= OR_DSZ64(tmp9, tmp8) U1044: 20431f000239 WRITEURAM(tmp9, 0x001f, 64) U1045: 00635c039200 tmp9:= READURAM(0x005c, 64) U1046: 00042003ae48 tmp10:= AND_DSZ32(0x00000020, tmp9) U1048: 000700039e7c tmp9:= NOTAND_DSZ32(tmp12, tmp9) U1049: 20435c080239 WRITEURAM(tmp9, 0x005c, 32) U104a: 0ee5340392b2 tmp9:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x00000234) U104c: 0008503bd009 tmp13:= ZEROEXT_DSZ32(0x00002e50) U104d: 2928964c0239 CMPUJZ_DIRECT_NOTTAKEN(tmp9, 0x00000001, U1396) U104e: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01905880 ? SEQW GOTO U1058 U1050: 00080c6fd008 tmp13:= ZEROEXT_DSZ32(0x00001b0c) U1051: 2e75805ff00d tmp15:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b780) U1052: 20437800023f WRITEURAM(tmp15, 0x0078, 64) U1054: 00251003923f tmp9:= SHR_DSZ32(tmp15, 0x00000010) U1055: 00058b039e48 tmp9:= SUB_DSZ32(0x0000008b, tmp9) U1056: 0150964c0239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U1396) U1058: 00084973d00a tmp13:= ZEROEXT_DSZ32(0x00005c49) U1059: 0ea5020392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x00000302) U105a: 2928964c0239 CMPUJZ_DIRECT_NOTTAKEN(tmp9, 0x00000001, U1396) U105c: 00082a53d008 tmp13:= ZEROEXT_DSZ32(0x0000142a) U105d: 0ea5000392f2 LFNCEMARK-> tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x00000300) U105e: 0005ff039e48 tmp9:= SUB_DSZ32(0x000000ff, tmp9) U1060: 015061400239 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U1061) 04139600 SEQW GOTO U1396 ------------------------------------------------------------------------------------ U1061: 0e65e803e272 tmp14:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e8) U1062: 001510037237 tmp7:= BTS_DSZ32(tmp7, 0x00000010) U1064: 0e65f8026272 rsi:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f8) U1065: 0e65f0021272 rcx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f0) U1066: 0e65e0027272 rdi:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e0) U1068: 000725030c08 tmp0:= NOTAND_DSZ32(0x00000025, tmp0) 01939900 SEQW GOTO U1399 ------------------------------------------------------------------------------------ U1069: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U106a: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U106c: 286b6d00023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U106d) 08106a00 SEQW GOTO U106a ------------------------------------------------------------------------------------ U106d: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U106e: 10422c080255 MOVETOCREG_DSZ64(tmpv1, 0x22c, 32) U1070: 00080f1ff008 tmp15:= ZEROEXT_DSZ32(0x0000070f) U1071: 00a10703f23f tmp15:= CONCAT_DSZ16(tmp15, 0x00000007) 05599e40 SEQW GOTO U599e ------------------------------------------------------------------------------------ U1072: 00638b039200 LFNCEMARK-> tmp9:= READURAM(0x008b, 64) U1074: 000400439e5f tmp9:= AND_DSZ32(0xfffffffffffff000, tmp9) U1075: 0062c51f4200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U1076: 0007f0034d08 tmp4:= NOTAND_DSZ32(0x000000f0, tmp4) U1078: 001505034234 tmp4:= BTS_DSZ32(tmp4, 0x00000005) U1079: 001413035230 tmp5:= BT_DSZ32(tmp0, 0x00000013) U107a: 00323003f235 tmp15:= SELECTCC_DSZ32_CONDB(tmp5, 0x00000030) U107c: 000600034d3f tmp4:= XOR_DSZ32(tmp15, tmp4) U107d: 0033000bd235 tmp13:= SELECTCC_DSZ32_CONDNB(tmp5, 0x00000200) U107e: 00010003d03d tmp13:= OR_DSZ32(tmp13) U1080: 00330017f235 tmp15:= SELECTCC_DSZ32_CONDNB(tmp5, 0x00000500) U1081: 000401237dc8 tmp7:= AND_DSZ32(0x00000801, tmp7) U1082: 0902ff1c0ff7 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(tmp7, tmp15, 0x7ff) U1084: 0062c51b3200 tmp3:= MOVEFROMCREG_DSZ64(0x6c5) U1085: 000728033cc8 tmp3:= NOTAND_DSZ32(0x00000028, tmp3) U1086: 00320803f235 tmp15:= SELECTCC_DSZ32_CONDB(tmp5, 0x00000008) U1088: 0902c5180ff3 MOVETOCREG_OR_DSZ64(tmp3, tmp15, 0x6c5) U1089: 0e251c037039 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x0000001c) U108a: 000000037df9 tmp7:= ADD_DSZ32(tmp9, tmp7) U108c: 0007e73f7dc8 tmp7:= NOTAND_DSZ32(0x00000fe7, tmp7) U108d: 0dff00000038 unk_dff(tmp8) U108e: 0008f4071010 SYNCFULL-> tmp1:= ZEROEXT_DSZ32(0x80000033) 096efe96 SEQW SAVEUIP1 U1090 SEQW GOTO U6efe U1090: 0ea510031039 LFNCEWAIT-> tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x00000010) U1091: 008707031c48 tmp1:= NOTAND_DSZ16(0x00000007, tmp1) U1092: 013508031231 tmp1:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x00000008) U1094: 000e05000200 WRMSLOOPCTRFBR(0x00000005) U1095: 008008034c48 tmp4:= ADD_DSZ16(0x00000008, tmp1) U1096: 013508034234 tmp4:= CMOVCC_DSZ32_CONDNZ(tmp4, 0x00000008) U1098: 00a193034d0e tmp4:= CONCAT_DSZ16(0x0000c093, tmp4) U1099: 0021ff7f4d1f tmp4:= CONCAT_DSZ32(0xffffffffffffffff, tmp4) U109a: 09623c9c02c0 MOVETOCREG_BTS_DSZ64(0x0000000e, 0x73c) U109c: 0c6bbf800034 WRSEGFLD(tmp4) U109d: 0c6b3f800000 WRSEGFLD(0x00000000) U109e: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01909c80 ? SEQW GOTO U109c U10a0: 0c6ba3000034 WRSEGFLD(tmp4, SS, SEL+FLGS+LIM) U10a1: 0c6b23000000 WRSEGFLD(0x00000000, SS, BASE) U10a2: 0c6b6e000000 LFNCEMARK-> WRSEGFLD(0x00000000, IDT, LIMIT) U10a4: 0c6b87000000 WRSEGFLD(0x00000000, LDT, SEL) U10a5: 0e250c034039 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x0000000c) U10a6: 000000034d39 tmp4:= ADD_DSZ32(tmp9, tmp4) U10a8: 0c6b26000034 WRSEGFLD(tmp4, GDT, BASE) U10a9: 0ea508034039 tmp4:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x00000008) U10aa: 0c7b66000034 LFNCEWAIT-> WRSEGFLD(tmp4, GDT, LIMIT) U10ac: 00240403f23d tmp15:= SHL_DSZ32(tmp13, 0x00000004) U10ad: 00859b03f3bf tmp15:= SUB_DSZ16(tmp15, 0x0000c09b) U10ae: 0042f51c023f SYNCWTMRK-> MOVETOCREG_DSZ64(tmp15, 0x7f5) U10b0: 00a10003fc7f tmp15:= CONCAT_DSZ16(tmp15, tmp1) U10b1: 0021ff7fffdf tmp15:= CONCAT_DSZ32(0xffffffffffffffff, tmp15) U10b2: 0c6b29000000 WRSEGFLD(0x00000000, UNK_SEG_09, BASE) U10b4: 0c6b4900003f WRSEGFLD(tmp15, UNK_SEG_09, FLGS) U10b5: 0c6b22000000 WRSEGFLD(0x00000000, CS, BASE) U10b6: 0c6b4200003f WRSEGFLD(tmp15, CS, FLGS) U10b8: 00050103f008 tmp15:= SUB_DSZ32(0x00000001) U10b9: 00428e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x78e) U10ba: 0042001c0200 MOVETOCREG_DSZ64(0x00000000, 0x700) U10bc: 00421010023f MOVETOCREG_DSZ64(tmp15, 0x410) U10bd: 0e2518024039 rsp:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000018) U10be: 000000024939 rsp:= ADD_DSZ32(tmp9, rsp) U10c0: 0e2514035039 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000014) U10c1: 000000035d79 tmp5:= ADD_DSZ32(tmp9, tmp5) U10c2: 006356039200 tmp9:= READURAM(0x0056, 64) U10c4: 00634a036200 SYNCFULL-> tmp6:= READURAM(0x004a, 64) 08355e00 SEQW GOTO U355e ------------------------------------------------------------------------------------ U10c5: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U10c6: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U10c8: 286bc900023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U10c9) 0810c600 SEQW GOTO U10c6 ------------------------------------------------------------------------------------ U10c9: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U10ca: 10422c080255 MOVETOCREG_DSZ64(tmpv1, 0x22c, 32) U10cc: 0008ff1ff008 tmp15:= ZEROEXT_DSZ32(0x000007ff) U10cd: 00a10d03f23f tmp15:= CONCAT_DSZ16(tmp15, 0x0000000d) 01d99e40 SEQW GOTO U599e ------------------------------------------------------------------------------------ U10ce: 000e5f000200 WRMSLOOPCTRFBR(0x0000005f) U10d0: 0a4408800000 unk_a44(0x00000000) U10d1: 0a5408800000 unk_a54(0x00000000) U10d2: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0190d080 ? SEQW GOTO U10d0 U10d4: 296203400240 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x00000005, 0x003) U10d5: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U10d6: 000800000000 NOP U10d8: 204800003000 rdi:= ZEROEXT_DSZ64(0x00000000) U10d9: 004800013000 tmp7:= ZEROEXT_DSZ64(0x00000000) U10da: 05b900013000 mm7:= unk_5b9(0x00000000) U10dc: 05b900003000 xmm7:= unk_5b9(0x00000000) U10dd: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0190d840 ? SEQW GOTO U10d8 U10de: 000e03000200 WRMSLOOPCTRFBR(0x00000003) U10e0: 017c00003000 rdi:= unk_17c(0x00000000) U10e1: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0190e040 ? SEQW GOTO U10e0 U10e2: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U10e4: 296203800240 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x00000006, 0x003) U10e5: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U10e6: 05b900020000 xmm0:= unk_5b9(0x00000000) U10e8: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0190e500 ? SEQW GOTO U10e5 U10e9: 000800000000 NOP U10ea: 000891060010 rax:= ZEROEXT_DSZ32(0x0fffffff) U10ec: 00210a03b008 tmp11:= CONCAT_DSZ32(0x0000000a) U10ed: 00437300023b WRITEURAM(tmp11, 0x0073, 64) U10ee: 09626cc002c0 MOVETOCREG_BTS_DSZ64(0x0000000f, 0x06c) U10f0: 10621d0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x21d, 32) U10f1: 1062230b8240 tmp8:= MOVEFROMCREG_DSZ64(0x223, 32) U10f2: 000480038238 tmp8:= AND_DSZ32(tmp8, 0x00000080) U10f4: 00040c034c08 tmp4:= AND_DSZ32(0x0000000c, tmp0) U10f5: 000504034d08 tmp4:= SUB_DSZ32(0x00000004, tmp4) U10f6: 000100030c38 tmp0:= OR_DSZ32(tmp8, tmp0) U10f8: 0130003f1234 tmp1:= SELECTCC_DSZ32_CONDZ(tmp4, 0x00000f00) U10f9: 000129071431 tmp1:= OR_DSZ32(tmp1, 0x00830c00) U10fa: 01307f072234 tmp2:= SELECTCC_DSZ32_CONDZ(tmp4, 0x0000017f) U10fc: 00017e032432 tmp2:= OR_DSZ32(tmp2, 0x0003003f) 01a7c110 SEQW SAVEUIP0 U10fd SEQW GOTO uarch_bufs_ldat_init U10fd: 000480031c08 tmp1:= AND_DSZ32(0x00000080, tmp0) U10fe: 013110031231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00000010) U1100: 000710030c08 tmp0:= NOTAND_DSZ32(0x00000010, tmp0) U1101: 000608030c08 tmp0:= XOR_DSZ32(0x00000008, tmp0) U1102: 0902c5180c31 MOVETOCREG_OR_DSZ64(tmp1, tmp0, 0x6c5) U1104: 04b400039000 SYNCFULL-> tmm1:= FMOV(0x00000000) U1105: 000800000000 NOP U1106: 000800000000 NOP U1108: 04b40003a000 SYNCFULL-> tmm2:= FMOV(0x00000000) U1109: 053c00000eb9 unk_53c(tmm1, tmm2) U110a: 057a00000eb9 unk_57a(tmm1, tmm2) U110c: 04b400039000 tmm1:= FMOV(0x00000000) U110d: 04b40003a000 tmm2:= FMOV(0x00000000) U110e: 053c00000eb9 unk_53c(tmm1, tmm2) U1110: 057a00000eb9 unk_57a(tmm1, tmm2) U1111: 053c00000eb9 unk_53c(tmm1, tmm2) U1112: 057a00000eb9 unk_57a(tmm1, tmm2) U1114: 053c00000eb9 unk_53c(tmm1, tmm2) U1115: 057a00000eb9 unk_57a(tmm1, tmm2) U1116: 1062a50f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3a5, 32) U1118: 286a19440230 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U1119) 041c2600 SEQW GOTO U1c26 ------------------------------------------------------------------------------------ U1119: 004501031008 tmp1:= SUB_DSZ64(0x00000001) U111a: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U111c: 190285c80230 MOVETOCREG_OR_DSZ64(tmp0, 0x00000003, CTAP_CR_DFX_CTL_STS) U111d: 10420c080271 MOVETOCREG_DSZ64(tmp1, 0x20c, 32) U111e: 1042e9080271 MOVETOCREG_DSZ64(tmp1, 0x2e9, 32) U1120: 10428b0c0271 MOVETOCREG_DSZ64(tmp1, 0x38b, 32) U1121: 1042920c0271 MOVETOCREG_DSZ64(tmp1, 0x392, 32) U1122: 004211100231 MOVETOCREG_DSZ64(tmp1, 0x411) U1124: 004264000231 MOVETOCREG_DSZ64(tmp1, 0x064) U1125: 004206040231 MOVETOCREG_DSZ64(tmp1, 0x106) U1126: 004288100231 MOVETOCREG_DSZ64(tmp1, 0x488) U1128: 004280180231 MOVETOCREG_DSZ64(tmp1, 0x680) U1129: 00424d1c0231 MOVETOCREG_DSZ64(tmp1, 0x74d) U112a: 00423c180231 MOVETOCREG_DSZ64(tmp1, 0x63c) U112c: 1062bc0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2bc, 32) U112d: 1902bc480230 MOVETOCREG_OR_DSZ64(tmp0, 0x00000001, 0x2bc) 019c3e40 SEQW GOTO U1c3e ------------------------------------------------------------------------------------ U112e: 0062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1130: 238000030c00 tmp0:= READAFLAGS(tmp0) U1131: 0e7da0070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000001a0, tmp0) U1132: 00083547c008 tmp12:= ZEROEXT_DSZ32(0x00001135) U1134: 100a00800380 TESTUSTATE(SYS, !0xc000) 01f60200 ? SEQW GOTO U7602 U1135: 00635c038200 tmp8:= READURAM(0x005c, 64) U1136: 086a95250338 BTUJB_DIRECT_NOTTAKEN(tmp8, 0x00000010, U4995) U1138: 000d00800000 SAVEUIP_REGOVR(0x01, U1139, 0x0000) 01b2cd00 SEQW GOTO U32cd U1139: 1062830f0240 tmp0:= MOVEFROMCREG_DSZ64(0x383, 32) U113a: 1062840f1240 tmp1:= MOVEFROMCREG_DSZ64(0x384, 32) U113c: 00e100030c31 tmp0:= CONCAT_DSZ8(tmp1, tmp0) U113d: 00620c071200 tmp1:= MOVEFROMCREG_DSZ64(0x10c) U113e: 0062921b6200 tmp6:= MOVEFROMCREG_DSZ64(0x692) U1140: 00c800031db1 tmp1:= ZEROEXT_DSZ8(tmp1, tmp6) U1141: 00a100031c31 tmp1:= CONCAT_DSZ16(tmp1, tmp0) U1142: 0062f61f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U1144: 002100038c75 tmp8:= CONCAT_DSZ32(tmp5, tmp1) U1145: 0e7dc0078008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000001c0, tmp8) U1146: 0007d8075d50 tmp5:= NOTAND_DSZ32(0x60000000, tmp5) U1148: 0042f61c0235 MOVETOCREG_DSZ64(tmp5, CORE_CR_CR0) U1149: 000d08800000 SAVEUIP_REGOVR(0x01, U114a, 0x0008) 01ab1540 SEQW GOTO lbsync_full U114a: 1062f30f8240 tmp8:= MOVEFROMCREG_DSZ64(0x3f3, 32) U114c: 1062f20f1240 tmp1:= MOVEFROMCREG_DSZ64(0x3f2, 32) U114d: 00e100031c78 tmp1:= CONCAT_DSZ8(tmp8, tmp1) U114e: 1062f10f8240 tmp8:= MOVEFROMCREG_DSZ64(0x3f1, 32) U1150: 002408031231 tmp1:= SHL_DSZ32(tmp1, 0x00000008) U1151: 00c800031c78 tmp1:= ZEROEXT_DSZ8(tmp8, tmp1) U1152: 1062f00f8240 LFNCEMARK-> tmp8:= MOVEFROMCREG_DSZ64(0x3f0, 32) U1154: 002408031231 tmp1:= SHL_DSZ32(tmp1, 0x00000008) U1155: 00c800031c78 tmp1:= ZEROEXT_DSZ8(tmp8, tmp1) U1156: 0e7d000b1008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000200, tmp1) U1158: 0008ff03f008 tmp15:= ZEROEXT_DSZ32(0x000000ff) U1159: 1042f30c027f LFNCEWAIT-> MOVETOCREG_DSZ64(tmp15, 0x3f3, 32) U115a: 1042f20c027f MOVETOCREG_DSZ64(tmp15, 0x3f2, 32) U115c: 1042f10c027f MOVETOCREG_DSZ64(tmp15, 0x3f1, 32) U115d: 1042f00c027f MOVETOCREG_DSZ64(tmp15, 0x3f0, 32) U115e: 00088e030008 tmp0:= ZEROEXT_DSZ32(0x0000008e) U1160: 0005000b1008 tmp1:= SUB_DSZ32(0x00000200) U1161: 000c7a080200 SAVEUIP(0x00, U027a) 0197f655 SEQW SAVEUIP1 U1162 SEQW GOTO U17f6 U1162: 006204070200 tmp0:= MOVEFROMCREG_DSZ64(0x104) U1164: 096204440370 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000015, 0x104) U1165: 0e7de0070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000001e0, tmp0) U1166: 10629e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x39e, 32) U1168: 19629e0c02b0 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp0, 0x00000008, 0x39e) U1169: 0e75000b1008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000200) U116a: 002100030c70 tmp0:= CONCAT_DSZ32(tmp0, tmp1) U116c: 0e7d000b0008 LFNCEWAIT-> STADSTGBUF_DSZ64_ASZ16_SC1(0x00000200, tmp0) U116d: 10629d0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x29d, 32) U116e: 19629d080230 MOVETOCREG_BTS_DSZ64(tmp0, 0x29d) U1170: 09020cc40200 MOVETOCREG_OR_DSZ64(0x00000003, 0x10c) U1171: 190283cc0200 MOVETOCREG_OR_DSZ64(0x00000003, 0x383) U1172: 190284cc0200 MOVETOCREG_OR_DSZ64(0x00000003, 0x384) U1174: 0062921b6200 tmp6:= MOVEFROMCREG_DSZ64(0x692) U1175: 0962921802b6 MOVETOCREG_BTS_DSZ64(tmp6, 0x00000008, 0x692) U1176: 1962ddc80300 MOVETOCREG_BTS_DSZ64(0x00000013, 0x2dd) U1178: 006274171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U1179: 004707030c48 tmp0:= NOTAND_DSZ64(0x00000007, tmp1) U117a: 004274140230 MOVETOCREG_DSZ64(tmp0, PMH_CR_EMRR_BASE) U117c: 006262172200 tmp2:= MOVEFROMCREG_DSZ64(0x562) U117d: 004707030c88 tmp0:= NOTAND_DSZ64(0x00000007, tmp2) U117e: 004262140230 MOVETOCREG_DSZ64(tmp0, 0x562) U1180: 0e7d80031008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000080, tmp1) U1181: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U1182: 0e7da0031008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000a0, tmp1) U1184: 0e7dc0032008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000c0, tmp2) U1185: 006263172200 tmp2:= MOVEFROMCREG_DSZ64(0x563) U1186: 0e7de0032008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000e0, tmp2) U1188: 00621b178200 tmp8:= MOVEFROMCREG_DSZ64(0x51b) U1189: 09021b540238 MOVETOCREG_OR_DSZ64(tmp8, 0x00000001, 0x51b) U118a: 004255000010 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000015, 0x000) 05043c96 SEQW SAVEUIP1 U118c SEQW GOTO U043c U118c: 001512030200 LFNCEWAIT-> tmp0:= BTS_DSZ32(0x00000000, 0x00000012) U118d: 000800000000 NOP U118e: 000800000000 NOP U1190: 000540030c08 tmp0:= SUB_DSZ32(0x00000040, tmp0) U1191: 0e6d00000c38 LFNCEWTMRK-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, tmp0, 0x00000000) U1192: 015094440230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U1194) 06919080 SEQW GOTO U1190 ------------------------------------------------------------------------------------ U1194: 0fef01000000 LBSYNC(0x00000001) U1195: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U1196: 000800000000 NOP U1198: 19028f4f7337 LFNCEWAIT-> tmp7:= MOVETOCREG_OR_DSZ64(tmp7, 0x00000011, 0x38f) U1199: 1962dd880300 MOVETOCREG_BTS_DSZ64(0x00000012, 0x2dd) U119a: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U119c: 00638e03d200 tmp13:= READURAM(0x008e, 64) U119d: 104000438e08 tmp8:= ADD_DSZN(0x00001000, tmp8) U119e: 00080003503d tmp5:= ZEROEXT_DSZ32(tmp13) U11a0: 2d4b481b600a tmp6:= PORTIN_DSZ64_ASZ16_SC1(0x00004648) U11a1: 386afd200336 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000010, U38fd) U11a2: 000c218fe248 tmp14:= SAVEUIP(0x01, U2321) U11a4: 100a20836380 tmp6:= TESTUSTATE(SYS, !UST_SMM | 0xc000) 01a32100 ? SEQW GOTO U2321 U11a5: 000ca8c7e208 tmp14:= SAVEUIP(0x01, U11a8) U11a6: 000800000000 NOP U11a8: 0e2500071db4 LFNCEWAIT-> tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp6, mode=0x01) 02232200 SEQW GOTO U2322 ------------------------------------------------------------------------------------ U11a9: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U11aa: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U11ac: 286bad04023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U11ad) 0811aa00 SEQW GOTO U11aa ------------------------------------------------------------------------------------ U11ad: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U11ae: 10422c080255 MOVETOCREG_DSZ64(tmpv1, 0x22c, 32) U11b0: 0008ff1ff008 tmp15:= ZEROEXT_DSZ32(0x000007ff) U11b1: 00a10f03f23f tmp15:= CONCAT_DSZ16(tmp15, 0x0000000f) 01d99e40 SEQW GOTO U599e ------------------------------------------------------------------------------------ U11b2: 00620003c200 tmp12:= MOVEFROMCREG_DSZ64(0x000) U11b4: 296200c3c33c tmp12:= MOVETOCREG_BTS_DSZ64(tmp12, 0x00000013, 0x000) U11b5: 0052bd44023c LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp12, U11bd) U11b6: 00626703c200 tmp12:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U11b8: 00626503d200 tmp13:= MOVEFROMCREG_DSZ64(0x065) U11b9: 00040f03df48 tmp13:= AND_DSZ32(0x0000000f, tmp13) U11ba: 10450003cf3d tmp12:= SUB_DSZN(tmp13, tmp12) U11bc: 20436e00023c WRITEURAM(tmp12, 0x006e, 64) U11bd: 0c4b4013c000 tmp12:= RDSEGFLD(UNK_SEG_04, FLGS) U11be: 00070803723c tmp7:= NOTAND_DSZ32(tmp12, 0x00000008) U11c0: 01310003d2b7 tmp13:= SELECTCC_DSZ32_CONDNZ(tmp7, 0x00004000) U11c1: 00423c1c023d LFNCEWAIT-> MOVETOCREG_DSZ64(tmp13, 0x73c) U11c2: 006421037237 tmp7:= SHL_DSZ64(tmp7, 0x00000021) U11c4: 0042521c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x752) U11c5: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U11c6: 00140303c23c tmp12:= BT_DSZ32(tmp12, 0x00000003) U11c8: 013e20037f08 tmp7:= MOVEMERGEFLGS_DSZ32(0x00000020, tmp12) U11c9: 00360e037237 tmp7:= CMOVCC_DSZ32_CONDB(tmp7, 0x0000000e) U11ca: 0053cd44023c UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp12, U11cd) U11cc: 0f201c138000 tmp8:= LDPPHYS_DSZ32_ASZ32_SC1(0x0000001c, mode=0x04) U11cd: 1fe000133037 tmp3:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, mode=0x04) U11ce: 1fe00b934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_ALIAS_DATASIZE, mode=0x04) U11d0: 10c100035d74 tmp5:= OR_DSZN(tmp4, tmp5) U11d1: 1fe013934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_13, mode=0x04) U11d2: 10c8ff7e07f4 rax:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11d4: 1fe01b934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_1b, mode=0x04) U11d5: 10c8ff7e17f4 rcx:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11d6: 1fe023934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_23, mode=0x04) U11d8: 10c8ff7e27f4 rdx:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11d9: 1fe02b934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_2b, mode=0x04) U11da: 10c8ff7e37f4 rbx:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11dc: 1fe033934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_33, mode=0x04) U11dd: 10c8ff7e47f4 rsp:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11de: 1fe03b934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_3b, mode=0x04) U11e0: 10c8ff7e57f4 rbp:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11e1: 1fe043934037 tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_43, mode=0x04) U11e2: 10c8ff7e67f4 rsi:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11e4: 1fe04b934037 LFNCEMARK-> tmp4:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_4b, mode=0x04) U11e5: 10c8ff7e77f4 rdi:= ZEROEXT_DSZ8N(tmp4, 0xffffffffffffffff) U11e6: 000900020020 rax:= MOVE_DSZ32(rax) U11e8: 000800023023 rbx:= ZEROEXT_DSZ32(rbx) U11e9: 000800021021 rcx:= ZEROEXT_DSZ32(rcx) U11ea: 000800022022 rdx:= ZEROEXT_DSZ32(rdx) U11ec: 000800024024 rsp:= ZEROEXT_DSZ32(rsp) U11ed: 000800025025 rbp:= ZEROEXT_DSZ32(rbp) U11ee: 000800026026 rsi:= ZEROEXT_DSZ32(rsi) U11f0: 000800027027 rdi:= ZEROEXT_DSZ32(rdi) U11f1: 213f00000035 unk_13f(tmp5) U11f2: 0a62fe5c0335 LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp5, 0x00000011, CORE_CR_EFLAGS) U11f4: 0062f61f4200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U11f5: 2962f6dc0234 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp4, 0x00000003, CORE_CR_CR0) U11f6: 000800000000 NOP U11f8: 1fe053932037 LFNCEWAIT-> tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_53, mode=0x04) U11f9: 000800000000 NOP U11fa: 000800000000 NOP U11fc: 0e7b08200000 LFNCEMARK-> unk_e7b(0x00000000) U11fd: 000800000000 NOP U11fe: 000800000000 NOP U1200: 0c6bc8000032 LFNCEWAIT-> WRSEGFLD(tmp2, ES, UNK_FLD_0c) U1201: 1fe05b932037 tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_5b, mode=0x04) U1202: 000800000000 NOP U1204: 28229edc0232 LFNCEMARK-> MOVETOCREG_AND_DSZ64(tmp2, 0x00000003, 0x79e) U1205: 000800000000 NOP U1206: 000800000000 NOP U1208: 00428e1c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x78e) U1209: 000800000000 NOP U120a: 000800000000 NOP U120c: 0e6b09000000 LFNCEMARK-> unk_e6b(0x00000000) U120d: 000800000000 NOP U120e: 000800000000 NOP U1210: 0c7bc9000032 LFNCEWAIT-> WRSEGFLD(tmp2, UNK_SEG_09, UNK_FLD_0c) U1211: 00628e1f4200 tmp4:= MOVEFROMCREG_DSZ64(0x78e) U1212: 104000034d33 tmp4:= ADD_DSZN(tmp3, tmp4) U1214: 004267000234 MOVETOCREG_DSZ64(tmp4, CORE_CR_CUR_RIP) U1215: 1fe063932037 tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_63, mode=0x04) U1216: 0e7b0a200000 LFNCEMARK-> unk_e7b(0x00000000) U1218: 0c7bca000032 LFNCEWAIT-> WRSEGFLD(tmp2, SS_USERM, UNK_FLD_0c) U1219: 000800000000 NOP U121a: 000800000000 NOP U121c: 1fe06b932037 LFNCEMARK-> tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_6b, mode=0x04) U121d: 000800000000 NOP U121e: 000800000000 NOP U1220: 0e7b0b200000 LFNCEMARK-> unk_e7b(0x00000000) U1221: 000800000000 NOP U1222: 000800000000 NOP U1224: 0c7bcb000032 LFNCEWAIT-> WRSEGFLD(tmp2, DS, UNK_FLD_0c) U1225: 286beec8023c BTUJNB_DIRECT_NOTTAKEN(tmp12, 0x00000003, U12ee) U1226: 1fe073932037 tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_73, mode=0x04) U1228: 0e7b0c200000 LFNCEMARK-> unk_e7b(0x00000000) U1229: 000800000000 NOP U122a: 000800000000 NOP U122c: 0c7bcc000032 LFNCEWAIT-> WRSEGFLD(tmp2, FS, UNK_FLD_0c) U122d: 1fe07b932037 tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_7b, mode=0x04) U122e: 000013837dc8 tmp7:= ADD_DSZ32(IMM_MACRO_13, tmp7) U1230: 0e7b0d200000 LFNCEMARK-> unk_e7b(0x00000000) U1231: 000800000000 NOP U1232: 000800000000 NOP U1234: 0c7bcd000032 LFNCEWAIT-> WRSEGFLD(tmp2, GS, UNK_FLD_0c) 0212f900 SEQW GOTO U12f9 ------------------------------------------------------------------------------------ U1235: 06a043038000 tmp8:= unk_6a0(0x00000000) U1236: 07040003d039 tmm5:= unk_704(tmm1) U1238: 06200103e03d tmm6:= unk_620(tmm5) U1239: 072c0003203e tmp2:= PINTMOVDTMM2I_DSZ32(tmm6) U123a: 00861e074c8a tmp4:= XOR_DSZ16(0x0000411e, tmp2) U123c: 000c48640200 SAVEUIP(0x00, U1948) U123d: 015100000cb4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, tmp2) 01887e40 SEQW GOTO U087e ------------------------------------------------------------------------------------ U123e: 00635c035200 tmp5:= READURAM(0x005c, 64) U1240: 00551e035235 tmp5:= BTS_DSZ64(tmp5, 0x0000001e) U1241: 20435c000235 WRITEURAM(tmp5, 0x005c, 64) U1242: 005344480235 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp5, U1244) 01924d80 SEQW GOTO U124d ------------------------------------------------------------------------------------ U1244: 000d05800000 SAVEUIP_REGOVR(0x01, U1245, 0x0005) 0182ba00 SEQW GOTO U02ba U1245: 2d0b0413500c tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00008404) U1246: 000800000000 NOP U1248: 286b498803f5 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x0000001e, U1249) 01924c00 SEQW GOTO U124c ------------------------------------------------------------------------------------ U1249: 00151e035235 tmp5:= BTS_DSZ32(tmp5, 0x0000001e) U124a: 2d0f0413500c PORTOUT_DSZ32_ASZ16_SC1(0x00008404, tmp5) U124c: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U124d: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01925240 ? SEQW GOTO U1252 U124e: 006311035200 tmp5:= READURAM(0x0011, 64) U1250: 0e65c8075d4c tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x000004c8, mode=0x01) U1251: 086aa6190375 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000014, U46a6) U1252: 0151a61802b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U46a6) U1254: 00630a037200 tmp7:= READURAM(0x000a, 64) U1255: 006309035200 tmp5:= READURAM(0x0009, 64) U1256: 00630b033200 tmp3:= READURAM(0x000b, 64) U1258: 10620f0b9240 tmp9:= MOVEFROMCREG_DSZ64(0x20f, 32) U1259: 204373000239 WRITEURAM(tmp9, 0x0073, 64) U125a: 0062c51fd200 tmp13:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U125c: 00621c179200 tmp9:= MOVEFROMCREG_DSZ64(0x51c) U125d: 00563f039239 tmp9:= BTR_DSZ64(tmp9, 0x0000003f) U125e: 017e0003de7d tmp13:= MOVEMERGEFLGS_DSZ64(tmp13, tmp9) U1260: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01926400 ? SEQW GOTO U1264 U1261: 00635c03a200 tmp10:= READURAM(0x005c, 64) U1262: 286a7508027a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000004, U1275) U1264: 006208039200 tmp9:= MOVEFROMCREG_DSZ64(0x008) U1265: 00640c03a239 tmp10:= SHL_DSZ64(tmp9, 0x0000000c) U1266: 006270039200 tmp9:= MOVEFROMCREG_DSZ64(0x070) U1268: 000700439e5f tmp9:= NOTAND_DSZ32(0xfffffffffffff000, tmp9) U1269: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U126a: 00641703a23a tmp10:= SHL_DSZ64(tmp10, 0x00000017) U126c: 1062810b9240 tmp9:= MOVEFROMCREG_DSZ64(0x281, 32) U126d: 390281480239 MOVETOCREG_OR_DSZ64(tmp9, 0x00000001, 0x281) U126e: 000401039e48 tmp9:= AND_DSZ32(0x00000001, tmp9) U1270: 00079f079e50 tmp9:= NOTAND_DSZ32(0x1ff00000, tmp9) U1271: 002c03039239 tmp9:= ROL_DSZ32(tmp9, 0x00000003) U1272: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U1274: 20431800023a WRITEURAM(tmp10, 0x0018, 64) U1275: 00629e1fa200 tmp10:= MOVEFROMCREG_DSZ64(0x79e) U1276: 00240e03a23a tmp10:= SHL_DSZ32(tmp10, 0x0000000e) U1278: 00621e179200 tmp9:= MOVEFROMCREG_DSZ64(0x51e) U1279: 2a621e140239 MOVETOCREG_BTR_DSZ64(tmp9, 0x51e) U127a: 000401039e48 tmp9:= AND_DSZ32(0x00000001, tmp9) U127c: 002406039239 tmp9:= SHL_DSZ32(tmp9, 0x00000006) U127d: 00010003aeb9 tmp10:= OR_DSZ32(tmp9, tmp10) U127e: 00621d039200 tmp9:= MOVEFROMCREG_DSZ64(0x01d) U1280: 20421d000200 MOVETOCREG_DSZ64(0x00000000, 0x01d) U1281: 00040f039e48 tmp9:= AND_DSZ32(0x0000000f, tmp9) U1282: 00a408039239 tmp9:= SHL_DSZ16(tmp9, 0x00000008) U1284: 00810003ae7a tmp10:= OR_DSZ16(tmp10, tmp9) U1285: 0062fe1f9200 tmp9:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1286: 002505039239 tmp9:= SHR_DSZ32(tmp9, 0x00000005) U1288: 000400439e48 tmp9:= AND_DSZ32(0x00001000, tmp9) U1289: 00010003aeb9 tmp10:= OR_DSZ32(tmp9, tmp10) U128a: 00631f039200 tmp9:= READURAM(0x001f, 64) U128c: 20431f000200 WRITEURAM(0x00000000, 0x001f, 64) U128d: 0004000bbe48 tmp11:= AND_DSZ32(0x00000200, tmp9) U128e: 00250203b23b tmp11:= SHR_DSZ32(tmp11, 0x00000002) U1290: 006204030200 tmp0:= MOVEFROMCREG_DSZ64(0x004) U1291: 0004000b0c08 tmp0:= AND_DSZ32(0x00000200, tmp0) U1292: 002502030230 tmp0:= SHR_DSZ32(tmp0, 0x00000002) U1294: 000100030c3b tmp0:= OR_DSZ32(tmp11, tmp0) U1295: 00410003aeb0 tmp10:= OR_DSZ64(tmp0, tmp10) U1296: 00040007be48 tmp11:= AND_DSZ32(0x00000100, tmp9) U1298: 00250303b23b tmp11:= SHR_DSZ32(tmp11, 0x00000003) U1299: 008800039e7b tmp9:= ZEROEXT_DSZ16(tmp11, tmp9) U129a: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U129c: 000400039f49 tmp9:= AND_DSZ32(0x00002000, tmp13) U129d: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U129e: 100a80839200 tmp9:= TESTUSTATE(SYS, !UST_VMX_GUEST) 0192a180 ? SEQW GOTO U12a1 U12a0: 000804039008 tmp9:= ZEROEXT_DSZ32(0x00000004) U12a1: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U12a2: 0062c31b9200 tmp9:= MOVEFROMCREG_DSZ64(0x6c3) U12a4: 2a62c31b92b9 tmp9:= MOVETOCREG_BTR_DSZ64(tmp9, 0x00000008, 0x6c3) U12a5: 007308039239 tmp9:= SELECTCC_DSZ64_CONDNB(tmp9, 0x00000008) U12a6: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U12a8: 1062c40bb240 tmp11:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U12a9: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U12aa: 00044703943b tmp9:= AND_DSZ32(tmp11, 0x00010000) U12ac: 006420039239 tmp9:= SHL_DSZ64(tmp9, 0x00000020) U12ad: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U12ae: 00880003b03b tmp11:= ZEROEXT_DSZ16(tmp11) U12b0: 00241003b23b tmp11:= SHL_DSZ32(tmp11, 0x00000010) U12b1: 0041962faebb ROVR<- tmp10:= OR_DSZ64(tmp11, tmp10) 0196869d SEQW SAVEUIP1 U12b2 U12b2: 000a04800200 TESTUSTATE(UCODE, !0x0004) 0196869d ? SEQW GOTO U1686 U12b4: 0021ef076010 tmp6:= CONCAT_DSZ32(0x7ffffc00) U12b5: 006314039200 LFNCEMARK-> tmp9:= READURAM(0x0014, 64) U12b6: 00480003b039 tmp11:= ZEROEXT_DSZ64(tmp9) U12b8: 00470003bef6 tmp11:= NOTAND_DSZ64(tmp6, tmp11) U12b9: 004400039e76 tmp9:= AND_DSZ64(tmp6, tmp9) U12ba: 204389000239 WRITEURAM(tmp9, 0x0089, 64) U12bc: 00651503623b tmp6:= SHR_DSZ64(tmp11, 0x00000015) U12bd: 0047e003bed0 tmp11:= NOTAND_DSZ64(0x001fffff, tmp11) U12be: 0004e0036d90 tmp6:= AND_DSZ32(0x001fffff, tmp6) U12c0: 00410003bef6 tmp11:= OR_DSZ64(tmp6, tmp11) U12c1: 20431400023b WRITEURAM(tmp11, 0x0014, 64) U12c2: 0000962c0000 ROVR<- NOP 01db349e SEQW SAVEUIP1 U12c4 SEQW GOTO U5b34 U12c4: 20435900023a WRITEURAM(tmp10, 0x0059, 64) 01968c00 SEQW GOTO U168c ------------------------------------------------------------------------------------ U12c5: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U12c6: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U12c8: 00628013a200 tmp10:= MOVEFROMCREG_DSZ64(0x480) U12c9: 0004ff7fae8f tmp10:= AND_DSZ32(0x0000ffff, tmp10) U12ca: 0008ff7f700f tmp7:= ZEROEXT_DSZ32(0x0000ffff) U12cc: 0c081863a03b STAD_DSZ32_ASZ32_SC1(tmp11, 0x00000018, mode=0x18, tmp10) U12cd: 0c081c63703b STAD_DSZ32_ASZ32_SC1(tmp11, 0x0000001c, mode=0x18, tmp7) 01a76989 SEQW URET0 ------------------------------------------------------------------------------------ U12ce: 100a06000200 TESTUSTATE(SYS, UST_USER_MODE | UST_8086_MODE) 01a76989 ? SEQW GOTO generate_#UD U12d0: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 0192da00 ? SEQW GOTO U12da U12d1: 286bdac806f2 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x0000002f, U12da) U12d2: 006357031200 tmp1:= READURAM(0x0057, 64) U12d4: 0e65d0031c4b SYNCMARK-> tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x000003d0) U12d5: 00073f03f808 tmp15:= NOTAND_DSZ32(0x0000003f, rax) U12d6: 01303f03f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x0000003f) U12d8: 00010003f83f tmp15:= OR_DSZ32(tmp15, rax) U12d9: 086a81390ff1 SYNCWAIT-> BTUJB_DIRECT_NOTTAKEN(tmp1, tmp15, do_vmexit) U12da: 20631f031200 tmp1:= READURAM(0x001f, 64) U12dc: 00050203f808 tmp15:= SUB_DSZ32(0x00000002, rax) U12dd: 01310013f23f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000400) U12de: 004100031c7f tmp1:= OR_DSZ64(tmp15, tmp1) U12e0: 20431f000231 WRITEURAM(tmp1, 0x001f, 64) U12e1: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 019f9040 ? SEQW GOTO do_smm_vmexit U12e2: 000823030008 tmp0:= ZEROEXT_DSZ32(0x00000023) U12e4: 000803037008 tmp7:= ZEROEXT_DSZ32(0x00000003) 01b36500 SEQW GOTO U3365 ------------------------------------------------------------------------------------ U12e5: 07c20003d038 tmm5:= unk_7c2(tmm0) U12e6: 06aa00039f7b tmm1:= unk_6aa(tmm3, tmm5) U12e8: 162f0003b03b tmm3:= unk_62f(tmm3) U12e9: 162f00039039 tmm1:= unk_62f(tmm1) U12ea: 16370003def9 tmm5:= unk_637(tmm1, tmm3) U12ec: 072c0003403d tmp4:= PINTMOVDTMM2I_DSZ32(tmm5) U12ed: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) 05228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U12ee: 0e7b0c200000 LFNCEMARK-> unk_e7b(0x00000000) U12f0: 0c7b8c000000 LFNCEWAIT-> WRSEGFLD(0x00000000, FS, SEL) U12f1: 000800000000 NOP U12f2: 000800000000 NOP U12f4: 0e7b0d200000 LFNCEMARK-> unk_e7b(0x00000000) U12f5: 000800000000 NOP U12f6: 000800000000 NOP U12f8: 0c7b8d000000 LFNCEWAIT-> WRSEGFLD(0x00000000, GS, SEL) U12f9: 1fe073932037 tmp2:= LDPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_73, mode=0x04) U12fa: 000800000000 NOP U12fc: 0e7b07200000 LFNCEMARK-> unk_e7b(0x00000000) U12fd: 000800000000 NOP U12fe: 000800000000 NOP U1300: 0c7bc7000032 LFNCEWAIT-> WRSEGFLD(tmp2, LDT, UNK_FLD_0c) U1301: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U1302: 286b08cc023c BTUJNB_DIRECT_NOTTAKEN(tmp12, 0x00000003, U1308) U1304: 0fa0643f9000 tmp9:= LDPPHYS_DSZ16_ASZ32_SC1(0x00000064, mode=0x0f) U1305: 000401039e48 tmp9:= AND_DSZ32(0x00000001, tmp9) U1306: 00240f039239 tmp9:= SHL_DSZ32(tmp9, 0x0000000f) U1308: 006200036200 tmp6:= MOVEFROMCREG_DSZ64(0x000) U1309: 00160a036236 tmp6:= BTR_DSZ32(tmp6, 0x0000000a) U130a: 00073f036d88 tmp6:= NOTAND_DSZ32(0x0000003f, tmp6) U130c: 000107036d88 tmp6:= OR_DSZ32(0x00000007, tmp6) U130d: 2962004362b6 LFNCEMARK-> tmp6:= MOVETOCREG_BTS_DSZ64(tmp6, 0x00000009, 0x000) U130e: 000cf2080200 SAVEUIP(0x00, U02f2) U1310: 000d04800000 LFNCEWAIT-> SAVEUIP_REGOVR(0x01, U1311, 0x0004) 0202ea00 SEQW GOTO U02ea U1311: 286b29cc023c BTUJNB_DIRECT_NOTTAKEN(tmp12, 0x00000003, U1329) U1312: 0062f61f4200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U1314: 286a15cc03f4 BTUJB_DIRECT_NOTTAKEN(tmp4, 0x0000001f, U1315) 01932900 SEQW GOTO U1329 ------------------------------------------------------------------------------------ U1315: 006229174200 tmp4:= MOVEFROMCREG_DSZ64(0x529) U1316: 000800000000 NOP U1318: 2929190c0d38 CMPUJNZ_DIRECT_NOTTAKEN(tmp8, tmp4, U1319) 04932900 SEQW GOTO U1329 ------------------------------------------------------------------------------------ U1319: 004229140238 LFNCEMARK-> MOVETOCREG_DSZ64(tmp8, 0x529) U131a: 000800000000 NOP U131c: 004240140200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x540) U131d: 004241140200 MOVETOCREG_DSZ64(0x00000000, 0x541) U131e: 004242140200 MOVETOCREG_DSZ64(0x00000000, 0x542) U1320: 004243140200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x543) 04043c14 SEQW SAVEUIP1 U1321 SEQW GOTO U043c U1321: 000800000000 NOP U1322: 000800000000 NOP U1324: 004b8003a233 tmp10:= unk_04b(tmp3, 0x00000080) 0897d814 SEQW SAVEUIP1 U1325 SEQW GOTO U17d8 U1325: 0c4b4013c000 SYNCFULL-> tmp12:= RDSEGFLD(UNK_SEG_04, FLGS) U1326: 0dff07000000 unk_dff(0x00000000) U1328: 00140303c23c LFNCEMARK-> tmp12:= BT_DSZ32(tmp12, 0x00000003) U1329: 296272800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x072) U132a: 0c4b801f2000 tmp2:= RDSEGFLD(LDT, SEL) U132c: 0d61001b0032 LFNCEWAIT-> tmp0:= unk_d61(tmp2) U132d: 1e7bc71fbcb0 tmp11:= unk_e7b(tmp0, tmp2) U132e: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U1330: 29626d800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x06d) U1331: 213f0a000035 ROVR<- unk_13f(tmp5) 050000dd SEQW SAVEUIP1 U1332 U1332: 2042fe1c0235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, CORE_CR_EFLAGS) U1334: 0c4b80272000 LFNCEWAIT-> tmp2:= RDSEGFLD(UNK_SEG_09, SEL) U1335: 000403034c88 tmp4:= AND_DSZ32(0x00000003, tmp2) U1336: 001411038235 tmp8:= BT_DSZ32(tmp5, 0x00000011) U1338: 003303038238 tmp8:= SELECTCC_DSZ32_CONDNB(tmp8, 0x00000003) U1339: 09029e1c0d38 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp8, tmp4, 0x79e) 0480c155 SEQW SAVEUIP1 U133a SEQW GOTO U00c1 U133a: 000800000000 NOP U133c: 0e7b4a03bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U133d: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U133e: 000800000000 NOP U1340: 000d04800000 LFNCEWAIT-> SAVEUIP_REGOVR(0x01, U1341, 0x0004) 0202f200 SEQW GOTO U02f2 U1341: 29626d400280 MOVETOCREG_BTS_DSZ64(0x00000009, 0x06d) U1342: 000800000000 NOP U1344: 000d0b800000 SAVEUIP_REGOVR(0x01, U1345, 0x000b) 0180c100 SEQW GOTO U00c1 U1345: 0e7b2b03bcb0 tmp11:= unk_e7b(tmp0, tmp2) U1346: 000800000000 NOP U1348: 005008000efb ROVR<- UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) 0180c11c SEQW SAVEUIP1 U1349 SEQW GOTO U00c1 U1349: 0e7b2803bcb0 tmp11:= unk_e7b(tmp0, tmp2) U134a: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U134c: 286b54cc023c BTUJNB_DIRECT_NOTTAKEN(tmp12, 0x00000003, U1354) U134d: 000d0c800000 SAVEUIP_REGOVR(0x01, U134e, 0x000c) 0180c140 SEQW GOTO U00c1 U134e: 0e7b2c03bcb0 tmp11:= unk_e7b(tmp0, tmp2) U1350: 00500d000efb ROVR<- UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) 0180c11c SEQW SAVEUIP1 U1351 SEQW GOTO U00c1 U1351: 0e7b2d03bcb0 tmp11:= unk_e7b(tmp0, tmp2) U1352: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U1354: 000d09800000 SAVEUIP_REGOVR(0x01, U1355, 0x0009) 0480c100 SEQW GOTO U00c1 U1355: 0e7be903bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U1356: 000800000000 NOP U1358: 005000000efb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U1359: 000800000000 NOP U135a: 000800000000 NOP U135c: 000d04000000 LFNCEWAIT-> SAVEUIP_REGOVR(0x00, U135d, 0x0004) 0202ea00 SEQW GOTO U02ea U135d: 000800000000 NOP U135e: 000800000000 NOP U1360: 000900000000 MOVE_DSZ32(0x00000000) 01ad3014 SEQW SAVEUIP1 U1361 SEQW GOTO U2d30 U1361: 104000034c33 tmp4:= ADD_DSZN(tmp3, tmp0) U1362: 004267000234 MOVETOCREG_DSZ64(tmp4, CORE_CR_CUR_RIP) U1364: 096272c00280 MOVETOCREG_BTS_DSZ64(0x0000000b, 0x072) U1365: 0fe300240033 unk_fe3(tmp3) U1366: 29626dc00280 MOVETOCREG_BTS_DSZ64(0x0000000b, 0x06d) U1368: 0c4b402b0000 tmp0:= RDSEGFLD(SS_USERM, FLGS) U1369: 20423c1c0230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x73c) U136a: 00636f030200 tmp0:= READURAM(0x006f, 64) U136c: 000403034c08 tmp4:= AND_DSZ32(0x00000003, tmp0) U136d: 29296e0c0234 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U136e) 01937240 SEQW GOTO U1372 ------------------------------------------------------------------------------------ U136e: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) U1370: 1c38fbab0024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp0) U1371: 10c50b824908 rsp:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U1372: 0062f81f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7f8) U1374: 000755070c08 tmp0:= NOTAND_DSZ32(0x00000155, tmp0) U1375: 2042f81c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x7f8) U1376: 000800000000 NOP U1378: 00621c030200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(0x01c) U1379: 000100030c39 tmp0:= OR_DSZ32(tmp9, tmp0) U137a: 0a621c8002f0 MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000e, 0x01c) U137c: 090205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U137d: 000821030008 tmp0:= ZEROEXT_DSZ32(0x00000021) U137e: 00420b000230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x00b) U1380: 000a00100200 TESTUSTATE(UCODE, 0x0400) 01938a00 ? SEQW GOTO U138a U1381: 000800000000 NOP U1382: 000800000000 NOP U1384: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01938800 ? SEQW GOTO U1388 U1385: 00633f031200 tmp1:= READURAM(0x003f, 64) U1386: 014300300c40 AETTRACE(0x0c, tmp1) U1388: 004ca87c0280 SAVEUIP(0x00, U5fa8) U1389: 000d10900000 SAVEUIP_REGOVR(0x01, U138a, 0x0410) 01dc9e40 SEQW GOTO U5c9e U138a: 006200030200 tmp0:= MOVEFROMCREG_DSZ64(0x000) U138c: 386aea340370 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000014, U3dea) 043dec00 SEQW GOTO U3dec ------------------------------------------------------------------------------------ U138d: 000419071d50 tmp1:= AND_DSZ32(0x007f0000, tmp5) U138e: 2d0b2c23200a tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x0000482c) U1390: 000419072c90 tmp2:= AND_DSZ32(0x007f0000, tmp2) U1391: 000500032cb1 tmp2:= SUB_DSZ32(tmp1, tmp2) U1392: 003200072232 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000100) U1394: 000100035d72 tmp5:= OR_DSZ32(tmp2, tmp5) U1395: 013101031231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00000001) 01b05640 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U1396: 0e25380392b2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000238) U1398: 00421c000239 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp9, 0x01c) U1399: 006335039200 tmp9:= READURAM(0x0035, 64) U139a: 00543c039239 tmp9:= BT_DSZ64(tmp9, 0x0000003c) U139c: 00539d4c0239 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp9, U139d) 0193aa00 SEQW GOTO U13aa ------------------------------------------------------------------------------------ U139d: 0e65d003b2b2 tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000002d0) U139e: 00641003b23b tmp11:= SHL_DSZ64(tmp11, 0x00000010) U13a0: 006e1003b23b tmp11:= SAR_DSZ64(tmp11, 0x00000010) U13a1: 0047fc3fbec8 tmp11:= NOTAND_DSZ64(0x00000ffc, tmp11) U13a2: 00440043cedf LFNCEMARK-> tmp12:= AND_DSZ64(0xfffffffffffff000, tmp11) U13a4: 00241e03b23b tmp11:= SHL_DSZ32(tmp11, 0x0000001e) U13a5: 0062011ff200 tmp15:= MOVEFROMCREG_DSZ64(0x701) U13a6: 0047100bffd0 tmp15:= NOTAND_DSZ64(0xc0000000, tmp15) U13a8: 0c6b3000003c LFNCEWAIT-> WRSEGFLD(tmp12) U13a9: 0902011c0eff MOVETOCREG_OR_DSZ64(tmp15, tmp11, 0x701) U13aa: 0ee53c03b2b2 tmp11:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x0000023c) U13ac: 0e25e80312b2 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e8) U13ad: 07470003f031 tmm7:= unk_747(mm1) U13ae: 0e25080312f2 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000308) U13b0: 01513208023a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U0232) U13b1: 0ea5ac0382f2 tmp8:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003ac) U13b2: 0e25c80392f2 LFNCEMARK-> tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003c8) U13b4: 0e65100322f2 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000310) U13b5: 0151b64c023a SYNCWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U13b6) 0edcda51 SEQW SAVEUIP0 U13b6 SEQW GOTO U5cda U13b6: 000800000000 NOP U13b8: 01420a000f40 SYNCMARK-> UFLOWCTRL(URET0, tmp13) U13b9: 000800000000 NOP U13ba: 000800000000 NOP U13bc: 0042f11c0231 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp1, 0x7f1) U13bd: 00429e1c0234 MOVETOCREG_DSZ64(tmp4, 0x79e) U13be: 00621c171200 tmp1:= MOVEFROMCREG_DSZ64(0x51c) U13c0: 0033f0074435 tmp4:= SELECTCC_DSZ32_CONDNB(tmp5, 0x80000000) U13c1: 006420034234 tmp4:= SHL_DSZ64(tmp4, 0x00000020) U13c2: 09021c140d31 MOVETOCREG_OR_DSZ64(tmp1, tmp4, 0x51c) U13c4: 076f0003403f mm4:= unk_76f(tmm7) U13c5: 000a10800200 TESTUSTATE(UCODE, !0x0010) 0193cc40 ? SEQW GOTO U13cc U13c6: 286acc8c02f4 BTUJB_DIRECT_NOTTAKEN(tmp4, 0x0000000e, U13cc) U13c8: 0062c51b1200 tmp1:= MOVEFROMCREG_DSZ64(0x6c5) U13c9: 2902c51802b1 MOVETOCREG_OR_DSZ64(tmp1, 0x00000008, 0x6c5) U13ca: 3042f91c0274 MOVETOCREG_DSZ64(tmp4, 0x7f9, 32) U13cc: 0042fe1c0237 MOVETOCREG_DSZ64(tmp7, CORE_CR_EFLAGS) U13cd: 0042f81c0239 MOVETOCREG_DSZ64(tmp9, 0x7f8) U13ce: 213f00000037 unk_13f(tmp7) U13d0: 0042c51c0233 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp3, CORE_CR_CR4) U13d1: 006341039200 tmp9:= READURAM(0x0041, 64) U13d2: 006517039239 tmp9:= SHR_DSZ64(tmp9, 0x00000017) U13d4: 000400239e48 tmp9:= AND_DSZ32(0x00000800, tmp9) U13d5: 000700035d79 tmp5:= NOTAND_DSZ32(tmp9, tmp5) U13d6: 0042ff1c0235 MOVETOCREG_DSZ64(tmp5, 0x7ff) U13d8: 000501039008 tmp9:= SUB_DSZ32(0x00000001) U13d9: 00420b000239 MOVETOCREG_DSZ64(tmp9, 0x00b) U13da: 0042f61c0236 MOVETOCREG_DSZ64(tmp6, CORE_CR_CR0) U13dc: 000d09800000 SYNCWAIT-> SAVEUIP_REGOVR(0x01, U13dd, 0x0009) 0a207500 SEQW GOTO U2075 U13dd: 000800000000 NOP U13de: 000800000000 NOP U13e0: 0c7bc9000038 SYNCFULL-> WRSEGFLD(tmp8, UNK_SEG_09, UNK_FLD_0c) U13e1: 0c4b20279000 tmp9:= RDSEGFLD(UNK_SEG_09, BASE) U13e2: 000800000000 NOP U13e4: 0c6b22000039 LFNCEMARK-> WRSEGFLD(tmp9, CS, BASE) U13e5: 000800000000 NOP U13e6: 000800000000 NOP U13e8: 0c4ba0279000 LFNCEWAIT-> tmp9:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U13e9: 0c6ba2000039 WRSEGFLD(tmp9, CS, SEL+FLGS+LIM) U13ea: 0c4b202b9000 tmp9:= RDSEGFLD(SS_USERM, BASE) U13ec: 0c6b23000039 WRSEGFLD(tmp9, SS, BASE) U13ed: 0c4ba02b9000 tmp9:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U13ee: 0c6ba3000039 WRSEGFLD(tmp9, SS, SEL+FLGS+LIM) U13f0: 0c4b60279000 tmp9:= RDSEGFLD(UNK_SEG_09, LIMIT) U13f1: 004210100239 MOVETOCREG_DSZ64(tmp9, 0x410) U13f2: 000001039e48 tmp9:= ADD_DSZ32(0x00000001, tmp9) U13f4: 0042001c0239 MOVETOCREG_DSZ64(tmp9, 0x700) U13f5: 0c4b40279000 tmp9:= RDSEGFLD(UNK_SEG_09, FLGS) U13f6: 0042f51c0239 MOVETOCREG_DSZ64(tmp9, 0x7f5) U13f8: 0c4b402b9000 tmp9:= RDSEGFLD(SS_USERM, FLGS) U13f9: 00423c1c0239 MOVETOCREG_DSZ64(tmp9, 0x73c) U13fa: 004270000230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x070) U13fc: 0c4bc0279000 tmp9:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U13fd: 00428e1c0239 MOVETOCREG_DSZ64(tmp9, 0x78e) U13fe: 10480003e03e tmp14:= ZEROEXT_DSZ64N(tmp14) U1400: 104000039fb9 tmp9:= ADD_DSZN(tmp9, tmp14) U1401: 004267000239 MOVETOCREG_DSZ64(tmp9, CORE_CR_CUR_RIP) U1402: 00421a1c0239 SYNCFULL-> MOVETOCREG_DSZ64(tmp9, 0x71a) U1404: 020504039008 tmp9:= unk_205(0x00000004) U1405: 006269030200 tmp0:= MOVEFROMCREG_DSZ64(0x069) U1406: 000704030c08 tmp0:= NOTAND_DSZ32(0x00000004, tmp0) U1408: 090269000e70 MOVETOCREG_OR_DSZ64(tmp0, tmp9, 0x069) U1409: 104800024024 rsp:= ZEROEXT_DSZ64N(rsp) U140a: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01941880 ? SEQW GOTO U1418 U140c: 006357039200 tmp9:= READURAM(0x0057, 64) U140d: 0e655803ae48 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000058) U140e: 20431700023a WRITEURAM(tmp10, 0x0017, 64) U1410: 0e657803ae48 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000078) U1411: 20431900023a WRITEURAM(tmp10, 0x0019, 64) U1412: 0e654803ae48 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000048) U1414: 20431800023a WRITEURAM(tmp10, 0x0018, 64) U1415: 0e656803ae48 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000068) U1416: 20431a00023a WRITEURAM(tmp10, 0x001a, 64) U1418: 10480003303e tmp3:= ZEROEXT_DSZ64N(tmp14) U1419: 006377039200 tmp9:= READURAM(0x0077, 64) U141a: 286a269006f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000002e, U1426) U141c: 286b2610023b BTUJNB_DIRECT_NOTTAKEN(tmp11, 0x00000000, U1426) U141d: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01942240 ? SEQW GOTO U1422 U141e: 00628803b200 tmp11:= MOVEFROMCREG_DSZ64(0x088) U1420: 00040007bec8 tmp11:= AND_DSZ32(0x00000100, tmp11) U1421: 29a2b480023b MOVETOCREG_SHR_DSZ64(tmp11, 0x00000002, 0x0b4) U1422: 0062f01fb200 tmp11:= MOVEFROMCREG_DSZ64(0x7f0) U1424: 00550003b23b SYNCFULL-> tmp11:= BTS_DSZ64(tmp11, 0x00000000) U1425: 000d0b000000 SAVEUIP_REGOVR(0x00, U1426, 0x000b) 08408440 SEQW GOTO U4084 U1426: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U1428: 00052a539f48 tmp9:= SUB_DSZ32(0x0000142a, tmp13) U1429: 015100180279 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U2600) U142a: 1062df0b9240 tmp9:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U142c: 086ad6fd02b9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000b, U4fd6) U142d: 000d0e800000 SAVEUIP_REGOVR(0x01, U142e, 0x000e) 01ab1540 SEQW GOTO lbsync_full U142e: 000800000000 NOP U1430: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01baae00 ? SEQW GOTO U3aae U1431: 000cf9940240 SAVEUIP(0x01, U25f9) U1432: 00090403e008 tmp14:= MOVE_DSZ32(0x00000004) U1434: 00635c03f200 tmp15:= READURAM(0x005c, 64) U1435: 00562b03f23f tmp15:= BTR_DSZ64(tmp15, 0x0000002b) U1436: 20435c00023f WRITEURAM(tmp15, 0x005c, 64) U1438: 2d0fe443e00a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x000050e4, tmp14) 043f358c SEQW URET1 ------------------------------------------------------------------------------------ U1439: 000c40d00200 SAVEUIP(0x01, U1440) U143a: 100a00200200 TESTUSTATE(SYS, 0x0800) 043f358c ? SEQW GOTO U3f35 U143c: 004100037d76 tmp7:= OR_DSZ64(tmp6, tmp5) U143d: 000a10000200 TESTUSTATE(UCODE, 0x0010) 018000cd ? SEQW URET1 U143e: 0c48086372bb STAD_DSZ64_ASZ32_SC1(tmp11, 0x00000208, mode=0x18, tmp7) U1440: 0c48006352bb STAD_DSZ64_ASZ32_SC1(tmp11, 0x00000200, mode=0x18, tmp5) 052bf270 SEQW UEND0 ------------------------------------------------------------------------------------ U1441: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 052bf270 ? SEQW GOTO U2bf2 U1442: 3e7b0903bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U1444: 000cf8afe248 tmp14:= SAVEUIP(0x01, U2bf8) U1445: 005000000efb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U1446: 29a2f51f86b0 tmp8:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) U1448: 00060003bdb8 tmp11:= XOR_DSZ32(tmp8, tmp6) 01b99600 SEQW GOTO U3996 ------------------------------------------------------------------------------------ U1449: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U144a: 23800003ae80 tmp10:= READAFLAGS(tmp10) U144c: 100ac083d233 tmp13:= TESTUSTATE(tmp3, SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 018000c8 ? SEQW URET0 U144d: 006314033200 tmp3:= READURAM(0x0014, 64) U144e: 00160e033233 tmp3:= BTR_DSZ32(tmp3, 0x0000000e) U1450: 001400033cb3 tmp3:= BT_DSZ32(tmp3, tmp2) U1451: 0052312402f3 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp3, U6931) 04945689 SEQW URET0 ------------------------------------------------------------------------------------ U1452: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 04945689 ? SEQW GOTO U1456 U1454: 00634c03f200 tmp15:= READURAM(0x004c, 64) U1455: 286a91fc07bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000003b, do_smm_vmexit_ovr_enter_rip) U1456: 100a80000200 LFNCEMARK-> TESTUSTATE(SYS, UST_VMX_GUEST) 054e8280 ? SEQW GOTO do_vmexit_ovr_enter_rip U1458: 000d03800000 SAVEUIP_REGOVR(0x01, U1459, 0x0003) 01a93100 SEQW GOTO U2931 U1459: 0062f61f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U145a: 0004d8070c10 tmp0:= AND_DSZ32(0x60000000, tmp0) U145c: 0042f61c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) U145d: 000893030008 tmp0:= ZEROEXT_DSZ32(0x00000093) U145e: 002410030230 tmp0:= SHL_DSZ32(tmp0, 0x00000010) U1460: 002146030c10 tmp0:= CONCAT_DSZ32(0x0000ffff, tmp0) U1461: 0c6ba9000030 LFNCEWTMRK-> WRSEGFLD(tmp0, UNK_SEG_09, SEL+FLGS+LIM) U1462: 002504031232 tmp1:= SHR_DSZ32(tmp2, 0x00000004) U1464: 0e6b09240c40 LFNCEWTMRK-> unk_e6b(tmp1) U1465: 008501030008 tmp0:= SUB_DSZ16(0x00000001) U1466: 000001031c08 tmp1:= ADD_DSZ32(0x00000001, tmp0) U1468: 0042f51c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x7f5) U1469: 004210100230 MOVETOCREG_DSZ64(tmp0, 0x410) U146a: 0042001c0231 MOVETOCREG_DSZ64(tmp1, 0x700) U146c: 00428e1c0232 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x78e) U146d: 000800000000 NOP U146e: 000800000000 NOP U1470: 0c4b20272000 LFNCEWAIT-> tmp2:= RDSEGFLD(UNK_SEG_09, BASE) U1471: 0c6b22000032 WRSEGFLD(tmp2, CS, BASE) U1472: 0c4ba0271000 tmp1:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U1474: 0c6ba2000031 WRSEGFLD(tmp1, CS, SEL+FLGS+LIM) 0197ed00 SEQW GOTO U17ed ------------------------------------------------------------------------------------ U1475: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1476: 0e25bc014e49 tmpv0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001bc) U1478: 1062df095240 tmpv1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U1479: 00540d015215 tmpv1:= BT_DSZ64(tmpv1, 0x0000000d) U147a: 007200015515 tmpv1:= SELECTCC_DSZ64_CONDB(tmpv1, tmpv0) U147c: 086ad8290395 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000018, U4ad8) U147d: 000800014000 tmpv0:= ZEROEXT_DSZ32(0x00000000) 0565aa40 SEQW GOTO U65aa ------------------------------------------------------------------------------------ U147e: 000900000000 LFNCEMARK-> MOVE_DSZ32(0x00000000) U1480: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U1481: 0e25d0076f0c tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000004d0, mode=0x01) U1482: 000460032d88 tmp2:= AND_DSZ32(0x00000060, tmp6) U1484: 002401032232 tmp2:= SHL_DSZ32(tmp2, 0x00000001) U1485: 00040e031d88 tmp1:= AND_DSZ32(0x0000000e, tmp6) U1486: 013001031231 tmp1:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000001) U1488: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U1489: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U148a: 00041c032c90 tmp2:= AND_DSZ32(0x00004000, tmp2) U148c: 013001032232 tmp2:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000001) U148d: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U148e: 0e25b4074f0c tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000004b4, mode=0x01) U1490: 000402033d88 tmp3:= AND_DSZ32(0x00000002, tmp6) U1491: 000401034d08 tmp4:= AND_DSZ32(0x00000001, tmp4) U1492: 002403034234 tmp4:= SHL_DSZ32(tmp4, 0x00000003) U1494: 013100034d33 tmp4:= SELECTCC_DSZ32_CONDNZ(tmp3, tmp4) U1495: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U1496: 0e25fc073f08 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000000fc, mode=0x01) U1498: 0004f0073cd0 tmp3:= AND_DSZ32(0x80000000, tmp3) U1499: 013002033233 tmp3:= SELECTCC_DSZ32_CONDZ(tmp3, 0x00000002) U149a: 000100031c73 tmp1:= OR_DSZ32(tmp3, tmp1) U149c: 0e25d4075f09 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d4, mode=0x01) U149d: 000100035d40 tmp5:= OR_DSZ32(0x00000000, tmp5) U149e: 013004034235 tmp4:= SELECTCC_DSZ32_CONDZ(tmp5, 0x00000004) U14a0: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U14a1: 0e2500073f0d tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000500, mode=0x01) U14a2: 000401033cc8 tmp3:= AND_DSZ32(0x00000001, tmp3) U14a4: 002404033233 tmp3:= SHL_DSZ32(tmp3, 0x00000004) U14a5: 000120031c48 tmp1:= OR_DSZ32(0x00000020, tmp1) U14a6: 000100031c73 tmp1:= OR_DSZ32(tmp3, tmp1) U14a8: 0042c5180231 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, 0x6c5) U14a9: 00433f000231 WRITEURAM(tmp1, 0x003f, 64) U14aa: 296272c00340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x072) U14ac: 0e25f0071f0c tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000004f0, mode=0x01) U14ad: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U14ae: 006405031231 tmp1:= SHL_DSZ64(tmp1, 0x00000005) U14b0: 0e65c8073f0c tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000004c8, mode=0x01) U14b1: 000425073cd0 tmp3:= AND_DSZ32(0x00800000, tmp3) U14b2: 013000433233 tmp3:= SELECTCC_DSZ32_CONDZ(tmp3, 0x00001000) U14b4: 0062c31b4200 tmp4:= MOVEFROMCREG_DSZ64(0x6c3) U14b5: 000700434d08 tmp4:= NOTAND_DSZ32(0x00001000, tmp4) U14b6: 000100034d33 tmp4:= OR_DSZ32(tmp3, tmp4) U14b8: 0902c3180c74 MOVETOCREG_OR_DSZ64(tmp4, tmp1, 0x6c3) U14b9: 0e25b4071f09 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001b4, mode=0x01) U14ba: 0004ec034c50 tmp4:= AND_DSZ32(0x00380000, tmp1) U14bc: 0902c69c0234 SYNCMARK-> MOVETOCREG_OR_DSZ64(tmp4, 0x00000002, 0x7c6) U14bd: 004000130f08 tmp0:= ADD_DSZ64(0x00000400, tmp12) 0c319a55 SEQW SAVEUIP1 U14be SEQW GOTO U319a U14be: 00631103c200 tmp12:= READURAM(0x0011, 64) U14c0: 006205074200 tmp4:= MOVEFROMCREG_DSZ64(0x105) U14c1: 001402034234 tmp4:= BT_DSZ32(tmp4, 0x00000002) U14c2: 017e0003cd3c tmp12:= MOVEMERGEFLGS_DSZ64(tmp12, tmp4) U14c4: 0e6598077f0c tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000498, mode=0x01) U14c5: 0008055b8009 tmp8:= ZEROEXT_DSZ32(0x00003605) U14c6: 00089f039010 tmp9:= ZEROEXT_DSZ32(0x00060000) U14c8: 002100038e39 tmp8:= CONCAT_DSZ32(tmp9, tmp8) U14c9: 004400037df8 tmp7:= AND_DSZ64(tmp8, tmp7) U14ca: 004110037dc8 tmp7:= OR_DSZ64(0x00000010, tmp7) U14cc: 0062ee1f8200 tmp8:= MOVEFROMCREG_DSZ64(0x7ee) U14cd: 000401038e08 tmp8:= AND_DSZ32(0x00000001, tmp8) U14ce: 0130c0038238 tmp8:= SELECTCC_DSZ32_CONDZ(tmp8, 0x000000c0) U14d0: 003380034234 tmp4:= SELECTCC_DSZ32_CONDNB(tmp4, 0x00000080) U14d1: 000100038e34 tmp8:= OR_DSZ32(tmp4, tmp8) U14d2: 006420038238 tmp8:= SHL_DSZ64(tmp8, 0x00000020) U14d4: 004100037df8 tmp7:= OR_DSZ64(tmp8, tmp7) U14d5: 00635c038200 tmp8:= READURAM(0x005c, 64) U14d6: 004440038e08 tmp8:= AND_DSZ64(0x00000040, tmp8) U14d8: 013100238238 tmp8:= SELECTCC_DSZ32_CONDNZ(tmp8, 0x00000800) U14d9: 004100037df8 tmp7:= OR_DSZ64(tmp8, tmp7) U14da: 000502038d48 tmp8:= SUB_DSZ32(0x00000002, tmp5) U14dc: 013100039db8 tmp9:= SELECTCC_DSZ32_CONDNZ(tmp8, tmp6) U14dd: 000480038e48 tmp8:= AND_DSZ32(0x00000080, tmp9) U14de: 01304d0b9438 tmp9:= SELECTCC_DSZ32_CONDZ(tmp8, 0x00020800) U14e0: 0130155b83f8 tmp8:= SELECTCC_DSZ32_CONDZ(tmp8, 0x0000f615) U14e1: 002100038e39 tmp8:= CONCAT_DSZ32(tmp9, tmp8) U14e2: 004100037e37 tmp7:= OR_DSZ64(tmp7, tmp8) U14e4: 1042da080240 MOVETOCREG_DSZ64(0x00000000, 0x2da, 32) U14e5: 1042c4080277 MOVETOCREG_DSZ64(tmp7, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U14e6: 09a208000637 MOVETOCREG_SHR_DSZ64(tmp7, 0x00000020, 0x008) U14e8: 004370000237 WRITEURAM(tmp7, 0x0070, 64) U14e9: 0e25a0077f0c tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000004a0, mode=0x01) U14ea: 1062810b8240 tmp8:= MOVEFROMCREG_DSZ64(0x281, 32) U14ec: 0007e03f8e08 tmp8:= NOTAND_DSZ32(0x00000fe0, tmp8) U14ed: 0004e03f7dc8 tmp7:= AND_DSZ32(0x00000fe0, tmp7) U14ee: 0001070b7dd0 tmp7:= OR_DSZ32(0xa00f001e, tmp7) U14f0: 008100037df8 tmp7:= OR_DSZ16(tmp8, tmp7) U14f1: 00331f03823c tmp8:= SELECTCC_DSZ32_CONDNB(tmp12, 0x0000001f) U14f2: 190281080e37 MOVETOCREG_OR_DSZ64(tmp7, tmp8, 0x281) U14f4: 00161f031231 tmp1:= BTR_DSZ32(tmp1, 0x0000001f) U14f5: 0e25cc077f0a tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000002cc, mode=0x01) U14f6: 003300037df1 tmp7:= SELECTCC_DSZ32_CONDNB(tmp1, tmp7) U14f8: 0e25ac079f09 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001ac, mode=0x01) U14f9: 0e255c078f0a tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x0000025c, mode=0x01) U14fa: 0004e0038e10 tmp8:= AND_DSZ32(0x001fffff, tmp8) U14fc: 00641503a238 tmp10:= SHL_DSZ64(tmp8, 0x00000015) U14fd: 004100038eb8 tmp8:= OR_DSZ64(tmp8, tmp10) U14fe: 0ea5bc07af09 tmp10:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001bc, mode=0x01) U1500: 00040003be8c tmp11:= AND_DSZ32(0x00008000, tmp10) U1501: 00241003b23b tmp11:= SHL_DSZ32(tmp11, 0x00000010) U1502: 00241703a239 tmp10:= SHL_DSZ32(tmp9, 0x00000017) U1504: 00010003befa tmp11:= OR_DSZ32(tmp10, tmp11) U1505: 00010003bef7 tmp11:= OR_DSZ32(tmp7, tmp11) U1506: 00210003bc7b tmp11:= CONCAT_DSZ32(tmp11, tmp1) U1508: 0007ec031c50 tmp1:= NOTAND_DSZ32(0x00380000, tmp1) U1509: 00634c03a200 tmp10:= READURAM(0x004c, 64) U150a: 20434c00023b WRITEURAM(tmp11, 0x004c, 64) U150c: 00641003f23a tmp15:= SHL_DSZ64(tmp10, 0x00000010) U150d: 00651003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000010) U150e: 00070103b23f tmp11:= NOTAND_DSZ32(tmp15, 0x00000001) 01e8ed96 SEQW SAVEUIP1 U1510 SEQW GOTO U68ed U1510: 100a00000240 TESTUSTATE(SYS, 0x2000) 01951400 ? SEQW GOTO U1514 U1511: 00563003a23a tmp10:= BTR_DSZ64(tmp10, 0x00000030) U1512: 00563103a23a tmp10:= BTR_DSZ64(tmp10, 0x00000031) U1514: 00653003423a tmp4:= SHR_DSZ64(tmp10, 0x00000030) U1515: 006410034234 tmp4:= SHL_DSZ64(tmp4, 0x00000010) U1516: 002100034cf4 tmp4:= CONCAT_DSZ32(tmp4, tmp3) U1518: 017e00034cf4 tmp4:= MOVEMERGEFLGS_DSZ64(tmp4, tmp3) U1519: 01750003aeb4 tmp10:= CMOVCC_DSZ64_CONDNZ(tmp4, tmp10) U151a: 00421314023a MOVETOCREG_DSZ64(tmp10, 0x513) U151c: 00634903d200 tmp13:= READURAM(0x0049, 64) U151d: 000a20033200 SYNCWAIT-> tmp3:= TESTUSTATE(UCODE, 0x0020) 0a953e40 ? SEQW GOTO U153e U151e: 0e65b807df0c tmp13:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000004b8, mode=0x01) U1520: 006343034200 LFNCEMARK-> tmp4:= READURAM(0x0043, 64) U1521: 0021000bf008 tmp15:= CONCAT_DSZ32(0x00000200) U1522: 00440003fd3f tmp15:= AND_DSZ64(tmp15, tmp4) U1524: 0042c018023f SYNCMARK-> MOVETOCREG_DSZ64(tmp15, 0x6c0) U1525: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U1526: 00652003f234 tmp15:= SHR_DSZ64(tmp4, 0x00000020) U1528: 00042407ffd0 tmp15:= AND_DSZ32(0x007fffff, tmp15) U1529: 000100037dff tmp7:= OR_DSZ32(tmp15, tmp7) U152a: 00653703f234 tmp15:= SHR_DSZ64(tmp4, 0x00000037) U152c: 0004ff03ffc8 tmp15:= AND_DSZ32(0x000000ff, tmp15) U152d: 000100039e7f tmp9:= OR_DSZ32(tmp15, tmp9) U152e: 200a20000200 SYNCWAIT-> TESTUSTATE(VMX, 0x0020) 0b153680 ? SEQW GOTO U1536 U1530: 00631003f200 tmp15:= READURAM(0x0010, 64) U1531: 00621317b200 LFNCEWAIT-> tmp11:= MOVEFROMCREG_DSZ64(0x513) U1532: 00470103beff ROVR<- tmp11:= NOTAND_DSZ64(tmp15, tmp11) 028000de SEQW SAVEUIP1 U1534 U1534: 0ee58003423b tmp4:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp11, 0x00000080) 01daa514 SEQW SAVEUIP1 U1535 SEQW GOTO U5aa5 U1535: 0e2da003223b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, 0x000000a0, tmp2) U1536: 006314034200 tmp4:= READURAM(0x0014, 64) U1538: 00652a034234 tmp4:= SHR_DSZ64(tmp4, 0x0000002a) U1539: 0004e0034d10 tmp4:= AND_DSZ32(0x001fffff, tmp4) U153a: 004100038d38 tmp8:= OR_DSZ64(tmp8, tmp4) U153c: 00642a034234 tmp4:= SHL_DSZ64(tmp4, 0x0000002a) U153d: 004100038e34 tmp8:= OR_DSZ64(tmp4, tmp8) U153e: 096205000280 MOVETOCREG_BTS_DSZ64(0x00000008, 0x005) U1540: 000823072008 tmp2:= ZEROEXT_DSZ32(0x00000123) U1541: 00420b000232 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x00b) U1542: 00241703b239 tmp11:= SHL_DSZ32(tmp9, 0x00000017) U1544: 00010003bef7 tmp11:= OR_DSZ32(tmp7, tmp11) U1545: 00210003bc7b tmp11:= CONCAT_DSZ32(tmp11, tmp1) U1546: 0042c018023b MOVETOCREG_DSZ64(tmp11, 0x6c0) U1548: 004314000238 WRITEURAM(tmp8, 0x0014, 64) U1549: 000404034c48 tmp4:= AND_DSZ32(0x00000004, tmp1) U154a: 002501034234 tmp4:= SHR_DSZ32(tmp4, 0x00000001) U154c: 000100034d33 tmp4:= OR_DSZ32(tmp3, tmp4) U154d: 00251803a231 tmp10:= SHR_DSZ32(tmp1, 0x00000018) U154e: 00040803ae88 tmp10:= AND_DSZ32(0x00000008, tmp10) U1550: 000100034d3a tmp4:= OR_DSZ32(tmp10, tmp4) U1551: 00251403a231 tmp10:= SHR_DSZ32(tmp1, 0x00000014) U1552: 00040403ae88 tmp10:= AND_DSZ32(0x00000004, tmp10) U1554: 000100034d3a tmp4:= OR_DSZ32(tmp10, tmp4) U1555: 00040103ae48 tmp10:= AND_DSZ32(0x00000001, tmp9) U1556: 09021d000eb4 MOVETOCREG_OR_DSZ64(tmp4, tmp10, 0x01d) U1558: 100a00040200 TESTUSTATE(SYS, UST_VMX_OP_DIS) 01955d00 ? SEQW GOTO U155d U1559: 00435700023d WRITEURAM(tmp13, 0x0057, 64) U155a: 0e6518071f0a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000218, mode=0x01) U155c: 004356000231 WRITEURAM(tmp1, 0x0056, 64) U155d: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01956840 ? SEQW GOTO U1568 U155e: 0e6580071f08 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000080, mode=0x01) U1560: 0042f81c0231 MOVETOCREG_DSZ64(tmp1, 0x7f8) U1561: 0e65e8071f0a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002e8, mode=0x01) U1562: 1042f91c0271 MOVETOCREG_DSZ64(tmp1, 0x7f9, 32) U1564: 0e6570071f0a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000270, mode=0x01) U1565: 213f00000031 unk_13f(tmp1) U1566: 0042fe1c0231 MOVETOCREG_DSZ64(tmp1, CORE_CR_EFLAGS) U1568: 00631f031200 tmp1:= READURAM(0x001f, 64) U1569: 004700131c48 tmp1:= NOTAND_DSZ64(0x00000400, tmp1) U156a: 00431f000231 WRITEURAM(tmp1, 0x001f, 64) U156c: 0e6568073f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000268, mode=0x01) U156d: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U156e: 0e2dd8071f09 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d8, mode=0x01, tmp1) U1570: 0e25fc07bf08 tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000000fc, mode=0x01) U1571: 0c4bc0271000 tmp1:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U1572: 00428e1c0231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x78e) U1574: 104000031c73 tmp1:= ADD_DSZN(tmp3, tmp1) U1575: 0e6508074f0d tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000508, mode=0x01) U1576: 00434a000234 WRITEURAM(tmp4, 0x004a, 64) U1578: 100a00000300 TESTUSTATE(SYS, 0x8000) 01c60c00 ? SEQW GOTO U460c U1579: 286a7c1402b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000008, U157c) U157a: 014300300d00 AETTRACE(0x0c, tmp4) U157c: 204267000234 MOVETOCREG_DSZ64(tmp4, CORE_CR_CUR_RIP) U157d: 20421a1c0234 SYNCFULL-> MOVETOCREG_DSZ64(tmp4, 0x71a) 08c60d40 SEQW GOTO U460d ------------------------------------------------------------------------------------ U157e: 1062f91f2240 tmp2:= MOVEFROMCREG_DSZ64(0x7f9, 32) U1580: 100a00000300 TESTUSTATE(SYS, 0x8000) 01958600 ? SEQW GOTO U1586 U1581: 0e6578031f0a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000278) U1582: 000400071c48 tmp1:= AND_DSZ32(0x00000100, tmp1) U1584: 004700070c08 tmp0:= NOTAND_DSZ64(0x00000100, tmp0) U1585: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U1586: 001401032232 tmp2:= BT_DSZ32(tmp2, 0x00000001) U1588: 017e00030cb0 tmp0:= MOVEMERGEFLGS_DSZ64(tmp0, tmp2) U1589: 0008300bf010 tmp15:= ZEROEXT_DSZ32(0xffc0802a) U158a: 0021ff7fffdf tmp15:= CONCAT_DSZ32(0xffffffffffffffff, tmp15) U158c: 00440003fff0 tmp15:= AND_DSZ64(tmp0, tmp15) U158d: 00460203ffc8 tmp15:= XOR_DSZ64(0x00000002, tmp15) U158e: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1590: 01310003febd tmp15:= SELECTCC_DSZ32_CONDNZ(tmp13, tmp10) U1591: 00070103f23f tmp15:= NOTAND_DSZ32(tmp15, 0x00000001) U1592: 00241103f23f tmp15:= SHL_DSZ32(tmp15, 0x00000011) U1594: 00040003fff0 tmp15:= AND_DSZ32(tmp0, tmp15) U1595: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1596: 0e6560024f0a rsp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000260) U1598: 013e0003adba tmp10:= MOVEMERGEFLGS_DSZ32(tmp10, tmp6) U1599: 0e2598037f09 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000198) U159a: 0c6b66000037 LFNCEWAIT-> WRSEGFLD(tmp7, GDT, LIMIT) U159c: 0e25a0036f09 tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001a0) U159d: 0c6b6e000036 WRSEGFLD(tmp6, IDT, LIMIT) U159e: 00010003fdf6 tmp15:= OR_DSZ32(tmp6, tmp7) U15a0: 0004410bffd0 tmp15:= AND_DSZ32(0xffff0000, tmp15) U15a1: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U15a2: 0e6548037f09 tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000148) U15a4: 025c00000dc0 unk_25c(tmp7) U15a5: 0e6550036f09 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000150) U15a6: 025c00000d80 unk_25c(tmp6) U15a8: 004040074f08 tmp4:= ADD_DSZ64(0x00000140, tmp12) U15a9: 0c6b26000037 WRSEGFLD(tmp7, GDT, BASE) U15aa: 0c6b2e000036 WRSEGFLD(tmp6, IDT, BASE) 01d70596 SEQW SAVEUIP1 U15ac SEQW GOTO U5705 U15ac: 1c6b4f000039 WRSEGFLD(tmp9) U15ad: 002510039239 tmp9:= SHR_DSZ32(tmp9, 0x00000010) U15ae: 000608039e48 tmp9:= XOR_DSZ32(0x00000008, tmp9) U15b0: 013000039e7d tmp9:= SELECTCC_DSZ32_CONDZ(tmp13, tmp9) U15b1: 286a15fd0239 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000003, U5f15) U15b2: 0c6b2f000037 WRSEGFLD(tmp7, TSS, BASE) U15b4: 004038074f08 tmp4:= ADD_DSZ64(0x00000138, tmp12) 01d70514 SEQW SAVEUIP1 U15b5 SEQW GOTO U5705 U15b5: 1c6bc7000039 WRSEGFLD(tmp9) U15b6: 0c6b27000037 WRSEGFLD(tmp7, LDT, BASE) U15b8: 186a6e700330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U2c6e) U15b9: 0e6568038f09 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000168) U15ba: 00561a038238 tmp8:= BTR_DSZ64(tmp8, 0x0000001a) U15bc: 09a29e5c0378 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp8, 0x00000015, 0x79e) U15bd: 0e6560039f09 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000160) U15be: 00561a039239 tmp9:= BTR_DSZ64(tmp9, 0x0000001a) U15c0: 004010074f08 tmp4:= ADD_DSZ64(0x00000110, tmp12) U15c1: 033800036039 tmp6:= CLC(tmp9) 01d70a55 SEQW SAVEUIP1 U15c2 SEQW GOTO U570a U15c2: 005427033233 tmp3:= BT_DSZ64(tmp3, 0x00000027) U15c4: 00fa0003b033 tmp11:= SETCC_CONDB(tmp3) U15c5: 00641a03b23b tmp11:= SHL_DSZ64(tmp11, 0x0000001a) U15c6: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U15c8: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U15c9: 002510035239 tmp5:= SHR_DSZ32(tmp9, 0x00000010) U15ca: 000460031d48 tmp1:= AND_DSZ32(0x00000060, tmp5) U15cc: 00040f032d48 tmp2:= AND_DSZ32(0x0000000f, tmp5) U15cd: 003300031c73 tmp1:= SELECTCC_DSZ32_CONDNB(tmp3, tmp1) U15ce: 000503032c88 tmp2:= SUB_DSZ32(0x00000003, tmp2) U15d0: 013100031c72 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp1) U15d1: 2929153d0031 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U5f15) U15d2: 2c6be9000039 LFNCEWAIT-> WRSEGFLD(tmp9) U15d4: 0c6b29000037 WRSEGFLD(tmp7, UNK_SEG_09, BASE) U15d5: 09a2f51c0339 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp9, 0x00000010, 0x7f5) U15d6: 004403032e48 tmp2:= AND_DSZ64(0x00000003, tmp9) U15d8: 004800039038 tmp9:= ZEROEXT_DSZ64(tmp8) U15d9: 00141b036239 tmp6:= BT_DSZ32(tmp9, 0x0000001b) U15da: 004018074f08 tmp4:= ADD_DSZ64(0x00000118, tmp12) 01d70a96 SEQW SAVEUIP1 U15dc SEQW GOTO U570a U15dc: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U15dd: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U15de: 2c6bca000039 WRSEGFLD(tmp9) U15e0: 002510035239 tmp5:= SHR_DSZ32(tmp9, 0x00000010) U15e1: 00330003fd73 tmp15:= SELECTCC_DSZ32_CONDNB(tmp3, tmp5) U15e2: 00040103de88 tmp13:= AND_DSZ32(0x00000001, tmp10) U15e4: 01316003d23d tmp13:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000060) U15e5: 00040003dffd tmp13:= AND_DSZ32(tmp13, tmp15) U15e6: 0151157c02bd UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, U5f15) U15e8: 000403031e48 tmp1:= AND_DSZ32(0x00000003, tmp9) U15e9: 013e00032cf2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp3) U15ea: 003700032c72 tmp2:= CMOVCC_DSZ32_CONDNB(tmp2, tmp1) U15ec: 2929153d0c72 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp1, U5f15) U15ed: 0c6b2a000037 LFNCEMARK-> WRSEGFLD(tmp7, SS_USERM, BASE) U15ee: 004020074f08 tmp4:= ADD_DSZ64(0x00000120, tmp12) 04d70596 SEQW SAVEUIP1 U15f0 SEQW GOTO U5705 U15f0: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U15f1: 2c6bab000039 WRSEGFLD(tmp9) U15f2: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U15f4: 0c6b2b000037 WRSEGFLD(tmp7, DS, BASE) U15f5: 004008074f08 tmp4:= ADD_DSZ64(0x00000108, tmp12) 01d70555 SEQW SAVEUIP1 U15f6 SEQW GOTO U5705 U15f6: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U15f8: 2c6ba8000039 WRSEGFLD(tmp9) U15f9: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U15fa: 0c6b28000037 WRSEGFLD(tmp7, ES, BASE) U15fc: 004028074f08 tmp4:= ADD_DSZ64(0x00000128, tmp12) 01d70514 SEQW SAVEUIP1 U15fd SEQW GOTO U5705 U15fd: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U15fe: 2c6bac000039 WRSEGFLD(tmp9) U1600: 025c00000dc0 unk_25c(tmp7) U1601: 0c6b2c000037 WRSEGFLD(tmp7, FS, BASE) U1602: 004030074f08 tmp4:= ADD_DSZ64(0x00000130, tmp12) 01d70596 SEQW SAVEUIP1 U1604 SEQW GOTO U5705 U1604: 004100039e7b tmp9:= OR_DSZ64(tmp11, tmp9) U1605: 2c6bad000039 WRSEGFLD(tmp9) U1606: 025c00000dc0 unk_25c(tmp7) U1608: 0c6b2d000037 WRSEGFLD(tmp7, GS, BASE) U1609: 213f00000030 unk_13f(tmp0) U160a: 0042fe1c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_EFLAGS) U160c: 0007d8071e90 tmp1:= NOTAND_DSZ32(0x60000000, tmp10) U160d: 0062f61f7200 tmp7:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U160e: 0004d8077dd0 tmp7:= AND_DSZ32(0x60000000, tmp7) U1610: 2902f61c0df1 MOVETOCREG_OR_DSZ64(tmp1, tmp7, CORE_CR_CR0) U1611: 006346031200 tmp1:= READURAM(0x0046, 64) U1612: 00400103fc48 tmp15:= ADD_DSZ64(0x00000001, tmp1) U1614: 01511558023f LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U1615) 04162800 SEQW GOTO U1628 ------------------------------------------------------------------------------------ U1615: 006357032200 tmp2:= READURAM(0x0057, 64) U1616: 3928b80c0c72 CMPUJZ_DIRECT_NOTTAKEN(tmp2, tmp1, U33b8) U1618: 00631003f200 tmp15:= READURAM(0x0010, 64) U1619: 00440003fc7f tmp15:= AND_DSZ64(tmp15, tmp1) U161a: 0151b84c027f LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U33b8) U161c: 0e250003f031 LFNCEWAIT-> tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1) U161d: 00161f03f23f tmp15:= BTR_DSZ32(tmp15, 0x0000001f) U161e: 3929b84c033f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000011, U33b8) U1620: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01962800 ? SEQW GOTO U1628 U1621: 006343038200 tmp8:= READURAM(0x0043, 64) U1622: 006520038238 tmp8:= SHR_DSZ64(tmp8, 0x00000020) U1624: 004400038e0a tmp8:= AND_DSZ64(0x00004000, tmp8) U1625: 00330003f2bf tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00004000) U1626: 3929b80c0ff8 CMPUJNZ_DIRECT_NOTTAKEN(tmp8, tmp15, U33b8) U1628: 0e25cc038f09 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001cc) U1629: 00250503f238 tmp15:= SHR_DSZ32(tmp8, 0x00000005) U162a: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U162c: 000403033e08 tmp3:= AND_DSZ32(0x00000003, tmp8) U162d: 292815fd0233 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000003, U5f15) U162e: 00041203fe08 tmp15:= AND_DSZ32(0x00000012, tmp8) U1630: 292815bd033f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000012, U5f15) U1631: 02330003fe3a tmp15:= SELECTCC_DSZ32_CONDNP(tmp10, tmp8) U1632: 286a153d027f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000004, U5f15) U1634: 00634f03a200 tmp10:= READURAM(0x004f, 64) U1635: 072f0003503a mm5:= unk_72f(tmm2) U1636: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01dc6d80 ? SEQW GOTO U5c6d U1638: 00330403f23c tmp15:= SELECTCC_DSZ32_CONDNB(tmp12, 0x00000004) U1639: 00060003fe3f tmp15:= XOR_DSZ32(tmp15, tmp8) U163a: 01300003fffc tmp15:= SELECTCC_DSZ32_CONDZ(tmp12, tmp15) U163c: 286a15bd023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000002, U5f15) U163d: 004356000231 WRITEURAM(tmp1, 0x0056, 64) U163e: 072f0003b039 tmm3:= unk_72f(tmm1) U1640: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01c0cc00 ? SEQW GOTO U40cc U1641: 0e65d0037f0a tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002d0) U1642: 000800000000 NOP U1644: 100a00000300 TESTUSTATE(SYS, 0x8000) 01964600 ? SEQW GOTO U1646 U1645: 0e65b0037f0a tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b0) U1646: 00470f43fdca tmp15:= NOTAND_DSZ64(0x0000500f, tmp7) U1648: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1649: 00320003dc30 tmp13:= SELECTCC_DSZ32_CONDB(tmp0, tmp0) U164a: 00250603f237 tmp15:= SHR_DSZ32(tmp7, 0x00000006) U164c: 00060003dffd tmp13:= XOR_DSZ32(tmp13, tmp15) U164d: 01340007f233 tmp15:= CMOVCC_DSZ32_CONDZ(tmp3, 0x00000100) U164e: 00040003ff7f tmp15:= AND_DSZ32(tmp15, tmp13) U1650: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1651: 00250903f230 tmp15:= SHR_DSZ32(tmp0, 0x00000009) U1652: 00070003fe3f tmp15:= NOTAND_DSZ32(tmp15, tmp8) U1654: 286a153d023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5f15) U1655: 0e65d803ff0a tmp15:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002d8) U1656: 025c00000fc0 unk_25c(tmp15) U1658: 00437500023f WRITEURAM(tmp15, 0x0075, 64) U1659: 0e65e003ff0a tmp15:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002e0) U165a: 025c00000fc0 unk_25c(tmp15) U165c: 00437600023f WRITEURAM(tmp15, 0x0076, 64) U165d: 0e259c03ff09 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x0000019c) U165e: 00437408023f WRITEURAM(tmp15, 0x0074, 32) U1660: 02310403f23c tmp15:= SELECTCC_DSZ32_CONDNS(tmp12, 0x00000004) U1661: 000700038e3f tmp8:= NOTAND_DSZ32(tmp15, tmp8) U1662: 0e6568033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000268) U1664: 0205ff7ff7c0 LFNCEWAIT-> tmp15:= unk_205(0xffffffffffffffff) U1665: 00652003d233 tmp13:= SHR_DSZ64(tmp3, 0x00000020) U1666: 00040003fffd tmp15:= AND_DSZ32(tmp13, tmp15) U1668: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1669: 006e0103f233 tmp15:= SAR_DSZ64(tmp3, 0x00000001) U166a: 025c00000fc0 unk_25c(tmp15) U166c: 0c4b6027f000 LFNCEWAIT-> tmp15:= RDSEGFLD(UNK_SEG_09, LIMIT) U166d: 00421010023f MOVETOCREG_DSZ64(tmp15, 0x410) U166e: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U1670: 0042001c023f MOVETOCREG_DSZ64(tmp15, 0x700) U1671: 0c4b402bf000 LFNCEWAIT-> tmp15:= RDSEGFLD(SS_USERM, FLGS) U1672: 00423c1c023f MOVETOCREG_DSZ64(tmp15, 0x73c) U1674: 200a40000200 TESTUSTATE(VMX, 0x0040) 01cde800 ? SEQW GOTO U4de8 U1675: 0e256003ff0b tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000360) U1676: 006387030200 tmp0:= READURAM(0x0087, 64) U1678: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U1679: 02640003fc3f tmp15:= IMUL64L_DSZ64(tmp15, tmp0) U167a: 00651003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000010) U167c: 00010003ffc0 tmp15:= OR_DSZ32(0x00000000, tmp15) U167d: 01310103123f tmp1:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000001) U167e: 00009e0b1c49 tmp1:= ADD_DSZ32(0x0000229e, tmp1) U1680: 104204031c48 tmp1:= MOVETOCREG_DSZ64(tmp1, 0x00000004) U1681: 3042f708027f MOVETOCREG_DSZ64(tmp15, 0x2f7, 32) U1682: 00470403ae88 tmp10:= NOTAND_DSZ64(0x00000004, tmp10) U1684: 000801032008 tmp2:= ZEROEXT_DSZ32(0x00000001) U1685: 3042f8080272 MOVETOCREG_DSZ64(tmp2, 0x2f8, 32) 054dea40 SEQW GOTO U4dea ------------------------------------------------------------------------------------ U1686: 0062c61f9200 LFNCEMARK-> tmp9:= MOVEFROMCREG_DSZ64(0x7c6) U1688: 000403039e48 tmp9:= AND_DSZ32(0x00000003, tmp9) U1689: 0041962faeb9 ROVR<- tmp10:= OR_DSZ64(tmp9, tmp10) 01b8c25d SEQW SAVEUIP1 U168a SEQW GOTO U38c2 U168a: 20438000023a WRITEURAM(tmp10, 0x0080, 64) U168c: 00621c179200 tmp9:= MOVEFROMCREG_DSZ64(0x51c) U168d: 2a621cd407f9 MOVETOCREG_BTR_DSZ64(tmp9, 0x0000003f, 0x51c) U168e: 0062f61f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U1690: 0062ff1fb200 tmp11:= MOVEFROMCREG_DSZ64(0x7ff) U1691: 0062f81fe200 tmp14:= MOVEFROMCREG_DSZ64(0x7f8) U1692: 1062f91fc240 tmp12:= MOVEFROMCREG_DSZ64(0x7f9, 32) U1694: 0062fe1f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1695: 238000031c40 tmp1:= READAFLAGS(tmp1) U1696: 0c4bc0279000 LFNCEMARK-> tmp9:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U1698: 006267036200 tmp6:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1699: 104500036db9 tmp6:= SUB_DSZN(tmp9, tmp6) U169a: 021e0b000200 SIGEVENT(0x0000000b) U169c: 0042c51c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, CORE_CR_CR4) U169d: 0042ff1c0200 MOVETOCREG_DSZ64(0x00000000, 0x7ff) U169e: 0007f2079c10 tmp9:= NOTAND_DSZ32(0x8000000d, tmp0) U16a0: 0042f61c0239 MOVETOCREG_DSZ64(tmp9, CORE_CR_CR0) U16a1: 0042fe1c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U16a2: 213f00000000 unk_13f(0x00000000) 01dcae92 SEQW SAVEUIP0 U16a4 SEQW GOTO U5cae U16a4: 0042f81c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f8) U16a5: 000400632f0a tmp2:= AND_DSZ32(0x00005800, tmp12) U16a6: 1042f91c0272 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x7f9, 32) U16a8: 00080073200f tmp2:= ZEROEXT_DSZ32(0x0000fc00) U16a9: 006371039200 tmp9:= READURAM(0x0071, 64) U16aa: 00633403a200 tmp10:= READURAM(0x0034, 64) U16ac: 000800034039 tmp4:= ZEROEXT_DSZ32(tmp9) U16ad: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0196b040 ? SEQW GOTO U16b0 U16ae: 00080003403a tmp4:= ZEROEXT_DSZ32(tmp10) U16b0: 004000032d32 tmp2:= ADD_DSZ64(tmp2, tmp4) U16b1: 0e2dec03a2b2 LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002ec, tmp10) U16b2: 0e2df80392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002f8, tmp9) U16b4: 0e2de40342b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e4, tmp4) U16b5: 0e6dc803e2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003c8, tmp14) U16b6: 0e2de803c2b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e8, tmp12) U16b8: 0e6de003b2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003e0, tmp11) U16b9: 0e6df80302f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003f8, tmp0) U16ba: 006229179200 tmp9:= MOVEFROMCREG_DSZ64(0x529) U16bc: 0e6df00392f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003f0, tmp9) U16bd: 0e6d480392b2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000248, tmp9) U16be: 0e6de80312f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003e8, tmp1) U16c0: 0e6d500312b2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000250, tmp1) U16c1: 0e6dd80362f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003d8, tmp6) U16c2: 0e6d940272f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000394, rdi) U16c4: 0e6d8c0262f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000038c, rsi) U16c5: 0e6d840252f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000384, rbp) U16c6: 0e6d7c0242f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000037c, rsp) U16c8: 0e6d740232f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000374, rbx) U16c9: 0e6d6c0222f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000036c, rdx) U16ca: 0e6d640212f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000364, rcx) U16cc: 0e6d5c0202f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000035c, rax) U16cd: 0e6d540282f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000354, r8) U16ce: 0e6d4c0292f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000034c, r9) U16d0: 0e6d4402a2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000344, r10) U16d1: 0e6d3c02b2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000033c, r11) U16d2: 0e6d3402c2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000334, r12) U16d4: 0e6d2c02d2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000032c, r13) U16d5: 0e6d2402e2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000324, r14) U16d6: 0e6d1c02f2f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000031c, r15) U16d8: 00633d039200 tmp9:= READURAM(0x003d, 64) U16d9: 0e6dd00392f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003d0, tmp9) U16da: 006373039200 tmp9:= READURAM(0x0073, 64) U16dc: 0e6d100392f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000310, tmp9) U16dd: 0c4b201b9000 tmp9:= RDSEGFLD(GDT, BASE) U16de: 0e6d80039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000180, tmp9) U16e0: 0e2d8c0392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x0000028c, tmp9) U16e1: 006520039239 tmp9:= SHR_DSZ64(tmp9, 0x00000020) U16e2: 0e2dd0039272 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001d0, tmp9) U16e4: 0c4ba01b9000 tmp9:= RDSEGFLD(GDT, SEL+FLGS+LIM) U16e5: 0e6d88039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000188, tmp9) U16e6: 0c4b201f9000 tmp9:= RDSEGFLD(LDT, BASE) U16e8: 0e6d90039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000190, tmp9) U16e9: 0e2d9c0392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x0000029c, tmp9) U16ea: 006520039239 tmp9:= SHR_DSZ64(tmp9, 0x00000020) U16ec: 0e2dd4039272 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001d4, tmp9) U16ed: 0c4ba01f9000 tmp9:= RDSEGFLD(LDT, SEL+FLGS+LIM) U16ee: 0e6d98039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000198, tmp9) U16f0: 0c4b801f9000 tmp9:= RDSEGFLD(LDT, SEL) U16f1: 0e2dc00392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003c0, tmp9) U16f2: 0c4b203b9000 tmp9:= RDSEGFLD(IDT, BASE) U16f4: 0e6d60039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000160, tmp9) U16f5: 0e2d940392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000294, tmp9) U16f6: 006520039239 tmp9:= SHR_DSZ64(tmp9, 0x00000020) U16f8: 0e2dd8039272 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001d8, tmp9) U16f9: 0c4ba03b9000 tmp9:= RDSEGFLD(IDT, SEL+FLGS+LIM) U16fa: 0e6d68039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000168, tmp9) U16fc: 0c4b20239000 tmp9:= RDSEGFLD(ES, BASE) U16fd: 0e6da0039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001a0, tmp9) U16fe: 0c4ba023a000 tmp10:= RDSEGFLD(ES, SEL+FLGS+LIM) U1700: 0e6da803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001a8, tmp10) U1701: 0c4b80239000 tmp9:= RDSEGFLD(ES, SEL) U1702: 0e2da80392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003a8, tmp9) U1704: 0c4b20279000 tmp9:= RDSEGFLD(UNK_SEG_09, BASE) U1705: 0e6db0039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001b0, tmp9) U1706: 0c4ba027a000 tmp10:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U1708: 0e6db803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001b8, tmp10) U1709: 0c4b80279000 tmp9:= RDSEGFLD(UNK_SEG_09, SEL) U170a: 0e2dac0392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003ac, tmp9) U170c: 0c4b202b9000 tmp9:= RDSEGFLD(SS_USERM, BASE) U170d: 0e6dc0039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001c0, tmp9) U170e: 0c4ba02ba000 tmp10:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U1710: 0e6dc803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001c8, tmp10) U1711: 0c4b802b9000 tmp9:= RDSEGFLD(SS_USERM, SEL) U1712: 0e2db00392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003b0, tmp9) U1714: 0c4b202f9000 tmp9:= RDSEGFLD(DS, BASE) U1715: 0e6d30039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000130, tmp9) U1716: 0c4ba02fa000 tmp10:= RDSEGFLD(DS, SEL+FLGS+LIM) U1718: 0e6d3803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000138, tmp10) U1719: 0c4b802f9000 tmp9:= RDSEGFLD(DS, SEL) U171a: 0e2db40392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003b4, tmp9) U171c: 0c4b20339000 tmp9:= RDSEGFLD(FS, BASE) U171d: 0e6d40039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000140, tmp9) U171e: 0c4ba033a000 tmp10:= RDSEGFLD(FS, SEL+FLGS+LIM) U1720: 0e6d4803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000148, tmp10) U1721: 0c4b80339000 tmp9:= RDSEGFLD(FS, SEL) U1722: 0e2db80392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003b8, tmp9) U1724: 0c4b20379000 tmp9:= RDSEGFLD(GS, BASE) U1725: 0e6d50039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000150, tmp9) U1726: 0c4ba037a000 tmp10:= RDSEGFLD(GS, SEL+FLGS+LIM) U1728: 0e6d5803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000158, tmp10) U1729: 0c4b80379000 tmp9:= RDSEGFLD(GS, SEL) U172a: 0e2dbc0392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003bc, tmp9) U172c: 0c4b203f9000 tmp9:= RDSEGFLD(TSS, BASE) U172d: 0e6d70039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000170, tmp9) U172e: 0c4ba03fa000 tmp10:= RDSEGFLD(TSS, SEL+FLGS+LIM) U1730: 0e6d7803a272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000178, tmp10) U1731: 0c4b803f9000 tmp9:= RDSEGFLD(TSS, SEL) U1732: 0e2dc40392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003c4, tmp9) U1734: 00621c179200 tmp9:= MOVEFROMCREG_DSZ64(0x51c) U1735: 00563f039239 tmp9:= BTR_DSZ64(tmp9, 0x0000003f) U1736: 0e6dd80392b2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000002d8, tmp9) U1738: 00635903a200 tmp10:= READURAM(0x0059, 64) U1739: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01973c40 ? SEQW GOTO U173c U173a: 00638003a200 tmp10:= READURAM(0x0080, 64) U173c: 00048003ae88 tmp10:= AND_DSZ32(0x00000080, tmp10) U173d: 00250603a23a tmp10:= SHR_DSZ32(tmp10, 0x00000006) U173e: 00fa0003903d tmp9:= SETCC_CONDB(tmp13) U1740: 00c100039e7a tmp9:= OR_DSZ8(tmp10, tmp9) U1741: 0e2de00392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e0, tmp9) U1742: 00070003df49 tmp13:= NOTAND_DSZ32(0x00002000, tmp13) U1744: 0e2d4003d2b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000240, tmp13) U1745: 00633e039200 tmp9:= READURAM(0x003e, 64) U1746: 0e6d9c0392f2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000039c, tmp9) U1748: 00620403a200 tmp10:= MOVEFROMCREG_DSZ64(0x004) U1749: 00042003ae88 tmp10:= AND_DSZ32(0x00000020, tmp10) U174a: 00250503a23a tmp10:= SHR_DSZ32(tmp10, 0x00000005) U174c: 006339039200 tmp9:= READURAM(0x0039, 64) U174d: 000701039e48 tmp9:= NOTAND_DSZ32(0x00000001, tmp9) U174e: 000100039e7a tmp9:= OR_DSZ32(tmp10, tmp9) U1750: 0e2da40392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003a4, tmp9) U1751: 0062f11f9200 tmp9:= MOVEFROMCREG_DSZ64(0x7f1) U1752: 0e2d080392f2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000308, tmp9) U1754: 2042f11c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f1) U1755: 0040080bb232 tmp11:= ADD_DSZ64(tmp2, 0x00000208) U1756: 000804039008 tmp9:= ZEROEXT_DSZ32(0x00000004) U1758: 000501039e48 tmp9:= SUB_DSZ32(0x00000001, tmp9) U1759: 00404017a239 tmp10:= ADD_DSZ64(tmp9, 0x00000540) U175a: 00620003ae80 tmp10:= MOVEFROMCREG_DSZ64(tmp10) U175c: 0f6d0003ae7b unk_f6d(tmp11, tmp9, tmp10) U175d: 01505e5c0239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U175e) 01975840 SEQW GOTO U1758 ------------------------------------------------------------------------------------ U175e: 00621c039200 tmp9:= MOVEFROMCREG_DSZ64(0x01c) U1760: 0e2d380392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000238, tmp9) U1761: 20421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U1762: 000a00139200 tmp9:= TESTUSTATE(UCODE, 0x0400) 01976e80 ? SEQW GOTO U176e U1764: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01976900 ? SEQW GOTO U1769 U1765: 006288039200 tmp9:= MOVEFROMCREG_DSZ64(0x088) U1766: 000400079e48 tmp9:= AND_DSZ32(0x00000100, tmp9) U1768: 29a2b4800239 MOVETOCREG_SHR_DSZ64(tmp9, 0x00000002, 0x0b4) U1769: 006267039200 tmp9:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U176a: 014300300e40 AETTRACE(0x0c, tmp9) 01a8ec92 SEQW SAVEUIP0 U176c SEQW GOTO U28ec U176c: 2962b5800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x0b5) U176d: 005500039200 tmp9:= BTS_DSZ64(0x00000000, 0x00000000) U176e: 0eed3c0392b2 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x0000023c, tmp9) U1770: 006335039200 tmp9:= READURAM(0x0035, 64) U1771: 00543c039239 tmp9:= BT_DSZ64(tmp9, 0x0000003c) U1772: 0053745c0239 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp9, U1774) 07178080 SEQW GOTO U1780 ------------------------------------------------------------------------------------ U1774: 0c4b20439000 LFNCEMARK-> tmp9:= RDSEGFLD(UNK_SEG_10, BASE) U1775: 0062011fa200 tmp10:= MOVEFROMCREG_DSZ64(0x701) U1776: 00251e03a23a tmp10:= SHR_DSZ32(tmp10, 0x0000001e) U1778: 004100039e7a tmp9:= OR_DSZ64(tmp10, tmp9) U1779: 0e6dd00392b2 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000002d0, tmp9) U177a: 0c6b30000000 LFNCEWAIT-> WRSEGFLD(0x00000000) U177c: 0062011fa200 tmp10:= MOVEFROMCREG_DSZ64(0x701) U177d: 0047100bae90 tmp10:= NOTAND_DSZ64(0xc0000000, tmp10) U177e: 2042011c023a MOVETOCREG_DSZ64(tmp10, 0x701) U1780: 00636e039200 tmp9:= READURAM(0x006e, 64) U1781: 0e6de8039272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e8, tmp9) U1782: 006324039200 tmp9:= READURAM(0x0024, 64) U1784: 006520039239 tmp9:= SHR_DSZ64(tmp9, 0x00000020) U1785: 0e2ddc039272 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001dc, tmp9) U1786: 0e6df8035272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f8, tmp5) U1788: 0e6df0037272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f0, tmp7) U1789: 0e6de0033272 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e0, tmp3) U178a: 00651003a238 LFNCEWAIT-> tmp10:= SHR_DSZ64(tmp8, 0x00000010) U178c: 008588039e88 tmp9:= SUB_DSZ16(0x00000088, tmp10) U178d: 013101039239 tmp9:= SELECTCC_DSZ32_CONDNZ(tmp9, 0x00000001) U178e: 0ead020392f2 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x00000302, tmp9) U1790: 00858a03ae88 tmp10:= SUB_DSZ16(0x0000008a, tmp10) U1791: 01310103a23a tmp10:= SELECTCC_DSZ32_CONDNZ(tmp10, 0x00000001) U1792: 0e2d3403a2b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000234, tmp10) U1794: 00629e1f9200 LFNCEMARK-> tmp9:= MOVEFROMCREG_DSZ64(0x79e) U1795: 0e2d300392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000230, tmp9) U1796: 0ead000002f2 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x00000300, 0x00000000) U1798: 00087f039010 tmp9:= ZEROEXT_DSZ32(0x00030101) U1799: 0e2dfc0392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002fc, tmp9) U179a: 1062c40bb240 tmp11:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U179c: 00635c03a200 tmp10:= READURAM(0x005c, 64) U179d: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01efc040 ? SEQW GOTO U6fc0 U179e: 2d0bd443900a tmp9:= PORTIN_DSZ32_ASZ16_SC1(0x000050d4) U17a0: 286aa19c0239 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000002, U17a1) 0197a900 SEQW GOTO U17a9 ------------------------------------------------------------------------------------ U17a1: 006273176200 tmp6:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U17a2: 000400236236 tmp6:= AND_DSZ32(tmp6, 0x00000800) U17a4: 0151a55c0236 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U17a5) 0c97a900 SEQW GOTO U17a9 ------------------------------------------------------------------------------------ U17a5: 006205079200 SYNCMARK-> tmp9:= MOVEFROMCREG_DSZ64(0x105) U17a6: 000100039e4a tmp9:= OR_DSZ32(0x00004000, tmp9) U17a8: 004205040239 SYNCWAIT-> MOVETOCREG_DSZ64(tmp9, 0x105) U17a9: 00011003ae88 tmp10:= OR_DSZ32(0x00000010, tmp10) U17aa: 20435c08023a WRITEURAM(tmp10, 0x005c, 32) U17ac: 006336039200 tmp9:= READURAM(0x0036, 64) U17ad: 000001039e48 tmp9:= ADD_DSZ32(0x00000001, tmp9) U17ae: 204336080239 WRITEURAM(tmp9, 0x0036, 32) U17b0: 186bcebd02fc LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp12, 0x0000000e, U6fce) 066fcd00 SEQW GOTO U6fcd ------------------------------------------------------------------------------------ U17b1: 000400036000 tmp6:= AND_DSZ32(0x00000000) U17b2: 086a3af502f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U4d3a) U17b4: 076c00037038 tmp7:= PINTMOVDTMM2I_DSZ64(tmm0) U17b5: 00940d03b239 tmp11:= BT_DSZ16(tmp9, 0x0000000d) U17b6: 017e00033ef3 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp11) U17b8: 007700037df3 tmp7:= CMOVCC_DSZ64_CONDNB(tmp3, tmp7) U17b9: 074400038037 tmm0:= unk_744(mm7) 01cd3a40 SEQW GOTO U4d3a ------------------------------------------------------------------------------------ U17ba: 0008804fa009 tmp10:= ZEROEXT_DSZ32(0x00003380) U17bc: 0e6538035f08 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000038) U17bd: 004d0003303d tmp3:= unk_04d(tmp13) 01d93540 SEQW GOTO U5935 ------------------------------------------------------------------------------------ U17be: 204309000235 WRITEURAM(tmp5, 0x0009, 64) U17c0: 00480003d033 tmp13:= ZEROEXT_DSZ64(tmp3) 09542000 SEQW GOTO U5420 ------------------------------------------------------------------------------------ U17c1: 00621b033200 tmp3:= MOVEFROMCREG_DSZ64(0x01b) U17c2: 0042521c0233 SYNCFULL-> MOVETOCREG_DSZ64(tmp3, 0x752) U17c4: 000c00400200 SAVEUIP(0x00, U1000) U17c5: 0c4bc0632000 tmp2:= RDSEGFLD(SS_KERNM, UNK_FLD_0c) U17c6: 108800030030 tmp0:= ZEROEXT_DSZ16N(tmp0) U17c8: 104000033cb0 tmp3:= ADD_DSZN(tmp0, tmp2) U17c9: 20420e000233 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp3, 0x00e) 0297ce89 SEQW URET0 ------------------------------------------------------------------------------------ U17ca: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 0297ce89 ? SEQW GOTO U17ce U17cc: 00634c031200 tmp1:= READURAM(0x004c, 64) U17cd: 086a46e002f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000f, U0846) U17ce: 000b80800200 LFNCEMARK-> UPDATEUSTATE(!0x00) U17d0: 006310031200 tmp1:= READURAM(0x0010, 64) U17d1: 008800031c40 tmp1:= ZEROEXT_DSZ16(tmp1) U17d2: 100a20000200 TESTUSTATE(SYS, UST_SMM) 0197e0c0 ? SEQW GOTO U17e0 U17d4: 004400031ef1 tmp1:= AND_DSZ64(tmp1, tmp11) U17d5: 0151111c0271 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U17d6: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 0497e080 ? SEQW GOTO U17e0 U17d8: 0062f61f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U17d9: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U17da: 00241a030230 tmp0:= SHL_DSZ32(tmp0, 0x0000001a) U17dc: 000400030c70 tmp0:= AND_DSZ32(tmp0, tmp1) U17dd: 0250656802b0 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp0, U5a65) U17de: 104a0003333a tmp3:= TESTUSTATE(tmp10, SYS, 0x8000) 068000ce ? SEQW URET1 U17e0: 00422914023b LFNCEWAIT-> MOVETOCREG_DSZ64(tmp11, 0x529) U17e1: 000a00100200 TESTUSTATE(UCODE, 0x0400) 0217e840 ? SEQW GOTO U17e8 U17e2: 004ca87f12bb tmp1:= SAVEUIP(tmp11, 0x00, U5fa8) U17e4: 000d20840000 SAVEUIP_REGOVR(0x01, U17e5, 0x0120) 01dca000 SEQW GOTO U5ca0 U17e5: 006267031200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U17e6: 014300380c40 AETTRACE(0x0e, tmp1) U17e8: 000c44100200 SAVEUIP(0x00, U0444) U17e9: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 050bba40 ? SEQW GOTO U0bba U17ea: 000000000000 LFNCEMARK-> NOP uend: U17ec: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 022a9170 SEQW UEND0 ------------------------------------------------------------------------------------ U17ed: 000a00400240 TESTUSTATE(UCODE, 0x3000) 022a9170 ? SEQW GOTO U2a91 U17ee: 00088d133008 tmp3:= ZEROEXT_DSZ32(0x0000048d) U17f0: 006312031200 tmp1:= READURAM(0x0012, 64) U17f1: 186b916802f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, U2a91) U17f2: 000d31800280 SAVEUIP_REGOVR(0x01, U17f4, 0x4031) 01ebfd80 SEQW GOTO U6bfd U17f4: 000c91a80240 SAVEUIP(0x01, U2a91) U17f5: 004cd0614272 tmpv0:= SAVEUIP(tmp2, 0x00, U38d0) 01b34d40 SEQW GOTO U334d ------------------------------------------------------------------------------------ U17f6: 10628f0f7240 tmp7:= MOVEFROMCREG_DSZ64(0x38f, 32) U17f8: 0007000b7dc8 tmp7:= NOTAND_DSZ32(0x00000200, tmp7) U17f9: 19628f0c02b7 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp7, 0x00000008, 0x38f) U17fa: 10628f0f7240 tmp7:= MOVEFROMCREG_DSZ64(0x38f, 32) U17fc: 386a4e4002b7 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp7, 0x00000009, uret0) 0817fa00 SEQW GOTO U17fa ------------------------------------------------------------------------------------ U17fd: 06240003eeba tmm6:= unk_624(tmm2, tmm2) U17fe: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U1800: 00c410035d08 tmp5:= AND_DSZ8(0x00000010, tmp4) U1801: 06a017079000 tmp9:= unk_6a0(0x00000000) U1802: 01b401035235 tmp5:= CMOVCC_DSZ16_CONDZ(tmp5, 0x00000001) U1804: 074300039e75 tmm1:= unk_743(mm5, tmm1) U1805: 048300038039 tmm0:= unk_483(tmm1) 01c37840 SEQW GOTO U4378 ------------------------------------------------------------------------------------ U1806: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U1808: 008410033c88 tmp3:= AND_DSZ16(0x00000010, tmp2) U1809: 01500a600233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U180a) 05635540 SEQW GOTO U6355 ------------------------------------------------------------------------------------ U180a: 27430003e000 LFNCEMARK-> tmm6:= unk_743(0x00000000) U180c: 00811003cf08 tmp12:= OR_DSZ16(0x00000010, tmp12) 01994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U180d: 0151b40c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U03b4) U180e: 06240003eeba tmm6:= unk_624(tmm2, tmm2) U1810: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U1811: 00c404035d08 tmp5:= AND_DSZ8(0x00000004, tmp4) U1812: 01517c600275 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U387c) U1814: 00c410033d08 tmp3:= AND_DSZ8(0x00000010, tmp4) U1815: 0151b40c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U03b4) 01b6b840 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U1816: 00048003dd88 tmp13:= AND_DSZ32(0x00000080, tmp6) U1818: 00642803d23d tmp13:= SHL_DSZ64(tmp13, 0x00000028) U1819: 20631f032200 LFNCEWAIT-> tmp2:= READURAM(0x001f, 64) U181a: 004100032cbd tmp2:= OR_DSZ64(tmp13, tmp2) U181c: 20431f040232 LFNCEMARK-> WRITEURAM(tmp2, 0x011f, 64) 042e5000 SEQW GOTO U2e50 ------------------------------------------------------------------------------------ U181d: 1062df0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3df, 32) U181e: 1a62df4c0270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000005, 0x3df) U1820: 000a08800200 TESTUSTATE(UCODE, !0x0008) 02db9500 ? SEQW GOTO U5b95 U1821: 1042820f0240 LFNCEWAIT-> tmp0:= MOVETOCREG_DSZ64(0x00000000, 0x382, 32) U1822: 1042810c0270 MOVETOCREG_DSZ64(tmp0, 0x381, 32) U1824: 1042860f0240 tmp0:= MOVETOCREG_DSZ64(0x00000000, 0x386, 32) U1825: 1962854c0770 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000035, 0x385) 01db9840 SEQW GOTO U5b98 ------------------------------------------------------------------------------------ U1826: 006304032200 tmp2:= READURAM(0x0004, 64) U1828: 006305030200 tmp0:= READURAM(0x0005, 64) U1829: 286a2a200c32 BTUJB_DIRECT_NOTTAKEN(tmp2, tmp0, U182a) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U182a: 00a15c030008 tmp0:= CONCAT_DSZ16(0x0000005c) U182c: 004900031035 tmp1:= MOVE_DSZ64(tmp5) 01a43100 SEQW GOTO U2431 ------------------------------------------------------------------------------------ U182d: 006353033200 tmp3:= READURAM(0x0053, 64) U182e: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U1830: 000400033ccc tmp3:= AND_DSZ32(0x00008000, tmp3) U1831: 00250f033233 tmp3:= SHR_DSZ32(tmp3, 0x0000000f) U1832: 00634703e200 tmp14:= READURAM(0x0047, 64) U1834: 013e0003ecfe tmp14:= MOVEMERGEFLGS_DSZ32(tmp14, tmp3) U1835: 01344263e23e tmp14:= CMOVCC_DSZ32_CONDZ(tmp14, 0x00001842) 01cc0940 SEQW GOTO U4c09 ------------------------------------------------------------------------------------ U1836: 000820070008 tmp0:= ZEROEXT_DSZ32(0x00000120) U1838: 004335000230 WRITEURAM(tmp0, 0x0035, 64) U1839: 00080023100a tmp1:= ZEROEXT_DSZ32(0x00004800) U183a: 00a160031c4e tmp1:= CONCAT_DSZ16(0x0000c060, tmp1) U183c: 00a1004b000b tmp0:= CONCAT_DSZ16(0x00007200) U183d: 002100031c31 tmp1:= CONCAT_DSZ32(tmp1, tmp0) U183e: 004377000231 WRITEURAM(tmp1, 0x0077, 64) 01cd7c80 SEQW GOTO U4d7c ------------------------------------------------------------------------------------ U1840: 00635c033200 tmp3:= READURAM(0x005c, 64) U1841: 086af2ed0273 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000007, U4bf2) U1842: 19029d080380 MOVETOCREG_OR_DSZ64(0x00000018, 0x29d) U1844: 006353030200 tmp0:= READURAM(0x0053, 64) U1845: 004108030c08 tmp0:= OR_DSZ64(0x00000008, tmp0) U1846: 004353080230 WRITEURAM(tmp0, 0x0053, 32) U1848: 005402030230 tmp0:= BT_DSZ64(tmp0, 0x00000002) U1849: 013e0e030c08 tmp0:= MOVEMERGEFLGS_DSZ32(0x0000000e, tmp0) U184a: 003600030230 tmp0:= CMOVCC_DSZ32_CONDB(tmp0, 0x00000000) 01d8c192 SEQW SAVEUIP0 U184c SEQW GOTO U58c1 U184c: 0008ed03f008 tmp15:= ZEROEXT_DSZ32(0x000000ed) 02e21d00 SEQW GOTO U621d ------------------------------------------------------------------------------------ U184d: 0e6b4a280cb0 LFNCEWAIT-> unk_e6b(tmp0, tmp2) U184e: 006528031230 tmp1:= SHR_DSZ64(tmp0, 0x00000028) U1850: 0df300240033 LEA_DSZ8_ASZ32_SC1(tmp3) U1851: 20423c1c0231 MOVETOCREG_DSZ64(tmp1, 0x73c) U1852: 0c4b400fb000 tmp11:= RDSEGFLD(SS, FLGS) U1854: 00060003bc7b tmp11:= XOR_DSZ32(tmp11, tmp1) U1855: 00040003beca tmp11:= AND_DSZ32(0x00004000, tmp11) 01b99840 SEQW GOTO U3998 ------------------------------------------------------------------------------------ U1856: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1858: 0c400063c035 LFNCEWTMRK-> tmp12:= LDZX_DSZ64_ASZ32_SC1(tmp5, mode=0x18) U1859: 006357014200 tmpv0:= READURAM(0x0057, 64) U185a: 006310015200 tmpv1:= READURAM(0x0010, 64) U185c: 00440001557c tmpv1:= AND_DSZ64(tmp12, tmpv1) U185d: 01511d300255 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv1, U2c1d) U185e: 00000103df48 tmp13:= ADD_DSZ32(0x00000001, tmp13) U1860: 19281d300f14 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmpv0, tmp12, U2c1d) 0618668c SEQW URET1 ------------------------------------------------------------------------------------ rdrand_impl: U1861: 006335031200 tmp1:= READURAM(0x0035, 64) U1862: 100a20000200 TESTUSTATE(SYS, UST_SMM) 0618668c ? SEQW GOTO U1866 U1864: 186b69dc0771 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000037, generate_#UD) U1865: 000dc4800000 SAVEUIP_REGOVR(0x01, U1866, 0x00c4) 019d8d40 SEQW GOTO check_rdrand_vmexits U1866: 0d4b00031032 tmp1:= PORTIN_DSZ64_ASZ16_SC1(tmp2) U1868: 004100031c40 tmp1:= OR_DSZ64(0x00000000, tmp1) U1869: 017001032231 tmp2:= SELECTCC_DSZ64_CONDZ(tmp1, 0x00000001) U186a: 1008000020b1 rax:= ZEROEXT_DSZ32N(tmp1, r64src) U186c: 203d00000032 MOVEINSERTFLGS_DSZ32(tmp2) 018d0470 SEQW UEND0 ------------------------------------------------------------------------------------ U186d: 000d0d800000 SAVEUIP_REGOVR(0x01, U186e, 0x000d) 018d0470 SEQW GOTO U0d04 U186e: 000cecf40240 SAVEUIP(0x01, U3dec) U1870: 000a08800200 TESTUSTATE(UCODE, !0x0008) 028ea100 ? SEQW GOTO U0ea1 U1871: 0c4b6027b000 LFNCEWAIT-> tmp11:= RDSEGFLD(UNK_SEG_09, LIMIT) U1872: 00421010023b MOVETOCREG_DSZ64(tmp11, 0x410) U1874: 00000103bec8 tmp11:= ADD_DSZ32(0x00000001, tmp11) U1875: 0042001c023b MOVETOCREG_DSZ64(tmp11, 0x700) U1876: 0c4bc027b000 tmp11:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U1878: 00428e1c023b LFNCEMARK-> MOVETOCREG_DSZ64(tmp11, 0x78e) 0447988c SEQW URET1 ------------------------------------------------------------------------------------ U1879: 00087c635008 tmp5:= ZEROEXT_DSZ32(0x0000187c) U187a: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 0447988c ? SEQW GOTO U4798 U187c: 000803230009 LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x00002803) U187d: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 04188140 ? SEQW GOTO U1881 U187e: 00634c03f200 tmp15:= READURAM(0x004c, 64) U1880: 286a907c07bf LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000039, do_smm_vmexit) U1881: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 044e8140 ? SEQW GOTO do_vmexit U1882: 00631f031200 tmp1:= READURAM(0x001f, 64) U1884: 000707031c48 tmp1:= NOTAND_DSZ32(0x00000007, tmp1) U1885: 20431f080231 WRITEURAM(tmp1, 0x001f, 32) U1886: 000c09980240 SAVEUIP(0x01, U2609) 01ad5d80 SEQW GOTO U2d5d ------------------------------------------------------------------------------------ U1888: 004900031861 tmp1:= MOVE_DSZ64(rcx, rcx) U1889: 006530030230 tmp0:= SHR_DSZ64(tmp0, 0x00000030) U188a: 000a04035230 tmp5:= TESTUSTATE(tmp0, UCODE, 0x0004) 01988e80 ? SEQW GOTO U188e U188c: 025c00000c71 LFNCEMARK-> unk_25c(tmp1, tmp1) U188d: 008010030d48 tmp0:= ADD_DSZ16(0x00000010, tmp5) U188e: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 042711c0 ? SEQW GOTO generate_#GP U1890: 00077b036ad0 tmp6:= NOTAND_DSZ32(0x00030000, r11) U1891: 213f00000036 unk_13f(tmp6) U1892: 09620b000200 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00b) U1894: 0042fe1c0236 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp6, CORE_CR_EFLAGS) U1895: 002405036233 tmp6:= SHL_DSZ32(tmp3, 0x00000005) 021d7040 SEQW GOTO U1d70 ------------------------------------------------------------------------------------ U1896: 000825230009 tmp0:= ZEROEXT_DSZ32(0x00002825) U1898: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01ce8100 ? SEQW GOTO do_vmexit U1899: 00631f031200 tmp1:= READURAM(0x001f, 64) U189a: 086a81390671 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000024, do_vmexit) U189c: 286a90fc0631 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000023, do_smm_vmexit) U189d: 100a80831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_GUEST) 019f9140 ? SEQW GOTO do_smm_vmexit_ovr_enter_rip U189e: 006343032200 tmp2:= READURAM(0x0043, 64) U18a0: 086a82f903b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000001b, do_vmexit_ovr_enter_rip) 019f9100 SEQW GOTO do_smm_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U18a1: 00040203ef88 tmp14:= AND_DSZ32(0x00000002, tmp14) U18a2: 00553f03f200 tmp15:= BTS_DSZ64(0x00000000, 0x0000003f) U18a4: 01700003effe tmp14:= SELECTCC_DSZ64_CONDZ(tmp14, tmp15) U18a5: 2d4b204bf00a tmp15:= PORTIN_DSZ64_ASZ16_SC1(0x00005220) U18a6: 00563f03f23f tmp15:= BTR_DSZ64(tmp15, 0x0000003f) U18a8: 00410003fffe tmp15:= OR_DSZ64(tmp14, tmp15) U18a9: 2d4f204bf00a LFNCEMARK-> PORTOUT_DSZ64_ASZ16_SC1(0x00005220, tmp15) 04f6398d SEQW URET1 ------------------------------------------------------------------------------------ U18aa: 200a00400200 TESTUSTATE(VMX, 0x1000) 04f6398d ? SEQW GOTO U7639 U18ac: 00436100023e WRITEURAM(tmp14, 0x0061, 64) U18ad: 386b3919033f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000010, U7639) U18ae: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01f63980 ? SEQW GOTO U7639 U18b0: 100a00800240 TESTUSTATE(SYS, !0x2000) 01f63900 ? SEQW GOTO U7639 U18b1: 00621117e200 tmp14:= MOVEFROMCREG_DSZ64(0x511) U18b2: 00070043ef9f tmp14:= NOTAND_DSZ32(0xfffffffffffff000, tmp14) U18b4: 00140103f23f tmp15:= BT_DSZ32(tmp15, 0x00000001) U18b5: 013e0003effe tmp14:= MOVEMERGEFLGS_DSZ32(tmp14, tmp15) U18b6: 00250b03f23f tmp15:= SHR_DSZ32(tmp15, 0x0000000b) U18b8: 00041f03ffc8 tmp15:= AND_DSZ32(0x0000001f, tmp15) U18b9: 00050403ffc8 tmp15:= SUB_DSZ32(0x00000004, tmp15) U18ba: 0153395802ff UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp15, U7639) U18bc: 0b2f0303fffe tmp15:= unk_b2f(tmp14, tmp15) U18bd: 00010003ffbf tmp15:= OR_DSZ32(tmp15, tmp14) U18be: 00040c03ffc8 tmp15:= AND_DSZ32(0x0000000c, tmp15) U18c0: 0151395802ff UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U7639) U18c1: 00058003ff88 tmp15:= SUB_DSZ32(0x00000080, tmp14) U18c2: 0151ee1802ff UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U66ee) U18c4: 00240203e23e tmp14:= SHL_DSZ32(tmp14, 0x00000002) U18c5: 00080303f008 tmp15:= ZEROEXT_DSZ32(0x00000003) U18c6: 00010003efbf LFNCEMARK-> tmp14:= OR_DSZ32(tmp15, tmp14) U18c8: 00643003e23e tmp14:= SHL_DSZ64(tmp14, 0x00000030) U18c9: 00621317f200 tmp15:= MOVEFROMCREG_DSZ64(0x513) U18ca: 00641003f23f tmp15:= SHL_DSZ64(tmp15, 0x00000010) U18cc: 00651003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000010) U18cd: 090213140fbf LFNCEWAIT-> MOVETOCREG_OR_DSZ64(tmp15, tmp14, 0x513) U18ce: 00636103e200 tmp14:= READURAM(0x0061, 64) 02a04180 SEQW GOTO U2041 ------------------------------------------------------------------------------------ U18d0: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U18d1: 00473f076d90 tmp6:= NOTAND_DSZ64(0x01c00000, tmp6) U18d2: 20420c000236 LFNCEMARK-> MOVETOCREG_DSZ64(tmp6, 0x00c) U18d4: 000800136008 tmp6:= ZEROEXT_DSZ32(0x00000400) U18d5: 00620003d200 tmp13:= MOVEFROMCREG_DSZ64(0x000) U18d6: 01080083f010 tmp15:= READUIP_REGOVR(0x01) U18d8: 00210003effe tmp14:= CONCAT_DSZ32(tmp14, tmp15) U18d9: 00043f03ff48 tmp15:= AND_DSZ32(0x0000003f, tmp13) U18da: 00050103ffc8 tmp15:= SUB_DSZ32(0x00000001, tmp15) U18dc: 00053d03ffc8 tmp15:= SUB_DSZ32(0x0000003d, tmp15) U18dd: 0152f45c027f LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U37f4) 06a769cd SEQW URET1 ------------------------------------------------------------------------------------ U18de: 100a01000200 TESTUSTATE(SYS, UST_VMX_DIS) 06a769cd ? SEQW GOTO generate_#UD U18e0: 00081b130008 tmp0:= ZEROEXT_DSZ32(0x0000041b) U18e1: 000810034008 tmp4:= ZEROEXT_DSZ32(0x00000010) U18e2: 100a00840200 TESTUSTATE(SYS, !UST_VMX_OP_DIS) 01ac16c0 ? SEQW GOTO U2c16 U18e4: 00633a035200 tmp5:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U18e5: 000705035235 tmp5:= NOTAND_DSZ32(tmp5, 0x00000005) U18e6: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 01df29d2 ? SEQW SAVEUIP0 U18e8 ? SEQW GOTO U5f29 U18e8: 000100034d73 tmp4:= OR_DSZ32(tmp3, tmp5) U18e9: 006310031200 tmp1:= READURAM(0x0010, 64) U18ea: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a711c0 ? SEQW GOTO generate_#GP U18ec: 0151111c0274 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, generate_#GP) U18ed: 000800000000 NOP U18ee: 000800000000 NOP U18f0: 0c4000632032 LFNCEMARK-> tmp2:= LDZX_DSZ64_ASZ32_SC1(tmp2, mode=0x18) U18f1: 004700033cb1 tmp3:= NOTAND_DSZ64(tmp1, tmp2) U18f2: 000800000000 NOP U18f4: 0929ae100cf2 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp3, set_carry_uend) U18f5: 000800000000 NOP U18f6: 000800000000 NOP U18f8: 0e2500031033 LFNCEWAIT-> tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp3) U18f9: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U18fa: 006370034200 tmp4:= READURAM(0x0070, 64) U18fc: 0929ae500331 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000011, set_carry_uend) U18fd: 000100434d08 tmp4:= OR_DSZ32(0x00001000, tmp4) U18fe: 004501031008 tmp1:= SUB_DSZ64(0x00000001) U1900: 0962c31802b0 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(tmp0, 0x00000008, 0x6c3) U1901: 004370080234 WRITEURAM(tmp4, 0x0070, 32) U1902: 1042c4080274 MOVETOCREG_DSZ64(tmp4, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U1904: 004349000233 WRITEURAM(tmp3, 0x0049, 64) U1905: 004357000233 WRITEURAM(tmp3, 0x0057, 64) U1906: 004356000231 WRITEURAM(tmp1, 0x0056, 64) U1908: 0e6db8031cca STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, 0x000002b8, tmp1) U1909: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U190a: 0e2dd8031cc9 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp3, 0x000001d8, tmp1) 01aeaa80 SEQW GOTO U2eaa ------------------------------------------------------------------------------------ U190c: 0062ff1f3200 tmp3:= MOVEFROMCREG_DSZ64(0x7ff) U190d: 0062f61f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U190e: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01b200c0 ? SEQW GOTO U3200 U1910: 186a11dc02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000b, generate_#GP) U1911: 000600031cf5 tmp1:= XOR_DSZ32(tmp5, tmp3) U1912: 002517032232 tmp2:= SHR_DSZ32(tmp2, 0x00000017) U1914: 000400031c72 tmp1:= AND_DSZ32(tmp2, tmp1) U1915: 186a111c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000008, generate_#GP) U1916: 000400131cc8 tmp1:= AND_DSZ32(0x00000400, tmp3) U1918: 000700135d48 tmp5:= NOTAND_DSZ32(0x00000400, tmp5) U1919: 2902ff1c0c75 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp5, tmp1, 0x7ff) 04e0d240 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U191a: 00480003a037 tmp10:= ZEROEXT_DSZ64(tmp7) U191c: 004800035037 tmp5:= ZEROEXT_DSZ64(tmp7) U191d: 004000037df8 tmp7:= ADD_DSZ64(tmp8, tmp7) U191e: 004500038038 tmp8:= SUB_DSZ64(tmp8) U1920: 000501039e48 tmp9:= SUB_DSZ32(0x00000001, tmp9) U1921: 015022640239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U1922) 01e9d040 SEQW GOTO U69d0 ------------------------------------------------------------------------------------ U1922: 00400407ad88 tmp10:= ADD_DSZ64(0x00000104, tmp6) U1924: 000c72340240 SAVEUIP(0x00, check_rsa_padding_signature) 01f35c00 SEQW GOTO rsa_decrypt ------------------------------------------------------------------------------------ U1925: 006353030200 tmp0:= READURAM(0x0053, 64) U1926: 000101030c08 tmp0:= OR_DSZ32(0x00000001, tmp0) U1928: 204353080230 WRITEURAM(tmp0, 0x0053, 32) U1929: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) 0360aa51 SEQW SAVEUIP0 U192a SEQW GOTO U60aa U192a: 0e2500030034 LFNCEWAIT-> tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U192c: 104004034d08 tmp4:= ADD_DSZN(0x00000004, tmp4) U192d: 104000034d30 tmp4:= ADD_DSZN(tmp0, tmp4) 019ea640 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U192e: 000cf2080200 SAVEUIP(0x00, U02f2) U1930: 000d00800000 SAVEUIP_REGOVR(0x01, U1931, 0x0000) 0182ea14 SEQW SAVEUIP1 U1931 SEQW GOTO U02ea U1931: 0c4b402b0000 tmp0:= RDSEGFLD(SS_USERM, FLGS) U1932: 00423c1c0230 MOVETOCREG_DSZ64(tmp0, 0x73c) U1934: 09a29e5c0270 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000005, 0x79e) U1935: 000800000900 ZEROEXT_DSZ32(rsp) 092d3055 SEQW SAVEUIP1 U1936 SEQW GOTO U2d30 U1936: 004267000236 SYNCFULL-> MOVETOCREG_DSZ64(tmp6, CORE_CR_CUR_RIP) U1938: 125500000d80 FETCHFROMEIP1_ASZ64(tmp6) 01a041b0 SEQW UEND0 ------------------------------------------------------------------------------------ U1939: 00059213ffc8 tmp15:= SUB_DSZ32(0x00000492, tmp15) U193a: 01503c64023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U193c) 01a041b0 SEQW GOTO U2041 ------------------------------------------------------------------------------------ U193c: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U193d: 0042521c023f MOVETOCREG_DSZ64(tmp15, 0x752) U193e: 125600000000 unk_256(0x00000000) U1940: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1941: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U1942: 10450003efbf tmp14:= SUB_DSZN(tmp15, tmp14) U1944: 00421a1c023e MOVETOCREG_DSZ64(tmp14, 0x71a) U1945: 20421c1c023f SYNCFULL-> MOVETOCREG_DSZ64(tmp15, 0x71c) U1946: 1f3f04eb0024 tmp0:= unk_f3f(rsp) 088000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U1948: 073a00038000 tmm0:= unk_73a(0x00000000) U1949: 008420031e08 tmp1:= AND_DSZ16(0x00000020, tmp8) U194a: 00c100034f31 tmp4:= OR_DSZ8(tmp1, tmp12) U194c: 00c100038e34 tmp8:= OR_DSZ8(tmp4, tmp8) U194d: 006286137200 LFNCEWAIT-> tmp7:= MOVEFROMCREG_DSZ64(0x486) U194e: 000700035e37 tmp5:= NOTAND_DSZ32(tmp7, tmp8) U1950: 00043f035d48 tmp5:= AND_DSZ32(0x0000003f, tmp5) U1951: 00872a038e10 tmp8:= NOTAND_DSZ16(0x00008080, tmp8) U1952: 01b42a03a435 tmp10:= CMOVCC_DSZ16_CONDZ(tmp5, 0x00008080) U1954: 008100038eb8 tmp8:= OR_DSZ16(tmp8, tmp10) U1955: 20428c100238 MOVETOCREG_DSZ64(tmp8, 0x48c) 01a1fe40 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U1956: 000802155008 tmpv1:= ZEROEXT_DSZ32(0x00000502) U1958: 000a00400240 TESTUSTATE(UCODE, 0x3000) 019cbe00 ? SEQW GOTO uret1 U1959: 006312014200 tmpv0:= READURAM(0x0012, 64) U195a: 001402014214 tmpv0:= BT_DSZ32(tmpv0, 0x00000002) U195c: 01080083f010 tmp15:= READUIP_REGOVR(0x01) U195d: 005300000fd4 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmpv0, tmp15) 01ebfd55 SEQW SAVEUIP1 U195e SEQW GOTO U6bfd U195e: 00c800014032 tmpv0:= ZEROEXT_DSZ8(tmp2) U1960: 00ccbc0c0200 SAVEUIP(0x00, U03bc) 01b34d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U1961: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U1962: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U1964: 0087001b4d08 tmp4:= NOTAND_DSZ16(0x00000600, tmp4) U1965: 09028c538234 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000001, 0x48c) U1966: 000401036d48 tmp6:= AND_DSZ32(0x00000001, tmp5) U1968: 0150de5802b6 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U56de) U1969: 06a043008000 tmp0:= unk_6a0(0x00000000) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U196a: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U196c: 2962c3d802b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000b, 0x6c3) U196d: 000cd4100200 SAVEUIP(0x00, U04d4) 01813955 SEQW SAVEUIP1 U196e SEQW GOTO U0139 U196e: 0045e007ffc8 tmp15:= SUB_DSZ64(0x000001e0, tmp15) U1970: 000e17000200 WRMSLOOPCTRFBR(0x00000017) 0184dc14 SEQW SAVEUIP1 U1971 SEQW GOTO U04dc U1971: 01420a039f40 tmp9:= UFLOWCTRL(URET0, tmp13) U1972: 01420b000fb9 UFLOWCTRL(tmp9, URET1, tmp14) U1974: 015d00000d40 SYNCFULL-> UJMP(tmp5) ------------------------------------------------------------------------------------ U1975: 000407031ec8 tmp1:= AND_DSZ32(0x00000007, tmp11) U1976: 015178640231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U1978) 0818d096 SEQW SAVEUIP1 U1978 SEQW GOTO U18d0 U1978: 000c0c980200 SAVEUIP(0x01, U060c) 01ede000 SEQW GOTO U6de0 ------------------------------------------------------------------------------------ U1979: 006510031230 tmp1:= SHR_DSZ64(tmp0, 0x00000010) U197a: 006508030230 tmp0:= SHR_DSZ64(tmp0, 0x00000008) U197c: 000446031c50 tmp1:= AND_DSZ32(0x0000ffff, tmp1) U197d: 2822a0d803f0 LFNCEWAIT-> MOVETOCREG_AND_DSZ64(tmp0, 0x0000001f, 0x6a0) U197e: 006321030200 tmp0:= READURAM(0x0021, 64) U1980: 186a39140270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U2539) U1981: 006530030230 tmp0:= SHR_DSZ64(tmp0, 0x00000030) 07253c40 SEQW GOTO U253c ------------------------------------------------------------------------------------ U1982: 2d0ba403e008 LFNCEWTMRK-> tmp14:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U1984: 286b85e403fe BTUJNB_DIRECT_NOTTAKEN(tmp14, 0x0000001f, U1985) 01998200 SEQW GOTO U1982 ------------------------------------------------------------------------------------ U1985: 00151f034234 tmp4:= BTS_DSZ32(tmp4, 0x0000001f) U1986: 2d0fa003a008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp10) U1988: 2d0fa4034008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp4) U1989: 2d0ba403e008 LFNCEWTMRK-> tmp14:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U198a: 286b8ce403fe BTUJNB_DIRECT_NOTTAKEN(tmp14, 0x0000001f, U198c) 06998980 SEQW GOTO U1989 ------------------------------------------------------------------------------------ U198c: 015d00000f40 SYNCFULL-> UJMP(tmp13) ------------------------------------------------------------------------------------ U198d: 000cd4100200 SAVEUIP(0x00, U04d4) 08013955 SEQW SAVEUIP1 U198e SEQW GOTO U0139 U198e: 00652003f23d tmp15:= SHR_DSZ64(tmp13, 0x00000020) U1990: 01420a03ffc0 tmp15:= UFLOWCTRL(URET0, tmp15) U1991: 00652003e23e tmp14:= SHR_DSZ64(tmp14, 0x00000020) U1992: 01420b000fbf UFLOWCTRL(tmp15, URET1, tmp14) U1994: 00480003f03d tmp15:= ZEROEXT_DSZ64(tmp13) U1995: 00652003d23d tmp13:= SHR_DSZ64(tmp13, 0x00000020) U1996: 015d00000fc0 UJMP(tmp15) ------------------------------------------------------------------------------------ U1998: 06240003ce38 tmm4:= unk_624(tmm0, tmm0) U1999: 06240003de79 tmm5:= unk_624(tmm1, tmm1) U199a: 072c0003003c tmp0:= PINTMOVDTMM2I_DSZ32(tmm4) U199c: 072c0003103d tmp1:= PINTMOVDTMM2I_DSZ32(tmm5) U199d: 002502030230 tmp0:= SHR_DSZ32(tmp0, 0x00000002) U199e: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U19a0: 000100032c31 tmp2:= OR_DSZ32(tmp1, tmp0) U19a1: 00040f032c88 tmp2:= AND_DSZ32(0x0000000f, tmp2) U19a2: 07040003e032 tmm6:= unk_704(mm2) U19a4: 06200603e03e tmm6:= unk_620(tmm6) U19a5: 072c0003203e tmp2:= PINTMOVDTMM2I_DSZ32(tmm6) U19a6: 015d00000c80 UJMP(tmp2) ------------------------------------------------------------------------------------ U19a8: 000882039010 tmp9:= ZEROEXT_DSZ32(0x00030300) U19a9: 2042a1180239 MOVETOCREG_DSZ64(tmp9, 0x6a1) U19aa: 2042a01b8200 LFNCEMARK-> tmp8:= MOVETOCREG_DSZ64(0x00000000, 0x6a0) U19ac: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01d72d00 ? SEQW GOTO U572d U19ad: 0e6500035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U19ae: 104008034d08 tmp4:= ADD_DSZN(0x00000008, tmp4) U19b0: 100a00000280 TESTUSTATE(SYS, 0x4000) 0199b400 ? SEQW GOTO U19b4 U19b1: 0e7d00035033 STADSTGBUF_DSZ64_ASZ16_SC1(tmp3, tmp5) U19b2: 000020033cc8 tmp3:= ADD_DSZ32(0x00000020, tmp3) U19b4: 2042a4180235 MOVETOCREG_DSZ64(tmp5, 0x6a4) U19b5: 29a2a4d803f5 MOVETOCREG_SHR_DSZ64(tmp5, 0x0000001f, 0x6a4) U19b6: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0199ad80 SEQW GOTO U19ad ------------------------------------------------------------------------------------ U19b8: 2042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U19b9: 004500033c34 tmp3:= SUB_DSZ64(tmp4, tmp0) U19ba: 213e08030008 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000008) U19bc: 237d00000cf0 GENARITHFLAGS(tmp0, tmp3) U19bd: 006520037234 tmp7:= SHR_DSZ64(tmp4, 0x00000020) U19be: 217400035d31 tmp5:= CMOVCC_DSZ64_CONDZ(tmp1, tmp4) U19c0: 3c0800635032 STAD_DSZ32_ASZ32_SC1(tmp2, mode=0x18, tmp5) U19c1: 217400020da0 rax:= CMOVCC_DSZ64_CONDZ(rax, tmp6) U19c2: 217400022de2 rdx:= CMOVCC_DSZ64_CONDZ(rdx, tmp7) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U19c4: 000812831008 tmp1:= ZEROEXT_DSZ32(IMM_MACRO_12) U19c5: 00241103f231 tmp15:= SHL_DSZ32(tmp1, 0x00000011) U19c6: 00330f03323f tmp3:= SELECTCC_DSZ32_CONDNB(tmp15, 0x0000000f) U19c8: 02310f03223f tmp2:= SELECTCC_DSZ32_CONDNS(tmp15, 0x0000000f) U19c9: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U19ca: 02310203223f tmp2:= SELECTCC_DSZ32_CONDNS(tmp15, 0x00000002) U19cc: 000038032c88 tmp2:= ADD_DSZ32(0x00000038, tmp2) U19cd: 003300032cbf tmp2:= SELECTCC_DSZ32_CONDNB(tmp15, tmp2) U19ce: 0004ff1ff231 tmp15:= AND_DSZ32(tmp1, 0x000007ff) U19d0: 00e100033cb3 tmp3:= CONCAT_DSZ8(tmp3, tmp2) U19d1: 00a100033cff tmp3:= CONCAT_DSZ16(tmp15, tmp3) U19d2: 002100031c73 tmp1:= CONCAT_DSZ32(tmp3, tmp1) U19d4: 008800031c40 tmp1:= ZEROEXT_DSZ16(tmp1) 0900a14c SEQW URET1 ------------------------------------------------------------------------------------ U19d5: 000d00800000 SAVEUIP_REGOVR(0x01, U19d6, 0x0000) 0900a14c SEQW GOTO U00a1 U19d6: 2928dc240035 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U19dc) U19d8: 006200037cc0 tmp7:= MOVEFROMCREG_DSZ64(tmp3) U19d9: 004400037df5 tmp7:= AND_DSZ64(tmp5, tmp7) U19da: 004100036df6 tmp6:= OR_DSZ64(tmp6, tmp7) U19dc: 204200000cf6 MOVETOCREG_DSZ64(tmp6, tmp3) U19dd: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0199d540 SEQW GOTO U19d5 ------------------------------------------------------------------------------------ U19de: 0008c03b100d tmp1:= ZEROEXT_DSZ32(0x0000aec0) U19e0: 100a00000280 TESTUSTATE(SYS, 0x4000) 019ea600 ? SEQW GOTO patch_runs_load_loop U19e1: 0062071f6200 tmp6:= MOVEFROMCREG_DSZ64(0x707) U19e2: 0062061f7200 tmp7:= MOVEFROMCREG_DSZ64(0x706) U19e4: 002100036df6 tmp6:= CONCAT_DSZ32(tmp6, tmp7) U19e5: 0e7d00036031 STADSTGBUF_DSZ64_ASZ16_SC1(tmp1, tmp6) 019ea640 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U19e6: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U19e8: 00054a0bbed0 tmp11:= SUB_DSZ32(0xffffffff, tmp11) U19e9: 01503034023b LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U0d30) U19ea: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U19ec: 00640803b23b LFNCEWAIT-> tmp11:= SHL_DSZ64(tmp11, 0x00000008) U19ed: 0e2d00035d3b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4, tmp5) U19ee: 006520035235 tmp5:= SHR_DSZ64(tmp5, 0x00000020) U19f0: 0e2d04035d3b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4, 0x00000004, tmp5) 018d3000 SEQW GOTO U0d30 ------------------------------------------------------------------------------------ U19f1: 296200400300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x000) U19f2: 00150c030230 tmp0:= BTS_DSZ32(tmp0, 0x0000000c) U19f4: 000700330c08 tmp0:= NOTAND_DSZ32(0x00000c00, tmp0) U19f5: 204323080230 WRITEURAM(tmp0, 0x0023, 32) U19f6: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U19f8: 000148036008 tmp6:= OR_DSZ32(0x00000048) U19f9: 020301032200 tmp2:= unk_203(0x00000001) U19fa: 015011000272 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U2011) 09201980 SEQW GOTO U2019 ------------------------------------------------------------------------------------ U19fc: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U19fd: 00473f07dd90 tmp13:= NOTAND_DSZ64(0x01c00000, tmp6) U19fe: 20420c00023d LFNCEMARK-> MOVETOCREG_DSZ64(tmp13, 0x00c) U1a00: 000a00100200 TESTUSTATE(UCODE, 0x0400) 019a0c00 ? SEQW GOTO U1a0c U1a01: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1a02: 000800000000 NOP U1a04: 286a05a80376 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000016, U1a05) 019a0c00 SEQW GOTO U1a0c ------------------------------------------------------------------------------------ U1a05: 000800000000 NOP U1a06: 000800000000 NOP U1a08: 004d30db72c0 tmp7:= unk_04d(IMM_MACRO_30) 095e0600 SEQW GOTO U5e06 ------------------------------------------------------------------------------------ U1a09: 00652003e23e tmp14:= SHR_DSZ64(tmp14, 0x00000020) U1a0a: 01420b000f80 SYNCFULL-> UFLOWCTRL(URET1, tmp14) U1a0c: 000000000000 NOP 0198d400 SEQW GOTO U18d4 ------------------------------------------------------------------------------------ U1a0d: 00250f031231 tmp1:= SHR_DSZ32(tmp1, 0x0000000f) U1a0e: 000410031c48 tmp1:= AND_DSZ32(0x00000010, tmp1) U1a10: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U1a11: 00629e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x79e) U1a12: 000703031231 tmp1:= NOTAND_DSZ32(tmp1, 0x00000003) U1a14: 013104031231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00000004) U1a15: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U1a16: 290210540230 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp0, 0x00000001, 0x510) 05273080 SEQW GOTO U2730 ------------------------------------------------------------------------------------ U1a18: 000cc46c0240 SAVEUIP(0x00, U3bc4) U1a19: 086a8191033b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000012, U4481) U1a1a: 00041f03bec8 LFNCEMARK-> tmp11:= AND_DSZ32(0x0000001f, tmp11) U1a1c: 100a20000200 LFNCEWAIT-> TESTUSTATE(SYS, UST_SMM) 02015109 ? SEQW GOTO U0151 U1a1d: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 02015109 ? SEQW URET0 U1a1e: 006311033200 tmp3:= READURAM(0x0011, 64) U1a20: 0e65e807dcc8 tmp13:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, 0x000000e8, mode=0x01) U1a21: 0e25f0073cc8 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp3, 0x000000f0, mode=0x01) U1a22: 000cbd6c0240 SAVEUIP(0x00, U3bbd) U1a24: 00040003defd tmp13:= AND_DSZ32(tmp13, tmp11) U1a25: 000600033f73 tmp3:= XOR_DSZ32(tmp3, tmp13) U1a26: 00631403d200 tmp13:= READURAM(0x0014, 64) U1a28: 013001033233 tmp3:= SELECTCC_DSZ32_CONDZ(tmp3, 0x00000001) 01c79888 SEQW URET0 ------------------------------------------------------------------------------------ U1a29: 00082c6b5008 tmp5:= ZEROEXT_DSZ32(0x00001a2c) U1a2a: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79888 ? SEQW GOTO U4798 U1a2c: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1a2d: 000c32ebe208 tmp14:= SAVEUIP(0x01, U1a32) U1a2e: 23800003ae80 tmp10:= READAFLAGS(tmp10) 018d8292 SEQW SAVEUIP0 U1a30 SEQW GOTO U0d82 U1a30: 000c3c980200 SAVEUIP(0x01, U063c) U1a31: 000d00000000 SAVEUIP_REGOVR(0x00, U1a32, 0x0000) 01dc7d40 SEQW GOTO U5c7d U1a32: 00c800032032 tmp2:= ZEROEXT_DSZ8(tmp2) U1a34: 00e100031c88 tmp1:= CONCAT_DSZ8(0x00000000, tmp2) U1a35: 000d35a40380 SAVEUIP_REGOVR(0x01, U1a36, 0xc935) 01b88140 SEQW GOTO U3881 U1a36: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U1a38: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1a39: 00426103e010 LFNCEWAIT-> tmp14:= MOVETOCREG_DSZ64(0x00000009, 0x000) U1a3a: 00426503c200 tmp12:= MOVETOCREG_DSZ64(0x00000000, 0x065) 02a68580 SEQW GOTO U2685 ------------------------------------------------------------------------------------ U1a3c: 00080003c000 tmp12:= ZEROEXT_DSZ32(0x00000000) U1a3d: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U1a3e: 0008416b5008 tmp5:= ZEROEXT_DSZ32(0x00001a41) U1a40: 104a20833278 tmp3:= TESTUSTATE(tmp8, SYS, !UST_SMM | 0x2000) 09479800 ? SEQW GOTO U4798 U1a41: 004800038033 tmp8:= ZEROEXT_DSZ64(tmp3) U1a42: 0042c518023c SYNCFULL-> MOVETOCREG_DSZ64(tmp12, 0x6c5) U1a44: 00631f039200 tmp9:= READURAM(0x001f, 64) U1a45: 000400079e48 tmp9:= AND_DSZ32(0x00000100, tmp9) U1a46: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01925480 ? SEQW GOTO U1254 U1a48: 000d00800000 SAVEUIP_REGOVR(0x01, U1a49, 0x0000) 01a93100 SEQW GOTO U2931 U1a49: 000800000000 NOP U1a4a: 000800000000 NOP U1a4c: 000000000000 NOP 01ba6400 SEQW GOTO U3a64 ------------------------------------------------------------------------------------ U1a4d: 000801138008 tmp8:= ZEROEXT_DSZ32(0x00000401) U1a4e: 09282e380236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000000, U0e2e) U1a50: 000803138008 tmp8:= ZEROEXT_DSZ32(0x00000403) U1a51: 09282e780236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000001, U0e2e) U1a52: 0008031f8008 tmp8:= ZEROEXT_DSZ32(0x00000703) U1a54: 09282eb80236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000002, U0e2e) U1a55: 0008890f8009 tmp8:= ZEROEXT_DSZ32(0x00002389) U1a56: 092830f80236 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000003, U0e30) 0903e480 SEQW GOTO U03e4 ------------------------------------------------------------------------------------ U1a58: 0cc608e38c66 SYNCWAIT-> tmp8:= unk_cc6(rsi, tmp1) U1a59: 0cce08a38c67 tmp8:= unk_cce(rdi, tmp1) U1a5a: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U1a5c: 0cc608e38c66 tmp8:= unk_cc6(rsi, tmp1) U1a5d: 0cce08a38c67 tmp8:= unk_cce(rdi, tmp1) U1a5e: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 019a58a6 SEQW GOTO U1a58 ------------------------------------------------------------------------------------ U1a60: 10850003f034 tmp15:= SUB_DSZN(tmp4) U1a61: 00240403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000004) U1a62: 1189000269bf rsi:= ADDSUB_DSZ16_CONDD(tmp15, rsi) U1a64: 1189000279ff rdi:= ADDSUB_DSZ16_CONDD(tmp15, rdi) U1a65: 00250003fcbf tmp15:= SHR_DSZ32(tmp15, tmp2) U1a66: 10850002187f rcx:= SUB_DSZN(tmp15, rcx) U1a68: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U1a69: 000800034000 tmp4:= ZEROEXT_DSZ32(0x00000000) 01b8e48d SEQW URET1 ------------------------------------------------------------------------------------ U1a6a: 100a00000380 TESTUSTATE(SYS, 0xc000) 01b8e48d ? SEQW GOTO U38e4 U1a6c: 006262172200 tmp2:= MOVEFROMCREG_DSZ64(0x562) U1a6d: 0047ff3f2c88 tmp2:= NOTAND_DSZ64(0x00000fff, tmp2) U1a6e: 000a00400200 TESTUSTATE(UCODE, 0x1000) 01b8de80 ? SEQW GOTO U38de U1a70: 100a20000200 TESTUSTATE(SYS, UST_SMM) 019aa400 ? SEQW GOTO U1aa4 U1a71: 006377030200 tmp0:= READURAM(0x0077, 64) U1a72: 386bdea00630 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000022, U38de) U1a74: 2d0bdc43000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000050dc) U1a75: 386ade200230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U38de) U1a76: 100a00840200 TESTUSTATE(SYS, !UST_VMX_OP_DIS) 01b8de80 ? SEQW GOTO U38de U1a78: 006263170200 tmp0:= MOVEFROMCREG_DSZ64(0x563) U1a79: 386bdee002b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000000b, U38de) U1a7a: 1062800b0240 tmp0:= MOVEFROMCREG_DSZ64(0x280, 32) U1a7c: 386ade600330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U38de) U1a7d: 006205073200 tmp3:= MOVEFROMCREG_DSZ64(0x105) U1a7e: 386adea00233 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000002, U38de) U1a80: 000808030008 tmp0:= ZEROEXT_DSZ32(0x00000008) 0960aa10 SEQW SAVEUIP0 U1a81 SEQW GOTO U60aa U1a81: 000433077dd0 tmp7:= AND_DSZ32(0x00ff0000, tmp7) U1a82: 0151de600277 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, U38de) U1a84: 000d20bc0000 SAVEUIP_REGOVR(0x01, U1a85, 0x0f20) 019ab600 SEQW GOTO U1ab6 U1a85: 004000433c88 tmp3:= ADD_DSZ64(0x00001000, tmp2) U1a86: 002100030822 tmp0:= CONCAT_DSZ32(rdx, rax) U1a88: 104800030030 tmp0:= ZEROEXT_DSZ64N(tmp0) U1a89: 006263177200 tmp7:= MOVEFROMCREG_DSZ64(0x563) U1a8a: 0047ff3f7dc8 tmp7:= NOTAND_DSZ64(0x00000fff, tmp7) U1a8c: 00400003fcf5 tmp15:= ADD_DSZ64(tmp5, tmp3) U1a8d: 00440003fff7 tmp15:= AND_DSZ64(tmp7, tmp15) U1a8e: 004400037cb7 tmp7:= AND_DSZ64(tmp7, tmp2) U1a90: 3929d9200dff CMPUJNZ_DIRECT_NOTTAKEN(tmp15, tmp7, U38d9) U1a91: 10400003fc35 tmp15:= ADD_DSZN(tmp5, tmp0) U1a92: 025d0003ffff tmp15:= TEST_DSZ64(tmp15, tmp15) U1a94: 0150d960027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U38d9) U1a95: 204255000010 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000015, 0x000) U1a96: 0d3000031030 tmp1:= LDZX_DSZ32_ASZ32_SC1(tmp0) U1a98: 0e2d00071033 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp3, mode=0x01, tmp1) U1a99: 000804036008 tmp6:= ZEROEXT_DSZ32(0x00000004) U1a9a: 0d7000031db0 LFNCEWAIT-> tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp0, tmp6) U1a9c: 0e6d00071db3 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, tmp6, mode=0x01, tmp1) U1a9d: 000008036d88 tmp6:= ADD_DSZ32(0x00000008, tmp6) U1a9e: 2928a0280db5 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, tmp6, U1aa0) 051a9a80 SEQW GOTO U1a9a ------------------------------------------------------------------------------------ U1aa0: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U1aa1: 0fef01000000 LBSYNC(0x00000001) U1aa2: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U1aa4: 3962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U1aa5: 0e6d18073032 LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000018, mode=0x01, tmp3) U1aa6: 004000033cf5 tmp3:= ADD_DSZ64(tmp5, tmp3) U1aa8: 204315000233 WRITEURAM(tmp3, 0x0015, 64) U1aa9: 0e6d20040032 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000020, mode=0x01, 0x00000000) 019ea640 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U1aaa: 00080f031008 tmp1:= ZEROEXT_DSZ32(0x0000000f) U1aac: 022200033031 tmp3:= unk_222(tmp1) U1aad: 00080f032008 tmp2:= ZEROEXT_DSZ32(0x0000000f) U1aae: 022200032032 tmp2:= unk_222(tmp2) U1ab0: 00e100030cf2 tmp0:= CONCAT_DSZ8(tmp2, tmp3) U1ab1: 00a100030c31 tmp0:= CONCAT_DSZ16(tmp1, tmp0) U1ab2: 1062e01f2240 tmp2:= MOVEFROMCREG_DSZ64(0x7e0, 32) U1ab4: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U1ab5: 006401032232 tmp2:= SHL_DSZ64(tmp2, 0x00000001) 01f78440 SEQW GOTO U7784 ------------------------------------------------------------------------------------ U1ab6: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1ab8: 006262155200 tmpv1:= MOVEFROMCREG_DSZ64(0x562) U1ab9: 0047ff3d5548 tmpv1:= NOTAND_DSZ64(0x00000fff, tmpv1) U1aba: 2e2a00054015 tmpv0:= LDPPHYS_DSZ32_ASZ64_SC1(tmpv1, mode=0x01) U1abc: 000801016008 tmpv2:= ZEROEXT_DSZ32(0x00000001) U1abd: 2e2800056015 STADPPHYS_DSZ32_ASZ64_SC1(tmpv1, mode=0x01, tmpv2) U1abe: 2929ba280014 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmpv0, 0x00000000, U1aba) U1ac0: 006353016200 tmpv2:= READURAM(0x0053, 64) U1ac1: 096353080316 unk_963(tmpv2, 0x00008253) 018a958d SEQW URET1 ------------------------------------------------------------------------------------ U1ac2: 000d00800000 SAVEUIP_REGOVR(0x01, U1ac4, 0x0000) 018a958d SEQW GOTO U0a95 U1ac4: 000d35a40380 SAVEUIP_REGOVR(0x01, U1ac5, 0xc935) 018d5200 SEQW GOTO U0d52 U1ac5: 000806032008 tmp2:= ZEROEXT_DSZ32(0x00000006) U1ac6: 0008df071010 tmp1:= ZEROEXT_DSZ32(0x70000000) U1ac8: 000880033008 tmp3:= ZEROEXT_DSZ32(0x00000080) U1ac9: 00080003c000 tmp12:= ZEROEXT_DSZ32(0x00000000) U1aca: 000d08800000 SAVEUIP_REGOVR(0x01, U1acc, 0x0008) 01ab1580 SEQW GOTO lbsync_full U1acc: 09623a580240 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000005, 0x63a) U1acd: 000e7f040200 WRMSLOOPCTRFBR(0x0000017f) U1ace: 000800000000 NOP U1ad0: 0def00000032 LFNCEWAIT-> unk_def(tmp2) U1ad1: 000040032c88 tmp2:= ADD_DSZ32(0x00000040, tmp2) U1ad2: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 021ad080 ? SEQW GOTO U1ad0 U1ad4: 00520f000f3c ROVR<- UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp12, tmp12) 01b2cd1c SEQW SAVEUIP1 U1ad5 SEQW GOTO U32cd U1ad5: 10629e0f6240 tmp6:= MOVEFROMCREG_DSZ64(0x39e, 32) U1ad6: 0062c51b5200 tmp5:= MOVEFROMCREG_DSZ64(0x6c5) U1ad8: 000708035d48 tmp5:= NOTAND_DSZ32(0x00000008, tmp5) U1ad9: 00040007fd90 tmp15:= AND_DSZ32(0x00400000, tmp6) U1ada: 00251303f23f tmp15:= SHR_DSZ32(tmp15, 0x00000013) U1adc: 2902c5180ff5 SYNCMARK-> MOVETOCREG_OR_DSZ64(tmp5, tmp15, 0x6c5) U1add: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U1ade: 286be02802b6 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x00000008, U1ae0) 0c1ae980 SEQW GOTO U1ae9 ------------------------------------------------------------------------------------ U1ae0: 286be42803f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000001c, U1ae4) U1ae1: 00052e477f88 tmp7:= SUB_DSZ32(0x0000112e, tmp14) U1ae2: 0151046c0237 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, U1b04) U1ae4: 204373000236 WRITEURAM(tmp6, 0x0073, 64) U1ae5: 033a00033033 ROVR<- tmp3:= STC(tmp3) 0932cd5d SEQW SAVEUIP1 U1ae6 SEQW GOTO U32cd U1ae6: 39629e0c02b6 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp6, 0x00000008, 0x39e) U1ae8: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U1ae9: 0004ff036d88 tmp6:= AND_DSZ32(0x000000ff, tmp6) U1aea: 022200036036 tmp6:= unk_222(tmp6) U1aec: 000000036db6 tmp6:= ADD_DSZ32(tmp6, tmp6) U1aed: 000800038031 tmp8:= ZEROEXT_DSZ32(tmp1) U1aee: 000800031038 tmp1:= ZEROEXT_DSZ32(tmp8) U1af0: 00009a038e10 tmp8:= ADD_DSZ32(0x00040000, tmp8) U1af1: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U1af2: 000eff0c0200 WRMSLOOPCTRFBR(0x000003ff) U1af4: 0fdf00000031 unk_fdf(tmp1) U1af5: 000040031c48 tmp1:= ADD_DSZ32(0x00000040, tmp1) U1af6: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 019af480 ? SEQW GOTO U1af4 U1af8: 000a20800200 SYNCWAIT-> TESTUSTATE(UCODE, !0x0020) 0a1b0000 ? SEQW GOTO U1b00 U1af9: 000eff0c0200 WRMSLOOPCTRFBR(0x000003ff) U1afa: 000800000000 NOP U1afc: 0fdf00000031 unk_fdf(tmp1) U1afd: 000040031c48 tmp1:= ADD_DSZ32(0x00000040, tmp1) U1afe: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 019afc80 ? SEQW GOTO U1afc U1b00: 0150016c0236 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U1b01) 019aee00 SEQW GOTO U1aee ------------------------------------------------------------------------------------ U1b01: 000800000000 NOP U1b02: 000800000000 NOP U1b04: 000d06800000 SAVEUIP_REGOVR(0x01, U1b05, 0x0006) 092b1500 SEQW GOTO lbsync_full U1b05: 005200000fbc UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp12, tmp14) U1b06: 0fcf00000033 SYNCFULL-> unk_fcf(tmp3) U1b08: 000d06800000 SAVEUIP_REGOVR(0x01, U1b09, 0x0006) 01ab1500 SEQW GOTO lbsync_full U1b09: 00529a0c0233 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp3, U039a) U1b0a: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U1b0c: 00098b031008 tmp1:= MOVE_DSZ32(0x0000008b) U1b0d: 00a10c6f1231 tmp1:= CONCAT_DSZ16(tmp1, 0x00001b0c) U1b0e: 204307080231 WRITEURAM(tmp1, 0x0007, 32) 0184fc92 SEQW SAVEUIP0 U1b10 SEQW GOTO U04fc U1b10: 00631f031200 tmp1:= READURAM(0x001f, 64) U1b11: 000103031c48 tmp1:= OR_DSZ32(0x00000003, tmp1) U1b12: 20431f080231 WRITEURAM(tmp1, 0x001f, 32) 01a17096 SEQW SAVEUIP1 U1b14 SEQW GOTO U2170 U1b14: 0008001b2008 tmp2:= ZEROEXT_DSZ32(0x00000600) U1b15: 3042f1080272 MOVETOCREG_DSZ64(tmp2, 0x2f1, 32) U1b16: 021e0b000200 SIGEVENT(0x0000000b) U1b18: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) U1b19: 000817079010 tmp9:= ZEROEXT_DSZ32(0x007dafdf) U1b1a: 0021155b9239 tmp9:= CONCAT_DSZ32(tmp9, 0x00001615) U1b1c: 39629e0802c0 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x0000000c, 0x29e) U1b1d: 000808038008 tmp8:= ZEROEXT_DSZ32(0x00000008) U1b1e: 0008a003b010 tmp11:= ZEROEXT_DSZ32(0x00061101) U1b20: 000cac000280 SAVEUIP(0x00, U40ac) 01e69c00 SEQW GOTO U669c ------------------------------------------------------------------------------------ U1b21: 0047ff3f0c08 tmp0:= NOTAND_DSZ64(0x00000fff, tmp0) U1b22: 004400037db0 tmp7:= AND_DSZ64(tmp0, tmp6) U1b24: 00627417d200 tmp13:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U1b25: 00440003df70 tmp13:= AND_DSZ64(tmp0, tmp13) U1b26: 29292a2c0f77 CMPUJNZ_DIRECT_NOTTAKEN(tmp7, tmp13, U1b2a) U1b28: 00621b176200 tmp6:= MOVEFROMCREG_DSZ64(0x51b) U1b29: 290213d40236 MOVETOCREG_OR_DSZ64(tmp6, 0x00000003, 0x513) U1b2a: 000c52335200 tmp5:= SAVEUIP(0x00, U0c52) 01dee880 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U1b2c: 0062fe1f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1b2d: 001612033232 tmp3:= BTR_DSZ32(tmp2, 0x00000012) U1b2e: 00629e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x79e) U1b30: 004503031c48 tmp1:= SUB_DSZ64(0x00000003, tmp1) U1b31: 017e00033c73 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp1) U1b32: 017400033cb3 tmp3:= CMOVCC_DSZ64_CONDZ(tmp3, tmp2) U1b34: 2042fe1c0233 LFNCEMARK-> MOVETOCREG_DSZ64(tmp3, CORE_CR_EFLAGS) U1b35: 00880003a03a tmp10:= ZEROEXT_DSZ16(tmp10) U1b36: 021e13000200 SIGEVENT(0x00000013) U1b38: 188f3b83003b tmp0:= unk_88f(tmp11) U1b39: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U1b3a: 0ccc00608030 LFNCEWAIT-> tmp0:= unk_ccc(tmp0) U1b3c: 04b41183f208 tmm7:= FMOV(0x00000011) U1b3d: 10800a030230 tmp0:= ADD_DSZN(tmp0, 0x0000000a) U1b3e: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 019b3a80 SEQW GOTO U1b3a ------------------------------------------------------------------------------------ U1b40: 2042fe1c0232 MOVETOCREG_DSZ64(tmp2, CORE_CR_EFLAGS) 02807800 SEQW GOTO U0078 ------------------------------------------------------------------------------------ U1b41: 19629dc80200 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000003, 0x29d) U1b42: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U1b44: 000d10880000 SAVEUIP_REGOVR(0x01, U1b45, 0x0210) 01a81d00 SEQW GOTO U281d U1b45: 003301030230 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000001) U1b46: 2962c5980270 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000006, 0x6c5) U1b48: 0e251c07d034 tmp13:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x0000001c, mode=0x01) U1b49: 00082e47e008 tmp14:= ZEROEXT_DSZ32(0x0000112e) U1b4a: 000cc5e80200 SAVEUIP(0x01, U1ac5) 01db5680 SEQW GOTO U5b56 ------------------------------------------------------------------------------------ U1b4c: 0062fe1f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1b4d: 001612033232 tmp3:= BTR_DSZ32(tmp2, 0x00000012) U1b4e: 00629e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x79e) U1b50: 004503031c48 tmp1:= SUB_DSZ64(0x00000003, tmp1) U1b51: 017e00033c73 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp1) U1b52: 017400033cb3 tmp3:= CMOVCC_DSZ64_CONDZ(tmp3, tmp2) U1b54: 2042fe1c0233 LFNCEMARK-> MOVETOCREG_DSZ64(tmp3, CORE_CR_EFLAGS) U1b55: 073a0003a000 tmm2:= unk_73a(0x00000000) U1b56: 021e13000200 SIGEVENT(0x00000013) U1b58: 188f3b83503b tmp5:= unk_88f(tmp11) U1b59: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U1b5a: 0cf700608035 LFNCEWAIT-> tmp0:= unk_cf7(tmp5) U1b5c: 04b41183f208 tmm7:= FMOV(0x00000011) U1b5d: 10800a035235 tmp5:= ADD_DSZN(tmp5, 0x0000000a) U1b5e: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 019b5a80 SEQW GOTO U1b5a ------------------------------------------------------------------------------------ U1b60: 2042fe1c0232 MOVETOCREG_DSZ64(tmp2, CORE_CR_EFLAGS) 04aba500 SEQW GOTO U2ba5 ------------------------------------------------------------------------------------ U1b61: 0c001863403b LFNCEMARK-> tmp4:= LDZX_DSZ32_ASZ32_SC1(tmp11, 0x00000018, mode=0x18) U1b62: 002510039230 tmp9:= SHR_DSZ32(tmp0, 0x00000010) U1b64: 0cf54060003b LDHINT_BUFFER_ASZ32_SC1(tmp11) U1b65: 0007000b2232 tmp2:= NOTAND_DSZ32(tmp2, 0x00000200) U1b66: 0004410b3d10 tmp3:= AND_DSZ32(0xffff0000, tmp4) U1b68: 07070003d034 tmm5:= unk_707(mm4) U1b69: 0151111c0273 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, generate_#GP) U1b6a: 000c5e03d288 tmp13:= SAVEUIP(0x00, U405e) 04ed4880 SEQW GOTO U6d48 ------------------------------------------------------------------------------------ U1b6c: 000404031c88 tmp1:= AND_DSZ32(0x00000004, tmp2) U1b6d: 0151ec5c0231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, uend) U1b6e: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U1b70: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U1b71: 29028c134634 LFNCEMARK-> tmp4:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000020, 0x48c) U1b72: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U1b74: 0150756c0231 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U1b75) 051b7800 SEQW GOTO U1b78 ------------------------------------------------------------------------------------ U1b75: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U1b76: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U1b78: 000544031c10 tmp1:= SUB_DSZ32(0x0000fffd, tmp0) U1b79: 03507a6c0231 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U1b7a) 01ead240 SEQW GOTO U6ad2 ------------------------------------------------------------------------------------ U1b7a: 00053d031c10 tmp1:= SUB_DSZ32(0x0000ffbb, tmp0) U1b7c: 03507d6c0231 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U1b7d) 01bfcd00 SEQW GOTO U3fcd ------------------------------------------------------------------------------------ U1b7d: 000800000000 NOP U1b7e: 000800000000 NOP U1b80: 26a10000823f mm0:= unk_6a1(tmm7, 0x00000000) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U1b81: 0c4b80132000 tmp2:= RDSEGFLD(UNK_SEG_04, SEL) U1b82: 000707037c88 tmp7:= NOTAND_DSZ32(0x00000007, tmp2) U1b84: 0d6200180037 unk_d62(tmp7) U1b85: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U1b86: 000707037c88 tmp7:= NOTAND_DSZ32(0x00000007, tmp2) U1b88: 0d6200180037 unk_d62(tmp7) U1b89: 0c4b80132000 tmp2:= RDSEGFLD(UNK_SEG_04, SEL) U1b8a: 0088d273d009 tmp13:= ZEROEXT_DSZ16(0x00003cd2) 01c6f980 SEQW GOTO U46f9 ------------------------------------------------------------------------------------ U1b8c: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U1b8d: 0eff00000000 unk_eff(0x00000000) U1b8e: 000d08800000 SAVEUIP_REGOVR(0x01, U1b90, 0x0008) 01ab1580 SEQW GOTO lbsync_full U1b90: 00562b030230 tmp0:= BTR_DSZ64(tmp0, 0x0000002b) U1b91: 00435c000230 WRITEURAM(tmp0, 0x005c, 64) U1b92: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 019b9880 ? SEQW GOTO U1b98 U1b94: 000827030008 tmp0:= ZEROEXT_DSZ32(0x00000027) U1b95: 00081d033008 tmp3:= ZEROEXT_DSZ32(0x0000001d) U1b96: 000df3800000 SAVEUIP_REGOVR(0x01, U1b98, 0x00f3) 019d8e80 SEQW GOTO U1d8e U1b98: 000a00c00240 TESTUSTATE(UCODE, !0x3000) 01aebd00 ? SEQW GOTO U2ebd U1b99: 104100030021 tmp0:= OR_DSZN(rcx) U1b9a: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U1b9c: 0cfd00600020 unk_cfd(rax) U1b9d: 000900000000 MOVE_DSZ32(0x00000000) U1b9e: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U1ba0: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 023210b0 SEQW UEND0 ------------------------------------------------------------------------------------ U1ba1: 006520039237 tmp9:= SHR_DSZ64(tmp7, 0x00000020) U1ba2: 100a80837237 tmp7:= TESTUSTATE(tmp7, SYS, !UST_VMX_GUEST) 023210b0 ? SEQW GOTO uend0 U1ba4: 006385035200 tmp5:= READURAM(0x0085, 64) U1ba5: 006386036200 tmp6:= READURAM(0x0086, 64) 01b04451 SEQW SAVEUIP0 U1ba6 SEQW GOTO U3044 U1ba6: 004500034cb6 tmp4:= SUB_DSZ64(tmp6, tmp2) U1ba8: 004500034d37 tmp4:= SUB_DSZ64(tmp7, tmp4) U1ba9: 004500038cb5 tmp8:= SUB_DSZ64(tmp5, tmp2) U1baa: 004500038e39 tmp8:= SUB_DSZ64(tmp9, tmp8) U1bac: 017e0003ad35 tmp10:= MOVEMERGEFLGS_DSZ64(tmp5, tmp4) U1bad: 01760003acba tmp10:= CMOVCC_DSZ64_CONDBE(tmp10, tmp2) U1bae: 004500034eb5 tmp4:= SUB_DSZ64(tmp5, tmp10) U1bb0: 017e00034e34 tmp4:= MOVEMERGEFLGS_DSZ64(tmp4, tmp8) U1bb1: 017701034234 tmp4:= CMOVCC_DSZ64_CONDNBE(tmp4, 0x00000001) U1bb2: 004100034d34 tmp4:= OR_DSZ64(tmp4, tmp4) U1bb4: 0150823802b4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, do_vmexit_ovr_enter_rip) U1bb5: 20438500023a WRITEURAM(tmp10, 0x0085, 64) U1bb6: 204386000232 SYNCMARK-> WRITEURAM(tmp2, 0x0086, 64) 0d321080 SEQW GOTO uend0 ------------------------------------------------------------------------------------ U1bb8: 125600000000 LFNCEWAIT-> unk_256(0x00000000) U1bb9: 00651c036236 tmp6:= SHR_DSZ64(tmp6, 0x0000001c) U1bba: 0044ff3f6d88 tmp6:= AND_DSZ64(0x00000fff, tmp6) U1bbc: 108000038dbb tmp8:= ADD_DSZN(tmp11, tmp6) U1bbd: 286abe2c02b5 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000008, U1bbe) 01808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U1bbe: 125600000000 unk_256(0x00000000) U1bc0: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U1bc1: 286aec5c02f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000d, uend) U1bc2: 0062f01f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7f0) U1bc4: 186a111c0230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, generate_#GP) U1bc5: 00633a030200 tmp0:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U1bc6: 006518030230 tmp0:= SHR_DSZ64(tmp0, 0x00000018) U1bc8: 004400070c08 tmp0:= AND_DSZ64(0x00000100, tmp0) U1bc9: 004700030c34 tmp0:= NOTAND_DSZ64(tmp4, tmp0) U1bca: 0150cc6c0230 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U1bcc) 05008e80 SEQW GOTO U008e ------------------------------------------------------------------------------------ U1bcc: 086ab11502b4 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp4, 0x00000008, U45b1) U1bcd: 000c8e800200 SAVEUIP(0x01, U008e) 045f3140 SEQW GOTO U5f31 ------------------------------------------------------------------------------------ U1bce: 00161f03023b tmp0:= BTR_DSZ32(tmp11, 0x0000001f) U1bd0: 000508030c08 tmp0:= SUB_DSZ32(0x00000008, tmp0) U1bd1: 013e00032c32 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp0) U1bd2: 01370003bef2 tmp11:= CMOVCC_DSZ32_CONDNBE(tmp2, tmp11) U1bd4: 01538e1c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp0, U478e) U1bd5: 00240303023b LFNCEMARK-> tmp0:= SHL_DSZ32(tmp11, 0x00000003) U1bd6: 0000a4071270 tmp1:= ADD_DSZ32(tmp0, 0x000021a4) U1bd8: 015100000c70 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, tmp1) U1bd9: 008808020ec8 rax:= ZEROEXT_DSZ16(0x00000008, tmp11) 0417ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U1bda: 000501014008 tmpv0:= SUB_DSZ32(0x00000001) U1bdc: 000720014508 tmpv0:= NOTAND_DSZ32(0x00000020, tmpv0) U1bdd: 3042c4080254 MOVETOCREG_DSZ64(tmpv0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U1bde: 006320014200 tmpv0:= READURAM(0x0020, 64) U1be0: 005401014214 tmpv0:= BT_DSZ64(tmpv0, 0x00000001) U1be1: 0073006d4254 tmpv0:= SELECTCC_DSZ64_CONDNB(tmpv0, 0x00003b00) U1be2: 0e7d2003e014 STADSTGBUF_DSZ64_ASZ16_SC1(tmpv0, 0x00000020, tmp14) U1be4: 00081575400a tmpv0:= ZEROEXT_DSZ32(0x00005d15) U1be5: 00a1ee014508 tmpv0:= CONCAT_DSZ16(0x000000ee, tmpv0) U1be6: 204307080214 WRITEURAM(tmpv0, 0x0007, 32) 01dd1e80 SEQW GOTO U5d1e ------------------------------------------------------------------------------------ U1be8: 000e00834000 tmp4:= WRMSLOOPCTRFBR(0x00000000) U1be9: 002147032c90 tmp2:= CONCAT_DSZ32(0x00010000, tmp2) U1bea: 018901030008 tmp0:= ADDSUB_DSZ16_CONDD(0x00000001) U1bec: 023101030230 tmp0:= SELECTCC_DSZ32_CONDNS(tmp0, 0x00000001) U1bed: 108500030870 tmp0:= SUB_DSZN(tmp0, rcx) U1bee: 108526030c10 tmp0:= SUB_DSZN(0x00008000, tmp0) U1bf0: 10852703ec10 tmp14:= SUB_DSZN(0x00008001, tmp0) U1bf1: 013ee86fef88 tmp14:= MOVEMERGEFLGS_DSZ32(0x00001be8, tmp14) U1bf2: 00375823e2fe tmp14:= CMOVCC_DSZ32_CONDNB(tmp14, 0x00006858) U1bf4: 013e5e13fc08 tmp15:= MOVEMERGEFLGS_DSZ32(0x0000045e, tmp0) U1bf5: 01340003efbf tmp14:= CMOVCC_DSZ32_CONDZ(tmp15, tmp14) U1bf6: 000c8e9b1200 tmp1:= SAVEUIP(0x01, U068e) U1bf8: 01420b000f80 UFLOWCTRL(URET1, tmp14) U1bf9: 1c0808a20c67 SYNCWAIT-> STAD_DSZN_ASZ32_SC1(rdi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x08, rax) U1bfa: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U1bfc: 1c0808a20c67 STAD_DSZN_ASZ32_SC1(rdi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x08, rax) U1bfd: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 019bf965 SEQW GOTO U1bf9 ------------------------------------------------------------------------------------ U1bfe: 10850003f034 tmp15:= SUB_DSZN(tmp4) U1c00: 00240003fcbf tmp15:= SHL_DSZ32(tmp15, tmp2) 019a6400 SEQW GOTO U1a64 ------------------------------------------------------------------------------------ U1c01: 108100034021 tmp4:= OR_DSZN(rcx) U1c02: 021e2f000200 SIGEVENT(0x0000002f) U1c04: 015066100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U0466) U1c05: 1c0200200027 unk_c02(rdi) 03761555 SEQW SAVEUIP1 U1c06 SEQW GOTO U7615 U1c06: 1c0800230027 LFNCEWAIT-> STAD_DSZN_ASZ32_SC1(rdi, mode=0x08, tmp0) U1c08: 108501034d08 tmp4:= SUB_DSZN(0x00000001, tmp4) U1c09: 108800021874 rcx:= ZEROEXT_DSZ16N(tmp4, rcx) U1c0a: 11890b8279c8 MSLOOP-> rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 019c04a6 SEQW GOTO U1c04 ------------------------------------------------------------------------------------ U1c0c: 0044bf3f9d08 tmp9:= AND_DSZ64(0x00000fbf, tmp4) U1c0d: 29290eb003f9 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x0000001e, U1c0e) 019c1040 SEQW GOTO U1c10 ------------------------------------------------------------------------------------ U1c0e: 09292e2003b9 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x00000018, U082e) U1c10: 006310039200 tmp9:= READURAM(0x0010, 64) U1c11: 00880003ae40 tmp10:= ZEROEXT_DSZ16(tmp9) U1c12: 00440003aeb4 tmp10:= AND_DSZ64(tmp4, tmp10) U1c14: 01512e20023a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U082e) U1c15: 00650b039234 tmp9:= SHR_DSZ64(tmp4, 0x0000000b) U1c16: 000101039e48 tmp9:= OR_DSZ32(0x00000001, tmp9) U1c18: 000803034008 tmp4:= ZEROEXT_DSZ32(0x00000003) U1c19: 000c3c100200 SAVEUIP(0x00, U043c) U1c1a: 000cecdc0200 SAVEUIP(0x01, uend) U1c1c: 016300039e74 tmp9:= unk_163(tmp4, tmp9) U1c1d: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1c1e: 00629d1f4200 LFNCEMARK-> tmp4:= MOVEFROMCREG_DSZ64(0x79d) 050000d6 SEQW SAVEUIP1 U1c20 U1c20: 00040f039e48 tmp9:= AND_DSZ32(0x0000000f, tmp9) U1c21: 0150755c02b9 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U5775) U1c22: 01d700037039 tmp7:= unk_1d7(tmp9) U1c24: 00429d1c0237 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp7, 0x79d) U1c25: 001600039df9 tmp9:= BTR_DSZ32(tmp9, tmp7) 061c2989 SEQW URET0 ------------------------------------------------------------------------------------ U1c26: 000a10000200 TESTUSTATE(UCODE, 0x0010) 061c2989 ? SEQW GOTO U1c29 U1c28: 000a44000200 TESTUSTATE(UCODE, 0x0044) 019c3200 ? SEQW GOTO U1c32 U1c29: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U1c2a: 000703030c08 tmp0:= NOTAND_DSZ32(0x00000003, tmp0) U1c2c: 104285080270 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, CTAP_CR_DFX_CTL_STS, 32) U1c2d: 10420c080240 MOVETOCREG_DSZ64(0x00000000, 0x20c, 32) U1c2e: 1962e9880280 MOVETOCREG_BTS_DSZ64(0x0000000a, 0x2e9) U1c30: 10428b0c0240 MOVETOCREG_DSZ64(0x00000000, 0x38b, 32) U1c31: 1042920c0240 MOVETOCREG_DSZ64(0x00000000, 0x392, 32) U1c32: 004211100200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x411) U1c34: 004264000200 MOVETOCREG_DSZ64(0x00000000, 0x064) U1c35: 004206040200 MOVETOCREG_DSZ64(0x00000000, 0x106) U1c36: 004288100200 MOVETOCREG_DSZ64(0x00000000, 0x488) U1c38: 004280180200 MOVETOCREG_DSZ64(0x00000000, 0x680) U1c39: 00424d1c0200 MOVETOCREG_DSZ64(0x00000000, 0x74d) U1c3a: 00423c180200 MOVETOCREG_DSZ64(0x00000000, 0x63c) U1c3c: 1062bc0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2bc, 32) U1c3d: 1a62bc080230 MOVETOCREG_BTR_DSZ64(tmp0, 0x2bc) U1c3e: 00623b1b1200 tmp1:= MOVEFROMCREG_DSZ64(0x63b) U1c40: 09623b1b13f1 tmp1:= MOVETOCREG_BTS_DSZ64(tmp1, 0x0000001c, 0x63b) U1c41: 000a30800200 TESTUSTATE(UCODE, !0x0030) 01cab640 ? SEQW GOTO U4ab6 U1c42: 1062360b1240 tmp1:= MOVEFROMCREG_DSZ64(0x236, 32) U1c44: 286b42b00231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000002, U1c42) U1c45: 00080103b008 tmp11:= ZEROEXT_DSZ32(0x00000001) U1c46: 20437308023b WRITEURAM(tmp11, 0x0073, 32) U1c48: 1062c20b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2c2, 32) U1c49: 3a62c2480270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000005, 0x2c2) U1c4a: 000000000000 NOP 01c40696 SEQW SAVEUIP1 U1c4c SEQW GOTO U4406 U1c4c: 00085d030010 tmp0:= ZEROEXT_DSZ32(0x00011000) U1c4d: 204231180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x631) U1c4e: 000800000000 NOP U1c50: 004234180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x634) U1c51: 004235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U1c52: 004236180200 MOVETOCREG_DSZ64(0x00000000, 0x636) U1c54: 004237180200 MOVETOCREG_DSZ64(0x00000000, 0x637) U1c55: 004238180200 MOVETOCREG_DSZ64(0x00000000, 0x638) U1c56: 296230580300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x630) U1c58: 000a20000200 TESTUSTATE(UCODE, 0x0020) 01cabd00 ? SEQW GOTO U4abd U1c59: 00080203b008 tmp11:= ZEROEXT_DSZ32(0x00000002) U1c5a: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U1c5c: 000800000000 NOP U1c5d: 000800000000 NOP U1c5e: 2d0b381b600a tmp6:= PORTIN_DSZ32_ASZ16_SC1(0x00004638) U1c60: 002516037236 tmp7:= SHR_DSZ32(tmp6, 0x00000016) U1c61: 002510039236 tmp9:= SHR_DSZ32(tmp6, 0x00000010) U1c62: 00043f039e48 tmp9:= AND_DSZ32(0x0000003f, tmp9) U1c64: 013503039239 tmp9:= CMOVCC_DSZ32_CONDNZ(tmp9, 0x00000003) U1c65: 013e00037e77 tmp7:= MOVEMERGEFLGS_DSZ32(tmp7, tmp9) U1c66: 011600037dc0 tmp7:= unk_116(tmp7) U1c68: 022600037df9 tmp7:= unk_226(tmp9, tmp7) U1c69: 011400000dc0 unk_114(tmp7) U1c6a: 10622a0b8240 tmp8:= MOVEFROMCREG_DSZ64(0x22a, 32) U1c6c: 10628c0f9240 tmp9:= MOVEFROMCREG_DSZ64(0x38c, 32) U1c6d: 10628e0fc240 tmp12:= MOVEFROMCREG_DSZ64(0x38e, 32) U1c6e: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01db9880 ? SEQW GOTO U5b98 U1c70: 1042c3080277 MOVETOCREG_DSZ64(tmp7, 0x2c3, 32) U1c71: 1062d80b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d8, 32) U1c72: 0047f2030c10 tmp0:= NOTAND_DSZ64(0x003f0000, tmp0) U1c74: 002408036236 tmp6:= SHL_DSZ32(tmp6, 0x00000008) U1c75: 0004f2036d90 tmp6:= AND_DSZ32(0x003f0000, tmp6) U1c76: 1902d8080db0 MOVETOCREG_OR_DSZ64(tmp0, tmp6, 0x2d8) U1c78: 1062380b0240 tmp0:= MOVEFROMCREG_DSZ64(0x238, 32) U1c79: 0001000f0c08 tmp0:= OR_DSZ32(0x00000300, tmp0) U1c7a: 104238080270 MOVETOCREG_DSZ64(tmp0, 0x238, 32) U1c7c: 1062940f0240 tmp0:= MOVEFROMCREG_DSZ64(0x394, 32) U1c7d: 001516030230 tmp0:= BTS_DSZ32(tmp0, 0x00000016) U1c7e: 1042940c0270 MOVETOCREG_DSZ64(tmp0, 0x394, 32) U1c80: 286a1d6003f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000001d, U181d) U1c81: 00080303b008 tmp11:= ZEROEXT_DSZ32(0x00000003) U1c82: 20437308023b WRITEURAM(tmp11, 0x0073, 32) U1c84: 086b2a7002b8 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x00000009, U0c2a) U1c85: 1062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U1c86: 0001ad071430 tmp1:= OR_DSZ32(tmp0, 0x38000000) U1c88: 0001110b0431 tmp0:= OR_DSZ32(tmp1, 0xc0000040) U1c89: 000c20600200 SAVEUIP(0x00, U1820) 01830240 SEQW GOTO U0302 ------------------------------------------------------------------------------------ U1c8a: 0d6b00013036 tmp7:= unk_d6b(tmp6) U1c8c: 0004010384c8 tmp8:= AND_DSZ32(0x00000001, tmp7) U1c8d: 017000038d38 tmp8:= SELECTCC_DSZ64_CONDZ(tmp8, tmp4) U1c8e: 0044000384f8 tmp8:= AND_DSZ64(tmp8, tmp7) U1c90: 01513e200238 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U083e) U1c91: 000008036d88 LFNCEMARK-> tmp6:= ADD_DSZ32(0x00000008, tmp6) U1c92: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 049c8a80 SEQW GOTO U1c8a ------------------------------------------------------------------------------------ U1c94: 004240140233 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp3, 0x540) U1c95: 004241140232 MOVETOCREG_DSZ64(tmp2, 0x541) U1c96: 004242140231 MOVETOCREG_DSZ64(tmp1, 0x542) U1c98: 004243140230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x543) 0417de00 SEQW GOTO U17de ------------------------------------------------------------------------------------ U1c99: 006314014200 tmpv0:= READURAM(0x0014, 64) U1c9a: 006515015214 tmpv1:= SHR_DSZ64(tmpv0, 0x00000015) U1c9c: 00652a016214 tmpv2:= SHR_DSZ64(tmpv0, 0x0000002a) U1c9d: 004100015556 tmpv1:= OR_DSZ64(tmpv2, tmpv1) U1c9e: 0047e0014510 tmpv0:= NOTAND_DSZ64(0x001fffff, tmpv0) U1ca0: 0004e0015550 tmpv1:= AND_DSZ32(0x001fffff, tmpv1) U1ca1: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U1ca2: 004314000214 WRITEURAM(tmpv0, 0x0014, 64) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U1ca4: 09284c300335 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000010, U0c4c) U1ca5: 1929111c0275 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, 0x00000004, generate_#GP) 0182ba55 SEQW SAVEUIP1 U1ca6 SEQW GOTO U02ba U1ca6: 2d0bd843100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U1ca8: 286af8190331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U56f8) U1ca9: 0008ff032008 tmp2:= ZEROEXT_DSZ32(0x000000ff) U1caa: 006320033200 tmp3:= READURAM(0x0020, 64) U1cac: 006530033233 tmp3:= SHR_DSZ64(tmp3, 0x00000030) U1cad: 2d4bb043500a tmp5:= PORTIN_DSZ64_ASZ16_SC1(0x000050b0) 019cb155 SEQW SAVEUIP1 U1cae SEQW GOTO U1cb1 U1cae: 2d4bb843500a tmp5:= PORTIN_DSZ64_ASZ16_SC1(0x000050b8) U1cb0: 000ca28c0200 SAVEUIP(0x01, U03a2) U1cb1: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U1cb2: 00040103acc8 tmp10:= AND_DSZ32(0x00000001, tmp3) U1cb4: 0131ff03a23a tmp10:= SELECTCC_DSZ32_CONDNZ(tmp10, 0x000000ff) U1cb5: 004100035d7a tmp5:= OR_DSZ64(tmp10, tmp5) U1cb6: 00c50003acb5 tmp10:= SUB_DSZ8(tmp5, tmp2) U1cb8: 017e00035eb5 tmp5:= MOVEMERGEFLGS_DSZ64(tmp5, tmp10) U1cb9: 003700032cb5 tmp2:= CMOVCC_DSZ32_CONDNB(tmp5, tmp2) U1cba: 002501033233 tmp3:= SHR_DSZ32(tmp3, 0x00000001) U1cbc: 006508035235 tmp5:= SHR_DSZ64(tmp5, 0x00000008) U1cbd: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 019cb240 ? SEQW GOTO U1cb2 uret1: U1cbe: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U1cc0: 0f6500038e70 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp0, tmp9) U1cc1: 005400038238 tmp8:= BT_DSZ64(tmp8, 0x00000000) U1cc2: 00730003fe38 tmp15:= SELECTCC_DSZ64_CONDNB(tmp8, tmp8) U1cc4: 00440003fff7 tmp15:= AND_DSZ64(tmp7, tmp15) U1cc5: 0151345c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3734) U1cc6: 00400003fcb9 tmp15:= ADD_DSZ64(tmp9, tmp2) U1cc8: 000001039e48 tmp9:= ADD_DSZ32(0x00000001, tmp9) U1cc9: 004200000ff8 MOVETOCREG_DSZ64(tmp8, tmp15) U1cca: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 019cc080 SEQW GOTO U1cc0 ------------------------------------------------------------------------------------ U1ccc: 00480003c031 tmp12:= ZEROEXT_DSZ64(tmp1) U1ccd: 000000000000 NOP 01a7ae55 SEQW SAVEUIP1 U1cce SEQW GOTO U27ae U1cce: 0e6570030f0a tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000270) U1cd0: 200a80000200 TESTUSTATE(VMX, 0x0080) 01957e00 ? SEQW GOTO U157e U1cd1: 000800000000 NOP U1cd2: 000800000000 NOP U1cd4: 100a00800300 TESTUSTATE(SYS, !0x8000) 01957e00 ? SEQW GOTO U157e U1cd5: 0e6580032f08 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000080) U1cd6: 0042f81c0232 MOVETOCREG_DSZ64(tmp2, 0x7f8) U1cd8: 00652003f232 tmp15:= SHR_DSZ64(tmp2, 0x00000020) U1cd9: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U1cda: 0e65e8032f0a tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002e8) U1cdc: 1042f91c0272 MOVETOCREG_DSZ64(tmp2, 0x7f9, 32) U1cdd: 0047c37ffc8a tmp15:= NOTAND_DSZ64(0x00005fc3, tmp2) U1cde: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) 01958080 SEQW GOTO U1580 ------------------------------------------------------------------------------------ U1ce0: 086afe5c033a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U07fe) U1ce1: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01aee540 ? SEQW GOTO U2ee5 U1ce2: 1c38fbab9024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp9) U1ce4: 0c4b800b1000 tmp1:= RDSEGFLD(CS, SEL) U1ce5: 1c38f3ab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, tmp1) U1ce6: 1c38ebab4024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_eb, mode=0x0a, tmp4) U1ce8: 10c51b824908 rsp:= SUB_DSZN(IMM_MACRO_1b, rsp) U1ce9: 000a04000200 TESTUSTATE(UCODE, 0x0004) 019cee40 ? SEQW GOTO U1cee U1cea: 002510031236 tmp1:= SHR_DSZ32(tmp6, 0x00000010) U1cec: 1c38fbab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U1ced: 10c50b824908 rsp:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U1cee: 0de300240033 LFNCEMARK-> unk_de3(tmp3) U1cf0: 086ac244033a LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U01c2) U1cf1: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 041cf540 ? SEQW GOTO U1cf5 U1cf2: 006311031200 tmp1:= READURAM(0x0011, 64) U1cf4: 0e6da8040c4c LFNCEMARK-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x000004a8, mode=0x01, 0x00000000) U1cf5: 006370031200 tmp1:= READURAM(0x0070, 64) U1cf6: 00562e031231 tmp1:= BTR_DSZ64(tmp1, 0x0000002e) U1cf8: 09a208000631 LFNCEWAIT-> MOVETOCREG_SHR_DSZ64(tmp1, 0x00000020, 0x008) U1cf9: 004370040231 WRITEURAM(tmp1, 0x0170, 64) U1cfa: 000800000000 NOP U1cfc: 090205c00200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U1cfd: 000a00100200 TESTUSTATE(UCODE, 0x0400) 043dec40 ? SEQW GOTO U3dec U1cfe: 00633f030200 tmp0:= READURAM(0x003f, 64) U1d00: 014300300c00 AETTRACE(0x0c, tmp0) 01bdec00 SEQW GOTO U3dec ------------------------------------------------------------------------------------ U1d01: 004810833008 tmp3:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION) U1d02: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U1d04: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01ce820d ? SEQW GOTO do_vmexit_ovr_enter_rip U1d05: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01ce820d ? SEQW URET1 U1d06: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U1d08: 006311015200 tmpv1:= READURAM(0x0011, 64) U1d09: 0e65c805554c tmpv1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x000004c8, mode=0x01) U1d0a: 286a913c0515 BTUJB_DIRECT_NOTTAKEN(tmpv1, tmpv0, do_smm_vmexit_ovr_enter_rip) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U1d0c: 00080103a008 tmp10:= ZEROEXT_DSZ32(0x00000001) U1d0d: 1042c408027b SYNCWAIT-> MOVETOCREG_DSZ64(tmp11, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U1d0e: 1062da0b9240 tmp9:= MOVEFROMCREG_DSZ64(0x2da, 32) U1d10: 1902da0b9eb9 tmp9:= MOVETOCREG_OR_DSZ64(tmp9, tmp10, 0x2da) U1d11: 002418039239 tmp9:= SHL_DSZ32(tmp9, 0x00000018) U1d12: 00010003be7b tmp11:= OR_DSZ32(tmp11, tmp9) U1d14: 006208039200 tmp9:= MOVEFROMCREG_DSZ64(0x008) U1d15: 00010b039e50 tmp9:= OR_DSZ32(0x00000080, tmp9) U1d16: 004208000239 MOVETOCREG_DSZ64(tmp9, 0x008) U1d18: 002100039ef9 tmp9:= CONCAT_DSZ32(tmp9, tmp11) U1d19: 204370000239 WRITEURAM(tmp9, 0x0070, 64) U1d1a: 000501039008 tmp9:= SUB_DSZ32(0x00000001) U1d1c: 00420b000239 MOVETOCREG_DSZ64(tmp9, 0x00b) U1d1d: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U1d1e: 0c6b6e000000 WRSEGFLD(0x00000000, IDT, LIMIT) U1d20: 00080003a00c tmp10:= ZEROEXT_DSZ32(0x00008000) U1d21: 000800024024 rsp:= ZEROEXT_DSZ32(rsp) U1d22: 000a04000200 TESTUSTATE(UCODE, 0x0004) 019d2580 ? SEQW GOTO U1d25 U1d24: 0008587ba00f tmp10:= ZEROEXT_DSZ32(0x0000fe58) U1d25: 00000003aeb4 tmp10:= ADD_DSZ32(tmp4, tmp10) U1d26: 00426700023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_CUR_RIP) U1d28: 1062df0b9240 tmp9:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U1d29: 286a01b102b9 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000a, probe_mode_force_smm_xlat) U1d2a: 000800000000 NOP U1d2c: 021400000e80 LFNCEWAIT-> FETCHFROMEIP0_ASZ32(tmp10) 02271170 SEQW UEND0 ------------------------------------------------------------------------------------ U1d2d: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 02271170 ? SEQW GOTO generate_#GP U1d2e: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U1d30: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 019d3400 ? SEQW GOTO U1d34 U1d31: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) U1d32: 000800036000 tmp6:= ZEROEXT_DSZ32(0x00000000) U1d34: 004400036d76 tmp6:= AND_DSZ64(tmp6, tmp5) U1d35: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 019d4140 ? SEQW GOTO U1d41 U1d36: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U1d38: 006311033200 tmp3:= READURAM(0x0011, 64) U1d39: 0e6500074cb3 tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, tmp2, mode=0x01) U1d3a: 0e6510073cb3 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, tmp2, 0x00000010, mode=0x01) U1d3c: 004400033cf4 tmp3:= AND_DSZ64(tmp4, tmp3) U1d3d: 004700033cf5 tmp3:= NOTAND_DSZ64(tmp5, tmp3) U1d3e: 004100036db3 tmp6:= OR_DSZ64(tmp3, tmp6) U1d40: 004100035d74 tmp5:= OR_DSZ64(tmp4, tmp5) U1d41: 00470003bef5 tmp11:= NOTAND_DSZ64(tmp5, tmp11) U1d42: 00410003bef6 tmp11:= OR_DSZ64(tmp6, tmp11) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U1d44: 006204037200 tmp7:= MOVEFROMCREG_DSZ64(0x004) U1d45: 00080003e03d tmp14:= ZEROEXT_DSZ32(tmp13) U1d46: 00080003003b tmp0:= ZEROEXT_DSZ32(tmp11) U1d48: 0062011fd200 tmp13:= MOVEFROMCREG_DSZ64(0x701) U1d49: 0a62019c02fd LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp13, 0x0000000e, 0x701) U1d4a: 0a6204400277 MOVETOCREG_BTR_DSZ64(tmp7, 0x00000005, 0x004) U1d4c: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1d4d: 23800003ae80 tmp10:= READAFLAGS(tmp10) 05694e51 SEQW SAVEUIP0 U1d4e SEQW GOTO U694e U1d4e: 000703038237 LFNCEMARK-> tmp8:= NOTAND_DSZ32(tmp7, 0x00000003) U1d50: 000d0cd00280 SAVEUIP_REGOVR(0x01, U1d51, 0x540c) 01995600 SEQW GOTO U1956 U1d51: 01340003df78 tmp13:= CMOVCC_DSZ32_CONDZ(tmp8, tmp13) U1d52: 013e00032e32 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp8) U1d54: 013508032232 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp2, 0x00000008) U1d55: 00c800031c72 tmp1:= ZEROEXT_DSZ8(tmp2, tmp1) U1d56: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01b1e980 ? SEQW GOTO U31e9 U1d58: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 049d5a00 ? SEQW GOTO U1d5a U1d59: 386adc1c0cb3 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp3, tmp2, U37dc) U1d5a: 0008e9034010 tmp4:= ZEROEXT_DSZ32(0x002c6000) U1d5c: 001518034234 tmp4:= BTS_DSZ32(tmp4, 0x00000018) U1d5d: 00040003efb4 tmp14:= AND_DSZ32(tmp4, tmp14) U1d5e: 00016103ef90 tmp14:= OR_DSZ32(0x00016809, tmp14) U1d60: 00a100036dbd tmp6:= CONCAT_DSZ16(tmp13, tmp6) U1d61: 000100039eb9 tmp9:= OR_DSZ32(tmp9, tmp10) U1d62: 006267034200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1d64: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U1d65: 00420000023e LFNCEWAIT-> MOVETOCREG_DSZ64(tmp14, 0x000) U1d66: 104500033d3c tmp3:= SUB_DSZN(tmp12, tmp4) 02a68580 SEQW GOTO U2685 ------------------------------------------------------------------------------------ U1d68: 000860036008 tmp6:= ZEROEXT_DSZ32(0x00000060) U1d69: 008010030c08 tmp0:= ADD_DSZ16(0x00000010, tmp0) U1d6a: 000a04000200 TESTUSTATE(UCODE, 0x0004) 019d6e80 ? SEQW GOTO U1d6e U1d6c: 025c00000c71 LFNCEMARK-> unk_25c(tmp1, tmp1) U1d6d: 008010030c08 tmp0:= ADD_DSZ16(0x00000010, tmp0) U1d6e: 100a06035230 tmp5:= TESTUSTATE(tmp0, SYS, UST_USER_MODE | UST_8086_MODE) 042711c0 ? SEQW GOTO generate_#GP U1d70: 000501034008 tmp4:= SUB_DSZ32(0x00000001) U1d71: 00019b039d8d tmp9:= OR_DSZ32(0x0000a09b, tmp6) U1d72: 004a04824232 rsp:= TESTUSTATE(tmp2, UCODE, !0x0004) 019d7680 ? SEQW GOTO U1d76 U1d74: 00019b039d8e tmp9:= OR_DSZ32(0x0000c09b, tmp6) U1d75: 000800024032 rsp:= ZEROEXT_DSZ32(tmp2) U1d76: 004210100234 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp4, 0x410) U1d78: 00080003400a tmp4:= ZEROEXT_DSZ32(0x00004000) U1d79: 00423c1c0234 MOVETOCREG_DSZ64(tmp4, 0x73c) U1d7a: 00429e1c0233 MOVETOCREG_DSZ64(tmp3, 0x79e) U1d7c: 0042f51c0239 MOVETOCREG_DSZ64(tmp9, 0x7f5) U1d7d: 0042001c0200 MOVETOCREG_DSZ64(0x00000000, 0x700) U1d7e: 00428e1c0200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x78e) 0500b196 SEQW SAVEUIP1 U1d80 SEQW GOTO U00b1 U1d80: 000193036d8e tmp6:= OR_DSZ32(0x0000c093, tmp6) U1d81: 008008034d48 tmp4:= ADD_DSZ16(0x00000008, tmp5) U1d82: 000d4a980000 SAVEUIP_REGOVR(0x01, U1d84, 0x064a) 0180b180 SEQW GOTO U00b1 U1d84: 0c6b23000000 WRSEGFLD(0x00000000, SS, BASE) U1d85: 0c6ba3000036 WRSEGFLD(tmp6, SS, SEL+FLGS+LIM) U1d86: 0c6ba2000039 WRSEGFLD(tmp9, CS, SEL+FLGS+LIM) U1d88: 0c6b22000000 WRSEGFLD(0x00000000, CS, BASE) U1d89: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0721566e ? SEQW GOTO U2156 U1d8a: 0255002c0c40LFNCEWTMRK->MSSTOP-> FETCHFROMEIP1_ASZ64(tmp1) U1d8c: 005e00300c40 MSSTOP-> MJMPTARGET_INDIRECT_ASZ64(tmp1) 01bdfa2c SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ check_rdrand_vmexits: U1d8d: 004810833008 tmp3:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION) U1d8e: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U1d90: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 019d9400 ? SEQW GOTO U1d94 U1d91: 006343015200 tmpv1:= READURAM(0x0043, 64) U1d92: 086a82390515 BTUJB_DIRECT_NOTTAKEN(tmpv1, tmpv0, do_vmexit_ovr_enter_rip) U1d94: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 019cbe0e ? SEQW GOTO uret1 U1d95: 00634c015200 tmpv1:= READURAM(0x004c, 64) U1d96: 286a913c0515 BTUJB_DIRECT_NOTTAKEN(tmpv1, tmpv0, do_smm_vmexit_ovr_enter_rip) 019cbe0e SEQW URET1 ------------------------------------------------------------------------------------ U1d98: 00080003e03d tmp14:= ZEROEXT_DSZ32(tmp13) U1d99: 006204037200 tmp7:= MOVEFROMCREG_DSZ64(0x004) U1d9a: 0a6204437277 LFNCEWAIT-> tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x00000005, 0x004) U1d9c: 0062011fb200 LFNCEMARK-> tmp11:= MOVEFROMCREG_DSZ64(0x701) U1d9d: 0a62019c02fb MOVETOCREG_BTR_DSZ64(tmp11, 0x0000000e, 0x701) U1d9e: 000803031008 tmp1:= ZEROEXT_DSZ32(0x00000003) U1da0: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1da1: 23800003ae80 tmp10:= READAFLAGS(tmp10) 02696051 SEQW SAVEUIP0 U1da2 SEQW GOTO U6960 U1da2: 000703038237 tmp8:= NOTAND_DSZ32(tmp7, 0x00000003) U1da4: 017e00032e32 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp8) U1da5: 013508032232 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp2, 0x00000008) U1da6: 00c800031c72 tmp1:= ZEROEXT_DSZ8(tmp2, tmp1) U1da8: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01b1e900 ? SEQW GOTO U31e9 U1da9: 000800000000 NOP U1daa: 000800000000 NOP U1dac: 000d0c900300 SAVEUIP_REGOVR(0x01, U1dad, 0x840c) 01995600 SEQW GOTO U1956 U1dad: 000800000000 NOP U1dae: 000800000000 NOP U1db0: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 069db200 ? SEQW GOTO U1db2 U1db1: 386adc1c0cb3 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp3, tmp2, U37dc) U1db2: 000100039eb9 tmp9:= OR_DSZ32(tmp9, tmp10) U1db4: 006267034200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1db5: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U1db6: 104500033d3c tmp3:= SUB_DSZN(tmp12, tmp4) U1db8: 0008e9034010 tmp4:= ZEROEXT_DSZ32(0x002c6000) U1db9: 001518034234 tmp4:= BTS_DSZ32(tmp4, 0x00000018) U1dba: 00040003efb4 tmp14:= AND_DSZ32(tmp4, tmp14) U1dbc: 00016103ef90 tmp14:= OR_DSZ32(0x00016809, tmp14) U1dbd: 00420000023e LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp14, 0x000) 06817a40 SEQW GOTO U017a ------------------------------------------------------------------------------------ U1dbe: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U1dc0: 00054a0bbed0 tmp11:= SUB_DSZ32(0xffffffff, tmp11) U1dc1: 0150a20c02fb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U63a2) U1dc2: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U1dc4: 00640803b23b LFNCEWAIT-> tmp11:= SHL_DSZ64(tmp11, 0x00000008) U1dc5: 0e2500035d3b tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4) U1dc6: 0e250403bd3b tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4, 0x00000004) U1dc8: 002100035d7b tmp5:= CONCAT_DSZ32(tmp11, tmp5) U1dc9: 00084a0bb010 tmp11:= ZEROEXT_DSZ32(0xffffffff) U1dca: 0021ff3fbec8 tmp11:= CONCAT_DSZ32(0x00000fff, tmp11) U1dcc: 004400035d7b tmp5:= AND_DSZ64(tmp11, tmp5) 01e39a00 SEQW GOTO U639a ------------------------------------------------------------------------------------ U1dcd: 00631103c200 tmp12:= READURAM(0x0011, 64) U1dce: 0062c01be200 tmp14:= MOVEFROMCREG_DSZ64(0x6c0) U1dd0: 0e25b407ff0c tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000004b4, mode=0x01) U1dd1: 00241f03f23f tmp15:= SHL_DSZ32(tmp15, 0x0000001f) U1dd2: 0902c0180ffe MOVETOCREG_OR_DSZ64(tmp14, tmp15, 0x6c0) U1dd4: 00635c03f200 tmp15:= READURAM(0x005c, 64) U1dd5: 00560a03f23f tmp15:= BTR_DSZ64(tmp15, 0x0000000a) U1dd6: 00435c00023f SYNCFULL-> WRITEURAM(tmp15, 0x005c, 64) 091f9180 SEQW GOTO do_smm_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U1dd8: 204265000200 LFNCEWTMRK-> MOVETOCREG_DSZ64(0x00000000, 0x065) U1dd9: 000c42e7e288 tmp14:= SAVEUIP(0x01, U5942) U1dda: 0062fe1fd200 tmp13:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U1ddc: 086aae18033d LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000010, U06ae) U1ddd: 0062f81f7200 tmp7:= MOVEFROMCREG_DSZ64(0x7f8) U1dde: 0004ff03cdc8 tmp12:= AND_DSZ32(0x000000ff, tmp7) U1de0: 0150ae18023c LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp12, U06ae) U1de1: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U1de2: 00640f03b233 tmp11:= SHL_DSZ64(tmp3, 0x0000000f) U1de4: 00650f03b23b tmp11:= SHR_DSZ64(tmp11, 0x0000000f) U1de5: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U1de6: 000803038008 tmp8:= ZEROEXT_DSZ32(0x00000003) U1de8: 002510037237 tmp7:= SHR_DSZ32(tmp7, 0x00000010) U1de9: 0000a81fc238 tmp12:= ADD_DSZ32(tmp8, 0x000007a8) U1dea: 00000003cf38 tmp12:= ADD_DSZ32(tmp8, tmp12) U1dec: 00620003cf00 tmp12:= MOVEFROMCREG_DSZ64(tmp12) U1ded: 00563f03c23c tmp12:= BTR_DSZ64(tmp12, 0x0000003f) U1dee: 004500035f3b tmp5:= SUB_DSZ64(tmp11, tmp12) U1df0: 00240103ae08 tmp10:= SHL_DSZ32(0x00000001, tmp8) U1df1: 01310003aeb5 tmp10:= SELECTCC_DSZ32_CONDNZ(tmp5, tmp10) U1df2: 00330003aebc tmp10:= SELECTCC_DSZ32_CONDNB(tmp12, tmp10) U1df4: 00240203c238 tmp12:= SHL_DSZ32(tmp8, 0x00000002) U1df5: 00240303cf08 tmp12:= SHL_DSZ32(0x00000003, tmp12) U1df6: 000400035dfc tmp5:= AND_DSZ32(tmp12, tmp7) U1df8: 01310003aeb5 tmp10:= SELECTCC_DSZ32_CONDNZ(tmp5, tmp10) U1df9: 000100039e7a tmp9:= OR_DSZ32(tmp10, tmp9) U1dfa: 000501038e08 tmp8:= SUB_DSZ32(0x00000001, tmp8) U1dfc: 0250fd740238 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp8, U1dfd) 051de90e SEQW GOTO U1de9 ------------------------------------------------------------------------------------ U1dfd: 00621c03a200 tmp10:= MOVEFROMCREG_DSZ64(0x01c) U1dfe: 09021c000eb9 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp9, tmp10, 0x01c) 051de90e SEQW URET1 ------------------------------------------------------------------------------------ U1e00: 1062c10b5240 tmp5:= MOVEFROMCREG_DSZ64(0x2c1, 32) U1e01: 00210003aeb5 tmp10:= CONCAT_DSZ32(tmp5, tmp10) U1e02: 006364035200 tmp5:= READURAM(0x0064, 64) U1e04: 00241b035235 tmp5:= SHL_DSZ32(tmp5, 0x0000001b) U1e05: 00410003aeb5 tmp10:= OR_DSZ64(tmp5, tmp10) 0b306555 SEQW SAVEUIP1 U1e06 SEQW GOTO U3065 U1e06: 0c6bb780003a SYNCWAIT-> WRSEGFLD(tmp10) U1e08: 1062c00ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2c0, 32) U1e09: 0c6b3780003a LFNCEMARK-> WRSEGFLD(tmp10) U1e0a: 000cd20002c0 SAVEUIP(0x00, U60d2) U1e0c: 0c4b40275000 LFNCEWAIT-> tmp5:= RDSEGFLD(UNK_SEG_09, FLGS) U1e0d: 0042f51c0235 MOVETOCREG_DSZ64(tmp5, 0x7f5) U1e0e: 0c4b402b5000 tmp5:= RDSEGFLD(SS_USERM, FLGS) U1e10: 00423c1c0235 MOVETOCREG_DSZ64(tmp5, 0x73c) U1e11: 09a29e5c0275 SYNCFULL-> MOVETOCREG_SHR_DSZ64(tmp5, 0x00000005, 0x79e) U1e12: 0c4bc027a000 tmp10:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U1e14: 00428e1c023a MOVETOCREG_DSZ64(tmp10, 0x78e) U1e15: 0c4b60275000 tmp5:= RDSEGFLD(UNK_SEG_09, LIMIT) U1e16: 004210100235 MOVETOCREG_DSZ64(tmp5, 0x410) U1e18: 000001035d48 tmp5:= ADD_DSZ32(0x00000001, tmp5) U1e19: 0042001c0235 MOVETOCREG_DSZ64(tmp5, 0x700) U1e1a: 0c4b80275000 tmp5:= RDSEGFLD(UNK_SEG_09, SEL) U1e1c: 0c6b89000035 LFNCEMARK-> WRSEGFLD(tmp5, UNK_SEG_09, SEL) U1e1d: 0c4b2027a000 tmp10:= RDSEGFLD(UNK_SEG_09, BASE) U1e1e: 000800000000 NOP U1e20: 0c6b2200003a LFNCEWAIT-> WRSEGFLD(tmp10, CS, BASE) U1e21: 0c4ba027a000 tmp10:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U1e22: 0c6ba200003a WRSEGFLD(tmp10, CS, SEL+FLGS+LIM) U1e24: 0c4b202ba000 tmp10:= RDSEGFLD(SS_USERM, BASE) U1e25: 0c6b2300003a WRSEGFLD(tmp10, SS, BASE) U1e26: 0c4ba02ba000 tmp10:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U1e28: 0c6ba300003a LFNCEMARK-> WRSEGFLD(tmp10, SS, SEL+FLGS+LIM) 041e2d88 SEQW URET0 ------------------------------------------------------------------------------------ U1e29: 0e651807bc0d tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000518, mode=0x01) U1e2a: 100a00000240 TESTUSTATE(SYS, 0x2000) 041e2d88 ? SEQW GOTO U1e2d U1e2c: 0047ff3fbec8 tmp11:= NOTAND_DSZ64(0x00000fff, tmp11) U1e2d: 000a20000200 TESTUSTATE(UCODE, 0x0020) 019e4240 ? SEQW GOTO U1e42 U1e2e: 20631f038200 tmp8:= READURAM(0x001f, 64) U1e30: 006525038238 tmp8:= SHR_DSZ64(tmp8, 0x00000025) U1e31: 0004ff0f8e08 tmp8:= AND_DSZ32(0x000003ff, tmp8) U1e32: 002510039236 tmp9:= SHR_DSZ32(tmp6, 0x00000010) U1e34: 00041f035e08 tmp5:= AND_DSZ32(0x0000001f, tmp8) U1e35: 000400039e75 tmp9:= AND_DSZ32(tmp5, tmp9) U1e36: 002505038238 tmp8:= SHR_DSZ32(tmp8, 0x00000005) U1e38: 000600038e39 tmp8:= XOR_DSZ32(tmp9, tmp8) U1e39: 005538039200 tmp9:= BTS_DSZ64(0x00000000, 0x00000038) U1e3a: 017000038e78 tmp8:= SELECTCC_DSZ64_CONDZ(tmp8, tmp9) U1e3c: 00402a035c88 tmp5:= ADD_DSZ64(0x0000002a, tmp2) U1e3d: 006314039200 tmp9:= READURAM(0x0014, 64) U1e3e: 004600039e78 tmp9:= XOR_DSZ64(tmp8, tmp9) U1e40: 007200039e72 tmp9:= SELECTCC_DSZ64_CONDB(tmp2, tmp9) U1e41: 186a6c150d79 BTUJB_DIRECT_NOTTAKEN(tmp9, tmp5, U656c) U1e42: 2928e2a102f2 CMPUJZ_DIRECT_NOTTAKEN(tmp2, 0x0000000e, U58e2) 01a6d080 SEQW GOTO U26d0 ------------------------------------------------------------------------------------ U1e44: 00470003ad36 tmp10:= NOTAND_DSZ64(tmp6, tmp4) U1e45: 0c40086372bb tmp7:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000208, mode=0x18) U1e46: 004100037dfa tmp7:= OR_DSZ64(tmp10, tmp7) U1e48: 0c401063a2bb tmp10:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000210, mode=0x18) U1e49: 004100037dfa tmp7:= OR_DSZ64(tmp10, tmp7) U1e4a: 0151111c0277 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, generate_#GP) U1e4c: 005403035235 tmp5:= BT_DSZ64(tmp5, 0x00000003) U1e4d: 017eff0ffd48 tmp15:= MOVEMERGEFLGS_DSZ64(0x000003ff, tmp5) U1e4e: 00763f0b823f tmp8:= CMOVCC_DSZ64_CONDB(tmp15, 0x0000023f) U1e50: 005404035235 tmp5:= BT_DSZ64(tmp5, 0x00000004) U1e51: 017e3f13fd48 tmp15:= MOVEMERGEFLGS_DSZ64(0x0000043f, tmp5) U1e52: 007600038e3f tmp8:= CMOVCC_DSZ64_CONDB(tmp15, tmp8) U1e54: 108000038ef8 tmp8:= ADD_DSZN(tmp8, tmp11) U1e55: 004800033035 tmp3:= ZEROEXT_DSZ64(tmp5) U1e56: 004100136008 tmp6:= OR_DSZ64(0x00000400) U1e58: 006410036236 tmp6:= SHL_DSZ64(tmp6, 0x00000010) U1e59: 0041c00f6d88 tmp6:= OR_DSZ64(0x000003c0, tmp6) U1e5a: 074400038036 tmm0:= unk_744(mm6) U1e5c: 007d00034d00 tmp4:= MOVEINSERTFLGS_DSZ64(tmp4) U1e5d: 000406037233 tmp7:= AND_DSZ32(tmp3, 0x00000006) U1e5e: 017e18037dc8 tmp7:= MOVEMERGEFLGS_DSZ64(0x00000018, tmp7) U1e60: 0135000b7237 tmp7:= CMOVCC_DSZ32_CONDNZ(tmp7, 0x00000200) U1e61: 00040103ccc8 tmp12:= AND_DSZ32(0x00000001, tmp3) U1e62: 01710003cdfc tmp12:= SELECTCC_DSZ64_CONDNZ(tmp12, tmp7) U1e64: 108000037efc tmp7:= ADD_DSZN(tmp12, tmp11) U1e65: 0cc100600037 unk_cc1(tmp7) U1e66: 0cc100600038 LFNCEMARK-> unk_cc1(tmp8) U1e68: 