Comment 6 for bug 663294

Just to close the loop entirely on this, as I showed the instructions used when reading the pointer stored in arenas_map, here are the instructions which write that value, which clearly show it writes to a different address to the one read from:

    5552: e8 39 ed ff ff call 4290 <arenas_extend>
    5557: 8b 83 c4 01 00 00 mov 0x1c4(%ebx),%eax
    555d: 8b 30 mov (%eax),%esi
    555f: 85 f6 test %esi,%esi
    5561: 0f 84 03 05 00 00 je 5a6a <.L488+0x14a>
    5567: 65 a1 00 00 00 00 mov %gs:0x0,%eax
    556d: 81 e8 04 00 00 00 sub $0x4,%eax
    5573: 89 30 mov %esi,(%eax)