BSOD "KERNEL_MODE_HEAP_CORRUPTION" with portmaster-kext_v1-1-2.sys

[LetItGlow]

System: Windows 10 Prof x64, Build 10.0.19045.4412

What happened:

Windows Crashes with a BSOD after a portscan, essentially DoS yourself.

What did you expect to happen?:

Nothing, except the system being stable. Strangely, this actually worked normally before.

How did you reproduce it?:

1. Use the PortScan made by "the Sz": https://www.the-sz.com
2. Enter an IP of your router or whatever existing unblocked device in your network.
3. Scan ports "1-5001"
4. Set speed to "fast"
5. Check "use ping instead of ARP"
6. Click "Scan" and then click "Scan" again after completion.
7. Enjoy the blue light coming from the BSOD.

Debug Information:

What debug? The system is down. I only have a crash dump of the kernel.

STACK_TEXT:  
fffffe02`6325a508 fffff800`715949ac     : 00000000`0000013a 00000000`00000011 ffffa588`87e00100 ffffa588`87d3db80 : nt!KeBugCheckEx
fffffe02`6325a510 fffff800`71594a0c     : 00000000`00000011 00000000`00000000 ffffa588`87e00100 01000000`00100000 : nt!RtlpHeapHandleError+0x40
fffffe02`6325a550 fffff800`71594639     : 00000000`00000060 ffffa588`87d3d000 ffffa588`8d541808 ffffa588`9832bec0 : nt!RtlpHpHeapHandleError+0x58
fffffe02`6325a580 fffff800`714474f2     : ffffa588`8d541808 fffff800`71234f8d 00000000`00000000 ffffa588`8d541808 : nt!RtlpLogHeapFailure+0x45
fffffe02`6325a5b0 fffff800`71233ab2     : ffffa588`87e00340 00000000`000000ff 00000000`00000000 ffffa588`00000000 : nt!RtlpHpLfhSubsegmentFreeBlock+0x1b0b22
fffffe02`6325a660 fffff800`719b70b9     : ffffa588`00000000 00000000`00000000 ffffa588`97b078f0 01000000`00100000 : nt!ExFreeHeapPool+0x362
fffffe02`6325a740 fffff800`701b8ec4     : ffffa588`8d541790 fffff800`00000000 fffffe02`6325a7b8 ffffa588`00000001 : nt!ExFreePool+0x9
fffffe02`6325a770 ffffa588`8d541790     : fffff800`00000000 fffffe02`6325a7b8 ffffa588`00000001 00000000`00040286 : portmaster_kext_v1_1_2+0x8ec4
fffffe02`6325a778 fffff800`00000000     : fffffe02`6325a7b8 ffffa588`00000001 00000000`00040286 fffff800`701b66d7 : 0xffffa588`8d541790
fffffe02`6325a780 fffffe02`6325a7b8     : ffffa588`00000001 00000000`00040286 fffff800`701b66d7 00000000`000000d0 : 0xfffff800`00000000
fffffe02`6325a788 ffffa588`00000001     : 00000000`00040286 fffff800`701b66d7 00000000`000000d0 fffff800`7161c741 : 0xfffffe02`6325a7b8
fffffe02`6325a790 00000000`00040286     : fffff800`701b66d7 00000000`000000d0 fffff800`7161c741 00000000`00000001 : 0xffffa588`00000001
fffffe02`6325a798 fffff800`701b66d7     : 00000000`000000d0 fffff800`7161c741 00000000`00000001 ffffa588`99326f60 : 0x40286
fffffe02`6325a7a0 00000000`000000d0     : fffff800`7161c741 00000000`00000001 ffffa588`99326f60 00000000`00000000 : portmaster_kext_v1_1_2+0x66d7
fffffe02`6325a7a8 fffff800`7161c741     : 00000000`00000001 ffffa588`99326f60 00000000`00000000 00000000`00000000 : 0xd0
fffffe02`6325a7b0 00000000`00000000     : ffffa588`9832bec0 ffffa588`9778f240 00000000`00000001 00000000`00000000 : nt!ObpReferenceObjectByHandleWithTag+0x231

The logs complain about;
240614 08:56:39.616 xt/service:035 > WARN 001 kext: old driver service was found

Which is odd, because Portmaster should update itself automatically and it says "up to date".

[github-actions]

Greetings and welcome to our community! As this is the first issue you opened here, we wanted to share some useful infos with you:

• 🗣️ Our community on Discord is super helpful and active. We also have an AI-enabled support bot that knows Portmaster well and can give you immediate help.
• 📖 The Wiki answers all common questions and has many important details. If you can't find an answer there, let us know, so we can add anything that's missing.

[Raphty]

We are currently testing a new kext that should be more resilient. You can test it by switching to the beta channel https://wiki.safing.io/en/FAQ/SwitchReleaseChannel

[LetItGlow]

While that fixed that particular problem, it introduced another, which killed my entire IPv4 network system and I have no idea how to restore that. I have to use IPv6 to post here.

[LetItGlow]

Ok, so there was a unfortunate chain of events those 3 days.

At this point, I don't know, it it was Portmasters fault or the cumulative Windows Update 22H2 for June 2024 being installed in a broken state.

Uninstalling the Beta of Portmaster completely wrecked the system to a point, IPv4 was nearly unusable.
Even the troubleshoot did not work reliable, even being attempted several times.

In the end, I had to reinstall Windows.

I think, this can be closed, because bugreports done for a piece of software on an unstable system are unreliable.

[Raphty]

@LetItGlow thanks for letting us know, if you have found more issues in the future open a new issue please.

thanks for helping us with the beta!