000800000000 NOP U1e69: 000800000000 NOP U1e6a: 000a04000200 SYNCWAIT-> TESTUSTATE(UCODE, 0x0004) 0b3c6ac0 ? SEQW GOTO U3c6a U1e6c: 000c4437d2c8 tmp13:= SAVEUIP(0x00, U6d44) U1e6d: 000c6af3e248 tmp14:= SAVEUIP(0x01, U3c6a) 01e31440 SEQW GOTO U6314 ------------------------------------------------------------------------------------ U1e6e: 2d8b801b300a tmp3:= PORTIN_DSZ16_ASZ16_SC1(0x00004680) U1e70: 0e7d405f300d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000b740, tmp3) U1e71: 2d0fd440000a PORTOUT_DSZ32_ASZ16_SC1(0x000050d4, 0x00000000) U1e72: 0008f07f200f tmp2:= ZEROEXT_DSZ32(0x0000fff0) U1e74: 00628e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x78e) U1e75: 000000031c72 tmp1:= ADD_DSZ32(tmp2, tmp1) U1e76: 204267000231 MOVETOCREG_DSZ64(tmp1, CORE_CR_CUR_RIP) U1e78: 2d0b0023300a tmp3:= PORTIN_DSZ32_ASZ16_SC1(0x00004800) U1e79: 286a7a3803b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000018, U1e7a) 01c3ae40 SEQW GOTO U43ae ------------------------------------------------------------------------------------ U1e7a: 204367000231 WRITEURAM(tmp1, 0x0067, 64) U1e7c: 004800030000 tmp0:= ZEROEXT_DSZ64(0x00000000) 01ba440d SEQW GOTO U3a44 ------------------------------------------------------------------------------------ U1e7d: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01ba440d ? SEQW URET1 U1e7e: 006312039200 tmp9:= READURAM(0x0012, 64) U1e80: 086bae5802b9 BTUJNB_DIRECT_NOTTAKEN(tmp9, 0x00000009, U06ae) U1e81: 000809135008 tmp5:= ZEROEXT_DSZ32(0x00000409) U1e82: 000d59a80380 SAVEUIP_REGOVR(0x01, U1e84, 0xca59) 01ebfd80 SEQW GOTO U6bfd U1e84: 00621c014200 tmpv0:= MOVEFROMCREG_DSZ64(0x01c) U1e85: 000c41dc0240 SAVEUIP(0x01, U3741) U1e86: 000cd0600240 SAVEUIP(0x00, U38d0) 01b34d80 SEQW GOTO U334d ------------------------------------------------------------------------------------ U1e88: 0e254803003e tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000048) U1e89: 00630d031200 tmp1:= READURAM(0x000d, 64) U1e8a: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U1e8c: 00e100031c70 tmp1:= CONCAT_DSZ8(tmp0, tmp1) U1e8d: 0021c62f1271 tmp1:= CONCAT_DSZ32(tmp1, 0x00002bc6) U1e8e: 20430d000231 WRITEURAM(tmp1, 0x000d, 64) U1e90: 100a00000280 TESTUSTATE(SYS, 0x4000) 019ea600 ? SEQW GOTO patch_runs_load_loop U1e91: 00080d03b008 tmp11:= ZEROEXT_DSZ32(0x0000000d) U1e92: 0150dc1c027a UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp10, U27dc) U1e94: 100a00000380 TESTUSTATE(SYS, 0xc000) 019ea600 ? SEQW GOTO patch_runs_load_loop U1e95: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U1e96: 2a62c3580270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000005, 0x6c3) U1e98: 206353030200 tmp0:= READURAM(0x0053, 64) U1e99: 286ba6780270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000005, patch_runs_load_loop) U1e9a: 000d01800000 SAVEUIP_REGOVR(0x01, U1e9c, 0x0001) 01de4e80 SEQW GOTO U5e4e U1e9c: 000d00800000 SAVEUIP_REGOVR(0x01, U1e9d, 0x0000) 0182ba00 SEQW GOTO U02ba U1e9d: 2d0bd843000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U1e9e: 001512030230 tmp0:= BTS_DSZ32(tmp0, 0x00000012) U1ea0: 2d0fd843000a PORTOUT_DSZ32_ASZ16_SC1(0x000050d8, tmp0) U1ea1: 2d0bd843000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U1ea2: 286ba1b80330 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000012, U1ea1) U1ea4: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U1ea5: 00080a030008 tmp0:= ZEROEXT_DSZ32(0x0000000a) 0960aa51 SEQW SAVEUIP0 U1ea6 SEQW GOTO U60aa patch_runs_load_loop: U1ea6: 0ee500030034 SYNCFULL-> tmp0:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp4) U1ea8: 002402031230 tmp1:= SHL_DSZ32(tmp0, 0x00000002) U1ea9: 00006c0b1271 tmp1:= ADD_DSZ32(tmp1, 0x0000226c) U1eaa: 004001034d08 tmp4:= ADD_DSZ64(0x00000001, tmp4) U1eac: 00c51e032c08 tmp2:= SUB_DSZ8(0x0000001e, tmp0) U1ead: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) U1eae: 0153b41c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp2, patch_load_error) U1eb0: 000800000000 NOP U1eb1: 000800000000 NOP U1eb2: 015d00000c40 UJMP(tmp1) ------------------------------------------------------------------------------------ U1eb4: 204306040200 WRITEURAM(0x00000000, 0x0106, 64) U1eb5: 0042071c0200 MOVETOCREG_DSZ64(0x00000000, 0x707) U1eb6: 0042061c0200 MOVETOCREG_DSZ64(0x00000000, 0x706) U1eb8: 0062021f0200 tmp0:= MOVEFROMCREG_DSZ64(0x702) U1eb9: 000723030c08 tmp0:= NOTAND_DSZ32(0x00000023, tmp0) U1eba: 0042021c0230 MOVETOCREG_DSZ64(tmp0, 0x702) U1ebc: 000a08000200 TESTUSTATE(UCODE, 0x0008) 054dca00 ? SEQW GOTO U4dca U1ebd: 000883039010 tmp9:= ZEROEXT_DSZ32(0x00030400) U1ebe: 0042a1180239 LFNCEMARK-> MOVETOCREG_DSZ64(tmp9, 0x6a1) U1ec0: 0042a0180200 LFNCEWTMRK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) U1ec1: 000e7f040200 WRMSLOOPCTRFBR(0x0000017f) U1ec2: 000800000000 NOP U1ec4: 2042a4180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x6a4) U1ec5: 2042a5180200 MOVETOCREG_DSZ64(0x00000000, 0x6a5) U1ec6: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 021ec480 ? SEQW GOTO U1ec4 U1ec8: 000881039010 tmp9:= ZEROEXT_DSZ32(0x00030200) U1ec9: 2042a1180239 LFNCEMARK-> MOVETOCREG_DSZ64(tmp9, 0x6a1) U1eca: 000800000000 NOP U1ecc: 0042a0180200 LFNCEWTMRK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) U1ecd: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U1ece: 000800000000 NOP U1ed0: 0042a4180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x6a4) U1ed1: 0042a4180200 MOVETOCREG_DSZ64(0x00000000, 0x6a4) U1ed2: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 021ed080 ? SEQW GOTO U1ed0 U1ed4: 000882039010 tmp9:= ZEROEXT_DSZ32(0x00030300) U1ed5: 2042a1180239 MOVETOCREG_DSZ64(tmp9, 0x6a1) U1ed6: 2042a0180200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) U1ed8: 000e1f000200 WRMSLOOPCTRFBR(0x0000001f) U1ed9: 000800000000 NOP U1eda: 000800000000 NOP U1edc: 0042a4180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x6a4) U1edd: 0042a4180200 MOVETOCREG_DSZ64(0x00000000, 0x6a4) U1ede: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 021edc80 ? SEQW GOTO U1edc U1ee0: 2042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) 01cde000 SEQW GOTO U4de0 ------------------------------------------------------------------------------------ U1ee1: 10c013839f08 tmp9:= ADD_DSZN(IMM_MACRO_13, tmp12) U1ee2: 000b04838208 tmp8:= UPDATEUSTATE(!0x10) U1ee4: 100a088b4200 tmp4:= TESTUSTATE(SYS, !UST_OP_SIZE_32BIT | 0x0200) 01c8ac00 ? SEQW GOTO U48ac U1ee5: 204229000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U1ee6: 0cb00bab2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U1ee8: 1c30002b3024 tmp3:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) U1ee9: 000cf92fd248 tmp13:= SAVEUIP(0x00, U2bf9) U1eea: 000c99e7e248 tmp14:= SAVEUIP(0x01, U3999) 01abd980 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U1eec: 013040034238 tmp4:= SELECTCC_DSZ32_CONDZ(tmp8, 0x00000040) U1eed: 00241a03023a tmp0:= SHL_DSZ32(tmp10, 0x0000001a) U1eee: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 019ef580 ? SEQW GOTO U1ef5 U1ef0: 0062f61f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U1ef1: 000400031c70 tmp1:= AND_DSZ32(tmp0, tmp1) U1ef2: 023160031231 tmp1:= SELECTCC_DSZ32_CONDNS(tmp1, 0x00000060) U1ef4: 000100034d31 tmp4:= OR_DSZ32(tmp1, tmp4) U1ef5: 01420f000d00 UFLOWCTRL(USTATE, tmp4) U1ef6: 0008c51f9008 tmp9:= ZEROEXT_DSZ32(0x000007c5) U1ef8: 0008ff7f001f tmp0:= ZEROEXT_DSZ32(0xffffffffffffffff) U1ef9: 0021370b0430 tmp0:= CONCAT_DSZ32(tmp0, 0xffead800) U1efa: 100a20000200 TESTUSTATE(SYS, UST_SMM) 018836c0 ? SEQW GOTO U0836 U1efc: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 019f0000 ? SEQW GOTO U1f00 U1efd: 000700031efa tmp1:= NOTAND_DSZ32(tmp10, tmp11) U1efe: 186a115c0271 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000005, generate_#GP) U1f00: 004400030eb0 tmp0:= AND_DSZ64(tmp0, tmp10) U1f01: 100a0007123a tmp1:= TESTUSTATE(tmp10, SYS, UST_VMX_OP_DIS) 019f0540 ? SEQW GOTO U1f05 U1f02: 186b115c02fa BTUJNB_DIRECT_NOTTAKEN(tmp10, 0x0000000d, generate_#GP) U1f04: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U1f05: 000a00a00200 TESTUSTATE(UCODE, !0x0800) 019f0840 ? SEQW GOTO U1f08 U1f06: 186a115c02f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, generate_#GP) U1f08: 006335031200 LFNCEMARK-> tmp1:= READURAM(0x0035, 64) U1f09: 006514031231 tmp1:= SHR_DSZ64(tmp1, 0x00000014) U1f0a: 0004e1031c50 tmp1:= AND_DSZ32(0x00200000, tmp1) U1f0c: 004700030c31 tmp0:= NOTAND_DSZ64(tmp1, tmp0) U1f0d: 006377031200 tmp1:= READURAM(0x0077, 64) U1f0e: 00651c031231 tmp1:= SHR_DSZ64(tmp1, 0x0000001c) U1f10: 00635c032200 tmp2:= READURAM(0x005c, 64) U1f11: 00650b032232 tmp2:= SHR_DSZ64(tmp2, 0x0000000b) U1f12: 000700031cb1 tmp1:= NOTAND_DSZ32(tmp1, tmp2) U1f14: 000400031331 tmp1:= AND_DSZ32(tmp1, 0x00008000) U1f15: 004700030c31 tmp0:= NOTAND_DSZ64(tmp1, tmp0) U1f16: 0151111c0270 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U1f18: 015156340278 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U2d56) 06083600 SEQW GOTO U0836 ------------------------------------------------------------------------------------ U1f19: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U1f1a: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U1f1c: 286b1d3c023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U1f1d) 081f1a00 SEQW GOTO U1f1a ------------------------------------------------------------------------------------ U1f1d: 10422c080256 MOVETOCREG_DSZ64(tmpv2, 0x22c, 32) U1f1e: 10422b080255 MOVETOCREG_DSZ64(tmpv1, 0x22b, 32) U1f20: 304229080254 MOVETOCREG_DSZ64(tmpv0, 0x229, 32) U1f21: 30622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U1f22: 086b8e18023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U068e) 091f2180 SEQW GOTO U1f21 ------------------------------------------------------------------------------------ U1f24: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U1f25: 0062f01f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7f0) U1f26: 000701430230 tmp0:= NOTAND_DSZ32(tmp0, 0x00001001) U1f28: 0150297c0230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U1f29) 09008e00 SEQW GOTO U008e ------------------------------------------------------------------------------------ U1f29: 00621b030200 tmp0:= MOVEFROMCREG_DSZ64(0x01b) U1f2a: 0042521c0230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x752) U1f2c: 0062b1030200 tmp0:= MOVEFROMCREG_DSZ64(0x0b1) U1f2d: 000707030230 tmp0:= NOTAND_DSZ32(tmp0, 0x00000007) U1f2e: 006288031200 tmp1:= MOVEFROMCREG_DSZ64(0x088) U1f30: 0004c8031c50 tmp1:= AND_DSZ32(0x00100000, tmp1) U1f31: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U1f32: 0151ec5c0230 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, uend) U1f34: 1008ff7f101f tmp1:= ZEROEXT_DSZ32N(0xffffffffffffffff) U1f35: 00543f031231 tmp1:= BT_DSZ64(tmp1, 0x0000003f) U1f36: 007340030231 tmp0:= SELECTCC_DSZ64_CONDNB(tmp1, 0x00000040) U1f38: 000863033008 tmp3:= ZEROEXT_DSZ32(0x00000063) U1f39: 013ea3031c48 tmp1:= MOVEMERGEFLGS_DSZ32(0x000000a3, tmp1) U1f3a: 003600033cf1 tmp3:= CMOVCC_DSZ32_CONDB(tmp1, tmp3) U1f3c: 0062f01f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7f0) U1f3d: 00540d031231 tmp1:= BT_DSZ64(tmp1, 0x0000000d) U1f3e: 007220032231 tmp2:= SELECTCC_DSZ64_CONDB(tmp1, 0x00000020) U1f40: 000100030c32 tmp0:= OR_DSZ32(tmp2, tmp0) U1f41: 002408030230 tmp0:= SHL_DSZ32(tmp0, 0x00000008) U1f42: 0001024b0c08 tmp0:= OR_DSZ32(0x00001202, tmp0) U1f44: 100800032034 tmp2:= ZEROEXT_DSZ32N(tmp4) U1f45: 006410032232 tmp2:= SHL_DSZ64(tmp2, 0x00000010) U1f46: 004130030c32 ROVR<- tmp0:= OR_DSZ64(tmp2, tmp0) 01e5b89e SEQW SAVEUIP1 U1f48 SEQW GOTO U65b8 U1f48: 0052507c0231 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, U1f50) U1f49: 000d10800000 SAVEUIP_REGOVR(0x01, U1f4a, 0x0010) 01850c40 SEQW GOTO U050c U1f4a: 006408014214 tmpv0:= SHL_DSZ64(tmpv0, 0x00000008) U1f4c: 00c87d014508 tmpv0:= ZEROEXT_DSZ8(0x0000007d, tmpv0) U1f4d: 000871015008 tmpv1:= ZEROEXT_DSZ32(0x00000071) 01e5b855 SEQW SAVEUIP1 U1f4e SEQW GOTO U65b8 U1f4e: 000800000000 NOP U1f50: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 02271170 SEQW UEND0 ------------------------------------------------------------------------------------ U1f51: 0eff00000000 unk_eff(0x00000000) 02271170 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U1f52: 006343031200 tmp1:= READURAM(0x0043, 64) U1f54: 006357034200 tmp4:= READURAM(0x0057, 64) U1f55: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71140 ? SEQW GOTO generate_#GP U1f56: 0040e8074d08 tmp4:= ADD_DSZ64(0x000001e8, tmp4) U1f58: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 0197ca00 ? SEQW GOTO U17ca U1f59: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U1f5a: 286bcadc02f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000f, U17ca) U1f5c: 096272000300 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U1f5d: 0150a51002b6 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U44a5) U1f5e: 0e65f8071db4 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, tmp6, 0xfffffffffffffff8, mode=0x01) U1f60: 2928ca1c0ef1 CMPUJZ_DIRECT_NOTTAKEN(tmp1, tmp11, U17ca) U1f61: 000508036d88 tmp6:= SUB_DSZ32(0x00000008, tmp6) 019f5d40 SEQW GOTO U1f5d ------------------------------------------------------------------------------------ U1f62: 10c81b839008 tmp9:= ZEROEXT_DSZ8N(IMM_MACRO_1b) U1f64: 006370030200 LFNCEWAIT-> tmp0:= READURAM(0x0070, 64) U1f65: 100ac0837200 tmp7:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 02628440 ? SEQW GOTO U6284 U1f66: 00634c037200 tmp7:= READURAM(0x004c, 64) U1f68: 100a80831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_GUEST) 019f6a00 ? SEQW GOTO U1f6a U1f69: 006343031200 tmp1:= READURAM(0x0043, 64) U1f6a: 004100031c77 tmp1:= OR_DSZ64(tmp7, tmp1) U1f6c: 006537031231 tmp1:= SHR_DSZ64(tmp1, 0x00000037) U1f6d: 186b84490271 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000005, U6284) U1f6e: 005632031230 tmp1:= BTR_DSZ64(tmp0, 0x00000032) U1f70: 09a208000631 LFNCEWAIT-> MOVETOCREG_SHR_DSZ64(tmp1, 0x00000020, 0x008) U1f71: 003300130231 tmp0:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00000400) 02628640 SEQW GOTO U6286 ------------------------------------------------------------------------------------ U1f72: 000810071008 tmp1:= ZEROEXT_DSZ32(0x00000110) U1f74: 30429e080271 MOVETOCREG_DSZ64(tmp1, 0x29e, 32) U1f75: 000d01800000 SAVEUIP_REGOVR(0x01, U1f76, 0x0001) 01ab1540 SEQW GOTO lbsync_full U1f76: 0eef00000000 unk_eef(0x00000000) U1f78: 000d01800000 SAVEUIP_REGOVR(0x01, U1f79, 0x0001) 01ab1500 SEQW GOTO lbsync_full U1f79: 1062240b1240 tmp1:= MOVEFROMCREG_DSZ64(0x224, 32) U1f7a: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U1f7c: 00542b030230 tmp0:= BT_DSZ64(tmp0, 0x0000002b) U1f7d: 003200031c70 tmp1:= SELECTCC_DSZ32_CONDB(tmp0, tmp1) U1f7e: 200a08000200 TESTUSTATE(VMX, 0x0008) 01c8e280 ? SEQW GOTO U48e2 U1f80: 000824030008 tmp0:= ZEROEXT_DSZ32(0x00000024) U1f81: 0048f3031031 ROVR<- tmp1:= ZEROEXT_DSZ64(tmp1) 018000dd SEQW SAVEUIP1 U1f82 U1f82: 000c9d9c0200 SAVEUIP(0x01, U079d) U1f84: 00080a033008 tmp3:= ZEROEXT_DSZ32(0x0000000a) 019d9000 SEQW GOTO U1d90 ------------------------------------------------------------------------------------ U1f85: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U1f86: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U1f88: 0e7d0003303c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp3) U1f89: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U1f8a: 0e7d0003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp4) U1f8c: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U1f8d: 0e7d0003503c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp5) U1f8e: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ do_smm_vmexit: U1f90: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) do_smm_vmexit_ovr_enter_rip: U1f91: 00080003a000 tmp10:= ZEROEXT_DSZ32(0x00000000) U1f92: 0008957f5008 tmp5:= ZEROEXT_DSZ32(0x00001f95) U1f94: 100a20838240 tmp8:= TESTUSTATE(SYS, !UST_SMM | 0x2000) 0684c400 ? SEQW GOTO U04c4 U1f95: 000900000000 LFNCEWTMRK-> MOVE_DSZ32(0x00000000) U1f96: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U1f98: 00635c03e200 tmp14:= READURAM(0x005c, 64) U1f99: 006311039200 tmp9:= READURAM(0x0011, 64) U1f9a: 386aa99402be BTUJB_DIRECT_NOTTAKEN(tmp14, 0x0000000a, U35a9) U1f9c: 0e65d8078e48 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000d8, mode=0x01) U1f9d: 0ecb00040038 LDHINT_CACHEALL_ASZ64_SC1(tmp8) U1f9e: 004800039e39 tmp9:= ZEROEXT_DSZ64(tmp9, tmp8) U1fa0: 0e65c8077e48 tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000c8, mode=0x01) U1fa1: 0ecb00040037 LDHINT_CACHEALL_ASZ64_SC1(tmp7) U1fa2: 00040013fc08 tmp15:= AND_DSZ32(0x00000400, tmp0) U1fa4: 017e1083ffc8 tmp15:= MOVEMERGEFLGS_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION, tmp15) U1fa5: 017400033cff tmp3:= CMOVCC_DSZ64_CONDZ(tmp15, tmp3) U1fa6: 000100130c08 tmp0:= OR_DSZ32(0x00000400, tmp0) U1fa8: 100a80835200 tmp5:= TESTUSTATE(SYS, !UST_VMX_GUEST) 019fad00 ? SEQW GOTO U1fad U1fa9: 00635703b200 tmp11:= READURAM(0x0057, 64) U1faa: 000801035008 tmp5:= ZEROEXT_DSZ32(0x00000001) U1fac: 0e6db807be4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000004b8, mode=0x01, tmp11) U1fad: 0e2db4075e4c STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000004b4, mode=0x01, tmp5) U1fae: 000001000000ROVR<-LFNCEWAIT-> NOP 0372629e SEQW SAVEUIP1 U1fb0 SEQW GOTO U7262 U1fb0: 0008e507f008 tmp15:= ZEROEXT_DSZ32(0x000001e5) U1fb1: 00420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U1fb2: 0e6d08071e4d STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000508, mode=0x01, tmp1) U1fb4: 00040007fd08 tmp15:= AND_DSZ32(0x00000100, tmp4) U1fb5: 00241403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000014) U1fb6: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U1fb8: 006213174200 LFNCEMARK-> tmp4:= MOVEFROMCREG_DSZ64(0x513) U1fb9: 1062810be240 tmp14:= MOVEFROMCREG_DSZ64(0x281, 32) U1fba: 0042fe1c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U1fbc: 000a00031240 tmp1:= TESTUSTATE(UCODE, 0x2000) 019fc200 ? SEQW GOTO U1fc2 U1fbd: 0062c31bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c3) U1fbe: 00072003ffc8 tmp15:= NOTAND_DSZ32(0x00000020, tmp15) U1fc0: 2042c318023f MOVETOCREG_DSZ64(tmp15, 0x6c3) U1fc1: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U1fc2: 0e6df0071e4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000004f0, mode=0x01, tmp1) U1fc4: 006288031200 tmp1:= MOVEFROMCREG_DSZ64(0x088) U1fc5: 2e7d007f100d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000bf00, tmp1) U1fc6: 10620f0b2240 tmp2:= MOVEFROMCREG_DSZ64(0x20f, 32) U1fc8: 004000131e48 tmp1:= ADD_DSZ64(0x00000400, tmp9) 01b18e10 SEQW SAVEUIP0 U1fc9 SEQW GOTO U318e U1fc9: 0042f81c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f8) U1fca: 1062df0bc240 tmp12:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U1fcc: 004800024037 rsp:= ZEROEXT_DSZ64(tmp7) U1fcd: 0e6d20072e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000320, mode=0x01, tmp2) U1fce: 0042c0180200 MOVETOCREG_DSZ64(0x00000000, 0x6c0) U1fd0: 00428e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x78e) U1fd1: 00637003d200 tmp13:= READURAM(0x0070, 64) U1fd2: 0902c6dc0200 LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x7c6) U1fd4: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) 01ea4c14 SEQW SAVEUIP1 U1fd5 SEQW GOTO U6a4c U1fd5: 20421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U1fd6: 004314080200 WRITEURAM(0x00000000, 0x0014, 32) U1fd8: 096207000280 MOVETOCREG_BTS_DSZ64(0x00000008, 0x007) U1fd9: 0e2dcc071e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001cc, mode=0x01, tmp1) 0199c455 SEQW SAVEUIP1 U1fda SEQW GOTO U19c4 U1fda: 00434c000234 WRITEURAM(tmp4, 0x004c, 64) U1fdc: 004213140200 MOVETOCREG_DSZ64(0x00000000, 0x513) U1fdd: 0a6f00834000 tmp4:= unk_a6f(0x00000000) U1fde: 00480083b008 SYNCMARK-> tmp11:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_IMMEDIATE) U1fe0: 0e6da007ee4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000004a0, mode=0x01, tmp14) U1fe1: 0e6d9807de4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000498, mode=0x01, tmp13) U1fe2: 004707036d88 tmp6:= NOTAND_DSZ64(0x00000007, tmp6) U1fe4: 00211803f008 tmp15:= CONCAT_DSZ32(0x00000018) U1fe5: 004700036dbf tmp6:= NOTAND_DSZ64(tmp15, tmp6) U1fe6: 00431f000236 WRITEURAM(tmp6, 0x001f, 64) U1fe8: 00635c033200 tmp3:= READURAM(0x005c, 64) U1fe9: 000400635d48 tmp5:= AND_DSZ32(0x00001800, tmp5) U1fea: 1042f91c0275 MOVETOCREG_DSZ64(tmp5, 0x7f9, 32) U1fec: 025500000e00 LFNCEWAIT-> FETCHFROMEIP1_ASZ64(tmp8) U1fed: 004267000238 MOVETOCREG_DSZ64(tmp8, CORE_CR_CUR_RIP) U1fee: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U1ff0: 001408033233 tmp3:= BT_DSZ32(tmp3, 0x00000008) U1ff1: 003202033233 tmp3:= SELECTCC_DSZ32_CONDB(tmp3, 0x00000002) U1ff2: 00410003df73 tmp13:= OR_DSZ64(tmp3, tmp13) 01d72192 SEQW SAVEUIP0 U1ff4 SEQW GOTO U5721 U1ff4: 213f00000000 LFNCEMARK-> unk_13f(0x00000000) U1ff5: 0e6d88074e4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000488, mode=0x01, tmp4) U1ff6: 0e6d9007be4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000490, mode=0x01, tmp11) U1ff8: 0e6d80071e4c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000480, mode=0x01, tmp1) U1ff9: 0004390b1c10 tmp1:= AND_DSZ32(0xfff101ff, tmp0) U1ffa: 0007eb031c50 tmp1:= NOTAND_DSZ32(0x00300000, tmp1) U1ffc: 0e2d3c071e4a STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x0000023c, mode=0x01, tmp1) U1ffd: 004313080231 WRITEURAM(tmp1, 0x0013, 32) U1ffe: 386ae0a807bc SYNCWAIT-> BTUJB_DIRECT_NOTTAKEN(tmp12, 0x0000003a, U3ae0) 0b008e80 SEQW GOTO U008e ------------------------------------------------------------------------------------ U2000: 00626803f200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) U2001: 00044603ffd0 tmp15:= AND_DSZ32(0x0000ffff, tmp15) U2002: 00643003f23f tmp15:= SHL_DSZ64(tmp15, 0x00000030) U2004: 00430e04023f WRITEURAM(tmp15, 0x010e, 64) U2005: 1062230bf240 tmp15:= MOVEFROMCREG_DSZ64(0x223, 32) U2006: 00160503f23f tmp15:= BTR_DSZ32(tmp15, 0x00000005) 01b47d80 SEQW GOTO U347d ------------------------------------------------------------------------------------ U2008: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U2009: 000c46b80240 SAVEUIP(0x01, U2e46) 01840c40 SEQW GOTO U040c ------------------------------------------------------------------------------------ U200a: 0040c8030d48 tmp0:= ADD_DSZ64(0x000000c8, tmp5) U200c: 0d6808030e74 unk_d68(tmp4, tmp9, tmp0) U200d: 0d6020030e74 tmp0:= unk_d60(tmp4, tmp9) U200e: 3042e01c0270 MOVETOCREG_DSZ64(tmp0, 0x7e0, 32) 01ba2d80 SEQW GOTO U3a2d ------------------------------------------------------------------------------------ U2010: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U2011: 000c98f7e208 tmp14:= SAVEUIP(0x01, U1d98) 01a01a40 SEQW GOTO U201a ------------------------------------------------------------------------------------ U2012: 00627003d200 tmp13:= MOVEFROMCREG_DSZ64(0x070) U2014: 00040203df48 tmp13:= AND_DSZ32(0x00000002, tmp13) U2015: 00240303d23d tmp13:= SHL_DSZ32(tmp13, 0x00000003) U2016: 20423a18023d SYNCFULL-> MOVETOCREG_DSZ64(tmp13, 0x63a) 090000ce SEQW URET1 ------------------------------------------------------------------------------------ U2018: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U2019: 000c44f7e208 tmp14:= SAVEUIP(0x01, U1d44) U201a: 0004fc03dd88 tmp13:= AND_DSZ32(0x000000fc, tmp6) U201c: 00051403df48 tmp13:= SUB_DSZ32(0x00000014, tmp13) U201d: 0062011ff200 tmp15:= MOVEFROMCREG_DSZ64(0x701) U201e: 00074703f43f tmp15:= NOTAND_DSZ32(tmp15, 0x00010000) 01de5a80 SEQW GOTO U5e5a ------------------------------------------------------------------------------------ U2020: 1c0000231027 tmp1:= LDZX_DSZN_ASZ32_SC1(rdi, mode=0x08) U2021: 10050003a831 tmp10:= SUB_DSZN(tmp1, rax) U2022: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) U2024: 108501034d08 MSLOOP-> tmp4:= SUB_DSZN(0x00000001, tmp4) U2025: 015f6410023a UJMPCC_DIRECT_TAKEN_CONDZ(tmp10, U0464) U2026: 015064100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U0464) 01a020a4 SEQW GOTO U2020 ------------------------------------------------------------------------------------ U2028: 000cb4f40280 SAVEUIP(0x01, U5db4) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2029: 00330103323b tmp3:= SELECTCC_DSZ32_CONDNB(tmp11, 0x00000001) U202a: 000400033cf6 tmp3:= AND_DSZ32(tmp6, tmp3) U202c: 07020003b033 tmm3:= unk_702(mm3) U202d: 049600039ef9 tmm1:= unk_496(tmm1, tmm3) U202e: 04b40003be40 tmm3:= FMOV(tmm1) 01a28180 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U2030: 000ccad802c0 SAVEUIP(0x01, U76ca) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2031: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U2032: 0e750003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2034: 0e752003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U2035: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U2036: 000800038d78 tmp8:= ZEROEXT_DSZ32(tmp8, tmp5) U2038: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U2039: 104200035e36 LFNCEWAIT-> tmp5:= MOVETOCREG_DSZ64(tmp6, tmp8) U203a: 000800039d79 tmp9:= ZEROEXT_DSZ32(tmp9, tmp5) U203c: 104200035e72 tmp5:= MOVETOCREG_DSZ64(tmp2, tmp9) U203d: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01a03140 ? SEQW GOTO U2031 U203e: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U2040: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U2041: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2042: 00043e03ffc8 tmp15:= AND_DSZ32(0x0000003e, tmp15) U2044: 00050c03ffc8 tmp15:= SUB_DSZ32(0x0000000c, tmp15) U2045: 01501148027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U3211) U2046: 00620c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x00c) 01adc280 SEQW GOTO U2dc2 ------------------------------------------------------------------------------------ U2048: 0062011ff200 tmp15:= MOVEFROMCREG_DSZ64(0x701) U2049: 0962019c02ff LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp15, 0x0000000e, 0x701) U204a: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U204c: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U204d: 10450003efbf tmp14:= SUB_DSZN(tmp15, tmp14) U204e: 00426700023e MOVETOCREG_DSZ64(tmp14, CORE_CR_CUR_RIP) 01870580 SEQW GOTO U0705 ------------------------------------------------------------------------------------ U2050: 000cbc900200 SAVEUIP(0x01, U04bc) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2051: 0008c33b000b tmp0:= ZEROEXT_DSZ32(0x00006ec3) U2052: 00a1a70f02b0 tmp0:= CONCAT_DSZ16(tmp0, 0x000043a7) U2054: 00086d6ff009 tmp15:= ZEROEXT_DSZ32(0x00003b6d) U2055: 00a1104bf27f tmp15:= CONCAT_DSZ16(tmp15, 0x00003210) U2056: 002100030ff0 tmp0:= CONCAT_DSZ32(tmp0, tmp15) 01a3a180 SEQW GOTO U23a1 ------------------------------------------------------------------------------------ U2058: 000000000000 NOP U2059: 015d00000fc0 SYNCFULL-> UJMP(tmp15) ------------------------------------------------------------------------------------ U205a: 186a11dc02bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000b, generate_#GP) 088a9596 SEQW SAVEUIP1 U205c SEQW GOTO U0a95 U205c: 0008d8071010 tmp1:= ZEROEXT_DSZ32(0x60000000) U205d: 000805032008 tmp2:= ZEROEXT_DSZ32(0x00000005) U205e: 000840033008 tmp3:= ZEROEXT_DSZ32(0x00000040) 019ac980 SEQW GOTO U1ac9 ------------------------------------------------------------------------------------ U2060: 0062e11ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7e1) U2061: 286a7525023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5975) U2062: 00635c030200 tmp0:= READURAM(0x005c, 64) U2064: 00472e070c10 tmp0:= NOTAND_DSZ64(0x00e00000, tmp0) U2065: 20435c000230 WRITEURAM(tmp0, 0x005c, 64) U2066: 00630703f200 tmp15:= READURAM(0x0007, 64) U2068: 20435008023f WRITEURAM(tmp15, 0x0050, 32) U2069: 00251403f23f tmp15:= SHR_DSZ32(tmp15, 0x00000014) U206a: 2928ed9d023f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000002, U57ed) U206c: 000ceddc0280 SAVEUIP(0x01, U57ed) 08a8f500 SEQW GOTO U28f5 ------------------------------------------------------------------------------------ U206d: 01420f000d00 SYNCFULL-> UFLOWCTRL(USTATE, tmp4) U206e: 0008f61f9008 tmp9:= ZEROEXT_DSZ32(0x000007f6) U2070: 004200000e7a LFNCEWAIT-> MOVETOCREG_DSZ64(tmp10, tmp9) U2071: 000a20000200 TESTUSTATE(UCODE, 0x0020) 020bb840 ? SEQW GOTO U0bb8 U2072: 000cecdc0200 SAVEUIP(0x01, uend) U2074: 000900000000 MOVE_DSZ32(0x00000000) U2075: 0fef01000000 LBSYNC(0x00000001) U2076: 0fef07000000 SYNCFULL-> LBSYNC(0x00000007) 09016480 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U2078: 000000000000 NOP U2079: 000000000000 NOP U207a: 000000000000 NOP U207c: 000000000000 NOP U207d: 020301036200 tmp6:= unk_203(0x00000001) U207e: 0150111c0276 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, generate_#GP) 070c3c80 SEQW GOTO U0c3c ------------------------------------------------------------------------------------ U2080: 000c0c9c02c0 SAVEUIP(0x01, U670c) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2081: 002507030230 tmp0:= SHR_DSZ32(tmp0, 0x00000007) U2082: 2042c5180230 MOVETOCREG_DSZ64(tmp0, 0x6c5) U2084: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U2085: 006320031200 tmp1:= READURAM(0x0020, 64) U2086: 186af2d503f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001f, U65f2) 018c5280 SEQW GOTO U0c52 ------------------------------------------------------------------------------------ U2088: 10629f0b9240 tmp9:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U2089: 1062c40b6240 tmp6:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U208a: 004700039e76 tmp9:= NOTAND_DSZ64(tmp6, tmp9) U208c: 004400239e48 tmp9:= AND_DSZ64(0x00000800, tmp9) 01cb220e SEQW GOTO U4b22 ------------------------------------------------------------------------------------ U208d: 00080103f008 tmp15:= ZEROEXT_DSZ32(0x00000001) U208e: 2d0f1447f00a PORTOUT_DSZ32_ASZ16_SC1(0x00005114, tmp15) 01cb220e SEQW URET1 ------------------------------------------------------------------------------------ U2090: 000c30c40240 SAVEUIP(0x01, U3130) 0918d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2091: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U2092: 186a910002b1 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U2091) U2094: 10628f0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x38f, 32) U2095: 386beaec0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000003, U3bea) U2096: 0008aa5fe009 tmp14:= ZEROEXT_DSZ32(0x000037aa) 01bdc280 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ U2098: 006307030200 tmp0:= READURAM(0x0007, 64) U2099: 004378080230 WRITEURAM(tmp0, 0x0078, 32) U209a: 1062dc0b9240 tmp9:= MOVEFROMCREG_DSZ64(0x2dc, 32) U209c: 00040f070c10 tmp0:= AND_DSZ32(0x00600000, tmp0) U209d: 0005e1030c10 tmp0:= SUB_DSZ32(0x00200000, tmp0) U209e: 015104200270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U2804) 01a80180 SEQW GOTO U2801 ------------------------------------------------------------------------------------ U20a0: 000c7c940200 SAVEUIP(0x01, U057c) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20a1: 000501032c48 tmp2:= SUB_DSZ32(0x00000001, tmp1) U20a2: 07c20003ce72 tmm4:= unk_7c2(mm2, tmm1) U20a4: 04960003cf3c tmm4:= unk_496(tmm4, tmm4) U20a5: 06a70003ae39 tmm2:= unk_6a7(tmm1, tmm0) U20a6: 076a0003603a mm6:= unk_76a(tmm2) 01c10d80 SEQW GOTO U410d ------------------------------------------------------------------------------------ U20a8: 006268030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) U20a9: 0085946b0c09 tmp0:= SUB_DSZ16(0x00003a94, tmp0) U20aa: 015096680270 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U3a96) U20ac: 00630f03b200 tmp11:= READURAM(0x000f, 64) U20ad: 000470031ec8 tmp1:= AND_DSZ32(0x00000070, tmp11) U20ae: 015128040271 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U2128) 053c8a80 SEQW GOTO U3c8a ------------------------------------------------------------------------------------ U20b0: 00630703f200 tmp15:= READURAM(0x0007, 64) U20b1: 00437808023f WRITEURAM(tmp15, 0x0078, 32) 0198d055 SEQW SAVEUIP1 U20b2 SEQW GOTO U18d0 U20b2: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U20b4: 1062810b3240 tmp3:= MOVEFROMCREG_DSZ64(0x281, 32) U20b5: 000700032cb3 tmp2:= NOTAND_DSZ32(tmp3, tmp2) 01e36c4e SEQW GOTO U636c ------------------------------------------------------------------------------------ U20b6: 000cb623d208 tmp13:= SAVEUIP(0x00, U08b6) 01e36c4e SEQW URET1 ------------------------------------------------------------------------------------ U20b8: 19629e0802c0 MOVETOCREG_BTS_DSZ64(0x0000000c, 0x29e) U20b9: 000d0e800000 SAVEUIP_REGOVR(0x01, U20ba, 0x000e) 01ab1540 SEQW GOTO lbsync_full U20ba: 000800000000 NOP U20bc: 000c79e00200 SAVEUIP(0x01, U1879) 0898d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20bd: 1062850b1240 SYNCFULL-> tmp1:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U20be: 2d0b0413200c tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x00008404) U20c0: 186bc68002b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, U20c6) U20c1: 186ac2000232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000000, U20c2) 01dd6540 SEQW GOTO U5d65 ------------------------------------------------------------------------------------ U20c2: 186bc64002b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000009, U20c6) U20c4: 2d0b005f100c tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00009700) U20c5: 186bc6400231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U20c6) 01dd6540 SEQW GOTO U5d65 ------------------------------------------------------------------------------------ U20c6: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U20c8: 000c15fc0240 SAVEUIP(0x01, U3f15) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20c9: 07040003a030 tmm2:= unk_704(mm0) U20ca: 06440000803a mm0:= unk_644(tmm2) U20cc: 000846031010 tmp1:= ZEROEXT_DSZ32(0x0000ffff) U20cd: 07c200038e31 tmm0:= unk_7c2(mm1, tmm0) U20ce: 24b471809e00 mm7:= FMOV(tmm0) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U20d0: 00630f03b200 tmp11:= READURAM(0x000f, 64) U20d1: 00434800023b WRITEURAM(tmp11, 0x0048, 64) U20d2: 000c7db40200 SAVEUIP(0x01, U0d7d) 0198d080 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20d4: 2928b8310031 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U5cb8) U20d5: 2928d9710231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U5cd9) U20d6: 204322000213 WRITEURAM(tmp7, 0x0022, 64) 01a17c80 SEQW GOTO U217c ------------------------------------------------------------------------------------ U20d8: 00630f03b200 tmp11:= READURAM(0x000f, 64) U20d9: 00434800023b WRITEURAM(tmp11, 0x0048, 64) U20da: 000c29e80200 SAVEUIP(0x01, U1a29) 0198d080 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20dc: 092812010031 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U4012) U20dd: 092822410231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U4022) U20de: 206322013200 tmp7:= READURAM(0x0022, 64) 01a17c80 SEQW GOTO U217c ------------------------------------------------------------------------------------ U20e0: 000c81e80240 SAVEUIP(0x01, U3a81) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U20e1: 072a00032038 mm2:= unk_72a(tmm0) U20e2: 07430003efb2 tmm6:= unk_743(mm2, tmm6) U20e4: 04830003df3e tmm5:= unk_483(tmm6, tmm4) U20e5: 053f0003df79 tmm5:= unk_53f(tmm1, tmm5) U20e6: 26ee0003f03d LFNCEMARK-> tmm7:= unk_6ee(tmm5) 0501a280 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U20e8: 09620b400200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x00b) U20e9: 09623a180240 MOVETOCREG_BTS_DSZ64(0x00000004, 0x63a) U20ea: 00623e1b0200 tmp0:= MOVEFROMCREG_DSZ64(0x63e) U20ec: 002508031230 tmp1:= SHR_DSZ32(tmp0, 0x00000008) U20ed: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U20ee: 0004f03f0c08 tmp0:= AND_DSZ32(0x00000ff0, tmp0) 0186de80 SEQW GOTO U06de ------------------------------------------------------------------------------------ U20f0: 072c0003303c tmp3:= PINTMOVDTMM2I_DSZ32(tmm4) U20f1: 00043f033cc8 tmp3:= AND_DSZ32(0x0000003f, tmp3) U20f2: 06240003eefb tmm6:= unk_624(tmm3, tmm3) U20f4: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U20f5: 00043f034d08 tmp4:= AND_DSZ32(0x0000003f, tmp4) U20f6: 002406035234 tmp5:= SHL_DSZ32(tmp4, 0x00000006) U20f8: 000100035d73 tmp5:= OR_DSZ32(tmp3, tmp5) U20f9: 07040003e035 tmm6:= unk_704(mm5) U20fa: 06200403e03e tmm6:= unk_620(tmm6) U20fc: 072c0003203e tmp2:= PINTMOVDTMM2I_DSZ32(tmm6) U20fd: 000402035dc8 tmp5:= AND_DSZ32(0x00000002, tmp7) U20fe: 015100040275 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U2100) 01a10580 SEQW GOTO U2105 ------------------------------------------------------------------------------------ U2100: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) U2101: 006286133200 tmp3:= MOVEFROMCREG_DSZ64(0x486) U2102: 00c401034cc8 tmp4:= AND_DSZ8(0x00000001, tmp3) U2104: 015048640234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U1948) U2105: 000c36c80200 SAVEUIP(0x01, U1236) U2106: 015d00000c80 UJMP(tmp2) ------------------------------------------------------------------------------------ U2108: 0dff01000000 unk_dff(0x00000000) U2109: 29623a580200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x63a) U210a: 09023ed80240 MOVETOCREG_OR_DSZ64(0x00000007, 0x63e) U210c: 0eff00000000 unk_eff(0x00000000) U210d: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U210e: 00621017f200 tmp15:= MOVEFROMCREG_DSZ64(0x510) 01841c80 SEQW GOTO U041c ------------------------------------------------------------------------------------ U2110: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01f6a500 ? SEQW GOTO U76a5 U2111: 00622717f200 tmp15:= MOVEFROMCREG_DSZ64(0x527) U2112: 090227d4023f MOVETOCREG_OR_DSZ64(tmp15, 0x00000003, 0x527) U2114: 00620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) U2115: 00430c08023f WRITEURAM(tmp15, 0x000c, 32) U2116: 0fef01000000 LBSYNC(0x00000001) 01bd2680 SEQW GOTO U3d26 ------------------------------------------------------------------------------------ U2118: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U2119: 00621017f200 tmp15:= MOVEFROMCREG_DSZ64(0x510) U211a: 086a4ddc033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000013, U074d) U211c: 186ae64802bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000009, U22e6) U211d: 186ae68802bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000a, U22e6) U211e: 286aaa60027f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000005, U18aa) 01b2a980 SEQW GOTO U32a9 ------------------------------------------------------------------------------------ U2120: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U2121: 00622717f200 tmp15:= MOVEFROMCREG_DSZ64(0x527) U2122: 29622714023f MOVETOCREG_BTS_DSZ64(tmp15, 0x527) U2124: 00620c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x00c) U2125: 286a94ed033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000013, U5b94) U2126: 00620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) 01993980 SEQW GOTO U1939 ------------------------------------------------------------------------------------ U2128: 1062cd0bc240 tmp12:= MOVEFROMCREG_DSZ64(0x2cd, 32) U2129: 186adef5027c LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp12, 0x00000007, U6dde) U212a: 00631c030200 tmp0:= READURAM(0x001c, 64) U212c: 1042f1080270 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, 0x2f1, 32) U212d: 2d0fb4000008 PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, 0x00000000) U212e: 1062eb0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2eb, 32) U2130: 186b2e040230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U212e) U2131: 10629d0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x29d, 32) U2132: 1a629d480270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000005, 0x29d) U2134: 00630f03b200 tmp11:= READURAM(0x000f, 64) U2135: 00077003bec8 tmp11:= NOTAND_DSZ32(0x00000070, tmp11) U2136: 00430f08023b WRITEURAM(tmp11, 0x000f, 32) U2138: 00251003d23b tmp13:= SHR_DSZ32(tmp11, 0x00000010) U2139: 00040f03df48 tmp13:= AND_DSZ32(0x0000000f, tmp13) U213a: 29284dbd027d CMPUJZ_DIRECT_NOTTAKEN(tmp13, 0x00000006, U5f4d) U213c: 00040703dec8 tmp13:= AND_DSZ32(0x00000007, tmp11) U213d: 29284dfd023d CMPUJZ_DIRECT_NOTTAKEN(tmp13, 0x00000003, U5f4d) U213e: 000c4dfc0280 LFNCEMARK-> SAVEUIP(0x01, U5f4d) 05208d80 SEQW GOTO U208d ------------------------------------------------------------------------------------ U2140: 000ca9a80264 SAVEUIP(rsp, 0x01, U2aa9) 0518d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2141: 0dcb00030031 tmp0:= PORTIN_DSZ8_ASZ16_SC1(tmp1) U2142: 0dcb0103a031 LFNCEMARK-> tmp10:= PORTIN_DSZ8_ASZ16_SC1(tmp1) U2144: 00e100030c3a tmp0:= CONCAT_DSZ8(tmp10, tmp0) 095ac800 SEQW GOTO U5ac8 ------------------------------------------------------------------------------------ U2145: 00620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) U2146: 01420a000fc0 SYNCFULL-> UFLOWCTRL(URET0, tmp15) U2148: 00630c03f200 tmp15:= READURAM(0x000c, 64) 050000c8 SEQW URET0 ------------------------------------------------------------------------------------ U2149: 0d9b00030031 tmp0:= unk_d9b(tmp1) U214a: 0dcb0303a031 LFNCEMARK-> tmp10:= PORTIN_DSZ8_ASZ16_SC1(tmp1) U214c: 00072d0b0c10 tmp0:= NOTAND_DSZ32(0xff000000, tmp0) U214d: 00241803a23a tmp10:= SHL_DSZ32(tmp10, 0x00000018) U214e: 000100030eb0 tmp0:= OR_DSZ32(tmp0, tmp10) 01dac880 SEQW GOTO U5ac8 ------------------------------------------------------------------------------------ U2150: 1008000b4001 MSSTOP-> tmp4:= ZEROEXT_DSZ32N(r64dst) 051f242c SEQW GOTO U1f24 ------------------------------------------------------------------------------------ U2151: 0d8b00030031 tmp0:= PORTIN_DSZ16_ASZ16_SC1(tmp1) U2152: 0d8b0203a031 LFNCEMARK-> tmp10:= PORTIN_DSZ16_ASZ16_SC1(tmp1) U2154: 00a100030c3a tmp0:= CONCAT_DSZ16(tmp10, tmp0) 075ac82e SEQW GOTO U5ac8 ------------------------------------------------------------------------------------ U2155: 000000000000 NOP U2156: 0215002c0c40LFNCEWTMRK->MSSTOP-> FETCHFROMEIP1_ASZ32(tmp1) U2158: 001e00300c40 MSSTOP-> MJMPTARGET_INDIRECT_ASZ32(tmp1) 053dfa2c SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U2159: 0dcb00030031 tmp0:= PORTIN_DSZ8_ASZ16_SC1(tmp1) U215a: 0d9b0103a031 LFNCEMARK-> tmp10:= unk_d9b(tmp1) U215c: 00240803a23a tmp10:= SHL_DSZ32(tmp10, 0x00000008) 01a14e00 SEQW GOTO U214e ------------------------------------------------------------------------------------ U215d: 2d0bc043b00a tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000050c0) U215e: 00640803b23b tmp11:= SHL_DSZ64(tmp11, 0x00000008) U2160: 286b6cb102b6 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U5c6c) U2161: 0e2d00035d3b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4, tmp5) 0803e689 SEQW URET0 ------------------------------------------------------------------------------------ U2162: 2d0fd4000008 PORTOUT_DSZ32_ASZ16_SC1(0x000000d4, 0x00000000) 0803e689 SEQW GOTO U03e6 ------------------------------------------------------------------------------------ U2164: 3c0800634032 STAD_DSZ32_ASZ32_SC1(tmp2, mode=0x18, tmp4) U2165: 217400020ce0 rax:= CMOVCC_DSZ64_CONDZ(rax, tmp3) 01b95db1 SEQW UEND0 ------------------------------------------------------------------------------------ U2166: 000000000000 NOP 01b95db1 SEQW GOTO U395d ------------------------------------------------------------------------------------ U2168: 3c0800634032 STAD_DSZ32_ASZ32_SC1(tmp2, mode=0x18, tmp4) U2169: 21f500020831 rax:= CMOVCC_DSZ8_CONDNZ(tmp1, rax) 019a4db1 SEQW UEND0 ------------------------------------------------------------------------------------ U216a: 000000000000 NOP 019a4db1 SEQW GOTO U1a4d ------------------------------------------------------------------------------------ U216c: 0c0800633038 STAD_DSZ32_ASZ32_SC1(tmp8, mode=0x18, tmp3) U216d: 212f00000c32 unk_12f(tmp2, tmp0) 01ab65b1 SEQW UEND0 ------------------------------------------------------------------------------------ U216e: 000000000000 NOP 01ab65b1 SEQW GOTO U2b65 ------------------------------------------------------------------------------------ U2170: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U2171: 2d0f1047f00a PORTOUT_DSZ32_ASZ16_SC1(0x00005110, tmp15) 0183e48d SEQW URET1 ------------------------------------------------------------------------------------ U2172: 000000000000 NOP 0183e48d SEQW GOTO U03e4 ------------------------------------------------------------------------------------ U2174: 00080103f008 tmp15:= ZEROEXT_DSZ32(0x00000001) U2175: 2d0f1047f00a PORTOUT_DSZ32_ASZ16_SC1(0x00005110, tmp15) 0183e48d SEQW URET1 ------------------------------------------------------------------------------------ U2176: 000000000000 NOP 0183e48d SEQW GOTO U03e4 ------------------------------------------------------------------------------------ U2178: 0062fe1d4200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2179: 238000014500 tmpv0:= READAFLAGS(tmpv0) 02662a8d SEQW URET1 ------------------------------------------------------------------------------------ U217a: 2d0fd4000008 PORTOUT_DSZ32_ASZ16_SC1(0x000000d4, 0x00000000) 02662a8d SEQW GOTO U662a ------------------------------------------------------------------------------------ U217c: 206308030200 tmp0:= READURAM(0x0008, 64) U217d: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U217e: 01420e000c00 SYNCFULL-> UFLOWCTRL(MSLOOPCTR, tmp0) 09599280 SEQW GOTO U5992 ------------------------------------------------------------------------------------ U2180: 00628f137200 tmp7:= MOVEFROMCREG_DSZ64(0x48f) U2181: 06980003f800 LFNCEMARK-> tmm7:= unk_698(xmm0) U2182: 00620c035200 tmp5:= MOVEFROMCREG_DSZ64(0x00c) U2184: 000400132d48 tmp2:= AND_DSZ32(0x00000400, tmp5) U2185: 00628c138200 tmp8:= MOVEFROMCREG_DSZ64(0x48c) U2186: 002503032232 tmp2:= SHR_DSZ32(tmp2, 0x00000003) 01d9a580 SEQW GOTO U59a5 ------------------------------------------------------------------------------------ U2188: 00628f134200 tmp4:= MOVEFROMCREG_DSZ64(0x48f) U2189: 006213035200 tmp5:= MOVEFROMCREG_DSZ64(0x013) 01b51d40 SEQW GOTO U351d ------------------------------------------------------------------------------------ U218a: 006213170200 tmp0:= MOVEFROMCREG_DSZ64(0x513) U218c: 00217b03f010 tmp15:= CONCAT_DSZ32(0x00030000) U218d: 004700030c3f tmp0:= NOTAND_DSZ64(tmp15, tmp0) U218e: 204213140230 MOVETOCREG_DSZ64(tmp0, 0x513) U2190: 002189032432 tmp2:= CONCAT_DSZ32(tmp2, 0x00038003) 05252110 SEQW SAVEUIP0 U2191 SEQW GOTO U2521 U2191: 0cd300631178 tmp1:= LEA_DSZ8_ASZ32_SC1(DS, tmp8, r64idx, mode=0x18) U2192: 1d0400600178 LFNCEMARK-> unk_d04(tmp8, r64idx) U2194: 006225172200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(0x525) U2195: 0047ff3f0c88 tmp0:= NOTAND_DSZ64(0x00000fff, tmp2) U2196: 00621e17f200 tmp15:= MOVEFROMCREG_DSZ64(0x51e) U2198: 00460003fff0 tmp15:= XOR_DSZ64(tmp0, tmp15) U2199: 39283959023f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000001, U7639) U219a: 0004ff3ffc48 tmp15:= AND_DSZ32(0x00000fff, tmp1) U219c: 004100020c3f rax:= OR_DSZ64(tmp15, tmp0) U219d: 004800023031 rbx:= ZEROEXT_DSZ64(tmp1) U219e: 000478021c88 rcx:= AND_DSZ32(0x00000078, tmp2) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U21a0: 000801037008 tmp7:= ZEROEXT_DSZ32(0x00000001) 01a1810e SEQW GOTO U2181 ------------------------------------------------------------------------------------ U21a1: 2d0fc8030008 PORTOUT_DSZ32_ASZ16_SC1(0x000000c8, tmp0) U21a2: 000000000000 NOP 01a1810e SEQW URET1 ------------------------------------------------------------------------------------ U21a4: 000000000000 NOP U21a5: 0006be071c50 tmp1:= XOR_DSZ32(0x40000000, tmp1) U21a6: 186aa88403f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001e, U21a8) 01a1a980 SEQW GOTO U21a9 ------------------------------------------------------------------------------------ U21a8: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U21a9: 000800030030 tmp0:= ZEROEXT_DSZ32(tmp0) U21aa: 015d00000c40 UJMP(tmp1) ------------------------------------------------------------------------------------ U21ac: 00a100222889 rdx:= CONCAT_DSZ16(0x00002800, rdx) U21ad: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01a1b040 ? SEQW GOTO U21b0 U21ae: 000100222888 rdx:= OR_DSZ32(0x00000800, rdx) U21b0: 00650e03023a tmp0:= SHR_DSZ64(tmp10, 0x0000000e) U21b1: 0007c8030430 tmp0:= NOTAND_DSZ32(tmp0, 0x00100000) U21b2: 0001000228b0 rdx:= OR_DSZ32(tmp0, rdx) 01828280 SEQW GOTO U0282 ------------------------------------------------------------------------------------ U21b4: 2d4b4023000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x00004840) U21b5: 2d4b4823100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x00004848) U21b6: 000800020030 rax:= ZEROEXT_DSZ32(tmp0) 01a1c880 SEQW GOTO U21c8 ------------------------------------------------------------------------------------ U21b8: 000807030008 tmp0:= ZEROEXT_DSZ32(0x00000007) U21b9: 3902db080240 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000004, 0x2db) 04879e40 SEQW GOTO U079e ------------------------------------------------------------------------------------ U21ba: 000000000000 NOP U21bc: 2d4b5023000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x00004850) U21bd: 2d4b5823100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x00004858) U21be: 000800020030 rax:= ZEROEXT_DSZ32(tmp0) 01a1c880 SEQW GOTO U21c8 ------------------------------------------------------------------------------------ U21c0: 386bb9200235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U38b9) U21c1: 0008d12fe009 tmp14:= ZEROEXT_DSZ32(0x00002bd1) 01db2640 SEQW GOTO U5b26 ------------------------------------------------------------------------------------ U21c2: 000000000000 NOP U21c4: 2d4b6023000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x00004860) U21c5: 2d4b6823100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x00004868) U21c6: 000800020030 rax:= ZEROEXT_DSZ32(tmp0) U21c8: 006520023230 rbx:= SHR_DSZ64(tmp0, 0x00000020) U21c9: 000800021031 rcx:= ZEROEXT_DSZ32(tmp1) U21ca: 006520022231 rdx:= SHR_DSZ64(tmp1, 0x00000020) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U21cc: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U21cd: 015154180233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U0654) U21ce: 008110038e08 tmp8:= OR_DSZ16(0x00000010, tmp8) U21d0: 008410032c48 tmp2:= AND_DSZ16(0x00000010, tmp1) U21d1: 0150d93c02b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U4fd9) U21d2: 20428c100238 MOVETOCREG_DSZ64(tmp8, 0x48c) 01a1fe80 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U21d4: 000d23800000 SAVEUIP_REGOVR(0x01, U21d5, 0x0023) 01bc7200 SEQW GOTO U3c72 U21d5: 0053ec5c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp3, uend) U21d6: 022200031033 tmp1:= unk_222(tmp3) U21d8: 002408030231 tmp0:= SHL_DSZ32(tmp1, 0x00000008) U21d9: 003301033232 tmp3:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000001) U21da: 002500030cf0 tmp0:= SHR_DSZ32(tmp0, tmp3) 01a8ed80 SEQW GOTO U28ed ------------------------------------------------------------------------------------ U21dc: 000100062888 rdx:= OR_DSZ32(0x00000100, rdx) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U21dd: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U21de: 0151de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U56de) U21e0: 04940003ce40 tmm4:= unk_494(tmm1) U21e1: 057f0003cf3a tmm4:= unk_57f(tmm2, tmm4) U21e2: 24820003fe7c LFNCEWAIT-> tmm7:= unk_482(tmm4, tmm1) 03040480 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U21e4: 006310030200 tmp0:= READURAM(0x0010, 64) U21e5: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U21e6: 022200030030 tmp0:= unk_222(tmp0) U21e8: 000520030230 tmp0:= SUB_DSZ32(tmp0, 0x00000020) U21e9: 00c020420270 rax:= ADD_DSZ8(tmp0, 0x00003020) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U21ea: 07c200038235 tmm0:= unk_7c2(mm5, 0x00000000) U21ec: 069d00038e00 tmm0:= unk_69d(tmm0) U21ed: 06a000039000 tmp9:= unk_6a0(0x00000000) U21ee: 29028c138638 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp8, 0x00000020, 0x48c) U21f0: 26a100008e39 LFNCEWAIT-> mm0:= unk_6a1(tmm1, tmm0) U21f1: 000800000000 NOP U21f2: 000800000000 NOP U21f4: 008420037c48 LFNCEMARK-> tmp7:= AND_DSZ16(0x00000020, tmp1) U21f5: 000800000000 NOP U21f6: 000800000000 NOP U21f8: 00628c138200 LFNCEWAIT-> tmp8:= MOVEFROMCREG_DSZ64(0x48c) U21f9: 00012a039e10 tmp9:= OR_DSZ32(0x00008080, tmp8) U21fa: 017e00039df9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp7) U21fc: 01b400039e39 tmp9:= CMOVCC_DSZ16_CONDZ(tmp9, tmp8) U21fd: 20428c100239 MOVETOCREG_DSZ64(tmp9, 0x48c) U21fe: 000000000000 SYNCFULL-> NOP 0917ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U2200: 0d61081b0032 tmp0:= unk_d61(tmp2) U2201: 3e6bc0000030 unk_e6b(tmp0) U2202: 002100036030 tmp6:= CONCAT_DSZ32(tmp0) U2204: 025d00036db6 tmp6:= TEST_DSZ64(tmp6, tmp6) U2205: 0150fe1c0236 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U07fe) U2206: 0c4ba0137000 tmp7:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) 0181aa80 SEQW GOTO U01aa ------------------------------------------------------------------------------------ U2208: 00652003c230 tmp12:= SHR_DSZ64(tmp0, 0x00000020) U2209: 000ce28fe248 tmp14:= SAVEUIP(0x01, U23e2) U220a: 104a08037230 tmp7:= TESTUSTATE(tmp0, SYS, UST_OP_SIZE_32BIT) 01d74d80 ? SEQW GOTO U574d U220c: 000c5d93e248 tmp14:= SAVEUIP(0x01, U245d) U220d: 000c4d5fd288 tmp13:= SAVEUIP(0x00, U574d) 0181ba4e SEQW GOTO U01ba ------------------------------------------------------------------------------------ U220e: 000cce23d208 tmp13:= SAVEUIP(0x00, U08ce) 0181ba4e SEQW URET1 ------------------------------------------------------------------------------------ U2210: 006200037200 tmp7:= MOVEFROMCREG_DSZ64(0x000) U2211: 0004ea037437 tmp7:= AND_DSZ32(tmp7, 0x002c6800) U2212: 000128037437 tmp7:= OR_DSZ32(tmp7, 0x00008008) 01da5580 SEQW GOTO U5a55 ------------------------------------------------------------------------------------ U2214: 000d24800000 SAVEUIP_REGOVR(0x01, U2215, 0x0024) 019d8e00 SEQW GOTO U1d8e U2215: 000e03032200 tmp2:= WRMSLOOPCTRFBR(0x00000003) U2216: 002406032232 tmp2:= SHL_DSZ32(tmp2, 0x00000006) U2218: 2e7500730c8d tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp2, 0x0000bc00) U2219: 2928ec1c0030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, uend) U221a: 0edf00000030 unk_edf(tmp0) U221c: 000040032c88 tmp2:= ADD_DSZ32(0x00000040, tmp2) U221d: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01a21872 ? SEQW GOTO U2218 U221e: 000000000000 NOP 01a21872 SEQW UEND0 ------------------------------------------------------------------------------------ U2220: 125500000e40 FETCHFROMEIP1_ASZ64(tmp9) U2221: 213e0803d008 tmp13:= MOVEMERGEFLGS_DSZ32(0x00000008) U2222: 237d0000003d GENARITHFLAGS(tmp13) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U2224: 00073f032c88 tmp2:= NOTAND_DSZ32(0x0000003f, tmp2) U2225: 0151691c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#UD) 01ce8140 SEQW GOTO do_vmexit ------------------------------------------------------------------------------------ U2226: 000000000000 NOP U2228: 125500000e40 FETCHFROMEIP1_ASZ64(tmp9) U2229: 00621b03e200 tmp14:= MOVEFROMCREG_DSZ64(0x01b) U222a: 2042521c023e SYNCFULL-> MOVETOCREG_DSZ64(tmp14, 0x752) 090cd580 SEQW GOTO U0cd5 ------------------------------------------------------------------------------------ U222c: 00080c336008 tmp6:= ZEROEXT_DSZ32(0x00000c0c) U222d: 00a1833b6d89 tmp6:= CONCAT_DSZ16(0x00002e83, tmp6) 019c6040 SEQW GOTO U1c60 ------------------------------------------------------------------------------------ U222e: 000000000000 NOP U2230: 00040303bc88 tmp11:= AND_DSZ32(0x00000003, tmp2) U2231: 000cf933d208 tmp13:= SAVEUIP(0x00, U0cf9) U2232: 004228000010 MOVETOCREG_DSZ64(0x00000008, 0x000) 01bd4880 SEQW GOTO U3d48 ------------------------------------------------------------------------------------ U2234: 00080003a036 tmp10:= ZEROEXT_DSZ32(tmp6) U2235: 0062fe1f0200 LFNCEMARK-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2236: 00047b031e50 tmp1:= AND_DSZ32(0x00030000, tmp9) U2238: 2902fe1c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, CORE_CR_EFLAGS) U2239: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) U223a: 0c4b80131000 tmp1:= RDSEGFLD(UNK_SEG_04, SEL) U223c: 00240e03d23d tmp13:= SHL_DSZ32(tmp13, 0x0000000e) U223d: 00a100031c7d tmp1:= CONCAT_DSZ16(tmp13, tmp1) U223e: 000c927c0200 SAVEUIP(0x00, U1f92) U2240: 0c4ba00bf000 LFNCEWAIT-> tmp15:= RDSEGFLD(CS, SEL+FLGS+LIM) U2241: 0c7b4900003f WRSEGFLD(tmp15, UNK_SEG_09, FLGS) U2242: 0c4b200bf000 tmp15:= RDSEGFLD(CS, BASE) U2244: 0c7b2900003f LFNCEMARK-> WRSEGFLD(tmp15, UNK_SEG_09, BASE) U2245: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 044e8440 ? SEQW GOTO U4e84 U2246: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U2248: 00420000023e MOVETOCREG_DSZ64(tmp14, 0x000) U2249: 0088b903c008 tmp12:= ZEROEXT_DSZ16(0x000000b9) U224a: 000a00135200 tmp5:= TESTUSTATE(UCODE, 0x0400) 01a24d80 ? SEQW GOTO U224d U224c: 000810035008 tmp5:= ZEROEXT_DSZ32(0x00000010) U224d: 00436f000236 WRITEURAM(tmp6, 0x006f, 64) U224e: 00080303d008 tmp13:= ZEROEXT_DSZ32(0x00000003) 0181d280 SEQW GOTO U01d2 ------------------------------------------------------------------------------------ U2250: 0088816fc008 tmp12:= ZEROEXT_DSZ16(0x00001b81) U2251: 0062fe1f9200 tmp9:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2252: 238000039e40 tmp9:= READAFLAGS(tmp9) U2254: 00080003a039 tmp10:= ZEROEXT_DSZ32(tmp9) U2255: 00080203d008 tmp13:= ZEROEXT_DSZ32(0x00000002) U2256: 00436f035200 tmp5:= WRITEURAM(0x00000000, 0x006f, 64) 0181d280 SEQW GOTO U01d2 ------------------------------------------------------------------------------------ U2258: 0088b903c008 tmp12:= ZEROEXT_DSZ16(0x000000b9) U2259: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U225a: 00080003d008 tmp13:= ZEROEXT_DSZ32(0x00000000) 01a25680 SEQW GOTO U2256 ------------------------------------------------------------------------------------ U225c: 20431f080231 WRITEURAM(tmp1, 0x001f, 32) U225d: 000000000000 NOP 019b1440 SEQW GOTO U1b14 ------------------------------------------------------------------------------------ U225e: 000000000000 NOP U2260: 0088816fc008 tmp12:= ZEROEXT_DSZ16(0x00001b81) U2261: 0062fe1f9200 tmp9:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2262: 238000039e40 tmp9:= READAFLAGS(tmp9) U2264: 00080003a039 tmp10:= ZEROEXT_DSZ32(tmp9) U2265: 00080203d008 tmp13:= ZEROEXT_DSZ32(0x00000002) 01b3854e SEQW GOTO U3385 ------------------------------------------------------------------------------------ U2266: 000cca5fd248 tmp13:= SAVEUIP(0x00, U37ca) 01b3854e SEQW URET1 ------------------------------------------------------------------------------------ U2268: 0088b903c008 tmp12:= ZEROEXT_DSZ16(0x000000b9) U2269: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U226a: 00080003d008 tmp13:= ZEROEXT_DSZ32(0x00000000) 01b38580 SEQW GOTO U3385 ------------------------------------------------------------------------------------ U226c: 0042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) U226d: 00621b17e200 tmp14:= MOVEFROMCREG_DSZ64(0x51b) U226e: 00880043ef88 tmp14:= ZEROEXT_DSZ16(0x00001000, tmp14) 018dc580 SEQW GOTO U0dc5 ------------------------------------------------------------------------------------ U2270: 0062921b0200 tmp0:= MOVEFROMCREG_DSZ64(0x692) U2271: 000706030c08 tmp0:= NOTAND_DSZ32(0x00000006, tmp0) U2272: 090292580230 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp0, 0x00000001, 0x692) 091eb480 SEQW GOTO U1eb4 ------------------------------------------------------------------------------------ U2274: 0ea500031034 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U2275: 0ea502030034 tmp0:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4, 0x00000002) U2276: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) 01a77280 SEQW GOTO U2772 ------------------------------------------------------------------------------------ U2278: 0008c02b300d tmp3:= ZEROEXT_DSZ32(0x0000aac0) U2279: 000ca8e40200 SAVEUIP(0x01, U19a8) 0180794e SEQW GOTO U0079 ------------------------------------------------------------------------------------ U227a: 000c4a0fd208 tmp13:= SAVEUIP(0x00, U034a) 0180794e SEQW URET1 ------------------------------------------------------------------------------------ U227c: 0ea500032034 tmp2:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U227d: 004002034d08 tmp4:= ADD_DSZ64(0x00000002, tmp4) U227e: 000ca9940280 SAVEUIP(0x01, U45a9) 01807980 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U2280: 000ceeec0240 SAVEUIP(0x01, U3bee) 0b00790e SEQW GOTO U0079 ------------------------------------------------------------------------------------ U2281: 153500039e7b tmm1:= unk_535(tmm3, tmm1) U2282: 14300003fff9 SYNCWAIT-> tmm7:= unk_430(tmm1, tmm7) 0b00790e SEQW URET1 ------------------------------------------------------------------------------------ U2284: 000cd5e40200 SAVEUIP(0x01, U19d5) 0180790e SEQW GOTO U0079 ------------------------------------------------------------------------------------ U2285: 0e6500038037 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7) U2286: 0e6508035037 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008) 0180790e SEQW URET1 ------------------------------------------------------------------------------------ U2288: 000cdeac0240 SAVEUIP(0x01, U2bde) 09007900 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U2289: 000800031032 tmp1:= ZEROEXT_DSZ32(tmp2) U228a: 015d00000f80 SYNCFULL-> UJMP(tmp14) ------------------------------------------------------------------------------------ U228c: 000cfab40240 SAVEUIP(0x01, U2dfa) 0180790a SEQW GOTO U0079 ------------------------------------------------------------------------------------ U228d: 186b99cd0276 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x00000007, U6399) U228e: 0d0f00035034 PORTOUT_DSZ32_ASZ16_SC1(tmp4, tmp5) 0180790a SEQW URET0 ------------------------------------------------------------------------------------ U2290: 0e75a007a008 tmp10:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000001a0) U2291: 00652003a23a tmp10:= SHR_DSZ64(tmp10, 0x00000020) U2292: 0ee500030034 tmp0:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp4) 01806180 SEQW GOTO U0061 ------------------------------------------------------------------------------------ U2294: 0ea500030034 tmp0:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U2295: 004002034d08 tmp4:= ADD_DSZ64(0x00000002, tmp4) U2296: 015d00000c00 UJMP(tmp0) ------------------------------------------------------------------------------------ U2298: 000d18800000 SAVEUIP_REGOVR(0x01, U2299, 0x0018) U2299: 000cc9140240 SAVEUIP(0x00, U25c9) U229a: 000cb2880200 SAVEUIP(0x01, U02b2) 01807980 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U229c: 0e2500030034 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U229d: 0e2504031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000004) U229e: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) 01dc5280 SEQW GOTO U5c52 ------------------------------------------------------------------------------------ U22a0: 00080f032008 tmp2:= ZEROEXT_DSZ32(0x0000000f) U22a1: 000d32800000 SAVEUIP_REGOVR(0x01, U22a2, 0x0032) U22a2: 000c15a00240 SAVEUIP(0x01, U2815) 0187b580 SEQW GOTO U07b5 ------------------------------------------------------------------------------------ U22a4: 2d0f0c24000a PORTOUT_DSZ32_ASZ16_SC1(0x0000490c, 0x00000000) U22a5: 2d0f1024000a PORTOUT_DSZ32_ASZ16_SC1(0x00004910, 0x00000000) U22a6: 006309030200 tmp0:= READURAM(0x0009, 64) 0186fe80 SEQW GOTO U06fe ------------------------------------------------------------------------------------ U22a8: 0ea500031034 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U22a9: 0ea502032034 tmp2:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4, 0x00000002) U22aa: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) 01870e80 SEQW GOTO U070e ------------------------------------------------------------------------------------ U22ac: 000c52f40240 SAVEUIP(0x01, U3d52) 01807900 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U22ad: 000000000000 NOP U22ae: 000000000000 NOP U22b0: 0ee500030034 tmp0:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp4) U22b1: 0e2501031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000001) U22b2: 004005034d08 tmp4:= ADD_DSZ64(0x00000005, tmp4) 01879580 SEQW GOTO U0795 ------------------------------------------------------------------------------------ U22b4: 006377030200 tmp0:= READURAM(0x0077, 64) U22b5: 006522030230 tmp0:= SHR_DSZ64(tmp0, 0x00000022) U22b6: 000403030c08 tmp0:= AND_DSZ32(0x00000003, tmp0) 01de3a80 SEQW GOTO U5e3a ------------------------------------------------------------------------------------ U22b8: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) U22b9: 002100033822 tmp3:= CONCAT_DSZ32(rdx, rax) U22ba: 00638e035200 tmp5:= READURAM(0x008e, 64) 019a6a80 SEQW GOTO U1a6a ------------------------------------------------------------------------------------ U22bc: 00402a034d08 tmp4:= ADD_DSZ64(0x0000002a, tmp4) U22bd: 0e25da031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0xffffffffffffffda) U22be: 000800000000 NOP 01e07a80 SEQW GOTO U607a ------------------------------------------------------------------------------------ U22c0: 006377035200 tmp5:= READURAM(0x0077, 64) U22c1: 006522035235 tmp5:= SHR_DSZ64(tmp5, 0x00000022) U22c2: 000403035d48 tmp5:= AND_DSZ32(0x00000003, tmp5) 0187ad80 SEQW GOTO U07ad ------------------------------------------------------------------------------------ U22c4: 0ea500030034 tmp0:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U22c5: 197f02034c34 tmp4:= unk_97f(tmp4, tmp0) U22c6: 00088d5bf00b tmp15:= ZEROEXT_DSZ32(0x0000768d) 01a58c80 SEQW GOTO U258c ------------------------------------------------------------------------------------ U22c8: 0e2500030034 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U22c9: 392854040030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U3154) U22ca: 00086663e009 tmp14:= ZEROEXT_DSZ32(0x00003866) 01df6080 SEQW GOTO U5f60 ------------------------------------------------------------------------------------ U22cc: 00080b030008 tmp0:= ZEROEXT_DSZ32(0x0000000b) 01a7b400 SEQW GOTO patch_load_error ------------------------------------------------------------------------------------ U22cd: 000000000000 NOP U22ce: 000000000000 NOP U22d0: 00080c030008 tmp0:= ZEROEXT_DSZ32(0x0000000c) 01a7b400 SEQW GOTO patch_load_error ------------------------------------------------------------------------------------ U22d1: 000000000000 NOP U22d2: 000000000000 NOP U22d4: 00080d030008 tmp0:= ZEROEXT_DSZ32(0x0000000d) 01a7b400 SEQW GOTO patch_load_error ------------------------------------------------------------------------------------ U22d5: 000000000000 NOP U22d6: 000000000000 NOP U22d8: 000d18800000 SAVEUIP_REGOVR(0x01, U22d9, 0x0018) U22d9: 000cd9140240 SAVEUIP(0x00, U25d9) U22da: 000cb2880200 SAVEUIP(0x01, U02b2) 01807980 SEQW GOTO U0079 ------------------------------------------------------------------------------------ U22dc: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) U22dd: 206353030200 tmp0:= READURAM(0x0053, 64) U22de: 286ba6b80230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000002, patch_runs_load_loop) 01806980 SEQW GOTO U0069 ------------------------------------------------------------------------------------ U22e0: 0e2500031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U22e1: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) 01a6664e SEQW GOTO U2666 ------------------------------------------------------------------------------------ U22e2: 000cbe23d208 tmp13:= SAVEUIP(0x00, U08be) 01a6664e SEQW URET1 ------------------------------------------------------------------------------------ U22e4: 0e2500031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U22e5: 004004034d08 tmp4:= ADD_DSZ64(0x00000004, tmp4) 01a68240 SEQW GOTO U2682 ------------------------------------------------------------------------------------ U22e6: 00436100023e WRITEURAM(tmp14, 0x0061, 64) U22e8: 00622417f200 tmp15:= MOVEFROMCREG_DSZ64(0x524) U22e9: 00641803f23f tmp15:= SHL_DSZ64(tmp15, 0x00000018) U22ea: 00432804023f WRITEURAM(tmp15, 0x0128, 64) U22ec: 00621117f200 tmp15:= MOVEFROMCREG_DSZ64(0x511) U22ed: 00432700023f LFNCEMARK-> WRITEURAM(tmp15, 0x0027, 64) U22ee: 0dff07000000 unk_dff(0x00000000) U22f0: 00627003f200 tmp15:= MOVEFROMCREG_DSZ64(0x070) U22f1: 0004000bffc8 tmp15:= AND_DSZ32(0x00000200, tmp15) U22f2: 00635c03e200 tmp14:= READURAM(0x005c, 64) U22f4: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U22f5: 00435c08023e LFNCEWAIT-> WRITEURAM(tmp14, 0x005c, 32) U22f6: 00621017f200 tmp15:= MOVEFROMCREG_DSZ64(0x510) U22f8: 00432808023f WRITEURAM(tmp15, 0x0028, 32) U22f9: 296270400280 MOVETOCREG_BTS_DSZ64(0x00000009, 0x070) U22fa: 090227d40200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x527) U22fc: 186b068c02fe LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp14, 0x0000000e, U2306) U22fd: 0004000bffc8 tmp15:= AND_DSZ32(0x00000200, tmp15) U22fe: 01312003f23f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000020) U2300: 00632903e200 tmp14:= READURAM(0x0029, 64) U2301: 00650003effe tmp14:= SHR_DSZ64(tmp14, tmp15) U2302: 00640c03e23e tmp14:= SHL_DSZ64(tmp14, 0x0000000c) U2304: 00422614023e LFNCEWAIT-> MOVETOCREG_DSZ64(tmp14, 0x526) U2305: 090227d40240 MOVETOCREG_OR_DSZ64(0x00000007, 0x527) U2306: 00636103e200 tmp14:= READURAM(0x0061, 64) 02212480 SEQW GOTO U2124 ------------------------------------------------------------------------------------ U2308: 10480002403a rsp:= ZEROEXT_DSZ64N(tmp10) 01841400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U2309: 0008ff031008 tmp1:= ZEROEXT_DSZ32(0x000000ff) U230a: 000100071c50 tmp1:= OR_DSZ32(0x00400000, tmp1) U230c: 104200031eb1 LFNCEWAIT-> tmp1:= MOVETOCREG_DSZ64(tmp1, tmp10) U230d: 004800035c75 tmp5:= ZEROEXT_DSZ64(tmp5, tmp1) U230e: 104200000eb5 MOVETOCREG_DSZ64(tmp5, tmp10) 02332d80 SEQW GOTO U332d ------------------------------------------------------------------------------------ U2310: 000c74040240 SAVEUIP(0x00, U2174) U2311: 000cf98c0240 SAVEUIP(0x01, U23f9) 01a3c140 SEQW GOTO U23c1 ------------------------------------------------------------------------------------ U2312: 000ca2b3e208 tmp14:= SAVEUIP(0x01, U0ca2) U2314: 00c80003c000 tmp12:= ZEROEXT_DSZ8(0x00000000) U2315: 00080e0bb009 tmp11:= ZEROEXT_DSZ32(0x0000220e) U2316: 008837038010 tmp8:= ZEROEXT_DSZ16(0x0000fc01) 01b9a680 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U2318: 00a50b03223a tmp2:= SHR_DSZ16(tmp10, 0x0000000b) U2319: 00c407032c88 tmp2:= AND_DSZ8(0x00000007, tmp2) U231a: 00428c10023a MOVETOCREG_DSZ64(tmp10, 0x48c) U231c: 004273000232 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, 0x073) 08041400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U231d: 000000000000 NOP U231e: 000000000000 NOP U2320: 0042fe1c0232 MOVETOCREG_DSZ64(tmp2, CORE_CR_EFLAGS) 02a31800 SEQW GOTO U2318 ------------------------------------------------------------------------------------ U2321: 0d3000031db4 LFNCEWAIT-> tmp1:= LDZX_DSZ32_ASZ32_SC1(tmp4, tmp6) U2322: 0e2d00031db8 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, tmp6, tmp1) U2324: 000004036d88 tmp6:= ADD_DSZ32(0x00000004, tmp6) U2325: 000504035d48 tmp5:= SUB_DSZ32(0x00000004, tmp5) U2326: 03528d600275 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDLE(tmp5, U388d) 050000ce SEQW URET1 ------------------------------------------------------------------------------------ U2328: 0004fc031d88 tmp1:= AND_DSZ32(0x000000fc, tmp6) U2329: 00053403dc48 tmp13:= SUB_DSZ32(0x00000034, tmp1) U232a: 01511410023d UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, U0414) U232c: 290205c00200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U232d: 213e0803d008 tmp13:= MOVEMERGEFLGS_DSZ32(0x00000008) U232e: 237d0000003d GENARITHFLAGS(tmp13) 0417ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U2330: 0c4ba00f7000 tmp7:= RDSEGFLD(SS, SEL+FLGS+LIM) U2331: 0c7baa000037 WRSEGFLD(tmp7, SS_USERM, SEL+FLGS+LIM) U2332: 0c4b200f7000 tmp7:= RDSEGFLD(SS, BASE) U2334: 0c7b2a000037 WRSEGFLD(tmp7, SS_USERM, BASE) U2335: 0c4b400f7000 tmp7:= RDSEGFLD(SS, FLGS) U2336: 20423c1c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x73c) 095c5a80 SEQW GOTO U5c5a ------------------------------------------------------------------------------------ U2338: 0c4ba00f7000 tmp7:= RDSEGFLD(SS, SEL+FLGS+LIM) U2339: 0c7baa000037 WRSEGFLD(tmp7, SS_USERM, SEL+FLGS+LIM) U233a: 0c4b200f7000 tmp7:= RDSEGFLD(SS, BASE) U233c: 0c7b2a000037 WRSEGFLD(tmp7, SS_USERM, BASE) U233d: 0c4b400f7000 tmp7:= RDSEGFLD(SS, FLGS) U233e: 20423c1c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x73c) 0967f480 SEQW GOTO U67f4 ------------------------------------------------------------------------------------ U2340: 000c259002c0 SAVEUIP(0x01, U6425) U2341: 0051e204023d UJMPCC_DIRECT_NOTTAKEN_CONDNO(tmp13, U01e2) U2342: 213f0000003a unk_13f(tmp10) U2344: 2042fe1c023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) 0401e200 SEQW GOTO U01e2 ------------------------------------------------------------------------------------ U2345: 000000000000 NOP U2346: 000000000000 NOP U2348: 000c14900200 SAVEUIP(0x01, U0414) 01a34100 SEQW GOTO U2341 ------------------------------------------------------------------------------------ U2349: 00553f031200 tmp1:= BTS_DSZ64(0x00000000, 0x0000003f) U234a: 00940d03b239 tmp11:= BT_DSZ16(tmp9, 0x0000000d) U234c: 017e00031ef1 SYNCFULL-> tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp11) U234d: 007700037df1 tmp7:= CMOVCC_DSZ64_CONDNB(tmp1, tmp7) U234e: 074400038037 tmm0:= unk_744(mm7) 084d3a80 SEQW GOTO U4d3a ------------------------------------------------------------------------------------ U2350: 00632c032200 tmp2:= READURAM(0x002c, 64) U2351: 00635603c200 tmp12:= READURAM(0x0056, 64) U2352: 015d00000c80 UJMP(tmp2) ------------------------------------------------------------------------------------ U2354: 000000000000 NOP U2355: 000000000000 NOP 01b12840 SEQW GOTO U3128 ------------------------------------------------------------------------------------ U2356: 000000000000 NOP U2358: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2359: 186b5c8c02b6 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U235c) U235a: 0150911002b4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U4491) U235c: 2962fe1c033a MOVETOCREG_BTS_DSZ64(tmp10, 0x00000010, CORE_CR_EFLAGS) U235d: 000dfa800000 SAVEUIP_REGOVR(0x01, U235e, 0x00fa) U235e: 000c14900200 SAVEUIP(0x01, U0414) 0182ca80 SEQW GOTO U02ca ------------------------------------------------------------------------------------ U2360: 000cd5640280 SAVEUIP(0x00, U59d5) U2361: 000c609c02c0 SAVEUIP(0x01, U6760) 01d8f540 SEQW GOTO U58f5 ------------------------------------------------------------------------------------ U2362: 05b90003f03b tmm7:= unk_5b9(tmm3) U2364: 05b90003c039 tmm4:= unk_5b9(tmm1) U2365: 0008261fb009 tmp11:= ZEROEXT_DSZ32(0x00002726) U2366: 0048cc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043cc) 01c2ea80 SEQW GOTO U42ea ------------------------------------------------------------------------------------ U2368: 000cd6640280 SAVEUIP(0x00, U59d6) U2369: 000c50a002c0 SAVEUIP(0x01, U6850) 01d8f540 SEQW GOTO U58f5 ------------------------------------------------------------------------------------ U236a: 000000000000 NOP U236c: 000000000000 NOP U236d: 00456003ec08 tmp14:= SUB_DSZ64(0x00000060, tmp0) U236e: 20438d00023e WRITEURAM(tmp14, 0x008d, 64) 01c65c80 SEQW GOTO gen_rc4_key ------------------------------------------------------------------------------------ U2370: 00621b037200 tmp7:= MOVEFROMCREG_DSZ64(0x01b) U2371: 2042521c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x752) U2372: 108800021874 rcx:= ZEROEXT_DSZ16N(tmp4, rcx) U2374: 186b89b802b6 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U2e89) U2375: 01506e1402b4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U456e) U2376: 015f6e1402ba UJMPCC_DIRECT_TAKEN_CONDZ(tmp10, U456e) 01ae8a80 SEQW GOTO U2e8a ------------------------------------------------------------------------------------ U2378: 00621b037200 tmp7:= MOVEFROMCREG_DSZ64(0x01b) U2379: 2042521c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x752) U237a: 108800031874 tmp1:= ZEROEXT_DSZ16N(tmp4, rcx) U237c: 10850003f874 tmp15:= SUB_DSZN(tmp4, rcx) U237d: 017e00031ff1 tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp15) U237e: 017500021871 rcx:= CMOVCC_DSZ64_CONDNZ(tmp1, rcx) 01ae8980 SEQW GOTO U2e89 ------------------------------------------------------------------------------------ U2380: 2042c5180235 SYNCFULL-> MOVETOCREG_DSZ64(tmp5, 0x6c5) U2381: 000c14100200 SAVEUIP(0x00, U0414) 08260040 SEQW GOTO U2600 ------------------------------------------------------------------------------------ U2382: 1062f91f2240 tmp2:= MOVEFROMCREG_DSZ64(0x7f9, 32) U2384: 086aee1402b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000008, U05ee) U2385: 004800035033 tmp5:= ZEROEXT_DSZ64(tmp3) U2386: 00401803cd48 tmp12:= ADD_DSZ64(0x00000018, tmp5) 01ace280 SEQW GOTO U2ce2 ------------------------------------------------------------------------------------ U2388: 00620c03e200 tmp14:= MOVEFROMCREG_DSZ64(0x00c) U2389: 000ca65802c0 SAVEUIP(0x00, U76a6) U238a: 290205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U238c: 00621b030200 tmp0:= MOVEFROMCREG_DSZ64(0x01b) U238d: 2042521c0230 SYNCMARK-> MOVETOCREG_DSZ64(tmp0, 0x752) 0cb20889 SEQW URET0 ------------------------------------------------------------------------------------ U238e: 004500035d71 tmp5:= SUB_DSZ64(tmp1, tmp5) 0cb20889 SEQW GOTO U3208 ------------------------------------------------------------------------------------ U2390: 000001034d08 tmp4:= ADD_DSZ32(0x00000001, tmp4) 0aa38a10 SEQW SAVEUIP0 U2391 SEQW GOTO U238a U2391: 00880003e001 SYNCWAIT-> tmp14:= ZEROEXT_DSZ16(r64dst) U2392: 000500034fb4 tmp4:= SUB_DSZ32(tmp4, tmp14) U2394: 000cf88c0280 SAVEUIP(0x01, U43f8) 01816400 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U2395: 000000000000 NOP U2396: 000000000000 NOP U2398: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) 01de9800 SEQW GOTO U5e98 ------------------------------------------------------------------------------------ U2399: 05ba0103ffff tmm7:= unk_5ba(tmm7, tmm7) U239a: 05b90003b03f tmm3:= unk_5b9(tmm7) U239c: 0001ad1b2c88 tmp2:= OR_DSZ32(0x000006ad, tmp2) U239d: 07040003a032 tmm2:= unk_704(mm2) U239e: 04ef0103c03f tmm4:= MOVHLPS(tmm7) 01c23580 SEQW GOTO U4235 ------------------------------------------------------------------------------------ U23a0: 000804031008 tmp1:= ZEROEXT_DSZ32(0x00000004) 01de9800 SEQW GOTO U5e98 ------------------------------------------------------------------------------------ U23a1: 00084d4b1008 tmp1:= ZEROEXT_DSZ32(0x0000124d) U23a2: 00a1937b1231 tmp1:= CONCAT_DSZ16(tmp1, 0x00001e93) U23a4: 00083057f00d tmp15:= ZEROEXT_DSZ32(0x0000b530) U23a5: 00a1d813f37f tmp15:= CONCAT_DSZ16(tmp15, 0x0000a4d8) U23a6: 002100031ff1 tmp1:= CONCAT_DSZ32(tmp1, tmp15) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U23a8: 00434e00023e WRITEURAM(tmp14, 0x004e, 64) U23a9: 00635303e200 tmp14:= READURAM(0x0053, 64) U23aa: 286a8429027e BTUJB_DIRECT_NOTTAKEN(tmp14, 0x00000004, U5a84) U23ac: 006262172200 tmp2:= MOVEFROMCREG_DSZ64(0x562) U23ad: 0047ff3f2c88 tmp2:= NOTAND_DSZ64(0x00000fff, tmp2) U23ae: 086a7208033e BTUJB_DIRECT_NOTTAKEN(tmp14, 0x00000010, U0272) 01827580 SEQW GOTO U0275 ------------------------------------------------------------------------------------ U23b0: 213f0000003a unk_13f(tmp10) U23b1: 0042fe1c023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) U23b2: 000c14900200 SAVEUIP(0x01, U0414) 0481e280 SEQW GOTO U01e2 ------------------------------------------------------------------------------------ U23b4: 000000000000 NOP U23b5: 000000000000 NOP 01f7ac40 SEQW GOTO U77ac ------------------------------------------------------------------------------------ U23b6: 000000000000 NOP U23b8: 213f0000003a unk_13f(tmp10) U23b9: 0042fe1c023a MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) U23ba: 000c259002c0 SAVEUIP(0x01, U6425) 0181e280 SEQW GOTO U01e2 ------------------------------------------------------------------------------------ U23bc: 00430f08023b LFNCEWTMRK-> WRITEURAM(tmp11, 0x000f, 32) U23bd: 000000000000 NOP 06304c40 SEQW GOTO U304c ------------------------------------------------------------------------------------ U23be: 000000000000 NOP U23c0: 000c6a5c0240 SAVEUIP(0x00, U376a) U23c1: 1062d00b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2d0, 32) U23c2: 2e750077100d tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bd00) U23c4: 004000031c72 tmp1:= ADD_DSZ64(tmp2, tmp1) U23c5: 2e7d0077100d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000bd00, tmp1) 0960d289 SEQW URET0 ------------------------------------------------------------------------------------ U23c6: 386a3e0c02f1 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000c, U333e) 0960d289 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U23c8: 1062d00b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2d0, 32) U23c9: 2e754077100d tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bd40) U23ca: 004000031c72 tmp1:= ADD_DSZ64(tmp2, tmp1) U23cc: 2e7d4077100d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000bd40, tmp1) U23cd: 00521118027d LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp13, U2611) 04c0424e SEQW GOTO U4042 ------------------------------------------------------------------------------------ U23ce: 000cd623d208 tmp13:= SAVEUIP(0x00, U08d6) 04c0424e SEQW URET1 ------------------------------------------------------------------------------------ U23d0: 000c1c180240 SAVEUIP(0x00, U261c) U23d1: 000d04800000 SAVEUIP_REGOVR(0x01, U23d2, 0x0004) 01b2cd40 SEQW GOTO U32cd U23d2: 006320030200 tmp0:= READURAM(0x0020, 64) U23d4: 002501030230 tmp0:= SHR_DSZ32(tmp0, 0x00000001) U23d5: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U23d6: 000006030230 tmp0:= ADD_DSZ32(tmp0, 0x00000006) 01854480 SEQW GOTO U0544 ------------------------------------------------------------------------------------ U23d8: 000000000000 NOP 01831214 SEQW SAVEUIP1 U23d9 SEQW GOTO U0312 U23d9: 006309030200 tmp0:= READURAM(0x0009, 64) U23da: 10420f080270 MOVETOCREG_DSZ64(tmp0, 0x20f, 32) U23dc: 000ccd0c0240 SAVEUIP(0x00, U23cd) 01a3d100 SEQW GOTO U23d1 ------------------------------------------------------------------------------------ U23dd: 000000000000 NOP U23de: 000000000000 NOP U23e0: 000000000000 NOP U23e1: 000000000000 NOP 05041440 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U23e2: 0e6be9240cb0 LFNCEMARK-> unk_e6b(tmp0, tmp2) U23e4: 000400231f08 tmp1:= AND_DSZ32(0x00000800, tmp12) U23e5: 01300003cf31 tmp12:= SELECTCC_DSZ32_CONDZ(tmp1, tmp12) U23e6: 008800033f37 tmp3:= ZEROEXT_DSZ16(tmp7, tmp12) 01abf880 SEQW GOTO U2bf8 ------------------------------------------------------------------------------------ U23e8: 000000000000 NOP U23e9: 000c14900200 SAVEUIP(0x01, U0414) 01a34140 SEQW GOTO U2341 ------------------------------------------------------------------------------------ U23ea: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U23ec: 00628e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x78e) U23ed: 006267032200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U23ee: 000500032cb1 tmp2:= SUB_DSZ32(tmp1, tmp2) 01c3ae80 SEQW GOTO U43ae ------------------------------------------------------------------------------------ U23f0: 204265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U23f1: 2042f81c023a MOVETOCREG_DSZ64(tmp10, 0x7f8) U23f2: 100a00a00200 TESTUSTATE(SYS, !0x0800) 01841480 ? SEQW GOTO U0414 U23f4: 29a20400063a MOVETOCREG_SHR_DSZ64(tmp10, 0x00000020, 0x004) 01e70a00 SEQW GOTO U670a ------------------------------------------------------------------------------------ U23f5: 000000000000 NOP U23f6: 000000000000 NOP U23f8: 000000000000 NOP 01a3c110 SEQW SAVEUIP0 U23f9 SEQW GOTO U23c1 U23f9: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U23fa: 000800000000 NOP U23fc: 000000000000 NOP 01a51500 SEQW GOTO U2515 ------------------------------------------------------------------------------------ U23fd: 000000000000 NOP U23fe: 000000000000 NOP U2400: 0c4b20138000 tmp8:= RDSEGFLD(UNK_SEG_04, BASE) U2401: 0c6b2c000038 WRSEGFLD(tmp8, FS, BASE) U2402: 0c4ba0138000 tmp8:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U2404: 0c6bac000038 WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) 01841400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U2405: 000000000000 NOP U2406: 000000000000 NOP U2408: 0042f01c0234 MOVETOCREG_DSZ64(tmp4, 0x7f0) U2409: 0062c31b7200 tmp7:= MOVEFROMCREG_DSZ64(0x6c3) U240a: 2962c3980237 MOVETOCREG_BTS_DSZ64(tmp7, 0x00000002, 0x6c3) U240c: 006267034200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U240d: 006265037200 tmp7:= MOVEFROMCREG_DSZ64(0x065) U240e: 104500037d37 tmp7:= SUB_DSZN(tmp7, tmp4) 01c3b480 SEQW GOTO U43b4 ------------------------------------------------------------------------------------ U2410: 000c14900200 SAVEUIP(0x01, U0414) 01df3200 SEQW GOTO U5f32 ------------------------------------------------------------------------------------ U2411: 000000000000 NOP U2412: 000000000000 NOP U2414: 000000000000 NOP U2415: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 03241a40 ? SEQW GOTO U241a U2416: 006314030200 LFNCEWAIT-> tmp0:= READURAM(0x0014, 64) U2418: 00e100031cb3 tmp1:= CONCAT_DSZ8(tmp3, tmp2) U2419: 186a2d250cb0 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, tmp2, U692d) U241a: 0150545402ba UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp10, U5554) 04be3680 SEQW GOTO U3e36 ------------------------------------------------------------------------------------ U241c: 000d34800000 SAVEUIP_REGOVR(0x01, U241d, 0x0034) 018ba900 SEQW GOTO U0ba9 U241d: 000800020034 rax:= ZEROEXT_DSZ32(tmp4) U241e: 1062b90b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2b9, 32) U2420: 00e120030230 tmp0:= CONCAT_DSZ8(tmp0, 0x00000020) U2421: 00a100223230 rbx:= CONCAT_DSZ16(tmp0, 0x00000800) U2422: 006310030200 tmp0:= READURAM(0x0010, 64) 01eb7580 SEQW GOTO U6b75 ------------------------------------------------------------------------------------ U2424: 00086407000b tmp0:= ZEROEXT_DSZ32(0x00006164) U2425: 00a101020370 rax:= CONCAT_DSZ16(tmp0, 0x0000a001) U2426: 0008c47e300f rbx:= ZEROEXT_DSZ32(0x0000ffc4) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U2428: 000807030008 tmp0:= ZEROEXT_DSZ32(0x00000007) U2429: 004342080230 WRITEURAM(tmp0, 0x0042, 32) 01cd6c40 SEQW GOTO U4d6c ------------------------------------------------------------------------------------ U242a: 000000000000 NOP U242c: 000800038000 tmp8:= ZEROEXT_DSZ32(0x00000000) U242d: 00c800021038 rcx:= ZEROEXT_DSZ8(tmp8) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U242e: 0c4bc0271000 tmp1:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2430: 104000031c73 tmp1:= ADD_DSZN(tmp3, tmp1) U2431: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U2432: 204367000231 LFNCEMARK-> WRITEURAM(tmp1, 0x0067, 64) 053a4480 SEQW GOTO U3a44 ------------------------------------------------------------------------------------ U2434: 0153ec5c0239 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp9, uend) U2435: 000d23800000 SAVEUIP_REGOVR(0x01, U2436, 0x0023) 01bc7240 SEQW GOTO U3c72 U2436: 003300033cf3 tmp3:= SELECTCC_DSZ32_CONDNB(tmp3, tmp3) U2438: 2928ec1c0e73 CMPUJZ_DIRECT_NOTTAKEN(tmp3, tmp9, uend) U2439: 000023070e48 tmp0:= ADD_DSZ32(0x00000123, tmp9) U243a: 0131200317b9 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp9, 0xffffffffffffc020) 01e2be80 SEQW GOTO U62be ------------------------------------------------------------------------------------ U243c: 2d0b0023500a tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00004800) U243d: 000407035d48 tmp5:= AND_DSZ32(0x00000007, tmp5) U243e: 000894071010 tmp1:= ZEROEXT_DSZ32(0x11242020) U2440: 000001030d48 tmp0:= ADD_DSZ32(0x00000001, tmp5) U2441: 002402030230 tmp0:= SHL_DSZ32(tmp0, 0x00000002) U2442: 0064ff7f0c1f tmp0:= SHL_DSZ64(0xffffffffffffffff, tmp0) 01dab580 SEQW GOTO U5ab5 ------------------------------------------------------------------------------------ U2444: 2d0bc0030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000c0) U2445: 005417030230 tmp0:= BT_DSZ64(tmp0, 0x00000017) U2446: 003202030230 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000002) U2448: 002513031236 tmp1:= SHR_DSZ32(tmp6, 0x00000013) U2449: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U244a: 000105020c08 rax:= OR_DSZ32(0x00000005, tmp0) 01815980 SEQW GOTO U0159 ------------------------------------------------------------------------------------ U244c: 005429030236 tmp0:= BT_DSZ64(tmp6, 0x00000029) U244d: 0033c8030430 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00100000) U244e: 0001830b1270 tmp1:= OR_DSZ32(tmp0, 0x00002283) U2450: 005437030236 tmp0:= BT_DSZ64(tmp6, 0x00000037) U2451: 00339a030430 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00040000) U2452: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) 01e9f480 SEQW GOTO U69f4 ------------------------------------------------------------------------------------ U2454: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2455: 004307000200 WRITEURAM(0x00000000, 0x0007, 64) U2456: 006353016200 tmpv2:= READURAM(0x0053, 64) U2458: 096353080316 unk_963(tmpv2, 0x00008253) U2459: 006370014200 tmpv0:= READURAM(0x0070, 64) U245a: 1042c4080254 SYNCFULL-> MOVETOCREG_DSZ64(tmpv0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) 090000ce SEQW URET1 ------------------------------------------------------------------------------------ U245c: 000000000000 NOP 0497ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U245d: 3e6b69000cb0 LFNCEMARK-> unk_e6b(tmp0, tmp2) U245e: 00880003cf37 tmp12:= ZEROEXT_DSZ16(tmp7, tmp12) U2460: 002100033f33 tmp3:= CONCAT_DSZ32(tmp3, tmp12) U2461: 000cf8afe248 tmp14:= SAVEUIP(0x01, U2bf8) U2462: 29a2f51f16b0 tmp1:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) 01b99480 SEQW GOTO U3994 ------------------------------------------------------------------------------------ U2464: 000a00080200 TESTUSTATE(UCODE, 0x0200) 0197ec00 ? SEQW GOTO uend U2465: 000804130008 tmp0:= ZEROEXT_DSZ32(0x00000404) U2466: 00a1301e0c08 rax:= CONCAT_DSZ16(0x00000730, tmp0) U2468: 0008031a2008 rdx:= ZEROEXT_DSZ32(0x00000603) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2469: 000000000000 NOP U246a: 000000000000 NOP U246c: 1062b90a2240 rdx:= MOVEFROMCREG_DSZ64(0x2b9, 32) U246d: 00532d100279 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp9, U242d) U246e: 000001030e08 tmp0:= ADD_DSZ32(0x00000001, tmp8) U2470: 00e100021e30 rcx:= CONCAT_DSZ8(tmp0, tmp8) U2471: 013e01030e08 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000001, tmp8) U2472: 013405020230 rax:= CMOVCC_DSZ32_CONDZ(tmp0, 0x00000005) 01873180 SEQW GOTO U0731 ------------------------------------------------------------------------------------ U2474: 000000000000 NOP 0517ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2475: 26070003cebb tmm4:= unk_607(tmm3, tmm2) U2476: 008440132e48 LFNCEMARK-> tmp2:= AND_DSZ16(0x00000440, tmp9) U2478: 008540132c88 tmp2:= SUB_DSZ16(0x00000440, tmp2) U2479: 0150441c0232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U0744) U247a: 04b400008f00 mm0:= FMOV(tmm4) 01874580 SEQW GOTO U0745 ------------------------------------------------------------------------------------ U247c: 00542e030237 tmp0:= BT_DSZ64(tmp7, 0x0000002e) U247d: 00543c031236 tmp1:= BT_DSZ64(tmp6, 0x0000003c) U247e: 00635b032200 tmp2:= READURAM(0x005b, 64) U2480: 2928d51d0038 CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000000, U57d5) U2481: 292821610238 CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000001, U5821) U2482: 2928aee10238 CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000003, U58ae) 01b72280 SEQW GOTO U3722 ------------------------------------------------------------------------------------ U2484: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2485: 00635c032200 tmp2:= READURAM(0x005c, 64) U2486: 0007000b2c88 tmp2:= NOTAND_DSZ32(0x00000200, tmp2) U2488: 00435c080232 WRITEURAM(tmp2, 0x005c, 32) U2489: 09620b400280 MOVETOCREG_BTS_DSZ64(0x00000009, 0x00b) U248a: 004227140200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x527) 05600080 SEQW GOTO U6000 ------------------------------------------------------------------------------------ U248c: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U248d: 0008d4631009 tmp1:= ZEROEXT_DSZ32(0x000038d4) U248e: 00a158631271 tmp1:= CONCAT_DSZ16(tmp1, 0x00003858) U2490: 002100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U2491: 296321c003f0 LFNCEMARK-> unk_963(tmp0, IMM_MACRO_21) U2492: 0008d9131009 tmp1:= ZEROEXT_DSZ32(0x000024d9) 04a4a580 SEQW GOTO U24a5 ------------------------------------------------------------------------------------ U2494: 001411030237 tmp0:= BT_DSZ32(tmp7, 0x00000011) U2495: 0053ec5c0230 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp0, uend) U2496: 013107020239 rax:= SELECTCC_DSZ32_CONDNZ(tmp9, 0x00000007) U2498: 013104023238 rbx:= SELECTCC_DSZ32_CONDNZ(tmp8, 0x00000004) U2499: 013103022239 rdx:= SELECTCC_DSZ32_CONDNZ(tmp9, 0x00000003) 0197ec4e SEQW GOTO uend ------------------------------------------------------------------------------------ U249a: 000cb567d288 tmp13:= SAVEUIP(0x00, U59b5) 0197ec4e SEQW URET1 ------------------------------------------------------------------------------------ U249c: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U249d: 002502031238 tmp1:= SHR_DSZ32(tmp8, 0x00000002) U249e: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U24a0: 06a04003c000 tmp12:= unk_6a0(0x00000000) U24a1: 07430003cf31 tmm4:= unk_743(mm1, tmm4) U24a2: 04820000823c mm0:= unk_482(tmm4, 0x00000000) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U24a4: 000000000000 NOP 0297ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U24a5: 006321030200 LFNCEWAIT-> tmp0:= READURAM(0x0021, 64) U24a6: 186ba9100270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U24a9) U24a8: 00151e031231 tmp1:= BTS_DSZ32(tmp1, 0x0000001e) U24a9: 186bad500230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U24ad) U24aa: 00085f030008 tmp0:= ZEROEXT_DSZ32(0x0000005f) 01a4ae80 SEQW GOTO U24ae ------------------------------------------------------------------------------------ U24ac: 000000000000 NOP 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U24ad: 000845030008 tmp0:= ZEROEXT_DSZ32(0x00000045) U24ae: 186aaa040371 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000014, U21aa) U24b0: 206300030c00 tmp0:= READURAM(tmp0) U24b1: 186aa6040331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U21a6) U24b2: 186aa5440331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000011, U21a5) 01a1aa80 SEQW GOTO U21aa ------------------------------------------------------------------------------------ U24b4: 004501030e08 tmp0:= SUB_DSZ64(0x00000001, tmp8) U24b5: 0353ec5c0230 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp0, uend) U24b6: 1062df0b1240 tmp1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U24b8: 006521030237 tmp0:= SHR_DSZ64(tmp7, 0x00000021) U24b9: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U24ba: 286aec5c02f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000d, uend) 01dad580 SEQW GOTO U5ad5 ------------------------------------------------------------------------------------ U24bc: 006387030200 tmp0:= READURAM(0x0087, 64) U24bd: 000000031c30 tmp1:= ADD_DSZ32(tmp0, tmp0) U24be: 000000023c70 rbx:= ADD_DSZ32(tmp0, tmp1) U24c0: 000803020008 rax:= ZEROEXT_DSZ32(0x00000003) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U24c1: 00621c037200 tmp7:= MOVEFROMCREG_DSZ64(0x01c) U24c2: 004700037dca tmp7:= NOTAND_DSZ64(0x00004000, tmp7) U24c4: 20421c000237 MOVETOCREG_DSZ64(tmp7, 0x01c) U24c5: 006314031200 tmp1:= READURAM(0x0014, 64) U24c6: 186ac8500231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U24c8) 01d9c580 SEQW GOTO U59c5 ------------------------------------------------------------------------------------ U24c8: 29621c4002f7 MOVETOCREG_BTS_DSZ64(tmp7, 0x0000000d, 0x01c) 01d9cc00 SEQW GOTO U59cc ------------------------------------------------------------------------------------ U24c9: 006312031200 tmp1:= READURAM(0x0012, 64) U24ca: 386b197c02f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, U3f19) U24cc: 00082d0f0008 tmp0:= ZEROEXT_DSZ32(0x0000032d) U24cd: 001510030230 tmp0:= BTS_DSZ32(tmp0, 0x00000010) U24ce: 000d01880340 SAVEUIP_REGOVR(0x01, U24d0, 0xa201) 01ebfd80 SEQW GOTO U6bfd U24d0: 000c19fc0240 SAVEUIP(0x01, U3f19) 04b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U24d1: 2042f01c0235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, 0x7f0) U24d2: 00633a031200 tmp1:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U24d4: 005620031231 tmp1:= BTR_DSZ64(tmp1, 0x00000020) U24d5: 20433a000231 LFNCEMARK-> WRITEURAM(tmp1, FSCP_CR_IA32_FEATURE_CTL, 64) U24d6: 000a04000200 TESTUSTATE(UCODE, 0x0004) 04808e80 ? SEQW GOTO U008e U24d8: 000000000000 NOP 0560d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U24d9: 286a45210030 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U5845) U24da: 206321030200 LFNCEMARK-> tmp0:= READURAM(0x0021, 64) U24dc: 186bddd003f0 LFNCEWAIT-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000001f, U24dd) 0224da00 SEQW GOTO U24da ------------------------------------------------------------------------------------ U24dd: 186b6a1c02b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000008, U276a) U24de: 00250c031230 tmp1:= SHR_DSZ32(tmp0, 0x0000000c) U24e0: 0004ff7f1c48 tmp1:= AND_DSZ32(0x00001fff, tmp1) 01dd8500 SEQW GOTO U5d85 ------------------------------------------------------------------------------------ U24e1: 00084c5f000c tmp0:= ZEROEXT_DSZ32(0x0000974c) U24e2: 00a100030c0a tmp0:= CONCAT_DSZ16(0x00004000, tmp0) U24e4: 0d8b00039030 tmp9:= PORTIN_DSZ16_ASZ16_SC1(tmp0) U24e5: 008701139e48 tmp9:= NOTAND_DSZ16(0x00000401, tmp9) U24e6: 00040103a808 tmp10:= AND_DSZ32(0x00000001, rax) U24e8: 008100039e7a tmp9:= OR_DSZ16(tmp10, tmp9) U24e9: 008100239e48 tmp9:= OR_DSZ16(0x00000800, tmp9) U24ea: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01f41a80 ? SEQW GOTO U741a U24ec: 0d8f00039030 PORTOUT_DSZ16_ASZ16_SC1(tmp0, tmp9) 01f57200 SEQW GOTO U7572 ------------------------------------------------------------------------------------ U24ed: 006522031233 tmp1:= SHR_DSZ64(tmp3, 0x00000022) U24ee: 000400031c75 tmp1:= AND_DSZ32(tmp5, tmp1) U24f0: 186a11dc0331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000013, generate_#GP) U24f1: 00633a031200 tmp1:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U24f2: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01a4f8c0 ? SEQW GOTO U24f8 U24f4: 186a111c0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000000, generate_#GP) U24f5: 0004580b1d50 tmp1:= AND_DSZ32(0xfff300f8, tmp5) U24f6: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U24f8: 20433a080235 LFNCEMARK-> WRITEURAM(tmp5, FSCP_CR_IA32_FEATURE_CTL, 32) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U24f9: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U24fa: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) U24fc: 10851003bec8 tmp11:= SUB_DSZN(0x00000010, tmp11) U24fd: 0cdea060323b rdi:= unk_cde(tmp11, 0x000018a0) U24fe: 01600183c23c tmp12:= SUBR_DSZ64(tmp12, IMM_MACRO_01) U2500: 10851003bec8 tmp11:= SUB_DSZN(0x00000010, tmp11) U2501: 0cdea060323b rdi:= unk_cde(tmp11, 0x000018a0) U2502: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01a4fc80 SEQW GOTO U24fc ------------------------------------------------------------------------------------ U2504: 000800000000 NOP 01b7808c SEQW URET1 ------------------------------------------------------------------------------------ U2505: 000c098c0240 SAVEUIP(0x01, U2309) U2506: 000a00880200 TESTUSTATE(UCODE, !0x0200) 01b7808c ? SEQW GOTO U3780 U2508: 000cd28002c0 SYNCWTMRK-> SAVEUIP(0x01, U60d2) 0e378000 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U2509: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U250a: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) U250c: 10851003bec8 tmp11:= SUB_DSZN(0x00000010, tmp11) U250d: 0cd6a060323b rdi:= unk_cd6(tmp11, 0x000018a0) U250e: 01600183c23c tmp12:= SUBR_DSZ64(tmp12, IMM_MACRO_01) U2510: 10851003bec8 tmp11:= SUB_DSZN(0x00000010, tmp11) U2511: 0cd6a060323b rdi:= unk_cd6(tmp11, 0x000018a0) U2512: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01a50c80 SEQW GOTO U250c ------------------------------------------------------------------------------------ U2514: 000000000000 NOP 01c8644c SEQW URET1 ------------------------------------------------------------------------------------ U2515: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01c8644c ? SEQW GOTO U4864 U2516: 0008240f1008 tmp1:= ZEROEXT_DSZ32(0x00000324) U2518: 006312030200 tmp0:= READURAM(0x0012, 64) U2519: 086b64210270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U4864) U251a: 000d10c802c0 SYNCFULL-> SAVEUIP_REGOVR(0x01, U251c, 0x7210) 096bfd80 SEQW GOTO U6bfd U251c: 000c64a00280 SAVEUIP(0x01, U4864) 04b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U251d: 000000000000 LFNCEMARK-> NOP U251e: 000876032010 tmp2:= ZEROEXT_DSZ32(0x0002001b) U2520: 002189032432 tmp2:= CONCAT_DSZ32(tmp2, 0x00038003) U2521: 004710830232 tmp0:= NOTAND_DSZ64(tmp2, IMM_MACRO_ALIAS_INSTRUCTION) U2522: 00633c031200 tmp1:= READURAM(0x003c, 64) U2524: 004400031c72 tmp1:= AND_DSZ64(tmp2, tmp1) U2525: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U2526: 0962525f0670 LFNCEWAIT-> tmp0:= MOVETOCREG_BTS_DSZ64(tmp0, 0x00000025, 0x752) U2528: 00421b000230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x01b) 08196a48 SEQW URET0 ------------------------------------------------------------------------------------ U2529: 000a00400240 TESTUSTATE(UCODE, 0x3000) 08196a48 ? SEQW GOTO U196a U252a: 006312030200 tmp0:= READURAM(0x0012, 64) U252c: 286b6aa40270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000006, U196a) U252d: 000d40c80240 SAVEUIP_REGOVR(0x01, U252e, 0x3240) 01ebfc40 SEQW GOTO U6bfc U252e: 004c4dcd4276 tmpv0:= SAVEUIP(tmp6, 0x01, U334d) U2530: 000c1d1c0240 SAVEUIP(0x00, U271d) 01d1884c SEQW URET1 ------------------------------------------------------------------------------------ U2531: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01d1884c ? SEQW GOTO U5188 U2532: 00084d0f1008 tmp1:= ZEROEXT_DSZ32(0x0000034d) U2534: 006312033200 tmp3:= READURAM(0x0012, 64) U2535: 286b884502f3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000d, U5188) U2536: 000d13d00280 SAVEUIP_REGOVR(0x01, U2538, 0x5413) 01ebfd80 SEQW GOTO U6bfd U2538: 000c88c40280 SAVEUIP(0x01, U5188) 01b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U2539: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U253a: 000446030c10 tmp0:= AND_DSZ32(0x0000ffff, tmp0) U253c: 000101031c48 tmp1:= OR_DSZ32(0x00000001, tmp1) U253d: 00240f030230 tmp0:= SHL_DSZ32(tmp0, 0x0000000f) U253e: 2902a4180c70 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x6a4) U2540: 2042a1180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x6a1) U2541: 006321030200 tmp0:= READURAM(0x0021, 64) U2542: 186a6a1c0270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U276a) U2544: 206337030200 tmp0:= READURAM(0x0037, 64) U2545: 1928da100030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U24da) 01a76a40 SEQW GOTO U276a ------------------------------------------------------------------------------------ U2546: 000e00834000 tmp4:= WRMSLOOPCTRFBR(0x00000000) U2548: 002147032c90 tmp2:= CONCAT_DSZ32(0x00010000, tmp2) U2549: 018901030008 tmp0:= ADDSUB_DSZ16_CONDD(0x00000001) U254a: 023101030230 tmp0:= SELECTCC_DSZ32_CONDNS(tmp0, 0x00000001) U254c: 108500030870 tmp0:= SUB_DSZN(tmp0, rcx) U254d: 108526030c10 tmp0:= SUB_DSZN(0x00008000, tmp0) U254e: 10852703ec10 tmp14:= SUB_DSZN(0x00008001, tmp0) U2550: 013e4617ef89 tmp14:= MOVEMERGEFLGS_DSZ32(0x00002546, tmp14) U2551: 0037681fe2fe tmp14:= CMOVCC_DSZ32_CONDNB(tmp14, 0x00006768) U2552: 013e5e13fc08 tmp15:= MOVEMERGEFLGS_DSZ32(0x0000045e, tmp0) U2554: 01340003efbf tmp14:= CMOVCC_DSZ32_CONDZ(tmp15, tmp14) U2555: 000c8e9b1200 tmp1:= SAVEUIP(0x01, U068e) U2556: 01420b000f80 UFLOWCTRL(URET1, tmp14) U2558: 1c0008e30c66 SYNCWAIT-> tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x18) U2559: 1c0808a30c67 STAD_DSZN_ASZ32_SC1(rdi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x08, tmp0) U255a: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U255c: 1c0008e30c66 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x18) U255d: 1c0808a30c67 STAD_DSZN_ASZ32_SC1(rdi, tmp1, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x08, tmp0) U255e: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 01a558a6 SEQW GOTO U2558 ------------------------------------------------------------------------------------ U2560: 10850003f034 tmp15:= SUB_DSZN(tmp4) U2561: 00240003fcbf tmp15:= SHL_DSZ32(tmp15, tmp2) 051a6240 SEQW GOTO U1a62 ------------------------------------------------------------------------------------ U2562: 0e7b0f000cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U2564: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 0297ec00 ? SEQW GOTO uend U2565: 0c4b203f7000 LFNCEWAIT-> tmp7:= RDSEGFLD(TSS, BASE) U2566: 002100033df3 tmp3:= CONCAT_DSZ32(tmp3, tmp7) U2568: 0c7b2f000033 LFNCEMARK-> WRSEGFLD(tmp3, TSS, BASE) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2569: 0d0b04031034 tmp1:= PORTIN_DSZ32_ASZ16_SC1(tmp4) U256a: 0d0b00037034 tmp7:= PORTIN_DSZ32_ASZ16_SC1(tmp4) U256c: 002100037df1 tmp7:= CONCAT_DSZ32(tmp1, tmp7) U256d: 0e250c031038 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x0000000c) U256e: 006508037237 tmp7:= SHR_DSZ64(tmp7, 0x00000008) U2570: 000400037df1 tmp7:= AND_DSZ32(tmp1, tmp7) U2571: 2d0fc043700a PORTOUT_DSZ32_ASZ16_SC1(0x000050c0, tmp7) U2572: 186a74140235 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U2574) 05257580 SEQW GOTO U2575 ------------------------------------------------------------------------------------ U2574: 000d01837008 tmp7:= SAVEUIP_REGOVR(0x01, U2575, 0x0001) 028d5909 SEQW GOTO U0d59 U2575: 000000000000 LFNCEWAIT-> NOP 028d5909 SEQW URET0 ------------------------------------------------------------------------------------ U2576: 00621b172200 tmp2:= MOVEFROMCREG_DSZ64(0x51b) U2578: 0a621b140232 MOVETOCREG_BTR_DSZ64(tmp2, 0x51b) U2579: 00634a030200 tmp0:= READURAM(0x004a, 64) U257a: 0042f61c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) 05016496 SEQW SAVEUIP1 U257c SEQW GOTO U0164 U257c: 000caa6b5240 tmp5:= SAVEUIP(0x00, U3aaa) 01dee800 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U257d: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U257e: 0e752003403c tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U2580: 0e754003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040) U2581: 0e756003803c tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000060) U2582: 01420d03acba LFNCEWAIT-> tmp10:= UFLOWCTRL(tmp10, LDAT_IN, tmp2) U2584: 01420d03ad3a tmp10:= UFLOWCTRL(tmp10, LDAT_IN, tmp4) U2585: 01420d03adba tmp10:= UFLOWCTRL(tmp10, LDAT_IN, tmp6) U2586: 01420d03ae3a tmp10:= UFLOWCTRL(tmp10, LDAT_IN, tmp8) U2588: 00008003cf08 tmp12:= ADD_DSZ32(0x00000080, tmp12) U2589: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01a57d40 ? SEQW GOTO U257d U258a: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U258c: 006205075200 tmp5:= MOVEFROMCREG_DSZ64(0x105) U258d: 2a6205c402f5 MOVETOCREG_BTR_DSZ64(tmp5, 0x0000000f, 0x105) U258e: 100a20000200 TESTUSTATE(SYS, UST_SMM) 019ea680 ? SEQW GOTO patch_runs_load_loop U2590: 20430d08023f WRITEURAM(tmp15, 0x000d, 32) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2591: 0004ff031c48 tmp1:= AND_DSZ32(0x000000ff, tmp1) U2592: 0004ff030c88 tmp0:= AND_DSZ32(0x000000ff, tmp2) U2594: 000500030c70 tmp0:= SUB_DSZ32(tmp0, tmp1) U2595: 003200035d70 tmp5:= SELECTCC_DSZ32_CONDB(tmp0, tmp5) U2596: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01a81480 ? SEQW GOTO U2814 U2598: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01a59c00 ? SEQW GOTO U259c U2599: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U259a: 396285c802b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000b, CTAP_CR_DFX_CTL_STS) U259c: 1062080b0240 tmp0:= MOVEFROMCREG_DSZ64(0x208, 32) U259d: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U259e: 013100035d70 tmp5:= SELECTCC_DSZ32_CONDNZ(tmp0, tmp5) 01a81480 SEQW GOTO U2814 ------------------------------------------------------------------------------------ U25a0: 0008804fa009 tmp10:= ZEROEXT_DSZ32(0x00003380) U25a1: 0e6528035f08 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000028) U25a2: 004d0003303d tmp3:= unk_04d(tmp13) 01d93580 SEQW GOTO U5935 ------------------------------------------------------------------------------------ U25a4: 00480003d033 tmp13:= ZEROEXT_DSZ64(tmp3) 01d41600 SEQW GOTO U5416 ------------------------------------------------------------------------------------ U25a5: 00a10f1d4008 tmpv0:= CONCAT_DSZ16(0x0000070f) U25a6: 000101014214 tmpv0:= OR_DSZ32(tmpv0, 0x00000001) U25a8: 006320015200 tmpv1:= READURAM(0x0020, 64) U25a9: 00e146015215 tmpv1:= CONCAT_DSZ8(tmpv1, 0x00000046) U25aa: 006430015215 tmpv1:= SHL_DSZ64(tmpv1, 0x00000030) U25ac: 0041b419554a tmpv1:= OR_DSZ64(0x000046b4, tmpv1) U25ad: 10622f097240 tmpv3:= MOVEFROMCREG_DSZ64(0x22f, 32) U25ae: 186aad140217 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmpv3, 0x00000000, U25ad) U25b0: 19022ec80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x22e) 01bad614 SEQW SAVEUIP1 U25b1 SEQW GOTO U3ad6 U25b1: 10422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U25b2: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U25b4: 0008804fa009 tmp10:= ZEROEXT_DSZ32(0x00003380) U25b5: 0e6530035f08 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000030) U25b6: 004d0003303d tmp3:= unk_04d(tmp13) 01d93580 SEQW GOTO U5935 ------------------------------------------------------------------------------------ U25b8: 00480003d033 tmp13:= ZEROEXT_DSZ64(tmp3) 05541900 SEQW GOTO U5419 ------------------------------------------------------------------------------------ U25b9: 000821037008 tmp7:= ZEROEXT_DSZ32(0x00000021) U25ba: 00420b000237 LFNCEMARK-> MOVETOCREG_DSZ64(tmp7, 0x00b) U25bc: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U25bd: 23800003ae80 tmp10:= READAFLAGS(tmp10) U25be: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) 02610a92 SEQW SAVEUIP0 U25c0 SEQW GOTO U610a U25c0: 0207f503f008 tmp15:= unk_207(0x000000f5) U25c1: 286ab8210d77 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp7, tmp5, U58b8) U25c2: 00086003e010 tmp14:= ZEROEXT_DSZ32(0x00014809) U25c4: 000d03d402c0 SAVEUIP_REGOVR(0x01, U25c5, 0x7503) 01b71a00 SEQW GOTO U371a U25c5: 000800000000 NOP U25c6: 000800000000 NOP U25c8: 000c488802c0 SAVEUIP(0x01, U6248) 01a68c00 SEQW GOTO U268c ------------------------------------------------------------------------------------ U25c9: 0e2500038034 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U25ca: 0e250403a034 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000004) U25cc: 0e2508039034 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000008) U25cd: 1928d214003a SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp10, 0x00000000, U25d2) U25ce: 0d0b00035038 tmp5:= PORTIN_DSZ32_ASZ16_SC1(tmp8) U25d0: 000400035d7a tmp5:= AND_DSZ32(tmp10, tmp5) U25d1: 000100039d79 tmp9:= OR_DSZ32(tmp9, tmp5) U25d2: 0d0f00039038 LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(tmp8, tmp9) U25d4: 00400c034d08 LFNCEWAIT-> tmp4:= ADD_DSZ64(0x0000000c, tmp4) U25d5: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0225c940 SEQW GOTO U25c9 ------------------------------------------------------------------------------------ U25d6: 000800000000 NOP U25d8: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U25d9: 0e2500038034 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U25da: 0e650403a034 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x00000004) U25dc: 0e650c039034 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x0000000c) U25dd: 1928e214003a SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp10, 0x00000000, U25e2) U25de: 0d4b00035038 tmp5:= PORTIN_DSZ64_ASZ16_SC1(tmp8) U25e0: 004400035d7a tmp5:= AND_DSZ64(tmp10, tmp5) U25e1: 004100039d79 tmp9:= OR_DSZ64(tmp9, tmp5) U25e2: 0d4f00039038 LFNCEMARK-> PORTOUT_DSZ64_ASZ16_SC1(tmp8, tmp9) U25e4: 004014034d08 LFNCEWAIT-> tmp4:= ADD_DSZ64(0x00000014, tmp4) U25e5: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0225d940 SEQW GOTO U25d9 ------------------------------------------------------------------------------------ U25e6: 000800000000 NOP U25e8: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U25e9: 0c800063a034 tmp10:= LDZX_DSZ16_ASZ32_SC1(tmp4, mode=0x18) U25ea: 00a17003123a tmp1:= CONCAT_DSZ16(tmp10, 0x00000070) U25ec: 20433e000235 WRITEURAM(tmp5, 0x003e, 64) U25ed: 000900000000 MOVE_DSZ32(0x00000000) U25ee: 000bff000200 UPDATEUSTATE(0xfc) U25f0: 000b02800200 UPDATEUSTATE(!0x08) 01ac2110 SEQW SAVEUIP0 U25f1 SEQW GOTO U2c21 U25f1: 00040f03ae88 tmp10:= AND_DSZ32(0x0000000f, tmp10) U25f2: 00070e039ec8 tmp9:= NOTAND_DSZ32(0x0000000e, tmp11) U25f4: 0902f61c0e7a LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmp10, tmp9, CORE_CR_CR0) U25f5: 000700039ebb tmp9:= NOTAND_DSZ32(tmp11, tmp10) U25f6: 000800000000 NOP U25f8: 086ab92c0239 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000000, U0bb9) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U25f9: 006378038200 tmp8:= READURAM(0x0078, 64) U25fa: 00040f079e10 tmp9:= AND_DSZ32(0x00600000, tmp8) U25fc: 0005e1039e50 tmp9:= SUB_DSZ32(0x00200000, tmp9) U25fd: 0150fe140279 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U25fe) 04baae40 SEQW GOTO U3aae ------------------------------------------------------------------------------------ U25fe: 000c45680280 SAVEUIP(0x00, U5a45) U2600: 006267037200 tmp7:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2601: 014300380dc0 AETTRACE(0x0e, tmp7) U2602: 2962b5800240 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000006, 0x0b5) U2604: 000a20800200 TESTUSTATE(UCODE, !0x0020) 018000c8 ? SEQW URET0 U2605: 1042f91c0274 MOVETOCREG_DSZ64(tmp4, 0x7f9, 32) U2606: 000800000000 NOP U2608: 10420f080272 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x20f, 32) 04606a48 SEQW URET0 ------------------------------------------------------------------------------------ U2609: 000a00400240 TESTUSTATE(UCODE, 0x3000) 04606a48 ? SEQW GOTO U606a U260a: 00086d0f3008 tmp3:= ZEROEXT_DSZ32(0x0000036d) U260c: 006312030200 tmp0:= READURAM(0x0012, 64) U260d: 186b6a4102f0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000000d, U606a) U260e: 000d308403c0 SAVEUIP_REGOVR(0x01, U2610, 0xe130) 01ebfd80 SEQW GOTO U6bfd U2610: 000c6a8002c0 SAVEUIP(0x01, U606a) 0938d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U2611: 1062eb0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2eb, 32) U2612: 186b11180230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U2611) U2614: 1062cf0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cf, 32) U2615: 3a62cf480230 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000001, 0x2cf) U2616: 000d00800000 SAVEUIP_REGOVR(0x01, U2618, 0x0000) 01ab1580 SEQW GOTO lbsync_full U2618: 1902ce880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2ce) U2619: 3062ce0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2ce, 32) U261a: 186b1c580230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U261c) 01a61980 SEQW GOTO U2619 ------------------------------------------------------------------------------------ U261c: 000d01134240 tmp4:= SAVEUIP_REGOVR(0x00, U261d, 0x2401) 01a5a500 SEQW GOTO U25a5 U261d: 1062c40b0240 tmp0:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U261e: 000760030c08 tmp0:= NOTAND_DSZ32(0x00000060, tmp0) U2620: 1042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U2621: 3062d30b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d3, 32) U2622: 186a241802f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000c, U2624) 01a62180 SEQW GOTO U2621 ------------------------------------------------------------------------------------ U2624: 09626d800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x06d) 01c04200 SEQW GOTO U4042 ------------------------------------------------------------------------------------ U2625: 2043530b0230 tmp0:= WRITEURAM(tmp0, 0x0053, 32) U2626: 10629e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x39e, 32) U2628: 00080103b008 tmp11:= ZEROEXT_DSZ32(0x00000001) U2629: 186bf11c0230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, patch_apply_error) U262a: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U262c: 00080203b008 tmp11:= ZEROEXT_DSZ32(0x00000002) U262d: 025d00032d34 tmp2:= TEST_DSZ64(tmp4, tmp4) U262e: 0150f11c0272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, patch_apply_error) U2630: 00080303b008 tmp11:= ZEROEXT_DSZ32(0x00000003) U2631: 10401f030d08 tmp0:= ADD_DSZN(0x0000001f, tmp4) U2632: 025d00032c30 tmp2:= TEST_DSZ64(tmp0, tmp0) U2634: 0150f11c0272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, patch_apply_error) U2635: 000c0da7e2c8 tmp14:= SAVEUIP(0x01, U690d) U2636: 100a20800200 LFNCEWAIT-> TESTUSTATE(SYS, !UST_SMM) 035b5580 ? SEQW GOTO U5b55 U2638: 0d301c07d034 tmp13:= LDZX_DSZ32_ASZ32_SC1(tmp4) 055b5600 SEQW GOTO U5b56 ------------------------------------------------------------------------------------ U2639: 00635703c200 tmp12:= READURAM(0x0057, 64) U263a: 29620bc00240 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000007, 0x00b) U263c: 125600000000 unk_256(0x00000000) 02812910 SEQW SAVEUIP0 U263d SEQW GOTO U0129 U263d: 0e2580032234 LFNCEWAIT-> tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000080) U263e: 00c800032032 tmp2:= ZEROEXT_DSZ8(tmp2) U2640: 00058003fc48 tmp15:= SUB_DSZ32(0x00000080, tmp1) U2641: 01514d0002ff LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U604d) U2642: 000800000000 NOP U2644: 0e2d80032234 LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000080, tmp2) U2645: 000c8e83e208 tmp14:= SAVEUIP(0x01, U008e) U2646: 200a20800200 TESTUSTATE(VMX, !0x0020) 02667e80 ? SEQW GOTO U667e U2648: 0e2558035f0a tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000258) U2649: 00040f035d48 tmp5:= AND_DSZ32(0x0000000f, tmp5) U264a: 002504032232 tmp2:= SHR_DSZ32(tmp2, 0x00000004) U264c: 000500035cb5 tmp5:= SUB_DSZ32(tmp5, tmp2) U264d: 0052ce6002b5 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp5, U58ce) 0183628d SEQW URET1 ------------------------------------------------------------------------------------ U264e: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0183628d ? SEQW GOTO U0362 U2650: 0008620f3008 tmp3:= ZEROEXT_DSZ32(0x00000362) 0186ce00 SEQW GOTO U06ce ------------------------------------------------------------------------------------ U2651: 000c6a73d248 tmp13:= SAVEUIP(0x00, U3c6a) U2652: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U2654: 04b411808000 mm0:= FMOV(0x00000000) U2655: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 07265440 ? SEQW GOTO U2654 U2656: 0008ff7f200f LFNCEWTMRK-> tmp2:= ZEROEXT_DSZ32(0x0000ffff) U2658: 00087f0f1008 tmp1:= ZEROEXT_DSZ32(0x0000037f) U2659: 006269033200 LFNCEWAIT-> tmp3:= MOVEFROMCREG_DSZ64(0x069) U265a: 00420f000200 MOVETOCREG_DSZ64(0x00000000, 0x00f) U265c: 00426a000232 MOVETOCREG_DSZ64(tmp2, 0x06a) U265d: 00420e000200 MOVETOCREG_DSZ64(0x00000000, 0x00e) U265e: 00420a000200 MOVETOCREG_DSZ64(0x00000000, 0x00a) U2660: 00420d000200 MOVETOCREG_DSZ64(0x00000000, 0x00d) U2661: 090269400233 MOVETOCREG_OR_DSZ64(tmp3, 0x00000001, 0x069) U2662: 004286100231 MOVETOCREG_DSZ64(tmp1, 0x486) U2664: 00428c100200 MOVETOCREG_DSZ64(0x00000000, 0x48c) U2665: 004273000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x073) 089ea689 SEQW URET0 ------------------------------------------------------------------------------------ U2666: 100a00800380 TESTUSTATE(SYS, !0xc000) 089ea689 ? SEQW GOTO patch_runs_load_loop U2668: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2669: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U266a: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U266c: 026900032040 tmp2:= RDVMCSPLA(r64dst) U266d: 00635603c200 tmp12:= READURAM(0x0056, 64) U266e: 014310a36208 tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U2670: 10650f03b201 tmp11:= SHR_DSZN(r64dst, 0x0000000f) U2671: 004001031f08 tmp1:= ADD_DSZ64(0x00000001, tmp12) U2672: 100ac3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 01a67980 ? SEQW GOTO U2679 U2674: 000a00400200 TESTUSTATE(UCODE, 0x1000) 01a67900 ? SEQW GOTO U2679 U2675: 003d17130208 tmp0:= MOVEINSERTFLGS_DSZ32(0x00000417) U2676: 000800000000 NOP U2678: 000805034008 tmp4:= ZEROEXT_DSZ32(0x00000005) 04e66210 SEQW SAVEUIP0 U2679 SEQW GOTO U6662 U2679: 0052ae100231 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, set_carry_uend) U267a: 0004f80f1c88 tmp1:= AND_DSZ32(0x000003f8, tmp2) U267c: 01511434023b UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U0d14) U267d: 086b147402f2 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x0000000d, U0d14) U267e: 00240303b232 tmp11:= SHL_DSZ32(tmp2, 0x00000003) U2680: 0e6500037c7c LFNCEWAIT-> tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, tmp1) U2681: 006500037ef7 tmp7:= SHR_DSZ64(tmp7, tmp11) 021ea68d SEQW URET1 ------------------------------------------------------------------------------------ U2682: 100a00800280 TESTUSTATE(SYS, !0x4000) 021ea68d ? SEQW GOTO patch_runs_load_loop U2684: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2685: 0c4bc0274000 tmp4:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2686: 104500034cf4 tmp4:= SUB_DSZN(tmp4, tmp3) U2688: 000825037008 tmp7:= ZEROEXT_DSZ32(0x00000025) U2689: 00421c038200 LFNCEMARK-> tmp8:= MOVETOCREG_DSZ64(0x00000000, 0x01c) U268a: 000c65f40240 SAVEUIP(0x01, U3d65) U268c: 01080083f010 tmp15:= READUIP_REGOVR(0x01) U268d: 1062f91f3240 tmp3:= MOVEFROMCREG_DSZ64(0x7f9, 32) U268e: 186a90180233 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000000, U2690) 071cbe80 SEQW GOTO uret1 ------------------------------------------------------------------------------------ U2690: 10620e0b3240 tmp3:= MOVEFROMCREG_DSZ64(0x20e, 32) U2691: 186b929807b3 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000003a, U2692) 06a69e40 SEQW GOTO U269e ------------------------------------------------------------------------------------ U2692: 006209033200 tmp3:= MOVEFROMCREG_DSZ64(0x009) U2694: 00012003bcc8 tmp11:= OR_DSZ32(0x00000020, tmp3) U2695: 00620003bec0 tmp11:= MOVEFROMCREG_DSZ64(tmp11) U2696: 00435d00023b WRITEURAM(tmp11, 0x005d, 64) U2698: 00014003bcc8 tmp11:= OR_DSZ32(0x00000040, tmp3) U2699: 00620003bec0 tmp11:= MOVEFROMCREG_DSZ64(tmp11) U269a: 00435e00023b WRITEURAM(tmp11, 0x005e, 64) U269c: 000800000000 NOP U269d: 000800000000 NOP U269e: 015d00000fc0 UJMP(tmp15) ------------------------------------------------------------------------------------ U26a0: 0004001faec8 tmp10:= AND_DSZ32(0x00000700, tmp11) U26a1: 0005001f8e88 tmp8:= SUB_DSZ32(0x00000700, tmp10) U26a2: 015021040238 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U0121) U26a4: 00630a03c200 tmp12:= READURAM(0x000a, 64) U26a5: 204270000232 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp2, 0x070) U26a6: 027300037dfe tmp7:= SELECTCC_DSZ64_CONDNP(tmp14, tmp7) U26a8: 00161e03b23b tmp11:= BTR_DSZ32(tmp11, 0x0000001e) U26a9: 000400236ec8 tmp6:= AND_DSZ32(0x00000800, tmp11) U26aa: 00250b036236 tmp6:= SHR_DSZ32(tmp6, 0x0000000b) U26ac: 0004ff032ec8 tmp2:= AND_DSZ32(0x000000ff, tmp11) U26ad: 013e00032ef2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp11) U26ae: 002402038232 tmp8:= SHL_DSZ32(tmp2, 0x00000002) U26b0: 000100036db8 tmp6:= OR_DSZ32(tmp8, tmp6) U26b1: 00a100036dbc tmp6:= CONCAT_DSZ16(tmp12, tmp6) U26b2: 00080003103b tmp1:= ZEROEXT_DSZ32(tmp11) U26b4: 00880003d03c tmp13:= ZEROEXT_DSZ16(tmp12) U26b5: 00251003c23c tmp12:= SHR_DSZ32(tmp12, 0x00000010) U26b6: 00637003f200 tmp15:= READURAM(0x0070, 64) U26b8: 0005000b8e88 tmp8:= SUB_DSZ32(0x00000200, tmp10) U26b9: 01f800038038 tmp8:= SETCC_CONDZ(tmp8) U26ba: 006432038238 tmp8:= SHL_DSZ64(tmp8, 0x00000032) U26bc: 00410003fff8 tmp15:= OR_DSZ64(tmp8, tmp15) U26bd: 20437004023f WRITEURAM(tmp15, 0x0170, 64) U26be: 09a20800063f MOVETOCREG_SHR_DSZ64(tmp15, 0x00000020, 0x008) U26c0: 000400179e88 tmp9:= AND_DSZ32(0x00000500, tmp10) U26c1: 000500139e48 tmp9:= SUB_DSZ32(0x00000400, tmp9) U26c2: 013e6003ee50 tmp14:= MOVEMERGEFLGS_DSZ32(0x00014809, tmp9) U26c4: 01746103e43e SYNCWAIT-> tmp14:= CMOVCC_DSZ64_CONDZ(tmp14, 0x00016809) U26c5: 000a80000200 TESTUSTATE(UCODE, 0x0080) 0a26c840 ? SEQW GOTO U26c8 U26c6: 00551803e23e tmp14:= BTS_DSZ64(tmp14, 0x00000018) U26c8: 20420000023e MOVETOCREG_DSZ64(tmp14, 0x000) U26c9: 017104039239 tmp9:= SELECTCC_DSZ64_CONDNZ(tmp9, 0x00000004) U26ca: 00140c037237 tmp7:= BT_DSZ32(tmp7, 0x0000000c) U26cc: 007300039e77 tmp9:= SELECTCC_DSZ64_CONDNB(tmp7, tmp9) U26cd: 204270000239 MOVETOCREG_DSZ64(tmp9, 0x070) U26ce: 000a80800200 TESTUSTATE(UCODE, !0x0080) 019e2980 ? SEQW GOTO U1e29 U26d0: 20421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U26d1: 0005000f4e88 tmp4:= SUB_DSZ32(0x00000300, tmp10) U26d2: 0150d4180274 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U26d4) 01a6ed80 SEQW GOTO U26ed ------------------------------------------------------------------------------------ U26d4: 00050a034c88 tmp4:= SUB_DSZ32(0x0000000a, tmp2) U26d5: 000503034d08 tmp4:= SUB_DSZ32(0x00000003, tmp4) U26d6: 01fa0003f034 tmp15:= SETCC_CONDBE(tmp4) U26d8: 000500034c88 tmp4:= SUB_DSZ32(0x00000000, tmp2) U26d9: 01f800034034 tmp4:= SETCC_CONDZ(tmp4) U26da: 00010003fff4 tmp15:= OR_DSZ32(tmp4, tmp15) U26dc: 00050e034c88 tmp4:= SUB_DSZ32(0x0000000e, tmp2) U26dd: 013e02034d08 tmp4:= MOVEMERGEFLGS_DSZ32(0x00000002, tmp4) U26de: 01740003fff4 tmp15:= CMOVCC_DSZ64_CONDZ(tmp4, tmp15) U26e0: 000514034c88 tmp4:= SUB_DSZ32(0x00000014, tmp2) U26e1: 013e02034d08 tmp4:= MOVEMERGEFLGS_DSZ32(0x00000002, tmp4) U26e2: 01740003fff4 tmp15:= CMOVCC_DSZ64_CONDZ(tmp4, tmp15) U26e4: 000508034c88 tmp4:= SUB_DSZ32(0x00000008, tmp2) U26e5: 013e03034d08 tmp4:= MOVEMERGEFLGS_DSZ32(0x00000003, tmp4) U26e6: 01740003fff4 tmp15:= CMOVCC_DSZ64_CONDZ(tmp4, tmp15) U26e8: 006204034200 tmp4:= MOVEFROMCREG_DSZ64(0x004) U26e9: 000703034d08 tmp4:= NOTAND_DSZ32(0x00000003, tmp4) U26ea: 00010003fd3f tmp15:= OR_DSZ32(tmp15, tmp4) U26ec: 00420400023f LFNCEMARK-> MOVETOCREG_DSZ64(tmp15, 0x004) U26ed: 0205ff7ff7c0 tmp15:= unk_205(0xffffffffffffffff) U26ee: 00210003f03f tmp15:= CONCAT_DSZ32(tmp15) U26f0: 004000034cfc tmp4:= ADD_DSZ64(tmp12, tmp3) U26f1: 004703034d3f ROVR<- tmp4:= NOTAND_DSZ64(tmp15, tmp4) 01a1785d SEQW SAVEUIP1 U26f2 SEQW GOTO U2178 U26f2: 00629e1f8200 tmp8:= MOVEFROMCREG_DSZ64(0x79e) U26f4: 000400179e88 tmp9:= AND_DSZ32(0x00000500, tmp10) U26f5: 000500139e48 tmp9:= SUB_DSZ32(0x00000400, tmp9) U26f6: 013100038e39 tmp8:= SELECTCC_DSZ32_CONDNZ(tmp9, tmp8) U26f8: 000500130e88 tmp0:= SUB_DSZ32(0x00000400, tmp10) U26f9: 013101030230 tmp0:= SELECTCC_DSZ32_CONDNZ(tmp0, 0x00000001) U26fa: 0062c51f7200 tmp7:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U26fc: 00480003a033 tmp10:= ZEROEXT_DSZ64(tmp3) U26fd: 020600030030 tmp0:= unk_206(tmp0) U26fe: 000400037df0 tmp7:= AND_DSZ32(tmp0, tmp7) U2700: 0151ad5802f7 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, U76ad) U2701: 000d75c00300 SAVEUIP_REGOVR(0x01, U2702, 0x9075) 01b71a40 SEQW GOTO U371a U2702: 00089e17700a tmp7:= ZEROEXT_DSZ32(0x0000459e) U2704: 0203125f7dca tmp7:= unk_203(0x00005712, tmp7) U2705: 000800000000 NOP U2706: 015d00000dc0 UJMP(tmp7) ------------------------------------------------------------------------------------ U2708: 206204030200 tmp0:= MOVEFROMCREG_DSZ64(0x004) U2709: 186a0d9c0230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000002, U270d) U270a: 2062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U270c: 286bd8340330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U1dd8) U270d: 0062011f5200 tmp5:= MOVEFROMCREG_DSZ64(0x701) U270e: 2962019c02f5 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp5, 0x0000000e, 0x701) 05085e80 SEQW GOTO U085e ------------------------------------------------------------------------------------ U2710: 204265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) generate_#GP: U2711: 021ef5000200 LFNCEMARK-> SIGEVENT(0x000000f5) 04879d40 SEQW GOTO U079d ------------------------------------------------------------------------------------ U2712: 01080003f010 tmp15:= READUIP_REGOVR(0x00) U2714: 00210003dffd tmp13:= CONCAT_DSZ32(tmp13, tmp15) U2715: 00218d67e23e tmp14:= CONCAT_DSZ32(tmp14, 0x0000198d) U2716: 000ccc100200 SAVEUIP(0x00, U04cc) 01813980 SEQW GOTO U0139 ------------------------------------------------------------------------------------ U2718: 204265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) 05271100 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U2719: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U271a: 0a628c5002b0 LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp0, 0x00000009, 0x48c) U271c: 000800000000 LFNCEWAIT-> NOP 02334db4 SEQW UEND1 ------------------------------------------------------------------------------------ U271d: 000c6ae40200 SAVEUIP(0x01, U196a) U271e: 004cd0614275 tmpv0:= SAVEUIP(tmp5, 0x00, U38d0) 02334db4 SEQW GOTO U334d ------------------------------------------------------------------------------------ U2720: 000000000000 NOP U2721: 000d00000000 LFNCEMARK-> SAVEUIP_REGOVR(0x00, U2722, 0x0000) 04a73540 SEQW GOTO U2735 U2722: 003340030230 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000040) U2724: 000040030c08 tmp0:= ADD_DSZ32(0x00000040, tmp0) U2725: 00423a180230 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp0, 0x63a) 06885e4e SEQW GOTO U085e ------------------------------------------------------------------------------------ U2726: 000c6417d208 tmp13:= SAVEUIP(0x00, U0564) 06885e4e SEQW URET1 ------------------------------------------------------------------------------------ U2728: 0062ff1f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7ff) U2729: 000400230c08 tmp0:= AND_DSZ32(0x00000800, tmp0) U272a: 002507030230 tmp0:= SHR_DSZ32(tmp0, 0x00000007) U272c: 0062c51f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U272d: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U272e: 000400030c31 tmp0:= AND_DSZ32(tmp1, tmp0) 019a0d80 SEQW GOTO U1a0d ------------------------------------------------------------------------------------ U2730: 000808030008 tmp0:= ZEROEXT_DSZ32(0x00000008) U2731: 000805037008 tmp7:= ZEROEXT_DSZ32(0x00000005) U2732: 100a20000200 LFNCEMARK-> TESTUSTATE(SYS, UST_SMM) 050e59c0 ? SEQW GOTO U0e59 U2734: 000c9d200280 SAVEUIP(0x00, U489d) U2735: 0c4bc0274000 tmp4:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2736: 006267032200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) 0354b980 SEQW GOTO U54b9 ------------------------------------------------------------------------------------ U2738: 29623a180240 MOVETOCREG_BTS_DSZ64(0x00000004, 0x63a) U2739: 000000000000 LFNCEMARK-> NOP 04885e40 SEQW GOTO U085e ------------------------------------------------------------------------------------ U273a: 004707032c88 tmp2:= NOTAND_DSZ64(0x00000007, tmp2) U273c: 004274140232 MOVETOCREG_DSZ64(tmp2, PMH_CR_EMRR_BASE) U273d: 004275140231 MOVETOCREG_DSZ64(tmp1, PMH_CR_EMRR_MASK) U273e: 000c25e40200 SAVEUIP(0x01, U1925) 01816480 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U2740: 000000000000 NOP U2741: 000c221c0240 LFNCEMARK-> SAVEUIP(0x00, U2722) 04a73540 SEQW GOTO U2735 ------------------------------------------------------------------------------------ U2742: 2928e4310031 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U5ce4) U2744: 2928b2650231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U59b2) U2745: 038000030013 tmp0:= READAFLAGS(tmp7) U2746: 204322000230 WRITEURAM(tmp0, 0x0022, 64) 01a17c80 SEQW GOTO U217c ------------------------------------------------------------------------------------ U2748: 000000000000 NOP U2749: 000000000000 NOP 01fc0040 SEQW GOTO U7c00 ------------------------------------------------------------------------------------ U274a: 006213170200 tmp0:= MOVEFROMCREG_DSZ64(0x513) U274c: 00217b03f010 tmp15:= CONCAT_DSZ32(0x00030000) U274d: 004700030c3f tmp0:= NOTAND_DSZ64(tmp15, tmp0) U274e: 204213140230 MOVETOCREG_DSZ64(tmp0, 0x513) U2750: 000900000000 MOVE_DSZ32(0x00000000) U2751: 0fef02000000 LBSYNC(0x00000002) U2752: 002189032432 tmp2:= CONCAT_DSZ32(tmp2, 0x00038003) 01a52192 SEQW SAVEUIP0 U2754 SEQW GOTO U2521 U2754: 000900000000 MOVE_DSZ32(0x00000000) U2755: 0cd300631178 LFNCEMARK-> tmp1:= LEA_DSZ8_ASZ32_SC1(DS, tmp8, r64idx, mode=0x18) 04843c55 SEQW SAVEUIP1 U2756 SEQW GOTO U043c U2756: 000800000000 NOP U2758: 1d0400600178 LFNCEWTMRK-> unk_d04(tmp8, r64idx) 06043c14 SEQW SAVEUIP1 U2759 SEQW GOTO U043c U2759: 000800000000 NOP U275a: 000800000000 NOP U275c: 006225172200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(0x525) U275d: 0047ff3f0c88 tmp0:= NOTAND_DSZ64(0x00000fff, tmp2) U275e: 00621e17f200 tmp15:= MOVEFROMCREG_DSZ64(0x51e) U2760: 00460003fff0 tmp15:= XOR_DSZ64(tmp0, tmp15) U2761: 39283959023f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000001, U7639) U2762: 0004ff3ffc48 tmp15:= AND_DSZ32(0x00000fff, tmp1) U2764: 004100020c3f rax:= OR_DSZ64(tmp15, tmp0) U2765: 004800023031 rbx:= ZEROEXT_DSZ64(tmp1) U2766: 000478021c88 rcx:= AND_DSZ32(0x00000078, tmp2) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U2768: 000000080000 MSSTOP-> NOP generate_#UD: U2769: 021e19000200 SIGEVENT(0x00000019) 01879d6c SEQW GOTO U079d ------------------------------------------------------------------------------------ U276a: 000882030010 tmp0:= ZEROEXT_DSZ32(0x00030300) U276c: 2042a1180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x6a1) U276d: 0008093f1008 tmp1:= ZEROEXT_DSZ32(0x00000f09) U276e: 001510031231 tmp1:= BTS_DSZ32(tmp1, 0x00000010) 0424a580 SEQW GOTO U24a5 ------------------------------------------------------------------------------------ U2770: 000000080000 MSSTOP-> NOP generate_#NM: U2771: 021e1d000200 SIGEVENT(0x0000001d) 01879d6c SEQW GOTO U079d ------------------------------------------------------------------------------------ U2772: 0062921b7200 tmp7:= MOVEFROMCREG_DSZ64(0x692) U2774: 096292180237 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(tmp7, 0x692) U2775: 008500735c4b tmp5:= SUB_DSZ16(0x00007c00, tmp1) U2776: 002502035235 tmp5:= SHR_DSZ32(tmp5, 0x00000002) U2778: 000500035c75 tmp5:= SUB_DSZ32(tmp5, tmp1) U2779: 008500735d4b tmp5:= SUB_DSZ16(0x00007c00, tmp5) U277a: 002405035235 tmp5:= SHL_DSZ32(tmp5, 0x00000005) U277c: 0000c06b3d4b tmp3:= ADD_DSZ32(0x00007ac0, tmp5) U277d: 004247000010 MOVETOCREG_DSZ64(0x00000000, 0x000) U277e: 000884036010 tmp6:= ZEROEXT_DSZ32(0x00030600) U2780: 2042a1180236 MOVETOCREG_DSZ64(tmp6, 0x6a1) U2781: 008500739c4b tmp9:= SUB_DSZ16(0x00007c00, tmp1) U2782: 2042a01b8239 LFNCEMARK-> tmp8:= MOVETOCREG_DSZ64(tmp9, 0x6a0) U2784: 00050103cc08 tmp12:= SUB_DSZ32(0x00000001, tmp0) U2785: 01420e000f00 SYNCMARK-> UFLOWCTRL(MSLOOPCTR, tmp12) U2786: 000a08800200 TESTUSTATE(UCODE, !0x0008) 0c8f3580 ? SEQW GOTO U0f35 U2788: 000ca6f80200 SAVEUIP(0x01, patch_runs_load_loop) 01d55d00 SEQW GOTO U555d ------------------------------------------------------------------------------------ U2789: 016800033c02 tmp3:= unk_168(r64src, tmp0) U278a: 004100034c00 tmp4:= OR_DSZ64(0x00000000, tmp0) U278c: 017000032cb4 tmp2:= SELECTCC_DSZ64_CONDZ(tmp4, tmp2) U278d: 013021034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x00000021) U278e: 018f00033cb3 tmp3:= unk_18f(tmp3, tmp2) U2790: 007c000020b3 rax:= unk_07c(tmp3, r64src) 01880c00 SEQW GOTO U080c ------------------------------------------------------------------------------------ U2791: 0062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2792: 013000031c32 tmp1:= SELECTCC_DSZ32_CONDZ(tmp2, tmp0) U2794: 186a111c0371 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000014, generate_#GP) U2795: 0007b3030c10 tmp0:= NOTAND_DSZ32(0x00090000, tmp0) U2796: 002410032232 tmp2:= SHL_DSZ32(tmp2, 0x00000010) U2798: 2902fe1c0cb0 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp0, tmp2, CORE_CR_EFLAGS) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2799: 013005030231 tmp0:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000005) U279a: 0000000b0c09 tmp0:= ADD_DSZ32(0x00002200, tmp0) U279c: 304200000c00 MOVETOCREG_DSZ64(tmp0, 0x00000000) U279d: 013006030231 tmp0:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000006) U279e: 0000000b0c09 tmp0:= ADD_DSZ32(0x00002200, tmp0) U27a0: 304200000c00 MOVETOCREG_DSZ64(tmp0, 0x00000000) 01a7a68c SEQW URET1 ------------------------------------------------------------------------------------ U27a1: 104000039e36 tmp9:= ADD_DSZN(tmp6, tmp8) U27a2: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01a7a68c ? SEQW GOTO U27a6 U27a4: 000809032008 tmp2:= ZEROEXT_DSZ32(0x00000009) U27a5: 0048f2031039 ROVR<- tmp1:= ZEROEXT_DSZ64(tmp9) 019d905d SEQW SAVEUIP1 U27a6 SEQW GOTO U1d90 U27a6: 025d00032e79 tmp2:= TEST_DSZ64(tmp9, tmp9) U27a8: 0150ec5c0232 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, uend) U27a9: 1047ff3f5e48 tmp5:= NOTAND_DSZN(0x00000fff, tmp9) 040bba51 SEQW SAVEUIP0 U27aa SEQW GOTO U0bba U27aa: 000800000000 NOP U27ac: 0dff00000035 LFNCEWAIT-> unk_dff(tmp5) U27ad: 014201000d40 UFLOWCTRL(UNK, tmp5) U27ae: 000000000000 NOP U27b0: 00635c03f200 tmp15:= READURAM(0x005c, 64) U27b1: 00552b03f23f tmp15:= BTS_DSZ64(tmp15, 0x0000002b) U27b2: 00435c00023f LFNCEMARK-> WRITEURAM(tmp15, 0x005c, 64) 050000ce SEQW URET1 ------------------------------------------------------------------------------------ patch_load_error: U27b4: 00a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U27b5: 20430e080230 WRITEURAM(tmp0, 0x000e, 32) U27b6: 100a00800380 TESTUSTATE(SYS, !0xc000) 01dae480 ? SEQW GOTO U5ae4 U27b8: 100a00000280 TESTUSTATE(SYS, 0x4000) 09571100 ? SEQW GOTO U5711 U27b9: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U27ba: 39629d480231 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x29d) U27bc: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U27bd: 186ac05c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000009, U27c0) U27be: 186abc5c0231 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U27bc) U27c0: 0008ee1be008 tmp14:= ZEROEXT_DSZ32(0x000006ee) 08bdc200 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ uarch_bufs_ldat_init: U27c1: 204221040231 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x121) U27c2: 004224040200 MOVETOCREG_DSZ64(0x00000000, 0x124) U27c4: 004225040200 MOVETOCREG_DSZ64(0x00000000, 0x125) U27c5: 004226040200 MOVETOCREG_DSZ64(0x00000000, 0x126) U27c6: 004227040200 MOVETOCREG_DSZ64(0x00000000, 0x127) U27c8: 204220040232 MOVETOCREG_DSZ64(tmp2, 0x120) 01a7cd88 SEQW URET0 ------------------------------------------------------------------------------------ U27c9: 186ace6d0261 BTUJB_DIRECT_NOTTAKEN(rcx, 0x00000005, U6bce) U27ca: 186acc9c0221 BTUJB_DIRECT_NOTTAKEN(rcx, 0x00000002, U27cc) 01a7cd88 SEQW GOTO U27cd ------------------------------------------------------------------------------------ U27cc: 000d05800000 SAVEUIP_REGOVR(0x01, U27cd, 0x0005) 01b2cd00 SEQW GOTO U32cd U27cd: 0021000328a3 tmp2:= CONCAT_DSZ32(rbx, rdx) U27ce: 000701034808 tmp4:= NOTAND_DSZ32(0x00000001, rax) U27d0: 0004c0035848 tmp5:= AND_DSZ32(0x000000c0, rcx) U27d1: 002501035235 tmp5:= SHR_DSZ32(tmp5, 0x00000001) U27d2: 000418036848 tmp6:= AND_DSZ32(0x00000018, rcx) U27d4: 000100038d76 tmp8:= OR_DSZ32(tmp6, tmp5) U27d5: 186bd61c0231 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U27d6) 04a7d940 SEQW GOTO U27d9 ------------------------------------------------------------------------------------ U27d6: 000800000000 NOP U27d8: 0000520392b8 tmp9:= ADD_DSZ32(tmp8, 0x00004052) 0327da00 SEQW GOTO U27da ------------------------------------------------------------------------------------ U27d9: 0000920f92b8 tmp9:= ADD_DSZ32(tmp8, 0x00004392) U27da: 015d00000e40 LFNCEWAIT-> UJMP(tmp9) ------------------------------------------------------------------------------------ U27dc: 00a10007bec8 tmp11:= CONCAT_DSZ16(0x00000100, tmp11) U27dd: 00430e08023b WRITEURAM(tmp11, 0x000e, 32) U27de: 100a00838380 tmp8:= TESTUSTATE(SYS, !0xc000) 01bde580 ? SEQW GOTO U3de5 U27e0: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0927e800 ? SEQW GOTO U27e8 U27e1: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U27e2: 19629d4b1231 SYNCFULL-> tmp1:= MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x29d) U27e4: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U27e5: 186ae85c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000009, U27e8) U27e6: 186ae45c0231 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U27e4) U27e8: 0008ee1be008 tmp14:= ZEROEXT_DSZ32(0x000006ee) 01bdc200 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ U27e9: 000100035000 tmp5:= OR_DSZ32(0x00000000) U27ea: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U27ec: 23800003ae80 tmp10:= READAFLAGS(tmp10) U27ed: 00635c03c200 tmp12:= READURAM(0x005c, 64) U27ee: 00652c03c23c tmp12:= SHR_DSZ64(tmp12, 0x0000002c) U27f0: 00040803cf08 tmp12:= AND_DSZ32(0x00000008, tmp12) 01c92a00 SEQW GOTO U492a ------------------------------------------------------------------------------------ patch_apply_error: U27f1: 00a10007bec8 tmp11:= CONCAT_DSZ16(0x00000100, tmp11) U27f2: 00430e08023b WRITEURAM(tmp11, 0x000e, 32) U27f4: 00430d080200 WRITEURAM(0x00000000, 0x000d, 32) U27f5: 006353031200 tmp1:= READURAM(0x0053, 64) U27f6: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U27f8: 186af2950231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000002, U65f2) 01a1fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U27f9: 006353030200 tmp0:= READURAM(0x0053, 64) U27fa: 0008fe073009 tmp3:= ZEROEXT_DSZ32(0x000021fe) U27fc: 00430d080200 WRITEURAM(0x00000000, 0x000d, 32) U27fd: 186a81800230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000002, U2081) U27fe: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U2800: 015d00000cc0 SYNCFULL-> UJMP(tmp3) ------------------------------------------------------------------------------------ U2801: 186b04200239 BTUJNB_DIRECT_NOTTAKEN(tmp9, 0x00000000, U2804) U2802: 000800000000 NOP 0828f596 SEQW SAVEUIP1 U2804 SEQW GOTO U28f5 U2804: 000c6de80240 SAVEUIP(0x01, U3a6d) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2805: 2d0f50000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000050, 0x00000000) U2806: 000882070008 tmp0:= ZEROEXT_DSZ32(0x00000182) U2808: 00a1ee030c08 tmp0:= CONCAT_DSZ16(0x000000ee, tmp0) U2809: 004378080230 WRITEURAM(tmp0, 0x0078, 32) U280a: 000df2800000 SAVEUIP_REGOVR(0x01, U280c, 0x00f2) U280c: 000c9a800240 SAVEUIP(0x01, U209a) 0182ca00 SEQW GOTO U02ca ------------------------------------------------------------------------------------ U280d: 186b14a002b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, U2814) U280e: 086a2ed502b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000b, U452e) U2810: 192914200c73 CMPUJNZ_DIRECT_NOTTAKEN(tmp3, tmp1, U2814) U2811: 192914200c32 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp0, U2814) U2812: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) U2814: 000c52300200 SAVEUIP(0x00, U0c52) 01dee800 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U2815: 2d0b0027000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00004900) U2816: 004309000230 WRITEURAM(tmp0, 0x0009, 64) U2818: 001513030230 tmp0:= BTS_DSZ32(tmp0, 0x00000013) U2819: 2d0f0027000a PORTOUT_DSZ32_ASZ16_SC1(0x00004900, tmp0) U281a: 2d0b0027000a SYNCFULL-> tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00004900) U281c: 286aa6380370 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000014, patch_runs_load_loop) 01a81a00 SEQW GOTO U281a ------------------------------------------------------------------------------------ U281d: 006320014200 tmpv0:= READURAM(0x0020, 64) U281e: 008602015214 tmpv1:= XOR_DSZ16(tmpv0, 0x00000002) U2820: 2d0b04016008 tmpv2:= PORTIN_DSZ32_ASZ16_SC1(0x00000004) U2821: 001400016556 tmpv2:= BT_DSZ32(tmpv2, tmpv1) U2822: 007200014516 tmpv0:= SELECTCC_DSZ64_CONDB(tmpv2, tmpv0) U2824: 00542f014214 tmpv0:= BT_DSZ64(tmpv0, 0x0000002f) 01ab154c SEQW URET1 ------------------------------------------------------------------------------------ U2825: 000d08800000 SAVEUIP_REGOVR(0x01, U2826, 0x0008) 01ab154c SEQW GOTO lbsync_full U2826: 00634f030200 tmp0:= READURAM(0x004f, 64) U2828: 006216171200 tmp1:= MOVEFROMCREG_DSZ64(0x516) U2829: 00444a0b2c10 tmp2:= AND_DSZ64(0xffffffff, tmp0) U282a: 090216140cb1 MOVETOCREG_OR_DSZ64(tmp1, tmp2, 0x516) U282c: 006217171200 tmp1:= MOVEFROMCREG_DSZ64(0x517) U282d: 006520032230 tmp2:= SHR_DSZ64(tmp0, 0x00000020) U282e: 090217140cb1 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp1, tmp2, 0x517) 09016496 SEQW SAVEUIP1 U2830 SEQW GOTO U0164 U2830: 186a31200230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U2831) 01a83a00 SEQW GOTO U283a ------------------------------------------------------------------------------------ U2831: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U2832: 0062f01f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7f0) U2834: 004101031c48 ROVR<- tmp1:= OR_DSZ64(0x00000001, tmp1) 01c08418 SEQW SAVEUIP0 U2835 SEQW GOTO U4084 U2835: 006267031200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2836: 014300380c40 AETTRACE(0x0e, tmp1) U2838: 2962b5000240 MOVETOCREG_BTS_DSZ64(0x00000004, 0x0b5) U2839: 000800000000 NOP U283a: 015d00000f00 UJMP(tmp12) ------------------------------------------------------------------------------------ U283c: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U283d: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71140 ? SEQW GOTO generate_#GP U283e: 00081c030008 tmp0:= ZEROEXT_DSZ32(0x0000001c) U2840: 006343031200 tmp1:= READURAM(0x0043, 64) U2841: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01a84440 ? SEQW GOTO U2844 U2842: 286a09250331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U5909) U2844: 000877030010 tmp0:= ZEROEXT_DSZ32(0x0002001c) U2845: 00634c031200 tmp1:= READURAM(0x004c, 64) U2846: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 0185ea80 ? SEQW GOTO U05ea U2848: 286a09250331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U5909) 0185ea00 SEQW GOTO U05ea ------------------------------------------------------------------------------------ U2849: 189f00831144 tmp1:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U284a: 0c8000634031 tmp4:= LDZX_DSZ16_ASZ32_SC1(tmp1, mode=0x18) U284c: 008403032d08 ROVR<- tmp2:= AND_DSZ16(0x00000003, tmp4) 0185a41c SEQW SAVEUIP1 U284d SEQW GOTO U05a4 U284d: 0084fc7f4d1f tmp4:= AND_DSZ16(0xfffffffffffffffc, tmp4) U284e: 008100034d33 tmp4:= OR_DSZ16(tmp3, tmp4) U2850: 0c8800634031 STAD_DSZ16_ASZ32_SC1(tmp1, mode=0x18, tmp4) 09038c00 SEQW GOTO U038c ------------------------------------------------------------------------------------ U2851: 00634703f200 tmp15:= READURAM(0x0047, 64) U2852: 09a2c518063f SYNCFULL-> MOVETOCREG_SHR_DSZ64(tmp15, 0x00000020, 0x6c5) U2854: 00634803f200 tmp15:= READURAM(0x0048, 64) U2855: 000500031ff4 tmp1:= SUB_DSZ32(tmp4, tmp15) U2856: 000822030008 tmp0:= ZEROEXT_DSZ32(0x00000022) U2858: 000c18fc0280 SAVEUIP(0x01, U5f18) 01816400 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U2859: 1062d00bf240 tmp15:= MOVEFROMCREG_DSZ64(0x2d0, 32) U285a: 00250603f23f tmp15:= SHR_DSZ32(tmp15, 0x00000006) U285c: 00041003ffc8 tmp15:= AND_DSZ32(0x00000010, tmp15) U285d: 1d0b00030031 LFNCEMARK-> tmp0:= PORTIN_DSZ32_ASZ16_SC1(tmp1) U285e: 000710030c08 tmp0:= NOTAND_DSZ32(0x00000010, tmp0) U2860: 100100030c3f tmp0:= OR_DSZN(tmp15, tmp0) 01dac800 SEQW GOTO U5ac8 ------------------------------------------------------------------------------------ U2861: 00640803d214 tmp13:= SHL_DSZ64(tmpv0, 0x00000008) U2862: 00650803d23d tmp13:= SHR_DSZ64(tmp13, 0x00000008) U2864: 006387014200 tmpv0:= READURAM(0x0087, 64) U2865: 000800014014 tmpv0:= ZEROEXT_DSZ32(tmpv0) U2866: 02640003df54 tmp13:= IMUL64L_DSZ64(tmpv0, tmp13) U2868: 00400001557d tmpv1:= ADD_DSZ64(tmp13, tmpv1) 01985688 SEQW URET0 ------------------------------------------------------------------------------------ U2869: 00080903d008 tmp13:= ZEROEXT_DSZ32(0x00000009) U286a: 000d56800000 SAVEUIP_REGOVR(0x01, U286c, 0x0056) 01985688 SEQW GOTO U1856 U286c: 00080b03d008 tmp13:= ZEROEXT_DSZ32(0x0000000b) U286d: 0e2500038f08 LFNCEWAIT-> tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12) U286e: 00161f038238 tmp8:= BTR_DSZ32(tmp8, 0x0000001f) U2870: 19291d700338 LFNCEMARK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp8, 0x00000011, U2c1d) U2871: 006335031200 tmp1:= READURAM(0x0035, 64) U2872: 006525031231 tmp1:= SHR_DSZ64(tmp1, 0x00000025) U2874: 004401031c48 tmp1:= AND_DSZ64(0x00000001, tmp1) U2875: 007300031c78 tmp1:= SELECTCC_DSZ64_CONDNB(tmp8, tmp1) U2876: 19291d300031 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U2c1d) U2878: 006202138200 tmp8:= MOVEFROMCREG_DSZ64(0x402) U2879: 00435600023c LFNCEWTMRK-> WRITEURAM(tmp12, 0x0056, 64) U287a: 096202d00238 MOVETOCREG_BTS_DSZ64(tmp8, 0x00000003, 0x402) U287c: 000a00100200 TESTUSTATE(UCODE, 0x0400) 01879400 ? SEQW GOTO clear_aflags_uend0 U287d: 00c873032f08 tmp2:= ZEROEXT_DSZ8(0x00000073, tmp12) U287e: 000d10880000 SAVEUIP_REGOVR(0x01, U2880, 0x0210) U2880: 000c949c0200 SAVEUIP(0x01, clear_aflags_uend0) 01df4a00 SEQW GOTO U5f4a ------------------------------------------------------------------------------------ U2881: 00542b032233 tmp2:= BT_DSZ64(tmp3, 0x0000002b) U2882: 003300032332 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00008000) U2884: 00635c031200 tmp1:= READURAM(0x005c, 64) U2885: 00541a031231 tmp1:= BT_DSZ64(tmp1, 0x0000001a) U2886: 003200031331 tmp1:= SELECTCC_DSZ32_CONDB(tmp1, 0x00008000) U2888: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) 01b0ed00 SEQW GOTO U30ed ------------------------------------------------------------------------------------ U2889: 00251c031231 tmp1:= SHR_DSZ32(tmp1, 0x0000001c) U288a: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U288c: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U288d: 1062830f1240 tmp1:= MOVEFROMCREG_DSZ64(0x383, 32) U288e: 000701031231 tmp1:= NOTAND_DSZ32(tmp1, 0x00000001) U2890: 00240b031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000b) 01b05600 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U2891: 00080703d008 tmp13:= ZEROEXT_DSZ32(0x00000007) U2892: 20431f040200 WRITEURAM(0x00000000, 0x011f, 64) U2894: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01a89600 ? SEQW GOTO U2896 U2895: 00081903d008 tmp13:= ZEROEXT_DSZ32(0x00000019) U2896: 000d03840000 SAVEUIP_REGOVR(0x01, U2898, 0x0103) U2898: 000c69b40240 SAVEUIP(0x01, U2d69) 01ddca00 SEQW GOTO U5dca ------------------------------------------------------------------------------------ U2899: 006200036200 tmp6:= MOVEFROMCREG_DSZ64(0x000) U289a: 00630a035200 tmp5:= READURAM(0x000a, 64) U289c: 000400135d48 tmp5:= AND_DSZ32(0x00000400, tmp5) U289d: 002402035235 tmp5:= SHL_DSZ32(tmp5, 0x00000002) U289e: 005414036236 tmp6:= BT_DSZ64(tmp6, 0x00000014) U28a0: 003300035d76 tmp5:= SELECTCC_DSZ32_CONDNB(tmp6, tmp5) 08a8a888 SEQW URET0 ------------------------------------------------------------------------------------ U28a1: 01420f000f40 SYNCFULL-> UFLOWCTRL(USTATE, tmp13) U28a2: 000a10000200 TESTUSTATE(UCODE, 0x0010) 08a8a888 ? SEQW GOTO U28a8 U28a4: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01a8a800 ? SEQW GOTO U28a8 U28a5: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U28a6: 186a69dc0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000003, generate_#UD) U28a8: 000a00400200 TESTUSTATE(UCODE, 0x1000) 01a8ad00 ? SEQW GOTO U28ad U28a9: 0062f81f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7f8) U28aa: 00160d032232 tmp2:= BTR_DSZ32(tmp2, 0x0000000d) U28ac: 0052c1100272 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, U24c1) U28ad: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71140 ? SEQW GOTO generate_#GP U28ae: 00007b031230 tmp1:= ADD_DSZ32(tmp0, 0x0000007b) U28b0: 000a40800200 TESTUSTATE(UCODE, !0x0040) 01845400 ? SEQW GOTO U0454 U28b1: 1062df0b4240 tmp4:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U28b2: 286aec9c02f4 BTUJB_DIRECT_NOTTAKEN(tmp4, 0x0000000e, uend) U28b4: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01b9ec00 ? SEQW GOTO U39ec U28b5: 204300000c77 WRITEURAM(tmp7, tmp1) U28b6: 0000a81f1230 tmp1:= ADD_DSZ32(tmp0, 0x000007a8) U28b8: 000000031c70 tmp1:= ADD_DSZ32(tmp0, tmp1) U28b9: 006520034237 tmp4:= SHR_DSZ64(tmp7, 0x00000020) U28ba: 0004410b2d10 tmp2:= AND_DSZ32(0xffff0000, tmp4) U28bc: 0131f0072432 tmp2:= SELECTCC_DSZ32_CONDNZ(tmp2, 0x80000000) U28bd: 0007410b3434 tmp3:= NOTAND_DSZ32(tmp4, 0xffff0000) U28be: 0131f0073433 tmp3:= SELECTCC_DSZ32_CONDNZ(tmp3, 0x80000000) U28c0: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U28c1: 0007f0074d10 tmp4:= NOTAND_DSZ32(0x80000000, tmp4) U28c2: 000100034d32 tmp4:= OR_DSZ32(tmp2, tmp4) U28c4: 002100037df4 tmp7:= CONCAT_DSZ32(tmp4, tmp7) U28c5: 204200000c77 LFNCEMARK-> MOVETOCREG_DSZ64(tmp7, tmp1) 0497ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U28c6: 000883030008 tmp0:= ZEROEXT_DSZ32(0x00000083) U28c8: 00a1000b0230 tmp0:= CONCAT_DSZ16(tmp0, 0x00000200) U28c9: 204231180230 MOVETOCREG_DSZ64(tmp0, 0x631) U28ca: 204234180200 MOVETOCREG_DSZ64(0x00000000, 0x634) U28cc: 204235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U28cd: 204236180200 MOVETOCREG_DSZ64(0x00000000, 0x636) U28ce: 204237180200 MOVETOCREG_DSZ64(0x00000000, 0x637) U28d0: 204238180200 LFNCEWTMRK-> MOVETOCREG_DSZ64(0x00000000, 0x638) U28d1: 000881032008 tmp2:= ZEROEXT_DSZ32(0x00000081) U28d2: 00a100032032 tmp2:= CONCAT_DSZ16(tmp2) U28d4: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U28d5: 004230180232 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp2, 0x630) U28d6: 000001032c88 tmp2:= ADD_DSZ32(0x00000001, tmp2) U28d8: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0528d500 ? SEQW GOTO U28d5 U28d9: 000001030c08 tmp0:= ADD_DSZ32(0x00000001, tmp0) U28da: 086a04d80230 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000003, U0604) U28dc: 204231180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x631) 0428d100 SEQW GOTO U28d1 ------------------------------------------------------------------------------------ U28dd: 2902e15c0200 MOVETOCREG_OR_DSZ64(0x00000001, 0x7e1) U28de: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U28e0: 2a62c3180270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000004, 0x6c3) U28e1: 00635c030200 tmp0:= READURAM(0x005c, 64) U28e2: 000100130c08 tmp0:= OR_DSZ32(0x00000400, tmp0) U28e4: 20435c080230 WRITEURAM(tmp0, 0x005c, 32) 0185f609 SEQW GOTO U05f6 ------------------------------------------------------------------------------------ U28e5: 000a00100200 TESTUSTATE(UCODE, 0x0400) 0185f609 ? SEQW URET0 U28e6: 00626703f200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U28e8: 00626503d200 tmp13:= MOVEFROMCREG_DSZ64(0x065) U28e9: 10450003fffd tmp15:= SUB_DSZN(tmp13, tmp15) U28ea: 014300300fc0 AETTRACE(0x0c, tmp15) U28ec: 000cd9a80240 SAVEUIP(0x01, U2ad9) 01a71200 SEQW GOTO U2712 ------------------------------------------------------------------------------------ U28ed: 01d600033031 tmp3:= unk_1d6(tmp1) U28ee: 002401033233 tmp3:= SHL_DSZ32(tmp3, 0x00000001) U28f0: 000002033cc8 tmp3:= ADD_DSZ32(0x00000002, tmp3) U28f1: 00240c033233 tmp3:= SHL_DSZ32(tmp3, 0x0000000c) U28f2: 000140033cc8 tmp3:= OR_DSZ32(0x00000040, tmp3) U28f4: 00a100021cf0 rcx:= CONCAT_DSZ16(tmp0, tmp3) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U28f5: 00090203e008 tmp14:= MOVE_DSZ32(0x00000002) U28f6: 20635c03f200 tmp15:= READURAM(0x005c, 64) U28f8: 286b34d006bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000002b, U1434) U28f9: 0eff00000000 unk_eff(0x00000000) U28fa: 0fef01000000 LBSYNC(0x00000001) U28fc: 0fef07000000 SYNCFULL-> LBSYNC(0x00000007) 08143400 SEQW GOTO U1434 ------------------------------------------------------------------------------------ U28fd: 00635c03a200 tmp10:= READURAM(0x005c, 64) U28fe: 000403035808 tmp5:= AND_DSZ32(0x00000003, rax) U2900: 006415035235 tmp5:= SHL_DSZ64(tmp5, 0x00000015) U2901: 00470f07ae90 tmp10:= NOTAND_DSZ64(0x00600000, tmp10) U2902: 00410003aeb5 tmp10:= OR_DSZ64(tmp5, tmp10) U2904: 20435c00023a LFNCEMARK-> WRITEURAM(tmp10, 0x005c, 64) 0432cd88 SEQW URET0 ------------------------------------------------------------------------------------ U2905: 304223080278 MOVETOCREG_DSZ64(tmp8, 0x223, 32) U2906: 000d04800000 SAVEUIP_REGOVR(0x01, U2908, 0x0004) 0432cd88 SEQW GOTO U32cd U2908: 1062380ba240 tmp10:= MOVEFROMCREG_DSZ64(0x238, 32) U2909: 006320038200 tmp8:= READURAM(0x0020, 64) U290a: 186b12e406f8 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x0000002f, U2912) U290c: 01f90003603f tmp6:= SETCC_CONDNZ(tmp15) U290d: 000006036d88 tmp6:= ADD_DSZ32(0x00000006, tmp6) U290e: 0004c0037e88 tmp7:= AND_DSZ32(0x000000c0, tmp10) U2910: 1962380badba LFNCEWAIT-> tmp10:= MOVETOCREG_BTS_DSZ64(tmp10, tmp6, 0x238) U2911: 015030240277 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, U2930) U2912: 000a20800200 TESTUSTATE(UCODE, !0x0020) 02293080 ? SEQW GOTO U2930 U2914: 0008005fc00b tmp12:= ZEROEXT_DSZ32(0x00007700) U2915: 000e03200240 WRMSLOOPCTRFBR(0x00002803) 01d77951 SEQW SAVEUIP0 U2916 SEQW GOTO U5779 U2916: 000800000000 NOP U2918: 000e14400200 WRMSLOOPCTRFBR(0x00001014) 01d76910 SEQW SAVEUIP0 U2919 SEQW GOTO U5769 U2919: 0008005bc00b tmp12:= ZEROEXT_DSZ32(0x00007600) U291a: 1062830f6240 tmp6:= MOVEFROMCREG_DSZ64(0x383, 32) U291c: 1062880f7240 tmp7:= MOVEFROMCREG_DSZ64(0x388, 32) U291d: 1062870f8240 tmp8:= MOVEFROMCREG_DSZ64(0x387, 32) U291e: 006520039238 tmp9:= SHR_DSZ64(tmp8, 0x00000020) 01e13692 SEQW SAVEUIP0 U2920 SEQW GOTO U6136 U2920: 1062860f4240 tmp4:= MOVEFROMCREG_DSZ64(0x386, 32) U2921: 1062850f5240 tmp5:= MOVEFROMCREG_DSZ64(0x385, 32) U2922: 0021de032010 tmp2:= CONCAT_DSZ32(0x001fffc0) U2924: 004700035d72 tmp5:= NOTAND_DSZ64(tmp2, tmp5) 019f8a10 SEQW SAVEUIP0 U2925 SEQW GOTO U1f8a U2925: 0007000f7e88 tmp7:= NOTAND_DSZ32(0x00000300, tmp10) U2926: 1062e90b4240 tmp4:= MOVEFROMCREG_DSZ64(0x2e9, 32) U2928: 1062920f5240 tmp5:= MOVEFROMCREG_DSZ64(0x392, 32) U2929: 10620c0b6240 tmp6:= MOVEFROMCREG_DSZ64(0x20c, 32) U292a: 1062890f8240 tmp8:= MOVEFROMCREG_DSZ64(0x389, 32) U292c: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) 01e13210 SEQW SAVEUIP0 U292d SEQW GOTO U6132 U292d: 000800000000 NOP U292e: 000800000000 NOP U2930: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) 01f80800 SEQW GOTO U7808 ------------------------------------------------------------------------------------ U2931: 00635c014200 tmpv0:= READURAM(0x005c, 64) U2932: 286bbef00654 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000027, uret1) U2934: 2d0b045fe00c tmp14:= PORTIN_DSZ32_ASZ16_SC1(0x00009704) U2935: 286b3239023e SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp14, 0x00000000, U5e32) U2936: 005627014214 tmpv0:= BTR_DSZ64(tmpv0, 0x00000027) U2938: 20435c040214 WRITEURAM(tmpv0, 0x015c, 64) 01ac1d8c SEQW URET1 ------------------------------------------------------------------------------------ U2939: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U293a: 004a0023c239 tmp12:= TESTUSTATE(tmp9, UCODE, 0x0800) 01ac1d8c ? SEQW GOTO U2c1d U293c: 00638b033200 tmp3:= READURAM(0x008b, 64) U293d: 186b1d300233 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000000, U2c1d) U293e: 00631f03f200 LFNCEWAIT-> tmp15:= READURAM(0x001f, 64) U2940: 186b412402bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000008, U2941) 05609c00 SEQW GOTO U609c ------------------------------------------------------------------------------------ U2941: 00400103fe48 tmp15:= ADD_DSZ64(0x00000001, tmp9) U2942: 0052ae10023f LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, set_carry_uend) U2944: 0e250003fe48 LFNCEWAIT-> tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9) U2945: 086aaed003ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, set_carry_uend) U2946: 00081303d008 tmp13:= ZEROEXT_DSZ32(0x00000013) U2948: 0e25d803fe49 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001d8) U2949: 19296e34023f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000000, U2d6e) U294a: 0e25bc037e49 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001bc) U294c: 0004270bfdd0 tmp15:= AND_DSZ32(0xfe036dfb, tmp7) U294d: 00058603ffd0 tmp15:= SUB_DSZ32(0x00036dfb, tmp15) U294e: 00081403d008 tmp13:= ZEROEXT_DSZ32(0x00000014) U2950: 01516e34027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2d6e) U2951: 00637703f200 tmp15:= READURAM(0x0077, 64) U2952: 00542e03f23f tmp15:= BT_DSZ64(tmp15, 0x0000002e) U2954: 00330003fdff tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp7) U2955: 186a6e3403bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000018, U2d6e) U2956: 00633503f200 tmp15:= READURAM(0x0035, 64) U2958: 00543c03f23f tmp15:= BT_DSZ64(tmp15, 0x0000003c) U2959: 00330003fdff tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp7) U295a: 186a6ef4037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000017, U2d6e) U295c: 000400433cdf tmp3:= AND_DSZ32(0xfffffffffffff000, tmp3) 0adcae10 SEQW SAVEUIP0 U295d SEQW GOTO U5cae U295d: 0e6500037033 SYNCWAIT-> tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3) U295e: 00050003fdc8 tmp15:= SUB_DSZ32(0x00000000, tmp7) U2960: 00081603a008 tmp10:= ZEROEXT_DSZ32(0x00000016) U2961: 0151f95c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U57f9) U2962: 00652103f237 tmp15:= SHR_DSZ64(tmp7, 0x00000021) U2964: 00081803a008 tmp10:= ZEROEXT_DSZ32(0x00000018) U2965: 0151f95c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U57f9) U2966: 005420037237 tmp7:= BT_DSZ64(tmp7, 0x00000020) U2968: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01a96a00 ? SEQW GOTO U296a U2969: 0053f95c02b7 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp7, U57f9) U296a: 0033af03f437 tmp15:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00080000) U296c: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U296d: 204355000239 WRITEURAM(tmp9, 0x0055, 64) U296e: 001512030230 tmp0:= BTS_DSZ32(tmp0, 0x00000012) U2970: 000c9d0002c0 SAVEUIP(0x00, U609d) 01a8e500 SEQW GOTO U28e5 ------------------------------------------------------------------------------------ U2971: 3042ff0c0271 MOVETOCREG_DSZ64(tmp1, 0x3ff, 32) U2972: 30620c0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x30c, 32) U2974: 39620c0c03f1 MOVETOCREG_BTS_DSZ64(tmp1, 0x0000001c, 0x30c) U2975: 3042ff0c0270 MOVETOCREG_DSZ64(tmp0, 0x3ff, 32) U2976: 3062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U2978: 386a4e400270 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000005, uret0) 08297600 SEQW GOTO U2976 ------------------------------------------------------------------------------------ U2979: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U297a: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U297c: 186b7d24023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U297d) 08297a00 SEQW GOTO U297a ------------------------------------------------------------------------------------ U297d: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U297e: 0008ff1bf008 tmp15:= ZEROEXT_DSZ32(0x000006ff) U2980: 00a10f03f23f tmp15:= CONCAT_DSZ16(tmp15, 0x0000000f) 01d98d00 SEQW GOTO U598d ------------------------------------------------------------------------------------ U2981: 006286133200 tmp3:= MOVEFROMCREG_DSZ64(0x486) U2982: 0008fd079008 tmp9:= ZEROEXT_DSZ32(0x000001fd) U2984: 07440003d039 tmm5:= unk_744(tmm1) U2985: 06600103e03d tmm6:= unk_660(tmm5) U2986: 076c0003603e tmp6:= PINTMOVDTMM2I_DSZ64(tmm6) U2988: 073a0003c000 tmm4:= unk_73a(0x00000000) 01e81800 SEQW GOTO U6818 ------------------------------------------------------------------------------------ U2989: 07ea0003203f mm2:= unk_7ea(tmm7) U298a: 000000032c8b tmp2:= ADD_DSZ32(0x00006000, tmp2) U298c: 07c200038ff2 tmm0:= unk_7c2(mm2, tmm7) U298d: 025090240276 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, U2990) U298e: 25ff0003e03f LFNCEMARK-> tmm6:= unk_5ff(tmm7) U2990: 00811003cf08 tmp12:= OR_DSZ16(0x00000010, tmp12) 01862e00 SEQW GOTO U062e ------------------------------------------------------------------------------------ U2991: 1d4013af3d32 tmp3:= LDZX_DSZN_ASZ32_SC4(tmp2, tmp4, IMM_MACRO_13, mode=0x0b) U2992: 104500033173 tmp3:= SUB_DSZN(tmp3, r64idx) U2994: 1d40002f5d32 tmp5:= LDZX_DSZN_ASZ32_SC4(tmp2, tmp4, mode=0x0b) U2995: 1d400baf6d32 tmp6:= LDZX_DSZN_ASZ32_SC4(tmp2, tmp4, IMM_MACRO_ALIAS_DATASIZE, mode=0x0b) U2996: 117d00001d73 r64dst:= unk_17d(tmp3, tmp5) U2998: 117d00011db3 tmp2:= unk_17d(tmp3, tmp6) 02f5ddb0 SEQW UEND0 ------------------------------------------------------------------------------------ U2999: 104221080240 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x221, 32) U299a: 000a44800200 TESTUSTATE(UCODE, !0x0044) 02f5ddb0 ? SEQW GOTO U75dd U299c: 1062380b3240 tmp3:= MOVEFROMCREG_DSZ64(0x238, 32) U299d: 186b9c2402b3 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000008, U299c) U299e: 00010003500a tmp5:= OR_DSZ32(0x00004000) U29a0: 10428c0b5275 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x28c, 32) U29a1: 0000803fcfc9 tmp12:= ADD_DSZ32(0x00002f80, tmp15) U29a2: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29a4: 004800035d72 tmp5:= ZEROEXT_DSZ64(tmp2, tmp5) U29a5: 0042bb1f5235 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x7bb) U29a6: 100a00800300 TESTUSTATE(SYS, !0x8000) 01a9b580 ? SEQW GOTO U29b5 U29a8: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U29a9: 000e08400240 WRMSLOOPCTRFBR(0x00003008) 01b39951 SEQW SAVEUIP0 U29aa SEQW GOTO U3399 U29aa: 000800000000 NOP U29ac: 000e06600240 WRMSLOOPCTRFBR(0x00003806) 01a03110 SEQW SAVEUIP0 U29ad SEQW GOTO U2031 U29ad: 0000804bcfc9 tmp12:= ADD_DSZ32(0x00003280, tmp15) U29ae: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29b0: 004800032d72 tmp2:= ZEROEXT_DSZ64(tmp2, tmp5) U29b1: 1042d4080272 MOVETOCREG_DSZ64(tmp2, 0x2d4, 32) U29b2: 19a2de080632 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000020, 0x2de) U29b4: 10420f080240 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U29b5: 00008033cfc9 tmp12:= ADD_DSZ32(0x00002c80, tmp15) U29b6: 000e02000240 WRMSLOOPCTRFBR(0x00002002) 04203192 SEQW SAVEUIP0 U29b8 SEQW GOTO U2031 U29b8: 000e07200200 WRMSLOOPCTRFBR(0x00000807) 01b39910 SEQW SAVEUIP0 U29b9 SEQW GOTO U3399 U29b9: 0048ff7f0d5f tmp0:= ZEROEXT_DSZ64(0xffffffffffffffff, tmp5) U29ba: 1042100b5270 tmp5:= MOVETOCREG_DSZ64(tmp0, 0x210, 32) U29bc: 0000603bcfc9 tmp12:= ADD_DSZ32(0x00002e60, tmp15) U29bd: 000e03200280 WRMSLOOPCTRFBR(0x00004803) 01a03151 SEQW SAVEUIP0 U29be SEQW GOTO U2031 U29be: 0e750003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29c0: 004800030d70 tmp0:= ZEROEXT_DSZ64(tmp0, tmp5) U29c1: 104211080270 MOVETOCREG_DSZ64(tmp0, 0x211, 32) U29c2: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U29c4: 00085f032008 tmp2:= ZEROEXT_DSZ32(0x0000005f) U29c5: 004200000c80 MOVETOCREG_DSZ64(tmp2, 0x00000000) U29c6: 016001032232 tmp2:= SUBR_DSZ64(tmp2, 0x00000001) 01a9c580 SEQW GOTO U29c5 ------------------------------------------------------------------------------------ U29c8: 004209000200 MOVETOCREG_DSZ64(0x00000000, 0x009) U29c9: 0000a073cfc8 tmp12:= ADD_DSZ32(0x00001ca0, tmp15) U29ca: 0e750003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29cc: 004320000230 WRITEURAM(tmp0, 0x0020, 64) U29cd: 100a00800300 TESTUSTATE(SYS, !0x8000) 01a9d640 ? SEQW GOTO U29d6 U29ce: 000800000000 NOP U29d0: 000d00800000 SAVEUIP_REGOVR(0x01, U29d1, 0x0000) 01b2cd00 SEQW GOTO U32cd U29d1: 1062e90b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2e9, 32) U29d2: 3962e98802b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000a, 0x2e9) U29d4: 3042e9080270 MOVETOCREG_DSZ64(tmp0, 0x2e9, 32) U29d5: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U29d6: 1902ce880200 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(0x00000002, 0x2ce) U29d8: 000000000000 SYNCFULL-> NOP U29d9: 1062ce0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2ce, 32) U29da: 186bdc640230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U29dc) 0829d880 SEQW GOTO U29d8 ------------------------------------------------------------------------------------ U29dc: 000d01134240 tmp4:= SAVEUIP_REGOVR(0x00, U29dd, 0x2401) 01a5a500 SEQW GOTO U25a5 U29dd: 1062cf0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cf, 32) U29de: 1a62cf480230 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000001, 0x2cf) U29e0: 0008ff3f1008 tmp1:= ZEROEXT_DSZ32(0x00000fff) U29e1: 00420b000231 MOVETOCREG_DSZ64(tmp1, 0x00b) U29e2: 00000007cfc8 tmp12:= ADD_DSZ32(0x00000100, tmp15) U29e4: 0e750003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29e5: 000703032c08 tmp2:= NOTAND_DSZ32(0x00000003, tmp0) U29e6: 004203132232 tmp2:= MOVETOCREG_DSZ64(tmp2, 0x403) U29e8: 004800030cb0 tmp0:= ZEROEXT_DSZ64(tmp0, tmp2) U29e9: 004203100230 MOVETOCREG_DSZ64(tmp0, 0x403) U29ea: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U29ec: 000703032c08 tmp2:= NOTAND_DSZ32(0x00000003, tmp0) U29ed: 0042031f2232 tmp2:= MOVETOCREG_DSZ64(tmp2, 0x703) U29ee: 004800030cb0 tmp0:= ZEROEXT_DSZ64(tmp0, tmp2) U29f0: 0042031c0230 MOVETOCREG_DSZ64(tmp0, 0x703) U29f1: 0e752003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U29f2: 104223080270 MOVETOCREG_DSZ64(tmp0, 0x223, 32) U29f4: 09a288000630 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x088) U29f5: 0e754003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040) U29f6: 00426b000230 MOVETOCREG_DSZ64(tmp0, 0x06b) U29f8: 00008007cfc8 tmp12:= ADD_DSZ32(0x00000180, tmp15) U29f9: 000e27635200 tmp5:= WRMSLOOPCTRFBR(0x00001827) U29fa: 0e750003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U29fc: 0e752003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U29fd: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U29fe: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U2a00: 000800038d78 tmp8:= ZEROEXT_DSZ32(tmp8, tmp5) U2a01: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U2a02: 004200035e36 LFNCEWAIT-> tmp5:= MOVETOCREG_DSZ64(tmp6, tmp8) U2a04: 000800039d79 tmp9:= ZEROEXT_DSZ32(tmp9, tmp5) U2a05: 004200035e72 tmp5:= MOVETOCREG_DSZ64(tmp2, tmp9) U2a06: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01a9fa80 ? SEQW GOTO U29fa U2a08: 000e15000200 WRMSLOOPCTRFBR(0x00000015) U2a09: 0e750003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2a0a: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U2a0c: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U2a0d: 000800038d78 tmp8:= ZEROEXT_DSZ32(tmp8, tmp5) U2a0e: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U2a10: 006520032236 tmp2:= SHR_DSZ64(tmp6, 0x00000020) U2a11: 004200035e36 LFNCEWAIT-> tmp5:= MOVETOCREG_DSZ64(tmp6, tmp8) U2a12: 000800039d79 tmp9:= ZEROEXT_DSZ32(tmp9, tmp5) U2a14: 004200035e72 tmp5:= MOVETOCREG_DSZ64(tmp2, tmp9) U2a15: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01aa0940 ? SEQW GOTO U2a09 U2a16: 000800000000 NOP U2a18: 000000000000 NOP 01b03810 SEQW SAVEUIP0 U2a19 SEQW GOTO U3038 U2a19: 004800034d74 tmp4:= ZEROEXT_DSZ64(tmp4, tmp5) U2a1a: 0042f01c0234 MOVETOCREG_DSZ64(tmp4, 0x7f0) U2a1c: 00480003b036 tmp11:= ZEROEXT_DSZ64(tmp6) U2a1d: 0042fe1c0238 MOVETOCREG_DSZ64(tmp8, CORE_CR_EFLAGS) U2a1e: 213f00000038 unk_13f(tmp8) U2a20: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2a21: 004270000232 MOVETOCREG_DSZ64(tmp2, 0x070) U2a22: 0000c03bcfc8 tmp12:= ADD_DSZ32(0x00000ec0, tmp15) U2a24: 000e8f000200 LFNCEMARK-> WRMSLOOPCTRFBR(0x0000008f) U2a25: 000800000000 NOP U2a26: 000800000000 NOP U2a28: 0e750003103c tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2a29: 004308800231 WRITEURAM(tmp1, 0x0008, 64) U2a2a: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U2a2c: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01aa2800 ? SEQW GOTO U2a28 U2a2d: 0000c003cfc9 tmp12:= ADD_DSZ32(0x000020c0, tmp15) U2a2e: 000c21800200 SAVEUIP(0x01, U0021) U2a30: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U2a31: 0ea60003c03c tmp12:= unk_ea6(tmp12) U2a32: 0ea62003b03c tmp11:= unk_ea6(tmp12) U2a34: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U2a35: 04ef02038f3b tmm0:= MOVHLPS(tmm3, tmm4) U2a36: 05b900008038 mm0:= unk_5b9(tmm0) U2a38: 04b41183df00 tmm5:= FMOV(tmm4) U2a39: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01aa3140 ? SEQW GOTO U2a31 U2a3a: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U2a3c: 0ea60003e03c tmp14:= unk_ea6(tmp12) U2a3d: 0ea62003f03c tmp15:= unk_ea6(tmp12) U2a3e: 04ef02003fbf xmm7:= MOVHLPS(tmm7, tmm6) U2a40: 0e754000303c rdi:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040) U2a41: 00006003cf08 tmp12:= ADD_DSZ32(0x00000060, tmp12) U2a42: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01aa3c80 ? SEQW GOTO U2a3c U2a44: 000d00000000 SAVEUIP_REGOVR(0x00, U2a45, 0x0000) 028000cc SEQW URET1 ------------------------------------------------------------------------------------ U2a45: 0c6b2a000032 LFNCEWAIT-> WRSEGFLD(tmp2, SS_USERM, BASE) U2a46: 0c6baa000034 WRSEGFLD(tmp4, SS_USERM, SEL+FLGS+LIM) U2a48: 0c6b29000036 WRSEGFLD(tmp6, UNK_SEG_09, BASE) U2a49: 0c6b49000038 LFNCEMARK-> WRSEGFLD(tmp8, UNK_SEG_09, FLGS) 04802151 SEQW SAVEUIP0 U2a4a SEQW GOTO U0021 U2a4a: 0c6b27000032 WRSEGFLD(tmp2, LDT, BASE) U2a4c: 0c6ba7000034 WRSEGFLD(tmp4, LDT, SEL+FLGS+LIM) U2a4d: 0c6b26000036 WRSEGFLD(tmp6, GDT, BASE) U2a4e: 0c6ba6000038 WRSEGFLD(tmp8, GDT, SEL+FLGS+LIM) 01802192 SEQW SAVEUIP0 U2a50 SEQW GOTO U0021 U2a50: 0c6b2f000032 WRSEGFLD(tmp2, TSS, BASE) U2a51: 0c6baf000034 WRSEGFLD(tmp4, TSS, SEL+FLGS+LIM) U2a52: 0c6b2e000036 WRSEGFLD(tmp6, IDT, BASE) U2a54: 0c6bae000038 WRSEGFLD(tmp8, IDT, SEL+FLGS+LIM) 01802110 SEQW SAVEUIP0 U2a55 SEQW GOTO U0021 U2a55: 0c6b2d000032 WRSEGFLD(tmp2, GS, BASE) U2a56: 0c6bad000034 WRSEGFLD(tmp4, GS, SEL+FLGS+LIM) U2a58: 0c6b2c000036 WRSEGFLD(tmp6, FS, BASE) U2a59: 0c6bac000038 WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) 01802151 SEQW SAVEUIP0 U2a5a SEQW GOTO U0021 U2a5a: 0c6b2b000032 WRSEGFLD(tmp2, DS, BASE) U2a5c: 0c6bab000034 WRSEGFLD(tmp4, DS, SEL+FLGS+LIM) U2a5d: 0c6b28000036 WRSEGFLD(tmp6, ES, BASE) U2a5e: 0c6ba8000038 WRSEGFLD(tmp8, ES, SEL+FLGS+LIM) U2a60: 000e03000200 WRMSLOOPCTRFBR(0x00000003) U2a61: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2a62: 0e752003403c tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U2a64: 014d00003032 rdi:= unk_14d(tmp2) U2a65: 014d00013034 tmp7:= unk_14d(tmp4) U2a66: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U2a68: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01aa6100 ? SEQW GOTO U2a61 U2a69: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U2a6a: 0e752003403c tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U2a6c: 0c4ba0030000 tmp0:= RDSEGFLD(DS_32bit, SEL+FLGS+LIM) U2a6d: 0c6bb0000030 WRSEGFLD(tmp0) U2a6e: 0c6bb1000030 WRSEGFLD(tmp0) U2a70: 0c6b30000032 WRSEGFLD(tmp2) U2a71: 0c6b31000034 WRSEGFLD(tmp4) U2a72: 00635c030200 tmp0:= READURAM(0x005c, 64) U2a74: 386aa56003b0 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000019, U38a5) U2a75: 000000000000 NOP 062d3055 SEQW SAVEUIP1 U2a76 SEQW GOTO U2d30 U2a76: 0c4b402b2000 tmp2:= RDSEGFLD(SS_USERM, FLGS) U2a78: 00423c1c0232 MOVETOCREG_DSZ64(tmp2, 0x73c) U2a79: 0c6b24000000 WRSEGFLD(0x00000000, UNK_SEG_04, BASE) U2a7a: 0c6b25000000 WRSEGFLD(0x00000000, DS_16bit, BASE) U2a7c: 0c4ba0039000 tmp9:= RDSEGFLD(DS_32bit, SEL+FLGS+LIM) U2a7d: 0c6ba4000039 WRSEGFLD(tmp9, UNK_SEG_04, SEL+FLGS+LIM) U2a7e: 0c6ba5000039 WRSEGFLD(tmp9, DS_16bit, SEL+FLGS+LIM) U2a80: 00426700023b MOVETOCREG_DSZ64(tmp11, CORE_CR_CUR_RIP) U2a81: 000cf2080200 SAVEUIP(0x00, U02f2) U2a82: 000d09800000 SAVEUIP_REGOVR(0x01, U2a84, 0x0009) 0182ea80 SEQW GOTO U02ea U2a84: 1902a1480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x2a1) U2a85: 10428c080240 MOVETOCREG_DSZ64(0x00000000, 0x28c, 32) U2a86: 006309031200 tmp1:= READURAM(0x0009, 64) U2a88: 10420f080271 MOVETOCREG_DSZ64(tmp1, 0x20f, 32) U2a89: 3062d30b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d3, 32) U2a8a: 186a8c2802f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000c, U2a8c) 01aa8980 SEQW GOTO U2a89 ------------------------------------------------------------------------------------ U2a8c: 1062230b2240 tmp2:= MOVEFROMCREG_DSZ64(0x223, 32) U2a8d: 000740032c88 tmp2:= NOTAND_DSZ32(0x00000040, tmp2) U2a8e: 390223080332 MOVETOCREG_OR_DSZ64(tmp2, 0x00000010, 0x223) U2a90: 000c0e8802c0 SAVEUIP(0x01, U620e) 01ede000 SEQW GOTO U6de0 ------------------------------------------------------------------------------------ U2a91: 00631f031200 tmp1:= READURAM(0x001f, 64) U2a92: 000707031c48 tmp1:= NOTAND_DSZ32(0x00000007, tmp1) U2a94: 00431f080231 WRITEURAM(tmp1, 0x001f, 32) U2a95: 00628e1f0200 tmp0:= MOVEFROMCREG_DSZ64(0x78e) U2a96: 004267000230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CUR_RIP) U2a98: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) 01c3ae00 SEQW GOTO U43ae ------------------------------------------------------------------------------------ U2a99: 0005840b6f48 tmp6:= SUB_DSZ32(0x00000284, tmp13) U2a9a: 002506036236 tmp6:= SHR_DSZ32(tmp6, 0x00000006) U2a9c: 0040840b5f88 tmp5:= ADD_DSZ64(0x00000284, tmp14) U2a9d: 0008b027b00b tmp11:= ZEROEXT_DSZ32(0x000069b0) U2a9e: 00a10103bec8 tmp11:= CONCAT_DSZ16(0x00000001, tmp11) U2aa0: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0da00 SEQW GOTO calc_sha256_update ------------------------------------------------------------------------------------ U2aa1: 00a1ff7f101f tmp1:= CONCAT_DSZ16(0xffffffffffffffff) U2aa2: 00a100032037 tmp2:= CONCAT_DSZ16(tmp7) U2aa4: 1c081be3303b LFNCEWAIT-> STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_1b, mode=0x18, tmp3) U2aa5: 1c0823e3203b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_23, mode=0x18, tmp2) U2aa6: 1c082be3403b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_2b, mode=0x18, tmp4) U2aa8: 1c0833e3103b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_33, mode=0x18, tmp1) 01de0648 SEQW URET0 ------------------------------------------------------------------------------------ U2aa9: 000d10cb3240 tmp3:= SAVEUIP_REGOVR(0x01, U2aaa, 0x3210) 01de0648 SEQW GOTO U5e06 U2aaa: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U2aac: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 023dfa00 SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U2aad: 2042f81c023d MOVETOCREG_DSZ64(tmp13, 0x7f8) U2aae: 20433d00023c WRITEURAM(tmp12, 0x003d, 64) U2ab0: 00082503b008 tmp11:= ZEROEXT_DSZ32(0x00000025) U2ab1: 20420b00023b MOVETOCREG_DSZ64(tmp11, 0x00b) U2ab2: 20421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U2ab4: 00a101030008 tmp0:= CONCAT_DSZ16(0x00000001) 01ba4100 SEQW GOTO enter_probe_mode ------------------------------------------------------------------------------------ U2ab5: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2ab6: 00434a000233 WRITEURAM(tmp3, 0x004a, 64) U2ab8: 0c4bc027f000 tmp15:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2ab9: 104500033cff tmp3:= SUB_DSZN(tmp15, tmp3) U2aba: 20634703f200 tmp15:= READURAM(0x0047, 64) U2abc: 2042c518023f SYNCMARK-> MOVETOCREG_DSZ64(tmp15, 0x6c5) 0c26a500 SEQW GOTO U26a5 ------------------------------------------------------------------------------------ U2abd: 00470f014cc8 tmpv0:= NOTAND_DSZ64(0x0000000f, tmp3) U2abe: 00421c000214 MOVETOCREG_DSZ64(tmpv0, 0x01c) U2ac0: 000400014cce tmpv0:= AND_DSZ32(0x0000c000, tmp3) U2ac1: 0151ae180214 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv0, U06ae) U2ac2: 000825035008 tmp5:= ZEROEXT_DSZ32(0x00000025) U2ac4: 20420b000235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, 0x00b) 043a8100 SEQW GOTO U3a81 ------------------------------------------------------------------------------------ U2ac5: 186bc9a80370 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000016, U2ac9) U2ac6: 00410003f020 tmp15:= OR_DSZ64(rax) U2ac8: 3042c008027f MOVETOCREG_DSZ64(tmp15, 0x2c0, 32) U2ac9: 005617030230 tmp0:= BTR_DSZ64(tmp0, 0x00000017) U2aca: 20435c000230 WRITEURAM(tmp0, 0x005c, 64) U2acc: 000ccae002c0 LFNCEWAIT-> SAVEUIP(0x01, U78ca) 0218d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2acd: 000c54f40280 SAVEUIP(0x01, U5d54) U2ace: 00080077a00d tmp10:= ZEROEXT_DSZ32(0x0000bd00) U2ad0: 2e750003103a tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp10) U2ad1: 1062d00b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2d0, 32) U2ad2: 004500031c72 tmp1:= SUB_DSZ64(tmp2, tmp1) U2ad4: 2e7d0003103a STADSTGBUF_DSZ64_ASZ16_SC1(tmp10, tmp1) 033a114c SEQW URET1 ------------------------------------------------------------------------------------ U2ad5: 000a20800200 TESTUSTATE(UCODE, !0x0020) 033a114c ? SEQW GOTO U3a11 U2ad6: 0f80023e4e00 LFNCEWAIT-> rsp:= LDPPHYS_DSZ16_ASZ32_SC4(tmp8, 0x00000002, mode=0x0f) U2ad8: 0f80043f2e00 tmp2:= LDPPHYS_DSZ16_ASZ32_SC4(tmp8, 0x00000004, mode=0x0f) 053a1400 SEQW GOTO U3a14 ------------------------------------------------------------------------------------ U2ad9: 0062f01ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7f0) U2ada: 2a62f01c023f LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp15, 0x7f0) U2adc: 014300380000 AETTRACE(0x0e) U2add: 0062c31b2200 tmp2:= MOVEFROMCREG_DSZ64(0x6c3) U2ade: 2a62c3980232 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp2, 0x00000002, 0x6c3) U2ae0: 0021746be2be tmp14:= CONCAT_DSZ32(tmp14, 0x00005a74) 0185e500 SEQW GOTO U05e5 ------------------------------------------------------------------------------------ U2ae1: 076c00037038 tmp7:= PINTMOVDTMM2I_DSZ64(tmm0) U2ae2: 00940d033239 tmp3:= BT_DSZ16(tmp9, 0x0000000d) U2ae4: 017e00037cf7 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp3) U2ae5: 00150f033200 tmp3:= BTS_DSZ32(0x00000000, 0x0000000f) U2ae6: 003600037cf7 tmp7:= CMOVCC_DSZ32_CONDB(tmp7, tmp3) U2ae8: 074400038037 tmm0:= unk_744(mm7) 01cd3a00 SEQW GOTO U4d3a ------------------------------------------------------------------------------------ U2ae9: 072a0003403a mm4:= unk_72a(tmm2) U2aea: 00c601035d08 tmp5:= XOR_DSZ8(0x00000001, tmp4) U2aec: 072a0003403b mm4:= unk_72a(tmm3) U2aed: 017e00035cf5 tmp5:= MOVEMERGEFLGS_DSZ64(tmp5, tmp3) U2aee: 013500034d35 tmp4:= CMOVCC_DSZ32_CONDNZ(tmp5, tmp4) U2af0: 070200038e34 tmm0:= unk_702(mm4, tmm0) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U2af1: 00883b035010 tmp5:= ZEROEXT_DSZ16(0x0000ff81) U2af2: 00053b03b431 tmp11:= SUB_DSZ32(tmp1, 0x0000ff81) U2af4: 07c20003c03b tmm4:= unk_7c2(tmm3) U2af5: 07c200038e00 tmm0:= unk_7c2(tmm0) U2af6: 06aa00038f38 tmm0:= unk_6aa(tmm0, tmm4) U2af8: 262e00038038 LFNCEMARK-> tmm0:= unk_62e(tmm0) 04636000 SEQW GOTO U6360 ------------------------------------------------------------------------------------ U2af9: 05b90003f000 tmm7:= unk_5b9(0x00000000) U2afa: 0008ce0fb009 tmp11:= ZEROEXT_DSZ32(0x000023ce) U2afc: 0048b91bd00a tmp13:= ZEROEXT_DSZ64(0x000046b9) U2afd: 000e0103c208 tmp12:= WRMSLOOPCTRFBR(0x00000001) U2afe: 000ca1b3e208 tmp14:= SAVEUIP(0x01, U0ca1) U2b00: 00883b038010 tmp8:= ZEROEXT_DSZ16(0x0000ff81) 01b9a600 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U2b01: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U2b02: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U2b04: 09028c138734 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000030, 0x48c) U2b05: 000410036d48 tmp6:= AND_DSZ32(0x00000010, tmp5) U2b06: 0150495c0276 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U3749) U2b08: 00621a03e200 LFNCEWAIT-> tmp14:= MOVEFROMCREG_DSZ64(0x01a) 02460100 SEQW GOTO U4601 ------------------------------------------------------------------------------------ U2b09: 002504037238 tmp7:= SHR_DSZ32(tmp8, 0x00000004) U2b0a: 07020003f037 tmm7:= unk_702(mm7) U2b0c: 04960003affd tmm2:= unk_496(tmm5, tmm7) U2b0d: 049600039ffb tmm1:= unk_496(tmm3, tmm7) U2b0e: 04b40003df00 tmm5:= FMOV(tmm4) U2b10: 04b40003ef80 tmm6:= FMOV(tmm6) 01e4aa00 SEQW GOTO U64aa ------------------------------------------------------------------------------------ U2b11: 0c5800e32144 STAD_DSZ64_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18, tmp2) U2b12: 0053fe040270 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp0, U21fe) U2b14: 000cfe840240 SAVEUIP(0x01, U21fe) lbsync_full: U2b15: 000900000000 