CRASH: while seeking

LoKi128 · #1 (**permalink**) 29th July 2002

I get a crash when seeking in a DIV3 file. I'm using the DivX 4.01 codec for playback. It does not happen with other DIV3 files, even from the same series... here is the Dr. Watson log:

BTW, using BSPlay 0.85.490

Application exception occurred:
App: (pid=1040)
When: 7/29/2002 @ 15:01:56.662
Exception number: c0000005 (access violation)

*----> Task List <----*
0 Idle.exe
8 System.exe
140 SMSS.exe
164 CSRSS.exe
184 WINLOGON.exe
212 SERVICES.exe
224 LSASS.exe
380 svchost.exe
412 SPOOLSV.exe
464 svchost.exe
488 Runservice.exe
604 mysqld-nt.exe
640 WinMgmt.exe
668 winroute.exe
748 explorer.exe
512 qttask.exe
908 WrCtrl.exe
520 Proxomitron.exe
428 mozilla.exe
1088 NTVDM.exe
1120 notepad.exe
1040 bplay.exe
1028 DRWTSN32.exe
0 _Total.exe

(00400000 - 0050A000)
(77F80000 - 77FFB000)
(77E80000 - 77F35000)
(77E10000 - 77E74000)
(77F40000 - 77F7C000)
(77DB0000 - 77E0B000)
(77D40000 - 77DB0000)
(779B0000 - 77A4B000)
(77A50000 - 77B46000)
(695E0000 - 69609000)
(77B50000 - 77BD9000)
(77800000 - 7781D000)
(782F0000 - 78532000)
(77C70000 - 77CBA000)
(76B30000 - 76B6E000)
(78000000 - 78046000)
(75050000 - 75058000)
(75030000 - 75043000)
(75020000 - 75028000)
(51000000 - 51044000)
(728A0000 - 728A6000)
(5C280000 - 5C381000)
(012C0000 - 012C5000)
(77820000 - 77827000)
(759B0000 - 759B6000)
(51080000 - 510D4000)
(77570000 - 775A0000)
(775A0000 - 77625000)
(10000000 - 1001B000)
(35500000 - 3561D000)
(35620000 - 3562F000)
(02E80000 - 02EBA000)
(69280000 - 69289000)
(74FA0000 - 74FC7000)
(1C400000 - 1C46C000)
(030E0000 - 030F8000)
(77560000 - 77569000)
(77400000 - 77408000)
(77410000 - 77423000)

State Dump for Thread Id 0x478

eax=005be038 ebx=011a3694 ecx=002f19e0 edx=00000000 esi=00000000 edi=00330039
eip=77e13cf7 esp=0012ff18 ebp=0012ff44 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202

function: WaitMessage
77e13cec b836120000 mov eax,0x1236
77e13cf1 8d542404 lea edx,[esp+0x4] ss:00bad4eb=????????
77e13cf5 cd2e int 2e
77e13cf7 c3 ret

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0012FF44 00451E08 016B0228 00000200 00000000 00350075 user32!WaitMessage
0012FF80 004C38DB 0012FFB4 004C38F6 0012FFC0 00330039 !<nosymbols>
0012FFC0 77E97D08 00330039 002D0037 7FFDF000 00320031 !<nosymbols>
0012FFF0 00000000 00508BD6 00000000 000000C8 00000100 kernel32!CreateProcessW

*----> Raw Stack Dump <----*
0012ff18 54 26 45 00 70 ff 12 00 - 6f 26 45 00 44 ff 12 00 T&E.p...o&E.D...
0012ff28 39 00 33 00 00 00 00 00 - 34 11 1a 01 7c 92 1b 01 9.3.....4...|...
0012ff38 7c 92 1b 01 39 00 33 01 - 34 11 1a 01 80 ff 12 00 |...9.3.4.......
0012ff48 08 1e 45 00 28 02 6b 01 - 00 02 00 00 00 00 00 00 ..E.(.k.........
0012ff58 75 00 35 00 02 e2 69 12 - 5b 01 00 00 71 02 00 00 u.5...i.[...q...
0012ff68 00 f0 fd 7f 06 20 45 00 - 88 ff 12 00 2a 20 45 00 ..... E.....* E.
0012ff78 80 ff 12 00 34 11 1a 01 - c0 ff 12 00 db 38 4c 00 ....4........8L.
0012ff88 b4 ff 12 00 f6 38 4c 00 - c0 ff 12 00 39 00 33 00 .....8L.....9.3.
0012ff98 37 00 2d 00 00 f0 fd 7f - 00 00 00 00 00 00 00 00 7.-.............
0012ffa8 00 00 00 00 00 00 00 00 - 8c 18 1a 01 e0 ff 12 00 ................
0012ffb8 8c 39 40 00 c0 ff 12 00 - f0 ff 12 00 08 7d e9 77 .9@..........}.w
0012ffc8 39 00 33 00 37 00 2d 00 - 00 f0 fd 7f 31 00 32 00 9.3.7.-.....1.2.
0012ffd8 c8 ff 12 00 31 00 32 00 - ff ff ff ff 5b 61 e8 77 ....1.2.....[a.w
0012ffe8 10 7d e9 77 00 00 00 00 - 00 00 00 00 00 00 00 00 .}.w............
0012fff8 d6 8b 50 00 00 00 00 00 - c8 00 00 00 00 01 00 00 ..P.............
00130008 ff ee ff ee 02 00 00 00 - 00 00 00 00 00 fe 00 00 ................
00130018 00 00 10 00 00 20 00 00 - 00 02 00 00 00 20 00 00 ..... ....... ..
00130028 83 14 00 00 ff ef fd 7f - 01 00 08 06 00 00 00 00 ................
00130038 00 00 00 00 00 00 00 00 - 00 00 00 00 98 05 13 00 ................
00130048 0f 00 00 00 f8 ff ff ff - 50 00 13 00 50 00 13 00 ........P...P...

State Dump for Thread Id 0x4b8

eax=77d50c62 ebx=001442a0 ecx=00140b74 edx=00000000 esi=00144158 edi=00000100
eip=77f82a84 esp=0284fe28 ebp=0284ff74 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202

function: ZwReplyWaitReceivePortEx
77f82a79 b8ac000000 mov eax,0xac
77f82a7e 8d542404 lea edx,[esp+0x4] ss:032cd3fb=????????
77f82a82 cd2e int 2e
77f82a84 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0284FF74 77D50781 77D50D7F 00144158 00000000 40142070 ntdll!ZwReplyWaitReceivePortEx
0284FFA8 77D50C7A 00142410 0284FFEC 77E8758A 001442A0 rpcrt4!RpcBindingSetOption
0284FFB4 77E8758A 001442A0 00000000 40142070 001442A0 rpcrt4!RpcBindingSetOption
0284FFEC 00000000 77D50C62 001442A0 00000000 00000000 kernel32!SetFilePointer

*----> Raw Stack Dump <----*
0284fe28 2d 09 d5 77 78 01 00 00 - 54 ff 84 02 00 00 00 00 -..wx...T.......
0284fe38 10 67 14 00 58 ff 84 02 - f0 3c 13 00 10 24 14 00 .g..X....<...$..
0284fe48 a0 42 14 00 a6 c2 5f 81 - b4 eb 64 bb d0 0c 45 80 .B...._...d...E.
0284fe58 34 00 00 c0 01 a1 aa 81 - 71 36 4a 80 38 88 00 e1 4.......q6J.8...
0284fe68 b0 ec 64 bb 38 88 00 e1 - 00 00 00 00 00 00 00 00 ..d.8...........
0284fe78 46 02 00 00 68 10 45 80 - 01 00 00 00 40 a1 aa 81 F...h.E.....@...
0284fe88 00 00 00 00 10 00 f8 00 - 4a c2 5f 81 7c 00 f8 00 ........J._.|...
0284fe98 5a c2 5f 81 48 e1 aa 81 - 38 88 00 e1 00 00 00 00 Z._.H...8.......
0284fea8 1f 00 00 00 30 d0 aa 81 - 30 d0 aa 81 00 00 00 00 ....0...0.......
0284feb8 01 00 00 00 10 ec 64 bb - 00 00 00 00 78 40 0b e2 ......d.....x@..
0284fec8 d4 eb 64 bb 00 00 00 00 - 91 4e 41 80 d0 e1 aa 81 ..d......NA.....
0284fed8 40 a1 aa 81 c4 ec 64 bb - a8 04 45 80 04 00 00 00 @.....d...E.....
0284fee8 48 c2 5f 81 97 db 49 80 - 80 f3 12 00 00 00 00 00 H._...I.........
0284fef8 48 f3 12 00 a7 b3 3c 00 - 00 00 00 00 00 00 00 00 H.....<.........
0284ff08 01 00 00 00 19 00 02 00 - 20 28 50 c0 7a 00 00 00 ........ (P.z...
0284ff18 00 00 00 00 00 00 00 00 - 7a 00 00 00 01 00 00 00 ........z.......
0284ff28 00 20 50 c0 20 d0 58 81 - e0 9b 4a 81 00 00 00 00 . P. .X...J.....
0284ff38 70 9d 4a 81 60 ec 64 bb - 46 02 00 00 ec d8 42 80 p.J.`.d.F.....B.
0284ff48 c0 95 06 80 40 9d 4a 81 - e0 9b 4a 81 70 ec 64 bb ....@.J...J.p.d.
0284ff58 00 a2 2f 4d ff ff ff ff - 50 fe 84 02 ff ff ff ff ../M....P.......

