search

CTSRD-CHERI / llvm-project

Fork of LLVM adding CHERI support
46 stars 39 forks source link

Function argument spilled to stack is not recovered properly before use #509

Open pentelbart opened 3 years ago

pentelbart commented 3 years ago

This function in Qt's text engine hits a tag violation on the first line, despite being passed a valid capability.

https://github.com/CTSRD-CHERI/qtbase/blob/d87c8b6da7d65d8e3eafe09972a4a6fc099f9de6/src/gui/text/qtextengine.cpp#L2227

The first use of line here is a tag violation. It looks like line is spilled to the stack early on, but is never recovered. There's a lot of stack allocated after line is spilled (this function allocates a lot of variables on the stack, in loops and nested loops), but later on, when it's to be loaded back into ca5, it doesn't load it from the right place. In this execution, it loaded from 0x3affcfe670 but the capability was stored at 0x3affcfdfb0.

Dump of assembler code for function QTextEngine::justify(QScriptLine const&):
   0x00000000b070d118 <+0>:     cincoffset      csp,csp,-2032
   0x00000000b070d11c <+4>:     sc      cra,2016(sp)
   0x00000000b070d120 <+8>:     sc      cs0,2000(sp)
   0x00000000b070d124 <+12>:    sc      cs1,1984(sp)
   0x00000000b070d128 <+16>:    sc      cs2,1968(sp)
   0x00000000b070d12c <+20>:    sc      cs3,1952(sp)
   0x00000000b070d130 <+24>:    sc      cs4,1936(sp)
   0x00000000b070d134 <+28>:    sc      cs5,1920(sp)
   0x00000000b070d138 <+32>:    sc      cs6,1904(sp)
   0x00000000b070d13c <+36>:    sc      cs7,1888(sp)
   0x00000000b070d140 <+40>:    sc      cs8,1872(sp)
   0x00000000b070d144 <+44>:    sc      cs9,1856(sp)
   0x00000000b070d148 <+48>:    sc      cs10,1840(sp)
   0x00000000b070d14c <+52>:    sc      cs11,1824(sp)
   0x00000000b070d150 <+56>:    cincoffset      cs0,csp,2032
   0x00000000b070d154 <+60>:    sc      ca1,48(sp)
   0x00000000b070d158 <+64>:    lui     a1,0xffff9
   0x00000000b070d15a <+66>:    addiw   a1,a1,-1008
   0x00000000b070d15e <+70>:    cincoffset      csp,csp,a1
   0x00000000b070d162 <+74>:    cgetaddr        a1,csp
   0x00000000b070d166 <+78>:    andi    a1,a1,-32
   0x00000000b070d168 <+80>:    csetaddr        csp,csp,a1
   0x00000000b070d16c <+84>:    li      a2,16
   0x00000000b070d16e <+86>:    lui     a1,0x8
   0x00000000b070d170 <+88>:    addiw   a1,a1,-1280
   0x00000000b070d174 <+92>:    cincoffset      ca1,csp,a1
   0x00000000b070d178 <+96>:    cincoffset      ca3,ca1,0
   0x00000000b070d17c <+100>:   csetbounds      ca3,ca3,a2
   0x00000000b070d180 <+104>:   lui     a1,0x8
   0x00000000b070d182 <+106>:   addiw   a1,a1,-1296
   0x00000000b070d186 <+110>:   cincoffset      ca1,csp,a1
   0x00000000b070d18a <+114>:   cincoffset      ca4,ca1,0
   0x00000000b070d18e <+118>:   csetbounds      ca4,ca4,a2
   0x00000000b070d192 <+122>:   li      a5,4
   0x00000000b070d194 <+124>:   lui     a1,0x8
   0x00000000b070d196 <+126>:   addiw   a1,a1,-1304
   0x00000000b070d19a <+130>:   cincoffset      ca1,csp,a1
   0x00000000b070d19e <+134>:   cincoffset      ca6,ca1,0
   0x00000000b070d1a2 <+138>:   csetbounds      ca6,ca6,a5
   0x00000000b070d1a6 <+142>:   lui     a1,0x8
   0x00000000b070d1a8 <+144>:   addiw   a1,a1,-1312
   0x00000000b070d1ac <+148>:   cincoffset      ca1,csp,a1
   0x00000000b070d1b0 <+152>:   cincoffset      ca7,ca1,0
   0x00000000b070d1b4 <+156>:   csetbounds      ca7,ca7,a5
   0x00000000b070d1b8 <+160>:   lui     a1,0x8
   0x00000000b070d1ba <+162>:   addiw   a1,a1,-1316
   0x00000000b070d1be <+166>:   cincoffset      ca1,csp,a1
   0x00000000b070d1c2 <+170>:   cincoffset      ct0,ca1,0
   0x00000000b070d1c6 <+174>:   csetbounds      ct0,ct0,a5
   0x00000000b070d1ca <+178>:   lui     a1,0x8
   0x00000000b070d1cc <+180>:   addiw   a1,a1,-1320
   0x00000000b070d1d0 <+184>:   cincoffset      ca1,csp,a1
   0x00000000b070d1d4 <+188>:   cincoffset      ct1,ca1,0
   0x00000000b070d1d8 <+192>:   csetbounds      ct1,ct1,a5
   0x00000000b070d1dc <+196>:   lui     a1,0x8
   0x00000000b070d1de <+198>:   addiw   a1,a1,-1324
   0x00000000b070d1e2 <+202>:   cincoffset      ca1,csp,a1
   0x00000000b070d1e6 <+206>:   cincoffset      ct2,ca1,0
   0x00000000b070d1ea <+210>:   csetbounds      ct2,ct2,a5
   0x00000000b070d1ee <+214>:   lui     a1,0x8
   0x00000000b070d1f0 <+216>:   addiw   a1,a1,-1344
   0x00000000b070d1f4 <+220>:   cincoffset      ca1,csp,a1
   0x00000000b070d1f8 <+224>:   cincoffset      ct3,ca1,0
   0x00000000b070d1fc <+228>:   csetbounds      ct3,ct3,a2
   0x00000000b070d200 <+232>:   lui     a1,0x8
   0x00000000b070d202 <+234>:   addiw   a1,a1,-1348
   0x00000000b070d206 <+238>:   cincoffset      ca1,csp,a1
   0x00000000b070d20a <+242>:   cincoffset      ct4,ca1,0
   0x00000000b070d20e <+246>:   csetbounds      ct4,ct4,a5
   0x00000000b070d212 <+250>:   lui     a1,0x8
   0x00000000b070d214 <+252>:   addiw   a1,a1,-1352
   0x00000000b070d218 <+256>:   cincoffset      ca1,csp,a1
   0x00000000b070d21c <+260>:   cincoffset      ct5,ca1,0
   0x00000000b070d220 <+264>:   csetbounds      ct5,ct5,a5
   0x00000000b070d224 <+268>:   lui     a1,0x8
   0x00000000b070d226 <+270>:   addiw   a1,a1,-1356
   0x00000000b070d22a <+274>:   cincoffset      ca1,csp,a1
   0x00000000b070d22e <+278>:   cincoffset      ct6,ca1,0
   0x00000000b070d232 <+282>:   csetbounds      ct6,ct6,a5
   0x00000000b070d236 <+286>:   lui     s1,0x7
   0x00000000b070d238 <+288>:   addiw   s1,s1,32
   0x00000000b070d23c <+292>:   lui     a1,0x1
   0x00000000b070d23e <+294>:   addiw   a1,a1,-1408
   0x00000000b070d242 <+298>:   cincoffset      ca1,csp,a1
   0x00000000b070d246 <+302>:   cincoffset      cs2,ca1,0
   0x00000000b070d24a <+306>:   csetbounds      cs1,cs2,s1
   0x00000000b070d24e <+310>:   lui     a1,0x1
   0x00000000b070d250 <+312>:   addiw   a1,a1,-1412
   0x00000000b070d254 <+316>:   cincoffset      ca1,csp,a1
   0x00000000b070d258 <+320>:   cincoffset      cs2,ca1,0
   0x00000000b070d25c <+324>:   csetbounds      cs2,cs2,a5
   0x00000000b070d260 <+328>:   lui     a1,0x1
   0x00000000b070d262 <+330>:   addiw   a1,a1,-1416
   0x00000000b070d266 <+334>:   cincoffset      ca1,csp,a1
   0x00000000b070d26a <+338>:   cincoffset      cs3,ca1,0
   0x00000000b070d26e <+342>:   csetbounds      cs3,cs3,a5
   0x00000000b070d272 <+346>:   lui     a1,0x1
   0x00000000b070d274 <+348>:   addiw   a1,a1,-1420
   0x00000000b070d278 <+352>:   cincoffset      ca1,csp,a1
   0x00000000b070d27c <+356>:   cincoffset      cs4,ca1,0
   0x00000000b070d280 <+360>:   csetbounds      cs4,cs4,a5
   0x00000000b070d284 <+364>:   lui     a1,0x1
   0x00000000b070d286 <+366>:   addiw   a1,a1,-1440
   0x00000000b070d28a <+370>:   cincoffset      ca1,csp,a1
   0x00000000b070d28e <+374>:   cincoffset      cs5,ca1,0
   0x00000000b070d292 <+378>:   csetbounds      cs5,cs5,a2
   0x00000000b070d296 <+382>:   lui     a1,0x1
   0x00000000b070d298 <+384>:   addiw   a1,a1,-1444
   0x00000000b070d29c <+388>:   cincoffset      ca1,csp,a1
   0x00000000b070d2a0 <+392>:   cincoffset      cs6,ca1,0
   0x00000000b070d2a4 <+396>:   csetbounds      cs6,cs6,a5
   0x00000000b070d2a8 <+400>:   lui     a1,0x1
   0x00000000b070d2aa <+402>:   addiw   a1,a1,-1472
   0x00000000b070d2ae <+406>:   cincoffset      ca1,csp,a1
   0x00000000b070d2b2 <+410>:   cincoffset      cs7,ca1,0
   0x00000000b070d2b6 <+414>:   csetbounds      cs7,cs7,a2
   0x00000000b070d2ba <+418>:   lui     a1,0x1
   0x00000000b070d2bc <+420>:   addiw   a1,a1,-1476
   0x00000000b070d2c0 <+424>:   cincoffset      ca1,csp,a1
   0x00000000b070d2c4 <+428>:   cincoffset      cs8,ca1,0
   0x00000000b070d2c8 <+432>:   csetbounds      cs8,cs8,a5
   0x00000000b070d2cc <+436>:   lui     a1,0x1
   0x00000000b070d2ce <+438>:   addiw   a1,a1,-1480
   0x00000000b070d2d2 <+442>:   cincoffset      ca1,csp,a1
   0x00000000b070d2d6 <+446>:   cincoffset      cs9,ca1,0
   0x00000000b070d2da <+450>:   csetbounds      cs9,cs9,a5
   0x00000000b070d2de <+454>:   lui     a1,0x1
   0x00000000b070d2e0 <+456>:   addiw   a1,a1,-1484
   0x00000000b070d2e4 <+460>:   cincoffset      ca1,csp,a1
   0x00000000b070d2e8 <+464>:   cincoffset      cs10,ca1,0
   0x00000000b070d2ec <+468>:   csetbounds      cs10,cs10,a5
   0x00000000b070d2f0 <+472>:   lui     a1,0x1
   0x00000000b070d2f2 <+474>:   addiw   a1,a1,-1488
   0x00000000b070d2f6 <+478>:   cincoffset      ca1,csp,a1
   0x00000000b070d2fa <+482>:   cincoffset      cs11,ca1,0
   0x00000000b070d2fe <+486>:   csetbounds      cs11,cs11,a5
   0x00000000b070d302 <+490>:   lui     a1,0x1
   0x00000000b070d304 <+492>:   addiw   a1,a1,-1492
   0x00000000b070d308 <+496>:   cincoffset      ca1,csp,a1
   0x00000000b070d30c <+500>:   cincoffset      cra,ca1,0
   0x00000000b070d310 <+504>:   csetbounds      cra,cra,a5
   0x00000000b070d314 <+508>:   lui     a1,0x1
   0x00000000b070d316 <+510>:   addiw   a1,a1,-2016
   0x00000000b070d31a <+514>:   cincoffset      ca1,csp,a1
   0x00000000b070d31e <+518>:   sc      ca0,0(a1) # 0x1000
   0x00000000b070d322 <+522>:   lui     a0,0x1
   0x00000000b070d324 <+524>:   addiw   a0,a0,-1496
   0x00000000b070d328 <+528>:   cincoffset      ca0,csp,a0
   0x00000000b070d32c <+532>:   cincoffset      ca0,ca0,0
   0x00000000b070d330 <+536>:   csetbounds      ca0,ca0,a5
   0x00000000b070d334 <+540>:   lui     a1,0x1
   0x00000000b070d336 <+542>:   addiw   a1,a1,-2032
   0x00000000b070d33a <+546>:   cincoffset      ca1,csp,a1
   0x00000000b070d33e <+550>:   sc      ca0,0(a1) # 0x1000
   0x00000000b070d342 <+554>:   lui     a0,0x1
   0x00000000b070d344 <+556>:   addiw   a0,a0,-1500
   0x00000000b070d348 <+560>:   cincoffset      ca0,csp,a0
   0x00000000b070d34c <+564>:   cincoffset      ca0,ca0,0
   0x00000000b070d350 <+568>:   csetbounds      ca0,ca0,a5
   0x00000000b070d354 <+572>:   lui     a1,0x1
   0x00000000b070d356 <+574>:   addiw   a1,a1,-2048
   0x00000000b070d35a <+578>:   cincoffset      ca1,csp,a1
   0x00000000b070d35e <+582>:   sc      ca0,0(a1) # 0x1000
   0x00000000b070d362 <+586>:   lc      ca1,48(sp)
   0x00000000b070d366 <+590>:   lui     a0,0x1
   0x00000000b070d368 <+592>:   addiw   a0,a0,-1504
   0x00000000b070d36c <+596>:   cincoffset      ca0,csp,a0
   0x00000000b070d370 <+600>:   cincoffset      ca0,ca0,0
   0x00000000b070d374 <+604>:   csetbounds      ca0,ca0,a5
   0x00000000b070d378 <+608>:   sc      ca0,2032(sp)
   0x00000000b070d37c <+612>:   lui     a0,0x1
   0x00000000b070d37e <+614>:   addiw   a0,a0,-1520
   0x00000000b070d382 <+618>:   cincoffset      ca0,csp,a0
   0x00000000b070d386 <+622>:   cincoffset      ca0,ca0,0
   0x00000000b070d38a <+626>:   csetbounds      ca0,ca0,a2
   0x00000000b070d38e <+630>:   lui     a2,0x1
   0x00000000b070d390 <+632>:   addiw   a2,a2,-1524
   0x00000000b070d394 <+636>:   cincoffset      ca2,csp,a2
   0x00000000b070d398 <+640>:   cincoffset      ca2,ca2,0
   0x00000000b070d39c <+644>:   csetbounds      ca2,ca2,a5
   0x00000000b070d3a0 <+648>:   sc      ca0,2016(sp)
   0x00000000b070d3a4 <+652>:   lui     a0,0x1
   0x00000000b070d3a6 <+654>:   addiw   a0,a0,-1528
   0x00000000b070d3aa <+658>:   cincoffset      ca0,csp,a0
   0x00000000b070d3ae <+662>:   cincoffset      ca0,ca0,0
   0x00000000b070d3b2 <+666>:   csetbounds      ca0,ca0,a5
   0x00000000b070d3b6 <+670>:   sc      ca0,2000(sp)
   0x00000000b070d3ba <+674>:   li      a0,96
   0x00000000b070d3be <+678>:   sd      a0,1992(sp)
   0x00000000b070d3c2 <+682>:   lui     a0,0x1
   0x00000000b070d3c4 <+684>:   addiw   a0,a0,-1632
   0x00000000b070d3c8 <+688>:   cincoffset      ca0,csp,a0
   0x00000000b070d3cc <+692>:   cincoffset      ca0,ca0,0
   0x00000000b070d3d0 <+696>:   sc      ca1,1968(sp)
   0x00000000b070d3d4 <+700>:   ld      a1,1992(sp)
   0x00000000b070d3d8 <+704>:   csetbounds      ca0,ca0,a1
   0x00000000b070d3dc <+708>:   lui     a1,0x1
   0x00000000b070d3de <+710>:   addiw   a1,a1,-1636
   0x00000000b070d3e2 <+714>:   cincoffset      ca1,csp,a1
   0x00000000b070d3e6 <+718>:   cincoffset      ca1,ca1,0
   0x00000000b070d3ea <+722>:   csetbounds      ca1,ca1,a5
   0x00000000b070d3ee <+726>:   sc      ca0,1952(sp)
   0x00000000b070d3f2 <+730>:   lui     a0,0x1
   0x00000000b070d3f4 <+732>:   addiw   a0,a0,-1640
   0x00000000b070d3f8 <+736>:   cincoffset      ca0,csp,a0
   0x00000000b070d3fc <+740>:   cincoffset      ca0,ca0,0
   0x00000000b070d400 <+744>:   csetbounds      ca0,ca0,a5
   0x00000000b070d404 <+748>:   sc      ca0,1936(sp)
   0x00000000b070d408 <+752>:   lui     a0,0x1
   0x00000000b070d40a <+754>:   addiw   a0,a0,-1744
   0x00000000b070d40e <+758>:   cincoffset      ca0,csp,a0
   0x00000000b070d412 <+762>:   cincoffset      ca0,ca0,0
   0x00000000b070d416 <+766>:   sc      ca1,1920(sp)
   0x00000000b070d41a <+770>:   ld      a1,1992(sp)
   0x00000000b070d41e <+774>:   csetbounds      ca0,ca0,a1
   0x00000000b070d422 <+778>:   lui     a1,0x1
   0x00000000b070d424 <+780>:   addiw   a1,a1,-1840
   0x00000000b070d428 <+784>:   cincoffset      ca1,csp,a1
   0x00000000b070d42c <+788>:   cincoffset      ca1,ca1,0
   0x00000000b070d430 <+792>:   sc      ca0,1904(sp)
   0x00000000b070d434 <+796>:   ld      a0,1992(sp)
   0x00000000b070d438 <+800>:   csetbounds      ca1,ca1,a0
   0x00000000b070d43c <+804>:   lui     a0,0x1
   0x00000000b070d43e <+806>:   addiw   a0,a0,-1936
   0x00000000b070d442 <+810>:   cincoffset      ca0,csp,a0
   0x00000000b070d446 <+814>:   cincoffset      ca0,ca0,0
   0x00000000b070d44a <+818>:   sc      ca1,1888(sp)
   0x00000000b070d44e <+822>:   ld      a1,1992(sp)
   0x00000000b070d452 <+826>:   csetbounds      ca0,ca0,a1
   0x00000000b070d456 <+830>:   lui     a1,0x1
   0x00000000b070d458 <+832>:   addiw   a1,a1,-1944
   0x00000000b070d45c <+836>:   cincoffset      ca1,csp,a1
   0x00000000b070d460 <+840>:   cincoffset      ca1,ca1,0
   0x00000000b070d464 <+844>:   csetbounds      ca1,ca1,a5
   0x00000000b070d468 <+848>:   sc      ca0,1872(sp)
   0x00000000b070d46c <+852>:   lui     a0,0x1
   0x00000000b070d46e <+854>:   addiw   a0,a0,-1952
   0x00000000b070d472 <+858>:   cincoffset      ca0,csp,a0
   0x00000000b070d476 <+862>:   cincoffset      ca0,ca0,0
   0x00000000b070d47a <+866>:   csetbounds      ca0,ca0,a5
   0x00000000b070d47e <+870>:   sc      ca0,1856(sp)
   0x00000000b070d482 <+874>:   lui     a0,0x1
   0x00000000b070d484 <+876>:   addiw   a0,a0,-1960
   0x00000000b070d488 <+880>:   cincoffset      ca0,csp,a0
   0x00000000b070d48c <+884>:   cincoffset      ca0,ca0,0
   0x00000000b070d490 <+888>:   csetbounds      ca0,ca0,a5
   0x00000000b070d494 <+892>:   sc      ca0,1840(sp)
   0x00000000b070d498 <+896>:   lui     a0,0x1
   0x00000000b070d49a <+898>:   addiw   a0,a0,-1964
   0x00000000b070d49e <+902>:   cincoffset      ca0,csp,a0
   0x00000000b070d4a2 <+906>:   cincoffset      ca0,ca0,0
   0x00000000b070d4a6 <+910>:   csetbounds      ca0,ca0,a5
   0x00000000b070d4aa <+914>:   sc      ca0,1824(sp)
   0x00000000b070d4ae <+918>:   lui     a0,0x1
   0x00000000b070d4b0 <+920>:   addiw   a0,a0,-1968
   0x00000000b070d4b4 <+924>:   cincoffset      ca0,csp,a0
   0x00000000b070d4b8 <+928>:   cincoffset      ca0,ca0,0
   0x00000000b070d4bc <+932>:   csetbounds      ca0,ca0,a5
   0x00000000b070d4c0 <+936>:   sc      ca0,1808(sp)
   0x00000000b070d4c4 <+940>:   lui     a0,0x1
   0x00000000b070d4c6 <+942>:   addiw   a0,a0,-1972
   0x00000000b070d4ca <+946>:   cincoffset      ca0,csp,a0
   0x00000000b070d4ce <+950>:   cincoffset      ca0,ca0,0
   0x00000000b070d4d2 <+954>:   csetbounds      ca0,ca0,a5
   0x00000000b070d4d6 <+958>:   sc      ca0,1792(sp)
   0x00000000b070d4da <+962>:   lui     a0,0x1
   0x00000000b070d4dc <+964>:   addiw   a0,a0,-1976
   0x00000000b070d4e0 <+968>:   cincoffset      ca0,csp,a0
   0x00000000b070d4e4 <+972>:   cincoffset      ca0,ca0,0
   0x00000000b070d4e8 <+976>:   csetbounds      ca0,ca0,a5
   0x00000000b070d4ec <+980>:   sc      ca0,1776(sp)
   0x00000000b070d4f0 <+984>:   lui     a0,0x1
   0x00000000b070d4f2 <+986>:   addiw   a0,a0,-1980
   0x00000000b070d4f6 <+990>:   cincoffset      ca0,csp,a0
   0x00000000b070d4fa <+994>:   cincoffset      ca0,ca0,0
   0x00000000b070d4fe <+998>:   csetbounds      ca0,ca0,a5
   0x00000000b070d502 <+1002>:  sc      ca0,1760(sp)
   0x00000000b070d506 <+1006>:  lui     a0,0x1
   0x00000000b070d508 <+1008>:  addiw   a0,a0,-1984
   0x00000000b070d50c <+1012>:  cincoffset      ca0,csp,a0
   0x00000000b070d510 <+1016>:  cincoffset      ca0,ca0,0
   0x00000000b070d514 <+1020>:  csetbounds      ca0,ca0,a5
   0x00000000b070d518 <+1024>:  sc      ca0,1744(sp)
   0x00000000b070d51c <+1028>:  lui     a0,0x1
   0x00000000b070d51e <+1030>:  addiw   a0,a0,-1988
   0x00000000b070d522 <+1034>:  cincoffset      ca0,csp,a0
   0x00000000b070d526 <+1038>:  cincoffset      ca0,ca0,0
   0x00000000b070d52a <+1042>:  csetbounds      ca0,ca0,a5
   0x00000000b070d52e <+1046>:  sc      ca0,1728(sp)
   0x00000000b070d532 <+1050>:  lui     a0,0x1
   0x00000000b070d534 <+1052>:  addiw   a0,a0,-1992
   0x00000000b070d538 <+1056>:  cincoffset      ca0,csp,a0
   0x00000000b070d53c <+1060>:  cincoffset      ca0,ca0,0
   0x00000000b070d540 <+1064>:  csetbounds      ca0,ca0,a5
   0x00000000b070d544 <+1068>:  sc      ca0,1712(sp)
   0x00000000b070d548 <+1072>:  lui     a0,0x1
   0x00000000b070d54a <+1074>:  addiw   a0,a0,-2000
   0x00000000b070d54e <+1078>:  cincoffset      ca0,csp,a0
   0x00000000b070d552 <+1082>:  cincoffset      ca0,ca0,0
   0x00000000b070d556 <+1086>:  csetbounds      ca0,ca0,a5
   0x00000000b070d55a <+1090>:  lui     a5,0x1
   0x00000000b070d55c <+1092>:  addiw   a5,a5,-2016
   0x00000000b070d560 <+1096>:  cincoffset      ca5,csp,a5
   0x00000000b070d564 <+1100>:  lc      ca5,0(a5) # 0x1000
   0x00000000b070d568 <+1104>:  sc      ca5,0(a3)
   0x00000000b070d56c <+1108>:  lc      ca5,1968(sp)
   0x00000000b070d570 <+1112>:  sc      ca5,0(a4)
   0x00000000b070d574 <+1116>:  lc      ca3,0(a3)
=> 0x00000000b070d578 <+1120>:  lc      ca5,0(a4)
   0x00000000b070d57c <+1124>:  lw      a5,40(a5)
   0x00000000b070d580 <+1128>:  srli    a5,a5,0x1d
   0x00000000b070d582 <+1130>:  andi    a5,a5,1
   0x00000000b070d584 <+1132>:  sc      ca0,1696(sp)
   0x00000000b070d588 <+1136>:  li      a0,0
   0x00000000b070d58a <+1138>:  sc      ca4,1680(sp)
   0x00000000b070d58e <+1142>:  sc      ca6,1664(sp)
   0x00000000b070d592 <+1146>:  sc      ca7,1648(sp)
   0x00000000b070d596 <+1150>:  sc      ct0,1632(sp)
   0x00000000b070d59a <+1154>:  sc      ct1,1616(sp)
   0x00000000b070d59e <+1158>:  sc      ct2,1600(sp)
   0x00000000b070d5a2 <+1162>:  sc      ct3,1584(sp)
   0x00000000b070d5a6 <+1166>:  sc      ct4,1568(sp)
   0x00000000b070d5aa <+1170>:  sc      ct5,1552(sp)
   0x00000000b070d5ae <+1174>:  sc      ct6,1536(sp)
   0x00000000b070d5b2 <+1178>:  sc      cs1,1520(sp)
   0x00000000b070d5b6 <+1182>:  sc      cs2,1504(sp)
   0x00000000b070d5ba <+1186>:  sc      cs3,1488(sp)
   0x00000000b070d5be <+1190>:  sc      cs4,1472(sp)
   0x00000000b070d5c2 <+1194>:  sc      cs5,1456(sp)
   0x00000000b070d5c6 <+1198>:  sc      cs6,1440(sp)
   0x00000000b070d5ca <+1202>:  sc      cs7,1424(sp)
   0x00000000b070d5ce <+1206>:  sc      cs8,1408(sp)
   0x00000000b070d5d2 <+1210>:  sc      cs9,1392(sp)
   0x00000000b070d5d6 <+1214>:  sc      cs10,1376(sp)
   0x00000000b070d5da <+1218>:  sc      cs11,1360(sp)
   0x00000000b070d5de <+1222>:  sc      cra,1344(sp)
   0x00000000b070d5e2 <+1226>:  sc      ca2,1328(sp)
   0x00000000b070d5e6 <+1230>:  sc      ca1,1312(sp)
   0x00000000b070d5ea <+1234>:  sc      ca3,1296(sp)
   0x00000000b070d5ee <+1238>:  beq     a5,a0,0xb070d614 <QTextEngine::justify(QScriptLine const&)+1276>
   0x00000000b070d5f2 <+1242>:  j       0xb070d5f6 <QTextEngine::justify(QScriptLine const&)+1246>
   0x00000000b070d5f6 <+1246>:  lc      ca0,1680(sp)
   0x00000000b070d5fa <+1250>:  lc      ca1,0(a0) # 0x1000
   0x00000000b070d5fe <+1254>:  lw      a1,40(a1) # 0x1028
   0x00000000b070d602 <+1258>:  srli    a1,a1,0x1c
   0x00000000b070d604 <+1260>:  andi    a1,a1,1
   0x00000000b070d606 <+1262>:  li      a2,0
   0x00000000b070d608 <+1264>:  beq     a1,a2,0xb070d614 <QTextEngine::justify(QScriptLine const&)+1276>
   0x00000000b070d60c <+1268>:  j       0xb070d610 <QTextEngine::justify(QScriptLine const&)+1272>
   0x00000000b070d610 <+1272>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d614 <+1276>:  lc      ca0,1680(sp)
   0x00000000b070d618 <+1280>:  lc      ca1,0(a0)
   0x00000000b070d61c <+1284>:  lw      a1,40(a1)
   0x00000000b070d620 <+1288>:  srli    a1,a1,0x1d
   0x00000000b070d622 <+1290>:  andi    a1,a1,1
   0x00000000b070d624 <+1292>:  bnez    a1,0xb070d646 <QTextEngine::justify(QScriptLine const&)+1326>
   0x00000000b070d628 <+1296>:  j       0xb070d62c <QTextEngine::justify(QScriptLine const&)+1300>
   0x00000000b070d62c <+1300>:  lc      ca0,1680(sp)
   0x00000000b070d630 <+1304>:  lc      ca1,0(a0)
   0x00000000b070d634 <+1308>:  lw      a2,40(a1)
   0x00000000b070d638 <+1312>:  lui     a3,0x20000
   0x00000000b070d63c <+1316>:  or      a2,a2,a3
   0x00000000b070d63e <+1318>:  sw      a2,40(a1)
   0x00000000b070d642 <+1322>:  j       0xb070d646 <QTextEngine::justify(QScriptLine const&)+1326>
   0x00000000b070d646 <+1326>:  lc      ca0,1296(sp)
   0x00000000b070d64a <+1330>:  cincoffset      ca0,ca0,160
   0x00000000b070d64e <+1334>:  auipc   a1,0x560
   0x00000000b070d652 <+1338>:  lc      ca1,754(a1) # 0xb0c6d940 <_CHERI_CAPABILITY_TABLE_+179344>
   0x00000000b070d656 <+1342>:  cjalr   cra,ca1
   0x00000000b070d65a <+1346>:  lc      ca1,1648(sp)
   0x00000000b070d65e <+1350>:  sw      a0,0(a1)
   0x00000000b070d662 <+1354>:  auipc   a0,0x556
   0x00000000b070d666 <+1358>:  lc      ca0,-1714(a0) # 0xb0c62fb0 <_CHERI_CAPABILITY_TABLE_+135936>
   0x00000000b070d66a <+1362>:  li      a1,31
   0x00000000b070d66c <+1364>:  lc      ca2,1648(sp)
   0x00000000b070d670 <+1368>:  sc      ca0,1280(sp)
   0x00000000b070d674 <+1372>:  cmove   ca0,ca2
   0x00000000b070d678 <+1376>:  lc      ca3,1280(sp)
   0x00000000b070d67c <+1380>:  cjalr   cra,ca3
   0x00000000b070d680 <+1384>:  lc      ca1,1664(sp)
   0x00000000b070d684 <+1388>:  sw      a0,0(a1)
   0x00000000b070d688 <+1392>:  auipc   a0,0x556
   0x00000000b070d68c <+1396>:  lc      ca0,-1736(a0) # 0xb0c62fc0 <_CHERI_CAPABILITY_TABLE_+135952>
   0x00000000b070d690 <+1400>:  sc      ca0,1264(sp)
   0x00000000b070d694 <+1404>:  cmove   ca0,ca1
   0x00000000b070d698 <+1408>:  lc      ca2,1264(sp)
   0x00000000b070d69c <+1412>:  cjalr   cra,ca2
   0x00000000b070d6a0 <+1416>:  li      a1,8
   0x00000000b070d6a2 <+1418>:  beq     a0,a1,0xb070d6ae <QTextEngine::justify(QScriptLine const&)+1430>
   0x00000000b070d6a6 <+1422>:  j       0xb070d6aa <QTextEngine::justify(QScriptLine const&)+1426>
   0x00000000b070d6aa <+1426>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d6ae <+1430>:  auipc   a0,0x55e
   0x00000000b070d6b2 <+1434>:  lc      ca0,-734(a0) # 0xb0c6b3d0 <_CHERI_CAPABILITY_TABLE_+169760>
   0x00000000b070d6b6 <+1438>:  lc      ca1,1296(sp)
   0x00000000b070d6ba <+1442>:  sc      ca0,1248(sp)
   0x00000000b070d6be <+1446>:  cmove   ca0,ca1
   0x00000000b070d6c2 <+1450>:  lc      ca2,1248(sp)
   0x00000000b070d6c6 <+1454>:  cjalr   cra,ca2
   0x00000000b070d6ca <+1458>:  lc      ca0,1296(sp)
   0x00000000b070d6ce <+1462>:  lb      a1,232(a0)
   0x00000000b070d6d2 <+1466>:  srli    a1,a1,0x3
   0x00000000b070d6d4 <+1468>:  andi    a1,a1,1
   0x00000000b070d6d6 <+1470>:  bnez    a1,0xb070d7ba <QTextEngine::justify(QScriptLine const&)+1698>
   0x00000000b070d6da <+1474>:  j       0xb070d6de <QTextEngine::justify(QScriptLine const&)+1478>
   0x00000000b070d6de <+1478>:  lc      ca0,1680(sp)
   0x00000000b070d6e2 <+1482>:  lc      ca1,0(a0)
   0x00000000b070d6e6 <+1486>:  lw      a2,32(a1)
   0x00000000b070d6ea <+1490>:  lw      a3,40(a1)
   0x00000000b070d6ee <+1494>:  slli    a3,a3,0x24
   0x00000000b070d6f0 <+1496>:  srai    a3,a3,0x24
   0x00000000b070d6f2 <+1498>:  add     a2,a2,a3
   0x00000000b070d6f4 <+1500>:  lhu     a1,36(a1)
   0x00000000b070d6f8 <+1504>:  add     a1,a1,a2
   0x00000000b070d6fa <+1506>:  lc      ca2,1632(sp)
   0x00000000b070d6fe <+1510>:  sw      a1,0(a2) # 0x1000
   0x00000000b070d702 <+1514>:  lw      a1,0(a2)
   0x00000000b070d706 <+1518>:  lc      ca3,1296(sp)
   0x00000000b070d70a <+1522>:  lc      ca4,240(a3) # 0x200000f0
   0x00000000b070d70e <+1526>:  cincoffset      ca0,ca4,176
   0x00000000b070d712 <+1530>:  auipc   a4,0x535
   0x00000000b070d716 <+1534>:  lc      ca4,814(a4) # 0xb0c42a40 <_CHERI_CAPABILITY_TABLE_+3472>
   0x00000000b070d71a <+1538>:  sd      a1,1240(sp)
   0x00000000b070d71e <+1542>:  cjalr   cra,ca4
   0x00000000b070d722 <+1546>:  ld      a1,1240(sp)
   0x00000000b070d726 <+1550>:  bne     a1,a0,0xb070d732 <QTextEngine::justify(QScriptLine const&)+1562>
   0x00000000b070d72a <+1554>:  j       0xb070d72e <QTextEngine::justify(QScriptLine const&)+1558>
   0x00000000b070d72e <+1558>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d732 <+1562>:  lc      ca0,1632(sp)
   0x00000000b070d736 <+1566>:  lw      a1,0(a0)
   0x00000000b070d73a <+1570>:  li      a2,0
   0x00000000b070d73c <+1572>:  beq     a1,a2,0xb070d7b6 <QTextEngine::justify(QScriptLine const&)+1694>
   0x00000000b070d740 <+1576>:  j       0xb070d744 <QTextEngine::justify(QScriptLine const&)+1580>
   0x00000000b070d744 <+1580>:  lc      ca0,1296(sp)
   0x00000000b070d748 <+1584>:  lc      ca0,240(a0)
   0x00000000b070d74c <+1588>:  lc      ca1,1632(sp)
   0x00000000b070d750 <+1592>:  lw      a2,0(a1)
   0x00000000b070d754 <+1596>:  addiw   a1,a2,-1
   0x00000000b070d758 <+1600>:  auipc   a2,0x55f
   0x00000000b070d75c <+1604>:  lc      ca2,984(a2) # 0xb0c6cb30 <_CHERI_CAPABILITY_TABLE_+175744>
   0x00000000b070d760 <+1608>:  li      a3,0
   0x00000000b070d762 <+1610>:  lc      ca4,1296(sp)
   0x00000000b070d766 <+1614>:  sc      ca0,1216(sp)
   0x00000000b070d76a <+1618>:  cmove   ca0,ca4
   0x00000000b070d76e <+1622>:  sc      ca2,1200(sp)
   0x00000000b070d772 <+1626>:  mv      a2,a3
   0x00000000b070d774 <+1628>:  lc      ca3,1200(sp)
   0x00000000b070d778 <+1632>:  cjalr   cra,ca3
   0x00000000b070d77c <+1636>:  auipc   a1,0x55f
   0x00000000b070d780 <+1640>:  lc      ca1,964(a1) # 0xb0c6cb40 <_CHERI_CAPABILITY_TABLE_+175760>
   0x00000000b070d784 <+1644>:  lc      ca2,1216(sp)
   0x00000000b070d788 <+1648>:  sd      a0,1192(sp)
   0x00000000b070d78c <+1652>:  cmove   ca0,ca2
   0x00000000b070d790 <+1656>:  ld      a3,1192(sp)
   0x00000000b070d794 <+1660>:  sc      ca1,1168(sp)
   0x00000000b070d798 <+1664>:  mv      a1,a3
   0x00000000b070d79a <+1666>:  lc      ca4,1168(sp)
   0x00000000b070d79e <+1670>:  cjalr   cra,ca4
   0x00000000b070d7a2 <+1674>:  lhu     a0,4(a0)
   0x00000000b070d7a6 <+1678>:  srli    a0,a0,0xd
   0x00000000b070d7a8 <+1680>:  li      a1,4
   0x00000000b070d7aa <+1682>:  bne     a0,a1,0xb070d7b6 <QTextEngine::justify(QScriptLine const&)+1694>
   0x00000000b070d7ae <+1686>:  j       0xb070d7b2 <QTextEngine::justify(QScriptLine const&)+1690>
   0x00000000b070d7b2 <+1690>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d7b6 <+1694>:  j       0xb070d7ba <QTextEngine::justify(QScriptLine const&)+1698>
   0x00000000b070d7ba <+1698>:  li      a0,0
   0x00000000b070d7bc <+1700>:  lc      ca1,1616(sp)
   0x00000000b070d7c0 <+1704>:  sw      a0,0(a1)
   0x00000000b070d7c4 <+1708>:  lc      ca0,1680(sp)
   0x00000000b070d7c8 <+1712>:  lc      ca2,0(a0)
   0x00000000b070d7cc <+1716>:  lw      a2,40(a2)
   0x00000000b070d7d0 <+1720>:  slli    a2,a2,0x24
   0x00000000b070d7d2 <+1722>:  srai    a2,a2,0x24
   0x00000000b070d7d4 <+1724>:  lc      ca3,1600(sp)
   0x00000000b070d7d8 <+1728>:  sw      a2,0(a3)
   0x00000000b070d7dc <+1732>:  auipc   a2,0x560
   0x00000000b070d7e0 <+1736>:  lc      ca2,372(a2) # 0xb0c6d950 <_CHERI_CAPABILITY_TABLE_+179360>
   0x00000000b070d7e4 <+1740>:  lc      ca0,1296(sp)
   0x00000000b070d7e8 <+1744>:  cjalr   cra,ca2
   0x00000000b070d7ec <+1748>:  lc      ca1,1584(sp)
   0x00000000b070d7f0 <+1752>:  sc      ca0,0(a1)
   0x00000000b070d7f4 <+1756>:  lc      ca0,0(a1)
   0x00000000b070d7f8 <+1760>:  cmove   ca2,cnull
   0x00000000b070d7fc <+1764>:  bne     a0,a2,0xb070d808 <QTextEngine::justify(QScriptLine const&)+1776>
   0x00000000b070d800 <+1768>:  j       0xb070d804 <QTextEngine::justify(QScriptLine const&)+1772>
   0x00000000b070d804 <+1772>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d808 <+1776>:  lc      ca0,1680(sp)
   0x00000000b070d80c <+1780>:  lc      ca1,0(a0)
   0x00000000b070d810 <+1784>:  lw      a1,32(a1)
   0x00000000b070d814 <+1788>:  lc      ca2,1584(sp)
   0x00000000b070d818 <+1792>:  lc      ca3,0(a2)
   0x00000000b070d81c <+1796>:  cincoffset      ca1,ca3,a1
   0x00000000b070d820 <+1800>:  sc      ca1,0(a2)
   0x00000000b070d824 <+1804>:  j       0xb070d828 <QTextEngine::justify(QScriptLine const&)+1808>
   0x00000000b070d828 <+1808>:  lc      ca0,1600(sp)
   0x00000000b070d82c <+1812>:  lw      a1,0(a0)
   0x00000000b070d830 <+1816>:  li      a2,0
   0x00000000b070d832 <+1818>:  mv      a3,a2
   0x00000000b070d834 <+1820>:  sd      a3,1160(sp)
   0x00000000b070d838 <+1824>:  beq     a1,a2,0xb070d866 <QTextEngine::justify(QScriptLine const&)+1870>
   0x00000000b070d83c <+1828>:  j       0xb070d840 <QTextEngine::justify(QScriptLine const&)+1832>
   0x00000000b070d840 <+1832>:  lc      ca0,1584(sp)
   0x00000000b070d844 <+1836>:  lc      ca1,0(a0)
   0x00000000b070d848 <+1840>:  lc      ca2,1600(sp)
   0x00000000b070d84c <+1844>:  lw      a3,0(a2)
   0x00000000b070d850 <+1848>:  addiw   a3,a3,-1
   0x00000000b070d852 <+1850>:  cincoffset      ca1,ca1,a3
   0x00000000b070d856 <+1854>:  lb      a1,0(a1)
   0x00000000b070d85a <+1858>:  srli    a1,a1,0x4
   0x00000000b070d85c <+1860>:  andi    a1,a1,1
   0x00000000b070d85e <+1862>:  sd      a1,1160(sp)
   0x00000000b070d862 <+1866>:  j       0xb070d866 <QTextEngine::justify(QScriptLine const&)+1870>
   0x00000000b070d866 <+1870>:  ld      a0,1160(sp)
   0x00000000b070d86a <+1874>:  andi    a0,a0,1
   0x00000000b070d86c <+1876>:  li      a1,0
   0x00000000b070d86e <+1878>:  beq     a0,a1,0xb070d888 <QTextEngine::justify(QScriptLine const&)+1904>
   0x00000000b070d872 <+1882>:  j       0xb070d876 <QTextEngine::justify(QScriptLine const&)+1886>
   0x00000000b070d876 <+1886>:  lc      ca0,1600(sp)
   0x00000000b070d87a <+1890>:  lw      a1,0(a0)
   0x00000000b070d87e <+1894>:  addi    a1,a1,-1
   0x00000000b070d880 <+1896>:  sw      a1,0(a0)
   0x00000000b070d884 <+1900>:  j       0xb070d828 <QTextEngine::justify(QScriptLine const&)+1808>
   0x00000000b070d888 <+1904>:  lc      ca0,1600(sp)
   0x00000000b070d88c <+1908>:  lw      a1,0(a0)
   0x00000000b070d890 <+1912>:  addi    a1,a1,-1
   0x00000000b070d892 <+1914>:  sw      a1,0(a0)
   0x00000000b070d896 <+1918>:  lw      a1,0(a0)
   0x00000000b070d89a <+1922>:  li      a2,0
   0x00000000b070d89c <+1924>:  blt     a2,a1,0xb070d8a8 <QTextEngine::justify(QScriptLine const&)+1936>
   0x00000000b070d8a0 <+1928>:  j       0xb070d8a4 <QTextEngine::justify(QScriptLine const&)+1932>
   0x00000000b070d8a4 <+1932>:  j       0xb070e9a4 <QTextEngine::justify(QScriptLine const&)+6284>
   0x00000000b070d8a8 <+1936>:  lc      ca0,1680(sp)
   0x00000000b070d8ac <+1940>:  lc      ca1,0(a0)
   0x00000000b070d8b0 <+1944>:  lw      a1,32(a1)
   0x00000000b070d8b4 <+1948>:  auipc   a2,0x55f
   0x00000000b070d8b8 <+1952>:  lc      ca2,636(a2) # 0xb0c6cb30 <_CHERI_CAPABILITY_TABLE_+175744>
   0x00000000b070d8bc <+1956>:  li      a3,0
   0x00000000b070d8be <+1958>:  lc      ca0,1296(sp)
   0x00000000b070d8c2 <+1962>:  sc      ca2,1136(sp)
   0x00000000b070d8c6 <+1966>:  mv      a2,a3
   0x00000000b070d8c8 <+1968>:  lc      ca4,1136(sp)
   0x00000000b070d8cc <+1972>:  sd      a3,1128(sp)
   0x00000000b070d8d0 <+1976>:  cjalr   cra,ca4
   0x00000000b070d8d4 <+1980>:  lc      ca1,1568(sp)
   0x00000000b070d8d8 <+1984>:  sw      a0,0(a1)
   0x00000000b070d8dc <+1988>:  lc      ca0,1680(sp)
   0x00000000b070d8e0 <+1992>:  lc      ca2,0(a0)
   0x00000000b070d8e4 <+1996>:  lw      a2,32(a2)
   0x00000000b070d8e8 <+2000>:  lc      ca3,1600(sp)
   0x00000000b070d8ec <+2004>:  lw      a4,0(a3)
   0x00000000b070d8f0 <+2008>:  add     a2,a2,a4
   0x00000000b070d8f2 <+2010>:  lw      a4,0(a1)
   0x00000000b070d8f6 <+2014>:  addiw   a1,a2,-1
   0x00000000b070d8fa <+2018>:  lc      ca0,1296(sp)
   0x00000000b070d8fe <+2022>:  mv      a2,a4
   0x00000000b070d900 <+2024>:  lc      ca4,1136(sp)
   0x00000000b070d904 <+2028>:  cjalr   cra,ca4
   0x00000000b070d908 <+2032>:  lc      ca1,1552(sp)
   0x00000000b070d90c <+2036>:  sw      a0,0(a1)
   0x00000000b070d910 <+2040>:  lc      ca0,1568(sp)
   0x00000000b070d914 <+2044>:  lw      a2,0(a0)
   0x00000000b070d918 <+2048>:  ld      a3,1128(sp)
   0x00000000b070d91c <+2052>:  blt     a2,a3,0xb070d958 <QTextEngine::justify(QScriptLine const&)+2112>
   0x00000000b070d920 <+2056>:  j       0xb070d924 <QTextEngine::justify(QScriptLine const&)+2060>
   0x00000000b070d924 <+2060>:  lc      ca0,1552(sp)
   0x00000000b070d928 <+2064>:  lw      a1,0(a0)
   0x00000000b070d92c <+2068>:  lc      ca2,1568(sp)
   0x00000000b070d930 <+2072>:  lw      a3,0(a2)
   0x00000000b070d934 <+2076>:  blt     a1,a3,0xb070d958 <QTextEngine::justify(QScriptLine const&)+2112>