MOVE_DSZ32(0x00000000) U2b16: 0fef01000000 LBSYNC(0x00000001) U2b18: 0fef07000000 LBSYNC(0x00000007) 0186c600 SEQW GOTO uret1 ------------------------------------------------------------------------------------ U2b19: 286a32e502b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000b, U5932) U2b1a: 00080d03a008 tmp10:= ZEROEXT_DSZ32(0x0000000d) U2b1c: 27010003e03a LFNCEMARK-> tmm6:= unk_701(tmm2) U2b1d: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U2b1e: 008401033232 tmp3:= AND_DSZ16(tmp2, 0x00000001) U2b20: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01b92e00 SEQW GOTO U392e ------------------------------------------------------------------------------------ U2b21: 06a046039000 tmp9:= unk_6a0(0x00000000) U2b22: 068a0003a239 tmp10:= FCOM2(tmp9, 0x00000000) U2b24: 076a0003103a mm1:= unk_76a(tmm2) U2b25: 003d00031031 tmp1:= MOVEINSERTFLGS_DSZ32(tmp1) U2b26: 0151ec5c0231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, uend) U2b28: 06a055008000 tmp0:= unk_6a0(0x00000000) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U2b29: 00630d031200 tmp1:= READURAM(0x000d, 64) U2b2a: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U2b2c: 006320032200 tmp2:= READURAM(0x0020, 64) U2b2d: 0004fe7f2c8b tmp2:= AND_DSZ32(0x00007ffe, tmp2) U2b2e: 002501032232 tmp2:= SHR_DSZ32(tmp2, 0x00000001) U2b30: 2dcfb0431c8a LFNCEMARK-> PORTOUT_DSZ8_ASZ16_SC1(0x000050b0, tmp2, tmp1) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U2b31: 010800831010 tmp1:= READUIP_REGOVR(0x01) U2b32: 00851d371c49 tmp1:= SUB_DSZ16(0x00002d1d, tmp1) U2b34: 015002400271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3002) U2b35: 00553f03c23c tmp12:= BTS_DSZ64(tmp12, 0x0000003f) U2b36: 00553e03c23c tmp12:= BTS_DSZ64(tmp12, 0x0000003e) U2b38: 204200000e7c SYNCFULL-> MOVETOCREG_DSZ64(tmp12, tmp9) 0804f448 SEQW URET0 ------------------------------------------------------------------------------------ U2b39: 100a20031200 tmp1:= TESTUSTATE(SYS, UST_SMM) 0804f448 ? SEQW GOTO U04f4 U2b3a: 00635703c200 tmp12:= READURAM(0x0057, 64) U2b3c: 000831030008 tmp0:= ZEROEXT_DSZ32(0x00000031) 01ac6200 SEQW GOTO U2c62 ------------------------------------------------------------------------------------ U2b3d: 000c16200200 SAVEUIP(0x00, U0816) U2b3e: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2b40: 0c4bc0274000 tmp4:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2b41: 204265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U2b42: 104500034cf4 tmp4:= SUB_DSZN(tmp4, tmp3) U2b44: 000903033008 LFNCEWAIT-> tmp3:= MOVE_DSZ32(0x00000003) 02653600 SEQW GOTO U6536 ------------------------------------------------------------------------------------ U2b45: 0045000b5dc8 tmp5:= SUB_DSZ64(0x00000200, tmp7) U2b46: 0000000b6008 tmp6:= ADD_DSZ32(0x00000200) U2b48: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U2b49: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U2b4a: 013ec41f8f48 tmp8:= MOVEMERGEFLGS_DSZ32(0x000007c4, tmp13) U2b4c: 0036c4238238 tmp8:= CMOVCC_DSZ32_CONDB(tmp8, 0x000008c4) 01ded500 SEQW GOTO rc4_decrypt ------------------------------------------------------------------------------------ U2b4d: 0004c0035dc8 tmp5:= AND_DSZ32(0x000000c0, tmp7) U2b4e: 000580032d48 tmp2:= SUB_DSZ32(0x00000080, tmp5) U2b50: 0150050802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U4205) U2b51: 27c00003e000 LFNCEMARK-> tmm6:= unk_7c0(0x00000000) U2b52: 00861e074cca tmp4:= XOR_DSZ16(0x0000411e, tmp3) U2b54: 015100000cf4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, tmp3) 01831a00 SEQW GOTO U031a ------------------------------------------------------------------------------------ U2b55: 00002003df48 tmp13:= ADD_DSZ32(0x00000020, tmp13) U2b56: 00250603623d tmp6:= SHR_DSZ32(tmp13, 0x00000006) U2b58: 004060035f88 tmp5:= ADD_DSZ64(0x00000060, tmp14) U2b59: 00883123b00b tmp11:= ZEROEXT_DSZ16(0x00006831) U2b5a: 00a10103bec8 tmp11:= CONCAT_DSZ16(0x00000001, tmp11) U2b5c: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0c400 SEQW GOTO calc_sha256_start ------------------------------------------------------------------------------------ U2b5d: 00a1000bb008 tmp11:= CONCAT_DSZ16(0x00000200) U2b5e: 00010903bec8 tmp11:= OR_DSZ32(0x00000009, tmp11) U2b60: 00430e08023b WRITEURAM(tmp11, 0x000e, 32) 01e0b810 SEQW SAVEUIP0 U2b61 SEQW GOTO U60b8 U2b61: 2dcbc0031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x000000c0) U2b62: 001603031231 tmp1:= BTR_DSZ32(tmp1, 0x00000003) U2b64: 2dcfc0031008 PORTOUT_DSZ8_ASZ16_SC1(0x000000c0, tmp1) 01e5f200 SEQW GOTO U65f2 ------------------------------------------------------------------------------------ U2b65: 000801138008 tmp8:= ZEROEXT_DSZ32(0x00000401) U2b66: 292869150236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000000, U5569) U2b68: 000803138008 tmp8:= ZEROEXT_DSZ32(0x00000403) U2b69: 092865710236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000001, U4c65) U2b6a: 0008031f8008 tmp8:= ZEROEXT_DSZ32(0x00000703) U2b6c: 092865b10236 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000002, U4c65) U2b6d: 19282cc10236 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000003, U602c) 0883e440 SEQW GOTO U03e4 ------------------------------------------------------------------------------------ U2b6e: 0062f61f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U2b70: 186a71dc0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000003, generate_#NM) U2b71: 006323032200 tmp2:= READURAM(0x0023, 64) U2b72: 004400072c88 tmp2:= AND_DSZ64(0x00000100, tmp2) U2b74: 004400033ca0 tmp3:= AND_DSZ64(rax, tmp2) U2b75: 00650103b233 tmp11:= SHR_DSZ64(tmp3, 0x00000001) U2b76: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71180 ? SEQW GOTO generate_#GP U2b78: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01ab8000 ? SEQW GOTO U2b80 U2b79: 006357030200 tmp0:= READURAM(0x0057, 64) U2b7a: 0e65c8030c0b tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x000003c8) U2b7c: 004400034c33 tmp4:= AND_DSZ64(tmp3, tmp0) U2b7d: 00083f030008 tmp0:= ZEROEXT_DSZ32(0x0000003f) U2b7e: 0151480402f4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U6148) U2b80: 20635b030200 tmp0:= READURAM(0x005b, 64) U2b81: 006538036230 tmp6:= SHR_DSZ64(tmp0, 0x00000038) U2b82: 004100036cb6 tmp6:= OR_DSZ64(tmp6, tmp2) U2b84: 000ce933d288 tmp13:= SAVEUIP(0x00, U4ce9) 09699900 SEQW GOTO U6999 ------------------------------------------------------------------------------------ U2b85: 196289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U2b86: 10629d0b1240 SYNCFULL-> tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U2b88: 186a892c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U2b89) 01ab8600 SEQW GOTO U2b86 ------------------------------------------------------------------------------------ U2b89: 30629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U2b8a: 386a283c0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U3f28) U2b8c: 386aa96802b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000009, U3aa9) U2b8d: 086b523002b1 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U0c52) 08ab8940 SEQW GOTO U2b89 ------------------------------------------------------------------------------------ U2b8e: 001510031231 tmp1:= BTS_DSZ32(tmp1, 0x00000010) U2b90: 001517032232 tmp2:= BTS_DSZ32(tmp2, 0x00000017) U2b91: 2d0f1027100a PORTOUT_DSZ32_ASZ16_SC1(0x00004910, tmp1) U2b92: 0e6500033034 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U2b94: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) U2b95: 2d0f1827300a PORTOUT_DSZ32_ASZ16_SC1(0x00004918, tmp3) U2b96: 006520033233 tmp3:= SHR_DSZ64(tmp3, 0x00000020) U2b98: 2d0f1c27300a PORTOUT_DSZ32_ASZ16_SC1(0x0000491c, tmp3) U2b99: 00151d031231 tmp1:= BTS_DSZ32(tmp1, 0x0000001d) U2b9a: 2d0f1027100a PORTOUT_DSZ32_ASZ16_SC1(0x00004910, tmp1) U2b9c: 2d0f0c27200a PORTOUT_DSZ32_ASZ16_SC1(0x0000490c, tmp2) U2b9d: 0004ff3f3c88 tmp3:= AND_DSZ32(0x00000fff, tmp2) U2b9e: 0005ff3f3cc8 tmp3:= SUB_DSZ32(0x00000fff, tmp3) U2ba0: 015044180233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U0644) U2ba1: 000001032c88 SYNCFULL-> tmp2:= ADD_DSZ32(0x00000001, tmp2) U2ba2: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 08ab9280 SEQW GOTO U2b92 ------------------------------------------------------------------------------------ U2ba4: 000000000000 NOP 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2ba5: 204286100230 MOVETOCREG_DSZ64(tmp0, 0x486) U2ba6: 000700033e70 tmp3:= NOTAND_DSZ32(tmp0, tmp9) U2ba8: 00043f033cc8 tmp3:= AND_DSZ32(0x0000003f, tmp3) U2ba9: 00872a039e50 tmp9:= NOTAND_DSZ16(0x00008080, tmp9) U2baa: 01b42a032433 tmp2:= CMOVCC_DSZ16_CONDZ(tmp3, 0x00008080) U2bac: 008100032cb9 tmp2:= OR_DSZ16(tmp9, tmp2) U2bad: 20428c100232 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, 0x48c) 08a21e40 SEQW GOTO U221e ------------------------------------------------------------------------------------ U2bae: 000cf4680280 SAVEUIP(0x00, U5af4) U2bb0: 0062c51bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c5) U2bb1: 00240403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000004) U2bb2: 00621c038200 tmp8:= MOVEFROMCREG_DSZ64(0x01c) U2bb4: 000100038e3f tmp8:= OR_DSZ32(tmp15, tmp8) U2bb5: 00627003f200 tmp15:= MOVEFROMCREG_DSZ64(0x070) U2bb6: 00a100038e3f tmp8:= CONCAT_DSZ16(tmp15, tmp8) U2bb8: 002100038d38 tmp8:= CONCAT_DSZ32(tmp8, tmp4) U2bb9: 0e7d20078008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000120, tmp8) U2bba: 00621b178200 tmp8:= MOVEFROMCREG_DSZ64(0x51b) U2bbc: 008800038e00 tmp8:= ZEROEXT_DSZ16(tmp8) U2bbd: 004262140238 MOVETOCREG_DSZ64(tmp8, 0x562) U2bbe: 000800330008 tmp0:= ZEROEXT_DSZ32(0x00000c00) U2bc0: 00a1f07f0c0f tmp0:= CONCAT_DSZ16(0x0000fff0, tmp0) U2bc1: 0021ff030c08 tmp0:= CONCAT_DSZ32(0x000000ff, tmp0) U2bc2: 004263140230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x563) 05016496 SEQW SAVEUIP1 U2bc4 SEQW GOTO U0164 U2bc4: 006267030200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2bc5: 0e7d00070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000100, tmp0) 025d1489 SEQW URET0 ------------------------------------------------------------------------------------ U2bc6: 100a00000380 TESTUSTATE(SYS, 0xc000) 025d1489 ? SEQW GOTO U5d14 U2bc8: 2d0f10000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000010, 0x00000000) U2bc9: 000802030008 tmp0:= ZEROEXT_DSZ32(0x00000002) 01e0aa51 SEQW SAVEUIP0 U2bca SEQW GOTO U60aa U2bca: 000cf91c0240 SAVEUIP(0x00, U27f9) U2bcc: 000000000000 NOP 018bc914 SEQW SAVEUIP1 U2bcd SEQW GOTO write_port_4c U2bcd: 2d0f18000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, 0x00000000) U2bce: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) U2bd0: 2d0f50000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000050, 0x00000000) 01a4d248 SEQW URET0 ------------------------------------------------------------------------------------ U2bd1: 100a00800300 TESTUSTATE(SYS, !0x8000) 01a4d248 ? SEQW GOTO U24d2 U2bd2: 006267032200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2bd4: 014300380c80 AETTRACE(0x0e, tmp2) 01a4d200 SEQW GOTO U24d2 ------------------------------------------------------------------------------------ U2bd5: 0c8000632032 tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, mode=0x18) U2bd6: 021e17000200 SIGEVENT(0x00000017) U2bd8: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U2bd9: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U2bda: 0d61001b0032 LFNCEWAIT-> tmp0:= unk_d61(tmp2) U2bdc: 0d61001f1032 tmp1:= unk_d61(tmp2) U2bdd: 007700030c31 tmp0:= CMOVCC_DSZ64_CONDNB(tmp1, tmp0) 0180a18d SEQW URET1 ------------------------------------------------------------------------------------ U2bde: 000d00800000 SAVEUIP_REGOVR(0x01, U2be0, 0x0000) 0180a18d SEQW GOTO U00a1 U2be0: 1928e52c0035 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U2be5) U2be1: 006300037cc0 tmp7:= READURAM(tmp3) U2be2: 004400037df5 tmp7:= AND_DSZ64(tmp5, tmp7) U2be4: 004100036df6 tmp6:= OR_DSZ64(tmp6, tmp7) U2be5: 204300000cf6 WRITEURAM(tmp6, tmp3) U2be6: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01abde80 SEQW GOTO U2bde ------------------------------------------------------------------------------------ U2be8: 000000000000 NOP 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2be9: 108100034021 tmp4:= OR_DSZN(rcx) U2bea: 20424e000010 MOVETOCREG_DSZ64(0x0000000b, 0x000) U2bec: 0150a05802f4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U76a0) U2bed: 1c0000630026 LFNCEWAIT-> tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) 02f58555 SEQW SAVEUIP1 U2bee SEQW GOTO U7585 U2bee: 108501034d08 tmp4:= SUB_DSZN(0x00000001, tmp4) U2bf0: 108800021874 rcx:= ZEROEXT_DSZ16N(tmp4, rcx) U2bf1: 11890b826988 MSLOOP-> rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) 052bec65 SEQW GOTO U2bec ------------------------------------------------------------------------------------ U2bf2: 0e7b6927bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U2bf4: 005000000efb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U2bf5: 000800000000 NOP U2bf6: 000800000000 NOP U2bf8: 0df300240033 LFNCEWAIT-> LEA_DSZ8_ASZ32_SC1(tmp3) U2bf9: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 022bfd40 ? SEQW GOTO U2bfd U2bfa: 0c4b40271000 tmp1:= RDSEGFLD(UNK_SEG_09, FLGS) U2bfc: 0042f51c0231 MOVETOCREG_DSZ64(tmp1, 0x7f5) U2bfd: 0c4bc0271000 tmp1:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2bfe: 00428e1c0231 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, 0x78e) 033afc96 SEQW SAVEUIP1 U2c00 SEQW GOTO U3afc U2c00: 104800024024 rsp:= ZEROEXT_DSZ64N(rsp) U2c01: 125500000cc0 LFNCEWAIT-> FETCHFROMEIP1_ASZ64(tmp3) U2c02: 0c4ba0270000 tmp0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U2c04: 0c6ba2000030 WRSEGFLD(tmp0, CS, SEL+FLGS+LIM) U2c05: 0c4b20270000 tmp0:= RDSEGFLD(UNK_SEG_09, BASE) U2c06: 0c6b22000030 WRSEGFLD(tmp0, CS, BASE) U2c08: 105e00000cc0 SYNCWAIT-> MJMPTARGET_INDIRECT_ASZ64(tmp3) 0a48b570 SEQW UEND0 ------------------------------------------------------------------------------------ U2c09: 000a10000200 TESTUSTATE(UCODE, 0x0010) 0a48b570 ? SEQW GOTO U48b5 U2c0a: 0cb00bab2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U2c0c: 1c30002b3024 tmp3:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) 01c8b500 SEQW GOTO U48b5 ------------------------------------------------------------------------------------ U2c0d: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U2c0e: 000403039c48 tmp9:= AND_DSZ32(0x00000003, tmp1) U2c10: 00250f03ac88 tmp10:= SHR_DSZ32(0x0000000f, tmp2) U2c11: 00240003ae7a tmp10:= SHL_DSZ32(tmp10, tmp9) U2c12: 00070f03ae88 tmp10:= NOTAND_DSZ32(0x0000000f, tmp10) U2c14: 01300303f232 tmp15:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000003) U2c15: 000600039e7f tmp9:= XOR_DSZ32(tmp15, tmp9) 01e14889 SEQW URET0 ------------------------------------------------------------------------------------ U2c16: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01e14889 ? SEQW GOTO U6148 U2c18: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 01df2910 ? SEQW SAVEUIP0 U2c19 ? SEQW GOTO U5f29 U2c19: 00080f03d008 tmp13:= ZEROEXT_DSZ32(0x0000000f) U2c1a: 000800000000 NOP U2c1c: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71100 ? SEQW GOTO generate_#GP U2c1d: 00635603c200 tmp12:= READURAM(0x0056, 64) U2c1e: 004001031f08 tmp1:= ADD_DSZ64(0x00000001, tmp12) U2c20: 0052ae100231 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, set_carry_uend) 04ad6e00 SEQW GOTO U2d6e ------------------------------------------------------------------------------------ U2c21: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U2c22: 000ce4d802c0 SAVEUIP(0x01, U76e4) U2c24: 0062f61fb200 tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U2c25: 100ac2800200 TESTUSTATE(SYS, !UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 018000c9 ? SEQW URET0 U2c26: 006318035200 tmp5:= READURAM(0x0018, 64) U2c28: 006317036200 tmp6:= READURAM(0x0017, 64) U2c29: 000848032008 tmp2:= ZEROEXT_DSZ32(0x00000048) 01db648d SEQW URET1 ------------------------------------------------------------------------------------ U2c2a: 000a04838200 tmp8:= TESTUSTATE(UCODE, !0x0004) 01db648d ? SEQW GOTO U5b64 U2c2c: 100a00038300 tmp8:= TESTUSTATE(SYS, 0x8000) 01bde500 ? SEQW GOTO U3de5 U2c2d: 000800000000 NOP U2c2e: 000800000000 NOP U2c30: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) 01e0aa10 SEQW SAVEUIP0 U2c31 SEQW GOTO U60aa U2c31: 000433077dd0 tmp7:= AND_DSZ32(0x00ff0000, tmp7) U2c32: 000800000000 NOP U2c34: 0130b9038437 tmp8:= SELECTCC_DSZ32_CONDZ(tmp7, 0x000f0000) 06bde500 SEQW GOTO U3de5 ------------------------------------------------------------------------------------ U2c35: 18a288080242 LFNCEWTMRK-> MOVETOCREG_SHL_DSZ64(r64src, 0x00000004, UCODE_CR_X2APIC_TPR) U2c36: 006514038238 tmp8:= SHR_DSZ64(tmp8, 0x00000014) U2c38: 00040f038e08 tmp8:= AND_DSZ32(0x0000000f, tmp8) U2c39: 000500038e33 tmp8:= SUB_DSZ32(tmp3, tmp8) U2c3a: 0005000330b3 tmp3:= SUB_DSZ32(tmp3, r64src) U2c3c: 000400033cf8 tmp3:= AND_DSZ32(tmp8, tmp3) U2c3d: 0250e1000233 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp3, U00e1) 01808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U2c3e: 00080f1ff008 tmp15:= ZEROEXT_DSZ32(0x0000070f) U2c40: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01ac5600 ? SEQW GOTO U2c56 U2c41: 00631203e200 tmp14:= READURAM(0x0012, 64) U2c42: 000800000000 NOP U2c44: 000dfe800000 SAVEUIP_REGOVR(0x01, U2c45, 0x00fe) 01ebfd00 SEQW GOTO U6bfd U2c45: 000800000000 NOP U2c46: 000800000000 NOP U2c48: 006327014200 LFNCEWAIT-> tmpv0:= READURAM(0x0027, 64) 02334d10 SEQW SAVEUIP0 U2c49 SEQW GOTO U334d U2c49: 000800000000 NOP U2c4a: 000800000000 NOP U2c4c: 006328014200 LFNCEWAIT-> tmpv0:= READURAM(0x0028, 64) U2c4d: 006518014214 tmpv0:= SHR_DSZ64(tmpv0, 0x00000018) U2c4e: 0047ff014508 tmpv0:= NOTAND_DSZ64(0x000000ff, tmpv0) 02334d92 SEQW SAVEUIP0 U2c50 SEQW GOTO U334d U2c50: 006210155200 tmpv1:= MOVEFROMCREG_DSZ64(0x510) U2c51: 000402014548 tmpv0:= AND_DSZ32(0x00000002, tmpv1) U2c52: 002501014214 tmpv0:= SHR_DSZ32(tmpv0, 0x00000001) 01b34d92 SEQW SAVEUIP0 U2c54 SEQW GOTO U334d U2c54: 000cd0600240 SAVEUIP(0x00, U38d0) U2c55: 000800014015 tmpv0:= ZEROEXT_DSZ32(tmpv1) 01b34d55 SEQW SAVEUIP1 U2c56 SEQW GOTO U334d U2c56: 000000000000 NOP U2c58: 100a2003623d tmp6:= TESTUSTATE(tmp13, SYS, UST_SMM) 01d71500 ? SEQW GOTO U5715 U2c59: 000830030008 tmp0:= ZEROEXT_DSZ32(0x00000030) U2c5a: 00635703c200 tmp12:= READURAM(0x0057, 64) U2c5c: 00040d031cd0 tmp1:= AND_DSZ32(0x000001bf, tmp3) 01a89a10 SEQW SAVEUIP0 U2c5d SEQW GOTO U289a U2c5d: 000100031c75 tmp1:= OR_DSZ32(tmp5, tmp1) U2c5e: 006343036200 tmp6:= READURAM(0x0043, 64) U2c60: 186acda10736 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000032, U68cd) U2c61: 20433e000239 WRITEURAM(tmp9, 0x003e, 64) U2c62: 100a8083a23d tmp10:= TESTUSTATE(tmp13, SYS, !UST_VMX_GUEST) 0431c280 ? SEQW GOTO U31c2 U2c64: 0e6d08032f0b LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000308, tmp2) 024e8400 SEQW GOTO U4e84 ------------------------------------------------------------------------------------ U2c65: 00074b0b2c90 tmp2:= NOTAND_DSZ32(0x0000000c, tmp2) U2c66: 000700031d72 tmp1:= NOTAND_DSZ32(tmp2, tmp5) U2c68: 000100035cb5 tmp5:= OR_DSZ32(tmp5, tmp2) U2c69: 386b04880271 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000006, U3204) U2c6a: 2d0b1833100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004c18) U2c6c: 000704031c48 tmp1:= NOTAND_DSZ32(0x00000004, tmp1) U2c6d: 2d0f1833100a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x00004c18, tmp1) 04b20440 SEQW GOTO U3204 ------------------------------------------------------------------------------------ U2c6e: 213f00000030 unk_13f(tmp0) U2c70: 0042fe1c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_EFLAGS) U2c71: 09029edc0200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x79e) U2c72: 00401007ef08 tmp14:= ADD_DSZ64(0x00000110, tmp12) 04dc3992 SEQW SAVEUIP0 U2c74 SEQW GOTO U5c39 U2c74: 0e6b09000d00 LFNCEWTMRK-> unk_e6b(tmp4) U2c75: 00402007ef08 tmp14:= ADD_DSZ64(0x00000120, tmp12) 065c3951 SEQW SAVEUIP0 U2c76 SEQW GOTO U5c39 U2c76: 0e6b0b000d00 unk_e6b(tmp4) U2c78: 00400807ef08 tmp14:= ADD_DSZ64(0x00000108, tmp12) 035c3910 SEQW SAVEUIP0 U2c79 SEQW GOTO U5c39 U2c79: 0e6b08000d00 unk_e6b(tmp4) U2c7a: 0c4b4027d000 LFNCEWAIT-> tmp13:= RDSEGFLD(UNK_SEG_09, FLGS) U2c7c: 2042f51c023d LFNCEMARK-> MOVETOCREG_DSZ64(tmp13, 0x7f5) U2c7d: 00401807ef08 tmp14:= ADD_DSZ64(0x00000118, tmp12) 045c3951 SEQW SAVEUIP0 U2c7e SEQW GOTO U5c39 U2c7e: 000800000000 NOP U2c80: 0e6b0a000d00 LFNCEWTMRK-> unk_e6b(tmp4) U2c81: 00402807ef08 tmp14:= ADD_DSZ64(0x00000128, tmp12) 065c3951 SEQW SAVEUIP0 U2c82 SEQW GOTO U5c39 U2c82: 0e6b0c000d00 unk_e6b(tmp4) U2c84: 00403007ef08 tmp14:= ADD_DSZ64(0x00000130, tmp12) 01dc3910 SEQW SAVEUIP0 U2c85 SEQW GOTO U5c39 U2c85: 0e6b0d000d00 unk_e6b(tmp4) U2c86: 000800000000 NOP U2c88: 000000000000 NOP 01960c00 SEQW GOTO U160c ------------------------------------------------------------------------------------ U2c89: 00240a031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000a) U2c8a: 000100035d71 tmp5:= OR_DSZ32(tmp1, tmp5) U2c8c: 002502031232 tmp1:= SHR_DSZ32(tmp2, 0x00000002) U2c8d: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U2c8e: 000100035d71 tmp5:= OR_DSZ32(tmp1, tmp5) U2c90: 002509031232 tmp1:= SHR_DSZ32(tmp2, 0x00000009) U2c91: 000402031c48 tmp1:= AND_DSZ32(0x00000002, tmp1) 01b05640 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U2c92: 00636303a200 tmp10:= READURAM(0x0063, 64) U2c94: 00041003ae88 tmp10:= AND_DSZ32(0x00000010, tmp10) U2c95: 1062850b2240 tmp2:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U2c96: 186b98b002b2 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x0000000a, U2c98) 01ac9980 SEQW GOTO U2c99 ------------------------------------------------------------------------------------ U2c98: 0151ae7002ba SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U5cae) 085cda10 SEQW SAVEUIP0 U2c99 SEQW GOTO U5cda U2c99: 00636403a200 tmp10:= READURAM(0x0064, 64) U2c9a: 006365032200 tmp2:= READURAM(0x0065, 64) U2c9c: 002100032eb2 tmp2:= CONCAT_DSZ32(tmp2, tmp10) U2c9d: 074400039032 tmm1:= unk_744(mm2) U2c9e: 006366032200 tmp2:= READURAM(0x0066, 64) U2ca0: 000800032032 tmp2:= ZEROEXT_DSZ32(tmp2) U2ca1: 078200039e72 tmm1:= unk_782(mm2, tmm1) U2ca2: 002504032232 tmp2:= SHR_DSZ32(tmp2, 0x00000004) U2ca4: 07c200039e72 tmm1:= unk_7c2(mm2, tmm1) U2ca5: 002511032232 tmp2:= SHR_DSZ32(tmp2, 0x00000011) U2ca6: 070200008e72 LFNCEMARK-> mm0:= unk_702(mm2, tmm1) U2ca8: 006367032200 tmp2:= READURAM(0x0067, 64) U2ca9: 00428c100232 MOVETOCREG_DSZ64(tmp2, 0x48c) U2caa: 00a50b035232 tmp5:= SHR_DSZ16(tmp2, 0x0000000b) U2cac: 00c407035d48 tmp5:= AND_DSZ8(0x00000007, tmp5) U2cad: 09a26b000332 LFNCEWAIT-> MOVETOCREG_SHR_DSZ64(tmp2, 0x00000010, 0x06b) U2cae: 000800000000 NOP U2cb0: 004273000235 SYNCFULL-> MOVETOCREG_DSZ64(tmp5, 0x073) 0860d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U2cb1: 000c3ce80200 SAVEUIP(0x01, U1a3c) U2cb2: 00633503d200 tmp13:= READURAM(0x0035, 64) U2cb4: 186ab5b002bd BTUJB_DIRECT_NOTTAKEN(tmp13, 0x0000000a, U2cb5) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2cb5: 000c81e80240 SAVEUIP(0x01, U3a81) U2cb6: 1062f10b9240 tmp9:= MOVEFROMCREG_DSZ64(0x2f1, 32) U2cb8: 0004001b9e48 tmp9:= AND_DSZ32(0x00000600, tmp9) U2cb9: 015160700279 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U3c60) 0198d040 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U2cba: 021e6f000200 SIGEVENT(0x0000006f) U2cbc: 000a20800200 TESTUSTATE(UCODE, !0x0020) 04acd800 ? SEQW GOTO U2cd8 U2cbd: 30420f080240 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U2cbe: 0000603bcfc9 tmp12:= ADD_DSZ32(0x00002e60, tmp15) U2cc0: 000e03200280 LFNCEWAIT-> WRMSLOOPCTRFBR(0x00004803) 02577910 SEQW SAVEUIP0 U2cc1 SEQW GOTO U5779 U2cc1: 10620e0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x20e, 32) U2cc2: 0000603fcfc9 tmp12:= ADD_DSZ32(0x00002f60, tmp15) U2cc4: 0e7d0003003c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp0) U2cc5: 0062bb1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7bb) U2cc6: 0000803fcfc9 tmp12:= ADD_DSZ32(0x00002f80, tmp15) U2cc8: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U2cc9: 0000a03fcfc9 tmp12:= ADD_DSZ32(0x00002fa0, tmp15) U2cca: 000e08400240 LFNCEWAIT-> WRMSLOOPCTRFBR(0x00003008) 03576992 SEQW SAVEUIP0 U2ccc SEQW GOTO U5769 U2ccc: 000e06600240 WRMSLOOPCTRFBR(0x00003806) 01d77910 SEQW SAVEUIP0 U2ccd SEQW GOTO U5779 U2ccd: 1062d40b3240 tmp3:= MOVEFROMCREG_DSZ64(0x2d4, 32) U2cce: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U2cd0: 002100033cf2 tmp3:= CONCAT_DSZ32(tmp2, tmp3) U2cd1: 0000804bcfc9 tmp12:= ADD_DSZ32(0x00003280, tmp15) U2cd2: 0e7d0003303c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp3) U2cd4: 006270032200 tmp2:= MOVEFROMCREG_DSZ64(0x070) U2cd5: 0000a03bcfc8 tmp12:= ADD_DSZ32(0x00000ea0, tmp15) U2cd6: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U2cd8: 00088077a00d LFNCEWAIT-> tmp10:= ZEROEXT_DSZ32(0x0000bd80) 02782e00 SEQW GOTO U782e ------------------------------------------------------------------------------------ U2cd9: 000410014508 tmpv0:= AND_DSZ32(0x00000010, tmpv0) U2cda: 006343015200 tmpv1:= READURAM(0x0043, 64) U2cdc: 006521015215 tmpv1:= SHR_DSZ64(tmpv1, 0x00000021) U2cdd: 000400014554 tmpv0:= AND_DSZ32(tmpv0, tmpv1) U2cde: 013102015214 tmpv1:= SELECTCC_DSZ32_CONDNZ(tmpv0, 0x00000002) U2ce0: 013006016214 tmpv2:= SELECTCC_DSZ32_CONDZ(tmpv0, 0x00000006) U2ce1: 000001016588 tmpv2:= ADD_DSZ32(0x00000001, tmpv2) 01ace689 SEQW URET0 ------------------------------------------------------------------------------------ U2ce2: 000a00432240 tmp2:= TESTUSTATE(UCODE, 0x3000) 01ace689 ? SEQW GOTO U2ce6 U2ce4: 000d12031000 tmp1:= SAVEUIP_REGOVR(0x00, U2ce5, 0x0012) 01b04400 SEQW GOTO U3044 U2ce5: 002405032231 tmp2:= SHL_DSZ32(tmp1, 0x00000005) U2ce6: 0d6800030035 unk_d68(tmp5, tmp0) U2ce8: 0d6808038035 unk_d68(tmp5, tmp8) U2ce9: 0d6810032035 unk_d68(tmp5, tmp2) U2cea: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 01d73e80 ? SEQW GOTO U573e U2cec: 000018030d48 tmp0:= ADD_DSZ32(0x00000018, tmp5) U2ced: 0d2808030e74 unk_d28(tmp4, tmp9, tmp0) 01ba2d40 SEQW GOTO U3a2d ------------------------------------------------------------------------------------ U2cee: 001503020220 rax:= BTS_DSZ32(rax, 0x00000003) U2cf0: 001503023223 rbx:= BTS_DSZ32(rbx, 0x00000003) U2cf1: 00082a071010 tmp1:= ZEROEXT_DSZ32(0x00830f00) U2cf2: 000880032010 tmp2:= ZEROEXT_DSZ32(0x0003017f) U2cf4: 000c06100280 SAVEUIP(0x00, U4406) 0527c114 SEQW SAVEUIP1 U2cf5 SEQW GOTO uarch_bufs_ldat_init U2cf5: 00085d030010 tmp0:= ZEROEXT_DSZ32(0x00011000) U2cf6: 204231180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x631) U2cf8: 004234180200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x634) U2cf9: 004235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U2cfa: 004236180200 MOVETOCREG_DSZ64(0x00000000, 0x636) U2cfc: 004237180200 MOVETOCREG_DSZ64(0x00000000, 0x637) U2cfd: 004238180200 MOVETOCREG_DSZ64(0x00000000, 0x638) U2cfe: 296230580300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x630) U2d00: 2062301b2200 SYNCFULL-> tmp2:= MOVEFROMCREG_DSZ64(0x630) U2d01: 0004ff3f2c88 tmp2:= AND_DSZ32(0x00000fff, tmp2) U2d02: 015004340272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U2d04) 082d0080 SEQW GOTO U2d00 ------------------------------------------------------------------------------------ U2d04: 00084c5f000c tmp0:= ZEROEXT_DSZ32(0x0000974c) U2d05: 00a100030c0a tmp0:= CONCAT_DSZ16(0x00004000, tmp0) U2d06: 0d8b00032030 tmp2:= PORTIN_DSZ16_ASZ16_SC1(tmp0) U2d08: 00070c432c88 tmp2:= NOTAND_DSZ32(0x0000100c, tmp2) U2d09: 000100032ca0 tmp2:= OR_DSZ32(rax, tmp2) U2d0a: 000100032c89 tmp2:= OR_DSZ32(0x00002000, tmp2) U2d0c: 0d8f00032030 PORTOUT_DSZ16_ASZ16_SC1(tmp0, tmp2) U2d0d: 0008e113e009 tmp14:= ZEROEXT_DSZ32(0x000024e1) 01d4b440 SEQW GOTO U54b4 ------------------------------------------------------------------------------------ U2d0e: 006202078200 tmp8:= MOVEFROMCREG_DSZ64(0x102) U2d10: 000800038038 tmp8:= ZEROEXT_DSZ32(tmp8) U2d11: 000001031e08 tmp1:= ADD_DSZ32(0x00000001, tmp8) U2d12: 000400031e31 tmp1:= AND_DSZ32(tmp1, tmp8) U2d14: 01701003a231 tmp10:= SELECTCC_DSZ64_CONDZ(tmp1, 0x00000010) U2d15: 006310031200 tmp1:= READURAM(0x0010, 64) U2d16: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U2d18: 002100038e31 tmp8:= CONCAT_DSZ32(tmp1, tmp8) U2d19: 0047ff7f87f8 tmp8:= NOTAND_DSZ64(tmp8, 0xffffffffffffffff) U2d1a: 006201073200 tmp3:= MOVEFROMCREG_DSZ64(0x101) U2d1c: 000d218c0300 SAVEUIP_REGOVR(0x01, U2d1d, 0x8321) 056c6100 SEQW GOTO U6c61 U2d1d: 0062b1031200 tmp1:= MOVEFROMCREG_DSZ64(0x0b1) U2d1e: 2902b1000eb1 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp1, tmp10, 0x0b1) U2d20: 0062b1038200 LFNCEWAIT-> tmp8:= MOVEFROMCREG_DSZ64(0x0b1) U2d21: 2042f01c0235 MOVETOCREG_DSZ64(tmp5, 0x7f0) U2d22: 000d210c0300 SAVEUIP_REGOVR(0x00, U2d24, 0x8321) 025c9e80 SEQW GOTO U5c9e U2d24: 0062c31b2200 tmp2:= MOVEFROMCREG_DSZ64(0x6c3) U2d25: 2962c3980232 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp2, 0x00000002, 0x6c3) U2d26: 006520031238 tmp1:= SHR_DSZ64(tmp8, 0x00000020) U2d28: 0150ad180231 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U06ad) U2d29: 100a00038300 tmp8:= TESTUSTATE(SYS, 0x8000) 01ad2c40 ? SEQW GOTO U2d2c U2d2a: 003d01038e08 tmp8:= MOVEINSERTFLGS_DSZ32(0x00000001, tmp8) U2d2c: 010800831010 tmp1:= READUIP_REGOVR(0x01) U2d2d: 00880003ec7e tmp14:= ZEROEXT_DSZ16(tmp14, tmp1) U2d2e: 01420b000f80 SYNCFULL-> UFLOWCTRL(URET1, tmp14) 095e0680 SEQW GOTO U5e06 ------------------------------------------------------------------------------------ U2d30: 0c4b40270000 LFNCEWAIT-> tmp0:= RDSEGFLD(UNK_SEG_09, FLGS) U2d31: 0042f51c0230 MOVETOCREG_DSZ64(tmp0, 0x7f5) U2d32: 0c4b60270000 tmp0:= RDSEGFLD(UNK_SEG_09, LIMIT) U2d34: 004210100230 MOVETOCREG_DSZ64(tmp0, 0x410) U2d35: 000001030c08 tmp0:= ADD_DSZ32(0x00000001, tmp0) U2d36: 0042001c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x700) U2d38: 0c4bc0270000 LFNCEWAIT-> tmp0:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U2d39: 000800000000 NOP U2d3a: 000800000000 NOP U2d3c: 00428e1c0230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x78e) 0837b28c SEQW URET1 ------------------------------------------------------------------------------------ U2d3d: 000ca1b3e208 tmp14:= SAVEUIP(0x01, U0ca1) U2d3e: 000a20800200 TESTUSTATE(UCODE, !0x0020) 0837b28c ? SEQW GOTO U37b2 U2d40: 05fa3903ffff tmm7:= SHUFPD(tmm7, tmm7) U2d41: 05fa3903cf3c tmm4:= SHUFPD(tmm4, tmm4) 01b9a640 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U2d42: 0062f51f4200 tmp4:= MOVEFROMCREG_DSZ64(0x7f5) U2d44: 100a00000280 TESTUSTATE(SYS, 0x4000) 01ad4e00 ? SEQW GOTO U2d4e U2d45: 000700031ebb tmp1:= NOTAND_DSZ32(tmp11, tmp10) U2d46: 000400031db1 tmp1:= AND_DSZ32(tmp1, tmp6) U2d48: 0007f0077437 tmp7:= NOTAND_DSZ32(tmp7, 0x80000000) U2d49: 002412032234 tmp2:= SHL_DSZ32(tmp4, 0x00000012) U2d4a: 000100032cb7 tmp2:= OR_DSZ32(tmp7, tmp2) U2d4c: 000400032cb1 tmp2:= AND_DSZ32(tmp1, tmp2) U2d4d: 0250111c0272 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp2, generate_#GP) U2d4e: 000a40000200 TESTUSTATE(UCODE, 0x0040) 06ad5680 ? SEQW GOTO U2d56 U2d50: 000500031d0b tmp1:= SUB_DSZ32(0x00006000, tmp4) U2d51: 0150111c0271 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) U2d52: 0c4b403f2000 tmp2:= RDSEGFLD(TSS, FLGS) U2d54: 00041f032c88 tmp2:= AND_DSZ32(0x0000001f, tmp2) U2d55: 192811dc0232 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmp2, 0x00000003, generate_#GP) U2d56: 000a80800200 TESTUSTATE(UCODE, !0x0080) 06da65d6 ? SEQW SAVEUIP1 U2d58 ? SEQW GOTO U5a65 U2d58: 000a10000200 TESTUSTATE(UCODE, 0x0010) 03207000 ? SEQW GOTO U2070 U2d59: 000600135d48 tmp5:= XOR_DSZ32(0x00000400, tmp5) U2d5a: 0042ff1c0235 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp5, 0x7ff) U2d5c: 000c70800240 SAVEUIP(0x01, U2070) U2d5d: 1062f91f0240 tmp0:= MOVEFROMCREG_DSZ64(0x7f9, 32) U2d5e: 000480031c08 tmp1:= AND_DSZ32(0x00000080, tmp0) U2d60: 0042f11c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x7f1) U2d61: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U2d62: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U2d64: 1042f91c0270 MOVETOCREG_DSZ64(tmp0, 0x7f9, 32) 04adea4c SEQW URET1 ------------------------------------------------------------------------------------ U2d65: 186a66f402ff LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000f, U2d66) 04adea4c SEQW GOTO U2dea ------------------------------------------------------------------------------------ U2d66: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U2d68: 2042521c023f MOVETOCREG_DSZ64(tmp15, 0x752) 02adec00 SEQW GOTO U2dec ------------------------------------------------------------------------------------ U2d69: 006267033200 LFNCEWAIT-> tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2d6a: 014300340cc0 AETTRACE(0x0d, tmp3) U2d6c: 20421e140200 MOVETOCREG_DSZ64(0x00000000, 0x51e) U2d6d: 204213140200 MOVETOCREG_DSZ64(0x00000000, 0x513) U2d6e: 204200000200 LFNCEWTMRK-> MOVETOCREG_DSZ64(0x00000000, 0x000) U2d70: 0e2d3803df0a STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000238, tmp13) U2d71: 203d08000008 MOVEINSERTFLGS_DSZ32(0x00000008) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ check_rsa_padding_signature: U2d72: 00638e03d200 tmp13:= READURAM(0x008e, 64) U2d74: 00652003e23d tmp14:= SHR_DSZ64(tmp13, 0x00000020) U2d75: 003d0003df7e tmp13:= MOVEINSERTFLGS_DSZ32(tmp14, tmp13) U2d76: 00638d03e200 tmp14:= READURAM(0x008d, 64) U2d78: 0048007f001f tmp0:= ZEROEXT_DSZ64(0xffffffffffffff00) U2d79: 0e6520035037 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000020) U2d7a: 2929951d0c35 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, tmp0, rsa_signing_error) U2d7c: 000e1903c208 tmp12:= WRMSLOOPCTRFBR(0x00000019) U2d7d: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U2d7e: 004028036dc8 tmp6:= ADD_DSZ64(0x00000028, tmp7) U2d80: 0048ff7f001f tmp0:= ZEROEXT_DSZ64(0xffffffffffffffff) U2d81: 0e6500035cb6 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp2) U2d82: 2929951d0c35 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, tmp0, rsa_signing_error) U2d84: 004008032c88 tmp2:= ADD_DSZ64(0x00000008, tmp2) U2d85: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01ad8140 SEQW GOTO U2d81 ------------------------------------------------------------------------------------ U2d86: 002173030c10 tmp0:= CONCAT_DSZ32(0x0001ffff, tmp0) U2d88: 0e65f8035237 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x000000f8) U2d89: 2929951d0c35 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, tmp0, rsa_signing_error) U2d8a: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U2d8c: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U2d8d: 0e65e0030cb7 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2, 0xffffffffffffffe0) U2d8e: 0e6500031cb7 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2) U2d90: 2929951d0c70 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, tmp1, rsa_signing_error) U2d91: 004008032c88 tmp2:= ADD_DSZ64(0x00000008, tmp2) U2d92: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01ad8d80 SEQW GOTO U2d8d ------------------------------------------------------------------------------------ U2d94: 03380003f000 tmp15:= CLC(0x00000000) 01d79600 SEQW GOTO U5796 ------------------------------------------------------------------------------------ U2d95: 00251a03b23e tmp11:= SHR_DSZ32(tmp14, 0x0000001a) U2d96: 00070103bec8 tmp11:= NOTAND_DSZ32(0x00000001, tmp11) U2d98: 00010803bec8 tmp11:= OR_DSZ32(0x00000008, tmp11) U2d99: 003d0003bfbb tmp11:= MOVEINSERTFLGS_DSZ32(tmp11, tmp14) U2d9a: 0062e11ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7e1) U2d9c: 186a111c023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000000, generate_#GP) U2d9d: 004510037d48 tmp7:= SUB_DSZ64(0x00000010, tmp5) 01e0d440 SEQW GOTO U60d4 ------------------------------------------------------------------------------------ U2d9e: 000e03000200 WRMSLOOPCTRFBR(0x00000003) U2da0: 017c00003000 rdi:= unk_17c(0x00000000) U2da1: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01ada040 ? SEQW GOTO U2da0 U2da2: 0062011f0200 tmp0:= MOVEFROMCREG_DSZ64(0x701) U2da4: 00471b0b0c10 tmp0:= NOTAND_DSZ64(0xf0000000, tmp0) U2da5: 0042011f0230 tmp0:= MOVETOCREG_DSZ64(tmp0, 0x701) U2da6: 20434b000200 WRITEURAM(0x00000000, 0x004b, 64) U2da8: 000823030008 tmp0:= ZEROEXT_DSZ32(0x00000023) U2da9: 004205000230 MOVETOCREG_DSZ64(tmp0, 0x005) U2daa: 00421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U2dac: 000125030008 tmp0:= OR_DSZ32(0x00000025) U2dad: 20420b000230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x00b) 04816455 SEQW SAVEUIP1 U2dae SEQW GOTO U0164 U2dae: 0062bb1f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7bb) U2db0: 286b4a3102b0 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000008, U5c4a) U2db1: 0008f07f200f tmp2:= ZEROEXT_DSZ32(0x0000fff0) U2db2: 00628e1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x78e) U2db4: 000000031c72 tmp1:= ADD_DSZ32(tmp2, tmp1) U2db5: 004267000231 MOVETOCREG_DSZ64(tmp1, CORE_CR_CUR_RIP) U2db6: 096272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U2db8: 000d00800000 SAVEUIP_REGOVR(0x01, U2db9, 0x0000) 01ab1500 SEQW GOTO lbsync_full U2db9: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U2dba: 000800000000 NOP U2dbc: 186abd3402b0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000008, U2dbd) 01c3ae00 SEQW GOTO U43ae ------------------------------------------------------------------------------------ U2dbd: 004367000231 WRITEURAM(tmp1, 0x0067, 64) U2dbe: 0088ea0f0009 tmp0:= ZEROEXT_DSZ16(0x000023ea) U2dc0: 00a183030c08 tmp0:= CONCAT_DSZ16(0x00000083, tmp0) U2dc1: 004307080230 WRITEURAM(tmp0, 0x0007, 32) 01ba4440 SEQW GOTO U3a44 ------------------------------------------------------------------------------------ U2dc2: 286a94ed033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000013, U5b94) U2dc4: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2dc5: 00073f03f23f tmp15:= NOTAND_DSZ32(tmp15, 0x0000003f) U2dc6: 0150946c02bf UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U5b94) U2dc8: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2dc9: 01420a03ff7f tmp15:= UFLOWCTRL(tmp15, URET0, tmp13) U2dca: 01420b000fbf UFLOWCTRL(tmp15, URET1, tmp14) U2dcc: 01420e000f00 UFLOWCTRL(MSLOOPCTR, tmp12) U2dcd: 186acef4037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000017, U2dce) 01add240 SEQW GOTO U2dd2 ------------------------------------------------------------------------------------ U2dce: 00633f03f200 tmp15:= READURAM(0x003f, 64) U2dd0: 0042c518023f MOVETOCREG_DSZ64(tmp15, 0x6c5) U2dd1: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2dd2: 186a6534033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000010, U2d65) U2dd4: 00043f03f23f tmp15:= AND_DSZ32(tmp15, 0x0000003f) U2dd5: 0928357403ff CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x0000001d, U0d35) U2dd6: 20436100023e LFNCEMARK-> WRITEURAM(tmp14, 0x0061, 64) U2dd8: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2dd9: 186ae1f4033f LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000013, U2de1) U2dda: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U2ddc: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2ddd: 10450003efbf tmp14:= SUB_DSZN(tmp15, tmp14) U2dde: 00421a1c023e LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp14, 0x71a) U2de0: 00421c1c023f LFNCEWAIT-> MOVETOCREG_DSZ64(tmp15, 0x71c) U2de1: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U2de2: 2042521c023f MOVETOCREG_DSZ64(tmp15, 0x752) U2de4: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U2de5: 186ae9f402ff LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000f, U2de9) U2de6: 000800000000 NOP U2de8: 125600000000 LFNCEWAIT-> unk_256(0x00000000) U2de9: 00636103e200 tmp14:= READURAM(0x0061, 64) U2dea: 186a450402ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000c, U2145) U2dec: 00620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) U2ded: 015d00000fc0 SYNCFULL-> UJMP(tmp15) ------------------------------------------------------------------------------------ U2dee: 000806030008 tmp0:= ZEROEXT_DSZ32(0x00000006) 08d8c192 SEQW SAVEUIP0 U2df0 SEQW GOTO U58c1 U2df0: 00630e030200 tmp0:= READURAM(0x000e, 64) 01bbea00 SEQW GOTO U3bea ------------------------------------------------------------------------------------ U2df1: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U2df2: 002501037230 tmp7:= SHR_DSZ32(tmp0, 0x00000001) U2df4: 004470037dc8 tmp7:= AND_DSZ64(0x00000070, tmp7) U2df5: 004000037df8 tmp7:= ADD_DSZ64(tmp8, tmp7) U2df6: 0e2500039df4 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp7) U2df8: 001500039c39 tmp9:= BTS_DSZ32(tmp9, tmp0) U2df9: 0e2d00039df4 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp7, tmp9) 0180a189 SEQW URET0 ------------------------------------------------------------------------------------ U2dfa: 000d00800000 SAVEUIP_REGOVR(0x01, U2dfc, 0x0000) 0180a189 SEQW GOTO U00a1 U2dfc: 000d00800000 SAVEUIP_REGOVR(0x01, U2dfd, 0x0000) 08b2cd00 SEQW GOTO U32cd U2dfd: 192802380035 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U2e02) U2dfe: 106200037cc0 tmp7:= MOVEFROMCREG_DSZ64(tmp3) U2e00: 004400037df5 tmp7:= AND_DSZ64(tmp5, tmp7) U2e01: 004100036df6 tmp6:= OR_DSZ64(tmp6, tmp7) U2e02: 304200000cf6 MOVETOCREG_DSZ64(tmp6, tmp3) U2e04: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U2e05: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01adfa40 SEQW GOTO U2dfa ------------------------------------------------------------------------------------ U2e06: 000800000000 NOP U2e08: 000000000000 NOP 019ea60d SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U2e09: 100a00000240 TESTUSTATE(SYS, 0x2000) 019ea60d ? SEQW URET1 U2e0a: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U2e0c: 006358015200 tmpv1:= READURAM(0x0058, 64) U2e0d: 0e250005555c tmpv1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmpv1, 0x00000c00, mode=0x01) U2e0e: 000701015215 tmpv1:= NOTAND_DSZ32(tmpv1, 0x00000001) U2e10: 002408015215 tmpv1:= SHL_DSZ32(tmpv1, 0x00000008) U2e11: 000700014515 tmpv0:= NOTAND_DSZ32(tmpv1, tmpv0) 01ae158d SEQW URET1 ------------------------------------------------------------------------------------ U2e12: 100a00000240 TESTUSTATE(SYS, 0x2000) 01ae158d ? SEQW GOTO U2e15 U2e14: 004400431c5f tmp1:= AND_DSZ64(0xfffffffffffff000, tmp1) 01ae2214 SEQW SAVEUIP1 U2e15 SEQW GOTO U2e22 U2e15: 00141003323a tmp3:= BT_DSZ32(tmp10, 0x00000010) U2e16: 00320f033233 tmp3:= SELECTCC_DSZ32_CONDB(tmp3, 0x0000000f) U2e18: 000102033cc8 tmp3:= OR_DSZ32(0x00000002, tmp3) U2e19: 000700431c5f tmp1:= NOTAND_DSZ32(0xfffffffffffff000, tmp1) U2e1a: 00240c033233 tmp3:= SHL_DSZ32(tmp3, 0x0000000c) U2e1c: 000100031c73 tmp1:= OR_DSZ32(tmp3, tmp1) U2e1d: 0062fe1fd200 tmp13:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2e1e: 0962fe1c033d MOVETOCREG_BTS_DSZ64(tmp13, 0x00000010, CORE_CR_EFLAGS) U2e20: 00082c030008 LFNCEWAIT-> tmp0:= ZEROEXT_DSZ32(0x0000002c) 024e820d SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U2e21: 100a00000240 TESTUSTATE(SYS, 0x2000) 024e820d ? SEQW URET1 U2e22: 20621117f200 tmp15:= MOVEFROMCREG_DSZ64(0x511) U2e24: 00440043ffdf tmp15:= AND_DSZ64(0xfffffffffffff000, tmp15) U2e25: 20421114023f MOVETOCREG_DSZ64(tmp15, 0x511) U2e26: 20621817f200 tmp15:= MOVEFROMCREG_DSZ64(0x518) U2e28: 00440043ffdf tmp15:= AND_DSZ64(0xfffffffffffff000, tmp15) U2e29: 20421814023f SYNCFULL-> MOVETOCREG_DSZ64(tmp15, 0x518) 08dda8cd SEQW URET1 ------------------------------------------------------------------------------------ U2e2a: 100a00800300 TESTUSTATE(SYS, !0x8000) 08dda8cd ? SEQW GOTO U5da8 U2e2c: 000a00420275 LFNCEWAIT-> rax:= TESTUSTATE(tmp5, UCODE, 0x3000) 02090600 ? SEQW GOTO U0906 U2e2d: 000823172008 tmp2:= ZEROEXT_DSZ32(0x00000523) U2e2e: 006520022235 rdx:= SHR_DSZ64(tmp5, 0x00000020) U2e30: 006312031200 tmp1:= READURAM(0x0012, 64) U2e31: 386b10c80231 SYNCMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000003, uend0) U2e32: 000800000000 NOP U2e34: 000d298c0280 SYNCWAIT-> SAVEUIP_REGOVR(0x01, U2e35, 0x4329) 0a6bfd00 SEQW GOTO U6bfd U2e35: 000800000000 NOP U2e36: 000800000000 NOP U2e38: 000800014861 tmpv0:= ZEROEXT_DSZ32(rcx, rcx) 01b34d10 SEQW SAVEUIP0 U2e39 SEQW GOTO U334d U2e39: 000cd0600240 SAVEUIP(0x00, U38d0) U2e3a: 000c10c80240 SAVEUIP(0x01, uend0) U2e3c: 002100014822 SYNCMARK-> tmpv0:= CONCAT_DSZ32(rdx, rax) 0c334d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U2e3d: 000901170008 tmp0:= MOVE_DSZ32(0x00000501) U2e3e: 00635c03c200 tmp12:= READURAM(0x005c, 64) U2e40: 00250803c23c tmp12:= SHR_DSZ32(tmp12, 0x00000008) U2e41: 1062df0bb240 tmp11:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U2e42: 00040103bec8 tmp11:= AND_DSZ32(0x00000001, tmp11) U2e44: 00040003befc tmp11:= AND_DSZ32(tmp12, tmp11) U2e45: 0151b028027b UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U2ab0) 01c07c40 SEQW GOTO U407c ------------------------------------------------------------------------------------ U2e46: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2e48: 2902fe1c0e7a LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp10, tmp9, CORE_CR_EFLAGS) U2e49: 00084c3b5009 tmp5:= ZEROEXT_DSZ32(0x00002e4c) U2e4a: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 04479880 ? SEQW GOTO U4798 U2e4c: 100ac0000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON | UST_VMX_GUEST) 01dd6000 ? SEQW GOTO U5d60 U2e4d: 000800000000 NOP U2e4e: 000800000000 NOP U2e50: 100a00800240 TESTUSTATE(SYS, !0x2000) 06879d00 ? SEQW GOTO U079d U2e51: 0009593b0009 LFNCEWTMRK-> tmp0:= MOVE_DSZ32(0x00002e59) U2e52: 00a18a030c08 tmp0:= CONCAT_DSZ16(0x0000008a, tmp0) U2e54: 204307080230 WRITEURAM(tmp0, 0x0007, 32) U2e55: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U2e56: 1062df0ba240 tmp10:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U2e58: 386a412807ba LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000038, enter_probe_mode) U2e59: 021e7f000200 SIGEVENT(0x0000007f) U2e5a: 000800000000 NOP U2e5c: 00631f030200 LFNCEWAIT-> tmp0:= READURAM(0x001f, 64) U2e5d: 000102030c08 tmp0:= OR_DSZ32(0x00000002, tmp0) U2e5e: 20431f080230 WRITEURAM(tmp0, 0x001f, 32) U2e60: 000d90800000 SAVEUIP_REGOVR(0x01, U2e61, 0x0090) 0482ca00 SEQW GOTO U02ca U2e61: 0fcf00000008 LFNCEMARK-> unk_fcf(0x00000000) U2e62: 000800000000 NOP U2e64: 000908000000ROVR<-LFNCEWAIT-> MOVE_DSZ32(0x00000000) 022b151c SEQW SAVEUIP1 U2e65 SEQW GOTO lbsync_full U2e65: 090205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U2e66: 00087f031008 tmp1:= ZEROEXT_DSZ32(0x0000007f) U2e68: 00420b000231 MOVETOCREG_DSZ64(tmp1, 0x00b) U2e69: 00421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U2e6a: 0dff02000000 unk_dff(0x00000000) U2e6c: 09623ad80200 MOVETOCREG_BTS_DSZ64(0x00000003, 0x63a) U2e6d: 09023ed80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x63e) 0184fc51 SEQW SAVEUIP0 U2e6e SEQW GOTO U04fc U2e6e: 006370038200 tmp8:= READURAM(0x0070, 64) U2e70: 00562e038238 tmp8:= BTR_DSZ64(tmp8, 0x0000002e) U2e71: 204370040238 LFNCEMARK-> WRITEURAM(tmp8, 0x0170, 64) U2e72: 0008000b2008 tmp2:= ZEROEXT_DSZ32(0x00000200) U2e74: 3042f1080272 MOVETOCREG_DSZ64(tmp2, 0x2f1, 32) U2e75: 000815079010 tmp9:= ZEROEXT_DSZ32(0x00790484) U2e76: 002101039239 tmp9:= CONCAT_DSZ32(tmp9, 0x00000001) U2e78: 000800037008 tmp7:= ZEROEXT_DSZ32(0x00000000) U2e79: 000808038008 tmp8:= ZEROEXT_DSZ32(0x00000008) U2e7a: 00087f03b010 LFNCEWAIT-> tmp11:= ZEROEXT_DSZ32(0x00030101) 03669a80 SEQW GOTO U669a ------------------------------------------------------------------------------------ U2e7c: 125600000000 unk_256(0x00000000) U2e7d: 0007807f323a tmp3:= NOTAND_DSZ32(tmp10, 0x00001f80) U2e7e: 002507033233 tmp3:= SHR_DSZ32(tmp3, 0x00000007) U2e80: 000400033eb3 tmp3:= AND_DSZ32(tmp3, tmp10) U2e81: 01516d7802b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U5e6d) U2e82: 000100030ffa tmp0:= OR_DSZ32(tmp10, tmp15) U2e84: 07070003d030 tmm5:= unk_707(mm0) U2e85: 06910003e03d LFNCEMARK-> tmm6:= unk_691(tmm5) U2e86: 000800000000 NOP U2e88: 000000000000 LFNCEWAIT-> NOP 022e8e48 SEQW URET0 ------------------------------------------------------------------------------------ U2e89: 186a8ab802b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U2e8a) 022e8e48 SEQW GOTO U2e8e ------------------------------------------------------------------------------------ U2e8a: 10810003f021 tmp15:= OR_DSZN(rcx) U2e8c: 01509e18023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U069e) U2e8d: 000df7800000 SAVEUIP_REGOVR(0x01, U2e8e, 0x00f7) 0182ca40 SEQW GOTO U02ca U2e8e: 0062fe1ff200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U2e90: 2962fe1c033f MOVETOCREG_BTS_DSZ64(tmp15, 0x00000010, CORE_CR_EFLAGS) 08841400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U2e91: 01420b000f80 SYNCFULL-> UFLOWCTRL(URET1, tmp14) U2e92: 189f00835144 tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U2e94: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U2e95: 0e6500070035 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, mode=0x01) U2e96: 0c6b37800030 WRSEGFLD(tmp0) U2e98: 0e6508071035 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000008, mode=0x01) U2e99: 0c6b57800031 SYNCFULL-> WRSEGFLD(tmp1) 08a769cd SEQW URET1 ------------------------------------------------------------------------------------ U2e9a: 100a01040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_VMX_OP_DIS) 08a769cd ? SEQW GOTO generate_#UD U2e9c: 000d64800000 SAVEUIP_REGOVR(0x01, U2e9d, 0x0064) 019d0200 SEQW GOTO U1d02 U2e9d: 000800034008 tmp4:= ZEROEXT_DSZ32(0x00000000) U2e9e: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U2ea0: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 05271100 ? SEQW GOTO generate_#GP U2ea1: 186a1d3002b5 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000008, U2c1d) U2ea2: 006370035200 LFNCEMARK-> tmp5:= READURAM(0x0070, 64) U2ea4: 0e2dd8034dc9 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x000001d8, tmp4) U2ea5: 0007004b5d48 tmp5:= NOTAND_DSZ32(0x00001200, tmp5) U2ea6: 0a62c31802b0 LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp0, 0x00000008, 0x6c3) U2ea8: 004370080235 WRITEURAM(tmp5, 0x0070, 32) U2ea9: 1042c4080275 MOVETOCREG_DSZ64(tmp5, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U2eaa: 004314000200 WRITEURAM(0x00000000, 0x0014, 64) U2eac: 0042c0180200 MOVETOCREG_DSZ64(0x00000000, 0x6c0) U2ead: 00431f080200 WRITEURAM(0x00000000, 0x001f, 32) U2eae: 0eff00000000 SYNCFULL-> unk_eff(0x00000000) 09079480 SEQW GOTO clear_aflags_uend0 ------------------------------------------------------------------------------------ U2eb0: 0062f01d4200 tmpv0:= MOVEFROMCREG_DSZ64(0x7f0) U2eb1: 00540d016214 tmpv2:= BT_DSZ64(tmpv0, 0x0000000d) U2eb2: 0053b6380256 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmpv2, U2eb6) U2eb4: 006267014200 tmpv0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U2eb5: 014300300500 AETTRACE(0x0c, tmpv0) U2eb6: 0008020d4009 tmpv0:= ZEROEXT_DSZ32(0x00002302) U2eb8: 000821015008 tmpv1:= ZEROEXT_DSZ32(0x00000021) U2eb9: 017e00015595 tmpv1:= MOVEMERGEFLGS_DSZ64(tmpv1, tmpv2) U2eba: 003725015215 tmpv1:= CMOVCC_DSZ32_CONDNB(tmpv1, 0x00000025) 01e5b996 SEQW SAVEUIP1 U2ebc SEQW GOTO U65b9 U2ebc: 125600000000 MSLOOP-> unk_256(0x00000000) 01bdfa24 SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U2ebd: 00080e133008 tmp3:= ZEROEXT_DSZ32(0x0000040e) U2ebe: 006312034200 tmp4:= READURAM(0x0012, 64) U2ec0: 286b99ac02f4 BTUJNB_DIRECT_NOTTAKEN(tmp4, 0x0000000e, U1b99) U2ec1: 000d349402c0 SAVEUIP_REGOVR(0x01, U2ec2, 0x6534) 01ebfd40 SEQW GOTO U6bfd U2ec2: 004100014020 tmpv0:= OR_DSZ64(rax) U2ec4: 000c99ec0200 SAVEUIP(0x01, U1b99) U2ec5: 000cd0600240 SAVEUIP(0x00, U38d0) 01b34d40 SEQW GOTO U334d ------------------------------------------------------------------------------------ U2ec6: 10c8ff7fc01f tmp12:= ZEROEXT_DSZ8N(0xffffffffffffffff) U2ec8: 096272800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x072) U2ec9: 09a29e5c027f LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp15, 0x00000005, 0x79e) U2eca: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U2ecc: 00652d038230 tmp8:= SHR_DSZ64(tmp0, 0x0000002d) U2ecd: 000403038e08 tmp8:= AND_DSZ32(0x00000003, tmp8) U2ece: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01aad580 ? SEQW GOTO U2ad5 U2ed0: 0b3f04030e00 tmp0:= unk_b3f(tmp8) U2ed1: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01aed440 ? SEQW GOTO U2ed4 U2ed2: 0b3f1c030ec0 tmp0:= unk_b3f(tmp11) U2ed4: 0f60003e4030 LFNCEWAIT-> rsp:= LDPPHYS_DSZ64_ASZ32_SC1(tmp0, mode=0x0f) U2ed5: 00080003100a tmp1:= ZEROEXT_DSZ32(0x00004000) U2ed6: 000800000000 NOP U2ed8: 000800032038 tmp2:= ZEROEXT_DSZ32(tmp8) U2ed9: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01aedc40 ? SEQW GOTO U2edc U2eda: 0044f07e491f rsp:= AND_DSZ64(0xfffffffffffffff0, rsp) U2edc: 0e6b0a280c80 LFNCEMARK-> unk_e6b(tmp2) U2edd: 00423c1c0231 MOVETOCREG_DSZ64(tmp1, 0x73c) 043a1e55 SEQW SAVEUIP1 U2ede SEQW GOTO U3a1e U2ede: 000800000000 NOP U2ee0: 0e68f82b8024 LFNCEWAIT-> STADPPHYS_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff8, mode=0x0a, tmp8) U2ee1: 0e68f02b5024 STADPPHYS_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff0, mode=0x0a, tmp5) U2ee2: 004510024908 rsp:= SUB_DSZ64(0x00000010, rsp) U2ee4: 000a08000200 TESTUSTATE(UCODE, 0x0008) 0c9ce200 ? SEQW GOTO U1ce2 U2ee5: 0c4b800b1000 SYNCMARK-> tmp1:= RDSEGFLD(CS, SEL) U2ee6: 1c38fbab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U2ee8: 1c38f3ab4024 LFNCEWAIT-> STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, tmp4) U2ee9: 000800000000 NOP U2eea: 000800000000 NOP U2eec: 0df300240033 LFNCEMARK-> LEA_DSZ8_ASZ32_SC1(tmp3) U2eed: 125500000cc0 FETCHFROMEIP1_ASZ64(tmp3) U2eee: 100813831008 tmp1:= ZEROEXT_DSZ32N(IMM_MACRO_13) U2ef0: 10c500024931 rsp:= SUB_DSZN(tmp1, rsp) U2ef1: 0c4ba0271000 LFNCEWAIT-> tmp1:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U2ef2: 0c6ba2000031 WRSEGFLD(tmp1, CS, SEL+FLGS+LIM) U2ef4: 0c4b20271000 tmp1:= RDSEGFLD(UNK_SEG_09, BASE) U2ef5: 0c6b22000031 WRSEGFLD(tmp1, CS, BASE) U2ef6: 0c4ba02b1000 tmp1:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U2ef8: 0c6ba3000031 WRSEGFLD(tmp1, SS, SEL+FLGS+LIM) U2ef9: 0c4b202b1000 tmp1:= RDSEGFLD(SS_USERM, BASE) U2efa: 0c6b23000031 WRSEGFLD(tmp1, SS, BASE) U2efc: 105e00000cc0 SYNCWAIT-> MJMPTARGET_INDIRECT_ASZ64(tmp3) 0a2f0070 SEQW UEND0 ------------------------------------------------------------------------------------ U2efd: 100a80831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_GUEST) 0a2f0070 ? SEQW GOTO U2f00 U2efe: 006343031200 tmp1:= READURAM(0x0043, 64) U2f00: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01af0400 ? SEQW GOTO U2f04 U2f01: 00634c032200 tmp2:= READURAM(0x004c, 64) U2f02: 004100031c72 tmp1:= OR_DSZ64(tmp2, tmp1) U2f04: 386a391c06b1 SYNCMARK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000028, U3739) 0c373100 SEQW GOTO U3731 ------------------------------------------------------------------------------------ U2f05: 00082e134008 tmp4:= ZEROEXT_DSZ32(0x0000042e) U2f06: 006312031200 tmp1:= READURAM(0x0012, 64) U2f08: 086b38a502f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000e, U4938) U2f09: 000d41dc0300 SAVEUIP_REGOVR(0x01, U2f0a, 0x9741) 01ebfd40 SEQW GOTO U6bfd U2f0a: 002100014821 tmpv0:= CONCAT_DSZ32(rcx, rax) U2f0c: 000c38a40280 SAVEUIP(0x01, U4938) U2f0d: 000cd0600240 SAVEUIP(0x00, U38d0) 01b34d40 SEQW GOTO U334d ------------------------------------------------------------------------------------ U2f0e: 0e6518030f0b tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000318) U2f10: 000400131c08 tmp1:= AND_DSZ32(0x00000400, tmp0) U2f11: 00240103f23d tmp15:= SHL_DSZ32(tmp13, 0x00000001) U2f12: 2929153d0ff1 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, tmp15, U5f15) U2f14: 00250203e231 tmp14:= SHR_DSZ32(tmp1, 0x00000002) U2f15: 00040007fc08 tmp15:= AND_DSZ32(0x00000100, tmp0) U2f16: 013e0003febf tmp15:= MOVEMERGEFLGS_DSZ32(tmp15, tmp10) U2f18: 00360003ffbf tmp15:= CMOVCC_DSZ32_CONDB(tmp15, tmp14) U2f19: 2929153d0fbf CMPUJNZ_DIRECT_NOTTAKEN(tmp15, tmp14, U5f15) U2f1a: 00634103f200 tmp15:= READURAM(0x0041, 64) U2f1c: 00651703f23f tmp15:= SHR_DSZ64(tmp15, 0x00000017) U2f1d: 00040023f23f tmp15:= AND_DSZ32(tmp15, 0x00000800) U2f1e: 0041fe4bffdf tmp15:= OR_DSZ64(0xfffffffffffff2fe, tmp15) U2f20: 00440003fff0 tmp15:= AND_DSZ64(tmp0, tmp15) U2f21: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U2f22: 0042ff1c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x7ff) U2f24: 100a00000280 TESTUSTATE(SYS, 0x4000) 01af3200 ? SEQW GOTO U2f32 U2f25: 0e6588030f08 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000088) U2f26: 025c00000c00 unk_25c(tmp0) U2f28: 0004fc3f1c08 tmp1:= AND_DSZ32(0x00000ffc, tmp0) U2f29: 0151157c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U5f15) U2f2a: 004400431c1f LFNCEMARK-> tmp1:= AND_DSZ64(0xfffffffffffff000, tmp0) U2f2c: 00241e030230 tmp0:= SHL_DSZ32(tmp0, 0x0000001e) U2f2d: 0062011f2200 tmp2:= MOVEFROMCREG_DSZ64(0x701) U2f2e: 0047100b2c90 tmp2:= NOTAND_DSZ64(0xc0000000, tmp2) U2f30: 0c6b30000031 LFNCEWAIT-> WRSEGFLD(tmp1) U2f31: 0902011c0c32 MOVETOCREG_OR_DSZ64(tmp2, tmp0, 0x701) U2f32: 200a00200200 TESTUSTATE(VMX, 0x0800) 022f3880 ? SEQW GOTO U2f38 U2f34: 0e6510030f0b tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000310) U2f35: 004277140230 MOVETOCREG_DSZ64(tmp0, 0x577) U2f36: 000db0800000 SAVEUIP_REGOVR(0x01, U2f38, 0x00b0) 01d94580 SEQW GOTO U5945 U2f38: 200a00100200 TESTUSTATE(VMX, 0x0400) 01af4200 ? SEQW GOTO U2f42 U2f39: 000807031008 tmp1:= ZEROEXT_DSZ32(0x00000007) U2f3a: 00210f031231 tmp1:= CONCAT_DSZ32(tmp1, 0x0000000f) U2f3c: 0e6520030f0b tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000320) U2f3d: 004700031c31 tmp1:= NOTAND_DSZ64(tmp1, tmp0) U2f3e: 0151157c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U5f15) U2f40: 000a00080200 TESTUSTATE(UCODE, 0x0200) 01af4200 ? SEQW GOTO U2f42 U2f41: 30420f080270 MOVETOCREG_DSZ64(tmp0, 0x20f, 32) U2f42: 006310037200 tmp7:= READURAM(0x0010, 64) U2f44: 0088e6077dc8 tmp7:= ZEROEXT_DSZ16(0x000001e6, tmp7) U2f45: 200a08800200 TESTUSTATE(VMX, !0x0008) 019ccd40 ? SEQW GOTO U1ccd U2f46: 00471f030d48 tmp0:= NOTAND_DSZ64(0x0000001f, tmp5) U2f48: 200a00079200 tmp9:= TESTUSTATE(VMX, 0x0100) 01af4a00 ? SEQW GOTO U2f4a U2f49: 0040280f0f08 tmp0:= ADD_DSZ64(0x00000328, tmp12) U2f4a: 00480003103c tmp1:= ZEROEXT_DSZ64(tmp12) U2f4c: 004840172008 tmp2:= ZEROEXT_DSZ64(0x00000540) U2f4d: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U2f4e: 0f6500038e70 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp0, tmp9) U2f50: 004800030e30 tmp0:= ZEROEXT_DSZ64(tmp0, tmp8) 019cc100 SEQW GOTO U1cc1 ------------------------------------------------------------------------------------ U2f51: 0008ff7f001f tmp0:= ZEROEXT_DSZ32(0xffffffffffffffff) U2f52: 2d0fd043000a PORTOUT_DSZ32_ASZ16_SC1(0x000050d0, tmp0) U2f54: 00151e030200 tmp0:= BTS_DSZ32(0x00000000, 0x0000001e) U2f55: 2d0fc843000a PORTOUT_DSZ32_ASZ16_SC1(0x000050c8, tmp0) U2f56: 2e7d4078000d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be40, 0x00000000) U2f58: 2e7d8078000d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be80, 0x00000000) U2f59: 2e7d0078000d LFNCEMARK-> STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be00, 0x00000000) 04a1fe40 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U2f5a: 00084a030010 tmp0:= ZEROEXT_DSZ32(0x00010006) U2f5c: 000813034008 tmp4:= ZEROEXT_DSZ32(0x00000013) U2f5d: 000d94800000 SAVEUIP_REGOVR(0x01, U2f5e, 0x0094) 051d0240 SEQW GOTO U1d02 U2f5e: 00081003a008 LFNCEMARK-> tmp10:= ZEROEXT_DSZ32(0x00000010) U2f60: 0e654003df08 LFNCEWAIT-> tmp13:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000040) U2f61: 00631003e200 tmp14:= READURAM(0x0010, 64) U2f62: 00440003ff7e tmp15:= AND_DSZ64(tmp14, tmp13) U2f64: 01517844027f LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3178) U2f65: 000800000000 NOP U2f66: 000800000000 NOP U2f68: 0e250003ff48 LFNCEWAIT-> tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13) U2f69: 39297844033f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000011, U3178) U2f6a: 006349034200 tmp4:= READURAM(0x0049, 64) U2f6c: 004500034f74 tmp4:= SUB_DSZ64(tmp4, tmp13) U2f6d: 0e25b4033f49 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001b4) U2f6e: 00151f033233 tmp3:= BTS_DSZ32(tmp3, 0x0000001f) U2f70: 0e25cc030f4a tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000002cc) U2f71: 003300030c33 tmp0:= SELECTCC_DSZ32_CONDNB(tmp3, tmp0) U2f72: 002100030cf0 tmp0:= CONCAT_DSZ32(tmp0, tmp3) U2f74: 017000030c34 tmp0:= SELECTCC_DSZ64_CONDZ(tmp4, tmp0) U2f75: 000700632c88 tmp2:= NOTAND_DSZ32(0x00001800, tmp2) U2f76: 000800032032 tmp2:= ZEROEXT_DSZ32(tmp2) U2f78: 005415030230 tmp0:= BT_DSZ64(tmp0, 0x00000015) U2f79: 003300233230 tmp3:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000800) U2f7a: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U2f7c: 005421030230 tmp0:= BT_DSZ64(tmp0, 0x00000021) U2f7d: 003300433230 tmp3:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00001000) U2f7e: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U2f80: 005429030230 tmp0:= BT_DSZ64(tmp0, 0x00000029) U2f81: 0033000b3230 tmp3:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000200) U2f82: 005424030230 tmp0:= BT_DSZ64(tmp0, 0x00000024) U2f84: 00331003f230 tmp15:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000010) U2f85: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U2f86: 0e25ac03bf49 tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001ac) U2f88: 01700003bef4 tmp11:= SELECTCC_DSZ64_CONDZ(tmp4, tmp11) U2f89: 00044003fec8 tmp15:= AND_DSZ32(0x00000040, tmp11) U2f8a: 01300403f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000004) U2f8c: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U2f8d: 002100032cb3 tmp2:= CONCAT_DSZ32(tmp3, tmp2) U2f8e: 01f80003f034 tmp15:= SETCC_CONDZ(tmp4) U2f90: 00241f03f23f tmp15:= SHL_DSZ32(tmp15, 0x0000001f) U2f91: 0902c0180ff2 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp2, tmp15, 0x6c0) U2f92: 0e25bc037f09 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001bc) U2f94: 0e25bc03ff49 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001bc) U2f95: 002100037dff tmp7:= CONCAT_DSZ32(tmp15, tmp7) U2f96: 0e25d803ff49 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001d8) U2f98: 00081103a008 tmp10:= ZEROEXT_DSZ32(0x00000011) U2f99: 39297844023f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000001, U3178) U2f9a: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01d36c80 ? SEQW GOTO U536c U2f9c: 00081203a008 tmp10:= ZEROEXT_DSZ32(0x00000012) U2f9d: 386a78c402b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000b, U3178) 01d36c40 SEQW GOTO U536c ------------------------------------------------------------------------------------ U2f9e: 0008301b1008 tmp1:= ZEROEXT_DSZ32(0x00000630) U2fa0: 00000003b000 tmp11:= ADD_DSZ32(0x00000000) U2fa1: 00040f036c88 tmp6:= AND_DSZ32(0x0000000f, tmp2) U2fa2: 000001038c48 tmp8:= ADD_DSZ32(0x00000001, tmp1) U2fa4: 00240403723b tmp7:= SHL_DSZ32(tmp11, 0x00000004) U2fa5: 000100037df6 tmp7:= OR_DSZ32(tmp6, tmp7) U2fa6: 000100037df0 tmp7:= OR_DSZ32(tmp0, tmp7) U2fa8: 204200000e37 MOVETOCREG_DSZ64(tmp7, tmp8) U2fa9: 002510038232 tmp8:= SHR_DSZ32(tmp2, 0x00000010) U2faa: 0004ff3f8e08 tmp8:= AND_DSZ32(0x00000fff, tmp8) U2fac: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U2fad: 000800037038 tmp7:= ZEROEXT_DSZ32(tmp8) 01d49d51 SEQW SAVEUIP0 U2fae SEQW GOTO U549d U2fae: 000100039cf7 tmp9:= OR_DSZ32(tmp7, tmp3) U2fb0: 204200000c79 MOVETOCREG_DSZ64(tmp9, tmp1) U2fb1: 000501037dc8 tmp7:= SUB_DSZ32(0x00000001, tmp7) U2fb2: 0250b43c0277 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp7, U2fb4) 01afae80 SEQW GOTO U2fae ------------------------------------------------------------------------------------ U2fb4: 000501039008 tmp9:= SUB_DSZ32(0x00000001) U2fb5: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) 01d49d51 SEQW SAVEUIP0 U2fb6 SEQW GOTO U549d U2fb6: 006332039200 tmp9:= READURAM(0x0032, 64) U2fb8: 017e00039ef9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp11) U2fb9: 00634003a200 tmp10:= READURAM(0x0040, 64) U2fba: 017400039eb9 tmp9:= CMOVCC_DSZ64_CONDZ(tmp9, tmp10) U2fbc: 00435a000239 WRITEURAM(tmp9, 0x005a, 64) U2fbd: 00652003a232 tmp10:= SHR_DSZ64(tmp2, 0x00000020) U2fbe: 00400003ae80 tmp10:= ADD_DSZ64(0x00000000, tmp10) 01dbb592 SEQW SAVEUIP0 U2fc0 SEQW GOTO U5bb5 U2fc0: 000001037dc8 tmp7:= ADD_DSZ32(0x00000001, tmp7) U2fc1: 000500039e37 tmp9:= SUB_DSZ32(tmp7, tmp8) U2fc2: 0250c43c0279 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp9, U2fc4) 01afbd80 SEQW GOTO U2fbd ------------------------------------------------------------------------------------ U2fc4: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U2fc5: 000800037038 tmp7:= ZEROEXT_DSZ32(tmp8) 01d49d51 SEQW SAVEUIP0 U2fc6 SEQW GOTO U549d U2fc6: 006330039200 tmp9:= READURAM(0x0030, 64) U2fc8: 017e00039ef9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp11) U2fc9: 00633103a200 tmp10:= READURAM(0x0031, 64) U2fca: 017400039eb9 tmp9:= CMOVCC_DSZ64_CONDZ(tmp9, tmp10) U2fcc: 00435a000239 WRITEURAM(tmp9, 0x005a, 64) U2fcd: 00050003aec0 tmp10:= SUB_DSZ32(0x00000000, tmp11) U2fce: 017e0003aeb4 tmp10:= MOVEMERGEFLGS_DSZ64(tmp4, tmp10) U2fd0: 01740003ad7a tmp10:= CMOVCC_DSZ64_CONDZ(tmp10, tmp5) U2fd1: 00400003ae80 tmp10:= ADD_DSZ64(0x00000000, tmp10) 01dbb551 SEQW SAVEUIP0 U2fd2 SEQW GOTO U5bb5 U2fd2: 000501037dc8 tmp7:= SUB_DSZ32(0x00000001, tmp7) U2fd4: 000500039dc0 tmp9:= SUB_DSZ32(0x00000000, tmp7) U2fd5: 0250d63c0279 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp9, U2fd6) 01afcd40 SEQW GOTO U2fcd ------------------------------------------------------------------------------------ U2fd6: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) U2fd8: 006332039200 tmp9:= READURAM(0x0032, 64) U2fd9: 017e00039ef9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp11) U2fda: 00634003a200 tmp10:= READURAM(0x0040, 64) U2fdc: 017400039eb9 tmp9:= CMOVCC_DSZ64_CONDZ(tmp9, tmp10) U2fdd: 00435a000239 WRITEURAM(tmp9, 0x005a, 64) U2fde: 00652003a232 tmp10:= SHR_DSZ64(tmp2, 0x00000020) U2fe0: 00400003ae80 tmp10:= ADD_DSZ64(0x00000000, tmp10) 01dbb510 SEQW SAVEUIP0 U2fe1 SEQW GOTO U5bb5 U2fe1: 000001037dc8 tmp7:= ADD_DSZ32(0x00000001, tmp7) U2fe2: 000500039e37 tmp9:= SUB_DSZ32(tmp7, tmp8) U2fe4: 0250e53c0279 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp9, U2fe5) 01afde00 SEQW GOTO U2fde ------------------------------------------------------------------------------------ U2fe5: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U2fe6: 000800000000 NOP U2fe8: 0250e93c0276 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, U2fe9) 01afa200 SEQW GOTO U2fa2 ------------------------------------------------------------------------------------ U2fe9: 00000103bec8 tmp11:= ADD_DSZ32(0x00000001, tmp11) U2fea: 00e504037232 tmp7:= SHR_DSZ8(tmp2, 0x00000004) U2fec: 00040f037dc8 tmp7:= AND_DSZ32(0x0000000f, tmp7) U2fed: 1928ee3c0dfb CMPUJZ_DIRECT_NOTTAKEN(tmp11, tmp7, U2fee) 092fa140 SEQW GOTO U2fa1 ------------------------------------------------------------------------------------ U2fee: 015d00000fc0 SYNCFULL-> UJMP(tmp15) ------------------------------------------------------------------------------------ U2ff0: 00880003a03c tmp10:= ZEROEXT_DSZ16(tmp12) U2ff1: 021e0f000200 SYNCWAIT-> SIGEVENT(0x0000000f) U2ff2: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U2ff4: 0cf72060803b tmp0:= unk_cf7(tmp11) U2ff5: 04b41183b208 tmm3:= FMOV(0x00000011) U2ff6: 0cf73060803b LFNCEMARK-> tmp0:= unk_cf7(tmp11) U2ff8: 04b41183b208 tmm3:= FMOV(0x00000011) U2ff9: 10802003b23b tmp11:= ADD_DSZN(tmp11, 0x00000020) U2ffa: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01aff480 SEQW GOTO U2ff4 ------------------------------------------------------------------------------------ U2ffc: 021e03000200 SIGEVENT(0x00000003) U2ffd: 00428c10023a LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp10, 0x48c) U2ffe: 10858003bec8 tmp11:= SUB_DSZN(0x00000080, tmp11) 068000ce SEQW URET1 ------------------------------------------------------------------------------------ U3000: 006200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) U3001: 100800035035 tmp5:= ZEROEXT_DSZ32N(tmp5) 01ae2a4e SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3002: 00411003ae88 tmp10:= OR_DSZ64(0x00000010, tmp10) 01ae2a4e SEQW URET1 ------------------------------------------------------------------------------------ U3004: 006300035e80 tmp5:= READURAM(tmp10) U3005: 100800035035 tmp5:= ZEROEXT_DSZ32N(tmp5) 01ae2a4a SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3006: 10c800024d64 rsp:= ZEROEXT_DSZ8N(rsp, tmp5) 01ae2a4a SEQW URET0 ------------------------------------------------------------------------------------ U3008: 10080003503c tmp5:= ZEROEXT_DSZ32N(tmp12) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3009: 000000000000 NOP U300a: 000000000000 NOP U300c: 306200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) U300d: 000401031e08 tmp1:= AND_DSZ32(0x00000001, tmp8) U300e: 006520032235 tmp2:= SHR_DSZ64(tmp5, 0x00000020) 01c4b180 SEQW GOTO U44b1 ------------------------------------------------------------------------------------ U3010: 002401031231 tmp1:= SHL_DSZ32(tmp1, 0x00000001) 01b05600 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U3011: 000000000000 NOP U3012: 000000000000 NOP U3014: 2f7500035c80 tmp5:= unk_f75(tmp2) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3015: 000000000000 NOP U3016: 000000000000 NOP U3018: 000a00880200 TESTUSTATE(UCODE, !0x0200) 01ae2a0a ? SEQW GOTO U2e2a U3019: 00553f031200 tmp1:= BTS_DSZ64(0x00000000, 0x0000003f) U301a: 004400035d71 tmp5:= AND_DSZ64(tmp1, tmp5) 01ae2a0a SEQW URET0 ------------------------------------------------------------------------------------ U301c: 106200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U301d: 000000000000 NOP U301e: 000000000000 NOP U3020: 0c4b20335000 tmp5:= RDSEGFLD(FS, BASE) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3021: 000000000000 NOP U3022: 000000000000 NOP U3024: 0c4b20375000 tmp5:= RDSEGFLD(GS, BASE) 072e2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3025: 0e6500075cb1 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, tmp2, mode=0x01) U3026: 0150a87402b8 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U5da8) U3028: 025600000000 LFNCEWAIT-> unk_256(0x00000000) 022e2c00 SEQW GOTO U2e2c ------------------------------------------------------------------------------------ U3029: 000000000000 NOP U302a: 000000000000 NOP U302c: 1062d40b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2d4, 32) U302d: 00070a031231 tmp1:= NOTAND_DSZ32(tmp1, 0x0000000a) U302e: 017100035d71 tmp5:= SELECTCC_DSZ64_CONDNZ(tmp1, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3030: 10080003c03c tmp12:= ZEROEXT_DSZ32N(tmp12) U3031: 000147031e10 tmp1:= OR_DSZ32(0x00010000, tmp8) U3032: 022800031c40 tmp1:= MSR2CR(tmp1) 01c4b980 SEQW GOTO U44b9 ------------------------------------------------------------------------------------ U3034: 100400035d7c tmp5:= AND_DSZN(tmp12, tmp5) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3035: 0e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U3036: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U3038: 0e750003403c tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U3039: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U303a: 0e750003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U303c: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U303d: 0e750003803c tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U303e: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U3040: 100a00035300 tmp5:= TESTUSTATE(SYS, 0x8000) 018cb200 ? SEQW GOTO U0cb2 U3041: 00633b014200 tmpv0:= READURAM(0x003b, 64) U3042: 004000015554 tmpv1:= ADD_DSZ64(tmpv0, tmpv1) U3044: 1062d7094240 LFNCEWTMRK-> tmpv0:= MOVEFROMCREG_DSZ64(0x2d7, 32) U3045: 00653703d214 tmp13:= SHR_DSZ64(tmpv0, 0x00000037) U3046: 00400001557d tmpv1:= ADD_DSZ64(tmp13, tmpv1) 06286180 SEQW GOTO U2861 ------------------------------------------------------------------------------------ U3048: 00430f08023b LFNCEWTMRK-> WRITEURAM(tmp11, 0x000f, 32) U3049: 0007b9030ed0 tmp0:= NOTAND_DSZ32(0x000f0000, tmp11) 0621a155 SEQW SAVEUIP1 U304a SEQW GOTO U21a1 U304a: 000800000000 NOP U304c: 000a00c00240 TESTUSTATE(UCODE, !0x3000) 01b08c00 ? SEQW GOTO U308c U304d: 000800000000 NOP uret0: U304e: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U3050: 006520035235 tmp5:= SHR_DSZ64(tmp5, 0x00000020) U3051: 00040f035d48 tmp5:= AND_DSZ32(0x0000000f, tmp5) U3052: 00a100035d75 tmp5:= CONCAT_DSZ16(tmp5, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3054: 2dcb09031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00000009) U3055: 0004000b5d48 tmp5:= AND_DSZ32(0x00000200, tmp5) U3056: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3058: 00040f03a808 tmp10:= AND_DSZ32(0x0000000f, rax) U3059: 000060035e88 tmp5:= ADD_DSZ32(0x00000060, tmp10) U305a: 006300035d40 tmp5:= READURAM(tmp5) 01900d80 SEQW GOTO U100d ------------------------------------------------------------------------------------ U305c: 002100035d71 tmp5:= CONCAT_DSZ32(tmp1, tmp5) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U305d: 000000000000 NOP U305e: 000000000000 NOP U3060: 3042c0080260 MOVETOCREG_DSZ64(rax, 0x2c0, 32) U3061: 3042c1080262 MOVETOCREG_DSZ64(rdx, 0x2c1, 32) U3062: 076c00035008 tmp5:= PINTMOVDTMM2I_DSZ64(0x00000000) 01bb2180 SEQW GOTO U3b21 ------------------------------------------------------------------------------------ U3064: 000c35e40240 SAVEUIP(0x01, U3935) U3065: 00050f035808 tmp5:= SUB_DSZ32(0x0000000f, rax) U3066: 0353111c0275 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp5, generate_#GP) 01829a80 SEQW GOTO U029a ------------------------------------------------------------------------------------ U3068: 014a0003a020 LFNCEMARK-> tmp10:= unk_14a(rax) U3069: 3042c008027a MOVETOCREG_DSZ64(tmp10, 0x2c0, 32) U306a: 014a0003a030 tmp10:= unk_14a(tmp0) 04575180 SEQW GOTO U5751 ------------------------------------------------------------------------------------ U306c: 076f0003a020 LFNCEMARK-> tmm2:= unk_76f(xmm0) U306d: 3042c008027a MOVETOCREG_DSZ64(tmp10, 0x2c0, 32) U306e: 04ef03038800 tmm0:= MOVHLPS(xmm0) 0402a280 SEQW GOTO U02a2 ------------------------------------------------------------------------------------ U3070: 006530033235 tmp3:= SHR_DSZ64(tmp5, 0x00000030) U3071: 00040f033cc8 tmp3:= AND_DSZ32(0x0000000f, tmp3) U3072: 006410031235 tmp1:= SHL_DSZ64(tmp5, 0x00000010) 01dbf180 SEQW GOTO U5bf1 ------------------------------------------------------------------------------------ U3074: 0062f11f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7f1) U3075: 10620e0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x20e, 32) U3076: 000400031c31 tmp1:= AND_DSZ32(tmp1, tmp0) U3078: 10620f0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x20f, 32) U3079: 000400031c31 tmp1:= AND_DSZ32(tmp1, tmp0) U307a: 1062961f0240 tmp0:= MOVEFROMCREG_DSZ64(0x796, 32) U307c: 006516030230 tmp0:= SHR_DSZ64(tmp0, 0x00000016) U307d: 000400031c31 tmp1:= AND_DSZ32(tmp1, tmp0) U307e: 104210080271 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x210, 32) U3080: 29020b000300 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(0x00000010, 0x00b) U3081: 01500e1c02f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U670e) U3082: 000020039008 tmp9:= ADD_DSZ32(0x00000020) U3084: 0008c8031008 tmp1:= ZEROEXT_DSZ32(0x000000c8) U3085: 0008ec172008 tmp2:= ZEROEXT_DSZ32(0x000005ec) U3086: 000cd9bbe208 tmp14:= SAVEUIP(0x01, U0ed9) 01e58680 SEQW GOTO U6586 ------------------------------------------------------------------------------------ U3088: 006517035235 tmp5:= SHR_DSZ64(tmp5, 0x00000017) U3089: 000400435d48 tmp5:= AND_DSZ32(0x00001000, tmp5) U308a: 00010a375d48 tmp5:= OR_DSZ32(0x00000d0a, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U308c: 000804131008 tmp1:= ZEROEXT_DSZ32(0x00000404) U308d: 006312030200 tmp0:= READURAM(0x0012, 64) U308e: 000d10880280 SAVEUIP_REGOVR(0x01, U3090, 0x4210) U3090: 01080003e010 tmp14:= READUIP_REGOVR(0x00) U3091: 386b4e000270 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000004, uret0) 08ebfd55 SEQW SAVEUIP1 U3092 SEQW GOTO U6bfd U3092: 000800000000 NOP U3094: 01420b000f80 SYNCFULL-> UFLOWCTRL(URET1, tmp14) U3095: 00630f014200 tmpv0:= READURAM(0x000f, 64) U3096: 000cd0600240 SAVEUIP(0x00, U38d0) 08334d80 SEQW GOTO U334d ------------------------------------------------------------------------------------ U3098: 005428035233 tmp5:= BT_DSZ64(tmp3, 0x00000028) U3099: 007201035235 tmp5:= SELECTCC_DSZ64_CONDB(tmp5, 0x00000001) U309a: 00643a035235 tmp5:= SHL_DSZ64(tmp5, 0x0000003a) 0188ee80 SEQW GOTO U08ee ------------------------------------------------------------------------------------ U309c: 00080303c008 tmp12:= ZEROEXT_DSZ32(0x00000003) 01b23400 SEQW GOTO U3234 ------------------------------------------------------------------------------------ U309d: 000000000000 NOP U309e: 000000000000 NOP U30a0: 000403035d48 tmp5:= AND_DSZ32(0x00000003, tmp5) U30a1: 002406035235 tmp5:= SHL_DSZ32(tmp5, 0x00000006) U30a2: 2e7500735d4d tmp5:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp5, 0x0000bc00) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U30a4: 000400735d4b tmp5:= AND_DSZ32(0x00007c00, tmp5) U30a5: 00250a035235 tmp5:= SHR_DSZ32(tmp5, 0x0000000a) U30a6: 2dcb08031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00000008) 01847c80 SEQW GOTO U047c ------------------------------------------------------------------------------------ U30a8: 0004ff031d48 tmp1:= AND_DSZ32(0x000000ff, tmp5) U30a9: 00240c031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000c) U30aa: 011600031c40 tmp1:= unk_116(tmp1) 01811180 SEQW GOTO U0111 ------------------------------------------------------------------------------------ U30ac: 2d0bc0031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000000c0) U30ad: 000401032c48 tmp2:= AND_DSZ32(0x00000001, tmp1) U30ae: 002510031231 tmp1:= SHR_DSZ32(tmp1, 0x00000010) 01820280 SEQW GOTO U0202 ------------------------------------------------------------------------------------ U30b0: 004728075d50 tmp5:= NOTAND_DSZ64(0x00811088, tmp5) U30b1: 005626035235 tmp5:= BTR_DSZ64(tmp5, 0x00000026) U30b2: 1062e60b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2e6, 32) 01dc0980 SEQW GOTO U5c09 ------------------------------------------------------------------------------------ U30b4: 000401035d48 tmp5:= AND_DSZ32(0x00000001, tmp5) U30b5: 002402035235 tmp5:= SHL_DSZ32(tmp5, 0x00000002) U30b6: 1062df0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x3df, 32) 01a88980 SEQW GOTO U2889 ------------------------------------------------------------------------------------ U30b8: 2822c5180279 MOVETOCREG_AND_DSZ64(tmp9, 0x00000004, 0x6c5) 01a53100 SEQW GOTO U2531 ------------------------------------------------------------------------------------ U30b9: 000000000000 NOP U30ba: 000000000000 NOP U30bc: 2d0bf01f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000047f0) U30bd: 186b111c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000010, generate_#GP) 01b03040 SEQW GOTO U3030 ------------------------------------------------------------------------------------ U30be: 000000000000 NOP U30c0: 000000000000 NOP U30c1: 000000000000 NOP 01a71140 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U30c2: 000000000000 NOP U30c4: 00012003ad48 tmp10:= OR_DSZ32(0x00000020, tmp5) U30c5: 006200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) 01b07040 SEQW GOTO U3070 ------------------------------------------------------------------------------------ U30c6: 000000000000 NOP U30c8: 00014003ad48 tmp10:= OR_DSZ32(0x00000040, tmp5) 01b00000 SEQW GOTO U3000 ------------------------------------------------------------------------------------ U30c9: 000000000000 NOP U30ca: 000000000000 NOP U30cc: 1062850b1240 tmp1:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U30cd: 186a119c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 01ae2a40 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U30ce: 000000000000 NOP U30d0: 000700131233 tmp1:= NOTAND_DSZ32(tmp3, 0x00000400) U30d1: 002506031231 tmp1:= SHR_DSZ32(tmp1, 0x00000006) U30d2: 000164035c48 tmp5:= OR_DSZ32(0x00000064, tmp1) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U30d4: 00081e030008 tmp0:= ZEROEXT_DSZ32(0x0000001e) U30d5: 00080003103b tmp1:= ZEROEXT_DSZ32(tmp11) U30d6: 00140403b23b tmp11:= BT_DSZ32(tmp11, 0x00000004) U30d8: 00330013f23b tmp15:= SELECTCC_DSZ32_CONDNB(tmp11, 0x00000400) U30d9: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U30da: 015d00000d00 UJMP(tmp4) ------------------------------------------------------------------------------------ U30dc: 002402035235 tmp5:= SHL_DSZ32(tmp5, 0x00000002) U30dd: 2d8bc0032008 tmp2:= PORTIN_DSZ16_ASZ16_SC1(0x000000c0) U30de: 000400631c8b tmp1:= AND_DSZ32(0x00007800, tmp2) 01ac8980 SEQW GOTO U2c89 ------------------------------------------------------------------------------------ U30e0: 02338003223e tmp2:= SELECTCC_DSZ32_CONDNP(tmp14, 0x00000080) U30e1: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U30e2: 002100035f3a tmp5:= CONCAT_DSZ32(tmp10, tmp12) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U30e4: 02312507243e tmp2:= SELECTCC_DSZ32_CONDNS(tmp14, 0x00800000) U30e5: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U30e6: 00333d072431 tmp2:= SELECTCC_DSZ32_CONDNB(tmp1, 0x01000000) 01b0e180 SEQW GOTO U30e1 ------------------------------------------------------------------------------------ U30e8: 02314703243e tmp2:= SELECTCC_DSZ32_CONDNS(tmp14, 0x00010000) U30e9: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U30ea: 003374032431 tmp2:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00020000) 01b0e180 SEQW GOTO U30e1 ------------------------------------------------------------------------------------ U30ec: 0033000322b1 tmp2:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00004000) U30ed: 00070003cf32 tmp12:= NOTAND_DSZ32(tmp2, tmp12) 01b0e240 SEQW GOTO U30e2 ------------------------------------------------------------------------------------ U30ee: 000000000000 NOP U30f0: 005429032233 tmp2:= BT_DSZ64(tmp3, 0x00000029) U30f1: 0033e1032432 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00200000) U30f2: 00010003cf32 tmp12:= OR_DSZ32(tmp2, tmp12) 01a88180 SEQW GOTO U2881 ------------------------------------------------------------------------------------ U30f4: 005437032233 tmp2:= BT_DSZ64(tmp3, 0x00000037) U30f5: 00325c032432 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00010800) U30f6: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) 01e23280 SEQW GOTO U6232 ------------------------------------------------------------------------------------ U30f8: 005410032233 tmp2:= BT_DSZ64(tmp3, 0x00000010) U30f9: 0033e1032432 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00200000) U30fa: 00070003cf32 tmp12:= NOTAND_DSZ32(tmp2, tmp12) 01c4d180 SEQW GOTO U44d1 ------------------------------------------------------------------------------------ U30fc: 00320103c23e tmp12:= SELECTCC_DSZ32_CONDB(tmp14, 0x00000001) 01b0e200 SEQW GOTO U30e2 ------------------------------------------------------------------------------------ U30fd: 2e758067600d tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b980) U30fe: 2e75c067700d tmp7:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b9c0) U3100: 2e75006b800d tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000ba00) U3101: 2e75406b900d tmp9:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000ba40) U3102: 2e75806ba00d tmp10:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000ba80) U3104: 2e75c06bb00d tmp11:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bac0) U3105: 2e75006fc00d tmp12:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bb00) U3106: 2e75406fd00d tmp13:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bb40) U3108: 2e75806fe00d tmp14:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bb80) U3109: 2e75c06ff00d tmp15:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bbc0) U310a: 000cfe040248 LFNCEMARK-> SAVEUIP(0x00, U21fe) U310c: 000cfe840248 SAVEUIP(0x01, U21fe) U310d: 000800000000 NOP U310e: 015d00000800 LFNCEWAIT-> UJMP(rax) ------------------------------------------------------------------------------------ U3110: 000401035d48 tmp5:= AND_DSZ32(0x00000001, tmp5) U3111: 1062080b1240 tmp1:= MOVEFROMCREG_DSZ64(0x208, 32) U3112: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) 01b01080 SEQW GOTO U3010 ------------------------------------------------------------------------------------ U3114: 0dcf00030031 PORTOUT_DSZ8_ASZ16_SC1(tmp1, tmp0) U3115: 00250803a230 tmp10:= SHR_DSZ32(tmp0, 0x00000008) U3116: 0dcf0103a031 PORTOUT_DSZ8_ASZ16_SC1(tmp1, tmp10) 01dac580 SEQW GOTO U5ac5 ------------------------------------------------------------------------------------ U3118: 0d9f00030031 tmp0:= unk_d9f(tmp1) U3119: 00251803a230 tmp10:= SHR_DSZ32(tmp0, 0x00000018) U311a: 0dcf0303a031 PORTOUT_DSZ8_ASZ16_SC1(tmp1, tmp10) 01dac580 SEQW GOTO U5ac5 ------------------------------------------------------------------------------------ U311c: 0d8f00030031 PORTOUT_DSZ16_ASZ16_SC1(tmp1, tmp0) U311d: 00251003a230 tmp10:= SHR_DSZ32(tmp0, 0x00000010) U311e: 0d8f0203a031 PORTOUT_DSZ16_ASZ16_SC1(tmp1, tmp10) 01dac580 SEQW GOTO U5ac5 ------------------------------------------------------------------------------------ U3120: 0dcf00030031 PORTOUT_DSZ8_ASZ16_SC1(tmp1, tmp0) U3121: 00250803a230 tmp10:= SHR_DSZ32(tmp0, 0x00000008) U3122: 0d9f0103a031 tmp10:= unk_d9f(tmp1) 01dac580 SEQW GOTO U5ac5 ------------------------------------------------------------------------------------ U3124: 1062d30b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2d3, 32) U3125: 386a24c40271 SYNCMARK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000007, U3124) 0cb00c40 SEQW GOTO U300c ------------------------------------------------------------------------------------ U3126: 2d0fb4000008 PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, 0x00000000) U3128: 086a410003f8 BTUJB_DIRECT_NOTTAKEN(tmp8, 0x0000001c, U0041) 01f76200 SEQW GOTO U7762 ------------------------------------------------------------------------------------ U3129: 000000000000 NOP U312a: 000000000000 NOP U312c: 3902d5080600 MOVETOCREG_OR_DSZ64(0x00000020, 0x2d5) U312d: 3062d40b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2d4, 32) U312e: 386a2d040271 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000004, U312d) 09301c80 SEQW GOTO U301c ------------------------------------------------------------------------------------ U3130: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U3131: 006270033200 tmp3:= MOVEFROMCREG_DSZ64(0x070) U3132: 186a855002b3 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000009, U2485) U3134: 00631f032200 tmp2:= READURAM(0x001f, 64) U3135: 005609032232 tmp2:= BTR_DSZ64(tmp2, 0x00000009) U3136: 0033000b8232 tmp8:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000200) U3138: 004207000238 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp8, 0x007) U3139: 00431f080232 WRITEURAM(tmp2, 0x001f, 32) U313a: 386b3cc40273 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000007, U313c) 02263980 SEQW GOTO U2639 ------------------------------------------------------------------------------------ U313c: 000801032008 tmp2:= ZEROEXT_DSZ32(0x00000001) U313d: 286a962002b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000008, U1896) U313e: 000c18d7e248 tmp14:= SAVEUIP(0x01, U3518) 01dcb980 SEQW GOTO U5cb9 ------------------------------------------------------------------------------------ U3140: 006519031235 tmp1:= SHR_DSZ64(tmp5, 0x00000019) U3141: 000480071c48 tmp1:= AND_DSZ32(0x00000180, tmp1) U3142: 000400072c48 tmp2:= AND_DSZ32(0x00000100, tmp1) 01dc2980 SEQW GOTO U5c29 ------------------------------------------------------------------------------------ U3144: 000404035d4a tmp5:= AND_DSZ32(0x00004004, tmp5) U3145: 00250a031235 tmp1:= SHR_DSZ32(tmp5, 0x0000000a) U3146: 002502035235 tmp5:= SHR_DSZ32(tmp5, 0x00000002) 01822280 SEQW GOTO U0222 ------------------------------------------------------------------------------------ U3148: 000d00000000 SAVEUIP_REGOVR(0x00, U3149, 0x0000) 055b8600 SEQW GOTO U5b86 U3149: 0e75a0031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000a0) U314a: 0e7580038008 LFNCEMARK-> tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000080) U314c: 004275140231 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, PMH_CR_EMRR_MASK) U314d: 004707038e08 tmp8:= NOTAND_DSZ64(0x00000007, tmp8) U314e: 004274140238 MOVETOCREG_DSZ64(tmp8, PMH_CR_EMRR_BASE) 02043c96 SEQW SAVEUIP1 U3150 SEQW GOTO U043c U3150: 000000000000 LFNCEMARK-> NOP U3151: 000800000000 NOP U3152: 000800000000 NOP U3154: 0e2500030034 LFNCEWAIT-> tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U3155: 104004034d08 tmp4:= ADD_DSZN(0x00000004, tmp4) U3156: 104000034d30 tmp4:= ADD_DSZN(tmp0, tmp4) 021ea680 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U3158: 00042c035d50 tmp5:= AND_DSZ32(0x0000b615, tmp5) U3159: 00621d031200 tmp1:= MOVEFROMCREG_DSZ64(0x01d) U315a: 000404031c48 tmp1:= AND_DSZ32(0x00000004, tmp1) 01b05c80 SEQW GOTO U305c ------------------------------------------------------------------------------------ U315c: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U315d: 1c30006b0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x1a) U315e: 0006330b4cd0 tmp4:= XOR_DSZ32(0xffdbb22a, tmp3) U3160: 0062fe1f1200 LFNCEWAIT-> tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3161: 000400030c34 tmp0:= AND_DSZ32(tmp4, tmp0) U3162: 0004d0031c50 tmp1:= AND_DSZ32(0x001a3202, tmp1) U3164: 000400072c08 tmp2:= AND_DSZ32(0x00000100, tmp0) U3165: 000400031c73 tmp1:= AND_DSZ32(tmp3, tmp1) U3166: 020700032032 tmp2:= unk_207(tmp2) U3168: 000100032c80 tmp2:= OR_DSZ32(0x00000000, tmp2) U3169: 0151111c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) U316a: 000130030c31 ROVR<- tmp0:= OR_DSZ32(tmp1, tmp0) 01ae099e SEQW SAVEUIP1 U316c SEQW GOTO U2e09 U316c: 2042fe1c0230 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, CORE_CR_EFLAGS) U316d: 213f00000030 unk_13f(tmp0) U316e: 10c00b824908 rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) 080000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U3170: 00629a1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x79a) U3171: 00a100035d71 tmp5:= CONCAT_DSZ16(tmp1, tmp5) 01ae2a40 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3172: 000000000000 NOP U3174: 00635c031200 tmp1:= READURAM(0x005c, 64) U3175: 186a2a780331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000011, U2e2a) U3176: 2d0b747b5008 SYNCFULL-> tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00001e74) 092e2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3178: 00080003d03a tmp13:= ZEROEXT_DSZ32(tmp10) 01a89600 SEQW GOTO U2896 ------------------------------------------------------------------------------------ U3179: 000000000000 NOP U317a: 000000000000 NOP U317c: 0c4b20431000 tmp1:= RDSEGFLD(UNK_SEG_10, BASE) U317d: 00251e035235 tmp5:= SHR_DSZ32(tmp5, 0x0000001e) 01b05640 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U317e: 000000000000 NOP U3180: 000000000000 NOP U3181: 000000000000 NOP 01a71140 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U3182: 000000000000 NOP U3184: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3185: 000000000000 NOP U3186: 000000000000 NOP U3188: 2d0b181f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004718) U3189: 186b11dc0371 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000017, generate_#GP) U318a: 2dcb20035008 tmp5:= PORTIN_DSZ8_ASZ16_SC1(0x00000020) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U318c: 2dcb20031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00000020) U318d: 186b115c0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000001, generate_#GP) 01b19840 SEQW GOTO U3198 ------------------------------------------------------------------------------------ U318e: 000e0f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000f) U3190: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U3191: 0f6d00043f31 unk_f6d(tmp1, tmp12, rdi) U3192: 01600183c23c tmp12:= SUBR_DSZ64(tmp12, IMM_MACRO_01) U3194: 0f6d00043f31 unk_f6d(tmp1, tmp12, rdi) U3195: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01b19140 SEQW GOTO U3191 ------------------------------------------------------------------------------------ U3196: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U3198: 3d0b00035c88 tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) 01ae2a00 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U3199: 000000000000 NOP U319a: 000e0f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000f) U319c: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U319d: 0f6500043f30 rdi:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp0, tmp12) U319e: 01600183c23c tmp12:= SUBR_DSZ64(tmp12, IMM_MACRO_01) U31a0: 0f6500043f30 rdi:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp0, tmp12) U31a1: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01b19d40 SEQW GOTO U319d ------------------------------------------------------------------------------------ U31a2: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U31a4: 00653d031235 tmp1:= SHR_DSZ64(tmp5, 0x0000003d) U31a5: 000405031c48 tmp1:= AND_DSZ32(0x00000005, tmp1) U31a6: 000a00200200 TESTUSTATE(UCODE, 0x0800) 01ae2ac0 ? SEQW GOTO U2e2a U31a8: 19292a380271 SYNCMARK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000004, U2e2a) U31a9: 2dcb09031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00000009) U31aa: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) 0c08ae80 SEQW GOTO U08ae ------------------------------------------------------------------------------------ U31ac: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U31ad: 000001036d88 tmp6:= ADD_DSZ32(0x00000001, tmp6) U31ae: 3928b00402b6 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000008, U31b0) 01b38e80 SEQW GOTO U338e ------------------------------------------------------------------------------------ U31b0: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U31b1: 3928b204033f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000010, U31b2) 01b38d40 SEQW GOTO U338d ------------------------------------------------------------------------------------ U31b2: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U31b4: 006387031200 tmp1:= READURAM(0x0087, 64) U31b5: 000800031031 tmp1:= ZEROEXT_DSZ32(tmp1) U31b6: 026400035d71 tmp5:= IMUL64L_DSZ64(tmp1, tmp5) 01ae2a80 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U31b8: 00081a03d008 tmp13:= ZEROEXT_DSZ32(0x0000001a) 01ad6900 SEQW GOTO U2d69 ------------------------------------------------------------------------------------ U31b9: 000000000000 NOP U31ba: 000000000000 NOP U31bc: 000000000000 NOP U31bd: 000000000000 NOP U31be: 286abe300214 BTUJB_DIRECT_NOTTAKEN(tmpv0, 0x00000000, uret1) 01b2ce80 SEQW GOTO U32ce ------------------------------------------------------------------------------------ U31c0: 000803030008 LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x00000003) 0466d200 SEQW GOTO U66d2 ------------------------------------------------------------------------------------ U31c1: 000000000000 NOP U31c2: 00631103c200 tmp12:= READURAM(0x0011, 64) U31c4: 0e6d08072f0b LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000308, mode=0x01, tmp2) 021f9200 SEQW GOTO U1f92 ------------------------------------------------------------------------------------ U31c5: 000000000000 NOP U31c6: 000000000000 NOP U31c8: 00450603fd08 tmp15:= SUB_DSZ64(0x00000006, tmp4) U31c9: 013300031d3f tmp1:= SELECTCC_DSZ32_CONDNBE(tmp15, tmp4) U31ca: 000005031c48 tmp1:= ADD_DSZ32(0x00000005, tmp1) U31cc: 002404031231 tmp1:= SHL_DSZ32(tmp1, 0x00000004) U31cd: 00002c0b1431 tmp1:= ADD_DSZ32(tmp1, 0xfed20e00) U31ce: 0dcf00000031 PORTOUT_DSZ8_ASZ16_SC1(tmp1, 0x00000000) 01ab1480 SEQW GOTO U2b14 ------------------------------------------------------------------------------------ U31d0: 008840034008 tmp4:= ZEROEXT_DSZ16(0x00000040) 01d7a188 SEQW URET0 ------------------------------------------------------------------------------------ U31d1: 2dcb1903b008 tmp11:= PORTIN_DSZ8_ASZ16_SC1(0x00000019) U31d2: 3929d404023b CMPUJNZ_DIRECT_NOTTAKEN(tmp11, 0x00000000, U31d4) 01d7a188 SEQW GOTO U57a1 ------------------------------------------------------------------------------------ U31d4: 1902db880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2db) U31d5: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) U31d6: 000c78680240 SAVEUIP(0x00, U3a78) 01dee880 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U31d8: 008880034008 tmp4:= ZEROEXT_DSZ16(0x00000080) 01a81448 SEQW URET0 ------------------------------------------------------------------------------------ U31d9: 100a00840200 TESTUSTATE(SYS, !UST_VMX_OP_DIS) 01a81448 ? SEQW GOTO U2814 U31da: 006323030200 tmp0:= READURAM(0x0023, 64) U31dc: 000430030c08 tmp0:= AND_DSZ32(0x00000030, tmp0) U31dd: 015114200270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U2814) U31de: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) 01a81480 SEQW GOTO U2814 ------------------------------------------------------------------------------------ U31e0: 000800034000 tmp4:= ZEROEXT_DSZ32(0x00000000) 019b0c48 SEQW URET0 ------------------------------------------------------------------------------------ U31e1: 000a04000200 TESTUSTATE(UCODE, 0x0004) 019b0c48 ? SEQW GOTO U1b0c U31e2: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U31e4: 3a6285c802b0 MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000b, CTAP_CR_DFX_CTL_STS) U31e5: 2d8b801b000a tmp0:= PORTIN_DSZ16_ASZ16_SC1(0x00004680) U31e6: 0e7d405f000d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000b740, tmp0) 019b0c80 SEQW GOTO U1b0c ------------------------------------------------------------------------------------ U31e8: 000c0a000280 SAVEUIP(0x00, U400a) 04863c00 SEQW GOTO U063c ------------------------------------------------------------------------------------ U31e9: 002100030c7d LFNCEMARK-> tmp0:= CONCAT_DSZ32(tmp13, tmp1) U31ea: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U31ec: 090205c00200 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U31ed: 000937034008 tmp4:= MOVE_DSZ32(0x00000037) U31ee: 00420b000234 MOVETOCREG_DSZ64(tmp4, 0x00b) U31f0: 00421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U31f1: 0062fe1fa200 LFNCEWTMRK-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U31f2: 23804b03ae80 ROVR<- tmp10:= READAFLAGS(tmp10) 06850c9e SEQW SAVEUIP1 U31f4 SEQW GOTO U050c U31f4: 00631b034200 tmp4:= READURAM(0x001b, 64) U31f5: 204267000234 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp4, CORE_CR_CUR_RIP) U31f6: 0e6df807a024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff8, mode=0x01, tmp10) U31f8: 0e6df007b024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff0, mode=0x01, tmp11) U31f9: 10c500024933 rsp:= SUB_DSZN(tmp3, rsp) U31fa: 00551f030230 tmp0:= BTS_DSZ64(tmp0, 0x0000001f) U31fc: 0e6df8070024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff8, mode=0x01, tmp0) U31fd: 0e6df0073024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xfffffffffffffff0, mode=0x01, tmp3) U31fe: 10c510024908 rsp:= SUB_DSZN(0x00000010, rsp) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U3200: 004200000eb5 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp5, tmp10) 0660d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U3201: 000000000000 NOP U3202: 000000000000 NOP U3204: 0004ff03ae88 tmp10:= AND_DSZ32(0x000000ff, tmp10) U3205: 0001000bae88 tmp10:= OR_DSZ32(0x00000200, tmp10) 01b20940 SEQW GOTO U3209 ------------------------------------------------------------------------------------ U3206: 000000000000 NOP U3208: 0004ff03ae88 tmp10:= AND_DSZ32(0x000000ff, tmp10) U3209: 004300000eb5 LFNCEWTMRK-> WRITEURAM(tmp5, tmp10) U320a: 100a00800300 TESTUSTATE(SYS, !0x8000) 06e0d4c0 ? SEQW GOTO U60d4 U320c: 025600000000 unk_256(0x00000000) U320d: 000803172008 tmp2:= ZEROEXT_DSZ32(0x00000503) U320e: 000a00c00240 LFNCEWAIT-> TESTUSTATE(UCODE, !0x3000) 032e30c0 ? SEQW GOTO U2e30 uend0: U3210: 000000000000 SYNCWAIT-> NOP 0a37f4b0 SEQW UEND0 ------------------------------------------------------------------------------------ U3211: 00620003d200 tmp13:= MOVEFROMCREG_DSZ64(0x000) U3212: 0008f0076010 tmp6:= ZEROEXT_DSZ32(0x80000000) 0a37f4b0 SEQW GOTO U37f4 ------------------------------------------------------------------------------------ U3214: 2f7d00035c80 tmp5:= unk_f7d(tmp2) 01e0d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U3215: 000000000000 NOP U3216: 000000000000 NOP U3218: 000a00880200 TESTUSTATE(UCODE, !0x0200) 01b21c00 ? SEQW GOTO U321c U3219: 00653f035235 tmp5:= SHR_DSZ64(tmp5, 0x0000003f) U321a: 00643f035235 tmp5:= SHL_DSZ64(tmp5, 0x0000003f) U321c: 104200000eb5 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp5, tmp10) 02332d00 SEQW GOTO U332d ------------------------------------------------------------------------------------ U321d: 000000000000 NOP U321e: 000000000000 NOP U3220: 0c6b2c000035 LFNCEWTMRK-> WRSEGFLD(tmp5, FS, BASE) 06320a00 SEQW GOTO U320a ------------------------------------------------------------------------------------ U3221: 000000000000 NOP U3222: 000000000000 NOP U3224: 0c6b2d000035 LFNCEWTMRK-> WRSEGFLD(tmp5, GS, BASE) 06320a00 SEQW GOTO U320a ------------------------------------------------------------------------------------ U3225: 000000000000 NOP U3226: 000000000000 NOP U3228: 006341031200 tmp1:= READURAM(0x0041, 64) U3229: 006517031231 tmp1:= SHR_DSZ64(tmp1, 0x00000017) U322a: 000400031c75 tmp1:= AND_DSZ32(tmp5, tmp1) 01990c80 SEQW GOTO U190c ------------------------------------------------------------------------------------ U322c: 20431d000235 LFNCEMARK-> WRITEURAM(tmp5, 0x001d, 64) U322d: 1062d40ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2d4, 32) U322e: 186bd2c1023a BTUJNB_DIRECT_NOTTAKEN(tmp10, 0x00000003, U60d2) 0458d080 SEQW GOTO U58d0 ------------------------------------------------------------------------------------ U3230: 000c04c80240 SAVEUIP(0x01, U3204) 01dfd600 SEQW GOTO U5fd6 ------------------------------------------------------------------------------------ U3231: 000000000000 NOP U3232: 000000000000 NOP U3234: 000c00c80240 SAVEUIP(0x01, U3200) U3235: 006200032e80 tmp2:= MOVEFROMCREG_DSZ64(tmp10) 01dfd840 SEQW GOTO U5fd8 ------------------------------------------------------------------------------------ U3236: 000000000000 NOP U3238: 0150f25c0278 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U37f2) 01b28200 SEQW GOTO U3282 ------------------------------------------------------------------------------------ U3239: 000000000000 NOP U323a: 000000000000 NOP U323c: 006526032233 tmp2:= SHR_DSZ64(tmp3, 0x00000026) U323d: 004400032cb5 tmp2:= AND_DSZ64(tmp5, tmp2) U323e: 0151111c0272 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) 07323080 SEQW GOTO U3230 ------------------------------------------------------------------------------------ U3240: 000d12831000 tmp1:= SAVEUIP_REGOVR(0x01, U3241, 0x0012) U3241: 000c8e0c0240 SAVEUIP(0x00, U238e) 01b04440 SEQW GOTO U3044 ------------------------------------------------------------------------------------ U3242: 000000000000 NOP U3244: 00650f032233 tmp2:= SHR_DSZ64(tmp3, 0x0000000f) U3245: 000700032d72 tmp2:= NOTAND_DSZ32(tmp2, tmp5) U3246: 186a119c02b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000a, generate_#GP) 01e9d180 SEQW GOTO U69d1 ------------------------------------------------------------------------------------ U3248: 002506035235 tmp5:= SHR_DSZ32(tmp5, 0x00000006) 01b2cd14 SEQW SAVEUIP1 U3249 SEQW GOTO U32cd U3249: 1062e60b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e6, 32) U324a: 000710035235 tmp5:= NOTAND_DSZ32(tmp5, 0x00000010) U324c: 004700035c75 tmp5:= NOTAND_DSZ64(tmp5, tmp1) U324d: 104200000eb5 MOVETOCREG_DSZ64(tmp5, tmp10) U324e: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) 01b32d80 SEQW GOTO U332d ------------------------------------------------------------------------------------ U3250: 006519031233 tmp1:= SHR_DSZ64(tmp3, 0x00000019) U3251: 000400031c75 tmp1:= AND_DSZ32(tmp5, tmp1) U3252: 186a119c0331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000012, generate_#GP) 01a4ed80 SEQW GOTO U24ed ------------------------------------------------------------------------------------ U3254: 2dcf09035008 PORTOUT_DSZ8_ASZ16_SC1(0x00000009, tmp5) U3255: 0004000b5d48 tmp5:= AND_DSZ32(0x00000200, tmp5) U3256: 0008000bc008 tmp12:= ZEROEXT_DSZ32(0x00000200) 01b23080 SEQW GOTO U3230 ------------------------------------------------------------------------------------ U3258: 000cd20002c0 SAVEUIP(0x00, U60d2) U3259: 092864040220 CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000000, U0164) 01850495 SEQW SAVEUIP1 U325a U325a: 3928459c0220 CMPUJZ_DIRECT_NOTTAKEN(rax, 0x00000002, U3745) 01850495 SEQW GOTO U0504 ------------------------------------------------------------------------------------ U325c: 0004f0075d50 tmp5:= AND_DSZ32(0x80000000, tmp5) U325d: 2d0b3c031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x0000003c) U325e: 013000031c75 tmp1:= SELECTCC_DSZ32_CONDZ(tmp5, tmp1) 01c4d980 SEQW GOTO U44d9 ------------------------------------------------------------------------------------ U3260: 00636203a200 tmp10:= READURAM(0x0062, 64) U3261: 213f0000003a unk_13f(tmp10) U3262: 0042fe1c023a LFNCEWAIT-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) 032c9280 SEQW GOTO U2c92 ------------------------------------------------------------------------------------ U3264: 00636203a200 tmp10:= READURAM(0x0062, 64) U3265: 006363035200 tmp5:= READURAM(0x0063, 64) U3266: 00a10003aeb5 tmp10:= CONCAT_DSZ16(tmp5, tmp10) 019e0080 SEQW GOTO U1e00 ------------------------------------------------------------------------------------ U3268: 1062c00ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2c0, 32) U3269: 014d0002003a rax:= unk_14d(tmp10) U326a: 1062c10ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2c1, 32) 01dae580 SEQW GOTO U5ae5 ------------------------------------------------------------------------------------ U326c: 1062c00ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2c0, 32) U326d: 07470003803a tmm0:= unk_747(tmm2) U326e: 1062c10ba240 tmp10:= MOVEFROMCREG_DSZ64(0x2c1, 32) 0182aa80 SEQW GOTO U02aa ------------------------------------------------------------------------------------ U3270: 0062f61fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U3271: 00161f03a23a tmp10:= BTR_DSZ32(tmp10, 0x0000001f) U3272: 0902f61c083a LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmp10, rax, CORE_CR_CR0) 0760d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U3274: 0251f25c0278 UJMPCC_DIRECT_NOTTAKEN_CONDNS(tmp8, U37f2) U3275: 204371040235 LFNCEMARK-> WRITEURAM(tmp5, 0x0171, 64) 04b20a40 SEQW GOTO U320a ------------------------------------------------------------------------------------ U3276: 000000000000 NOP U3278: 100ac0000200 LFNCEMARK-> TESTUSTATE(SYS, UST_VMX_DUAL_MON | UST_VMX_GUEST) 04328200 ? SEQW GOTO U3282 U3279: 002100034822 tmp4:= CONCAT_DSZ32(rdx, rax) U327a: 104800034034 tmp4:= ZEROEXT_DSZ64N(tmp4) apply_ucode_patch: U327c: 206353030200 tmp0:= READURAM(0x0053, 64) U327d: 000779030c08 tmp0:= NOTAND_DSZ32(0x00000079, tmp0) U327e: 000102030c08 tmp0:= OR_DSZ32(0x00000002, tmp0) 01a62580 SEQW GOTO U2625 ------------------------------------------------------------------------------------ U3280: 0251f25c0278 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNS(tmp8, U37f2) U3281: 100a20000200 TESTUSTATE(SYS, UST_SMM) 0632304a ? SEQW GOTO U3230 U3282: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 0632304a ? SEQW URET0 U3284: 000820030008 tmp0:= ZEROEXT_DSZ32(0x00000020) 019f9000 SEQW GOTO do_smm_vmexit ------------------------------------------------------------------------------------ U3285: 000000000000 NOP U3286: 000000000000 NOP U3288: 006420035235 tmp5:= SHL_DSZ64(tmp5, 0x00000020) U3289: 006e20035235 tmp5:= SAR_DSZ64(tmp5, 0x00000020) 01b21c40 SEQW GOTO U321c ------------------------------------------------------------------------------------ U328a: 000000000000 NOP U328c: 006520031233 tmp1:= SHR_DSZ64(tmp3, 0x00000020) U328d: 004400031c75 tmp1:= AND_DSZ64(tmp5, tmp1) U328e: 186a11dc03f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001f, generate_#GP) 07010980 SEQW GOTO U0109 ------------------------------------------------------------------------------------ U3290: 001608035235 tmp5:= BTR_DSZ32(tmp5, 0x00000008) U3291: 0052b51002b5 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp5, U44b5) U3292: 006323032200 tmp2:= READURAM(0x0023, 64) 06ac6580 SEQW GOTO U2c65 ------------------------------------------------------------------------------------ U3294: 0062011f1200 tmp1:= MOVEFROMCREG_DSZ64(0x701) U3295: 186a111c0231 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000000, generate_#GP) 06b23440 SEQW GOTO U3234 ------------------------------------------------------------------------------------ U3296: 000000000000 NOP U3298: 0150f25c0278 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U37f2) U3299: 1928d2010035 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U60d2) 0182ba55 SEQW SAVEUIP1 U329a SEQW GOTO U02ba U329a: 2d0b045f100c tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00009704) U329c: 000101031c48 tmp1:= OR_DSZ32(0x00000001, tmp1) U329d: 2d0f045f100c PORTOUT_DSZ32_ASZ16_SC1(0x00009704, tmp1) 01d6f840 SEQW GOTO U56f8 ------------------------------------------------------------------------------------ U329e: 000000000000 NOP U32a0: 006323032200 tmp2:= READURAM(0x0023, 64) U32a1: 186a11dc07f2 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000003f, generate_#GP) U32a2: 000403032c88 tmp2:= AND_DSZ32(0x00000003, tmp2) 06c4a980 SEQW GOTO U44a9 ------------------------------------------------------------------------------------ U32a4: 000c08c80240 SAVEUIP(0x01, U3208) U32a5: 006323032200 tmp2:= READURAM(0x0023, 64) U32a6: 004700031cb5 tmp1:= NOTAND_DSZ64(tmp5, tmp2) 01dfd480 SEQW GOTO U5fd4 ------------------------------------------------------------------------------------ U32a8: 2dcf08035008 LFNCEMARK-> PORTOUT_DSZ8_ASZ16_SC1(0x00000008, tmp5) 04080e88 SEQW URET0 ------------------------------------------------------------------------------------ U32a9: 00080003e039 tmp14:= ZEROEXT_DSZ32(tmp9) U32aa: 004c70a7b2ff tmp11:= SAVEUIP(tmp15, 0x01, U6970) 04080e88 SEQW GOTO U080e ------------------------------------------------------------------------------------ U32ac: 00640c031233 tmp1:= SHL_DSZ64(tmp3, 0x0000000c) U32ad: 2d0bc0033008 tmp3:= PORTIN_DSZ32_ASZ16_SC1(0x000000c0) U32ae: 006409032233 tmp2:= SHL_DSZ64(tmp3, 0x00000009) 01da7580 SEQW GOTO U5a75 ------------------------------------------------------------------------------------ U32b0: 00002c07c010 tmp12:= ADD_DSZ32(0x00c41089) U32b1: 005414032233 tmp2:= BT_DSZ64(tmp3, 0x00000014) U32b2: 003240032232 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000040) 01d09a80 SEQW GOTO U509a ------------------------------------------------------------------------------------ U32b4: 002502031235 SYNCMARK-> tmp1:= SHR_DSZ32(tmp5, 0x00000002) U32b5: 006205072200 tmp2:= MOVEFROMCREG_DSZ64(0x105) U32b6: 000701032c88 tmp2:= NOTAND_DSZ32(0x00000001, tmp2) 0c592580 SEQW GOTO U5925 ------------------------------------------------------------------------------------ U32b8: 000c0a880200 SAVEUIP(0x01, U020a) 0182ba00 SEQW GOTO U02ba ------------------------------------------------------------------------------------ U32b9: 000000000000 NOP U32ba: 000000000000 NOP U32bc: 2d0bf01f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000047f0) U32bd: 186b111c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000010, generate_#GP) U32be: 00240e035235 tmp5:= SHL_DSZ32(tmp5, 0x0000000e) 01821280 SEQW GOTO U0212 ------------------------------------------------------------------------------------ U32c0: 000000000000 NOP U32c1: 000000000000 NOP 01a71140 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U32c2: 000000000000 NOP U32c4: 1062df0b1240 tmp1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U32c5: 186ad28102f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000e, U60d2) 06b21c40 SEQW GOTO U321c ------------------------------------------------------------------------------------ U32c6: 000000000000 NOP U32c8: 006323031200 tmp1:= READURAM(0x0023, 64) U32c9: 186b115c02f1 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, generate_#GP) U32ca: 38a28a8c0235 MOVETOCREG_SHL_DSZ64(tmp5, 0x00000002, 0x38a) 06b32d80 SEQW GOTO U332d ------------------------------------------------------------------------------------ U32cc: 000c4dc80240 SAVEUIP(0x01, U324d) U32cd: 390289480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x289) U32ce: 306289094240 tmpv0:= MOVEFROMCREG_DSZ64(0x289, 32) 01b1be80 SEQW GOTO U31be ------------------------------------------------------------------------------------ U32d0: 006273173200 tmp3:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U32d1: 000c3e8f22f5 tmp2:= SAVEUIP(tmp5, 0x01, U633e) 01b2f940 SEQW GOTO U32f9 ------------------------------------------------------------------------------------ U32d2: 000000000000 NOP U32d4: 000c3e8f32f5 tmp3:= SAVEUIP(tmp5, 0x01, U633e) U32d5: 006272172200 tmp2:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_BASE) U32d6: 002e0c031235 tmp1:= SAR_DSZ32(tmp5, 0x0000000c) 01848480 SEQW GOTO U0484 ------------------------------------------------------------------------------------ U32d8: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U32d9: 186a119c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) U32da: 086b8c100038 BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x00000000, U048c) 01d91580 SEQW GOTO U5915 ------------------------------------------------------------------------------------ U32dc: 002502031235 tmp1:= SHR_DSZ32(tmp5, 0x00000002) U32dd: 000493071c50 tmp1:= AND_DSZ32(0x1003fff7, tmp1) U32de: 2d0ff01f100a PORTOUT_DSZ32_ASZ16_SC1(0x000047f0, tmp1) 01dc1980 SEQW GOTO U5c19 ------------------------------------------------------------------------------------ U32e0: 006200031e80 tmp1:= MOVEFROMCREG_DSZ64(tmp10) U32e1: 000400231c48 tmp1:= AND_DSZ32(0x00000800, tmp1) U32e2: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) 01b2f996 SEQW SAVEUIP1 U32e4 SEQW GOTO U32f9 U32e4: 204200000eb5 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp5, tmp10) 0660d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U32e5: 000000000000 NOP U32e6: 000000000000 NOP U32e8: 000701033e88 tmp3:= NOTAND_DSZ32(0x00000001, tmp10) U32e9: 006200031cc0 tmp1:= MOVEFROMCREG_DSZ64(tmp3) U32ea: 004700231c48 tmp1:= NOTAND_DSZ64(0x00000800, tmp1) 01821a80 SEQW GOTO U021a ------------------------------------------------------------------------------------ U32ec: 002150071408 tmp1:= CONCAT_DSZ32(0x03030303) U32ed: 004400031c75 tmp1:= AND_DSZ64(tmp5, tmp1) U32ee: 006501031231 tmp1:= SHR_DSZ64(tmp1, 0x00000001) 01c4c180 SEQW GOTO U44c1 ------------------------------------------------------------------------------------ U32f0: 002165071408 tmp1:= CONCAT_DSZ32(0x04040404) U32f1: 004700031c75 tmp1:= NOTAND_DSZ64(tmp5, tmp1) U32f2: 006501031231 tmp1:= SHR_DSZ64(tmp1, 0x00000001) 01c4c980 SEQW GOTO U44c9 ------------------------------------------------------------------------------------ U32f4: 0251f25c0278 UJMPCC_DIRECT_NOTTAKEN_CONDNS(tmp8, U37f2) U32f5: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U32f6: 186a11dc02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000b, generate_#GP) 01e15080 SEQW GOTO U6150 ------------------------------------------------------------------------------------ U32f8: 000c85e80280 SAVEUIP(0x01, U5a85) U32f9: 000406031d48 tmp1:= AND_DSZ32(0x00000006, tmp5) U32fa: 1928119c0231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000002, generate_#GP) 0187bd80 SEQW GOTO U07bd ------------------------------------------------------------------------------------ U32fc: 00251a032235 tmp2:= SHR_DSZ32(tmp5, 0x0000001a) U32fd: 0062c31b1200 tmp1:= MOVEFROMCREG_DSZ64(0x6c3) U32fe: 000720031c48 tmp1:= NOTAND_DSZ32(0x00000020, tmp1) 01c4d580 SEQW GOTO U44d5 ------------------------------------------------------------------------------------ U3300: 2d0bd843100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U3301: 086b96950331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, U4596) U3302: 000401031e08 LFNCEMARK-> tmp1:= AND_DSZ32(0x00000001, tmp8) 0501fa80 SEQW GOTO U01fa ------------------------------------------------------------------------------------ U3304: 106200031e80 tmp1:= MOVEFROMCREG_DSZ64(tmp10) U3305: 304200000eb5 MOVETOCREG_DSZ64(tmp5, tmp10) 01d4a840 SEQW GOTO U54a8 ------------------------------------------------------------------------------------ U3306: 000000000000 NOP U3308: 006200031e80 tmp1:= MOVEFROMCREG_DSZ64(tmp10) U3309: 204200000eb5 MOVETOCREG_DSZ64(tmp5, tmp10) 01d4a840 SEQW GOTO U54a8 ------------------------------------------------------------------------------------ U330a: 000000000000 NOP U330c: 186a115c07f3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000003d, generate_#GP) U330d: 000800031008 tmp1:= ZEROEXT_DSZ32(0x00000000) 01b36140 SEQW GOTO U3361 ------------------------------------------------------------------------------------ U330e: 000000000000 NOP U3310: 186bd2010235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U60d2) U3311: 2d0b0413100c tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00008404) U3312: 002c02031231 tmp1:= ROL_DSZ32(tmp1, 0x00000002) 01849480 SEQW GOTO U0494 ------------------------------------------------------------------------------------ U3314: 000c08c80240 SAVEUIP(0x01, U3208) 01b31900 SEQW GOTO U3319 ------------------------------------------------------------------------------------ U3315: 000000000000 NOP U3316: 000000000000 NOP U3318: 000c00c80240 SAVEUIP(0x01, U3200) U3319: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U331a: 186ad24102f2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000d, U60d2) 01811980 SEQW GOTO U0119 ------------------------------------------------------------------------------------ U331c: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U331d: 186ad24102f2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000d, U60d2) U331e: 0062f01f3200 tmp3:= MOVEFROMCREG_DSZ64(0x7f0) 018da180 SEQW GOTO U0da1 ------------------------------------------------------------------------------------ U3320: 000c461bd248 tmp13:= SAVEUIP(0x00, U2646) U3321: 200a04832235 tmp2:= TESTUSTATE(tmp5, VMX, !0x0004) 01d7ad40 ? SEQW GOTO U57ad U3322: 0062bb1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7bb) U3324: 186b119c02b1 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 06321c00 SEQW GOTO U321c ------------------------------------------------------------------------------------ U3325: 000000000000 NOP U3326: 000000000000 NOP U3328: 000cd413d2c8 tmp13:= SAVEUIP(0x00, U64d4) 01847414 SEQW SAVEUIP1 U3329 SEQW GOTO U0474 U3329: 1062d30b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2d3, 32) U332a: 386a29cc0271 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000007, U3329) U332c: 30428b080240 MOVETOCREG_DSZ64(0x00000000, UCODE_CR_X2APIC_EOI, 32) U332d: 000000000000 SYNCMARK-> NOP 0cb20a40 SEQW GOTO U320a ------------------------------------------------------------------------------------ U332e: 000000000000 NOP U3330: 1062e70b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e7, 32) U3331: 386a300c02f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000c, U3330) 06b21c40 SEQW GOTO U321c ------------------------------------------------------------------------------------ U3332: 000000000000 NOP U3334: 304200000eb5 MOVETOCREG_DSZ64(tmp5, tmp10) U3335: 3062d40b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2d4, 32) U3336: 386a350c0271 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000004, U3335) 0760d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U3338: 0008f00f1008 tmp1:= ZEROEXT_DSZ32(0x000003f0) U3339: 000ce903d2c8 tmp13:= SAVEUIP(0x00, U60e9) 01847455 SEQW SAVEUIP1 U333a SEQW GOTO U0474 U333a: 10628f0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x28f, 32) U333c: 186b111c02b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000008, generate_#GP) U333d: 3962bf0802f5 MOVETOCREG_BTS_DSZ64(tmp5, 0x0000000c, 0x2bf) U333e: 3062bf0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2bf, 32) 01a3c680 SEQW GOTO U23c6 ------------------------------------------------------------------------------------ U3340: 000400631d48 tmp1:= AND_DSZ32(0x00001800, tmp5) U3341: 013100631231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00001800) U3342: 000100035d71 tmp5:= OR_DSZ32(tmp1, tmp5) 01e3dd80 SEQW GOTO U63dd ------------------------------------------------------------------------------------ U3344: 00e100035d75 tmp5:= CONCAT_DSZ8(tmp5, tmp5) U3345: 000401435d48 tmp5:= AND_DSZ32(0x00001001, tmp5) U3346: 2d0b1833100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004c18) 01822a80 SEQW GOTO U022a ------------------------------------------------------------------------------------ U3348: 000d210f2335 tmp2:= SAVEUIP_REGOVR(tmp5, 0x00, U3349, 0x8321) U3349: 000cd28002c0 SAVEUIP(0x01, U60d2) 01ebfc40 SEQW GOTO U6bfc ------------------------------------------------------------------------------------ U334a: 000000000000 NOP U334c: 004800032035 tmp2:= ZEROEXT_DSZ64(tmp5) U334d: 2d4f1821400c PORTOUT_DSZ64_ASZ16_SC1(0x00008818, tmpv0) 01a71189 SEQW URET0 ------------------------------------------------------------------------------------ U334e: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 01a71189 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U3350: 192874810235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000002, U6074) U3351: 3928cd0802b5 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000008, U32cd) 08e0d255 SEQW SAVEUIP1 U3352 SEQW GOTO U60d2 U3352: 1062e10b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e1, 32) U3354: 3962e18802b1 MOVETOCREG_BTS_DSZ64(tmp1, 0x0000000a, 0x2e1) 01b24e00 SEQW GOTO U324e ------------------------------------------------------------------------------------ U3355: 000000000000 NOP U3356: 000000000000 NOP U3358: 29a270000635 MOVETOCREG_SHR_DSZ64(tmp5, 0x00000020, 0x070) 01b21c00 SEQW GOTO U321c ------------------------------------------------------------------------------------ U3359: 000000000000 NOP U335a: 000000000000 NOP U335c: 005604035235 tmp5:= BTR_DSZ64(tmp5, 0x00000004) U335d: 00531c480275 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp5, U321c) U335e: 0eff00000000 unk_eff(0x00000000) 06b21c80 SEQW GOTO U321c ------------------------------------------------------------------------------------ U3360: 00081f031008 tmp1:= ZEROEXT_DSZ32(0x0000001f) U3361: 0008f85ba00a tmp10:= ZEROEXT_DSZ32(0x000056f8) 0556f140 SEQW GOTO U56f1 ------------------------------------------------------------------------------------ U3362: 0e7b2fe40cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U3364: 10c00b824908 LFNCEWAIT-> rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) 026ba1b0 SEQW UEND0 ------------------------------------------------------------------------------------ U3365: 00a103137237 tmp7:= CONCAT_DSZ16(tmp7, 0x00000403) U3366: 000c120002c0 SAVEUIP(0x00, U6012) 026ba1b0 SEQW GOTO U6ba1 ------------------------------------------------------------------------------------ U3368: 2928d4750235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000001, U5dd4) U3369: 192829ac0235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000002, U2b29) U336a: 2928a42d02b5 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000008, U5ba4) 019ca480 SEQW GOTO U1ca4 ------------------------------------------------------------------------------------ U336c: 000101031e88 tmp1:= OR_DSZ32(0x00000001, tmp10) U336d: 006200031c40 tmp1:= MOVEFROMCREG_DSZ64(tmp1) U336e: 186a119c02b1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 07320080 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U3370: 09a29a1c0335 LFNCEWAIT-> MOVETOCREG_SHR_DSZ64(tmp5, 0x00000010, 0x79a) 02320000 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U3371: 000000000000 NOP U3372: 000000000000 NOP U3374: 00635c032200 tmp2:= READURAM(0x005c, 64) U3375: 186a61490332 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000011, U6261) U3376: 000e0c03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000c) 01e25980 SEQW GOTO U6259 ------------------------------------------------------------------------------------ U3378: 1928111c0035 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, generate_#GP) U3379: 022200031035 tmp1:= unk_222(tmp5) U337a: 01d700032035 tmp2:= unk_1d7(tmp5) 06049c80 SEQW GOTO U049c ------------------------------------------------------------------------------------ U337c: 004400432d5f tmp2:= AND_DSZ64(0xfffffffffffff000, tmp5) U337d: 0c6b30000032 LFNCEWAIT-> WRSEGFLD(tmp2) U337e: 000403035d48 tmp5:= AND_DSZ32(0x00000003, tmp5) 02b09c80 SEQW GOTO U309c ------------------------------------------------------------------------------------ U3380: 00080703d008 tmp13:= ZEROEXT_DSZ32(0x00000007) 01a89600 SEQW GOTO U2896 ------------------------------------------------------------------------------------ U3381: 000000000000 NOP U3382: 000000000000 NOP U3384: 000000000000 NOP 04b80188 SEQW URET0 ------------------------------------------------------------------------------------ U3385: 0e7b04100cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U3386: 20436f035200 tmp5:= WRITEURAM(0x00000000, 0x006f, 64) 04b80188 SEQW GOTO U3801 ------------------------------------------------------------------------------------ U3388: 2d0b181f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004718) U3389: 186b11dc0371 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000017, generate_#GP) U338a: 192811dc0235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000003, generate_#GP) 01d6ed80 SEQW GOTO U56ed ------------------------------------------------------------------------------------ U338c: 00010003f000 tmp15:= OR_DSZ32(0x00000000) U338d: 000100036000 tmp6:= OR_DSZ32(0x00000000) U338e: 002405031236 tmp1:= SHL_DSZ32(tmp6, 0x00000005) U3390: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U3391: 00240f031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000f) U3392: 000d02800000 SAVEUIP_REGOVR(0x01, U3394, 0x0002) 01b2cd80 SEQW GOTO U32cd U3394: 3962a5cc0271 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x00000007, 0x3a5) U3395: 10628d0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x38d, 32) U3396: 015d00000f40 UJMP(tmp13) ------------------------------------------------------------------------------------ U3398: 3d0f00035c88 LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x00000000, tmp2, tmp5) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U3399: 0e750003603c tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U339a: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U339c: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U339d: 000800038d78 tmp8:= ZEROEXT_DSZ32(tmp8, tmp5) U339e: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U33a0: 006520032236 tmp2:= SHR_DSZ64(tmp6, 0x00000020) U33a1: 104200035e36 LFNCEWAIT-> tmp5:= MOVETOCREG_DSZ64(tmp6, tmp8) U33a2: 000800039d79 tmp9:= ZEROEXT_DSZ32(tmp9, tmp5) U33a4: 104200035e72 tmp5:= MOVETOCREG_DSZ64(tmp2, tmp9) U33a5: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b39940 ? SEQW GOTO U3399 U33a6: 014800000000 URET(0x00) ------------------------------------------------------------------------------------ U33a8: 3d0b00031c88 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U33a9: 3d0f00035c88 PORTOUT_DSZ32_ASZ16_SC1(0x00000000, tmp2, tmp5) 01d4a840 SEQW GOTO U54a8 ------------------------------------------------------------------------------------ U33aa: 000000000000 NOP U33ac: 3d0b00031c88 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U33ad: 186a11dc07f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000003f, generate_#GP) U33ae: 386a98cc06b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000002b, U3398) 0185b480 SEQW GOTO U05b4 ------------------------------------------------------------------------------------ U33b0: 2d0b181f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004718) U33b1: 186b119c03f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000001e, generate_#GP) 01b39840 SEQW GOTO U3398 ------------------------------------------------------------------------------------ U33b2: 000000000000 NOP U33b4: 0150f25c0278 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U37f2) U33b5: 00161f035235 tmp5:= BTR_DSZ32(tmp5, 0x0000001f) U33b6: 00081e031008 tmp1:= ZEROEXT_DSZ32(0x0000001e) 01d6f080 SEQW GOTO U56f0 ------------------------------------------------------------------------------------ U33b8: 000804031008 tmp1:= ZEROEXT_DSZ32(0x00000004) 01df1600 SEQW GOTO U5f16 ------------------------------------------------------------------------------------ U33b9: 000000000000 NOP U33ba: 000000000000 NOP U33bc: 000000000000 NOP U33bd: 000000000000 NOP U33be: 00a10503723f tmp7:= CONCAT_DSZ16(tmp15, 0x00000005) 01eba192 SEQW SAVEUIP0 U33c0 SEQW GOTO U6ba1 U33c0: 000802030008 LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x00000002) 04079e00 SEQW GOTO U079e ------------------------------------------------------------------------------------ U33c1: 0062c51f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U33c2: 186b699c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, generate_#UD) U33c4: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01b3c800 ? SEQW GOTO U33c8 U33c5: 006343031200 tmp1:= READURAM(0x0043, 64) U33c6: 186b691c0771 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000034, generate_#UD) U33c8: 0062f61f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U33c9: 186a71dc0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000003, generate_#NM) U33ca: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71180 ? SEQW GOTO generate_#GP U33cc: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01b3d600 ? SEQW GOTO U33d6 U33cd: 006357031200 tmp1:= READURAM(0x0057, 64) U33ce: 0e65c8031c4b tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x000003c8) U33d0: 002100034822 tmp4:= CONCAT_DSZ32(rdx, rax) U33d1: 004400034d32 tmp4:= AND_DSZ64(tmp2, tmp4) U33d2: 004400034c74 tmp4:= AND_DSZ64(tmp4, tmp1) U33d4: 000840030008 tmp0:= ZEROEXT_DSZ32(0x00000040) U33d5: 0151480402f4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U6148) U33d6: 0c1300e33144 tmp3:= LEA_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U33d8: 00c43f033cc8 tmp3:= AND_DSZ8(0x0000003f, tmp3) U33d9: 0151111c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, generate_#GP) U33da: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U33dc: 10880003b03b tmp11:= ZEROEXT_DSZ16N(tmp11) U33dd: 0c40086322bb tmp2:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000208, mode=0x18) U33de: 00563f032232 tmp2:= BTR_DSZ64(tmp2, 0x0000003f) U33e0: 0053111c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp2, generate_#GP) U33e1: 002100035822 tmp5:= CONCAT_DSZ32(rdx, rax) U33e2: 004400035db5 tmp5:= AND_DSZ64(tmp5, tmp6) U33e4: 0c40006342bb LFNCEMARK-> tmp4:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000200, mode=0x18) U33e5: 006501037235 tmp7:= SHR_DSZ64(tmp5, 0x00000001) U33e6: 00440c037dc8 tmp7:= AND_DSZ64(0x0000000c, tmp7) U33e8: 004403038d48 tmp8:= AND_DSZ64(0x00000003, tmp5) U33e9: 004100038e37 tmp8:= OR_DSZ64(tmp7, tmp8) U33ea: 006501037234 tmp7:= SHR_DSZ64(tmp4, 0x00000001) U33ec: 00440c037dc8 tmp7:= AND_DSZ64(0x0000000c, tmp7) U33ed: 00440303dd08 tmp13:= AND_DSZ64(0x00000003, tmp4) U33ee: 00410003df77 tmp13:= OR_DSZ64(tmp7, tmp13) U33f0: 00640403d23d tmp13:= SHL_DSZ64(tmp13, 0x00000004) U33f1: 004100038f78 tmp8:= OR_DSZ64(tmp8, tmp13) U33f2: 01420f000e00 SYNCMARK-> UFLOWCTRL(USTATE, tmp8) U33f4: 00433f000238 LFNCEWAIT-> WRITEURAM(tmp8, 0x003f, 64) U33f5: 096272c00340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x072) 024c9940 SEQW GOTO U4c99 ------------------------------------------------------------------------------------ U33f6: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U33f8: 1c0000630026 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) U33f9: 100800020830 rax:= ZEROEXT_DSZ32N(tmp0, rax) U33fa: 108501034d08 tmp4:= SUB_DSZN(0x00000001, tmp4) U33fc: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) U33fd: 015065100234 MSLOOP-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U0465) 0533f865 SEQW GOTO U33f8 ------------------------------------------------------------------------------------ U33fe: 3e6b49031cb0 LFNCEMARK-> tmp1:= unk_e6b(tmp0, tmp2) U3400: 005000000c71 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp1, tmp1) U3401: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 04009540 ? SEQW GOTO U0095 U3402: 00629e1fb200 tmp11:= MOVEFROMCREG_DSZ64(0x79e) U3404: 2042cb036010 tmp6:= MOVETOCREG_DSZ64(0x00000017, 0x000) 053d4a00 SEQW GOTO U3d4a ------------------------------------------------------------------------------------ U3405: 10c800024d64 rsp:= ZEROEXT_DSZ8N(rsp, tmp5) U3406: 286a6a7d033a LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U5f6a) U3408: 1c38fbab8024 LFNCEWAIT-> STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp8) U3409: 1c38f3ab5024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, tmp5) U340a: 10c0f3824908 rsp:= ADD_DSZN(IMM_MACRO_f3, rsp) U340c: 000a10000200 TESTUSTATE(UCODE, 0x0010) 04aee400 ? SEQW GOTO U2ee4 U340d: 10080b838008 LFNCEMARK-> tmp8:= ZEROEXT_DSZ32N(IMM_MACRO_ALIAS_DATASIZE) U340e: 002501038238 tmp8:= SHR_DSZ32(tmp8, 0x00000001) U3410: 00240003be3b tmp11:= SHL_DSZ32(tmp11, tmp8) U3411: 10c50002493b rsp:= SUB_DSZN(tmp11, rsp) U3412: 0c4ba02b8000 tmp8:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U3414: 0c7ba4000038 WRSEGFLD(tmp8, UNK_SEG_04, SEL+FLGS+LIM) U3415: 0c4b202b8000 tmp8:= RDSEGFLD(SS_USERM, BASE) U3416: 0c7b24000038 WRSEGFLD(tmp8, UNK_SEG_04, BASE) U3418: 0c4b400f8000 tmp8:= RDSEGFLD(SS, FLGS) U3419: 0c4ba00f7000 LFNCEWAIT-> tmp7:= RDSEGFLD(SS, SEL+FLGS+LIM) U341a: 0c7baa000037 WRSEGFLD(tmp7, SS_USERM, SEL+FLGS+LIM) U341c: 0c4b200f7000 tmp7:= RDSEGFLD(SS, BASE) U341d: 0c7b2a000037 WRSEGFLD(tmp7, SS_USERM, BASE) U341e: 09a29e5c0278 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp8, 0x00000005, 0x79e) U3420: 006200037200 tmp7:= MOVEFROMCREG_DSZ64(0x000) U3421: 000712037dd0 tmp7:= NOTAND_DSZ32(0x00000400, tmp7) U3422: 0962004372b7 tmp7:= MOVETOCREG_BTS_DSZ64(tmp7, 0x00000009, 0x000) U3424: 10080b838008 tmp8:= ZEROEXT_DSZ32N(IMM_MACRO_ALIAS_DATASIZE) U3425: 00050003bef8 tmp11:= SUB_DSZ32(tmp8, tmp11) U3426: 0b2f00031ef5 tmp1:= unk_b2f(tmp5, tmp11) U3428: 000400031c7c tmp1:= AND_DSZ32(tmp12, tmp1) U3429: 1f20002b1031 LFNCEWAIT-> tmp1:= LDPPHYS_DSZN_ASZ32_SC1(tmp1, mode=0x0a) U342a: 1c3800131ee4 STAD_DSZN_ASZ32_SC1(SS, rsp, tmp11, mode=0x04, tmp1) U342c: 01502d50027b UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U342d) 01b42500 SEQW GOTO U3425 ------------------------------------------------------------------------------------ U342d: 0c4ba0138000 tmp8:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U342e: 0c6baa000038 WRSEGFLD(tmp8, SS_USERM, SEL+FLGS+LIM) U3430: 0c4b20138000 tmp8:= RDSEGFLD(UNK_SEG_04, BASE) U3431: 0c6b2a000038 WRSEGFLD(tmp8, SS_USERM, BASE) U3432: 0c4b40138000 tmp8:= RDSEGFLD(UNK_SEG_04, FLGS) U3434: 09a29e5c0278 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp8, 0x00000005, 0x79e) U3435: 000112037dd0 tmp7:= OR_DSZ32(0x00000400, tmp7) U3436: 000800000000 NOP U3438: 0a62004372b7 LFNCEWAIT-> tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x00000009, 0x000) 022ee500 SEQW GOTO U2ee5 ------------------------------------------------------------------------------------ U3439: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U343a: 00080003a000 tmp10:= ZEROEXT_DSZ32(0x00000000) U343c: 00080b832008 tmp2:= ZEROEXT_DSZ32(IMM_MACRO_ALIAS_DATASIZE) U343d: 20433e00023a WRITEURAM(tmp10, 0x003e, 64) U343e: 00010003fef2 tmp15:= OR_DSZ32(tmp2, tmp11) U3440: 00050103bfc8 tmp11:= SUB_DSZ32(0x00000001, tmp15) U3441: 00240103f23f tmp15:= SHL_DSZ32(tmp15, 0x00000001) U3442: 014310a33208 tmp3:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U3444: 00a10003fff1 tmp15:= CONCAT_DSZ16(tmp1, tmp15) U3445: 20433908023f WRITEURAM(tmp15, 0x0039, 32) U3446: 00a10003bef1 tmp11:= CONCAT_DSZ16(tmp1, tmp11) U3448: 00642003f23b tmp15:= SHL_DSZ64(tmp11, 0x00000020) U3449: 20437a04023f WRITEURAM(tmp15, 0x017a, 64) U344a: 000504032232 tmp2:= SUB_DSZ32(tmp2, 0x00000004) U344c: 02000003f000 tmp15:= unk_200(0x00000000) U344d: 01504e50027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U344e) 01b45c40 SEQW GOTO U345c ------------------------------------------------------------------------------------ U344e: 0c4b403ff000 tmp15:= RDSEGFLD(TSS, FLGS) U3450: 186b11dc023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000003, generate_#GP) U3451: 0da0663fc000 tmp12:= unk_da0(0x00000000) U3452: 002503039231 tmp9:= SHR_DSZ32(tmp1, 0x00000003) U3454: 00040703fc48 tmp15:= AND_DSZ32(0x00000007, tmp1) U3455: 00250f03ac88 tmp10:= SHR_DSZ32(0x0000000f, tmp2) U3456: 00240003affa tmp10:= SHL_DSZ32(tmp10, tmp15) U3458: 0da0003ffe7c tmp15:= unk_da0(tmp12, tmp9) U3459: 00040003fffa tmp15:= AND_DSZ32(tmp10, tmp15) U345a: 0151111c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, generate_#GP) U345c: 00626503f200 LFNCEWAIT-> tmp15:= MOVEFROMCREG_DSZ64(0x065) U345d: 10450483f23f tmp15:= SUB_DSZN(tmp15, IMM_MACRO_ALIAS_RIP) U345e: 20436e00023f WRITEURAM(tmp15, 0x006e, 64) U3460: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01b46800 ? SEQW GOTO U3468 U3461: 0008823b400a tmp4:= ZEROEXT_DSZ32(0x00004e82) U3462: 006315038200 tmp8:= READURAM(0x0015, 64) U3464: 006316039200 tmp9:= READURAM(0x0016, 64) U3465: 00634303c200 tmp12:= READURAM(0x0043, 64) U3466: 000d00800000 SAVEUIP_REGOVR(0x01, U3468, 0x0000) 01872d80 SEQW GOTO U072d U3468: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01b47100 ? SEQW GOTO U3471 U3469: 00631103c200 tmp12:= READURAM(0x0011, 64) U346a: 0008917f4008 tmp4:= ZEROEXT_DSZ32(0x00001f91) U346c: 0e6518078f08 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000018, mode=0x01) U346d: 0e6520079f08 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000020, mode=0x01) U346e: 00634c03c200 tmp12:= READURAM(0x004c, 64) U3470: 000d01800000 SYNCWTMRK-> SAVEUIP_REGOVR(0x01, U3471, 0x0001) 0e072d00 SEQW GOTO U072d U3471: 20430b000227 WRITEURAM(rdi, 0x000b, 64) U3472: 204309000226 WRITEURAM(rsi, 0x0009, 64) U3474: 20430a000221 WRITEURAM(rcx, 0x000a, 64) U3475: 000800000000 NOP U3476: 015d00000c00 UJMP(tmp0) ------------------------------------------------------------------------------------ U3478: 006348032200 tmp2:= READURAM(0x0048, 64) U3479: 004579032c90 tmp2:= SUB_DSZ64(0x00020101, tmp2) U347a: 01508d2002f2 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U688d) U347c: 125600300000LFNCEWAIT->MSSTOP-> unk_256(0x00000000) 023dfa2c SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U347d: 00474003ffc8 tmp15:= NOTAND_DSZ64(0x00000040, tmp15) U347e: 10422308027f MOVETOCREG_DSZ64(tmp15, 0x223, 32) U3480: 10428c080240 MOVETOCREG_DSZ64(0x00000000, 0x28c, 32) U3481: 0008440bf010 tmp15:= ZEROEXT_DSZ32(0xffffc000) U3482: 10429e08027f MOVETOCREG_DSZ64(tmp15, 0x29e, 32) U3484: 000807030008 tmp0:= ZEROEXT_DSZ32(0x00000007) U3485: 006353031200 tmp1:= READURAM(0x0053, 64) U3486: 086aa9400231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U00a9) U3488: 00631f03f200 LFNCEMARK-> tmp15:= READURAM(0x001f, 64) U3489: 00560903f23f tmp15:= BTR_DSZ64(tmp15, 0x00000009) U348a: 20431f00023f WRITEURAM(tmp15, 0x001f, 64) U348c: 0033000bf23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000200) U348d: 20420700023f MOVETOCREG_DSZ64(tmp15, 0x007) U348e: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U3490: 00043f03ffc8 tmp15:= AND_DSZ32(0x0000003f, tmp15) U3491: 00050203ffc8 LFNCEWAIT-> tmp15:= SUB_DSZ32(0x00000002, tmp15) U3492: 01310103b23f tmp11:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000001) U3494: 01519550027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3495) 0198d514 SEQW SAVEUIP1 U3495 SEQW GOTO U18d5 U3495: 0062931bf200 tmp15:= MOVEFROMCREG_DSZ64(0x693) U3496: 00040f03ffc8 tmp15:= AND_DSZ32(0x0000000f, tmp15) U3498: 0151be4c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U33be) U3499: 1062870ff240 tmp15:= MOVEFROMCREG_DSZ64(0x387, 32) U349a: 00041003ffc8 tmp15:= AND_DSZ32(0x00000010, tmp15) U349c: 0151be4c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U33be) U349d: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U349e: 386bc08c02b6 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U33c0) U34a0: 00620403f200 tmp15:= MOVEFROMCREG_DSZ64(0x004) U34a1: 386ac0cc027f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000007, U33c0) U34a2: 29620b800240 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000006, 0x00b) U34a4: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U34a5: 0004000b9d88 tmp9:= AND_DSZ32(0x00000200, tmp6) U34a6: 002407039239 tmp9:= SHL_DSZ32(tmp9, 0x00000007) 0198d096 SEQW SAVEUIP1 U34a8 SEQW GOTO U18d0 U34a8: 000d01800000 SAVEUIP_REGOVR(0x01, U34a9, 0x0001) 0182ba00 SEQW GOTO U02ba U34a9: 00151f031200 tmp1:= BTS_DSZ32(0x00000000, 0x0000001f) U34aa: 2d0f3c031008 PORTOUT_DSZ32_ASZ16_SC1(0x0000003c, tmp1) U34ac: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U34ad: 0008b0535009 tmp5:= ZEROEXT_DSZ32(0x000034b0) U34ae: 104a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79880 ? SEQW GOTO U4798 U34b0: 0042c518023b MOVETOCREG_DSZ64(tmp11, 0x6c5) U34b1: 00631f030200 tmp0:= READURAM(0x001f, 64) U34b2: 186a51f806f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000002f, U2e51) U34b4: 204265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U34b5: 006323031200 tmp1:= READURAM(0x0023, 64) U34b6: 005409031231 tmp1:= BT_DSZ64(tmp1, 0x00000009) U34b8: 0073000b1231 tmp1:= SELECTCC_DSZ64_CONDNB(tmp1, 0x00000200) U34b9: 30429f080271 MOVETOCREG_DSZ64(tmp1, UCODE_CR_PPPE_EVENT_STATUS, 32) U34ba: 0062e11ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7e1) U34bc: 286a7525023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5975) U34bd: 1062df0bf240 tmp15:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U34be: 386ac05002bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000009, U34c0) 01f59a80 SEQW GOTO U759a ------------------------------------------------------------------------------------ U34c0: 3962df48027f LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp15, 0x00000005, ROB1_CR_ICECTLPMR) U34c1: 00889957000b tmp0:= ZEROEXT_DSZ16(0x00007599) U34c2: 000800000000 NOP U34c4: 00a186030c08 LFNCEWAIT-> tmp0:= CONCAT_DSZ16(0x00000086, tmp0) 023a4100 SEQW GOTO enter_probe_mode ------------------------------------------------------------------------------------ U34c5: 00631f033200 tmp3:= READURAM(0x001f, 64) U34c6: 000707033cc8 tmp3:= NOTAND_DSZ32(0x00000007, tmp3) U34c8: 20431f080233 WRITEURAM(tmp3, 0x001f, 32) U34c9: 00420b000235 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp5, 0x00b) U34ca: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 06b4d180 ? SEQW GOTO U34d1 U34cc: 004346000231 WRITEURAM(tmp1, 0x0046, 64) U34cd: 096272400340 MOVETOCREG_BTS_DSZ64(0x00000015, 0x072) U34ce: 002100036f39 tmp6:= CONCAT_DSZ32(tmp9, tmp12) U34d0: 004309000236 WRITEURAM(tmp6, 0x0009, 64) U34d1: 00421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U34d2: 0902050002c0 MOVETOCREG_OR_DSZ64(0x0000000c, 0x005) U34d4: 002402032232 tmp2:= SHL_DSZ32(tmp2, 0x00000002) U34d5: 00089d036010 tmp6:= ZEROEXT_DSZ32(0x00050300) U34d6: 0f20003b0032 LFNCEWAIT-> tmp0:= LDPPHYS_DSZ32_ASZ32_SC1(tmp2, mode=0x0e) U34d8: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01b4de00 ? SEQW GOTO U34de U34d9: 00621d032200 tmp2:= MOVEFROMCREG_DSZ64(0x01d) U34da: 000408032c88 tmp2:= AND_DSZ32(0x00000008, tmp2) U34dc: 002405032232 tmp2:= SHL_DSZ32(tmp2, 0x00000005) U34dd: 004270000232 MOVETOCREG_DSZ64(tmp2, 0x070) U34de: 0c4bc027b000 tmp11:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U34e0: 10400003bd3b tmp11:= ADD_DSZN(tmp11, tmp4) U34e1: 206200033200 tmp3:= MOVEFROMCREG_DSZ64(0x000) U34e2: 001418033233 tmp3:= BT_DSZ32(tmp3, 0x00000018) U34e4: 00634a032200 tmp2:= READURAM(0x004a, 64) U34e5: 017e00032cf2 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp3) U34e6: 00760003bef2 tmp11:= CMOVCC_DSZ64_CONDB(tmp2, tmp11) U34e8: 00421a1c023b MOVETOCREG_DSZ64(tmp11, 0x71a) U34e9: 002510032230 tmp2:= SHR_DSZ32(tmp0, 0x00000010) U34ea: 008800033030 tmp3:= ZEROEXT_DSZ16(tmp0) U34ec: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U34ed: 00652f037230 tmp7:= SHR_DSZ64(tmp0, 0x0000002f) U34ee: 002408030230 tmp0:= SHL_DSZ32(tmp0, 0x00000008) U34f0: 000400030c37 tmp0:= AND_DSZ32(tmp7, tmp0) U34f1: 000408030c08 tmp0:= AND_DSZ32(0x00000008, tmp0) U34f2: 000700036db0 tmp6:= NOTAND_DSZ32(tmp0, tmp6) U34f4: 000700030eb6 tmp0:= NOTAND_DSZ32(tmp6, tmp10) U34f5: 213f00000030 unk_13f(tmp0) U34f6: 0042fe1c0230 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, CORE_CR_EFLAGS) U34f8: 0e7b09240c80 LFNCEMARK-> unk_e7b(tmp2) U34f9: 000000000000 NOP 042d3055 SEQW SAVEUIP1 U34fa SEQW GOTO U2d30 U34fa: 0fe300240033 unk_fe3(tmp3) U34fc: 0c4b800b0000 tmp0:= RDSEGFLD(CS, SEL) U34fd: 0cb8fe2b9024 STAD_DSZ16_ASZ32_SC1(SS, rsp, 0xfffffffffffffffe, mode=0x0a, tmp9) U34fe: 0cb8fc2b0024 STAD_DSZ16_ASZ32_SC1(SS, rsp, 0xfffffffffffffffc, mode=0x0a, tmp0) U3500: 0cb8fa2b4024 STAD_DSZ16_ASZ32_SC1(SS, rsp, 0xfffffffffffffffa, mode=0x0a, tmp4) U3501: 10c0fa7e491f rsp:= ADD_DSZN(0xfffffffffffffffa, rsp) U3502: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01b50680 ? SEQW GOTO U3506 U3504: 00631103c200 tmp12:= READURAM(0x0011, 64) U3505: 0e6da8040f0c STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000004a8, mode=0x01, 0x00000000) U3506: 006370030200 tmp0:= READURAM(0x0070, 64) U3508: 00562e030230 tmp0:= BTR_DSZ64(tmp0, 0x0000002e) U3509: 204370040230 WRITEURAM(tmp0, 0x0170, 64) U350a: 29a208000630 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x008) U350c: 021500000cc0 LFNCEWTMRK-> FETCHFROMEIP1_ASZ32(tmp3) U350d: 000800000000 NOP U350e: 000800000000 NOP U3510: 090205c00200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U3511: 014300300ec0 AETTRACE(0x0c, tmp11) U3512: 0c4b20270000 tmp0:= RDSEGFLD(UNK_SEG_09, BASE) U3514: 0c6b22000030 LFNCEWAIT-> WRSEGFLD(tmp0, CS, BASE) U3515: 0c4ba0270000 tmp0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U3516: 0c6ba2000030 WRSEGFLD(tmp0, CS, SEL+FLGS+LIM) 023df880 SEQW GOTO U3df8 ------------------------------------------------------------------------------------ U3518: 0008f5078010 tmp8:= ZEROEXT_DSZ32(0x80000301) U3519: 00081c575009 tmp5:= ZEROEXT_DSZ32(0x0000351c) U351a: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79980 ? SEQW GOTO U4799 U351c: 000c94ebe288 tmp14:= SAVEUIP(0x01, U5a94) 049dda00 SEQW GOTO U1dda ------------------------------------------------------------------------------------ U351d: 06980003f800 LFNCEMARK-> tmm7:= unk_698(xmm0) U351e: 00621b030200 tmp0:= MOVEFROMCREG_DSZ64(0x01b) U3520: 006516036230 tmp6:= SHR_DSZ64(tmp0, 0x00000016) U3521: 00251203b234 tmp11:= SHR_DSZ32(tmp4, 0x00000012) U3522: 20428f100200 MOVETOCREG_DSZ64(0x00000000, 0x48f) U3524: 000400436d88 tmp6:= AND_DSZ32(0x00001000, tmp6) U3525: 000400037d49 tmp7:= AND_DSZ32(0x00002000, tmp5) U3526: 00040703cec8 tmp12:= AND_DSZ32(0x00000007, tmp11) U3528: 00050303cf08 tmp12:= SUB_DSZ32(0x00000003, tmp12) U3529: 013e0d03cf08 tmp12:= MOVEMERGEFLGS_DSZ32(0x0000000d, tmp12) U352a: 03350803c23c tmp12:= CMOVCC_DSZ32_CONDNL(tmp12, 0x00000008) U352c: 00640b03c23c tmp12:= SHL_DSZ64(tmp12, 0x0000000b) U352d: 00010003bef6 tmp11:= OR_DSZ32(tmp6, tmp11) U352e: 000805038008 tmp8:= ZEROEXT_DSZ32(0x00000005) U3530: 00010003bef7 tmp11:= OR_DSZ32(tmp7, tmp11) U3531: 07040003d038 LFNCEWAIT-> tmm5:= unk_704(tmm0) U3532: 07040003a03b tmm2:= unk_704(tmm3) U3534: 06940003debd tmm5:= unk_694(tmm5, tmm2) U3535: 00628013f200 tmp15:= MOVEFROMCREG_DSZ64(0x480) U3536: 072c0003303d tmp3:= PINTMOVDTMM2I_DSZ32(tmm5) U3538: 004800039000 tmp9:= ZEROEXT_DSZ64(0x00000000) U3539: 000403036cc8 tmp6:= AND_DSZ32(0x00000003, tmp3) U353a: 006423036236 tmp6:= SHL_DSZ64(tmp6, 0x00000023) U353c: 001407037233 tmp7:= BT_DSZ32(tmp3, 0x00000007) U353d: 000700035d49 tmp5:= NOTAND_DSZ32(0x00002000, tmp5) U353e: 017e00030df0 tmp0:= MOVEMERGEFLGS_DSZ64(tmp0, tmp7) U3540: 003700037d70 tmp7:= CMOVCC_DSZ32_CONDNB(tmp0, tmp5) U3541: 004700637dcb tmp7:= NOTAND_DSZ64(0x00007800, tmp7) U3542: 004100037f37 tmp7:= OR_DSZ64(tmp7, tmp12) U3544: 0902521c0db7 MOVETOCREG_OR_DSZ64(tmp7, tmp6, 0x752) U3545: 0822c51802f3 MOVETOCREG_AND_DSZ64(tmp3, 0x0000000c, 0x6c5) U3546: 06200d03d03a tmm5:= unk_620(tmm2) U3548: 072c0003503d tmp5:= PINTMOVDTMM2I_DSZ32(tmm5) U3549: 01420a000d40 SYNCMARK-> UFLOWCTRL(URET0, tmp5) U354a: 00042003bd08 tmp11:= AND_DSZ32(0x00000020, tmp4) U354c: 0062fe1f6200 tmp6:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U354d: 000407037d08 tmp7:= AND_DSZ32(0x00000007, tmp4) U354e: 00043f034d08 tmp4:= AND_DSZ32(0x0000003f, tmp4) U3550: 00073f03afc8 tmp10:= NOTAND_DSZ32(0x0000003f, tmp15) U3551: 0a62fe1c0336 MOVETOCREG_BTR_DSZ64(tmp6, 0x00000010, CORE_CR_EFLAGS) U3552: 00010003aeb7 SYNCWAIT-> tmp10:= OR_DSZ32(tmp7, tmp10) 0b0000ca SEQW URET0 ------------------------------------------------------------------------------------ U3554: 000000000000 NOP U3555: 204300000230 WRITEURAM(tmp0, 0x0000, 64) U3556: 038000030030 tmp0:= READAFLAGS(tmp0) U3558: 00a111030c08 tmp0:= CONCAT_DSZ16(0x00000011, tmp0) 0352cd00 SEQW GOTO U52cd ------------------------------------------------------------------------------------ U3559: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U355a: 006357039200 LFNCEWAIT-> tmp9:= READURAM(0x0057, 64) U355c: 1e65d8035e48 tmp5:= LDPPHYSTICKLE_DSZN_ASZ64_SC1(tmp9, 0x000000d8) U355d: 0e65b8036e4a LFNCEMARK-> tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002b8) U355e: 1062df0b4240 tmp4:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U3560: 125500000d40 SYNCMARK-> FETCHFROMEIP1_ASZ64(tmp5) U3561: 00631003f200 tmp15:= READURAM(0x0010, 64) U3562: 004700036dbf tmp6:= NOTAND_DSZ64(tmp15, tmp6) U3564: 004267000235 MOVETOCREG_DSZ64(tmp5, CORE_CR_CUR_RIP) U3565: 114300340d40 AETTRACE(0x0d, tmp5) U3566: 100a40837200 tmp7:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01b57a80 ? SEQW GOTO U357a U3568: 00634c031200 tmp1:= READURAM(0x004c, 64) U3569: 00047b072c50 tmp2:= AND_DSZ32(0x08000000, tmp1) U356a: 013008037232 tmp7:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000008) U356c: 01300007f232 tmp15:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000100) U356d: 00427000023f MOVETOCREG_DSZ64(tmp15, 0x070) U356e: 000400072c50 tmp2:= AND_DSZ32(0x00400000, tmp1) U3570: 013004032232 tmp2:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000004) U3571: 000100037df2 tmp7:= OR_DSZ32(tmp2, tmp7) U3572: 000404032c48 tmp2:= AND_DSZ32(0x00000004, tmp1) U3574: 013002032232 tmp2:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00000002) U3575: 000100037df2 tmp7:= OR_DSZ32(tmp2, tmp7) U3576: 005437032231 tmp2:= BT_DSZ64(tmp1, 0x00000037) U3578: 003301032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000001) U3579: 000100037df2 tmp7:= OR_DSZ32(tmp2, tmp7) U357a: 004343000200 WRITEURAM(0x00000000, 0x0043, 64) U357c: 004356000239 WRITEURAM(tmp9, 0x0056, 64) U357d: 1902f2480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x2f2) U357e: 19029e080240 MOVETOCREG_OR_DSZ64(0x00000004, 0x29e) U3580: 004357000236 WRITEURAM(tmp6, 0x0057, 64) U3581: 006370032200 tmp2:= READURAM(0x0070, 64) U3582: 00040003fc0a tmp15:= AND_DSZ32(0x00004000, tmp0) U3584: 0130000bf23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000200) U3585: 000426031c10 tmp1:= AND_DSZ32(0x00008000, tmp0) U3586: 013000131231 tmp1:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000400) U3588: 000104432c88 tmp2:= OR_DSZ32(0x00001004, tmp2) U3589: 00010003fff1 tmp15:= OR_DSZ32(tmp1, tmp15) U358a: 1902c40b2ff2 tmp2:= MOVETOCREG_OR_DSZ64(tmp2, tmp15, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U358c: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 0ab59400 ? SEQW GOTO U3594 U358d: 006311031200 SYNCWAIT-> tmp1:= READURAM(0x0011, 64) U358e: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U3590: 0e6da8040c4c LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x000004a8, mode=0x01, 0x00000000) U3591: 000800000000 NOP U3592: 000800000000 NOP U3594: 00421d000237 SYNCMARK-> MOVETOCREG_DSZ64(tmp7, 0x01d) U3595: 004370080232 WRITEURAM(tmp2, 0x0070, 32) U3596: 00631f032200 tmp2:= READURAM(0x001f, 64) U3598: 00049a031c10 tmp1:= AND_DSZ32(0x00040000, tmp0) U3599: 013000071231 tmp1:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000100) U359a: 000400072c88 tmp2:= AND_DSZ32(0x00000100, tmp2) U359c: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U359d: 00431f000232 WRITEURAM(tmp2, 0x001f, 64) U359e: 0021ef072010 tmp2:= CONCAT_DSZ32(0x7ffffc00) U35a0: 000d21bc0000 SAVEUIP_REGOVR(0x01, U35a1, 0x0f21) 0188a400 SEQW GOTO U08a4 U35a1: 000800000000 NOP U35a2: 000800000000 NOP U35a4: 286a26a007b4 SYNCWAIT-> BTUJB_DIRECT_NOTTAKEN(tmp4, 0x0000003a, U1826) 0a008e00 SEQW GOTO U008e ------------------------------------------------------------------------------------ exit_probe_mode: U35a5: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) U35a6: 001510030230 tmp0:= BTS_DSZ32(tmp0, 0x00000010) U35a8: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U35a9: 1062cd0b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2cd, 32) U35aa: 1a62cd880332 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp2, 0x00000012, 0x2cd) 0957f496 SEQW SAVEUIP1 U35ac SEQW GOTO U57f4 U35ac: 00421c000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U35ad: 0042e11c0200 MOVETOCREG_DSZ64(0x00000000, 0x7e1) U35ae: 0062c31b3200 tmp3:= MOVEFROMCREG_DSZ64(0x6c3) U35b0: 0962c3180273 MOVETOCREG_BTS_DSZ64(tmp3, 0x00000004, 0x6c3) U35b1: 00151b033200 tmp3:= BTS_DSZ32(0x00000000, 0x0000001b) U35b2: 2d0fb4033008 PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, tmp3) U35b4: 004247000010 MOVETOCREG_DSZ64(0x00000000, 0x000) U35b5: 000000000000 SYNCFULL-> NOP U35b6: 100a20000200 TESTUSTATE(SYS, UST_SMM) 08b5c680 ? SEQW GOTO U35c6 U35b8: 100a40000200 TESTUSTATE(SYS, UST_VMX_DUAL_MON) 019dcd00 ? SEQW GOTO U1dcd U35b9: 00635c033200 tmp3:= READURAM(0x005c, 64) U35ba: 00251b032233 tmp2:= SHR_DSZ32(tmp3, 0x0000001b) U35bc: 0822c6df2232 LFNCEMARK-> tmp2:= MOVETOCREG_AND_DSZ64(tmp2, 0x00000003, 0x7c6) U35bd: 3929c1940232 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000002, U35c1) U35be: 006311032200 tmp2:= READURAM(0x0011, 64) U35c0: 0e65c8072c8c tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000004c8, mode=0x01) U35c1: 000414033cc8 tmp3:= AND_DSZ32(0x00000014, tmp3) U35c2: 0151c6540273 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U35c6) U35c4: 000cca740280 SAVEUIP(0x00, U5dca) U35c5: 000d12800000 SAVEUIP_REGOVR(0x01, U35c6, 0x0012) 01d95540 SEQW GOTO U5955 U35c6: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U35c8: 006326037200 tmp7:= READURAM(0x0026, 64) U35c9: 09a21d0002b7 MOVETOCREG_SHR_DSZ64(tmp7, 0x00000008, 0x01d) U35ca: 00621e171200 tmp1:= MOVEFROMCREG_DSZ64(0x51e) U35cc: 00250f030237 tmp0:= SHR_DSZ32(tmp7, 0x0000000f) U35cd: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U35ce: 09021e140c31 MOVETOCREG_OR_DSZ64(tmp1, tmp0, 0x51e) U35d0: 0062c31b1200 LFNCEWAIT-> tmp1:= MOVEFROMCREG_DSZ64(0x6c3) U35d1: 000408031c50 tmp1:= AND_DSZ32(0x00000024, tmp1) U35d2: 002510030237 tmp0:= SHR_DSZ32(tmp7, 0x00000010) U35d4: 000708030c10 tmp0:= NOTAND_DSZ32(0x00000024, tmp0) U35d5: 0902c3180c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x6c3) U35d6: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) U35d8: 1042f2080271 MOVETOCREG_DSZ64(tmp1, 0x2f2, 32) U35d9: 0042c5180237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x6c5) U35da: 00636d030200 tmp0:= READURAM(0x006d, 64) U35dc: 0042f11c0230 MOVETOCREG_DSZ64(tmp0, 0x7f1) U35dd: 00636f030200 tmp0:= READURAM(0x006f, 64) U35de: 10420f080270 MOVETOCREG_DSZ64(tmp0, 0x20f, 32) U35e0: 006368020200 rax:= READURAM(0x0068, 64) U35e1: 006363022200 rdx:= READURAM(0x0063, 64) U35e2: 1062c00a1240 rcx:= MOVEFROMCREG_DSZ64(0x2c0, 32) U35e4: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U35e5: 0044017f0c9f tmp0:= AND_DSZ64(0xffffffffffffff01, tmp2) U35e6: 1042df080270 MOVETOCREG_DSZ64(tmp0, ROB1_CR_ICECTLPMR, 32) U35e8: 006338030200 tmp0:= READURAM(0x0038, 64) U35e9: 1042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U35ea: 19a2da0803b0 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000018, 0x2da) U35ec: 09a208000630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x008) U35ed: 004370000230 WRITEURAM(tmp0, 0x0070, 64) U35ee: 00636d031200 tmp1:= READURAM(0x006d, 64) U35f0: 09a265000631 MOVETOCREG_SHR_DSZ64(tmp1, 0x00000020, 0x065) U35f1: 0902b5000280 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000008, 0x0b5) U35f2: 000d108b62c0 tmp6:= SAVEUIP_REGOVR(0x01, U35f4, 0x6210) 04de0680 SEQW GOTO U5e06 U35f4: 006367031200 tmp1:= READURAM(0x0067, 64) U35f5: 006350030200 tmp0:= READURAM(0x0050, 64) U35f6: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) U35f8: 000583030c08 tmp0:= SUB_DSZ32(0x00000083, tmp0) U35f9: 0150fc540270 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U35fc) U35fa: 014300380c40 AETTRACE(0x0e, tmp1) U35fc: 20421a000231 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x01a) U35fd: 00632a030200 tmp0:= READURAM(0x002a, 64) U35fe: 204270000230 MOVETOCREG_DSZ64(tmp0, 0x070) U3600: 29a21c000630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x01c) U3601: 000000000000 NOP 01943255 SEQW SAVEUIP1 U3602 SEQW GOTO U1432 U3602: 006350032200 tmp2:= READURAM(0x0050, 64) U3604: 204307080232 WRITEURAM(tmp2, 0x0007, 32) U3605: 006326036200 tmp6:= READURAM(0x0026, 64) U3606: 006520036236 tmp6:= SHR_DSZ64(tmp6, 0x00000020) U3608: 001417032232 tmp2:= BT_DSZ32(tmp2, 0x00000017) U3609: 005200000cb2 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, tmp2) U360a: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U360c: 204307080200 LFNCEMARK-> WRITEURAM(0x00000000, 0x0007, 32) U360d: 000800000000 NOP U360e: 000800000000 NOP U3610: 125400000c00LFNCEWAIT->MSLOOP-> FETCHFROMEIP0_ASZ64(tmp0) 023dfa24 SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U3611: 10621d0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x21d, 32) U3612: 00140803f23f tmp15:= BT_DSZ32(tmp15, 0x00000008) U3614: 0033006ff27f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00003b00) U3615: 000a20800200 TESTUSTATE(UCODE, !0x0020) 01b6b640 ? SEQW GOTO U36b6 U3616: 10620f0b2240 tmp2:= MOVEFROMCREG_DSZ64(0x20f, 32) U3618: 004309000232 LFNCEMARK-> WRITEURAM(tmp2, 0x0009, 64) U3619: 00000003cfc8 tmp12:= ADD_DSZ32(0x00000000, tmp15) U361a: 006211132200 tmp2:= MOVEFROMCREG_DSZ64(0x411) U361c: 006264033200 tmp3:= MOVEFROMCREG_DSZ64(0x064) U361d: 006206074200 tmp4:= MOVEFROMCREG_DSZ64(0x106) U361e: 006288135200 tmp5:= MOVEFROMCREG_DSZ64(0x488) U3620: 00624d1f6200 tmp6:= MOVEFROMCREG_DSZ64(0x74d) U3621: 00623c1b7200 tmp7:= MOVEFROMCREG_DSZ64(0x63c) U3622: 0062801b8200 tmp8:= MOVEFROMCREG_DSZ64(0x680) U3624: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) 01e12e10 SEQW SAVEUIP0 U3625 SEQW GOTO U612e U3625: 0062091b2200 tmp2:= MOVEFROMCREG_DSZ64(0x609) U3626: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U3628: 00620a1b4200 tmp4:= MOVEFROMCREG_DSZ64(0x60a) U3629: 0e7d2003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp4) U362a: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U362c: 0062931b4200 tmp4:= MOVEFROMCREG_DSZ64(0x693) U362d: 0062081b5200 tmp5:= MOVEFROMCREG_DSZ64(0x608) U362e: 0062101b6200 tmp6:= MOVEFROMCREG_DSZ64(0x610) U3630: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) U3631: 006203138200 tmp8:= MOVEFROMCREG_DSZ64(0x403) U3632: 0062031f9200 tmp9:= MOVEFROMCREG_DSZ64(0x703) 01e13292 SEQW SAVEUIP0 U3634 SEQW GOTO U6132 U3634: 000711031c48 tmp1:= NOTAND_DSZ32(0x00000011, tmp1) U3635: 006288032200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(0x088) U3636: 002100032c72 tmp2:= CONCAT_DSZ32(tmp2, tmp1) U3638: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U3639: 00626a036200 tmp6:= MOVEFROMCREG_DSZ64(0x06a) U363a: 0e7d2003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp6) U363c: 0e7d4000003c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040, 0x00000000) U363d: 000e27600200 WRMSLOOPCTRFBR(0x00001827) U363e: 00008007cfc8 tmp12:= ADD_DSZ32(0x00000180, tmp15) U3640: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U3641: 006200034e00 tmp4:= MOVEFROMCREG_DSZ64(tmp8) U3642: 0e7d0003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp4) U3644: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U3645: 006200036e40 tmp6:= MOVEFROMCREG_DSZ64(tmp9) U3646: 0e7d2003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp6) U3648: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U3649: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b64040 ? SEQW GOTO U3640 U364a: 000e15000200 WRMSLOOPCTRFBR(0x00000015) U364c: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U364d: 006200034e00 tmp4:= MOVEFROMCREG_DSZ64(tmp8) U364e: 002510039238 tmp9:= SHR_DSZ32(tmp8, 0x00000010) U3650: 006200036e40 tmp6:= MOVEFROMCREG_DSZ64(tmp9) U3651: 002100036d36 tmp6:= CONCAT_DSZ32(tmp6, tmp4) U3652: 0e7d0003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp6) U3654: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U3655: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b64c40 ? SEQW GOTO U364c U3656: 0062f01f3200 tmp3:= MOVEFROMCREG_DSZ64(0x7f0) U3658: 006267034200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U3659: 00080003503a tmp5:= ZEROEXT_DSZ32(tmp10) 019f8851 SEQW SAVEUIP0 U365a SEQW GOTO U1f88 U365a: 0000c03bcfc8 tmp12:= ADD_DSZ32(0x00000ec0, tmp15) U365c: 000e8f000200 LFNCEWAIT-> WRMSLOOPCTRFBR(0x0000008f) U365d: 000800000000 NOP U365e: 000800000000 NOP U3660: 006308834200 tmp4:= READURAM(0x0008, 64) U3661: 0e7d0003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp4) U3662: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U3664: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b66000 ? SEQW GOTO U3660 U3665: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U3666: 0000c003cfc9 tmp12:= ADD_DSZ32(0x000020c0, tmp15) U3668: 0eae0000803c SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp12, mm0) U3669: 0eee2000803c SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp12, 0x00000020, mm0) U366a: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U366c: 04b41183e200 tmm6:= FMOV(0x00000011) U366d: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b66840 ? SEQW GOTO U3668 U366e: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U3670: 0eae0000303c SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp12, xmm7) U3671: 0eee2000303c SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp12, 0x00000020, xmm7) U3672: 0e7d4000303c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000040, rdi) U3674: 00006003cf08 tmp12:= ADD_DSZ32(0x00000060, tmp12) U3675: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b67040 ? SEQW GOTO U3670 U3676: 0c4b202b3000 tmp3:= RDSEGFLD(SS_USERM, BASE) U3678: 0c4ba02b4000 tmp4:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U3679: 0c4b20275000 tmp5:= RDSEGFLD(UNK_SEG_09, BASE) U367a: 0c4ba0276000 tmp6:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) 018bd992 SEQW SAVEUIP0 U367c SEQW GOTO U0bd9 U367c: 0c4b201f3000 tmp3:= RDSEGFLD(LDT, BASE) U367d: 0c4ba01f4000 tmp4:= RDSEGFLD(LDT, SEL+FLGS+LIM) U367e: 0c4b201b5000 tmp5:= RDSEGFLD(GDT, BASE) U3680: 0c4ba01b6000 tmp6:= RDSEGFLD(GDT, SEL+FLGS+LIM) 018bd910 SEQW SAVEUIP0 U3681 SEQW GOTO U0bd9 U3681: 0c4b203f3000 tmp3:= RDSEGFLD(TSS, BASE) U3682: 0c4ba03f4000 tmp4:= RDSEGFLD(TSS, SEL+FLGS+LIM) U3684: 0c4b203b5000 tmp5:= RDSEGFLD(IDT, BASE) U3685: 0c4ba03b6000 tmp6:= RDSEGFLD(IDT, SEL+FLGS+LIM) 018bd951 SEQW SAVEUIP0 U3686 SEQW GOTO U0bd9 U3686: 0c4b20373000 tmp3:= RDSEGFLD(GS, BASE) U3688: 0c4ba0374000 tmp4:= RDSEGFLD(GS, SEL+FLGS+LIM) U3689: 0c4b20335000 tmp5:= RDSEGFLD(FS, BASE) U368a: 0c4ba0336000 tmp6:= RDSEGFLD(FS, SEL+FLGS+LIM) 018bd992 SEQW SAVEUIP0 U368c SEQW GOTO U0bd9 U368c: 0c4b202f3000 tmp3:= RDSEGFLD(DS, BASE) U368d: 0c4ba02f4000 tmp4:= RDSEGFLD(DS, SEL+FLGS+LIM) U368e: 0c4b20235000 tmp5:= RDSEGFLD(ES, BASE) U3690: 0c4ba0236000 tmp6:= RDSEGFLD(ES, SEL+FLGS+LIM) 018bd910 SEQW SAVEUIP0 U3691 SEQW GOTO U0bd9 U3691: 000e03000200 WRMSLOOPCTRFBR(0x00000003) U3692: 000800000000 NOP U3694: 014a00030003 tmp0:= unk_14a(rdi) U3695: 0e7d0003003c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp0) U3696: 014a00030013 tmp0:= unk_14a(tmp7) U3698: 0e7d2003003c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp0) U3699: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U369a: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b69480 ? SEQW GOTO U3694 U369c: 0c4b20434000 tmp4:= RDSEGFLD(UNK_SEG_10, BASE) U369d: 0c4b20475000 tmp5:= RDSEGFLD(UNK_SEG_11, BASE) 019f8a51 SEQW SAVEUIP0 U369e SEQW GOTO U1f8a U369e: 00008033cfc9 tmp12:= ADD_DSZ32(0x00002c80, tmp15) U36a0: 000e02000240 WRMSLOOPCTRFBR(0x00002002) 01d77910 SEQW SAVEUIP0 U36a1 SEQW GOTO U5779 U36a1: 000800000000 NOP U36a2: 000800000000 NOP U36a4: 000e07200200 WRMSLOOPCTRFBR(0x00000807) 01d76910 SEQW SAVEUIP0 U36a5 SEQW GOTO U5769 U36a5: 00635c032200 tmp2:= READURAM(0x005c, 64) U36a6: 000800000000 NOP U36a8: 386aa95803b2 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000019, U36a9) 0436b600 SEQW GOTO U36b6 ------------------------------------------------------------------------------------ U36a9: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U36aa: 000820032008 tmp2:= ZEROEXT_DSZ32(0x00000020) U36ac: 0000c04bcfc9 tmp12:= ADD_DSZ32(0x000032c0, tmp15) U36ad: 006200038c80 tmp8:= MOVEFROMCREG_DSZ64(tmp2) U36ae: 0e7d0003803c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp8) U36b0: 000001032c88 tmp2:= ADD_DSZ32(0x00000001, tmp2) U36b1: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U36b2: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b6ad80 ? SEQW GOTO U36ad U36b4: 006209038200 tmp8:= MOVEFROMCREG_DSZ64(0x009) U36b5: 0e7d0003803c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp8) U36b6: 000000000000 NOP 01f7dc80 SEQW GOTO U77dc ------------------------------------------------------------------------------------ U36b8: 00810203cf08 tmp12:= OR_DSZ16(0x00000002, tmp12) U36b9: 0052be580276 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U36be) U36ba: 006286134200 tmp4:= MOVEFROMCREG_DSZ64(0x486) U36bc: 008402035234 tmp5:= AND_DSZ16(tmp4, 0x00000002) U36bd: 015048640235 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp5, U1948) U36be: 06200303e03d tmm6:= unk_620(tmm5) U36c0: 072c0003803e tmp8:= PINTMOVDTMM2I_DSZ32(tmm6) U36c1: 00861e074e0a tmp4:= XOR_DSZ16(0x0000411e, tmp8) U36c2: 013e00038d38 tmp8:= MOVEMERGEFLGS_DSZ32(tmp8, tmp4) U36c4: 00940a031236 tmp1:= BT_DSZ16(tmp6, 0x0000000a) U36c5: 013e3b032c50 tmp2:= MOVEMERGEFLGS_DSZ32(0x0000ff81, tmp1) U36c6: 003637034432 tmp4:= CMOVCC_DSZ32_CONDB(tmp2, 0x0000fc01) U36c8: 00940c035236 tmp5:= BT_DSZ16(tmp6, 0x0000000c) U36c9: 013e2e031d50 tmp1:= MOVEMERGEFLGS_DSZ32(0x0000c001, tmp5) U36ca: 003600032d31 tmp2:= CMOVCC_DSZ32_CONDB(tmp1, tmp4) U36cc: 017e00033d74 tmp3:= MOVEMERGEFLGS_DSZ64(tmp4, tmp5) U36cd: 00362e034433 tmp4:= CMOVCC_DSZ32_CONDB(tmp3, 0x0000c001) U36ce: 001406035239 tmp5:= BT_DSZ32(tmp9, 0x00000006) U36d0: 017e00032d72 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp5) U36d1: 00372e031432 tmp1:= CMOVCC_DSZ32_CONDNB(tmp2, 0x0000c001) U36d2: 017e00034d74 tmp4:= MOVEMERGEFLGS_DSZ64(tmp4, tmp5) U36d4: 00372e032434 tmp2:= CMOVCC_DSZ32_CONDNB(tmp4, 0x0000c001) U36d5: 00628c13a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x48c) U36d6: 00c42003be88 tmp11:= AND_DSZ8(0x00000020, tmp10) U36d8: 00c100034f3b tmp4:= OR_DSZ8(tmp11, tmp12) U36d9: 0084ff034d08 tmp4:= AND_DSZ16(0x000000ff, tmp4) U36da: 00810003aeb4 tmp10:= OR_DSZ16(tmp4, tmp10) U36dc: 20428c10023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, 0x48c) U36dd: 062400038eba tmm0:= unk_624(tmm2, tmm2) U36de: 072c00033038 tmp3:= PINTMOVDTMM2I_DSZ32(tmm0) U36e0: 000420033cc8 tmp3:= AND_DSZ32(0x00000020, tmp3) U36e1: 01b401033233 tmp3:= CMOVCC_DSZ16_CONDZ(tmp3, 0x00000001) U36e2: 07c20003ceb1 tmm4:= unk_7c2(mm1, tmm2) U36e4: 069d0003cf00 tmm4:= unk_69d(tmm4) U36e5: 07430003aeb3 tmm2:= unk_743(mm3, tmm2) U36e6: 04830003af3a tmm2:= unk_483(tmm2, tmm4) U36e8: 062400039efb tmm1:= unk_624(tmm3, tmm3) U36e9: 072c00031039 tmp1:= PINTMOVDTMM2I_DSZ32(tmm1) U36ea: 000420031c48 tmp1:= AND_DSZ32(0x00000020, tmp1) U36ec: 01b401031231 tmp1:= CMOVCC_DSZ16_CONDZ(tmp1, 0x00000001) U36ed: 07c20003cef2 tmm4:= unk_7c2(mm2, tmm3) U36ee: 069d0003cf00 tmm4:= unk_69d(tmm4) U36f0: 07430003bef1 tmm3:= unk_743(mm1, tmm3) U36f1: 04830003bf3b tmm3:= unk_483(tmm3, tmm4) U36f2: 04b400038e80 tmm0:= FMOV(tmm2) U36f4: 04b400039ec0 tmm1:= FMOV(tmm3) U36f5: 000410032dc8 tmp2:= AND_DSZ32(0x00000010, tmp7) U36f6: 0151320c0232 LFNCEWAIT-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U0332) U36f8: 015100000e38 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, tmp8) U36f9: 000438033e48 tmp3:= AND_DSZ32(0x00000038, tmp9) U36fa: 000608033cc8 tmp3:= XOR_DSZ32(0x00000008, tmp3) U36fc: 0150446402b3 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U5944) U36fd: 186a75100279 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000004, U2475) U36fe: 260f0003cebb tmm4:= unk_60f(tmm3, tmm2) 08a47680 SEQW GOTO U2476 ------------------------------------------------------------------------------------ U3700: 000c2a380240 SAVEUIP(0x00, U2e2a) U3701: 000ae4800200 SYNCWAIT-> TESTUSTATE(UCODE, !0x00e4) 0adeb6cd ? SEQW URET1 U3702: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0adeb6cd ? SEQW GOTO U5eb6 U3704: 000126031e10 tmp1:= OR_DSZ32(0x00008000, tmp8) U3705: 022800031c40 tmp1:= MSR2CR(tmp1) U3706: 000a20800200 TESTUSTATE(UCODE, !0x0020) 01b709c0 ? SEQW GOTO U3709 U3708: 186a111c0c73 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp3, tmp1, generate_#GP) U3709: 000a40800200 TESTUSTATE(UCODE, !0x0040) 06371040 ? SEQW GOTO U3710 U370a: 0062e11f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7e1) U370c: 286abe300231 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000000, uret1) U370d: 000a80800200 TESTUSTATE(UCODE, !0x0080) 08271140 ? SEQW GOTO generate_#GP U370e: 000800000000 NOP U3710: 000a80800200 SYNCWAIT-> TESTUSTATE(UCODE, !0x0080) 0a0000cc ? SEQW URET1 U3711: 000701031e08 tmp1:= NOTAND_DSZ32(0x00000001, tmp8) U3712: 003200031c78 tmp1:= SELECTCC_DSZ32_CONDB(tmp8, tmp1) U3714: 0005000f1c48 tmp1:= SUB_DSZ32(0x00000300, tmp1) 01810100 SEQW GOTO U0101 ------------------------------------------------------------------------------------ U3715: 000000000000 NOP U3716: 000000000000 NOP U3718: 000a008b5200 SYNCWAIT-> tmp5:= TESTUSTATE(UCODE, !0x0200) 0a2e2a4c ? SEQW URET1 U3719: 000000000000 NOP 0a2e2a4c SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U371a: 000802155008 tmpv1:= ZEROEXT_DSZ32(0x00000502) U371c: 001510015215 tmpv1:= BTS_DSZ32(tmpv1, 0x00000010) 01995800 SEQW GOTO U1958 ------------------------------------------------------------------------------------ U371d: 000000000000 NOP U371e: 000000000000 NOP U3720: 00635c031200 tmp1:= READURAM(0x005c, 64) U3721: 086a757903f1 SYNCMARK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001d, U4e75) 0cb70040 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3722: 292872250278 CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000004, U5972) U3724: 2928822502b8 CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000008, U5982) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U3725: 000000000000 NOP U3726: 000000000000 NOP U3728: 00620213e200 tmp14:= MOVEFROMCREG_DSZ64(0x402) U3729: 0004b00fef88 tmp14:= AND_DSZ32(0x000003b0, tmp14) U372a: 00250403e23e tmp14:= SHR_DSZ32(tmp14, 0x00000004) U372c: 003d0003efbe tmp14:= MOVEINSERTFLGS_DSZ32(tmp14, tmp14) U372d: 1062df0ba240 tmp10:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U372e: 006521031233 tmp1:= SHR_DSZ64(tmp3, 0x00000021) 01c07480 SEQW GOTO U4074 ------------------------------------------------------------------------------------ U3730: 200a04800200 TESTUSTATE(VMX, !0x0004) 0b2efd0e ? SEQW GOTO U2efd U3731: 0062bb1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7bb) U3732: 186b119c02b1 SYNCWAIT-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 0b2efd0e SEQW URET1 ------------------------------------------------------------------------------------ U3734: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) 01df1600 SEQW GOTO U5f16 ------------------------------------------------------------------------------------ U3735: 000000000000 NOP U3736: 000000000000 NOP U3738: 200a04000200 TESTUSTATE(VMX, 0x0004) 04b73100 ? SEQW GOTO U3731 U3739: 006213171200 LFNCEMARK-> tmp1:= MOVEFROMCREG_DSZ64(0x513) U373a: 0008ff032008 tmp2:= ZEROEXT_DSZ32(0x000000ff) U373c: 0021004327f2 tmp2:= CONCAT_DSZ32(tmp2, 0xfffffffffffff000) U373d: 004400031c72 tmp1:= AND_DSZ64(tmp2, tmp1) U373e: 000500232e08 tmp2:= SUB_DSZ32(0x00000800, tmp8) 01da0680 SEQW GOTO U5a06 ------------------------------------------------------------------------------------ U3740: 006200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) 05370000 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3741: 0062fe1f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3742: 2962fe1c0335 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp5, 0x00000010, CORE_CR_EFLAGS) U3744: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 02334db0 SEQW UEND0 ------------------------------------------------------------------------------------ U3745: 004100030022 tmp0:= OR_DSZ64(rdx) U3746: 000d00800000 SAVEUIP_REGOVR(0x01, U3748, 0x0000) 02334db0 SEQW GOTO U334d U3748: 106200035e80 tmp5:= MOVEFROMCREG_DSZ64(tmp10) 05370000 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3749: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U374a: 00428c100230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x48c) U374c: 053f00008008 LFNCEWAIT-> mm0:= unk_53f(0x00000000) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U374d: 000000000000 NOP U374e: 000000000000 NOP U3750: 3d0b00035c88 SYNCWAIT-> tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) 0a370000 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3751: 000000000000 NOP U3752: 008401033232 tmp3:= AND_DSZ16(tmp2, 0x00000001) U3754: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01923500 SEQW GOTO U1235 ------------------------------------------------------------------------------------ U3755: 000000000000 NOP U3756: 000000000000 NOP U3758: 2f7500035c80 tmp5:= unk_f75(tmp2) 05370000 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3759: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U375a: 00428c100230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x48c) U375c: 06a017078000 tmp8:= unk_6a0(0x00000000) U375d: 053f00008e08 LFNCEWAIT-> mm0:= unk_53f(0x00000000, tmm0) 0297ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U375e: 000000000000 NOP U3760: 100a20800200 SYNCWAIT-> TESTUSTATE(SYS, !UST_SMM) 0a1cbe4c ? SEQW URET1 U3761: 00080002303c rbx:= ZEROEXT_DSZ32(tmp12) 0a1cbe4c SEQW GOTO uret1 ------------------------------------------------------------------------------------ U3762: 2d0ba0022008 rdx:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U3764: 00080002303e rbx:= ZEROEXT_DSZ32(tmp14) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U3765: 000000000000 NOP U3766: 000000000000 NOP U3768: 100a20800200 SYNCWAIT-> TESTUSTATE(SYS, !UST_SMM) 0a1cbe4c ? SEQW URET1 U3769: 3d0b78023008 rbx:= PORTIN_DSZ32_ASZ16_SC1(0x00000078) 0a1cbe4c SEQW GOTO uret1 ------------------------------------------------------------------------------------ U376a: 096205800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x005) U376c: 0eff00000000 unk_eff(0x00000000) 01a3f900 SEQW GOTO U23f9 ------------------------------------------------------------------------------------ U376d: 000000000000 NOP U376e: 000000000000 NOP U3770: 006300035e80 tmp5:= READURAM(tmp10) 09370000 SEQW GOTO U3700 ------------------------------------------------------------------------------------ U3771: 000000000000 NOP U3772: 006229156200 SYNCFULL-> tmpv2:= MOVEFROMCREG_DSZ64(0x529) U3774: 000cc6e40240 SAVEUIP(0x01, U39c6) 01dfa800 SEQW GOTO U5fa8 ------------------------------------------------------------------------------------ U3775: 000000000000 NOP U3776: 000000000000 NOP U3778: 3d0b00035c88 SYNCWAIT-> tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) 0a372000 SEQW GOTO U3720 ------------------------------------------------------------------------------------ U3779: 000000000000 NOP U377a: 06a04403c000 tmp12:= unk_6a0(0x00000000) U377c: 049500038f38 tmm0:= unk_495(tmm0, tmm4) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U377d: 000000000000 NOP U377e: 000000000000 NOP U3780: 000cd20002c0 SAVEUIP(0x00, U60d2) U3781: 000a0c000200 TESTUSTATE(UCODE, 0x000c) 0b370140 ? SEQW GOTO U3701 U3782: 10080003c03c SYNCWAIT-> tmp12:= ZEROEXT_DSZ32N(tmp12) U3784: 100a00000280 TESTUSTATE(SYS, 0x4000) 01b78600 ? SEQW GOTO U3786 U3785: 3d0b7803c008 tmp12:= PORTIN_DSZ32_ASZ16_SC1(0x00000078) U3786: 004700031d7c tmp1:= NOTAND_DSZ64(tmp12, tmp5) U3788: 015109000231 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U0009) 06370100 SEQW GOTO U3701 ------------------------------------------------------------------------------------ U3789: 000000000000 NOP U378a: 000000000000 NOP U378c: 000000000000 NOP 01a0a800 SEQW GOTO U20a8 ------------------------------------------------------------------------------------ U378d: 000000000000 NOP U378e: 000000000000 NOP U3790: 100a00800300 TESTUSTATE(SYS, !0x8000) 01b78000 ? SEQW GOTO U3780 U3791: 0dff02000000 unk_dff(0x00000000) U3792: 09023a180280 MOVETOCREG_OR_DSZ64(0x00000008, 0x63a) U3794: 09023ed80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x63e) U3795: 00635c031200 tmp1:= READURAM(0x005c, 64) U3796: 00552b031231 tmp1:= BTS_DSZ64(tmp1, 0x0000002b) 01833d80 SEQW GOTO U033d ------------------------------------------------------------------------------------ U3798: 000586071e08 tmp1:= SUB_DSZ32(0x00000186, tmp8) U3799: 000503031c48 tmp1:= SUB_DSZ32(0x00000003, tmp1) U379a: 015205140271 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp1, U2505) 07250680 SEQW GOTO U2506 ------------------------------------------------------------------------------------ U379c: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) 01de9800 SEQW GOTO U5e98 ------------------------------------------------------------------------------------ U379d: 000000000000 NOP U379e: 000000000000 NOP U37a0: 00635c031200 tmp1:= READURAM(0x005c, 64) U37a1: 086a75f903f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001f, U4e75) 06b78040 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37a2: 0902050002c0 MOVETOCREG_OR_DSZ64(0x0000000c, 0x005) U37a4: 000c11d80240 SAVEUIP(0x01, U3611) 018a9500 SEQW GOTO U0a95 ------------------------------------------------------------------------------------ U37a5: 000000000000 NOP U37a6: 000000000000 NOP U37a8: 025c00000d75 LFNCEMARK-> unk_25c(tmp5, tmp5) 04378000 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37a9: 000000000000 NOP U37aa: 00630e030200 tmp0:= READURAM(0x000e, 64) U37ac: 0008ea6fe009 tmp14:= ZEROEXT_DSZ32(0x00003bea) 01843400 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U37ad: 000000000000 NOP U37ae: 000000000000 NOP U37b0: 0062bb1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7bb) U37b1: 186b119c02b1 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 06b78040 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37b2: 05ba0103ffff tmm7:= unk_5ba(tmm7, tmm7) U37b4: 05ba0103cf3c tmm4:= unk_5ba(tmm4, tmm4) 01b9a600 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U37b5: 000000000000 NOP U37b6: 000000000000 NOP U37b8: 000c805f2240 tmp2:= SAVEUIP(0x00, U3780) U37b9: 006310031200 tmp1:= READURAM(0x0010, 64) U37ba: 00474a0b1c50 tmp1:= NOTAND_DSZ64(0xffffffff, tmp1) U37bc: 004700031c72 tmp1:= NOTAND_DSZ64(tmp2, tmp1) U37bd: 004400031c75 tmp1:= AND_DSZ64(tmp5, tmp1) U37be: 0151111c0271 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) 070000ca SEQW URET0 ------------------------------------------------------------------------------------ U37c0: 006401031235 tmp1:= SHL_DSZ64(tmp5, 0x00000001) U37c1: 006e01031231 tmp1:= SAR_DSZ64(tmp1, 0x00000001) U37c2: 025c00000c71 LFNCEMARK-> unk_25c(tmp1, tmp1) U37c4: 006520032235 tmp2:= SHR_DSZ64(tmp5, 0x00000020) U37c5: 0004f0071c90 tmp1:= AND_DSZ32(0x80000000, tmp2) U37c6: 0004ff7f2c8f tmp2:= AND_DSZ32(0x0000ffff, tmp2) 01846c80 SEQW GOTO U046c ------------------------------------------------------------------------------------ U37c8: 1062df0b1240 tmp1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U37c9: 186ad2c102f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000f, U60d2) 06b78040 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37ca: 05ba0103ffff tmm7:= unk_5ba(tmm7, tmm7) U37cc: 07900003fff1 tmm7:= unk_790(mm1, tmm7) 01856600 SEQW GOTO U0566 ------------------------------------------------------------------------------------ U37cd: 000000000000 NOP U37ce: 000000000000 NOP U37d0: 000c905f2240 tmp2:= SAVEUIP(0x00, U3790) 0337b900 SEQW GOTO U37b9 ------------------------------------------------------------------------------------ U37d1: 000000000000 NOP U37d2: 0042fe1c0237 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp7, CORE_CR_EFLAGS) U37d4: 086a7d780337 BTUJB_DIRECT_NOTTAKEN(tmp7, 0x00000011, U0e7d) 019eea00 SEQW GOTO U1eea ------------------------------------------------------------------------------------ U37d5: 000000000000 NOP U37d6: 000000000000 NOP U37d8: 00080f032008 tmp2:= ZEROEXT_DSZ32(0x0000000f) U37d9: 006420032232 tmp2:= SHL_DSZ64(tmp2, 0x00000020) U37da: 000c905c0240 SAVEUIP(0x00, U3790) 01b7b980 SEQW GOTO U37b9 ------------------------------------------------------------------------------------ U37dc: 09626d400340 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000015, 0x06d) 04693100 SEQW GOTO U6931 ------------------------------------------------------------------------------------ U37dd: 000000000000 NOP U37de: 000000000000 NOP U37e0: 006323031200 tmp1:= READURAM(0x0023, 64) U37e1: 000400031c4a tmp1:= AND_DSZ32(0x00004000, tmp1) U37e2: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01b780c0 ? SEQW GOTO U3780 U37e4: 017100031d71 tmp1:= SELECTCC_DSZ64_CONDNZ(tmp1, tmp5) U37e5: 1929111c0031 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, generate_#GP) 06b78040 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37e6: 000000000000 NOP U37e8: 000cd20002c0 SAVEUIP(0x00, U60d2) U37e9: 0047530b1d50 tmp1:= NOTAND_DSZ64(0x40007fff, tmp5) U37ea: 015109000231 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U0009) U37ec: 2dcb08031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00000008) U37ed: 000410031c48 tmp1:= AND_DSZ32(0x00000010, tmp1) U37ee: 013100035d71 SYNCWAIT-> tmp5:= SELECTCC_DSZ32_CONDNZ(tmp1, tmp5) 0b0000ce SEQW URET1 ------------------------------------------------------------------------------------ U37f0: 1062850b1240 tmp1:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U37f1: 186a119c02b1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) 06b78040 SEQW GOTO U3780 ------------------------------------------------------------------------------------ U37f2: 00620003d200 tmp13:= MOVEFROMCREG_DSZ64(0x000) U37f4: 00250603f23d tmp15:= SHR_DSZ32(tmp13, 0x00000006) U37f5: 007d0003df7f tmp13:= MOVEINSERTFLGS_DSZ64(tmp15, tmp13) U37f6: 00043f03ff48 tmp15:= AND_DSZ32(0x0000003f, tmp13) U37f8: 00240303f23f tmp15:= SHL_DSZ32(tmp15, 0x00000003) U37f9: 0000000fffc9 tmp15:= ADD_DSZ32(0x00002300, tmp15) U37fa: 015d00000fc0 UJMP(tmp15) ------------------------------------------------------------------------------------ U37fc: 0008f5078010 