隔几天就出现这样的情况
下面是错误日志
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffff8185890170a0, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffff818589016ff8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 17134.1.amd64fre.rs4_release.180410-1804
SYSTEM_MANUFACTURER: Timi
SYSTEM_PRODUCT_NAME: TM1701
BIOS_VENDOR: INSYDE Corp.
BIOS_VERSION: XMAKB5R0P0603
BIOS_DATE: 02/02/2018
BASEBOARD_MANUFACTURER: Timi
BASEBOARD_PRODUCT: TM1701
BASEBOARD_VERSION: MP
DUMP_TYPE: 1
BUGCHECK_P1: 3
BUGCHECK_P2: ffff8185890170a0
BUGCHECK_P3: ffff818589016ff8
BUGCHECK_P4: 0
TRAP_FRAME: ffff8185890170a0 -- (.trap 0xffff8185890170a0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffa587dfc4b501 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801254aa39f rsp=ffff818589017230 rbp=fffff802fbb47348
r8=fffff802fbb47348 r9=ffffd381c0700180 r10=0000000000000001
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di ng nz na po cy
nt!ExInterlockedInsertTailList+0xe583f:
fffff801`254aa39f cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: ffff818589016ff8 -- (.exr 0xffff818589016ff8)
ExceptionAddress: fffff801254aa39f (nt!ExInterlockedInsertTailList+0x00000000000e583f)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
CPU_COUNT: 8
CPU_MHZ: 7c8
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 8e
CPU_STEPPING: a
CPU_MICROCODE: 6,8e,a,0 (F,M,S,R) SIG: 84'00000000 (cache) 84'00000000 (init)
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXPNP: 1 (!blackboxpnp)
BUGCHECK_STR: 0x139
PROCESS_NAME: System
CURRENT_IRQL: 0
DEFAULT_BUCKET_ID: FAIL_FAST_CORRUPT_LIST_ENTRY
ERROR_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
ANALYSIS_SESSION_HOST: HAIYANG
ANALYSIS_SESSION_TIME: 03-21-2019 11:11:59.0924
ANALYSIS_VERSION: 10.0.17763.132 amd64fre
LAST_CONTROL_TRANSFER: from fffff80125464c69 to fffff801254540a0
STACK_TEXT:
ffff8185`89016d78 fffff801`25464c69 : 00000000`00000139 00000000`00000003 ffff8185`890170a0 ffff8185`89016ff8 : nt!KeBugCheckEx
ffff8185`89016d80 fffff801`25465010 : 00000000`00000000 fffff802`fbdf1010 ffffa587`d8663030 fffff801`2536917a : nt!KiBugCheckDispatch+0x69
ffff8185`89016ec0 fffff801`2546361f : ffffa587`d5947620 ffffa587`cf318200 00000000`00000000 00000000`00000001 : nt!KiFastFailDispatch+0xd0
ffff8185`890170a0 fffff801`254aa39f : ffffa587`e03de010 00000000`00000000 ffffa587`dfc4b510 fffff802`fbb47370 : nt!KiRaiseSecurityCheckFailure+0x2df
ffff8185`89017230 fffff802`fbb42f6a : ffffa587`e03de010 ffff8185`89017349 ffffa587`d1b941b0 00000000`00000000 : nt!ExInterlockedInsertTailList+0xe583f
ffff8185`89017260 fffff801`2534572f : ffffa587`e03de010 ffffa587`d1b94060 00000000`00000000 00000000`00000000 : topsecpf+0x2f6a
ffff8185`89017290 fffff801`253455f7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopfCompleteRequest+0x11f
ffff8185`890173b0 fffff802`fbaf58f9 : ffffa587`df8682e0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IofCompleteRequest+0x17
ffff8185`890173e0 fffff801`25342e69 : ffffa587`e03de0e0 00000000`00000000 ffffa587`d1b941b0 fffff802`fd2e8856 : tdx!TdxTdiDispatchCleanup+0x359
ffff8185`89017460 fffff802`fbb43064 : ffffa587`00000000 ffffa587`e03de0e0 ffffa587`d1b941b0 00000000`00000000 : nt!IofCallDriver+0x59
ffff8185`890174a0 fffff802`fbb414c4 : ffffa587`d1b94060 ffffa587`d1b941b0 ffffa587`e03de010 ffffa587`cf2f3440 : topsecpf+0x3064
ffff8185`890174d0 fffff802`fbb416f6 : ffffa587`d1b94060 ffffa587`e03de128 ffffa587`e03de010 fffff802`fd2e8804 : topsecpf+0x14c4
ffff8185`89017500 fffff801`25342e69 : ffffa587`e063f7d0 00000000`00000000 ffffa587`e03de010 ffffa587`cf2f3440 : topsecpf+0x16f6
ffff8185`89017530 fffff801`257717fe : ffffa587`e063f7d0 00000000`00000000 00000000`00000000 fffff802`fbb42c2a : nt!IofCallDriver+0x59
ffff8185`89017570 fffff801`2579e552 : ffffa587`e063f7a0 00000000`00000001 ffffbc02`00000000 00000000`00007fff : nt!IopCloseFile+0x15e
ffff8185`89017600 fffff801`257a5edd : ffffa587`e03de010 00000000`00000000 ffffa587`df8682e0 fffff801`2545ad46 : nt!ObCloseHandleTableEntry+0x212
ffff8185`89017740 fffff801`25464743 : ffffa587`d1b9a850 fffff801`25342e69 ffffa587`d0082040 ffff8185`89017820 : nt!NtClose+0xcd
ffff8185`890177a0 fffff801`25457aa0 : fffff802`fbc36e32 ffffa587`d98c3a70 00000000`0000000d ffffa587`d98c3a70 : nt!KiSystemServiceCopyEnd+0x13
ffff8185`89017938 fffff802`fbc36e32 : ffffa587`d98c3a70 00000000`0000000d ffffa587`d98c3a70 ffffd381`c0a80180 : nt!KiServiceLinkage
ffff8185`89017940 fffff802`fbbd407a : 00000000`00000000 ffffa587`e0645a60 fffff802`fbbf95e0 00000000`0000000d : afd!AfdFreeConnectionResources+0xf652
ffff8185`89017980 fffff802`fbc0e417 : ffffa587`d98c3b20 fffff802`fbc0e400 ffffa353`50bf6502 00000000`00000000 : afd!AfdFreeConnectionEx+0x2a
ffff8185`890179b0 fffff802`fbbd3f92 : 00000000`00000000 00000000`00000000 fffff802`fbbd3f10 ffffa587`cf2bcaa0 : afd!AfdFreeConnection+0x17
ffff8185`890179e0 fffff801`253c8d7c : ffffa587`cf2e71c0 ffffa587`d1b8be40 ffffa587`df3d2080 fffff802`fbbd3f10 : afd!AfdDoWork+0x82
ffff8185`89017a10 fffff801`2535fb05 : 00000000`00000000 ffffa587`d0082040 fffff801`253c8c50 00000000`00000000 : nt!IopProcessWorkItem+0x12c
ffff8185`89017a80 fffff801`253da2d7 : ffffa587`d0082040 00000000`00000080 ffffa587`cf2f3440 ffffa587`d0082040 : nt!ExpWorkerThread+0xf5
ffff8185`89017b10 fffff801`2545b516 : ffffd381`c09b9180 ffffa587`d0082040 fffff801`253da290 8b480000`04449f89 : nt!PspSystemThreadStartup+0x47
ffff8185`89017b60 00000000`00000000 : ffff8185`89018000 ffff8185`89011000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
THREAD_SHA1_HASH_MOD_FUNC: 2d8344b651739320fad5945d2588d57ac1b7461c
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: bc5c3903816cb5021fe0e87cc0b0ec4c4d03caa1
THREAD_SHA1_HASH_MOD: 38e53ac0126e1719b5dcbb6c7225fe02fc0f7f41
FOLLOWUP_IP:
topsecpf+2f6a
fffff802`fbb42f6a 488d4e48 lea rcx,[rsi+48h]
FAULT_INSTR_CODE: 484e8d48
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: topsecpf+2f6a
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: topsecpf
IMAGE_NAME: topsecpf.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4d6da0f2
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 2f6a
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_topsecpf!unknown_function
BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_topsecpf!unknown_function
PRIMARY_PROBLEM_CLASS: 0x139_3_CORRUPT_LIST_ENTRY_topsecpf!unknown_function
TARGET_TIME: 2019-03-21T02:48:54.000Z
OSBUILD: 17134
OSSERVICEPACK: 0
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 784
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2019-03-06 16:32:15
BUILDDATESTAMP_STR: 180410-1804
BUILDLAB_STR: rs4_release
BUILDOSVER_STR: 10.0.17134.1.amd64fre.rs4_release.180410-1804
ANALYSIS_SESSION_ELAPSED_TIME: 1382
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x139_3_corrupt_list_entry_topsecpf!unknown_function
FAILURE_ID_HASH: {7d6915eb-8c8b-b32e-d4d4-a1676df73917}
Followup: MachineOwner
---------
1: kd> !blackboxbsd
Stream size mismatch (expected = 168, read = 136)
1: kd> .trap 0xffff8185890170a0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffa587dfc4b501 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801254aa39f rsp=ffff818589017230 rbp=fffff802fbb47348
r8=fffff802fbb47348 r9=ffffd381c0700180 r10=0000000000000001
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di ng nz na po cy
nt!ExInterlockedInsertTailList+0xe583f:
fffff801`254aa39f cd29 int 29h
1: kd> .exr 0xffff818589016ff8
ExceptionAddress: fffff801254aa39f (nt!ExInterlockedInsertTailList+0x00000000000e583f)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
1: kd> !blackboxbsd
Stream size mismatch (expected = 168, read = 136)
1: kd> !blackboxpnp
PnpActivityId : {00000000-0000-0000-0000-000000000000}
PnpActivityTime : 131976053916827554
PnpEventInformation: 3
PnpEventInProgress : 0
PnpProblemCode : 24
PnpVetoType : 0
DeviceId : SW\{96E080C7-143C-11D1-B40F-00A0C9223196}\{3C0D501A-140B-11D1-B40F-00A0C9223196}
VetoString :
1: kd> lmvm topsecpf
Browse full module list
start end module name
fffff802`fbb40000 fffff802`fbb4e000 topsecpf (no symbols)
Loaded symbol image file: topsecpf.sys
Image path: \??\C:\Windows\sysWOW64\drivers\topsecpf.sys
Image name: topsecpf.sys
Browse all global symbols functions data
Timestamp: Tue Mar 1 18:44:18 2011 (4D6DA0F2)
CheckSum: 000192FE
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Information from resource tables: