Check out my first novel, midnight's simulacra!

Libcudest

From dankwiki
Revision as of 05:47, 23 April 2010 by Dank (talk | contribs) (→‎ioctls)

Reverse engineering of CUDA ioctls in the 3.0 SDK (195.36.15 driver, GTS 360M, amd64). CUDA primarily communicates with the NVIDIA closed-source driver via several hundred undocumented ioctl()s. My open source implementation is located at GitHub.

Maps

Ordered from highest to lowest locations in x86 memory. These are architecture-, and to a lesser degree driver- and kernel version-specific. Applications and libraries can of course create many more maps than these.

  • vsyscalls. read-execute-private, very few pages, topmost area of memory, usually highest mapping
  • VDSO. read-execute-private, one page, high in memory (SYSENTER/SYSEXIT)
  • Userspace stack. read-write-private, many pages, high in memory
  • Anonymous map, 3 read-write-private pages, high in memory.
    • Possibly associated with nvidia driver's NV_STACK_SIZE stack. read-write-private, (3 * 4096 on amd64, 2 * 4096 on i686)
  • Two sets of /dev/nvidiaX maps for each bound device. Sets are usually continguous, and contain:
    • an anonymous page, read-write-private
    • several mappings of the device, having variable number of pages, all read-write-shared
  • Libraries. variable, middle of memory.
  • Userspace heap. read-write-private, many pages, low in memory
  • Application (data region). read-write-private, variable, low in memory
  • Application (text region). read-execute-private, variable, usually lowest mapping

ioctls

An ioctl (on x86) is 32 bits. The following definition comes from linux/asm-generic/ioctl.h in a 2.6.34 kernel:

  • Bit 31: Read?
  • Bit 30: Write?
  • Bits 29-16: Parameter size
  • Bits 15-8: Type (module)
  • Bits 7-0: Number (command)

Looking at the source of the 195.36.15 kernel driver's OS interface, we see that NVIDIA uses the standard ioctl-creation macros from ioctl.h, and can be expected to adhere to this format. The type code used (NV_IOCTL_MAGIC) is 'F' (0x46), which overlaps with the framebuffer ioctl range as registered in 2.6.34. We further see that only _IOWR() is used to declare ioctls, implying that the first two bits will always be '11'. Both of these deductions are borne out observing strace output of a CUDA process.

Code Param size Param location(s) Driver API call sites Notes
0xd2 0x048 stack cuInit
  • Performed immediately following opening of the nvidiactl device
  • Wants a 64-bit version 8 bytes in. 0x312e36332e353931ull == 195.36.15
  • Must set the 16th byte to 0x35
  • All other bytes are 0.
  • Writes result to first 8 bytes (0x0000000100000000)
0xca 0x004 anonymous page cuInit
  • Seems to ignore input value.
  • Writes result value (0x00000001).
0xc8 0x600 anonymous page cuInit
  • Largest parameter by far. Possibly scaled? Shifted 3 bits left, this is 0x3000, the size of the amd64 anonymous mapping.
  • Wants the first 32 bits to be 1, all others 0.
  • Returns (all subsequent bytes are 0):
0x00010001	0x0cb110de	0x00000026	0x00000000
0xf2000000	0x00000000	0x01000000	0x00000000
0xe0000000	0x00000000	0x10000000	0x00000000
0x22 0x00c stack cuInit
  • Inputs set to 0.
  • Outputs
3251635025	65	0
0x2a 0x020 stack cuInit
  • Inputs:
0x7fffffffd310:	3251635025	3251635025	533	0
0x7fffffffd320:	4294955888	32767	132	0
  • Outputs are unchanged
0x4d 0x048 stack cuInit Performed following opening of nvidiaX device
0x2d 0x014 stack cuInit Performed following read of /proc/interrupts
0x32 0x014 stack cuInit Performed several times in succession
0x37 0x20 stack cuInit
  • Follows burst of 3x 0x32's, then interwoven with bursts of 2a's
  • Only other code (besides 0x32) directed to second nvidiactl file descriptor

raw data

edi == ebp
esi == 0xc04846d2
rdx == r12
call(edi,esi,rdx)

eax == 0
ebp == file descriptor
rsp(0x4c7) = 0 
rsp(0x488) = rax
rsp(0x484) = 0
rsp(0x480) = 0
				r12 = rsp + 0x480 (0x7ffff78b3c41)
rbx(0x30) = 0
rbx(0x28) = 0
rbx(0x20) = 0
rbx(0x18) = 0
rbx(0x10) = 0
rbx(0x8) = 0x35
rbx(0x38) = 0

