=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2019.12.01 16:59:38 =~=~=~=~=~=~=~=~=~=~=~= (ntoskrnl/kd/kdio.c:105) ----------------------------------------------------- (ntoskrnl/kd/kdio.c:106) ReactOS 0.4.14-dev (Build 20191201-0.4.14-dev-518-g962ff6e) (Commit 962ff6e2fa96dd9f6f5fee0e04551d4a54c076ec) (ntoskrnl/kd/kdio.c:107) 1 System Processor [2048 MB Memory] (ntoskrnl/kd/kdio.c:108) Command Line: DEBUG DEBUGPORT=COM1 BAUDRATE=115200 SOS (ntoskrnl/kd/kdio.c:109) ARC Paths: multi(0)disk(0)rdisk(0)partition(1) \ multi(0)disk(0)rdisk(0)partition(1) \ReactOS\ (ntoskrnl/ke/i386/cpu.c:450) Supported CPU features : KF_V86_VIS KF_RDTSC KF_CR4 KF_CMOV KF_GLOBAL_PAGE KF_LARGE_PAGE KF_MTRR KF_CMPXCHG8B KF_MMX KF_WORKING_PTE KF_PAT KF_FXSR KF_XMMI KF_XMMI64 (ntoskrnl/ke/i386/cpu.c:722) Prefetch Cache: 64 bytes L2 Cache: 0 bytes L2 Cache Line: 64 bytes L2 Cache Associativity: 0 (hal/halx86/acpi/halacpi.c:782) ACPI Timer at: 4008h (EXT: 256) (hal/halx86/acpi/halacpi.c:891) ACPI 2.0 Detected. Tables: [XSDT] [FACP] (ntoskrnl/mm/ARM3/mminit.c:1452) HAL I/O Mapping at FFFE0000 is unsafe (ntoskrnl/ke/i386/cpu.c:1038) No support for SYSENTER detected. (ntoskrnl/ke/i386/kiinit.c:252) Sampling CPU frequency failed. Using average of 2855 MHz (ntoskrnl/mm/mminit.c:131) 0x80000000 - 0x83400000 Boot Loaded Image (ntoskrnl/mm/mminit.c:135) 0xB0000000 - 0xB0E01000 PFN Database (ntoskrnl/mm/mminit.c:139) 0xB0E01000 - 0xB4DB9000 ARM3 Non Paged Pool (ntoskrnl/mm/mminit.c:143) 0xB9400000 - 0xBB400000 System View Space (ntoskrnl/mm/mminit.c:147) 0xBB400000 - 0xC0000000 Session Space (ntoskrnl/mm/mminit.c:150) 0xC0000000 - 0xC03FFFFF Page Tables (ntoskrnl/mm/mminit.c:153) 0xC0300000 - 0xC0300FFF Page Directories (ntoskrnl/mm/mminit.c:156) 0xC0400000 - 0xC07FFFFF Hyperspace (ntoskrnl/mm/mminit.c:159) 0xC1000000 - 0xE0FFFFFF System Cache (ntoskrnl/mm/mminit.c:163) 0xE1000000 - 0xECC00000 ARM3 Paged Pool (ntoskrnl/mm/mminit.c:166) 0xECC00000 - 0xF7BE0000 System PTE Space (ntoskrnl/mm/mminit.c:169) 0xF7BE0000 - 0xFFBE0000 Non Paged Pool Expansion PTE Space (ntoskrnl/mm/ARM3/sysldr.c:2467) Skipping NT 4 driver @ 80800000 (sdk/lib/cmlib/hiveinit.c:277) Invalid bin at BlockIndex 167, Signature 0x0, Size 0x0 *** Fatal System Error: 0x00000067 (0x00000001,0x00000007,0x00000000,0x00000000)  Entered debugger on embedded INT3 at 0x0008:0x809568c8. kdb:> bt Eip: Frames: <5d8950ec> Couldn't access memory at 0x83E58959! kdb:> bt Eip: Frames: <5d8950ec> Couldn't access memory at 0x83E58959! kdb:> cref gs CR0 0x80010031 PE ET NE WP PG CR2 0xe10bb000 CR3 0x03000000 Pagedir-Base 0x03000000 CR4 0x00000618 DE PSE OSFXSR OSXMMEXCPT GDTR Base 0x8070d000 Size 0x03ff LDTR 0x0000 IDTR Base 0x8070d400 Size 0x07ff TR 0x0028 kdb:> disasm : ret $0x4 : push %ebp : mov %esp,%ebp : mov 0x10(%ebp),%eax : mov 0x8(%ebp),%ecx : mov 0xc(%ebp),%edx : int $0x2d : int3 : pop %ebp : ret $0xc kdb:> dmesg Dmesg: error, buffer is not allocated! /DEBUGPORT=SCREEN kernel param required for dmesg. kdb:> dregs DR0 0xf77b47fc DR1 0x00200282 DR2 0x80803eae DR3 0x00000008 DR6 0x00200282 DR7 0x00000000 kdb:> dt Command 'dt' is unknown. kdb:> filter REMARKS: - The 'WIN2000' system-wide debug filter component is used for DbgPrint() messages without Component ID and Level. - The 'DEFAULT' debug