none
win10 pro 蓝屏 RRS feed

  • 问题

  • dmp文件分析如下,该怎么做?

    Microsoft (R) Windows Debugger Version 10.0.17134.12 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [E:\TR\053018-11390-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: srv*
    Executable search path is:
    Windows 10 Kernel Version 16299 MP (8 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
    Machine Name:
    Kernel base = 0xfffff800`30e1d000 PsLoadedModuleList = 0xfffff800`31183030
    Debug session time: Wed May 30 08:52:12.123 2018 (UTC + 8:00)
    System Uptime: 0 days 0:07:28.968
    Loading Kernel Symbols
    .

    Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
    Run !sym noisy before .reload to track down problems loading symbols.

    ..............................................................
    ................................................................
    ................................................................
    ......................................
    Loading User Symbols
    Loading unloaded module list
    .........................
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck EF, {ffffc58428310580, 0, 0, 0}

    Probably caused by : ntdll.dll

    Followup:     MachineOwner
    ---------

    3: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    CRITICAL_PROCESS_DIED (ef)
            A critical system process died
    Arguments:
    Arg1: ffffc58428310580, Process object or thread object
    Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
    Arg3: 0000000000000000
    Arg4: 0000000000000000

    Debugging Details:
    ------------------


    KEY_VALUES_STRING: 1


    TIMELINE_ANALYSIS: 1


    DUMP_CLASS: 1

    DUMP_QUALIFIER: 400

    BUILD_VERSION_STRING:  16299.431.amd64fre.rs3_release_svc_escrow.180502-1908

    SYSTEM_MANUFACTURER:  Dell Inc.

    SYSTEM_PRODUCT_NAME:  Latitude 7490

    SYSTEM_SKU:  081C

    BIOS_VENDOR:  Dell Inc.

    BIOS_VERSION:  1.2.8

    BIOS_DATE:  03/12/2018

    BASEBOARD_MANUFACTURER:  Dell Inc.

    BASEBOARD_PRODUCT:  0KP0FT

    BASEBOARD_VERSION:  A00

    DUMP_TYPE:  2

    BUGCHECK_P1: ffffc58428310580

    BUGCHECK_P2: 0

    BUGCHECK_P3: 0

    BUGCHECK_P4: 0

    PROCESS_NAME:  CmgShieldSvc.exe

    CRITICAL_PROCESS:  CmgShieldSvc.exe

    EXCEPTION_CODE: (Win32) 0x2b91f700 (730986240) - <Unable to get error code text>

    ERROR_CODE: (NTSTATUS) 0x2b91f700 - <Unable to get error code text>

    CRITICAL_PROCESS_REPORTGUID:  {9c4d91d6-1720-49c6-98b7-4d5319f16293}

    IMAGE_NAME:  ntdll.dll

    DEBUG_FLR_IMAGE_TIMESTAMP:  0

    MODULE_NAME: ntdll

    FAULTING_MODULE: 0000000000000000

    CPU_COUNT: 8

    CPU_MHZ: 840

    CPU_VENDOR:  GenuineIntel

    CPU_FAMILY: 6

    CPU_MODEL: 8e

    CPU_STEPPING: a

    CPU_MICROCODE: 6,8e,a,0 (F,M,S,R)  SIG: 84'00000000 (cache) 84'00000000 (init)

    BLACKBOXBSD: 1 (!blackboxbsd)


    BLACKBOXPNP: 1 (!blackboxpnp)


