[BUG] claude.exe triggers Windows BSOD via Wof.sys during directory listing (NtQueryDirectoryFileEx)

Open 💬 24 comments Opened Mar 10, 2026 by VRDate

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

claude.exe (Claude Code CLI) triggers a Windows kernel BSOD (Blue Screen of Death) by performing heavy NtQueryDirectoryFileEx syscalls (standard directory listing). The crash occurs in Wof.sys (Windows Overlay Filter) at WofPreDirectoryControlCallback+0x695 — a CFG (Control Flow Guard) indirect-call guard violation.

This is not an external Windows kernel bug in Wof.sys, but a Claude Code bug, due to Claude Code's intensive directory scanning, no delay in the same instant makes it a reliable trigger. Filing here so Anthropic is aware that Claude Code can crash Windows systems with this specific Wof.sys version, as well as wsl hypervisor.

Crash Statistics (all triggered by claude.exe)

| Date | BSODs | Bugcheck codes |
|------|-------|----------------|
| 2026-03-06 | 7 | 0x139, 0x3B, 0x50, 0x10E, 0x1E, 0x14F |
| 2026-03-09 | 1 | 0x139 |
| 2026-03-10 | 5 | 0x139 (x2), 0x3B (x2), 0x1E (x1) |
| 2026-03-11 | 1 | 0x50 |
| Total | 14 | 4 distinct types at same Wof.sys +0x695 offset |

All March 9-11 crashes have identical call stack:

NtQueryDirectoryFileEx → FLTMGR → Wof!WofPreDirectoryControlCallback+0x695 → CFG guard violation

4 manifestations of the same bug — the corrupted indirect call target lands in different memory regions:

  1. 0x139 — CFG guard catches invalid target before execution
  2. 0x3B (c0000005) — pointer escapes CFG, hits unmapped memory → access violation
  3. 0x1E (c0000005) — same access violation via different exception path
  4. 0x3B (c000001d) — pointer lands on non-code bytes → illegal instruction
  5. 0x50 — pointer references invalid page in nonpaged pool

Affected Configuration

  • Wof.sys: 10.0.26100.5074 (ships with Windows 11 25H2 build 26200)
  • Compact OS: Enabled increases crash frequency, but crashes also occur with CompactOS disabled
  • WOF minifilter: Attached at altitude 40700, intercepts every NTFS directory IRP

Microsoft Bug Report

Filed on Microsoft Q&A: https://learn.microsoft.com/en-us/answers/questions/5814272/wof-sys-bsod-0x139-kernel-security-check-failure-i

Potential Mitigation

Could Claude Code reduce the frequency/intensity of NtQueryDirectoryFileEx calls, or batch directory listings differently? This wouldn't fix the kernel bug, but might reduce the trigger rate on affected systems.

What Should Happen?

Claude Code should be able to perform directory listings without triggering a Windows BSOD. On systems with Wof.sys 10.0.26100.5074, the high volume of NtQueryDirectoryFileEx calls from claude.exe reliably crashes the kernel.

Ideally:

  1. Claude Code could throttle or batch directory enumeration on Windows to reduce the frequency of NtQueryDirectoryFileEx calls
  2. Or detect the vulnerable Wof.sys version and warn the user to disable Compact OS (compact /CompactOS:never)

Error Messages/Logs

WinDbg !analyze -v output (abbreviated):

KERNEL_SECURITY_CHECK_FAILURE (139)
  Arg1: 000000000000000a — indirect call guard check detected invalid control transfer
FAILURE_BUCKET_ID: 0x139_a_GUARD_ICALL_CHECK_FAILURE_Wof!WofPreDirectoryControlCallback+0x695
FAILURE_ID_HASH: {78ac0991-5393-0281-b23b-ce115373dc6d}

STACK_TEXT:
  nt!KeBugCheckEx
  nt!guard_icall_handler+0x1e
  nt!KscpCfgDispatchUserCallTargetEsSmep+0x11
  Ntfs!FindNextIndexEntry2+0x675
  Ntfs!NtfsContinueIndexEnumeration+0x10e
  Ntfs!NtfsQueryDirectory+0xd32
  FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x3fe
  FLTMGR!FltPerformSynchronousIo+0x443
  Wof!WofPreDirectoryControlCallback+0x695    <-- CRASH
  FLTMGR!FltpPerformPreCallbacksWorker+0x58f
  nt!NtQueryDirectoryFileEx+0xd8

PROCESS_NAME: claude.exe
MODULE_NAME: Wof
IMAGE_VERSION: 10.0.26100.5074

Second manifestation (0x3B at the same offset):
SYSTEM_SERVICE_EXCEPTION (3b)
  ExceptionCode: c0000005 (ACCESS_VIOLATION)
FAILURE_BUCKET_ID: AV_Wof!WofPreDirectoryControlCallback+0x695
FAILURE_ID_HASH: {3ae300a6-24ac-569b-3ce2-789a00065d56}

Steps to Reproduce

  1. Run Windows 11 25H2 (build 26200) with Wof.sys 10.0.26100.5074
  2. Optionally enable Compact OS: compact /CompactOS:always (increases frequency but not required)
  3. Run claude in a large directory (e.g., a monorepo with many files/subdirectories)
  4. Claude Code performs intensive directory listings via NtQueryDirectoryFileEx
  5. System BSODs with bugcheck 0x139 (KERNEL_SECURITY_CHECK_FAILURE) or 0x3B (SYSTEM_SERVICE_EXCEPTION)

Workaround: compact /CompactOS:never reduces frequency but does not eliminate the bug.