   0x00000000b070d938 <+2080>:  j       0xb070d93c <QTextEngine::justify(QScriptLine const&)+2084>
   0x00000000b070d93c <+2084>:  lc      ca0,1552(sp)
   0x00000000b070d940 <+2088>:  lw      a1,0(a0)
   0x00000000b070d944 <+2092>:  lc      ca2,1568(sp)
   0x00000000b070d948 <+2096>:  lw      a3,0(a2)
   0x00000000b070d94c <+2100>:  subw    a1,a1,a3
   0x00000000b070d94e <+2102>:  addi    a1,a1,1
   0x00000000b070d950 <+2104>:  sd      a1,1120(sp)
   0x00000000b070d954 <+2108>:  j       0xb070d962 <QTextEngine::justify(QScriptLine const&)+2122>
   0x00000000b070d958 <+2112>:  li      a0,0
   0x00000000b070d95a <+2114>:  sd      a0,1120(sp)
   0x00000000b070d95e <+2118>:  j       0xb070d962 <QTextEngine::justify(QScriptLine const&)+2122>
   0x00000000b070d962 <+2122>:  ld      a0,1120(sp)
   0x00000000b070d966 <+2126>:  lc      ca1,1536(sp)
   0x00000000b070d96a <+2130>:  sw      a0,0(a1)
   0x00000000b070d96e <+2134>:  auipc   a0,0x560
   0x00000000b070d972 <+2138>:  lc      ca0,-14(a0) # 0xb0c6d960 <_CHERI_CAPABILITY_TABLE_+179376>
   0x00000000b070d976 <+2142>:  li      a2,0
   0x00000000b070d978 <+2144>:  lc      ca3,1520(sp)
   0x00000000b070d97c <+2148>:  sc      ca0,1104(sp)
   0x00000000b070d980 <+2152>:  cmove   ca0,ca3
   0x00000000b070d984 <+2156>:  mv      a1,a2
   0x00000000b070d986 <+2158>:  lc      ca4,1104(sp)
   0x00000000b070d98a <+2162>:  sd      a2,1096(sp)
   0x00000000b070d98e <+2166>:  cjalr   cra,ca4
   0x00000000b070d992 <+2170>:  ld      a0,1096(sp)
   0x00000000b070d996 <+2174>:  lc      ca1,1504(sp)
   0x00000000b070d99a <+2178>:  sw      a0,0(a1)
   0x00000000b070d99e <+2182>:  auipc   a2,0x55b
   0x00000000b070d9a2 <+2186>:  lc      ca2,-270(a2) # 0xb0c68890 <_CHERI_CAPABILITY_TABLE_+158688>
   0x00000000b070d9a6 <+2190>:  lui     a1,0x100
   0x00000000b070d9aa <+2194>:  lc      ca0,1488(sp)
   0x00000000b070d9ae <+2198>:  cjalr   cra,ca2
   0x00000000b070d9b2 <+2202>:  ld      a0,1096(sp)
   0x00000000b070d9b6 <+2206>:  lc      ca1,1472(sp)
   0x00000000b070d9ba <+2210>:  sw      a0,0(a1) # 0x100000
   0x00000000b070d9be <+2214>:  j       0xb070d9c2 <QTextEngine::justify(QScriptLine const&)+2218>
   0x00000000b070d9c2 <+2218>:  lc      ca0,1472(sp)
   0x00000000b070d9c6 <+2222>:  lw      a1,0(a0)
   0x00000000b070d9ca <+2226>:  lc      ca2,1536(sp)
   0x00000000b070d9ce <+2230>:  lw      a3,0(a2)
   0x00000000b070d9d2 <+2234>:  bge     a1,a3,0xb070da58 <QTextEngine::justify(QScriptLine const&)+2368>
   0x00000000b070d9d6 <+2238>:  j       0xb070d9da <QTextEngine::justify(QScriptLine const&)+2242>
   0x00000000b070d9da <+2242>:  lc      ca0,1296(sp)
   0x00000000b070d9de <+2246>:  lc      ca0,240(a0)
   0x00000000b070d9e2 <+2250>:  lc      ca1,1568(sp)
   0x00000000b070d9e6 <+2254>:  lw      a2,0(a1)
   0x00000000b070d9ea <+2258>:  lc      ca3,1472(sp)
   0x00000000b070d9ee <+2262>:  lw      a4,0(a3)
   0x00000000b070d9f2 <+2266>:  addw    a1,a2,a4
   0x00000000b070d9f6 <+2270>:  auipc   a2,0x55f
   0x00000000b070d9fa <+2274>:  lc      ca2,330(a2) # 0xb0c6cb40 <_CHERI_CAPABILITY_TABLE_+175760>
   0x00000000b070d9fe <+2278>:  cjalr   cra,ca2
   0x00000000b070da02 <+2282>:  lc      ca1,1456(sp)
   0x00000000b070da06 <+2286>:  sc      ca0,0(a1)
   0x00000000b070da0a <+2290>:  lc      ca0,0(a1)
   0x00000000b070da0e <+2294>:  lhu     a0,6(a0)
   0x00000000b070da12 <+2298>:  li      a2,0
   0x00000000b070da14 <+2300>:  bne     a0,a2,0xb070da42 <QTextEngine::justify(QScriptLine const&)+2346>
   0x00000000b070da18 <+2304>:  j       0xb070da1c <QTextEngine::justify(QScriptLine const&)+2308>
   0x00000000b070da1c <+2308>:  lc      ca0,1568(sp)
   0x00000000b070da20 <+2312>:  lw      a1,0(a0)
   0x00000000b070da24 <+2316>:  lc      ca2,1472(sp)
   0x00000000b070da28 <+2320>:  lw      a3,0(a2)
   0x00000000b070da2c <+2324>:  addw    a1,a1,a3
   0x00000000b070da2e <+2326>:  auipc   a3,0x55f
   0x00000000b070da32 <+2330>:  lc      ca3,322(a3) # 0xb0c6cb70 <_CHERI_CAPABILITY_TABLE_+175808>
   0x00000000b070da36 <+2334>:  lc      ca0,1296(sp)
   0x00000000b070da3a <+2338>:  cjalr   cra,ca3
   0x00000000b070da3e <+2342>:  j       0xb070da42 <QTextEngine::justify(QScriptLine const&)+2346>
   0x00000000b070da42 <+2346>:  j       0xb070da46 <QTextEngine::justify(QScriptLine const&)+2350>
   0x00000000b070da46 <+2350>:  lc      ca0,1472(sp)
   0x00000000b070da4a <+2354>:  lw      a1,0(a0)
   0x00000000b070da4e <+2358>:  addi    a1,a1,1
   0x00000000b070da50 <+2360>:  sw      a1,0(a0)
   0x00000000b070da54 <+2364>:  j       0xb070d9c2 <QTextEngine::justify(QScriptLine const&)+2218>
   0x00000000b070da58 <+2368>:  li      a0,0
   0x00000000b070da5a <+2370>:  lc      ca1,1440(sp)
   0x00000000b070da5e <+2374>:  sw      a0,0(a1)
   0x00000000b070da62 <+2378>:  j       0xb070da66 <QTextEngine::justify(QScriptLine const&)+2382>
   0x00000000b070da66 <+2382>:  lc      ca0,1440(sp)
   0x00000000b070da6a <+2386>:  lw      a1,0(a0)
   0x00000000b070da6e <+2390>:  lc      ca2,1536(sp)
   0x00000000b070da72 <+2394>:  lw      a3,0(a2)
   0x00000000b070da76 <+2398>:  bge     a1,a3,0xb070e2ee <QTextEngine::justify(QScriptLine const&)+4566>
   0x00000000b070da7a <+2402>:  j       0xb070da7e <QTextEngine::justify(QScriptLine const&)+2406>
   0x00000000b070da7e <+2406>:  lc      ca0,1296(sp)
   0x00000000b070da82 <+2410>:  lc      ca0,240(a0)
   0x00000000b070da86 <+2414>:  lc      ca1,1568(sp)
   0x00000000b070da8a <+2418>:  lw      a2,0(a1)
   0x00000000b070da8e <+2422>:  lc      ca3,1440(sp)
   0x00000000b070da92 <+2426>:  lw      a4,0(a3)
   0x00000000b070da96 <+2430>:  addw    a1,a2,a4
   0x00000000b070da9a <+2434>:  auipc   a2,0x55f
   0x00000000b070da9e <+2438>:  lc      ca2,166(a2) # 0xb0c6cb40 <_CHERI_CAPABILITY_TABLE_+175760>
   0x00000000b070daa2 <+2442>:  cjalr   cra,ca2
   0x00000000b070daa6 <+2446>:  lc      ca1,1424(sp)
   0x00000000b070daaa <+2450>:  sc      ca0,0(a1)
   0x00000000b070daae <+2454>:  li      a0,7
   0x00000000b070dab0 <+2456>:  lc      ca2,1408(sp)
   0x00000000b070dab4 <+2460>:  sw      a0,0(a2)
   0x00000000b070dab8 <+2464>:  li      a0,1
   0x00000000b070daba <+2466>:  slli    a0,a0,0x20
   0x00000000b070dabc <+2468>:  addi    a0,a0,-1
   0x00000000b070dabe <+2470>:  lc      ca3,1392(sp)
   0x00000000b070dac2 <+2474>:  sw      a0,0(a3)
   0x00000000b070dac6 <+2478>:  lc      ca0,1680(sp)
   0x00000000b070daca <+2482>:  lc      ca4,0(a0)
   0x00000000b070dace <+2486>:  lw      a4,32(a4)
   0x00000000b070dad2 <+2490>:  lc      ca5,0(a1)
   0x00000000b070dad6 <+2494>:  lw      a5,0(a5)
   0x00000000b070dada <+2498>:  sub     a4,a4,a5
   0x00000000b070dadc <+2500>:  lc      ca5,1360(sp)
   0x00000000b070dae0 <+2504>:  sw      a4,0(a5)
   0x00000000b070dae4 <+2508>:  li      a4,0
   0x00000000b070dae6 <+2510>:  lc      ca6,1344(sp)
   0x00000000b070daea <+2514>:  sw      a4,0(a6)
   0x00000000b070daee <+2518>:  auipc   a4,0x535
   0x00000000b070daf2 <+2522>:  lc      ca4,130(a4) # 0xb0c42b70 <_CHERI_CAPABILITY_TABLE_+3776>
   0x00000000b070daf6 <+2526>:  cmove   ca0,ca5
   0x00000000b070dafa <+2530>:  cmove   ca1,ca6
   0x00000000b070dafe <+2534>:  cjalr   cra,ca4
   0x00000000b070db02 <+2538>:  lw      a0,0(a0)
   0x00000000b070db06 <+2542>:  lc      ca1,1376(sp)
   0x00000000b070db0a <+2546>:  sw      a0,0(a1)
   0x00000000b070db0e <+2550>:  lc      ca0,1680(sp)
   0x00000000b070db12 <+2554>:  lc      ca2,0(a0)
   0x00000000b070db16 <+2558>:  lw      a2,32(a2)
   0x00000000b070db1a <+2562>:  lc      ca3,1600(sp)
   0x00000000b070db1e <+2566>:  lw      a4,0(a3)
   0x00000000b070db22 <+2570>:  add     a2,a2,a4
   0x00000000b070db24 <+2572>:  lc      ca4,1424(sp)
   0x00000000b070db28 <+2576>:  lc      ca5,0(a4)
   0x00000000b070db2c <+2580>:  lw      a5,0(a5)
   0x00000000b070db30 <+2584>:  sub     a2,a2,a5
   0x00000000b070db32 <+2586>:  lui     a0,0x1
   0x00000000b070db34 <+2588>:  addiw   a0,a0,-2048
   0x00000000b070db38 <+2592>:  cincoffset      ca0,csp,a0
   0x00000000b070db3c <+2596>:  lc      ca5,0(a0) # 0x1000
   0x00000000b070db40 <+2600>:  sw      a2,0(a5)
   0x00000000b070db44 <+2604>:  lc      ca2,1568(sp)
   0x00000000b070db48 <+2608>:  lw      a6,0(a2)
   0x00000000b070db4c <+2612>:  lc      ca7,1440(sp)
   0x00000000b070db50 <+2616>:  lw      t0,0(a7)
   0x00000000b070db54 <+2620>:  addw    a1,a6,t0
   0x00000000b070db58 <+2624>:  auipc   a6,0x55f
   0x00000000b070db5c <+2628>:  lc      ca6,664(a6) # 0xb0c6cdf0 <_CHERI_CAPABILITY_TABLE_+176448>
   0x00000000b070db60 <+2632>:  lc      ca0,1296(sp)
   0x00000000b070db64 <+2636>:  sc      ca6,1072(sp)
   0x00000000b070db68 <+2640>:  cjalr   cra,ca6
   0x00000000b070db6c <+2644>:  lc      ca1,2032(sp)
   0x00000000b070db70 <+2648>:  sw      a0,0(a1)
   0x00000000b070db74 <+2652>:  auipc   a0,0x535
   0x00000000b070db78 <+2656>:  lc      ca0,-36(a0) # 0xb0c42b50 <_CHERI_CAPABILITY_TABLE_+3744>
   0x00000000b070db7c <+2660>:  lui     a2,0x1
   0x00000000b070db7e <+2662>:  addiw   a2,a2,-2048
   0x00000000b070db82 <+2666>:  cincoffset      ca2,csp,a2
   0x00000000b070db86 <+2670>:  lc      ca2,0(a2) # 0x1000
   0x00000000b070db8a <+2674>:  sc      ca0,1056(sp)
   0x00000000b070db8e <+2678>:  cmove   ca0,ca2
   0x00000000b070db92 <+2682>:  lc      ca3,1056(sp)
   0x00000000b070db96 <+2686>:  cjalr   cra,ca3
   0x00000000b070db9a <+2690>:  lw      a0,0(a0)
   0x00000000b070db9e <+2694>:  lui     a1,0x1
   0x00000000b070dba0 <+2696>:  addiw   a1,a1,-2032
   0x00000000b070dba4 <+2700>:  cincoffset      ca1,csp,a1
   0x00000000b070dba8 <+2704>:  lc      ca1,0(a1) # 0x1000
   0x00000000b070dbac <+2708>:  sw      a0,0(a1)
   0x00000000b070dbb0 <+2712>:  lc      ca0,1424(sp)
   0x00000000b070dbb4 <+2716>:  lc      ca1,0(a0)
   0x00000000b070dbb8 <+2720>:  auipc   a2,0x55f
   0x00000000b070dbbc <+2724>:  lc      ca2,744(a2) # 0xb0c6cea0 <_CHERI_CAPABILITY_TABLE_+176624>
   0x00000000b070dbc0 <+2728>:  lc      ca0,1296(sp)
   0x00000000b070dbc4 <+2732>:  cjalr   cra,ca2
   0x00000000b070dbc8 <+2736>:  lc      ca1,2016(sp)
   0x00000000b070dbcc <+2740>:  sc      ca0,0(a1)
   0x00000000b070dbd0 <+2744>:  lc      ca0,0(a1)
   0x00000000b070dbd4 <+2748>:  lc      ca2,1376(sp)
   0x00000000b070dbd8 <+2752>:  lw      a3,0(a2)
   0x00000000b070dbdc <+2756>:  slli    a3,a3,0x1
   0x00000000b070dbde <+2758>:  cincoffset      ca0,ca0,a3
   0x00000000b070dbe2 <+2762>:  lhu     a0,0(a0)
   0x00000000b070dbe6 <+2766>:  lc      ca3,1328(sp)
   0x00000000b070dbea <+2770>:  sw      a0,0(a3)
   0x00000000b070dbee <+2774>:  lui     a0,0x1
   0x00000000b070dbf0 <+2776>:  addiw   a0,a0,-2032
   0x00000000b070dbf4 <+2780>:  cincoffset      ca0,csp,a0
   0x00000000b070dbf8 <+2784>:  lc      ca0,0(a0) # 0x1000
   0x00000000b070dbfc <+2788>:  lw      a4,0(a0)
   0x00000000b070dc00 <+2792>:  lc      ca5,1568(sp)
   0x00000000b070dc04 <+2796>:  lw      a6,0(a5)
   0x00000000b070dc08 <+2800>:  lc      ca7,1440(sp)
   0x00000000b070dc0c <+2804>:  lw      t0,0(a7)
   0x00000000b070dc10 <+2808>:  addw    a1,a6,t0
   0x00000000b070dc14 <+2812>:  lc      ca0,1296(sp)
   0x00000000b070dc18 <+2816>:  lc      ca6,1072(sp)
   0x00000000b070dc1c <+2820>:  sd      a4,1048(sp)
   0x00000000b070dc20 <+2824>:  cjalr   cra,ca6
   0x00000000b070dc24 <+2828>:  ld      a1,1048(sp)
   0x00000000b070dc28 <+2832>:  bne     a1,a0,0xb070dc44 <QTextEngine::justify(QScriptLine const&)+2860>
   0x00000000b070dc2c <+2836>:  j       0xb070dc30 <QTextEngine::justify(QScriptLine const&)+2840>
   0x00000000b070dc30 <+2840>:  lc      ca0,1424(sp)
   0x00000000b070dc34 <+2844>:  lc      ca1,0(a0)
   0x00000000b070dc38 <+2848>:  lhu     a1,6(a1)
   0x00000000b070dc3c <+2852>:  sd      a1,1040(sp)
   0x00000000b070dc40 <+2856>:  j       0xb070dc70 <QTextEngine::justify(QScriptLine const&)+2904>
   0x00000000b070dc44 <+2860>:  lc      ca0,2016(sp)
   0x00000000b070dc48 <+2864>:  lc      ca1,0(a0)
   0x00000000b070dc4c <+2868>:  lui     a0,0x1
   0x00000000b070dc4e <+2870>:  addiw   a0,a0,-2032
   0x00000000b070dc52 <+2874>:  cincoffset      ca0,csp,a0
   0x00000000b070dc56 <+2878>:  lc      ca2,0(a0) # 0x1000
   0x00000000b070dc5a <+2882>:  lw      a3,0(a2)
   0x00000000b070dc5e <+2886>:  slli    a3,a3,0x1
   0x00000000b070dc60 <+2888>:  cincoffset      ca1,ca1,a3
   0x00000000b070dc64 <+2892>:  lhu     a1,0(a1)
   0x00000000b070dc68 <+2896>:  sd      a1,1040(sp)
   0x00000000b070dc6c <+2900>:  j       0xb070dc70 <QTextEngine::justify(QScriptLine const&)+2904>
   0x00000000b070dc70 <+2904>:  ld      a0,1040(sp)
   0x00000000b070dc74 <+2908>:  lui     a1,0x10
   0x00000000b070dc76 <+2910>:  addiw   a1,a1,-1
   0x00000000b070dc78 <+2912>:  and     a0,a0,a1
   0x00000000b070dc7a <+2914>:  lc      ca1,2000(sp)
   0x00000000b070dc7e <+2918>:  sw      a0,0(a1) # 0x10000
   0x00000000b070dc82 <+2922>:  lw      a0,0(a1)
   0x00000000b070dc86 <+2926>:  lc      ca2,1424(sp)
   0x00000000b070dc8a <+2930>:  lc      ca3,0(a2)
   0x00000000b070dc8e <+2934>:  lhu     a3,6(a3)
   0x00000000b070dc92 <+2938>:  blt     a3,a0,0xb070dc9e <QTextEngine::justify(QScriptLine const&)+2950>
   0x00000000b070dc96 <+2942>:  j       0xb070dc9a <QTextEngine::justify(QScriptLine const&)+2946>
   0x00000000b070dc9a <+2946>:  j       0xb070dcca <QTextEngine::justify(QScriptLine const&)+2994>
   0x00000000b070dc9e <+2950>:  auipc   a0,0x560
   0x00000000b070dca2 <+2954>:  lc      ca0,-814(a0) # 0xb0c6d970 <_CHERI_CAPABILITY_TABLE_+179392>
   0x00000000b070dca6 <+2958>:  auipc   a1,0x55f
   0x00000000b070dcaa <+2962>:  lc      ca1,-262(a1) # 0xb0c6cba0 <_CHERI_CAPABILITY_TABLE_+175856>
   0x00000000b070dcae <+2966>:  auipc   a2,0x534
   0x00000000b070dcb2 <+2970>:  lc      ca2,722(a2) # 0xb0c41f80 <_CHERI_CAPABILITY_TABLE_+720>
   0x00000000b070dcb6 <+2974>:  lui     a3,0x1
   0x00000000b070dcb8 <+2976>:  addiw   a3,a3,-1796
   0x00000000b070dcbc <+2980>:  sc      ca2,1024(sp)
   0x00000000b070dcc0 <+2984>:  mv      a2,a3
   0x00000000b070dcc2 <+2986>:  lc      ca3,1024(sp)
   0x00000000b070dcc6 <+2990>:  cjalr   cra,ca3
   0x00000000b070dcca <+2994>:  lc      ca0,1424(sp)
   0x00000000b070dcce <+2998>:  lc      ca2,0(a0)
   0x00000000b070dcd2 <+3002>:  auipc   a1,0x55f
   0x00000000b070dcd6 <+3006>:  lc      ca1,-338(a1) # 0xb0c6cb80 <_CHERI_CAPABILITY_TABLE_+175824>
   0x00000000b070dcda <+3010>:  lc      ca0,1952(sp)
   0x00000000b070dcde <+3014>:  lc      ca3,1296(sp)
   0x00000000b070dce2 <+3018>:  sc      ca1,1008(sp)
   0x00000000b070dce6 <+3022>:  cmove   ca1,ca3
   0x00000000b070dcea <+3026>:  lc      ca4,1008(sp)
   0x00000000b070dcee <+3030>:  cjalr   cra,ca4
   0x00000000b070dcf2 <+3034>:  lc      ca0,1328(sp)
   0x00000000b070dcf6 <+3038>:  lw      a1,0(a0)
   0x00000000b070dcfa <+3042>:  lc      ca2,1920(sp)
   0x00000000b070dcfe <+3046>:  sw      a1,0(a2)
   0x00000000b070dd02 <+3050>:  j       0xb070dd06 <QTextEngine::justify(QScriptLine const&)+3054>
   0x00000000b070dd06 <+3054>:  lc      ca0,1920(sp)
   0x00000000b070dd0a <+3058>:  lw      a1,0(a0)
   0x00000000b070dd0e <+3062>:  lc      ca2,2000(sp)
   0x00000000b070dd12 <+3066>:  lw      a3,0(a2)
   0x00000000b070dd16 <+3070>:  bge     a1,a3,0xb070e12a <QTextEngine::justify(QScriptLine const&)+4114>
   0x00000000b070dd1a <+3074>:  j       0xb070dd1e <QTextEngine::justify(QScriptLine const&)+3078>
   0x00000000b070dd1e <+3078>:  lc      ca0,1952(sp)
   0x00000000b070dd22 <+3082>:  lc      ca1,48(a0)
   0x00000000b070dd26 <+3086>:  lc      ca2,1920(sp)
   0x00000000b070dd2a <+3090>:  lw      a3,0(a2)
   0x00000000b070dd2e <+3094>:  slli    a3,a3,0x2
   0x00000000b070dd30 <+3096>:  cincoffset      ca1,ca1,a3
   0x00000000b070dd34 <+3100>:  lwu     a3,0(a1)
   0x00000000b070dd38 <+3104>:  li      a4,1
   0x00000000b070dd3a <+3106>:  slli    a4,a4,0x20
   0x00000000b070dd3c <+3108>:  addi    a5,a4,-4
   0x00000000b070dd40 <+3112>:  and     a3,a3,a5
   0x00000000b070dd42 <+3114>:  sw      a3,0(a1)
   0x00000000b070dd46 <+3118>:  lc      ca1,48(a0)
   0x00000000b070dd4a <+3122>:  lw      a3,0(a2)
   0x00000000b070dd4e <+3126>:  slli    a3,a3,0x2
   0x00000000b070dd50 <+3128>:  cincoffset      ca1,ca1,a3
   0x00000000b070dd54 <+3132>:  lwu     a3,0(a1)
   0x00000000b070dd58 <+3136>:  addi    a4,a4,-253
   0x00000000b070dd5c <+3140>:  and     a3,a3,a4
   0x00000000b070dd5e <+3142>:  sw      a3,0(a1)
   0x00000000b070dd62 <+3146>:  lc      ca1,48(a0)
   0x00000000b070dd66 <+3150>:  lw      a3,0(a2)
   0x00000000b070dd6a <+3154>:  slli    a3,a3,0x2
   0x00000000b070dd6c <+3156>:  cincoffset      ca1,ca1,a3
   0x00000000b070dd70 <+3160>:  lwu     a3,0(a1)
   0x00000000b070dd74 <+3164>:  andi    a3,a3,255
   0x00000000b070dd78 <+3168>:  sw      a3,0(a1)
   0x00000000b070dd7c <+3172>:  lc      ca1,1504(sp)
   0x00000000b070dd80 <+3176>:  lw      a3,0(a1)
   0x00000000b070dd84 <+3180>:  addiw   a1,a3,3
   0x00000000b070dd88 <+3184>:  auipc   a3,0x560
   0x00000000b070dd8c <+3188>:  lc      ca3,-1032(a3) # 0xb0c6d980 <_CHERI_CAPABILITY_TABLE_+179408>
   0x00000000b070dd90 <+3192>:  lc      ca0,1520(sp)
   0x00000000b070dd94 <+3196>:  cjalr   cra,ca3
   0x00000000b070dd98 <+3200>:  lc      ca0,1952(sp)
   0x00000000b070dd9c <+3204>:  lc      ca1,64(a0)
   0x00000000b070dda0 <+3208>:  lc      ca2,1920(sp)
   0x00000000b070dda4 <+3212>:  lw      a3,0(a2)
   0x00000000b070dda8 <+3216>:  cincoffset      ca1,ca1,a3
   0x00000000b070ddac <+3220>:  lbu     a1,0(a1)
   0x00000000b070ddb0 <+3224>:  srli    a1,a1,0x2
   0x00000000b070ddb2 <+3226>:  andi    a1,a1,15
   0x00000000b070ddb4 <+3228>:  lc      ca3,1936(sp)
   0x00000000b070ddb8 <+3232>:  sw      a1,0(a3)
   0x00000000b070ddbc <+3236>:  lwu     a1,0(a3)
   0x00000000b070ddc0 <+3240>:  li      a4,0
   0x00000000b070ddc2 <+3242>:  sd      a1,1000(sp)
   0x00000000b070ddc6 <+3246>:  beq     a1,a4,0xb070de1c <QTextEngine::justify(QScriptLine const&)+3332>
   0x00000000b070ddca <+3250>:  j       0xb070ddce <QTextEngine::justify(QScriptLine const&)+3254>
   0x00000000b070ddce <+3254>:  ld      a0,1000(sp)
   0x00000000b070ddd2 <+3258>:  slli    a1,a0,0x20
   0x00000000b070ddd6 <+3262>:  srli    a1,a1,0x20
   0x00000000b070ddd8 <+3264>:  li      a2,1
   0x00000000b070ddda <+3266>:  beq     a1,a2,0xb070de20 <QTextEngine::justify(QScriptLine const&)+3336>
   0x00000000b070ddde <+3270>:  j       0xb070dde2 <QTextEngine::justify(QScriptLine const&)+3274>
   0x00000000b070dde2 <+3274>:  ld      a0,1000(sp)
   0x00000000b070dde6 <+3278>:  slli    a1,a0,0x20
   0x00000000b070ddea <+3282>:  srli    a1,a1,0x20
   0x00000000b070ddec <+3284>:  li      a2,2
   0x00000000b070ddee <+3286>:  beq     a1,a2,0xb070dfea <QTextEngine::justify(QScriptLine const&)+3794>
   0x00000000b070ddf2 <+3290>:  j       0xb070ddf6 <QTextEngine::justify(QScriptLine const&)+3294>
   0x00000000b070ddf6 <+3294>:  ld      a0,1000(sp)
   0x00000000b070ddfa <+3298>:  slli    a1,a0,0x20
   0x00000000b070ddfe <+3302>:  srli    a1,a1,0x20
   0x00000000b070de00 <+3304>:  li      a2,4
   0x00000000b070de02 <+3306>:  beq     a1,a2,0xb070de20 <QTextEngine::justify(QScriptLine const&)+3336>
   0x00000000b070de06 <+3310>:  j       0xb070de0a <QTextEngine::justify(QScriptLine const&)+3314>
   0x00000000b070de0a <+3314>:  ld      a0,1000(sp)
   0x00000000b070de0e <+3318>:  addiw   a1,a0,-7
   0x00000000b070de12 <+3322>:  li      a2,7
   0x00000000b070de14 <+3324>:  bltu    a1,a2,0xb070e0d4 <QTextEngine::justify(QScriptLine const&)+4028>
   0x00000000b070de18 <+3328>:  j       0xb070e114 <QTextEngine::justify(QScriptLine const&)+4092>
   0x00000000b070de1c <+3332>:  j       0xb070e114 <QTextEngine::justify(QScriptLine const&)+4092>
   0x00000000b070de20 <+3336>:  lc      ca0,1392(sp)
   0x00000000b070de24 <+3340>:  lw      a1,0(a0)
   0x00000000b070de28 <+3344>:  li      a2,0
   0x00000000b070de2a <+3346>:  blt     a1,a2,0xb070dfce <QTextEngine::justify(QScriptLine const&)+3766>
   0x00000000b070de2e <+3350>:  j       0xb070de32 <QTextEngine::justify(QScriptLine const&)+3354>
   0x00000000b070de32 <+3354>:  lc      ca0,1504(sp)
   0x00000000b070de36 <+3358>:  lw      a1,0(a0)
   0x00000000b070de3a <+3362>:  auipc   a2,0x560
   0x00000000b070de3e <+3366>:  lc      ca2,-1194(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070de42 <+3370>:  lc      ca0,1520(sp)
   0x00000000b070de46 <+3374>:  sc      ca2,976(sp)
   0x00000000b070de4a <+3378>:  cjalr   cra,ca2
   0x00000000b070de4e <+3382>:  lc      ca1,1408(sp)
   0x00000000b070de52 <+3386>:  lw      a1,0(a1)
   0x00000000b070de56 <+3390>:  lc      ca2,1392(sp)
   0x00000000b070de5a <+3394>:  lw      a2,0(a2)
   0x00000000b070de5e <+3398>:  auipc   a3,0x55b
   0x00000000b070de62 <+3402>:  lc      ca3,1506(a3) # 0xb0c69440 <_CHERI_CAPABILITY_TABLE_+161680>
   0x00000000b070de66 <+3406>:  li      a4,-1
   0x00000000b070de68 <+3408>:  lc      ca5,1904(sp)
   0x00000000b070de6c <+3412>:  sc      ca0,960(sp)
   0x00000000b070de70 <+3416>:  cmove   ca0,ca5
   0x00000000b070de74 <+3420>:  lc      ca6,1952(sp)
   0x00000000b070de78 <+3424>:  sd      a1,952(sp)
   0x00000000b070de7c <+3428>:  cmove   ca1,ca6
   0x00000000b070de80 <+3432>:  sc      ca3,928(sp)
   0x00000000b070de84 <+3436>:  mv      a3,a4
   0x00000000b070de86 <+3438>:  lc      ca4,928(sp)
   0x00000000b070de8a <+3442>:  cjalr   cra,ca4
   0x00000000b070de8e <+3446>:  lc      ca0,1424(sp)
   0x00000000b070de92 <+3450>:  lc      ca1,0(a0)
   0x00000000b070de96 <+3454>:  auipc   a2,0x55f
   0x00000000b070de9a <+3458>:  lc      ca2,-214(a2) # 0xb0c6cdc0 <_CHERI_CAPABILITY_TABLE_+176400>
   0x00000000b070de9e <+3462>:  lc      ca0,1296(sp)
   0x00000000b070dea2 <+3466>:  sc      ca2,912(sp)
   0x00000000b070dea6 <+3470>:  cmove   ca2,cnull
   0x00000000b070deaa <+3474>:  cmove   ca3,cnull
   0x00000000b070deae <+3478>:  cmove   ca4,cnull
   0x00000000b070deb2 <+3482>:  lc      ca5,912(sp)
   0x00000000b070deb6 <+3486>:  cjalr   cra,ca5
   0x00000000b070deba <+3490>:  auipc   a1,0x560
   0x00000000b070debe <+3494>:  lc      ca1,-1306(a1) # 0xb0c6d9a0 <_CHERI_CAPABILITY_TABLE_+179440>
   0x00000000b070dec2 <+3498>:  lc      ca2,960(sp)
   0x00000000b070dec6 <+3502>:  sc      ca0,896(sp)
   0x00000000b070deca <+3506>:  cmove   ca0,ca2
   0x00000000b070dece <+3510>:  ld      a3,952(sp)
   0x00000000b070ded2 <+3514>:  sc      ca1,880(sp)
   0x00000000b070ded6 <+3518>:  mv      a1,a3
   0x00000000b070ded8 <+3520>:  lc      ca2,1904(sp)
   0x00000000b070dedc <+3524>:  lc      ca3,896(sp)
   0x00000000b070dee0 <+3528>:  lc      ca4,880(sp)
   0x00000000b070dee4 <+3532>:  cjalr   cra,ca4
   0x00000000b070dee8 <+3536>:  lc      ca0,1504(sp)
   0x00000000b070deec <+3540>:  lw      a1,0(a0)
   0x00000000b070def0 <+3544>:  lc      ca0,1520(sp)
   0x00000000b070def4 <+3548>:  lc      ca2,976(sp)
   0x00000000b070def8 <+3552>:  cjalr   cra,ca2
   0x00000000b070defc <+3556>:  cincoffset      ca0,ca0,4
   0x00000000b070df00 <+3560>:  auipc   a1,0x55c
   0x00000000b070df04 <+3564>:  lc      ca1,400(a1) # 0xb0c6a090 <_CHERI_CAPABILITY_TABLE_+164832>
   0x00000000b070df08 <+3568>:  li      a2,0
   0x00000000b070df0a <+3570>:  sc      ca1,864(sp)
   0x00000000b070df0e <+3574>:  mv      a1,a2
   0x00000000b070df10 <+3576>:  lc      ca3,864(sp)
   0x00000000b070df14 <+3580>:  sd      a2,856(sp)
   0x00000000b070df18 <+3584>:  cjalr   cra,ca3
   0x00000000b070df1c <+3588>:  ld      a1,856(sp)
   0x00000000b070df20 <+3592>:  beq     a0,a1,0xb070dfca <QTextEngine::justify(QScriptLine const&)+3762>
   0x00000000b070df24 <+3596>:  j       0xb070df28 <QTextEngine::justify(QScriptLine const&)+3600>
   0x00000000b070df28 <+3600>:  lc      ca0,1504(sp)
   0x00000000b070df2c <+3604>:  lw      a1,0(a0)
   0x00000000b070df30 <+3608>:  auipc   a2,0x560
   0x00000000b070df34 <+3612>:  lc      ca2,-1440(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070df38 <+3616>:  lc      ca0,1520(sp)
   0x00000000b070df3c <+3620>:  sc      ca2,832(sp)
   0x00000000b070df40 <+3624>:  cjalr   cra,ca2
   0x00000000b070df44 <+3628>:  cincoffset      ca1,ca0,4
   0x00000000b070df48 <+3632>:  auipc   a0,0x55b
   0x00000000b070df4c <+3636>:  lc      ca0,-712(a0) # 0xb0c68c80 <_CHERI_CAPABILITY_TABLE_+159696>
   0x00000000b070df50 <+3640>:  lc      ca2,1488(sp)
   0x00000000b070df54 <+3644>:  sc      ca0,816(sp)
   0x00000000b070df58 <+3648>:  cmove   ca0,ca2
   0x00000000b070df5c <+3652>:  lc      ca3,816(sp)
   0x00000000b070df60 <+3656>:  cjalr   cra,ca3
   0x00000000b070df64 <+3660>:  lw      a0,0(a0)
   0x00000000b070df68 <+3664>:  lc      ca1,1488(sp)
   0x00000000b070df6c <+3668>:  sw      a0,0(a1)
   0x00000000b070df70 <+3672>:  lc      ca0,1504(sp)
   0x00000000b070df74 <+3676>:  lw      a1,0(a0)
   0x00000000b070df78 <+3680>:  lc      ca0,1520(sp)
   0x00000000b070df7c <+3684>:  lc      ca2,832(sp)
   0x00000000b070df80 <+3688>:  cjalr   cra,ca2
   0x00000000b070df84 <+3692>:  auipc   a1,0x535
   0x00000000b070df88 <+3696>:  lc      ca1,-1044(a1) # 0xb0c42b70 <_CHERI_CAPABILITY_TABLE_+3776>
   0x00000000b070df8c <+3700>:  lc      ca2,1616(sp)
   0x00000000b070df90 <+3704>:  sc      ca0,800(sp)
   0x00000000b070df94 <+3708>:  cmove   ca0,ca2
   0x00000000b070df98 <+3712>:  lc      ca3,800(sp)
   0x00000000b070df9c <+3716>:  sc      ca1,784(sp)
   0x00000000b070dfa0 <+3720>:  cmove   ca1,ca3
   0x00000000b070dfa4 <+3724>:  lc      ca4,784(sp)
   0x00000000b070dfa8 <+3728>:  cjalr   cra,ca4
   0x00000000b070dfac <+3732>:  lw      a0,0(a0)
   0x00000000b070dfb0 <+3736>:  lc      ca1,1616(sp)
   0x00000000b070dfb4 <+3740>:  sw      a0,0(a1)
   0x00000000b070dfb8 <+3744>:  lc      ca0,1504(sp)
   0x00000000b070dfbc <+3748>:  lw      a2,0(a0)
   0x00000000b070dfc0 <+3752>:  addi    a2,a2,1
   0x00000000b070dfc2 <+3754>:  sw      a2,0(a0)
   0x00000000b070dfc6 <+3758>:  j       0xb070dfca <QTextEngine::justify(QScriptLine const&)+3762>
   0x00000000b070dfca <+3762>:  j       0xb070dfce <QTextEngine::justify(QScriptLine const&)+3766>
   0x00000000b070dfce <+3766>:  li      a0,1
   0x00000000b070dfd0 <+3768>:  slli    a0,a0,0x20
   0x00000000b070dfd2 <+3770>:  addi    a0,a0,-1
   0x00000000b070dfd4 <+3772>:  lc      ca1,1392(sp)
   0x00000000b070dfd8 <+3776>:  sw      a0,0(a1)
   0x00000000b070dfdc <+3780>:  li      a0,7
   0x00000000b070dfde <+3782>:  lc      ca2,1408(sp)
   0x00000000b070dfe2 <+3786>:  sw      a0,0(a2)
   0x00000000b070dfe6 <+3790>:  j       0xb070dfea <QTextEngine::justify(QScriptLine const&)+3794>
   0x00000000b070dfea <+3794>:  lc      ca0,1504(sp)
   0x00000000b070dfee <+3798>:  lw      a1,0(a0)
   0x00000000b070dff2 <+3802>:  addi    a2,a1,1
   0x00000000b070dff6 <+3806>:  sw      a2,0(a0)
   0x00000000b070dffa <+3810>:  auipc   a2,0x560
   0x00000000b070dffe <+3814>:  lc      ca2,-1642(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e002 <+3818>:  lc      ca0,1520(sp)
   0x00000000b070e006 <+3822>:  cjalr   cra,ca2
   0x00000000b070e00a <+3826>:  lc      ca1,1936(sp)
   0x00000000b070e00e <+3830>:  lw      a1,0(a1)
   0x00000000b070e012 <+3834>:  lc      ca2,1920(sp)
   0x00000000b070e016 <+3838>:  lw      a2,0(a2)
   0x00000000b070e01a <+3842>:  auipc   a3,0x55b
   0x00000000b070e01e <+3846>:  lc      ca3,1062(a3) # 0xb0c69440 <_CHERI_CAPABILITY_TABLE_+161680>
   0x00000000b070e022 <+3850>:  li      a4,-1
   0x00000000b070e024 <+3852>:  lc      ca5,1888(sp)
   0x00000000b070e028 <+3856>:  sc      ca0,768(sp)
   0x00000000b070e02c <+3860>:  cmove   ca0,ca5
   0x00000000b070e030 <+3864>:  lc      ca6,1952(sp)
   0x00000000b070e034 <+3868>:  sd      a1,760(sp)
   0x00000000b070e038 <+3872>:  cmove   ca1,ca6
   0x00000000b070e03c <+3876>:  sc      ca3,736(sp)
   0x00000000b070e040 <+3880>:  mv      a3,a4
   0x00000000b070e042 <+3882>:  lc      ca4,736(sp)
   0x00000000b070e046 <+3886>:  cjalr   cra,ca4
   0x00000000b070e04a <+3890>:  lc      ca0,1424(sp)
   0x00000000b070e04e <+3894>:  lc      ca1,0(a0)
   0x00000000b070e052 <+3898>:  auipc   a2,0x55f
   0x00000000b070e056 <+3902>:  lc      ca2,-658(a2) # 0xb0c6cdc0 <_CHERI_CAPABILITY_TABLE_+176400>
   0x00000000b070e05a <+3906>:  lc      ca0,1296(sp)
   0x00000000b070e05e <+3910>:  sc      ca2,720(sp)
   0x00000000b070e062 <+3914>:  cmove   ca2,cnull
   0x00000000b070e066 <+3918>:  cmove   ca3,cnull
   0x00000000b070e06a <+3922>:  cmove   ca4,cnull
   0x00000000b070e06e <+3926>:  lc      ca5,720(sp)
   0x00000000b070e072 <+3930>:  cjalr   cra,ca5
   0x00000000b070e076 <+3934>:  auipc   a1,0x560
   0x00000000b070e07a <+3938>:  lc      ca1,-1750(a1) # 0xb0c6d9a0 <_CHERI_CAPABILITY_TABLE_+179440>
   0x00000000b070e07e <+3942>:  lc      ca2,768(sp)
   0x00000000b070e082 <+3946>:  sc      ca0,704(sp)
   0x00000000b070e086 <+3950>:  cmove   ca0,ca2
   0x00000000b070e08a <+3954>:  ld      a3,760(sp)
   0x00000000b070e08e <+3958>:  sc      ca1,688(sp)
   0x00000000b070e092 <+3962>:  mv      a1,a3
   0x00000000b070e094 <+3964>:  lc      ca2,1888(sp)
   0x00000000b070e098 <+3968>:  lc      ca3,704(sp)
   0x00000000b070e09c <+3972>:  lc      ca4,688(sp)
   0x00000000b070e0a0 <+3976>:  cjalr   cra,ca4
   0x00000000b070e0a4 <+3980>:  auipc   a0,0x535
   0x00000000b070e0a8 <+3984>:  lc      ca0,-1332(a0) # 0xb0c42b70 <_CHERI_CAPABILITY_TABLE_+3776>
   0x00000000b070e0ac <+3988>:  lc      ca1,1616(sp)
   0x00000000b070e0b0 <+3992>:  sc      ca0,672(sp)
   0x00000000b070e0b4 <+3996>:  cmove   ca0,ca1
   0x00000000b070e0b8 <+4000>:  lc      ca1,1936(sp)
   0x00000000b070e0bc <+4004>:  lc      ca2,672(sp)
   0x00000000b070e0c0 <+4008>:  cjalr   cra,ca2
   0x00000000b070e0c4 <+4012>:  lw      a0,0(a0)
   0x00000000b070e0c8 <+4016>:  lc      ca1,1616(sp)
   0x00000000b070e0cc <+4020>:  sw      a0,0(a1)
   0x00000000b070e0d0 <+4024>:  j       0xb070e114 <QTextEngine::justify(QScriptLine const&)+4092>
   0x00000000b070e0d4 <+4028>:  lc      ca0,1936(sp)
   0x00000000b070e0d8 <+4032>:  lw      a1,0(a0)
   0x00000000b070e0dc <+4036>:  lc      ca2,1408(sp)
   0x00000000b070e0e0 <+4040>:  lw      a3,0(a2)
   0x00000000b070e0e4 <+4044>:  blt     a1,a3,0xb070e110 <QTextEngine::justify(QScriptLine const&)+4088>
   0x00000000b070e0e8 <+4048>:  j       0xb070e0ec <QTextEngine::justify(QScriptLine const&)+4052>
   0x00000000b070e0ec <+4052>:  lc      ca0,1920(sp)
   0x00000000b070e0f0 <+4056>:  lw      a1,0(a0)
   0x00000000b070e0f4 <+4060>:  lc      ca2,1392(sp)
   0x00000000b070e0f8 <+4064>:  sw      a1,0(a2)
   0x00000000b070e0fc <+4068>:  lc      ca1,1936(sp)
   0x00000000b070e100 <+4072>:  lw      a3,0(a1)
   0x00000000b070e104 <+4076>:  lc      ca4,1408(sp)
   0x00000000b070e108 <+4080>:  sw      a3,0(a4)
   0x00000000b070e10c <+4084>:  j       0xb070e110 <QTextEngine::justify(QScriptLine const&)+4088>
   0x00000000b070e110 <+4088>:  j       0xb070e114 <QTextEngine::justify(QScriptLine const&)+4092>
   0x00000000b070e114 <+4092>:  j       0xb070e118 <QTextEngine::justify(QScriptLine const&)+4096>
   0x00000000b070e118 <+4096>:  lc      ca0,1920(sp)
   0x00000000b070e11c <+4100>:  lw      a1,0(a0)
   0x00000000b070e120 <+4104>:  addi    a1,a1,1
   0x00000000b070e122 <+4106>:  sw      a1,0(a0)
   0x00000000b070e126 <+4110>:  j       0xb070dd06 <QTextEngine::justify(QScriptLine const&)+3054>
   0x00000000b070e12a <+4114>:  lc      ca0,1392(sp)
   0x00000000b070e12e <+4118>:  lw      a1,0(a0)
   0x00000000b070e132 <+4122>:  li      a2,0
   0x00000000b070e134 <+4124>:  blt     a1,a2,0xb070e2d8 <QTextEngine::justify(QScriptLine const&)+4544>
   0x00000000b070e138 <+4128>:  j       0xb070e13c <QTextEngine::justify(QScriptLine const&)+4132>
   0x00000000b070e13c <+4132>:  lc      ca0,1504(sp)
   0x00000000b070e140 <+4136>:  lw      a1,0(a0)
   0x00000000b070e144 <+4140>:  auipc   a2,0x560
   0x00000000b070e148 <+4144>:  lc      ca2,-1972(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e14c <+4148>:  lc      ca0,1520(sp)
   0x00000000b070e150 <+4152>:  sc      ca2,656(sp)
   0x00000000b070e154 <+4156>:  cjalr   cra,ca2
   0x00000000b070e158 <+4160>:  lc      ca1,1408(sp)
   0x00000000b070e15c <+4164>:  lw      a1,0(a1)
   0x00000000b070e160 <+4168>:  lc      ca2,1392(sp)
   0x00000000b070e164 <+4172>:  lw      a2,0(a2)
   0x00000000b070e168 <+4176>:  auipc   a3,0x55b
   0x00000000b070e16c <+4180>:  lc      ca3,728(a3) # 0xb0c69440 <_CHERI_CAPABILITY_TABLE_+161680>
   0x00000000b070e170 <+4184>:  li      a4,-1
   0x00000000b070e172 <+4186>:  lc      ca5,1872(sp)
   0x00000000b070e176 <+4190>:  sc      ca0,640(sp)
   0x00000000b070e17a <+4194>:  cmove   ca0,ca5
   0x00000000b070e17e <+4198>:  lc      ca6,1952(sp)
   0x00000000b070e182 <+4202>:  sd      a1,632(sp)
   0x00000000b070e186 <+4206>:  cmove   ca1,ca6
   0x00000000b070e18a <+4210>:  sc      ca3,608(sp)
   0x00000000b070e18e <+4214>:  mv      a3,a4
   0x00000000b070e190 <+4216>:  lc      ca4,608(sp)
   0x00000000b070e194 <+4220>:  cjalr   cra,ca4
   0x00000000b070e198 <+4224>:  lc      ca0,1424(sp)
   0x00000000b070e19c <+4228>:  lc      ca1,0(a0)
   0x00000000b070e1a0 <+4232>:  auipc   a2,0x55f
   0x00000000b070e1a4 <+4236>:  lc      ca2,-992(a2) # 0xb0c6cdc0 <_CHERI_CAPABILITY_TABLE_+176400>
   0x00000000b070e1a8 <+4240>:  lc      ca0,1296(sp)
   0x00000000b070e1ac <+4244>:  sc      ca2,592(sp)
   0x00000000b070e1b0 <+4248>:  cmove   ca2,cnull
   0x00000000b070e1b4 <+4252>:  cmove   ca3,cnull
   0x00000000b070e1b8 <+4256>:  cmove   ca4,cnull
   0x00000000b070e1bc <+4260>:  lc      ca5,592(sp)
   0x00000000b070e1c0 <+4264>:  cjalr   cra,ca5
