BSOD 0x139 "KERNEL_SECURITY_CHECK_FAILURE" triggered by fastfat / Cc code.

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86

Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\pipe\kd_Tests_ReactOS_installation

Waiting to reconnect...

(ntoskrnl\kd64\kdinit.c:74) -----------------------------------------------------

(ntoskrnl\kd64\kdinit.c:75) ReactOS 0.4.11-dev (Build 20181027-0.4.11-dev-540-g02e78b3) (Commit 02e78b312ee26e6e672df9881d71e36ccdc0d24c)

(ntoskrnl\kd64\kdinit.c:76) 1 System Processor [512 MB Memory]

(ntoskrnl\kd64\kdinit.c:80) Command Line: DEBUG DEBUGPORT=VBOX SOS

(ntoskrnl\kd64\kdinit.c:81) ARC Paths: multi(0)disk(0)rdisk(0)partition(1) \ multi(0)disk(0)rdisk(0)partition(1) \ReactOS\

Connected to Windows Server 2003 3790 x86 compatible target at (Sat Oct 27 16:50:41.166 2018 (UTC + 2:00)), ptr64 FALSE

Kernel Debugger connection established.

Symbol search path is: D:\rosbuilds\x86_VC10\msvc_pdb;C:\Symbols;srv*C:\Symbols*https://msdl.microsoft.com/download/symbols

Executable search path is: 

Windows Server 2003 Kernel Version 3790 UP Checked x86 compatible

Built by: 20181027-0.4.11-dev-540-g02e78b3.MSVC_16.0.40219.1

Machine Name:

Kernel base = 0x80400000 PsLoadedModuleList = 0x805f52e8

System Uptime: not available

WARNING: Inaccessible path: 'H:\trunk\reactos_setup\base\setup\usetup\spapisup'

(ntoskrnl\ke\i386\cpu.c:450) Supported CPU features : KF_V86_VIS KF_RDTSC KF_CR4 KF_CMOV KF_GLOBAL_PAGE KF_LARGE_PAGE KF_MTRR KF_CMPXCHG8B KF_MMX KF_WORKING_PTE KF_PAT KF_FXSR KF_FAST_SYSCALL KF_XMMI   KF_XMMI64    

(ntoskrnl\ke\i386\cpu.c:722) Prefetch Cache: 64 bytes	L2 Cache: 262144 bytes	L2 Cache Line: 64 bytes	L2 Cache Associativity: 8

(hal\halx86\acpi\halacpi.c:782) ACPI Timer at: 4008h (EXT: 256)

(hal\halx86\acpi\halacpi.c:890) ACPI 2.0 Detected. Tables: [RSDT] [FACP] 

(ntoskrnl\mm\ARM3\mminit.c:1452) HAL I/O Mapping at FFFE0000 is unsafe

(ntoskrnl\mm\mminit.c:131)           0x80000000 - 0x83000000	Boot Loaded Image

(ntoskrnl\mm\mminit.c:135)           0xB0000000 - 0xB0380000	PFN Database

(ntoskrnl\mm\mminit.c:139)           0xB0380000 - 0xB1368000	ARM3 Non Paged Pool

(ntoskrnl\mm\mminit.c:143)           0xB9400000 - 0xBB400000	System View Space

(ntoskrnl\mm\mminit.c:147)           0xBB400000 - 0xC0000000	Session Space

(ntoskrnl\mm\mminit.c:150)           0xC0000000 - 0xC03FFFFF	Page Tables

(ntoskrnl\mm\mminit.c:153)           0xC0300000 - 0xC0300FFF	Page Directories

(ntoskrnl\mm\mminit.c:156)           0xC0400000 - 0xC07FFFFF	Hyperspace

(ntoskrnl\mm\mminit.c:159)           0xC1000000 - 0xE0FFFFFF	System Cache

(ntoskrnl\mm\mminit.c:163)           0xE1000000 - 0xEDC00000	ARM3 Paged Pool

(ntoskrnl\mm\mminit.c:166)           0xEDC00000 - 0xF8BC8000	System PTE Space

(ntoskrnl\mm\mminit.c:169)           0xF8BC8000 - 0xFFBE0000	Non Paged Pool Expansion PTE Space

