It was the scanner, in the living room, with the driver!

Dec. 13th, 2006 08:53 pm
nyankoframe: (Default)
[personal profile] nyankoframe
</cluedo>

I was finally fed up enough this morning to let my laptop complete dumping memory when it blue-screened yet again about a minute after I logged into my laptop. 1 gigabyte of dump file and a reboot into Safe Mode later...

Microsoft (R) Windows Debugger  Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Complete Dump File: Full address space is available

Symbol search path is: srv*D:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Vista Kernel Version 5744 UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 5744.16384.x86fre.vista_rtm_edw.061003-1945
Kernel base = 0x81800000 PsLoadedModuleList = 0x81911db0
Debug session time: Wed Dec 13 09:39:39.213 2006 (GMT+8)
System Uptime: 0 days 0:04:51.291
Loading Kernel Symbols
.....................................................................................................................................................................
Loading User Symbols
...............................................
Loading unloaded module list
.......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck E4, {1, 85a34d08, 1, 0}

*** ERROR: Module load completed but symbols could not be loaded for UBHelper.SYS
*** ERROR: Module load completed but symbols could not be loaded for NTIDrvr.sys
*** ERROR: Module load completed but symbols could not be loaded for GEARAspiWDM.sys
*** WARNING: Unable to verify checksum for BlockDll.dll
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for BlockDll.dll - 
Probably caused by : UBHelper.SYS ( UBHelper+1f69 )

Followup: MachineOwner

kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

WORKER_INVALID (e4)
A executive worker item was found in memory which must not contain such
items or a work item was queued that is currently active in the system.
Usually this is memory being freed.  This is usually caused by
a device driver that has not cleaned up properly before freeing memory.
Arguments:
Arg1: 00000001, Queuing of active worker item
Arg2: 85a34d08, Address of worker item
Arg3: 00000001, Queue number
Arg4: 00000000, 0

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  VISTA_RC

BUGCHECK_STR:  0xE4

PROCESS_NAME:  Monitor.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 81869aa1 to 818d5513

STACK_TEXT:  
9a69f7dc 81869aa1 000000e4 00000001 85a34d08 nt!KeBugCheckEx+0x1e
9a69f800 818a3dbd 85a34d08 00000001 842a9540 nt!ExQueueWorkItem+0x21
9a69f814 818a3de2 85a34d08 88fc5718 00000001 nt!IoQueueWorkItemEx+0x26
9a69f82c 88fc5f69 85a34d08 88fc5718 00000001 nt!IoQueueWorkItem+0x1b
WARNING: Stack unwind information not available. Following frames may be wrong.
9a69f8ac 8181ec40 85a36030 842a9664 842a96a4 UBHelper+0x1f69
9a69f8c4 8189f766 82368b31 00000000 00000000 nt!IofCallDriver+0x63
9a69f8c8 82368b31 00000000 00000000 89c47364 nt!IoCallDriverStackSafe+0x5
9a69f954 89c40ff1 85a368c0 842a9540 fffde040 CLASSPNP!ClassDeviceControl+0xcfc
9a69f988 89c3d873 85a368c0 012a9540 89c41054 cdrom!CdRomSynchronizeIoctlWithStartIo+0x29e
9a69fa24 82368bcf 85a368c0 842a9540 85a350d8 cdrom!CdRomDeviceControlDispatch+0x51e
9a69fa40 82365d56 85a368c0 842a9540 85a368c0 CLASSPNP!ClassDeviceControlDispatch+0x48
9a69fa54 8181ec40 85a368c0 842a9540 00000000 CLASSPNP!ClassGlobalDispatch+0x20
9a69fa6c 875f249b 875f2637 859fc020 842a9540 nt!IofCallDriver+0x63
9a69fb80 8181ec40 859fc020 842a9540 842a9688 NTIDrvr+0x49b
9a69fb98 88ecf42c 842a96ac 85a35020 84271c08 nt!IofCallDriver+0x63
9a69fbb4 8181ec40 0ea35020 002a9540 842a96d0 GEARAspiWDM+0x142c
9a69fbcc 81a274cf 842a9540 84271c08 842a96ac nt!IofCallDriver+0x63
9a69fbe8 81a26d2f 84271c08 842a9540 842a96ac nt!RawReadWriteDeviceControl+0xe8
9a69fc2c 8181ec40 84271b50 842a9540 842a9540 nt!RawDispatch+0x16f
9a69fc44 81988ebd 841a54d0 842a9540 842a96ac nt!IofCallDriver+0x63
9a69fc64 81989e7d 84271b50 841a54d0 0012f800 nt!IopSynchronousServiceTail+0x1e0
9a69fd00 8198edd9 84271b50 842a9540 00000000 nt!IopXxxControlFile+0x6b7
9a69fd34 8187d83a 000000bc 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
9a69fd34 77c7e524 000000bc 00000000 00000000 nt!KiFastCallEntry+0x12a
0012f834 77c7ce7c 765fc52d 000000bc 00000000 ntdll!KiFastSystemCallRet
0012f838 765fc52d 000000bc 00000000 00000000 ntdll!ZwDeviceIoControlFile+0xc
0012f898 003a218e 000000bc 0004e040 00000000 kernel32!DeviceIoControl+0x14a
0037d2b0 7c220078 7c220078 7c220078 7c220078 BlockDll!CBlockDll::CBlockDll+0x28e
0037d2b4 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2b8 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2bc 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2c0 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2c4 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2c8 7c220078 7c220078 7c220078 015c3a00 MFC71!afxStringManager+0x14
0037d2cc 7c220078 7c220078 015c3a00 7c220078 MFC71!afxStringManager+0x14
0037d2d0 7c220078 015c3a00 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2d4 015c3a00 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2d8 7c220078 7c220078 7c220078 7c220078 0x15c3a00
0037d2dc 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2e0 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2e4 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2e8 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2ec 7c220078 7c220078 7c220078 7c220078 MFC71!afxStringManager+0x14
0037d2f0 7c220078 7c220078 7c220078 00000000 MFC71!afxStringManager+0x14
0037d2f4 7c220078 7c220078 00000000 00000000 MFC71!afxStringManager+0x14
0037d2f8 7c220078 00000000 00000000 00000000 MFC71!afxStringManager+0x14
0037d2fc 00000000 00000000 00000000 00000000 MFC71!afxStringManager+0x14