   0x00000000b070e1c4 <+4268>:  auipc   a1,0x55f
   0x00000000b070e1c8 <+4272>:  lc      ca1,2012(a1) # 0xb0c6d9a0 <_CHERI_CAPABILITY_TABLE_+179440>
   0x00000000b070e1cc <+4276>:  lc      ca2,640(sp)
   0x00000000b070e1d0 <+4280>:  sc      ca0,576(sp)
   0x00000000b070e1d4 <+4284>:  cmove   ca0,ca2
   0x00000000b070e1d8 <+4288>:  ld      a3,632(sp)
   0x00000000b070e1dc <+4292>:  sc      ca1,560(sp)
   0x00000000b070e1e0 <+4296>:  mv      a1,a3
   0x00000000b070e1e2 <+4298>:  lc      ca2,1872(sp)
   0x00000000b070e1e6 <+4302>:  lc      ca3,576(sp)
   0x00000000b070e1ea <+4306>:  lc      ca4,560(sp)
   0x00000000b070e1ee <+4310>:  cjalr   cra,ca4
   0x00000000b070e1f2 <+4314>:  lc      ca0,1504(sp)
   0x00000000b070e1f6 <+4318>:  lw      a1,0(a0)
   0x00000000b070e1fa <+4322>:  lc      ca0,1520(sp)
   0x00000000b070e1fe <+4326>:  lc      ca2,656(sp)
   0x00000000b070e202 <+4330>:  cjalr   cra,ca2
   0x00000000b070e206 <+4334>:  cincoffset      ca0,ca0,4
   0x00000000b070e20a <+4338>:  auipc   a1,0x55c
   0x00000000b070e20e <+4342>:  lc      ca1,-378(a1) # 0xb0c6a090 <_CHERI_CAPABILITY_TABLE_+164832>
   0x00000000b070e212 <+4346>:  li      a2,0
   0x00000000b070e214 <+4348>:  sc      ca1,544(sp)
   0x00000000b070e218 <+4352>:  mv      a1,a2
   0x00000000b070e21a <+4354>:  lc      ca3,544(sp)
   0x00000000b070e21e <+4358>:  sd      a2,536(sp)
   0x00000000b070e222 <+4362>:  cjalr   cra,ca3
   0x00000000b070e226 <+4366>:  ld      a1,536(sp)
   0x00000000b070e22a <+4370>:  beq     a0,a1,0xb070e2d4 <QTextEngine::justify(QScriptLine const&)+4540>
   0x00000000b070e22e <+4374>:  j       0xb070e232 <QTextEngine::justify(QScriptLine const&)+4378>
   0x00000000b070e232 <+4378>:  lc      ca0,1504(sp)
   0x00000000b070e236 <+4382>:  lw      a1,0(a0)
   0x00000000b070e23a <+4386>:  auipc   a2,0x55f
   0x00000000b070e23e <+4390>:  lc      ca2,1878(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e242 <+4394>:  lc      ca0,1520(sp)
   0x00000000b070e246 <+4398>:  sc      ca2,512(sp)
   0x00000000b070e24a <+4402>:  cjalr   cra,ca2
   0x00000000b070e24e <+4406>:  cincoffset      ca1,ca0,4
   0x00000000b070e252 <+4410>:  auipc   a0,0x55b
   0x00000000b070e256 <+4414>:  lc      ca0,-1490(a0) # 0xb0c68c80 <_CHERI_CAPABILITY_TABLE_+159696>
   0x00000000b070e25a <+4418>:  lc      ca2,1488(sp)
   0x00000000b070e25e <+4422>:  sc      ca0,496(sp)
   0x00000000b070e262 <+4426>:  cmove   ca0,ca2
   0x00000000b070e266 <+4430>:  lc      ca3,496(sp)
   0x00000000b070e26a <+4434>:  cjalr   cra,ca3
   0x00000000b070e26e <+4438>:  lw      a0,0(a0)
   0x00000000b070e272 <+4442>:  lc      ca1,1488(sp)
   0x00000000b070e276 <+4446>:  sw      a0,0(a1)
   0x00000000b070e27a <+4450>:  lc      ca0,1504(sp)
   0x00000000b070e27e <+4454>:  lw      a1,0(a0)
   0x00000000b070e282 <+4458>:  lc      ca0,1520(sp)
   0x00000000b070e286 <+4462>:  lc      ca2,512(sp)
   0x00000000b070e28a <+4466>:  cjalr   cra,ca2
   0x00000000b070e28e <+4470>:  auipc   a1,0x535
   0x00000000b070e292 <+4474>:  lc      ca1,-1822(a1) # 0xb0c42b70 <_CHERI_CAPABILITY_TABLE_+3776>
   0x00000000b070e296 <+4478>:  lc      ca2,1616(sp)
   0x00000000b070e29a <+4482>:  sc      ca0,480(sp)
   0x00000000b070e29e <+4486>:  cmove   ca0,ca2
   0x00000000b070e2a2 <+4490>:  lc      ca3,480(sp)
   0x00000000b070e2a6 <+4494>:  sc      ca1,464(sp)
   0x00000000b070e2aa <+4498>:  cmove   ca1,ca3
   0x00000000b070e2ae <+4502>:  lc      ca4,464(sp)
   0x00000000b070e2b2 <+4506>:  cjalr   cra,ca4
   0x00000000b070e2b6 <+4510>:  lw      a0,0(a0)
   0x00000000b070e2ba <+4514>:  lc      ca1,1616(sp)
   0x00000000b070e2be <+4518>:  sw      a0,0(a1)
   0x00000000b070e2c2 <+4522>:  lc      ca0,1504(sp)
   0x00000000b070e2c6 <+4526>:  lw      a2,0(a0)
   0x00000000b070e2ca <+4530>:  addi    a2,a2,1
   0x00000000b070e2cc <+4532>:  sw      a2,0(a0)
   0x00000000b070e2d0 <+4536>:  j       0xb070e2d4 <QTextEngine::justify(QScriptLine const&)+4540>
   0x00000000b070e2d4 <+4540>:  j       0xb070e2d8 <QTextEngine::justify(QScriptLine const&)+4544>
   0x00000000b070e2d8 <+4544>:  j       0xb070e2dc <QTextEngine::justify(QScriptLine const&)+4548>
   0x00000000b070e2dc <+4548>:  lc      ca0,1440(sp)
   0x00000000b070e2e0 <+4552>:  lw      a1,0(a0)
   0x00000000b070e2e4 <+4556>:  addi    a1,a1,1
   0x00000000b070e2e6 <+4558>:  sw      a1,0(a0)
   0x00000000b070e2ea <+4562>:  j       0xb070da66 <QTextEngine::justify(QScriptLine const&)+2382>
   0x00000000b070e2ee <+4566>:  lc      ca0,1680(sp)
   0x00000000b070e2f2 <+4570>:  lc      ca1,0(a0)
   0x00000000b070e2f6 <+4574>:  auipc   a2,0x55f
   0x00000000b070e2fa <+4578>:  lc      ca2,1722(a2) # 0xb0c6d9b0 <_CHERI_CAPABILITY_TABLE_+179456>
   0x00000000b070e2fe <+4582>:  lc      ca0,1296(sp)
   0x00000000b070e302 <+4586>:  cjalr   cra,ca2
   0x00000000b070e306 <+4590>:  lc      ca1,1312(sp)
   0x00000000b070e30a <+4594>:  sw      a0,0(a1)
   0x00000000b070e30e <+4598>:  lc      ca0,1680(sp)
   0x00000000b070e312 <+4602>:  lc      ca2,0(a0)
   0x00000000b070e316 <+4606>:  cincoffset      ca0,ca2,20
   0x00000000b070e31a <+4610>:  cincoffset      ca1,ca2,24
   0x00000000b070e31e <+4614>:  auipc   a2,0x55b
   0x00000000b070e322 <+4618>:  lc      ca2,-1662(a2) # 0xb0c68ca0 <_CHERI_CAPABILITY_TABLE_+159728>
   0x00000000b070e326 <+4622>:  sc      ca2,448(sp)
   0x00000000b070e32a <+4626>:  cjalr   cra,ca2
   0x00000000b070e32e <+4630>:  lc      ca1,1840(sp)
   0x00000000b070e332 <+4634>:  sw      a0,0(a1)
   0x00000000b070e336 <+4638>:  cmove   ca0,ca1
   0x00000000b070e33a <+4642>:  lc      ca1,1312(sp)
   0x00000000b070e33e <+4646>:  lc      ca2,448(sp)
   0x00000000b070e342 <+4650>:  cjalr   cra,ca2
   0x00000000b070e346 <+4654>:  lc      ca1,1856(sp)
   0x00000000b070e34a <+4658>:  sw      a0,0(a1)
   0x00000000b070e34e <+4662>:  auipc   a0,0x55f
   0x00000000b070e352 <+4666>:  lc      ca0,1650(a0) # 0xb0c6d9c0 <_CHERI_CAPABILITY_TABLE_+179472>
   0x00000000b070e356 <+4670>:  li      a2,0
   0x00000000b070e358 <+4672>:  sc      ca0,432(sp)
   0x00000000b070e35c <+4676>:  cmove   ca0,ca1
   0x00000000b070e360 <+4680>:  mv      a1,a2
   0x00000000b070e362 <+4682>:  lc      ca3,432(sp)
   0x00000000b070e366 <+4686>:  sd      a2,424(sp)
   0x00000000b070e36a <+4690>:  cjalr   cra,ca3
   0x00000000b070e36e <+4694>:  ld      a1,424(sp)
   0x00000000b070e372 <+4698>:  beq     a0,a1,0xb070e39e <QTextEngine::justify(QScriptLine const&)+4742>
   0x00000000b070e376 <+4702>:  j       0xb070e37a <QTextEngine::justify(QScriptLine const&)+4706>
   0x00000000b070e37a <+4706>:  lc      ca0,1680(sp)
   0x00000000b070e37e <+4710>:  lc      ca1,0(a0)
   0x00000000b070e382 <+4714>:  lw      a2,40(a1)
   0x00000000b070e386 <+4718>:  lui     a3,0x10000
   0x00000000b070e38a <+4722>:  or      a2,a2,a3
   0x00000000b070e38c <+4724>:  sw      a2,40(a1)
   0x00000000b070e390 <+4728>:  li      a1,1
   0x00000000b070e392 <+4730>:  lc      ca2,1824(sp)
   0x00000000b070e396 <+4734>:  sw      a1,0(a2)
   0x00000000b070e39a <+4738>:  j       0xb070e988 <QTextEngine::justify(QScriptLine const&)+6256>
   0x00000000b070e39e <+4742>:  lc      ca0,1616(sp)
   0x00000000b070e3a2 <+4746>:  lw      a1,0(a0)
   0x00000000b070e3a6 <+4750>:  li      a2,7
   0x00000000b070e3a8 <+4752>:  blt     a1,a2,0xb070e62a <QTextEngine::justify(QScriptLine const&)+5394>
   0x00000000b070e3ac <+4756>:  j       0xb070e3b0 <QTextEngine::justify(QScriptLine const&)+4760>
   0x00000000b070e3b0 <+4760>:  j       0xb070e3b4 <QTextEngine::justify(QScriptLine const&)+4764>
   0x00000000b070e3b4 <+4764>:  auipc   a0,0x55f
   0x00000000b070e3b8 <+4768>:  lc      ca0,1564(a0) # 0xb0c6d9d0 <_CHERI_CAPABILITY_TABLE_+179488>
   0x00000000b070e3bc <+4772>:  lc      ca1,1856(sp)
   0x00000000b070e3c0 <+4776>:  sc      ca0,400(sp)
   0x00000000b070e3c4 <+4780>:  cmove   ca0,ca1
   0x00000000b070e3c8 <+4784>:  lc      ca1,1488(sp)
   0x00000000b070e3cc <+4788>:  lc      ca2,400(sp)
   0x00000000b070e3d0 <+4792>:  cjalr   cra,ca2
   0x00000000b070e3d4 <+4796>:  li      a1,0
   0x00000000b070e3d6 <+4798>:  beq     a0,a1,0xb070e626 <QTextEngine::justify(QScriptLine const&)+5390>
   0x00000000b070e3da <+4802>:  j       0xb070e3de <QTextEngine::justify(QScriptLine const&)+4806>
   0x00000000b070e3de <+4806>:  lc      ca0,1616(sp)
   0x00000000b070e3e2 <+4810>:  lw      a1,0(a0)
   0x00000000b070e3e6 <+4814>:  lc      ca2,1808(sp)
   0x00000000b070e3ea <+4818>:  sw      a1,0(a2)
   0x00000000b070e3ee <+4822>:  j       0xb070e3f2 <QTextEngine::justify(QScriptLine const&)+4826>
   0x00000000b070e3f2 <+4826>:  auipc   a0,0x55f
   0x00000000b070e3f6 <+4830>:  lc      ca0,1502(a0) # 0xb0c6d9d0 <_CHERI_CAPABILITY_TABLE_+179488>
   0x00000000b070e3fa <+4834>:  lc      ca1,1856(sp)
   0x00000000b070e3fe <+4838>:  sc      ca0,384(sp)
   0x00000000b070e402 <+4842>:  cmove   ca0,ca1
   0x00000000b070e406 <+4846>:  lc      ca1,1488(sp)
   0x00000000b070e40a <+4850>:  lc      ca2,384(sp)
   0x00000000b070e40e <+4854>:  cjalr   cra,ca2
   0x00000000b070e412 <+4858>:  li      a1,0
   0x00000000b070e414 <+4860>:  mv      a2,a1
   0x00000000b070e416 <+4862>:  sd      a2,376(sp)
   0x00000000b070e41a <+4866>:  beq     a0,a1,0xb070e438 <QTextEngine::justify(QScriptLine const&)+4896>
   0x00000000b070e41e <+4870>:  j       0xb070e422 <QTextEngine::justify(QScriptLine const&)+4874>
   0x00000000b070e422 <+4874>:  lc      ca0,1808(sp)
   0x00000000b070e426 <+4878>:  lw      a1,0(a0)
   0x00000000b070e42a <+4882>:  li      a2,6
   0x00000000b070e42c <+4884>:  slt     a1,a2,a1
   0x00000000b070e430 <+4888>:  sd      a1,376(sp)
   0x00000000b070e434 <+4892>:  j       0xb070e438 <QTextEngine::justify(QScriptLine const&)+4896>
   0x00000000b070e438 <+4896>:  ld      a0,376(sp)
   0x00000000b070e43c <+4900>:  andi    a0,a0,1
   0x00000000b070e43e <+4902>:  li      a1,0
   0x00000000b070e440 <+4904>:  beq     a0,a1,0xb070e622 <QTextEngine::justify(QScriptLine const&)+5386>
   0x00000000b070e444 <+4908>:  j       0xb070e448 <QTextEngine::justify(QScriptLine const&)+4912>
   0x00000000b070e448 <+4912>:  li      a0,0
   0x00000000b070e44a <+4914>:  lc      ca1,1792(sp)
   0x00000000b070e44e <+4918>:  sw      a0,0(a1)
   0x00000000b070e452 <+4922>:  j       0xb070e456 <QTextEngine::justify(QScriptLine const&)+4926>
   0x00000000b070e456 <+4926>:  auipc   a0,0x55f
   0x00000000b070e45a <+4930>:  lc      ca0,1402(a0) # 0xb0c6d9d0 <_CHERI_CAPABILITY_TABLE_+179488>
   0x00000000b070e45e <+4934>:  lc      ca1,1856(sp)
   0x00000000b070e462 <+4938>:  sc      ca0,352(sp)
   0x00000000b070e466 <+4942>:  cmove   ca0,ca1
   0x00000000b070e46a <+4946>:  lc      ca1,1488(sp)
   0x00000000b070e46e <+4950>:  lc      ca2,352(sp)
   0x00000000b070e472 <+4954>:  cjalr   cra,ca2
   0x00000000b070e476 <+4958>:  li      a1,0
   0x00000000b070e478 <+4960>:  mv      a2,a1
   0x00000000b070e47a <+4962>:  sd      a2,344(sp)
   0x00000000b070e47e <+4966>:  beq     a0,a1,0xb070e4a2 <QTextEngine::justify(QScriptLine const&)+5002>
   0x00000000b070e482 <+4970>:  j       0xb070e486 <QTextEngine::justify(QScriptLine const&)+4974>
   0x00000000b070e486 <+4974>:  lc      ca0,1792(sp)
   0x00000000b070e48a <+4978>:  lw      a1,0(a0)
   0x00000000b070e48e <+4982>:  lc      ca2,1504(sp)
   0x00000000b070e492 <+4986>:  lw      a3,0(a2)
   0x00000000b070e496 <+4990>:  slt     a1,a1,a3
   0x00000000b070e49a <+4994>:  sd      a1,344(sp)
   0x00000000b070e49e <+4998>:  j       0xb070e4a2 <QTextEngine::justify(QScriptLine const&)+5002>
   0x00000000b070e4a2 <+5002>:  ld      a0,344(sp)
   0x00000000b070e4a6 <+5006>:  andi    a0,a0,1
   0x00000000b070e4a8 <+5008>:  li      a1,0
   0x00000000b070e4aa <+5010>:  beq     a0,a1,0xb070e60c <QTextEngine::justify(QScriptLine const&)+5364>
   0x00000000b070e4ae <+5014>:  j       0xb070e4b2 <QTextEngine::justify(QScriptLine const&)+5018>
   0x00000000b070e4b2 <+5018>:  lc      ca0,1792(sp)
   0x00000000b070e4b6 <+5022>:  lw      a1,0(a0)
   0x00000000b070e4ba <+5026>:  auipc   a2,0x55f
   0x00000000b070e4be <+5030>:  lc      ca2,1238(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e4c2 <+5034>:  lc      ca0,1520(sp)
   0x00000000b070e4c6 <+5038>:  cjalr   cra,ca2
   0x00000000b070e4ca <+5042>:  lw      a0,0(a0)
   0x00000000b070e4ce <+5046>:  lc      ca1,1808(sp)
   0x00000000b070e4d2 <+5050>:  lw      a2,0(a1)
   0x00000000b070e4d6 <+5054>:  bne     a0,a2,0xb070e5f6 <QTextEngine::justify(QScriptLine const&)+5342>
   0x00000000b070e4da <+5058>:  j       0xb070e4de <QTextEngine::justify(QScriptLine const&)+5062>
   0x00000000b070e4de <+5062>:  lc      ca0,1792(sp)
   0x00000000b070e4e2 <+5066>:  lw      a1,0(a0)
   0x00000000b070e4e6 <+5070>:  auipc   a2,0x55f
   0x00000000b070e4ea <+5074>:  lc      ca2,1194(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e4ee <+5078>:  lc      ca0,1520(sp)
   0x00000000b070e4f2 <+5082>:  cjalr   cra,ca2
   0x00000000b070e4f6 <+5086>:  cincoffset      ca0,ca0,4
   0x00000000b070e4fa <+5090>:  auipc   a1,0x55f
   0x00000000b070e4fe <+5094>:  lc      ca1,1254(a1) # 0xb0c6d9e0 <_CHERI_CAPABILITY_TABLE_+179504>
   0x00000000b070e502 <+5098>:  lc      ca2,1856(sp)
   0x00000000b070e506 <+5102>:  sc      ca1,320(sp)
   0x00000000b070e50a <+5106>:  cmove   ca1,ca2
   0x00000000b070e50e <+5110>:  lc      ca3,320(sp)
   0x00000000b070e512 <+5114>:  cjalr   cra,ca3
   0x00000000b070e516 <+5118>:  li      a1,0
   0x00000000b070e518 <+5120>:  beq     a0,a1,0xb070e5f6 <QTextEngine::justify(QScriptLine const&)+5342>
   0x00000000b070e51c <+5124>:  j       0xb070e520 <QTextEngine::justify(QScriptLine const&)+5128>
   0x00000000b070e520 <+5128>:  lc      ca0,1792(sp)
   0x00000000b070e524 <+5132>:  lw      a1,0(a0)
   0x00000000b070e528 <+5136>:  auipc   a2,0x55f
   0x00000000b070e52c <+5140>:  lc      ca2,1128(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e530 <+5144>:  lc      ca0,1520(sp)
   0x00000000b070e534 <+5148>:  sc      ca2,304(sp)
   0x00000000b070e538 <+5152>:  cjalr   cra,ca2
   0x00000000b070e53c <+5156>:  lc      ca0,64(a0)
   0x00000000b070e540 <+5160>:  lwu     a1,0(a0)
   0x00000000b070e544 <+5164>:  srli    a2,a1,0x2
   0x00000000b070e548 <+5168>:  addi    a2,a2,1
   0x00000000b070e54a <+5170>:  andi    a2,a2,63
   0x00000000b070e54e <+5174>:  slli    a2,a2,0x2
   0x00000000b070e550 <+5176>:  li      a3,1
   0x00000000b070e552 <+5178>:  slli    a3,a3,0x20
   0x00000000b070e554 <+5180>:  addi    a3,a3,-253 # 0xfffff03
   0x00000000b070e558 <+5184>:  and     a1,a1,a3
   0x00000000b070e55a <+5186>:  or      a1,a1,a2
   0x00000000b070e55c <+5188>:  sw      a1,0(a0)
   0x00000000b070e560 <+5192>:  lc      ca0,1792(sp)
   0x00000000b070e564 <+5196>:  lw      a1,0(a0)
   0x00000000b070e568 <+5200>:  lc      ca0,1520(sp)
   0x00000000b070e56c <+5204>:  lc      ca2,304(sp)
   0x00000000b070e570 <+5208>:  cjalr   cra,ca2
   0x00000000b070e574 <+5212>:  cincoffset      ca0,ca0,4
   0x00000000b070e578 <+5216>:  auipc   a1,0x559
   0x00000000b070e57c <+5220>:  lc      ca1,-88(a1) # 0xb0c67520 <_CHERI_CAPABILITY_TABLE_+153712>
   0x00000000b070e580 <+5224>:  cjalr   cra,ca1
   0x00000000b070e584 <+5228>:  lc      ca1,1792(sp)
   0x00000000b070e588 <+5232>:  lw      a1,0(a1)
   0x00000000b070e58c <+5236>:  lc      ca2,1520(sp)
   0x00000000b070e590 <+5240>:  sd      a0,296(sp)
   0x00000000b070e594 <+5244>:  cmove   ca0,ca2
   0x00000000b070e598 <+5248>:  lc      ca3,304(sp)
   0x00000000b070e59c <+5252>:  cjalr   cra,ca3
   0x00000000b070e5a0 <+5256>:  lc      ca0,64(a0)
   0x00000000b070e5a4 <+5260>:  lwu     a1,0(a0)
   0x00000000b070e5a8 <+5264>:  srli    a2,a1,0x8
   0x00000000b070e5ac <+5268>:  ld      a3,296(sp)
   0x00000000b070e5b0 <+5272>:  add     a2,a2,a3
   0x00000000b070e5b2 <+5274>:  slli    a2,a2,0x8
   0x00000000b070e5b4 <+5276>:  andi    a1,a1,255
   0x00000000b070e5b8 <+5280>:  or      a1,a1,a2
   0x00000000b070e5ba <+5282>:  sw      a1,0(a0)
   0x00000000b070e5be <+5286>:  lc      ca0,1792(sp)
   0x00000000b070e5c2 <+5290>:  lw      a1,0(a0)
   0x00000000b070e5c6 <+5294>:  lc      ca0,1520(sp)
   0x00000000b070e5ca <+5298>:  lc      ca2,304(sp)
   0x00000000b070e5ce <+5302>:  cjalr   cra,ca2
   0x00000000b070e5d2 <+5306>:  cincoffset      ca1,ca0,4
   0x00000000b070e5d6 <+5310>:  auipc   a0,0x55a
   0x00000000b070e5da <+5314>:  lc      ca0,1354(a0) # 0xb0c68b20 <_CHERI_CAPABILITY_TABLE_+159344>
   0x00000000b070e5de <+5318>:  lc      ca2,1856(sp)
   0x00000000b070e5e2 <+5322>:  sc      ca0,272(sp)
   0x00000000b070e5e6 <+5326>:  cmove   ca0,ca2
   0x00000000b070e5ea <+5330>:  lc      ca3,272(sp)
   0x00000000b070e5ee <+5334>:  cjalr   cra,ca3
   0x00000000b070e5f2 <+5338>:  j       0xb070e5f6 <QTextEngine::justify(QScriptLine const&)+5342>
   0x00000000b070e5f6 <+5342>:  j       0xb070e5fa <QTextEngine::justify(QScriptLine const&)+5346>
   0x00000000b070e5fa <+5346>:  lc      ca0,1792(sp)
   0x00000000b070e5fe <+5350>:  lw      a1,0(a0)
   0x00000000b070e602 <+5354>:  addi    a1,a1,1
   0x00000000b070e604 <+5356>:  sw      a1,0(a0)
   0x00000000b070e608 <+5360>:  j       0xb070e456 <QTextEngine::justify(QScriptLine const&)+4926>
   0x00000000b070e60c <+5364>:  j       0xb070e610 <QTextEngine::justify(QScriptLine const&)+5368>
   0x00000000b070e610 <+5368>:  lc      ca0,1808(sp)
   0x00000000b070e614 <+5372>:  lw      a1,0(a0)
   0x00000000b070e618 <+5376>:  addi    a1,a1,-1
   0x00000000b070e61a <+5378>:  sw      a1,0(a0)
   0x00000000b070e61e <+5382>:  j       0xb070e3f2 <QTextEngine::justify(QScriptLine const&)+4826>
   0x00000000b070e622 <+5386>:  j       0xb070e3b4 <QTextEngine::justify(QScriptLine const&)+4764>
   0x00000000b070e626 <+5390>:  j       0xb070e62a <QTextEngine::justify(QScriptLine const&)+5394>
   0x00000000b070e62a <+5394>:  auipc   a0,0x55f
   0x00000000b070e62e <+5398>:  lc      ca0,966(a0) # 0xb0c6d9f0 <_CHERI_CAPABILITY_TABLE_+179520>
   0x00000000b070e632 <+5402>:  li      a1,0
   0x00000000b070e634 <+5404>:  lc      ca2,1856(sp)
   0x00000000b070e638 <+5408>:  sc      ca0,256(sp)
   0x00000000b070e63c <+5412>:  cmove   ca0,ca2
   0x00000000b070e640 <+5416>:  sd      a1,248(sp)
   0x00000000b070e644 <+5420>:  lc      ca3,256(sp)
   0x00000000b070e648 <+5424>:  cjalr   cra,ca3
   0x00000000b070e64c <+5428>:  ld      a1,248(sp)
   0x00000000b070e650 <+5432>:  beq     a0,a1,0xb070e65c <QTextEngine::justify(QScriptLine const&)+5444>
   0x00000000b070e654 <+5436>:  j       0xb070e658 <QTextEngine::justify(QScriptLine const&)+5440>
   0x00000000b070e658 <+5440>:  j       0xb070e688 <QTextEngine::justify(QScriptLine const&)+5488>
   0x00000000b070e65c <+5444>:  auipc   a0,0x55f
   0x00000000b070e660 <+5448>:  lc      ca0,932(a0) # 0xb0c6da00 <_CHERI_CAPABILITY_TABLE_+179536>
   0x00000000b070e664 <+5452>:  auipc   a1,0x55e
   0x00000000b070e668 <+5456>:  lc      ca1,1340(a1) # 0xb0c6cba0 <_CHERI_CAPABILITY_TABLE_+175856>
   0x00000000b070e66c <+5460>:  auipc   a2,0x534
   0x00000000b070e670 <+5464>:  lc      ca2,-1772(a2) # 0xb0c41f80 <_CHERI_CAPABILITY_TABLE_+720>
   0x00000000b070e674 <+5468>:  lui     a3,0x1
   0x00000000b070e676 <+5470>:  addiw   a3,a3,-1713
   0x00000000b070e67a <+5474>:  sc      ca2,224(sp)
   0x00000000b070e67e <+5478>:  mv      a2,a3
   0x00000000b070e680 <+5480>:  lc      ca3,224(sp)
   0x00000000b070e684 <+5484>:  cjalr   cra,ca3
   0x00000000b070e688 <+5488>:  auipc   a0,0x55a
   0x00000000b070e68c <+5492>:  lc      ca0,1464(a0) # 0xb0c68c40 <_CHERI_CAPABILITY_TABLE_+159632>
   0x00000000b070e690 <+5496>:  lc      ca1,1856(sp)
   0x00000000b070e694 <+5500>:  sc      ca0,208(sp)
   0x00000000b070e698 <+5504>:  cmove   ca0,ca1
   0x00000000b070e69c <+5508>:  lc      ca2,208(sp)
   0x00000000b070e6a0 <+5512>:  cjalr   cra,ca2
   0x00000000b070e6a4 <+5516>:  li      a1,0
   0x00000000b070e6a6 <+5518>:  beq     a0,a1,0xb070e6b2 <QTextEngine::justify(QScriptLine const&)+5530>
   0x00000000b070e6aa <+5522>:  j       0xb070e6ae <QTextEngine::justify(QScriptLine const&)+5526>
   0x00000000b070e6ae <+5526>:  j       0xb070e964 <QTextEngine::justify(QScriptLine const&)+6220>
   0x00000000b070e6b2 <+5530>:  li      a0,4
   0x00000000b070e6b4 <+5532>:  lc      ca1,1776(sp)
   0x00000000b070e6b8 <+5536>:  sw      a0,0(a1)
   0x00000000b070e6bc <+5540>:  auipc   a0,0x534
   0x00000000b070e6c0 <+5544>:  lc      ca0,1172(a0) # 0xb0c42b50 <_CHERI_CAPABILITY_TABLE_+3744>
   0x00000000b070e6c4 <+5548>:  lc      ca2,1616(sp)
   0x00000000b070e6c8 <+5552>:  sc      ca0,192(sp)
   0x00000000b070e6cc <+5556>:  cmove   ca0,ca2
   0x00000000b070e6d0 <+5560>:  lc      ca3,192(sp)
   0x00000000b070e6d4 <+5564>:  cjalr   cra,ca3
   0x00000000b070e6d8 <+5568>:  lw      a0,0(a0)
   0x00000000b070e6dc <+5572>:  lc      ca1,1616(sp)
   0x00000000b070e6e0 <+5576>:  sw      a0,0(a1)
   0x00000000b070e6e4 <+5580>:  lw      a0,0(a1)
   0x00000000b070e6e8 <+5584>:  lc      ca2,1760(sp)
   0x00000000b070e6ec <+5588>:  sw      a0,0(a2)
   0x00000000b070e6f0 <+5592>:  j       0xb070e6f4 <QTextEngine::justify(QScriptLine const&)+5596>
   0x00000000b070e6f4 <+5596>:  auipc   a0,0x55a
   0x00000000b070e6f8 <+5600>:  lc      ca0,1804(a0) # 0xb0c68e00 <_CHERI_CAPABILITY_TABLE_+160080>
   0x00000000b070e6fc <+5604>:  li      a1,0
   0x00000000b070e6fe <+5606>:  lc      ca2,1856(sp)
   0x00000000b070e702 <+5610>:  sc      ca0,176(sp)
   0x00000000b070e706 <+5614>:  cmove   ca0,ca2
   0x00000000b070e70a <+5618>:  sd      a1,168(sp)
   0x00000000b070e70e <+5622>:  lc      ca3,176(sp)
   0x00000000b070e712 <+5626>:  cjalr   cra,ca3
   0x00000000b070e716 <+5630>:  ld      a1,168(sp)
   0x00000000b070e71a <+5634>:  ld      a2,168(sp)
   0x00000000b070e71e <+5638>:  sd      a1,160(sp)
   0x00000000b070e722 <+5642>:  beq     a0,a2,0xb070e740 <QTextEngine::justify(QScriptLine const&)+5672>
   0x00000000b070e726 <+5646>:  j       0xb070e72a <QTextEngine::justify(QScriptLine const&)+5650>
   0x00000000b070e72a <+5650>:  lc      ca0,1760(sp)
   0x00000000b070e72e <+5654>:  lw      a1,0(a0)
   0x00000000b070e732 <+5658>:  li      a2,0
   0x00000000b070e734 <+5660>:  slt     a1,a2,a1
   0x00000000b070e738 <+5664>:  sd      a1,160(sp)
   0x00000000b070e73c <+5668>:  j       0xb070e740 <QTextEngine::justify(QScriptLine const&)+5672>
   0x00000000b070e740 <+5672>:  ld      a0,160(sp)
   0x00000000b070e744 <+5676>:  andi    a0,a0,1
   0x00000000b070e746 <+5678>:  li      a1,0
   0x00000000b070e748 <+5680>:  beq     a0,a1,0xb070e960 <QTextEngine::justify(QScriptLine const&)+6216>
   0x00000000b070e74c <+5684>:  j       0xb070e750 <QTextEngine::justify(QScriptLine const&)+5688>
   0x00000000b070e750 <+5688>:  li      a0,0
   0x00000000b070e752 <+5690>:  lc      ca1,1744(sp)
   0x00000000b070e756 <+5694>:  sw      a0,0(a1)
   0x00000000b070e75a <+5698>:  lc      ca2,1728(sp)
   0x00000000b070e75e <+5702>:  sw      a0,0(a2)
   0x00000000b070e762 <+5706>:  j       0xb070e766 <QTextEngine::justify(QScriptLine const&)+5710>
   0x00000000b070e766 <+5710>:  lc      ca0,1728(sp)
   0x00000000b070e76a <+5714>:  lw      a1,0(a0)
   0x00000000b070e76e <+5718>:  lc      ca2,1504(sp)
   0x00000000b070e772 <+5722>:  lw      a3,0(a2)
   0x00000000b070e776 <+5726>:  bge     a1,a3,0xb070e7d2 <QTextEngine::justify(QScriptLine const&)+5818>
   0x00000000b070e77a <+5730>:  j       0xb070e77e <QTextEngine::justify(QScriptLine const&)+5734>
   0x00000000b070e77e <+5734>:  lc      ca0,1728(sp)
   0x00000000b070e782 <+5738>:  lw      a1,0(a0)
   0x00000000b070e786 <+5742>:  auipc   a2,0x55f
   0x00000000b070e78a <+5746>:  lc      ca2,522(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e78e <+5750>:  lc      ca0,1520(sp)
   0x00000000b070e792 <+5754>:  cjalr   cra,ca2
   0x00000000b070e796 <+5758>:  lw      a0,0(a0)
   0x00000000b070e79a <+5762>:  lc      ca1,1760(sp)
   0x00000000b070e79e <+5766>:  lw      a2,0(a1)
   0x00000000b070e7a2 <+5770>:  bne     a0,a2,0xb070e7bc <QTextEngine::justify(QScriptLine const&)+5796>
   0x00000000b070e7a6 <+5774>:  j       0xb070e7aa <QTextEngine::justify(QScriptLine const&)+5778>
   0x00000000b070e7aa <+5778>:  lc      ca0,1744(sp)
   0x00000000b070e7ae <+5782>:  lw      a1,0(a0)
   0x00000000b070e7b2 <+5786>:  addi    a1,a1,1
   0x00000000b070e7b4 <+5788>:  sw      a1,0(a0)
   0x00000000b070e7b8 <+5792>:  j       0xb070e7bc <QTextEngine::justify(QScriptLine const&)+5796>
   0x00000000b070e7bc <+5796>:  j       0xb070e7c0 <QTextEngine::justify(QScriptLine const&)+5800>
   0x00000000b070e7c0 <+5800>:  lc      ca0,1728(sp)
   0x00000000b070e7c4 <+5804>:  lw      a1,0(a0)
   0x00000000b070e7c8 <+5808>:  addi    a1,a1,1
   0x00000000b070e7ca <+5810>:  sw      a1,0(a0)
   0x00000000b070e7ce <+5814>:  j       0xb070e766 <QTextEngine::justify(QScriptLine const&)+5710>
   0x00000000b070e7d2 <+5818>:  lc      ca0,1744(sp)
   0x00000000b070e7d6 <+5822>:  lw      a1,0(a0)
   0x00000000b070e7da <+5826>:  li      a2,0
   0x00000000b070e7dc <+5828>:  bne     a1,a2,0xb070e7e8 <QTextEngine::justify(QScriptLine const&)+5840>
   0x00000000b070e7e0 <+5832>:  j       0xb070e7e4 <QTextEngine::justify(QScriptLine const&)+5836>
   0x00000000b070e7e4 <+5836>:  j       0xb070e94e <QTextEngine::justify(QScriptLine const&)+6198>
   0x00000000b070e7e8 <+5840>:  li      a0,0
   0x00000000b070e7ea <+5842>:  lc      ca1,1712(sp)
   0x00000000b070e7ee <+5846>:  sw      a0,0(a1)
   0x00000000b070e7f2 <+5850>:  j       0xb070e7f6 <QTextEngine::justify(QScriptLine const&)+5854>
   0x00000000b070e7f6 <+5854>:  lc      ca0,1712(sp)
   0x00000000b070e7fa <+5858>:  lw      a1,0(a0)
   0x00000000b070e7fe <+5862>:  lc      ca2,1504(sp)
   0x00000000b070e802 <+5866>:  lw      a3,0(a2)
   0x00000000b070e806 <+5870>:  bge     a1,a3,0xb070e8f4 <QTextEngine::justify(QScriptLine const&)+6108>
   0x00000000b070e80a <+5874>:  j       0xb070e80e <QTextEngine::justify(QScriptLine const&)+5878>
   0x00000000b070e80e <+5878>:  lc      ca0,1712(sp)
   0x00000000b070e812 <+5882>:  lw      a1,0(a0)
   0x00000000b070e816 <+5886>:  auipc   a2,0x55f
   0x00000000b070e81a <+5890>:  lc      ca2,378(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e81e <+5894>:  lc      ca0,1520(sp)
   0x00000000b070e822 <+5898>:  cjalr   cra,ca2
   0x00000000b070e826 <+5902>:  lw      a0,0(a0)
   0x00000000b070e82a <+5906>:  lc      ca1,1760(sp)
   0x00000000b070e82e <+5910>:  lw      a2,0(a1)
   0x00000000b070e832 <+5914>:  bne     a0,a2,0xb070e8de <QTextEngine::justify(QScriptLine const&)+6086>
   0x00000000b070e836 <+5918>:  j       0xb070e83a <QTextEngine::justify(QScriptLine const&)+5922>
   0x00000000b070e83a <+5922>:  lc      ca0,1744(sp)
   0x00000000b070e83e <+5926>:  lw      a1,0(a0)
   0x00000000b070e842 <+5930>:  auipc   a2,0x55a
   0x00000000b070e846 <+5934>:  lc      ca2,126(a2) # 0xb0c688c0 <_CHERI_CAPABILITY_TABLE_+158736>
   0x00000000b070e84a <+5938>:  lc      ca0,1856(sp)
   0x00000000b070e84e <+5942>:  cjalr   cra,ca2
   0x00000000b070e852 <+5946>:  lc      ca1,1696(sp)
   0x00000000b070e856 <+5950>:  sw      a0,0(a1)
   0x00000000b070e85a <+5954>:  auipc   a0,0x559
   0x00000000b070e85e <+5958>:  lc      ca0,-826(a0) # 0xb0c67520 <_CHERI_CAPABILITY_TABLE_+153712>
   0x00000000b070e862 <+5962>:  sc      ca0,144(sp)
   0x00000000b070e866 <+5966>:  cmove   ca0,ca1
   0x00000000b070e86a <+5970>:  lc      ca2,144(sp)
   0x00000000b070e86e <+5974>:  cjalr   cra,ca2
   0x00000000b070e872 <+5978>:  lc      ca1,1712(sp)
   0x00000000b070e876 <+5982>:  lw      a1,0(a1)
   0x00000000b070e87a <+5986>:  auipc   a2,0x55f
   0x00000000b070e87e <+5990>:  lc      ca2,278(a2) # 0xb0c6d990 <_CHERI_CAPABILITY_TABLE_+179424>
   0x00000000b070e882 <+5994>:  lc      ca3,1520(sp)
   0x00000000b070e886 <+5998>:  sd      a0,136(sp)
   0x00000000b070e88a <+6002>:  cmove   ca0,ca3
   0x00000000b070e88e <+6006>:  cjalr   cra,ca2
   0x00000000b070e892 <+6010>:  lc      ca0,64(a0)
   0x00000000b070e896 <+6014>:  lwu     a1,0(a0)
   0x00000000b070e89a <+6018>:  ld      a2,136(sp)
   0x00000000b070e89e <+6022>:  slli    a3,a2,0x8
   0x00000000b070e8a2 <+6026>:  andi    a1,a1,255
   0x00000000b070e8a6 <+6030>:  or      a1,a1,a3
   0x00000000b070e8a8 <+6032>:  sw      a1,0(a0)
   0x00000000b070e8ac <+6036>:  auipc   a0,0x55a
   0x00000000b070e8b0 <+6040>:  lc      ca0,628(a0) # 0xb0c68b20 <_CHERI_CAPABILITY_TABLE_+159344>
   0x00000000b070e8b4 <+6044>:  lc      ca1,1856(sp)
   0x00000000b070e8b8 <+6048>:  sc      ca0,112(sp)
   0x00000000b070e8bc <+6052>:  cmove   ca0,ca1
   0x00000000b070e8c0 <+6056>:  lc      ca1,1696(sp)
   0x00000000b070e8c4 <+6060>:  lc      ca3,112(sp)
   0x00000000b070e8c8 <+6064>:  cjalr   cra,ca3
   0x00000000b070e8cc <+6068>:  lc      ca1,1744(sp)
   0x00000000b070e8d0 <+6072>:  lw      a2,0(a1)
   0x00000000b070e8d4 <+6076>:  addi    a2,a2,-1
   0x00000000b070e8d6 <+6078>:  sw      a2,0(a1)
   0x00000000b070e8da <+6082>:  j       0xb070e8de <QTextEngine::justify(QScriptLine const&)+6086>
   0x00000000b070e8de <+6086>:  j       0xb070e8e2 <QTextEngine::justify(QScriptLine const&)+6090>
   0x00000000b070e8e2 <+6090>:  lc      ca0,1712(sp)
   0x00000000b070e8e6 <+6094>:  lw      a1,0(a0)
   0x00000000b070e8ea <+6098>:  addi    a1,a1,1
   0x00000000b070e8ec <+6100>:  sw      a1,0(a0)
   0x00000000b070e8f0 <+6104>:  j       0xb070e7f6 <QTextEngine::justify(QScriptLine const&)+5854>
   0x00000000b070e8f4 <+6108>:  auipc   a0,0x55a
   0x00000000b070e8f8 <+6112>:  lc      ca0,844(a0) # 0xb0c68c40 <_CHERI_CAPABILITY_TABLE_+159632>
   0x00000000b070e8fc <+6116>:  lc      ca1,1856(sp)
   0x00000000b070e900 <+6120>:  sc      ca0,96(sp)
   0x00000000b070e904 <+6124>:  cmove   ca0,ca1
   0x00000000b070e908 <+6128>:  lc      ca2,96(sp)
   0x00000000b070e90c <+6132>:  cjalr   cra,ca2
   0x00000000b070e910 <+6136>:  li      a1,0
   0x00000000b070e912 <+6138>:  beq     a0,a1,0xb070e91e <QTextEngine::justify(QScriptLine const&)+6150>
   0x00000000b070e916 <+6142>:  j       0xb070e91a <QTextEngine::justify(QScriptLine const&)+6146>
   0x00000000b070e91a <+6146>:  j       0xb070e94a <QTextEngine::justify(QScriptLine const&)+6194>
   0x00000000b070e91e <+6150>:  auipc   a0,0x55f
   0x00000000b070e922 <+6154>:  lc      ca0,242(a0) # 0xb0c6da10 <_CHERI_CAPABILITY_TABLE_+179552>
   0x00000000b070e926 <+6158>:  auipc   a1,0x55e
   0x00000000b070e92a <+6162>:  lc      ca1,634(a1) # 0xb0c6cba0 <_CHERI_CAPABILITY_TABLE_+175856>
   0x00000000b070e92e <+6166>:  auipc   a2,0x533
   0x00000000b070e932 <+6170>:  lc      ca2,1618(a2) # 0xb0c41f80 <_CHERI_CAPABILITY_TABLE_+720>
   0x00000000b070e936 <+6174>:  lui     a3,0x1
   0x00000000b070e938 <+6176>:  addiw   a3,a3,-1686
   0x00000000b070e93c <+6180>:  sc      ca2,80(sp)
   0x00000000b070e940 <+6184>:  mv      a2,a3
   0x00000000b070e942 <+6186>:  lc      ca3,80(sp)
   0x00000000b070e946 <+6190>:  cjalr   cra,ca3
   0x00000000b070e94a <+6194>:  j       0xb070e94e <QTextEngine::justify(QScriptLine const&)+6198>
   0x00000000b070e94e <+6198>:  lc      ca0,1760(sp)
   0x00000000b070e952 <+6202>:  lw      a1,0(a0)
   0x00000000b070e956 <+6206>:  addi    a1,a1,-1
   0x00000000b070e958 <+6208>:  sw      a1,0(a0)
   0x00000000b070e95c <+6212>:  j       0xb070e6f4 <QTextEngine::justify(QScriptLine const&)+5596>
   0x00000000b070e960 <+6216>:  j       0xb070e964 <QTextEngine::justify(QScriptLine const&)+6220>
   0x00000000b070e964 <+6220>:  lc      ca0,1680(sp)
   0x00000000b070e968 <+6224>:  lc      ca1,0(a0)
   0x00000000b070e96c <+6228>:  lw      a2,40(a1)
   0x00000000b070e970 <+6232>:  lui     a3,0x10000
   0x00000000b070e974 <+6236>:  or      a2,a2,a3
   0x00000000b070e976 <+6238>:  sw      a2,40(a1)
   0x00000000b070e97a <+6242>:  li      a1,0
   0x00000000b070e97c <+6244>:  lc      ca2,1824(sp)
   0x00000000b070e980 <+6248>:  sw      a1,0(a2)
   0x00000000b070e984 <+6252>:  j       0xb070e988 <QTextEngine::justify(QScriptLine const&)+6256>
   0x00000000b070e988 <+6256>:  auipc   a0,0x55f
   0x00000000b070e98c <+6260>:  lc      ca0,152(a0) # 0xb0c6da20 <_CHERI_CAPABILITY_TABLE_+179568>
   0x00000000b070e990 <+6264>:  lc      ca1,1520(sp)
   0x00000000b070e994 <+6268>:  sc      ca0,64(sp)
   0x00000000b070e998 <+6272>:  cmove   ca0,ca1
   0x00000000b070e99c <+6276>:  lc      ca2,64(sp)
   0x00000000b070e9a0 <+6280>:  cjalr   cra,ca2
   0x00000000b070e9a4 <+6284>:  lui     a0,0xffff8
   0x00000000b070e9a6 <+6286>:  addiw   a0,a0,1056
   0x00000000b070e9aa <+6290>:  cincoffset      csp,cs0,a0
   0x00000000b070e9ae <+6294>:  lui     a0,0x7
   0x00000000b070e9b0 <+6296>:  addiw   a0,a0,1008
   0x00000000b070e9b4 <+6300>:  cincoffset      csp,csp,a0
   0x00000000b070e9b8 <+6304>:  lc      cs11,1824(sp)
   0x00000000b070e9bc <+6308>:  lc      cs10,1840(sp)
   0x00000000b070e9c0 <+6312>:  lc      cs9,1856(sp)
   0x00000000b070e9c4 <+6316>:  lc      cs8,1872(sp)
   0x00000000b070e9c8 <+6320>:  lc      cs7,1888(sp)
   0x00000000b070e9cc <+6324>:  lc      cs6,1904(sp)
   0x00000000b070e9d0 <+6328>:  lc      cs5,1920(sp)
   0x00000000b070e9d4 <+6332>:  lc      cs4,1936(sp)
   0x00000000b070e9d8 <+6336>:  lc      cs3,1952(sp)
   0x00000000b070e9dc <+6340>:  lc      cs2,1968(sp)
   0x00000000b070e9e0 <+6344>:  lc      cs1,1984(sp)
   0x00000000b070e9e4 <+6348>:  lc      cs0,2000(sp)
   0x00000000b070e9e8 <+6352>:  lc      cra,2016(sp)
   0x00000000b070e9ec <+6356>:  cincoffset      csp,csp,2032
   0x00000000b070e9f0 <+6360>:  cret

The argument line is stored just after <+56>, and is loaded incorrectly just before <+1120>.

Here is a dump of the register file when the tag violation occurs:

ra             0x3affcf75ac     253399889324
sp             0x3affcf6b80     253399886720
gp             0x0      0
tp             0xab3f2040       2873040960
t0             0x3affcfe65c     253399918172
t1             0x3affcfe658     253399918168
t2             0x3affcfe654     253399918164
fp             0x3affcfe770     253399918448
s1             0x3affcf7600     253399889408
a0             0x3affcf73b0     253399888816
a1             0x3affcf73e8     253399888872
a2             0x3affcf758c     253399889292
a3             0xb0dde2c0       2967331520
a4             0x3affcfe670     253399918192
a5             0x3affcf6c88     253399886984
a6             0x3affcfe668     253399918184
a7             0x3affcfe660     253399918176
s2             0x3affcf75fc     253399889404
s3             0x3affcf75f8     253399889400
s4             0x3affcf75f4     253399889396
s5             0x3affcf75e0     253399889376
s6             0x3affcf75dc     253399889372
s7             0x3affcf75c0     253399889344
s8             0x3affcf75bc     253399889340
s9             0x3affcf75b8     253399889336
s10            0x3affcf75b4     253399889332
s11            0x3affcf75b0     253399889328
t3             0x3affcfe640     253399918144
t4             0x3affcfe63c     253399918140
t5             0x3affcfe638     253399918136
t6             0x3affcfe634     253399918132
pc             0xb070d578       2960184696
cnull          0x0      0x0
cra            0xf17d0000056db5a80000003affcf75ac       0x3affcf75ac [rwRW,0x3affcf75ac-0x3affcf75b0]
csp            0xf17d000003fb1ffd0000003affcf6b80       0x3affcf6b80 [rwRW,0x3abff00000-0x3affd00000]
cgp            0x0      0x0
ctp            0xd17d00000055900d00000000ab3f2040       0xab3f2040 [rwRW,0xab3f2010-0xab3f42a0]
ct0            0xf17d00000599a6580000003affcfe65c       0x3affcfe65c [rwRW,0x3affcfe65c-0x3affcfe660]
ct1            0xf17d00000596a65c0000003affcfe658       0x3affcfe658 [rwRW,0x3affcfe658-0x3affcfe65c]
ct2            0xf17d00000597a6500000003affcfe654       0x3affcfe654 [rwRW,0x3affcfe654-0x3affcfe658]
cfp            0xf17d000003fb1ffd0000003affcfe770       0x3affcfe770 [rwRW,0x3abff00000-0x3affd00000]
cs1            0xf17d000002639d860000003affcf7600       0x3affcf7600 [rwRW,0x3affcf7600-0x3affcfe620]
ca0            0xf17d000004ecb3b40000003affcf73b0       0x3affcf73b0 [rwRW,0x3affcf73b0-0x3affcf73b4]
ca1            0xf17d000004fab3ec0000003affcf73e8       0x3affcf73e8 [rwRW,0x3affcf73e8-0x3affcf73ec]
ca2            0xf17d00000565b5880000003affcf758c       0x3affcf758c [rwRW,0x3affcf758c-0x3affcf7590]
ca3            0xd17d00000501a2c400000000b0dde2c0       0xb0dde2c0 [rwRW,0xb0dde2c0-0xb0dde400]
ca4            0xf17d000005a1a6740000003affcfe670       0x3affcfe670 [rwRW,0x3affcfe670-0x3affcfe680]
ca5            0x3affcf6c88     0x3affcf6c88
ca6            0xf17d0000059aa66c0000003affcfe668       0x3affcfe668 [rwRW,0x3affcfe668-0x3affcfe66c]
ca7            0xf17d00000598a6640000003affcfe660       0x3affcfe660 [rwRW,0x3affcfe660-0x3affcfe664]
cs2            0xf17d00000581b5f80000003affcf75fc       0x3affcf75fc [rwRW,0x3affcf75fc-0x3affcf7600]
cs3            0xf17d0000057eb5fc0000003affcf75f8       0x3affcf75f8 [rwRW,0x3affcf75f8-0x3affcf75fc]
cs4            0xf17d0000057fb5f00000003affcf75f4       0x3affcf75f4 [rwRW,0x3affcf75f4-0x3affcf75f8]
cs5            0xf17d0000057db5e40000003affcf75e0       0x3affcf75e0 [rwRW,0x3affcf75e0-0x3affcf75f0]
cs6            0xf17d00000579b5d80000003affcf75dc       0x3affcf75dc [rwRW,0x3affcf75dc-0x3affcf75e0]
cs7            0xf17d00000575b5c40000003affcf75c0       0x3affcf75c0 [rwRW,0x3affcf75c0-0x3affcf75d0]
cs8            0xf17d00000571b5b80000003affcf75bc       0x3affcf75bc [rwRW,0x3affcf75bc-0x3affcf75c0]
cs9            0xf17d0000056eb5bc0000003affcf75b8       0x3affcf75b8 [rwRW,0x3affcf75b8-0x3affcf75bc]
cs10           0xf17d0000056fb5b00000003affcf75b4       0x3affcf75b4 [rwRW,0x3affcf75b4-0x3affcf75b8]
cs11           0xf17d0000056cb5b40000003affcf75b0       0x3affcf75b0 [rwRW,0x3affcf75b0-0x3affcf75b4]
ct3            0xf17d00000595a6440000003affcfe640       0x3affcfe640 [rwRW,0x3affcfe640-0x3affcfe650]
ct4            0xf17d00000591a6380000003affcfe63c       0x3affcfe63c [rwRW,0x3affcfe63c-0x3affcfe640]
ct5            0xf17d0000058ea63c0000003affcfe638       0x3affcfe638 [rwRW,0x3affcfe638-0x3affcfe63c]
ct6            0xf17d0000058fa6300000003affcfe634       0x3affcfe634 [rwRW,0x3affcfe634-0x3affcfe638]
pcc            0xf1172000025bc40700000000b070d578       0xb070d578 <QTextEngine::justify(QScriptLine const&)+1120> [rxR,0xb0200000-0xb0cb4000]
ddc            0x0      0x0
cap_valid      0xeffffffb       4026531835
jrtc27 commented 3 years ago

Do you have a reproducer program that drives QTextEngine just enough to trigger this bug?

pentelbart commented 3 years ago

It's triggered by examples/widgets/widgets/calculator/calculator in qtbase. I think getting it to hit this bug requires xcb, which I'm using locally, or I don't think it will work with the offscreen platform that cheribuild will use by default.

jrtc27 commented 3 years ago

And this is -O0 from the looks of it? (At least I hope so, otherwise that is some really awful codegen)

pentelbart commented 3 years ago

Yep! I'm not sure if whatever that crashed it on -O2 is the same as this, because I switched it to debug when I went to investigate.

jrtc27 commented 3 years ago

Out of interest, what happens if you cherry-pick 524d8fa9a5a5428628a21a91016a52a54a9fe838 from upstream? (Only conflicts in tests)

Or if you just want a patch to apply:

diff --git a/llvm/lib/Target/RISCV/RISCVFrameLowering.cpp b/llvm/lib/Target/RISCV/RISCVFrameLowering.cpp
index 26ff6ddcd048..564d97f47d9e 100644
--- a/llvm/lib/Target/RISCV/RISCVFrameLowering.cpp
+++ b/llvm/lib/Target/RISCV/RISCVFrameLowering.cpp
@@ -235,18 +235,12 @@ bool RISCVFrameLowering::hasBP(const MachineFunction &MF) const {
 // Determines the size of the frame and maximum call frame size.
 void RISCVFrameLowering::determineFrameLayout(MachineFunction &MF) const {
   MachineFrameInfo &MFI = MF.getFrameInfo();
-  const RISCVRegisterInfo *RI = STI.getRegisterInfo();

   // Get the number of bytes to allocate from the FrameInfo.
   uint64_t FrameSize = MFI.getStackSize();

   // Get the alignment.
   Align StackAlign = getStackAlign();
-  if (RI->needsStackRealignment(MF)) {
-    Align MaxStackAlign = std::max(StackAlign, MFI.getMaxAlign());
-    FrameSize += (MaxStackAlign.value() - StackAlign.value());
-    StackAlign = MaxStackAlign;
-  }

   // Set Max Call Frame Size
   uint64_t MaxCallSize = alignTo(MFI.getMaxCallFrameSize(), StackAlign);
pentelbart commented 3 years ago

With that commit cherry picked, it hits a length violation instead of a tag violation, presumably because it's loading from somewhere slightly less wrong. The code generated is:

Dump of assembler code for function QTextEngine::justify(QScriptLine const&):
   0x000000005256a264 <+0>:     cincoffset      csp,csp,-2032
   0x000000005256a268 <+4>:     sc      cra,2016(sp)
   0x000000005256a26c <+8>:     sc      cs0,2000(sp)
   0x000000005256a270 <+12>:    sc      cs1,1984(sp)
   0x000000005256a274 <+16>:    sc      cs2,1968(sp)
   0x000000005256a278 <+20>:    sc      cs3,1952(sp)
   0x000000005256a27c <+24>:    sc      cs4,1936(sp)
   0x000000005256a280 <+28>:    sc      cs5,1920(sp)
   0x000000005256a284 <+32>:    sc      cs6,1904(sp)
   0x000000005256a288 <+36>:    sc      cs7,1888(sp)
   0x000000005256a28c <+40>:    sc      cs8,1872(sp)
   0x000000005256a290 <+44>:    sc      cs9,1856(sp)
   0x000000005256a294 <+48>:    sc      cs10,1840(sp)
   0x000000005256a298 <+52>:    sc      cs11,1824(sp)
   0x000000005256a29c <+56>:    cincoffset      cs0,csp,2032
   0x000000005256a2a0 <+60>:    sc      ca1,16(sp)
   0x000000005256a2a4 <+64>:    lui     a1,0xffff9
   0x000000005256a2a6 <+66>:    addiw   a1,a1,-976
   0x000000005256a2aa <+70>:    cincoffset      csp,csp,a1
   0x000000005256a2ae <+74>:    cgetaddr        a1,csp
   0x000000005256a2b2 <+78>:    andi    a1,a1,-32
   0x000000005256a2b4 <+80>:    csetaddr        csp,csp,a1
   0x000000005256a2b8 <+84>:    li      a2,16
   0x000000005256a2ba <+86>:    lui     a1,0x8
   0x000000005256a2bc <+88>:    addiw   a1,a1,-1312
   0x000000005256a2c0 <+92>:    cincoffset      ca1,csp,a1
   0x000000005256a2c4 <+96>:    cincoffset      ca3,ca1,0
   0x000000005256a2c8 <+100>:   csetbounds      ca3,ca3,a2
   0x000000005256a2cc <+104>:   lui     a1,0x8
   0x000000005256a2ce <+106>:   addiw   a1,a1,-1328
   0x000000005256a2d2 <+110>:   cincoffset      ca1,csp,a1
   0x000000005256a2d6 <+114>:   cincoffset      ca4,ca1,0
   0x000000005256a2da <+118>:   csetbounds      ca4,ca4,a2
   0x000000005256a2de <+122>:   li      a5,4
   0x000000005256a2e0 <+124>:   lui     a1,0x8
   0x000000005256a2e2 <+126>:   addiw   a1,a1,-1336
   0x000000005256a2e6 <+130>:   cincoffset      ca1,csp,a1
   0x000000005256a2ea <+134>:   cincoffset      ca6,ca1,0
   0x000000005256a2ee <+138>:   csetbounds      ca6,ca6,a5
   0x000000005256a2f2 <+142>:   lui     a1,0x8
   0x000000005256a2f4 <+144>:   addiw   a1,a1,-1344
   0x000000005256a2f8 <+148>:   cincoffset      ca1,csp,a1
   0x000000005256a2fc <+152>:   cincoffset      ca7,ca1,0
   0x000000005256a300 <+156>:   csetbounds      ca7,ca7,a5
   0x000000005256a304 <+160>:   lui     a1,0x8
   0x000000005256a306 <+162>:   addiw   a1,a1,-1348
   0x000000005256a30a <+166>:   cincoffset      ca1,csp,a1
   0x000000005256a30e <+170>:   cincoffset      ct0,ca1,0
   0x000000005256a312 <+174>:   csetbounds      ct0,ct0,a5
   0x000000005256a316 <+178>:   lui     a1,0x8
   0x000000005256a318 <+180>:   addiw   a1,a1,-1352
   0x000000005256a31c <+184>:   cincoffset      ca1,csp,a1
   0x000000005256a320 <+188>:   cincoffset      ct1,ca1,0
   0x000000005256a324 <+192>:   csetbounds      ct1,ct1,a5
   0x000000005256a328 <+196>:   lui     a1,0x8
   0x000000005256a32a <+198>:   addiw   a1,a1,-1356
   0x000000005256a32e <+202>:   cincoffset      ca1,csp,a1
   0x000000005256a332 <+206>:   cincoffset      ct2,ca1,0
   0x000000005256a336 <+210>:   csetbounds      ct2,ct2,a5
   0x000000005256a33a <+214>:   lui     a1,0x8
   0x000000005256a33c <+216>:   addiw   a1,a1,-1376
   0x000000005256a340 <+220>:   cincoffset      ca1,csp,a1
   0x000000005256a344 <+224>:   cincoffset      ct3,ca1,0
   0x000000005256a348 <+228>:   csetbounds      ct3,ct3,a2
   0x000000005256a34c <+232>:   lui     a1,0x8
   0x000000005256a34e <+234>:   addiw   a1,a1,-1380
   0x000000005256a352 <+238>:   cincoffset      ca1,csp,a1
   0x000000005256a356 <+242>:   cincoffset      ct4,ca1,0
   0x000000005256a35a <+246>:   csetbounds      ct4,ct4,a5
   0x000000005256a35e <+250>:   lui     a1,0x8
   0x000000005256a360 <+252>:   addiw   a1,a1,-1384
   0x000000005256a364 <+256>:   cincoffset      ca1,csp,a1
   0x000000005256a368 <+260>:   cincoffset      ct5,ca1,0
   0x000000005256a36c <+264>:   csetbounds      ct5,ct5,a5
   0x000000005256a370 <+268>:   lui     a1,0x8
   0x000000005256a372 <+270>:   addiw   a1,a1,-1388
   0x000000005256a376 <+274>:   cincoffset      ca1,csp,a1
   0x000000005256a37a <+278>:   cincoffset      ct6,ca1,0
   0x000000005256a37e <+282>:   csetbounds      ct6,ct6,a5
   0x000000005256a382 <+286>:   lui     s1,0x7
   0x000000005256a384 <+288>:   addiw   s1,s1,32
   0x000000005256a388 <+292>:   lui     a1,0x1
   0x000000005256a38a <+294>:   addiw   a1,a1,-1440
   0x000000005256a38e <+298>:   cincoffset      ca1,csp,a1
   0x000000005256a392 <+302>:   cincoffset      cs2,ca1,0
   0x000000005256a396 <+306>:   csetbounds      cs1,cs2,s1
   0x000000005256a39a <+310>:   lui     a1,0x1
   0x000000005256a39c <+312>:   addiw   a1,a1,-1444
   0x000000005256a3a0 <+316>:   cincoffset      ca1,csp,a1
   0x000000005256a3a4 <+320>:   cincoffset      cs2,ca1,0
   0x000000005256a3a8 <+324>:   csetbounds      cs2,cs2,a5
   0x000000005256a3ac <+328>:   lui     a1,0x1
   0x000000005256a3ae <+330>:   addiw   a1,a1,-1448
   0x000000005256a3b2 <+334>:   cincoffset      ca1,csp,a1
   0x000000005256a3b6 <+338>:   cincoffset      cs3,ca1,0
   0x000000005256a3ba <+342>:   csetbounds      cs3,cs3,a5
   0x000000005256a3be <+346>:   lui     a1,0x1
   0x000000005256a3c0 <+348>:   addiw   a1,a1,-1452
   0x000000005256a3c4 <+352>:   cincoffset      ca1,csp,a1
   0x000000005256a3c8 <+356>:   cincoffset      cs4,ca1,0
   0x000000005256a3cc <+360>:   csetbounds      cs4,cs4,a5
   0x000000005256a3d0 <+364>:   lui     a1,0x1
   0x000000005256a3d2 <+366>:   addiw   a1,a1,-1472
   0x000000005256a3d6 <+370>:   cincoffset      ca1,csp,a1
   0x000000005256a3da <+374>:   cincoffset      cs5,ca1,0
   0x000000005256a3de <+378>:   csetbounds      cs5,cs5,a2
   0x000000005256a3e2 <+382>:   lui     a1,0x1
   0x000000005256a3e4 <+384>:   addiw   a1,a1,-1476
   0x000000005256a3e8 <+388>:   cincoffset      ca1,csp,a1
   0x000000005256a3ec <+392>:   cincoffset      cs6,ca1,0
   0x000000005256a3f0 <+396>:   csetbounds      cs6,cs6,a5
   0x000000005256a3f4 <+400>:   lui     a1,0x1
   0x000000005256a3f6 <+402>:   addiw   a1,a1,-1504
   0x000000005256a3fa <+406>:   cincoffset      ca1,csp,a1
   0x000000005256a3fe <+410>:   cincoffset      cs7,ca1,0
   0x000000005256a402 <+414>:   csetbounds      cs7,cs7,a2
   0x000000005256a406 <+418>:   lui     a1,0x1
   0x000000005256a408 <+420>:   addiw   a1,a1,-1508
   0x000000005256a40c <+424>:   cincoffset      ca1,csp,a1
   0x000000005256a410 <+428>:   cincoffset      cs8,ca1,0
   0x000000005256a414 <+432>:   csetbounds      cs8,cs8,a5
   0x000000005256a418 <+436>:   lui     a1,0x1
   0x000000005256a41a <+438>:   addiw   a1,a1,-1512
   0x000000005256a41e <+442>:   cincoffset      ca1,csp,a1
   0x000000005256a422 <+446>:   cincoffset      cs9,ca1,0
   0x000000005256a426 <+450>:   csetbounds      cs9,cs9,a5
   0x000000005256a42a <+454>:   lui     a1,0x1
   0x000000005256a42c <+456>:   addiw   a1,a1,-1516
   0x000000005256a430 <+460>:   cincoffset      ca1,csp,a1
   0x000000005256a434 <+464>:   cincoffset      cs10,ca1,0
   0x000000005256a438 <+468>:   csetbounds      cs10,cs10,a5
   0x000000005256a43c <+472>:   lui     a1,0x1
   0x000000005256a43e <+474>:   addiw   a1,a1,-1520
   0x000000005256a442 <+478>:   cincoffset      ca1,csp,a1
   0x000000005256a446 <+482>:   cincoffset      cs11,ca1,0
   0x000000005256a44a <+486>:   csetbounds      cs11,cs11,a5
   0x000000005256a44e <+490>:   lui     a1,0x1
   0x000000005256a450 <+492>:   addiw   a1,a1,-1524
   0x000000005256a454 <+496>:   cincoffset      ca1,csp,a1
   0x000000005256a458 <+500>:   cincoffset      cra,ca1,0
   0x000000005256a45c <+504>:   csetbounds      cra,cra,a5
   0x000000005256a460 <+508>:   lui     a1,0x1
   0x000000005256a462 <+510>:   addiw   a1,a1,-2048
   0x000000005256a466 <+514>:   cincoffset      ca1,csp,a1
   0x000000005256a46a <+518>:   sc      ca0,0(a1) # 0x1000
   0x000000005256a46e <+522>:   lc      ca1,16(sp)
   0x000000005256a472 <+526>:   lui     a0,0x1
   0x000000005256a474 <+528>:   addiw   a0,a0,-1528
   0x000000005256a478 <+532>:   cincoffset      ca0,csp,a0
   0x000000005256a47c <+536>:   cincoffset      ca0,ca0,0
   0x000000005256a480 <+540>:   csetbounds      ca0,ca0,a5
   0x000000005256a484 <+544>:   sc      ca0,2032(sp)
   0x000000005256a488 <+548>:   lui     a0,0x1
   0x000000005256a48a <+550>:   addiw   a0,a0,-1532
   0x000000005256a48e <+554>:   cincoffset      ca0,csp,a0
   0x000000005256a492 <+558>:   cincoffset      ca0,ca0,0
   0x000000005256a496 <+562>:   csetbounds      ca0,ca0,a5
   0x000000005256a49a <+566>:   sc      ca0,2016(sp)
   0x000000005256a49e <+570>:   lui     a0,0x1
   0x000000005256a4a0 <+572>:   addiw   a0,a0,-1536
   0x000000005256a4a4 <+576>:   cincoffset      ca0,csp,a0
   0x000000005256a4a8 <+580>:   cincoffset      ca0,ca0,0
   0x000000005256a4ac <+584>:   csetbounds      ca0,ca0,a5
   0x000000005256a4b0 <+588>:   sc      ca0,2000(sp)
   0x000000005256a4b4 <+592>:   lui     a0,0x1
   0x000000005256a4b6 <+594>:   addiw   a0,a0,-1552
   0x000000005256a4ba <+598>:   cincoffset      ca0,csp,a0
   0x000000005256a4be <+602>:   cincoffset      ca0,ca0,0
   0x000000005256a4c2 <+606>:   csetbounds      ca0,ca0,a2
   0x000000005256a4c6 <+610>:   lui     a2,0x1
   0x000000005256a4c8 <+612>:   addiw   a2,a2,-1556
   0x000000005256a4cc <+616>:   cincoffset      ca2,csp,a2
   0x000000005256a4d0 <+620>:   cincoffset      ca2,ca2,0
   0x000000005256a4d4 <+624>:   csetbounds      ca2,ca2,a5
   0x000000005256a4d8 <+628>:   sc      ca0,1984(sp)
   0x000000005256a4dc <+632>:   lui     a0,0x1
   0x000000005256a4de <+634>:   addiw   a0,a0,-1560
   0x000000005256a4e2 <+638>:   cincoffset      ca0,csp,a0
   0x000000005256a4e6 <+642>:   cincoffset      ca0,ca0,0
   0x000000005256a4ea <+646>:   csetbounds      ca0,ca0,a5
   0x000000005256a4ee <+650>:   sc      ca0,1968(sp)
   0x000000005256a4f2 <+654>:   li      a0,96
   0x000000005256a4f6 <+658>:   sd      a0,1960(sp)
   0x000000005256a4fa <+662>:   lui     a0,0x1
   0x000000005256a4fc <+664>:   addiw   a0,a0,-1664
   0x000000005256a500 <+668>:   cincoffset      ca0,csp,a0
   0x000000005256a504 <+672>:   cincoffset      ca0,ca0,0
   0x000000005256a508 <+676>:   sc      ca1,1936(sp)
   0x000000005256a50c <+680>:   ld      a1,1960(sp)
   0x000000005256a510 <+684>:   csetbounds      ca0,ca0,a1
   0x000000005256a514 <+688>:   lui     a1,0x1
   0x000000005256a516 <+690>:   addiw   a1,a1,-1668
   0x000000005256a51a <+694>:   cincoffset      ca1,csp,a1
   0x000000005256a51e <+698>:   cincoffset      ca1,ca1,0
   0x000000005256a522 <+702>:   csetbounds      ca1,ca1,a5
   0x000000005256a526 <+706>:   sc      ca0,1920(sp)
   0x000000005256a52a <+710>:   lui     a0,0x1
   0x000000005256a52c <+712>:   addiw   a0,a0,-1672
   0x000000005256a530 <+716>:   cincoffset      ca0,csp,a0
   0x000000005256a534 <+720>:   cincoffset      ca0,ca0,0
   0x000000005256a538 <+724>:   csetbounds      ca0,ca0,a5
   0x000000005256a53c <+728>:   sc      ca0,1904(sp)
   0x000000005256a540 <+732>:   lui     a0,0x1
   0x000000005256a542 <+734>:   addiw   a0,a0,-1776
   0x000000005256a546 <+738>:   cincoffset      ca0,csp,a0
   0x000000005256a54a <+742>:   cincoffset      ca0,ca0,0
   0x000000005256a54e <+746>:   sc      ca1,1888(sp)
   0x000000005256a552 <+750>:   ld      a1,1960(sp)
   0x000000005256a556 <+754>:   csetbounds      ca0,ca0,a1
   0x000000005256a55a <+758>:   lui     a1,0x1
   0x000000005256a55c <+760>:   addiw   a1,a1,-1872
   0x000000005256a560 <+764>:   cincoffset      ca1,csp,a1
   0x000000005256a564 <+768>:   cincoffset      ca1,ca1,0
   0x000000005256a568 <+772>:   sc      ca0,1872(sp)
   0x000000005256a56c <+776>:   ld      a0,1960(sp)
   0x000000005256a570 <+780>:   csetbounds      ca1,ca1,a0
   0x000000005256a574 <+784>:   lui     a0,0x1
   0x000000005256a576 <+786>:   addiw   a0,a0,-1968
   0x000000005256a57a <+790>:   cincoffset      ca0,csp,a0
   0x000000005256a57e <+794>:   cincoffset      ca0,ca0,0
   0x000000005256a582 <+798>:   sc      ca1,1856(sp)
   0x000000005256a586 <+802>:   ld      a1,1960(sp)
   0x000000005256a58a <+806>:   csetbounds      ca0,ca0,a1
   0x000000005256a58e <+810>:   lui     a1,0x1
   0x000000005256a590 <+812>:   addiw   a1,a1,-1976
   0x000000005256a594 <+816>:   cincoffset      ca1,csp,a1
   0x000000005256a598 <+820>:   cincoffset      ca1,ca1,0
   0x000000005256a59c <+824>:   csetbounds      ca1,ca1,a5
   0x000000005256a5a0 <+828>:   sc      ca0,1840(sp)
   0x000000005256a5a4 <+832>:   lui     a0,0x1
   0x000000005256a5a6 <+834>:   addiw   a0,a0,-1984
   0x000000005256a5aa <+838>:   cincoffset      ca0,csp,a0
   0x000000005256a5ae <+842>:   cincoffset      ca0,ca0,0
   0x000000005256a5b2 <+846>:   csetbounds      ca0,ca0,a5
   0x000000005256a5b6 <+850>:   sc      ca0,1824(sp)
   0x000000005256a5ba <+854>:   lui     a0,0x1
   0x000000005256a5bc <+856>:   addiw   a0,a0,-1992
   0x000000005256a5c0 <+860>:   cincoffset      ca0,csp,a0
   0x000000005256a5c4 <+864>:   cincoffset      ca0,ca0,0
   0x000000005256a5c8 <+868>:   csetbounds      ca0,ca0,a5
   0x000000005256a5cc <+872>:   sc      ca0,1808(sp)
   0x000000005256a5d0 <+876>:   lui     a0,0x1
   0x000000005256a5d2 <+878>:   addiw   a0,a0,-1996
   0x000000005256a5d6 <+882>:   cincoffset      ca0,csp,a0
   0x000000005256a5da <+886>:   cincoffset      ca0,ca0,0
   0x000000005256a5de <+890>:   csetbounds      ca0,ca0,a5
   0x000000005256a5e2 <+894>:   sc      ca0,1792(sp)
   0x000000005256a5e6 <+898>:   lui     a0,0x1
   0x000000005256a5e8 <+900>:   addiw   a0,a0,-2000
   0x000000005256a5ec <+904>:   cincoffset      ca0,csp,a0
   0x000000005256a5f0 <+908>:   cincoffset      ca0,ca0,0
   0x000000005256a5f4 <+912>:   csetbounds      ca0,ca0,a5
   0x000000005256a5f8 <+916>:   sc      ca0,1776(sp)
   0x000000005256a5fc <+920>:   lui     a0,0x1
   0x000000005256a5fe <+922>:   addiw   a0,a0,-2004
   0x000000005256a602 <+926>:   cincoffset      ca0,csp,a0
   0x000000005256a606 <+930>:   cincoffset      ca0,ca0,0
   0x000000005256a60a <+934>:   csetbounds      ca0,ca0,a5
   0x000000005256a60e <+938>:   sc      ca0,1760(sp)
   0x000000005256a612 <+942>:   lui     a0,0x1
   0x000000005256a614 <+944>:   addiw   a0,a0,-2008
   0x000000005256a618 <+948>:   cincoffset      ca0,csp,a0
   0x000000005256a61c <+952>:   cincoffset      ca0,ca0,0
   0x000000005256a620 <+956>:   csetbounds      ca0,ca0,a5
   0x000000005256a624 <+960>:   sc      ca0,1744(sp)
   0x000000005256a628 <+964>:   lui     a0,0x1
   0x000000005256a62a <+966>:   addiw   a0,a0,-2012
   0x000000005256a62e <+970>:   cincoffset      ca0,csp,a0
   0x000000005256a632 <+974>:   cincoffset      ca0,ca0,0
   0x000000005256a636 <+978>:   csetbounds      ca0,ca0,a5
   0x000000005256a63a <+982>:   sc      ca0,1728(sp)
   0x000000005256a63e <+986>:   lui     a0,0x1
   0x000000005256a640 <+988>:   addiw   a0,a0,-2016
   0x000000005256a644 <+992>:   cincoffset      ca0,csp,a0
   0x000000005256a648 <+996>:   cincoffset      ca0,ca0,0
   0x000000005256a64c <+1000>:  csetbounds      ca0,ca0,a5
   0x000000005256a650 <+1004>:  sc      ca0,1712(sp)
   0x000000005256a654 <+1008>:  lui     a0,0x1
   0x000000005256a656 <+1010>:  addiw   a0,a0,-2020
   0x000000005256a65a <+1014>:  cincoffset      ca0,csp,a0
   0x000000005256a65e <+1018>:  cincoffset      ca0,ca0,0
   0x000000005256a662 <+1022>:  csetbounds      ca0,ca0,a5
   0x000000005256a666 <+1026>:  sc      ca0,1696(sp)
   0x000000005256a66a <+1030>:  lui     a0,0x1
   0x000000005256a66c <+1032>:  addiw   a0,a0,-2024
   0x000000005256a670 <+1036>:  cincoffset      ca0,csp,a0
   0x000000005256a674 <+1040>:  cincoffset      ca0,ca0,0
   0x000000005256a678 <+1044>:  csetbounds      ca0,ca0,a5
   0x000000005256a67c <+1048>:  sc      ca0,1680(sp)
   0x000000005256a680 <+1052>:  lui     a0,0x1
   0x000000005256a682 <+1054>:  addiw   a0,a0,-2032
   0x000000005256a686 <+1058>:  cincoffset      ca0,csp,a0
   0x000000005256a68a <+1062>:  cincoffset      ca0,ca0,0
   0x000000005256a68e <+1066>:  csetbounds      ca0,ca0,a5
   0x000000005256a692 <+1070>:  lui     a5,0x1
   0x000000005256a694 <+1072>:  addiw   a5,a5,-2048
   0x000000005256a698 <+1076>:  cincoffset      ca5,csp,a5
   0x000000005256a69c <+1080>:  lc      ca5,0(a5) # 0x1000
   0x000000005256a6a0 <+1084>:  sc      ca5,0(a3)
   0x000000005256a6a4 <+1088>:  lc      ca5,1936(sp)
   0x000000005256a6a8 <+1092>:  sc      ca5,0(a4)
   0x000000005256a6ac <+1096>:  lc      ca3,0(a3)
   0x000000005256a6b0 <+1100>:  lc      ca5,0(a4)
=> 0x000000005256a6b4 <+1104>:  lw      a5,40(a5)
   0x000000005256a6b8 <+1108>:  srli    a5,a5,0x1d
   0x000000005256a6ba <+1110>:  andi    a5,a5,1
   0x000000005256a6bc <+1112>:  sc      ca0,1664(sp)
   0x000000005256a6c0 <+1116>:  li      a0,0
   0x000000005256a6c2 <+1118>:  sc      ca4,1648(sp)
   0x000000005256a6c6 <+1122>:  sc      ca6,1632(sp)
   0x000000005256a6ca <+1126>:  sc      ca7,1616(sp)
   0x000000005256a6ce <+1130>:  sc      ct0,1600(sp)
   0x000000005256a6d2 <+1134>:  sc      ct1,1584(sp)
   0x000000005256a6d6 <+1138>:  sc      ct2,1568(sp)
   0x000000005256a6da <+1142>:  sc      ct3,1552(sp)
   0x000000005256a6de <+1146>:  sc      ct4,1536(sp)
   0x000000005256a6e2 <+1150>:  sc      ct5,1520(sp)
   0x000000005256a6e6 <+1154>:  sc      ct6,1504(sp)
   0x000000005256a6ea <+1158>:  sc      cs1,1488(sp)
   0x000000005256a6ee <+1162>:  sc      cs2,1472(sp)
   0x000000005256a6f2 <+1166>:  sc      cs3,1456(sp)
   0x000000005256a6f6 <+1170>:  sc      cs4,1440(sp)
   0x000000005256a6fa <+1174>:  sc      cs5,1424(sp)
   0x000000005256a6fe <+1178>:  sc      cs6,1408(sp)
   0x000000005256a702 <+1182>:  sc      cs7,1392(sp)
   0x000000005256a706 <+1186>:  sc      cs8,1376(sp)
   0x000000005256a70a <+1190>:  sc      cs9,1360(sp)
   0x000000005256a70e <+1194>:  sc      cs10,1344(sp)
   0x000000005256a712 <+1198>:  sc      cs11,1328(sp)
   0x000000005256a716 <+1202>:  sc      cra,1312(sp)
   0x000000005256a71a <+1206>:  sc      ca2,1296(sp)
   0x000000005256a71e <+1210>:  sc      ca1,1280(sp)
   0x000000005256a722 <+1214>:  sc      ca3,1264(sp)
   0x000000005256a726 <+1218>:  beq     a5,a0,0x5256a74c <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1256>
   0x000000005256a72a <+1222>:  j       0x5256a72e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1226>
   0x000000005256a72e <+1226>:  lc      ca0,1648(sp)
   0x000000005256a732 <+1230>:  lc      ca1,0(a0) # 0x1000
   0x000000005256a736 <+1234>:  lw      a1,40(a1) # 0x1028
   0x000000005256a73a <+1238>:  srli    a1,a1,0x1c
   0x000000005256a73c <+1240>:  andi    a1,a1,1
   0x000000005256a73e <+1242>:  li      a2,0
   0x000000005256a740 <+1244>:  beq     a1,a2,0x5256a74c <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1256>
   0x000000005256a744 <+1248>:  j       0x5256a748 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1252>
   0x000000005256a748 <+1252>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a74c <+1256>:  lc      ca0,1648(sp)
   0x000000005256a750 <+1260>:  lc      ca1,0(a0)
   0x000000005256a754 <+1264>:  lw      a1,40(a1)
   0x000000005256a758 <+1268>:  srli    a1,a1,0x1d
   0x000000005256a75a <+1270>:  andi    a1,a1,1
   0x000000005256a75c <+1272>:  bnez    a1,0x5256a77e <QTextEngine::justify(QScr                                                                                                                                       iptLine const&)+1306>
   0x000000005256a760 <+1276>:  j       0x5256a764 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1280>
   0x000000005256a764 <+1280>:  lc      ca0,1648(sp)
   0x000000005256a768 <+1284>:  lc      ca1,0(a0)
   0x000000005256a76c <+1288>:  lw      a2,40(a1)
   0x000000005256a770 <+1292>:  lui     a3,0x20000
   0x000000005256a774 <+1296>:  or      a2,a2,a3
   0x000000005256a776 <+1298>:  sw      a2,40(a1)
   0x000000005256a77a <+1302>:  j       0x5256a77e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1306>
   0x000000005256a77e <+1306>:  lc      ca0,1264(sp)
   0x000000005256a782 <+1310>:  cincoffset      ca0,ca0,160
   0x000000005256a786 <+1314>:  auipc   a1,0x633
   0x000000005256a78a <+1318>:  lc      ca1,-262(a1) # 0x52b9d680 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183616>
   0x000000005256a78e <+1322>:  cjalr   cra,ca1
   0x000000005256a792 <+1326>:  lc      ca1,1616(sp)
   0x000000005256a796 <+1330>:  sw      a0,0(a1)
   0x000000005256a79a <+1334>:  auipc   a0,0x628
   0x000000005256a79e <+1338>:  lc      ca0,1414(a0) # 0x52b92d20 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+140256>
   0x000000005256a7a2 <+1342>:  li      a1,31
   0x000000005256a7a4 <+1344>:  lc      ca2,1616(sp)
   0x000000005256a7a8 <+1348>:  sc      ca0,1248(sp)
   0x000000005256a7ac <+1352>:  cmove   ca0,ca2
   0x000000005256a7b0 <+1356>:  lc      ca3,1248(sp)
   0x000000005256a7b4 <+1360>:  cjalr   cra,ca3
   0x000000005256a7b8 <+1364>:  lc      ca1,1632(sp)
   0x000000005256a7bc <+1368>:  sw      a0,0(a1)
   0x000000005256a7c0 <+1372>:  auipc   a0,0x628
   0x000000005256a7c4 <+1376>:  lc      ca0,1392(a0) # 0x52b92d30 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+140272>
   0x000000005256a7c8 <+1380>:  sc      ca0,1232(sp)
   0x000000005256a7cc <+1384>:  cmove   ca0,ca1
   0x000000005256a7d0 <+1388>:  lc      ca2,1232(sp)
   0x000000005256a7d4 <+1392>:  cjalr   cra,ca2
   0x000000005256a7d8 <+1396>:  li      a1,8
   0x000000005256a7da <+1398>:  beq     a0,a1,0x5256a7e6 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1410>
   0x000000005256a7de <+1402>:  j       0x5256a7e2 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1406>
   0x000000005256a7e2 <+1406>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a7e6 <+1410>:  auipc   a0,0x631
   0x000000005256a7ea <+1414>:  lc      ca0,-1750(a0) # 0x52b9b110 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+174032>
   0x000000005256a7ee <+1418>:  lc      ca1,1264(sp)
   0x000000005256a7f2 <+1422>:  sc      ca0,1216(sp)
   0x000000005256a7f6 <+1426>:  cmove   ca0,ca1
   0x000000005256a7fa <+1430>:  lc      ca2,1216(sp)
   0x000000005256a7fe <+1434>:  cjalr   cra,ca2
   0x000000005256a802 <+1438>:  lc      ca0,1264(sp)
   0x000000005256a806 <+1442>:  lb      a1,232(a0)
   0x000000005256a80a <+1446>:  srli    a1,a1,0x3
   0x000000005256a80c <+1448>:  andi    a1,a1,1
   0x000000005256a80e <+1450>:  bnez    a1,0x5256a8f2 <QTextEngine::justify(QScr                                                                                                                                       iptLine const&)+1678>
   0x000000005256a812 <+1454>:  j       0x5256a816 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1458>
   0x000000005256a816 <+1458>:  lc      ca0,1648(sp)
   0x000000005256a81a <+1462>:  lc      ca1,0(a0)
   0x000000005256a81e <+1466>:  lw      a2,32(a1)
   0x000000005256a822 <+1470>:  lw      a3,40(a1)
   0x000000005256a826 <+1474>:  slli    a3,a3,0x24
   0x000000005256a828 <+1476>:  srai    a3,a3,0x24
   0x000000005256a82a <+1478>:  add     a2,a2,a3
   0x000000005256a82c <+1480>:  lhu     a1,36(a1)
   0x000000005256a830 <+1484>:  add     a1,a1,a2
   0x000000005256a832 <+1486>:  lc      ca2,1600(sp)
   0x000000005256a836 <+1490>:  sw      a1,0(a2) # 0x1000
   0x000000005256a83a <+1494>:  lw      a1,0(a2)
   0x000000005256a83e <+1498>:  lc      ca3,1264(sp)
   0x000000005256a842 <+1502>:  lc      ca4,240(a3) # 0x200000f0
   0x000000005256a846 <+1506>:  cincoffset      ca0,ca4,176
   0x000000005256a84a <+1510>:  auipc   a4,0x607
   0x000000005256a84e <+1514>:  lc      ca4,-378(a4) # 0x52b716d0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+3472>
   0x000000005256a852 <+1518>:  sd      a1,1208(sp)
   0x000000005256a856 <+1522>:  cjalr   cra,ca4
   0x000000005256a85a <+1526>:  ld      a1,1208(sp)
   0x000000005256a85e <+1530>:  bne     a1,a0,0x5256a86a <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1542>
   0x000000005256a862 <+1534>:  j       0x5256a866 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1538>
   0x000000005256a866 <+1538>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a86a <+1542>:  lc      ca0,1600(sp)
   0x000000005256a86e <+1546>:  lw      a1,0(a0)
   0x000000005256a872 <+1550>:  li      a2,0
   0x000000005256a874 <+1552>:  beq     a1,a2,0x5256a8ee <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1674>
   0x000000005256a878 <+1556>:  j       0x5256a87c <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1560>
   0x000000005256a87c <+1560>:  lc      ca0,1264(sp)
   0x000000005256a880 <+1564>:  lc      ca0,240(a0)
   0x000000005256a884 <+1568>:  lc      ca1,1600(sp)
   0x000000005256a888 <+1572>:  lw      a2,0(a1)
   0x000000005256a88c <+1576>:  addiw   a1,a2,-1
   0x000000005256a890 <+1580>:  auipc   a2,0x632
   0x000000005256a894 <+1584>:  lc      ca2,-32(a2) # 0x52b9c870 <_CHERI_CAPABIL                                                                                                                                       ITY_TABLE_+180016>
   0x000000005256a898 <+1588>:  li      a3,0
   0x000000005256a89a <+1590>:  lc      ca4,1264(sp)
   0x000000005256a89e <+1594>:  sc      ca0,1184(sp)
   0x000000005256a8a2 <+1598>:  cmove   ca0,ca4
   0x000000005256a8a6 <+1602>:  sc      ca2,1168(sp)
   0x000000005256a8aa <+1606>:  mv      a2,a3
   0x000000005256a8ac <+1608>:  lc      ca3,1168(sp)
   0x000000005256a8b0 <+1612>:  cjalr   cra,ca3
   0x000000005256a8b4 <+1616>:  auipc   a1,0x632
   0x000000005256a8b8 <+1620>:  lc      ca1,-52(a1) # 0x52b9c880 <_CHERI_CAPABIL                                                                                                                                       ITY_TABLE_+180032>
   0x000000005256a8bc <+1624>:  lc      ca2,1184(sp)
   0x000000005256a8c0 <+1628>:  sd      a0,1160(sp)
   0x000000005256a8c4 <+1632>:  cmove   ca0,ca2
   0x000000005256a8c8 <+1636>:  ld      a3,1160(sp)
   0x000000005256a8cc <+1640>:  sc      ca1,1136(sp)
   0x000000005256a8d0 <+1644>:  mv      a1,a3
   0x000000005256a8d2 <+1646>:  lc      ca4,1136(sp)
   0x000000005256a8d6 <+1650>:  cjalr   cra,ca4
   0x000000005256a8da <+1654>:  lhu     a0,4(a0)
   0x000000005256a8de <+1658>:  srli    a0,a0,0xd
   0x000000005256a8e0 <+1660>:  li      a1,4
   0x000000005256a8e2 <+1662>:  bne     a0,a1,0x5256a8ee <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1674>
   0x000000005256a8e6 <+1666>:  j       0x5256a8ea <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1670>
   0x000000005256a8ea <+1670>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a8ee <+1674>:  j       0x5256a8f2 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1678>
   0x000000005256a8f2 <+1678>:  li      a0,0
   0x000000005256a8f4 <+1680>:  lc      ca1,1584(sp)
   0x000000005256a8f8 <+1684>:  sw      a0,0(a1)
   0x000000005256a8fc <+1688>:  lc      ca0,1648(sp)
   0x000000005256a900 <+1692>:  lc      ca2,0(a0)
   0x000000005256a904 <+1696>:  lw      a2,40(a2)
   0x000000005256a908 <+1700>:  slli    a2,a2,0x24
   0x000000005256a90a <+1702>:  srai    a2,a2,0x24
   0x000000005256a90c <+1704>:  lc      ca3,1568(sp)
   0x000000005256a910 <+1708>:  sw      a2,0(a3)
   0x000000005256a914 <+1712>:  auipc   a2,0x633
   0x000000005256a918 <+1716>:  lc      ca2,-644(a2) # 0x52b9d690 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183632>
   0x000000005256a91c <+1720>:  lc      ca0,1264(sp)
   0x000000005256a920 <+1724>:  cjalr   cra,ca2
   0x000000005256a924 <+1728>:  lc      ca1,1552(sp)
   0x000000005256a928 <+1732>:  sc      ca0,0(a1)
   0x000000005256a92c <+1736>:  lc      ca0,0(a1)
   0x000000005256a930 <+1740>:  cmove   ca2,cnull
   0x000000005256a934 <+1744>:  bne     a0,a2,0x5256a940 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1756>
   0x000000005256a938 <+1748>:  j       0x5256a93c <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1752>
   0x000000005256a93c <+1752>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a940 <+1756>:  lc      ca0,1648(sp)
   0x000000005256a944 <+1760>:  lc      ca1,0(a0)
   0x000000005256a948 <+1764>:  lw      a1,32(a1)
   0x000000005256a94c <+1768>:  lc      ca2,1552(sp)
   0x000000005256a950 <+1772>:  lc      ca3,0(a2)
   0x000000005256a954 <+1776>:  cincoffset      ca1,ca3,a1
   0x000000005256a958 <+1780>:  sc      ca1,0(a2)
   0x000000005256a95c <+1784>:  j       0x5256a960 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1788>
   0x000000005256a960 <+1788>:  lc      ca0,1568(sp)
   0x000000005256a964 <+1792>:  lw      a1,0(a0)
   0x000000005256a968 <+1796>:  li      a2,0
   0x000000005256a96a <+1798>:  mv      a3,a2
   0x000000005256a96c <+1800>:  sd      a3,1128(sp)
   0x000000005256a970 <+1804>:  beq     a1,a2,0x5256a99e <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1850>
   0x000000005256a974 <+1808>:  j       0x5256a978 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1812>
   0x000000005256a978 <+1812>:  lc      ca0,1552(sp)
   0x000000005256a97c <+1816>:  lc      ca1,0(a0)
   0x000000005256a980 <+1820>:  lc      ca2,1568(sp)
   0x000000005256a984 <+1824>:  lw      a3,0(a2)
   0x000000005256a988 <+1828>:  addiw   a3,a3,-1
   0x000000005256a98a <+1830>:  cincoffset      ca1,ca1,a3
   0x000000005256a98e <+1834>:  lb      a1,0(a1)
   0x000000005256a992 <+1838>:  srli    a1,a1,0x4
   0x000000005256a994 <+1840>:  andi    a1,a1,1
   0x000000005256a996 <+1842>:  sd      a1,1128(sp)
   0x000000005256a99a <+1846>:  j       0x5256a99e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1850>
   0x000000005256a99e <+1850>:  ld      a0,1128(sp)
   0x000000005256a9a2 <+1854>:  andi    a0,a0,1
   0x000000005256a9a4 <+1856>:  li      a1,0
   0x000000005256a9a6 <+1858>:  beq     a0,a1,0x5256a9c0 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1884>
   0x000000005256a9aa <+1862>:  j       0x5256a9ae <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1866>
   0x000000005256a9ae <+1866>:  lc      ca0,1568(sp)
   0x000000005256a9b2 <+1870>:  lw      a1,0(a0)
   0x000000005256a9b6 <+1874>:  addi    a1,a1,-1
   0x000000005256a9b8 <+1876>:  sw      a1,0(a0)
   0x000000005256a9bc <+1880>:  j       0x5256a960 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1788>
   0x000000005256a9c0 <+1884>:  lc      ca0,1568(sp)
   0x000000005256a9c4 <+1888>:  lw      a1,0(a0)
   0x000000005256a9c8 <+1892>:  addi    a1,a1,-1
   0x000000005256a9ca <+1894>:  sw      a1,0(a0)
   0x000000005256a9ce <+1898>:  lw      a1,0(a0)
   0x000000005256a9d2 <+1902>:  li      a2,0
   0x000000005256a9d4 <+1904>:  blt     a2,a1,0x5256a9e0 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+1916>
   0x000000005256a9d8 <+1908>:  j       0x5256a9dc <QTextEngine::justify(QScript                                                                                                                                       Line const&)+1912>
   0x000000005256a9dc <+1912>:  j       0x5256baaa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+6214>
   0x000000005256a9e0 <+1916>:  lc      ca0,1648(sp)
   0x000000005256a9e4 <+1920>:  lc      ca1,0(a0)
   0x000000005256a9e8 <+1924>:  lw      a1,32(a1)
   0x000000005256a9ec <+1928>:  auipc   a2,0x632
   0x000000005256a9f0 <+1932>:  lc      ca2,-380(a2) # 0x52b9c870 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180016>
   0x000000005256a9f4 <+1936>:  li      a3,0
   0x000000005256a9f6 <+1938>:  lc      ca0,1264(sp)
   0x000000005256a9fa <+1942>:  sc      ca2,1104(sp)
   0x000000005256a9fe <+1946>:  mv      a2,a3
   0x000000005256aa00 <+1948>:  lc      ca4,1104(sp)
   0x000000005256aa04 <+1952>:  sd      a3,1096(sp)
   0x000000005256aa08 <+1956>:  cjalr   cra,ca4
   0x000000005256aa0c <+1960>:  lc      ca1,1536(sp)
   0x000000005256aa10 <+1964>:  sw      a0,0(a1)
   0x000000005256aa14 <+1968>:  lc      ca0,1648(sp)
   0x000000005256aa18 <+1972>:  lc      ca2,0(a0)
   0x000000005256aa1c <+1976>:  lw      a2,32(a2)
   0x000000005256aa20 <+1980>:  lc      ca3,1568(sp)
   0x000000005256aa24 <+1984>:  lw      a4,0(a3)
   0x000000005256aa28 <+1988>:  add     a2,a2,a4
   0x000000005256aa2a <+1990>:  lw      a4,0(a1)
   0x000000005256aa2e <+1994>:  addiw   a1,a2,-1
   0x000000005256aa32 <+1998>:  lc      ca0,1264(sp)
   0x000000005256aa36 <+2002>:  mv      a2,a4
   0x000000005256aa38 <+2004>:  lc      ca4,1104(sp)
   0x000000005256aa3c <+2008>:  cjalr   cra,ca4
   0x000000005256aa40 <+2012>:  lc      ca1,1520(sp)
   0x000000005256aa44 <+2016>:  sw      a0,0(a1)
   0x000000005256aa48 <+2020>:  lc      ca0,1536(sp)
   0x000000005256aa4c <+2024>:  lw      a2,0(a0)
   0x000000005256aa50 <+2028>:  ld      a3,1096(sp)
   0x000000005256aa54 <+2032>:  blt     a2,a3,0x5256aa90 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2092>
   0x000000005256aa58 <+2036>:  j       0x5256aa5c <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2040>
   0x000000005256aa5c <+2040>:  lc      ca0,1520(sp)
   0x000000005256aa60 <+2044>:  lw      a1,0(a0)
   0x000000005256aa64 <+2048>:  lc      ca2,1536(sp)
   0x000000005256aa68 <+2052>:  lw      a3,0(a2)
   0x000000005256aa6c <+2056>:  blt     a1,a3,0x5256aa90 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2092>
   0x000000005256aa70 <+2060>:  j       0x5256aa74 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2064>
   0x000000005256aa74 <+2064>:  lc      ca0,1520(sp)
   0x000000005256aa78 <+2068>:  lw      a1,0(a0)
   0x000000005256aa7c <+2072>:  lc      ca2,1536(sp)
   0x000000005256aa80 <+2076>:  lw      a3,0(a2)
   0x000000005256aa84 <+2080>:  subw    a1,a1,a3
   0x000000005256aa86 <+2082>:  addi    a1,a1,1
   0x000000005256aa88 <+2084>:  sd      a1,1088(sp)
   0x000000005256aa8c <+2088>:  j       0x5256aa9a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2102>
   0x000000005256aa90 <+2092>:  li      a0,0
   0x000000005256aa92 <+2094>:  sd      a0,1088(sp)
   0x000000005256aa96 <+2098>:  j       0x5256aa9a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2102>
   0x000000005256aa9a <+2102>:  ld      a0,1088(sp)
   0x000000005256aa9e <+2106>:  lc      ca1,1504(sp)
   0x000000005256aaa2 <+2110>:  sw      a0,0(a1)
   0x000000005256aaa6 <+2114>:  auipc   a0,0x633
   0x000000005256aaaa <+2118>:  lc      ca0,-1030(a0) # 0x52b9d6a0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+183648>
   0x000000005256aaae <+2122>:  li      a2,0
   0x000000005256aab0 <+2124>:  lc      ca3,1488(sp)
   0x000000005256aab4 <+2128>:  sc      ca0,1072(sp)
   0x000000005256aab8 <+2132>:  cmove   ca0,ca3
   0x000000005256aabc <+2136>:  mv      a1,a2
   0x000000005256aabe <+2138>:  lc      ca4,1072(sp)
   0x000000005256aac2 <+2142>:  sd      a2,1064(sp)
   0x000000005256aac6 <+2146>:  cjalr   cra,ca4
   0x000000005256aaca <+2150>:  ld      a0,1064(sp)
   0x000000005256aace <+2154>:  lc      ca1,1472(sp)
   0x000000005256aad2 <+2158>:  sw      a0,0(a1)
   0x000000005256aad6 <+2162>:  auipc   a2,0x62e
   0x000000005256aada <+2166>:  lc      ca2,-1286(a2) # 0x52b985d0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+162960>
   0x000000005256aade <+2170>:  lui     a1,0x100
   0x000000005256aae2 <+2174>:  lc      ca0,1456(sp)
   0x000000005256aae6 <+2178>:  cjalr   cra,ca2
   0x000000005256aaea <+2182>:  ld      a0,1064(sp)
   0x000000005256aaee <+2186>:  lc      ca1,1440(sp)
   0x000000005256aaf2 <+2190>:  sw      a0,0(a1) # 0x100000
   0x000000005256aaf6 <+2194>:  j       0x5256aafa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2198>
   0x000000005256aafa <+2198>:  lc      ca0,1440(sp)
   0x000000005256aafe <+2202>:  lw      a1,0(a0)
   0x000000005256ab02 <+2206>:  lc      ca2,1504(sp)
   0x000000005256ab06 <+2210>:  lw      a3,0(a2)
   0x000000005256ab0a <+2214>:  bge     a1,a3,0x5256ab90 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2348>
   0x000000005256ab0e <+2218>:  j       0x5256ab12 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2222>
   0x000000005256ab12 <+2222>:  lc      ca0,1264(sp)
   0x000000005256ab16 <+2226>:  lc      ca0,240(a0)
   0x000000005256ab1a <+2230>:  lc      ca1,1536(sp)
   0x000000005256ab1e <+2234>:  lw      a2,0(a1)
   0x000000005256ab22 <+2238>:  lc      ca3,1440(sp)
   0x000000005256ab26 <+2242>:  lw      a4,0(a3)
   0x000000005256ab2a <+2246>:  addw    a1,a2,a4
   0x000000005256ab2e <+2250>:  auipc   a2,0x632
   0x000000005256ab32 <+2254>:  lc      ca2,-686(a2) # 0x52b9c880 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180032>
   0x000000005256ab36 <+2258>:  cjalr   cra,ca2
   0x000000005256ab3a <+2262>:  lc      ca1,1424(sp)
   0x000000005256ab3e <+2266>:  sc      ca0,0(a1)
   0x000000005256ab42 <+2270>:  lc      ca0,0(a1)
   0x000000005256ab46 <+2274>:  lhu     a0,6(a0)
   0x000000005256ab4a <+2278>:  li      a2,0
   0x000000005256ab4c <+2280>:  bne     a0,a2,0x5256ab7a <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2326>
   0x000000005256ab50 <+2284>:  j       0x5256ab54 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2288>
   0x000000005256ab54 <+2288>:  lc      ca0,1536(sp)
   0x000000005256ab58 <+2292>:  lw      a1,0(a0)
   0x000000005256ab5c <+2296>:  lc      ca2,1440(sp)
   0x000000005256ab60 <+2300>:  lw      a3,0(a2)
   0x000000005256ab64 <+2304>:  addw    a1,a1,a3
   0x000000005256ab66 <+2306>:  auipc   a3,0x632
   0x000000005256ab6a <+2310>:  lc      ca3,-694(a3) # 0x52b9c8b0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180080>
   0x000000005256ab6e <+2314>:  lc      ca0,1264(sp)
   0x000000005256ab72 <+2318>:  cjalr   cra,ca3
   0x000000005256ab76 <+2322>:  j       0x5256ab7a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2326>
   0x000000005256ab7a <+2326>:  j       0x5256ab7e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2330>
   0x000000005256ab7e <+2330>:  lc      ca0,1440(sp)
   0x000000005256ab82 <+2334>:  lw      a1,0(a0)
   0x000000005256ab86 <+2338>:  addi    a1,a1,1
   0x000000005256ab88 <+2340>:  sw      a1,0(a0)
   0x000000005256ab8c <+2344>:  j       0x5256aafa <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2198>
   0x000000005256ab90 <+2348>:  li      a0,0
   0x000000005256ab92 <+2350>:  lc      ca1,1408(sp)
   0x000000005256ab96 <+2354>:  sw      a0,0(a1)
   0x000000005256ab9a <+2358>:  j       0x5256ab9e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2362>
   0x000000005256ab9e <+2362>:  lc      ca0,1408(sp)
   0x000000005256aba2 <+2366>:  lw      a1,0(a0)
   0x000000005256aba6 <+2370>:  lc      ca2,1504(sp)
   0x000000005256abaa <+2374>:  lw      a3,0(a2)
   0x000000005256abae <+2378>:  bge     a1,a3,0x5256b3f4 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+4496>
   0x000000005256abb2 <+2382>:  j       0x5256abb6 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2386>
   0x000000005256abb6 <+2386>:  lc      ca0,1264(sp)
   0x000000005256abba <+2390>:  lc      ca0,240(a0)
   0x000000005256abbe <+2394>:  lc      ca1,1536(sp)
   0x000000005256abc2 <+2398>:  lw      a2,0(a1)
   0x000000005256abc6 <+2402>:  lc      ca3,1408(sp)
   0x000000005256abca <+2406>:  lw      a4,0(a3)
   0x000000005256abce <+2410>:  addw    a1,a2,a4
   0x000000005256abd2 <+2414>:  auipc   a2,0x632
   0x000000005256abd6 <+2418>:  lc      ca2,-850(a2) # 0x52b9c880 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180032>
   0x000000005256abda <+2422>:  cjalr   cra,ca2
   0x000000005256abde <+2426>:  lc      ca1,1392(sp)
   0x000000005256abe2 <+2430>:  sc      ca0,0(a1)
   0x000000005256abe6 <+2434>:  li      a0,7
   0x000000005256abe8 <+2436>:  lc      ca2,1376(sp)
   0x000000005256abec <+2440>:  sw      a0,0(a2)
   0x000000005256abf0 <+2444>:  li      a0,1
   0x000000005256abf2 <+2446>:  slli    a0,a0,0x20
   0x000000005256abf4 <+2448>:  addi    a0,a0,-1
   0x000000005256abf6 <+2450>:  lc      ca3,1360(sp)
   0x000000005256abfa <+2454>:  sw      a0,0(a3)
   0x000000005256abfe <+2458>:  lc      ca0,1648(sp)
   0x000000005256ac02 <+2462>:  lc      ca4,0(a0)
   0x000000005256ac06 <+2466>:  lw      a4,32(a4)
   0x000000005256ac0a <+2470>:  lc      ca5,0(a1)
   0x000000005256ac0e <+2474>:  lw      a5,0(a5)
   0x000000005256ac12 <+2478>:  sub     a4,a4,a5
   0x000000005256ac14 <+2480>:  lc      ca5,1328(sp)
   0x000000005256ac18 <+2484>:  sw      a4,0(a5)
   0x000000005256ac1c <+2488>:  li      a4,0
   0x000000005256ac1e <+2490>:  lc      ca6,1312(sp)
   0x000000005256ac22 <+2494>:  sw      a4,0(a6)
   0x000000005256ac26 <+2498>:  auipc   a4,0x607
   0x000000005256ac2a <+2502>:  lc      ca4,-1062(a4) # 0x52b71800 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+3776>
   0x000000005256ac2e <+2506>:  cmove   ca0,ca5
   0x000000005256ac32 <+2510>:  cmove   ca1,ca6
   0x000000005256ac36 <+2514>:  cjalr   cra,ca4
   0x000000005256ac3a <+2518>:  lw      a0,0(a0)
   0x000000005256ac3e <+2522>:  lc      ca1,1344(sp)
   0x000000005256ac42 <+2526>:  sw      a0,0(a1)
   0x000000005256ac46 <+2530>:  lc      ca0,1648(sp)
   0x000000005256ac4a <+2534>:  lc      ca2,0(a0)
   0x000000005256ac4e <+2538>:  lw      a2,32(a2)
   0x000000005256ac52 <+2542>:  lc      ca3,1568(sp)
   0x000000005256ac56 <+2546>:  lw      a4,0(a3)
   0x000000005256ac5a <+2550>:  add     a2,a2,a4
   0x000000005256ac5c <+2552>:  lc      ca4,1392(sp)
   0x000000005256ac60 <+2556>:  lc      ca5,0(a4)
   0x000000005256ac64 <+2560>:  lw      a5,0(a5)
   0x000000005256ac68 <+2564>:  sub     a2,a2,a5
   0x000000005256ac6a <+2566>:  lc      ca5,2016(sp)
   0x000000005256ac6e <+2570>:  sw      a2,0(a5)
   0x000000005256ac72 <+2574>:  lc      ca2,1536(sp)
   0x000000005256ac76 <+2578>:  lw      a6,0(a2)
   0x000000005256ac7a <+2582>:  lc      ca7,1408(sp)
   0x000000005256ac7e <+2586>:  lw      t0,0(a7)
   0x000000005256ac82 <+2590>:  addw    a1,a6,t0
   0x000000005256ac86 <+2594>:  auipc   a6,0x632
   0x000000005256ac8a <+2598>:  lc      ca6,-342(a6) # 0x52b9cb30 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180720>
   0x000000005256ac8e <+2602>:  lc      ca0,1264(sp)
   0x000000005256ac92 <+2606>:  sc      ca6,1040(sp)
   0x000000005256ac96 <+2610>:  cjalr   cra,ca6
   0x000000005256ac9a <+2614>:  lc      ca1,2000(sp)
   0x000000005256ac9e <+2618>:  sw      a0,0(a1)
   0x000000005256aca2 <+2622>:  auipc   a0,0x607
   0x000000005256aca6 <+2626>:  lc      ca0,-1218(a0) # 0x52b717e0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+3744>
   0x000000005256acaa <+2630>:  lc      ca2,2016(sp)
   0x000000005256acae <+2634>:  sc      ca0,1024(sp)
   0x000000005256acb2 <+2638>:  cmove   ca0,ca2
   0x000000005256acb6 <+2642>:  lc      ca3,1024(sp)
   0x000000005256acba <+2646>:  cjalr   cra,ca3
   0x000000005256acbe <+2650>:  lw      a0,0(a0)
   0x000000005256acc2 <+2654>:  lc      ca1,2032(sp)
   0x000000005256acc6 <+2658>:  sw      a0,0(a1)
   0x000000005256acca <+2662>:  lc      ca0,1392(sp)
   0x000000005256acce <+2666>:  lc      ca1,0(a0)
   0x000000005256acd2 <+2670>:  auipc   a2,0x632
   0x000000005256acd6 <+2674>:  lc      ca2,-242(a2) # 0x52b9cbe0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+180896>
   0x000000005256acda <+2678>:  lc      ca0,1264(sp)
   0x000000005256acde <+2682>:  cjalr   cra,ca2
   0x000000005256ace2 <+2686>:  lc      ca1,1984(sp)
   0x000000005256ace6 <+2690>:  sc      ca0,0(a1)
   0x000000005256acea <+2694>:  lc      ca0,0(a1)
   0x000000005256acee <+2698>:  lc      ca2,1344(sp)
   0x000000005256acf2 <+2702>:  lw      a3,0(a2)
   0x000000005256acf6 <+2706>:  slli    a3,a3,0x1
   0x000000005256acf8 <+2708>:  cincoffset      ca0,ca0,a3
   0x000000005256acfc <+2712>:  lhu     a0,0(a0)
   0x000000005256ad00 <+2716>:  lc      ca3,1296(sp)
   0x000000005256ad04 <+2720>:  sw      a0,0(a3)
   0x000000005256ad08 <+2724>:  lc      ca0,2032(sp)
   0x000000005256ad0c <+2728>:  lw      a4,0(a0)
   0x000000005256ad10 <+2732>:  lc      ca5,1536(sp)
   0x000000005256ad14 <+2736>:  lw      a6,0(a5)
   0x000000005256ad18 <+2740>:  lc      ca7,1408(sp)
   0x000000005256ad1c <+2744>:  lw      t0,0(a7)
   0x000000005256ad20 <+2748>:  addw    a1,a6,t0
   0x000000005256ad24 <+2752>:  lc      ca0,1264(sp)
   0x000000005256ad28 <+2756>:  lc      ca6,1040(sp)
   0x000000005256ad2c <+2760>:  sd      a4,1016(sp)
   0x000000005256ad30 <+2764>:  cjalr   cra,ca6
   0x000000005256ad34 <+2768>:  ld      a1,1016(sp)
   0x000000005256ad38 <+2772>:  bne     a1,a0,0x5256ad54 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2800>
   0x000000005256ad3c <+2776>:  j       0x5256ad40 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2780>
   0x000000005256ad40 <+2780>:  lc      ca0,1392(sp)
   0x000000005256ad44 <+2784>:  lc      ca1,0(a0)
   0x000000005256ad48 <+2788>:  lhu     a1,6(a1)
   0x000000005256ad4c <+2792>:  sd      a1,1008(sp)
   0x000000005256ad50 <+2796>:  j       0x5256ad76 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2834>
   0x000000005256ad54 <+2800>:  lc      ca0,1984(sp)
   0x000000005256ad58 <+2804>:  lc      ca1,0(a0)
   0x000000005256ad5c <+2808>:  lc      ca2,2032(sp)
   0x000000005256ad60 <+2812>:  lw      a3,0(a2)
   0x000000005256ad64 <+2816>:  slli    a3,a3,0x1
   0x000000005256ad66 <+2818>:  cincoffset      ca1,ca1,a3
   0x000000005256ad6a <+2822>:  lhu     a1,0(a1)
   0x000000005256ad6e <+2826>:  sd      a1,1008(sp)
   0x000000005256ad72 <+2830>:  j       0x5256ad76 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2834>
   0x000000005256ad76 <+2834>:  ld      a0,1008(sp)
   0x000000005256ad7a <+2838>:  lui     a1,0x10
   0x000000005256ad7c <+2840>:  addiw   a1,a1,-1
   0x000000005256ad7e <+2842>:  and     a0,a0,a1
   0x000000005256ad80 <+2844>:  lc      ca1,1968(sp)
   0x000000005256ad84 <+2848>:  sw      a0,0(a1) # 0x10000
   0x000000005256ad88 <+2852>:  lw      a0,0(a1)
   0x000000005256ad8c <+2856>:  lc      ca2,1392(sp)
   0x000000005256ad90 <+2860>:  lc      ca3,0(a2)
   0x000000005256ad94 <+2864>:  lhu     a3,6(a3)
   0x000000005256ad98 <+2868>:  blt     a3,a0,0x5256ada4 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+2880>
   0x000000005256ad9c <+2872>:  j       0x5256ada0 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2876>
   0x000000005256ada0 <+2876>:  j       0x5256add0 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2924>
   0x000000005256ada4 <+2880>:  auipc   a0,0x633
   0x000000005256ada8 <+2884>:  lc      ca0,-1780(a0) # 0x52b9d6b0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+183664>
   0x000000005256adac <+2888>:  auipc   a1,0x632
   0x000000005256adb0 <+2892>:  lc      ca1,-1228(a1) # 0x52b9c8e0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+180128>
   0x000000005256adb4 <+2896>:  auipc   a2,0x606
   0x000000005256adb8 <+2900>:  lc      ca2,-420(a2) # 0x52b70c10 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+720>
   0x000000005256adbc <+2904>:  lui     a3,0x1
   0x000000005256adbe <+2906>:  addiw   a3,a3,-1796
   0x000000005256adc2 <+2910>:  sc      ca2,992(sp)
   0x000000005256adc6 <+2914>:  mv      a2,a3
   0x000000005256adc8 <+2916>:  lc      ca3,992(sp)
   0x000000005256adcc <+2920>:  cjalr   cra,ca3
   0x000000005256add0 <+2924>:  lc      ca0,1392(sp)
   0x000000005256add4 <+2928>:  lc      ca2,0(a0)
   0x000000005256add8 <+2932>:  auipc   a1,0x632
   0x000000005256addc <+2936>:  lc      ca1,-1304(a1) # 0x52b9c8c0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+180096>
   0x000000005256ade0 <+2940>:  lc      ca0,1920(sp)
   0x000000005256ade4 <+2944>:  lc      ca3,1264(sp)
   0x000000005256ade8 <+2948>:  sc      ca1,976(sp)
   0x000000005256adec <+2952>:  cmove   ca1,ca3
   0x000000005256adf0 <+2956>:  lc      ca4,976(sp)
   0x000000005256adf4 <+2960>:  cjalr   cra,ca4
   0x000000005256adf8 <+2964>:  lc      ca0,1296(sp)
   0x000000005256adfc <+2968>:  lw      a1,0(a0)
   0x000000005256ae00 <+2972>:  lc      ca2,1888(sp)
   0x000000005256ae04 <+2976>:  sw      a1,0(a2)
   0x000000005256ae08 <+2980>:  j       0x5256ae0c <QTextEngine::justify(QScript                                                                                                                                       Line const&)+2984>
   0x000000005256ae0c <+2984>:  lc      ca0,1888(sp)
   0x000000005256ae10 <+2988>:  lw      a1,0(a0)
   0x000000005256ae14 <+2992>:  lc      ca2,1968(sp)
   0x000000005256ae18 <+2996>:  lw      a3,0(a2)
   0x000000005256ae1c <+3000>:  bge     a1,a3,0x5256b230 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+4044>
   0x000000005256ae20 <+3004>:  j       0x5256ae24 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3008>
   0x000000005256ae24 <+3008>:  lc      ca0,1920(sp)
   0x000000005256ae28 <+3012>:  lc      ca1,48(a0)
   0x000000005256ae2c <+3016>:  lc      ca2,1888(sp)
   0x000000005256ae30 <+3020>:  lw      a3,0(a2)
   0x000000005256ae34 <+3024>:  slli    a3,a3,0x2
   0x000000005256ae36 <+3026>:  cincoffset      ca1,ca1,a3
   0x000000005256ae3a <+3030>:  lwu     a3,0(a1)
   0x000000005256ae3e <+3034>:  li      a4,1
   0x000000005256ae40 <+3036>:  slli    a4,a4,0x20
   0x000000005256ae42 <+3038>:  addi    a5,a4,-4
   0x000000005256ae46 <+3042>:  and     a3,a3,a5
   0x000000005256ae48 <+3044>:  sw      a3,0(a1)
   0x000000005256ae4c <+3048>:  lc      ca1,48(a0)
   0x000000005256ae50 <+3052>:  lw      a3,0(a2)
   0x000000005256ae54 <+3056>:  slli    a3,a3,0x2
   0x000000005256ae56 <+3058>:  cincoffset      ca1,ca1,a3
   0x000000005256ae5a <+3062>:  lwu     a3,0(a1)
   0x000000005256ae5e <+3066>:  addi    a4,a4,-253
   0x000000005256ae62 <+3070>:  and     a3,a3,a4
   0x000000005256ae64 <+3072>:  sw      a3,0(a1)
   0x000000005256ae68 <+3076>:  lc      ca1,48(a0)
   0x000000005256ae6c <+3080>:  lw      a3,0(a2)
   0x000000005256ae70 <+3084>:  slli    a3,a3,0x2
   0x000000005256ae72 <+3086>:  cincoffset      ca1,ca1,a3
   0x000000005256ae76 <+3090>:  lwu     a3,0(a1)
   0x000000005256ae7a <+3094>:  andi    a3,a3,255
   0x000000005256ae7e <+3098>:  sw      a3,0(a1)
   0x000000005256ae82 <+3102>:  lc      ca1,1472(sp)
   0x000000005256ae86 <+3106>:  lw      a3,0(a1)
   0x000000005256ae8a <+3110>:  addiw   a1,a3,3
   0x000000005256ae8e <+3114>:  auipc   a3,0x633
   0x000000005256ae92 <+3118>:  lc      ca3,-1998(a3) # 0x52b9d6c0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+183680>
   0x000000005256ae96 <+3122>:  lc      ca0,1488(sp)
   0x000000005256ae9a <+3126>:  cjalr   cra,ca3
   0x000000005256ae9e <+3130>:  lc      ca0,1920(sp)
   0x000000005256aea2 <+3134>:  lc      ca1,64(a0)
   0x000000005256aea6 <+3138>:  lc      ca2,1888(sp)
   0x000000005256aeaa <+3142>:  lw      a3,0(a2)
   0x000000005256aeae <+3146>:  cincoffset      ca1,ca1,a3
   0x000000005256aeb2 <+3150>:  lbu     a1,0(a1)
   0x000000005256aeb6 <+3154>:  srli    a1,a1,0x2
   0x000000005256aeb8 <+3156>:  andi    a1,a1,15
