kd> !analyze -vConnected to Windows 10 18362 x64 target at (Sun Oct 31 13:02:3

1. kd> !analyze -v
2. Connected to Windows 10 18362 x64 target at (Sun Oct 31 13:02:30.612 2021 (UTC - 4:00)), ptr64 TRUE
3. Loading Kernel Symbols
4. ...............................................................
5. ................................................................
6. .........................................................
7. Loading User Symbols
8. .................................
9. Loading unloaded module list
10. ......
11. *******************************************************************************
12. * *
13. * Bugcheck Analysis *
14. * *
15. *******************************************************************************
16.  
17. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
18. An attempt was made to access a pageable (or completely invalid) address at an
19. interrupt request level (IRQL) that is too high. This is usually
20. caused by drivers using improper addresses.
21. If kernel debugger is available get stack backtrace.
22. Arguments:
23. Arg1: fffff80700000000, memory referenced
24. Arg2: 0000000000000002, IRQL
25. Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
26. Arg4: fffff80700000000, address which referenced memory
27.  
28. Debugging Details:
29. ------------------
30.  
31.  
32. KEY_VALUES_STRING: 1
33.  
34. Key : Analysis.CPU.mSec
35. Value: 4531
36.  
37. Key : Analysis.DebugAnalysisManager
38. Value: Create
39.  
40. Key : Analysis.Elapsed.mSec
41. Value: 24413
42.  
43. Key : Analysis.Init.CPU.mSec
44. Value: 3421
45.  
46. Key : Analysis.Init.Elapsed.mSec
47. Value: 172576
48.  
49. Key : Analysis.Memory.CommitPeak.Mb
50. Value: 70
51.  
52. Key : WER.OS.Branch
53. Value: 19h1_release
54.  
55. Key : WER.OS.Timestamp
56. Value: 2019-03-18T12:02:00Z
57.  
58. Key : WER.OS.Version
59. Value: 10.0.18362.1
60.  
61.  
62. BUGCHECK_CODE: d1
63.  
64. BUGCHECK_P1: fffff80700000000
65.  
66. BUGCHECK_P2: 2
67.  
68. BUGCHECK_P3: 8
69.  
70. BUGCHECK_P4: fffff80700000000
71.  
72. READ_ADDRESS: fffff80700000000
73.  
74. PROCESS_NAME: hyperdbg-cli.exe
75.  
76. DPC_STACK_BASE: FFFFF8074286BFB0
77.  
78. TRAP_FRAME: fffff8073c08a4f0 -- (.trap 0xfffff8073c08a4f0)
79. NOTE: The trap frame does not contain all registers.
80. Some register values may be zeroed or incorrect.
81. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
82. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
83. rip=03b900000001ba00 rsp=e9c000000d342444 rbp=3d0d8d4c20244489
84. r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
85. r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
86. r14=0000000000000000 r15=0000000000000000
87. iopl=0 nv up di pl nz ac pe cy
88. 03b90000`0001ba00 ?? ???
89. Resetting default scope
90.  
91. BAD_STACK_POINTER: e9c000000d342444
92.  
93. FAILED_INSTRUCTION_ADDRESS:
94. +0
95. fffff807`00000000 ?? ???
96.  
97. STACK_TEXT:
98. fffff807`4286b1b8 fffff807`3d0a6492 : fffff807`00000000 00000000`00000003 fffff807`4286b320 fffff807`3cf24f20 : nt!DbgBreakPointWithStatus
99. fffff807`4286b1c0 fffff807`3d0a5b82 : 00000000`00000003 fffff807`4286b320 fffff807`3cfd0ce0 00000000`000000d1 : nt!KiBugCheckDebugBreak+0x12
100. fffff807`4286b220 fffff807`3cfbc917 : ffffda8f`08402280 00000029`000f0000 fffff807`3b07bf80 fffff807`3ce36b33 : nt!KeBugCheck2+0x952
101. fffff807`4286b920 fffff807`3cfce469 : 00000000`0000000a fffff807`00000000 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx+0x107
102. fffff807`4286b960 fffff807`3cfca7a5 : 00000000`00000000 00000000`00000000 ffffda8f`09094970 ffffda8f`098135aa : nt!KiBugCheckDispatch+0x69
103. fffff807`4286baa0 fffff807`00000000 : fffff807`3cec1185 fffff807`3b079180 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x465
104. fffff807`4286bc38 fffff807`3cec1185 : fffff807`3b079180 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffff807`00000000
105. fffff807`4286bc40 fffff807`3cec07df : 00000000`00000004 00000000`00989680 fffff807`4286be80 00000000`000000dd : nt!KiExecuteAllDpcs+0x305
106. fffff807`4286bd80 fffff807`3cfc3755 : 00000000`00000000 fffff807`3b079180 fffff807`3d920cf0 ffffda8f`0de2d930 : nt!KiRetireDpcList+0x1ef
107. fffff807`4286bfb0 fffff807`3cfc3540 : 00000000`00000050 fffff807`3cfc2df1 00000000`01000010 00000000`00000282 : nt!KxRetireDpcList+0x5
108. ffffc58f`170994b0 fffff807`3cfc2e05 : ffffda8f`0de2d930 fffff807`3cfbe831 ffffda8f`0c7fbc30 ffffc58f`17099570 : nt!KiDispatchInterruptContinue
109. ffffc58f`170994e0 fffff807`3cfbe831 : ffffda8f`0c7fbc30 ffffc58f`17099570 fffff807`3d920cf0 00000000`00000000 : nt!KiDpcInterruptBypass+0x25
110. ffffc58f`170994f0 fffff807`3c071315 : 00000000`00000000 00000000`00000000 fffff807`3c08a4f0 00000000`00040246 : nt!KiInterruptDispatchNoLockNoEtw+0xb1
111. ffffc58f`17099688 00000000`00000000 : 00000000`00000000 fffff807`3c08a4f0 00000000`00040246 fffff807`3c08337b : hprdbghv!AsmVmxVmcall+0x25 [C:\Users\surge\Desktop\Tools\HyperDbg\hyperdbg\hprdbghv\code\assembly\AsmVmxOperation.asm @ 34]
112.  
113.  
114. SYMBOL_NAME: nt!KiPageFault+465
115.  
116. MODULE_NAME: nt
117.  
118. IMAGE_NAME: ntkrnlmp.exe
119.  
120. STACK_COMMAND: .thread ; .cxr ; kb
121.  
122. BUCKET_ID_FUNC_OFFSET: 465
123.  
124. FAILURE_BUCKET_ID: AV_CODE_AV_STACKPTR_ERROR_BAD_IP_nt!KiPageFault
125.  
126. OS_VERSION: 10.0.18362.1
127.  
128. BUILDLAB_STR: 19h1_release
129.  
130. OSPLATFORM_TYPE: x64
131.  
132. OSNAME: Windows 10
133.  
134. FAILURE_ID_HASH: {34f9cbc0-1550-7c88-9b48-00dd756e07ce}
135.  
136. Followup: MachineOwner
137. ---------
138.