Symptoms
If Microsoft's October update rollup KB5031364 had been previously installed and "Kernel DMA protection" is enabled in the BIOS. A crash with bugcheck 0x139 may occur after updating the Intel chipset driver or Matrox video driver.Example:
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 000000000000000e, Type of memory safety violation
Arg2: fffff60c5ea56de0, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff60c5ea56d38, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Child-SP RetAddr Call Site
fffff60c`5ea56ab8 fffff802`12434f69 nt!KeBugCheckEx
fffff60c`5ea56ac0 fffff802`124354f2 nt!KiBugCheckDispatch+0x69
fffff60c`5ea56c00 fffff802`1243339e nt!KiFastFailDispatch+0xb2
fffff60c`5ea56de0 fffff802`125108f4 nt!KiRaiseSecurityCheckFailure+0x31e (TrapFrame @ fffff60c`5ea56de0)
fffff60c`5ea56f70 fffff802`12511d09 nt!HalpIommuCreateIncreaseAliasTrack+0x7c
fffff60c`5ea56fa0 fffff802`12935e3d nt!HalpIommuUnblockDevice+0x109
fffff60c`5ea57030 fffff802`1273566f nt!PiIommuUnblockDevice+0x59
fffff60c`5ea57060 fffff802`12735128 nt!PiDmaGuardProcessPreStart+0x27
fffff60c`5ea570a0 fffff802`12724ca0 nt!PipProcessStartPhase1+0x50
fffff60c`5ea570e0 fffff802`12649cca nt!PipProcessDevNodeTree+0x394
fffff60c`5ea57190 fffff802`1230695c nt!PiRestartDevice+0xba
fffff60c`5ea571e0 fffff802`122d85b1 nt!PnpDeviceActionWorker+0x3ec
fffff60c`5ea572a0 fffff802`123581d5 nt!ExpWorkerThread+0x161
fffff60c`5ea574b0 fffff802`12424b08 nt!PspSystemThreadStartup+0x55
fffff60c`5ea57500 00000000`00000000 nt!KiStartSystemThread+0x28
FAILURE_ID_HASH_STRING: km:0x139_e_invalid_reference_count_nt!kifastfaildispatch
Cause
A change in Microsoft's October update rollup KB5031364 introduced this problem. The bugcheck concerns an incorrect RefCount in a Direct Memory Access (DMA) Requestor ID (RID) alias.
Resolution
Fix:Fixed in Microsoft's January 2024 Update KB5034129.Workaround:Kernel DMA protection in the BIOS can be temporarily disabled to avoid the bugcheck if needed.
