[New LWP 5541] [New LWP 5553] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `gnome-session-selector'. Program terminated with signal 11, Segmentation fault. #0 0x00007fa39418bd2d in gtk_tree_model_get_valist (tree_model=tree_model@entry=0xab9480, iter=iter@entry=0x7ffecba19020, var_args=var_args@entry=0x7ffecba18f20) at gtktreemodel.c:1797 1797 G_VALUE_LCOPY (&value, var_args, 0, &error); Thread 2 (Thread 0x7fa382f70700 (LWP 5553)): #0 0x00007fa391dfac3d in poll () from /lib64/libc.so.6 No symbol table info available. #1 0x00007fa392119a84 in g_main_context_poll (priority=2147483647, n_fds=2, fds=0x7fa37c0010c0, timeout=-1, context=0x95b460) at gmain.c:4074 poll_func = 0x7fa3921289d0 #2 g_main_context_iterate (context=0x95b460, block=block@entry=1, dispatch=dispatch@entry=1, self=) at gmain.c:3774 max_priority = 2147483647 timeout = -1 some_ready = nfds = 2 allocated_nfds = 2 fds = 0x7fa37c0010c0 #3 0x00007fa392119dca in g_main_loop_run (loop=0x95b3f0) at gmain.c:3973 __FUNCTION__ = "g_main_loop_run" #4 0x00007fa392ba3336 in gdbus_shared_thread_func (user_data=0x95b430) at gdbusprivate.c:273 data = 0x95b430 #5 0x00007fa39213f4f5 in g_thread_proxy (data=0x8e2cf0) at gthread.c:764 thread = 0x8e2cf0 #6 0x00007fa390824dc5 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #7 0x00007fa391e0528d in clone () from /lib64/libc.so.6 No symbol table info available. Thread 1 (Thread 0x7fa3949489c0 (LWP 5541)): #0 0x00007fa39418bd2d in gtk_tree_model_get_valist (tree_model=tree_model@entry=0xab9480, iter=iter@entry=0x7ffecba19020, var_args=var_args@entry=0x7ffecba18f20) at gtktreemodel.c:1797 _value = 0x7ffecba18e70 _flags = 0 _value_type = _vtable = _cvalues = {{v_int = -1, v_long = 4294967295, v_int64 = 4294967295, v_double = 2.1219957904712067e-314, v_pointer = 0xffffffff}, {v_int = -1810322739, v_long = 140340541041357, v_int64 = 140340541041357, v_double = 6.9337440047308013e-310, v_pointer = 0x7fa39418aacd }, {v_int = -1813243744, v_long = 140340538120352, v_int64 = 140340538120352, v_double = 6.9337438604139791e-310, v_pointer = 0x7fa393ec18a0}, {v_int = -1801988520, v_long = 140340549375576, v_int64 = 140340549375576, v_double = 6.9337444164959306e-310, v_pointer = 0x7fa39497d658}, {v_int = 11244560, v_long = 11244560, v_int64 = 11244560, v_double = 5.5555507986006472e-317, v_pointer = 0xab9410}, {v_int = -1810281805, v_long = 140340541082291, v_int64 = 140340541082291, v_double = 6.9337440067532096e-310, v_pointer = 0x7fa394194ab3 }, {v_int = -878604592, v_long = 140732314783440, v_int64 = 140732314783440, v_double = 6.9531001994213892e-310, v_pointer = 0x7ffecba18ed0}, {v_int = 0, v_long = 0, v_int64 = 0, v_double = 0, v_pointer = 0x0}} _lcopy_format = _n_values = value = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}} error = 0x0 column = 0 __FUNCTION__ = "gtk_tree_model_get_valist" #1 0x00007fa39418c059 in gtk_tree_model_get (tree_model=0xab9480, iter=iter@entry=0x7ffecba19020) at gtktreemodel.c:1759 var_args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7ffecba19010, reg_save_area = 0x7ffecba18f40}} __FUNCTION__ = "gtk_tree_model_get" #2 0x000000000040324f in select_session (name=name@entry=0xa464d0 "Session 1") at gnome-session-selector.c:576 iter = {stamp = 0, user_data = 0x0, user_data2 = 0x0, user_data3 = 0x0} n = 0x7fa39211f37f "\220[\303fffff.\017\037\204" #3 0x0000000000403c96 in create_session_and_begin_rename () at gnome-session-selector.c:597 name = 0xa464d0 "Session 1" #4 0x0000000000402e23 in main (argc=1, argv=0x7ffecba191f8) at gnome-session-selector.c:902 window = widget = label = 0x9df630 cell = column = selection = error = 0x0 selected_session = 0x0 action = 0x40432f "load" remaining_args = 0x0 entries = {{long_name = 0x404480 "action", short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_STRING, arg_data = 0x6063b0 , description = 0x404890 "What to do with session selection (save|load|print)", arg_description = 0x0}, {long_name = 0x40447f "", short_name = 0 '\000', flags = 0, arg = G_OPTION_ARG_STRING_ARRAY, arg_data = 0x6063a8 , description = 0x404487 "[session-name]", arg_description = 0x0}} From To Syms Read Shared Object Library 0x00007fa393f25e10 0x00007fa39421e5ac Yes /lib64/libgtk-3.so.0 0x00007fa393c2cb60 0x00007fa393c7036c Yes /lib64/libgdk-3.so.0 0x00007fa3939f5fe0 0x00007fa393a027c4 Yes /lib64/libatk-1.0.so.0 0x00007fa3937e28b0 0x00007fa3937e7418 Yes /lib64/libpangocairo-1.0.so.0 0x00007fa3935bf5b0 0x00007fa3935d427c Yes /lib64/libgdk_pixbuf-2.0.so.0 0x00007fa3933b2560 0x00007fa3933b3594 Yes /lib64/libcairo-gobject.so.2 0x00007fa393170e20 0x00007fa39318fbd8 Yes /lib64/libpango-1.0.so.0 0x00007fa392e509f0 0x00007fa392f21878 Yes /lib64/libcairo.so.2 0x00007fa392afad00 0x00007fa392bc678c Yes /lib64/libgio-2.0.so.0 0x00007fa3928a95e0 0x00007fa3928bb884 Yes /lib64/libdbus-glib-1.so.2 0x00007fa39265e840 0x00007fa3926887b4 Yes /lib64/libdbus-1.so.3 0x00007fa392411de0 0x00007fa39243ff38 Yes /lib64/libgobject-2.0.so.0 0x00007fa3920ea630 0x00007fa39218504c Yes /lib64/libglib-2.0.so.0 0x00007fa391d2e3e0 0x00007fa391e71c10 Yes (*) /lib64/libc.so.6 0x00007fa391b0c190 0x00007fa391b0d078 Yes /lib64/libgmodule-2.0.so.0 0x00007fa3917eafd0 0x00007fa391871cdc Yes /lib64/libX11.so.6 0x00007fa3915bf230 0x00007fa3915c95f8 Yes /lib64/libXi.so.6 0x00007fa3913b85f0 0x00007fa3913ba948 Yes /lib64/libXfixes.so.3 0x00007fa391195ac0 0x00007fa3911a8844 Yes /lib64/libatk-bridge-2.0.so.0 0x00007fa390f7e330 0x00007fa390f868cc Yes /lib64/libpangoft2-1.0.so.0 0x00007fa390d41ca0 0x00007fa390d5efcc Yes /lib64/libfontconfig.so.1 0x00007fa390a3e4b0 0x00007fa390aa89e8 Yes (*) /lib64/libm.so.6 0x00007fa3908228a0 0x00007fa39082d514 Yes (*) /lib64/libpthread.so.0 0x00007fa39061abb0 0x00007fa39061b510 Yes /lib64/libXinerama.so.1 0x00007fa390411c00 0x00007fa3904175c0 Yes /lib64/libXrandr.so.2 0x00007fa390207ab0 0x00007fa39020c680 Yes /lib64/libXcursor.so.1 0x00007fa390002cd0 0x00007fa3900036e8 Yes /lib64/libXcomposite.so.1 0x00007fa38fdffc40 0x00007fa38fe0056c Yes /lib64/libXdamage.so.1 0x00007fa38fbf0770 0x00007fa38fbfa470 Yes /lib64/libXext.so.6 0x00007fa38f9eb6b0 0x00007fa38f9eb81c Yes /lib64/libgthread-2.0.so.0 0x00007fa38f798f30 0x00007fa38f7cfebc Yes /lib64/libharfbuzz.so.0 0x00007fa38f4f8ec0 0x00007fa38f565104 Yes /lib64/libfreetype.so.6 0x00007fa38f2c5f50 0x00007fa38f2e1700 Yes /lib64/libpng15.so.15 0x00007fa38f01e370 0x00007fa38f0a7cd0 Yes /lib64/libpixman-1.so.0 0x00007fa38edf8000 0x00007fa38ee094ba Yes /lib64/libEGL.so.1 0x00007fa38ebefed0 0x00007fa38ebf09d0 Yes (*) /lib64/libdl.so.2 0x00007fa38e9ebdf0 0x00007fa38e9ec8f4 Yes /lib64/libxcb-shm.so.0 0x00007fa38e7e4610 0x00007fa38e7e7a4c Yes /lib64/libxcb-render.so.0 0x00007fa38e5c8cc0 0x00007fa38e5d72a8 Yes /lib64/libxcb.so.1 0x00007fa38e3b6b70 0x00007fa38e3bcbe8 Yes /lib64/libXrender.so.1 0x00007fa38e1a1170 0x00007fa38e1ad6f0 Yes /lib64/libz.so.1 0x00007fa38df1ffe0 0x00007fa38df7c1f2 Yes /lib64/libGL.so.1 0x00007fa38dd022c0 0x00007fa38dd050bc Yes (*) /lib64/librt.so.1 0x00007fa38daf9870 0x00007fa38dafe008 Yes /lib64/libffi.so.6 0x00007fa38d8d94a0 0x00007fa38d8ec26c Yes /lib64/libselinux.so.1 0x00007fa38d6bca40 0x00007fa38d6cb714 Yes (*) /lib64/libresolv.so.2 0x00007fa39475dae0 0x00007fa39477827a Yes (*) /lib64/ld-linux-x86-64.so.2 0x00007fa38d49dc90 0x00007fa38d4ad958 Yes /lib64/libatspi.so.0 0x00007fa38d26be00 0x00007fa38d284cdc Yes /lib64/libexpat.so.1 No /lib64/libgraphite2.so.3 0x00007fa38ce4a600 0x00007fa38ce4a70c Yes /lib64/libX11-xcb.so.1 0x00007fa38cc46920 0x00007fa38cc47a78 Yes /lib64/libxcb-dri2.so.0 0x00007fa38ca3f830 0x00007fa38ca41c48 Yes /lib64/libxcb-xfixes.so.0 0x00007fa38c83a020 0x00007fa38c83abc8 Yes /lib64/libxcb-shape.so.0 0x00007fa38c62f0d0 0x00007fa38c633ec4 Yes /lib64/libgbm.so.1 0x00007fa38c423400 0x00007fa38c429484 Yes /lib64/libdrm.so.2 0x00007fa38c21cec0 0x00007fa38c21dbdc Yes /lib64/libXau.so.6 0x00007fa38bff88c0 0x00007fa38c00357e Yes /lib64/libglapi.so.0 0x00007fa38bdde020 0x00007fa38bde5dd8 Yes /lib64/libxcb-glx.so.0 0x00007fa38bbd1d50 0x00007fa38bbd24e4 Yes /lib64/libxcb-dri3.so.0 0x00007fa38b9cec50 0x00007fa38b9cf428 Yes /lib64/libxcb-present.so.0 0x00007fa38b7c5bd0 0x00007fa38b7c9a34 Yes /lib64/libxcb-randr.so.0 0x00007fa38b5bb060 0x00007fa38b5bcffc Yes /lib64/libxcb-sync.so.1 0x00007fa38b3b6990 0x00007fa38b3b6c6c Yes /lib64/libxshmfence.so.1 0x00007fa38b1b1010 0x00007fa38b1b3958 Yes /lib64/libXxf86vm.so.1 0x00007fa38af505f0 0x00007fa38af95720 Yes /lib64/libpcre.so.1 0x00007fa38ad2cf30 0x00007fa38ad42e90 Yes /lib64/liblzma.so.5 0x00007fa38ab16af0 0x00007fa38ab26298 Yes /lib64/libgcc_s.so.1 0x00007fa3843c5df0 0x00007fa3843e05c8 Yes /usr/lib64/gio/modules/libgvfsdbus.so 0x00007fa38418fd20 0x00007fa3841a7c78 Yes /usr/lib64/gvfs/libgvfscommon.so 0x00007fa383f57390 0x00007fa383f728cc Yes /lib64/libbluray.so.1 0x00007fa39496aee0 0x00007fa3949746ad Yes (*) /lib64/libudev.so.1 0x00007fa383d51f10 0x00007fa383d52804 Yes (*) /lib64/libutil.so.1 0x00007fa383a168d0 0x00007fa383afed90 Yes /lib64/libxml2.so.2 0x00007fa3837e4620 0x00007fa3837e5e58 Yes /lib64/libcap.so.2 0x00007fa3835a5780 0x00007fa3835d47ec Yes /lib64/libdw.so.1 0x00007fa3833983d0 0x00007fa38339a40c Yes /lib64/libattr.so.1 0x00007fa383183b70 0x00007fa3831919c8 Yes /lib64/libelf.so.1 0x00007fa382f72760 0x00007fa382f7e5f0 Yes /lib64/libbz2.so.1 (*): Shared library is missing debugging information. $1 = 0x0 $2 = 0x0 rax 0x0 0 rbx 0x7ffecba18f20 140732314783520 rcx 0x9ae380 10150784 rdx 0x7fa3920c9790 140340506695568 rsi 0x5 5 rdi 0x7ffecba18e90 140732314783376 rbp 0xab9480 0xab9480 rsp 0x7ffecba18e60 0x7ffecba18e60 r8 0x9ae230 10150448 r9 0x1 1 r10 0x0 0 r11 0x0 0 r12 0x7ffecba18e90 140732314783376 r13 0x7ffecba18e70 140732314783344 r14 0x7ffecba19020 140732314783776 r15 0x7fa394284220 140340542063136 rip 0x7fa39418bd2d 0x7fa39418bd2d eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 Dump of assembler code for function gtk_tree_model_get_valist: 0x00007fa39418bc10 <+0>: push %r15 0x00007fa39418bc12 <+2>: push %r14 0x00007fa39418bc14 <+4>: mov %rsi,%r14 0x00007fa39418bc17 <+7>: push %r13 0x00007fa39418bc19 <+9>: push %r12 0x00007fa39418bc1b <+11>: push %rbp 0x00007fa39418bc1c <+12>: mov %rdi,%rbp 0x00007fa39418bc1f <+15>: push %rbx 0x00007fa39418bc20 <+16>: mov %rdx,%rbx 0x00007fa39418bc23 <+19>: sub $0x88,%rsp 0x00007fa39418bc2a <+26>: mov %fs:0x28,%rax 0x00007fa39418bc33 <+35>: mov %rax,0x78(%rsp) 0x00007fa39418bc38 <+40>: xor %eax,%eax 0x00007fa39418bc3a <+42>: callq 0x7fa394189790 0x00007fa39418bc3f <+47>: test %rbp,%rbp 0x00007fa39418bc42 <+50>: je 0x7fa39418bc61 0x00007fa39418bc44 <+52>: mov 0x0(%rbp),%rdx 0x00007fa39418bc48 <+56>: test %rdx,%rdx 0x00007fa39418bc4b <+59>: je 0x7fa39418bc52 0x00007fa39418bc4d <+61>: cmp (%rdx),%rax 0x00007fa39418bc50 <+64>: je 0x7fa39418bca8 0x00007fa39418bc52 <+66>: mov %rax,%rsi 0x00007fa39418bc55 <+69>: mov %rbp,%rdi 0x00007fa39418bc58 <+72>: callq 0x7fa393f227c0 0x00007fa39418bc5d <+77>: test %eax,%eax 0x00007fa39418bc5f <+79>: jne 0x7fa39418bca8 0x00007fa39418bc61 <+81>: lea 0xa9078(%rip),%rdx # 0x7fa394234ce0 0x00007fa39418bc68 <+88>: lea 0xf8841(%rip),%rsi # 0x7fa3942844b0 <__FUNCTION__.39548> 0x00007fa39418bc6f <+95>: lea 0x92962(%rip),%rdi # 0x7fa39421e5d8 0x00007fa39418bc76 <+102>: callq 0x7fa393f21c30 0x00007fa39418bc7b <+107>: mov 0x78(%rsp),%rax 0x00007fa39418bc80 <+112>: xor %fs:0x28,%rax 0x00007fa39418bc89 <+121>: jne 0x7fa39418bf43 0x00007fa39418bc8f <+127>: add $0x88,%rsp 0x00007fa39418bc96 <+134>: pop %rbx 0x00007fa39418bc97 <+135>: pop %rbp 0x00007fa39418bc98 <+136>: pop %r12 0x00007fa39418bc9a <+138>: pop %r13 0x00007fa39418bc9c <+140>: pop %r14 0x00007fa39418bc9e <+142>: pop %r15 0x00007fa39418bca0 <+144>: retq 0x00007fa39418bca1 <+145>: nopl 0x0(%rax) 0x00007fa39418bca8 <+152>: test %r14,%r14 0x00007fa39418bcab <+155>: je 0x7fa39418bec0 0x00007fa39418bcb1 <+161>: mov (%rbx),%edx 0x00007fa39418bcb3 <+163>: cmp $0x30,%edx 0x00007fa39418bcb6 <+166>: jae 0x7fa39418be50 0x00007fa39418bcbc <+172>: mov %edx,%eax 0x00007fa39418bcbe <+174>: add 0x10(%rbx),%rax 0x00007fa39418bcc2 <+178>: add $0x8,%edx 0x00007fa39418bcc5 <+181>: mov %edx,(%rbx) 0x00007fa39418bcc7 <+183>: mov (%rax),%edx 0x00007fa39418bcc9 <+185>: cmp $0xffffffff,%edx 0x00007fa39418bccc <+188>: je 0x7fa39418bc7b 0x00007fa39418bcce <+190>: lea 0x10(%rsp),%r13 0x00007fa39418bcd3 <+195>: lea 0x30(%rsp),%r12 0x00007fa39418bcd8 <+200>: lea 0xf8541(%rip),%r15 # 0x7fa394284220 0x00007fa39418bcdf <+207>: mov %rbp,%rdi 0x00007fa39418bce2 <+210>: mov %edx,0x8(%rsp) 0x00007fa39418bce6 <+214>: movq $0x0,0x10(%rsp) 0x00007fa39418bcef <+223>: movq $0x0,0x18(%rsp) 0x00007fa39418bcf8 <+232>: movq $0x0,0x20(%rsp) 0x00007fa39418bd01 <+241>: callq 0x7fa39418a640 0x00007fa39418bd06 <+246>: mov 0x8(%rsp),%edx 0x00007fa39418bd0a <+250>: cmp %edx,%eax 0x00007fa39418bd0c <+252>: jle 0x7fa39418bedf 0x00007fa39418bd12 <+258>: mov %r13,%rcx 0x00007fa39418bd15 <+261>: mov %r14,%rsi 0x00007fa39418bd18 <+264>: mov %rbp,%rdi 0x00007fa39418bd1b <+267>: callq 0x7fa39418acd0 0x00007fa39418bd20 <+272>: mov 0x10(%rsp),%rdi 0x00007fa39418bd25 <+277>: callq 0x7fa393f1e650 0x00007fa39418bd2a <+282>: mov %r12,%rdi => 0x00007fa39418bd2d <+285>: mov 0x30(%rax),%rdx 0x00007fa39418bd31 <+289>: mov %rax,%r10 0x00007fa39418bd34 <+292>: mov $0x8,%ecx 0x00007fa39418bd39 <+297>: xor %eax,%eax 0x00007fa39418bd3b <+299>: xor %r8d,%r8d 0x00007fa39418bd3e <+302>: rep stos %rax,%es:(%rdi) 0x00007fa39418bd41 <+305>: movzbl (%rdx,%r8,1),%ecx 0x00007fa39418bd46 <+310>: test %cl,%cl 0x00007fa39418bd48 <+312>: je 0x7fa39418bd99 0x00007fa39418bd4a <+314>: sub $0x64,%ecx 0x00007fa39418bd4d <+317>: mov %r8d,%eax 0x00007fa39418bd50 <+320>: cmp $0xd,%cl 0x00007fa39418bd53 <+323>: lea (%r12,%rax,8),%rax 0x00007fa39418bd57 <+327>: ja 0x7fa39418be28 0x00007fa39418bd5d <+333>: movzbl %cl,%ecx 0x00007fa39418bd60 <+336>: movslq (%r15,%rcx,4),%rcx 0x00007fa39418bd64 <+340>: add %r15,%rcx 0x00007fa39418bd67 <+343>: jmpq *%rcx 0x00007fa39418bd69 <+345>: nopl 0x0(%rax) 0x00007fa39418bd70 <+352>: mov (%rbx),%ecx 0x00007fa39418bd72 <+354>: cmp $0x30,%ecx 0x00007fa39418bd75 <+357>: jae 0x7fa39418be68 0x00007fa39418bd7b <+363>: mov %ecx,%esi 0x00007fa39418bd7d <+365>: add 0x10(%rbx),%rsi 0x00007fa39418bd81 <+369>: add $0x8,%ecx 0x00007fa39418bd84 <+372>: mov %ecx,(%rbx) 0x00007fa39418bd86 <+374>: mov (%rsi),%rcx 0x00007fa39418bd89 <+377>: mov %rcx,(%rax) 0x00007fa39418bd8c <+380>: add $0x1,%r8 0x00007fa39418bd90 <+384>: movzbl (%rdx,%r8,1),%ecx 0x00007fa39418bd95 <+389>: test %cl,%cl 0x00007fa39418bd97 <+391>: jne 0x7fa39418bd4a 0x00007fa39418bd99 <+393>: xor %ecx,%ecx 0x00007fa39418bd9b <+395>: mov %r12,%rdx 0x00007fa39418bd9e <+398>: mov %r8d,%esi 0x00007fa39418bda1 <+401>: mov %r13,%rdi 0x00007fa39418bda4 <+404>: callq *0x38(%r10) 0x00007fa39418bda8 <+408>: test %rax,%rax 0x00007fa39418bdab <+411>: jne 0x7fa39418bf08 0x00007fa39418bdb1 <+417>: mov %r13,%rdi 0x00007fa39418bdb4 <+420>: callq 0x7fa393f1dfc0 0x00007fa39418bdb9 <+425>: mov (%rbx),%edx 0x00007fa39418bdbb <+427>: cmp $0x30,%edx 0x00007fa39418bdbe <+430>: jae 0x7fa39418bea8 0x00007fa39418bdc4 <+436>: mov %edx,%eax 0x00007fa39418bdc6 <+438>: add 0x10(%rbx),%rax 0x00007fa39418bdca <+442>: add $0x8,%edx 0x00007fa39418bdcd <+445>: mov %edx,(%rbx) 0x00007fa39418bdcf <+447>: mov (%rax),%edx 0x00007fa39418bdd1 <+449>: cmp $0xffffffff,%edx 0x00007fa39418bdd4 <+452>: jne 0x7fa39418bcdf 0x00007fa39418bdda <+458>: jmpq 0x7fa39418bc7b 0x00007fa39418bddf <+463>: nop 0x00007fa39418bde0 <+464>: mov (%rbx),%ecx 0x00007fa39418bde2 <+466>: cmp $0x30,%ecx 0x00007fa39418bde5 <+469>: jae 0x7fa39418be90 0x00007fa39418bdeb <+475>: mov %ecx,%esi 0x00007fa39418bded <+477>: add 0x10(%rbx),%rsi 0x00007fa39418bdf1 <+481>: add $0x8,%ecx 0x00007fa39418bdf4 <+484>: mov %ecx,(%rbx) 0x00007fa39418bdf6 <+486>: mov (%rsi),%ecx 0x00007fa39418bdf8 <+488>: mov %ecx,(%rax) 0x00007fa39418bdfa <+490>: jmp 0x7fa39418bd8c 0x00007fa39418bdfc <+492>: nopl 0x0(%rax) 0x00007fa39418be00 <+496>: mov 0x4(%rbx),%ecx 0x00007fa39418be03 <+499>: cmp $0xb0,%ecx 0x00007fa39418be09 <+505>: jae 0x7fa39418be80 0x00007fa39418be0b <+507>: mov %ecx,%esi 0x00007fa39418be0d <+509>: add 0x10(%rbx),%rsi 0x00007fa39418be11 <+513>: add $0x10,%ecx 0x00007fa39418be14 <+516>: mov %ecx,0x4(%rbx) 0x00007fa39418be17 <+519>: movsd (%rsi),%xmm0 0x00007fa39418be1b <+523>: movsd %xmm0,(%rax) 0x00007fa39418be1f <+527>: jmpq 0x7fa39418bd8c 0x00007fa39418be24 <+532>: nopl 0x0(%rax) 0x00007fa39418be28 <+536>: lea 0xf8681(%rip),%rcx # 0x7fa3942844b0 <__FUNCTION__.39548> 0x00007fa39418be2f <+543>: lea 0xf819d(%rip),%rsi # 0x7fa394283fd3 0x00007fa39418be36 <+550>: lea 0x9279b(%rip),%rdi # 0x7fa39421e5d8 0x00007fa39418be3d <+557>: xor %r8d,%r8d 0x00007fa39418be40 <+560>: mov $0x705,%edx 0x00007fa39418be45 <+565>: callq 0x7fa393f206c0 0x00007fa39418be4a <+570>: nopw 0x0(%rax,%rax,1) 0x00007fa39418be50 <+576>: mov 0x8(%rbx),%rax 0x00007fa39418be54 <+580>: lea 0x8(%rax),%rdx 0x00007fa39418be58 <+584>: mov %rdx,0x8(%rbx) 0x00007fa39418be5c <+588>: jmpq 0x7fa39418bcc7 0x00007fa39418be61 <+593>: nopl 0x0(%rax) 0x00007fa39418be68 <+600>: mov 0x8(%rbx),%rsi 0x00007fa39418be6c <+604>: lea 0x8(%rsi),%rcx 0x00007fa39418be70 <+608>: mov %rcx,0x8(%rbx) 0x00007fa39418be74 <+612>: jmpq 0x7fa39418bd86 0x00007fa39418be79 <+617>: nopl 0x0(%rax) 0x00007fa39418be80 <+624>: mov 0x8(%rbx),%rsi 0x00007fa39418be84 <+628>: lea 0x8(%rsi),%rcx 0x00007fa39418be88 <+632>: mov %rcx,0x8(%rbx) 0x00007fa39418be8c <+636>: jmp 0x7fa39418be17 0x00007fa39418be8e <+638>: xchg %ax,%ax 0x00007fa39418be90 <+640>: mov 0x8(%rbx),%rsi 0x00007fa39418be94 <+644>: lea 0x8(%rsi),%rcx 0x00007fa39418be98 <+648>: mov %rcx,0x8(%rbx) 0x00007fa39418be9c <+652>: jmpq 0x7fa39418bdf6 0x00007fa39418bea1 <+657>: nopl 0x0(%rax) 0x00007fa39418bea8 <+664>: mov 0x8(%rbx),%rax 0x00007fa39418beac <+668>: lea 0x8(%rax),%rdx 0x00007fa39418beb0 <+672>: mov %rdx,0x8(%rbx) 0x00007fa39418beb4 <+676>: jmpq 0x7fa39418bdcf 0x00007fa39418beb9 <+681>: nopl 0x0(%rax) 0x00007fa39418bec0 <+688>: lea 0xfbe37(%rip),%rdx # 0x7fa394287cfe 0x00007fa39418bec7 <+695>: lea 0xf85e2(%rip),%rsi # 0x7fa3942844b0 <__FUNCTION__.39548> 0x00007fa39418bece <+702>: lea 0x92703(%rip),%rdi # 0x7fa39421e5d8 0x00007fa39418bed5 <+709>: callq 0x7fa393f21c30 0x00007fa39418beda <+714>: jmpq 0x7fa39418bc7b 0x00007fa39418bedf <+719>: mov %edx,%r8d 0x00007fa39418bee2 <+722>: lea 0xf80d6(%rip),%rcx # 0x7fa394283fbf 0x00007fa39418bee9 <+729>: lea 0xf8298(%rip),%rdx # 0x7fa394284188 0x00007fa39418bef0 <+736>: lea 0x926e1(%rip),%rdi # 0x7fa39421e5d8 0x00007fa39418bef7 <+743>: mov $0x10,%esi 0x00007fa39418befc <+748>: xor %eax,%eax 0x00007fa39418befe <+750>: callq 0x7fa393f25670 0x00007fa39418bf03 <+755>: jmpq 0x7fa39418bc7b 0x00007fa39418bf08 <+760>: lea 0xf80d3(%rip),%rcx # 0x7fa394283fe2 0x00007fa39418bf0f <+767>: lea 0xb4233(%rip),%rdx # 0x7fa394240149 0x00007fa39418bf16 <+774>: lea 0x926bb(%rip),%rdi # 0x7fa39421e5d8 0x00007fa39418bf1d <+781>: mov %rax,%r8 0x00007fa39418bf20 <+784>: mov %rax,0x8(%rsp) 0x00007fa39418bf25 <+789>: mov $0x10,%esi 0x00007fa39418bf2a <+794>: xor %eax,%eax 0x00007fa39418bf2c <+796>: callq 0x7fa393f25670 0x00007fa39418bf31 <+801>: mov 0x8(%rsp),%r10 0x00007fa39418bf36 <+806>: mov %r10,%rdi 0x00007fa39418bf39 <+809>: callq 0x7fa393f1dde0 0x00007fa39418bf3e <+814>: jmpq 0x7fa39418bc7b 0x00007fa39418bf43 <+819>: callq 0x7fa393f23270 <__stack_chk_fail@plt> End of assembler dump. == EXPLOITABLE ==