filter component is used for DbgPrint() messages with an unknown Component ID. The list of debug filter components currently available on your system is: Component Name Component ID ================ ============== WIN2000 0xffffffff DEFAULT 0x00000065 SYSTEM 0x00000000 SMSS 0x00000001 SETUP 0x00000002 NTFS 0x00000003 FSTUB 0x00000004 CRASHDUMP 0x00000005 CDAUDIO 0x00000006 CDROM 0x00000007 CLASSPNP 0x00000008 DISK 0x00000009 --- Press q to abort, any other key to continue --- REDBOOK 0x0000000a STORPROP 0x0000000b SCSIPORT 0x0000000c SCSIMINIPORT 0x0000000d CONFIG 0x0000000e I8042PRT 0x0000000f SERMOUSE 0x00000010 LSERMOUS 0x00000011 KBDHID 0x00000012 MOUHID 0x00000013 KBDCLASS 0x00000014 MOUCLASS 0x00000015 TWOTRACK 0x00000016 WMILIB 0x00000017 ACPI 0x00000018 AMLI 0x00000019 HALIA64 0x0000001a VIDEO 0x0000001b SVCHOST 0x0000001c VIDEOPRT 0x0000001d TCPIP 0x0000001e --- Press q to abort, any other key to continue --- DMSYNTH 0x0000001f NTOSPNP 0x00000020 FASTFAT 0x00000021 SAMSS 0x00000022 PNPMGR 0x00000023 NETAPI 0x00000024 SCSERVER 0x00000025 SCCLIENT 0x00000026 SERIAL 0x00000027 SERENUM 0x00000028 UHCD 0x00000029 RPCPROXY 0x0000002a AUTOCHK 0x0000002b DCOMSS 0x0000002c UNIMODEM 0x0000002d SIS 0x0000002e FLTMGR 0x0000002f WMICORE 0x00000030 BURNENG 0x00000031 IMAPI 0x00000032 SXS 0x00000033 --- Press q to abort, any other key to continue --- FUSION 0x00000034 IDLETASK 0x00000035 SOFTPCI 0x00000036 TAPE 0x00000037 MCHGR 0x00000038 IDEP 0x00000039 PCIIDE 0x0000003a FLOPPY 0x0000003b FDC 0x0000003c TERMSRV 0x0000003d W32TIME 0x0000003e PREFETCHER 0x0000003f RSFILTER 0x00000040 FCPORT 0x00000041 PCI 0x00000042 DMIO 0x00000043 DMCONFIG 0x00000044 DMADMIN 0x00000045 WSOCKTRANSPORT 0x00000046 VSS 0x00000047 PNPMEM 0x00000048 --- Press q to abort, any other key to continue --- PROCESSOR 0x00000049 DMSERVER 0x0000004a SR 0x0000004b INFINIBAND 0x0000004c IHVDRIVER 0x0000004d IHVVIDEO 0x0000004e IHVAUDIO 0x0000004f IHVNETWORK 0x00000050 IHVSTREAMING 0x00000051 IHVBUS 0x00000052 HPS 0x00000053 RTLTHREADPOOL 0x00000054 LDR 0x00000055 TCPIP6 0x00000056 ISAPNP 0x00000057 SHPC 0x00000058 STORPORT 0x00000059 STORMINIPORT 0x0000005a PRINTSPOOLER 0x0000005b VSSDYNDISK 0x0000005c VERIFIER 0x0000005d --- Press q to abort, any other key to continue --- VDS 0x0000005e VDSBAS 0x0000005f VDSDYN 0x00000060 VDSDYNDR 0x00000061 VDSLDR 0x00000062 VDSUTIL 0x00000063 DFRGIFC 0x00000064 MM 0x00000066 DFSC 0x00000067 WOW64 0x00000068 ALPC 0x00000069 WDI 0x0000006a PERFLIB 0x0000006b KTM 0x0000006c IOSTRESS 0x0000006d HEAP 0x0000006e WHEA 0x0000006f USERGDI 0x00000070 MMCSS 0x00000071 TPM 0x00000072 THREADORDER 0x00000073 --- Press q to abort, any other key to continue --- ENVIRON 0x00000074 EMS 0x00000075 WDT 0x00000076 FVEVOL 0x00000077 NDIS 0x00000078 NVCTRACE 0x00000079 LUAFV 0x0000007a APPCOMPAT 0x0000007b USBSTOR 0x0000007c SBP2PORT 0x0000007d COVERAGE 0x0000007e CACHEMGR 0x0000007f MOUNTMGR 0x00000080 CFR 0x00000081 TXF 0x00000082 KSECDD 0x00000083 FLTREGRESS 0x00000084 MPIO 0x00000085 MSDSM 0x00000086 UDFS 0x00000087 PSHED 0x00000088 --- Press q to abort, any other key to continue --- STORVSP 0x00000089 LSASS 0x0000008a SSPICLI 0x0000008b CNG 0x0000008c EXFAT 0x0000008d FILETRACE 0x0000008e XSAVE 0x0000008f SE 0x00000090 DRIVEEXTENDER 0x00000091 kdb:> gdt GDT Base: 0x8070d000 Limit: 0x03ff Idx Sel. Type Base Limit DPL Attribs 001 0x0008 CODE32 0x00000000 0x0fffffff 00 R/X A 002 0x0010 DATA32 0x00000000 0x0fffffff 00 R/W A 003 0x001b CODE32 0x00000000 0x0fffffff 03 R/X 004 0x0023 DATA32 0x00000000 0x0fffffff 03 R/W A 005 0x0028 TSS32(Busy) 0x8009c000 0x000020ac 00 006 0x0030 DATA32 0xffdff000 0x00001fff 00 R/W A 007 0x003b DATA32 0x00000000 0x00001000 03 R/W A 008 0x0043 DATA16 0x00000400 0x00010000 03 R/W 009 0x0048 UNKNOWN [NP] [NP] 00 NP 010 0x0050 TSS32(Avl) 0x80a16cc0 0x00000069 00 011 0x0058 TSS32(Avl) 0x80a16c40 0x00000069 00 012 0x0060 DATA16 0x00020000 0x00010000 00 R/W 013 0x0068 DATA16 0x000b8000 0x00004000 00 R/W 014 0x0070 DATA16 0xffff7000 0x00000400 00 R/W 015 0x0078 UNKNOWN [NP] [NP] 00 NP 016 0x0080 UNKNOWN [NP] [NP] 00 NP 017 0x0088 UNKNOWN [NP] [NP] 00 NP 018 0x0090 UNKNOWN [NP] [NP] 00 NP 019 0x0098 UNKNOWN [NP] [NP] 00 NP 020 0x00a0 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 021 0x00a8 UNKNOWN [NP] [NP] 00 NP 022 0x00b0 UNKNOWN [NP] [NP] 00 NP 023 0x00b8 UNKNOWN [NP] [NP] 00 NP 024 0x00c0 UNKNOWN [NP] [NP] 00 NP 025 0x00c8 UNKNOWN [NP] [NP] 00 NP 026 0x00d0 UNKNOWN [NP] [NP] 00 NP 027 0x00d8 UNKNOWN [NP] [NP] 00 NP 028 0x00e0 UNKNOWN [NP] [NP] 00 NP 029 0x00e8 UNKNOWN [NP] [NP] 00 NP 030 0x00f0 UNKNOWN [NP] [NP] 00 NP 031 0x00f8 UNKNOWN [NP] [NP] 00 NP 032 0x0100 UNKNOWN [NP] [NP] 00 NP 033 0x0108 UNKNOWN [NP] [NP] 00 NP 034 0x0110 UNKNOWN [NP] [NP] 00 NP 035 0x0118 UNKNOWN [NP] [NP] 00 NP 036 0x0120 UNKNOWN [NP] [NP] 00 NP 037 0x0128 UNKNOWN [NP] [NP] 00 NP 038 0x0130 UNKNOWN [NP] [NP] 00 NP 039 0x0138 UNKNOWN [NP] [NP] 00 NP 040 0x0140 UNKNOWN [NP] [NP] 00 NP 041 0x0148 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 042 0x0150 UNKNOWN [NP] [NP] 00 NP 043 0x0158 UNKNOWN [NP] [NP] 00 NP 044 0x0160 UNKNOWN [NP] [NP] 00 NP 045 0x0168 UNKNOWN [NP] [NP] 00 NP 046 0x0170 UNKNOWN [NP] [NP] 00 NP 047 0x0178 UNKNOWN [NP] [NP] 00 NP 048 0x0180 UNKNOWN [NP] [NP] 00 NP 049 0x0188 UNKNOWN [NP] [NP] 00 NP 050 0x0190 UNKNOWN [NP] [NP] 00 NP 051 0x0198 UNKNOWN [NP] [NP] 00 NP 052 0x01a0 UNKNOWN [NP] [NP] 00 NP 053 0x01a8 UNKNOWN [NP] [NP] 00 NP 054 0x01b0 UNKNOWN [NP] [NP] 00 NP 055 0x01b8 UNKNOWN [NP] [NP] 00 NP 056 0x01c0 UNKNOWN [NP] [NP] 00 NP 057 0x01c8 UNKNOWN [NP] [NP] 00 NP 058 0x01d0 UNKNOWN [NP] [NP] 00 NP 059 0x01d8 UNKNOWN [NP] [NP] 00 NP 060 0x01e0 UNKNOWN [NP] [NP] 00 NP 061 0x01e8 UNKNOWN [NP] [NP] 00 NP 062 0x01f0 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 063 0x01f8 UNKNOWN [NP] [NP] 00 NP 064 0x0200 UNKNOWN [NP] [NP] 00 NP 065 0x0208 UNKNOWN [NP] [NP] 00 NP 066 0x0210 UNKNOWN [NP] [NP] 00 NP 067 0x0218 UNKNOWN [NP] [NP] 00 NP 068 0x0220 UNKNOWN [NP] [NP] 00 NP 069 0x0228 UNKNOWN [NP] [NP] 00 NP 070 0x0230 UNKNOWN [NP] [NP] 00 NP 071 0x0238 UNKNOWN [NP] [NP] 00 NP 072 0x0240 UNKNOWN [NP] [NP] 00 NP 073 0x0248 UNKNOWN [NP] [NP] 00 NP 074 0x0250 UNKNOWN [NP] [NP] 00 NP 075 0x0258 UNKNOWN [NP] [NP] 00 NP 076 0x0260 UNKNOWN [NP] [NP] 00 NP 077 0x0268 UNKNOWN [NP] [NP] 00 NP 078 0x0270 UNKNOWN [NP] [NP] 00 NP 079 0x0278 UNKNOWN [NP] [NP] 00 NP 080 0x0280 UNKNOWN [NP] [NP] 00 NP 081 0x0288 UNKNOWN [NP] [NP] 00 NP 082 0x0290 UNKNOWN [NP] [NP] 00 NP 083 0x0298 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 084 0x02a0 UNKNOWN [NP] [NP] 00 NP 085 0x02a8 UNKNOWN [NP] [NP] 00 NP 086 0x02b0 UNKNOWN [NP] [NP] 00 NP 087 0x02b8 UNKNOWN [NP] [NP] 00 NP 088 0x02c0 UNKNOWN [NP] [NP] 00 NP 089 0x02c8 UNKNOWN [NP] [NP] 00 NP 090 0x02d0 UNKNOWN [NP] [NP] 00 NP 091 0x02d8 UNKNOWN [NP] [NP] 00 NP 092 0x02e0 UNKNOWN [NP] [NP] 00 NP 093 0x02e8 UNKNOWN [NP] [NP] 00 NP 094 0x02f0 UNKNOWN [NP] [NP] 00 NP 095 0x02f8 UNKNOWN [NP] [NP] 00 NP 096 0x0300 UNKNOWN [NP] [NP] 00 NP 097 0x0308 UNKNOWN [NP] [NP] 00 NP 098 0x0310 UNKNOWN [NP] [NP] 00 NP 099 0x0318 UNKNOWN [NP] [NP] 00 NP 100 0x0320 UNKNOWN [NP] [NP] 00 NP 101 0x0328 UNKNOWN [NP] [NP] 00 NP 102 0x0330 UNKNOWN [NP] [NP] 00 NP 103 0x0338 UNKNOWN [NP] [NP] 00 NP 104 0x0340 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 105 0x0348 UNKNOWN [NP] [NP] 00 NP 106 0x0350 UNKNOWN [NP] [NP] 00 NP 107 0x0358 UNKNOWN [NP] [NP] 00 NP 108 0x0360 UNKNOWN [NP] [NP] 00 NP 109 0x0368 UNKNOWN [NP] [NP] 00 NP 110 0x0370 UNKNOWN [NP] [NP] 00 NP 111 0x0378 UNKNOWN [NP] [NP] 00 NP 112 0x0380 UNKNOWN [NP] [NP] 00 NP 113 0x0388 UNKNOWN [NP] [NP] 00 NP 114 0x0390 UNKNOWN [NP] [NP] 00 NP 115 0x0398 UNKNOWN [NP] [NP] 00 NP 116 0x03a0 UNKNOWN [NP] [NP] 00 NP 117 0x03a8 UNKNOWN [NP] [NP] 00 NP 118 0x03b0 UNKNOWN [NP] [NP] 00 NP 119 0x03b8 UNKNOWN [NP] [NP] 00 NP 120 0x03c0 UNKNOWN [NP] [NP] 00 NP 121 0x03c8 UNKNOWN [NP] [NP] 00 NP 122 0x03d0 UNKNOWN [NP] [NP] 00 NP 123 0x03d8 UNKNOWN [NP] [NP] 00 NP 124 0x03e0 UNKNOWN [NP] [NP] 00 NP 125 0x03e8 UNKNOWN [NP] [NP] 00 NP --- Press q to abort, any other key to continue --- 126 0x03f0 UNKNOWN [NP] [NP] 00 NP 127 0x03f8 UNKNOWN [NP] [NP] 00 NP kdb:> idt IDT Base: 0x8070d400 Limit: 0x07ff Idx Type Seg. Sel. Offset DPL 000 INTGATE32 0x0008 0x80802efc 00 001 INTGATE32 0x0008 0x80802f89 00 002 TASKGATE 0x0058 00 003 INTGATE32 0x0008 0x8080301e 03 004 INTGATE32 0x0008 0x808030ab 03 005 INTGATE32 0x0008 0x80803138 00 006 INTGATE32 0x0008 0x808031c5 00 007 INTGATE32 0x0008 0x80803252 00 008 TASKGATE 0x0050 00 009 INTGATE32 0x0008 0x808032e4 00 010 INTGATE32 0x0008 0x80803371 00 011 INTGATE32 0x0008 0x808033fe 00 012 INTGATE32 0x0008 0x8080348b 00 013 INTGATE32 0x0008 0x80803518 00 014 INTGATE32 0x0008 0x808035a5 00 015 INTGATE32 0x0008 0x80803632 00 016 INTGATE32 0x0008 0x808036bf 00 017 INTGATE32 0x0008 0x8080374c 00 018 INTGATE32 0x0008 0x80803632 00 019 INTGATE32 0x0008 0x808037d9 00 --- Press q to abort, any other key to continue --- 020 INTGATE32 0x0008 0x80803632 00 021 INTGATE32 0x0008 0x80803632 00 022 INTGATE32 0x0008 0x80803632 00 023 INTGATE32 0x0008 0x80803632 00 024 INTGATE32 0x0008 0x80803632 00 025 INTGATE32 0x0008 0x80803632 00 026 INTGATE32 0x0008 0x80803632 00 027 INTGATE32 0x0008 0x80803632 00 028 INTGATE32 0x0008 0x80803632 00 029 INTGATE32 0x0008 0x80803632 00 030 INTGATE32 0x0008 0x80803632 00 031 INTGATE32 0x0008 0x80803632 00 032 INTGATE32 0x0008 0x80803632 00 033 INTGATE32 0x0008 0x80803632 00 034 INTGATE32 0x0008 0x80803632 00 035 INTGATE32 0x0008 0x80803632 00 036 INTGATE32 0x0008 0x80803632 00 037 INTGATE32 0x0008 0x80803632 00 038 INTGATE32 0x0008 0x80803632 00 039 INTGATE32 0x0008 0x80803632 00 040 INTGATE32 0x0008 0x80803632 00 --- Press q to abort, any other key to continue --- 041 INTGATE32 0x0008 0x80803866 03 042 INTGATE32 0x0008 0x808038f3 03 043 INTGATE32 0x0008 0x80803980 03 044 INTGATE32 0x0008 0x80803a0d 03 045 INTGATE32 0x0008 0x80803a9a 03 046 INTGATE32 0x0008 0x80803c47 03 047 INTGATE32 0x0008 0x80803632 00 048 INTGATE32 0x0008 0x802d793b 00 049 INTGATE32 0x0008 0x80802953 00 050 INTGATE32 0x0008 0x8080295a 00 051 INTGATE32 0x0008 0x80802961 00 052 INTGATE32 0x0008 0x80802968 00 053 INTGATE32 0x0008 0x8080296f 00 054 INTGATE32 0x0008 0x80802976 00 055 INTGATE32 0x0008 0x8080297d 00 056 INTGATE32 0x0008 0x802d79c8 00 057 INTGATE32 0x0008 0x8080298b 00 058 INTGATE32 0x0008 0x80802992 00 059 INTGATE32 0x0008 0x80802999 00 060 INTGATE32 0x0008 0x808029a0 00 061 INTGATE32 0x0008 0x808029a7 00 --- Press q to abort, any other key to continue --- 062 INTGATE32 0x0008 0x808029ae 00 063 INTGATE32 0x0008 0x808029b5 00 064 INTGATE32 0x0008 0x808029bc 00 065 INTGATE32 0x0008 0x808029c3 00 066 INTGATE32 0x0008 0x808029ca 00 067 INTGATE32 0x0008 0x808029d1 00 068 INTGATE32 0x0008 0x808029d8 00 069 INTGATE32 0x0008 0x808029df 00 070 INTGATE32 0x0008 0x808029e6 00 071 INTGATE32 0x0008 0x808029ed 00 072 INTGATE32 0x0008 0x808029f4 00 073 INTGATE32 0x0008 0x808029fb 00 074 INTGATE32 0x0008 0x80802a02 00 075 INTGATE32 0x0008 0x80802a09 00 076 INTGATE32 0x0008 0x80802a10 00 077 INTGATE32 0x0008 0x80802a17 00 078 INTGATE32 0x0008 0x80802a1e 00 079 INTGATE32 0x0008 0x80802a25 00 080 INTGATE32 0x0008 0x80802a2c 00 081 INTGATE32 0x0008 0x80802a33 00 082 INTGATE32 0x0008 0x80802a3a 00 --- Press q to abort, any other key to continue --- 083 INTGATE32 0x0008 0x80802a41 00 084 INTGATE32 0x0008 0x80802a48 00 085 INTGATE32 0x0008 0x80802a4f 00 086 INTGATE32 0x0008 0x80802a56 00 087 INTGATE32 0x0008 0x80802a5d 00 088 INTGATE32 0x0008 0x80802a64 00 089 INTGATE32 0x0008 0x80802a6b 00 090 INTGATE32 0x0008 0x80802a72 00 091 INTGATE32 0x0008 0x80802a79 00 092 INTGATE32 0x0008 0x80802a80 00 093 INTGATE32 0x0008 0x80802a87 00 094 INTGATE32 0x0008 0x80802a8e 00 095 INTGATE32 0x0008 0x80802a95 00 096 INTGATE32 0x0008 0x80802a9c 00 097 INTGATE32 0x0008 0x80802aa3 00 098 INTGATE32 0x0008 0x80802aaa 00 099 INTGATE32 0x0008 0x80802ab1 00 100 INTGATE32 0x0008 0x80802ab8 00 101 INTGATE32 0x0008 0x80802abf 00 102 INTGATE32 0x0008 0x80802ac6 00 103 INTGATE32 0x0008 0x80802acd 00 --- Press q to abort, any other key to continue --- 104 INTGATE32 0x0008 0x80802ad4 00 105 INTGATE32 0x0008 0x80802adb 00 106 INTGATE32 0x0008 0x80802ae2 00 107 INTGATE32 0x0008 0x80802ae9 00 108 INTGATE32 0x0008 0x80802af0 00 109 INTGATE32 0x0008 0x80802af7 00 110 INTGATE32 0x0008 0x80802afe 00 111 INTGATE32 0x0008 0x80802b05 00 112 INTGATE32 0x0008 0x80802b0c 00 113 INTGATE32 0x0008 0x80802b13 00 114 INTGATE32 0x0008 0x80802b1a 00 115 INTGATE32 0x0008 0x80802b21 00 116 INTGATE32 0x0008 0x80802b28 00 117 INTGATE32 0x0008 0x80802b2f 00 118 INTGATE32 0x0008 0x80802b36 00 119 INTGATE32 0x0008 0x80802b3d 00 120 INTGATE32 0x0008 0x80802b44 00 121 INTGATE32 0x0008 0x80802b4b 00 122 INTGATE32 0x0008 0x80802b52 00 123 INTGATE32 0x0008 0x80802b59 00 124 INTGATE32 0x0008 0x80802b60 00 --- Press q to abort, any other key to continue --- 125 INTGATE32 0x0008 0x80802b67 00 126 INTGATE32 0x0008 0x80802b6e 00 127 INTGATE32 0x0008 0x80802b75 00 128 INTGATE32 0x0008 0x80802b7c 00 129 INTGATE32 0x0008 0x80802b83 00 130 INTGATE32 0x0008 0x80802b8a 00 131 INTGATE32 0x0008 0x80802b91 00 132 INTGATE32 0x0008 0x80802b98 00 133 INTGATE32 0x0008 0x80802b9f 00 134 INTGATE32 0x0008 0x80802ba6 00 135 INTGATE32 0x0008 0x80802bad 00 136 INTGATE32 0x0008 0x80802bb4 00 137 INTGATE32 0x0008 0x80802bbb 00 138 INTGATE32 0x0008 0x80802bc2 00 139 INTGATE32 0x0008 0x80802bc9 00 140 INTGATE32 0x0008 0x80802bd0 00 141 INTGATE32 0x0008 0x80802bd7 00 142 INTGATE32 0x0008 0x80802bde 00 143 INTGATE32 0x0008 0x80802be5 00 144 INTGATE32 0x0008 0x80802bec 00 145 INTGATE32 0x0008 0x80802bf3 00 --- Press q to abort, any other key to continue --- 146 INTGATE32 0x0008 0x80802bfa 00 147 INTGATE32 0x0008 0x80802c01 00 148 INTGATE32 0x0008 0x80802c08 00 149 INTGATE32 0x0008 0x80802c0f 00 150 INTGATE32 0x0008 0x80802c16 00 151 INTGATE32 0x0008 0x80802c1d 00 152 INTGATE32 0x0008 0x80802c24 00 153 INTGATE32 0x0008 0x80802c2b 00 154 INTGATE32 0x0008 0x80802c32 00 155 INTGATE32 0x0008 0x80802c39 00 156 INTGATE32 0x0008 0x80802c40 00 157 INTGATE32 0x0008 0x80802c47 00 158 INTGATE32 0x0008 0x80802c4e 00 159 INTGATE32 0x0008 0x80802c55 00 160 INTGATE32 0x0008 0x80802c5c 00 161 INTGATE32 0x0008 0x80802c63 00 162 INTGATE32 0x0008 0x80802c6a 00 163 INTGATE32 0x0008 0x80802c71 00 164 INTGATE32 0x0008 0x80802c78 00 165 INTGATE32 0x0008 0x80802c7f 00 166 INTGATE32 0x0008 0x80802c86 00 --- Press q to abort, any other key to continue --- 167 INTGATE32 0x0008 0x80802c8d 00 168 INTGATE32 0x0008 0x80802c94 00 169 INTGATE32 0x0008 0x80802c9b 00 170 INTGATE32 0x0008 0x80802ca2 00 171 INTGATE32 0x0008 0x80802ca9 00 172 INTGATE32 0x0008 0x80802cb0 00 173 INTGATE32 0x0008 0x80802cb7 00 174 INTGATE32 0x0008 0x80802cbe 00 175 INTGATE32 0x0008 0x80802cc5 00 176 INTGATE32 0x0008 0x80802ccc 00 177 INTGATE32 0x0008 0x80802cd3 00 178 INTGATE32 0x0008 0x80802cda 00 179 INTGATE32 0x0008 0x80802ce1 00 180 INTGATE32 0x0008 0x80802ce8 00 181 INTGATE32 0x0008 0x80802cef 00 182 INTGATE32 0x0008 0x80802cf6 00 183 INTGATE32 0x0008 0x80802cfd 00 184 INTGATE32 0x0008 0x80802d04 00 185 INTGATE32 0x0008 0x80802d0b 00 186 INTGATE32 0x0008 0x80802d12 00 187 INTGATE32 0x0008 0x80802d19 00 --- Press q to abort, any other key to continue --- 188 INTGATE32 0x0008 0x80802d20 00 189 INTGATE32 0x0008 0x80802d27 00 190 INTGATE32 0x0008 0x80802d2e 00 191 INTGATE32 0x0008 0x80802d35 00 192 INTGATE32 0x0008 0x80802d3c 00 193 INTGATE32 0x0008 0x80802d43 00 194 INTGATE32 0x0008 0x80802d4a 00 195 INTGATE32 0x0008 0x80802d51 00 196 INTGATE32 0x0008 0x80802d58 00 197 INTGATE32 0x0008 0x80802d5f 00 198 INTGATE32 0x0008 0x80802d66 00 199 INTGATE32 0x0008 0x80802d6d 00 200 INTGATE32 0x0008 0x80802d74 00 201 INTGATE32 0x0008 0x80802d7b 00 202 INTGATE32 0x0008 0x80802d82 00 203 INTGATE32 0x0008 0x80802d89 00 204 INTGATE32 0x0008 0x80802d90 00 205 INTGATE32 0x0008 0x80802d97 00 206 INTGATE32 0x0008 0x80802d9e 00 207 INTGATE32 0x0008 0x80802da5 00 208 INTGATE32 0x0008 0x80802dac 00 --- Press q to abort, any other key to continue --- 209 INTGATE32 0x0008 0x80802db3 00 210 INTGATE32 0x0008 0x80802dba 00 211 INTGATE32 0x0008 0x80802dc1 00 212 INTGATE32 0x0008 0x80802dc8 00 213 INTGATE32 0x0008 0x80802dcf 00 214 INTGATE32 0x0008 0x80802dd6 00 215 INTGATE32 0x0008 0x80802ddd 00 216 INTGATE32 0x0008 0x80802de4 00 217 