Bug causing KERNEL_MODE_HEAP_CORRUPTION (13a) BSOD on Windows 11 build 23H2 2024-10 Cumulative Update Version 23H2 for x64-based Systems (KB5044285)

[indexfull]

Pre-Submit Checklist:

• Check applicable sources for existing issues:
  • Windows Known Issues
  • Linux Known Issues
  • Github Issues

What happened:

BSOD: KERNEL_MODE_HEAP_CORRUPTION (13a)

What did you expect to happen?:

Nothing

How did you reproduce it?:

Playing games while watching youtube on chrome

Debug Information:

Repository : LocalInstalled, Enabled: true

  ----> Repository : UserExtensions, Enabled: true

Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds

************* Waiting for Debugger Extensions Gallery to Initialize **************

Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.079 seconds
----> Repository : UserExtensions, Enabled: true, Packages count: 0
----> Repository : LocalInstalled, Enabled: true, Packages count: 42

Microsoft (R) Windows Debugger Version 10.0.27725.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\Minidump\111024-11515-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 22621 MP (28 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Kernel base = 0xfffff8015c200000 PsLoadedModuleList = 0xfffff8015ce134b0
Debug session time: Sun Nov 10 01:00:56.644 2024 (UTC + 1:00)
System Uptime: 2 days 21:01:26.652
Loading Kernel Symbols
..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

.............................................................
................................................................
................................................................
......................................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000052984ec018). Type ".hh dbgerr001" for details Loading unloaded module list .................................................. For analysis of this file, run !analyze -v nt!KeBugCheckEx: fffff8015c614df0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffffc8d`3b797380=000000000000013a
20: kd> !analyze -v

---

•                                                                         *
  

•                    Bugcheck Analysis                                    *
  

•                                                                         *
  

---

KERNEL_MODE_HEAP_CORRUPTION (13a)
The kernel mode heap manager has detected corruption in a heap.
Arguments:
Arg1: 0000000000000011, Type of corruption detected
Arg2: ffff9c0fa6010140, Address of the heap that reported the corruption
Arg3: ffff9c0120cf0db0, Address at which the corruption was detected
Arg4: 0000000000000000

Debugging Details:

fffff8015cf1d470: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
HeapDbgInitExtension Failed

KEY_VALUES_STRING: 1

Key  : Analysis.CPU.mSec
Value: 1140

Key  : Analysis.Elapsed.mSec
Value: 2616

Key  : Analysis.IO.Other.Mb
Value: 0

Key  : Analysis.IO.Read.Mb
Value: 1

Key  : Analysis.IO.Write.Mb
Value: 0

Key  : Analysis.Init.CPU.mSec
Value: 156

Key  : Analysis.Init.Elapsed.mSec
Value: 22770

Key  : Analysis.Memory.CommitPeak.Mb
Value: 100

Key  : Analysis.Version.DbgEng
Value: 10.0.27725.1000

Key  : Analysis.Version.Description
Value: 10.2408.27.01 amd64fre

Key  : Analysis.Version.Ext
Value: 1.2408.27.1

Key  : Bugcheck.Code.LegacyAPI
Value: 0x13a

Key  : Bugcheck.Code.TargetModel
Value: 0x13a

Key  : Dump.Attributes.AsUlong
Value: 1808

Key  : Dump.Attributes.DiagDataWrittenToHeader
Value: 1

Key  : Dump.Attributes.ErrorCode
Value: 0

Key  : Dump.Attributes.KernelGeneratedTriageDump
Value: 1

Key  : Dump.Attributes.LastLine
Value: Dump completed successfully.

Key  : Dump.Attributes.ProgressPercentage
Value: 0

Key  : Failure.Bucket
Value: 0x13a_11_PMas_portmaster_kext_v1_1_2!unknown_function