State Dump for Thread Id 0x1f0

eax=35513fd4 ebx=00000001 ecx=0295fe48 edx=00000000 esi=77f8281e edi=00000001
eip=77f82829 esp=0295fd90 ebp=0295fddc iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00200246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:033dd363=????????
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0295FDDC 77E86E1A 0295FDB4 00000001 00000000 0295FDD4 ntdll!NtWaitForMultipleObjects
0295FE4C 3552F473 00000194 FFFFFFFF 006D033C 0000040A kernel32!WaitForMultipleObjects
0295FEA4 355B2C05 006D033C 00000113 00000001 00000000 !<nosymbols>
0295FEC8 77E12E98 006D033C 00000113 00000001 00000000 !<nosymbols>
0295FEE8 77E130E0 355B2B71 006D033C 00000113 00000001 user32!ScrollDC
0295FF74 77E1320F 0295FF9C 00000000 3552C105 0295FF9C user32!ScrollDC
00000000 00000000 00000000 00000000 00000000 00000000 user32!DispatchMessageW

*----> Raw Stack Dump <----*
0295fd90 da 6d e8 77 01 00 00 00 - b4 fd 95 02 01 00 00 00 .m.w............
0295fda0 00 00 00 00 d4 fd 95 02 - 00 00 00 00 01 00 00 00 ................
0295fdb0 f0 01 00 00 94 01 00 00 - e4 fd 95 02 00 00 00 00 ................
0295fdc0 00 00 00 00 40 00 00 00 - 5d 67 e8 77 00 00 00 00 ....@...]g.w....
0295fdd0 00 00 00 00 00 00 00 00 - 00 00 00 00 4c fe 95 02 ............L...
0295fde0 1a 6e e8 77 b4 fd 95 02 - 01 00 00 00 00 00 00 00 .n.w............
0295fdf0 d4 fd 95 02 00 00 00 00 - b7 36 52 35 01 00 00 00 .........6R5....
0295fe00 34 fe 95 02 00 00 00 00 - 00 00 00 00 01 00 00 00 4...............
0295fe10 ac 61 17 01 f0 01 00 00 - 00 00 00 00 20 61 17 01 .a.......... a..
0295fe20 64 61 17 01 2c 0d b2 02 - 95 89 52 35 2c 0d b2 02 da..,.....R5,...
0295fe30 00 00 00 00 94 01 00 00 - 00 00 00 00 58 64 17 01 ............Xd..
0295fe40 01 00 00 00 01 00 00 00 - 00 00 00 00 a4 fe 95 02 ................
0295fe50 73 f4 52 35 94 01 00 00 - ff ff ff ff 3c 03 6d 00 s.R5........<.m.
0295fe60 0a 04 00 00 00 00 00 00 - ac 61 17 01 84 65 17 01 .........a...e..
0295fe70 01 00 00 00 74 7d 53 35 - 00 00 00 00 de 33 e1 77 ....t}S5.....3.w
0295fe80 84 65 17 01 3c 03 6d 00 - a4 ff 95 02 3c 03 6d 00 .e..<.m.....<.m.
0295fe90 f0 93 59 00 84 fe 95 02 - f0 93 59 00 64 ff 95 02 ..Y.......Y.d...
0295fea0 8a 1c e6 77 c8 fe 95 02 - 05 2c 5b 35 3c 03 6d 00 ...w.....,[5<.m.
0295feb0 13 01 00 00 01 00 00 00 - 00 00 00 00 9c ff 95 02 ................
0295fec0 a4 ff 95 02 00 00 00 c0 - e8 fe 95 02 98 2e e1 77 ...............w

State Dump for Thread Id 0x498

eax=02b609e8 ebx=00000000 ecx=02b60960 edx=00000000 esi=77f827dd edi=000001d0
eip=77f827e8 esp=02e7fedc ebp=02e7ff00 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForSingleObject
77f827dd b8ea000000 mov eax,0xea
77f827e2 8d542404 lea edx,[esp+0x4] ss:038fd4af=????????
77f827e6 cd2e int 2e
77f827e8 c20c00 ret 0xc
77f827eb 8b4124 mov eax,[ecx+0x24] ds:035ddf32=????????
77f827ee 39420c cmp [edx+0xc],eax ds:00a7d5d2=????????
77f827f1 0f85c9100000 jne NtQueryDefaultLocale+0x115 (77f838c0)
77f827f7 ff4208 inc dword ptr [edx+0x8] ds:00a7d5d2=????????
77f827fa 33c0 xor eax,eax
77f827fc c20400 ret 0x4
77f827ff 90 nop
77f82800 ff4a04 dec dword ptr [edx+0x4] ds:00a7d5d2=????????
77f82803 c20400 ret 0x4

