# Solved: EVE Online and Blue Screen



## demortes (Mar 19, 2007)

Greetings Everyone,

I am having tremendous trouble with EVE (eve-online.com) and a BSOD. I've done everything I can think possible. The game worked properly for a day after a reload of Win XP Pro. Anyhow, here's what I have. I will not attach the memory dump, as it's a complete memory dump. But I will attach my dxdiag log, as well as the log from WinDBG for those that use it.

Any light you can shine on this problem, PLEASE DO! I'm getting highly annoyed.

Demortes
----------------------------------------------------------------------------------------

WINDBG

----------------------------------------------------------------------------------------

Microsoft (R) Windows Debugger Version 6.8.0004.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\WINDOWS\MEMORY.DMP]
Kernel Complete Dump File: Full address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_gdr.070227-2254
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700
Debug session time: Sun Feb 17 16:45:31.781 2008 (GMT-6)
System Uptime: 0 days 14:43:13.506
Loading Kernel Symbols
........................................................................................................................
Loading User Symbols
...............................................................................
Loading unloaded module list
..............................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {c, 2, 0, f69ff708}

*** ERROR: Module load completed but symbols could not be loaded for ALCXWDM.SYS
*** ERROR: Symbol file could not be found. Defaulted to export symbols for blue.dll - 
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
Probably caused by : portcls.sys ( portcls!CPortWavePci::Notify+b )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000c, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: f69ff708, address which referenced memory

Debugging Details:
------------------

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************

READ_ADDRESS: 0000000c

CURRENT_IRQL: 2

FAULTING_IP: 
portcls!CPortWavePci::Notify+b
f69ff708 ff510c call dword ptr [ecx+0Ch]

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: ExeFile.exe

TRAP_FRAME: f78dfc58 -- (.trap 0xfffffffff78dfc58)
ErrCode = 00000000
eax=85d19de8 ebx=85a1e000 ecx=00000000 edx=f6a0a8c8 esi=85a1e02c edi=00000b40
eip=f69ff708 esp=f78dfccc ebp=f78dfcd0 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
portcls!CPortWavePci::Notify+0xb:
f69ff708 ff510c call dword ptr [ecx+0Ch] ds:0023:0000000c=????????
Resetting default scope

LAST_CONTROL_TRANSFER: from f69ff708 to 80543930

STACK_TEXT: 
f78dfc58 f69ff708 badb0d00 f6a0a8c8 f78dfc88 nt!KiTrap0E+0x238
f78dfcd0 f6a8f340 85ca7c78 85d19de8 85a41a3c portcls!CPortWavePci::Notify+0xb
WARNING: Stack unwind information not available. Following frames may be wrong.
f78dffac f6a910a2 85a45bb0 ffdff9c0 ffdff000 ALCXWDM+0x6d340
f78dffcc 805450bf 85a41e64 02a1e000 8589bf90 ALCXWDM+0x6f0a2
f78dfff4 80544c2b f703c97c 00000000 00000000 nt!KiRetireDpcList+0x61
f78dfff8 f703c97c 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
80544c2b 00000000 00000009 0081850f bb830000 0xf703c97c

STACK_COMMAND: kb

FOLLOWUP_IP: 
portcls!CPortWavePci::Notify+b
f69ff708 ff510c call dword ptr [ecx+0Ch]

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: portcls!CPortWavePci::Notify+b

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: portcls

IMAGE_NAME: portcls.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 41107f13

FAILURE_BUCKET_ID: 0xD1_portcls!CPortWavePci::Notify+b

BUCKET_ID: 0xD1_portcls!CPortWavePci::Notify+b

Followup: MachineOwner
---------


----------



## demortes (Mar 19, 2007)

New Crash after updating Video and Sound drivers to their latest from the manufactures website.

BTW: Memtest came clean before the reload.

