Attachment 1020053 Details for Bug 1216959 – File: backtrace

File: backtrace

backtrace (text/plain), 40.48 KB, created by Sam Tygier on 2015-04-29 09:59:47 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Sam Tygier

Created: 2015-04-29 09:59:47 UTC

Size: 40.48 KB

patch

obsolete

>[New LWP 3214]
>[New LWP 3212]
>[New LWP 3207]
>[New LWP 3211]
>[New LWP 3213]
>[Thread debugging using libthread_db enabled]
>Using host libthread_db library "/lib64/libthread_db.so.1".
>Core was generated by `eom /tmp/Merlin_scat_4TeVB1H.png'.
>Program terminated with signal SIGSEGV, Segmentation fault.
>#0  magazine_chain_pop_head (magazine_chunks=0x7f9da4000900) at gslice.c:539
>539	      (*magazine_chunks)->data = chunk->next;
>
>Thread 5 (Thread 0x7f9db3fff700 (LWP 3213)):
>#0  0x00007f9dc6e26c8d in poll () at ../sysdeps/unix/syscall-template.S:81
>No locals.
>#1  0x00007f9dc8281b34 in g_main_context_poll (priority=2147483647, n_fds=1, fds=0x7f9da80010c0, timeout=-1, context=0x1463730) at gmain.c:4076
>        poll_func = 0x7f9dc8290f60 <g_poll>
>#2  g_main_context_iterate (context=context@entry=0x1463730, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3776
>        max_priority = 2147483647
>        timeout = -1
>        some_ready = <optimized out>
>        nfds = 1
>        allocated_nfds = 1
>        fds = 0x7f9da80010c0
>#3  0x00007f9dc8281c4c in g_main_context_iteration (context=context@entry=0x1463730, may_block=may_block@entry=1) at gmain.c:3842
>        retval = <optimized out>
>#4  0x00007f9db8fd424d in dconf_gdbus_worker_thread (user_data=0x1463730) at dconf-gdbus-thread.c:82
>        context = 0x1463730
>#5  0x00007f9dc82a83d5 in g_thread_proxy (data=0x1451190) at gthread.c:764
>        thread = 0x1451190
>#6  0x00007f9dcbf0252a in start_thread (arg=0x7f9db3fff700) at pthread_create.c:310
>        __res = <optimized out>
>        pd = 0x7f9db3fff700
>        now = <optimized out>
>        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140315306489600, 2255716722003916810, 140725677039360, 0, 140315306489600, 140315306490304, -2272473279837784054, -2272490938873300982}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
>        not_first_call = <optimized out>
>        pagesize_m1 = <optimized out>
>        sp = <optimized out>
>        freesize = <optimized out>
>#7  0x00007f9dc6e3222d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
>No locals.
>
>Thread 4 (Thread 0x7f9db99da700 (LWP 3211)):
>#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
>No locals.
>#1  0x00007f9dc82c62fc in g_cond_wait (cond=0x1417610, mutex=0x14176a0) at gthread-posix.c:1390
>        sampled = 24
>#2  0x0000000000440634 in eom_render_thread (data=<optimized out>) at eom-job-queue.c:137
>No locals.
>#3  0x00007f9dc82a83d5 in g_thread_proxy (data=0x1451050) at gthread.c:764
>        thread = 0x1451050
>#4  0x00007f9dcbf0252a in start_thread (arg=0x7f9db99da700) at pthread_create.c:310
>        __res = <optimized out>
>        pd = 0x7f9db99da700
>        now = <optimized out>
>        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140315400709888, 2255716722003916810, 140725677041152, 0, 140315400709888, 140315400710592, -2272460378292897782, -2272490938873300982}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
>        not_first_call = <optimized out>
>        pagesize_m1 = <optimized out>
>        sp = <optimized out>
>        freesize = <optimized out>
>#5  0x00007f9dc6e3222d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
>No locals.
>
>Thread 3 (Thread 0x7f9dcc6b79c0 (LWP 3207)):
>#0  0x00007f9dc6e26c8d in poll () at ../sysdeps/unix/syscall-template.S:81
>No locals.
>#1  0x00007f9dc8281b34 in g_main_context_poll (priority=2147483647, n_fds=3, fds=0x14c3490, timeout=2, context=0x1446a10) at gmain.c:4076
>        poll_func = 0x7f9dc8290f60 <g_poll>
>#2  g_main_context_iterate (context=0x1446a10, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3776
>        max_priority = 2147483647
>        timeout = 2
>        some_ready = <optimized out>
>        nfds = 3
>        allocated_nfds = 3
>        fds = 0x14c3490
>#3  0x00007f9dc8281ec2 in g_main_loop_run (loop=0x14c3470) at gmain.c:3975
>        __FUNCTION__ = "g_main_loop_run"
>#4  0x00007f9dcad6fec7 in IA__gtk_main () at gtkmain.c:1268
>        tmp_list = 0x0
>        functions = 0x0
>        init = <optimized out>
>        loop = 0x14c3470
>#5  0x000000000041e0e3 in main (argc=1, argv=0x7ffd3ffda8f8) at main.c:254
>        error = 0x0
>        ctx = <optimized out>
>
>Thread 2 (Thread 0x7f9db8da0700 (LWP 3212)):
>#0  0x00007f9dc6e26c8d in poll () at ../sysdeps/unix/syscall-template.S:81
>No locals.
>#1  0x00007f9dc8281b34 in g_main_context_poll (priority=2147483647, n_fds=2, fds=0x7f9da00010c0, timeout=-1, context=0x7f9db400cb70) at gmain.c:4076
>        poll_func = 0x7f9dc8290f60 <g_poll>
>#2  g_main_context_iterate (context=0x7f9db400cb70, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3776
>        max_priority = 2147483647
>        timeout = -1
>        some_ready = <optimized out>
>        nfds = 2
>        allocated_nfds = 2
>        fds = 0x7f9da00010c0
>#3  0x00007f9dc8281ec2 in g_main_loop_run (loop=0x7f9db400cb00) at gmain.c:3975
>        __FUNCTION__ = "g_main_loop_run"
>#4  0x00007f9dc8ac1e66 in gdbus_shared_thread_func (user_data=0x7f9db400cb40) at gdbusprivate.c:273
>        data = 0x7f9db400cb40
>#5  0x00007f9dc82a83d5 in g_thread_proxy (data=0x14516d0) at gthread.c:764
>        thread = 0x14516d0
>#6  0x00007f9dcbf0252a in start_thread (arg=0x7f9db8da0700) at pthread_create.c:310
>        __res = <optimized out>
>        pd = 0x7f9db8da0700
>        now = <optimized out>
>        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140315387889408, 2255716722003916810, 140315409099264, 0, 140315387889408, 140315387890112, -2272457594080348150, -2272490938873300982}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
>        not_first_call = <optimized out>
>        pagesize_m1 = <optimized out>
>        sp = <optimized out>
>        freesize = <optimized out>
>#7  0x00007f9dc6e3222d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
>No locals.
