Hi,
All of the attached DMP files are of the
BAD_POOL_HEADER (19) bugcheck.
This indicates that a pool header is corrupt.
If we take a look at the call stack:
Code:
2: kd> kv
ChildEBP RetAddr Args to Child
8f367218 8313dbf9 00000000 8f367250 8f367244 nt!ExpFindAndRemoveTagBigPages+0x1fd
8f367288 93b8faa1 00000000 00000000 83055568 nt!ExFreePoolWithTag+0x13f
WARNING: Stack unwind information not available. Following frames may be wrong.
8f3672d8 93b90f71 c0000034 8f367318 88ef5290 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x52aa1
8f367738 93bae0c5 88ef5000 88f45c40 00000000 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x53f71
8f367974 93b7d35d 88f45c40 88f4a610 88f4a618 [U][I][B][COLOR=#ff0000]CHDRT32[/COLOR][/B][/I][/U]+0x710c5
8f3679e8 93b61413 0000001f 00000001 00000001 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x4035d
8f367af8 93b6249d 00000000 88f4a610 88ef5000 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x24413
8f367b54 93b62d69 00000000 00000000 88f4bd48 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x2549d
8f367d34 93b632c4 93b82854 00000004 000005fa [COLOR=#ff0000][I][U][B]CHDRT32[/B][/U][/I][/COLOR]+0x25d69
8f367d50 8322612b 88f32780 ab41b543 00000000 [COLOR=#ff0000][U][I][B]CHDRT32[/B][/I][/U][/COLOR]+0x262c4
8f367d90 830cd559 93b63206 88f32780 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
FAILURE_BUCKET_ID: 0x19_22_CHDRT32+52aa1
We can see many CHDRT32.sys calls, as well as a matching failure bucket ID.
CHDRT32.sys is the Conexant High Definition SmartAudio driver. See if there's an update for this driver -
Conexant - Support
If not, let's enable Driver Verifier. It's possible something is conflicting -
Driver Verifier:
What is Driver Verifier?
Driver Verifier is included in Windows 8, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.
Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.
Before enabling Driver Verifier, it is recommended to create a System Restore Point:
Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8 -
Restore Point - Create in Windows 8
How to enable Driver Verifier:
Start > type "verifier" without the quotes > Select the following options -
1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8)
- DDI compliance checking (Windows 8)
- Miscellaneous Checks
4. Select - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is
NOT provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.
Important information regarding Driver Verifier:
- If Driver Verifier finds a violation, the system will BSOD.
- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will flag it, and as stated above, that will cause / force a BSOD.
If this happens, do
not panic, do the following:
- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
- Once in Safe Mode - Start > type "system restore" without the quotes.
- Choose the restore point you created earlier.
If you did not set up a restore point, do not worry, you can still disable Driver Verifier to get back into normal Windows:
- Start > Search > type "cmd" without the quotes.
- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・ Restart and boot into normal Windows.
How long should I keep Driver Verifier enabled for?
It varies, many experts and analysts have different recommendations. Personally, I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier.
My system BSOD'd, where can I find the crash dumps?
They will be located in %systemroot%\Minidump
Any other questions can most likely be answered by this article:
Using Driver Verifier to identify issues with Windows drivers for advanced users
Regards,
Patrick