Environment:

  • Windows 11 25H2 Build 26200.7922
  • 192GB RAM, 32 cores, NVIDIA RTX 5000 Ada
  • 3.8 TB disk
  • Monorepo with ~100K files across nested directories

Claude Model

Opus

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.1.72 (Claude Code)

Platform

Anthropic API

Operating System

Windows

Terminal/Shell

Windows Terminal

Additional Information

Minidumps & Diagnostics

Two ZIP archives with all kernel minidumps and diagnostic outputs:

  1. Original ZIP (Mar 9 dump) — 1x .dmp from 03-09
  2. New ZIP (Mar 10-11 dumps) — 5x .dmp files from 03-10 and 03-11

Contents: 6x .dmp files total, WinDbg analysis, system info, event logs, driver list, triage output.

Hardware Tests Performed (all clean)

  • Windows Memory Diagnostic: PASSED
  • Disk scan: No corruption
  • SFC /scannow: No integrity violations
  • DISM /RestoreHealth: Clean
  • In-place upgrade, repair install from ISO: Completed (replaced all files except Wof.sys)

Why This Is a Wof.sys Bug, Not Hardware

14 crashes at the exact same instruction (WofPreDirectoryControlCallback+0x695) across 6 days, producing 4 different exception types (0x139, 0x3B, 0x1E, 0x50) at the same offset. Random memory corruption wouldn't hit the same instruction deterministically. The 4 different bugcheck codes are expected — the corrupted indirect call target lands in different memory regions each time, producing different CPU exceptions.

Microsoft Q&A Thread

https://learn.microsoft.com/en-us/answers/questions/5814272/wof-sys-bsod-0x139-kernel-security-check-failure-i

View original on GitHub ↗

24 Comments

VRDate · 4 months ago

Related: #30137 reports the same BSODs (0x139, 0x1E, 0x50) on Windows 11 build 26200 — 5 BSODs in 2 days. Another user in that thread reports 15 BSODs in one day. Same root cause: Wof.sys CFG guard bug triggered by claude.exe directory enumeration.

VRDate · 4 months ago

Related Issues (for context)

Claude Code has a pattern of causing OS-level crashes across platforms. The Wof.sys BSOD is a separate kernel driver bug, but these show the broader stability picture:

Same Wof.sys BSOD (kernel-mode, fix owner: Microsoft):

  • #30137 — 5 BSODs in 2 days, another user reports 15 BSODs in one day. Same bugcheck codes (0x139, 0x1E, 0x50), same Windows build 26200.

Separate Bun/memory issues (user-mode, fix owner: Anthropic/Oven):

  • #21875 — 78 Bun segfaults, N-API race condition identified (Windows + WSL)
  • #27847 — Bun switch on corrupt value panics on Windows (Bun 1.3.10)
  • #18405 — Orphaned subagent processes accumulating 1GB+ RAM
  • #24960 — Kernel panic on macOS: 3 Claude processes hit 17.3GB on 18GB machine
  • #11315 — 129GB memory leak on Linux causing system freeze
  • oven-sh/bun#27471 — N-API vtable corruption causing hard reboots (5 in 8 days)

Important distinction: #30137 attributes BSODs to "Bun memory corruption propagating to kernel" — this is incorrect. User-mode memory corruption cannot cause a CFG guard failure (GUARD_ICALL_CHECK_FAILURE) in Wof.sys. CFG checks are compile-time integrity validations in the driver binary. The Wof.sys bug and the Bun memory bugs are two independent problems that Claude Code happens to trigger simultaneously through heavy directory enumeration and Node.js/Bun runtime usage respectively.

VRDate · 4 months ago

Update: 14 BSODs, 4th bugcheck type (0x50)

New crash — 2026-03-11 04:18 UTC:

| Bugcheck | Params | Dump |
|----------|--------|------|
| 0x00000050 PAGE_FAULT_IN_NONPAGED_AREA | 0xffffbb0e0760f040, 0x2, 0xfffff8040d352e58, 0x2 | 031126-30703-01.dmp |

Running total: 7 (Mar 6) + 1 (Mar 9) + 5 (Mar 10) + 1 (Mar 11) = 14 BSODs in 6 days.

4th bugcheck type: 0x50 joins 0x139, 0x3B, 0x1E. All are different manifestations of the same Wof.sys +0x695 indirect call corruption — the invalid pointer lands in different memory regions producing different exceptions:

  • 0x139 = CFG guard catches invalid target
  • 0x3B = access violation (unmapped) or illegal instruction (non-code)
  • 0x1E = kmode exception (access violation)
  • 0x50 = page fault in nonpaged area (NEW)

Wof.sys: Still 10.0.26100.1 — no Microsoft patch. CompactOS remains disabled. WOF minifilter still attached (cannot safely detach).

Trigger: claude.exe directory enumeration → NtQueryDirectoryFileEx → FLTMGR → Wof!WofPreDirectoryControlCallback+0x695.

Updated dump ZIP shared on MS Q&A #5814272.

VRDate · 4 months ago

Update: 16 BSODs — corruption spreading to other kernel modules

3 new BSODs today (2026-03-11), with a significant change: two of the three crashes are NO LONGER in Wof.sys.

| Time | Bugcheck | Faulting Module | WinDbg Bucket |
|------|----------|----------------|---------------|
| 04:18 | 0x50 PAGE_FAULT | Wof.sys +0x695 (same known bug) | AV_Wof!WofPreDirectoryControlCallback |
| 12:31 | 0x1E KMODE_EXCEPT | Ntfs.sys NtfsContinueIndexEnumeration+0x14 | AV_Ntfs!NtfsContinueIndexEnumeration |
| 12:52 | 0x3B SYS_SVC_EXCEPT | nllNetHub.sys (Norton) +0x876d | AV_nllNetHub!unknown_function |

Running total: 7 (Mar 6) + 1 (Mar 9) + 5 (Mar 10) + 3 (Mar 11) = 16 BSODs in 6 days.

