Check out my first novel, midnight's simulacra!
Libcudest
Reverse engineering of CUDA ioctls in the 3.0 SDK (195.36.15 driver, GTS 360M, amd64). CUDA primarily communicates with the NVIDIA closed-source driver via several hundred undocumented ioctl()s. My open source implementation is located at GitHub.
Maps
Ordered from highest to lowest locations in x86 memory. These are architecture-, and to a lesser degree driver- and kernel version-specific. Applications and libraries can of course create many more maps than these.
- vsyscalls. read-execute-private, very few pages, topmost area of memory, usually highest mapping
- VDSO. read-execute-private, one page, high in memory (SYSENTER/SYSEXIT)
- Userspace stack. read-write-private, many pages, high in memory
- Anonymous map, 3 read-write-private pages, high in memory.
- Possibly associated with nvidia driver's NV_STACK_SIZE stack. read-write-private, (3 * 4096 on amd64, 2 * 4096 on i686)
- Two sets of /dev/nvidiaX maps for each bound device. Sets are usually continguous, and contain:
- an anonymous page, read-write-private
- several mappings of the device, having variable number of pages, all read-write-shared
- Libraries. variable, middle of memory.
- Userspace heap. read-write-private, many pages, low in memory
- Application (data region). read-write-private, variable, low in memory
- Application (text region). read-execute-private, variable, usually lowest mapping
ioctls
An ioctl (on x86) is 32 bits. The following definition comes from linux/asm-generic/ioctl.h in a 2.6.34 kernel:
- Bit 31: Read?
- Bit 30: Write?
- Bits 29-16: Parameter size
- Bits 15-8: Type (module)
- Bits 7-0: Number (command)
Looking at the source of the 195.36.15 kernel driver's OS interface, we see that NVIDIA uses the standard ioctl-creation macros from ioctl.h, and can be expected to adhere to this format. The type code used (NV_IOCTL_MAGIC) is 'F' (0x46), which overlaps with the framebuffer ioctl range as registered in 2.6.34. We further see that only _IOWR() is used to declare ioctls, implying that the first two bits will always be '11'. Both of these deductions are borne out observing strace output of a CUDA process.
Code | Param size | Param location(s) | Driver API call sites | Notes |
---|---|---|---|---|
0xd2 | 0x048 | stack | cuInit |
|
0xca | 0x004 | anonymous page | cuInit |
|
0xc8 | 0x600 | anonymous page | cuInit |
0x00010001 0x0cb110de 0x00000026 0x00000000 0xf2000000 0x00000000 0x01000000 0x00000000 0xe0000000 0x00000000 0x10000000 0x00000000 |
0x22 | 0x00c | stack | cuInit |
3251635025 65 0 |
0x2a | 0x020 | stack | cuInit |
0x7fffffffd310: 3251635025 3251635025 533 0 0x7fffffffd320: 4294955888 32767 132 0
|
0x4d | 0x048 | stack | cuInit | Performed following opening of nvidiaX device |
0x2d | 0x014 | stack | cuInit | Performed following read of /proc/interrupts |
0x32 | 0x014 | stack | cuInit | Performed several times in succession |
0x37 | 0x20 | stack | cuInit |
|
raw data
edi == ebp esi == 0xc04846d2 rdx == r12 call(edi,esi,rdx) eax == 0 ebp == file descriptor rsp(0x4c7) = 0 rsp(0x488) = rax rsp(0x484) = 0 rsp(0x480) = 0 r12 = rsp + 0x480 (0x7ffff78b3c41) rbx(0x30) = 0 rbx(0x28) = 0 rbx(0x20) = 0 rbx(0x18) = 0 rbx(0x10) = 0 rbx(0x8) = 0x35 rbx(0x38) = 0 cuInit: 0x7ffff78b3031: mov 0x8(%rsp),%ecx 0x7ffff78b3035: mov $0x14,%r8d 0x7ffff78b303b: mov $0xa02,%edx 0x7ffff78b3040: mov %ebp,%esi 0x7ffff78b3042: mov %ebp,%edi 0x7ffff78b3044: callq 0x7ffff78b1a60 0x7ffff78b3049: test %eax,%eax 0x7ffff78b304b: jne 0x7ffff78b2b84 0x7ffff78b3051: mov 0x1c(%rsp),%eax 0x7ffff78b3055: cmp 0x6c(%rsp),%eax 0x7ffff78b3059: jne 0x7ffff78b2b84 0x7ffff78b305f: nop 0x7ffff78b3060: jmpq 0x7ffff78b2c70 0x7ffff78b3065: mov 0x704944(%rip),%r9 # 0x7ffff7fb79b0 0x7ffff78b306c: mov (%r9),%rdi 0x7ffff78b306f: mov 0x10(%rdi),%rdx 0x7ffff78b3073: test %rdx,%rdx 0x7ffff78b3076: je 0x7ffff78b3094 0x7ffff78b3078: cmp %r8d,(%rdx) 0x7ffff78b307b: jne 0x7ffff78b308b 0x7ffff78b307d: jmpq 0x7ffff78b2f82 0x7ffff78b3082: cmp (%rdx),%r8d 0x7ffff78b3085: je 0x7ffff78b2f82 0x7ffff78b308b: mov 0x10(%rdx),%rdx 0x7ffff78b308f: test %rdx,%rdx 0x7ffff78b3092: jne 0x7ffff78b3082 0x7ffff78b3094: mov $0x1d,%r12d 0x7ffff78b309a: movl $0x0,0x708768(%rip) # 0x7ffff7fbb80c 0x7ffff78b30a4: jmpq 0x7ffff78b29e5 0x7ffff78b30a9: mov 0x58(%rsp),%edi 0x7ffff78b30ad: test %edi,%edi 0x7ffff78b30af: je 0x7ffff78b29e5 0x7ffff78b30b5: mov %rbx,%rdi 0x7ffff78b30b8: callq 0x7ffff78b22d0 0x7ffff78b30bd: mov 0x58(%rsp),%r12d 0x7ffff78b30c2: jmpq 0x7ffff78b29e5 0x7ffff78b30c7: mov 0x70551a(%rip),%r15 # 0x7ffff7fb85e8 0x7ffff78b30ce: mov (%r15),%rbx 0x7ffff78b30d1: test %rbx,%rbx 0x7ffff78b30d4: je 0x7ffff78b2f9e 0x7ffff78b30da: lea 0x20(%rsp),%rdx 0x7ffff78b30df: jmp 0x7ffff78b30ee 0x7ffff78b30e1: mov 0x30(%rbx),%rbx 0x7ffff78b30e5: test %rbx,%rbx 0x7ffff78b30e8: je 0x7ffff78b2f9e 0x7ffff78b30ee: cmp (%rbx),%ebp 0x7ffff78b30f0: jne 0x7ffff78b30e1 0x7ffff78b30f2: cmp 0x4(%rbx),%r14d 0x7ffff78b30f6: jne 0x7ffff78b30e1 0x7ffff78b30f8: movq $0x0,0x20(%rsp) 0x7ffff78b3101: movq $0x0,0x28(%rsp) 0x7ffff78b310a: xor %eax,%eax 0x7ffff78b310c: mov %ebp,0x20(%rsp) 0x7ffff78b3110: mov %r14d,0x28(%rsp) 0x7ffff78b3115: mov $0xc020462b,%esi 0x7ffff78b311a: mov 0x18(%rsp),%ebp 0x7ffff78b311e: mov 0x10(%rsp),%r14 0x7ffff78b3123: mov 0x676f57(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3129: movl $0x0,0x7086d9(%rip) # 0x7ffff7fbb80c 0x7ffff78b3133: movq $0x0,0x38(%rsp) 0x7ffff78b313c: movl $0x83f3,0x2c(%rsp) 0x7ffff78b3144: mov %ebp,0x24(%rsp) 0x7ffff78b3148: mov %r14,0x30(%rsp) 0x7ffff78b314d: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3152: test %eax,%eax 0x7ffff78b3154: js 0x7ffff78b2f2a 0x7ffff78b315a: mov 0x38(%rsp),%r9d 0x7ffff78b315f: test %r9d,%r9d 0x7ffff78b3162: je 0x7ffff78b29e5 0x7ffff78b3168: mov %rbx,%rdi 0x7ffff78b316b: callq 0x7ffff78b22d0 0x7ffff78b3170: mov 0x38(%rsp),%r12d 0x7ffff78b3175: jmpq 0x7ffff78b29e5 0x7ffff78b317a: data32 xchg %ax,%ax 0x7ffff78b317d: data32 xchg %ax,%ax 0x7ffff78b3180: mov %r12,-0x20(%rsp) 0x7ffff78b3185: mov %r13,-0x18(%rsp) 0x7ffff78b318a: mov %edi,%r12d 0x7ffff78b318d: mov %r14,-0x10(%rsp) 0x7ffff78b3192: mov %r15,-0x8(%rsp) 0x7ffff78b3197: mov %esi,%r14d 0x7ffff78b319a: mov %rbx,-0x30(%rsp) 0x7ffff78b319f: mov %rbp,-0x28(%rsp) 0x7ffff78b31a4: sub $0x68,%rsp 0x7ffff78b31a8: cmp $0x80,%edx 0x7ffff78b31ae: mov %edx,%r13d 0x7ffff78b31b1: mov %rcx,%r15 0x7ffff78b31b4: jb 0x7ffff78b327a 0x7ffff78b31ba: cmp $0x87,%edx 0x7ffff78b31c0: ja 0x7ffff78b3272 0x7ffff78b31c6: lea -0x80(%r13),%esi 0x7ffff78b31ca: xor %edx,%edx 0x7ffff78b31cc: callq 0x7ffff78b2160 0x7ffff78b31d1: mov %eax,%edx 0x7ffff78b31d3: mov %eax,%edi 0x7ffff78b31d5: shr $0x1f,%edx 0x7ffff78b31d8: cmp $0x20,%eax 0x7ffff78b31db: sete %bl 0x7ffff78b31de: or %dl,%bl 0x7ffff78b31e0: jne 0x7ffff78b327a 0x7ffff78b31e6: mov %edi,%ecx 0x7ffff78b31e8: mov %r14d,%esi 0x7ffff78b31eb: mov %r14d,%edx 0x7ffff78b31ee: mov %r12d,%edi 0x7ffff78b31f1: callq 0x7ffff78b2400 0x7ffff78b31f6: xor %esi,%esi 0x7ffff78b31f8: test %eax,%eax 0x7ffff78b31fa: mov %eax,%ebp 0x7ffff78b31fc: mov $0x1,%ecx 0x7ffff78b3201: jne 0x7ffff78b327f 0x7ffff78b3203: mov %esi,%eax 0x7ffff78b3205: lock cmpxchg %ecx,0x7085ff(%rip) # 0x7ffff7fbb80c 0x7ffff78b320d: setne %dl 0x7ffff78b3210: test %dl,%dl 0x7ffff78b3212: je 0x7ffff78b3400 0x7ffff78b3218: mov 0x7085ee(%rip),%edi # 0x7ffff7fbb80c 0x7ffff78b321e: test %edi,%edi 0x7ffff78b3220: je 0x7ffff78b3203 0x7ffff78b3222: mov 0x7085e3(%rip),%r8d # 0x7ffff7fbb80c 0x7ffff78b3229: test %r8d,%r8d 0x7ffff78b322c: je 0x7ffff78b3203 0x7ffff78b322e: mov 0x7085d7(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b3235: test %r9d,%r9d 0x7ffff78b3238: je 0x7ffff78b3203 0x7ffff78b323a: mov 0x7085cb(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b3241: test %r10d,%r10d 0x7ffff78b3244: je 0x7ffff78b3203 0x7ffff78b3246: mov 0x7085bf(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b324d: test %r11d,%r11d 0x7ffff78b3250: je 0x7ffff78b3203 0x7ffff78b3252: mov 0x7085b4(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b3258: test %ebx,%ebx 0x7ffff78b325a: je 0x7ffff78b3203 0x7ffff78b325c: mov 0x7085aa(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b3262: test %edx,%edx 0x7ffff78b3264: je 0x7ffff78b3203 0x7ffff78b3266: mov 0x7085a0(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b326c: test %eax,%eax 0x7ffff78b326e: jne 0x7ffff78b3218 0x7ffff78b3270: jmp 0x7ffff78b3203 0x7ffff78b3272: cmp $0xff,%edx 0x7ffff78b3278: je 0x7ffff78b32a4 0x7ffff78b327a: mov $0x2a,%ebp 0x7ffff78b327f: mov %ebp,%eax 0x7ffff78b3281: mov 0x38(%rsp),%rbx 0x7ffff78b3286: mov 0x40(%rsp),%rbp 0x7ffff78b328b: mov 0x48(%rsp),%r12 0x7ffff78b3290: mov 0x50(%rsp),%r13 0x7ffff78b3295: mov 0x58(%rsp),%r14 0x7ffff78b329a: mov 0x60(%rsp),%r15 0x7ffff78b329f: add $0x68,%rsp 0x7ffff78b32a3: retq 0x7ffff78b32a4: test %rcx,%rcx 0x7ffff78b32a7: je 0x7ffff78b327a 0x7ffff78b32a9: mov $0x3a,%esi 0x7ffff78b32ae: mov %rcx,%rdi 0x7ffff78b32b1: callq 0x7ffff782a980 <strchr@plt> 0x7ffff78b32b6: test %rax,%rax 0x7ffff78b32b9: je 0x7ffff78b327a 0x7ffff78b32bb: cmpb $0x2a,(%r15) 0x7ffff78b32bf: je 0x7ffff78b327a 0x7ffff78b32c1: lea 0x28(%rsp),%rsi 0x7ffff78b32c6: xor %ecx,%ecx 0x7ffff78b32c8: xor %edx,%edx 0x7ffff78b32ca: mov %r15,%rdi 0x7ffff78b32cd: callq 0x7ffff782a930 <__strtol_internal@plt> 0x7ffff78b32d2: mov 0x28(%rsp),%rdi 0x7ffff78b32d7: xor %edx,%edx 0x7ffff78b32d9: xor %ecx,%ecx 0x7ffff78b32db: xor %esi,%esi 0x7ffff78b32dd: mov %eax,%ebx 0x7ffff78b32df: inc %rdi 0x7ffff78b32e2: callq 0x7ffff782a930 <__strtol_internal@plt> 0x7ffff78b32e7: mov 0x705012(%rip),%rdx # 0x7ffff7fb8300 0x7ffff78b32ee: mov %eax,%r8d 0x7ffff78b32f1: xor %edi,%edi 0x7ffff78b32f3: add $0x30,%rdx 0x7ffff78b32f7: jmpq 0x7ffff78b33d4 0x7ffff78b32fc: lea 0x30(%rdx),%rcx 0x7ffff78b3300: lea 0x1(%rdi),%esi 0x7ffff78b3303: testb $0x1,-0x30(%rcx) 0x7ffff78b3307: mov %esi,%edi 0x7ffff78b3309: je 0x7ffff78b3317 0x7ffff78b330b: movzbl -0x2e(%rcx),%ebp 0x7ffff78b330f: cmp %ebp,%ebx 0x7ffff78b3311: je 0x7ffff78b34a2 0x7ffff78b3317: lea 0x30(%rcx),%rdx 0x7ffff78b331b: lea 0x1(%rsi),%edi 0x7ffff78b331e: testb $0x1,-0x30(%rdx) 0x7ffff78b3322: je 0x7ffff78b3332 0x7ffff78b3324: movzbl -0x2e(%rdx),%r10d 0x7ffff78b3329: cmp %r10d,%ebx 0x7ffff78b332c: je 0x7ffff78b34b5 0x7ffff78b3332: lea 0x60(%rcx),%rdx 0x7ffff78b3336: lea 0x2(%rsi),%edi 0x7ffff78b3339: testb $0x1,-0x30(%rdx) 0x7ffff78b333d: je 0x7ffff78b334b 0x7ffff78b333f: movzbl -0x2e(%rdx),%eax 0x7ffff78b3343: cmp %eax,%ebx 0x7ffff78b3345: je 0x7ffff78b34e5 0x7ffff78b334b: lea 0x90(%rcx),%rdx 0x7ffff78b3352: lea 0x3(%rsi),%edi 0x7ffff78b3355: testb $0x1,-0x30(%rdx) 0x7ffff78b3359: je 0x7ffff78b3369 0x7ffff78b335b: movzbl -0x2e(%rdx),%r9d 0x7ffff78b3360: cmp %r9d,%ebx 0x7ffff78b3363: je 0x7ffff78b34f7 0x7ffff78b3369: lea 0xc0(%rcx),%rdx 0x7ffff78b3370: lea 0x4(%rsi),%edi 0x7ffff78b3373: testb $0x1,-0x30(%rdx) 0x7ffff78b3377: je 0x7ffff78b3387 0x7ffff78b3379: movzbl -0x2e(%rdx),%r11d 0x7ffff78b337e: cmp %r11d,%ebx 0x7ffff78b3381: je 0x7ffff78b3510 0x7ffff78b3387: lea 0xf0(%rcx),%rdx 0x7ffff78b338e: lea 0x5(%rsi),%edi 0x7ffff78b3391: testb $0x1,-0x30(%rdx) 0x7ffff78b3395: je 0x7ffff78b33a3 0x7ffff78b3397: movzbl -0x2e(%rdx),%ebp 0x7ffff78b339b: cmp %ebp,%ebx 0x7ffff78b339d: je 0x7ffff78b3525 0x7ffff78b33a3: lea 0x120(%rcx),%rdx 0x7ffff78b33aa: lea 0x6(%rsi),%edi 0x7ffff78b33ad: testb $0x1,-0x30(%rdx) 0x7ffff78b33b1: je 0x7ffff78b33c1 0x7ffff78b33b3: movzbl -0x2e(%rdx),%r10d 0x7ffff78b33b8: cmp %r10d,%ebx 0x7ffff78b33bb: je 0x7ffff78b34d0 0x7ffff78b33c1: lea 0x7(%rsi),%edi 0x7ffff78b33c4: lea 0x150(%rcx),%rdx 0x7ffff78b33cb: cmp $0x20,%edi 0x7ffff78b33ce: je 0x7ffff78b327a 0x7ffff78b33d4: testb $0x1,-0x30(%rdx) 0x7ffff78b33d8: je 0x7ffff78b32fc 0x7ffff78b33de: movzbl -0x2e(%rdx),%eax 0x7ffff78b33e2: cmp %eax,%ebx 0x7ffff78b33e4: jne 0x7ffff78b32fc 0x7ffff78b33ea: movzbl -0x2d(%rdx),%ecx 0x7ffff78b33ee: cmp %ecx,%r8d 0x7ffff78b33f1: jne 0x7ffff78b32fc 0x7ffff78b33f7: jmpq 0x7ffff78b31e6 0x7ffff78b33fc: data32 data32 xchg %ax,%ax 0x7ffff78b3400: mov 0x7051e1(%rip),%rsi # 0x7ffff7fb85e8 0x7ffff78b3407: mov (%rsi),%rbx 0x7ffff78b340a: test %rbx,%rbx 0x7ffff78b340d: jne 0x7ffff78b341b 0x7ffff78b340f: nop 0x7ffff78b3410: jmp 0x7ffff78b348e 0x7ffff78b3412: mov 0x30(%rbx),%rbx 0x7ffff78b3416: test %rbx,%rbx 0x7ffff78b3419: je 0x7ffff78b348e 0x7ffff78b341b: cmp (%rbx),%r12d 0x7ffff78b341e: xchg %ax,%ax 0x7ffff78b3420: jne 0x7ffff78b3412 0x7ffff78b3422: cmp 0x4(%rbx),%r14d 0x7ffff78b3426: jne 0x7ffff78b3412 0x7ffff78b3428: mov 0x676c52(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b342e: xor %eax,%eax 0x7ffff78b3430: mov %rsp,%rdx 0x7ffff78b3433: mov $0xc0204623,%esi 0x7ffff78b3438: movq $0x0,(%rsp) 0x7ffff78b3440: movq $0x0,0x8(%rsp) 0x7ffff78b3449: movl $0x0,0x7083b9(%rip) # 0x7ffff7fbb80c 0x7ffff78b3453: movq $0x0,0x18(%rsp) 0x7ffff78b345c: mov %r12d,(%rsp) 0x7ffff78b3460: mov %r14d,0x4(%rsp) 0x7ffff78b3465: mov %r13d,0x8(%rsp) 0x7ffff78b346a: mov %r15,0x10(%rsp) 0x7ffff78b346f: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3474: test %eax,%eax 0x7ffff78b3476: jns 0x7ffff78b353b 0x7ffff78b347c: mov %rbx,%rdi 0x7ffff78b347f: mov $0x2a,%ebp 0x7ffff78b3484: callq 0x7ffff78b22d0 0x7ffff78b3489: jmpq 0x7ffff78b327f 0x7ffff78b348e: mov $0xb,%ebp 0x7ffff78b3493: movl $0x0,0x70836f(%rip) # 0x7ffff7fbb80c 0x7ffff78b349d: jmpq 0x7ffff78b327f 0x7ffff78b34a2: movzbl -0x2d(%rcx),%r9d 0x7ffff78b34a7: cmp %r9d,%r8d 0x7ffff78b34aa: jne 0x7ffff78b3317 0x7ffff78b34b0: jmpq 0x7ffff78b31e6 0x7ffff78b34b5: movzbl -0x2d(%rdx),%r11d 0x7ffff78b34ba: cmp %r11d,%r8d 0x7ffff78b34bd: data32 xchg %ax,%ax 0x7ffff78b34c0: jne 0x7ffff78b3332 0x7ffff78b34c6: jmpq 0x7ffff78b31e6 0x7ffff78b34cb: data32 xchg %ax,%ax 0x7ffff78b34ce: xchg %ax,%ax 0x7ffff78b34d0: movzbl -0x2d(%rdx),%r11d 0x7ffff78b34d5: cmp %r11d,%r8d 0x7ffff78b34d8: jne 0x7ffff78b33c1 0x7ffff78b34de: xchg %ax,%ax 0x7ffff78b34e0: jmpq 0x7ffff78b31e6 0x7ffff78b34e5: movzbl -0x2d(%rdx),%ebp 0x7ffff78b34e9: cmp %ebp,%r8d 0x7ffff78b34ec: jne 0x7ffff78b334b 0x7ffff78b34f2: jmpq 0x7ffff78b31e6 0x7ffff78b34f7: movzbl -0x2d(%rdx),%r10d 0x7ffff78b34fc: cmp %r10d,%r8d 0x7ffff78b34ff: nop 0x7ffff78b3500: jne 0x7ffff78b3369 0x7ffff78b3506: jmpq 0x7ffff78b31e6 0x7ffff78b350b: data32 xchg %ax,%ax 0x7ffff78b350e: xchg %ax,%ax 0x7ffff78b3510: movzbl -0x2d(%rdx),%eax 0x7ffff78b3514: cmp %eax,%r8d 0x7ffff78b3517: jne 0x7ffff78b3387 0x7ffff78b351d: data32 xchg %ax,%ax 0x7ffff78b3520: jmpq 0x7ffff78b31e6 0x7ffff78b3525: movzbl -0x2d(%rdx),%r9d 0x7ffff78b352a: cmp %r9d,%r8d 0x7ffff78b352d: data32 xchg %ax,%ax 0x7ffff78b3530: jne 0x7ffff78b33a3 0x7ffff78b3536: jmpq 0x7ffff78b31e6 0x7ffff78b353b: mov 0x18(%rsp),%r12d 0x7ffff78b3540: test %r12d,%r12d 0x7ffff78b3543: je 0x7ffff78b327f 0x7ffff78b3549: mov %rbx,%rdi 0x7ffff78b354c: callq 0x7ffff78b22d0 0x7ffff78b3551: mov 0x18(%rsp),%ebp 0x7ffff78b3555: jmpq 0x7ffff78b327f 0x7ffff78b355a: data32 xchg %ax,%ax 0x7ffff78b355d: data32 xchg %ax,%ax 0x7ffff78b3560: push %rbx 0x7ffff78b3561: mov %rdx,%r9 0x7ffff78b3564: xor %r8d,%r8d 0x7ffff78b3567: mov %rcx,%rbx 0x7ffff78b356a: mov $0x22,%edx 0x7ffff78b356f: mov $0x1,%ecx 0x7ffff78b3574: sub $0x10,%rsp 0x7ffff78b3578: test %r9,%r9 0x7ffff78b357b: je 0x7ffff78b3681 0x7ffff78b3581: mov %r8d,%eax 0x7ffff78b3584: lock cmpxchg %ecx,0x708280(%rip) # 0x7ffff7fbb80c 0x7ffff78b358c: setne %dl 0x7ffff78b358f: test %dl,%dl 0x7ffff78b3591: je 0x7ffff78b35ed 0x7ffff78b3593: mov 0x708272(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b359a: test %r10d,%r10d 0x7ffff78b359d: je 0x7ffff78b3581 0x7ffff78b359f: mov 0x708266(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b35a6: test %r11d,%r11d 0x7ffff78b35a9: je 0x7ffff78b3581 0x7ffff78b35ab: mov 0x70825b(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b35b1: test %edx,%edx 0x7ffff78b35b3: je 0x7ffff78b3581 0x7ffff78b35b5: mov 0x708251(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b35bb: test %eax,%eax 0x7ffff78b35bd: je 0x7ffff78b3581 0x7ffff78b35bf: mov 0x708246(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b35c6: test %r10d,%r10d 0x7ffff78b35c9: je 0x7ffff78b3581 0x7ffff78b35cb: mov 0x70823a(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b35d2: test %r11d,%r11d 0x7ffff78b35d5: je 0x7ffff78b3581 0x7ffff78b35d7: mov 0x70822f(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b35dd: test %edx,%edx 0x7ffff78b35df: je 0x7ffff78b3581 0x7ffff78b35e1: mov 0x708225(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b35e7: test %eax,%eax 0x7ffff78b35e9: jne 0x7ffff78b3593 0x7ffff78b35eb: jmp 0x7ffff78b3581 0x7ffff78b35ed: mov 0x704ff4(%rip),%rcx # 0x7ffff7fb85e8 0x7ffff78b35f4: mov (%rcx),%rax 0x7ffff78b35f7: test %rax,%rax 0x7ffff78b35fa: jne 0x7ffff78b360e 0x7ffff78b35fc: jmpq 0x7ffff78b3689 0x7ffff78b3601: mov 0x30(%rax),%rax 0x7ffff78b3605: test %rax,%rax 0x7ffff78b3608: je 0x7ffff78b3689 0x7ffff78b360e: cmp (%rax),%edi 0x7ffff78b3610: jne 0x7ffff78b3601 0x7ffff78b3612: mov 0x10(%rax),%rcx 0x7ffff78b3616: test %rcx,%rcx 0x7ffff78b3619: jne 0x7ffff78b362b 0x7ffff78b361b: data32 xchg %ax,%ax 0x7ffff78b361e: xchg %ax,%ax 0x7ffff78b3620: jmp 0x7ffff78b3601 0x7ffff78b3622: mov 0x10(%rcx),%rcx 0x7ffff78b3626: test %rcx,%rcx 0x7ffff78b3629: je 0x7ffff78b3601 0x7ffff78b362b: cmp (%rcx),%esi 0x7ffff78b362d: data32 xchg %ax,%ax 0x7ffff78b3630: jne 0x7ffff78b3622 0x7ffff78b3632: movl $0x0,0x4(%rsp) 0x7ffff78b363a: movl $0x0,0x7081c8(%rip) # 0x7ffff7fbb80c 0x7ffff78b3644: mov %rsp,%rdx 0x7ffff78b3647: movl $0x0,0x8(%rsp) 0x7ffff78b364f: movl $0x0,0xc(%rsp) 0x7ffff78b3657: xor %eax,%eax 0x7ffff78b3659: mov %r9,(%rsp) 0x7ffff78b365d: mov (%rcx),%edi 0x7ffff78b365f: mov $0xc0104652,%esi 0x7ffff78b3664: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3669: test %eax,%eax 0x7ffff78b366b: mov $0x2a,%edx 0x7ffff78b3670: js 0x7ffff78b3681 0x7ffff78b3672: test %rbx,%rbx 0x7ffff78b3675: je 0x7ffff78b367d 0x7ffff78b3677: mov 0x8(%rsp),%esi 