BANNED
Join Date: Nov 2009
Location: 9`su 09`n0n7e`r0f76a
|
07-12-2011
, 07:57
Re: Help with this segfault
|
#7
|
Quote:
Originally Posted by Arkshine
I've simply taken some bytes like "8b 90 c8 01 00 00...etc" (takes as much as necessary to get an unique signature) and searching in IDA. And you find you are in the TraceAttack() function. And where it crashes is : mov edx,[eax+0x1c8] ; edx/eax being specific to local variables and 0x1c8 being the team offset, it can only be on this check "pAttacker->m_iTeam". And in this line, It can only a problem around pAttacker, so pevAttacker. I can't tell much, don't know what means "ds:0023:011a2038=????????". Really I can't answer your question, I don't know much than you. By the way, when it crashes, it sill crashes at the same place ?
|
Im not sure about what you mean by at the same place.
If you mean at the same memory address, yes. Here is a fresh one
Code:
*----> State Dump for Thread Id 0xe64 <----*
eax=06719e60 ebx=07be6900 ecx=00000001 edx=043dc4a0 esi=01126008 edi=0012eafc
eip=06d84d8b esp=0012e9b8 ebp=00000000 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010202
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Documents and Settings\Administrator\Desktop\zcarnage\sv\9\cstrike\dlls\mp.dll -
function: mp!player
06d84d50 1c89 sbb al,0x89
06d84d52 54 push esp
06d84d53 2418 and al,0x18
06d84d55 8944241c mov [esp+0x1c],eax
06d84d59 e802040000 call mp!player+0x1160 (06d85160)
06d84d5e ddd8 fstp st(0)
06d84d60 32db xor bl,bl
06d84d62 8b54242c mov edx,[esp+0x2c]
06d84d66 8b8208020000 mov eax,[edx+0x208]
06d84d6c 3bc5 cmp eax,ebp
06d84d6e 750e jnz mp!player+0xd7e (06d84d7e)
06d84d70 55 push ebp
06d84d71 ff155424e406 call dword ptr [mp!g_flTimeLimit+0x45ec (06e42454)]
06d84d77 83c404 add esp,0x4
06d84d7a 3bc5 cmp eax,ebp
06d84d7c 7405 jz mp!player+0xd83 (06d84d83)
06d84d7e 8b407c mov eax,[eax+0x7c]
06d84d81 eb02 jmp mp!player+0xd85 (06d84d85)
06d84d83 33c0 xor eax,eax
06d84d85 8b8ec8010000 mov ecx,[esi+0x1c8]
FAULT ->06d84d8b 8b90c8010000 mov edx,[eax+0x1c8] ds:0023:0671a028=????????
06d84d91 3bca cmp ecx,edx
06d84d93 7520 jnz mp!player+0xdb5 (06d84db5)
06d84d95 68d4e9df06 push 0x6dfe9d4
06d84d9a ff152424e406 call dword ptr [mp!g_flTimeLimit+0x45bc (06e42424)]
06d84da0 d81d10c3dd06 fcomp dword ptr [mp!worldspawn+0x1f130 (06ddc310)]
06d84da6 83c404 add esp,0x4
06d84da9 dfe0 fstsw
06d84dab f6c440 test ah,0x40
06d84dae 7405 jz mp!player+0xdb5 (06d84db5)
06d84db0 c644241200 mov byte ptr [esp+0x12],0x0
06d84db5 8b4e04 mov ecx,[esi+0x4]
06d84db8 d9816c010000 fld dword ptr [ecx+0x16c]
06d84dbe d81d10c3dd06 fcomp dword ptr [mp!worldspawn+0x1f130 (06ddc310)]
06d84dc4 dfe0 fstsw
06d84dc6 f6c440 test ah,0x40
06d84dc9 0f8599010000 jne mp!player+0xf68 (06d84f68)
06d84dcf 8b5734 mov edx,[edi+0x34]
06d84dd2 80fb01 cmp bl,0x1
06d84dd5 8b5c2444 mov ebx,[esp+0x44]
06d84dd9 89962c010000 mov [esi+0x12c],edx
*----> Stack Back Trace <----*
ChildEBP RetAddr Args to Child
00000000 00000000 00000000 00000000 00000000 mp!player+0xd8b
*----> Raw Stack Dump <----*
000000000012e9b8 6c 69 be 07 58 6e be 07 - 58 ea 12 00 6c 69 be 07 li..Xn..X...li..
