The issue here was that FindRealCode attempts to skip over the jmp mnemonics (most likely causing issues if detouring APIs).
When reading the addresses (absolute or relative) in the code of the exporting/importing DLLs, the code would not change the protect status to make sure it can read it. In some obscure and infrequent cases the page would have PAGE_NOACCESS and then a read would cause an AV.
We should tag the branch as 2.5.7 when this is merged and then upload a release with the installer binary https://github.com/Azure/vld/releases #Resolved
The issue here was that FindRealCode attempts to skip over the jmp mnemonics (most likely causing issues if detouring APIs). When reading the addresses (absolute or relative) in the code of the exporting/importing DLLs, the code would not change the protect status to make sure it can read it. In some obscure and infrequent cases the page would have PAGE_NOACCESS and then a read would cause an AV.