Major Description
This happened on an idle system with Java installed and with internet connectivity.
*** Fatal System Error: 0x00000139
|
(0x00000003,0x805DCC44,0x805DCBE4,0x00000000)
|
|
|
Break instruction exception - code 80000003 (first chance)
|
|
|
A fatal system error has occurred.
|
Debugger entered on first try; Bugcheck callbacks have not been invoked.
|
|
|
A fatal system error has occurred.
|
|
|
Connected to Windows Server 2003 3790 x86 compatible target at (Sun Mar 26 05:22:56.207 2017 (UTC + 2:00)), ptr64 FALSE
|
Loading Kernel Symbols
|
....................................................
|
Loading User Symbols
|
|
|
*******************************************************************************
|
* *
|
* Bugcheck Analysis *
|
* *
|
*******************************************************************************
|
|
|
Use !analyze -v to get detailed debugging information.
|
|
|
BugCheck 139, {3, 805dcc44, 805dcbe4, 0}
|
|
|
Probably caused by : ntoskrnl.exe ( nt!KiRaiseSecurityCheckFailureHandler+c7 )
|
|
|
Followup: MachineOwner
|
---------
|
|
|
nt!RtlpBreakWithStatusInstruction:
|
8055b9c8 cc int 3
|
kd> ?? ListHead
|
struct _LIST_ENTRY * 0xffdffa40
|
[ 0xb4cd8020 - 0xf2fb5ae8 ]
|
+0x000 Flink : 0xb4cd8020 _LIST_ENTRY [ 0xf2fb5ae8 - 0xffdffa40 ]
|
+0x004 Blink : 0xf2fb5ae8 _LIST_ENTRY [ 0xffdffa40 - 0xb4cd8020 ]
|
kd> ?? ListHead->Flink
|
struct _LIST_ENTRY * 0xb4cd8020
|
[ 0xf2fb5ae8 - 0xffdffa40 ]
|
+0x000 Flink : 0xf2fb5ae8 _LIST_ENTRY [ 0xffdffa40 - 0xb4cd8020 ]
|
+0x004 Blink : 0xffdffa40 _LIST_ENTRY [ 0xb4cd8020 - 0xf2fb5ae8 ]
|
kd> ?? ListHead->Flink->Flink
|
struct _LIST_ENTRY * 0xf2fb5ae8
|
[ 0xffdffa40 - 0xb4cd8020 ]
|
+0x000 Flink : 0xffdffa40 _LIST_ENTRY [ 0xb4cd8020 - 0xf2fb5ae8 ]
|
+0x004 Blink : 0xb4cd8020 _LIST_ENTRY [ 0xf2fb5ae8 - 0xffdffa40 ]
|
kd> ?? DpcEntry
|
struct _LIST_ENTRY * 0xb4cd8020
|
[ 0xf2fb5ae8 - 0xffdffa40 ]
|
+0x000 Flink : 0xf2fb5ae8 _LIST_ENTRY [ 0xffdffa40 - 0xb4cd8020 ]
|
+0x004 Blink : 0xffdffa40 _LIST_ENTRY [ 0xb4cd8020 - 0xf2fb5ae8 ]
|
kd> ?? #CONTAINING_RECORD(0xf2fb5ae8, nt!_KDPC, DpcListEntry)
|
struct _KDPC * 0xf2fb5ae4
|
+0x000 Type : 0x13 ''
|
+0x001 Importance : 0x1 ''
|
+0x002 Number : 0
|
+0x004 DpcListEntry : _LIST_ENTRY [ 0xffdffa40 - 0xb4cd8020 ]
|
+0x00c DeferredRoutine : 0xf7a2d390 void scsiport!ScsiPortDpcForIsr+0
|
+0x010 DeferredContext : 0xf2fb5a70 Void
|
+0x014 SystemArgument1 : (null)
|
+0x018 SystemArgument2 : 0xf2fb5b28 Void
|
+0x01c DpcData : 0xffdffa40 Void
|
kd> !irql
|
Debugger saved IRQL for processor 0x0 -- 2 (DISPATCH_LEVEL)
|
kd> ?? #CONTAINING_RECORD(0xb4cd8020, nt!_KDPC, DpcListEntry)
|
struct _KDPC * 0xb4cd801c
|
+0x000 Type : 0x13 ''
|
+0x001 Importance : 0x1 ''
|
+0x002 Number : 0
|
+0x004 DpcListEntry : _LIST_ENTRY [ 0xf2fb5ae8 - 0xffdffa40 ]
|
+0x00c DeferredRoutine : 0xf7985f30 void ndis!HandleDeferredProcessing+0
|
+0x010 DeferredContext : 0xf3f93b28 Void
|
+0x014 SystemArgument1 : (null)
|
+0x018 SystemArgument2 : (null)
|
+0x01c DpcData : 0xffdffa40 Void
|
kd> ?? TrapFrame
|
struct _KTRAP_FRAME * 0x805dcc44
|
+0x000 DbgEbp : 0x805dccb8
|
+0x004 DbgEip : 0x80405bda
|
+0x008 DbgArgMark : 0xbadb0d00
|
+0x00c DbgArgPointer : 0xffdffa40
|
+0x010 TempSegCs : 0x805dcd38
|
+0x014 TempEsp : 0xb4d87008
|
+0x018 Dr0 : 0x805dcc64
|
+0x01c Dr1 : 0x805dcc64
|
+0x020 Dr2 : 0x805dcce4
|
+0x024 Dr3 : 0x80405b32
|
+0x028 Dr6 : 0xbadb0d00
|
+0x02c Dr7 : 0
|
+0x030 SegGs : 0
|
+0x034 SegEs : 0x23
|
+0x038 SegDs : 0x23
|
+0x03c Edx : 0xffdffa40
|
+0x040 Ecx : 3
|
+0x044 Eax : 0xffdffa40
|
+0x048 PreviousPreviousMode : 0xffffffff
|
+0x04c ExceptionList : 0xffffffff _EXCEPTION_REGISTRATION_RECORD
|
+0x050 SegFs : 0x30
|
+0x054 Edi : 0x805dcd30
|
+0x058 Esi : 0x805dcd38
|
+0x05c Ebx : 0x9000
|
+0x060 Ebp : 0x805dccb8
|
+0x064 ErrCode : 0xb4cd8020
|
+0x068 Eip : 0x80405bd8
|
+0x06c SegCs : 8
|
+0x070 EFlags : 0x202
|
+0x074 HardwareEsp : 0x805dccc4
|
+0x078 HardwareSegSs : 0x80405a4e
|
+0x07c V86Es : 3
|
+0x080 V86Ds : 0x805dcce4
|
+0x084 V86Fs : 0x80405b88
|
+0x088 V86Gs : 0xffdffa40
|
kd> ?? DpcData->DpcQueueDepth
|
unsigned long 2
|
kd> kp
|
# ChildEBP RetAddr
|
00 805dc7c4 8049abf8 nt!RtlpBreakWithStatusInstruction
|
01 805dc7f4 80499e7a nt!KiBugCheckDebugBreak(unsigned long StatusCode = 3)+0x38 [c:\ros\reactos\reactos\ntoskrnl\ke\bug.c @ 538]
|
02 805dcbbc 80538b47 nt!KeBugCheckWithTf(unsigned long BugCheckCode = 0x139, unsigned long BugCheckParameter1 = 3, unsigned long BugCheckParameter2 = 0x805dcc44, unsigned long BugCheckParameter3 = 0x805dcbe4, unsigned long BugCheckParameter4 = 0, struct _KTRAP_FRAME * TrapFrame = 0x805dcc44)+0x6aa [c:\ros\reactos\reactos\ntoskrnl\ke\bug.c @ 1101]
|
03 805dcc3c 804039cf nt!KiRaiseSecurityCheckFailureHandler(struct _KTRAP_FRAME * TrapFrame = 0x805dcc44)+0xc7 [c:\ros\reactos\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1519]
|
04 805dcc3c 80405bd8 nt!KiRaiseSecurityCheckFailure+0x8f
|
05 805dccb8 80405a4e nt!RtlFailFast(unsigned long Code = 3)+0x8 [c:\ros\reactos\reactos\output-vs15-i386\sdk\include\ddk\wdm.h @ 10276]
|
06 805dccc4 80405b88 nt!FatalListEntryError(void * P1 = 0xffdffa40, void * P2 = 0xb4cd8020, void * P3 = 0xffdffa40)+0x1e [c:\ros\reactos\reactos\output-vs15-i386\sdk\include\ddk\wdm.h @ 10336]
|
07 805dcce4 8049c64e nt!RemoveEntryList(struct _LIST_ENTRY * Entry = 0xb4cd8020 [ 0xf2fb5ae8 - 0xffdffa40 ])+0x78 [c:\ros\reactos\reactos\output-vs15-i386\sdk\include\ddk\wdm.h @ 10364]
|
08 805dcd30 80537af5 nt!KiRetireDpcList(struct _KPRCB * Prcb = 0xffdff120)+0xae [c:\ros\reactos\reactos\ntoskrnl\ke\dpc.c @ 591]
|
09 805dcd48 80536e74 nt!KiIdleLoop(void)+0x75 [c:\ros\reactos\reactos\ntoskrnl\ke\i386\thrdini.c @ 295]
|
0a 805dcd58 00000000 nt!KiSystemStartupBootStack(void)+0x74 [c:\ros\reactos\reactos\ntoskrnl\ke\i386\kiinit.c @ 683]
|
A list item (scsiport DPC) was added while RemoveEntryList was in progress. The trap frame indicates interrupts were enabled, which makes the spin lock pointless.