>
>Thread 1 (Thread 0x7f9db3375700 (LWP 3214)):
>#0  magazine_chain_pop_head (magazine_chunks=0x7f9da4000900) at gslice.c:539
>        chunk = 0x3cc926b
>#1  thread_memory_magazine1_alloc (tmem=<optimized out>, ix=1) at gslice.c:842
>        mag = 0x7f9da4000900
>        chunk = <optimized out>
>#2  g_slice_alloc (mem_size=mem_size@entry=24) at gslice.c:998
>        ix = 1
>        tmem = 0x3cc926b
>        chunk_size = 32
>        mem = <optimized out>
>#3  0x00007f9dc8a3c218 in emit_in_idle (monitor=0x16906c0, child=0x7f9da4123f40, other_file=0x0, event_type=G_FILE_MONITOR_EVENT_CHANGED) at gfilemonitor.c:426
>        source = <optimized out>
>        change = <optimized out>
>        priv = 0x1690680
>#4  0x00007f9dc8a3ce1d in g_file_monitor_emit_event (monitor=0x16906c0, child=0x7f9da4123f40, other_file=0x0, event_type=<optimized out>) at gfilemonitor.c:732
>        time_now = 63738481
>        since_last = <optimized out>
>        emit_now = 1
>        limiter = 0x7f9da4269620
>        __FUNCTION__ = "g_file_monitor_emit_event"
>#5  0x00007f9dc8ae0175 in ih_event_callback (event=0x7f9da40aeec0, sub=0x7f9dac013d30, file_event=<optimized out>) at inotify-helper.c:195
>        eflags = G_FILE_MONITOR_EVENT_CHANGED
>        child = 0x7f9da4123f40
>        other = 0x0
>#6  0x00007f9dc8adf5ab in ip_event_dispatch (event=0x7f9da40aeec0, pair_file_list=0x0, file_list=0x0, pair_dir_list=0x0, dir_list=0x16c5440) at inotify-path.c:492
>        sub = 0x7f9dac013d30
>        subl = 0x16fb980
>        dir = 0x7f9dac002560
>        l = 0x16c5440
>#7  ip_event_callback (event=0x7f9da40aeec0) at inotify-path.c:628
>        dir_list = 0x16c5440
>        pair_dir_list = 0x0
>        file_list = 0x0
>        pair_file_list = 0x0
>        event = 0x7f9da40aeec0
>#8  0x00007f9dc8ade765 in ik_process_eq_callback (user_data=<error reading variable: value has been optimized out>) at inotify-kernel.c:575
>        event = <optimized out>
>        res = <optimized out>
>#9  0x00007f9dc8282263 in g_timeout_dispatch (source=0x7f9da4190330, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4520
>        timeout_source = 0x7f9da4190330
>        again = <optimized out>
>#10 0x00007f9dc82817fb in g_main_dispatch (context=0x14770f0) at gmain.c:3111
>        dispatch = 0x7f9dc8282250 <g_timeout_dispatch>
>        prev_source = 0x0
>        was_in_call = 0
>        user_data = 0x0
>        callback = 0x7f9dc8ade6d0 <ik_process_eq_callback>
>        cb_funcs = 0x7f9dc856f8c0 <g_source_callback_funcs>
>        cb_data = 0x7f9da4155830
>        need_destroy = <optimized out>
>        source = 0x7f9da4190330
>        current = 0x145e730
>        i = 0
>#11 g_main_context_dispatch (context=context@entry=0x14770f0) at gmain.c:3710
>No locals.
>#12 0x00007f9dc8281b98 in g_main_context_iterate (context=context@entry=0x14770f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3781
>        max_priority = 2147483647
>        timeout = 7
>        some_ready = 1
>        nfds = <optimized out>
>        allocated_nfds = 2
>        fds = 0x7f9da40008c0
>#13 0x00007f9dc8281c4c in g_main_context_iteration (context=0x14770f0, may_block=may_block@entry=1) at gmain.c:3842
>        retval = <optimized out>
>#14 0x00007f9dc8281c89 in glib_worker_main (data=<optimized out>) at gmain.c:5589
>No locals.
>#15 0x00007f9dc82a83d5 in g_thread_proxy (data=0x1451450) at gthread.c:764
>        thread = 0x1451450
>#16 0x00007f9dcbf0252a in start_thread (arg=0x7f9db3375700) at pthread_create.c:310
>        __res = <optimized out>
>        pd = 0x7f9db3375700
>        now = <optimized out>
>        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140315293341440, 2255716722003916810, 140725677039616, 0, 140315293341440, 140315293342144, -2272475001045927926, -2272490938873300982}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
>        not_first_call = <optimized out>
>        pagesize_m1 = <optimized out>
>        sp = <optimized out>
>        freesize = <optimized out>
>#17 0x00007f9dc6e3222d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
>No locals.
>From                To                  Syms Read   Shared Object Library
>0x00007f9dcc156b40  0x00007f9dcc23e7c0  Yes         /lib64/libpython2.7.so.1.0
>0x00007f9dcbf00a20  0x00007f9dcbf0ce01  Yes         /lib64/libpthread.so.0
>0x00007f9dcbcf7ed0  0x00007f9dcbcf8ace  Yes         /lib64/libdl.so.2
>0x00007f9dcbaf4f10  0x00007f9dcbaf57f5  Yes         /lib64/libutil.so.1
>0x00007f9dcb8f1190  0x00007f9dcb8f2075  Yes         /lib64/libgmodule-2.0.so.0
>0x00007f9dcb6ee6b0  0x00007f9dcb6ee82a  Yes         /lib64/libgthread-2.0.so.0
>0x00007f9dcb4cca70  0x00007f9dcb4e1c5d  Yes         /lib64/libmate-desktop-2.so.17
>0x00007f9dcb2b91f0  0x00007f9dcb2bc65e  Yes         /lib64/libstartup-notification-1.so.0
>0x00007f9dcac946b0  0x00007f9dcaf26fde  Yes         /lib64/libgtk-x11-2.0.so.0
>0x00007f9dca987690  0x00007f9dca9e7ea3  Yes         /lib64/libgdk-x11-2.0.so.0
>0x00007f9dca7608b0  0x00007f9dca7655a6  Yes         /lib64/libpangocairo-1.0.so.0
>0x00007f9dca5410a0  0x00007f9dca54d683  Yes         /lib64/libatk-1.0.so.0
>0x00007f9dca3282a0  0x00007f9dca33079b  Yes         /lib64/libpangoft2-1.0.so.0
>0x00007f9dca0e2de0  0x00007f9dca1021f6  Yes         /lib64/libpango-1.0.so.0
>0x00007f9dc9e9dcc0  0x00007f9dc9ebbd3d  Yes         /lib64/libfontconfig.so.1
>0x00007f9dc9bfbea0  0x00007f9dc9c6abf2  Yes         /lib64/libfreetype.so.6
>0x00007f9dc99b86e0  0x00007f9dc99c9283  Yes         /lib64/libexif.so.12
>0x00007f9dc975b0c0  0x00007f9dc978e149  Yes         /lib64/liblcms2.so.2
>0x00007f9dc9440ab0  0x00007f9dc94f7a70  Yes         /lib64/libexempi.so.3