000000000012e9c8 00 00 01 00 0c 00 00 00 - 58 6e be 07 6b 0f a8 07 ........Xn..k...
000000000012e9d8 70 ea 12 00 b0 8b ba 07 - 0f 8c ba 07 a0 c4 3d 04 p.............=.
000000000012e9e8 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 80 3f ...............?
000000000012e9f8 fc ea 12 00 40 00 00 00 - a0 c4 3d 04 08 60 12 01 ....@.....=..`..
000000000012ea08 a0 c4 3d 04 20 c4 3d 04 - fc ea 12 00 a0 c4 3d 04 ..=. .=.......=.
000000000012ea18 40 00 00 00 a0 20 00 00 - a0 c4 3d 04 08 60 12 01 @.... ....=..`..
000000000012ea28 a0 c4 3d 04 40 00 00 01 - 0c 00 00 00 01 00 00 00 ..=.@...........
000000000012ea38 04 01 00 00 ec e9 12 00 - f1 18 27 6b 01 00 00 00 ..........'k....
000000000012ea48 09 00 00 00 14 00 00 00 - 00 00 00 00 09 00 00 00 ................
000000000012ea58 88 ea 12 00 26 00 2a 09 - 20 6c be 07 08 60 12 01 ....&.*. l...`..
000000000012ea68 a0 c4 3d 04 00 00 00 00 - 00 00 00 00 00 00 00 00 ..=.............
000000000012ea78 00 00 80 3f fc ea 12 00 - 40 00 00 00 68 f4 dd 06 [email protected]...
000000000012ea88 40 00 00 00 f6 6f d5 06 - a0 c4 3d 04 00 00 00 00 @....o....=.....
000000000012ea98 00 00 00 00 00 00 00 00 - 00 00 80 3f fc ea 12 00 ...........?....
000000000012eaa8 40 00 00 00 ff fd ff ff - 60 9e 71 06 00 00 00 00 @.......`.q.....
000000000012eab8 08 00 00 00 00 00 00 00 - 91 3a 69 3e 00 00 00 00 .........:i>....
000000000012eac8 68 f4 dd 06 af 56 48 43 - 00 08 70 43 f8 2c 8c c1 h....VHC..pC.,..
000000000012ead8 af 56 48 43 00 08 70 43 - f8 2c 8c c1 00 00 00 00 .VHC..pC.,......
000000000012eae8 00 00 00 00 00 00 80 3f - 00 00 00 00 00 00 00 00 .......?........