cuInit:
  0x7ffff78b3031:	mov    0x8(%rsp),%ecx
   0x7ffff78b3035:	mov    $0x14,%r8d
   0x7ffff78b303b:	mov    $0xa02,%edx
   0x7ffff78b3040:	mov    %ebp,%esi
   0x7ffff78b3042:	mov    %ebp,%edi
   0x7ffff78b3044:	callq  0x7ffff78b1a60
   0x7ffff78b3049:	test   %eax,%eax
   0x7ffff78b304b:	jne    0x7ffff78b2b84
   0x7ffff78b3051:	mov    0x1c(%rsp),%eax
   0x7ffff78b3055:	cmp    0x6c(%rsp),%eax
   0x7ffff78b3059:	jne    0x7ffff78b2b84
   0x7ffff78b305f:	nop
   0x7ffff78b3060:	jmpq   0x7ffff78b2c70
   0x7ffff78b3065:	mov    0x704944(%rip),%r9        # 0x7ffff7fb79b0
   0x7ffff78b306c:	mov    (%r9),%rdi
   0x7ffff78b306f:	mov    0x10(%rdi),%rdx
   0x7ffff78b3073:	test   %rdx,%rdx
   0x7ffff78b3076:	je     0x7ffff78b3094
   0x7ffff78b3078:	cmp    %r8d,(%rdx)
   0x7ffff78b307b:	jne    0x7ffff78b308b
   0x7ffff78b307d:	jmpq   0x7ffff78b2f82
   0x7ffff78b3082:	cmp    (%rdx),%r8d
   0x7ffff78b3085:	je     0x7ffff78b2f82
   0x7ffff78b308b:	mov    0x10(%rdx),%rdx
   0x7ffff78b308f:	test   %rdx,%rdx
   0x7ffff78b3092:	jne    0x7ffff78b3082
   0x7ffff78b3094:	mov    $0x1d,%r12d
   0x7ffff78b309a:	movl   $0x0,0x708768(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b30a4:	jmpq   0x7ffff78b29e5
   0x7ffff78b30a9:	mov    0x58(%rsp),%edi
   0x7ffff78b30ad:	test   %edi,%edi
   0x7ffff78b30af:	je     0x7ffff78b29e5
   0x7ffff78b30b5:	mov    %rbx,%rdi
   0x7ffff78b30b8:	callq  0x7ffff78b22d0
   0x7ffff78b30bd:	mov    0x58(%rsp),%r12d
   0x7ffff78b30c2:	jmpq   0x7ffff78b29e5
   0x7ffff78b30c7:	mov    0x70551a(%rip),%r15        # 0x7ffff7fb85e8
   0x7ffff78b30ce:	mov    (%r15),%rbx
   0x7ffff78b30d1:	test   %rbx,%rbx
   0x7ffff78b30d4:	je     0x7ffff78b2f9e
   0x7ffff78b30da:	lea    0x20(%rsp),%rdx
   0x7ffff78b30df:	jmp    0x7ffff78b30ee
   0x7ffff78b30e1:	mov    0x30(%rbx),%rbx
   0x7ffff78b30e5:	test   %rbx,%rbx
   0x7ffff78b30e8:	je     0x7ffff78b2f9e
   0x7ffff78b30ee:	cmp    (%rbx),%ebp
   0x7ffff78b30f0:	jne    0x7ffff78b30e1
   0x7ffff78b30f2:	cmp    0x4(%rbx),%r14d
   0x7ffff78b30f6:	jne    0x7ffff78b30e1
   0x7ffff78b30f8:	movq   $0x0,0x20(%rsp)
   0x7ffff78b3101:	movq   $0x0,0x28(%rsp)
   0x7ffff78b310a:	xor    %eax,%eax
   0x7ffff78b310c:	mov    %ebp,0x20(%rsp)
   0x7ffff78b3110:	mov    %r14d,0x28(%rsp)
   0x7ffff78b3115:	mov    $0xc020462b,%esi
   0x7ffff78b311a:	mov    0x18(%rsp),%ebp
   0x7ffff78b311e:	mov    0x10(%rsp),%r14
   0x7ffff78b3123:	mov    0x676f57(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3129:	movl   $0x0,0x7086d9(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3133:	movq   $0x0,0x38(%rsp)
   0x7ffff78b313c:	movl   $0x83f3,0x2c(%rsp)
   0x7ffff78b3144:	mov    %ebp,0x24(%rsp)
   0x7ffff78b3148:	mov    %r14,0x30(%rsp)
   0x7ffff78b314d:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3152:	test   %eax,%eax
   0x7ffff78b3154:	js     0x7ffff78b2f2a
   0x7ffff78b315a:	mov    0x38(%rsp),%r9d
   0x7ffff78b315f:	test   %r9d,%r9d
   0x7ffff78b3162:	je     0x7ffff78b29e5
   0x7ffff78b3168:	mov    %rbx,%rdi
   0x7ffff78b316b:	callq  0x7ffff78b22d0
   0x7ffff78b3170:	mov    0x38(%rsp),%r12d
   0x7ffff78b3175:	jmpq   0x7ffff78b29e5
   0x7ffff78b317a:	data32 xchg %ax,%ax
   0x7ffff78b317d:	data32 xchg %ax,%ax
   0x7ffff78b3180:	mov    %r12,-0x20(%rsp)
   0x7ffff78b3185:	mov    %r13,-0x18(%rsp)
   0x7ffff78b318a:	mov    %edi,%r12d
   0x7ffff78b318d:	mov    %r14,-0x10(%rsp)
   0x7ffff78b3192:	mov    %r15,-0x8(%rsp)
   0x7ffff78b3197:	mov    %esi,%r14d
   0x7ffff78b319a:	mov    %rbx,-0x30(%rsp)
   0x7ffff78b319f:	mov    %rbp,-0x28(%rsp)
   0x7ffff78b31a4:	sub    $0x68,%rsp
   0x7ffff78b31a8:	cmp    $0x80,%edx
   0x7ffff78b31ae:	mov    %edx,%r13d
   0x7ffff78b31b1:	mov    %rcx,%r15
   0x7ffff78b31b4:	jb     0x7ffff78b327a
   0x7ffff78b31ba:	cmp    $0x87,%edx
   0x7ffff78b31c0:	ja     0x7ffff78b3272
   0x7ffff78b31c6:	lea    -0x80(%r13),%esi
   0x7ffff78b31ca:	xor    %edx,%edx
   0x7ffff78b31cc:	callq  0x7ffff78b2160
   0x7ffff78b31d1:	mov    %eax,%edx
   0x7ffff78b31d3:	mov    %eax,%edi
   0x7ffff78b31d5:	shr    $0x1f,%edx
   0x7ffff78b31d8:	cmp    $0x20,%eax
   0x7ffff78b31db:	sete   %bl
   0x7ffff78b31de:	or     %dl,%bl
   0x7ffff78b31e0:	jne    0x7ffff78b327a
   0x7ffff78b31e6:	mov    %edi,%ecx
   0x7ffff78b31e8:	mov    %r14d,%esi
   0x7ffff78b31eb:	mov    %r14d,%edx
   0x7ffff78b31ee:	mov    %r12d,%edi
   0x7ffff78b31f1:	callq  0x7ffff78b2400
   0x7ffff78b31f6:	xor    %esi,%esi
   0x7ffff78b31f8:	test   %eax,%eax
   0x7ffff78b31fa:	mov    %eax,%ebp
   0x7ffff78b31fc:	mov    $0x1,%ecx
   0x7ffff78b3201:	jne    0x7ffff78b327f
   0x7ffff78b3203:	mov    %esi,%eax
   0x7ffff78b3205:	
    lock cmpxchg %ecx,0x7085ff(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b320d:	setne  %dl
   0x7ffff78b3210:	test   %dl,%dl
   0x7ffff78b3212:	je     0x7ffff78b3400
   0x7ffff78b3218:	mov    0x7085ee(%rip),%edi        # 0x7ffff7fbb80c
   0x7ffff78b321e:	test   %edi,%edi
   0x7ffff78b3220:	je     0x7ffff78b3203
   0x7ffff78b3222:	mov    0x7085e3(%rip),%r8d        # 0x7ffff7fbb80c
   0x7ffff78b3229:	test   %r8d,%r8d
   0x7ffff78b322c:	je     0x7ffff78b3203
   0x7ffff78b322e:	mov    0x7085d7(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b3235:	test   %r9d,%r9d
   0x7ffff78b3238:	je     0x7ffff78b3203
   0x7ffff78b323a:	mov    0x7085cb(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b3241:	test   %r10d,%r10d
   0x7ffff78b3244:	je     0x7ffff78b3203
   0x7ffff78b3246:	mov    0x7085bf(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b324d:	test   %r11d,%r11d
   0x7ffff78b3250:	je     0x7ffff78b3203
   0x7ffff78b3252:	mov    0x7085b4(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b3258:	test   %ebx,%ebx
   0x7ffff78b325a:	je     0x7ffff78b3203
   0x7ffff78b325c:	mov    0x7085aa(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b3262:	test   %edx,%edx
   0x7ffff78b3264:	je     0x7ffff78b3203
   0x7ffff78b3266:	mov    0x7085a0(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b326c:	test   %eax,%eax
   0x7ffff78b326e:	jne    0x7ffff78b3218
   0x7ffff78b3270:	jmp    0x7ffff78b3203
   0x7ffff78b3272:	cmp    $0xff,%edx
   0x7ffff78b3278:	je     0x7ffff78b32a4
   0x7ffff78b327a:	mov    $0x2a,%ebp
   0x7ffff78b327f:	mov    %ebp,%eax
   0x7ffff78b3281:	mov    0x38(%rsp),%rbx
   0x7ffff78b3286:	mov    0x40(%rsp),%rbp
   0x7ffff78b328b:	mov    0x48(%rsp),%r12
   0x7ffff78b3290:	mov    0x50(%rsp),%r13
   0x7ffff78b3295:	mov    0x58(%rsp),%r14
   0x7ffff78b329a:	mov    0x60(%rsp),%r15
   0x7ffff78b329f:	add    $0x68,%rsp
   0x7ffff78b32a3:	retq   
   0x7ffff78b32a4:	test   %rcx,%rcx
   0x7ffff78b32a7:	je     0x7ffff78b327a
   0x7ffff78b32a9:	mov    $0x3a,%esi
   0x7ffff78b32ae:	mov    %rcx,%rdi
   0x7ffff78b32b1:	callq  0x7ffff782a980 <strchr@plt>
   0x7ffff78b32b6:	test   %rax,%rax
   0x7ffff78b32b9:	je     0x7ffff78b327a
   0x7ffff78b32bb:	cmpb   $0x2a,(%r15)
   0x7ffff78b32bf:	je     0x7ffff78b327a
   0x7ffff78b32c1:	lea    0x28(%rsp),%rsi
   0x7ffff78b32c6:	xor    %ecx,%ecx
   0x7ffff78b32c8:	xor    %edx,%edx
   0x7ffff78b32ca:	mov    %r15,%rdi
   0x7ffff78b32cd:	callq  0x7ffff782a930 <__strtol_internal@plt>
   0x7ffff78b32d2:	mov    0x28(%rsp),%rdi
   0x7ffff78b32d7:	xor    %edx,%edx
   0x7ffff78b32d9:	xor    %ecx,%ecx
   0x7ffff78b32db:	xor    %esi,%esi
   0x7ffff78b32dd:	mov    %eax,%ebx
   0x7ffff78b32df:	inc    %rdi
   0x7ffff78b32e2:	callq  0x7ffff782a930 <__strtol_internal@plt>
   0x7ffff78b32e7:	mov    0x705012(%rip),%rdx        # 0x7ffff7fb8300
   0x7ffff78b32ee:	mov    %eax,%r8d
   0x7ffff78b32f1:	xor    %edi,%edi
   0x7ffff78b32f3:	add    $0x30,%rdx
   0x7ffff78b32f7:	jmpq   0x7ffff78b33d4
   0x7ffff78b32fc:	lea    0x30(%rdx),%rcx
   0x7ffff78b3300:	lea    0x1(%rdi),%esi
   0x7ffff78b3303:	testb  $0x1,-0x30(%rcx)
   0x7ffff78b3307:	mov    %esi,%edi
   0x7ffff78b3309:	je     0x7ffff78b3317
   0x7ffff78b330b:	movzbl -0x2e(%rcx),%ebp
   0x7ffff78b330f:	cmp    %ebp,%ebx
   0x7ffff78b3311:	je     0x7ffff78b34a2
   0x7ffff78b3317:	lea    0x30(%rcx),%rdx
   0x7ffff78b331b:	lea    0x1(%rsi),%edi
   0x7ffff78b331e:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b3322:	je     0x7ffff78b3332
   0x7ffff78b3324:	movzbl -0x2e(%rdx),%r10d
   0x7ffff78b3329:	cmp    %r10d,%ebx
   0x7ffff78b332c:	je     0x7ffff78b34b5
   0x7ffff78b3332:	lea    0x60(%rcx),%rdx
   0x7ffff78b3336:	lea    0x2(%rsi),%edi
   0x7ffff78b3339:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b333d:	je     0x7ffff78b334b
   0x7ffff78b333f:	movzbl -0x2e(%rdx),%eax
   0x7ffff78b3343:	cmp    %eax,%ebx
   0x7ffff78b3345:	je     0x7ffff78b34e5
   0x7ffff78b334b:	lea    0x90(%rcx),%rdx
   0x7ffff78b3352:	lea    0x3(%rsi),%edi
   0x7ffff78b3355:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b3359:	je     0x7ffff78b3369
   0x7ffff78b335b:	movzbl -0x2e(%rdx),%r9d
   0x7ffff78b3360:	cmp    %r9d,%ebx
   0x7ffff78b3363:	je     0x7ffff78b34f7
   0x7ffff78b3369:	lea    0xc0(%rcx),%rdx
   0x7ffff78b3370:	lea    0x4(%rsi),%edi
   0x7ffff78b3373:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b3377:	je     0x7ffff78b3387
   0x7ffff78b3379:	movzbl -0x2e(%rdx),%r11d
   0x7ffff78b337e:	cmp    %r11d,%ebx
   0x7ffff78b3381:	je     0x7ffff78b3510
   0x7ffff78b3387:	lea    0xf0(%rcx),%rdx
   0x7ffff78b338e:	lea    0x5(%rsi),%edi
   0x7ffff78b3391:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b3395:	je     0x7ffff78b33a3
   0x7ffff78b3397:	movzbl -0x2e(%rdx),%ebp
   0x7ffff78b339b:	cmp    %ebp,%ebx
   0x7ffff78b339d:	je     0x7ffff78b3525
   0x7ffff78b33a3:	lea    0x120(%rcx),%rdx
   0x7ffff78b33aa:	lea    0x6(%rsi),%edi
   0x7ffff78b33ad:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b33b1:	je     0x7ffff78b33c1
   0x7ffff78b33b3:	movzbl -0x2e(%rdx),%r10d
   0x7ffff78b33b8:	cmp    %r10d,%ebx
   0x7ffff78b33bb:	je     0x7ffff78b34d0
   0x7ffff78b33c1:	lea    0x7(%rsi),%edi
   0x7ffff78b33c4:	lea    0x150(%rcx),%rdx
   0x7ffff78b33cb:	cmp    $0x20,%edi
   0x7ffff78b33ce:	je     0x7ffff78b327a
   0x7ffff78b33d4:	testb  $0x1,-0x30(%rdx)
   0x7ffff78b33d8:	je     0x7ffff78b32fc
   0x7ffff78b33de:	movzbl -0x2e(%rdx),%eax
   0x7ffff78b33e2:	cmp    %eax,%ebx
   0x7ffff78b33e4:	jne    0x7ffff78b32fc
   0x7ffff78b33ea:	movzbl -0x2d(%rdx),%ecx
   0x7ffff78b33ee:	cmp    %ecx,%r8d
   0x7ffff78b33f1:	jne    0x7ffff78b32fc
   0x7ffff78b33f7:	jmpq   0x7ffff78b31e6
   0x7ffff78b33fc:	data32 data32 xchg %ax,%ax
   0x7ffff78b3400:	mov    0x7051e1(%rip),%rsi        # 0x7ffff7fb85e8
   0x7ffff78b3407:	mov    (%rsi),%rbx
   0x7ffff78b340a:	test   %rbx,%rbx
   0x7ffff78b340d:	jne    0x7ffff78b341b
   0x7ffff78b340f:	nop
   0x7ffff78b3410:	jmp    0x7ffff78b348e
   0x7ffff78b3412:	mov    0x30(%rbx),%rbx
   0x7ffff78b3416:	test   %rbx,%rbx
   0x7ffff78b3419:	je     0x7ffff78b348e
   0x7ffff78b341b:	cmp    (%rbx),%r12d
   0x7ffff78b341e:	xchg   %ax,%ax
   0x7ffff78b3420:	jne    0x7ffff78b3412
   0x7ffff78b3422:	cmp    0x4(%rbx),%r14d
   0x7ffff78b3426:	jne    0x7ffff78b3412
   0x7ffff78b3428:	mov    0x676c52(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b342e:	xor    %eax,%eax
   0x7ffff78b3430:	mov    %rsp,%rdx
   0x7ffff78b3433:	mov    $0xc0204623,%esi
   0x7ffff78b3438:	movq   $0x0,(%rsp)
   0x7ffff78b3440:	movq   $0x0,0x8(%rsp)
