<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#000000">
<font color="#cc0000"><b>Case #1/</b></font><br>
RetAddr : Args to
Child : Call
Site<br>
00000000`7782ef04 : 00000000`00000001 00000000`50000063
00000000`777d9130 00000000`c0000374 : ntdll!DbgBreakPoint<br>
00000000`7782fa46 : 00000000`00000002 00000000`00000020
00000000`00000000 00000000`0000000c :
ntdll!RtlUnhandledExceptionFilter+0xc84<br>
00000000`778311a6 : 00000000`00000000 00000000`777a747e
00000000`0c030101 00000000`6a62fb80 :
ntdll!EtwEnumerateProcessRegGuids+0x216<br>
00000000`77832be4 : 00000000`00260000 00000000`50000163
b9ed2980`3b10e570 00000000`77805cad :
ntdll!RtlQueryProcessBackTraceInformation+0xdd6<br>
00000000`777dd16b : 00000000`00260000 00000000`089e1790
00000000`089e04d0 00000000`77790000 : ntdll!RtlGetCallersAddress+0x164<br>
00000000`777c97b5 : 00000000`00260000 00000000`50000163
00000000`00000540 00000000`00000570 :
ntdll!LdrGetProcedureAddress+0xdadb<br>
00000000`778417dd : 00000000`00000000 00000000`00000000
00000000`40000060 00000000`50000163 :
ntdll!AlpcGetMessageAttribute+0x905<br>
00000000`77809788 : 00000000`00260000 00000000`50000163
00000000`00260000 00000000`0bc34e60 : ntdll!EtwLogTraceEvent+0x132d<br>
00000000`777c97b5 : 00000000`00260000 00000000`40000062
00000000`00000540 00000000`00000000 : ntdll!MD4Final+0xb038<br>
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for C:\Windows\system32\msvcrt.dll - <br>
000007fe`fe1d130a : 00000000`08b358c0 00000000`00000540
00000000`089cc170 00000000`00000000 :
ntdll!AlpcGetMessageAttribute+0x905<br>
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll - <br>
00000000`6a5aba1c : 00000000`000004a0 00000000`00000000
00000000`00000002 00000000`08b6c468 : msvcrt!malloc+0x56<br>
00000000`000004a0 : 00000000`00000000 00000000`00000002
00000000`08b6c468 00000000`00000000 : libvlccore!block_Alloc+0x2c<br>
00000000`00000000 : 00000000`00000002 00000000`08b6c468
00000000`00000000 00000000`0bad7ca8 : 0x4a0<br>
<br>
ntoskrnl.exe!IoAcquireRemoveLockEx+0xe7<br>
ntoskrnl.exe!memset+0x22a<br>
ntoskrnl.exe!KeWaitForSingleObject+0x2cb<br>
ntoskrnl.exe!LsaCallAuthenticationPackage+0x2978<br>
ntoskrnl.exe!SeAuditHardLinkCreation+0x24c<br>
ntoskrnl.exe!CcCopyRead+0xec3<br>
ntoskrnl.exe!FsRtlTruncateBaseMcb+0x1fa<br>
ntoskrnl.exe!ZwUnloadKeyEx+0x2489<br>
ntoskrnl.exe!ZwUnloadKeyEx+0x757<br>
ntdll.dll!DbgBreakPoint+0x1<br>
ntdll.dll!RtlUnhandledExceptionFilter+0xc84<br>
ntdll.dll!EtwEnumerateProcessRegGuids+0x216<br>
ntdll.dll!RtlQueryProcessBackTraceInformation+0xdd6<br>
ntdll.dll!RtlGetCallersAddress+0x164<br>
ntdll.dll!RtlLogStackBackTrace+0x579<br>
ntdll.dll!LdrGetProcedureAddress+0xda6c<br>
ntdll.dll!AlpcGetMessageAttribute+0x905<br>
ntdll.dll!EtwLogTraceEvent+0x132d<br>
ntdll.dll!MD4Final+0xb038<br>
ntdll.dll!AlpcGetMessageAttribute+0x905<br>
msvcrt.dll!malloc+0x56<br>
libvlccore.dll!block_Alloc+0x2c<br>
<br>
[0x89feac8] main input debug: control type=4<br>
[0x7eec928] main audio output warning: audio drift is too big (54830),
dropping buffer<br>
[0x7eec928] main audio output warning: audio drift is too big (48830),
dropping buffer<br>
[0x7eec928] main audio output warning: audio drift is too big (42830),