------------------------
WinDBG
------------------------

Microsoft (R) Windows Debugger Version 6.8.0004.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\WINDOWS\MEMORY.DMP]
Kernel Complete Dump File: Full address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_gdr.070227-2254
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700
Debug session time: Sun Feb 17 17:42:38.984 2008 (GMT-6)
System Uptime: 0 days 0:10:23.718
Loading Kernel Symbols
........................................................................................................................
Loading User Symbols
...............................................................................
Loading unloaded module list
....................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {f44d8b4e, 2, 1, 804f0f04}

*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for blue.dll - 
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
Probably caused by : hidusb.sys ( hidusb!HumReadReport+ed )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: f44d8b4e, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 804f0f04, address which referenced memory

Debugging Details:
------------------

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************

WRITE_ADDRESS: f44d8b4e

CURRENT_IRQL: 2

FAULTING_IP: 
nt!IoAllocateMdl+c2
804f0f04 66894804 mov word ptr [eax+4],cx

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: ExeFile.exe

TRAP_FRAME: f78dfabc -- (.trap 0xfffffffff78dfabc)
ErrCode = 00000002
eax=85a794e8 ebx=00000001 ecx=89000020 edx=8cf10003 esi=85c41ea8 edi=85d7d180
eip=804f0f04 esp=f78dfb30 ebp=f78dfb44 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00210286
nt!IoAllocateMdl+0xc2:
804f0f04 66894804 mov word ptr [eax+4],cx ds:0023:85a794ec=0020
Resetting default scope

LAST_CONTROL_TRANSFER: from 804f0f04 to 80543930

STACK_TEXT: 
f78dfabc 804f0f04 badb0d00 8cf10003 ec491f98 nt!KiTrap0E+0x238
f78dfb44 eb085c8e ffdff120 00000014 00000000 nt!IoAllocateMdl+0xc2
f78dfb78 eb08adfe 85cb5030 85c0c028 00000090 USBPORT!USBPORT_ProcessURB+0x326
f78dfb98 eb0741e2 85cb5030 859ffe70 859ffe70 USBPORT!USBPORT_PdoInternalDeviceControlIrp+0x7e
f78dfbbc 804ef095 859fff4c 85cb5188 85c41ea8 USBPORT!USBPORT_Dispatch+0x148
f78dfbcc eea9250a f78dfbf4 eea962d9 859ffe70 nt!IopfCallDriver+0x31
f78dfbd4 eea962d9 859ffe70 85cb5030 859ffe70 usbhub!USBH_PassIrp+0x18
f78dfbf4 eea96afa 85d892f8 859ffe70 85ca3030 usbhub!USBH_PdoUrbFilter+0xbd
f78dfc10 eea941d8 85c41ea8 859ffe70 f78dfc4c usbhub!USBH_PdoDispatch+0x202
f78dfc20 804ef095 85b86b58 859ffe70 85d04300 usbhub!USBH_HubDispatch+0x48
f78dfc30 f29304db 00220003 859fff4c 80000000 nt!IopfCallDriver+0x31
f78dfc4c f292f76b 85cf9660 859ffe70 ec46dfd4 usbccgp!ParentInternalDeviceControl+0xbb
f78dfc70 f292f5d3 85cf9658 859ffe70 0000000f usbccgp!USBC_InternalDeviceControl+0x3b
f78dfcac 804ef095 85cf95a0 859ffe70 85d04300 usbccgp!USBC_Dispatch+0x183
f78dfcbc f2931231 80000000 00000009 00220003 nt!IopfCallDriver+0x31
f78dfcec f292f786 85d8ab58 859ffe70 85d8ab58 usbccgp!FunctionInternalDeviceControl+0x1c1
f78dfd10 f292f5d3 85d8ab50 859ffe70 0000000f usbccgp!USBC_InternalDeviceControl+0x56
f78dfd4c 804ef095 85d8aa98 859ffe70 85c41ea8 usbccgp!USBC_Dispatch+0x183
f78dfd5c ee7dbe91 859ffe70 85a8d010 85dd2268 nt!IopfCallDriver+0x31
f78dfd80 ee7db567 85ca3030 85d54f58 f78dfd9f hidusb!HumReadReport+0xed
f78dfda0 f7680e91 85ca3030 859ffe70 859ffe70 hidusb!HumInternalIoctl+0x69
f78dfdb4 f7682234 85ca3030 859ffe70 859ffe70 HIDCLASS!HidpCallDriver+0x3f
f78dfdd0 f768209c 85ca30fc 85dd2268 f78dfe1b HIDCLASS!HidpSubmitInterruptRead+0x84
f78dfe08 804f15b6 00000000 859ffe70 00ca30fc HIDCLASS!HidpInterruptReadComplete+0x1d2
f78dfe38 eb07bee5 859ffe70 8544d008 85c0c028 nt!IopfCompleteRequest+0xa2
f78dfea0 eb07cb57 85c41ea8 00000000 85c0c7d8 USBPORT!USBPORT_CompleteTransfer+0x373
f78dfed0 eb07d754 026e6f44 85c0c0e0 85c0c0e0 USBPORT!USBPORT_DoneTransfer+0x137
f78dff08 eb07ef6a 85c0c028 80545d0c 85c0c230 USBPORT!USBPORT_FlushDoneTransferList+0x16c
f78dff34 eb08cfb0 85c0c028 80545d0c 85c0c028 USBPORT!USBPORT_DpcWorker+0x224
f78dff70 eb08d128 85c0c028 00000001 85c3070c USBPORT!USBPORT_IsrDpcWorker+0x37e
f78dff8c f72d3a9e 85c0c64c 6b755044 00000000 USBPORT!USBPORT_IsrDpc+0x166
WARNING: Stack unwind information not available. Following frames may be wrong.
f78dffcc 805450bf 85c0c64c 85c0c028 00000000 sptd+0x11a9e
f78dfff4 80544c2b ef274d44 00000000 00000000 nt!KiRetireDpcList+0x61
f78dfff8 ef274d44 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
80544c2b 00000000 00000009 0081850f bb830000 0xef274d44