   0x7ffff78b3449:	movl   $0x0,0x7083b9(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3453:	movq   $0x0,0x18(%rsp)
   0x7ffff78b345c:	mov    %r12d,(%rsp)
   0x7ffff78b3460:	mov    %r14d,0x4(%rsp)
   0x7ffff78b3465:	mov    %r13d,0x8(%rsp)
   0x7ffff78b346a:	mov    %r15,0x10(%rsp)
   0x7ffff78b346f:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3474:	test   %eax,%eax
   0x7ffff78b3476:	jns    0x7ffff78b353b
   0x7ffff78b347c:	mov    %rbx,%rdi
   0x7ffff78b347f:	mov    $0x2a,%ebp
   0x7ffff78b3484:	callq  0x7ffff78b22d0
   0x7ffff78b3489:	jmpq   0x7ffff78b327f
   0x7ffff78b348e:	mov    $0xb,%ebp
   0x7ffff78b3493:	movl   $0x0,0x70836f(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b349d:	jmpq   0x7ffff78b327f
   0x7ffff78b34a2:	movzbl -0x2d(%rcx),%r9d
   0x7ffff78b34a7:	cmp    %r9d,%r8d
   0x7ffff78b34aa:	jne    0x7ffff78b3317
   0x7ffff78b34b0:	jmpq   0x7ffff78b31e6
   0x7ffff78b34b5:	movzbl -0x2d(%rdx),%r11d
   0x7ffff78b34ba:	cmp    %r11d,%r8d
   0x7ffff78b34bd:	data32 xchg %ax,%ax
   0x7ffff78b34c0:	jne    0x7ffff78b3332
   0x7ffff78b34c6:	jmpq   0x7ffff78b31e6
   0x7ffff78b34cb:	data32 xchg %ax,%ax
   0x7ffff78b34ce:	xchg   %ax,%ax
   0x7ffff78b34d0:	movzbl -0x2d(%rdx),%r11d
   0x7ffff78b34d5:	cmp    %r11d,%r8d
   0x7ffff78b34d8:	jne    0x7ffff78b33c1
   0x7ffff78b34de:	xchg   %ax,%ax
   0x7ffff78b34e0:	jmpq   0x7ffff78b31e6
   0x7ffff78b34e5:	movzbl -0x2d(%rdx),%ebp
   0x7ffff78b34e9:	cmp    %ebp,%r8d
   0x7ffff78b34ec:	jne    0x7ffff78b334b
   0x7ffff78b34f2:	jmpq   0x7ffff78b31e6
   0x7ffff78b34f7:	movzbl -0x2d(%rdx),%r10d
   0x7ffff78b34fc:	cmp    %r10d,%r8d
   0x7ffff78b34ff:	nop
   0x7ffff78b3500:	jne    0x7ffff78b3369
   0x7ffff78b3506:	jmpq   0x7ffff78b31e6
   0x7ffff78b350b:	data32 xchg %ax,%ax
   0x7ffff78b350e:	xchg   %ax,%ax
   0x7ffff78b3510:	movzbl -0x2d(%rdx),%eax
   0x7ffff78b3514:	cmp    %eax,%r8d
   0x7ffff78b3517:	jne    0x7ffff78b3387
   0x7ffff78b351d:	data32 xchg %ax,%ax
   0x7ffff78b3520:	jmpq   0x7ffff78b31e6
   0x7ffff78b3525:	movzbl -0x2d(%rdx),%r9d
   0x7ffff78b352a:	cmp    %r9d,%r8d
   0x7ffff78b352d:	data32 xchg %ax,%ax
   0x7ffff78b3530:	jne    0x7ffff78b33a3
   0x7ffff78b3536:	jmpq   0x7ffff78b31e6
   0x7ffff78b353b:	mov    0x18(%rsp),%r12d
   0x7ffff78b3540:	test   %r12d,%r12d
   0x7ffff78b3543:	je     0x7ffff78b327f
   0x7ffff78b3549:	mov    %rbx,%rdi
   0x7ffff78b354c:	callq  0x7ffff78b22d0
   0x7ffff78b3551:	mov    0x18(%rsp),%ebp
   0x7ffff78b3555:	jmpq   0x7ffff78b327f
   0x7ffff78b355a:	data32 xchg %ax,%ax
   0x7ffff78b355d:	data32 xchg %ax,%ax
   0x7ffff78b3560:	push   %rbx
   0x7ffff78b3561:	mov    %rdx,%r9
   0x7ffff78b3564:	xor    %r8d,%r8d
   0x7ffff78b3567:	mov    %rcx,%rbx
   0x7ffff78b356a:	mov    $0x22,%edx
   0x7ffff78b356f:	mov    $0x1,%ecx
   0x7ffff78b3574:	sub    $0x10,%rsp
   0x7ffff78b3578:	test   %r9,%r9
   0x7ffff78b357b:	je     0x7ffff78b3681
   0x7ffff78b3581:	mov    %r8d,%eax
   0x7ffff78b3584:	
    lock cmpxchg %ecx,0x708280(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b358c:	setne  %dl
   0x7ffff78b358f:	test   %dl,%dl
   0x7ffff78b3591:	je     0x7ffff78b35ed
   0x7ffff78b3593:	mov    0x708272(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b359a:	test   %r10d,%r10d
   0x7ffff78b359d:	je     0x7ffff78b3581
   0x7ffff78b359f:	mov    0x708266(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b35a6:	test   %r11d,%r11d
   0x7ffff78b35a9:	je     0x7ffff78b3581
   0x7ffff78b35ab:	mov    0x70825b(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b35b1:	test   %edx,%edx
   0x7ffff78b35b3:	je     0x7ffff78b3581
   0x7ffff78b35b5:	mov    0x708251(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b35bb:	test   %eax,%eax
   0x7ffff78b35bd:	je     0x7ffff78b3581
   0x7ffff78b35bf:	mov    0x708246(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b35c6:	test   %r10d,%r10d
   0x7ffff78b35c9:	je     0x7ffff78b3581
   0x7ffff78b35cb:	mov    0x70823a(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b35d2:	test   %r11d,%r11d
   0x7ffff78b35d5:	je     0x7ffff78b3581
   0x7ffff78b35d7:	mov    0x70822f(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b35dd:	test   %edx,%edx
   0x7ffff78b35df:	je     0x7ffff78b3581
   0x7ffff78b35e1:	mov    0x708225(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b35e7:	test   %eax,%eax
   0x7ffff78b35e9:	jne    0x7ffff78b3593
   0x7ffff78b35eb:	jmp    0x7ffff78b3581
   0x7ffff78b35ed:	mov    0x704ff4(%rip),%rcx        # 0x7ffff7fb85e8
   0x7ffff78b35f4:	mov    (%rcx),%rax
   0x7ffff78b35f7:	test   %rax,%rax
   0x7ffff78b35fa:	jne    0x7ffff78b360e
   0x7ffff78b35fc:	jmpq   0x7ffff78b3689
   0x7ffff78b3601:	mov    0x30(%rax),%rax
   0x7ffff78b3605:	test   %rax,%rax
   0x7ffff78b3608:	je     0x7ffff78b3689
   0x7ffff78b360e:	cmp    (%rax),%edi
   0x7ffff78b3610:	jne    0x7ffff78b3601
   0x7ffff78b3612:	mov    0x10(%rax),%rcx
   0x7ffff78b3616:	test   %rcx,%rcx
   0x7ffff78b3619:	jne    0x7ffff78b362b
   0x7ffff78b361b:	data32 xchg %ax,%ax
   0x7ffff78b361e:	xchg   %ax,%ax
   0x7ffff78b3620:	jmp    0x7ffff78b3601
   0x7ffff78b3622:	mov    0x10(%rcx),%rcx
   0x7ffff78b3626:	test   %rcx,%rcx
   0x7ffff78b3629:	je     0x7ffff78b3601
   0x7ffff78b362b:	cmp    (%rcx),%esi
   0x7ffff78b362d:	data32 xchg %ax,%ax
   0x7ffff78b3630:	jne    0x7ffff78b3622
   0x7ffff78b3632:	movl   $0x0,0x4(%rsp)
   0x7ffff78b363a:	movl   $0x0,0x7081c8(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3644:	mov    %rsp,%rdx
   0x7ffff78b3647:	movl   $0x0,0x8(%rsp)
   0x7ffff78b364f:	movl   $0x0,0xc(%rsp)
   0x7ffff78b3657:	xor    %eax,%eax
   0x7ffff78b3659:	mov    %r9,(%rsp)
   0x7ffff78b365d:	mov    (%rcx),%edi
   0x7ffff78b365f:	mov    $0xc0104652,%esi
   0x7ffff78b3664:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3669:	test   %eax,%eax
   0x7ffff78b366b:	mov    $0x2a,%edx
   0x7ffff78b3670:	js     0x7ffff78b3681
   0x7ffff78b3672:	test   %rbx,%rbx
   0x7ffff78b3675:	je     0x7ffff78b367d
   0x7ffff78b3677:	mov    0x8(%rsp),%esi
   0x7ffff78b367b:	mov    %esi,(%rbx)
   0x7ffff78b367d:	mov    0xc(%rsp),%edx
   0x7ffff78b3681:	add    $0x10,%rsp
   0x7ffff78b3685:	mov    %edx,%eax
   0x7ffff78b3687:	pop    %rbx
   0x7ffff78b3688:	retq   
   0x7ffff78b3689:	mov    0x704320(%rip),%r8        # 0x7ffff7fb79b0
   0x7ffff78b3690:	mov    (%r8),%rdi
   0x7ffff78b3693:	mov    0x10(%rdi),%rcx
   0x7ffff78b3697:	test   %rcx,%rcx
   0x7ffff78b369a:	jne    0x7ffff78b36a9
   0x7ffff78b369c:	jmp    0x7ffff78b36b7
   0x7ffff78b369e:	xchg   %ax,%ax
   0x7ffff78b36a0:	mov    0x10(%rcx),%rcx
   0x7ffff78b36a4:	test   %rcx,%rcx
   0x7ffff78b36a7:	je     0x7ffff78b36b7
   0x7ffff78b36a9:	cmp    (%rcx),%esi
   0x7ffff78b36ab:	data32 xchg %ax,%ax
   0x7ffff78b36ae:	xchg   %ax,%ax
   0x7ffff78b36b0:	jne    0x7ffff78b36a0
   0x7ffff78b36b2:	jmpq   0x7ffff78b3632
   0x7ffff78b36b7:	movl   $0x0,0x70814b(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b36c1:	add    $0x10,%rsp
   0x7ffff78b36c5:	mov    $0x1d,%edx
   0x7ffff78b36ca:	pop    %rbx
   0x7ffff78b36cb:	mov    %edx,%eax
   0x7ffff78b36cd:	retq   
   0x7ffff78b36ce:	xchg   %ax,%ax
   0x7ffff78b36d0:	push   %rbp
   0x7ffff78b36d1:	mov    $0x22,%eax
   0x7ffff78b36d6:	mov    %ecx,%ebp
   0x7ffff78b36d8:	push   %rbx
   0x7ffff78b36d9:	mov    %edx,%ebx
   0x7ffff78b36db:	sub    $0x38,%rsp
   0x7ffff78b36df:	test   %r9,%r9
   0x7ffff78b36e2:	je     0x7ffff78b3820
   0x7ffff78b36e8:	mov    (%r9),%ecx
   0x7ffff78b36eb:	xor    %r11d,%r11d
   0x7ffff78b36ee:	mov    $0x1,%r10d
   0x7ffff78b36f4:	test   %ecx,%ecx
   0x7ffff78b36f6:	jle    0x7ffff78b381b
   0x7ffff78b36fc:	data32 data32 xchg %ax,%ax
   0x7ffff78b3700:	mov    %r11d,%eax
   0x7ffff78b3703:	
    lock cmpxchg %r10d,0x708100(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b370c:	setne  %dl
   0x7ffff78b370f:	test   %dl,%dl
   0x7ffff78b3711:	je     0x7ffff78b3765
   0x7ffff78b3713:	mov    0x7080f3(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b3719:	test   %edx,%edx
   0x7ffff78b371b:	je     0x7ffff78b3700
   0x7ffff78b371d:	mov    0x7080e9(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b3723:	test   %edx,%edx
   0x7ffff78b3725:	je     0x7ffff78b3700
   0x7ffff78b3727:	mov    0x7080df(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b372d:	test   %eax,%eax
   0x7ffff78b372f:	je     0x7ffff78b3700
   0x7ffff78b3731:	mov    0x7080d5(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b3737:	test   %edx,%edx
   0x7ffff78b3739:	je     0x7ffff78b3700
   0x7ffff78b373b:	mov    0x7080cb(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b3741:	test   %eax,%eax
   0x7ffff78b3743:	je     0x7ffff78b3700
   0x7ffff78b3745:	mov    0x7080c1(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b374b:	test   %edx,%edx
   0x7ffff78b374d:	je     0x7ffff78b3700
   0x7ffff78b374f:	mov    0x7080b7(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b3755:	test   %eax,%eax
   0x7ffff78b3757:	je     0x7ffff78b3700
   0x7ffff78b3759:	mov    0x7080ad(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b375f:	test   %edx,%edx
   0x7ffff78b3761:	jne    0x7ffff78b3713
   0x7ffff78b3763:	jmp    0x7ffff78b3700
   0x7ffff78b3765:	mov    0x704e7c(%rip),%r10        # 0x7ffff7fb85e8
   0x7ffff78b376c:	mov    (%r10),%rax
   0x7ffff78b376f:	test   %rax,%rax
   0x7ffff78b3772:	jne    0x7ffff78b378d
   0x7ffff78b3774:	jmpq   0x7ffff78b3827
   0x7ffff78b3779:	data32 data32 xchg %ax,%ax
   0x7ffff78b377d:	data32 xchg %ax,%ax
   0x7ffff78b3780:	mov    0x30(%rax),%rax
   0x7ffff78b3784:	test   %rax,%rax
   0x7ffff78b3787:	je     0x7ffff78b3827
   0x7ffff78b378d:	cmp    (%rax),%edi
   0x7ffff78b378f:	nop
   0x7ffff78b3790:	jne    0x7ffff78b3780
   0x7ffff78b3792:	mov    0x10(%rax),%r10
   0x7ffff78b3796:	test   %r10,%r10
   0x7ffff78b3799:	jne    0x7ffff78b37ab
   0x7ffff78b379b:	data32 xchg %ax,%ax
   0x7ffff78b379e:	xchg   %ax,%ax
   0x7ffff78b37a0:	jmp    0x7ffff78b3780
   0x7ffff78b37a2:	mov    0x10(%r10),%r10
   0x7ffff78b37a6:	test   %r10,%r10
   0x7ffff78b37a9:	je     0x7ffff78b3780
   0x7ffff78b37ab:	cmp    (%r10),%ecx
   0x7ffff78b37ae:	xchg   %ax,%ax
   0x7ffff78b37b0:	jne    0x7ffff78b37a2
   0x7ffff78b37b2:	movq   $0x0,(%rsp)
   0x7ffff78b37ba:	movq   $0x0,0x8(%rsp)
   0x7ffff78b37c3:	xor    %eax,%eax
   0x7ffff78b37c5:	movl   $0x0,0x70803d(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b37cf:	movq   $0x0,0x10(%rsp)
   0x7ffff78b37d8:	mov    %rsp,%rdx
   0x7ffff78b37db:	movq   $0x0,0x18(%rsp)
   0x7ffff78b37e4:	mov    %edi,(%rsp)
   0x7ffff78b37e7:	mov    %esi,0x4(%rsp)
   0x7ffff78b37eb:	movq   $0x0,0x20(%rsp)
   0x7ffff78b37f4:	mov    $0xc0284644,%esi
   0x7ffff78b37f9:	mov    %ebx,0x8(%rsp)
   0x7ffff78b37fd:	mov    %ebp,0xc(%rsp)
   0x7ffff78b3801:	mov    %r8d,0x10(%rsp)
   0x7ffff78b3806:	mov    0x4(%r10),%ecx
   0x7ffff78b380a:	mov    (%r9),%edi
   0x7ffff78b380d:	mov    %rcx,0x18(%rsp)
   0x7ffff78b3812:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3817:	test   %eax,%eax
   0x7ffff78b3819:	jns    0x7ffff78b386d
   0x7ffff78b381b:	mov    $0x2a,%eax
   0x7ffff78b3820:	add    $0x38,%rsp
   0x7ffff78b3824:	pop    %rbx
   0x7ffff78b3825:	pop    %rbp
   0x7ffff78b3826:	retq   
   0x7ffff78b3827:	mov    0x704182(%rip),%rax        # 0x7ffff7fb79b0