tmp8:= ZEROEXT_DSZ32(0x80000301) U37fd: 000800635009 tmp5:= ZEROEXT_DSZ32(0x00003800) U37fe: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79980 ? SEQW GOTO U4799 U3800: 000c7c9be208 tmp14:= SAVEUIP(0x01, U067c) 031e7d00 SEQW GOTO U1e7d ------------------------------------------------------------------------------------ U3801: 0042c5180235 MOVETOCREG_DSZ64(tmp5, 0x6c5) U3802: 006200036200 LFNCEWAIT-> tmp6:= MOVEFROMCREG_DSZ64(0x000) U3804: 000717036d90 tmp6:= NOTAND_DSZ32(0x00000fff, tmp6) U3805: 000106036d88 tmp6:= OR_DSZ32(0x00000006, tmp6) U3806: 0962008362b6 tmp6:= MOVETOCREG_BTS_DSZ64(tmp6, 0x0000000a, 0x000) U3808: 0c4b40135000 tmp5:= RDSEGFLD(UNK_SEG_04, FLGS) U3809: 001403035235 tmp5:= BT_DSZ32(tmp5, 0x00000003) U380a: 013e67038d48 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000067, tmp5) U380c: 00362b038238 tmp8:= CMOVCC_DSZ32_CONDB(tmp8, 0x0000002b) U380d: 0fe300100038 LFNCEMARK-> unk_fe3(tmp8) U380e: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 04a23480 ? SEQW GOTO U2234 U3810: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 05381400 ? SEQW GOTO U3814 U3811: 00634c03f200 tmp15:= READURAM(0x004c, 64) U3812: 186a3408027f LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000004, U2234) U3814: 0c4b403f5000 tmp5:= RDSEGFLD(TSS, FLGS) U3815: 000708032235 tmp2:= NOTAND_DSZ32(tmp5, 0x00000008) U3816: 0131000382b2 tmp8:= SELECTCC_DSZ32_CONDNZ(tmp2, 0x00004000) U3818: 00423c1c0238 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp8, 0x73c) U3819: 006421032232 tmp2:= SHL_DSZ64(tmp2, 0x00000021) U381a: 000800000000 NOP U381c: 0042521c0232 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, 0x752) U381d: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U381e: 001512036236 tmp6:= BTS_DSZ32(tmp6, 0x00000012) U3820: 005248600276 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U3848) U3821: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U3822: 204200000236 LFNCEMARK-> MOVETOCREG_DSZ64(tmp6, 0x000) U3824: 001403035235 tmp5:= BT_DSZ32(tmp5, 0x00000003) U3825: 013e20037d48 tmp7:= MOVEMERGEFLGS_DSZ32(0x00000020, tmp5) U3826: 00360e037237 tmp7:= CMOVCC_DSZ32_CONDB(tmp7, 0x0000000e) U3828: 1fe8003f4037 LFNCEWAIT-> STADPPHYS_DSZN_ASZ32_SC1(tmp7, mode=0x0f, tmp4) U3829: 1fe80bbf9037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_ALIAS_DATASIZE, mode=0x0f, tmp9) U382a: 1fe813be0037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_13, mode=0x0f, rax) U382c: 1fe81bbe1037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_1b, mode=0x0f, rcx) U382d: 1fe823be2037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_23, mode=0x0f, rdx) U382e: 1fe82bbe3037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_2b, mode=0x0f, rbx) U3830: 1fe833be4037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_33, mode=0x0f, rsp) U3831: 1fe83bbe5037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_3b, mode=0x0f, rbp) U3832: 1fe843be6037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_43, mode=0x0f, rsi) U3834: 1fe84bbe7037 STADPPHYS_DSZN_ASZ32_SC1(tmp7, IMM_MACRO_4b, mode=0x0f, rdi) U3835: 0c4b80238000 tmp8:= RDSEGFLD(ES, SEL) U3836: 0fa853bf8037 STADPPHYS_DSZ16_ASZ32_SC1(tmp7, IMM_MACRO_53, mode=0x0f, tmp8) U3838: 0c4b800b8000 tmp8:= RDSEGFLD(CS, SEL) U3839: 0fa85bbf8037 STADPPHYS_DSZ16_ASZ32_SC1(tmp7, IMM_MACRO_5b, mode=0x0f, tmp8) U383a: 0c4b802b8000 tmp8:= RDSEGFLD(SS_USERM, SEL) U383c: 0fa863bf8037 STADPPHYS_DSZ16_ASZ32_SC1(tmp7, IMM_MACRO_63, mode=0x0f, tmp8) U383d: 0c4b802f8000 tmp8:= RDSEGFLD(DS, SEL) U383e: 0fa86bbf8037 STADPPHYS_DSZ16_ASZ32_SC1(tmp7, IMM_MACRO_6b, mode=0x0f, tmp8) U3840: 386b46e00235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000003, U3846) U3841: 0c4b80338000 tmp8:= RDSEGFLD(FS, SEL) U3842: 0f2873bf8037 STADPPHYS_DSZ32_ASZ32_SC1(tmp7, IMM_MACRO_73, mode=0x0f, tmp8) U3844: 0c4b80378000 tmp8:= RDSEGFLD(GS, SEL) U3845: 0f287bbf8037 STADPPHYS_DSZ32_ASZ32_SC1(tmp7, IMM_MACRO_7b, mode=0x0f, tmp8) U3846: 29626d800300 MOVETOCREG_BTS_DSZ64(0x00000012, 0x06d) U3848: 0c4b80132000 tmp2:= RDSEGFLD(UNK_SEG_04, SEL) U3849: 0c4b40135000 tmp5:= RDSEGFLD(UNK_SEG_04, FLGS) U384a: 001403035235 tmp5:= BT_DSZ32(tmp5, 0x00000003) U384c: 013e1c038d48 tmp8:= MOVEMERGEFLGS_DSZ32(0x0000001c, tmp5) U384d: 00360e038238 tmp8:= CMOVCC_DSZ32_CONDB(tmp8, 0x0000000e) U384e: 0fe100100038 unk_fe1(tmp8) U3850: 013e67038d48 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000067, tmp5) U3851: 00362b038238 tmp8:= CMOVCC_DSZ32_CONDB(tmp8, 0x0000002b) U3852: 0fe100100038 unk_fe1(tmp8) U3854: 000800000000 NOP U3855: 000800000000 NOP U3856: 015d00000f00 UJMP(tmp12) ------------------------------------------------------------------------------------ U3858: 000000000000 NOP U3859: 204300000230 WRITEURAM(tmp0, 0x0000, 64) U385a: 038000030030 tmp0:= READAFLAGS(tmp0) U385c: 00a102030c08 tmp0:= CONCAT_DSZ16(0x00000002, tmp0) 01d2cd00 SEQW GOTO U52cd ------------------------------------------------------------------------------------ U385d: 0a621c0372f7 tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x0000000c, 0x01c) U385e: 003304037237 tmp7:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000004) U3860: 003301039239 tmp9:= SELECTCC_DSZ32_CONDNB(tmp9, 0x00000001) U3861: 000100037df9 tmp7:= OR_DSZ32(tmp9, tmp7) U3862: 090270000cb7 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp7, tmp2, 0x070) U3864: 00330403723e tmp7:= SELECTCC_DSZ32_CONDNB(tmp14, 0x00000004) U3865: 02360003edfe LFNCEWAIT-> tmp14:= CMOVCC_DSZ32_CONDP(tmp14, tmp7) 02abb08d SEQW URET1 ------------------------------------------------------------------------------------ U3866: 000d00000000 SAVEUIP_REGOVR(0x00, U3868, 0x0000) 02abb08d SEQW GOTO U2bb0 U3868: 104004032d08 LFNCEWAIT-> tmp2:= ADD_DSZN(0x00000004, tmp4) 0270f900 SEQW GOTO U70f9 ------------------------------------------------------------------------------------ U3869: 006520030230 tmp0:= SHR_DSZ64(tmp0, 0x00000020) U386a: 00047b070c10 tmp0:= AND_DSZ32(0x08000000, tmp0) U386c: 0062011f1200 tmp1:= MOVEFROMCREG_DSZ64(0x701) U386d: 00477b071c50 tmp1:= NOTAND_DSZ64(0x08000000, tmp1) U386e: 2902011c0c31 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp1, tmp0, 0x701) U3870: 100a00200200 TESTUSTATE(SYS, 0x0800) 02bf4e31 ? SEQW GOTO U3f4e U3871: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 02bf4e31 SEQW UEND0 ------------------------------------------------------------------------------------ U3872: 07040003e032 tmm6:= unk_704(mm2) U3874: 06200903e03e tmm6:= unk_620(tmm6) U3875: 072c0003803e tmp8:= PINTMOVDTMM2I_DSZ32(tmm6) U3876: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U3878: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U3879: 000c9d840280 SAVEUIP(0x01, U419d) U387a: 015d00000e00 UJMP(tmp8) ------------------------------------------------------------------------------------ U387c: 006286133200 tmp3:= MOVEFROMCREG_DSZ64(0x486) U387d: 008402033233 tmp3:= AND_DSZ16(tmp3, 0x00000002) U387e: 015080600273 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U3880) 0183b480 SEQW GOTO U03b4 ------------------------------------------------------------------------------------ U3880: 00810203cf08 tmp12:= OR_DSZ16(0x00000002, tmp12) 01994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U3881: 000800115008 tmpv1:= ZEROEXT_DSZ32(0x00000400) U3882: 001510015215 tmpv1:= BTS_DSZ32(tmpv1, 0x00000010) U3884: 000a00400240 TESTUSTATE(UCODE, 0x3000) 019cbe00 ? SEQW GOTO uret1 U3885: 006312014200 tmpv0:= READURAM(0x0012, 64) U3886: 001400014214 tmpv0:= BT_DSZ32(tmpv0, 0x00000000) U3888: 01080083f010 tmp15:= READUIP_REGOVR(0x01) U3889: 005300000fd4 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmpv0, tmp15) 01ebfd55 SEQW SAVEUIP1 U388a SEQW GOTO U6bfd U388a: 004cbe8d4232 tmpv0:= SAVEUIP(tmp2, 0x01, U03be) U388c: 000cd0600240 SAVEUIP(0x00, U38d0) 05334d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U388d: 0fef01000000 LBSYNC(0x00000001) U388e: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U3890: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U3891: 00080e03b008 tmp11:= ZEROEXT_DSZ32(0x0000000e) U3892: 1062800b1240 LFNCEWAIT-> tmp1:= MOVEFROMCREG_DSZ64(0x280, 32) U3894: 0004b6031c50 tmp1:= AND_DSZ32(0x000c0000, tmp1) U3895: 0151dc1c0271 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U27dc) U3896: 3962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U3898: 10480003e038 tmp14:= ZEROEXT_DSZ64N(tmp8) 01c99900 SEQW GOTO U4999 ------------------------------------------------------------------------------------ U3899: 076f00030039 mm0:= unk_76f(tmm1) U389a: 104205080270 MOVETOCREG_DSZ64(tmp0, 0x205, 32) U389c: 047701039039 tmm1:= unk_477(tmm1) U389d: 076f00030039 mm0:= unk_76f(tmm1) U389e: 104206080270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x206, 32) U38a0: 1062080b1240 tmp1:= MOVEFROMCREG_DSZ64(0x208, 32) U38a1: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) 0d279955 SEQW SAVEUIP1 U38a2 SEQW GOTO U2799 U38a2: 01420a000cc0 SYNCMARK-> UFLOWCTRL(URET0, tmp3) U38a4: 000e60000200 WRMSLOOPCTRFBR(0x00000060) 01800200 SEQW GOTO U0002 ------------------------------------------------------------------------------------ U38a5: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U38a6: 000820032008 tmp2:= ZEROEXT_DSZ32(0x00000020) U38a8: 0000c04bcfc9 tmp12:= ADD_DSZ32(0x000032c0, tmp15) U38a9: 0e750003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U38aa: 004200000cb0 MOVETOCREG_DSZ64(tmp0, tmp2) U38ac: 000001032c88 tmp2:= ADD_DSZ32(0x00000001, tmp2) U38ad: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U38ae: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b8a980 ? SEQW GOTO U38a9 U38b0: 0e750003003c tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U38b1: 004209000230 MOVETOCREG_DSZ64(tmp0, 0x009) 032a7540 SEQW GOTO U2a75 ------------------------------------------------------------------------------------ U38b2: 000e03000208 LFNCEWAIT-> WRMSLOOPCTRFBR(0x00000003) U38b4: 014d00003000 rdi:= unk_14d(0x00000000) U38b5: 014d00013000 tmp7:= unk_14d(0x00000000) U38b6: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01b8b480 ? SEQW GOTO U38b4 U38b8: 000000000000 NOP 01aad988 SEQW URET0 ------------------------------------------------------------------------------------ U38b9: 0008d113e009 tmp14:= ZEROEXT_DSZ32(0x000024d1) U38ba: 100a00800300 TESTUSTATE(SYS, !0x8000) 01aad988 ? SEQW GOTO U2ad9 U38bc: 000a00400200 TESTUSTATE(UCODE, 0x1000) 01aad900 ? SEQW GOTO U2ad9 U38bd: 006267031200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U38be: 006265032200 tmp2:= MOVEFROMCREG_DSZ64(0x065) U38c0: 104500033c72 tmp3:= SUB_DSZN(tmp2, tmp1) U38c1: 014300300cc0 AETTRACE(0x0c, tmp3) 032ad940 SEQW GOTO U2ad9 ------------------------------------------------------------------------------------ U38c2: 0062c3194200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(0x6c3) U38c4: 0a62c31802d4 MOVETOCREG_BTR_DSZ64(tmpv0, 0x0000000c, 0x6c3) U38c5: 000800014000 tmpv0:= ZEROEXT_DSZ32(0x00000000) U38c6: 0042c61c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x7c6) U38c8: 0042c0180214 LFNCEWAIT-> MOVETOCREG_DSZ64(tmpv0, 0x6c0) 021f624c SEQW URET1 ------------------------------------------------------------------------------------ U38c9: 000a00400240 TESTUSTATE(UCODE, 0x3000) 021f624c ? SEQW GOTO U1f62 U38ca: 006312030200 tmp0:= READURAM(0x0012, 64) U38cc: 286b627c0230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U1f62) U38cd: 000d19c002c0 SAVEUIP_REGOVR(0x01, U38ce, 0x7019) 01ebfd40 SEQW GOTO U6bfd U38ce: 000c62fc0200 SAVEUIP(0x01, U1f62) U38d0: 000000000000 NOP U38d1: 000000000000 NOP U38d2: 000000000000 NOP 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U38d4: 000000000000 NOP U38d5: 204300000230 WRITEURAM(tmp0, 0x0000, 64) U38d6: 038000030030 tmp0:= READAFLAGS(tmp0) U38d8: 00a113030c08 tmp0:= CONCAT_DSZ16(0x00000013, tmp0) 01d2cd00 SEQW GOTO U52cd ------------------------------------------------------------------------------------ U38d9: 3962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U38da: 0e2800040032 STADPPHYS_DSZ32_ASZ64_SC1(tmp2, mode=0x01, 0x00000000) U38dc: 006353030200 tmp0:= READURAM(0x0053, 64) U38dd: 0a6353080330 unk_a63(tmp0, 0x00008253) U38de: 006353033200 tmp3:= READURAM(0x0053, 64) U38e0: 000101033cc8 tmp3:= OR_DSZ32(0x00000001, tmp3) U38e1: 204353080233 WRITEURAM(tmp3, 0x0053, 32) U38e2: 000809030008 tmp0:= ZEROEXT_DSZ32(0x00000009) 01e0aa92 SEQW SAVEUIP0 U38e4 SEQW GOTO U60aa U38e4: 0ea5fe037034 tmp7:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4, 0xfffffffffffffffe) U38e5: 104000034d37 tmp4:= ADD_DSZN(tmp7, tmp4) 031ea640 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U38e6: 0062c51f0200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U38e8: 09a2c55802b0 SYNCFULL-> MOVETOCREG_SHR_DSZ64(tmp0, 0x00000009, 0x6c5) U38e9: 000a04000200 TESTUSTATE(UCODE, 0x0004) 08221e40 ? SEQW GOTO U221e U38ea: 000800000000 NOP U38ec: 000c1e880240 SAVEUIP(0x01, U221e) 01dd4a00 SEQW GOTO U5d4a ------------------------------------------------------------------------------------ U38ed: 00641f032234 tmp2:= SHL_DSZ64(tmp4, 0x0000001f) U38ee: 00652f032232 tmp2:= SHR_DSZ64(tmp2, 0x0000002f) U38f0: 001511032232 tmp2:= BTS_DSZ32(tmp2, 0x00000011) U38f1: 008800030034 tmp0:= ZEROEXT_DSZ16(tmp4) U38f2: 006428030230 tmp0:= SHL_DSZ64(tmp0, 0x00000028) U38f4: 002402033201 tmp3:= SHL_DSZ32(r64dst, 0x00000002) U38f5: 000084133cca tmp3:= ADD_DSZ32(0x00004484, tmp3) U38f6: 000c119c0240 SAVEUIP(0x01, generate_#GP) 0186be92 SEQW SAVEUIP0 U38f8 SEQW GOTO jump_tmp3 U38f8: 000800001000 r64dst:= ZEROEXT_DSZ32(0x00000000) U38f9: 200800031c71 tmp1:= ZEROEXT_DSZ32(tmp1, tmp1) 0180d2b1 SEQW UEND0 ------------------------------------------------------------------------------------ U38fa: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 0180d2b1 ? SEQW GOTO U00d2 U38fc: 000e0f000208 WRMSLOOPCTRFBR(0x0000000f) 0180d400 SEQW GOTO U00d4 ------------------------------------------------------------------------------------ U38fd: 00250403623d tmp6:= SHR_DSZ32(tmp13, 0x00000004) U38fe: 01890103c008 tmp12:= ADDSUB_DSZ16_CONDD(0x00000001) U3900: 02310103c23c tmp12:= SELECTCC_DSZ32_CONDNS(tmp12, 0x00000001) U3901: 00850003cf36 tmp12:= SUB_DSZ16(tmp6, tmp12) U3902: 01896203c43c tmp12:= ADDSUB_DSZ16_CONDD(tmp12, 0x00018000) U3904: 01420e000f00 SYNCMARK-> UFLOWCTRL(MSLOOPCTR, tmp12) U3905: 000c6ee7e248 tmp14:= SAVEUIP(0x01, U396e) U3906: 100a20836380 tmp6:= TESTUSTATE(SYS, !UST_SMM | 0xc000) 0c396e80 ? SEQW GOTO U396e U3908: 000c09e7e248 tmp14:= SAVEUIP(0x01, U3909) U3909: 0ec600079db4 tmp9:= unk_ec6(tmp4, tmp6) 05397040 SEQW GOTO U3970 ------------------------------------------------------------------------------------ U390a: 2e7b0403bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U390c: 0c4b4013c000 LFNCEWAIT-> tmp12:= RDSEGFLD(UNK_SEG_04, FLGS) U390d: 00240803c23c tmp12:= SHL_DSZ32(tmp12, 0x00000008) U390e: 0c4b00138000 tmp8:= RDSEGFLD(UNK_SEG_04, LIMIT_VAL) U3910: 0044b9038e10 tmp8:= AND_DSZ64(0x000f0000, tmp8) U3911: 00010003cf38 tmp12:= OR_DSZ32(tmp8, tmp12) 01c05940 SEQW GOTO U4059 ------------------------------------------------------------------------------------ U3912: 010800030010 tmp0:= READUIP_REGOVR(0x00) U3914: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U3915: 2042521c023f MOVETOCREG_DSZ64(tmp15, 0x752) U3916: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U3918: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U3919: 10450003efbf tmp14:= SUB_DSZN(tmp15, tmp14) U391a: 20421a1c023e SYNCMARK-> MOVETOCREG_DSZ64(tmp14, 0x71a) U391c: 125600000000 LFNCEWTMRK-> unk_256(0x00000000) 062ee58c SEQW URET1 ------------------------------------------------------------------------------------ U391d: 086afe5c033a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U07fe) U391e: 000a08800200 TESTUSTATE(UCODE, !0x0008) 062ee58c ? SEQW GOTO U2ee5 U3920: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01b92800 ? SEQW GOTO U3928 U3921: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U3922: 296272800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x072) U3924: 0f701c3e4ec0 rsp:= LDPPHYS_DSZ64_ASZ32_SC8(tmp11) U3925: 0c4b802b2000 tmp2:= RDSEGFLD(SS_USERM, SEL) U3926: 204200000237 MOVETOCREG_DSZ64(tmp7, 0x000) U3928: 10c4f07e491f rsp:= AND_DSZN(0xfffffffffffffff0, rsp) U3929: 0c4b800f8000 tmp8:= RDSEGFLD(SS, SEL) 01aee040 SEQW GOTO U2ee0 ------------------------------------------------------------------------------------ U392a: 086a0af002b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000b, U0c0a) U392c: 00080d034008 tmp4:= ZEROEXT_DSZ32(0x0000000d) U392d: 27010003e034 LFNCEMARK-> tmm6:= unk_701(mm4) U392e: 015030640276 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U3930) 04994880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U3930: 04b49183e200 tmm6:= FMOV(0x00000091) U3931: 386a32a40276 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000006, U3932) 01994840 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U3932: 000800000000 NOP U3934: 04b49183e200 tmm6:= FMOV(0x00000091) 0a994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U3935: 0c4b2073a000 SYNCWAIT-> tmp10:= RDSEGFLD(SEG_V0, BASE) U3936: 1042c008027a MOVETOCREG_DSZ64(tmp10, 0x2c0, 32) U3938: 0c4b6073a000 LFNCEWAIT-> tmp10:= RDSEGFLD(SEG_V0, LIMIT) U3939: 1042c108027a MOVETOCREG_DSZ64(tmp10, 0x2c1, 32) U393a: 0c4b8073a000 tmp10:= RDSEGFLD(SEG_V0, SEL) U393c: 00436200023a WRITEURAM(tmp10, 0x0062, 64) U393d: 0c4b4073a000 tmp10:= RDSEGFLD(SEG_V0, FLGS) U393e: 00436300023a WRITEURAM(tmp10, 0x0063, 64) U3940: 0c4be073a000 tmp10:= RDSEGFLD(SEG_V0, UNK_FLD_0e) U3941: 00436400023a WRITEURAM(tmp10, 0x0064, 64) 05101240 SEQW GOTO U1012 ------------------------------------------------------------------------------------ U3942: 0e7b8927bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U3944: 005000000efb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U3945: 0c4b800b1000 tmp1:= RDSEGFLD(CS, SEL) U3946: 204263000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U3948: 1c38fbab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U3949: 1c38f3ab4024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, tmp4) U394a: 0df300240033 LFNCEWAIT-> LEA_DSZ8_ASZ32_SC1(tmp3) U394c: 10c0f3824908 rsp:= ADD_DSZN(IMM_MACRO_f3, rsp) 04abf900 SEQW GOTO U2bf9 ------------------------------------------------------------------------------------ U394d: 26ee00038038 LFNCEMARK-> tmm0:= unk_6ee(tmm0) U394e: 076a00033038 mm3:= unk_76a(tmm0) U3950: 000710033233 tmp3:= NOTAND_DSZ32(tmp3, 0x00000010) U3951: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U3952: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U3954: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U3955: 000100031cf1 tmp1:= OR_DSZ32(tmp1, tmp3) U3956: 015058640271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3958) 01b95a80 SEQW GOTO U395a ------------------------------------------------------------------------------------ U3958: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U3959: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U395a: 064400038038 tmm0:= unk_644(tmm0) U395c: 053f00008e08 LFNCEWAIT-> mm0:= unk_53f(0x00000000, tmm0) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U395d: 000500138d88 tmp8:= SUB_DSZ32(0x00000400, tmp6) U395e: 00050f038e08 tmp8:= SUB_DSZ32(0x0000000f, tmp8) U3960: 015261640278 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp8, U3961) 01b96400 SEQW GOTO U3964 ------------------------------------------------------------------------------------ U3961: 000703038236 tmp8:= NOTAND_DSZ32(tmp6, 0x00000003) U3962: 01516c640278 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U396c) U3964: 0005800b8d88 tmp8:= SUB_DSZ32(0x00000280, tmp6) U3965: 000503038e08 tmp8:= SUB_DSZ32(0x00000003, tmp8) U3966: 01526c640278 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp8, U396c) U3968: 000579078d88 tmp8:= SUB_DSZ32(0x00000179, tmp6) U3969: 000501038e08 tmp8:= SUB_DSZ32(0x00000001, tmp8) U396a: 01526c640278 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp8, U396c) 0183e480 SEQW GOTO U03e4 ------------------------------------------------------------------------------------ U396c: 000880031008 tmp1:= ZEROEXT_DSZ32(0x00000080) U396d: 003d0b038d88 tmp8:= MOVEINSERTFLGS_DSZ32(0x0000000b, tmp6) 018ae440 SEQW GOTO U0ae4 ------------------------------------------------------------------------------------ U396e: 0fc600039db4 tmp9:= unk_fc6(tmp4, tmp6) U3970: 0ece00079db8 tmp9:= unk_ece(tmp8, tmp6) U3971: 000010036d88 tmp6:= ADD_DSZ32(0x00000010, tmp6) U3972: 000a0103c23c SYNCWAIT-> tmp12:= TESTUSTATE(tmp12, UCODE, UST_MSLOOPCTR_NONZERO) 0b3974ce ? SEQW URET1 U3974: 100a20800380 TESTUSTATE(SYS, !UST_SMM | 0xc000) 01d72e00 ? SEQW GOTO U572e U3975: 000800000000 NOP U3976: 000800000000 NOP U3978: 0e2500071db4 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp6, mode=0x01) 07573000 SEQW GOTO U5730 ------------------------------------------------------------------------------------ U3979: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U397a: 086ba51803f2 LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x0000001c, U06a5) U397c: 00240103b238 tmp11:= SHL_DSZ32(tmp8, 0x00000001) U397d: 0050a518023b UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, U06a5) U397e: 0007140b2e10 tmp2:= NOTAND_DSZ32(0xc0001fff, tmp8) U3980: 0151a5180232 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U06a5) U3981: 00330013b23b tmp11:= SELECTCC_DSZ32_CONDNB(tmp11, 0x00000400) U3982: 002503032238 tmp2:= SHR_DSZ32(tmp8, 0x00000003) U3984: 008000032df2 tmp2:= ADD_DSZ16(tmp2, tmp7) U3985: 000000032cbb tmp2:= ADD_DSZ32(tmp11, tmp2) U3986: 0ee500732cbc LFNCEWAIT-> tmp2:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp12, tmp2, mode=0x1c) U3988: 00040703be08 tmp11:= AND_DSZ32(0x00000007, tmp8) U3989: 086aa5180ef2 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp2, tmp11, U06a5) 0887258d SEQW URET1 ------------------------------------------------------------------------------------ U398a: 000d00000000 SAVEUIP_REGOVR(0x00, U398c, 0x0000) 0887258d SEQW GOTO U0725 U398c: 206320031200 tmp1:= READURAM(0x0020, 64) U398d: 086b5a4c0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000001, U035a) 031b0c40 SEQW GOTO U1b0c ------------------------------------------------------------------------------------ U398e: 0c4b40271000 LFNCEWAIT-> tmp1:= RDSEGFLD(UNK_SEG_09, FLGS) U3990: 2042f51c0231 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, 0x7f5) U3991: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 020ea240 ? SEQW GOTO U0ea2 U3992: 000ca2bbe208 tmp14:= SAVEUIP(0x01, U0ea2) U3994: 0c4b400bb000 tmp11:= RDSEGFLD(CS, FLGS) U3995: 00060003bef1 tmp11:= XOR_DSZ32(tmp1, tmp11) U3996: 00040003bec9 tmp11:= AND_DSZ32(0x00002000, tmp11) U3998: 015100000fbb UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, tmp14) 0500924c SEQW URET1 ------------------------------------------------------------------------------------ U3999: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 0500924c ? SEQW GOTO U0092 U399a: 0e7ba9271cb0 LFNCEMARK-> tmp1:= unk_e7b(tmp0, tmp2) U399c: 005000000c71 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp1, tmp1) U399d: 29a2f51c06b0 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) U399e: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 0439a480 ? SEQW GOTO U39a4 U39a0: 0c4b40271000 LFNCEWAIT-> tmp1:= RDSEGFLD(UNK_SEG_09, FLGS) U39a1: 2042f51c0231 MOVETOCREG_DSZ64(tmp1, 0x7f5) U39a2: 000800000000 NOP U39a4: 0df300240033 LFNCEWAIT-> LEA_DSZ8_ASZ32_SC1(tmp3) U39a5: 10c000024939 rsp:= ADD_DSZN(tmp9, rsp) 025fc189 SEQW URET0 ------------------------------------------------------------------------------------ U39a6: 000a10800200 TESTUSTATE(UCODE, !0x0010) 025fc189 ? SEQW GOTO U5fc1 U39a8: 05340003803c tmm0:= unk_534(tmm4) U39a9: 05340003903f tmm1:= unk_534(tmm7) 035fc440 SEQW GOTO U5fc4 ------------------------------------------------------------------------------------ U39aa: 0062c51f0200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U39ac: 09a2c55802b0 SYNCMARK-> MOVETOCREG_SHR_DSZ64(tmp0, 0x00000009, 0x6c5) U39ad: 000800000000 NOP U39ae: 000800000000 NOP U39b0: 000a04000200 SYNCWAIT-> TESTUSTATE(UCODE, 0x0004) 0a066400 ? SEQW GOTO U0664 U39b1: 000800000000 NOP U39b2: 000800000000 NOP U39b4: 000c649be208 tmp14:= SAVEUIP(0x01, U0664) 01dcd100 SEQW GOTO U5cd1 ------------------------------------------------------------------------------------ U39b5: 06240003eebb tmm6:= unk_624(tmm3, tmm2) U39b6: 072c0003203e tmp2:= PINTMOVDTMM2I_DSZ32(tmm6) U39b8: 00c43f032c88 tmp2:= AND_DSZ8(0x0000003f, tmp2) U39b9: 000100037df2 tmp7:= OR_DSZ32(tmp2, tmp7) U39ba: 07040003e037 tmm6:= unk_704(mm7) U39bc: 06200003e03e tmm6:= unk_620(tmm6) U39bd: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U39be: 02504d2c0276 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, U2b4d) U39c0: 00628c130200 tmp0:= MOVEFROMCREG_DSZ64(0x48c) U39c1: 00a508030230 tmp0:= SHR_DSZ16(tmp0, 0x00000008) U39c2: 24b40003e000 LFNCEMARK-> tmm6:= FMOV(0x00000000) U39c4: 00861e074cca tmp4:= XOR_DSZ16(0x0000411e, tmp3) U39c5: 015100000cf4 LFNCEWAIT-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, tmp3) 02831a40 SEQW GOTO U031a ------------------------------------------------------------------------------------ U39c6: 000cb0b80240 SAVEUIP(0x01, U2eb0) U39c8: 100a00040200 TESTUSTATE(SYS, UST_VMX_OP_DIS) 01df4a8c ? SEQW URET1 U39c9: 006356016200 tmpv2:= READURAM(0x0056, 64) U39ca: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01df4a8c ? SEQW GOTO U5f4a U39cc: 006343014200 tmpv0:= READURAM(0x0043, 64) U39cd: 1062df095240 tmpv1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U39ce: 00540d015215 tmpv1:= BT_DSZ64(tmpv1, 0x0000000d) U39d0: 007200015515 tmpv1:= SELECTCC_DSZ64_CONDB(tmpv1, tmpv0) U39d1: 286abef00715 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000033, uret1) U39d2: 006357016200 tmpv2:= READURAM(0x0057, 64) 01df4a80 SEQW GOTO U5f4a ------------------------------------------------------------------------------------ U39d4: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U39d5: 000001036d88 tmp6:= ADD_DSZ32(0x00000001, tmp6) U39d6: 3928d82402b6 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000008, U39d8) 01be1e80 SEQW GOTO U3e1e ------------------------------------------------------------------------------------ U39d8: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U39d9: 3928dae4037f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000017, U39da) 01be1d40 SEQW GOTO U3e1d ------------------------------------------------------------------------------------ U39da: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U39dc: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U39dd: 000001036d88 tmp6:= ADD_DSZ32(0x00000001, tmp6) U39de: 3928e02402b6 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000008, U39e0) 01ba5980 SEQW GOTO U3a59 ------------------------------------------------------------------------------------ U39e0: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U39e1: 3928e22402bf CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000008, U39e2) 01ba5840 SEQW GOTO U3a58 ------------------------------------------------------------------------------------ U39e2: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U39e4: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U39e5: 000001036d88 tmp6:= ADD_DSZ32(0x00000001, tmp6) U39e6: 3928e82402b6 CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000008, U39e8) 01ba8580 SEQW GOTO U3a85 ------------------------------------------------------------------------------------ U39e8: 00000103ffc8 tmp15:= ADD_DSZ32(0x00000001, tmp15) U39e9: 3928eaa4027f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000006, U39ea) 01ba8440 SEQW GOTO U3a84 ------------------------------------------------------------------------------------ U39ea: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U39ec: 006520031237 tmp1:= SHR_DSZ64(tmp7, 0x00000020) U39ed: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U39ee: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01c4a180 ? SEQW GOTO U44a1 U39f0: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01b9f400 ? SEQW GOTO U39f4 U39f1: 000700437dc8 tmp7:= NOTAND_DSZ32(0x00001000, tmp7) U39f2: 0001420b7dd0 tmp7:= OR_DSZ32(0xffff0ff0, tmp7) U39f4: 20433d000237 LFNCEMARK-> WRITEURAM(tmp7, 0x003d, 64) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U39f5: 01080083a010 tmp10:= READUIP_REGOVR(0x01) U39f6: 00a10f07f008 tmp15:= CONCAT_DSZ16(0x0000010f) U39f8: 00010103f23f tmp15:= OR_DSZ32(tmp15, 0x00000001) U39f9: 0008952fe00b tmp14:= ZEROEXT_DSZ32(0x00006b95) U39fa: 00643003e23e tmp14:= SHL_DSZ64(tmp14, 0x00000030) U39fc: 00410003efbc tmp14:= OR_DSZ64(tmp12, tmp14) U39fd: 10622f0bb240 tmp11:= MOVEFROMCREG_DSZ64(0x22f, 32) U39fe: 386afd24023b SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000000, U39fd) U3a00: 19022ec80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x22e) U3a01: 000deff40340 SAVEUIP_REGOVR(0x01, U3a02, 0xbdef) 01bad640 SEQW GOTO U3ad6 U3a02: 00400403ef88 tmp14:= ADD_DSZ64(0x00000004, tmp14) U3a04: 00652003d23d tmp13:= SHR_DSZ64(tmp13, 0x00000020) 093ad614 SEQW SAVEUIP1 U3a05 SEQW GOTO U3ad6 U3a05: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U3a06: 015d00000e80 SYNCFULL-> UJMP(tmp10) ------------------------------------------------------------------------------------ U3a08: 000000000000 NOP U3a09: 0cce08a39c67 SYNCWAIT-> tmp9:= unk_cce(rdi, tmp1) U3a0a: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U3a0c: 0cce08a39c67 tmp9:= unk_cce(rdi, tmp1) U3a0d: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 01ba2565 SEQW GOTO U3a25 ------------------------------------------------------------------------------------ U3a0e: 10850003f034 tmp15:= SUB_DSZN(tmp4) U3a10: 00240403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000004) 029a6400 SEQW GOTO U1a64 ------------------------------------------------------------------------------------ U3a11: 0f30043e4e00 LFNCEWAIT-> rsp:= LDPPHYS_DSZ32_ASZ32_SC8(tmp8) U3a12: 0fb0083f2e00 tmp2:= LDPPHYS_DSZ16_ASZ32_SC8(tmp8) U3a14: 0d61001b0032 tmp0:= unk_d61(tmp2) U3a15: 0d61001f1032 tmp1:= unk_d61(tmp2) U3a16: 007700030c31 tmp0:= CMOVCC_DSZ64_CONDNB(tmp1, tmp0) U3a18: 000c8e980200 SAVEUIP(0x01, U068e) U3a19: 09a23c1f16b0 LFNCEWAIT-> tmp1:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x73c) U3a1a: 00080553e009 tmp14:= ZEROEXT_DSZ32(0x00003405) U3a1c: 01420b000fb1 UFLOWCTRL(tmp1, URET1, tmp14) U3a1d: 0e6b4a280cb0 LFNCEMARK-> unk_e6b(tmp0, tmp2) U3a1e: 0c4b80278000 tmp8:= RDSEGFLD(UNK_SEG_09, SEL) U3a20: 0c6bc9000038 LFNCEMARK-> WRSEGFLD(tmp8, UNK_SEG_09, UNK_FLD_0c) U3a21: 204200000237 MOVETOCREG_DSZ64(tmp7, 0x000) U3a22: 0c4b800f8000 tmp8:= RDSEGFLD(SS, SEL) 040000ce SEQW URET1 ------------------------------------------------------------------------------------ U3a24: 000000000000 NOP U3a25: 0cce08a39c67 SYNCWAIT-> tmp9:= unk_cce(rdi, tmp1) U3a26: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U3a28: 0cce08a39c67 tmp9:= unk_cce(rdi, tmp1) U3a29: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 01ba2565 SEQW GOTO U3a25 ------------------------------------------------------------------------------------ U3a2a: 10850003f034 tmp15:= SUB_DSZN(tmp4) U3a2c: 00240403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000004) 019a6400 SEQW GOTO U1a64 ------------------------------------------------------------------------------------ U3a2d: 004500030df6 tmp0:= SUB_DSZ64(tmp6, tmp7) U3a2e: 0153ee140230 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp0, U05ee) U3a30: 0929ee140f37 CMPUJNZ_DIRECT_NOTTAKEN(tmp7, tmp12, U05ee) U3a31: 013001030239 tmp0:= SELECTCC_DSZ32_CONDZ(tmp9, 0x00000001) U3a32: 00643e030230 tmp0:= SHL_DSZ64(tmp0, 0x0000003e) U3a34: 1062f91f6240 tmp6:= MOVEFROMCREG_DSZ64(0x7f9, 32) U3a35: 000400636d88 tmp6:= AND_DSZ32(0x00001800, tmp6) U3a36: 00642f036236 tmp6:= SHL_DSZ64(tmp6, 0x0000002f) U3a38: 004100036db0 tmp6:= OR_DSZ64(tmp0, tmp6) U3a39: 304211080276 MOVETOCREG_DSZ64(tmp6, 0x211, 32) U3a3a: 0fef01000000 LBSYNC(0x00000001) U3a3c: 0fef01000000 LBSYNC(0x00000001) U3a3d: 000d06800000 SAVEUIP_REGOVR(0x01, U3a3e, 0x0006) 0932cd40 SEQW GOTO U32cd U3a3e: 3962e1880280 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x0000000a, 0x2e1) U3a40: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 0285ee00 SEQW GOTO U05ee ------------------------------------------------------------------------------------ enter_probe_mode: U3a41: 006267031200 LFNCEWAIT-> tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U3a42: 204367000231 WRITEURAM(tmp1, 0x0067, 64) U3a44: 204307080230 WRITEURAM(tmp0, 0x0007, 32) U3a45: 204350080230 WRITEURAM(tmp0, 0x0050, 32) U3a46: 00620c036200 tmp6:= MOVEFROMCREG_DSZ64(0x00c) U3a48: 006420036236 tmp6:= SHL_DSZ64(tmp6, 0x00000020) U3a49: 204326040236 WRITEURAM(tmp6, 0x0126, 64) U3a4a: 000900000000 MOVE_DSZ32(0x00000000) 01a0bd96 SEQW SAVEUIP1 U3a4c SEQW GOTO U20bd U3a4c: 0062c61f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7c6) U3a4d: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U3a4e: 00635c031200 LFNCEWAIT-> tmp1:= READURAM(0x005c, 64) U3a50: 000400071c48 tmp1:= AND_DSZ32(0x00000100, tmp1) U3a51: 000100032c72 tmp2:= OR_DSZ32(tmp2, tmp1) U3a52: 392854680232 CMPUJZ_DIRECT_NOTTAKEN(tmp2, 0x00000001, U3a54) 0185f480 SEQW GOTO U05f4 ------------------------------------------------------------------------------------ U3a54: 001417030230 tmp0:= BT_DSZ32(tmp0, 0x00000017) U3a55: 005200000c30 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, tmp0) 08879d40 SEQW GOTO U079d ------------------------------------------------------------------------------------ U3a56: 00010003f000 tmp15:= OR_DSZ32(0x00000000) U3a58: 000100036000 tmp6:= OR_DSZ32(0x00000000) U3a59: 002405031236 tmp1:= SHL_DSZ32(tmp6, 0x00000005) U3a5a: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U3a5c: 00240f031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000f) U3a5d: 000100431c48 tmp1:= OR_DSZ32(0x00001000, tmp1) U3a5e: 000d02800000 SAVEUIP_REGOVR(0x01, U3a60, 0x0002) 01b2cd80 SEQW GOTO U32cd U3a60: 3962a5cc0271 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x00000007, 0x3a5) U3a61: 10628d0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x38d, 32) U3a62: 015d00000f40 UJMP(tmp13) ------------------------------------------------------------------------------------ U3a64: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01923e00 ? SEQW GOTO U123e U3a65: 00080d0fc008 tmp12:= ZEROEXT_DSZ32(0x0000030d) U3a66: 00151003c23c tmp12:= BTS_DSZ32(tmp12, 0x00000010) U3a68: 006312033200 tmp3:= READURAM(0x0012, 64) U3a69: 286b3e4802f3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000d, U123e) U3a6a: 000dc3d402c0 SAVEUIP_REGOVR(0x01, U3a6c, 0x75c3) 01ebfd80 SEQW GOTO U6bfd U3a6c: 000c3ec80200 SAVEUIP(0x01, U123e) 01b8d000 SEQW GOTO U38d0 ------------------------------------------------------------------------------------ U3a6d: 1062da0bd240 tmp13:= MOVEFROMCREG_DSZ64(0x2da, 32) U3a6e: 000700039e7d tmp9:= NOTAND_DSZ32(tmp13, tmp9) U3a70: 00635c03d200 tmp13:= READURAM(0x005c, 64) U3a71: 386a74a8023d BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000002, U3a74) U3a72: 000800000000 NOP 01943296 SEQW SAVEUIP1 U3a74 SEQW GOTO U1432 U3a74: 186ab8840239 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000002, U21b8) U3a75: 286ad52d0239 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000000, U5bd5) U3a76: 386b78680239 BTUJNB_DIRECT_NOTTAKEN(tmp9, 0x00000001, U3a78) 01b1d180 SEQW GOTO U31d1 ------------------------------------------------------------------------------------ U3a78: 3822db0802b9 SYNCFULL-> MOVETOCREG_AND_DSZ64(tmp9, 0x00000008, 0x2db) U3a79: 00637803f200 tmp15:= READURAM(0x0078, 64) U3a7a: 086aa5dc037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000017, U07a5) U3a7c: 00040f079fd0 tmp9:= AND_DSZ32(0x00600000, tmp15) U3a7d: 0005e1039e50 tmp9:= SUB_DSZ32(0x00200000, tmp9) U3a7e: 015080680279 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U3a80) 01ba8180 SEQW GOTO U3a81 ------------------------------------------------------------------------------------ U3a80: 0eff00000000 unk_eff(0x00000000) U3a81: 125600300000LFNCEWAIT->MSSTOP-> unk_256(0x00000000) 02bdfa6d SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U3a82: 00010003f000 tmp15:= OR_DSZ32(0x00000000) U3a84: 000100036000 tmp6:= OR_DSZ32(0x00000000) U3a85: 002405031236 tmp1:= SHL_DSZ32(tmp6, 0x00000005) U3a86: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U3a88: 00240f031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000f) U3a89: 000100031c49 tmp1:= OR_DSZ32(0x00002000, tmp1) U3a8a: 000d02800000 SAVEUIP_REGOVR(0x01, U3a8c, 0x0002) 01b2cd80 SEQW GOTO U32cd U3a8c: 3962a5cc0271 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x00000007, 0x3a5) U3a8d: 10628d0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x38d, 32) U3a8e: 015d00000f40 UJMP(tmp13) ------------------------------------------------------------------------------------ U3a90: 0062f61f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U3a91: 000dab800000 SAVEUIP_REGOVR(0x01, U3a92, 0x00ab) 0502ca40 SEQW GOTO U02ca U3a92: 090205000240 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000004, 0x005) U3a94: 00c420033c88 LFNCEWAIT-> tmp3:= AND_DSZ8(0x00000020, tmp2) U3a95: 000000040000 MSSTOP-> NOP U3a96: 0151b40002b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U40b4) U3a98: 000000040000 MSSTOP-> NOP 01ba982c SEQW GOTO U3a98 ------------------------------------------------------------------------------------ U3a99: 00621b172200 tmp2:= MOVEFROMCREG_DSZ64(0x51b) U3a9a: 0a621b140232 MOVETOCREG_BTR_DSZ64(tmp2, 0x51b) U3a9c: 00634a030200 tmp0:= READURAM(0x004a, 64) U3a9d: 0042f61c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) 04816455 SEQW SAVEUIP1 U3a9e SEQW GOTO U0164 U3a9e: 20635c030200 tmp0:= READURAM(0x005c, 64) U3aa0: 005410030230 SYNCFULL-> tmp0:= BT_DSZ64(tmp0, 0x00000010) U3aa1: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U3aa2: 003200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U3aa4: 0004b903ac90 tmp10:= AND_DSZ32(0x000f0000, tmp2) U3aa5: 01517c14027a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U257c) U3aa6: 10629f0b2240 tmp2:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U3aa8: 186a7cd402f2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000f, U257c) U3aa9: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) 01dee851 SEQW SAVEUIP0 U3aaa SEQW GOTO U5ee8 U3aaa: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U3aac: 0007010b1c48 tmp1:= NOTAND_DSZ32(0x00000201, tmp1) U3aad: 19629dc803f1 MOVETOCREG_BTS_DSZ64(tmp1, 0x0000001f, 0x29d) 092b8940 SEQW GOTO U2b89 ------------------------------------------------------------------------------------ U3aae: 0062c51b5200 SYNCFULL-> tmp5:= MOVEFROMCREG_DSZ64(0x6c5) U3ab0: 125500000cc0 FETCHFROMEIP1_ASZ64(tmp3) U3ab1: 021e43000200 LFNCEWAIT-> SIGEVENT(0x00000043) U3ab2: 105e00000cc0 MSLOOP-> MJMPTARGET_INDIRECT_ASZ64(tmp3) U3ab4: 000cfa740240 LFNCEMARK-> SAVEUIP(0x00, check_cpl_uend3) U3ab5: 000800000000 NOP U3ab6: 000800000000 NOP U3ab8: 004200000200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x000) 02260000 SEQW GOTO U2600 ------------------------------------------------------------------------------------ U3ab9: 000402030c88 tmp0:= AND_DSZ32(0x00000002, tmp2) U3aba: 002501030230 tmp0:= SHR_DSZ32(tmp0, 0x00000001) U3abc: 000800020030 rax:= ZEROEXT_DSZ32(tmp0) U3abd: 0135d3072430 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x50000000) U3abe: 00217a572c89 tmp2:= CONCAT_DSZ32(0x0000357a, tmp2) U3ac0: 1042c0080272 MOVETOCREG_DSZ64(tmp2, 0x2c0, 32) U3ac1: 10628e0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x38e, 32) U3ac2: 013115032430 tmp2:= SELECTCC_DSZ32_CONDNZ(tmp0, 0x00000800) U3ac4: 000700031c72 tmp1:= NOTAND_DSZ32(tmp2, tmp1) U3ac5: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01a28a40 ? SEQW GOTO U228a U3ac6: 000800032031 tmp2:= ZEROEXT_DSZ32(tmp1) U3ac8: 1062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U3ac9: 0007220b0c10 tmp0:= NOTAND_DSZ32(0xf8000000, tmp0) U3aca: 000740030c08 tmp0:= NOTAND_DSZ32(0x00000040, tmp0) U3acc: 000192071430 tmp1:= OR_DSZ32(tmp0, 0x10000000) U3acd: 0001d3070431 tmp0:= OR_DSZ32(tmp1, 0x50000000) U3ace: 000c89880240 SAVEUIP(0x01, U2289) 01a97192 SEQW SAVEUIP0 U3ad0 SEQW GOTO U2971 U3ad0: 3062ff0f0240 SYNCFULL-> tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U3ad1: 286bbe700270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000005, uret1) 083ad040 SEQW GOTO U3ad0 ------------------------------------------------------------------------------------ U3ad2: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U3ad4: 10622f097240 tmpv3:= MOVEFROMCREG_DSZ64(0x22f, 32) U3ad5: 386bd6280217 BTUJNB_DIRECT_NOTTAKEN(tmpv3, 0x00000000, U3ad6) 01bad440 SEQW GOTO U3ad4 ------------------------------------------------------------------------------------ U3ad6: 30422c080256 MOVETOCREG_DSZ64(tmpv2, 0x22c, 32) U3ad8: 30422b080255 MOVETOCREG_DSZ64(tmpv1, 0x22b, 32) U3ad9: 304229080254 MOVETOCREG_DSZ64(tmpv0, 0x229, 32) U3ada: 000000000000 SYNCFULL-> NOP U3adc: 10622f097240 tmpv3:= MOVEFROMCREG_DSZ64(0x22f, 32) U3add: 386bde280217 BTUJNB_DIRECT_NOTTAKEN(tmpv3, 0x00000000, U3ade) 01bada40 SEQW GOTO U3ada ------------------------------------------------------------------------------------ U3ade: 014800800000 URET(0x01) ------------------------------------------------------------------------------------ U3ae0: 025500000e00 FETCHFROMEIP1_ASZ64(tmp8) U3ae1: 006372032200 tmp2:= READURAM(0x0072, 64) U3ae2: 006313030200 tmp0:= READURAM(0x0013, 64) U3ae4: 001410030230 tmp0:= BT_DSZ32(tmp0, 0x00000010) U3ae5: 00373f030230 tmp0:= CMOVCC_DSZ32_CONDNB(tmp0, 0x0000003f) U3ae6: 386ae8280c32 SYNCWAIT-> BTUJB_DIRECT_NOTTAKEN(tmp2, tmp0, U3ae8) 0b008e80 SEQW GOTO U008e ------------------------------------------------------------------------------------ U3ae8: 004800035038 tmp5:= ZEROEXT_DSZ64(tmp8) 04982a00 SEQW GOTO U182a ------------------------------------------------------------------------------------ U3ae9: 1e6b0927ecb0 LFNCEMARK-> tmp14:= unk_e6b(tmp0, tmp2) U3aea: 09a2f51ff6b0 tmp15:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) U3aec: 013ee073ef88 tmp14:= MOVEMERGEFLGS_DSZ32(0x00001ce0, tmp14) U3aed: 000400231f08 tmp1:= AND_DSZ32(0x00000800, tmp12) U3aee: 01300003cf31 tmp12:= SELECTCC_DSZ32_CONDZ(tmp1, tmp12) U3af0: 008800033f3d tmp3:= ZEROEXT_DSZ16(tmp13, tmp12) U3af1: 000c8e980200 SAVEUIP(0x01, U068e) U3af2: 0034c63be27e tmp14:= CMOVCC_DSZ32_CONDO(tmp14, 0x00002ec6) U3af4: 01420b000fb8 UFLOWCTRL(tmp8, URET1, tmp14) U3af5: 000740037dc8 tmp7:= NOTAND_DSZ32(0x00000040, tmp7) U3af6: 000112037dd0 tmp7:= OR_DSZ32(0x00000400, tmp7) U3af8: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 02bafc00 ? SEQW GOTO U3afc U3af9: 0c4b20271000 LFNCEWAIT-> tmp1:= RDSEGFLD(UNK_SEG_09, BASE) U3afa: 00428e1c0231 MOVETOCREG_DSZ64(tmp1, 0x78e) U3afc: 0c4b60271000 LFNCEWAIT-> tmp1:= RDSEGFLD(UNK_SEG_09, LIMIT) U3afd: 004210100231 MOVETOCREG_DSZ64(tmp1, 0x410) U3afe: 000001031c48 tmp1:= ADD_DSZ32(0x00000001, tmp1) U3b00: 0042001c0231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x700) 043b054c SEQW URET1 ------------------------------------------------------------------------------------ U3b01: 100a00200200 TESTUSTATE(SYS, 0x0800) 043b054c ? SEQW GOTO U3b05 U3b02: 00880003a03c tmp10:= ZEROEXT_DSZ16(tmp12) U3b04: 021e0f000200 SIGEVENT(0x0000000f) U3b05: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U3b06: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U3b08: 0cce2060003b unk_cce(tmp11) U3b09: 0ccc2060803b tmp0:= unk_ccc(tmp11) U3b0a: 04b41183b208 tmm3:= FMOV(0x00000011) U3b0c: 10801003bec8 tmp11:= ADD_DSZN(0x00000010, tmp11) U3b0d: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01bb0840 SEQW GOTO U3b08 ------------------------------------------------------------------------------------ U3b0e: 021e03000200 SIGEVENT(0x00000003) U3b10: 10858003bec8 tmp11:= SUB_DSZN(0x00000080, tmp11) 01bb158c SEQW URET1 ------------------------------------------------------------------------------------ U3b11: 0ee51d035038 tmp5:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp8, 0x0000001d) U3b12: 386a146c0235 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000001, U3b14) 01bb158c SEQW GOTO U3b15 ------------------------------------------------------------------------------------ U3b14: 000d00837000 tmp7:= SAVEUIP_REGOVR(0x01, U3b15, 0x0000) 018d5900 SEQW GOTO U0d59 U3b15: 0e2510031038 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x00000010) U3b16: 000700031c40 tmp1:= NOTAND_DSZ32(0x00000000, tmp1) U3b18: 0151196c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U3b19) 01a56900 SEQW GOTO U2569 ------------------------------------------------------------------------------------ U3b19: 0e2514037038 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x00000014) U3b1a: 0d0b00031031 tmp1:= PORTIN_DSZ32_ASZ16_SC1(tmp1) U3b1c: 000400031c77 tmp1:= AND_DSZ32(tmp7, tmp1) U3b1d: 01501e6c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3b1e) 01a56940 SEQW GOTO U2569 ------------------------------------------------------------------------------------ U3b1e: 0e2518037038 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x00000018) U3b20: 2d0fc043700a PORTOUT_DSZ32_ASZ16_SC1(0x000050c0, tmp7) 01a57500 SEQW GOTO U2575 ------------------------------------------------------------------------------------ U3b21: 000800032035 tmp2:= ZEROEXT_DSZ32(tmp5) U3b22: 204364000232 WRITEURAM(tmp2, 0x0064, 64) U3b24: 006520032235 tmp2:= SHR_DSZ64(tmp5, 0x00000020) U3b25: 204365000232 LFNCEMARK-> WRITEURAM(tmp2, 0x0065, 64) 04a17855 SEQW SAVEUIP1 U3b26 SEQW GOTO U2178 U3b26: 004362000232 WRITEURAM(tmp2, 0x0062, 64) U3b28: 000a00a32200 tmp2:= TESTUSTATE(UCODE, !0x0800) 01bb2a00 ? SEQW GOTO U3b2a U3b29: 000810032008 tmp2:= ZEROEXT_DSZ32(0x00000010) U3b2a: 004363000232 WRITEURAM(tmp2, 0x0063, 64) U3b2c: 07ea00032008 mm2:= unk_7ea(0x00000000) U3b2d: 072a00035008 mm5:= unk_72a(0x00000000) U3b2e: 002411035235 tmp5:= SHL_DSZ32(tmp5, 0x00000011) U3b30: 000100032cb5 tmp2:= OR_DSZ32(tmp5, tmp2) U3b31: 002404032232 tmp2:= SHL_DSZ32(tmp2, 0x00000004) U3b32: 07e800035008 mm5:= unk_7e8(0x00000000) U3b34: 000100032cb5 tmp2:= OR_DSZ32(tmp5, tmp2) U3b35: 004366000232 WRITEURAM(tmp2, 0x0066, 64) U3b36: 073a00035000 mm5:= unk_73a(0x00000000) U3b38: 00626a032200 tmp2:= MOVEFROMCREG_DSZ64(0x06a) U3b39: 00a100032d72 tmp2:= CONCAT_DSZ16(tmp2, tmp5) U3b3a: 004367000232 WRITEURAM(tmp2, 0x0067, 64) 01901280 SEQW GOTO U1012 ------------------------------------------------------------------------------------ U3b3c: 00553f037200 tmp7:= BTS_DSZ64(0x00000000, 0x0000003f) U3b3d: 074400038037 tmm0:= unk_744(mm7) U3b3e: 0008e20bb009 tmp11:= ZEROEXT_DSZ32(0x000022e2) U3b40: 04c70003fe3d tmm7:= XORPD(tmm5, tmm0) U3b41: 003d0103bec8 tmp11:= MOVEINSERTFLGS_DSZ32(0x00000001, tmp11) U3b42: 000a20800200 TESTUSTATE(UCODE, !0x0020) 01dad480 ? SEQW GOTO U5ad4 U3b44: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) 01c2ea00 SEQW GOTO U42ea ------------------------------------------------------------------------------------ U3b45: 0062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3b46: 00151003a230 tmp10:= BTS_DSZ32(tmp0, 0x00000010) U3b48: 386a496c037d BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000015, U3b49) 01bb4c00 SEQW GOTO U3b4c ------------------------------------------------------------------------------------ U3b49: 00630903a200 tmp10:= READURAM(0x0009, 64) U3b4a: 00652003a23a tmp10:= SHR_DSZ64(tmp10, 0x00000020) U3b4c: 00043f03ff48 tmp15:= AND_DSZ32(0x0000003f, tmp13) U3b4d: 00051e03ffc8 tmp15:= SUB_DSZ32(0x0000001e, tmp15) U3b4e: 0150506c027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U3b50) 01bb5180 SEQW GOTO U3b51 ------------------------------------------------------------------------------------ U3b50: 00080003a030 tmp10:= ZEROEXT_DSZ32(tmp0) U3b51: 2042fe1c023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) 04a7ac55 SEQW SAVEUIP1 U3b52 SEQW GOTO U27ac U3b52: 006212173200 tmp3:= MOVEFROMCREG_DSZ64(0x512) U3b54: 0008566f5009 tmp5:= ZEROEXT_DSZ32(0x00003b56) U3b55: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79840 ? SEQW GOTO U4798 U3b56: 296205400240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x005) U3b58: 006218172200 tmp2:= MOVEFROMCREG_DSZ64(0x518) U3b59: 005628032232 tmp2:= BTR_DSZ64(tmp2, 0x00000028) U3b5a: 00525c6c0272 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, U3b5c) 01bb6080 SEQW GOTO U3b60 ------------------------------------------------------------------------------------ U3b5c: 000700439f1f tmp9:= NOTAND_DSZ32(0xfffffffffffff000, tmp12) U3b5d: 004400432c9f tmp2:= AND_DSZ64(0xfffffffffffff000, tmp2) U3b5e: 004100032cb9 tmp2:= OR_DSZ64(tmp9, tmp2) U3b60: 00480003903c tmp9:= ZEROEXT_DSZ64(tmp12) U3b61: 186a39ac02b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000000a, U2b39) U3b62: 000416033cd0 LFNCEWAIT-> tmp3:= AND_DSZ32(0x000009bf, tmp3) 032c5880 SEQW GOTO U2c58 ------------------------------------------------------------------------------------ U3b64: 001512032232 tmp2:= BTS_DSZ32(tmp2, 0x00000012) U3b65: 2d0fd843200a PORTOUT_DSZ32_ASZ16_SC1(0x000050d8, tmp2) U3b66: 000d01800000 SAVEUIP_REGOVR(0x01, U3b68, 0x0001) 01de4e80 SEQW GOTO U5e4e U3b68: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01eaaa00 ? SEQW GOTO U6aaa U3b69: 000800000000 NOP U3b6a: 000800000000 NOP U3b6c: 0008aa2b300b tmp3:= ZEROEXT_DSZ32(0x00006aaa) 0186ce00 SEQW GOTO U06ce ------------------------------------------------------------------------------------ U3b6d: 1062800b0240 tmp0:= MOVEFROMCREG_DSZ64(0x280, 32) U3b6e: 386ada600330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U38da) U3b70: 006315030200 tmp0:= READURAM(0x0015, 64) U3b71: 004400036cb7 tmp6:= AND_DSZ64(tmp7, tmp2) U3b72: 00450103cc48 tmp12:= SUB_DSZ64(0x00000001, tmp1) U3b74: 00400003ff30 tmp15:= ADD_DSZ64(tmp0, tmp12) U3b75: 00440003fff7 tmp15:= AND_DSZ64(tmp7, tmp15) U3b76: 3929d9200ff6 CMPUJNZ_DIRECT_NOTTAKEN(tmp6, tmp15, U38d9) U3b78: 002100036822 tmp6:= CONCAT_DSZ32(rdx, rax) U3b79: 104000036db8 tmp6:= ADD_DSZN(tmp8, tmp6) U3b7a: 10400003fdbc tmp15:= ADD_DSZN(tmp12, tmp6) U3b7c: 025d0003ffff tmp15:= TEST_DSZ64(tmp15, tmp15) U3b7d: 0150d960027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U38d9) U3b7e: 004500033dbb tmp3:= SUB_DSZ64(tmp11, tmp6) U3b80: 0351856c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp3, U3b85) U3b81: 004000038db1 tmp8:= ADD_DSZ64(tmp1, tmp6) U3b82: 004500033e35 tmp3:= SUB_DSZ64(tmp5, tmp8) U3b84: 0351d9600273 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp3, U38d9) U3b85: 00080003c000 LFNCEMARK-> tmp12:= ZEROEXT_DSZ32(0x00000000) U3b86: 204255000010 MOVETOCREG_DSZ64(0x00000015, 0x000) U3b88: 0fc600038f36 LFNCEWAIT-> tmp8:= unk_fc6(tmp6, tmp12) U3b89: 0ece00078f30 tmp8:= unk_ece(tmp0, tmp12) U3b8a: 00001003cf08 tmp12:= ADD_DSZ32(0x00000010, tmp12) U3b8c: 39288d2c0c7c LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp12, tmp1, U3b8d) 043b8800 SEQW GOTO U3b88 ------------------------------------------------------------------------------------ U3b8d: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U3b8e: 004000038c31 tmp8:= ADD_DSZ64(tmp1, tmp0) U3b90: 004500033c3b tmp3:= SUB_DSZ64(tmp11, tmp0) U3b91: 0351956c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp3, U3b95) U3b92: 004500033e35 tmp3:= SUB_DSZ64(tmp5, tmp8) U3b94: 0351d9600273 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp3, U38d9) U3b95: 004400036cb7 tmp6:= AND_DSZ64(tmp7, tmp2) U3b96: 004400033c37 tmp3:= AND_DSZ64(tmp7, tmp0) U3b98: 3929d9200cf6 CMPUJNZ_DIRECT_NOTTAKEN(tmp6, tmp3, U38d9) U3b99: 004400033e37 tmp3:= AND_DSZ64(tmp7, tmp8) U3b9a: 3929d9200cf6 CMPUJNZ_DIRECT_NOTTAKEN(tmp6, tmp3, U38d9) U3b9c: 004000036c31 tmp6:= ADD_DSZ64(tmp1, tmp0) U3b9d: 00621b17e200 tmp14:= MOVEFROMCREG_DSZ64(0x51b) U3b9e: 00880043ef88 tmp14:= ZEROEXT_DSZ16(0x00001000, tmp14) U3ba0: 0e250803503e tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000008) U3ba1: 186b48210035 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U6848) U3ba2: 00634603b200 tmp11:= READURAM(0x0046, 64) U3ba4: 0e6d0007b030 LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, mode=0x01, tmp11) U3ba5: 00634703b200 tmp11:= READURAM(0x0047, 64) U3ba6: 0e6d0807b030 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000008, mode=0x01, tmp11) U3ba8: 00634803b200 tmp11:= READURAM(0x0048, 64) U3ba9: 0e6d1007b030 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000010, mode=0x01, tmp11) U3baa: 00632c03b200 tmp11:= READURAM(0x002c, 64) U3bac: 0e6d1807b030 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000018, mode=0x01, tmp11) U3bad: 0e7d20074008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000120, tmp4) U3bae: 00052003dc48 tmp13:= SUB_DSZ32(0x00000020, tmp1) U3bb0: 033a0003d03d tmp13:= STC(tmp13) U3bb1: 00210103ff48 tmp15:= CONCAT_DSZ32(0x00000001, tmp13) U3bb2: 20438e00023f WRITEURAM(tmp15, 0x008e, 64) 01e8ae80 SEQW GOTO U68ae ------------------------------------------------------------------------------------ U3bb4: 0e2d00037e7b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp9, tmp7) U3bb5: 000890039008 tmp9:= ZEROEXT_DSZ32(0x00000090) U3bb6: 00a113039e48 tmp9:= CONCAT_DSZ16(0x00000013, tmp9) U3bb8: 0e2500032e7b tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp9) U3bb9: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U3bba: 015056200237 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, U0856) U3bbc: 3929b82c0df2 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp7, U3bb8) 06085600 SEQW GOTO U0856 ------------------------------------------------------------------------------------ U3bbd: 00542303d23d tmp13:= BT_DSZ64(tmp13, 0x00000023) U3bbe: 00330103d23d tmp13:= SELECTCC_DSZ32_CONDNB(tmp13, 0x00000001) U3bc0: 00060003df73 tmp13:= XOR_DSZ32(tmp3, tmp13) U3bc1: 007d0103cf08 tmp12:= MOVEINSERTFLGS_DSZ64(0x00000001, tmp12) U3bc2: 0151d26c027d UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, U3bd2) U3bc4: 007d0003cf00 tmp12:= MOVEINSERTFLGS_DSZ64(tmp12) U3bc5: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01bbd040 ? SEQW GOTO U3bd0 U3bc6: 00631f03d200 tmp13:= READURAM(0x001f, 64) U3bc8: 00652a03323d tmp3:= SHR_DSZ64(tmp13, 0x0000002a) U3bc9: 00652503d23d ROVR<- tmp13:= SHR_DSZ64(tmp13, 0x00000025) 019a2459 SEQW SAVEUIP0 U3bca SEQW GOTO U1a24 U3bca: 00543803d23d tmp13:= BT_DSZ64(tmp13, 0x00000038) U3bcc: 00330103d23d tmp13:= SELECTCC_DSZ32_CONDNB(tmp13, 0x00000001) U3bcd: 00060003df73 tmp13:= XOR_DSZ32(tmp3, tmp13) U3bce: 0150d06c027d LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp13, U3bd0) 053bd280 SEQW GOTO U3bd2 ------------------------------------------------------------------------------------ U3bd0: 20431e00023c WRITEURAM(tmp12, 0x001e, 64) U3bd1: 021ed9000200 SYNCFULL-> SIGEVENT(0x000000d9) U3bd2: 296205400240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x005) U3bd4: 00337403d43c tmp13:= SELECTCC_DSZ32_CONDNB(tmp12, 0x00020000) U3bd5: 0062fe1f9200 tmp9:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3bd6: 2962fe1c0339 MOVETOCREG_BTS_DSZ64(tmp9, 0x00000010, CORE_CR_EFLAGS) U3bd8: 0008da6f5009 tmp5:= ZEROEXT_DSZ32(0x00003bda) U3bd9: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 01c79840 ? SEQW GOTO U4798 U3bda: 00880e032008 tmp2:= ZEROEXT_DSZ16(0x0000000e) U3bdc: 00480003103c tmp1:= ZEROEXT_DSZ64(tmp12) U3bdd: 00e10b032c88 tmp2:= CONCAT_DSZ8(0x0000000b, tmp2) U3bde: 00080003403b tmp4:= ZEROEXT_DSZ32(tmp11) U3be0: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U3be1: 006265030200 tmp0:= MOVEFROMCREG_DSZ64(0x065) U3be2: 104500036fb0 tmp6:= SUB_DSZN(tmp0, tmp14) 01e93d80 SEQW GOTO U693d ------------------------------------------------------------------------------------ U3be4: 00430e080230 WRITEURAM(tmp0, 0x000e, 32) U3be5: 100a00000300 TESTUSTATE(SYS, 0x8000) 0186ee40 ? SEQW GOTO U06ee U3be6: 000800000000 NOP U3be8: 000806030008 tmp0:= ZEROEXT_DSZ32(0x00000006) 01d8c110 SEQW SAVEUIP0 U3be9 SEQW GOTO U58c1 U3be9: 00630e030200 tmp0:= READURAM(0x000e, 64) U3bea: 00a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U3bec: 0062921bf200 tmp15:= MOVEFROMCREG_DSZ64(0x692) U3bed: 29629218023f LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp15, 0x692) 04879e40 SEQW GOTO U079e ------------------------------------------------------------------------------------ U3bee: 0ea500033034 tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U3bf0: 0e6502035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x00000002) U3bf1: 0e650a036034 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x0000000a) U3bf2: 004012034d08 tmp4:= ADD_DSZ64(0x00000012, tmp4) U3bf4: 3928f92c0035 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U3bf9) U3bf5: 0e7500037033 tmp7:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp3) U3bf6: 004400037df5 tmp7:= AND_DSZ64(tmp5, tmp7) U3bf8: 004100036df6 tmp6:= OR_DSZ64(tmp6, tmp7) U3bf9: 0e7d00036033 STADSTGBUF_DSZ64_ASZ16_SC1(tmp3, tmp6) U3bfa: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01bbee80 SEQW GOTO U3bee ------------------------------------------------------------------------------------ U3bfc: 000000000000 NOP 049ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U3bfd: 286ab4bd02f0 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000e, U5fb4) U3bfe: 1c3013ab7024 tmp7:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_13, mode=0x0a) U3c00: 0cb00bab2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U3c01: 1c30002b3024 LFNCEMARK-> tmp3:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) U3c02: 1008f4035010 tmp5:= ZEROEXT_DSZ32N(0x003f7700) U3c04: 100a02800200 TESTUSTATE(SYS, !UST_USER_MODE) 01bc0800 ? SEQW GOTO U3c08 U3c05: 020d000b5008 tmp5:= unk_20d(0x00000200) U3c06: 1001e4035d50 tmp5:= OR_DSZN(0x00254500, tmp5) U3c08: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01bc1600 ? SEQW GOTO U3c16 U3c09: 0203e7035d50 tmp5:= unk_203(0x00257700, tmp5) U3c0a: 100800035035 tmp5:= ZEROEXT_DSZ32N(tmp5) U3c0c: 0207b2035d50 tmp5:= unk_207(0x00084400, tmp5) U3c0d: 020700030037 tmp0:= unk_207(tmp7) U3c0e: 186a111c02b0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000008, generate_#GP) U3c10: 00240a030237 tmp0:= SHL_DSZ32(tmp7, 0x0000000a) U3c11: 020700030df0 tmp0:= unk_207(tmp0, tmp7) U3c12: 0004af030c10 tmp0:= AND_DSZ32(0x00080000, tmp0) U3c14: 0007af037dd0 tmp7:= NOTAND_DSZ32(0x00080000, tmp7) U3c15: 000100037c37 tmp7:= OR_DSZ32(tmp7, tmp0) U3c16: 213f00000037 unk_13f(tmp7) U3c18: 000400037df5 tmp7:= AND_DSZ32(tmp5, tmp7) U3c19: 000700035eb5 tmp5:= NOTAND_DSZ32(tmp5, tmp10) U3c1a: 000100037df5 tmp7:= OR_DSZ32(tmp5, tmp7) U3c1c: 000ca13bd208 tmp13:= SAVEUIP(0x00, U0ea1) U3c1d: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 035ef040 ? SEQW GOTO U5ef0 U3c1e: 0a62fe5c0337 LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp7, 0x00000011, CORE_CR_EFLAGS) U3c20: 000cfecfe248 tmp14:= SAVEUIP(0x01, U33fe) 032bd900 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U3c21: 00080a079008 tmp9:= ZEROEXT_DSZ32(0x0000010a) U3c22: 00620003ce40 LFNCEWAIT-> tmp12:= MOVEFROMCREG_DSZ64(tmp9) U3c24: 386a4cf007fc BTUJB_DIRECT_NOTTAKEN(tmp12, 0x0000003f, U3c4c) U3c25: 0048210fc300 ROVR<- tmp12:= ZEROEXT_DSZ64(0x00008321) 018000dd SEQW SAVEUIP1 U3c26 U3c26: 006310038200 tmp8:= READURAM(0x0010, 64) U3c28: 000400031eb8 tmp1:= AND_DSZ32(tmp8, tmp10) U3c29: 0151312c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U2b31) U3c2a: 00632b031200 tmp1:= READURAM(0x002b, 64) U3c2c: 002403031231 tmp1:= SHL_DSZ32(tmp1, 0x00000003) U3c2d: 004000033eb1 tmp3:= ADD_DSZ64(tmp1, tmp10) U3c2e: 0047ff7f87f8 tmp8:= NOTAND_DSZ64(tmp8, 0xffffffffffffffff) 01ec6996 SEQW SAVEUIP1 U3c30 SEQW GOTO U6c69 U3c30: 0e6500033033 LFNCEWAIT-> tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3) U3c31: 000d218c0300 SAVEUIP_REGOVR(0x01, U3c32, 0x8321) 02574140 SEQW GOTO U5741 U3c32: 00632b031200 tmp1:= READURAM(0x002b, 64) U3c34: 000001031c48 tmp1:= ADD_DSZ32(0x00000001, tmp1) U3c35: 00044d071c50 tmp1:= AND_DSZ32(0x01ffffff, tmp1) U3c36: 20432b080231 LFNCEMARK-> WRITEURAM(tmp1, 0x002b, 32) U3c38: 386b44300233 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000000, U3c44) U3c39: 0047ff3f3cc8 tmp3:= NOTAND_DSZ64(0x00000fff, tmp3) 01ec6655 SEQW SAVEUIP1 U3c3a SEQW GOTO U6c66 U3c3a: 20420807a233 tmp10:= MOVETOCREG_DSZ64(tmp3, 0x108) U3c3c: 00553d03c23c tmp12:= BTS_DSZ64(tmp12, 0x0000003d) U3c3d: 20432b080200 WRITEURAM(0x00000000, 0x002b, 32) U3c3e: 0e6500033033 LFNCEWTMRK-> tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3) U3c40: 000d218c0300 SAVEUIP_REGOVR(0x01, U3c41, 0x8321) 01d74100 SEQW GOTO U5741 U3c41: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U3c42: 20432b080231 WRITEURAM(tmp1, 0x002b, 32) U3c44: 00410003cf33 LFNCEMARK-> tmp12:= OR_DSZ64(tmp3, tmp12) U3c45: 0044c00f8cc8 tmp8:= AND_DSZ64(0x000003c0, tmp3) U3c46: 006506038238 tmp8:= SHR_DSZ64(tmp8, 0x00000006) U3c48: 0047ff3f3cc8 tmp3:= NOTAND_DSZ64(0x00000fff, tmp3) 01ec5814 SEQW SAVEUIP1 U3c49 SEQW GOTO U6c58 U3c49: 00553f03c23c tmp12:= BTS_DSZ64(tmp12, 0x0000003f) U3c4a: 204200000e7c MOVETOCREG_DSZ64(tmp12, tmp9) U3c4c: 000509071e48 tmp1:= SUB_DSZ32(0x00000109, tmp9) U3c4d: 01514e400271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, uret0) 053c2140 SEQW GOTO U3c21 ------------------------------------------------------------------------------------ U3c4e: 006357033200 LFNCEMARK-> tmp3:= READURAM(0x0057, 64) U3c50: 1042c0080273 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp3, 0x2c0, 32) U3c51: 006356033200 tmp3:= READURAM(0x0056, 64) U3c52: 1042c1080273 MOVETOCREG_DSZ64(tmp3, 0x2c1, 32) U3c54: 0048ff7f301f tmp3:= ZEROEXT_DSZ64(0xffffffffffffffff) U3c55: 204362000233 WRITEURAM(tmp3, 0x0062, 64) U3c56: 0062c31b3200 tmp3:= MOVEFROMCREG_DSZ64(0x6c3) U3c58: 2962c31b32b3 SYNCFULL-> tmp3:= MOVETOCREG_BTS_DSZ64(tmp3, 0x00000008, 0x6c3) U3c59: 000000000000 NOP 08101240 SEQW GOTO U1012 ------------------------------------------------------------------------------------ U3c5a: 000830031008 tmp1:= ZEROEXT_DSZ32(0x00000030) U3c5c: 10629d0b9240 tmp9:= MOVEFROMCREG_DSZ64(0x29d, 32) U3c5d: 39629d480279 MOVETOCREG_BTS_DSZ64(tmp9, 0x00000005, 0x29d) U3c5e: 2d0fb4031008 LFNCEWAIT-> PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, tmp1) U3c60: 000d00800000 SAVEUIP_REGOVR(0x01, U3c61, 0x0000) 01ab1500 SEQW GOTO lbsync_full U3c61: 00630f031200 tmp1:= READURAM(0x000f, 64) U3c62: 000470031c48 tmp1:= AND_DSZ32(0x00000070, tmp1) U3c64: 000530031c48 tmp1:= SUB_DSZ32(0x00000030, tmp1) U3c65: 015066700271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3c66) 01bc6940 SEQW GOTO U3c69 ------------------------------------------------------------------------------------ U3c66: 1062c20b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2c2, 32) U3c68: 1962c2480271 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000005, 0x2c2) U3c69: 021eb2000200 SIGEVENT(0x000000b2) 018e05f9 SEQW UEND2 ------------------------------------------------------------------------------------ U3c6a: 000a08000200 TESTUSTATE(UCODE, 0x0008) 018e05f9 ? SEQW GOTO U0e05 U3c6c: 000c05bbe208 tmp14:= SAVEUIP(0x01, U0e05) U3c6d: 000cc9700280 SAVEUIP(0x00, U5cc9) U3c6e: 000800000000 NOP U3c70: 000a80000200 TESTUSTATE(UCODE, 0x0080) 05404a09 ? SEQW GOTO U404a U3c71: 000000000000 NOP 05404a09 SEQW URET0 ------------------------------------------------------------------------------------ U3c72: 390289480200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000001, 0x289) U3c74: 106289095240 LFNCEWTMRK-> tmpv1:= MOVEFROMCREG_DSZ64(0x289, 32) U3c75: 386a76300215 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000000, U3c76) 063c7440 SEQW GOTO U3c74 ------------------------------------------------------------------------------------ U3c76: 10629e0d5240 tmpv1:= MOVEFROMCREG_DSZ64(0x39e, 32) U3c78: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U3c79: 0004fe014548 tmpv0:= AND_DSZ32(0x000000fe, tmpv1) U3c7a: 000101014508 tmpv0:= OR_DSZ32(0x00000001, tmpv0) U3c7c: 001408015215 tmpv1:= BT_DSZ32(tmpv1, 0x00000008) U3c7d: 017e00014554 tmpv0:= MOVEMERGEFLGS_DSZ64(tmpv0, tmpv1) U3c7e: 001416015215 tmpv1:= BT_DSZ32(tmpv1, 0x00000016) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U3c80: 0cc608e38c66 SYNCWAIT-> tmp8:= unk_cc6(rsi, tmp1) U3c81: 0c8e08a38c67 tmp8:= unk_c8e(rdi, tmp1) U3c82: 016001834234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, IMM_MACRO_01) U3c84: 0cc608e38c66 tmp8:= unk_cc6(rsi, tmp1) U3c85: 0c8e08a38c67 tmp8:= unk_c8e(rdi, tmp1) U3c86: 016001034234 MSLOOP-> tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 019a58a6 SEQW GOTO U1a58 ------------------------------------------------------------------------------------ U3c88: 10850003f034 tmp15:= SUB_DSZN(tmp4) U3c89: 00240403f23f tmp15:= SHL_DSZ32(tmp15, 0x00000004) 031a6240 SEQW GOTO U1a62 ------------------------------------------------------------------------------------ U3c8a: 104221080240 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x221, 32) U3c8c: 1062cd0bc240 tmp12:= MOVEFROMCREG_DSZ64(0x2cd, 32) U3c8d: 00047003cf08 tmp12:= AND_DSZ32(0x00000070, tmp12) U3c8e: 01507564023c UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp12, U1975) U3c90: 00251003023b tmp0:= SHR_DSZ32(tmp11, 0x00000010) U3c91: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U3c92: 19289d850270 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000006, U619d) U3c94: 000407030ec8 tmp0:= AND_DSZ32(0x00000007, tmp11) U3c95: 19289dc50230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000003, U619d) U3c96: 015198700270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U3c98) 0198d096 SEQW SAVEUIP1 U3c98 SEQW GOTO U18d0 U3c98: 000c9d8402c0 SAVEUIP(0x01, U619d) 018a9500 SEQW GOTO U0a95 ------------------------------------------------------------------------------------ U3c99: 07ea00030008 mm0:= unk_7ea(0x00000000) U3c9a: 06240003b208 tmm3:= unk_624(0x00000000) U3c9c: 072c0003103b tmp1:= PINTMOVDTMM2I_DSZ32(tmm3) U3c9d: 000404031c48 tmp1:= AND_DSZ32(0x00000004, tmp1) U3c9e: 01519d100271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U249d) U3ca0: 000559031c10 tmp1:= SUB_DSZ32(0x0001003e, tmp0) U3ca1: 0351f26002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp1, U58f2) U3ca2: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U3ca4: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U3ca5: 29028c134634 LFNCEMARK-> tmp4:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000020, 0x48c) U3ca6: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U3ca8: 0150a9700271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3ca9) 053cac00 SEQW GOTO U3cac ------------------------------------------------------------------------------------ U3ca9: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U3caa: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U3cac: 00053d031c10 tmp1:= SUB_DSZ32(0x0000ffbb, tmp0) U3cad: 03509d100271 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U249d) U3cae: 06a041039000 tmp9:= unk_6a0(0x00000000) U3cb0: 06a04203a000 tmp10:= unk_6a0(0x00000000) U3cb1: 06a700038e39 tmm0:= unk_6a7(tmm1, tmm0) U3cb2: 076a00032038 mm2:= unk_76a(tmm0) U3cb4: 069d00038e00 tmm0:= unk_69d(tmm0) U3cb5: 068a0003fe3a tmp15:= FCOM2(tmp10, tmp8) U3cb6: 002502031238 tmp1:= SHR_DSZ32(tmp8, 0x00000002) U3cb8: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U3cb9: 000000032cb1 tmp2:= ADD_DSZ32(tmp1, tmp2) U3cba: 000ce43002c0 SAVEUIP(0x00, U6ce4) U3cbc: 06a056039000 tmp9:= unk_6a0(0x00000000) U3cbd: 06c900039e78 tmm1:= unk_6c9(tmm0, tmm1) U3cbe: 057f0003ae3f tmm2:= unk_57f(tmm7, tmm0) U3cc0: 048700038e7a tmm0:= unk_487(tmm2, tmm1) U3cc1: 076a0003103f mm1:= unk_76a(tmm7) U3cc2: 002503030231 tmp0:= SHR_DSZ32(tmp1, 0x00000003) U3cc4: 000100031c31 tmp1:= OR_DSZ32(tmp1, tmp0) U3cc5: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U3cc6: 000000032cb1 tmp2:= ADD_DSZ32(tmp1, tmp2) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U3cc8: 1c0000231027 tmp1:= LDZX_DSZN_ASZ32_SC1(rdi, mode=0x08) U3cc9: 1c0000630026 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) U3cca: 108501034d08 tmp4:= SUB_DSZN(0x00000001, tmp4) U3ccc: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) U3ccd: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) U3cce: 10050003ac31 MSLOOP-> tmp10:= SUB_DSZN(tmp1, tmp0) U3cd0: 015f6410023a UJMPCC_DIRECT_TAKEN_CONDZ(tmp10, U0464) U3cd1: 015064100234 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U0464) 053cc840 SEQW GOTO U3cc8 ------------------------------------------------------------------------------------ U3cd2: 0e7b04000cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U3cd4: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U3cd5: 000707037c88 tmp7:= NOTAND_DSZ32(0x00000007, tmp2) U3cd6: 2d6a001b0037 tmp0:= unk_d6a(tmp7) U3cd8: 005629030230 tmp0:= BTR_DSZ64(tmp0, 0x00000029) U3cd9: 2d68001b0037 unk_d68(tmp7, tmp0) U3cda: 0c4ba0135000 LFNCEWAIT-> tmp5:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U3cdc: 0c7baf000035 WRSEGFLD(tmp5, TSS, SEL+FLGS+LIM) U3cdd: 0c4b20135000 tmp5:= RDSEGFLD(UNK_SEG_04, BASE) U3cde: 0c7b2f000035 LFNCEMARK-> WRSEGFLD(tmp5, TSS, BASE) U3ce0: 000800035000 LFNCEWAIT-> tmp5:= ZEROEXT_DSZ32(0x00000000) 0211b200 SEQW GOTO U11b2 ------------------------------------------------------------------------------------ U3ce1: 00250303d23a tmp13:= SHR_DSZ32(tmp10, 0x00000003) U3ce2: 00047803df48 tmp13:= AND_DSZ32(0x00000078, tmp13) U3ce4: 00010d07df50 tmp13:= OR_DSZ32(0x00523700, tmp13) U3ce5: 00320b03e438 tmp14:= SELECTCC_DSZ32_CONDB(tmp8, 0x00000080) U3ce6: 00010003dfbd tmp13:= OR_DSZ32(tmp13, tmp14) U3ce8: 00043f032e88 tmp2:= AND_DSZ32(0x0000003f, tmp10) U3ce9: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U3cea: 01420f032cb2 tmp2:= UFLOWCTRL(tmp2, USTATE, tmp2) U3cec: 01420a000f72 UFLOWCTRL(tmp2, URET0, tmp13) U3ced: 000404031e88 tmp1:= AND_DSZ32(0x00000004, tmp10) U3cee: 006421031231 tmp1:= SHL_DSZ64(tmp1, 0x00000021) U3cf0: 0042521c0231 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp1, 0x752) U3cf1: 00251603e23a tmp14:= SHR_DSZ32(tmp10, 0x00000016) U3cf2: 0004fc0fef88 tmp14:= AND_DSZ32(0x000003fc, tmp14) U3cf4: 00010b07ef90 tmp14:= OR_DSZ32(0x00523000, tmp14) U3cf5: 01420b000fb2 SYNCWTMRK-> UFLOWCTRL(tmp2, URET1, tmp14) U3cf6: 0004bd072e10 tmp2:= AND_DSZ32(0x3ffff000, tmp8) U3cf8: 0151111c0272 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) U3cf9: 00250a03a23a tmp10:= SHR_DSZ32(tmp10, 0x0000000a) U3cfa: 00012d03ce10 tmp12:= OR_DSZ32(0x0000c000, tmp8) U3cfc: 02280003cf00 tmp12:= MSR2CR(tmp12) U3cfd: 00015f032e10 tmp2:= OR_DSZ32(0x00014000, tmp8) U3cfe: 022800032c80 tmp2:= MSR2CR(tmp2) U3d00: 00210003cf32 tmp12:= CONCAT_DSZ32(tmp2, tmp12) U3d01: 00084f0b1010 tmp1:= ZEROEXT_DSZ32(0x00100408) U3d02: 0021540b1c50 tmp1:= CONCAT_DSZ32(0x90810200, tmp1) U3d04: 006335033200 tmp3:= READURAM(0x0035, 64) U3d05: 004400033cf1 tmp3:= AND_DSZ64(tmp1, tmp3) U3d06: 0008520b1010 tmp1:= ZEROEXT_DSZ32(0x020b8000) U3d08: 0021500b1c50 tmp1:= CONCAT_DSZ32(0x003c491c, tmp1) U3d09: 006377032200 tmp2:= READURAM(0x0077, 64) U3d0a: 004400031cb1 tmp1:= AND_DSZ64(tmp1, tmp2) U3d0c: 005623032231 tmp2:= BTR_DSZ64(tmp1, 0x00000023) U3d0d: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01bd1640 ? SEQW GOTO U3d16 U3d0e: 005723032231 tmp2:= BTC_DSZ64(tmp1, 0x00000023) U3d10: 006323031200 tmp1:= READURAM(0x0023, 64) U3d11: 000440031c48 tmp1:= AND_DSZ32(0x00000040, tmp1) U3d12: 004100033cf1 tmp3:= OR_DSZ64(tmp1, tmp3) U3d14: 000a00200200 TESTUSTATE(UCODE, 0x0800) 01bd1600 ? SEQW GOTO U3d16 U3d15: 00553d033233 tmp3:= BTS_DSZ64(tmp3, 0x0000003d) U3d16: 004100033cf2 tmp3:= OR_DSZ64(tmp2, tmp3) U3d18: 00464c0b3cd0 tmp3:= XOR_DSZ64(0x00020008, tmp3) U3d19: 0004ff7f2e89 tmp2:= AND_DSZ32(0x00003fff, tmp10) U3d1a: 002402032232 tmp2:= SHL_DSZ32(tmp2, 0x00000002) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U3d1c: 00635603c200 tmp12:= READURAM(0x0056, 64) U3d1d: 004001037f08 tmp7:= ADD_DSZ64(0x00000001, tmp12) U3d1e: 100ae3840200 TESTUSTATE(SYS, !UST_VMX_DIS | UST_USER_MODE | UST_SMM | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 01d2d880 ? SEQW GOTO U52d8 U3d20: 000003034238 tmp4:= ADD_DSZ32(tmp8, 0x00000003) U3d21: 000cd84bd288 tmp13:= SAVEUIP(0x00, U52d8) U3d22: 100a01040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_VMX_OP_DIS) 01a76980 ? SEQW GOTO generate_#UD U3d24: 000d64800000 SAVEUIP_REGOVR(0x01, U3d25, 0x0064) U3d25: 000c2efc0280 SAVEUIP(0x01, U5f2e) 051d0240 SEQW GOTO U1d02 ------------------------------------------------------------------------------------ U3d26: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U3d28: 386b29b40232 LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000002, U3d29) 04456600 SEQW GOTO U4566 ------------------------------------------------------------------------------------ U3d29: 2d61001bf032 tmp15:= unk_d61(tmp2) U3d2a: 000d06800000 SAVEUIP_REGOVR(0x01, U3d2c, 0x0006) U3d2c: 004500030ff0 tmp0:= SUB_DSZ64(tmp0, tmp15) U3d2d: 01f800030030 tmp0:= SETCC_CONDZ(tmp0) U3d2e: 006428030230 tmp0:= SHL_DSZ64(tmp0, 0x00000028) U3d30: 004100030ff0 tmp0:= OR_DSZ64(tmp0, tmp15) U3d31: 00630c03f200 tmp15:= READURAM(0x000c, 64) U3d32: 20420100023f MOVETOCREG_DSZ64(tmp15, 0x001) U3d34: 0084f87ffc9f tmp15:= AND_DSZ16(0xfffffffffffffff8, tmp2) U3d35: 2d680073003f unk_d68(tmp15, tmp0) 01adc440 SEQW GOTO U2dc4 ------------------------------------------------------------------------------------ U3d36: 000884038010 tmp8:= ZEROEXT_DSZ32(0x00030600) U3d38: 2042a1180238 MOVETOCREG_DSZ64(tmp8, 0x6a1) U3d39: 00653003823e tmp8:= SHR_DSZ64(tmp14, 0x00000030) U3d3a: 000500738e0b tmp8:= SUB_DSZ32(0x00007c00, tmp8) U3d3c: 2042a01b8238 tmp8:= MOVETOCREG_DSZ64(tmp8, 0x6a0) U3d3d: 00251003c23e tmp12:= SHR_DSZ32(tmp14, 0x00000010) U3d3e: 01420e000f00 SYNCMARK-> UFLOWCTRL(MSLOOPCTR, tmp12) U3d40: 0e750003d03e tmp13:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp14) U3d41: 01420d038f78 tmp8:= UFLOWCTRL(tmp8, LDAT_IN, tmp13) U3d42: 00802003ef88 tmp14:= ADD_DSZ16(0x00000020, tmp14) U3d44: 01600103c23c SYNCWAIT-> tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0a3d4000 SEQW GOTO U3d40 ------------------------------------------------------------------------------------ U3d45: 00652003e23e tmp14:= SHR_DSZ64(tmp14, 0x00000020) U3d46: 015d00000f80 UJMP(tmp14) ------------------------------------------------------------------------------------ U3d48: 00084c036010 tmp6:= ZEROEXT_DSZ32(0x00010008) U3d49: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01b40440 ? SEQW GOTO U3404 U3d4a: 104900035924 tmp5:= MOVE_DSZ64(rsp, rsp) U3d4c: 10c000024939 rsp:= ADD_DSZN(tmp9, rsp) U3d4d: 0cb00bab2024 tmp2:= LDZX_DSZ16_ASZ32_SC1(SS, rsp, IMM_MACRO_ALIAS_DATASIZE, mode=0x0a) U3d4e: 1c30002a4024 LFNCEMARK-> rsp:= LDZX_DSZN_ASZ32_SC1(SS, rsp, mode=0x0a) U3d50: 20429e1c023b LFNCEMARK-> MOVETOCREG_DSZ64(tmp11, 0x79e) U3d51: 000c8ee7e248 tmp14:= SAVEUIP(0x01, U398e) 042bd940 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U3d52: 000805031008 tmp1:= ZEROEXT_DSZ32(0x00000005) U3d54: 0ea500032034 tmp2:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp4) U3d55: 000d218c0000 SAVEUIP_REGOVR(0x01, U3d56, 0x0321) 01dc6240 SEQW GOTO U5c62 U3d56: 2d0ba0035008 tmp5:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U3d58: 0e2502032034 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000002) U3d59: 0e2506033034 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000006) U3d5a: 000400035d72 tmp5:= AND_DSZ32(tmp2, tmp5) U3d5c: 000100035d73 tmp5:= OR_DSZ32(tmp3, tmp5) U3d5d: 000807031008 tmp1:= ZEROEXT_DSZ32(0x00000007) U3d5e: 000d518c0000 SAVEUIP_REGOVR(0x01, U3d60, 0x0351) 01dc6280 SEQW GOTO U5c62 U3d60: 00000a034d08 tmp4:= ADD_DSZ32(0x0000000a, tmp4) U3d61: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01bd5240 SEQW GOTO U3d52 ------------------------------------------------------------------------------------ U3d62: 000800000000 NOP U3d64: 000000000000 NOP 019ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U3d65: 0c4bc0273000 tmp3:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U3d66: 104000033d33 tmp3:= ADD_DSZN(tmp3, tmp4) U3d68: 00141303e23e tmp14:= BT_DSZ32(tmp14, 0x00000013) U3d69: 00636e03b200 tmp11:= READURAM(0x006e, 64) U3d6a: 017e0003bfbb tmp11:= MOVEMERGEFLGS_DSZ64(tmp11, tmp14) U3d6c: 007600033cfb tmp3:= CMOVCC_DSZ64_CONDB(tmp11, tmp3) U3d6d: 00141803e23e tmp14:= BT_DSZ32(tmp14, 0x00000018) U3d6e: 00634a03b200 tmp11:= READURAM(0x004a, 64) U3d70: 017e0003bfbb tmp11:= MOVEMERGEFLGS_DSZ64(tmp11, tmp14) U3d71: 007600033cfb tmp3:= CMOVCC_DSZ64_CONDB(tmp11, tmp3) U3d72: 000503030c88 tmp0:= SUB_DSZ32(0x00000003, tmp2) U3d74: 00626503b200 tmp11:= MOVEFROMCREG_DSZ64(0x065) U3d75: 01310003bef0 tmp11:= SELECTCC_DSZ32_CONDNZ(tmp0, tmp11) U3d76: 104500033cfb tmp3:= SUB_DSZN(tmp11, tmp3) U3d78: 00421a1c0233 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp3, 0x71a) U3d79: 00433f000233 WRITEURAM(tmp3, 0x003f, 64) U3d7a: 00420b000237 MOVETOCREG_DSZ64(tmp7, 0x00b) U3d7c: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01bd8900 ? SEQW GOTO U3d89 U3d7d: 002100031c7d tmp1:= CONCAT_DSZ32(tmp13, tmp1) U3d7e: 004346000231 WRITEURAM(tmp1, 0x0046, 64) U3d80: 09620043e37e tmp14:= MOVETOCREG_BTS_DSZ64(tmp14, 0x00000015, 0x000) U3d81: 002100030f39 tmp0:= CONCAT_DSZ32(tmp9, tmp12) U3d82: 004309000230 WRITEURAM(tmp0, 0x0009, 64) U3d84: 00621d030200 tmp0:= MOVEFROMCREG_DSZ64(0x01d) U3d85: 000408030c08 tmp0:= AND_DSZ32(0x00000008, tmp0) U3d86: 002405030230 tmp0:= SHL_DSZ32(tmp0, 0x00000005) U3d88: 004270000230 MOVETOCREG_DSZ64(tmp0, 0x070) U3d89: 000804030008 tmp0:= ZEROEXT_DSZ32(0x00000004) U3d8a: 020403030230 tmp0:= unk_204(tmp0, 0x00000003) U3d8c: 0902050002c0 MOVETOCREG_OR_DSZ64(0x0000000c, 0x005) U3d8d: 00631f033200 tmp3:= READURAM(0x001f, 64) U3d8e: 000707033cc8 tmp3:= NOTAND_DSZ32(0x00000007, tmp3) U3d90: 00431f080233 WRITEURAM(tmp3, 0x001f, 32) U3d91: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 0d3d9440 ? SEQW GOTO U3d94 U3d92: 0a62fe5c033a SYNCMARK-> MOVETOCREG_BTR_DSZ64(tmp10, 0x00000011, CORE_CR_EFLAGS) U3d94: 002400031c32 tmp1:= SHL_DSZ32(tmp2, tmp0) U3d95: 008800031031 tmp1:= ZEROEXT_DSZ16(tmp1) U3d96: 002403032232 tmp2:= SHL_DSZ32(tmp2, 0x00000003) U3d98: 008800032032 tmp2:= ZEROEXT_DSZ16(tmp2) U3d99: 0d61003b0031 SYNCWAIT-> tmp0:= unk_d61(tmp1) U3d9a: 00652d03b230 tmp11:= SHR_DSZ64(tmp0, 0x0000002d) U3d9c: 00040303bec8 tmp11:= AND_DSZ32(0x00000003, tmp11) U3d9d: 00050003bef8 tmp11:= SUB_DSZ32(tmp8, tmp11) U3d9e: 0350fe1c023b UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp11, U07fe) U3da0: 1062df0bd240 tmp13:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U3da1: 00652f03723d tmp7:= SHR_DSZ64(tmp13, 0x0000002f) U3da2: 00240803d23d tmp13:= SHL_DSZ32(tmp13, 0x00000008) U3da4: 000400037f77 tmp7:= AND_DSZ32(tmp7, tmp13) U3da5: 000408037dc8 tmp7:= AND_DSZ32(0x00000008, tmp7) U3da6: 00078503d437 tmp13:= NOTAND_DSZ32(tmp7, 0x00034100) U3da8: 000700037ebd tmp7:= NOTAND_DSZ32(tmp13, tmp10) U3da9: 00160e03e23e tmp14:= BTR_DSZ32(tmp14, 0x0000000e) U3daa: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01e3b080 ? SEQW GOTO U63b0 U3dac: 3e7ba9000c70 unk_e7b(tmp0, tmp1) U3dad: 0d61083b3031 LFNCEMARK-> tmp3:= unk_d61(tmp1) 04e3b540 SEQW GOTO U63b5 ------------------------------------------------------------------------------------ U3dae: 20434f00023a WRITEURAM(tmp10, 0x004f, 64) U3db0: 00085123f009 tmp15:= ZEROEXT_DSZ32(0x00002851) U3db1: 20432c08023f WRITEURAM(tmp15, 0x002c, 32) U3db2: 006309035200 tmp5:= READURAM(0x0009, 64) U3db4: 20434e000233 WRITEURAM(tmp3, 0x004e, 64) U3db5: 0062c51bf200 SYNCMARK-> tmp15:= MOVEFROMCREG_DSZ64(0x6c5) U3db6: 00210003fe3f tmp15:= CONCAT_DSZ32(tmp15, tmp8) U3db8: 20434700023f WRITEURAM(tmp15, 0x0047, 64) U3db9: 017e00030f37 tmp0:= MOVEMERGEFLGS_DSZ64(tmp7, tmp12) U3dba: 00088907e00b tmp14:= ZEROEXT_DSZ32(0x00006189) U3dbc: 05ba0003feb9 tmm7:= unk_5ba(tmm1, tmm2) U3dbd: 05ba0003ef38 SYNCWAIT-> tmm6:= unk_5ba(tmm0, tmm4) U3dbe: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0aad9580 ? SEQW GOTO U2d95 U3dc0: 0042c5180200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x6c5) U3dc1: 000000000000 NOP 082d9540 SEQW GOTO U2d95 ------------------------------------------------------------------------------------ U3dc2: 000900000000 MOVE_DSZ32(0x00000000) U3dc4: 20434708023e WRITEURAM(tmp14, 0x0047, 32) U3dc5: 20430708023e WRITEURAM(tmp14, 0x0007, 32) U3dc6: 000d08800000 SAVEUIP_REGOVR(0x01, U3dc8, 0x0008) 01b2cd80 SEQW GOTO U32cd U3dc8: 00635c032200 tmp2:= READURAM(0x005c, 64) U3dc9: 186aec390332 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000010, U6eec) U3dca: 000d08800000 SAVEUIP_REGOVR(0x01, U3dcc, 0x0008) 01ab1580 SEQW GOTO lbsync_full U3dcc: 10628f0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x38f, 32) U3dcd: 00048a032c88 tmp2:= AND_DSZ32(0x0000008a, tmp2) U3dce: 10428f0c0272 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x38f, 32) U3dd0: 1062810b8240 LFNCEWAIT-> tmp8:= MOVEFROMCREG_DSZ64(0x281, 32) U3dd1: 0001b9038e10 tmp8:= OR_DSZ32(0x000f0000, tmp8) U3dd2: 000800000000 NOP U3dd4: 104281080278 SYNCFULL-> MOVETOCREG_DSZ64(tmp8, 0x281, 32) U3dd5: 0008c43be00b tmp14:= ZEROEXT_DSZ32(0x00006ec4) 08205c40 SEQW GOTO U205c ------------------------------------------------------------------------------------ U3dd6: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U3dd8: 001508031231 tmp1:= BTS_DSZ32(tmp1, 0x00000008) U3dd9: 19629dc803f1 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x0000001f, 0x29d) U3dda: 100a00038300 tmp8:= TESTUSTATE(SYS, 0x8000) 08bde080 ? SEQW GOTO U3de0 U3ddc: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) 01e0aa10 SEQW SAVEUIP0 U3ddd SEQW GOTO U60aa U3ddd: 000433077dd0 tmp7:= AND_DSZ32(0x00ff0000, tmp7) U3dde: 0130b9038437 tmp8:= SELECTCC_DSZ32_CONDZ(tmp7, 0x000f0000) U3de0: 000808030008 tmp0:= ZEROEXT_DSZ32(0x00000008) U3de1: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U3de2: 186ab45c02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000009, patch_load_error) U3de4: 386ae13402b1 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U3de1) U3de5: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U3de6: 000100032cb8 tmp2:= OR_DSZ32(tmp8, tmp2) U3de8: 0004b903ac90 tmp10:= AND_DSZ32(0x000f0000, tmp2) U3de9: 0008e607e00b tmp14:= ZEROEXT_DSZ32(0x000061e6) 053dc240 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ U3dea: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U3dec: 125500000cc0 LFNCEWAIT-> FETCHFROMEIP1_ASZ64(tmp3) U3ded: 0c4ba0274000 tmp4:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U3dee: 0c6ba2000034 WRSEGFLD(tmp4, CS, SEL+FLGS+LIM) U3df0: 0c4b20274000 tmp4:= RDSEGFLD(UNK_SEG_09, BASE) U3df1: 0c6b22000034 WRSEGFLD(tmp4, CS, BASE) U3df2: 0c4ba02b4000 tmp4:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U3df4: 0c6ba3000034 WRSEGFLD(tmp4, SS, SEL+FLGS+LIM) U3df5: 0c4b202b4000 tmp4:= RDSEGFLD(SS_USERM, BASE) U3df6: 0c6b23000034 WRSEGFLD(tmp4, SS, BASE) U3df8: 104800024024 rsp:= ZEROEXT_DSZ64N(rsp) U3df9: 105e00300cc0 MSSTOP-> MJMPTARGET_INDIRECT_ASZ64(tmp3) check_cpl_uend3: U3dfa: 020201030200 tmp0:= PSELECT_CPL0(0x00000001) U3dfc: 0150e6180230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U06e6) U3dfd: 000000000000 LFNCEWAIT-> NOP 029bb9fd SEQW UEND3 ------------------------------------------------------------------------------------ U3dfe: 000a20000200 TESTUSTATE(UCODE, 0x0020) 029bb9fd ? SEQW GOTO U1bb9 U3e00: 000cb8efe208 tmp14:= SAVEUIP(0x01, U1bb8) U3e01: 100a00000300 TESTUSTATE(SYS, 0x8000) 01c06c40 ? SEQW GOTO U406c U3e02: 006510039236 tmp9:= SHR_DSZ64(tmp6, 0x00000010) U3e04: 0044ff3f9e48 tmp9:= AND_DSZ64(0x00000fff, tmp9) U3e05: 108000038e7b tmp8:= ADD_DSZN(tmp11, tmp9) 035ce540 SEQW GOTO U5ce5 ------------------------------------------------------------------------------------ U3e06: 004800035035 LFNCEWAIT-> tmp5:= ZEROEXT_DSZ64(tmp5) U3e08: 29626dc00340 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000017, 0x06d) U3e09: 000800000000 NOP U3e0a: 000800000000 NOP U3e0c: 292824ed0235 LFNCEWAIT-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000003, U5b24) U3e0d: 204270000232 MOVETOCREG_DSZ64(tmp2, 0x070) U3e0e: 292816a00235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000002, U1816) U3e10: 00140e039237 tmp9:= BT_DSZ32(tmp7, 0x0000000e) U3e11: 003301039239 tmp9:= SELECTCC_DSZ32_CONDNB(tmp9, 0x00000001) U3e12: 2a621c0372f7 LFNCEMARK-> tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x0000000c, 0x01c) U3e14: 003304037237 tmp7:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000004) U3e15: 290270000e77 MOVETOCREG_OR_DSZ64(tmp7, tmp9, 0x070) U3e16: 19288d610235 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000001, U688d) U3e18: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U3e19: 000800037000 tmp7:= ZEROEXT_DSZ32(0x00000000) U3e1a: 015d00000f40 UJMP(tmp13) ------------------------------------------------------------------------------------ U3e1c: 00011003f008 tmp15:= OR_DSZ32(0x00000010) U3e1d: 000100036000 tmp6:= OR_DSZ32(0x00000000) U3e1e: 002405031236 tmp1:= SHL_DSZ32(tmp6, 0x00000005) U3e20: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U3e21: 00240f031231 tmp1:= SHL_DSZ32(tmp1, 0x0000000f) U3e22: 000d02800000 SAVEUIP_REGOVR(0x01, U3e24, 0x0002) 01b2cd80 SEQW GOTO U32cd U3e24: 3962a5cc0271 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp1, 0x00000007, 0x3a5) U3e25: 10628d0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x38d, 32) U3e26: 015d00000f40 UJMP(tmp13) ------------------------------------------------------------------------------------ U3e28: 072c0003203c tmp2:= PINTMOVDTMM2I_DSZ32(tmm4) U3e29: 00043f032c88 tmp2:= AND_DSZ32(0x0000003f, tmp2) U3e2a: 062400039efb tmm1:= unk_624(tmm3, tmm3) U3e2c: 072c00033039 tmp3:= PINTMOVDTMM2I_DSZ32(tmm1) U3e2d: 00043f033cc8 tmp3:= AND_DSZ32(0x0000003f, tmp3) U3e2e: 002406035233 tmp5:= SHL_DSZ32(tmp3, 0x00000006) U3e30: 000100035d72 tmp5:= OR_DSZ32(tmp2, tmp5) U3e31: 000c48e40200 SAVEUIP(0x01, U1948) U3e32: 015d00000d00 UJMP(tmp4) ------------------------------------------------------------------------------------ U3e34: 00e104031c88 tmp1:= CONCAT_DSZ8(0x00000004, tmp2) U3e35: 00629e1f8200 tmp8:= MOVEFROMCREG_DSZ64(0x79e) U3e36: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3e38: 23800003ae80 tmp10:= READAFLAGS(tmp10) U3e39: 00421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U3e3a: 00090003903a tmp9:= MOVE_DSZ32(tmp10) U3e3c: 000821037008 tmp7:= ZEROEXT_DSZ32(0x00000021) U3e3d: 00426003e010 tmp14:= MOVETOCREG_DSZ64(0x00000009, 0x000) U3e3e: 000d30ac0380 SAVEUIP_REGOVR(0x01, U3e40, 0xcb30) 01b71a80 SEQW GOTO U371a U3e40: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) 01a68a00 SEQW GOTO U268a ------------------------------------------------------------------------------------ U3e41: 002403038230 tmp8:= SHL_DSZ32(tmp0, 0x00000003) U3e42: 049600038208 tmm0:= unk_496(0x00000000) U3e44: 07ea00030008 mm0:= unk_7ea(0x00000000) U3e45: 06240003b208 tmm3:= unk_624(0x00000000) U3e46: 072c0003103b tmp1:= PINTMOVDTMM2I_DSZ32(tmm3) U3e48: 000404031c48 tmp1:= AND_DSZ32(0x00000004, tmp1) U3e49: 0151fa5c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U57fa) U3e4a: 000559031c10 tmp1:= SUB_DSZ32(0x0001003e, tmp0) U3e4c: 0351f26002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp1, U58f2) U3e4d: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U3e4e: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U3e50: 29028c134634 LFNCEMARK-> tmp4:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000020, 0x48c) U3e51: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U3e52: 015054780271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3e54) 043e5680 SEQW GOTO U3e56 ------------------------------------------------------------------------------------ U3e54: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U3e55: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U3e56: 00053d031c10 tmp1:= SUB_DSZ32(0x0000ffbb, tmp0) U3e58: 0350fa5c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U57fa) U3e59: 06a041039000 tmp9:= unk_6a0(0x00000000) U3e5a: 06a04203a000 tmp10:= unk_6a0(0x00000000) U3e5c: 06a700038e39 tmm0:= unk_6a7(tmm1, tmm0) U3e5d: 076a00032038 mm2:= unk_76a(tmm0) U3e5e: 069d00038e00 tmm0:= unk_69d(tmm0) U3e60: 068a0003fe3a ROVR<- tmp15:= FCOM2(tmp10, tmp8) 01bcbc18 SEQW SAVEUIP0 U3e61 SEQW GOTO U3cbc U3e61: 06e10003ae38 tmm2:= unk_6e1(tmm0, tmm0) U3e62: 000403032c88 tmp2:= AND_DSZ32(0x00000003, tmp2) U3e64: 000100038e32 tmp8:= OR_DSZ32(tmp2, tmp8) U3e65: 072a00031038 mm1:= unk_72a(tmm0) U3e66: 002404031231 tmp1:= SHL_DSZ32(tmp1, 0x00000004) U3e68: 000100038e31 tmp8:= OR_DSZ32(tmp1, tmp8) U3e69: 07ea00030038 mm0:= unk_7ea(tmm0) U3e6a: 00054403bc10 tmp11:= SUB_DSZ32(0x0000fffd, tmp0) U3e6c: 03506d78027b UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp11, U3e6d) 01e43d00 SEQW GOTO U643d ------------------------------------------------------------------------------------ U3e6d: 06a02103c000 tmp12:= unk_6a0(0x00000000) U3e6e: 06a02703b000 tmp11:= unk_6a0(0x00000000) U3e70: 06e10003df3a tmm5:= unk_6e1(tmm2, tmm4) U3e71: 06a02003c000 tmp12:= unk_6a0(0x00000000) U3e72: 06e10003eefa tmm6:= unk_6e1(tmm2, tmm3) U3e74: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U3e75: 06a02603b000 tmp11:= unk_6a0(0x00000000) U3e76: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3e78: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U3e79: 06a01f03c000 tmp12:= unk_6a0(0x00000000) U3e7a: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3e7c: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U3e7d: 06a02503b000 tmp11:= unk_6a0(0x00000000) U3e7e: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3e80: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U3e81: 06a01e03c000 tmp12:= unk_6a0(0x00000000) U3e82: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3e84: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U3e85: 06a02403b000 tmp11:= unk_6a0(0x00000000) U3e86: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3e88: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U3e89: 06a01d03c000 tmp12:= unk_6a0(0x00000000) U3e8a: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3e8c: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U3e8d: 06a02303b000 tmp11:= unk_6a0(0x00000000) U3e8e: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3e90: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U3e91: 06a01c03c000 tmp12:= unk_6a0(0x00000000) U3e92: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3e94: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U3e95: 06a02203b000 tmp11:= unk_6a0(0x00000000) U3e96: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3e98: 06610003df7a tmm5:= unk_661(tmm2, tmm5) U3e99: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3e9a: 01509c78027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U3e9c) 01e49e80 SEQW GOTO U649e ------------------------------------------------------------------------------------ U3e9c: 06a040039000 tmp9:= unk_6a0(0x00000000) U3e9d: 06e10003df78 tmm5:= unk_6e1(tmm0, tmm5) U3e9e: 06c90003efb9 tmm6:= unk_6c9(tmm1, tmm6) U3ea0: 06c90003df78 tmm5:= unk_6c9(tmm0, tmm5) U3ea1: 06a040039000 tmp9:= unk_6a0(0x00000000) U3ea2: 04b441809e40 mm7:= FMOV(tmm1) U3ea4: 000401031e08 tmp1:= AND_DSZ32(0x00000001, tmp8) U3ea5: 01519c140231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U059c) U3ea6: 04960003d23d tmm5:= unk_496(tmm5, 0x00000000) U3ea8: 26a631808f7e mm0:= unk_6a6(tmm6, tmm5) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U3ea9: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U3eaa: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U3eac: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U3ead: 386bac38023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U3eac) U3eae: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3eb0: 386bb1f803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3eb1) 083eae00 SEQW GOTO U3eae ------------------------------------------------------------------------------------ U3eb1: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U3eb2: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3eb4: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U3eb5: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3eb6: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3eb8: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3eb9: 386bbaf803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3eba) 08beb840 SEQW GOTO U3eb8 ------------------------------------------------------------------------------------ U3eba: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U3ebc: 00e10603ffc8 tmp15:= CONCAT_DSZ8(0x00000006, tmp15) U3ebd: 00a1c007ffc8 tmp15:= CONCAT_DSZ16(0x000001c0, tmp15) U3ebe: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3ec0: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U3ec1: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3ec2: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3ec4: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3ec5: 386bc6f803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3ec6) 08bec440 SEQW GOTO U3ec4 ------------------------------------------------------------------------------------ U3ec6: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U3ec8: 00000403ffc8 tmp15:= ADD_DSZ32(0x00000004, tmp15) U3ec9: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3eca: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U3ecc: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3ecd: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3ece: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3ed0: 386bd1f803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3ed1) 083ece00 SEQW GOTO U3ece ------------------------------------------------------------------------------------ U3ed1: 00480003f014 tmp15:= ZEROEXT_DSZ64(tmpv0) U3ed2: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U3ed4: 002d1003f23f tmp15:= ROR_DSZ32(tmp15, 0x00000010) U3ed5: 0001ff03ffc8 tmp15:= OR_DSZ32(0x000000ff, tmp15) U3ed6: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3ed8: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U3ed9: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3eda: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3edc: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3edd: 386bdef803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3ede) 08bedc40 SEQW GOTO U3edc ------------------------------------------------------------------------------------ U3ede: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U3ee0: 00000803ffc8 tmp15:= ADD_DSZ32(0x00000008, tmp15) U3ee1: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3ee2: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U3ee4: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3ee5: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3ee6: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3ee8: 386be9f803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3ee9) 083ee600 SEQW GOTO U3ee6 ------------------------------------------------------------------------------------ U3ee9: 00080003f014 tmp15:= ZEROEXT_DSZ32(tmpv0) U3eea: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3eec: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U3eed: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3eee: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3ef0: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3ef1: 386bf2f803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3ef2) 08bef040 SEQW GOTO U3ef0 ------------------------------------------------------------------------------------ U3ef2: 00080003f000 tmp15:= ZEROEXT_DSZ32(0x00000000) U3ef4: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3ef5: 00081903f008 tmp15:= ZEROEXT_DSZ32(0x00000019) U3ef6: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3ef8: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3ef9: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3efa: 386bfcf803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3efc) 093ef980 SEQW GOTO U3ef9 ------------------------------------------------------------------------------------ U3efc: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U3efd: 00000c03ffc8 tmp15:= ADD_DSZ32(0x0000000c, tmp15) U3efe: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3f00: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U3f01: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3f02: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3f04: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3f05: 386b06fc03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3f06) 08bf0440 SEQW GOTO U3f04 ------------------------------------------------------------------------------------ U3f06: 2d0ba0015008 tmpv1:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U3f08: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U3f09: 00001003ffc8 tmp15:= ADD_DSZ32(0x00000010, tmp15) U3f0a: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U3f0c: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U3f0d: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U3f0e: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U3f10: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U3f11: 386b12fc03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U3f12) 08bf1040 SEQW GOTO U3f10 ------------------------------------------------------------------------------------ U3f12: 2d0ba0016008 tmpv2:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U3f14: 002100015556 SYNCFULL-> tmpv1:= CONCAT_DSZ32(tmpv2, tmpv1) 084798cc SEQW URET1 ------------------------------------------------------------------------------------ U3f15: 0008187f5009 tmp5:= ZEROEXT_DSZ32(0x00003f18) U3f16: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 084798cc ? SEQW GOTO U4798 U3f18: 000a00c00240 TESTUSTATE(UCODE, !0x3000) 01a4c900 ? SEQW GOTO U24c9 U3f19: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3f1a: 23800003ae80 tmp10:= READAFLAGS(tmp10) U3f1c: 006370031200 tmp1:= READURAM(0x0070, 64) U3f1d: 005432031231 tmp1:= BT_DSZ64(tmp1, 0x00000032) U3f1e: 00621d030200 tmp0:= MOVEFROMCREG_DSZ64(0x01d) U3f20: 003200031c31 tmp1:= SELECTCC_DSZ32_CONDB(tmp1, tmp0) U3f21: 386a22bc0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000002, U3f22) 01d78940 SEQW GOTO U5789 ------------------------------------------------------------------------------------ U3f22: 000808030009 tmp0:= ZEROEXT_DSZ32(0x00002008) U3f24: 000816032008 tmp2:= ZEROEXT_DSZ32(0x00000016) U3f25: 000de2800000 SAVEUIP_REGOVR(0x01, U3f26, 0x00e2) U3f26: 000c9d9c0200 SAVEUIP(0x01, U079d) 019d8e80 SEQW GOTO U1d8e ------------------------------------------------------------------------------------ U3f28: 00a10e030008 tmp0:= CONCAT_DSZ16(0x0000000e) U3f29: 1042dd080270 MOVETOCREG_DSZ64(tmp0, 0x2dd, 32) U3f2a: 0062f61f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U3f2c: 00434a080230 WRITEURAM(tmp0, 0x004a, 32) U3f2d: 0007d8070c10 tmp0:= NOTAND_DSZ32(0x60000000, tmp0) U3f2e: 0042f61c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) U3f30: 00621b17e200 tmp14:= MOVEFROMCREG_DSZ64(0x51b) U3f31: 09021b54023e LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp14, 0x00000001, 0x51b) U3f32: 00880043ef88 tmp14:= ZEROEXT_DSZ16(0x00001000, tmp14) 04843c96 SEQW SAVEUIP1 U3f34 SEQW GOTO U043c U3f34: 0042c5180232 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, 0x6c5) 086f7c00 SEQW GOTO U6f7c ------------------------------------------------------------------------------------ U3f35: 0e6800635eca STADPPHYS_DSZ64_ASZ64_SC1(tmp11, 0x00000200, mode=0x18, tmp5) U3f36: 0008807f7008 tmp7:= ZEROEXT_DSZ32(0x00001f80) U3f38: 000c52980240 SAVEUIP(0x01, U2652) 01db4910 SEQW SAVEUIP0 U3f39 SEQW GOTO U5b49 U3f39: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U3f3a: 00635b036200 tmp6:= READURAM(0x005b, 64) U3f3c: 386b4ebc0330 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000012, U3f4e) U3f3d: 00653803f236 tmp15:= SHR_DSZ64(tmp6, 0x00000038) U3f3e: 00071803f23f tmp15:= NOTAND_DSZ32(tmp15, 0x00000018) U3f40: 0151427c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3f42) U3f41: 000c6c000280 LFNCEMARK-> SAVEUIP(0x00, U406c) 04b8b255 SEQW SAVEUIP1 U3f42 SEQW GOTO U38b2 U3f42: 00635b032200 tmp2:= READURAM(0x005b, 64) U3f44: 00212d0bf010 tmp15:= CONCAT_DSZ32(0xff000000) U3f45: 004700032cbf tmp2:= NOTAND_DSZ64(tmp15, tmp2) 05025255 SEQW SAVEUIP1 U3f46 SEQW GOTO U0252 U3f46: 0e6568070c48 LFNCEMARK-> tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000068, mode=0x01) U3f48: 006438030230 tmp0:= SHL_DSZ64(tmp0, 0x00000038) U3f49: 004100032cb0 tmp2:= OR_DSZ64(tmp0, tmp2) U3f4a: 20435b000232 WRITEURAM(tmp2, 0x005b, 64) U3f4c: 004600032c36 tmp2:= XOR_DSZ64(tmp6, tmp0) U3f4d: 386a69e007b2 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000003b, U3869) U3f4e: 000803020008 rax:= ZEROEXT_DSZ32(0x00000003) 04825296 SEQW SAVEUIP1 U3f50 SEQW GOTO U0252 U3f50: 0e6538063c48 rbx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000038, mode=0x01) U3f51: 0e6528061c08 rcx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000028, mode=0x01) U3f52: 213f00000000 unk_13f(0x00000000) U3f54: 0e6598065d48 rbp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000098, mode=0x01) U3f55: 0e6590064d48 rsp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000090, mode=0x01) U3f56: 0e6528072c48 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000028, mode=0x01) U3f58: 0e6530073c48 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000030, mode=0x01) U3f59: 0c6b2c000032 LFNCEWAIT-> WRSEGFLD(tmp2, FS, BASE) U3f5a: 0c6bac000033 WRSEGFLD(tmp3, FS, SEL+FLGS+LIM) U3f5c: 0e6518072c48 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000018, mode=0x01) U3f5d: 0e6520073c48 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000020, mode=0x01) U3f5e: 0c6b2d000032 WRSEGFLD(tmp2, GS, BASE) U3f60: 0c6bad000033 WRSEGFLD(tmp3, GS, SEL+FLGS+LIM) U3f61: 006270037200 tmp7:= MOVEFROMCREG_DSZ64(0x070) U3f62: 000420037dc8 tmp7:= AND_DSZ32(0x00000020, tmp7) U3f64: 29620b400240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x00b) U3f65: 0ee5a0078d48 tmp8:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp5, 0x000000a0, mode=0x01) U3f66: 3928683c0338 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000010, U3f68) 073f6d80 SEQW GOTO U3f6d ------------------------------------------------------------------------------------ U3f68: 00087e0f9008 tmp9:= ZEROEXT_DSZ32(0x0000037e) U3f69: 004286100239 MOVETOCREG_DSZ64(tmp9, 0x486) U3f6a: 00088103900c tmp9:= ZEROEXT_DSZ32(0x00008081) U3f6c: 00428c100239 MOVETOCREG_DSZ64(tmp9, 0x48c) U3f6d: 39286efc0338 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmp8, 0x00000013, U3f6e) 06bf7240 SEQW GOTO U3f72 ------------------------------------------------------------------------------------ U3f6e: 0008017f9008 tmp9:= ZEROEXT_DSZ32(0x00001f01) U3f70: 07070003d039 tmm5:= unk_707(tmm1) U3f71: 06910003e03d tmm6:= unk_691(tmm5) U3f72: 0e251807cc08 tmp12:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp0, 0x00000018, mode=0x01) U3f74: 00000103cf08 tmp12:= ADD_DSZ32(0x00000001, tmp12) U3f75: 0e2d1807cc08 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp0, 0x00000018, mode=0x01, tmp12) U3f76: 00429a1c0200 MOVETOCREG_DSZ64(0x00000000, 0x79a) 01843c96 SEQW SAVEUIP1 U3f78 SEQW GOTO U043c U3f78: 0e2550072c48 LFNCEWAIT-> tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1, 0x00000050, mode=0x01) U3f79: 0e2578073c48 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1, 0x00000078, mode=0x01) U3f7a: 0e6588075d48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000088, mode=0x01) U3f7c: 2042f81c0232 LFNCEMARK-> MOVETOCREG_DSZ64(tmp2, 0x7f8) U3f7d: 0062fe1fc200 tmp12:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U3f7e: 00161003c23c tmp12:= BTR_DSZ32(tmp12, 0x00000010) U3f80: 296272400300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x072) U3f81: 000806134008 tmp4:= ZEROEXT_DSZ32(0x00000406) U3f82: 0e6500072c48 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, mode=0x01) U3f84: 386b853c0232 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3f85) 01bfa200 SEQW GOTO U3fa2 ------------------------------------------------------------------------------------ U3f85: 1042f91c0273 MOVETOCREG_DSZ64(tmp3, 0x7f9, 32) U3f86: 0e6540075c48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000040, mode=0x01) U3f88: 00070203f232 tmp15:= NOTAND_DSZ32(tmp2, 0x00000002) U3f89: 00a1c003f23f tmp15:= CONCAT_DSZ16(tmp15, 0x000000c0) U3f8a: 006370033200 tmp3:= READURAM(0x0070, 64) U3f8c: 00210003f03f tmp15:= CONCAT_DSZ32(tmp15) U3f8d: 004700033cff tmp3:= NOTAND_DSZ64(tmp15, tmp3) U3f8e: 204370040233 WRITEURAM(tmp3, 0x0170, 64) U3f90: 29a208000633 MOVETOCREG_SHR_DSZ64(tmp3, 0x00000020, 0x008) U3f91: 0e6558073c48 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000058, mode=0x01) U3f92: 000400073cc8 tmp3:= AND_DSZ32(0x00000100, tmp3) U3f94: 00070007cf08 tmp12:= NOTAND_DSZ32(0x00000100, tmp12) U3f95: 00010003cf33 tmp12:= OR_DSZ32(tmp3, tmp12) U3f96: 006312033200 tmp3:= READURAM(0x0012, 64) U3f98: 0004f0073cd0 tmp3:= AND_DSZ32(0x80000000, tmp3) U3f99: 00251d033233 tmp3:= SHR_DSZ32(tmp3, 0x0000001d) U3f9a: 00040003fcb3 tmp15:= AND_DSZ32(tmp3, tmp2) U3f9c: 01302003f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000020) U3f9d: 0062c31b3200 tmp3:= MOVEFROMCREG_DSZ64(0x6c3) U3f9e: 000720033cc8 tmp3:= NOTAND_DSZ32(0x00000020, tmp3) U3fa0: 0902c3180ff3 MOVETOCREG_OR_DSZ64(tmp3, tmp15, 0x6c3) U3fa1: 000826134008 tmp4:= ZEROEXT_DSZ32(0x00000426) U3fa2: 2042fe1c023c MOVETOCREG_DSZ64(tmp12, CORE_CR_EFLAGS) U3fa4: 20421a1c0235 SYNCMARK-> MOVETOCREG_DSZ64(tmp5, 0x71a) U3fa5: 2902efdc0200 MOVETOCREG_OR_DSZ64(0x00000003, 0x7ef) U3fa6: 0e2554073c48 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1, 0x00000054, mode=0x01) U3fa8: 0e6528076c08 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000028, mode=0x01) U3fa9: 0e657007cc48 tmp12:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000070, mode=0x01) U3faa: 00040103cf08 tmp12:= AND_DSZ32(0x00000001, tmp12) U3fac: 01300203c23c tmp12:= SELECTCC_DSZ32_CONDZ(tmp12, 0x00000002) U3fad: 00000833cf08 tmp12:= ADD_DSZ32(0x00000c08, tmp12) U3fae: 0e656007ac48 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000060, mode=0x01) U3fb0: 00400003aebc tmp10:= ADD_DSZ64(tmp12, tmp10) U3fb1: 0e6d00040c08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, mode=0x01, 0x00000000) U3fb2: 2eaa0007c03a LFNCEWAIT-> tmp12:= LDPPHYS_DSZ16_ASZ64_SC1(tmp10, mode=0x01) U3fb4: 00850103cf08 tmp12:= SUB_DSZ16(0x00000001, tmp12) U3fb5: 2ea80007c03a LFNCEMARK-> STADPPHYS_DSZ16_ASZ64_SC1(tmp10, mode=0x01, tmp12) U3fb6: 20621c032200 tmp2:= MOVEFROMCREG_DSZ64(0x01c) U3fb8: 000700032cb3 tmp2:= NOTAND_DSZ32(tmp3, tmp2) U3fb9: 20421c000232 MOVETOCREG_DSZ64(tmp2, 0x01c) U3fba: 014300300d40 AETTRACE(0x0c, tmp5) U3fbc: 006211170200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(0x511) U3fbd: 006210171200 tmp1:= MOVEFROMCREG_DSZ64(0x510) U3fbe: 006218172200 tmp2:= MOVEFROMCREG_DSZ64(0x518) U3fc0: 006204033200 tmp3:= MOVEFROMCREG_DSZ64(0x004) U3fc1: 006200038200 tmp8:= MOVEFROMCREG_DSZ64(0x000) U3fc2: 0008c00be009 tmp14:= ZEROEXT_DSZ32(0x000022c0) U3fc4: 000e09000200 WRMSLOOPCTRFBR(0x00000009) U3fc5: 000ccc100200 SAVEUIP(0x00, U04cc) 0b025a55 SEQW SAVEUIP1 U3fc6 SEQW GOTO U025a U3fc6: 004309000200 SYNCWAIT-> WRITEURAM(0x00000000, 0x0009, 64) U3fc8: 00430a000200 WRITEURAM(0x00000000, 0x000a, 64) U3fc9: 00430b000200 WRITEURAM(0x00000000, 0x000b, 64) U3fca: 00436e000200 WRITEURAM(0x00000000, 0x006e, 64) U3fcc: 105e00280d80SYNCFULL->MSSTOP-> MJMPTARGET_INDIRECT_ASZ64(tmp6) 08670a2c SEQW GOTO U670a ------------------------------------------------------------------------------------ U3fcd: 06e10003923f tmm1:= unk_6e1(tmm7, 0x00000000) U3fce: 06610003a23f tmm2:= unk_661(tmm7, 0x00000000) U3fd0: 06e10003aeb9 tmm2:= unk_6e1(tmm1, tmm2) U3fd1: 06a01003c000 tmp12:= unk_6a0(0x00000000) U3fd2: 06a01103b000 tmp11:= unk_6a0(0x00000000) U3fd4: 06e10003ff3a tmm7:= unk_6e1(tmm2, tmm4) U3fd5: 06a00e03c000 tmp12:= unk_6a0(0x00000000) U3fd6: 06e10003eefa tmm6:= unk_6e1(tmm2, tmm3) U3fd8: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U3fd9: 06a00f03b000 tmp11:= unk_6a0(0x00000000) U3fda: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3fdc: 06e10003fffa tmm7:= unk_6e1(tmm2, tmm7) U3fdd: 06a00c03c000 tmp12:= unk_6a0(0x00000000) U3fde: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3fe0: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U3fe1: 06a00d03b000 tmp11:= unk_6a0(0x00000000) U3fe2: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3fe4: 06e10003fffa tmm7:= unk_6e1(tmm2, tmm7) U3fe5: 06a00a03c000 tmp12:= unk_6a0(0x00000000) U3fe6: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3fe8: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U3fe9: 06a00b03b000 tmp11:= unk_6a0(0x00000000) U3fea: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3fec: 06e10003fffa tmm7:= unk_6e1(tmm2, tmm7) U3fed: 06a00803c000 tmp12:= unk_6a0(0x00000000) U3fee: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3ff0: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U3ff1: 06a00903b000 tmp11:= unk_6a0(0x00000000) U3ff2: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U3ff4: 06610003fffa tmm7:= unk_661(tmm2, tmm7) U3ff5: 06610003efba tmm6:= unk_661(tmm2, tmm6) U3ff6: 06e10003fff9 tmm7:= unk_6e1(tmm1, tmm7) U3ff8: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U3ff9: 06a00703b000 tmp11:= unk_6a0(0x00000000) U3ffa: 06e10003befa tmm3:= unk_6e1(tmm2, tmm3) U3ffc: 06490003ffbf tmm7:= unk_649(tmm7, tmm6) U3ffd: 06490003bffb tmm3:= unk_649(tmm3, tmm7) U3ffe: 268900008ef9 mm0:= unk_689(tmm1, tmm3) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ reset_flow: U4000: 000000000000 NOP U4001: 000000000000 NOP 0510ce40 SEQW GOTO U10ce ------------------------------------------------------------------------------------ U4002: 0e7b2fe40cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U4004: 100800001073 LFNCEWAIT-> r64dst:= ZEROEXT_DSZ32N(tmp3, r64dst) 0259fcb0 SEQW UEND0 ------------------------------------------------------------------------------------ U4005: 286afca50223 BTUJB_DIRECT_NOTTAKEN(rbx, 0x00000002, U59fc) U4006: 001602020220 rax:= BTR_DSZ32(rax, 0x00000002) 0259fcb0 SEQW GOTO U59fc ------------------------------------------------------------------------------------ U4008: 06a043039000 tmp9:= unk_6a0(0x00000000) U4009: 04b40003be40 tmm3:= FMOV(tmm1) 05228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U400a: 0151112c0278 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U2b11) U400c: 000800002032 LFNCEWAIT-> rax:= ZEROEXT_DSZ32(tmp2) 022b1200 SEQW GOTO U2b12 ------------------------------------------------------------------------------------ U400d: 000000000000 NOP U400e: 000000000000 NOP U4010: 06a017079000 tmp9:= unk_6a0(0x00000000) U4011: 04b40003be40 tmm3:= FMOV(tmm1) 05228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U4012: 206322030200 LFNCEMARK-> tmp0:= READURAM(0x0022, 64) U4014: 204300000230 LFNCEWAIT-> WRITEURAM(tmp0, 0x0000, 64) 02217c00 SEQW GOTO U217c ------------------------------------------------------------------------------------ U4015: 000000000000 NOP U4016: 000000000000 NOP U4018: 06a017079000 tmp9:= unk_6a0(0x00000000) U4019: 049400039e40 tmm1:= unk_494(tmm1) U401a: 04b40003be40 tmm3:= FMOV(tmm1) 01a28180 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U401c: 000938230009 tmp0:= MOVE_DSZ32(0x00002838) 01ce8200 SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U401d: 000000000000 NOP U401e: 000000000000 NOP U4020: 04b400039000 tmm1:= FMOV(0x00000000) U4021: 04b40003be40 tmm3:= FMOV(tmm1) 05228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U4022: 206322030200 LFNCEMARK-> tmp0:= READURAM(0x0022, 64) U4024: 204301000230 LFNCEWAIT-> WRITEURAM(tmp0, 0x0001, 64) 02217c00 SEQW GOTO U217c ------------------------------------------------------------------------------------ U4025: 000000000000 NOP U4026: 000000000000 NOP U4028: 049400039000 tmm1:= unk_494(0x00000000) U4029: 04b40003be40 tmm3:= FMOV(tmm1) 05228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U402a: 206300031c00 LFNCEMARK-> tmp1:= READURAM(tmp0) U402c: 001600031031 tmp1:= BTR_DSZ32(tmp1) U402d: 204300000c31 LFNCEWAIT-> WRITEURAM(tmp1, tmp0) 02a4da40 SEQW GOTO U24da ------------------------------------------------------------------------------------ U402e: 000000000000 NOP U4030: 000401036f08 tmp6:= AND_DSZ32(0x00000001, tmp12) U4031: 06a016078000 tmp8:= unk_6a0(0x00000000) U4032: 04c300039e39 tmm1:= ORPD(tmm1, tmm0) 01a02980 SEQW GOTO U2029 ------------------------------------------------------------------------------------ U4034: 00092d230009 tmp0:= MOVE_DSZ32(0x0000282d) 01ce8200 SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U4035: 000000000000 NOP U4036: 000000000000 NOP U4038: 06a016079000 tmp9:= unk_6a0(0x00000000) U4039: 04c300039e78 tmm1:= ORPD(tmm0, tmm1) U403a: 04b40003be40 tmm3:= FMOV(tmm1) 01a28180 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U403c: 00084c030010 tmp0:= ZEROEXT_DSZ32(0x00010008) 019f9000 SEQW GOTO do_smm_vmexit ------------------------------------------------------------------------------------ U403d: 000000000000 NOP U403e: 000000000000 NOP U4040: 04b400039e40 tmm1:= FMOV(tmm1) U4041: 04b40003be40 tmm3:= FMOV(tmm1) 03228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U4042: 19629e080300 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000010, 0x29e) U4044: 000c6adc0240 SAVEUIP(0x01, U376a) 01a08d00 SEQW GOTO U208d ------------------------------------------------------------------------------------ U4045: 000000000000 NOP U4046: 000000000000 NOP U4048: 049400039e40 tmm1:= unk_494(tmm1) U4049: 04b40003be40 tmm3:= FMOV(tmm1) 0d228140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U404a: 0053456c02b4 SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp4, U5b45) U404c: 0048807f7008 tmp7:= ZEROEXT_DSZ64(0x00001f80) 01db4600 SEQW GOTO U5b46 ------------------------------------------------------------------------------------ U404d: 000000000000 NOP U404e: 000000000000 NOP U4050: 04b400039e00 tmm1:= FMOV(tmm0) U4051: 04b40003be00 tmm3:= FMOV(tmm0) 01a28140 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U4052: 286a026502e0 BTUJB_DIRECT_NOTTAKEN(rax, 0x0000000d, U5902) U4054: 00620003a800 tmp10:= MOVEFROMCREG_DSZ64(rax) 05406500 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U4055: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U4056: 1e7be403bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U4058: 0c4b6013c000 LFNCEWAIT-> tmp12:= RDSEGFLD(UNK_SEG_04, LIMIT) U4059: 005000000efb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) 02038240 SEQW GOTO U0382 ------------------------------------------------------------------------------------ U405a: 000805034008 tmp4:= ZEROEXT_DSZ32(0x00000005) U405c: 00010003a020 tmp10:= OR_DSZ32(rax) U405d: 0008625fd009 tmp13:= ZEROEXT_DSZ32(0x00003762) 05198240 SEQW GOTO U1982 ------------------------------------------------------------------------------------ U405e: 06910003e03d LFNCEMARK-> tmm6:= unk_691(tmm5) U4060: 000000000000 LFNCEWAIT-> NOP U4061: 000caae7e248 tmp14:= SAVEUIP(0x01, U39aa) 022ff040 SEQW GOTO U2ff0 ------------------------------------------------------------------------------------ U4062: 000100034020 tmp4:= OR_DSZ32(rax) U4064: 00630003ad00 tmp10:= READURAM(tmp4) U4065: 00480002203a rdx:= ZEROEXT_DSZ64(tmp10) U4066: 00652002323a rbx:= SHR_DSZ64(tmp10, 0x00000020) 01c3a480 SEQW GOTO U43a4 ------------------------------------------------------------------------------------ U4068: 000000000000 NOP U4069: 000000000000 NOP U406a: 0dcb0003a020 tmp10:= PORTIN_DSZ8_ASZ16_SC1(rax) 01c06580 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U406c: 0062011f2200 tmp2:= MOVEFROMCREG_DSZ64(0x701) U406d: 0047ac072c90 tmp2:= NOTAND_DSZ64(0x30000000, tmp2) U406e: 0042011c0232 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp2, 0x701) U4070: 0c6b31000000 WRSEGFLD(0x00000000) U4071: 00434b000200 LFNCEMARK-> WRITEURAM(0x00000000, 0x004b, 64) 04c0658d SEQW URET1 ------------------------------------------------------------------------------------ U4072: 0e750003a034 tmp10:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp4) 04c0658d SEQW GOTO U4065 ------------------------------------------------------------------------------------ U4074: 004100031c7a tmp1:= OR_DSZ64(tmp10, tmp1) U4075: 00540d031231 tmp1:= BT_DSZ64(tmp1, 0x0000000d) U4076: 10080003c03c SYNCWAIT-> tmp12:= ZEROEXT_DSZ32N(tmp12) U4078: 00652003a23c SYNCWAIT-> tmp10:= SHR_DSZ64(tmp12, 0x00000020) 0a40658c SEQW URET1 ------------------------------------------------------------------------------------ U4079: 000000000000 NOP U407a: 0d8b0003a020 tmp10:= PORTIN_DSZ16_ASZ16_SC1(rax) 0a40658c SEQW GOTO U4065 ------------------------------------------------------------------------------------ U407c: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) 01b1f100 SEQW GOTO U31f1 ------------------------------------------------------------------------------------ U407d: 000000000000 NOP U407e: 000000000000 NOP U4080: 000000000000 NOP U4081: 000000000000 NOP U4082: 0d0b0003a020 tmp10:= PORTIN_DSZ32_ASZ16_SC1(rax) 01c06580 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U4084: 000c25ec0280 SAVEUIP(0x01, U5b25) 01a71200 SEQW GOTO U2712 ------------------------------------------------------------------------------------ U4085: 000000000000 NOP U4086: 000000000000 NOP U4088: 000000000000 NOP U4089: 000000000000 NOP U408a: 0d4b0003a020 tmp10:= PORTIN_DSZ64_ASZ16_SC1(rax) 01c06580 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U408c: 000000000000 NOP 01b8c900 SEQW GOTO U38c9 ------------------------------------------------------------------------------------ U408d: 000000000000 NOP U408e: 000000000000 NOP U4090: 000000000000 NOP U4091: 000000000000 NOP U4092: 2e750003a020 tmp10:= LDSTGBUF_DSZ64_ASZ16_SC1(rax) 01c06580 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U4094: 30622d0a2240 rdx:= MOVEFROMCREG_DSZ64(0x22d, 32) 01a1fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U4095: 000000000000 NOP U4096: 000000000000 NOP U4098: 000000000000 NOP U4099: 000000000000 NOP U409a: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U409c: 000c9a800200 SAVEUIP(0x01, U009a) 01b2cd00 SEQW GOTO U32cd ------------------------------------------------------------------------------------ U409d: 000000000000 NOP U409e: 000000000000 NOP U40a0: 000000000000 NOP U40a1: 000000000000 NOP U40a2: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40a4: 000c06940280 SAVEUIP(0x01, U4506) 01b2cd00 SEQW GOTO U32cd ------------------------------------------------------------------------------------ U40a5: 000000000000 NOP U40a6: 000000000000 NOP U40a8: 000000000000 NOP U40a9: 000000000000 NOP U40aa: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40ac: 000c60f00240 SAVEUIP(0x01, U3c60) 01aace00 SEQW GOTO U2ace ------------------------------------------------------------------------------------ U40ad: 000000000000 NOP U40ae: 000000000000 NOP U40b0: 000000000000 NOP U40b1: 000000000000 NOP U40b2: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40b4: 021e41000200 SIGEVENT(0x00000041) 01879d00 SEQW GOTO U079d ------------------------------------------------------------------------------------ U40b5: 000000000000 NOP U40b6: 000000000000 NOP U40b8: 000000000000 NOP U40b9: 000000000000 NOP U40ba: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40bc: 04b41183e200 tmm6:= FMOV(0x00000011) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U40bd: 000000000000 NOP U40be: 000000000000 NOP U40c0: 000000000000 NOP U40c1: 000000000000 NOP U40c2: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40c4: 361c00038200 LFNCEMARK-> tmm0:= unk_61c(0x00000000) 04681200 SEQW GOTO U6812 ------------------------------------------------------------------------------------ U40c5: 000000000000 NOP U40c6: 000000000000 NOP U40c8: 000000000000 NOP U40c9: 000000000000 NOP U40ca: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U40cc: 0004001f2ec8 tmp2:= AND_DSZ32(0x00000700, tmp11) U40cd: 0005001ffc88 tmp15:= SUB_DSZ32(0x00000700, tmp2) U40ce: 01504158023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U1641) U40d0: 0005000b9c88 tmp9:= SUB_DSZ32(0x00000200, tmp2) U40d1: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01c0e640 ? SEQW GOTO U40e6 U40d2: 0004ff1fdec8 tmp13:= AND_DSZ32(0x000007ff, tmp11) U40d4: 0005010fff48 tmp15:= SUB_DSZ32(0x00000301, tmp13) U40d5: 0005120fdf48 tmp13:= SUB_DSZ32(0x00000312, tmp13) U40d6: 01300003dd7d tmp13:= SELECTCC_DSZ32_CONDZ(tmp13, tmp5) U40d8: 01740003ee7f tmp14:= CMOVCC_DSZ64_CONDZ(tmp15, tmp9) U40d9: 00050003fc88 tmp15:= SUB_DSZ32(0x00000000, tmp2) U40da: 01740003efbf tmp14:= CMOVCC_DSZ64_CONDZ(tmp15, tmp14) U40dc: 00050103ff48 tmp15:= SUB_DSZ32(0x00000001, tmp13) U40dd: 01710003efbf tmp14:= SELECTCC_DSZ64_CONDNZ(tmp15, tmp14) U40de: 00050203ff48 tmp15:= SUB_DSZ32(0x00000002, tmp13) U40e0: 01310003fe7f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, tmp9) U40e1: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U40e2: 0151157c02be UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U5f15) U40e4: 00050303fd48 tmp15:= SUB_DSZ32(0x00000003, tmp5) U40e5: 0150157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U5f15) U40e6: 00050003ec88 tmp14:= SUB_DSZ32(0x00000000, tmp2) U40e8: 01310303f23e tmp15:= SELECTCC_DSZ32_CONDNZ(tmp14, 0x00000003) U40e9: 00040003fe3f tmp15:= AND_DSZ32(tmp15, tmp8) U40ea: 0151fc0002bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U40fc) U40ec: 0131000be23e tmp14:= SELECTCC_DSZ32_CONDNZ(tmp14, 0x00000200) U40ed: 00070003efb0 tmp14:= NOTAND_DSZ32(tmp0, tmp14) U40ee: 0151fc0002be UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U40fc) U40f0: 01310303f239 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp9, 0x00000003) U40f1: 00040003fe3f tmp15:= AND_DSZ32(tmp15, tmp8) U40f2: 0151fc0002bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U40fc) U40f4: 00634303f200 tmp15:= READURAM(0x0043, 64) U40f5: 01710003fff9 tmp15:= SELECTCC_DSZ64_CONDNZ(tmp9, tmp15) U40f6: 00653903f23f LFNCEMARK-> tmp15:= SHR_DSZ64(tmp15, 0x00000039) U40f8: 00040003fff8 tmp15:= AND_DSZ32(tmp8, tmp15) U40f9: 00040803ffc8 tmp15:= AND_DSZ32(0x00000008, tmp15) U40fa: 0151fc0002bf LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U40fc) 05164180 SEQW GOTO U1641 ------------------------------------------------------------------------------------ U40fc: 01310003fe39 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp9, tmp8) U40fd: 00040103ffc8 tmp15:= AND_DSZ32(0x00000001, tmp15) U40fe: 01300303123f tmp1:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000003) 01df1680 SEQW GOTO U5f16 ------------------------------------------------------------------------------------ U4100: 06200b03e03d tmm6:= unk_620(tmm5) U4101: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U4102: 015d00000cc0 UJMP(tmp3) ------------------------------------------------------------------------------------ U4104: 06a040039000 ROVR<- tmp9:= unk_6a0(0x00000000) 01c18e18 SEQW SAVEUIP0 U4105 SEQW GOTO U418e U4105: 01517a0c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U037a) U4106: 008110038e08 tmp8:= OR_DSZ16(0x00000010, tmp8) U4108: 008410032c48 tmp2:= AND_DSZ16(0x00000010, tmp1) U4109: 01502d6002b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U582d) U410a: 20428c100238 LFNCEMARK-> MOVETOCREG_DSZ64(tmp8, 0x48c) U410c: 04b471809e40 LFNCEWAIT-> mm7:= FMOV(tmm1) 0221fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U410d: 069d0003ae80 tmm2:= unk_69d(tmm2) U410e: 04960003beba tmm3:= unk_496(tmm2, tmm2) U4110: 068a0003cefc tmp12:= FCOM2(tmp12, tmp11) U4111: 04940003be00 tmm3:= unk_494(tmm0) U4112: 053f0003be7b tmm3:= unk_53f(tmm3, tmm1) U4114: 076a0003403c mm4:= unk_76a(tmm4) U4115: 003d00032034 tmp2:= MOVEINSERTFLGS_DSZ32(tmp4) U4116: 0152180402b2 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp2, U4118) 01dd3880 SEQW GOTO U5d38 ------------------------------------------------------------------------------------ U4118: 0150361402b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U4536) U4119: 000001036d88 tmp6:= ADD_DSZ32(0x00000001, tmp6) 01dd3951 SEQW SAVEUIP0 U411a SEQW GOTO U5d39 U411a: 000800000000 NOP U411c: 068900008efa mm0:= unk_689(tmm2, tmm3) 0197ec0d SEQW GOTO uend ------------------------------------------------------------------------------------ U411d: 000800000000 NOP 0197ec0d SEQW URET1 ------------------------------------------------------------------------------------ U411e: 000800000000 NOP U4120: 000ca1800240 SAVEUIP(0x01, U20a1) 01c25a09 SEQW GOTO U425a ------------------------------------------------------------------------------------ U4121: 04b471809e00 mm7:= FMOV(tmm0) 01c25a09 SEQW URET0 ------------------------------------------------------------------------------------ U4122: 04b441808e00 mm0:= FMOV(tmm0) U4124: 04b471809e00 mm7:= FMOV(tmm0) 0199480d SEQW GOTO U1948 ------------------------------------------------------------------------------------ U4125: 000000000000 NOP 0199480d SEQW URET1 ------------------------------------------------------------------------------------ U4126: 04b49183e200 tmm6:= FMOV(0x00000091) U4128: 04b441808e00 mm0:= FMOV(tmm0) 0197ec48 SEQW URET0 ------------------------------------------------------------------------------------ U4129: 04b400008e00 mm0:= FMOV(tmm0) 0197ec48 SEQW GOTO uend ------------------------------------------------------------------------------------ U412a: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U412c: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) 01c80a0a SEQW GOTO U480a ------------------------------------------------------------------------------------ U412d: 04b40003b200 tmm3:= FMOV(0x00000000) U412e: 04b40003a280 tmm2:= FMOV(0x00004000) 01c80a0a SEQW URET0 ------------------------------------------------------------------------------------ U4130: 053f00008e48 mm0:= unk_53f(0x00000000, tmm1) 0197ec0a SEQW GOTO uend ------------------------------------------------------------------------------------ U4131: 04b40003b280 tmm3:= FMOV(0x00004000) U4132: 04b40003a200 tmm2:= FMOV(0x00000000) 0197ec0a SEQW URET0 ------------------------------------------------------------------------------------ U4134: 053f00008008 mm0:= unk_53f(0x00000000) 0197ec0a SEQW GOTO uend ------------------------------------------------------------------------------------ U4135: 04b40003b200 tmm3:= FMOV(0x00000000) U4136: 05b90003a03f tmm2:= unk_5b9(tmm7) 0197ec0a SEQW URET0 ------------------------------------------------------------------------------------ U4138: 06a04503c000 tmp12:= unk_6a0(0x00000000) 01c1520a SEQW GOTO U4152 ------------------------------------------------------------------------------------ U4139: 04b40003ae00 tmm2:= FMOV(tmm0) U413a: 04b40003b200 tmm3:= FMOV(0x00000000) 01c1520a SEQW URET0 ------------------------------------------------------------------------------------ U413c: 00151f033200 tmp3:= BTS_DSZ32(0x00000000, 0x0000001f) 01c18c0a SEQW GOTO U418c ------------------------------------------------------------------------------------ U413d: 04b40003a200 tmm2:= FMOV(0x00000000) U413e: 05b90003b03f tmm3:= unk_5b9(tmm7) 01c18c0a SEQW URET0 ------------------------------------------------------------------------------------ U4140: 00553f033200 tmp3:= BTS_DSZ64(0x00000000, 0x0000003f) 01c18c0a SEQW GOTO U418c ------------------------------------------------------------------------------------ U4141: 04b40003be00 tmm3:= FMOV(tmm0) U4142: 04b40003a200 tmm2:= FMOV(0x00000000) 01c18c0a SEQW URET0 ------------------------------------------------------------------------------------ U4144: 00882007200a tmp2:= ZEROEXT_DSZ16(0x00004120) 01c1f40a SEQW GOTO U41f4 ------------------------------------------------------------------------------------ U4145: 04b40003a000 tmm2:= FMOV(0x00000000) U4146: 04b40003b000 tmm3:= FMOV(0x00000000) 01c1f40a SEQW URET0 ------------------------------------------------------------------------------------ U4148: 04940003ae80 tmm2:= unk_494(tmm2) 01c35500 SEQW GOTO U4355 ------------------------------------------------------------------------------------ U4149: 06a04103a000 tmp10:= unk_6a0(0x00000000) U414a: 053f0003aeb9 tmm2:= unk_53f(tmm1, tmm2) U414c: 26dc0003fe80 LFNCEMARK-> tmm7:= unk_6dc(tmm2) 0401a200 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U414d: 04b44180ae00 mm0:= FMOV(tmm0) U414e: 015148640236 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U1948) U4150: 04b49183e200 tmm6:= FMOV(0x00000091) 01994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U4151: 06a04403c000 tmp12:= unk_6a0(0x00000000) U4152: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U4154: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) 01cd3600 SEQW GOTO U4d36 ------------------------------------------------------------------------------------ U4155: 07e80003203b mm2:= unk_7e8(tmm3) U4156: 008102032c88 tmp2:= OR_DSZ16(0x00000002, tmp2) U4158: 078200038ef2 tmm0:= unk_782(mm2, tmm3) 01c1364c SEQW URET1 ------------------------------------------------------------------------------------ U4159: 04b40003b000 tmm3:= FMOV(0x00000000) 01c1364c SEQW GOTO U4136 ------------------------------------------------------------------------------------ U415a: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) U415c: 06a043038000 tmp8:= unk_6a0(0x00000000) 01c12a00 SEQW GOTO U412a ------------------------------------------------------------------------------------ U415d: 07e80003203a mm2:= unk_7e8(tmm2) U415e: 008102032c88 tmp2:= OR_DSZ16(0x00000002, tmp2) U4160: 078200038eb2 tmm0:= unk_782(mm2, tmm2) 01c1464c SEQW URET1 ------------------------------------------------------------------------------------ U4161: 04b40003a200 tmm2:= FMOV(0x00000000) 01c1464c SEQW GOTO U4146 ------------------------------------------------------------------------------------ U4162: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) U4164: 086a3af502f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U4d3a) 052ae100 SEQW GOTO U2ae1 ------------------------------------------------------------------------------------ U4165: 00950d039239 tmp9:= BTS_DSZ16(tmp9, 0x0000000d) U4166: 24b400038000 LFNCEMARK-> tmm0:= FMOV(0x00000000) U4168: 00150503c23c tmp12:= BTS_DSZ32(tmp12, 0x00000005) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4169: 072a00032008 mm2:= unk_72a(0x00000000) U416a: 00c401033c88 tmp3:= AND_DSZ8(0x00000001, tmp2) U416c: 01511d0802b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U421d) 01b6b800 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U416d: 0088ad07200a tmp2:= ZEROEXT_DSZ16(0x000041ad) U416e: 00c414033dc8 tmp3:= AND_DSZ8(0x00000014, tmp7) U4170: 0151b40c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U03b4) 01b6b800 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U4171: 06a017078000 tmp8:= unk_6a0(0x00000000) U4172: 04960003cefa tmm4:= unk_496(tmm2, tmm3) U4174: 053f00038e3c tmm0:= unk_53f(tmm4, tmm0) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4175: 0050490802b6 UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp6, U4249) U4176: 0252c40002b6 UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp6, U40c4) U4178: 05b90003803f tmm0:= unk_5b9(tmm7) 01e81200 SEQW GOTO U6812 ------------------------------------------------------------------------------------ U4179: 072a00032008 mm2:= unk_72a(0x00000000) U417a: 00c401033c88 tmp3:= AND_DSZ8(0x00000001, tmp2) U417c: 015036480233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1236) 01c21d00 SEQW GOTO U421d ------------------------------------------------------------------------------------ U417d: 05b90003c03f tmm4:= unk_5b9(tmm7) U417e: 05b90003f000 tmm7:= unk_5b9(0x00000000) U4180: 0048bc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043bc) 01c2e800 SEQW GOTO U42e8 ------------------------------------------------------------------------------------ U4181: 05b90003c03f tmm4:= unk_5b9(tmm7) U4182: 05b90003f000 tmm7:= unk_5b9(0x00000000) U4184: 0048bc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043bc) 01c2fc00 SEQW GOTO U42fc ------------------------------------------------------------------------------------ U4185: 06a04203e000 tmp14:= unk_6a0(0x00000000) U4186: 06a03f03b000 tmp11:= unk_6a0(0x00000000) U4188: 04940003cf80 tmm4:= unk_494(tmm6) U4189: 06c90003cf3b tmm4:= unk_6c9(tmm3, tmm4) 01a0e140 SEQW GOTO U20e1 ------------------------------------------------------------------------------------ U418a: 00150f033200 tmp3:= BTS_DSZ32(0x00000000, 0x0000000f) U418c: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) 0197b100 SEQW GOTO U17b1 ------------------------------------------------------------------------------------ U418d: 000ccd040240 SAVEUIP(0x00, U21cd) U418e: 006286131200 tmp1:= MOVEFROMCREG_DSZ64(0x486) U4190: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U4191: 008102038d08 tmp8:= OR_DSZ16(0x00000002, tmp4) 01c32540 SEQW GOTO U4325 ------------------------------------------------------------------------------------ U4192: 06250000803a mm0:= unk_625(tmm2) U4194: 25ff0003e008 LFNCEMARK-> tmm6:= unk_5ff(0x00000000) 04194800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U4195: 06240003ce78 tmm4:= unk_624(tmm0, tmm1) U4196: 072c0003003c tmp0:= PINTMOVDTMM2I_DSZ32(tmm4) U4198: 000414030c08 tmp0:= AND_DSZ32(0x00000014, tmp0) U4199: 072a00038038 tmm0:= unk_72a(tmm0) 01ee8940 SEQW GOTO U6e89 ------------------------------------------------------------------------------------ U419a: 04b441809200 mm7:= FMOV(0x00000041) U419c: 049631808208 mm0:= unk_496(IMM_MACRO_31) 04994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U419d: 29028c538234 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000001, 0x48c) U419e: 000401032d48 tmp2:= AND_DSZ32(0x00000001, tmp5) U41a0: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U41a1: 06a04303f000 tmp15:= unk_6a0(0x00000000) 01840440 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U41a2: 04b40003b200 tmm3:= FMOV(0x00000000) U41a4: 04b40003a000 tmm2:= FMOV(0x00000000) 01b9b500 SEQW GOTO U39b5 ------------------------------------------------------------------------------------ U41a5: 000408033c08 tmp3:= AND_DSZ32(0x00000008, tmp0) U41a6: 002502033233 tmp3:= SHR_DSZ32(tmp3, 0x00000002) U41a8: 09028c138cf4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, tmp3, 0x48c) U41a9: 000602032d48 tmp2:= XOR_DSZ32(0x00000002, tmp5) 0421dd40 SEQW GOTO U21dd ------------------------------------------------------------------------------------ U41aa: 05b90003f039 tmm7:= unk_5b9(tmm1) U41ac: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) 01c2e800 SEQW GOTO U42e8 ------------------------------------------------------------------------------------ U41ad: 06240003ce78 tmm4:= unk_624(tmm0, tmm1) U41ae: 072c0003003c tmp0:= PINTMOVDTMM2I_DSZ32(tmm4) U41b0: 000414030c08 tmp0:= AND_DSZ32(0x00000014, tmp0) U41b1: 0151a57802b0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U5ea5) 01e17540 SEQW GOTO U6175 ------------------------------------------------------------------------------------ U41b2: 05b90003d03f tmm5:= unk_5b9(tmm7) U41b4: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) 01c2f000 SEQW GOTO U42f0 ------------------------------------------------------------------------------------ U41b5: 00a50b03223c tmp2:= SHR_DSZ16(tmp12, 0x0000000b) U41b6: 008407032c88 tmp2:= AND_DSZ16(0x00000007, tmp2) U41b8: 00626a033200 tmp3:= MOVEFROMCREG_DSZ64(0x06a) U41b9: 00ed00034cb3 tmp4:= ROR_DSZ8(tmp3, tmp2) 01db3540 SEQW GOTO U5b35 ------------------------------------------------------------------------------------ U41ba: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) U41bc: 00070203ae88 tmp10:= NOTAND_DSZ32(0x00000002, tmp10) 01c20400 SEQW GOTO U4204 ------------------------------------------------------------------------------------ U41bd: 000500073e48 tmp3:= SUB_DSZ32(0x00000100, tmp9) U41be: 000565033cc8 tmp3:= SUB_DSZ32(0x00000065, tmp3) U41c0: 0150220c0233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U0322) U41c1: 000707034e48 tmp4:= NOTAND_DSZ32(0x00000007, tmp9) 01d9e540 SEQW GOTO U59e5 ------------------------------------------------------------------------------------ U41c2: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) U41c4: 00070203ae88 tmp10:= NOTAND_DSZ32(0x00000002, tmp10) 01c2f800 SEQW GOTO U42f8 ------------------------------------------------------------------------------------ U41c5: 00814103cf08 tmp12:= OR_DSZ16(0x00000041, tmp12) U41c6: 000802034008 tmp4:= ZEROEXT_DSZ32(0x00000002) U41c8: 27430003e034 tmm6:= unk_743(mm4) U41c9: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) 01b75240 SEQW GOTO U3752 ------------------------------------------------------------------------------------ U41ca: 05b90003c03f tmm4:= unk_5b9(tmm7) U41cc: 00473f03ae88 tmp10:= NOTAND_DSZ64(0x0000003f, tmp10) 01aaf900 SEQW GOTO U2af9 ------------------------------------------------------------------------------------ U41cd: 00628c135200 tmp5:= MOVEFROMCREG_DSZ64(0x48c) U41ce: 008720035d48 tmp5:= NOTAND_DSZ16(0x00000020, tmp5) U41d0: 00428c100235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, 0x48c) U41d1: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) 040c1a40 SEQW GOTO U0c1a ------------------------------------------------------------------------------------ U41d2: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) U41d4: 00070203ae88 tmp10:= NOTAND_DSZ32(0x00000002, tmp10) 01c2f800 SEQW GOTO U42f8 ------------------------------------------------------------------------------------ U41d5: 00524e5c02b6 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U574e) U41d6: 0050490802b6 UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp6, U4249) U41d8: 27430003e000 tmm6:= unk_743(0x00000000) U41d9: 06240003ceba tmm4:= unk_624(tmm2, tmm2) 01a0f040 SEQW GOTO U20f0 ------------------------------------------------------------------------------------ U41da: 05b90003c03f tmm4:= unk_5b9(tmm7) U41dc: 00473f03ae88 tmp10:= NOTAND_DSZ64(0x0000003f, tmp10) 01c23000 SEQW GOTO U4230 ------------------------------------------------------------------------------------ U41dd: 068c0003cebb tmm4:= unk_68c(tmm3, tmm2) U41de: 076c0003203c tmp2:= PINTMOVDTMM2I_DSZ64(tmm4) U41e0: 07e80003303c mm3:= unk_7e8(tmm4) U41e1: 07430003aeb3 tmm2:= unk_743(mm3, tmm2) 01df9540 SEQW GOTO U5f95 ------------------------------------------------------------------------------------ U41e2: 04720003ffc0 tmm7:= MOVDQU(tmm7) U41e4: 204273000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x073) 0841ea00 SEQW GOTO U41ea ------------------------------------------------------------------------------------ U41e5: 00810203cf08 tmp12:= OR_DSZ16(0x00000002, tmp12) U41e6: 00940a032236 tmp2:= BT_DSZ16(tmp6, 0x0000000a) U41e8: 017e3b033c90 tmp3:= MOVEMERGEFLGS_DSZ64(0x0000ff81, tmp2) U41e9: 003637034433 tmp4:= CMOVCC_DSZ32_CONDB(tmp3, 0x0000fc01) 01861c40 SEQW GOTO U061c ------------------------------------------------------------------------------------ U41ea: 00010003aebb tmp10:= OR_DSZ32(tmp11, tmp10) U41ec: 000cce23d208 tmp13:= SAVEUIP(0x00, U08ce) 01ae7c00 SEQW GOTO U2e7c ------------------------------------------------------------------------------------ U41ed: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U41ee: 008410033c88 tmp3:= AND_DSZ16(0x00000010, tmp2) U41f0: 01500c600233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U180c) U41f1: 00084303a008 tmp10:= ZEROEXT_DSZ32(0x00000043) 01862440 SEQW GOTO U0624 ------------------------------------------------------------------------------------ U41f2: 0088590b200a tmp2:= ZEROEXT_DSZ16(0x00004259) U41f4: 06240003eefb tmm6:= unk_624(tmm3, tmm3) U41f5: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U41f6: 00c404033cc8 tmp3:= AND_DSZ8(0x00000004, tmp3) 01980d80 SEQW GOTO U180d ------------------------------------------------------------------------------------ U41f8: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c2e500 SEQW GOTO U42e5 ------------------------------------------------------------------------------------ U41f9: 06a017078000 tmp8:= unk_6a0(0x00000000) U41fa: 06240003eeba tmm6:= unk_624(tmm2, tmm2) U41fc: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U41fd: 008410033cc8 tmp3:= AND_DSZ16(0x00000010, tmp3) 052ae940 SEQW GOTO U2ae9 ------------------------------------------------------------------------------------ U41fe: 268a0003eebb LFNCEMARK-> tmp14:= FCOM2(tmp11, tmp10) U4200: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U4201: 000402033c88 tmp3:= AND_DSZ32(0x00000002, tmp2) U4202: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01b92e80 SEQW GOTO U392e ------------------------------------------------------------------------------------ U4204: 000c8e23d208 tmp13:= SAVEUIP(0x00, U088e) 01ae7c00 SEQW GOTO U2e7c ------------------------------------------------------------------------------------ U4205: 04b400038200 tmm0:= FMOV(0x00000000) U4206: 025206600236 UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp6, U1806) U4208: 006286131200 tmp1:= MOVEFROMCREG_DSZ64(0x486) U4209: 002508031231 tmp1:= SHR_DSZ32(tmp1, 0x00000008) 01ee5040 SEQW GOTO U6e50 ------------------------------------------------------------------------------------ U420a: 26a017078000 tmp8:= unk_6a0(0x00000000) U420c: 06200503e03d tmm6:= unk_620(tmm5) U420d: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U420e: 06240003ceba tmm4:= unk_624(tmm2, tmm2) 01be2880 SEQW GOTO U3e28 ------------------------------------------------------------------------------------ U4210: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c23400 SEQW GOTO U4234 ------------------------------------------------------------------------------------ U4211: 000404032dc8 tmp2:= AND_DSZ32(0x00000004, tmp7) U4212: 01511d0802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U421d) U4214: 04960003cebb tmm4:= unk_496(tmm3, tmm2) U4215: 053f00038e3c tmm0:= unk_53f(tmm4, tmm0) 01923640 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4216: 000510130d48 tmp0:= SUB_DSZ32(0x00000410, tmp5) U4218: 01501d0802b0 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U421d) U4219: 000500071d48 tmp1:= SUB_DSZ32(0x00000100, tmp5) U421a: 000504031c48 tmp1:= SUB_DSZ32(0x00000004, tmp1) 01e74280 SEQW GOTO U6742 ------------------------------------------------------------------------------------ U421c: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c24800 SEQW GOTO U4248 ------------------------------------------------------------------------------------ U421d: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) U421e: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U4220: 008401033c88 tmp3:= AND_DSZ16(0x00000001, tmp2) U4221: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01923540 SEQW GOTO U1235 ------------------------------------------------------------------------------------ U4222: 072a0003203a mm2:= unk_72a(tmm2) U4224: 06a04603c000 tmp12:= unk_6a0(0x00000000) U4225: 07430003cf32 tmm4:= unk_743(mm2, tmm4) U4226: 048200038ebc tmm0:= unk_482(tmm4, tmm2) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4228: 0048d40fd00a tmp13:= ZEROEXT_DSZ64(0x000043d4) 01c2fa00 SEQW GOTO U42fa ------------------------------------------------------------------------------------ U4229: 047200000fc0 MOVDQU(tmm7) U422a: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) U422c: 00070203ae88 tmp10:= NOTAND_DSZ32(0x00000002, tmp10) U422d: 204273000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x073) 08c2f840 SEQW GOTO U42f8 ------------------------------------------------------------------------------------ U422e: 05b90003c002 tmm4:= unk_5b9(xmmsrc) U4230: 05b90003f000 tmm7:= unk_5b9(0x00000000) U4231: 00080e0bb009 tmp11:= ZEROEXT_DSZ32(0x0000220e) U4232: 0048b91bd00a tmp13:= ZEROEXT_DSZ64(0x000046b9) 01c2fe80 SEQW GOTO U42fe ------------------------------------------------------------------------------------ U4234: 0048d40fd00a tmp13:= ZEROEXT_DSZ64(0x000043d4) 01c2e600 SEQW GOTO U42e6 ------------------------------------------------------------------------------------ U4235: 05b90003f03c tmm7:= unk_5b9(tmm4) U4236: 05b90003c03b tmm4:= unk_5b9(tmm3) U4238: 0008660bb009 tmp11:= ZEROEXT_DSZ32(0x00002266) U4239: 0048cc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043cc) 01834440 SEQW GOTO U0344 ------------------------------------------------------------------------------------ U423a: 06a01807b000 tmp11:= unk_6a0(0x00000000) U423c: 09028c138274 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000004, 0x48c) U423d: 000404032d48 tmp2:= AND_DSZ32(0x00000004, tmp5) U423e: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U4240: 24960003fe7b LFNCEWAIT-> tmm7:= unk_496(tmm3, tmm1) 02040400 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U4241: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) U4242: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U4244: 0042521c023f MOVETOCREG_DSZ64(tmp15, 0x752) U4245: 086a3af502f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U4d3a) U4246: 076c00037038 tmp7:= PINTMOVDTMM2I_DSZ64(tmm0) 01a34980 SEQW GOTO U2349 ------------------------------------------------------------------------------------ U4248: 0048dc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043dc) 04c2e600 SEQW GOTO U42e6 ------------------------------------------------------------------------------------ U4249: 27430003e000 LFNCEMARK-> tmm6:= unk_743(0x00000000) U424a: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) U424c: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U424d: 008401033c88 tmp3:= AND_DSZ16(0x00000001, tmp2) U424e: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4250: 0048dc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043dc) 04c2fa00 SEQW GOTO U42fa ------------------------------------------------------------------------------------ U4251: 27430003e030 LFNCEMARK-> tmm6:= unk_743(mm0) U4252: 27e000000ebb unk_7e0(tmm3, tmm2) U4254: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U4255: 000402033c88 tmp3:= AND_DSZ32(0x00000002, tmp2) U4256: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) 01b92e80 SEQW GOTO U392e ------------------------------------------------------------------------------------ U4258: 000cce23d208 tmp13:= SAVEUIP(0x00, U08ce) 01ae7c00 SEQW GOTO U2e7c ------------------------------------------------------------------------------------ U4259: 000c35f40280 SAVEUIP(0x01, U5d35) U425a: 07ea00030038 mm0:= unk_7ea(tmm0) U425c: 07ea00031039 mm1:= unk_7ea(tmm1) U425d: 000500035c31 tmp5:= SUB_DSZ32(tmp1, tmp0) U425e: 06240003be78 tmm3:= unk_624(tmm0, tmm1) U4260: 072c0003203b tmp2:= PINTMOVDTMM2I_DSZ32(tmm3) 01836a00 SEQW GOTO U036a ------------------------------------------------------------------------------------ U4261: 07ea00031008 mm1:= unk_7ea(0x00000000) U4262: 000559030c50 tmp0:= SUB_DSZ32(0x0001003e, tmp1) U4264: 0351e26402b0 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp0, U59e2) U4265: 000859032010 tmp2:= ZEROEXT_DSZ32(0x0001003e) U4266: 07c200039032 tmm1:= unk_7c2(mm2) U4268: 06aa00038e48 tmm0:= unk_6aa(0x00000000, tmm1) 01b94d00 SEQW GOTO U394d ------------------------------------------------------------------------------------ U4269: 068a0583fe39 tmp15:= FCOM2(tmp9, tmp8) U426a: 07ea00031039 mm1:= unk_7ea(tmm1) U426c: 06240003be78 tmm3:= unk_624(tmm0, tmm1) U426d: 072c0003203b tmp2:= PINTMOVDTMM2I_DSZ32(tmm3) U426e: 000414032c88 tmp2:= AND_DSZ32(0x00000014, tmp2) U4270: 0151fa0402f2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U61fa) 01e51d00 SEQW GOTO U651d ------------------------------------------------------------------------------------ U4271: 06240003a208 tmm2:= unk_624(0x00000000) U4272: 072c0003103a tmp1:= PINTMOVDTMM2I_DSZ32(tmm2) U4274: 000440032c48 tmp2:= AND_DSZ32(0x00000040, tmp1) U4275: 002506032232 tmp2:= SHR_DSZ32(tmp2, 0x00000006) U4276: 07430003be32 tmm3:= unk_743(mm2, tmm0) U4278: 04820003823b tmm0:= unk_482(tmm3, 0x00000000) 01c12900 SEQW GOTO U4129 ------------------------------------------------------------------------------------ U4279: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U427a: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U427c: 09028c538234 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000001, 0x48c) U427d: 000401036d48 tmp6:= AND_DSZ32(0x00000001, tmp5) U427e: 0150de5802b6 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U56de) U4280: 06a043008000 LFNCEWAIT-> tmp0:= unk_6a0(0x00000000) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U4281: 06240003ce38 tmm4:= unk_624(tmm0, tmm0) U4282: 072c0003203c tmp2:= PINTMOVDTMM2I_DSZ32(tmm4) U4284: 000404032c88 tmp2:= AND_DSZ32(0x00000004, tmp2) U4285: 0151156002b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U5815) U4286: 07ea00030038 mm0:= unk_7ea(tmm0) U4288: 000546030c10 tmp0:= SUB_DSZ32(0x0000ffff, tmp0) 01a0c900 SEQW GOTO U20c9 ------------------------------------------------------------------------------------ U4289: 006286131200 tmp1:= MOVEFROMCREG_DSZ64(0x486) U428a: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U428c: 008102038d08 tmp8:= OR_DSZ16(0x00000002, tmp4) U428d: 008402032c48 tmp2:= AND_DSZ16(0x00000002, tmp1) U428e: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U4290: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) 01a1ea00 SEQW GOTO U21ea ------------------------------------------------------------------------------------ U4291: 06240003ce78 tmm4:= unk_624(tmm0, tmm1) U4292: 072c0003003c tmp0:= PINTMOVDTMM2I_DSZ32(tmm4) U4294: 000414030c08 tmp0:= AND_DSZ32(0x00000014, tmp0) U4295: 015198640230 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U1998) U4296: 006286135200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(0x486) U4298: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) 01f09200 SEQW GOTO U7092 ------------------------------------------------------------------------------------ U4299: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) U429a: 086a3af502f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U4d3a) U429c: 072c00037038 tmp7:= PINTMOVDTMM2I_DSZ32(tmm0) U429d: 00940d033239 tmp3:= BT_DSZ16(tmp9, 0x0000000d) U429e: 017e00037cf7 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp3) U42a0: 0036f0077437 tmp7:= CMOVCC_DSZ32_CONDB(tmp7, 0x80000000) 01d95200 SEQW GOTO U5952 ------------------------------------------------------------------------------------ U42a1: 00082e033010 tmp3:= ZEROEXT_DSZ32(0x0000c001) U42a2: 07c200038233 tmm0:= unk_7c2(mm3, 0x00000000) U42a4: 069d00038e00 tmm0:= unk_69d(tmm0) U42a5: 00950d039239 tmp9:= BTS_DSZ16(tmp9, 0x0000000d) U42a6: 064300038e00 tmm0:= unk_643(tmm0) U42a8: 25ff0003e038 LFNCEMARK-> tmm6:= unk_5ff(tmm0) 04123600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U42a9: 00889507200a tmp2:= ZEROEXT_DSZ16(0x00004195) U42aa: 072a0003303a mm3:= unk_72a(tmm2) U42ac: 00c401033cc8 tmp3:= AND_DSZ8(0x00000001, tmp3) U42ad: 0151b40c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U03b4) U42ae: 00c414033dc8 tmp3:= AND_DSZ8(0x00000014, tmp7) U42b0: 0151b40c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U03b4) 0936b800 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U42b1: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U42b2: 0042521c023f SYNCFULL-> MOVETOCREG_DSZ64(tmp15, 0x752) U42b4: 00630b03a200 tmp10:= READURAM(0x000b, 64) U42b5: 00082e033010 tmp3:= ZEROEXT_DSZ32(0x0000c001) U42b6: 07c200038233 tmm0:= unk_7c2(mm3, 0x00000000) U42b8: 069d00038e00 tmm0:= unk_69d(tmm0) 01cb4500 SEQW GOTO U4b45 ------------------------------------------------------------------------------------ U42b9: 06240003eeba tmm6:= unk_624(tmm2, tmm2) U42ba: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U42bc: 008410033cc8 tmp3:= AND_DSZ16(0x00000010, tmp3) U42bd: 01b401030233 tmp0:= CMOVCC_DSZ16_CONDZ(tmp3, 0x00000001) U42be: 07430003aeb0 tmm2:= unk_743(mm0, tmm2) U42c0: 048200038efa tmm0:= unk_482(tmm2, tmm3) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U42c1: 000410033c48 tmp3:= AND_DSZ32(0x00000010, tmp1) U42c2: 002503033233 tmp3:= SHR_DSZ32(tmp3, 0x00000003) U42c4: 09028c138cf4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, tmp3, 0x48c) U42c5: 000602032d48 tmp2:= XOR_DSZ32(0x00000002, tmp5) U42c6: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U42c8: 0151de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U56de) U42c9: 253f0003fe39 LFNCEWAIT-> tmm7:= unk_53f(tmm1, tmm0) 02840440 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U42ca: 0004000f4dc8 tmp4:= AND_DSZ32(0x00000300, tmp7) U42cc: 0151cd0802b4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U42cd) 01c2ce00 SEQW GOTO U42ce ------------------------------------------------------------------------------------ U42cd: 04b43183e200 tmm6:= FMOV(0x00000031) U42ce: 04b41183a200 tmm2:= FMOV(0x00000011) U42d0: 04b43183b200 tmm3:= FMOV(0x00000031) 01b9b500 SEQW GOTO U39b5 ------------------------------------------------------------------------------------ U42d1: 000408033c08 tmp3:= AND_DSZ32(0x00000008, tmp0) U42d2: 002502033233 tmp3:= SHR_DSZ32(tmp3, 0x00000002) U42d4: 09028c138cf4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, tmp3, 0x48c) U42d5: 000602032d48 tmp2:= XOR_DSZ32(0x00000002, tmp5) U42d6: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U42d8: 0151de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U56de) U42d9: 24960003fe39 LFNCEWAIT-> tmm7:= unk_496(tmm1, tmm0) 02840440 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U42da: 000410033c48 tmp3:= AND_DSZ32(0x00000010, tmp1) U42dc: 002503033233 tmp3:= SHR_DSZ32(tmp3, 0x00000003) U42dd: 09028c138cf4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, tmp3, 0x48c) U42de: 000602032d48 tmp2:= XOR_DSZ32(0x00000002, tmp5) U42e0: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U42e1: 0151de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U56de) U42e2: 24960003fe78 LFNCEWAIT-> tmm7:= unk_496(tmm0, tmm1) 03040480 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U42e4: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) 01c2f800 SEQW GOTO U42f8 ------------------------------------------------------------------------------------ U42e5: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) U42e6: 05b90003c001 tmm4:= unk_5b9(xmmdst) U42e8: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01834200 ? SEQW GOTO U0342 U42e9: 0008b603b009 tmp11:= ZEROEXT_DSZ32(0x000020b6) U42ea: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U42ec: 000ca1b3e208 tmp14:= SAVEUIP(0x01, U0ca1) U42ed: 00883b038010 tmp8:= ZEROEXT_DSZ16(0x0000ff81) 01b9a640 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U42ee: 05b90003d002 tmm5:= unk_5b9(xmmsrc) U42f0: 05b90003c001 tmm4:= unk_5b9(xmmdst) U42f1: 000a20800200 TESTUSTATE(UCODE, !0x0020) 01bb3c40 ? SEQW GOTO U3b3c U42f2: 00151f037200 tmp7:= BTS_DSZ32(0x00000000, 0x0000001f) U42f4: 074400038037 tmm0:= unk_744(mm7) U42f5: 05fa44038e38 tmm0:= SHUFPD(tmm0, tmm0) U42f6: 0008b603b009 tmp11:= ZEROEXT_DSZ32(0x000020b6) 01bb4080 SEQW GOTO U3b40 ------------------------------------------------------------------------------------ U42f8: 000c6d7bd288 tmp13:= SAVEUIP(0x00, U5e6d) 01ae7c00 SEQW GOTO U2e7c ------------------------------------------------------------------------------------ U42f9: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) U42fa: 05b90003c001 tmm4:= unk_5b9(xmmdst) U42fc: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01a31200 ? SEQW GOTO U2312 U42fd: 00080e0bb009 tmp11:= ZEROEXT_DSZ32(0x0000220e) U42fe: 00c80003c000 tmp12:= ZEROEXT_DSZ8(0x00000000) U4300: 000ca2b3e208 tmp14:= SAVEUIP(0x01, U0ca2) U4301: 00883b038010 tmp8:= ZEROEXT_DSZ16(0x0000ff81) 01b9a640 SEQW GOTO U39a6 ------------------------------------------------------------------------------------ U4302: 05b90003f002 tmm7:= unk_5b9(xmmsrc) U4304: 00ed04032231 tmp2:= ROR_DSZ8(tmp1, 0x00000004) U4305: 00089a13b009 tmp11:= ZEROEXT_DSZ32(0x0000249a) U4306: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01863480 ? SEQW GOTO U0634 U4308: 07d00003c072 tmm4:= unk_7d0(mm2, xmmdst) U4309: 07d00003fff2 tmm7:= unk_7d0(mm2, tmm7) U430a: 0048d40fd00a tmp13:= ZEROEXT_DSZ64(0x000043d4) 01c2ea80 SEQW GOTO U42ea ------------------------------------------------------------------------------------ U430c: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c2f900 SEQW GOTO U42f9 ------------------------------------------------------------------------------------ U430d: 06a03f03e000 tmp14:= unk_6a0(0x00000000) U430e: 072a00032038 mm2:= unk_72a(tmm0) U4310: 07430003b032 tmm3:= unk_743(mm2) U4311: 04830003bfbb tmm3:= unk_483(tmm3, tmm6) U4312: 053f0003bef9 tmm3:= unk_53f(tmm1, tmm3) U4314: 26dc0003fec0 tmm7:= unk_6dc(tmm3) U4315: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U4316: 0151a2040232 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U01a2) 01840480 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U4318: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c22800 SEQW GOTO U4228 ------------------------------------------------------------------------------------ U4319: 006201030200 tmp0:= MOVEFROMCREG_DSZ64(0x001) U431a: 00058e070c08 tmp0:= SUB_DSZ32(0x0000018e, tmp0) U431c: 0150620c0270 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U2362) U431d: 05b90003f039 tmm7:= unk_5b9(tmm1) U431e: 05b90003c03b tmm4:= unk_5b9(tmm3) U4320: 05fa0d03cf00 tmm4:= SHUFPD(tmm4) U4321: 057a0003c03c tmm4:= unk_57a(tmm4) U4322: 00087a0bb009 tmp11:= ZEROEXT_DSZ32(0x0000227a) U4324: 0048cc0fd00a tmp13:= ZEROEXT_DSZ64(0x000043cc) 01c2ea00 SEQW GOTO U42ea ------------------------------------------------------------------------------------ U4325: 008402032c48 tmp2:= AND_DSZ16(0x00000002, tmp1) U4326: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U4328: 06240003b208 tmm3:= unk_624(0x00000000) U4329: 072c0003303b tmp3:= PINTMOVDTMM2I_DSZ32(tmm3) U432a: 008120038e08 tmp8:= OR_DSZ16(0x00000020, tmp8) U432c: 008420037c48 tmp7:= AND_DSZ16(0x00000020, tmp1) U432d: 00012a039e10 tmp9:= OR_DSZ32(0x00008080, tmp8) U432e: 017e00039df9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp7) U4330: 01b400038e39 tmp8:= CMOVCC_DSZ16_CONDZ(tmp9, tmp8) U4331: 008440033cc8 tmp3:= AND_DSZ16(0x00000040, tmp3) 01c25089 SEQW URET0 ------------------------------------------------------------------------------------ U4332: 05b90003f002 tmm7:= unk_5b9(xmmsrc) 01c25089 SEQW GOTO U4250 ------------------------------------------------------------------------------------ U4334: 05b90003c002 tmm4:= unk_5b9(xmmsrc) 01c17e00 SEQW GOTO U417e ------------------------------------------------------------------------------------ U4335: 006286131200 tmp1:= MOVEFROMCREG_DSZ64(0x486) U4336: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U4338: 008102038d08 tmp8:= OR_DSZ16(0x00000002, tmp4) U4339: 008402032c48 tmp2:= AND_DSZ16(0x00000002, tmp1) U433a: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U433c: 008120038e08 tmp8:= OR_DSZ16(0x00000020, tmp8) U433d: 008420037c48 tmp7:= AND_DSZ16(0x00000020, tmp1) U433e: 00012a039e10 tmp9:= OR_DSZ32(0x00008080, tmp8) U4340: 017e00039df9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp7) U4341: 01b400038e39 tmp8:= CMOVCC_DSZ16_CONDZ(tmp9, tmp8) U4342: 20428c100238 MOVETOCREG_DSZ64(tmp8, 0x48c) U4344: 06a040008000 tmp0:= unk_6a0(0x00000000) 01a1fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U4345: 000408033c08 tmp3:= AND_DSZ32(0x00000008, tmp0) U4346: 002502033233 tmp3:= SHR_DSZ32(tmp3, 0x00000002) U4348: 09028c138cf4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, tmp3, 0x48c) U4349: 000602032d48 tmp2:= XOR_DSZ32(0x00000002, tmp5) U434a: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U434c: 0151de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U56de) U434d: 076a0003203a mm2:= unk_76a(tmm2) U434e: 003d00032032 tmp2:= MOVEINSERTFLGS_DSZ32(tmp2) U4350: 0151510c02b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U4351) 01c19d00 SEQW GOTO U419d ------------------------------------------------------------------------------------ U4351: 04940003ce40 tmm4:= unk_494(tmm1) U4352: 057f0003cf3a tmm4:= unk_57f(tmm2, tmm4) U4354: 24820003fe7c tmm7:= unk_482(tmm4, tmm1) 01840400 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U4355: 008510132d48 tmp2:= SUB_DSZ16(0x00000410, tmp5) U4356: 01f800033032 tmp3:= SETCC_CONDZ(tmp2) U4358: 04960003cebb tmm4:= unk_496(tmm3, tmm2) U4359: 072a0003203c mm2:= unk_72a(tmm4) U435a: 00c400033cf2 tmp3:= AND_DSZ8(tmp2, tmp3) U435c: 01511d0802b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U421d) U435d: 06240003eefb tmm6:= unk_624(tmm3, tmm3) U435e: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U4360: 00c410034d08 tmp4:= AND_DSZ8(0x00000010, tmp4) U4361: 01b401034234 tmp4:= CMOVCC_DSZ16_CONDZ(tmp4, 0x00000001) U4362: 07430003eef4 tmm6:= unk_743(mm4, tmm3) U4364: 048200038ebe tmm0:= unk_482(tmm6, tmm2) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U4365: 000000000000 NOP U4366: 00c414032dc8 tmp2:= AND_DSZ8(0x00000014, tmp7) U4368: 0151690c02b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U4369) 01b6b800 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U4369: 00c410033dc8 tmp3:= AND_DSZ8(0x00000010, tmp7) U436a: 01512a0c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U032a) U436c: 06240003eeba tmm6:= unk_624(tmm2, tmm2) U436d: 072c0003403e tmp4:= PINTMOVDTMM2I_DSZ32(tmm6) U436e: 00c404035d08 tmp5:= AND_DSZ8(0x00000004, tmp4) U4370: 0151710c02b5 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U4371) 01b6b800 SEQW GOTO U36b8 ------------------------------------------------------------------------------------ U4371: 00810403cf08 tmp12:= OR_DSZ16(0x00000004, tmp12) U4372: 006286132200 tmp2:= MOVEFROMCREG_DSZ64(0x486) U4374: 008404033c88 tmp3:= AND_DSZ16(0x00000004, tmp2) U4375: 015048640233 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U1948) U4376: 06a017078000 tmp8:= unk_6a0(0x00000000) U4378: 04960003cebb tmm4:= unk_496(tmm3, tmm2) U4379: 072a0003403c mm4:= unk_72a(tmm4) U437a: 070200038e34 tmm0:= unk_702(mm4, tmm0) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U437c: 05b90003c002 tmm4:= unk_5b9(xmmsrc) 01c18200 SEQW GOTO U4182 ------------------------------------------------------------------------------------ U437d: 000000000000 NOP U437e: 000000000000 NOP U4380: 05b90003c002 tmm4:= unk_5b9(xmmsrc) 01aaf900 SEQW GOTO U2af9 ------------------------------------------------------------------------------------ U4381: 000000000000 NOP U4382: 000000000000 NOP U4384: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) 01c20400 SEQW GOTO U4204 ------------------------------------------------------------------------------------ U4385: 000000000000 NOP U4386: 000000000000 NOP U4388: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) 01c1ec00 SEQW GOTO U41ec ------------------------------------------------------------------------------------ U4389: 000000000000 NOP U438a: 000000000000 NOP U438c: 00010003aebb tmp10:= OR_DSZ32(tmp11, tmp10) 01c20400 SEQW GOTO U4204 ------------------------------------------------------------------------------------ U438d: 000000000000 NOP U438e: 000000000000 NOP U4390: 05b90003f039 tmm7:= unk_5b9(tmm1) 01c30400 SEQW GOTO U4304 ------------------------------------------------------------------------------------ U4391: 000000000000 NOP U4392: 286a226502e0 BTUJB_DIRECT_NOTTAKEN(rax, 0x0000000d, U5922) U4394: 204200000832 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, rax) 0843a400 SEQW GOTO U43a4 ------------------------------------------------------------------------------------ U4395: 000000000000 NOP U4396: 000c3c980200 SAVEUIP(0x01, U063c) U4398: 000c193c0280 SAVEUIP(0x00, U4f19) 01dc7d00 SEQW GOTO U5c7d ------------------------------------------------------------------------------------ U4399: 000000000000 NOP U439a: 000805034008 tmp4:= ZEROEXT_DSZ32(0x00000005) U439c: 00010003a020 tmp10:= OR_DSZ32(rax) U439d: 00082e6bd00a tmp13:= ZEROEXT_DSZ32(0x00005a2e) 05198240 SEQW GOTO U1982 ------------------------------------------------------------------------------------ U439e: 1e7b0927ecb0 LFNCEMARK-> tmp14:= unk_e7b(tmp0, tmp2) U43a0: 0c4b4027f000 LFNCEWAIT-> tmp15:= RDSEGFLD(UNK_SEG_09, FLGS) U43a1: 0042f51c023f MOVETOCREG_DSZ64(tmp15, 0x7f5) 023aec40 SEQW GOTO U3aec ------------------------------------------------------------------------------------ U43a2: 204300000832 WRITEURAM(tmp2, rax) U43a4: 396289480200 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U43a5: 000000000000 NOP U43a6: 10629d0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x29d, 32) U43a8: 286ae5ed023f SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000003, U5be5) 08596400 SEQW GOTO U5964 ------------------------------------------------------------------------------------ U43a9: 000000000000 NOP U43aa: 0dcf00032020 PORTOUT_DSZ8_ASZ16_SC1(rax, tmp2) U43ac: 000d02800000 SAVEUIP_REGOVR(0x01, U43ad, 0x0002) U43ad: 000ca48c0280 SAVEUIP(0x01, U43a4) 092b1540 SEQW GOTO lbsync_full ------------------------------------------------------------------------------------ U43ae: 000000000000 SYNCFULL-> NOP U43b0: 021500000c80 FETCHFROMEIP1_ASZ32(tmp2) U43b1: 105e00000c80 MJMPTARGET_INDIRECT_ASZ64(tmp2) 01c3a4b1 SEQW UEND0 ------------------------------------------------------------------------------------ U43b2: 0e7d00032034 STADSTGBUF_DSZ64_ASZ16_SC1(tmp4, tmp2) 01c3a4b1 SEQW GOTO U43a4 ------------------------------------------------------------------------------------ U43b4: 014300380dc0 AETTRACE(0x0e, tmp7) 01841400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U43b5: 000000000000 NOP U43b6: 000000000000 NOP U43b8: 000000000000 NOP U43b9: 000000000000 NOP U43ba: 0d8f00032020 PORTOUT_DSZ16_ASZ16_SC1(rax, tmp2) 01c3ac80 SEQW GOTO U43ac ------------------------------------------------------------------------------------ U43bc: 06a50003b038 tmm3:= unk_6a5(tmm0) 0192e500 SEQW GOTO U12e5 ------------------------------------------------------------------------------------ U43bd: 000000000000 NOP U43be: 000000000000 NOP U43c0: 000000000000 NOP U43c1: 000000000000 NOP U43c2: 0d0f00032020 PORTOUT_DSZ32_ASZ16_SC1(rax, tmp2) 01c3ac80 SEQW GOTO U43ac ------------------------------------------------------------------------------------ U43c4: 06cf0003be39 tmm3:= unk_6cf(tmm1, tmm0) 0192e500 SEQW GOTO U12e5 ------------------------------------------------------------------------------------ U43c5: 000000000000 NOP U43c6: 000000000000 NOP U43c8: 000000000000 NOP U43c9: 000000000000 NOP U43ca: 0d4f00032020 PORTOUT_DSZ64_ASZ16_SC1(rax, tmp2) 01c3ac80 SEQW GOTO U43ac ------------------------------------------------------------------------------------ U43cc: 06c80003be39 tmm3:= unk_6c8(tmm1, tmm0) 0192e500 SEQW GOTO U12e5 ------------------------------------------------------------------------------------ U43cd: 000000000000 NOP U43ce: 000000000000 NOP U43d0: 000000000000 NOP U43d1: 000000000000 NOP U43d2: 2e7d00032020 STADSTGBUF_DSZ64_ASZ16_SC1(rax, tmp2) 01c3a480 SEQW GOTO U43a4 ------------------------------------------------------------------------------------ U43d4: 06a20003be78 tmm3:= unk_6a2(tmm0, tmm1) 0192e500 SEQW GOTO U12e5 ------------------------------------------------------------------------------------ U43d5: 000000000000 NOP U43d6: 000000000000 NOP U43d8: 000000000000 NOP U43d9: 000000000000 NOP U43da: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U43dc: 06260003be39 tmm3:= unk_626(tmm1, tmm0) 0192e500 SEQW GOTO U12e5 ------------------------------------------------------------------------------------ U43dd: 000000000000 NOP U43de: 000000000000 NOP U43e0: 000000000000 NOP U43e1: 000000000000 NOP U43e2: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U43e4: 000cb18402c0 SAVEUIP(0x01, U61b1) 01df3200 SEQW GOTO U5f32 ------------------------------------------------------------------------------------ U43e5: 000000000000 NOP U43e6: 000000000000 NOP U43e8: 000000000000 NOP U43e9: 000000000000 NOP U43ea: 000000000000 NOP 01a76980 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U43ec: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U43ed: 23800003ae80 tmp10:= READAFLAGS(tmp10) U43ee: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 02394280 ? SEQW GOTO U3942 U43f0: 3e7b2903bcb0 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp2) U43f1: 000c45e7e248 tmp14:= SAVEUIP(0x01, U3945) 04144540 SEQW GOTO U1445 ------------------------------------------------------------------------------------ U43f2: 000000000000 NOP U43f4: 000000000000 NOP 0d276900 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U43f5: 00621b030200 tmp0:= MOVEFROMCREG_DSZ64(0x01b) U43f6: 2042521c0230 SYNCMARK-> MOVETOCREG_DSZ64(tmp0, 0x752) U43f8: 000001034234 tmp4:= ADD_DSZ32(tmp4, 0x00000001) U43f9: 200100001034 SYNCWAIT-> r64dst:= OR_DSZ32(tmp4) 0a97ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U43fa: 004100034023 tmp4:= OR_DSZ64(rbx) U43fc: 004100035020 tmp5:= OR_DSZ64(rax) U43fd: 00410003a022 tmp10:= OR_DSZ64(rdx) U43fe: 000d54680380 SAVEUIP_REGOVR(0x00, U4400, 0xda54) U4400: 000c94800280 SAVEUIP(0x01, U4094) 01bad400 SEQW GOTO U3ad4 ------------------------------------------------------------------------------------ U4401: 000000000000 NOP U4402: 000100034020 tmp4:= OR_DSZ32(rax) U4404: 00010003a022 tmp10:= OR_DSZ32(rdx) U4405: 00082467d00a tmp13:= ZEROEXT_DSZ32(0x00005924) 09198240 SEQW GOTO U1982 ------------------------------------------------------------------------------------ U4406: 206220071200 SYNCFULL-> tmp1:= MOVEFROMCREG_DSZ64(0x120) U4408: 092809110031 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U4409) 08c4060d SEQW GOTO U4406 ------------------------------------------------------------------------------------ U4409: 004221040200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x121) 08c4060d SEQW URET1 ------------------------------------------------------------------------------------ U440a: 2e750063000d tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b800) U440c: 2e754063100d tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b840) U440d: 2e758063200d tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b880) U440e: 2e75c063300d tmp3:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b8c0) U4410: 2e750067400d tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b900) U4411: 2e754067500d tmp5:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b940) 01b0fd40 SEQW GOTO U30fd ------------------------------------------------------------------------------------ U4412: 000000000000 NOP U4414: 0004ef036d90 tmp6:= AND_DSZ32(0x003c7fd7, tmp6) 0184e410 SEQW SAVEUIP0 U4415 SEQW GOTO U04e4 U4415: 00250a031236 tmp1:= SHR_DSZ32(tmp6, 0x0000000a) U4416: 0004000b1c48 tmp1:= AND_DSZ32(0x00000200, tmp1) U4418: 0004ee030d90 tmp0:= AND_DSZ32(0x003c4dd7, tmp6) U4419: 000100430c09 tmp0:= OR_DSZ32(0x00003000, tmp0) U441a: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U441c: 120700036db0 tmp6:= unk_207(tmp0, tmp6) 01c47d00 SEQW GOTO U447d ------------------------------------------------------------------------------------ U441d: 00251a03b23e tmp11:= SHR_DSZ32(tmp14, 0x0000001a) U441e: 00010903bec8 tmp11:= OR_DSZ32(0x00000009, tmp11) U4420: 003d0003bfbb tmp11:= MOVEINSERTFLGS_DSZ32(tmp11, tmp14) U4421: 004510037d48 tmp7:= SUB_DSZ64(0x00000010, tmp5) U4422: 000501034d08 tmp4:= SUB_DSZ32(0x00000001, tmp4) U4424: 005200000ef4 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp4, tmp11) U4425: 004010037dc8 tmp7:= ADD_DSZ64(0x00000010, tmp7) 01824a55 SEQW SAVEUIP1 U4426 SEQW GOTO U024a U4426: 0062e11ff200 tmp15:= MOVEFROMCREG_DSZ64(0x7e1) U4428: 186a111c023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000000, generate_#GP) U4429: 000ce4ab5200 tmp5:= SAVEUIP(0x01, U0ae4) U442a: 017e00038ef8 tmp8:= MOVEMERGEFLGS_DSZ64(tmp8, tmp11) U442c: 00652003f238 tmp15:= SHR_DSZ64(tmp8, 0x00000020) U442d: 0151f25c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U37f2) U442e: 0004007f2e1f tmp2:= AND_DSZ32(0xffffffffffffff00, tmp8) U4430: 000500232c88 tmp2:= SUB_DSZ32(0x00000800, tmp2) U4431: 0150f25c0272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U37f2) U4432: 000880031008 tmp1:= ZEROEXT_DSZ32(0x00000080) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U4434: 000dd537300a tmp3:= SAVEUIP_REGOVR(0x00, U4435, 0x0dd5, 0x00004dd5) 0184e400 SEQW GOTO U04e4 U4435: 120dd53f3cca tmp3:= unk_20d(0x00004fd5, tmp3) U4436: 1201d57f3ccb tmp3:= unk_201(0x00007fd5, tmp3) U4438: 00a124033cc8 tmp3:= CONCAT_DSZ16(0x00000024, tmp3) U4439: 100800033033 tmp3:= ZEROEXT_DSZ32N(tmp3) U443a: 00240a031220 tmp1:= SHL_DSZ32(rax, 0x0000000a) U443c: 0004af031c50 tmp1:= AND_DSZ32(0x00080000, tmp1) U443d: 0004af030d90 tmp0:= AND_DSZ32(0x00080000, tmp6) U443e: 120700030c31 tmp0:= unk_207(tmp1, tmp0) U4440: 020700031031 tmp1:= unk_207(tmp1) U4441: 002401031231 tmp1:= SHL_DSZ32(tmp1, 0x00000001) U4442: 000400031db1 tmp1:= AND_DSZ32(tmp1, tmp6) U4444: 000700036db3 tmp6:= NOTAND_DSZ32(tmp3, tmp6) U4445: 000100036db0 tmp6:= OR_DSZ32(tmp0, tmp6) U4446: 000400030833 tmp0:= AND_DSZ32(tmp3, rax) U4448: 000100036db0 tmp6:= OR_DSZ32(tmp0, tmp6) U4449: 001610036236 tmp6:= BTR_DSZ32(tmp6, 0x00000010) U444a: 008800030031 tmp0:= ZEROEXT_DSZ16(tmp1) U444c: 000600031c70 tmp1:= XOR_DSZ32(tmp0, tmp1) U444d: 000100034d31 tmp4:= OR_DSZ32(tmp1, tmp4) U444e: 000400070808 tmp0:= AND_DSZ32(0x00000100, rax) U4450: 120700030030 tmp0:= unk_207(tmp0) U4451: 000100034d30 tmp4:= OR_DSZ32(tmp0, tmp4) 01c47d40 SEQW GOTO U447d ------------------------------------------------------------------------------------ U4452: 000000000000 NOP U4454: 02080b834008 tmp4:= unk_208(IMM_MACRO_ALIAS_DATASIZE) U4455: 020704034d08 tmp4:= unk_207(0x00000004, tmp4) U4456: 00040b834d08 tmp4:= AND_DSZ32(IMM_MACRO_ALIAS_DATASIZE, tmp4) U4458: 0008e6033010 tmp3:= ZEROEXT_DSZ32(0x00254fd5) U4459: 120de5033433 tmp3:= unk_20d(tmp3, 0x00254dd5) U445a: 1201f5033cd0 tmp3:= unk_201(0x003f7fd5, tmp3) U445c: 1203e8033cd0 tmp3:= unk_203(0x00257fd5, tmp3) U445d: 100800033033 tmp3:= ZEROEXT_DSZ32N(tmp3) U445e: 1207d5333cca tmp3:= unk_207(0x00004cd5, tmp3) U4460: 1207af031010 tmp1:= unk_207(0x00080000) U4461: 00240a030220 tmp0:= SHL_DSZ32(rax, 0x0000000a) U4462: 000400030c31 tmp0:= AND_DSZ32(tmp1, tmp0) U4464: 000700036db1 tmp6:= NOTAND_DSZ32(tmp1, tmp6) U4465: 000100036db0 tmp6:= OR_DSZ32(tmp0, tmp6) U4466: 00250b031236 tmp1:= SHR_DSZ32(tmp6, 0x0000000b) U4468: 0004000b1c48 tmp1:= AND_DSZ32(0x00000200, tmp1) U4469: 001508031231 tmp1:= BTS_DSZ32(tmp1, 0x00000008) U446a: 120700031031 tmp1:= unk_207(tmp1) U446c: 000400031831 tmp1:= AND_DSZ32(tmp1, rax) U446d: 000100034d31 tmp4:= OR_DSZ32(tmp1, tmp4) U446e: 000700036db3 tmp6:= NOTAND_DSZ32(tmp3, tmp6) U4470: 000400030833 tmp0:= AND_DSZ32(tmp3, rax) U4471: 000100036db0 tmp6:= OR_DSZ32(tmp0, tmp6) 01c47d40 SEQW GOTO U447d ------------------------------------------------------------------------------------ U4472: 000000000000 NOP U4474: 120701034008 tmp4:= unk_207(0x00000001) U4475: 000100034d00 tmp4:= OR_DSZ32(0x00000000, tmp4) U4476: 00080007300a tmp3:= ZEROEXT_DSZ32(0x00004100) U4478: 00a103033cc8 tmp3:= CONCAT_DSZ16(0x00000003, tmp3) U4479: 120600033033 tmp3:= unk_206(tmp3) U447a: 120e00033cc0 tmp3:= unk_20e(tmp3) U447c: 000700036833 tmp6:= NOTAND_DSZ32(tmp3, rax) U447d: 2a62fe1c0335 SYNCMARK-> MOVETOCREG_BTR_DSZ64(tmp5, 0x00000010, CORE_CR_EFLAGS) U447e: 0151111c0274 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, generate_#GP) U4480: 000800020036 SYNCWAIT-> rax:= ZEROEXT_DSZ32(tmp6) 0a2711b0 SEQW UEND0 ------------------------------------------------------------------------------------ U4481: 00043f03df48 tmp13:= AND_DSZ32(0x0000003f, tmp13) U4482: 19282c4c027d CMPUJZ_DIRECT_NOTTAKEN(tmp13, 0x00000005, U232c) 0a2711b0 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U4484: 0e4b00031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01f58588 SEQW URET0 ------------------------------------------------------------------------------------ U4485: 100100030020 tmp0:= OR_DSZN(rax) U4486: 000ca0d802c0 SAVEUIP(0x01, U76a0) 01f58588 SEQW GOTO U7585 ------------------------------------------------------------------------------------ U4488: 0e4b20031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01daca88 SEQW URET0 ------------------------------------------------------------------------------------ U4489: 00642003f230 tmp15:= SHL_DSZ64(tmp0, 0x00000020) U448a: 00432404023f WRITEURAM(tmp15, 0x0124, 64) 01daca88 SEQW GOTO U5aca ------------------------------------------------------------------------------------ U448c: 0e4b40031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U448d: 000000000000 NOP U448e: 000000000000 NOP U4490: 0e4b60031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01841488 SEQW URET0 ------------------------------------------------------------------------------------ U4491: 0a62fe1c033a MOVETOCREG_BTR_DSZ64(tmp10, 0x00000010, CORE_CR_EFLAGS) U4492: 004265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) 01841488 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U4494: 0e4b80031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U4495: 000000000000 NOP U4496: 000000000000 NOP U4498: 0e4ba0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01a21e88 SEQW URET0 ------------------------------------------------------------------------------------ U4499: 100500030070 tmp0:= SUB_DSZN(tmp0, r64dst) U449a: 0353567402b0 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp0, U5d56) 01a21e88 SEQW GOTO U221e ------------------------------------------------------------------------------------ U449c: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 01ac228c SEQW URET1 ------------------------------------------------------------------------------------ U449d: 00070803aec8 tmp10:= NOTAND_DSZ32(0x00000008, tmp11) U449e: 000b02000200 UPDATEUSTATE(0x08) 01ac228c SEQW GOTO U2c22 ------------------------------------------------------------------------------------ U44a0: 0e4be0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 0517ec88 SEQW URET0 ------------------------------------------------------------------------------------ U44a1: 0004430b7dd0 tmp7:= AND_DSZ32(0xffff2bff, tmp7) U44a2: 2962f89c02b7 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp7, 0x0000000a, 0x7f8) 0517ec88 SEQW GOTO uend ------------------------------------------------------------------------------------ U44a4: 1e4b00031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01d90a88 SEQW URET0 ------------------------------------------------------------------------------------ U44a5: 00081c030008 tmp0:= ZEROEXT_DSZ32(0x0000001c) U44a6: 000800031008 tmp1:= ZEROEXT_DSZ32(0x00000000) 01d90a88 SEQW GOTO U590a ------------------------------------------------------------------------------------ U44a8: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 01e0d28c SEQW URET1 ------------------------------------------------------------------------------------ U44a9: 002406032232 tmp2:= SHL_DSZ32(tmp2, 0x00000006) U44aa: 2e7d00735c8d STADSTGBUF_DSZ64_ASZ16_SC1(tmp2, 0x0000bc00, tmp5) 01e0d28c SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U44ac: 1e4b40031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44ad: 000000000000 NOP U44ae: 000000000000 NOP U44b0: 1e4b60031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01ae2a88 SEQW URET0 ------------------------------------------------------------------------------------ U44b1: 013e00035c75 tmp5:= MOVEMERGEFLGS_DSZ32(tmp5, tmp1) U44b2: 013400035cb5 tmp5:= CMOVCC_DSZ32_CONDZ(tmp5, tmp2) 01ae2a88 SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U44b4: 1e4b80031cb0 tmp1:= unk_e4b(tmp0, tmp2) 019aca88 SEQW URET0 ------------------------------------------------------------------------------------ U44b5: 033a924bc009 tmp12:= STC(0x00003292) U44b6: 000906032008 tmp2:= MOVE_DSZ32(0x00000006) 019aca88 SEQW GOTO U1aca ------------------------------------------------------------------------------------ U44b8: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 01ae2a8c SEQW URET1 ------------------------------------------------------------------------------------ U44b9: 006d00035c75 tmp5:= ROR_DSZ64(tmp5, tmp1) U44ba: 004400035d7c tmp5:= AND_DSZ64(tmp12, tmp5) 01ae2a8c SEQW GOTO U2e2a ------------------------------------------------------------------------------------ U44bc: 1e4bc0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44bd: 000000000000 NOP U44be: 000000000000 NOP U44c0: 1e4be0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 0732f088 SEQW URET0 ------------------------------------------------------------------------------------ U44c1: 004400031c75 tmp1:= AND_DSZ64(tmp5, tmp1) U44c2: 0151111c0271 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) 0732f088 SEQW GOTO U32f0 ------------------------------------------------------------------------------------ U44c4: 2e4b00031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44c5: 000000000000 NOP U44c6: 000000000000 NOP U44c8: 2e4b20031cb0 tmp1:= unk_e4b(tmp0, tmp2) 07320088 SEQW URET0 ------------------------------------------------------------------------------------ U44c9: 004400031c75 tmp1:= AND_DSZ64(tmp5, tmp1) U44ca: 0151111c0271 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) 07320088 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U44cc: 2e4b40031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44cd: 000000000000 NOP U44ce: 000000000000 NOP U44d0: 2e4b60031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b0ed88 SEQW URET0 ------------------------------------------------------------------------------------ U44d1: 00540f032233 tmp2:= BT_DSZ64(tmp3, 0x0000000f) U44d2: 003374032432 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00020000) 01b0ed88 SEQW GOTO U30ed ------------------------------------------------------------------------------------ U44d4: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 0932048c SEQW URET1 ------------------------------------------------------------------------------------ U44d5: 000420032c88 tmp2:= AND_DSZ32(0x00000020, tmp2) U44d6: 2902c3180cb1 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp1, tmp2, 0x6c3) 0932048c SEQW GOTO U3204 ------------------------------------------------------------------------------------ U44d8: 2e4ba0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 07323488 SEQW URET0 ------------------------------------------------------------------------------------ U44d9: 006320032200 tmp2:= READURAM(0x0020, 64) U44da: 186a111c0cb1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, tmp2, generate_#GP) 07323488 SEQW GOTO U3234 ------------------------------------------------------------------------------------ U44dc: 2e4bc0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44dd: 000000000000 NOP U44de: 000000000000 NOP U44e0: 2e4be0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01a89688 SEQW URET0 ------------------------------------------------------------------------------------ U44e1: 00080803d008 tmp13:= ZEROEXT_DSZ32(0x00000008) U44e2: 090205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) 01a89688 SEQW GOTO U2896 ------------------------------------------------------------------------------------ U44e4: 3e4b00031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44e5: 000000000000 NOP U44e6: 000000000000 NOP U44e8: 3e4b20031cb0 tmp1:= unk_e4b(tmp0, tmp2) 019f9188 SEQW URET0 ------------------------------------------------------------------------------------ U44e9: 004800031033 tmp1:= ZEROEXT_DSZ64(tmp3) U44ea: 001510030200 tmp0:= BTS_DSZ32(0x00000000, 0x00000010) 019f9188 SEQW GOTO do_smm_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U44ec: 3e4b40031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44ed: 000000000000 NOP U44ee: 000000000000 NOP U44f0: 3e4b60031cb0 tmp1:= unk_e4b(tmp0, tmp2) 019f9188 SEQW URET0 ------------------------------------------------------------------------------------ U44f1: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) U44f2: 001510030230 tmp0:= BTS_DSZ32(tmp0, 0x00000010) 019f9188 SEQW GOTO do_smm_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U44f4: 3e4b80031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44f5: 000000000000 NOP U44f6: 000000000000 NOP