Id: AVR:Arbitrary chrome.exe!verifier.dll!AVrfpDphFindBusyMemoryNoCheck 27DAF4
Description: Access violation while reading memory at 0xDEADBECF using an invalid pointer
Process binary: chrome.exe
Location: verifier.dll!AVrfpDphFindBusyMemoryNoCheck + 0xB8
Security impact: Potentially exploitable security issue
verifier.dll!AVrfpDphFindBusyMemoryNoCheck + 0xB8 (27 in id)
verifier.dll!AVrfpDphFindBusyMemory + 0x15 (DA in id)
verifier.dll!AVrfpDphFindBusyMemoryAndRemoveFromBusyList + 0x20 (F4 in id)
verifier.dll!AVrfDebugPageHeapFree + 0x90
ntdll.dll!RtlDebugFreeHeap + 0x3C
ntdll.dll!RtlpFreeHeap + 0x44B2F (this symbol may not be correct)
ntdll.dll!RtlFreeHeap + 0x1B6
msvcrt.dll!free + 0x65
msvcrt.dll!_freefls + 0x25
ntdll.dll!RtlProcessFlsData + 0xF8
ntdll.dll!LdrShutdownThread + 0x32
ntdll.dll!RtlExitUserThread + 0x4C
KERNEL32.DLL!BaseThreadInitThunk + 0x2B
ntdll.dll!__RtlUserThreadStart + 0x2F
ntdll.dll!_RtlUserThreadStart + 0x1B
Image path: chrome.exe
Image name: chrome.exe
Timestamp: Sun Aug 23 13:56:58 2015 (55D9B50A)
CheckSum: 000CF55A
ImageSize: 000CC000
File version: 46.0.2490.4
Product version: 46.0.2490.4
File flags: 0 (Mask 17)
File OS: 4 Unknown Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Google Inc.
ProductName: Google Chrome
InternalName: chrome_exe
OriginalFilename: chrome.exe
ProductVersion: 46.0.2490.4
FileVersion: 46.0.2490.4
FileDescription: Google Chrome
LegalCopyright: Copyright 2014 Google Inc. All rights reserved.
Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://J3:28876 --disable-default-apps --disable-extensions --disable-popup-blocking --disable-prompt-on-repost --force-renderer-accessibility --no-sandbox
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://symbols.mozilla.org/firefox
Deferred srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://symbols.mozilla.org/firefox;srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Executable search path is:
ModLoad: 00000000`00b30000 00000000`00bfc000 chrome.exe
ModLoad: 00007ff8`92a10000 00007ff8`92bbc000 ntdll.dll
ModLoad: 00000000`776d0000 00000000`7783e000 ntdll.dll
ModLoad: 00000000`00a40000 00000000`00aac000 C:\Windows\system32\verifier.dll
Page heap: pid 0x1BFC: page heap enabled with flags 0x3.
ModLoad: 00000000`77680000 00000000`776cb000 C:\Windows\SYSTEM32\wow64.dll
ModLoad: 00000000`77610000 00000000`77678000 C:\Windows\system32\wow64win.dll
ModLoad: 00000000`77600000 00000000`77609000 C:\Windows\system32\wow64cpu.dll
(1bfc.2048): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00007ff8`92ad1970 cc int 3
0:000> |.
. 0 id: 1bfc create name: chrome.exe
0:000> .childdbg 1
Processes created by the current process will be debugged
0:000> !gflag
Current NtGlobalFlag contents: 0x02100000
scb - Enable system critical breaks
hpa - Place heap allocations at ends of pages
0:000> sxe 0x80000001
0:000> sxe 0x80000002
0:000> sxe 0xC0000005
0:000> sxe 0xC0000006
0:000> sxe 0xC000001D
0:000> sxe 0xC000008C
0:000> sxe 0xC0000096
0:000> sxe 0xC0000409
0:000> sxe 0xC0000602
0:000> sxd *
0:000> sxd asrt
0:000> sxd aph
0:000> sxd bpe
0:000> sxd dz
0:000> sxd eh
0:000> sxd iov
0:000> sxd isc
0:000> sxd lsq
0:000> sxd sov
0:000> sxd sse
0:000> sxd ssec
0:000> sxd vcpp
0:000> sxd wkd
0:000> sxd wob
0:000> sxd wos
0:000> sxi ch
0:000> sxi hc
0:000> sxi ibp
0:000> sxi ld
0:000> sxi ud
0:000> sxi wos
0:000> sxe cpr
0:000> sxe epr
0:000> g
Page heap: pid 0x1BFC: page heap enabled with flags 0x3.
