I built two PC with almost identical components.
One computer only crashed 1 time in several months.
The other crashes several times already. I need to identify if a hardware component fails, a driver fails or something else. The symptom is that the screen appears to be frozen, sometimes messed up. So I need to hard reboot it.
Using crash dump analysis, I found the below information with a lot more information not posted. I can post them, but I need to make sure no specific keys are leaked, and probably attachment is needed.
Please let me know if I need to post additional information, and which section or all of them.
The dump says it's Windows 10, but it is Windows 11, and I downloaded it directly from MS website. Also, there are many crashes, this shows the count as 1, but it is just the 1st one used for the dump.
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff804`5bc2b8f0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff804`5e88fed0=00000000000000e6
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DMA_VIOLATION (e6)
An illegal DMA operation was attempted by a driver being verified.
Arguments:
Arg1: 0000000000000026, IOMMU detected DMA violation.
Arg2: 0000000000000000, Device Object of faulting device.
Arg3: 0000000040702420, Faulting information (usually faulting physical address).
Arg4: 0000000000000004, Fault type (hardware specific).
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 484
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 2312
Key : Analysis.IO.Other.Mb
Value: 20
Key : Analysis.IO.Read.Mb
Value: 0
Key : Analysis.IO.Write.Mb
Value: 30
Key : Analysis.Init.CPU.mSec
Value: 46
Key : Analysis.Init.Elapsed.mSec
Value: 19748
Key : Analysis.Memory.CommitPeak.Mb
Value: 98
Key : Bugcheck.Code.DumpHeader
Value: 0xe6
Key : Bugcheck.Code.Register
Value: 0xe6
Key : Dump.Attributes.AsUlong
Value: 1008
Key : Dump.Attributes.DiagDataWrittenToHeader
Value: 1
Key : Dump.Attributes.ErrorCode
Value: 0
Key : Dump.Attributes.KernelGeneratedTriageDump
Value: 1
Key : Dump.Attributes.LastLine
Value: Dump completed successfully.
Key : Dump.Attributes.ProgressPercentage
Value: 0
FILE_IN_CAB: 060123-8609-01.dmp
DUMP_FILE_ATTRIBUTES: 0x1008
Kernel Generated Triage Dump
BUGCHECK_CODE: e6
BUGCHECK_P1: 26
BUGCHECK_P2: 0
BUGCHECK_P3: 40702420
BUGCHECK_P4: 4
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
STACK_TEXT:
fffff804`5e88fec8 fffff804`5bd1f25d : 00000000`000000e6 00000000`00000026 00000000`00000000 00000000`40702420 : nt!KeBugCheckEx
fffff804`5e88fed0 fffff804`5bd088eb : fffff804`5c4618a0 fffff804`5c4618a0 fffff804`58045100 fffff804`5e880a70 : nt!IvtHandleInterrupt+0x1bd
fffff804`5e88ff20 fffff804`5bb4b3be : fffff804`5c50e010 fffff804`5c50e0c0 fffff804`58045180 fffff804`5c50e010 : nt!HalpIommuInterruptRoutine+0x4b
fffff804`5e88ff50 fffff804`5bc2d91c : fffff804`5e880a70 fffff804`5c50e010 ffffcc06`7d48b080 00000000`0000073a : nt!KiCallInterruptServiceRoutine+0x19e
fffff804`5e88ff90 fffff804`5bc2dea7 : 00000796`7378df51 00000000`00000000 00000796`7200a8cd 00000000`00000000 : nt!KiInterruptSubDispatchNoLock+0x11c
fffff804`5e8809f0 fffff804`5bc306aa : 00000000`00000000 fffff804`5c54c6c0 ffffcc06`7d48b080 ffffcc06`7d48b080 : nt!KiInterruptDispatchNoLock+0x37
fffff804`5e880b80 00000000`00000000 : fffff804`5e881000 fffff804`5e87a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
SYMBOL_NAME: nt!IvtHandleInterrupt+1bd
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.22621.1702
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: 1bd
FAILURE_BUCKET_ID: 0xE6_26_nt!IvtHandleInterrupt
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {11608481-d56e-58cc-4b64-17c92254d2f4}
Followup: MachineOwner
---------
One computer only crashed 1 time in several months.