STACK_COMMAND:  kb

FOLLOWUP_IP: 
UBHelper+1f69
88fc5f69 c7461802010000  mov     dword ptr [esi+18h],102h

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  UBHelper+1f69

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: UBHelper

IMAGE_NAME:  UBHelper.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  41c2a029

FAILURE_BUCKET_ID:  0xE4_UBHelper+1f69

BUCKET_ID:  0xE4_UBHelper+1f69

Followup: MachineOwner
---------

kd> lmvm UBHelper
start    end        module name
88fc4000 88fc7680   UBHelper   (no symbols)           
    Loaded symbol image file: UBHelper.SYS
    Image path: \SystemRoot\System32\Drivers\UBHelper.SYS
    Image name: UBHelper.SYS
    Timestamp:        Fri Dec 17 17:00:25 2004 (41C2A029)
    CheckSum:         0000F218
    ImageSize:        00003680
    Translations:     0000.04b0 0000.04e0 0409.04b0 0409.04e0

C:\Windows>sc qc ubhelper
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ubhelper
        TYPE               : 1  KERNEL_DRIVER
        START_TYPE         : 1   SYSTEM_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   :
        LOAD_ORDER_GROUP   : Pnp Filter
        TAG                : 0
        DISPLAY_NAME       : UBHelper
        DEPENDENCIES       :
        SERVICE_START_NAME :


The solution was as simple as running this command in an elevated Command Prompt (while in Safe Mode) and then rebooting:

C:\Windows>sc config ubhelper start= disabled
[SC] ChangeServiceConfig SUCCESS


I can add my voice to [livejournal.com profile] itsacz's criticisms of Creative hardware, and in addition, criticize Mustek for writing bad drivers. It's somewhat frustrating that it took so long for these bugs to be exposed when everything appeared stable on XP and below...

Now that everything's stable, the laptop actually runs quite a bit faster than it used to, and I was able to go online from a food court in Tiong Bahru (where I went with [livejournal.com profile] wao while accompanying her on her photo-taking adventures) during lunch using the new Wireless@SG initiative from the Infocomm Development Authority of Singapore. The speed is actually quite good, even at 12:30 pm on a Wednesday afternoon. :)

And yes, I believe I still have a Cluedo set at home somewhere. ^_^
  • Current Mood: accomplished
  • Current Music: rain
Tags:
Flat | Top-Level Comments Only

Date: 2006-12-14 07:32 am (UTC)
From: [identity profile] itsacz.livejournal.com
Looks like the life of an SDET. :P

The only time I saw a debugger like this was when I attended an MS internal presentation on kernel debugging. ^^;;
Flat | Top-Level Comments Only

Profile

nyankoframe: (Default)
nyankoframe

October 2024

S M T W T F S
  12345
6789101112
13141516171819
20212223242526
2728 293031  

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 7th, 2025 09:54 am
Powered by Dreamwidth Studios