(1bfc.2048): WOW64 breakpoint - code 4000001f (first chance)
(1bfc.2070): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2048): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1e98): Visual C++ exception - code 406d1388 (first chance)
(1bfc.204c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.204c): Unknown exception - code 000006a6 (first chance)
(1bfc.2250): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1458): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1da0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1054): Visual C++ exception - code 406d1388 (first chance)
(1bfc.193c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.d54): Visual C++ exception - code 406d1388 (first chance)
(1bfc.18f4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1eac): Visual C++ exception - code 406d1388 (first chance)
(1bfc.d5c): Visual C++ exception - code 406d1388 (first chance)
Application "\??\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" found in cache
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://symbols.mozilla.org/firefox
Deferred srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://symbols.mozilla.org/firefox;srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Executable search path is:
00007ff8`92a25420 48895c2408 mov qword ptr [rsp+8],rbx ss:00000000`006df870=0000000000000000
1:016> .lastevent
Last event: 203c.a9c: Create process 1:203c
debugger time: Thu Aug 27 01:34:52.506 2015 (UTC + 2:00)
1:016> |.
. 1 id: 203c child name: chrome.exe
1:016> g
Page heap: pid 0x203C: page heap enabled with flags 0x3.
(1bfc.1834): Visual C++ exception - code 406d1388 (first chance)
Page heap: pid 0x203C: page heap enabled with flags 0x3.
(203c.d58): Visual C++ exception - code 406d1388 (first chance)
(203c.a9c): Visual C++ exception - code 406d1388 (first chance)
(203c.4d8): Visual C++ exception - code 406d1388 (first chance)
(203c.236c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.c84): Visual C++ exception - code 406d1388 (first chance)
(1bfc.12e0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1b74): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2170): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1828): Visual C++ exception - code 406d1388 (first chance)
(1bfc.748): Visual C++ exception - code 406d1388 (first chance)
(1bfc.8c): Visual C++ exception - code 406d1388 (first chance)
Application "\??\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" found in cache
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols
Deferred srv*\\server\Symbols*http://symbols.mozilla.org/firefox
Deferred srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://msdl.microsoft.com/download/symbols;srv*\\server\Symbols*http://symbols.mozilla.org/firefox;srv*\\server\Symbols*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Executable search path is:
00007ff8`92a25420 48895c2408 mov qword ptr [rsp+8],rbx ss:00000000`006ff8d0=0000000000000000
2:032> .lastevent
Last event: 1334.2274: Create process 2:1334
debugger time: Thu Aug 27 01:34:53.591 2015 (UTC + 2:00)
2:032> |.
. 2 id: 1334 child name: chrome.exe
2:032> g
Page heap: pid 0x1334: page heap enabled with flags 0x3.
Page heap: pid 0x1334: page heap enabled with flags 0x3.