>0x00007f9dc91e75e0  0x00007f9dc91facf1  Yes         /lib64/libdbus-glib-1.so.2
>0x00007f9dc8f9b920  0x00007f9dc8fc6174  Yes         /lib64/libdbus-1.so.3
>0x00007f9dc8d65bb0  0x00007f9dc8d89227  Yes         /lib64/librsvg-2.so.2
>0x00007f9dc8a1acb0  0x00007f9dc8ae509b  Yes         /lib64/libgio-2.0.so.0
>0x00007f9dc87c9380  0x00007f9dc87dce00  Yes         /lib64/libgdk_pixbuf-2.0.so.0
>0x00007f9dc857be20  0x00007f9dc85ab0c6  Yes         /lib64/libgobject-2.0.so.0
>0x00007f9dc82525f0  0x00007f9dc82ee409  Yes         /lib64/libglib-2.0.so.0
>0x00007f9dc7f20990  0x00007f9dc7ff1a71  Yes         /lib64/libcairo.so.2
>0x00007f9dc7cbac90  0x00007f9dc7cf2910  Yes         /lib64/libjpeg.so.62
>0x00007f9dc797e870  0x00007f9dc7a603ae  Yes         /lib64/libxml2.so.2
>0x00007f9dc762afd0  0x00007f9dc76b361c  Yes         /lib64/libX11.so.6
>0x00007f9dc730a5c0  0x00007f9dc737bb51  Yes         /lib64/libm.so.6
>0x00007f9dc70f1200  0x00007f9dc70fd729  Yes         /lib64/libz.so.1
>0x00007f9dc6d514f0  0x00007f9dc6e9c784  Yes         /lib64/libc.so.6
>0x00007f9dcc4e5b10  0x00007f9dcc5006b0  Yes         /lib64/ld-linux-x86-64.so.2
>0x00007f9dc6b29c00  0x00007f9dc6b2f5a9  Yes         /lib64/libXrandr.so.2
>0x00007f9dc691e4a0  0x00007f9dc692343e  Yes         /lib64/libdconf.so.1
>0x00007f9dc67165b0  0x00007f9dc671736c  Yes         /lib64/libxcb-util.so.1
>0x00007f9dc6512600  0x00007f9dc651271b  Yes         /lib64/libX11-xcb.so.1
>0x00007f9dc62f9bd0  0x00007f9dc6308215  Yes         /lib64/libxcb.so.1
>0x00007f9dc60eb5f0  0x00007f9dc60ed926  Yes         /lib64/libXfixes.so.3
>0x00007f9dc5ee1b70  0x00007f9dc5ee7a45  Yes         /lib64/libXrender.so.1
>0x00007f9dc5cddbb0  0x00007f9dc5cde524  Yes         /lib64/libXinerama.so.1
>0x00007f9dc5acf230  0x00007f9dc5ad9857  Yes         /lib64/libXi.so.6
>0x00007f9dc58c4ab0  0x00007f9dc58c95b7  Yes         /lib64/libXcursor.so.1
>0x00007f9dc56bfcd0  0x00007f9dc56c06e5  Yes         /lib64/libXcomposite.so.1
>0x00007f9dc54bcc40  0x00007f9dc54bd56b  Yes         /lib64/libXdamage.so.1
>0x00007f9dc52ad770  0x00007f9dc52b754f  Yes         /lib64/libXext.so.6
>0x00007f9dc5058ee0  0x00007f9dc508e679  Yes         /lib64/libharfbuzz.so.0
>0x00007f9dc4e2be00  0x00007f9dc4e44249  Yes         /lib64/libexpat.so.1
>0x00007f9dc4c19760  0x00007f9dc4c25462  Yes         /lib64/libbz2.so.1
>0x00007f9dc49ea500  0x00007f9dc4a0bda7  Yes         /lib64/libpng16.so.16
>0x00007f9dc4731910  0x00007f9dc479e53f  Yes         /lib64/libstdc++.so.6
>0x00007f9dc44c1af0  0x00007f9dc44d19b5  Yes         /lib64/libgcc_s.so.1
>0x00007f9dc428ccd0  0x00007f9dc42aaba5  Yes         /lib64/libcroco-0.6.so.3
>0x00007f9dc407d870  0x00007f9dc408200c  Yes         /lib64/libffi.so.6
>0x00007f9dc3e5d530  0x00007f9dc3e705ba  Yes         /lib64/libselinux.so.1
>0x00007f9dc3c40a40  0x00007f9dc3c4fbc1  Yes         /lib64/libresolv.so.2
>0x00007f9dc399a370  0x00007f9dc3a24090  Yes         /lib64/libpixman-1.so.0
>0x00007f9dc376ca40  0x00007f9dc3781fc9  Yes         /lib64/libEGL.so.1
>0x00007f9dc3562df0  0x00007f9dc3563903  Yes         /lib64/libxcb-shm.so.0
>0x00007f9dc335b610  0x00007f9dc335ea8a  Yes         /lib64/libxcb-render.so.0
>0x00007f9dc30d8240  0x00007f9dc31356f2  Yes         /lib64/libGL.so.1
>0x00007f9dc2eb82a0  0x00007f9dc2ebb417  Yes         /lib64/librt.so.1
>0x00007f9dc2c93f30  0x00007f9dc2ca9d72  Yes         /lib64/liblzma.so.5
>0x00007f9dc2a8dec0  0x00007f9dc2a8ebf9  Yes         /lib64/libXau.so.6
>0x00007f9dc2871710  0x00007f9dc28855e8  Yes         /lib64/libgraphite2.so.3
>0x00007f9dc26036f0  0x00007f9dc26518e5  Yes         /lib64/libpcre.so.1
>0x00007f9dc23fe920  0x00007f9dc23ffa45  Yes         /lib64/libxcb-dri2.so.0
>0x00007f9dc21f7830  0x00007f9dc21f9c05  Yes         /lib64/libxcb-xfixes.so.0
>0x00007f9dc1ff2020  0x00007f9dc1ff2bc5  Yes         /lib64/libxcb-shape.so.0
>0x00007f9dc1de5980  0x00007f9dc1deb214  Yes         /lib64/libgbm.so.1
>0x00007f9dc1bd9f80  0x00007f9dc1bde3bf  Yes         /lib64/libwayland-client.so.0
>0x00007f9dc19c91e0  0x00007f9dc19cebbf  Yes         /lib64/libwayland-server.so.0
>0x00007f9dc17a2920  0x00007f9dc17ac38e  Yes         /lib64/libglapi.so.0
>0x00007f9dc158f400  0x00007f9dc1595431  Yes         /lib64/libdrm.so.2
>0x00007f9dc137d020  0x00007f9dc1384bb5  Yes         /lib64/libxcb-glx.so.0
>0x00007f9dc1170d50  0x00007f9dc11714f3  Yes         /lib64/libxcb-dri3.so.0
>0x00007f9dc0f6dc50  0x00007f9dc0f6e428  Yes         /lib64/libxcb-present.so.0
>0x00007f9dc0d64bd0  0x00007f9dc0d68a21  Yes         /lib64/libxcb-randr.so.0
>0x00007f9dc0b5a060  0x00007f9dc0b5bfc9  Yes         /lib64/libxcb-sync.so.1
>0x00007f9dc0955990  0x00007f9dc0955c7c  Yes         /lib64/libxshmfence.so.1
>0x00007f9dc0750010  0x00007f9dc07529a8  Yes         /lib64/libXxf86vm.so.1
>0x00007f9db8fd0be0  0x00007f9db8fd588e  Yes         /usr/lib64/gio/modules/libdconfsettings.so
>0x00007f9db8378da0  0x00007f9db8393266  Yes         /usr/lib64/gio/modules/libgvfsdbus.so
>0x00007f9db8142d20  0x00007f9db8159e56  Yes         /usr/lib64/gvfs/libgvfscommon.so
>0x00007f9db35c27d0  0x00007f9db35ef2fe  Yes         /lib64/libbluray.so.1
>0x00007f9dcc600b10  0x00007f9dcc608376  Yes (*)     /lib64/libudev.so.1
>0x00007f9db337f790  0x00007f9db33ae8b0  Yes         /lib64/libdw.so.1
>0x00007f9db8db8ae0  0x00007f9db8dc6d3a  Yes         /lib64/libelf.so.1
>0x00007f9db294cbc0  0x00007f9db296e267  Yes         /usr/lib64/gtk-2.0/2.10.0/engines/libclearlooks.so
>0x00007f9db2559c10  0x00007f9db255a019  Yes         /usr/lib64/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
>0x00007f9db22f6570  0x00007f9db22f700b  Yes         /usr/lib64/gconv/ISO8859-1.so
>(*): Shared library is missing debugging information.