   0x000000005256aeba <+3158>:  lc      ca3,1904(sp)
   0x000000005256aebe <+3162>:  sw      a1,0(a3)
   0x000000005256aec2 <+3166>:  lwu     a1,0(a3)
   0x000000005256aec6 <+3170>:  li      a4,0
   0x000000005256aec8 <+3172>:  sd      a1,968(sp)
   0x000000005256aecc <+3176>:  beq     a1,a4,0x5256af22 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3262>
   0x000000005256aed0 <+3180>:  j       0x5256aed4 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3184>
   0x000000005256aed4 <+3184>:  ld      a0,968(sp)
   0x000000005256aed8 <+3188>:  slli    a1,a0,0x20
   0x000000005256aedc <+3192>:  srli    a1,a1,0x20
   0x000000005256aede <+3194>:  li      a2,1
   0x000000005256aee0 <+3196>:  beq     a1,a2,0x5256af26 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3266>
   0x000000005256aee4 <+3200>:  j       0x5256aee8 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3204>
   0x000000005256aee8 <+3204>:  ld      a0,968(sp)
   0x000000005256aeec <+3208>:  slli    a1,a0,0x20
   0x000000005256aef0 <+3212>:  srli    a1,a1,0x20
   0x000000005256aef2 <+3214>:  li      a2,2
   0x000000005256aef4 <+3216>:  beq     a1,a2,0x5256b0f0 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3724>
   0x000000005256aef8 <+3220>:  j       0x5256aefc <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3224>
   0x000000005256aefc <+3224>:  ld      a0,968(sp)
   0x000000005256af00 <+3228>:  slli    a1,a0,0x20
   0x000000005256af04 <+3232>:  srli    a1,a1,0x20
   0x000000005256af06 <+3234>:  li      a2,4
   0x000000005256af08 <+3236>:  beq     a1,a2,0x5256af26 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3266>
   0x000000005256af0c <+3240>:  j       0x5256af10 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3244>
   0x000000005256af10 <+3244>:  ld      a0,968(sp)
   0x000000005256af14 <+3248>:  addiw   a1,a0,-7
   0x000000005256af18 <+3252>:  li      a2,7
   0x000000005256af1a <+3254>:  bltu    a1,a2,0x5256b1da <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3958>
   0x000000005256af1e <+3258>:  j       0x5256b21a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+4022>
   0x000000005256af22 <+3262>:  j       0x5256b21a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+4022>
   0x000000005256af26 <+3266>:  lc      ca0,1360(sp)
   0x000000005256af2a <+3270>:  lw      a1,0(a0)
   0x000000005256af2e <+3274>:  li      a2,0
   0x000000005256af30 <+3276>:  blt     a1,a2,0x5256b0d4 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3696>
   0x000000005256af34 <+3280>:  j       0x5256af38 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3284>
   0x000000005256af38 <+3284>:  lc      ca0,1472(sp)
   0x000000005256af3c <+3288>:  lw      a1,0(a0)
   0x000000005256af40 <+3292>:  auipc   a2,0x632
   0x000000005256af44 <+3296>:  lc      ca2,1936(a2) # 0x52b9d6d0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183696>
   0x000000005256af48 <+3300>:  lc      ca0,1488(sp)
   0x000000005256af4c <+3304>:  sc      ca2,944(sp)
   0x000000005256af50 <+3308>:  cjalr   cra,ca2
   0x000000005256af54 <+3312>:  lc      ca1,1376(sp)
   0x000000005256af58 <+3316>:  lw      a1,0(a1)
   0x000000005256af5c <+3320>:  lc      ca2,1360(sp)
   0x000000005256af60 <+3324>:  lw      a2,0(a2)
   0x000000005256af64 <+3328>:  auipc   a3,0x62e
   0x000000005256af68 <+3332>:  lc      ca3,540(a3) # 0x52b99180 <_CHERI_CAPABIL                                                                                                                                       ITY_TABLE_+165952>
   0x000000005256af6c <+3336>:  li      a4,-1
   0x000000005256af6e <+3338>:  lc      ca5,1872(sp)
   0x000000005256af72 <+3342>:  sc      ca0,928(sp)
   0x000000005256af76 <+3346>:  cmove   ca0,ca5
   0x000000005256af7a <+3350>:  lc      ca6,1920(sp)
   0x000000005256af7e <+3354>:  sd      a1,920(sp)
   0x000000005256af82 <+3358>:  cmove   ca1,ca6
   0x000000005256af86 <+3362>:  sc      ca3,896(sp)
   0x000000005256af8a <+3366>:  mv      a3,a4
   0x000000005256af8c <+3368>:  lc      ca4,896(sp)
   0x000000005256af90 <+3372>:  cjalr   cra,ca4
   0x000000005256af94 <+3376>:  lc      ca0,1392(sp)
   0x000000005256af98 <+3380>:  lc      ca1,0(a0)
   0x000000005256af9c <+3384>:  auipc   a2,0x632
   0x000000005256afa0 <+3388>:  lc      ca2,-1180(a2) # 0x52b9cb00 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+180672>
   0x000000005256afa4 <+3392>:  lc      ca0,1264(sp)
   0x000000005256afa8 <+3396>:  sc      ca2,880(sp)
   0x000000005256afac <+3400>:  cmove   ca2,cnull
   0x000000005256afb0 <+3404>:  cmove   ca3,cnull
   0x000000005256afb4 <+3408>:  cmove   ca4,cnull
   0x000000005256afb8 <+3412>:  lc      ca5,880(sp)
   0x000000005256afbc <+3416>:  cjalr   cra,ca5
   0x000000005256afc0 <+3420>:  auipc   a1,0x632
   0x000000005256afc4 <+3424>:  lc      ca1,1824(a1) # 0x52b9d6e0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183712>
   0x000000005256afc8 <+3428>:  lc      ca2,928(sp)
   0x000000005256afcc <+3432>:  sc      ca0,864(sp)
   0x000000005256afd0 <+3436>:  cmove   ca0,ca2
   0x000000005256afd4 <+3440>:  ld      a3,920(sp)
   0x000000005256afd8 <+3444>:  sc      ca1,848(sp)
   0x000000005256afdc <+3448>:  mv      a1,a3
   0x000000005256afde <+3450>:  lc      ca2,1872(sp)
   0x000000005256afe2 <+3454>:  lc      ca3,864(sp)
   0x000000005256afe6 <+3458>:  lc      ca4,848(sp)
   0x000000005256afea <+3462>:  cjalr   cra,ca4
   0x000000005256afee <+3466>:  lc      ca0,1472(sp)
   0x000000005256aff2 <+3470>:  lw      a1,0(a0)
   0x000000005256aff6 <+3474>:  lc      ca0,1488(sp)
   0x000000005256affa <+3478>:  lc      ca2,944(sp)
   0x000000005256affe <+3482>:  cjalr   cra,ca2
   0x000000005256b002 <+3486>:  cincoffset      ca0,ca0,4
   0x000000005256b006 <+3490>:  auipc   a1,0x62f
   0x000000005256b00a <+3494>:  lc      ca1,-566(a1) # 0x52b99dd0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+169104>
   0x000000005256b00e <+3498>:  li      a2,0
   0x000000005256b010 <+3500>:  sc      ca1,832(sp)
   0x000000005256b014 <+3504>:  mv      a1,a2
   0x000000005256b016 <+3506>:  lc      ca3,832(sp)
   0x000000005256b01a <+3510>:  sd      a2,824(sp)
   0x000000005256b01e <+3514>:  cjalr   cra,ca3
   0x000000005256b022 <+3518>:  ld      a1,824(sp)
   0x000000005256b026 <+3522>:  beq     a0,a1,0x5256b0d0 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+3692>
   0x000000005256b02a <+3526>:  j       0x5256b02e <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3530>
   0x000000005256b02e <+3530>:  lc      ca0,1472(sp)
   0x000000005256b032 <+3534>:  lw      a1,0(a0)
   0x000000005256b036 <+3538>:  auipc   a2,0x632
   0x000000005256b03a <+3542>:  lc      ca2,1690(a2) # 0x52b9d6d0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183696>
   0x000000005256b03e <+3546>:  lc      ca0,1488(sp)
   0x000000005256b042 <+3550>:  sc      ca2,800(sp)
   0x000000005256b046 <+3554>:  cjalr   cra,ca2
   0x000000005256b04a <+3558>:  cincoffset      ca1,ca0,4
   0x000000005256b04e <+3562>:  auipc   a0,0x62e
   0x000000005256b052 <+3566>:  lc      ca0,-1678(a0) # 0x52b989c0 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+163968>
   0x000000005256b056 <+3570>:  lc      ca2,1456(sp)
   0x000000005256b05a <+3574>:  sc      ca0,784(sp)
   0x000000005256b05e <+3578>:  cmove   ca0,ca2
   0x000000005256b062 <+3582>:  lc      ca3,784(sp)
   0x000000005256b066 <+3586>:  cjalr   cra,ca3
   0x000000005256b06a <+3590>:  lw      a0,0(a0)
   0x000000005256b06e <+3594>:  lc      ca1,1456(sp)
   0x000000005256b072 <+3598>:  sw      a0,0(a1)
   0x000000005256b076 <+3602>:  lc      ca0,1472(sp)
   0x000000005256b07a <+3606>:  lw      a1,0(a0)
   0x000000005256b07e <+3610>:  lc      ca0,1488(sp)
   0x000000005256b082 <+3614>:  lc      ca2,800(sp)
   0x000000005256b086 <+3618>:  cjalr   cra,ca2
   0x000000005256b08a <+3622>:  auipc   a1,0x606
   0x000000005256b08e <+3626>:  lc      ca1,1910(a1) # 0x52b71800 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+3776>
   0x000000005256b092 <+3630>:  lc      ca2,1584(sp)
   0x000000005256b096 <+3634>:  sc      ca0,768(sp)
   0x000000005256b09a <+3638>:  cmove   ca0,ca2
   0x000000005256b09e <+3642>:  lc      ca3,768(sp)
   0x000000005256b0a2 <+3646>:  sc      ca1,752(sp)
   0x000000005256b0a6 <+3650>:  cmove   ca1,ca3
   0x000000005256b0aa <+3654>:  lc      ca4,752(sp)
   0x000000005256b0ae <+3658>:  cjalr   cra,ca4
   0x000000005256b0b2 <+3662>:  lw      a0,0(a0)
   0x000000005256b0b6 <+3666>:  lc      ca1,1584(sp)
   0x000000005256b0ba <+3670>:  sw      a0,0(a1)
   0x000000005256b0be <+3674>:  lc      ca0,1472(sp)
   0x000000005256b0c2 <+3678>:  lw      a2,0(a0)
   0x000000005256b0c6 <+3682>:  addi    a2,a2,1
   0x000000005256b0c8 <+3684>:  sw      a2,0(a0)
   0x000000005256b0cc <+3688>:  j       0x5256b0d0 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3692>
   0x000000005256b0d0 <+3692>:  j       0x5256b0d4 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3696>
   0x000000005256b0d4 <+3696>:  li      a0,1
   0x000000005256b0d6 <+3698>:  slli    a0,a0,0x20
   0x000000005256b0d8 <+3700>:  addi    a0,a0,-1
   0x000000005256b0da <+3702>:  lc      ca1,1360(sp)
   0x000000005256b0de <+3706>:  sw      a0,0(a1)
   0x000000005256b0e2 <+3710>:  li      a0,7
   0x000000005256b0e4 <+3712>:  lc      ca2,1376(sp)
   0x000000005256b0e8 <+3716>:  sw      a0,0(a2)
   0x000000005256b0ec <+3720>:  j       0x5256b0f0 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3724>
   0x000000005256b0f0 <+3724>:  lc      ca0,1472(sp)
   0x000000005256b0f4 <+3728>:  lw      a1,0(a0)
   0x000000005256b0f8 <+3732>:  addi    a2,a1,1
   0x000000005256b0fc <+3736>:  sw      a2,0(a0)
   0x000000005256b100 <+3740>:  auipc   a2,0x632
   0x000000005256b104 <+3744>:  lc      ca2,1488(a2) # 0x52b9d6d0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183696>
   0x000000005256b108 <+3748>:  lc      ca0,1488(sp)
   0x000000005256b10c <+3752>:  cjalr   cra,ca2
   0x000000005256b110 <+3756>:  lc      ca1,1904(sp)
   0x000000005256b114 <+3760>:  lw      a1,0(a1)
   0x000000005256b118 <+3764>:  lc      ca2,1888(sp)
   0x000000005256b11c <+3768>:  lw      a2,0(a2)
   0x000000005256b120 <+3772>:  auipc   a3,0x62e
   0x000000005256b124 <+3776>:  lc      ca3,96(a3) # 0x52b99180 <_CHERI_CAPABILI                                                                                                                                       TY_TABLE_+165952>
   0x000000005256b128 <+3780>:  li      a4,-1
   0x000000005256b12a <+3782>:  lc      ca5,1856(sp)
   0x000000005256b12e <+3786>:  sc      ca0,736(sp)
   0x000000005256b132 <+3790>:  cmove   ca0,ca5
   0x000000005256b136 <+3794>:  lc      ca6,1920(sp)
   0x000000005256b13a <+3798>:  sd      a1,728(sp)
   0x000000005256b13e <+3802>:  cmove   ca1,ca6
   0x000000005256b142 <+3806>:  sc      ca3,704(sp)
   0x000000005256b146 <+3810>:  mv      a3,a4
   0x000000005256b148 <+3812>:  lc      ca4,704(sp)
   0x000000005256b14c <+3816>:  cjalr   cra,ca4
   0x000000005256b150 <+3820>:  lc      ca0,1392(sp)
   0x000000005256b154 <+3824>:  lc      ca1,0(a0)
   0x000000005256b158 <+3828>:  auipc   a2,0x632
   0x000000005256b15c <+3832>:  lc      ca2,-1624(a2) # 0x52b9cb00 <_CHERI_CAPAB                                                                                                                                       ILITY_TABLE_+180672>
   0x000000005256b160 <+3836>:  lc      ca0,1264(sp)
   0x000000005256b164 <+3840>:  sc      ca2,688(sp)
   0x000000005256b168 <+3844>:  cmove   ca2,cnull
   0x000000005256b16c <+3848>:  cmove   ca3,cnull
   0x000000005256b170 <+3852>:  cmove   ca4,cnull
   0x000000005256b174 <+3856>:  lc      ca5,688(sp)
   0x000000005256b178 <+3860>:  cjalr   cra,ca5
   0x000000005256b17c <+3864>:  auipc   a1,0x632
   0x000000005256b180 <+3868>:  lc      ca1,1380(a1) # 0x52b9d6e0 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+183712>
   0x000000005256b184 <+3872>:  lc      ca2,736(sp)
   0x000000005256b188 <+3876>:  sc      ca0,672(sp)
   0x000000005256b18c <+3880>:  cmove   ca0,ca2
   0x000000005256b190 <+3884>:  ld      a3,728(sp)
   0x000000005256b194 <+3888>:  sc      ca1,656(sp)
   0x000000005256b198 <+3892>:  mv      a1,a3
   0x000000005256b19a <+3894>:  lc      ca2,1856(sp)
   0x000000005256b19e <+3898>:  lc      ca3,672(sp)
   0x000000005256b1a2 <+3902>:  lc      ca4,656(sp)
   0x000000005256b1a6 <+3906>:  cjalr   cra,ca4
   0x000000005256b1aa <+3910>:  auipc   a0,0x606
   0x000000005256b1ae <+3914>:  lc      ca0,1622(a0) # 0x52b71800 <_CHERI_CAPABI                                                                                                                                       LITY_TABLE_+3776>
   0x000000005256b1b2 <+3918>:  lc      ca1,1584(sp)
   0x000000005256b1b6 <+3922>:  sc      ca0,640(sp)
   0x000000005256b1ba <+3926>:  cmove   ca0,ca1
   0x000000005256b1be <+3930>:  lc      ca1,1904(sp)
   0x000000005256b1c2 <+3934>:  lc      ca2,640(sp)
   0x000000005256b1c6 <+3938>:  cjalr   cra,ca2
   0x000000005256b1ca <+3942>:  lw      a0,0(a0)
   0x000000005256b1ce <+3946>:  lc      ca1,1584(sp)
   0x000000005256b1d2 <+3950>:  sw      a0,0(a1)
   0x000000005256b1d6 <+3954>:  j       0x5256b21a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+4022>
   0x000000005256b1da <+3958>:  lc      ca0,1904(sp)
   0x000000005256b1de <+3962>:  lw      a1,0(a0)
   0x000000005256b1e2 <+3966>:  lc      ca2,1376(sp)
   0x000000005256b1e6 <+3970>:  lw      a3,0(a2)
   0x000000005256b1ea <+3974>:  blt     a1,a3,0x5256b216 <QTextEngine::justify(Q                                                                                                                                       ScriptLine const&)+4018>
   0x000000005256b1ee <+3978>:  j       0x5256b1f2 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+3982>
   0x000000005256b1f2 <+3982>:  lc      ca0,1888(sp)
   0x000000005256b1f6 <+3986>:  lw      a1,0(a0)
   0x000000005256b1fa <+3990>:  lc      ca2,1360(sp)
   0x000000005256b1fe <+3994>:  sw      a1,0(a2)
   0x000000005256b202 <+3998>:  lc      ca1,1904(sp)
   0x000000005256b206 <+4002>:  lw      a3,0(a1)
   0x000000005256b20a <+4006>:  lc      ca4,1376(sp)
   0x000000005256b20e <+4010>:  sw      a3,0(a4)
   0x000000005256b212 <+4014>:  j       0x5256b216 <QTextEngine::justify(QScript                                                                                                                                       Line const&)+4018>
   0x000000005256b216 <+4018>:  j       0x5256b21a <QTextEngine::justify(QScript                                                                                                                                       Line const&)+4022>
   0x000000005256b21a <+4022>:  j       0x5256b21e <QTextEngine::justify(QScriptLine const&)+4026>
   0x000000005256b21e <+4026>:  lc      ca0,1888(sp)
   0x000000005256b222 <+4030>:  lw      a1,0(a0)
   0x000000005256b226 <+4034>:  addi    a1,a1,1
   0x000000005256b228 <+4036>:  sw      a1,0(a0)
   0x000000005256b22c <+4040>:  j       0x5256ae0c <QTextEngine::justify(QScriptLine const&)+2984>
   0x000000005256b230 <+4044>:  lc      ca0,1360(sp)
   0x000000005256b234 <+4048>:  lw      a1,0(a0)
   0x000000005256b238 <+4052>:  li      a2,0
   0x000000005256b23a <+4054>:  blt     a1,a2,0x5256b3de <QTextEngine::justify(QScriptLine const&)+4474>
   0x000000005256b23e <+4058>:  j       0x5256b242 <QTextEngine::justify(QScriptLine const&)+4062>
   0x000000005256b242 <+4062>:  lc      ca0,1472(sp)
   0x000000005256b246 <+4066>:  lw      a1,0(a0)
   0x000000005256b24a <+4070>:  auipc   a2,0x632
   0x000000005256b24e <+4074>:  lc      ca2,1158(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b252 <+4078>:  lc      ca0,1488(sp)
   0x000000005256b256 <+4082>:  sc      ca2,624(sp)
   0x000000005256b25a <+4086>:  cjalr   cra,ca2
   0x000000005256b25e <+4090>:  lc      ca1,1376(sp)
   0x000000005256b262 <+4094>:  lw      a1,0(a1)
   0x000000005256b266 <+4098>:  lc      ca2,1360(sp)
   0x000000005256b26a <+4102>:  lw      a2,0(a2)
   0x000000005256b26e <+4106>:  auipc   a3,0x62e
   0x000000005256b272 <+4110>:  lc      ca3,-238(a3) # 0x52b99180 <_CHERI_CAPABILITY_TABLE_+165952>
   0x000000005256b276 <+4114>:  li      a4,-1
   0x000000005256b278 <+4116>:  lc      ca5,1840(sp)
   0x000000005256b27c <+4120>:  sc      ca0,608(sp)
   0x000000005256b280 <+4124>:  cmove   ca0,ca5
   0x000000005256b284 <+4128>:  lc      ca6,1920(sp)
   0x000000005256b288 <+4132>:  sd      a1,600(sp)
   0x000000005256b28c <+4136>:  cmove   ca1,ca6
   0x000000005256b290 <+4140>:  sc      ca3,576(sp)
   0x000000005256b294 <+4144>:  mv      a3,a4
   0x000000005256b296 <+4146>:  lc      ca4,576(sp)
   0x000000005256b29a <+4150>:  cjalr   cra,ca4
   0x000000005256b29e <+4154>:  lc      ca0,1392(sp)
   0x000000005256b2a2 <+4158>:  lc      ca1,0(a0)
   0x000000005256b2a6 <+4162>:  auipc   a2,0x632
   0x000000005256b2aa <+4166>:  lc      ca2,-1958(a2) # 0x52b9cb00 <_CHERI_CAPABILITY_TABLE_+180672>
   0x000000005256b2ae <+4170>:  lc      ca0,1264(sp)
   0x000000005256b2b2 <+4174>:  sc      ca2,560(sp)
   0x000000005256b2b6 <+4178>:  cmove   ca2,cnull
   0x000000005256b2ba <+4182>:  cmove   ca3,cnull
   0x000000005256b2be <+4186>:  cmove   ca4,cnull
   0x000000005256b2c2 <+4190>:  lc      ca5,560(sp)
   0x000000005256b2c6 <+4194>:  cjalr   cra,ca5
   0x000000005256b2ca <+4198>:  auipc   a1,0x632
   0x000000005256b2ce <+4202>:  lc      ca1,1046(a1) # 0x52b9d6e0 <_CHERI_CAPABILITY_TABLE_+183712>
   0x000000005256b2d2 <+4206>:  lc      ca2,608(sp)
   0x000000005256b2d6 <+4210>:  sc      ca0,544(sp)
   0x000000005256b2da <+4214>:  cmove   ca0,ca2
   0x000000005256b2de <+4218>:  ld      a3,600(sp)
   0x000000005256b2e2 <+4222>:  sc      ca1,528(sp)
   0x000000005256b2e6 <+4226>:  mv      a1,a3
   0x000000005256b2e8 <+4228>:  lc      ca2,1840(sp)
   0x000000005256b2ec <+4232>:  lc      ca3,544(sp)
   0x000000005256b2f0 <+4236>:  lc      ca4,528(sp)
   0x000000005256b2f4 <+4240>:  cjalr   cra,ca4
   0x000000005256b2f8 <+4244>:  lc      ca0,1472(sp)
   0x000000005256b2fc <+4248>:  lw      a1,0(a0)
   0x000000005256b300 <+4252>:  lc      ca0,1488(sp)
   0x000000005256b304 <+4256>:  lc      ca2,624(sp)
   0x000000005256b308 <+4260>:  cjalr   cra,ca2
   0x000000005256b30c <+4264>:  cincoffset      ca0,ca0,4
   0x000000005256b310 <+4268>:  auipc   a1,0x62f
   0x000000005256b314 <+4272>:  lc      ca1,-1344(a1) # 0x52b99dd0 <_CHERI_CAPABILITY_TABLE_+169104>
   0x000000005256b318 <+4276>:  li      a2,0
   0x000000005256b31a <+4278>:  sc      ca1,512(sp)
   0x000000005256b31e <+4282>:  mv      a1,a2
   0x000000005256b320 <+4284>:  lc      ca3,512(sp)
   0x000000005256b324 <+4288>:  sd      a2,504(sp)
   0x000000005256b328 <+4292>:  cjalr   cra,ca3
   0x000000005256b32c <+4296>:  ld      a1,504(sp)
   0x000000005256b330 <+4300>:  beq     a0,a1,0x5256b3da <QTextEngine::justify(QScriptLine const&)+4470>
   0x000000005256b334 <+4304>:  j       0x5256b338 <QTextEngine::justify(QScriptLine const&)+4308>
   0x000000005256b338 <+4308>:  lc      ca0,1472(sp)
   0x000000005256b33c <+4312>:  lw      a1,0(a0)
   0x000000005256b340 <+4316>:  auipc   a2,0x632
   0x000000005256b344 <+4320>:  lc      ca2,912(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b348 <+4324>:  lc      ca0,1488(sp)
   0x000000005256b34c <+4328>:  sc      ca2,480(sp)
   0x000000005256b350 <+4332>:  cjalr   cra,ca2
   0x000000005256b354 <+4336>:  cincoffset      ca1,ca0,4
   0x000000005256b358 <+4340>:  auipc   a0,0x62d
   0x000000005256b35c <+4344>:  lc      ca0,1640(a0) # 0x52b989c0 <_CHERI_CAPABILITY_TABLE_+163968>
   0x000000005256b360 <+4348>:  lc      ca2,1456(sp)
   0x000000005256b364 <+4352>:  sc      ca0,464(sp)
   0x000000005256b368 <+4356>:  cmove   ca0,ca2
   0x000000005256b36c <+4360>:  lc      ca3,464(sp)
   0x000000005256b370 <+4364>:  cjalr   cra,ca3
   0x000000005256b374 <+4368>:  lw      a0,0(a0)
   0x000000005256b378 <+4372>:  lc      ca1,1456(sp)
   0x000000005256b37c <+4376>:  sw      a0,0(a1)
   0x000000005256b380 <+4380>:  lc      ca0,1472(sp)
   0x000000005256b384 <+4384>:  lw      a1,0(a0)
   0x000000005256b388 <+4388>:  lc      ca0,1488(sp)
   0x000000005256b38c <+4392>:  lc      ca2,480(sp)
   0x000000005256b390 <+4396>:  cjalr   cra,ca2
   0x000000005256b394 <+4400>:  auipc   a1,0x606
   0x000000005256b398 <+4404>:  lc      ca1,1132(a1) # 0x52b71800 <_CHERI_CAPABILITY_TABLE_+3776>
   0x000000005256b39c <+4408>:  lc      ca2,1584(sp)
   0x000000005256b3a0 <+4412>:  sc      ca0,448(sp)
   0x000000005256b3a4 <+4416>:  cmove   ca0,ca2
   0x000000005256b3a8 <+4420>:  lc      ca3,448(sp)
   0x000000005256b3ac <+4424>:  sc      ca1,432(sp)
   0x000000005256b3b0 <+4428>:  cmove   ca1,ca3
   0x000000005256b3b4 <+4432>:  lc      ca4,432(sp)
   0x000000005256b3b8 <+4436>:  cjalr   cra,ca4
   0x000000005256b3bc <+4440>:  lw      a0,0(a0)
   0x000000005256b3c0 <+4444>:  lc      ca1,1584(sp)
   0x000000005256b3c4 <+4448>:  sw      a0,0(a1)
   0x000000005256b3c8 <+4452>:  lc      ca0,1472(sp)
   0x000000005256b3cc <+4456>:  lw      a2,0(a0)
   0x000000005256b3d0 <+4460>:  addi    a2,a2,1
   0x000000005256b3d2 <+4462>:  sw      a2,0(a0)
   0x000000005256b3d6 <+4466>:  j       0x5256b3da <QTextEngine::justify(QScriptLine const&)+4470>
   0x000000005256b3da <+4470>:  j       0x5256b3de <QTextEngine::justify(QScriptLine const&)+4474>
   0x000000005256b3de <+4474>:  j       0x5256b3e2 <QTextEngine::justify(QScriptLine const&)+4478>
   0x000000005256b3e2 <+4478>:  lc      ca0,1408(sp)
   0x000000005256b3e6 <+4482>:  lw      a1,0(a0)
   0x000000005256b3ea <+4486>:  addi    a1,a1,1
   0x000000005256b3ec <+4488>:  sw      a1,0(a0)
   0x000000005256b3f0 <+4492>:  j       0x5256ab9e <QTextEngine::justify(QScriptLine const&)+2362>
   0x000000005256b3f4 <+4496>:  lc      ca0,1648(sp)
   0x000000005256b3f8 <+4500>:  lc      ca1,0(a0)
   0x000000005256b3fc <+4504>:  auipc   a2,0x632
   0x000000005256b400 <+4508>:  lc      ca2,756(a2) # 0x52b9d6f0 <_CHERI_CAPABILITY_TABLE_+183728>
   0x000000005256b404 <+4512>:  lc      ca0,1264(sp)
   0x000000005256b408 <+4516>:  cjalr   cra,ca2
   0x000000005256b40c <+4520>:  lc      ca1,1280(sp)
   0x000000005256b410 <+4524>:  sw      a0,0(a1)
   0x000000005256b414 <+4528>:  lc      ca0,1648(sp)
   0x000000005256b418 <+4532>:  lc      ca2,0(a0)
   0x000000005256b41c <+4536>:  cincoffset      ca0,ca2,20
   0x000000005256b420 <+4540>:  cincoffset      ca1,ca2,24
   0x000000005256b424 <+4544>:  auipc   a2,0x62d
   0x000000005256b428 <+4548>:  lc      ca2,1468(a2) # 0x52b989e0 <_CHERI_CAPABILITY_TABLE_+164000>
   0x000000005256b42c <+4552>:  sc      ca2,416(sp)
   0x000000005256b430 <+4556>:  cjalr   cra,ca2
   0x000000005256b434 <+4560>:  lc      ca1,1808(sp)
   0x000000005256b438 <+4564>:  sw      a0,0(a1)
   0x000000005256b43c <+4568>:  cmove   ca0,ca1
   0x000000005256b440 <+4572>:  lc      ca1,1280(sp)
   0x000000005256b444 <+4576>:  lc      ca2,416(sp)
   0x000000005256b448 <+4580>:  cjalr   cra,ca2
   0x000000005256b44c <+4584>:  lc      ca1,1824(sp)
   0x000000005256b450 <+4588>:  sw      a0,0(a1)
   0x000000005256b454 <+4592>:  auipc   a0,0x632
   0x000000005256b458 <+4596>:  lc      ca0,684(a0) # 0x52b9d700 <_CHERI_CAPABILITY_TABLE_+183744>
   0x000000005256b45c <+4600>:  li      a2,0
   0x000000005256b45e <+4602>:  sc      ca0,400(sp)
   0x000000005256b462 <+4606>:  cmove   ca0,ca1
   0x000000005256b466 <+4610>:  mv      a1,a2
   0x000000005256b468 <+4612>:  lc      ca3,400(sp)
   0x000000005256b46c <+4616>:  sd      a2,392(sp)
   0x000000005256b470 <+4620>:  cjalr   cra,ca3
   0x000000005256b474 <+4624>:  ld      a1,392(sp)
   0x000000005256b478 <+4628>:  beq     a0,a1,0x5256b4a4 <QTextEngine::justify(QScriptLine const&)+4672>
   0x000000005256b47c <+4632>:  j       0x5256b480 <QTextEngine::justify(QScriptLine const&)+4636>
   0x000000005256b480 <+4636>:  lc      ca0,1648(sp)
   0x000000005256b484 <+4640>:  lc      ca1,0(a0)
   0x000000005256b488 <+4644>:  lw      a2,40(a1)
   0x000000005256b48c <+4648>:  lui     a3,0x10000
   0x000000005256b490 <+4652>:  or      a2,a2,a3
   0x000000005256b492 <+4654>:  sw      a2,40(a1)
   0x000000005256b496 <+4658>:  li      a1,1
   0x000000005256b498 <+4660>:  lc      ca2,1792(sp)
   0x000000005256b49c <+4664>:  sw      a1,0(a2)
   0x000000005256b4a0 <+4668>:  j       0x5256ba8e <QTextEngine::justify(QScriptLine const&)+6186>
   0x000000005256b4a4 <+4672>:  lc      ca0,1584(sp)
   0x000000005256b4a8 <+4676>:  lw      a1,0(a0)
   0x000000005256b4ac <+4680>:  li      a2,7
   0x000000005256b4ae <+4682>:  blt     a1,a2,0x5256b730 <QTextEngine::justify(QScriptLine const&)+5324>
   0x000000005256b4b2 <+4686>:  j       0x5256b4b6 <QTextEngine::justify(QScriptLine const&)+4690>
   0x000000005256b4b6 <+4690>:  j       0x5256b4ba <QTextEngine::justify(QScriptLine const&)+4694>
   0x000000005256b4ba <+4694>:  auipc   a0,0x632
   0x000000005256b4be <+4698>:  lc      ca0,598(a0) # 0x52b9d710 <_CHERI_CAPABILITY_TABLE_+183760>
   0x000000005256b4c2 <+4702>:  lc      ca1,1824(sp)
   0x000000005256b4c6 <+4706>:  sc      ca0,368(sp)
   0x000000005256b4ca <+4710>:  cmove   ca0,ca1
   0x000000005256b4ce <+4714>:  lc      ca1,1456(sp)
   0x000000005256b4d2 <+4718>:  lc      ca2,368(sp)
   0x000000005256b4d6 <+4722>:  cjalr   cra,ca2
   0x000000005256b4da <+4726>:  li      a1,0
   0x000000005256b4dc <+4728>:  beq     a0,a1,0x5256b72c <QTextEngine::justify(QScriptLine const&)+5320>
   0x000000005256b4e0 <+4732>:  j       0x5256b4e4 <QTextEngine::justify(QScriptLine const&)+4736>
   0x000000005256b4e4 <+4736>:  lc      ca0,1584(sp)
   0x000000005256b4e8 <+4740>:  lw      a1,0(a0)
   0x000000005256b4ec <+4744>:  lc      ca2,1776(sp)
   0x000000005256b4f0 <+4748>:  sw      a1,0(a2)
   0x000000005256b4f4 <+4752>:  j       0x5256b4f8 <QTextEngine::justify(QScriptLine const&)+4756>
   0x000000005256b4f8 <+4756>:  auipc   a0,0x632
   0x000000005256b4fc <+4760>:  lc      ca0,536(a0) # 0x52b9d710 <_CHERI_CAPABILITY_TABLE_+183760>
   0x000000005256b500 <+4764>:  lc      ca1,1824(sp)
   0x000000005256b504 <+4768>:  sc      ca0,352(sp)
   0x000000005256b508 <+4772>:  cmove   ca0,ca1
   0x000000005256b50c <+4776>:  lc      ca1,1456(sp)
   0x000000005256b510 <+4780>:  lc      ca2,352(sp)
   0x000000005256b514 <+4784>:  cjalr   cra,ca2
   0x000000005256b518 <+4788>:  li      a1,0
   0x000000005256b51a <+4790>:  mv      a2,a1
   0x000000005256b51c <+4792>:  sd      a2,344(sp)
   0x000000005256b520 <+4796>:  beq     a0,a1,0x5256b53e <QTextEngine::justify(QScriptLine const&)+4826>
   0x000000005256b524 <+4800>:  j       0x5256b528 <QTextEngine::justify(QScriptLine const&)+4804>
   0x000000005256b528 <+4804>:  lc      ca0,1776(sp)
   0x000000005256b52c <+4808>:  lw      a1,0(a0)
   0x000000005256b530 <+4812>:  li      a2,6
   0x000000005256b532 <+4814>:  slt     a1,a2,a1
   0x000000005256b536 <+4818>:  sd      a1,344(sp)
   0x000000005256b53a <+4822>:  j       0x5256b53e <QTextEngine::justify(QScriptLine const&)+4826>
   0x000000005256b53e <+4826>:  ld      a0,344(sp)
   0x000000005256b542 <+4830>:  andi    a0,a0,1
   0x000000005256b544 <+4832>:  li      a1,0
   0x000000005256b546 <+4834>:  beq     a0,a1,0x5256b728 <QTextEngine::justify(QScriptLine const&)+5316>
   0x000000005256b54a <+4838>:  j       0x5256b54e <QTextEngine::justify(QScriptLine const&)+4842>
   0x000000005256b54e <+4842>:  li      a0,0
   0x000000005256b550 <+4844>:  lc      ca1,1760(sp)
   0x000000005256b554 <+4848>:  sw      a0,0(a1)
   0x000000005256b558 <+4852>:  j       0x5256b55c <QTextEngine::justify(QScriptLine const&)+4856>
   0x000000005256b55c <+4856>:  auipc   a0,0x632
   0x000000005256b560 <+4860>:  lc      ca0,436(a0) # 0x52b9d710 <_CHERI_CAPABILITY_TABLE_+183760>
   0x000000005256b564 <+4864>:  lc      ca1,1824(sp)
   0x000000005256b568 <+4868>:  sc      ca0,320(sp)
   0x000000005256b56c <+4872>:  cmove   ca0,ca1
   0x000000005256b570 <+4876>:  lc      ca1,1456(sp)
   0x000000005256b574 <+4880>:  lc      ca2,320(sp)
   0x000000005256b578 <+4884>:  cjalr   cra,ca2
   0x000000005256b57c <+4888>:  li      a1,0
   0x000000005256b57e <+4890>:  mv      a2,a1
   0x000000005256b580 <+4892>:  sd      a2,312(sp)
   0x000000005256b584 <+4896>:  beq     a0,a1,0x5256b5a8 <QTextEngine::justify(QScriptLine const&)+4932>
   0x000000005256b588 <+4900>:  j       0x5256b58c <QTextEngine::justify(QScriptLine const&)+4904>
   0x000000005256b58c <+4904>:  lc      ca0,1760(sp)
   0x000000005256b590 <+4908>:  lw      a1,0(a0)
   0x000000005256b594 <+4912>:  lc      ca2,1472(sp)
   0x000000005256b598 <+4916>:  lw      a3,0(a2)
   0x000000005256b59c <+4920>:  slt     a1,a1,a3
   0x000000005256b5a0 <+4924>:  sd      a1,312(sp)
   0x000000005256b5a4 <+4928>:  j       0x5256b5a8 <QTextEngine::justify(QScriptLine const&)+4932>
   0x000000005256b5a8 <+4932>:  ld      a0,312(sp)
   0x000000005256b5ac <+4936>:  andi    a0,a0,1
   0x000000005256b5ae <+4938>:  li      a1,0
   0x000000005256b5b0 <+4940>:  beq     a0,a1,0x5256b712 <QTextEngine::justify(QScriptLine const&)+5294>
   0x000000005256b5b4 <+4944>:  j       0x5256b5b8 <QTextEngine::justify(QScriptLine const&)+4948>
   0x000000005256b5b8 <+4948>:  lc      ca0,1760(sp)
   0x000000005256b5bc <+4952>:  lw      a1,0(a0)
   0x000000005256b5c0 <+4956>:  auipc   a2,0x632
   0x000000005256b5c4 <+4960>:  lc      ca2,272(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b5c8 <+4964>:  lc      ca0,1488(sp)
   0x000000005256b5cc <+4968>:  cjalr   cra,ca2
   0x000000005256b5d0 <+4972>:  lw      a0,0(a0)
   0x000000005256b5d4 <+4976>:  lc      ca1,1776(sp)
   0x000000005256b5d8 <+4980>:  lw      a2,0(a1)
   0x000000005256b5dc <+4984>:  bne     a0,a2,0x5256b6fc <QTextEngine::justify(QScriptLine const&)+5272>
   0x000000005256b5e0 <+4988>:  j       0x5256b5e4 <QTextEngine::justify(QScriptLine const&)+4992>
   0x000000005256b5e4 <+4992>:  lc      ca0,1760(sp)
   0x000000005256b5e8 <+4996>:  lw      a1,0(a0)
   0x000000005256b5ec <+5000>:  auipc   a2,0x632
   0x000000005256b5f0 <+5004>:  lc      ca2,228(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b5f4 <+5008>:  lc      ca0,1488(sp)
   0x000000005256b5f8 <+5012>:  cjalr   cra,ca2
   0x000000005256b5fc <+5016>:  cincoffset      ca0,ca0,4
   0x000000005256b600 <+5020>:  auipc   a1,0x632
   0x000000005256b604 <+5024>:  lc      ca1,288(a1) # 0x52b9d720 <_CHERI_CAPABILITY_TABLE_+183776>
   0x000000005256b608 <+5028>:  lc      ca2,1824(sp)
   0x000000005256b60c <+5032>:  sc      ca1,288(sp)
   0x000000005256b610 <+5036>:  cmove   ca1,ca2
   0x000000005256b614 <+5040>:  lc      ca3,288(sp)
   0x000000005256b618 <+5044>:  cjalr   cra,ca3
   0x000000005256b61c <+5048>:  li      a1,0
   0x000000005256b61e <+5050>:  beq     a0,a1,0x5256b6fc <QTextEngine::justify(QScriptLine const&)+5272>
   0x000000005256b622 <+5054>:  j       0x5256b626 <QTextEngine::justify(QScriptLine const&)+5058>
   0x000000005256b626 <+5058>:  lc      ca0,1760(sp)
   0x000000005256b62a <+5062>:  lw      a1,0(a0)
   0x000000005256b62e <+5066>:  auipc   a2,0x632
   0x000000005256b632 <+5070>:  lc      ca2,162(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b636 <+5074>:  lc      ca0,1488(sp)
   0x000000005256b63a <+5078>:  sc      ca2,272(sp)
   0x000000005256b63e <+5082>:  cjalr   cra,ca2
   0x000000005256b642 <+5086>:  lc      ca0,64(a0)
   0x000000005256b646 <+5090>:  lwu     a1,0(a0)
   0x000000005256b64a <+5094>:  srli    a2,a1,0x2
   0x000000005256b64e <+5098>:  addi    a2,a2,1
   0x000000005256b650 <+5100>:  andi    a2,a2,63
   0x000000005256b654 <+5104>:  slli    a2,a2,0x2
   0x000000005256b656 <+5106>:  li      a3,1
   0x000000005256b658 <+5108>:  slli    a3,a3,0x20
   0x000000005256b65a <+5110>:  addi    a3,a3,-253 # 0xfffff03
   0x000000005256b65e <+5114>:  and     a1,a1,a3
   0x000000005256b660 <+5116>:  or      a1,a1,a2
   0x000000005256b662 <+5118>:  sw      a1,0(a0)
   0x000000005256b666 <+5122>:  lc      ca0,1760(sp)
   0x000000005256b66a <+5126>:  lw      a1,0(a0)
   0x000000005256b66e <+5130>:  lc      ca0,1488(sp)
   0x000000005256b672 <+5134>:  lc      ca2,272(sp)
   0x000000005256b676 <+5138>:  cjalr   cra,ca2
   0x000000005256b67a <+5142>:  cincoffset      ca0,ca0,4
   0x000000005256b67e <+5146>:  auipc   a1,0x62c
   0x000000005256b682 <+5150>:  lc      ca1,-1022(a1) # 0x52b97280 <_CHERI_CAPABILITY_TABLE_+158016>
   0x000000005256b686 <+5154>:  cjalr   cra,ca1
   0x000000005256b68a <+5158>:  lc      ca1,1760(sp)
   0x000000005256b68e <+5162>:  lw      a1,0(a1)
   0x000000005256b692 <+5166>:  lc      ca2,1488(sp)
   0x000000005256b696 <+5170>:  sd      a0,264(sp)
   0x000000005256b69a <+5174>:  cmove   ca0,ca2
   0x000000005256b69e <+5178>:  lc      ca3,272(sp)
   0x000000005256b6a2 <+5182>:  cjalr   cra,ca3
   0x000000005256b6a6 <+5186>:  lc      ca0,64(a0)
   0x000000005256b6aa <+5190>:  lwu     a1,0(a0)
   0x000000005256b6ae <+5194>:  srli    a2,a1,0x8
   0x000000005256b6b2 <+5198>:  ld      a3,264(sp)
   0x000000005256b6b6 <+5202>:  add     a2,a2,a3
   0x000000005256b6b8 <+5204>:  slli    a2,a2,0x8
   0x000000005256b6ba <+5206>:  andi    a1,a1,255
   0x000000005256b6be <+5210>:  or      a1,a1,a2
   0x000000005256b6c0 <+5212>:  sw      a1,0(a0)
   0x000000005256b6c4 <+5216>:  lc      ca0,1760(sp)
   0x000000005256b6c8 <+5220>:  lw      a1,0(a0)
   0x000000005256b6cc <+5224>:  lc      ca0,1488(sp)
   0x000000005256b6d0 <+5228>:  lc      ca2,272(sp)
   0x000000005256b6d4 <+5232>:  cjalr   cra,ca2
   0x000000005256b6d8 <+5236>:  cincoffset      ca1,ca0,4
   0x000000005256b6dc <+5240>:  auipc   a0,0x62d
   0x000000005256b6e0 <+5244>:  lc      ca0,388(a0) # 0x52b98860 <_CHERI_CAPABILITY_TABLE_+163616>
   0x000000005256b6e4 <+5248>:  lc      ca2,1824(sp)
   0x000000005256b6e8 <+5252>:  sc      ca0,240(sp)
   0x000000005256b6ec <+5256>:  cmove   ca0,ca2
   0x000000005256b6f0 <+5260>:  lc      ca3,240(sp)
   0x000000005256b6f4 <+5264>:  cjalr   cra,ca3
   0x000000005256b6f8 <+5268>:  j       0x5256b6fc <QTextEngine::justify(QScriptLine const&)+5272>
   0x000000005256b6fc <+5272>:  j       0x5256b700 <QTextEngine::justify(QScriptLine const&)+5276>
   0x000000005256b700 <+5276>:  lc      ca0,1760(sp)
   0x000000005256b704 <+5280>:  lw      a1,0(a0)
   0x000000005256b708 <+5284>:  addi    a1,a1,1
   0x000000005256b70a <+5286>:  sw      a1,0(a0)
   0x000000005256b70e <+5290>:  j       0x5256b55c <QTextEngine::justify(QScriptLine const&)+4856>
   0x000000005256b712 <+5294>:  j       0x5256b716 <QTextEngine::justify(QScriptLine const&)+5298>
   0x000000005256b716 <+5298>:  lc      ca0,1776(sp)
   0x000000005256b71a <+5302>:  lw      a1,0(a0)
   0x000000005256b71e <+5306>:  addi    a1,a1,-1
   0x000000005256b720 <+5308>:  sw      a1,0(a0)
   0x000000005256b724 <+5312>:  j       0x5256b4f8 <QTextEngine::justify(QScriptLine const&)+4756>
   0x000000005256b728 <+5316>:  j       0x5256b4ba <QTextEngine::justify(QScriptLine const&)+4694>
   0x000000005256b72c <+5320>:  j       0x5256b730 <QTextEngine::justify(QScriptLine const&)+5324>
   0x000000005256b730 <+5324>:  auipc   a0,0x632
   0x000000005256b734 <+5328>:  lc      ca0,0(a0) # 0x52b9d730 <_CHERI_CAPABILITY_TABLE_+183792>
   0x000000005256b738 <+5332>:  li      a1,0
   0x000000005256b73a <+5334>:  lc      ca2,1824(sp)
   0x000000005256b73e <+5338>:  sc      ca0,224(sp)
   0x000000005256b742 <+5342>:  cmove   ca0,ca2
   0x000000005256b746 <+5346>:  sd      a1,216(sp)
   0x000000005256b74a <+5350>:  lc      ca3,224(sp)
   0x000000005256b74e <+5354>:  cjalr   cra,ca3
   0x000000005256b752 <+5358>:  ld      a1,216(sp)
   0x000000005256b756 <+5362>:  beq     a0,a1,0x5256b762 <QTextEngine::justify(QScriptLine const&)+5374>
   0x000000005256b75a <+5366>:  j       0x5256b75e <QTextEngine::justify(QScriptLine const&)+5370>
   0x000000005256b75e <+5370>:  j       0x5256b78e <QTextEngine::justify(QScriptLine const&)+5418>
   0x000000005256b762 <+5374>:  auipc   a0,0x632
   0x000000005256b766 <+5378>:  lc      ca0,-34(a0) # 0x52b9d740 <_CHERI_CAPABILITY_TABLE_+183808>
   0x000000005256b76a <+5382>:  auipc   a1,0x631
   0x000000005256b76e <+5386>:  lc      ca1,374(a1) # 0x52b9c8e0 <_CHERI_CAPABILITY_TABLE_+180128>
   0x000000005256b772 <+5390>:  auipc   a2,0x605
   0x000000005256b776 <+5394>:  lc      ca2,1182(a2) # 0x52b70c10 <_CHERI_CAPABILITY_TABLE_+720>
   0x000000005256b77a <+5398>:  lui     a3,0x1
   0x000000005256b77c <+5400>:  addiw   a3,a3,-1713
   0x000000005256b780 <+5404>:  sc      ca2,192(sp)
   0x000000005256b784 <+5408>:  mv      a2,a3
   0x000000005256b786 <+5410>:  lc      ca3,192(sp)
   0x000000005256b78a <+5414>:  cjalr   cra,ca3
   0x000000005256b78e <+5418>:  auipc   a0,0x62d
   0x000000005256b792 <+5422>:  lc      ca0,498(a0) # 0x52b98980 <_CHERI_CAPABILITY_TABLE_+163904>
   0x000000005256b796 <+5426>:  lc      ca1,1824(sp)
   0x000000005256b79a <+5430>:  sc      ca0,176(sp)
   0x000000005256b79e <+5434>:  cmove   ca0,ca1
   0x000000005256b7a2 <+5438>:  lc      ca2,176(sp)
   0x000000005256b7a6 <+5442>:  cjalr   cra,ca2
   0x000000005256b7aa <+5446>:  li      a1,0
   0x000000005256b7ac <+5448>:  beq     a0,a1,0x5256b7b8 <QTextEngine::justify(QScriptLine const&)+5460>
   0x000000005256b7b0 <+5452>:  j       0x5256b7b4 <QTextEngine::justify(QScriptLine const&)+5456>
   0x000000005256b7b4 <+5456>:  j       0x5256ba6a <QTextEngine::justify(QScriptLine const&)+6150>
   0x000000005256b7b8 <+5460>:  li      a0,4
   0x000000005256b7ba <+5462>:  lc      ca1,1744(sp)
   0x000000005256b7be <+5466>:  sw      a0,0(a1)
   0x000000005256b7c2 <+5470>:  auipc   a0,0x606
   0x000000005256b7c6 <+5474>:  lc      ca0,30(a0) # 0x52b717e0 <_CHERI_CAPABILITY_TABLE_+3744>
   0x000000005256b7ca <+5478>:  lc      ca2,1584(sp)
   0x000000005256b7ce <+5482>:  sc      ca0,160(sp)
   0x000000005256b7d2 <+5486>:  cmove   ca0,ca2
   0x000000005256b7d6 <+5490>:  lc      ca3,160(sp)
   0x000000005256b7da <+5494>:  cjalr   cra,ca3
   0x000000005256b7de <+5498>:  lw      a0,0(a0)
   0x000000005256b7e2 <+5502>:  lc      ca1,1584(sp)
   0x000000005256b7e6 <+5506>:  sw      a0,0(a1)
   0x000000005256b7ea <+5510>:  lw      a0,0(a1)
   0x000000005256b7ee <+5514>:  lc      ca2,1728(sp)
   0x000000005256b7f2 <+5518>:  sw      a0,0(a2)
   0x000000005256b7f6 <+5522>:  j       0x5256b7fa <QTextEngine::justify(QScriptLine const&)+5526>
   0x000000005256b7fa <+5526>:  auipc   a0,0x62d
   0x000000005256b7fe <+5530>:  lc      ca0,838(a0) # 0x52b98b40 <_CHERI_CAPABILITY_TABLE_+164352>
   0x000000005256b802 <+5534>:  li      a1,0
   0x000000005256b804 <+5536>:  lc      ca2,1824(sp)
   0x000000005256b808 <+5540>:  sc      ca0,144(sp)
   0x000000005256b80c <+5544>:  cmove   ca0,ca2
   0x000000005256b810 <+5548>:  sd      a1,136(sp)
   0x000000005256b814 <+5552>:  lc      ca3,144(sp)
   0x000000005256b818 <+5556>:  cjalr   cra,ca3
   0x000000005256b81c <+5560>:  ld      a1,136(sp)
   0x000000005256b820 <+5564>:  ld      a2,136(sp)
   0x000000005256b824 <+5568>:  sd      a1,128(sp)
   0x000000005256b828 <+5572>:  beq     a0,a2,0x5256b846 <QTextEngine::justify(QScriptLine const&)+5602>
   0x000000005256b82c <+5576>:  j       0x5256b830 <QTextEngine::justify(QScriptLine const&)+5580>
   0x000000005256b830 <+5580>:  lc      ca0,1728(sp)
   0x000000005256b834 <+5584>:  lw      a1,0(a0)
   0x000000005256b838 <+5588>:  li      a2,0
   0x000000005256b83a <+5590>:  slt     a1,a2,a1
   0x000000005256b83e <+5594>:  sd      a1,128(sp)
   0x000000005256b842 <+5598>:  j       0x5256b846 <QTextEngine::justify(QScriptLine const&)+5602>
   0x000000005256b846 <+5602>:  ld      a0,128(sp)
   0x000000005256b84a <+5606>:  andi    a0,a0,1
   0x000000005256b84c <+5608>:  li      a1,0
   0x000000005256b84e <+5610>:  beq     a0,a1,0x5256ba66 <QTextEngine::justify(QScriptLine const&)+6146>
   0x000000005256b852 <+5614>:  j       0x5256b856 <QTextEngine::justify(QScriptLine const&)+5618>
   0x000000005256b856 <+5618>:  li      a0,0
   0x000000005256b858 <+5620>:  lc      ca1,1712(sp)
   0x000000005256b85c <+5624>:  sw      a0,0(a1)
   0x000000005256b860 <+5628>:  lc      ca2,1696(sp)
   0x000000005256b864 <+5632>:  sw      a0,0(a2)
   0x000000005256b868 <+5636>:  j       0x5256b86c <QTextEngine::justify(QScriptLine const&)+5640>
   0x000000005256b86c <+5640>:  lc      ca0,1696(sp)
   0x000000005256b870 <+5644>:  lw      a1,0(a0)
   0x000000005256b874 <+5648>:  lc      ca2,1472(sp)
   0x000000005256b878 <+5652>:  lw      a3,0(a2)
   0x000000005256b87c <+5656>:  bge     a1,a3,0x5256b8d8 <QTextEngine::justify(QScriptLine const&)+5748>
   0x000000005256b880 <+5660>:  j       0x5256b884 <QTextEngine::justify(QScriptLine const&)+5664>
   0x000000005256b884 <+5664>:  lc      ca0,1696(sp)
   0x000000005256b888 <+5668>:  lw      a1,0(a0)
   0x000000005256b88c <+5672>:  auipc   a2,0x632
   0x000000005256b890 <+5676>:  lc      ca2,-444(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b894 <+5680>:  lc      ca0,1488(sp)
   0x000000005256b898 <+5684>:  cjalr   cra,ca2
   0x000000005256b89c <+5688>:  lw      a0,0(a0)
   0x000000005256b8a0 <+5692>:  lc      ca1,1728(sp)
   0x000000005256b8a4 <+5696>:  lw      a2,0(a1)
   0x000000005256b8a8 <+5700>:  bne     a0,a2,0x5256b8c2 <QTextEngine::justify(QScriptLine const&)+5726>
   0x000000005256b8ac <+5704>:  j       0x5256b8b0 <QTextEngine::justify(QScriptLine const&)+5708>
   0x000000005256b8b0 <+5708>:  lc      ca0,1712(sp)
   0x000000005256b8b4 <+5712>:  lw      a1,0(a0)
   0x000000005256b8b8 <+5716>:  addi    a1,a1,1
   0x000000005256b8ba <+5718>:  sw      a1,0(a0)
   0x000000005256b8be <+5722>:  j       0x5256b8c2 <QTextEngine::justify(QScriptLine const&)+5726>
   0x000000005256b8c2 <+5726>:  j       0x5256b8c6 <QTextEngine::justify(QScriptLine const&)+5730>
   0x000000005256b8c6 <+5730>:  lc      ca0,1696(sp)
   0x000000005256b8ca <+5734>:  lw      a1,0(a0)
   0x000000005256b8ce <+5738>:  addi    a1,a1,1
   0x000000005256b8d0 <+5740>:  sw      a1,0(a0)
   0x000000005256b8d4 <+5744>:  j       0x5256b86c <QTextEngine::justify(QScriptLine const&)+5640>
   0x000000005256b8d8 <+5748>:  lc      ca0,1712(sp)
   0x000000005256b8dc <+5752>:  lw      a1,0(a0)
   0x000000005256b8e0 <+5756>:  li      a2,0
   0x000000005256b8e2 <+5758>:  bne     a1,a2,0x5256b8ee <QTextEngine::justify(QScriptLine const&)+5770>
   0x000000005256b8e6 <+5762>:  j       0x5256b8ea <QTextEngine::justify(QScriptLine const&)+5766>
   0x000000005256b8ea <+5766>:  j       0x5256ba54 <QTextEngine::justify(QScriptLine const&)+6128>
   0x000000005256b8ee <+5770>:  li      a0,0
   0x000000005256b8f0 <+5772>:  lc      ca1,1680(sp)
   0x000000005256b8f4 <+5776>:  sw      a0,0(a1)
   0x000000005256b8f8 <+5780>:  j       0x5256b8fc <QTextEngine::justify(QScriptLine const&)+5784>
   0x000000005256b8fc <+5784>:  lc      ca0,1680(sp)
   0x000000005256b900 <+5788>:  lw      a1,0(a0)
   0x000000005256b904 <+5792>:  lc      ca2,1472(sp)
   0x000000005256b908 <+5796>:  lw      a3,0(a2)
   0x000000005256b90c <+5800>:  bge     a1,a3,0x5256b9fa <QTextEngine::justify(QScriptLine const&)+6038>
   0x000000005256b910 <+5804>:  j       0x5256b914 <QTextEngine::justify(QScriptLine const&)+5808>
   0x000000005256b914 <+5808>:  lc      ca0,1680(sp)
   0x000000005256b918 <+5812>:  lw      a1,0(a0)
   0x000000005256b91c <+5816>:  auipc   a2,0x632
   0x000000005256b920 <+5820>:  lc      ca2,-588(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b924 <+5824>:  lc      ca0,1488(sp)
   0x000000005256b928 <+5828>:  cjalr   cra,ca2
   0x000000005256b92c <+5832>:  lw      a0,0(a0)
   0x000000005256b930 <+5836>:  lc      ca1,1728(sp)
   0x000000005256b934 <+5840>:  lw      a2,0(a1)
   0x000000005256b938 <+5844>:  bne     a0,a2,0x5256b9e4 <QTextEngine::justify(QScriptLine const&)+6016>
   0x000000005256b93c <+5848>:  j       0x5256b940 <QTextEngine::justify(QScriptLine const&)+5852>
   0x000000005256b940 <+5852>:  lc      ca0,1712(sp)
   0x000000005256b944 <+5856>:  lw      a1,0(a0)
   0x000000005256b948 <+5860>:  auipc   a2,0x62d
   0x000000005256b94c <+5864>:  lc      ca2,-840(a2) # 0x52b98600 <_CHERI_CAPABILITY_TABLE_+163008>
   0x000000005256b950 <+5868>:  lc      ca0,1824(sp)
   0x000000005256b954 <+5872>:  cjalr   cra,ca2
   0x000000005256b958 <+5876>:  lc      ca1,1664(sp)
   0x000000005256b95c <+5880>:  sw      a0,0(a1)
   0x000000005256b960 <+5884>:  auipc   a0,0x62c
   0x000000005256b964 <+5888>:  lc      ca0,-1760(a0) # 0x52b97280 <_CHERI_CAPABILITY_TABLE_+158016>
   0x000000005256b968 <+5892>:  sc      ca0,112(sp)
   0x000000005256b96c <+5896>:  cmove   ca0,ca1
   0x000000005256b970 <+5900>:  lc      ca2,112(sp)
   0x000000005256b974 <+5904>:  cjalr   cra,ca2
   0x000000005256b978 <+5908>:  lc      ca1,1680(sp)
   0x000000005256b97c <+5912>:  lw      a1,0(a1)
   0x000000005256b980 <+5916>:  auipc   a2,0x632
   0x000000005256b984 <+5920>:  lc      ca2,-688(a2) # 0x52b9d6d0 <_CHERI_CAPABILITY_TABLE_+183696>
   0x000000005256b988 <+5924>:  lc      ca3,1488(sp)
   0x000000005256b98c <+5928>:  sd      a0,104(sp)
   0x000000005256b990 <+5932>:  cmove   ca0,ca3
   0x000000005256b994 <+5936>:  cjalr   cra,ca2
   0x000000005256b998 <+5940>:  lc      ca0,64(a0)
   0x000000005256b99c <+5944>:  lwu     a1,0(a0)
   0x000000005256b9a0 <+5948>:  ld      a2,104(sp)
   0x000000005256b9a4 <+5952>:  slli    a3,a2,0x8
   0x000000005256b9a8 <+5956>:  andi    a1,a1,255
   0x000000005256b9ac <+5960>:  or      a1,a1,a3
   0x000000005256b9ae <+5962>:  sw      a1,0(a0)
   0x000000005256b9b2 <+5966>:  auipc   a0,0x62d
   0x000000005256b9b6 <+5970>:  lc      ca0,-338(a0) # 0x52b98860 <_CHERI_CAPABILITY_TABLE_+163616>
   0x000000005256b9ba <+5974>:  lc      ca1,1824(sp)
   0x000000005256b9be <+5978>:  sc      ca0,80(sp)
   0x000000005256b9c2 <+5982>:  cmove   ca0,ca1
   0x000000005256b9c6 <+5986>:  lc      ca1,1664(sp)
   0x000000005256b9ca <+5990>:  lc      ca3,80(sp)
   0x000000005256b9ce <+5994>:  cjalr   cra,ca3
   0x000000005256b9d2 <+5998>:  lc      ca1,1712(sp)
   0x000000005256b9d6 <+6002>:  lw      a2,0(a1)
   0x000000005256b9da <+6006>:  addi    a2,a2,-1
   0x000000005256b9dc <+6008>:  sw      a2,0(a1)
   0x000000005256b9e0 <+6012>:  j       0x5256b9e4 <QTextEngine::justify(QScriptLine const&)+6016>
   0x000000005256b9e4 <+6016>:  j       0x5256b9e8 <QTextEngine::justify(QScriptLine const&)+6020>
   0x000000005256b9e8 <+6020>:  lc      ca0,1680(sp)
   0x000000005256b9ec <+6024>:  lw      a1,0(a0)
   0x000000005256b9f0 <+6028>:  addi    a1,a1,1
   0x000000005256b9f2 <+6030>:  sw      a1,0(a0)
   0x000000005256b9f6 <+6034>:  j       0x5256b8fc <QTextEngine::justify(QScriptLine const&)+5784>
   0x000000005256b9fa <+6038>:  auipc   a0,0x62d
   0x000000005256b9fe <+6042>:  lc      ca0,-122(a0) # 0x52b98980 <_CHERI_CAPABILITY_TABLE_+163904>
   0x000000005256ba02 <+6046>:  lc      ca1,1824(sp)
   0x000000005256ba06 <+6050>:  sc      ca0,64(sp)
   0x000000005256ba0a <+6054>:  cmove   ca0,ca1
   0x000000005256ba0e <+6058>:  lc      ca2,64(sp)
   0x000000005256ba12 <+6062>:  cjalr   cra,ca2
   0x000000005256ba16 <+6066>:  li      a1,0
   0x000000005256ba18 <+6068>:  beq     a0,a1,0x5256ba24 <QTextEngine::justify(QScriptLine const&)+6080>
   0x000000005256ba1c <+6072>:  j       0x5256ba20 <QTextEngine::justify(QScriptLine const&)+6076>
   0x000000005256ba20 <+6076>:  j       0x5256ba50 <QTextEngine::justify(QScriptLine const&)+6124>
   0x000000005256ba24 <+6080>:  auipc   a0,0x632
   0x000000005256ba28 <+6084>:  lc      ca0,-724(a0) # 0x52b9d750 <_CHERI_CAPABILITY_TABLE_+183824>
   0x000000005256ba2c <+6088>:  auipc   a1,0x631
   0x000000005256ba30 <+6092>:  lc      ca1,-332(a1) # 0x52b9c8e0 <_CHERI_CAPABILITY_TABLE_+180128>
   0x000000005256ba34 <+6096>:  auipc   a2,0x605
   0x000000005256ba38 <+6100>:  lc      ca2,476(a2) # 0x52b70c10 <_CHERI_CAPABILITY_TABLE_+720>
   0x000000005256ba3c <+6104>:  lui     a3,0x1
   0x000000005256ba3e <+6106>:  addiw   a3,a3,-1686
   0x000000005256ba42 <+6110>:  sc      ca2,48(sp)
   0x000000005256ba46 <+6114>:  mv      a2,a3
   0x000000005256ba48 <+6116>:  lc      ca3,48(sp)
   0x000000005256ba4c <+6120>:  cjalr   cra,ca3
   0x000000005256ba50 <+6124>:  j       0x5256ba54 <QTextEngine::justify(QScriptLine const&)+6128>
   0x000000005256ba54 <+6128>:  lc      ca0,1728(sp)
   0x000000005256ba58 <+6132>:  lw      a1,0(a0)
   0x000000005256ba5c <+6136>:  addi    a1,a1,-1
   0x000000005256ba5e <+6138>:  sw      a1,0(a0)
   0x000000005256ba62 <+6142>:  j       0x5256b7fa <QTextEngine::justify(QScriptLine const&)+5526>
   0x000000005256ba66 <+6146>:  j       0x5256ba6a <QTextEngine::justify(QScriptLine const&)+6150>
   0x000000005256ba6a <+6150>:  lc      ca0,1648(sp)
   0x000000005256ba6e <+6154>:  lc      ca1,0(a0)
   0x000000005256ba72 <+6158>:  lw      a2,40(a1)
   0x000000005256ba76 <+6162>:  lui     a3,0x10000
   0x000000005256ba7a <+6166>:  or      a2,a2,a3
   0x000000005256ba7c <+6168>:  sw      a2,40(a1)
   0x000000005256ba80 <+6172>:  li      a1,0
   0x000000005256ba82 <+6174>:  lc      ca2,1792(sp)
   0x000000005256ba86 <+6178>:  sw      a1,0(a2)
   0x000000005256ba8a <+6182>:  j       0x5256ba8e <QTextEngine::justify(QScriptLine const&)+6186>
   0x000000005256ba8e <+6186>:  auipc   a0,0x632
   0x000000005256ba92 <+6190>:  lc      ca0,-814(a0) # 0x52b9d760 <_CHERI_CAPABILITY_TABLE_+183840>
   0x000000005256ba96 <+6194>:  lc      ca1,1488(sp)
   0x000000005256ba9a <+6198>:  sc      ca0,32(sp)
   0x000000005256ba9e <+6202>:  cmove   ca0,ca1
   0x000000005256baa2 <+6206>:  lc      ca2,32(sp)
   0x000000005256baa6 <+6210>:  cjalr   cra,ca2
   0x000000005256baaa <+6214>:  lui     a0,0xffff8
   0x000000005256baac <+6216>:  addiw   a0,a0,1088
   0x000000005256bab0 <+6220>:  cincoffset      csp,cs0,a0
   0x000000005256bab4 <+6224>:  lui     a0,0x7
   0x000000005256bab6 <+6226>:  addiw   a0,a0,976
   0x000000005256baba <+6230>:  cincoffset      csp,csp,a0
   0x000000005256babe <+6234>:  lc      cs11,1824(sp)
   0x000000005256bac2 <+6238>:  lc      cs10,1840(sp)
   0x000000005256bac6 <+6242>:  lc      cs9,1856(sp)
   0x000000005256baca <+6246>:  lc      cs8,1872(sp)
   0x000000005256bace <+6250>:  lc      cs7,1888(sp)
   0x000000005256bad2 <+6254>:  lc      cs6,1904(sp)
   0x000000005256bad6 <+6258>:  lc      cs5,1920(sp)
   0x000000005256bada <+6262>:  lc      cs4,1936(sp)
   0x000000005256bade <+6266>:  lc      cs3,1952(sp)
   0x000000005256bae2 <+6270>:  lc      cs2,1968(sp)
   0x000000005256bae6 <+6274>:  lc      cs1,1984(sp)
   0x000000005256baea <+6278>:  lc      cs0,2000(sp)
   0x000000005256baee <+6282>:  lc      cra,2016(sp)
   0x000000005256baf2 <+6286>:  cincoffset      csp,csp,2032
   0x000000005256baf6 <+6290>:  cret
End of assembler dump.