(1334.17e8): Visual C++ exception - code 406d1388 (first chance)
(1334.2274): Visual C++ exception - code 406d1388 (first chance)
(1334.660): Visual C++ exception - code 406d1388 (first chance)
(1334.1ab4): Visual C++ exception - code 406d1388 (first chance)
(1334.1cb0): Visual C++ exception - code 406d1388 (first chance)
(1334.2074): Visual C++ exception - code 406d1388 (first chance)
(1bfc.22d0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1de8): Visual C++ exception - code 406d1388 (first chance)
(203c.164c): Visual C++ exception - code 406d1388 (first chance)
(1334.2368): Visual C++ exception - code 406d1388 (first chance)
(1334.194c): Visual C++ exception - code 406d1388 (first chance)
(1334.14ec): Visual C++ exception - code 406d1388 (first chance)
(1334.16f8): Visual C++ exception - code 406d1388 (first chance)
(1334.1e60): Visual C++ exception - code 406d1388 (first chance)
(1bfc.f24): Visual C++ exception - code 406d1388 (first chance)
(1334.118c): Visual C++ exception - code 406d1388 (first chance)
(1334.1fd0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.c34): Visual C++ exception - code 406d1388 (first chance)
(1334.1fd8): Visual C++ exception - code 406d1388 (first chance)
(1334.550): Visual C++ exception - code 406d1388 (first chance)
(1bfc.524): Visual C++ exception - code 406d1388 (first chance)
(1334.1bc8): Visual C++ exception - code 406d1388 (first chance)
(1334.20d4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1384): Visual C++ exception - code 406d1388 (first chance)
(1334.1ab8): Visual C++ exception - code 406d1388 (first chance)
(1334.6f4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1ffc): Visual C++ exception - code 406d1388 (first chance)
(1334.ce4): Visual C++ exception - code 406d1388 (first chance)
(1334.1714): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1340): Visual C++ exception - code 406d1388 (first chance)
(1334.1ddc): Visual C++ exception - code 406d1388 (first chance)
(1334.13c8): Visual C++ exception - code 406d1388 (first chance)
(1bfc.8c0): Visual C++ exception - code 406d1388 (first chance)
(1334.195c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1f58): Visual C++ exception - code 406d1388 (first chance)
(1334.1b94): Visual C++ exception - code 406d1388 (first chance)
(1334.20fc): Visual C++ exception - code 406d1388 (first chance)
(1334.d44): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2374): Visual C++ exception - code 406d1388 (first chance)
(1334.1290): Visual C++ exception - code 406d1388 (first chance)
(1334.1614): Visual C++ exception - code 406d1388 (first chance)
(1bfc.108c): Visual C++ exception - code 406d1388 (first chance)
(1334.1c20): Visual C++ exception - code 406d1388 (first chance)
(1334.1630): Visual C++ exception - code 406d1388 (first chance)
(1bfc.17fc): Visual C++ exception - code 406d1388 (first chance)
(1334.60): Visual C++ exception - code 406d1388 (first chance)
(1334.1c18): Visual C++ exception - code 406d1388 (first chance)
(1bfc.20b4): Visual C++ exception - code 406d1388 (first chance)
(1334.15a8): Visual C++ exception - code 406d1388 (first chance)
(1334.1274): Visual C++ exception - code 406d1388 (first chance)
(1bfc.18c): Visual C++ exception - code 406d1388 (first chance)
(1334.15d0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1e08): Visual C++ exception - code 406d1388 (first chance)
(1334.21e8): Visual C++ exception - code 406d1388 (first chance)
(1334.1878): Visual C++ exception - code 406d1388 (first chance)
(1334.1bf0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.9ac): Visual C++ exception - code 406d1388 (first chance)
(1334.1dcc): Visual C++ exception - code 406d1388 (first chance)