    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

    BUGCHECK_STR:  0xEF

    CURRENT_IRQL:  0

    ANALYSIS_SESSION_HOST:  MCN-52H3SN2

    ANALYSIS_SESSION_TIME:  05-30-2018 14:38:19.0432

    ANALYSIS_VERSION: 10.0.17134.12 amd64fre

    LAST_CONTROL_TRANSFER:  from fffff8003153035f to fffff80030f92570

    STACK_TEXT: 
    ffff830b`5490f838 fffff800`3153035f : 00000000`000000ef ffffc584`28310580 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
    ffff830b`5490f840 fffff800`3142c16b : 00000000`00000000 fffff800`30f14d7d ffffc584`28310580 00000000`c0000374 : nt!PspCatchCriticalBreak+0xff
    ffff830b`5490f8e0 fffff800`3135b8a4 : ffffc584`00000000 ffffc584`28310580 ffffc584`28310858 ffffc584`28310580 : nt!PspTerminateAllThreads+0x19d237
    ffff830b`5490f950 fffff800`3135b68d : ffffffff`ffffffff ffff830b`5490fa80 ffffc584`28310580 ffff830b`5490f901 : nt!PspTerminateProcess+0xe0
    ffff830b`5490f990 fffff800`30fa4363 : ffffc584`00000ca8 ffffc584`2b91f700 ffffc584`28310580 00000000`00000001 : nt!NtTerminateProcess+0xa9
    ffff830b`5490fa00 00007ffd`5e300844 : 00007ffd`5e358801 00007ffd`5e3a5330 000000c4`5b7ff450 00000000`00000001 : nt!KiSystemServiceCopyEnd+0x13
    000000c4`5b7fe3d8 00007ffd`5e358801 : 00007ffd`5e3a5330 000000c4`5b7ff450 00000000`00000001 00000000`00000000 : 0x00007ffd`5e300844
    000000c4`5b7fe3e0 00007ffd`5e3a5330 : 000000c4`5b7ff450 00000000`00000001 00000000`00000000 00000000`000f879b : 0x00007ffd`5e358801
    000000c4`5b7fe3e8 000000c4`5b7ff450 : 00000000`00000001 00000000`00000000 00000000`000f879b 00007ffd`5e2f13d6 : 0x00007ffd`5e3a5330
    000000c4`5b7fe3f0 00000000`00000001 : 00000000`00000000 00000000`000f879b 00007ffd`5e2f13d6 00000000`00000000 : 0x000000c4`5b7ff450
    000000c4`5b7fe3f8 00000000`00000000 : 00000000`000f879b 00007ffd`5e2f13d6 00000000`00000000 00007ffd`4cc3c49f : 0x1


    THREAD_SHA1_HASH_MOD_FUNC:  042a2b51772309c39e12d732cc93cacf0af3064e

    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  07b9ad924f3cf370069a4b3dc5ad161802bff97c

    THREAD_SHA1_HASH_MOD:  ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693

    FOLLOWUP_NAME:  MachineOwner

    STACK_COMMAND:  .thread ; .cxr ; kb

    FAILURE_BUCKET_ID:  0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll

    BUCKET_ID:  0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll

    PRIMARY_PROBLEM_CLASS:  0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll

    TARGET_TIME:  2018-05-30T00:52:12.000Z

    OSBUILD:  16299

    OSSERVICEPACK:  431

    SERVICEPACK_NUMBER: 0

    OS_REVISION: 0

    SUITE_MASK:  272

    PRODUCT_TYPE:  1

    OSPLATFORM_TYPE:  x64

    OSNAME:  Windows 10

    OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS

    OS_LOCALE: 

    USER_LCID:  0

    OSBUILD_TIMESTAMP:  2018-05-03 14:05:22

    BUILDDATESTAMP_STR:  180502-1908

    BUILDLAB_STR:  rs3_release_svc_escrow

    BUILDOSVER_STR:  10.0.16299.431.amd64fre.rs3_release_svc_escrow.180502-1908

    ANALYSIS_SESSION_ELAPSED_TIME:  5dc

    ANALYSIS_SOURCE:  KM

    FAILURE_ID_HASH_STRING:  km:0xef_cmgshieldsvc.exe_bugcheck_critical_process_2b91f700_ntdll.dll!rtlreportcriticalfailure_image_ntdll.dll

    FAILURE_ID_HASH:  {cc2da2af-f2b6-5948-d66d-5964e7c20e3b}

    Followup:     MachineOwner
    ---------

    2018年5月30日 6:39

全部回复