0x0
MSHTML.dll!CAnimatablePropertyListElement::GetCurrentValues + 0x38 (b89 in id)
MSHTML.dll!memcpy + 0x139A78 (this may not be correct) (72d in id)
MSHTML.dll!BuildAnimation + 0x373
MSHTML.dll!AnimationStartHandler + 0xD9
MSHTML.dll!CAnimations::LoopAnimations + 0x190
MSHTML.dll!ProcessTransitionsAndAnimations + 0x724
MSHTML.dll!CElement::ComputeFormatsVirtual + 0xEAE
MSHTML.dll!CElement::ComputeFormats + 0x150
MSHTML.dll!CTreeNode::ComputeFormatsHelper + 0x89
MSHTML.dll!CTreeNode::EnsureNestedFormats + 0x81
MSHTML.dll!CElement::UpdateFormatsForLayout + 0xE5
MSHTML.dll!CView::ExecuteInvalidationTasks + 0x2AA
MSHTML.dll!CView::EnsureView + 0x2A2
MSHTML.dll!CView::HitTestPoint<0> + 0x361
MSHTML.dll!CView::HitTestForMessage<0> + 0xEE
MSHTML.dll!CDoc::HitTestPoint + 0x26
MSHTML.dll!CDoc::OnMouseMessage + 0xF9
MSHTML.dll!CMouseHandler::HandleNonUserInteractionMessage + 0x2F
MSHTML.dll!CMouseHandler::HandleMessage + 0x2F
MSHTML.dll!CInputManager::HandleMessage + 0xF9
MSHTML.dll!CDoc::OnWindowMessage + 0xAB
MSHTML.dll!CServer::WndProc + 0x3E
user32.DLL!InternalCallWinProc + 0x23
user32.DLL!UserCallWinProcCheckWow + 0x14B
user32.DLL!DispatchMessageWorker + 0x36D
user32.DLL!DispatchMessageW + 0xF
IEFRAME.dll!CTabWindow::_TabWindowThreadProc + 0x49A
IEFRAME.dll!LCIETab_ThreadProc + 0x379
iertutil.dll!IsUserAdmin + 0xAB
IEShims.dll!NS_CreateThread::DesktopIE_ThreadProc + 0x71
kernel32.dll!BaseThreadInitThunk + 0xE
ntdll.dll!__RtlUserThreadStart + 0x70
ntdll.dll!_RtlUserThreadStart + 0x1B
eax=62dbc170 ebx=00000000 ecx=0fe6b0b8 edx=00000000 esi=18988ff8 edi=0fe6b0f8
eip=00000000 esp=0fe6b07c ebp=0fe6b0a8 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
fpcw=027F: rn 53 puozdi fpsw=4020: top=0 cc=1000 --p----- fptw=FFFF
fopcode=0000 fpip=0000:633a013f fpdp=0000:189a2fd0
st0= 0.000000000000000000000e+0000 st1= 0.000000000000000000000e+0000
st2= 9.999999776482582092290e-0003 st3= 9.999999776482582092290e-0003
st4= 0.000000000000000000000e+0000 st5= 1.400000005960464477540e-0001
st6= 0.000000000000000000000e+0000 st7= 4.000000000000000000000e+0000
mm0=0000000000000000 mm1=0000000000000000
mm2=a3d70a0000000000 mm3=a3d70a0000000000
mm4=0000000000000000 mm5=8f5c290000000000
mm6=0000000000000000 mm7=8000000000000000
xmm0=0 0 0 0
xmm1=0 0 0 0
xmm2=0 0 0 0
xmm3=0 0 0 0
xmm4=1.#QNAN 9.18341e-041 -1.#QNAN -1.#QNAN
xmm5=1.#QNAN 1 1.#QNAN 1
xmm6=1.#QNAN 1 1.#QNAN 1
xmm7=1.#QNAN 1 1.#QNAN 1
dr0=00000000 dr1=00000000 dr2=00000000
dr3=00000000 dr6=00000000 dr7=00000000
00000000 ?? ???