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
02E7FF00 77E86A3D 000001D0 FFFFFFFF 00000000 35574D48 ntdll!NtWaitForSingleObject
02E7FF2C 355741F4 FFFFFFFF 02E7FF48 02E7FF9C 02E7FF60 kernel32!WaitForSingleObject
02E7FF4C 355BFA0C 01177AE0 FFFFFFFF 02E7FF98 02E7FF9C !<nosymbols>
02E7FFA0 355BFF2B 00000000 355238B1 01170640 01170380 !<nosymbols>
02E7FFEC 00000000 355238A0 0117A794 00000000 00905A4D !<nosymbols>

*----> Raw Stack Dump <----*
02e7fedc 15 6a e8 77 d0 01 00 00 - 00 00 00 00 00 00 00 00 .j.w............
02e7feec 00 00 00 00 48 7a 17 01 - 07 22 f8 77 48 7a 17 01 ....Hz...".wHz..
02e7fefc 48 7a 17 01 2c ff e7 02 - 3d 6a e8 77 d0 01 00 00 Hz..,...=j.w....
02e7ff0c ff ff ff ff 00 00 00 00 - 48 4d 57 35 d0 01 00 00 ........HMW5....
02e7ff1c ff ff ff ff 00 00 00 00 - 94 a7 17 01 78 b2 b1 02 ............x...
02e7ff2c 4c ff e7 02 f4 41 57 35 - ff ff ff ff 48 ff e7 02 L....AW5....H...
02e7ff3c 9c ff e7 02 60 ff e7 02 - 94 a7 17 01 00 00 00 00 ....`...........
02e7ff4c a0 ff e7 02 0c fa 5b 35 - e0 7a 17 01 ff ff ff ff ......[5.z......
02e7ff5c 98 ff e7 02 9c ff e7 02 - 40 06 17 01 94 a7 17 01 ........@.......
02e7ff6c 94 a7 17 01 00 00 14 14 - 0a 7d 00 00 00 00 7d 4f .........}....}O
02e7ff7c d8 7d 00 00 00 a8 17 01 - 00 00 00 00 4c 6a e8 77 .}..........Lj.w
02e7ff8c fc 01 00 00 94 a7 17 01 - 00 00 00 00 00 00 00 00 ................
02e7ff9c 00 00 00 00 ec ff e7 02 - 2b ff 5b 35 00 00 00 00 ........+.[5....
02e7ffac b1 38 52 35 40 06 17 01 - 80 03 17 01 8a 75 e8 77 .8R5@........u.w
02e7ffbc 94 a7 17 01 40 06 17 01 - 80 03 17 01 94 a7 17 01 ....@...........
02e7ffcc 00 b0 fd 7f 02 00 00 00 - c0 ff e7 02 02 00 00 00 ................
02e7ffdc ff ff ff ff 5b 61 e8 77 - 80 b5 e8 77 00 00 00 00 ....[a.w...w....
02e7ffec 00 00 00 00 00 00 00 00 - a0 38 52 35 94 a7 17 01 .........8R5....
02e7fffc 00 00 00 00 4d 5a 90 00 - 03 00 00 00 04 00 00 00 ....MZ..........
02e8000c ff ff 00 00 b8 00 00 00 - 00 00 00 00 40 00 00 00 ............@...

State Dump for Thread Id 0x4b0

eax=77df9d61 ebx=00000102 ecx=00156e30 edx=00000000 esi=00133370 edi=00000000
eip=77f82829 esp=02fdff80 ebp=02fdffb4 iopl=0 nv up ei ng nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000286

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:03a5d553=????????
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
02FDFFB4 77E8758A 00000000 00000001 00133370 00000000 ntdll!NtWaitForMultipleObjects
02FDFFEC 00000000 77DF9D61 00000000 00000000 00000008 kernel32!SetFilePointer

*----> Raw Stack Dump <----*
02fdff80 90 9d df 77 02 00 00 00 - 90 1f e0 77 01 00 00 00 ...w.......w....
02fdff90 00 00 00 00 ac ff fd 02 - 01 00 00 00 70 33 13 00 ............p3..
02fdffa0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 5d 1e ee .............]..
02fdffb0 ff ff ff ff ec ff fd 02 - 8a 75 e8 77 00 00 00 00 .........u.w....
02fdffc0 01 00 00 00 70 33 13 00 - 00 00 00 00 00 a0 fd 7f ....p3..........
02fdffd0 30 6e 15 00 c0 ff fd 02 - 30 6e 15 00 ff ff ff ff 0n......0n......
02fdffe0 5b 61 e8 77 80 b5 e8 77 - 00 00 00 00 00 00 00 00 [a.w...w........
02fdfff0 00 00 00 00 61 9d df 77 - 00 00 00 00 00 00 00 00 ....a..w........
02fe0000 08 00 00 00 01 01 00 00 - ee ff ee ff 00 00 00 00 ................
02fe0010 00 00 ed 02 00 e0 0e 00 - 00 00 fe 02 00 01 00 00 ................
02fe0020 40 00 fe 02 00 00 0e 03 - ee 00 00 00 01 00 00 00 @...............
02fe0030 98 05 ed 02 00 00 00 00 - 48 00 ff 02 00 00 00 00 ........H.......
02fe0040 01 20 08 00 01 01 08 00 - 00 00 00 00 00 00 00 00 . ..............
02fe0050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe0060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe0070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe0080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe0090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe00a0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
02fe00b0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

State Dump for Thread Id 0x4ac

eax=77562bda ebx=00000002 ecx=00000000 edx=00000000 esi=77f8281e edi=00000002
eip=77f82829 esp=0324ff24 ebp=0324ff70 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:03ccd4f7=00000000
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0324FF70 77E86E1A 0324FF48 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0324FFB4 77E8758A 00000000 7FFDCBF8 00000000 00000000 kernel32!WaitForMultipleObjects
0324FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!SetFilePointer

State Dump for Thread Id 0x3dc

eax=510c00b0 ebx=00000040 ecx=77f83ab0 edx=00000000 esi=77f8281e edi=00000040
eip=77f82829 esp=0334fdd8 ebp=0334fe24 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:03dcd3ab=00000000
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0334FE24 77E86E1A 0015ACA0 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0334FF70 510BFD5D FFFFFFFF 0000003F 01354840 0334FF90 kernel32!WaitForMultipleObjects
0334FF94 510C0696 00000000 013547F4 00000430 0334FFEC !<nosymbols>
0334FFA8 510C00EC 00000000 510C00B9 77E8758A 013547F4 !<nosymbols>
0334FFEC 00000000 00000000 00000000 00000000 00000000 !<nosymbols>

State Dump for Thread Id 0x12c

eax=040a0000 ebx=00000002 ecx=00010101 edx=00000000 esi=77f8281e edi=00000002
eip=77f82829 esp=0344fe8c ebp=0344fed8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:03ecd45f=00000000
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0344FED8 77E86E1A 0344FEB0 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
0344FF24 510BFFFA 0000044C 01351F60 01352008 510A127E kernel32!WaitForMultipleObjects
0344FF5C 510A1446 00000000 01351F74 01351F74 01370258 !<nosymbols>
0344FF88 510A14BA 00000000 01351F74 510C0696 0012DA90 !<nosymbols>
0344FFA8 510C00EC 00000200 510C00B9 77E8758A 01351F74 !<nosymbols>
0344FFEC 00000000 510C00B0 01351F74 00000000 00000008 !<nosymbols>

*----> Raw Stack Dump <----*
0344fe8c da 6d e8 77 02 00 00 00 - b0 fe 44 03 01 00 00 00 .m.w......D.....
0344fe9c 00 00 00 00 00 00 00 00 - 01 00 00 00 74 1f 35 01 ............t.5.
0344feac 60 1f 35 01 a0 00 00 00 - 4c 04 00 00 05 00 00 00 `.5.....L.......
0344febc 00 10 00 00 00 00 0a 04 - 04 00 00 00 01 00 00 00 ................
0344fecc 20 ff 44 03 58 fe 44 03 - b0 e0 47 03 24 ff 44 03 .D.X.D...G.$.D.
0344fedc 1a 6e e8 77 b0 fe 44 03 - 01 00 00 00 00 00 00 00 .n.w..D.........
0344feec 00 00 00 00 00 00 00 00 - cc fa 0b 51 02 00 00 00 ...........Q....
0344fefc 1c ff 44 03 00 00 00 00 - ff ff ff ff 65 fc 0b 51 ..D.........e..Q
0344ff0c 02 00 00 00 ff ff ff ff - 00 00 00 00 1c ff 44 03 ..............D.
0344ff1c a0 00 00 00 4c 04 00 00 - 5c ff 44 03 fa ff 0b 51 ....L...\.D....Q
0344ff2c 4c 04 00 00 60 1f 35 01 - 08 20 35 01 7e 12 0a 51 L...`.5.. 5.~..Q
0344ff3c fc 1f 35 01 20 34 08 51 - 00 00 00 00 00 00 00 00 ..5. 4.Q........
0344ff4c 00 00 00 00 60 1f 35 01 - 2f 14 0a 51 00 00 00 00 ....`.5./..Q....
0344ff5c 88 ff 44 03 46 14 0a 51 - 00 00 00 00 74 1f 35 01 ..D.F..Q....t.5.
0344ff6c 74 1f 35 01 58 02 37 01 - 01 00 00 00 00 00 00 00 t.5.X.7.........
0344ff7c 78 04 00 00 02 00 00 00 - 00 00 00 00 a8 ff 44 03 x.............D.
0344ff8c ba 14 0a 51 00 00 00 00 - 74 1f 35 01 96 06 0c 51 ...Q....t.5....Q
0344ff9c 90 da 12 00 74 1f 35 01 - 4c 04 00 00 ec ff 44 03 ....t.5.L.....D.
0344ffac ec 00 0c 51 00 02 00 00 - b9 00 0c 51 8a 75 e8 77 ...Q.......Q.u.w
0344ffbc 74 1f 35 01 90 da 12 00 - 00 02 00 00 74 1f 35 01 t.5.........t.5.