*----> State Dump for Thread Id 0x1b10 <----*
eax=acf1add9 ebx=0adefd60 ecx=000042f9 edx=00d53bc6 esi=0adefd60 edi=7ffd4000
eip=7c82860c esp=0adefd14 ebp=0adefdbc iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -
function: ntdll!KiFastSystemCallRet
7c8285bd 8bec mov ebp,esp
7c8285bf 83ec50 sub esp,0x50
7c8285c2 8944240c mov [esp+0xc],eax
7c8285c6 64a118000000 mov eax,fs:[00000018]
7c8285cc 8b80a4010000 mov eax,[eax+0x1a4]
7c8285d2 890424 mov [esp],eax
7c8285d5 c744240400000000 mov dword ptr [esp+0x4],0x0
7c8285dd c744240800000000 mov dword ptr [esp+0x8],0x0
7c8285e5 c744241000000000 mov dword ptr [esp+0x10],0x0
7c8285ed 54 push esp
7c8285ee e82c000000 call ntdll!RtlRaiseException (7c82861f)
7c8285f3 8b0424 mov eax,[esp]
7c8285f6 8be5 mov esp,ebp
7c8285f8 5d pop ebp
7c8285f9 c3 ret
7c8285fa 8da42400000000 lea esp,[esp]
7c828601 8da42400000000 lea esp,[esp]
ntdll!KiFastSystemCall:
7c828608 8bd4 mov edx,esp
7c82860a 0f34 sysenter
ntdll!KiFastSystemCallRet:
7c82860c c3 ret
7c82860d 8da42400000000 lea esp,[esp]
7c828614 8d642400 lea esp,[esp]
ntdll!KiIntSystemCall:
7c828618 8d542408 lea edx,[esp+0x8]
7c82861c cd2e int 2e
7c82861e c3 ret
ntdll!RtlRaiseException:
7c82861f 55 push ebp
7c828620 8bec mov ebp,esp
7c828622 8da42430fdffff lea esp,[esp-0x2d0]
7c828629 54 push esp
7c82862a e8b5010000 call ntdll!RtlCaptureContext (7c8287e4)
7c82862f 8b5504 mov edx,[ebp+0x4]
7c828632 8b4508 mov eax,[ebp+0x8]
7c828635 838424c400000004 add dword ptr [esp+0xc4],0x4
7c82863d 89500c mov [eax+0xc],edx
7c828640 c7042407000100 mov dword ptr [esp],0x10007
7c828647 64a130000000 mov eax,fs:[00000030]
7c82864d f64002ff test byte ptr [eax+0x2],0xff
7c828651 7519 jnz ntdll!RtlRaiseException+0x4d (7c82866c)
*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Documents and Settings\Administrator\Desktop\zcarnage\sv\9\tier0_s.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Documents and Settings\Administrator\Desktop\zcarnage\sv\9\steamclient.dll -
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
0adefdbc 77e62fbe 00000001 0adefdf8 00000000 ntdll!KiFastSystemCallRet
0adefdd8 3f00cb91 00000001 0adefdf8 00000000 kernel32!WaitForMultipleObjects+0x18
0adeff0c 380ddd25 00000029 ffffffff 0ac00ee0 tier0_s!WaitForMultipleEvents+0x61
0adeff4c 3f00939b 382eec08 3f009130 ffffffff steamclient!CreateInterface+0x6eff5
0adeff78 380de1a1 380ddde0 382eec08 00000001 tier0_s!CatchAndWriteMiniDumpExForVoidPtrFn+0x5b
0adeffb8 77e6482f 0ac00ee0 00000000 00000000 steamclient!CreateInterface+0x6f471
0adeffec 00000000 3f00db80 0ac00ee0 00000000 kernel32!GetModuleHandleA+0xdf
*----> Raw Stack Dump <----*
000000000adefd14 19 7d 82 7c 2c 20 e6 77 - 01 00 00 00 60 fd de 0a .}.|, .w....`...
000000000adefd24 01 00 00 00 00 00 00 00 - 80 fd de 0a 08 ec 2e 38 ...............8
000000000adefd34 01 00 00 00 10 be 00 3f - 24 00 00 00 01 00 00 00 .......?$.......
000000000adefd44 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000adefd54 00 00 00 00 00 00 00 00 - 00 00 00 00 18 02 00 00 ................
000000000adefd64 24 fe de 0a 40 c4 c5 0a - 48 00 00 00 bc fe de 0a [email protected].......
000000000adefd74 48 00 00 00 94 fd de 0a - 7c a0 17 38 70 be f9 ff H.......|..8p...
000000000adefd84 ff ff ff ff 00 40 fd 7f - 98 31 c2 0a 80 fd de 0a [email protected]......
000000000adefd94 60 fd de 0a 00 00 00 00 - 48 c4 c5 0a 01 00 00 00 `.......H.......
000000000adefda4 30 fd de 0a d8 fd de 0a - 6c ff de 0a 60 1a e6 77 0.......l...`..w
000000000adefdb4 f8 1f e6 77 00 00 00 00 - d8 fd de 0a be 2f e6 77 ...w........./.w
000000000adefdc4 01 00 00 00 f8 fd de 0a - 00 00 00 00 29 00 00 00 ............)...
000000000adefdd4 00 00 00 00 0c ff de 0a - 91 cb 00 3f 01 00 00 00 ...........?....
000000000adefde4 f8 fd de 0a 00 00 00 00 - 29 00 00 00 08 ec 2e 38 ........)......8
000000000adefdf4 01 00 00 00 18 02 00 00 - 90 82 82 7c 80 9f 82 7c ...........|...|
000000000adefe04 ff ff ff ff 79 9f 82 7c - 95 82 01 3f 00 00 bd 0a ....y..|...?....
000000000adefe14 00 00 00 00 b4 82 01 3f - f5 7d 18 a1 30 ba 03 3f .......?.}..0..?
000000000adefe24 98 31 c2 0a 40 ec 2e 38 - 80 09 02 3f 1c fe de 0a [email protected]...?....
000000000adefe34 71 1f 0f 38 00 00 00 00 - 01 00 00 00 40 ec 2e 38 [email protected]
000000000adefe44 60 1f c0 0a 5c fe de 0a - 68 ec 2e 38 40 ec 2e 38 `...\[email protected]
*----> State Dump for Thread Id 0x1cbc <----*
eax=71b258ab ebx=c0000000 ecx=00000000 edx=00000000 esi=00000000 edi=71b591fc
eip=7c82860c esp=0d5fff80 ebp=0d5fffb8 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
function: ntdll!KiFastSystemCallRet
7c8285bd 8bec mov ebp,esp
7c8285bf 83ec50 sub esp,0x50
7c8285c2 8944240c mov [esp+0xc],eax
7c8285c6 64a118000000 mov eax,fs:[00000018]
7c8285cc 8b80a4010000 mov eax,[eax+0x1a4]
7c8285d2 890424 mov [esp],eax
7c8285d5 c744240400000000 mov dword ptr [esp+0x4],0x0
7c8285dd c744240800000000 mov dword ptr [esp+0x8],0x0
7c8285e5 c744241000000000 mov dword ptr [esp+0x10],0x0
7c8285ed 54 push esp
7c8285ee e82c000000 call ntdll!RtlRaiseException (7c82861f)
7c8285f3 8b0424 mov eax,[esp]
7c8285f6 8be5 mov esp,ebp
7c8285f8 5d pop ebp
7c8285f9 c3 ret
7c8285fa 8da42400000000 lea esp,[esp]
7c828601 8da42400000000 lea esp,[esp]
ntdll!KiFastSystemCall:
7c828608 8bd4 mov edx,esp
7c82860a 0f34 sysenter
ntdll!KiFastSystemCallRet:
7c82860c c3 ret
7c82860d 8da42400000000 lea esp,[esp]
7c828614 8d642400 lea esp,[esp]
ntdll!KiIntSystemCall:
7c828618 8d542408 lea edx,[esp+0x8]
7c82861c cd2e int 2e
7c82861e c3 ret
ntdll!RtlRaiseException:
7c82861f 55 push ebp
7c828620 8bec mov ebp,esp
7c828622 8da42430fdffff lea esp,[esp-0x2d0]
7c828629 54 push esp
7c82862a e8b5010000 call ntdll!RtlCaptureContext (7c8287e4)
7c82862f 8b5504 mov edx,[ebp+0x4]
7c828632 8b4508 mov eax,[ebp+0x8]
7c828635 838424c400000004 add dword ptr [esp+0xc4],0x4
7c82863d 89500c mov [eax+0xc],edx
7c828640 c7042407000100 mov dword ptr [esp],0x10007
7c828647 64a130000000 mov eax,fs:[00000030]
7c82864d f64002ff test byte ptr [eax+0x2],0xff
7c828651 7519 jnz ntdll!RtlRaiseException+0x4d (7c82866c)
*----> Stack Back Trace <----*
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
0d5fffb8 77e6482f 71b259de 00000000 00000000 ntdll!KiFastSystemCallRet
0d5fffec 00000000 71b258ab 00166008 00000000 kernel32!GetModuleHandleA+0xdf
*----> Raw Stack Dump <----*
000000000d5fff80 f9 77 82 7c 14 59 b2 71 - e0 01 00 00 c0 ff 5f 0d .w.|.Y.q......_.
000000000d5fff90 b4 ff 5f 0d a8 ff 5f 0d - 60 59 b2 71 00 00 00 00 .._..._.`Y.q....
000000000d5fffa0 00 00 00 00 08 60 16 00 - 00 00 00 00 00 00 00 00 .....`..........
000000000d5fffb0 00 00 b2 71 e8 28 ff 00 - ec ff 5f 0d 2f 48 e6 77 ...q.(...._./H.w
000000000d5fffc0 de 59 b2 71 00 00 00 00 - 00 00 00 00 08 60 16 00 .Y.q.........`..
000000000d5fffd0 00 00 00 00 c4 ff 5f 0d - 8c 31 83 80 ff ff ff ff ......_..1......
000000000d5fffe0 60 1a e6 77 38 48 e6 77 - 00 00 00 00 00 00 00 00 `..w8H.w........
000000000d5ffff0 00 00 00 00 ab 58 b2 71 - 08 60 16 00 00 00 00 00 .....X.q.`......
000000000d600000 55 89 e5 50 51 68 b8 72 - be 07 b8 60 53 ba 07 ff U..PQh.r...`S...
000000000d600010 d0 81 c4 08 00 00 00 58 - 5d c2 00 00 58 5d c2 cd .......X]...X]..
000000000d600020 ab 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600030 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600040 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600050 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600060 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600070 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600080 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d600090 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d6000a0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
000000000d6000b0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
*----> State Dump for Thread Id 0x1a6c <----*
eax=07bf4420 ebx=0aacff98 ecx=00000000 edx=00000000 esi=00000280 edi=00000000
eip=7c82860c esp=099dff04 ebp=099dff74 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
function: ntdll!KiFastSystemCallRet
7c8285bd 8bec mov ebp,esp
7c8285bf 83ec50 sub esp,0x50
7c8285c2 8944240c mov [esp+0xc],eax
7c8285c6 64a118000000 mov eax,fs:[00000018]
7c8285cc 8b80a4010000 mov eax,[eax+0x1a4]
7c8285d2 890424 mov [esp],eax
7c8285d5 c744240400000000 mov dword ptr [esp+0x4],0x0
7c8285dd c744240800000000 mov dword ptr [esp+0x8],0x0
7c8285e5 c744241000000000 mov dword ptr [esp+0x10],0x0
7c8285ed 54 push esp
7c8285ee e82c000000 call ntdll!RtlRaiseException (7c82861f)
7c8285f3 8b0424 mov eax,[esp]
7c8285f6 8be5 mov esp,ebp
7c8285f8 5d pop ebp
7c8285f9 c3 ret
7c8285fa 8da42400000000 lea esp,[esp]
7c828601 8da42400000000 lea esp,[esp]
ntdll!KiFastSystemCall:
7c828608 8bd4 mov edx,esp
7c82860a 0f34 sysenter
ntdll!KiFastSystemCallRet:
7c82860c c3 ret
7c82860d 8da42400000000 lea esp,[esp]
7c828614 8d642400 lea esp,[esp]
ntdll!KiIntSystemCall:
7c828618 8d542408 lea edx,[esp+0x8]
7c82861c cd2e int 2e
7c82861e c3 ret
ntdll!RtlRaiseException:
7c82861f 55 push ebp
7c828620 8bec mov ebp,esp
7c828622 8da42430fdffff lea esp,[esp-0x2d0]
7c828629 54 push esp
7c82862a e8b5010000 call ntdll!RtlCaptureContext (7c8287e4)
7c82862f 8b5504 mov edx,[ebp+0x4]
7c828632 8b4508 mov eax,[ebp+0x8]
7c828635 838424c400000004 add dword ptr [esp+0xc4],0x4
7c82863d 89500c mov [eax+0xc],edx
7c828640 c7042407000100 mov dword ptr [esp],0x10007
7c828647 64a130000000 mov eax,fs:[00000030]
7c82864d f64002ff test byte ptr [eax+0x2],0xff
7c828651 7519 jnz ntdll!RtlRaiseException+0x4d (7c82866c)
*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Documents and Settings\Administrator\Desktop\zcarnage\sv\9\cstrike\addons\amxmodx\modules\mysql_amxx.dll -
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
099dff74 77e61c8d 00000280 ffffffff 00000000 ntdll!KiFastSystemCallRet
099dff88 07bf462c 00000280 ffffffff 07bf4338 kernel32!WaitForSingleObject+0x12
099dffec 00000000 07bf4420 0aacff98 00000000 mysql_amxx+0x462c
*----> Raw Stack Dump <----*
00000000099dff04 29 7d 82 7c 1e 1d e6 77 - 80 02 00 00 00 00 00 00 )}.|...w........
00000000099dff14 00 00 00 00 00 00 00 00 - 84 fd ac 0a 98 ff ac 0a ................
00000000099dff24 24 00 00 00 01 00 00 00 - 00 00 00 00 00 00 00 00 $...............
00000000099dff34 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000099dff44 00 00 00 00 68 8c 94 b9 - 78 e9 be 8a 00 40 fd 7f ....h...x....@..
00000000099dff54 00 00 00 00 00 00 00 00 - 18 ff 9d 09 00 00 00 00 ................
00000000099dff64 dc ff 9d 09 60 1a e6 77 - 48 1d e6 77 00 00 00 00 ....`..wH..w....
00000000099dff74 88 ff 9d 09 8d 1c e6 77 - 80 02 00 00 ff ff ff ff .......w........
00000000099dff84 00 00 00 00 ec ff 9d 09 - 2c 46 bf 07 80 02 00 00 ........,F......
00000000099dff94 ff ff ff ff 38 43 bf 07 - 00 00 00 00 98 ff ac 0a ....8C..........
00000000099dffa4 34 44 bf 07 98 ff ac 0a - 00 00 00 00 00 00 00 00 4D..............
00000000099dffb4 c9 77 82 7c 44 fb 82 7c - 2f 48 e6 77 98 ff ac 0a .w.|D..|/H.w....
00000000099dffc4 00 00 00 00 00 00 00 00 - 98 ff ac 0a 00 00 00 00 ................
00000000099dffd4 c4 ff 9d 09 8c 31 83 80 - ff ff ff ff 60 1a e6 77 .....1......`..w
00000000099dffe4 38 48 e6 77 00 00 00 00 - 00 00 00 00 00 00 00 00 8H.w............
00000000099dfff4 20 44 bf 07 98 ff ac 0a - 00 00 00 00 55 89 e5 50 D..........U..P
00000000099e0004 ff 75 08 51 68 28 74 be - 07 b8 e0 5b ba 07 ff d0 .u.Qh(t....[....
00000000099e0014 81 c4 0c 00 00 00 58 5d - c2 04 00 58 5d c2 cd ab ......X]...X]...
00000000099e0024 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
00000000099e0034 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
|
|