U44f8: 3e4ba0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 01ba4188 SEQW URET0 ------------------------------------------------------------------------------------ probe_mode_force_sgx_eenter_eresume: U44f9: 00a191030008 tmp0:= CONCAT_DSZ16(0x00000091) U44fa: 0088c5570c0b tmp0:= ZEROEXT_DSZ16(0x000075c5, tmp0) 01ba4188 SEQW GOTO enter_probe_mode ------------------------------------------------------------------------------------ U44fc: 3e4bc0031030 tmp1:= unk_e4b(tmp0) 01b8f800 SEQW GOTO U38f8 ------------------------------------------------------------------------------------ U44fd: 000000000000 NOP U44fe: 000000000000 NOP U4500: 3e4be0031cb0 tmp1:= unk_e4b(tmp0, tmp2) 0697ec88 SEQW URET0 ------------------------------------------------------------------------------------ U4501: 0dff07000000 LFNCEWTMRK-> unk_dff(0x00000000) U4502: 300000000001 ADD_DSZ32(r64dst) 0697ec88 SEQW GOTO uend ------------------------------------------------------------------------------------ U4504: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) 093bea00 SEQW GOTO U3bea ------------------------------------------------------------------------------------ U4505: 000000000000 NOP U4506: 390201080540 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmpv1, 0x201) U4508: 390204080540 MOVETOCREG_OR_DSZ64(tmpv1, 0x204) 01809d00 SEQW GOTO U009d ------------------------------------------------------------------------------------ U4509: 000000000000 NOP U450a: 000000000000 NOP U450c: 00635c030200 tmp0:= READURAM(0x005c, 64) U450d: 00250e030230 tmp0:= SHR_DSZ32(tmp0, 0x0000000e) U450e: 006353031200 tmp1:= READURAM(0x0053, 64) U4510: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U4511: 386aa9a80230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000002, U3aa9) U4512: 006335032200 tmp2:= READURAM(0x0035, 64) 01d8a180 SEQW GOTO U58a1 ------------------------------------------------------------------------------------ U4514: 000d00035000 tmp5:= SAVEUIP_REGOVR(0x00, U4515, 0x0000) 01dee800 SEQW GOTO U5ee8 U4515: 10429d080240 MOVETOCREG_DSZ64(0x00000000, 0x29d, 32) U4516: 30629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U4518: 086a161502b1 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U4516) U4519: 00088d7bc00a tmp12:= ZEROEXT_DSZ32(0x00005e8d) 08282540 SEQW GOTO U2825 ------------------------------------------------------------------------------------ U451a: 000000000000 NOP U451c: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) U451d: 2d4b10031008 tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x00000010) U451e: 006323030200 tmp0:= READURAM(0x0023, 64) U4520: 000600030c31 tmp0:= XOR_DSZ32(tmp1, tmp0) U4521: 186a14a00270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000006, U2814) U4522: 000c0da00240 SAVEUIP(0x01, U280d) 01de3e80 SEQW GOTO U5e3e ------------------------------------------------------------------------------------ U4524: 006275170200 tmp0:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U4525: 096275d402b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000b, PMH_CR_EMRR_MASK) U4526: 2d4b10031008 tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x00000010) U4528: 004262140231 MOVETOCREG_DSZ64(tmp1, 0x562) U4529: 006213176200 tmp6:= MOVEFROMCREG_DSZ64(0x513) U452a: 286b2a2c0236 BTUJNB_DIRECT_NOTTAKEN(tmp6, 0x00000000, U1b2a) 019b2180 SEQW GOTO U1b21 ------------------------------------------------------------------------------------ U452c: 2d4b10030008 tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x00000010) U452d: 004263140230 MOVETOCREG_DSZ64(tmp0, 0x563) 0186ee40 SEQW GOTO U06ee ------------------------------------------------------------------------------------ U452e: 000802030008 tmp0:= ZEROEXT_DSZ32(0x00000002) U4530: 000cea6c0240 SAVEUIP(0x00, U3bea) 01dee800 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U4531: 000000000000 NOP U4532: 000000000000 NOP U4534: 000803030008 tmp0:= ZEROEXT_DSZ32(0x00000003) U4535: 000cea6f5240 tmp5:= SAVEUIP(0x00, U3bea) 01dee840 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U4536: 000401032d88 tmp2:= AND_DSZ32(0x00000001, tmp6) U4538: 0151190402b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U4119) 01dd3800 SEQW GOTO U5d38 ------------------------------------------------------------------------------------ U4539: 000000000000 NOP U453a: 000000000000 NOP U453c: 00088c17c008 tmp12:= ZEROEXT_DSZ32(0x0000058c) U453d: 000c25235240 tmp5:= SAVEUIP(0x00, U2825) 01dee840 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U453e: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U4540: 00428c100230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x48c) 04040400 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U4541: 000000000000 NOP U4542: 000000000000 NOP U4544: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) U4545: 000a00400200 TESTUSTATE(UCODE, 0x1000) 01a81440 ? SEQW GOTO U2814 U4546: 006275170200 tmp0:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U4548: 186b14e002b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000000b, U2814) U4549: 006205071200 tmp1:= MOVEFROMCREG_DSZ64(0x105) U454a: 186a14a00231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000002, U2814) 01b1d980 SEQW GOTO U31d9 ------------------------------------------------------------------------------------ U454c: 00635303f200 tmp15:= READURAM(0x0053, 64) U454d: 00410103ffc8 tmp15:= OR_DSZ64(0x00000001, tmp15) U454e: 00435308023f WRITEURAM(tmp15, 0x0053, 32) 0186ee80 SEQW GOTO U06ee ------------------------------------------------------------------------------------ U4550: 0fef02000000 LBSYNC(0x00000002) 01a52100 SEQW GOTO U2521 ------------------------------------------------------------------------------------ U4551: 000000000000 NOP U4552: 000000000000 NOP U4554: 000d00800000 SAVEUIP_REGOVR(0x01, U4555, 0x0000) U4555: 000cee980200 SAVEUIP(0x01, U06ee) 01de4e4e SEQW GOTO U5e4e ------------------------------------------------------------------------------------ U4556: 100ac6800200 TESTUSTATE(SYS, !UST_USER_MODE | UST_8086_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 01de4e4e ? SEQW URET1 U4558: 000c420402c0 SAVEUIP(0x00, U6142) 018a6d00 SEQW GOTO U0a6d ------------------------------------------------------------------------------------ U4559: 000000000000 NOP U455a: 000000000000 NOP U455c: 000d00800000 SAVEUIP_REGOVR(0x01, U455d, 0x0000) 01de4e00 SEQW GOTO U5e4e U455d: 2d4ba043000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x000050a0) U455e: 2d4ba843100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x000050a8) U4560: 104205080270 MOVETOCREG_DSZ64(tmp0, 0x205, 32) U4561: 104206080271 MOVETOCREG_DSZ64(tmp1, 0x206, 32) 0186ee40 SEQW GOTO U06ee ------------------------------------------------------------------------------------ U4562: 000000000000 NOP U4564: 000804030008 tmp0:= ZEROEXT_DSZ32(0x00000004) U4565: 000cea6f5240 tmp5:= SAVEUIP(0x00, U3bea) 035ee840 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U4566: 2d61001ff032 LFNCEWAIT-> tmp15:= unk_d61(tmp2) U4568: 000d07800000 SAVEUIP_REGOVR(0x01, U4569, 0x0007) 01bd2c00 SEQW GOTO U3d2c U4569: 000000000000 NOP U456a: 000000000000 NOP U456c: 000805030008 tmp0:= ZEROEXT_DSZ32(0x00000005) U456d: 000cea6f5240 tmp5:= SAVEUIP(0x00, U3bea) 01dee840 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U456e: 108800021874 rcx:= ZEROEXT_DSZ16N(tmp4, rcx) U4570: 237d3f000e88 GENARITHFLAGS(0x0000003f, tmp10) 01869e00 SEQW GOTO U069e ------------------------------------------------------------------------------------ U4571: 000000000000 NOP U4572: 000000000000 NOP U4574: 000882071008 tmp1:= ZEROEXT_DSZ32(0x00000182) U4575: 00a1f1031c48 tmp1:= CONCAT_DSZ16(0x000000f1, tmp1) U4576: 204378080231 WRITEURAM(tmp1, 0x0078, 32) U4578: 000ca1dc0280 SAVEUIP(0x01, U57a1) 01e09400 SEQW GOTO U6094 ------------------------------------------------------------------------------------ U4579: 000000000000 NOP U457a: 000000000000 NOP U457c: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) U457d: 2d0bd843200a tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U457e: 001411032232 tmp2:= BT_DSZ32(tmp2, 0x00000011) U4580: 003300035d72 tmp5:= SELECTCC_DSZ32_CONDNB(tmp2, tmp5) U4581: 00630d031200 tmp1:= READURAM(0x000d, 64) U4582: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) 01a59180 SEQW GOTO U2591 ------------------------------------------------------------------------------------ U4584: 000d01800000 SAVEUIP_REGOVR(0x01, U4585, 0x0001) U4585: 000c8c940280 SAVEUIP(0x01, U458c) 01de4e40 SEQW GOTO U5e4e ------------------------------------------------------------------------------------ U4586: 0150884c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3388) U4588: 000000000000 NOP 01a71100 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U4589: 000000000000 NOP U458a: 000000000000 NOP U458c: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01836200 ? SEQW GOTO U0362 U458d: 000800000000 NOP U458e: 000800000000 NOP U4590: 000000000000 NOP 01a64e00 SEQW GOTO U264e ------------------------------------------------------------------------------------ U4591: 000000000000 NOP U4592: 000000000000 NOP U4594: 000501031008 tmp1:= SUB_DSZ32(0x00000001) U4595: 000ca8940280 SAVEUIP(0x01, U45a8) 01a79940 SEQW GOTO U2799 ------------------------------------------------------------------------------------ U4596: 2d0b3c031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x0000003c) U4598: 1929d2010031 LFNCEMARK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U60d2) 04339800 SEQW GOTO U3398 ------------------------------------------------------------------------------------ U4599: 000000000000 NOP U459a: 000000000000 NOP U459c: 000d01800000 SAVEUIP_REGOVR(0x01, U459d, 0x0001) U459d: 000ca8940280 SAVEUIP(0x01, U45a8) 01de4e40 SEQW GOTO U5e4e ------------------------------------------------------------------------------------ U459e: 000900037000 tmp7:= MOVE_DSZ32(0x00000000) U45a0: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) 01a68a00 SEQW GOTO U268a ------------------------------------------------------------------------------------ U45a1: 000000000000 NOP U45a2: 000000000000 NOP U45a4: 000000031000 tmp1:= ADD_DSZ32(0x00000000) 01a79914 SEQW SAVEUIP1 U45a5 SEQW GOTO U2799 U45a5: 000800000000 NOP U45a6: 000800000000 NOP U45a8: 000ce1475240 tmp5:= SAVEUIP(0x00, U31e1) 01dee800 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U45a9: 0e6500031034 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U45aa: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) U45ac: 0e7d00031032 STADSTGBUF_DSZ64_ASZ16_SC1(tmp2, tmp1) U45ad: 004020032c88 tmp2:= ADD_DSZ64(0x00000020, tmp2) U45ae: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01c5a980 SEQW GOTO U45a9 ------------------------------------------------------------------------------------ U45b0: 000000000000 NOP 091ea600 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U45b1: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U45b2: 0042521c023f SYNCFULL-> MOVETOCREG_DSZ64(tmp15, 0x752) U45b4: 125600000000 unk_256(0x00000000) U45b5: 00633a030200 tmp0:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U45b6: 005620030230 tmp0:= BTR_DSZ64(tmp0, 0x00000020) U45b8: 20433a000230 WRITEURAM(tmp0, FSCP_CR_IA32_FEATURE_CTL, 64) U45b9: 021e8b000200 SIGEVENT(0x0000008b) U45ba: 0c4000635038 tmp5:= LDZX_DSZ64_ASZ32_SC1(tmp8, mode=0x18) U45bc: 0c4008630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000008, mode=0x18) U45bd: 006310031200 tmp1:= READURAM(0x0010, 64) U45be: 00474a0b1c50 tmp1:= NOTAND_DSZ64(0xffffffff, tmp1) U45c0: 00410a031c50 tmp1:= OR_DSZ64(0x0000007f, tmp1) U45c1: 004400031c31 tmp1:= AND_DSZ64(tmp1, tmp0) U45c2: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U45c4: 204201040230 MOVETOCREG_DSZ64(tmp0, 0x101) U45c5: 0c4010630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000010, mode=0x18) U45c6: 204202040230 MOVETOCREG_DSZ64(tmp0, 0x102) U45c8: 0c4018630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000018, mode=0x18) U45c9: 0008490b1010 tmp1:= ZEROEXT_DSZ32(0xffffffc8) U45ca: 00213f0b1c50 tmp1:= CONCAT_DSZ32(0xfffe0000, tmp1) U45cc: 004400031c31 tmp1:= AND_DSZ64(tmp1, tmp0) U45cd: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U45ce: 2042b1000230 MOVETOCREG_DSZ64(tmp0, 0x0b1) U45d0: 0c4020630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000020, mode=0x18) U45d1: 000806031010 tmp1:= ZEROEXT_DSZ32(0x0000001f) U45d2: 004400031c31 tmp1:= AND_DSZ64(tmp1, tmp0) U45d4: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U45d5: 204352000230 WRITEURAM(tmp0, 0x0052, 64) U45d6: 0c4028630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000028, mode=0x18) U45d8: 025c00000c30 unk_25c(tmp0, tmp0) U45d9: 204280000230 MOVETOCREG_DSZ64(tmp0, 0x080) U45da: 0c4030630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000030, mode=0x18) U45dc: 025c00000c30 unk_25c(tmp0, tmp0) U45dd: 204281000230 MOVETOCREG_DSZ64(tmp0, 0x081) U45de: 0c4038630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000038, mode=0x18) U45e0: 025c00000c30 unk_25c(tmp0, tmp0) U45e1: 204282000230 MOVETOCREG_DSZ64(tmp0, 0x082) U45e2: 0c4040630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000040, mode=0x18) U45e4: 025c00000c30 unk_25c(tmp0, tmp0) U45e5: 204283000230 SYNCMARK-> MOVETOCREG_DSZ64(tmp0, 0x083) U45e6: 0c4048631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000048, mode=0x18) U45e8: 0c4050630238 tmp0:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000050, mode=0x18) U45e9: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45ea: 0c4058631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000058, mode=0x18) U45ec: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45ed: 0c4060631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000060, mode=0x18) U45ee: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45f0: 0c4068631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000068, mode=0x18) U45f1: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45f2: 0c4070631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000070, mode=0x18) U45f4: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45f5: 0c4078631238 tmp1:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000078, mode=0x18) U45f6: 004100030c31 tmp0:= OR_DSZ64(tmp1, tmp0) U45f8: 0151111c0270 SYNCWAIT-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U45f9: 0008560b1010 tmp1:= ZEROEXT_DSZ32(0xf0840070) U45fa: 0021460b1c50 tmp1:= CONCAT_DSZ32(0xffffff00, tmp1) U45fc: 004400031d71 tmp1:= AND_DSZ64(tmp1, tmp5) U45fd: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U45fe: 000b81000200 UPDATEUSTATE(0x04) U4600: 20433f000200 WRITEURAM(0x00000000, 0x003f, 64) 018da600 SEQW GOTO U0da6 ------------------------------------------------------------------------------------ U4601: 0008fd079008 tmp9:= ZEROEXT_DSZ32(0x000001fd) U4602: 07440003d039 tmm5:= unk_744(tmm1) U4604: 06600103e03d tmm6:= unk_660(tmm5) U4605: 076c0003603e tmp6:= PINTMOVDTMM2I_DSZ64(tmm6) U4606: 007d00036db6 tmp6:= MOVEINSERTFLGS_DSZ64(tmp6, tmp6) U4608: 06a054038000 tmp8:= unk_6a0(0x00000000) U4609: 053f00038e08 tmm0:= unk_53f(0x00000000, tmm0) U460a: 073a0003c000 tmm4:= unk_73a(0x00000000) 01ee8180 SEQW GOTO U6e81 ------------------------------------------------------------------------------------ U460c: 004267000231 MOVETOCREG_DSZ64(tmp1, CORE_CR_CUR_RIP) U460d: 2e75007f400d tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000bf00) U460e: 0044b6034d10 tmp4:= AND_DSZ64(0x000c0000, tmp4) U4610: 006288037200 tmp7:= MOVEFROMCREG_DSZ64(0x088) U4611: 0047b6037dd0 tmp7:= NOTAND_DSZ64(0x000c0000, tmp7) U4612: 090288000d37 MOVETOCREG_OR_DSZ64(tmp7, tmp4, 0x088) U4614: 0e65d0077f0a tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002d0, mode=0x01) U4615: 0e25cc074f09 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001cc, mode=0x01) U4616: 000a04800200 TESTUSTATE(UCODE, !0x0004) 018ea980 ? SEQW GOTO U0ea9 U4618: 000a20032200 tmp2:= TESTUSTATE(UCODE, 0x0020) 01c61c00 ? SEQW GOTO U461c U4619: 00560f037237 tmp7:= BTR_DSZ64(tmp7, 0x0000000f) U461a: 003380032237 tmp2:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000080) U461c: 000c953c0200 SAVEUIP(0x00, U0f95) U461d: 0000a4040000 ROVR<- NOP 018de55d SEQW SAVEUIP1 U461e SEQW GOTO U0de5 U461e: 007d2003e234 tmp14:= MOVEINSERTFLGS_DSZ64(tmp4, 0x00000020) U4620: 000a40800200 TESTUSTATE(UCODE, !0x0040) 0563f548 ? SEQW URET0 U4621: 000a08800200 TESTUSTATE(UCODE, !0x0008) 0563f548 ? SEQW GOTO U63f5 U4622: 0e6da8040f0c LFNCEMARK-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000004a8, mode=0x01, 0x00000000) U4624: 00082e1bd00a tmp13:= ZEROEXT_DSZ32(0x0000462e) U4625: 125500000cc0 LFNCEWAIT-> FETCHFROMEIP1_ASZ64(tmp3) U4626: 000a10800200 TESTUSTATE(UCODE, !0x0010) 02be0680 ? SEQW GOTO U3e06 U4628: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01c62e00 ? SEQW GOTO U462e U4629: 186add600236 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000001, U28dd) U462a: 386ac6940236 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000002, U35c6) U462c: 006307030200 tmp0:= READURAM(0x0007, 64) U462d: 386a41e80236 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000003, enter_probe_mode) U462e: 000c44680280 SAVEUIP(0x00, U5a44) U4630: 00140e039237 tmp9:= BT_DSZ32(tmp7, 0x0000000e) 01b85d14 SEQW SAVEUIP1 U4631 SEQW GOTO U385d U4631: 000800000000 NOP U4632: 000800000000 NOP U4634: 100a00800280 TESTUSTATE(SYS, !0x4000) 01ce7409 ? SEQW GOTO U4e74 U4635: 100a00800300 TESTUSTATE(SYS, !0x8000) 01ce7409 ? SEQW URET0 U4636: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U4638: 025e00000f80 MSLOOP-> unk_25e(tmp14) 01bdfa24 SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U4639: 0c4500620238 rax:= unk_c45(tmp8, 0x00001800) U463a: 0c4508630238 tmp0:= unk_c45(tmp8, 0x00001808) U463c: 0c4510621238 rcx:= unk_c45(tmp8, 0x00001810) U463d: 0c4518631238 tmp1:= unk_c45(tmp8, 0x00001818) U463e: 0c4520622238 rdx:= unk_c45(tmp8, 0x00001820) U4640: 0c4528632238 tmp2:= unk_c45(tmp8, 0x00001828) U4641: 0c4530623238 rbx:= unk_c45(tmp8, 0x00001830) U4642: 0c4538633238 tmp3:= unk_c45(tmp8, 0x00001838) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ check_rsa_pub_key_hash: U4644: 0005cd070c10 tmp0:= SUB_DSZ32(0x41b7b4a1, tmp0) U4645: 0005150b1c50 tmp1:= SUB_DSZ32(0xdbdc0f7f, tmp1) U4646: 0005de072c90 tmp2:= SUB_DSZ32(0x6ea2ea0f, tmp2) U4648: 00050d0b3cd0 tmp3:= SUB_DSZ32(0xb28fb7b5, tmp3) U4649: 0005b2074d10 tmp4:= SUB_DSZ32(0x3f1586cb, tmp4) U464a: 000553078e10 tmp8:= SUB_DSZ32(0x0388e90c, tmp8) U464c: 00050c0b9e50 tmp9:= SUB_DSZ32(0xae84cbf5, tmp9) U464d: 00059807ae90 tmp10:= SUB_DSZ32(0x1d90453a, tmp10) U464e: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U4650: 000100030c32 tmp0:= OR_DSZ32(tmp2, tmp0) U4651: 000100030c33 tmp0:= OR_DSZ32(tmp3, tmp0) U4652: 000100030c34 tmp0:= OR_DSZ32(tmp4, tmp0) U4654: 000100030c38 tmp0:= OR_DSZ32(tmp8, tmp0) U4655: 000100030c39 tmp0:= OR_DSZ32(tmp9, tmp0) U4656: 000100030c3a tmp0:= OR_DSZ32(tmp10, tmp0) U4658: 0151955c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, rsa_signing_error) U4659: 0e258003027e tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000180) U465a: 2929955d0330 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000011, rsa_signing_error) gen_rc4_key: U465c: 0008050b0010 tmp0:= ZEROEXT_DSZ32(0x0ed17ed0) U465d: 0021d7070c10 tmp0:= CONCAT_DSZ32(0x0ed17ed0, tmp0) U465e: 0008030b1010 tmp1:= ZEROEXT_DSZ32(0x0ed17ed0) U4660: 00210b0b1c50 tmp1:= CONCAT_DSZ32(0x0ed17ed0, tmp1) U4661: 0e6d00030037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp0) U4662: 0e6d08031037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008, tmp1) U4664: 0e6d30030037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000030, tmp0) U4665: 0e6d38031037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000038, tmp1) U4666: 000818030008 tmp0:= ZEROEXT_DSZ32(0x00000018) U4668: 0e6560071c3e LFNCEWAIT-> tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp14, tmp0, 0x00000060, mode=0x01) U4669: 0e6d10031c37 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp0, 0x00000010, tmp1) U466a: 004508030c08 tmp0:= SUB_DSZ64(0x00000008, tmp0) U466c: 02506d1802b0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp0, U466d) 04466800 SEQW GOTO U4668 ------------------------------------------------------------------------------------ U466d: 004000035dc8 tmp5:= ADD_DSZ64(0x00000000, tmp7) U466e: 000801036008 tmp6:= ZEROEXT_DSZ32(0x00000001) U4670: 004040037dc8 tmp7:= ADD_DSZ64(0x00000040, tmp7) U4671: 00886107b00b tmp11:= ZEROEXT_DSZ16(0x00006161) U4672: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0c480 SEQW GOTO calc_sha256_start ------------------------------------------------------------------------------------ U4674: 0004170b8c90 tmp8:= AND_DSZ32(0xe0000001, tmp2) U4675: 013040031238 tmp1:= SELECTCC_DSZ32_CONDZ(tmp8, 0x00000040) U4676: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01a06dc0 ? SEQW GOTO U206d U4678: 00241a037237 tmp7:= SHL_DSZ32(tmp7, 0x0000001a) U4679: 000400033eb7 tmp3:= AND_DSZ32(tmp7, tmp10) U467a: 0062ff1f5200 tmp5:= MOVEFROMCREG_DSZ64(0x7ff) U467c: 002417036235 tmp6:= SHL_DSZ32(tmp5, 0x00000017) U467d: 000400030cf6 tmp0:= AND_DSZ32(tmp6, tmp3) U467e: 100a08832230 tmp2:= TESTUSTATE(tmp0, SYS, !UST_OP_SIZE_32BIT) 01c685c0 ? SEQW GOTO U4685 U4680: 000700032cf0 tmp2:= NOTAND_DSZ32(tmp0, tmp3) U4681: 023160032232 tmp2:= SELECTCC_DSZ32_CONDNS(tmp2, 0x00000060) U4682: 000100034d32 tmp4:= OR_DSZ32(tmp2, tmp4) U4684: 0007f0072430 tmp2:= NOTAND_DSZ32(tmp0, 0x80000000) U4685: 000100034d31 tmp4:= OR_DSZ32(tmp1, tmp4) U4686: 023044032232 tmp2:= SELECTCC_DSZ32_CONDS(tmp2, 0x00000044) U4688: 000100034d32 tmp4:= OR_DSZ32(tmp2, tmp4) U4689: 023110032230 tmp2:= SELECTCC_DSZ32_CONDNS(tmp0, 0x00000010) U468a: 000100034d32 tmp4:= OR_DSZ32(tmp2, tmp4) U468c: 01420f000d00 UFLOWCTRL(USTATE, tmp4) U468d: 00652003123a tmp1:= SHR_DSZ64(tmp10, 0x00000020) U468e: 0151111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, generate_#GP) U4690: 0004d8071e90 tmp1:= AND_DSZ32(0x60000000, tmp10) U4691: 0005a7071c50 tmp1:= SUB_DSZ32(0x20000000, tmp1) U4692: 0150111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) U4694: 0007f107143a tmp1:= NOTAND_DSZ32(tmp10, 0x80000001) U4695: 1928115c0231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, generate_#GP) U4696: 100a00040200 LFNCEMARK-> TESTUSTATE(SYS, UST_VMX_OP_DIS) 0546a080 ? SEQW GOTO U46a0 U4698: 006343032200 tmp2:= READURAM(0x0043, 64) U4699: 005427032232 tmp2:= BT_DSZ64(tmp2, 0x00000027) U469a: 0032f1072432 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x80000001) U469c: 000120032c88 tmp2:= OR_DSZ32(0x00000020, tmp2) U469d: 000700032cba tmp2:= NOTAND_DSZ32(tmp10, tmp2) U469e: 0151111c0272 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) U46a0: 0004180bae90 tmp10:= AND_DSZ32(0xe005003f, tmp10) U46a1: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 0746a440 ? SEQW GOTO U46a4 U46a2: 186b11dc03fa LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp10, 0x0000001f, generate_#GP) U46a4: 0008f61f9008 tmp9:= ZEROEXT_DSZ32(0x000007f6) U46a5: 015142340278 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U2d42) 06883640 SEQW GOTO U0836 ------------------------------------------------------------------------------------ U46a6: 00637a03b200 tmp11:= READURAM(0x007a, 64) U46a8: 00652003b23b tmp11:= SHR_DSZ64(tmp11, 0x00000020) U46a9: 006204036200 tmp6:= MOVEFROMCREG_DSZ64(0x004) U46aa: 000420036d88 tmp6:= AND_DSZ32(0x00000020, tmp6) U46ac: 013e05230d89 tmp0:= MOVEMERGEFLGS_DSZ32(0x00002805, tmp6) U46ad: 013506230270 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x00002806) U46ae: 017000031ef6 tmp1:= SELECTCC_DSZ64_CONDZ(tmp6, tmp11) U46b0: 006270038200 tmp8:= MOVEFROMCREG_DSZ64(0x070) U46b1: 000400078e08 tmp8:= AND_DSZ32(0x00000100, tmp8) U46b2: 002414038238 tmp8:= SHL_DSZ32(tmp8, 0x00000014) U46b4: 000100030c38 tmp0:= OR_DSZ32(tmp8, tmp0) U46b5: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01e09c40 ? SEQW GOTO U609c U46b6: 286a91fc0335 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000013, do_smm_vmexit_ovr_enter_rip) U46b8: 0150917c0239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, do_smm_vmexit_ovr_enter_rip) 01e09c00 SEQW GOTO U609c ------------------------------------------------------------------------------------ U46b9: 04b40003be00 tmm3:= FMOV(tmm0) U46ba: 07c20003d038 tmm5:= unk_7c2(tmm0) U46bc: 06aa00039f7b tmm1:= unk_6aa(tmm3, tmm5) U46bd: 062f0003b03b tmm3:= unk_62f(tmm3) U46be: 062f00039039 tmm1:= unk_62f(tmm1) U46c0: 06370003def9 tmm5:= unk_637(tmm1, tmm3) U46c1: 072c0003403d tmp4:= PINTMOVDTMM2I_DSZ32(tmm5) U46c2: 00010003aeb4 tmp10:= OR_DSZ32(tmp4, tmp10) 01a28180 SEQW GOTO U2281 ------------------------------------------------------------------------------------ U46c4: 01420e036c40 tmp6:= UFLOWCTRL(MSLOOPCTR, tmp1) U46c5: 01358e1b0230 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x0000068e) U46c6: 108100033021 tmp3:= OR_DSZN(rcx) U46c8: 000c861b4200 tmp4:= SAVEUIP(0x00, U0686) U46c9: 01420a000c36 UFLOWCTRL(tmp6, URET0, tmp0) U46ca: 013e6613ef88 tmp14:= MOVEMERGEFLGS_DSZ32(0x00000466, tmp14) U46cc: 000c8e9b5200 tmp5:= SAVEUIP(0x01, U068e) U46cd: 01420f036e40 tmp6:= UFLOWCTRL(USTATE, tmp9) U46ce: 01345117e2fe tmp14:= CMOVCC_DSZ32_CONDZ(tmp14, 0x00006551) U46d0: 00a100032cb9 tmp2:= CONCAT_DSZ16(tmp9, tmp2) U46d1: 1080000379b9 tmp7:= ADD_DSZN(tmp9, rsi) U46d2: 01420b000fb6 UFLOWCTRL(tmp6, URET1, tmp14) U46d4: 002100032cb1 tmp2:= CONCAT_DSZ32(tmp1, tmp2) U46d5: 014310a38208 tmp8:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U46d6: 01505c100233 SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U045c) U46d8: 10a50003bcb9 tmp11:= SHR_DSZN(tmp9, tmp2) U46d9: 021e33000200 SIGEVENT(0x00000033) U46da: 000a02040200 TESTUSTATE(UCODE, 0x0102) 01e761c0 ? SEQW GOTO U6761 U46dc: 00631e03a200 LFNCEWAIT-> tmp10:= READURAM(0x001e, 64) U46dd: 1080000339f9 tmp3:= ADD_DSZN(tmp9, rdi) U46de: 0052601c02f7 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp7, U6760) U46e0: 1c0300638026 tmp8:= LEA_DSZN_ASZ32_SC1(rsi, mode=0x18) U46e1: 10850003b87b tmp11:= SUB_DSZN(tmp11, rcx) U46e2: 0052601c02f3 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp3, U6760) U46e4: 1c0300237027 tmp7:= LEA_DSZN_ASZ32_SC1(rdi, mode=0x08) U46e5: 108800039039 tmp9:= ZEROEXT_DSZ16N(tmp9) U46e6: 0151601c02fb UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U6760) U46e8: 10450003bdf8 tmp11:= SUB_DSZN(tmp8, tmp7) U46e9: 0cd400633026 tmp3:= unk_cd4(rsi) U46ea: 00aa00031031 tmp1:= unk_0aa(tmp1) U46ec: 00450103bec8 tmp11:= SUB_DSZ64(0x00000001, tmp11) U46ed: 0cd40023f027 tmp15:= unk_cd4(rdi) U46ee: 0052601c02f3 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp3, U6760) U46f0: 00450f03bec8 tmp11:= SUB_DSZ64(0x0000000f, tmp11) U46f1: 108500031031 tmp1:= SUB_DSZN(tmp1) U46f2: 0052601c02ff UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, U6760) U46f4: 0045b1033e50 tmp3:= SUB_DSZ64(0x0008000f, tmp9) U46f5: 10a404031231 tmp1:= SHL_DSZN(tmp1, 0x00000004) U46f6: 0052601c02fb UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp11, U6760) U46f8: 0153b81002f3 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp3, U64b8) 02c6fc48 SEQW URET0 ------------------------------------------------------------------------------------ U46f9: 100a10000200 LFNCEWAIT-> TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 02c6fc48 ? SEQW GOTO U46fc U46fa: 0d61081b3032 tmp3:= unk_d61(tmp2) U46fc: 0d61001b0032 tmp0:= unk_d61(tmp2) U46fd: 1e6b60000cb0 unk_e6b(tmp0, tmp2) U46fe: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01c70880 ? SEQW GOTO U4708 U4700: 086bfedc06b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000002b, U07fe) U4701: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01c70840 ? SEQW GOTO U4708 U4702: 3e6bc0000033 unk_e6b(tmp3) U4704: 002100038033 tmp8:= CONCAT_DSZ32(tmp3) U4705: 025d00038e38 tmp8:= TEST_DSZ64(tmp8, tmp8) U4706: 0150fe1c0238 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp8, U07fe) U4708: 2d61001b9032 tmp9:= unk_d61(tmp2) U4709: 004500038c39 tmp8:= SUB_DSZ64(tmp9, tmp0) U470a: 017e00039e39 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp8) U470c: 005529030230 tmp0:= BTS_DSZ64(tmp0, 0x00000029) U470d: 000707038c88 tmp8:= NOTAND_DSZ32(0x00000007, tmp2) U470e: 017500030c39 tmp0:= CMOVCC_DSZ64_CONDNZ(tmp9, tmp0) U4710: 2d68001b0038 unk_d68(tmp8, tmp0) U4711: 0151f91802b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U46f9) U4712: 015d00000f40 SYNCFULL-> UJMP(tmp13) ------------------------------------------------------------------------------------ U4714: 286b25a402b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, U1925) U4715: 286a2ae402b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000b, U192a) U4716: 0047ff3f2c88 tmp2:= NOTAND_DSZ64(0x00000fff, tmp2) U4718: 292925240c32 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp0, U1925) U4719: 292925240c73 CMPUJNZ_DIRECT_NOTTAKEN(tmp3, tmp1, U1925) U471a: 0048ff7f701f tmp7:= ZEROEXT_DSZ64(0xffffffffffffffff) U471c: 006414037237 tmp7:= SHL_DSZ64(tmp7, 0x00000014) U471d: 004400037df1 tmp7:= AND_DSZ64(tmp1, tmp7) U471e: 00621b172200 tmp2:= MOVEFROMCREG_DSZ64(0x51b) U4720: 004400032cb7 tmp2:= AND_DSZ64(tmp7, tmp2) U4721: 004400030c37 tmp0:= AND_DSZ64(tmp7, tmp0) U4722: 292825240cb0 CMPUJZ_DIRECT_NOTTAKEN(tmp0, tmp2, U1925) U4724: 00635c030200 tmp0:= READURAM(0x005c, 64) U4725: 286a25240330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U1925) U4726: 0008856f000a tmp0:= ZEROEXT_DSZ32(0x00005b85) U4728: 0e7d80070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000180, tmp0) U4729: 0e2500030034 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U472a: 292825240030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U1925) U472c: 1062800b0240 tmp0:= MOVEFROMCREG_DSZ64(0x280, 32) U472d: 286a25640330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U1925) U472e: 2d0b0c030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x0000000c) U4730: 1062080b1240 tmp1:= MOVEFROMCREG_DSZ64(0x208, 32) U4731: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U4732: 086a341d0230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U4734) 01c74180 SEQW GOTO U4741 ------------------------------------------------------------------------------------ U4734: 000d01800000 SAVEUIP_REGOVR(0x01, U4735, 0x0001) 01de4e00 SEQW GOTO U5e4e U4735: 000800000000 NOP U4736: 000800000000 NOP U4738: 00080b030008 tmp0:= ZEROEXT_DSZ32(0x0000000b) 01e0aa10 SEQW SAVEUIP0 U4739 SEQW GOTO U60aa U4739: 2d4ba043000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x000050a0) U473a: 2d4ba843100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x000050a8) U473c: 2d4f301f000a PORTOUT_DSZ64_ASZ16_SC1(0x00004730, tmp0) U473d: 2d4f381f100a PORTOUT_DSZ64_ASZ16_SC1(0x00004738, tmp1) U473e: 104205080270 MOVETOCREG_DSZ64(tmp0, 0x205, 32) U4740: 104206080271 MOVETOCREG_DSZ64(tmp1, 0x206, 32) U4741: 006323030200 tmp0:= READURAM(0x0023, 64) U4742: 004440030c08 tmp0:= AND_DSZ64(0x00000040, tmp0) U4744: 2d4f10030008 PORTOUT_DSZ64_ASZ16_SC1(0x00000010, tmp0) U4745: 000803030008 tmp0:= ZEROEXT_DSZ32(0x00000003) 01e0aa51 SEQW SAVEUIP0 U4746 SEQW GOTO U60aa U4746: 000433077dd0 tmp7:= AND_DSZ32(0x00ff0000, tmp7) U4748: 015125640237 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, U1925) U4749: 0008ae2fe009 tmp14:= ZEROEXT_DSZ32(0x00002bae) 01843440 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U474a: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U474c: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U474d: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U474e: 014310a36208 tmp6:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U4750: 189f00835144 LFNCEWAIT-> tmp5:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U4751: 100ac3040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST | UST_VMX_OP_DIS) 02666251 ? SEQW SAVEUIP0 U4752 ? SEQW GOTO U6662 U4752: 104100030001 tmp0:= OR_DSZN(r64dst) U4754: 004703032c08 tmp2:= NOTAND_DSZ64(0x00000003, tmp0) U4755: 01512e200232 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U082e) U4756: 086b2e200c3a BTUJNB_DIRECT_NOTTAKEN(tmp10, tmp0, U082e) U4758: 0cc600638035 tmp8:= unk_cc6(tmp5) U4759: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U475a: 076f00034038 mm4:= unk_76f(tmm0) U475c: 05ba01038e38 tmm0:= unk_5ba(tmm0, tmm0) U475d: 076f0003f038 tmm7:= unk_76f(tmm0) U475e: 203d00000000 MOVEINSERTFLGS_DSZ32(0x00000000) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U4760: 00050003b800 tmp11:= SUB_DSZ32(0x00000000, rax) U4761: 0fef02000000 LFNCEMARK-> LBSYNC(0x00000002) U4762: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 04ce8080 ? SEQW GOTO U4e80 U4764: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 03477600 ? SEQW GOTO U4776 U4765: 006311031200 tmp1:= READURAM(0x0011, 64) U4766: 0e6510072371 LFNCEWAIT-> tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000510, mode=0x01) U4768: 006520031232 tmp1:= SHR_DSZ64(tmp2, 0x00000020) U4769: 00161f03323b tmp3:= BTR_DSZ32(tmp11, 0x0000001f) U476a: 013e00032cf2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp3) U476c: 003700032c72 tmp2:= CMOVCC_DSZ32_CONDNB(tmp2, tmp1) U476d: 00251f031232 tmp1:= SHR_DSZ32(tmp2, 0x0000001f) U476e: 002401034cc8 tmp4:= SHL_DSZ32(0x00000001, tmp3) U4770: 000400034cb4 tmp4:= AND_DSZ32(tmp4, tmp2) U4771: 00071f032cc8 tmp2:= NOTAND_DSZ32(0x0000001f, tmp3) U4772: 013e00032cb1 tmp2:= MOVEMERGEFLGS_DSZ32(tmp1, tmp2) U4774: 013500032d32 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp2, tmp4) U4775: 2929903c0032 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, do_smm_vmexit) U4776: 006306030200 tmp0:= READURAM(0x0006, 64) U4778: 204371040230 WRITEURAM(tmp0, 0x0171, 64) U4779: 000000038021 tmp8:= ADD_DSZ32(rcx) U477a: 000502039e08 tmp9:= SUB_DSZ32(0x00000002, tmp8) U477c: 006335036200 tmp6:= READURAM(0x0035, 64) U477d: 006377037200 tmp7:= READURAM(0x0077, 64) U477e: 000800020000 rax:= ZEROEXT_DSZ32(0x00000000) U4780: 000800023000 rbx:= ZEROEXT_DSZ32(0x00000000) U4781: 000800021000 rcx:= ZEROEXT_DSZ32(0x00000000) U4782: 000800022000 rdx:= ZEROEXT_DSZ32(0x00000000) U4784: 00634103a200 tmp10:= READURAM(0x0041, 64) U4785: 00541603a23a tmp10:= BT_DSZ64(tmp10, 0x00000016) U4786: 013e15032e88 tmp2:= MOVEMERGEFLGS_DSZ32(0x00000015, tmp10) U4788: 003702032232 tmp2:= CMOVCC_DSZ32_CONDNB(tmp2, 0x00000002) U4789: 0250ce6c023b UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp11, U1bce) U478a: 000500030ef2 tmp0:= SUB_DSZ32(tmp2, tmp11) U478c: 013e00032c32 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp0) U478d: 01370003bef2 tmp11:= CMOVCC_DSZ32_CONDNBE(tmp2, tmp11) U478e: 00240303023b LFNCEMARK-> tmp0:= SHL_DSZ32(tmp11, 0x00000003) U4790: 000014131270 tmp1:= ADD_DSZ32(tmp0, 0x00002414) U4791: 015100000c70 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, tmp1) U4792: 000800020032 rax:= ZEROEXT_DSZ32(tmp2) U4794: 0008e0063010 rbx:= ZEROEXT_DSZ32(0x756e6547) U4795: 0008dd061010 rcx:= ZEROEXT_DSZ32(0x6c65746e) U4796: 0008d2062010 rdx:= ZEROEXT_DSZ32(0x49656e69) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U4798: 000800038000 tmp8:= ZEROEXT_DSZ32(0x00000000) U4799: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U479a: 100a1003f200 tmp15:= TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01c79d80 ? SEQW GOTO U479d U479c: 00080803f008 tmp15:= ZEROEXT_DSZ32(0x00000008) U479d: 00010203ffc8 tmp15:= OR_DSZ32(0x00000002, tmp15) U479e: 00210063f33f tmp15:= CONCAT_DSZ32(tmp15, 0x00009800) U47a0: 2042521c023f SYNCMARK-> MOVETOCREG_DSZ64(tmp15, 0x752) U47a1: 20421b00023f MOVETOCREG_DSZ64(tmp15, 0x01b) U47a2: 000ccc100200 SAVEUIP(0x00, U04cc) 0c013996 SEQW SAVEUIP1 U47a4 SEQW GOTO U0139 U47a4: 0009f7000000ROVR<-SYNCWAIT-> MOVE_DSZ32(0x00000000) 0a02c21c SEQW SAVEUIP1 U47a5 SEQW GOTO U02c2 U47a5: 096272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U47a6: 0062c31bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c3) U47a8: 2a62c3d802bf SYNCMARK-> MOVETOCREG_BTR_DSZ64(tmp15, 0x0000000b, 0x6c3) 0c025214 SEQW SAVEUIP1 U47a9 SEQW GOTO U0252 U47a9: 0e6d88077d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000088, mode=0x01, tmp7) U47aa: 0e2da0078d48 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, 0x000000a0, mode=0x01, tmp8) U47ac: 0062fe1f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U47ad: 238000032c80 tmp2:= READAFLAGS(tmp2) U47ae: 000700072c88 tmp2:= NOTAND_DSZ32(0x00000100, tmp2) U47b0: 000100032cb9 tmp2:= OR_DSZ32(tmp9, tmp2) U47b1: 0e6d80072d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000080, mode=0x01, tmp2) U47b2: 0c4b20332000 tmp2:= RDSEGFLD(FS, BASE) U47b4: 0e6da8072d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x000000a8, mode=0x01, tmp2) U47b5: 0c4b20372000 tmp2:= RDSEGFLD(GS, BASE) U47b6: 0e6db0072d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x000000b0, mode=0x01, tmp2) U47b8: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U47b9: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01c7bc40 ? SEQW GOTO U47bc U47ba: 000e0f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000f) U47bc: 104100032003 tmp2:= OR_DSZN(rdi) U47bd: 0e6d08872035 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, IMM_MACRO_ALIAS_MSLOOPCTR, mode=0x01, tmp2) U47be: 000800003000 rdi:= ZEROEXT_DSZ32(0x00000000) U47c0: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01c7bc00 SEQW GOTO U47bc ------------------------------------------------------------------------------------ U47c1: 0e651007bc48 tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, 0x00000010, mode=0x01) U47c2: 0e6d00040eca STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000200, mode=0x01, 0x00000000) U47c4: 0e6d08040eca STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000208, mode=0x01, 0x00000000) U47c5: 0e6d10040eca STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000210, mode=0x01, 0x00000000) U47c6: 00635b036200 tmp6:= READURAM(0x005b, 64) U47c8: 006538036236 tmp6:= SHR_DSZ64(tmp6, 0x00000038) U47c9: 0062c51f4200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U47ca: 005412034234 tmp4:= BT_DSZ64(tmp4, 0x00000012) U47cc: 003300036db4 tmp6:= SELECTCC_DSZ32_CONDNB(tmp4, tmp6) U47cd: 000103036d88 tmp6:= OR_DSZ32(0x00000003, tmp6) U47ce: 000800034036 SYNCWAIT-> tmp4:= ZEROEXT_DSZ32(tmp6) 0b4cd280 SEQW GOTO U4cd2 ------------------------------------------------------------------------------------ U47d0: 01420e036c40 tmp6:= UFLOWCTRL(MSLOOPCTR, tmp1) U47d1: 01358e1b0230 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x0000068e) U47d2: 108100033021 tmp3:= OR_DSZN(rcx) U47d4: 000c861b4200 tmp4:= SAVEUIP(0x00, U0686) U47d5: 01420a000c36 UFLOWCTRL(tmp6, URET0, tmp0) U47d6: 013e6613ef88 tmp14:= MOVEMERGEFLGS_DSZ32(0x00000466, tmp14) U47d8: 000c8e9b5200 tmp5:= SAVEUIP(0x01, U068e) U47d9: 01420f036e40 tmp6:= UFLOWCTRL(USTATE, tmp9) U47da: 0134aa0be2fe tmp14:= CMOVCC_DSZ32_CONDZ(tmp14, 0x000062aa) U47dc: 00a100032cb9 tmp2:= CONCAT_DSZ16(tmp9, tmp2) U47dd: 1080000379f9 tmp7:= ADD_DSZN(tmp9, rdi) U47de: 01420b000fb6 UFLOWCTRL(tmp6, URET1, tmp14) U47e0: 002100032cb1 tmp2:= CONCAT_DSZ32(tmp1, tmp2) U47e1: 014310a38208 tmp8:= AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U47e2: 01505d100233 SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U045d) U47e4: 10a50003bcb9 tmp11:= SHR_DSZN(tmp9, tmp2) U47e5: 021e37000200 SIGEVENT(0x00000037) U47e6: 000a02040200 TESTUSTATE(UCODE, 0x0102) 01e851c0 ? SEQW GOTO U6851 U47e8: 00631e03a200 LFNCEWAIT-> tmp10:= READURAM(0x001e, 64) U47e9: 10850003b87b tmp11:= SUB_DSZN(tmp11, rcx) U47ea: 0052502002f7 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp7, U6850) U47ec: 1c0300200027 LEA_DSZN_ASZ32_SC1(rdi, mode=0x08) U47ed: 108800039039 tmp9:= ZEROEXT_DSZ16N(tmp9) U47ee: 0cd40023f027 tmp15:= unk_cd4(rdi) U47f0: 0151502002fb UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp11, U6850) U47f1: 00aa00031031 tmp1:= unk_0aa(tmp1) U47f2: 0045b1033e50 tmp3:= SUB_DSZ64(0x0008000f, tmp9) U47f4: 0052502002ff UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, U6850) U47f5: 100100037020 tmp7:= OR_DSZN(rax) U47f6: 000843838008 tmp8:= ZEROEXT_DSZ32(IMM_MACRO_43) U47f8: 108500031031 tmp1:= SUB_DSZN(tmp1) U47f9: 00640003fe37 tmp15:= SHL_DSZ64(tmp7, tmp8) U47fa: 004100037dff tmp7:= OR_DSZ64(tmp15, tmp7) U47fc: 000000038e38 tmp8:= ADD_DSZ32(tmp8, tmp8) U47fd: 00640003fe37 tmp15:= SHL_DSZ64(tmp7, tmp8) U47fe: 004100037dff tmp7:= OR_DSZ64(tmp15, tmp7) U4800: 000000038e38 tmp8:= ADD_DSZ32(tmp8, tmp8) U4801: 00640003fe37 tmp15:= SHL_DSZ64(tmp7, tmp8) U4802: 004100037dff tmp7:= OR_DSZ64(tmp15, tmp7) U4804: 10a404031231 tmp1:= SHL_DSZN(tmp1, 0x00000004) U4805: 074700039037 tmm1:= unk_747(mm7) U4806: 05fa44039e79 tmm1:= SHUFPD(tmm1, tmm1) U4808: 0153041402f3 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp3, U6504) 04a16248 SEQW URET0 ------------------------------------------------------------------------------------ U4809: 2d4fd8035008 LFNCEMARK-> PORTOUT_DSZ64_ASZ16_SC1(0x000000d8, tmp5) 04a16248 SEQW GOTO U2162 ------------------------------------------------------------------------------------ U480a: 0c4b20338000 tmp8:= RDSEGFLD(FS, BASE) U480c: 0c6b24000038 WRSEGFLD(tmp8, UNK_SEG_04, BASE) U480d: 0c4ba0338000 tmp8:= RDSEGFLD(FS, SEL+FLGS+LIM) U480e: 0c6ba4000038 WRSEGFLD(tmp8, UNK_SEG_04, SEL+FLGS+LIM) U4810: 0c7b2c000034 WRSEGFLD(tmp4, FS, BASE) U4811: 0008f303800f tmp8:= ZEROEXT_DSZ32(0x0000e0f3) U4812: 002410038238 tmp8:= SHL_DSZ32(tmp8, 0x00000010) U4814: 0021ff7f8e1f tmp8:= CONCAT_DSZ32(0xffffffffffffffff, tmp8) U4815: 0c7bac000038 LFNCEMARK-> WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) U4816: 004220000008 MOVETOCREG_DSZ64(0x00000020, 0x000) U4818: 0fcc00338000 LFNCEWAIT-> tmp8:= unk_fcc(0x00000000) U4819: 0c4b20138000 tmp8:= RDSEGFLD(UNK_SEG_04, BASE) U481a: 0c7b2c000038 WRSEGFLD(tmp8, FS, BASE) U481c: 0c4ba0138000 tmp8:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U481d: 0c7bac000038 WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) U481e: 04b49183e200 tmm6:= FMOV(0x00000091) 01994880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U4820: 00093b030008 tmp0:= MOVE_DSZ32(0x0000003b) U4821: 192924080032 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U2224) U4822: 086b81390cb1 BTUJNB_DIRECT_NOTTAKEN(tmp1, tmp2, do_vmexit) U4824: 096272000300 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U4825: 0007ff07f848 tmp15:= NOTAND_DSZ32(0x000001ff, rcx) U4826: 0004ff072848 tmp2:= AND_DSZ32(0x000001ff, rcx) U4828: 0047ff3f1c48 tmp1:= NOTAND_DSZ64(0x00000fff, tmp1) U4829: 0151813802bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, do_vmexit) U482a: 0f6500031cb1 LFNCEMARK-> tmp1:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp1, tmp2) U482c: 006357039200 tmp9:= READURAM(0x0057, 64) U482d: 00637703f200 tmp15:= READURAM(0x0077, 64) U482e: 00141003f23f tmp15:= BT_DSZ32(tmp15, 0x00000010) U4830: 00324003f23f tmp15:= SELECTCC_DSZ32_CONDB(tmp15, 0x00000040) U4831: 00011e03ffc8 tmp15:= OR_DSZ32(0x0000001e, tmp15) U4832: 00470003efbf tmp14:= NOTAND_DSZ64(tmp15, tmp14) U4834: 00440003fc7e tmp15:= AND_DSZ64(tmp14, tmp1) U4835: 0151813802bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, do_vmexit) U4836: 00250103f231 tmp15:= SHR_DSZ32(tmp1, 0x00000001) U4838: 00060003fc7f tmp15:= XOR_DSZ32(tmp15, tmp1) U4839: 00040a03ffc8 tmp15:= AND_DSZ32(0x0000000a, tmp15) U483a: 086b81f90231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000003, do_vmexit) U483c: 0151813802bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, do_vmexit) U483d: 004738034c48 tmp4:= NOTAND_DSZ64(0x00000038, tmp1) U483e: 09621cd747f4 LFNCEWTMRK-> tmp4:= MOVETOCREG_BTS_DSZ64(tmp4, 0x0000003f, 0x51c) U4840: 0e6d00031e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000300, tmp1) U4841: 0ead9e032e4b STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x0000039e, tmp2) U4842: 00650b036231 tmp6:= SHR_DSZ64(tmp1, 0x0000000b) U4844: 000101036d88 tmp6:= OR_DSZ32(0x00000001, tmp6) U4845: 00637903f200 tmp15:= READURAM(0x0079, 64) U4846: 00475a0bffd0 tmp15:= NOTAND_DSZ64(0x1fffffff, tmp15) U4848: 004100036ff6 tmp6:= OR_DSZ64(tmp6, tmp15) U4849: 00634303f200 tmp15:= READURAM(0x0043, 64) U484a: 00542503f23f tmp15:= BT_DSZ64(tmp15, 0x00000025) U484c: 0073f6236dbf ROVR<- tmp6:= SELECTCC_DSZ64_CONDNB(tmp15, tmp6) 030000d8 SEQW SAVEUIP0 U484d U484d: 004379000236 WRITEURAM(tmp6, 0x0079, 64) U484e: 016300036d88 LFNCEWAIT-> tmp6:= unk_163(0x00000000, tmp6) U4850: 09a29d1c02b6 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp6, 0x00000008, 0x79d) 042cd910 SEQW SAVEUIP0 U4851 SEQW GOTO U2cd9 U4851: 013107033236 tmp3:= SELECTCC_DSZ32_CONDNZ(tmp6, 0x00000007) U4852: 000800000000 NOP U4854: 0dff00000038 LFNCEWAIT-> unk_dff(tmp8) U4855: 00423a18023f MOVETOCREG_DSZ64(tmp15, 0x63a) U4856: 09023e580233 MOVETOCREG_OR_DSZ64(tmp3, 0x00000001, 0x63e) U4858: 000cecdc0200 SAVEUIP(0x01, uend) 01a7ae00 SEQW GOTO U27ae ------------------------------------------------------------------------------------ U4859: 052bff03a03a tmp10:= unk_52b(tmp10) U485a: 04ec0403b039 tmm3:= unk_4ec(tmm1) U485c: 04c700039ef9 tmm1:= XORPD(tmm1, tmm3) U485d: 04ec0403b03b tmm3:= unk_4ec(tmm3) U485e: 04c700039ef9 tmm1:= XORPD(tmm1, tmm3) U4860: 04ec0403b03b tmm3:= unk_4ec(tmm3) U4861: 04c700039ef9 tmm1:= XORPD(tmm1, tmm3) U4862: 04c700039eb9 tmm1:= XORPD(tmm1, tmm2) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U4864: 1062230b0240 tmp0:= MOVEFROMCREG_DSZ64(0x223, 32) U4865: 000197030c08 tmp0:= OR_DSZ32(0x00000097, tmp0) U4866: 104223080270 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, 0x223, 32) U4868: 1042f1080240 MOVETOCREG_DSZ64(0x00000000, 0x2f1, 32) U4869: 1902f2880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2f2) U486a: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) 01a1a196 SEQW SAVEUIP1 U486c SEQW GOTO U21a1 U486c: 00430f080200 WRITEURAM(0x00000000, 0x000f, 32) U486d: 01506e2002bd LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp13, U486e) 04c88c40 SEQW GOTO U488c ------------------------------------------------------------------------------------ U486e: 000800000000 NOP U4870: 10629f0bf240 LFNCEMARK-> tmp15:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U4871: 000410037fc8 tmp7:= AND_DSZ32(0x00000010, tmp15) U4872: 002502020237 rax:= SHR_DSZ32(tmp7, 0x00000002) U4874: 00250703723f tmp7:= SHR_DSZ32(tmp15, 0x00000007) U4875: 000402037dc8 tmp7:= AND_DSZ32(0x00000002, tmp7) U4876: 000100020de0 rax:= OR_DSZ32(rax, tmp7) U4878: 1062c40b7240 tmp7:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U4879: 000700037ff7 tmp7:= NOTAND_DSZ32(tmp7, tmp15) U487a: 000401037dc8 tmp7:= AND_DSZ32(0x00000001, tmp7) U487c: 000100020837 rax:= OR_DSZ32(tmp7, rax) U487d: 00310203f23d tmp15:= SELECTCC_DSZ32_CONDNO(tmp13, 0x00000002) U487e: 1042d608027f LFNCEWAIT-> MOVETOCREG_DSZ64(tmp15, 0x2d6, 32) U4880: 00318003f23d tmp15:= SELECTCC_DSZ32_CONDNO(tmp13, 0x00000080) U4881: 3042d608027f MOVETOCREG_DSZ64(tmp15, 0x2d6, 32) U4882: 00638f03a200 tmp10:= READURAM(0x008f, 64) U4884: 0231e003f23d tmp15:= SELECTCC_DSZ32_CONDNS(tmp13, 0x000000e0) U4885: 0000000bf27f tmp15:= ADD_DSZ32(tmp15, 0x00002200) U4886: 304200000ffa MOVETOCREG_DSZ64(tmp10, tmp15) U4888: 02310203f23d tmp15:= SELECTCC_DSZ32_CONDNS(tmp13, 0x00000002) U4889: 3042d508027f LFNCEMARK-> MOVETOCREG_DSZ64(tmp15, 0x2d5, 32) U488a: 000800000000 NOP U488c: 20438f000200 LFNCEWAIT-> WRITEURAM(0x00000000, 0x008f, 64) U488d: 006370031200 tmp1:= READURAM(0x0070, 64) U488e: 3042c4080271 MOVETOCREG_DSZ64(tmp1, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U4890: 39a2da0803b1 MOVETOCREG_SHR_DSZ64(tmp1, 0x00000018, 0x2da) U4891: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U4892: 006208030200 tmp0:= MOVEFROMCREG_DSZ64(0x008) U4894: 000400030c0a tmp0:= AND_DSZ32(0x00004000, tmp0) U4895: 290208000c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x008) U4896: 00480003003e tmp0:= ZEROEXT_DSZ64(tmp14) U4898: 004d21d35280 tmp5:= unk_04d(IMM_MACRO_21) 01de0500 SEQW GOTO U5e05 ------------------------------------------------------------------------------------ U4899: 000800000000 NOP U489a: 000800000000 NOP U489c: 00480003e030 tmp14:= ZEROEXT_DSZ64(tmp0) 02841400 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U489d: 0a62019c02f0 LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000e, 0x701) U489e: 004211140231 MOVETOCREG_DSZ64(tmp1, 0x511) U48a0: 00621017a200 tmp10:= MOVEFROMCREG_DSZ64(0x510) U48a1: 286ac56d033a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U5bc5) U48a2: 00140503023a tmp0:= BT_DSZ32(tmp10, 0x00000005) U48a4: 013e2e030c08 tmp0:= MOVEMERGEFLGS_DSZ32(0x0000002e, tmp0) U48a5: 00368e030230 tmp0:= CMOVCC_DSZ32_CONDB(tmp0, 0x0000008e) U48a6: 021e123bfc09 tmp15:= SIGEVENT(0x00002e12, tmp0) 01879d80 SEQW GOTO U079d ------------------------------------------------------------------------------------ U48a8: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U48a9: 004904834008 tmp4:= MOVE_DSZ64(IMM_MACRO_ALIAS_RIP) U48aa: 100a080b9200 tmp9:= TESTUSTATE(SYS, UST_OP_SIZE_32BIT | 0x0200) 01d9f680 ? SEQW GOTO U59f6 U48ac: 000b08800224 UPDATEUSTATE(rsp, !0x20) U48ad: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01c8b140 ? SEQW GOTO U48b1 U48ae: 007d01034d08 tmp4:= MOVEINSERTFLGS_DSZ64(0x00000001, tmp4) U48b0: 000b08000200 UPDATEUSTATE(0x20) U48b1: 021e77000200 SIGEVENT(0x00000077) U48b2: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01ac0980 ? SEQW GOTO U2c09 U48b4: 0c800be32032 tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, IMM_MACRO_ALIAS_DATASIZE, mode=0x18) U48b5: 033a00038038 tmp8:= STC(tmp8) U48b6: 0d61001b0032 tmp0:= unk_d61(tmp2) U48b8: 0d61001f1032 tmp1:= unk_d61(tmp2) U48b9: 007700030c31 tmp0:= CMOVCC_DSZ64_CONDNB(tmp1, tmp0) U48ba: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01d89e80 ? SEQW GOTO U589e U48bc: 000a10800200 TESTUSTATE(UCODE, !0x0010) 02db8400 ? SEQW GOTO U5b84 U48bd: 3e6b0903bcb0 LFNCEWAIT-> tmp11:= unk_e6b(tmp0, tmp2) U48be: 00428e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x78e) U48c0: 09a2f51f16b0 LFNCEMARK-> tmp1:= MOVETOCREG_SHR_DSZ64(tmp0, 0x00000028, 0x7f5) U48c1: 0050551002fb UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, U6455) U48c2: 000a20800200 TESTUSTATE(UCODE, !0x0020) 0462fe80 ? SEQW GOTO U62fe U48c4: 000501031008 tmp1:= SUB_DSZ32(0x00000001) U48c5: 004210100231 MOVETOCREG_DSZ64(tmp1, 0x410) U48c6: 0042001c0200 MOVETOCREG_DSZ64(0x00000000, 0x700) U48c8: 0005ff7f1c0f tmp1:= SUB_DSZ32(0x0000ffff, tmp0) U48c9: 0151551002f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U6455) U48ca: 006520031230 tmp1:= SHR_DSZ64(tmp0, 0x00000020) U48cc: 002d08031231 LFNCEMARK-> tmp1:= ROR_DSZ32(tmp1, 0x00000008) U48cd: 0004003f1c5f tmp1:= AND_DSZ32(0xffffffffffffef00, tmp1) U48ce: 0005003f1c4e tmp1:= SUB_DSZ32(0x0000cf00, tmp1) U48d0: 0151551002f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U6455) U48d1: 00623c1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x73c) U48d2: 186b559102f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000e, U6455) U48d4: 000a04000200 TESTUSTATE(UCODE, 0x0004) 0348d900 ? SEQW GOTO U48d9 U48d5: 0c4b800b1000 tmp1:= RDSEGFLD(CS, SEL) U48d6: 1f28fbab1024 LFNCEWAIT-> STADPPHYS_DSZN_ASZ32_SC1(rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U48d8: 1f28f3ab4024 STADPPHYS_DSZN_ASZ32_SC1(rsp, IMM_MACRO_f3, mode=0x0a, tmp4) U48d9: 000000024939 rsp:= ADD_DSZ32(tmp9, rsp) U48da: 021500000cc0 LFNCEWAIT-> FETCHFROMEIP1_ASZ32(tmp3) U48dc: 0c4ba0270000 tmp0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U48dd: 0c7ba2000030 WRSEGFLD(tmp0, CS, SEL+FLGS+LIM) U48de: 0c4b20270000 tmp0:= RDSEGFLD(UNK_SEG_09, BASE) U48e0: 0c7b22000030 WRSEGFLD(tmp0, CS, BASE) U48e1: 001e00000cc0 MJMPTARGET_INDIRECT_ASZ32(tmp3) 01c8e8b1 SEQW UEND0 ------------------------------------------------------------------------------------ U48e2: 100a80032200 tmp2:= TESTUSTATE(SYS, UST_VMX_GUEST) 01c8e8b1 ? SEQW GOTO U48e8 U48e4: 006342030200 tmp0:= READURAM(0x0042, 64) U48e5: 00141f030230 tmp0:= BT_DSZ32(tmp0, 0x0000001f) U48e6: 003302032230 tmp2:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000002) U48e8: 1062d40b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d4, 32) U48e9: 001403030230 tmp0:= BT_DSZ32(tmp0, 0x00000003) U48ea: 003300032cb0 tmp2:= SELECTCC_DSZ32_CONDNB(tmp0, tmp2) U48ec: 000101032c88 tmp2:= OR_DSZ32(0x00000001, tmp2) U48ed: 104700032872 tmp2:= NOTAND_DSZN(tmp2, rcx) U48ee: 0151517c0232 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U1f51) U48f0: 000402035848 tmp5:= AND_DSZ32(0x00000002, rcx) U48f1: 0007f0032220 tmp2:= NOTAND_DSZ32(rax, 0x000000f0) U48f2: 015072040232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U0172) U48f4: 000401033848 LFNCEMARK-> tmp3:= AND_DSZ32(0x00000001, rcx) U48f5: 000100030020 tmp0:= OR_DSZ32(rax) U48f6: 00635c032200 tmp2:= READURAM(0x005c, 64) U48f8: 001419032232 tmp2:= BT_DSZ32(tmp2, 0x00000019) U48f9: 003200032c32 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, tmp0) U48fa: 0004f0032c88 tmp2:= AND_DSZ32(0x000000f0, tmp2) U48fc: 000520032c88 tmp2:= SUB_DSZ32(0x00000020, tmp2) U48fd: 0052082402b2 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, U4908) U48fe: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U4900: 00085f032008 tmp2:= ZEROEXT_DSZ32(0x0000005f) U4901: 004200000c80 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp2, 0x00000000) U4902: 016001832232 tmp2:= SUBR_DSZ64(tmp2, IMM_MACRO_01) U4904: 004200000c80 MOVETOCREG_DSZ64(tmp2, 0x00000000) U4905: 016001032232 tmp2:= SUBR_DSZ64(tmp2, 0x00000001) 01c90140 SEQW GOTO U4901 ------------------------------------------------------------------------------------ U4906: 004209000200 MOVETOCREG_DSZ64(0x00000000, 0x009) U4908: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U4909: 23800003ae80 tmp10:= READAFLAGS(tmp10) U490a: 00250903223a tmp2:= SHR_DSZ32(tmp10, 0x00000009) U490c: 000100032cf2 tmp2:= OR_DSZ32(tmp2, tmp3) U490d: 00621d034200 tmp4:= MOVEFROMCREG_DSZ64(0x01d) U490e: 002501034234 tmp4:= SHR_DSZ32(tmp4, 0x00000001) U4910: 000400032d32 tmp2:= AND_DSZ32(tmp2, tmp4) U4911: 000700031c72 tmp1:= NOTAND_DSZ32(tmp2, tmp1) U4912: 015072040231 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U0172) U4914: 00010003c000 tmp12:= OR_DSZ32(0x00000000) U4915: 00ed04030230 tmp0:= ROR_DSZ8(tmp0, 0x00000004) U4916: 00c001030230 tmp0:= ADD_DSZ8(tmp0, 0x00000001) U4918: 002408034230 tmp4:= SHL_DSZ32(tmp0, 0x00000008) U4919: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U491a: 000502032c08 tmp2:= SUB_DSZ32(0x00000002, tmp0) U491c: 0352282402b2 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDLE(tmp2, U4928) U491d: 2d0bc8031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000000c8) U491e: 002510031231 tmp1:= SHR_DSZ32(tmp1, 0x00000010) U4920: 000407031c48 tmp1:= AND_DSZ32(0x00000007, tmp1) U4921: 000500038c31 tmp8:= SUB_DSZ32(tmp1, tmp0) U4922: 013e00031e31 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp8) U4924: 013700030c31 tmp0:= CMOVCC_DSZ32_CONDNBE(tmp1, tmp0) U4925: 000407030c08 tmp0:= AND_DSZ32(0x00000007, tmp0) U4926: 000502032c08 tmp2:= SUB_DSZ32(0x00000002, tmp0) U4928: 013e01032c88 tmp2:= MOVEMERGEFLGS_DSZ32(0x00000001, tmp2) U4929: 013400030c32 tmp0:= CMOVCC_DSZ32_CONDZ(tmp2, tmp0) U492a: 00014703bd10 tmp11:= OR_DSZ32(0x00010000, tmp4) U492c: 00010003bef0 tmp11:= OR_DSZ32(tmp0, tmp11) U492d: 00430f08023b LFNCEWAIT-> WRITEURAM(tmp11, 0x000f, 32) U492e: 000000032c30 tmp2:= ADD_DSZ32(tmp0, tmp0) U4930: 000100032cf2 tmp2:= OR_DSZ32(tmp2, tmp3) U4931: 000120032c88 tmp2:= OR_DSZ32(0x00000020, tmp2) U4932: 00a100032032 tmp2:= CONCAT_DSZ16(tmp2) U4934: 004307080232 WRITEURAM(tmp2, 0x0007, 32) U4935: 000800000000 NOP U4936: 000a00c00240 TESTUSTATE(UCODE, !0x3000) 01af05c0 ? SEQW GOTO U2f05 U4938: 000501031c08 tmp1:= SUB_DSZ32(0x00000001, tmp0) U4939: 002402034231 tmp4:= SHL_DSZ32(tmp1, 0x00000002) U493a: 000063034d08 tmp4:= ADD_DSZ32(0x00000063, tmp4) U493c: 021e00000d00 SIGEVENT(tmp4) U493d: 000707031231 tmp1:= NOTAND_DSZ32(tmp1, 0x00000007) U493e: 2902c5180c7c SYNCMARK-> MOVETOCREG_OR_DSZ64(tmp12, tmp1, 0x6c5) U4940: 002406034233 tmp4:= SHL_DSZ32(tmp3, 0x00000006) U4941: 204207000234 MOVETOCREG_DSZ64(tmp4, 0x007) U4942: 000813079010 tmp9:= ZEROEXT_DSZ32(0x00700084) U4944: 002100039239 tmp9:= CONCAT_DSZ32(tmp9, 0x00000000) U4945: 000910037008 tmp7:= MOVE_DSZ32(0x00000010) U4946: 000808038008 tmp8:= ZEROEXT_DSZ32(0x00000008) U4948: 200a01836200 tmp6:= TESTUSTATE(VMX, !0x0001) 01c94e00 ? SEQW GOTO U494e U4949: 00250903223a tmp2:= SHR_DSZ32(tmp10, 0x00000009) U494a: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U494c: 000701032232 tmp2:= NOTAND_DSZ32(tmp2, 0x00000001) U494d: 004100039e72 tmp9:= OR_DSZ64(tmp2, tmp9) U494e: 0151502402b5 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U4950) 05498c80 SEQW GOTO U498c ------------------------------------------------------------------------------------ U4950: 096272400280 MOVETOCREG_BTS_DSZ64(0x00000009, 0x072) U4951: 0021000358e2 tmp5:= CONCAT_DSZ32(rdx, rbx) U4952: 09288c250035 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U498c) U4954: 0fef01000000 LBSYNC(0x00000001) U4955: 0fef01000000 LBSYNC(0x00000001) 01df7a55 SEQW SAVEUIP1 U4956 SEQW GOTO U5f7a U4956: 1062b20bc240 tmp12:= MOVEFROMCREG_DSZ64(0x2b2, 32) U4958: 000447035f10 tmp5:= AND_DSZ32(0x00010000, tmp12) U4959: 1062c40b4240 tmp4:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U495a: 000100034d39 tmp4:= OR_DSZ32(tmp9, tmp4) U495c: 000401034d08 tmp4:= AND_DSZ32(0x00000001, tmp4) U495d: 000100035d35 tmp5:= OR_DSZ32(tmp5, tmp4) U495e: 0004f003cf08 tmp12:= AND_DSZ32(0x000000f0, tmp12) U4960: 10628a0b4240 tmp4:= MOVEFROMCREG_DSZ64(0x28a, 32) U4961: 0004f0034d08 tmp4:= AND_DSZ32(0x000000f0, tmp4) U4962: 000500034f34 tmp4:= SUB_DSZ32(tmp4, tmp12) U4964: 013301034234 tmp4:= SELECTCC_DSZ32_CONDNBE(tmp4, 0x00000001) U4965: 000100035d74 tmp5:= OR_DSZ32(tmp4, tmp5) U4966: 1962d5880240 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000006, 0x2d5) U4968: 3062d40b4240 tmp4:= MOVEFROMCREG_DSZ64(0x2d4, 32) U4969: 086b6a250274 BTUJNB_DIRECT_NOTTAKEN(tmp4, 0x00000004, U496a) 01c96840 SEQW GOTO U4968 ------------------------------------------------------------------------------------ U496a: 1062d90bc240 tmp12:= MOVEFROMCREG_DSZ64(0x2d9, 32) U496c: 00040403dd08 tmp13:= AND_DSZ32(0x00000004, tmp4) U496d: 000704034234 tmp4:= NOTAND_DSZ32(tmp4, 0x00000004) U496e: 000100035d74 tmp5:= OR_DSZ32(tmp4, tmp5) U4970: 004500034f33 tmp4:= SUB_DSZ64(tmp3, tmp12) U4971: 013201034234 tmp4:= SELECTCC_DSZ32_CONDBE(tmp4, 0x00000001) U4972: 000100034d74 tmp4:= OR_DSZ32(tmp4, tmp5) U4974: 0151752402b4 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U4975) 04498c00 SEQW GOTO U498c ------------------------------------------------------------------------------------ U4975: 1962d6480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2d6) U4976: 000800000000 NOP U4978: 3902d6880200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000002, 0x2d6) U4979: 000800000000 NOP U497a: 000800000000 NOP U497c: 1062d40b4240 LFNCEWAIT-> tmp4:= MOVEFROMCREG_DSZ64(0x2d4, 32) U497d: 000774034434 tmp4:= NOTAND_DSZ32(tmp4, 0x00020000) U497e: 000100034d74 tmp4:= OR_DSZ32(tmp4, tmp5) U4980: 0151812402b4 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U4981) 04498c00 SEQW GOTO U498c ------------------------------------------------------------------------------------ U4981: 00240803423d tmp4:= SHL_DSZ32(tmp13, 0x00000008) U4982: 096272c002b4 MOVETOCREG_BTS_DSZ64(tmp4, 0x0000000b, 0x072) U4984: 00480003603c tmp6:= ZEROEXT_DSZ64(tmp12) U4985: 1042e0080273 MOVETOCREG_DSZ64(tmp3, 0x2e0, 32) U4986: 000882034008 tmp4:= ZEROEXT_DSZ32(0x00000082) U4988: 3042d5080274 LFNCEMARK-> MOVETOCREG_DSZ64(tmp4, 0x2d5, 32) U4989: 000800000000 NOP U498a: 000800000000 NOP U498c: 00438f000236 LFNCEWAIT-> WRITEURAM(tmp6, 0x008f, 64) U498d: 1822f1c8027b MOVETOCREG_AND_DSZ64(tmp11, 0x00000007, 0x2f1) 02669d55 SEQW SAVEUIP1 U498e SEQW GOTO U669d U498e: 000800000000 NOP U4990: 000a0c000200 SYNCWAIT-> TESTUSTATE(UCODE, 0x000c) 0a77d600 ? SEQW GOTO U77d6 U4991: 000800000000 NOP U4992: 000800000000 NOP U4994: 000ccd280240 SAVEUIP(0x00, U2acd) 01b04800 SEQW GOTO U3048 ------------------------------------------------------------------------------------ U4995: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U4996: 19629d080231 MOVETOCREG_BTS_DSZ64(tmp1, 0x29d) U4998: 10480003e034 tmp14:= ZEROEXT_DSZ64N(tmp4) U4999: 0e250803003e tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000008) U499a: 186b3d3d0030 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U6f3d) U499c: 00635c030200 tmp0:= READURAM(0x005c, 64) U499d: 00080503b008 tmp11:= ZEROEXT_DSZ32(0x00000005) U499e: 186adc1c0330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U27dc) 01e8ad80 SEQW GOTO U68ad ------------------------------------------------------------------------------------ U49a0: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01c9a600 ? SEQW GOTO U49a6 U49a1: 00633a031200 tmp1:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U49a2: 00635d032200 tmp2:= READURAM(0x005d, 64) U49a4: 00635e033200 tmp3:= READURAM(0x005e, 64) U49a5: 006352034200 tmp4:= READURAM(0x0052, 64) U49a6: 000e8f000200 WRMSLOOPCTRFBR(0x0000008f) U49a8: 004308800200 LFNCEWAIT-> WRITEURAM(0x00000000, 0x0008, 64) U49a9: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0249a840 ? SEQW GOTO U49a8 U49aa: 000800000000 NOP U49ac: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01c3e400 ? SEQW GOTO U43e4 U49ad: 000800000000 NOP U49ae: 2d0be823600a tmp6:= PORTIN_DSZ32_ASZ16_SC1(0x000048e8) U49b0: 10621d0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x21d, 32) U49b1: 001408030230 tmp0:= BT_DSZ32(tmp0, 0x00000008) U49b2: 003303030230 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000003) U49b4: 002500030c36 tmp0:= SHR_DSZ32(tmp6, tmp0) U49b5: 000407030c08 tmp0:= AND_DSZ32(0x00000007, tmp0) U49b6: 0929cce50230 LFNCEMARK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000003, U49cc) U49b8: 000820030008 tmp0:= ZEROEXT_DSZ32(0x00000020) U49b9: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U49ba: 004200000c00 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, 0x00000000) U49bc: 000001030c08 tmp0:= ADD_DSZ32(0x00000001, tmp0) U49bd: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01c9ba40 ? SEQW GOTO U49ba U49be: 000800000000 NOP U49c0: 004209000200 MOVETOCREG_DSZ64(0x00000000, 0x009) 01df3214 SEQW SAVEUIP1 U49c1 SEQW GOTO U5f32 U49c1: 00480003103a tmp1:= ZEROEXT_DSZ64(tmp10) U49c2: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U49c4: 000800033000 tmp3:= ZEROEXT_DSZ32(0x00000000) U49c5: 000800034000 tmp4:= ZEROEXT_DSZ32(0x00000000) U49c6: 004209180200 MOVETOCREG_DSZ64(0x00000000, 0x609) U49c8: 00420a180200 MOVETOCREG_DSZ64(0x00000000, 0x60a) U49c9: 00420d040200 MOVETOCREG_DSZ64(0x00000000, 0x10d) U49ca: 00420e040200 MOVETOCREG_DSZ64(0x00000000, 0x10e) U49cc: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01c9da00 ? SEQW GOTO U49da U49cd: 001606030236 tmp0:= BTR_DSZ32(tmp6, 0x00000006) U49ce: 0004c0070c08 tmp0:= AND_DSZ32(0x000001c0, tmp0) U49d0: 000580030c08 tmp0:= SUB_DSZ32(0x00000080, tmp0) U49d1: 0151da2402b0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U49da) U49d2: 000800000000 NOP U49d4: 1042820f0240 LFNCEWAIT-> tmp0:= MOVETOCREG_DSZ64(0x00000000, 0x382, 32) U49d5: 1042810c0270 MOVETOCREG_DSZ64(tmp0, 0x381, 32) U49d6: 1042860f0240 tmp0:= MOVETOCREG_DSZ64(0x00000000, 0x386, 32) U49d8: 1962854c0770 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000035, 0x385) U49d9: 1042870c0240 MOVETOCREG_DSZ64(0x00000000, 0x387, 32) U49da: 20433a000231 WRITEURAM(tmp1, FSCP_CR_IA32_FEATURE_CTL, 64) U49dc: 20435d000232 WRITEURAM(tmp2, 0x005d, 64) U49dd: 20435e000233 WRITEURAM(tmp3, 0x005e, 64) U49de: 204352000234 WRITEURAM(tmp4, 0x0052, 64) 01e1b180 SEQW GOTO U61b1 ------------------------------------------------------------------------------------ U49e0: 00040a039ec8 tmp9:= AND_DSZ32(0x0000000a, tmp11) U49e1: 015035400239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U1035) U49e2: 001611037237 tmp7:= BTR_DSZ32(tmp7, 0x00000011) U49e4: 00250e03423b tmp4:= SHR_DSZ32(tmp11, 0x0000000e) U49e5: 000403034d08 tmp4:= AND_DSZ32(0x00000003, tmp4) U49e6: 000400439ec8 tmp9:= AND_DSZ32(0x00001000, tmp11) U49e8: 013e00034e74 tmp4:= MOVEMERGEFLGS_DSZ32(tmp4, tmp9) U49e9: 002405039239 tmp9:= SHL_DSZ32(tmp9, 0x00000005) U49ea: 000100037df9 tmp7:= OR_DSZ32(tmp9, tmp7) U49ec: 0c4ba02b9000 tmp9:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U49ed: 006d15039239 tmp9:= ROR_DSZ64(tmp9, 0x00000015) U49ee: 004703039e48 tmp9:= NOTAND_DSZ64(0x00000003, tmp9) U49f0: 004100039e74 tmp9:= OR_DSZ64(tmp4, tmp9) U49f1: 006c15039239 tmp9:= ROL_DSZ64(tmp9, 0x00000015) U49f2: 0c7baa000039 LFNCEMARK-> WRSEGFLD(tmp9, SS_USERM, SEL+FLGS+LIM) U49f4: 086bf8a5023b LFNCEWAIT-> BTUJNB_DIRECT_NOTTAKEN(tmp11, 0x00000002, U49f8) U49f5: 006343039200 tmp9:= READURAM(0x0043, 64) U49f6: 086a00e90679 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000027, U4a00) U49f8: 086a0069023b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000001, U4a00) U49f9: 0151002802b4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U4a00) U49fa: 0c4b802b9000 LFNCEMARK-> tmp9:= RDSEGFLD(SS_USERM, SEL) U49fc: 000703039e48 tmp9:= NOTAND_DSZ32(0x00000003, tmp9) U49fd: 000100039e74 tmp9:= OR_DSZ32(tmp4, tmp9) U49fe: 0c6bca000039 LFNCEWAIT-> WRSEGFLD(tmp9, SS_USERM, UNK_FLD_0c) U4a00: 002146039010 tmp9:= CONCAT_DSZ32(0x0000ffff) U4a01: 004400039e7b tmp9:= AND_DSZ64(tmp11, tmp9) U4a02: 00042003aec8 tmp10:= AND_DSZ32(0x00000020, tmp11) U4a04: 00240303a23a tmp10:= SHL_DSZ32(tmp10, 0x00000003) U4a05: 004100039eb9 tmp9:= OR_DSZ64(tmp9, tmp10) U4a06: 20431f000239 SYNCFULL-> WRITEURAM(tmp9, 0x001f, 64) U4a08: 09a21d0002bb MOVETOCREG_SHR_DSZ64(tmp11, 0x00000008, 0x01d) U4a09: 00140203d23b tmp13:= BT_DSZ32(tmp11, 0x00000002) U4a0a: 013e346fdf4a tmp13:= MOVEMERGEFLGS_DSZ32(0x00005b34, tmp13) U4a0c: 0037ca77d2bd tmp13:= CMOVCC_DSZ32_CONDNB(tmp13, 0x00005dca) U4a0d: 01420a000f40 SYNCMARK-> UFLOWCTRL(URET0, tmp13) U4a0e: 000a10800200 TESTUSTATE(UCODE, !0x0010) 0c901680 ? SEQW GOTO U1016 U4a10: 0021ef079010 tmp9:= CONCAT_DSZ32(0x7ffffc00) U4a11: 006389038200 tmp8:= READURAM(0x0089, 64) U4a12: 004400038e39 tmp8:= AND_DSZ64(tmp9, tmp8) U4a14: 20631403a200 LFNCEMARK-> tmp10:= READURAM(0x0014, 64) U4a15: 000800000000 NOP U4a16: 000800000000 NOP U4a18: 00470003aeb9 LFNCEWAIT-> tmp10:= NOTAND_DSZ64(tmp9, tmp10) U4a19: 000800000000 NOP U4a1a: 000800000000 NOP U4a1c: 0041982b8e3aROVR<-SYNCWTMRK-> tmp8:= OR_DSZ64(tmp10, tmp8) 0e1c9a1c SEQW SAVEUIP1 U4a1d SEQW GOTO U1c9a U4a1d: 000800000000 NOP U4a1e: 000800000000 NOP U4a20: 000c22c00200 SYNCWTMRK-> SAVEUIP(0x01, U1022) 0e595a00 SEQW GOTO U595a ------------------------------------------------------------------------------------ U4a21: 00420e000236 MOVETOCREG_DSZ64(tmp6, 0x00e) U4a22: 002510031237 tmp1:= SHR_DSZ32(tmp7, 0x00000010) U4a24: 00000b832008 tmp2:= ADD_DSZ32(IMM_MACRO_ALIAS_DATASIZE) U4a25: 00c402033c88 tmp3:= AND_DSZ8(0x00000002, tmp2) U4a26: 013100031c73 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp3, tmp1) U4a28: 00420f000231 MOVETOCREG_DSZ64(tmp1, 0x00f) U4a29: 00420a000238 MOVETOCREG_DSZ64(tmp8, 0x00a) U4a2a: 00420d000200 MOVETOCREG_DSZ64(0x00000000, 0x00d) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U4a2c: 0062fe1fa200 LFNCEMARK-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U4a2d: 2a62fe1c033a MOVETOCREG_BTR_DSZ64(tmp10, 0x00000010, CORE_CR_EFLAGS) U4a2e: 00620f039200 tmp9:= MOVEFROMCREG_DSZ64(0x00f) U4a30: 00043f1f3e48 tmp3:= AND_DSZ32(0x0000073f, tmp9) U4a31: 00c040032e48 tmp2:= ADD_DSZ8(0x00000040, tmp9) U4a32: 003340032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000040) U4a34: 000100039cf2 tmp9:= OR_DSZ32(tmp2, tmp3) U4a35: 001405035239 tmp5:= BT_DSZ32(tmp9, 0x00000005) U4a36: 00330d035235 tmp5:= SELECTCC_DSZ32_CONDNB(tmp5, 0x0000000d) U4a38: 000108035d48 tmp5:= OR_DSZ32(0x00000008, tmp5) U4a39: 00640b035235 tmp5:= SHL_DSZ64(tmp5, 0x0000000b) U4a3a: 0004001b3e48 tmp3:= AND_DSZ32(0x00000600, tmp9) U4a3c: 0006001b2cc8 tmp2:= XOR_DSZ32(0x00000600, tmp3) U4a3d: 013e02032c88 tmp2:= MOVEMERGEFLGS_DSZ32(0x00000002, tmp2) U4a3e: 013400034232 tmp4:= CMOVCC_DSZ32_CONDZ(tmp2, 0x00000000) U4a40: 000600131cc8 tmp1:= XOR_DSZ32(0x00000400, tmp3) U4a41: 013e01031c48 tmp1:= MOVEMERGEFLGS_DSZ32(0x00000001, tmp1) U4a42: 013400034d31 tmp4:= CMOVCC_DSZ32_CONDZ(tmp1, tmp4) U4a44: 006423034234 tmp4:= SHL_DSZ64(tmp4, 0x00000023) U4a45: 004100035d74 tmp5:= OR_DSZ64(tmp4, tmp5) U4a46: 000407032e48 tmp2:= AND_DSZ32(0x00000007, tmp9) U4a48: 00640303a232 tmp10:= SHL_DSZ64(tmp2, 0x00000003) U4a49: 00641c032232 tmp2:= SHL_DSZ64(tmp2, 0x0000001c) U4a4a: 004100032cba LFNCEWAIT-> tmp2:= OR_DSZ64(tmp10, tmp2) U4a4c: 0902521c0d72 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp2, tmp5, 0x752) U4a4d: 073a0003c000 tmm4:= unk_73a(0x00000000) U4a4e: 07040003d039 tmm5:= unk_704(tmm1) U4a50: 06600103e03d tmm6:= unk_660(tmm5) U4a51: 072c0003603e tmp6:= PINTMOVDTMM2I_DSZ32(tmm6) U4a52: 003d00036db6 tmp6:= MOVEINSERTFLGS_DSZ32(tmp6, tmp6) U4a54: 29a2c5980276 MOVETOCREG_SHR_DSZ64(tmp6, 0x00000006, 0x6c5) U4a55: 006286130200 tmp0:= MOVEFROMCREG_DSZ64(0x486) U4a56: 008439634dc8 tmp4:= AND_DSZ16(0x00001839, tmp7) U4a58: 008420031c08 tmp1:= AND_DSZ16(0x00000020, tmp0) U4a59: 008520032d08 tmp2:= SUB_DSZ16(0x00000020, tmp4) U4a5a: 008100032cb1 tmp2:= OR_DSZ16(tmp1, tmp2) U4a5c: 01504c140232 SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U054c) U4a5d: 06201303b03d tmm3:= unk_620(tmm5) U4a5e: 072c0003303b tmp3:= PINTMOVDTMM2I_DSZ32(tmm3) U4a60: 00250303a237 tmp10:= SHR_DSZ32(tmp7, 0x00000003) U4a61: 0004000fae88 tmp10:= AND_DSZ32(0x00000300, tmp10) U4a62: 002403034237 tmp4:= SHL_DSZ32(tmp7, 0x00000003) U4a64: 0004c0034d08 tmp4:= AND_DSZ32(0x000000c0, tmp4) U4a65: 003dc003b237 tmp11:= MOVEINSERTFLGS_DSZ32(tmp7, 0x000000c0) U4a66: 00b600034d3b tmp4:= CMOVCC_DSZ16_CONDB(tmp11, tmp4) U4a68: 01420b000cc0 SYNCWTMRK-> UFLOWCTRL(URET1, tmp3) U4a69: 000100333e88 tmp3:= OR_DSZ32(0x00000c00, tmp10) U4a6a: 000100037cf4 tmp7:= OR_DSZ32(tmp4, tmp3) U4a6c: 000800000000 NOP U4a6d: 000800000000 NOP U4a6e: 000cb5640240 SYNCWAIT-> SAVEUIP(0x00, U39b5) 0b0000ce SEQW URET1 ------------------------------------------------------------------------------------ U4a70: 000d01800000 SAVEUIP_REGOVR(0x01, U4a71, 0x0001) 018ba900 SEQW GOTO U0ba9 U4a71: 0e2d1c031020 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(rax, 0x0000001c, tmp1) U4a72: 006320031200 tmp1:= READURAM(0x0020, 64) U4a74: 0004fe7f1c4b tmp1:= AND_DSZ32(0x00007ffe, tmp1) U4a75: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U4a76: 0e2500032020 LFNCEWAIT-> tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(rax) U4a78: 022400034c72 tmp4:= unk_224(tmp2, tmp1) U4a79: 000000034834 tmp4:= ADD_DSZ32(tmp4, rax) U4a7a: 000020034d08 tmp4:= ADD_DSZ32(0x00000020, tmp4) U4a7c: 2e7d007b400d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be00, tmp4) U4a7d: 2e7d807b400d STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be80, tmp4) U4a7e: 0e2508035020 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(rax, 0x00000008) U4a80: 022400035d72 tmp5:= unk_224(tmp2, tmp5) U4a81: 000000035835 tmp5:= ADD_DSZ32(tmp5, rax) U4a82: 000020035d48 tmp5:= ADD_DSZ32(0x00000020, tmp5) U4a84: 2d0fcc43500a PORTOUT_DSZ32_ASZ16_SC1(0x000050cc, tmp5) U4a85: 000810037009 tmp7:= ZEROEXT_DSZ32(0x00002010) U4a86: 00151f037237 tmp7:= BTS_DSZ32(tmp7, 0x0000001f) U4a88: 0d0b04031037 tmp1:= PORTIN_DSZ32_ASZ16_SC1(tmp7) U4a89: 0d0b00037037 tmp7:= PORTIN_DSZ32_ASZ16_SC1(tmp7) U4a8a: 002100037df1 tmp7:= CONCAT_DSZ32(tmp1, tmp7) U4a8c: 006514037237 tmp7:= SHR_DSZ64(tmp7, 0x00000014) U4a8d: 00640c037237 tmp7:= SHL_DSZ64(tmp7, 0x0000000c) U4a8e: 2d0fc043700a PORTOUT_DSZ32_ASZ16_SC1(0x000050c0, tmp7) U4a90: 000d05800000 SAVEUIP_REGOVR(0x01, U4a91, 0x0005) 0182ba00 SEQW GOTO U02ba U4a91: 2d0bc843400a tmp4:= PORTIN_DSZ32_ASZ16_SC1(0x000050c8) U4a92: 006320031200 tmp1:= READURAM(0x0020, 64) U4a94: 0004fe7f1c4b tmp1:= AND_DSZ32(0x00007ffe, tmp1) U4a95: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U4a96: 092822340c74 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp4, tmp1, U0d22) U4a98: 00151e032200 tmp2:= BTS_DSZ32(0x00000000, 0x0000001e) U4a99: 092819340cb4 LFNCEWTMRK-> CMPUJZ_DIRECT_NOTTAKEN(tmp4, tmp2, U0d19) U4a9a: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U4a9c: 2e75007b200d tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000be00) U4a9d: 0e2500034032 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2) U4a9e: 0e6508035032 LFNCEMARK-> tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000008) U4aa0: 104200000d35 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp5, tmp4) U4aa1: 000800000000 NOP U4aa2: 000800000000 NOP U4aa4: 0e2504034032 LFNCEMARK-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000004) U4aa5: 000800000000 NOP U4aa6: 000800000000 NOP U4aa8: 104200000d00 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp4, 0x00000000) U4aa9: 0ee51f036032 tmp6:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x0000001f) U4aaa: 000020032c88 tmp2:= ADD_DSZ32(0x00000020, tmp2) U4aac: 0004c0036d88 LFNCEMARK-> tmp6:= AND_DSZ32(0x000000c0, tmp6) U4aad: 0151ae2802b6 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U4aae) 044a9d40 SEQW GOTO U4a9d ------------------------------------------------------------------------------------ U4aae: 00080f035008 tmp5:= ZEROEXT_DSZ32(0x0000000f) U4ab0: 002107035d48 tmp5:= CONCAT_DSZ32(0x00000007, tmp5) U4ab1: 10420f080275 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp5, 0x20f, 32) U4ab2: 000802032008 tmp2:= ZEROEXT_DSZ32(0x00000002) U4ab4: 2e7d407b200d LFNCEMARK-> STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be40, tmp2) U4ab5: 000000000000 NOP 0421fe40 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U4ab6: 000882032010 tmp2:= ZEROEXT_DSZ32(0x00030300) U4ab8: 004231180232 MOVETOCREG_DSZ64(tmp2, 0x631) U4ab9: 204234180200 MOVETOCREG_DSZ64(0x00000000, 0x634) U4aba: 204235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U4abc: 296230580300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x630) U4abd: 000a44000200 TESTUSTATE(UCODE, 0x0044) 01cacc40 ? SEQW GOTO U4acc U4abe: 1062c20b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2c2, 32) U4ac0: 1a62c2480272 MOVETOCREG_BTR_DSZ64(tmp2, 0x00000005, 0x2c2) U4ac1: 1062cf0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x3cf, 32) U4ac2: 086ac42902b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000008, U4ac4) 01cacc80 SEQW GOTO U4acc ------------------------------------------------------------------------------------ U4ac4: 1062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U4ac5: 00477c070c10 tmp0:= NOTAND_DSZ64(0x08000040, tmp0) U4ac6: 00551c031230 tmp1:= BTS_DSZ64(tmp0, 0x0000001c) U4ac8: 00551e030231 tmp0:= BTS_DSZ64(tmp1, 0x0000001e) U4ac9: 000cd0680240 SAVEUIP(0x00, U3ad0) 01a97155 SEQW SAVEUIP1 U4aca SEQW GOTO U2971 U4aca: 1962cf0c0232 MOVETOCREG_BTS_DSZ64(tmp2, 0x3cf) U4acc: 000000000000 NOP 01f72e00 SEQW GOTO U772e ------------------------------------------------------------------------------------ U4acd: 070200038031 tmm0:= unk_702(mm1) U4ace: 04960003be3d tmm3:= unk_496(tmm5, tmm0) U4ad0: 04960003ce3e tmm4:= unk_496(tmm6, tmm0) U4ad1: 068901808f3b mm0:= unk_689(tmm3, tmm4) U4ad2: 070200038032 tmm0:= unk_702(mm2) U4ad4: 04960003de39 tmm5:= unk_496(tmm1, tmm0) U4ad5: 04960003ee3a tmm6:= unk_496(tmm2, tmm0) U4ad6: 268971809fbd mm7:= unk_689(tmm5, tmm6) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U4ad8: 008707031cc8 tmp1:= NOTAND_DSZ16(0x00000007, tmp3) U4ad9: 01317b07f431 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x08000000) U4ada: 00a193031c4e tmp1:= CONCAT_DSZ16(0x0000c093, tmp1) U4adc: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U4add: 0021ff7f1c5f tmp1:= CONCAT_DSZ32(0xffffffffffffffff, tmp1) U4ade: 0c6bab000031 WRSEGFLD(tmp1, DS, SEL+FLGS+LIM) U4ae0: 0ea5aa031e49 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001aa) U4ae1: 008707031c48 tmp1:= NOTAND_DSZ16(0x00000007, tmp1) U4ae2: 01317b07f431 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x08000000) U4ae4: 00a193031c4e tmp1:= CONCAT_DSZ16(0x0000c093, tmp1) U4ae5: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U4ae6: 0021ff7f1c5f tmp1:= CONCAT_DSZ32(0xffffffffffffffff, tmp1) U4ae8: 0c6ba8000031 WRSEGFLD(tmp1, ES, SEL+FLGS+LIM) U4ae9: 0ea5ca031e49 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001ca) U4aea: 008707031c48 tmp1:= NOTAND_DSZ16(0x00000007, tmp1) U4aec: 01317b07f431 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x08000000) U4aed: 00a193031c4e tmp1:= CONCAT_DSZ16(0x0000c093, tmp1) U4aee: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U4af0: 0021ff7f1c5f tmp1:= CONCAT_DSZ32(0xffffffffffffffff, tmp1) U4af1: 0c6bac000031 WRSEGFLD(tmp1, FS, SEL+FLGS+LIM) U4af2: 0e6508031e4a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000208) U4af4: 0c6b2c000031 WRSEGFLD(tmp1, FS, BASE) U4af5: 0ea5d2031e49 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001d2) U4af6: 008707031c48 tmp1:= NOTAND_DSZ16(0x00000007, tmp1) U4af8: 01317b07f431 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x08000000) U4af9: 00a193031c4e tmp1:= CONCAT_DSZ16(0x0000c093, tmp1) U4afa: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U4afc: 0021ff7f1c5f tmp1:= CONCAT_DSZ32(0xffffffffffffffff, tmp1) U4afd: 0c6bad000031 WRSEGFLD(tmp1, GS, SEL+FLGS+LIM) U4afe: 0e6510031e4a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000210) U4b00: 0c6b2d000031 WRSEGFLD(tmp1, GS, BASE) U4b01: 0e6528031e4a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000228) U4b02: 0c6b26000031 WRSEGFLD(tmp1, GDT, BASE) U4b04: 0e6530031e4a tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000230) U4b05: 0c6b2e000031 WRSEGFLD(tmp1, IDT, BASE) U4b06: 0e65b8036e4a tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002b8) U4b08: 0e25a4031e49 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001a4) U4b09: 0e65f0032e4a tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002f0) U4b0a: 0e65f8033e4a LFNCEWTMRK-> tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002f8) U4b0c: 125500000d40 SYNCMARK-> FETCHFROMEIP1_ASZ64(tmp5) U4b0d: 004374080231 WRITEURAM(tmp1, 0x0074, 32) U4b0e: 006410032232 tmp2:= SHL_DSZ64(tmp2, 0x00000010) U4b10: 006e10032232 tmp2:= SAR_DSZ64(tmp2, 0x00000010) U4b11: 004375000232 WRITEURAM(tmp2, 0x0075, 64) U4b12: 006410033233 tmp3:= SHL_DSZ64(tmp3, 0x00000010) U4b14: 006e10033233 tmp3:= SAR_DSZ64(tmp3, 0x00000010) U4b15: 004376000233 WRITEURAM(tmp3, 0x0076, 64) U4b16: 000a10034200 tmp4:= TESTUSTATE(UCODE, 0x0010) 01cb1980 ? SEQW GOTO U4b19 U4b18: 00553a034200 tmp4:= BTS_DSZ64(0x00000000, 0x0000003a) U4b19: 100a00000280 TESTUSTATE(SYS, 0x4000) 07356140 ? SEQW GOTO U3561 U4b1a: 0e2554034e48 LFNCEWTMRK-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000054) U4b1c: 0e6530035e48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000030) U4b1d: 204254000010 MOVETOCREG_DSZ64(0x00000014, 0x000) U4b1e: 00085957e009 tmp14:= ZEROEXT_DSZ32(0x00003559) U4b20: 000c95340240 SAVEUIP(0x00, U2d95) U4b21: 0009967ba00a SYNCWAIT-> tmp10:= MOVE_DSZ32(0x00005e96) 0ad93540 SEQW GOTO U5935 ------------------------------------------------------------------------------------ U4b22: 0175000b6239 tmp6:= CMOVCC_DSZ64_CONDNZ(tmp9, 0x00000200) U4b24: 10429e080276 MOVETOCREG_DSZ64(tmp6, 0x29e, 32) U4b25: 006307038200 tmp8:= READURAM(0x0007, 64) U4b26: 0151282c02b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U4b28) 01acb180 SEQW GOTO U2cb1 ------------------------------------------------------------------------------------ U4b28: 006205079200 tmp9:= MOVEFROMCREG_DSZ64(0x105) U4b29: 000404039e48 tmp9:= AND_DSZ32(0x00000004, tmp9) U4b2a: 013e24039e48 tmp9:= MOVEMERGEFLGS_DSZ32(0x00000024, tmp9) U4b2c: 013504039239 tmp9:= CMOVCC_DSZ32_CONDNZ(tmp9, 0x00000004) U4b2d: 00635c03d200 tmp13:= READURAM(0x005c, 64) U4b2e: 00010003df79 tmp13:= OR_DSZ32(tmp9, tmp13) U4b30: 20435c08023d ROVR<- WRITEURAM(tmp13, 0x005c, 32) 01a8f51c SEQW SAVEUIP1 U4b31 SEQW GOTO U28f5 U4b31: 002514039238 tmp9:= SHR_DSZ32(tmp8, 0x00000014) U4b32: 092930bc0239 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x00000002, U0f30) U4b34: 006200039200 tmp9:= MOVEFROMCREG_DSZ64(0x000) U4b35: 086a36ed02b9 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000b, U4b36) 048f3040 SEQW GOTO U0f30 ------------------------------------------------------------------------------------ U4b36: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U4b38: 000800038000 tmp8:= ZEROEXT_DSZ32(0x00000000) 018f3100 SEQW GOTO U0f31 ------------------------------------------------------------------------------------ U4b39: 021f00031037 tmp1:= unk_21f(tmp7) U4b3a: 01d600031031 tmp1:= unk_1d6(tmp1) U4b3c: 002403031231 tmp1:= SHL_DSZ32(tmp1, 0x00000003) U4b3d: 002500037c77 tmp7:= SHR_DSZ32(tmp7, tmp1) U4b3e: 01d600037037 tmp7:= unk_1d6(tmp7) U4b40: 000100037c77 tmp7:= OR_DSZ32(tmp7, tmp1) U4b41: 002401039239 tmp9:= SHL_DSZ32(tmp9, 0x00000001) U4b42: 000100039e77 tmp9:= OR_DSZ32(tmp7, tmp9) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U4b44: 06a805838008 WRTAGW-> tmm0:= unk_6a8(IMM_MACRO_ALIAS_STi) U4b45: 07ea00031008 mm1:= unk_7ea(0x00000000) U4b46: 000558032431 tmp2:= SUB_DSZ32(tmp1, 0x0001003a) U4b48: 00085903b010 tmp11:= ZEROEXT_DSZ32(0x0001003e) U4b49: 07c20003903b tmm1:= unk_7c2(tmm3) U4b4a: 0250096002b2 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp2, U5809) U4b4c: 06aa0003fe48 tmm7:= unk_6aa(0x00000000, tmm1) U4b4d: 06ee0003b03f tmm3:= unk_6ee(tmm7) U4b4e: 04b60703bec0 tmm3:= unk_4b6(tmm3) U4b50: 072a00038008 tmm0:= unk_72a(0x00000000) U4b51: 06a053039000 tmp9:= unk_6a0(0x00000000) U4b52: 05fa02039e40 tmm1:= SHUFPD(tmm1) U4b54: 050f0303bec0 tmm3:= unk_50f(tmm3) U4b55: 04c30003be7b tmm3:= ORPD(tmm3, tmm1) U4b56: 06a052039000 tmp9:= unk_6a0(0x00000000) U4b58: 000846031010 tmp1:= ZEROEXT_DSZ32(0x0000ffff) U4b59: 07c200039e71 tmm1:= unk_7c2(mm1, tmm1) U4b5a: 07c20003bef1 tmm3:= unk_7c2(mm1, tmm3) U4b5c: 06e10003bef9 tmm3:= unk_6e1(tmm1, tmm3) U4b5d: 06a04c039000 tmp9:= unk_6a0(0x00000000) U4b5e: 07aa0003203b mm2:= unk_7aa(tmm3) U4b60: 04950003ae7b tmm2:= unk_495(tmm3, tmm1) U4b61: 00251c032232 tmp2:= SHR_DSZ32(tmp2, 0x0000001c) U4b62: 00240b038238 tmp8:= SHL_DSZ32(tmp8, 0x0000000b) U4b64: 000100038e32 tmp8:= OR_DSZ32(tmp2, tmp8) U4b65: 000509032c88 tmp2:= SUB_DSZ32(0x00000009, tmp2) U4b66: 0353096002b2 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp2, U5809) U4b68: 06a05703e000 tmp14:= unk_6a0(0x00000000) U4b69: 06620003bebe tmm3:= unk_662(tmm6, tmm2) U4b6a: 07aa0003203b mm2:= unk_7aa(tmm3) U4b6c: 00251c031232 tmp1:= SHR_DSZ32(tmp2, 0x0000001c) U4b6d: 002404038238 tmp8:= SHL_DSZ32(tmp8, 0x00000004) U4b6e: 000100038e31 tmp8:= OR_DSZ32(tmp1, tmp8) U4b70: 07460003d038 tmm5:= unk_746(tmm0) U4b71: 000810035008 tmp5:= ZEROEXT_DSZ32(0x00000010) U4b72: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U4b74: 006404031231 tmp1:= SHL_DSZ64(tmp1, 0x00000004) U4b75: 04950003ae7b tmm2:= unk_495(tmm3, tmm1) U4b76: 07aa0003203b mm2:= unk_7aa(tmm3) U4b78: 06620003bebe tmm3:= unk_662(tmm6, tmm2) U4b79: 00251c032232 tmp2:= SHR_DSZ32(tmp2, 0x0000001c) U4b7a: 004100031c72 tmp1:= OR_DSZ64(tmp2, tmp1) U4b7c: 000501035d48 tmp5:= SUB_DSZ32(0x00000001, tmp5) U4b7d: 03507e2c02b5 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp5, U4b7e) 01cb7440 SEQW GOTO U4b74 ------------------------------------------------------------------------------------ U4b7e: 07460003b031 tmm3:= unk_746(mm1) U4b80: 04ef0803bf7b tmm3:= MOVHLPS(tmm3, tmm5) U4b81: 0cdc0063b03a tmp11:= unk_cdc(tmp10) U4b82: 26ee0003803f LFNCEMARK-> tmm0:= unk_6ee(tmm7) U4b84: 076a0003b038 tmm3:= unk_76a(tmm0) U4b85: 00071003b23b tmp11:= NOTAND_DSZ32(tmp11, 0x00000010) U4b86: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U4b88: 00628c134200 LFNCEWAIT-> tmp4:= MOVEFROMCREG_DSZ64(0x48c) U4b89: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U4b8a: 000100031ef1 tmp1:= OR_DSZ32(tmp1, tmp11) U4b8c: 01508d2c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U4b8d) 054b9000 SEQW GOTO U4b90 ------------------------------------------------------------------------------------ U4b8d: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U4b8e: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U4b90: 04b491838200 LFNCEWAIT-> tmm0:= FMOV(0x00000091) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U4b91: 006402031231 tmp1:= SHL_DSZ64(tmp1, 0x00000002) U4b92: 1f54004b0c40 tmp0:= unk_f54(tmp1) U4b94: 004703030c08 tmp0:= NOTAND_DSZ64(0x00000003, tmp0) U4b95: 004102030c08 tmp0:= OR_DSZ64(0x00000002, tmp0) U4b96: 00434b000230 WRITEURAM(tmp0, 0x004b, 64) U4b98: 00635c030200 tmp0:= READURAM(0x005c, 64) U4b99: 000100430c08 tmp0:= OR_DSZ32(0x00001000, tmp0) U4b9a: 00435c080230 WRITEURAM(tmp0, 0x005c, 32) 01dd5e80 SEQW GOTO U5d5e ------------------------------------------------------------------------------------ U4b9c: 1062380ba240 tmp10:= MOVEFROMCREG_DSZ64(0x238, 32) U4b9d: 086b9c6d02ba SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp10, 0x00000009, U4b9c) U4b9e: 10621d0bb240 tmp11:= MOVEFROMCREG_DSZ64(0x21d, 32) U4ba0: 00140803b23b tmp11:= BT_DSZ32(tmp11, 0x00000008) U4ba1: 0033006ff27b tmp15:= SELECTCC_DSZ32_CONDNB(tmp11, 0x00003b00) U4ba2: 086aa4ed023a LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000003, U4ba4) 074ba580 SEQW GOTO U4ba5 ------------------------------------------------------------------------------------ U4ba4: 0902011c0240 SYNCFULL-> MOVETOCREG_OR_DSZ64(0x00000004, 0x701) U4ba5: 00000003cfc8 tmp12:= ADD_DSZ32(0x00000000, tmp15) 08303551 SEQW SAVEUIP0 U4ba6 SEQW GOTO U3035 U4ba6: 000800000000 NOP U4ba8: 004211100232 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp2, 0x411) U4ba9: 09a264000632 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000020, 0x064) U4baa: 004206040234 MOVETOCREG_DSZ64(tmp4, 0x106) U4bac: 09a288100634 MOVETOCREG_SHR_DSZ64(tmp4, 0x00000020, 0x488) U4bad: 00424d1c0236 MOVETOCREG_DSZ64(tmp6, 0x74d) U4bae: 09a23c180636 MOVETOCREG_SHR_DSZ64(tmp6, 0x00000020, 0x63c) U4bb0: 004280180238 MOVETOCREG_DSZ64(tmp8, 0x680) 01b03510 SEQW SAVEUIP0 U4bb1 SEQW GOTO U3035 U4bb1: 004209180232 MOVETOCREG_DSZ64(tmp2, 0x609) U4bb2: 00420a180234 MOVETOCREG_DSZ64(tmp4, 0x60a) U4bb4: 004293180236 MOVETOCREG_DSZ64(tmp6, 0x693) U4bb5: 09a208180636 MOVETOCREG_SHR_DSZ64(tmp6, 0x00000020, 0x608) U4bb6: 004210180238 LFNCEMARK-> MOVETOCREG_DSZ64(tmp8, 0x610) U4bb8: 0008c03bc00d tmp12:= ZEROEXT_DSZ32(0x0000aec0) U4bb9: 0e750003b03c tmp11:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U4bba: 0e752003103c tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U4bbc: 086bd02d0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U4bd0) U4bbd: 0008c06bc00b tmp12:= ZEROEXT_DSZ32(0x00007ac0) U4bbe: 000e5f000200 WRMSLOOPCTRFBR(0x0000005f) U4bc0: 000884030010 tmp0:= ZEROEXT_DSZ32(0x00030600) U4bc1: 0042a1180230 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, 0x6a1) U4bc2: 000800000000 NOP U4bc4: 0042a0180200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) 04257d14 SEQW SAVEUIP1 U4bc5 SEQW GOTO U257d U4bc5: 000e07000200 WRMSLOOPCTRFBR(0x00000007) U4bc6: 000882030010 tmp0:= ZEROEXT_DSZ32(0x00030300) U4bc8: 2042a1180230 MOVETOCREG_DSZ64(tmp0, 0x6a1) U4bc9: 2042a0180200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) 04a57d55 SEQW SAVEUIP1 U4bca SEQW GOTO U257d U4bca: 0042061c023b MOVETOCREG_DSZ64(tmp11, 0x706) U4bcc: 09a2071c063b MOVETOCREG_SHR_DSZ64(tmp11, 0x00000020, 0x707) U4bcd: 0062921b1200 tmp1:= MOVEFROMCREG_DSZ64(0x692) U4bce: 2a6292180231 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp1, 0x692) U4bd0: 1062eb0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2eb, 32) U4bd1: 086bd02d0230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U4bd0) U4bd2: 2062301b2200 tmp2:= MOVEFROMCREG_DSZ64(0x630) U4bd4: 0004ff3f2c88 tmp2:= AND_DSZ32(0x00000fff, tmp2) U4bd5: 0151d22c02b2 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U4bd2) U4bd6: 000883030008 tmp0:= ZEROEXT_DSZ32(0x00000083) U4bd8: 00a1000b0230 tmp0:= CONCAT_DSZ16(tmp0, 0x00000200) U4bd9: 204231180230 MOVETOCREG_DSZ64(tmp0, 0x631) U4bda: 204234180200 MOVETOCREG_DSZ64(0x00000000, 0x634) U4bdc: 204235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U4bdd: 204236180200 MOVETOCREG_DSZ64(0x00000000, 0x636) U4bde: 204237180200 MOVETOCREG_DSZ64(0x00000000, 0x637) U4be0: 204238180200 MOVETOCREG_DSZ64(0x00000000, 0x638) U4be1: 000883032008 tmp2:= ZEROEXT_DSZ32(0x00000083) U4be2: 00a100032032 tmp2:= CONCAT_DSZ16(tmp2) U4be4: 204230180232 MOVETOCREG_DSZ64(tmp2, 0x630) U4be5: 000c99240240 SAVEUIP(0x00, U2999) U4be6: 1062d00b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2d0, 32) U4be8: 01302003023f tmp0:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000020) U4be9: 000080770c0d tmp0:= ADD_DSZ32(0x0000bd80, tmp0) U4bea: 0e7500031030 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp0) U4bec: 004000031c72 tmp1:= ADD_DSZ64(tmp2, tmp1) U4bed: 0e7d00031030 STADSTGBUF_DSZ64_ASZ16_SC1(tmp0, tmp1) 01884689 SEQW URET0 ------------------------------------------------------------------------------------ U4bee: 200a00800240 TESTUSTATE(VMX, !0x2000) 01884689 ? SEQW GOTO U0846 U4bf0: 200a00000300 TESTUSTATE(VMX, 0x8000) 0180ed4c ? SEQW URET1 U4bf1: 00084e0b0010 tmp0:= ZEROEXT_DSZ32(0x0002282b) 0180ed4c SEQW GOTO U00ed ------------------------------------------------------------------------------------ U4bf2: 000801033008 tmp3:= ZEROEXT_DSZ32(0x00000001) U4bf4: 00084263e008 tmp14:= ZEROEXT_DSZ32(0x00001842) U4bf5: 206353031200 tmp1:= READURAM(0x0053, 64) U4bf6: 005402031231 tmp1:= BT_DSZ64(tmp1, 0x00000002) U4bf8: 005200000fb1 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, tmp14) U4bf9: 00240f030233 tmp0:= SHL_DSZ32(tmp3, 0x0000000f) U4bfa: 00160f031231 tmp1:= BTR_DSZ32(tmp1, 0x0000000f) U4bfc: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U4bfd: 004353080231 WRITEURAM(tmp1, 0x0053, 32) U4bfe: 002408030233 tmp0:= SHL_DSZ32(tmp3, 0x00000008) U4c00: 000114030c08 tmp0:= OR_DSZ32(0x00000014, tmp0) U4c01: 000d10800000 SAVEUIP_REGOVR(0x01, U4c02, 0x0010) 01dc6640 SEQW GOTO U5c66 U4c02: 2d0ba0030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U4c04: 000500030cf0 tmp0:= SUB_DSZ32(tmp0, tmp3) U4c05: 015000000fb0 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, tmp14) U4c06: 10629f0b0240 tmp0:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U4c08: 086a4c580270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000005, U064c) U4c09: 000e80000208 SYNCFULL-> WRMSLOOPCTRFBR(0x00000080) U4c0a: 000000000000 NOP 08cbfe80 SEQW GOTO U4bfe ------------------------------------------------------------------------------------ U4c0c: 00632003b200 tmp11:= READURAM(0x0020, 64) U4c0d: 0008d8036008 tmp6:= ZEROEXT_DSZ32(0x000000d8) U4c0e: 0008a8037008 tmp7:= ZEROEXT_DSZ32(0x000000a8) 01d87596 SEQW SAVEUIP1 U4c10 SEQW GOTO U5875 U4c10: 00401803ce08 tmp12:= ADD_DSZ64(0x00000018, tmp8) U4c11: 006306030200 tmp0:= READURAM(0x0006, 64) U4c12: 008801030c08 tmp0:= ZEROEXT_DSZ16(0x00000001, tmp0) U4c14: 004147030c10 tmp0:= OR_DSZ64(0x00010000, tmp0) U4c15: 1062870f1240 tmp1:= MOVEFROMCREG_DSZ64(0x387, 32) U4c16: 1062850f2240 tmp2:= MOVEFROMCREG_DSZ64(0x385, 32) U4c18: 1062810f3240 tmp3:= MOVEFROMCREG_DSZ64(0x381, 32) U4c19: 000e03000200 WRMSLOOPCTRFBR(0x00000003) 01805151 SEQW SAVEUIP0 U4c1a SEQW GOTO U0051 U4c1a: 000800000000 NOP U4c1c: 00080b034000 ROVR<- tmp4:= ZEROEXT_DSZ32(0x00000000) 01b2cd1c SEQW SAVEUIP1 U4c1d SEQW GOTO U32cd U4c1d: 1062820f7240 tmp7:= MOVEFROMCREG_DSZ64(0x382, 32) U4c1e: 00480003d037 tmp13:= ZEROEXT_DSZ64(tmp7) U4c20: 00402003ce08 tmp12:= ADD_DSZ64(0x00000020, tmp8) U4c21: 015df5640240 SYNCFULL-> UJMP(U39f5) 088000d5 SEQW SAVEUIP1 U4c22 ------------------------------------------------------------------------------------ U4c22: 00400803cf08 tmp12:= ADD_DSZ64(0x00000008, tmp12) U4c24: 1062a50f6240 tmp6:= MOVEFROMCREG_DSZ64(0x3a5, 32) U4c25: 00047d336d88 tmp6:= AND_DSZ32(0x00000c7d, tmp6) U4c26: 00240f035234 tmp5:= SHL_DSZ32(tmp4, 0x0000000f) U4c28: 000100036d76 tmp6:= OR_DSZ32(tmp6, tmp5) U4c29: 3962a5cf6276 SYNCFULL-> tmp6:= MOVETOCREG_BTS_DSZ64(tmp6, 0x00000007, 0x3a5) U4c2a: 1062820fd240 tmp13:= MOVEFROMCREG_DSZ64(0x382, 32) U4c2c: 10628d0f5240 tmp5:= MOVEFROMCREG_DSZ64(0x38d, 32) U4c2d: 006428035235 tmp5:= SHL_DSZ64(tmp5, 0x00000028) U4c2e: 00410003df75 tmp13:= OR_DSZ64(tmp5, tmp13) U4c30: 3962a54f6376 SYNCFULL-> tmp6:= MOVETOCREG_BTS_DSZ64(tmp6, 0x00000015, 0x3a5) U4c31: 10628d0f5240 tmp5:= MOVEFROMCREG_DSZ64(0x38d, 32) U4c32: 006430035235 tmp5:= SHL_DSZ64(tmp5, 0x00000030) U4c34: 00410003df75 tmp13:= OR_DSZ64(tmp5, tmp13) U4c35: 3962a50f6376 SYNCFULL-> tmp6:= MOVETOCREG_BTS_DSZ64(tmp6, 0x00000014, 0x3a5) U4c36: 10628d0f5240 tmp5:= MOVEFROMCREG_DSZ64(0x38d, 32) U4c38: 006438035235 tmp5:= SHL_DSZ64(tmp5, 0x00000038) U4c39: 00410003df75 tmp13:= OR_DSZ64(tmp5, tmp13) U4c3a: 015df5640240 SYNCFULL-> UJMP(U39f5) 090000d6 SEQW SAVEUIP1 U4c3c ------------------------------------------------------------------------------------ U4c3c: 000001034d08 tmp4:= ADD_DSZ32(0x00000001, tmp4) U4c3d: 092922310334 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000010, U4c22) U4c3e: 3042820c0277 MOVETOCREG_DSZ64(tmp7, 0x382, 32) U4c40: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U4c41: 1062d00b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d0, 32) U4c42: 0062f61f1200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U4c44: 002108031231 tmp1:= CONCAT_DSZ32(tmp1, 0x00000008) U4c45: 00631e032200 tmp2:= READURAM(0x001e, 64) U4c46: 006229173200 tmp3:= MOVEFROMCREG_DSZ64(0x529) U4c48: 0062c51f4200 tmp4:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U4c49: 0062ff1f5200 tmp5:= MOVEFROMCREG_DSZ64(0x7ff) U4c4a: 002100034d35 tmp4:= CONCAT_DSZ32(tmp5, tmp4) U4c4c: 006267035200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U4c4d: 00402803ce48 tmp12:= ADD_DSZ64(0x00000028, tmp9) U4c4e: 000e05000200 WRMSLOOPCTRFBR(0x00000005) 01805192 SEQW SAVEUIP0 U4c50 SEQW GOTO U0051 U4c50: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U4c51: 0040a803ce48 tmp12:= ADD_DSZ64(0x000000a8, tmp9) U4c52: 000800000000 NOP U4c54: 00480003d003 tmp13:= ZEROEXT_DSZ64(rdi) U4c55: 015df5640240 SYNCFULL-> UJMP(U39f5) 088000d5 SEQW SAVEUIP1 U4c56 ------------------------------------------------------------------------------------ U4c56: 00450803cf08 tmp12:= SUB_DSZ64(0x00000008, tmp12) U4c58: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01cc5400 ? SEQW GOTO U4c54 U4c59: 00630e030200 tmp0:= READURAM(0x000e, 64) U4c5a: 0062091b1200 tmp1:= MOVEFROMCREG_DSZ64(0x609) U4c5c: 00620a1b2200 tmp2:= MOVEFROMCREG_DSZ64(0x60a) U4c5d: 00620d073200 tmp3:= MOVEFROMCREG_DSZ64(0x10d) U4c5e: 00620e074200 tmp4:= MOVEFROMCREG_DSZ64(0x10e) U4c60: 0040d003ce48 tmp12:= ADD_DSZ64(0x000000d0, tmp9) U4c61: 000e04000200 WRMSLOOPCTRFBR(0x00000004) 01805151 SEQW SAVEUIP0 U4c62 SEQW GOTO U0051 U4c62: 000800000000 NOP U4c64: 0008663b0008 tmp0:= ZEROEXT_DSZ32(0x00000e66) 018e6800 SEQW GOTO U0e68 ------------------------------------------------------------------------------------ U4c65: 006200035e00 tmp5:= MOVEFROMCREG_DSZ64(tmp8) U4c66: 000703035d48 tmp5:= NOTAND_DSZ32(0x00000003, tmp5) U4c68: 004200035e35 tmp5:= MOVETOCREG_DSZ64(tmp5, tmp8) U4c69: 00080003ad7a tmp10:= ZEROEXT_DSZ32(tmp10, tmp5) U4c6a: 000703035e88 tmp5:= NOTAND_DSZ32(0x00000003, tmp10) U4c6c: 004200035e35 tmp5:= MOVETOCREG_DSZ64(tmp5, tmp8) U4c6d: 00480003ad7a tmp10:= ZEROEXT_DSZ64(tmp10, tmp5) U4c6e: 004200000e3a SYNCFULL-> MOVETOCREG_DSZ64(tmp10, tmp8) 09216280 SEQW GOTO U2162 ------------------------------------------------------------------------------------ U4c70: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01cc7900 ? SEQW GOTO U4c79 U4c71: 186b699c0332 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000012, generate_#UD) U4c72: 186a71dc023b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000003, generate_#NM) U4c74: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01cc7900 ? SEQW GOTO U4c79 U4c75: 006311032200 tmp2:= READURAM(0x0011, 64) U4c76: 0e65c8072c8c tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000004c8, mode=0x01) U4c78: 286a90fc02f2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000f, do_smm_vmexit) U4c79: 0c1300e33144 tmp3:= LEA_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U4c7a: 00c43f033cc8 tmp3:= AND_DSZ8(0x0000003f, tmp3) U4c7c: 0151111c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, generate_#GP) U4c7d: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U4c7e: 10880003b03b tmp11:= ZEROEXT_DSZ16N(tmp11) U4c80: 0c40086322bb tmp2:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000208, mode=0x18) U4c81: 0c40006342bb tmp4:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000200, mode=0x18) U4c82: 002100035822 LFNCEMARK-> tmp5:= CONCAT_DSZ32(rdx, rax) U4c84: 004400035d76 tmp5:= AND_DSZ64(tmp6, tmp5) U4c85: 006501037235 tmp7:= SHR_DSZ64(tmp5, 0x00000001) U4c86: 00440c037dc8 tmp7:= AND_DSZ64(0x0000000c, tmp7) U4c88: 004403038d48 tmp8:= AND_DSZ64(0x00000003, tmp5) U4c89: 004100038e37 tmp8:= OR_DSZ64(tmp7, tmp8) U4c8a: 006501037234 tmp7:= SHR_DSZ64(tmp4, 0x00000001) U4c8c: 00440c037dc8 tmp7:= AND_DSZ64(0x0000000c, tmp7) U4c8d: 00440303dd08 tmp13:= AND_DSZ64(0x00000003, tmp4) U4c8e: 00410003df77 tmp13:= OR_DSZ64(tmp7, tmp13) U4c90: 00640403d23d tmp13:= SHL_DSZ64(tmp13, 0x00000004) U4c91: 004100038f78 tmp8:= OR_DSZ64(tmp8, tmp13) U4c92: 01420f000e00 UFLOWCTRL(USTATE, tmp8) U4c94: 00433f000238 LFNCEWAIT-> WRITEURAM(tmp8, 0x003f, 64) U4c95: 096272c00340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x072) U4c96: 00563f032232 tmp2:= BTR_DSZ64(tmp2, 0x0000003f) U4c98: 0052993002b2 SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, U4c99) 0c1e4400 SEQW GOTO U1e44 ------------------------------------------------------------------------------------ U4c99: 004700037cb6 tmp7:= NOTAND_DSZ64(tmp6, tmp2) U4c9a: 00470003ad32 tmp10:= NOTAND_DSZ64(tmp2, tmp4) U4c9c: 004100037dfa tmp7:= OR_DSZ64(tmp10, tmp7) U4c9d: 000e0203c208 tmp12:= WRMSLOOPCTRFBR(0x00000002) U4c9e: 0040100b8ec8 tmp8:= ADD_DSZ64(0x00000210, tmp11) U4ca0: 0c400063a038 tmp10:= LDZX_DSZ64_ASZ32_SC1(tmp8, mode=0x18) U4ca1: 004100037dfa tmp7:= OR_DSZ64(tmp10, tmp7) U4ca2: 0c400863a238 tmp10:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000008, mode=0x18) U4ca4: 004100037dfa tmp7:= OR_DSZ64(tmp10, tmp7) U4ca5: 004010038e08 tmp8:= ADD_DSZ64(0x00000010, tmp8) U4ca6: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01cca080 SEQW GOTO U4ca0 ------------------------------------------------------------------------------------ U4ca8: 0151111c0277 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, generate_#GP) U4ca9: 005403032232 tmp2:= BT_DSZ64(tmp2, 0x00000003) U4caa: 007340039232 tmp9:= SELECTCC_DSZ64_CONDNB(tmp2, 0x00000040) U4cac: 00403f0b7e48 tmp7:= ADD_DSZ64(0x0000023f, tmp9) U4cad: 004400033d72 tmp3:= AND_DSZ64(tmp2, tmp5) U4cae: 005403033233 tmp3:= BT_DSZ64(tmp3, 0x00000003) U4cb0: 017e00037cf7 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp3) U4cb1: 00763f0b8237 tmp8:= CMOVCC_DSZ64_CONDB(tmp7, 0x0000023f) U4cb2: 00400103adc8 tmp10:= ADD_DSZ64(0x00000001, tmp7) U4cb4: 00641003623a tmp6:= SHL_DSZ64(tmp10, 0x00000010) U4cb5: 005404032232 tmp2:= BT_DSZ64(tmp2, 0x00000004) U4cb6: 007340039232 tmp9:= SELECTCC_DSZ64_CONDNB(tmp2, 0x00000040) U4cb8: 004000037df9 tmp7:= ADD_DSZ64(tmp9, tmp7) U4cb9: 005404033233 tmp3:= BT_DSZ64(tmp3, 0x00000004) U4cba: 017e00037cf7 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp3) U4cbc: 007600038e37 tmp8:= CMOVCC_DSZ64_CONDB(tmp7, tmp8) U4cbd: 00400103cdc8 tmp12:= ADD_DSZ64(0x00000001, tmp7) U4cbe: 00641c03c23c tmp12:= SHL_DSZ64(tmp12, 0x0000001c) U4cc0: 004100036dbc tmp6:= OR_DSZ64(tmp12, tmp6) U4cc1: 0041400b6d88 tmp6:= OR_DSZ64(0x00000240, tmp6) U4cc2: 074400038036 tmm0:= unk_744(mm6) U4cc4: 005408032232 tmp2:= BT_DSZ64(tmp2, 0x00000008) U4cc5: 007380039232 tmp9:= SELECTCC_DSZ64_CONDNB(tmp2, 0x00000080) U4cc6: 004000037df9 tmp7:= ADD_DSZ64(tmp9, tmp7) U4cc8: 005408033233 tmp3:= BT_DSZ64(tmp3, 0x00000008) U4cc9: 017e00037cf7 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp3) U4cca: 007600038e37 tmp8:= CMOVCC_DSZ64_CONDB(tmp7, tmp8) U4ccc: 108000038ef8 tmp8:= ADD_DSZN(tmp8, tmp11) U4ccd: 004400033d72 tmp3:= AND_DSZ64(tmp2, tmp5) U4cce: 007d01034d08 tmp4:= MOVEINSERTFLGS_DSZ64(0x00000001, tmp4) 019e5d80 SEQW GOTO U1e5d ------------------------------------------------------------------------------------ U4cd0: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U4cd1: 10880003b03b tmp11:= ZEROEXT_DSZ16N(tmp11) U4cd2: 01420f000d00 SYNCMARK-> UFLOWCTRL(USTATE, tmp4) U4cd4: 20433f000234 WRITEURAM(tmp4, 0x003f, 64) U4cd5: 005403034234 tmp4:= BT_DSZ64(tmp4, 0x00000003) U4cd6: 017eff0fdd08 tmp13:= MOVEMERGEFLGS_DSZ64(0x000003ff, tmp4) U4cd8: 00763f0b823d tmp8:= CMOVCC_DSZ64_CONDB(tmp13, 0x0000023f) U4cd9: 005404034234 tmp4:= BT_DSZ64(tmp4, 0x00000004) U4cda: 017e3f13dd08 tmp13:= MOVEMERGEFLGS_DSZ64(0x0000043f, tmp4) U4cdc: 007600038e3d tmp8:= CMOVCC_DSZ64_CONDB(tmp13, tmp8) U4cdd: 100a20200200 TESTUSTATE(SYS, UST_SMM | 0x0800) 01cce940 ? SEQW GOTO U4ce9 U4cde: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U4ce0: 186b699c0332 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000012, generate_#UD) U4ce1: 0062f61f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U4ce2: 186a71dc0232 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000003, generate_#NM) U4ce4: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01cce900 ? SEQW GOTO U4ce9 U4ce5: 006311032200 tmp2:= READURAM(0x0011, 64) U4ce6: 0e65c8072c8c tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000004c8, mode=0x01) U4ce8: 286a903c0c72 BTUJB_DIRECT_NOTTAKEN(tmp2, tmp1, do_smm_vmexit) U4ce9: 296272c00340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x072) U4cea: 000406031234 tmp1:= AND_DSZ32(tmp4, 0x00000006) U4cec: 017e18031c48 tmp1:= MOVEMERGEFLGS_DSZ64(0x00000018, tmp1) U4ced: 0135000b1231 tmp1:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x00000200) U4cee: 000401037d08 tmp7:= AND_DSZ32(0x00000001, tmp4) U4cf0: 017100037c77 tmp7:= SELECTCC_DSZ64_CONDNZ(tmp7, tmp1) U4cf1: 108000037ef7 tmp7:= ADD_DSZN(tmp7, tmp11) U4cf2: 100a00200200 TESTUSTATE(SYS, 0x0800) 01ccfc80 ? SEQW GOTO U4cfc U4cf4: 0c1300e30144 tmp0:= LEA_DSZ32_ASZ32_SC1(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT, mode=0x18) U4cf5: 00c43f030c08 tmp0:= AND_DSZ8(0x0000003f, tmp0) U4cf6: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U4cf8: 108000038ef8 tmp8:= ADD_DSZN(tmp8, tmp11) U4cf9: 0cc200600038 unk_cc2(tmp8) U4cfa: 0cc200600037 unk_cc2(tmp7) U4cfc: 0c4a006352bb tmp5:= LDTICKLE_DSZ64_ASZ32_SC1(tmp11, 0x00000200, mode=0x18) U4cfd: 004700035d74 tmp5:= NOTAND_DSZ64(tmp4, tmp5) U4cfe: 00543f034234 tmp4:= BT_DSZ64(tmp4, 0x0000003f) U4d00: 007200035d74 tmp5:= SELECTCC_DSZ64_CONDB(tmp4, tmp5) U4d01: 000c016c0240 SAVEUIP(0x00, U3b01) U4d02: 000a04800200 SYNCWAIT-> TESTUSTATE(UCODE, !0x0004) 0b6da996 ? SEQW SAVEUIP1 U4d04 ? SEQW GOTO U6da9 U4d04: 000c4a740280 SAVEUIP(0x00, U5d4a) U4d05: 000a08800200 TESTUSTATE(UCODE, !0x0008) 0192c555 ? SEQW SAVEUIP1 U4d06 ? SEQW GOTO U12c5 U4d06: 1080c00f823b tmp8:= ADD_DSZN(tmp11, 0x000003c0) U4d08: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01cd0c00 ? SEQW GOTO U4d0c U4d09: 108580078e08 tmp8:= SUB_DSZN(0x00000180, tmp8) U4d0a: 000800000000 NOP U4d0c: 000a20000200 TESTUSTATE(UCODE, 0x0020) 01cd1900 ? SEQW GOTO U4d19 U4d0d: 0c4900620238 rax:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, mode=0x18) U4d0e: 0c4908630238 tmp0:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000008, mode=0x18) U4d10: 0c4910621238 rcx:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000010, mode=0x18) U4d11: 0c4918631238 tmp1:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000018, mode=0x18) U4d12: 0c4920622238 rdx:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000020, mode=0x18) U4d14: 0c4928632238 tmp2:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000028, mode=0x18) U4d15: 0c4930623238 rbx:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000030, mode=0x18) U4d16: 0c4938633238 tmp3:= STADTICKLE_DSZ64_ASZ32_SC1(tmp8, 0x00000038, mode=0x18) U4d18: 108040038238 tmp8:= ADD_DSZN(tmp8, 0x00000040) U4d19: 000a40800200 TESTUSTATE(UCODE, !0x0040) 01dfee55 ? SEQW SAVEUIP1 U4d1a ? SEQW GOTO U5fee U4d1a: 004800036034 tmp6:= ZEROEXT_DSZ64(tmp4) U4d1c: 0044ff3f0d88 tmp0:= AND_DSZ64(0x00000fff, tmp6) U4d1d: 004100035d70 tmp5:= OR_DSZ64(tmp0, tmp5) U4d1e: 104a00037338 tmp7:= TESTUSTATE(tmp8, SYS, 0x8000) 01943980 ? SEQW GOTO U1439 U4d20: 00633a030200 tmp0:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U4d21: 1062df0b1240 tmp1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U4d22: 086b267502f1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000d, U4d26) U4d24: 005520030230 tmp0:= BTS_DSZ64(tmp0, 0x00000020) U4d25: 20433a000230 WRITEURAM(tmp0, FSCP_CR_IA32_FEATURE_CTL, 64) U4d26: 006518030230 tmp0:= SHR_DSZ64(tmp0, 0x00000018) U4d28: 004400070c08 tmp0:= AND_DSZ64(0x00000100, tmp0) U4d29: 000100075d48 tmp5:= OR_DSZ32(0x00000100, tmp5) U4d2a: 004700035d70 tmp5:= NOTAND_DSZ64(tmp0, tmp5) U4d2c: 286a761d02b0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000008, U5776) U4d2d: 0062f01f4200 tmp4:= MOVEFROMCREG_DSZ64(0x7f0) U4d2e: 086b32380234 BTUJNB_DIRECT_NOTTAKEN(tmp4, 0x00000000, U0e32) U4d30: 0008313be008 tmp14:= ZEROEXT_DSZ32(0x00000e31) U4d31: 006267031200 tmp1:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U4d32: 006265030200 tmp0:= MOVEFROMCREG_DSZ64(0x065) U4d34: 104500030c70 tmp0:= SUB_DSZN(tmp0, tmp1) U4d35: 014300300c00 AETTRACE(0x0c, tmp0) 01aad940 SEQW GOTO U2ad9 ------------------------------------------------------------------------------------ U4d36: 086a3af502f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U4d3a) U4d38: 049500038f38 tmm0:= unk_495(tmm0, tmm4) U4d39: 153c00038e00 tmm0:= unk_53c(tmm0) U4d3a: 0c4b20338000 tmp8:= RDSEGFLD(FS, BASE) U4d3c: 0c6b24000038 WRSEGFLD(tmp8, UNK_SEG_04, BASE) U4d3d: 0c4ba0338000 tmp8:= RDSEGFLD(FS, SEL+FLGS+LIM) U4d3e: 0c6ba4000038 WRSEGFLD(tmp8, UNK_SEG_04, SEL+FLGS+LIM) U4d40: 0c7b2c000034 WRSEGFLD(tmp4, FS, BASE) U4d41: 0008f303800f tmp8:= ZEROEXT_DSZ32(0x0000e0f3) U4d42: 002410038238 tmp8:= SHL_DSZ32(tmp8, 0x00000010) U4d44: 0021ff7f8e1f tmp8:= CONCAT_DSZ32(0xffffffffffffffff, tmp8) U4d45: 0c7bac000038 LFNCEMARK-> WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) U4d46: 004220000008 MOVETOCREG_DSZ64(0x00000020, 0x000) U4d48: 1f1e00338000 LFNCEWAIT-> tmp8:= unk_f1e(0x00000000) U4d49: 0c4b20138000 tmp8:= RDSEGFLD(UNK_SEG_04, BASE) U4d4a: 0c7b2c000038 WRSEGFLD(tmp8, FS, BASE) U4d4c: 0c4ba0138000 tmp8:= RDSEGFLD(UNK_SEG_04, SEL+FLGS+LIM) U4d4d: 0c7bac000038 WRSEGFLD(tmp8, FS, SEL+FLGS+LIM) U4d4e: 015148640236 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U1948) U4d50: 04b49183e200 tmm6:= FMOV(0x00000091) 04994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U4d51: 3e6b8903ecb0 LFNCEMARK-> tmp14:= unk_e6b(tmp0, tmp2) U4d52: 000800038e09 tmp8:= ZEROEXT_DSZ32(0x00002000, tmp8) U4d54: 0042f51f8238 tmp8:= MOVETOCREG_DSZ64(tmp8, 0x7f5) U4d55: 00652803f230 tmp15:= SHR_DSZ64(tmp0, 0x00000028) U4d56: 013e1d67ef89 tmp14:= MOVEMERGEFLGS_DSZ32(0x0000391d, tmp14) U4d58: 00880003cf3d tmp12:= ZEROEXT_DSZ16(tmp13, tmp12) U4d59: 002100033f33 tmp3:= CONCAT_DSZ32(tmp3, tmp12) U4d5a: 00428e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x78e) 01baf180 SEQW GOTO U3af1 ------------------------------------------------------------------------------------ U4d5c: 000000037dc0 tmp7:= ADD_DSZ32(0x00000000, tmp7) U4d5d: 013501037237 tmp7:= CMOVCC_DSZ32_CONDNZ(tmp7, 0x00000001) U4d5e: 001517030200 tmp0:= BTS_DSZ32(0x00000000, 0x00000017) U4d60: 013e00030df0 tmp0:= MOVEMERGEFLGS_DSZ32(tmp0, tmp7) U4d61: 011600030c00 tmp0:= unk_116(tmp0) U4d62: 022600030c37 tmp0:= unk_226(tmp7, tmp0) U4d64: 011400000c00 unk_114(tmp0) U4d65: 002100037df0 tmp7:= CONCAT_DSZ32(tmp0, tmp7) U4d66: 004387000237 WRITEURAM(tmp7, 0x0087, 64) U4d68: 2d0bc4030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000c4) U4d69: 0004ff030c08 tmp0:= AND_DSZ32(0x000000ff, tmp0) U4d6a: 004342080230 WRITEURAM(tmp0, 0x0042, 32) U4d6c: 1062300b0240 tmp0:= MOVEFROMCREG_DSZ64(0x230, 32) U4d6d: 004351080230 WRITEURAM(tmp0, 0x0051, 32) U4d6e: 000501030008 tmp0:= SUB_DSZ32(0x00000001) U4d70: 104281080270 MOVETOCREG_DSZ64(tmp0, 0x281, 32) U4d71: 0008280b0010 tmp0:= ZEROEXT_DSZ32(0xfeb00000) U4d72: 00421b140230 MOVETOCREG_DSZ64(tmp0, 0x51b) U4d74: 00081b2b3008 tmp3:= ZEROEXT_DSZ32(0x00000a1b) U4d75: 0042c3180233 MOVETOCREG_DSZ64(tmp3, 0x6c3) U4d76: 2d4bf01b000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x000046f0) U4d78: 004335000230 WRITEURAM(tmp0, 0x0035, 64) U4d79: 2d4bf81b100a tmp1:= PORTIN_DSZ64_ASZ16_SC1(0x000046f8) U4d7a: 004377000231 WRITEURAM(tmp1, 0x0077, 64) U4d7c: 005409032230 tmp2:= BT_DSZ64(tmp0, 0x00000009) U4d7d: 003210033232 tmp3:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000010) U4d7e: 00542a032230 tmp2:= BT_DSZ64(tmp0, 0x0000002a) U4d80: 003220032232 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000020) U4d81: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U4d82: 005425032230 tmp2:= BT_DSZ64(tmp0, 0x00000025) U4d84: 003380032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000080) U4d85: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U4d86: 00543c032230 tmp2:= BT_DSZ64(tmp0, 0x0000003c) U4d88: 003300072232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000100) U4d89: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U4d8a: 005408032230 tmp2:= BT_DSZ64(tmp0, 0x00000008) U4d8c: 0032000b2232 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000200) U4d8d: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U4d8e: 00542b032231 tmp2:= BT_DSZ64(tmp1, 0x0000002b) U4d90: 003340032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000040) U4d91: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U4d92: 006202132200 tmp2:= MOVEFROMCREG_DSZ64(0x402) U4d94: 090202100cf2 MOVETOCREG_OR_DSZ64(tmp2, tmp3, 0x402) U4d95: 00650a033231 tmp3:= SHR_DSZ64(tmp1, 0x0000000a) U4d96: 0044b6033cd0 tmp3:= AND_DSZ64(0x000c0000, tmp3) U4d98: 00640f032231 tmp2:= SHL_DSZ64(tmp1, 0x0000000f) U4d99: 0044d8072c90 tmp2:= AND_DSZ64(0x60000000, tmp2) U4d9a: 004100032cf2 tmp2:= OR_DSZ64(tmp2, tmp3) U4d9c: 006204074200 tmp4:= MOVEFROMCREG_DSZ64(0x104) U4d9d: 00552f034234 tmp4:= BTS_DSZ64(tmp4, 0x0000002f) U4d9e: 090204040d32 MOVETOCREG_OR_DSZ64(tmp2, tmp4, 0x104) U4da0: 002512033233 tmp3:= SHR_DSZ32(tmp3, 0x00000012) U4da1: 000503032cc8 tmp2:= SUB_DSZ32(0x00000003, tmp3) U4da2: 013e07032c88 tmp2:= MOVEMERGEFLGS_DSZ32(0x00000007, tmp2) U4da4: 002402033233 tmp3:= SHL_DSZ32(tmp3, 0x00000002) U4da5: 013400033cf2 tmp3:= CMOVCC_DSZ32_CONDZ(tmp2, tmp3) U4da6: 0024ff7f2cdf tmp2:= SHL_DSZ32(0xffffffffffffffff, tmp3) U4da8: 0021ff3f2232 tmp2:= CONCAT_DSZ32(tmp2, 0x00000fff) U4da9: 004310000232 WRITEURAM(tmp2, 0x0010, 64) U4daa: 00049a030c10 tmp0:= AND_DSZ32(0x00040000, tmp0) U4dac: 09a207c002b0 MOVETOCREG_SHR_DSZ64(tmp0, 0x0000000b, 0x007) U4dad: 005413032231 tmp2:= BT_DSZ64(tmp1, 0x00000013) U4dae: 007303032232 tmp2:= SELECTCC_DSZ64_CONDNB(tmp2, 0x00000003) U4db0: 006506030231 tmp0:= SHR_DSZ64(tmp1, 0x00000006) U4db1: 004400430c08 tmp0:= AND_DSZ64(0x00001000, tmp0) U4db2: 004100030c32 tmp0:= OR_DSZ64(tmp2, tmp0) U4db4: 0062011f2200 tmp2:= MOVEFROMCREG_DSZ64(0x701) U4db5: 004100032cb0 tmp2:= OR_DSZ64(tmp0, tmp2) U4db6: 0962015c03b2 MOVETOCREG_BTS_DSZ64(tmp2, 0x00000019, 0x701) U4db8: 006202030200 tmp0:= MOVEFROMCREG_DSZ64(0x002) U4db9: 0902020002b0 MOVETOCREG_OR_DSZ64(tmp0, 0x00000008, 0x002) U4dba: 0088c137e00a tmp14:= ZEROEXT_DSZ16(0x00004dc1) U4dbc: 0044000b2e08 tmp2:= AND_DSZ64(0x00000200, tmp8) U4dbd: 0151ad5002b2 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U54ad) U4dbe: 000800020000 rax:= ZEROEXT_DSZ32(0x00000000) U4dc0: 10628e0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x38e, 32) U4dc1: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01cdc440 ? SEQW GOTO U4dc4 U4dc2: 19628e4c0231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x38e) U4dc4: 00080603b008 tmp11:= ZEROEXT_DSZ32(0x00000006) U4dc5: 20437308023b WRITEURAM(tmp11, 0x0073, 32) U4dc6: 086ac8f503f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000001f, U4dc8) 018c8c80 SEQW GOTO U0c8c ------------------------------------------------------------------------------------ U4dc8: 000806030008 tmp0:= ZEROEXT_DSZ32(0x00000006) U4dc9: 09627fd402b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000b, 0x57f) 018c8e40 SEQW GOTO U0c8e ------------------------------------------------------------------------------------ U4dca: 000884039010 tmp9:= ZEROEXT_DSZ32(0x00030600) U4dcc: 0042a1180239 MOVETOCREG_DSZ64(tmp9, 0x6a1) U4dcd: 2042a0180200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) U4dce: 000ebf000200 WRMSLOOPCTRFBR(0x000000bf) U4dd0: 01420d000000 LFNCEWAIT-> UFLOWCTRL(LDAT_IN) U4dd1: 01420d000000 UFLOWCTRL(LDAT_IN) U4dd2: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 024dd080 ? SEQW GOTO U4dd0 U4dd4: 000882039010 tmp9:= ZEROEXT_DSZ32(0x00030300) U4dd5: 2042a1180239 MOVETOCREG_DSZ64(tmp9, 0x6a1) U4dd6: 2042a0180200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x6a0) U4dd8: 000e0f000200 WRMSLOOPCTRFBR(0x0000000f) U4dd9: 01420d000000 LFNCEWAIT-> UFLOWCTRL(LDAT_IN) U4dda: 01420d000000 UFLOWCTRL(LDAT_IN) U4ddc: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01cdd900 ? SEQW GOTO U4dd9 U4ddd: 2042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) U4dde: 000800000000 NOP U4de0: 100a00000280 TESTUSTATE(SYS, 0x4000) 019ea600 ? SEQW GOTO patch_runs_load_loop U4de1: 0008c06b000b tmp0:= ZEROEXT_DSZ32(0x00007ac0) U4de2: 000820531009 tmp1:= ZEROEXT_DSZ32(0x00003420) U4de4: 0e7d00000c70 STADSTGBUF_DSZ64_ASZ16_SC1(tmp0, tmp1, 0x00000000) U4de5: 000520031c48 tmp1:= SUB_DSZ32(0x00000020, tmp1) U4de6: 0250a6780231 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp1, patch_runs_load_loop) 01cde480 SEQW GOTO U4de4 ------------------------------------------------------------------------------------ U4de8: 000804032008 tmp2:= ZEROEXT_DSZ32(0x00000004) U4de9: 10429e080272 MOVETOCREG_DSZ64(tmp2, 0x29e, 32) U4dea: 006348034200 tmp4:= READURAM(0x0048, 64) U4dec: 3929ae340034 LFNCEMARK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U3dae) U4ded: 200a20000200 TESTUSTATE(VMX, 0x0020) 044df240 ? SEQW GOTO U4df2 U4dee: 006385032200 tmp2:= READURAM(0x0085, 64) U4df0: 006386034200 tmp4:= READURAM(0x0086, 64) U4df1: 0e2da0032234 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x000000a0, tmp2) U4df2: 204385000200 WRITEURAM(0x00000000, 0x0085, 64) U4df4: 204386000200 WRITEURAM(0x00000000, 0x0086, 64) U4df5: 006357034200 tmp4:= READURAM(0x0057, 64) U4df6: 0e2578032d0b tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000378) U4df8: 0e257c034d0b tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x0000037c) U4df9: 002100032cb4 tmp2:= CONCAT_DSZ32(tmp4, tmp2) U4dfa: 00432f000232 LFNCEWAIT-> WRITEURAM(tmp2, 0x002f, 64) U4dfc: 000901032008 tmp2:= MOVE_DSZ32(0x00000001) U4dfd: 0e2dd8032f09 LFNCEMARK-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d8, tmp2) U4dfe: 000d0f800000 SAVEUIP_REGOVR(0x01, U4e00, 0x000f) 0482d280 SEQW GOTO U02d2 U4e00: 004c08b80280 SAVEUIP(0x01, U4e08) U4e01: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 0184a440 ? SEQW GOTO U04a4 U4e02: 000800000000 NOP U4e04: 072f2f27f03c ROVR<- tmm7:= unk_72f(tmm4) 01acd918 SEQW SAVEUIP0 U4e05 SEQW GOTO U2cd9 U4e05: 01310703023f tmp0:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000007) U4e06: 000101030c08 tmp0:= OR_DSZ32(0x00000001, tmp0) U4e08: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01ce1400 ? SEQW GOTO U4e14 U4e09: 20435500023c WRITEURAM(tmp12, 0x0055, 64) U4e0a: 0e25dc03ff09 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001dc) U4e0c: 00437108023f LFNCEWAIT-> WRITEURAM(tmp15, 0x0071, 32) 025cda10 SEQW SAVEUIP0 U4e0d SEQW GOTO U5cda U4e0d: 00631f03f200 tmp15:= READURAM(0x001f, 64) U4e0e: 02300003fffc tmp15:= SELECTCC_DSZ32_CONDS(tmp12, tmp15) U4e10: 00431f08023f LFNCEMARK-> WRITEURAM(tmp15, 0x001f, 32) 0404a414 SEQW SAVEUIP1 U4e11 SEQW GOTO U04a4 U4e11: 000800000000 NOP U4e12: 000800000000 NOP U4e14: 00634303e200 SYNCWAIT-> tmp14:= READURAM(0x0043, 64) U4e15: 017e0003ff3a tmp15:= MOVEMERGEFLGS_DSZ64(tmp10, tmp12) U4e16: 0047001bae88 tmp10:= NOTAND_DSZ64(0x00000600, tmp10) U4e18: 00240703d238 tmp13:= SHL_DSZ32(tmp8, 0x00000007) U4e19: 01750003df7f tmp13:= CMOVCC_DSZ64_CONDNZ(tmp15, tmp13) U4e1a: 0044000bdf48 tmp13:= AND_DSZ64(0x00000200, tmp13) U4e1c: 00410003aebd tmp10:= OR_DSZ64(tmp13, tmp10) U4e1d: 00563203a23a tmp10:= BTR_DSZ64(tmp10, 0x00000032) U4e1e: 00543c03e23e tmp14:= BT_DSZ64(tmp14, 0x0000003c) U4e20: 00332803423e tmp4:= SELECTCC_DSZ32_CONDNB(tmp14, 0x00000028) U4e21: 000007034d08 tmp4:= ADD_DSZ32(0x00000007, tmp4) U4e22: 00040803de08 tmp13:= AND_DSZ32(0x00000008, tmp8) U4e24: 00640003dd3d tmp13:= SHL_DSZ64(tmp13, tmp4) U4e25: 1902c40baf7a LFNCEWAIT-> tmp10:= MOVETOCREG_OR_DSZ64(tmp10, tmp13, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U4e26: 09a20800063a MOVETOCREG_SHR_DSZ64(tmp10, 0x00000020, 0x008) U4e28: 00437000023a WRITEURAM(tmp10, 0x0070, 64) U4e29: 00637803f200 tmp15:= READURAM(0x0078, 64) U4e2a: 00421d00023f MOVETOCREG_DSZ64(tmp15, 0x01d) U4e2c: 0dff00000039 LFNCEWAIT-> unk_dff(tmp9) U4e2d: 00423a180232 MOVETOCREG_DSZ64(tmp2, 0x63a) U4e2e: 00423e180230 MOVETOCREG_DSZ64(tmp0, 0x63e) U4e30: 000d1ebc0000 SAVEUIP_REGOVR(0x01, U4e31, 0x0f1e) 055dcc00 SEQW GOTO U5dcc U4e31: 0c4bc027f000 tmp15:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U4e32: 00428e1c023f LFNCEMARK-> MOVETOCREG_DSZ64(tmp15, 0x78e) U4e34: 004000036cff tmp6:= ADD_DSZ64(tmp15, tmp3) U4e35: 0205ff7ff7c0 tmp15:= unk_205(0xffffffffffffffff) U4e36: 00210003f03f tmp15:= CONCAT_DSZ32(tmp15) U4e38: 00470002493f rsp:= NOTAND_DSZ64(tmp15, rsp) U4e39: 004700036dbf tmp6:= NOTAND_DSZ64(tmp15, tmp6) U4e3a: 004267000236 MOVETOCREG_DSZ64(tmp6, CORE_CR_CUR_RIP) U4e3c: 000d0f800000 SAVEUIP_REGOVR(0x01, U4e3d, 0x000f) 0182da00 SEQW GOTO U02da U4e3d: 000800000000 NOP U4e3e: 000800000000 NOP U4e40: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 034e4900 ? SEQW GOTO U4e49 U4e41: 00541b030231 tmp0:= BT_DSZ64(tmp1, 0x0000001b) U4e42: 00631f03f200 LFNCEWAIT-> tmp15:= READURAM(0x001f, 64) U4e44: 003308030230 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000008) U4e45: 006420030230 tmp0:= SHL_DSZ64(tmp0, 0x00000020) U4e46: 00410003fff0 tmp15:= OR_DSZ64(tmp0, tmp15) U4e48: 00431f04023f LFNCEMARK-> WRITEURAM(tmp15, 0x011f, 64) U4e49: 014300340d80 AETTRACE(0x0d, tmp6) U4e4a: 000800000000 NOP U4e4c: 000a04000200 LFNCEWAIT-> TESTUSTATE(UCODE, 0x0004) 024e6500 ? SEQW GOTO U4e65 U4e4d: 00633803e200 tmp14:= READURAM(0x0038, 64) U4e4e: 00250903f23e tmp15:= SHR_DSZ32(tmp14, 0x00000009) U4e50: 00040603ffc8 tmp15:= AND_DSZ32(0x00000006, tmp15) U4e51: 00240303e23e tmp14:= SHL_DSZ32(tmp14, 0x00000003) U4e52: 00043803ef88 tmp14:= AND_DSZ32(0x00000038, tmp14) U4e54: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U4e55: 072f00031038 mm1:= unk_72f(tmm0) U4e56: 00040103dc48 tmp13:= AND_DSZ32(0x00000001, tmp1) U4e58: 00240103d23d tmp13:= SHL_DSZ32(tmp13, 0x00000001) U4e59: 00040403fe08 tmp15:= AND_DSZ32(0x00000004, tmp8) U4e5a: 00250203f23f tmp15:= SHR_DSZ32(tmp15, 0x00000002) U4e5c: 00010003df7f tmp13:= OR_DSZ32(tmp15, tmp13) U4e5d: 01350403d23d tmp13:= CMOVCC_DSZ32_CONDNZ(tmp13, 0x00000004) U4e5e: 000420031c48 tmp1:= AND_DSZ32(0x00000020, tmp1) U4e60: 00240103df48 tmp13:= SHL_DSZ32(0x00000001, tmp13) U4e61: 00010003df71 tmp13:= OR_DSZ32(tmp1, tmp13) U4e62: 00040003efbd tmp14:= AND_DSZ32(tmp13, tmp14) U4e64: 0151f95802be SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U56f9) U4e65: 025448300d80 ROVR<- FETCHFROMEIP0_ASZ64(tmp6) 080de55d SEQW SAVEUIP1 U4e66 SEQW GOTO U0de5 U4e66: 00634a032200 tmp2:= READURAM(0x004a, 64) U4e68: 007d2003e238 tmp14:= MOVEINSERTFLGS_DSZ64(tmp8, 0x00000020) U4e69: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01a6a040 ? SEQW GOTO U26a0 U4e6a: 00085e63d009 tmp13:= ZEROEXT_DSZ32(0x0000385e) U4e6c: 000a10836200 tmp6:= TESTUSTATE(UCODE, !0x0010) 01dec600 ? SEQW GOTO U5ec6 U4e6d: 000800000000 NOP U4e6e: 000800000000 NOP U4e70: 00140e039237 tmp9:= BT_DSZ32(tmp7, 0x0000000e) 01b85d14 SEQW SAVEUIP1 U4e71 SEQW GOTO U385d U4e71: 000800000000 NOP U4e72: 000800000000 NOP U4e74: 025e00300f80 MSSTOP-> unk_25e(tmp14) 01bdfa2c SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U4e75: 0007ff3f2e08 tmp2:= NOTAND_DSZ32(0x00000fff, tmp8) U4e76: 0151111c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, generate_#GP) U4e78: 00320043a238 tmp10:= SELECTCC_DSZ32_CONDB(tmp8, 0x00001000) U4e79: 00010003ae3a tmp10:= OR_DSZ32(tmp10, tmp8) U4e7a: 2d0f7003a008 PORTOUT_DSZ32_ASZ16_SC1(0x00000070, tmp10) U4e7c: 2d0b7403a008 SYNCFULL-> tmp10:= PORTIN_DSZ32_ASZ16_SC1(0x00000074) U4e7d: 013180031238 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp8, 0x00000080) U4e7e: 000140031c48 tmp1:= OR_DSZ32(0x00000040, tmp1) 080ae680 SEQW GOTO U0ae6 ------------------------------------------------------------------------------------ U4e80: 000000000000 LFNCEWAIT-> NOP do_vmexit: U4e81: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) do_vmexit_ovr_enter_rip: U4e82: 00080003a000 tmp10:= ZEROEXT_DSZ32(0x00000000) U4e84: 0008863b500a tmp5:= ZEROEXT_DSZ32(0x00004e86) U4e85: 100a20838240 tmp8:= TESTUSTATE(SYS, !UST_SMM | 0x2000) 0704c440 ? SEQW GOTO U04c4 U4e86: 000900000000 LFNCEWTMRK-> MOVE_DSZ32(0x00000000) U4e88: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U4e89: 006357039200 tmp9:= READURAM(0x0057, 64) U4e8a: 0e25bc038e49 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001bc) U4e8c: 004800039e39 tmp9:= ZEROEXT_DSZ64(tmp9, tmp8) U4e8d: 00040403ee08 tmp14:= AND_DSZ32(0x00000004, tmp8) U4e8e: 0e255003fe48 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000050) U4e90: 00000003ffc0 tmp15:= ADD_DSZ32(0x00000000, tmp15) U4e91: 01304003f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000040) U4e92: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U4e94: 00251103f238 tmp15:= SHR_DSZ32(tmp8, 0x00000011) U4e95: 00042a03ffc8 tmp15:= AND_DSZ32(0x0000002a, tmp15) U4e96: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U4e98: 00250b03f230 tmp15:= SHR_DSZ32(tmp0, 0x0000000b) U4e99: 00078003f23f tmp15:= NOTAND_DSZ32(tmp15, 0x00000080) U4e9a: 00010003efbf LFNCEWAIT-> tmp14:= OR_DSZ32(tmp15, tmp14) U4e9c: 01420f000f80 SYNCMARK-> UFLOWCTRL(USTATE, tmp14) U4e9d: 0e25f8035e48 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000f8) U4e9e: 0007000b5d48 tmp5:= NOTAND_DSZ32(0x00000200, tmp5) U4ea0: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01cea200 ? SEQW GOTO U4ea2 U4ea1: 0001000b5d48 tmp5:= OR_DSZ32(0x00000200, tmp5) U4ea2: 0e2df8035e48 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000f8, tmp5) U4ea4: 000e0503c208 tmp12:= WRMSLOOPCTRFBR(0x00000005) U4ea5: 00400807be48 tmp11:= ADD_DSZ64(0x00000108, tmp9) U4ea6: 006240175200 tmp5:= MOVEFROMCREG_DSZ64(0x540) U4ea8: 0e6d28035e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000328, tmp5) U4ea9: 006241175200 tmp5:= MOVEFROMCREG_DSZ64(0x541) U4eaa: 0e6d30035e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000330, tmp5) U4eac: 006242175200 tmp5:= MOVEFROMCREG_DSZ64(0x542) U4ead: 0e6d38035e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000338, tmp5) U4eae: 006243175200 tmp5:= MOVEFROMCREG_DSZ64(0x543) U4eb0: 0e6d40035e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000340, tmp5) U4eb1: 0c4ba06f5000 tmp5:= RDSEGFLD(UNK_SEG_1b, SEL+FLGS+LIM) U4eb2: 0f6d50035f3b unk_f6d(tmp11, tmp12, tmp5) U4eb4: 0c4b206f5000 tmp5:= RDSEGFLD(UNK_SEG_1b, BASE) U4eb5: 0f6d00035f3b unk_f6d(tmp11, tmp12, tmp5) U4eb6: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01ceb180 SEQW GOTO U4eb1 ------------------------------------------------------------------------------------ U4eb8: 0062f61f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U4eb9: 0e6d90035e48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000090, tmp5) U4eba: 0062c51f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U4ebc: 0e6db0035e48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000b0, tmp5) U4ebd: 006229175200 tmp5:= MOVEFROMCREG_DSZ64(0x529) U4ebe: 0e6da8035e48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000a8, tmp5) U4ec0: 0c4b201b5000 tmp5:= RDSEGFLD(GDT, BASE) U4ec1: 0e6d48035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000148, tmp5) U4ec2: 0c4b601b5000 tmp5:= RDSEGFLD(GDT, LIMIT) U4ec4: 0e2d98035e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000198, tmp5) U4ec5: 0c4b203b5000 tmp5:= RDSEGFLD(IDT, BASE) U4ec6: 0e6d50035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000150, tmp5) U4ec8: 0c4b603b5000 tmp5:= RDSEGFLD(IDT, LIMIT) U4ec9: 0e2da0035e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001a0, tmp5) U4eca: 0c4ba01f5000 tmp5:= RDSEGFLD(LDT, SEL+FLGS+LIM) U4ecc: 0e6d88035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000188, tmp5) U4ecd: 0c4b201f5000 tmp5:= RDSEGFLD(LDT, BASE) U4ece: 0e6d38035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000138, tmp5) U4ed0: 0c4ba03f5000 tmp5:= RDSEGFLD(TSS, SEL+FLGS+LIM) U4ed1: 0e6d90035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000190, tmp5) U4ed2: 0c4b203f5000 tmp5:= RDSEGFLD(TSS, BASE) U4ed4: 0e6d40035e49 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000140, tmp5) U4ed5: 006375035200 tmp5:= READURAM(0x0075, 64) U4ed6: 0e6dd8035e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002d8, tmp5) U4ed8: 006376035200 tmp5:= READURAM(0x0076, 64) U4ed9: 0e6de0035e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002e0, tmp5) U4eda: 006374035200 tmp5:= READURAM(0x0074, 64) U4edc: 0e2d9c035e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x0000019c, tmp5) U4edd: 000000000000 ROVR<- NOP 01f2605d SEQW SAVEUIP1 U4ede SEQW GOTO U7260 U4ede: 0008f507f008 tmp15:= ZEROEXT_DSZ32(0x000001f5) U4ee0: 00420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U4ee1: 014300300c80 AETTRACE(0x0c, tmp2) U4ee2: 006343032200 tmp2:= READURAM(0x0043, 64) 01ea3a96 SEQW SAVEUIP1 U4ee4 SEQW GOTO U6a3a U4ee4: 0e2dcc031e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001cc, tmp1) U4ee5: 0004390b1c10 tmp1:= AND_DSZ32(0xfff101ff, tmp0) U4ee6: 0007eb031c50 tmp1:= NOTAND_DSZ32(0x00300000, tmp1) U4ee8: 0e2d3c031e4a STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x0000023c, tmp1) U4ee9: 004305080231 WRITEURAM(tmp1, 0x0005, 32) U4eea: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01ceee80 ? SEQW GOTO U4eee U4eec: 006277172200 tmp2:= MOVEFROMCREG_DSZ64(0x577) U4eed: 0e6d10032e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000310, tmp2) U4eee: 000a20000200 TESTUSTATE(UCODE, 0x0020) 01cef280 ? SEQW GOTO U4ef2 U4ef0: 0062ff1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7ff) U4ef1: 0e6d18032e4b STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000318, tmp2) U4ef2: 0062011f2200 tmp2:= MOVEFROMCREG_DSZ64(0x701) U4ef4: 0c4b20431000 tmp1:= RDSEGFLD(UNK_SEG_10, BASE) U4ef5: 00251e032232 tmp2:= SHR_DSZ32(tmp2, 0x0000001e) U4ef6: 004100031c72 tmp1:= OR_DSZ64(tmp2, tmp1) U4ef8: 0e6d88031e48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000088, tmp1) U4ef9: 000a80000200 TESTUSTATE(UCODE, 0x0080) 01cf0240 ? SEQW GOTO U4f02 U4efa: 1062f70b2240 tmp2:= MOVEFROMCREG_DSZ64(0x2f7, 32) U4efc: 006387031200 tmp1:= READURAM(0x0087, 64) U4efd: 000800031031 tmp1:= ZEROEXT_DSZ32(tmp1) U4efe: 026400032cb1 tmp2:= IMUL64L_DSZ64(tmp1, tmp2) U4f00: 006507032232 tmp2:= SHR_DSZ64(tmp2, 0x00000007) U4f01: 0e2d60032e4b STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000360, tmp2) U4f02: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01cf1080 ? SEQW GOTO U4f10 U4f04: 006311032200 tmp2:= READURAM(0x0011, 64) U4f05: 0e65e0072c8c tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000004e0, mode=0x01) U4f06: 0e2554031e48 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000054) U4f08: 01300103f231 tmp15:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000001) U4f09: 100a00000280 TESTUSTATE(SYS, 0x4000) 01cf0c40 ? SEQW GOTO U4f0c U4f0a: 00010203ffc8 tmp15:= OR_DSZ32(0x00000002, tmp15) U4f0c: 00210003fe3f tmp15:= CONCAT_DSZ32(tmp15, tmp8) U4f0d: 004400031ff2 tmp1:= AND_DSZ64(tmp2, tmp15) U4f0e: 0151f11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44f1) U4f10: 100a00000380 LFNCEMARK-> TESTUSTATE(SYS, 0xc000) 044fe800 ? SEQW GOTO U4fe8 U4f11: 0e2550034e48 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000050) U4f12: 0e6528035e48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000028) U4f14: 204253000010 MOVETOCREG_DSZ64(0x00000013, 0x000) U4f15: 0008967ba00a tmp10:= ZEROEXT_DSZ32(0x00005e96) U4f16: 0008e43fe00a tmp14:= ZEROEXT_DSZ32(0x00004fe4) U4f18: 000c1d100280 LFNCEWAIT-> SAVEUIP(0x00, U441d) 02593500 SEQW GOTO U5935 ------------------------------------------------------------------------------------ U4f19: 00c800032032 tmp2:= ZEROEXT_DSZ8(tmp2) U4f1a: 00e100031c88 tmp1:= CONCAT_DSZ8(0x00000000, tmp2) U4f1c: 000d35a40380 SAVEUIP_REGOVR(0x01, U4f1d, 0xc935) 01b88100 SEQW GOTO U3881 U4f1d: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U4f1e: 006267033200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U4f20: 004261000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U4f21: 004265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U4f22: 00c80003c000 tmp12:= ZEROEXT_DSZ8(0x00000000) 01817a80 SEQW GOTO U017a ------------------------------------------------------------------------------------ U4f24: 0042c0180200 MOVETOCREG_DSZ64(0x00000000, 0x6c0) U4f25: 006274030200 tmp0:= MOVEFROMCREG_DSZ64(0x074) U4f26: 00471e030c08 tmp0:= NOTAND_DSZ64(0x0000001e, tmp0) U4f28: 290274000330 MOVETOCREG_OR_DSZ64(tmp0, 0x00000010, 0x074) U4f29: 00085557000a tmp0:= ZEROEXT_DSZ32(0x00005555) U4f2a: 00426a000230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x06a) U4f2c: 00420e000200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x00e) U4f2d: 00420f000200 MOVETOCREG_DSZ64(0x00000000, 0x00f) U4f2e: 00420a000200 MOVETOCREG_DSZ64(0x00000000, 0x00a) U4f30: 00420d000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x00d) U4f31: 00087b030010 tmp0:= ZEROEXT_DSZ32(0x00030000) U4f32: 004334080230 WRITEURAM(tmp0, 0x0034, 32) U4f34: 004371080230 WRITEURAM(tmp0, 0x0071, 32) U4f35: 0042f11c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f1) U4f36: 00019b030010 tmp0:= OR_DSZ32(0x00040001) U4f38: 004341000230 WRITEURAM(tmp0, 0x0041, 64) U4f39: 000840030008 tmp0:= ZEROEXT_DSZ32(0x00000040) U4f3a: 004306080230 WRITEURAM(tmp0, 0x0006, 32) U4f3c: 00087a030010 tmp0:= ZEROEXT_DSZ32(0x00020200) U4f3d: 004384080230 WRITEURAM(tmp0, 0x0084, 32) U4f3e: 005538031200 tmp1:= BTS_DSZ64(0x00000000, 0x00000038) U4f40: 00435b000231 WRITEURAM(tmp1, 0x005b, 64) U4f41: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01cf4a40 ? SEQW GOTO U4f4a U4f42: 000820030008 tmp0:= ZEROEXT_DSZ32(0x00000020) U4f44: 000e3f000200 WRMSLOOPCTRFBR(0x0000003f) U4f45: 004200000c00 MOVETOCREG_DSZ64(tmp0, 0x00000000) U4f46: 000001030c08 tmp0:= ADD_DSZ32(0x00000001, tmp0) U4f48: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01cf4500 ? SEQW GOTO U4f45 U4f49: 004209000200 MOVETOCREG_DSZ64(0x00000000, 0x009) U4f4a: 000810230008 tmp0:= ZEROEXT_DSZ32(0x00000810) U4f4c: 1042c40b0270 tmp0:= MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U4f4d: 004370000230 WRITEURAM(tmp0, 0x0070, 64) U4f4e: 1042da080240 MOVETOCREG_DSZ64(0x00000000, 0x2da, 32) U4f50: 00421a000200 MOVETOCREG_DSZ64(0x00000000, 0x01a) U4f51: 004265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U4f52: 004206000200 MOVETOCREG_DSZ64(0x00000000, 0x006) U4f54: 213f00000000 unk_13f(0x00000000) U4f55: 0042fe1c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U4f56: 0042ff1c0200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x7ff) U4f58: 0042f51c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f5) U4f59: 000893030008 LFNCEWAIT-> tmp0:= ZEROEXT_DSZ32(0x00000093) U4f5a: 002410030230 tmp0:= SHL_DSZ32(tmp0, 0x00000010) U4f5c: 002146030c10 tmp0:= CONCAT_DSZ32(0x0000ffff, tmp0) U4f5d: 0c6b2a000000 WRSEGFLD(0x00000000, SS_USERM, BASE) U4f5e: 0c6baa000030 WRSEGFLD(tmp0, SS_USERM, SEL+FLGS+LIM) U4f60: 1062850b1240 tmp1:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U4f61: 001407031231 tmp1:= BT_DSZ32(tmp1, 0x00000007) U4f62: 017eba071c50 tmp1:= MOVEMERGEFLGS_DSZ64(0x3fff0000, tmp1) U4f64: 0036410b1431 tmp1:= CMOVCC_DSZ32_CONDB(tmp1, 0xffff0000) U4f65: 0c6ba9000030 LFNCEMARK-> WRSEGFLD(tmp0, UNK_SEG_09, SEL+FLGS+LIM) U4f66: 0c6b2d000000 WRSEGFLD(0x00000000, GS, BASE) U4f68: 0c6bad000030 WRSEGFLD(tmp0, GS, SEL+FLGS+LIM) U4f69: 000833032010 tmp2:= ZEROEXT_DSZ32(0x0000f000) U4f6a: 0c6b89000032 LFNCEWTMRK-> WRSEGFLD(tmp2, UNK_SEG_09, SEL) U4f6c: 0c6b2c000000 WRSEGFLD(0x00000000, FS, BASE) U4f6d: 0c6bac000030 WRSEGFLD(tmp0, FS, SEL+FLGS+LIM) U4f6e: 0c6b28000000 WRSEGFLD(0x00000000, ES, BASE) U4f70: 0c6ba8000030 WRSEGFLD(tmp0, ES, SEL+FLGS+LIM) U4f71: 0c6b2b000000 WRSEGFLD(0x00000000, DS, BASE) U4f72: 0c6bab000030 WRSEGFLD(tmp0, DS, SEL+FLGS+LIM) U4f74: 0c6b29000031 LFNCEWTMRK-> WRSEGFLD(tmp1, UNK_SEG_09, BASE) U4f75: 0c6b23000000 WRSEGFLD(0x00000000, SS, BASE) U4f76: 0c6ba3000030 WRSEGFLD(tmp0, SS, SEL+FLGS+LIM) U4f78: 0c6b22000031 LFNCEWAIT-> WRSEGFLD(tmp1, CS, BASE) U4f79: 0c4ba0272000 tmp2:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U4f7a: 0c6ba2000032 WRSEGFLD(tmp2, CS, SEL+FLGS+LIM) U4f7c: 0c6b25000000 WRSEGFLD(0x00000000, DS_16bit, BASE) U4f7d: 0c6ba5000030 WRSEGFLD(tmp0, DS_16bit, SEL+FLGS+LIM) U4f7e: 000882030008 tmp0:= ZEROEXT_DSZ32(0x00000082) U4f80: 002410030230 tmp0:= SHL_DSZ32(tmp0, 0x00000010) U4f81: 002146030c10 tmp0:= CONCAT_DSZ32(0x0000ffff, tmp0) U4f82: 0c6b24000000 WRSEGFLD(0x00000000, UNK_SEG_04, BASE) U4f84: 0c6b2f000000 WRSEGFLD(0x00000000, TSS, BASE) U4f85: 0c6b26000000 WRSEGFLD(0x00000000, GDT, BASE) U4f86: 0c6b2e000000 WRSEGFLD(0x00000000, IDT, BASE) U4f88: 0c6b27000000 WRSEGFLD(0x00000000, LDT, BASE) U4f89: 0c6ba4000030 WRSEGFLD(tmp0, UNK_SEG_04, SEL+FLGS+LIM) U4f8a: 0c6ba6000030 WRSEGFLD(tmp0, GDT, SEL+FLGS+LIM) U4f8c: 0c6bae000030 WRSEGFLD(tmp0, IDT, SEL+FLGS+LIM) U4f8d: 0c6ba7000030 WRSEGFLD(tmp0, LDT, SEL+FLGS+LIM) U4f8e: 00a109032008 tmp2:= CONCAT_DSZ16(0x00000009) U4f90: 004100032c32 tmp2:= OR_DSZ64(tmp2, tmp0) U4f91: 0c6baf000032 WRSEGFLD(tmp2, TSS, SEL+FLGS+LIM) U4f92: 00429e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x79e) U4f94: 00423c1c0200 MOVETOCREG_DSZ64(0x00000000, 0x73c) U4f95: 004302000200 WRITEURAM(0x00000000, 0x0002, 64) U4f96: 0c4ba0030000 tmp0:= RDSEGFLD(DS_32bit, SEL+FLGS+LIM) U4f98: 0c6bb0000030 WRSEGFLD(tmp0) U4f99: 0c6bb1000030 WRSEGFLD(tmp0) U4f9a: 0c6b30000000 WRSEGFLD(0x00000000) U4f9c: 0c6b31000000 WRSEGFLD(0x00000000) U4f9d: 008501030008 tmp0:= SUB_DSZ16(0x00000001) U4f9e: 00428e1c0231 MOVETOCREG_DSZ64(tmp1, 0x78e) U4fa0: 004210100230 MOVETOCREG_DSZ64(tmp0, 0x410) U4fa1: 000001030c08 tmp0:= ADD_DSZ32(0x00000001, tmp0) U4fa2: 0042001c0230 MOVETOCREG_DSZ64(tmp0, 0x700) U4fa4: 006323030200 tmp0:= READURAM(0x0023, 64) U4fa5: 000700730c08 tmp0:= NOTAND_DSZ32(0x00001c00, tmp0) U4fa6: 004323080230 WRITEURAM(tmp0, 0x0023, 32) U4fa8: 0962a8df07c0 tmp0:= MOVETOCREG_BTS_DSZ64(0x0000003f, 0x7a8) U4fa9: 00437b000200 WRITEURAM(0x00000000, 0x007b, 64) U4faa: 0042aa1c0230 MOVETOCREG_DSZ64(tmp0, 0x7aa) U4fac: 00437c000200 WRITEURAM(0x00000000, 0x007c, 64) U4fad: 0042ac1c0230 MOVETOCREG_DSZ64(tmp0, 0x7ac) U4fae: 00437d000200 WRITEURAM(0x00000000, 0x007d, 64) U4fb0: 0042ae1c0230 MOVETOCREG_DSZ64(tmp0, 0x7ae) U4fb1: 00437e000200 WRITEURAM(0x00000000, 0x007e, 64) U4fb2: 004229140200 MOVETOCREG_DSZ64(0x00000000, 0x529) U4fb4: 00431e000200 WRITEURAM(0x00000000, 0x001e, 64) U4fb5: 0042c51c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_CR4) U4fb6: 0008420b0010 tmp0:= ZEROEXT_DSZ32(0xffff0ff0) U4fb8: 00433d000230 WRITEURAM(tmp0, 0x003d, 64) U4fb9: 0962f89c0280 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x0000000a, 0x7f8) U4fba: 000800023000 rbx:= ZEROEXT_DSZ32(0x00000000) U4fbc: 000800021000 rcx:= ZEROEXT_DSZ32(0x00000000) U4fbd: 000800027000 rdi:= ZEROEXT_DSZ32(0x00000000) U4fbe: 000800026000 rsi:= ZEROEXT_DSZ32(0x00000000) U4fc0: 000800024000 rsp:= ZEROEXT_DSZ32(0x00000000) U4fc1: 000800025000 rbp:= ZEROEXT_DSZ32(0x00000000) U4fc2: 000800028000 r8:= ZEROEXT_DSZ32(0x00000000) U4fc4: 000800029000 r9:= ZEROEXT_DSZ32(0x00000000) U4fc5: 00080002a000 r10:= ZEROEXT_DSZ32(0x00000000) U4fc6: 00080002b000 r11:= ZEROEXT_DSZ32(0x00000000) U4fc8: 00080002c000 r12:= ZEROEXT_DSZ32(0x00000000) U4fc9: 00080002d000 r13:= ZEROEXT_DSZ32(0x00000000) U4fca: 00080002e000 r14:= ZEROEXT_DSZ32(0x00000000) U4fcc: 000800000000 NOP U4fcd: 000800000000 NOP U4fce: 00081002f000 ROVR<- r15:= ZEROEXT_DSZ32(0x00000000) 018ba99e SEQW SAVEUIP1 U4fd0 SEQW GOTO U0ba9 U4fd0: 000800022030 rdx:= ZEROEXT_DSZ32(tmp0) U4fd1: 1042c1080260 MOVETOCREG_DSZ64(rax, 0x2c1, 32) U4fd2: 1062cd0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cd, 32) U4fd4: 1962cdc80330 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000013, 0x2cd) U4fd5: 015d00000f80 SYNCFULL-> UJMP(tmp14) ------------------------------------------------------------------------------------ U4fd6: 00a105030008 ROVR<- tmp0:= CONCAT_DSZ16(0x00000005) 08a6009a SEQW SAVEUIP0 U4fd8 SEQW GOTO U2600 U4fd8: 000000000000 NOP 01ba4100 SEQW GOTO enter_probe_mode ------------------------------------------------------------------------------------ U4fd9: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U4fda: 00428c100230 MOVETOCREG_DSZ64(tmp0, 0x48c) U4fdc: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) U4fdd: 07c200008235 mm0:= unk_7c2(mm5, 0x00000000) U4fde: 069d00008200 mm0:= unk_69d(0x00000000) U4fe0: 07ea00036008 mm6:= unk_7ea(0x00000000) U4fe1: 000000036d8b tmp6:= ADD_DSZ32(0x00006000, tmp6) U4fe2: 07c200008236 mm0:= unk_7c2(mm6, 0x00000000) 01a1fe80 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U4fe4: 006357039200 tmp9:= READURAM(0x0057, 64) U4fe5: 296200000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U4fe6: 0e25bc038e49 LFNCEMARK-> tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001bc) U4fe8: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U4fe9: 000a00080200 TESTUSTATE(UCODE, 0x0200) 01cff540 ? SEQW GOTO U4ff5 U4fea: 0e6558031e4b tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000358) U4fec: 00080f03f008 tmp15:= ZEROEXT_DSZ32(0x0000000f) U4fed: 00210703ffc8 tmp15:= CONCAT_DSZ32(0x00000007, tmp15) U4fee: 004400031c7f tmp1:= AND_DSZ64(tmp15, tmp1) U4ff0: 00040043fe08 tmp15:= AND_DSZ32(0x00001000, tmp8) U4ff1: 01300f03f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x0000000f) U4ff2: 0000000bffc9 tmp15:= ADD_DSZ32(0x00002200, tmp15) U4ff4: 104200000ff1 MOVETOCREG_DSZ64(tmp1, tmp15) U4ff5: 002513031238 tmp1:= SHR_DSZ32(tmp8, 0x00000013) U4ff6: 000411031c48 tmp1:= AND_DSZ32(0x00000011, tmp1) U4ff8: 0e255403fe48 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000054) U4ff9: 00000003ffc0 tmp15:= ADD_DSZ32(0x00000000, tmp15) U4ffa: 01304003f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000040) U4ffc: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U4ffd: 0e25c0034e48 LFNCEMARK-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000c0) U4ffe: 00042003fd08 tmp15:= AND_DSZ32(0x00000020, tmp4) U5000: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U5001: 00250603f238 tmp15:= SHR_DSZ32(tmp8, 0x00000006) U5002: 00070803f23f tmp15:= NOTAND_DSZ32(tmp15, 0x00000008) U5004: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U5005: 0004000bde08 tmp13:= AND_DSZ32(0x00000200, tmp8) U5006: 00250b03f230 tmp15:= SHR_DSZ32(tmp0, 0x0000000b) U5008: 00078003f23f tmp15:= NOTAND_DSZ32(tmp15, 0x00000080) U5009: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U500a: 00543a03f232 tmp15:= BT_DSZ64(tmp2, 0x0000003a) U500c: 00330403f23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000004) U500d: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U500e: 00040003fc8a tmp15:= AND_DSZ32(0x00004000, tmp2) U5010: 01300203f23f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x00000002) U5011: 0001323f1c7f ROVR<- tmp1:= OR_DSZ32(tmp15, tmp1) 0d5b345d SEQW SAVEUIP1 U5012 SEQW GOTO U5b34 U5012: 01420f000c40 SYNCMARK-> UFLOWCTRL(USTATE, tmp1) U5014: 0062ff1f7200 tmp7:= MOVEFROMCREG_DSZ64(0x7ff) U5015: 016300031008 tmp1:= unk_163(0x00000000) U5016: 09a29d1c02b1 MOVETOCREG_SHR_DSZ64(tmp1, 0x00000008, 0x79d) U5018: 004379000200 WRITEURAM(0x00000000, 0x0079, 64) U5019: 0042fe1c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U501a: 0004e103fe10 tmp15:= AND_DSZ32(0x00200000, tmp8) U501c: 013e00037ff7 tmp7:= MOVEMERGEFLGS_DSZ32(tmp7, tmp15) U501d: 000cae1c0240 SAVEUIP(0x00, U27ae) U501e: 213f21200000 ROVR<- unk_13f(0x00000000) 01acd99e SEQW SAVEUIP1 U5020 SEQW GOTO U2cd9 U5020: 00140e03f230 tmp15:= BT_DSZ32(tmp0, 0x0000000e) U5021: 013e00038ff8 tmp8:= MOVEMERGEFLGS_DSZ32(tmp8, tmp15) U5022: 007702038238 tmp8:= CMOVCC_DSZ64_CONDNB(tmp8, 0x00000002) U5024: 013e00032ff2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp15) U5025: 007708032232 tmp2:= CMOVCC_DSZ64_CONDNB(tmp2, 0x00000008) U5026: 004213140200 MOVETOCREG_DSZ64(0x00000000, 0x513) U5028: 00429e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x79e) U5029: 00421c140200 MOVETOCREG_DSZ64(0x00000000, 0x51c) U502a: 00421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U502c: 0e2550031e4b tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x00000350) U502d: 013400031c77 tmp1:= CMOVCC_DSZ32_CONDZ(tmp7, tmp1) U502e: 000401231c48 tmp1:= AND_DSZ32(0x00000801, tmp1) U5030: 01340017f23d tmp15:= CMOVCC_DSZ32_CONDZ(tmp13, 0x00000500) U5031: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U5032: 100a00000300 SYNCWAIT-> TESTUSTATE(SYS, 0x8000) 0b107280 ? SEQW GOTO U1072 U5034: 0042ff1c0231 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, 0x7ff) U5035: 0e65c8024e48 rsp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000c8) U5036: 000a04000200 TESTUSTATE(UCODE, 0x0004) 02504880 ? SEQW GOTO U5048 U5038: 0e654803ce4b tmp12:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000348) U5039: 0008230bf010 tmp15:= ZEROEXT_DSZ32(0xf8f8f8f8) U503a: 00210003ffff tmp15:= CONCAT_DSZ32(tmp15, tmp15) U503c: 00440003ff3f tmp15:= AND_DSZ64(tmp15, tmp12) U503d: 01710003cf3f tmp12:= SELECTCC_DSZ64_CONDNZ(tmp15, tmp12) U503e: 00086507f010 tmp15:= ZEROEXT_DSZ32(0x04040404) U5040: 00210003ffff tmp15:= CONCAT_DSZ32(tmp15, tmp15) U5041: 00470003fffc tmp15:= NOTAND_DSZ64(tmp12, tmp15) U5042: 00650103f23f tmp15:= SHR_DSZ64(tmp15, 0x00000001) U5044: 00440003fffc tmp15:= AND_DSZ64(tmp12, tmp15) U5045: 01710003cf3f tmp12:= SELECTCC_DSZ64_CONDNZ(tmp15, tmp12) U5046: 00427714023c MOVETOCREG_DSZ64(tmp12, 0x577) U5048: 0e65d8035e48 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000d8) U5049: 0e65b8037e48 tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000000b8) U504a: 0e25a0031e48 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000a0) U504c: 0ea5e203ce49 tmp12:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001e2) U504d: 00870703cf08 tmp12:= NOTAND_DSZ16(0x00000007, tmp12) U504e: 0150967802bc UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp12, U5e96) U5050: 00a18b03cf08 tmp12:= CONCAT_DSZ16(0x0000008b, tmp12) U5051: 00216703cf08 tmp12:= CONCAT_DSZ32(0x00000067, tmp12) U5052: 0c6baf00003c WRSEGFLD(tmp12, TSS, SEL+FLGS+LIM) U5054: 0e652003ce4a tmp12:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000220) U5055: 0c6b2f00003c WRSEGFLD(tmp12, TSS, BASE) U5056: 0ea5b203ce49 tmp12:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001b2) U5058: 0ea5ba033e49 tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001ba) U5059: 0dff00000038 LFNCEMARK-> unk_dff(tmp8) U505a: 00870703cf08 tmp12:= NOTAND_DSZ16(0x00000007, tmp12) U505c: 0150967802bc UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp12, U5e96) U505d: 00240403f23d tmp15:= SHL_DSZ32(tmp13, 0x00000004) U505e: 00859b03f3bf tmp15:= SUB_DSZ16(tmp15, 0x0000c09b) U5060: 0042f51c023f MOVETOCREG_DSZ64(tmp15, 0x7f5) U5061: 00a10003cf3f tmp12:= CONCAT_DSZ16(tmp15, tmp12) U5062: 0021ff7fcf1f tmp12:= CONCAT_DSZ32(0xffffffffffffffff, tmp12) U5064: 0c6b4900003c WRSEGFLD(tmp12, UNK_SEG_09, FLGS) U5065: 0c6b29000000 WRSEGFLD(0x00000000, UNK_SEG_09, BASE) U5066: 00050103c008 tmp12:= SUB_DSZ32(0x00000001) U5068: 00428e1c0200 MOVETOCREG_DSZ64(0x00000000, 0x78e) U5069: 0042001c0200 MOVETOCREG_DSZ64(0x00000000, 0x700) U506a: 00421010023c MOVETOCREG_DSZ64(tmp12, 0x410) U506c: 00870703ccc8 tmp12:= NOTAND_DSZ16(0x00000007, tmp3) U506d: 00810003ff3d tmp15:= OR_DSZ16(tmp13, tmp12) U506e: 0150967802bf UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U5e96) U5070: 01317b07f43c tmp15:= SELECTCC_DSZ32_CONDNZ(tmp12, 0x08000000) U5071: 00a19303cf0e tmp12:= CONCAT_DSZ16(0x0000c093, tmp12) U5072: 09a23c1c033c MOVETOCREG_SHR_DSZ64(tmp12, 0x00000010, 0x73c) U5074: 00010003cf3f tmp12:= OR_DSZ32(tmp15, tmp12) U5075: 0021ff7fcf1f tmp12:= CONCAT_DSZ32(0xffffffffffffffff, tmp12) U5076: 0c6baa00003c SYNCMARK-> WRSEGFLD(tmp12, SS_USERM, SEL+FLGS+LIM) U5078: 00631003f200 tmp15:= READURAM(0x0010, 64) U5079: 00880003ffc0 tmp15:= ZEROEXT_DSZ16(tmp15) U507a: 004700037dff tmp7:= NOTAND_DSZ64(tmp15, tmp7) 01eefe96 SEQW SAVEUIP1 U507c SEQW GOTO U6efe U507c: 00087b071010 tmp1:= ZEROEXT_DSZ32(0x08000000) U507d: 0c6ba7000031 WRSEGFLD(tmp1, LDT, SEL+FLGS+LIM) U507e: 00421e140200 MOVETOCREG_DSZ64(0x00000000, 0x51e) U5080: 008501031008 tmp1:= SUB_DSZ16(0x00000001) U5081: 0c6b66000031 WRSEGFLD(tmp1, GDT, LIMIT) U5082: 0c6b6e000031 WRSEGFLD(tmp1, IDT, LIMIT) U5084: 0c6b28000000 WRSEGFLD(0x00000000, ES, BASE) U5085: 0c6b2a000000 WRSEGFLD(0x00000000, SS_USERM, BASE) U5086: 0c6b2b000000 WRSEGFLD(0x00000000, DS, BASE) U5088: 0ea5c2033e49 LFNCEWAIT-> tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp9, 0x000001c2) U5089: 004800039cf9 tmp9:= ZEROEXT_DSZ64(tmp9, tmp3) U508a: 0c6b22000000 WRSEGFLD(0x00000000, CS, BASE) U508c: 0c4ba0272000 tmp2:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U508d: 0c6ba2000032 WRSEGFLD(tmp2, CS, SEL+FLGS+LIM) U508e: 0c6b23000000 WRSEGFLD(0x00000000, SS, BASE) U5090: 0c4ba02b2000 tmp2:= RDSEGFLD(SS_USERM, SEL+FLGS+LIM) U5091: 0c6ba3000032 WRSEGFLD(tmp2, SS, SEL+FLGS+LIM) U5092: 104800024024 SYNCWAIT-> rsp:= ZEROEXT_DSZ64N(rsp) U5094: 104800035035 tmp5:= ZEROEXT_DSZ64N(tmp5) U5095: 000a00100200 TESTUSTATE(UCODE, 0x0400) 01cad840 ? SEQW GOTO U4ad8 U5096: 000d219c0000 SAVEUIP_REGOVR(0x01, U5098, 0x0721) U5098: 000c75500200 SAVEUIP(0x00, U1475) U5099: 000cdc940200 SAVEUIP(0x01, U05dc) 01dca040 SEQW GOTO U5ca0 ------------------------------------------------------------------------------------ U509a: 000104032232 tmp2:= OR_DSZ32(tmp2, 0x00000004) U509c: 00210103cf32 ROVR<- tmp12:= CONCAT_DSZ32(tmp2, tmp12) 018000dc SEQW SAVEUIP1 U509d U509d: 005424032233 tmp2:= BT_DSZ64(tmp3, 0x00000024) U509e: 003247032432 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00010000) U50a0: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01d0a500 ? SEQW GOTO U50a5 U50a1: 00410003cf32 tmp12:= OR_DSZ64(tmp2, tmp12) U50a2: 00470003cd7c tmp12:= NOTAND_DSZ64(tmp12, tmp5) U50a4: 0151111c027c UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp12, generate_#GP) U50a5: 286aa6810635 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000022, U50a6) 01d0a940 SEQW GOTO U50a9 ------------------------------------------------------------------------------------ U50a6: 0062ff1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7ff) U50a8: 2a62ffdc02b2 MOVETOCREG_BTR_DSZ64(tmp2, 0x0000000b, 0x7ff) 01816414 SEQW SAVEUIP1 U50a9 SEQW GOTO U0164 U50a9: 0062c31b2200 tmp2:= MOVEFROMCREG_DSZ64(0x6c3) U50aa: 000701032c88 tmp2:= NOTAND_DSZ32(0x00000001, tmp2) U50ac: 000401033d48 tmp3:= AND_DSZ32(0x00000001, tmp5) U50ad: 2902c31b2cf2 tmp2:= MOVETOCREG_OR_DSZ64(tmp2, tmp3, 0x6c3) 0182ba55 SEQW SAVEUIP1 U50ae SEQW GOTO U02ba U50ae: 2d9bc0031008 tmp1:= unk_d9b(0x000000c0) U50b0: 000727071c50 tmp1:= NOTAND_DSZ32(0x00800012, tmp1) U50b1: 00650f032235 tmp2:= SHR_DSZ64(tmp5, 0x0000000f) U50b2: 000426072c90 tmp2:= AND_DSZ32(0x00800002, tmp2) U50b4: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U50b5: 002401032235 tmp2:= SHL_DSZ32(tmp5, 0x00000001) U50b6: 000410032c88 tmp2:= AND_DSZ32(0x00000010, tmp2) U50b8: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U50b9: 2d9fc0031008 tmp1:= unk_d9f(0x000000c0) U50ba: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U50bc: 004341000235 WRITEURAM(tmp5, 0x0041, 64) 01b2cd14 SEQW SAVEUIP1 U50bd SEQW GOTO U32cd U50bd: 1062e60b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e6, 32) U50be: 000710031c48 tmp1:= NOTAND_DSZ32(0x00000010, tmp1) U50c0: 002513033235 tmp3:= SHR_DSZ32(tmp5, 0x00000013) U50c1: 000410033cc8 tmp3:= AND_DSZ32(0x00000010, tmp3) U50c2: 1902e6080cf1 MOVETOCREG_OR_DSZ64(tmp1, tmp3, 0x2e6) 01b24e80 SEQW GOTO U324e ------------------------------------------------------------------------------------ calc_sha256_start: U50c4: 04b40003f000 tmm7:= FMOV(0x00000000) U50c5: 0008dc070010 tmp0:= ZEROEXT_DSZ32(0x6a09e667) U50c6: 0e2d00030037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp0) U50c8: 00080e0b1010 tmp1:= ZEROEXT_DSZ32(0xbb67ae85) U50c9: 0e2d04031037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000004, tmp1) U50ca: 0008af072010 tmp2:= ZEROEXT_DSZ32(0x3c6ef372) U50cc: 0e2d08032037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000008, tmp2) U50cd: 0008080b3010 tmp3:= ZEROEXT_DSZ32(0xa54ff53a) U50ce: 0e2d0c033037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000000c, tmp3) U50d0: 0008d4074010 tmp4:= ZEROEXT_DSZ32(0x510e527f) U50d1: 0e2d10034037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000010, tmp4) U50d2: 0008040b8010 tmp8:= ZEROEXT_DSZ32(0x9b05688c) U50d4: 0e2d14038037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000014, tmp8) U50d5: 00089c079010 tmp9:= ZEROEXT_DSZ32(0x1f83d9ab) U50d6: 0e2d18039037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000018, tmp9) U50d8: 0008d607a010 tmp10:= ZEROEXT_DSZ32(0x5be0cd19) U50d9: 0e2d1c03a037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000001c, tmp10) calc_sha256_update: U50da: 07040003e036 tmm6:= unk_704(mm6) U50dc: 04ce0003ffbf tmm7:= unk_4ce(tmm7, tmm6) U50dd: 00483803d008 tmp13:= ZEROEXT_DSZ64(0x00000038) U50de: 0e650007ef75 LFNCEWAIT-> tmp14:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, tmp13, mode=0x01) U50e0: 037c0003e03e tmp14:= unk_37c(tmp14) U50e1: 006d2003e23e tmp14:= ROR_DSZ64(tmp14, 0x00000020) U50e2: 0e6d2007ef77 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp13, 0x00000020, mode=0x01, tmp14) U50e4: 00050803df48 tmp13:= SUB_DSZ32(0x00000008, tmp13) U50e5: 0250e64002bd LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp13, U50e6) 04d0de40 SEQW GOTO U50de ------------------------------------------------------------------------------------ U50e6: 00083003b008 tmp11:= ZEROEXT_DSZ32(0x00000030) U50e8: 00002003d008 tmp13:= ADD_DSZ32(0x00000020) U50e9: 074400038035 tmm0:= unk_744(mm5) U50ea: 0e253803ff77 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp13, 0x00000038) U50ec: 002d1103e23f tmp14:= ROR_DSZ32(tmp15, 0x00000011) U50ed: 002d1303c23f tmp12:= ROR_DSZ32(tmp15, 0x00000013) U50ee: 00060003efbc tmp14:= XOR_DSZ32(tmp12, tmp14) U50f0: 00250a03c23f tmp12:= SHR_DSZ32(tmp15, 0x0000000a) U50f1: 00060003efbc tmp14:= XOR_DSZ32(tmp12, tmp14) U50f2: 0e252403ff77 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp13, 0x00000024) U50f4: 00000003efbf tmp14:= ADD_DSZ32(tmp15, tmp14) U50f5: 0e250403ff77 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp13, 0x00000004) U50f6: 002d0703c23f tmp12:= ROR_DSZ32(tmp15, 0x00000007) U50f8: 002d1203523f tmp5:= ROR_DSZ32(tmp15, 0x00000012) U50f9: 00060003cf35 tmp12:= XOR_DSZ32(tmp5, tmp12) U50fa: 00250303523f tmp5:= SHR_DSZ32(tmp15, 0x00000003) U50fc: 00060003cf35 tmp12:= XOR_DSZ32(tmp5, tmp12) U50fd: 00000003efbc tmp14:= ADD_DSZ32(tmp12, tmp14) U50fe: 0e250003ff77 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp13) U5100: 00000003efbf tmp14:= ADD_DSZ32(tmp15, tmp14) U5101: 0e2d4003ef77 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp13, 0x00000040, tmp14) U5102: 00000403df48 tmp13:= ADD_DSZ32(0x00000004, tmp13) U5104: 00050103bec8 tmp11:= SUB_DSZ32(0x00000001, tmp11) U5105: 0150064402bb UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U5106) 01d0ea40 SEQW GOTO U50ea ------------------------------------------------------------------------------------ U5106: 00080003b000 tmp11:= ZEROEXT_DSZ32(0x00000000) U5108: 00634e035200 LFNCEWAIT-> tmp5:= READURAM(0x004e, 64) U5109: 0e250003def5 tmp13:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, tmp11) U510a: 00070003ee74 tmp14:= NOTAND_DSZ32(tmp4, tmp9) U510c: 0e252003fef7 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp11, 0x00000020) U510d: 00040003cd38 tmp12:= AND_DSZ32(tmp8, tmp4) U510e: 00000003ff7f tmp15:= ADD_DSZ32(tmp15, tmp13) U5110: 00060003ef3e tmp14:= XOR_DSZ32(tmp14, tmp12) U5111: 002d0603c234 tmp12:= ROR_DSZ32(tmp4, 0x00000006) U5112: 00000003fffe tmp15:= ADD_DSZ32(tmp14, tmp15) U5114: 002d0b03e234 tmp14:= ROR_DSZ32(tmp4, 0x0000000b) U5115: 00060003cf3e tmp12:= XOR_DSZ32(tmp14, tmp12) U5116: 002d1903e234 tmp14:= ROR_DSZ32(tmp4, 0x00000019) U5118: 00000003fffa tmp15:= ADD_DSZ32(tmp10, tmp15) U5119: 00080003a039 tmp10:= ZEROEXT_DSZ32(tmp9) U511a: 000800039038 tmp9:= ZEROEXT_DSZ32(tmp8) U511c: 000800038034 tmp8:= ZEROEXT_DSZ32(tmp4) U511d: 00060003cf3e tmp12:= XOR_DSZ32(tmp14, tmp12) U511e: 002d0d03e230 tmp14:= ROR_DSZ32(tmp0, 0x0000000d) U5120: 00000003fffc tmp15:= ADD_DSZ32(tmp12, tmp15) U5121: 002d0203c230 tmp12:= ROR_DSZ32(tmp0, 0x00000002) U5122: 000000034cff tmp4:= ADD_DSZ32(tmp15, tmp3) U5124: 000800033032 tmp3:= ZEROEXT_DSZ32(tmp2) U5125: 00060003cf3e tmp12:= XOR_DSZ32(tmp14, tmp12) U5126: 002d1603e230 tmp14:= ROR_DSZ32(tmp0, 0x00000016) U5128: 00060003df3e tmp13:= XOR_DSZ32(tmp14, tmp12) U5129: 00000403bec8 tmp11:= ADD_DSZ32(0x00000004, tmp11) U512a: 00040003cc31 tmp12:= AND_DSZ32(tmp1, tmp0) U512c: 00040003ec32 tmp14:= AND_DSZ32(tmp2, tmp0) U512d: 00060003cf3e tmp12:= XOR_DSZ32(tmp14, tmp12) U512e: 00040003ec72 tmp14:= AND_DSZ32(tmp2, tmp1) U5130: 000800032031 tmp2:= ZEROEXT_DSZ32(tmp1) U5131: 00060003cf3e tmp12:= XOR_DSZ32(tmp14, tmp12) U5132: 000800031030 tmp1:= ZEROEXT_DSZ32(tmp0) U5134: 00000003df7c tmp13:= ADD_DSZ32(tmp12, tmp13) U5135: 000000030ffd tmp0:= ADD_DSZ32(tmp13, tmp15) U5136: 286a380502bb BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000008, U5138) 01d10980 SEQW GOTO U5109 ------------------------------------------------------------------------------------ U5138: 0e250003f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7) U5139: 000000030ff0 tmp0:= ADD_DSZ32(tmp0, tmp15) U513a: 0e250403f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000004) U513c: 000000031ff1 tmp1:= ADD_DSZ32(tmp1, tmp15) U513d: 0e250803f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000008) U513e: 000000032ff2 tmp2:= ADD_DSZ32(tmp2, tmp15) U5140: 0e250c03f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000000c) U5141: 000000033ff3 tmp3:= ADD_DSZ32(tmp3, tmp15) U5142: 0e251003f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000010) U5144: 000000034ff4 tmp4:= ADD_DSZ32(tmp4, tmp15) U5145: 0e251403f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000014) U5146: 000000038ff8 tmp8:= ADD_DSZ32(tmp8, tmp15) U5148: 0e251803f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000018) U5149: 000000039ff9 tmp9:= ADD_DSZ32(tmp9, tmp15) U514a: 0e251c03f037 tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000001c) U514c: 00000003affa tmp10:= ADD_DSZ32(tmp10, tmp15) U514d: 29284e050036 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp6, 0x00000000, U514e) 04d15940 SEQW GOTO U5159 ------------------------------------------------------------------------------------ U514e: 033c00030030 tmp0:= BSWAP_DSZ32(tmp0) U5150: 033c00031031 tmp1:= BSWAP_DSZ32(tmp1) U5151: 033c00032032 tmp2:= BSWAP_DSZ32(tmp2) U5152: 033c00033033 tmp3:= BSWAP_DSZ32(tmp3) U5154: 033c00034034 tmp4:= BSWAP_DSZ32(tmp4) U5155: 033c00038038 tmp8:= BSWAP_DSZ32(tmp8) U5156: 033c00039039 tmp9:= BSWAP_DSZ32(tmp9) U5158: 033c0003a03a tmp10:= BSWAP_DSZ32(tmp10) U5159: 0e2d00030037 LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp0) U515a: 0e2d04031037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000004, tmp1) U515c: 0e2d08032037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000008, tmp2) U515d: 0e2d0c033037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000000c, tmp3) U515e: 0e2d10034037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000010, tmp4) U5160: 0e2d14038037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000014, tmp8) U5161: 0e2d18039037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000018, tmp9) U5162: 0e2d1c03a037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000001c, tmp10) U5164: 076c00035038 tmp5:= PINTMOVDTMM2I_DSZ64(tmm0) U5165: 004040035d48 tmp5:= ADD_DSZ64(0x00000040, tmp5) U5166: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U5168: 0152694402b6 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp6, U5169) 01d0dd00 SEQW GOTO U50dd ------------------------------------------------------------------------------------ U5169: 00634703b200 tmp11:= READURAM(0x0047, 64) U516a: 025011000236 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, sha256_ret) U516c: 00251003f23b tmp15:= SHR_DSZ32(tmp11, 0x00000010) U516d: 01501100023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, sha256_ret) U516e: 00551f03f200 tmp15:= BTS_DSZ64(0x00000000, 0x0000001f) U5170: 0e6d2003f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000020, tmp15) U5171: 0e6d28000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000028, 0x00000000) U5172: 0e6d30000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000030, 0x00000000) U5174: 0e6d38000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000038, 0x00000000) U5175: 0e6d40000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000040, 0x00000000) U5176: 0e6d48000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000048, 0x00000000) U5178: 0e6d50000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000050, 0x00000000) U5179: 072c0003f03f tmp15:= PINTMOVDTMM2I_DSZ32(tmm7) U517a: 006c2903f23f tmp15:= ROL_DSZ64(tmp15, 0x00000029) U517c: 0e6d5803f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000058, tmp15) 01d0e600 SEQW GOTO U50e6 ------------------------------------------------------------------------------------ U517d: 00043f032d48 tmp2:= AND_DSZ32(0x0000003f, tmp5) U517e: 000120032c88 tmp2:= OR_DSZ32(0x00000020, tmp2) U5180: 000500031c32 tmp1:= SUB_DSZ32(tmp2, tmp0) U5181: 07c20003ae71 tmm2:= unk_7c2(mm1, tmm1) U5182: 06a70003ae3a tmm2:= unk_6a7(tmm2, tmm0) U5184: 000804032008 tmp2:= ZEROEXT_DSZ32(0x00000004) U5185: 27410003d032 tmm5:= unk_741(mm2) U5186: 06dd00008e80 mm0:= unk_6dd(tmm2) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U5188: 1062f91f4240 tmp4:= MOVEFROMCREG_DSZ64(0x7f9, 32) U5189: 0062c51fd200 tmp13:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U518a: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01d19180 ? SEQW GOTO U5191 U518c: 000811030008 tmp0:= ZEROEXT_DSZ32(0x00000011) U518d: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01ce8140 ? SEQW GOTO do_vmexit U518e: 00634c03f200 tmp15:= READURAM(0x004c, 64) U5190: 286a907c02ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000d, do_smm_vmexit) U5191: 0062fe1fb200 LFNCEWAIT-> tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U5192: 23800003bec0 tmp11:= READAFLAGS(tmp11) U5194: 0062f81fe200 tmp14:= MOVEFROMCREG_DSZ64(0x7f8) U5195: 0062f61f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U5196: 0062ff1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7ff) U5198: 100a00840200 TESTUSTATE(SYS, !UST_VMX_OP_DIS) 04a76900 ? SEQW GOTO generate_#UD U5199: 000900000000 LFNCEMARK-> MOVE_DSZ32(0x00000000) U519a: 00070d039c08 tmp9:= NOTAND_DSZ32(0x0000000d, tmp0) U519c: 0042ff1c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x7ff) U519d: 0a62f6dc03f9 MOVETOCREG_BTR_DSZ64(tmp9, 0x0000001f, CORE_CR_CR0) U519e: 0042c51c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_CR4) U51a0: 213f09000000 ROVR<- unk_13f(0x00000000) 01a0751c SEQW SAVEUIP1 U51a1 SEQW GOTO U2075 U51a1: 0042f81c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f8) U51a2: 1042f91c0240 MOVETOCREG_DSZ64(0x00000000, 0x7f9, 32) U51a4: 0042fe1c0200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U51a5: 00080073200f tmp2:= ZEROEXT_DSZ32(0x0000fc00) U51a6: 006371039200 tmp9:= READURAM(0x0071, 64) U51a8: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01d1aa00 ? SEQW GOTO U51aa U51a9: 006334039200 tmp9:= READURAM(0x0034, 64) U51aa: 000800039039 tmp9:= ZEROEXT_DSZ32(tmp9) U51ac: 004000032e72 tmp2:= ADD_DSZ64(tmp2, tmp9) U51ad: 096272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U51ae: 0e25f80362f2 LFNCEWAIT-> tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003f8) U51b0: 0e25400332b2 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000240) U51b1: 0004320b9cd0 tmp9:= AND_DSZ32(0xffca7800, tmp3) U51b2: 0151516002b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U5851) U51b4: 00635c039200 tmp9:= READURAM(0x005c, 64) U51b5: 00541a039239 tmp9:= BT_DSZ64(tmp9, 0x0000001a) U51b6: 003200039cf9 tmp9:= SELECTCC_DSZ32_CONDB(tmp9, tmp3) U51b8: 286a51e102f9 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000000f, U5851) U51b9: 006335039200 tmp9:= READURAM(0x0035, 64) U51ba: 005429039239 tmp9:= BT_DSZ64(tmp9, 0x00000029) U51bc: 0032e1039439 tmp9:= SELECTCC_DSZ32_CONDB(tmp9, 0x00200000) U51bd: 000400039cf9 tmp9:= AND_DSZ32(tmp9, tmp3) U51be: 0151516002b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U5851) U51c0: 006377039200 tmp9:= READURAM(0x0077, 64) U51c1: 00542b039239 tmp9:= BT_DSZ64(tmp9, 0x0000002b) U51c2: 003300039339 tmp9:= SELECTCC_DSZ32_CONDNB(tmp9, 0x00008000) U51c4: 008400039cf9 tmp9:= AND_DSZ16(tmp9, tmp3) U51c5: 0151516002b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U5851) U51c6: 00251a039236 tmp9:= SHR_DSZ32(tmp6, 0x0000001a) U51c8: 000400039e73 tmp9:= AND_DSZ32(tmp3, tmp9) U51c9: 001405039239 tmp9:= BT_DSZ32(tmp9, 0x00000005) U51ca: 00fa00039039 tmp9:= SETCC_CONDB(tmp9) U51cc: 0e25e00352f2 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003e0) U51cd: 00250803a235 tmp10:= SHR_DSZ32(tmp5, 0x00000008) U51ce: 000400039eb9 tmp9:= AND_DSZ32(tmp9, tmp10) U51d0: 00250a03a235 tmp10:= SHR_DSZ32(tmp5, 0x0000000a) U51d1: 00040103ae88 tmp10:= AND_DSZ32(0x00000001, tmp10) U51d2: 292951210eb9 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, tmp10, U5851) U51d4: 00151f03a200 tmp10:= BTS_DSZ32(0x00000000, 0x0000001f) U51d5: 0004f1079d90 tmp9:= AND_DSZ32(0x80000001, tmp6) U51d6: 292851210eb9 CMPUJZ_DIRECT_NOTTAKEN(tmp9, tmp10, U5851) U51d8: 0004d8079d90 tmp9:= AND_DSZ32(0x60000000, tmp6) U51d9: 00151d03a200 tmp10:= BTS_DSZ32(0x00000000, 0x0000001d) U51da: 292851210eb9 CMPUJZ_DIRECT_NOTTAKEN(tmp9, tmp10, U5851) U51dc: 0e65f00382f2 tmp8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003f0) U51dd: 0e65480392b2 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000248) U51de: 292951210e78 CMPUJNZ_DIRECT_NOTTAKEN(tmp8, tmp9, U5851) U51e0: 0e25e80372f2 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003e8) U51e1: 0e25500392b2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000250) U51e2: 000600039e77 tmp9:= XOR_DSZ32(tmp7, tmp9) U51e4: 286a51610339 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000011, U5851) U51e5: 0e25c8039272 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001c8) U51e6: 0e25b803a272 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001b8) U51e8: 002510039239 tmp9:= SHR_DSZ32(tmp9, 0x00000010) U51e9: 00251003a23a tmp10:= SHR_DSZ32(tmp10, 0x00000010) U51ea: 000400039e7a tmp9:= AND_DSZ32(tmp10, tmp9) U51ec: 000460039e48 tmp9:= AND_DSZ32(0x00000060, tmp9) U51ed: 000560039e48 tmp9:= SUB_DSZ32(0x00000060, tmp9) U51ee: 001411037237 tmp7:= BT_DSZ32(tmp7, 0x00000011) U51f0: 003300039e77 tmp9:= SELECTCC_DSZ32_CONDNB(tmp7, tmp9) U51f1: 292951210039 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x00000000, U5851) U51f2: 000701039236 tmp9:= NOTAND_DSZ32(tmp6, 0x00000001) U51f4: 003300039e77 tmp9:= SELECTCC_DSZ32_CONDNB(tmp7, tmp9) U51f5: 292951210039 CMPUJNZ_DIRECT_NOTTAKEN(tmp9, 0x00000000, U5851) U51f6: 0062f01f9200 tmp9:= MOVEFROMCREG_DSZ64(0x7f0) U51f8: 286a51210239 BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000000, U5851) U51f9: 0e6580039272 LFNCEMARK-> tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000180) U51fa: 000800000000 NOP U51fc: 0c6b26000039 LFNCEWAIT-> WRSEGFLD(tmp9, GDT, BASE) U51fd: 0e25c00392f2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003c0) U51fe: 0e6590039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000190) U5200: 0c6b27000039 WRSEGFLD(tmp9, LDT, BASE) U5201: 0e6560039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000160) U5202: 0c6b2e000039 WRSEGFLD(tmp9, IDT, BASE) U5204: 0e25dc039272 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000001dc) U5205: 006420039239 tmp9:= SHL_DSZ64(tmp9, 0x00000020) U5206: 204324040239 WRITEURAM(tmp9, 0x0124, 64) U5208: 0e65a0039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001a0) U5209: 0c6b28000039 WRSEGFLD(tmp9, ES, BASE) U520a: 0e65b0039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001b0) U520c: 0c6b29000039 WRSEGFLD(tmp9, UNK_SEG_09, BASE) U520d: 0e65c0039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001c0) U520e: 0c6b2a000039 WRSEGFLD(tmp9, SS_USERM, BASE) U5210: 0e6530039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000130) U5211: 0c6b2b000039 WRSEGFLD(tmp9, DS, BASE) U5212: 0e6540039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000140) U5214: 0c6b2c000039 WRSEGFLD(tmp9, FS, BASE) U5215: 0e6550039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000150) U5216: 0c6b2d000039 WRSEGFLD(tmp9, GS, BASE) U5218: 0e6570039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000170) U5219: 0c6b2f000039 WRSEGFLD(tmp9, TSS, BASE) U521a: 0e6598039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000198) U521c: 0c6ba7000039 WRSEGFLD(tmp9, LDT, SEL+FLGS+LIM) U521d: 0e6588039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000188) U521e: 0c6ba6000039 WRSEGFLD(tmp9, GDT, SEL+FLGS+LIM) U5220: 0e6568039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000168) U5221: 0c6bae000039 WRSEGFLD(tmp9, IDT, SEL+FLGS+LIM) U5222: 0e65a803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001a8) U5224: 0c6ba800003a WRSEGFLD(tmp10, ES, SEL+FLGS+LIM) U5225: 0e65b803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001b8) U5226: 0c6ba900003a WRSEGFLD(tmp10, UNK_SEG_09, SEL+FLGS+LIM) U5228: 0e65c803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001c8) U5229: 0c6baa00003a WRSEGFLD(tmp10, SS_USERM, SEL+FLGS+LIM) U522a: 0e653803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000138) U522c: 0c6bab00003a WRSEGFLD(tmp10, DS, SEL+FLGS+LIM) U522d: 0e654803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000148) U522e: 0c6bac00003a WRSEGFLD(tmp10, FS, SEL+FLGS+LIM) U5230: 0e655803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000158) U5231: 0c6bad00003a WRSEGFLD(tmp10, GS, SEL+FLGS+LIM) U5232: 0e657803a272 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000178) U5234: 0c6baf00003a LFNCEMARK-> WRSEGFLD(tmp10, TSS, SEL+FLGS+LIM) U5235: 006310039200 tmp9:= READURAM(0x0010, 64) U5236: 00474a0b9e50 tmp9:= NOTAND_DSZ64(0xffffffff, tmp9) U5238: 004700038e39 tmp8:= NOTAND_DSZ64(tmp9, tmp8) U5239: 004229140238 MOVETOCREG_DSZ64(tmp8, 0x529) U523a: 0e65d803e2f2 tmp14:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000003d8) U523c: 0e65940272f2 rdi:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000394) U523d: 0e658c0262f2 rsi:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000038c) U523e: 0e65840252f2 rbp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000384) U5240: 0e657c0242f2 rsp:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000037c) U5241: 0e65740232f2 rbx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000374) U5242: 0e656c0222f2 rdx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000036c) U5244: 0e65640212f2 rcx:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000364) U5245: 0e655c0202f2 rax:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000035c) U5246: 0e65540282f2 r8:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000354) U5248: 0e654c0292f2 r9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000034c) U5249: 0e654402a2f2 r10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000344) U524a: 0e653c02b2f2 r11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000033c) U524c: 0e653402c2f2 r12:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000334) U524d: 0e652c02d2f2 r13:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000032c) U524e: 0e652402e2f2 r14:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000324) U5250: 0e651c02f2f2 r15:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000031c) U5251: 0e25d00392f2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003d0) U5252: 20433d000239 WRITEURAM(tmp9, 0x003d, 64) U5254: 0ea5a80392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003a8) U5255: 0c6bc8000039 LFNCEWAIT-> WRSEGFLD(tmp9, ES, UNK_FLD_0c) U5256: 0ea5ac0392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003ac) U5258: 0c6bc9000039 WRSEGFLD(tmp9, UNK_SEG_09, UNK_FLD_0c) U5259: 0ea5b00392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003b0) U525a: 0c6bca000039 WRSEGFLD(tmp9, SS_USERM, UNK_FLD_0c) U525c: 0ea5b40392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003b4) U525d: 0c6bcb000039 WRSEGFLD(tmp9, DS, UNK_FLD_0c) U525e: 0ea5b80392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003b8) U5260: 0c6bcc000039 WRSEGFLD(tmp9, FS, UNK_FLD_0c) U5261: 0ea5bc0392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003bc) U5262: 0c6bcd000039 WRSEGFLD(tmp9, GS, UNK_FLD_0c) U5264: 0ea5c40392f2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x000003c4) U5265: 0c6bcf000039 LFNCEMARK-> WRSEGFLD(tmp9, TSS, UNK_FLD_0c) U5266: 0e25f80392b2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002f8) U5268: 204371080239 WRITEURAM(tmp9, 0x0071, 32) U5269: 0e25ec0392b2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002ec) U526a: 204334080239 WRITEURAM(tmp9, 0x0034, 32) U526c: 006377038200 tmp8:= READURAM(0x0077, 64) U526d: 00542b038238 tmp8:= BT_DSZ64(tmp8, 0x0000002b) U526e: 0053704802b8 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp8, U5270) 05527580 SEQW GOTO U5275 ------------------------------------------------------------------------------------ U5270: 0e25e00382b2 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000002e0) U5271: 008402038e08 tmp8:= AND_DSZ16(0x00000002, tmp8) U5272: 002408038238 tmp8:= SHL_DSZ32(tmp8, 0x00000008) U5274: 290207000e00 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp8, 0x007) U5275: 000a10000200 TESTUSTATE(UCODE, 0x0010) 04529540 ? SEQW GOTO U5295 U5276: 0ea57c0392b2 tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000027c) U5278: 0e258003a2b2 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000280) U5279: 1042c4080279 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp9, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U527a: 20420800023a MOVETOCREG_DSZ64(tmp10, 0x008) U527c: 002100039e7a tmp9:= CONCAT_DSZ32(tmp10, tmp9) U527d: 204370000239 WRITEURAM(tmp9, 0x0070, 64) U527e: 0ea57e0302b2 tmp0:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000027e) U5280: 0e25a40392f2 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x000003a4) U5281: 204339080239 WRITEURAM(tmp9, 0x0039, 32) U5282: 00620403a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x004) U5284: 000401039e48 tmp9:= AND_DSZ32(0x00000001, tmp9) U5285: 002405039239 tmp9:= SHL_DSZ32(tmp9, 0x00000005) U5286: 290204000e7a MOVETOCREG_OR_DSZ64(tmp10, tmp9, 0x004) U5288: 0e659c0392f2 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x0000039c) U5289: 20433e000239 WRITEURAM(tmp9, 0x003e, 64) U528a: 0e65e8039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e8) U528c: 20436e000239 WRITEURAM(tmp9, 0x006e, 64) U528d: 0e65f0039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f0) U528e: 20430a000239 WRITEURAM(tmp9, 0x000a, 64) U5290: 0e65f8039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001f8) U5291: 204309000239 WRITEURAM(tmp9, 0x0009, 64) U5292: 0e65e0039272 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x000001e0) U5294: 20430b000239 WRITEURAM(tmp9, 0x000b, 64) U5295: 0040080bd232 tmp13:= ADD_DSZ64(tmp2, 0x00000208) U5296: 000804039008 tmp9:= ZEROEXT_DSZ32(0x00000004) U5298: 000501039e48 tmp9:= SUB_DSZ32(0x00000001, tmp9) U5299: 0f650003ae7d tmp10:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp13, tmp9) U529a: 00404017b239 tmp11:= ADD_DSZ64(tmp9, 0x00000540) U529c: 204200000efa MOVETOCREG_DSZ64(tmp10, tmp11) U529d: 01509e4802b9 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U529e) 01d29840 SEQW GOTO U5298 ------------------------------------------------------------------------------------ U529e: 0ee5300342b2 tmp4:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x00000230) U52a0: 00635c039200 tmp9:= READURAM(0x005c, 64) U52a1: 00081003c008 tmp12:= ZEROEXT_DSZ32(0x00000010) U52a2: 007d00035d40 tmp5:= MOVEINSERTFLGS_DSZ64(tmp5) U52a4: 00635903b200 tmp11:= READURAM(0x0059, 64) U52a5: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01d2aa40 ? SEQW GOTO U52aa U52a6: 00638003b200 tmp11:= READURAM(0x0080, 64) U52a8: 00082403c008 tmp12:= ZEROEXT_DSZ32(0x00000024) U52a9: 286abe090279 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000004, U52be) U52aa: 00631803a200 tmp10:= READURAM(0x0018, 64) U52ac: 002d0303023a tmp0:= ROR_DSZ32(tmp10, 0x00000003) U52ad: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U52ae: 1062810b9240 tmp9:= MOVEFROMCREG_DSZ64(0x281, 32) U52b0: 000700030e70 tmp0:= NOTAND_DSZ32(tmp0, tmp9) U52b1: 104281080270 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, 0x281, 32) U52b2: 00651703023a tmp0:= SHR_DSZ64(tmp10, 0x00000017) U52b4: 09a2080312f0 tmp1:= MOVETOCREG_SHR_DSZ64(tmp0, 0x0000000c, 0x008) U52b5: 00652003a23b tmp10:= SHR_DSZ64(tmp11, 0x00000020) U52b6: 00044703ae90 tmp10:= AND_DSZ32(0x00010000, tmp10) U52b8: 0004410b9ed0 tmp9:= AND_DSZ32(0xffff0000, tmp11) U52b9: 002510039239 tmp9:= SHR_DSZ32(tmp9, 0x00000010) U52ba: 1902c40b9eb9 tmp9:= MOVETOCREG_OR_DSZ64(tmp9, tmp10, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U52bc: 002100039e71 tmp9:= CONCAT_DSZ32(tmp1, tmp9) U52bd: 204370000239 WRITEURAM(tmp9, 0x0070, 64) U52be: 00621e17a200 tmp10:= MOVEFROMCREG_DSZ64(0x51e) U52c0: 000440039ec8 tmp9:= AND_DSZ32(0x00000040, tmp11) U52c1: 002506039239 tmp9:= SHR_DSZ32(tmp9, 0x00000006) U52c2: 09021e140eb9 MOVETOCREG_OR_DSZ64(tmp9, tmp10, 0x51e) U52c4: 000400039ec9 tmp9:= AND_DSZ32(0x00002000, tmp11) U52c5: 000700033cc9 tmp3:= NOTAND_DSZ32(0x00002000, tmp3) U52c6: 000100033cf9 tmp3:= OR_DSZ32(tmp9, tmp3) U52c8: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01c9e000 ? SEQW GOTO U49e0 U52c9: 000408039ec8 tmp9:= AND_DSZ32(0x00000008, tmp11) U52ca: 000800000000 NOP U52cc: 015035400239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U1035) 01c9e200 SEQW GOTO U49e2 ------------------------------------------------------------------------------------ U52cd: 204301000231 WRITEURAM(tmp1, 0x0001, 64) U52ce: 038000031031 tmp1:= READAFLAGS(tmp1) U52d0: 00a100031c31 tmp1:= CONCAT_DSZ16(tmp1, tmp0) U52d1: 204308000231 WRITEURAM(tmp1, 0x0008, 64) U52d2: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) U52d4: 186a8d500230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U248d) U52d5: 000854571009 tmp1:= ZEROEXT_DSZ32(0x00003554) U52d6: 00a1c0371231 tmp1:= CONCAT_DSZ16(tmp1, 0x00000dc0) 01a49080 SEQW GOTO U2490 ------------------------------------------------------------------------------------ U52d8: 0150ac100237 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, U04ac) U52d9: 00620507b200 tmp11:= MOVEFROMCREG_DSZ64(0x105) U52da: 00250203b23b tmp11:= SHR_DSZ32(tmp11, 0x00000002) U52dc: 00040103bec8 tmp11:= AND_DSZ32(0x00000001, tmp11) U52dd: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U52de: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U52e0: 00653d030232 tmp0:= SHR_DSZ64(tmp2, 0x0000003d) U52e1: 000400039c8a tmp9:= AND_DSZ32(0x00004000, tmp2) U52e2: 013080039239 tmp9:= SELECTCC_DSZ32_CONDZ(tmp9, 0x00000080) U52e4: 000400332c88 tmp2:= AND_DSZ32(0x00000c00, tmp2) U52e5: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U52e6: 004338080232 WRITEURAM(tmp2, 0x0038, 32) U52e8: 01f900032032 tmp2:= SETCC_CONDNZ(tmp2) U52e9: 000100032cb9 tmp2:= OR_DSZ32(tmp9, tmp2) U52ea: 0e2500037f08 LFNCEWAIT-> tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12) U52ec: 086aacd003f7 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp7, 0x0000001f, U04ac) U52ed: 006357031200 tmp1:= READURAM(0x0057, 64) U52ee: 0e65b8030f0a tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b8) U52f0: 00450003dc70 tmp13:= SUB_DSZ64(tmp0, tmp1) U52f1: 01740003df78 tmp13:= CMOVCC_DSZ64_CONDZ(tmp8, tmp13) U52f2: 0e25d8037f09 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d8) U52f4: 000500037df8 tmp7:= SUB_DSZ32(tmp8, tmp7) U52f5: 00410003ddfd tmp13:= OR_DSZ64(tmp13, tmp7) U52f6: 006204034200 tmp4:= MOVEFROMCREG_DSZ64(0x004) U52f8: 386ab8840234 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp4, 0x00000002, U31b8) U52f9: 0e25f8036f08 tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000000f8) U52fa: 0e25fc030f08 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000000fc) U52fc: 070700039030 tmm1:= unk_707(mm0) U52fd: 0004f0070c10 tmp0:= AND_DSZ32(0x80000000, tmp0) U52fe: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U5300: 000100032c32 tmp2:= OR_DSZ32(tmp2, tmp0) U5301: 0e25d4030f09 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d4) U5302: 000100030c00 tmp0:= OR_DSZ32(0x00000000, tmp0) U5304: 07070003a030 tmm2:= unk_707(mm0) U5305: 013004030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000004) U5306: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U5308: 006202130200 tmp0:= MOVEFROMCREG_DSZ64(0x402) U5309: 000408030c08 tmp0:= AND_DSZ32(0x00000008, tmp0) U530a: 006341033200 tmp3:= READURAM(0x0041, 64) U530c: 00651f033233 tmp3:= SHR_DSZ64(tmp3, 0x0000001f) U530d: 000408033cc8 tmp3:= AND_DSZ32(0x00000008, tmp3) U530e: 000100030cf0 tmp0:= OR_DSZ32(tmp0, tmp3) U5310: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U5311: 000447030d90 tmp0:= AND_DSZ32(0x00010000, tmp6) U5312: 013040030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000040) U5314: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U5315: 01513a08023d LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, U023a) U5316: 00250a030236 tmp0:= SHR_DSZ32(tmp6, 0x0000000a) U5318: 000700031ef0 tmp1:= NOTAND_DSZ32(tmp0, tmp11) U5319: 01301003d231 tmp13:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00000010) U531a: 01312003a238 tmp10:= SELECTCC_DSZ32_CONDNZ(tmp8, 0x00000020) U531c: 000402035c08 tmp5:= AND_DSZ32(0x00000002, tmp0) U531d: 000100030d71 tmp0:= OR_DSZ32(tmp1, tmp5) U531e: 00010003aeb0 tmp10:= OR_DSZ32(tmp0, tmp10) U5320: 07070003803a tmm0:= unk_707(tmm2) U5321: 002403030230 tmp0:= SHL_DSZ32(tmp0, 0x00000003) U5322: 000100030c3b tmp0:= OR_DSZ32(tmp11, tmp0) U5324: 007d0003cf30 tmp12:= MOVEINSERTFLGS_DSZ64(tmp0, tmp12) U5325: 0902c5180f72 MOVETOCREG_OR_DSZ64(tmp2, tmp13, 0x6c5) U5326: 0004040bad88 tmp10:= AND_DSZ32(0x00000204, tmp6) U5328: 00240103a23a tmp10:= SHL_DSZ32(tmp10, 0x00000001) U5329: 0e65b0030f08 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000b0) U532a: 07470003e030 tmm6:= unk_747(mm0) U532c: 000720030230 tmp0:= NOTAND_DSZ32(tmp0, 0x00000020) U532d: 002405030230 tmp0:= SHL_DSZ32(tmp0, 0x00000005) U532e: 00010003aeb0 tmp10:= OR_DSZ32(tmp0, tmp10) U5330: 0e6590030f08 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000090) U5331: 07470003f030 tmm7:= unk_747(mm0) U5332: 002515030230 tmp0:= SHR_DSZ32(tmp0, 0x00000015) U5334: 000700130230 tmp0:= NOTAND_DSZ32(tmp0, 0x00000400) U5335: 00010003aeb0 tmp10:= OR_DSZ32(tmp0, tmp10) U5336: 0e25b4033f09 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001b4) U5338: 00151f033233 tmp3:= BTS_DSZ32(tmp3, 0x0000001f) U5339: 0e25cc030f0a tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000002cc) U533a: 003300030c33 tmp0:= SELECTCC_DSZ32_CONDNB(tmp3, tmp0) U533c: 002100030cf0 tmp0:= CONCAT_DSZ32(tmp0, tmp3) U533d: 0044e1033c10 tmp3:= AND_DSZ64(0x00200000, tmp0) U533e: 013000233233 tmp3:= SELECTCC_DSZ32_CONDZ(tmp3, 0x00000800) U5340: 00010003aeb3 tmp10:= OR_DSZ32(tmp3, tmp10) U5341: 005421030230 tmp0:= BT_DSZ64(tmp0, 0x00000021) U5342: 003300433230 tmp3:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00001000) U5344: 00010003aeb3 tmp10:= OR_DSZ32(tmp3, tmp10) U5345: 00250a03e236 tmp14:= SHR_DSZ32(tmp6, 0x0000000a) U5346: 00043803ef88 tmp14:= AND_DSZ32(0x00000038, tmp14) U5348: 00a100032ebe tmp2:= CONCAT_DSZ16(tmp14, tmp10) U5349: 005429034230 tmp4:= BT_DSZ64(tmp0, 0x00000029) U534a: 0033000b4234 tmp4:= SELECTCC_DSZ32_CONDNB(tmp4, 0x00000200) U534c: 00542403e230 tmp14:= BT_DSZ64(tmp0, 0x00000024) U534d: 00331003e23e tmp14:= SELECTCC_DSZ32_CONDNB(tmp14, 0x00000010) U534e: 000100034d3e tmp4:= OR_DSZ32(tmp14, tmp4) U5350: 0e25ac03bf09 tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001ac) U5351: 00044003eec8 tmp14:= AND_DSZ32(0x00000040, tmp11) U5352: 01300403e23e tmp14:= SELECTCC_DSZ32_CONDZ(tmp14, 0x00000004) U5354: 000100034d3e tmp4:= OR_DSZ32(tmp14, tmp4) U5355: 002100032cb4 tmp2:= CONCAT_DSZ32(tmp4, tmp2) U5356: 00434a000200 LFNCEWTMRK-> WRITEURAM(0x00000000, 0x004a, 64) U5358: 0042c0180232 MOVETOCREG_DSZ64(tmp2, 0x6c0) U5359: 0e2504034f09 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000104) U535a: 004348000234 SYNCMARK-> WRITEURAM(tmp4, 0x0048, 64) U535c: 000100034d00 tmp4:= OR_DSZ32(0x00000000, tmp4) U535d: 01f900034034 tmp4:= SETCC_CONDNZ(tmp4) U535e: 01515a3c0271 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U2f5a) U5360: 00480003d03c tmp13:= ZEROEXT_DSZ64(tmp12) U5361: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01d36940 ? SEQW GOTO U5369 U5362: 002100034db4 tmp4:= CONCAT_DSZ32(tmp4, tmp6) U5364: 006311033200 tmp3:= READURAM(0x0011, 64) U5365: 0e65e8073ccc tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp3, 0x000004e8, mode=0x01) U5366: 004400033d33 tmp3:= AND_DSZ64(tmp3, tmp4) U5368: 0151e91002b3 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U44e9) U5369: 0e25bc037f09 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001bc) U536a: 002100037df7 tmp7:= CONCAT_DSZ32(tmp7, tmp7) U536c: 006202133200 tmp3:= MOVEFROMCREG_DSZ64(0x402) U536d: 0004b00f3cc8 tmp3:= AND_DSZ32(0x000003b0, tmp3) U536e: 002504033233 tmp3:= SHR_DSZ32(tmp3, 0x00000004) U5370: 007d00037df3 tmp7:= MOVEINSERTFLGS_DSZ64(tmp3, tmp7) U5371: 006377033200 tmp3:= READURAM(0x0077, 64) U5372: 00651003e233 tmp14:= SHR_DSZ64(tmp3, 0x00000010) U5374: 00440103ef88 tmp14:= AND_DSZ64(0x00000001, tmp14) U5375: 00652a03f233 tmp15:= SHR_DSZ64(tmp3, 0x0000002a) U5376: 00441003ffc8 tmp15:= AND_DSZ64(0x00000010, tmp15) U5378: 00010003fffe tmp15:= OR_DSZ32(tmp14, tmp15) U5379: 00652a033233 tmp3:= SHR_DSZ64(tmp3, 0x0000002a) U537a: 004402033cc8 tmp3:= AND_DSZ64(0x00000002, tmp3) U537c: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U537d: 00633503e200 tmp14:= READURAM(0x0035, 64) U537e: 00653203f23e tmp15:= SHR_DSZ64(tmp14, 0x00000032) U5380: 00442003ffc8 tmp15:= AND_DSZ64(0x00000020, tmp15) U5381: 00652603e23e tmp14:= SHR_DSZ64(tmp14, 0x00000026) U5382: 00440803ef88 tmp14:= AND_DSZ64(0x00000008, tmp14) U5384: 00010003efbf tmp14:= OR_DSZ32(tmp15, tmp14) U5385: 000100033fb3 tmp3:= OR_DSZ32(tmp3, tmp14) U5386: 007d00036db3 tmp6:= MOVEINSERTFLGS_DSZ64(tmp3, tmp6) U5388: 0004270bedd0 tmp14:= AND_DSZ32(0xfe036dfb, tmp7) U5389: 00058603ef90 tmp14:= SUB_DSZ32(0x00036dfb, tmp14) U538a: 0151804c027e UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U3380) U538c: 00043e0bed90 tmp14:= AND_DSZ32(0xfffc11fb, tmp6) U538d: 00051903ef90 tmp14:= SUB_DSZ32(0x000011fb, tmp14) U538e: 0151804c027e UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U3380) U5390: 02310003fdb7 tmp15:= SELECTCC_DSZ32_CONDNS(tmp7, tmp6) U5391: 