62fcf5eb 57 push edi
62fcf5ec 8819 mov byte ptr [ecx],bl
62fcf5ee 8b3e mov edi,dword ptr [esi]
62fcf5f0 85ff test edi,edi
62fcf5f2 0f854513acff jne MSHTML!memcpy+0x139b04 (62a9093d)
62fcf5f8 ff7514 push dword ptr [ebp+14h]
62fcf5fb 8b7d0c mov edi,dword ptr [ebp+0Ch]
62fcf5fe 8b4008 mov eax,dword ptr [eax+8]
62fcf601 51 push ecx
62fcf602 57 push edi
62fcf603 8d4d10 lea ecx,[ebp+10h]
62fcf606 51 push ecx
62fcf607 53 push ebx
62fcf608 50 push eax
62fcf609 ff7508 push dword ptr [ebp+8]
62fcf60c 895d10 mov dword ptr [ebp+10h],ebx
62fcf60f ff502c call dword ptr [eax+2Ch] ⇐ call
62fcf612 8bd8 mov ebx,eax ⇐ return address
62fcf614 85db test ebx,ebx
62fcf616 7805 js MSHTML!CAnimatablePropertyListElement::GetCurrentValues+0x43 (62fcf61d)
62fcf618 e8c6179bff call MSHTML!TSmartPointer<ID2D1Image>::operator=<ID2D1Bitmap> (62980de3)
62fcf61d 5f pop edi
62fcf61e 5e pop esi
62fcf61f 8bc3 mov eax,ebx
62fcf621 5b pop ebx
62fcf622 5d pop ebp
62fcf623 c21000 ret 10h
62fcf626 90 nop
62fcf627 90 nop
62fcf628 90 nop
62fcf629 90 nop
62fcf62a 90 nop
MSHTML!CFastDOM::CMSStyleCSSProperties::Trampoline_Get_pixelLeft:
62fcf62b 8bff mov edi,edi
Loaded symbol image file: C:\Windows\system32\MSHTML.dll
Image path: C:\Windows\system32\MSHTML.dll
Image name: MSHTML.dll
Timestamp: Wed Dec 16 20:46:36 2015 (5671BF9C)
CheckSum: 00DA1360
ImageSize: 00DA1000
File version: 10.0.9200.17609
Product version: 10.0.9200.17609
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Windows� Internet Explorer
InternalName: MSHTML
OriginalFilename: MSHTML.DLL
ProductVersion: 10.00.9200.17609
FileVersion: 10.00.9200.17609 (win8_gdr.151216-0600)
FileDescription: Microsoft (R) HTML Viewer
LegalCopyright: � Microsoft Corporation. All rights reserved.
Image path: iexplore.exe
Image name: iexplore.exe
Timestamp: Wed Dec 16 18:33:22 2015 (5671A062)
CheckSum: 000BC8FD
ImageSize: 000BC000
File version: 10.0.9200.17609
Product version: 10.0.9200.17609
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Windows� Internet Explorer
InternalName: iexplore
OriginalFilename: IEXPLORE.EXE
ProductVersion: 10.00.9200.17609
FileVersion: 10.00.9200.17609 (win8_gdr.151216-0600)
FileDescription: Internet Explorer
LegalCopyright: � Microsoft Corporation. All rights reserved.
Microsoft (R) Windows Debugger Version 6.3.9600.16384 X86
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: "C:\Program Files\Internet Explorer\iexplore.exe" http://FB-W0701032-1:30000/Ping-18329.6771711
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred cache*\\server\Symbols
Deferred srv*http://msdl.microsoft.com/download/symbols
Symbol search path is: cache*\\server\Symbols;srv*http://msdl.microsoft.com/download/symbols
Executable search path is:
ModLoad: 00da0000 00e5c000 iexplore.exe
ModLoad: 77c20000 77d62000 ntdll.dll
ModLoad: 737f0000 73850000 C:\Windows\system32\verifier.dll
Page heap: pid 0x830: page heap enabled with flags 0x3.
