App Control: Frequent VDI crash due to parity.exe

App Control: Frequent VDI crash due to parity.exe

search cancel

App Control: Frequent VDI crash due to parity.exe

book

Article ID: 286360

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

VDI workstations experience frequent crashes.
Microsoft dump analysis point towards Carbon Black Parity as a contributing factor.

**RegistryCallbackRoutines**
---------------- ---------------- ---------------------------
Callback Function Symbol 
---------------- ---------------- ---------------------------
ffffad033cefd420 fffff80e06fc2190 Parity+e2190

Environment

App Control Agent: 8.1.6
Microsoft Windows: All Supported Versions
VDI

Cause

Although Microsoft analysis suggests parity causing the issue , there is no strong evidence to support that .
Parity installs registry callback but it is not sufficient reason to decide if the driver is responsible for crash.
Carbon Black engineering team suspects that the reason for BSOD is either hardware related (memory or hard drive) or caused by virtualization layer after crash dump analysis.

Resolution

If experiencing this issue, open a case with Carbon Black Support and upload crash dump to CB Vault

Additional Information

A tool can be run to scan/check memory (Example: https://www.memtest86.com/).
Hard drive can be checked for bad clusters (Example: sfc /scannow)

Feedback

thumb_up Yes

thumb_down No