It should be loading from 0x3ebfcfd090, correct value loaded should be 0x54107ba0. Here's the trapframe:


 pid 780 tid 100064 (calculator), uid 0: CHERI fault (type 0x1<length violation>), capidx 15
/usr/local/riscv64-purecap/examples/widgets/widgets/calculator/calculator
 x1/ra:  0x3ebfcf66ac [rwRW,0x3ebfcf66ac-0x3ebfcf66b0] (pid 780)
 x2/sp:  0x3ebfcf5ca0 [rwRW,0x3e7ff00000-0x3ebfd00000] (pid 780)
 x3/gp:  0x0
 x4/tp:  0x4ee8b040 [rwRW,0x4ee8b010-0x4ee8d2a0] (pid 780)
 x5/t0:  0x3ebfcfd75c [rwRW,0x3ebfcfd75c-0x3ebfcfd760] (pid 780)
 x6/t1:  0x3ebfcfd758 [rwRW,0x3ebfcfd758-0x3ebfcfd75c] (pid 780)
 x7/t2:  0x3ebfcfd754 [rwRW,0x3ebfcfd754-0x3ebfcfd758] (pid 780)
 x8/s0:  0x3ebfcfd870 [rwRW,0x3e7ff00000-0x3ebfd00000] (pid 780)
 x9/s1:  0x3ebfcf6700 [rwRW,0x3ebfcf6700-0x3ebfcfd720] (pid 780)
x10/a0:  0x3ebfcf64b0 [rwRW,0x3ebfcf64b0-0x3ebfcf64b4] (pid 780)
x11/a1:  0x3ebfcf64e8 [rwRW,0x3ebfcf64e8-0x3ebfcf64ec] (pid 780)
x12/a2:  0x3ebfcf668c [rwRW,0x3ebfcf668c-0x3ebfcf6690] (pid 780)
x13/a3:  0x53fba2c0 [rwRW,0x53fba2c0-0x53fba400] (pid 780)
x14/a4:  0x3ebfcfd770 [rwRW,0x3ebfcfd770-0x3ebfcfd780] (pid 780)
x15/a5:  0x3ebfcf6280 [rwRW,0x3ebfcf6280-0x3ebfcf6290] (pid 780)
x16/a6:  0x3ebfcfd768 [rwRW,0x3ebfcfd768-0x3ebfcfd76c] (pid 780)
x17/a7:  0x3ebfcfd760 [rwRW,0x3ebfcfd760-0x3ebfcfd764] (pid 780)
x18/s2:  0x3ebfcf66fc [rwRW,0x3ebfcf66fc-0x3ebfcf6700] (pid 780)
x19/s3:  0x3ebfcf66f8 [rwRW,0x3ebfcf66f8-0x3ebfcf66fc] (pid 780)
x20/s4:  0x3ebfcf66f4 [rwRW,0x3ebfcf66f4-0x3ebfcf66f8] (pid 780)
x21/s5:  0x3ebfcf66e0 [rwRW,0x3ebfcf66e0-0x3ebfcf66f0] (pid 780)
x22/s6:  0x3ebfcf66dc [rwRW,0x3ebfcf66dc-0x3ebfcf66e0] (pid 780)
x23/s7:  0x3ebfcf66c0 [rwRW,0x3ebfcf66c0-0x3ebfcf66d0] (pid 780)
x24/s8:  0x3ebfcf66bc [rwRW,0x3ebfcf66bc-0x3ebfcf66c0] (pid 780)
x25/s9:  0x3ebfcf66b8 [rwRW,0x3ebfcf66b8-0x3ebfcf66bc] (pid 780)
x26/s10: 0x3ebfcf66b4 [rwRW,0x3ebfcf66b4-0x3ebfcf66b8] (pid 780)
x27/s11: 0x3ebfcf66b0 [rwRW,0x3ebfcf66b0-0x3ebfcf66b4] (pid 780)
x28/t3:  0x3ebfcfd740 [rwRW,0x3ebfcfd740-0x3ebfcfd750] (pid 780)
x29/t4:  0x3ebfcfd73c [rwRW,0x3ebfcfd73c-0x3ebfcfd740] (pid 780)
x30/t5:  0x3ebfcfd738 [rwRW,0x3ebfcfd738-0x3ebfcfd73c] (pid 780)
x31/t6:  0x3ebfcfd734 [rwRW,0x3ebfcfd734-0x3ebfcfd738] (pid 780)
  sepc:  0x5256a6b4 [rxR,0x52000000-0x52bf0000] (pid 780)
   ddc:  0x0
sstatus: 0x8000000200004020 [rwxRW,0x0-0xffffffffffffffff]
 stval:  0x1e1 [rwxRW,0x0-0xffffffffffffffff]
scause:  0x1c [rwxRW,0x0-0xffffffffffffffff]
arichardson commented 3 years ago

Can you generate a QEMU trace of that function execution? That should show exactly where things are going wrong. You can use the magic nops to turn it on/off in https://github.com/CTSRD-CHERI/cheribsd/blob/ea692111dccf9ba9f0cc520d85489e7cf959672f/sys/riscv/include/cheri.h#L53

pentelbart commented 3 years ago

QEMU (user-mode) Trace starting just before this function is called:

[0:0] Requested user-mode only instruction logging @ 000000004e727a44 
[0:0] 0x000000004e727a44:  0040006f          j               4               # 0x4e727a48
[0:0] 0x000000004e727a48:  f504250f          clc             ca0,-176(cs0)
    Cap Memory Read [0000003effcfd900] = v:1 PESBT:f17d0000065d9964 Cursor:0000003effcfd960
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcfd960 l:0000000000000010
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcfd900/a536900] -> 1
[0:0] 0x000000004e727a4c:  0005258f          clc             ca1,0(ca0)
    Cap Memory Read [0000003effcfd960] = v:1 PESBT:d17d000006df8b24 Cursor:00000000524c4b20
    Write c11/ca1|v:1 s:0 p:0006817d f:0 b:00000000524c4b20 l:0000000000000058
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcfd960/a536960] -> 1
[0:0] 0x000000004e727a50:  005a7617          auipcc          ca2,5926912     # 0x4eccea50
    Write c12/ca2|v:1 s:0 p:00078117 f:1 b:000000004e200000 l:0000000000b14000
             |o:0000000000acea50 t:3ffff
[0:0] 0x000000004e727a54:  6106260f          clc             ca2,1552(ca2)
    Cap Memory Read [000000004eccf060] = v:1 PESBT:f11720000a8bc407 Cursor:000000004e72183c
    Write c12/ca2|v:1 s:0 p:00078117 f:1 b:000000004e200000 l:0000000000b14000
             |o:000000000052183c t:3fffe
    Cap Tag Read [000000004eccf060/a517060] -> 1
[0:0] 0x000000004e727a58:  f804250f          clc             ca0,-128(cs0)
    Cap Memory Read [0000003effcfd930] = v:1 PESBT:d17d00000501a2c4 Cursor:00000000523822c0
    Write c10/ca0|v:1 s:0 p:0006817d f:0 b:00000000523822c0 l:0000000000000140
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcfd930/a536930] -> 1
[0:0] 0x000000004e727a5c:  fec600db          cjalr           cra,ca2
    Write c1/cra|v:1 s:0 p:00078117 f:1 b:000000004e200000 l:0000000000b14000
             |o:0000000000527a60 t:3fffe
[0:0] 0x000000004e72183c:  8101115b          cincoffset      csp,csp,-2032
    Write c2/csp|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd080 t:3ffff
[0:0] 0x000000004e721840:  7e114023          csc             cra,2016(csp)
    Cap Memory Write [0000003effcfd860] = v:1 PESBT:f11720000a8bc407 Cursor:000000004e727a60
    Cap Tag Write [0000003effcfd860/a536860] 1 -> 1
[0:0] 0x000000004e721844:  7c814823          csc             cs0,2000(csp)
    Cap Memory Write [0000003effcfd850] = v:1 PESBT:f17d000003fb1ffd Cursor:0000003effcfd9b0
    Cap Tag Write [0000003effcfd850/a536850] 1 -> 1
[0:0] 0x000000004e721848:  7c914023          csc             cs1,1984(csp)
    Cap Memory Write [0000003effcfd840] = v:1 PESBT:f17d000005c2a70c Cursor:0000003effcfe708
    Cap Tag Write [0000003effcfd840/a536840] 1 -> 1
[0:0] 0x000000004e72184c:  7b214823          csc             cs2,1968(csp)
    Cap Memory Write [0000003effcfd830] = v:1 PESBT:f17d000005c0a704 Cursor:0000003effcfe700
    Cap Tag Write [0000003effcfd830/a536830] 0 -> 1
[0:0] 0x000000004e721850:  7b314023          csc             cs3,1952(csp)
    Cap Memory Write [0000003effcfd820] = v:1 PESBT:f17d000005c1a6f8 Cursor:0000003effcfe6fc
    Cap Tag Write [0000003effcfd820/a536820] 1 -> 1
[0:0] 0x000000004e721854:  79414823          csc             cs4,1936(csp)
    Cap Memory Write [0000003effcfd810] = v:1 PESBT:f17d000005bea6fc Cursor:0000003effcfe6f8
    Cap Tag Write [0000003effcfd810/a536810] 1 -> 1
[0:0] 0x000000004e721858:  79514023          csc             cs5,1920(csp)
    Cap Memory Write [0000003effcfd800] = v:1 PESBT:f17d000005bfa6f0 Cursor:0000003effcfe6f4
    Cap Tag Write [0000003effcfd800/a536800] 1 -> 1
[0:0] 0x000000004e72185c:  77614823          csc             cs6,1904(csp)
    Cap Memory Write [0000003effcfd7f0] = v:1 PESBT:f17d000005bda6e4 Cursor:0000003effcfe6e0
    Cap Tag Write [0000003effcfd7f0/a5367f0] 1 -> 1
[0:0] 0x000000004e721860:  77714023          csc             cs7,1888(csp)
    Cap Memory Write [0000003effcfd7e0] = v:1 PESBT:f17d000005b9a6d4 Cursor:0000003effcfe6d0
    Cap Tag Write [0000003effcfd7e0/a5367e0] 1 -> 1
[0:0] 0x000000004e721864:  75814823          csc             cs8,1872(csp)
    Cap Memory Write [0000003effcfd7d0] = v:1 PESBT:f17d000005b5a6c8 Cursor:0000003effcfe6cc
    Cap Tag Write [0000003effcfd7d0/a5367d0] 1 -> 1
[0:0] 0x000000004e721868:  75914023          csc             cs9,1856(csp)
    Cap Memory Write [0000003effcfd7c0] = v:1 PESBT:f17d000005b2a6cc Cursor:0000003effcfe6c8
    Cap Tag Write [0000003effcfd7c0/a5367c0] 0 -> 1
[0:0] 0x000000004e72186c:  73a14823          csc             cs10,1840(csp)
    Cap Memory Write [0000003effcfd7b0] = v:1 PESBT:f17d000005b3a6c0 Cursor:0000003effcfe6c4
    Cap Tag Write [0000003effcfd7b0/a5367b0] 0 -> 1
[0:0] 0x000000004e721870:  73b14023          csc             cs11,1824(csp)
    Cap Memory Write [0000003effcfd7a0] = v:1 PESBT:f17d000007f99fdb Cursor:0000003effcfdfdf
    Cap Tag Write [0000003effcfd7a0/a5367a0] 1 -> 1
[0:0] 0x000000004e721874:  7f01145b          cincoffset      cs0,csp,2032
    Write c8/cs0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd870 t:3ffff
[0:0] 0x000000004e721878:  00b14823          csc             ca1,16(csp)
    Cap Memory Write [0000003effcfd090] = v:1 PESBT:d17d000006df8b24 Cursor:00000000524c4b20
    Cap Tag Write [0000003effcfd090/a536090] 1 -> 1
[0:0] 0x000000004e72187c:  75e5              lui             a1,-28672
    Write x11/a1 = ffffffffffff9000
[0:0] 0x000000004e72187e:  c305859b          addiw           a1,a1,-976
    Write x11/a1 = ffffffffffff8c30
[0:0] 0x000000004e721882:  22b1015b          cincoffset      csp,csp,a1
    Write c2/csp|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf5cb0 t:3ffff
[0:0] 0x000000004e721886:  fef105db          cgetaddr        a1,csp
    Write x11/a1 = 0000003effcf5cb0
[0:0] 0x000000004e72188a:  9981              andi            a1,a1,-32
    Write x11/a1 = 0000003effcf5ca0
[0:0] 0x000000004e72188c:  20b1015b          csetaddr        csp,csp,a1
    Write c2/csp|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf5ca0 t:3ffff
[0:0] 0x000000004e721890:  4641              addi            a2,zero,16
    Write x12/a2 = 0000000000000010
[0:0] 0x000000004e721892:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e721894:  ae05859b          addiw           a1,a1,-1312
    Write x11/a1 = 0000000000007ae0
[0:0] 0x000000004e721898:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd780 t:3ffff
[0:0] 0x000000004e72189c:  000596db          cincoffset      ca3,ca1,0
    Write c13/ca3|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd780 t:3ffff
[0:0] 0x000000004e7218a0:  10c686db          csetbounds      ca3,ca3,a2
    Write c13/ca3|v:1 s:0 p:0007817d f:0 b:0000003effcfd780 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7218a4:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e7218a6:  ad05859b          addiw           a1,a1,-1328
    Write x11/a1 = 0000000000007ad0
[0:0] 0x000000004e7218aa:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd770 t:3ffff
[0:0] 0x000000004e7218ae:  0005975b          cincoffset      ca4,ca1,0
    Write c14/ca4|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd770 t:3ffff
[0:0] 0x000000004e7218b2:  10c7075b          csetbounds      ca4,ca4,a2
    Write c14/ca4|v:1 s:0 p:0007817d f:0 b:0000003effcfd770 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7218b6:  4791              addi            a5,zero,4
    Write x15/a5 = 0000000000000004
[0:0] 0x000000004e7218b8:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e7218ba:  ac85859b          addiw           a1,a1,-1336
    Write x11/a1 = 0000000000007ac8
[0:0] 0x000000004e7218be:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd768 t:3ffff
[0:0] 0x000000004e7218c2:  0005985b          cincoffset      ca6,ca1,0
    Write c16/ca6|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd768 t:3ffff
[0:0] 0x000000004e7218c6:  10f8085b          csetbounds      ca6,ca6,a5
    Write c16/ca6|v:1 s:0 p:0007817d f:0 b:0000003effcfd768 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7218ca:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e7218cc:  ac05859b          addiw           a1,a1,-1344
    Write x11/a1 = 0000000000007ac0
[0:0] 0x000000004e7218d0:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd760 t:3ffff
[0:0] 0x000000004e7218d4:  000598db          cincoffset      ca7,ca1,0
    Write c17/ca7|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd760 t:3ffff
[0:0] 0x000000004e7218d8:  10f888db          csetbounds      ca7,ca7,a5
    Write c17/ca7|v:1 s:0 p:0007817d f:0 b:0000003effcfd760 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7218dc:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e7218de:  abc5859b          addiw           a1,a1,-1348
    Write x11/a1 = 0000000000007abc
[0:0] 0x000000004e7218e2:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd75c t:3ffff
[0:0] 0x000000004e7218e6:  000592db          cincoffset      ct0,ca1,0
    Write c5/ct0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd75c t:3ffff
[0:0] 0x000000004e7218ea:  10f282db          csetbounds      ct0,ct0,a5
    Write c5/ct0|v:1 s:0 p:0007817d f:0 b:0000003effcfd75c l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7218ee:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e7218f0:  ab85859b          addiw           a1,a1,-1352
    Write x11/a1 = 0000000000007ab8
[0:0] 0x000000004e7218f4:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd758 t:3ffff
[0:0] 0x000000004e7218f8:  0005935b          cincoffset      ct1,ca1,0
    Write c6/ct1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd758 t:3ffff
[0:0] 0x000000004e7218fc:  10f3035b          csetbounds      ct1,ct1,a5
    Write c6/ct1|v:1 s:0 p:0007817d f:0 b:0000003effcfd758 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721900:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e721902:  ab45859b          addiw           a1,a1,-1356
    Write x11/a1 = 0000000000007ab4
[0:0] 0x000000004e721906:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd754 t:3ffff
[0:0] 0x000000004e72190a:  000593db          cincoffset      ct2,ca1,0
    Write c7/ct2|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd754 t:3ffff
[0:0] 0x000000004e72190e:  10f383db          csetbounds      ct2,ct2,a5
    Write c7/ct2|v:1 s:0 p:0007817d f:0 b:0000003effcfd754 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721912:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e721914:  aa05859b          addiw           a1,a1,-1376
    Write x11/a1 = 0000000000007aa0
[0:0] 0x000000004e721918:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd740 t:3ffff
[0:0] 0x000000004e72191c:  00059e5b          cincoffset      ct3,ca1,0
    Write c28/ct3|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd740 t:3ffff
[0:0] 0x000000004e721920:  10ce0e5b          csetbounds      ct3,ct3,a2
    Write c28/ct3|v:1 s:0 p:0007817d f:0 b:0000003effcfd740 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721924:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e721926:  a9c5859b          addiw           a1,a1,-1380
    Write x11/a1 = 0000000000007a9c
[0:0] 0x000000004e72192a:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd73c t:3ffff
[0:0] 0x000000004e72192e:  00059edb          cincoffset      ct4,ca1,0
    Write c29/ct4|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd73c t:3ffff
[0:0] 0x000000004e721932:  10fe8edb          csetbounds      ct4,ct4,a5
    Write c29/ct4|v:1 s:0 p:0007817d f:0 b:0000003effcfd73c l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721936:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e721938:  a985859b          addiw           a1,a1,-1384
    Write x11/a1 = 0000000000007a98
[0:0] 0x000000004e72193c:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd738 t:3ffff
[0:0] 0x000000004e721940:  00059f5b          cincoffset      ct5,ca1,0
    Write c30/ct5|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd738 t:3ffff
[0:0] 0x000000004e721944:  10ff0f5b          csetbounds      ct5,ct5,a5
    Write c30/ct5|v:1 s:0 p:0007817d f:0 b:0000003effcfd738 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721948:  65a1              lui             a1,32768
    Write x11/a1 = 0000000000008000
[0:0] 0x000000004e72194a:  a945859b          addiw           a1,a1,-1388
    Write x11/a1 = 0000000000007a94
[0:0] 0x000000004e72194e:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd734 t:3ffff
[0:0] 0x000000004e721952:  00059fdb          cincoffset      ct6,ca1,0
    Write c31/ct6|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdfd734 t:3ffff
[0:0] 0x000000004e721956:  10ff8fdb          csetbounds      ct6,ct6,a5
    Write c31/ct6|v:1 s:0 p:0007817d f:0 b:0000003effcfd734 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e72195a:  649d              lui             s1,28672
    Write x9/s1 = 0000000000007000
[0:0] 0x000000004e72195c:  0204849b          addiw           s1,s1,32
    Write x9/s1 = 0000000000007020
[0:0] 0x000000004e721960:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721962:  a605859b          addiw           a1,a1,-1440
    Write x11/a1 = 0000000000000a60
[0:0] 0x000000004e721966:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6700 t:3ffff
[0:0] 0x000000004e72196a:  0005995b          cincoffset      cs2,ca1,0
    Write c18/cs2|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6700 t:3ffff
[0:0] 0x000000004e72196e:  109904db          csetbounds      cs1,cs2,s1
    Write c9/cs1|v:1 s:0 p:0007817d f:0 b:0000003effcf6700 l:0000000000007020
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721972:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721974:  a5c5859b          addiw           a1,a1,-1444
    Write x11/a1 = 0000000000000a5c
[0:0] 0x000000004e721978:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66fc t:3ffff
[0:0] 0x000000004e72197c:  0005995b          cincoffset      cs2,ca1,0
    Write c18/cs2|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66fc t:3ffff
[0:0] 0x000000004e721980:  10f9095b          csetbounds      cs2,cs2,a5
    Write c18/cs2|v:1 s:0 p:0007817d f:0 b:0000003effcf66fc l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721984:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721986:  a585859b          addiw           a1,a1,-1448
    Write x11/a1 = 0000000000000a58
[0:0] 0x000000004e72198a:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66f8 t:3ffff
[0:0] 0x000000004e72198e:  000599db          cincoffset      cs3,ca1,0
    Write c19/cs3|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66f8 t:3ffff
[0:0] 0x000000004e721992:  10f989db          csetbounds      cs3,cs3,a5
    Write c19/cs3|v:1 s:0 p:0007817d f:0 b:0000003effcf66f8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721996:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721998:  a545859b          addiw           a1,a1,-1452
    Write x11/a1 = 0000000000000a54
[0:0] 0x000000004e72199c:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66f4 t:3ffff
[0:0] 0x000000004e7219a0:  00059a5b          cincoffset      cs4,ca1,0
    Write c20/cs4|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66f4 t:3ffff
[0:0] 0x000000004e7219a4:  10fa0a5b          csetbounds      cs4,cs4,a5
    Write c20/cs4|v:1 s:0 p:0007817d f:0 b:0000003effcf66f4 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7219a8:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e7219aa:  a405859b          addiw           a1,a1,-1472
    Write x11/a1 = 0000000000000a40
[0:0] 0x000000004e7219ae:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66e0 t:3ffff
[0:0] 0x000000004e7219b2:  00059adb          cincoffset      cs5,ca1,0
    Write c21/cs5|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66e0 t:3ffff
[0:0] 0x000000004e7219b6:  10ca8adb          csetbounds      cs5,cs5,a2
    Write c21/cs5|v:1 s:0 p:0007817d f:0 b:0000003effcf66e0 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7219ba:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e7219bc:  a3c5859b          addiw           a1,a1,-1476
    Write x11/a1 = 0000000000000a3c
[0:0] 0x000000004e7219c0:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66dc t:3ffff
[0:0] 0x000000004e7219c4:  00059b5b          cincoffset      cs6,ca1,0
    Write c22/cs6|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66dc t:3ffff
[0:0] 0x000000004e7219c8:  10fb0b5b          csetbounds      cs6,cs6,a5
    Write c22/cs6|v:1 s:0 p:0007817d f:0 b:0000003effcf66dc l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7219cc:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e7219ce:  a205859b          addiw           a1,a1,-1504
    Write x11/a1 = 0000000000000a20
[0:0] 0x000000004e7219d2:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66c0 t:3ffff
[0:0] 0x000000004e7219d6:  00059bdb          cincoffset      cs7,ca1,0
    Write c23/cs7|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66c0 t:3ffff
[0:0] 0x000000004e7219da:  10cb8bdb          csetbounds      cs7,cs7,a2
    Write c23/cs7|v:1 s:0 p:0007817d f:0 b:0000003effcf66c0 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7219de:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e7219e0:  a1c5859b          addiw           a1,a1,-1508
    Write x11/a1 = 0000000000000a1c
[0:0] 0x000000004e7219e4:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66bc t:3ffff
[0:0] 0x000000004e7219e8:  00059c5b          cincoffset      cs8,ca1,0
    Write c24/cs8|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66bc t:3ffff
[0:0] 0x000000004e7219ec:  10fc0c5b          csetbounds      cs8,cs8,a5
    Write c24/cs8|v:1 s:0 p:0007817d f:0 b:0000003effcf66bc l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e7219f0:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e7219f2:  a185859b          addiw           a1,a1,-1512
    Write x11/a1 = 0000000000000a18
[0:0] 0x000000004e7219f6:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b8 t:3ffff
[0:0] 0x000000004e7219fa:  00059cdb          cincoffset      cs9,ca1,0
    Write c25/cs9|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b8 t:3ffff
[0:0] 0x000000004e7219fe:  10fc8cdb          csetbounds      cs9,cs9,a5
    Write c25/cs9|v:1 s:0 p:0007817d f:0 b:0000003effcf66b8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a02:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721a04:  a145859b          addiw           a1,a1,-1516
    Write x11/a1 = 0000000000000a14
[0:0] 0x000000004e721a08:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b4 t:3ffff
[0:0] 0x000000004e721a0c:  00059d5b          cincoffset      cs10,ca1,0
    Write c26/cs10|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b4 t:3ffff
[0:0] 0x000000004e721a10:  10fd0d5b          csetbounds      cs10,cs10,a5
    Write c26/cs10|v:1 s:0 p:0007817d f:0 b:0000003effcf66b4 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a14:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721a16:  a105859b          addiw           a1,a1,-1520
    Write x11/a1 = 0000000000000a10
[0:0] 0x000000004e721a1a:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b0 t:3ffff
[0:0] 0x000000004e721a1e:  00059ddb          cincoffset      cs11,ca1,0
    Write c27/cs11|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66b0 t:3ffff
[0:0] 0x000000004e721a22:  10fd8ddb          csetbounds      cs11,cs11,a5
    Write c27/cs11|v:1 s:0 p:0007817d f:0 b:0000003effcf66b0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a26:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721a28:  a0c5859b          addiw           a1,a1,-1524
    Write x11/a1 = 0000000000000a0c
[0:0] 0x000000004e721a2c:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66ac t:3ffff
[0:0] 0x000000004e721a30:  000590db          cincoffset      cra,ca1,0
    Write c1/cra|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66ac t:3ffff
[0:0] 0x000000004e721a34:  10f080db          csetbounds      cra,cra,a5
    Write c1/cra|v:1 s:0 p:0007817d f:0 b:0000003effcf66ac l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a38:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721a3a:  8005859b          addiw           a1,a1,-2048
    Write x11/a1 = 0000000000000800
[0:0] 0x000000004e721a3e:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64a0 t:3ffff
[0:0] 0x000000004e721a42:  00a5c023          csc             ca0,0(ca1)
    Cap Memory Write [0000003effcf64a0] = v:1 PESBT:d17d00000501a2c4 Cursor:00000000523822c0
    Cap Tag Write [0000003effcf64a0/1b5e64a0] 0 -> 1
[0:0] 0x000000004e721a46:  0101258f          clc             ca1,16(csp)
    Cap Memory Read [0000003effcf5cb0] = v:1 PESBT:f17d000004a5a284 Cursor:0000003effcf6280
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003effcf6280 l:0000000000000010
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcf5cb0/6ff42cb0] -> 1
[0:0] 0x000000004e721a4a:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721a4c:  a085051b          addiw           a0,a0,-1528
    Write x10/a0 = 0000000000000a08
[0:0] 0x000000004e721a50:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a8 t:3ffff
[0:0] 0x000000004e721a54:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a8 t:3ffff
[0:0] 0x000000004e721a58:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf66a8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a5c:  7ea14823          csc             ca0,2032(csp)
    Cap Memory Write [0000003effcf6490] = v:1 PESBT:f17d000005aaa6ac Cursor:0000003effcf66a8
    Cap Tag Write [0000003effcf6490/1b5e6490] 0 -> 1
[0:0] 0x000000004e721a60:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721a62:  a045051b          addiw           a0,a0,-1532
    Write x10/a0 = 0000000000000a04
[0:0] 0x000000004e721a66:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a4 t:3ffff
[0:0] 0x000000004e721a6a:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a4 t:3ffff
[0:0] 0x000000004e721a6e:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf66a4 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a72:  7ea14023          csc             ca0,2016(csp)
    Cap Memory Write [0000003effcf6480] = v:1 PESBT:f17d000005aba6a0 Cursor:0000003effcf66a4
    Cap Tag Write [0000003effcf6480/1b5e6480] 0 -> 1
[0:0] 0x000000004e721a76:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721a78:  a005051b          addiw           a0,a0,-1536
    Write x10/a0 = 0000000000000a00
[0:0] 0x000000004e721a7c:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a0 t:3ffff
[0:0] 0x000000004e721a80:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf66a0 t:3ffff
[0:0] 0x000000004e721a84:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf66a0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a88:  7ca14823          csc             ca0,2000(csp)
    Cap Memory Write [0000003effcf6470] = v:1 PESBT:f17d000005a8a6a4 Cursor:0000003effcf66a0
    Cap Tag Write [0000003effcf6470/1b5e6470] 0 -> 1
[0:0] 0x000000004e721a8c:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721a8e:  9f05051b          addiw           a0,a0,-1552
    Write x10/a0 = 00000000000009f0
[0:0] 0x000000004e721a92:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6690 t:3ffff
[0:0] 0x000000004e721a96:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6690 t:3ffff
[0:0] 0x000000004e721a9a:  10c5055b          csetbounds      ca0,ca0,a2
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf6690 l:0000000000000010
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721a9e:  6605              lui             a2,4096
    Write x12/a2 = 0000000000001000
[0:0] 0x000000004e721aa0:  9ec6061b          addiw           a2,a2,-1556
    Write x12/a2 = 00000000000009ec
[0:0] 0x000000004e721aa4:  22c1065b          cincoffset      ca2,csp,a2
    Write c12/ca2|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf668c t:3ffff
[0:0] 0x000000004e721aa8:  0006165b          cincoffset      ca2,ca2,0
    Write c12/ca2|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf668c t:3ffff
[0:0] 0x000000004e721aac:  10f6065b          csetbounds      ca2,ca2,a5
    Write c12/ca2|v:1 s:0 p:0007817d f:0 b:0000003effcf668c l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721ab0:  7ca14023          csc             ca0,1984(csp)
    Cap Memory Write [0000003effcf6460] = v:1 PESBT:f17d000005a9a694 Cursor:0000003effcf6690
    Cap Tag Write [0000003effcf6460/1b5e6460] 1 -> 1
[0:0] 0x000000004e721ab4:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721ab6:  9e85051b          addiw           a0,a0,-1560
    Write x10/a0 = 00000000000009e8
[0:0] 0x000000004e721aba:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6688 t:3ffff
[0:0] 0x000000004e721abe:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6688 t:3ffff
[0:0] 0x000000004e721ac2:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf6688 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721ac6:  7aa14823          csc             ca0,1968(csp)
    Cap Memory Write [0000003effcf6450] = v:1 PESBT:f17d000005a2a68c Cursor:0000003effcf6688
    Cap Tag Write [0000003effcf6450/1b5e6450] 0 -> 1
[0:0] 0x000000004e721aca:  06000513          addi            a0,zero,96
    Write x10/a0 = 0000000000000060
[0:0] 0x000000004e721ace:  7aa13423          csd             a0,1960(csp)
    Memory Write [0000003effcf6448] = 0000000000000060
    Cap Tag Write [0000003effcf6440/1b5e6440] 1 -> 0
    Cap Tag ramaddr Write [1b5e6440] 1 -> 0
[0:0] 0x000000004e721ad2:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721ad4:  9805051b          addiw           a0,a0,-1664
    Write x10/a0 = 0000000000000980
[0:0] 0x000000004e721ad8:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6620 t:3ffff
[0:0] 0x000000004e721adc:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6620 t:3ffff
[0:0] 0x000000004e721ae0:  78b14823          csc             ca1,1936(csp)
    Cap Memory Write [0000003effcf6430] = v:1 PESBT:f17d000004a5a284 Cursor:0000003effcf6280
    Cap Tag Write [0000003effcf6430/1b5e6430] 1 -> 1
[0:0] 0x000000004e721ae4:  7a813583          cld             a1,1960(csp)
    Memory Read [0000003effcf6448] = 0000000000000060
    Write x11/a1 = 0000000000000060
[0:0] 0x000000004e721ae8:  10b5055b          csetbounds      ca0,ca0,a1
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf6620 l:0000000000000060
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721aec:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721aee:  97c5859b          addiw           a1,a1,-1668
    Write x11/a1 = 000000000000097c
[0:0] 0x000000004e721af2:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf661c t:3ffff
[0:0] 0x000000004e721af6:  000595db          cincoffset      ca1,ca1,0
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf661c t:3ffff
[0:0] 0x000000004e721afa:  10f585db          csetbounds      ca1,ca1,a5
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003effcf661c l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721afe:  78a14023          csc             ca0,1920(csp)
    Cap Memory Write [0000003effcf6420] = v:1 PESBT:f17d000005a1a624 Cursor:0000003effcf6620
    Cap Tag Write [0000003effcf6420/1b5e6420] 0 -> 1
[0:0] 0x000000004e721b02:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721b04:  9785051b          addiw           a0,a0,-1672
    Write x10/a0 = 0000000000000978
[0:0] 0x000000004e721b08:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6618 t:3ffff
[0:0] 0x000000004e721b0c:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6618 t:3ffff
[0:0] 0x000000004e721b10:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf6618 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b14:  76a14823          csc             ca0,1904(csp)
    Cap Memory Write [0000003effcf6410] = v:1 PESBT:f17d00000586a61c Cursor:0000003effcf6618
    Cap Tag Write [0000003effcf6410/1b5e6410] 1 -> 1
[0:0] 0x000000004e721b18:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721b1a:  9105051b          addiw           a0,a0,-1776
    Write x10/a0 = 0000000000000910
[0:0] 0x000000004e721b1e:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf65b0 t:3ffff
[0:0] 0x000000004e721b22:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf65b0 t:3ffff
[0:0] 0x000000004e721b26:  76b14023          csc             ca1,1888(csp)
    Cap Memory Write [0000003effcf6400] = v:1 PESBT:f17d00000589a618 Cursor:0000003effcf661c
    Cap Tag Write [0000003effcf6400/1b5e6400] 1 -> 1
[0:0] 0x000000004e721b2a:  7a813583          cld             a1,1960(csp)
    Memory Read [0000003effcf6448] = 0000000000000060
    Write x11/a1 = 0000000000000060
[0:0] 0x000000004e721b2e:  10b5055b          csetbounds      ca0,ca0,a1
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf65b0 l:0000000000000060
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b32:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721b34:  8b05859b          addiw           a1,a1,-1872
    Write x11/a1 = 00000000000008b0
[0:0] 0x000000004e721b38:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6550 t:3ffff
[0:0] 0x000000004e721b3c:  000595db          cincoffset      ca1,ca1,0
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf6550 t:3ffff
[0:0] 0x000000004e721b40:  74a14823          csc             ca0,1872(csp)
    Cap Memory Write [0000003effcf63f0] = v:1 PESBT:f17d00000585a5b4 Cursor:0000003effcf65b0
    Cap Tag Write [0000003effcf63f0/1b5e63f0] 1 -> 1
[0:0] 0x000000004e721b44:  7a813503          cld             a0,1960(csp)
    Memory Read [0000003effcf6448] = 0000000000000060
    Write x10/a0 = 0000000000000060
[0:0] 0x000000004e721b48:  10a585db          csetbounds      ca1,ca1,a0
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003effcf6550 l:0000000000000060
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b4c:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721b4e:  8505051b          addiw           a0,a0,-1968
    Write x10/a0 = 0000000000000850
[0:0] 0x000000004e721b52:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64f0 t:3ffff
[0:0] 0x000000004e721b56:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64f0 t:3ffff
[0:0] 0x000000004e721b5a:  74b14023          csc             ca1,1856(csp)
    Cap Memory Write [0000003effcf63e0] = v:1 PESBT:f17d0000056da554 Cursor:0000003effcf6550
    Cap Tag Write [0000003effcf63e0/1b5e63e0] 0 -> 1
[0:0] 0x000000004e721b5e:  7a813583          cld             a1,1960(csp)
    Memory Read [0000003effcf6448] = 0000000000000060
    Write x11/a1 = 0000000000000060
[0:0] 0x000000004e721b62:  10b5055b          csetbounds      ca0,ca0,a1
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64f0 l:0000000000000060
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b66:  6585              lui             a1,4096
    Write x11/a1 = 0000000000001000
[0:0] 0x000000004e721b68:  8485859b          addiw           a1,a1,-1976
    Write x11/a1 = 0000000000000848
[0:0] 0x000000004e721b6c:  22b105db          cincoffset      ca1,csp,a1
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64e8 t:3ffff
[0:0] 0x000000004e721b70:  000595db          cincoffset      ca1,ca1,0
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64e8 t:3ffff
[0:0] 0x000000004e721b74:  10f585db          csetbounds      ca1,ca1,a5
    Write c11/ca1|v:1 s:0 p:0007817d f:0 b:0000003effcf64e8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b78:  72a14823          csc             ca0,1840(csp)
    Cap Memory Write [0000003effcf63d0] = v:1 PESBT:f17d00000555a4f4 Cursor:0000003effcf64f0
    Cap Tag Write [0000003effcf63d0/1b5e63d0] 0 -> 1
[0:0] 0x000000004e721b7c:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721b7e:  8405051b          addiw           a0,a0,-1984
    Write x10/a0 = 0000000000000840
[0:0] 0x000000004e721b82:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64e0 t:3ffff
[0:0] 0x000000004e721b86:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64e0 t:3ffff
[0:0] 0x000000004e721b8a:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64e0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721b8e:  72a14023          csc             ca0,1824(csp)
    Cap Memory Write [0000003effcf63c0] = v:1 PESBT:f17d00000538a4e4 Cursor:0000003effcf64e0
    Cap Tag Write [0000003effcf63c0/1b5e63c0] 1 -> 1
[0:0] 0x000000004e721b92:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721b94:  8385051b          addiw           a0,a0,-1992
    Write x10/a0 = 0000000000000838
[0:0] 0x000000004e721b98:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d8 t:3ffff
[0:0] 0x000000004e721b9c:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d8 t:3ffff
[0:0] 0x000000004e721ba0:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64d8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721ba4:  70a14823          csc             ca0,1808(csp)
    Cap Memory Write [0000003effcf63b0] = v:1 PESBT:f17d00000536a4dc Cursor:0000003effcf64d8
    Cap Tag Write [0000003effcf63b0/1b5e63b0] 0 -> 1
[0:0] 0x000000004e721ba8:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721baa:  8345051b          addiw           a0,a0,-1996
    Write x10/a0 = 0000000000000834
[0:0] 0x000000004e721bae:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d4 t:3ffff
[0:0] 0x000000004e721bb2:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d4 t:3ffff
[0:0] 0x000000004e721bb6:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64d4 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721bba:  70a14023          csc             ca0,1792(csp)
    Cap Memory Write [0000003effcf63a0] = v:1 PESBT:f17d00000537a4d0 Cursor:0000003effcf64d4
    Cap Tag Write [0000003effcf63a0/1b5e63a0] 1 -> 1
[0:0] 0x000000004e721bbe:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721bc0:  8305051b          addiw           a0,a0,-2000
    Write x10/a0 = 0000000000000830
[0:0] 0x000000004e721bc4:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d0 t:3ffff
[0:0] 0x000000004e721bc8:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64d0 t:3ffff
[0:0] 0x000000004e721bcc:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64d0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721bd0:  6ea14823          csc             ca0,1776(csp)
    Cap Memory Write [0000003effcf6390] = v:1 PESBT:f17d00000534a4d4 Cursor:0000003effcf64d0
    Cap Tag Write [0000003effcf6390/1b5e6390] 1 -> 1
[0:0] 0x000000004e721bd4:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721bd6:  82c5051b          addiw           a0,a0,-2004
    Write x10/a0 = 000000000000082c
[0:0] 0x000000004e721bda:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64cc t:3ffff
[0:0] 0x000000004e721bde:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64cc t:3ffff
[0:0] 0x000000004e721be2:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64cc l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721be6:  6ea14023          csc             ca0,1760(csp)
    Cap Memory Write [0000003effcf6380] = v:1 PESBT:f17d00000535a4c8 Cursor:0000003effcf64cc
    Cap Tag Write [0000003effcf6380/1b5e6380] 1 -> 1
[0:0] 0x000000004e721bea:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721bec:  8285051b          addiw           a0,a0,-2008
    Write x10/a0 = 0000000000000828
[0:0] 0x000000004e721bf0:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c8 t:3ffff
[0:0] 0x000000004e721bf4:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c8 t:3ffff
[0:0] 0x000000004e721bf8:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64c8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721bfc:  6ca14823          csc             ca0,1744(csp)
    Cap Memory Write [0000003effcf6370] = v:1 PESBT:f17d00000532a4cc Cursor:0000003effcf64c8
    Cap Tag Write [0000003effcf6370/1b5e6370] 1 -> 1
[0:0] 0x000000004e721c00:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721c02:  8245051b          addiw           a0,a0,-2012
    Write x10/a0 = 0000000000000824
[0:0] 0x000000004e721c06:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c4 t:3ffff
[0:0] 0x000000004e721c0a:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c4 t:3ffff
[0:0] 0x000000004e721c0e:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64c4 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721c12:  6ca14023          csc             ca0,1728(csp)
    Cap Memory Write [0000003effcf6360] = v:1 PESBT:f17d00000533a4c0 Cursor:0000003effcf64c4
    Cap Tag Write [0000003effcf6360/1b5e6360] 1 -> 1
[0:0] 0x000000004e721c16:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721c18:  8205051b          addiw           a0,a0,-2016
    Write x10/a0 = 0000000000000820
[0:0] 0x000000004e721c1c:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c0 t:3ffff
[0:0] 0x000000004e721c20:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64c0 t:3ffff
[0:0] 0x000000004e721c24:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64c0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721c28:  6aa14823          csc             ca0,1712(csp)
    Cap Memory Write [0000003effcf6350] = v:1 PESBT:f17d00000530a4c4 Cursor:0000003effcf64c0
    Cap Tag Write [0000003effcf6350/1b5e6350] 1 -> 1
[0:0] 0x000000004e721c2c:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721c2e:  81c5051b          addiw           a0,a0,-2020
    Write x10/a0 = 000000000000081c
[0:0] 0x000000004e721c32:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64bc t:3ffff
[0:0] 0x000000004e721c36:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64bc t:3ffff
[0:0] 0x000000004e721c3a:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64bc l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721c3e:  6aa14023          csc             ca0,1696(csp)
    Cap Memory Write [0000003effcf6340] = v:1 PESBT:f17d00000531a4b8 Cursor:0000003effcf64bc
    Cap Tag Write [0000003effcf6340/1b5e6340] 1 -> 1
[0:0] 0x000000004e721c42:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721c44:  8185051b          addiw           a0,a0,-2024
    Write x10/a0 = 0000000000000818
[0:0] 0x000000004e721c48:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64b8 t:3ffff
[0:0] 0x000000004e721c4c:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64b8 t:3ffff
[0:0] 0x000000004e721c50:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64b8 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721c54:  68a14823          csc             ca0,1680(csp)
    Cap Memory Write [0000003effcf6330] = v:1 PESBT:f17d0000052ea4bc Cursor:0000003effcf64b8
    Cap Tag Write [0000003effcf6330/1b5e6330] 0 -> 1
[0:0] 0x000000004e721c58:  6505              lui             a0,4096
    Write x10/a0 = 0000000000001000
[0:0] 0x000000004e721c5a:  8105051b          addiw           a0,a0,-2032
    Write x10/a0 = 0000000000000810
[0:0] 0x000000004e721c5e:  22a1055b          cincoffset      ca0,csp,a0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64b0 t:3ffff
[0:0] 0x000000004e721c62:  0005155b          cincoffset      ca0,ca0,0
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64b0 t:3ffff
[0:0] 0x000000004e721c66:  10f5055b          csetbounds      ca0,ca0,a5
    Write c10/ca0|v:1 s:0 p:0007817d f:0 b:0000003effcf64b0 l:0000000000000004
             |o:0000000000000000 t:3ffff
[0:0] 0x000000004e721c6a:  6785              lui             a5,4096
    Write x15/a5 = 0000000000001000
[0:0] 0x000000004e721c6c:  8007879b          addiw           a5,a5,-2048
    Write x15/a5 = 0000000000000800
[0:0] 0x000000004e721c70:  22f107db          cincoffset      ca5,csp,a5
    Write c15/ca5|v:1 s:0 p:0007817d f:0 b:0000003ebff00000 l:000000003fe00000
             |o:000000003fdf64a0 t:3ffff
[0:0] 0x000000004e721c74:  0007a78f          clc             ca5,0(ca5)
    Cap Memory Read [0000003effcf64a0] = v:1 PESBT:d17d00000501a2c4 Cursor:00000000523822c0
    Write c15/ca5|v:1 s:0 p:0006817d f:0 b:00000000523822c0 l:0000000000000140
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcf64a0/1b5e64a0] -> 1
[0:0] 0x000000004e721c78:  00f6c023          csc             ca5,0(ca3)
    Cap Memory Write [0000003effcfd780] = v:1 PESBT:d17d00000501a2c4 Cursor:00000000523822c0
    Cap Tag Write [0000003effcfd780/a536780] 1 -> 1
[0:0] 0x000000004e721c7c:  7901278f          clc             ca5,1936(csp)
    Cap Memory Read [0000003effcf6430] = v:1 PESBT:f17d000004a5a284 Cursor:0000003effcf6280
    Write c15/ca5|v:1 s:0 p:0007817d f:0 b:0000003effcf6280 l:0000000000000010
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcf6430/1b5e6430] -> 1
[0:0] 0x000000004e721c80:  00f74023          csc             ca5,0(ca4)
    Cap Memory Write [0000003effcfd770] = v:1 PESBT:f17d000004a5a284 Cursor:0000003effcf6280
    Cap Tag Write [0000003effcfd770/a536770] 1 -> 1
[0:0] 0x000000004e721c84:  0006a68f          clc             ca3,0(ca3)
    Cap Memory Read [0000003effcfd780] = v:1 PESBT:d17d00000501a2c4 Cursor:00000000523822c0
    Write c13/ca3|v:1 s:0 p:0006817d f:0 b:00000000523822c0 l:0000000000000140
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcfd780/a536780] -> 1
[0:0] 0x000000004e721c88:  0007278f          clc             ca5,0(ca4)
    Cap Memory Read [0000003effcfd770] = v:1 PESBT:f17d000004a5a284 Cursor:0000003effcf6280
    Write c15/ca5|v:1 s:0 p:0007817d f:0 b:0000003effcf6280 l:0000000000000010
             |o:0000000000000000 t:3ffff
    Cap Tag Read [0000003effcfd770/a536770] -> 1
[0:0] 0x000000004e721c8c:  0287a783          clw             a5,40(ca5)
-> Switch to Machine mode
    Write hstatus = 0000000000000000
    Write mstatus = 0000000a000040a0
    Write scause = 000000000000001c
    Write SEPCC|v:1 s:0 p:00078117 f:1 b:000000004e200000 l:0000000000b14000
             |o:0000000000521c8c t:3ffff
    Write sbadaddr = 00000000000001e1
    Write htval = 0000000000000000
    Write mstatus = 0000000a00004820
    Write mcause = 8000000000000007
    Write MEPCC|v:1 s:0 p:00078fff f:1 b:0000000000000000 l:ffffffffffffffff
             |o:ffffffc0005545e0 t:3ffff
    Write mbadaddr = 0000000000000000
    Write mtval2 = 0000000000000000
Failed capability bounds check: offset=0000000000000028 cursor=0000003effcf6280 addr=0000003effcf62a8
restore_state_to_opc: Updating pc from TB: 000000004e72183c -> 000000004e721c8c
Got CHERI trap Length Violation caused by register 15
    Write PCC|v:1 s:0 p:00078fff f:1 b:0000000000000000 l:ffffffffffffffff
             |o:ffffffc0005545e0 t:3ffff
    Write PCC|v:1 s:0 p:00078fff f:1 b:0000000000000000 l:ffffffffffffffff
             |o:0000000080000004 t:3ffff
[0:0] Disabled user-mode only instruction logging @ 0000000080000004

(This is a different compilation from the one that generated the trapframe and disassembly previously posted, but seems pretty much the same).

pentelbart commented 3 years ago

This manifested in a new way today; this function stored a word to part of a function pointer when it meant to set the gridfitted property of line to true, clearing the tag bit on the function pointer.

pentelbart commented 3 years ago

This doesn't seem to happen with the latest dev

jrtc27 commented 3 years ago

2f293ae8e5f4e0a9a8cb90ce2190c69af022f5f3 eases register pressure in cases like this, so I suspect the issue would return if you removed that pattern?

arichardson commented 3 years ago

Similar issues with MIPS were caused by using immediate values that are too large for the instructions (for MIPS it was csb, which has a tiny immediate) and then losing the high bits, thereby storing to incorrect locations.