I'm trying to look into a BSOD with the KERNEL_SECURITY_CHECK_FAILURE stop code. It is the one for the corrupted LIST_ENTRY, or with the Arg1 == 3.
The documentation says that I need to use " dl and dlb commands"
But how do I get the address of the failed LIST_ENTRY?
In the bug check itself I have a trap frame and an exception record. I don't have the source code for the failed module to know more, so all I have is the assembly code for the location where the fast-fail software breakpoint was raised (from the trap frame).