STACK_COMMAND: kb

FOLLOWUP_IP: 
hidusb!HumReadReport+ed
ee7dbe91 8b4d10 mov ecx,dword ptr [ebp+10h]

SYMBOL_STACK_INDEX: 13

SYMBOL_NAME: hidusb!HumReadReport+ed

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: hidusb

IMAGE_NAME: hidusb.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 3b7d8658

FAILURE_BUCKET_ID: 0xA_W_hidusb!HumReadReport+ed

BUCKET_ID: 0xA_W_hidusb!HumReadReport+ed

Followup: MachineOwner
---------

0: kd> lmvm hidusb
start end module name
ee7db000 ee7dd580 hidusb (pdb symbols) c:\symbols\hidusb.pdb\D9EE4738B1034525A0FCE098D724547D1\hidusb.pdb
Loaded symbol image file: hidusb.sys
Image path: \SystemRoot\system32\DRIVERS\hidusb.sys
Image name: hidusb.sys
Timestamp: Fri Aug 17 16:02:16 2001 (3B7D8658)
CheckSum: 0000D6C8
ImageSize: 00002580
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0


----------



## McTimson (Aug 16, 2002)

Get the latest chipset drivers for your motherboard installed, since you just reformatted.

After you install those drivers, post your new DXDiag report.


----------



## demortes (Mar 19, 2007)

Latest? This is what came with the computers mobo. I'll see what I can find.

.... found some other drivers....


----------



## demortes (Mar 19, 2007)

Hrm, just to let you know, I don't think I'm having problems with blue screen in the game anymore. Didn't think chipset would do much with games... will keep you posted if it resurfaces...

For those that use WinDBG regularly, how do you get symbols for those drivers not listed, like stpd.sys and ALCwhatever... is there a location you go to for it, or is there no way to get it from anyone but the manufacture?


----------



## demortes (Mar 19, 2007)

Had a couple of BSOD's last night, related to ntfs.sys and nt (no extention given.) Once I get home, I'll post the logs.

I know ONE of my HDD's has a bad sector, isn't S.M.A.R.T supposed to stop that from being used to prevent issues?


----------



## DeBug (Feb 19, 2008)

demortes said:


> Had a couple of BSOD's last night, related to ntfs.sys and nt (no extention given.) Once I get home, I'll post the logs.
> 
> I know ONE of my HDD's has a bad sector, isn't S.M.A.R.T supposed to stop that from being used to prevent issues?


Sorry but 3 posts in 1 time I think this gonna be spamming.


----------



## demortes (Mar 19, 2007)

Note: I found out the reason why I was getting the Symbol issues. I had SP3 installed. The Symbol Server didn't have SP3 symbols, I'm guessing. I uninstalled SP3 and it fixed the issue in WinDBG.

Now I'm just waiting for SP3 to be official, cause it doesn't solve any major issues for me, nor does it create.

Edit: Wrong post, sorry


----------