0x7ffff78b367b: mov %esi,(%rbx) 0x7ffff78b367d: mov 0xc(%rsp),%edx 0x7ffff78b3681: add $0x10,%rsp 0x7ffff78b3685: mov %edx,%eax 0x7ffff78b3687: pop %rbx 0x7ffff78b3688: retq 0x7ffff78b3689: mov 0x704320(%rip),%r8 # 0x7ffff7fb79b0 0x7ffff78b3690: mov (%r8),%rdi 0x7ffff78b3693: mov 0x10(%rdi),%rcx 0x7ffff78b3697: test %rcx,%rcx 0x7ffff78b369a: jne 0x7ffff78b36a9 0x7ffff78b369c: jmp 0x7ffff78b36b7 0x7ffff78b369e: xchg %ax,%ax 0x7ffff78b36a0: mov 0x10(%rcx),%rcx 0x7ffff78b36a4: test %rcx,%rcx 0x7ffff78b36a7: je 0x7ffff78b36b7 0x7ffff78b36a9: cmp (%rcx),%esi 0x7ffff78b36ab: data32 xchg %ax,%ax 0x7ffff78b36ae: xchg %ax,%ax 0x7ffff78b36b0: jne 0x7ffff78b36a0 0x7ffff78b36b2: jmpq 0x7ffff78b3632 0x7ffff78b36b7: movl $0x0,0x70814b(%rip) # 0x7ffff7fbb80c 0x7ffff78b36c1: add $0x10,%rsp 0x7ffff78b36c5: mov $0x1d,%edx 0x7ffff78b36ca: pop %rbx 0x7ffff78b36cb: mov %edx,%eax 0x7ffff78b36cd: retq 0x7ffff78b36ce: xchg %ax,%ax 0x7ffff78b36d0: push %rbp 0x7ffff78b36d1: mov $0x22,%eax 0x7ffff78b36d6: mov %ecx,%ebp 0x7ffff78b36d8: push %rbx 0x7ffff78b36d9: mov %edx,%ebx 0x7ffff78b36db: sub $0x38,%rsp 0x7ffff78b36df: test %r9,%r9 0x7ffff78b36e2: je 0x7ffff78b3820 0x7ffff78b36e8: mov (%r9),%ecx 0x7ffff78b36eb: xor %r11d,%r11d 0x7ffff78b36ee: mov $0x1,%r10d 0x7ffff78b36f4: test %ecx,%ecx 0x7ffff78b36f6: jle 0x7ffff78b381b 0x7ffff78b36fc: data32 data32 xchg %ax,%ax 0x7ffff78b3700: mov %r11d,%eax 0x7ffff78b3703: lock cmpxchg %r10d,0x708100(%rip) # 0x7ffff7fbb80c 0x7ffff78b370c: setne %dl 0x7ffff78b370f: test %dl,%dl 0x7ffff78b3711: je 0x7ffff78b3765 0x7ffff78b3713: mov 0x7080f3(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b3719: test %edx,%edx 0x7ffff78b371b: je 0x7ffff78b3700 0x7ffff78b371d: mov 0x7080e9(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b3723: test %edx,%edx 0x7ffff78b3725: je 0x7ffff78b3700 0x7ffff78b3727: mov 0x7080df(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b372d: test %eax,%eax 0x7ffff78b372f: je 0x7ffff78b3700 0x7ffff78b3731: mov 0x7080d5(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b3737: test %edx,%edx 0x7ffff78b3739: je 0x7ffff78b3700 0x7ffff78b373b: mov 0x7080cb(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b3741: test %eax,%eax 0x7ffff78b3743: je 0x7ffff78b3700 0x7ffff78b3745: mov 0x7080c1(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b374b: test %edx,%edx 0x7ffff78b374d: je 0x7ffff78b3700 0x7ffff78b374f: mov 0x7080b7(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b3755: test %eax,%eax 0x7ffff78b3757: je 0x7ffff78b3700 0x7ffff78b3759: mov 0x7080ad(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b375f: test %edx,%edx 0x7ffff78b3761: jne 0x7ffff78b3713 0x7ffff78b3763: jmp 0x7ffff78b3700 0x7ffff78b3765: mov 0x704e7c(%rip),%r10 # 0x7ffff7fb85e8 0x7ffff78b376c: mov (%r10),%rax 0x7ffff78b376f: test %rax,%rax 0x7ffff78b3772: jne 0x7ffff78b378d 0x7ffff78b3774: jmpq 0x7ffff78b3827 0x7ffff78b3779: data32 data32 xchg %ax,%ax 0x7ffff78b377d: data32 xchg %ax,%ax 0x7ffff78b3780: mov 0x30(%rax),%rax 0x7ffff78b3784: test %rax,%rax 0x7ffff78b3787: je 0x7ffff78b3827 0x7ffff78b378d: cmp (%rax),%edi 0x7ffff78b378f: nop 0x7ffff78b3790: jne 0x7ffff78b3780 0x7ffff78b3792: mov 0x10(%rax),%r10 0x7ffff78b3796: test %r10,%r10 0x7ffff78b3799: jne 0x7ffff78b37ab 0x7ffff78b379b: data32 xchg %ax,%ax 0x7ffff78b379e: xchg %ax,%ax 0x7ffff78b37a0: jmp 0x7ffff78b3780 0x7ffff78b37a2: mov 0x10(%r10),%r10 0x7ffff78b37a6: test %r10,%r10 0x7ffff78b37a9: je 0x7ffff78b3780 0x7ffff78b37ab: cmp (%r10),%ecx 0x7ffff78b37ae: xchg %ax,%ax 0x7ffff78b37b0: jne 0x7ffff78b37a2 0x7ffff78b37b2: movq $0x0,(%rsp) 0x7ffff78b37ba: movq $0x0,0x8(%rsp) 0x7ffff78b37c3: xor %eax,%eax 0x7ffff78b37c5: movl $0x0,0x70803d(%rip) # 0x7ffff7fbb80c 0x7ffff78b37cf: movq $0x0,0x10(%rsp) 0x7ffff78b37d8: mov %rsp,%rdx 0x7ffff78b37db: movq $0x0,0x18(%rsp) 0x7ffff78b37e4: mov %edi,(%rsp) 0x7ffff78b37e7: mov %esi,0x4(%rsp) 0x7ffff78b37eb: movq $0x0,0x20(%rsp) 0x7ffff78b37f4: mov $0xc0284644,%esi 0x7ffff78b37f9: mov %ebx,0x8(%rsp) 0x7ffff78b37fd: mov %ebp,0xc(%rsp) 0x7ffff78b3801: mov %r8d,0x10(%rsp) 0x7ffff78b3806: mov 0x4(%r10),%ecx 0x7ffff78b380a: mov (%r9),%edi 0x7ffff78b380d: mov %rcx,0x18(%rsp) 0x7ffff78b3812: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3817: test %eax,%eax 0x7ffff78b3819: jns 0x7ffff78b386d 0x7ffff78b381b: mov $0x2a,%eax 0x7ffff78b3820: add $0x38,%rsp 0x7ffff78b3824: pop %rbx 0x7ffff78b3825: pop %rbp 0x7ffff78b3826: retq 0x7ffff78b3827: mov 0x704182(%rip),%rax # 0x7ffff7fb79b0 0x7ffff78b382e: mov (%rax),%r11 0x7ffff78b3831: mov 0x10(%r11),%r10 0x7ffff78b3835: test %r10,%r10 0x7ffff78b3838: jne 0x7ffff78b3849 0x7ffff78b383a: jmp 0x7ffff78b3857 0x7ffff78b383c: data32 data32 xchg %ax,%ax 0x7ffff78b3840: mov 0x10(%r10),%r10 0x7ffff78b3844: test %r10,%r10 0x7ffff78b3847: je 0x7ffff78b3857 0x7ffff78b3849: cmp (%r10),%ecx 0x7ffff78b384c: data32 data32 xchg %ax,%ax 0x7ffff78b3850: jne 0x7ffff78b3840 0x7ffff78b3852: jmpq 0x7ffff78b37b2 0x7ffff78b3857: movl $0x0,0x707fab(%rip) # 0x7ffff7fbb80c 0x7ffff78b3861: add $0x38,%rsp 0x7ffff78b3865: mov $0x1d,%eax 0x7ffff78b386a: pop %rbx 0x7ffff78b386b: pop %rbp 0x7ffff78b386c: retq 0x7ffff78b386d: mov 0x20(%rsp),%eax 0x7ffff78b3871: add $0x38,%rsp 0x7ffff78b3875: pop %rbx 0x7ffff78b3876: pop %rbp 0x7ffff78b3877: retq 0x7ffff78b3878: data32 data32 xchg %ax,%ax 0x7ffff78b387c: data32 data32 xchg %ax,%ax 0x7ffff78b3880: push %r13 0x7ffff78b3882: mov $0x22,%eax 0x7ffff78b3887: mov %rdi,%r13 0x7ffff78b388a: push %r12 0x7ffff78b388c: push %rbp 0x7ffff78b388d: push %rbx 0x7ffff78b388e: sub $0x4e8,%rsp 0x7ffff78b3895: test %rdi,%rdi 0x7ffff78b3898: je 0x7ffff78b3933 0x7ffff78b389e: xchg %ax,%ax 0x7ffff78b38a0: xor %eax,%eax 0x7ffff78b38a2: mov $0x1,%ecx 0x7ffff78b38a7: lock cmpxchg %ecx,0x707f5d(%rip) # 0x7ffff7fbb80c 0x7ffff78b38af: setne %dl 0x7ffff78b38b2: test %dl,%dl 0x7ffff78b38b4: je 0x7ffff78b3941 0x7ffff78b38ba: mov 0x707f4c(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b38c0: test %ebx,%ebx 0x7ffff78b38c2: je 0x7ffff78b38a0 0x7ffff78b38c4: mov 0x707f42(%rip),%ecx # 0x7ffff7fbb80c 0x7ffff78b38ca: test %ecx,%ecx 0x7ffff78b38cc: je 0x7ffff78b38a0 0x7ffff78b38ce: mov 0x707f38(%rip),%esi # 0x7ffff7fbb80c 0x7ffff78b38d4: test %esi,%esi 0x7ffff78b38d6: je 0x7ffff78b38a0 0x7ffff78b38d8: mov 0x707f2d(%rip),%r12d # 0x7ffff7fbb80c 0x7ffff78b38df: test %r12d,%r12d 0x7ffff78b38e2: je 0x7ffff78b38a0 0x7ffff78b38e4: mov 0x707f22(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b38ea: test %edx,%edx 0x7ffff78b38ec: je 0x7ffff78b38a0 0x7ffff78b38ee: mov 0x707f18(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b38f4: test %eax,%eax 0x7ffff78b38f6: je 0x7ffff78b38a0 0x7ffff78b38f8: mov 0x707f0d(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b38ff: test %r9d,%r9d 0x7ffff78b3902: je 0x7ffff78b38a0 0x7ffff78b3904: mov 0x707f01(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b390b: test %r10d,%r10d 0x7ffff78b390e: jne 0x7ffff78b38ba 0x7ffff78b3910: jmp 0x7ffff78b38a0 0x7ffff78b3912: mov 0x4d8(%rsp),%ecx 0x7ffff78b3919: test %ecx,%ecx 0x7ffff78b391b: jne 0x7ffff78b3e97 0x7ffff78b3921: mov 0x4d0(%rsp),%ebx 0x7ffff78b3928: mov %ebx,0x0(%r13) 0x7ffff78b392c: mov 0x4d8(%rsp),%eax 0x7ffff78b3933: add $0x4e8,%rsp 0x7ffff78b393a: pop %rbx 0x7ffff78b393b: pop %rbp 0x7ffff78b393c: pop %r12 0x7ffff78b393e: pop %r13 0x7ffff78b3940: retq 0x7ffff78b3941: mov 0x707ec1(%rip),%eax # 0x7ffff7fbb808 0x7ffff78b3947: test %eax,%eax 0x7ffff78b3949: je 0x7ffff78b3a4f 0x7ffff78b394f: inc %eax 0x7ffff78b3951: movl $0x0,0x707eb1(%rip) # 0x7ffff7fbb80c 0x7ffff78b395b: mov %eax,0x707ea7(%rip) # 0x7ffff7fbb808 0x7ffff78b3961: lea 0x4d0(%rsp),%rdx 0x7ffff78b3969: movl $0x0,0x0(%r13) 0x7ffff78b3971: movl $0x0,0x4d0(%rsp) 0x7ffff78b397c: mov $0xc00c4622,%esi 0x7ffff78b3981: xor %eax,%eax 0x7ffff78b3983: movl $0x0,0x8(%rdx) 0x7ffff78b398a: mov 0x6766f0(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3990: movl $0x0,0x4d4(%rsp) 0x7ffff78b399b: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b39a0: xor %esi,%esi 0x7ffff78b39a2: test %eax,%eax 0x7ffff78b39a4: mov $0x1,%ecx 0x7ffff78b39a9: jns 0x7ffff78b3912 0x7ffff78b39af: mov %esi,%eax 0x7ffff78b39b1: lock cmpxchg %ecx,0x707e53(%rip) # 0x7ffff7fbb80c 0x7ffff78b39b9: setne %dl 0x7ffff78b39bc: test %dl,%dl 0x7ffff78b39be: je 0x7ffff78b3a1c 0x7ffff78b39c0: mov 0x707e45(%rip),%r8d # 0x7ffff7fbb80c 0x7ffff78b39c7: test %r8d,%r8d 0x7ffff78b39ca: je 0x7ffff78b39af 0x7ffff78b39cc: mov 0x707e39(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b39d3: test %r10d,%r10d 0x7ffff78b39d6: je 0x7ffff78b39af 0x7ffff78b39d8: mov 0x707e2d(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b39df: test %r11d,%r11d 0x7ffff78b39e2: je 0x7ffff78b39af 0x7ffff78b39e4: mov 0x707e21(%rip),%r13d # 0x7ffff7fbb80c 0x7ffff78b39eb: test %r13d,%r13d 0x7ffff78b39ee: je 0x7ffff78b39af 0x7ffff78b39f0: mov 0x707e16(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b39f6: test %ebx,%ebx 0x7ffff78b39f8: je 0x7ffff78b39af 