   0x7ffff78b382e:	mov    (%rax),%r11
   0x7ffff78b3831:	mov    0x10(%r11),%r10
   0x7ffff78b3835:	test   %r10,%r10
   0x7ffff78b3838:	jne    0x7ffff78b3849
   0x7ffff78b383a:	jmp    0x7ffff78b3857
   0x7ffff78b383c:	data32 data32 xchg %ax,%ax
   0x7ffff78b3840:	mov    0x10(%r10),%r10
   0x7ffff78b3844:	test   %r10,%r10
   0x7ffff78b3847:	je     0x7ffff78b3857
   0x7ffff78b3849:	cmp    (%r10),%ecx
   0x7ffff78b384c:	data32 data32 xchg %ax,%ax
   0x7ffff78b3850:	jne    0x7ffff78b3840
   0x7ffff78b3852:	jmpq   0x7ffff78b37b2
   0x7ffff78b3857:	movl   $0x0,0x707fab(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3861:	add    $0x38,%rsp
   0x7ffff78b3865:	mov    $0x1d,%eax
   0x7ffff78b386a:	pop    %rbx
   0x7ffff78b386b:	pop    %rbp
   0x7ffff78b386c:	retq   
   0x7ffff78b386d:	mov    0x20(%rsp),%eax
   0x7ffff78b3871:	add    $0x38,%rsp
   0x7ffff78b3875:	pop    %rbx
   0x7ffff78b3876:	pop    %rbp
   0x7ffff78b3877:	retq   
   0x7ffff78b3878:	data32 data32 xchg %ax,%ax
   0x7ffff78b387c:	data32 data32 xchg %ax,%ax
   0x7ffff78b3880:	push   %r13
   0x7ffff78b3882:	mov    $0x22,%eax
   0x7ffff78b3887:	mov    %rdi,%r13
   0x7ffff78b388a:	push   %r12
   0x7ffff78b388c:	push   %rbp
   0x7ffff78b388d:	push   %rbx
   0x7ffff78b388e:	sub    $0x4e8,%rsp
   0x7ffff78b3895:	test   %rdi,%rdi
   0x7ffff78b3898:	je     0x7ffff78b3933
   0x7ffff78b389e:	xchg   %ax,%ax
   0x7ffff78b38a0:	xor    %eax,%eax
   0x7ffff78b38a2:	mov    $0x1,%ecx
   0x7ffff78b38a7:	
    lock cmpxchg %ecx,0x707f5d(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b38af:	setne  %dl
   0x7ffff78b38b2:	test   %dl,%dl
   0x7ffff78b38b4:	je     0x7ffff78b3941
   0x7ffff78b38ba:	mov    0x707f4c(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b38c0:	test   %ebx,%ebx
   0x7ffff78b38c2:	je     0x7ffff78b38a0
   0x7ffff78b38c4:	mov    0x707f42(%rip),%ecx        # 0x7ffff7fbb80c
   0x7ffff78b38ca:	test   %ecx,%ecx
   0x7ffff78b38cc:	je     0x7ffff78b38a0
   0x7ffff78b38ce:	mov    0x707f38(%rip),%esi        # 0x7ffff7fbb80c
   0x7ffff78b38d4:	test   %esi,%esi
   0x7ffff78b38d6:	je     0x7ffff78b38a0
   0x7ffff78b38d8:	mov    0x707f2d(%rip),%r12d        # 0x7ffff7fbb80c
   0x7ffff78b38df:	test   %r12d,%r12d
   0x7ffff78b38e2:	je     0x7ffff78b38a0
   0x7ffff78b38e4:	mov    0x707f22(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b38ea:	test   %edx,%edx
   0x7ffff78b38ec:	je     0x7ffff78b38a0
   0x7ffff78b38ee:	mov    0x707f18(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b38f4:	test   %eax,%eax
   0x7ffff78b38f6:	je     0x7ffff78b38a0
   0x7ffff78b38f8:	mov    0x707f0d(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b38ff:	test   %r9d,%r9d
   0x7ffff78b3902:	je     0x7ffff78b38a0
   0x7ffff78b3904:	mov    0x707f01(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b390b:	test   %r10d,%r10d
   0x7ffff78b390e:	jne    0x7ffff78b38ba
   0x7ffff78b3910:	jmp    0x7ffff78b38a0
   0x7ffff78b3912:	mov    0x4d8(%rsp),%ecx
   0x7ffff78b3919:	test   %ecx,%ecx
   0x7ffff78b391b:	jne    0x7ffff78b3e97
   0x7ffff78b3921:	mov    0x4d0(%rsp),%ebx
   0x7ffff78b3928:	mov    %ebx,0x0(%r13)
   0x7ffff78b392c:	mov    0x4d8(%rsp),%eax
   0x7ffff78b3933:	add    $0x4e8,%rsp
   0x7ffff78b393a:	pop    %rbx
   0x7ffff78b393b:	pop    %rbp
   0x7ffff78b393c:	pop    %r12
   0x7ffff78b393e:	pop    %r13
   0x7ffff78b3940:	retq   
   0x7ffff78b3941:	mov    0x707ec1(%rip),%eax        # 0x7ffff7fbb808
   0x7ffff78b3947:	test   %eax,%eax
   0x7ffff78b3949:	je     0x7ffff78b3a4f
   0x7ffff78b394f:	inc    %eax
   0x7ffff78b3951:	movl   $0x0,0x707eb1(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b395b:	mov    %eax,0x707ea7(%rip)        # 0x7ffff7fbb808
   0x7ffff78b3961:	lea    0x4d0(%rsp),%rdx
   0x7ffff78b3969:	movl   $0x0,0x0(%r13)
   0x7ffff78b3971:	movl   $0x0,0x4d0(%rsp)
   0x7ffff78b397c:	mov    $0xc00c4622,%esi
   0x7ffff78b3981:	xor    %eax,%eax
   0x7ffff78b3983:	movl   $0x0,0x8(%rdx)
   0x7ffff78b398a:	mov    0x6766f0(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3990:	movl   $0x0,0x4d4(%rsp)
   0x7ffff78b399b:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b39a0:	xor    %esi,%esi
   0x7ffff78b39a2:	test   %eax,%eax
   0x7ffff78b39a4:	mov    $0x1,%ecx
   0x7ffff78b39a9:	jns    0x7ffff78b3912
   0x7ffff78b39af:	mov    %esi,%eax
   0x7ffff78b39b1:	
    lock cmpxchg %ecx,0x707e53(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b39b9:	setne  %dl
   0x7ffff78b39bc:	test   %dl,%dl
   0x7ffff78b39be:	je     0x7ffff78b3a1c
   0x7ffff78b39c0:	mov    0x707e45(%rip),%r8d        # 0x7ffff7fbb80c
   0x7ffff78b39c7:	test   %r8d,%r8d
   0x7ffff78b39ca:	je     0x7ffff78b39af
   0x7ffff78b39cc:	mov    0x707e39(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b39d3:	test   %r10d,%r10d
   0x7ffff78b39d6:	je     0x7ffff78b39af
   0x7ffff78b39d8:	mov    0x707e2d(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b39df:	test   %r11d,%r11d
   0x7ffff78b39e2:	je     0x7ffff78b39af
   0x7ffff78b39e4:	mov    0x707e21(%rip),%r13d        # 0x7ffff7fbb80c
   0x7ffff78b39eb:	test   %r13d,%r13d
   0x7ffff78b39ee:	je     0x7ffff78b39af
   0x7ffff78b39f0:	mov    0x707e16(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b39f6:	test   %ebx,%ebx
   0x7ffff78b39f8:	je     0x7ffff78b39af
   0x7ffff78b39fa:	mov    0x707e0c(%rip),%ebp        # 0x7ffff7fbb80c
   0x7ffff78b3a00:	test   %ebp,%ebp
   0x7ffff78b3a02:	je     0x7ffff78b39af
   0x7ffff78b3a04:	mov    0x707e02(%rip),%edi        # 0x7ffff7fbb80c
   0x7ffff78b3a0a:	test   %edi,%edi
   0x7ffff78b3a0c:	je     0x7ffff78b39af
   0x7ffff78b3a0e:	mov    0x707df7(%rip),%r8d        # 0x7ffff7fbb80c
   0x7ffff78b3a15:	test   %r8d,%r8d
   0x7ffff78b3a18:	jne    0x7ffff78b39c0
   0x7ffff78b3a1a:	jmp    0x7ffff78b39af
   0x7ffff78b3a1c:	mov    0x707de6(%rip),%esi        # 0x7ffff7fbb808
   0x7ffff78b3a22:	dec    %esi
   0x7ffff78b3a24:	test   %esi,%esi
   0x7ffff78b3a26:	mov    %esi,0x707ddc(%rip)        # 0x7ffff7fbb808
   0x7ffff78b3a2c:	je     0x7ffff78b3dcb
   0x7ffff78b3a32:	movl   $0x0,0x707dd0(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3a3c:	mov    $0x2a,%eax
   0x7ffff78b3a41:	add    $0x4e8,%rsp
   0x7ffff78b3a48:	pop    %rbx
   0x7ffff78b3a49:	pop    %rbp
   0x7ffff78b3a4a:	pop    %r12
   0x7ffff78b3a4c:	pop    %r13
   0x7ffff78b3a4e:	retq   
   0x7ffff78b3a4f:	mov    0x705b9a(%rip),%rbp        # 0x7ffff7fb95f0
   0x7ffff78b3a56:	mov    $0x700,%edx
   0x7ffff78b3a5b:	xor    %esi,%esi
   0x7ffff78b3a5d:	mov    %rbp,%rdi
   0x7ffff78b3a60:	callq  0x7ffff782a990 <memset@plt>
   0x7ffff78b3a65:	lea    0x700(%rbp),%rdx
   0x7ffff78b3a6c:	mov    %rbp,%rax
   0x7ffff78b3a6f:	movl   $0xffffffff,(%rax)
   0x7ffff78b3a75:	movl   $0xffffffff,0x38(%rax)
   0x7ffff78b3a7c:	movl   $0xffffffff,0x70(%rax)
   0x7ffff78b3a83:	movl   $0xffffffff,0xa8(%rax)
   0x7ffff78b3a8d:	movl   $0xffffffff,0xe0(%rax)
   0x7ffff78b3a97:	movl   $0xffffffff,0x118(%rax)
   0x7ffff78b3aa1:	movl   $0xffffffff,0x150(%rax)
   0x7ffff78b3aab:	movl   $0xffffffff,0x188(%rax)
   0x7ffff78b3ab5:	add    $0x1c0,%rax
   0x7ffff78b3abb:	cmp    %rdx,%rax
   0x7ffff78b3abe:	jne    0x7ffff78b3a6f
   0x7ffff78b3ac0:	callq  0x7ffff782a290 <geteuid@plt>
   0x7ffff78b3ac5:	test   %eax,%eax
   0x7ffff78b3ac7:	jne    0x7ffff78b3bf7
   0x7ffff78b3acd:	movzbl 0x4d1b06(%rip),%esi        # 0x7ffff7d855da
   0x7ffff78b3ad4:	lea    0x1(%rsp),%rdi
   0x7ffff78b3ad9:	mov    $0x3ff,%edx
   0x7ffff78b3ade:	lea    0x480(%rsp),%rbp
   0x7ffff78b3ae6:	mov    %sil,(%rsp)
   0x7ffff78b3aea:	xor    %esi,%esi
   0x7ffff78b3aec:	callq  0x7ffff782a990 <memset@plt>
   0x7ffff78b3af1:	lea    0x53ee73(%rip),%rsi        # 0x7ffff7df296b
   0x7ffff78b3af8:	lea    0x4d178d(%rip),%rdi        # 0x7ffff7d8528c
   0x7ffff78b3aff:	movl   $0x1,0x4dc(%rsp)
   0x7ffff78b3b0a:	callq  0x7ffff782a520 <fopen64@plt>
   0x7ffff78b3b0f:	test   %rax,%rax
   0x7ffff78b3b12:	mov    %rax,%rbx
   0x7ffff78b3b15:	jne    0x7ffff78b3b40
   0x7ffff78b3b17:	jmp    0x7ffff78b3b60
   0x7ffff78b3b19:	data32 data32 xchg %ax,%ax
   0x7ffff78b3b1d:	data32 xchg %ax,%ax
   0x7ffff78b3b20:	cld    
   0x7ffff78b3b21:	lea    0x4d1772(%rip),%rdi        # 0x7ffff7d8529a
   0x7ffff78b3b28:	movb   $0x0,0x48f(%rsp)
   0x7ffff78b3b30:	mov    $0x7,%ecx
   0x7ffff78b3b35:	mov    %rbp,%rsi
   0x7ffff78b3b38:	repz cmpsb %es:(%rdi),%ds:(%rsi)
   0x7ffff78b3b3a:	je     0x7ffff78b3f09
   0x7ffff78b3b40:	lea    0x4d175a(%rip),%rsi        # 0x7ffff7d852a1
   0x7ffff78b3b47:	xor    %eax,%eax
   0x7ffff78b3b49:	mov    %rbp,%rdx
   0x7ffff78b3b4c:	mov    %rbx,%rdi
   0x7ffff78b3b4f:	callq  0x7ffff782a400 <fscanf@plt>
   0x7ffff78b3b54:	dec    %eax
   0x7ffff78b3b56:	je     0x7ffff78b3b20
   0x7ffff78b3b58:	mov    %rbx,%rdi
   0x7ffff78b3b5b:	callq  0x7ffff782a5a0 <fclose@plt>
   0x7ffff78b3b60:	lea    0x4d1746(%rip),%rdi        # 0x7ffff7d852ad
   0x7ffff78b3b67:	xor    %esi,%esi
   0x7ffff78b3b69:	xor    %eax,%eax
   0x7ffff78b3b6b:	callq  0x7ffff782a360 <open64@plt>
   0x7ffff78b3b70:	test   %eax,%eax
   0x7ffff78b3b72:	mov    %eax,%ebx
   0x7ffff78b3b74:	js     0x7ffff78b3ba2
   0x7ffff78b3b76:	mov    %rsp,%rsi
   0x7ffff78b3b79:	mov    $0x3ff,%edx
   0x7ffff78b3b7e:	mov    %eax,%edi
   0x7ffff78b3b80:	callq  0x7ffff782a2b0 <read@plt>
   0x7ffff78b3b85:	test   %eax,%eax
   0x7ffff78b3b87:	jle    0x7ffff78b4012
   0x7ffff78b3b8d:	dec    %eax
   0x7ffff78b3b8f:	cltq   
   0x7ffff78b3b91:	cmpb   $0xa,(%rsp,%rax,1)
   0x7ffff78b3b95:	je     0x7ffff78b406a
   0x7ffff78b3b9b:	mov    %ebx,%edi
   0x7ffff78b3b9d:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b3ba2:	cmpb   $0x0,(%rsp)
   0x7ffff78b3ba6:	je     0x7ffff78b401b
   0x7ffff78b3bac:	callq  0x7ffff782a2a0 <fork@plt>
   0x7ffff78b3bb1:	cmp    $0xffffffffffffffff,%eax
   0x7ffff78b3bb4:	mov    %eax,%edi
   0x7ffff78b3bb6:	je     0x7ffff78b3f46
   0x7ffff78b3bbc:	test   %eax,%eax
   0x7ffff78b3bbe:	xchg   %ax,%ax
   0x7ffff78b3bc0:	je     0x7ffff78b3f72
   0x7ffff78b3bc6:	lea    0x4dc(%rsp),%rsi
   0x7ffff78b3bce:	xor    %edx,%edx
   0x7ffff78b3bd0:	callq  0x7ffff782aa70 <waitpid@plt>
   0x7ffff78b3bd5:	test   %eax,%eax
   0x7ffff78b3bd7:	js     0x7ffff78b3f46
   0x7ffff78b3bdd:	mov    0x4dc(%rsp),%eax
   0x7ffff78b3be4:	test   $0x7f,%al
   0x7ffff78b3be6:	jne    0x7ffff78b3f46
   0x7ffff78b3bec:	movzbl %ah,%edx
   0x7ffff78b3bef:	test   %edx,%edx
   0x7ffff78b3bf1:	jne    0x7ffff78b3f46
   0x7ffff78b3bf7:	lea    0x400(%rsp),%rbx
   0x7ffff78b3bff:	lea    0x4d16c7(%rip),%rdx        # 0x7ffff7d852cd
   0x7ffff78b3c06:	mov    $0x80,%esi
   0x7ffff78b3c0b:	xor    %eax,%eax
   0x7ffff78b3c0d:	mov    %rbx,%rdi
   0x7ffff78b3c10:	callq  0x7ffff782a740 <snprintf@plt>
   0x7ffff78b3c15:	mov    $0xff,%esi
   0x7ffff78b3c1a:	mov    %rbx,%rdi
   0x7ffff78b3c1d:	callq  0x7ffff78b0050
   0x7ffff78b3c22:	xor    %eax,%eax
   0x7ffff78b3c24:	mov    $0x2,%esi
   0x7ffff78b3c29:	mov    %rbx,%rdi
   0x7ffff78b3c2c:	callq  0x7ffff782a360 <open64@plt>
   0x7ffff78b3c31:	test   %eax,%eax
   0x7ffff78b3c33:	mov    %eax,%ebp
   0x7ffff78b3c35:	mov    %eax,0x676445(%rip)        # 0x7ffff7f2a080
   0x7ffff78b3c3b:	js     0x7ffff78b3e0c
   0x7ffff78b3c41:	lea    0x480(%rsp),%r12

