I have no idea what any of this means, brand new laptop, occasionally crashing. Really like the laptop so would like to not have to replace it!
Microsoft (R) Windows Debugger Version 10.0.22549.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\WINDOWS\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
Dump completed successfully, progress percentage: 100
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 22000 MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Edition build lab: 22000.1.amd64fre.co_release.210604-1628
Machine Name:
Kernel base = 0xfffff801`4c800000 PsLoadedModuleList = 0xfffff801`4d429c70
Debug session time: Tue Apr 12 12:55:53.015 2022 (UTC + 1:00)
System Uptime: 0 days 2:30:08.653
Loading Kernel Symbols
...............................................................
................................................................
................................................................
..............................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000000d5`acf27018). Type ".hh dbgerr001" for details
Loading unloaded module list
.............
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff801`4cc16990 48894c2408 mov qword ptr [rsp+8],rcx ss:ffff8c04`ef0ae6b0=0000000000000139
10: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffff8c04ef0ae9d0, Address of the trap frame for the exception that caused the BugCheck
Arg3: ffff8c04ef0ae928, Address of the exception record for the exception that caused the BugCheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2483
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 6049
Key : Analysis.Init.CPU.mSec
Value: 1702
Key : Analysis.Init.Elapsed.mSec
Value: 63292
Key : Analysis.Memory.CommitPeak.Mb
Value: 99
Key : FailFast.Name
Value: CORRUPT_LIST_ENTRY
Key : FailFast.Type
Value: 3
Key : WER.OS.Branch
Value: co_release
Key : WER.OS.Timestamp
Value: 2021-06-04T16:28:00Z
Key : WER.OS.Version
Value: 10.0.22000.1
FILE_IN_CAB: MEMORY.DMP
DUMP_FILE_ATTRIBUTES: 0x1000
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: ffff8c04ef0ae9d0
BUGCHECK_P3: ffff8c04ef0ae928
BUGCHECK_P4: 0
TRAP_FRAME: ffff8c04ef0ae9d0 -- (.trap 0xffff8c04ef0ae9d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffc28f3a31da88 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8014ca465d9 rsp=ffff8c04ef0aeb60 rbp=ffffc28f2f1821b0
r8=0000000000000000 r9=0000000000000002 r10=000000000000000e
r11=fffff80145103d80 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!KiProcessThreadWaitList+0x99:
fffff801`4ca465d9 cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: ffff8c04ef0ae928 -- (.exr 0xffff8c04ef0ae928)
ExceptionAddress: fffff8014ca465d9 (nt!KiProcessThreadWaitList+0x0000000000000099)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: OUTLOOK.EXE
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFF8C04EF0AEFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
ffff8c04`ef0ae6a8 fffff801`4cc295a9 : 00000000`00000139 00000000`00000003 ffff8c04`ef0ae9d0 ffff8c04`ef0ae928 : nt!KeBugCheckEx
ffff8c04`ef0ae6b0 fffff801`4cc299f2 : 00000000`00000000 00000000`0000000f ffffc28f`19a21e38 fffff801`4ca51a56 : nt!KiBugCheckDispatch+0x69
ffff8c04`ef0ae7f0 fffff801`4cc27cd2 : 00000000`00000002 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xb2
ffff8c04`ef0ae9d0 fffff801`4ca465d9 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x312
ffff8c04`ef0aeb60 fffff801`4ca457d6 : 00000000`00000000 ffff8d01`00000001 ffff8c04`00000000 ffff8d01`00000002 : nt!KiProcessThreadWaitList+0x99
ffff8c04`ef0aebd0 fffff801`4ca43c54 : ffff8d01`837e0180 ff48ce8b`00000000 00000014`f98e93bc fffff801`45106f08 : nt!KiProcessExpiredTimerList+0x376
ffff8c04`ef0aed00 fffff801`4cc1e725 : ed324000`000001b9 ffff8d01`837e0180 ffffc28f`1392a500 00007ffb`8a7cace0 : nt!KiRetireDpcList+0x714
ffff8c04`ef0aefb0 fffff801`4cc1e500 : fffff801`4cc12950 fffff801`4caaf3fa ffffc28f`26cd4080 00000000`00000004 : nt!KxRetireDpcList+0x5
ffff8c04`f35f7aa0 fffff801`4cc1dd45 : 00007ffb`8a7cace0 fffff801`4cc18be1 00000000`00000000 ffff8c04`f35f7b60 : nt!KiDispatchInterruptContinue
ffff8c04`f35f7ad0 fffff801`4cc18be1 : 00000000`00000000 ffff8c04`f35f7b60 0000020a`b12cef90 ffffc28f`00000000 : nt!KiDpcInterruptBypass+0x25
ffff8c04`f35f7ae0 00007ffb`89e11688 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0xb1
000000d5`acd7ef70 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`89e11688
SYMBOL_NAME: nt!KiProcessExpiredTimerList+376
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: 376
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_KTIMER_LIST_CORRUPTION_nt!KiProcessExpiredTimerList
OS_VERSION: 10.0.22000.1
BUILDLAB_STR: co_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {9db7945b-255d-24a1-9f2c-82344e883ab8}
Followup: MachineOwner
---------
Microsoft (R) Windows Debugger Version 10.0.22549.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\WINDOWS\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
Dump completed successfully, progress percentage: 100
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 22000 MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Edition build lab: 22000.1.amd64fre.co_release.210604-1628
Machine Name:
Kernel base = 0xfffff801`4c800000 PsLoadedModuleList = 0xfffff801`4d429c70
Debug session time: Tue Apr 12 12:55:53.015 2022 (UTC + 1:00)
System Uptime: 0 days 2:30:08.653
Loading Kernel Symbols
...............................................................
................................................................
................................................................
..............................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000000d5`acf27018). Type ".hh dbgerr001" for details
Loading unloaded module list
.............
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff801`4cc16990 48894c2408 mov qword ptr [rsp+8],rcx ss:ffff8c04`ef0ae6b0=0000000000000139
10: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffff8c04ef0ae9d0, Address of the trap frame for the exception that caused the BugCheck
Arg3: ffff8c04ef0ae928, Address of the exception record for the exception that caused the BugCheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2483
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 6049
Key : Analysis.Init.CPU.mSec
Value: 1702
Key : Analysis.Init.Elapsed.mSec
Value: 63292
Key : Analysis.Memory.CommitPeak.Mb
Value: 99
Key : FailFast.Name
Value: CORRUPT_LIST_ENTRY
Key : FailFast.Type
Value: 3
Key : WER.OS.Branch
Value: co_release
Key : WER.OS.Timestamp
Value: 2021-06-04T16:28:00Z
Key : WER.OS.Version
Value: 10.0.22000.1
FILE_IN_CAB: MEMORY.DMP
DUMP_FILE_ATTRIBUTES: 0x1000
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: ffff8c04ef0ae9d0
BUGCHECK_P3: ffff8c04ef0ae928
BUGCHECK_P4: 0
TRAP_FRAME: ffff8c04ef0ae9d0 -- (.trap 0xffff8c04ef0ae9d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffc28f3a31da88 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8014ca465d9 rsp=ffff8c04ef0aeb60 rbp=ffffc28f2f1821b0
r8=0000000000000000 r9=0000000000000002 r10=000000000000000e
r11=fffff80145103d80 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!KiProcessThreadWaitList+0x99:
fffff801`4ca465d9 cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: ffff8c04ef0ae928 -- (.exr 0xffff8c04ef0ae928)
ExceptionAddress: fffff8014ca465d9 (nt!KiProcessThreadWaitList+0x0000000000000099)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: OUTLOOK.EXE
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFF8C04EF0AEFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
ffff8c04`ef0ae6a8 fffff801`4cc295a9 : 00000000`00000139 00000000`00000003 ffff8c04`ef0ae9d0 ffff8c04`ef0ae928 : nt!KeBugCheckEx
ffff8c04`ef0ae6b0 fffff801`4cc299f2 : 00000000`00000000 00000000`0000000f ffffc28f`19a21e38 fffff801`4ca51a56 : nt!KiBugCheckDispatch+0x69
ffff8c04`ef0ae7f0 fffff801`4cc27cd2 : 00000000`00000002 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xb2
ffff8c04`ef0ae9d0 fffff801`4ca465d9 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x312
ffff8c04`ef0aeb60 fffff801`4ca457d6 : 00000000`00000000 ffff8d01`00000001 ffff8c04`00000000 ffff8d01`00000002 : nt!KiProcessThreadWaitList+0x99
ffff8c04`ef0aebd0 fffff801`4ca43c54 : ffff8d01`837e0180 ff48ce8b`00000000 00000014`f98e93bc fffff801`45106f08 : nt!KiProcessExpiredTimerList+0x376
ffff8c04`ef0aed00 fffff801`4cc1e725 : ed324000`000001b9 ffff8d01`837e0180 ffffc28f`1392a500 00007ffb`8a7cace0 : nt!KiRetireDpcList+0x714
ffff8c04`ef0aefb0 fffff801`4cc1e500 : fffff801`4cc12950 fffff801`4caaf3fa ffffc28f`26cd4080 00000000`00000004 : nt!KxRetireDpcList+0x5
ffff8c04`f35f7aa0 fffff801`4cc1dd45 : 00007ffb`8a7cace0 fffff801`4cc18be1 00000000`00000000 ffff8c04`f35f7b60 : nt!KiDispatchInterruptContinue
ffff8c04`f35f7ad0 fffff801`4cc18be1 : 00000000`00000000 ffff8c04`f35f7b60 0000020a`b12cef90 ffffc28f`00000000 : nt!KiDpcInterruptBypass+0x25
ffff8c04`f35f7ae0 00007ffb`89e11688 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0xb1
000000d5`acd7ef70 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`89e11688
SYMBOL_NAME: nt!KiProcessExpiredTimerList+376
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: 376
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_KTIMER_LIST_CORRUPTION_nt!KiProcessExpiredTimerList
OS_VERSION: 10.0.22000.1
BUILDLAB_STR: co_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {9db7945b-255d-24a1-9f2c-82344e883ab8}
Followup: MachineOwner
---------
Facebook
Twitter
Instagram