The other crashes several times already. I need to identify if a hardware component fails, a driver fails or something else. The symptom is that the screen appears to be frozen, sometimes messed up. So I need to hard reboot it.
Using crash dump analysis, I found the below information with a lot more information not posted. I can post them, but I need to make sure no specific keys are leaked, and probably attachment is needed.
Please let me know if I need to post additional information, and which section or all of them.
The dump says it's Windows 10, but it is Windows 11, and I downloaded it directly from MS website. Also, there are many crashes, this shows the count as 1, but it is just the 1st one used for the dump.
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff804`5bc2b8f0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff804`5e88fed0=00000000000000e6
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DMA_VIOLATION (e6)
An illegal DMA operation was attempted by a driver being verified.
Arguments:
Arg1: 0000000000000026, IOMMU detected DMA violation.
Arg2: 0000000000000000, Device Object of faulting device.
Arg3: 0000000040702420, Faulting information (usually faulting physical address).
Arg4: 0000000000000004, Fault type (hardware specific).
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 484
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 2312
Key : Analysis.IO.Other.Mb
Value: 20
Key : Analysis.IO.Read.Mb
Value: 0
Key : Analysis.IO.Write.Mb
Value: 30
Key : Analysis.Init.CPU.mSec
Value: 46
Key : Analysis.Init.Elapsed.mSec
Value: 19748
Key : Analysis.Memory.CommitPeak.Mb
Value: 98
Key : Bugcheck.Code.DumpHeader
Value: 0xe6
Key : Bugcheck.Code.Register
Value: 0xe6
Key : Dump.Attributes.AsUlong
Value: 1008
Key : Dump.Attributes.DiagDataWrittenToHeader
Value: 1
Key : Dump.Attributes.ErrorCode
Value: 0
Key : Dump.Attributes.KernelGeneratedTriageDump
Value: 1
Key : Dump.Attributes.LastLine
Value: Dump completed successfully.
Key : Dump.Attributes.ProgressPercentage
Value: 0
FILE_IN_CAB: 060123-8609-01.dmp
DUMP_FILE_ATTRIBUTES: 0x1008
Kernel Generated Triage Dump
BUGCHECK_CODE: e6
BUGCHECK_P1: 26
BUGCHECK_P2: 0
BUGCHECK_P3: 40702420
BUGCHECK_P4: 4
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
STACK_TEXT:
fffff804`5e88fec8 fffff804`5bd1f25d : 00000000`000000e6 00000000`00000026 00000000`00000000 00000000`40702420 : nt!KeBugCheckEx
fffff804`5e88fed0 fffff804`5bd088eb : fffff804`5c4618a0 fffff804`5c4618a0 fffff804`58045100 fffff804`5e880a70 : nt!IvtHandleInterrupt+0x1bd
fffff804`5e88ff20 fffff804`5bb4b3be : fffff804`5c50e010 fffff804`5c50e0c0 fffff804`58045180 fffff804`5c50e010 : nt!HalpIommuInterruptRoutine+0x4b
fffff804`5e88ff50 fffff804`5bc2d91c : fffff804`5e880a70 fffff804`5c50e010 ffffcc06`7d48b080 00000000`0000073a : nt!KiCallInterruptServiceRoutine+0x19e
fffff804`5e88ff90 fffff804`5bc2dea7 : 00000796`7378df51 00000000`00000000 00000796`7200a8cd 00000000`00000000 : nt!KiInterruptSubDispatchNoLock+0x11c
fffff804`5e8809f0 fffff804`5bc306aa : 00000000`00000000 fffff804`5c54c6c0 ffffcc06`7d48b080 ffffcc06`7d48b080 : nt!KiInterruptDispatchNoLock+0x37
fffff804`5e880b80 00000000`00000000 : fffff804`5e881000 fffff804`5e87a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
SYMBOL_NAME: nt!IvtHandleInterrupt+1bd
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.22621.1702
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: 1bd
FAILURE_BUCKET_ID: 0xE6_26_nt!IvtHandleInterrupt
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {11608481-d56e-58cc-4b64-17c92254d2f4}
Followup: MachineOwner
---------
Facebook
Twitter
Instagram