State Dump for Thread Id 0x428

eax=00000000 ebx=00000004 ecx=00005990 edx=00000000 esi=77f8281e edi=00000004
eip=77f82829 esp=0364ff04 ebp=0364ff50 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:040cd4d7=????????
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0364FF50 77E86E1A 0364FF28 00000001 00000000 0364FF48 ntdll!NtWaitForMultipleObjects
0364FFB0 355BB0F3 77E8758A 02B20E44 0012EA48 00169F80 kernel32!WaitForMultipleObjects
0364FFEC 00000000 355BB0EA 02B20E44 00000000 F6860422 !<nosymbols>

*----> Raw Stack Dump <----*
0364ff04 da 6d e8 77 04 00 00 00 - 28 ff 64 03 01 00 00 00 .m.w....(.d.....
0364ff14 00 00 00 00 48 ff 64 03 - 08 e2 69 12 44 0e b2 02 ....H.d...i.D...
0364ff24 00 00 00 00 00 03 00 00 - 04 03 00 00 f8 02 00 00 ................
0364ff34 0c 03 00 00 00 98 01 00 - d7 e2 56 35 8c 0b b2 02 ..........V5....
0364ff44 08 e2 69 12 c0 bd f0 ff - ff ff ff ff b0 ff 64 03 ..i...........d.
0364ff54 1a 6e e8 77 28 ff 64 03 - 01 00 00 00 00 00 00 00 .n.w(.d.........
0364ff64 48 ff 64 03 00 00 00 00 - 93 b0 5b 35 04 00 00 00 H.d.......[5....
0364ff74 8c ff 64 03 00 00 00 00 - 64 00 00 00 48 ea 12 00 ..d.....d...H...
0364ff84 80 9f 16 00 44 0e b2 02 - 00 03 00 00 04 03 00 00 ....D...........
0364ff94 f8 02 00 00 0c 03 00 00 - 30 9d e7 46 cf 02 00 00 ........0..F....
0364ffa4 94 0d b2 02 64 00 00 00 - 04 00 00 00 ec ff 64 03 ....d.........d.
0364ffb4 f3 b0 5b 35 8a 75 e8 77 - 44 0e b2 02 48 ea 12 00 ..[5.u.wD...H...
0364ffc4 80 9f 16 00 44 0e b2 02 - 00 60 fd 7f e8 01 00 00 ....D....`......
0364ffd4 c0 ff 64 03 e8 01 00 00 - ff ff ff ff 5b 61 e8 77 ..d.........[a.w
0364ffe4 80 b5 e8 77 00 00 00 00 - 00 00 00 00 00 00 00 00 ...w............
0364fff4 ea b0 5b 35 44 0e b2 02 - 00 00 00 00 22 04 86 f6 ..[5D......."...
03650004 1b 04 67 f6 16 04 45 f6 - 18 04 34 f6 28 04 4b f6 ..g...E...4.(.K.
03650014 47 04 73 f6 70 04 94 f6 - 9a 04 b7 f6 c3 04 e0 f6 G.s.p...........
03650024 eb 04 fb f6 13 05 0c f7 - 3f 05 32 f7 6d 05 6d f7 ........?.2.m.m.
03650034 96 05 97 f7 b7 05 b0 f7 - d5 05 d8 f7 f9 05 0d f8 ................

State Dump for Thread Id 0x4b4

eax=02b30048 ebx=00000000 ecx=1c43f210 edx=00000000 esi=0117a800 edi=00000000
eip=77f827e8 esp=0376fe04 ebp=0376fe74 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00200206

function: NtWaitForSingleObject
77f827dd b8ea000000 mov eax,0xea
77f827e2 8d542404 lea edx,[esp+0x4] ss:041ed3d7=????????
77f827e6 cd2e int 2e
77f827e8 c20c00 ret 0xc
77f827eb 8b4124 mov eax,[ecx+0x24] ds:1cebc7e2=????????
77f827ee 39420c cmp [edx+0xc],eax ds:00a7d5d2=????????
77f827f1 0f85c9100000 jne NtQueryDefaultLocale+0x115 (77f838c0)
77f827f7 ff4208 inc dword ptr [edx+0x8] ds:00a7d5d2=????????
77f827fa 33c0 xor eax,eax
77f827fc c20400 ret 0x4
77f827ff 90 nop
77f82800 ff4a04 dec dword ptr [edx+0x4] ds:00a7d5d2=????????
77f82803 c20400 ret 0x4

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0376FE74 77F838C6 0117A800 355BF396 0117A800 02B2F368 ntdll!NtWaitForSingleObject
0376FEA4 3559A7C3 00CDC0A0 00000000 000031B7 02B2FC48 ntdll!NtQueryDefaultLocale
0376FF40 355BD634 0376FF60 0376FF7C 000031B7 0347EF00 !<nosymbols>
0376FF88 355BDF24 0347EF00 02B2F300 02B2F300 02B2F300 !<nosymbols>
0376FFA0 355BE4F2 00000000 355238B1 0347EF00 0012EA84 !<nosymbols>
0376FFEC 00000000 00000000 00000000 00000000 00000000 !<nosymbols>

State Dump for Thread Id 0x46c

eax=83128212 ebx=00000005 ecx=83128212 edx=03c67540 esi=03c67540 edi=01170000
eip=77fcb397 esp=0386fc20 ebp=0386fdb8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: RtlAllocateHeap
77fcb375 0fb70e movzx ecx,word ptr [esi] ds:03c67540=8212
77fcb378 3bcb cmp ecx,ebx
77fcb37a 72e5 jb NlsAnsiCodePage+0x833 (77fd0a61)
77fcb37c 56 push esi
77fcb37d ff75a4 push dword ptr [ebp+0xa4] ss:042ed38a=????????
77fcb380 e88872fbff call RtlConsoleMultiByteToUnicodeN+0x348 (77f8260d)
77fcb385 8b4608 mov eax,[esi+0x8] ds:046e4b12=????????
77fcb388 898594feffff mov [ebp+0xfffffe94],eax ss:0386fc4c=83128212
77fcb38e 8b4e0c mov ecx,[esi+0xc] ds:046e4b12=????????
77fcb391 898d90feffff mov [ebp+0xfffffe90],ecx ss:0386fc48=83128212
FAULT ->77fcb397 8901 mov [ecx],eax ds:83128212=????????
77fcb399 894804 mov [eax+0x4],ecx ds:83ba57e4=????????
77fcb39c 8a4605 mov al,[esi+0x5] ds:046e4b12=??
77fcb39f 8845c4 mov [ebp+0xc4],al ss:042ed38a=??
77fcb3a2 0fb716 movzx edx,word ptr [esi] ds:03c67540=8212
77fcb3a5 8b4da4 mov ecx,[ebp+0xa4] ss:042ed38a=????????
77fcb3a8 295128 sub [ecx+0x28],edx ds:83ba57e4=????????
77fcb3ab 8975d8 mov [ebp+0xd8],esi ss:042ed38a=????????
77fcb3ae c6460501 mov byte ptr [esi+0x5],0x1 ds:046e4b12=??
77fcb3b2 0fb71e movzx ebx,word ptr [esi] ds:03c67540=8212
77fcb3b5 8b4dbc mov ecx,[ebp+0xbc] ss:042ed38a=????????
77fcb3b8 2bd9 sub ebx,ecx

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0386FDB8 78001426 01170000 00000000 00000020 00D32200 ntdll!RtlAllocateHeap
0386FDF8 780013C3 00000020 780031DC 00000020 00000001 !malloc
0386FE24 35574095 00D32200 00000000 00016000 02C16200 !malloc
0386FE80 355BF785 01177AE0 02B1B1C0 02B1B1C0 00000000 !<nosymbols>
0386FEBC 355C0019 00000000 00D32000 02B1A950 00D48105 !<nosymbols>
0386FEFC 355C0117 0386FF70 02B2FD18 00000000 0386FF44 !<nosymbols>
0386FF10 355BD3A6 0386FF40 00000001 00040103 02B2FD18 !<nosymbols>
0386FF44 355BD681 0386FF74 0386FF70 0347EF00 02B2FD18 !<nosymbols>
0386FF88 355BDF24 0347EF00 02B2FD18 02B2FD18 02B2FD18 !<nosymbols>
0386FFA0 355BE4F2 00000000 355238B1 0347EF00 0012EA84 !<nosymbols>
0386FFEC 00000000 00000000 00000000 00000000 00000000 !<nosymbols>