dropping buffer<br>
[0x7eec928] main audio output warning: audio drift is too big (36830),
dropping buffer<br>
[0x7eec928] main audio output warning: audio drift is too big (30830),
dropping buffer<br>
[0xb2bbdd8] mpgatofixed32 audio filter debug: libmad error: bad
main_data_begin pointer<br>
<br>
Program received signal SIGSEGV, Segmentation fault.<br>
[Switching to thread 9560.0x2498]<br>
0x000000006a5b58f9 in ?? ()<br>
(gdb) bt<br>
#0 0x000000006a5b58f9 in ?? ()<br>
#1 0x0000000007eec928 in ?? ()<br>
#2 0x000000006a5c8357 in ?? ()<br>
#3 0x0000000064a4fbff in ?? ()<br>
#4 0x000000006a5c8357 in ?? ()<br>
#5 0x0000000007e9b330 in ?? ()<br>
#6 0x000000000e12fc9f in ?? ()<br>
#7 0x0000000000000000 in ?? ()<br>
(gdb) disass $pc-30 $pc+30<br>
Dump of assembler code from 0x6a5b58db to 0x6a5b5917:<br>
0x000000006a5b58db: movss %xmm2,(%rdx)<br>
0x000000006a5b58df: je 0x6a5b558b<br>
0x000000006a5b58e5: mov (%rax),%rcx<br>
0x000000006a5b58e8: mov (%rcx),%eax<br>
0x000000006a5b58ea: mov %eax,(%r9)<br>
0x000000006a5b58ed: jmpq 0x6a5b558b<br>
0x000000006a5b58f2: mov 0x28(%rsi),%rdx<br>
0x000000006a5b58f6: mov (%rdx),%rsi<br>
0x000000006a5b58f9: add %edi,(%rsi)<br>
0x000000006a5b58fb: test %r9,%r9<br>
0x000000006a5b58fe: je 0x6a5b5506<br>
0x000000006a5b5904: mov (%rdx),%r8<br>
0x000000006a5b5907: mov (%r8),%ebp<br>
0x000000006a5b590a: mov %ebp,(%r9)<br>
0x000000006a5b590d: jmpq 0x6a5b5506<br>
0x000000006a5b5912: mov 0x28(%rsi),%rdx<br>
0x000000006a5b5916: mov (%rdx),%rbx<br>
End of assembler dump.<br>
(gdb) print $pc<br>
$1 = (void (*)()) 0x6a5b58f9<br>
(gdb) info registers<br>
rax 0x0 0<br>
rcx 0x1 1<br>
rdx 0xb2bc640 187418176<br>
rbx 0xba35098 195252376<br>
rsp 0xe12fb00 236124928<br>
rbp 0x6a5b555c 1784370524<br>
rsi 0x0 0<br>
rdi 0x1 1<br>
r8 0x6a62ee68 1784868456<br>
r9 0xe12fc30 236125232<br>
r10 0xfffffffffff866f4 -497932<br>
r11 0x1 1<br>
r12 0x7eec928 133089576<br>
r13 0x0 0<br>
r14 0x0 0<br>
r15 0xba35fa8 195256232<br>
rip 0x6a5b58f9 0x6a5b58f9<br>
eflags 0x10246 [ PF ZF IF RF ]<br>
cs 0x33 51<br>
ss 0x2b 43<br>
ds 0x2b 43<br>
es 0x2b 43<br>
fs 0x53 83<br>
gs 0x2b 43<br>
<br>
<br>
<font color="#cc0000"><b>Case #2/</b></font><br>
ntoskrnl.exe!IoAcquireRemoveLockEx+0xe7<br>
ntoskrnl.exe!memset+0x22a<br>
ntoskrnl.exe!KeWaitForSingleObject+0x2cb<br>
ntoskrnl.exe!LsaCallAuthenticationPackage+0x2978<br>
ntoskrnl.exe!SeAuditHardLinkCreation+0x24c<br>
ntoskrnl.exe!CcCopyRead+0xec3<br>
ntoskrnl.exe!FsRtlTruncateBaseMcb+0x1fa<br>
ntoskrnl.exe!ZwUnloadKeyEx+0x2489<br>
ntoskrnl.exe!ZwUnloadKeyEx+0x757<br>
ntdll.dll!DbgBreakPoint+0x1<br>
ntdll.dll!EtwEventProviderEnabled+0x116a<br>
ntdll.dll!RtlExtendMemoryBlockLookaside+0x389<br>
ntdll.dll!LdrGetProcedureAddress+0x18659<br>
ntdll.dll!RtlTraceDatabaseCreate+0x1899<br>
ntdll.dll!MD4Final+0x755d<br>
ntdll.dll!AlpcGetMessageAttribute+0x65<br>
kernel32.dll!HeapFree+0xa<br>
msvcrt.dll!free+0x1c<br>
libbandlimited_resampler_plugin.dll+0x1424<br>
libvlccore.dll!_module_unneed+0x22<br>
libvlccore.dll!aout_CheckChannelExtraction+0x15f5<br>
kernel32.dll!SetEvent+0xc<br>
<br>
[0x7ecba68] main video output debug: [10] 4 0<br>