Key  : Failure.Hash
Value: {38f08178-bf1c-fabf-7c9b-d78dd082202e}

Key  : Hypervisor.Enlightenments.ValueHex
Value: 1417df84

Key  : Hypervisor.Flags.AnyHypervisorPresent
Value: 1

Key  : Hypervisor.Flags.ApicEnlightened
Value: 0

Key  : Hypervisor.Flags.ApicVirtualizationAvailable
Value: 1

Key  : Hypervisor.Flags.AsyncMemoryHint
Value: 0

Key  : Hypervisor.Flags.CoreSchedulerRequested
Value: 0

Key  : Hypervisor.Flags.CpuManager
Value: 1

Key  : Hypervisor.Flags.DeprecateAutoEoi
Value: 1

Key  : Hypervisor.Flags.DynamicCpuDisabled
Value: 1

Key  : Hypervisor.Flags.Epf
Value: 0

Key  : Hypervisor.Flags.ExtendedProcessorMasks
Value: 1

Key  : Hypervisor.Flags.HardwareMbecAvailable
Value: 1

Key  : Hypervisor.Flags.MaxBankNumber
Value: 0

Key  : Hypervisor.Flags.MemoryZeroingControl
Value: 0

Key  : Hypervisor.Flags.NoExtendedRangeFlush
Value: 0

Key  : Hypervisor.Flags.NoNonArchCoreSharing
Value: 1

Key  : Hypervisor.Flags.Phase0InitDone
Value: 1

Key  : Hypervisor.Flags.PowerSchedulerQos
Value: 0

Key  : Hypervisor.Flags.RootScheduler
Value: 0

Key  : Hypervisor.Flags.SynicAvailable
Value: 1

Key  : Hypervisor.Flags.UseQpcBias
Value: 0

Key  : Hypervisor.Flags.Value
Value: 21631230

Key  : Hypervisor.Flags.ValueHex
Value: 14a10fe

Key  : Hypervisor.Flags.VpAssistPage
Value: 1

Key  : Hypervisor.Flags.VsmAvailable
Value: 1

Key  : Hypervisor.RootFlags.AccessStats
Value: 1

Key  : Hypervisor.RootFlags.CrashdumpEnlightened
Value: 1

Key  : Hypervisor.RootFlags.CreateVirtualProcessor
Value: 1

Key  : Hypervisor.RootFlags.DisableHyperthreading
Value: 0

Key  : Hypervisor.RootFlags.HostTimelineSync
Value: 1

Key  : Hypervisor.RootFlags.HypervisorDebuggingEnabled
Value: 0

Key  : Hypervisor.RootFlags.IsHyperV
Value: 1

Key  : Hypervisor.RootFlags.LivedumpEnlightened
Value: 1

Key  : Hypervisor.RootFlags.MapDeviceInterrupt
Value: 1

Key  : Hypervisor.RootFlags.MceEnlightened
Value: 1

Key  : Hypervisor.RootFlags.Nested
Value: 0

Key  : Hypervisor.RootFlags.StartLogicalProcessor
Value: 1

Key  : Hypervisor.RootFlags.Value
Value: 1015

Key  : Hypervisor.RootFlags.ValueHex
Value: 3f7

BUGCHECK_CODE: 13a

BUGCHECK_P1: 11

BUGCHECK_P2: ffff9c0fa6010140

BUGCHECK_P3: ffff9c0120cf0db0

BUGCHECK_P4: 0

FILE_IN_CAB: 111024-11515-01.dmp

TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b

DUMP_FILE_ATTRIBUTES: 0x1808
Kernel Generated Triage Dump

FAULTING_THREAD: ffff9c0fc3871080

POOL_ADDRESS: Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
unable to get nt!MmSpecialPagesInUse
ffff9c0120cf0db0

FREED_POOL_TAG: PMas

BLACKBOXBSD: 1 (!blackboxbsd)

BLACKBOXNTFS: 1 (!blackboxntfs)

BLACKBOXPNP: 1 (!blackboxpnp)

BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT: 1

PROCESS_NAME: portmaster-cor

STACK_TEXT:
fffffc8d3b797378 fffff8015c7b253c : 000000000000013a 0000000000000011 ffff9c0fa6010140 ffff9c0120cf0db0 : nt!KeBugCheckEx
fffffc8d3b797380 fffff8015c7b259c : 0000000000000011 0000000000000000 ffff9c0fa6010140 ffff9c010b809990 : nt!RtlpHeapHandleError+0x40
fffffc8d3b7973c0 fffff8015c7b21b9 : 0000000001d00060 ffffffffffffffff 0000000000000000 ffffffffffffffff : nt!RtlpHpHeapHandleError+0x58
fffffc8d3b7973f0 fffff8015c69b426 : ffff9c010b809990 fffff8015c46784c ffff9c0100000001 fffffc8d3b797579 : nt!RtlpLogHeapFailure+0x45
fffffc8d3b797420 fffff8015c4685b9 : ffff9c0fa6010380 ffff9c0fd9a431ff 0000000000000000 0000000000000000 : nt!RtlpHpLfhSubsegmentFreeBlock+0x1d0866
fffffc8d3b7974b0 fffff8015ccaaa00 : ffff9c0120cf0db0 0000000000000002 0000000000000001 0000000000000001 : nt!RtlpHpFreeHeap+0x159
fffffc8d3b797550 fffff801b44c8ec4 : ffff9c0173614d50 0000000000000000 ffff9c0f00000002 0000000000000060 : nt!ExFreePoolWithTag+0x1a0
fffffc8d3b7975e0 ffff9c0173614d50 : 0000000000000000 ffff9c0f00000002 0000000000000060 fffffc8d3b797658 : portmaster_kext_v1_1_2+0x8ec4
fffffc8d3b7975e8 0000000000000000 : ffff9c0f00000002 0000000000000060 fffffc8d3b797658 fffff801b44c66d7 : 0xffff9c01`73614d50

SYMBOL_NAME: portmaster_kext_v1_1_2+8ec4

MODULE_NAME: portmaster_kext_v1_1_2

IMAGE_NAME: portmaster-kext_v1-1-2.sys

STACK_COMMAND: .process /r /p 0xffff9c0fbee3e080; .thread 0xffff9c0fc3871080 ; kb

BUCKET_ID_FUNC_OFFSET: 8ec4

FAILURE_BUCKET_ID: 0x13a_11_PMas_portmaster_kext_v1_1_2!unknown_function

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {38f08178-bf1c-fabf-7c9b-d78dd082202e}

Followup: MachineOwner

Additional logs can be found here:

• Linux: /opt/safing/portmaster/logs
• Windows: %PROGRAMDATA%\Safing\Portmaster\logs
  -->

[github-actions]

Greetings and welcome to our community! As this is the first issue you opened here, we wanted to share some useful infos with you:

• 🗣️ Our community on Discord is super helpful and active. We also have an AI-enabled support bot that knows Portmaster well and can give you immediate help.
• 📖 The Wiki answers all common questions and has many important details. If you can't find an answer there, let us know, so we can add anything that's missing.

[Raphty]

@indexfull you can switch to the beta channel, we have updated the kext.