>$1 = 0x0
>$2 = 0x0
>rax            0x7f9da40008e0	140315038058720
>rbx            0x3cc926b	63738475
>rcx            0x7f9da41bfc20	140315039890464
>rdx            0x2	2
>rsi            0x10	16
>rdi            0x0	0
>rbp            0x7f9da4000900	0x7f9da4000900
>rsp            0x7f9db33749a0	0x7f9db33749a0
>r8             0x7f9da4269620	140315040585248
>r9             0x0	0
>r10            0x7f9da427c788	140315040663432
>r11            0x1473e68	21446248
>r12            0x18	24
>r13            0x1	1
>r14            0x0	0
>r15            0x7f9da4123f40	140315039252288
>rip            0x7f9dc829e166	0x7f9dc829e166 <g_slice_alloc+118>
>eflags         0x10202	[ IF RF ]
>cs             0x33	51
>ss             0x2b	43
>ds             0x0	0
>es             0x0	0
>fs             0x0	0
>gs             0x0	0
>Dump of assembler code for function g_slice_alloc:
>   0x00007f9dc829e0f0 <+0>:	push   %r15
>   0x00007f9dc829e0f2 <+2>:	push   %r14
>   0x00007f9dc829e0f4 <+4>:	push   %r13
>   0x00007f9dc829e0f6 <+6>:	push   %r12
>   0x00007f9dc829e0f8 <+8>:	mov    %rdi,%r12
>   0x00007f9dc829e0fb <+11>:	push   %rbp
>   0x00007f9dc829e0fc <+12>:	push   %rbx
>   0x00007f9dc829e0fd <+13>:	lea    0x2d19bc(%rip),%rdi        # 0x7f9dc856fac0 <private_thread_memory>
>   0x00007f9dc829e104 <+20>:	sub    $0x28,%rsp
>   0x00007f9dc829e108 <+24>:	callq  0x7f9dc82c5c40 <g_private_get>
>   0x00007f9dc829e10d <+29>:	test   %rax,%rax
>   0x00007f9dc829e110 <+32>:	mov    %rax,%rbx
>   0x00007f9dc829e113 <+35>:	je     0x7f9dc829e2e8 <g_slice_alloc+504>
>   0x00007f9dc829e119 <+41>:	lea    0xf(%r12),%rdx
>   0x00007f9dc829e11e <+46>:	and    $0xfffffffffffffff0,%rdx
>   0x00007f9dc829e122 <+50>:	mov    %rdx,%rbp
>   0x00007f9dc829e125 <+53>:	je     0x7f9dc829e1c8 <g_slice_alloc+216>
>   0x00007f9dc829e12b <+59>:	cmp    0x2d227e(%rip),%rdx        # 0x7f9dc85703b0 <allocator+48>
>   0x00007f9dc829e132 <+66>:	ja     0x7f9dc829e1a0 <g_slice_alloc+176>
>   0x00007f9dc829e134 <+68>:	mov    %rbp,%rdx
>   0x00007f9dc829e137 <+71>:	shr    $0x4,%rdx
>   0x00007f9dc829e13b <+75>:	lea    -0x1(%rdx),%r13d
>   0x00007f9dc829e13f <+79>:	mov    %r13,%rsi
>   0x00007f9dc829e142 <+82>:	shl    $0x4,%rsi
>   0x00007f9dc829e146 <+86>:	mov    %rsi,%rbp
>   0x00007f9dc829e149 <+89>:	add    (%rbx),%rbp
>   0x00007f9dc829e14c <+92>:	mov    0x0(%rbp),%rcx
>   0x00007f9dc829e150 <+96>:	test   %rcx,%rcx
>   0x00007f9dc829e153 <+99>:	je     0x7f9dc829e360 <g_slice_alloc+624>
>   0x00007f9dc829e159 <+105>:	mov    0x8(%rcx),%rbx
>   0x00007f9dc829e15d <+109>:	test   %rbx,%rbx
>   0x00007f9dc829e160 <+112>:	je     0x7f9dc829e4a0 <g_slice_alloc+944>
>=> 0x00007f9dc829e166 <+118>:	mov    (%rbx),%rax
>   0x00007f9dc829e169 <+121>:	mov    %rax,0x8(%rcx)
>   0x00007f9dc829e16d <+125>:	mov    0x8(%rbp),%rax
>   0x00007f9dc829e171 <+129>:	test   %rax,%rax
>   0x00007f9dc829e174 <+132>:	je     0x7f9dc829e17e <g_slice_alloc+142>
>   0x00007f9dc829e176 <+134>:	sub    $0x1,%rax
>   0x00007f9dc829e17a <+138>:	mov    %rax,0x8(%rbp)
>   0x00007f9dc829e17e <+142>:	mov    0x2d2214(%rip),%eax        # 0x7f9dc8570398 <allocator+24>
>   0x00007f9dc829e184 <+148>:	test   %eax,%eax
>   0x00007f9dc829e186 <+150>:	jne    0x7f9dc829e1e2 <g_slice_alloc+242>
>   0x00007f9dc829e188 <+152>:	nop
>   0x00007f9dc829e189 <+153>:	add    $0x28,%rsp
>   0x00007f9dc829e18d <+157>:	mov    %rbx,%rax
>   0x00007f9dc829e190 <+160>:	pop    %rbx
>   0x00007f9dc829e191 <+161>:	pop    %rbp
>   0x00007f9dc829e192 <+162>:	pop    %r12
>   0x00007f9dc829e194 <+164>:	pop    %r13
>   0x00007f9dc829e196 <+166>:	pop    %r14
>   0x00007f9dc829e198 <+168>:	pop    %r15
>   0x00007f9dc829e19a <+170>:	retq   
>   0x00007f9dc829e19b <+171>:	nopl   0x0(%rax,%rax,1)
>   0x00007f9dc829e1a0 <+176>:	mov    0x2d21ea(%rip),%edx        # 0x7f9dc8570390 <allocator+16>
>   0x00007f9dc829e1a6 <+182>:	test   %edx,%edx
>   0x00007f9dc829e1a8 <+184>:	jne    0x7f9dc829e1c8 <g_slice_alloc+216>
>   0x00007f9dc829e1aa <+186>:	mov    0x2d21d7(%rip),%rax        # 0x7f9dc8570388 <allocator+8>
>   0x00007f9dc829e1b1 <+193>:	sub    $0x30,%rax
>   0x00007f9dc829e1b5 <+197>:	shr    $0x3,%rax
>   0x00007f9dc829e1b9 <+201>:	cmp    %rax,%rbp
>   0x00007f9dc829e1bc <+204>:	jbe    0x7f9dc829e4b0 <g_slice_alloc+960>
>   0x00007f9dc829e1c2 <+210>:	nopw   0x0(%rax,%rax,1)
>   0x00007f9dc829e1c8 <+216>:	mov    %r12,%rdi
>   0x00007f9dc829e1cb <+219>:	callq  0x7f9dc82873f0 <g_malloc>
>   0x00007f9dc829e1d0 <+224>:	mov    %rax,%rbx
>   0x00007f9dc829e1d3 <+227>:	mov    0x2d21bf(%rip),%ecx        # 0x7f9dc8570398 <allocator+24>
>   0x00007f9dc829e1d9 <+233>:	test   %ecx,%ecx
>   0x00007f9dc829e1db <+235>:	je     0x7f9dc829e188 <g_slice_alloc+152>
>   0x00007f9dc829e1dd <+237>:	test   %rbx,%rbx
>   0x00007f9dc829e1e0 <+240>:	je     0x7f9dc829e188 <g_slice_alloc+152>
>   0x00007f9dc829e1e2 <+242>:	lea    0x2d2167(%rip),%rdi        # 0x7f9dc8570350 <smc_tree_mutex>
>   0x00007f9dc829e1e9 <+249>:	movabs $0x300901b0510f33,%rbp