State Dump for Thread Id 0x4a0

eax=5103e800 ebx=004c79ac ecx=0396fe2c edx=00000000 esi=77f82226 edi=0396fe0c
eip=77f82231 esp=0396fdf8 ebp=0396fe14 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000206

function: ZwDelayExecution
77f82226 b832000000 mov eax,0x32
77f8222b 8d542404 lea edx,[esp+0x4] ss:043ed3cb=????????
77f8222f cd2e int 2e
77f82231 c20800 ret 0x8

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0396FE14 77E86784 00000064 00000000 0048A347 00000064 ntdll!ZwDelayExecution
0396FFA0 00403D82 0396FFDC 0040398C 0396FFB4 0396FFEC kernel32!Sleep
0396FFB4 77E8758A 011B41CC 0012EEA4 77E8615B 011B41CC !<nosymbols>
0396FFEC 00000000 00000000 00000000 00000000 00000000 kernel32!SetFilePointer

State Dump for Thread Id 0x3e0

eax=35574d1c ebx=00000002 ecx=00000003 edx=00000000 esi=77f8281e edi=00000002
eip=77f82829 esp=03a6ff28 ebp=03a6ff74 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246

function: NtWaitForMultipleObjects
77f8281e b8e9000000 mov eax,0xe9
77f82823 8d542404 lea edx,[esp+0x4] ss:044ed4fb=????????
77f82827 cd2e int 2e
77f82829 c21400 ret 0x14

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
03A6FF74 77E86E1A 03A6FF4C 00000001 00000000 00000000 ntdll!NtWaitForMultipleObjects
03A6FFB0 35574D25 77E8758A 01177A48 00000003 77F829C0 kernel32!WaitForMultipleObjects
03A6FFEC 00000000 35574D1C 01177A48 00000000 00000008 !<nosymbols>

*----> Raw Stack Dump <----*
03a6ff28 da 6d e8 77 02 00 00 00 - 4c ff a6 03 01 00 00 00 .m.w....L.......
03a6ff38 00 00 00 00 00 00 00 00 - 03 00 00 00 48 7a 17 01 ............Hz..
03a6ff48 48 7a 17 01 d4 01 00 00 - cc 01 00 00 ff ff ff ff Hz..............
03a6ff58 80 ff a6 03 35 4a 57 35 - d8 01 00 00 00 10 c3 02 ....5JW5........
03a6ff68 00 5a 01 00 69 4a 57 35 - 4c 6a e8 77 b0 ff a6 03 .Z..iJW5Lj.w....
03a6ff78 1a 6e e8 77 4c ff a6 03 - 01 00 00 00 00 00 00 00 .n.wL...........
03a6ff88 00 00 00 00 00 00 00 00 - a7 4c 57 35 02 00 00 00 .........LW5....
03a6ff98 a8 ff a6 03 00 00 00 00 - ff ff ff ff c0 29 f8 77 .............).w
03a6ffa8 d4 01 00 00 cc 01 00 00 - ec ff a6 03 25 4d 57 35 ............%MW5
03a6ffb8 8a 75 e8 77 48 7a 17 01 - 03 00 00 00 c0 29 f8 77 .u.wHz.......).w
03a6ffc8 48 7a 17 01 00 e0 fa 7f - 03 00 00 00 c0 ff a6 03 Hz..............
03a6ffd8 03 00 00 00 ff ff ff ff - 5b 61 e8 77 80 b5 e8 77 ........[a.w...w
03a6ffe8 00 00 00 00 00 00 00 00 - 00 00 00 00 1c 4d 57 35 .............MW5
03a6fff8 48 7a 17 01 00 00 00 00 - 08 00 00 00 02 01 00 00 Hz..............
03a70008 ee ff ee ff 00 00 00 00 - 00 00 17 01 00 80 00 00 ................
03a70018 00 00 a7 03 00 02 00 00 - 40 00 a7 03 00 00 c7 03 ........@.......
03a70028 08 00 00 00 01 00 00 00 - a8 05 17 01 00 00 00 00 ................
03a70038 40 75 c6 03 00 00 00 00 - 61 ca 08 00 02 01 08 00 @u......a.......
03a70048 78 01 17 01 08 eb b1 02 - 00 00 00 00 00 00 00 00 x...............
03a70058 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................

Thanks!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode