If you have ever experienced the blur screen of death, then you have most likely been a victim of kernel memory corruption. Figuring out what happened is almost like solving a crime. The bad guy did the damage and is long gone leaving you to clean up the mess and salvage whatever you can salvage.
As we discussed before, kernel memory corruption can be caused by either hardware of software problems but it is usually the result of a poor quality or incorrect device driver. There are several tools available to help diagnose and repair these problems.
Let’s look at the memory architecture so you can understand what is actually happening in that mysterious memory world where the players are like ghosts that you know are there but never really can see.
Most drivers run in high memory in either the paged or non paged memory pool. A pool is just a block of addresses reserved for a specific purpose. Data residing in paged memory may be ion the RAM or it may on the hard drive in the memory swap file. Data residing in non-paged memory is always in the RAM. The picture below shows the allocation table for a block of memory.
Of course this picture means nothing to most people.
Each row is a bock of memory that has been allocated to specific data. Notice the last one is marked as free which means any application that is allowed to write to this part of the memory can use this block for its data. Each block is marked with an four character identifier called a tag that and the size of the data. The memory manager uses this information to find the requested data.
The most common error caused by poor driver software is for the program to write to it allocated block and then write to the next block overwriting data that belongs to someone else which causes an immediate crash With the stop error code similar to STOP 0×0000001e
If the memory manager tried to read the memory location later, it will probably crash with one of the following error codes:
Bug Check 0×19: BAD_POOL_HEADER
Bug Check 0xC2: BAD_POOL_CALLER
Windows 7 has added a guard page that is similar to the guard bands used in digital transmission. It is a small area of memory that no process can write to so that if a faulty driver overflows its memory block, the system won’t crash.
How to fix the Problem
There are tools that can go in and remove bad data, mark bad sectors in RAM “bad” so no process attempts to write to them. For the professional these are a good investment but for the rest of us. A hard reboot, which means a complete shutdown, should clear all memory blocks. If it doesn’t then there is some other problem with the memory.As cheap as memory is today, it makes more sense to take your RAM chips to a dealer and have them tested. If they have any bad blocks, replace them.
After you install your new memory, run a good registry cleaner, cleanup and then defrag your hard drive. Next update all of the hardware drivers to the latest versions and your computer should run good as new.
No comments:
Post a Comment