>   0x00007f9dc829e1f3 <+259>:	movabs $0x80402010080403,%r13
>   0x00007f9dc829e1fd <+269>:	callq  0x7f9dc82c6190 <g_mutex_lock>
>   0x00007f9dc829e202 <+274>:	mov    %rbx,%rax
>   0x00007f9dc829e205 <+277>:	movabs $0x203442cf2b117423,%rdx
>   0x00007f9dc829e20f <+287>:	mul    %rdx
>   0x00007f9dc829e212 <+290>:	mov    %rdx,%rcx
>   0x00007f9dc829e215 <+293>:	shr    $0x11,%rcx
>   0x00007f9dc829e219 <+297>:	mov    %rcx,%rax
>   0x00007f9dc829e21c <+300>:	mul    %rbp
>   0x00007f9dc829e21f <+303>:	mov    %rcx,%rbp
>   0x00007f9dc829e222 <+306>:	sub    %rdx,%rbp
>   0x00007f9dc829e225 <+309>:	shr    %rbp
>   0x00007f9dc829e228 <+312>:	add    %rdx,%rbp
>   0x00007f9dc829e22b <+315>:	shr    $0xb,%rbp
>   0x00007f9dc829e22f <+319>:	mov    %rbp,%rax
>   0x00007f9dc829e232 <+322>:	shl    $0xa,%rax
>   0x00007f9dc829e236 <+326>:	sub    %rbp,%rax
>   0x00007f9dc829e239 <+329>:	lea    0x0(%rbp,%rax,4),%rax
>   0x00007f9dc829e23e <+334>:	sub    %rax,%rcx
>   0x00007f9dc829e241 <+337>:	mov    %rbx,%rax
>   0x00007f9dc829e244 <+340>:	mul    %r13
>   0x00007f9dc829e247 <+343>:	mov    %rbx,%r13
>   0x00007f9dc829e24a <+346>:	mov    %rcx,%rbp
>   0x00007f9dc829e24d <+349>:	sub    %rdx,%r13
>   0x00007f9dc829e250 <+352>:	shr    %r13
>   0x00007f9dc829e253 <+355>:	add    %rdx,%r13
>   0x00007f9dc829e256 <+358>:	shr    $0x8,%r13
>   0x00007f9dc829e25a <+362>:	mov    %r13,%rax
>   0x00007f9dc829e25d <+365>:	shl    $0x9,%rax
>   0x00007f9dc829e261 <+369>:	sub    %r13,%rax
>   0x00007f9dc829e264 <+372>:	mov    %rbx,%r13
>   0x00007f9dc829e267 <+375>:	sub    %rax,%r13
>   0x00007f9dc829e26a <+378>:	mov    0x2d20d7(%rip),%rax        # 0x7f9dc8570348 <smc_tree_root>
>   0x00007f9dc829e271 <+385>:	test   %rax,%rax
>   0x00007f9dc829e274 <+388>:	je     0x7f9dc829e4e8 <g_slice_alloc+1016>
>   0x00007f9dc829e27a <+394>:	lea    (%rax,%rbp,8),%rbp
>   0x00007f9dc829e27e <+398>:	mov    0x0(%rbp),%rax
>   0x00007f9dc829e282 <+402>:	test   %rax,%rax
>   0x00007f9dc829e285 <+405>:	je     0x7f9dc829e5d8 <g_slice_alloc+1256>
>   0x00007f9dc829e28b <+411>:	shl    $0x4,%r13
>   0x00007f9dc829e28f <+415>:	add    %rax,%r13
>   0x00007f9dc829e292 <+418>:	mov    0x8(%r13),%r8d
>   0x00007f9dc829e296 <+422>:	mov    0x0(%r13),%rdi
>   0x00007f9dc829e29a <+426>:	test   %r8d,%r8d
>   0x00007f9dc829e29d <+429>:	je     0x7f9dc829e608 <g_slice_alloc+1304>
>   0x00007f9dc829e2a3 <+435>:	mov    %r8d,%esi
>   0x00007f9dc829e2a6 <+438>:	xor    %ecx,%ecx
>   0x00007f9dc829e2a8 <+440>:	jmp    0x7f9dc829e2c6 <g_slice_alloc+470>
>   0x00007f9dc829e2aa <+442>:	nopw   0x0(%rax,%rax,1)
>   0x00007f9dc829e2b0 <+448>:	je     0x7f9dc829e518 <g_slice_alloc+1064>
>   0x00007f9dc829e2b6 <+454>:	lea    0x1(%rdx),%ecx
>   0x00007f9dc829e2b9 <+457>:	mov    $0x1,%eax
>   0x00007f9dc829e2be <+462>:	cmp    %ecx,%esi
>   0x00007f9dc829e2c0 <+464>:	jbe    0x7f9dc829e590 <g_slice_alloc+1184>
>   0x00007f9dc829e2c6 <+470>:	lea    (%rsi,%rcx,1),%edx
>   0x00007f9dc829e2c9 <+473>:	shr    %edx
>   0x00007f9dc829e2cb <+475>:	mov    %edx,%ebp
>   0x00007f9dc829e2cd <+477>:	shl    $0x4,%rbp
>   0x00007f9dc829e2d1 <+481>:	add    %rdi,%rbp
>   0x00007f9dc829e2d4 <+484>:	cmp    0x0(%rbp),%rbx
>   0x00007f9dc829e2d8 <+488>:	jae    0x7f9dc829e2b0 <g_slice_alloc+448>
>   0x00007f9dc829e2da <+490>:	mov    %edx,%esi
>   0x00007f9dc829e2dc <+492>:	mov    $0xffffffff,%eax
>   0x00007f9dc829e2e1 <+497>:	jmp    0x7f9dc829e2be <g_slice_alloc+462>
>   0x00007f9dc829e2e3 <+499>:	nopl   0x0(%rax,%rax,1)
>   0x00007f9dc829e2e8 <+504>:	lea    0x2d2051(%rip),%rdi        # 0x7f9dc8570340 <init_mutex.7316>
>   0x00007f9dc829e2ef <+511>:	callq  0x7f9dc82c6190 <g_mutex_lock>
>   0x00007f9dc829e2f4 <+516>:	cmpq   $0x0,0x2d20fc(%rip)        # 0x7f9dc85703f8 <sys_page_size>
>   0x00007f9dc829e2fc <+524>:	jne    0x7f9dc829e303 <g_slice_alloc+531>
>   0x00007f9dc829e2fe <+526>:	callq  0x7f9dc829d880 <g_slice_init_nomessage>
>   0x00007f9dc829e303 <+531>:	lea    0x2d2036(%rip),%rdi        # 0x7f9dc8570340 <init_mutex.7316>
>   0x00007f9dc829e30a <+538>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e30f <+543>:	mov    0x2d2072(%rip),%rax        # 0x7f9dc8570388 <allocator+8>
>   0x00007f9dc829e316 <+550>:	lea    -0x30(%rax),%rbp
>   0x00007f9dc829e31a <+554>:	shr    $0x7,%rbp
>   0x00007f9dc829e31e <+558>:	mov    %ebp,%ebp
>   0x00007f9dc829e320 <+560>:	mov    %rbp,%rdi
>   0x00007f9dc829e323 <+563>:	shl    $0x4,%rbp
>   0x00007f9dc829e327 <+567>:	shl    $0x5,%rdi
>   0x00007f9dc829e32b <+571>:	add    $0x10,%rdi
>   0x00007f9dc829e32f <+575>:	callq  0x7f9dc8287440 <g_malloc0>
>   0x00007f9dc829e334 <+580>:	mov    %rax,%rbx
>   0x00007f9dc829e337 <+583>:	lea    0x10(%rax),%rax
>   0x00007f9dc829e33b <+587>:	lea    0x2d177e(%rip),%rdi        # 0x7f9dc856fac0 <private_thread_memory>
>   0x00007f9dc829e342 <+594>:	mov    %rbx,%rsi
>   0x00007f9dc829e345 <+597>:	add    %rax,%rbp
>   0x00007f9dc829e348 <+600>:	mov    %rax,(%rbx)
>   0x00007f9dc829e34b <+603>:	mov    %rbp,0x8(%rbx)
>   0x00007f9dc829e34f <+607>:	callq  0x7f9dc82c5d00 <g_private_set>
>   0x00007f9dc829e354 <+612>:	jmpq   0x7f9dc829e119 <g_slice_alloc+41>
>   0x00007f9dc829e359 <+617>:	nopl   0x0(%rax)
>   0x00007f9dc829e360 <+624>:	mov    %rsi,%rax
>   0x00007f9dc829e363 <+627>:	add    0x8(%rbx),%rax
>   0x00007f9dc829e367 <+631>:	mov    0x8(%rbp),%rcx
>   0x00007f9dc829e36b <+635>:	mov    (%rax),%r9
>   0x00007f9dc829e36e <+638>:	mov    0x8(%rax),%r10
>   0x00007f9dc829e372 <+642>:	mov    %r9,0x0(%rbp)
>   0x00007f9dc829e376 <+646>:	mov    %r10,0x8(%rbp)
>   0x00007f9dc829e37a <+650>:	mov    %rsi,%rbp
>   0x00007f9dc829e37d <+653>:	mov    %rcx,0x8(%rax)
>   0x00007f9dc829e381 <+657>:	movq   $0x0,(%rax)
>   0x00007f9dc829e388 <+664>:	add    (%rbx),%rbp
>   0x00007f9dc829e38b <+667>:	mov    0x0(%rbp),%r14
>   0x00007f9dc829e38f <+671>:	test   %r14,%r14
>   0x00007f9dc829e392 <+674>:	mov    %r14,%rcx
>   0x00007f9dc829e395 <+677>:	jne    0x7f9dc829e159 <g_slice_alloc+105>
>   0x00007f9dc829e39b <+683>:	mov    0x2d2026(%rip),%rax        # 0x7f9dc85703c8 <allocator+72>
>   0x00007f9dc829e3a2 <+690>:	lea    0x2d200f(%rip),%rdi        # 0x7f9dc85703b8 <allocator+56>
>   0x00007f9dc829e3a9 <+697>:	movq   $0x0,0x8(%rbp)
>   0x00007f9dc829e3b1 <+705>:	mov    %rsi,0x10(%rsp)
>   0x00007f9dc829e3b6 <+710>:	mov    %rdx,0x8(%rsp)
>   0x00007f9dc829e3bb <+715>:	lea    (%rax,%r13,4),%r15
>   0x00007f9dc829e3bf <+719>:	callq  0x7f9dc82c6260 <g_mutex_trylock>
>   0x00007f9dc829e3c4 <+724>:	test   %eax,%eax
>   0x00007f9dc829e3c6 <+726>:	mov    0x8(%rsp),%rdx
>   0x00007f9dc829e3cb <+731>:	mov    0x10(%rsp),%rsi
>   0x00007f9dc829e3d0 <+736>:	je     0x7f9dc829e618 <g_slice_alloc+1320>
>   0x00007f9dc829e3d6 <+742>:	mov    0x2d1ff4(%rip),%eax        # 0x7f9dc85703d0 <allocator+80>
>   0x00007f9dc829e3dc <+748>:	sub    $0x1,%eax
>   0x00007f9dc829e3df <+751>:	cmp    $0xfffffff5,%eax
>   0x00007f9dc829e3e2 <+754>:	jge    0x7f9dc829e60d <g_slice_alloc+1309>
>   0x00007f9dc829e3e8 <+760>:	movl   $0x0,0x2d1fde(%rip)        # 0x7f9dc85703d0 <allocator+80>
>   0x00007f9dc829e3f2 <+770>:	mov    (%r15),%edi
>   0x00007f9dc829e3f5 <+773>:	mov    $0x1,%eax
>   0x00007f9dc829e3fa <+778>:	test   %edi,%edi
>   0x00007f9dc829e3fc <+780>:	cmovne (%r15),%eax
>   0x00007f9dc829e400 <+784>:	sub    $0x1,%eax
>   0x00007f9dc829e403 <+787>:	mov    %eax,(%r15)
>   0x00007f9dc829e406 <+790>:	mov    0x2d1fb3(%rip),%rax        # 0x7f9dc85703c0 <allocator+64>
>   0x00007f9dc829e40d <+797>:	lea    (%rax,%r13,8),%rcx
>   0x00007f9dc829e411 <+801>:	mov    (%rcx),%r15
>   0x00007f9dc829e414 <+804>:	test   %r15,%r15
>   0x00007f9dc829e417 <+807>:	je     0x7f9dc829e66b <g_slice_alloc+1403>
>   0x00007f9dc829e41d <+813>:	mov    (%r15),%rax
>   0x00007f9dc829e420 <+816>:	mov    0x8(%r15),%rdx
>   0x00007f9dc829e424 <+820>:	mov    %rsi,0x8(%rsp)
>   0x00007f9dc829e429 <+825>:	mov    (%rax),%rax
>   0x00007f9dc829e42c <+828>:	mov    (%rdx),%rdi
>   0x00007f9dc829e42f <+831>:	mov    0x8(%rax),%rax
>   0x00007f9dc829e433 <+835>:	mov    (%rdi),%rdi
>   0x00007f9dc829e436 <+838>:	cmp    %rax,%r15
>   0x00007f9dc829e439 <+841>:	mov    %rax,0x8(%rdi)
>   0x00007f9dc829e43d <+845>:	lea    0x2d1f74(%rip),%rdi        # 0x7f9dc85703b8 <allocator+56>
>   0x00007f9dc829e444 <+852>:	cmovne %rax,%r14
>   0x00007f9dc829e448 <+856>:	mov    %rdx,0x8(%rax)
>   0x00007f9dc829e44c <+860>:	mov    %r14,(%rcx)
>   0x00007f9dc829e44f <+863>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e454 <+868>:	mov    (%r15),%rax
>   0x00007f9dc829e457 <+871>:	mov    0x8(%rsp),%rsi
>   0x00007f9dc829e45c <+876>:	mov    (%rax),%rcx
>   0x00007f9dc829e45f <+879>:	mov    (%rcx),%rdx
>   0x00007f9dc829e462 <+882>:	mov    0x8(%rdx),%rdi
>   0x00007f9dc829e466 <+886>:	mov    %rdi,0x8(%rbp)
>   0x00007f9dc829e46a <+890>:	movq   $0x0,0x8(%r15)
>   0x00007f9dc829e472 <+898>:	movq   $0x0,0x8(%rcx)
>   0x00007f9dc829e47a <+906>:	movq   $0x0,0x8(%rdx)
>   0x00007f9dc829e482 <+914>:	movq   $0x0,0x8(%rax)
>   0x00007f9dc829e48a <+922>:	mov    %r15,0x0(%rbp)
>   0x00007f9dc829e48e <+926>:	add    (%rbx),%rsi
>   0x00007f9dc829e491 <+929>:	mov    %rsi,%rbp
>   0x00007f9dc829e494 <+932>:	mov    (%rsi),%rcx
>   0x00007f9dc829e497 <+935>:	jmpq   0x7f9dc829e159 <g_slice_alloc+105>
>   0x00007f9dc829e49c <+940>:	nopl   0x0(%rax)
>   0x00007f9dc829e4a0 <+944>:	mov    (%rcx),%rax
>   0x00007f9dc829e4a3 <+947>:	mov    %rcx,%rbx
>   0x00007f9dc829e4a6 <+950>:	mov    %rax,0x0(%rbp)
>   0x00007f9dc829e4aa <+954>:	jmpq   0x7f9dc829e16d <g_slice_alloc+125>
>   0x00007f9dc829e4af <+959>:	nop
>   0x00007f9dc829e4b0 <+960>:	mov    0x2d1edd(%rip),%r8d        # 0x7f9dc8570394 <allocator+20>
>   0x00007f9dc829e4b7 <+967>:	test   %r8d,%r8d
>   0x00007f9dc829e4ba <+970>:	je     0x7f9dc829e134 <g_slice_alloc+68>
>   0x00007f9dc829e4c0 <+976>:	lea    0x2d1f19(%rip),%rdi        # 0x7f9dc85703e0 <allocator+96>
>   0x00007f9dc829e4c7 <+983>:	callq  0x7f9dc82c6190 <g_mutex_lock>
>   0x00007f9dc829e4cc <+988>:	mov    %rbp,%rdi
>   0x00007f9dc829e4cf <+991>:	callq  0x7f9dc829d680 <slab_allocator_alloc_chunk>
>   0x00007f9dc829e4d4 <+996>:	lea    0x2d1f05(%rip),%rdi        # 0x7f9dc85703e0 <allocator+96>
>   0x00007f9dc829e4db <+1003>:	mov    %rax,%rbx
>   0x00007f9dc829e4de <+1006>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e4e3 <+1011>:	jmpq   0x7f9dc829e1d3 <g_slice_alloc+227>
>   0x00007f9dc829e4e8 <+1016>:	mov    $0x8,%esi
>   0x00007f9dc829e4ed <+1021>:	mov    $0xffd,%edi
>   0x00007f9dc829e4f2 <+1026>:	callq  0x7f9dc8251f90 <calloc@plt>
>   0x00007f9dc829e4f7 <+1031>:	test   %rax,%rax
>   0x00007f9dc829e4fa <+1034>:	mov    %rax,0x2d1e47(%rip)        # 0x7f9dc8570348 <smc_tree_root>
>   0x00007f9dc829e501 <+1041>:	jne    0x7f9dc829e27a <g_slice_alloc+394>
>   0x00007f9dc829e507 <+1047>:	callq  0x7f9dc8251aa0 <__errno_location@plt>
>   0x00007f9dc829e50c <+1052>:	mov    (%rax),%edi
>   0x00007f9dc829e50e <+1054>:	callq  0x7f9dc8252916 <smc_tree_abort>
>   0x00007f9dc829e513 <+1059>:	nopl   0x0(%rax,%rax,1)
>   0x00007f9dc829e518 <+1064>:	mov    %r8d,%eax
>   0x00007f9dc829e51b <+1067>:	shl    $0x4,%rax
>   0x00007f9dc829e51f <+1071>:	add    %rdi,%rax
>   0x00007f9dc829e522 <+1074>:	cmp    %rax,%rbp
>   0x00007f9dc829e525 <+1077>:	jb     0x7f9dc829e576 <g_slice_alloc+1158>
>   0x00007f9dc829e527 <+1079>:	mov    %rbp,%r14
>   0x00007f9dc829e52a <+1082>:	sub    %rdi,%r14
>   0x00007f9dc829e52d <+1085>:	sar    $0x4,%r14
>   0x00007f9dc829e531 <+1089>:	cmp    %r14d,%r8d
>   0x00007f9dc829e534 <+1092>:	jb     0x7f9dc829e5c0 <g_slice_alloc+1232>
>   0x00007f9dc829e53a <+1098>:	shl    $0x4,%r8d
>   0x00007f9dc829e53e <+1102>:	lea    0x10(%r8),%esi
>   0x00007f9dc829e542 <+1106>:	callq  0x7f9dc8252240 <realloc@plt>
>   0x00007f9dc829e547 <+1111>:	test   %rax,%rax
>   0x00007f9dc829e54a <+1114>:	mov    %rax,0x0(%r13)
>   0x00007f9dc829e54e <+1118>:	je     0x7f9dc829e507 <g_slice_alloc+1047>
>   0x00007f9dc829e550 <+1120>:	mov    0x8(%r13),%edx
>   0x00007f9dc829e554 <+1124>:	mov    %r14d,%ebp
>   0x00007f9dc829e557 <+1127>:	shl    $0x4,%rbp
>   0x00007f9dc829e55b <+1131>:	add    %rax,%rbp
>   0x00007f9dc829e55e <+1134>:	sub    %r14d,%edx
>   0x00007f9dc829e561 <+1137>:	lea    0x10(%rbp),%rdi
>   0x00007f9dc829e565 <+1141>:	mov    %rbp,%rsi
>   0x00007f9dc829e568 <+1144>:	shl    $0x4,%rdx
>   0x00007f9dc829e56c <+1148>:	callq  0x7f9dc8252330 <memmove@plt>
>   0x00007f9dc829e571 <+1153>:	addl   $0x1,0x8(%r13)
>   0x00007f9dc829e576 <+1158>:	lea    0x2d1dd3(%rip),%rdi        # 0x7f9dc8570350 <smc_tree_mutex>
>   0x00007f9dc829e57d <+1165>:	mov    %rbx,0x0(%rbp)
>   0x00007f9dc829e581 <+1169>:	mov    %r12,0x8(%rbp)
>   0x00007f9dc829e585 <+1173>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e58a <+1178>:	jmpq   0x7f9dc829e188 <g_slice_alloc+152>
>   0x00007f9dc829e58f <+1183>:	nop
>   0x00007f9dc829e590 <+1184>:	lea    0x10(%rbp),%rdx
>   0x00007f9dc829e594 <+1188>:	cmp    $0x1,%eax
>   0x00007f9dc829e597 <+1191>:	cmove  %rdx,%rbp
>   0x00007f9dc829e59b <+1195>:	test   %rbp,%rbp
>   0x00007f9dc829e59e <+1198>:	je     0x7f9dc829e600 <g_slice_alloc+1296>
>   0x00007f9dc829e5a0 <+1200>:	mov    %r8d,%eax
>   0x00007f9dc829e5a3 <+1203>:	shl    $0x4,%rax
>   0x00007f9dc829e5a7 <+1207>:	add    %rdi,%rax
>   0x00007f9dc829e5aa <+1210>:	cmp    %rax,%rbp
>   0x00007f9dc829e5ad <+1213>:	jae    0x7f9dc829e527 <g_slice_alloc+1079>
>   0x00007f9dc829e5b3 <+1219>:	cmp    0x0(%rbp),%rbx
>   0x00007f9dc829e5b7 <+1223>:	jne    0x7f9dc829e527 <g_slice_alloc+1079>
>   0x00007f9dc829e5bd <+1229>:	jmp    0x7f9dc829e576 <g_slice_alloc+1158>
>   0x00007f9dc829e5bf <+1231>:	nop
>   0x00007f9dc829e5c0 <+1232>:	lea    0x5d142(%rip),%rsi        # 0x7f9dc82fb709
>   0x00007f9dc829e5c7 <+1239>:	lea    0x5d0df(%rip),%rdi        # 0x7f9dc82fb6ad
>   0x00007f9dc829e5ce <+1246>:	xor    %eax,%eax
>   0x00007f9dc829e5d0 <+1248>:	callq  0x7f9dc829cf90 <mem_error>
>   0x00007f9dc829e5d5 <+1253>:	nopl   (%rax)
>   0x00007f9dc829e5d8 <+1256>:	mov    $0x10,%esi
>   0x00007f9dc829e5dd <+1261>:	mov    $0x1ff,%edi
>   0x00007f9dc829e5e2 <+1266>:	callq  0x7f9dc8251f90 <calloc@plt>
>   0x00007f9dc829e5e7 <+1271>:	test   %rax,%rax
>   0x00007f9dc829e5ea <+1274>:	mov    %rax,0x0(%rbp)
>   0x00007f9dc829e5ee <+1278>:	jne    0x7f9dc829e28b <g_slice_alloc+411>
>   0x00007f9dc829e5f4 <+1284>:	jmpq   0x7f9dc829e507 <g_slice_alloc+1047>
>   0x00007f9dc829e5f9 <+1289>:	nopl   0x0(%rax)
>   0x00007f9dc829e600 <+1296>:	xor    %r14d,%r14d
>   0x00007f9dc829e603 <+1299>:	jmpq   0x7f9dc829e52a <g_slice_alloc+1082>
>   0x00007f9dc829e608 <+1304>:	mov    %rdi,%rbp
>   0x00007f9dc829e60b <+1307>:	jmp    0x7f9dc829e59b <g_slice_alloc+1195>
>   0x00007f9dc829e60d <+1309>:	mov    %eax,0x2d1dbd(%rip)        # 0x7f9dc85703d0 <allocator+80>
>   0x00007f9dc829e613 <+1315>:	jmpq   0x7f9dc829e406 <g_slice_alloc+790>
>   0x00007f9dc829e618 <+1320>:	lea    0x2d1d99(%rip),%rdi        # 0x7f9dc85703b8 <allocator+56>
