10: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KERNEL_MODE_HEAP_CORRUPTION (13a) The kernel mode heap manager has detected corruption in a heap. Arguments: Arg1: 0000000000000011, Type of corruption detected Arg2: ffffd00885010140, Address of the heap that reported the corruption Arg3: ffffd0088d972e30, Address at which the corruption was detected Arg4: 0000000000000000 Debugging Details: ------------------ fffff8032031c468: Unable to get MiVisibleState Unable to get NonPagedPoolStart Unable to get NonPagedPoolEnd Unable to get PagedPoolStart Unable to get PagedPoolEnd HeapDbgInitExtension Failed KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 3530 Key : Analysis.Elapsed.mSec Value: 12043 Key : Analysis.IO.Other.Mb Value: 5 Key : Analysis.IO.Read.Mb Value: 16 Key : Analysis.IO.Write.Mb Value: 47 Key : Analysis.Init.CPU.mSec Value: 140 Key : Analysis.Init.Elapsed.mSec Value: 119453 Key : Analysis.Memory.CommitPeak.Mb Value: 101 Key : Bugcheck.Code.LegacyAPI Value: 0x13a Key : Dump.Attributes.AsUlong Value: 808 Key : Dump.Attributes.KernelGeneratedTriageDump Value: 1 Key : Failure.Bucket Value: 0x13a_11_MmSe_portmaster_kext_v1_1_2!unknown_function Key : Failure.Hash Value: {048b0411-440c-a208-a76d-4fecefa2d2b3} Key : Hypervisor.Enlightenments.ValueHex Value: 1497cf94 Key : Hypervisor.Flags.AnyHypervisorPresent Value: 1 Key : Hypervisor.Flags.ApicEnlightened Value: 1 Key : Hypervisor.Flags.ApicVirtualizationAvailable Value: 0 Key : Hypervisor.Flags.AsyncMemoryHint Value: 0 Key : Hypervisor.Flags.CoreSchedulerRequested Value: 0 Key : Hypervisor.Flags.CpuManager Value: 1 Key : Hypervisor.Flags.DeprecateAutoEoi Value: 0 Key : Hypervisor.Flags.DynamicCpuDisabled Value: 1 Key : Hypervisor.Flags.Epf Value: 0 Key : Hypervisor.Flags.ExtendedProcessorMasks Value: 1 Key : Hypervisor.Flags.HardwareMbecAvailable Value: 1 Key : Hypervisor.Flags.MaxBankNumber Value: 0 Key : Hypervisor.Flags.MemoryZeroingControl Value: 0 Key : Hypervisor.Flags.NoExtendedRangeFlush Value: 0 Key : Hypervisor.Flags.NoNonArchCoreSharing Value: 1 Key : Hypervisor.Flags.Phase0InitDone Value: 1 Key : Hypervisor.Flags.PowerSchedulerQos Value: 0 Key : Hypervisor.Flags.RootScheduler Value: 0 Key : Hypervisor.Flags.SynicAvailable Value: 1 Key : Hypervisor.Flags.UseQpcBias Value: 0 Key : Hypervisor.Flags.Value Value: 4853999 Key : Hypervisor.Flags.ValueHex Value: 4a10ef Key : Hypervisor.Flags.VpAssistPage Value: 1 Key : Hypervisor.Flags.VsmAvailable Value: 1 Key : Hypervisor.RootFlags.AccessStats Value: 1 Key : Hypervisor.RootFlags.CrashdumpEnlightened Value: 1 Key : Hypervisor.RootFlags.CreateVirtualProcessor Value: 1 Key : Hypervisor.RootFlags.DisableHyperthreading Value: 0 Key : Hypervisor.RootFlags.HostTimelineSync Value: 1 Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled Value: 0 Key : Hypervisor.RootFlags.IsHyperV Value: 1 Key : Hypervisor.RootFlags.LivedumpEnlightened Value: 1 Key : Hypervisor.RootFlags.MapDeviceInterrupt Value: 1 Key : Hypervisor.RootFlags.MceEnlightened Value: 1 Key : Hypervisor.RootFlags.Nested Value: 0 Key : Hypervisor.RootFlags.StartLogicalProcessor Value: 1 Key : Hypervisor.RootFlags.Value Value: 1015 Key : Hypervisor.RootFlags.ValueHex Value: 3f7 BUGCHECK_CODE: 13a BUGCHECK_P1: 11 BUGCHECK_P2: ffffd00885010140 BUGCHECK_P3: ffffd0088d972e30 BUGCHECK_P4: 0 FILE_IN_CAB: 090223-7859-01.dmp TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b DUMP_FILE_ATTRIBUTES: 0x808 Kernel Generated Triage Dump POOL_ADDRESS: Unable to get NonPagedPoolStart Unable to get NonPagedPoolEnd Unable to get PagedPoolStart Unable to get PagedPoolEnd unable to get nt!MmSpecialPagesInUse ffffd0088d972e30 FREED_POOL_TAG: MmSe CUSTOMER_CRASH_COUNT: 1 PROCESS_NAME: portmaster-cor STACK_TEXT: fffffb0f`d9b3c3e8 fffff803`1fbc8298 : 00000000`0000013a 00000000`00000011 ffffd008`85010140 ffffd008`8d972e30 : nt!KeBugCheckEx fffffb0f`d9b3c3f0 fffff803`1fbc82f8 : 00000000`00000011 00000000`00000000 ffffd008`85010140 ffffd008`8c4cce40 : nt!RtlpHeapHandleError+0x40 fffffb0f`d9b3c430 fffff803`1fbc7f15 : 00000000`01d00060 ffffffff`ffffffff 00000000`00000000 ffffffff`ffffffff : nt!RtlpHpHeapHandleError+0x58 fffffb0f`d9b3c460 fffff803`1fae5adc : ffffd008`8c4cce40 fffff803`1f931773 ffffd008`00000001 fffffb0f`d9b3c5e9 : nt!RtlpLogHeapFailure+0x45 fffffb0f`d9b3c490 fffff803`1f9324e9 : ffffd008`85010380 ffffd008`8c3882ff 00000000`00000000 00000000`00000000 : nt!RtlpHpLfhSubsegmentFreeBlock+0x199a6c fffffb0f`d9b3c520 fffff803`200ae4c0 : ffffd008`8d972e30 00000000`00000002 00000000`00000001 00000000`00000001 : nt!RtlpHpFreeHeap+0x159 fffffb0f`d9b3c5c0 fffff803`1d5a8ec4 : ffffd008`65536d4d 00000000`00000000 ffffd008`00000002 00000000`00000060 : nt!ExFreePoolWithTag+0x1a0 fffffb0f`d9b3c650 ffffd008`65536d4d : 00000000`00000000 ffffd008`00000002 00000000`00000060 00000000`00040282 : portmaster_kext_v1_1_2+0x8ec4 fffffb0f`d9b3c658 00000000`00000000 : ffffd008`00000002 00000000`00000060 00000000`00040282 fffff803`1d5a66d7 : 0xffffd008`65536d4d SYMBOL_NAME: portmaster_kext_v1_1_2+8ec4 MODULE_NAME: portmaster_kext_v1_1_2 IMAGE_NAME: portmaster-kext_v1-1-2.sys STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 8ec4 FAILURE_BUCKET_ID: 0x13a_11_MmSe_portmaster_kext_v1_1_2!unknown_function OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {048b0411-440c-a208-a76d-4fecefa2d2b3} Followup: MachineOwner ---------