memset 0x48 (72) bytes to 0 at %r12. rbx preserves 8 bytes into the struct.
r12 == 0x480(%rsp)

   0x7ffff78b3c49:	xor    %esi,%esi
   0x7ffff78b3c4b:	mov    $0x48,%edx
   0x7ffff78b3c50:	lea    0x8(%r12),%rbx
   0x7ffff78b3c55:	mov    %r12,%rdi
   0x7ffff78b3c58:	callq  0x7ffff782a990 <memset@plt>
   0x7ffff78b3c5d:	lea    0x4d1678(%rip),%rdi        # 0x7ffff7d852dc
   0x7ffff78b3c64:	movabs $0x312e36332e353931,%rax
   0x7ffff78b3c6e:	movq   $0x0,0x38(%rbx)

*(uint64_t *)r12 + 16 = 35

   0x7ffff78b3c76:	movq   $0x35,0x8(%rbx)
   0x7ffff78b3c7e:	movq   $0x0,0x10(%rbx)
   0x7ffff78b3c86:	movq   $0x0,0x18(%rbx)
   0x7ffff78b3c8e:	movq   $0x0,0x20(%rbx)
   0x7ffff78b3c96:	movq   $0x0,0x28(%rbx)
   0x7ffff78b3c9e:	movq   $0x0,0x30(%rbx)

   0x7ffff78b3ca6:	movl   $0x0,0x480(%rsp)
   0x7ffff78b3cb1:	movl   $0x0,0x484(%rsp)

*(uint64_t *)r12 + 8 = 0x312e36332e353931

   0x7ffff78b3cbc:	mov    %rax,0x488(%rsp)

   0x7ffff78b3cc4:	movb   $0x0,0x4c7(%rsp)
   0x7ffff78b3ccc:	callq  0x7ffff782a460 <getenv@plt>
   0x7ffff78b3cd1:	test   %rax,%rax
   0x7ffff78b3cd4:	je     0x7ffff78b3ce0
   0x7ffff78b3cd6:	movsbl (%rax),%edi
   0x7ffff78b3cd9:	mov    %edi,0x480(%rsp)
   0x7ffff78b3ce0:	xor    %eax,%eax
   0x7ffff78b3ce2:	mov    %r12,%rdx
   0x7ffff78b3ce5:	mov    $0xc04846d2,%esi
   0x7ffff78b3cea:	mov    %ebp,%edi
   0x7ffff78b3cec:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3cf1:	test   %eax,%eax
   0x7ffff78b3cf3:	js     0x7ffff78b3e4a
   0x7ffff78b3cf9:	mov    0x704ad0(%rip),%rdx        # 0x7ffff7fb87d0
   0x7ffff78b3d00:	xor    %eax,%eax
   0x7ffff78b3d02:	mov    $0xc00446ca,%esi
   0x7ffff78b3d07:	movl   $0x0,(%rdx)
   0x7ffff78b3d0d:	mov    0x67636d(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3d13:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b3d18:	test   %eax,%eax
   0x7ffff78b3d1a:	js     0x7ffff78b3e78
   0x7ffff78b3d20:	mov    0x7045d9(%rip),%rbp        # 0x7ffff7fb8300
   0x7ffff78b3d27:	xor    %esi,%esi
   0x7ffff78b3d29:	mov    $0x600,%edx
   0x7ffff78b3d2e:	mov    %rbp,%rdi
   0x7ffff78b3d31:	callq  0x7ffff782a990 <memset@plt>
   0x7ffff78b3d36:	movl   $0xffffffff,0x0(%rbp)
   0x7ffff78b3d3d:	mov    0x67633d(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3d43:	xor    %eax,%eax
   0x7ffff78b3d45:	mov    %rbp,%rdx
   0x7ffff78b3d48:	mov    $0xc60046c8,%esi
   0x7ffff78b3d4d:	callq  0x7ffff782ab20 <ioctl@plt>

after third ioctl

   0x7ffff78b3d52:	test   %eax,%eax
   0x7ffff78b3d54:	js     0x7ffff78b3e78
   0x7ffff78b3d5a:	mov    $0x38,%edi
   0x7ffff78b3d5f:	callq  0x7ffff782a470 <malloc@plt>
   0x7ffff78b3d64:	test   %rax,%rax
   0x7ffff78b3d67:	mov    %rax,%rdx
   0x7ffff78b3d6a:	je     0x7ffff78b3e78
   0x7ffff78b3d70:	cld    
   0x7ffff78b3d71:	mov    $0x7,%ecx
   0x7ffff78b3d76:	xor    %eax,%eax
   0x7ffff78b3d78:	mov    %rdx,%rdi
   0x7ffff78b3d7b:	rep stos %rax,%es:(%rdi)
   0x7ffff78b3d7e:	mov    0x703c2b(%rip),%rbp        # 0x7ffff7fb79b0
   0x7ffff78b3d85:	movq   $0x0,0x10(%rdx)
   0x7ffff78b3d8d:	movl   $0x0,(%rdx)
   0x7ffff78b3d93:	movl   $0x0,0x4(%rdx)
   0x7ffff78b3d9a:	movl   $0x0,0x8(%rdx)
   0x7ffff78b3da1:	movq   $0x0,0x30(%rdx)
   0x7ffff78b3da9:	mov    0x6762d1(%rip),%ebx        # 0x7ffff7f2a080
   0x7ffff78b3daf:	mov    %rdx,0x0(%rbp)
   0x7ffff78b3db3:	mov    %ebx,0xc(%rdx)
   0x7ffff78b3db6:	incl   0x707a4c(%rip)        # 0x7ffff7fbb808
   0x7ffff78b3dbc:	movl   $0x0,0x707a46(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3dc6:	jmpq   0x7ffff78b3961
   0x7ffff78b3961:	lea    0x4d0(%rsp),%rdx
   0x7ffff78b3969:	movl   $0x0,0x0(%r13)
   0x7ffff78b3971:	movl   $0x0,0x4d0(%rsp)
   0x7ffff78b397c:	mov    $0xc00c4622,%esi
   0x7ffff78b3981:	xor    %eax,%eax
   0x7ffff78b3983:	movl   $0x0,0x8(%rdx)
   0x7ffff78b398a:	mov    0x6766f0(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3990:	movl   $0x0,0x4d4(%rsp)
==>0x7ffff78b399b:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b39a0:	xor    %esi,%esi
   0x7ffff78b39a2:	test   %eax,%eax
   0x7ffff78b39a4:	mov    $0x1,%ecx
   0x7ffff78b39a9:	jns    0x7ffff78b3912
=> 0x7ffff78b3912:	mov    0x4d8(%rsp),%ecx
   0x7ffff78b3919:	test   %ecx,%ecx
   0x7ffff78b391b:	jne    0x7ffff78b3e97
   0x7ffff78b3921:	mov    0x4d0(%rsp),%ebx
   0x7ffff78b3928:	mov    %ebx,0x0(%r13)
   0x7ffff78b392c:	mov    0x4d8(%rsp),%eax
   0x7ffff78b3933:	add    $0x4e8,%rsp
   0x7ffff78b393a:	pop    %rbx
   0x7ffff78b393b:	pop    %rbp
   0x7ffff78b393c:	pop    %r12
   0x7ffff78b393e:	pop    %r13
   0x7ffff78b3940:	retq