>   0x00007f9dc829e61f <+1327>:	mov    %rsi,0x10(%rsp)
>   0x00007f9dc829e624 <+1332>:	mov    %rdx,0x8(%rsp)
>   0x00007f9dc829e629 <+1337>:	callq  0x7f9dc82c6190 <g_mutex_lock>
>   0x00007f9dc829e62e <+1342>:	mov    0x2d1d9c(%rip),%eax        # 0x7f9dc85703d0 <allocator+80>
>   0x00007f9dc829e634 <+1348>:	mov    0x8(%rsp),%rdx
>   0x00007f9dc829e639 <+1353>:	mov    0x10(%rsp),%rsi
>   0x00007f9dc829e63e <+1358>:	add    $0x1,%eax
>   0x00007f9dc829e641 <+1361>:	test   %eax,%eax
>   0x00007f9dc829e643 <+1363>:	jle    0x7f9dc829e60d <g_slice_alloc+1309>
>   0x00007f9dc829e645 <+1365>:	movl   $0x0,0x2d1d81(%rip)        # 0x7f9dc85703d0 <allocator+80>
>   0x00007f9dc829e64f <+1375>:	addl   $0x1,(%r15)
>   0x00007f9dc829e653 <+1379>:	mov    $0x100,%eax
>   0x00007f9dc829e658 <+1384>:	cmpl   $0x100,(%r15)
>   0x00007f9dc829e65f <+1391>:	cmovbe (%r15),%eax
>   0x00007f9dc829e663 <+1395>:	mov    %eax,(%r15)
>   0x00007f9dc829e666 <+1398>:	jmpq   0x7f9dc829e406 <g_slice_alloc+790>
>   0x00007f9dc829e66b <+1403>:	mov    %edx,%edx
>   0x00007f9dc829e66d <+1405>:	mov    $0xa0,%ecx
>   0x00007f9dc829e672 <+1410>:	mov    %rdx,%rax
>   0x00007f9dc829e675 <+1413>:	shl    $0x6,%rdx
>   0x00007f9dc829e679 <+1417>:	shl    $0x4,%rax
>   0x00007f9dc829e67d <+1421>:	mov    %rax,0x10(%rsp)
>   0x00007f9dc829e682 <+1426>:	add    %rdx,%rax
>   0x00007f9dc829e685 <+1429>:	cmp    $0xa0,%rax
>   0x00007f9dc829e68b <+1435>:	cmovae %rax,%rcx
>   0x00007f9dc829e68f <+1439>:	mov    0x2d1cf2(%rip),%rax        # 0x7f9dc8570388 <allocator+8>
>   0x00007f9dc829e696 <+1446>:	xor    %edx,%edx
>   0x00007f9dc829e698 <+1448>:	div    %rcx
>   0x00007f9dc829e69b <+1451>:	mov    $0x4,%ecx
>   0x00007f9dc829e6a0 <+1456>:	cmp    $0x4,%rax
>   0x00007f9dc829e6a4 <+1460>:	cmovae %rax,%rcx
>   0x00007f9dc829e6a8 <+1464>:	mov    0x2d1d19(%rip),%rax        # 0x7f9dc85703c8 <allocator+72>
>   0x00007f9dc829e6af <+1471>:	mov    %ecx,%r14d
>   0x00007f9dc829e6b2 <+1474>:	mov    (%rax,%r13,4),%eax
>   0x00007f9dc829e6b6 <+1478>:	test   %eax,%eax
>   0x00007f9dc829e6b8 <+1480>:	je     0x7f9dc829e6cf <g_slice_alloc+1503>
>   0x00007f9dc829e6ba <+1482>:	shl    $0x6,%eax
>   0x00007f9dc829e6bd <+1485>:	xor    %edx,%edx
>   0x00007f9dc829e6bf <+1487>:	mov    %eax,%eax
>   0x00007f9dc829e6c1 <+1489>:	divq   0x10(%rsp)
>   0x00007f9dc829e6c6 <+1494>:	cmp    %eax,%ecx
>   0x00007f9dc829e6c8 <+1496>:	mov    %eax,%r14d
>   0x00007f9dc829e6cb <+1499>:	cmovae %ecx,%r14d
>   0x00007f9dc829e6cf <+1503>:	lea    0x2d1ce2(%rip),%rdi        # 0x7f9dc85703b8 <allocator+56>
>   0x00007f9dc829e6d6 <+1510>:	mov    %rsi,0x8(%rsp)
>   0x00007f9dc829e6db <+1515>:	mov    %r14d,%r14d
>   0x00007f9dc829e6de <+1518>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e6e3 <+1523>:	lea    0x2d1cf6(%rip),%rdi        # 0x7f9dc85703e0 <allocator+96>
>   0x00007f9dc829e6ea <+1530>:	callq  0x7f9dc82c6190 <g_mutex_lock>
>   0x00007f9dc829e6ef <+1535>:	mov    0x10(%rsp),%rdi
>   0x00007f9dc829e6f4 <+1540>:	callq  0x7f9dc829d680 <slab_allocator_alloc_chunk>
>   0x00007f9dc829e6f9 <+1545>:	cmp    $0x1,%r14
>   0x00007f9dc829e6fd <+1549>:	mov    %rax,0x18(%rsp)
>   0x00007f9dc829e702 <+1554>:	movq   $0x0,0x8(%rax)
>   0x00007f9dc829e70a <+1562>:	mov    0x8(%rsp),%rsi
>   0x00007f9dc829e70f <+1567>:	jbe    0x7f9dc829e776 <g_slice_alloc+1670>
>   0x00007f9dc829e711 <+1569>:	mov    %rax,%r15
>   0x00007f9dc829e714 <+1572>:	mov    $0x1,%r13d
>   0x00007f9dc829e71a <+1578>:	nopw   0x0(%rax,%rax,1)
>   0x00007f9dc829e720 <+1584>:	mov    0x10(%rsp),%rdi
>   0x00007f9dc829e725 <+1589>:	add    $0x1,%r13
>   0x00007f9dc829e729 <+1593>:	mov    %rsi,0x8(%rsp)
>   0x00007f9dc829e72e <+1598>:	callq  0x7f9dc829d680 <slab_allocator_alloc_chunk>
>   0x00007f9dc829e733 <+1603>:	cmp    %r14,%r13
>   0x00007f9dc829e736 <+1606>:	mov    %rax,(%r15)
>   0x00007f9dc829e739 <+1609>:	mov    0x8(%rsp),%rsi
>   0x00007f9dc829e73e <+1614>:	movq   $0x0,0x8(%rax)
>   0x00007f9dc829e746 <+1622>:	mov    %rax,%r15
>   0x00007f9dc829e749 <+1625>:	jne    0x7f9dc829e720 <g_slice_alloc+1584>
>   0x00007f9dc829e74b <+1627>:	lea    0x2d1c8e(%rip),%rdi        # 0x7f9dc85703e0 <allocator+96>
>   0x00007f9dc829e752 <+1634>:	movq   $0x0,(%rax)
>   0x00007f9dc829e759 <+1641>:	mov    %rsi,0x8(%rsp)
>   0x00007f9dc829e75e <+1646>:	callq  0x7f9dc82c61b0 <g_mutex_unlock>
>   0x00007f9dc829e763 <+1651>:	mov    %r14,0x8(%rbp)
>   0x00007f9dc829e767 <+1655>:	mov    0x18(%rsp),%r15
>   0x00007f9dc829e76c <+1660>:	mov    0x8(%rsp),%rsi
>   0x00007f9dc829e771 <+1665>:	jmpq   0x7f9dc829e48a <g_slice_alloc+922>
>   0x00007f9dc829e776 <+1670>:	mov    0x18(%rsp),%rax
>   0x00007f9dc829e77b <+1675>:	mov    $0x1,%r14d
>   0x00007f9dc829e781 <+1681>:	jmp    0x7f9dc829e74b <g_slice_alloc+1627>
>End of assembler dump.
>== EXPLOITABLE ==

Actions: View

Attachments on bug 1216959: 1020053 | 1020054 | 1020055 | 1020056 | 1020057 | 1020058 | 1020059 | 1020060 | 1020061 | 1020062