3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ffffd40b39618a23, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff805670891a4, address which referenced memory
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for vgk.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2733
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 13241
Key : Analysis.Init.CPU.mSec
Value: 733
Key : Analysis.Init.Elapsed.mSec
Value: 13879
Key : Analysis.Memory.CommitPeak.Mb
Value: 76
Key : WER.OS.Branch
Value: vb_release
Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z
Key : WER.OS.Version
Value: 10.0.19041.1
BUGCHECK_CODE: a
BUGCHECK_P1: ffffd40b39618a23
BUGCHECK_P2: 2
BUGCHECK_P3: 0
BUGCHECK_P4: fffff805670891a4
READ_ADDRESS: fffff80567afb390: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
unable to get nt!MmSpecialPagesInUse
ffffd40b39618a23
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: VALORANT-Win64-Shipping.exe
TRAP_FRAME: ffffd08a44db1500 -- (.trap 0xffffd08a44db1500)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=fffff80566e00000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff805670891a4 rsp=ffffd08a44db1690 rbp=ffffd08a44db17c0
r8=0000000000000001 r9=0000000000000001 r10=ffffe50554f438a8
r11=0000000000000076 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
nt!ExFreeHeapPool+0x124:
fffff805`670891a4 f646f304 test byte ptr [rsi-0Dh],4 ds:ffffffff`fffffff3=??
Resetting default scope
STACK_TEXT:
ffffd08a`44db13b8 fffff805`67209269 : 00000000`0000000a ffffd40b`39618a23 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffd08a`44db13c0 fffff805`67205569 : ffffd08a`44db15c0 ffffd40b`3a3a7da8 00000000`00000000 ffffe505`54f43300 : nt!KiBugCheckDispatch+0x69
ffffd08a`44db1500 fffff805`670891a4 : 00000000`00040283 00000000`00000001 00000000`00000000 fffff805`72bf0000 : nt!KiPageFault+0x469
ffffd08a`44db1690 fffff805`677b1149 : ffffd08a`44db17c0 00000000`00000700 00000000`00000004 01000000`00100000 : nt!ExFreeHeapPool+0x124
ffffd08a`44db1770 fffff805`733c2a34 : 00000000`000007e4 ffffe505`54f43300 fffff805`72bf0000 00000000`00000008 : nt!ExFreePool+0x9
ffffd08a`44db17a0 00000000`000007e4 : ffffe505`54f43300 fffff805`72bf0000 00000000`00000008 fffff805`72bf0000 : vgk+0x7d2a34
ffffd08a`44db17a8 ffffe505`54f43300 : fffff805`72bf0000 00000000`00000008 fffff805`72bf0000 00000000`00000001 : 0x7e4
ffffd08a`44db17b0 fffff805`72bf0000 : 00000000`00000008 fffff805`72bf0000 00000000`00000001 00000000`00000000 : 0xffffe505`54f43300
ffffd08a`44db17b8 00000000`00000008 : fffff805`72bf0000 00000000`00000001 00000000`00000000 00000000`000007e4 : vgk
ffffd08a`44db17c0 fffff805`72bf0000 : 00000000`00000001 00000000`00000000 00000000`000007e4 ffffd08a`44db1840 : 0x8
ffffd08a`44db17c8 00000000`00000001 : 00000000`00000000 00000000`000007e4 ffffd08a`44db1840 fffff805`7337b6f0 : vgk
ffffd08a`44db17d0 00000000`00000000 : 00000000`000007e4 ffffd08a`44db1840 fffff805`7337b6f0 fffff805`670d7a50 : 0x1
SYMBOL_NAME: nt!ExFreePool+9
IMAGE_NAME: Pool_Corruption
IMAGE_VERSION: 10.0.19041.1466
MODULE_NAME: Pool_Corruption
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 9
FAILURE_BUCKET_ID: AV_nt!ExFreePool
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {2ae0a97e-dcd7-47ef-dbfb-430f2cbf58a1}
Followup:
Pool_corruption
---------
3: kd> !thread
THREAD ffffe50557889300 Cid 07e4.1ce8 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 3
Not impersonating
GetUlongFromAddress: unable to read from fffff80567a1150c
Owning Process ffffe50554f43300 Image: VALORANT-Win64-Shipping.exe
Attached Process N/A Image: N/A
fffff78000000000: Unable to get shared data
Wait Start TickCount 33402695
Context Switch Count 4159092 IdealProcessor: 3
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
UserTime 00:00:00.000
KernelTime 00:00:00.000
Win32 Start Address 0x00007ff7f0e8d000
Stack Init ffffd08a44db1c90 Current ffffd08a44daf060
Base ffffd08a44db2000 Limit ffffd08a44dac000 Call 0000000000000000
Priority 10 BasePriority 9 PriorityDecrement 0 IoPriority 2 PagePriority 5
Child-SP RetAddr : Args to Child : Call Site
ffffd08a`44db13b8 fffff805`67209269 : 00000000`0000000a ffffd40b`39618a23 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffd08a`44db13c0 fffff805`67205569 : ffffd08a`44db15c0 ffffd40b`3a3a7da8 00000000`00000000 ffffe505`54f43300 : nt!KiBugCheckDispatch+0x69
ffffd08a`44db1500 fffff805`670891a4 : 00000000`00040283 00000000`00000001 00000000`00000000 fffff805`72bf0000 : nt!KiPageFault+0x469 (TrapFrame @ ffffd08a`44db1500)
ffffd08a`44db1690 fffff805`677b1149 : ffffd08a`44db17c0 00000000`00000700 00000000`00000004 01000000`00100000 : nt!ExFreeHeapPool+0x124
ffffd08a`44db1770 fffff805`733c2a34 : 00000000`000007e4 ffffe505`54f43300 fffff805`72bf0000 00000000`00000008 : nt!ExFreePool+0x9
ffffd08a`44db17a0 00000000`000007e4 : ffffe505`54f43300 fffff805`72bf0000 00000000`00000008 fffff805`72bf0000 : vgk+0x7d2a34
ffffd08a`44db17a8 ffffe505`54f43300 : fffff805`72bf0000 00000000`00000008 fffff805`72bf0000 00000000`00000001 : 0x7e4
ffffd08a`44db17b0 fffff805`72bf0000 : 00000000`00000008 fffff805`72bf0000 00000000`00000001 00000000`00000000 : 0xffffe505`54f43300
ffffd08a`44db17b8 00000000`00000008 : fffff805`72bf0000 00000000`00000001 00000000`00000000 00000000`000007e4 : vgk
ffffd08a`44db17c0 fffff805`72bf0000 : 00000000`00000001 00000000`00000000 00000000`000007e4 ffffd08a`44db1840 : 0x8
ffffd08a`44db17c8 00000000`00000001 : 00000000`00000000 00000000`000007e4 ffffd08a`44db1840 fffff805`7337b6f0 : vgk
ffffd08a`44db17d0 00000000`00000000 : 00000000`000007e4 ffffd08a`44db1840 fffff805`7337b6f0 fffff805`670d7a50 : 0x1