return down the stack

   0x7ffff78b3dcb:	mov    0x6762af(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3dd1:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b3dd6:	mov    0x703bd3(%rip),%r12        # 0x7ffff7fb79b0
   0x7ffff78b3ddd:	mov    (%r12),%rdi
   0x7ffff78b3de1:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b3de6:	mov    $0x2a,%eax
   0x7ffff78b3deb:	movq   $0x0,(%r12)
   0x7ffff78b3df3:	
    movl   $0xffffffff,0x676283(%rip)        # 0x7ffff7f2a080
   0x7ffff78b3dfd:	movl   $0x0,0x707a05(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3e07:	jmpq   0x7ffff78b3a41
   0x7ffff78b3e0c:	callq  0x7ffff782ab50 <__errno_location@plt>
   0x7ffff78b3e11:	mov    (%rax),%edi
   0x7ffff78b3e13:	callq  0x7ffff782a9b0 <strerror@plt>
   0x7ffff78b3e18:	mov    0x7042d9(%rip),%r11        # 0x7ffff7fb80f8
   0x7ffff78b3e1f:	lea    0x4d14d2(%rip),%rsi        # 0x7ffff7d852f8
   0x7ffff78b3e26:	mov    %rax,%rcx
   0x7ffff78b3e29:	mov    %rbx,%rdx
   0x7ffff78b3e2c:	xor    %eax,%eax
   0x7ffff78b3e2e:	mov    (%r11),%rdi
   0x7ffff78b3e31:	callq  0x7ffff78b0510
   0x7ffff78b3e36:	mov    $0x2a,%eax
   0x7ffff78b3e3b:	movl   $0x0,0x7079c7(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3e45:	jmpq   0x7ffff78b3933
   0x7ffff78b3e4a:	cmpl   $0x1,0x484(%rsp)
   0x7ffff78b3e52:	je     0x7ffff78b4042
   0x7ffff78b3e58:	mov    0x704299(%rip),%r13        # 0x7ffff7fb80f8
   0x7ffff78b3e5f:	lea    0x4d0c2e(%rip),%rdx        # 0x7ffff7d84a94
   0x7ffff78b3e66:	lea    0x4d1693(%rip),%rsi        # 0x7ffff7d85500
   0x7ffff78b3e6d:	xor    %eax,%eax
   0x7ffff78b3e6f:	mov    0x0(%r13),%rdi
   0x7ffff78b3e73:	callq  0x7ffff782a700 <fprintf@plt>
   0x7ffff78b3e78:	mov    0x676202(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3e7e:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b3e83:	mov    $0x2a,%eax
   0x7ffff78b3e88:	movl   $0x0,0x70797a(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3e92:	jmpq   0x7ffff78b3a41
   0x7ffff78b3e97:	xor    %eax,%eax
   0x7ffff78b3e99:	mov    $0x1,%r9d
   0x7ffff78b3e9f:	
    lock cmpxchg %r9d,0x707964(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3ea8:	setne  %dl
   0x7ffff78b3eab:	test   %dl,%dl
   0x7ffff78b3ead:	je     0x7ffff78b3f16
   0x7ffff78b3eaf:	mov    0x707956(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b3eb6:	test   %r10d,%r10d
   0x7ffff78b3eb9:	je     0x7ffff78b3e97
   0x7ffff78b3ebb:	mov    0x70794b(%rip),%edi        # 0x7ffff7fbb80c
   0x7ffff78b3ec1:	test   %edi,%edi
   0x7ffff78b3ec3:	je     0x7ffff78b3e97
   0x7ffff78b3ec5:	mov    0x707940(%rip),%r8d        # 0x7ffff7fbb80c
   0x7ffff78b3ecc:	test   %r8d,%r8d
   0x7ffff78b3ecf:	je     0x7ffff78b3e97
   0x7ffff78b3ed1:	mov    0x707935(%rip),%esi        # 0x7ffff7fbb80c
   0x7ffff78b3ed7:	test   %esi,%esi
   0x7ffff78b3ed9:	je     0x7ffff78b3e97
   0x7ffff78b3edb:	mov    0x70792a(%rip),%r12d        # 0x7ffff7fbb80c
   0x7ffff78b3ee2:	test   %r12d,%r12d
   0x7ffff78b3ee5:	je     0x7ffff78b3e97
   0x7ffff78b3ee7:	mov    0x70791f(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b3eed:	test   %edx,%edx
   0x7ffff78b3eef:	je     0x7ffff78b3e97
   0x7ffff78b3ef1:	mov    0x707915(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b3ef7:	test   %eax,%eax
   0x7ffff78b3ef9:	je     0x7ffff78b3e97
   0x7ffff78b3efb:	mov    0x70790a(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b3f02:	test   %r9d,%r9d
   0x7ffff78b3f05:	jne    0x7ffff78b3eaf
   0x7ffff78b3f07:	jmp    0x7ffff78b3e97
   0x7ffff78b3f09:	mov    %rbx,%rdi
   0x7ffff78b3f0c:	callq  0x7ffff782a5a0 <fclose@plt>
   0x7ffff78b3f11:	jmpq   0x7ffff78b3bf7
   0x7ffff78b3f16:	mov    0x7078eb(%rip),%r11d        # 0x7ffff7fbb808
   0x7ffff78b3f1d:	dec    %r11d
   0x7ffff78b3f20:	test   %r11d,%r11d
   0x7ffff78b3f23:	mov    %r11d,0x7078de(%rip)        # 0x7ffff7fbb808
   0x7ffff78b3f2a:	je     0x7ffff78b3fe0
   0x7ffff78b3f30:	mov    0x4d8(%rsp),%eax
   0x7ffff78b3f37:	movl   $0x0,0x7078cb(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3f41:	jmpq   0x7ffff78b3933
   0x7ffff78b3f46:	mov    0x7041ab(%rip),%r10        # 0x7ffff7fb80f8
   0x7ffff78b3f4d:	lea    0x4d149c(%rip),%rsi        # 0x7ffff7d853f0
   0x7ffff78b3f54:	xor    %eax,%eax
   0x7ffff78b3f56:	mov    (%r10),%rdi
   0x7ffff78b3f59:	callq  0x7ffff78b0510
   0x7ffff78b3f5e:	mov    $0x2a,%eax
   0x7ffff78b3f63:	movl   $0x0,0x70789f(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b3f6d:	jmpq   0x7ffff78b3933
   0x7ffff78b3f72:	lea    0x4d134e(%rip),%rsi        # 0x7ffff7d852c7
   0x7ffff78b3f79:	lea    0x4c1ead(%rip),%rdi        # 0x7ffff7d75e2d
   0x7ffff78b3f80:	mov    $0x1,%edx
   0x7ffff78b3f85:	callq  0x7ffff782a690 <setenv@plt>
   0x7ffff78b3f8a:	lea    0x4d1309(%rip),%rdx        # 0x7ffff7d8529a
   0x7ffff78b3f91:	lea    0x4d1326(%rip),%rsi        # 0x7ffff7d852be
   0x7ffff78b3f98:	xor    %ecx,%ecx
   0x7ffff78b3f9a:	xor    %eax,%eax
   0x7ffff78b3f9c:	mov    %rsp,%rdi
   0x7ffff78b3f9f:	callq  0x7ffff782ac90 <execl@plt>
   0x7ffff78b3fa4:	test   %eax,%eax
   0x7ffff78b3fa6:	jns    0x7ffff78b3bf7
   0x7ffff78b3fac:	callq  0x7ffff782ab50 <__errno_location@plt>
   0x7ffff78b3fb1:	mov    (%rax),%edi
   0x7ffff78b3fb3:	callq  0x7ffff782a9b0 <strerror@plt>
   0x7ffff78b3fb8:	mov    0x704139(%rip),%r9        # 0x7ffff7fb80f8
   0x7ffff78b3fbf:	lea    0x4d1402(%rip),%rsi        # 0x7ffff7d853c8
   0x7ffff78b3fc6:	mov    %rax,%rcx
   0x7ffff78b3fc9:	mov    %rsp,%rdx
   0x7ffff78b3fcc:	xor    %eax,%eax
   0x7ffff78b3fce:	mov    (%r9),%rdi
   0x7ffff78b3fd1:	callq  0x7ffff78b0510
   0x7ffff78b3fd6:	mov    $0x1,%edi
   0x7ffff78b3fdb:	callq  0x7ffff782aa80 <exit@plt>
   0x7ffff78b3fe0:	mov    0x67609a(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b3fe6:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b3feb:	mov    0x7039be(%rip),%r13        # 0x7ffff7fb79b0
   0x7ffff78b3ff2:	mov    0x0(%r13),%rdi
   0x7ffff78b3ff6:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b3ffb:	movq   $0x0,0x0(%r13)
   0x7ffff78b4003:	
    movl   $0xffffffff,0x676073(%rip)        # 0x7ffff7f2a080
   0x7ffff78b400d:	jmpq   0x7ffff78b3f30
   0x7ffff78b4012:	movb   $0x0,(%rsp)
   0x7ffff78b4016:	jmpq   0x7ffff78b3b9b
   0x7ffff78b401b:	movabs $0x6f6d2f6e6962732f,%r8
   0x7ffff78b4025:	movl   $0x6f727064,0x8(%rsp)
   0x7ffff78b402d:	movw   $0x6562,0xc(%rsp)
   0x7ffff78b4034:	mov    %r8,(%rsp)
   0x7ffff78b4038:	movb   $0x0,0xe(%rsp)
   0x7ffff78b403d:	jmpq   0x7ffff78b3bac
   0x7ffff78b4042:	mov    0x7040af(%rip),%r12        # 0x7ffff7fb80f8
   0x7ffff78b4049:	lea    0x4d0a44(%rip),%rcx        # 0x7ffff7d84a94
   0x7ffff78b4050:	lea    0x4d13d1(%rip),%rsi        # 0x7ffff7d85428
   0x7ffff78b4057:	mov    %rbx,%rdx
   0x7ffff78b405a:	xor    %eax,%eax
   0x7ffff78b405c:	mov    (%r12),%rdi
   0x7ffff78b4060:	callq  0x7ffff782a700 <fprintf@plt>
   0x7ffff78b4065:	jmpq   0x7ffff78b3e78
   0x7ffff78b406a:	movb   $0x0,(%rsp,%rax,1)
   0x7ffff78b406e:	jmpq   0x7ffff78b3b9b
   0x7ffff78b4073:	data32 data32 xchg %ax,%ax
   0x7ffff78b4077:	data32 xchg %ax,%ax
   0x7ffff78b407a:	data32 xchg %ax,%ax
   0x7ffff78b407d:	data32 xchg %ax,%ax
   0x7ffff78b4080:	push   %rbp
   0x7ffff78b4081:	mov    %edx,%r11d
   0x7ffff78b4084:	xor    %r10d,%r10d
   0x7ffff78b4087:	mov    $0x1,%r9d
   0x7ffff78b408d:	push   %rbx
   0x7ffff78b408e:	sub    $0x28,%rsp
   0x7ffff78b4092:	mov    %r10d,%eax
   0x7ffff78b4095:	
    lock cmpxchg %r9d,0x70776e(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b409e:	setne  %dl
   0x7ffff78b40a1:	test   %dl,%dl
   0x7ffff78b40a3:	je     0x7ffff78b40f7
   0x7ffff78b40a5:	mov    0x707761(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b40ab:	test   %ebx,%ebx
   0x7ffff78b40ad:	je     0x7ffff78b4092
   0x7ffff78b40af:	mov    0x707757(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b40b5:	test   %ebx,%ebx
   0x7ffff78b40b7:	je     0x7ffff78b4092
   0x7ffff78b40b9:	mov    0x70774d(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b40bf:	test   %edx,%edx
   0x7ffff78b40c1:	je     0x7ffff78b4092
   0x7ffff78b40c3:	mov    0x707743(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b40c9:	test   %eax,%eax
   0x7ffff78b40cb:	je     0x7ffff78b4092
   0x7ffff78b40cd:	mov    0x707739(%rip),%ebp        # 0x7ffff7fbb80c
   0x7ffff78b40d3:	test   %ebp,%ebp
   0x7ffff78b40d5:	je     0x7ffff78b4092
   0x7ffff78b40d7:	mov    0x70772f(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b40dd:	test   %ebx,%ebx
   0x7ffff78b40df:	je     0x7ffff78b4092
   0x7ffff78b40e1:	mov    0x707725(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b40e7:	test   %edx,%edx
   0x7ffff78b40e9:	je     0x7ffff78b4092
   0x7ffff78b40eb:	mov    0x70771b(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b40f1:	test   %eax,%eax
   0x7ffff78b40f3:	jne    0x7ffff78b40a5
   0x7ffff78b40f5:	jmp    0x7ffff78b4092
   0x7ffff78b40f7:	mov    0x7044ea(%rip),%rbp        # 0x7ffff7fb85e8
   0x7ffff78b40fe:	mov    0x0(%rbp),%rbx
   0x7ffff78b4102:	test   %rbx,%rbx
   0x7ffff78b4105:	jne    0x7ffff78b411d
   0x7ffff78b4107:	jmpq   0x7ffff78b41a3
   0x7ffff78b410c:	data32 data32 xchg %ax,%ax
   0x7ffff78b4110:	mov    0x30(%rbx),%rbx
   0x7ffff78b4114:	test   %rbx,%rbx
   0x7ffff78b4117:	je     0x7ffff78b41a3
   0x7ffff78b411d:	cmp    (%rbx),%edi
   0x7ffff78b411f:	nop
   0x7ffff78b4120:	jne    0x7ffff78b4110
   0x7ffff78b4122:	cmp    0x4(%rbx),%esi
   0x7ffff78b4125:	jne    0x7ffff78b4110
   0x7ffff78b4127:	movl   $0x0,0x7076db(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4131:	xor    %eax,%eax
   0x7ffff78b4133:	mov    $0x1,%r9d
   0x7ffff78b4139:	
    lock cmpxchg %r9d,0x7076ce(%rip)        # 0x7ffff7fbb810
   0x7ffff78b4142:	setne  %dl
   0x7ffff78b4145:	test   %dl,%dl
   0x7ffff78b4147:	je     0x7ffff78b41bb
   0x7ffff78b4149:	mov    0x7076c0(%rip),%r10d        # 0x7ffff7fbb810
   0x7ffff78b4150:	test   %r10d,%r10d
   0x7ffff78b4153:	je     0x7ffff78b4131
   0x7ffff78b4155:	mov    0x7076b5(%rip),%ebp        # 0x7ffff7fbb810
   0x7ffff78b415b:	test   %ebp,%ebp
   0x7ffff78b415d:	je     0x7ffff78b4131
   0x7ffff78b415f:	mov    0x7076aa(%rip),%r9d        # 0x7ffff7fbb810
   0x7ffff78b4166:	test   %r9d,%r9d
   0x7ffff78b4169:	je     0x7ffff78b4131
   0x7ffff78b416b:	mov    0x70769e(%rip),%r10d        # 0x7ffff7fbb810
   0x7ffff78b4172:	test   %r10d,%r10d
   0x7ffff78b4175:	je     0x7ffff78b4131
   0x7ffff78b4177:	mov    0x707693(%rip),%edx        # 0x7ffff7fbb810
   0x7ffff78b417d:	test   %edx,%edx
   0x7ffff78b417f:	je     0x7ffff78b4131
   0x7ffff78b4181:	mov    0x707689(%rip),%eax        # 0x7ffff7fbb810
   0x7ffff78b4187:	test   %eax,%eax
   0x7ffff78b4189:	je     0x7ffff78b4131
   0x7ffff78b418b:	mov    0x70767f(%rip),%ebp        # 0x7ffff7fbb810
   0x7ffff78b4191:	test   %ebp,%ebp
   0x7ffff78b4193:	je     0x7ffff78b4131
   0x7ffff78b4195:	mov    0x707674(%rip),%r9d        # 0x7ffff7fbb810
   0x7ffff78b419c:	test   %r9d,%r9d
   0x7ffff78b419f:	jne    0x7ffff78b4149
   0x7ffff78b41a1:	jmp    0x7ffff78b4131
   0x7ffff78b41a3:	movl   $0x0,0x70765f(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b41ad:	mov    $0x2a,%edx
   0x7ffff78b41b2:	add    $0x28,%rsp
   0x7ffff78b41b6:	mov    %edx,%eax
   0x7ffff78b41b8:	pop    %rbx
   0x7ffff78b41b9:	pop    %rbp
   0x7ffff78b41ba:	retq   
   0x7ffff78b41bb:	mov    0x20(%rbx),%rbp
   0x7ffff78b41bf:	test   %rbp,%rbp
   0x7ffff78b41c2:	jne    0x7ffff78b41dd
   0x7ffff78b41c4:	jmpq   0x7ffff78b42f0
   0x7ffff78b41c9:	data32 data32 xchg %ax,%ax
   0x7ffff78b41cd:	data32 xchg %ax,%ax
   0x7ffff78b41d0:	mov    0x38(%rbp),%rbp
   0x7ffff78b41d4:	test   %rbp,%rbp
   0x7ffff78b41d7:	je     0x7ffff78b42f0
   0x7ffff78b41dd:	cmp    0x0(%rbp),%rcx
   0x7ffff78b41e1:	jne    0x7ffff78b41d0
   0x7ffff78b41e3:	movq   $0x0,(%rsp)
   0x7ffff78b41eb:	movq   $0x0,0x8(%rsp)
   0x7ffff78b41f4:	movl   $0x0,0x707612(%rip)        # 0x7ffff7fbb810
   0x7ffff78b41fe:	movq   $0x0,0x10(%rsp)
   0x7ffff78b4207:	movq   $0x0,0x18(%rsp)
   0x7ffff78b4210:	mov    %edi,(%rsp)
   0x7ffff78b4213:	mov    %esi,0x4(%rsp)
   0x7ffff78b4217:	mov    %r11d,0x8(%rsp)
   0x7ffff78b421c:	mov    0x28(%rbx),%rdi
   0x7ffff78b4220:	mov    0x18(%rbp),%rsi
   0x7ffff78b4224:	mov    0x20(%rdi),%rdx
   0x7ffff78b4228:	cmp    %rdx,%rsi
   0x7ffff78b422b:	jb     0x7ffff78b4247
   0x7ffff78b422d:	add    0x28(%rdi),%rdx
   0x7ffff78b4231:	mov    %rsi,%r11
   0x7ffff78b4234:	add    0x10(%rbp),%r11
   0x7ffff78b4238:	dec    %rdx
   0x7ffff78b423b:	dec    %r11
   0x7ffff78b423e:	cmp    %rdx,%r11
   0x7ffff78b4241:	jbe    0x7ffff78b4308
   0x7ffff78b4247:	mov    %rsi,0x10(%rsp)
   0x7ffff78b424c:	mov    0x675e2e(%rip),%edi        # 0x7ffff7f2a080
   0x7ffff78b4252:	mov    %rsp,%rdx
   0x7ffff78b4255:	xor    %eax,%eax
   0x7ffff78b4257:	mov    $0xc020464f,%esi
   0x7ffff78b425c:	mov    %r8d,0x1c(%rsp)
   0x7ffff78b4261:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b4266:	test   %eax,%eax
   0x7ffff78b4268:	mov    $0x2a,%edx
   0x7ffff78b426d:	js     0x7ffff78b41b2
   0x7ffff78b4273:	mov    0x18(%rsp),%edx
   0x7ffff78b4277:	test   %edx,%edx
   0x7ffff78b4279:	jne    0x7ffff78b41b2
   0x7ffff78b427f:	xor    %eax,%eax
   0x7ffff78b4281:	mov    $0x1,%ecx
   0x7ffff78b4286:	
    lock cmpxchg %ecx,0x707582(%rip)        # 0x7ffff7fbb810
   0x7ffff78b428e:	setne  %dl
   0x7ffff78b4291:	test   %dl,%dl
   0x7ffff78b4293:	je     0x7ffff78b4312
   0x7ffff78b4295:	mov    0x707575(%rip),%esi        # 0x7ffff7fbb810
   0x7ffff78b429b:	test   %esi,%esi
   0x7ffff78b429d:	je     0x7ffff78b427f
   0x7ffff78b429f:	mov    0x70756a(%rip),%r10d        # 0x7ffff7fbb810
   0x7ffff78b42a6:	test   %r10d,%r10d
   0x7ffff78b42a9:	je     0x7ffff78b427f
   0x7ffff78b42ab:	mov    0x70755e(%rip),%r11d        # 0x7ffff7fbb810
   0x7ffff78b42b2:	test   %r11d,%r11d
   0x7ffff78b42b5:	je     0x7ffff78b427f
   0x7ffff78b42b7:	mov    0x707553(%rip),%edx        # 0x7ffff7fbb810
   0x7ffff78b42bd:	test   %edx,%edx
   0x7ffff78b42bf:	je     0x7ffff78b427f
   0x7ffff78b42c1:	mov    0x707549(%rip),%eax        # 0x7ffff7fbb810
   0x7ffff78b42c7:	test   %eax,%eax
   0x7ffff78b42c9:	je     0x7ffff78b427f
   0x7ffff78b42cb:	mov    0x70753f(%rip),%ecx        # 0x7ffff7fbb810
   0x7ffff78b42d1:	test   %ecx,%ecx
   0x7ffff78b42d3:	je     0x7ffff78b427f
   0x7ffff78b42d5:	mov    0x707535(%rip),%esi        # 0x7ffff7fbb810
   0x7ffff78b42db:	test   %esi,%esi
   0x7ffff78b42dd:	je     0x7ffff78b427f
   0x7ffff78b42df:	mov    0x70752b(%rip),%edi        # 0x7ffff7fbb810
   0x7ffff78b42e5:	test   %edi,%edi
   0x7ffff78b42e7:	jne    0x7ffff78b4295
   0x7ffff78b42e9:	jmp    0x7ffff78b427f
   0x7ffff78b42eb:	data32 xchg %ax,%ax
   0x7ffff78b42ee:	xchg   %ax,%ax
   0x7ffff78b42f0:	movl   $0x0,0x707516(%rip)        # 0x7ffff7fbb810
   0x7ffff78b42fa:	add    $0x28,%rsp
   0x7ffff78b42fe:	mov    $0x2a,%edx
   0x7ffff78b4303:	pop    %rbx
   0x7ffff78b4304:	pop    %rbp
   0x7ffff78b4305:	mov    %edx,%eax
   0x7ffff78b4307:	retq   
   0x7ffff78b4308:	mov    %rcx,0x10(%rsp)
   0x7ffff78b430d:	jmpq   0x7ffff78b424c
   0x7ffff78b4312:	mov    0x28(%rbp),%edi
   0x7ffff78b4315:	dec    %edi
   0x7ffff78b4317:	test   %edi,%edi
   0x7ffff78b4319:	mov    %edi,0x28(%rbp)
   0x7ffff78b431c:	je     0x7ffff78b4331
   0x7ffff78b431e:	movl   $0x0,0x7074e8(%rip)        # 0x7ffff7fbb810
   0x7ffff78b4328:	mov    0x18(%rsp),%edx
   0x7ffff78b432c:	jmpq   0x7ffff78b41b2
   0x7ffff78b4331:	mov    0x30(%rbp),%rdx
   0x7ffff78b4335:	test   %rdx,%rdx
   0x7ffff78b4338:	je     0x7ffff78b4342
   0x7ffff78b433a:	mov    0x38(%rbp),%r8
   0x7ffff78b433e:	mov    %r8,0x38(%rdx)
   0x7ffff78b4342:	cmp    0x20(%rbx),%rbp
   0x7ffff78b4346:	jne    0x7ffff78b4350
   0x7ffff78b4348:	mov    0x38(%rbp),%r9
   0x7ffff78b434c:	mov    %r9,0x20(%rbx)
   0x7ffff78b4350:	mov    0x38(%rbp),%rdx
   0x7ffff78b4354:	test   %rdx,%rdx
   0x7ffff78b4357:	je     0x7ffff78b4361
   0x7ffff78b4359:	mov    0x30(%rbp),%rbx
   0x7ffff78b435d:	mov    %rbx,0x30(%rdx)
   0x7ffff78b4361:	movl   $0x0,0x7074a5(%rip)        # 0x7ffff7fbb810
   0x7ffff78b436b:	callq  0x7ffff782a4b0 <getpagesize@plt>
   0x7ffff78b4370:	movslq %eax,%rdi
   0x7ffff78b4373:	mov    0x8(%rbp),%rsi
   0x7ffff78b4377:	neg    %rdi
   0x7ffff78b437a:	and    0x0(%rbp),%rdi
   0x7ffff78b437e:	callq  0x7ffff782a8d0 <munmap@plt>
   0x7ffff78b4383:	mov    %rbp,%rdi
   0x7ffff78b4386:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b438b:	jmp    0x7ffff78b4328
   0x7ffff78b438d:	data32 xchg %ax,%ax
   0x7ffff78b4390:	push   %r12
   0x7ffff78b4392:	xor    %r8d,%r8d
   0x7ffff78b4395:	mov    $0x1,%ecx
   0x7ffff78b439a:	push   %rbp
   0x7ffff78b439b:	mov    %edx,%ebp
   0x7ffff78b439d:	push   %rbx
   0x7ffff78b439e:	sub    $0x10,%rsp
   0x7ffff78b43a2:	mov    %r8d,%eax
   0x7ffff78b43a5:	
    lock cmpxchg %ecx,0x70745f(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b43ad:	setne  %dl
   0x7ffff78b43b0:	test   %dl,%dl
   0x7ffff78b43b2:	je     0x7ffff78b440e
   0x7ffff78b43b4:	mov    0x707452(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b43ba:	test   %ebx,%ebx
   0x7ffff78b43bc:	je     0x7ffff78b43a2
   0x7ffff78b43be:	mov    0x707447(%rip),%r12d        # 0x7ffff7fbb80c
   0x7ffff78b43c5:	test   %r12d,%r12d
   0x7ffff78b43c8:	je     0x7ffff78b43a2
   0x7ffff78b43ca:	mov    0x70743c(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b43d0:	test   %eax,%eax
   0x7ffff78b43d2:	je     0x7ffff78b43a2
   0x7ffff78b43d4:	mov    0x707432(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b43da:	test   %ebx,%ebx
   0x7ffff78b43dc:	je     0x7ffff78b43a2
   0x7ffff78b43de:	mov    0x707427(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b43e5:	test   %r9d,%r9d
   0x7ffff78b43e8:	je     0x7ffff78b43a2
   0x7ffff78b43ea:	mov    0x70741b(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b43f1:	test   %r10d,%r10d
   0x7ffff78b43f4:	je     0x7ffff78b43a2
   0x7ffff78b43f6:	mov    0x70740f(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b43fd:	test   %r11d,%r11d
   0x7ffff78b4400:	je     0x7ffff78b43a2
   0x7ffff78b4402:	mov    0x707404(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b4408:	test   %edx,%edx
   0x7ffff78b440a:	jne    0x7ffff78b43b4
   0x7ffff78b440c:	jmp    0x7ffff78b43a2
   0x7ffff78b440e:	mov    0x7041d3(%rip),%rcx        # 0x7ffff7fb85e8
   0x7ffff78b4415:	mov    (%rcx),%rbx
   0x7ffff78b4418:	test   %rbx,%rbx
   0x7ffff78b441b:	jne    0x7ffff78b4429
   0x7ffff78b441d:	jmp    0x7ffff78b4443
   0x7ffff78b441f:	nop
   0x7ffff78b4420:	mov    0x30(%rbx),%rbx
   0x7ffff78b4424:	test   %rbx,%rbx
   0x7ffff78b4427:	je     0x7ffff78b4443
   0x7ffff78b4429:	cmp    (%rbx),%edi
   0x7ffff78b442b:	data32 xchg %ax,%ax
   0x7ffff78b442e:	xchg   %ax,%ax
   0x7ffff78b4430:	jne    0x7ffff78b4420
   0x7ffff78b4432:	cmp    0x4(%rbx),%esi
   0x7ffff78b4435:	jne    0x7ffff78b4420
   0x7ffff78b4437:	movl   $0x0,0x7073cb(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4441:	jmp    0x7ffff78b4462
   0x7ffff78b4443:	mov    0x703566(%rip),%r8        # 0x7ffff7fb79b0
   0x7ffff78b444a:	movl   $0x0,0x7073b8(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4454:	mov    $0x1d,%r12d
   0x7ffff78b445a:	mov    (%r8),%rbx
   0x7ffff78b445d:	test   %rbx,%rbx
   0x7ffff78b4460:	je     0x7ffff78b44b0
   0x7ffff78b4462:	mov    0x10(%rbx),%rax
   0x7ffff78b4466:	test   %rax,%rax
   0x7ffff78b4469:	jne    0x7ffff78b4479
   0x7ffff78b446b:	jmp    0x7ffff78b44bc
   0x7ffff78b446d:	data32 xchg %ax,%ax
   0x7ffff78b4470:	mov    0x10(%rax),%rax
   0x7ffff78b4474:	test   %rax,%rax
   0x7ffff78b4477:	je     0x7ffff78b44bc
   0x7ffff78b4479:	cmp    (%rax),%ebp
   0x7ffff78b447b:	data32 xchg %ax,%ax
   0x7ffff78b447e:	xchg   %ax,%ax
   0x7ffff78b4480:	jne    0x7ffff78b4470
   0x7ffff78b4482:	mov    %edi,(%rsp)
   0x7ffff78b4485:	mov    %esi,0x4(%rsp)
   0x7ffff78b4489:	xor    %eax,%eax
   0x7ffff78b448b:	mov    %rsp,%rdx
   0x7ffff78b448e:	mov    $0xc01046cf,%esi
   0x7ffff78b4493:	mov    %ebp,%edi
   0x7ffff78b4495:	movl   $0x0,0xc(%rsp)
   0x7ffff78b449d:	mov    %ebp,0x8(%rsp)
   0x7ffff78b44a1:	mov    $0x2a,%r12d
   0x7ffff78b44a7:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b44ac:	test   %eax,%eax
   0x7ffff78b44ae:	jns    0x7ffff78b44ce
   0x7ffff78b44b0:	add    $0x10,%rsp
   0x7ffff78b44b4:	mov    %r12d,%eax
   0x7ffff78b44b7:	pop    %rbx
   0x7ffff78b44b8:	pop    %rbp
   0x7ffff78b44b9:	pop    %r12
   0x7ffff78b44bb:	retq   
   0x7ffff78b44bc:	add    $0x10,%rsp
   0x7ffff78b44c0:	mov    $0x11,%r12d
   0x7ffff78b44c6:	pop    %rbx
   0x7ffff78b44c7:	pop    %rbp
   0x7ffff78b44c8:	mov    %r12d,%eax
   0x7ffff78b44cb:	pop    %r12
   0x7ffff78b44cd:	retq   
   0x7ffff78b44ce:	mov    0xc(%rsp),%r12d
   0x7ffff78b44d3:	test   %r12d,%r12d
   0x7ffff78b44d6:	jne    0x7ffff78b44b0
   0x7ffff78b44d8:	mov    0x7034d1(%rip),%rsi        # 0x7ffff7fb79b0
   0x7ffff78b44df:	mov    (%rsi),%rax
   0x7ffff78b44e2:	cmp    %rbx,%rax
   0x7ffff78b44e5:	je     0x7ffff78b44f6
   0x7ffff78b44e7:	mov    %ebp,%esi
   0x7ffff78b44e9:	mov    %rbx,%rdi
   0x7ffff78b44ec:	callq  0x7ffff78afd90
   0x7ffff78b44f1:	mov    %eax,%r12d
   0x7ffff78b44f4:	jmp    0x7ffff78b44b0
   0x7ffff78b44f6:	mov    0x10(%rax),%rdi
   0x7ffff78b44fa:	test   %rdi,%rdi
   0x7ffff78b44fd:	jne    0x7ffff78b450b
   0x7ffff78b44ff:	nop
   0x7ffff78b4500:	jmp    0x7ffff78b453f
   0x7ffff78b4502:	mov    0x10(%rdi),%rdi
   0x7ffff78b4506:	test   %rdi,%rdi
   0x7ffff78b4509:	je     0x7ffff78b453f
   0x7ffff78b450b:	cmp    (%rdi),%ebp
   0x7ffff78b450d:	data32 xchg %ax,%ax
   0x7ffff78b4510:	jne    0x7ffff78b4502
   0x7ffff78b4512:	lea    0x10(%rax),%rcx
   0x7ffff78b4516:	mov    0x10(%rax),%rax
   0x7ffff78b451a:	test   %rax,%rax
   0x7ffff78b451d:	je     0x7ffff78b452d
   0x7ffff78b451f:	cmp    %rdi,%rax
   0x7ffff78b4522:	je     0x7ffff78b455a
   0x7ffff78b4524:	mov    0x10(%rax),%rax
   0x7ffff78b4528:	test   %rax,%rax
   0x7ffff78b452b:	jne    0x7ffff78b451f
   0x7ffff78b452d:	mov    $0xffffffff,%r12d
   0x7ffff78b4533:	mov    %ebp,%edi
   0x7ffff78b4535:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b453a:	jmpq   0x7ffff78b44b0
   0x7ffff78b453f:	cmp    0xc(%rax),%ebp
   0x7ffff78b4542:	mov    %ebp,%edi
   0x7ffff78b4544:	setne  %dl
   0x7ffff78b4547:	shr    $0x1f,%edi
   0x7ffff78b454a:	or     %dil,%dl
   0x7ffff78b454d:	je     0x7ffff78b4533
   0x7ffff78b454f:	mov    $0xffffffff,%r12d
   0x7ffff78b4555:	jmpq   0x7ffff78b44b0
   0x7ffff78b455a:	mov    0x8(%rdi),%rdx
   0x7ffff78b455e:	test   %rdx,%rdx
   0x7ffff78b4561:	je     0x7ffff78b4583
   0x7ffff78b4563:	mov    0x10(%rdi),%r9
   0x7ffff78b4567:	mov    %r9,0x10(%rdx)
   0x7ffff78b456b:	mov    0x10(%rdi),%rdx
   0x7ffff78b456f:	test   %rdx,%rdx
   0x7ffff78b4572:	je     0x7ffff78b457c
   0x7ffff78b4574:	mov    0x8(%rdi),%r11
   0x7ffff78b4578:	mov    %r11,0x8(%rdx)
   0x7ffff78b457c:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b4581:	jmp    0x7ffff78b4533
   0x7ffff78b4583:	mov    0x10(%rdi),%r10
   0x7ffff78b4587:	mov    %r10,(%rcx)
   0x7ffff78b458a:	jmp    0x7ffff78b456b
   0x7ffff78b458c:	data32 data32 xchg %ax,%ax
   0x7ffff78b4590:	push   %r15
   0x7ffff78b4592:	mov    $0x22,%eax
   0x7ffff78b4597:	push   %r14
   0x7ffff78b4599:	mov    %esi,%r14d
   0x7ffff78b459c:	push   %r13
   0x7ffff78b459e:	mov    %rcx,%r13
   0x7ffff78b45a1:	push   %r12
   0x7ffff78b45a3:	mov    %edi,%r12d
   0x7ffff78b45a6:	push   %rbp
   0x7ffff78b45a7:	push   %rbx
   0x7ffff78b45a8:	sub    $0xb8,%rsp
   0x7ffff78b45af:	test   %rcx,%rcx
   0x7ffff78b45b2:	mov    %rdx,0x8(%rsp)
   0x7ffff78b45b7:	je     0x7ffff78b46c2
   0x7ffff78b45bd:	data32 xchg %ax,%ax
   0x7ffff78b45c0:	xor    %eax,%eax
   0x7ffff78b45c2:	mov    $0x1,%ecx
   0x7ffff78b45c7:	
    lock cmpxchg %ecx,0x70723d(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b45cf:	setne  %dl
   0x7ffff78b45d2:	test   %dl,%dl
   0x7ffff78b45d4:	je     0x7ffff78b46d4
   0x7ffff78b45da:	mov    0x70722c(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b45e0:	test   %ebx,%ebx
   0x7ffff78b45e2:	je     0x7ffff78b45c0
   0x7ffff78b45e4:	mov    0x707222(%rip),%ebp        # 0x7ffff7fbb80c
   0x7ffff78b45ea:	test   %ebp,%ebp
   0x7ffff78b45ec:	je     0x7ffff78b45c0
   0x7ffff78b45ee:	mov    0x707218(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b45f4:	test   %edx,%edx
   0x7ffff78b45f6:	je     0x7ffff78b45c0
   0x7ffff78b45f8:	mov    0x70720e(%rip),%ecx        # 0x7ffff7fbb80c
   0x7ffff78b45fe:	test   %ecx,%ecx
   0x7ffff78b4600:	je     0x7ffff78b45c0
   0x7ffff78b4602:	mov    0x707204(%rip),%esi        # 0x7ffff7fbb80c
   0x7ffff78b4608:	test   %esi,%esi
   0x7ffff78b460a:	je     0x7ffff78b45c0
   0x7ffff78b460c:	mov    0x7071fa(%rip),%edi        # 0x7ffff7fbb80c
   0x7ffff78b4612:	test   %edi,%edi
   0x7ffff78b4614:	je     0x7ffff78b45c0
   0x7ffff78b4616:	mov    0x7071f0(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b461c:	test   %ebx,%ebx
   0x7ffff78b461e:	je     0x7ffff78b45c0
   0x7ffff78b4620:	mov    0x7071e5(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b4627:	test   %r9d,%r9d
   0x7ffff78b462a:	jne    0x7ffff78b45da
   0x7ffff78b462c:	jmp    0x7ffff78b45c0
   0x7ffff78b462e:	mov    %rax,0x8(%rbx)
   0x7ffff78b4632:	mov    %rbx,0x10(%rax)
   0x7ffff78b4636:	mov    0x0(%r13),%edi
   0x7ffff78b463a:	lea    0x90(%rsp),%rdx
   0x7ffff78b4642:	xor    %eax,%eax
   0x7ffff78b4644:	mov    $0xc01446ce,%esi
   0x7ffff78b4649:	mov    %edi,(%rbx)
   0x7ffff78b464b:	movq   $0x0,0x90(%rsp)
   0x7ffff78b4657:	movq   $0x0,0x98(%rsp)
   0x7ffff78b4663:	movl   $0x0,0xa0(%rsp)
   0x7ffff78b466e:	mov    %r12d,0x90(%rsp)
   0x7ffff78b4676:	mov    %r14d,0x94(%rsp)
   0x7ffff78b467e:	mov    %edi,0x9c(%rsp)
   0x7ffff78b4685:	callq  0x7ffff782ab20 <ioctl@plt>
   0x7ffff78b468a:	test   %eax,%eax
   0x7ffff78b468c:	js     0x7ffff78b49f8
   0x7ffff78b4692:	mov    0xa0(%rsp),%r8d
   0x7ffff78b469a:	test   %r8d,%r8d
   0x7ffff78b469d:	jne    0x7ffff78b4a03
   0x7ffff78b46a3:	mov    0x98(%rsp),%edx
   0x7ffff78b46aa:	xor    %eax,%eax
   0x7ffff78b46ac:	mov    %edx,0x4(%rbx)
   0x7ffff78b46af:	cmpq   $0x0,0x8(%rsp)
   0x7ffff78b46b5:	je     0x7ffff78b46c2
   0x7ffff78b46b7:	mov    0x8(%rsp),%r13
   0x7ffff78b46bc:	xor    %eax,%eax
   0x7ffff78b46be:	mov    %edx,0x0(%r13)
   0x7ffff78b46c2:	add    $0xb8,%rsp
   0x7ffff78b46c9:	pop    %rbx
   0x7ffff78b46ca:	pop    %rbp
   0x7ffff78b46cb:	pop    %r12
   0x7ffff78b46cd:	pop    %r13
   0x7ffff78b46cf:	pop    %r14
   0x7ffff78b46d1:	pop    %r15
   0x7ffff78b46d3:	retq   
   0x7ffff78b46d4:	mov    0x703f0d(%rip),%rsi        # 0x7ffff7fb85e8
   0x7ffff78b46db:	mov    (%rsi),%rbp
   0x7ffff78b46de:	test   %rbp,%rbp
   0x7ffff78b46e1:	jne    0x7ffff78b46f5
   0x7ffff78b46e3:	jmpq   0x7ffff78b47bf
   0x7ffff78b46e8:	mov    0x30(%rbp),%rbp
   0x7ffff78b46ec:	test   %rbp,%rbp
   0x7ffff78b46ef:	je     0x7ffff78b47bf
   0x7ffff78b46f5:	cmp    0x0(%rbp),%r12d
   0x7ffff78b46f9:	jne    0x7ffff78b46e8
   0x7ffff78b46fb:	cmp    0x4(%rbp),%r14d
   0x7ffff78b46ff:	nop
   0x7ffff78b4700:	jne    0x7ffff78b46e8
   0x7ffff78b4702:	movl   $0x0,0x707100(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b470c:	mov    0x704edd(%rip),%rcx        # 0x7ffff7fb95f0
   0x7ffff78b4713:	xor    %edx,%edx
   0x7ffff78b4715:	mov    0x28(%rbp),%rdi
   0x7ffff78b4719:	cmp    %rdi,%rcx
   0x7ffff78b471c:	je     0x7ffff78b48ce
   0x7ffff78b4722:	lea    0x38(%rcx),%rbx
   0x7ffff78b4726:	lea    0x1(%rdx),%esi
   0x7ffff78b4729:	cmp    %rdi,%rbx
   0x7ffff78b472c:	mov    %esi,%edx
   0x7ffff78b472e:	je     0x7ffff78b48ce
   0x7ffff78b4734:	lea    0x70(%rcx),%r9
   0x7ffff78b4738:	inc    %edx
   0x7ffff78b473a:	cmp    %rdi,%r9
   0x7ffff78b473d:	je     0x7ffff78b48ce
   0x7ffff78b4743:	lea    0xa8(%rcx),%r10
   0x7ffff78b474a:	lea    0x2(%rsi),%edx
   0x7ffff78b474d:	cmp    %rdi,%r10
   0x7ffff78b4750:	je     0x7ffff78b48ce
   0x7ffff78b4756:	lea    0xe0(%rcx),%r11
   0x7ffff78b475d:	lea    0x3(%rsi),%edx
   0x7ffff78b4760:	cmp    %rdi,%r11
   0x7ffff78b4763:	je     0x7ffff78b48ce
   0x7ffff78b4769:	lea    0x118(%rcx),%rax
   0x7ffff78b4770:	lea    0x4(%rsi),%edx
   0x7ffff78b4773:	cmp    %rdi,%rax
   0x7ffff78b4776:	je     0x7ffff78b48ce
   0x7ffff78b477c:	lea    0x150(%rcx),%r15
   0x7ffff78b4783:	lea    0x5(%rsi),%edx
   0x7ffff78b4786:	cmp    %rdi,%r15
   0x7ffff78b4789:	je     0x7ffff78b48ce
   0x7ffff78b478f:	lea    0x188(%rcx),%r8
   0x7ffff78b4796:	lea    0x6(%rsi),%edx
   0x7ffff78b4799:	cmp    %rdi,%r8
   0x7ffff78b479c:	je     0x7ffff78b48ce
   0x7ffff78b47a2:	lea    0x7(%rsi),%edx
   0x7ffff78b47a5:	add    $0x1c0,%rcx
   0x7ffff78b47ac:	cmp    $0x20,%edx
   0x7ffff78b47af:	jne    0x7ffff78b4719
   0x7ffff78b47b5:	mov    $0x2a,%eax
   0x7ffff78b47ba:	jmpq   0x7ffff78b46c2
   0x7ffff78b47bf:	mov    0x7031ea(%rip),%rdi        # 0x7ffff7fb79b0
   0x7ffff78b47c6:	lea    0x10(%rsp),%r15
   0x7ffff78b47cb:	lea    0x4d0afb(%rip),%rdx        # 0x7ffff7d852cd
   0x7ffff78b47d2:	mov    $0x80,%esi
   0x7ffff78b47d7:	xor    %eax,%eax
   0x7ffff78b47d9:	movl   $0x0,0x707029(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b47e3:	movl   $0x2a,0xac(%rsp)
   0x7ffff78b47ee:	mov    (%rdi),%rbp
   0x7ffff78b47f1:	mov    %r15,%rdi
   0x7ffff78b47f4:	callq  0x7ffff782a740 <snprintf@plt>
   0x7ffff78b47f9:	mov    $0xff,%esi
   0x7ffff78b47fe:	mov    %r15,%rdi
   0x7ffff78b4801:	callq  0x7ffff78b0050
   0x7ffff78b4806:	xor    %eax,%eax
   0x7ffff78b4808:	mov    $0x2,%esi
   0x7ffff78b480d:	mov    %r15,%rdi
   0x7ffff78b4810:	callq  0x7ffff782a360 <open64@plt>
   0x7ffff78b4815:	test   %eax,%eax
   0x7ffff78b4817:	js     0x7ffff78b48c4
   0x7ffff78b481d:	movl   $0x0,0xac(%rsp)
   0x7ffff78b4828:	mov    %eax,0x0(%r13)
   0x7ffff78b482c:	mov    0x0(%r13),%r8d
   0x7ffff78b4830:	test   %r8d,%r8d
   0x7ffff78b4833:	js     0x7ffff78b48b8
   0x7ffff78b4839:	mov    %rbp,%r15
   0x7ffff78b483c:	add    $0x10,%r15
   0x7ffff78b4840:	jne    0x7ffff78b490b
   0x7ffff78b4846:	mov    0x703163(%rip),%r9        # 0x7ffff7fb79b0
   0x7ffff78b484d:	cmp    (%r9),%rbp
   0x7ffff78b4850:	je     0x7ffff78b4870
   0x7ffff78b4852:	mov    0x0(%r13),%esi
   0x7ffff78b4856:	mov    %rbp,%rdi
   0x7ffff78b4859:	callq  0x7ffff78afd90
   0x7ffff78b485e:	mov    $0x2a,%eax
   0x7ffff78b4863:	movl   $0xffffffff,0x0(%r13)
   0x7ffff78b486b:	jmpq   0x7ffff78b46c2
   0x7ffff78b4870:	test   %rbp,%rbp
   0x7ffff78b4873:	mov    0x0(%r13),%ebx
   0x7ffff78b4877:	je     0x7ffff78b48af
   0x7ffff78b4879:	mov    0x10(%rbp),%rdi
   0x7ffff78b487d:	test   %rdi,%rdi
   0x7ffff78b4880:	jne    0x7ffff78b488d
   0x7ffff78b4882:	jmp    0x7ffff78b48f2
   0x7ffff78b4884:	mov    0x10(%rdi),%rdi
   0x7ffff78b4888:	test   %rdi,%rdi
   0x7ffff78b488b:	je     0x7ffff78b48f2
   0x7ffff78b488d:	cmp    (%rdi),%ebx
   0x7ffff78b488f:	nop
   0x7ffff78b4890:	jne    0x7ffff78b4884
   0x7ffff78b4892:	mov    (%r15),%rax
   0x7ffff78b4895:	test   %rax,%rax
   0x7ffff78b4898:	je     0x7ffff78b48af
   0x7ffff78b489a:	cmp    %rax,%rdi
   0x7ffff78b489d:	data32 xchg %ax,%ax
   0x7ffff78b48a0:	je     0x7ffff78b49c8
   0x7ffff78b48a6:	mov    0x10(%rax),%rax
   0x7ffff78b48aa:	test   %rax,%rax
   0x7ffff78b48ad:	jne    0x7ffff78b489a
   0x7ffff78b48af:	mov    %ebx,%edi
   0x7ffff78b48b1:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b48b6:	jmp    0x7ffff78b485e
   0x7ffff78b48b8:	mov    0xac(%rsp),%eax
   0x7ffff78b48bf:	jmpq   0x7ffff78b46c2
   0x7ffff78b48c4:	mov    $0xffffffff,%eax
   0x7ffff78b48c9:	jmpq   0x7ffff78b4828
   0x7ffff78b48ce:	test   %edx,%edx
   0x7ffff78b48d0:	js     0x7ffff78b47b5
   0x7ffff78b48d6:	lea    0xac(%rsp),%rcx
   0x7ffff78b48de:	mov    %rbp,%rsi
   0x7ffff78b48e1:	mov    %r12d,%edi
   0x7ffff78b48e4:	callq  0x7ffff78b0270
   0x7ffff78b48e9:	mov    %eax,0x0(%r13)
   0x7ffff78b48ed:	jmpq   0x7ffff78b482c
   0x7ffff78b48f2:	cmp    0xc(%rbp),%ebx
   0x7ffff78b48f5:	mov    %ebx,%r12d
   0x7ffff78b48f8:	setne  %r14b
   0x7ffff78b48fc:	shr    $0x1f,%r12d
   0x7ffff78b4900:	or     %r12b,%r14b
   0x7ffff78b4903:	jne    0x7ffff78b485e
   0x7ffff78b4909:	jmp    0x7ffff78b48af
   0x7ffff78b490b:	mov    $0x18,%edi
   0x7ffff78b4910:	callq  0x7ffff782a470 <malloc@plt>
   0x7ffff78b4915:	test   %rax,%rax
   0x7ffff78b4918:	mov    %rax,%rbx
   0x7ffff78b491b:	je     0x7ffff78b4846
   0x7ffff78b4921:	movq   $0x0,0x10(%rax)
   0x7ffff78b4929:	movl   $0xffffffff,(%rax)
   0x7ffff78b492f:	movl   $0x0,0x4(%rax)
   0x7ffff78b4936:	mov    0x10(%rbp),%rax
   0x7ffff78b493a:	test   %rax,%rax
   0x7ffff78b493d:	je     0x7ffff78b4a85
   0x7ffff78b4943:	mov    0x10(%rax),%rdx
   0x7ffff78b4947:	test   %rdx,%rdx
   0x7ffff78b494a:	je     0x7ffff78b462e
   0x7ffff78b4950:	mov    %rdx,%rax
   0x7ffff78b4953:	mov    0x10(%rdx),%rdx
   0x7ffff78b4957:	test   %rdx,%rdx
   0x7ffff78b495a:	je     0x7ffff78b462e
   0x7ffff78b4960:	mov    %rdx,%rax
   0x7ffff78b4963:	mov    0x10(%rdx),%rdx
   0x7ffff78b4967:	test   %rdx,%rdx
   0x7ffff78b496a:	je     0x7ffff78b462e
   0x7ffff78b4970:	mov    %rdx,%rax
   0x7ffff78b4973:	mov    0x10(%rdx),%rdx
   0x7ffff78b4977:	test   %rdx,%rdx
   0x7ffff78b497a:	je     0x7ffff78b462e
   0x7ffff78b4980:	mov    %rdx,%rax
   0x7ffff78b4983:	mov    0x10(%rdx),%rdx
   0x7ffff78b4987:	test   %rdx,%rdx
   0x7ffff78b498a:	je     0x7ffff78b462e
   0x7ffff78b4990:	mov    %rdx,%rax
   0x7ffff78b4993:	mov    0x10(%rdx),%rdx
   0x7ffff78b4997:	test   %rdx,%rdx
   0x7ffff78b499a:	je     0x7ffff78b462e
   0x7ffff78b49a0:	mov    %rdx,%rax
   0x7ffff78b49a3:	mov    0x10(%rdx),%rdx
   0x7ffff78b49a7:	test   %rdx,%rdx
   0x7ffff78b49aa:	je     0x7ffff78b462e
   0x7ffff78b49b0:	mov    %rdx,%rax
   0x7ffff78b49b3:	mov    0x10(%rdx),%rdx
   0x7ffff78b49b7:	test   %rdx,%rdx
   0x7ffff78b49ba:	je     0x7ffff78b462e
   0x7ffff78b49c0:	mov    %rdx,%rax
   0x7ffff78b49c3:	jmpq   0x7ffff78b4943
   0x7ffff78b49c8:	mov    0x8(%rdi),%rdx
   0x7ffff78b49cc:	test   %rdx,%rdx
   0x7ffff78b49cf:	je     0x7ffff78b4a77
   0x7ffff78b49d5:	mov    0x10(%rdi),%rbp
   0x7ffff78b49d9:	mov    %rbp,0x10(%rdx)
   0x7ffff78b49dd:	mov    0x10(%rdi),%rdx
   0x7ffff78b49e1:	test   %rdx,%rdx
   0x7ffff78b49e4:	je     0x7ffff78b49ee
   0x7ffff78b49e6:	mov    0x8(%rdi),%r11
   0x7ffff78b49ea:	mov    %r11,0x8(%rdx)
   0x7ffff78b49ee:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b49f3:	jmpq   0x7ffff78b48af
   0x7ffff78b49f8:	movl   $0x2a,0xa0(%rsp)
   0x7ffff78b4a03:	mov    0x702fa6(%rip),%rdx        # 0x7ffff7fb79b0
   0x7ffff78b4a0a:	cmp    (%rdx),%rbp
   0x7ffff78b4a0d:	je     0x7ffff78b4a2f
   0x7ffff78b4a0f:	mov    0x0(%r13),%esi
   0x7ffff78b4a13:	mov    %rbp,%rdi
   0x7ffff78b4a16:	callq  0x7ffff78afd90
   0x7ffff78b4a1b:	movl   $0xffffffff,0x0(%r13)
   0x7ffff78b4a23:	mov    0xa0(%rsp),%eax
   0x7ffff78b4a2a:	jmpq   0x7ffff78b46c2
   0x7ffff78b4a2f:	test   %rbp,%rbp
   0x7ffff78b4a32:	mov    0x0(%r13),%ebx
   0x7ffff78b4a36:	je     0x7ffff78b4a6e
   0x7ffff78b4a38:	mov    0x10(%rbp),%rdi
   0x7ffff78b4a3c:	test   %rdi,%rdi
   0x7ffff78b4a3f:	je     0x7ffff78b4a5b
   0x7ffff78b4a41:	cmp    %ebx,(%rdi)
   0x7ffff78b4a43:	jne    0x7ffff78b4a52
   0x7ffff78b4a45:	jmp    0x7ffff78b4a96
   0x7ffff78b4a47:	cmp    (%rdi),%ebx
   0x7ffff78b4a49:	data32 data32 xchg %ax,%ax
   0x7ffff78b4a4d:	data32 xchg %ax,%ax
   0x7ffff78b4a50:	je     0x7ffff78b4a96
   0x7ffff78b4a52:	mov    0x10(%rdi),%rdi
   0x7ffff78b4a56:	test   %rdi,%rdi
   0x7ffff78b4a59:	jne    0x7ffff78b4a47
   0x7ffff78b4a5b:	cmp    0xc(%rbp),%ebx
   0x7ffff78b4a5e:	mov    %ebx,%r15d
   0x7ffff78b4a61:	setne  %dil
   0x7ffff78b4a65:	shr    $0x1f,%r15d
   0x7ffff78b4a69:	or     %r15b,%dil
   0x7ffff78b4a6c:	jne    0x7ffff78b4a1b
   0x7ffff78b4a6e:	mov    %ebx,%edi
   0x7ffff78b4a70:	callq  0x7ffff782ab40 <close@plt>
   0x7ffff78b4a75:	jmp    0x7ffff78b4a1b
   0x7ffff78b4a77:	mov    0x10(%rdi),%r10
   0x7ffff78b4a7b:	mov    %r10,(%r15)
   0x7ffff78b4a7e:	xchg   %ax,%ax
   0x7ffff78b4a80:	jmpq   0x7ffff78b49dd
   0x7ffff78b4a85:	movq   $0x0,0x8(%rbx)
   0x7ffff78b4a8d:	mov    %rbx,0x10(%rbp)
   0x7ffff78b4a91:	jmpq   0x7ffff78b4636
   0x7ffff78b4a96:	mov    (%r15),%rax
   0x7ffff78b4a99:	test   %rax,%rax
   0x7ffff78b4a9c:	jne    0x7ffff78b4aab
   0x7ffff78b4a9e:	xchg   %ax,%ax
   0x7ffff78b4aa0:	jmp    0x7ffff78b4a6e
   0x7ffff78b4aa2:	mov    0x10(%rax),%rax
   0x7ffff78b4aa6:	test   %rax,%rax
   0x7ffff78b4aa9:	je     0x7ffff78b4a6e
   0x7ffff78b4aab:	cmp    %rax,%rdi
   0x7ffff78b4aae:	xchg   %ax,%ax
   0x7ffff78b4ab0:	jne    0x7ffff78b4aa2
   0x7ffff78b4ab2:	mov    0x8(%rdi),%rdx
   0x7ffff78b4ab6:	test   %rdx,%rdx
   0x7ffff78b4ab9:	je     0x7ffff78b4adb
   0x7ffff78b4abb:	mov    0x10(%rdi),%rax
   0x7ffff78b4abf:	mov    %rax,0x10(%rdx)
   0x7ffff78b4ac3:	mov    0x10(%rdi),%rdx
   0x7ffff78b4ac7:	test   %rdx,%rdx
   0x7ffff78b4aca:	je     0x7ffff78b4ad4
   0x7ffff78b4acc:	mov    0x8(%rdi),%rsi
   0x7ffff78b4ad0:	mov    %rsi,0x8(%rdx)
   0x7ffff78b4ad4:	callq  0x7ffff782abf0 <free@plt>
   0x7ffff78b4ad9:	jmp    0x7ffff78b4a6e
   0x7ffff78b4adb:	mov    0x10(%rdi),%rcx
   0x7ffff78b4adf:	mov    %rcx,(%r15)
   0x7ffff78b4ae2:	jmp    0x7ffff78b4ac3
   0x7ffff78b4ae4:	data32 data32 xchg %ax,%ax
   0x7ffff78b4ae8:	data32 data32 xchg %ax,%ax
   0x7ffff78b4aec:	data32 data32 xchg %ax,%ax
   0x7ffff78b4af0:	push   %r15
   0x7ffff78b4af2:	mov    $0x1,%ecx
   0x7ffff78b4af7:	mov    %edx,%r15d
   0x7ffff78b4afa:	push   %r14
   0x7ffff78b4afc:	mov    %edi,%r14d
   0x7ffff78b4aff:	push   %r13
   0x7ffff78b4b01:	push   %r12
   0x7ffff78b4b03:	push   %rbp
   0x7ffff78b4b04:	push   %rbx
   0x7ffff78b4b05:	sub    $0x28,%rsp
   0x7ffff78b4b09:	lea    0x10(%rsp),%rax
   0x7ffff78b4b0e:	mov    %rax,(%rsp)
   0x7ffff78b4b12:	movl   $0x0,0xc(%rax)
   0x7ffff78b4b19:	mov    %edi,0x10(%rsp)
   0x7ffff78b4b1d:	xor    %edi,%edi
   0x7ffff78b4b1f:	cmp    %edx,%r14d
   0x7ffff78b4b22:	mov    %esi,0x14(%rsp)
   0x7ffff78b4b26:	mov    %edx,0x18(%rsp)
   0x7ffff78b4b2a:	je     0x7ffff78b4ba8
   0x7ffff78b4b2c:	data32 data32 xchg %ax,%ax
   0x7ffff78b4b30:	xor    %eax,%eax
   0x7ffff78b4b32:	mov    $0x1,%r9d
   0x7ffff78b4b38:	
    lock cmpxchg %r9d,0x706ccb(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4b41:	setne  %dl
   0x7ffff78b4b44:	test   %dl,%dl
   0x7ffff78b4b46:	je     0x7ffff78b4c15
   0x7ffff78b4b4c:	mov    0x706cb9(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b4b53:	test   %r10d,%r10d
   0x7ffff78b4b56:	je     0x7ffff78b4b30
   0x7ffff78b4b58:	mov    0x706cae(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b4b5e:	test   %ebx,%ebx
   0x7ffff78b4b60:	je     0x7ffff78b4b30
   0x7ffff78b4b62:	mov    0x706ca3(%rip),%r12d        # 0x7ffff7fbb80c
   0x7ffff78b4b69:	test   %r12d,%r12d
   0x7ffff78b4b6c:	je     0x7ffff78b4b30
   0x7ffff78b4b6e:	mov    0x706c97(%rip),%r9d        # 0x7ffff7fbb80c
   0x7ffff78b4b75:	test   %r9d,%r9d
   0x7ffff78b4b78:	je     0x7ffff78b4b30
   0x7ffff78b4b7a:	mov    0x706c8c(%rip),%edi        # 0x7ffff7fbb80c
   0x7ffff78b4b80:	test   %edi,%edi
   0x7ffff78b4b82:	je     0x7ffff78b4b30
   0x7ffff78b4b84:	mov    0x706c81(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b4b8b:	test   %r10d,%r10d
   0x7ffff78b4b8e:	je     0x7ffff78b4b30
   0x7ffff78b4b90:	mov    0x706c76(%rip),%ecx        # 0x7ffff7fbb80c
   0x7ffff78b4b96:	test   %ecx,%ecx
   0x7ffff78b4b98:	je     0x7ffff78b4b30
   0x7ffff78b4b9a:	mov    0x706c6b(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b4ba1:	test   %r11d,%r11d
   0x7ffff78b4ba4:	jne    0x7ffff78b4b4c
   0x7ffff78b4ba6:	jmp    0x7ffff78b4b30
   0x7ffff78b4ba8:	mov    %edi,%eax
   0x7ffff78b4baa:	
    lock cmpxchg %ecx,0x706c5a(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4bb2:	setne  %dl
   0x7ffff78b4bb5:	test   %dl,%dl
   0x7ffff78b4bb7:	je     0x7ffff78b4da0
   0x7ffff78b4bbd:	mov    0x706c49(%rip),%ebx        # 0x7ffff7fbb80c
   0x7ffff78b4bc3:	test   %ebx,%ebx
   0x7ffff78b4bc5:	je     0x7ffff78b4ba8
   0x7ffff78b4bc7:	mov    0x706c3e(%rip),%r13d        # 0x7ffff7fbb80c
   0x7ffff78b4bce:	test   %r13d,%r13d
   0x7ffff78b4bd1:	je     0x7ffff78b4ba8
   0x7ffff78b4bd3:	mov    0x706c33(%rip),%esi        # 0x7ffff7fbb80c
   0x7ffff78b4bd9:	test   %esi,%esi
   0x7ffff78b4bdb:	je     0x7ffff78b4ba8
   0x7ffff78b4bdd:	mov    0x706c28(%rip),%r10d        # 0x7ffff7fbb80c
   0x7ffff78b4be4:	test   %r10d,%r10d
   0x7ffff78b4be7:	je     0x7ffff78b4ba8
   0x7ffff78b4be9:	mov    0x706c1c(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b4bf0:	test   %r11d,%r11d
   0x7ffff78b4bf3:	je     0x7ffff78b4ba8
   0x7ffff78b4bf5:	mov    0x706c11(%rip),%edx        # 0x7ffff7fbb80c
   0x7ffff78b4bfb:	test   %edx,%edx
   0x7ffff78b4bfd:	je     0x7ffff78b4ba8
   0x7ffff78b4bff:	mov    0x706c07(%rip),%ebp        # 0x7ffff7fbb80c
   0x7ffff78b4c05:	test   %ebp,%ebp
   0x7ffff78b4c07:	je     0x7ffff78b4ba8
   0x7ffff78b4c09:	mov    0x706bfd(%rip),%eax        # 0x7ffff7fbb80c
   0x7ffff78b4c0f:	test   %eax,%eax
   0x7ffff78b4c11:	jne    0x7ffff78b4bbd
   0x7ffff78b4c13:	jmp    0x7ffff78b4ba8
   0x7ffff78b4c15:	mov    0x7039cc(%rip),%r11        # 0x7ffff7fb85e8
   0x7ffff78b4c1c:	mov    (%r11),%rbx
   0x7ffff78b4c1f:	test   %rbx,%rbx
   0x7ffff78b4c22:	je     0x7ffff78b4cc8
   0x7ffff78b4c28:	mov    %rbx,%rax
   0x7ffff78b4c2b:	jmp    0x7ffff78b4c3d
   0x7ffff78b4c2d:	data32 xchg %ax,%ax
   0x7ffff78b4c30:	mov    0x30(%rax),%rax
   0x7ffff78b4c34:	test   %rax,%rax
   0x7ffff78b4c37:	je     0x7ffff78b4cc8
   0x7ffff78b4c3d:	cmp    (%rax),%r14d
   0x7ffff78b4c40:	jne    0x7ffff78b4c30
   0x7ffff78b4c42:	cmp    0x4(%rax),%r15d
   0x7ffff78b4c46:	jne    0x7ffff78b4c30
   0x7ffff78b4c48:	movl   $0x0,0x706bba(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4c52:	xor    %eax,%eax
   0x7ffff78b4c54:	mov    $0x1,%r12d
   0x7ffff78b4c5a:	
    lock cmpxchg %r12d,0x706ba9(%rip)        # 0x7ffff7fbb80c
   0x7ffff78b4c63:	setne  %dl
   0x7ffff78b4c66:	test   %dl,%dl
   0x7ffff78b4c68:	je     0x7ffff78b4fa2
   0x7ffff78b4c6e:	mov    0x706b97(%rip),%r13d        # 0x7ffff7fbb80c
   0x7ffff78b4c75:	test   %r13d,%r13d
   0x7ffff78b4c78:	je     0x7ffff78b4c52
   0x7ffff78b4c7a:	mov    0x706b8b(%rip),%r11d        # 0x7ffff7fbb80c
   0x7ffff78b4c81:	test   %r11d,%r11d
   0x7ffff78b4c84:	je     0x7ffff78b4c52

See Also

* Kernel ioctl numbering documentation * My CUDA and CUBAR pages