386a800c033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000010, U3380) U5392: 02310003fdf7 tmp15:= SELECTCC_DSZ32_CONDNS(tmp7, tmp7) U5394: 386a80cc037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000017, U3380) U5395: 02310003fdb6 tmp15:= SELECTCC_DSZ32_CONDNS(tmp6, tmp6) U5396: 386a804c033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000011, U3380) U5398: 02310003fdf6 tmp15:= SELECTCC_DSZ32_CONDNS(tmp6, tmp7) U5399: 386a800c03bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000018, U3380) U539a: 0004000b8dc8 tmp8:= AND_DSZ32(0x00000200, tmp7) U539c: 0204000bf008 tmp15:= unk_204(0x00000200) U539d: 3929800c0e3f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, tmp8, U3380) U539e: 0006000bf23f tmp15:= XOR_DSZ32(tmp15, 0x00000200) U53a0: 00040003edbf tmp14:= AND_DSZ32(tmp15, tmp6) U53a1: 0151804c027e UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U3380) U53a2: 00040033fd88 tmp15:= AND_DSZ32(0x00000c00, tmp6) U53a4: 00050033efc8 tmp14:= SUB_DSZ32(0x00000c00, tmp15) U53a5: 0150804c027e UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp14, U3380) U53a6: 00320003effc tmp14:= SELECTCC_DSZ32_CONDB(tmp12, tmp15) U53a8: 3929800c003e CMPUJNZ_DIRECT_NOTTAKEN(tmp14, 0x00000000, U3380) U53a9: 0008e113900a tmp9:= ZEROEXT_DSZ32(0x000044e1) U53aa: 20432c080239 WRITEURAM(tmp9, 0x002c, 32) U53ac: 20424d000010 MOVETOCREG_DSZ64(0x0000000a, 0x000) U53ad: 00631003e200 SYNCWAIT-> tmp14:= READURAM(0x0010, 64) U53ae: 000a20000200 TESTUSTATE(UCODE, 0x0020) 0ad41d80 ? SEQW GOTO U541d U53b0: 0e65c0033f08 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000c0) U53b1: 000d83a40000 SAVEUIP_REGOVR(0x01, U53b2, 0x0983) 01e0be40 SEQW GOTO U60be U53b2: 0e65b8033f08 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000b8) U53b4: 008800031f80 tmp1:= ZEROEXT_DSZ16(tmp14) U53b5: 004400031cf1 tmp1:= AND_DSZ64(tmp1, tmp3) U53b6: 0151e11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44e1) U53b8: 0e65a0033f08 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000a0) U53b9: 0007f3071433 tmp1:= NOTAND_DSZ32(tmp3, 0x80000021) U53ba: 0151e11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44e1) U53bc: 006520031233 tmp1:= SHR_DSZ64(tmp3, 0x00000020) U53bd: 0151e11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44e1) U53be: 0ea5c2033f09 tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001c2) U53c0: 0ea5aa031f09 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001aa) U53c1: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U53c2: 0ea5ca031f09 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001ca) U53c4: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U53c5: 0ea5d2031f09 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001d2) U53c6: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U53c8: 0ea5b2032f09 tmp2:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001b2) U53c9: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U53ca: 000501032c88 tmp2:= SUB_DSZ32(0x00000001, tmp2) U53cc: 0ea5ba031f09 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001ba) U53cd: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U53ce: 002509034238 tmp4:= SHR_DSZ32(tmp8, 0x00000009) U53d0: 008100031c74 tmp1:= OR_DSZ16(tmp4, tmp1) U53d1: 000501031c48 tmp1:= SUB_DSZ32(0x00000001, tmp1) U53d2: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U53d4: 0ea5e2031f09 tmp1:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x000001e2) U53d5: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U53d6: 000501031c48 tmp1:= SUB_DSZ32(0x00000001, tmp1) U53d8: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U53d9: 0250e11002b2 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp2, U44e1) U53da: 000407033cc8 tmp3:= AND_DSZ32(0x00000007, tmp3) U53dc: 0151e11002b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U44e1) U53dd: 0e65d8033f08 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000d8) U53de: 000501031d08 tmp1:= SUB_DSZ32(0x00000001, tmp4) U53e0: 002100031031 tmp1:= CONCAT_DSZ32(tmp1) U53e1: 004400031c73 tmp1:= AND_DSZ64(tmp3, tmp1) U53e2: 0151e11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44e1) U53e4: 025c00000cc0 unk_25c(tmp3) U53e5: 0e6508033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000208) U53e6: 025c00000cc0 unk_25c(tmp3) U53e8: 0e6510033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000210) U53e9: 025c00000cc0 unk_25c(tmp3) U53ea: 0e6520033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000220) U53ec: 025c00000cc0 unk_25c(tmp3) U53ed: 0e6528033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000228) U53ee: 025c00000cc0 unk_25c(tmp3) U53f0: 0e6530033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000230) U53f1: 025c00000cc0 unk_25c(tmp3) U53f2: 0e65f8033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002f8) U53f4: 025c00000cc0 unk_25c(tmp3) U53f5: 0e65f0033f0a tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002f0) U53f6: 025c00000cc0 unk_25c(tmp3) U53f8: 0e6550033f0b tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000350) U53f9: 006341031200 tmp1:= READURAM(0x0041, 64) U53fa: 006517031231 tmp1:= SHR_DSZ64(tmp1, 0x00000017) U53fc: 000400231231 tmp1:= AND_DSZ32(tmp1, 0x00000800) U53fd: 0041fe5f1c5f tmp1:= OR_DSZ64(0xfffffffffffff7fe, tmp1) U53fe: 004400033c73 tmp3:= AND_DSZ64(tmp3, tmp1) U5400: 013000171238 tmp1:= SELECTCC_DSZ32_CONDZ(tmp8, 0x00000500) U5401: 00541503f237 tmp15:= BT_DSZ64(tmp7, 0x00000015) U5402: 013e00031ff1 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp15) U5404: 007700033cf1 tmp3:= CMOVCC_DSZ64_CONDNB(tmp1, tmp3) U5405: 0929e1110c73 CMPUJNZ_DIRECT_NOTTAKEN(tmp3, tmp1, U44e1) U5406: 0e6548033f0b tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000348) U5408: 00541303f237 tmp15:= BT_DSZ64(tmp7, 0x00000013) U5409: 007393033cff ROVR<- tmp3:= SELECTCC_DSZ64_CONDNB(tmp15, tmp3) 01d9455d SEQW SAVEUIP1 U540a SEQW GOTO U5945 U540a: 0e6558033f0b tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000358) U540c: 00540c03f237 tmp15:= BT_DSZ64(tmp7, 0x0000000c) U540d: 007300033cff tmp3:= SELECTCC_DSZ64_CONDNB(tmp15, tmp3) U540e: 000807031008 tmp1:= ZEROEXT_DSZ32(0x00000007) U5410: 00210f031231 tmp1:= CONCAT_DSZ32(tmp1, 0x0000000f) U5411: 004700031cf1 tmp1:= NOTAND_DSZ64(tmp1, tmp3) U5412: 0151e11002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U44e1) U5414: 0e2550034f08 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000050) U5415: 1929a0140034 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U25a0) U5416: 0e2554034f08 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000054) U5418: 1929b4140034 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U25b4) U5419: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01d41d40 ? SEQW GOTO U541d U541a: 006202134200 tmp4:= MOVEFROMCREG_DSZ64(0x402) U541c: 2a6202d00234 MOVETOCREG_BTR_DSZ64(tmp4, 0x00000003, 0x402) U541d: 006348034200 tmp4:= READURAM(0x0048, 64) U541e: 2929ba1c0034 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U17ba) U5420: 100a80000200 LFNCEMARK-> TESTUSTATE(SYS, UST_VMX_GUEST) 04713900 ? SEQW GOTO U7139 U5421: 00046707fc10 tmp15:= AND_DSZ32(0x04066173, tmp0) U5422: 00056307ffd0 tmp15:= SUB_DSZ32(0x04006172, tmp15) U5424: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U5425: 006520031230 tmp1:= SHR_DSZ64(tmp0, 0x00000020) U5426: 0004570bfc50 tmp15:= AND_DSZ32(0xffc21000, tmp1) U5428: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U5429: 02330003fc77 tmp15:= SELECTCC_DSZ32_CONDNP(tmp7, tmp1) U542a: 0004000fffc8 tmp15:= AND_DSZ32(0x00000300, tmp15) U542c: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U542d: 01310003fc77 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp7, tmp1) U542e: 186a91a002ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000e, U2891) U5430: 00633a03f200 tmp15:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U5431: 0007b003f43f tmp15:= NOTAND_DSZ32(tmp15, 0x00080001) U5432: 01300003fc7f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, tmp1) U5434: 186a9160037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000015, U2891) U5435: 02330003fc76 tmp15:= SELECTCC_DSZ32_CONDNP(tmp6, tmp1) U5436: 186a91e002ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000f, U2891) U5438: 00310003fc77 tmp15:= SELECTCC_DSZ32_CONDNO(tmp7, tmp1) U5439: 186a91a0033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000012, U2891) U543a: 02310003fc76 tmp15:= SELECTCC_DSZ32_CONDNS(tmp6, tmp1) U543c: 186a91e0033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000013, U2891) U543d: 00330003fc77 tmp15:= SELECTCC_DSZ32_CONDNB(tmp7, tmp1) U543e: 186a916002ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000d, U2891) U5440: 0e6568034f4b tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000368) U5441: 0e6570039f4b tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000370) U5442: 00140d03f231 tmp15:= BT_DSZ32(tmp1, 0x0000000d) U5444: 007300034d3f tmp4:= SELECTCC_DSZ64_CONDNB(tmp15, tmp4) U5445: 006501038234 tmp8:= SHR_DSZ64(tmp4, 0x00000001) U5446: 015191200278 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U2891) U5448: 000402038c48 tmp8:= AND_DSZ32(0x00000002, tmp1) U5449: 017100038d38 tmp8:= SELECTCC_DSZ64_CONDNZ(tmp8, tmp4) U544a: 186a91200238 BTUJB_DIRECT_NOTTAKEN(tmp8, 0x00000000, U2891) U544c: 007300039e7f tmp9:= SELECTCC_DSZ64_CONDNB(tmp15, tmp9) U544d: 00440103ad08 tmp10:= AND_DSZ64(0x00000001, tmp4) U544e: 017000039e7a tmp9:= SELECTCC_DSZ64_CONDZ(tmp10, tmp9) U5450: 00440003ae7e tmp10:= AND_DSZ64(tmp14, tmp9) U5451: 01519120027a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U2891) U5452: 004100039e74 tmp9:= OR_DSZ64(tmp4, tmp9) U5454: 004354000239 WRITEURAM(tmp9, 0x0054, 64) U5455: 00300003fc76 tmp15:= SELECTCC_DSZ32_CONDO(tmp6, tmp1) U5456: 186a91e002bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000b, U2891) U5458: 186a9120033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000010, U2891) U5459: 00048203fc48 tmp15:= AND_DSZ32(0x00000082, tmp1) U545a: 00058003ffc8 tmp15:= SUB_DSZ32(0x00000080, tmp15) U545c: 01509120027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U2891) U545d: 0e6598032f48 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000098) U545e: 000401035c48 tmp5:= AND_DSZ32(0x00000001, tmp1) U5460: 200a04000200 TESTUSTATE(VMX, 0x0004) 01d46200 ? SEQW GOTO U5462 U5461: 015191200275 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U2891) U5462: 017000032cb5 tmp2:= SELECTCC_DSZ64_CONDZ(tmp5, tmp2) U5464: 00440003fcbe tmp15:= AND_DSZ64(tmp14, tmp2) U5465: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U5466: 09021e140d72 LFNCEWAIT-> MOVETOCREG_OR_DSZ64(tmp2, tmp5, 0x51e) U5468: 00480003803b tmp8:= ZEROEXT_DSZ64(tmp11) U5469: 200a10000200 TESTUSTATE(VMX, 0x0010) 01f2da40 ? SEQW GOTO U72da U546a: 0e65e003bf48 tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x000000e0) U546c: 00440003fefe tmp15:= AND_DSZ64(tmp14, tmp11) U546d: 01519120027f LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U546e: 0e2558039f4a tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x00000258) U5470: 200a20000200 TESTUSTATE(VMX, 0x0020) 01d47400 ? SEQW GOTO U5474 U5471: 186b91200238 BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x00000000, U2891) U5472: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U5474: 00250403f239 tmp15:= SHR_DSZ32(tmp9, 0x00000004) U5475: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U5476: 0ee58003423b LFNCEWAIT-> tmp4:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp11, 0x00000080) U5478: 200a20033200 tmp3:= TESTUSTATE(VMX, 0x0020) 01d48000 ? SEQW GOTO U5480 U5479: 000800000000 NOP U547a: 000800000000 NOP U547c: 000d0083e010 tmp14:= SAVEUIP_REGOVR(0x01, U547d, 0x0000, 0x00000001) 01daa500 SEQW GOTO U5aa5 U547d: 004385000232 WRITEURAM(tmp2, 0x0085, 64) U547e: 00438600023b WRITEURAM(tmp11, 0x0086, 64) U5480: 002504034234 tmp4:= SHR_DSZ32(tmp4, 0x00000004) U5481: 000500034e74 tmp4:= SUB_DSZ32(tmp4, tmp9) U5482: 03fb00034034 tmp4:= SETCC_CONDNLE(tmp4) U5484: 00070003fd35 tmp15:= NOTAND_DSZ32(tmp5, tmp4) U5485: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U5486: 002407034234 tmp4:= SHL_DSZ32(tmp4, 0x00000007) U5488: 002100034d33 tmp4:= CONCAT_DSZ32(tmp3, tmp4) U5489: 00434a000234 LFNCEMARK-> WRITEURAM(tmp4, 0x004a, 64) U548a: 00480003f03b tmp15:= ZEROEXT_DSZ64(tmp11) U548c: 00080003b000 tmp11:= ZEROEXT_DSZ32(0x00000000) U548d: 00480003a03d tmp10:= ZEROEXT_DSZ64(tmp13) 01e8ed55 SEQW SAVEUIP1 U548e SEQW GOTO U68ed U548e: 00480003d03a tmp13:= ZEROEXT_DSZ64(tmp10) U5490: 01750003fff3 tmp15:= CMOVCC_DSZ64_CONDNZ(tmp3, tmp15) U5491: 00627f172200 tmp2:= MOVEFROMCREG_DSZ64(0x57f) U5492: 000700232232 tmp2:= NOTAND_DSZ32(tmp2, 0x00000800) U5494: 00250a032232 tmp2:= SHR_DSZ32(tmp2, 0x0000000a) U5495: 00410003fff2 tmp15:= OR_DSZ64(tmp2, tmp15) U5496: 000101032fc8 tmp2:= OR_DSZ32(0x00000001, tmp15) U5498: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U5499: 00a1030bffc8 tmp15:= CONCAT_DSZ16(0x00000203, tmp15) U549a: 00210003fcbf tmp15:= CONCAT_DSZ32(tmp15, tmp2) U549c: 00421314023f MOVETOCREG_DSZ64(tmp15, 0x513) 01f2dd00 SEQW GOTO U72dd ------------------------------------------------------------------------------------ U549d: 00052007ac48 tmp10:= SUB_DSZ32(0x00000120, tmp1) U549e: 01300203a23a tmp10:= SELECTCC_DSZ32_CONDZ(tmp10, 0x00000002) U54a0: 00000403ae88 tmp10:= ADD_DSZ32(0x00000004, tmp10) U54a1: 00000403cc48 tmp12:= ADD_DSZ32(0x00000004, tmp1) U54a2: 204200000f39 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp9, tmp12) U54a4: 00000103cf08 tmp12:= ADD_DSZ32(0x00000001, tmp12) U54a5: 00050103ae88 tmp10:= SUB_DSZ32(0x00000001, tmp10) U54a6: 01504e40027a LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp10, uret0) 0554a280 SEQW GOTO U54a2 ------------------------------------------------------------------------------------ U54a8: 004700031c75 tmp1:= NOTAND_DSZ64(tmp5, tmp1) U54a9: 0150d20002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U60d2) 0182ba55 SEQW SAVEUIP1 U54aa SEQW GOTO U02ba U54aa: 00151f031200 tmp1:= BTS_DSZ32(0x00000000, 0x0000001f) U54ac: 2d0f3c031008 PORTOUT_DSZ32_ASZ16_SC1(0x0000003c, tmp1) 01d6f800 SEQW GOTO U56f8 ------------------------------------------------------------------------------------ U54ad: 0008f1060010 rax:= ZEROEXT_DSZ32(0x80000001) U54ae: 00217a570009 tmp0:= CONCAT_DSZ32(0x0000357a) U54b0: 1042c0080270 MOVETOCREG_DSZ64(tmp0, 0x2c0, 32) U54b1: 2d4b481b000a tmp0:= PORTIN_DSZ64_ASZ16_SC1(0x00004648) U54b2: 186a0e590330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U660e) U54b4: 000cb9eb2240 tmp2:= SAVEUIP(0x01, U3ab9) U54b5: 3062ff0f0240 SYNCFULL-> tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U54b6: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U54b8: 286bbe700270 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000005, uret1) 01d4b500 SEQW GOTO U54b5 ------------------------------------------------------------------------------------ U54b9: 0062011f0200 tmp0:= MOVEFROMCREG_DSZ64(0x701) U54ba: 00540d030230 tmp0:= BT_DSZ64(tmp0, 0x0000000d) U54bc: 004265000200 MOVETOCREG_DSZ64(0x00000000, 0x065) U54bd: 00470f033c88 tmp3:= NOTAND_DSZ64(0x0000000f, tmp2) U54be: 104010033cc8 tmp3:= ADD_DSZN(0x00000010, tmp3) U54c0: 017e00033c33 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp0) U54c1: 007600031cb3 tmp1:= CMOVCC_DSZ64_CONDB(tmp3, tmp2) U54c2: 104500033c74 tmp3:= SUB_DSZN(tmp4, tmp1) U54c4: 125700000cc0 LFNCEMARK-> unk_257(tmp3) 04043448 SEQW URET0 ------------------------------------------------------------------------------------ U54c5: 0008996be009 tmp14:= ZEROEXT_DSZ32(0x00003a99) 04043448 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U54c6: 0e65b807df0c tmp13:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000004b8, mode=0x01) U54c8: 0e25b4074f49 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001b4, mode=0x01) U54c9: 00151f034234 tmp4:= BTS_DSZ32(tmp4, 0x0000001f) U54ca: 0e25cc07af4a tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000002cc, mode=0x01) U54cc: 00330003aeb4 tmp10:= SELECTCC_DSZ32_CONDNB(tmp4, tmp10) U54cd: 00170303a23a tmp10:= BTC_DSZ32(tmp10, 0x00000003) U54ce: 0e25ac07bf49 tmp11:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001ac, mode=0x01) U54d0: 0ea5bc07ff49 tmp15:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp13, 0x000001bc, mode=0x01) U54d1: 00040003ffcc tmp15:= AND_DSZ32(0x00008000, tmp15) U54d2: 00241003f23f tmp15:= SHL_DSZ32(tmp15, 0x00000010) U54d4: 00241703b23b tmp11:= SHL_DSZ32(tmp11, 0x00000017) U54d5: 00010003fffb tmp15:= OR_DSZ32(tmp11, tmp15) U54d6: 00010003fffa tmp15:= OR_DSZ32(tmp10, tmp15) U54d8: 00210003fd3f tmp15:= CONCAT_DSZ32(tmp15, tmp4) U54d9: 00434300023f WRITEURAM(tmp15, 0x0043, 64) U54da: 0e6568074f4b tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000368, mode=0x01) U54dc: 00040003be89 tmp11:= AND_DSZ32(0x00002000, tmp10) U54dd: 017000034d3b tmp4:= SELECTCC_DSZ64_CONDZ(tmp11, tmp4) U54de: 0e657007bf4b tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000370, mode=0x01) U54e0: 0041d113bef4 ROVR<- tmp11:= OR_DSZ64(tmp4, tmp11) 01d7311c SEQW SAVEUIP1 U54e1 SEQW GOTO U5731 U54e1: 00435400023b WRITEURAM(tmp11, 0x0054, 64) U54e2: 0e25c4074f49 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x000001c4, mode=0x01) U54e4: 002100034034 tmp4:= CONCAT_DSZ32(tmp4) U54e5: 000dd1d00340 SAVEUIP_REGOVR(0x01, U54e6, 0xb4d1) 01ddd940 SEQW GOTO U5dd9 U54e6: 0e255c074f4a tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp13, 0x0000025c, mode=0x01) U54e8: 00642a034234 tmp4:= SHL_DSZ64(tmp4, 0x0000002a) U54e9: 004314000234 WRITEURAM(tmp4, 0x0014, 64) U54ea: 0e6518074f48 tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000018, mode=0x01) U54ec: 004315000234 WRITEURAM(tmp4, 0x0015, 64) U54ed: 0e6520074f48 tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x00000020, mode=0x01) U54ee: 004316000234 WRITEURAM(tmp4, 0x0016, 64) U54f0: 0e65c0074f4a tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp13, 0x000002c0, mode=0x01) U54f1: 00434d000234 SYNCFULL-> WRITEURAM(tmp4, 0x004d, 64) 08952040 SEQW GOTO U1520 ------------------------------------------------------------------------------------ U54f2: 0008ff7f101f tmp1:= ZEROEXT_DSZ32(0xffffffffffffffff) U54f4: 1928513c0c60 CMPUJZ_DIRECT_NOTTAKEN(rax, tmp1, U2f51) U54f5: 2e75407b000d tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000be40) U54f6: 092870290230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U4a70) U54f8: 092890690230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000001, U4a90) U54f9: 2928fa910230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000002, U54fa) 01a76940 SEQW GOTO generate_#UD ------------------------------------------------------------------------------------ U54fa: 30420f080240 MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U54fc: 2d0bc843400a tmp4:= PORTIN_DSZ32_ASZ16_SC1(0x000050c8) U54fd: 006320031200 tmp1:= READURAM(0x0020, 64) U54fe: 0004fe7f1c4b tmp1:= AND_DSZ32(0x00007ffe, tmp1) U5500: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U5501: 2928e11d0c74 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp4, tmp1, U57e1) U5502: 2e75007b200d tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000be00) U5504: 0e2504034032 LFNCEWTMRK-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000004) U5505: 106200035d00 tmp5:= MOVEFROMCREG_DSZ64(tmp4) U5506: 0e6510036032 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000010) U5508: 004000036db5 tmp6:= ADD_DSZ64(tmp5, tmp6) U5509: 0e6d10036032 LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000010, tmp6) U550a: 0ea51a036032 tmp6:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000001a) U550c: 008001036d88 tmp6:= ADD_DSZ16(0x00000001, tmp6) U550d: 0ead1a036032 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000001a, tmp6) U550e: 0ee51f036032 tmp6:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp2, 0x0000001f) U5510: 000020032c88 tmp2:= ADD_DSZ32(0x00000020, tmp2) U5511: 0004c0036d88 LFNCEMARK-> tmp6:= AND_DSZ32(0x000000c0, tmp6) U5512: 0151145402b6 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U5514) 04d50480 SEQW GOTO U5504 ------------------------------------------------------------------------------------ U5514: 2e75807b700d tmp7:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000be80) U5515: 000480036d88 tmp6:= AND_DSZ32(0x00000080, tmp6) U5516: 017e00032db2 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp6) U5518: 013400032df2 tmp2:= CMOVCC_DSZ32_CONDZ(tmp2, tmp7) U5519: 2e7d007b200d LFNCEWAIT-> STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be00, tmp2) U551a: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U551c: 2e7d407b100d LFNCEMARK-> STADSTGBUF_DSZ64_ASZ16_SC1(0x0000be40, tmp1) U551d: 000000000000 NOP 0421fe40 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U551e: 0e659003ff0b tmp15:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000390) U5520: 006310036200 tmp6:= READURAM(0x0010, 64) U5521: 0047c03f6d88 tmp6:= NOTAND_DSZ64(0x00000fc0, tmp6) U5522: 00470003fff6 tmp15:= NOTAND_DSZ64(tmp6, tmp15) U5524: 00080003b000 tmp11:= ZEROEXT_DSZ32(0x00000000) U5525: 006205074200 tmp4:= MOVEFROMCREG_DSZ64(0x105) U5526: 001402034234 tmp4:= BT_DSZ32(tmp4, 0x00000002) U5528: 017e0003cd3c tmp12:= MOVEMERGEFLGS_DSZ64(tmp12, tmp4) 01e8ed14 SEQW SAVEUIP1 U5529 SEQW GOTO U68ed U5529: 017500035ff3 tmp5:= CMOVCC_DSZ64_CONDNZ(tmp3, tmp15) U552a: 2eea20076d48 tmp6:= LDPPHYS_DSZ8_ASZ64_SC1(tmp5, 0x00000020, mode=0x01) U552c: 001600036236 tmp6:= BTR_DSZ32(tmp6, 0x00000000) U552d: 2ee820076d48 STADPPHYS_DSZ8_ASZ64_SC1(tmp5, 0x00000020, mode=0x01, tmp6) U552e: 30428b080240 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, UCODE_CR_X2APIC_EOI, 32) 05012992 SEQW SAVEUIP0 U5530 SEQW GOTO U0129 U5530: 00480003603c tmp6:= ZEROEXT_DSZ64(tmp12) U5531: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U5532: 0008000b9008 tmp9:= ZEROEXT_DSZ32(0x00000200) U5534: 000800038000 tmp8:= ZEROEXT_DSZ32(0x00000000) U5535: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U5536: 2e2a00077d78 tmp7:= LDPPHYS_DSZ32_ASZ64_SC1(tmp8, tmp5, mode=0x01) U5538: 2e2800040d78 STADPPHYS_DSZ32_ASZ64_SC1(tmp8, tmp5, mode=0x01, 0x00000000) U5539: 0e250003ad39 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, tmp4) U553a: 00010003aeb7 tmp10:= OR_DSZ32(tmp7, tmp10) U553c: 0e2d0003ad39 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, tmp4, tmp10) U553d: 021f00031037 tmp1:= unk_21f(tmp7) U553e: 01d600031031 tmp1:= unk_1d6(tmp1) U5540: 002403031231 tmp1:= SHL_DSZ32(tmp1, 0x00000003) U5541: 002500037c77 tmp7:= SHR_DSZ32(tmp7, tmp1) U5542: 01d600037037 tmp7:= unk_1d6(tmp7) U5544: 000100031c77 tmp1:= OR_DSZ32(tmp7, tmp1) U5545: 002403032238 tmp2:= SHL_DSZ32(tmp8, 0x00000003) U5546: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U5548: 013e00032df2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp7) U5549: 013500030c32 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp2, tmp0) U554a: 000004038e08 tmp8:= ADD_DSZ32(0x00000004, tmp8) U554c: 000010039e48 tmp9:= ADD_DSZ32(0x00000010, tmp9) U554d: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01d53640 SEQW GOTO U5536 ------------------------------------------------------------------------------------ U554e: 00480003c036 tmp12:= ZEROEXT_DSZ64(tmp6) U5550: 000c78d3e248 tmp14:= SAVEUIP(0x01, U3478) 04e0ee00 SEQW GOTO U60ee ------------------------------------------------------------------------------------ U5551: 0150b16002b0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U58b1) U5552: 00e104031c88 tmp1:= CONCAT_DSZ8(0x00000004, tmp2) U5554: 000da9f00380 SAVEUIP_REGOVR(0x01, U5555, 0xdca9) 02b71a00 SEQW GOTO U371a U5555: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U5556: 23800003ae80 tmp10:= READAFLAGS(tmp10) U5558: 004260000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U5559: 00090003903a tmp9:= MOVE_DSZ32(tmp10) U555a: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U555c: 000821035008 tmp5:= ZEROEXT_DSZ32(0x00000021) 07017e00 SEQW GOTO U017e ------------------------------------------------------------------------------------ U555d: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U555e: 0e6500035034 LFNCEWTMRK-> tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U5560: 01420d038d78 tmp8:= UFLOWCTRL(tmp8, LDAT_IN, tmp5) U5561: 100a00000280 TESTUSTATE(SYS, 0x4000) 01d56540 ? SEQW GOTO U5565 U5562: 0e7d00035033 STADSTGBUF_DSZ64_ASZ16_SC1(tmp3, tmp5) U5564: 000020033cc8 tmp3:= ADD_DSZ32(0x00000020, tmp3) U5565: 004008034d08 tmp4:= ADD_DSZ64(0x00000008, tmp4) U5566: 01600103c23c SYNCWAIT-> tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 0b555e80 SEQW GOTO U555e ------------------------------------------------------------------------------------ U5568: 2042a1180200 MOVETOCREG_DSZ64(0x00000000, 0x6a1) 08a1624c SEQW URET1 ------------------------------------------------------------------------------------ U5569: 004200000e3a SYNCFULL-> MOVETOCREG_DSZ64(tmp10, tmp8) 08a1624c SEQW GOTO U2162 ------------------------------------------------------------------------------------ calc_fast_sha256_start: U556a: 0008000ff008 tmp15:= ZEROEXT_DSZ32(0x00000300) U556c: 0eae0002003f SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, xmm0) U556d: 0eee2002003f SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000020, xmm0) U556e: 0eae4002103f SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000040, xmm1) U5570: 0eee6002103f SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000060, xmm1) U5571: 0008800ff008 tmp15:= ZEROEXT_DSZ32(0x00000380) U5572: 0eae0002203f SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, xmm2) U5574: 0eee2002203f SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000020, xmm2) U5575: 0eae4002203f SIMDLSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000040, xmm2) U5576: 0eee6002203f SIMDHSTADSTGBUF_DSZ64_ASZ32_SC1(tmp15, 0x00000060, xmm2) U5578: 00080003c000 tmp12:= ZEROEXT_DSZ32(0x00000000) U5579: 0008dc07f010 tmp15:= ZEROEXT_DSZ32(0x6a09e667) U557a: 00210e0bffd0 tmp15:= CONCAT_DSZ32(0xbb67ae85, tmp15) U557c: 0e6d0003f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp15) U557d: 0008af07f010 tmp15:= ZEROEXT_DSZ32(0x3c6ef372) U557e: 0021080bffd0 tmp15:= CONCAT_DSZ32(0xa54ff53a, tmp15) U5580: 0e6d0803f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008, tmp15) U5581: 0008d407f010 tmp15:= ZEROEXT_DSZ32(0x510e527f) U5582: 0021040bffd0 tmp15:= CONCAT_DSZ32(0x9b05688c, tmp15) U5584: 0e6d1003f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000010, tmp15) U5585: 00089c07f010 tmp15:= ZEROEXT_DSZ32(0x1f83d9ab) U5586: 0021d607ffd0 tmp15:= CONCAT_DSZ32(0x5be0cd19, tmp15) U5588: 0e6d1803f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000018, tmp15) U5589: 000866074010 tmp4:= ZEROEXT_DSZ32(0x04050607) U558a: 00215a034434 tmp4:= CONCAT_DSZ32(tmp4, 0x00010203) U558c: 074700022034 xmm2:= unk_747(mm4) U558d: 000881074010 tmp4:= ZEROEXT_DSZ32(0x0c0d0e0f) U558e: 00217d074434 tmp4:= CONCAT_DSZ32(tmp4, 0x08090a0b) U5590: 074700038034 tmm0:= unk_747(mm4) U5591: 05ba000228b8 xmm2:= unk_5ba(tmm0, xmm2) U5592: 0ec60007e037 tmp14:= unk_ec6(tmp7) U5594: 0ec61007f037 tmp15:= unk_ec6(tmp7) U5595: 052bb103e03e tmp14:= unk_52b(tmp14) U5596: 052b1b03f03f tmp15:= unk_52b(tmp15) U5598: 05b90003d03e tmm5:= unk_5b9(tmm6) U5599: 04d70803efbf tmm6:= unk_4d7(tmm7, tmm6) U559a: 04eef003fffd tmm7:= unk_4ee(tmm5, tmm7) U559c: 00000003cf36 tmp12:= ADD_DSZ32(tmp6, tmp12) U559d: 00634e034200 LFNCEWAIT-> tmp4:= READURAM(0x004e, 64) U559e: 05b90002003e xmm0:= unk_5b9(tmm6) U55a0: 05b90002103f xmm1:= unk_5b9(tmm7) U55a1: 000100032008 tmp2:= OR_DSZ32(0x00000000) U55a2: 0ec600078cb5 tmp8:= unk_ec6(tmp5, tmp2) U55a4: 06d800039e22 tmm1:= unk_6d8(xmm2, tmm0) U55a5: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55a6: 04ce00038e39 tmm0:= unk_4ce(tmm1, tmm0) U55a8: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U55a9: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U55aa: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U55ac: 052b0e038038 tmp8:= unk_52b(tmp8) U55ad: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U55ae: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U55b0: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U55b1: 000110032008 tmp2:= OR_DSZ32(0x00000010) U55b2: 0ec600078cb5 tmp8:= unk_ec6(tmp5, tmp2) U55b4: 06d80003ae22 tmm2:= unk_6d8(xmm2, tmm0) U55b5: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55b6: 04ce00038e3a tmm0:= unk_4ce(tmm2, tmm0) U55b8: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U55b9: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U55ba: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U55bc: 052b0e038038 tmp8:= unk_52b(tmp8) U55bd: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U55be: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U55c0: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U55c1: 06e800039e7a tmm1:= unk_6e8(tmm2, tmm1) U55c2: 000120032008 tmp2:= OR_DSZ32(0x00000020) U55c4: 0ec600078cb5 tmp8:= unk_ec6(tmp5, tmp2) U55c5: 06d80003be22 tmm3:= unk_6d8(xmm2, tmm0) U55c6: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55c8: 04ce00038e3b tmm0:= unk_4ce(tmm3, tmm0) U55c9: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U55ca: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U55cc: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U55cd: 052b0e038038 tmp8:= unk_52b(tmp8) U55ce: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U55d0: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U55d1: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U55d2: 06e80003aebb tmm2:= unk_6e8(tmm3, tmm2) U55d4: 000130032008 tmp2:= OR_DSZ32(0x00000030) U55d5: 0ec600078cb5 tmp8:= unk_ec6(tmp5, tmp2) U55d6: 06d80003ce22 tmm4:= unk_6d8(xmm2, tmm0) U55d8: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55d9: 04ce00038e3c tmm0:= unk_4ce(tmm4, tmm0) U55da: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U55dc: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U55dd: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U55de: 04d70403df3b tmm5:= unk_4d7(tmm3, tmm4) U55e0: 04ce00039e7d tmm1:= unk_4ce(tmm5, tmm1) U55e1: 06e900039e7c tmm1:= unk_6e9(tmm4, tmm1) U55e2: 052b0e038038 tmp8:= unk_52b(tmp8) U55e4: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U55e5: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U55e6: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U55e8: 06e80003befc tmm3:= unk_6e8(tmm4, tmm3) U55e9: 000140032008 tmp2:= OR_DSZ32(0x00000040) U55ea: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55ec: 04ce00038e39 tmm0:= unk_4ce(tmm1, tmm0) U55ed: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U55ee: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U55f0: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U55f1: 04d70403de7c tmm5:= unk_4d7(tmm4, tmm1) U55f2: 04ce0003aebd tmm2:= unk_4ce(tmm5, tmm2) U55f4: 06e90003aeb9 tmm2:= unk_6e9(tmm1, tmm2) U55f5: 052b0e038038 tmp8:= unk_52b(tmp8) U55f6: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U55f8: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U55f9: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U55fa: 06e80003cf39 tmm4:= unk_6e8(tmm1, tmm4) U55fc: 000150032008 tmp2:= OR_DSZ32(0x00000050) U55fd: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U55fe: 04ce00038e3a tmm0:= unk_4ce(tmm2, tmm0) U5600: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5601: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5602: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5604: 04d70403deb9 tmm5:= unk_4d7(tmm1, tmm2) U5605: 04ce0003befd tmm3:= unk_4ce(tmm5, tmm3) U5606: 06e90003befa tmm3:= unk_6e9(tmm2, tmm3) U5608: 052b0e038038 tmp8:= unk_52b(tmp8) U5609: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U560a: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U560c: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U560d: 06e800039e7a tmm1:= unk_6e8(tmm2, tmm1) U560e: 000160032008 tmp2:= OR_DSZ32(0x00000060) U5610: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5611: 04ce00038e3b tmm0:= unk_4ce(tmm3, tmm0) U5612: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5614: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5615: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5616: 04d70403defa tmm5:= unk_4d7(tmm2, tmm3) U5618: 04ce0003cf3d tmm4:= unk_4ce(tmm5, tmm4) U5619: 06e90003cf3b tmm4:= unk_6e9(tmm3, tmm4) U561a: 052b0e038038 tmp8:= unk_52b(tmp8) U561c: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U561d: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U561e: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U5620: 06e80003aebb tmm2:= unk_6e8(tmm3, tmm2) U5621: 000170032008 tmp2:= OR_DSZ32(0x00000070) U5622: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5624: 04ce00038e3c tmm0:= unk_4ce(tmm4, tmm0) U5625: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5626: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5628: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5629: 04d70403df3b tmm5:= unk_4d7(tmm3, tmm4) U562a: 04ce00039e7d tmm1:= unk_4ce(tmm5, tmm1) U562c: 06e900039e7c tmm1:= unk_6e9(tmm4, tmm1) U562d: 052b0e038038 tmp8:= unk_52b(tmp8) U562e: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U5630: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U5631: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U5632: 06e80003befc tmm3:= unk_6e8(tmm4, tmm3) U5634: 000180032008 tmp2:= OR_DSZ32(0x00000080) U5635: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5636: 04ce00038e39 tmm0:= unk_4ce(tmm1, tmm0) U5638: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5639: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U563a: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U563c: 04d70403de7c tmm5:= unk_4d7(tmm4, tmm1) U563d: 04ce0003aebd tmm2:= unk_4ce(tmm5, tmm2) U563e: 06e90003aeb9 tmm2:= unk_6e9(tmm1, tmm2) U5640: 052b0e038038 tmp8:= unk_52b(tmp8) U5641: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U5642: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U5644: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U5645: 06e80003cf39 tmm4:= unk_6e8(tmm1, tmm4) U5646: 000190032008 tmp2:= OR_DSZ32(0x00000090) U5648: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5649: 04ce00038e3a tmm0:= unk_4ce(tmm2, tmm0) U564a: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U564c: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U564d: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U564e: 04d70403deb9 tmm5:= unk_4d7(tmm1, tmm2) U5650: 04ce0003befd tmm3:= unk_4ce(tmm5, tmm3) U5651: 06e90003befa tmm3:= unk_6e9(tmm2, tmm3) U5652: 052b0e038038 tmp8:= unk_52b(tmp8) U5654: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U5655: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U5656: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U5658: 06e800039e7a tmm1:= unk_6e8(tmm2, tmm1) U5659: 0001a0032008 tmp2:= OR_DSZ32(0x000000a0) U565a: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U565c: 04ce00038e3b tmm0:= unk_4ce(tmm3, tmm0) U565d: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U565e: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5660: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5661: 04d70403defa tmm5:= unk_4d7(tmm2, tmm3) U5662: 04ce0003cf3d tmm4:= unk_4ce(tmm5, tmm4) U5664: 06e90003cf3b tmm4:= unk_6e9(tmm3, tmm4) U5665: 052b0e038038 tmp8:= unk_52b(tmp8) U5666: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U5668: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U5669: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U566a: 06e80003aebb tmm2:= unk_6e8(tmm3, tmm2) U566c: 0001b0032008 tmp2:= OR_DSZ32(0x000000b0) U566d: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U566e: 04ce00038e3c tmm0:= unk_4ce(tmm4, tmm0) U5670: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5671: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5672: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5674: 04d70403df3b tmm5:= unk_4d7(tmm3, tmm4) U5675: 04ce00039e7d tmm1:= unk_4ce(tmm5, tmm1) U5676: 06e900039e7c tmm1:= unk_6e9(tmm4, tmm1) U5678: 052b0e038038 tmp8:= unk_52b(tmp8) U5679: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U567a: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U567c: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U567d: 06e80003befc tmm3:= unk_6e8(tmm4, tmm3) U567e: 0001c0032008 tmp2:= OR_DSZ32(0x000000c0) U5680: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5681: 04ce00038e39 tmm0:= unk_4ce(tmm1, tmm0) U5682: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5684: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5685: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5686: 04d70403de7c tmm5:= unk_4d7(tmm4, tmm1) U5688: 04ce0003aebd tmm2:= unk_4ce(tmm5, tmm2) U5689: 06e90003aeb9 tmm2:= unk_6e9(tmm1, tmm2) U568a: 052b0e038038 tmp8:= unk_52b(tmp8) U568c: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U568d: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U568e: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U5690: 06e80003cf39 tmm4:= unk_6e8(tmm1, tmm4) U5691: 0001d0032008 tmp2:= OR_DSZ32(0x000000d0) U5692: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U5694: 04ce00038e3a tmm0:= unk_4ce(tmm2, tmm0) U5695: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U5696: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U5698: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U5699: 04d70403deb9 tmm5:= unk_4d7(tmm1, tmm2) U569a: 04ce0003befd tmm3:= unk_4ce(tmm5, tmm3) U569c: 06e90003befa tmm3:= unk_6e9(tmm2, tmm3) U569d: 052b0e038038 tmp8:= unk_52b(tmp8) U569e: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U56a0: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U56a1: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U56a2: 0001e0032008 tmp2:= OR_DSZ32(0x000000e0) U56a4: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U56a5: 04ce00038e3b tmm0:= unk_4ce(tmm3, tmm0) U56a6: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U56a8: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U56a9: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U56aa: 04d70403defa tmm5:= unk_4d7(tmm2, tmm3) U56ac: 04ce0003cf3d tmm4:= unk_4ce(tmm5, tmm4) U56ad: 06e90003cf3b tmm4:= unk_6e9(tmm3, tmm4) U56ae: 052b0e038038 tmp8:= unk_52b(tmp8) U56b0: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U56b1: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U56b2: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U56b4: 0001f0032008 tmp2:= OR_DSZ32(0x000000f0) U56b5: 0ed600078cb4 tmp8:= unk_ed6(tmp4, tmp2) U56b6: 04ce00038e3c tmm0:= unk_4ce(tmm4, tmm0) U56b8: 05b900023e3e xmm3:= unk_5b9(tmm6, tmm0) U56b9: 05d200023fe3 xmm3:= unk_5d2(xmm3, tmm7) U56ba: 05e60003f8f8 tmm7:= unk_5e6(tmm0, xmm3) U56bc: 052b0e038038 tmp8:= unk_52b(tmp8) U56bd: 05b900023e3f xmm3:= unk_5b9(tmm7, tmm0) U56be: 05d200023fa3 xmm3:= unk_5d2(xmm3, tmm6) U56c0: 05e60003e8f8 tmm6:= unk_5e6(tmm0, xmm3) U56c1: 04ce0003efa0 tmm6:= unk_4ce(xmm0, tmm6) U56c2: 04ce0003ffe1 tmm7:= unk_4ce(xmm1, tmm7) U56c4: 004040035d48 tmp5:= ADD_DSZ64(0x00000040, tmp5) U56c5: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U56c6: 0152c85802b6 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp6, U56c8) 01d59e80 SEQW GOTO U559e ------------------------------------------------------------------------------------ U56c8: 00634703b200 tmp11:= READURAM(0x0047, 64) U56c9: 0250b61802f6 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, U66b6) U56ca: 00251003f23b tmp15:= SHR_DSZ32(tmp11, 0x00000010) U56cc: 0150d20402ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U61d2) U56cd: 000020035dc8 tmp5:= ADD_DSZ32(0x00000020, tmp7) U56ce: 00550703f200 tmp15:= BTS_DSZ64(0x00000000, 0x00000007) U56d0: 0e6d2003f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000020, tmp15) U56d1: 0e6d28000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000028, 0x00000000) U56d2: 0e6d30000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000030, 0x00000000) U56d4: 0e6d38000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000038, 0x00000000) U56d5: 0e6d40000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000040, 0x00000000) U56d6: 0e6d48000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000048, 0x00000000) U56d8: 0e6d50000037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000050, 0x00000000) U56d9: 00640903f23c tmp15:= SHL_DSZ64(tmp12, 0x00000009) U56da: 033c0003f03f tmp15:= BSWAP_DSZ32(tmp15) U56dc: 00210003f03f tmp15:= CONCAT_DSZ32(tmp15) U56dd: 0e6d5803f037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000058, tmp15) 01d59e40 SEQW GOTO U559e ------------------------------------------------------------------------------------ U56de: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U56e0: 00428c100230 MOVETOCREG_DSZ64(tmp0, 0x48c) 01a1fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U56e1: 09282e200034 CMPUJZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U082e) U56e2: 00641d039234 tmp9:= SHL_DSZ64(tmp4, 0x0000001d) U56e4: 000802034008 tmp4:= ZEROEXT_DSZ32(0x00000002) U56e5: 292885dd0230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000003, U5785) U56e6: 292919300230 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U1c19) U56e8: 025d00035fc0 tmp5:= TEST_DSZ64(tmp15) U56e9: 01502e200235 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp5, U082e) U56ea: 0047ff3f5fc8 tmp5:= NOTAND_DSZ64(0x00000fff, tmp15) U56ec: 000cac1c0240 SAVEUIP(0x00, U27ac) 019c1a00 SEQW GOTO U1c1a ------------------------------------------------------------------------------------ U56ed: 000800031008 tmp1:= ZEROEXT_DSZ32(0x00000000) U56ee: 000820032008 tmp2:= ZEROEXT_DSZ32(0x00000020) U56f0: 00084e4fa009 tmp10:= ZEROEXT_DSZ32(0x0000334e) U56f1: 000d03800000 SYNCWAIT-> SAVEUIP_REGOVR(0x01, U56f2, 0x0003) 0a82ba40 SEQW GOTO U02ba U56f2: 3d0b00033c88 tmp3:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U56f4: 101400033c73 tmp3:= BT_DSZN(tmp3, tmp1) U56f5: 005200000eb3 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp3, tmp10) U56f6: 3d0f00035c88 PORTOUT_DSZ32_ASZ16_SC1(0x00000000, tmp2, tmp5) U56f8: 2d0f40000008 LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U56f9: 20436b00023b WRITEURAM(tmp11, 0x006b, 64) U56fa: 00e100031d78 tmp1:= CONCAT_DSZ8(tmp8, tmp5) U56fc: 00a100031c77 tmp1:= CONCAT_DSZ16(tmp7, tmp1) U56fd: 002100031c7b tmp1:= CONCAT_DSZ32(tmp11, tmp1) U56fe: 20432c000231 WRITEURAM(tmp1, 0x002c, 64) U5700: 0009156f000a tmp0:= MOVE_DSZ32(0x00005b15) U5701: 20436c000233 WRITEURAM(tmp3, 0x006c, 64) U5702: 00a1db030c08 tmp0:= CONCAT_DSZ16(0x000000db, tmp0) U5704: 20430508023d WRITEURAM(tmp13, 0x0005, 32) 01a42e00 SEQW GOTO U242e ------------------------------------------------------------------------------------ U5705: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5706: 0e6550039234 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x00000050) U5708: 00561a039239 tmp9:= BTR_DSZ64(tmp9, 0x0000001a) U5709: 00141b036239 tmp6:= BT_DSZ32(tmp9, 0x0000001b) U570a: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U570c: 0e6500037034 tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4) U570d: 00720003fdf6 tmp15:= SELECTCC_DSZ64_CONDB(tmp6, tmp7) U570e: 025c00000fc0 unk_25c(tmp15) U5710: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) 0184344c SEQW URET1 ------------------------------------------------------------------------------------ U5711: 00087617e009 tmp14:= ZEROEXT_DSZ32(0x00002576) 0184344c SEQW GOTO U0434 ------------------------------------------------------------------------------------ U5712: 000900035000 tmp5:= MOVE_DSZ32(0x00000000) U5714: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) 01817e00 SEQW GOTO U017e ------------------------------------------------------------------------------------ U5715: 00560b033233 tmp3:= BTR_DSZ64(tmp3, 0x0000000b) U5716: 00337b07f433 tmp15:= SELECTCC_DSZ32_CONDNB(tmp3, 0x08000000) U5718: 00210003f03f tmp15:= CONCAT_DSZ32(tmp15) U5719: 004100032cbf tmp2:= OR_DSZ64(tmp15, tmp2) U571a: 0e6de8072024 LFNCEWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xffffffffffffffe8, mode=0x01, tmp2) U571c: 0e6de0079024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xffffffffffffffe0, mode=0x01, tmp9) U571d: 0e6dd8073024 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, 0xffffffffffffffd8, mode=0x01, tmp3) U571e: 0008011f0008 tmp0:= ZEROEXT_DSZ32(0x00000701) U5720: 000828033008 tmp3:= ZEROEXT_DSZ32(0x00000028) 01b1f100 SEQW GOTO U31f1 ------------------------------------------------------------------------------------ U5721: 00880d03f008 tmp15:= ZEROEXT_DSZ16(0x0000000d) U5722: 1042da08027f MOVETOCREG_DSZ64(tmp15, 0x2da, 32) U5724: 00241803f23f tmp15:= SHL_DSZ32(tmp15, 0x00000018) U5725: 00011d7bffcc tmp15:= OR_DSZ32(0x00009e1d, tmp15) U5726: 0021b803ffd0 tmp15:= CONCAT_DSZ32(0x000e88c8, tmp15) U5728: 00410003df7f tmp13:= OR_DSZ64(tmp15, tmp13) U5729: 00437000023d WRITEURAM(tmp13, 0x0070, 64) U572a: 1042c408027d SYNCMARK-> MOVETOCREG_DSZ64(tmp13, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U572c: 09a20800063d MOVETOCREG_SHR_DSZ64(tmp13, 0x00000020, 0x008) 01d55d48 SEQW URET0 ------------------------------------------------------------------------------------ U572d: 000ca6f80200 SAVEUIP(0x01, patch_runs_load_loop) 01d55d48 SEQW GOTO U555d ------------------------------------------------------------------------------------ U572e: 0d3000031db4 tmp1:= LDZX_DSZ32_ASZ32_SC1(tmp4, tmp6) U5730: 0e2d00031db8 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, tmp6, tmp1) 01b88d00 SEQW GOTO U388d ------------------------------------------------------------------------------------ U5731: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5732: 0e6548716548 tmpv2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x00000048, mode=0x1c) U5734: 004318000216 WRITEURAM(tmpv2, 0x0018, 64) U5735: 0e6568716548 tmpv2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x00000068, mode=0x1c) U5736: 00431a000216 WRITEURAM(tmpv2, 0x001a, 64) U5738: 0e6558716548 tmpv2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x00000058, mode=0x1c) U5739: 004317000216 WRITEURAM(tmpv2, 0x0017, 64) U573a: 0e6578716548 tmpv2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x00000078, mode=0x1c) U573c: 004319000216 WRITEURAM(tmpv2, 0x0019, 64) 0192c54c SEQW URET1 ------------------------------------------------------------------------------------ U573d: 000ce4640280 SAVEUIP(0x00, U59e4) 0192c54c SEQW GOTO U12c5 ------------------------------------------------------------------------------------ U573e: 004018030d48 tmp0:= ADD_DSZ64(0x00000018, tmp5) U5740: 0d6808030e74 unk_d68(tmp4, tmp9, tmp0) 01ba2d00 SEQW GOTO U3a2d ------------------------------------------------------------------------------------ U5741: 00442a314588 tmpv0:= AND_DSZ64(0x00000c2a, tmpv2) U5742: 0151312c0254 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv0, U2b31) U5744: 000414015588 tmpv1:= AND_DSZ32(0x00000014, tmpv2) U5745: 013000015595 tmpv1:= SELECTCC_DSZ32_CONDZ(tmpv1, tmpv2) U5746: 186a312c0215 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000000, U2b31) U5748: 00632b015200 LFNCEWAIT-> tmpv1:= READURAM(0x002b, 64) U5749: 00044d055550 tmpv1:= AND_DSZ32(0x01ffffff, tmpv1) U574a: 013100015595 tmpv1:= SELECTCC_DSZ32_CONDNZ(tmpv1, tmpv2) U574c: 186a312c0215 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000000, U2b31) 01abd94c SEQW URET1 ------------------------------------------------------------------------------------ U574d: 002510032230 tmp2:= SHR_DSZ32(tmp0, 0x00000010) 01abd94c SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U574e: 286abe6102f6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000d, U58be) U5750: 00810103cf08 tmp12:= OR_DSZ16(0x00000001, tmp12) 02ab1900 SEQW GOTO U2b19 ------------------------------------------------------------------------------------ U5751: 1042c108027a LFNCEWAIT-> MOVETOCREG_DSZ64(tmp10, 0x2c1, 32) U5752: 00634b03a200 tmp10:= READURAM(0x004b, 64) U5754: 00436200023a WRITEURAM(tmp10, 0x0062, 64) U5755: 0c4b2047a000 tmp10:= RDSEGFLD(UNK_SEG_11, BASE) U5756: 0062011f5200 tmp5:= MOVEFROMCREG_DSZ64(0x701) U5758: 00251c035235 tmp5:= SHR_DSZ32(tmp5, 0x0000001c) U5759: 000403035d48 tmp5:= AND_DSZ32(0x00000003, tmp5) U575a: 004100035eb5 tmp5:= OR_DSZ64(tmp5, tmp10) U575c: 004363000235 WRITEURAM(tmp5, 0x0063, 64) 01901200 SEQW GOTO U1012 ------------------------------------------------------------------------------------ U575d: 00085d030010 tmp0:= ZEROEXT_DSZ32(0x00011000) U575e: 204231180230 MOVETOCREG_DSZ64(tmp0, 0x631) U5760: 204234180200 MOVETOCREG_DSZ64(0x00000000, 0x634) U5761: 204235180200 MOVETOCREG_DSZ64(0x00000000, 0x635) U5762: 204236180200 MOVETOCREG_DSZ64(0x00000000, 0x636) U5764: 204237180200 MOVETOCREG_DSZ64(0x00000000, 0x637) U5765: 204238180200 MOVETOCREG_DSZ64(0x00000000, 0x638) U5766: 296230580300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x630) U5768: 000c99240240 SAVEUIP(0x00, U2999) 01cbe600 SEQW GOTO U4be6 ------------------------------------------------------------------------------------ U5769: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U576a: 106200036e00 tmp6:= MOVEFROMCREG_DSZ64(tmp8) U576c: 002510038238 tmp8:= SHR_DSZ32(tmp8, 0x00000010) U576d: 106200039e00 tmp9:= MOVEFROMCREG_DSZ64(tmp8) U576e: 002100039db9 tmp9:= CONCAT_DSZ32(tmp9, tmp6) U5770: 0e7d0003903c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp9) U5771: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U5772: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01d76980 ? SEQW GOTO U5769 U5774: 000000000000 NOP 0186ae48 SEQW URET0 ------------------------------------------------------------------------------------ U5775: 00429d1c0234 MOVETOCREG_DSZ64(tmp4, 0x79d) 0186ae48 SEQW GOTO U06ae ------------------------------------------------------------------------------------ U5776: 00633f030200 tmp0:= READURAM(0x003f, 64) U5778: 2042c5180230 MOVETOCREG_DSZ64(tmp0, 0x6c5) 018e5200 SEQW GOTO U0e52 ------------------------------------------------------------------------------------ U5779: 0008800f8410 tmp8:= ZEROEXT_DSZ32(0x8d7f40c0) U577a: 106200036e00 tmp6:= MOVEFROMCREG_DSZ64(tmp8) U577c: 0e7d0003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp6) U577d: 002510038238 tmp8:= SHR_DSZ32(tmp8, 0x00000010) U577e: 106200036e00 tmp6:= MOVEFROMCREG_DSZ64(tmp8) U5780: 0e7d2003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020, tmp6) U5781: 00004003cf08 tmp12:= ADD_DSZ32(0x00000040, tmp12) U5782: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01d77980 ? SEQW GOTO U5779 U5784: 000000000000 NOP 019c1a48 SEQW URET0 ------------------------------------------------------------------------------------ U5785: 000c44100200 SAVEUIP(0x00, U0444) 019c1a48 SEQW GOTO U1c1a ------------------------------------------------------------------------------------ U5786: 186af1f00223 BTUJB_DIRECT_NOTTAKEN(rbx, 0x00000003, U2cf1) U5788: 001603020220 rax:= BTR_DSZ32(rax, 0x00000003) 01acf100 SEQW GOTO U2cf1 ------------------------------------------------------------------------------------ U5789: 000802032008 tmp2:= ZEROEXT_DSZ32(0x00000002) U578a: 39629e880280 MOVETOCREG_BTS_DSZ64(0x0000000a, 0x29e) U578c: 200a02000200 TESTUSTATE(VMX, 0x0002) 01df0c00 ? SEQW GOTO U5f0c U578d: 00080043000d tmp0:= ZEROEXT_DSZ32(0x0000b000) U578e: 00e102032c88 tmp2:= CONCAT_DSZ8(0x00000002, tmp2) U5790: 00151f032232 tmp2:= BTS_DSZ32(tmp2, 0x0000001f) U5791: 00083a036008 tmp6:= ZEROEXT_DSZ32(0x0000003a) U5792: 000df6831000 tmp1:= SAVEUIP_REGOVR(0x01, U5794, 0x00f6) U5794: 000c9d9f4200 tmp4:= SAVEUIP(0x01, U079d) 01dcfc00 SEQW GOTO U5cfc ------------------------------------------------------------------------------------ rsa_signing_error: U5795: 033a0003f000 tmp15:= STC(0x00000000) U5796: 00635c032200 tmp2:= READURAM(0x005c, 64) U5798: 001403032232 tmp2:= BT_DSZ32(tmp2, 0x00000003) U5799: 0033f87f27f2 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0xfffffffffffffff8) U579a: 000084032c88 tmp2:= ADD_DSZ32(0x00000084, tmp2) U579c: 0e2d40000037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000040, 0x00000000) U579d: 000501032c88 tmp2:= SUB_DSZ32(0x00000001, tmp2) U579e: 004004037dc8 tmp7:= ADD_DSZ64(0x00000004, tmp7) U57a0: 01500d6802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U5a0d) 01d79c00 SEQW GOTO U579c ------------------------------------------------------------------------------------ U57a1: 20635303f200 tmp15:= READURAM(0x0053, 64) U57a2: 00077903ffc8 tmp15:= NOTAND_DSZ32(0x00000079, tmp15) U57a4: 00011a03ffc8 tmp15:= OR_DSZ32(0x0000001a, tmp15) U57a5: 20435308023f WRITEURAM(tmp15, 0x0053, 32) U57a6: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U57a8: 2a62c3580270 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp0, 0x00000005, 0x6c3) U57a9: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) U57aa: 39629d080240 MOVETOCREG_BTS_DSZ64(0x00000004, 0x29d) U57ac: 0008ee03f008 tmp15:= ZEROEXT_DSZ32(0x000000ee) 01e21d00 SEQW GOTO U621d ------------------------------------------------------------------------------------ U57ad: 00635703c200 tmp12:= READURAM(0x0057, 64) U57ae: 006213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U57b0: 0008ff033008 tmp3:= ZEROEXT_DSZ32(0x000000ff) U57b1: 0021004337f3 tmp3:= CONCAT_DSZ32(tmp3, 0xfffffffffffff000) U57b2: 004400034d33 tmp4:= AND_DSZ64(tmp3, tmp4) U57b4: 000500233e08 tmp3:= SUB_DSZ32(0x00000800, tmp8) U57b5: 002404033233 tmp3:= SHL_DSZ32(tmp3, 0x00000004) U57b6: 0e6d00035cf4 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, tmp3, tmp5) U57b8: 000c0ccbe248 tmp14:= SAVEUIP(0x01, U320c) 01ba4148 SEQW URET0 ------------------------------------------------------------------------------------ U57b9: 00a15d030008 tmp0:= CONCAT_DSZ16(0x0000005d) 01ba4148 SEQW GOTO enter_probe_mode ------------------------------------------------------------------------------------ U57ba: 053f0003bef9 tmm3:= unk_53f(tmm1, tmm3) U57bc: 26890003ffbb tmm7:= unk_689(tmm3, tmm6) 01840400 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U57bd: 09023a980200 MOVETOCREG_OR_DSZ64(0x00000002, 0x63a) U57be: 09023ed80240 MOVETOCREG_OR_DSZ64(0x00000007, 0x63e) U57c0: 0dff01000000 LFNCEWTMRK-> unk_dff(0x00000000) U57c1: 000837034008 tmp4:= ZEROEXT_DSZ32(0x00000037) U57c2: 00420b000234 MOVETOCREG_DSZ64(tmp4, 0x00b) U57c4: 00421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) U57c5: 090205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U57c6: 2042c5180200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x6c5) U57c8: 20434a000200 WRITEURAM(0x00000000, 0x004a, 64) 01cfe400 SEQW GOTO U4fe4 ------------------------------------------------------------------------------------ U57c9: 0e6500031032 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2) U57ca: 00540003f231 tmp15:= BT_DSZ64(tmp1, 0x00000000) U57cc: 00730003ffff tmp15:= SELECTCC_DSZ64_CONDNB(tmp15, tmp15) U57cd: 00440003fff4 tmp15:= AND_DSZ64(tmp4, tmp15) U57ce: 01519c5c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U379c) U57d0: 004200000cf1 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, tmp3) U57d1: 01600183c23c tmp12:= SUBR_DSZ64(tmp12, IMM_MACRO_01) 040000cd SEQW URET1 ------------------------------------------------------------------------------------ U57d2: 000001033cc8 tmp3:= ADD_DSZ32(0x00000001, tmp3) U57d4: 004008032c88 tmp2:= ADD_DSZ64(0x00000008, tmp2) 01d7c900 SEQW GOTO U57c9 ------------------------------------------------------------------------------------ U57d5: 003218033231 tmp3:= SELECTCC_DSZ32_CONDB(tmp1, 0x00000018) U57d6: 000103020cc8 rax:= OR_DSZ32(0x00000003, tmp3) U57d8: 00543b033232 tmp3:= BT_DSZ64(tmp2, 0x0000003b) U57d9: 013e400b3cc8 tmp3:= MOVEMERGEFLGS_DSZ32(0x00000240, tmp3) U57da: 003740133233 tmp3:= CMOVCC_DSZ32_CONDNB(tmp3, 0x00000440) U57dc: 013e00033c73 tmp3:= MOVEMERGEFLGS_DSZ32(tmp3, tmp1) U57dd: 0037400a3233 rbx:= CMOVCC_DSZ32_CONDNB(tmp3, 0x00000240) U57de: 013e400b3c48 tmp3:= MOVEMERGEFLGS_DSZ32(0x00000240, tmp1) U57e0: 003640121233 rcx:= CMOVCC_DSZ32_CONDB(tmp3, 0x00000440) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U57e1: 000ca20fd2c8 tmp13:= SAVEUIP(0x00, U63a2) U57e2: 2d0bd043800a tmp8:= PORTIN_DSZ32_ASZ16_SC1(0x000050d0) U57e4: 0ea51e036038 tmp6:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp8, 0x0000001e) U57e5: 0e2504034038 LFNCEWAIT-> tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x00000004) U57e6: 386a112c0276 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000004, U3b11) U57e8: 286abe7402f6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000d, U1dbe) U57e9: 0e6508035038 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000008) U57ea: 186a5d4402b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000009, U215d) U57ec: 186a8d880276 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000006, U228d) 01e3a200 SEQW GOTO U63a2 ------------------------------------------------------------------------------------ U57ed: 006270030200 tmp0:= MOVEFROMCREG_DSZ64(0x070) U57ee: 00621c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01c) U57f0: 002100030c3f tmp0:= CONCAT_DSZ32(tmp15, tmp0) U57f1: 20432a000230 WRITEURAM(tmp0, 0x002a, 64) U57f2: 000ca4e80280 SAVEUIP(0x01, U5aa4) U57f4: 0008bf0fc008 tmp12:= ZEROEXT_DSZ32(0x000003bf) U57f5: 20420b00023c MOVETOCREG_DSZ64(tmp12, 0x00b) U57f6: 00080303c008 tmp12:= ZEROEXT_DSZ32(0x00000003) U57f8: 20420500023c MOVETOCREG_DSZ64(tmp12, 0x005) 01dcda4c SEQW URET1 ------------------------------------------------------------------------------------ U57f9: 000c6e37d27a tmp13:= SAVEUIP(tmp10, 0x00, U2d6e) 01dcda4c SEQW GOTO U5cda ------------------------------------------------------------------------------------ U57fa: 06a040039000 tmp9:= unk_6a0(0x00000000) U57fc: 04b471809e40 mm7:= FMOV(tmm1) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U57fd: 006348036200 tmp6:= READURAM(0x0048, 64) U57fe: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U5800: 204348080236 WRITEURAM(tmp6, 0x0048, 32) U5801: 0150026002b6 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U5802) 01e16440 SEQW GOTO U6164 ------------------------------------------------------------------------------------ U5802: 0040e0037dc8 tmp7:= ADD_DSZ64(0x000000e0, tmp7) U5804: 0008ff030008 tmp0:= ZEROEXT_DSZ32(0x000000ff) U5805: 0eed00030c37 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp0, tmp0) U5806: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U5808: 0250757402b0 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp0, U5d75) 01d80500 SEQW GOTO U5805 ------------------------------------------------------------------------------------ U5809: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U580a: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U580c: 09028c538234 tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000001, 0x48c) U580d: 000401036d48 tmp6:= AND_DSZ32(0x00000001, tmp5) U580e: 0150191c0276 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U2719) U5810: 06a04303c000 tmp12:= unk_6a0(0x00000000) U5811: 0ccc0063c03a WRTAGW-> tmp12:= unk_ccc(tmp10) U5812: 274300038000 tmm0:= unk_743(0x00000000) U5814: 04b491838200 tmm0:= FMOV(0x00000091) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5815: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U5816: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U5818: 0087000b4d08 tmp4:= NOTAND_DSZ16(0x00000200, tmp4) U5819: 06a018079000 tmp9:= unk_6a0(0x00000000) U581a: 09028c138274 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000004, 0x48c) U581c: 000404032d48 tmp2:= AND_DSZ32(0x00000004, tmp5) U581d: 0150de5802b2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U56de) U581e: 04b401808e40 mm0:= FMOV(tmm1) U5820: 04b471809e00 LFNCEWAIT-> mm7:= FMOV(tmm0) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5821: 00080f020008 rax:= ZEROEXT_DSZ32(0x0000000f) U5822: 00543b031232 tmp1:= BT_DSZ64(tmp2, 0x0000003b) U5824: 013ec00b3c48 tmp3:= MOVEMERGEFLGS_DSZ32(0x000002c0, tmp1) U5825: 0036400b3233 tmp3:= CMOVCC_DSZ32_CONDB(tmp3, 0x00000240) U5826: 006323031200 tmp1:= READURAM(0x0023, 64) U5828: 005408031231 tmp1:= BT_DSZ64(tmp1, 0x00000008) U5829: 003380031231 tmp1:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00000080) U582a: 000000023cf1 rbx:= ADD_DSZ32(tmp1, tmp3) U582c: 003200061230 rcx:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000100) 0517ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U582d: 00812a030e10 tmp0:= OR_DSZ16(0x00008080, tmp8) U582e: 00428c100230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x48c) U5830: 04b441809e40 mm7:= FMOV(tmm1) U5831: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) U5832: 07c200008235 mm0:= unk_7c2(mm5, 0x00000000) U5834: 069d00008200 mm0:= unk_69d(0x00000000) U5835: 07ea00036008 mm6:= unk_7ea(0x00000000) U5836: 000000036d8b tmp6:= ADD_DSZ32(0x00006000, tmp6) U5838: 07c231808236 LFNCEWAIT-> mm0:= unk_7c2(mm6, IMM_MACRO_31) 0221fe00 SEQW GOTO U21fe ------------------------------------------------------------------------------------ U5839: 06a046039000 tmp9:= unk_6a0(0x00000000) U583a: 002503032238 tmp2:= SHR_DSZ32(tmp8, 0x00000003) U583c: 07020003bef2 tmm3:= unk_702(mm2, tmm3) U583d: 04960003de7d tmm5:= unk_496(tmm5, tmm1) U583e: 06e10003df7b tmm5:= unk_6e1(tmm3, tmm5) U5840: 07020003cf32 tmm4:= unk_702(mm2, tmm4) U5841: 06e10003efbc tmm6:= unk_6e1(tmm4, tmm6) U5842: 06c900039fbd tmm1:= unk_6c9(tmm5, tmm6) U5844: 268900008e7c mm0:= unk_689(tmm4, tmm1) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5845: 20621a031200 tmp1:= MOVEFROMCREG_DSZ64(0x01a) U5846: 206265030200 tmp0:= MOVEFROMCREG_DSZ64(0x065) U5848: 104500031c70 tmp1:= SUB_DSZN(tmp0, tmp1) U5849: 206337030200 tmp0:= READURAM(0x0037, 64) U584a: 2928a2250c31 CMPUJZ_DIRECT_NOTTAKEN(tmp1, tmp0, U59a2) U584c: 000882030010 tmp0:= ZEROEXT_DSZ32(0x00030300) U584d: 2042a1180230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x6a1) U584e: 000879671008 tmp1:= ZEROEXT_DSZ32(0x00001979) U5850: 001511031231 tmp1:= BTS_DSZ32(tmp1, 0x00000011) 01a4a500 SEQW GOTO U24a5 ------------------------------------------------------------------------------------ U5851: 0042f61c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) U5852: 0042ff1c0231 MOVETOCREG_DSZ64(tmp1, 0x7ff) U5854: 0042fe1c023b MOVETOCREG_DSZ64(tmp11, CORE_CR_EFLAGS) U5855: 213f0000003b unk_13f(tmp11) U5856: 1042f91c0274 MOVETOCREG_DSZ64(tmp4, 0x7f9, 32) U5858: 0042c51c023d MOVETOCREG_DSZ64(tmp13, CORE_CR_CR4) U5859: 0042f81c023e MOVETOCREG_DSZ64(tmp14, 0x7f8) U585a: 004265000200 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x065) U585c: 000c50b80240 SAVEUIP(0x01, U2e50) 01816400 SEQW GOTO U0164 ------------------------------------------------------------------------------------ U585d: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U585e: 00250a035230 tmp5:= SHR_DSZ32(tmp0, 0x0000000a) U5860: 0004000b5d48 tmp5:= AND_DSZ32(0x00000200, tmp5) U5861: 0004ee031c10 tmp1:= AND_DSZ32(0x003c4dd7, tmp0) U5862: 000100431c49 tmp1:= OR_DSZ32(0x00003000, tmp1) U5864: 0004ef032c10 tmp2:= AND_DSZ32(0x003c7fd7, tmp0) U5865: 000100031c75 tmp1:= OR_DSZ32(tmp5, tmp1) U5866: 020700030cb1 tmp0:= unk_207(tmp1, tmp2) U5868: 1c38fbeb0024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x1a, tmp0) U5869: 10c50b824908 rsp:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) 01dffeb1 SEQW UEND0 ------------------------------------------------------------------------------------ U586a: 000a00400240 TESTUSTATE(UCODE, 0x3000) 01dffeb1 ? SEQW GOTO U5ffe U586c: 00080c131008 tmp1:= ZEROEXT_DSZ32(0x0000040c) U586d: 001510031231 tmp1:= BTS_DSZ32(tmp1, 0x00000010) U586e: 006312033200 tmp3:= READURAM(0x0012, 64) U5870: 286bfe3d02f3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000c, U5ffe) U5871: 000d139003c0 SAVEUIP_REGOVR(0x01, U5872, 0xe413) 01ebfd40 SEQW GOTO U6bfd U5872: 000cfefc0280 SAVEUIP(0x01, U5ffe) U5874: 004cd0614270 tmpv0:= SAVEUIP(tmp0, 0x00, U38d0) 01b34d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U5875: 0004fe7fbecb tmp11:= AND_DSZ32(0x00007ffe, tmp11) U5876: 00250203823b tmp8:= SHR_DSZ32(tmp11, 0x00000002) U5878: 00000003adb6 tmp10:= ADD_DSZ32(tmp6, tmp6) U5879: 00000003aeb7 tmp10:= ADD_DSZ32(tmp7, tmp10) U587a: 022400038e3a tmp8:= unk_224(tmp10, tmp8) U587c: 0000002f8e08 tmp8:= ADD_DSZ32(0x00000b00, tmp8) U587d: 00140103923b tmp9:= BT_DSZ32(tmp11, 0x00000001) U587e: 003300039db9 tmp9:= SELECTCC_DSZ32_CONDNB(tmp9, tmp6) U5880: 000000039e78 tmp9:= ADD_DSZ32(tmp8, tmp9) U5881: 000000039e77 tmp9:= ADD_DSZ32(tmp7, tmp9) 01a7118d SEQW URET1 ------------------------------------------------------------------------------------ U5882: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a7118d ? SEQW GOTO generate_#GP U5884: 014310a00200ROVR<-LFNCEMARK-> AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 0444a558 SEQW SAVEUIP0 U5885 U5885: 200a00900200 TESTUSTATE(VMX, !0x0400) 0444a558 ? SEQW GOTO U44a5 U5886: 0151111c0277 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp7, generate_#GP) U5888: 00635703c200 tmp12:= READURAM(0x0057, 64) U5889: 00082b230009 tmp0:= ZEROEXT_DSZ32(0x0000282b) U588a: 200a00400200 LFNCEMARK-> TESTUSTATE(VMX, 0x1000) 054bee92 ? SEQW SAVEUIP0 U588c ? SEQW GOTO U4bee U588c: 002404032202 tmp2:= SHL_DSZ32(r64src, 0x00000004) U588d: 006213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U588e: 0008ff035008 tmp5:= ZEROEXT_DSZ32(0x000000ff) U5890: 0021004357f5 tmp5:= CONCAT_DSZ32(tmp5, 0xfffffffffffff000) U5891: 004400034d35 tmp4:= AND_DSZ64(tmp5, tmp4) U5892: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5894: 0e2558075f0a tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000258, mode=0x01) U5895: 002404035235 tmp5:= SHL_DSZ32(tmp5, 0x00000004) U5896: 0004f0035d48 tmp5:= AND_DSZ32(0x000000f0, tmp5) U5898: 000500035cb5 tmp5:= SUB_DSZ32(tmp5, tmp2) U5899: 0e6d80732234 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0x00000080, mode=0x1c, tmp2) U589a: 200a20000200 TESTUSTATE(VMX, 0x0020) 01dfe180 ? SEQW GOTO U5fe1 U589c: 00c800032032 tmp2:= ZEROEXT_DSZ8(tmp2) U589d: 000c8e83e208 tmp14:= SAVEUIP(0x01, U008e) 01e67e40 SEQW GOTO U667e ------------------------------------------------------------------------------------ U589e: 0048f3839008 tmp9:= ZEROEXT_DSZ64(IMM_MACRO_f3) U58a0: 3e6b2903bcb0 LFNCEWAIT-> tmp11:= unk_e6b(tmp0, tmp2) 0248be00 SEQW GOTO U48be ------------------------------------------------------------------------------------ U58a1: 001407032232 tmp2:= BT_DSZ32(tmp2, 0x00000007) U58a2: 003302032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000002) U58a4: 000d00800000 SAVEUIP_REGOVR(0x01, U58a5, 0x0000) 01b2cd00 SEQW GOTO U32cd U58a5: 10629d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x29d, 32) U58a6: 186a85ec02b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000b, U2b85) U58a8: 206353030200 tmp0:= READURAM(0x0053, 64) U58a9: 286aaaa10230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000002, U58aa) 01dd0540 SEQW GOTO U5d05 ------------------------------------------------------------------------------------ U58aa: 10621d0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x21d, 32) U58ac: 186b852c0230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U2b85) U58ad: 2d0b10034008 LFNCEMARK-> tmp4:= PORTIN_DSZ32_ASZ16_SC1(0x00000010) 049b4140 SEQW GOTO U1b41 ------------------------------------------------------------------------------------ U58ae: 003240020231 rax:= SELECTCC_DSZ32_CONDB(tmp1, 0x00000040) U58b0: 0032c00e3231 rbx:= SELECTCC_DSZ32_CONDB(tmp1, 0x000003c0) 0517ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U58b1: 000900000000 MOVE_DSZ32(0x00000000) U58b2: 00421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U58b4: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U58b5: 186ab9140230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U25b9) U58b6: 0208f503f008 tmp15:= unk_208(0x000000f5) U58b8: 025e00000fc0 LFNCEMARK-> unk_25e(tmp15) U58b9: 00e104031c88 tmp1:= CONCAT_DSZ8(0x00000004, tmp2) U58ba: 00629e1f8200 tmp8:= MOVEFROMCREG_DSZ64(0x79e) U58bc: 0062fe1fa200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U58bd: 23800003ae80 tmp10:= READAFLAGS(tmp10) 023e3a40 SEQW GOTO U3e3a ------------------------------------------------------------------------------------ U58be: 000402035dc8 tmp5:= AND_DSZ32(0x00000002, tmp7) U58c0: 0151505c02b5 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U5750) 01b92a00 SEQW GOTO U392a ------------------------------------------------------------------------------------ U58c1: 206353031200 tmp1:= READURAM(0x0053, 64) U58c2: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U58c4: 004500037c40 tmp7:= SUB_DSZ64(0x00000000, tmp1) U58c5: 01504e400277 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, uret0) 018bc955 SEQW SAVEUIP1 U58c6 SEQW GOTO write_port_4c U58c6: 022200037031 tmp7:= unk_222(tmp1) U58c8: 00a100037df7 tmp7:= CONCAT_DSZ16(tmp7, tmp7) U58c9: 00fc00037df0 tmp7:= unk_0fc(tmp0, tmp7) U58ca: 2d0f18037008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, tmp7) U58cc: 2d0f64031008 SYNCFULL-> PORTOUT_DSZ32_ASZ16_SC1(0x00000064, tmp1) U58cd: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) 084e8189 SEQW URET0 ------------------------------------------------------------------------------------ U58ce: 00092b230009 tmp0:= MOVE_DSZ32(0x0000282b) 084e8189 SEQW GOTO do_vmexit ------------------------------------------------------------------------------------ U58d0: 3902d6880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2d6) U58d1: 1928d2010035 CMPUJZ_DIRECT_NOTTAKEN(tmp5, 0x00000000, U60d2) 01df7a55 SEQW SAVEUIP1 U58d2 SEQW GOTO U5f7a U58d2: 3042e0080273 MOVETOCREG_DSZ64(tmp3, 0x2e0, 32) U58d4: 3902d5880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2d5) 0d332d00 SEQW GOTO U332d ------------------------------------------------------------------------------------ U58d5: 00632403f200 tmp15:= READURAM(0x0024, 64) U58d6: 386b4ec007ff SYNCMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000003f, uret0) U58d8: 00651c03f23f tmp15:= SHR_DSZ64(tmp15, 0x0000001c) U58d9: 00250403a23f tmp10:= SHR_DSZ32(tmp15, 0x00000004) U58da: 0004fc03ae88 tmp10:= AND_DSZ32(0x000000fc, tmp10) U58dc: 00049007ffd0 tmp15:= AND_DSZ32(0x0ffff000, tmp15) U58dd: 00010003fffa tmp15:= OR_DSZ32(tmp10, tmp15) U58de: 0001f007ffd0 tmp15:= OR_DSZ32(0x80000000, tmp15) U58e0: 00040303ac48 tmp10:= AND_DSZ32(0x00000003, tmp1) U58e1: 00010003affa tmp10:= OR_DSZ32(tmp10, tmp15) 01a6d089 SEQW URET0 ------------------------------------------------------------------------------------ U58e2: 20431e00023b WRITEURAM(tmp11, 0x001e, 64) 01a6d089 SEQW GOTO U26d0 ------------------------------------------------------------------------------------ U58e4: 000ce9478240 tmp8:= SAVEUIP(0x00, U31e9) U58e5: 00e10a031cb3 ROVR<- tmp1:= CONCAT_DSZ8(tmp3, tmp2) 01a1785d SEQW SAVEUIP1 U58e6 SEQW GOTO U2178 U58e6: 000825037008 tmp7:= ZEROEXT_DSZ32(0x00000025) U58e8: 100a20000200 TESTUSTATE(SYS, UST_SMM) 018000c8 ? SEQW URET0 U58e9: 00426103e010 tmp14:= MOVETOCREG_DSZ64(0x00000009, 0x000) U58ea: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U58ec: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01d8f100 ? SEQW GOTO U58f1 U58ed: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U58ee: 006314030200 tmp0:= READURAM(0x0014, 64) U58f0: 186a30650230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U6930) U58f1: 20421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) 04bd6540 SEQW GOTO U3d65 ------------------------------------------------------------------------------------ U58f2: 000804033008 tmp3:= ZEROEXT_DSZ32(0x00000004) U58f4: 27800003f033 tmm7:= unk_780(mm3) 0d17ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U58f5: 00621b03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01b) U58f6: 0042521c023f SYNCMARK-> MOVETOCREG_DSZ64(tmp15, 0x752) U58f8: 086af1c003f6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000001f, U00f1) U58f9: 0fff00000000 SFENCE(0x00000000) U58fa: 00540f032232 tmp2:= BT_DSZ64(tmp2, 0x0000000f) U58fc: 00540f03f232 tmp15:= BT_DSZ64(tmp2, 0x0000000f) U58fd: 00360403f23f tmp15:= CMOVCC_DSZ32_CONDB(tmp15, 0x00000004) U58fe: 108500034034 SYNCWAIT-> tmp4:= SUB_DSZN(tmp4) U5900: 002400034ff4 tmp4:= SHL_DSZ32(tmp4, tmp15) U5901: 000000034d35 tmp4:= ADD_DSZ32(tmp5, tmp4) 01c06589 SEQW URET0 ------------------------------------------------------------------------------------ U5902: 10620003a800 tmp10:= MOVEFROMCREG_DSZ64(rax) 01c06589 SEQW GOTO U4065 ------------------------------------------------------------------------------------ U5904: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 04a7111d ? SEQW GOTO generate_#GP U5905: 014310a00200ROVR<-LFNCEMARK-> AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) 04a7111d SEQW SAVEUIP1 U5906 U5906: 00081c030008 tmp0:= ZEROEXT_DSZ32(0x0000001c) U5908: 200a00200200 TESTUSTATE(VMX, 0x0800) 035dfa14 ? SEQW SAVEUIP1 U5909 ? SEQW GOTO U5dfa U5909: 000810031008 tmp1:= ZEROEXT_DSZ32(0x00000010) U590a: 00621b03f200 LFNCEWAIT-> tmp15:= MOVEFROMCREG_DSZ64(0x01b) U590c: 000478034fc8 tmp4:= AND_DSZ32(0x00000078, tmp15) U590d: 002405034234 tmp4:= SHL_DSZ32(tmp4, 0x00000005) U590e: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U5910: 00251c03423f tmp4:= SHR_DSZ32(tmp15, 0x0000001c) U5911: 00040f034d08 tmp4:= AND_DSZ32(0x0000000f, tmp4) U5912: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U5914: 286a917c0330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, do_smm_vmexit_ovr_enter_rip) 01ce8200 SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U5915: 004c5c0312f5 tmp1:= SAVEUIP(tmp5, 0x00, U605c) U5916: 0062bb1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7bb) U5918: 004501033008 tmp3:= SUB_DSZ64(0x00000001) U5919: 386b4e8002b1 SYNCMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, uret0) U591a: 0021ff7f3cdf tmp3:= CONCAT_DSZ32(0xffffffffffffffff, tmp3) U591c: 004400031cf1 tmp1:= AND_DSZ64(tmp1, tmp3) U591d: 00440003dcb1 tmp13:= AND_DSZ64(tmp1, tmp2) U591e: 00627417e200 tmp14:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U5920: 00440003efb1 tmp14:= AND_DSZ64(tmp1, tmp14) U5921: 1928111c0f7e CMPUJZ_DIRECT_NOTTAKEN(tmp14, tmp13, generate_#GP) 0943a489 SEQW URET0 ------------------------------------------------------------------------------------ U5922: 304200000832 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, rax) 0943a489 SEQW GOTO U43a4 ------------------------------------------------------------------------------------ U5924: 2d0ba0022008 rdx:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) 01db5400 SEQW GOTO U5b54 ------------------------------------------------------------------------------------ U5925: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U5926: 290205040c72 MOVETOCREG_OR_DSZ64(tmp2, tmp1, 0x105) U5928: 00250b031235 tmp1:= SHR_DSZ32(tmp5, 0x0000000b) U5929: 000701031231 tmp1:= NOTAND_DSZ32(tmp1, 0x00000001) U592a: 3902838c0231 MOVETOCREG_OR_DSZ64(tmp1, 0x00000002, 0x383) U592c: 000401031d48 tmp1:= AND_DSZ32(0x00000001, tmp5) U592d: 00241c031231 SYNCWAIT-> tmp1:= SHL_DSZ32(tmp1, 0x0000001c) 0ab2cd55 SEQW SAVEUIP1 U592e SEQW GOTO U32cd U592e: 1062df0f2240 tmp2:= MOVEFROMCREG_DSZ64(0x3df, 32) U5930: 000792072c90 tmp2:= NOTAND_DSZ32(0x10000000, tmp2) U5931: 3902df0c0c72 MOVETOCREG_OR_DSZ64(tmp2, tmp1, 0x3df) 05324e40 SEQW GOTO U324e ------------------------------------------------------------------------------------ U5932: 27430003e030 LFNCEMARK-> tmm6:= unk_743(mm0) U5934: 203d0b000008 MOVEINSERTFLGS_DSZ32(0x0000000b) 01ab1d00 SEQW GOTO U2b1d ------------------------------------------------------------------------------------ U5935: 00640403f234 tmp15:= SHL_DSZ64(tmp4, 0x00000004) U5936: 006310039200 tmp9:= READURAM(0x0010, 64) U5938: 00450103ffc8 tmp15:= SUB_DSZ64(0x00000001, tmp15) U5939: 008800039e40 tmp9:= ZEROEXT_DSZ16(tmp9) U593a: 00400003fd7f tmp15:= ADD_DSZ64(tmp15, tmp5) U593c: 00410003fff5 tmp15:= OR_DSZ64(tmp5, tmp15) U593d: 00440003fff9 tmp15:= AND_DSZ64(tmp9, tmp15) U593e: 00040f039d48 tmp9:= AND_DSZ32(0x0000000f, tmp5) U5940: 004100039e7f tmp9:= OR_DSZ64(tmp15, tmp9) U5941: 015100000eb9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, tmp10) 019e7d89 SEQW URET0 ------------------------------------------------------------------------------------ U5942: 000cfcdfe248 tmp14:= SAVEUIP(0x01, U37fc) 019e7d89 SEQW GOTO U1e7d ------------------------------------------------------------------------------------ U5944: 26010003cebb tmm4:= unk_601(tmm3, tmm2) 01a47600 SEQW GOTO U2476 ------------------------------------------------------------------------------------ U5945: 0008230b1010 tmp1:= ZEROEXT_DSZ32(0xf8f8f8f8) U5946: 002100031c71 tmp1:= CONCAT_DSZ32(tmp1, tmp1) U5948: 004400031c54 tmp1:= AND_DSZ64(tmpv0, tmp1) U5949: 015100000571 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, tmpv1) U594a: 000865071010 tmp1:= ZEROEXT_DSZ32(0x04040404) U594c: 002100031c71 tmp1:= CONCAT_DSZ32(tmp1, tmp1) U594d: 004700031c54 tmp1:= NOTAND_DSZ64(tmpv0, tmp1) U594e: 006501031231 tmp1:= SHR_DSZ64(tmp1, 0x00000001) U5950: 004400031c54 tmp1:= AND_DSZ64(tmpv0, tmp1) U5951: 015100000571 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, tmpv1) 01cd3a8d SEQW URET1 ------------------------------------------------------------------------------------ U5952: 074400038037 tmm0:= unk_744(mm7) 01cd3a8d SEQW GOTO U4d3a ------------------------------------------------------------------------------------ U5954: 203d0b000008 MOVEINSERTFLGS_DSZ32(0x0000000b) 01994800 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U5955: 001417014214 tmpv0:= BT_DSZ32(tmpv0, 0x00000017) U5956: 003300414214 tmpv0:= SELECTCC_DSZ32_CONDNB(tmpv0, 0x00001000) U5958: 0062c3195200 tmpv1:= MOVEFROMCREG_DSZ64(0x6c3) U5959: 0902c3180515 LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmpv1, tmpv0, 0x6c3) U595a: 00a138016008 tmpv2:= CONCAT_DSZ16(0x00000038) U595c: 0062c61d4200 tmpv0:= MOVEFROMCREG_DSZ64(0x7c6) U595d: 000700014516 tmpv0:= NOTAND_DSZ32(tmpv2, tmpv0) U595e: 00634c015200 tmpv1:= READURAM(0x004c, 64) U5960: 000400015556 tmpv1:= AND_DSZ32(tmpv2, tmpv1) U5961: 0902c61c0554 MOVETOCREG_OR_DSZ64(tmpv0, tmpv1, 0x7c6) 01804189 SEQW URET0 ------------------------------------------------------------------------------------ U5962: 19628e4c0231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x38e) 01804189 SEQW GOTO U0041 ------------------------------------------------------------------------------------ U5964: 0008f957e00b tmp14:= ZEROEXT_DSZ32(0x000075f9) 05043400 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U5965: 296272c00340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x072) U5966: 204307080200 LFNCEMARK-> WRITEURAM(0x00000000, 0x0007, 32) U5968: 00632c039200 tmp9:= READURAM(0x002c, 64) U5969: 006520036239 tmp6:= SHR_DSZ64(tmp9, 0x00000020) U596a: 002508034239 tmp4:= SHR_DSZ32(tmp9, 0x00000008) U596c: 00c800035039 tmp5:= ZEROEXT_DSZ8(tmp9) U596d: 002510037239 tmp7:= SHR_DSZ32(tmp9, 0x00000010) U596e: 00636c033200 tmp3:= READURAM(0x006c, 64) U5970: 00636b03b200 tmp11:= READURAM(0x006b, 64) U5971: 00631103c200 LFNCEWAIT-> tmp12:= READURAM(0x0011, 64) 02c61840 SEQW GOTO U4618 ------------------------------------------------------------------------------------ U5972: 003240020231 rax:= SELECTCC_DSZ32_CONDB(tmp1, 0x00000040) U5974: 003200123231 rbx:= SELECTCC_DSZ32_CONDB(tmp1, 0x00000400) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5975: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U5976: 005603030230 tmp0:= BTR_DSZ64(tmp0, 0x00000003) U5978: 00620c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x00c) 01d7f414 SEQW SAVEUIP1 U5979 SEQW GOTO U57f4 U5979: 286b7c2502bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000008, U597c) U597a: 005504030230 tmp0:= BTS_DSZ64(tmp0, 0x00000004) U597c: 3042df080270 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, ROB1_CR_ICECTLPMR, 32) U597d: 00635c030200 tmp0:= READURAM(0x005c, 64) U597e: 186ac9e80370 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000017, U2ac9) U5980: 186bc5680370 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000015, U2ac5) U5981: 00210003f822 tmp15:= CONCAT_DSZ32(rdx, rax) 01aac840 SEQW GOTO U2ac8 ------------------------------------------------------------------------------------ U5982: 003280020230 rax:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000080) U5984: 003201021230 rcx:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000001) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5985: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U5986: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U5988: 286b8925023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5989) 08598600 SEQW GOTO U5986 ------------------------------------------------------------------------------------ U5989: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U598a: 0008ff1bf008 tmp15:= ZEROEXT_DSZ32(0x000006ff) U598c: 00a10703f23f tmp15:= CONCAT_DSZ16(tmp15, 0x00000007) U598d: 30422908027f MOVETOCREG_DSZ64(tmp15, 0x229, 32) U598e: 30622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U5990: 286b9125023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5991) 08598e0d SEQW GOTO U598e ------------------------------------------------------------------------------------ U5991: 30622d095240 tmpv1:= MOVEFROMCREG_DSZ64(0x22d, 32) 08598e0d SEQW URET1 ------------------------------------------------------------------------------------ U5992: 206321030200 tmp0:= READURAM(0x0021, 64) U5994: 296321c003f0 unk_963(tmp0, IMM_MACRO_21) 01a4da00 SEQW GOTO U24da ------------------------------------------------------------------------------------ U5995: 30422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U5996: 10622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U5998: 286b9925023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U5999) 08599600 SEQW GOTO U5996 ------------------------------------------------------------------------------------ U5999: 10422b080254 MOVETOCREG_DSZ64(tmpv0, 0x22b, 32) U599a: 10422c080255 MOVETOCREG_DSZ64(tmpv1, 0x22c, 32) U599c: 00080f1ff008 tmp15:= ZEROEXT_DSZ32(0x0000070f) U599d: 00a10503f23f tmp15:= CONCAT_DSZ16(tmp15, 0x00000005) U599e: 30422908027f MOVETOCREG_DSZ64(tmp15, 0x229, 32) U59a0: 30622f0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x22f, 32) U59a1: 086b8e18023f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U068e) 08d9a040 SEQW GOTO U59a0 ------------------------------------------------------------------------------------ U59a2: 00082a03100a tmp1:= ZEROEXT_DSZ32(0x0000402a) U59a4: 001514031231 tmp1:= BTS_DSZ32(tmp1, 0x00000014) 01a4a500 SEQW GOTO U24a5 ------------------------------------------------------------------------------------ U59a5: 20428f100200 MOVETOCREG_DSZ64(0x00000000, 0x48f) U59a6: 000480033e08 tmp3:= AND_DSZ32(0x00000080, tmp8) U59a8: 000700033cf2 tmp3:= NOTAND_DSZ32(tmp2, tmp3) U59a9: 015190680273 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U3a90) U59aa: 001413035235 tmp5:= BT_DSZ32(tmp5, 0x00000013) U59ac: 006201033200 tmp3:= MOVEFROMCREG_DSZ64(0x001) U59ad: 003200033cf5 tmp3:= SELECTCC_DSZ32_CONDB(tmp5, tmp3) U59ae: 0005452b2cc8 tmp2:= SUB_DSZ32(0x00000a45, tmp3) U59b0: 0150c15c0232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U17c1) U59b1: 000000000000 LFNCEMARK-> NOP 04900040 SEQW GOTO U1000 ------------------------------------------------------------------------------------ U59b2: 206308030200 tmp0:= READURAM(0x0008, 64) U59b4: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) 01a74600 SEQW GOTO U2746 ------------------------------------------------------------------------------------ U59b5: 072c0003203a tmp2:= PINTMOVDTMM2I_DSZ32(tmm2) U59b6: 0007ff072c88 tmp2:= NOTAND_DSZ32(0x000001ff, tmp2) U59b8: 00480003903a tmp9:= ZEROEXT_DSZ64(tmp10) U59b9: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01a39940 ? SEQW GOTO U2399 U59ba: 05fa3903bfff tmm3:= SHUFPD(tmm7, tmm7) U59bc: 0007ff3f2c88 tmp2:= NOTAND_DSZ32(0x00000fff, tmp2) U59bd: 0001ed1b2c88 tmp2:= OR_DSZ32(0x000006ed, tmp2) U59be: 07040003a032 tmm2:= unk_704(mm2) U59c0: 052b0803903b tmp9:= unk_52b(tmp11) U59c1: 057a00039039 tmm1:= unk_57a(tmm1) 01c31d40 SEQW GOTO U431d ------------------------------------------------------------------------------------ U59c2: 206308031200 tmp1:= READURAM(0x0008, 64) U59c4: 00a100031c31 LFNCEMARK-> tmp1:= CONCAT_DSZ16(tmp1, tmp0) 045d0400 SEQW GOTO U5d04 ------------------------------------------------------------------------------------ U59c5: 00633d031200 tmp1:= READURAM(0x003d, 64) U59c6: 000100031c49 tmp1:= OR_DSZ32(0x00002000, tmp1) U59c8: 00070f031c48 tmp1:= NOTAND_DSZ32(0x0000000f, tmp1) U59c9: 20433d000231 WRITEURAM(tmp1, 0x003d, 64) U59ca: 2042f81c0232 MOVETOCREG_DSZ64(tmp2, 0x7f8) U59cc: 00628e1f2200 tmp2:= MOVEFROMCREG_DSZ64(0x78e) U59cd: 104000032cbc tmp2:= ADD_DSZN(tmp12, tmp2) U59ce: 006265031200 tmp1:= MOVEFROMCREG_DSZ64(0x065) U59d0: 104500031cb1 tmp1:= SUB_DSZN(tmp1, tmp2) U59d1: 204267000231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, CORE_CR_CUR_RIP) 049dd840 SEQW GOTO U1dd8 ------------------------------------------------------------------------------------ U59d2: 206308031200 tmp1:= READURAM(0x0008, 64) U59d4: 00a100031c70 LFNCEMARK-> tmp1:= CONCAT_DSZ16(tmp0, tmp1) 045d0400 SEQW GOTO U5d04 ------------------------------------------------------------------------------------ U59d5: 1189000269b4 rsi:= ADDSUB_DSZ16_CONDD(tmp4, rsi) U59d6: 1189000279f4 rdi:= ADDSUB_DSZ16_CONDD(tmp4, rdi) U59d8: 00250003fcb4 tmp15:= SHR_DSZ32(tmp4, tmp2) U59d9: 10850002187f rcx:= SUB_DSZN(tmp15, rcx) U59da: 186a8ab802b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x0000000a, U2e8a) U59dc: 186a8ef802f2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000f, U2e8e) U59dd: 20431e00023a LFNCEMARK-> WRITEURAM(tmp10, 0x001e, 64) U59de: 29020b000240 MOVETOCREG_OR_DSZ64(0x00000004, 0x00b) U59e0: 290205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U59e1: 20421c000200 MOVETOCREG_DSZ64(0x00000000, 0x01c) 0197ec8d SEQW URET1 ------------------------------------------------------------------------------------ U59e2: 24b400038000 tmm0:= FMOV(0x00000000) 0197ec8d SEQW GOTO uend ------------------------------------------------------------------------------------ U59e4: 000ce6e00240 SAVEUIP(0x01, U38e6) 01bb0100 SEQW GOTO U3b01 ------------------------------------------------------------------------------------ U59e5: 000500074d08 tmp4:= SUB_DSZ32(0x00000100, tmp4) U59e6: 000558034d08 tmp4:= SUB_DSZ32(0x00000058, tmp4) U59e8: 0150bc0002b4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U40bc) U59e9: 00950b039239 tmp9:= BTS_DSZ16(tmp9, 0x0000000b) U59ea: 00814103cf08 tmp12:= OR_DSZ16(0x00000041, tmp12) U59ec: 27430003e000 tmm6:= unk_743(0x00000000) U59ed: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U59ee: 008401032235 tmp2:= AND_DSZ16(tmp5, 0x00000001) U59f0: 0150920c0232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U0392) U59f1: 00522a640276 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp6, U392a) 01923540 SEQW GOTO U1235 ------------------------------------------------------------------------------------ U59f2: 004904834008 tmp4:= MOVE_DSZ64(IMM_MACRO_ALIAS_RIP) U59f4: 100a088b9200 tmp9:= TESTUSTATE(SYS, !UST_OP_SIZE_32BIT | 0x0200) 01c8ac00 ? SEQW GOTO U48ac U59f5: 0c800be32032 tmp2:= LDZX_DSZ16_ASZ32_SC1(tmp2, IMM_MACRO_ALIAS_DATASIZE, mode=0x18) U59f6: 204229000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U59f8: 0c4b400b6000 LFNCEWAIT-> tmp6:= RDSEGFLD(CS, FLGS) 022bd900 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U59f9: 001502020220 rax:= BTS_DSZ32(rax, 0x00000002) U59fa: 001502023223 rbx:= BTS_DSZ32(rbx, 0x00000002) U59fc: 0088ee33e009 tmp14:= ZEROEXT_DSZ16(0x00002cee) U59fd: 0088865ff00a tmp15:= ZEROEXT_DSZ16(0x00005786) U59fe: 008801030008 tmp0:= ZEROEXT_DSZ16(0x00000001) U5a00: 00a1000b0230 tmp0:= CONCAT_DSZ16(tmp0, 0x00000200) U5a01: 00887f032008 tmp2:= ZEROEXT_DSZ16(0x0000007f) U5a02: 00a12f032232 tmp2:= CONCAT_DSZ16(tmp2, 0x0000002f) U5a04: 004501034008 tmp4:= SUB_DSZ64(0x00000001) U5a05: 004501035008 tmp5:= SUB_DSZ64(0x00000001) 01af9e40 SEQW GOTO U2f9e ------------------------------------------------------------------------------------ U5a06: 002404032232 tmp2:= SHL_DSZ32(tmp2, 0x00000004) U5a08: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 0d302500 ? SEQW GOTO U3025 U5a09: 006343033200 tmp3:= READURAM(0x0043, 64) U5a0a: 386b25000673 SYNCMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000024, U3025) U5a0c: 0e6500035cb1 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp1, tmp2) 05302600 SEQW GOTO U3026 ------------------------------------------------------------------------------------ U5a0d: 00080603b008 tmp11:= ZEROEXT_DSZ32(0x00000006) U5a0e: 0052dc1c027f LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, U27dc) U5a10: 00080703b008 tmp11:= ZEROEXT_DSZ32(0x00000007) U5a11: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U5a12: 0004b9032c90 tmp2:= AND_DSZ32(0x000f0000, tmp2) U5a14: 0151dc1c0272 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U27dc) U5a15: 00635c030200 tmp0:= READURAM(0x005c, 64) U5a16: 186a413d0330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U6f41) U5a18: 00621b17e200 tmp14:= MOVEFROMCREG_DSZ64(0x51b) U5a19: 00880043ef88 tmp14:= ZEROEXT_DSZ16(0x00001000, tmp14) 01ef4140 SEQW GOTO U6f41 ------------------------------------------------------------------------------------ U5a1a: 000c56140280 SAVEUIP(0x00, U4556) U5a1c: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 090b9200 ? SEQW GOTO U0b92 U5a1d: 100147030010 tmp0:= OR_DSZN(0x00010000) U5a1e: 0150922c0230 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U0b92) U5a20: 000c1e880240 SAVEUIP(0x01, U221e) 01ae9200 SEQW GOTO U2e92 ------------------------------------------------------------------------------------ U5a21: 06490003df78 tmm5:= unk_649(tmm0, tmm5) U5a22: 000401031e08 tmp1:= AND_DSZ32(0x00000001, tmp8) U5a24: 0151396002b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U5839) U5a25: 002504032238 tmp2:= SHR_DSZ32(tmp8, 0x00000004) U5a26: 07020003cf32 tmm4:= unk_702(mm2, tmm4) U5a28: 06e10003ff7c tmm7:= unk_6e1(tmm4, tmm5) U5a29: 07020003bef2 tmm3:= unk_702(mm2, tmm3) U5a2a: 06e100038fbb tmm0:= unk_6e1(tmm3, tmm6) U5a2c: 06c900039ff8 tmm1:= unk_6c9(tmm0, tmm7) U5a2d: 268900008e7b LFNCEWAIT-> mm0:= unk_689(tmm3, tmm1) 0297ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U5a2e: 00070003ef80 tmp14:= NOTAND_DSZ32(0x00000000, tmp14) U5a30: 0150316802be UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp14, U5a31) 01db5400 SEQW GOTO U5b54 ------------------------------------------------------------------------------------ U5a31: 000807034008 tmp4:= ZEROEXT_DSZ32(0x00000007) U5a32: 00010003a022 tmp10:= OR_DSZ32(rdx) U5a34: 0008546fd00a tmp13:= ZEROEXT_DSZ32(0x00005b54) 01998200 SEQW GOTO U1982 ------------------------------------------------------------------------------------ U5a35: 100800025970 rbp:= ZEROEXT_DSZ32N(tmp0, rbp) U5a36: 1c301ba80024 LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_1b, mode=0x0a) U5a38: 1c3023ab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_23, mode=0x0a) U5a39: 1008000238f0 rbx:= ZEROEXT_DSZ32N(tmp0, rbx) U5a3a: 1c302bab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_2b, mode=0x0a) U5a3c: 1008000228b0 rdx:= ZEROEXT_DSZ32N(tmp0, rdx) U5a3d: 1c3033ab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_33, mode=0x0a) U5a3e: 100800021870 rcx:= ZEROEXT_DSZ32N(tmp0, rcx) U5a40: 1c303bab0024 tmp0:= LDZX_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_3b, mode=0x0a) U5a41: 100800020830 rax:= ZEROEXT_DSZ32N(tmp0, rax) U5a42: 10c043824908 rsp:= ADD_DSZN(IMM_MACRO_43, rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U5a44: 105e00300cc0 MSSTOP-> MJMPTARGET_INDIRECT_ASZ64(tmp3) 033dfa2c SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U5a45: 00652003b238 tmp11:= SHR_DSZ64(tmp8, 0x00000020) U5a46: 00430f08023b LFNCEWAIT-> WRITEURAM(tmp11, 0x000f, 32) U5a48: 000100035000 tmp5:= OR_DSZ32(0x00000000) U5a49: 0043070b3238 tmp3:= WRITEURAM(tmp8, 0x0007, 32) U5a4a: 002511030233 tmp0:= SHR_DSZ32(tmp3, 0x00000011) U5a4c: 000407030c08 tmp0:= AND_DSZ32(0x00000007, tmp0) U5a4d: 002510033233 tmp3:= SHR_DSZ32(tmp3, 0x00000010) U5a4e: 000401033cc8 tmp3:= AND_DSZ32(0x00000001, tmp3) U5a50: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U5a51: 23800003ae80 tmp10:= READAFLAGS(tmp10) U5a52: 00010003c000 tmp12:= OR_DSZ32(0x00000000) 01c93680 SEQW GOTO U4936 ------------------------------------------------------------------------------------ U5a54: 000100072c88 tmp2:= OR_DSZ32(0x00000100, tmp2) 01c62200 SEQW GOTO U4622 ------------------------------------------------------------------------------------ U5a55: 000802038008 tmp8:= ZEROEXT_DSZ32(0x00000002) U5a56: 00652003c230 tmp12:= SHR_DSZ64(tmp0, 0x00000020) U5a58: 000c5a6bd288 tmp13:= SAVEUIP(0x00, U5a5a) U5a59: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 0181ba40 ? SEQW GOTO U01ba U5a5a: 002510032230 tmp2:= SHR_DSZ32(tmp0, 0x00000010) U5a5c: 104900035924 tmp5:= MOVE_DSZ64(rsp, rsp) U5a5d: 00480003d030 tmp13:= ZEROEXT_DSZ64(tmp0) U5a5e: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01e40d80 ? SEQW GOTO U640d U5a60: 0042c51b8238 tmp8:= MOVETOCREG_DSZ64(tmp8, 0x6c5) U5a61: 000803231e08 tmp1:= ZEROEXT_DSZ32(0x00000803, tmp8) U5a62: 000c51b7e288 tmp14:= SAVEUIP(0x01, U4d51) 01e42080 SEQW GOTO U6420 ------------------------------------------------------------------------------------ U5a64: 125600000000 MSLOOP-> unk_256(0x00000000) 073dfa24 SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U5a65: 096272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U5a66: 0dff07000000 LFNCEWTMRK-> unk_dff(0x00000000) U5a68: 100a00800300 TESTUSTATE(SYS, !0x8000) 01da6c00 ? SEQW GOTO U5a6c U5a69: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5a6a: 00622917b200 tmp11:= MOVEFROMCREG_DSZ64(0x529) U5a6c: 00071f036ec8 tmp6:= NOTAND_DSZ32(0x0000001f, tmp11) U5a6d: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U5a6e: 006310034200 tmp4:= READURAM(0x0010, 64) U5a70: 0088e6074d08 LFNCEWAIT-> tmp4:= ZEROEXT_DSZ16(0x000001e6, tmp4) U5a71: 0d6b00013036 tmp7:= unk_d6b(tmp6) U5a72: 0048000364f6 tmp6:= ZEROEXT_DSZ64(tmp6, tmp7) 021c8c80 SEQW GOTO U1c8c ------------------------------------------------------------------------------------ U5a74: 00652003e23e tmp14:= SHR_DSZ64(tmp14, 0x00000020) 0186ae00 SEQW GOTO U06ae ------------------------------------------------------------------------------------ U5a75: 004100032cb1 tmp2:= OR_DSZ64(tmp1, tmp2) U5a76: 004400032d72 tmp2:= AND_DSZ64(tmp2, tmp5) U5a78: 186a111c0632 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000020, generate_#GP) U5a79: 386b08480233 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x00000001, U3208) U5a7a: 006519031235 LFNCEMARK-> tmp1:= SHR_DSZ64(tmp5, 0x00000019) U5a7c: 000480031c48 tmp1:= AND_DSZ32(0x00000080, tmp1) U5a7d: 002508032235 tmp2:= SHR_DSZ32(tmp5, 0x00000008) U5a7e: 00047f032c88 tmp2:= AND_DSZ32(0x0000007f, tmp2) U5a80: 000100031cb1 tmp1:= OR_DSZ32(tmp1, tmp2) U5a81: 2dcfc3031008 PORTOUT_DSZ8_ASZ16_SC1(0x000000c3, tmp1) U5a82: 2dcfbf1b100a PORTOUT_DSZ8_ASZ16_SC1(0x000046bf, tmp1) 01b20880 SEQW GOTO U3208 ------------------------------------------------------------------------------------ U5a84: 090205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) 01a7b900 SEQW GOTO U27b9 ------------------------------------------------------------------------------------ U5a85: 20427f140235 MOVETOCREG_DSZ64(tmp5, 0x57f) U5a86: 006213171200 tmp1:= MOVEFROMCREG_DSZ64(0x513) U5a88: 186bd2010231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U60d2) U5a89: 0047ff3f2c48 tmp2:= NOTAND_DSZ64(0x00000fff, tmp1) U5a8a: 000700233235 tmp3:= NOTAND_DSZ32(tmp5, 0x00000800) U5a8c: 00250a033233 tmp3:= SHR_DSZ32(tmp3, 0x0000000a) U5a8d: 00621b175200 tmp5:= MOVEFROMCREG_DSZ64(0x51b) U5a8e: 008800035d40 tmp5:= ZEROEXT_DSZ16(tmp5) U5a90: 1928d2010cb5 CMPUJZ_DIRECT_NOTTAKEN(tmp5, tmp2, U60d2) U5a91: 004702031c48 tmp1:= NOTAND_DSZ64(0x00000002, tmp1) U5a92: 290213140cf1 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp1, tmp3, 0x513) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U5a94: 000c3dafe248 tmp14:= SAVEUIP(0x01, U2b3d) 035cb900 SEQW GOTO U5cb9 ------------------------------------------------------------------------------------ U5a95: 00621b174200 tmp4:= MOVEFROMCREG_DSZ64(0x51b) U5a96: 006225172200 LFNCEWAIT-> tmp2:= MOVEFROMCREG_DSZ64(0x525) U5a98: 005406030232 tmp0:= BT_DSZ64(tmp2, 0x00000006) U5a99: 007700030d30 tmp0:= CMOVCC_DSZ64_CONDNB(tmp0, tmp4) U5a9a: 0047ff3f0c88 tmp0:= NOTAND_DSZ64(0x00000fff, tmp2) U5a9c: 004600033cf0 tmp3:= XOR_DSZ64(tmp0, tmp3) U5a9d: 392839590233 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000001, U7639) U5a9e: 0004ff3ffc48 tmp15:= AND_DSZ32(0x00000fff, tmp1) U5aa0: 004100020c3f rax:= OR_DSZ64(tmp15, tmp0) U5aa1: 004800023031 rbx:= ZEROEXT_DSZ64(tmp1) U5aa2: 000478021c88 rcx:= AND_DSZ32(0x00000078, tmp2) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U5aa4: 000c5ae002c0 SAVEUIP(0x01, U785a) 0198d000 SEQW GOTO U18d0 ------------------------------------------------------------------------------------ U5aa5: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5aa6: 0ea59873ff4b tmp15:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp13, 0x00000398, mode=0x1c) U5aa8: 00a50803323f tmp3:= SHR_DSZ16(tmp15, 0x00000008) U5aa9: 0004f0033cc8 tmp3:= AND_DSZ32(0x000000f0, tmp3) U5aaa: 0004f0032d08 tmp2:= AND_DSZ32(0x000000f0, tmp4) U5aac: 000500032cf2 tmp2:= SUB_DSZ32(tmp2, tmp3) U5aad: 013e00032cb3 tmp2:= MOVEMERGEFLGS_DSZ32(tmp3, tmp2) U5aae: 013700032d32 tmp2:= CMOVCC_DSZ32_CONDNBE(tmp2, tmp4) U5ab0: 0004f003ffc8 tmp15:= AND_DSZ32(0x000000f0, tmp15) U5ab1: 00050003fff2 tmp15:= SUB_DSZ32(tmp2, tmp15) U5ab2: 01320203323f tmp3:= SELECTCC_DSZ32_CONDBE(tmp15, 0x00000002) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U5ab4: 26ae00038038 LFNCEMARK-> tmm0:= unk_6ae(tmm0) 04636000 SEQW GOTO U6360 ------------------------------------------------------------------------------------ U5ab5: 000700022c70 rdx:= NOTAND_DSZ32(tmp0, tmp1) U5ab6: 00635c031200 tmp1:= READURAM(0x005c, 64) U5ab8: 002506031231 tmp1:= SHR_DSZ32(tmp1, 0x00000006) U5ab9: 000700031eb1 tmp1:= NOTAND_DSZ32(tmp1, tmp10) U5aba: 286bec9c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, uend) U5abc: 006306030200 tmp0:= READURAM(0x0006, 64) U5abd: 008540031c08 tmp1:= SUB_DSZ16(0x00000040, tmp0) U5abe: 013e00030c70 tmp0:= MOVEMERGEFLGS_DSZ32(tmp0, tmp1) U5ac0: 00b640020230 rax:= CMOVCC_DSZ16_CONDB(tmp0, 0x00000040) U5ac1: 01b740023230 rbx:= CMOVCC_DSZ16_CONDNBE(tmp0, 0x00000040) U5ac2: 000803021008 rcx:= ZEROEXT_DSZ32(0x00000003) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U5ac4: 07c200038e35 tmm0:= unk_7c2(mm5, tmm0) 05636a00 SEQW GOTO U636a ------------------------------------------------------------------------------------ U5ac5: 0fef01000000 LBSYNC(0x00000001) U5ac6: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U5ac8: 296207400240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x007) U5ac9: 000000000000 NOP U5aca: 000a00400240 SYNCWAIT-> TESTUSTATE(UCODE, 0x3000) 0b0000ce ? SEQW URET1 U5acc: 00631203f200 tmp15:= READURAM(0x0012, 64) U5acd: 086b1650027f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000005, U0416) U5ace: 000dbae403c0 SAVEUIP_REGOVR(0x01, U5ad0, 0xf9ba) 01ebfd80 SEQW GOTO U6bfd U5ad0: 000cd0600240 SAVEUIP(0x00, U38d0) U5ad1: 000c16900200 SAVEUIP(0x01, U0416) U5ad2: 002100014c31 tmpv0:= CONCAT_DSZ32(tmp1, tmp0) 01b34d80 SEQW GOTO U334d ------------------------------------------------------------------------------------ U5ad4: 0048c40fd00a tmp13:= ZEROEXT_DSZ64(0x000043c4) 01834400 SEQW GOTO U0344 ------------------------------------------------------------------------------------ U5ad5: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) U5ad6: 00a1490b1c48 tmp1:= CONCAT_DSZ16(0x00000249, tmp1) U5ad8: 013e00031e31 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp8) U5ad9: 013501020231 rax:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x00000001) U5ada: 0008ff7f100f tmp1:= ZEROEXT_DSZ32(0x0000ffff) U5adc: 00a13f031c48 tmp1:= CONCAT_DSZ16(0x0000003f, tmp1) U5add: 013e00031e31 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp8) U5ade: 01350f023231 rbx:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x0000000f) U5ae0: 000807030008 tmp0:= ZEROEXT_DSZ32(0x00000007) U5ae1: 00a100030c0c tmp0:= CONCAT_DSZ16(0x00008000, tmp0) U5ae2: 013100021c38 rcx:= SELECTCC_DSZ32_CONDNZ(tmp8, tmp0) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U5ae4: 0008ee37e009 tmp14:= ZEROEXT_DSZ32(0x00002dee) 01bdc200 SEQW GOTO U3dc2 ------------------------------------------------------------------------------------ U5ae5: 014d0003003a tmp0:= unk_14d(tmp10) U5ae6: 00636203a200 tmp10:= READURAM(0x0062, 64) U5ae8: 00434b00023a LFNCEWAIT-> WRITEURAM(tmp10, 0x004b, 64) U5ae9: 006363035200 tmp5:= READURAM(0x0063, 64) U5aea: 00440043ad5f tmp10:= AND_DSZ64(0xfffffffffffff000, tmp5) U5aec: 0c6b3100003a WRSEGFLD(tmp10) U5aed: 000403035d48 tmp5:= AND_DSZ32(0x00000003, tmp5) U5aee: 00241c035235 tmp5:= SHL_DSZ32(tmp5, 0x0000001c) U5af0: 0062011fa200 tmp10:= MOVEFROMCREG_DSZ64(0x701) U5af1: 0047ac07ae90 tmp10:= NOTAND_DSZ64(0x30000000, tmp10) U5af2: 0902011c0d7a LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp10, tmp5, 0x701) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U5af4: 104004032d08 LFNCEWAIT-> tmp2:= ADD_DSZN(0x00000004, tmp4) 0270e500 SEQW GOTO U70e5 ------------------------------------------------------------------------------------ U5af5: 1062c00b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2c0, 32) U5af6: 204357000230 WRITEURAM(tmp0, 0x0057, 64) U5af8: 1062c10b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2c1, 32) U5af9: 204356000230 WRITEURAM(tmp0, 0x0056, 64) U5afa: 006363030200 tmp0:= READURAM(0x0063, 64) U5afc: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U5afd: 002408031230 tmp1:= SHL_DSZ32(tmp0, 0x00000008) U5afe: 0062c31b2200 tmp2:= MOVEFROMCREG_DSZ64(0x6c3) U5b00: 001608032232 tmp2:= BTR_DSZ32(tmp2, 0x00000008) U5b01: 2902c3180c72 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp2, tmp1, 0x6c3) U5b02: 000000000000 NOP 08e0d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U5b04: 06dd00008e80 mm0:= unk_6dd(tmm2) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5b05: 1048ff7f001f tmp0:= ZEROEXT_DSZ64N(0xffffffffffffffff) U5b06: 006e20030230 tmp0:= SAR_DSZ64(tmp0, 0x00000020) U5b08: 1008ff7f501f tmp5:= ZEROEXT_DSZ32N(0xffffffffffffffff) U5b09: 00013c075d50 tmp5:= OR_DSZ32(0x00ffffff, tmp5) U5b0a: 004100035d70 tmp5:= OR_DSZ64(tmp0, tmp5) U5b0c: 0c8000633032 LFNCEWAIT-> tmp3:= LDZX_DSZ16_ASZ32_SC1(tmp2, mode=0x18) U5b0d: 1c4002634032 tmp4:= LDZX_DSZN_ASZ32_SC1(tmp2, 0x00000002, mode=0x18) U5b0e: 025c00000d00 unk_25c(tmp4) U5b10: 004400034d35 tmp4:= AND_DSZ64(tmp5, tmp4) U5b11: 0c7b77800033 WRSEGFLD(tmp3) U5b12: 0c7b37800034 LFNCEMARK-> WRSEGFLD(tmp4) 0517ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U5b14: 053f0003f039 tmm7:= unk_53f(tmm1) 01840400 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U5b15: 00632c031200 tmp1:= READURAM(0x002c, 64) U5b16: 002510037231 tmp7:= SHR_DSZ32(tmp1, 0x00000010) U5b18: 002508038231 tmp8:= SHR_DSZ32(tmp1, 0x00000008) U5b19: 0004ff038e08 tmp8:= AND_DSZ32(0x000000ff, tmp8) U5b1a: 0004ff035c48 tmp5:= AND_DSZ32(0x000000ff, tmp1) U5b1c: 00636b03b200 tmp11:= READURAM(0x006b, 64) U5b1d: 204307080200 WRITEURAM(0x00000000, 0x0007, 32) U5b1e: 00636c033200 tmp3:= READURAM(0x006c, 64) U5b20: 0c4bc027f000 tmp15:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U5b21: 104000036cff tmp6:= ADD_DSZN(tmp15, tmp3) U5b22: 296272800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x072) 01ce6580 SEQW GOTO U4e65 ------------------------------------------------------------------------------------ U5b24: 1062870bd240 tmp13:= MOVEFROMCREG_DSZ64(0x287, 32) 019b0c00 SEQW GOTO U1b0c ------------------------------------------------------------------------------------ U5b25: 004100035014 tmp5:= OR_DSZ64(tmpv0) U5b26: 0062b1038200 tmp8:= MOVEFROMCREG_DSZ64(0x0b1) U5b28: 286b296d0278 BTUJNB_DIRECT_NOTTAKEN(tmp8, 0x00000005, U5b29) 01ad2100 SEQW GOTO U2d21 ------------------------------------------------------------------------------------ U5b29: 204209040200 MOVETOCREG_DSZ64(0x00000000, 0x109) U5b2a: 20420a040200 MOVETOCREG_DSZ64(0x00000000, 0x10a) U5b2c: 186b0e3402b5 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000008, U2d0e) U5b2d: 006202071200 tmp1:= MOVEFROMCREG_DSZ64(0x102) U5b2e: 002507031231 tmp1:= SHR_DSZ32(tmp1, 0x00000007) U5b30: 20432b080231 WRITEURAM(tmp1, 0x002b, 32) U5b31: 204207040200 MOVETOCREG_DSZ64(0x00000000, 0x107) U5b32: 000c2037d248 tmp13:= SAVEUIP(0x00, U2d20) 01ddb680 SEQW GOTO U5db6 ------------------------------------------------------------------------------------ U5b34: 000800014000 tmpv0:= ZEROEXT_DSZ32(0x00000000) 01ddcc00 SEQW GOTO U5dcc ------------------------------------------------------------------------------------ U5b35: 00c401035d08 tmp5:= AND_DSZ8(0x00000001, tmp4) U5b36: 0151396c02b5 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp5, U5b39) U5b38: 04b441808e00 mm0:= FMOV(tmm0) U5b39: 000407032e48 tmp2:= AND_DSZ32(0x00000007, tmp9) U5b3a: 00e401033c88 tmp3:= SHL_DSZ8(0x00000001, tmp2) U5b3c: 00c400034d33 tmp4:= AND_DSZ8(tmp3, tmp4) U5b3d: 0151406c02b4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U5b40) U5b3e: 04b44180ae00 mm0:= FMOV(tmm0) U5b40: 04b40183d280 tmm5:= FMOV(0x00004001) U5b41: 04b40180a200 mm0:= FMOV(0x00000001) U5b42: 04b401808f40 mm0:= FMOV(tmm5) 01994880 SEQW GOTO U1948 ------------------------------------------------------------------------------------ U5b44: 0fff00000000 SFENCE(0x00000000) 0186ae00 SEQW GOTO U06ae ------------------------------------------------------------------------------------ U5b45: 0c001863703b tmp7:= LDZX_DSZ32_ASZ32_SC1(tmp11, 0x00000018, mode=0x18) U5b46: 0004410b3dd0 tmp3:= AND_DSZ32(0xffff0000, tmp7) U5b48: 0151111c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, generate_#GP) U5b49: 07070003d037 tmm5:= unk_707(mm7) U5b4a: 06910003e03d SYNCWTMRK-> tmm6:= unk_691(tmm5) U5b4c: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01b8fa00 ? SEQW GOTO U38fa U5b4d: 000cd2000200 SAVEUIP(0x00, U00d2) U5b4e: 1008ff7f301f tmp3:= ZEROEXT_DSZ32N(0xffffffffffffffff) U5b50: 386afce007f3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000003f, U38fc) U5b51: 120500033000 tmp3:= unk_205(0x00000000) U5b52: 0150fc600273 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U38fc) 090000ca SEQW URET0 ------------------------------------------------------------------------------------ U5b54: 00080002303e rbx:= ZEROEXT_DSZ32(tmp14) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5b55: 0d301c03d034 tmp13:= LDZX_DSZ32_ASZ32_SC1(tmp4) U5b56: 00240203d23d tmp13:= SHL_DSZ32(tmp13, 0x00000002) U5b58: 0005860b0f48 tmp0:= SUB_DSZ32(0x00000286, tmp13) U5b59: 013e860b0c08 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000286, tmp0) U5b5a: 00360003df70 tmp13:= CMOVCC_DSZ32_CONDB(tmp0, tmp13) U5b5c: 00058c030f50 tmp0:= SUB_DSZ32(0x0003efc4, tmp13) U5b5d: 013e8c030c10 tmp0:= MOVEMERGEFLGS_DSZ32(0x0003efc4, tmp0) U5b5e: 01370003df70 tmp13:= CMOVCC_DSZ32_CONDNBE(tmp0, tmp13) U5b60: 00073f03df48 tmp13:= NOTAND_DSZ32(0x0000003f, tmp13) U5b61: 00000403df48 tmp13:= ADD_DSZ32(0x00000004, tmp13) U5b62: 20438e00023d WRITEURAM(tmp13, 0x008e, 64) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U5b64: 0008d677e009 tmp14:= ZEROEXT_DSZ32(0x00003dd6) 01843400 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U5b65: 06a03203a000 tmp10:= unk_6a0(0x00000000) U5b66: 06e10003ae3a tmm2:= unk_6e1(tmm2, tmm0) U5b68: 06a04703b000 tmp11:= unk_6a0(0x00000000) U5b69: 06c90003bef8 tmm3:= unk_6c9(tmm0, tmm3) U5b6a: 00053c031c10 tmp1:= SUB_DSZ32(0x0000ffb9, tmp0) U5b6c: 03506d6c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U5b6d) 01ecc200 SEQW GOTO U6cc2 ------------------------------------------------------------------------------------ U5b6d: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U5b6e: 27000003d033 tmm5:= unk_700(mm3) U5b70: 06a03e03a000 tmp10:= unk_6a0(0x00000000) U5b71: 06e10003be3a tmm3:= unk_6e1(tmm2, tmm0) U5b72: 26a10003fe7b LFNCEMARK-> tmm7:= unk_6a1(tmm3, tmm1) 0501a280 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U5b74: 06a05a03c000 tmp12:= unk_6a0(0x00000000) 01ed3900 SEQW GOTO U6d39 ------------------------------------------------------------------------------------ U5b75: 00250403f23e tmp15:= SHR_DSZ32(tmp14, 0x00000004) U5b76: 00210003effe tmp14:= CONCAT_DSZ32(tmp14, tmp15) U5b78: 00083203f010 tmp15:= ZEROEXT_DSZ32(0x0000e904) U5b79: 0021cf07ffd0 tmp15:= CONCAT_DSZ32(0x41ff0100, tmp15) U5b7a: 386b39190fbf BTUJNB_DIRECT_NOTTAKEN(tmp15, tmp14, U7639) U5b7c: 0008450bf010 tmp15:= ZEROEXT_DSZ32(0xffffe90c) U5b7d: 0021d007ffd0 tmp15:= CONCAT_DSZ32(0x41ff01ff, tmp15) U5b7e: 00540003ffbf tmp15:= BT_DSZ64(tmp15, tmp14) U5b80: 00330103f23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000001) U5b81: 00010203ffc8 tmp15:= OR_DSZ32(0x00000002, tmp15) U5b82: 00651e03e23e tmp14:= SHR_DSZ64(tmp14, 0x0000001e) 0198c680 SEQW GOTO U18c6 ------------------------------------------------------------------------------------ U5b84: 3e6b4903bcb0 LFNCEWAIT-> tmp11:= unk_e6b(tmp0, tmp2) 0248be00 SEQW GOTO U48be ------------------------------------------------------------------------------------ U5b85: 000cc93c0200 SAVEUIP(0x00, U0fc9) U5b86: 1962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U5b88: 0008ff7ff01f tmp15:= ZEROEXT_DSZ32(0xffffffffffffffff) U5b89: 00420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U5b8a: 0e7520074008 tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000120) U5b8c: 09a2c5180674 SYNCFULL-> MOVETOCREG_SHR_DSZ64(tmp4, 0x00000024, 0x6c5) U5b8d: 09a21c000634 MOVETOCREG_SHR_DSZ64(tmp4, 0x00000020, 0x01c) U5b8e: 09a270000734 MOVETOCREG_SHR_DSZ64(tmp4, 0x00000030, 0x070) U5b90: 000800034034 tmp4:= ZEROEXT_DSZ32(tmp4) U5b91: 0e7500070008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000100) U5b92: 004267000230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CUR_RIP) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U5b94: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 03204800 SEQW GOTO U2048 ------------------------------------------------------------------------------------ U5b95: 10628e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x38e, 32) U5b96: 19628e0c03b0 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(tmp0, 0x00000018, 0x38e) U5b98: 000a08800200 TESTUSTATE(UCODE, !0x0008) 01db9e00 ? SEQW GOTO U5b9e U5b99: 004209180200 MOVETOCREG_DSZ64(0x00000000, 0x609) U5b9a: 00420a180200 MOVETOCREG_DSZ64(0x00000000, 0x60a) U5b9c: 00420d040200 MOVETOCREG_DSZ64(0x00000000, 0x10d) U5b9d: 00420e040200 MOVETOCREG_DSZ64(0x00000000, 0x10e) U5b9e: 286aa06d03f9 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x0000001d, U5ba0) 055ba280 SEQW GOTO U5ba2 ------------------------------------------------------------------------------------ U5ba0: 006205070200 tmp0:= MOVEFROMCREG_DSZ64(0x105) U5ba1: 096205040230 MOVETOCREG_BTS_DSZ64(tmp0, 0x105) U5ba2: 00885c37e00a tmp14:= ZEROEXT_DSZ16(0x00004d5c) 01c9a080 SEQW GOTO U49a0 ------------------------------------------------------------------------------------ U5ba4: 19028a0c0280 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000008, 0x38a) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U5ba5: 072a00030039 mm0:= unk_72a(tmm1) U5ba6: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U5ba8: 0151012c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U2b01) U5ba9: 00628c134200 LFNCEWAIT-> tmp4:= MOVEFROMCREG_DSZ64(0x48c) U5baa: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U5bac: 0081000b4d08 tmp4:= OR_DSZ16(0x00000200, tmp4) U5bad: 29028c1386b4 LFNCEMARK-> tmp8:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000028, 0x48c) U5bae: 000408036d48 tmp6:= AND_DSZ32(0x00000008, tmp5) U5bb0: 0150595c0276 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, U3759) U5bb1: 00621a03e200 tmp14:= MOVEFROMCREG_DSZ64(0x01a) U5bb2: 04b400038e00 LFNCEWAIT-> tmm0:= FMOV(tmm0) 03298180 SEQW GOTO U2981 ------------------------------------------------------------------------------------ U5bb4: 000820071008 tmp1:= ZEROEXT_DSZ32(0x00000120) 01afa000 SEQW GOTO U2fa0 ------------------------------------------------------------------------------------ U5bb5: 00a1c003d008 tmp13:= CONCAT_DSZ16(0x000000c0) U5bb6: 00010003df77 tmp13:= OR_DSZ32(tmp7, tmp13) U5bb8: 204200000c7d SYNCFULL-> MOVETOCREG_DSZ64(tmp13, tmp1) U5bb9: 00000203dc48 tmp13:= ADD_DSZ32(0x00000002, tmp1) U5bba: 00620003df40 tmp13:= MOVEFROMCREG_DSZ64(tmp13) U5bbc: 20635a039200 tmp9:= READURAM(0x005a, 64) U5bbd: 00440003df79 tmp13:= AND_DSZ64(tmp9, tmp13) U5bbe: 00450003df7a tmp13:= SUB_DSZ64(tmp10, tmp13) U5bc0: 015100000fbd UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp13, tmp14) U5bc1: 00010003dcf7 tmp13:= OR_DSZ32(tmp7, tmp3) U5bc2: 204200000c7d SYNCFULL-> MOVETOCREG_DSZ64(tmp13, tmp1) 09304e80 SEQW GOTO uret0 ------------------------------------------------------------------------------------ U5bc4: 27410003d000 tmm5:= unk_741(0x00000000) 01c12900 SEQW GOTO U4129 ------------------------------------------------------------------------------------ U5bc5: 0062091b0200 tmp0:= MOVEFROMCREG_DSZ64(0x609) U5bc6: 006539034230 tmp4:= SHR_DSZ64(tmp0, 0x00000039) U5bc8: 000440032d08 tmp2:= AND_DSZ32(0x00000040, tmp4) U5bc9: 006404032232 tmp2:= SHL_DSZ64(tmp2, 0x00000004) U5bca: 000751034234 tmp4:= NOTAND_DSZ32(tmp4, 0x00000051) U5bcc: 0150d26c02b4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U5bd2) U5bcd: 00085a030008 tmp0:= ZEROEXT_DSZ32(0x0000005a) U5bce: 006439030230 tmp0:= SHL_DSZ64(tmp0, 0x00000039) U5bd0: 004106030c08 tmp0:= OR_DSZ64(0x00000006, tmp0) U5bd1: 20420a180231 MOVETOCREG_DSZ64(tmp1, 0x60a) U5bd2: 290209180cb0 MOVETOCREG_OR_DSZ64(tmp0, tmp2, 0x609) U5bd4: 021e02000200 SIGEVENT(0x00000002) 04879d00 SEQW GOTO U079d ------------------------------------------------------------------------------------ U5bd5: 1902db480200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000001, 0x2db) U5bd6: 2d0bd403b008 tmp11:= PORTIN_DSZ32_ASZ16_SC1(0x000000d4) U5bd8: 2d4bd803a008 tmp10:= PORTIN_DSZ64_ASZ16_SC1(0x000000d8) U5bd9: 086be60c03fb BTUJNB_DIRECT_NOTTAKEN(tmp11, 0x0000001c, U03e6) U5bda: 0004ff03cec8 tmp12:= AND_DSZ32(0x000000ff, tmp11) U5bdc: 000506037f08 tmp7:= SUB_DSZ32(0x00000006, tmp12) U5bdd: 0153e40c0237 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp7, U03e4) U5bde: 00250803623b tmp6:= SHR_DSZ32(tmp11, 0x00000008) U5be0: 000446036d90 tmp6:= AND_DSZ32(0x0000ffff, tmp6) U5be1: 00240203723c tmp7:= SHL_DSZ32(tmp12, 0x00000002) U5be2: 000062077dc9 tmp7:= ADD_DSZ32(0x00002162, tmp7) U5be4: 015d00000dc0 SYNCFULL-> UJMP(tmp7) ------------------------------------------------------------------------------------ U5be5: 000000000000 NOP 0860b851 SEQW SAVEUIP0 U5be6 SEQW GOTO U60b8 U5be6: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U5be8: 006353030200 tmp0:= READURAM(0x0053, 64) U5be9: 004708030c08 tmp0:= NOTAND_DSZ64(0x00000008, tmp0) U5bea: 004353080230 WRITEURAM(tmp0, 0x0053, 32) U5bec: 00638d034200 tmp4:= READURAM(0x008d, 64) U5bed: 2d0f10034008 PORTOUT_DSZ32_ASZ16_SC1(0x00000010, tmp4) U5bee: 000d10880000 SAVEUIP_REGOVR(0x01, U5bf0, 0x0210) 01a81d80 SEQW GOTO U281d U5bf0: 003301032230 tmp2:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000001) 01defc00 SEQW GOTO U5efc ------------------------------------------------------------------------------------ U5bf1: 006e10031231 tmp1:= SAR_DSZ64(tmp1, 0x00000010) U5bf2: 004500031c73 tmp1:= SUB_DSZ64(tmp3, tmp1) U5bf4: 006410031231 tmp1:= SHL_DSZ64(tmp1, 0x00000010) U5bf5: 006e10031231 tmp1:= SAR_DSZ64(tmp1, 0x00000010) U5bf6: 000500033d73 tmp3:= SUB_DSZ32(tmp3, tmp5) U5bf8: 005434032235 tmp2:= BT_DSZ64(tmp5, 0x00000034) U5bf9: 017e00031cb1 tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp2) U5bfa: 00653f032235 tmp2:= SHR_DSZ64(tmp5, 0x0000003f) U5bfc: 00643f032232 tmp2:= SHL_DSZ64(tmp2, 0x0000003f) U5bfd: 007600035cf1 tmp5:= CMOVCC_DSZ64_CONDB(tmp1, tmp3) U5bfe: 00563f035235 tmp5:= BTR_DSZ64(tmp5, 0x0000003f) U5c00: 004100035d72 tmp5:= OR_DSZ64(tmp2, tmp5) 01cfd848 SEQW URET0 ------------------------------------------------------------------------------------ probe_mode_force_smm_xlat: U5c01: 00a104030008 tmp0:= CONCAT_DSZ16(0x00000004) 01cfd848 SEQW GOTO U4fd8 ------------------------------------------------------------------------------------ U5c02: 206322030200 tmp0:= READURAM(0x0022, 64) U5c04: 292905310031 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U5c05) 01d9c200 SEQW GOTO U59c2 ------------------------------------------------------------------------------------ U5c05: 2928d2650231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U59d2) U5c06: 013f00030030 tmp0:= unk_13f(tmp0) U5c08: 017e00013c13 tmp7:= MOVEMERGEFLGS_DSZ64(tmp7, tmp0) 01a17c00 SEQW GOTO U217c ------------------------------------------------------------------------------------ U5c09: 000410032c88 tmp2:= AND_DSZ32(0x00000010, tmp2) U5c0a: 002413032232 tmp2:= SHL_DSZ32(tmp2, 0x00000013) U5c0c: 004100035d72 tmp5:= OR_DSZ64(tmp2, tmp5) U5c0d: 004180035d48 tmp5:= OR_DSZ64(0x00000080, tmp5) U5c0e: 000a00880200 TESTUSTATE(UCODE, !0x0200) 01dc1180 ? SEQW GOTO U5c11 U5c10: 004680435d48 tmp5:= XOR_DSZ64(0x00001080, tmp5) U5c11: 2d0bc0031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000000c0) U5c12: 000426072c50 tmp2:= AND_DSZ32(0x00800002, tmp1) U5c14: 00640f032232 tmp2:= SHL_DSZ64(tmp2, 0x0000000f) U5c15: 004100035d72 tmp5:= OR_DSZ64(tmp2, tmp5) U5c16: 000410031c48 tmp1:= AND_DSZ32(0x00000010, tmp1) U5c18: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) 01b05600 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U5c19: 00250a032235 tmp2:= SHR_DSZ32(tmp5, 0x0000000a) U5c1a: 000400632c8b tmp2:= AND_DSZ32(0x00007800, tmp2) U5c1c: 000401031d48 tmp1:= AND_DSZ32(0x00000001, tmp5) U5c1d: 002402031231 tmp1:= SHL_DSZ32(tmp1, 0x00000002) U5c1e: 000100032cb1 tmp2:= OR_DSZ32(tmp1, tmp2) U5c20: 000402031d48 tmp1:= AND_DSZ32(0x00000002, tmp5) U5c21: 002409031231 tmp1:= SHL_DSZ32(tmp1, 0x00000009) U5c22: 000101032cb1 ROVR<- tmp2:= OR_DSZ32(tmp1, tmp2) 0182ba9e SEQW SAVEUIP1 U5c24 SEQW GOTO U02ba U5c24: 2d8bc0031008 tmp1:= PORTIN_DSZ16_ASZ16_SC1(0x000000c0) U5c25: 000722031c50 tmp1:= NOTAND_DSZ32(0x00007c04, tmp1) U5c26: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U5c28: 2d8fc0031008 PORTOUT_DSZ16_ASZ16_SC1(0x000000c0, tmp1) 01d6f800 SEQW GOTO U56f8 ------------------------------------------------------------------------------------ U5c29: 013180032232 tmp2:= SELECTCC_DSZ32_CONDNZ(tmp2, 0x00000080) U5c2a: 000600031c72 tmp1:= XOR_DSZ32(tmp2, tmp1) U5c2c: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U5c2d: 006518031235 tmp1:= SHR_DSZ64(tmp5, 0x00000018) U5c2e: 000400631c48 tmp1:= AND_DSZ32(0x00001800, tmp1) U5c30: 00140c032231 tmp2:= BT_DSZ32(tmp1, 0x0000000c) U5c31: 000000231c48 tmp1:= ADD_DSZ32(0x00000800, tmp1) U5c32: 003300632232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00001800) U5c34: 000700031c72 tmp1:= NOTAND_DSZ32(tmp2, tmp1) U5c35: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U5c36: 005431031235 tmp1:= BT_DSZ64(tmp5, 0x00000031) U5c38: 003288031431 tmp1:= SELECTCC_DSZ32_CONDB(tmp1, 0x00038000) 01b05600 SEQW GOTO U3056 ------------------------------------------------------------------------------------ U5c39: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U5c3a: 0e650003703e tmp7:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp14) U5c3c: 0ea55003423e tmp4:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp14, 0x00000050) U5c3d: 00240403f234 tmp15:= SHL_DSZ32(tmp4, 0x00000004) U5c3e: 2929153d0dff CMPUJNZ_DIRECT_NOTTAKEN(tmp15, tmp7, U5f15) U5c40: 0e255403f23e tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000054) U5c41: 00054603ffd0 tmp15:= SUB_DSZ32(0x0000ffff, tmp15) U5c42: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U5c44: 0ea55203f23e tmp15:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp14, 0x00000052) U5c45: 0084ff63ffcf tmp15:= AND_DSZ16(0x0000f8ff, tmp15) U5c46: 0085f303ffc8 tmp15:= SUB_DSZ16(0x000000f3, tmp15) U5c48: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) 01e88d48 SEQW URET0 ------------------------------------------------------------------------------------ U5c49: 000000000000 NOP 01e88d48 SEQW GOTO U688d ------------------------------------------------------------------------------------ U5c4a: 1062df0b0240 tmp0:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U5c4c: 286a4d3102b0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000008, U5c4d) 019b0c00 SEQW GOTO U1b0c ------------------------------------------------------------------------------------ U5c4d: 004367000200 WRITEURAM(0x00000000, 0x0067, 64) U5c4e: 00880c6f0008 tmp0:= ZEROEXT_DSZ16(0x00001b0c) U5c50: 00a183030c08 tmp0:= CONCAT_DSZ16(0x00000083, tmp0) U5c51: 004307080230 WRITEURAM(tmp0, 0x0007, 32) 01ba4440 SEQW GOTO U3a44 ------------------------------------------------------------------------------------ U5c52: 000801032008 tmp2:= ZEROEXT_DSZ32(0x00000001) U5c54: 000d32800000 SAVEUIP_REGOVR(0x01, U5c55, 0x0032) 0187b500 SEQW GOTO U07b5 U5c55: 2d0ba0032008 tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U5c56: 000500030c32 tmp0:= SUB_DSZ32(tmp2, tmp0) U5c58: 013100031c70 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp0, tmp1) U5c59: 000000034d31 tmp4:= ADD_DSZ32(tmp1, tmp4) 051ea640 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U5c5a: 2042fe1c023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) U5c5c: 000d07000000 SAVEUIP_REGOVR(0x00, U5c5d, 0x0007) 0182fa00 SEQW GOTO U02fa U5c5d: 0c4b400b7000 tmp7:= RDSEGFLD(CS, FLGS) U5c5e: 0042f51c0237 MOVETOCREG_DSZ64(tmp7, 0x7f5) U5c60: 00083403f008 tmp15:= ZEROEXT_DSZ32(0x00000034) U5c61: 000828033008 tmp3:= ZEROEXT_DSZ32(0x00000028) 01e43640 SEQW GOTO U6436 ------------------------------------------------------------------------------------ U5c62: 2d0ba4016008 tmpv2:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U5c64: 286b65f103d6 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmpv2, 0x0000001f, U5c65) 085c6200 SEQW GOTO U5c62 ------------------------------------------------------------------------------------ U5c65: 2d0fa0015008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmpv1) U5c66: 00151f014214 tmpv0:= BTS_DSZ32(tmpv0, 0x0000001f) U5c68: 2d0fa4014008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmpv0) U5c69: 2d0ba4015008 SYNCFULL-> tmpv1:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U5c6a: 286bbef003d5 BTUJNB_DIRECT_NOTTAKEN(tmpv1, 0x0000001f, uret1) 08dc6980 SEQW GOTO U5c69 ------------------------------------------------------------------------------------ U5c6c: 0e2500035d3b tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, tmp4) 01e39a00 SEQW GOTO U639a ------------------------------------------------------------------------------------ U5c6d: 00050303fd48 tmp15:= SUB_DSZ32(0x00000003, tmp5) U5c6e: 0153157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp15, U5f15) U5c70: 00050303fd48 tmp15:= SUB_DSZ32(0x00000003, tmp5) U5c71: 01310043f23f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00001000) U5c72: 00040003fffa tmp15:= AND_DSZ32(tmp10, tmp15) U5c74: 0151157c02bf UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U5f15) U5c75: 00050103fd48 tmp15:= SUB_DSZ32(0x00000001, tmp5) U5c76: 02010103efc8 tmp14:= unk_201(0x00000001, tmp15) U5c78: 01f80003f03f tmp15:= SETCC_CONDZ(tmp15) U5c79: 2928153d003e CMPUJZ_DIRECT_NOTTAKEN(tmp14, 0x00000000, U5f15) U5c7a: 0151157c02b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U5f15) U5c7c: 000100033ff3 LFNCEMARK-> tmp3:= OR_DSZ32(tmp3, tmp15) 0416380d SEQW GOTO U1638 ------------------------------------------------------------------------------------ U5c7d: 200a01000200 TESTUSTATE(VMX, 0x0001) 0416380d ? SEQW URET1 U5c7e: 000801030009 tmp0:= ZEROEXT_DSZ32(0x00002001) U5c80: 00634303b200 tmp11:= READURAM(0x0043, 64) U5c81: 100a40831200 tmp1:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01dc8940 ? SEQW GOTO U5c89 U5c82: 00634c03f200 tmp15:= READURAM(0x004c, 64) U5c84: 00543703f23f tmp15:= BT_DSZ64(tmp15, 0x00000037) U5c85: 00760003beff tmp11:= CMOVCC_DSZ64_CONDB(tmp15, tmp11) U5c86: 00337403f43f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00020000) U5c88: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U5c89: 186a1cc507fb BTUJB_DIRECT_NOTTAKEN(tmp11, 0x0000003f, U611c) U5c8a: 2042fe1c023a MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) U5c8c: 286a917c0330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, do_smm_vmexit_ovr_enter_rip) 01ce8200 SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U5c8d: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U5c8e: 002501037230 tmp7:= SHR_DSZ32(tmp0, 0x00000001) U5c90: 004470037dc8 tmp7:= AND_DSZ64(0x00000070, tmp7) U5c91: 004000037df8 tmp7:= ADD_DSZ64(tmp8, tmp7) U5c92: 0e2500039df4 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp7) U5c94: 001600039c39 tmp9:= BTR_DSZ32(tmp9, tmp0) U5c95: 0e2d00039df4 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp7, tmp9) U5c96: 000070039e08 tmp9:= ADD_DSZ32(0x00000070, tmp8) U5c98: 0e2500037e74 tmp7:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, tmp9) U5c99: 0929392d0037 CMPUJNZ_DIRECT_NOTTAKEN(tmp7, 0x00000000, U4b39) U5c9a: 01504e400279 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, uret0) U5c9c: 00c510039e48 tmp9:= SUB_DSZ8(0x00000010, tmp9) 01dc980d SEQW GOTO U5c98 ------------------------------------------------------------------------------------ U5c9d: 000a00100200 TESTUSTATE(UCODE, 0x0400) 01dc980d ? SEQW URET1 U5c9e: 006229156200 tmpv2:= MOVEFROMCREG_DSZ64(0x529) U5ca0: 006352015200 LFNCEMARK-> tmpv1:= READURAM(0x0052, 64) U5ca1: 00471f014588 tmpv0:= NOTAND_DSZ64(0x0000001f, tmpv2) U5ca2: 004500014515 tmpv0:= SUB_DSZ64(tmpv1, tmpv0) U5ca4: 013101014214 tmpv0:= SELECTCC_DSZ32_CONDNZ(tmpv0, 0x00000001) U5ca5: 0062f01d5200 LFNCEWAIT-> tmpv1:= MOVEFROMCREG_DSZ64(0x7f0) U5ca6: 001407015215 tmpv1:= BT_DSZ32(tmpv1, 0x00000007) U5ca8: 013e01015548 tmpv1:= MOVEMERGEFLGS_DSZ32(0x00000001, tmpv1) U5ca9: 003700014515 tmpv0:= CMOVCC_DSZ32_CONDNB(tmpv1, tmpv0) U5caa: 0001b4014508 tmpv0:= OR_DSZ32(0x000000b4, tmpv0) U5cac: 204202000508 LFNCEMARK-> MOVETOCREG_DSZ64(tmpv0, 0x00000002) 04217c48 SEQW URET0 ------------------------------------------------------------------------------------ U5cad: 206322003200 rdi:= READURAM(0x0022, 64) 04217c48 SEQW GOTO U217c ------------------------------------------------------------------------------------ U5cae: 0062c31bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c3) U5cb0: 2a62c3d8023f MOVETOCREG_BTR_DSZ64(tmp15, 0x00000003, 0x6c3) 03207414 SEQW SAVEUIP1 U5cb1 SEQW GOTO U2074 U5cb1: 00620507f200 tmp15:= MOVEFROMCREG_DSZ64(0x105) U5cb2: 09020504027f LFNCEWAIT-> MOVETOCREG_OR_DSZ64(tmp15, 0x00000004, 0x105) U5cb4: 2d0b1833f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x00004c18) U5cb5: 00010103ffc8 tmp15:= OR_DSZ32(0x00000001, tmp15) U5cb6: 2d0f1833f00a SYNCMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x00004c18, tmp15) 0d0000ca SEQW URET0 ------------------------------------------------------------------------------------ U5cb8: 206300013200 tmp7:= READURAM(0x0000, 64) 0320d60d SEQW GOTO U20d6 ------------------------------------------------------------------------------------ U5cb9: 000a00400240 TESTUSTATE(UCODE, 0x3000) 0320d60d ? SEQW URET1 U5cba: 00621c033200 LFNCEWAIT-> tmp3:= MOVEFROMCREG_DSZ64(0x01c) U5cbc: 00040f039cc8 tmp9:= AND_DSZ32(0x0000000f, tmp3) U5cbd: 0150ae180239 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U06ae) U5cbe: 006312039200 tmp9:= READURAM(0x0012, 64) U5cc0: 086bae9802b9 BTUJNB_DIRECT_NOTTAKEN(tmp9, 0x0000000a, U06ae) U5cc1: 00080a135008 tmp5:= ZEROEXT_DSZ32(0x0000040a) U5cc2: 001510035235 tmp5:= BTS_DSZ32(tmp5, 0x00000010) U5cc4: 000d59a00380 SAVEUIP_REGOVR(0x01, U5cc5, 0xc859) 01ebfd00 SEQW GOTO U6bfd U5cc5: 00440f014cc8 tmpv0:= AND_DSZ64(0x0000000f, tmp3) U5cc6: 000cbda80240 SAVEUIP(0x01, U2abd) U5cc8: 000cd0600240 SAVEUIP(0x00, U38d0) 01b34d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U5cc9: 0c001863703b tmp7:= LDZX_DSZ32_ASZ32_SC1(tmp11, 0x00000018, mode=0x18) U5cca: 0004410b3dd0 tmp3:= AND_DSZ32(0xffff0000, tmp7) U5ccc: 0151111c0273 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, generate_#GP) U5ccd: 07070003d037 tmm5:= unk_707(mm7) U5cce: 0cf5c060023b LDHINT_BUFFER_ASZ32_SC1(tmp11, 0x000018c0) U5cd0: 06910003e03d LFNCEMARK-> tmm6:= unk_691(tmm5) U5cd1: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 045d4540 ? SEQW GOTO U5d45 U5cd2: 000c09140240 SAVEUIP(0x00, U2509) U5cd4: 1008ff7f301f tmp3:= ZEROEXT_DSZ32N(0xffffffffffffffff) U5cd5: 286a46f507f3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000003f, U5d46) U5cd6: 120500033000 tmp3:= unk_205(0x00000000) U5cd8: 0150467402b3 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U5d46) 0820d648 SEQW URET0 ------------------------------------------------------------------------------------ U5cd9: 206301013200 tmp7:= READURAM(0x0001, 64) 0820d648 SEQW GOTO U20d6 ------------------------------------------------------------------------------------ U5cda: 0062c31bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c3) U5cdc: 2902c31802bf MOVETOCREG_OR_DSZ64(tmp15, 0x00000008, 0x6c3) 01a07414 SEQW SAVEUIP1 U5cdd SEQW GOTO U2074 U5cdd: 00620507f200 tmp15:= MOVEFROMCREG_DSZ64(0x105) U5cde: 00470403ffca tmp15:= NOTAND_DSZ64(0x00004004, tmp15) U5ce0: 00420504023f LFNCEWAIT-> MOVETOCREG_DSZ64(tmp15, 0x105) U5ce1: 2d0b1833f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x00004c18) U5ce2: 00070103ffc8 tmp15:= NOTAND_DSZ32(0x00000001, tmp15) 025cb680 SEQW GOTO U5cb6 ------------------------------------------------------------------------------------ U5ce4: 206308030200 tmp0:= READURAM(0x0008, 64) 01a74600 SEQW GOTO U2746 ------------------------------------------------------------------------------------ U5ce5: 0c4000639238 tmp9:= LDZX_DSZ64_ASZ32_SC1(tmp8, mode=0x18) U5ce6: 0c400863a238 tmp10:= LDZX_DSZ64_ASZ32_SC1(tmp8, 0x00000008, mode=0x18) U5ce8: 00434b00023a LFNCEWAIT-> WRITEURAM(tmp10, 0x004b, 64) U5ce9: 0047ff3fae48 tmp10:= NOTAND_DSZ64(0x00000fff, tmp9) U5cea: 00641003a23a tmp10:= SHL_DSZ64(tmp10, 0x00000010) U5cec: 006e1003a23a tmp10:= SAR_DSZ64(tmp10, 0x00000010) U5ced: 0c6b3100003a WRSEGFLD(tmp10) U5cee: 0062011fa200 tmp10:= MOVEFROMCREG_DSZ64(0x701) U5cf0: 000403039e48 tmp9:= AND_DSZ32(0x00000003, tmp9) U5cf1: 00241c039239 tmp9:= SHL_DSZ32(tmp9, 0x0000001c) U5cf2: 0047ac07ae90 tmp10:= NOTAND_DSZ64(0x30000000, tmp10) U5cf4: 0902011c0e7a LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp10, tmp9, 0x701) 0424f94c SEQW URET1 ------------------------------------------------------------------------------------ U5cf5: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 0424f94c ? SEQW GOTO U24f9 U5cf6: 000e0f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000f) U5cf8: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) U5cf9: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) 01a4fc40 SEQW GOTO U24fc ------------------------------------------------------------------------------------ U5cfa: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U5cfc: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01dd0000 ? SEQW GOTO U5d00 U5cfd: 00634c015200 tmpv1:= READURAM(0x004c, 64) U5cfe: 286a903c0515 BTUJB_DIRECT_NOTTAKEN(tmpv1, tmpv0, do_smm_vmexit) U5d00: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 019cbe0e ? SEQW GOTO uret1 U5d01: 006343015200 tmpv1:= READURAM(0x0043, 64) U5d02: 086a81390515 BTUJB_DIRECT_NOTTAKEN(tmpv1, tmpv0, do_vmexit) 019cbe0e SEQW URET1 ------------------------------------------------------------------------------------ U5d04: 204308000231 LFNCEWAIT-> WRITEURAM(tmp1, 0x0008, 64) 02217c00 SEQW GOTO U217c ------------------------------------------------------------------------------------ U5d05: 006377030200 tmp0:= READURAM(0x0077, 64) U5d06: 286b12b50630 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000022, U5d12) U5d08: 2d0bdc43000a tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000050dc) U5d09: 286a12350230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U5d12) U5d0a: 006275170200 tmp0:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U5d0c: 286b12f502b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000000b, U5d12) U5d0d: 006262170200 LFNCEMARK-> tmp0:= MOVEFROMCREG_DSZ64(0x562) U5d0e: 0047ff3f0c08 tmp0:= NOTAND_DSZ64(0x00000fff, tmp0) U5d10: 0e6518074030 tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000018, mode=0x01) U5d11: 2929412c0034 CMPUJNZ_DIRECT_NOTTAKEN(tmp4, 0x00000000, U1b41) U5d12: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U5d14: 001510035200 tmp5:= BTS_DSZ32(0x00000000, 0x00000010) 01a81400 SEQW GOTO U2814 ------------------------------------------------------------------------------------ U5d15: 00632003f200 tmp15:= READURAM(0x0020, 64) U5d16: 00540103f23f tmp15:= BT_DSZ64(tmp15, 0x00000001) U5d18: 0073006ff27f tmp15:= SELECTCC_DSZ64_CONDNB(tmp15, 0x00003b00) U5d19: 0e752003f03f tmp15:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp15, 0x00000020) U5d1a: 01420b000fc0 SYNCFULL-> UFLOWCTRL(URET1, tmp15) U5d1c: 006262155200 tmpv1:= MOVEFROMCREG_DSZ64(0x562) U5d1d: 0047ff3d5548 tmpv1:= NOTAND_DSZ64(0x00000fff, tmpv1) U5d1e: 2e2a00054015 tmpv0:= LDPPHYS_DSZ32_ASZ64_SC1(tmpv1, mode=0x01) U5d20: 000801016008 tmpv2:= ZEROEXT_DSZ32(0x00000001) U5d21: 2e2800056015 STADPPHYS_DSZ32_ASZ64_SC1(tmpv1, mode=0x01, tmpv2) U5d22: 192855100014 SYNCFULL-> CMPUJZ_DIRECT_NOTTAKEN(tmpv0, 0x00000000, U2455) U5d24: 000000040000 MSSTOP-> NOP 01dd1e2c SEQW GOTO U5d1e ------------------------------------------------------------------------------------ U5d25: 00450903f848 tmp15:= SUB_DSZ64(0x00000009, rcx) U5d26: 0153111c027f UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp15, generate_#GP) U5d28: 0062fe1f5200 tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U5d29: 006311032200 tmp2:= READURAM(0x0011, 64) U5d2a: 0e6570072c8a tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000270, mode=0x01) U5d2c: 2042fe1c0232 MOVETOCREG_DSZ64(tmp2, CORE_CR_EFLAGS) U5d2d: 00240b030221 tmp0:= SHL_DSZ32(rcx, 0x0000000b) U5d2e: 2902521c0c33 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmp3, tmp0, 0x752) U5d30: 120f0003f000 tmp15:= unk_20f(0x00000000) U5d31: 017e00034ff4 tmp4:= MOVEMERGEFLGS_DSZ64(tmp4, tmp15) U5d32: 017400001074 r64dst:= CMOVCC_DSZ64_CONDZ(tmp4, r64dst) U5d34: 2042fe1c0235 SYNCFULL-> MOVETOCREG_DSZ64(tmp5, CORE_CR_EFLAGS) 0817ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U5d35: 06a70003ae39 tmm2:= unk_6a7(tmm1, tmm0) U5d36: 076a0003603a mm6:= unk_76a(tmm2) U5d38: 000c046c0280 SAVEUIP(0x00, U5b04) U5d39: 000407036d88 tmp6:= AND_DSZ32(0x00000007, tmp6) U5d3a: 002502032236 tmp2:= SHR_DSZ32(tmp6, 0x00000002) U5d3c: 000402033d88 tmp3:= AND_DSZ32(0x00000002, tmp6) U5d3d: 002402033233 tmp3:= SHL_DSZ32(tmp3, 0x00000002) U5d3e: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U5d40: 000401033d88 tmp3:= AND_DSZ32(0x00000001, tmp6) U5d41: 002401033233 tmp3:= SHL_DSZ32(tmp3, 0x00000001) U5d42: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U5d44: 27410003d032 tmm5:= unk_741(mm2) 01a50948 SEQW URET0 ------------------------------------------------------------------------------------ U5d45: 100a10000200 TESTUSTATE(SYS, UST_ADDR_SIZE_64BIT) 01a50948 ? SEQW GOTO U2509 U5d46: 000e0f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000000f) U5d48: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) U5d49: 10808003bec8 tmp11:= ADD_DSZN(0x00000080, tmp11) 01a50c40 SEQW GOTO U250c ------------------------------------------------------------------------------------ U5d4a: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5d4c: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01dcf500 ? SEQW GOTO U5cf5 U5d4d: 000cf9100240 SAVEUIP(0x00, U24f9) U5d4e: 1008ff7f701f tmp7:= ZEROEXT_DSZ32N(0xffffffffffffffff) U5d50: 286af6f107f7 BTUJB_DIRECT_NOTTAKEN(tmp7, 0x0000003f, U5cf6) U5d51: 120500037000 tmp7:= unk_205(0x00000000) U5d52: 0150f67002b7 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, U5cf6) 090000ca SEQW URET0 ------------------------------------------------------------------------------------ U5d54: 000d00800000 SAVEUIP_REGOVR(0x01, U5d55, 0x0000) 01ab1539 SEQW GOTO lbsync_full U5d55: 021eb2000200 SIGEVENT(0x000000b2) 01ab1539 SEQW UEND2 ------------------------------------------------------------------------------------ U5d56: 0062011f1200 tmp1:= MOVEFROMCREG_DSZ64(0x701) U5d58: 286a59350331 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000010, U5d59) 01dd5e00 SEQW GOTO U5d5e ------------------------------------------------------------------------------------ U5d59: 00635c030200 tmp0:= READURAM(0x005c, 64) U5d5a: 000100430c08 tmp0:= OR_DSZ32(0x00001000, tmp0) U5d5c: 00435c080230 WRITEURAM(tmp0, 0x005c, 32) U5d5d: 00434b000200 WRITEURAM(0x00000000, 0x004b, 64) U5d5e: 021e15000200 SIGEVENT(0x00000015) 01879d80 SEQW GOTO U079d ------------------------------------------------------------------------------------ U5d60: 00620003e200 tmp14:= MOVEFROMCREG_DSZ64(0x000) 04e94e10 SEQW SAVEUIP0 U5d61 SEQW GOTO U694e U5d61: 29626d400340 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000015, 0x06d) U5d62: 000802030008 tmp0:= ZEROEXT_DSZ32(0x00000002) U5d64: 000c9d9c0200 SAVEUIP(0x01, U079d) 088c6900 SEQW GOTO U0c69 ------------------------------------------------------------------------------------ U5d65: 1062bc0b1240 SYNCFULL-> tmp1:= MOVEFROMCREG_DSZ64(0x2bc, 32) U5d66: 1962bc880231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000002, 0x2bc) U5d68: 000601031c88 tmp1:= XOR_DSZ32(0x00000001, tmp2) U5d69: 00251e032232 tmp2:= SHR_DSZ32(tmp2, 0x0000001e) U5d6a: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U5d6c: 000400031cb1 tmp1:= AND_DSZ32(tmp1, tmp2) U5d6d: 0150fd540271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U35fd) U5d6e: 1062c40b1240 tmp1:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U5d70: 3962c4480231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U5d71: 006370031200 tmp1:= READURAM(0x0070, 64) U5d72: 005501031231 tmp1:= BTS_DSZ64(tmp1, 0x00000001) U5d74: 204370000231 WRITEURAM(tmp1, 0x0070, 64) 01b5fd00 SEQW GOTO U35fd ------------------------------------------------------------------------------------ U5d75: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U5d76: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U5d78: 0040407b2c1f tmp2:= ADD_DSZ64(0xfffffffffffffe40, tmp0) U5d79: 0ee500032cb7 tmp2:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp2) U5d7a: 00c000031c72 tmp1:= ADD_DSZ8(tmp2, tmp1) U5d7c: 0ee500032c37 tmp2:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp0) U5d7d: 00c000031c72 tmp1:= ADD_DSZ8(tmp2, tmp1) U5d7e: 0ee500033c77 tmp3:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp1) U5d80: 0eed00033c37 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp0, tmp3) U5d81: 0eed00032c77 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp1, tmp2) U5d82: 00c001030c08 tmp0:= ADD_DSZ8(0x00000001, tmp0) U5d84: 0150452c0270 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U2b45) 01dd7800 SEQW GOTO U5d78 ------------------------------------------------------------------------------------ U5d85: 000808830008 tmp0:= ZEROEXT_DSZ32(IMM_MACRO_ALIAS_MSLOOPCTR) U5d86: 204308040230 WRITEURAM(tmp0, 0x0108, 64) U5d88: 0004ff030c48 tmp0:= AND_DSZ32(0x000000ff, tmp1) U5d89: 01420e000c00 SYNCFULL-> UFLOWCTRL(MSLOOPCTR, tmp0) U5d8a: 002508030231 tmp0:= SHR_DSZ32(tmp1, 0x00000008) U5d8c: 00040f031c48 tmp1:= AND_DSZ32(0x0000000f, tmp1) U5d8d: 1928d4000230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U20d4) U5d8e: 1928dc000330 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000010, U20dc) U5d90: 1928425c0230 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000001, U2742) U5d91: 292802710330 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000011, U5c02) U5d92: 2928adb10330 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000012, U5cad) U5d94: 204322000203 WRITEURAM(rdi, 0x0022, 64) 01a17c00 SEQW GOTO U217c ------------------------------------------------------------------------------------ U5d95: 076c00031039 tmp1:= PINTMOVDTMM2I_DSZ64(tmm1) U5d96: 0045000338b1 tmp3:= SUB_DSZ64(tmp1, rdx) U5d98: 004100034d33 tmp4:= OR_DSZ64(tmp3, tmp4) U5d99: 213e08033008 tmp3:= MOVEMERGEFLGS_DSZ32(0x00000008) U5d9a: 237d00000d33 GENARITHFLAGS(tmp3, tmp4) U5d9c: 217400030c23 tmp0:= CMOVCC_DSZ64_CONDZ(rbx, tmp0) U5d9d: 217400031c61 tmp1:= CMOVCC_DSZ64_CONDZ(rcx, tmp1) U5d9e: 07440003a030 tmm2:= unk_744(mm0) U5da0: 07440003b031 tmm3:= unk_744(mm1) U5da1: 04ef0803cefa tmm4:= MOVHLPS(tmm2, tmm3) U5da2: 3c1e0063c032 tmp12:= unk_c1e(tmp2) U5da4: 217500020830 rax:= CMOVCC_DSZ64_CONDNZ(tmp0, rax) U5da5: 2175000228b1 rdx:= CMOVCC_DSZ64_CONDNZ(tmp1, rdx) 01b210b1 SEQW UEND0 ------------------------------------------------------------------------------------ U5da6: 100a00000300 TESTUSTATE(SYS, 0x8000) 01b210b1 ? SEQW GOTO uend0 U5da8: 0252092002b8 SYNCWAIT-> UJMPCC_DIRECT_NOTTAKEN_CONDP(tmp8, U4809) U5da9: 000c2213d288 tmp13:= SAVEUIP(0x00, U4422) U5daa: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 0a08e680 ? SEQW GOTO U08e6 U5dac: 0e6d08075037 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x00000008, mode=0x01, tmp5) 035db248 SEQW URET0 ------------------------------------------------------------------------------------ U5dad: 100a00040200 TESTUSTATE(SYS, UST_VMX_OP_DIS) 035db248 ? SEQW GOTO U5db2 U5dae: 006379036200 LFNCEWAIT-> tmp6:= READURAM(0x0079, 64) U5db0: 016300036d88 tmp6:= unk_163(0x00000000, tmp6) U5db1: 09a29d1c02b6 MOVETOCREG_SHR_DSZ64(tmp6, 0x00000008, 0x79d) U5db2: 000cb55402c0 SAVEUIP(0x00, U75b5) 01a3d180 SEQW GOTO U23d1 ------------------------------------------------------------------------------------ U5db4: 29620b800280 MOVETOCREG_BTS_DSZ64(0x0000000a, 0x00b) 05201214 SEQW SAVEUIP1 U5db5 SEQW GOTO U2012 U5db5: 000c646bd288 tmp13:= SAVEUIP(0x00, U5a64) U5db6: 000809079008 LFNCEMARK-> tmp9:= ZEROEXT_DSZ32(0x00000109) U5db8: 00620107a200 tmp10:= MOVEFROMCREG_DSZ64(0x101) 01bc2200 SEQW GOTO U3c22 ------------------------------------------------------------------------------------ U5db9: 006356033200 tmp3:= READURAM(0x0056, 64) U5dba: 00080203d008 tmp13:= ZEROEXT_DSZ32(0x00000002) U5dbc: 000d56800000 SAVEUIP_REGOVR(0x01, U5dbd, 0x0056) 01985600 SEQW GOTO U1856 U5dbd: 203d00000000 MOVEINSERTFLGS_DSZ32(0x00000000) U5dbe: 004500032cfc tmp2:= SUB_DSZ64(tmp12, tmp3) U5dc0: 017eff7f2c9f tmp2:= MOVEMERGEFLGS_DSZ64(0xffffffffffffffff, tmp2) U5dc1: 017400033cf2 tmp3:= CMOVCC_DSZ64_CONDZ(tmp2, tmp3) U5dc2: 004356000233 LFNCEWTMRK-> WRITEURAM(tmp3, 0x0056, 64) U5dc4: 0e6d78000f0a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000278, 0x00000000) U5dc5: 0e6db0000f0a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b0, 0x00000000) U5dc6: 0e2dd8000f09 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000001d8, 0x00000000) U5dc8: 1062df0b5240 tmp5:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U5dc9: 286ab95d07b5 BTUJB_DIRECT_NOTTAKEN(tmp5, 0x00000039, U57b9) 01808e40 SEQW GOTO U008e ------------------------------------------------------------------------------------ U5dca: 006343014200 tmpv0:= READURAM(0x0043, 64) U5dcc: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01b8c800 ? SEQW GOTO U38c8 U5dcd: 00634c015200 tmpv1:= READURAM(0x004c, 64) U5dce: 00a138016008 tmpv2:= CONCAT_DSZ16(0x00000038) U5dd0: 002108016588 tmpv2:= CONCAT_DSZ32(0x00000008, tmpv2) U5dd1: 004700015556 tmpv1:= NOTAND_DSZ64(tmpv2, tmpv1) U5dd2: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) 01b8c880 SEQW GOTO U38c8 ------------------------------------------------------------------------------------ U5dd4: 006265171200 tmp1:= MOVEFROMCREG_DSZ64(0x565) 01843c14 SEQW SAVEUIP1 U5dd5 SEQW GOTO U043c U5dd5: 186b119c02b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x0000000a, generate_#GP) U5dd6: 006205071200 tmp1:= MOVEFROMCREG_DSZ64(0x105) U5dd8: 296205c402f1 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp1, 0x0000000f, 0x105) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U5dd9: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5dda: 0e25f073a548 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmpv1, 0x000000f0, mode=0x1c) U5ddc: 00071f017e88 tmpv3:= NOTAND_DSZ32(0x0000001f, tmp10) U5ddd: 017e0003a5fa tmp10:= MOVEMERGEFLGS_DSZ64(tmp10, tmpv3) U5dde: 01341f03a23a tmp10:= CMOVCC_DSZ32_CONDZ(tmp10, 0x0000001f) U5de0: 00642a03a23a tmp10:= SHL_DSZ64(tmp10, 0x0000002a) U5de1: 0041000165ba tmpv2:= OR_DSZ64(tmp10, tmpv2) U5de2: 0e25e873a548 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmpv1, 0x000000e8, mode=0x1c) U5de4: 00041f03ae88 tmp10:= AND_DSZ32(0x0000001f, tmp10) U5de5: 01310003ae97 tmp10:= SELECTCC_DSZ32_CONDNZ(tmpv3, tmp10) U5de6: 00642503a23a tmp10:= SHL_DSZ64(tmp10, 0x00000025) U5de8: 0041000165ba tmpv2:= OR_DSZ64(tmp10, tmpv2) U5de9: 00431f040216 LFNCEMARK-> WRITEURAM(tmpv2, 0x011f, 64) 049cbe8d SEQW URET1 ------------------------------------------------------------------------------------ U5dea: 100a20000200 TESTUSTATE(SYS, UST_SMM) 049cbe8d ? SEQW GOTO uret1 U5dec: 006312014200 tmpv0:= READURAM(0x0012, 64) U5ded: 0062c3195200 tmpv1:= MOVEFROMCREG_DSZ64(0x6c3) U5dee: 00251a014214 tmpv0:= SHR_DSZ32(tmpv0, 0x0000001a) U5df0: 000420014508 tmpv0:= AND_DSZ32(0x00000020, tmpv0) U5df1: 0902c3180515 SYNCFULL-> MOVETOCREG_OR_DSZ64(tmpv1, tmpv0, 0x6c3) 08d4ad8d SEQW URET1 ------------------------------------------------------------------------------------ U5df2: 000a04000200 TESTUSTATE(UCODE, 0x0004) 08d4ad8d ? SEQW GOTO U54ad U5df4: 1062ff0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3ff, 32) U5df5: 0001ac070c10 tmp0:= OR_DSZ32(0x30000000, tmp0) U5df6: 1042ff0c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3ff, 32) U5df8: 0001110b0c10 tmp0:= OR_DSZ32(0xc0000040, tmp0) U5df9: 3042ff0c0270 MOVETOCREG_DSZ64(tmp0, 0x3ff, 32) 01d4ad40 SEQW GOTO U54ad ------------------------------------------------------------------------------------ U5dfa: 00635703c200 tmp12:= READURAM(0x0057, 64) U5dfc: 200a00400200 TESTUSTATE(VMX, 0x1000) 0180e910 ? SEQW SAVEUIP0 U5dfd ? SEQW GOTO U00e9 U5dfd: 006213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U5dfe: 0008ff035008 tmp5:= ZEROEXT_DSZ32(0x000000ff) U5e00: 0021004357f5 tmp5:= CONCAT_DSZ32(tmp5, 0xfffffffffffff000) U5e01: 004400034d35 tmp4:= AND_DSZ64(tmp5, tmp4) U5e02: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5e04: 0ee580733234 tmp3:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp4, 0x00000080, mode=0x1c) 048c720e SEQW GOTO U0c72 ------------------------------------------------------------------------------------ U5e05: 2962b5000200 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x0b5) U5e06: 000a00115200 tmpv1:= TESTUSTATE(UCODE, 0x0400) 048c720e ? SEQW URET1 U5e08: 010800814010 tmpv0:= READUIP_REGOVR(0x01) U5e09: 00210003e53e tmp14:= CONCAT_DSZ32(tmp14, tmpv0) U5e0a: 0062b1014200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(0x0b1) U5e0c: 086b16900214 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000002, U0416) U5e0d: 0062f01d4200 tmpv0:= MOVEFROMCREG_DSZ64(0x7f0) U5e0e: 186b44ad0294 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x0000000a, U6b44) U5e10: 0053282c02d7 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmpv3, U6b28) U5e11: 006200014200 tmpv0:= MOVEFROMCREG_DSZ64(0x000) U5e12: 00043f014508 tmpv0:= AND_DSZ32(0x0000003f, tmpv0) U5e14: 00050a014508 tmpv0:= SUB_DSZ32(0x0000000a, tmpv0) U5e15: 01512e2c02d4 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv0, U6b2e) 04eb2940 SEQW GOTO U6b29 ------------------------------------------------------------------------------------ U5e16: 00081d030008 tmp0:= ZEROEXT_DSZ32(0x0000001d) U5e18: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01de1d00 ? SEQW GOTO U5e1d U5e19: 006343032200 tmp2:= READURAM(0x0043, 64) U5e1a: 286a0ce50372 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000017, U590c) U5e1c: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 0185fc00 ? SEQW GOTO U05fc U5e1d: 000174030c10 tmp0:= OR_DSZ32(0x00020000, tmp0) U5e1e: 00634c032200 tmp2:= READURAM(0x004c, 64) U5e20: 286a0ce50372 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000017, U590c) 0185fc00 SEQW GOTO U05fc ------------------------------------------------------------------------------------ U5e21: 006512034236 tmp4:= SHR_DSZ64(tmp6, 0x00000012) U5e22: 00043f034d08 tmp4:= AND_DSZ32(0x0000003f, tmp4) U5e24: 000803031008 tmp1:= ZEROEXT_DSZ32(0x00000003) U5e25: 02e600035d31 tmp5:= unk_2e6(tmp1, tmp4) U5e26: 036100034035 tmp4:= unk_361(tmp5) U5e28: 01f900034034 tmp4:= SETCC_CONDNZ(tmp4) U5e29: 00c000034d35 tmp4:= ADD_DSZ8(tmp5, tmp4) U5e2a: 02e400034d31 tmp4:= unk_2e4(tmp1, tmp4) U5e2c: 00043f034d08 tmp4:= AND_DSZ32(0x0000003f, tmp4) U5e2d: 002409034234 tmp4:= SHL_DSZ32(tmp4, 0x00000009) U5e2e: 006201135200 tmp5:= MOVEFROMCREG_DSZ64(0x401) U5e30: 0007007b5d4b tmp5:= NOTAND_DSZ32(0x00007e00, tmp5) U5e31: 090201100d35 LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmp5, tmp4, 0x401) 0682ba89 SEQW URET0 ------------------------------------------------------------------------------------ U5e32: 000d0e800000 SAVEUIP_REGOVR(0x01, U5e34, 0x000e) 0682ba89 SEQW GOTO U02ba U5e34: 2d0b085fe00c SYNCWAIT-> tmp14:= PORTIN_DSZ32_ASZ16_SC1(0x00009708) U5e35: 00150003e23e tmp14:= BTS_DSZ32(tmp14, 0x00000000) U5e36: 2d0f085fe00c PORTOUT_DSZ32_ASZ16_SC1(0x00009708, tmp14) U5e38: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U5e39: 00080b030008 LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x0000000b) 04879e40 SEQW GOTO U079e ------------------------------------------------------------------------------------ U5e3a: 01502a640230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U192a) U5e3c: 100a00000380 TESTUSTATE(SYS, 0xc000) 01992a00 ? SEQW GOTO U192a U5e3d: 000c149c0280 SAVEUIP(0x01, U4714) U5e3e: 006274170200 tmp0:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U5e40: 0047ff3f0c08 tmp0:= NOTAND_DSZ64(0x00000fff, tmp0) U5e41: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U5e42: 2d4bd833200a tmp2:= PORTIN_DSZ64_ASZ16_SC1(0x00004cd8) U5e44: 2d4be033300a tmp3:= PORTIN_DSZ64_ASZ16_SC1(0x00004ce0) U5e45: 0047000b3cc8 tmp3:= NOTAND_DSZ64(0x00000200, tmp3) 0187258d SEQW URET1 ------------------------------------------------------------------------------------ U5e46: 000d00000000 SAVEUIP_REGOVR(0x00, U5e48, 0x0000) 0187258d SEQW GOTO U0725 U5e48: 0062bb1f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7bb) U5e49: 2962bb1c02b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000008, 0x7bb) U5e4a: 3042f1080240 MOVETOCREG_DSZ64(0x00000000, 0x2f1, 32) U5e4c: 2d4f2018000a PORTOUT_DSZ64_ASZ16_SC1(0x00004620, 0x00000000) U5e4d: 000c65bc0200 SAVEUIP(0x01, U0f65) 01a17440 SEQW GOTO U2174 ------------------------------------------------------------------------------------ U5e4e: 106208094240 tmpv0:= MOVEFROMCREG_DSZ64(0x208, 32) U5e50: 286abe300214 BTUJB_DIRECT_NOTTAKEN(tmpv0, 0x00000000, uret1) 0182b210 SEQW SAVEUIP0 U5e51 SEQW GOTO U02b2 U5e51: 106208094240 tmpv0:= MOVEFROMCREG_DSZ64(0x208, 32) U5e52: 286a59390214 BTUJB_DIRECT_NOTTAKEN(tmpv0, 0x00000000, U5e59) U5e54: 2d0bd841400a tmpv0:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U5e55: 001512014214 tmpv0:= BTS_DSZ32(tmpv0, 0x00000012) U5e56: 2d0fd841400a PORTOUT_DSZ32_ASZ16_SC1(0x000050d8, tmpv0) U5e58: 390208c80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x208) U5e59: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 0186c640 SEQW GOTO uret1 ------------------------------------------------------------------------------------ U5e5a: 00010003df7f tmp13:= OR_DSZ32(tmp15, tmp13) U5e5c: 01505d7802bd UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp13, U5e5d) 0c840c00 SEQW GOTO U040c ------------------------------------------------------------------------------------ U5e5d: 01420b000f80 SYNCMARK-> UFLOWCTRL(URET1, tmp14) U5e5e: 00635c03d200 tmp13:= READURAM(0x005c, 64) U5e60: 00160c03d23d tmp13:= BTR_DSZ32(tmp13, 0x0000000c) U5e61: 00435c08023d WRITEURAM(tmp13, 0x005c, 32) U5e62: 00634b03f200 tmp15:= READURAM(0x004b, 64) U5e64: 013e0103df48 tmp13:= MOVEMERGEFLGS_DSZ32(0x00000001, tmp13) U5e65: 00770003fffd tmp15:= CMOVCC_DSZ64_CONDNB(tmp13, tmp15) U5e66: 00434b00023f SYNCWAIT-> WRITEURAM(tmp15, 0x004b, 64) 0b040c80 SEQW GOTO U040c ------------------------------------------------------------------------------------ fit_process_error: U5e68: 20430e00023b WRITEURAM(tmp11, 0x000e, 64) 01e0b810 SEQW SAVEUIP0 U5e69 SEQW GOTO U60b8 U5e69: 2dcbc0031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x000000c0) U5e6a: 001603031231 tmp1:= BTR_DSZ32(tmp1, 0x00000003) U5e6c: 2dcfc0031008 PORTOUT_DSZ8_ASZ16_SC1(0x000000c0, tmp1) 01e5f200 SEQW GOTO U65f2 ------------------------------------------------------------------------------------ U5e6d: 000407033cc8 tmp3:= AND_DSZ32(0x00000007, tmp3) U5e6e: 000738030e88 tmp0:= NOTAND_DSZ32(0x00000038, tmp10) U5e70: 017e00030cf0 tmp0:= MOVEMERGEFLGS_DSZ64(tmp0, tmp3) U5e71: 01350003aeb0 tmp10:= CMOVCC_DSZ32_CONDNZ(tmp0, tmp10) U5e72: 000100030ffa tmp0:= OR_DSZ32(tmp10, tmp15) U5e74: 000100030c39 tmp0:= OR_DSZ32(tmp9, tmp0) U5e75: 07070003d030 tmm5:= unk_707(mm0) U5e76: 06910003e03d LFNCEMARK-> tmm6:= unk_691(tmm5) U5e78: 0062c51f3200 tmp3:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U5e79: 00140a033233 tmp3:= BT_DSZ32(tmp3, 0x0000000a) U5e7a: 017e19031cc8 LFNCEWAIT-> tmp1:= MOVEMERGEFLGS_DSZ64(0x00000019, tmp3) U5e7c: 00374d031231 tmp1:= CMOVCC_DSZ32_CONDNB(tmp1, 0x0000004d) U5e7d: 021e00000c40 SIGEVENT(tmp1) 01879d40 SEQW GOTO U079d ------------------------------------------------------------------------------------ U5e7e: 000cecd802c0 SAVEUIP(0x01, U76ec) U5e80: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01844c00 ? SEQW GOTO U044c U5e81: 00040f035d48 tmp5:= AND_DSZ32(0x0000000f, tmp5) U5e82: 000401039d48 tmp9:= AND_DSZ32(0x00000001, tmp5) U5e84: 017e00036e76 tmp6:= MOVEMERGEFLGS_DSZ64(tmp6, tmp9) U5e85: 017500039ef6 tmp9:= CMOVCC_DSZ64_CONDNZ(tmp6, tmp11) U5e86: 000401039e48 tmp9:= AND_DSZ32(0x00000001, tmp9) U5e88: 004100034eb9 tmp4:= OR_DSZ64(tmp9, tmp10) U5e89: 004400034d74 tmp4:= AND_DSZ64(tmp4, tmp5) U5e8a: 004400033d76 tmp3:= AND_DSZ64(tmp6, tmp5) U5e8c: 292914250cf4 LFNCEWTMRK-> CMPUJNZ_DIRECT_NOTTAKEN(tmp4, tmp3, U5914) 065dea4c SEQW URET1 ------------------------------------------------------------------------------------ U5e8d: 000d10800000 SAVEUIP_REGOVR(0x01, U5e8e, 0x0010) 065dea4c SEQW GOTO U5dea U5e8e: 006353030200 tmp0:= READURAM(0x0053, 64) U5e90: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U5e91: 00637803f200 tmp15:= READURAM(0x0078, 64) U5e92: 20430708023f WRITEURAM(tmp15, 0x0007, 32) U5e94: 00141703f23f tmp15:= BT_DSZ32(tmp15, 0x00000017) U5e95: 005200000fff SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp15, tmp15) 08ba8140 SEQW GOTO U3a81 ------------------------------------------------------------------------------------ U5e96: 000803031008 tmp1:= ZEROEXT_DSZ32(0x00000003) U5e98: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01e38200 ? SEQW GOTO U6382 U5e99: 0042c0180200 MOVETOCREG_DSZ64(0x00000000, 0x6c0) U5e9a: 00635703c200 tmp12:= READURAM(0x0057, 64) U5e9c: 20435600023c WRITEURAM(tmp12, 0x0056, 64) U5e9d: 0e65b8030f0a tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b8) U5e9e: 204357000230 SYNCFULL-> WRITEURAM(tmp0, 0x0057, 64) U5ea0: 000823030008 tmp0:= ZEROEXT_DSZ32(0x00000023) U5ea1: 00151e030230 ROVR<- tmp0:= BTS_DSZ32(tmp0, 0x0000001e) 018000dd SEQW SAVEUIP1 U5ea2 U5ea2: 000cf2080200 SAVEUIP(0x00, U02f2) U5ea4: 000c91fc0200 SAVEUIP(0x01, do_smm_vmexit_ovr_enter_rip) 0182ea00 SEQW GOTO U02ea ------------------------------------------------------------------------------------ U5ea5: 000c72600240 SAVEUIP(0x00, U3872) U5ea6: 06240003ce38 tmm4:= unk_624(tmm0, tmm0) U5ea8: 06240003de79 tmm5:= unk_624(tmm1, tmm1) U5ea9: 072c0003003c tmp0:= PINTMOVDTMM2I_DSZ32(tmm4) U5eaa: 072c0003103d tmp1:= PINTMOVDTMM2I_DSZ32(tmm5) U5eac: 002502030230 tmp0:= SHR_DSZ32(tmp0, 0x00000002) U5ead: 000407032c08 tmp2:= AND_DSZ32(0x00000007, tmp0) U5eae: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U5eb0: 00040f038c48 tmp8:= AND_DSZ32(0x0000000f, tmp1) U5eb1: 000100032cb8 tmp2:= OR_DSZ32(tmp8, tmp2) U5eb2: 072a00038038 tmm0:= unk_72a(tmm0) U5eb4: 002404038238 tmp8:= SHL_DSZ32(tmp8, 0x00000004) U5eb5: 000100032cb8 tmp2:= OR_DSZ32(tmp8, tmp2) 01ce7589 SEQW URET0 ------------------------------------------------------------------------------------ U5eb6: 100a00000280 TESTUSTATE(SYS, 0x4000) 01ce7589 ? SEQW GOTO U4e75 U5eb8: 00054e031e08 tmp1:= SUB_DSZ32(0x0000004e, tmp8) U5eb9: 0053861402b8 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp8, U4586) U5eba: 015088440271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U3188) U5ebc: 00054f031e08 tmp1:= SUB_DSZ32(0x0000004f, tmp8) U5ebd: 00081813200c tmp2:= ZEROEXT_DSZ32(0x00008418) U5ebe: 01508c440271 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U318c) 09271180 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U5ec0: 000802030008 tmp0:= ZEROEXT_DSZ32(0x00000002) 01e0aa10 SEQW SAVEUIP0 U5ec1 SEQW GOTO U60aa U5ec1: 004353000200 WRITEURAM(0x00000000, 0x0053, 64) U5ec2: 00634e03e200 tmp14:= READURAM(0x004e, 64) U5ec4: 00632c036200 tmp6:= READURAM(0x002c, 64) U5ec5: 000c14100200 SAVEUIP(0x00, U0414) 052bcc40 SEQW GOTO U2bcc ------------------------------------------------------------------------------------ U5ec6: 00421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U5ec8: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01be0600 ? SEQW GOTO U3e06 U5ec9: 006311030200 tmp0:= READURAM(0x0011, 64) U5eca: 0e25c8070c0c tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp0, 0x000004c8, mode=0x01) U5ecc: 286acd7902b0 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000009, U5ecd) 043e0600 SEQW GOTO U3e06 ------------------------------------------------------------------------------------ U5ecd: 000902030008 tmp0:= MOVE_DSZ32(0x00000002) U5ece: 001510030230 tmp0:= BTS_DSZ32(tmp0, 0x00000010) U5ed0: 20631f034200 LFNCEWAIT-> tmp4:= READURAM(0x001f, 64) U5ed1: 000707034d08 tmp4:= NOTAND_DSZ32(0x00000007, tmp4) U5ed2: 000100034d74 tmp4:= OR_DSZ32(tmp4, tmp5) U5ed4: 20431f080234 WRITEURAM(tmp4, 0x001f, 32) 019f9000 SEQW GOTO do_smm_vmexit ------------------------------------------------------------------------------------ rc4_decrypt: U5ed5: 00c001030c08 tmp0:= ADD_DSZ8(0x00000001, tmp0) U5ed6: 0ee500032c37 tmp2:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp0) U5ed8: 00c000031c72 tmp1:= ADD_DSZ8(tmp2, tmp1) U5ed9: 0ee500033c77 tmp3:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp1) U5eda: 0eed00033c37 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp0, tmp3) U5edc: 0eed00032c77 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp1, tmp2) U5edd: 00c000032cb3 tmp2:= ADD_DSZ8(tmp3, tmp2) U5ede: 0ee500032cb7 tmp2:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp7, tmp2) U5ee0: 0ee500073035 tmp3:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp5, mode=0x01) U5ee1: 00c600033cf2 tmp3:= XOR_DSZ8(tmp2, tmp3) U5ee2: 0eed00073035 STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp5, mode=0x01, tmp3) U5ee4: 004001035d48 tmp5:= ADD_DSZ64(0x00000001, tmp5) U5ee5: 000501036d88 tmp6:= SUB_DSZ32(0x00000001, tmp6) U5ee6: 015000000e36 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp6, tmp8) 01ded580 SEQW GOTO rc4_decrypt ------------------------------------------------------------------------------------ U5ee8: 000000000000 NOP 018bc914 SEQW SAVEUIP1 U5ee9 SEQW GOTO write_port_4c U5ee9: 2d0b18037008 tmp7:= PORTIN_DSZ32_ASZ16_SC1(0x00000018) U5eea: 000501037dc8 tmp7:= SUB_DSZ32(0x00000001, tmp7) U5eec: 000500037df5 tmp7:= SUB_DSZ32(tmp5, tmp7) U5eed: 2d0f18037008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, tmp7) U5eee: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) 01b04e80 SEQW GOTO uret0 ------------------------------------------------------------------------------------ U5ef0: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01b7d200 ? SEQW GOTO U37d2 U5ef1: 0207cf031010 tmp1:= unk_207(0x00180000) U5ef2: 000400031df1 tmp1:= AND_DSZ32(tmp1, tmp7) U5ef4: 0005cf031c50 tmp1:= SUB_DSZ32(0x00180000, tmp1) U5ef5: 0150111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) U5ef6: 2042fe1c0237 MOVETOCREG_DSZ64(tmp7, CORE_CR_EFLAGS) U5ef8: 286aea78033a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000011, U1eea) 019eea00 SEQW GOTO U1eea ------------------------------------------------------------------------------------ U5ef9: 39629dc80200 MOVETOCREG_BTS_DSZ64(0x00000003, 0x29d) U5efa: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U5efc: 10628f0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x38f, 32) U5efd: 186ac8ec0231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000003, U2bc8) U5efe: 0008c62f0009 tmp0:= ZEROEXT_DSZ32(0x00002bc6) U5f00: 20430d080230 WRITEURAM(tmp0, 0x000d, 32) U5f01: 0001c0032c88 tmp2:= OR_DSZ32(0x000000c0, tmp2) U5f02: 006335031200 tmp1:= READURAM(0x0035, 64) U5f04: 001407031231 tmp1:= BT_DSZ32(tmp1, 0x00000007) U5f05: 003302031231 tmp1:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00000002) U5f06: 2902c5180c72 MOVETOCREG_OR_DSZ64(tmp2, tmp1, 0x6c5) U5f08: 00635c030200 tmp0:= READURAM(0x005c, 64) U5f09: 286a2e040330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U112e) U5f0a: 00082e47e008 tmp14:= ZEROEXT_DSZ32(0x0000112e) 019ac580 SEQW GOTO U1ac5 ------------------------------------------------------------------------------------ U5f0c: 000d03800000 SAVEUIP_REGOVR(0x01, U5f0d, 0x0003) 04a93100 SEQW GOTO U2931 U5f0d: 006370035200 LFNCEMARK-> tmp5:= READURAM(0x0070, 64) U5f0e: 3962c48b52b5 tmp5:= MOVETOCREG_BTS_DSZ64(tmp5, 0x0000000a, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U5f10: 204370080235 WRITEURAM(tmp5, 0x0070, 32) U5f11: 00e102031c88 tmp1:= CONCAT_DSZ8(0x00000002, tmp2) U5f12: 020301034200 tmp4:= unk_203(0x00000001) U5f14: 01501d3c02b4 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp4, U4f1d) 061a3600 SEQW GOTO U1a36 ------------------------------------------------------------------------------------ U5f15: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U5f16: 000821030008 tmp0:= ZEROEXT_DSZ32(0x00000021) U5f18: 00630b03c200 tmp12:= READURAM(0x000b, 64) U5f19: 00151f030230 tmp0:= BTS_DSZ32(tmp0, 0x0000001f) U5f1a: 20435700023c WRITEURAM(tmp12, 0x0057, 64) U5f1c: 204305080230 WRITEURAM(tmp0, 0x0005, 32) U5f1d: 0e2d3c030f0a LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x0000023c, tmp0) U5f1e: 0e6d80031f0a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000280, tmp1) U5f20: 0eff00000000 unk_eff(0x00000000) U5f21: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01d7bd40 ? SEQW GOTO U57bd U5f22: 0001c8030c10 tmp0:= OR_DSZ32(0x00100000, tmp0) U5f24: 29023a180280 MOVETOCREG_OR_DSZ64(0x00000008, 0x63a) U5f25: 29023ed80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x63e) U5f26: 0dff02000000 LFNCEWTMRK-> unk_dff(0x00000000) 0757c180 SEQW GOTO U57c1 ------------------------------------------------------------------------------------ U5f28: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01df2e00 ? SEQW GOTO U5f2e U5f29: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U5f2a: 006311036200 tmp6:= READURAM(0x0011, 64) U5f2c: 0e65c8076d8c tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, 0x000004c8, mode=0x01) U5f2d: 086ade1c0d36 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp6, tmp4, U07de) U5f2e: 100a02800200 TESTUSTATE(SYS, !UST_USER_MODE) 088000ca ? SEQW URET0 U5f30: 000000000000 NOP 01a71100 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U5f31: 125600000000 unk_256(0x00000000) U5f32: 2042f01c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f0) U5f34: 204201040200 MOVETOCREG_DSZ64(0x00000000, 0x101) U5f35: 00087f03a008 tmp10:= ZEROEXT_DSZ32(0x0000007f) U5f36: 20420204023a MOVETOCREG_DSZ64(tmp10, 0x102) U5f38: 2042b1000200 MOVETOCREG_DSZ64(0x00000000, 0x0b1) U5f39: 204352000200 WRITEURAM(0x00000000, 0x0052, 64) U5f3a: 204280000200 MOVETOCREG_DSZ64(0x00000000, 0x080) U5f3c: 204281000200 MOVETOCREG_DSZ64(0x00000000, 0x081) U5f3d: 204282000200 MOVETOCREG_DSZ64(0x00000000, 0x082) U5f3e: 204283000200 MOVETOCREG_DSZ64(0x00000000, 0x083) U5f40: 00633a03a200 tmp10:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U5f41: 00552003a23a tmp10:= BTS_DSZ64(tmp10, 0x00000020) U5f42: 20433a00023a LFNCEMARK-> WRITEURAM(tmp10, FSCP_CR_IA32_FEATURE_CTL, 64) 050000ce SEQW URET1 ------------------------------------------------------------------------------------ U5f44: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01eafd00 ? SEQW GOTO U6afd U5f45: 000cfda802c0 SAVEUIP(0x01, U6afd) U5f46: 006357016200 tmpv2:= READURAM(0x0057, 64) U5f48: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01df4a00 ? SEQW GOTO U5f4a U5f49: 004800016030 tmpv2:= ZEROEXT_DSZ64(tmp0) U5f4a: 00c873016588 tmpv2:= ZEROEXT_DSZ8(0x00000073, tmpv2) U5f4c: 000c74180200 SAVEUIP(0x00, U0674) 01f6d800 SEQW GOTO U76d8 ------------------------------------------------------------------------------------ U5f4d: 00633f030200 tmp0:= READURAM(0x003f, 64) U5f4e: 3042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U5f50: 39a2da0803b0 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000018, 0x2da) U5f51: 29a208000630 LFNCEMARK-> MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x008) U5f52: 000c21f80280 SAVEUIP(0x01, U5e21) 04ec8692 SEQW SAVEUIP0 U5f54 SEQW GOTO U6c86 U5f54: 00630703e200 tmp14:= READURAM(0x0007, 64) U5f55: 00141703e23e tmp14:= BT_DSZ32(tmp14, 0x00000017) U5f56: 0036816be27e tmp14:= CMOVCC_DSZ32_CONDB(tmp14, 0x00003a81) U5f58: 00080003d000 tmp13:= ZEROEXT_DSZ32(0x00000000) U5f59: 00c501035ec8 tmp5:= SUB_DSZ8(0x00000001, tmp11) U5f5a: 00535c7c02b5 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp5, U5f5c) 0723fc80 SEQW GOTO U23fc ------------------------------------------------------------------------------------ U5f5c: 01310203d235 tmp13:= SELECTCC_DSZ32_CONDNZ(tmp5, 0x00000002) U5f5d: 1042f208027d MOVETOCREG_DSZ64(tmp13, 0x2f2, 32) U5f5e: 000c60700240 SAVEUIP(0x00, U3c60) 01b04880 SEQW GOTO U3048 ------------------------------------------------------------------------------------ U5f60: 100a00000380 TESTUSTATE(SYS, 0xc000) 01b15400 ? SEQW GOTO U3154 U5f61: 00635c030200 tmp0:= READURAM(0x005c, 64) U5f62: 286a25240330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U1925) U5f64: 000848470009 tmp0:= ZEROEXT_DSZ32(0x00003148) U5f65: 0e7d80070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000180, tmp0) U5f66: 006274178200 tmp8:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U5f68: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U5f69: 0e7da0031008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000000a0, tmp1) 01843440 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U5f6a: 0c4b80272000 tmp2:= RDSEGFLD(UNK_SEG_09, SEL) U5f6c: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 0187fe00 ? SEQW GOTO U07fe U5f6d: 0c4b802b2000 tmp2:= RDSEGFLD(SS_USERM, SEL) U5f6e: 0c4b80371000 tmp1:= RDSEGFLD(GS, SEL) U5f70: 1c38fbab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U5f71: 0c4b80331000 tmp1:= RDSEGFLD(FS, SEL) U5f72: 1c38f3ab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_f3, mode=0x0a, tmp1) U5f74: 0c4b802f1000 tmp1:= RDSEGFLD(DS, SEL) U5f75: 1c38ebab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_eb, mode=0x0a, tmp1) U5f76: 0c4b80231000 tmp1:= RDSEGFLD(ES, SEL) U5f78: 1c38e3ab1024 STAD_DSZN_ASZ32_SC1(SS, rsp, IMM_MACRO_e3, mode=0x0a, tmp1) U5f79: 10c0e3824908 rsp:= ADD_DSZN(IMM_MACRO_e3, rsp) 01b40840 SEQW GOTO U3408 ------------------------------------------------------------------------------------ U5f7a: 00633b033200 tmp3:= READURAM(0x003b, 64) U5f7c: 000d12031000 tmp1:= SAVEUIP_REGOVR(0x00, U5f7d, 0x0012) 01b04400 SEQW GOTO U3044 U5f7d: 004000033c73 tmp3:= ADD_DSZ64(tmp3, tmp1) U5f7e: 004500032d73 tmp2:= SUB_DSZ64(tmp3, tmp5) U5f80: 004000033c72 tmp3:= ADD_DSZ64(tmp2, tmp1) U5f81: 0077ff7f37f3 tmp3:= CMOVCC_DSZ64_CONDNB(tmp3, 0xffffffffffffffff) U5f82: 007200033cf2 tmp3:= SELECTCC_DSZ64_CONDB(tmp2, tmp3) U5f84: 006387032200 tmp2:= READURAM(0x0087, 64) U5f85: 000800032032 tmp2:= ZEROEXT_DSZ32(tmp2) U5f86: 015600033cc0 tmp3:= unk_156(tmp3) U5f88: 026600033cf2 tmp3:= unk_266(tmp2, tmp3) U5f89: 015400000cc0 unk_154(tmp3) 01c08c8d SEQW URET1 ------------------------------------------------------------------------------------ U5f8a: 100a2083c200 tmp12:= TESTUSTATE(SYS, !UST_SMM) 01c08c8d ? SEQW GOTO U408c U5f8c: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U5f8d: 0e6500070024 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, mode=0x01) U5f8e: 0e6500076c24 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, tmp0, mode=0x01) U5f90: 0e6508071c24 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(rsp, tmp0, 0x00000008, mode=0x01) U5f91: 2042fe1c0231 MOVETOCREG_DSZ64(tmp1, CORE_CR_EFLAGS) U5f92: 213f00000031 unk_13f(tmp1) U5f94: 0a6f10024c24 LFNCEWAIT-> rsp:= unk_a6f(rsp, tmp0) 02193600 SEQW GOTO U1936 ------------------------------------------------------------------------------------ U5f95: 048000038efa tmm0:= unk_480(tmm2, tmm3) U5f96: 006520035232 tmp5:= SHR_DSZ64(tmp2, 0x00000020) U5f98: 000100032d72 tmp2:= OR_DSZ32(tmp2, tmp5) U5f99: 000100032cf2 tmp2:= OR_DSZ32(tmp2, tmp3) U5f9a: 072a0003303a mm3:= unk_72a(tmm2) U5f9c: 07430003bef3 tmm3:= unk_743(mm3, tmm3) U5f9d: 04820003c03b tmm4:= unk_482(tmm3) U5f9e: 013401032232 tmp2:= CMOVCC_DSZ32_CONDZ(tmp2, 0x00000001) U5fa0: 07430003ee32 tmm6:= unk_743(mm2, tmm0) U5fa1: 04820003ef3e tmm6:= unk_482(tmm6, tmm4) U5fa2: 053f00038e3e tmm0:= unk_53f(tmm6, tmm0) U5fa4: 07e800035038 mm5:= unk_7e8(tmm0) U5fa5: 008102035d48 tmp5:= OR_DSZ16(0x00000002, tmp5) U5fa6: 078200038e35 tmm0:= unk_782(mm5, tmm0) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U5fa8: 100a80814200 tmpv0:= TESTUSTATE(SYS, !UST_VMX_GUEST) 01e5aa00 ? SEQW GOTO U65aa U5fa9: 1062df095240 tmpv1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U5faa: 00540d015215 tmpv1:= BT_DSZ64(tmpv1, 0x0000000d) U5fac: 003300055215 tmpv1:= SELECTCC_DSZ32_CONDNB(tmpv1, 0x00000100) U5fad: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U5fae: 006343015200 tmpv1:= READURAM(0x0043, 64) U5fb0: 005433015215 tmpv1:= BT_DSZ64(tmpv1, 0x00000033) U5fb1: 003200055215 tmpv1:= SELECTCC_DSZ32_CONDB(tmpv1, 0x00000100) U5fb2: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) 01e5aa80 SEQW GOTO U65aa ------------------------------------------------------------------------------------ U5fb4: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 03271100 ? SEQW GOTO generate_#GP U5fb5: 00080103d008 tmp13:= ZEROEXT_DSZ32(0x00000001) U5fb6: 0042cc000010 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000406, 0x000) U5fb8: 0c4b803f2000 tmp2:= RDSEGFLD(TSS, SEL) U5fb9: 0fa0003f2000 tmp2:= LDPPHYS_DSZ16_ASZ32_SC1(mode=0x0f) U5fba: 0f61001b0032 tmp0:= unk_f61(tmp2) U5fbc: 1e7b44000cb0 LFNCEMARK-> unk_e7b(tmp0, tmp2) U5fbd: 0088da07c008 tmp12:= ZEROEXT_DSZ16(0x000001da) U5fbe: 0004f3039e90 tmp9:= AND_DSZ32(0x003f3fd7, tmp10) U5fc0: 20436f035200 tmp5:= WRITEURAM(0x00000000, 0x006f, 64) 01b80100 SEQW GOTO U3801 ------------------------------------------------------------------------------------ U5fc1: 05740003803c tmm0:= unk_574(tmm4) U5fc2: 05740003903f tmm1:= unk_574(tmm7) U5fc4: 06640003de39 tmm5:= unk_664(tmm1, tmm0) U5fc5: 06940003debd tmm5:= unk_694(tmm5, tmm2) U5fc6: 072c0003603d tmp6:= PINTMOVDTMM2I_DSZ32(tmm5) U5fc8: 002508034236 tmp4:= SHR_DSZ32(tmp6, 0x00000008) U5fc9: 0007003f6d88 tmp6:= NOTAND_DSZ32(0x00000f00, tmp6) U5fca: 001410036236 tmp6:= BT_DSZ32(tmp6, 0x00000010) U5fcc: 007600036f76 tmp6:= CMOVCC_DSZ64_CONDB(tmp6, tmp13) U5fcd: 01420a036d80 SYNCMARK-> tmp6:= UFLOWCTRL(URET0, tmp6) U5fce: 00040f034d08 tmp4:= AND_DSZ32(0x0000000f, tmp4) U5fd0: 069d00038e00 tmm0:= unk_69d(tmm0) U5fd1: 069d00039e40 tmm1:= unk_69d(tmm1) U5fd2: 00010003aeb4 SYNCWTMRK-> tmp10:= OR_DSZ32(tmp4, tmp10) 0f0000ca SEQW URET0 ------------------------------------------------------------------------------------ U5fd4: 000a00200200 TESTUSTATE(UCODE, 0x0800) 06dfd600 ? SEQW GOTO U5fd6 U5fd5: 186a11dc07f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000003f, generate_#GP) U5fd6: 006300032e80 tmp2:= READURAM(tmp10) U5fd8: 10080003c03c tmp12:= ZEROEXT_DSZ32N(tmp12) U5fd9: 000147031e10 tmp1:= OR_DSZ32(0x00010000, tmp8) U5fda: 022800031c40 tmp1:= MSR2CR(tmp1) U5fdc: 006c0003cc7c tmp12:= ROL_DSZ64(tmp12, tmp1) U5fdd: 004700032cbc tmp2:= NOTAND_DSZ64(tmp12, tmp2) U5fde: 006c00035c75 tmp5:= ROL_DSZ64(tmp5, tmp1) U5fe0: 004100035d72 tmp5:= OR_DSZ64(tmp2, tmp5) 01b2104c SEQW URET1 ------------------------------------------------------------------------------------ U5fe1: 0052e27c02b5 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp5, U5fe2) 01b2104c SEQW GOTO uend0 ------------------------------------------------------------------------------------ U5fe2: 1062f91f6240 tmp6:= MOVEFROMCREG_DSZ64(0x7f9, 32) U5fe4: 0062fe1f5200 LFNCEWAIT-> tmp5:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U5fe5: 2902050002c0 MOVETOCREG_OR_DSZ64(0x0000000c, 0x005) U5fe6: 000400075d48 tmp5:= AND_DSZ32(0x00000100, tmp5) U5fe8: 002508035235 tmp5:= SHR_DSZ32(tmp5, 0x00000008) U5fe9: 002501036236 tmp6:= SHR_DSZ32(tmp6, 0x00000001) U5fea: 000700035d76 tmp5:= NOTAND_DSZ32(tmp6, tmp5) U5fec: 204270000235 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, 0x070) U5fed: 000900031000 tmp1:= MOVE_DSZ32(0x00000000) 04591440 SEQW GOTO U5914 ------------------------------------------------------------------------------------ U5fee: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U5ff0: 000a10800200 TESTUSTATE(UCODE, !0x0010) 01dff200 ? SEQW GOTO U5ff2 U5ff1: 10800013823b tmp8:= ADD_DSZN(tmp11, 0x00000400) U5ff2: 0c4b20477000 tmp7:= RDSEGFLD(UNK_SEG_11, BASE) U5ff4: 0062011f1200 tmp1:= MOVEFROMCREG_DSZ64(0x701) U5ff5: 00251c031231 tmp1:= SHR_DSZ32(tmp1, 0x0000001c) U5ff6: 000403031c48 tmp1:= AND_DSZ32(0x00000003, tmp1) U5ff8: 004100037df1 tmp7:= OR_DSZ64(tmp1, tmp7) U5ff9: 0c4800637238 STAD_DSZ64_ASZ32_SC1(tmp8, mode=0x18, tmp7) U5ffa: 00634b037200 tmp7:= READURAM(0x004b, 64) U5ffc: 0c4808637238 STAD_DSZ64_ASZ32_SC1(tmp8, 0x00000008, mode=0x18, tmp7) U5ffd: 108040038238 tmp8:= ADD_DSZN(tmp8, 0x00000040) 01e5bc8d SEQW URET1 ------------------------------------------------------------------------------------ U5ffe: 100a00200200 TESTUSTATE(SYS, 0x0800) 01e5bc8d ? SEQW GOTO U65bc U6000: 00620403b200 tmp11:= MOVEFROMCREG_DSZ64(0x004) U6001: 28220503327b SYNCFULL-> tmp3:= MOVETOCREG_AND_DSZ64(tmp11, 0x00000004, 0x005) U6002: 013e20033cc8 tmp3:= MOVEMERGEFLGS_DSZ32(0x00000020, tmp3) U6004: 00140303b23b tmp11:= BT_DSZ32(tmp11, 0x00000003) 01a01214 SEQW SAVEUIP1 U6005 SEQW GOTO U2012 U6005: 00330403b23b tmp11:= SELECTCC_DSZ32_CONDNB(tmp11, 0x00000004) U6006: 013500033ef3 tmp3:= CMOVCC_DSZ32_CONDNZ(tmp3, tmp11) U6008: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U6009: 125600000000 unk_256(0x00000000) U600a: 025e00240cc0LFNCEMARK->MSSTOP-> unk_25e(tmp3) 053dfaae SEQW GOTO check_cpl_uend3 ------------------------------------------------------------------------------------ U600c: 000921000000 ROVR<- MOVE_DSZ32(0x00000000) 0182ba1c SEQW SAVEUIP1 U600d SEQW GOTO U02ba U600d: 2d0bdc43100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000050dc) U600e: 000101031c48 tmp1:= OR_DSZ32(0x00000001, tmp1) U6010: 2d0fdc43100a PORTOUT_DSZ32_ASZ16_SC1(0x000050dc, tmp1) U6011: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U6012: 00635c03f200 tmp15:= READURAM(0x005c, 64) U6014: 086a9e1c02bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000008, U079e) U6015: 0008f9332008 tmp2:= ZEROEXT_DSZ32(0x00000cf9) U6016: 000806031008 tmp1:= ZEROEXT_DSZ32(0x00000006) U6018: 0dcf00031032 PORTOUT_DSZ8_ASZ16_SC1(tmp2, tmp1) 01e6d200 SEQW GOTO U66d2 ------------------------------------------------------------------------------------ U6019: 2928f9390030 CMPUJZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U5ef9) U601a: 00082403f00b tmp15:= ZEROEXT_DSZ32(0x00006024) U601c: 00a1ed03ffc8 tmp15:= CONCAT_DSZ16(0x000000ed, tmp15) U601d: 20430708023f WRITEURAM(tmp15, 0x0007, 32) U601e: 206353030200 tmp0:= READURAM(0x0053, 64) U6020: 286a40a00230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000002, U1840) U6021: 000802033008 tmp3:= ZEROEXT_DSZ32(0x00000002) U6022: 2d0f50033008 SYNCFULL-> PORTOUT_DSZ32_ASZ16_SC1(0x00000050, tmp3) U6024: 2d0b50033008 tmp3:= PORTIN_DSZ32_ASZ16_SC1(0x00000050) U6025: 286a40200233 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000000, U1840) U6026: 1062dc0b3240 tmp3:= MOVEFROMCREG_DSZ64(0x2dc, 32) U6028: 186a05600233 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000001, U2805) U6029: 10629f0b3240 tmp3:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U602a: 186aa8400273 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000005, U20a8) 09602480 SEQW GOTO U6024 ------------------------------------------------------------------------------------ U602c: 000d05800000 SAVEUIP_REGOVR(0x01, U602d, 0x0005) 01b2cd00 SEQW GOTO U32cd U602d: 1062890f5240 tmp5:= MOVEFROMCREG_DSZ64(0x389, 32) U602e: 000703035d48 tmp5:= NOTAND_DSZ32(0x00000003, tmp5) U6030: 1042890f5275 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x389, 32) U6031: 00080003ad7a tmp10:= ZEROEXT_DSZ32(tmp10, tmp5) U6032: 000703035e88 tmp5:= NOTAND_DSZ32(0x00000003, tmp10) U6034: 1042890f5275 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x389, 32) U6035: 00480003ad7a tmp10:= ZEROEXT_DSZ64(tmp10, tmp5) U6036: 1042890c027a MOVETOCREG_DSZ64(tmp10, 0x389, 32) U6038: 396289480200 SYNCFULL-> MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 08216200 SEQW GOTO U2162 ------------------------------------------------------------------------------------ U6039: 008401035cc8 tmp5:= AND_DSZ16(0x00000001, tmp3) U603a: 013400030c74 tmp0:= CMOVCC_DSZ32_CONDZ(tmp4, tmp1) U603c: 00e404032231 tmp2:= SHL_DSZ8(tmp1, 0x00000004) U603d: 00c000020830 rax:= ADD_DSZ8(tmp0, rax) U603e: 013400032cb5 tmp2:= CMOVCC_DSZ32_CONDZ(tmp5, tmp2) U6040: 00fa00030031 tmp0:= SETCC_CONDB(tmp1) U6041: 00c000020832 rax:= ADD_DSZ8(tmp2, rax) U6042: 013400030c34 tmp0:= CMOVCC_DSZ32_CONDZ(tmp4, tmp0) U6044: 002502031234 tmp1:= SHR_DSZ32(tmp4, 0x00000002) U6045: 20c000020800 rax:= ADD_DSZ8(0x00000000, rax) U6046: 008100032c35 tmp2:= OR_DSZ16(tmp5, tmp0) U6048: 008100037c72 tmp7:= OR_DSZ16(tmp2, tmp1) U6049: 003d00037037 tmp7:= MOVEINSERTFLGS_DSZ32(tmp7) U604a: 213e05030008 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000005) U604c: 237d00000df0 GENARITHFLAGS(tmp0, tmp7) 01e05470 SEQW UEND0 ------------------------------------------------------------------------------------ U604d: 200a20000200 TESTUSTATE(VMX, 0x0020) 01e05470 ? SEQW GOTO U6054 U604e: 0005b0039c48 tmp9:= SUB_DSZ32(0x000000b0, tmp1) U6050: 0150d11002f9 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U64d1) U6051: 0005000f9c48 tmp9:= SUB_DSZ32(0x00000300, tmp1) U6052: 0150e20002f9 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U60e2) U6054: 002504039231 tmp9:= SHR_DSZ32(tmp1, 0x00000004) U6055: 000531039e48 tmp9:= SUB_DSZ32(0x00000031, tmp9) U6056: 01511c0002b9 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U401c) U6058: 0e25100392f4 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000310) U6059: 00073c079e50 tmp9:= NOTAND_DSZ32(0x00ffffff, tmp9) U605a: 0e2d100392f4 LFNCEMARK-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000310, tmp9) 0517ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U605c: 004c19e712b5 SYNCWAIT-> tmp1:= SAVEUIP(tmp5, 0x01, U5919) 0a05c410 SEQW SAVEUIP0 U605d SEQW GOTO U05c4 U605d: 006514031235 tmp1:= SHR_DSZ64(tmp5, 0x00000014) U605e: 0150640002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U6064) U6060: 006310032200 tmp2:= READURAM(0x0010, 64) U6061: 006514032232 tmp2:= SHR_DSZ64(tmp2, 0x00000014) U6062: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) 01848496 SEQW SAVEUIP1 U6064 SEQW GOTO U0484 U6064: 386b008802b5 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x0000000a, U3200) U6065: 0041000b1d48 tmp1:= OR_DSZ64(0x00000200, tmp5) U6066: 2d4fe033100a PORTOUT_DSZ64_ASZ16_SC1(0x00004ce0, tmp1) U6068: 00627417e200 tmp14:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U6069: 2d4fd833e00a SYNCFULL-> PORTOUT_DSZ64_ASZ16_SC1(0x00004cd8, tmp14) 08b20040 SEQW GOTO U3200 ------------------------------------------------------------------------------------ U606a: 00635c033200 tmp3:= READURAM(0x005c, 64) U606c: 186a6d810673 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000026, U606d) 01e07000 SEQW GOTO U6070 ------------------------------------------------------------------------------------ U606d: 0062bb1fe200 tmp14:= MOVEFROMCREG_DSZ64(0x7bb) U606e: 286a323902be BTUJB_DIRECT_NOTTAKEN(tmp14, 0x00000008, U5e32) U6070: 000d03800000 SAVEUIP_REGOVR(0x01, U6071, 0x0003) 01a93100 SEQW GOTO U2931 U6071: 0eff00000000 unk_eff(0x00000000) U6072: 000c290c02c0 SAVEUIP(0x00, U6329) U6074: 39628e080200 MOVETOCREG_BTS_DSZ64(0x28e) U6075: 30628e0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x28e, 32) U6076: 186a78410230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U6078) 01e07580 SEQW GOTO U6075 ------------------------------------------------------------------------------------ U6078: 1902d6c80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x2d6) U6079: 1a628e080230 LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp0, 0x28e) 04b8e489 SEQW URET0 ------------------------------------------------------------------------------------ U607a: 100a00000380 TESTUSTATE(SYS, 0xc000) 04b8e489 ? SEQW GOTO U38e4 U607c: 0e25d6038034 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0xffffffffffffffd6) U607d: 006262172200 tmp2:= MOVEFROMCREG_DSZ64(0x562) U607e: 0047ff3f2c88 tmp2:= NOTAND_DSZ64(0x00000fff, tmp2) U6080: 006263177200 tmp7:= MOVEFROMCREG_DSZ64(0x563) U6081: 0047ff3f7dc8 tmp7:= NOTAND_DSZ64(0x00000fff, tmp7) U6082: 00621b175200 tmp5:= MOVEFROMCREG_DSZ64(0x51b) U6084: 00409a03bd50 tmp11:= ADD_DSZ64(0x00040000, tmp5) U6085: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01bb6d40 ? SEQW GOTO U3b6d U6086: 002100030822 tmp0:= CONCAT_DSZ32(rdx, rax) U6088: 104000030c38 tmp0:= ADD_DSZN(tmp8, tmp0) U6089: 204315000230 WRITEURAM(tmp0, 0x0015, 64) 01bb8e40 SEQW GOTO U3b8e ------------------------------------------------------------------------------------ fit_load_end: U608a: 00010703bf08 tmp11:= OR_DSZ32(0x00000007, tmp12) U608c: 286a6839063a BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000020, fit_process_error) 01e0b810 SEQW SAVEUIP0 U608d SEQW GOTO U60b8 U608d: 2dcbc0031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x000000c0) U608e: 001603031231 tmp1:= BTR_DSZ32(tmp1, 0x00000003) U6090: 2dcfc0031008 PORTOUT_DSZ8_ASZ16_SC1(0x000000c0, tmp1) U6091: 000030034e88 tmp4:= ADD_DSZ32(0x00000030, tmp10) U6092: 000c7cc80240 SAVEUIP(0x01, apply_ucode_patch) U6094: 00080b03b008 tmp11:= ZEROEXT_DSZ32(0x0000000b) U6095: 20437308023b WRITEURAM(tmp11, 0x0073, 32) U6096: 0062c51b1200 tmp1:= MOVEFROMCREG_DSZ64(0x6c5) U6098: 002407031231 tmp1:= SHL_DSZ32(tmp1, 0x00000007) U6099: 000104031c48 tmp1:= OR_DSZ32(0x00000004, tmp1) U609a: 204353080231 WRITEURAM(tmp1, 0x0053, 32) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U609c: 006355039200 tmp9:= READURAM(0x0055, 64) 01dcae10 SEQW SAVEUIP0 U609d SEQW GOTO U5cae U609d: 006357034200 tmp4:= READURAM(0x0057, 64) U609e: 20434a000234 WRITEURAM(tmp4, 0x004a, 64) U60a0: 0e6d40034e48 SYNCWAIT-> STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000040, tmp4) U60a1: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 0a60a440 ? SEQW GOTO U60a4 U60a2: 00151d030230 tmp0:= BTS_DSZ32(tmp0, 0x0000001d) U60a4: 204357000239 LFNCEMARK-> WRITEURAM(tmp9, 0x0057, 64) U60a5: 000100030c0e tmp0:= OR_DSZ32(0x0000c000, tmp0) U60a6: 0001c8030c10 tmp0:= OR_DSZ32(0x00100000, tmp0) U60a8: 006371034200 tmp4:= READURAM(0x0071, 64) U60a9: 0e2ddc034e49 LFNCEWAIT-> STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001dc, tmp4) 02ce8240 SEQW GOTO do_vmexit_ovr_enter_rip ------------------------------------------------------------------------------------ U60aa: 206353031200 tmp1:= READURAM(0x0053, 64) U60ac: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U60ad: 004500037c40 tmp7:= SUB_DSZ64(0x00000000, tmp1) U60ae: 01504e400277 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp7, uret0) 018bc996 SEQW SAVEUIP1 U60b0 SEQW GOTO write_port_4c U60b0: 022200037031 tmp7:= unk_222(tmp1) U60b1: 00a100037df7 tmp7:= CONCAT_DSZ16(tmp7, tmp7) U60b2: 00fc00037df0 tmp7:= unk_0fc(tmp0, tmp7) U60b4: 2d0f18037008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, tmp7) U60b5: 2d0f64031008 SYNCFULL-> PORTOUT_DSZ32_ASZ16_SC1(0x00000064, tmp1) U60b6: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) U60b8: 000000000000 NOP 018bc914 SEQW SAVEUIP1 U60b9 SEQW GOTO write_port_4c U60b9: 2d0b18037008 tmp7:= PORTIN_DSZ32_ASZ16_SC1(0x00000018) U60ba: 2d0f4c000008 PORTOUT_DSZ32_ASZ16_SC1(0x0000004c, 0x00000000) U60bc: 0004ff031dc8 tmp1:= AND_DSZ32(0x000000ff, tmp7) U60bd: 01504e400271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, uret0) 01e0b840 SEQW GOTO U60b8 ------------------------------------------------------------------------------------ U60be: 002504031215 tmp1:= SHR_DSZ32(tmpv1, 0x00000004) U60c0: 000100032c49 tmp2:= OR_DSZ32(0x00002000, tmp1) U60c1: 0001310b1432 tmp1:= OR_DSZ32(tmp2, 0xffca5800) U60c2: 023326034436 tmp4:= SELECTCC_DSZ32_CONDNP(tmp6, 0x00008000) U60c4: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U60c5: 00635c034200 tmp4:= READURAM(0x005c, 64) U60c6: 00541a034234 tmp4:= BT_DSZ64(tmp4, 0x0000001a) U60c8: 003226034434 tmp4:= SELECTCC_DSZ32_CONDB(tmp4, 0x00008000) U60c9: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U60ca: 0130e1034436 tmp4:= SELECTCC_DSZ32_CONDZ(tmp6, 0x00200000) U60cc: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U60cd: 0021ff7f1c5f tmp1:= CONCAT_DSZ32(0xffffffffffffffff, tmp1) U60ce: 004400031531 tmp1:= AND_DSZ64(tmp1, tmpv0) U60d0: 004500031c72 tmp1:= SUB_DSZ64(tmp2, tmp1) U60d1: 0151000005b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, tmpv2) 03320c8d SEQW URET1 ------------------------------------------------------------------------------------ U60d2: 100a00000300 LFNCEWAIT-> TESTUSTATE(SYS, 0x8000) 03320c8d ? SEQW GOTO U320c U60d4: 000501034d08 tmp4:= SUB_DSZ32(0x00000001, tmp4) U60d5: 005262040234 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp4, U0162) U60d6: 004010037dc8 LFNCEWAIT-> tmp7:= ADD_DSZ64(0x00000010, tmp7) 03024a96 SEQW SAVEUIP1 U60d8 SEQW GOTO U024a U60d8: 00057903fe08 tmp15:= SUB_DSZ32(0x00000079, tmp8) U60d9: 0150f25c027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U37f2) U60da: 00057a03fe08 tmp15:= SUB_DSZ32(0x0000007a, tmp8) U60dc: 0150f25c027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U37f2) U60dd: 00070103fe08 tmp15:= NOTAND_DSZ32(0x00000001, tmp8) U60de: 0005120bffd0 tmp15:= SUB_DSZ32(0xc0000100, tmp15) U60e0: 0150f25c027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U37f2) U60e1: 000cfd800200 SYNCWAIT-> SAVEUIP(0x01, U00fd) 0ac42a40 SEQW GOTO U442a ------------------------------------------------------------------------------------ U60e2: 0e25000352f4 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000300) U60e4: 0004005fad5d tmp10:= AND_DSZ32(0xffffffffffffb700, tmp5) U60e5: 00069a03ae90 tmp10:= XOR_DSZ32(0x00040000, tmp10) U60e6: 01511c0002ba UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, U401c) U60e8: 000cecdfe208 tmp14:= SAVEUIP(0x01, uend) U60e9: 0004f003ad48 tmp10:= AND_DSZ32(0x000000f0, tmp5) U60ea: 01501c0002ba LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp10, U401c) U60ec: 0004ff030d48 tmp0:= AND_DSZ32(0x000000ff, tmp5) U60ed: 0008000b8008 tmp8:= ZEROEXT_DSZ32(0x00000200) 01adf151 SEQW SAVEUIP0 U60ee SEQW GOTO U2df1 U60ee: 0ee598038f0b tmp8:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp12, 0x00000398) U60f0: 000500039c38 tmp9:= SUB_DSZ32(tmp8, tmp0) U60f1: 013e00039e70 tmp9:= MOVEMERGEFLGS_DSZ32(tmp0, tmp9) U60f2: 013700039e39 tmp9:= CMOVCC_DSZ32_CONDNBE(tmp9, tmp8) U60f4: 0eed980392fc STADPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp12, 0x00000398, tmp9) U60f5: 0e25a0038234 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x000000a0) 01e68a40 SEQW GOTO U668a ------------------------------------------------------------------------------------ U60f6: 00a10f194008 tmpv0:= CONCAT_DSZ16(0x0000060f) U60f8: 000103014214 tmpv0:= OR_DSZ32(tmpv0, 0x00000003) U60f9: 006320015200 tmpv1:= READURAM(0x0020, 64) U60fa: 00e146015215 tmpv1:= CONCAT_DSZ8(tmpv1, 0x00000046) U60fc: 006430015215 tmpv1:= SHL_DSZ64(tmpv1, 0x00000030) U60fd: 0041b419554a tmpv1:= OR_DSZ64(0x000046b4, tmpv1) U60fe: 10622f097240 tmpv3:= MOVEFROMCREG_DSZ64(0x22f, 32) U6100: 186afe010217 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmpv3, 0x00000000, U60fe) U6101: 19022ec80200 MOVETOCREG_OR_DSZ64(0x00000003, 0x22e) U6102: 10422b080255 MOVETOCREG_DSZ64(tmpv1, 0x22b, 32) U6104: 304229080254 MOVETOCREG_DSZ64(tmpv0, 0x229, 32) U6105: 30622f097240 tmpv3:= MOVEFROMCREG_DSZ64(0x22f, 32) U6106: 186a05050217 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmpv3, 0x00000000, U6105) U6108: 10422e080240 MOVETOCREG_DSZ64(0x00000000, 0x22e, 32) U6109: 30622d096240 tmpv2:= MOVEFROMCREG_DSZ64(0x22d, 32) 01e11589 SEQW URET0 ------------------------------------------------------------------------------------ U610a: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01e11589 ? SEQW GOTO U6115 U610c: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U610d: 002100035f39 tmp5:= CONCAT_DSZ32(tmp9, tmp12) U610e: 004309000235 WRITEURAM(tmp5, 0x0009, 64) U6110: 0902050002c0 MOVETOCREG_OR_DSZ64(0x0000000c, 0x005) U6111: 00e104031c88 tmp1:= CONCAT_DSZ8(0x00000004, tmp2) U6112: 096272400340 MOVETOCREG_BTS_DSZ64(0x00000015, 0x072) U6114: 004346000231 WRITEURAM(tmp1, 0x0046, 64) U6115: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U6116: 0fa0663f5000 tmp5:= LDPPHYS_DSZ16_ASZ32_SC1(0x00000066, mode=0x0f) U6118: 002503037232 tmp7:= SHR_DSZ32(tmp2, 0x00000003) U6119: 0fe0e03f7df5 LFNCEMARK-> tmp7:= LDPPHYS_DSZ8_ASZ32_SC1(tmp5, tmp7, 0xffffffffffffffe0, mode=0x0f) U611a: 000407035c88 tmp5:= AND_DSZ32(0x00000007, tmp2) 048000ca SEQW URET0 ------------------------------------------------------------------------------------ U611c: 00150c030230 tmp0:= BTS_DSZ32(tmp0, 0x0000000c) 01863c10 SEQW SAVEUIP0 U611d SEQW GOTO U063c U611d: 186a26450330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000011, U6126) U611e: 00635703c200 tmp12:= READURAM(0x0057, 64) U6120: 00543e03b23b tmp11:= BT_DSZ64(tmp11, 0x0000003e) U6121: 0ee59c035f0b tmp5:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp12, 0x0000039c) U6122: 0032ff7ff7fb tmp15:= SELECTCC_DSZ32_CONDB(tmp11, 0xffffffffffffffff) U6124: 000100035d7f tmp5:= OR_DSZ32(tmp15, tmp5) U6125: 29281e150cb5 CMPUJZ_DIRECT_NOTTAKEN(tmp5, tmp2, U551e) U6126: 0004ff032c88 tmp2:= AND_DSZ32(0x000000ff, tmp2) U6128: 00151f032232 tmp2:= BTS_DSZ32(tmp2, 0x0000001f) U6129: 000800034000 tmp4:= ZEROEXT_DSZ32(0x00000000) 01dc8a40 SEQW GOTO U5c8a ------------------------------------------------------------------------------------ U612a: 002100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U612c: 0e7d0003003c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp0) U612d: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U612e: 002100032cb3 tmp2:= CONCAT_DSZ32(tmp3, tmp2) U6130: 0e7d0003203c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp2) U6131: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U6132: 002100034d35 tmp4:= CONCAT_DSZ32(tmp5, tmp4) U6134: 0e7d0003403c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp4) U6135: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U6136: 002100036db7 tmp6:= CONCAT_DSZ32(tmp7, tmp6) U6138: 0e7d0003603c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp6) U6139: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U613a: 002100038e39 tmp8:= CONCAT_DSZ32(tmp9, tmp8) U613c: 0e7d0003803c STADSTGBUF_DSZ64_ASZ16_SC1(tmp12, tmp8) U613d: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) 01db0589 SEQW URET0 ------------------------------------------------------------------------------------ U613e: 100ac2800200 TESTUSTATE(SYS, !UST_USER_MODE | UST_VMX_DUAL_MON | UST_VMX_GUEST) 01db0589 ? SEQW GOTO U5b05 U6140: 00082e130008 tmp0:= ZEROEXT_DSZ32(0x0000042e) U6141: 000c05ec0280 SAVEUIP(0x01, U5b05) U6142: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71180 ? SEQW GOTO generate_#GP U6144: 200a40000200 TESTUSTATE(VMX, 0x0040) 018000cc ? SEQW URET1 U6145: 00634303f200 tmp15:= READURAM(0x0043, 64) U6146: 086bde9c063f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000022, U07de) U6148: 000c82380280 SAVEUIP(0x00, do_vmexit_ovr_enter_rip) U6149: 004810833008 tmp3:= ZEROEXT_DSZ64(IMM_MACRO_ALIAS_INSTRUCTION) U614a: 188f0083b000 tmp11:= unk_88f(0x00000000) U614c: 10880003b03b tmp11:= ZEROEXT_DSZ16N(tmp11) U614d: 005422031233 tmp1:= BT_DSZ64(tmp3, 0x00000022) U614e: 007300031ef1 tmp1:= SELECTCC_DSZ64_CONDNB(tmp1, tmp11) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U6150: 000501033d48 tmp3:= SUB_DSZ32(0x00000001, tmp5) 01b2cd14 SEQW SAVEUIP1 U6151 SEQW GOTO U32cd U6151: 0032bd032233 tmp2:= SELECTCC_DSZ32_CONDB(tmp3, 0x000000bd) U6152: 017e00032cf2 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp3) U6154: 0135ac032232 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp2, 0x000000ac) U6155: 10628f0f1240 tmp1:= MOVEFROMCREG_DSZ64(0x38f, 32) U6156: 0007bd031c48 tmp1:= NOTAND_DSZ32(0x000000bd, tmp1) U6158: 000180032c88 tmp2:= OR_DSZ32(0x00000080, tmp2) U6159: 19028f0c0cb1 MOVETOCREG_OR_DSZ64(tmp1, tmp2, 0x38f) U615a: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) U615c: 006204071200 tmp1:= MOVEFROMCREG_DSZ64(0x104) U615d: 0047e1031c50 tmp1:= NOTAND_DSZ64(0x00200000, tmp1) U615e: 0032e1032433 tmp2:= SELECTCC_DSZ32_CONDB(tmp3, 0x00200000) U6160: 090204040cb1 MOVETOCREG_OR_DSZ64(tmp1, tmp2, 0x104) 01b23000 SEQW GOTO U3230 ------------------------------------------------------------------------------------ U6161: 000807036008 tmp6:= ZEROEXT_DSZ32(0x00000007) U6162: 204348080236 WRITEURAM(tmp6, 0x0048, 32) U6164: 004020037dc8 tmp7:= ADD_DSZ64(0x00000020, tmp7) U6165: 0e2d00030037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp0) U6166: 0e2d04031037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000004, tmp1) U6168: 0e2d08032037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000008, tmp2) U6169: 0e2d0c033037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000000c, tmp3) U616a: 0e2d10034037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000010, tmp4) U616c: 0e2d14038037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000014, tmp8) U616d: 0e2d18039037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000018, tmp9) U616e: 0e2d1c03a037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000001c, tmp10) U6170: 004540035d48 tmp5:= SUB_DSZ64(0x00000040, tmp5) U6171: 000801036008 tmp6:= ZEROEXT_DSZ32(0x00000001) U6172: 0088fd5fb00a tmp11:= ZEROEXT_DSZ16(0x000057fd) U6174: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0da00 SEQW GOTO calc_sha256_update ------------------------------------------------------------------------------------ U6175: 06a04603a000 tmp10:= unk_6a0(0x00000000) U6176: 068a0003beb8 tmp11:= FCOM2(tmp8, tmp10) U6178: 076a0003103b mm1:= unk_76a(tmm3) U6179: 003d00031031 tmp1:= MOVEINSERTFLGS_DSZ32(tmp1) U617a: 01526c180231 UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp1, U066c) U617c: 07ea00030038 mm0:= unk_7ea(tmm0) U617d: 000543031c10 tmp1:= SUB_DSZ32(0x0000fffc, tmp0) U617e: 0350656c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, U5b65) U6180: 06a04003a000 tmp10:= unk_6a0(0x00000000) U6181: 06c90003ceb8 tmm4:= unk_6c9(tmm0, tmm2) U6182: 05be0003af00 tmm2:= unk_5be(tmm4) U6184: 07a80003803c tmm0:= unk_7a8(tmm4) U6185: 06490003bebc tmm3:= unk_649(tmm4, tmm2) U6186: 04940003de80 tmm5:= unk_494(tmm2) U6188: 06490003cf7c tmm4:= unk_649(tmm4, tmm5) 01ee9d00 SEQW GOTO U6e9d ------------------------------------------------------------------------------------ U6189: 00634703f200 tmp15:= READURAM(0x0047, 64) U618a: 00080003803f tmp8:= ZEROEXT_DSZ32(tmp15) U618c: 09a2c518063f SYNCMARK-> MOVETOCREG_SHR_DSZ64(tmp15, 0x00000020, 0x6c5) U618d: 05ba01039fc0 tmm1:= unk_5ba(tmm7) U618e: 05ba0003afc0 tmm2:= unk_5ba(tmm7) U6190: 05ba01038f80 tmm0:= unk_5ba(tmm6) U6191: 05ba0003cf80 tmm4:= unk_5ba(tmm6) U6192: 072f0003503a mm5:= unk_72f(tmm2) U6194: 072f0003b039 tmm3:= unk_72f(tmm1) U6195: 004800037030 tmp7:= ZEROEXT_DSZ64(tmp0) U6196: 00634f03a200 tmp10:= READURAM(0x004f, 64) U6198: 00630b03c200 tmp12:= READURAM(0x000b, 64) U6199: 017e0003cc3c tmp12:= MOVEMERGEFLGS_DSZ64(tmp12, tmp0) U619a: 00634e033200 tmp3:= READURAM(0x004e, 64) U619c: 00634303e200 SYNCWAIT-> tmp14:= READURAM(0x0043, 64) 0a4ded00 SEQW GOTO U4ded ------------------------------------------------------------------------------------ U619d: 00010003befc tmp11:= OR_DSZ32(tmp12, tmp11) U619e: 0008ff7f901d tmp9:= ZEROEXT_DSZ32(0xffffffffffffbfff) U61a0: 0021df7f97f9 tmp9:= CONCAT_DSZ32(tmp9, 0xffffffffffffffdf) U61a1: 000820037008 tmp7:= ZEROEXT_DSZ32(0x00000020) U61a2: 00080f038008 tmp8:= ZEROEXT_DSZ32(0x0000000f) U61a4: 1062c40b5240 tmp5:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U61a5: 1062da0b6240 tmp6:= MOVEFROMCREG_DSZ64(0x2da, 32) U61a6: 002418036236 tmp6:= SHL_DSZ32(tmp6, 0x00000018) U61a8: 000100036db5 tmp6:= OR_DSZ32(tmp5, tmp6) U61a9: 006208035200 tmp5:= MOVEFROMCREG_DSZ64(0x008) U61aa: 002100036db5 tmp6:= CONCAT_DSZ32(tmp5, tmp6) U61ac: 20433f000236 WRITEURAM(tmp6, 0x003f, 64) U61ad: 3962f3480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x2f3) U61ae: 000c48c00240 SAVEUIP(0x01, U3048) U61b0: 000c755402c0 SAVEUIP(0x00, U7575) 01e69d00 SEQW GOTO U669d ------------------------------------------------------------------------------------ U61b1: 00210b03b008 tmp11:= CONCAT_DSZ32(0x0000000b) U61b2: 20437300023b WRITEURAM(tmp11, 0x0073, 64) U61b4: 00087b031010 tmp1:= ZEROEXT_DSZ32(0x00030000) U61b5: 00087c032010 tmp2:= ZEROEXT_DSZ32(0x00030012) U61b6: 000c06100280 SAVEUIP(0x00, U4406) 01a7c196 SEQW SAVEUIP1 U61b8 SEQW GOTO uarch_bufs_ldat_init U61b8: 00080403b008 tmp11:= ZEROEXT_DSZ32(0x00000004) U61b9: 20437308023b WRITEURAM(tmp11, 0x0073, 32) U61ba: 2062301b2200 SYNCFULL-> tmp2:= MOVEFROMCREG_DSZ64(0x630) U61bc: 0004ff3f2c88 tmp2:= AND_DSZ32(0x00000fff, tmp2) U61bd: 0150be0402f2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U61be) 01e1ba40 SEQW GOTO U61ba ------------------------------------------------------------------------------------ U61be: 004231180200 MOVETOCREG_DSZ64(0x00000000, 0x631) U61c0: 00080503b008 tmp11:= ZEROEXT_DSZ32(0x00000005) U61c1: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U61c2: 29623a580240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x63a) U61c4: 015d00000f80 SYNCFULL-> UJMP(tmp14) ------------------------------------------------------------------------------------ U61c5: 000ce9440240 SAVEUIP(0x00, U31e9) U61c6: 00e10a031cb3 ROVR<- tmp1:= CONCAT_DSZ8(tmp3, tmp2) 0821789e SEQW SAVEUIP1 U61c8 SEQW GOTO U2178 U61c8: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01e1d088 ? SEQW URET0 U61c9: 004261000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U61ca: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01e1d088 ? SEQW GOTO U61d0 U61cc: 00626503c200 tmp12:= MOVEFROMCREG_DSZ64(0x065) U61cd: 006314030200 tmp0:= READURAM(0x0014, 64) U61ce: 186a30650230 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U6930) U61d0: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) U61d1: 008825035008 tmp5:= ZEROEXT_DSZ16(0x00000025) 01b4c540 SEQW GOTO U34c5 ------------------------------------------------------------------------------------ U61d2: 052b1b03e03e tmp14:= unk_52b(tmp14) U61d4: 052bb103f03f tmp15:= unk_52b(tmp15) U61d5: 05b90003d03e tmm5:= unk_5b9(tmm6) U61d6: 04eef003efbf tmm6:= unk_4ee(tmm7, tmm6) U61d8: 04d70803fffd tmm7:= unk_4d7(tmm5, tmm7) U61d9: 0ece0007e037 tmp14:= unk_ece(tmp7) U61da: 0ece1007f037 tmp15:= unk_ece(tmp7) U61dc: 0e2500030037 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7) U61dd: 0e2504031037 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000004) U61de: 0e2508032037 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000008) U61e0: 0e250c033037 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000000c) U61e1: 0e2510034037 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000010) U61e2: 0e2514038037 tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000014) U61e4: 0e2518039037 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x00000018) U61e5: 0e251c03a037 tmp10:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, 0x0000001c) 01801140 SEQW GOTO sha256_ret ------------------------------------------------------------------------------------ U61e6: 1062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U61e8: 0004a1032c90 tmp2:= AND_DSZ32(0x00070000, tmp2) U61e9: 000100032cba tmp2:= OR_DSZ32(tmp10, tmp2) U61ea: 00635c030200 tmp0:= READURAM(0x005c, 64) U61ec: 005410030230 tmp0:= BT_DSZ64(tmp0, 0x00000010) U61ed: 003200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U61ee: 000812030008 tmp0:= ZEROEXT_DSZ32(0x00000012) U61f0: 00a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U61f1: 3929e42c0032 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3be4) U61f2: 000811030008 tmp0:= ZEROEXT_DSZ32(0x00000011) U61f4: 00a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U61f5: 10629f0b2240 tmp2:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U61f6: 386ae4ec02f2 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000f, U3be4) U61f8: 00630d03e200 tmp14:= READURAM(0x000d, 64) U61f9: 00880003e03e tmp14:= ZEROEXT_DSZ16(tmp14) 01841440 SEQW GOTO U0414 ------------------------------------------------------------------------------------ U61fa: 06240003ce38 tmm4:= unk_624(tmm0, tmm0) U61fc: 072c0003403c tmp4:= PINTMOVDTMM2I_DSZ32(tmm4) U61fd: 06240003be79 tmm3:= unk_624(tmm1, tmm1) U61fe: 072c0003103b tmp1:= PINTMOVDTMM2I_DSZ32(tmm3) U6200: 002502034234 tmp4:= SHR_DSZ32(tmp4, 0x00000002) U6201: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U6202: 000100032d31 tmp2:= OR_DSZ32(tmp1, tmp4) U6204: 00040f032c88 tmp2:= AND_DSZ32(0x0000000f, tmp2) U6205: 072a00033039 mm3:= unk_72a(tmm1) U6206: 002404033233 tmp3:= SHL_DSZ32(tmp3, 0x00000004) U6208: 000100032cb3 tmp2:= OR_DSZ32(tmp3, tmp2) U6209: 07040003e032 tmm6:= unk_704(mm2) U620a: 06200a03e03e tmm6:= unk_620(tmm6) U620c: 072c0003303e tmp3:= PINTMOVDTMM2I_DSZ32(tmm6) U620d: 015d00000cc0 SYNCFULL-> UJMP(tmp3) ------------------------------------------------------------------------------------ U620e: 000c21f80280 SAVEUIP(0x01, U5e21) 08ec8692 SEQW SAVEUIP0 U6210 SEQW GOTO U6c86 U6210: 0062301b2200 tmp2:= MOVEFROMCREG_DSZ64(0x630) U6211: 0004ff3f2c88 tmp2:= AND_DSZ32(0x00000fff, tmp2) U6212: 0151100802f2 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U6210) U6214: 204231180200 MOVETOCREG_DSZ64(0x00000000, 0x631) U6215: 29623a580240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x63a) U6216: 000a28000200 TESTUSTATE(UCODE, 0x0028) 01ddad80 ? SEQW GOTO U5dad U6218: 304221080240 MOVETOCREG_DSZ64(0x00000000, 0x221, 32) U6219: 00013003c008 tmp12:= OR_DSZ32(0x00000030) 0198d055 SEQW SAVEUIP1 U621a SEQW GOTO U18d0 U621a: 000800000000 NOP U621c: 00630f03b200 tmp11:= READURAM(0x000f, 64) 01bc9800 SEQW GOTO U3c98 ------------------------------------------------------------------------------------ U621d: 00a12a0bf2ff tmp15:= CONCAT_DSZ16(tmp15, 0x0000622a) U621e: 20430708023f WRITEURAM(tmp15, 0x0007, 32) U6220: 1062850bf240 tmp15:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6221: 00440013ffc8 tmp15:= AND_DSZ64(0x00000400, tmp15) U6222: 00640603f23f tmp15:= SHL_DSZ64(tmp15, 0x00000006) U6224: 00635c031200 tmp1:= READURAM(0x005c, 64) U6225: 004700031c7f tmp1:= NOTAND_DSZ64(tmp15, tmp1) U6226: 20435c000231 WRITEURAM(tmp1, 0x005c, 64) U6228: 000d10880000 SAVEUIP_REGOVR(0x01, U6229, 0x0210) 09281d00 SEQW GOTO U281d U6229: 0053a60c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp0, U43a6) U622a: 000900000000 SYNCFULL-> MOVE_DSZ32(0x00000000) U622c: 10629d0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x29d, 32) U622d: 086aa60d02ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000c, U43a6) U622e: 386a8a5c02ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000000d, U378a) U6230: 000000000000 NOP U6231: 000000000000 NOP 01e22a40 SEQW GOTO U622a ------------------------------------------------------------------------------------ U6232: 0233000f223e tmp2:= SELECTCC_DSZ32_CONDNP(tmp14, 0x00000300) U6234: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U6235: 01311c03243e tmp2:= SELECTCC_DSZ32_CONDNZ(tmp14, 0x00004000) U6236: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U6238: 00319a03243e tmp2:= SELECTCC_DSZ32_CONDNO(tmp14, 0x00040000) U6239: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U623a: 00330003227e tmp2:= SELECTCC_DSZ32_CONDNB(tmp14, 0x00002000) U623c: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U623d: 00542b032233 tmp2:= BT_DSZ64(tmp3, 0x0000002b) U623e: 003300032332 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00008000) U6240: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U6241: 00633a032200 tmp2:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U6242: 0007b0032432 tmp2:= NOTAND_DSZ32(tmp2, 0x00080001) U6244: 0130e1032432 tmp2:= SELECTCC_DSZ32_CONDZ(tmp2, 0x00200000) U6245: 00070003aeb2 tmp10:= NOTAND_DSZ32(tmp2, tmp10) U6246: 0033af032431 tmp2:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00080000) 01b0e180 SEQW GOTO U30e1 ------------------------------------------------------------------------------------ U6248: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01e24a00 ? SEQW GOTO U624a U6249: 00151503e23e tmp14:= BTS_DSZ32(tmp14, 0x00000015) U624a: 002402032232 tmp2:= SHL_DSZ32(tmp2, 0x00000002) U624c: 00420000023e LFNCEWAIT-> MOVETOCREG_DSZ64(tmp14, 0x000) U624d: 000100439e89 tmp9:= OR_DSZ32(0x00003000, tmp10) U624e: 00250a03823a tmp8:= SHR_DSZ32(tmp10, 0x0000000a) U6250: 02070003be78 tmp11:= unk_207(tmp8, tmp9) U6251: 0004000bbec8 tmp11:= AND_DSZ32(0x00000200, tmp11) U6252: 001609039239 tmp9:= BTR_DSZ32(tmp9, 0x00000009) U6254: 000100039ef9 tmp9:= OR_DSZ32(tmp9, tmp11) U6255: 00085b036010 tmp6:= ZEROEXT_DSZ32(0x00010300) U6256: 0207b4036d90 tmp6:= unk_207(0x00090100, tmp6) U6258: 0f2000030032 LFNCEMARK-> tmp0:= LDPPHYS_DSZ32_ASZ32_SC1(tmp2) 0434d800 SEQW GOTO U34d8 ------------------------------------------------------------------------------------ U6259: 00080003a00a tmp10:= ZEROEXT_DSZ32(0x00004000) U625a: 00a1607ba23a tmp10:= CONCAT_DSZ16(tmp10, 0x00001e60) U625c: 0f6500071f35 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ32_SC1(tmp5, tmp12) U625d: 0d4f0003103a PORTOUT_DSZ64_ASZ16_SC1(tmp10, tmp1) U625e: 00450803ae88 tmp10:= SUB_DSZ64(0x00000008, tmp10) U6260: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01e25c00 SEQW GOTO U625c ------------------------------------------------------------------------------------ U6261: 2d4be033300a tmp3:= PORTIN_DSZ64_ASZ16_SC1(0x00004ce0) U6262: 004100233cc8 tmp3:= OR_DSZ64(0x00000800, tmp3) U6264: 2d4fe033300a PORTOUT_DSZ64_ASZ16_SC1(0x00004ce0, tmp3) U6265: 186ad2410332 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000011, U60d2) U6266: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U6268: 2dcf707b1008 PORTOUT_DSZ8_ASZ16_SC1(0x00001e70, tmp1) U6269: 2dcb707b1008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x00001e70) U626a: 186a69090231 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000000, U6269) U626c: 000801031008 tmp1:= ZEROEXT_DSZ32(0x00000001) U626d: 2dcf747b1008 SYNCFULL-> PORTOUT_DSZ8_ASZ16_SC1(0x00001e74, tmp1) 08e0d240 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U626e: 00635703c200 tmp12:= READURAM(0x0057, 64) U6270: 006213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U6271: 0008ff030008 tmp0:= ZEROEXT_DSZ32(0x000000ff) U6272: 0021004307f0 tmp0:= CONCAT_DSZ32(tmp0, 0xfffffffffffff000) U6274: 004400034d30 tmp4:= AND_DSZ64(tmp0, tmp4) U6275: 0ee598030f0b tmp0:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp12, 0x00000398) U6276: 004800032030 tmp2:= ZEROEXT_DSZ64(tmp0) U6278: 000800078008 tmp8:= ZEROEXT_DSZ32(0x00000100) 01adf110 SEQW SAVEUIP0 U6279 SEQW GOTO U2df1 U6279: 0004f0038c08 tmp8:= AND_DSZ32(0x000000f0, tmp0) U627a: 0e2da0038d08 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x000000a0, tmp8) U627c: 0008000b8008 tmp8:= ZEROEXT_DSZ32(0x00000200) 01dc8d10 SEQW SAVEUIP0 U627d SEQW GOTO U5c8d U627d: 00a408038232 tmp8:= SHL_DSZ16(tmp2, 0x00000008) U627e: 00c100038e39 tmp8:= OR_DSZ8(tmp9, tmp8) U6280: 0ead980382fc STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x00000398, tmp8) U6281: 00621d038200 tmp8:= MOVEFROMCREG_DSZ64(0x01d) U6282: 2a621d400238 MOVETOCREG_BTR_DSZ64(tmp8, 0x00000001, 0x01d) 018000ce SEQW URET1 ------------------------------------------------------------------------------------ U6284: 200a02800200 TESTUSTATE(VMX, !0x0002) 02e28800 ? SEQW GOTO U6288 U6285: 1a62c48b12b0 LFNCEWAIT-> tmp1:= MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000a, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U6286: 204370000231 WRITEURAM(tmp1, 0x0070, 64) U6288: 20430a080230 WRITEURAM(tmp0, 0x000a, 32) U6289: 0062fe1f0200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U628a: 0902c5980200 MOVETOCREG_OR_DSZ64(0x00000002, 0x6c5) U628c: 00010003aeb0 tmp10:= OR_DSZ32(tmp0, tmp10) U628d: 0042ca000010 MOVETOCREG_DSZ64(0x00000016, 0x000) U628e: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01bbfd80 ? SEQW GOTO U3bfd U6290: 02080b831008 tmp1:= unk_208(IMM_MACRO_ALIAS_DATASIZE) U6291: 020704031c48 tmp1:= unk_207(0x00000004, tmp1) U6292: 00050b831c48 tmp1:= SUB_DSZ32(IMM_MACRO_ALIAS_DATASIZE, tmp1) U6294: 0150111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) 01bbfe00 SEQW GOTO U3bfe ------------------------------------------------------------------------------------ U6295: 00650b035231 tmp5:= SHR_DSZ64(tmp1, 0x0000000b) U6296: 004100031cf5 tmp1:= OR_DSZ64(tmp5, tmp3) U6298: 004100031c31 tmp1:= OR_DSZ64(tmp1, tmp0) U6299: 000900000000 MOVE_DSZ32(0x00000000) U629a: 016300035c48 LFNCEWAIT-> tmp5:= unk_163(0x00000000, tmp1) U629c: 002508035235 tmp5:= SHR_DSZ32(tmp5, 0x00000008) U629d: 00429d1c0235 MOVETOCREG_DSZ64(tmp5, 0x79d) U629e: 004379000231 WRITEURAM(tmp1, 0x0079, 64) U62a0: 0009fe07d009 tmp13:= MOVE_DSZ32(0x000021fe) U62a1: 00251103f201 tmp15:= SHR_DSZ32(r64dst, 0x00000011) U62a2: 003d3c13e23f tmp14:= MOVEINSERTFLGS_DSZ32(tmp15, 0x0000043c) U62a4: 003d6407f23f tmp15:= MOVEINSERTFLGS_DSZ32(tmp15, 0x00000164) U62a5: 02360003df7e tmp13:= CMOVCC_DSZ32_CONDP(tmp14, tmp13) U62a6: 00360003df7f tmp13:= CMOVCC_DSZ32_CONDB(tmp15, tmp13) U62a8: 01420a000f40 SYNCFULL-> UFLOWCTRL(URET0, tmp13) U62a9: 000cfe840240 SAVEUIP(0x01, U21fe) 0862ae89 SEQW URET0 ------------------------------------------------------------------------------------ U62aa: 000a20000200 TESTUSTATE(UCODE, 0x0020) 0862ae89 ? SEQW GOTO U62ae U62ac: 0c4800237d67 STAD_DSZ64_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp7) U62ad: 004008035d48 tmp5:= ADD_DSZ64(0x00000008, tmp5) U62ae: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01e2b280 ? SEQW GOTO U62b2 U62b0: 0c0800237d67 STAD_DSZ32_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp7) U62b1: 004004035d48 tmp5:= ADD_DSZ64(0x00000004, tmp5) U62b2: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01e2b680 ? SEQW GOTO U62b6 U62b4: 0c8800237d67 STAD_DSZ16_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp7) U62b5: 004002035d48 tmp5:= ADD_DSZ64(0x00000002, tmp5) U62b6: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01e2b980 ? SEQW GOTO U62b9 U62b8: 0cc800237d67 STAD_DSZ8_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp7) U62b9: 10a40003fca1 tmp15:= SHL_DSZN(rcx, tmp2) U62ba: 1080000279ff rdi:= ADD_DSZN(tmp15, rdi) U62bc: 108800021840 rcx:= ZEROEXT_DSZ16N(rcx) U62bd: 0fff00000000 SYNCWAIT-> SFENCE(0x00000000) 0a8000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U62be: 008000020c31 rax:= ADD_DSZ16(tmp1, tmp0) U62c0: 00a100720809 rax:= CONCAT_DSZ16(0x00003c00, rax) U62c1: 000009030239 tmp0:= ADD_DSZ32(tmp9, 0x00000009) U62c2: 000000030c39 tmp0:= ADD_DSZ32(tmp9, tmp0) U62c4: 022200031033 tmp1:= unk_222(tmp3) U62c5: 002401031231 tmp1:= SHL_DSZ32(tmp1, 0x00000001) U62c6: 000501031c48 tmp1:= SUB_DSZ32(0x00000001, tmp1) U62c8: 013e00031e71 tmp1:= MOVEMERGEFLGS_DSZ32(tmp1, tmp9) U62c9: 013400030c31 tmp0:= CMOVCC_DSZ32_CONDZ(tmp1, tmp0) U62ca: 002416023230 rbx:= SHL_DSZ32(tmp0, 0x00000016) U62cc: 00013f0238c8 rbx:= OR_DSZ32(0x0000003f, rbx) U62cd: 013eff1f2c88 tmp2:= MOVEMERGEFLGS_DSZ32(0x000007ff, tmp2) U62ce: 0037ff0f2232 tmp2:= CMOVCC_DSZ32_CONDNB(tmp2, 0x000003ff) U62d0: 013e3f030e48 tmp0:= MOVEMERGEFLGS_DSZ32(0x0000003f, tmp9) U62d1: 013500021cb0 rcx:= CMOVCC_DSZ32_CONDNZ(tmp0, tmp2) U62d2: 000801022008 rdx:= ZEROEXT_DSZ32(0x00000001) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U62d4: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U62d5: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U62d6: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U62d8: 186bd609023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U62d6) U62d9: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U62da: 186bdcc903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U62dc) 0962d980 SEQW GOTO U62d9 ------------------------------------------------------------------------------------ U62dc: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U62dd: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U62de: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U62e0: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U62e1: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U62e2: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U62e4: 186be5c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U62e5) 0862e200 SEQW GOTO U62e2 ------------------------------------------------------------------------------------ U62e5: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U62e6: 00e10703ffc8 tmp15:= CONCAT_DSZ8(0x00000007, tmp15) U62e8: 00a1c003ffc8 tmp15:= CONCAT_DSZ16(0x000000c0, tmp15) 01f20d00 SEQW GOTO U720d ------------------------------------------------------------------------------------ U62e9: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U62ea: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U62ec: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U62ed: 186bec09023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U62ec) U62ee: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U62f0: 186bf1c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U62f1) 0862ee00 SEQW GOTO U62ee ------------------------------------------------------------------------------------ U62f1: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U62f2: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U62f4: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U62f5: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U62f6: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U62f8: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U62f9: 186bfac903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U62fa) 08e2f840 SEQW GOTO U62f8 ------------------------------------------------------------------------------------ U62fa: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U62fc: 00e10703ffc8 tmp15:= CONCAT_DSZ8(0x00000007, tmp15) U62fd: 00a1c007ffc8 tmp15:= CONCAT_DSZ16(0x000001c0, tmp15) 01ef9240 SEQW GOTO U6f92 ------------------------------------------------------------------------------------ U62fe: 0004000312f1 tmp1:= AND_DSZ32(tmp1, 0x00006000) U6300: 000500031c49 tmp1:= SUB_DSZ32(0x00002000, tmp1) U6301: 0151551002f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U6455) U6302: 025d00031cf3 tmp1:= TEST_DSZ64(tmp3, tmp3) U6304: 0150551002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U6455) U6305: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01e30a40 ? SEQW GOTO U630a U6306: 0c4b800b1000 tmp1:= RDSEGFLD(CS, SEL) U6308: 1e28fbab1024 LFNCEWAIT-> STADPPHYS_DSZN_ASZ64_SC1(rsp, IMM_MACRO_fb, mode=0x0a, tmp1) U6309: 1e28f3ab4024 STADPPHYS_DSZN_ASZ64_SC1(rsp, IMM_MACRO_f3, mode=0x0a, tmp4) U630a: 004000024939 rsp:= ADD_DSZ64(tmp9, rsp) U630c: 025500000cc0 LFNCEWAIT-> FETCHFROMEIP1_ASZ64(tmp3) U630d: 0c4ba0270000 tmp0:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U630e: 0c7ba2000030 WRSEGFLD(tmp0, CS, SEL+FLGS+LIM) U6310: 0c4b20270000 tmp0:= RDSEGFLD(UNK_SEG_09, BASE) U6311: 0c7b22000030 WRSEGFLD(tmp0, CS, BASE) U6312: 005e00000cc0 MJMPTARGET_INDIRECT_ASZ64(tmp3) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U6314: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01a65100 ? SEQW GOTO U2651 U6315: 0c000063003b tmp0:= LDZX_DSZ32_ASZ32_SC1(tmp11, mode=0x18) U6316: 0c000463103b tmp1:= LDZX_DSZ32_ASZ32_SC1(tmp11, 0x00000004, mode=0x18) U6318: 0c400863903b tmp9:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000008, mode=0x18) U6319: 0c401063603b tmp6:= LDZX_DSZ64_ASZ32_SC1(tmp11, 0x00000010, mode=0x18) U631a: 1008ff7f301f tmp3:= ZEROEXT_DSZ32N(0xffffffffffffffff) U631c: 00543f033233 tmp3:= BT_DSZ64(tmp3, 0x0000003f) U631d: 000800038039 tmp8:= ZEROEXT_DSZ32(tmp9) U631e: 017e00039cf9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp3) U6320: 007600038e39 tmp8:= CMOVCC_DSZ64_CONDB(tmp9, tmp8) U6321: 000800039036 tmp9:= ZEROEXT_DSZ32(tmp6) U6322: 017e00036cf6 tmp6:= MOVEMERGEFLGS_DSZ64(tmp6, tmp3) U6324: 007600036e76 tmp6:= CMOVCC_DSZ64_CONDB(tmp6, tmp9) U6325: 00652003a238 tmp10:= SHR_DSZ64(tmp8, 0x00000020) U6326: 00a80003a03a tmp10:= MOVSX_DSZ16(tmp10) U6328: 002100038e3a tmp8:= CONCAT_DSZ32(tmp10, tmp8) 050000c8 SEQW URET0 ------------------------------------------------------------------------------------ U6329: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U632a: 00421a1c0230 LFNCEMARK-> MOVETOCREG_DSZ64(tmp0, 0x71a) U632c: 000a00100200 TESTUSTATE(UCODE, 0x0400) 01e33200 ? SEQW GOTO U6332 U632d: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U632e: 014300300c00 AETTRACE(0x0c, tmp0) U6330: 004ca87f2280 tmp2:= SAVEUIP(0x00, U5fa8) U6331: 000d10880000 SAVEUIP_REGOVR(0x01, U6332, 0x0210) 01dca040 SEQW GOTO U5ca0 U6332: 39629e880280 MOVETOCREG_BTS_DSZ64(0x0000000a, 0x29e) U6334: 000800020000 rax:= ZEROEXT_DSZ32(0x00000000) U6335: 0062f61f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U6336: 0004d8070c10 tmp0:= AND_DSZ32(0x60000000, tmp0) U6338: 0042f61c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CR0) U6339: 1062c40b0240 tmp0:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U633a: 00040c230c08 tmp0:= AND_DSZ32(0x0000080c, tmp0) U633c: 000110030c08 tmp0:= OR_DSZ32(0x00000010, tmp0) U633d: 00889e37e009 LFNCEWAIT-> tmp14:= ZEROEXT_DSZ16(0x00002d9e) 02cf4c40 SEQW GOTO U4f4c ------------------------------------------------------------------------------------ U633e: 186b41cd02b3 BTUJNB_DIRECT_NOTTAKEN(tmp3, 0x0000000b, U6341) U6340: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) 01d91910 SEQW SAVEUIP0 U6341 SEQW GOTO U5919 U6341: 000700232c88 tmp2:= NOTAND_DSZ32(0x00000800, tmp2) U6342: 000400032cb3 tmp2:= AND_DSZ32(tmp3, tmp2) U6344: 0021ff033cc8 tmp3:= CONCAT_DSZ32(0x000000ff, tmp3) U6345: 006213171200 tmp1:= MOVEFROMCREG_DSZ64(0x513) U6346: 00652003d231 tmp13:= SHR_DSZ64(tmp1, 0x00000020) U6348: 0004ff7fef4f tmp14:= AND_DSZ32(0x0000ffff, tmp13) U6349: 002100031c7e tmp1:= CONCAT_DSZ32(tmp14, tmp1) U634a: 00440003ec73 tmp14:= AND_DSZ64(tmp3, tmp1) U634c: 004500032cbe tmp2:= SUB_DSZ64(tmp14, tmp2) U634d: 000700233233 tmp3:= NOTAND_DSZ32(tmp3, 0x00000800) U634e: 004100032cb3 tmp2:= OR_DSZ64(tmp3, tmp2) U6350: 204200000eb5 LFNCEMARK-> MOVETOCREG_DSZ64(tmp5, tmp10) U6351: 000701033231 tmp3:= NOTAND_DSZ32(tmp1, 0x00000001) U6352: 004100032cb3 tmp2:= OR_DSZ64(tmp3, tmp2) U6354: 0150bc140232 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U05bc) 0460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U6355: 07ea00031038 mm1:= unk_7ea(tmm0) U6356: 186af1a80236 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000002, U2af1) U6358: 008837035010 tmp5:= ZEROEXT_DSZ16(0x0000fc01) U6359: 00053703b431 tmp11:= SUB_DSZ32(tmp1, 0x0000fc01) U635a: 07c20003c03b tmm4:= unk_7c2(tmm3) U635c: 07c200038e00 tmm0:= unk_7c2(tmm0) U635d: 06aa00038f38 tmm0:= unk_6aa(tmm0, tmm4) U635e: 266e00038038 LFNCEMARK-> tmm0:= unk_66e(tmm0) U6360: 07e800032038 mm2:= unk_7e8(tmm0) U6361: 00c404032c88 tmp2:= AND_DSZ8(0x00000004, tmp2) U6362: 0151c46802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U5ac4) U6364: 07c200038e00 tmm0:= unk_7c2(tmm0) U6365: 186a6a0d02b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000008, U636a) U6366: 076a00030038 mm0:= unk_76a(tmm0) U6368: 00c410030c08 tmp0:= AND_DSZ8(0x00000010, tmp0) U6369: 015036480230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U1236) U636a: 00811003cf08 tmp12:= OR_DSZ16(0x00000010, tmp12) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U636c: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01e37900 ? SEQW GOTO U6379 U636d: 0004e03f4c88 tmp4:= AND_DSZ32(0x00000fe0, tmp2) U636e: 3042dd080274 MOVETOCREG_DSZ64(tmp4, 0x2dd, 32) U6370: 006324034200 tmp4:= READURAM(0x0024, 64) U6371: 000849030010 tmp0:= ZEROEXT_DSZ32(0x00010004) U6372: 000100030c09 tmp0:= OR_DSZ32(0x00002000, tmp0) U6374: 002505031232 tmp1:= SHR_DSZ32(tmp2, 0x00000005) U6375: 00080003a000 tmp10:= ZEROEXT_DSZ32(0x00000000) U6376: 000400034d31 tmp4:= AND_DSZ32(tmp1, tmp4) U6378: 0151957c0234 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U1f95) U6379: 0004a8074c90 tmp4:= AND_DSZ32(0x200fffff, tmp2) U637a: 3042dd080274 SYNCMARK-> MOVETOCREG_DSZ64(tmp4, 0x2dd, 32) U637c: 0004b6034c90 tmp4:= AND_DSZ32(0x000c0000, tmp2) U637d: 000805030008 tmp0:= ZEROEXT_DSZ32(0x00000005) U637e: 01519e1c0234 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U079e) U6380: 000806030008 tmp0:= ZEROEXT_DSZ32(0x00000006) U6381: 086a9e1c0332 SYNCWAIT-> BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000010, U079e) 0ade9140 SEQW GOTO U5e91 ------------------------------------------------------------------------------------ U6382: 00635703c200 tmp12:= READURAM(0x0057, 64) U6384: 0e2d04031f08 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000004, tmp1) U6385: 290205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U6386: 0008bf03f008 tmp15:= ZEROEXT_DSZ32(0x000000bf) U6388: 20420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U6389: 204314000200 WRITEURAM(0x00000000, 0x0014, 64) U638a: 2042c0180200 MOVETOCREG_DSZ64(0x00000000, 0x6c0) U638c: 0eff00000000 unk_eff(0x00000000) U638d: 20421d000200 MOVETOCREG_DSZ64(0x00000000, 0x01d) U638e: 00637003f200 tmp15:= READURAM(0x0070, 64) U6390: 0008155bc00f tmp12:= ZEROEXT_DSZ32(0x0000f615) U6391: 00214d0bcf10 tmp12:= CONCAT_DSZ32(0x00020800, tmp12) U6392: 00410003fffc tmp15:= OR_DSZ64(tmp12, tmp15) U6394: 20437000023f WRITEURAM(tmp15, 0x0070, 64) U6395: 00631f03f200 tmp15:= READURAM(0x001f, 64) U6396: 00552f03f23f tmp15:= BTS_DSZ64(tmp15, 0x0000002f) U6398: 20431f00023f SYNCMARK-> WRITEURAM(tmp15, 0x001f, 64) 0c2e5000 SEQW GOTO U2e50 ------------------------------------------------------------------------------------ U6399: 0d0b00035034 tmp5:= PORTIN_DSZ32_ASZ16_SC1(tmp4) U639a: 0e651003a038 tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000010) U639c: 00400003aeb5 tmp10:= ADD_DSZ64(tmp5, tmp10) U639d: 0e6d1003a038 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000010, tmp10) U639e: 0ea51a03a038 tmp10:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp8, 0x0000001a) U63a0: 00800103ae88 tmp10:= ADD_DSZ16(0x00000001, tmp10) U63a1: 0ead1a03a038 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp8, 0x0000001a, tmp10) U63a2: 000020038e08 tmp8:= ADD_DSZ32(0x00000020, tmp8) U63a4: 000400036d8e LFNCEMARK-> tmp6:= AND_DSZ32(0x0000c000, tmp6) U63a5: 0151a60c02f6 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp6, U63a6) 0457e440 SEQW GOTO U57e4 ------------------------------------------------------------------------------------ U63a6: 2d0bcc43700a tmp7:= PORTIN_DSZ32_ASZ16_SC1(0x000050cc) U63a8: 000400036d8c tmp6:= AND_DSZ32(0x00008000, tmp6) U63a9: 017e00038db8 tmp8:= MOVEMERGEFLGS_DSZ64(tmp8, tmp6) U63aa: 013400038df8 tmp8:= CMOVCC_DSZ32_CONDZ(tmp8, tmp7) U63ac: 2d0fd043800a PORTOUT_DSZ32_ASZ16_SC1(0x000050d0, tmp8) U63ad: 00151e031200 tmp1:= BTS_DSZ32(0x00000000, 0x0000001e) U63ae: 2d0fc843100a PORTOUT_DSZ32_ASZ16_SC1(0x000050c8, tmp1) 01d50280 SEQW GOTO U5502 ------------------------------------------------------------------------------------ U63b0: 1e7b8903bc70 LFNCEMARK-> tmp11:= unk_e7b(tmp0, tmp1) U63b1: 00211f031008 tmp1:= CONCAT_DSZ32(0x0000001f) U63b2: 004700030c31 tmp0:= NOTAND_DSZ64(tmp1, tmp0) U63b4: 005000000efb LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, tmp11) U63b5: 00651f038230 tmp8:= SHR_DSZ64(tmp0, 0x0000001f) U63b6: 0007000b8238 tmp8:= NOTAND_DSZ32(tmp8, 0x00000200) U63b8: 000700032df8 tmp2:= NOTAND_DSZ32(tmp8, tmp7) U63b9: 00073f037f88 tmp7:= NOTAND_DSZ32(0x0000003f, tmp14) U63ba: 000108037dc8 tmp7:= OR_DSZ32(0x00000008, tmp7) U63bc: 000403038d88 tmp8:= AND_DSZ32(0x00000003, tmp6) U63bd: 013001038238 tmp8:= SELECTCC_DSZ32_CONDZ(tmp8, 0x00000001) U63be: 00652003c230 tmp12:= SHR_DSZ64(tmp0, 0x00000020) U63c0: 100a08000200 TESTUSTATE(SYS, UST_OP_SIZE_32BIT) 01e3c500 ? SEQW GOTO U63c5 U63c1: 00040703bf08 tmp11:= AND_DSZ32(0x00000007, tmp12) U63c2: 01300403123b tmp1:= SELECTCC_DSZ32_CONDZ(tmp11, 0x00000004) U63c4: 000100038e31 tmp8:= OR_DSZ32(tmp1, tmp8) U63c5: 0042fe1c0232 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp2, CORE_CR_EFLAGS) 06da5a40 SEQW GOTO U5a5a ------------------------------------------------------------------------------------ U63c6: 06240003b208 tmm3:= unk_624(0x00000000) U63c8: 072c0003203b tmp2:= PINTMOVDTMM2I_DSZ32(tmm3) U63c9: 06240003ce79 tmm4:= unk_624(tmm1, tmm1) U63ca: 072c0003303c tmp3:= PINTMOVDTMM2I_DSZ32(tmm4) U63cc: 000410031c88 tmp1:= AND_DSZ32(0x00000010, tmp2) U63cd: 015161640231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U1961) U63ce: 000404031cc8 tmp1:= AND_DSZ32(0x00000004, tmp3) U63d0: 015161640231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U1961) U63d1: 000440031c88 tmp1:= AND_DSZ32(0x00000040, tmp2) U63d2: 0151c46c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U5bc4) U63d4: 000100031cb3 tmp1:= OR_DSZ32(tmp3, tmp2) U63d5: 000420031c48 tmp1:= AND_DSZ32(0x00000020, tmp1) U63d6: 002504031231 tmp1:= SHR_DSZ32(tmp1, 0x00000004) U63d8: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U63d9: 000100038d31 tmp8:= OR_DSZ32(tmp1, tmp4) U63da: 0007001f8e0a tmp8:= NOTAND_DSZ32(0x00004700, tmp8) U63dc: 20428c100238 LFNCEMARK-> MOVETOCREG_DSZ64(tmp8, 0x48c) 0417ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U63dd: 000500235d48 tmp5:= SUB_DSZ32(0x00000800, tmp5) U63de: 000400631d48 tmp1:= AND_DSZ32(0x00001800, tmp5) U63e0: 006418031231 tmp1:= SHL_DSZ64(tmp1, 0x00000018) U63e1: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U63e2: 000480071d48 tmp1:= AND_DSZ32(0x00000180, tmp5) U63e4: 000400072c48 tmp2:= AND_DSZ32(0x00000100, tmp1) U63e5: 013180032232 tmp2:= SELECTCC_DSZ32_CONDNZ(tmp2, 0x00000080) U63e6: 000600031c72 tmp1:= XOR_DSZ32(tmp2, tmp1) U63e8: 006419031231 tmp1:= SHL_DSZ64(tmp1, 0x00000019) U63e9: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U63ea: 002178031010 tmp1:= CONCAT_DSZ32(0x00020020) U63ec: 004100035d71 tmp5:= OR_DSZ64(tmp1, tmp5) U63ed: 000788031435 tmp1:= NOTAND_DSZ32(tmp5, 0x00038000) U63ee: 000888032010 tmp2:= ZEROEXT_DSZ32(0x00038000) U63f0: 005531032232 tmp2:= BTS_DSZ64(tmp2, 0x00000031) U63f1: 017100032cb1 tmp2:= SELECTCC_DSZ64_CONDNZ(tmp1, tmp2) U63f2: 004700035d72 tmp5:= NOTAND_DSZ64(tmp2, tmp5) U63f4: 0047fc7f5d4b tmp5:= NOTAND_DSZ64(0x00007ffc, tmp5) 01b20800 SEQW GOTO U3208 ------------------------------------------------------------------------------------ U63f5: 0004001faec8 tmp10:= AND_DSZ32(0x00000700, tmp11) U63f6: 0005001f9e88 tmp9:= SUB_DSZ32(0x00000700, tmp10) U63f8: 0150546802b9 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U5a54) U63f9: 29020b000240 MOVETOCREG_OR_DSZ64(0x00000004, 0x00b) U63fa: 000500139e88 tmp9:= SUB_DSZ32(0x00000400, tmp10) U63fc: 0005000b9e48 tmp9:= SUB_DSZ32(0x00000200, tmp9) U63fd: 0e25c8078f0a tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000002c8, mode=0x01) U63fe: 013300038e39 tmp8:= SELECTCC_DSZ32_CONDNBE(tmp9, tmp8) U6400: 000400239ec8 tmp9:= AND_DSZ32(0x00000800, tmp11) U6401: 00480003003c tmp0:= ZEROEXT_DSZ64(tmp12) U6402: 0e250007cf09 tmp12:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000100, mode=0x01) U6404: 01300003cf39 tmp12:= SELECTCC_DSZ32_CONDZ(tmp9, tmp12) U6405: 00a10003cf38 LFNCEWAIT-> tmp12:= CONCAT_DSZ16(tmp8, tmp12) U6406: 100a20039240 tmp9:= TESTUSTATE(SYS, UST_SMM | 0x2000) 02a6a580 ? SEQW GOTO U26a5 U6408: 0008b52b5009 tmp5:= ZEROEXT_DSZ32(0x00002ab5) U6409: 0062c51bf200 tmp15:= MOVEFROMCREG_DSZ64(0x6c5) U640a: 00434700023f WRITEURAM(tmp15, 0x0047, 64) U640c: 00080003103b tmp1:= ZEROEXT_DSZ32(tmp11) 01e96800 SEQW GOTO U6968 ------------------------------------------------------------------------------------ U640d: 00652003b23d tmp11:= SHR_DSZ64(tmp13, 0x00000020) U640e: 00041f03bec8 tmp11:= AND_DSZ32(0x0000001f, tmp11) U6410: 01300403123b tmp1:= SELECTCC_DSZ32_CONDZ(tmp11, 0x00000004) U6411: 000100038e31 tmp8:= OR_DSZ32(tmp1, tmp8) U6412: 0c4b403f1000 tmp1:= RDSEGFLD(TSS, FLGS) U6414: 000408031c48 tmp1:= AND_DSZ32(0x00000008, tmp1) U6415: 0902c51b8c78 tmp8:= MOVETOCREG_OR_DSZ64(tmp8, tmp1, 0x6c5) U6416: 000400231f08 tmp1:= AND_DSZ32(0x00000800, tmp12) U6418: 013101431231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00001001) U6419: 000803038e08 tmp8:= ZEROEXT_DSZ32(0x00000003, tmp8) U641a: 000600031e31 tmp1:= XOR_DSZ32(tmp1, tmp8) U641c: 000ce9ebe248 tmp14:= SAVEUIP(0x01, U3ae9) U641d: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01e42040 ? SEQW GOTO U6420 U641e: 000c9e8fe288 tmp14:= SAVEUIP(0x01, U439e) U6420: 006418038231 tmp8:= SHL_DSZ64(tmp1, 0x00000018) U6421: 0902521f8c78 tmp8:= MOVETOCREG_OR_DSZ64(tmp8, tmp1, 0x752) U6422: 004200000237 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp7, 0x000) U6424: 20421b000238 MOVETOCREG_DSZ64(tmp8, 0x01b) 01abd900 SEQW GOTO U2bd9 ------------------------------------------------------------------------------------ U6425: 0c4b400ff000 tmp15:= RDSEGFLD(SS, FLGS) U6426: 00423c1c023f MOVETOCREG_DSZ64(tmp15, 0x73c) U6428: 104800024035 rsp:= ZEROEXT_DSZ64N(tmp5) U6429: 0c4b200f0000 tmp0:= RDSEGFLD(SS, BASE) U642a: 0c6b2a000030 WRSEGFLD(tmp0, SS_USERM, BASE) U642c: 0c4ba00f0000 tmp0:= RDSEGFLD(SS, SEL+FLGS+LIM) U642d: 0c6baa000030 WRSEGFLD(tmp0, SS_USERM, SEL+FLGS+LIM) U642e: 09a29e5c027f MOVETOCREG_SHR_DSZ64(tmp15, 0x00000005, 0x79e) U6430: 0250c900023d UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp13, U00c9) U6431: 01531410023d UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp13, U0414) U6432: 013e30033f48 tmp3:= MOVEMERGEFLGS_DSZ32(0x00000030, tmp13) U6434: 013428033233 tmp3:= CMOVCC_DSZ32_CONDZ(tmp3, 0x00000028) U6435: 00083403f008 tmp15:= ZEROEXT_DSZ32(0x00000034) U6436: 0004fc031d88 tmp1:= AND_DSZ32(0x000000fc, tmp6) U6438: 000500031c7f tmp1:= SUB_DSZ32(tmp15, tmp1) U6439: 015114100231 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U0414) U643a: 0007fc036d88 tmp6:= NOTAND_DSZ32(0x000000fc, tmp6) U643c: 000100036db3 tmp6:= OR_DSZ32(tmp3, tmp6) 0180cd00 SEQW GOTO U00cd ------------------------------------------------------------------------------------ U643d: 04960003de38 tmm5:= unk_496(tmm0, tmm0) U643e: 053e0003cf40 tmm4:= unk_53e(tmm5) U6440: 07280003303d mm3:= unk_728(tmm5) U6441: 06c900038f3d ROVR<- tmm0:= unk_6c9(tmm5, tmm4) 01ed8459 SEQW SAVEUIP0 U6442 SEQW GOTO U6d84 U6442: 04940003aec0 tmm2:= unk_494(tmm3) U6444: 06490003df78 tmm5:= unk_649(tmm0, tmm5) U6445: 06e10003af7a tmm2:= unk_6e1(tmm2, tmm5) U6446: 06e100038f7c tmm0:= unk_6e1(tmm4, tmm5) U6448: 06e10003dfbc tmm5:= unk_6e1(tmm4, tmm6) U6449: 06e10003ffbb tmm7:= unk_6e1(tmm3, tmm6) U644a: 06c90003ef7a tmm6:= unk_6c9(tmm2, tmm5) U644c: 06c90003dff8 tmm5:= unk_6c9(tmm0, tmm7) U644d: 01504e1002ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U644e) 01e49e40 SEQW GOTO U649e ------------------------------------------------------------------------------------ U644e: 06c90003efbc tmm6:= unk_6c9(tmm4, tmm6) U6450: 06c90003df7b tmm5:= unk_6c9(tmm3, tmm5) U6451: 002504031238 tmp1:= SHR_DSZ32(tmp8, 0x00000004) U6452: 07020003f031 tmm7:= unk_702(mm1) U6454: 04960003dffd tmm5:= unk_496(tmm5, tmm7) 01bea100 SEQW GOTO U3ea1 ------------------------------------------------------------------------------------ U6455: 00626503f200 tmp15:= MOVEFROMCREG_DSZ64(0x065) U6456: 00626703a200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U6458: 004500031ebf tmp1:= SUB_DSZ64(tmp15, tmp10) U6459: 017e00031d31 tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp4) U645a: 00050003aebf tmp10:= SUB_DSZ32(tmp15, tmp10) U645c: 007600031eb1 tmp1:= CMOVCC_DSZ64_CONDB(tmp1, tmp10) U645d: 00421a1c0231 SYNCMARK-> MOVETOCREG_DSZ64(tmp1, 0x71a) U645e: 004229000010 MOVETOCREG_DSZ64(0x00000009, 0x000) U6460: 004900000000 MOVE_DSZ64(0x00000000) U6461: 000bff000200 UPDATEUSTATE(0xfc) U6462: 00621b03a200 tmp10:= MOVEFROMCREG_DSZ64(0x01b) U6464: 0042521c023a MOVETOCREG_DSZ64(tmp10, 0x752) U6465: 0062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U6466: 23800003ae80 tmp10:= READAFLAGS(tmp10) U6468: 0050da00023b UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp11, U00da) U6469: 386a45240238 BTUJB_DIRECT_NOTTAKEN(tmp8, 0x00000000, U3945) U646a: 0df300240033 LFNCEMARK-> LEA_DSZ8_ASZ32_SC1(tmp3) U646c: 10c000024939 rsp:= ADD_DSZN(tmp9, rsp) 01abf900 SEQW GOTO U2bf9 ------------------------------------------------------------------------------------ U646d: 1c080063003b STAD_DSZN_ASZ32_SC1(tmp11, mode=0x18, tmp0) U646e: 1c080be3a03b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_ALIAS_DATASIZE, mode=0x18, tmp10) U6470: 1c0813e3803b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_13, mode=0x18, tmp8) U6471: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01aaa140 ? SEQW GOTO U2aa1 U6472: 002404031200 tmp1:= SHL_DSZ32(0x00000000, 0x00000004) U6474: 000000031c73 tmp1:= ADD_DSZ32(tmp3, tmp1) U6475: 002510036231 tmp6:= SHR_DSZ32(tmp1, 0x00000010) U6476: 00a1ff7f5c5f tmp5:= CONCAT_DSZ16(0xffffffffffffffff, tmp1) U6478: 00240c036236 tmp6:= SHL_DSZ32(tmp6, 0x0000000c) U6479: 000100032db7 tmp2:= OR_DSZ32(tmp7, tmp6) U647a: 002404031200 tmp1:= SHL_DSZ32(0x00000000, 0x00000004) U647c: 000000031c74 tmp1:= ADD_DSZ32(tmp4, tmp1) U647d: 002510038231 tmp8:= SHR_DSZ32(tmp1, 0x00000010) U647e: 00a1ff7f7c5f tmp7:= CONCAT_DSZ16(0xffffffffffffffff, tmp1) U6480: 00240c038238 tmp8:= SHL_DSZ32(tmp8, 0x0000000c) U6481: 1c081be3503b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_1b, mode=0x18, tmp5) U6482: 1c0823e3203b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_23, mode=0x18, tmp2) U6484: 1c082be3703b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_2b, mode=0x18, tmp7) U6485: 1c0833e3803b STAD_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_33, mode=0x18, tmp8) 01e48c89 SEQW URET0 ------------------------------------------------------------------------------------ U6486: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01e48c89 ? SEQW GOTO U648c U6488: 006311039200 tmp9:= READURAM(0x0011, 64) U6489: 0ecbc8040e48 LDHINT_CACHEALL_ASZ64_SC1(0x000001c8, tmp9) U648a: 0ecb00040e4c LDHINT_CACHEALL_ASZ64_SC1(0x00008100, tmp9) U648c: 0062c51ff200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U648d: 00635c032200 tmp2:= READURAM(0x005c, 64) U648e: 00650b031232 tmp1:= SHR_DSZ64(tmp2, 0x0000000b) U6490: 000700031c7f tmp1:= NOTAND_DSZ32(tmp15, tmp1) U6491: 186a69dc02f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000f, generate_#UD) U6492: 000a00200200 TESTUSTATE(UCODE, 0x0800) 01a76980 ? SEQW GOTO generate_#UD U6494: 2d0b3c031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x0000003c) U6495: 00632003f200 tmp15:= READURAM(0x0020, 64) U6496: 186b691c0ff1 BTUJNB_DIRECT_NOTTAKEN(tmp1, tmp15, generate_#UD) U6498: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 018000c8 ? SEQW URET0 U6499: 00641503f232 tmp15:= SHL_DSZ64(tmp2, 0x00000015) U649a: 006343032200 tmp2:= READURAM(0x0043, 64) U649c: 00470003fff2 tmp15:= NOTAND_DSZ64(tmp2, tmp15) U649d: 186a69dc06ff BTUJB_DIRECT_NOTTAKEN(tmp15, 0x0000002f, generate_#UD) 018000c9 SEQW URET0 ------------------------------------------------------------------------------------ U649e: 002503030238 tmp0:= SHR_DSZ32(tmp8, 0x00000003) U64a0: 002501032238 tmp2:= SHR_DSZ32(tmp8, 0x00000001) U64a1: 000600031cb0 tmp1:= XOR_DSZ32(tmp0, tmp2) U64a2: 000600032cb8 tmp2:= XOR_DSZ32(tmp8, tmp2) U64a4: 0350a51002fb UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp11, U64a5) 01ab0900 SEQW GOTO U2b09 ------------------------------------------------------------------------------------ U64a5: 04b40003ef80 tmm6:= FMOV(tmm6) U64a6: 06e10003af78 tmm2:= unk_6e1(tmm0, tmm5) U64a8: 04b400039e00 tmm1:= FMOV(tmm0) U64a9: 06a04003d000 tmp13:= unk_6a0(0x00000000) U64aa: 000401033e08 tmp3:= AND_DSZ32(0x00000001, tmp8) U64ac: 0151cd2802b3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U4acd) U64ad: 070200038031 tmm0:= unk_702(mm1) U64ae: 049600039e39 tmm1:= unk_496(tmm1, tmm0) U64b0: 04960003ae3a tmm2:= unk_496(tmm2, tmm0) U64b1: 068901808eb9 mm0:= unk_689(tmm1, tmm2) U64b2: 070200038032 tmm0:= unk_702(mm2) U64b4: 04960003de3d tmm5:= unk_496(tmm5, tmm0) U64b5: 04960003ee3e tmm6:= unk_496(tmm6, tmm0) U64b6: 268971809fbd LFNCEWAIT-> mm7:= unk_689(tmm5, tmm6) 0317ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U64b8: 09a2c5180332 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000010, 0x6c5) 01b91214 SEQW SAVEUIP1 U64b9 SEQW GOTO U3912 U64b9: 10a400039ca1 tmp9:= SHL_DSZN(rcx, tmp2) U64ba: 10a50403c239 tmp12:= SHR_DSZN(tmp9, 0x00000004) U64bc: 1085b1031e50 tmp1:= SUB_DSZN(0x0008000f, tmp9) U64bd: 00856203c43c tmp12:= SUB_DSZ16(tmp12, 0x00018000) U64be: 01730003cf31 tmp12:= SELECTCC_DSZ64_CONDNBE(tmp1, tmp12) U64c0: 00886203c43c tmp12:= ZEROEXT_DSZ16(tmp12, 0x00018000) U64c1: 01420e034f00 SYNCMARK-> tmp4:= UFLOWCTRL(MSLOOPCTR, tmp12) U64c2: 013eb913fc4b tmp15:= MOVEMERGEFLGS_DSZ32(0x000064b9, tmp1) U64c4: 00040f03be48 tmp11:= AND_DSZ32(0x0000000f, tmp9) U64c5: 00aa0003103c tmp1:= unk_0aa(tmp12) U64c6: 013e6613eec8 tmp14:= MOVEMERGEFLGS_DSZ32(0x00000466, tmp11) U64c8: 000c8e980200 SAVEUIP(0x01, U068e) U64c9: 108500031031 tmp1:= SUB_DSZN(tmp1) U64ca: 01345117e2fe tmp14:= CMOVCC_DSZ32_CONDZ(tmp14, 0x00006551) U64cc: 002100032cbc tmp2:= CONCAT_DSZ32(tmp12, tmp2) U64cd: 10a404031231 tmp1:= SHL_DSZN(tmp1, 0x00000004) U64ce: 01370003efbf tmp14:= CMOVCC_DSZ32_CONDNBE(tmp15, tmp14) U64d0: 01420b000fb4 UFLOWCTRL(tmp4, URET1, tmp14) 019a5800 SEQW GOTO U1a58 ------------------------------------------------------------------------------------ U64d1: 0e2db0000234 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x000000b0, 0x00000000) U64d2: 000cecdfe208 tmp14:= SAVEUIP(0x01, uend) U64d4: 0ea598033f0b tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x00000398) U64d5: 00a508030233 tmp0:= SHR_DSZ16(tmp3, 0x00000008) U64d6: 000800078008 tmp8:= ZEROEXT_DSZ32(0x00000100) 01dc8d92 SEQW SAVEUIP0 U64d8 SEQW GOTO U5c8d U64d8: 000800031030 tmp1:= ZEROEXT_DSZ32(tmp0) U64d9: 002503035230 tmp5:= SHR_DSZ32(tmp0, 0x00000003) U64da: 000418035d48 tmp5:= AND_DSZ32(0x00000018, tmp5) U64dc: 0001a00f5d48 tmp5:= OR_DSZ32(0x000003a0, tmp5) U64dd: 0e6500035d7c tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, tmp5) U64de: 0004ff033cc8 tmp3:= AND_DSZ32(0x000000ff, tmp3) U64e0: 00a408039239 tmp9:= SHL_DSZ16(tmp9, 0x00000008) U64e1: 008100039e73 tmp9:= OR_DSZ16(tmp3, tmp9) U64e2: 0ead980392fc LFNCEMARK-> STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x00000398, tmp9) U64e4: 0e2580032234 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000080) U64e5: 00c800032032 tmp2:= ZEROEXT_DSZ8(tmp2) U64e6: 005400035c75 tmp5:= BT_DSZ64(tmp5, tmp1) U64e8: 003301035235 tmp5:= SELECTCC_DSZ32_CONDNB(tmp5, 0x00000001) U64e9: 002100039e75 tmp9:= CONCAT_DSZ32(tmp5, tmp9) 01e68040 SEQW GOTO U6680 ------------------------------------------------------------------------------------ ucode_fit_xlat_found: U64ea: 0e6500034030 tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0) U64ec: 006520031234 tmp1:= SHR_DSZ64(tmp4, 0x00000020) U64ed: 0151423802f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, process_next_fit_xlat) U64ee: 00004c031d08 tmp1:= ADD_DSZ32(0x0000004c, tmp4) U64f0: 0e2500031031 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1) U64f1: 004000031d31 tmp1:= ADD_DSZ64(tmp1, tmp4) U64f2: 006520031234 tmp1:= SHR_DSZ64(tmp4, 0x00000020) U64f4: 0151423802f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, process_next_fit_xlat) U64f5: 0e2500031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4) U64f6: 192942790231 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, process_next_fit_xlat) U64f8: 0e250c031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x0000000c) U64f9: 192942390c62 CMPUJNZ_DIRECT_NOTTAKEN(rdx, tmp1, process_next_fit_xlat) U64fa: 0e2518032034 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000018) U64fc: 186b42390db2 BTUJNB_DIRECT_NOTTAKEN(tmp2, tmp6, process_next_fit_xlat) U64fd: 0e2504031034 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x00000004) U64fe: 000500032e71 tmp2:= SUB_DSZ32(tmp1, tmp9) U6500: 0353423802f2 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp2, process_next_fit_xlat) U6501: 000800039031 tmp9:= ZEROEXT_DSZ32(tmp1) U6502: 00080003a034 tmp10:= ZEROEXT_DSZ32(tmp4) 01ee4280 SEQW GOTO process_next_fit_xlat ------------------------------------------------------------------------------------ U6504: 09a2c5180332 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000010, 0x6c5) 01b91214 SEQW SAVEUIP1 U6505 SEQW GOTO U3912 U6505: 10a400039ca1 tmp9:= SHL_DSZN(rcx, tmp2) U6506: 10a50403c239 tmp12:= SHR_DSZN(tmp9, 0x00000004) U6508: 1085b1031e50 tmp1:= SUB_DSZN(0x0008000f, tmp9) U6509: 00856203c43c tmp12:= SUB_DSZ16(tmp12, 0x00018000) U650a: 01730003cf31 tmp12:= SELECTCC_DSZ64_CONDNBE(tmp1, tmp12) U650c: 00886203c43c tmp12:= ZEROEXT_DSZ16(tmp12, 0x00018000) U650d: 01420e034f00 SYNCMARK-> tmp4:= UFLOWCTRL(MSLOOPCTR, tmp12) U650e: 013e0517fc4b tmp15:= MOVEMERGEFLGS_DSZ32(0x00006505, tmp1) U6510: 00040f03be48 tmp11:= AND_DSZ32(0x0000000f, tmp9) U6511: 00aa0003103c tmp1:= unk_0aa(tmp12) U6512: 013e6613eec8 tmp14:= MOVEMERGEFLGS_DSZ32(0x00000466, tmp11) U6514: 000c8e980200 SAVEUIP(0x01, U068e) U6515: 108500031031 tmp1:= SUB_DSZN(tmp1) U6516: 0134aa0be2fe tmp14:= CMOVCC_DSZ32_CONDZ(tmp14, 0x000062aa) U6518: 002100032cbc tmp2:= CONCAT_DSZ32(tmp12, tmp2) U6519: 10a404031231 tmp1:= SHL_DSZN(tmp1, 0x00000004) U651a: 01370003efbf tmp14:= CMOVCC_DSZ32_CONDNBE(tmp15, tmp14) U651c: 01420b000fb4 UFLOWCTRL(tmp4, URET1, tmp14) 01ba2500 SEQW GOTO U3a25 ------------------------------------------------------------------------------------ U651d: 000546031c50 tmp1:= SUB_DSZ32(0x0000ffff, tmp1) U651e: 0250351402f1 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp1, U6535) U6520: 000510032c48 tmp2:= SUB_DSZ32(0x00000010, tmp1) U6521: 0351a56c02b2 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp2, U5ba5) U6522: 072a00030039 mm0:= unk_72a(tmm1) U6524: 070200039e40 tmm1:= unk_702(tmm1) U6525: 06c200039e40 tmm1:= unk_6c2(tmm1) U6526: 072c00031039 tmp1:= PINTMOVDTMM2I_DSZ32(tmm1) U6528: 000500033031 tmp3:= SUB_DSZ32(tmp1) U6529: 007d00033cf0 tmp3:= MOVEINSERTFLGS_DSZ64(tmp0, tmp3) U652a: 003600031c73 tmp1:= CMOVCC_DSZ32_CONDB(tmp3, tmp1) U652c: 07ea00032038 mm2:= unk_7ea(tmm0) U652d: 000000032cb1 tmp2:= ADD_DSZ32(tmp1, tmp2) U652e: 07c200038e32 tmm0:= unk_7c2(mm2, tmm0) U6530: 000564031c90 tmp1:= SUB_DSZ32(0x00019ffe, tmp2) U6531: 0353a56c02b1 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp1, U5ba5) U6532: 000501031c8b tmp1:= SUB_DSZ32(0x00006001, tmp2) U6534: 0250012c0271 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp1, U2b01) U6535: 06dd00008e00 mm0:= unk_6dd(tmm0) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U6536: 00621c037200 tmp7:= MOVEFROMCREG_DSZ64(0x01c) U6538: 0062f81fd200 tmp13:= MOVEFROMCREG_DSZ64(0x7f8) U6539: 1062f91f5240 tmp5:= MOVEFROMCREG_DSZ64(0x7f9, 32) U653a: 00070003df49 tmp13:= NOTAND_DSZ32(0x00002000, tmp13) U653c: 00633d03c200 tmp12:= READURAM(0x003d, 64) U653d: 00070f03cf08 tmp12:= NOTAND_DSZ32(0x0000000f, tmp12) U653e: 00010003cf37 tmp12:= OR_DSZ32(tmp7, tmp12) U6540: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01e54400 ? SEQW GOTO U6544 U6541: 006314038200 tmp8:= READURAM(0x0014, 64) U6542: 186a49550238 BTUJB_DIRECT_NOTTAKEN(tmp8, 0x00000001, U6549) U6544: 000703035d48 tmp5:= NOTAND_DSZ32(0x00000003, tmp5) U6545: 2042f81c023d MOVETOCREG_DSZ64(tmp13, 0x7f8) U6546: 3042f91c0275 MOVETOCREG_DSZ64(tmp5, 0x7f9, 32) U6548: 20433d00023c LFNCEMARK-> WRITEURAM(tmp12, 0x003d, 64) U6549: 1062df0bb240 tmp11:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U654a: 000505038cc8 tmp8:= SUB_DSZ32(0x00000005, tmp3) U654c: 013e36038e08 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000036, tmp8) U654d: 013400038238 tmp8:= CMOVCC_DSZ32_CONDZ(tmp8, 0x00000000) U654e: 186aad280e3b BTUJB_DIRECT_NOTTAKEN(tmp11, tmp8, U2aad) U6550: 020301030200 SYNCFULL-> tmp0:= unk_203(0x00000001) 08655648 SEQW URET0 ------------------------------------------------------------------------------------ U6551: 000a20000200 TESTUSTATE(UCODE, 0x0020) 08655648 ? SEQW GOTO U6556 U6552: 0c4000630d66 tmp0:= LDZX_DSZ64_ASZ32_SC1(rsi, tmp5, mode=0x18) U6554: 0c4800230d67 STAD_DSZ64_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp0) U6555: 004008035d48 tmp5:= ADD_DSZ64(0x00000008, tmp5) U6556: 000a10000200 TESTUSTATE(UCODE, 0x0010) 01e55c80 ? SEQW GOTO U655c U6558: 0c0000630d66 tmp0:= LDZX_DSZ32_ASZ32_SC1(rsi, tmp5, mode=0x18) U6559: 0c0800230d67 STAD_DSZ32_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp0) U655a: 004004035d48 tmp5:= ADD_DSZ64(0x00000004, tmp5) U655c: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01e56100 ? SEQW GOTO U6561 U655d: 0c8000630d66 tmp0:= LDZX_DSZ16_ASZ32_SC1(rsi, tmp5, mode=0x18) U655e: 0c8800230d67 STAD_DSZ16_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp0) U6560: 004002035d48 tmp5:= ADD_DSZ64(0x00000002, tmp5) U6561: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01e56540 ? SEQW GOTO U6565 U6562: 0cc000630d66 tmp0:= LDZX_DSZ8_ASZ32_SC1(rsi, tmp5, mode=0x18) U6564: 0cc800230d67 STAD_DSZ8_ASZ32_SC1(rdi, tmp5, mode=0x08, tmp0) U6565: 10a40003fca1 tmp15:= SHL_DSZN(rcx, tmp2) U6566: 1080000269bf rsi:= ADD_DSZN(tmp15, rsi) U6568: 1080000279ff rdi:= ADD_DSZN(tmp15, rdi) U6569: 108800021840 rcx:= ZEROEXT_DSZ16N(rcx) U656a: 0fff00000000 SYNCWAIT-> SFENCE(0x00000000) 0b0000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U656c: 2a621c0372f7 tmp7:= MOVETOCREG_BTR_DSZ64(tmp7, 0x0000000c, 0x01c) U656d: 003304037237 tmp7:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000004) U656e: 204270000237 MOVETOCREG_DSZ64(tmp7, 0x070) U6570: 00430900023c WRITEURAM(tmp12, 0x0009, 64) 01826a14 SEQW SAVEUIP1 U6571 SEQW GOTO U026a U6571: 0e654807ac0a tmp10:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000248, mode=0x01) U6572: 00434600023a WRITEURAM(tmp10, 0x0046, 64) U6574: 00141f03a23a tmp10:= BT_DSZ32(tmp10, 0x0000001f) U6575: 0073e103a43a tmp10:= SELECTCC_DSZ64_CONDNB(tmp10, 0x00200000) U6576: 090200000ebe LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp14, tmp10, 0x000) U6578: 00880003403d tmp4:= ZEROEXT_DSZ16(tmp13) U6579: 000800430008 tmp0:= ZEROEXT_DSZ32(0x00001000) U657a: 0004001fac48 tmp10:= AND_DSZ32(0x00000700, tmp1) U657c: 00050013ae88 tmp10:= SUB_DSZ32(0x00000400, tmp10) U657d: 0005000bae88 tmp10:= SUB_DSZ32(0x00000200, tmp10) U657e: 0133e103a43a tmp10:= SELECTCC_DSZ32_CONDNBE(tmp10, 0x00200000) U6580: 000100030c3a tmp0:= OR_DSZ32(tmp10, tmp0) U6581: 00050e03ac88 tmp10:= SUB_DSZ32(0x0000000e, tmp2) U6582: 00151f032231 tmp2:= BTS_DSZ32(tmp1, 0x0000001f) U6584: 017100031efa tmp1:= SELECTCC_DSZ64_CONDNZ(tmp10, tmp11) U6585: 00620003a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x000) 02ce8440 SEQW GOTO U4e84 ------------------------------------------------------------------------------------ U6586: 0062f81fa200 tmp10:= MOVEFROMCREG_DSZ64(0x7f8) U6588: 00620403f200 tmp15:= MOVEFROMCREG_DSZ64(0x004) U6589: 00210003aebf tmp10:= CONCAT_DSZ32(tmp15, tmp10) U658a: 2042f81c0200 SYNCMARK-> MOVETOCREG_DSZ64(0x00000000, 0x7f8) U658c: 204257000010 MOVETOCREG_DSZ64(0x0000001e, 0x000) U658d: 006360034200 tmp4:= READURAM(0x0060, 64) U658e: 0d6000033e74 SYNCWAIT-> tmp3:= unk_d60(tmp4, tmp9) U6590: 0d6008035e74 tmp5:= unk_d60(tmp4, tmp9) U6591: 0d6010036e74 tmp6:= unk_d60(tmp4, tmp9) U6592: 0d6018037e74 tmp7:= unk_d60(tmp4, tmp9) U6594: 100a08800200 TESTUSTATE(SYS, !UST_OP_SIZE_32BIT) 01e59a00 ? SEQW GOTO U659a U6595: 000800033033 tmp3:= ZEROEXT_DSZ32(tmp3) U6596: 000800035035 tmp5:= ZEROEXT_DSZ32(tmp5) U6598: 000800036036 tmp6:= ZEROEXT_DSZ32(tmp6) U6599: 000800037037 tmp7:= ZEROEXT_DSZ32(tmp7) U659a: 00400003cd71 tmp12:= ADD_DSZ64(tmp1, tmp5) U659c: 004500031d73 tmp1:= SUB_DSZ64(tmp3, tmp5) U659d: 005200000cb1 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp1, tmp2) U659e: 004500031f36 tmp1:= SUB_DSZ64(tmp6, tmp12) U65a0: 015300000cb1 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp1, tmp2) 018000cc SEQW URET1 ------------------------------------------------------------------------------------ U65a1: 004800014036 tmpv0:= ZEROEXT_DSZ64(tmp6) U65a2: 1062df095240 tmpv1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U65a4: 00540d015215 tmpv1:= BT_DSZ64(tmpv1, 0x0000000d) U65a5: 007200015515 tmpv1:= SELECTCC_DSZ64_CONDB(tmpv1, tmpv0) U65a6: 186afd690315 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000011, U6afd) U65a8: 100a80014200 tmpv0:= TESTUSTATE(SYS, UST_VMX_GUEST) 01e5aa00 ? SEQW GOTO U65aa U65a9: 000100054508 tmpv0:= OR_DSZ32(0x00000100, tmpv0) U65aa: 00471f016588 tmpv2:= NOTAND_DSZ64(0x0000001f, tmpv2) U65ac: 006404016216 tmpv2:= SHL_DSZ64(tmpv2, 0x00000004) U65ad: 000183014508 tmpv0:= OR_DSZ32(0x00000083, tmpv0) U65ae: 004100016594 tmpv2:= OR_DSZ64(tmpv0, tmpv2) 01f6d892 SEQW SAVEUIP0 U65b0 SEQW GOTO U76d8 U65b0: 0062f01d4200 tmpv0:= MOVEFROMCREG_DSZ64(0x7f0) U65b1: 286bbeb00214 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000002, uret1) U65b2: 00c800015016 tmpv1:= ZEROEXT_DSZ8(tmpv2) U65b4: 006508014216 tmpv0:= SHR_DSZ64(tmpv2, 0x00000008) U65b5: 006410014214 tmpv0:= SHL_DSZ64(tmpv0, 0x00000010) U65b6: 0041020d450a tmpv0:= OR_DSZ64(0x00004302, tmpv0) U65b8: 29a28b000794 MOVETOCREG_SHR_DSZ64(tmpv0, 0x00000038, 0x08b) U65b9: 006408014214 tmpv0:= SHL_DSZ64(tmpv0, 0x00000008) U65ba: 29028a000554 MOVETOCREG_OR_DSZ64(tmpv0, tmpv1, 0x08a) 0186c680 SEQW GOTO uret1 ------------------------------------------------------------------------------------ U65bc: 296200000300 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x00000010, 0x000) U65bd: 0008c00be009 tmp14:= ZEROEXT_DSZ32(0x000022c0) U65be: 000e09000200 WRMSLOOPCTRFBR(0x00000009) U65c0: 000cd4100200 SAVEUIP(0x00, U04d4) 03025a14 SEQW SAVEUIP1 U65c1 SEQW GOTO U025a U65c1: 00480043f01f tmp15:= ZEROEXT_DSZ64(0xfffffffffffff000) U65c2: 082211140ff0 LFNCEWAIT-> MOVETOCREG_AND_DSZ64(tmp0, tmp15, 0x511) U65c4: 004210140231 MOVETOCREG_DSZ64(tmp1, 0x510) U65c5: 082218140ff2 MOVETOCREG_AND_DSZ64(tmp2, tmp15, 0x518) U65c6: 004200000238 MOVETOCREG_DSZ64(tmp8, 0x000) U65c8: 004270000237 MOVETOCREG_DSZ64(tmp7, 0x070) U65c9: 00620403f200 tmp15:= MOVEFROMCREG_DSZ64(0x004) U65ca: 00070303ffc8 tmp15:= NOTAND_DSZ32(0x00000003, tmp15) U65cc: 000403033cc8 tmp3:= AND_DSZ32(0x00000003, tmp3) U65cd: 0001000bffc8 tmp15:= OR_DSZ32(0x00000200, tmp15) U65ce: 090204000cff MOVETOCREG_OR_DSZ64(tmp15, tmp3, 0x004) 01843c96 SEQW SAVEUIP1 U65d0 SEQW GOTO U043c U65d0: 00631f03f200 tmp15:= READURAM(0x001f, 64) U65d1: 0047000bffc8 tmp15:= NOTAND_DSZ64(0x00000200, tmp15) U65d2: 00431f00023f WRITEURAM(tmp15, 0x001f, 64) U65d4: 00421a1c0236 MOVETOCREG_DSZ64(tmp6, 0x71a) U65d5: 004267000236 MOVETOCREG_DSZ64(tmp6, CORE_CR_CUR_RIP) 01a52940 SEQW GOTO U2529 ------------------------------------------------------------------------------------ U65d6: 00062a4b4cdd tmp4:= XOR_DSZ32(0xffffffffffffb22a, tmp3) U65d8: 00240a036230 tmp6:= SHL_DSZ32(tmp0, 0x0000000a) U65d9: 000405039c34 ROVR<- tmp9:= AND_DSZ32(tmp4, tmp0) 01a1785d SEQW SAVEUIP1 U65da SEQW GOTO U2178 U65da: 0004af036d90 tmp6:= AND_DSZ32(0x00080000, tmp6) U65dc: 0004af037d50 tmp7:= AND_DSZ32(0x00080000, tmp5) U65dd: 020700038df6 tmp8:= unk_207(tmp6, tmp7) U65de: 0007b5031d50 tmp1:= NOTAND_DSZ32(0x0009cdfd, tmp5) U65e0: 000400072c08 tmp2:= AND_DSZ32(0x00000100, tmp0) U65e1: 000439031c73 ROVR<- tmp1:= AND_DSZ32(tmp3, tmp1) 018000dd SEQW SAVEUIP1 U65e2 U65e2: 000100031c78 tmp1:= OR_DSZ32(tmp8, tmp1) U65e4: 000100039e71 tmp9:= OR_DSZ32(tmp1, tmp9) U65e5: 001610035235 tmp5:= BTR_DSZ32(tmp5, 0x00000010) 01ae0955 SEQW SAVEUIP1 U65e6 SEQW GOTO U2e09 U65e6: 213f00000039 unk_13f(tmp9) U65e8: 2042fe1c0239 SYNCFULL-> MOVETOCREG_DSZ64(tmp9, CORE_CR_EFLAGS) U65e9: 020700032032 tmp2:= unk_207(tmp2) U65ea: 020700038036 tmp8:= unk_207(tmp6) U65ec: 002401038238 tmp8:= SHL_DSZ32(tmp8, 0x00000001) U65ed: 00040003ae35 tmp10:= AND_DSZ32(tmp5, tmp8) U65ee: 000000032cba tmp2:= ADD_DSZ32(tmp10, tmp2) U65f0: 0151f5180232 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U06f5) U65f1: 10c00b824908 rsp:= ADD_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) 018000f1 SEQW UEND0 ------------------------------------------------------------------------------------ U65f2: 00210c03b008 tmp11:= CONCAT_DSZ32(0x0000000c) U65f4: 00437300023b WRITEURAM(tmp11, 0x0073, 64) 0ae91614 SEQW SAVEUIP1 U65f5 SEQW GOTO U6916 U65f5: 006377032200 SYNCWAIT-> tmp2:= READURAM(0x0077, 64) U65f6: 000d01800000 SAVEUIP_REGOVR(0x01, U65f8, 0x0001) U65f8: 000cc0a802c0 SAVEUIP(0x01, U6ac0) U65f9: 000813030008 tmp0:= ZEROEXT_DSZ32(0x00000013) U65fa: 286a4ef906b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000002b, U5e4e) U65fc: 000d02000000 SAVEUIP_REGOVR(0x00, U65fd, 0x0002) 0182b200 SEQW GOTO U02b2 U65fd: 2d0bd843200a tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U65fe: 000474031c90 tmp1:= AND_DSZ32(0x00020000, tmp2) U6600: 00049a034c90 tmp4:= AND_DSZ32(0x00040000, tmp2) U6601: 00630d033200 tmp3:= READURAM(0x000d, 64) U6602: 006520033233 tmp3:= SHR_DSZ64(tmp3, 0x00000020) U6604: 0004ff033cc8 tmp3:= AND_DSZ32(0x000000ff, tmp3) U6605: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01ea5e40 ? SEQW GOTO U6a5e U6606: 01319a031431 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00040000) U6608: 0004ff030c88 tmp0:= AND_DSZ32(0x000000ff, tmp2) U6609: 000500030cf0 tmp0:= SUB_DSZ32(tmp0, tmp3) U660a: 00339a030430 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00040000) U660c: 000100031c31 tmp1:= OR_DSZ32(tmp1, tmp0) U660d: 00c800032c72 tmp2:= ZEROEXT_DSZ8(tmp2, tmp1) 01ea6440 SEQW GOTO U6a64 ------------------------------------------------------------------------------------ U660e: 00084c5f000c tmp0:= ZEROEXT_DSZ32(0x0000974c) U6610: 00a100030c0a tmp0:= CONCAT_DSZ16(0x00004000, tmp0) U6611: 00080d532008 tmp2:= ZEROEXT_DSZ32(0x0000140d) U6612: 0d8f00032030 PORTOUT_DSZ16_ASZ16_SC1(tmp0, tmp2) U6614: 00426c000200 MOVETOCREG_DSZ64(0x00000000, 0x06c) U6615: 00a180033008 tmp3:= CONCAT_DSZ16(0x00000080) U6616: 00080c020008 rax:= ZEROEXT_DSZ32(0x0000000c) U6618: 004501032008 tmp2:= SUB_DSZ64(0x00000001) U6619: 204330000232 WRITEURAM(tmp2, 0x0030, 64) U661a: 204331000232 WRITEURAM(tmp2, 0x0031, 64) U661c: 204332000232 WRITEURAM(tmp2, 0x0032, 64) U661d: 204340000232 WRITEURAM(tmp2, 0x0040, 64) U661e: 0088f967e00a tmp14:= ZEROEXT_DSZ16(0x000059f9) U6620: 00880503f00a tmp15:= ZEROEXT_DSZ16(0x00004005) U6621: 008801030008 tmp0:= ZEROEXT_DSZ16(0x00000001) U6622: 00a100230230 tmp0:= CONCAT_DSZ16(tmp0, 0x00000800) U6624: 00887f072008 tmp2:= ZEROEXT_DSZ16(0x0000017f) U6625: 00a11f032232 tmp2:= CONCAT_DSZ16(tmp2, 0x0000001f) U6626: 000501034008 tmp4:= SUB_DSZ32(0x00000001) U6628: 0021ff034d08 tmp4:= CONCAT_DSZ32(0x000000ff, tmp4) U6629: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) 01dbb440 SEQW GOTO U5bb4 ------------------------------------------------------------------------------------ U662a: 00040a03ee48 tmp14:= AND_DSZ32(0x0000000a, tmp9) U662c: 01517668027e UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp14, U3a76) U662d: 00637803f200 tmp15:= READURAM(0x0078, 64) U662e: 186b30d9037f LFNCEMARK-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000017, U6630) 0507a580 SEQW GOTO U07a5 ------------------------------------------------------------------------------------ U6630: 00621d030200 tmp0:= MOVEFROMCREG_DSZ64(0x01d) U6631: 386a80680230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000001, U3a80) U6632: 00480003003a tmp0:= ZEROEXT_DSZ64(tmp10) U6634: 0007f003e230 tmp14:= NOTAND_DSZ32(tmp0, 0x000000f0) U6635: 01508068027e UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp14, U3a80) U6636: 0044ff033c08 LFNCEMARK-> tmp3:= AND_DSZ64(0x000000ff, tmp0) U6638: 1062850b4240 tmp4:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6639: 00080c030008 tmp0:= ZEROEXT_DSZ32(0x0000000c) U663a: 086a9e9c02b4 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp4, 0x0000000a, U079e) U663c: 004800030033 tmp0:= ZEROEXT_DSZ64(tmp3) U663d: 0eff00000000 unk_eff(0x00000000) U663e: 000001000000 ROVR<- NOP 01ab159e SEQW SAVEUIP1 U6640 SEQW GOTO lbsync_full U6640: 000810071008 tmp1:= ZEROEXT_DSZ32(0x00000110) U6641: 10429e080271 MOVETOCREG_DSZ64(tmp1, 0x29e, 32) U6642: 000101033008 tmp3:= OR_DSZ32(0x00000001) U6644: 000100035000 tmp5:= OR_DSZ32(0x00000000) U6645: 000101031008 tmp1:= OR_DSZ32(0x00000001) 01c8f640 SEQW GOTO U48f6 ------------------------------------------------------------------------------------ U6646: 000cfea00200 SAVEUIP(0x01, U08fe) U6648: 00634203f200 tmp15:= READURAM(0x0042, 64) U6649: 386b159902bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000000a, U7615) U664a: 392915d90232 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000003, U7615) U664c: 1062c40bf240 tmp15:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U664d: 386a155902bf BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000009, U7615) U664e: 006344030200 tmp0:= READURAM(0x0044, 64) U6650: 00251003f230 tmp15:= SHR_DSZ32(tmp0, 0x00000010) U6651: 00040703ffc8 tmp15:= AND_DSZ32(0x00000007, tmp15) U6652: 008500030c70 tmp0:= SUB_DSZ16(tmp0, tmp1) U6654: 0052155802f0 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U7615) U6655: 00850003fc3f tmp15:= SUB_DSZ16(tmp15, tmp0) U6656: 0153155802ff UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp15, U7615) U6658: 000001030c08 SYNCMARK-> tmp0:= ADD_DSZ32(0x00000001, tmp0) U6659: 002404030230 tmp0:= SHL_DSZ32(tmp0, 0x00000004) U665a: 0eff00000000 unk_eff(0x00000000) U665c: 000901033008ROVR<-SYNCWAIT-> tmp3:= MOVE_DSZ32(0x00000001) 0a2b151c SEQW SAVEUIP1 U665d SEQW GOTO lbsync_full U665d: 000810071008 tmp1:= ZEROEXT_DSZ32(0x00000110) U665e: 30429e080271 MOVETOCREG_DSZ64(tmp1, 0x29e, 32) U6660: 000101031008 tmp1:= OR_DSZ32(0x00000001) U6661: 000100035000 tmp5:= OR_DSZ32(0x00000000) 01c8f64a SEQW GOTO U48f6 ------------------------------------------------------------------------------------ U6662: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01c8f64a ? SEQW URET0 U6664: 100a01040200 TESTUSTATE(SYS, UST_VMX_DIS | UST_VMX_OP_DIS) 01a76900 ? SEQW GOTO generate_#UD U6665: 006343033200 tmp3:= READURAM(0x0043, 64) U6666: 00542e033233 tmp3:= BT_DSZ64(tmp3, 0x0000002e) U6668: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01df2800 ? SEQW GOTO U5f28 U6669: 188f00834000 tmp4:= unk_88f(0x00000000) U666a: 108800034034 tmp4:= ZEROEXT_DSZ16N(tmp4) U666c: 204373000234 WRITEURAM(tmp4, 0x0073, 64) U666d: 0053cc140230 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp0, U05cc) U666e: 0053cc140233 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp3, U05cc) U6670: 10650f033201 tmp3:= SHR_DSZN(r64dst, 0x0000000f) U6671: 0151cc140233 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U05cc) U6672: 00082d033008 tmp3:= ZEROEXT_DSZ32(0x0000002d) U6674: 023201034230 tmp4:= SELECTCC_DSZ32_CONDP(tmp0, 0x00000001) U6675: 000000033cf4 tmp3:= ADD_DSZ32(tmp4, tmp3) U6676: 006300033cc0 tmp3:= READURAM(tmp3) U6678: 002503034201 tmp4:= SHR_DSZ32(r64dst, 0x00000003) U6679: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U667a: 0ee500034d33 LFNCEWAIT-> tmp4:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp3, tmp4) U667c: 000407033048 tmp3:= AND_DSZ32(0x00000007, r64dst) U667d: 086acc140cf4 BTUJB_DIRECT_NOTTAKEN(tmp4, tmp3, U05cc) 01df2e40 SEQW GOTO U5f2e ------------------------------------------------------------------------------------ U667e: 0ea598039f0b tmp9:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x00000398) U6680: 00a508030239 tmp0:= SHR_DSZ16(tmp9, 0x00000008) U6681: 0004f0030c08 tmp0:= AND_DSZ32(0x000000f0, tmp0) U6682: 0004f0038c88 tmp8:= AND_DSZ32(0x000000f0, tmp2) U6684: 000500038c38 tmp8:= SUB_DSZ32(tmp8, tmp0) U6685: 013e00038e30 tmp8:= MOVEMERGEFLGS_DSZ32(tmp0, tmp8) U6686: 013700038cb8 tmp8:= CMOVCC_DSZ32_CONDNBE(tmp8, tmp2) U6688: 0e2da0038234 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp4, 0x000000a0, tmp8) U6689: 086a34010639 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp9, 0x00000020, U4034) U668a: 0004f0039e48 tmp9:= AND_DSZ32(0x000000f0, tmp9) U668c: 0004f0038e08 tmp8:= AND_DSZ32(0x000000f0, tmp8) U668d: 000500039e78 tmp9:= SUB_DSZ32(tmp8, tmp9) U668e: 013202039239 tmp9:= SELECTCC_DSZ32_CONDBE(tmp9, 0x00000002) U6690: 006343030200 tmp0:= READURAM(0x0043, 64) U6691: 005402030230 tmp0:= BT_DSZ64(tmp0, 0x00000002) U6692: 003200039e70 tmp9:= SELECTCC_DSZ32_CONDB(tmp0, tmp9) U6694: 003202030230 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000002) U6695: 00621d038200 tmp8:= MOVEFROMCREG_DSZ64(0x01d) U6696: 000700038e30 tmp8:= NOTAND_DSZ32(tmp0, tmp8) U6698: 000100038e39 tmp8:= OR_DSZ32(tmp9, tmp8) U6699: 00421d000238 LFNCEWTMRK-> MOVETOCREG_DSZ64(tmp8, 0x01d) 068000cd SEQW URET1 ------------------------------------------------------------------------------------ U669a: 000ccd280240 SAVEUIP(0x00, U2acd) U669c: 000c48c00240 SAVEUIP(0x01, U3048) U669d: 000470034ec8 tmp4:= AND_DSZ32(0x00000070, tmp11) U669e: 000520034d08 tmp4:= SUB_DSZ32(0x00000020, tmp4) U66a0: 013004034234 tmp4:= SELECTCC_DSZ32_CONDZ(tmp4, 0x00000004) U66a1: 000102034d08 tmp4:= OR_DSZ32(0x00000002, tmp4) U66a2: 1062230b1240 tmp1:= MOVEFROMCREG_DSZ64(0x223, 32) U66a4: 000700031c74 tmp1:= NOTAND_DSZ32(tmp4, tmp1) U66a5: 304223080271 MOVETOCREG_DSZ64(tmp1, 0x223, 32) U66a6: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01e6ae80 ? SEQW GOTO U66ae U66a8: 00635c032200 tmp2:= READURAM(0x005c, 64) U66a9: 001408032232 tmp2:= BT_DSZ32(tmp2, 0x00000008) U66aa: 003202032232 tmp2:= SELECTCC_DSZ32_CONDB(tmp2, 0x00000002) U66ac: 004100039cb9 tmp9:= OR_DSZ64(tmp9, tmp2) U66ad: 004102037dc8 tmp7:= OR_DSZ64(0x00000002, tmp7) U66ae: 006370034200 tmp4:= READURAM(0x0070, 64) U66b0: 004700034d37 tmp4:= NOTAND_DSZ64(tmp7, tmp4) U66b1: 3902c40b4e74 tmp4:= MOVETOCREG_OR_DSZ64(tmp4, tmp9, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT) U66b2: 29a208000634 MOVETOCREG_SHR_DSZ64(tmp4, 0x00000020, 0x008) U66b4: 002518034234 tmp4:= SHR_DSZ32(tmp4, 0x00000018) U66b5: 3902da080e34 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp4, tmp8, 0x2da) 048000cd SEQW URET1 ------------------------------------------------------------------------------------ U66b6: 052b1b03e03e tmp14:= unk_52b(tmp14) U66b8: 052bb103f03f tmp15:= unk_52b(tmp15) U66b9: 05b90003d03e tmm5:= unk_5b9(tmm6) U66ba: 04eef003efbf tmm6:= unk_4ee(tmm7, tmm6) U66bc: 04d70803fffd tmm7:= unk_4d7(tmm5, tmm7) U66bd: 06d80003efa2 tmm6:= unk_6d8(xmm2, tmm6) U66be: 06d80003ffe2 tmm7:= unk_6d8(xmm2, tmm7) U66c0: 0008000ff008 tmp15:= ZEROEXT_DSZ32(0x00000300) U66c1: 0ea60003803f tmp8:= unk_ea6(tmp15) U66c2: 0ea62003903f tmp9:= unk_ea6(tmp15) U66c4: 04ef02020e39 xmm0:= MOVHLPS(tmm1, tmm0) U66c5: 0ea64003803f tmp8:= unk_ea6(tmp15) U66c6: 0ea66003903f tmp9:= unk_ea6(tmp15) U66c8: 04ef02021e39 xmm1:= MOVHLPS(tmm1, tmm0) U66c9: 0008800ff008 tmp15:= ZEROEXT_DSZ32(0x00000380) U66ca: 0ea60003803f tmp8:= unk_ea6(tmp15) U66cc: 0ea62003903f tmp9:= unk_ea6(tmp15) U66cd: 04ef02022e39 xmm2:= MOVHLPS(tmm1, tmm0) U66ce: 0ea64003803f tmp8:= unk_ea6(tmp15) U66d0: 0ea66003903f tmp9:= unk_ea6(tmp15) U66d1: 04ef02023e39 xmm3:= MOVHLPS(tmm1, tmm0) 0361d940 SEQW GOTO U61d9 ------------------------------------------------------------------------------------ U66d2: 00626803f200 LFNCEWAIT-> tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_UIP) U66d4: 00151f030230 tmp0:= BTS_DSZ32(tmp0, 0x0000001f) U66d5: 00630e031200 tmp1:= READURAM(0x000e, 64) U66d6: 006530031231 SYNCFULL-> tmp1:= SHR_DSZ64(tmp1, 0x00000030) U66d8: 00a100031ff1 tmp1:= CONCAT_DSZ16(tmp1, tmp15) U66d9: 002100031c31 tmp1:= CONCAT_DSZ32(tmp1, tmp0) U66da: 20430e000231 WRITEURAM(tmp1, 0x000e, 64) U66dc: 00635c030200 tmp0:= READURAM(0x005c, 64) U66dd: 001408030230 tmp0:= BT_DSZ32(tmp0, 0x00000008) U66de: 00330203f230 tmp15:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000002) U66e0: 004501030008 tmp0:= SUB_DSZ64(0x00000001) U66e1: 004700030c3f tmp0:= NOTAND_DSZ64(tmp15, tmp0) U66e2: 204370000230 WRITEURAM(tmp0, 0x0070, 64) U66e4: 006320032200 tmp2:= READURAM(0x0020, 64) U66e5: 0004fe7f2c8b tmp2:= AND_DSZ32(0x00007ffe, tmp2) U66e6: 002401032c88 tmp2:= SHL_DSZ32(0x00000001, tmp2) U66e8: 000900031000 ROVR<- tmp1:= MOVE_DSZ32(0x00000000) 0182ba1c SEQW SAVEUIP1 U66e9 SEQW GOTO U02ba U66e9: 2d0b04030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00000004) U66ea: 000100030c32 tmp0:= OR_DSZ32(tmp2, tmp0) U66ec: 2d0f04030008 PORTOUT_DSZ32_ASZ16_SC1(0x00000004, tmp0) U66ed: 2d0f40000008 SYNCFULL-> PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) 08e38540 SEQW GOTO U6385 ------------------------------------------------------------------------------------ U66ee: 00050013ff88 tmp15:= SUB_DSZ32(0x00000400, tmp14) U66f0: 0053395802ff UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp15, U7639) U66f1: 200a20000200 TESTUSTATE(VMX, 0x0020) 01e6f840 ? SEQW GOTO U66f8 U66f2: 0005b003ff88 tmp15:= SUB_DSZ32(0x000000b0, tmp14) U66f4: 0150c460023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U18c4) U66f5: 0005000fff88 tmp15:= SUB_DSZ32(0x00000300, tmp14) U66f6: 0150c460023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U18c4) U66f8: 00634303f200 tmp15:= READURAM(0x0043, 64) U66f9: 386b391906bf BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000028, U7639) U66fa: 0052756c02be UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp14, U5b75) U66fc: 00250403f23e tmp15:= SHR_DSZ32(tmp14, 0x00000004) U66fd: 00210003effe tmp14:= CONCAT_DSZ32(tmp14, tmp15) U66fe: 0008450bf010 tmp15:= ZEROEXT_DSZ32(0xffffe90c) U6700: 0021d007ffd0 tmp15:= CONCAT_DSZ32(0x41ff01ff, tmp15) U6701: 386b39190fbf BTUJNB_DIRECT_NOTTAKEN(tmp15, tmp14, U7639) U6702: 00083203f010 tmp15:= ZEROEXT_DSZ32(0x0000e904) U6704: 0021cf07ffd0 tmp15:= CONCAT_DSZ32(0x41ff0100, tmp15) U6705: 00540003ffbf tmp15:= BT_DSZ64(tmp15, tmp14) U6706: 00330203f23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000002) U6708: 00010103ffc8 tmp15:= OR_DSZ32(0x00000001, tmp15) U6709: 00651e03e23e tmp14:= SHR_DSZ64(tmp14, 0x0000001e) 0918c640 SEQW GOTO U18c6 ------------------------------------------------------------------------------------ U670a: 000000000000 SYNCFULL-> NOP U670c: 00627003b200 tmp11:= MOVEFROMCREG_DSZ64(0x070) U670d: 386a7400027b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000004, U3074) U670e: 286bfebd027b BTUJNB_DIRECT_NOTTAKEN(tmp11, 0x00000006, U5ffe) U6710: 29620b800240 SYNCMARK-> MOVETOCREG_BTS_DSZ64(0x00000006, 0x00b) U6711: 00075003bec8 tmp11:= NOTAND_DSZ32(0x00000050, tmp11) U6712: 1062f91f6240 tmp6:= MOVEFROMCREG_DSZ64(0x7f9, 32) U6714: 00080903f008 tmp15:= ZEROEXT_DSZ32(0x00000009) U6715: 02010a03f23f tmp15:= unk_201(tmp15, 0x0000000a) U6716: 286afe3d0ff6 BTUJB_DIRECT_NOTTAKEN(tmp6, tmp15, U5ffe) U6718: 006209038200 SYNCWAIT-> tmp8:= MOVEFROMCREG_DSZ64(0x009) U6719: 000140038e08 tmp8:= OR_DSZ32(0x00000040, tmp8) U671a: 006200038e00 tmp8:= MOVEFROMCREG_DSZ64(tmp8) U671c: 006410038238 tmp8:= SHL_DSZ64(tmp8, 0x00000010) U671d: 006e10038238 tmp8:= SAR_DSZ64(tmp8, 0x00000010) U671e: 006209035200 tmp5:= MOVEFROMCREG_DSZ64(0x009) U6720: 000d00000000 SAVEUIP_REGOVR(0x00, U6721, 0x0000) 01b0c400 SEQW GOTO U30c4 U6721: 006401030235 tmp0:= SHL_DSZ64(tmp5, 0x00000001) U6722: 006e01030230 tmp0:= SAR_DSZ64(tmp0, 0x00000001) U6724: 086a92c80276 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000007, U0292) U6725: 000000000000 NOP 01d86a40 SEQW GOTO U586a ------------------------------------------------------------------------------------ U6726: 104207080270 MOVETOCREG_DSZ64(tmp0, 0x207, 32) U6728: 104209080271 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x209, 32) U6729: 1062330b0240 tmp0:= MOVEFROMCREG_DSZ64(0x233, 32) U672a: 1062340b1240 tmp1:= MOVEFROMCREG_DSZ64(0x234, 32) U672c: 074700038030 tmm0:= unk_747(mm0) U672d: 074601038e31 tmm0:= unk_746(mm1, tmm0) U672e: 10620a0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x20a, 32) U6730: 10620b0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x20b, 32) U6731: 074700039030 tmm1:= unk_747(mm0) U6732: 074601039e71 SYNCFULL-> tmm1:= unk_746(mm1, tmm1) U6734: 104233080240 MOVETOCREG_DSZ64(0x00000000, 0x233, 32) U6735: 104234080240 MOVETOCREG_DSZ64(0x00000000, 0x234, 32) U6736: 104207080240 MOVETOCREG_DSZ64(0x00000000, 0x207, 32) U6738: 104209080240 MOVETOCREG_DSZ64(0x00000000, 0x209, 32) U6739: 190208880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x208) 01f66151 SEQW SAVEUIP0 U673a SEQW GOTO U7661 U673a: 2dcbd843000a tmp0:= PORTIN_DSZ8_ASZ16_SC1(0x000050d8) U673c: 00c520030230 tmp0:= SUB_DSZ8(tmp0, 0x00000020) U673d: 000c3e1c02c0 SAVEUIP(0x00, U673e) U673e: 015099600270 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U3899) U6740: 04c700038e38 tmm0:= XORPD(tmm0, tmm0) U6741: 00c501030c08 tmp0:= SUB_DSZ8(0x00000001, tmp0) 01f66140 SEQW GOTO U7661 ------------------------------------------------------------------------------------ U6742: 01501d0802b1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U421d) U6744: 000410032d48 tmp2:= AND_DSZ32(0x00000010, tmp5) U6745: 013401032232 tmp2:= CMOVCC_DSZ32_CONDZ(tmp2, 0x00000001) U6746: 00080103a008 tmp10:= ZEROEXT_DSZ32(0x00000001) U6748: 07040003903a tmm1:= unk_704(tmm2) U6749: 07430003ce72 tmm4:= unk_743(mm2, tmm1) U674a: 04830003f03c tmm7:= unk_483(tmm4) U674c: 00940a030235 tmp0:= BT_DSZ16(tmp5, 0x0000000a) U674d: 003301031230 tmp1:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000001) U674e: 074300039e31 tmm1:= unk_743(mm1, tmm0) U6750: 048200038ff9 tmm0:= unk_482(tmm1, tmm7) U6751: 04960003eebb tmm6:= unk_496(tmm3, tmm2) U6752: 053f00038e3e tmm0:= unk_53f(tmm6, tmm0) U6754: 072c00038038 tmp8:= PINTMOVDTMM2I_DSZ32(tmm0) U6755: 00c401033e08 tmp3:= AND_DSZ8(0x00000001, tmp8) U6756: 0151581c02f3 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U6758) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U6758: 00810403cf08 tmp12:= OR_DSZ16(0x00000004, tmp12) U6759: 06a017079000 tmp9:= unk_6a0(0x00000000) U675a: 053f00038e78 tmm0:= unk_53f(tmm0, tmm1) U675c: 006286134200 tmp4:= MOVEFROMCREG_DSZ64(0x486) U675d: 008404030d08 tmp0:= AND_DSZ16(0x00000004, tmp4) U675e: 015048640230 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U1948) 01923680 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U6760: 00621b038200 tmp8:= MOVEFROMCREG_DSZ64(0x01b) 01b91614 SEQW SAVEUIP1 U6761 SEQW GOTO U3916 U6761: 00040063ec8b tmp14:= AND_DSZ32(0x00007800, tmp2) U6762: 004600038e3e tmp8:= XOR_DSZ64(tmp14, tmp8) U6764: 2042521c0238 SYNCMARK-> MOVETOCREG_DSZ64(tmp8, 0x752) U6765: 014300235e00 tmp5:= AETTRACE(0x00000000, 0x08, tmp8) U6766: 000126032c90 tmp2:= OR_DSZ32(0x00008000, tmp2) U6768: 01890103a008 tmp10:= ADDSUB_DSZ16_CONDD(0x00000001) U6769: 02310103a23a tmp10:= SELECTCC_DSZ32_CONDNS(tmp10, 0x00000001) U676a: 00850003aea1 tmp10:= SUB_DSZ16(rcx, tmp10) U676c: 01896203a43a tmp10:= ADDSUB_DSZ16_CONDD(tmp10, 0x00018000) U676d: 10852703f850 SYNCWAIT-> tmp15:= SUB_DSZN(0x00008001, rcx) U676e: 00330003aebf tmp10:= SELECTCC_DSZ32_CONDNB(tmp15, tmp10) U6770: 00886203a43a tmp10:= ZEROEXT_DSZ16(tmp10, 0x00018000) U6771: 01420e034e80 tmp4:= UFLOWCTRL(MSLOOPCTR, tmp10) U6772: 013e4917bfc9 tmp11:= MOVEMERGEFLGS_DSZ32(0x00002549, tmp15) U6774: 00375817b27b tmp11:= CMOVCC_DSZ32_CONDNB(tmp11, 0x00002558) U6775: 01420a034ec0 SYNCMARK-> tmp4:= UFLOWCTRL(URET0, tmp11) U6776: 002100032cba tmp2:= CONCAT_DSZ32(tmp10, tmp2) U6778: 00aa0003103a tmp1:= unk_0aa(tmp10) U6779: 108500031031 tmp1:= SUB_DSZN(tmp1) U677a: 10a400031cb1 tmp1:= SHL_DSZN(tmp1, tmp2) U677c: 000c6693e208 SYNCWAIT-> tmp14:= SAVEUIP(0x01, U0466) 0a678248 SEQW URET0 ------------------------------------------------------------------------------------ U677d: 100a02800200 TESTUSTATE(SYS, !UST_USER_MODE) 0a678248 ? SEQW GOTO U6782 U677e: 0062e11f2200 tmp2:= MOVEFROMCREG_DSZ64(0x7e1) U6780: 186b111c0232 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000000, generate_#GP) U6781: 100ac0800200 LFNCEMARK-> TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 048000c9 ? SEQW URET0 U6782: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U6784: 013e1f030e08 tmp0:= MOVEMERGEFLGS_DSZ32(0x0000001f, tmp8) U6785: 003620030230 tmp0:= CMOVCC_DSZ32_CONDB(tmp0, 0x00000020) U6786: 003200237238 tmp7:= SELECTCC_DSZ32_CONDB(tmp8, 0x00000800) U6788: 003247033438 tmp3:= SELECTCC_DSZ32_CONDB(tmp8, 0x00010000) U6789: 204200000233 MOVETOCREG_DSZ64(tmp3, 0x000) U678a: 00a1813b32b0 tmp3:= CONCAT_DSZ16(tmp0, 0x00004e81) U678c: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01e79100 ? SEQW GOTO U6791 U678d: 006343032200 tmp2:= READURAM(0x0043, 64) U678e: 00634d03c200 tmp12:= READURAM(0x004d, 64) U6790: 000d00800000 SAVEUIP_REGOVR(0x01, U6791, 0x0000) 01b97900 SEQW GOTO U3979 U6791: 00631103c200 tmp12:= READURAM(0x0011, 64) U6792: 0088907f3cc8 tmp3:= ZEROEXT_DSZ16(0x00001f90, tmp3) U6794: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 018000c8 ? SEQW URET0 U6795: 00634c032200 tmp2:= READURAM(0x004c, 64) U6796: 0e65c007cf0a tmp12:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002c0, mode=0x01) U6798: 000d01800000 SAVEUIP_REGOVR(0x01, U6799, 0x0001) 01b97909 SEQW GOTO U3979 U6799: 000800000000 NOP 01b97909 SEQW URET0 ------------------------------------------------------------------------------------ U679a: 06a02603b000 tmp11:= unk_6a0(0x00000000) U679c: 06a02703c000 tmp12:= unk_6a0(0x00000000) U679d: 06e10003defa tmm5:= unk_6e1(tmm2, tmm3) U679e: 06a02403b000 tmp11:= unk_6a0(0x00000000) U67a0: 06e10003ef3a tmm6:= unk_6e1(tmm2, tmm4) U67a1: 06490003df7b tmm5:= unk_649(tmm3, tmm5) U67a2: 06a02503c000 tmp12:= unk_6a0(0x00000000) U67a4: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U67a5: 06490003efbc tmm6:= unk_649(tmm4, tmm6) U67a6: 06a02203b000 tmp11:= unk_6a0(0x00000000) U67a8: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U67a9: 06a02303c000 tmp12:= unk_6a0(0x00000000) U67aa: 06490003df7b tmm5:= unk_649(tmm3, tmm5) U67ac: 06490003efbc tmm6:= unk_649(tmm4, tmm6) U67ad: 06e10003df79 tmm5:= unk_6e1(tmm1, tmm5) U67ae: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U67b0: 06a04003c000 tmp12:= unk_6a0(0x00000000) U67b1: 06c90003dfbd tmm5:= unk_6c9(tmm5, tmm6) U67b2: 07020003f032 tmm7:= unk_702(mm2) U67b4: 04960003cffc tmm4:= unk_496(tmm4, tmm7) U67b5: 04960003dffd tmm5:= unk_496(tmm5, tmm7) U67b6: 268900008f7c mm0:= unk_689(tmm4, tmm5) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U67b8: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U67b9: 00940f03f231 tmp15:= BT_DSZ16(tmp1, 0x0000000f) U67ba: 017e00038ff8 tmp8:= MOVEMERGEFLGS_DSZ64(tmp8, tmp15) U67bc: 007700038e78 tmp8:= CMOVCC_DSZ64_CONDNB(tmp8, tmp9) U67bd: 00800803cc48 tmp12:= ADD_DSZ16(0x00000008, tmp1) U67be: 00250303a23c tmp10:= SHR_DSZ32(tmp12, 0x00000003) U67c0: 00160c03a23a tmp10:= BTR_DSZ32(tmp10, 0x0000000c) U67c1: 017e00039eb9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp10) U67c2: 007600039e39 tmp9:= CMOVCC_DSZ64_CONDB(tmp9, tmp8) U67c4: 017e00039f39 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp12) U67c5: 00250303c231 tmp12:= SHR_DSZ32(tmp1, 0x00000003) U67c6: 00160c03c23c tmp12:= BTR_DSZ32(tmp12, 0x0000000c) U67c8: 0ee50073aeb9 tmp10:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp9, tmp10, mode=0x1c) U67c9: 0033ff7ff7f9 tmp15:= SELECTCC_DSZ32_CONDNB(tmp9, 0xffffffffffffffff) U67ca: 00c10003aebf tmp10:= OR_DSZ8(tmp15, tmp10) U67cc: 0ee50073cf38 tmp12:= LDPPHYSTICKLE_DSZ8_ASZ64_SC1(tmp8, tmp12, mode=0x1c) U67cd: 00e10003cf3a tmp12:= CONCAT_DSZ8(tmp10, tmp12) U67ce: 00040703fc48 tmp15:= AND_DSZ32(0x00000007, tmp1) U67d0: 00250003cffc tmp12:= SHR_DSZ32(tmp12, tmp15) U67d1: 00250f03fc88 tmp15:= SHR_DSZ32(0x0000000f, tmp2) U67d2: 00040003cf3f tmp12:= AND_DSZ32(tmp15, tmp12) U67d4: 0151d440027c UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp12, U30d4) 018000cc SEQW URET1 ------------------------------------------------------------------------------------ U67d5: 10c50b832908 tmp2:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U67d6: 1c38006a5032 STAD_DSZN_ASZ32_SC1(SS, tmp2, mode=0x1a, rbp) U67d8: 0151d91c02f0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U67d9) 0967ed00 SEQW GOTO U67ed ------------------------------------------------------------------------------------ U67d9: 00621b037200 tmp7:= MOVEFROMCREG_DSZ64(0x01b) U67da: 0042521c0237 SYNCFULL-> MOVETOCREG_DSZ64(tmp7, 0x752) U67dc: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U67dd: 10050b835908 tmp5:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U67de: 10c50b832c88 tmp2:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, tmp2) U67e0: 0150ea1c02f0 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U67ea) U67e1: 10c50b833948 tmp3:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rbp) U67e2: 1c30006b4033 tmp4:= LDZX_DSZN_ASZ32_SC1(SS, tmp3, mode=0x1a) U67e4: 10c50b833cc8 tmp3:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, tmp3) U67e5: 1c38006b4032 STAD_DSZN_ASZ32_SC1(SS, tmp2, mode=0x1a, tmp4) U67e6: 10c50b832c88 tmp2:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, tmp2) U67e8: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U67e9: 0150ea1c02f0 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U67ea) 01e7e240 SEQW GOTO U67e2 ------------------------------------------------------------------------------------ U67ea: 1c38006b5032 STAD_DSZN_ASZ32_SC1(SS, tmp2, mode=0x1a, tmp5) U67ec: 125600000000 unk_256(0x00000000) U67ed: 1c3200680c72 unk_c32(tmp2, tmp1) U67ee: 10050b833908 tmp3:= SUB_DSZN(IMM_MACRO_ALIAS_DATASIZE, rsp) U67f0: 10c000032cb1 tmp2:= ADD_DSZN(tmp1, tmp2) U67f1: 100800025973 rbp:= ZEROEXT_DSZ32N(tmp3, rbp) U67f2: 10c800024932 rsp:= ZEROEXT_DSZ8N(tmp2, rsp) 018000f2 SEQW UEND0 ------------------------------------------------------------------------------------ U67f4: 213f00000035 unk_13f(tmp5) U67f5: 0042fe1c0235 MOVETOCREG_DSZ64(tmp5, CORE_CR_EFLAGS) U67f6: 000400039e75 tmp9:= AND_DSZ32(tmp5, tmp9) U67f8: 001411037235 tmp7:= BT_DSZ32(tmp5, 0x00000011) U67f9: 003303037237 tmp7:= SELECTCC_DSZ32_CONDNB(tmp7, 0x00000003) U67fa: 01310303423d tmp4:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000003) U67fc: 000100037d37 tmp7:= OR_DSZ32(tmp7, tmp4) U67fd: 0c4b80274000 tmp4:= RDSEGFLD(UNK_SEG_09, SEL) U67fe: 29029e1c0df4 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp4, tmp7, 0x79e) U6800: 01316003423d tmp4:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000060) U6801: 002410034234 tmp4:= SHL_DSZ32(tmp4, 0x00000010) U6802: 0c4ba00f7000 LFNCEWAIT-> tmp7:= RDSEGFLD(SS, SEL+FLGS+LIM) U6804: 004100037d37 tmp7:= OR_DSZ64(tmp7, tmp4) U6805: 0c6ba3000037 WRSEGFLD(tmp7, SS, SEL+FLGS+LIM) U6806: 296272400300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x072) U6808: 00501410023d UJMPCC_DIRECT_NOTTAKEN_CONDO(tmp13, U0414) U6809: 000828033008 tmp3:= ZEROEXT_DSZ32(0x00000028) U680a: 0004fc031d88 tmp1:= AND_DSZ32(0x000000fc, tmp6) U680c: 00053403fc48 tmp15:= SUB_DSZ32(0x00000034, tmp1) U680d: 01503a1002ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U643a) U680e: 00531410023d UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp13, U0414) U6810: 00052c03fc48 tmp15:= SUB_DSZ32(0x0000002c, tmp1) U6811: 01511410023f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U0414) 01e43a40 SEQW GOTO U643a ------------------------------------------------------------------------------------ U6812: 00810803cf08 tmp12:= OR_DSZ16(0x00000008, tmp12) U6814: 006286133200 tmp3:= MOVEFROMCREG_DSZ64(0x486) U6815: 008408032cc8 tmp2:= AND_DSZ16(0x00000008, tmp3) U6816: 0150b9300232 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U0cb9) U6818: 00a50a034233 tmp4:= SHR_DSZ16(tmp3, 0x0000000a) U6819: 00c403034d08 tmp4:= AND_DSZ8(0x00000003, tmp4) U681a: 072a00035038 mm5:= unk_72a(tmm0) U681c: 00c401032d48 tmp2:= AND_DSZ8(0x00000001, tmp5) U681d: 013e0c033c88 tmp3:= MOVEMERGEFLGS_DSZ32(0x0000000c, tmp2) U681e: 01350a032233 tmp2:= CMOVCC_DSZ32_CONDNZ(tmp3, 0x0000000a) U6820: 00e500033d32 tmp3:= SHR_DSZ8(tmp2, tmp4) U6821: 00c401033cc8 tmp3:= AND_DSZ8(0x00000001, tmp3) U6822: 06a01707c000 tmp12:= unk_6a0(0x00000000) U6824: 06a01907a000 tmp10:= unk_6a0(0x00000000) U6825: 07430003cf33 tmm4:= unk_743(mm3, tmm4) U6826: 048300038ebc tmm0:= unk_483(tmm4, tmm2) U6828: 070200038e35 tmm0:= unk_702(mm5, tmm0) U6829: 013e12034cc8 tmp4:= MOVEMERGEFLGS_DSZ32(0x00000012, tmp3) U682a: 013410035234 tmp5:= CMOVCC_DSZ32_CONDZ(tmp4, 0x00000010) U682c: 27400003e035 LFNCEMARK-> tmm6:= unk_740(mm5) U682d: 00a509032236 tmp2:= SHR_DSZ16(tmp6, 0x00000009) U682e: 00c400033cb3 tmp3:= AND_DSZ8(tmp3, tmp2) U6830: 0151e92c0233 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp3, U0be9) 01923600 SEQW GOTO U1236 ------------------------------------------------------------------------------------ U6831: 002100031c31 tmp1:= CONCAT_DSZ32(tmp1, tmp0) U6832: 00210003ccb3 tmp12:= CONCAT_DSZ32(tmp3, tmp2) U6834: 002100030d38 tmp0:= CONCAT_DSZ32(tmp8, tmp4) U6835: 00210003ae7a tmp10:= CONCAT_DSZ32(tmp10, tmp9) U6836: 006262172200 tmp2:= MOVEFROMCREG_DSZ64(0x562) U6838: 0047ff3f2c88 tmp2:= NOTAND_DSZ64(0x00000fff, tmp2) U6839: 0e7520074008 tmp4:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000120) U683a: 004000036f7e tmp6:= ADD_DSZ64(tmp14, tmp13) U683c: 004060036d88 tmp6:= ADD_DSZ64(0x00000060, tmp6) U683d: 0e65de035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0xffffffffffffffde) U683e: 3929d9200d71 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, tmp5, U38d9) U6840: 0e65e6035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0xffffffffffffffe6) U6841: 3929d9200d7c CMPUJNZ_DIRECT_NOTTAKEN(tmp12, tmp5, U38d9) U6842: 0e65ee035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0xffffffffffffffee) U6844: 3929d9200d70 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, tmp5, U38d9) U6845: 0e65f6035034 tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp4, 0xfffffffffffffff6) U6846: 3929d9200d7a CMPUJNZ_DIRECT_NOTTAKEN(tmp10, tmp5, U38d9) U6848: 006315030200 tmp0:= READURAM(0x0015, 64) U6849: 204315000236 WRITEURAM(tmp6, 0x0015, 64) U684a: 0e6520076032 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000020, mode=0x01) U684c: 3962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U684d: 2929a6380036 CMPUJNZ_DIRECT_NOTTAKEN(tmp6, 0x00000000, patch_runs_load_loop) U684e: 0e6d20070032 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, 0x00000020, mode=0x01, tmp0) 019ea680 SEQW GOTO patch_runs_load_loop ------------------------------------------------------------------------------------ U6850: 00621b038200 tmp8:= MOVEFROMCREG_DSZ64(0x01b) 01b91614 SEQW SAVEUIP1 U6851 SEQW GOTO U3916 U6851: 00040063ec8b tmp14:= AND_DSZ32(0x00007800, tmp2) U6852: 004600038e3e tmp8:= XOR_DSZ64(tmp14, tmp8) U6854: 2042521c0238 SYNCMARK-> MOVETOCREG_DSZ64(tmp8, 0x752) U6855: 014300235e00 tmp5:= AETTRACE(0x00000000, 0x08, tmp8) U6856: 000126032c90 tmp2:= OR_DSZ32(0x00008000, tmp2) U6858: 01890103a008 tmp10:= ADDSUB_DSZ16_CONDD(0x00000001) U6859: 02310103a23a tmp10:= SELECTCC_DSZ32_CONDNS(tmp10, 0x00000001) U685a: 00850003aea1 tmp10:= SUB_DSZ16(rcx, tmp10) U685c: 01896203a43a tmp10:= ADDSUB_DSZ16_CONDD(tmp10, 0x00018000) U685d: 10852703f850 SYNCWAIT-> tmp15:= SUB_DSZN(0x00008001, rcx) U685e: 00330003aebf tmp10:= SELECTCC_DSZ32_CONDNB(tmp15, tmp10) U6860: 00886203a43a tmp10:= ZEROEXT_DSZ16(tmp10, 0x00018000) U6861: 01420e034e80 tmp4:= UFLOWCTRL(MSLOOPCTR, tmp10) U6862: 013eea6fbfc8 tmp11:= MOVEMERGEFLGS_DSZ32(0x00001bea, tmp15) U6864: 0037f96fb23b tmp11:= CMOVCC_DSZ32_CONDNB(tmp11, 0x00001bf9) U6865: 000c86180200 SAVEUIP(0x00, U0686) U6866: 01420a034ef4 tmp4:= UFLOWCTRL(tmp4, URET0, tmp11) U6868: 002100032cba tmp2:= CONCAT_DSZ32(tmp10, tmp2) U6869: 00aa0003103a tmp1:= unk_0aa(tmp10) U686a: 108500031031 tmp1:= SUB_DSZN(tmp1) U686c: 10a400031cb1 tmp1:= SHL_DSZN(tmp1, tmp2) U686d: 000c6693e208 tmp14:= SAVEUIP(0x01, U0466) 018000c9 SEQW URET0 ------------------------------------------------------------------------------------ U686e: 000837030008 tmp0:= ZEROEXT_DSZ32(0x00000037) U6870: 000d32800000 SAVEUIP_REGOVR(0x01, U6871, 0x0032) 019d0200 SEQW GOTO U1d02 U6871: 000100030021 tmp0:= OR_DSZ32(rcx) U6872: 1929111c0030 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, generate_#GP) U6874: 002100034822 tmp4:= CONCAT_DSZ32(rdx, rax) U6875: 186b111c0234 BTUJNB_DIRECT_NOTTAKEN(tmp4, 0x00000000, generate_#GP) U6876: 00471b030d08 tmp0:= NOTAND_DSZ64(0x0000001b, tmp4) U6878: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U6879: 000408030d08 tmp0:= AND_DSZ32(0x00000008, tmp4) U687a: 000410031d08 tmp1:= AND_DSZ32(0x00000010, tmp4) U687c: 017010030230 tmp0:= SELECTCC_DSZ64_CONDZ(tmp0, 0x00000010) U687d: 1929111c0c70 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, tmp1, generate_#GP) U687e: 206335030200 tmp0:= READURAM(0x0035, 64) U6880: 00543c030230 tmp0:= BT_DSZ64(tmp0, 0x0000003c) U6881: 003318030230 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x00000018) U6882: 000400030d30 tmp0:= AND_DSZ32(tmp0, tmp4) U6884: 0151111c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, generate_#GP) U6885: 00635b031200 LFNCEWAIT-> tmp1:= READURAM(0x005b, 64) U6886: 006438030234 tmp0:= SHL_DSZ64(tmp4, 0x00000038) U6888: 20435b000230 WRITEURAM(tmp0, 0x005b, 64) U6889: 004600031c31 tmp1:= XOR_DSZ64(tmp1, tmp0) U688a: 386a69e007b1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000003b, U3869) U688c: 000000000000 NOP 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U688d: 10628c0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x38c, 32) U688e: 0007060b0430 tmp0:= NOTAND_DSZ32(tmp0, 0xa0000000) U6890: 013e00130c08 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000400, tmp0) U6891: 0135a81f0230 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x000007a8) U6892: 204200000c23 MOVETOCREG_DSZ64(rbx, tmp0) U6894: 00099823000b tmp0:= MOVE_DSZ32(0x00006898) U6895: 00a188030c08 tmp0:= CONCAT_DSZ16(0x00000088, tmp0) U6896: 204307080230 WRITEURAM(tmp0, 0x0007, 32) U6898: 021e7f000200 SIGEVENT(0x0000007f) U6899: 00631f030200 LFNCEWAIT-> tmp0:= READURAM(0x001f, 64) U689a: 000101030c08 tmp0:= OR_DSZ32(0x00000001, tmp0) U689c: 20431f080230 WRITEURAM(tmp0, 0x001f, 32) 0184fc10 SEQW SAVEUIP0 U689d SEQW GOTO U04fc U689d: 000913079010 tmp9:= MOVE_DSZ32(0x00700084) U689e: 002100039239 tmp9:= CONCAT_DSZ32(tmp9, 0x00000000) U68a0: 000800037008 tmp7:= ZEROEXT_DSZ32(0x00000000) U68a1: 200a01800200 TESTUSTATE(VMX, !0x0001) 01e8a840 ? SEQW GOTO U68a8 U68a2: 0062fe1f8200 tmp8:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U68a4: 0007000b8238 tmp8:= NOTAND_DSZ32(tmp8, 0x00000200) U68a5: 002509038238 tmp8:= SHR_DSZ32(tmp8, 0x00000009) U68a6: 004100039e78 tmp9:= OR_DSZ64(tmp8, tmp9) U68a8: 0008000b2008 tmp2:= ZEROEXT_DSZ32(0x00000200) U68a9: 3042f1080272 MOVETOCREG_DSZ64(tmp2, 0x2f1, 32) U68aa: 000808038008 tmp8:= ZEROEXT_DSZ32(0x00000008) U68ac: 00087903b010 tmp11:= ZEROEXT_DSZ32(0x00020101) 01e69a00 SEQW GOTO U669a ------------------------------------------------------------------------------------ U68ad: 20438d00023e WRITEURAM(tmp14, 0x008d, 64) U68ae: 00635c037200 tmp7:= READURAM(0x005c, 64) U68b0: 001410037237 tmp7:= BT_DSZ32(tmp7, 0x00000010) U68b1: 004500439f88 tmp9:= SUB_DSZ64(0x00001000, tmp14) U68b2: 017e00039df9 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp7) U68b4: 00621b177200 tmp7:= MOVEFROMCREG_DSZ64(0x51b) U68b5: 00c800037dc0 tmp7:= ZEROEXT_DSZ8(tmp7) U68b6: 007600037df9 tmp7:= CMOVCC_DSZ64_CONDB(tmp9, tmp7) U68b8: 0040200f8dc8 tmp8:= ADD_DSZ64(0x00000320, tmp7) U68b9: 20434e000238 LFNCEMARK-> WRITEURAM(tmp8, 0x004e, 64) U68ba: 000e1f000200 WRMSLOOPCTRFBR(0x0000001f) U68bc: 000824079008 tmp9:= ZEROEXT_DSZ32(0x00000124) U68bd: 07160003d039 tmm5:= FPREADROM_DTYPENOP(tmp9) U68be: 076c0003a03d tmp10:= PINTMOVDTMM2I_DSZ64(tmm5) U68c0: 0e6d0003a038 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, tmp10) U68c1: 000001039e48 tmp9:= ADD_DSZ32(0x00000001, tmp9) U68c2: 004008038e08 tmp8:= ADD_DSZ64(0x00000008, tmp8) U68c4: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01e8bd00 ? SEQW GOTO U68bd U68c5: 00526a0c027d UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp13, U236a) U68c6: 004080035f88 tmp5:= ADD_DSZ64(0x00000080, tmp14) U68c8: 000804036008 tmp6:= ZEROEXT_DSZ32(0x00000004) U68c9: 0088441bb00a tmp11:= ZEROEXT_DSZ16(0x00004644) U68ca: 00a10103bec8 tmp11:= CONCAT_DSZ16(0x00000001, tmp11) U68cc: 20434708023b WRITEURAM(tmp11, 0x0047, 32) 01d0c400 SEQW GOTO calc_sha256_start ------------------------------------------------------------------------------------ U68cd: 02030103f200 tmp15:= unk_203(0x00000001) U68ce: 01506130027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U2c61) U68d0: 186a6170037d BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000015, U2c61) U68d1: 186a61f002b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x0000000b, U2c61) U68d2: 006325035200 tmp5:= READURAM(0x0025, 64) U68d4: 0e2504036d48 tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, 0x00000004) U68d5: 192961300036 CMPUJNZ_DIRECT_NOTTAKEN(tmp6, 0x00000000, U2c61) U68d6: 006204033200 tmp3:= MOVEFROMCREG_DSZ64(0x004) U68d8: 00631f03f200 tmp15:= READURAM(0x001f, 64) U68d9: 00010003fcff tmp15:= OR_DSZ32(tmp15, tmp3) U68da: 0004000bffc8 tmp15:= AND_DSZ32(0x00000200, tmp15) U68dc: 01307b07f43f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x08000000) U68dd: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) U68de: 000703033cc8 tmp3:= NOTAND_DSZ32(0x00000003, tmp3) U68e0: 290204800233 MOVETOCREG_OR_DSZ64(tmp3, 0x00000002, 0x004) U68e1: 000501036008 tmp6:= SUB_DSZ32(0x00000001) U68e2: 0ea59e073f0b tmp3:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp12, 0x0000039e, mode=0x01) U68e4: 0e2d00030d48 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, tmp0) U68e5: 0e2d04036d48 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, 0x00000004, tmp6) U68e6: 0ead20033d48 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp5, 0x00000020, tmp3) U68e8: 0e6d08031d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000008, tmp1) U68e9: 0e6d18032d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000018, tmp2) U68ea: 0e6d10039d48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp5, 0x00000010, tmp9) U68ec: 021e51000200 SIGEVENT(0x00000051) 01879d00 SEQW GOTO U079d ------------------------------------------------------------------------------------ U68ed: 006275173200 tmp3:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U68ee: 000700234233 tmp4:= NOTAND_DSZ32(tmp3, 0x00000800) U68f0: 0047ff3f3cc8 tmp3:= NOTAND_DSZ64(0x00000fff, tmp3) U68f1: 00627417d200 tmp13:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U68f2: 000100034d3b tmp4:= OR_DSZ32(tmp11, tmp4) U68f4: 00440003df73 tmp13:= AND_DSZ64(tmp3, tmp13) U68f5: 004400033ff3 tmp3:= AND_DSZ64(tmp3, tmp15) U68f6: 004500033cfd tmp3:= SUB_DSZ64(tmp13, tmp3) U68f8: 004100034cf4 tmp4:= OR_DSZ64(tmp4, tmp3) U68f9: 013103034234 tmp4:= SELECTCC_DSZ32_CONDNZ(tmp4, 0x00000003) U68fa: 006273173200 tmp3:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U68fc: 00070023d233 tmp13:= NOTAND_DSZ32(tmp3, 0x00000800) U68fd: 00010003df7b tmp13:= OR_DSZ32(tmp11, tmp13) U68fe: 0047ff3f3cc8 tmp3:= NOTAND_DSZ64(0x00000fff, tmp3) U6900: 00627217b200 tmp11:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_BASE) U6901: 00040003bef3 tmp11:= AND_DSZ32(tmp3, tmp11) U6902: 004400033ff3 tmp3:= AND_DSZ64(tmp3, tmp15) U6904: 004500033cfb tmp3:= SUB_DSZ64(tmp11, tmp3) U6905: 00410003dcfd tmp13:= OR_DSZ64(tmp13, tmp3) U6906: 01310303d23d tmp13:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000003) U6908: 00320003df7c tmp13:= SELECTCC_DSZ32_CONDB(tmp12, tmp13) U6909: 000100034f74 tmp4:= OR_DSZ32(tmp4, tmp13) U690a: 00621b173200 tmp3:= MOVEFROMCREG_DSZ64(0x51b) U690c: 008800033cf4 tmp3:= ZEROEXT_DSZ16(tmp4, tmp3) 018000cc SEQW URET1 ------------------------------------------------------------------------------------ U690d: 00080403b008 tmp11:= ZEROEXT_DSZ32(0x00000004) U690e: 104000033d3d tmp3:= ADD_DSZN(tmp13, tmp4) U6910: 104501033cc8 tmp3:= SUB_DSZN(0x00000001, tmp3) U6911: 025d00032cf3 tmp2:= TEST_DSZ64(tmp3, tmp3) U6912: 0150f11c0272 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, patch_apply_error) U6914: 20438d000234 WRITEURAM(tmp4, 0x008d, 64) U6915: 000c198002c0 SAVEUIP(0x01, U6019) U6916: 006320031200 tmp1:= READURAM(0x0020, 64) U6918: 006530030231 tmp0:= SHR_DSZ64(tmp1, 0x00000030) U6919: 0004fe7f1c4b tmp1:= AND_DSZ32(0x00007ffe, tmp1) U691a: 002501031231 tmp1:= SHR_DSZ32(tmp1, 0x00000001) U691c: 001600030c70 tmp0:= BTR_DSZ32(tmp0, tmp1) U691d: 2d0b04031008 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00000004) U691e: 19282a250031 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U692a) U6920: 000e0f033200 tmp3:= WRMSLOOPCTRFBR(0x0000000f) U6921: 002401033233 tmp3:= SHL_DSZ32(tmp3, 0x00000001) U6922: 00251e032231 tmp2:= SHR_DSZ32(tmp1, 0x0000001e) U6924: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U6925: 000100033cf2 tmp3:= OR_DSZ32(tmp2, tmp3) U6926: 002402031231 tmp1:= SHL_DSZ32(tmp1, 0x00000002) U6928: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01e92100 ? SEQW GOTO U6921 U6929: 000700030c33 tmp0:= NOTAND_DSZ32(tmp3, tmp0) U692a: 002100030030 tmp0:= CONCAT_DSZ32(tmp0) U692c: 204353040230 SYNCMARK-> WRITEURAM(tmp0, 0x0153, 64) 0c0000cc SEQW URET1 ------------------------------------------------------------------------------------ U692d: 2062fe1fa200 tmp10:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U692e: 23800003ae80 tmp10:= READAFLAGS(tmp10) U6930: 000800039000 tmp9:= ZEROEXT_DSZ32(0x00000000) U6931: 00080003403d tmp4:= ZEROEXT_DSZ32(tmp13) U6932: 100a4083d200 tmp13:= TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01e93980 ? SEQW GOTO U6939 U6934: 00631403f200 tmp15:= READURAM(0x0014, 64) U6935: 00651503f23f tmp15:= SHR_DSZ64(tmp15, 0x00000015) U6936: 00140003fcbf tmp15:= BT_DSZ32(tmp15, tmp2) U6938: 00337403d43f tmp13:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00020000) U6939: 0008f6032031 ROVR<- tmp2:= ZEROEXT_DSZ32(tmp1) 01850c5d SEQW SAVEUIP1 U693a SEQW GOTO U050c U693a: 000800031000 tmp1:= ZEROEXT_DSZ32(0x00000000) U693c: 0902fe1fae7a tmp10:= MOVETOCREG_OR_DSZ64(tmp10, tmp9, CORE_CR_EFLAGS) U693d: 00c51203ac88 LFNCEMARK-> tmp10:= SUB_DSZ8(0x00000012, tmp2) U693e: 01310023a23a tmp10:= SELECTCC_DSZ32_CONDNZ(tmp10, 0x00000800) U6940: 00c50103fc88 tmp15:= SUB_DSZ8(0x00000001, tmp2) U6941: 0150422402ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U6942) 01e94840 SEQW GOTO U6948 ------------------------------------------------------------------------------------ U6942: 0008f503f008 tmp15:= ZEROEXT_DSZ32(0x000000f5) U6944: 00420b00023f MOVETOCREG_DSZ64(tmp15, 0x00b) U6945: 00621c031200 tmp1:= MOVEFROMCREG_DSZ64(0x01c) U6946: 20421c000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x01c) U6948: 000100430e88 tmp0:= OR_DSZ32(0x00001000, tmp10) 01a89910 SEQW SAVEUIP0 U6949 SEQW GOTO U2899 U6949: 00151f032232 tmp2:= BTS_DSZ32(tmp2, 0x0000001f) U694a: 000100032cb5 tmp2:= OR_DSZ32(tmp5, tmp2) U694c: 00620003a200 LFNCEWAIT-> tmp10:= MOVEFROMCREG_DSZ64(0x000) U694d: 286a927c033d BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000011, U1f92) 024e8440 SEQW GOTO U4e84 ------------------------------------------------------------------------------------ U694e: 00250d03423e tmp4:= SHR_DSZ32(tmp14, 0x0000000d) U6950: 0084fc7f2c9f tmp2:= AND_DSZ16(0xfffffffffffffffc, tmp2) U6951: 000403034d08 tmp4:= AND_DSZ32(0x00000003, tmp4) U6952: 008100032cb4 tmp2:= OR_DSZ16(tmp4, tmp2) U6954: 000401034d08 tmp4:= AND_DSZ32(0x00000001, tmp4) U6955: 000403031d88 tmp1:= AND_DSZ32(0x00000003, tmp6) U6956: 002404031231 tmp1:= SHL_DSZ32(tmp1, 0x00000004) U6958: 007d00034d31 tmp4:= MOVEINSERTFLGS_DSZ64(tmp1, tmp4) U6959: 007d00032cb1 tmp2:= MOVEINSERTFLGS_DSZ64(tmp1, tmp2) U695a: 023400033c34 tmp3:= CMOVCC_DSZ32_CONDS(tmp4, tmp0) U695c: 003500033cf2 tmp3:= CMOVCC_DSZ32_CONDNO(tmp2, tmp3) U695d: 013e03031c48 tmp1:= MOVEMERGEFLGS_DSZ32(0x00000003, tmp1) U695e: 01340b031231 tmp1:= CMOVCC_DSZ32_CONDZ(tmp1, 0x0000000b) U6960: 0004fc032d88 tmp2:= AND_DSZ32(0x000000fc, tmp6) U6961: 002502032232 tmp2:= SHR_DSZ32(tmp2, 0x00000002) U6962: 00e100031cb1 tmp1:= CONCAT_DSZ8(tmp1, tmp2) U6964: 100a20000240 TESTUSTATE(SYS, UST_SMM | 0x2000) 01944c00 ? SEQW GOTO U144c U6965: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U6966: 000849535008 tmp5:= ZEROEXT_DSZ32(0x00001449) U6968: 0004ff1f8c48 tmp8:= AND_DSZ32(0x000007ff, tmp1) U6969: 00a100038e0c tmp8:= CONCAT_DSZ16(0x00008000, tmp8) U696a: 0004e003fc48 tmp15:= AND_DSZ32(0x000000e0, tmp1) U696c: 0131550bf43f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, 0xd600d000) U696d: 00240003fc7f tmp15:= SHL_DSZ32(tmp15, tmp1) U696e: 023100038e3f tmp8:= SELECTCC_DSZ32_CONDNS(tmp15, tmp8) 01c79a80 SEQW GOTO U479a ------------------------------------------------------------------------------------ U6970: 000000000000 LFNCEMARK-> NOP 042e2114 SEQW SAVEUIP1 U6971 SEQW GOTO U2e21 U6971: 00621117c200 tmp12:= MOVEFROMCREG_DSZ64(0x511) U6972: 00641003c23c tmp12:= SHL_DSZ64(tmp12, 0x00000010) U6974: 006e1003c23c tmp12:= SAR_DSZ64(tmp12, 0x00000010) U6975: 008400435f1f tmp5:= AND_DSZ16(0xfffffffffffff000, tmp12) U6976: 386a45ac027b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000006, U3b45) U6978: 000cac1c0240 SAVEUIP(0x00, U27ac) 018bbc14 SEQW SAVEUIP1 U6979 SEQW GOTO U0bbc U6979: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U697a: 186a84a5037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000016, U6984) U697c: 100a00000240 TESTUSTATE(SYS, 0x2000) 019a1800 ? SEQW GOTO U1a18 U697d: 006255173200 tmp3:= MOVEFROMCREG_DSZ64(0x555) U697e: 00625617f200 tmp15:= MOVEFROMCREG_DSZ64(0x556) U6980: 004400033cff tmp3:= AND_DSZ64(tmp15, tmp3) U6981: 00440003ff3f tmp15:= AND_DSZ64(tmp15, tmp12) U6982: 292918280ff3 CMPUJNZ_DIRECT_NOTTAKEN(tmp3, tmp15, U1a18) U6984: 0004cd03fed0 tmp15:= AND_DSZ32(0x00140000, tmp11) U6985: 00059a03ffd0 tmp15:= SUB_DSZ32(0x00040000, tmp15) U6986: 0150811002bf UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U4481) U6988: 00041f03bec8 tmp11:= AND_DSZ32(0x0000001f, tmp11) U6989: 00635c03f200 LFNCEWTMRK-> tmp15:= READURAM(0x005c, 64) U698a: 00542903f23f tmp15:= BT_DSZ64(tmp15, 0x00000029) U698c: 00332003f23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000020) U698d: 00010003beff tmp11:= OR_DSZ32(tmp15, tmp11) 019a1c40 SEQW GOTO U1a1c ------------------------------------------------------------------------------------ U698e: 0062c51f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U6990: 186b699c0332 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000012, generate_#UD) U6991: 0062f61fb200 tmp11:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U6992: 186a71dc023b BTUJB_DIRECT_NOTTAKEN(tmp11, 0x00000003, generate_#NM) U6994: 20635b036200 tmp6:= READURAM(0x005b, 64) U6995: 006538036236 tmp6:= SHR_DSZ64(tmp6, 0x00000038) U6996: 00480003b000 tmp11:= ZEROEXT_DSZ64(0x00000000) U6998: 000cdd33d288 tmp13:= SAVEUIP(0x00, U4cdd) U6999: 000400034da0 tmp4:= AND_DSZ32(rax, tmp6) U699a: 00553f034234 tmp4:= BTS_DSZ64(tmp4, 0x0000003f) U699c: 004104035d08 tmp5:= OR_DSZ64(0x00000004, tmp4) U699d: 004100035d7b tmp5:= OR_DSZ64(tmp11, tmp5) U699e: 01420f000d40 SYNCMARK-> UFLOWCTRL(USTATE, tmp5) U69a0: 20433f000235 WRITEURAM(tmp5, 0x003f, 64) U69a1: 189f0083b144 tmp11:= LA2LIN_DSZN(DS, r64base, r64idx, IMM_MACRO_ALIAS_DISPLACEMENT) U69a2: 10880003b03b tmp11:= ZEROEXT_DSZ16N(tmp11) U69a4: 005403034234 tmp4:= BT_DSZ64(tmp4, 0x00000003) U69a5: 017e7f0b7d08 tmp7:= MOVEMERGEFLGS_DSZ64(0x0000027f, tmp4) U69a6: 00763f0b8237 tmp8:= CMOVCC_DSZ64_CONDB(tmp7, 0x0000023f) U69a8: 005404034234 tmp4:= BT_DSZ64(tmp4, 0x00000004) U69a9: 007340037234 tmp7:= SELECTCC_DSZ64_CONDNB(tmp4, 0x00000040) U69aa: 004000038df8 tmp8:= ADD_DSZ64(tmp8, tmp7) U69ac: 005408034234 tmp4:= BT_DSZ64(tmp4, 0x00000008) U69ad: 007380037234 tmp7:= SELECTCC_DSZ64_CONDNB(tmp4, 0x00000080) U69ae: 004000038df8 tmp8:= ADD_DSZ64(tmp8, tmp7) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U69b0: 004020037dc8 tmp7:= ADD_DSZ64(0x00000020, tmp7) U69b1: 004084075f88 tmp5:= ADD_DSZ64(0x00000184, tmp14) U69b2: 004080036f88 tmp6:= ADD_DSZ64(0x00000080, tmp14) U69b4: 213f00000000 unk_13f(0x00000000) U69b5: 005520030200 tmp0:= BTS_DSZ64(0x00000000, 0x00000020) U69b6: 074400039030 tmm1:= unk_744(mm0) U69b8: 064500039039 tmm1:= unk_645(tmm1) U69b9: 0e65f803b236 tmp11:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, 0x000000f8) U69ba: 00651003b23b tmp11:= SHR_DSZ64(tmp11, 0x00000010) U69bc: 00400203bec8 tmp11:= ADD_DSZ64(0x00000002, tmp11) U69bd: 07440003d03b tmm5:= unk_744(tmm3) U69be: 06450003d03d tmm5:= unk_645(tmm5) U69c0: 000e1f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000001f) U69c1: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U69c2: 06e60003de7d tmm5:= unk_6e6(tmm5, tmm1) U69c4: 0e6500031c36 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp0) U69c5: 237f00031031 tmp1:= unk_37f(tmp1) U69c6: 0e6d00031c36 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp0, tmp1) U69c8: 004008030c08 tmp0:= ADD_DSZ64(0x00000008, tmp0) U69c9: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01e9c440 SEQW GOTO U69c4 ------------------------------------------------------------------------------------ U69ca: 00480003a035 tmp10:= ZEROEXT_DSZ64(tmp5) U69cc: 000804039008 tmp9:= ZEROEXT_DSZ32(0x00000004) U69cd: 000800078008 tmp8:= ZEROEXT_DSZ32(0x00000100) U69ce: 000008038e08 tmp8:= ADD_DSZ32(0x00000008, tmp8) U69d0: 000c1a640200 SAVEUIP(0x00, U191a) 01f35c00 SEQW GOTO rsa_decrypt ------------------------------------------------------------------------------------ U69d1: 006520031235 tmp1:= SHR_DSZ64(tmp5, 0x00000020) U69d2: 006273173200 tmp3:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U69d4: 000700232233 tmp2:= NOTAND_DSZ32(tmp3, 0x00000800) U69d5: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) U69d6: 000a00200200 TESTUSTATE(UCODE, 0x0800) 01e9e080 ? SEQW GOTO U69e0 U69d8: 000400033d73 tmp3:= AND_DSZ32(tmp3, tmp5) U69d9: 006272172200 tmp2:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_BASE) U69da: 000600033cf2 tmp3:= XOR_DSZ32(tmp2, tmp3) U69dc: 0007ff3f3cc8 tmp3:= NOTAND_DSZ32(0x00000fff, tmp3) U69dd: 000100031c73 tmp1:= OR_DSZ32(tmp3, tmp1) U69de: 0150111c0271 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, generate_#GP) U69e0: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U69e1: 004c19e722b5 tmp2:= SAVEUIP(tmp5, 0x01, U5919) 01d91851 SEQW SAVEUIP0 U69e2 SEQW GOTO U5918 U69e2: 000400331d48 tmp1:= AND_DSZ32(0x00000c00, tmp5) U69e4: 00250a031231 tmp1:= SHR_DSZ32(tmp1, 0x0000000a) U69e5: 1928115c0231 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, generate_#GP) U69e6: 0062bb1f3200 tmp3:= MOVEFROMCREG_DSZ64(0x7bb) U69e8: 000400333cc8 tmp3:= AND_DSZ32(0x00000c00, tmp3) U69e9: 002508033233 tmp3:= SHR_DSZ32(tmp3, 0x00000008) U69ea: 000100033cf1 tmp3:= OR_DSZ32(tmp1, tmp3) U69ec: 192811dc0233 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000003, generate_#GP) U69ed: 1928119c02f3 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x0000000e, generate_#GP) U69ee: 2042bb1c0235 MOVETOCREG_DSZ64(tmp5, 0x7bb) U69f0: 000400233d48 tmp3:= AND_DSZ32(0x00000800, tmp5) U69f1: 013175033433 tmp3:= SELECTCC_DSZ32_CONDNZ(tmp3, 0x00020003) U69f2: 3042d6080273 LFNCEMARK-> MOVETOCREG_DSZ64(tmp3, 0x2d6, 32) 0560d280 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U69f4: 00543c030236 tmp0:= BT_DSZ64(tmp6, 0x0000003c) U69f5: 0032000302b0 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00004000) U69f6: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U69f8: 00542b030237 tmp0:= BT_DSZ64(tmp7, 0x0000002b) U69f9: 003204030230 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000004) U69fa: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U69fc: 004474030dd0 tmp0:= AND_DSZ64(0x00020000, tmp7) U69fd: 013026030430 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00008000) U69fe: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6a00: 1062df0b3240 tmp3:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U6a01: 006521030237 tmp0:= SHR_DSZ64(tmp7, 0x00000021) U6a02: 000100030c33 tmp0:= OR_DSZ32(tmp3, tmp0) U6a04: 00140d030230 tmp0:= BT_DSZ32(tmp0, 0x0000000d) U6a05: 00324e070430 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x02000000) U6a06: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6a08: 00049a030dd0 tmp0:= AND_DSZ32(0x00040000, tmp7) U6a09: 0131a7070430 tmp0:= SELECTCC_DSZ32_CONDNZ(tmp0, 0x20000000) U6a0a: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6a0c: 00651f030237 tmp0:= SHR_DSZ64(tmp7, 0x0000001f) U6a0d: 000725070430 tmp0:= NOTAND_DSZ32(tmp0, 0x00800000) U6a0e: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6a10: 00633a030200 tmp0:= READURAM(FSCP_CR_IA32_FEATURE_CTL, 64) U6a11: 0007b0030430 tmp0:= NOTAND_DSZ32(tmp0, 0x00080001) U6a12: 013100070430 tmp0:= SELECTCC_DSZ32_CONDNZ(tmp0, 0x00400000) U6a14: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6a15: 013100023c78 rbx:= SELECTCC_DSZ32_CONDNZ(tmp8, tmp1) 0197ec40 SEQW GOTO uend ------------------------------------------------------------------------------------ U6a16: 0cc100600c72 unk_cc1(tmp2, tmp1) U6a18: 073a00034000 mm4:= unk_73a(0x00000000) U6a19: 1c000be3903b tmp9:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_ALIAS_DATASIZE, mode=0x18) U6a1a: 1c0013e3103b tmp1:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_13, mode=0x18) U6a1c: 1c001be3803b tmp8:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_1b, mode=0x18) U6a1d: 1c0023e3703b tmp7:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_23, mode=0x18) U6a1e: 1c002be3603b tmp6:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_2b, mode=0x18) U6a20: 1c0033e3503b tmp5:= LDZX_DSZN_ASZ32_SC1(tmp11, IMM_MACRO_33, mode=0x18) U6a21: 0087007f4d0b tmp4:= NOTAND_DSZ16(0x00007f00, tmp4) U6a22: 0084007f3e4b tmp3:= AND_DSZ16(0x00007f00, tmp9) U6a24: 008100033d33 tmp3:= OR_DSZ16(tmp3, tmp4) U6a25: 20428c100233 MOVETOCREG_DSZ64(tmp3, 0x48c) U6a26: 00a50b032239 tmp2:= SHR_DSZ16(tmp9, 0x0000000b) U6a28: 00c407032c88 tmp2:= AND_DSZ8(0x00000007, tmp2) U6a29: 20426a000231 MOVETOCREG_DSZ64(tmp1, 0x06a) U6a2a: 204273000232 SYNCFULL-> MOVETOCREG_DSZ64(tmp2, 0x073) U6a2c: 006269033200 tmp3:= MOVEFROMCREG_DSZ64(0x069) U6a2d: 096269000233 MOVETOCREG_BTS_DSZ64(tmp3, 0x069) U6a2e: 100a04800200 TESTUSTATE(SYS, !UST_8086_MODE) 01ca2180 ? SEQW GOTO U4a21 U6a30: 00250c031237 tmp1:= SHR_DSZ32(tmp7, 0x0000000c) U6a31: 00a100032e31 tmp2:= CONCAT_DSZ16(tmp1, tmp8) U6a32: 00250c035235 tmp5:= SHR_DSZ32(tmp5, 0x0000000c) U6a34: 00a100033db5 tmp3:= CONCAT_DSZ16(tmp5, tmp6) U6a35: 00420a000232 MOVETOCREG_DSZ64(tmp2, 0x00a) U6a36: 00420d000200 MOVETOCREG_DSZ64(0x00000000, 0x00d) U6a38: 00420e000233 MOVETOCREG_DSZ64(tmp3, 0x00e) U6a39: 00420f000237 MOVETOCREG_DSZ64(tmp7, 0x00f) 01ea3d89 SEQW URET0 ------------------------------------------------------------------------------------ U6a3a: 000a00a31200 tmp1:= TESTUSTATE(UCODE, !0x0800) 01ea3d89 ? SEQW GOTO U6a3d U6a3c: 0008000b1008 tmp1:= ZEROEXT_DSZ32(0x00000200) U6a3d: 000100131c48 tmp1:= OR_DSZ32(0x00000400, tmp1) U6a3e: 00637003f200 tmp15:= READURAM(0x0070, 64) U6a40: 000400031ff1 tmp1:= AND_DSZ32(tmp1, tmp15) U6a41: 002507031231 tmp1:= SHR_DSZ32(tmp1, 0x00000007) U6a42: 00543c032232 tmp2:= BT_DSZ64(tmp2, 0x0000003c) U6a44: 00730003fff2 tmp15:= SELECTCC_DSZ64_CONDNB(tmp2, tmp15) U6a45: 003308032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000008) U6a46: 00543203f23f tmp15:= BT_DSZ64(tmp15, 0x00000032) U6a48: 00330803f23f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00000008) U6a49: 000700031c72 tmp1:= NOTAND_DSZ32(tmp2, tmp1) U6a4a: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U6a4c: 00040c03fec8 tmp15:= AND_DSZ32(0x0000000c, tmp11) U6a4d: 006d0303f23f tmp15:= ROR_DSZ64(tmp15, 0x00000003) U6a4e: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U6a50: 02310203f23f tmp15:= SELECTCC_DSZ32_CONDNS(tmp15, 0x00000002) U6a51: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U6a52: 0004000bfec8 tmp15:= AND_DSZ32(0x00000200, tmp11) U6a54: 00250503f23f tmp15:= SHR_DSZ32(tmp15, 0x00000005) U6a55: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U6a56: 0004000bfd88 tmp15:= AND_DSZ32(0x00000200, tmp6) U6a58: 00250503f23f tmp15:= SHR_DSZ32(tmp15, 0x00000005) U6a59: 000100031c7f tmp1:= OR_DSZ32(tmp15, tmp1) U6a5a: 00041003fc48 tmp15:= AND_DSZ32(0x00000010, tmp1) U6a5c: 01307b07f43f tmp15:= SELECTCC_DSZ32_CONDZ(tmp15, 0x08000000) U6a5d: 000100030c3f tmp0:= OR_DSZ32(tmp15, tmp0) 018000cd SEQW URET1 ------------------------------------------------------------------------------------ U6a5e: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6a60: 396285c802b0 MOVETOCREG_BTS_DSZ64(tmp0, 0x0000000b, CTAP_CR_DFX_CTL_STS) U6a61: 01309a031431 tmp1:= SELECTCC_DSZ32_CONDZ(tmp1, 0x00040000) U6a62: 00c800032c73 tmp2:= ZEROEXT_DSZ8(tmp3, tmp1) U6a64: 1062080b0240 tmp0:= MOVEFROMCREG_DSZ64(0x208, 32) U6a65: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U6a66: 01309a030430 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00040000) U6a68: 000100032cb0 tmp2:= OR_DSZ32(tmp0, tmp2) U6a69: 000100032d32 tmp2:= OR_DSZ32(tmp2, tmp4) U6a6a: 001511032232 tmp2:= BTS_DSZ32(tmp2, 0x00000011) U6a6c: 2d0fd843200a PORTOUT_DSZ32_ASZ16_SC1(0x000050d8, tmp2) U6a6d: 2d4fb040000a PORTOUT_DSZ64_ASZ16_SC1(0x000050b0, 0x00000000) U6a6e: 2d4fb840000a PORTOUT_DSZ64_ASZ16_SC1(0x000050b8, 0x00000000) U6a70: 2d4fa040000a PORTOUT_DSZ64_ASZ16_SC1(0x000050a0, 0x00000000) U6a71: 2d4fa840000a PORTOUT_DSZ64_ASZ16_SC1(0x000050a8, 0x00000000) U6a72: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U6a74: 00080f030008 tmp0:= ZEROEXT_DSZ32(0x0000000f) 01e0aa10 SEQW SAVEUIP0 U6a75 SEQW GOTO U60aa U6a75: 00080d03b008 tmp11:= ZEROEXT_DSZ32(0x0000000d) U6a76: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U6a78: 00049a030c90 tmp0:= AND_DSZ32(0x00040000, tmp2) U6a79: 000100037df0 tmp7:= OR_DSZ32(tmp0, tmp7) U6a7a: 000433077dd0 tmp7:= AND_DSZ32(0x00ff0000, tmp7) U6a7c: 013e10030dc8 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000010, tmp7) U6a7d: 013511030230 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x00000011) U6a7e: 013e646fedc9 tmp14:= MOVEMERGEFLGS_DSZ32(0x00003b64, tmp7) U6a80: 0135686fe27e tmp14:= CMOVCC_DSZ32_CONDNZ(tmp14, 0x00003b68) U6a81: 01420a000f80 UFLOWCTRL(URET0, tmp14) 01d8c140 SEQW GOTO U58c1 ------------------------------------------------------------------------------------ U6a82: 006262178200 tmp8:= MOVEFROMCREG_DSZ64(0x562) U6a84: 0047ff3f8e08 tmp8:= NOTAND_DSZ64(0x00000fff, tmp8) U6a85: 096272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U6a86: 0e6520072038 tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000020, mode=0x01) U6a88: 20635c030200 tmp0:= READURAM(0x005c, 64) U6a89: 00651d03f230 tmp15:= SHR_DSZ64(tmp0, 0x0000001d) U6a8a: 00040003ffc9 tmp15:= AND_DSZ32(0x00002000, tmp15) U6a8c: 004700030c09 tmp0:= NOTAND_DSZ64(0x00002000, tmp0) U6a8d: 004100030c3f tmp0:= OR_DSZ64(tmp15, tmp0) U6a8e: 20435c000230 WRITEURAM(tmp0, 0x005c, 64) U6a90: 004520030e08 tmp0:= SUB_DSZ64(0x00000020, tmp8) U6a91: 20431b000230 WRITEURAM(tmp0, 0x001b, 64) U6a92: 00637003d200 tmp13:= READURAM(0x0070, 64) U6a94: 0041e203df48 tmp13:= OR_DSZ64(0x000000e2, tmp13) U6a95: 20437000023d WRITEURAM(tmp13, 0x0070, 64) U6a96: 00400023ce08 tmp12:= ADD_DSZ64(0x00000800, tmp8) U6a98: 20431100023c LFNCEMARK-> WRITEURAM(tmp12, 0x0011, 64) U6a99: 0e2534070032 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000034, mode=0x01) U6a9a: 0e252407d032 tmp13:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000024, mode=0x01) U6a9c: 004000030c3d tmp0:= ADD_DSZ64(tmp13, tmp0) U6a9d: 004000030cb0 tmp0:= ADD_DSZ64(tmp0, tmp2) U6a9e: 0e6510073038 tmp3:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000010, mode=0x01) U6aa0: 1928a1290033 LFNCEMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000000, U6aa1) 046aa600 SEQW GOTO U6aa6 ------------------------------------------------------------------------------------ U6aa1: 004800033030 tmp3:= ZEROEXT_DSZ64(tmp0) U6aa2: 000801037008 tmp7:= ZEROEXT_DSZ32(0x00000001) U6aa4: 0e2d0c077038 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp8, 0x0000000c, mode=0x01, tmp7) U6aa5: 0e6d20072038 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000020, mode=0x01, tmp2) U6aa6: 0e6dd8073f08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000d8, mode=0x01, tmp3) U6aa8: 0e6dc807cf08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000c8, mode=0x01, tmp12) U6aa9: 000800030009 LFNCEWAIT-> tmp0:= ZEROEXT_DSZ32(0x00002000) 029f9040 SEQW GOTO do_smm_vmexit ------------------------------------------------------------------------------------ U6aaa: 1062080b2240 tmp2:= MOVEFROMCREG_DSZ64(0x208, 32) U6aac: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U6aad: 002410032232 tmp2:= SHL_DSZ32(tmp2, 0x00000010) 01e0b851 SEQW SAVEUIP0 U6aae SEQW GOTO U60b8 U6aae: 000100032df2 tmp2:= OR_DSZ32(tmp2, tmp7) U6ab0: 000433072c90 tmp2:= AND_DSZ32(0x00ff0000, tmp2) U6ab1: 00080e03b008 tmp11:= ZEROEXT_DSZ32(0x0000000e) U6ab2: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U6ab4: 2d0b0813000c tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00008408) U6ab5: 0004590b0c10 tmp0:= AND_DSZ32(0xffff0180, tmp0) U6ab6: 000500071c08 tmp1:= SUB_DSZ32(0x00000100, tmp0) U6ab8: 2d0b0413000c tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00008404) U6ab9: 0004f0070c10 tmp0:= AND_DSZ32(0x80000000, tmp0) U6aba: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U6abc: 000100031c72 tmp1:= OR_DSZ32(tmp2, tmp1) 01a79914 SEQW SAVEUIP1 U6abd SEQW GOTO U2799 U6abd: 013e12030c48 tmp0:= MOVEMERGEFLGS_DSZ32(0x00000012, tmp1) U6abe: 013514030230 tmp0:= CMOVCC_DSZ32_CONDNZ(tmp0, 0x00000014) U6ac0: 000d00000000 SAVEUIP_REGOVR(0x00, U6ac1, 0x0000) 01e0aa00 SEQW GOTO U60aa U6ac1: 00080f03b008 tmp11:= ZEROEXT_DSZ32(0x0000000f) U6ac2: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U6ac4: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01eac900 ? SEQW GOTO U6ac9 U6ac5: 104207080240 MOVETOCREG_DSZ64(0x00000000, 0x207, 32) U6ac6: 104209080240 MOVETOCREG_DSZ64(0x00000000, 0x209, 32) U6ac8: 190208880200 LFNCEMARK-> MOVETOCREG_OR_DSZ64(0x00000002, 0x208) U6ac9: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6aca: 3a6285c802b0 MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000b, CTAP_CR_DFX_CTL_STS) U6acc: 2d0f10000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000010, 0x00000000) U6acd: 2d0f18000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000018, 0x00000000) U6ace: 2dcbc0031008 tmp1:= PORTIN_DSZ8_ASZ16_SC1(0x000000c0) U6ad0: 001603031231 tmp1:= BTR_DSZ32(tmp1, 0x00000003) U6ad1: 2dcfc0031008 LFNCEWAIT-> PORTOUT_DSZ8_ASZ16_SC1(0x000000c0, tmp1) 029e6e40 SEQW GOTO U1e6e ------------------------------------------------------------------------------------ U6ad2: 057e00039200 tmm1:= unk_57e(0x00000000) U6ad4: 000546031c10 tmp1:= SUB_DSZ32(0x0000ffff, tmp0) U6ad5: 0351212c0271 UJMPCC_DIRECT_NOTTAKEN_CONDNL(tmp1, U2b21) U6ad6: 076800032008 mm2:= unk_768(0x00000000) U6ad8: 064900039e48 tmm1:= unk_649(0x00000000, tmm1) U6ad9: 000075032c88 tmp2:= ADD_DSZ32(0x00000075, tmp2) U6ada: 07160003a032 tmm2:= FPREADROM_DTYPENOP(tmp2) U6adc: 066100039e7f tmm1:= unk_661(tmm7, tmm1) U6add: 06e10003be79 tmm3:= unk_6e1(tmm1, tmm1) U6ade: 06a00503c000 tmp12:= unk_6a0(0x00000000) U6ae0: 06a00303d000 tmp13:= unk_6a0(0x00000000) U6ae1: 06e10003ef3b tmm6:= unk_6e1(tmm3, tmm4) U6ae2: 06a00603c000 tmp12:= unk_6a0(0x00000000) U6ae4: 06e10003ff3b tmm7:= unk_6e1(tmm3, tmm4) U6ae5: 06490003efbd tmm6:= unk_649(tmm5, tmm6) U6ae6: 06a00403c000 tmp12:= unk_6a0(0x00000000) U6ae8: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U6ae9: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U6aea: 06a00103d000 tmp13:= unk_6a0(0x00000000) U6aec: 06e10003fffb tmm7:= unk_6e1(tmm3, tmm7) U6aed: 06490003efbd tmm6:= unk_649(tmm5, tmm6) U6aee: 06a00203c000 tmp12:= unk_6a0(0x00000000) U6af0: 06490003fffc tmm7:= unk_649(tmm4, tmm7) U6af1: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U6af2: 06e10003fffb tmm7:= unk_6e1(tmm3, tmm7) U6af4: 06490003efb9 tmm6:= unk_649(tmm1, tmm6) U6af5: 06e10003fe7f tmm7:= unk_6e1(tmm7, tmm1) U6af6: 06a040039000 tmp9:= unk_6a0(0x00000000) U6af8: 06490003be7a tmm3:= unk_649(tmm2, tmm1) U6af9: 06490003ffbf tmm7:= unk_649(tmm7, tmm6) U6afa: 06e100039ffb tmm1:= unk_6e1(tmm3, tmm7) U6afc: 268900008e7a LFNCEWAIT-> mm0:= unk_689(tmm2, tmm1) 0217ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U6afd: 008800030f80 tmp0:= ZEROEXT_DSZ16(tmp14) U6afe: 004400030d70 tmp0:= AND_DSZ64(tmp0, tmp5) U6b00: 0151157c02b0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U5f15) U6b01: 100a80037200 tmp7:= TESTUSTATE(SYS, UST_VMX_GUEST) 046b1040 ? SEQW GOTO U6b10 U6b02: 0047b83f4d08 tmp4:= NOTAND_DSZ64(0x00000fb8, tmp4) U6b04: 072f0003703c mm7:= unk_72f(tmm4) U6b05: 200a0007f200 tmp15:= TESTUSTATE(VMX, 0x0100) 01eb0a40 ? SEQW GOTO U6b0a U6b06: 09621cd747f4 tmp4:= MOVETOCREG_BTS_DSZ64(tmp4, 0x0000003f, 0x51c) U6b08: 00650b03f234 tmp15:= SHR_DSZ64(tmp4, 0x0000000b) U6b09: 00010103ffc8 tmp15:= OR_DSZ32(0x00000001, tmp15) U6b0a: 00641d037237 tmp7:= SHL_DSZ64(tmp7, 0x0000001d) U6b0c: 004100037ff7 tmp7:= OR_DSZ64(tmp7, tmp15) U6b0d: 005425033233 tmp3:= BT_DSZ64(tmp3, 0x00000025) U6b0e: 007300037df3 tmp7:= SELECTCC_DSZ64_CONDNB(tmp3, tmp7) U6b10: 004379000237 WRITEURAM(tmp7, 0x0079, 64) U6b11: 016300037dc8 LFNCEWAIT-> tmp7:= unk_163(0x00000000, tmp7) U6b12: 00250803f237 tmp15:= SHR_DSZ32(tmp7, 0x00000008) U6b14: 07070003c037 tmm4:= unk_707(mm7) U6b15: 00429d1c023f MOVETOCREG_DSZ64(tmp15, 0x79d) U6b16: 0008157fb00a tmp11:= ZEROEXT_DSZ32(0x00005f15) U6b18: 076fd02f003e ROVR<- mm0:= unk_76f(tmm6) 01e0be1c SEQW SAVEUIP1 U6b19 SEQW GOTO U60be U6b19: 0042c51c0230 MOVETOCREG_DSZ64(tmp0, CORE_CR_CR4) U6b1a: 00080017f008 tmp15:= ZEROEXT_DSZ32(0x00000500) U6b1c: 200a00c00200 TESTUSTATE(VMX, !0x1000) 01af0e00 ? SEQW GOTO U2f0e U6b1d: 0062ff1f4200 tmp4:= MOVEFROMCREG_DSZ64(0x7ff) U6b1e: 000800179008 tmp9:= ZEROEXT_DSZ32(0x00000500) U6b20: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01eb2400 ? SEQW GOTO U6b24 U6b21: 00330017923a tmp9:= SELECTCC_DSZ32_CONDNB(tmp10, 0x00000500) U6b22: 00010013f239 tmp15:= OR_DSZ32(tmp9, 0x00000400) U6b24: 000700034d3f tmp4:= NOTAND_DSZ32(tmp15, tmp4) U6b25: 013000039e7d tmp9:= SELECTCC_DSZ32_CONDZ(tmp13, tmp9) U6b26: 0902ff1c0e74 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp4, tmp9, 0x7ff) 052f2480 SEQW GOTO U2f24 ------------------------------------------------------------------------------------ U6b28: 100ac0800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON | UST_VMX_GUEST) 01eb2e00 ? SEQW GOTO U6b2e U6b29: 006343014200 tmpv0:= READURAM(0x0043, 64) U6b2a: 186b2eed0214 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000003, U6b2e) U6b2c: 006357015200 tmpv1:= READURAM(0x0057, 64) U6b2d: 0e6560015548 LFNCEWAIT-> tmpv1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmpv1, 0x00000060) U6b2e: 00633b014200 tmpv0:= READURAM(0x003b, 64) U6b30: 004000015554 tmpv1:= ADD_DSZ64(tmpv0, tmpv1) U6b31: 1062d7094240 LFNCEWTMRK-> tmpv0:= MOVEFROMCREG_DSZ64(0x2d7, 32) U6b32: 004800016014 tmpv2:= ZEROEXT_DSZ64(tmpv0) 06b04592 SEQW SAVEUIP0 U6b34 SEQW GOTO U3045 U6b34: 006408014215 tmpv0:= SHL_DSZ64(tmpv1, 0x00000008) U6b35: 004119014508 tmpv0:= OR_DSZ64(0x00000019, tmpv0) U6b36: 000883015008 tmpv1:= ZEROEXT_DSZ32(0x00000083) 01e5b896 SEQW SAVEUIP1 U6b38 SEQW GOTO U65b8 U6b38: 0062f01d4200 tmpv0:= MOVEFROMCREG_DSZ64(0x7f0) U6b39: 186b446d0294 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x00000009, U6b44) U6b3a: 006537014216 tmpv0:= SHR_DSZ64(tmpv2, 0x00000037) U6b3c: 006418014214 tmpv0:= SHL_DSZ64(tmpv0, 0x00000018) U6b3d: 0004ff7d558f tmpv1:= AND_DSZ32(0x0000ffff, tmpv2) U6b3e: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U6b40: 006410014214 tmpv0:= SHL_DSZ64(tmpv0, 0x00000010) U6b41: 0041024d450b tmpv0:= OR_DSZ64(0x00007302, tmpv0) U6b42: 000871015008 tmpv1:= ZEROEXT_DSZ32(0x00000071) 01e5b996 SEQW SAVEUIP1 U6b44 SEQW GOTO U65b9 U6b44: 01420b000f80 SYNCMARK-> UFLOWCTRL(URET1, tmp14) U6b45: 106220094240 tmpv0:= MOVEFROMCREG_DSZ64(0x220, 32) U6b46: 0004007d4509 tmpv0:= AND_DSZ32(0x00003f00, tmpv0) U6b48: 002408014214 tmpv0:= SHL_DSZ32(tmpv0, 0x00000008) U6b49: 0001020d4508 tmpv0:= OR_DSZ32(0x00000302, tmpv0) U6b4a: 000841015008 SYNCWAIT-> tmpv1:= ZEROEXT_DSZ32(0x00000041) 0b65b980 SEQW GOTO U65b9 ------------------------------------------------------------------------------------ U6b4c: 000900000000 MOVE_DSZ32(0x00000000) 01b19a14 SEQW SAVEUIP1 U6b4d SEQW GOTO U319a U6b4d: 006353030200 tmp0:= READURAM(0x0053, 64) U6b4e: 005606030230 tmp0:= BTR_DSZ64(tmp0, 0x00000006) U6b50: 004353000230 WRITEURAM(tmp0, 0x0053, 64) U6b51: 096205000280 MOVETOCREG_BTS_DSZ64(0x00000008, 0x005) U6b52: 0e7560030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000060) U6b54: 0042c61c0230 MOVETOCREG_DSZ64(tmp0, 0x7c6) U6b55: 09a2f11c0630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x7f1) U6b56: 000400031c09 tmp1:= AND_DSZ32(0x00002000, tmp0) U6b58: 000400032c0c tmp2:= AND_DSZ32(0x00008000, tmp0) U6b59: 00635c030200 tmp0:= READURAM(0x005c, 64) U6b5a: 000700030c09 tmp0:= NOTAND_DSZ32(0x00002000, tmp0) U6b5c: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U6b5d: 00435c080230 WRITEURAM(tmp0, 0x005c, 32) U6b5e: 006205070200 tmp0:= MOVEFROMCREG_DSZ64(0x105) U6b60: 004700030c0c tmp0:= NOTAND_DSZ64(0x00008000, tmp0) U6b61: 090205040cb0 MOVETOCREG_OR_DSZ64(tmp0, tmp2, 0x105) U6b62: 0e7560070008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000160) U6b64: 00431b000230 WRITEURAM(tmp0, 0x001b, 64) U6b65: 0e7520030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000020) U6b66: 30420f080270 MOVETOCREG_DSZ64(tmp0, 0x20f, 32) U6b68: 0e7540030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000040) U6b69: 0042f81c0230 MOVETOCREG_DSZ64(tmp0, 0x7f8) U6b6a: 19a2f91c0630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x7f9) U6b6c: 0e7500030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1() U6b6d: 004370000230 WRITEURAM(tmp0, 0x0070, 64) U6b6e: 1042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U6b70: 19a2da0803b0 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000018, 0x2da) U6b71: 09a208000630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x008) U6b72: 0e758007e008 tmp14:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000180) U6b74: 000c16900200 SAVEUIP(0x01, U0416) 01ad3000 SEQW GOTO U2d30 ------------------------------------------------------------------------------------ U6b75: 005420030230 tmp0:= BT_DSZ64(tmp0, 0x00000020) U6b76: 003274030430 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00020000) U6b78: 0062bb1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7bb) U6b79: 000400231c48 tmp1:= AND_DSZ32(0x00000800, tmp1) U6b7a: 002502031231 tmp1:= SHR_DSZ32(tmp1, 0x00000002) U6b7c: 0081ff671c4f tmp1:= OR_DSZ16(0x0000f9ff, tmp1) U6b7d: 00a1e97e2c4d rdx:= CONCAT_DSZ16(0x0000bfe9, tmp1) U6b7e: 0001000228b0 rdx:= OR_DSZ32(tmp0, rdx) U6b80: 0008372f000f tmp0:= ZEROEXT_DSZ32(0x0000eb37) U6b81: 00a1d8161c08 rcx:= CONCAT_DSZ16(0x000005d8, tmp0) U6b82: 005424030237 tmp0:= BT_DSZ64(tmp7, 0x00000024) U6b84: 003280030230 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, 0x00000080) U6b85: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) U6b86: 00449a030e90 tmp0:= AND_DSZ64(0x00040000, tmp10) U6b88: 00635c031200 tmp1:= READURAM(0x005c, 64) U6b89: 002506031231 tmp1:= SHR_DSZ32(tmp1, 0x00000006) U6b8a: 000700030c31 tmp0:= NOTAND_DSZ32(tmp1, tmp0) U6b8c: 013008030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000008) U6b8d: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) U6b8e: 0062011f0200 tmp0:= MOVEFROMCREG_DSZ64(0x701) U6b90: 000703030230 tmp0:= NOTAND_DSZ32(tmp0, 0x00000003) U6b91: 01304e070430 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x02000000) U6b92: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) U6b94: 00444e070dd0 tmp0:= AND_DSZ64(0x02000000, tmp7) U6b95: 0130e1030430 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00200000) U6b96: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) U6b98: 0062c51f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U6b99: 001412030230 tmp0:= BT_DSZ32(tmp0, 0x00000012) U6b9a: 00337b070430 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x08000000) U6b9c: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) U6b9d: 005437030236 tmp0:= BT_DSZ64(tmp6, 0x00000037) U6b9e: 0033be070430 tmp0:= SELECTCC_DSZ32_CONDNB(tmp0, 0x40000000) U6ba0: 000100021870 rcx:= OR_DSZ32(tmp0, rcx) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U6ba1: 00012d0bf437 tmp15:= OR_DSZ32(tmp7, 0xff000000) U6ba2: 20430e00023f WRITEURAM(tmp15, 0x000e, 64) U6ba4: 004e03036230 tmp6:= unk_04e(tmp0, 0x00000003) U6ba5: 2d0bd003f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000d0) U6ba6: 00040073ffcb tmp15:= AND_DSZ32(0x00007c00, tmp15) U6ba8: 01508618023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U0686) U6ba9: 000813134008 tmp4:= ZEROEXT_DSZ32(0x00000413) U6baa: 2d0f70034008 PORTOUT_DSZ32_ASZ16_SC1(0x00000070, tmp4) U6bac: 2d0b74013008 tmp7:= PORTIN_DSZ32_ASZ16_SC1(0x00000074) U6bad: 186bcd2d0213 BTUJNB_DIRECT_NOTTAKEN(tmp7, 0x00000000, U6bcd) U6bae: 002508013213 tmp7:= SHR_DSZ32(tmp7, 0x00000008) U6bb0: 0004fc7d34cf tmp7:= AND_DSZ32(0x0000fffc, tmp7) U6bb1: 016001034234 tmp4:= SUBR_DSZ64(tmp4, 0x00000001) 01ebaa40 SEQW GOTO U6baa ------------------------------------------------------------------------------------ U6bb2: 00210a0b7dd0 tmp7:= CONCAT_DSZ32(0xaa000000, tmp7) U6bb4: 006320038200 tmp8:= READURAM(0x0020, 64) U6bb5: 0004ff7f8e0b ROVR<- tmp8:= AND_DSZ32(0x00007fff, tmp8) 0182ba5d SEQW SAVEUIP1 U6bb6 SEQW GOTO U02ba U6bb6: 002418038238 tmp8:= SHL_DSZ32(tmp8, 0x00000018) U6bb8: 2d4b00034c08 tmp4:= PORTIN_DSZ64_ASZ16_SC1(0x00000000, tmp0) U6bb9: 000440034d08 tmp4:= AND_DSZ32(0x00000040, tmp4) U6bba: 006436034234 tmp4:= SHL_DSZ64(tmp4, 0x00000036) U6bbc: 004100037df4 tmp7:= OR_DSZ64(tmp4, tmp7) U6bbd: 2d4b00034c48 tmp4:= PORTIN_DSZ64_ASZ16_SC1(0x00000000, tmp1) U6bbe: 00543f034234 tmp4:= BT_DSZ64(tmp4, 0x0000003f) U6bc0: 0021be07f010 tmp15:= CONCAT_DSZ32(0x40000000) U6bc1: 00730003fff4 tmp15:= SELECTCC_DSZ64_CONDNB(tmp4, tmp15) U6bc2: 007300034d34 tmp4:= SELECTCC_DSZ64_CONDNB(tmp4, tmp4) U6bc4: 00543d034234 tmp4:= BT_DSZ64(tmp4, 0x0000003d) U6bc5: 007600037df4 tmp7:= CMOVCC_DSZ64_CONDB(tmp4, tmp7) U6bc6: 004100037dff tmp7:= OR_DSZ64(tmp15, tmp7) U6bc8: 2d4f00037c48 PORTOUT_DSZ64_ASZ16_SC1(0x00000000, tmp1, tmp7) U6bc9: 0052cc2c02f4 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp4, U6bcc) U6bca: 2d4f00038cc8 PORTOUT_DSZ64_ASZ16_SC1(0x00000000, tmp3, tmp8) U6bcc: 2d0f40000008 PORTOUT_DSZ32_ASZ16_SC1(0x00000040, 0x00000000) U6bcd: 004800030036 SYNCFULL-> tmp0:= ZEROEXT_DSZ64(tmp6) 088000c9 SEQW URET0 ------------------------------------------------------------------------------------ U6bce: 000900000000 MOVE_DSZ32(0x00000000) U6bd0: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U6bd1: 006262178200 tmp8:= MOVEFROMCREG_DSZ64(0x562) U6bd2: 006263171200 tmp1:= MOVEFROMCREG_DSZ64(0x563) U6bd4: 1929da2d0031 CMPUJNZ_DIRECT_NOTTAKEN(tmp1, 0x00000000, U6bda) U6bd5: 006274178200 tmp8:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U6bd6: 204262140238 MOVETOCREG_DSZ64(tmp8, 0x562) U6bd8: 006275171200 tmp1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U6bd9: 204263140231 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x563) U6bda: 0021000338a3 tmp3:= CONCAT_DSZ32(rbx, rdx) U6bdc: 0047ff3f8e08 tmp8:= NOTAND_DSZ64(0x00000fff, tmp8) U6bdd: 0047ff3f1c48 tmp1:= NOTAND_DSZ64(0x00000fff, tmp1) U6bde: 004000432e08 tmp2:= ADD_DSZ64(0x00001000, tmp8) U6be0: 0d3028034033 tmp4:= LDZX_DSZ32_ASZ32_SC1(tmp3) U6be1: 0d3024035033 tmp5:= LDZX_DSZ32_ASZ32_SC1(tmp3) U6be2: 000000034d35 tmp4:= ADD_DSZ32(tmp5, tmp4) U6be4: 000007034d08 tmp4:= ADD_DSZ32(0x00000007, tmp4) U6be5: 000707034d08 tmp4:= NOTAND_DSZ32(0x00000007, tmp4) U6be6: 004080070cb4 ROVR<- tmp0:= ADD_DSZ64(tmp4, tmp2) 018000de SEQW SAVEUIP1 U6be8 U6be8: 004501030c08 tmp0:= SUB_DSZ64(0x00000001, tmp0) U6be9: 004400030c31 tmp0:= AND_DSZ64(tmp1, tmp0) U6bea: 004400035e31 tmp5:= AND_DSZ64(tmp1, tmp8) U6bec: 29299d2c0d70 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp0, tmp5, U1b9d) 081ab614 SEQW SAVEUIP1 U6bed SEQW GOTO U1ab6 U6bed: 00635c035200 tmp5:= READURAM(0x005c, 64) U6bee: 00552a035235 tmp5:= BTS_DSZ64(tmp5, 0x0000002a) U6bf0: 00435c000235 WRITEURAM(tmp5, 0x005c, 64) U6bf1: 0e2004075038 tmp5:= LDPPHYS_DSZ32_ASZ64_SC1(tmp8, 0x00000004, mode=0x01) U6bf2: 186bf42d0235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000000, U6bf4) 01ea8680 SEQW GOTO U6a86 ------------------------------------------------------------------------------------ U6bf4: 0e6d20072038 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000020, mode=0x01, tmp2) U6bf5: 000800030000 tmp0:= ZEROEXT_DSZ32(0x00000000) U6bf6: 0d7000035c33 tmp5:= LDZX_DSZ64_ASZ32_SC1(tmp3, tmp0) U6bf8: 0e6d00075c32 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2, tmp0, mode=0x01, tmp5) U6bf9: 000008030c08 tmp0:= ADD_DSZ32(0x00000008, tmp0) U6bfa: 192888290d30 CMPUJZ_DIRECT_NOTTAKEN(tmp0, tmp4, U6a88) 01ebf680 SEQW GOTO U6bf6 ------------------------------------------------------------------------------------ U6bfc: 001511015215 tmpv1:= BTS_DSZ32(tmpv1, 0x00000011) U6bfd: 002510014215 LFNCEMARK-> tmpv0:= SHR_DSZ32(tmpv1, 0x00000010) U6bfe: 004402014510 tmpv0:= AND_DSZ64(0x00000003, tmpv0) U6c00: 002100014014 tmpv0:= CONCAT_DSZ32(tmpv0) U6c01: 00638c016200 LFNCEWAIT-> tmpv2:= READURAM(0x008c, 64) U6c02: 005620016216 tmpv2:= BTR_DSZ64(tmpv2, 0x00000020) U6c04: 005621016216 tmpv2:= BTR_DSZ64(tmpv2, 0x00000021) U6c05: 004100016594 tmpv2:= OR_DSZ64(tmpv0, tmpv2) U6c06: 20438c040216 LFNCEMARK-> WRITEURAM(tmpv2, 0x018c, 64) U6c08: 00077b015550 tmpv1:= NOTAND_DSZ32(0x00030000, tmpv1) U6c09: 006428015215 tmpv1:= SHL_DSZ64(tmpv1, 0x00000028) U6c0a: 00638c014200 LFNCEWAIT-> tmpv0:= READURAM(0x008c, 64) U6c0c: 186b117103d4 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x0000001d, U6c11) U6c0d: 005530016200 tmpv2:= BTS_DSZ64(0x00000000, 0x00000030) U6c0e: 004500015556 tmpv1:= SUB_DSZ64(tmpv2, tmpv1) U6c10: 005512015215 tmpv1:= BTS_DSZ64(tmpv1, 0x00000012) U6c11: 186b163103d4 BTUJNB_DIRECT_NOTTAKEN(tmpv0, 0x0000001c, U6c16) U6c12: 005530016200 tmpv2:= BTS_DSZ64(0x00000000, 0x00000030) U6c14: 004500015556 tmpv1:= SUB_DSZ64(tmpv2, tmpv1) U6c15: 005511015215 tmpv1:= BTS_DSZ64(tmpv1, 0x00000011) U6c16: 006528016215 tmpv2:= SHR_DSZ64(tmpv1, 0x00000028) U6c18: 00041f016588 tmpv2:= AND_DSZ32(0x0000001f, tmpv2) U6c19: 186b1e310594 BTUJNB_DIRECT_NOTTAKEN(tmpv0, tmpv2, U6c1e) U6c1a: 002109056010 tmpv2:= CONCAT_DSZ32(0x00410000) U6c1c: 004000015556 tmpv1:= ADD_DSZ64(tmpv2, tmpv1) U6c1d: 005510015215 tmpv1:= BTS_DSZ64(tmpv1, 0x00000010) U6c1e: 1062b9094240 tmpv0:= MOVEFROMCREG_DSZ64(0x2b9, 32) U6c20: 0004ff014508 tmpv0:= AND_DSZ32(0x000000ff, tmpv0) U6c21: 002418014214 tmpv0:= SHL_DSZ32(tmpv0, 0x00000018) U6c22: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U6c24: 004135014510 tmpv0:= OR_DSZ64(0x0000fade, tmpv0) U6c25: 006528016215 tmpv2:= SHR_DSZ64(tmpv1, 0x00000028) U6c26: 00441f016588 tmpv2:= AND_DSZ64(0x0000001f, tmpv2) U6c28: 000cfa2c0200 SAVEUIP(0x00, U0bfa) 03334d00 SEQW GOTO U334d ------------------------------------------------------------------------------------ U6c29: 0cc200600c70 unk_cc2(tmp0, tmp1) U6c2a: 006286130200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(0x486) U6c2c: 00a1ff7f0c1f tmp0:= CONCAT_DSZ16(0xffffffffffffffff, tmp0) U6c2d: 073a0003a000 tmm2:= unk_73a(0x00000000) U6c2e: 00a50b03223a tmp2:= SHR_DSZ16(tmp10, 0x0000000b) U6c30: 00c407032c88 tmp2:= AND_DSZ8(0x00000007, tmp2) U6c31: 00e401038232 tmp8:= SHL_DSZ8(tmp2, 0x00000001) U6c32: 00c501033c88 tmp3:= SUB_DSZ8(0x00000001, tmp2) U6c34: 00626a034200 tmp4:= MOVEFROMCREG_DSZ64(0x06a) U6c35: 00ed00035cf4 tmp5:= ROR_DSZ8(tmp4, tmp3) U6c36: 07040003d035 tmm5:= unk_704(mm5) U6c38: 06a33183f27d tmm7:= unk_6a3(tmm5, IMM_MACRO_31) U6c39: 072c0003603f tmp6:= PINTMOVDTMM2I_DSZ32(tmm7) U6c3a: 000e0603c208 tmp12:= WRMSLOOPCTRFBR(0x00000006) U6c3c: 00ac02036236 tmp6:= ROL_DSZ16(tmp6, 0x00000002) U6c3d: 00ec01035235 tmp5:= ROL_DSZ8(tmp5, 0x00000001) U6c3e: 07040003d035 tmm5:= unk_704(mm5) U6c40: 06a33183f27d tmm7:= unk_6a3(tmm5, IMM_MACRO_31) U6c41: 072c0003403f tmp4:= PINTMOVDTMM2I_DSZ32(tmm7) U6c42: 000100036db4 tmp6:= OR_DSZ32(tmp4, tmp6) U6c44: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01ec3c00 SEQW GOTO U6c3c ------------------------------------------------------------------------------------ U6c45: 00ac00036e36 tmp6:= ROL_DSZ16(tmp6, tmp8) U6c46: 00a1ff7fae9f tmp10:= CONCAT_DSZ16(0xffffffffffffffff, tmp10) U6c48: 00a1ff7f8d9f tmp8:= CONCAT_DSZ16(0xffffffffffffffff, tmp6) U6c49: 00620a033200 tmp3:= MOVEFROMCREG_DSZ64(0x00a) U6c4a: 00620d036200 tmp6:= MOVEFROMCREG_DSZ64(0x00d) U6c4c: 006269032200 tmp2:= MOVEFROMCREG_DSZ64(0x069) U6c4d: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U6c4e: 0174ff7f27f2 tmp2:= CMOVCC_DSZ64_CONDZ(tmp2, 0xffffffffffffffff) U6c50: 0021ff7f27f2 tmp2:= CONCAT_DSZ32(tmp2, 0xffffffffffffffff) U6c51: 004500033cf6 tmp3:= SUB_DSZ64(tmp6, tmp3) U6c52: 004400033cf2 tmp3:= AND_DSZ64(tmp2, tmp3) U6c54: 004400033cf2 tmp3:= AND_DSZ64(tmp2, tmp3) U6c55: 00620e034200 tmp4:= MOVEFROMCREG_DSZ64(0x00e) U6c56: 00620f037200 tmp7:= MOVEFROMCREG_DSZ64(0x00f) 01e46d80 SEQW GOTO U646d ------------------------------------------------------------------------------------ U6c58: 00000c0175c8 tmpv3:= ADD_DSZ32(0x0000000c, tmpv3) U6c59: 0064ff7d75df tmpv3:= SHL_DSZ64(0xffffffffffffffff, tmpv3) U6c5a: 006310014200 tmpv0:= READURAM(0x0010, 64) U6c5c: 0047000175d4 tmpv3:= NOTAND_DSZ64(tmpv0, tmpv3) U6c5d: 000a00900200 TESTUSTATE(UCODE, !0x0400) 01ec6640 ? SEQW GOTO U6c66 U6c5e: 00050a054e48 tmpv0:= SUB_DSZ32(0x0000010a, tmp9) U6c60: 0150663002d4 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmpv0, U6c66) U6c61: 006202054200 tmpv0:= MOVEFROMCREG_DSZ64(0x102) U6c62: 006520014214 tmpv0:= SHR_DSZ64(tmpv0, 0x00000020) U6c64: 0004000145d4 tmpv0:= AND_DSZ32(tmpv0, tmpv3) U6c65: 0151312c0254 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv0, U2b31) U6c66: 004700014597 tmpv0:= NOTAND_DSZ64(tmpv3, tmpv2) U6c68: 0151312c0254 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv0, U2b31) U6c69: 006274154200 tmpv0:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_BASE) U6c6a: 006275155200 tmpv1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U6c6c: 0047ff3d5548 tmpv1:= NOTAND_DSZ64(0x00000fff, tmpv1) U6c6d: 004400015557 tmpv1:= AND_DSZ64(tmpv3, tmpv1) U6c6e: 004400014515 tmpv0:= AND_DSZ64(tmpv1, tmpv0) U6c70: 004400015595 tmpv1:= AND_DSZ64(tmpv1, tmpv2) U6c71: 004500014515 tmpv0:= SUB_DSZ64(tmpv1, tmpv0) U6c72: 006275155200 tmpv1:= MOVEFROMCREG_DSZ64(PMH_CR_EMRR_MASK) U6c74: 000700115215 tmpv1:= NOTAND_DSZ32(tmpv1, 0x00000400) U6c75: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U6c76: 0150312c0254 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmpv0, U2b31) U6c78: 006272154200 tmpv0:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_BASE) U6c79: 006273155200 tmpv1:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U6c7a: 0047ff3d5548 tmpv1:= NOTAND_DSZ64(0x00000fff, tmpv1) U6c7c: 004400015557 tmpv1:= AND_DSZ64(tmpv3, tmpv1) U6c7d: 004400014515 tmpv0:= AND_DSZ64(tmpv1, tmpv0) U6c7e: 004400015595 tmpv1:= AND_DSZ64(tmpv1, tmpv2) U6c80: 004500014515 tmpv0:= SUB_DSZ64(tmpv1, tmpv0) U6c81: 006273155200 tmpv1:= MOVEFROMCREG_DSZ64(PMH_CR_SMRR_MASK) U6c82: 000700215215 tmpv1:= NOTAND_DSZ32(tmpv1, 0x00000800) U6c84: 004100014515 tmpv0:= OR_DSZ64(tmpv1, tmpv0) U6c85: 0150312c0254 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmpv0, U2b31) 088000cd SEQW URET1 ------------------------------------------------------------------------------------ U6c86: 1062310b6240 tmp6:= MOVEFROMCREG_DSZ64(0x231, 32) U6c88: 00048d031d90 tmp1:= AND_DSZ32(0x0003f000, tmp6) U6c89: 002506034236 tmp4:= SHR_DSZ32(tmp6, 0x00000006) U6c8a: 00048d034d10 tmp4:= AND_DSZ32(0x0003f000, tmp4) U6c8c: 000500031d31 tmp1:= SUB_DSZ32(tmp1, tmp4) U6c8d: 003201031231 tmp1:= SELECTCC_DSZ32_CONDB(tmp1, 0x00000001) U6c8e: 00250c035234 tmp5:= SHR_DSZ32(tmp4, 0x0000000c) U6c90: 0004003f4d88 tmp4:= AND_DSZ32(0x00000f00, tmp6) U6c91: 006508034234 tmp4:= SHR_DSZ64(tmp4, 0x00000008) U6c92: 000001034d08 tmp4:= ADD_DSZ32(0x00000001, tmp4) U6c94: 02e400034d74 tmp4:= unk_2e4(tmp4, tmp5) U6c95: 00041e033d88 tmp3:= AND_DSZ32(0x0000001e, tmp6) U6c96: 002501033233 tmp3:= SHR_DSZ32(tmp3, 0x00000001) U6c98: 000009033cc8 tmp3:= ADD_DSZ32(0x00000009, tmp3) U6c99: 006320035200 tmp5:= READURAM(0x0020, 64) U6c9a: 006530035235 tmp5:= SHR_DSZ64(tmp5, 0x00000030) U6c9c: 000703035235 tmp5:= NOTAND_DSZ32(tmp5, 0x00000003) U6c9d: 013100035cf5 tmp5:= SELECTCC_DSZ32_CONDNZ(tmp5, tmp3) U6c9e: 000000033cf5 tmp3:= ADD_DSZ32(tmp5, tmp3) U6ca0: 02a400033cf4 tmp3:= unk_2a4(tmp4, tmp3) U6ca1: 002502034233 tmp4:= SHR_DSZ32(tmp3, 0x00000002) U6ca2: 0004fe7f4d09 tmp4:= AND_DSZ32(0x00003ffe, tmp4) U6ca4: 000100031c74 tmp1:= OR_DSZ32(tmp4, tmp1) U6ca5: 0004e0034d88 tmp4:= AND_DSZ32(0x000000e0, tmp6) U6ca6: 002505034234 tmp4:= SHR_DSZ32(tmp4, 0x00000005) U6ca8: 002402035234 tmp5:= SHL_DSZ32(tmp4, 0x00000002) U6ca9: 000000034d35 tmp4:= ADD_DSZ32(tmp5, tmp4) U6caa: 000580034234 tmp4:= SUB_DSZ32(tmp4, 0x00000080) U6cac: 02a400034d33 tmp4:= unk_2a4(tmp3, tmp4) U6cad: 002404034234 tmp4:= SHL_DSZ32(tmp4, 0x00000004) U6cae: 000477074d10 tmp4:= AND_DSZ32(0x07ffc000, tmp4) U6cb0: 00631c035200 tmp5:= READURAM(0x001c, 64) U6cb1: 006520035235 tmp5:= SHR_DSZ64(tmp5, 0x00000020) U6cb2: 002100031c75 tmp1:= CONCAT_DSZ32(tmp5, tmp1) U6cb4: 190232080d31 LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmp1, tmp4, 0x232) 060000cc SEQW URET1 ------------------------------------------------------------------------------------ U6cb5: 06a04603a000 tmp10:= unk_6a0(0x00000000) U6cb6: 06490003aeb8 tmm2:= unk_649(tmm0, tmm2) U6cb8: 06a04003b000 tmp11:= unk_6a0(0x00000000) U6cb9: 068a0003fef8 tmp15:= FCOM2(tmp8, tmp11) U6cba: 06c90003bef8 tmm3:= unk_6c9(tmm0, tmm3) U6cbc: 06a03203c000 tmp12:= unk_6a0(0x00000000) U6cbd: 06e10003aebc tmm2:= unk_6e1(tmm4, tmm2) U6cbe: 076a0003003f mm0:= unk_76a(tmm7) U6cc0: 000408030c08 tmp0:= AND_DSZ32(0x00000008, tmp0) U6cc1: 0151146c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U5b14) U6cc2: 06e60003aebb tmm2:= unk_6e6(tmm3, tmm2) U6cc4: 066100038eba tmm0:= unk_661(tmm2, tmm2) U6cc5: 06e10003be38 tmm3:= unk_6e1(tmm0, tmm0) U6cc6: 06a03b03f000 tmp15:= unk_6a0(0x00000000) U6cc8: 06a03a03d000 tmp13:= unk_6a0(0x00000000) U6cc9: 06e10003effb tmm6:= unk_6e1(tmm3, tmm7) U6cca: 06a03903f000 tmp15:= unk_6a0(0x00000000) U6ccc: 06e10003cf7b tmm4:= unk_6e1(tmm3, tmm5) U6ccd: 06a03803d000 tmp13:= unk_6a0(0x00000000) U6cce: 06490003efbf tmm6:= unk_649(tmm7, tmm6) U6cd0: 06490003cf3d tmm4:= unk_649(tmm5, tmm4) U6cd1: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U6cd2: 06a03703f000 tmp15:= unk_6a0(0x00000000) U6cd4: 06e10003cf3b tmm4:= unk_6e1(tmm3, tmm4) U6cd5: 06490003efbf tmm6:= unk_649(tmm7, tmm6) U6cd6: 06a03603d000 tmp13:= unk_6a0(0x00000000) U6cd8: 06490003cf3d tmm4:= unk_649(tmm5, tmm4) U6cd9: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U6cda: 06e10003cf38 tmm4:= unk_6e1(tmm0, tmm4) U6cdc: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U6cdd: 27000003b033 tmm3:= unk_700(mm3) U6cde: 06490003cfbc tmm4:= unk_649(tmm4, tmm6) U6ce0: 06e10003cf3a tmm4:= unk_6e1(tmm2, tmm4) U6ce1: 06c900038f3a tmm0:= unk_6c9(tmm2, tmm4) U6ce2: 26a10003fe78 LFNCEMARK-> tmm7:= unk_6a1(tmm0, tmm1) 0501a280 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U6ce4: 06e100039e38 tmm1:= unk_6e1(tmm0, tmm0) U6ce5: 06e10003ae79 tmm2:= unk_6e1(tmm1, tmm1) U6ce6: 000403032c88 tmp2:= AND_DSZ32(0x00000003, tmp2) U6ce8: 000100038e32 tmp8:= OR_DSZ32(tmp2, tmp8) U6ce9: 072a00031038 mm1:= unk_72a(tmm0) U6cea: 002404031231 tmp1:= SHL_DSZ32(tmp1, 0x00000004) U6cec: 000100038e31 tmp8:= OR_DSZ32(tmp1, tmp8) U6ced: 07ea00030038 mm0:= unk_7ea(tmm0) U6cee: 00054403bc10 tmp11:= SUB_DSZ32(0x0000fffd, tmp0) U6cf0: 0350f13002fb UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp11, U6cf1) 01ed7500 SEQW GOTO U6d75 ------------------------------------------------------------------------------------ U6cf1: 002501031238 tmp1:= SHR_DSZ32(tmp8, 0x00000001) U6cf2: 002503032238 tmp2:= SHR_DSZ32(tmp8, 0x00000003) U6cf4: 000600032cb1 tmp2:= XOR_DSZ32(tmp1, tmp2) U6cf5: 000401031e08 tmp1:= AND_DSZ32(0x00000001, tmp8) U6cf6: 01519a1c02f1 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp1, U679a) U6cf8: 06a02003b000 tmp11:= unk_6a0(0x00000000) U6cf9: 06a02103c000 tmp12:= unk_6a0(0x00000000) U6cfa: 06e10003defa tmm5:= unk_6e1(tmm2, tmm3) U6cfc: 06a01e03b000 tmp11:= unk_6a0(0x00000000) U6cfd: 06e10003ef3a tmm6:= unk_6e1(tmm2, tmm4) U6cfe: 06490003df7b tmm5:= unk_649(tmm3, tmm5) U6d00: 06a01f03c000 tmp12:= unk_6a0(0x00000000) U6d01: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U6d02: 06490003efbc tmm6:= unk_649(tmm4, tmm6) U6d04: 06a01c03b000 tmp11:= unk_6a0(0x00000000) U6d05: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U6d06: 06a01d03c000 tmp12:= unk_6a0(0x00000000) U6d08: 06490003df7b tmm5:= unk_649(tmm3, tmm5) U6d09: 06490003efbc tmm6:= unk_649(tmm4, tmm6) U6d0a: 06e10003df79 tmm5:= unk_6e1(tmm1, tmm5) U6d0c: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U6d0d: 06490003dfbd tmm5:= unk_649(tmm5, tmm6) U6d0e: 07020003f032 tmm7:= unk_702(mm2) U6d10: 049600038ff8 tmm0:= unk_496(tmm0, tmm7) U6d11: 06e10003df78 tmm5:= unk_6e1(tmm0, tmm5) U6d12: 268900008f78 mm0:= unk_689(tmm0, tmm5) 0197ec80 SEQW GOTO uend ------------------------------------------------------------------------------------ U6d14: 07ea0003003b mm0:= unk_7ea(tmm3) U6d15: 000005030c08 tmp0:= ADD_DSZ32(0x00000005, tmp0) U6d16: 07c20003bef0 tmm3:= unk_7c2(mm0, tmm3) U6d18: 07040003e036 tmm6:= unk_704(mm6) U6d19: 06440003e03e tmm6:= unk_644(tmm6) U6d1a: 06e10003afba tmm2:= unk_6e1(tmm2, tmm6) U6d1c: 06c90003aefa tmm2:= unk_6c9(tmm2, tmm3) U6d1d: 06e60003cf3a tmm4:= unk_6e6(tmm2, tmm4) U6d1e: 06610003af3c tmm2:= unk_661(tmm4, tmm4) U6d20: 07020003e039 tmm6:= unk_702(tmm1) U6d21: 04960003cfbc tmm4:= unk_496(tmm4, tmm6) U6d22: 06e10003beba tmm3:= unk_6e1(tmm2, tmm2) U6d24: 06a01403d000 tmp13:= unk_6a0(0x00000000) U6d25: 06e10003ff7b tmm7:= unk_6e1(tmm3, tmm5) U6d26: 06a01503d000 tmp13:= unk_6a0(0x00000000) U6d28: 06e10003bf7b tmm3:= unk_6e1(tmm3, tmm5) U6d29: 06a01203d000 tmp13:= unk_6a0(0x00000000) U6d2a: 06c90003fffd tmm7:= unk_6c9(tmm5, tmm7) U6d2c: 06a01303d000 tmp13:= unk_6a0(0x00000000) U6d2d: 06490003befd tmm3:= unk_649(tmm5, tmm3) U6d2e: 06e10003debc tmm5:= unk_6e1(tmm4, tmm2) U6d30: 06e10003befa tmm3:= unk_6e1(tmm2, tmm3) U6d31: 06490003aeff tmm2:= unk_649(tmm7, tmm3) U6d32: 06e10003aebd tmm2:= unk_6e1(tmm5, tmm2) U6d34: 0000f5038d88 tmp8:= ADD_DSZ32(0x000000f5, tmp6) U6d35: 07160003b038 tmm3:= FPREADROM_DTYPENOP(tmp8) U6d36: 06c90003cebc tmm4:= unk_6c9(tmm4, tmm2) U6d38: 04960003dfbb tmm5:= unk_496(tmm3, tmm6) U6d39: 072a00030038 mm0:= unk_72a(tmm0) U6d3a: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U6d3c: 06c90003ef7c tmm6:= unk_6c9(tmm4, tmm5) U6d3d: 06a04103b000 tmp11:= unk_6a0(0x00000000) U6d3e: 0153ba5c02b7 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp7, U57ba) U6d40: 06a03f03b000 tmp11:= unk_6a0(0x00000000) U6d41: 0151ba5c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U57ba) U6d42: 26890003ff7c LFNCEWAIT-> tmm7:= unk_689(tmm4, tmm5) 03040480 SEQW GOTO U0404 ------------------------------------------------------------------------------------ U6d44: 002510039230 tmp9:= SHR_DSZ32(tmp0, 0x00000010) U6d45: 0cf54060003b LDHINT_BUFFER_ASZ32_SC1(tmp11) U6d46: 000cf03fd248 tmp13:= SAVEUIP(0x00, U2ff0) U6d48: 0cf58060023b LDHINT_BUFFER_ASZ32_SC1(tmp11, 0x00001880) U6d49: 0cf5c060023b LDHINT_BUFFER_ASZ32_SC1(tmp11, 0x000018c0) U6d4a: 025d00033db6 tmp3:= TEST_DSZ64(tmp6, tmp6) U6d4c: 01504d3402f3 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp3, U6d4d) 066d5c00 SEQW GOTO U6d5c ------------------------------------------------------------------------------------ U6d4d: 0021410ba010 tmp10:= CONCAT_DSZ32(0xffff0000) U6d4e: 00635c033200 tmp3:= READURAM(0x005c, 64) U6d50: 004700037cfa tmp7:= NOTAND_DSZ64(tmp10, tmp3) U6d51: 004400033dba tmp3:= AND_DSZ64(tmp10, tmp6) U6d52: 004100033cf7 tmp3:= OR_DSZ64(tmp7, tmp3) U6d54: 00435c040233 WRITEURAM(tmp3, 0x015c, 64) U6d55: 00470003adba tmp10:= NOTAND_DSZ64(tmp10, tmp6) U6d56: 00652f03323a tmp3:= SHR_DSZ64(tmp10, 0x0000002f) U6d58: 004601033cc8 tmp3:= XOR_DSZ64(0x00000001, tmp3) U6d59: 006430033233 tmp3:= SHL_DSZ64(tmp3, 0x00000030) U6d5a: 004100036cfa tmp6:= OR_DSZ64(tmp10, tmp3) U6d5c: 00870003ae70 tmp10:= NOTAND_DSZ16(tmp0, tmp9) U6d5d: 00843f03ae88 tmp10:= AND_DSZ16(0x0000003f, tmp10) U6d5e: 00872a039e50 tmp9:= NOTAND_DSZ16(0x00008080, tmp9) U6d60: 01b42a03c43a tmp12:= CMOVCC_DSZ16_CONDZ(tmp10, 0x00008080) U6d61: 00810003cf39 tmp12:= OR_DSZ16(tmp9, tmp12) U6d62: 00428c10023c LFNCEWAIT-> MOVETOCREG_DSZ64(tmp12, 0x48c) U6d64: 00426b000231 MOVETOCREG_DSZ64(tmp1, 0x06b) U6d65: 00a50b033239 tmp3:= SHR_DSZ16(tmp9, 0x0000000b) U6d66: 00c407033cc8 tmp3:= AND_DSZ8(0x00000007, tmp3) U6d68: 004273000233 SYNCMARK-> MOVETOCREG_DSZ64(tmp3, 0x073) U6d69: 004286100230 MOVETOCREG_DSZ64(tmp0, 0x486) U6d6a: 0cf50060027b LDHINT_BUFFER_ASZ32_SC1(tmp11, 0x00003800) U6d6c: 00251003a231 tmp10:= SHR_DSZ32(tmp1, 0x00000010) U6d6d: 00420e000236 MOVETOCREG_DSZ64(tmp6, 0x00e) U6d6e: 00420f00023a MOVETOCREG_DSZ64(tmp10, 0x00f) U6d70: 00420a000238 MOVETOCREG_DSZ64(tmp8, 0x00a) U6d71: 00420d000200 MOVETOCREG_DSZ64(0x00000000, 0x00d) U6d72: 006269039200 tmp9:= MOVEFROMCREG_DSZ64(0x069) U6d74: 096269000239 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(tmp9, 0x069) 040000c8 SEQW URET0 ------------------------------------------------------------------------------------ U6d75: 04960003de38 tmm5:= unk_496(tmm0, tmm0) U6d76: 053e0003cf40 tmm4:= unk_53e(tmm5) U6d78: 07280003303d mm3:= unk_728(tmm5) U6d79: 06c900038f3d tmm0:= unk_6c9(tmm5, tmm4) U6d7a: 002402031238 tmp1:= SHL_DSZ32(tmp8, 0x00000002) U6d7c: 000408031c48 tmp1:= AND_DSZ32(0x00000008, tmp1) U6d7d: 000600038e31 tmp8:= XOR_DSZ32(tmp1, tmp8) U6d7e: 002401032238 tmp2:= SHL_DSZ32(tmp8, 0x00000001) U6d80: 000410032c88 tmp2:= AND_DSZ32(0x00000010, tmp2) U6d81: 000600038e32 tmp8:= XOR_DSZ32(tmp2, tmp8) U6d82: 000c21680280 SAVEUIP(0x00, U5a21) U6d84: 06e10003ae38 tmm2:= unk_6e1(tmm0, tmm0) U6d85: 06a02b03c000 tmp12:= unk_6a0(0x00000000) U6d86: 06a02f03b000 tmp11:= unk_6a0(0x00000000) U6d88: 06e10003df3a tmm5:= unk_6e1(tmm2, tmm4) U6d89: 06a02a03c000 tmp12:= unk_6a0(0x00000000) U6d8a: 06e10003eefa tmm6:= unk_6e1(tmm2, tmm3) U6d8c: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U6d8d: 06a02e03b000 tmp11:= unk_6a0(0x00000000) U6d8e: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U6d90: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U6d91: 06a02903c000 tmp12:= unk_6a0(0x00000000) U6d92: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U6d94: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U6d95: 06a02d03b000 tmp11:= unk_6a0(0x00000000) U6d96: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U6d98: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U6d99: 06a02803c000 tmp12:= unk_6a0(0x00000000) U6d9a: 06e10003efba tmm6:= unk_6e1(tmm2, tmm6) U6d9c: 06490003df7c tmm5:= unk_649(tmm4, tmm5) U6d9d: 06a02c03b000 tmp11:= unk_6a0(0x00000000) U6d9e: 06490003efbb tmm6:= unk_649(tmm3, tmm6) U6da0: 06e10003df7a tmm5:= unk_6e1(tmm2, tmm5) U6da1: 000065031cc8 tmp1:= ADD_DSZ32(0x00000065, tmp3) U6da2: 07160003b031 tmm3:= FPREADROM_DTYPENOP(tmp1) U6da4: 06610003efba tmm6:= unk_661(tmm2, tmm6) U6da5: 00006d031cc8 tmp1:= ADD_DSZ32(0x0000006d, tmp3) U6da6: 07160003c031 tmm4:= FPREADROM_DTYPENOP(tmp1) U6da8: 06e10003de3d tmm5:= unk_6e1(tmm5, tmm0) 018000c8 SEQW URET0 ------------------------------------------------------------------------------------ U6da9: 1008ff7f701f tmp7:= ZEROEXT_DSZ32N(0xffffffffffffffff) U6daa: 00543f037237 tmp7:= BT_DSZ64(tmp7, 0x0000003f) U6dac: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U6dad: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U6dae: 006286130200 LFNCEWAIT-> tmp0:= MOVEFROMCREG_DSZ64(0x486) U6db0: 073a0003c000 tmm4:= unk_73a(0x00000000) U6db1: 00a100030c3c tmp0:= CONCAT_DSZ16(tmp12, tmp0) U6db2: 0c080063003b STAD_DSZ32_ASZ32_SC1(tmp11, mode=0x18, tmp0) U6db4: 00626a03a200 tmp10:= MOVEFROMCREG_DSZ64(0x06a) U6db5: 00620f032200 tmp2:= MOVEFROMCREG_DSZ64(0x00f) U6db6: 0004ff1f2c88 tmp2:= AND_DSZ32(0x000007ff, tmp2) U6db8: 00a10003aeb2 tmp10:= CONCAT_DSZ16(tmp2, tmp10) U6db9: 0c080463a03b STAD_DSZ32_ASZ32_SC1(tmp11, 0x00000004, mode=0x18, tmp10) U6dba: 00480003a000 tmp10:= ZEROEXT_DSZ64(0x00000000) U6dbc: 00620a033200 tmp3:= MOVEFROMCREG_DSZ64(0x00a) U6dbd: 00620d036200 tmp6:= MOVEFROMCREG_DSZ64(0x00d) U6dbe: 006269032200 tmp2:= MOVEFROMCREG_DSZ64(0x069) U6dc0: 000401032c88 tmp2:= AND_DSZ32(0x00000001, tmp2) U6dc1: 0174ff7f27f2 tmp2:= CMOVCC_DSZ64_CONDZ(tmp2, 0xffffffffffffffff) U6dc2: 0021ff7f27f2 tmp2:= CONCAT_DSZ32(tmp2, 0xffffffffffffffff) U6dc4: 004500033cf6 tmp3:= SUB_DSZ64(tmp6, tmp3) U6dc5: 004400033cf2 tmp3:= AND_DSZ64(tmp2, tmp3) U6dc6: 004400033cf2 tmp3:= AND_DSZ64(tmp2, tmp3) U6dc8: 00210003acfa tmp10:= CONCAT_DSZ32(tmp10, tmp3) U6dc9: 017e0003adfa tmp10:= MOVEMERGEFLGS_DSZ64(tmp10, tmp7) U6dca: 00770003acfa tmp10:= CMOVCC_DSZ64_CONDNB(tmp10, tmp3) U6dcc: 0c480863a03b STAD_DSZ64_ASZ32_SC1(tmp11, 0x00000008, mode=0x18, tmp10) U6dcd: 00620e03a200 tmp10:= MOVEFROMCREG_DSZ64(0x00e) U6dce: 0021410b9010 tmp9:= CONCAT_DSZ32(0xffff0000) U6dd0: 00635c031200 tmp1:= READURAM(0x005c, 64) U6dd1: 004700032eb9 tmp2:= NOTAND_DSZ64(tmp9, tmp10) U6dd2: 004400031c79 tmp1:= AND_DSZ64(tmp9, tmp1) U6dd4: 004100039c72 tmp9:= OR_DSZ64(tmp2, tmp1) U6dd5: 025d00031e80 tmp1:= TEST_DSZ64(tmp10) U6dd6: 017e00039c79 tmp9:= MOVEMERGEFLGS_DSZ64(tmp9, tmp1) U6dd8: 01740003aeb9 tmp10:= CMOVCC_DSZ64_CONDZ(tmp9, tmp10) U6dd9: 00080003303a tmp3:= ZEROEXT_DSZ32(tmp10) U6dda: 017e00033df3 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp7) U6ddc: 007700033eb3 tmp3:= CMOVCC_DSZ64_CONDNB(tmp3, tmp10) U6ddd: 0c481063303b STAD_DSZ64_ASZ32_SC1(tmp11, 0x00000010, mode=0x18, tmp3) 018000c9 SEQW URET0 ------------------------------------------------------------------------------------ U6dde: 000c2a840240 SAVEUIP(0x01, U212a) U6de0: 000811070010 tmp0:= ZEROEXT_DSZ32(0x00640fa0) U6de1: 002156070c10 LFNCEMARK-> tmp0:= CONCAT_DSZ32(0x03e80190, tmp0) U6de2: 1062380bd240 tmp13:= MOVEFROMCREG_DSZ64(0x238, 32) U6de4: 00250b03d23d tmp13:= SHR_DSZ32(tmp13, 0x0000000b) U6de5: 00043003df48 tmp13:= AND_DSZ32(0x00000030, tmp13) U6de6: 006500030f70 tmp0:= SHR_DSZ64(tmp0, tmp13) U6de8: 00880003d030 tmp13:= ZEROEXT_DSZ16(tmp0) U6de9: 1062200b0240 tmp0:= MOVEFROMCREG_DSZ64(0x220, 32) U6dea: 002508033230 tmp3:= SHR_DSZ32(tmp0, 0x00000008) U6dec: 006323034200 tmp4:= READURAM(0x0023, 64) U6ded: 005403034234 tmp4:= BT_DSZ64(tmp4, 0x00000003) U6dee: 017e00030d30 tmp0:= MOVEMERGEFLGS_DSZ64(tmp0, tmp4) U6df0: 003600034cf0 tmp4:= CMOVCC_DSZ32_CONDB(tmp0, tmp3) U6df1: 00043f034d08 tmp4:= AND_DSZ32(0x0000003f, tmp4) U6df2: 00bc00032033 tmp2:= unk_0bc(tmp3) U6df4: 001603032232 tmp2:= BTR_DSZ32(tmp2, 0x00000003) U6df5: 003300032cb2 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, tmp2) U6df6: 00c800033033 tmp3:= ZEROEXT_DSZ8(tmp3) U6df8: 000508030232 tmp0:= SUB_DSZ32(tmp2, 0x00000008) U6df9: 02e400030d30 tmp0:= unk_2e4(tmp0, tmp4) U6dfa: 02a400030c3d tmp0:= unk_2a4(tmp13, tmp0) U6dfc: 002503030230 tmp0:= SHR_DSZ32(tmp0, 0x00000003) U6dfd: 011600032c00 tmp2:= unk_116(tmp0) U6dfe: 022600032cb3 tmp2:= unk_226(tmp3, tmp2) U6e00: 011400030c80 tmp0:= unk_114(tmp2) U6e01: 000100030030 tmp0:= OR_DSZ32(tmp0) U6e02: 01f900030030 tmp0:= SETCC_CONDNZ(tmp0) U6e04: 000000032cb0 tmp2:= ADD_DSZ32(tmp0, tmp2) U6e05: 000500030f72 tmp0:= SUB_DSZ32(tmp2, tmp13) U6e06: 00a100031c32 tmp1:= CONCAT_DSZ16(tmp2, tmp0) U6e08: 0001f0071c50 tmp1:= OR_DSZ32(0x80000000, tmp1) U6e09: 013000031c70 tmp1:= SELECTCC_DSZ32_CONDZ(tmp0, tmp1) U6e0a: 000100031c4c tmp1:= OR_DSZ32(0x00008000, tmp1) U6e0c: 104221080271 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp1, 0x221, 32) U6e0d: 00213f030008 tmp0:= CONCAT_DSZ32(0x0000003f) U6e0e: 006420034234 tmp4:= SHL_DSZ64(tmp4, 0x00000020) U6e10: 00635c039200 tmp9:= READURAM(0x005c, 64) U6e11: 004700039e70 tmp9:= NOTAND_DSZ64(tmp0, tmp9) U6e12: 004400034d30 tmp4:= AND_DSZ64(tmp0, tmp4) U6e14: 004100039e74 tmp9:= OR_DSZ64(tmp4, tmp9) U6e15: 20435c040239 LFNCEMARK-> WRITEURAM(tmp9, 0x015c, 64) 048000cd SEQW URET1 ------------------------------------------------------------------------------------ fit_load_start: U6e16: 0008c07f001f tmp0:= ZEROEXT_DSZ32(0xffffffffffffffc0) U6e18: 0e6500030030 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0) U6e19: 00a1000bc008 tmp12:= CONCAT_DSZ16(0x00000200) U6e1a: 00010103bf08 tmp11:= OR_DSZ32(0x00000001, tmp12) U6e1c: 0045470b1c10 tmp1:= SUB_DSZ64(0xffffffb0, tmp0) U6e1d: 0353687802b1 UJMPCC_DIRECT_NOTTAKEN_CONDNLE(tmp1, fit_process_error) U6e1e: 00010203bf08 tmp11:= OR_DSZ32(0x00000002, tmp12) U6e20: 00452d0b1c10 tmp1:= SUB_DSZ64(0xff000000, tmp0) U6e21: 0350687802b1 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp1, fit_process_error) U6e22: 00010303bf08 tmp11:= OR_DSZ32(0x00000003, tmp12) U6e24: 0e6500031030 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0) U6e25: 0008d5072010 tmp2:= ZEROEXT_DSZ32(0x5449465f) U6e26: 0021a9072c90 tmp2:= CONCAT_DSZ32(0x2020205f, tmp2) U6e28: 292968390c72 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp1, fit_process_error) U6e29: 0e6508031030 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000008) U6e2a: 00010403bf08 tmp11:= OR_DSZ32(0x00000004, tmp12) U6e2c: 006518032231 tmp2:= SHR_DSZ64(tmp1, 0x00000018) U6e2d: 00161f032232 tmp2:= BTR_DSZ32(tmp2, 0x0000001f) U6e2e: 000547032c90 tmp2:= SUB_DSZ32(0x00010000, tmp2) U6e30: 0151687802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, fit_process_error) U6e31: 00010503bf08 tmp11:= OR_DSZ32(0x00000005, tmp12) U6e32: 000000033c40 tmp3:= ADD_DSZ32(0x00000000, tmp1) U6e34: 292868390033 CMPUJZ_DIRECT_NOTTAKEN(tmp3, 0x00000000, fit_process_error) U6e35: 00010603bf08 tmp11:= OR_DSZ32(0x00000006, tmp12) U6e36: 002404033233 tmp3:= SHL_DSZ32(tmp3, 0x00000004) U6e38: 004000033c33 tmp3:= ADD_DSZ64(tmp3, tmp0) U6e39: 0045480b2cd0 tmp2:= SUB_DSZ64(0xffffffc0, tmp3) U6e3a: 0153687802b2 UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp2, fit_process_error) U6e3c: 00151f039200 tmp9:= BTS_DSZ32(0x00000000, 0x0000001f) U6e3d: 00210103a008 tmp10:= CONCAT_DSZ32(0x00000001) U6e3e: 2d4b101f600a tmp6:= PORTIN_DSZ64_ASZ16_SC1(0x00004710) U6e40: 006532036236 tmp6:= SHR_DSZ64(tmp6, 0x00000032) U6e41: 000407036d88 tmp6:= AND_DSZ32(0x00000007, tmp6) process_next_fit_xlat: U6e42: 000010030c08 tmp0:= ADD_DSZ32(0x00000010, tmp0) U6e44: 000500031c33 tmp1:= SUB_DSZ32(tmp3, tmp0) U6e45: 00538a0002f1 UJMPCC_DIRECT_NOTTAKEN_CONDNB(tmp1, fit_load_end) U6e46: 0e6508031030 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp0, 0x00000008) U6e48: 006530032231 tmp2:= SHR_DSZ64(tmp1, 0x00000030) U6e49: 00047f032c88 tmp2:= AND_DSZ32(0x0000007f, tmp2) U6e4a: 19294c790232 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000001, non_ucode_fit_xlat_found) 01e4ea80 SEQW GOTO ucode_fit_xlat_found ------------------------------------------------------------------------------------ non_ucode_fit_xlat_found: U6e4c: 00010803bf08 tmp11:= OR_DSZ32(0x00000008, tmp12) U6e4d: 00057f032c88 tmp2:= SUB_DSZ32(0x0000007f, tmp2) U6e4e: 0150423802f2 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, process_next_fit_xlat) 01e08a80 SEQW GOTO fit_load_end ------------------------------------------------------------------------------------ U6e50: 000403031c48 tmp1:= AND_DSZ32(0x00000003, tmp1) U6e51: 009409032236 tmp2:= BT_DSZ16(tmp6, 0x00000009) U6e52: 017e00031cb1 tmp1:= MOVEMERGEFLGS_DSZ64(tmp1, tmp2) U6e54: 003603032231 tmp2:= CMOVCC_DSZ32_CONDB(tmp1, 0x00000003) U6e55: 003d03033232 tmp3:= MOVEINSERTFLGS_DSZ32(tmp2, 0x00000003) U6e56: 003600032cb3 tmp2:= CMOVCC_DSZ32_CONDB(tmp3, tmp2) U6e58: 00c059033232 tmp3:= ADD_DSZ8(tmp2, 0x00000059) U6e59: 071600039033 tmm1:= FPREADROM_DTYPENOP(tmp3) U6e5a: 00c05d034232 tmp4:= ADD_DSZ8(tmp2, 0x0000005d) U6e5c: 07160003c034 tmm4:= FPREADROM_DTYPENOP(tmp4) U6e5d: 00c061035232 tmp5:= ADD_DSZ8(tmp2, 0x00000061) U6e5e: 07160003e035 tmm6:= FPREADROM_DTYPENOP(tmp5) U6e60: 053f0003efbf tmm6:= unk_53f(tmm7, tmm6) U6e61: 07ea0003003f mm0:= unk_7ea(tmm7) U6e62: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U6e64: 07c20003efb0 tmm6:= unk_7c2(mm0, tmm6) U6e65: 076c0003103f tmp1:= PINTMOVDTMM2I_DSZ64(tmm7) U6e66: 006401031231 tmp1:= SHL_DSZ64(tmp1, 0x00000001) U6e68: 004700031c40 tmp1:= NOTAND_DSZ64(0x00000000, tmp1) U6e69: 015054140231 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U0554) U6e6a: 076b0003303f mm3:= unk_76b(tmm7) U6e6c: 074300039e73 tmm1:= unk_743(mm3, tmm1) U6e6d: 048500039039 tmm1:= unk_485(tmm1) U6e6e: 07ea0003503f mm5:= unk_7ea(tmm7) U6e70: 07c200039e75 tmm1:= unk_7c2(mm5, tmm1) U6e71: 068c00038e7f tmm0:= unk_68c(tmm7, tmm1) U6e72: 076a0003303f mm3:= unk_76a(tmm7) U6e74: 00c410033cc8 tmp3:= AND_DSZ8(0x00000010, tmp3) U6e75: 01b401038233 tmp8:= CMOVCC_DSZ16_CONDZ(tmp3, 0x00000001) U6e76: 07430003cf38 tmm4:= unk_743(tmm0, tmm4) U6e78: 04820003c03c tmm4:= unk_482(tmm4) U6e79: 07ea00035038 mm5:= unk_7ea(tmm0) U6e7a: 07c20003cf35 tmm4:= unk_7c2(mm5, tmm4) U6e7c: 068800038f38 tmm0:= unk_688(tmm0, tmm4) U6e7d: 006286134200 tmp4:= MOVEFROMCREG_DSZ64(0x486) U6e7e: 008410035d08 tmp5:= AND_DSZ16(0x00000010, tmp4) U6e80: 015089240275 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp5, U2989) U6e81: 00082e035010 tmp5:= ZEROEXT_DSZ32(0x0000c001) U6e82: 07c200039e35 tmm1:= unk_7c2(mm5, tmm0) U6e84: 06aa00038e78 tmm0:= unk_6aa(tmm0, tmm1) U6e85: 286ab46902b6 BTUJB_DIRECT_NOTTAKEN(tmp6, 0x00000009, U5ab4) U6e86: 0250600c02f6 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp6, U6360) U6e88: 26ee00038038 LFNCEMARK-> tmm0:= unk_6ee(tmm0) 04636000 SEQW GOTO U6360 ------------------------------------------------------------------------------------ U6e89: 000100030c38 tmp0:= OR_DSZ32(tmp8, tmp0) U6e8a: 0151b65802f0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U76b6) U6e8c: 06a03003a000 tmp10:= unk_6a0(0x00000000) U6e8d: 06a03103b000 tmp11:= unk_6a0(0x00000000) U6e8e: 068a0003ceb8 tmp12:= FCOM2(tmp8, tmp10) U6e90: 068a0003de3b tmp13:= FCOM2(tmp11, tmp8) U6e91: 076a0003003c mm0:= unk_76a(tmm4) U6e92: 076a0003103d mm1:= unk_76a(tmm5) U6e94: 000400030c31 tmp0:= AND_DSZ32(tmp1, tmp0) U6e95: 0151b53002f0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U6cb5) U6e96: 05be0003ae00 tmm2:= unk_5be(tmm0) U6e98: 07a800038038 tmm0:= unk_7a8(tmm0) U6e99: 06490003beb8 tmm3:= unk_649(tmm0, tmm2) U6e9a: 04940003ce80 tmm4:= unk_494(tmm2) U6e9c: 06490003ce3c tmm4:= unk_649(tmm4, tmm0) U6e9d: 06490003befb tmm3:= unk_649(tmm3, tmm3) U6e9e: 07ea0003003a mm0:= unk_7ea(tmm2) U6ea0: 000546030c10 tmp0:= SUB_DSZ32(0x0000ffff, tmp0) U6ea1: 06a03e03a000 tmp10:= unk_6a0(0x00000000) U6ea2: 06660003befc tmm3:= unk_666(tmm4, tmm3) U6ea4: 06e10003aefa tmm2:= unk_6e1(tmm2, tmm3) U6ea5: 06e10003cefb tmm4:= unk_6e1(tmm3, tmm3) U6ea6: 06a03503d000 tmp13:= unk_6a0(0x00000000) U6ea8: 06e100038f7c tmm0:= unk_6e1(tmm4, tmm5) U6ea9: 06a03403d000 tmp13:= unk_6a0(0x00000000) U6eaa: 064900038e3d tmm0:= unk_649(tmm5, tmm0) U6eac: 06e100038e3c tmm0:= unk_6e1(tmm4, tmm0) U6ead: 06a03303d000 tmp13:= unk_6a0(0x00000000) U6eae: 064900038e3d tmm0:= unk_649(tmm5, tmm0) U6eb0: 07040003d030 tmm5:= unk_704(mm0) U6eb1: 06440003d03d tmm5:= unk_644(tmm5) U6eb2: 06e100038e3c tmm0:= unk_6e1(tmm4, tmm0) U6eb4: 0000b5030e08 tmp0:= ADD_DSZ32(0x000000b5, tmp8) U6eb5: 07160003c030 tmm4:= FPREADROM_DTYPENOP(tmp0) U6eb6: 06490003df3d tmm5:= unk_649(tmm5, tmm4) U6eb8: 06e100038ef8 tmm0:= unk_6e1(tmm0, tmm3) U6eb9: 0000d5030e08 tmp0:= ADD_DSZ32(0x000000d5, tmp8) U6eba: 07160003b030 tmm3:= FPREADROM_DTYPENOP(tmp0) U6ebc: 064900038e3a tmm0:= unk_649(tmm2, tmm0) U6ebd: 000810033008 tmp3:= ZEROEXT_DSZ32(0x00000010) U6ebe: 27000003a033 tmm2:= unk_700(mm3) U6ec0: 06c900038e3b tmm0:= unk_6c9(tmm3, tmm0) U6ec1: 06c900038e3d tmm0:= unk_6c9(tmm5, tmm0) U6ec2: 26a10003fe78 LFNCEMARK-> tmm7:= unk_6a1(tmm0, tmm1) 0501a280 SEQW GOTO U01a2 ------------------------------------------------------------------------------------ U6ec4: 0e75c0072008 tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000001c0) U6ec5: 000d08800000 SAVEUIP_REGOVR(0x01, U6ec6, 0x0008) 01b2cd40 SEQW GOTO U32cd U6ec6: 1042830c0272 MOVETOCREG_DSZ64(tmp2, 0x383, 32) U6ec8: 19a2840f22b2 tmp2:= MOVETOCREG_SHR_DSZ64(tmp2, 0x00000008, 0x384) U6ec9: 09a20c0722b2 tmp2:= MOVETOCREG_SHR_DSZ64(tmp2, 0x00000008, 0x10c) U6eca: 004400078c88 tmp8:= AND_DSZ64(0x00000100, tmp2) U6ecc: 0062921b7200 tmp7:= MOVEFROMCREG_DSZ64(0x692) U6ecd: 004700077dc8 tmp7:= NOTAND_DSZ64(0x00000100, tmp7) U6ece: 0902921b7e37 tmp7:= MOVETOCREG_OR_DSZ64(tmp7, tmp8, 0x692) U6ed0: 09a2f61c0332 MOVETOCREG_SHR_DSZ64(tmp2, 0x00000010, CORE_CR_CR0) U6ed1: 0e75000b8008 tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000200) U6ed2: 1042f00c0278 MOVETOCREG_DSZ64(tmp8, 0x3f0, 32) U6ed4: 19a2f10c02b8 MOVETOCREG_SHR_DSZ64(tmp8, 0x00000008, 0x3f1) U6ed5: 19a2f20c0338 MOVETOCREG_SHR_DSZ64(tmp8, 0x00000010, 0x3f2) U6ed6: 19a2f30c03b8 MOVETOCREG_SHR_DSZ64(tmp8, 0x00000018, 0x3f3) U6ed8: 0e7580031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000080) U6ed9: 004274140231 MOVETOCREG_DSZ64(tmp1, PMH_CR_EMRR_BASE) U6eda: 0e75a0031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000a0) U6edc: 004275140231 MOVETOCREG_DSZ64(tmp1, PMH_CR_EMRR_MASK) U6edd: 0e75c0031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000c0) U6ede: 004262140231 MOVETOCREG_DSZ64(tmp1, 0x562) U6ee0: 0e75e0031008 tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000e0) U6ee1: 004263140231 MOVETOCREG_DSZ64(tmp1, 0x563) U6ee2: 000d08800000 SAVEUIP_REGOVR(0x01, U6ee4, 0x0008) 01ab1580 SEQW GOTO lbsync_full U6ee4: 000880030008 tmp0:= ZEROEXT_DSZ32(0x00000080) U6ee5: 0008df0b1008 tmp1:= ZEROEXT_DSZ32(0x000002df) U6ee6: 000c7a080200 SAVEUIP(0x00, U027a) 0197f696 SEQW SAVEUIP1 U6ee8 SEQW GOTO U17f6 U6ee8: 19a29e0c0638 MOVETOCREG_SHR_DSZ64(tmp8, 0x00000020, 0x39e) U6ee9: 0e75e0078008 tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000001e0) U6eea: 004204040238 MOVETOCREG_DSZ64(tmp8, 0x104) U6eec: 19629dc803c0 MOVETOCREG_BTS_DSZ64(0x0000001f, 0x29d) U6eed: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U6eee: 004200000200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x000) U6ef0: 0e75a0078008 tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000001a0) U6ef1: 213f00000038 unk_13f(tmp8) U6ef2: 0042fe1c0238 MOVETOCREG_DSZ64(tmp8, CORE_CR_EFLAGS) U6ef4: 00621b178200 tmp8:= MOVEFROMCREG_DSZ64(0x51b) U6ef5: 0a621b140238 MOVETOCREG_BTR_DSZ64(tmp8, 0x51b) U6ef6: 00634703c200 tmp12:= READURAM(0x0047, 64) U6ef8: 100a00000380 TESTUSTATE(SYS, 0xc000) 01a83a00 ? SEQW GOTO U283a U6ef9: 00635c038200 tmp8:= READURAM(0x005c, 64) U6efa: 001407038238 tmp8:= BT_DSZ32(tmp8, 0x00000007) U6efc: 013e75338e08 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000c75, tmp8) U6efd: 00360003cf38 tmp12:= CMOVCC_DSZ32_CONDB(tmp8, tmp12) 01a82540 SEQW GOTO U2825 ------------------------------------------------------------------------------------ U6efe: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U6f00: 00423a180232 MOVETOCREG_DSZ64(tmp2, 0x63a) U6f01: 00040303fe08 tmp15:= AND_DSZ32(0x00000003, tmp8) U6f02: 00250f03ffc8 tmp15:= SHR_DSZ32(0x0000000f, tmp15) U6f04: 00423e18023f MOVETOCREG_DSZ64(tmp15, 0x63e) U6f05: 0062f61ff200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U6f06: 0001f3071c50 tmp1:= OR_DSZ32(0x80000021, tmp1) U6f08: 0004d807ffd0 tmp15:= AND_DSZ32(0x60000000, tmp15) U6f09: 0004fd071c50 tmp1:= AND_DSZ32(0x8005003f, tmp1) U6f0a: 00010003fc7f tmp15:= OR_DSZ32(tmp15, tmp1) U6f0c: 0042f61c023f MOVETOCREG_DSZ64(tmp15, CORE_CR_CR0) U6f0d: 0007310b4d10 tmp4:= NOTAND_DSZ32(0xffca5800, tmp4) U6f0e: 000100034d09 tmp4:= OR_DSZ32(0x00002000, tmp4) U6f10: 00635c03f200 tmp15:= READURAM(0x005c, 64) U6f11: 00541a03f23f tmp15:= BT_DSZ64(tmp15, 0x0000001a) U6f12: 00320003f33f tmp15:= SELECTCC_DSZ32_CONDB(tmp15, 0x00008000) U6f14: 000700034d3f tmp4:= NOTAND_DSZ32(tmp15, tmp4) U6f15: 00633503f200 tmp15:= READURAM(0x0035, 64) U6f16: 00542903f23f tmp15:= BT_DSZ64(tmp15, 0x00000029) U6f18: 0032e103f43f tmp15:= SELECTCC_DSZ32_CONDB(tmp15, 0x00200000) U6f19: 000700034d3f tmp4:= NOTAND_DSZ32(tmp15, tmp4) U6f1a: 00637703f200 tmp15:= READURAM(0x0077, 64) U6f1c: 00542b03f23f tmp15:= BT_DSZ64(tmp15, 0x0000002b) U6f1d: 00330003f33f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0x00008000) U6f1e: 000700034d3f tmp4:= NOTAND_DSZ32(tmp15, tmp4) U6f20: 01302003123d tmp1:= SELECTCC_DSZ32_CONDZ(tmp13, 0x00000020) U6f21: 004229140237 MOVETOCREG_DSZ64(tmp7, 0x529) U6f22: 0902c51c0c74 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp4, tmp1, CORE_CR_CR4) U6f24: 0062011ff200 tmp15:= MOVEFROMCREG_DSZ64(0x701) U6f25: 000a40000200 TESTUSTATE(UCODE, 0x0040) 01ef2940 ? SEQW GOTO U6f29 U6f26: 0c6b30000000 WRSEGFLD(0x00000000) U6f28: 0047100bffd0 tmp15:= NOTAND_DSZ64(0xc0000000, tmp15) U6f29: 00635c03c200 tmp12:= READURAM(0x005c, 64) U6f2a: 00049a03cf10 tmp12:= AND_DSZ32(0x00040000, tmp12) U6f2c: 00479a03ffd0 tmp15:= NOTAND_DSZ64(0x00040000, tmp15) U6f2d: 0902011c0f3f LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp15, tmp12, 0x701) U6f2e: 000a08800200 TESTUSTATE(UCODE, !0x0008) 04ef3280 ? SEQW GOTO U6f32 U6f30: 1042f91c0240 MOVETOCREG_DSZ64(0x00000000, 0x7f9, 32) U6f31: 0042f81c0200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x7f8) U6f32: 000aa0000200 TESTUSTATE(UCODE, 0x00a0) 048000ce ? SEQW URET1 U6f34: 000e0303c208 tmp12:= WRMSLOOPCTRFBR(0x00000003) U6f35: 00071f032dc8 tmp2:= NOTAND_DSZ32(0x0000001f, tmp7) U6f36: 000840173008 tmp3:= ZEROEXT_DSZ32(0x00000540) U6f38: 006310034200 tmp4:= READURAM(0x0010, 64) U6f39: 0088e6074d08 tmp4:= ZEROEXT_DSZ16(0x000001e6, tmp4) U6f3a: 0e6500031032 LFNCEWAIT-> tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp2) U6f3c: 004800032c72 tmp2:= ZEROEXT_DSZ64(tmp2, tmp1) 01d7ca00 SEQW GOTO U57ca ------------------------------------------------------------------------------------ U6f3d: 00080803b008 tmp11:= ZEROEXT_DSZ32(0x00000008) U6f3e: 1062850b2240 tmp2:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6f40: 186adc9c02b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x0000000a, U27dc) U6f41: 00080903b008 tmp11:= ZEROEXT_DSZ32(0x00000009) U6f42: 2d4b101f200a tmp2:= PORTIN_DSZ64_ASZ16_SC1(0x00004710) U6f44: 006532032232 tmp2:= SHR_DSZ64(tmp2, 0x00000032) U6f45: 000407032c88 tmp2:= AND_DSZ32(0x00000007, tmp2) U6f46: 0e254403103e tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000044) U6f48: 186bdc1c0cb1 BTUJNB_DIRECT_NOTTAKEN(tmp1, tmp2, U27dc) U6f49: 0e251003203e tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x00000010) U6f4a: 00080a03b008 tmp11:= ZEROEXT_DSZ32(0x0000000a) U6f4c: 006334034200 tmp4:= READURAM(0x0034, 64) U6f4d: 006520034234 tmp4:= SHR_DSZ64(tmp4, 0x00000020) U6f4e: 000500032cb4 tmp2:= SUB_DSZ32(tmp4, tmp2) U6f50: 0052dc1c0272 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp2, U27dc) U6f51: 0e250c03103e tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp14, 0x0000000c) U6f52: 186a54fd03f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000001f, U6f54) 01ef6980 SEQW GOTO U6f69 ------------------------------------------------------------------------------------ U6f54: 006353030200 tmp0:= READURAM(0x0053, 64) U6f55: 000120030c08 tmp0:= OR_DSZ32(0x00000020, tmp0) U6f56: 0043530b0230 tmp0:= WRITEURAM(tmp0, 0x0053, 32) U6f58: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U6f59: 186b5dbd02b0 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x0000000a, U6f5d) U6f5a: 2d0b0413000c tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x00008404) U6f5c: 186bdc1c0230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U27dc) U6f5d: 00080b03b008 tmp11:= ZEROEXT_DSZ32(0x0000000b) U6f5e: 2d0bd843100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x000050d8) U6f60: 1062080b2240 tmp2:= MOVEFROMCREG_DSZ64(0x208, 32) U6f61: 002510030231 tmp0:= SHR_DSZ32(tmp1, 0x00000010) U6f62: 000700030c32 tmp0:= NOTAND_DSZ32(tmp2, tmp0) U6f64: 186adc1c0230 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U27dc) U6f65: 100a00800380 TESTUSTATE(SYS, !0xc000) 01ef6940 ? SEQW GOTO U6f69 U6f66: 00080c03b008 tmp11:= ZEROEXT_DSZ32(0x0000000c) U6f68: 186bdc9c0331 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000012, U27dc) U6f69: 104024031f88 tmp1:= ADD_DSZN(0x00000024, tmp14) U6f6a: 00085303a000 ROVR<- tmp10:= ZEROEXT_DSZ32(0x00000000) 018ba99e SEQW SAVEUIP1 U6f6c SEQW GOTO U0ba9 U6f6c: 000801035008 tmp5:= ZEROEXT_DSZ32(0x00000001) U6f6d: 000e0703c208 tmp12:= WRMSLOOPCTRFBR(0x00000007) U6f6e: 0e2500032031 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp1) U6f70: 000500032cb3 tmp2:= SUB_DSZ32(tmp3, tmp2) U6f71: 013100032d72 tmp2:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp5) U6f72: 00010003aeb2 tmp10:= OR_DSZ32(tmp2, tmp10) U6f74: 000000035d75 tmp5:= ADD_DSZ32(tmp5, tmp5) U6f75: 104004031c48 tmp1:= ADD_DSZN(0x00000004, tmp1) U6f76: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01ef6e80 ? SEQW GOTO U6f6e U6f78: 0e75a0070008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000001a0) U6f79: 002100030c3a tmp0:= CONCAT_DSZ32(tmp10, tmp0) U6f7a: 0e7da0070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x000001a0, tmp0) U6f7c: 0040840b4f88 tmp4:= ADD_DSZ64(0x00000284, tmp14) 019e8800 SEQW GOTO U1e88 ------------------------------------------------------------------------------------ U6f7d: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U6f7e: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U6f80: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U6f81: 186b803d023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U6f80) U6f82: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6f84: 186b85fd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6f85) 086f8200 SEQW GOTO U6f82 ------------------------------------------------------------------------------------ U6f85: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U6f86: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U6f88: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U6f89: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U6f8a: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U6f8c: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6f8d: 186b8efd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6f8e) 08ef8c40 SEQW GOTO U6f8c ------------------------------------------------------------------------------------ U6f8e: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U6f90: 00e10703ffc8 tmp15:= CONCAT_DSZ8(0x00000007, tmp15) U6f91: 00a1c007ffca tmp15:= CONCAT_DSZ16(0x000041c0, tmp15) U6f92: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U6f94: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U6f95: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U6f96: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U6f98: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6f99: 186b9afd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6f9a) 08ef9840 SEQW GOTO U6f98 ------------------------------------------------------------------------------------ U6f9a: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U6f9c: 00001003ffc8 tmp15:= ADD_DSZ32(0x00000010, tmp15) U6f9d: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U6f9e: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U6fa0: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U6fa1: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U6fa2: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6fa4: 186ba5fd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6fa5) 086fa200 SEQW GOTO U6fa2 ------------------------------------------------------------------------------------ U6fa5: 00480003f015 tmp15:= ZEROEXT_DSZ64(tmpv1) U6fa6: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U6fa8: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U6fa9: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U6faa: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U6fac: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U6fad: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6fae: 186bb0fd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6fb0) 096fad80 SEQW GOTO U6fad ------------------------------------------------------------------------------------ U6fb0: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U6fb1: 00000403ffc8 tmp15:= ADD_DSZ32(0x00000004, tmp15) U6fb2: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U6fb4: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U6fb5: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U6fb6: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U6fb8: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U6fb9: 186bbafd03ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U6fba) 08efb840 SEQW GOTO U6fb8 ------------------------------------------------------------------------------------ U6fba: 00480003f014 tmp15:= ZEROEXT_DSZ64(tmpv0) U6fbc: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U6fbd: 002d1003f23f tmp15:= ROR_DSZ32(tmp15, 0x00000010) U6fbe: 0001ff03ffc8 tmp15:= OR_DSZ32(0x000000ff, tmp15) 01f22680 SEQW GOTO U7226 ------------------------------------------------------------------------------------ U6fc0: 0ead7c03b2b2 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000027c, tmp11) U6fc1: 006208039200 tmp9:= MOVEFROMCREG_DSZ64(0x008) U6fc2: 0e2d800392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000280, tmp9) U6fc4: 006270039200 tmp9:= MOVEFROMCREG_DSZ64(0x070) U6fc5: 0ead7e0392b2 STADPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp2, 0x0000027e, tmp9) U6fc6: 186ac87d027a LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp10, 0x00000005, U6fc8) 076fcd80 SEQW GOTO U6fcd ------------------------------------------------------------------------------------ U6fc8: 006205079200 tmp9:= MOVEFROMCREG_DSZ64(0x105) U6fc9: 0e2d780392b2 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000278, tmp9) U6fca: 000700039e4a tmp9:= NOTAND_DSZ32(0x00004000, tmp9) U6fcc: 004205040239 MOVETOCREG_DSZ64(tmp9, 0x105) U6fcd: 30420f080240 MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U6fce: 0c6b25000034 LFNCEWAIT-> WRSEGFLD(tmp4, DS_16bit, BASE) U6fd0: 0c4ba0279000 tmp9:= RDSEGFLD(UNK_SEG_09, SEL+FLGS+LIM) U6fd1: 0c6ba5000039 WRSEGFLD(tmp9, DS_16bit, SEL+FLGS+LIM) U6fd2: 00089303900c tmp9:= ZEROEXT_DSZ32(0x00008093) U6fd4: 002410039239 tmp9:= SHL_DSZ32(tmp9, 0x00000010) U6fd5: 0021ff7f9e5f tmp9:= CONCAT_DSZ32(0xffffffffffffffff, tmp9) U6fd6: 0c6ba4000039 WRSEGFLD(tmp9, UNK_SEG_04, SEL+FLGS+LIM) U6fd8: 0c6bab000039 WRSEGFLD(tmp9, DS, SEL+FLGS+LIM) U6fd9: 0c6bac000039 WRSEGFLD(tmp9, FS, SEL+FLGS+LIM) U6fda: 0c6ba8000039 WRSEGFLD(tmp9, ES, SEL+FLGS+LIM) U6fdc: 0c6bad000039 WRSEGFLD(tmp9, GS, SEL+FLGS+LIM) U6fdd: 0c6baa000039 WRSEGFLD(tmp9, SS_USERM, SEL+FLGS+LIM) U6fde: 0c6ba3000039 WRSEGFLD(tmp9, SS, SEL+FLGS+LIM) U6fe0: 000900000000 MOVE_DSZ32(0x00000000) U6fe1: 00250403a234 tmp10:= SHR_DSZ32(tmp4, 0x00000004) U6fe2: 00a19b03ae8c tmp10:= CONCAT_DSZ16(0x0000809b, tmp10) U6fe4: 0021ff7fae9f tmp10:= CONCAT_DSZ32(0xffffffffffffffff, tmp10) U6fe5: 0c6b2b000000 WRSEGFLD(0x00000000, DS, BASE) U6fe6: 0c6b28000000 WRSEGFLD(0x00000000, ES, BASE) U6fe8: 0c6b2c000000 WRSEGFLD(0x00000000, FS, BASE) U6fe9: 0c6b2d000000 WRSEGFLD(0x00000000, GS, BASE) U6fea: 0c6b2a000000 WRSEGFLD(0x00000000, SS_USERM, BASE) U6fec: 0c6b23000000 WRSEGFLD(0x00000000, SS, BASE) U6fed: 20423c1c0239 MOVETOCREG_DSZ64(tmp9, 0x73c) U6fee: 0c6b29000034 WRSEGFLD(tmp4, UNK_SEG_09, BASE) U6ff0: 0c6b22000034 WRSEGFLD(tmp4, CS, BASE) U6ff1: 0c6b4900003a WRSEGFLD(tmp10, UNK_SEG_09, FLGS) U6ff2: 0c6ba200003a WRSEGFLD(tmp10, CS, SEL+FLGS+LIM) U6ff4: 29a2f51c033a MOVETOCREG_SHR_DSZ64(tmp10, 0x00000010, 0x7f5) U6ff5: 00429e1c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x79e) U6ff6: 000501039008 tmp9:= SUB_DSZ32(0x00000001) U6ff8: 004210100239 MOVETOCREG_DSZ64(tmp9, 0x410) U6ff9: 0042001c0200 MOVETOCREG_DSZ64(0x00000000, 0x700) U6ffa: 00428e1c0234 SYNCMARK-> MOVETOCREG_DSZ64(tmp4, 0x78e) U6ffc: 0001147bbec9 tmp11:= OR_DSZ32(0x00003e14, tmp11) U6ffd: 000a0483a200 tmp10:= TESTUSTATE(UCODE, !0x0004) 019d0c40 ? SEQW GOTO U1d0c U6ffe: 20635c039200 tmp9:= READURAM(0x005c, 64) U7000: 000700239239 tmp9:= NOTAND_DSZ32(tmp9, 0x00000800) U7001: 00070003bef9 tmp11:= NOTAND_DSZ32(tmp9, tmp11) 019d0d40 SEQW GOTO U1d0d ------------------------------------------------------------------------------------ U7002: 06a04d03b000 tmp11:= unk_6a0(0x00000000) U7004: 06a04803c000 tmp12:= unk_6a0(0x00000000) U7005: 04950003af39 tmm2:= unk_495(tmm1, tmm4) U7006: 000846035010 tmp5:= ZEROEXT_DSZ32(0x0000ffff) U7008: 07c20003aeb5 tmm2:= unk_7c2(mm5, tmm2) U7009: 07c20003bef5 tmm3:= unk_7c2(mm5, tmm3) U700a: 06e10003aefa tmm2:= unk_6e1(tmm2, tmm3) U700c: 07c20003ae80 tmm2:= unk_7c2(tmm2) U700d: 068c00039eb9 tmm1:= unk_68c(tmm1, tmm2) U700e: 06a04e03b000 tmp11:= unk_6a0(0x00000000) U7010: 06a04903c000 tmp12:= unk_6a0(0x00000000) U7011: 04950003af39 tmm2:= unk_495(tmm1, tmm4) U7012: 07c20003aeb5 tmm2:= unk_7c2(mm5, tmm2) U7014: 07c20003bef5 tmm3:= unk_7c2(mm5, tmm3) U7015: 06e10003aefa tmm2:= unk_6e1(tmm2, tmm3) U7016: 07c20003ae80 tmm2:= unk_7c2(tmm2) U7018: 068c00039eb9 tmm1:= unk_68c(tmm1, tmm2) U7019: 0004f0031c08 tmp1:= AND_DSZ32(0x000000f0, tmp0) U701a: 002503032231 tmp2:= SHR_DSZ32(tmp1, 0x00000003) U701c: 002502033231 tmp3:= SHR_DSZ32(tmp1, 0x00000002) U701d: 000000031cb3 tmp1:= ADD_DSZ32(tmp3, tmp2) U701e: 000500033c31 tmp3:= SUB_DSZ32(tmp1, tmp0) U7020: 06a04f03b000 tmp11:= unk_6a0(0x00000000) U7021: 06a04a03c000 tmp12:= unk_6a0(0x00000000) U7022: 04950003af39 tmm2:= unk_495(tmm1, tmm4) U7024: 07c20003aeb5 tmm2:= unk_7c2(mm5, tmm2) U7025: 07c20003bef5 tmm3:= unk_7c2(mm5, tmm3) U7026: 06e10003aefa tmm2:= unk_6e1(tmm2, tmm3) U7028: 07c20003ae80 tmm2:= unk_7c2(tmm2) U7029: 068c00039eb9 tmm1:= unk_68c(tmm1, tmm2) U702a: 06a05003b000 tmp11:= unk_6a0(0x00000000) U702c: 06a04b03c000 tmp12:= unk_6a0(0x00000000) U702d: 04950003af39 tmm2:= unk_495(tmm1, tmm4) U702e: 07c20003aeb5 tmm2:= unk_7c2(mm5, tmm2) U7030: 07c20003bef5 tmm3:= unk_7c2(mm5, tmm3) U7031: 06e10003aefa tmm2:= unk_6e1(tmm2, tmm3) U7032: 07c20003ae80 tmm2:= unk_7c2(tmm2) U7034: 068c00039eb9 tmm1:= unk_68c(tmm1, tmm2) U7035: 0151364002f0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U7036) 01f04140 SEQW GOTO U7041 ------------------------------------------------------------------------------------ U7036: 006435033233 tmp3:= SHL_DSZ64(tmp3, 0x00000035) U7038: 07440003d033 tmm5:= unk_744(mm3) U7039: 06a05103b000 tmp11:= unk_6a0(0x00000000) U703a: 07c20003df75 tmm5:= unk_7c2(mm5, tmm5) U703c: 07c20003bef5 tmm3:= unk_7c2(mm5, tmm3) U703d: 06e10003aefd tmm2:= unk_6e1(tmm5, tmm3) U703e: 07c20003ae80 tmm2:= unk_7c2(tmm2) U7040: 068800039eb9 tmm1:= unk_688(tmm1, tmm2) U7041: 000859035010 tmp5:= ZEROEXT_DSZ32(0x0001003e) U7042: 07c200039e75 tmm1:= unk_7c2(mm5, tmm1) U7044: 00250f033236 tmp3:= SHR_DSZ32(tmp6, 0x0000000f) U7045: 070200039e73 tmm1:= unk_702(mm3, tmm1) U7046: 069d00039e40 tmm1:= unk_69d(tmm1) U7048: 04b47d809e40 mm7:= FMOV(tmm1) 0197ec00 SEQW GOTO uend ------------------------------------------------------------------------------------ U7049: 072f00038039 tmm0:= unk_72f(tmm1) U704a: 0004ee07fe10 tmp15:= AND_DSZ32(0x7ffff000, tmp8) U704c: 0151804c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3380) U704d: 0004ff1f9e08 tmp9:= AND_DSZ32(0x000007ff, tmp8) U704e: 03e50103fe48 tmp15:= unk_3e5(0x00000001, tmp9) U7050: 0150804c027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U3380) U7051: 03e50403fe48 tmp15:= unk_3e5(0x00000004, tmp9) U7052: 03e50203ffc8 tmp15:= unk_3e5(0x00000002, tmp15) U7054: 017e00038ff8 tmp8:= MOVEMERGEFLGS_DSZ64(tmp8, tmp15) U7055: 03e50203fe48 tmp15:= unk_3e5(0x00000002, tmp9) U7056: 00c502030239 tmp0:= SUB_DSZ8(tmp9, 0x00000002) U7058: 01310003fc3f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, tmp0) U7059: 3929800c003f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000000, U3380) U705a: 00c800030039 tmp0:= ZEROEXT_DSZ8(tmp9) U705c: 03e50703fe48 tmp15:= unk_3e5(0x00000007, tmp9) U705d: 100a80800200 TESTUSTATE(SYS, !UST_VMX_GUEST) 01f06040 ? SEQW GOTO U7060 U705e: 000101030c08 tmp0:= OR_DSZ32(0x00000001, tmp0) U7060: 01310003fc3f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, tmp0) U7061: 3929800c003f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000000, U3380) U7062: 00c508030e48 tmp0:= SUB_DSZ8(0x00000008, tmp9) U7064: 01f800035030 tmp5:= SETCC_CONDZ(tmp0) U7065: 00c50a030e48 tmp0:= SUB_DSZ8(0x0000000a, tmp9) U7066: 00c504030c08 tmp0:= SUB_DSZ8(0x00000004, tmp0) U7068: 01fa00030030 tmp0:= SETCC_CONDBE(tmp0) U7069: 000100035d70 tmp5:= OR_DSZ32(tmp0, tmp5) U706a: 00c511030e48 tmp0:= SUB_DSZ8(0x00000011, tmp9) U706c: 01f800030030 tmp0:= SETCC_CONDZ(tmp0) U706d: 000100035d70 tmp5:= OR_DSZ32(tmp0, tmp5) U706e: 03e50303fe48 tmp15:= unk_3e5(0x00000003, tmp9) U7070: 013100030e7f tmp0:= SELECTCC_DSZ32_CONDNZ(tmp15, tmp9) U7071: 00c4e07f0c1f tmp0:= AND_DSZ8(0xffffffffffffffe0, tmp0) U7072: 0151804c0270 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U3380) U7074: 013100035d7f tmp5:= SELECTCC_DSZ32_CONDNZ(tmp15, tmp5) U7075: 000400239e08 tmp9:= AND_DSZ32(0x00000800, tmp8) U7076: 00250b039239 tmp9:= SHR_DSZ32(tmp9, 0x0000000b) U7078: 013000030e7f tmp0:= SELECTCC_DSZ32_CONDZ(tmp15, tmp9) U7079: 3929800c0030 CMPUJNZ_DIRECT_NOTTAKEN(tmp0, 0x00000000, U3380) U707a: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01f08180 ? SEQW GOTO U7081 U707c: 00070103f23a tmp15:= NOTAND_DSZ32(tmp10, 0x00000001) U707d: 005427033233 tmp3:= BT_DSZ64(tmp3, 0x00000027) U707e: 00730003fff3 tmp15:= SELECTCC_DSZ64_CONDNB(tmp3, tmp15) U7080: 000700035d7f tmp5:= NOTAND_DSZ32(tmp15, tmp5) U7081: 3929800c0e75 CMPUJNZ_DIRECT_NOTTAKEN(tmp5, tmp9, U3380) U7082: 0e2500035f09 tmp5:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x00000100) U7084: 013000035d79 tmp5:= SELECTCC_DSZ32_CONDZ(tmp9, tmp5) U7085: 0004410bfd50 tmp15:= AND_DSZ32(0xffff0000, tmp5) U7086: 0151804c027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U3380) U7088: 0e25c8030f0a tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp12, 0x000002c8) U7089: 00050f03fc08 tmp15:= SUB_DSZ32(0x0000000f, tmp0) U708a: 01fb0003f03f tmp15:= SETCC_CONDNBE(tmp15) U708c: 01330003fff8 tmp15:= SELECTCC_DSZ32_CONDNBE(tmp8, tmp15) U708d: 3929800c003f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000000, U3380) U708e: 013300030c38 LFNCEMARK-> tmp0:= SELECTCC_DSZ32_CONDNBE(tmp8, tmp0) U7090: 00a100030d70 tmp0:= CONCAT_DSZ16(tmp0, tmp5) U7091: 20430a000230 WRITEURAM(tmp0, 0x000a, 64) 05713e40 SEQW GOTO U713e ------------------------------------------------------------------------------------ U7092: 29028c134634 LFNCEMARK-> tmp4:= MOVETOCREG_OR_DSZ64(tmp4, 0x00000020, 0x48c) U7094: 000420031d48 tmp1:= AND_DSZ32(0x00000020, tmp5) U7095: 0150964002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U7096) 01f09940 SEQW GOTO U7099 ------------------------------------------------------------------------------------ U7096: 00812a031d10 tmp1:= OR_DSZ16(0x00008080, tmp4) U7098: 00428c100231 LFNCEMARK-> MOVETOCREG_DSZ64(tmp1, 0x48c) U7099: 04960003ce79 tmm4:= unk_496(tmm1, tmm1) U709a: 04960003de38 tmm5:= unk_496(tmm0, tmm0) U709c: 068a0003ff7c tmp15:= FCOM2(tmp12, tmp13) U709d: 04960003ae78 tmm2:= unk_496(tmm0, tmm1) U709e: 072a0003903a tmm1:= unk_72a(tmm2) U70a0: 076a0003703f mm7:= unk_76a(tmm7) U70a1: 003d00037037 tmp7:= MOVEINSERTFLGS_DSZ32(tmp7) U70a2: 013201031237 tmp1:= SELECTCC_DSZ32_CONDBE(tmp7, 0x00000001) U70a4: 000600039e71 tmp9:= XOR_DSZ32(tmp1, tmp9) U70a5: 057f0003cf3f tmm4:= unk_57f(tmm7, tmm4) U70a6: 04870003bf7c tmm3:= unk_487(tmm4, tmm5) U70a8: 04860003af7c tmm2:= unk_486(tmm4, tmm5) U70a9: 07ea0003003a mm0:= unk_7ea(tmm2) U70aa: 000005030c08 tmp0:= ADD_DSZ32(0x00000005, tmp0) U70ac: 07c20003ceb0 tmm4:= unk_7c2(mm0, tmm2) U70ad: 06a70003cf3b tmm4:= unk_6a7(tmm3, tmm4) U70ae: 076a0003603c mm6:= unk_76a(tmm4) U70b0: 069d0003cf00 tmm4:= unk_69d(tmm4) U70b1: 07ea0003003b mm0:= unk_7ea(tmm3) U70b2: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U70b4: 07c20003eef0 tmm6:= unk_7c2(mm0, tmm3) U70b5: 068a0003df3e tmp13:= FCOM2(tmp14, tmp12) U70b6: 04940003eec0 tmm6:= unk_494(tmm3) U70b8: 06c90003efbc tmm6:= unk_6c9(tmm4, tmm6) U70b9: 076a0003103d mm1:= unk_76a(tmm5) U70ba: 07430003df31 tmm5:= unk_743(mm1, tmm4) U70bc: 04830003cfbd tmm4:= unk_483(tmm5, tmm6) U70bd: 000401031c48 tmp1:= AND_DSZ32(0x00000001, tmp1) U70be: 000000036db1 tmp6:= ADD_DSZ32(tmp1, tmp6) U70c0: 000502030d88 tmp0:= SUB_DSZ32(0x00000002, tmp6) U70c1: 0350c24002f0 UJMPCC_DIRECT_NOTTAKEN_CONDL(tmp0, U70c2) 01ed1440 SEQW GOTO U6d14 ------------------------------------------------------------------------------------ U70c2: 07020003c039 tmm4:= unk_702(tmm1) U70c4: 04960003af3a tmm2:= unk_496(tmm2, tmm4) U70c5: 06e60003debb tmm5:= unk_6e6(tmm3, tmm2) U70c6: 07ea0003003d mm0:= unk_7ea(tmm5) U70c8: 00053f030c10 tmp0:= SUB_DSZ32(0x0000ffd7, tmp0) U70c9: 0250746c02b0 UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp0, U5b74) U70ca: 06610003af7d tmm2:= unk_661(tmm5, tmm5) U70cc: 06e10003beba tmm3:= unk_6e1(tmm2, tmm2) U70cd: 06a01b03f000 tmp15:= unk_6a0(0x00000000) U70ce: 06a01a03e000 tmp14:= unk_6a0(0x00000000) U70d0: 06e10003cffb tmm4:= unk_6e1(tmm3, tmm7) U70d1: 06a01903f000 tmp15:= unk_6a0(0x00000000) U70d2: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U70d4: 06490003cf3f tmm4:= unk_649(tmm7, tmm4) U70d5: 06a01803f000 tmp15:= unk_6a0(0x00000000) U70d6: 06490003efbf tmm6:= unk_649(tmm7, tmm6) U70d8: 06e10003cf3b tmm4:= unk_6e1(tmm3, tmm4) U70d9: 06a01703f000 tmp15:= unk_6a0(0x00000000) U70da: 06e10003efbb tmm6:= unk_6e1(tmm3, tmm6) U70dc: 06c90003cf3f tmm4:= unk_6c9(tmm7, tmm4) U70dd: 06a01603f000 tmp15:= unk_6a0(0x00000000) U70de: 06c90003efbf tmm6:= unk_6c9(tmm7, tmm6) U70e0: 06e10003cebc tmm4:= unk_6e1(tmm4, tmm2) U70e1: 06e10003febd tmm7:= unk_6e1(tmm5, tmm2) U70e2: 06490003cfbc tmm4:= unk_649(tmm4, tmm6) U70e4: 06e10003cf3f tmm4:= unk_6e1(tmm7, tmm4) 01ed3900 SEQW GOTO U6d39 ------------------------------------------------------------------------------------ U70e5: 000800030008 tmp0:= ZEROEXT_DSZ32(0x00000000) U70e6: 0e6d00040e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000100, mode=0x01, 0x00000000) U70e8: 0e6d08040e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000108, mode=0x01, 0x00000000) U70e9: 0e6d10040e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000110, mode=0x01, 0x00000000) U70ea: 0e7580030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x00000080) U70ec: 0e6d18070e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000118, mode=0x01, tmp0) U70ed: 0e75a0030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000a0) U70ee: 0e6d20070e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000120, mode=0x01, tmp0) U70f0: 0e75c0030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000c0) U70f1: 0e6d28070e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000128, mode=0x01, tmp0) U70f2: 0e75e0030008 tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(0x000000e0) U70f4: 0e6d30070e09 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000130, mode=0x01, tmp0) U70f5: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) U70f6: 0e6d10070e08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000010, mode=0x01, tmp0) U70f8: 0e7d40070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000140, tmp0) U70f9: 0062f81f0200 LFNCEMARK-> tmp0:= MOVEFROMCREG_DSZ64(0x7f8) U70fa: 1062f91f1240 tmp1:= MOVEFROMCREG_DSZ64(0x7f9, 32) U70fc: 2042f81c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f8) U70fd: 3042f91c0240 MOVETOCREG_DSZ64(0x00000000, 0x7f9, 32) U70fe: 002100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U7100: 0e7d40030008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000040, tmp0) U7101: 10620f0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x20f, 32) U7102: 30420f080240 MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U7104: 0e7d20030008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000020, tmp0) U7105: 00635c030200 tmp0:= READURAM(0x005c, 64) U7106: 000400031c09 tmp1:= AND_DSZ32(0x00002000, tmp0) U7108: 000100030c09 tmp0:= OR_DSZ32(0x00002000, tmp0) U7109: 20435c080230 WRITEURAM(tmp0, 0x005c, 32) U710a: 006205070200 tmp0:= MOVEFROMCREG_DSZ64(0x105) U710c: 2a6205c402f0 MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000f, 0x105) U710d: 000400030c0c tmp0:= AND_DSZ32(0x00008000, tmp0) U710e: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U7110: 0062c61f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7c6) U7111: 000100030c31 tmp0:= OR_DSZ32(tmp1, tmp0) U7112: 0062f11f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7f1) U7114: 2042f11c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f1) U7115: 002100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U7116: 0e7d60030008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000060, tmp0) U7118: 00631b030200 tmp0:= READURAM(0x001b, 64) U7119: 0e7d60070008 STADSTGBUF_DSZ64_ASZ16_SC1(0x00000160, tmp0) U711a: 00637003d200 tmp13:= READURAM(0x0070, 64) U711c: 0e7d0003d008 STADSTGBUF_DSZ64_ASZ16_SC1(tmp13) U711d: 0041e203df48 tmp13:= OR_DSZ64(0x000000e2, tmp13) 01d72151 SEQW SAVEUIP0 U711e SEQW GOTO U5721 U711e: 000800030008 tmp0:= ZEROEXT_DSZ32(0x00000000) U7120: 0e6d00070e08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, mode=0x01, tmp0) U7121: 000801030008 tmp0:= ZEROEXT_DSZ32(0x00000001) U7122: 0e6d08070e08 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp8, 0x00000008, mode=0x01, tmp0) U7124: 004040031e08 tmp1:= ADD_DSZ64(0x00000040, tmp8) 01b18e10 SEQW SAVEUIP0 U7125 SEQW GOTO U318e U7125: 0e2534076032 tmp6:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000034, mode=0x01) U7126: 004000036cb6 tmp6:= ADD_DSZ64(tmp6, tmp2) U7128: 0e252407d032 tmp13:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp2, 0x00000024, mode=0x01) U7129: 004000036dbd tmp6:= ADD_DSZ64(tmp13, tmp6) U712a: 000803030008 tmp0:= ZEROEXT_DSZ32(0x00000003) U712c: 2042c61c0230 MOVETOCREG_DSZ64(tmp0, 0x7c6) U712d: 006353030200 tmp0:= READURAM(0x0053, 64) U712e: 005506030230 tmp0:= BTS_DSZ64(tmp0, 0x00000006) U7130: 204353000230 WRITEURAM(tmp0, 0x0053, 64) U7131: 296207000280 MOVETOCREG_BTS_DSZ64(0x00000008, 0x007) U7132: 00428e1c0200 LFNCEWAIT-> MOVETOCREG_DSZ64(0x00000000, 0x78e) U7134: 213f00000000 unk_13f(0x00000000) U7135: 0042fe1c0200 MOVETOCREG_DSZ64(0x00000000, CORE_CR_EFLAGS) U7136: 0047ff027e08 rdi:= NOTAND_DSZ64(0x000000ff, tmp8) U7138: 0040004249c8 rsp:= ADD_DSZ64(0x00001000, rdi) 01993600 SEQW GOTO U1936 ------------------------------------------------------------------------------------ U7139: 00480003b03d tmp11:= ZEROEXT_DSZ64(tmp13) U713a: 004800033030 tmp3:= ZEROEXT_DSZ64(tmp0) U713c: 076f0003a03f tmm2:= unk_76f(tmm7) U713d: 000a08800200 TESTUSTATE(UCODE, !0x0008) 05704940 ? SEQW GOTO U7049 U713e: 204343000233 LFNCEMARK-> WRITEURAM(tmp3, 0x0043, 64) U7140: 0009157ff00a tmp15:= MOVE_DSZ32(0x00005f15) U7141: 20432c08023f WRITEURAM(tmp15, 0x002c, 32) U7142: 004800030033 tmp0:= ZEROEXT_DSZ64(tmp3) U7144: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01f14800 ? SEQW GOTO U7148 U7145: 00634c031200 tmp1:= READURAM(0x004c, 64) U7146: 004100030cf1 tmp0:= OR_DSZ64(tmp1, tmp3) U7148: 20430b00023c WRITEURAM(tmp12, 0x000b, 64) U7149: 00250103f230 tmp15:= SHR_DSZ32(tmp0, 0x00000001) U714a: 000402039fc8 tmp9:= AND_DSZ32(0x00000002, tmp15) U714c: 20634a03f200 tmp15:= READURAM(0x004a, 64) U714d: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U714e: 000100039e7f tmp9:= OR_DSZ32(tmp15, tmp9) U7150: 00251803f230 tmp15:= SHR_DSZ32(tmp0, 0x00000018) U7151: 00040803ffc8 tmp15:= AND_DSZ32(0x00000008, tmp15) U7152: 000100039e7f tmp9:= OR_DSZ32(tmp15, tmp9) U7154: 006537035230 tmp5:= SHR_DSZ64(tmp0, 0x00000037) U7155: 00040103fd48 tmp15:= AND_DSZ32(0x00000001, tmp5) U7156: 000100039e7f tmp9:= OR_DSZ32(tmp15, tmp9) U7158: 00251403f230 tmp15:= SHR_DSZ32(tmp0, 0x00000014) U7159: 00040403ffc8 tmp15:= AND_DSZ32(0x00000004, tmp15) U715a: 000100039e7f tmp9:= OR_DSZ32(tmp15, tmp9) U715c: 204378080239 WRITEURAM(tmp9, 0x0078, 32) U715d: 006370039200 tmp9:= READURAM(0x0070, 64) U715e: 00042003fd48 tmp15:= AND_DSZ32(0x00000020, tmp5) U7160: 00240503f23f tmp15:= SHL_DSZ32(tmp15, 0x00000005) U7161: 004700039e7f tmp9:= NOTAND_DSZ64(tmp15, tmp9) U7162: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01f17480 ? SEQW GOTO U7174 U7164: 0e255c03feca tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, 0x0000025c) U7165: 0004e003ffd0 tmp15:= AND_DSZ32(0x001fffff, tmp15) U7166: 00642a03d23f tmp13:= SHL_DSZ64(tmp15, 0x0000002a) U7168: 00410003fffd tmp15:= OR_DSZ64(tmp13, tmp15) U7169: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01f16d40 ? SEQW GOTO U716d U716a: 00631403d200 tmp13:= READURAM(0x0014, 64) U716c: 00410003ff7f tmp15:= OR_DSZ64(tmp15, tmp13) U716d: 00431400023f LFNCEWAIT-> WRITEURAM(tmp15, 0x0014, 64) U716e: 00540a03f236 tmp15:= BT_DSZ64(tmp6, 0x0000000a) U7170: 00320043f23f tmp15:= SELECTCC_DSZ32_CONDB(tmp15, 0x00001000) U7171: 0047b0039e7f ROVR<- tmp9:= NOTAND_DSZ64(tmp15, tmp9) 01d7315d SEQW SAVEUIP1 U7172 SEQW GOTO U5731 U7172: 00631003e200 tmp14:= READURAM(0x0010, 64) U7174: 00083703d008 tmp13:= ZEROEXT_DSZ32(0x00000037) U7175: 00420b00023d LFNCEWAIT-> MOVETOCREG_DSZ64(tmp13, 0x00b) U7176: 0004000bdd88 tmp13:= AND_DSZ32(0x00000200, tmp6) U7178: 00434f000239 WRITEURAM(tmp9, 0x004f, 64) U7179: 006357031200 tmp1:= READURAM(0x0057, 64) U717a: 20435700023b WRITEURAM(tmp11, 0x0057, 64) U717c: 0e6db8031f0a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000002b8, tmp1) U717d: 0e6518030f0a tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x00000218) U717e: 204346000230 WRITEURAM(tmp0, 0x0046, 64) U7180: 00541f03a23a tmp10:= BT_DSZ64(tmp10, 0x0000001f) U7181: 00fb0003103a tmp1:= SETCC_CONDNB(tmp10) U7182: 017100032cfd tmp2:= SELECTCC_DSZ64_CONDNZ(tmp13, tmp3) U7184: 006527032232 tmp2:= SHR_DSZ64(tmp2, 0x00000027) U7185: 000400031c72 tmp1:= AND_DSZ32(tmp2, tmp1) U7186: 0008f3072010 tmp2:= ZEROEXT_DSZ32(0x80000021) U7188: 0021ff7f2c9f tmp2:= CONCAT_DSZ32(0xffffffffffffffff, tmp2) U7189: 004700032cb1 tmp2:= NOTAND_DSZ64(tmp1, tmp2) U718a: 013e20031c48 tmp1:= MOVEMERGEFLGS_DSZ32(0x00000020, tmp1) U718c: 0135f3071431 tmp1:= CMOVCC_DSZ32_CONDNZ(tmp1, 0x80000021) U718d: 004400032cba tmp2:= AND_DSZ64(tmp10, tmp2) U718e: 2929153d0c72 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, tmp1, U5f15) U7190: 0e65a8035f08 LFNCEMARK-> tmp5:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp12, 0x000000a8) U7191: 004229140235 MOVETOCREG_DSZ64(tmp5, 0x529) U7192: 000a00100200 TESTUSTATE(UCODE, 0x0400) 046afd80 ? SEQW GOTO U6afd U7194: 000d219c0000 SAVEUIP_REGOVR(0x01, U7195, 0x0721) U7195: 004ca11772f5 tmp7:= SAVEUIP(tmp5, 0x00, U65a1) U7196: 000c44fc0280 SAVEUIP(0x01, U5f44) 01dca080 SEQW GOTO U5ca0 ------------------------------------------------------------------------------------ U7198: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U7199: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U719a: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U719c: 386b9a05023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U719a) U719d: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U719e: 386ba0c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71a0) 09719d80 SEQW GOTO U719d ------------------------------------------------------------------------------------ U71a0: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U71a1: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71a2: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U71a4: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71a5: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71a6: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71a8: 386ba9c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71a9) 0871a600 SEQW GOTO U71a6 ------------------------------------------------------------------------------------ U71a9: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U71aa: 00e10603ffc8 tmp15:= CONCAT_DSZ8(0x00000006, tmp15) U71ac: 00a1c003ffc8 tmp15:= CONCAT_DSZ16(0x000000c0, tmp15) U71ad: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71ae: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U71b0: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71b1: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71b2: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71b4: 386bb5c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71b5) 0871b200 SEQW GOTO U71b2 ------------------------------------------------------------------------------------ U71b5: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U71b6: 00000403ffc8 tmp15:= ADD_DSZ32(0x00000004, tmp15) U71b8: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71b9: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U71ba: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71bc: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71bd: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71be: 386bc0c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71c0) 0971bd80 SEQW GOTO U71bd ------------------------------------------------------------------------------------ U71c0: 00480003f014 tmp15:= ZEROEXT_DSZ64(tmpv0) U71c1: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U71c2: 002d1003f23f tmp15:= ROR_DSZ32(tmp15, 0x00000010) U71c4: 0007ff03ffc8 tmp15:= NOTAND_DSZ32(0x000000ff, tmp15) U71c5: 00010f03ffc8 tmp15:= OR_DSZ32(0x0000000f, tmp15) U71c6: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71c8: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U71c9: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71ca: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71cc: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71cd: 386bcec503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71ce) 08f1cc40 SEQW GOTO U71cc ------------------------------------------------------------------------------------ U71ce: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U71d0: 00000803ffc8 tmp15:= ADD_DSZ32(0x00000008, tmp15) U71d1: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71d2: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U71d4: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71d5: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71d6: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71d8: 386bd9c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71d9) 0871d600 SEQW GOTO U71d6 ------------------------------------------------------------------------------------ U71d9: 00080003f014 tmp15:= ZEROEXT_DSZ32(tmpv0) U71da: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71dc: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U71dd: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71de: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71e0: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71e1: 386be2c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71e2) 08f1e040 SEQW GOTO U71e0 ------------------------------------------------------------------------------------ U71e2: 00080003f000 tmp15:= ZEROEXT_DSZ32(0x00000000) U71e4: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71e5: 00081903f008 tmp15:= ZEROEXT_DSZ32(0x00000019) U71e6: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71e8: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71e9: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71ea: 386becc503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71ec) 0971e980 SEQW GOTO U71e9 ------------------------------------------------------------------------------------ U71ec: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U71ed: 00000c03ffc8 tmp15:= ADD_DSZ32(0x0000000c, tmp15) U71ee: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U71f0: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U71f1: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U71f2: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U71f4: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71f5: 386bf6c503ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U71f6) 08f1f44e SEQW GOTO U71f4 ------------------------------------------------------------------------------------ U71f6: 2d0ba0015008 tmpv1:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) 08f1f44e SEQW URET1 ------------------------------------------------------------------------------------ U71f8: 00080203f008 tmp15:= ZEROEXT_DSZ32(0x00000002) U71f9: 2d0f5c03f008 PORTOUT_DSZ32_ASZ16_SC1(0x0000005c, tmp15) U71fa: 2d0b5c03f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x0000005c) U71fc: 386bfa05023f BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, U71fa) U71fd: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U71fe: 386b00c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7200) 0971fd80 SEQW GOTO U71fd ------------------------------------------------------------------------------------ U7200: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U7201: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7202: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U7204: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U7205: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U7206: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U7208: 386b09c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7209) 08720600 SEQW GOTO U7206 ------------------------------------------------------------------------------------ U7209: 00653003f214 tmp15:= SHR_DSZ64(tmpv0, 0x00000030) U720a: 00e10703ffc8 tmp15:= CONCAT_DSZ8(0x00000007, tmp15) U720c: 00a1c003ffca tmp15:= CONCAT_DSZ16(0x000040c0, tmp15) U720d: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U720e: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U7210: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U7211: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U7212: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U7214: 386b15c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7215) 08721200 SEQW GOTO U7212 ------------------------------------------------------------------------------------ U7215: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U7216: 00000403ffc8 tmp15:= ADD_DSZ32(0x00000004, tmp15) U7218: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7219: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U721a: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U721c: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U721d: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U721e: 386b20c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7220) 09721d80 SEQW GOTO U721d ------------------------------------------------------------------------------------ U7220: 00480003f014 tmp15:= ZEROEXT_DSZ64(tmpv0) U7221: 00652003f23f tmp15:= SHR_DSZ64(tmp15, 0x00000020) U7222: 002d1003f23f tmp15:= ROR_DSZ32(tmp15, 0x00000010) U7224: 0007ff03ffc8 tmp15:= NOTAND_DSZ32(0x000000ff, tmp15) U7225: 00010f03ffc8 tmp15:= OR_DSZ32(0x0000000f, tmp15) U7226: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7228: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U7229: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U722a: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U722c: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U722d: 386b2ec903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U722e) 08f22c40 SEQW GOTO U722c ------------------------------------------------------------------------------------ U722e: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U7230: 00000803ffc8 tmp15:= ADD_DSZ32(0x00000008, tmp15) U7231: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7232: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U7234: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U7235: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U7236: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U7238: 386b39c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7239) 08723600 SEQW GOTO U7236 ------------------------------------------------------------------------------------ U7239: 00080003f014 tmp15:= ZEROEXT_DSZ32(tmpv0) U723a: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U723c: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U723d: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U723e: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U7240: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U7241: 386b42c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7242) 08f24040 SEQW GOTO U7240 ------------------------------------------------------------------------------------ U7242: 2d0bc443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050c4) U7244: 00000c03ffc8 tmp15:= ADD_DSZ32(0x0000000c, tmp15) U7245: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7246: 00080503f008 tmp15:= ZEROEXT_DSZ32(0x00000005) U7248: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U7249: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U724a: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U724c: 386b4dc903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U724d) 08724a00 SEQW GOTO U724a ------------------------------------------------------------------------------------ U724d: 00080003f015 tmp15:= ZEROEXT_DSZ32(tmpv1) U724e: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7250: 00080703f008 tmp15:= ZEROEXT_DSZ32(0x00000007) U7251: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U7252: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U7254: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U7255: 386b56c903ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7256) 08f25440 SEQW GOTO U7254 ------------------------------------------------------------------------------------ U7256: 00080003f000 tmp15:= ZEROEXT_DSZ32(0x00000000) U7258: 2d0fa003f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a0, tmp15) U7259: 00081903f008 tmp15:= ZEROEXT_DSZ32(0x00000019) U725a: 00151f03f23f tmp15:= BTS_DSZ32(tmp15, 0x0000001f) U725c: 2d0fa403f008 PORTOUT_DSZ32_ASZ16_SC1(0x000000a4, tmp15) U725d: 2d0ba403f008 tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000000a4) U725e: 086b8ed803ff SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U068e) 09725d80 SEQW GOTO U725d ------------------------------------------------------------------------------------ U7260: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U7261: 000a10000200 SYNCWAIT-> TESTUSTATE(UCODE, 0x0010) 0af26940 ? SEQW GOTO U7269 U7262: 01080083e010 tmp14:= READUIP_REGOVR(0x01) U7264: 0062f81f5200 tmp5:= MOVEFROMCREG_DSZ64(0x7f8) U7265: 0e6d80735e48 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000080, mode=0x1c, tmp5) U7266: 1062f91f5240 tmp5:= MOVEFROMCREG_DSZ64(0x7f9, 32) U7268: 0e6de8735e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002e8, mode=0x1c, tmp5) U7269: 0e6d80731e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000280, mode=0x1c, tmp1) U726a: 0062fe1f6200 tmp6:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U726c: 00040043fc08 tmp15:= AND_DSZ32(0x00001000, tmp0) U726d: 002100032cb4 tmp2:= CONCAT_DSZ32(tmp4, tmp2) U726e: 017000032cbf tmp2:= SELECTCC_DSZ64_CONDZ(tmp15, tmp2) U7270: 0e6d40732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000240, mode=0x1c, tmp2) U7271: 006270034200 tmp4:= MOVEFROMCREG_DSZ64(0x070) U7272: 00620403b200 LFNCEMARK-> tmp11:= MOVEFROMCREG_DSZ64(0x004) U7274: 006346031200 tmp1:= READURAM(0x0046, 64) U7275: 00551f031231 tmp1:= BTS_DSZ64(tmp1, 0x0000001f) U7276: 00141503f23a tmp15:= BT_DSZ32(tmp10, 0x00000015) U7278: 007300031c7f tmp1:= SELECTCC_DSZ64_CONDNB(tmp15, tmp1) U7279: 0e6d48731e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000248, mode=0x1c, tmp1) U727a: 00540a031231 tmp1:= BT_DSZ64(tmp1, 0x0000000a) U727c: 006309032200 tmp2:= READURAM(0x0009, 64) U727d: 00141503f230 tmp15:= BT_DSZ32(tmp0, 0x00000015) U727e: 00330003fcbf tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp2) U7280: 013e00032c72 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp1) U7281: 006265031200 tmp1:= MOVEFROMCREG_DSZ64(0x065) U7282: 007600032c72 tmp2:= CMOVCC_DSZ64_CONDB(tmp2, tmp1) U7284: 017500032cbf tmp2:= CMOVCC_DSZ64_CONDNZ(tmp15, tmp2) U7285: 00652b03f233 tmp15:= SHR_DSZ64(tmp3, 0x0000002b) U7286: 0004807fffc8 tmp15:= AND_DSZ32(0x00001f80, tmp15) U7288: 0007847f3ccb tmp3:= NOTAND_DSZ32(0x00007f84, tmp3) U7289: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U728a: 00a14023f008 tmp15:= CONCAT_DSZ16(0x00000840) U728c: 000600033cff tmp3:= XOR_DSZ32(tmp15, tmp3) U728d: 00040013fc08 tmp15:= AND_DSZ32(0x00000400, tmp0) U728e: 013000033cff tmp3:= SELECTCC_DSZ32_CONDZ(tmp15, tmp3) U7290: 002100033cb3 tmp3:= CONCAT_DSZ32(tmp3, tmp2) U7291: 0e6d50733e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000250, mode=0x1c, tmp3) U7292: 006356032200 tmp2:= READURAM(0x0056, 64) U7294: 0e6d18732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000218, mode=0x1c, tmp2) U7295: 0e25fc732e48 tmp2:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000fc, mode=0x1c) U7296: 0007f0072c90 tmp2:= NOTAND_DSZ32(0x80000000, tmp2) U7298: 0e2dfc732e48 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000000fc, mode=0x1c, tmp2) U7299: 00633e032200 tmp2:= READURAM(0x003e, 64) U729a: 0e6da8732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002a8, mode=0x1c, tmp2) U729c: 00630a032200 tmp2:= READURAM(0x000a, 64) U729d: 0e6d88732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000288, mode=0x1c, tmp2) U729e: 006309032200 tmp2:= READURAM(0x0009, 64) U72a0: 0e6d90732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000290, mode=0x1c, tmp2) U72a1: 00630b032200 tmp2:= READURAM(0x000b, 64) U72a2: 0e6d98732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000298, mode=0x1c, tmp2) U72a4: 00636e032200 tmp2:= READURAM(0x006e, 64) U72a5: 0e6da0732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002a0, mode=0x1c, tmp2) U72a6: 000401033d08 tmp3:= AND_DSZ32(0x00000001, tmp4) U72a8: 00240e033233 tmp3:= SHL_DSZ32(tmp3, 0x0000000e) U72a9: 00040403fd08 tmp15:= AND_DSZ32(0x00000004, tmp4) U72aa: 00240a03f23f tmp15:= SHL_DSZ32(tmp15, 0x0000000a) U72ac: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U72ad: 00621c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x01c) U72ae: 000100033cff tmp3:= OR_DSZ32(tmp15, tmp3) U72b0: 00140b032230 tmp2:= BT_DSZ32(tmp0, 0x0000000b) U72b1: 0033ff7f27f2 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0xffffffffffffffff) U72b2: 00140203f23b tmp15:= BT_DSZ32(tmp11, 0x00000002) U72b4: 0033ff7ff7ff tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, 0xffffffffffffffff) U72b5: 000100032cbf tmp2:= OR_DSZ32(tmp15, tmp2) U72b6: 000400032cf2 tmp2:= AND_DSZ32(tmp2, tmp3) U72b8: 0e6db0733e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002b0, mode=0x1c, tmp3) U72b9: 0e6dd0732e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x000002d0, mode=0x1c, tmp2) U72ba: 238000036d80 tmp6:= READAFLAGS(tmp6) U72bc: 0e6d70736e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000270, mode=0x1c, tmp6) U72bd: 0e6d78736e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000278, mode=0x1c, tmp6) U72be: 00631f036200 tmp6:= READURAM(0x001f, 64) U72c0: 000407032d88 tmp2:= AND_DSZ32(0x00000007, tmp6) U72c1: 0e2dd4732e49 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp9, 0x000001d4, mode=0x1c, tmp2) U72c2: 0e6d60724e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000260, mode=0x1c, rsp) U72c4: 00621a033200 tmp3:= MOVEFROMCREG_DSZ64(0x01a) U72c5: 006267032200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U72c6: 004100031c40 tmp1:= OR_DSZ64(0x00000000, tmp1) U72c8: 017e00033c73 tmp3:= MOVEMERGEFLGS_DSZ64(tmp3, tmp1) U72c9: 017500033cb3 tmp3:= CMOVCC_DSZ64_CONDNZ(tmp3, tmp2) U72ca: 104500031cf1 tmp1:= SUB_DSZN(tmp1, tmp3) U72cc: 00040003fc09 tmp15:= AND_DSZ32(0x00002000, tmp0) U72cd: 017e00032ff2 tmp2:= MOVEMERGEFLGS_DSZ64(tmp2, tmp15) U72ce: 017500032c72 tmp2:= CMOVCC_DSZ64_CONDNZ(tmp2, tmp1) U72d0: 0c4bc027f000 tmp15:= RDSEGFLD(UNK_SEG_09, UNK_FLD_0c) U72d1: 104500033cbf tmp3:= SUB_DSZN(tmp15, tmp2) U72d2: 0e6d68733e4a STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp9, 0x00000268, mode=0x1c, tmp3) U72d4: 00070c03fec8 tmp15:= NOTAND_DSZ32(0x0000000c, tmp11) U72d5: 013e0003bebb tmp11:= MOVEMERGEFLGS_DSZ32(tmp11, tmp10) U72d6: 00370003fffb tmp15:= CMOVCC_DSZ32_CONDNB(tmp11, tmp15) U72d8: 00071303ffc8 tmp15:= NOTAND_DSZ32(0x00000013, tmp15) U72d9: 00420400023f LFNCEWAIT-> MOVETOCREG_DSZ64(tmp15, 0x004) 028000cd SEQW URET1 ------------------------------------------------------------------------------------ U72da: 0004100ffc48 tmp15:= AND_DSZ32(0x00000310, tmp1) U72dc: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U72dd: 004800033030 tmp3:= ZEROEXT_DSZ64(tmp0) U72de: 00480003b03d tmp11:= ZEROEXT_DSZ64(tmp13) U72e0: 00480003d038 tmp13:= ZEROEXT_DSZ64(tmp8) U72e1: 0e25c4030ec9 tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp11, 0x000001c4) U72e2: 00050403fc08 tmp15:= SUB_DSZ32(0x00000004, tmp0) U72e4: 01539120027f UJMPCC_DIRECT_NOTTAKEN_CONDNBE(tmp15, U2891) U72e5: 002100030030 tmp0:= CONCAT_DSZ32(tmp0) U72e6: 000db0800300 SAVEUIP_REGOVR(0x01, U72e8, 0x80b0) 01ddd980 SEQW GOTO U5dd9 U72e8: 00652003f237 tmp15:= SHR_DSZ64(tmp7, 0x00000020) U72e9: 00040003ffcc tmp15:= AND_DSZ32(0x00008000, tmp15) U72ea: 00241003f23f tmp15:= SHL_DSZ32(tmp15, 0x00000010) U72ec: 00241703223d tmp2:= SHL_DSZ32(tmp13, 0x00000017) U72ed: 00010003fff2 tmp15:= OR_DSZ32(tmp2, tmp15) U72ee: 001703031231 tmp1:= BTC_DSZ32(tmp1, 0x00000003) U72f0: 00010003fff1 tmp15:= OR_DSZ32(tmp1, tmp15) U72f1: 002100033cff tmp3:= CONCAT_DSZ32(tmp15, tmp3) U72f2: 0004167fff5f tmp15:= AND_DSZ32(0xffffffffffffff16, tmp13) U72f4: 00051603ffc8 tmp15:= SUB_DSZ32(0x00000016, tmp15) U72f5: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U72f6: 02330003ff77 tmp15:= SELECTCC_DSZ32_CONDNP(tmp7, tmp13) U72f8: 00543f030233 tmp0:= BT_DSZ64(tmp3, 0x0000003f) U72f9: 003200030f70 tmp0:= SELECTCC_DSZ32_CONDB(tmp0, tmp13) U72fa: 00010003fff0 tmp15:= OR_DSZ32(tmp0, tmp15) U72fc: 200a20800200 TESTUSTATE(VMX, !0x0020) 01f2fe00 ? SEQW GOTO U72fe U72fd: 00010003fffd tmp15:= OR_DSZ32(tmp13, tmp15) U72fe: 00048003ffc8 tmp15:= AND_DSZ32(0x00000080, tmp15) U7300: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U7301: 000480030f48 tmp0:= AND_DSZ32(0x00000080, tmp13) U7302: 0ea59c03fecb tmp15:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp11, 0x0000039c) U7304: 01300003fff0 tmp15:= SELECTCC_DSZ32_CONDZ(tmp0, tmp15) U7305: 0087ff03ffc8 tmp15:= NOTAND_DSZ16(0x000000ff, tmp15) U7306: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U7308: 0e659003fecb tmp15:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000390) U7309: 01700003fff0 tmp15:= SELECTCC_DSZ64_CONDZ(tmp0, tmp15) U730a: 00631003e200 tmp14:= READURAM(0x0010, 64) U730c: 0047c03f0f88 tmp0:= NOTAND_DSZ64(0x00000fc0, tmp14) U730d: 00440003fff0 tmp15:= AND_DSZ64(tmp0, tmp15) U730e: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U7310: 000428032f48 tmp2:= AND_DSZ32(0x00000028, tmp13) U7311: 00052003fc88 tmp15:= SUB_DSZ32(0x00000020, tmp2) U7312: 01509120027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U2891) U7314: 000528032c88 tmp2:= SUB_DSZ32(0x00000028, tmp2) U7315: 00141603f233 tmp15:= BT_DSZ32(tmp3, 0x00000016) U7316: 00330003fcbf tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp2) U7318: 19299120003f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000000, U2891) U7319: 001412031231 tmp1:= BT_DSZ32(tmp1, 0x00000012) U731a: 0e65c0039ecb tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x000003c0) U731c: 004325000239 WRITEURAM(tmp9, 0x0025, 64) U731d: 007300039e71 tmp9:= SELECTCC_DSZ64_CONDNB(tmp1, tmp9) U731e: 000400031c4a tmp1:= AND_DSZ32(0x00004000, tmp1) U7320: 0e6580030ecb tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000380) U7321: 00432d000230 WRITEURAM(tmp0, 0x002d, 64) U7322: 017000030c31 tmp0:= SELECTCC_DSZ64_CONDZ(tmp1, tmp0) U7324: 004100030c39 tmp0:= OR_DSZ64(tmp9, tmp0) U7325: 0e6588039ecb tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000388) U7326: 00432e000239 WRITEURAM(tmp9, 0x002e, 64) U7328: 017000039e71 tmp9:= SELECTCC_DSZ64_CONDZ(tmp1, tmp9) U7329: 004100034c39 tmp4:= OR_DSZ64(tmp9, tmp0) U732a: 005419033233 tmp3:= BT_DSZ64(tmp3, 0x00000019) U732c: 0e6518030ec8 tmp0:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000018) U732d: 004315000230 WRITEURAM(tmp0, 0x0015, 64) U732e: 007300030c33 tmp0:= SELECTCC_DSZ64_CONDNB(tmp3, tmp0) U7330: 0e6520039ec8 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000020) U7331: 004316000239 WRITEURAM(tmp9, 0x0016, 64) U7332: 007300039e73 tmp9:= SELECTCC_DSZ64_CONDNB(tmp3, tmp9) U7334: 00541c033233 tmp3:= BT_DSZ64(tmp3, 0x0000001c) U7335: 0e65c0032eca tmp2:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x000002c0) U7336: 00434d000232 WRITEURAM(tmp2, 0x004d, 64) U7338: 007300032cb3 tmp2:= SELECTCC_DSZ64_CONDNB(tmp3, tmp2) U7339: 00410003fd30 tmp15:= OR_DSZ64(tmp0, tmp4) U733a: 00410003fff9 tmp15:= OR_DSZ64(tmp9, tmp15) U733c: 00410003fff2 tmp15:= OR_DSZ64(tmp2, tmp15) U733d: 00440003fffe tmp15:= AND_DSZ64(tmp14, tmp15) U733e: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U7340: 0ea566032ecb tmp2:= LDPPHYSTICKLE_DSZ16_ASZ64_SC1(tmp11, 0x00000366) U7341: 07070003c032 tmm4:= unk_707(mm2) U7342: 005425033233 tmp3:= BT_DSZ64(tmp3, 0x00000025) U7344: 00fb0003f033 tmp15:= SETCC_CONDNB(tmp3) U7345: 00010003fcbf tmp15:= OR_DSZ32(tmp15, tmp2) U7346: 01509120027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U2891) U7348: 200a00074200 tmp4:= TESTUSTATE(VMX, 0x0100) 01f35600 ? SEQW GOTO U7356 U7349: 0e6500034ecb tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp11, 0x00000300) U734a: 0047ff3ffd08 tmp15:= NOTAND_DSZ64(0x00000fff, tmp4) U734c: 00440003fffe tmp15:= AND_DSZ64(tmp14, tmp15) U734d: 01519120027f UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp15, U2891) U734e: 003340039236 tmp9:= SELECTCC_DSZ32_CONDNB(tmp6, 0x00000040) U7350: 000400039d39 tmp9:= AND_DSZ32(tmp9, tmp4) U7351: 015191200279 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp9, U2891) U7352: 0004bf3ffd08 tmp15:= AND_DSZ32(0x00000fbf, tmp4) U7354: 3929558d03ff CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x0000001e, U7355) 01f35600 SEQW GOTO U7356 ------------------------------------------------------------------------------------ U7355: 1929912003bf CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000018, U2891) U7356: 01300003fdfc tmp15:= SELECTCC_DSZ32_CONDZ(tmp12, tmp7) U7358: 00251003f23f tmp15:= SHR_DSZ32(tmp15, 0x00000010) U7359: 00070003fffd tmp15:= NOTAND_DSZ32(tmp13, tmp15) U735a: 186a91a0027f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000006, U2891) 01f13c80 SEQW GOTO U713c ------------------------------------------------------------------------------------ rsa_decrypt: U735c: 204346000238 WRITEURAM(tmp8, 0x0046, 64) U735d: 004800034000 tmp4:= ZEROEXT_DSZ64(0x00000000) U735e: 20432c080239 WRITEURAM(tmp9, 0x002c, 32) U7360: 0e25fc03823a tmp8:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp10, 0x000000fc) U7361: 004800032000 tmp2:= ZEROEXT_DSZ64(0x00000000) U7362: 000840031008 tmp1:= ZEROEXT_DSZ32(0x00000040) U7364: 0e2500039cb5 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, tmp2) U7365: 026400033e78 tmp3:= IMUL64L_DSZ64(tmp8, tmp9) U7366: 004000033cf4 tmp3:= ADD_DSZ64(tmp4, tmp3) U7368: 0e2d00033cb7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2, tmp3) U7369: 004004032c88 tmp2:= ADD_DSZ64(0x00000004, tmp2) U736a: 006520034233 tmp4:= SHR_DSZ64(tmp3, 0x00000020) U736c: 000501031c48 tmp1:= SUB_DSZ32(0x00000001, tmp1) U736d: 01506e4c02f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U736e) 01f36440 SEQW GOTO U7364 ------------------------------------------------------------------------------------ U736e: 0e2d00034cb7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2, tmp4) U7370: 004800034000 tmp4:= ZEROEXT_DSZ64(0x00000000) U7371: 0048f8032008 tmp2:= ZEROEXT_DSZ64(0x000000f8) U7372: 00643003d234 tmp13:= SHL_DSZ64(tmp4, 0x00000030) U7374: 0e65fc031237 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x000000fc) U7375: 006510031231 tmp1:= SHR_DSZ64(tmp1, 0x00000010) U7376: 00400003df71 tmp13:= ADD_DSZ64(tmp1, tmp13) U7378: 0e2500030cba LFNCEWAIT-> tmp0:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp10, tmp2) U7379: 0e25fc031235 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, 0x000000fc) U737a: 026400034c31 tmp4:= IMUL64L_DSZ64(tmp1, tmp0) U737c: 006530034234 tmp4:= SHR_DSZ64(tmp4, 0x00000030) U737d: 00400003df74 tmp13:= ADD_DSZ64(tmp4, tmp13) U737e: 07440003903d tmm1:= unk_744(tmm5) U7380: 064500039039 tmm1:= unk_645(tmm1) U7381: 06e100039f79 tmm1:= unk_6e1(tmm1, tmm5) U7382: 06c200039e40 tmm1:= unk_6c2(tmm1) U7384: 076c0003d039 tmp13:= PINTMOVDTMM2I_DSZ64(tmm1) U7385: 0e2500031035 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5) U7386: 026400031c31 tmp1:= IMUL64L_DSZ64(tmp1, tmp0) U7388: 0e2500033037 tmp3:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7) U7389: 0e2d00031037 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp1) U738a: 006520034231 tmp4:= SHR_DSZ64(tmp1, 0x00000020) U738c: 004000034d33 tmp4:= ADD_DSZ64(tmp3, tmp4) U738d: 000804033008 tmp3:= ZEROEXT_DSZ32(0x00000004) U738e: 00652003b23d tmp11:= SHR_DSZ64(tmp13, 0x00000020) U7390: 0134ff7fb7fb tmp11:= CMOVCC_DSZ32_CONDZ(tmp11, 0xffffffffffffffff) U7391: 004800038000 tmp8:= ZEROEXT_DSZ64(0x00000000) U7392: 0e2500031cf5 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp5, tmp3) U7394: 0e25fc039cf6 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp6, tmp3, 0xfffffffffffffffc) U7395: 000004033cc8 tmp3:= ADD_DSZ32(0x00000004, tmp3) U7396: 026400031c31 tmp1:= IMUL64L_DSZ64(tmp1, tmp0) U7398: 00080003e03d tmp14:= ZEROEXT_DSZ32(tmp13) U7399: 02640003cfb9 tmp12:= IMUL64L_DSZ64(tmp9, tmp14) U739a: 004000034d38 tmp4:= ADD_DSZ64(tmp8, tmp4) U739c: 000800038031 tmp8:= ZEROEXT_DSZ32(tmp1) U739d: 00080003e03c tmp14:= ZEROEXT_DSZ32(tmp12) U739e: 004000038e34 tmp8:= ADD_DSZ64(tmp4, tmp8) U73a0: 00652003423c tmp4:= SHR_DSZ64(tmp12, 0x00000020) U73a1: 004000038e3e tmp8:= ADD_DSZ64(tmp14, tmp8) U73a2: 006520031231 tmp1:= SHR_DSZ64(tmp1, 0x00000020) U73a4: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) U73a5: 0e25fc031cf7 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp3, 0xfffffffffffffffc) U73a6: 0e2dfc038cf7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp3, 0xfffffffffffffffc, tmp8) U73a8: 000400039e7b tmp9:= AND_DSZ32(tmp11, tmp9) U73a9: 004000034d39 tmp4:= ADD_DSZ64(tmp9, tmp4) U73aa: 006520038238 tmp8:= SHR_DSZ64(tmp8, 0x00000020) U73ac: 004000034d31 tmp4:= ADD_DSZ64(tmp1, tmp4) U73ad: 386aae0d02b3 BTUJB_DIRECT_NOTTAKEN(tmp3, 0x00000008, U73ae) 01f39240 SEQW GOTO U7392 ------------------------------------------------------------------------------------ U73ae: 004000034d38 tmp4:= ADD_DSZ64(tmp8, tmp4) U73b0: 0e25fc039236 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp6, 0x000000fc) U73b1: 00080003e03d tmp14:= ZEROEXT_DSZ32(tmp13) U73b2: 02640003cfb9 tmp12:= IMUL64L_DSZ64(tmp9, tmp14) U73b4: 00080003803c tmp8:= ZEROEXT_DSZ32(tmp12) U73b5: 004000038d38 tmp8:= ADD_DSZ64(tmp8, tmp4) U73b6: 00652003c23c tmp12:= SHR_DSZ64(tmp12, 0x00000020) U73b8: 0e2500034cf7 tmp4:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp3) U73b9: 004000034d3c tmp4:= ADD_DSZ64(tmp12, tmp4) U73ba: 000400039e7b tmp9:= AND_DSZ32(tmp11, tmp9) U73bc: 004000034d39 tmp4:= ADD_DSZ64(tmp9, tmp4) U73bd: 0e2d00038cf7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp3, tmp8) U73be: 006520038238 tmp8:= SHR_DSZ64(tmp8, 0x00000020) U73c0: 004000034d38 tmp4:= ADD_DSZ64(tmp8, tmp4) U73c1: 004600034d3d tmp4:= XOR_DSZ64(tmp13, tmp4) U73c2: 004401034d08 tmp4:= AND_DSZ64(0x00000001, tmp4) U73c4: 000504032c88 tmp2:= SUB_DSZ32(0x00000004, tmp2) U73c5: 0250c64c02f2 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDS(tmp2, U73c6) 04f37240 SEQW GOTO U7372 ------------------------------------------------------------------------------------ U73c6: 00643003d234 tmp13:= SHL_DSZ64(tmp4, 0x00000030) U73c8: 0e65fc031237 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, 0x000000fc) U73c9: 006510031231 tmp1:= SHR_DSZ64(tmp1, 0x00000010) U73ca: 00400003df71 tmp13:= ADD_DSZ64(tmp1, tmp13) U73cc: 07440003903d tmm1:= unk_744(tmm5) U73cd: 064500039039 tmm1:= unk_645(tmm1) U73ce: 06e100039f79 tmm1:= unk_6e1(tmm1, tmm5) U73d0: 06c200039e40 tmm1:= unk_6c2(tmm1) U73d1: 076c0003d039 tmp13:= PINTMOVDTMM2I_DSZ64(tmm1) U73d2: 00652003b23d tmp11:= SHR_DSZ64(tmp13, 0x00000020) U73d4: 004800034000 tmp4:= ZEROEXT_DSZ64(0x00000000) U73d5: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U73d6: 0e2500039cb6 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp6, tmp2) U73d8: 00080003103d tmp1:= ZEROEXT_DSZ32(tmp13) U73d9: 026400038e71 tmp8:= IMUL64L_DSZ64(tmp1, tmp9) U73da: 0e2500031cb7 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2) U73dc: 00080003c038 tmp12:= ZEROEXT_DSZ32(tmp8) U73dd: 00400003cf31 tmp12:= ADD_DSZ64(tmp1, tmp12) U73de: 00400003cf34 tmp12:= ADD_DSZ64(tmp4, tmp12) U73e0: 0e2d0003ccb7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2, tmp12) U73e1: 00652003c23c tmp12:= SHR_DSZ64(tmp12, 0x00000020) U73e2: 006520034238 tmp4:= SHR_DSZ64(tmp8, 0x00000020) U73e4: 004000034d3c tmp4:= ADD_DSZ64(tmp12, tmp4) U73e5: 017400039e7b tmp9:= CMOVCC_DSZ64_CONDZ(tmp11, tmp9) U73e6: 004000034d39 tmp4:= ADD_DSZ64(tmp9, tmp4) U73e8: 000004032c88 tmp2:= ADD_DSZ32(0x00000004, tmp2) U73e9: 386aea0d02b2 BTUJB_DIRECT_NOTTAKEN(tmp2, 0x00000008, U73ea) 01f3d640 SEQW GOTO U73d6 ------------------------------------------------------------------------------------ U73ea: 0e2500031cb7 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2) U73ec: 004000034c74 tmp4:= ADD_DSZ64(tmp4, tmp1) U73ed: 004600034d3d tmp4:= XOR_DSZ64(tmp13, tmp4) U73ee: 004401034d08 tmp4:= AND_DSZ64(0x00000001, tmp4) U73f0: 0e2d00034cb7 STADPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2, tmp4) U73f1: 0151fc4c02f4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U73fc) U73f2: 0e25fc039cb6 tmp9:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp6, tmp2, 0xfffffffffffffffc) U73f4: 0e25fc031cb7 tmp1:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp7, tmp2, 0xfffffffffffffffc) U73f5: 002a00039039 tmp9:= unk_02a(tmp9) U73f6: 002a00031031 tmp1:= unk_02a(tmp1) U73f8: 004000031e71 tmp1:= ADD_DSZ64(tmp1, tmp9) U73f9: 0045ff7f17f1 tmp1:= SUB_DSZ64(tmp1, 0xffffffffffffffff) U73fa: 0352fc4c02f1 UJMPCC_DIRECT_NOTTAKEN_CONDLE(tmp1, U73fc) 01f41680 SEQW GOTO U7416 ------------------------------------------------------------------------------------ U73fc: 000e1f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000001f) U73fd: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U73fe: 213f00000000 unk_13f(0x00000000) U7400: 0e6500039cb6 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp2) U7401: 0e6500031cb7 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2) U7402: 237e00030c79 tmp0:= unk_37e(tmp9, tmp1) U7404: 0e6d00030cb7 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2, tmp0) U7405: 004008032c88 tmp2:= ADD_DSZ64(0x00000008, tmp2) U7406: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01f40080 SEQW GOTO U7400 ------------------------------------------------------------------------------------ U7408: 0151165002f4 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp4, U7416) U7409: 0052165002f0 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U7416) U740a: 000e1f03c208 tmp12:= WRMSLOOPCTRFBR(0x0000001f) U740c: 000800032000 tmp2:= ZEROEXT_DSZ32(0x00000000) U740d: 213f00000000 unk_13f(0x00000000) U740e: 0e6500039cb6 tmp9:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp2) U7410: 0e6500031cb7 tmp1:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2) U7411: 237f00030c79 tmp0:= unk_37f(tmp9, tmp1) U7412: 0e6d00030cb7 STADPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp7, tmp2, tmp0) U7414: 004008032c88 tmp2:= ADD_DSZ64(0x00000008, tmp2) U7415: 01600103c23c tmp12:= SUBR_DSZ64(tmp12, 0x00000001) 01f40e40 SEQW GOTO U740e ------------------------------------------------------------------------------------ U7416: 006346038200 tmp8:= READURAM(0x0046, 64) U7418: 00632c039200 tmp9:= READURAM(0x002c, 64) U7419: 000800039039 tmp9:= ZEROEXT_DSZ32(tmp9) 018000c9 SEQW URET0 ------------------------------------------------------------------------------------ U741a: 00160f039239 tmp9:= BTR_DSZ32(tmp9, 0x0000000f) U741c: 000102039e4a tmp9:= OR_DSZ32(0x00004002, tmp9) U741d: 0d8f00039030 PORTOUT_DSZ16_ASZ16_SC1(tmp0, tmp9) U741e: 19628e4c0231 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000001, 0x38e) U7420: 1962ff0c03c0 MOVETOCREG_BTS_DSZ64(0x0000001c, 0x3ff) U7421: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U7422: 000812432008 tmp2:= ZEROEXT_DSZ32(0x00001012) U7424: 00a132530c8a tmp0:= CONCAT_DSZ16(0x00005432, tmp2) U7425: 0088dc7b200f tmp2:= ZEROEXT_DSZ16(0x0000fedc) U7426: 00a1de731c8d tmp1:= CONCAT_DSZ16(0x0000bcde, tmp2) U7428: 00210003ac31 tmp10:= CONCAT_DSZ32(tmp1, tmp0) U7429: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U742a: 00887663200c tmp2:= ZEROEXT_DSZ16(0x00009876) U742c: 00a1ba730c8e tmp0:= CONCAT_DSZ16(0x0000dcba, tmp2) U742d: 00889a63200b tmp2:= ZEROEXT_DSZ16(0x0000789a) U742e: 00a156531c89 tmp1:= CONCAT_DSZ16(0x00003456, tmp2) U7430: 00210003bc31 tmp11:= CONCAT_DSZ32(tmp1, tmp0) U7431: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U7432: 0088104b2009 tmp2:= ZEROEXT_DSZ16(0x00003210) U7434: 00a1545b0c8b tmp0:= CONCAT_DSZ16(0x00007654, tmp2) U7435: 0088fe7b200e tmp2:= ZEROEXT_DSZ16(0x0000defe) U7436: 00a1bc6b1c8c tmp1:= CONCAT_DSZ16(0x00009abc, tmp2) U7438: 00210003cc31 tmp12:= CONCAT_DSZ32(tmp1, tmp0) U7439: 3042c60c027c MOVETOCREG_DSZ64(tmp12, 0x3c6, 32) U743a: 0088986b200d tmp2:= ZEROEXT_DSZ16(0x0000ba98) U743c: 00a1dc7b0c8f tmp0:= CONCAT_DSZ16(0x0000fedc, tmp2) U743d: 0088785b200a tmp2:= ZEROEXT_DSZ16(0x00005678) U743e: 00a1344b1c88 tmp1:= CONCAT_DSZ16(0x00001234, tmp2) U7440: 00210003dc31 tmp13:= CONCAT_DSZ32(tmp1, tmp0) U7441: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U7442: 008812032008 tmp2:= ZEROEXT_DSZ16(0x00000012) U7444: 00a140030c88 tmp0:= CONCAT_DSZ16(0x00000040, tmp2) U7445: 000812031008 tmp1:= ZEROEXT_DSZ32(0x00000012) U7446: 00210003ec31 tmp14:= CONCAT_DSZ32(tmp1, tmp0) U7448: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U7449: 0008272ff00a tmp15:= ZEROEXT_DSZ32(0x00004b27) U744a: 3042c90c027f MOVETOCREG_DSZ64(tmp15, 0x3c9, 32) U744c: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U744d: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U744e: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7450: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U7451: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7452: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7454: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U7455: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7456: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U7458: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U7459: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U745a: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U745c: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U745d: 013002039230 tmp9:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U745e: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U7460: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U7461: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7462: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7464: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7465: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U7466: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U7468: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U7469: 3902c64c023c MOVETOCREG_OR_DSZ64(tmp12, 0x00000001, 0x3c6) U746a: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U746c: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U746d: 3042c90c027f MOVETOCREG_DSZ64(tmp15, 0x3c9, 32) U746e: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U7470: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7471: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7472: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U7474: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7475: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7476: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U7478: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7479: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U747a: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U747c: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U747d: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U747e: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7480: 00050f030c08 tmp0:= SUB_DSZ32(0x0000000f, tmp0) U7481: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7482: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7484: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U7485: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U7486: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7488: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7489: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U748a: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U748c: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U748d: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U748e: 3902c6cc023c MOVETOCREG_OR_DSZ64(tmp12, 0x00000003, 0x3c6) U7490: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U7491: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U7492: 3042c90c027f MOVETOCREG_DSZ64(tmp15, 0x3c9, 32) U7494: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U7495: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U7496: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7498: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U7499: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U749a: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U749c: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U749d: 3042c10c0270 MOVETOCREG_DSZ64(tmp0, 0x3c1, 32) U749e: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U74a0: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U74a1: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U74a2: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74a4: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U74a5: 00050c030c08 tmp0:= SUB_DSZ32(0x0000000c, tmp0) U74a6: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U74a8: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U74a9: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U74aa: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74ac: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U74ad: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U74ae: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U74b0: 10629e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x39e, 32) U74b1: 0004ff030c08 tmp0:= AND_DSZ32(0x000000ff, tmp0) U74b2: 022200030030 tmp0:= unk_222(tmp0) U74b4: 002401030230 tmp0:= SHL_DSZ32(tmp0, 0x00000001) U74b5: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U74b6: 01420e031c00 tmp1:= UFLOWCTRL(MSLOOPCTR, tmp0) U74b8: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U74b9: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U74ba: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U74bc: 3042c60c027c MOVETOCREG_DSZ64(tmp12, 0x3c6, 32) U74bd: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U74be: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U74c0: 3962c9cc027f MOVETOCREG_BTS_DSZ64(tmp15, 0x00000007, 0x3c9) U74c1: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U74c2: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74c4: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U74c5: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U74c6: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74c8: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U74c9: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U74ca: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74cc: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U74cd: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U74ce: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U74d0: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74d1: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U74d2: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U74d4: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U74d5: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U74d6: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74d8: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U74d9: 000508030c08 tmp0:= SUB_DSZ32(0x00000008, tmp0) U74da: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U74dc: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U74dd: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U74de: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U74e0: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U74e1: 3042c60c027c MOVETOCREG_DSZ64(tmp12, 0x3c6, 32) U74e2: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U74e4: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U74e5: 0008e0030008 tmp0:= ZEROEXT_DSZ32(0x000000e0) U74e6: 3902c90c0c3f MOVETOCREG_OR_DSZ64(tmp15, tmp0, 0x3c9) U74e8: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U74e9: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74ea: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U74ec: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U74ed: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74ee: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U74f0: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U74f1: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U74f2: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U74f4: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U74f5: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U74f6: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74f8: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U74f9: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U74fa: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U74fc: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U74fd: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U74fe: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7500: 000504030c08 tmp0:= SUB_DSZ32(0x00000004, tmp0) U7501: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7502: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7504: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U7505: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U7506: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U7508: 3042c60c027c MOVETOCREG_DSZ64(tmp12, 0x3c6, 32) U7509: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U750a: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U750c: 3b22c9cc02ff unk_b22(tmp15, IMM_MACRO_c9) U750d: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U750e: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7510: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7511: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U7512: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7514: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7515: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U7516: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7518: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U7519: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U751a: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U751c: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U751d: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U751e: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7520: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7521: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U7522: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U7524: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7525: 000502030c08 tmp0:= SUB_DSZ32(0x00000002, tmp0) U7526: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7528: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7529: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U752a: 3042c40c027a MOVETOCREG_DSZ64(tmp10, 0x3c4, 32) U752c: 3042c50c027b MOVETOCREG_DSZ64(tmp11, 0x3c5, 32) U752d: 3042c60c027c MOVETOCREG_DSZ64(tmp12, 0x3c6, 32) U752e: 3042c70c027d MOVETOCREG_DSZ64(tmp13, 0x3c7, 32) U7530: 3042c80c027e MOVETOCREG_DSZ64(tmp14, 0x3c8, 32) U7531: 0008282f000a tmp0:= ZEROEXT_DSZ32(0x00004b28) U7532: 3042c90c0270 MOVETOCREG_DSZ64(tmp0, 0x3c9, 32) U7534: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U7535: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7536: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7538: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U7539: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U753a: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U753c: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U753d: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U753e: 00a1c0030008 tmp0:= CONCAT_DSZ16(0x000000c0) U7540: 3042c00c0270 SYNCFULL-> MOVETOCREG_DSZ64(tmp0, 0x3c0, 32) U7541: 1062040f0240 tmp0:= MOVEFROMCREG_DSZ64(0x304, 32) U7542: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U7544: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U7545: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U7546: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7548: 1062500f0240 tmp0:= MOVEFROMCREG_DSZ64(0x350, 32) U7549: 002518030230 tmp0:= SHR_DSZ32(tmp0, 0x00000018) U754a: 00040f030c08 tmp0:= AND_DSZ32(0x0000000f, tmp0) U754c: 000501030c08 tmp0:= SUB_DSZ32(0x00000001, tmp0) U754d: 013002030230 tmp0:= SELECTCC_DSZ32_CONDZ(tmp0, 0x00000002) U754e: 000100039e70 tmp9:= OR_DSZ32(tmp0, tmp9) U7550: 1962c10c0300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x3c1) U7551: 3042c40c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c4, 32) U7552: 3042c50c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c5, 32) U7554: 3042c60c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c6, 32) U7555: 3042c70c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c7, 32) U7556: 3042c80c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c8, 32) U7558: 3042c90c0240 MOVETOCREG_DSZ64(0x00000000, 0x3c9, 32) U7559: 00a105030008 tmp0:= CONCAT_DSZ16(0x00000005) U755a: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U755c: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U755d: 00a10d030008 tmp0:= CONCAT_DSZ16(0x0000000d) U755e: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7560: 3962c0cc0340 MOVETOCREG_BTS_DSZ64(0x00000017, 0x3c0) U7561: 00a109030008 tmp0:= CONCAT_DSZ16(0x00000009) U7562: 3902c10c0c70 MOVETOCREG_OR_DSZ64(tmp0, tmp1, 0x3c1) U7564: 3042c10c0240 SYNCFULL-> MOVETOCREG_DSZ64(0x00000000, 0x3c1, 32) U7565: 000001031c48 tmp1:= ADD_DSZ32(0x00000001, tmp1) U7566: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 0874b880 ? SEQW GOTO U74b8 U7568: 1042ff0c0240 MOVETOCREG_DSZ64(0x00000000, 0x3ff, 32) U7569: 00084c5f000c tmp0:= ZEROEXT_DSZ32(0x0000974c) U756a: 00a100030c0a tmp0:= CONCAT_DSZ16(0x00004000, tmp0) U756c: 0d8b00032030 tmp2:= PORTIN_DSZ16_ASZ16_SC1(tmp0) U756d: 000702032c8a tmp2:= NOTAND_DSZ32(0x00004002, tmp2) U756e: 000100032c8c tmp2:= OR_DSZ32(0x00008000, tmp2) U7570: 000100032cb9 tmp2:= OR_DSZ32(tmp9, tmp2) U7571: 0d8f00032030 PORTOUT_DSZ16_ASZ16_SC1(tmp0, tmp2) U7572: 000000000000 NOP 018000fe SEQW UEND3 ------------------------------------------------------------------------------------ U7574: 000000000000 NOP U7575: 00630f031200 LFNCEWAIT-> tmp1:= READURAM(0x000f, 64) 0284fc51 SEQW SAVEUIP0 U7576 SEQW GOTO U04fc U7576: 000470031c48 tmp1:= AND_DSZ32(0x00000070, tmp1) U7578: 1062f10b9240 tmp9:= MOVEFROMCREG_DSZ64(0x2f1, 32) U7579: 20431c080239 WRITEURAM(tmp9, 0x001c, 32) U757a: 0007071b9e48 tmp9:= NOTAND_DSZ32(0x00000607, tmp9) U757c: 3902f1080c79 MOVETOCREG_OR_DSZ64(tmp9, tmp1, 0x2f1) U757d: 000530039c48 tmp9:= SUB_DSZ32(0x00000030, tmp1) U757e: 0150805402f9 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp9, U7580) 053c5c80 SEQW GOTO U3c5c ------------------------------------------------------------------------------------ U7580: 00085a73e009 tmp14:= ZEROEXT_DSZ32(0x00003c5a) 01843400 SEQW GOTO U0434 ------------------------------------------------------------------------------------ U7581: 000000000000 NOP U7582: 000000000000 NOP U7584: 000000000000 NOP U7585: 00080513b008 tmp11:= ZEROEXT_DSZ32(0x00000405) 01ac0d51 SEQW SAVEUIP0 U7586 SEQW GOTO U2c0d U7586: 002402039239 tmp9:= SHL_DSZ32(tmp9, 0x00000002) U7588: 000014479279 tmp9:= ADD_DSZ32(tmp9, 0x00003114) U7589: 015100000e7a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, tmp9) U758a: 01310003fc72 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp1) U758c: 0006f833ffc8 tmp15:= XOR_DSZ32(0x00000cf8, tmp15) U758d: 0150891002bf UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U4489) U758e: 00880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) U7590: 00070303fc48 tmp15:= NOTAND_DSZ32(0x00000003, tmp1) U7591: 0006fc33ffc8 tmp15:= XOR_DSZ32(0x00000cfc, tmp15) U7592: 0150d56002bf SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U58d5) 0d0000d2 SEQW SAVEUIP0 U7594 U7594: 1d0f0003003a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(tmp10, tmp0) 045ac500 SEQW GOTO U5ac5 ------------------------------------------------------------------------------------ U7595: 000000000000 NOP U7596: 000000000000 NOP U7598: 000000000000 NOP U7599: 204307000200 WRITEURAM(0x00000000, 0x0007, 64) U759a: 000c49000200 SAVEUIP(0x00, U0049) 01a07496 SEQW SAVEUIP1 U759c SEQW GOTO U2074 U759c: 000a04800200 TESTUSTATE(UCODE, !0x0004) 01f5a148 ? SEQW URET0 U759d: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01f5a148 ? SEQW GOTO U75a1 U759e: 0062c51ff200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CR4) U75a0: 386ba595027f LFNCEWTMRK-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000006, U75a5) U75a1: 006323030200 tmp0:= READURAM(0x0023, 64) U75a2: 000800000000 NOP U75a4: 386aa51502f0 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000c, U75a5) 0619f100 SEQW GOTO U19f1 ------------------------------------------------------------------------------------ U75a5: 1062cd0bf240 tmp15:= MOVEFROMCREG_DSZ64(0x2cd, 32) U75a6: 000800000000 NOP U75a8: 3902cd48023f LFNCEWTMRK-> MOVETOCREG_OR_DSZ64(tmp15, 0x00000001, 0x2cd) 062e5000 SEQW GOTO U2e50 ------------------------------------------------------------------------------------ U75a9: 000000000000 NOP U75aa: 000000000000 NOP U75ac: 000000000000 NOP U75ad: 1a62cf080270 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000004, 0x2cf) U75ae: 29626d800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x06d) 01a3d192 SEQW SAVEUIP0 U75b0 SEQW GOTO U23d1 U75b0: 000d01134240 tmp4:= SAVEUIP_REGOVR(0x00, U75b1, 0x2401) 01a5a500 SEQW GOTO U25a5 U75b1: 3062d30b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d3, 32) U75b2: 000800000000 NOP U75b4: 386ab51502f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000000c, U75b5) 01f5b100 SEQW GOTO U75b1 ------------------------------------------------------------------------------------ U75b5: 1062230b0240 tmp0:= MOVEFROMCREG_DSZ64(0x223, 32) U75b6: 000800000000 NOP U75b8: 190223480330 MOVETOCREG_OR_DSZ64(tmp0, 0x00000011, 0x223) 01a08d14 SEQW SAVEUIP1 U75b9 SEQW GOTO U208d U75b9: 021e63000200 SIGEVENT(0x00000063) U75ba: 1902f1480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x2f1) U75bc: 1902f2880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2f2) U75bd: 1062c40b0240 tmp0:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U75be: 000760030c08 tmp0:= NOTAND_DSZ32(0x00000060, tmp0) U75c0: 1042c4080270 MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) 01aacd00 SEQW GOTO U2acd ------------------------------------------------------------------------------------ U75c1: 000000000000 NOP U75c2: 000000000000 NOP U75c4: 000000000000 NOP U75c5: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) enclu_impl: U75c6: 000952030010 LFNCEMARK-> tmp0:= MOVE_DSZ32(0x00010011) 05648692 SEQW SAVEUIP0 U75c8 SEQW GOTO U6486 U75c8: 100a04000200 TESTUSTATE(SYS, UST_8086_MODE) 01a76900 ? SEQW GOTO generate_#UD U75c9: 0062f61ff200 tmp15:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U75ca: 186a71dc023f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000003, generate_#NM) U75cc: 00629e1ff200 tmp15:= MOVEFROMCREG_DSZ64(0x79e) U75cd: 192969dc023f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000003, generate_#UD) U75ce: 00631f031200 LFNCEWAIT-> tmp1:= READURAM(0x001f, 64) U75d0: 00070103f808 tmp15:= NOTAND_DSZ32(0x00000001, rax) U75d1: 01310013f23f tmp15:= SELECTCC_DSZ32_CONDNZ(tmp15, 0x00000400) U75d2: 004100031c7f tmp1:= OR_DSZ64(tmp15, tmp1) U75d4: 20431f000231 WRITEURAM(tmp1, 0x001f, 64) U75d5: 00080003a000 tmp10:= ZEROEXT_DSZ32(0x00000000) U75d6: 100a40031200 tmp1:= TESTUSTATE(SYS, UST_VMX_DUAL_MON) 019f9580 ? SEQW GOTO U1f95 U75d8: 000822030008 tmp0:= ZEROEXT_DSZ32(0x00000022) U75d9: 000804037008 tmp7:= ZEROEXT_DSZ32(0x00000004) 01b36540 SEQW GOTO U3365 ------------------------------------------------------------------------------------ U75da: 000000000000 NOP U75dc: 000000000000 NOP U75dd: 0008005fc00b tmp12:= ZEROEXT_DSZ32(0x00007700) U75de: 000e03200240 WRMSLOOPCTRFBR(0x00002803) 01a03192 SEQW SAVEUIP0 U75e0 SEQW GOTO U2031 U75e0: 000e14400200 WRMSLOOPCTRFBR(0x00001014) 01b39910 SEQW SAVEUIP0 U75e1 SEQW GOTO U3399 U75e1: 0008c05bc00b tmp12:= ZEROEXT_DSZ32(0x000076c0) U75e2: 0e750003803c tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U75e4: 0e752000003c LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U75e5: 000703036e08 tmp6:= NOTAND_DSZ32(0x00000003, tmp8) U75e6: 1042890f6276 tmp6:= MOVETOCREG_DSZ64(tmp6, 0x389, 32) U75e8: 000800038db8 tmp8:= ZEROEXT_DSZ32(tmp8, tmp6) U75e9: 1042890c0278 MOVETOCREG_DSZ64(tmp8, 0x389, 32) U75ea: 1062cf0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x3cf, 32) U75ec: 386bea150230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U75ea) U75ed: 000880030008 tmp0:= ZEROEXT_DSZ32(0x00000080) U75ee: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) U75f0: 000c7a080200 SAVEUIP(0x00, U027a) 0197f614 SEQW SAVEUIP1 U75f1 SEQW GOTO U17f6 U75f1: 1062380b6240 tmp6:= MOVEFROMCREG_DSZ64(0x238, 32) U75f2: 0001000f6d88 tmp6:= OR_DSZ32(0x00000300, tmp6) U75f4: 104238080276 MOVETOCREG_DSZ64(tmp6, 0x238, 32) U75f5: 190208880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x208) U75f6: 390289880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x289) 01a99e80 SEQW GOTO U299e ------------------------------------------------------------------------------------ U75f8: 000000000000 NOP U75f9: 3902db880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2db) U75fa: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) 01dee892 SEQW SAVEUIP0 U75fc SEQW GOTO U5ee8 U75fc: 00635303f200 tmp15:= READURAM(0x0053, 64) U75fd: 00160303f23f tmp15:= BTR_DSZ32(tmp15, 0x00000003) U75fe: 00435308023f WRITEURAM(tmp15, 0x0053, 32) U7600: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U7601: 00085233c008 tmp12:= ZEROEXT_DSZ32(0x00000c52) U7602: 000a00135200 tmp5:= TESTUSTATE(UCODE, 0x0400) 01f60680 ? SEQW GOTO U7606 U7604: 0962b4000240 MOVETOCREG_BTS_DSZ64(0x00000004, 0x0b4) U7605: 004801035008 tmp5:= ZEROEXT_DSZ64(0x00000001) 01a8ec51 SEQW SAVEUIP0 U7606 SEQW GOTO U28ec U7606: 00635c030200 tmp0:= READURAM(0x005c, 64) U7608: 386a11190330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U7611) U7609: 006216171200 tmp1:= MOVEFROMCREG_DSZ64(0x516) U760a: 006217172200 LFNCEMARK-> tmp2:= MOVEFROMCREG_DSZ64(0x517) U760c: 0a6216d402b1 LFNCEWAIT-> MOVETOCREG_BTR_DSZ64(tmp1, 0x0000000b, 0x516) U760d: 0a6217d402b2 MOVETOCREG_BTR_DSZ64(tmp2, 0x0000000b, 0x517) U760e: 000100035c75 tmp5:= OR_DSZ32(tmp5, tmp1) U7610: 002100035d72 tmp5:= CONCAT_DSZ32(tmp2, tmp5) U7611: 00434f000235 WRITEURAM(tmp5, 0x004f, 64) U7612: 015d00000f00 UJMP(tmp12) ------------------------------------------------------------------------------------ U7614: 000000000000 NOP U7615: 00082513b008 tmp11:= ZEROEXT_DSZ32(0x00000425) 01ac0d51 SEQW SAVEUIP0 U7616 SEQW GOTO U2c0d U7616: 002403039239 tmp9:= SHL_DSZ32(tmp9, 0x00000003) U7618: 000041079279 tmp9:= ADD_DSZ32(tmp9, 0x00002141) U7619: 015100000e7a UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp10, tmp9) U761a: 01310003fc72 tmp15:= SELECTCC_DSZ32_CONDNZ(tmp2, tmp1) U761c: 0006f833ffc8 tmp15:= XOR_DSZ32(0x00000cf8, tmp15) U761d: 01502c10023f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U042c) U761e: 00638a03f200 tmp15:= READURAM(0x008a, 64) U7620: 00860003fff1 tmp15:= XOR_DSZ16(tmp1, tmp15) U7621: 01710003ffff tmp15:= SELECTCC_DSZ64_CONDNZ(tmp15, tmp15) U7622: 01710003fff2 tmp15:= SELECTCC_DSZ64_CONDNZ(tmp2, tmp15) U7624: 086af204033f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000010, U01f2) U7625: 00060303fc88 tmp15:= XOR_DSZ32(0x00000003, tmp2) U7626: 01710003fc7f tmp15:= SELECTCC_DSZ64_CONDNZ(tmp15, tmp1) U7628: 00635c03a200 tmp10:= READURAM(0x005c, 64) U7629: 00542d03a23a tmp10:= BT_DSZ64(tmp10, 0x0000002d) U762a: 00730003fffa tmp15:= SELECTCC_DSZ64_CONDNB(tmp10, tmp15) U762c: 00066103ffc8 tmp15:= XOR_DSZ32(0x00000061, tmp15) U762d: 01505920027f UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U2859) U762e: 00880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) U7630: 00070303fc48 tmp15:= NOTAND_DSZ32(0x00000003, tmp1) U7631: 0006fc33ffc8 tmp15:= XOR_DSZ32(0x00000cfc, tmp15) U7632: 0150d56002bf SYNCMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U58d5) 0d0000d2 SEQW SAVEUIP0 U7634 U7634: 1d0b0003003a LFNCEMARK-> tmp0:= PORTIN_DSZ32_ASZ16_SC1(tmp10) 045ac800 SEQW GOTO U5ac8 ------------------------------------------------------------------------------------ U7635: 000000000000 NOP U7636: 000000000000 NOP U7638: 000000000000 NOP U7639: 00621017b200 tmp11:= MOVEFROMCREG_DSZ64(0x510) 01ae2155 SEQW SAVEUIP1 U763a SEQW GOTO U2e21 U763a: 00621117c200 tmp12:= MOVEFROMCREG_DSZ64(0x511) U763c: 00070043cf1f tmp12:= NOTAND_DSZ32(0xfffffffffffff000, tmp12) U763d: 00080003e039 tmp14:= ZEROEXT_DSZ32(tmp9) 01880e55 SEQW SAVEUIP1 U763e SEQW GOTO U080e U763e: 00040203223b tmp2:= AND_DSZ32(tmp11, 0x00000002) U7640: 00141003323b tmp3:= BT_DSZ32(tmp11, 0x00000010) U7641: 013e00032cf2 tmp2:= MOVEMERGEFLGS_DSZ32(tmp2, tmp3) U7642: 00361e032232 tmp2:= CMOVCC_DSZ32_CONDB(tmp2, 0x0000001e) U7644: 0032004332f3 tmp3:= SELECTCC_DSZ32_CONDB(tmp3, 0x00007000) U7645: 00240b032232 tmp2:= SHL_DSZ32(tmp2, 0x0000000b) U7646: 096205400240 LFNCEWAIT-> MOVETOCREG_BTS_DSZ64(0x00000005, 0x005) U7648: 0062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U7649: 00151003a230 tmp10:= BTS_DSZ32(tmp0, 0x00000010) U764a: 386a4c59037d BTUJB_DIRECT_NOTTAKEN(tmp13, 0x00000015, U764c) 01f65080 SEQW GOTO U7650 ------------------------------------------------------------------------------------ U764c: 000000432cc9 tmp2:= ADD_DSZ32(0x00003000, tmp3) U764d: 00630903a200 tmp10:= READURAM(0x0009, 64) U764e: 00652003a23a tmp10:= SHR_DSZ64(tmp10, 0x00000020) U7650: 00043f03ff48 tmp15:= AND_DSZ32(0x0000003f, tmp13) U7651: 00051e03ffc8 tmp15:= SUB_DSZ32(0x0000001e, tmp15) U7652: 0150545802ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U7654) 01f65680 SEQW GOTO U7656 ------------------------------------------------------------------------------------ U7654: 000000032cca tmp2:= ADD_DSZ32(0x00004000, tmp3) U7655: 00080003a030 tmp10:= ZEROEXT_DSZ32(tmp0) U7656: 2042fe1c023a LFNCEMARK-> MOVETOCREG_DSZ64(tmp10, CORE_CR_EFLAGS) U7658: 004100031cbc tmp1:= OR_DSZ64(tmp12, tmp2) U7659: 00082c030008 tmp0:= ZEROEXT_DSZ32(0x0000002c) U765a: 100a2083a23d tmp10:= TESTUSTATE(tmp13, SYS, !UST_SMM) 01ce8480 ? SEQW GOTO U4e84 U765c: 0021031f0231 tmp0:= CONCAT_DSZ32(tmp1, 0x00000703) 01c07c00 SEQW GOTO U407c ------------------------------------------------------------------------------------ U765d: 000000000000 NOP U765e: 000000000000 NOP U7660: 000000000000 NOP U7661: 04c700038e78 tmm0:= XORPD(tmm0, tmm1) U7662: 06e20103a039 tmm2:= unk_6e2(tmm1) 01c85996 SEQW SAVEUIP1 U7664 SEQW GOTO U4859 U7664: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U7665: 06e20203a039 tmm2:= unk_6e2(tmm1) 01c85955 SEQW SAVEUIP1 U7666 SEQW GOTO U4859 U7666: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U7668: 06e20403a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7669 SEQW GOTO U4859 U7669: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U766a: 000800000000 NOP U766c: 06e20803a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U766d SEQW GOTO U4859 U766d: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U766e: 000800000000 NOP U7670: 06e21003a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7671 SEQW GOTO U4859 U7671: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U7672: 000800000000 NOP U7674: 06e22003a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7675 SEQW GOTO U4859 U7675: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U7676: 000800000000 NOP U7678: 06e24003a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7679 SEQW GOTO U4859 U7679: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U767a: 000800000000 NOP U767c: 06e28003a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U767d SEQW GOTO U4859 U767d: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U767e: 000800000000 NOP U7680: 06e21b03a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7681 SEQW GOTO U4859 U7681: 07c801038e78 tmm0:= unk_7c8(tmm0, tmm1) U7682: 000800000000 NOP U7684: 06e23603a039 tmm2:= unk_6e2(tmm1) 01c85914 SEQW SAVEUIP1 U7685 SEQW GOTO U4859 U7685: 000800000000 NOP U7686: 000800000000 NOP U7688: 07c901039e78 tmm1:= unk_7c9(tmm0, tmm1) 018000c8 SEQW URET0 ------------------------------------------------------------------------------------ U7689: 000000000000 NOP U768a: 000000000000 NOP U768c: 000000000000 NOP U768d: 000807030008 tmp0:= ZEROEXT_DSZ32(0x00000007) 01e0aa51 SEQW SAVEUIP0 U768e SEQW GOTO U60aa U768e: 204353000200 WRITEURAM(0x00000000, 0x0053, 64) U7690: 000c822802c0 SAVEUIP(0x00, U6a82) 01abcc00 SEQW GOTO U2bcc ------------------------------------------------------------------------------------ U7691: 000000000000 NOP U7692: 000000000000 NOP U7694: 000000000000 NOP U7695: 1c0200200027 unk_c02(rdi) 03761555 SEQW SAVEUIP1 U7696 SEQW GOTO U7615 U7696: 1c0800230027 LFNCEWAIT-> STAD_DSZN_ASZ32_SC1(rdi, mode=0x08, tmp0) U7698: 11890b8279c8 rdi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rdi) 018000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U7699: 000000000000 NOP U769a: 000000000000 NOP U769c: 000000000000 NOP U769d: 1c0000630026 tmp0:= LDZX_DSZN_ASZ32_SC1(rsi, mode=0x18) 01f58555 SEQW SAVEUIP1 U769e SEQW GOTO U7585 U769e: 11890b826988 rsi:= ADDSUB_DSZ16_CONDD(IMM_MACRO_ALIAS_DATASIZE, rsi) U76a0: 125600000000 LFNCEWAIT-> unk_256(0x00000000) 020000f0 SEQW UEND0 ------------------------------------------------------------------------------------ U76a1: 000000000000 NOP U76a2: 000000000000 NOP U76a4: 000000000000 NOP U76a5: 00080403e008 tmp14:= ZEROEXT_DSZ32(0x00000004) 01a38a51 SEQW SAVEUIP0 U76a6 SEQW GOTO U238a U76a6: 0004fc03ef88 tmp14:= AND_DSZ32(0x000000fc, tmp14) U76a8: 00250200123e SYNCWAIT-> r64dst:= SHR_DSZ32(tmp14, 0x00000002) 0a04ae00 SEQW GOTO set_carry_uend ------------------------------------------------------------------------------------ U76a9: 000000000000 NOP U76aa: 000000000000 NOP U76ac: 000000000000 NOP U76ad: 00080003903a tmp9:= ZEROEXT_DSZ32(tmp10) 01e10d51 SEQW SAVEUIP0 U76ae SEQW GOTO U610d U76ae: 000900000000 MOVE_DSZ32(0x00000000) U76b0: 186a011c0d77 LFNCEMARK-> BTUJB_DIRECT_NOTTAKEN(tmp7, tmp5, U2701) 0425c400 SEQW GOTO U25c4 ------------------------------------------------------------------------------------ U76b1: 000000000000 NOP U76b2: 000000000000 NOP U76b4: 000000000000 NOP U76b5: 000000000000 NOP U76b6: 000000000000 ROVR<- NOP 01dea69a SEQW SAVEUIP0 U76b8 SEQW GOTO U5ea6 U76b8: 000801033008 tmp3:= ZEROEXT_DSZ32(0x00000001) U76b9: 07430003a033 tmm2:= unk_743(mm3) U76ba: 000418038c08 tmp8:= AND_DSZ32(0x00000018, tmp0) U76bc: 0151c05802f8 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp8, U76c0) U76bd: 06a04003a000 tmp10:= unk_6a0(0x00000000) U76be: 068a0003aeb8 tmp10:= FCOM2(tmp8, tmp10) U76c0: 07040003e032 tmm6:= unk_704(mm2) U76c1: 06200703e03e tmm6:= unk_620(tmm6) U76c2: 072c0003803e tmp8:= PINTMOVDTMM2I_DSZ32(tmm6) U76c4: 006286135200 tmp5:= MOVEFROMCREG_DSZ64(0x486) U76c5: 00628c134200 tmp4:= MOVEFROMCREG_DSZ64(0x48c) U76c6: 015d00000e00 UJMP(tmp8) ------------------------------------------------------------------------------------ U76c8: 000000000000 NOP U76c9: 000000000000 NOP U76ca: 204200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) 01a01296 SEQW SAVEUIP1 U76cc SEQW GOTO U2012 U76cc: 29620bc00280 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x0000000b, 0x00b) U76cd: 000a00100200 TESTUSTATE(UCODE, 0x0400) 042ebc40 ? SEQW GOTO U2ebc U76ce: 006288031200 tmp1:= MOVEFROMCREG_DSZ64(0x088) U76d0: 186abcb802f1 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000e, U2ebc) U76d1: 000809031008 tmp1:= ZEROEXT_DSZ32(0x00000009) U76d2: 000810030000 ROVR<- tmp0:= ZEROEXT_DSZ32(0x00000000) 01e5b99e SEQW SAVEUIP1 U76d4 SEQW GOTO U65b9 U76d4: 000d218f8300 tmp8:= SAVEUIP_REGOVR(0x01, U76d5, 0x8321) 01de0600 SEQW GOTO U5e06 U76d5: 000c725c0240 SAVEUIP(0x00, U3772) U76d6: 000cb6b96240 tmpv2:= SAVEUIP(0x01, U2eb6) U76d8: 006288014200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(0x088) U76d9: 0004c8014510 tmpv0:= AND_DSZ32(0x00100000, tmpv0) U76da: 0062b1015200 tmpv1:= MOVEFROMCREG_DSZ64(0x0b1) U76dc: 000706015215 tmpv1:= NOTAND_DSZ32(tmpv1, 0x00000006) U76dd: 000100015554 tmpv1:= OR_DSZ32(tmpv0, tmpv1) U76de: 0151be700215 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmpv1, uret1) 018000ca SEQW URET0 ------------------------------------------------------------------------------------ U76e0: 000000000000 NOP U76e1: 000000000000 NOP U76e2: 000bff000200 UPDATEUSTATE(0xfc) 018c6296 SEQW SAVEUIP1 U76e4 SEQW GOTO U0c62 U76e4: 014310a00200 AETTRACE(0x08, IMM_MACRO_ALIAS_INSTRUCTION) U76e5: 00081c030008 tmp0:= ZEROEXT_DSZ32(0x0000001c) U76e6: 100a02000200 TESTUSTATE(SYS, UST_USER_MODE) 01a71180 ? SEQW GOTO generate_#GP U76e8: 100a80000200 TESTUSTATE(SYS, UST_VMX_GUEST) 01de7e00 ? SEQW GOTO U5e7e U76e9: 000800035000 tmp5:= ZEROEXT_DSZ32(0x00000000) U76ea: 000800033000 tmp3:= ZEROEXT_DSZ32(0x00000000) U76ec: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01f6fa00 ? SEQW GOTO U76fa U76ed: 296272000300 MOVETOCREG_BTS_DSZ64(0x00000010, 0x072) U76ee: 006311036200 tmp6:= READURAM(0x0011, 64) U76f0: 01080003d010 tmp13:= READUIP_REGOVR(0x00) U76f1: 0e6500074cb6 LFNCEWAIT-> tmp4:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp2, mode=0x01) U76f2: 0e6510076cb6 tmp6:= LDPPHYSTICKLE_DSZ64_ASZ64_SC1(tmp6, tmp2, 0x00000010, mode=0x01) U76f4: 004400036db4 tmp6:= AND_DSZ64(tmp4, tmp6) U76f5: 004700036db5 tmp6:= NOTAND_DSZ64(tmp5, tmp6) U76f6: 004100036cf6 tmp6:= OR_DSZ64(tmp6, tmp3) U76f8: 004100035d74 tmp5:= OR_DSZ64(tmp4, tmp5) U76f9: 000877030010 tmp0:= ZEROEXT_DSZ32(0x0002001c) 01de8055 SEQW SAVEUIP1 U76fa SEQW GOTO U5e80 U76fa: 004400034d7b tmp4:= AND_DSZ64(tmp11, tmp5) U76fc: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01f6fe00 ? SEQW GOTO U76fe U76fd: 00410003aeb9 tmp10:= OR_DSZ64(tmp9, tmp10) U76fe: 004700033eb5 tmp3:= NOTAND_DSZ64(tmp5, tmp10) U7700: 00410003ad33 tmp10:= OR_DSZ64(tmp3, tmp4) 018000c8 SEQW URET0 ------------------------------------------------------------------------------------ U7701: 000000000000 NOP U7702: 000000000000 NOP U7704: 000000000000 NOP U7705: 000000000000 NOP U7706: 1062d7094240 tmpv0:= MOVEFROMCREG_DSZ64(0x2d7, 32) 01b34d92 SEQW SAVEUIP0 U7708 SEQW GOTO U334d U7708: 00638c014200 tmpv0:= READURAM(0x008c, 64) U7709: 386b211d0594 BTUJNB_DIRECT_NOTTAKEN(tmpv0, tmpv2, U7721) U770a: 006209014200 tmpv0:= MOVEFROMCREG_DSZ64(0x009) 01b34d92 SEQW SAVEUIP0 U770c SEQW GOTO U334d U770c: 000e1f000200 WRMSLOOPCTRFBR(0x0000001f) U770d: 000820017008 tmpv3:= ZEROEXT_DSZ32(0x00000020) U770e: 0062000145c0 tmpv0:= MOVEFROMCREG_DSZ64(tmpv3) U7710: 006530015214 tmpv1:= SHR_DSZ64(tmpv0, 0x00000030) U7711: 00040f015548 tmpv1:= AND_DSZ32(0x0000000f, tmpv1) U7712: 006410016214 tmpv2:= SHL_DSZ64(tmpv0, 0x00000010) U7714: 006e10016216 tmpv2:= SAR_DSZ64(tmpv2, 0x00000010) U7715: 004500016595 tmpv2:= SUB_DSZ64(tmpv1, tmpv2) U7716: 000500015515 tmpv1:= SUB_DSZ32(tmpv1, tmpv0) U7718: 005434014214 tmpv0:= BT_DSZ64(tmpv0, 0x00000034) U7719: 017e00016516 tmpv2:= MOVEMERGEFLGS_DSZ64(tmpv2, tmpv0) U771a: 007600014556 tmpv0:= CMOVCC_DSZ64_CONDB(tmpv2, tmpv1) 01b34d92 SEQW SAVEUIP0 U771c SEQW GOTO U334d U771c: 0000200165c8 tmpv2:= ADD_DSZ32(0x00000020, tmpv3) U771d: 006200014580 tmpv0:= MOVEFROMCREG_DSZ64(tmpv2) 01b34d51 SEQW SAVEUIP0 U771e SEQW GOTO U334d U771e: 0000010175c8 tmpv3:= ADD_DSZ32(0x00000001, tmpv3) U7720: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01f70e00 ? SEQW GOTO U770e U7721: 00638c015200 tmpv1:= READURAM(0x008c, 64) U7722: 086ac61803d5 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x0000001c, uret1) U7724: 086ac6580615 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000021, uret1) U7725: 006267014200 LFNCEWAIT-> tmpv0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U7726: 386a2a1d0615 BTUJB_DIRECT_NOTTAKEN(tmpv1, 0x00000020, U772a) U7728: 006265015200 tmpv1:= MOVEFROMCREG_DSZ64(0x065) U7729: 104500014515 tmpv0:= SUB_DSZN(tmpv1, tmpv0) U772a: 000cc6180200 SAVEUIP(0x00, uret1) 01b34d80 SEQW GOTO U334d ------------------------------------------------------------------------------------ U772c: 000000000000 NOP U772d: 000000000000 NOP U772e: 000000000000 NOP 01c40696 SEQW SAVEUIP1 U7730 SEQW GOTO U4406 U7730: 000a44000200 TESTUSTATE(UCODE, 0x0044) 01cb9c00 ? SEQW GOTO U4b9c U7731: 000800000000 NOP U7732: 000800000000 NOP U7734: 000d04800000 SAVEUIP_REGOVR(0x01, U7735, 0x0004) 04b2cd00 SEQW GOTO U32cd U7735: 1042870c0240 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x387, 32) U7736: 0008005bc00b tmp12:= ZEROEXT_DSZ32(0x00007600) U7738: 00553f034200 tmp4:= BTS_DSZ64(0x00000000, 0x0000003f) U7739: 0e750003003c LFNCEWAIT-> tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U773a: 000702032230 tmp2:= NOTAND_DSZ32(tmp0, 0x00000002) U773c: 00643b032232 tmp2:= SHL_DSZ64(tmp2, 0x0000003b) U773d: 005430030230 tmp0:= BT_DSZ64(tmp0, 0x00000030) U773e: 0e752003103c LFNCEMARK-> tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U7740: 004400034c74 tmp4:= AND_DSZ64(tmp4, tmp1) U7741: 1062870f3240 LFNCEWAIT-> tmp3:= MOVEFROMCREG_DSZ64(0x387, 32) U7742: 007300033cf0 tmp3:= SELECTCC_DSZ64_CONDNB(tmp0, tmp3) U7744: 1042830c0270 MOVETOCREG_DSZ64(tmp0, 0x383, 32) U7745: 19a2880c0630 MOVETOCREG_SHR_DSZ64(tmp0, 0x00000020, 0x388) U7746: 004400034cf4 tmp4:= AND_DSZ64(tmp4, tmp3) U7748: 006501034234 tmp4:= SHR_DSZ64(tmp4, 0x00000001) U7749: 004700033cf2 tmp3:= NOTAND_DSZ64(tmp2, tmp3) U774a: 004100031c74 tmp1:= OR_DSZ64(tmp4, tmp1) U774c: 1902870c0cf1 LFNCEMARK-> MOVETOCREG_OR_DSZ64(tmp1, tmp3, 0x387) U774d: 0008405bc00b tmp12:= ZEROEXT_DSZ32(0x00007640) U774e: 000800000000 NOP U7750: 0e750003103c LFNCEWAIT-> tmp1:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7751: 1042860c0271 MOVETOCREG_DSZ64(tmp1, 0x386, 32) U7752: 0e752003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U7754: 1042850c0272 MOVETOCREG_DSZ64(tmp2, 0x385, 32) U7755: 0008805bc00b tmp12:= ZEROEXT_DSZ32(0x00007680) U7756: 0e750003603c LFNCEWAIT-> tmp6:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7758: 1042e9080276 MOVETOCREG_DSZ64(tmp6, 0x2e9, 32) U7759: 19a2920c0636 MOVETOCREG_SHR_DSZ64(tmp6, 0x00000020, 0x392) U775a: 0e752003803c tmp8:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12, 0x00000020) U775c: 10420c080278 MOVETOCREG_DSZ64(tmp8, 0x20c, 32) U775d: 00652003a238 tmp10:= SHR_DSZ64(tmp8, 0x00000020) U775e: 3962384ba2ba tmp10:= MOVETOCREG_BTS_DSZ64(tmp10, 0x00000009, 0x238) 01cb9e80 SEQW GOTO U4b9e ------------------------------------------------------------------------------------ U7760: 000000000000 NOP U7761: 000000000000 NOP U7762: 086adc8c03fc BTUJB_DIRECT_NOTTAKEN(tmp12, 0x0000001e, U03dc) 01bad096 SEQW SAVEUIP1 U7764 SEQW GOTO U3ad0 U7764: 00080703b008 tmp11:= ZEROEXT_DSZ32(0x00000007) U7765: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U7766: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01f76d80 ? SEQW GOTO U776d U7768: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01f76c00 ? SEQW GOTO U776c U7769: 1062870f0240 tmp0:= MOVEFROMCREG_DSZ64(0x387, 32) U776a: 0e7d205b000b STADSTGBUF_DSZ64_ASZ16_SC1(0x00007620, tmp0) U776c: 3042870c0240 MOVETOCREG_DSZ64(0x00000000, 0x387, 32) U776d: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01f77640 ? SEQW GOTO U7776 U776e: 10621d0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x21d, 32) U7770: 001408031231 tmp1:= BT_DSZ32(tmp1, 0x00000008) U7771: 0033006f1271 tmp1:= SELECTCC_DSZ32_CONDNB(tmp1, 0x00003b00) U7772: 0000c0031c48 tmp1:= ADD_DSZ32(0x000000c0, tmp1) U7774: 0062931b5200 tmp5:= MOVEFROMCREG_DSZ64(0x693) U7775: 0e7d00035031 STADSTGBUF_DSZ64_ASZ16_SC1(tmp1, tmp5) U7776: 204293180200 MOVETOCREG_DSZ64(0x00000000, 0x693) U7778: 1062850b0240 tmp0:= MOVEFROMCREG_DSZ64(CTAP_CR_DFX_CTL_STS, 32) U7779: 1a6285cb02b0 tmp0:= MOVETOCREG_BTR_DSZ64(tmp0, 0x0000000b, CTAP_CR_DFX_CTL_STS) U777a: 2d0b401f100a tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00004740) U777c: 022200033031 tmp3:= unk_222(tmp1) U777d: 2d0b441f200a tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x00004744) U777e: 022200032032 tmp2:= unk_222(tmp2) U7780: 00e100030cf2 tmp0:= CONCAT_DSZ8(tmp2, tmp3) U7781: 00a100030c31 tmp0:= CONCAT_DSZ16(tmp1, tmp0) U7782: 2d0b60032008 tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x00000060) U7784: 002100030cb0 tmp0:= CONCAT_DSZ32(tmp0, tmp2) U7785: 002501032232 tmp2:= SHR_DSZ32(tmp2, 0x00000001) U7786: 000601032c88 tmp2:= XOR_DSZ32(0x00000001, tmp2) U7788: 009400032cb1 tmp2:= BT_DSZ16(tmp1, tmp2) U7789: 003301032232 tmp2:= SELECTCC_DSZ32_CONDNB(tmp2, 0x00000001) U778a: 00642f032232 tmp2:= SHL_DSZ64(tmp2, 0x0000002f) U778c: 004100030c32 tmp0:= OR_DSZ64(tmp2, tmp0) U778d: 004320000230 WRITEURAM(tmp0, 0x0020, 64) U778e: 000402030c08 tmp0:= AND_DSZ32(0x00000002, tmp0) U7790: 006427030230 tmp0:= SHL_DSZ64(tmp0, 0x00000027) U7791: 0062011f1200 tmp1:= MOVEFROMCREG_DSZ64(0x701) U7792: 0902011c0c31 MOVETOCREG_OR_DSZ64(tmp1, tmp0, 0x701) U7794: 006335035200 tmp5:= READURAM(0x0035, 64) U7795: 386b9edd0235 BTUJNB_DIRECT_NOTTAKEN(tmp5, 0x00000003, U779e) U7796: 2d0b005f200c tmp2:= PORTIN_DSZ32_ASZ16_SC1(0x00009700) U7798: 00040c032c88 LFNCEMARK-> tmp2:= AND_DSZ32(0x0000000c, tmp2) U7799: 006424032232 tmp2:= SHL_DSZ64(tmp2, 0x00000024) U779a: 00635c035200 tmp5:= READURAM(0x005c, 64) U779c: 004100035d72 tmp5:= OR_DSZ64(tmp2, tmp5) U779d: 20435c040235 WRITEURAM(tmp5, 0x015c, 64) U779e: 206320033200 tmp3:= READURAM(0x0020, 64) U77a0: 0004ff033cc8 tmp3:= AND_DSZ32(0x000000ff, tmp3) U77a1: 3042b9080273 MOVETOCREG_DSZ64(tmp3, 0x2b9, 32) U77a2: 1062310b6240 LFNCEWAIT-> tmp6:= MOVEFROMCREG_DSZ64(0x231, 32) 035e2192 SEQW SAVEUIP0 U77a4 SEQW GOTO U5e21 U77a4: 1062230b6240 tmp6:= MOVEFROMCREG_DSZ64(0x223, 32) U77a5: 000197036d88 tmp6:= OR_DSZ32(0x00000097, tmp6) U77a6: 304223080276 MOVETOCREG_DSZ64(tmp6, 0x223, 32) U77a8: 000800000000 NOP U77a9: 000800000000 NOP U77aa: 3902a1480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x2a1) U77ac: 000a04000200 TESTUSTATE(UCODE, 0x0004) 01f7c600 ? SEQW GOTO U77c6 U77ad: 000800000000 NOP U77ae: 000800000000 NOP U77b0: 000d01800000 SYNCWAIT-> SAVEUIP_REGOVR(0x01, U77b1, 0x0001) 0a32cd00 SEQW GOTO U32cd U77b1: 10629c0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x39c, 32) U77b2: 000803031008 tmp1:= ZEROEXT_DSZ32(0x00000003) U77b4: 006413031231 tmp1:= SHL_DSZ64(tmp1, 0x00000013) U77b5: 004700030c31 tmp0:= NOTAND_DSZ64(tmp1, tmp0) U77b6: 19629ccc0330 MOVETOCREG_BTS_DSZ64(tmp0, 0x00000013, 0x39c) U77b8: 000880030008 tmp0:= ZEROEXT_DSZ32(0x00000080) U77b9: 000802031008 tmp1:= ZEROEXT_DSZ32(0x00000002) U77ba: 000c7a080200 SAVEUIP(0x00, U027a) 0197f696 SEQW SAVEUIP1 U77bc SEQW GOTO U17f6 U77bc: 1062e60b3240 tmp3:= MOVEFROMCREG_DSZ64(0x2e6, 32) U77bd: 00a14b031008 tmp1:= CONCAT_DSZ16(0x0000004b) U77be: 1902e6080c73 MOVETOCREG_OR_DSZ64(tmp3, tmp1, 0x2e6) 01ec8696 SEQW SAVEUIP1 U77c0 SEQW GOTO U6c86 U77c0: 396289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) U77c1: 10622a0b1240 tmp1:= MOVEFROMCREG_DSZ64(0x22a, 32) U77c2: 19622ac80331 MOVETOCREG_BTS_DSZ64(tmp1, 0x00000013, 0x22a) U77c4: 1062130b1240 tmp1:= MOVEFROMCREG_DSZ64(0x213, 32) U77c5: 196213c803f1 MOVETOCREG_BTS_DSZ64(tmp1, 0x0000001f, 0x213) U77c6: 0eff00000000 LFNCEWAIT-> unk_eff(0x00000000) U77c8: 206320030200 tmp0:= READURAM(0x0020, 64) U77c9: 286a46f903f0 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x0000001f, U5e46) U77ca: 000d00000000 SAVEUIP_REGOVR(0x00, U77cc, 0x0000) 01872580 SEQW GOTO U0725 U77cc: 00080903f008 tmp15:= ZEROEXT_DSZ32(0x00000009) 090000d0 SEQW SAVEUIP0 U77cd U77cd: 2d0bc0030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000c0) U77ce: 086b82c00230 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000003, U0082) U77d0: 00080a03b008 tmp11:= ZEROEXT_DSZ32(0x0000000a) U77d1: 00437308023b WRITEURAM(tmp11, 0x0073, 32) U77d2: 000c52335200 tmp5:= SAVEUIP(0x00, U0c52) 01dee880 SEQW GOTO U5ee8 ------------------------------------------------------------------------------------ U77d4: 000000000000 NOP U77d5: 000000000000 NOP U77d6: 3902f3880200 MOVETOCREG_OR_DSZ64(0x00000002, 0x2f3) 0184fc92 SEQW SAVEUIP0 U77d8 SEQW GOTO U04fc U77d8: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01b7a200 ? SEQW GOTO U37a2 U77d9: 000000000000 NOP U77da: 000800000000 NOP U77dc: 00630f03b200 tmp11:= READURAM(0x000f, 64) 01b04810 SEQW SAVEUIP0 U77dd SEQW GOTO U3048 U77dd: 1062c40b2240 tmp2:= MOVEFROMCREG_DSZ64(ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U77de: 000160032c88 tmp2:= OR_DSZ32(0x00000060, tmp2) U77e0: 3042c4080272 MOVETOCREG_DSZ64(tmp2, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U77e1: 000140030008 tmp0:= OR_DSZ32(0x00000040) U77e2: 1042d50b9270 tmp9:= MOVETOCREG_DSZ64(tmp0, 0x2d5, 32) U77e4: 3062d40b0279 tmp0:= MOVEFROMCREG_DSZ64(tmp9, 0x2d4, 32) U77e5: 386ae41d0270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U77e4) U77e6: 1062d90ba240 LFNCEMARK-> tmp10:= MOVEFROMCREG_DSZ64(0x2d9, 32) U77e8: 000400070c08 tmp0:= AND_DSZ32(0x00000100, tmp0) U77e9: 017e0003ac3a tmp10:= MOVEMERGEFLGS_DSZ64(tmp10, tmp0) U77ea: 0175ff7fa7fa tmp10:= CMOVCC_DSZ64_CONDNZ(tmp10, 0xffffffffffffffff) U77ec: 1062d00b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d0, 32) U77ed: 004500030eb0 tmp0:= SUB_DSZ64(tmp0, tmp10) U77ee: 0052b55402f0 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U75b5) U77f0: 0e75405f900d tmp9:= LDSTGBUF_DSZ64_ASZ16_SC1(0x0000b740) U77f1: 004500039c39 tmp9:= SUB_DSZ64(tmp9, tmp0) U77f2: 0152b55402f9 LFNCEWTMRK-> UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp9, U75b5) U77f4: 2d4f581ba00a PORTOUT_DSZ64_ASZ16_SC1(0x00004658, tmp10) U77f5: 000d08800000 SAVEUIP_REGOVR(0x01, U77f6, 0x0008) 01ab1540 SEQW GOTO lbsync_full U77f6: 09623a580240 MOVETOCREG_BTS_DSZ64(0x00000005, 0x63a) U77f8: 000e7f040200 WRMSLOOPCTRFBR(0x0000017f) U77f9: 000806038008 tmp8:= ZEROEXT_DSZ32(0x00000006) U77fa: 000800000000 NOP U77fc: 0def00000038 unk_def(tmp8) U77fd: 000040038e08 tmp8:= ADD_DSZ32(0x00000040, tmp8) U77fe: 000a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 01f7fc80 ? SEQW GOTO U77fc U7800: 0fef01000000 LBSYNC(0x00000001) U7801: 0fef01000000 LFNCEMARK-> LBSYNC(0x00000001) U7802: 1062230b8240 tmp8:= MOVEFROMCREG_DSZ64(0x223, 32) U7804: 000711038e08 tmp8:= NOTAND_DSZ32(0x00000011, tmp8) U7805: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01a90540 ? SEQW GOTO U2905 U7806: 396223080278 MOVETOCREG_BTS_DSZ64(tmp8, 0x00000004, 0x223) U7808: 1062d20b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2d2, 32) U7809: 00563f030230 tmp0:= BTR_DSZ64(tmp0, 0x0000003f) U780a: 00520c6002f0 LFNCEMARK-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U780c) 05781280 SEQW GOTO U7812 ------------------------------------------------------------------------------------ U780c: 2d0f4047000a PORTOUT_DSZ32_ASZ16_SC1(0x00005140, tmp0) U780d: 006520031230 tmp1:= SHR_DSZ64(tmp0, 0x00000020) U780e: 2d0f4447100a PORTOUT_DSZ32_ASZ16_SC1(0x00005144, tmp1) U7810: 1042d2080240 MOVETOCREG_DSZ64(0x00000000, 0x2d2, 32) U7811: 000d00800000 SAVEUIP_REGOVR(0x01, U7812, 0x0000) 01ab1540 SEQW GOTO lbsync_full U7812: 296272800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x072) U7814: 3042d3080240 MOVETOCREG_DSZ64(0x00000000, 0x2d3, 32) U7815: 00083d074010 tmp4:= ZEROEXT_DSZ32(0x01000000) U7816: 000001100240 ROVR<- ADD_DSZ32(0x00000000, 0x00002401) 01a5a59a SEQW SAVEUIP0 U7818 SEQW GOTO U25a5 U7818: 3062cf0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cf, 32) U7819: 386aad150270 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000004, U75ad) U781a: 001603030230 tmp0:= BTR_DSZ32(tmp0, 0x00000003) U781c: 00521d6002f0 UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp0, U781d) 01f81826 SEQW GOTO U7818 ------------------------------------------------------------------------------------ U781d: 1042cf080270 MOVETOCREG_DSZ64(tmp0, 0x2cf, 32) U781e: 000000000000 MSLOOP-> NOP U7820: 3902ce480200 MOVETOCREG_OR_DSZ64(0x00000001, 0x2ce) U7821: 3062ce0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2ce, 32) U7822: 386b24210230 BTUJNB_DIRECT_NOTTAKEN(tmp0, 0x00000000, U7824) 01f82180 SEQW GOTO U7821 ------------------------------------------------------------------------------------ U7824: 0008ff7f000f LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x0000ffff) U7825: 000800000000 NOP U7826: 000800000000 NOP U7828: 1042c4080270 LFNCEWAIT-> MOVETOCREG_DSZ64(tmp0, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U7829: 1062cf0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cf, 32) U782a: 1902cf880230 MOVETOCREG_OR_DSZ64(tmp0, 0x00000002, 0x2cf) U782c: 000a08000200 TESTUSTATE(UCODE, 0x0008) 01acba00 ? SEQW GOTO U2cba U782d: 00084077a00d tmp10:= ZEROEXT_DSZ32(0x0000bd40) U782e: 00630f030200 tmp0:= READURAM(0x000f, 64) U7830: 0007b9030c10 tmp0:= NOTAND_DSZ32(0x000f0000, tmp0) U7831: 001518030230 tmp0:= BTS_DSZ32(tmp0, 0x00000018) U7832: 2d0fb4030008 PORTOUT_DSZ32_ASZ16_SC1(0x000000b4, tmp0) U7834: 000a20800200 TESTUSTATE(UCODE, !0x0020) 01dd5400 ? SEQW GOTO U5d54 U7835: 000800000000 NOP U7836: 000800000000 NOP U7838: 000900000000 MOVE_DSZ32(0x00000000) 092ad014 SEQW SAVEUIP1 U7839 SEQW GOTO U2ad0 U7839: 0fef01000000 LBSYNC(0x00000001) U783a: 0fef07000000 SYNCFULL-> LBSYNC(0x00000007) U783c: 10629f0b0240 tmp0:= MOVEFROMCREG_DSZ64(UCODE_CR_PPPE_EVENT_STATUS, 32) U783d: 000400030c0e tmp0:= AND_DSZ32(0x0000c000, tmp0) U783e: 0151406002f0 UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, U7840) 01dd5580 SEQW GOTO U5d55 ------------------------------------------------------------------------------------ U7840: 000820030008 tmp0:= ZEROEXT_DSZ32(0x00000020) U7841: 00151f030230 tmp0:= BTS_DSZ32(tmp0, 0x0000001f) U7842: 00630e031200 tmp1:= READURAM(0x000e, 64) U7844: 006530031231 tmp1:= SHR_DSZ64(tmp1, 0x00000030) U7845: 00a1406312f1 tmp1:= CONCAT_DSZ16(tmp1, 0x00007840) U7846: 002100031c31 tmp1:= CONCAT_DSZ32(tmp1, tmp0) U7848: 20430e000231 WRITEURAM(tmp1, 0x000e, 64) U7849: 000d01080280 SAVEUIP_REGOVR(0x00, U784a, 0x4201) 01e0f640 SEQW GOTO U60f6 U784a: 000407032c88 tmp2:= AND_DSZ32(0x00000007, tmp2) U784c: 0150496002f2 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp2, U7849) U784d: 00083d072010 tmp2:= ZEROEXT_DSZ32(0x01000000) U784e: 000001080280 ROVR<- ADD_DSZ32(0x00000000, 0x00004201) 0825a59a SEQW SAVEUIP0 U7850 SEQW GOTO U25a5 U7850: 000d01080280 SAVEUIP_REGOVR(0x00, U7851, 0x4201) 0960f600 SEQW GOTO U60f6 U7851: 000407032c88 tmp2:= AND_DSZ32(0x00000007, tmp2) U7852: 0151506002f2 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp2, U7850) U7854: 000821030008 LFNCEMARK-> tmp0:= ZEROEXT_DSZ32(0x00000021) 04079e00 SEQW GOTO U079e ------------------------------------------------------------------------------------ U7855: 000000000000 NOP U7856: 000000000000 NOP U7858: 000000000000 NOP U7859: 000000000000 NOP U785a: 000000000000 NOP 01a0bd96 SEQW SAVEUIP1 U785c SEQW GOTO U20bd U785c: 00085e63500b tmp5:= ZEROEXT_DSZ32(0x0000785e) U785d: 100a20800240 TESTUSTATE(SYS, !UST_SMM | 0x2000) 09479840 ? SEQW GOTO U4798 U785e: 006370031200 SYNCFULL-> tmp1:= READURAM(0x0070, 64) U7860: 004338000231 WRITEURAM(tmp1, 0x0038, 64) U7861: 00621d030200 tmp0:= MOVEFROMCREG_DSZ64(0x01d) U7862: 002408037230 tmp7:= SHL_DSZ32(tmp0, 0x00000008) U7864: 10620f0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x20f, 32) U7865: 00436f000230 WRITEURAM(tmp0, 0x006f, 64) U7866: 0062f11f0200 tmp0:= MOVEFROMCREG_DSZ64(0x7f1) U7868: 20436d080230 WRITEURAM(tmp0, 0x006d, 32) U7869: 1062df0b1240 tmp1:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U786a: 386a6ea10271 BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000006, U786e) U786c: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U786d: 204367000230 WRITEURAM(tmp0, 0x0067, 64) U786e: 006265030200 SYNCFULL-> tmp0:= MOVEFROMCREG_DSZ64(0x065) U7870: 006420030230 tmp0:= SHL_DSZ64(tmp0, 0x00000020) U7871: 20436d040230 WRITEURAM(tmp0, 0x016d, 64) U7872: 20421d000200 MOVETOCREG_DSZ64(0x00000000, 0x01d) U7874: 2042f11c0200 MOVETOCREG_DSZ64(0x00000000, 0x7f1) U7875: 30420f080240 MOVETOCREG_DSZ64(0x00000000, 0x20f, 32) U7876: 00621e170200 tmp0:= MOVEFROMCREG_DSZ64(0x51e) U7878: 2a621e140230 MOVETOCREG_BTR_DSZ64(tmp0, 0x51e) U7879: 000401030c08 tmp0:= AND_DSZ32(0x00000001, tmp0) U787a: 00240f030230 tmp0:= SHL_DSZ32(tmp0, 0x0000000f) U787c: 000100037df0 tmp7:= OR_DSZ32(tmp0, tmp7) U787d: 0062c51b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c5) U787e: 000100037df0 tmp7:= OR_DSZ32(tmp0, tmp7) U7880: 2042c5180200 MOVETOCREG_DSZ64(0x00000000, 0x6c5) U7881: 1042c0080261 MOVETOCREG_DSZ64(rcx, 0x2c0, 32) U7882: 004363000222 WRITEURAM(rdx, 0x0063, 64) U7884: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U7885: 004718032c88 tmp2:= NOTAND_DSZ64(0x00000018, tmp2) U7886: 1042df080272 MOVETOCREG_DSZ64(tmp2, ROB1_CR_ICECTLPMR, 32) U7888: 0c4b40270000 tmp0:= RDSEGFLD(UNK_SEG_09, FLGS) U7889: 0062ff1f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7ff) U788a: 100a20800200 TESTUSTATE(SYS, !UST_SMM) 01f88d80 ? SEQW GOTO U788d U788c: 00151f031231 tmp1:= BTS_DSZ32(tmp1, 0x0000001f) U788d: 002100031c70 tmp1:= CONCAT_DSZ32(tmp0, tmp1) U788e: 1042c1080271 MOVETOCREG_DSZ64(tmp1, 0x2c1, 32) U7890: 004368000220 WRITEURAM(rax, 0x0068, 64) U7891: 0062f61f2200 tmp2:= MOVEFROMCREG_DSZ64(CORE_CR_CR0) U7892: 004369000232 WRITEURAM(tmp2, 0x0069, 64) U7894: 006343030200 tmp0:= READURAM(0x0043, 64) U7895: 004364000230 WRITEURAM(tmp0, 0x0064, 64) U7896: 0062c31b0200 tmp0:= MOVEFROMCREG_DSZ64(0x6c3) U7898: 000400071c08 tmp1:= AND_DSZ32(0x00000100, tmp0) U7899: 002508031231 tmp1:= SHR_DSZ32(tmp1, 0x00000008) U789a: 004365080231 WRITEURAM(tmp1, 0x0065, 32) U789c: 0a62c31802b0 MOVETOCREG_BTR_DSZ64(tmp0, 0x00000008, 0x6c3) U789d: 002410030230 tmp0:= SHL_DSZ32(tmp0, 0x00000010) U789e: 000100037df0 tmp7:= OR_DSZ32(tmp0, tmp7) U78a0: 004326080237 WRITEURAM(tmp7, 0x0026, 32) U78a1: 000802030008 tmp0:= ZEROEXT_DSZ32(0x00000002) U78a2: 1042f3080270 MOVETOCREG_DSZ64(tmp0, 0x2f3, 32) U78a4: 004307080200 WRITEURAM(0x00000000, 0x0007, 32) U78a5: 00635c031200 tmp1:= READURAM(0x005c, 64) U78a6: 0062c61f0200 LFNCEMARK-> tmp0:= MOVEFROMCREG_DSZ64(0x7c6) U78a8: 000403030c08 tmp0:= AND_DSZ32(0x00000003, tmp0) U78a9: 00241b030230 tmp0:= SHL_DSZ32(tmp0, 0x0000001b) U78aa: 000796071c50 tmp1:= NOTAND_DSZ32(0x18000000, tmp1) U78ac: 000100031c70 tmp1:= OR_DSZ32(tmp0, tmp1) U78ad: 00435c080231 WRITEURAM(tmp1, 0x005c, 32) U78ae: 0902b4000280 MOVETOCREG_OR_DSZ64(0x00000008, 0x0b4) U78b0: 006350030200 tmp0:= READURAM(0x0050, 64) U78b1: 002510030230 tmp0:= SHR_DSZ32(tmp0, 0x00000010) U78b2: 000583030c08 tmp0:= SUB_DSZ32(0x00000083, tmp0) U78b4: 0150b96002f0 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp0, U78b9) U78b5: 006267030200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U78b6: 014300300c00 AETTRACE(0x0c, tmp0) U78b8: 014300380000 AETTRACE(0x0e) U78b9: 100a20000200 TESTUSTATE(SYS, UST_SMM) 01f8c440 ? SEQW GOTO U78c4 U78ba: 000800000000 NOP U78bc: 100a40800200 TESTUSTATE(SYS, !UST_VMX_DUAL_MON) 01f8c000 ? SEQW GOTO U78c0 U78bd: 086b3c0102b1 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000008, U403c) U78be: 000800000000 NOP U78c0: 000d00800000 LFNCEMARK-> SAVEUIP_REGOVR(0x01, U78c1, 0x0000) 0438c200 SEQW GOTO U38c2 U78c1: 000800000000 NOP U78c2: 000800000000 NOP U78c4: 000000000000 SYNCFULL-> NOP U78c5: 000d00800000 SAVEUIP_REGOVR(0x01, U78c6, 0x0000) 082b1540 SEQW GOTO lbsync_full U78c6: 0962e11c0200 MOVETOCREG_BTS_DSZ64(0x7e1) U78c8: 0062c31b1200 tmp1:= MOVEFROMCREG_DSZ64(0x6c3) U78c9: 0a62c3180271 MOVETOCREG_BTR_DSZ64(tmp1, 0x00000004, 0x6c3) U78ca: 1062cd0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cd, 32) U78cc: 3962cd880330 SYNCFULL-> MOVETOCREG_BTS_DSZ64(tmp0, 0x00000012, 0x2cd) U78cd: 00085e031010 tmp1:= ZEROEXT_DSZ32(0x00013fff) U78ce: 1042c4080271 MOVETOCREG_DSZ64(tmp1, ML3_CR_PIC_GLOBAL_EVENT_INHIBIT, 32) U78d0: 00081c071010 tmp1:= ZEROEXT_DSZ32(0x007fcfcc) U78d1: 004208000231 SYNCFULL-> MOVETOCREG_DSZ64(tmp1, 0x008) U78d2: 004200000200 MOVETOCREG_DSZ64(0x00000000, 0x000) U78d4: 1062df0b2240 tmp2:= MOVEFROMCREG_DSZ64(ROB1_CR_ICECTLPMR, 32) U78d5: 386ba5940232 BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000002, exit_probe_mode) U78d6: 386bd4e10232 SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp2, 0x00000003, U78d4) U78d8: 1062cd0b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2cd, 32) U78d9: 1a62cd880330 SYNCFULL-> MOVETOCREG_BTR_DSZ64(tmp0, 0x00000012, 0x2cd) U78da: 125400000000 FETCHFROMEIP0_ASZ64(0x00000000) 088000fe SEQW UEND3 ------------------------------------------------------------------------------------ U78dc: 000000000000 NOP U78dd: 000000000000 NOP U78de: 000000000000 NOP U78e0: 000000000000 NOP U78e1: 000000000000 NOP U78e2: 000000000000 NOP U78e4: 000000000000 NOP U78e5: 000000000000 NOP U78e6: 000000000000 NOP U78e8: 000000000000 NOP U78e9: 000000000000 NOP U78ea: 000000000000 NOP U78ec: 000000000000 NOP U78ed: 000000000000 NOP U78ee: 000000000000 NOP U78f0: 000000000000 NOP U78f1: 000000000000 NOP U78f2: 000000000000 NOP U78f4: 000000000000 NOP U78f5: 000000000000 NOP U78f6: 000000000000 NOP U78f8: 000000000000 NOP U78f9: 000000000000 NOP U78fa: 000000000000 NOP U78fc: 000000000000 NOP U78fd: 000000000000 NOP U78fe: 000000000000 NOP U7900: 000000000000 NOP U7901: 000000000000 NOP U7902: 000000000000 NOP U7904: 000000000000 NOP U7905: 000000000000 NOP U7906: 000000000000 NOP U7908: 000000000000 NOP U7909: 000000000000 NOP U790a: 000000000000 NOP U790c: 000000000000 NOP U790d: 000000000000 NOP U790e: 000000000000 NOP U7910: 000000000000 NOP U7911: 000000000000 NOP U7912: 000000000000 NOP U7914: 000000000000 NOP U7915: 000000000000 NOP U7916: 000000000000 NOP U7918: 000000000000 NOP U7919: 000000000000 NOP U791a: 000000000000 NOP U791c: 000000000000 NOP U791d: 000000000000 NOP U791e: 000000000000 NOP U7920: 000000000000 NOP U7921: 000000000000 NOP U7922: 000000000000 NOP U7924: 000000000000 NOP U7925: 000000000000 NOP U7926: 000000000000 NOP U7928: 000000000000 NOP U7929: 000000000000 NOP U792a: 000000000000 NOP U792c: 000000000000 NOP U792d: 000000000000 NOP U792e: 000000000000 NOP U7930: 000000000000 NOP U7931: 000000000000 NOP U7932: 000000000000 NOP U7934: 000000000000 NOP U7935: 000000000000 NOP U7936: 000000000000 NOP U7938: 000000000000 NOP U7939: 000000000000 NOP U793a: 000000000000 NOP U793c: 000000000000 NOP U793d: 000000000000 NOP U793e: 000000000000 NOP U7940: 000000000000 NOP U7941: 000000000000 NOP U7942: 000000000000 NOP U7944: 000000000000 NOP U7945: 000000000000 NOP U7946: 000000000000 NOP U7948: 000000000000 NOP U7949: 000000000000 NOP U794a: 000000000000 NOP U794c: 000000000000 NOP U794d: 000000000000 NOP U794e: 000000000000 NOP U7950: 000000000000 NOP U7951: 000000000000 NOP U7952: 000000000000 NOP U7954: 000000000000 NOP U7955: 000000000000 NOP U7956: 000000000000 NOP U7958: 000000000000 NOP U7959: 000000000000 NOP U795a: 000000000000 NOP U795c: 000000000000 NOP U795d: 000000000000 NOP U795e: 000000000000 NOP U7960: 000000000000 NOP U7961: 000000000000 NOP U7962: 000000000000 NOP U7964: 000000000000 NOP U7965: 000000000000 NOP U7966: 000000000000 NOP U7968: 000000000000 NOP U7969: 000000000000 NOP U796a: 000000000000 NOP U796c: 000000000000 NOP U796d: 000000000000 NOP U796e: 000000000000 NOP U7970: 000000000000 NOP U7971: 000000000000 NOP U7972: 000000000000 NOP U7974: 000000000000 NOP U7975: 000000000000 NOP U7976: 000000000000 NOP U7978: 000000000000 NOP U7979: 000000000000 NOP U797a: 000000000000 NOP U797c: 000000000000 NOP U797d: 000000000000 NOP U797e: 000000000000 NOP U7980: 000000000000 NOP U7981: 000000000000 NOP U7982: 000000000000 NOP U7984: 000000000000 NOP U7985: 000000000000 NOP U7986: 000000000000 NOP U7988: 000000000000 NOP U7989: 000000000000 NOP U798a: 000000000000 NOP U798c: 000000000000 NOP U798d: 000000000000 NOP U798e: 000000000000 NOP U7990: 000000000000 NOP U7991: 000000000000 NOP U7992: 000000000000 NOP U7994: 000000000000 NOP U7995: 000000000000 NOP U7996: 000000000000 NOP U7998: 000000000000 NOP U7999: 000000000000 NOP U799a: 000000000000 NOP U799c: 000000000000 NOP U799d: 000000000000 NOP U799e: 000000000000 NOP U79a0: 000000000000 NOP U79a1: 000000000000 NOP U79a2: 000000000000 NOP U79a4: 000000000000 NOP U79a5: 000000000000 NOP U79a6: 000000000000 NOP U79a8: 000000000000 NOP U79a9: 000000000000 NOP U79aa: 000000000000 NOP U79ac: 000000000000 NOP U79ad: 000000000000 NOP U79ae: 000000000000 NOP U79b0: 000000000000 NOP U79b1: 000000000000 NOP U79b2: 000000000000 NOP U79b4: 000000000000 NOP U79b5: 000000000000 NOP U79b6: 000000000000 NOP U79b8: 000000000000 NOP U79b9: 000000000000 NOP U79ba: 000000000000 NOP U79bc: 000000000000 NOP U79bd: 000000000000 NOP U79be: 000000000000 NOP U79c0: 000000000000 NOP U79c1: 000000000000 NOP U79c2: 000000000000 NOP U79c4: 000000000000 NOP U79c5: 000000000000 NOP U79c6: 000000000000 NOP U79c8: 000000000000 NOP U79c9: 000000000000 NOP U79ca: 000000000000 NOP U79cc: 000000000000 NOP U79cd: 000000000000 NOP U79ce: 000000000000 NOP U79d0: 000000000000 NOP U79d1: 000000000000 NOP U79d2: 000000000000 NOP U79d4: 000000000000 NOP U79d5: 000000000000 NOP U79d6: 000000000000 NOP U79d8: 000000000000 NOP U79d9: 000000000000 NOP U79da: 000000000000 NOP U79dc: 000000000000 NOP U79dd: 000000000000 NOP U79de: 000000000000 NOP U79e0: 000000000000 NOP U79e1: 000000000000 NOP U79e2: 000000000000 NOP U79e4: 000000000000 NOP U79e5: 000000000000 NOP U79e6: 000000000000 NOP U79e8: 000000000000 NOP U79e9: 000000000000 NOP U79ea: 000000000000 NOP U79ec: 000000000000 NOP U79ed: 000000000000 NOP U79ee: 000000000000 NOP U79f0: 000000000000 NOP U79f1: 000000000000 NOP U79f2: 000000000000 NOP U79f4: 000000000000 NOP U79f5: 000000000000 NOP U79f6: 000000000000 NOP U79f8: 000000000000 NOP U79f9: 000000000000 NOP U79fa: 000000000000 NOP U79fc: 000000000000 NOP U79fd: 000000000000 NOP U79fe: 000000000000 NOP U7a00: 000000000000 NOP U7a01: 000000000000 NOP U7a02: 000000000000 NOP U7a04: 000000000000 NOP U7a05: 000000000000 NOP U7a06: 000000000000 NOP U7a08: 000000000000 NOP U7a09: 000000000000 NOP U7a0a: 000000000000 NOP U7a0c: 000000000000 NOP U7a0d: 000000000000 NOP U7a0e: 000000000000 NOP U7a10: 000000000000 NOP U7a11: 000000000000 NOP U7a12: 000000000000 NOP U7a14: 000000000000 NOP U7a15: 000000000000 NOP U7a16: 000000000000 NOP U7a18: 000000000000 NOP U7a19: 000000000000 NOP U7a1a: 000000000000 NOP U7a1c: 000000000000 NOP U7a1d: 000000000000 NOP U7a1e: 000000000000 NOP U7a20: 000000000000 NOP U7a21: 000000000000 NOP U7a22: 000000000000 NOP U7a24: 000000000000 NOP U7a25: 000000000000 NOP U7a26: 000000000000 NOP U7a28: 000000000000 NOP U7a29: 000000000000 NOP U7a2a: 000000000000 NOP U7a2c: 000000000000 NOP U7a2d: 000000000000 NOP U7a2e: 000000000000 NOP U7a30: 000000000000 NOP U7a31: 000000000000 NOP U7a32: 000000000000 NOP U7a34: 000000000000 NOP U7a35: 000000000000 NOP U7a36: 000000000000 NOP U7a38: 000000000000 NOP U7a39: 000000000000 NOP U7a3a: 000000000000 NOP U7a3c: 000000000000 NOP U7a3d: 000000000000 NOP U7a3e: 000000000000 NOP U7a40: 000000000000 NOP U7a41: 000000000000 NOP U7a42: 000000000000 NOP U7a44: 000000000000 NOP U7a45: 000000000000 NOP U7a46: 000000000000 NOP U7a48: 000000000000 NOP U7a49: 000000000000 NOP U7a4a: 000000000000 NOP U7a4c: 000000000000 NOP U7a4d: 000000000000 NOP U7a4e: 000000000000 NOP U7a50: 000000000000 NOP U7a51: 000000000000 NOP U7a52: 000000000000 NOP U7a54: 000000000000 NOP U7a55: 000000000000 NOP U7a56: 000000000000 NOP U7a58: 000000000000 NOP U7a59: 000000000000 NOP U7a5a: 000000000000 NOP U7a5c: 000000000000 NOP U7a5d: 000000000000 NOP U7a5e: 000000000000 NOP U7a60: 000000000000 NOP U7a61: 000000000000 NOP U7a62: 000000000000 NOP U7a64: 000000000000 NOP U7a65: 000000000000 NOP U7a66: 000000000000 NOP U7a68: 000000000000 NOP U7a69: 000000000000 NOP U7a6a: 000000000000 NOP U7a6c: 000000000000 NOP U7a6d: 000000000000 NOP U7a6e: 000000000000 NOP U7a70: 000000000000 NOP U7a71: 000000000000 NOP U7a72: 000000000000 NOP U7a74: 000000000000 NOP U7a75: 000000000000 NOP U7a76: 000000000000 NOP U7a78: 000000000000 NOP U7a79: 000000000000 NOP U7a7a: 000000000000 NOP U7a7c: 000000000000 NOP U7a7d: 000000000000 NOP U7a7e: 000000000000 NOP U7a80: 000000000000 NOP U7a81: 000000000000 NOP U7a82: 000000000000 NOP U7a84: 000000000000 NOP U7a85: 000000000000 NOP U7a86: 000000000000 NOP U7a88: 000000000000 NOP U7a89: 000000000000 NOP U7a8a: 000000000000 NOP U7a8c: 000000000000 NOP U7a8d: 000000000000 NOP U7a8e: 000000000000 NOP U7a90: 000000000000 NOP U7a91: 000000000000 NOP U7a92: 000000000000 NOP U7a94: 000000000000 NOP U7a95: 000000000000 NOP U7a96: 000000000000 NOP U7a98: 000000000000 NOP U7a99: 000000000000 NOP U7a9a: 000000000000 NOP U7a9c: 000000000000 NOP U7a9d: 000000000000 NOP U7a9e: 000000000000 NOP U7aa0: 000000000000 NOP U7aa1: 000000000000 NOP U7aa2: 000000000000 NOP U7aa4: 000000000000 NOP U7aa5: 000000000000 NOP U7aa6: 000000000000 NOP U7aa8: 000000000000 NOP U7aa9: 000000000000 NOP U7aaa: 000000000000 NOP U7aac: 000000000000 NOP U7aad: 000000000000 NOP U7aae: 000000000000 NOP U7ab0: 000000000000 NOP U7ab1: 000000000000 NOP U7ab2: 000000000000 NOP U7ab4: 000000000000 NOP U7ab5: 000000000000 NOP U7ab6: 000000000000 NOP U7ab8: 000000000000 NOP U7ab9: 000000000000 NOP U7aba: 000000000000 NOP U7abc: 000000000000 NOP U7abd: 000000000000 NOP U7abe: 000000000000 NOP U7ac0: 000000000000 NOP U7ac1: 000000000000 NOP U7ac2: 000000000000 NOP U7ac4: 000000000000 NOP U7ac5: 000000000000 NOP U7ac6: 000000000000 NOP U7ac8: 000000000000 NOP U7ac9: 000000000000 NOP U7aca: 000000000000 NOP U7acc: 000000000000 NOP U7acd: 000000000000 NOP U7ace: 000000000000 NOP U7ad0: 000000000000 NOP U7ad1: 000000000000 NOP U7ad2: 000000000000 NOP U7ad4: 000000000000 NOP U7ad5: 000000000000 NOP U7ad6: 000000000000 NOP U7ad8: 000000000000 NOP U7ad9: 000000000000 NOP U7ada: 000000000000 NOP U7adc: 000000000000 NOP U7add: 000000000000 NOP U7ade: 000000000000 NOP U7ae0: 000000000000 NOP U7ae1: 000000000000 NOP U7ae2: 000000000000 NOP U7ae4: 000000000000 NOP U7ae5: 000000000000 NOP U7ae6: 000000000000 NOP U7ae8: 000000000000 NOP U7ae9: 000000000000 NOP U7aea: 000000000000 NOP U7aec: 000000000000 NOP U7aed: 000000000000 NOP U7aee: 000000000000 NOP U7af0: 000000000000 NOP U7af1: 000000000000 NOP U7af2: 000000000000 NOP U7af4: 000000000000 NOP U7af5: 000000000000 NOP U7af6: 000000000000 NOP U7af8: 000000000000 NOP U7af9: 000000000000 NOP U7afa: 000000000000 NOP U7afc: 000000000000 NOP U7afd: 000000000000 NOP U7afe: 000000000000 NOP U7b00: 000000000000 NOP U7b01: 000000000000 NOP U7b02: 000000000000 NOP U7b04: 000000000000 NOP U7b05: 000000000000 NOP U7b06: 000000000000 NOP U7b08: 000000000000 NOP U7b09: 000000000000 NOP U7b0a: 000000000000 NOP U7b0c: 000000000000 NOP U7b0d: 000000000000 NOP U7b0e: 000000000000 NOP U7b10: 000000000000 NOP U7b11: 000000000000 NOP U7b12: 000000000000 NOP U7b14: 000000000000 NOP U7b15: 000000000000 NOP U7b16: 000000000000 NOP U7b18: 000000000000 NOP U7b19: 000000000000 NOP U7b1a: 000000000000 NOP U7b1c: 000000000000 NOP U7b1d: 000000000000 NOP U7b1e: 000000000000 NOP U7b20: 000000000000 NOP U7b21: 000000000000 NOP U7b22: 000000000000 NOP U7b24: 000000000000 NOP U7b25: 000000000000 NOP U7b26: 000000000000 NOP U7b28: 000000000000 NOP U7b29: 000000000000 NOP U7b2a: 000000000000 NOP U7b2c: 000000000000 NOP U7b2d: 000000000000 NOP U7b2e: 000000000000 NOP U7b30: 000000000000 NOP U7b31: 000000000000 NOP U7b32: 000000000000 NOP U7b34: 000000000000 NOP U7b35: 000000000000 NOP U7b36: 000000000000 NOP U7b38: 000000000000 NOP U7b39: 000000000000 NOP U7b3a: 000000000000 NOP U7b3c: 000000000000 NOP U7b3d: 000000000000 NOP U7b3e: 000000000000 NOP U7b40: 000000000000 NOP U7b41: 000000000000 NOP U7b42: 000000000000 NOP U7b44: 000000000000 NOP U7b45: 000000000000 NOP U7b46: 000000000000 NOP U7b48: 000000000000 NOP U7b49: 000000000000 NOP U7b4a: 000000000000 NOP U7b4c: 000000000000 NOP U7b4d: 000000000000 NOP U7b4e: 000000000000 NOP U7b50: 000000000000 NOP U7b51: 000000000000 NOP U7b52: 000000000000 NOP U7b54: 000000000000 NOP U7b55: 000000000000 NOP U7b56: 000000000000 NOP U7b58: 000000000000 NOP U7b59: 000000000000 NOP U7b5a: 000000000000 NOP U7b5c: 000000000000 NOP U7b5d: 000000000000 NOP U7b5e: 000000000000 NOP U7b60: 000000000000 NOP U7b61: 000000000000 NOP U7b62: 000000000000 NOP U7b64: 000000000000 NOP U7b65: 000000000000 NOP U7b66: 000000000000 NOP U7b68: 000000000000 NOP U7b69: 000000000000 NOP U7b6a: 000000000000 NOP U7b6c: 000000000000 NOP U7b6d: 000000000000 NOP U7b6e: 000000000000 NOP U7b70: 000000000000 NOP U7b71: 000000000000 NOP U7b72: 000000000000 NOP U7b74: 000000000000 NOP U7b75: 000000000000 NOP U7b76: 000000000000 NOP U7b78: 000000000000 NOP U7b79: 000000000000 NOP U7b7a: 000000000000 NOP U7b7c: 000000000000 NOP U7b7d: 000000000000 NOP U7b7e: 000000000000 NOP U7b80: 000000000000 NOP U7b81: 000000000000 NOP U7b82: 000000000000 NOP U7b84: 000000000000 NOP U7b85: 000000000000 NOP U7b86: 000000000000 NOP U7b88: 000000000000 NOP U7b89: 000000000000 NOP U7b8a: 000000000000 NOP U7b8c: 000000000000 NOP U7b8d: 000000000000 NOP U7b8e: 000000000000 NOP U7b90: 000000000000 NOP U7b91: 000000000000 NOP U7b92: 000000000000 NOP U7b94: 000000000000 NOP U7b95: 000000000000 NOP U7b96: 000000000000 NOP U7b98: 000000000000 NOP U7b99: 000000000000 NOP U7b9a: 000000000000 NOP U7b9c: 000000000000 NOP U7b9d: 000000000000 NOP U7b9e: 000000000000 NOP U7ba0: 000000000000 NOP U7ba1: 000000000000 NOP U7ba2: 000000000000 NOP U7ba4: 000000000000 NOP U7ba5: 000000000000 NOP U7ba6: 000000000000 NOP U7ba8: 000000000000 NOP U7ba9: 000000000000 NOP U7baa: 000000000000 NOP U7bac: 000000000000 NOP U7bad: 000000000000 NOP U7bae: 000000000000 NOP U7bb0: 000000000000 NOP U7bb1: 000000000000 NOP U7bb2: 000000000000 NOP U7bb4: 000000000000 NOP U7bb5: 000000000000 NOP U7bb6: 000000000000 NOP U7bb8: 000000000000 NOP U7bb9: 000000000000 NOP U7bba: 000000000000 NOP U7bbc: 000000000000 NOP U7bbd: 000000000000 NOP U7bbe: 000000000000 NOP U7bc0: 000000000000 NOP U7bc1: 000000000000 NOP U7bc2: 000000000000 NOP U7bc4: 000000000000 NOP U7bc5: 000000000000 NOP U7bc6: 000000000000 NOP U7bc8: 000000000000 NOP U7bc9: 000000000000 NOP U7bca: 000000000000 NOP U7bcc: 000000000000 NOP U7bcd: 000000000000 NOP U7bce: 000000000000 NOP U7bd0: 000000000000 NOP U7bd1: 000000000000 NOP U7bd2: 000000000000 NOP U7bd4: 000000000000 NOP U7bd5: 000000000000 NOP U7bd6: 000000000000 NOP U7bd8: 000000000000 NOP U7bd9: 000000000000 NOP U7bda: 000000000000 NOP U7bdc: 000000000000 NOP U7bdd: 000000000000 NOP U7bde: 000000000000 NOP U7be0: 000000000000 NOP U7be1: 000000000000 NOP U7be2: 000000000000 NOP U7be4: 000000000000 NOP U7be5: 000000000000 NOP U7be6: 000000000000 NOP U7be8: 000000000000 NOP U7be9: 000000000000 NOP U7bea: 000000000000 NOP U7bec: 000000000000 NOP U7bed: 000000000000 NOP U7bee: 000000000000 NOP U7bf0: 000000000000 NOP U7bf1: 000000000000 NOP U7bf2: 000000000000 NOP U7bf4: 000000000000 NOP U7bf5: 000000000000 NOP U7bf6: 000000000000 NOP U7bf8: 000000000000 NOP U7bf9: 000000000000 NOP U7bfa: 000000000000 NOP U7bfc: 000000000000 NOP U7bfd: 000000000000 NOP U7bfe: 000004d3ebf4 tmp14:= ADD_DSZ32(tmp4, r15) U7c00: c0053d03ffc8 tmp15:= SUB_DSZ32(0x0000003d, tmp15) U7c01: 4152f45c027f UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U37f4) U7c02: c21e0303d23d LFNCEWTMRK-> tmp13:= SIGEVENT(tmp13, 0x00000003) 070000ce SEQW URET1 ------------------------------------------------------------------------------------ U7c04: 815d757002c0 SYNCFULL-> UJMP(U7c75) 18201a50 SEQW SAVEUIP0 U7c05 ------------------------------------------------------------------------------------ U7c05: 000c44f7e208 tmp14:= SAVEUIP(0x01, U1d44) 18201a50 SEQW GOTO U201a ------------------------------------------------------------------------------------ U7c06: 000000000000 NOP U7c08: 815d757002c0 SYNCFULL-> UJMP(U7c75) 18201a50 SEQW SAVEUIP0 U7c09 ------------------------------------------------------------------------------------ U7c09: 400c98f7e208 tmp14:= SAVEUIP(0x01, U1d98) 18201a50 SEQW GOTO U201a ------------------------------------------------------------------------------------ U7c0a: 400100030030 tmp0:= OR_DSZ32(tmp0) U7c0c: 415100000fb0 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, tmp14) 384c0600 SEQW GOTO U4c06 ------------------------------------------------------------------------------------ U7c0d: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U7c0e: 4004f007ffd0 tmp15:= AND_DSZ32(0x80000000, tmp15) U7c10: 80420000023f MOVETOCREG_DSZ64(tmp15, 0x000) 21a04800 SEQW GOTO U2048 ------------------------------------------------------------------------------------ U7c11: 20432b040200 WRITEURAM(0x00000000, 0x012b, 64) U7c12: c048fe7fc00a tmp12:= ZEROEXT_DSZ64(0x00005ffe) U7c14: c062f01f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7f0) 11a83400 SEQW GOTO U2834 ------------------------------------------------------------------------------------ U7c15: 006205071200 tmp1:= MOVEFROMCREG_DSZ64(0x105) U7c16: 586b119c0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000002, generate_#GP) U7c18: a04337080235 LFNCEMARK-> WRITEURAM(tmp5, 0x0037, 32) 2460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U7c19: 817000035d72 tmp5:= SELECTCC_DSZ64_CONDZ(tmp2, tmp5) U7c1a: 800509031c88 tmp1:= SUB_DSZ32(0x00000009, tmp2) U7c1c: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) 31fce000 SEQW GOTO U7ce0 ------------------------------------------------------------------------------------ U7c1d: c00d09800000 SAVEUIP_REGOVR(0x01, U7c1e, 0x0009) U7c1e: 400c24f002c0 SAVEUIP(0x01, U7c24) U7c20: 815d65700280 SYNCFULL-> UJMP(U5c65) ------------------------------------------------------------------------------------ U7c21: c00d09800000 SAVEUIP_REGOVR(0x01, U7c22, 0x0009) 085c6640 SEQW GOTO U5c66 U7c22: 2d0ba0030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U7c24: 41420b000f80 UFLOWCTRL(URET1, tmp14) U7c25: 415dca680280 SYNCFULL-> UJMP(U5aca) ------------------------------------------------------------------------------------ U7c26: 40880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) 28fc6192 SEQW SAVEUIP0 U7c28 SEQW GOTO U7c61 U7c28: 00012b039e48 tmp9:= OR_DSZ32(0x0000002b, tmp9) U7c29: 0152217002ff UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U7c21) 35763040 SEQW GOTO U7630 ------------------------------------------------------------------------------------ U7c2a: c042bb1c0200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x7bb) U7c2c: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U7c2d: 400e08400240 LFNCEWAIT-> WRMSLOOPCTRFBR(0x00003008) 12b39951 SEQW SAVEUIP0 U7c2e SEQW GOTO U3399 U7c2e: 800800000000 NOP U7c30: 800e06600240 WRMSLOOPCTRFBR(0x00003806) 21a03110 SEQW SAVEUIP0 U7c31 SEQW GOTO U2031 U7c31: 8000803fcfc9 tmp12:= ADD_DSZ32(0x00002f80, tmp15) U7c32: 8e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7c34: 804800035d72 tmp5:= ZEROEXT_DSZ64(tmp2, tmp5) U7c35: c042bb1f5235 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x7bb) 11a9ad40 SEQW GOTO U29ad ------------------------------------------------------------------------------------ U7c36: c86a1d50037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000015, U041d) U7c38: 80070043ef9f tmp14:= NOTAND_DSZ32(0xfffffffffffff000, tmp14) 0198b400 SEQW GOTO U18b4 ------------------------------------------------------------------------------------ U7c39: 000501031c88 tmp1:= SUB_DSZ32(0x00000001, tmp2) U7c3a: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) U7c3c: 400505031c88 tmp1:= SUB_DSZ32(0x00000005, tmp2) U7c3d: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) 21fce040 SEQW GOTO U7ce0 ------------------------------------------------------------------------------------ U7c3e: 29632b040600 unk_963(0xffffffffffff012b) U7c40: e96270800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x070) 04a83a00 SEQW GOTO U283a ------------------------------------------------------------------------------------ U7c41: e96272c003c0 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x0000001f, 0x072) U7c42: a0437f00023e WRITEURAM(tmp14, 0x007f, 64) U7c44: a90205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U7c45: 80636103e200 tmp14:= READURAM(0x0061, 64) U7c46: 00634503f200 tmp15:= READURAM(0x0045, 64) U7c48: 813f0003f03f tmp15:= unk_13f(tmp15) U7c49: 417e0003effe tmp14:= MOVEMERGEFLGS_DSZ64(tmp14, tmp15) U7c4a: 80630c03f200 LFNCEWAIT-> tmp15:= READURAM(0x000c, 64) 23204080 SEQW GOTO U2040 ------------------------------------------------------------------------------------ U7c4c: 815d0d7002c0 SYNCFULL-> UJMP(U7c0d) ------------------------------------------------------------------------------------ U7c4d: 10628e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x38e, 32) 285b9640 SEQW GOTO U5b96 ------------------------------------------------------------------------------------ U7c4e: 80210003fcbf tmp15:= CONCAT_DSZ32(tmp15, tmp2) U7c50: c0563103f23f tmp15:= BTR_DSZ64(tmp15, 0x00000031) 21d49c00 SEQW GOTO U549c ------------------------------------------------------------------------------------ U7c51: 40401803ce08 tmp12:= ADD_DSZ64(0x00000018, tmp8) U7c52: 806306030200 tmp0:= READURAM(0x0006, 64) U7c54: 808805030c08 tmp0:= ZEROEXT_DSZ16(0x00000005, tmp0) U7c55: 804147030c10 tmp0:= OR_DSZ64(0x00010000, tmp0) U7c56: 1062850f1240 tmp1:= MOVEFROMCREG_DSZ64(0x385, 32) U7c58: 9062810f2240 tmp2:= MOVEFROMCREG_DSZ64(0x381, 32) U7c59: 400e02000200 WRMSLOOPCTRFBR(0x00000002) U7c5a: 800c1c300280 SAVEUIP(0x00, U4c1c) 01805180 SEQW GOTO U0051 ------------------------------------------------------------------------------------ U7c5c: c00524071e08 tmp1:= SUB_DSZ32(0x00000124, tmp8) U7c5d: 4150157002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U7c15) 21a71140 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U7c5e: d962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U7c60: 286a8429027e BTUJB_DIRECT_NOTTAKEN(tmp14, 0x00000004, U5a84) 11a3ac00 SEQW GOTO U23ac ------------------------------------------------------------------------------------ U7c61: c0638a03f200 tmp15:= READURAM(0x008a, 64) U7c62: 80850803ffc8 tmp15:= SUB_DSZ16(0x00000008, tmp15) U7c64: 80850003dc7f tmp13:= SUB_DSZ16(tmp15, tmp1) U7c65: c0141003f23f tmp15:= BT_DSZ32(tmp15, 0x00000010) U7c66: 40330003ff7f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp13) U7c68: 40160403f23f tmp15:= BTR_DSZ32(tmp15, 0x00000004) U7c69: c0852403ffc8 tmp15:= SUB_DSZ16(0x00000024, tmp15) U7c6a: 40850b03ffc8 tmp15:= SUB_DSZ16(0x0000000b, tmp15) U7c6c: 40e100039032 tmp9:= CONCAT_DSZ8(tmp2) U7c6d: 00a100039e7d tmp9:= CONCAT_DSZ16(tmp13, tmp9) 11e1ea89 SEQW URET0 ------------------------------------------------------------------------------------ U7c6e: 00080003203a tmp2:= ZEROEXT_DSZ32(tmp10) 11e1ea89 SEQW GOTO U61ea ------------------------------------------------------------------------------------ U7c70: c06213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U7c71: 2a6213540734 LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp4, 0x00000031, 0x513) U7c72: 800800000000 NOP U7c74: 69620bc00240 LFNCEWTMRK-> MOVETOCREG_BTS_DSZ64(0x00000007, 0x00b) 26263c00 SEQW GOTO U263c ------------------------------------------------------------------------------------ U7c75: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U7c76: 00436100023e WRITEURAM(tmp14, 0x0061, 64) U7c78: 03800003f03e tmp15:= READAFLAGS(tmp14) U7c79: 80434500023f WRITEURAM(tmp15, 0x0045, 64) U7c7a: 40620403f200 tmp15:= MOVEFROMCREG_DSZ64(0x004) U7c7c: 00040303ffc8 tmp15:= AND_DSZ32(0x00000003, tmp15) U7c7d: 39299a71023f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000001, U7c9a) U7c7e: c0620c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x00c) U7c80: c004ff03ffc8 tmp15:= AND_DSZ32(0x000000ff, tmp15) U7c81: 392886f1077f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000037, U7c86) U7c82: 792886f1073f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000033, U7c86) U7c84: 40054703ffc8 tmp15:= SUB_DSZ32(0x00000047, tmp15) U7c85: 0150867002ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U7c86) 01fc9a40 SEQW GOTO U7c9a ------------------------------------------------------------------------------------ U7c86: 000e0c000200 WRMSLOOPCTRFBR(0x0000000c) U7c88: 40620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) U7c89: 80087817e008 tmp14:= ZEROEXT_DSZ32(0x00000578) U7c8a: 80000883ef88 tmp14:= ADD_DSZ32(IMM_MACRO_ALIAS_MSLOOPCTR, tmp14) U7c8c: c0a40503e23e tmp14:= SHL_DSZ16(tmp14, 0x00000005) U7c8d: ce750003e03e tmp14:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp14) U7c8e: 39289a310fbf CMPUJZ_DIRECT_NOTTAKEN(tmp15, tmp14, U7c9a) U7c90: c00a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 31fc8900 ? SEQW GOTO U7c89 U7c91: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U7c92: 40641003e23e tmp14:= SHL_DSZ64(tmp14, 0x00000010) U7c94: c0410003efbf tmp14:= OR_DSZ64(tmp15, tmp14) U7c95: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U7c96: 786b41f103ff BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7c41) U7c98: c0637f03f200 tmp15:= READURAM(0x007f, 64) U7c99: b92941310ffe CMPUJNZ_DIRECT_NOTTAKEN(tmp14, tmp15, U7c41) U7c9a: a9626dc003c0 MOVETOCREG_BTS_DSZ64(0x0000001f, 0x06d) U7c9c: 00620c036200 SYNCFULL-> tmp6:= MOVEFROMCREG_DSZ64(0x00c) 18757c88 SEQW URET0 ------------------------------------------------------------------------------------ U7c9d: 000000000000 NOP U7c9e: 0007070b9e48 tmp9:= NOTAND_DSZ32(0x00000207, tmp9) 18757c88 SEQW GOTO U757c ------------------------------------------------------------------------------------ U7ca0: 0fff00000000 SYNCFULL-> SFENCE(0x00000000) U7ca1: 29628903f200 tmp15:= MOVETOCREG_BTS_DSZ64(0x089) U7ca2: 800800000000 NOP U7ca4: e86a446d023f SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000001, U5b44) U7ca5: 40628903f200 tmp15:= MOVEFROMCREG_DSZ64(0x089) 387ca440 SEQW GOTO U7ca4 ------------------------------------------------------------------------------------ U7ca6: 4eff00000000 unk_eff(0x00000000) U7ca8: c06350032200 tmp2:= READURAM(0x0050, 64) 29360400 SEQW GOTO U3604 ------------------------------------------------------------------------------------ U7ca9: 000000000000 NOP U7caa: c0520568027a SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp10, U3a05) U7cac: 80400403ef88 tmp14:= ADD_DSZ64(0x00000004, tmp14) 11ba0400 SEQW GOTO U3a04 ------------------------------------------------------------------------------------ U7cad: 000000000000 NOP U7cae: 9062b40b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2b4, 32) U7cb0: 486aee140330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U05ee) U7cb1: 0fef01000000 LBSYNC(0x00000001) 11ba3c40 SEQW GOTO U3a3c ------------------------------------------------------------------------------------ U7cb2: c0632b031200 tmp1:= READURAM(0x002b, 64) U7cb4: 786a11310631 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000020, U7c11) U7cb5: 9062f91f6240 tmp6:= MOVEFROMCREG_DSZ64(0x7f9, 32) 28671440 SEQW GOTO U6714 ------------------------------------------------------------------------------------ U7cb6: 2d0be41e100a rcx:= PORTIN_DSZ32_ASZ16_SC1(0x000047e4) U7cb8: 406387030200 tmp0:= READURAM(0x0087, 64) U7cb9: 800000031c30 tmp1:= ADD_DSZ32(tmp0, tmp0) 11a4be40 SEQW GOTO U24be ------------------------------------------------------------------------------------ U7cba: 1062e70b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e7, 32) U7cbc: b86aba3102f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000c, U7cba) U7cbd: c00d03800000 SAVEUIP_REGOVR(0x01, U7cbe, 0x0003) 2632cd40 SEQW GOTO U32cd U7cbe: 0042bb1c0235 MOVETOCREG_DSZ64(tmp5, 0x7bb) U7cc0: 796289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 31e9f000 SEQW GOTO U69f0 ------------------------------------------------------------------------------------ U7cc1: 000000000000 NOP U7cc2: a0435c00023f WRITEURAM(tmp15, 0x005c, 64) U7cc4: ed0be443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050e4) U7cc5: 0004001bffc8 tmp15:= AND_DSZ32(0x00000600, tmp15) U7cc6: 40250403f23f tmp15:= SHR_DSZ32(tmp15, 0x00000004) U7cc8: c0010003fffe tmp15:= OR_DSZ32(tmp14, tmp15) U7cc9: ad0fe443f00a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x000050e4, tmp15) 1481598d SEQW URET1 ------------------------------------------------------------------------------------ U7cca: 800155020c08 rax:= OR_DSZ32(0x00000055, tmp0) 1481598d SEQW GOTO U0159 ------------------------------------------------------------------------------------ U7ccc: 40070103ffc8 tmp15:= NOTAND_DSZ32(0x00000001, tmp15) U7ccd: ed0f1833f00a PORTOUT_DSZ32_ASZ16_SC1(0x00004c18, tmp15) U7cce: 41080003f010 tmp15:= READUIP_REGOVR(0x00) U7cd0: 20438e08023f WRITEURAM(tmp15, 0x008e, 32) U7cd1: 00633703f200 tmp15:= READURAM(0x0037, 64) U7cd2: 386b4e00003f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, uret0) U7cd4: 40070103ffc8 tmp15:= NOTAND_DSZ32(0x00000001, tmp15) U7cd5: ce250003f03f tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp15) U7cd6: 80638e03f200 tmp15:= READURAM(0x008e, 64) 2183be80 SEQW GOTO U03be ------------------------------------------------------------------------------------ U7cd8: 0e750003003c LFNCEMARK-> tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) 0429cc00 SEQW GOTO U29cc ------------------------------------------------------------------------------------ U7cd9: 000000000000 NOP U7cda: c02510032235 tmp2:= SHR_DSZ32(tmp5, 0x00000010) U7cdc: 800610131e08 tmp1:= XOR_DSZ32(0x00000410, tmp8) U7cdd: f928197102b1 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000009, U7c19) U7cde: f92839710231 SYNCMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U7c39) U7ce0: 40653d031235 tmp1:= SHR_DSZ64(tmp5, 0x0000003d) U7ce1: c00405031c48 tmp1:= AND_DSZ32(0x00000005, tmp1) 31b1a640 SEQW GOTO U31a6 ------------------------------------------------------------------------------------ U7ce2: 9062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U7ce4: 4004a1032c90 tmp2:= AND_DSZ32(0x00070000, tmp2) U7ce5: 80635c030200 tmp0:= READURAM(0x005c, 64) U7ce6: 805410030230 tmp0:= BT_DSZ64(tmp0, 0x00000010) U7ce8: 803200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U7ce9: 000812030008 tmp0:= ZEROEXT_DSZ32(0x00000012) U7cea: 80a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U7cec: 7929e42c0032 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3be4) U7ced: 000000000000 NOP U7cee: 40880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) 11fc6192 SEQW SAVEUIP0 U7cf0 SEQW GOTO U7c61 U7cf0: 80012c039e48 tmp9:= OR_DSZ32(0x0000002c, tmp9) U7cf1: 01521d7002ff UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U7c1d) 31f59040 SEQW GOTO U7590 ------------------------------------------------------------------------------------ U7cf2: c005883f1c8a tmp1:= SUB_DSZ32(0x00004f88, tmp2) U7cf4: 8131010b1231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00000201) U7cf5: c005202fdc8a tmp13:= SUB_DSZ32(0x00004b20, tmp2) U7cf6: 41312203d23d tmp13:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000022) U7cf8: 000100031c7d tmp1:= OR_DSZ32(tmp13, tmp1) U7cf9: 404700035d71 tmp5:= NOTAND_DSZ64(tmp1, tmp5) U7cfa: 7d0b00031c88 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U7cfc: 7d0f00035c88 PORTOUT_DSZ32_ASZ16_SC1(0x00000000, tmp2, tmp5) 01d4a800 SEQW GOTO U54a8 ------------------------------------------------------------------------------------ U7cfd: 000000000000 NOP U7cfe: 80632003b200 tmp11:= READURAM(0x0020, 64) U7d00: 4008e0036008 tmp6:= ZEROEXT_DSZ32(0x000000e0) U7d01: 4008a0037008 tmp7:= ZEROEXT_DSZ32(0x000000a0) 31d87555 SEQW SAVEUIP1 U7d02 SEQW GOTO U5875 U7d02: 400580079e48 tmp9:= SUB_DSZ32(0x00000180, tmp9) U7d04: c00588078e08 tmp8:= SUB_DSZ32(0x00000188, tmp8) U7d05: 80240103c23b tmp12:= SHL_DSZ32(tmp11, 0x00000001) U7d06: c0003427c23c tmp12:= ADD_DSZ32(tmp12, 0x00000934) U7d08: 00080103d008 tmp13:= ZEROEXT_DSZ32(0x00000001) U7d09: 433a5173a00b tmp10:= STC(0x00007c51) 11b9f640 SEQW GOTO U39f6 ------------------------------------------------------------------------------------ U7d0a: 40141e03b23d tmp11:= BT_DSZ32(tmp13, 0x0000001e) U7d0c: c0330003bd7b tmp11:= SELECTCC_DSZ32_CONDNB(tmp11, tmp5) U7d0d: 80250203b23b tmp11:= SHR_DSZ32(tmp11, 0x00000002) U7d0e: b92912b5033b CMPUJNZ_DIRECT_NOTTAKEN(tmp11, 0x00000012, U7d12) U7d10: c007fc035d48 tmp5:= NOTAND_DSZ32(0x000000fc, tmp5) U7d11: c001a0035d48 tmp5:= OR_DSZ32(0x000000a0, tmp5) U7d12: 392916b503fb SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp11, 0x0000001e, U7d16) U7d14: c007fc035d48 tmp5:= NOTAND_DSZ32(0x000000fc, tmp5) U7d15: 8001a4035d48 tmp5:= OR_DSZ32(0x000000a4, tmp5) U7d16: c06430035235 tmp5:= SHL_DSZ64(tmp5, 0x00000030) 11cc3480 SEQW GOTO U4c34 ------------------------------------------------------------------------------------ U7d18: 800a28000200 TESTUSTATE(UCODE, 0x0028) 01ddae00 ? SEQW GOTO U5dae U7d19: 9062cd0bb240 tmp11:= MOVEFROMCREG_DSZ64(0x2cd, 32) U7d1a: 40047003bec8 tmp11:= AND_DSZ32(0x00000070, tmp11) U7d1c: c150197402fb SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U7d19) 08621800 SEQW GOTO U6218 ------------------------------------------------------------------------------------ U7d1d: 000000000000 NOP U7d1e: 9062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U7d20: 4004a1032c90 tmp2:= AND_DSZ32(0x00070000, tmp2) U7d21: 80635c030200 tmp0:= READURAM(0x005c, 64) U7d22: 805410030230 tmp0:= BT_DSZ64(tmp0, 0x00000010) U7d24: 803200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U7d25: 000812030008 tmp0:= ZEROEXT_DSZ32(0x00000012) U7d26: 80a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U7d28: 7929e42c0032 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3be4) U7d29: 40634703c200 tmp12:= READURAM(0x0047, 64) U7d2a: 100a00000380 TESTUSTATE(SYS, 0xc000) 38283a80 ? SEQW GOTO U283a U7d2c: 806353030200 tmp0:= READURAM(0x0053, 64) U7d2d: 00635c038200 tmp8:= READURAM(0x005c, 64) U7d2e: 001407038238 tmp8:= BT_DSZ32(tmp8, 0x00000007) U7d30: 007300030c38 tmp0:= SELECTCC_DSZ64_CONDNB(tmp8, tmp0) U7d31: c0540f030230 tmp0:= BT_DSZ64(tmp0, 0x0000000f) U7d32: 813e75338c08 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000c75, tmp0) U7d34: 40360003cf38 tmp12:= CMOVCC_DSZ32_CONDB(tmp8, tmp12) 11a82500 SEQW GOTO U2825 ------------------------------------------------------------------------------------ U7d35: 000000000000 NOP U7d36: c062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U7d38: e38000030c00 tmp0:= READAFLAGS(tmp0) U7d39: 0c4b8027b000 tmp11:= RDSEGFLD(UNK_SEG_09, SEL) U7d3a: cc4b802b1000 tmp1:= RDSEGFLD(SS_USERM, SEL) U7d3c: c0a100031ef1 tmp1:= CONCAT_DSZ16(tmp1, tmp11) U7d3d: 402100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U7d3e: 8c4b802fb000 tmp11:= RDSEGFLD(DS, SEL) U7d40: 4c4b80231000 tmp1:= RDSEGFLD(ES, SEL) U7d41: c0a100031ef1 tmp1:= CONCAT_DSZ16(tmp1, tmp11) U7d42: 0c4b8033b000 tmp11:= RDSEGFLD(FS, SEL) U7d44: 8c4b80372000 tmp2:= RDSEGFLD(GS, SEL) U7d45: c0a100032ef2 tmp2:= CONCAT_DSZ16(tmp2, tmp11) U7d46: 802100031c72 tmp1:= CONCAT_DSZ32(tmp2, tmp1) U7d48: 8062091b2200 tmp2:= MOVEFROMCREG_DSZ64(0x609) U7d49: 00620a1b3200 tmp3:= MOVEFROMCREG_DSZ64(0x60a) U7d4a: 80620d074200 tmp4:= MOVEFROMCREG_DSZ64(0x10d) U7d4c: 00620e075200 tmp5:= MOVEFROMCREG_DSZ64(0x10e) U7d4d: c040d803ce48 tmp12:= ADD_DSZ64(0x000000d8, tmp9) U7d4e: c00e05000200 WRMSLOOPCTRFBR(0x00000005) U7d50: 800c64300280 SAVEUIP(0x00, U4c64) 21805100 SEQW GOTO U0051 ------------------------------------------------------------------------------------ U7d51: 000000000000 NOP U7d52: 000000000000 NOP U7d54: 900a00000300 TESTUSTATE(SYS, 0x8000) 01fc2a00 ? SEQW GOTO U7c2a U7d55: 8e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7d56: 804800035d72 tmp5:= ZEROEXT_DSZ64(tmp2, tmp5) U7d58: 4042bb1f5232 tmp5:= MOVETOCREG_DSZ64(tmp2, 0x7bb) 31a9b500 SEQW GOTO U29b5 ------------------------------------------------------------------------------------ U7d59: 000000000000 NOP U7d5a: 000000000000 NOP U7d5c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d5d: 000000000000 NOP U7d5e: 000000000000 NOP U7d60: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d61: 000000000000 NOP U7d62: 000000000000 NOP U7d64: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d65: 000000000000 NOP U7d66: 000000000000 NOP U7d68: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d69: 000000000000 NOP U7d6a: 000000000000 NOP U7d6c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d6d: 000000000000 NOP U7d6e: 000000000000 NOP U7d70: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d71: 000000000000 NOP U7d72: 000000000000 NOP U7d74: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d75: 000000000000 NOP U7d76: 000000000000 NOP U7d78: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d79: 000000000000 NOP U7d7a: 000000000000 NOP U7d7c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d7d: 000000000000 NOP U7d7e: 000000000000 NOP U7d80: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d81: 000000000000 NOP U7d82: 000000000000 NOP U7d84: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d85: 000000000000 NOP U7d86: 000000000000 NOP U7d88: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d89: 000000000000 NOP U7d8a: 000000000000 NOP U7d8c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d8d: 000000000000 NOP U7d8e: 000000000000 NOP U7d90: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d91: 000000000000 NOP U7d92: 000000000000 NOP U7d94: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d95: 000000000000 NOP U7d96: 000000000000 NOP U7d98: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d99: 000000000000 NOP U7d9a: 000000000000 NOP U7d9c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7d9d: 000000000000 NOP U7d9e: 000000000000 NOP U7da0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7da1: 000000000000 NOP U7da2: 000000000000 NOP U7da4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7da5: 000000000000 NOP U7da6: 000000000000 NOP U7da8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7da9: 000000000000 NOP U7daa: 000000000000 NOP U7dac: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dad: 000000000000 NOP U7dae: 000000000000 NOP U7db0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7db1: 000000000000 NOP U7db2: 000000000000 NOP U7db4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7db5: 000000000000 NOP U7db6: 000000000000 NOP U7db8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7db9: 000000000000 NOP U7dba: 000000000000 NOP U7dbc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dbd: 000000000000 NOP U7dbe: 000000000000 NOP U7dc0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dc1: 000000000000 NOP U7dc2: 000000000000 NOP U7dc4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dc5: 000000000000 NOP U7dc6: 000000000000 NOP U7dc8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dc9: 000000000000 NOP U7dca: 000000000000 NOP U7dcc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dcd: 000000000000 NOP U7dce: 000000000000 NOP U7dd0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dd1: 000000000000 NOP U7dd2: 000000000000 NOP U7dd4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dd5: 000000000000 NOP U7dd6: 000000000000 NOP U7dd8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dd9: 000000000000 NOP U7dda: 000000000000 NOP U7ddc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ddd: 000000000000 NOP U7dde: 000000000000 NOP U7de0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7de1: 000000000000 NOP U7de2: 000000000000 NOP U7de4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7de5: 000000000000 NOP U7de6: 000000000000 NOP U7de8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7de9: 000000000000 NOP U7dea: 000000000000 NOP U7dec: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ded: 000000000000 NOP U7dee: 000000000000 NOP U7df0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7df1: 000000000000 NOP U7df2: 000000000000 NOP U7df4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7df5: 000000000000 NOP U7df6: 000000000000 NOP U7df8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7df9: 000000000000 NOP U7dfa: 000000000000 NOP U7dfc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7dfd: 000000000000 NOP U7dfe: 000000000000 NOP U7e00: c0053d03ffc8 tmp15:= SUB_DSZ32(0x0000003d, tmp15) U7e01: 4152f45c027f UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U37f4) U7e02: c21e0303d23d LFNCEWTMRK-> tmp13:= SIGEVENT(tmp13, 0x00000003) 070000ce SEQW URET1 ------------------------------------------------------------------------------------ U7e04: 815d757002c0 SYNCFULL-> UJMP(U7c75) 18201a50 SEQW SAVEUIP0 U7e05 ------------------------------------------------------------------------------------ U7e05: 000c44f7e208 tmp14:= SAVEUIP(0x01, U1d44) 18201a50 SEQW GOTO U201a ------------------------------------------------------------------------------------ U7e06: 000000000000 NOP U7e08: 815d757002c0 SYNCFULL-> UJMP(U7c75) 18201a50 SEQW SAVEUIP0 U7e09 ------------------------------------------------------------------------------------ U7e09: 400c98f7e208 tmp14:= SAVEUIP(0x01, U1d98) 18201a50 SEQW GOTO U201a ------------------------------------------------------------------------------------ U7e0a: 400100030030 tmp0:= OR_DSZ32(tmp0) U7e0c: 415100000fb0 SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDNZ(tmp0, tmp14) 384c0600 SEQW GOTO U4c06 ------------------------------------------------------------------------------------ U7e0d: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U7e0e: 4004f007ffd0 tmp15:= AND_DSZ32(0x80000000, tmp15) U7e10: 80420000023f MOVETOCREG_DSZ64(tmp15, 0x000) 21a04800 SEQW GOTO U2048 ------------------------------------------------------------------------------------ U7e11: 20432b040200 WRITEURAM(0x00000000, 0x012b, 64) U7e12: c048fe7fc00a tmp12:= ZEROEXT_DSZ64(0x00005ffe) U7e14: c062f01f1200 tmp1:= MOVEFROMCREG_DSZ64(0x7f0) 11a83400 SEQW GOTO U2834 ------------------------------------------------------------------------------------ U7e15: 006205071200 tmp1:= MOVEFROMCREG_DSZ64(0x105) U7e16: 586b119c0231 BTUJNB_DIRECT_NOTTAKEN(tmp1, 0x00000002, generate_#GP) U7e18: a04337080235 LFNCEMARK-> WRITEURAM(tmp5, 0x0037, 32) 2460d200 SEQW GOTO U60d2 ------------------------------------------------------------------------------------ U7e19: 817000035d72 tmp5:= SELECTCC_DSZ64_CONDZ(tmp2, tmp5) U7e1a: 800509031c88 tmp1:= SUB_DSZ32(0x00000009, tmp2) U7e1c: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) 31fce000 SEQW GOTO U7ce0 ------------------------------------------------------------------------------------ U7e1d: c00d09800000 SAVEUIP_REGOVR(0x01, U7e1e, 0x0009) U7e1e: 400c24f002c0 SAVEUIP(0x01, U7c24) U7e20: 815d65700280 SYNCFULL-> UJMP(U5c65) ------------------------------------------------------------------------------------ U7e21: c00d09800000 SAVEUIP_REGOVR(0x01, U7e22, 0x0009) 085c6640 SEQW GOTO U5c66 U7e22: 2d0ba0030008 tmp0:= PORTIN_DSZ32_ASZ16_SC1(0x000000a0) U7e24: 41420b000f80 UFLOWCTRL(URET1, tmp14) U7e25: 415dca680280 SYNCFULL-> UJMP(U5aca) ------------------------------------------------------------------------------------ U7e26: 40880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) 28fc6192 SEQW SAVEUIP0 U7e28 SEQW GOTO U7c61 U7e28: 00012b039e48 tmp9:= OR_DSZ32(0x0000002b, tmp9) U7e29: 0152217002ff UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U7c21) 35763040 SEQW GOTO U7630 ------------------------------------------------------------------------------------ U7e2a: c042bb1c0200 LFNCEMARK-> MOVETOCREG_DSZ64(0x00000000, 0x7bb) U7e2c: 00002003cf08 tmp12:= ADD_DSZ32(0x00000020, tmp12) U7e2d: 400e08400240 LFNCEWAIT-> WRMSLOOPCTRFBR(0x00003008) 12b39951 SEQW SAVEUIP0 U7e2e SEQW GOTO U3399 U7e2e: 800800000000 NOP U7e30: 800e06600240 WRMSLOOPCTRFBR(0x00003806) 21a03110 SEQW SAVEUIP0 U7e31 SEQW GOTO U2031 U7e31: 8000803fcfc9 tmp12:= ADD_DSZ32(0x00002f80, tmp15) U7e32: 8e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7e34: 804800035d72 tmp5:= ZEROEXT_DSZ64(tmp2, tmp5) U7e35: c042bb1f5235 tmp5:= MOVETOCREG_DSZ64(tmp5, 0x7bb) 11a9ad40 SEQW GOTO U29ad ------------------------------------------------------------------------------------ U7e36: c86a1d50037f BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000015, U041d) U7e38: 80070043ef9f tmp14:= NOTAND_DSZ32(0xfffffffffffff000, tmp14) 0198b400 SEQW GOTO U18b4 ------------------------------------------------------------------------------------ U7e39: 000501031c88 tmp1:= SUB_DSZ32(0x00000001, tmp2) U7e3a: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) U7e3c: 400505031c88 tmp1:= SUB_DSZ32(0x00000005, tmp2) U7e3d: 417000035d71 tmp5:= SELECTCC_DSZ64_CONDZ(tmp1, tmp5) 21fce040 SEQW GOTO U7ce0 ------------------------------------------------------------------------------------ U7e3e: 29632b040600 unk_963(0xffffffffffff012b) U7e40: e96270800240 MOVETOCREG_BTS_DSZ64(0x00000006, 0x070) 04a83a00 SEQW GOTO U283a ------------------------------------------------------------------------------------ U7e41: e96272c003c0 LFNCEMARK-> MOVETOCREG_BTS_DSZ64(0x0000001f, 0x072) U7e42: a0437f00023e WRITEURAM(tmp14, 0x007f, 64) U7e44: a90205c00200 MOVETOCREG_OR_DSZ64(0x00000003, 0x005) U7e45: 80636103e200 tmp14:= READURAM(0x0061, 64) U7e46: 00634503f200 tmp15:= READURAM(0x0045, 64) U7e48: 813f0003f03f tmp15:= unk_13f(tmp15) U7e49: 417e0003effe tmp14:= MOVEMERGEFLGS_DSZ64(tmp14, tmp15) U7e4a: 80630c03f200 LFNCEWAIT-> tmp15:= READURAM(0x000c, 64) 23204080 SEQW GOTO U2040 ------------------------------------------------------------------------------------ U7e4c: 815d0d7002c0 SYNCFULL-> UJMP(U7c0d) ------------------------------------------------------------------------------------ U7e4d: 10628e0f0240 tmp0:= MOVEFROMCREG_DSZ64(0x38e, 32) 285b9640 SEQW GOTO U5b96 ------------------------------------------------------------------------------------ U7e4e: 80210003fcbf tmp15:= CONCAT_DSZ32(tmp15, tmp2) U7e50: c0563103f23f tmp15:= BTR_DSZ64(tmp15, 0x00000031) 21d49c00 SEQW GOTO U549c ------------------------------------------------------------------------------------ U7e51: 40401803ce08 tmp12:= ADD_DSZ64(0x00000018, tmp8) U7e52: 806306030200 tmp0:= READURAM(0x0006, 64) U7e54: 808805030c08 tmp0:= ZEROEXT_DSZ16(0x00000005, tmp0) U7e55: 804147030c10 tmp0:= OR_DSZ64(0x00010000, tmp0) U7e56: 1062850f1240 tmp1:= MOVEFROMCREG_DSZ64(0x385, 32) U7e58: 9062810f2240 tmp2:= MOVEFROMCREG_DSZ64(0x381, 32) U7e59: 400e02000200 WRMSLOOPCTRFBR(0x00000002) U7e5a: 800c1c300280 SAVEUIP(0x00, U4c1c) 01805180 SEQW GOTO U0051 ------------------------------------------------------------------------------------ U7e5c: c00524071e08 tmp1:= SUB_DSZ32(0x00000124, tmp8) U7e5d: 4150157002f1 UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp1, U7c15) 21a71140 SEQW GOTO generate_#GP ------------------------------------------------------------------------------------ U7e5e: d962dd480300 MOVETOCREG_BTS_DSZ64(0x00000011, 0x2dd) U7e60: 286a8429027e BTUJB_DIRECT_NOTTAKEN(tmp14, 0x00000004, U5a84) 11a3ac00 SEQW GOTO U23ac ------------------------------------------------------------------------------------ U7e61: c0638a03f200 tmp15:= READURAM(0x008a, 64) U7e62: 80850803ffc8 tmp15:= SUB_DSZ16(0x00000008, tmp15) U7e64: 80850003dc7f tmp13:= SUB_DSZ16(tmp15, tmp1) U7e65: c0141003f23f tmp15:= BT_DSZ32(tmp15, 0x00000010) U7e66: 40330003ff7f tmp15:= SELECTCC_DSZ32_CONDNB(tmp15, tmp13) U7e68: 40160403f23f tmp15:= BTR_DSZ32(tmp15, 0x00000004) U7e69: c0852403ffc8 tmp15:= SUB_DSZ16(0x00000024, tmp15) U7e6a: 40850b03ffc8 tmp15:= SUB_DSZ16(0x0000000b, tmp15) U7e6c: 40e100039032 tmp9:= CONCAT_DSZ8(tmp2) U7e6d: 00a100039e7d tmp9:= CONCAT_DSZ16(tmp13, tmp9) 11e1ea89 SEQW URET0 ------------------------------------------------------------------------------------ U7e6e: 00080003203a tmp2:= ZEROEXT_DSZ32(tmp10) 11e1ea89 SEQW GOTO U61ea ------------------------------------------------------------------------------------ U7e70: c06213174200 tmp4:= MOVEFROMCREG_DSZ64(0x513) U7e71: 2a6213540734 LFNCEMARK-> MOVETOCREG_BTR_DSZ64(tmp4, 0x00000031, 0x513) U7e72: 800800000000 NOP U7e74: 69620bc00240 LFNCEWTMRK-> MOVETOCREG_BTS_DSZ64(0x00000007, 0x00b) 26263c00 SEQW GOTO U263c ------------------------------------------------------------------------------------ U7e75: 00430c00023f WRITEURAM(tmp15, 0x000c, 64) U7e76: 00436100023e WRITEURAM(tmp14, 0x0061, 64) U7e78: 03800003f03e tmp15:= READAFLAGS(tmp14) U7e79: 80434500023f WRITEURAM(tmp15, 0x0045, 64) U7e7a: 40620403f200 tmp15:= MOVEFROMCREG_DSZ64(0x004) U7e7c: 00040303ffc8 tmp15:= AND_DSZ32(0x00000003, tmp15) U7e7d: 39299a71023f CMPUJNZ_DIRECT_NOTTAKEN(tmp15, 0x00000001, U7c9a) U7e7e: c0620c03f200 tmp15:= MOVEFROMCREG_DSZ64(0x00c) U7e80: c004ff03ffc8 tmp15:= AND_DSZ32(0x000000ff, tmp15) U7e81: 392886f1077f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000037, U7c86) U7e82: 792886f1073f CMPUJZ_DIRECT_NOTTAKEN(tmp15, 0x00000033, U7c86) U7e84: 40054703ffc8 tmp15:= SUB_DSZ32(0x00000047, tmp15) U7e85: 0150867002ff UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp15, U7c86) 01fc9a40 SEQW GOTO U7c9a ------------------------------------------------------------------------------------ U7e86: 000e0c000200 WRMSLOOPCTRFBR(0x0000000c) U7e88: 40620103f200 tmp15:= MOVEFROMCREG_DSZ64(0x001) U7e89: 80087817e008 tmp14:= ZEROEXT_DSZ32(0x00000578) U7e8a: 80000883ef88 tmp14:= ADD_DSZ32(IMM_MACRO_ALIAS_MSLOOPCTR, tmp14) U7e8c: c0a40503e23e tmp14:= SHL_DSZ16(tmp14, 0x00000005) U7e8d: ce750003e03e tmp14:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp14) U7e8e: 39289a310fbf CMPUJZ_DIRECT_NOTTAKEN(tmp15, tmp14, U7c9a) U7e90: c00a01000200 TESTUSTATE(UCODE, UST_MSLOOPCTR_NONZERO) 31fc8900 ? SEQW GOTO U7c89 U7e91: 00626703e200 tmp14:= MOVEFROMCREG_DSZ64(CORE_CR_CUR_RIP) U7e92: 40641003e23e tmp14:= SHL_DSZ64(tmp14, 0x00000010) U7e94: c0410003efbf tmp14:= OR_DSZ64(tmp15, tmp14) U7e95: 00620003f200 tmp15:= MOVEFROMCREG_DSZ64(0x000) U7e96: 786b41f103ff BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x0000001f, U7c41) U7e98: c0637f03f200 tmp15:= READURAM(0x007f, 64) U7e99: b92941310ffe CMPUJNZ_DIRECT_NOTTAKEN(tmp14, tmp15, U7c41) U7e9a: a9626dc003c0 MOVETOCREG_BTS_DSZ64(0x0000001f, 0x06d) U7e9c: 00620c036200 SYNCFULL-> tmp6:= MOVEFROMCREG_DSZ64(0x00c) 18757c88 SEQW URET0 ------------------------------------------------------------------------------------ U7e9d: 000000000000 NOP U7e9e: 0007070b9e48 tmp9:= NOTAND_DSZ32(0x00000207, tmp9) 18757c88 SEQW GOTO U757c ------------------------------------------------------------------------------------ U7ea0: 0fff00000000 SYNCFULL-> SFENCE(0x00000000) U7ea1: 29628903f200 tmp15:= MOVETOCREG_BTS_DSZ64(0x089) U7ea2: 800800000000 NOP U7ea4: e86a446d023f SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp15, 0x00000001, U5b44) U7ea5: 40628903f200 tmp15:= MOVEFROMCREG_DSZ64(0x089) 387ca440 SEQW GOTO U7ca4 ------------------------------------------------------------------------------------ U7ea6: 4eff00000000 unk_eff(0x00000000) U7ea8: c06350032200 tmp2:= READURAM(0x0050, 64) 29360400 SEQW GOTO U3604 ------------------------------------------------------------------------------------ U7ea9: 000000000000 NOP U7eaa: c0520568027a SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDB(tmp10, U3a05) U7eac: 80400403ef88 tmp14:= ADD_DSZ64(0x00000004, tmp14) 11ba0400 SEQW GOTO U3a04 ------------------------------------------------------------------------------------ U7ead: 000000000000 NOP U7eae: 9062b40b0240 tmp0:= MOVEFROMCREG_DSZ64(0x2b4, 32) U7eb0: 486aee140330 BTUJB_DIRECT_NOTTAKEN(tmp0, 0x00000010, U05ee) U7eb1: 0fef01000000 LBSYNC(0x00000001) 11ba3c40 SEQW GOTO U3a3c ------------------------------------------------------------------------------------ U7eb2: c0632b031200 tmp1:= READURAM(0x002b, 64) U7eb4: 786a11310631 SYNCFULL-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x00000020, U7c11) U7eb5: 9062f91f6240 tmp6:= MOVEFROMCREG_DSZ64(0x7f9, 32) 28671440 SEQW GOTO U6714 ------------------------------------------------------------------------------------ U7eb6: 2d0be41e100a rcx:= PORTIN_DSZ32_ASZ16_SC1(0x000047e4) U7eb8: 406387030200 tmp0:= READURAM(0x0087, 64) U7eb9: 800000031c30 tmp1:= ADD_DSZ32(tmp0, tmp0) 11a4be40 SEQW GOTO U24be ------------------------------------------------------------------------------------ U7eba: 1062e70b1240 tmp1:= MOVEFROMCREG_DSZ64(0x2e7, 32) U7ebc: b86aba3102f1 LFNCEWTMRK-> BTUJB_DIRECT_NOTTAKEN(tmp1, 0x0000000c, U7cba) U7ebd: c00d03800000 SAVEUIP_REGOVR(0x01, U7ebe, 0x0003) 2632cd40 SEQW GOTO U32cd U7ebe: 0042bb1c0235 MOVETOCREG_DSZ64(tmp5, 0x7bb) U7ec0: 796289480200 MOVETOCREG_BTS_DSZ64(0x00000001, 0x289) 31e9f000 SEQW GOTO U69f0 ------------------------------------------------------------------------------------ U7ec1: 000000000000 NOP U7ec2: a0435c00023f WRITEURAM(tmp15, 0x005c, 64) U7ec4: ed0be443f00a tmp15:= PORTIN_DSZ32_ASZ16_SC1(0x000050e4) U7ec5: 0004001bffc8 tmp15:= AND_DSZ32(0x00000600, tmp15) U7ec6: 40250403f23f tmp15:= SHR_DSZ32(tmp15, 0x00000004) U7ec8: c0010003fffe tmp15:= OR_DSZ32(tmp14, tmp15) U7ec9: ad0fe443f00a LFNCEMARK-> PORTOUT_DSZ32_ASZ16_SC1(0x000050e4, tmp15) 1481598d SEQW URET1 ------------------------------------------------------------------------------------ U7eca: 800155020c08 rax:= OR_DSZ32(0x00000055, tmp0) 1481598d SEQW GOTO U0159 ------------------------------------------------------------------------------------ U7ecc: 40070103ffc8 tmp15:= NOTAND_DSZ32(0x00000001, tmp15) U7ecd: ed0f1833f00a PORTOUT_DSZ32_ASZ16_SC1(0x00004c18, tmp15) U7ece: 41080003f010 tmp15:= READUIP_REGOVR(0x00) U7ed0: 20438e08023f WRITEURAM(tmp15, 0x008e, 32) U7ed1: 00633703f200 tmp15:= READURAM(0x0037, 64) U7ed2: 386b4e00003f SYNCFULL-> BTUJNB_DIRECT_NOTTAKEN(tmp15, 0x00000000, uret0) U7ed4: 40070103ffc8 tmp15:= NOTAND_DSZ32(0x00000001, tmp15) U7ed5: ce250003f03f tmp15:= LDPPHYSTICKLE_DSZ32_ASZ64_SC1(tmp15) U7ed6: 80638e03f200 tmp15:= READURAM(0x008e, 64) 2183be80 SEQW GOTO U03be ------------------------------------------------------------------------------------ U7ed8: 0e750003003c LFNCEMARK-> tmp0:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) 0429cc00 SEQW GOTO U29cc ------------------------------------------------------------------------------------ U7ed9: 000000000000 NOP U7eda: c02510032235 tmp2:= SHR_DSZ32(tmp5, 0x00000010) U7edc: 800610131e08 tmp1:= XOR_DSZ32(0x00000410, tmp8) U7edd: f928197102b1 CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000009, U7c19) U7ede: f92839710231 SYNCMARK-> CMPUJZ_DIRECT_NOTTAKEN(tmp1, 0x00000001, U7c39) U7ee0: 40653d031235 tmp1:= SHR_DSZ64(tmp5, 0x0000003d) U7ee1: c00405031c48 tmp1:= AND_DSZ32(0x00000005, tmp1) 31b1a640 SEQW GOTO U31a6 ------------------------------------------------------------------------------------ U7ee2: 9062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U7ee4: 4004a1032c90 tmp2:= AND_DSZ32(0x00070000, tmp2) U7ee5: 80635c030200 tmp0:= READURAM(0x005c, 64) U7ee6: 805410030230 tmp0:= BT_DSZ64(tmp0, 0x00000010) U7ee8: 803200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U7ee9: 000812030008 tmp0:= ZEROEXT_DSZ32(0x00000012) U7eea: 80a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U7eec: 7929e42c0032 CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3be4) U7eed: 000000000000 NOP U7eee: 40880003a031 tmp10:= ZEROEXT_DSZ16(tmp1) 11fc6192 SEQW SAVEUIP0 U7ef0 SEQW GOTO U7c61 U7ef0: 80012c039e48 tmp9:= OR_DSZ32(0x0000002c, tmp9) U7ef1: 01521d7002ff UJMPCC_DIRECT_NOTTAKEN_CONDBE(tmp15, U7c1d) 31f59040 SEQW GOTO U7590 ------------------------------------------------------------------------------------ U7ef2: c005883f1c8a tmp1:= SUB_DSZ32(0x00004f88, tmp2) U7ef4: 8131010b1231 tmp1:= SELECTCC_DSZ32_CONDNZ(tmp1, 0x00000201) U7ef5: c005202fdc8a tmp13:= SUB_DSZ32(0x00004b20, tmp2) U7ef6: 41312203d23d tmp13:= SELECTCC_DSZ32_CONDNZ(tmp13, 0x00000022) U7ef8: 000100031c7d tmp1:= OR_DSZ32(tmp13, tmp1) U7ef9: 404700035d71 tmp5:= NOTAND_DSZ64(tmp1, tmp5) U7efa: 7d0b00031c88 tmp1:= PORTIN_DSZ32_ASZ16_SC1(0x00000000, tmp2) U7efc: 7d0f00035c88 PORTOUT_DSZ32_ASZ16_SC1(0x00000000, tmp2, tmp5) 01d4a800 SEQW GOTO U54a8 ------------------------------------------------------------------------------------ U7efd: 000000000000 NOP U7efe: 80632003b200 tmp11:= READURAM(0x0020, 64) U7f00: 4008e0036008 tmp6:= ZEROEXT_DSZ32(0x000000e0) U7f01: 4008a0037008 tmp7:= ZEROEXT_DSZ32(0x000000a0) 31d87555 SEQW SAVEUIP1 U7f02 SEQW GOTO U5875 U7f02: 400580079e48 tmp9:= SUB_DSZ32(0x00000180, tmp9) U7f04: c00588078e08 tmp8:= SUB_DSZ32(0x00000188, tmp8) U7f05: 80240103c23b tmp12:= SHL_DSZ32(tmp11, 0x00000001) U7f06: c0003427c23c tmp12:= ADD_DSZ32(tmp12, 0x00000934) U7f08: 00080103d008 tmp13:= ZEROEXT_DSZ32(0x00000001) U7f09: 433a5173a00b tmp10:= STC(0x00007c51) 11b9f640 SEQW GOTO U39f6 ------------------------------------------------------------------------------------ U7f0a: 40141e03b23d tmp11:= BT_DSZ32(tmp13, 0x0000001e) U7f0c: c0330003bd7b tmp11:= SELECTCC_DSZ32_CONDNB(tmp11, tmp5) U7f0d: 80250203b23b tmp11:= SHR_DSZ32(tmp11, 0x00000002) U7f0e: b92912b5033b CMPUJNZ_DIRECT_NOTTAKEN(tmp11, 0x00000012, U7d12) U7f10: c007fc035d48 tmp5:= NOTAND_DSZ32(0x000000fc, tmp5) U7f11: c001a0035d48 tmp5:= OR_DSZ32(0x000000a0, tmp5) U7f12: 392916b503fb SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp11, 0x0000001e, U7d16) U7f14: c007fc035d48 tmp5:= NOTAND_DSZ32(0x000000fc, tmp5) U7f15: 8001a4035d48 tmp5:= OR_DSZ32(0x000000a4, tmp5) U7f16: c06430035235 tmp5:= SHL_DSZ64(tmp5, 0x00000030) 11cc3480 SEQW GOTO U4c34 ------------------------------------------------------------------------------------ U7f18: 800a28000200 TESTUSTATE(UCODE, 0x0028) 01ddae00 ? SEQW GOTO U5dae U7f19: 9062cd0bb240 tmp11:= MOVEFROMCREG_DSZ64(0x2cd, 32) U7f1a: 40047003bec8 tmp11:= AND_DSZ32(0x00000070, tmp11) U7f1c: c150197402fb SYNCFULL-> UJMPCC_DIRECT_NOTTAKEN_CONDZ(tmp11, U7d19) 08621800 SEQW GOTO U6218 ------------------------------------------------------------------------------------ U7f1d: 000000000000 NOP U7f1e: 9062800b2240 tmp2:= MOVEFROMCREG_DSZ64(0x280, 32) U7f20: 4004a1032c90 tmp2:= AND_DSZ32(0x00070000, tmp2) U7f21: 80635c030200 tmp0:= READURAM(0x005c, 64) U7f22: 805410030230 tmp0:= BT_DSZ64(tmp0, 0x00000010) U7f24: 803200032cb0 tmp2:= SELECTCC_DSZ32_CONDB(tmp0, tmp2) U7f25: 000812030008 tmp0:= ZEROEXT_DSZ32(0x00000012) U7f26: 80a100070c08 tmp0:= CONCAT_DSZ16(0x00000100, tmp0) U7f28: 7929e42c0032 SYNCFULL-> CMPUJNZ_DIRECT_NOTTAKEN(tmp2, 0x00000000, U3be4) U7f29: 40634703c200 tmp12:= READURAM(0x0047, 64) U7f2a: 100a00000380 TESTUSTATE(SYS, 0xc000) 38283a80 ? SEQW GOTO U283a U7f2c: 806353030200 tmp0:= READURAM(0x0053, 64) U7f2d: 00635c038200 tmp8:= READURAM(0x005c, 64) U7f2e: 001407038238 tmp8:= BT_DSZ32(tmp8, 0x00000007) U7f30: 007300030c38 tmp0:= SELECTCC_DSZ64_CONDNB(tmp8, tmp0) U7f31: c0540f030230 tmp0:= BT_DSZ64(tmp0, 0x0000000f) U7f32: 813e75338c08 tmp8:= MOVEMERGEFLGS_DSZ32(0x00000c75, tmp0) U7f34: 40360003cf38 tmp12:= CMOVCC_DSZ32_CONDB(tmp8, tmp12) 11a82500 SEQW GOTO U2825 ------------------------------------------------------------------------------------ U7f35: 000000000000 NOP U7f36: c062fe1f0200 tmp0:= MOVEFROMCREG_DSZ64(CORE_CR_EFLAGS) U7f38: e38000030c00 tmp0:= READAFLAGS(tmp0) U7f39: 0c4b8027b000 tmp11:= RDSEGFLD(UNK_SEG_09, SEL) U7f3a: cc4b802b1000 tmp1:= RDSEGFLD(SS_USERM, SEL) U7f3c: c0a100031ef1 tmp1:= CONCAT_DSZ16(tmp1, tmp11) U7f3d: 402100030c31 tmp0:= CONCAT_DSZ32(tmp1, tmp0) U7f3e: 8c4b802fb000 tmp11:= RDSEGFLD(DS, SEL) U7f40: 4c4b80231000 tmp1:= RDSEGFLD(ES, SEL) U7f41: c0a100031ef1 tmp1:= CONCAT_DSZ16(tmp1, tmp11) U7f42: 0c4b8033b000 tmp11:= RDSEGFLD(FS, SEL) U7f44: 8c4b80372000 tmp2:= RDSEGFLD(GS, SEL) U7f45: c0a100032ef2 tmp2:= CONCAT_DSZ16(tmp2, tmp11) U7f46: 802100031c72 tmp1:= CONCAT_DSZ32(tmp2, tmp1) U7f48: 8062091b2200 tmp2:= MOVEFROMCREG_DSZ64(0x609) U7f49: 00620a1b3200 tmp3:= MOVEFROMCREG_DSZ64(0x60a) U7f4a: 80620d074200 tmp4:= MOVEFROMCREG_DSZ64(0x10d) U7f4c: 00620e075200 tmp5:= MOVEFROMCREG_DSZ64(0x10e) U7f4d: c040d803ce48 tmp12:= ADD_DSZ64(0x000000d8, tmp9) U7f4e: c00e05000200 WRMSLOOPCTRFBR(0x00000005) U7f50: 800c64300280 SAVEUIP(0x00, U4c64) 21805100 SEQW GOTO U0051 ------------------------------------------------------------------------------------ U7f51: 000000000000 NOP U7f52: 000000000000 NOP U7f54: 900a00000300 TESTUSTATE(SYS, 0x8000) 01fc2a00 ? SEQW GOTO U7c2a U7f55: 8e750003203c tmp2:= LDSTGBUF_DSZ64_ASZ16_SC1(tmp12) U7f56: 804800035d72 tmp5:= ZEROEXT_DSZ64(tmp2, tmp5) U7f58: 4042bb1f5232 tmp5:= MOVETOCREG_DSZ64(tmp2, 0x7bb) 31a9b500 SEQW GOTO U29b5 ------------------------------------------------------------------------------------ U7f59: 000000000000 NOP U7f5a: 000000000000 NOP U7f5c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f5d: 000000000000 NOP U7f5e: 000000000000 NOP U7f60: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f61: 000000000000 NOP U7f62: 000000000000 NOP U7f64: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f65: 000000000000 NOP U7f66: 000000000000 NOP U7f68: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f69: 000000000000 NOP U7f6a: 000000000000 NOP U7f6c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f6d: 000000000000 NOP U7f6e: 000000000000 NOP U7f70: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f71: 000000000000 NOP U7f72: 000000000000 NOP U7f74: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f75: 000000000000 NOP U7f76: 000000000000 NOP U7f78: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f79: 000000000000 NOP U7f7a: 000000000000 NOP U7f7c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f7d: 000000000000 NOP U7f7e: 000000000000 NOP U7f80: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f81: 000000000000 NOP U7f82: 000000000000 NOP U7f84: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f85: 000000000000 NOP U7f86: 000000000000 NOP U7f88: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f89: 000000000000 NOP U7f8a: 000000000000 NOP U7f8c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f8d: 000000000000 NOP U7f8e: 000000000000 NOP U7f90: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f91: 000000000000 NOP U7f92: 000000000000 NOP U7f94: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f95: 000000000000 NOP U7f96: 000000000000 NOP U7f98: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f99: 000000000000 NOP U7f9a: 000000000000 NOP U7f9c: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7f9d: 000000000000 NOP U7f9e: 000000000000 NOP U7fa0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fa1: 000000000000 NOP U7fa2: 000000000000 NOP U7fa4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fa5: 000000000000 NOP U7fa6: 000000000000 NOP U7fa8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fa9: 000000000000 NOP U7faa: 000000000000 NOP U7fac: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fad: 000000000000 NOP U7fae: 000000000000 NOP U7fb0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fb1: 000000000000 NOP U7fb2: 000000000000 NOP U7fb4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fb5: 000000000000 NOP U7fb6: 000000000000 NOP U7fb8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fb9: 000000000000 NOP U7fba: 000000000000 NOP U7fbc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fbd: 000000000000 NOP U7fbe: 000000000000 NOP U7fc0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fc1: 000000000000 NOP U7fc2: 000000000000 NOP U7fc4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fc5: 000000000000 NOP U7fc6: 000000000000 NOP U7fc8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fc9: 000000000000 NOP U7fca: 000000000000 NOP U7fcc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fcd: 000000000000 NOP U7fce: 000000000000 NOP U7fd0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fd1: 000000000000 NOP U7fd2: 000000000000 NOP U7fd4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fd5: 000000000000 NOP U7fd6: 000000000000 NOP U7fd8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fd9: 000000000000 NOP U7fda: 000000000000 NOP U7fdc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fdd: 000000000000 NOP U7fde: 000000000000 NOP U7fe0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fe1: 000000000000 NOP U7fe2: 000000000000 NOP U7fe4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fe5: 000000000000 NOP U7fe6: 000000000000 NOP U7fe8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fe9: 000000000000 NOP U7fea: 000000000000 NOP U7fec: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7fed: 000000000000 NOP U7fee: 000000000000 NOP U7ff0: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ff1: 000000000000 NOP U7ff2: 000000000000 NOP U7ff4: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ff5: 000000000000 NOP U7ff6: 000000000000 NOP U7ff8: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ff9: 000000000000 NOP U7ffa: 000000000000 NOP U7ffc: 000000000000 NOP 00000000 SEQW GOTO U0000 ------------------------------------------------------------------------------------ U7ffd: 000000000000 NOP U7ffe: 000000000000 NOP