0x7ffff78b39fa: mov 0x707e0c(%rip),%ebp # 0x7ffff7fbb80c 0x7ffff78b3a00: test %ebp,%ebp 0x7ffff78b3a02: je 0x7ffff78b39af 0x7ffff78b3a04: mov 0x707e02(%rip),%edi # 0x7ffff7fbb80c 0x7ffff78b3a0a: test %edi,%edi 0x7ffff78b3a0c: je 0x7ffff78b39af 0x7ffff78b3a0e: mov 0x707df7(%rip),%r8d # 0x7ffff7fbb80c 0x7ffff78b3a15: test %r8d,%r8d 0x7ffff78b3a18: jne 0x7ffff78b39c0 0x7ffff78b3a1a: jmp 0x7ffff78b39af 0x7ffff78b3a1c: mov 0x707de6(%rip),%esi # 0x7ffff7fbb808 0x7ffff78b3a22: dec %esi 0x7ffff78b3a24: test %esi,%esi 0x7ffff78b3a26: mov %esi,0x707ddc(%rip) # 0x7ffff7fbb808 0x7ffff78b3a2c: je 0x7ffff78b3dcb 0x7ffff78b3a32: movl $0x0,0x707dd0(%rip) # 0x7ffff7fbb80c 0x7ffff78b3a3c: mov $0x2a,%eax 0x7ffff78b3a41: add $0x4e8,%rsp 0x7ffff78b3a48: pop %rbx 0x7ffff78b3a49: pop %rbp 0x7ffff78b3a4a: pop %r12 0x7ffff78b3a4c: pop %r13 0x7ffff78b3a4e: retq 0x7ffff78b3a4f: mov 0x705b9a(%rip),%rbp # 0x7ffff7fb95f0 0x7ffff78b3a56: mov $0x700,%edx 0x7ffff78b3a5b: xor %esi,%esi 0x7ffff78b3a5d: mov %rbp,%rdi 0x7ffff78b3a60: callq 0x7ffff782a990 <memset@plt> 0x7ffff78b3a65: lea 0x700(%rbp),%rdx 0x7ffff78b3a6c: mov %rbp,%rax 0x7ffff78b3a6f: movl $0xffffffff,(%rax) 0x7ffff78b3a75: movl $0xffffffff,0x38(%rax) 0x7ffff78b3a7c: movl $0xffffffff,0x70(%rax) 0x7ffff78b3a83: movl $0xffffffff,0xa8(%rax) 0x7ffff78b3a8d: movl $0xffffffff,0xe0(%rax) 0x7ffff78b3a97: movl $0xffffffff,0x118(%rax) 0x7ffff78b3aa1: movl $0xffffffff,0x150(%rax) 0x7ffff78b3aab: movl $0xffffffff,0x188(%rax) 0x7ffff78b3ab5: add $0x1c0,%rax 0x7ffff78b3abb: cmp %rdx,%rax 0x7ffff78b3abe: jne 0x7ffff78b3a6f 0x7ffff78b3ac0: callq 0x7ffff782a290 <geteuid@plt> 0x7ffff78b3ac5: test %eax,%eax 0x7ffff78b3ac7: jne 0x7ffff78b3bf7 0x7ffff78b3acd: movzbl 0x4d1b06(%rip),%esi # 0x7ffff7d855da 0x7ffff78b3ad4: lea 0x1(%rsp),%rdi 0x7ffff78b3ad9: mov $0x3ff,%edx 0x7ffff78b3ade: lea 0x480(%rsp),%rbp 0x7ffff78b3ae6: mov %sil,(%rsp) 0x7ffff78b3aea: xor %esi,%esi 0x7ffff78b3aec: callq 0x7ffff782a990 <memset@plt> 0x7ffff78b3af1: lea 0x53ee73(%rip),%rsi # 0x7ffff7df296b 0x7ffff78b3af8: lea 0x4d178d(%rip),%rdi # 0x7ffff7d8528c 0x7ffff78b3aff: movl $0x1,0x4dc(%rsp) 0x7ffff78b3b0a: callq 0x7ffff782a520 <fopen64@plt> 0x7ffff78b3b0f: test %rax,%rax 0x7ffff78b3b12: mov %rax,%rbx 0x7ffff78b3b15: jne 0x7ffff78b3b40 0x7ffff78b3b17: jmp 0x7ffff78b3b60 0x7ffff78b3b19: data32 data32 xchg %ax,%ax 0x7ffff78b3b1d: data32 xchg %ax,%ax 0x7ffff78b3b20: cld 0x7ffff78b3b21: lea 0x4d1772(%rip),%rdi # 0x7ffff7d8529a 0x7ffff78b3b28: movb $0x0,0x48f(%rsp) 0x7ffff78b3b30: mov $0x7,%ecx 0x7ffff78b3b35: mov %rbp,%rsi 0x7ffff78b3b38: repz cmpsb %es:(%rdi),%ds:(%rsi) 0x7ffff78b3b3a: je 0x7ffff78b3f09 0x7ffff78b3b40: lea 0x4d175a(%rip),%rsi # 0x7ffff7d852a1 0x7ffff78b3b47: xor %eax,%eax 0x7ffff78b3b49: mov %rbp,%rdx 0x7ffff78b3b4c: mov %rbx,%rdi 0x7ffff78b3b4f: callq 0x7ffff782a400 <fscanf@plt> 0x7ffff78b3b54: dec %eax 0x7ffff78b3b56: je 0x7ffff78b3b20 0x7ffff78b3b58: mov %rbx,%rdi 0x7ffff78b3b5b: callq 0x7ffff782a5a0 <fclose@plt> 0x7ffff78b3b60: lea 0x4d1746(%rip),%rdi # 0x7ffff7d852ad 0x7ffff78b3b67: xor %esi,%esi 0x7ffff78b3b69: xor %eax,%eax 0x7ffff78b3b6b: callq 0x7ffff782a360 <open64@plt> 0x7ffff78b3b70: test %eax,%eax 0x7ffff78b3b72: mov %eax,%ebx 0x7ffff78b3b74: js 0x7ffff78b3ba2 0x7ffff78b3b76: mov %rsp,%rsi 0x7ffff78b3b79: mov $0x3ff,%edx 0x7ffff78b3b7e: mov %eax,%edi 0x7ffff78b3b80: callq 0x7ffff782a2b0 <read@plt> 0x7ffff78b3b85: test %eax,%eax 0x7ffff78b3b87: jle 0x7ffff78b4012 0x7ffff78b3b8d: dec %eax 0x7ffff78b3b8f: cltq 0x7ffff78b3b91: cmpb $0xa,(%rsp,%rax,1) 0x7ffff78b3b95: je 0x7ffff78b406a 0x7ffff78b3b9b: mov %ebx,%edi 0x7ffff78b3b9d: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b3ba2: cmpb $0x0,(%rsp) 0x7ffff78b3ba6: je 0x7ffff78b401b 0x7ffff78b3bac: callq 0x7ffff782a2a0 <fork@plt> 0x7ffff78b3bb1: cmp $0xffffffffffffffff,%eax 0x7ffff78b3bb4: mov %eax,%edi 0x7ffff78b3bb6: je 0x7ffff78b3f46 0x7ffff78b3bbc: test %eax,%eax 0x7ffff78b3bbe: xchg %ax,%ax 0x7ffff78b3bc0: je 0x7ffff78b3f72 0x7ffff78b3bc6: lea 0x4dc(%rsp),%rsi 0x7ffff78b3bce: xor %edx,%edx 0x7ffff78b3bd0: callq 0x7ffff782aa70 <waitpid@plt> 0x7ffff78b3bd5: test %eax,%eax 0x7ffff78b3bd7: js 0x7ffff78b3f46 0x7ffff78b3bdd: mov 0x4dc(%rsp),%eax 0x7ffff78b3be4: test $0x7f,%al 0x7ffff78b3be6: jne 0x7ffff78b3f46 0x7ffff78b3bec: movzbl %ah,%edx 0x7ffff78b3bef: test %edx,%edx 0x7ffff78b3bf1: jne 0x7ffff78b3f46 0x7ffff78b3bf7: lea 0x400(%rsp),%rbx 0x7ffff78b3bff: lea 0x4d16c7(%rip),%rdx # 0x7ffff7d852cd 0x7ffff78b3c06: mov $0x80,%esi 0x7ffff78b3c0b: xor %eax,%eax 0x7ffff78b3c0d: mov %rbx,%rdi 0x7ffff78b3c10: callq 0x7ffff782a740 <snprintf@plt> 0x7ffff78b3c15: mov $0xff,%esi 0x7ffff78b3c1a: mov %rbx,%rdi 0x7ffff78b3c1d: callq 0x7ffff78b0050 0x7ffff78b3c22: xor %eax,%eax 0x7ffff78b3c24: mov $0x2,%esi 0x7ffff78b3c29: mov %rbx,%rdi 0x7ffff78b3c2c: callq 0x7ffff782a360 <open64@plt> 0x7ffff78b3c31: test %eax,%eax 0x7ffff78b3c33: mov %eax,%ebp 0x7ffff78b3c35: mov %eax,0x676445(%rip) # 0x7ffff7f2a080 0x7ffff78b3c3b: js 0x7ffff78b3e0c 0x7ffff78b3c41: lea 0x480(%rsp),%r12 memset 0x48 (72) bytes to 0 at %r12. rbx preserves 8 bytes into the struct. r12 == 0x480(%rsp) 0x7ffff78b3c49: xor %esi,%esi 0x7ffff78b3c4b: mov $0x48,%edx 0x7ffff78b3c50: lea 0x8(%r12),%rbx 0x7ffff78b3c55: mov %r12,%rdi 0x7ffff78b3c58: callq 0x7ffff782a990 <memset@plt> 0x7ffff78b3c5d: lea 0x4d1678(%rip),%rdi # 0x7ffff7d852dc 0x7ffff78b3c64: movabs $0x312e36332e353931,%rax 0x7ffff78b3c6e: movq $0x0,0x38(%rbx) *(uint64_t *)r12 + 16 = 35 0x7ffff78b3c76: movq $0x35,0x8(%rbx) 0x7ffff78b3c7e: movq $0x0,0x10(%rbx) 0x7ffff78b3c86: movq $0x0,0x18(%rbx) 0x7ffff78b3c8e: movq $0x0,0x20(%rbx) 0x7ffff78b3c96: movq $0x0,0x28(%rbx) 0x7ffff78b3c9e: movq $0x0,0x30(%rbx) 0x7ffff78b3ca6: movl $0x0,0x480(%rsp) 0x7ffff78b3cb1: movl $0x0,0x484(%rsp) *(uint64_t *)r12 + 8 = 0x312e36332e353931 0x7ffff78b3cbc: mov %rax,0x488(%rsp) 0x7ffff78b3cc4: movb $0x0,0x4c7(%rsp) 0x7ffff78b3ccc: callq 0x7ffff782a460 <getenv@plt> 0x7ffff78b3cd1: test %rax,%rax 0x7ffff78b3cd4: je 0x7ffff78b3ce0 0x7ffff78b3cd6: movsbl (%rax),%edi 0x7ffff78b3cd9: mov %edi,0x480(%rsp) 0x7ffff78b3ce0: xor %eax,%eax 0x7ffff78b3ce2: mov %r12,%rdx 0x7ffff78b3ce5: mov $0xc04846d2,%esi 0x7ffff78b3cea: mov %ebp,%edi 0x7ffff78b3cec: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3cf1: test %eax,%eax 0x7ffff78b3cf3: js 0x7ffff78b3e4a 0x7ffff78b3cf9: mov 0x704ad0(%rip),%rdx # 0x7ffff7fb87d0 0x7ffff78b3d00: xor %eax,%eax 0x7ffff78b3d02: mov $0xc00446ca,%esi 0x7ffff78b3d07: movl $0x0,(%rdx) 0x7ffff78b3d0d: mov 0x67636d(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3d13: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b3d18: test %eax,%eax 0x7ffff78b3d1a: js 0x7ffff78b3e78 0x7ffff78b3d20: mov 0x7045d9(%rip),%rbp # 0x7ffff7fb8300 0x7ffff78b3d27: xor %esi,%esi 0x7ffff78b3d29: mov $0x600,%edx 0x7ffff78b3d2e: mov %rbp,%rdi 0x7ffff78b3d31: callq 0x7ffff782a990 <memset@plt> 0x7ffff78b3d36: movl $0xffffffff,0x0(%rbp) 0x7ffff78b3d3d: mov 0x67633d(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3d43: xor %eax,%eax 0x7ffff78b3d45: mov %rbp,%rdx 0x7ffff78b3d48: mov $0xc60046c8,%esi 0x7ffff78b3d4d: callq 0x7ffff782ab20 <ioctl@plt>
after third ioctl
0x7ffff78b3d52: test %eax,%eax 0x7ffff78b3d54: js 0x7ffff78b3e78 0x7ffff78b3d5a: mov $0x38,%edi 0x7ffff78b3d5f: callq 0x7ffff782a470 <malloc@plt> 0x7ffff78b3d64: test %rax,%rax 0x7ffff78b3d67: mov %rax,%rdx 0x7ffff78b3d6a: je 0x7ffff78b3e78 0x7ffff78b3d70: cld 0x7ffff78b3d71: mov $0x7,%ecx 0x7ffff78b3d76: xor %eax,%eax 0x7ffff78b3d78: mov %rdx,%rdi 0x7ffff78b3d7b: rep stos %rax,%es:(%rdi) 0x7ffff78b3d7e: mov 0x703c2b(%rip),%rbp # 0x7ffff7fb79b0 0x7ffff78b3d85: movq $0x0,0x10(%rdx) 0x7ffff78b3d8d: movl $0x0,(%rdx) 0x7ffff78b3d93: movl $0x0,0x4(%rdx) 0x7ffff78b3d9a: movl $0x0,0x8(%rdx) 0x7ffff78b3da1: movq $0x0,0x30(%rdx) 0x7ffff78b3da9: mov 0x6762d1(%rip),%ebx # 0x7ffff7f2a080 0x7ffff78b3daf: mov %rdx,0x0(%rbp) 0x7ffff78b3db3: mov %ebx,0xc(%rdx) 0x7ffff78b3db6: incl 0x707a4c(%rip) # 0x7ffff7fbb808 0x7ffff78b3dbc: movl $0x0,0x707a46(%rip) # 0x7ffff7fbb80c 0x7ffff78b3dc6: jmpq 0x7ffff78b3961
0x7ffff78b3961: lea 0x4d0(%rsp),%rdx 0x7ffff78b3969: movl $0x0,0x0(%r13) 0x7ffff78b3971: movl $0x0,0x4d0(%rsp) 0x7ffff78b397c: mov $0xc00c4622,%esi 0x7ffff78b3981: xor %eax,%eax 0x7ffff78b3983: movl $0x0,0x8(%rdx) 0x7ffff78b398a: mov 0x6766f0(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3990: movl $0x0,0x4d4(%rsp) ==>0x7ffff78b399b: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b39a0: xor %esi,%esi 0x7ffff78b39a2: test %eax,%eax 0x7ffff78b39a4: mov $0x1,%ecx 0x7ffff78b39a9: jns 0x7ffff78b3912
=> 0x7ffff78b3912: mov 0x4d8(%rsp),%ecx 0x7ffff78b3919: test %ecx,%ecx 0x7ffff78b391b: jne 0x7ffff78b3e97 0x7ffff78b3921: mov 0x4d0(%rsp),%ebx 0x7ffff78b3928: mov %ebx,0x0(%r13) 0x7ffff78b392c: mov 0x4d8(%rsp),%eax 0x7ffff78b3933: add $0x4e8,%rsp 0x7ffff78b393a: pop %rbx 0x7ffff78b393b: pop %rbp 0x7ffff78b393c: pop %r12 0x7ffff78b393e: pop %r13 0x7ffff78b3940: retq
return down the stack