< Log trimmed... >

(ntoskrnl\io\iomgr\iorsrce.c:725) Failed to open symlink \Device\Harddisk0\Partition1, Status=c0000024

(ntoskrnl\cc\pin.c:107) Mapping/pinning with no read not implemented. Forcing read, might fail if wait not allowed

< Log trimmed ...>

(dll\win32\kernel32\client\loader.c:384) LoadLibraryExW(mingwm10.dll) failing with status c0000135

(dll\win32\kernel32\client\loader.c:384) LoadLibraryExW(mingwm10.dll) failing with status c0000135

(base\services\umpnpmgr\umpnpmgr.c:3223) Installing: Root\ACPI_HAL\0

*** Fatal System Error: 0x00000139

                       (0x00000003,0xF80D66F0,0xF80D6690,0x00000000)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.

Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows Server 2003 3790 x86 compatible target at (Sat Oct 27 16:50:54.170 2018 (UTC + 2:00)), ptr64 FALSE

Loading Kernel Symbols

...............................................

Loading User Symbols

...............

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 139, {3, f80d66f0, f80d6690, 0}

Probably caused by : ntoskrnl.exe ( nt!KiRaiseSecurityCheckFailureHandler+be )

Followup: MachineOwner

---------

nt!RtlpBreakWithStatusInstruction:

80552b28 cc              int     3

kd> .reload

Connected to Windows Server 2003 3790 x86 compatible target at (Sat Oct 27 16:51:59.729 2018 (UTC + 2:00)), ptr64 FALSE

Loading Kernel Symbols

...............................................

Loading User Symbols

...............

kd> kp

ChildEBP RetAddr  

f80d6278 8049a8f8 nt!RtlpBreakWithStatusInstruction

f80d62a8 8049b356 nt!KiBugCheckDebugBreak(unsigned long StatusCode = 3)+0x38 [h:\trunk\reactos_setup\ntoskrnl\ke\bug.c @ 538]

f80d6668 8053248e nt!KeBugCheckWithTf(unsigned long BugCheckCode = 0x139, unsigned long BugCheckParameter1 = 3, unsigned long BugCheckParameter2 = 0xf80d66f0, unsigned long BugCheckParameter3 = 0xf80d6690, unsigned long BugCheckParameter4 = 0, struct _KTRAP_FRAME * TrapFrame = 0xf80d66f0)+0x5b6 [h:\trunk\reactos_setup\ntoskrnl\ke\bug.c @ 1102]

f80d66e8 804039cf nt!KiRaiseSecurityCheckFailureHandler(struct _KTRAP_FRAME * TrapFrame = 0xf80d66f0)+0xbe [h:\trunk\reactos_setup\ntoskrnl\ke\i386\traphdlr.c @ 1593]

f80d66e8 80404988 nt!KiRaiseSecurityCheckFailure+0x8f

f80d6764 8040496e nt!__fastfail(unsigned int Code = 3)+0x8 [h:\trunk\reactos_setup\sdk\include\crt\msc\intrin.h @ 277]

f80d6770 8040494e nt!RtlFailFast(unsigned long Code = 3)+0xe [d:\rosbuilds\x86_vc10_setup\sdk\include\ddk\wdm.h @ 10499]

f80d677c 80405de1 nt!FatalListEntryError(void * P1 = 0xb1292298, void * P2 = 0xb1291ff8, void * P3 = 0xb1292298)+0x1e [d:\rosbuilds\x86_vc10_setup\sdk\include\ddk\wdm.h @ 10558]

f80d6798 80408deb nt!RemoveEntryList(struct _LIST_ENTRY * Entry = 0xb1291ff8 [ 0xb1292298 - 0xb1292298 ])+0x71 [d:\rosbuilds\x86_vc10_setup\sdk\include\ddk\wdm.h @ 10586]

f80d67bc 80408ce4 nt!CcUnpinDataForThread(void * Bcb = 0xb1291fa0, unsigned long ResourceThreadId = 0xb10e2668)+0xeb [h:\trunk\reactos_setup\ntoskrnl\cc\pin.c @ 592]

f80d67cc f8b8977c nt!CcUnpinData(void * Bcb = 0xb1291fa0)+0x14 [h:\trunk\reactos_setup\ntoskrnl\cc\pin.c @ 555]