(1334.1778): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1cb8): Visual C++ exception - code 406d1388 (first chance)
(1334.2348): Visual C++ exception - code 406d1388 (first chance)
(1bfc.122c): Visual C++ exception - code 406d1388 (first chance)
(1334.c50): Visual C++ exception - code 406d1388 (first chance)
(1334.21c0): Visual C++ exception - code 406d1388 (first chance)
(1334.126c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.a3c): Visual C++ exception - code 406d1388 (first chance)
(1334.1f38): Visual C++ exception - code 406d1388 (first chance)
(1334.1dd8): Visual C++ exception - code 406d1388 (first chance)
(1bfc.b44): Visual C++ exception - code 406d1388 (first chance)
(1334.6c4): Visual C++ exception - code 406d1388 (first chance)
(1334.2398): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1b68): Visual C++ exception - code 406d1388 (first chance)
(1334.360): Visual C++ exception - code 406d1388 (first chance)
(1334.1d10): Visual C++ exception - code 406d1388 (first chance)
(1bfc.10ec): Visual C++ exception - code 406d1388 (first chance)
(1334.8a8): Visual C++ exception - code 406d1388 (first chance)
(1334.1de4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.10f4): Visual C++ exception - code 406d1388 (first chance)
(1334.41c): Visual C++ exception - code 406d1388 (first chance)
(1334.1a20): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1808): Visual C++ exception - code 406d1388 (first chance)
(1334.708): Visual C++ exception - code 406d1388 (first chance)
(1334.1f88): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1900): Visual C++ exception - code 406d1388 (first chance)
(1334.1e18): Visual C++ exception - code 406d1388 (first chance)
(1334.1c34): Visual C++ exception - code 406d1388 (first chance)
(1bfc.10d4): Visual C++ exception - code 406d1388 (first chance)
(1334.1f28): Visual C++ exception - code 406d1388 (first chance)
(1334.1d48): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1b44): Visual C++ exception - code 406d1388 (first chance)
(1334.1218): Visual C++ exception - code 406d1388 (first chance)
(1bfc.514): Visual C++ exception - code 406d1388 (first chance)
(1334.1260): Visual C++ exception - code 406d1388 (first chance)
(1334.1d18): Visual C++ exception - code 406d1388 (first chance)
(1334.1830): Visual C++ exception - code 406d1388 (first chance)
(1bfc.68c): Visual C++ exception - code 406d1388 (first chance)
(1334.1e58): Visual C++ exception - code 406d1388 (first chance)
(1334.2054): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2150): Visual C++ exception - code 406d1388 (first chance)
(1334.102c): Visual C++ exception - code 406d1388 (first chance)
(1334.23c0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1d04): Visual C++ exception - code 406d1388 (first chance)
(1334.d30): Visual C++ exception - code 406d1388 (first chance)
(1334.139c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.21c8): Visual C++ exception - code 406d1388 (first chance)
(1334.1a24): Visual C++ exception - code 406d1388 (first chance)
(1334.1598): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1f44): Visual C++ exception - code 406d1388 (first chance)
(1334.9b8): Visual C++ exception - code 406d1388 (first chance)
(1334.1120): Visual C++ exception - code 406d1388 (first chance)
(1bfc.340): Visual C++ exception - code 406d1388 (first chance)
(1334.1350): Visual C++ exception - code 406d1388 (first chance)
(1bfc.804): Visual C++ exception - code 406d1388 (first chance)
(1334.1f48): Visual C++ exception - code 406d1388 (first chance)
(1334.640): Visual C++ exception - code 406d1388 (first chance)
(1334.13f0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.16ec): Visual C++ exception - code 406d1388 (first chance)
(1334.1804): Visual C++ exception - code 406d1388 (first chance)
(1bfc.bc4): Visual C++ exception - code 406d1388 (first chance)
(1334.1250): Visual C++ exception - code 406d1388 (first chance)
(1334.156c): Visual C++ exception - code 406d1388 (first chance)
(1334.1f04): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2378): Visual C++ exception - code 406d1388 (first chance)
(1334.844): Visual C++ exception - code 406d1388 (first chance)
(1334.1ee4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.19dc): Visual C++ exception - code 406d1388 (first chance)
(1334.18f0): Visual C++ exception - code 406d1388 (first chance)
(1334.1e90): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1bcc): Visual C++ exception - code 406d1388 (first chance)
(1334.1c1c): Visual C++ exception - code 406d1388 (first chance)
(1334.239c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1868): Visual C++ exception - code 406d1388 (first chance)
(1334.1fac): Visual C++ exception - code 406d1388 (first chance)
(1334.f00): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1738): Visual C++ exception - code 406d1388 (first chance)
(1334.dc4): Visual C++ exception - code 406d1388 (first chance)
(1334.d48): Visual C++ exception - code 406d1388 (first chance)
(1bfc.10e4): Visual C++ exception - code 406d1388 (first chance)
(1334.177c): Visual C++ exception - code 406d1388 (first chance)
(1334.a44): Visual C++ exception - code 406d1388 (first chance)
(1bfc.ec0): Visual C++ exception - code 406d1388 (first chance)
(1334.1e74): Visual C++ exception - code 406d1388 (first chance)
(1334.14e4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.428): Visual C++ exception - code 406d1388 (first chance)
(1334.1b00): Visual C++ exception - code 406d1388 (first chance)
(1334.8a0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1394): Visual C++ exception - code 406d1388 (first chance)
(1334.2340): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1d4c): Visual C++ exception - code 406d1388 (first chance)
(1334.19c0): Visual C++ exception - code 406d1388 (first chance)
(1334.1718): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2298): Visual C++ exception - code 406d1388 (first chance)
(1334.ab0): Visual C++ exception - code 406d1388 (first chance)
(1334.16a8): Visual C++ exception - code 406d1388 (first chance)
(1bfc.22e4): Visual C++ exception - code 406d1388 (first chance)
(1334.216c): Visual C++ exception - code 406d1388 (first chance)
(1334.95c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1730): Visual C++ exception - code 406d1388 (first chance)
(1334.1704): Visual C++ exception - code 406d1388 (first chance)
(1334.229c): Visual C++ exception - code 406d1388 (first chance)
(1334.15d8): Visual C++ exception - code 406d1388 (first chance)
(1bfc.43c): Visual C++ exception - code 406d1388 (first chance)
(1334.1b78): Visual C++ exception - code 406d1388 (first chance)
(1334.6b4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.460): Visual C++ exception - code 406d1388 (first chance)
(1334.238c): Visual C++ exception - code 406d1388 (first chance)
(1334.10a4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.5f4): Visual C++ exception - code 406d1388 (first chance)
(1334.1ae4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.308): Visual C++ exception - code 406d1388 (first chance)
(1334.1920): Visual C++ exception - code 406d1388 (first chance)
(1334.2078): Visual C++ exception - code 406d1388 (first chance)
(1334.1080): Visual C++ exception - code 406d1388 (first chance)
(1bfc.310): Visual C++ exception - code 406d1388 (first chance)