INTGATE32 0x0008 0x80802deb 00 218 INTGATE32 0x0008 0x80802df2 00 219 INTGATE32 0x0008 0x80802df9 00 220 INTGATE32 0x0008 0x80802e00 00 221 INTGATE32 0x0008 0x80802e07 00 222 INTGATE32 0x0008 0x80802e0e 00 223 INTGATE32 0x0008 0x80802e15 00 224 INTGATE32 0x0008 0x80802e1c 00 225 INTGATE32 0x0008 0x80802e23 00 226 INTGATE32 0x0008 0x80802e2a 00 227 INTGATE32 0x0008 0x80802e31 00 228 INTGATE32 0x0008 0x80802e38 00 229 INTGATE32 0x0008 0x80802e3f 00 --- Press q to abort, any other key to continue --- 230 INTGATE32 0x0008 0x80802e46 00 231 INTGATE32 0x0008 0x80802e4d 00 232 INTGATE32 0x0008 0x80802e54 00 233 INTGATE32 0x0008 0x80802e5b 00 234 INTGATE32 0x0008 0x80802e62 00 235 INTGATE32 0x0008 0x80802e69 00 236 INTGATE32 0x0008 0x80802e70 00 237 INTGATE32 0x0008 0x80802e77 00 238 INTGATE32 0x0008 0x80802e7e 00 239 INTGATE32 0x0008 0x80802e85 00 240 INTGATE32 0x0008 0x80802e8c 00 241 INTGATE32 0x0008 0x80802e93 00 242 INTGATE32 0x0008 0x80802e9a 00 243 INTGATE32 0x0008 0x80802ea1 00 244 INTGATE32 0x0008 0x80802ea8 00 245 INTGATE32 0x0008 0x80802eaf 00 246 INTGATE32 0x0008 0x80802eb6 00 247 INTGATE32 0x0008 0x80802ebd 00 248 INTGATE32 0x0008 0x80802ec4 00 249 INTGATE32 0x0008 0x80802ecb 00 250 INTGATE32 0x0008 0x80802ed2 00 --- Press q to abort, any other key to continue --- 251 INTGATE32 0x0008 0x80802ed9 00 252 INTGATE32 0x0008 0x80802ee0 00 253 INTGATE32 0x0008 0x80802ee7 00 254 INTGATE32 0x0008 0x80802eee 00 255 INTGATE32 0x0008 0x80802ef5 00 kdb:> ldt Local descriptor table is empty. kdb:> mod Base Size Name 80800000 0045f000 ntoskrnl.exe 802cd000 00039000 hal.dll 80085000 00008000 kdcom.dll 8008d000 0000d000 bootvid.dll f7b7d000 00040000 fastfat.sys f7b4d000 00030000 sacdrv.sys f7b3b000 00012000 pci.sys f7b32000 00009000 usbd.sys f7a92000 000a0000 acpi.sys f7a52000 00040000 usbport.sys f7a3f000 00013000 usbccgp.sys f7a27000 00018000 usbehci.sys f7a1b000 0000c000 pciidex.sys f7a09000 00012000 usbuhci.sys f79ed000 0001c000 scsiport.sys f79e5000 00008000 pciide.sys f798c000 00059000 uniata.sys f7960000 0002c000 mountmgr.sys f7951000 0000f000 buslogic.sys f793e000 00013000 class2.sys f7927000 00017000 usbstor.sys --- Press q to abort, any other key to continue --- f7914000 00013000 disk.sys f7901000 00013000 ramdisk.sys f78e0000 00021000 ksecdd.sys f78b5000 0002b000 usbhub.sys f78a3000 00012000 usbohci.sys f7862000 00041000 VBoxGuest.sys f7859000 00009000 nmidebug.sys f7844000 00015000 mup.sys f77fe000 00046000 ks.sys f77bf000 0003f000 ndis.sys f77b6000 00009000 swenum.sys kdb:> pcr Current PCR is at 0xFFDFF000. Tib.ExceptionList: 0xf77b4840 Tib.StackBase: 0x00000000 Tib.StackLimit: 0x00000000 Tib.SubSystemTib: 0x8009c000 Tib.FiberData/Version: 0x0000001f Tib.ArbitraryUserPointer: 0x00000001 Tib.Self: 0x00000000 SelfPcr: 0xffdff000 PCRCB: 0xffdff120 Irql: 0x00 IRR: 0x00000000 IrrActive: 0x00000000 IDR: 0xfffffefa KdVersionBlock: 0x00000000 IDT: 0x8070d400 GDT: 0x8070d000 TSS: 0x8009c000 MajorVersion: 0x0001 MinorVersion: 0x0001 SetMember: 0x00000001 StallScaleFactor: 0x0000011b --- Press q to abort, any other key to continue --- Number: 0x00 L2CacheAssociativity: 0x00 VdmAlert: 0x00000000 L2CacheSize: 0x00000000 InterruptMode: 0x00000000 kdb:> proc Current process: PID: 0x00000004 State: In Memory (0x0) Image Filename: System kdb:> regs CS:EIP 0x0008:0x809568c9 SS:ESP 0x0010:0xf77b4830 EAX 0x00000003 EBX 0x00000000 ECX 0xf77b4618 EDX 0xf77b4d90 ESI 0x00000000 EDI 0x00000000 EBP 0xf77b4874 EFLAGS 0x00200246 PF ZF IF IOPL0 ID kdb:> sregs CS 0x0008 Index 0x0001 GDT RPL0 DS 0x0023 Index 0x0004 GDT RPL3 ES 0x0023 Index 0x0004 GDT RPL3 FS 0x0030 Index 0x0006 GDT RPL0 GS 0x0000 Index 0x0000 GDT RPL0 SS 0x0010 Index 0x0002 GDT RPL0 kdb:> thred Command 'thred' is unknown. kdb:> thread Current Thread: TID: 0x00000008 State: Running (0x2) Priority: 31 Affinity: 0x00000001 Initial Stack: 0x80a09900 Stack Limit: 0x80a06900 Stack Base: 0x80a09900 Kernel Stack: 0x80a09900 Trap Frame: 0x00000000 NPX State: Loaded (0x0) kdb:> tss Current TSS 0x0028 is at 0x8009C000. Backlink: 0x0000 Ss0:Esp0: 0x0010:0xf77b4df0 CR3: 0x00000000 EFlags: 0x00000000 Eax: 0x00000000 Ebx: 0x00000000 Ecx: 0x00000000 Edx: 0x00000000 Esi: 0x00000000 Edi: 0x00000000 Eip: 0x00000000 Esp: 0x00000000 Ebp: 0x00000000 Cs: 0x0000 Ss: 0x0000 Ds: 0x0000 Es: 0x0000 Fs: 0x0000 Gs: 0x0000 LDT: 0x0000 Flags: 0x0000 --- Press q to abort, any other key to continue --- IoMapBase: 0x20ac kdb:> x x: Address argument required. kdb:> !pool Heap is unimplemented kdb:> !poolused Pool Used: NonPaged Paged Tag Allocs Used Allocs Used 'ObCI' 3 192 0 0 'ObSc' 0 0 16 2368 'USTR' 0 0 5 88 'RSYM' 2 2215936 0 0 'CMkb' 0 0 1 4096 'klmo' 32 3600 0 0 'ObjT' 20 9440 0 0 'Obtb' 0 0 4 8352 'CcWq' 3 72 0 0 'Vadl' 1 64 0 0 'Thre' 13 8112 0 0 'KDBS' 4 336 0 0 'MmSt' 0 0 1 216 'MmCt' 1 96 0 0 'ObNM' 1 80 1 256 'Call' 4 1432 0 0 'klws' 0 0 32 2208 'SeSi' 0 0 30 712 'Ke ' 0 0 1 8192 --- Press q to abort, any other key to continue --- 'Init' 1 1640 0 0 'Symb' 0 0 4 352 'MARE' 1 104 0 0 'Sect' 0 0 2 160 'SYMT' 0 0 4 184 'ObDi' 0 0 44 1056 'SeLs' 0 0 2 80 'Key ' 0 0 3 80 'CMHv' 6 3208 0 0 'Pool' 3 135168 0 0 'Even' 7 504 0 0 'SeTd' 0 0 1 64 'SeSd' 21 0 49 344 'CM ' 3 4096 179 733416 'Keye' 0 0 1 520 'klim' 0 0 2 24 'MMSS' 1 152 0 0 'Proc' 1 664 0 0 'Mm ' 6 147792 2 40 'Toke' 0 0 1 568 'SeAc' 0 0 6 488 --- Press q to abort, any other key to continue --- 'ObDm' 0 0 1 56 'ObNm' 0 0 69 1752 'Dire' 0 0 8 1728 'MmMl' 2 40 0 0 'CMSD' 0 0 12 120 'DMA ' 2 1672 0 0 'SePa' 0 0 1 16 kdb:> !filecache Usage Summary (in kb) Shared Valid Dirty Name kdb:> !defwrites CcTotalDirtyPages: 0 (0 Kb) CcDirtyPageThreshold: 196563 (786252 Kb) MmAvailablePages: 497345 (1989380 Kb) MmThrottleTop: 450 (1800 Kb) MmThrottleBottom: 80 (320 Kb) MmModifiedPageListHead.Total: 0 (0 Kb) CcTotalDirtyPages below the threshold, writes should not be throttled kdb:> `irpfind Command '`irpfind' is unknown. kdb:> `irpfind44          !irpfind Searching NonPaged pool (B0E01000 : B4DB9000) for Tag: Irp kdb:> !gan   handle Handle table at E10006D0 with 3 entries in use 00000004: Object: B4D5DD88 GrantedAccess: 1f0fff Entry: E1001008 Object: B4D5DD88 Type: (b4d5e710) Process ObjectHeader: B4D5DD70 HandleCount: 1 PointerCount: 15 00000094: Object: B4D59448 GrantedAccess: 1f03ff Entry: E1001128 Object: B4D59448 Type: (b4d5e538) Thread ObjectHeader: B4D59430 HandleCount: 1 PointerCount: 2 000000A0: Object: E10076C0 GrantedAccess: f003f Entry: E1001140 Object: E10076C0 Type: (b4d59250) Key ObjectHeader: E10076A8 HandleCount: 1 PointerCount: 3 Name: \REGISTRY?? kdb:>