Escalation: Kernel memory corruption spreading

Previously all 13 crashes blamed Wof.sys +0x695. Today, only 1 of 3 is Wof.sys — the other two are:

  1. Ntfs.sysNtfsContinueIndexEnumeration+0x14 is a push r15 instruction that caused a General Protection Fault. A #GP on push r15 means the stack pointer (RSP) was corrupted. This is still in the directory enumeration path (downstream from WOF's minifilter callback).
  1. nllNetHub.sys — Norton LifeLock network hub driver, in afwServ.exe (Norton Application Firewall). Unrelated to filesystem — suggests kernel pool corruption spreading beyond the directory enumeration path.

Theory: Wof.sys corruption at +0x695 is poisoning kernel pool/stack memory. When the corrupted pointer lands in WOF's own code, WinDbg blames Wof.sys. When it lands in NTFS or Norton memory, those modules crash instead. The Ntfs.sys crash (stack corruption in directory enumeration) strongly supports this — WOF's minifilter runs before NTFS in the filter chain, and could corrupt NTFS's stack frame.

System state

  • Wof.sys: 10.0.26100.1 (unchanged, no Microsoft patch)
  • CompactOS: OFF (disabled 2026-03-09)
  • WHEA: none (hardware errors clean)
  • Disk: 132GB free / 3.8TB
  • NVIDIA: 32.0.15.9571 (unchanged)

This is no longer just a WOF code defect — the corruption is destabilizing other kernel components. The system is becoming less stable over time, not more.

Related: #30137, MS Q&A #5814272

VRDate · 4 months ago

Control test: TreeSize Free scanned entire 3.8TB SSD — zero BSODs

To isolate whether the crash trigger is any directory enumeration or specifically Claude Code's parallel pattern, I ran TreeSize Free 4.8.1 as a control test:

  • Workload: Full-disk scan of 3.8TB SSD (every directory enumerated via NtQueryDirectoryFileEx through the same FLTMGR → Wof.sys minifilter chain)
  • Duration: ~5 minutes of heavy I/O (435 CPU seconds), 19+ minutes total monitoring
  • Result: Zero BSODs. Zero new minidumps. System completely stable.
  • Meanwhile: Claude Code triggered 3 BSODs in 8 hours today (0x50 Wof.sys, 0x1E Ntfs.sys, 0x3B nllNetHub.sys)

This proves:

  1. The hardware is not causing random memory corruption during disk I/O
  2. Wof.sys handles single-process sequential directory enumeration correctly
  3. The trigger is specific to Claude Code's pattern: dozens of concurrent ripgrep processes doing parallel directory walks simultaneously

The bug is a concurrency defect in Wof!WofPreDirectoryControlCallback — the callback's indirect call dispatch at +0x695 is not thread-safe under high-concurrency minifilter re-entrancy. Single-threaded callers (TreeSize, dir /s) never hit the race condition.

This also explains why "millions of Windows users" don't see this — most tools don't generate this level of concurrent directory enumeration through the minifilter stack.

VRDate · 4 months ago

Progress sync — all vendors now engaged

Actions taken today (2026-03-11)

Diagnostics:

  • WinDbg analyzed all 3 new dumps — crash is spreading: Wof.sys (1), Ntfs.sys (1), nllNetHub.sys/Norton (1)
  • TreeSize control test: full 3.8TB SSD scan, 30 min, zero BSODs — proves concurrency-specific trigger
  • MSI Center diagnostics inventory: HW Diagnosis, System Diagnosis, diskspd, pwrtest available
  • msinfo32 system report exported (2.1MB)
  • ACPI thermal zone: 85.1°C at idle — investigating (may be stale sensor)

Bug reports filed/updated across 4 platforms:

| Platform | ID | Owner | Status |
|----------|-----|-------|--------|
| GitHub (Anthropic) | #32870 | Software vendor | Open — no response yet |
| GitHub (Anthropic) | #30137 | Software vendor (3 users) | Open — no response yet |
| MS Q&A (Microsoft) | #5814272 | OS vendor | David-M (community) engaged, rebutted with evidence |
| MSI (HW vendor) | #1320187 | Hardware vendor | Filed today + msinfo32 attached |

Key evidence posted today:

  1. 3 different kernel modules crashing = escalating instability
  2. Ntfs.sys stack corruption (#GP on push r15) = WOF corrupting downstream modules
  3. TreeSize control test = hardware stable, concurrency-specific trigger confirmed
  4. BIOS E1822IWS.10E is latest — no MSI firmware fix available

Waiting on:

  • Anthropic: any acknowledgment or workaround (reduce concurrent ripgrep processes?)
  • Microsoft: Wof.sys patch (concurrency fix in WofPreDirectoryControlCallback)
  • MSI: BIOS/firmware investigation, thermal/memory controller assessment
VRDate · 4 months ago

Feedback Hub report filed

Microsoft's community advisor (David-M) confirmed this is a core driver defect and recommended filing via Feedback Hub for direct escalation to Microsoft engineers.

Feedback Hub link: https://aka.ms/AA106t77**

Please upvote if you're experiencing Wof.sys BSODs during Claude Code sessions. Higher engagement = higher priority for Microsoft's kernel team.

Current status: 17 BSODs in 7 days (2026-03-06 through 2026-03-12). Wof.sys 10.0.26100.1 still unpatched. CompactOS OFF, still crashing. 3 faulting kernel modules (Wof.sys, Ntfs.sys, Norton nllNetHub.sys).

VRDate · 4 months ago

BSOD #20 — 2026-03-14 00:19

Another crash overnight. Same identical bug:

Bugcheck: 0x139 KERNEL_SECURITY_CHECK_FAILURE
Bucket: 0x139_a_GUARD_ICALL_CHECK_FAILURE_Wof!WofPreDirectoryControlCallback
Hash: {78ac0991-5393-0281-b23b-ce115373dc6d}
Process: claude.exe

Stack:

claude.exe → NtQueryDirectoryFileEx → FLTMGR → Wof!WofPreDirectoryControlCallback+0x695
  → Ntfs!FindNextIndexEntry2+0x675 → KscpCfgDispatchUserCallTargetEsSmep+0x11
  → KiGeneralProtectionFault → guard_icall_handler → KeBugCheckEx

System state:

  • Wof.sys 10.0.26100.5074 — unchanged, no Microsoft patch
  • CompactOS OFF since 03-09
  • No WHEA hardware errors
  • System uptime before crash: 1 day 21 hours
  • Dump: 031426-31890-01.dmp (17MB)

Running total: 20 BSODs in 9 days (03-06 through 03-14). Same offset (+0x695), same process (claude.exe), same trigger (NtQueryDirectoryFileEx from concurrent ripgrep).

Still waiting for any acknowledgment or workaround suggestion from Anthropic. Even a simple "limit concurrent ripgrep processes" flag would help.

VRDate · 4 months ago

Workaround: Run Claude Code in WSL to avoid Wof.sys BSOD

Full writeup: https://gist.github.com/VRDate/862268b57dd197b8775f893a7be1e548

---

Claude Code BSOD Workaround — Wof.sys Crash on Windows 11 Build 26200+

Problem

Claude Code triggers BSOD (Blue Screen of Death) on Windows 11 Build 26200+ during normal operation. The crash occurs in Wof.sys (Windows Overlay Filter) when Claude's filesystem operations call NtQueryDirectoryFileEx, which passes through the WOF minifilter and hits a CFG (Control Flow Guard) violation.

Bugcheck codes: 0x139 (KERNEL_SECURITY_CHECK_FAILURE), 0x3B, 0x1E, 0x50

Faulting module: Wof.sys 10.0.26100.5074 at WofPreDirectoryControlCallback+0x695

Trigger: Any filesystem-heavy operation — directory listing, file search, glob patterns — the kind of thing Claude Code does constantly.

Bug reports:

Root Cause

This is a Windows kernel bug, not a Claude Code bug. Wof.sys (Windows Overlay Filter) handles WIM-backed files and CompactOS compression. When Claude Code (or any process) makes rapid NtQueryDirectoryFileEx calls on NTFS volumes, the WOF minifilter crashes in its directory control callback. CompactOS ON/OFF makes no difference — the bug is in the minifilter code path itself.

WOF is a critical Windows component — it cannot be disabled, detached, or unloaded without breaking Windows.

Workaround: Run Claude Code in WSL

Since the crash only happens on NTFS (Windows filesystem), running Claude Code inside WSL2 (which uses ext4) completely bypasses the Wof.sys code path.

Setup (5 minutes)

Prerequisites: WSL2 with Ubuntu (from Microsoft Store).

# 1. Install Ubuntu from MS Store (if not already)
wsl --install Ubuntu-24.04

# 2. Install Node.js inside WSL
wsl -d Ubuntu-24.04 -u root -- bash -c '
  curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
  apt install -y nodejs
'

# 3. Install Claude Code inside WSL
wsl -d Ubuntu-24.04 -u root -- npm install -g @anthropic-ai/claude-code

# 4. Verify
wsl -d Ubuntu-24.04 -u root -- claude --version

Create the wrapper

Create claude.cmd in the same directory as claude.exe (typically %USERPROFILE%\.local\bin\):

@echo off
wsl -d Ubuntu-24.04 -u root -- claude %*

On Windows, .cmd takes priority over .exe in the same directory. Every claude invocation from cmd.exe, PowerShell, or Windows Terminal now goes through WSL automatically.

How it works

BEFORE (crashes):
  Windows cmd/terminal
    → claude.exe (Windows native)
      → NtQueryDirectoryFileEx on NTFS
        → Wof.sys minifilter → BSOD

AFTER (safe):
  Windows cmd/terminal
    → claude.cmd (wrapper)
      → wsl -- claude (runs in WSL)
        → ext4 filesystem (no Wof.sys)
        → /mnt/c/ for Windows files (read/write, no WOF callback)

Your project files stay on C:\ — Claude in WSL accesses them via /mnt/c/. Your IDE (VS Code, IntelliJ, etc.) runs on Windows watching the same files. No file duplication needed.

Reverting

When Microsoft patches Wof.sys, simply delete the wrapper:

del %USERPROFILE%\.local\bin\claude.cmd

Claude will fall back to claude.exe (Windows native).

What doesn't work

| Attempted fix | Result |
|---------------|--------|
| Disable CompactOS (compact /compactos:never) | Still crashes |
| Windows Update (KB5079473) | Did not update Wof.sys |
| Norton AV exclusions | Unrelated (separate nllNetHub.sys crash) |
| Disabling WOF service | DO NOT — breaks Windows |

Affected versions

  • Windows: Build 26200+ (Windows 11 24H2 Insider/Dev)
  • Wof.sys: 10.0.26100.5074 (unchanged across updates)
  • Claude Code: All versions (the bug is in the OS, not Claude)
  • Also affects: Any process making rapid filesystem directory queries (not Claude-specific)

Timeline

| Date | Event |
|------|-------|
| 2026-03-06 | First BSODs after Windows upgrade to Build 26200 |
| 2026-03-06 | 7 crashes in one day |
| 2026-03-12 | Feedback Hub report filed, GitHub issues opened |
| 2026-03-14 | WSL workaround deployed, 21 total crashes logged |
| TBD | Microsoft Wof.sys patch |

VRDate · 4 months ago

Update: Root cause proven + workaround tested (23 BSODs total)

What causes the crash

Claude Code fires multiple filesystem operations (reading files, searching directories) at the same time — especially when using sub-agents. On Windows 11 Build 26200+, the kernel driver Wof.sys cannot handle this many simultaneous directory queries and crashes with a Blue Screen.

It's not about how many files you have — it's about how many are read at the same time. One agent reading files one after another is fine. Two or more agents reading files simultaneously triggers the crash.

Proof from session logs

Extracted the exact tool calls from the JSONL transcript before each crash:

  • BSOD #22 (03-14 04:42) — 5 agents running in parallel via WSL, all reading files at the same time → kernel crash
  • BSOD #23 (03-14 05:32) — 2 sub-agents launched in the same response, both scanning 18 files concurrently → kernel crash
03:48:26  Claude finds 18 files matching *.jbang.kt
03:48:42  Sub-agent 1 starts reading all 18 files
03:49:51  Sub-agent 2 starts reading all 18 files (while #1 still running)
          ── both agents reading files at the same time ──
          ── 30-50 simultaneous filesystem calls ──
05:32:59  *** BLUE SCREEN — Wof.sys crash ***

Workaround: a "traffic light" for file operations

The fix is a tiny server that acts like a traffic light — it makes Claude's file operations wait in line instead of all running at once. Only one operation goes through at a time.

How it works:

  1. A small background server runs on your machine (port 9876)
  2. Before every file operation, Claude Code asks the server "can I go?"
  3. The server lets one operation through at a time, with a small delay between each
  4. This prevents the simultaneous burst that crashes Windows

Setup (2 minutes):

Install JBang (one-line install, runs on any Java), then:

# 1. Start the traffic light server in the background
jbang Mutex.jbang.kt &

# 2. Add this to ~/.claude/settings.json:
{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash|Read|Glob|Grep|Edit|Write",
        "hooks": [
          {
            "type": "command",
            "command": "bash mutex-acquire.sh"
          }
        ]
      }
    ]
  }
}

That's it. Claude Code will now wait in line for file operations instead of firing them all at once. If the server isn't running, Claude works normally (no impact on single-agent usage).

Speed: The default delay is 2 seconds between operations (safest). For faster interactive work, start with jbang Mutex.jbang.kt --interval 100 (100ms between operations — 10x faster, still safe in testing).

Test results

| Scenario | Tool calls | Result |
|----------|-----------|--------|
| 5 agents, no traffic light | ~36 concurrent reads | BSOD in minutes |
| 5 agents, with traffic light | 381 serialized calls | Stable, no crash |
| Normal tools (TreeSize, robocopy) | Sequential | Stable, no crash |

Files (all in the gist)

https://gist.github.com/VRDate/862268b57dd197b8775f893a7be1e548

| File | What it does |
|------|-------------|
| Mutex.jbang.kt | The traffic light server (~120 lines of Kotlin) |
| mutex-acquire.sh | The hook script that asks "can I go?" (6 lines of bash) |
| TestMutex.jbang.kt | Tests to verify the traffic light works correctly |
| gen-repro-data.sh | Script to reproduce the crash: generates test data + agent prompts |
| claude-bsod-workaround.md | Full documentation with setup instructions |

VRDate · 4 months ago

Minidump update — 23 BSODs, new ZIP with proof + mutex

New ZIP (4 dumps from 03-14 + root cause proof + mutex workaround):
https://drive.google.com/file/d/1bnn5LPNy_ygehdc2zy2QayZ0dyt-pKqc/view?usp=sharing

Contains: 4 minidumps, bsod-22-23-concurrent-proof.md (JSONL-extracted timeline proving concurrent agent I/O = crash), Mutex.jbang.kt (traffic light server), mutex-acquire.sh (hook), TestMutex.jbang.kt (tests), gen-repro-data.sh (1GB repro kit + 5 agent prompts).

Updated gist: https://gist.github.com/VRDate/862268b57dd197b8775f893a7be1e548

VRDate · 4 months ago

Update: 25 BSODs — root cause reframed

After 12 days and 25 BSODs, the root cause is clear: this is not a Wof.sys bug — it's Claude Code firing parallel filesystem tool calls with zero backpressure.

Proof: mutex daemon = stable, no mutex = crash

I built a rate-limiting daemon (the "traffic light" from my earlier post) that serializes filesystem tool calls with a configurable delay. Results:

| Period | Mutex daemon | BSODs |
|--------|-------------|-------|
| 03-14 to 03-16 (~3 days) | Running (v1, 100ms-2s interval) | 0 |
| 03-17 night | Offline (developing mutex v2 on sandbox port) | 2 within hours |

The moment the daemon was taken offline for development, BSODs returned. The production daemon wasn't running because I was testing a new version on a different port.

What happened on 03-17

Session was developing mutex daemon v2 (MCP protocol, team tracking, SSE events). All 118 tests passed. Then the model spawned an Explore sub-agent to search for Thymeleaf templates — 6 parallel filesystem operations in ~1 second:

  • 3 Glob calls (**/*.html, **/*.thymeleaf, **/gui/**)
  • 2 Grep calls (smartadmin in java + gradle files)
  • 1 Bash find command

All against a 200K-file monorepo. No throttle, no delay. BSOD within seconds: 0x3B SYSTEM_SERVICE_EXCEPTION in Wof!WofPreDirectoryControlCallback.

The real issue

No kernel minifilter is designed for the kind of burst concurrency Claude Code generates. The model decides to parallelize, the CLI executes immediately. A 15-100ms delay between filesystem tool calls would eliminate the problem entirely at negligible latency cost.

This should be built into Claude Code itself — not left as a user-created workaround. My mutex daemon proves the architecture works. The CLI needs the same thing natively.

Additional structural gap

Sub-agents spawned via the Agent tool run in their own process and do not inherit the parent's PreToolUse hooks. Even with the user-side mutex daemon running, sub-agent filesystem calls are completely unprotected. This is how BSOD #25 happened — the parent session had hooks, the sub-agent didn't.

Also relevant to @kolkov's deadlock report above

The same zero-backpressure parallel tool call pattern likely causes the system deadlock on Windows 10 (no BSOD, just freeze). Different symptom, same root cause: overwhelming the filesystem with concurrent operations.

Running total: 25 BSODs in 12 days. 18 confirmed Wof.sys. All from unthrottled concurrent NtQueryDirectoryFileEx calls.

Updated gist: https://gist.github.com/VRDate/862268b57dd197b8775f893a7be1e548

VRDate · 4 months ago

@bcherny @ant-kurt @fvolcic @ashwin-ant @bogini @chrislloyd @ThariqS @catherinewu @whyuan-cc @dhollman @rboyce-ant @dicksontsai @OctavianGuzu @hackyon-anthropic @wolffiex @igorkofman @sid374 @ddworken

Requesting attention — 25 BSODs in 12 days, zero Anthropic response on this issue or #30137. Multiple affected users including @kolkov (system deadlock on Win10).

This is not a Windows kernel bug. It is Claude Code firing parallel filesystem tool calls (Glob, Grep, Read, find) with zero backpressure. 6 concurrent operations in 1 second against a large codebase crashes any Windows machine. A 15-100ms delay between calls fixes it completely — I built a mutex daemon that proves this (3 days stable, 0 BSODs; removed it → 2 BSODs within hours).

The fix is simple: add a configurable rate limit to filesystem tool calls in the CLI. I've provided the full architecture, code, tests, and repro kit. This needs to be built into Claude Code natively.

Sub-agents spawned via the Agent tool also bypass PreToolUse hooks entirely — even the user-side workaround can't protect against that.

This issue has has repro, bug, and platform:windows labels but no assignee, no milestone, and the external label dismisses it as an OS problem. It isn't.

VRDate · 4 months ago

Fix submitted: PR #35710

A tool-mutex plugin has been developed and submitted as PR #35710 to fix this issue.

Root cause confirmed: Claude Code executes Glob/Grep/Read/Bash tools in parallel with no concurrency limit. Each triggers NtQueryDirectoryFileEx syscalls that overwhelm the Wof.sys kernel driver, causing BSOD.

Fix: File-based counting semaphore plugin that serializes filesystem tool calls:

  • Windows: max 1 concurrent op (prevents Wof.sys overload)
  • Linux/macOS: max 4 concurrent ops (prevents OOM)
  • 75ms cooldown between operations
  • PID-based stale slot cleanup

Verified: 256 concurrent workers — without mutex: 7/256 completed (16GB RSS, 249 timeouts). With mutex: 256/256 completed (290MB RSS, zero crashes).

27 BSODs logged on a 192GB/32-core workstation over 12 days before this fix was developed. 9 distinct bugcheck types (0x139, 0x3B, 0x1E, 0x50, 0x14F, 0x10E, 0x20001, 0xC2).

Cross-references:

VRDate · 3 months ago

@anthropics/claude-code-maintainers @anthropics/claude-code-reviewers @claude
@bcherny @ant-kurt @fvolcic @ashwin-ant @bogini @chrislloyd @ThariqS @catherinewu @whyuan-cc @dhollman @rboyce-ant @dicksontsai @OctavianGuzu @hackyon-anthropic @wolffiex @igorkofman @sid374 @ddworken
@OctavianGuzu @chrislloyd @ant-kurt — requesting a direct review from one of you. Still, no one is assigned to review https://github.com/anthropics/claude-code/pull/35710.

kolkov · 3 months ago

@VRDate Your PR and root cause analysis are excellent. For context — the parallel fs calls without backpressure you found is one of several architectural issues we've documented through reverse-engineering cli.js across 16 npm versions:

  1. No file locking on Read/Edit tools — concurrent agents overwrite each other's edits (#33949)
  2. Non-atomic JSONL writesinsertMessageChain() writes tool_use and tool_result one at a time in a for-loop, unchanged across 8 versions checked
  3. Streaming watchdog exists but disabledCLAUDE_ENABLE_STREAM_WATCHDOG hidden since v2.1.50, recently tuned to 45s/90s in v2.1.79 but still behind feature flag
  4. Bun/mimalloc crashes — 6 crashes in 4 days on Windows, 10-15 GB committed memory even in idle, process crashes taking down IDE (#36132)
  5. 21 threads per process — GDB analysis by @rstuart shows all Bun Pool threads deadlocked on a single futex (#26224)

Team response across all these: zero on streaming/crash issues for 8+ months. @catherinewu said "actively investigating" on Feb 23 — 30 days of silence since.

Your experience with the PR not being reviewed is unfortunately consistent.

Our issues: #33949 (root cause analysis) | #36132 (Bun memory crashes) | #35171 (auto-updater leak)
Related: #6836 (orphaned tool calls, 150+ reports) | #3648 (scroll bug, 👍694) | #26224 (streaming hangs, deadlock analysis by @rstuart)

VRDate · 3 months ago

@kolkov, My PR is a plugin I have been using for several days, and it is in the sweet spot between slowing down just 75ms and still letting the system work without crashing. I recommend installing it and reading the code at https://github.com/VRDate/claude-code/tree/claude/add-tool-mutex-Qytsn/plugins/tool-mutex. It uses a mutex to avoid excessive pressure on the OS, and it is just best practice for any CLI filesystem-intensive loads. Arguing that this bug is external is just not taking responsibility.

My Load Test Results (Linux, 4-core / 16 GB)

https://github.com/VRDate/claude-code/tree/claude/add-tool-mutex-Qytsn/plugins/tool-mutex/tests

Previous 256-worker stress test (with vs without mutex)

| Metric | No Mutex (256 workers) | With Mutex (256 workers) |
|---|---|---|
| Completed | 7/256 (2.7%) | 256/256 (100%) |
| Peak RSS | 16,272 MB | 290 MB |
| Min free memory | 35 MB (near OOM) | 15,857 MB |
| Crashes | YES (249 timeouts) | None |

At 1024 workers without mutex, Node.js is OOM-killed (exit code 137).

Node.js load test (16 workers)
Workers:          16
Ops completed:    16/16 (100%)
Peak RSS:         1,298 MB (main)
Free memory:      16,127 MB start → 14,858 MB min → 15,857 MB end
Crashes:          None
Total time:       25.2s
Python load test (16 workers, 160 total ops)
Workers:          16
Iterations:       10
Ops completed:    160/160 (100%)
Peak RSS:         17.6 MB
Free memory:      15,196 MB start → 14,671 MB min → 14,675 MB end
Crashes:          None
Total time:       25.0s

Show that Node.js is not the best way to create a CLI tool anyway.
@anthropics/claude-code-maintainers @anthropics/claude-code-reviewers @claude
@bcherny @ant-kurt @fvolcic @ashwin-ant @bogini @chrislloyd @ThariqS @catherinewu @whyuan-cc @dhollman @rboyce-ant @dicksontsai @OctavianGuzu @hackyon-anthropic @wolffiex @igorkofman @sid374 @ddworken
@OctavianGuzu @chrislloyd @ant-kurt — requesting a direct review from one of you. Still, no one is assigned to review https://github.com/anthropics/claude-code/pull/35710.

the0riginalgandalf · 3 months ago

Token bucket rate limiter — improved workaround for multi-session use

Building on @VRDate's excellent root cause analysis and PR #35710, we've published an improved workaround that fixes a failure mode we hit with the counting semaphore approach.

Repo: https://github.com/the0riginalgandalf/claude-wof-mitigation**

Why the semaphore approach can fail

We started with VRDate's semaphore (cpu_count // 2 concurrency + 75ms cooldown) and it worked on our laptop's low-power "office" mode — but BSODed on balanced mode with identical settings. The crash variable isn't concurrency count, it's syscall throughput rate. Faster CPUs (higher power plans, turbo boost) push more NtQueryDirectoryFileEx/sec through the Wof.sys callback at the same concurrency cap. Collision probability scales with the square of the rate.

Token bucket approach

A token bucket is the correct abstraction for rate limiting:

  • Capacity 4 — allows short responsive bursts for interactive use
  • Refill 10 tokens/sec — sustained ceiling well below the ~20-30/sec danger zone
  • Rate is CPU-independent — 10 ops/sec is 10 ops/sec regardless of clock speed

Secondary concurrency cap of 8 as belt-and-suspenders.

Multi-session optimization

We run 5-6 concurrent Claude Code sessions with subagents (/critique-plan, /deep-review workflows). Initial testing showed the original O_CREAT|O_EXCL file lock collapsed under contention — 3 sessions achieved only 1.4 ops/sec combined (86% wasted on lock contention). Three fixes:

  1. msvcrt.locking on Windows — OS kernel byte-range locks instead of create/delete file lock. Eliminates PermissionError convoy effect.
  2. Calculated sleep_try_consume_token returns the exact wait time until next refill. No blind 75ms polling.
  3. Random jitter (0-15ms) — breaks thundering herd across sessions.

Result: 6 sessions achieve 10.2 ops/sec combined (near-optimal ceiling saturation).

Stress test results

Tested on an Eluktronics laptop across all power modes with no BSODs:

| Test | Power Mode | Result |
|------|-----------|--------|
| 10 parallel tool calls | Office | Pass |
| 10 parallel tool calls | Balanced | Pass |
| 20 parallel tool calls | Balanced | Pass |
| 30 parallel tool calls | Beast (max performance) | Pass |
| 30s sustained (single session) | Balanced | 10.1 ops/sec |
| 20s sustained (6 concurrent sessions) | Balanced | 10.2 ops/sec combined |

Install

Copy hooks/ and mutex/ from the repo, add hooks to ~/.claude/settings.json. Full instructions in the README. Pure Python, no dependencies beyond stdlib (msvcrt on Windows, fcntl alternative on POSIX).

The repo also includes the full technical research document on the Wof.sys race condition.

the0riginalgandalf · 3 months ago

Update: Rate limiting alone doesn't work — Dev Drive (ReFS) is the real fix

Follow-up to my earlier comment. After 4 BSODs testing increasingly aggressive rate limiting, the conclusion is clear: userspace throttling cannot reliably prevent this crash under real multi-session workloads at high CPU performance levels. Dev Drive (ReFS) is the only reliable fix.

What we tried (and what failed)

| Attempt | Approach | Result |
|---------|----------|--------|
| 1 | Counting semaphore (VRDate's approach) | BSODed on balanced power mode |
| 2 | Token bucket at 10/sec | BSODed — ripgrep's 32-thread rayon pool amplified each Grep to ~320 Wof.sys syscalls/sec |
| 3 | Token bucket + tool weights + RAYON_NUM_THREADS=2 | BSODed within 11 min — 0x124 MCE (corruption cascading into hardware-level CPU exceptions) |
| 4 | Dev Drive (ReFS) | Stable — no BSODs under sustained heavy use |
| 4.5 | Dev Drive without rate limiting | BSODed — find.exe still hit NTFS system drive |
| 5 | Dev Drive + hooks for residual NTFS + fltmc detach | Stable under heavy multi-session beast mode |

The fix

This is a Microsoft kernel bug, not a Claude Code bug. Wof.sys has 8 prior CVEs including CVE-2023-21766 (same class — race condition UAF). The fix is to bypass Wof.sys entirely:

  1. Create a Dev Drive (ReFS) — Wof.sys doesn't attach to ReFS volumes
  2. Move project files there via junctionmklink /J so existing paths work transparently
  3. Move .claude config too — conversations, hooks, settings all do filesystem I/O
  4. Detach Wof from data drivesfltmc detach Wof D: for any non-system NTFS volumes
  5. Token bucket hooks for residual C: drive access (can't detach Wof from system drive)

Full setup instructions and the drive-aware hooks: https://github.com/the0riginalgandalf/claude-wof-mitigation

Why rate limiting fails at scale

The fundamental problem is amplification. Claude Code's Grep tool spawns rg.exe, which uses a rayon thread pool (default = CPU count). On a 32-core machine, one Grep call generates ~32 concurrent NtQueryDirectoryFileEx syscalls through Wof.sys. With multiple sessions running subagents doing Grep-heavy work, the effective syscall rate easily exceeds the crash threshold regardless of how aggressively you throttle tool starts.

Even with RAYON_NUM_THREADS=1 + 4 tokens/sec + tool weights, we still BSODed because other tools (find.exe, system PATH resolution) hit NTFS volumes outside the project directory.

For Anthropic

The right long-term fix is for Microsoft to patch Wof.sys. In the meantime, consider documenting Dev Drive as a recommended setup for Windows Claude Code users — especially those running multiple concurrent sessions. It's ironic that Microsoft's own Dev Drive product is the workaround for Microsoft's own kernel bug.

VRDate · 3 months ago

@the0riginalgandalf @thompa2 Your approach of bypassing Wof.sys by relocating to a separate partition or external drive with different filesystem settings is genuinely clever. To make it practical for more users though, the solution should be proportional to available resources — CPU, storage, and partition layout — and fully automatic. Using robocopy to mirror Claude's working directory (including all subfolders and the project root) with a scheduled sync-back would eliminate the manual overhead entirely.

Worth clarifying the scope too: while this looks like a Windows-only edge case on the surface, it's actually OS-agnostic. The WSL BSODs under Ubuntu confirm the same underlying contention pattern — the watchdog that should be throttling concurrent filesystem syscalls simply isn't doing its job, regardless of the layer.

Since we can't wait on a fix from upstream while maintainers are buried in other issues, a plugin that replaces the missing watchdog behavior is the right path forward. I'll fork your extended solution and iterate on it.

Solid contribution — this is real progress from a fresh attack vector. Thanks for the time and effort.

the0riginalgandalf · 3 months ago

@VRDate FYI I opened a vulnerability report with Microsoft about this issue. Case is listed as under review. Will update if I hear anything useful back.

TheSmallKiwi · 3 months ago

@VRDate @the0riginalgandalf Thankyou both for your work on this. Based on the Dev drive recommendation I did a fresh windows install after repartitioning and set up a Dev drive and set up the hooks from https://github.com/the0riginalgandalf/claude-wof-mitigation & So far, so good. No instability! Down from several BSODs a day.

the0riginalgandalf · 3 months ago

@TheSmallKiwi glad that worked for you! Hopefully you don't run into the next problem I did. Had another BSOD today, but not directly related to this issue.

Turns out 13th/14th Gen Raptor Lake desktop and laptop CPUs have a known "Vmin Shift Instability," which causes high voltage requests, crashes, and permanent, accelerated, damage-induced degradation. Need to update the microcode to prevent further damage.

What's less clear is the connection between this issue and the wof.sys issue. Did some digging and found my system was throwing WHEA errors on the Wof.sys BSOD dates:

  • Apr 3: 1 parity error (APIC 17)
  • Apr 4: 4 errors — 2 parity (APIC 17), 2 TLB + 1 unclassified (APIC 25)

These were the exact same days I had 4 Wof.sys BSODs. The CPU was actively throwing corrected errors while Wof.sys was handling filesystem callbacks. So my guess is there's a link there. It would be notable if both you and @VRDate were also experiencing this issue and had 13/14th gen Raptor Lake Intel CPUs with the bad microcode (0x123). Updating to 0x129 or later should fix the bad voltage handling, but won't undo any damage that has occurred.

TheSmallKiwi · 3 months ago

I have a 13900HX (laptop) which Intel claims was unaffected by the killer microcode. Nonetheless I kept the BIOS as up-to-date as I could so I hope I've avoided permanent damage, but who knows?