ModLoad: 76d20000 76df5000 C:\Windows\system32\kernel32.dll
ModLoad: 75f60000 75fab000 C:\Windows\system32\KERNELBASE.dll
ModLoad: 768b0000 7695c000 C:\Windows\system32\msvcrt.dll
ModLoad: 75fb0000 75fb5000 C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
ModLoad: 76470000 76511000 C:\Windows\system32\advapi32.DLL
ModLoad: 76960000 76979000 C:\Windows\SYSTEM32\sechost.dll
ModLoad: 77d70000 77e12000 C:\Windows\system32\RPCRT4.dll
ModLoad: 76a20000 76c1a000 C:\Windows\system32\iertutil.dll
ModLoad: 75f30000 75f34000 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
ModLoad: 75140000 75149000 C:\Windows\system32\version.DLL
ModLoad: 75d90000 75d94000 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
ModLoad: 75ff0000 760b9000 C:\Windows\system32\user32.DLL
ModLoad: 77e20000 77e6e000 C:\Windows\system32\GDI32.dll
ModLoad: 76cc0000 76cca000 C:\Windows\system32\LPK.dll
ModLoad: 76c20000 76cbd000 C:\Windows\system32\USP10.dll
ModLoad: 75f10000 75f13000 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
ModLoad: 76980000 76983000 C:\Windows\system32\normaliz.DLL
ModLoad: 75f20000 75f24000 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
ModLoad: 76e00000 76e57000 C:\Windows\system32\shlwapi.DLL
(830.538): Break instruction exception - code 80000003 (first chance)
eax=00000000 ebx=00000000 ecx=0013f5ec edx=77c670d4 esi=fffffffe edi=00000000
eip=77cc11e9 esp=0013f608 ebp=0013f634 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
ntdll!LdrpDoDebuggerBreak+0x2c:
77cc11e9 cc int 3
Create process 2096 breakpoint.
0:000> g
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred cache*\\server\Symbols
Deferred srv*http://msdl.microsoft.com/download/symbols
Symbol search path is: cache*\\server\Symbols;srv*http://msdl.microsoft.com/download/symbols
Executable search path is:
Create process 2824 breakpoint.
1:009> g
Page heap: pid 0xB08: page heap enabled with flags 0x3.
(b08.934): Break instruction exception - code 80000003 (first chance)
Exception 0x80000003 in process 2824.
1:009> g
(b08.950): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
1:045> .lastevent
Last event: b08.950: Access violation - code c0000005 (first chance)
debugger time: Mon Mar 7 15:24:51.613 2016 (UTC + 1:00)
1:045> |.
. 1 id: b08 child name: iexplore.exe
1:045> .symopt- 0x80000000
Symbol options are 0x90F07:
0x00000001 - SYMOPT_CASE_INSENSITIVE
0x00000002 - SYMOPT_UNDNAME
0x00000004 - SYMOPT_DEFERRED_LOADS
0x00000100 - SYMOPT_NO_UNQUALIFIED_LOADS
0x00000200 - SYMOPT_FAIL_CRITICAL_ERRORS
0x00000400 - SYMOPT_EXACT_SYMBOLS
0x00000800 - SYMOPT_ALLOW_ABSOLUTE_SYMBOLS
0x00010000 - SYMOPT_AUTO_PUBLICS
0x00080000 - SYMOPT_NO_PROMPTS
1:045> .exr -1
ExceptionAddress: 00000000
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000008
Parameter[1]: 00000000
Attempt to execute non-executable address 00000000
1:045> .symopt+ 0x80000000
Symbol options are 0x80090F07:
0x00000001 - SYMOPT_CASE_INSENSITIVE
0x00000002 - SYMOPT_UNDNAME
0x00000004 - SYMOPT_DEFERRED_LOADS
0x00000100 - SYMOPT_NO_UNQUALIFIED_LOADS
0x00000200 - SYMOPT_FAIL_CRITICAL_ERRORS
0x00000400 - SYMOPT_EXACT_SYMBOLS
0x00000800 - SYMOPT_ALLOW_ABSOLUTE_SYMBOLS
0x00010000 - SYMOPT_AUTO_PUBLICS
0x00080000 - SYMOPT_NO_PROMPTS
0x80000000 - SYMOPT_DEBUG
1:045> lm on
start end module name
00da0000 00e5c000 iexplore iexplore.exe
62910000 636b1000 MSHTML MSHTML.dll
6b280000 6b469000 D3D10Warp D3D10Warp.dll
6b910000 6bc57000 d2d1 d2d1.dll
6bcf0000 6bfa1000 jscript9 jscript9.dll
6c070000 6c10e000 ieapfltr ieapfltr.dll
6d5d0000 6d65c000 uiautomationcore uiautomationcore.dll
6d660000 6d68e000 MLANG MLANG.dll
6d690000 6d6cc000 OLEACC OLEACC.DLL
6d6d0000 6d70f000 IEShims IEShims.dll
6e210000 6ef2d000 IEFRAME IEFRAME.dll
6fe50000 6ff86000 DWrite DWrite.dll
714a0000 714d2000 WINMM WINMM.dll
715b0000 715b6000 rasadhlp rasadhlp.dll
71b00000 71b04000 api_ms_win_downlevel_advapi32_l2_1_0 api-ms-win-downlevel-advapi32-l2-1-0.dll
71ed0000 71eec000 cryptnet cryptnet.dll
71fc0000 72135000 d3d11 d3d11.dll
72140000 7218c000 dxgi dxgi.dll
726c0000 72723000 IEUI IEUI.dll
729b0000 729b4000 api_ms_win_downlevel_shell32_l1_1_0 api-ms-win-downlevel-shell32-l1-1-0.dll
729c0000 729c4000 api_ms_win_downlevel_shlwapi_l2_1_0 api-ms-win-downlevel-shlwapi-l2-1-0.dll
72a80000 72ac2000 ieproxy ieproxy.dll
737f0000 73850000 verifier verifier.dll
73870000 7387b000 msimtf msimtf.dll
73880000 73888000 dispex dispex.dll
73af0000 73af6000 SensApi SensApi.dll
73f10000 73f48000 fwpuclnt fwpuclnt.dll
74190000 74197000 WINNSI WINNSI.DLL
741a0000 741bc000 IPHLPAPI IPHLPAPI.DLL
74750000 74763000 dwmapi dwmapi.dll
747e0000 74820000 UxTheme UxTheme.dll
74a00000 74af5000 PROPSYS PROPSYS.dll
74b70000 74b80000 NLAapi NLAapi.dll
74cb0000 74e4e000 comctl32 comctl32.dll
74e50000 74e71000 ntmarta ntmarta.dll
75140000 75149000 version version.DLL
751d0000 751d5000 wshtcpip wshtcpip.dll
75280000 75296000 GPAPI GPAPI.dll
75340000 75348000 credssp credssp.dll
75380000 753bd000 bcryptprimitives bcryptprimitives.dll
75440000 7547b000 rsaenh rsaenh.dll
754b0000 754f0000 schannel schannel.DLL
75520000 75564000 DNSAPI DNSAPI.dll
75650000 75656000 wship6 wship6.dll
75660000 7569c000 mswsock mswsock.dll
756a0000 756b7000 CRYPTSP CRYPTSP.dll
757b0000 757c7000 bcrypt bcrypt.dll
757d0000 75809000 ncrypt ncrypt.dll
75ae0000 75ae8000 Secur32 Secur32.dll
75b10000 75b2b000 SSPICLI SSPICLI.DLL
75b30000 75b7c000 apphelp apphelp.dll
75b80000 75b8c000 CRYPTBASE CRYPTBASE.DLL
75b90000 75bef000 SXS SXS.DLL
75c20000 75c2e000 RpcRtRemote RpcRtRemote.dll
75c90000 75c9b000 profapi profapi.dll
75ca0000 75cac000 MSASN1 MSASN1.dll
75cb0000 75cdf000 WINTRUST WINTRUST.dll
75d70000 75d87000 USERENV USERENV.dll
75d90000 75d94000 api_ms_win_downlevel_user32_l1_1_0 api-ms-win-downlevel-user32-l1-1-0.dll
75da0000 75dc7000 CFGMGR32 CFGMGR32.dll
75dd0000 75dd4000 api_ms_win_downlevel_ole32_l1_1_0 api-ms-win-downlevel-ole32-l1-1-0.dll
75de0000 75f01000 CRYPT32 CRYPT32.dll
75f10000 75f13000 api_ms_win_downlevel_normaliz_l1_1_0 api-ms-win-downlevel-normaliz-l1-1-0.dll
75f20000 75f24000 api_ms_win_downlevel_shlwapi_l1_1_0 api-ms-win-downlevel-shlwapi-l1-1-0.dll
75f30000 75f34000 api_ms_win_downlevel_version_l1_1_0 api-ms-win-downlevel-version-l1-1-0.dll
75f40000 75f52000 DEVOBJ DEVOBJ.dll
75f60000 75fab000 KERNELBASE KERNELBASE.dll
75fb0000 75fb5000 api_ms_win_downlevel_advapi32_l1_1_0 api-ms-win-downlevel-advapi32-l1-1-0.dll
75ff0000 760b9000 user32 user32.DLL
760c0000 76105000 WLDAP32 WLDAP32.dll
76170000 7630d000 SETUPAPI SETUPAPI.dll
76310000 763dc000 MSCTF MSCTF.dll
763e0000 76463000 CLBCatQ CLBCatQ.DLL
76470000 76511000 advapi32 advapi32.DLL
76520000 7664b000 urlmon urlmon.dll
76650000 766cb000 comdlg32 comdlg32.dll
766d0000 76886000 WININET WININET.dll
76890000 768af000 IMM32 IMM32.DLL
768b0000 7695c000 msvcrt msvcrt.dll
76960000 76979000 sechost sechost.dll
76980000 76983000 normaliz normaliz.DLL
76990000 76a1f000 OLEAUT32 OLEAUT32.dll
76a20000 76c1a000 iertutil iertutil.dll
76c20000 76cbd000 USP10 USP10.dll
76cc0000 76cca000 LPK LPK.dll
76cd0000 76cd5000 PSAPI PSAPI.DLL
76ce0000 76d15000 WS2_32 WS2_32.dll
76d20000 76df5000 kernel32 kernel32.dll
76e00000 76e57000 shlwapi shlwapi.DLL
76e60000 76e66000 NSI NSI.dll
76e70000 76fcc000 ole32 ole32.DLL
76fd0000 77c1b000 shell32 shell32.DLL
77c20000 77d62000 ntdll ntdll.dll
77d70000 77e12000 RPCRT4 RPCRT4.dll
77e20000 77e6e000 GDI32 GDI32.dll
1:045> kn 0x64
# ChildEBP RetAddr
WARNING: Frame IP not in any known module. Following frames may be wrong.
00 0fe6b078 62fcf612 0x0
01 0fe6b0a8 62a908b1 MSHTML!CAnimatablePropertyListElement::GetCurrentValues+0x38
02 0fe6b104 62dc35e3 MSHTML!memcpy+0x139a78
03 0fe6b1ac 62dc29e4 MSHTML!BuildAnimation+0x373
04 0fe6b280 62d8648b MSHTML!AnimationStartHandler+0xd9
05 0fe6b310 62d865e0 MSHTML!CAnimations::LoopAnimations+0x190
06 0fe6b3ec 6299c362 MSHTML!ProcessTransitionsAndAnimations+0x724
07 0fe6b4b0 6299a730 MSHTML!CElement::ComputeFormatsVirtual+0xeae
08 0fe6b550 62e3dcfa MSHTML!CElement::ComputeFormats+0x150
09 0fe6bed4 629b7412 MSHTML!CTreeNode::ComputeFormatsHelper+0x89
0a 0fe6bee8 629f9f72 MSHTML!CTreeNode::EnsureNestedFormats+0x81
0b 0fe6bf50 629f9e5e MSHTML!CElement::UpdateFormatsForLayout+0xe5
0c 0fe6c008 62e6a5ea MSHTML!CView::ExecuteInvalidationTasks+0x2aa
0d 0fe6c044 62c7b93c MSHTML!CView::EnsureView+0x2a2
0e 0fe6c2b8 62c7c2da MSHTML!CView::HitTestPoint<0>+0x361
0f 0fe6c334 62c7c4f8 MSHTML!CView::HitTestForMessage<0>+0xee
10 0fe6c350 62b7e1db MSHTML!CDoc::HitTestPoint+0x26
11 0fe6c4c0 62de75d8 MSHTML!CDoc::OnMouseMessage+0xf9
12 0fe6c4e8 62de7590 MSHTML!CMouseHandler::HandleNonUserInteractionMessage+0x2f
13 0fe6c500 62de74df MSHTML!CMouseHandler::HandleMessage+0x2f
14 0fe6c518 6296038e MSHTML!CInputManager::HandleMessage+0xf9
15 0fe6c6d8 629602b2 MSHTML!CDoc::OnWindowMessage+0xab
16 0fe6c704 7600c4f7 MSHTML!CServer::WndProc+0x3e
17 0fe6c730 7600c5f7 user32!InternalCallWinProc+0x23
18 0fe6c7a8 7600cc30 user32!UserCallWinProcCheckWow+0x14b
19 0fe6c80c 7600cc88 user32!DispatchMessageWorker+0x36d
1a 0fe6c81c 6e212a6c user32!DispatchMessageW+0xf
1b 0fe6f9a4 6e2f0157 IEFRAME!CTabWindow::_TabWindowThreadProc+0x49a
1c 0fe6fa60 76ae316c IEFRAME!LCIETab_ThreadProc+0x379
1d 0fe6fa70 6d6d306b iertutil!IsUserAdmin+0xab
1e 0fe6fa9c 76d6ef1c IEShims!NS_CreateThread::DesktopIE_ThreadProc+0x71
1f 0fe6faa8 77c83b53 kernel32!BaseThreadInitThunk+0xe
20 0fe6fae8 77c83b26 ntdll!__RtlUserThreadStart+0x70
21 0fe6fb00 00000000 ntdll!_RtlUserThreadStart+0x1b
1:045> rM 0x7D
eax=62dbc170 ebx=00000000 ecx=0fe6b0b8 edx=00000000 esi=18988ff8 edi=0fe6b0f8
eip=00000000 esp=0fe6b07c ebp=0fe6b0a8 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
fpcw=027F: rn 53 puozdi fpsw=4020: top=0 cc=1000 --p----- fptw=FFFF
fopcode=0000 fpip=0000:633a013f fpdp=0000:189a2fd0
st0= 0.000000000000000000000e+0000 st1= 0.000000000000000000000e+0000
st2= 9.999999776482582092290e-0003 st3= 9.999999776482582092290e-0003
st4= 0.000000000000000000000e+0000 st5= 1.400000005960464477540e-0001
st6= 0.000000000000000000000e+0000 st7= 4.000000000000000000000e+0000
mm0=0000000000000000 mm1=0000000000000000
mm2=a3d70a0000000000 mm3=a3d70a0000000000
mm4=0000000000000000 mm5=8f5c290000000000
mm6=0000000000000000 mm7=8000000000000000
xmm0=0 0 0 0
xmm1=0 0 0 0
xmm2=0 0 0 0
xmm3=0 0 0 0
xmm4=1.#QNAN 9.18341e-041 -1.#QNAN -1.#QNAN
xmm5=1.#QNAN 1 1.#QNAN 1
xmm6=1.#QNAN 1 1.#QNAN 1
xmm7=1.#QNAN 1 1.#QNAN 1
dr0=00000000 dr1=00000000 dr2=00000000
dr3=00000000 dr6=00000000 dr7=00000000
00000000 ?? ???
1:045> dpp @$ea - 10*$ptrsize L10;
Bad register error at '@$ea - 10*$ptrsize '
1:045> .if ($vvalid(@$scopeip - 40, 40)) { u @$scopeip - 40 @$scopeip - 1; };
1:045> .if ($vvalid(@$scopeip, 40)) { u @$scopeip @$scopeip + 39; };
1:045> .if ($vvalid(@$ra - 40, 40)) { u @$ra - 40 @$ra - 1; };
MSHTML!CJScript9Holder::ReinitializeOrClearObject+0x1f:
62fcf5d2 ebf3 jmp MSHTML!CJScript9Holder::ReinitializeOrClearObject+0x14 (62fcf5c7)
62fcf5d4 cc int 3
62fcf5d5 90 nop
62fcf5d6 90 nop
62fcf5d7 90 nop
62fcf5d8 90 nop
62fcf5d9 90 nop
MSHTML!CAnimatablePropertyListElement::GetCurrentValues:
62fcf5da 8bff mov edi,edi
62fcf5dc 55 push ebp
62fcf5dd 8bec mov ebp,esp
62fcf5df 53 push ebx
62fcf5e0 8bc1 mov eax,ecx
62fcf5e2 8b4d10 mov ecx,dword ptr [ebp+10h]
62fcf5e5 56 push esi
62fcf5e6 33db xor ebx,ebx
62fcf5e8 8d7010 lea esi,[eax+10h]
62fcf5eb 57 push edi
62fcf5ec 8819 mov byte ptr [ecx],bl
62fcf5ee 8b3e mov edi,dword ptr [esi]
62fcf5f0 85ff test edi,edi
62fcf5f2 0f854513acff jne MSHTML!memcpy+0x139b04 (62a9093d)
62fcf5f8 ff7514 push dword ptr [ebp+14h]
62fcf5fb 8b7d0c mov edi,dword ptr [ebp+0Ch]
62fcf5fe 8b4008 mov eax,dword ptr [eax+8]
62fcf601 51 push ecx
62fcf602 57 push edi
62fcf603 8d4d10 lea ecx,[ebp+10h]
62fcf606 51 push ecx
62fcf607 53 push ebx
62fcf608 50 push eax
62fcf609 ff7508 push dword ptr [ebp+8]
62fcf60c 895d10 mov dword ptr [ebp+10h],ebx
62fcf60f ff502c call dword ptr [eax+2Ch]
1:045> .if ($vvalid(@$ra, 40)) { u @$ra @$ra + 39; };
MSHTML!CAnimatablePropertyListElement::GetCurrentValues+0x38:
62fcf612 8bd8 mov ebx,eax
62fcf614 85db test ebx,ebx
62fcf616 7805 js MSHTML!CAnimatablePropertyListElement::GetCurrentValues+0x43 (62fcf61d)
62fcf618 e8c6179bff call MSHTML!TSmartPointer<ID2D1Image>::operator=<ID2D1Bitmap> (62980de3)
62fcf61d 5f pop edi
62fcf61e 5e pop esi
62fcf61f 8bc3 mov eax,ebx
62fcf621 5b pop ebx
62fcf622 5d pop ebp
62fcf623 c21000 ret 10h
62fcf626 90 nop
62fcf627 90 nop
62fcf628 90 nop
62fcf629 90 nop
62fcf62a 90 nop
MSHTML!CFastDOM::CMSStyleCSSProperties::Trampoline_Get_pixelLeft:
62fcf62b 8bff mov edi,edi
62fcf62d 55 push ebp
62fcf62e 8bec mov ebp,esp
62fcf630 83ec14 sub esp,14h
62fcf633 8365f800 and dword ptr [ebp-8],0
62fcf637 56 push esi
62fcf638 8d45fc lea eax,[ebp-4]
62fcf63b 50 push eax
62fcf63c 8d45f4 lea eax,[ebp-0Ch]
62fcf63f 50 push eax
62fcf640 68af100000 push 10AFh
62fcf645 6a00 push 0
62fcf647 8d4510 lea eax,[ebp+10h]
62fcf64a 50 push eax
62fcf64b ff750c push dword ptr [ebp+0Ch]
1:045> lm M *iexplore.exe
start end module name
00da0000 00e5c000 iexplore (deferred)
1:045> lmv m *MSHTML
start end module name
62910000 636b1000 MSHTML (pdb symbols) \\server\symbols\mshtml.pdb\B2299C3D3EDE42AF9554984921C47A6C2\mshtml.pdb
Loaded symbol image file: C:\Windows\system32\MSHTML.dll
Image path: C:\Windows\system32\MSHTML.dll
Image name: MSHTML.dll
Timestamp: Wed Dec 16 20:46:36 2015 (5671BF9C)
CheckSum: 00DA1360
ImageSize: 00DA1000
File version: 10.0.9200.17609
Product version: 10.0.9200.17609
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Windows� Internet Explorer
InternalName: MSHTML
OriginalFilename: MSHTML.DLL
ProductVersion: 10.00.9200.17609
FileVersion: 10.00.9200.17609 (win8_gdr.151216-0600)
FileDescription: Microsoft (R) HTML Viewer
LegalCopyright: � Microsoft Corporation. All rights reserved.
1:045> lmv m *iexplore
start end module name
00da0000 00e5c000 iexplore (deferred)
Image path: iexplore.exe
Image name: iexplore.exe
Timestamp: Wed Dec 16 18:33:22 2015 (5671A062)
CheckSum: 000BC8FD
ImageSize: 000BC000
File version: 10.0.9200.17609
Product version: 10.0.9200.17609
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Windows� Internet Explorer
InternalName: iexplore
OriginalFilename: IEXPLORE.EXE
ProductVersion: 10.00.9200.17609
FileVersion: 10.00.9200.17609 (win8_gdr.151216-0600)
FileDescription: Internet Explorer
LegalCopyright: � Microsoft Corporation. All rights reserved.
1:045> q
quit: