IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ffffcf08639560f8, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8067d9ab6e6, address which referenced memory
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for FACEIT.sys
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 13
Key : Analysis.Elapsed.Sec
Value: 41
Key : Analysis.Memory.CommitPeak.Mb
Value: 69
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
DUMP_TYPE: 2
BUGCHECK_P1: ffffcf08639560f8
BUGCHECK_P2: 2
BUGCHECK_P3: 0
BUGCHECK_P4: fffff8067d9ab6e6
READ_ADDRESS: fffff8067d96e3b0: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
unable to get nt!MmSpecialPagesInUse
ffffcf08639560f8
CURRENT_IRQL: 2
FAULTING_IP:
nt!ExQuerySystemLockInformation+a2
fffff806`7d9ab6e6 488b8050060000 mov rax,qword ptr [rax+650h]
CPU_COUNT: 4
CPU_MHZ: bb8
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 9e
CPU_STEPPING: 9
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: System
ANALYSIS_SESSION_HOST: DESKTOP-I8FA0KP
ANALYSIS_SESSION_TIME: 08-06-2019 14:47:32.0628
ANALYSIS_VERSION: 10.0.18914.1001 amd64fre
TRAP_FRAME: ffffe80fca9eeab0 -- (.trap 0xffffe80fca9eeab0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffcf0863955aa8 rbx=0000000000000000 rcx=ffffcf0863955aa8
rdx=ffffcf0863955a78 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8067d9ab6e6 rsp=ffffe80fca9eec40 rbp=000000000016de58
r8=fffff8067d82c3f0 r9=0000000000000004 r10=fffffb0000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
nt!ExQuerySystemLockInformation+0xa2:
fffff806`7d9ab6e6 488b8050060000 mov rax,qword ptr [rax+650h] ds:ffffcf08`639560f8=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8067d5ce6e9 to fffff8067d5bc900
STACK_TEXT:
ffffe80f`ca9ee968 fffff806`7d5ce6e9 : 00000000`0000000a ffffcf08`639560f8 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffe80f`ca9ee970 fffff806`7d5caa2b : ffffcf08`52caff00 fffff806`7d497e66 ffff1dab`00000000 00001f80`00170200 : nt!KiBugCheckDispatch+0x69
ffffe80f`ca9eeab0 fffff806`7d9ab6e6 : ffff8380`fff7c008 00000000`00000008 ffffe80f`ca9eefa0 ffffe80f`ca9eece8 : nt!KiPageFault+0x46b
ffffe80f`ca9eec40 fffff806`7dd062b7 : ffffe80f`ca9eed00 ffffe80f`ca9eefa0 00000000`00000000 00000000`00000000 : nt!ExQuerySystemLockInformation+0xa2
ffffe80f`ca9eec90 fffff806`7dbac37e : ffffcf08`56010000 ffffe80f`ca9eedc8 ffff8380`fff7c000 ffffcf08`5e398050 : nt!ExpGetLockInformation+0x53
ffffe80f`ca9eecd0 fffff806`7d9e377b : 00000000`00040286 00000000`00040203 ffffcf08`56010000 00000000`00040286 : nt!ExpQuerySystemInformation+0x1c8ade
ffffe80f`ca9eeee0 fffff806`7d5ce115 : 00000000`00000001 ffffcf08`56010000 fffff806`d17c62b2 ffffcf08`5c7c95a0 : nt!NtQuerySystemInformation+0x2b
ffffe80f`ca9eef20 fffff806`7d5c06c0 : fffff806`d17ad49a ffffcf08`59a55150 ffffe80f`ca9ef240 ffffcf08`5c7c95a0 : nt!KiSystemServiceCopyEnd+0x25
ffffe80f`ca9ef0b8 fffff806`d17ad49a : ffffcf08`59a55150 ffffe80f`ca9ef240 ffffcf08`5c7c95a0 ffffe80f`00000000 : nt!KiServiceLinkage
ffffe80f`ca9ef0c0 ffffcf08`59a55150 : ffffe80f`ca9ef240 ffffcf08`5c7c95a0 ffffe80f`00000000 ffffcf08`59b02000 : FACEIT+0xe7d49a
ffffe80f`ca9ef0c8 ffffe80f`ca9ef240 : ffffcf08`5c7c95a0 ffffe80f`00000000 ffffcf08`59b02000 fffff806`d17a1756 : 0xffffcf08`59a55150
ffffe80f`ca9ef0d0 ffffcf08`5c7c95a0 : ffffe80f`00000000 ffffcf08`59b02000 fffff806`d17a1756 00000000`0016de58 : 0xffffe80f`ca9ef240
ffffe80f`ca9ef0d8 ffffe80f`00000000 : ffffcf08`59b02000 fffff806`d17a1756 00000000`0016de58 00000000`00040202 : 0xffffcf08`5c7c95a0
ffffe80f`ca9ef0e0 ffffcf08`59b02000 : fffff806`d17a1756 00000000`0016de58 00000000`00040202 00000000`00040286 : 0xffffe80f`00000000
ffffe80f`ca9ef0e8 fffff806`d17a1756 : 00000000`0016de58 00000000`00040202 00000000`00040286 ffffe80f`ca9ef0f0 : 0xffffcf08`59b02000
ffffe80f`ca9ef0f0 00000000`0016de58 : 00000000`00040202 00000000`00040286 ffffe80f`ca9ef0f0 ffffcf08`579f5000 : FACEIT+0xe71756
ffffe80f`ca9ef0f8 00000000`00040202 : 00000000`00040286 ffffe80f`ca9ef0f0 ffffcf08`579f5000 ffff9708`868f8310 : 0x16de58
ffffe80f`ca9ef100 00000000`00040286 : ffffe80f`ca9ef0f0 ffffcf08`579f5000 ffff9708`868f8310 00000000`00000002 : 0x40202
ffffe80f`ca9ef108 ffffe80f`ca9ef0f0 : ffffcf08`579f5000 ffff9708`868f8310 00000000`00000002 ffffffff`8000473c : 0x40286
ffffe80f`ca9ef110 ffffcf08`579f5000 : ffff9708`868f8310 00000000`00000002 ffffffff`8000473c ffffcf08`5c7c95a0 : 0xffffe80f`ca9ef0f0
ffffe80f`ca9ef118 ffff9708`868f8310 : 00000000`00000002 ffffffff`8000473c ffffcf08`5c7c95a0 fffff806`d17995c7 : 0xffffcf08`579f5000
ffffe80f`ca9ef120 00000000`00000002 : ffffffff`8000473c ffffcf08`5c7c95a0 fffff806`d17995c7 fffff806`000010e5 : 0xffff9708`868f8310
ffffe80f`ca9ef128 ffffffff`8000473c : ffffcf08`5c7c95a0 fffff806`d17995c7 fffff806`000010e5 ffffcf08`59b02000 : 0x2
ffffe80f`ca9ef130 ffffcf08`5c7c95a0 : fffff806`d17995c7 fffff806`000010e5 ffffcf08`59b02000 ffffe80f`ca9ef240 : 0xffffffff`8000473c
ffffe80f`ca9ef138 fffff806`d17995c7 : fffff806`000010e5 ffffcf08`59b02000 ffffe80f`ca9ef240 ffffcf08`5c7c95a0 : 0xffffcf08`5c7c95a0
ffffe80f`ca9ef140 fffff806`000010e5 : ffffcf08`59b02000 ffffe80f`ca9ef240 ffffcf08`5c7c95a0 00000000`00000000 : FACEIT+0xe695c7
ffffe80f`ca9ef148 ffffcf08`59b02000 : ffffe80f`ca9ef240 ffffcf08`5c7c95a0 00000000`00000000 00000000`00000000 : 0xfffff806`000010e5
ffffe80f`ca9ef150 ffffe80f`ca9ef240 : ffffcf08`5c7c95a0 00000000`00000000 00000000`00000000 ffff1dab`00000000 : 0xffffcf08`59b02000
ffffe80f`ca9ef158 ffffcf08`5c7c95a0 : 00000000`00000000 00000000`00000000 ffff1dab`00000000 ffffcf08`00001010 : 0xffffe80f`ca9ef240
ffffe80f`ca9ef160 00000000`00000000 : 00000000`00000000 ffff1dab`00000000 ffffcf08`00001010 fffff806`7d863700 : 0xffffcf08`5c7c95a0
THREAD_SHA1_HASH_MOD_FUNC: b471a6d4e2a73bdba6884f2b9020a4e82e670906
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 9ddc86d83f7028283c145c000654935e3693c45d
THREAD_SHA1_HASH_MOD: 1033c61804bfb103299dcba1922ce272d5c7d12d
FOLLOWUP_IP:
FACEIT+e7d49a
fffff806`d17ad49a 68a3213ee0 push 0FFFFFFFFE03E21A3h
FAULT_INSTR_CODE: 3e21a368
SYMBOL_STACK_INDEX: 9
SYMBOL_NAME: FACEIT+e7d49a
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: FACEIT
IMAGE_NAME: FACEIT.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5d47e407
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: e7d49a
FAILURE_BUCKET_ID: AV_FACEIT!unknown_function
BUCKET_ID: AV_FACEIT!unknown_function
PRIMARY_PROBLEM_CLASS: AV_FACEIT!unknown_function
TARGET_TIME: 2019-08-05T22:46:15.000Z
OSBUILD: 18362
OSSERVICEPACK: 239
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 1972-02-02 11:33:06
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: a336
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_faceit!unknown_function
FAILURE_ID_HASH: {44e6f20c-7ace-d9ee-735b-d9e711e96ad0}
Followup: MachineOwner