f80d6840 f8b8b3a1 fastfat!FAT32GetNextCluster(struct DEVICE_EXTENSION * DeviceExt = 0xb124f0d0, unsigned long CurrentCluster = 0x2610d, unsigned long * NextCluster = 0xf80d6904)+0x18c [h:\trunk\reactos_setup\drivers\filesystems\fastfat\fat.c @ 72]

f80d6860 f8b95cf9 fastfat!GetNextCluster(struct DEVICE_EXTENSION * DeviceExt = 0xb124f0d0, unsigned long CurrentCluster = 0x2610c, unsigned long * NextCluster = 0xf80d6904)+0xb1 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\fat.c @ 767]

f80d6874 f8b98351 fastfat!NextCluster(struct DEVICE_EXTENSION * DeviceExt = 0xb124f0d0, unsigned long FirstCluster = 0x26104, unsigned long * CurrentCluster = 0xf80d6904, unsigned char Extend = 0x00 '')+0x59 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\rw.c @ 56]

f80d691c f8b97ae1 fastfat!VfatWriteFileData(struct VFAT_IRP_CONTEXT * IrpContext = 0xb10c9e98, unsigned long Length = 0x40000, union _LARGE_INTEGER WriteOffset = union _LARGE_INTEGER 0x0)+0x571 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\rw.c @ 504]

f80d6a0c f8b9506e fastfat!VfatWrite(struct VFAT_IRP_CONTEXT * IrpContext = 0xb10c9e98)+0x9d1 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\rw.c @ 1157]

f80d6a30 f8b954a2 fastfat!VfatDispatchRequest(struct VFAT_IRP_CONTEXT * IrpContext = 0xb10c9e98)+0xae [h:\trunk\reactos_setup\drivers\filesystems\fastfat\misc.c @ 133]

f80d6a50 80480b4e fastfat!VfatBuildRequest(struct _DEVICE_OBJECT * DeviceObject = 0xb124f018, struct _IRP * Irp = 0xb10a9008)+0x92 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\misc.c @ 248]

f80d6a78 804772ee nt!IofCallDriver(struct _DEVICE_OBJECT * DeviceObject = 0xb124f018, struct _IRP * Irp = 0xb10a9008)+0xae [h:\trunk\reactos_setup\ntoskrnl\io\iomgr\irp.c @ 1287]

f80d6a8c 80404f48 nt!IoSynchronousPageWrite(struct _FILE_OBJECT * FileObject = 0xb1110d70, struct _MDL * Mdl = 0xb10b36d8, union _LARGE_INTEGER * Offset = 0xb1104180 0x0, struct _KEVENT * Event = 0xf80d6ad8, struct _IO_STATUS_BLOCK * StatusBlock = 0xf80d6af0)+0x12e [h:\trunk\reactos_setup\ntoskrnl\io\iomgr\iofunc.c @ 1084]

f80d6b20 804091d1 nt!CcWriteVirtualAddress(struct _ROS_VACB * Vacb = 0xb1104158)+0x1d8 [h:\trunk\reactos_setup\ntoskrnl\cc\copy.c @ 206]

f80d6b30 8040af1b nt!CcRosFlushVacb(struct _ROS_VACB * Vacb = 0xb1104158)+0x21 [h:\trunk\reactos_setup\ntoskrnl\cc\view.c @ 173]

f80d6b70 f8b91c84 nt!CcFlushCache(struct _SECTION_OBJECT_POINTERS * SectionObjectPointers = 0xb110c788, union _LARGE_INTEGER * FileOffset = 0x00000000, unsigned long Length = 0, struct _IO_STATUS_BLOCK * IoStatus = 0xf80d6b94)+0xeb [h:\trunk\reactos_setup\ntoskrnl\cc\view.c @ 1127]

f80d6ba0 f8b91e2c fastfat!VfatFlushFile(struct DEVICE_EXTENSION * DeviceExt = 0xb124f0d0, struct _VFATFCB * Fcb = 0xb110c760)+0x34 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\flush.c @ 29]

f80d6bc0 f8b95130 fastfat!VfatFlush(struct VFAT_IRP_CONTEXT * IrpContext = 0xb133bc58)+0xec [h:\trunk\reactos_setup\drivers\filesystems\fastfat\flush.c @ 172]

f80d6be4 f8b954a2 fastfat!VfatDispatchRequest(struct VFAT_IRP_CONTEXT * IrpContext = 0xb133bc58)+0x170 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\misc.c @ 173]

f80d6c04 80480b4e fastfat!VfatBuildRequest(struct _DEVICE_OBJECT * DeviceObject = 0xb124f018, struct _IRP * Irp = 0xb10b7008)+0x92 [h:\trunk\reactos_setup\drivers\filesystems\fastfat\misc.c @ 248]

f80d6c2c 80475f23 nt!IofCallDriver(struct _DEVICE_OBJECT * DeviceObject = 0xb124f018, struct _IRP * Irp = 0xb10b7008)+0xae [h:\trunk\reactos_setup\ntoskrnl\io\iomgr\irp.c @ 1287]

f80d6c5c 80477a13 nt!IopPerformSynchronousRequest(struct _DEVICE_OBJECT * DeviceObject = 0xb124f018, struct _IRP * Irp = 0xb10b7008, struct _FILE_OBJECT * FileObject = 0xb1110d70, unsigned char Deferred = 0x00 '', char PreviousMode = 0n1 '', unsigned char SynchIo = 0x01 '', _IOP_TRANSFER_TYPE TransferType = IopOtherTransfer (2))+0x53 [h:\trunk\reactos_setup\ntoskrnl\io\iomgr\iofunc.c @ 142]

f80d6cfc 805332fb nt!NtFlushBuffersFile(void * FileHandle = 0x00000104, struct _IO_STATUS_BLOCK * IoStatusBlock = 0x0112f654)+0x293 [h:\trunk\reactos_setup\ntoskrnl\io\iomgr\iofunc.c @ 1489]

f80d6d14 805328eb nt!KiSystemCallTrampoline(void * Handler = 0x80477780, void * Arguments = 0x0112f644, unsigned long StackBytes = 8)+0x1b [h:\trunk\reactos_setup\ntoskrnl\include\internal\i386\ke.h @ 748]

f80d6d5c 80403e23 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf80d6d64, void * Arguments = 0x0112f644)+0x24b [h:\trunk\reactos_setup\ntoskrnl\ke\i386\traphdlr.c @ 1813]

f80d6d5c 7c931d1e nt!KiFastCallEntry+0x8c

0112f638 7c95f38b ntdll!KiFastSystemCallRet

0112f63c 004061d2 ntdll!NtFlushBuffersFile+0xc

0112f664 0040990e eventlog!LogfpFlushFile(struct _EVTLOGFILE * LogFile = 0x00135b80, union _LARGE_INTEGER * FileOffset = 0x00000000, unsigned long Length = 0)+0x42 [h:\trunk\reactos_setup\base\services\eventlog\file.c @ 290]

0112f6a0 0040a403 eventlog!ElfFlushFile(struct _EVTLOGFILE * LogFile = 0x00135b80)+0x10e [h:\trunk\reactos_setup\sdk\lib\evtlib\evtlib.c @ 1167]

0112f77c 00406e89 eventlog!ElfWriteRecord(struct _EVTLOGFILE * LogFile = 0x00135b80, struct _EVENTLOGRECORD * Record = 0x001375e0, unsigned long BufSize = 0xd0)+0x753 [h:\trunk\reactos_setup\sdk\lib\evtlib\evtlib.c @ 1577]

0112f7a8 00404aa6 eventlog!LogfWriteRecord(struct _LOGFILE * LogFile = 0x00135b80, struct _EVENTLOGRECORD * Record = 0x001375e0, unsigned long BufSize = 0xd0)+0x89 [h:\trunk\reactos_setup\base\services\eventlog\file.c @ 880]

0112f814 00404c38 eventlog!ElfrIntReportEventW(void * LogHandle = 0x00136d48, unsigned long Time = 0x5bd49765, unsigned short EventType = 4, unsigned short EventCategory = 0, unsigned long EventID = 0x40001b7c, struct _RPC_UNICODE_STRING * SourceName = 0x00000000, unsigned short NumStrings = 2, unsigned long DataSize = 0, struct _RPC_UNICODE_STRING * ComputerName = 0x001376f8, struct _RPC_SID * UserSID = 0x00000000, struct _RPC_UNICODE_STRING ** Strings = 0x00137730, unsigned char * Data = 0x00000000 "", unsigned short Flags = 0, unsigned long * RecordNumber = 0x00000000, unsigned long * TimeWritten = 0x00000000)+0x2e6 [h:\trunk\reactos_setup\base\services\eventlog\rpc.c @ 697]

0112f858 7c282a3d eventlog!ElfrReportEventW(void * LogHandle = 0x00136d48, unsigned long Time = 0x5bd49765, unsigned short EventType = 4, unsigned short EventCategory = 0, unsigned long EventID = 0x40001b7c, unsigned short NumStrings = 2, unsigned long DataSize = 0, struct _RPC_UNICODE_STRING * ComputerName = 0x001376f8, struct _RPC_SID * UserSID = 0x00000000, struct _RPC_UNICODE_STRING ** Strings = 0x00137730, unsigned char * Data = 0x00000000 "", unsigned short Flags = 0, unsigned long * RecordNumber = 0x00000000, unsigned long * TimeWritten = 0x00000000)+0x48 [h:\trunk\reactos_setup\base\services\eventlog\rpc.c @ 755]

0112f8b0 7c2831b2 rpcrt4!call_server_func(<function> * func = 0x00404bf0, unsigned char * args = 0x00137530 "Hm???", unsigned int stack_size = 0x3c)+0x1d [h:\trunk\reactos_setup\dll\win32\rpcrt4\ndr_stubless.c @ 1017]

0112fe24 7c283ace rpcrt4!NdrStubCall2(struct IRpcStubBuffer * pThis = 0x00404bf0, struct IRpcChannelBuffer * pChannel = 0x00137530, struct _RPC_MESSAGE * pRpcMsg = 0x0000003c, unsigned int * pdwStubPhase = 0x0112fe94)+0x762 [h:\trunk\reactos_setup\dll\win32\rpcrt4\ndr_stubless.c @ 1425]

0112fe48 7c296822 rpcrt4!NdrServerCall2(struct _RPC_MESSAGE * pRpcMsg = 0x00136c10)+0x2e [h:\trunk\reactos_setup\dll\win32\rpcrt4\ndr_stubless.c @ 1499]

0112feac 7c29640a rpcrt4!process_request_packet(struct _RpcConnection * conn = 0x00136df0, struct RpcPktRequestHdr * hdr = 0x00137108, struct _RPC_MESSAGE * msg = 0x00136c10)+0x312 [h:\trunk\reactos_setup\dll\win32\rpcrt4\rpc_server.c @ 439]

0112fec4 7c2962ca rpcrt4!RPCRT4_process_packet(struct _RpcConnection * conn = 0x00136df0, union RpcPktHdr * hdr = 0x00137108, struct _RPC_MESSAGE * msg = 0x00136c10, unsigned char * auth_data = 0x00000000 "", unsigned int auth_length = 0)+0xfa [h:\trunk\reactos_setup\dll\win32\rpcrt4\rpc_server.c @ 517]

0112fee4 7c977d68 rpcrt4!RPCRT4_worker_thread(void * the_arg = 0x001373d0)+0x3a [h:\trunk\reactos_setup\dll\win32\rpcrt4\rpc_server.c @ 540]

0112ff38 7c97886a ntdll!RtlpExecuteWorkItem(void * NormalContext = 0x00000000, void * SystemArgument1 = 0x00000000, void * SystemArgument2 = 0x00137030)+0xb8 [h:\trunk\reactos_setup\sdk\lib\rtl\workitem.c @ 226]

0112ffb8 7c64384d ntdll!RtlpWorkerThreadProc(void * Parameter = 0x00f2ff0c)+0xda [h:\trunk\reactos_setup\sdk\lib\rtl\workitem.c @ 723]

0112ffec 00000000 kernel32!BaseThreadStartup(<function> * lpStartAddress = 0x7c978790, void * lpParameter = 0x00f2ff0c)+0x5d [h:\trunk\reactos_setup\dll\win32\kernel32\client\thread.c @ 69]