0x7ffff78b3dcb: mov 0x6762af(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3dd1: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b3dd6: mov 0x703bd3(%rip),%r12 # 0x7ffff7fb79b0 0x7ffff78b3ddd: mov (%r12),%rdi 0x7ffff78b3de1: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b3de6: mov $0x2a,%eax 0x7ffff78b3deb: movq $0x0,(%r12) 0x7ffff78b3df3: movl $0xffffffff,0x676283(%rip) # 0x7ffff7f2a080 0x7ffff78b3dfd: movl $0x0,0x707a05(%rip) # 0x7ffff7fbb80c 0x7ffff78b3e07: jmpq 0x7ffff78b3a41 0x7ffff78b3e0c: callq 0x7ffff782ab50 <__errno_location@plt> 0x7ffff78b3e11: mov (%rax),%edi 0x7ffff78b3e13: callq 0x7ffff782a9b0 <strerror@plt> 0x7ffff78b3e18: mov 0x7042d9(%rip),%r11 # 0x7ffff7fb80f8 0x7ffff78b3e1f: lea 0x4d14d2(%rip),%rsi # 0x7ffff7d852f8 0x7ffff78b3e26: mov %rax,%rcx 0x7ffff78b3e29: mov %rbx,%rdx 0x7ffff78b3e2c: xor %eax,%eax 0x7ffff78b3e2e: mov (%r11),%rdi 0x7ffff78b3e31: callq 0x7ffff78b0510 0x7ffff78b3e36: mov $0x2a,%eax 0x7ffff78b3e3b: movl $0x0,0x7079c7(%rip) # 0x7ffff7fbb80c 0x7ffff78b3e45: jmpq 0x7ffff78b3933 0x7ffff78b3e4a: cmpl $0x1,0x484(%rsp) 0x7ffff78b3e52: je 0x7ffff78b4042 0x7ffff78b3e58: mov 0x704299(%rip),%r13 # 0x7ffff7fb80f8 0x7ffff78b3e5f: lea 0x4d0c2e(%rip),%rdx # 0x7ffff7d84a94 0x7ffff78b3e66: lea 0x4d1693(%rip),%rsi # 0x7ffff7d85500 0x7ffff78b3e6d: xor %eax,%eax 0x7ffff78b3e6f: mov 0x0(%r13),%rdi 0x7ffff78b3e73: callq 0x7ffff782a700 <fprintf@plt> 0x7ffff78b3e78: mov 0x676202(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3e7e: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b3e83: mov $0x2a,%eax 0x7ffff78b3e88: movl $0x0,0x70797a(%rip) # 0x7ffff7fbb80c 0x7ffff78b3e92: jmpq 0x7ffff78b3a41 0x7ffff78b3e97: xor %eax,%eax 0x7ffff78b3e99: mov $0x1,%r9d 0x7ffff78b3e9f: lock cmpxchg %r9d,0x707964(%rip) # 0x7ffff7fbb80c 0x7ffff78b3ea8: setne %dl 0x7ffff78b3eab: test %dl,%dl 0x7ffff78b3ead: je 0x7ffff78b3f16 0x7ffff78b3eaf: mov 0x707956(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b3eb6: test %r10d,%r10d 0x7ffff78b3eb9: je 0x7ffff78b3e97 0x7ffff78b3ebb: mov 0x70794b(%rip),%edi # 0x7ffff7fbb80c 0x7ffff78b3ec1: test %edi,%edi 0x7ffff78b3ec3: je 0x7ffff78b3e97 0x7ffff78b3ec5: mov 0x707940(%rip),%r8d # 0x7ffff7fbb80c 0x7ffff78b3ecc: test %r8d,%r8d 0x7ffff78b3ecf: je 0x7ffff78b3e97 0x7ffff78b3ed1: mov 0x707935(%rip),%esi # 0x7ffff7fbb80c 0x7ffff78b3ed7: test %esi,%esi 0x7ffff78b3ed9: je 0x7ffff78b3e97 0x7ffff78b3edb: mov 0x70792a(%rip),%r12d # 0x7ffff7fbb80c 0x7ffff78b3ee2: test %r12d,%r12d 0x7ffff78b3ee5: je 0x7ffff78b3e97 0x7ffff78b3ee7: mov 0x70791f(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b3eed: test %edx,%edx 0x7ffff78b3eef: je 0x7ffff78b3e97 0x7ffff78b3ef1: mov 0x707915(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b3ef7: test %eax,%eax 0x7ffff78b3ef9: je 0x7ffff78b3e97 0x7ffff78b3efb: mov 0x70790a(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b3f02: test %r9d,%r9d 0x7ffff78b3f05: jne 0x7ffff78b3eaf 0x7ffff78b3f07: jmp 0x7ffff78b3e97 0x7ffff78b3f09: mov %rbx,%rdi 0x7ffff78b3f0c: callq 0x7ffff782a5a0 <fclose@plt> 0x7ffff78b3f11: jmpq 0x7ffff78b3bf7 0x7ffff78b3f16: mov 0x7078eb(%rip),%r11d # 0x7ffff7fbb808 0x7ffff78b3f1d: dec %r11d 0x7ffff78b3f20: test %r11d,%r11d 0x7ffff78b3f23: mov %r11d,0x7078de(%rip) # 0x7ffff7fbb808 0x7ffff78b3f2a: je 0x7ffff78b3fe0 0x7ffff78b3f30: mov 0x4d8(%rsp),%eax 0x7ffff78b3f37: movl $0x0,0x7078cb(%rip) # 0x7ffff7fbb80c 0x7ffff78b3f41: jmpq 0x7ffff78b3933 0x7ffff78b3f46: mov 0x7041ab(%rip),%r10 # 0x7ffff7fb80f8 0x7ffff78b3f4d: lea 0x4d149c(%rip),%rsi # 0x7ffff7d853f0 0x7ffff78b3f54: xor %eax,%eax 0x7ffff78b3f56: mov (%r10),%rdi 0x7ffff78b3f59: callq 0x7ffff78b0510 0x7ffff78b3f5e: mov $0x2a,%eax 0x7ffff78b3f63: movl $0x0,0x70789f(%rip) # 0x7ffff7fbb80c 0x7ffff78b3f6d: jmpq 0x7ffff78b3933 0x7ffff78b3f72: lea 0x4d134e(%rip),%rsi # 0x7ffff7d852c7 0x7ffff78b3f79: lea 0x4c1ead(%rip),%rdi # 0x7ffff7d75e2d 0x7ffff78b3f80: mov $0x1,%edx 0x7ffff78b3f85: callq 0x7ffff782a690 <setenv@plt> 0x7ffff78b3f8a: lea 0x4d1309(%rip),%rdx # 0x7ffff7d8529a 0x7ffff78b3f91: lea 0x4d1326(%rip),%rsi # 0x7ffff7d852be 0x7ffff78b3f98: xor %ecx,%ecx 0x7ffff78b3f9a: xor %eax,%eax 0x7ffff78b3f9c: mov %rsp,%rdi 0x7ffff78b3f9f: callq 0x7ffff782ac90 <execl@plt> 0x7ffff78b3fa4: test %eax,%eax 0x7ffff78b3fa6: jns 0x7ffff78b3bf7 0x7ffff78b3fac: callq 0x7ffff782ab50 <__errno_location@plt> 0x7ffff78b3fb1: mov (%rax),%edi 0x7ffff78b3fb3: callq 0x7ffff782a9b0 <strerror@plt> 0x7ffff78b3fb8: mov 0x704139(%rip),%r9 # 0x7ffff7fb80f8 0x7ffff78b3fbf: lea 0x4d1402(%rip),%rsi # 0x7ffff7d853c8 0x7ffff78b3fc6: mov %rax,%rcx 0x7ffff78b3fc9: mov %rsp,%rdx 0x7ffff78b3fcc: xor %eax,%eax 0x7ffff78b3fce: mov (%r9),%rdi 0x7ffff78b3fd1: callq 0x7ffff78b0510 0x7ffff78b3fd6: mov $0x1,%edi 0x7ffff78b3fdb: callq 0x7ffff782aa80 <exit@plt> 0x7ffff78b3fe0: mov 0x67609a(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b3fe6: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b3feb: mov 0x7039be(%rip),%r13 # 0x7ffff7fb79b0 0x7ffff78b3ff2: mov 0x0(%r13),%rdi 0x7ffff78b3ff6: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b3ffb: movq $0x0,0x0(%r13) 0x7ffff78b4003: movl $0xffffffff,0x676073(%rip) # 0x7ffff7f2a080 0x7ffff78b400d: jmpq 0x7ffff78b3f30 0x7ffff78b4012: movb $0x0,(%rsp) 0x7ffff78b4016: jmpq 0x7ffff78b3b9b 0x7ffff78b401b: movabs $0x6f6d2f6e6962732f,%r8 0x7ffff78b4025: movl $0x6f727064,0x8(%rsp) 0x7ffff78b402d: movw $0x6562,0xc(%rsp) 0x7ffff78b4034: mov %r8,(%rsp) 0x7ffff78b4038: movb $0x0,0xe(%rsp) 0x7ffff78b403d: jmpq 0x7ffff78b3bac 0x7ffff78b4042: mov 0x7040af(%rip),%r12 # 0x7ffff7fb80f8 0x7ffff78b4049: lea 0x4d0a44(%rip),%rcx # 0x7ffff7d84a94 0x7ffff78b4050: lea 0x4d13d1(%rip),%rsi # 0x7ffff7d85428 0x7ffff78b4057: mov %rbx,%rdx 0x7ffff78b405a: xor %eax,%eax 0x7ffff78b405c: mov (%r12),%rdi 0x7ffff78b4060: callq 0x7ffff782a700 <fprintf@plt> 0x7ffff78b4065: jmpq 0x7ffff78b3e78 0x7ffff78b406a: movb $0x0,(%rsp,%rax,1) 0x7ffff78b406e: jmpq 0x7ffff78b3b9b 0x7ffff78b4073: data32 data32 xchg %ax,%ax 0x7ffff78b4077: data32 xchg %ax,%ax 0x7ffff78b407a: data32 xchg %ax,%ax 0x7ffff78b407d: data32 xchg %ax,%ax 0x7ffff78b4080: push %rbp 0x7ffff78b4081: mov %edx,%r11d 0x7ffff78b4084: xor %r10d,%r10d 0x7ffff78b4087: mov $0x1,%r9d 0x7ffff78b408d: push %rbx 0x7ffff78b408e: sub $0x28,%rsp 0x7ffff78b4092: mov %r10d,%eax 0x7ffff78b4095: lock cmpxchg %r9d,0x70776e(%rip) # 0x7ffff7fbb80c 0x7ffff78b409e: setne %dl 0x7ffff78b40a1: test %dl,%dl 0x7ffff78b40a3: je 0x7ffff78b40f7 0x7ffff78b40a5: mov 0x707761(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b40ab: test %ebx,%ebx 0x7ffff78b40ad: je 0x7ffff78b4092 0x7ffff78b40af: mov 0x707757(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b40b5: test %ebx,%ebx 0x7ffff78b40b7: je 0x7ffff78b4092 0x7ffff78b40b9: mov 0x70774d(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b40bf: test %edx,%edx 0x7ffff78b40c1: je 0x7ffff78b4092 0x7ffff78b40c3: mov 0x707743(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b40c9: test %eax,%eax 0x7ffff78b40cb: je 0x7ffff78b4092 0x7ffff78b40cd: mov 0x707739(%rip),%ebp # 0x7ffff7fbb80c 0x7ffff78b40d3: test %ebp,%ebp 0x7ffff78b40d5: je 0x7ffff78b4092 0x7ffff78b40d7: mov 0x70772f(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b40dd: test %ebx,%ebx 0x7ffff78b40df: je 0x7ffff78b4092 0x7ffff78b40e1: mov 0x707725(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b40e7: test %edx,%edx 0x7ffff78b40e9: je 0x7ffff78b4092 0x7ffff78b40eb: mov 0x70771b(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b40f1: test %eax,%eax 0x7ffff78b40f3: jne 0x7ffff78b40a5 0x7ffff78b40f5: jmp 0x7ffff78b4092 0x7ffff78b40f7: mov 0x7044ea(%rip),%rbp # 0x7ffff7fb85e8 0x7ffff78b40fe: mov 0x0(%rbp),%rbx 0x7ffff78b4102: test %rbx,%rbx 0x7ffff78b4105: jne 0x7ffff78b411d 0x7ffff78b4107: jmpq 0x7ffff78b41a3 0x7ffff78b410c: data32 data32 xchg %ax,%ax 0x7ffff78b4110: mov 0x30(%rbx),%rbx 0x7ffff78b4114: test %rbx,%rbx 0x7ffff78b4117: je 0x7ffff78b41a3 0x7ffff78b411d: cmp (%rbx),%edi 0x7ffff78b411f: nop 0x7ffff78b4120: jne 0x7ffff78b4110 0x7ffff78b4122: cmp 0x4(%rbx),%esi 0x7ffff78b4125: jne 0x7ffff78b4110 0x7ffff78b4127: movl $0x0,0x7076db(%rip) # 0x7ffff7fbb80c 0x7ffff78b4131: xor %eax,%eax 0x7ffff78b4133: mov $0x1,%r9d 0x7ffff78b4139: lock cmpxchg %r9d,0x7076ce(%rip) # 0x7ffff7fbb810 0x7ffff78b4142: setne %dl 0x7ffff78b4145: test %dl,%dl 0x7ffff78b4147: je 0x7ffff78b41bb 0x7ffff78b4149: mov 0x7076c0(%rip),%r10d # 0x7ffff7fbb810 0x7ffff78b4150: test %r10d,%r10d 0x7ffff78b4153: je 0x7ffff78b4131 0x7ffff78b4155: mov 0x7076b5(%rip),%ebp # 0x7ffff7fbb810 0x7ffff78b415b: test %ebp,%ebp 0x7ffff78b415d: je 0x7ffff78b4131 0x7ffff78b415f: mov 0x7076aa(%rip),%r9d # 0x7ffff7fbb810 0x7ffff78b4166: test %r9d,%r9d 0x7ffff78b4169: je 0x7ffff78b4131 0x7ffff78b416b: mov 0x70769e(%rip),%r10d # 0x7ffff7fbb810 0x7ffff78b4172: test %r10d,%r10d 0x7ffff78b4175: je 0x7ffff78b4131 0x7ffff78b4177: mov 0x707693(%rip),%edx # 0x7ffff7fbb810 0x7ffff78b417d: test %edx,%edx 0x7ffff78b417f: je 0x7ffff78b4131 0x7ffff78b4181: mov 0x707689(%rip),%eax # 0x7ffff7fbb810 0x7ffff78b4187: test %eax,%eax 0x7ffff78b4189: je 0x7ffff78b4131 0x7ffff78b418b: mov 0x70767f(%rip),%ebp # 0x7ffff7fbb810 0x7ffff78b4191: test %ebp,%ebp 0x7ffff78b4193: je 0x7ffff78b4131 0x7ffff78b4195: mov 0x707674(%rip),%r9d # 0x7ffff7fbb810 0x7ffff78b419c: test %r9d,%r9d 0x7ffff78b419f: jne 0x7ffff78b4149 0x7ffff78b41a1: jmp 0x7ffff78b4131 0x7ffff78b41a3: movl $0x0,0x70765f(%rip) # 0x7ffff7fbb80c 0x7ffff78b41ad: mov $0x2a,%edx 0x7ffff78b41b2: add $0x28,%rsp 0x7ffff78b41b6: mov %edx,%eax 0x7ffff78b41b8: pop %rbx 0x7ffff78b41b9: pop %rbp 0x7ffff78b41ba: retq 0x7ffff78b41bb: mov 0x20(%rbx),%rbp 0x7ffff78b41bf: test %rbp,%rbp 0x7ffff78b41c2: jne 0x7ffff78b41dd 0x7ffff78b41c4: jmpq 0x7ffff78b42f0 0x7ffff78b41c9: data32 data32 xchg %ax,%ax 0x7ffff78b41cd: data32 xchg %ax,%ax 0x7ffff78b41d0: mov 0x38(%rbp),%rbp 0x7ffff78b41d4: test %rbp,%rbp 0x7ffff78b41d7: je 0x7ffff78b42f0 0x7ffff78b41dd: cmp 0x0(%rbp),%rcx 0x7ffff78b41e1: jne 0x7ffff78b41d0 0x7ffff78b41e3: movq $0x0,(%rsp) 0x7ffff78b41eb: movq $0x0,0x8(%rsp) 0x7ffff78b41f4: movl $0x0,0x707612(%rip) # 0x7ffff7fbb810 0x7ffff78b41fe: movq $0x0,0x10(%rsp) 0x7ffff78b4207: movq $0x0,0x18(%rsp) 0x7ffff78b4210: mov %edi,(%rsp) 0x7ffff78b4213: mov %esi,0x4(%rsp) 0x7ffff78b4217: mov %r11d,0x8(%rsp) 0x7ffff78b421c: mov 0x28(%rbx),%rdi 0x7ffff78b4220: mov 0x18(%rbp),%rsi 0x7ffff78b4224: mov 0x20(%rdi),%rdx 0x7ffff78b4228: cmp %rdx,%rsi 0x7ffff78b422b: jb 0x7ffff78b4247 0x7ffff78b422d: add 0x28(%rdi),%rdx 0x7ffff78b4231: mov %rsi,%r11 0x7ffff78b4234: add 0x10(%rbp),%r11 0x7ffff78b4238: dec %rdx 0x7ffff78b423b: dec %r11 0x7ffff78b423e: cmp %rdx,%r11 0x7ffff78b4241: jbe 0x7ffff78b4308 0x7ffff78b4247: mov %rsi,0x10(%rsp) 0x7ffff78b424c: mov 0x675e2e(%rip),%edi # 0x7ffff7f2a080 0x7ffff78b4252: mov %rsp,%rdx 0x7ffff78b4255: xor %eax,%eax 0x7ffff78b4257: mov $0xc020464f,%esi 0x7ffff78b425c: mov %r8d,0x1c(%rsp) 0x7ffff78b4261: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b4266: test %eax,%eax 0x7ffff78b4268: mov $0x2a,%edx 0x7ffff78b426d: js 0x7ffff78b41b2 0x7ffff78b4273: mov 0x18(%rsp),%edx 0x7ffff78b4277: test %edx,%edx 0x7ffff78b4279: jne 0x7ffff78b41b2 0x7ffff78b427f: xor %eax,%eax 0x7ffff78b4281: mov $0x1,%ecx 0x7ffff78b4286: lock cmpxchg %ecx,0x707582(%rip) # 0x7ffff7fbb810 0x7ffff78b428e: setne %dl 0x7ffff78b4291: test %dl,%dl 0x7ffff78b4293: je 0x7ffff78b4312 0x7ffff78b4295: mov 0x707575(%rip),%esi # 0x7ffff7fbb810 0x7ffff78b429b: test %esi,%esi 0x7ffff78b429d: je 0x7ffff78b427f 0x7ffff78b429f: mov 0x70756a(%rip),%r10d # 0x7ffff7fbb810 0x7ffff78b42a6: test %r10d,%r10d 0x7ffff78b42a9: je 0x7ffff78b427f 0x7ffff78b42ab: mov 0x70755e(%rip),%r11d # 0x7ffff7fbb810 0x7ffff78b42b2: test %r11d,%r11d 0x7ffff78b42b5: je 0x7ffff78b427f 0x7ffff78b42b7: mov 0x707553(%rip),%edx # 0x7ffff7fbb810 0x7ffff78b42bd: test %edx,%edx 0x7ffff78b42bf: je 0x7ffff78b427f 0x7ffff78b42c1: mov 0x707549(%rip),%eax # 0x7ffff7fbb810 0x7ffff78b42c7: test %eax,%eax 0x7ffff78b42c9: je 0x7ffff78b427f 0x7ffff78b42cb: mov 0x70753f(%rip),%ecx # 0x7ffff7fbb810 0x7ffff78b42d1: test %ecx,%ecx 0x7ffff78b42d3: je 0x7ffff78b427f 0x7ffff78b42d5: mov 0x707535(%rip),%esi # 0x7ffff7fbb810 0x7ffff78b42db: test %esi,%esi 0x7ffff78b42dd: je 0x7ffff78b427f 0x7ffff78b42df: mov 0x70752b(%rip),%edi # 0x7ffff7fbb810 0x7ffff78b42e5: test %edi,%edi 0x7ffff78b42e7: jne 0x7ffff78b4295 0x7ffff78b42e9: jmp 0x7ffff78b427f 0x7ffff78b42eb: data32 xchg %ax,%ax 0x7ffff78b42ee: xchg %ax,%ax 0x7ffff78b42f0: movl $0x0,0x707516(%rip) # 0x7ffff7fbb810 0x7ffff78b42fa: add $0x28,%rsp 0x7ffff78b42fe: mov $0x2a,%edx 0x7ffff78b4303: pop %rbx 0x7ffff78b4304: pop %rbp 0x7ffff78b4305: mov %edx,%eax 0x7ffff78b4307: retq 0x7ffff78b4308: mov %rcx,0x10(%rsp) 0x7ffff78b430d: jmpq 0x7ffff78b424c 0x7ffff78b4312: mov 0x28(%rbp),%edi 0x7ffff78b4315: dec %edi 0x7ffff78b4317: test %edi,%edi 0x7ffff78b4319: mov %edi,0x28(%rbp) 0x7ffff78b431c: je 0x7ffff78b4331 0x7ffff78b431e: movl $0x0,0x7074e8(%rip) # 0x7ffff7fbb810 0x7ffff78b4328: mov 0x18(%rsp),%edx 0x7ffff78b432c: jmpq 0x7ffff78b41b2 0x7ffff78b4331: mov 0x30(%rbp),%rdx 0x7ffff78b4335: test %rdx,%rdx 0x7ffff78b4338: je 0x7ffff78b4342 0x7ffff78b433a: mov 0x38(%rbp),%r8 0x7ffff78b433e: mov %r8,0x38(%rdx) 0x7ffff78b4342: cmp 0x20(%rbx),%rbp 0x7ffff78b4346: jne 0x7ffff78b4350 0x7ffff78b4348: mov 0x38(%rbp),%r9 0x7ffff78b434c: mov %r9,0x20(%rbx) 0x7ffff78b4350: mov 0x38(%rbp),%rdx 0x7ffff78b4354: test %rdx,%rdx 0x7ffff78b4357: je 0x7ffff78b4361 0x7ffff78b4359: mov 0x30(%rbp),%rbx 0x7ffff78b435d: mov %rbx,0x30(%rdx) 0x7ffff78b4361: movl $0x0,0x7074a5(%rip) # 0x7ffff7fbb810 0x7ffff78b436b: callq 0x7ffff782a4b0 <getpagesize@plt> 0x7ffff78b4370: movslq %eax,%rdi 0x7ffff78b4373: mov 0x8(%rbp),%rsi 0x7ffff78b4377: neg %rdi 0x7ffff78b437a: and 0x0(%rbp),%rdi 0x7ffff78b437e: callq 0x7ffff782a8d0 <munmap@plt> 0x7ffff78b4383: mov %rbp,%rdi 0x7ffff78b4386: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b438b: jmp 0x7ffff78b4328 0x7ffff78b438d: data32 xchg %ax,%ax 0x7ffff78b4390: push %r12 0x7ffff78b4392: xor %r8d,%r8d 0x7ffff78b4395: mov $0x1,%ecx 0x7ffff78b439a: push %rbp 0x7ffff78b439b: mov %edx,%ebp 0x7ffff78b439d: push %rbx 0x7ffff78b439e: sub $0x10,%rsp 0x7ffff78b43a2: mov %r8d,%eax 0x7ffff78b43a5: lock cmpxchg %ecx,0x70745f(%rip) # 0x7ffff7fbb80c 0x7ffff78b43ad: setne %dl 0x7ffff78b43b0: test %dl,%dl 0x7ffff78b43b2: je 0x7ffff78b440e 0x7ffff78b43b4: mov 0x707452(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b43ba: test %ebx,%ebx 0x7ffff78b43bc: je 0x7ffff78b43a2 0x7ffff78b43be: mov 0x707447(%rip),%r12d # 0x7ffff7fbb80c 0x7ffff78b43c5: test %r12d,%r12d 0x7ffff78b43c8: je 0x7ffff78b43a2 0x7ffff78b43ca: mov 0x70743c(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b43d0: test %eax,%eax 0x7ffff78b43d2: je 0x7ffff78b43a2 0x7ffff78b43d4: mov 0x707432(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b43da: test %ebx,%ebx 0x7ffff78b43dc: je 0x7ffff78b43a2 0x7ffff78b43de: mov 0x707427(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b43e5: test %r9d,%r9d 0x7ffff78b43e8: je 0x7ffff78b43a2 0x7ffff78b43ea: mov 0x70741b(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b43f1: test %r10d,%r10d 0x7ffff78b43f4: je 0x7ffff78b43a2 0x7ffff78b43f6: mov 0x70740f(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b43fd: test %r11d,%r11d 0x7ffff78b4400: je 0x7ffff78b43a2 0x7ffff78b4402: mov 0x707404(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b4408: test %edx,%edx 0x7ffff78b440a: jne 0x7ffff78b43b4 0x7ffff78b440c: jmp 0x7ffff78b43a2 0x7ffff78b440e: mov 0x7041d3(%rip),%rcx # 0x7ffff7fb85e8 0x7ffff78b4415: mov (%rcx),%rbx 0x7ffff78b4418: test %rbx,%rbx 0x7ffff78b441b: jne 0x7ffff78b4429 0x7ffff78b441d: jmp 0x7ffff78b4443 0x7ffff78b441f: nop 0x7ffff78b4420: mov 0x30(%rbx),%rbx 0x7ffff78b4424: test %rbx,%rbx 0x7ffff78b4427: je 0x7ffff78b4443 0x7ffff78b4429: cmp (%rbx),%edi 0x7ffff78b442b: data32 xchg %ax,%ax 0x7ffff78b442e: xchg %ax,%ax 0x7ffff78b4430: jne 0x7ffff78b4420 0x7ffff78b4432: cmp 0x4(%rbx),%esi 0x7ffff78b4435: jne 0x7ffff78b4420 0x7ffff78b4437: movl $0x0,0x7073cb(%rip) # 0x7ffff7fbb80c 0x7ffff78b4441: jmp 0x7ffff78b4462 0x7ffff78b4443: mov 0x703566(%rip),%r8 # 0x7ffff7fb79b0 0x7ffff78b444a: movl $0x0,0x7073b8(%rip) # 0x7ffff7fbb80c 0x7ffff78b4454: mov $0x1d,%r12d 0x7ffff78b445a: mov (%r8),%rbx 0x7ffff78b445d: test %rbx,%rbx 0x7ffff78b4460: je 0x7ffff78b44b0 0x7ffff78b4462: mov 0x10(%rbx),%rax 0x7ffff78b4466: test %rax,%rax 0x7ffff78b4469: jne 0x7ffff78b4479 0x7ffff78b446b: jmp 0x7ffff78b44bc 0x7ffff78b446d: data32 xchg %ax,%ax 0x7ffff78b4470: mov 0x10(%rax),%rax 0x7ffff78b4474: test %rax,%rax 0x7ffff78b4477: je 0x7ffff78b44bc 0x7ffff78b4479: cmp (%rax),%ebp 0x7ffff78b447b: data32 xchg %ax,%ax 0x7ffff78b447e: xchg %ax,%ax 0x7ffff78b4480: jne 0x7ffff78b4470 0x7ffff78b4482: mov %edi,(%rsp) 0x7ffff78b4485: mov %esi,0x4(%rsp) 0x7ffff78b4489: xor %eax,%eax 0x7ffff78b448b: mov %rsp,%rdx 0x7ffff78b448e: mov $0xc01046cf,%esi 0x7ffff78b4493: mov %ebp,%edi 0x7ffff78b4495: movl $0x0,0xc(%rsp) 0x7ffff78b449d: mov %ebp,0x8(%rsp) 0x7ffff78b44a1: mov $0x2a,%r12d 0x7ffff78b44a7: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b44ac: test %eax,%eax 0x7ffff78b44ae: jns 0x7ffff78b44ce 0x7ffff78b44b0: add $0x10,%rsp 0x7ffff78b44b4: mov %r12d,%eax 0x7ffff78b44b7: pop %rbx 0x7ffff78b44b8: pop %rbp 0x7ffff78b44b9: pop %r12 0x7ffff78b44bb: retq 0x7ffff78b44bc: add $0x10,%rsp 0x7ffff78b44c0: mov $0x11,%r12d 0x7ffff78b44c6: pop %rbx 0x7ffff78b44c7: pop %rbp 0x7ffff78b44c8: mov %r12d,%eax 0x7ffff78b44cb: pop %r12 0x7ffff78b44cd: retq 0x7ffff78b44ce: mov 0xc(%rsp),%r12d 0x7ffff78b44d3: test %r12d,%r12d 0x7ffff78b44d6: jne 0x7ffff78b44b0 0x7ffff78b44d8: mov 0x7034d1(%rip),%rsi # 0x7ffff7fb79b0 0x7ffff78b44df: mov (%rsi),%rax 0x7ffff78b44e2: cmp %rbx,%rax 0x7ffff78b44e5: je 0x7ffff78b44f6 0x7ffff78b44e7: mov %ebp,%esi 0x7ffff78b44e9: mov %rbx,%rdi 0x7ffff78b44ec: callq 0x7ffff78afd90 0x7ffff78b44f1: mov %eax,%r12d 0x7ffff78b44f4: jmp 0x7ffff78b44b0 0x7ffff78b44f6: mov 0x10(%rax),%rdi 0x7ffff78b44fa: test %rdi,%rdi 0x7ffff78b44fd: jne 0x7ffff78b450b 0x7ffff78b44ff: nop 0x7ffff78b4500: jmp 0x7ffff78b453f 0x7ffff78b4502: mov 0x10(%rdi),%rdi 0x7ffff78b4506: test %rdi,%rdi 0x7ffff78b4509: je 0x7ffff78b453f 0x7ffff78b450b: cmp (%rdi),%ebp 0x7ffff78b450d: data32 xchg %ax,%ax 0x7ffff78b4510: jne 0x7ffff78b4502 0x7ffff78b4512: lea 0x10(%rax),%rcx 0x7ffff78b4516: mov 0x10(%rax),%rax 0x7ffff78b451a: test %rax,%rax 0x7ffff78b451d: je 0x7ffff78b452d 0x7ffff78b451f: cmp %rdi,%rax 0x7ffff78b4522: je 0x7ffff78b455a 0x7ffff78b4524: mov 0x10(%rax),%rax 0x7ffff78b4528: test %rax,%rax 0x7ffff78b452b: jne 0x7ffff78b451f 0x7ffff78b452d: mov $0xffffffff,%r12d 0x7ffff78b4533: mov %ebp,%edi 0x7ffff78b4535: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b453a: jmpq 0x7ffff78b44b0 0x7ffff78b453f: cmp 0xc(%rax),%ebp 0x7ffff78b4542: mov %ebp,%edi 0x7ffff78b4544: setne %dl 0x7ffff78b4547: shr $0x1f,%edi 0x7ffff78b454a: or %dil,%dl 0x7ffff78b454d: je 0x7ffff78b4533 0x7ffff78b454f: mov $0xffffffff,%r12d 0x7ffff78b4555: jmpq 0x7ffff78b44b0 0x7ffff78b455a: mov 0x8(%rdi),%rdx 0x7ffff78b455e: test %rdx,%rdx 0x7ffff78b4561: je 0x7ffff78b4583 0x7ffff78b4563: mov 0x10(%rdi),%r9 0x7ffff78b4567: mov %r9,0x10(%rdx) 0x7ffff78b456b: mov 0x10(%rdi),%rdx 0x7ffff78b456f: test %rdx,%rdx 0x7ffff78b4572: je 0x7ffff78b457c 0x7ffff78b4574: mov 0x8(%rdi),%r11 0x7ffff78b4578: mov %r11,0x8(%rdx) 0x7ffff78b457c: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b4581: jmp 0x7ffff78b4533 0x7ffff78b4583: mov 0x10(%rdi),%r10 0x7ffff78b4587: mov %r10,(%rcx) 0x7ffff78b458a: jmp 0x7ffff78b456b 0x7ffff78b458c: data32 data32 xchg %ax,%ax 0x7ffff78b4590: push %r15 0x7ffff78b4592: mov $0x22,%eax 0x7ffff78b4597: push %r14 0x7ffff78b4599: mov %esi,%r14d 0x7ffff78b459c: push %r13 0x7ffff78b459e: mov %rcx,%r13 0x7ffff78b45a1: push %r12 0x7ffff78b45a3: mov %edi,%r12d 0x7ffff78b45a6: push %rbp 0x7ffff78b45a7: push %rbx 0x7ffff78b45a8: sub $0xb8,%rsp 0x7ffff78b45af: test %rcx,%rcx 0x7ffff78b45b2: mov %rdx,0x8(%rsp) 0x7ffff78b45b7: je 0x7ffff78b46c2 0x7ffff78b45bd: data32 xchg %ax,%ax 0x7ffff78b45c0: xor %eax,%eax 0x7ffff78b45c2: mov $0x1,%ecx 0x7ffff78b45c7: lock cmpxchg %ecx,0x70723d(%rip) # 0x7ffff7fbb80c 0x7ffff78b45cf: setne %dl 0x7ffff78b45d2: test %dl,%dl 0x7ffff78b45d4: je 0x7ffff78b46d4 0x7ffff78b45da: mov 0x70722c(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b45e0: test %ebx,%ebx 0x7ffff78b45e2: je 0x7ffff78b45c0 0x7ffff78b45e4: mov 0x707222(%rip),%ebp # 0x7ffff7fbb80c 0x7ffff78b45ea: test %ebp,%ebp 0x7ffff78b45ec: je 0x7ffff78b45c0 0x7ffff78b45ee: mov 0x707218(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b45f4: test %edx,%edx 0x7ffff78b45f6: je 0x7ffff78b45c0 0x7ffff78b45f8: mov 0x70720e(%rip),%ecx # 0x7ffff7fbb80c 0x7ffff78b45fe: test %ecx,%ecx 0x7ffff78b4600: je 0x7ffff78b45c0 0x7ffff78b4602: mov 0x707204(%rip),%esi # 0x7ffff7fbb80c 0x7ffff78b4608: test %esi,%esi 0x7ffff78b460a: je 0x7ffff78b45c0 0x7ffff78b460c: mov 0x7071fa(%rip),%edi # 0x7ffff7fbb80c 0x7ffff78b4612: test %edi,%edi 0x7ffff78b4614: je 0x7ffff78b45c0 0x7ffff78b4616: mov 0x7071f0(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b461c: test %ebx,%ebx 0x7ffff78b461e: je 0x7ffff78b45c0 0x7ffff78b4620: mov 0x7071e5(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b4627: test %r9d,%r9d 0x7ffff78b462a: jne 0x7ffff78b45da 0x7ffff78b462c: jmp 0x7ffff78b45c0 0x7ffff78b462e: mov %rax,0x8(%rbx) 0x7ffff78b4632: mov %rbx,0x10(%rax) 0x7ffff78b4636: mov 0x0(%r13),%edi 0x7ffff78b463a: lea 0x90(%rsp),%rdx 0x7ffff78b4642: xor %eax,%eax 0x7ffff78b4644: mov $0xc01446ce,%esi 0x7ffff78b4649: mov %edi,(%rbx) 0x7ffff78b464b: movq $0x0,0x90(%rsp) 0x7ffff78b4657: movq $0x0,0x98(%rsp) 0x7ffff78b4663: movl $0x0,0xa0(%rsp) 0x7ffff78b466e: mov %r12d,0x90(%rsp) 0x7ffff78b4676: mov %r14d,0x94(%rsp) 0x7ffff78b467e: mov %edi,0x9c(%rsp) 0x7ffff78b4685: callq 0x7ffff782ab20 <ioctl@plt> 0x7ffff78b468a: test %eax,%eax 0x7ffff78b468c: js 0x7ffff78b49f8 0x7ffff78b4692: mov 0xa0(%rsp),%r8d 0x7ffff78b469a: test %r8d,%r8d 0x7ffff78b469d: jne 0x7ffff78b4a03 0x7ffff78b46a3: mov 0x98(%rsp),%edx 0x7ffff78b46aa: xor %eax,%eax 0x7ffff78b46ac: mov %edx,0x4(%rbx) 0x7ffff78b46af: cmpq $0x0,0x8(%rsp) 0x7ffff78b46b5: je 0x7ffff78b46c2 0x7ffff78b46b7: mov 0x8(%rsp),%r13 0x7ffff78b46bc: xor %eax,%eax 0x7ffff78b46be: mov %edx,0x0(%r13) 0x7ffff78b46c2: add $0xb8,%rsp 0x7ffff78b46c9: pop %rbx 0x7ffff78b46ca: pop %rbp 0x7ffff78b46cb: pop %r12 0x7ffff78b46cd: pop %r13 0x7ffff78b46cf: pop %r14 0x7ffff78b46d1: pop %r15 0x7ffff78b46d3: retq 0x7ffff78b46d4: mov 0x703f0d(%rip),%rsi # 0x7ffff7fb85e8 0x7ffff78b46db: mov (%rsi),%rbp 0x7ffff78b46de: test %rbp,%rbp 0x7ffff78b46e1: jne 0x7ffff78b46f5 0x7ffff78b46e3: jmpq 0x7ffff78b47bf 0x7ffff78b46e8: mov 0x30(%rbp),%rbp 0x7ffff78b46ec: test %rbp,%rbp 0x7ffff78b46ef: je 0x7ffff78b47bf 0x7ffff78b46f5: cmp 0x0(%rbp),%r12d 0x7ffff78b46f9: jne 0x7ffff78b46e8 0x7ffff78b46fb: cmp 0x4(%rbp),%r14d 0x7ffff78b46ff: nop 0x7ffff78b4700: jne 0x7ffff78b46e8 0x7ffff78b4702: movl $0x0,0x707100(%rip) # 0x7ffff7fbb80c 0x7ffff78b470c: mov 0x704edd(%rip),%rcx # 0x7ffff7fb95f0 0x7ffff78b4713: xor %edx,%edx 0x7ffff78b4715: mov 0x28(%rbp),%rdi 0x7ffff78b4719: cmp %rdi,%rcx 0x7ffff78b471c: je 0x7ffff78b48ce 0x7ffff78b4722: lea 0x38(%rcx),%rbx 0x7ffff78b4726: lea 0x1(%rdx),%esi 0x7ffff78b4729: cmp %rdi,%rbx 0x7ffff78b472c: mov %esi,%edx 0x7ffff78b472e: je 0x7ffff78b48ce 0x7ffff78b4734: lea 0x70(%rcx),%r9 0x7ffff78b4738: inc %edx 0x7ffff78b473a: cmp %rdi,%r9 0x7ffff78b473d: je 0x7ffff78b48ce 0x7ffff78b4743: lea 0xa8(%rcx),%r10 0x7ffff78b474a: lea 0x2(%rsi),%edx 0x7ffff78b474d: cmp %rdi,%r10 0x7ffff78b4750: je 0x7ffff78b48ce 0x7ffff78b4756: lea 0xe0(%rcx),%r11 0x7ffff78b475d: lea 0x3(%rsi),%edx 0x7ffff78b4760: cmp %rdi,%r11 0x7ffff78b4763: je 0x7ffff78b48ce 0x7ffff78b4769: lea 0x118(%rcx),%rax 0x7ffff78b4770: lea 0x4(%rsi),%edx 0x7ffff78b4773: cmp %rdi,%rax 0x7ffff78b4776: je 0x7ffff78b48ce 0x7ffff78b477c: lea 0x150(%rcx),%r15 0x7ffff78b4783: lea 0x5(%rsi),%edx 0x7ffff78b4786: cmp %rdi,%r15 0x7ffff78b4789: je 0x7ffff78b48ce 0x7ffff78b478f: lea 0x188(%rcx),%r8 0x7ffff78b4796: lea 0x6(%rsi),%edx 0x7ffff78b4799: cmp %rdi,%r8 0x7ffff78b479c: je 0x7ffff78b48ce 0x7ffff78b47a2: lea 0x7(%rsi),%edx 0x7ffff78b47a5: add $0x1c0,%rcx 0x7ffff78b47ac: cmp $0x20,%edx 0x7ffff78b47af: jne 0x7ffff78b4719 0x7ffff78b47b5: mov $0x2a,%eax 0x7ffff78b47ba: jmpq 0x7ffff78b46c2 0x7ffff78b47bf: mov 0x7031ea(%rip),%rdi # 0x7ffff7fb79b0 0x7ffff78b47c6: lea 0x10(%rsp),%r15 0x7ffff78b47cb: lea 0x4d0afb(%rip),%rdx # 0x7ffff7d852cd 0x7ffff78b47d2: mov $0x80,%esi 0x7ffff78b47d7: xor %eax,%eax 0x7ffff78b47d9: movl $0x0,0x707029(%rip) # 0x7ffff7fbb80c 0x7ffff78b47e3: movl $0x2a,0xac(%rsp) 0x7ffff78b47ee: mov (%rdi),%rbp 0x7ffff78b47f1: mov %r15,%rdi 0x7ffff78b47f4: callq 0x7ffff782a740 <snprintf@plt> 0x7ffff78b47f9: mov $0xff,%esi 0x7ffff78b47fe: mov %r15,%rdi 0x7ffff78b4801: callq 0x7ffff78b0050 0x7ffff78b4806: xor %eax,%eax 0x7ffff78b4808: mov $0x2,%esi 0x7ffff78b480d: mov %r15,%rdi 0x7ffff78b4810: callq 0x7ffff782a360 <open64@plt> 0x7ffff78b4815: test %eax,%eax 0x7ffff78b4817: js 0x7ffff78b48c4 0x7ffff78b481d: movl $0x0,0xac(%rsp) 0x7ffff78b4828: mov %eax,0x0(%r13) 0x7ffff78b482c: mov 0x0(%r13),%r8d 0x7ffff78b4830: test %r8d,%r8d 0x7ffff78b4833: js 0x7ffff78b48b8 0x7ffff78b4839: mov %rbp,%r15 0x7ffff78b483c: add $0x10,%r15 0x7ffff78b4840: jne 0x7ffff78b490b 0x7ffff78b4846: mov 0x703163(%rip),%r9 # 0x7ffff7fb79b0 0x7ffff78b484d: cmp (%r9),%rbp 0x7ffff78b4850: je 0x7ffff78b4870 0x7ffff78b4852: mov 0x0(%r13),%esi 0x7ffff78b4856: mov %rbp,%rdi 0x7ffff78b4859: callq 0x7ffff78afd90 0x7ffff78b485e: mov $0x2a,%eax 0x7ffff78b4863: movl $0xffffffff,0x0(%r13) 0x7ffff78b486b: jmpq 0x7ffff78b46c2 0x7ffff78b4870: test %rbp,%rbp 0x7ffff78b4873: mov 0x0(%r13),%ebx 0x7ffff78b4877: je 0x7ffff78b48af 0x7ffff78b4879: mov 0x10(%rbp),%rdi 0x7ffff78b487d: test %rdi,%rdi 0x7ffff78b4880: jne 0x7ffff78b488d 0x7ffff78b4882: jmp 0x7ffff78b48f2 0x7ffff78b4884: mov 0x10(%rdi),%rdi 0x7ffff78b4888: test %rdi,%rdi 0x7ffff78b488b: je 0x7ffff78b48f2 0x7ffff78b488d: cmp (%rdi),%ebx 0x7ffff78b488f: nop 0x7ffff78b4890: jne 0x7ffff78b4884 0x7ffff78b4892: mov (%r15),%rax 0x7ffff78b4895: test %rax,%rax 0x7ffff78b4898: je 0x7ffff78b48af 0x7ffff78b489a: cmp %rax,%rdi 0x7ffff78b489d: data32 xchg %ax,%ax 0x7ffff78b48a0: je 0x7ffff78b49c8 0x7ffff78b48a6: mov 0x10(%rax),%rax 0x7ffff78b48aa: test %rax,%rax 0x7ffff78b48ad: jne 0x7ffff78b489a 0x7ffff78b48af: mov %ebx,%edi 0x7ffff78b48b1: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b48b6: jmp 0x7ffff78b485e 0x7ffff78b48b8: mov 0xac(%rsp),%eax 0x7ffff78b48bf: jmpq 0x7ffff78b46c2 0x7ffff78b48c4: mov $0xffffffff,%eax 0x7ffff78b48c9: jmpq 0x7ffff78b4828 0x7ffff78b48ce: test %edx,%edx 0x7ffff78b48d0: js 0x7ffff78b47b5 0x7ffff78b48d6: lea 0xac(%rsp),%rcx 0x7ffff78b48de: mov %rbp,%rsi 0x7ffff78b48e1: mov %r12d,%edi 0x7ffff78b48e4: callq 0x7ffff78b0270 0x7ffff78b48e9: mov %eax,0x0(%r13) 0x7ffff78b48ed: jmpq 0x7ffff78b482c 0x7ffff78b48f2: cmp 0xc(%rbp),%ebx 0x7ffff78b48f5: mov %ebx,%r12d 0x7ffff78b48f8: setne %r14b 0x7ffff78b48fc: shr $0x1f,%r12d 0x7ffff78b4900: or %r12b,%r14b 0x7ffff78b4903: jne 0x7ffff78b485e 0x7ffff78b4909: jmp 0x7ffff78b48af 0x7ffff78b490b: mov $0x18,%edi 0x7ffff78b4910: callq 0x7ffff782a470 <malloc@plt> 0x7ffff78b4915: test %rax,%rax 0x7ffff78b4918: mov %rax,%rbx 0x7ffff78b491b: je 0x7ffff78b4846 0x7ffff78b4921: movq $0x0,0x10(%rax) 0x7ffff78b4929: movl $0xffffffff,(%rax) 0x7ffff78b492f: movl $0x0,0x4(%rax) 0x7ffff78b4936: mov 0x10(%rbp),%rax 0x7ffff78b493a: test %rax,%rax 0x7ffff78b493d: je 0x7ffff78b4a85 0x7ffff78b4943: mov 0x10(%rax),%rdx 0x7ffff78b4947: test %rdx,%rdx 0x7ffff78b494a: je 0x7ffff78b462e 0x7ffff78b4950: mov %rdx,%rax 0x7ffff78b4953: mov 0x10(%rdx),%rdx 0x7ffff78b4957: test %rdx,%rdx 0x7ffff78b495a: je 0x7ffff78b462e 0x7ffff78b4960: mov %rdx,%rax 0x7ffff78b4963: mov 0x10(%rdx),%rdx 0x7ffff78b4967: test %rdx,%rdx 0x7ffff78b496a: je 0x7ffff78b462e 0x7ffff78b4970: mov %rdx,%rax 0x7ffff78b4973: mov 0x10(%rdx),%rdx 0x7ffff78b4977: test %rdx,%rdx 0x7ffff78b497a: je 0x7ffff78b462e 0x7ffff78b4980: mov %rdx,%rax 0x7ffff78b4983: mov 0x10(%rdx),%rdx 0x7ffff78b4987: test %rdx,%rdx 0x7ffff78b498a: je 0x7ffff78b462e 0x7ffff78b4990: mov %rdx,%rax 0x7ffff78b4993: mov 0x10(%rdx),%rdx 0x7ffff78b4997: test %rdx,%rdx 0x7ffff78b499a: je 0x7ffff78b462e 0x7ffff78b49a0: mov %rdx,%rax 0x7ffff78b49a3: mov 0x10(%rdx),%rdx 0x7ffff78b49a7: test %rdx,%rdx 0x7ffff78b49aa: je 0x7ffff78b462e 0x7ffff78b49b0: mov %rdx,%rax 0x7ffff78b49b3: mov 0x10(%rdx),%rdx 0x7ffff78b49b7: test %rdx,%rdx 0x7ffff78b49ba: je 0x7ffff78b462e 0x7ffff78b49c0: mov %rdx,%rax 0x7ffff78b49c3: jmpq 0x7ffff78b4943 0x7ffff78b49c8: mov 0x8(%rdi),%rdx 0x7ffff78b49cc: test %rdx,%rdx 0x7ffff78b49cf: je 0x7ffff78b4a77 0x7ffff78b49d5: mov 0x10(%rdi),%rbp 0x7ffff78b49d9: mov %rbp,0x10(%rdx) 0x7ffff78b49dd: mov 0x10(%rdi),%rdx 0x7ffff78b49e1: test %rdx,%rdx 0x7ffff78b49e4: je 0x7ffff78b49ee 0x7ffff78b49e6: mov 0x8(%rdi),%r11 0x7ffff78b49ea: mov %r11,0x8(%rdx) 0x7ffff78b49ee: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b49f3: jmpq 0x7ffff78b48af 0x7ffff78b49f8: movl $0x2a,0xa0(%rsp) 0x7ffff78b4a03: mov 0x702fa6(%rip),%rdx # 0x7ffff7fb79b0 0x7ffff78b4a0a: cmp (%rdx),%rbp 0x7ffff78b4a0d: je 0x7ffff78b4a2f 0x7ffff78b4a0f: mov 0x0(%r13),%esi 0x7ffff78b4a13: mov %rbp,%rdi 0x7ffff78b4a16: callq 0x7ffff78afd90 0x7ffff78b4a1b: movl $0xffffffff,0x0(%r13) 0x7ffff78b4a23: mov 0xa0(%rsp),%eax 0x7ffff78b4a2a: jmpq 0x7ffff78b46c2 0x7ffff78b4a2f: test %rbp,%rbp 0x7ffff78b4a32: mov 0x0(%r13),%ebx 0x7ffff78b4a36: je 0x7ffff78b4a6e 0x7ffff78b4a38: mov 0x10(%rbp),%rdi 0x7ffff78b4a3c: test %rdi,%rdi 0x7ffff78b4a3f: je 0x7ffff78b4a5b 0x7ffff78b4a41: cmp %ebx,(%rdi) 0x7ffff78b4a43: jne 0x7ffff78b4a52 0x7ffff78b4a45: jmp 0x7ffff78b4a96 0x7ffff78b4a47: cmp (%rdi),%ebx 0x7ffff78b4a49: data32 data32 xchg %ax,%ax 0x7ffff78b4a4d: data32 xchg %ax,%ax 0x7ffff78b4a50: je 0x7ffff78b4a96 0x7ffff78b4a52: mov 0x10(%rdi),%rdi 0x7ffff78b4a56: test %rdi,%rdi 0x7ffff78b4a59: jne 0x7ffff78b4a47 0x7ffff78b4a5b: cmp 0xc(%rbp),%ebx 0x7ffff78b4a5e: mov %ebx,%r15d 0x7ffff78b4a61: setne %dil 0x7ffff78b4a65: shr $0x1f,%r15d 0x7ffff78b4a69: or %r15b,%dil 0x7ffff78b4a6c: jne 0x7ffff78b4a1b 0x7ffff78b4a6e: mov %ebx,%edi 0x7ffff78b4a70: callq 0x7ffff782ab40 <close@plt> 0x7ffff78b4a75: jmp 0x7ffff78b4a1b 0x7ffff78b4a77: mov 0x10(%rdi),%r10 0x7ffff78b4a7b: mov %r10,(%r15) 0x7ffff78b4a7e: xchg %ax,%ax 0x7ffff78b4a80: jmpq 0x7ffff78b49dd 0x7ffff78b4a85: movq $0x0,0x8(%rbx) 0x7ffff78b4a8d: mov %rbx,0x10(%rbp) 0x7ffff78b4a91: jmpq 0x7ffff78b4636 0x7ffff78b4a96: mov (%r15),%rax 0x7ffff78b4a99: test %rax,%rax 0x7ffff78b4a9c: jne 0x7ffff78b4aab 0x7ffff78b4a9e: xchg %ax,%ax 0x7ffff78b4aa0: jmp 0x7ffff78b4a6e 0x7ffff78b4aa2: mov 0x10(%rax),%rax 0x7ffff78b4aa6: test %rax,%rax 0x7ffff78b4aa9: je 0x7ffff78b4a6e 0x7ffff78b4aab: cmp %rax,%rdi 0x7ffff78b4aae: xchg %ax,%ax 0x7ffff78b4ab0: jne 0x7ffff78b4aa2 0x7ffff78b4ab2: mov 0x8(%rdi),%rdx 0x7ffff78b4ab6: test %rdx,%rdx 0x7ffff78b4ab9: je 0x7ffff78b4adb 0x7ffff78b4abb: mov 0x10(%rdi),%rax 0x7ffff78b4abf: mov %rax,0x10(%rdx) 0x7ffff78b4ac3: mov 0x10(%rdi),%rdx 0x7ffff78b4ac7: test %rdx,%rdx 0x7ffff78b4aca: je 0x7ffff78b4ad4 0x7ffff78b4acc: mov 0x8(%rdi),%rsi 0x7ffff78b4ad0: mov %rsi,0x8(%rdx) 0x7ffff78b4ad4: callq 0x7ffff782abf0 <free@plt> 0x7ffff78b4ad9: jmp 0x7ffff78b4a6e 0x7ffff78b4adb: mov 0x10(%rdi),%rcx 0x7ffff78b4adf: mov %rcx,(%r15) 0x7ffff78b4ae2: jmp 0x7ffff78b4ac3 0x7ffff78b4ae4: data32 data32 xchg %ax,%ax 0x7ffff78b4ae8: data32 data32 xchg %ax,%ax 0x7ffff78b4aec: data32 data32 xchg %ax,%ax 0x7ffff78b4af0: push %r15 0x7ffff78b4af2: mov $0x1,%ecx 0x7ffff78b4af7: mov %edx,%r15d 0x7ffff78b4afa: push %r14 0x7ffff78b4afc: mov %edi,%r14d 0x7ffff78b4aff: push %r13 0x7ffff78b4b01: push %r12 0x7ffff78b4b03: push %rbp 0x7ffff78b4b04: push %rbx 0x7ffff78b4b05: sub $0x28,%rsp 0x7ffff78b4b09: lea 0x10(%rsp),%rax 0x7ffff78b4b0e: mov %rax,(%rsp) 0x7ffff78b4b12: movl $0x0,0xc(%rax) 0x7ffff78b4b19: mov %edi,0x10(%rsp) 0x7ffff78b4b1d: xor %edi,%edi 0x7ffff78b4b1f: cmp %edx,%r14d 0x7ffff78b4b22: mov %esi,0x14(%rsp) 0x7ffff78b4b26: mov %edx,0x18(%rsp) 0x7ffff78b4b2a: je 0x7ffff78b4ba8 0x7ffff78b4b2c: data32 data32 xchg %ax,%ax 0x7ffff78b4b30: xor %eax,%eax 0x7ffff78b4b32: mov $0x1,%r9d 0x7ffff78b4b38: lock cmpxchg %r9d,0x706ccb(%rip) # 0x7ffff7fbb80c 0x7ffff78b4b41: setne %dl 0x7ffff78b4b44: test %dl,%dl 0x7ffff78b4b46: je 0x7ffff78b4c15 0x7ffff78b4b4c: mov 0x706cb9(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b4b53: test %r10d,%r10d 0x7ffff78b4b56: je 0x7ffff78b4b30 0x7ffff78b4b58: mov 0x706cae(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b4b5e: test %ebx,%ebx 0x7ffff78b4b60: je 0x7ffff78b4b30 0x7ffff78b4b62: mov 0x706ca3(%rip),%r12d # 0x7ffff7fbb80c 0x7ffff78b4b69: test %r12d,%r12d 0x7ffff78b4b6c: je 0x7ffff78b4b30 0x7ffff78b4b6e: mov 0x706c97(%rip),%r9d # 0x7ffff7fbb80c 0x7ffff78b4b75: test %r9d,%r9d 0x7ffff78b4b78: je 0x7ffff78b4b30 0x7ffff78b4b7a: mov 0x706c8c(%rip),%edi # 0x7ffff7fbb80c 0x7ffff78b4b80: test %edi,%edi 0x7ffff78b4b82: je 0x7ffff78b4b30 0x7ffff78b4b84: mov 0x706c81(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b4b8b: test %r10d,%r10d 0x7ffff78b4b8e: je 0x7ffff78b4b30 0x7ffff78b4b90: mov 0x706c76(%rip),%ecx # 0x7ffff7fbb80c 0x7ffff78b4b96: test %ecx,%ecx 0x7ffff78b4b98: je 0x7ffff78b4b30 0x7ffff78b4b9a: mov 0x706c6b(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b4ba1: test %r11d,%r11d 0x7ffff78b4ba4: jne 0x7ffff78b4b4c 0x7ffff78b4ba6: jmp 0x7ffff78b4b30 0x7ffff78b4ba8: mov %edi,%eax 0x7ffff78b4baa: lock cmpxchg %ecx,0x706c5a(%rip) # 0x7ffff7fbb80c 0x7ffff78b4bb2: setne %dl 0x7ffff78b4bb5: test %dl,%dl 0x7ffff78b4bb7: je 0x7ffff78b4da0 0x7ffff78b4bbd: mov 0x706c49(%rip),%ebx # 0x7ffff7fbb80c 0x7ffff78b4bc3: test %ebx,%ebx 0x7ffff78b4bc5: je 0x7ffff78b4ba8 0x7ffff78b4bc7: mov 0x706c3e(%rip),%r13d # 0x7ffff7fbb80c 0x7ffff78b4bce: test %r13d,%r13d 0x7ffff78b4bd1: je 0x7ffff78b4ba8 0x7ffff78b4bd3: mov 0x706c33(%rip),%esi # 0x7ffff7fbb80c 0x7ffff78b4bd9: test %esi,%esi 0x7ffff78b4bdb: je 0x7ffff78b4ba8 0x7ffff78b4bdd: mov 0x706c28(%rip),%r10d # 0x7ffff7fbb80c 0x7ffff78b4be4: test %r10d,%r10d 0x7ffff78b4be7: je 0x7ffff78b4ba8 0x7ffff78b4be9: mov 0x706c1c(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b4bf0: test %r11d,%r11d 0x7ffff78b4bf3: je 0x7ffff78b4ba8 0x7ffff78b4bf5: mov 0x706c11(%rip),%edx # 0x7ffff7fbb80c 0x7ffff78b4bfb: test %edx,%edx 0x7ffff78b4bfd: je 0x7ffff78b4ba8 0x7ffff78b4bff: mov 0x706c07(%rip),%ebp # 0x7ffff7fbb80c 0x7ffff78b4c05: test %ebp,%ebp 0x7ffff78b4c07: je 0x7ffff78b4ba8 0x7ffff78b4c09: mov 0x706bfd(%rip),%eax # 0x7ffff7fbb80c 0x7ffff78b4c0f: test %eax,%eax 0x7ffff78b4c11: jne 0x7ffff78b4bbd 0x7ffff78b4c13: jmp 0x7ffff78b4ba8 0x7ffff78b4c15: mov 0x7039cc(%rip),%r11 # 0x7ffff7fb85e8 0x7ffff78b4c1c: mov (%r11),%rbx 0x7ffff78b4c1f: test %rbx,%rbx 0x7ffff78b4c22: je 0x7ffff78b4cc8 0x7ffff78b4c28: mov %rbx,%rax 0x7ffff78b4c2b: jmp 0x7ffff78b4c3d 0x7ffff78b4c2d: data32 xchg %ax,%ax 0x7ffff78b4c30: mov 0x30(%rax),%rax 0x7ffff78b4c34: test %rax,%rax 0x7ffff78b4c37: je 0x7ffff78b4cc8 0x7ffff78b4c3d: cmp (%rax),%r14d 0x7ffff78b4c40: jne 0x7ffff78b4c30 0x7ffff78b4c42: cmp 0x4(%rax),%r15d 0x7ffff78b4c46: jne 0x7ffff78b4c30 0x7ffff78b4c48: movl $0x0,0x706bba(%rip) # 0x7ffff7fbb80c 0x7ffff78b4c52: xor %eax,%eax 0x7ffff78b4c54: mov $0x1,%r12d 0x7ffff78b4c5a: lock cmpxchg %r12d,0x706ba9(%rip) # 0x7ffff7fbb80c 0x7ffff78b4c63: setne %dl 0x7ffff78b4c66: test %dl,%dl 0x7ffff78b4c68: je 0x7ffff78b4fa2 0x7ffff78b4c6e: mov 0x706b97(%rip),%r13d # 0x7ffff7fbb80c 0x7ffff78b4c75: test %r13d,%r13d 0x7ffff78b4c78: je 0x7ffff78b4c52 0x7ffff78b4c7a: mov 0x706b8b(%rip),%r11d # 0x7ffff7fbb80c 0x7ffff78b4c81: test %r11d,%r11d 0x7ffff78b4c84: je 0x7ffff78b4c52See Also
* Kernel ioctl numbering documentation * My CUDA and CUBAR pages