[0x7ecba68] main video output debug: [11] 2 0<br>
[0x7ecba68] main video output debug: [12] 4 0<br>
[0x7ecba68] main video output debug: [13] 4 0<br>
[0x7ecba68] main video output debug: [14] 2 0<br>
[0x7ecba68] main video output debug: [15] 4 0<br>
[0x7de9ae8] main input debug: saving a free vout<br>
[0x7e733f8] main decoder debug: thread times: real 0m52.082000s, kernel
0m0.000000s, user 0m3.572422s<br>
[0x7e733f8] main decoder debug: removing module "mpeg_audio"<br>
[0x7e733f8] main decoder debug: killing decoder fourcc `mpga', 0 PES in
FIFO<br>
[0x7df0948] main audio filter debug: removing module "mpgatofixed32"<br>
<br>
Program received signal SIGTRAP, Trace/breakpoint trap.<br>
[Switching to thread 12120.0x20d8]<br>
0x00000000777c6061 in ?? ()<br>
(gdb) warning: HEAP[vlc.exe]: <br>
warning: Heap block at 0000000007DF0680 modified at 0000000007DF07A0
past requested size of 110<br>
<br>
disass $pc-30 $pc+30<br>
Dump of assembler code from 0x777c6043 to 0x777c607f:<br>
0x00000000777c6043: add %al,(%rax)<br>
0x00000000777c6045: lsl %ax,%eax<br>
0x00000000777c6048: shr $0xe,%eax<br>
0x00000000777c604b: retq <br>
0x00000000777c604c: nop <br>
0x00000000777c604d: nop <br>
0x00000000777c604e: nop <br>
0x00000000777c604f: nop <br>
0x00000000777c6050: int3 <br>
0x00000000777c6051: int3 <br>
0x00000000777c6052: int3 <br>
0x00000000777c6053: int3 <br>
0x00000000777c6054: int3 <br>
0x00000000777c6055: int3 <br>
0x00000000777c6056: xchg %ax,%ax<br>
0x00000000777c605a: xchg %ax,%ax<br>
0x00000000777c605e: xchg %ax,%ax<br>
0x00000000777c6060: int3 <br>
0x00000000777c6061: retq <br>
0x00000000777c6062: int3 <br>
0x00000000777c6063: int3 <br>
0x00000000777c6064: int3 <br>
0x00000000777c6065: int3 <br>
0x00000000777c6066: int3 <br>
0x00000000777c6067: int3 <br>
0x00000000777c6068: xchg %ax,%ax<br>
0x00000000777c606c: xchg %ax,%ax<br>
0x00000000777c6070: int3 <br>
0x00000000777c6071: retq <br>
0x00000000777c6072: int3 <br>
0x00000000777c6073: int3 <br>
0x00000000777c6074: int3 <br>
0x00000000777c6075: int3 <br>
0x00000000777c6076: int3 <br>
0x00000000777c6077: int3 <br>
0x00000000777c6078: xchg %ax,%ax<br>
0x00000000777c607c: xchg %ax,%ax<br>
End of assembler dump.<br>
(gdb) info registers<br>
rax 0x7fffff0c000 8796092022784<br>
rcx 0x7df0680 132056704<br>
rdx 0x7fffffd3000 8796092837888<br>
rbx 0x7df0680 132056704<br>
rsp 0x973f2e8 158593768<br>
rbp 0x0 0<br>
rsi 0x7df07a0 132056992<br>
rdi 0x110 272<br>
r8 0x200 512<br>
r9 0xfffffffd 4294967293<br>
r10 0x0 0<br>
r11 0x973eeb0 158592688<br>
r12 0x50000063 1342177379<br>
r13 0x7e71200 132583936<br>
r14 0x7df0690 132056720<br>
r15 0x7e71250 132584016<br>
rip 0x777c6061 0x777c6061<br>
eflags 0x202 [ IF ]<br>
cs 0x33 51<br>
ss 0x2b 43<br>
ds 0x2b 43<br>
es 0x2b 43<br>
fs 0x53 83<br>
gs 0x2b 43<br>
(gdb) print $pc<br>
$2 = (void (*)()) 0x777c6061<br>
<br>
<font color="#cc0000"><b>Case #3/</b></font><br>
(1b88.1534): Access violation - code c0000005 (first chance)<br>
First chance exceptions are reported before any exception handling.<br>
This exception may be expected and handled.<br>
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll - <br>
libvlccore!_vlc_thread_join+0x8b9:<br>
00000000`6a5b58f9 013e add dword ptr [rsi],edi
ds:00000000`00000000=????????<br>
<br>
RetAddr : Args to
Child : Call
Site<br>
00000000`05f48a58 : 00000000`6a5c8357 00000000`6494fbff
00000000`6a5c8357 00000000`05f9bb60 : libvlccore!_vlc_thread_join+0x8b9<br>
00000000`6a5c8357 : 00000000`6494fbff 00000000`6a5c8357
00000000`05f9bb60 00000000`0896fc9f : 0x5f48a58<br>
00000000`6494fbff : 00000000`6a5c8357 00000000`05f9bb60
00000000`0896fc9f 00000000`00000000 : libvlccore!vlc_mutex_unlock+0x37<br>
00000000`6a5c8357 : 00000000`05f9bb60 00000000`0896fc9f
00000000`00000000 00000000`6a59977d : 0x6494fbff<br>
00000000`05f9bb60 : 00000000`0896fc9f 00000000`00000000
00000000`6a59977d 00000000`05f9bb60 : libvlccore!vlc_mutex_unlock+0x37<br>
00000000`0896fc9f : 00000000`00000000 00000000`6a59977d
00000000`05f9bb60 00000000`06174a20 : 0x5f9bb60<br>
00000000`00000000 : 00000000`6a59977d 00000000`05f9bb60
00000000`06174a20 00000000`00000001 : 0x896fc9f<br>
<br>
[0x7c42da8] main input debug: control type=4<br>
[0x7ea4da8] main audio output warning: audio drift is too big (70529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (64529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (58529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (52529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (46529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (40529),
dropping buffer<br>
[0x7ea4da8] main audio output warning: audio drift is too big (34529),
dropping buffer<br>
[0x7ea5ad8] mpgatofixed32 audio filter debug: libmad error: bad
main_data_begin pointer<br>
<br>
Program received signal SIGSEGV, Segmentation fault.<br>
[Switching to thread 9236.0x2fe0]<br>
0x0000000002f88dbb in ?? ()<br>
(gdb) bt<br>
#0 0x0000000002f88dbb in ?? ()<br>
#1 0x0000000000000095 in ?? ()<br>
#2 0x0000000000000000 in ?? ()<br>
(gdb) disass $pc-30 $pc+30<br>
Dump of assembler code from 0x2f88d9d to 0x2f88dd9:<br>
0x0000000002f88d9d: cmovne %esi,%edx<br>
0x0000000002f88da0: sub $0x4,%r8<br>
0x0000000002f88da4: cmp %r14,%r8<br>
0x0000000002f88da7: je 0x2f88dd5<br>
0x0000000002f88da9: mov 0x3688(%rbx),%r9<br>
0x0000000002f88db0: movslq (%r9,%r8,1),%r9<br>
0x0000000002f88db4: add 0x3d90(%rbx),%r9<br>
0x0000000002f88dbb: movzbl (%r9),%r12d<br>
0x0000000002f88dbf: movzbl %r12b,%r10d<br>
0x0000000002f88dc3: test %r11d,%r10d<br>
0x0000000002f88dc6: cmovne %eax,%edx<br>
0x0000000002f88dc9: test %ebp,%r10d<br>
0x0000000002f88dcc: je 0x2f88d8f<br>
0x0000000002f88dce: mov $0x1,%edx<br>
0x0000000002f88dd3: jmp 0x2f88d99<br>
0x0000000002f88dd5: mov 0xcc(%rbx),%ebp<br>
End of assembler dump.<br>
(gdb) info registers<br>
rax 0x1 1<br>
rcx 0x1 1<br>
rdx 0x0 0<br>
rbx 0x7e9de40 132767296<br>
rsp 0xbc2f7a0 197326752<br>
rbp 0x10 16<br>
rsi 0x0 0<br>
rdi 0x8 8<br>
r8 0x3c 60<br>
r9 0xffffffffc42fdbc0 -1003496512<br>
r10 0x1 1<br>
r11 0x2 2<br>
r12 0x7f 127<br>
r13 0x2 2<br>
r14 0xfffffffffffffffc -4<br>
r15 0xbc2fb0c 197327628<br>
rip 0x2f88dbb 0x2f88dbb<br>
eflags 0x10286 [ PF SF IF RF ]<br>
cs 0x33 51<br>
ss 0x2b 43<br>
ds 0x2b 43<br>
es 0x2b 43<br>
fs 0x53 83<br>
gs 0x2b 43<br>
(gdb) print $pc<br>
$1 = (void (*)()) 0x2f88dbb<br>
<br>
</body>
</html>