(1334.1a88): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1d5c): Visual C++ exception - code 406d1388 (first chance)
(1334.e28): Visual C++ exception - code 406d1388 (first chance)
(1334.1ea0): Visual C++ exception - code 406d1388 (first chance)
(1334.19b4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1e28): Visual C++ exception - code 406d1388 (first chance)
(1334.14c8): Visual C++ exception - code 406d1388 (first chance)
(1334.408): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1d84): Visual C++ exception - code 406d1388 (first chance)
(1334.20c4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1880): Visual C++ exception - code 406d1388 (first chance)
(1334.854): Visual C++ exception - code 406d1388 (first chance)
(1334.bf0): Visual C++ exception - code 406d1388 (first chance)
(1334.19b0): Visual C++ exception - code 406d1388 (first chance)
(1bfc.22b8): Visual C++ exception - code 406d1388 (first chance)
(1334.1ff4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1440): Visual C++ exception - code 406d1388 (first chance)
(1334.1c70): Visual C++ exception - code 406d1388 (first chance)
(1334.2134): Visual C++ exception - code 406d1388 (first chance)
(1334.12a4): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1da4): Visual C++ exception - code 406d1388 (first chance)
(1334.2214): Visual C++ exception - code 406d1388 (first chance)
(1334.14bc): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1ef0): Visual C++ exception - code 406d1388 (first chance)
(1334.1f98): Visual C++ exception - code 406d1388 (first chance)
(1334.1b8c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1d44): Visual C++ exception - code 406d1388 (first chance)
(1334.21dc): Visual C++ exception - code 406d1388 (first chance)
(1bfc.70c): Visual C++ exception - code 406d1388 (first chance)
(1334.994): Visual C++ exception - code 406d1388 (first chance)
(1334.b68): Visual C++ exception - code 406d1388 (first chance)
(1bfc.2260): Visual C++ exception - code 406d1388 (first chance)
(1334.1020): Visual C++ exception - code 406d1388 (first chance)
(1334.1494): Visual C++ exception - code 406d1388 (first chance)
(1334.1840): Visual C++ exception - code 406d1388 (first chance)
(1bfc.107c): Visual C++ exception - code 406d1388 (first chance)
(1334.21ec): Visual C++ exception - code 406d1388 (first chance)
(1bfc.206c): Visual C++ exception - code 406d1388 (first chance)
(1334.1694): Visual C++ exception - code 406d1388 (first chance)
(1334.1c2c): Visual C++ exception - code 406d1388 (first chance)
(1bfc.228c): Visual C++ exception - code 406d1388 (first chance)
(1334.d84): Visual C++ exception - code 406d1388 (first chance)
(1334.1cf4): Visual C++ exception - code 406d1388 (first chance)
(1334.2254): Visual C++ exception - code 406d1388 (first chance)
(1bfc.20ac): Visual C++ exception - code 406d1388 (first chance)
(1334.15f8): Visual C++ exception - code 406d1388 (first chance)
(1334.1154): Visual C++ exception - code 406d1388 (first chance)
(1bfc.1e94): Visual C++ exception - code 406d1388 (first chance)
(1334.1154): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
verifier_6f2a0000!AVrfpDphFindBusyMemoryNoCheck+0xb8:
6f2a7378 813abbbbcdab cmp dword ptr [edx],0ABCDBBBBh ds:002b:deadbecf=????????
2:120:x86> .lastevent
Last event: 1334.1154: Access violation - code c0000005 (first chance)
debugger time: Thu Aug 27 01:35:02.566 2015 (UTC + 2:00)
2:120:x86> |.
. 2 id: 1334 child name: chrome.exe
2:120:x86> .effmach
Effective machine: x86 compatible (x86)
2:120:x86> lm on
start end module name
00830000 0089c000 verifier verifier.dll
00b30000 00bfc000 chrome chrome.exe
0f230000 11b2e000 chrome_child chrome_child.dll
6a200000 6a381000 dwrite dwrite.dll
6dd70000 6dd86000 USP10 USP10.dll
6f270000 6f296000 chrome_elf chrome_elf.dll
6f2a0000 6f300000 verifier_6f2a0000 verifier.dll
70330000 70395000 WINSPOOL WINSPOOL.DRV
73f40000 73f48000 WINNSI WINNSI.DLL
73f50000 73f70000 IPHLPAPI IPHLPAPI.DLL
74140000 7414a000 Secur32 Secur32.dll
749a0000 749c1000 DEVOBJ DEVOBJ.dll
749d0000 749f3000 WINMMBASE WINMMBASE.dll
74a00000 74a23000 WINMM WINMM.dll
74a30000 74c36000 COMCTL32 COMCTL32.dll
74d80000 74d8f000 profapi profapi.dll
74d90000 74dab000 USERENV USERENV.dll
74db0000 74dbf000 WTSAPI32 WTSAPI32.dll
74dc0000 74e4b000 shcore shcore.dll
74e50000 74e58000 VERSION VERSION.dll
74e60000 74eb4000 bcryptPrimitives bcryptPrimitives.dll
74ec0000 74eca000 CRYPTBASE CRYPTBASE.dll
74ed0000 74eee000 SspiCli SspiCli.dll
74ef0000 74f85000 OLEAUT32 OLEAUT32.dll
74f90000 74f96000 PSAPI PSAPI.DLL
75030000 75142000 MSCTF MSCTF.dll
75150000 75195000 SHLWAPI SHLWAPI.dll
75310000 75337000 IMM32 IMM32.DLL
75430000 7546c000 cfgmgr32 cfgmgr32.dll
75470000 75477000 NSI NSI.dll
754f0000 755b3000 msvcrt msvcrt.dll
755c0000 75601000 sechost sechost.dll
75610000 75660000 WS2_32 WS2_32.dll
75660000 757a0000 KERNEL32 KERNEL32.DLL
757a0000 76a4d000 SHELL32 SHELL32.dll
76a50000 76bd8000 CRYPT32 CRYPT32.dll
76be0000 76cb7000 KERNELBASE KERNELBASE.dll
76cc0000 76d3c000 ADVAPI32 ADVAPI32.dll
76d40000 76dfa000 RPCRT4 RPCRT4.dll
76fd0000 77123000 USER32 USER32.dll
77130000 77259000 ole32 ole32.dll
77260000 773dd000 combase combase.dll
77400000 7740e000 MSASN1 MSASN1.dll
77410000 774ab000 COMDLG32 COMDLG32.dll
774b0000 775bf000 GDI32 GDI32.dll
775c0000 775fd000 WINTRUST WINTRUST.dll
77600000 77609000 wow64cpu wow64cpu.dll
77610000 77678000 wow64win wow64win.dll
77680000 776cb000 wow64 wow64.dll
776d0000 7783e000 ntdll_776d0000 ntdll.dll
00007ff8`92a10000 00007ff8`92bbc000 ntdll ntdll.dll
2:120:x86> .exr -1
ExceptionAddress: 000000006f2a7378 (verifier_6f2a0000!AVrfpDphFindBusyMemoryNoCheck+0x00000000000000b8)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 00000000deadbecf
Attempt to read from address 00000000deadbecf
2:120:x86> lmv M *chrome.exe
start end module name
00b30000 00bfc000 chrome (deferred)
Image path: chrome.exe
Image name: chrome.exe
Timestamp: Sun Aug 23 13:56:58 2015 (55D9B50A)
CheckSum: 000CF55A
ImageSize: 000CC000
File version: 46.0.2490.4
Product version: 46.0.2490.4
File flags: 0 (Mask 17)
File OS: 4 Unknown Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Google Inc.
ProductName: Google Chrome
InternalName: chrome_exe
OriginalFilename: chrome.exe
ProductVersion: 46.0.2490.4
FileVersion: 46.0.2490.4
FileDescription: Google Chrome
LegalCopyright: Copyright 2014 Google Inc. All rights reserved.
2:120:x86> !heap -p -a 0xDEADBECF
2:120:x86> kn 0x14
# ChildEBP RetAddr
00 2443fab0 6f2a7495 verifier_6f2a0000!AVrfpDphFindBusyMemoryNoCheck+0xb8
01 2443fad4 6f2a7720 verifier_6f2a0000!AVrfpDphFindBusyMemory+0x15
02 2443faf0 6f2a96e0 verifier_6f2a0000!AVrfpDphFindBusyMemoryAndRemoveFromBusyList+0x20
03 2443fb0c 777b6341 verifier_6f2a0000!AVrfDebugPageHeapFree+0x90
04 2443fb6c 777569ea ntdll_776d0000!RtlDebugFreeHeap+0x3c
05 2443fc78 77711eaa ntdll_776d0000!RtlpFreeHeap+0x44b2f
06 2443fccc 754fb0f9 ntdll_776d0000!RtlFreeHeap+0x1b6
07 2443fd18 75554b9f msvcrt!free+0x65
08 2443fd4c 7773cc1a msvcrt!_freefls+0x25
09 2443fd74 776f2f5e ntdll_776d0000!RtlProcessFlsData+0xf8
0a 2443fe10 776f2b5c ntdll_776d0000!LdrShutdownThread+0x32
0b 2443fee0 75677c0b ntdll_776d0000!RtlExitUserThread+0x4c
0c 2443fef4 7772ad1f KERNEL32!BaseThreadInitThunk+0x2b
0d 2443ff3c 7772acea ntdll_776d0000!__RtlUserThreadStart+0x2f
0e 2443ff4c 00000000 ntdll_776d0000!_RtlUserThreadStart+0x1b
2:120:x86>