dmp文件分析如下,该怎么做?
Microsoft (R) Windows Debugger Version 10.0.17134.12 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [E:\TR\053018-11390-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
Machine Name:
Kernel base = 0xfffff800`30e1d000 PsLoadedModuleList = 0xfffff800`31183030
Debug session time: Wed May 30 08:52:12.123 2018 (UTC + 8:00)
System Uptime: 0 days 0:07:28.968
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
................................................................
......................................
Loading User Symbols
Loading unloaded module list
.........................
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck EF, {ffffc58428310580, 0, 0, 0}
Probably caused by : ntdll.dll
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
CRITICAL_PROCESS_DIED (ef)
A critical system process died
Arguments:
Arg1: ffffc58428310580, Process object or thread object
Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
Arg3: 0000000000000000
Arg4: 0000000000000000
Debugging Details:
------------------
KEY_VALUES_STRING: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
SYSTEM_MANUFACTURER: Dell Inc.
SYSTEM_PRODUCT_NAME: Latitude 7490
SYSTEM_SKU: 081C
BIOS_VENDOR: Dell Inc.
BIOS_VERSION: 1.2.8
BIOS_DATE: 03/12/2018
BASEBOARD_MANUFACTURER: Dell Inc.
BASEBOARD_PRODUCT: 0KP0FT
BASEBOARD_VERSION: A00
DUMP_TYPE: 2
BUGCHECK_P1: ffffc58428310580
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
PROCESS_NAME: CmgShieldSvc.exe
CRITICAL_PROCESS: CmgShieldSvc.exe
EXCEPTION_CODE: (Win32) 0x2b91f700 (730986240) - <Unable to get error code text>
ERROR_CODE: (NTSTATUS) 0x2b91f700 - <Unable to get error code text>
CRITICAL_PROCESS_REPORTGUID: {9c4d91d6-1720-49c6-98b7-4d5319f16293}
IMAGE_NAME: ntdll.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MODULE_NAME: ntdll
FAULTING_MODULE: 0000000000000000
CPU_COUNT: 8
CPU_MHZ: 840
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 8e
CPU_STEPPING: a
CPU_MICROCODE: 6,8e,a,0 (F,M,S,R) SIG: 84'00000000 (cache) 84'00000000 (init)
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXPNP: 1 (!blackboxpnp)
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: 0xEF
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: MCN-52H3SN2
ANALYSIS_SESSION_TIME: 05-30-2018 14:38:19.0432
ANALYSIS_VERSION: 10.0.17134.12 amd64fre
LAST_CONTROL_TRANSFER: from fffff8003153035f to fffff80030f92570
STACK_TEXT:
ffff830b`5490f838 fffff800`3153035f : 00000000`000000ef ffffc584`28310580 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
ffff830b`5490f840 fffff800`3142c16b : 00000000`00000000 fffff800`30f14d7d ffffc584`28310580 00000000`c0000374 : nt!PspCatchCriticalBreak+0xff
ffff830b`5490f8e0 fffff800`3135b8a4 : ffffc584`00000000 ffffc584`28310580 ffffc584`28310858 ffffc584`28310580 : nt!PspTerminateAllThreads+0x19d237
ffff830b`5490f950 fffff800`3135b68d : ffffffff`ffffffff ffff830b`5490fa80 ffffc584`28310580 ffff830b`5490f901 : nt!PspTerminateProcess+0xe0
ffff830b`5490f990 fffff800`30fa4363 : ffffc584`00000ca8 ffffc584`2b91f700 ffffc584`28310580 00000000`00000001 : nt!NtTerminateProcess+0xa9
ffff830b`5490fa00 00007ffd`5e300844 : 00007ffd`5e358801 00007ffd`5e3a5330 000000c4`5b7ff450 00000000`00000001 : nt!KiSystemServiceCopyEnd+0x13
000000c4`5b7fe3d8 00007ffd`5e358801 : 00007ffd`5e3a5330 000000c4`5b7ff450 00000000`00000001 00000000`00000000 : 0x00007ffd`5e300844
000000c4`5b7fe3e0 00007ffd`5e3a5330 : 000000c4`5b7ff450 00000000`00000001 00000000`00000000 00000000`000f879b : 0x00007ffd`5e358801
000000c4`5b7fe3e8 000000c4`5b7ff450 : 00000000`00000001 00000000`00000000 00000000`000f879b 00007ffd`5e2f13d6 : 0x00007ffd`5e3a5330
000000c4`5b7fe3f0 00000000`00000001 : 00000000`00000000 00000000`000f879b 00007ffd`5e2f13d6 00000000`00000000 : 0x000000c4`5b7ff450
000000c4`5b7fe3f8 00000000`00000000 : 00000000`000f879b 00007ffd`5e2f13d6 00000000`00000000 00007ffd`4cc3c49f : 0x1
THREAD_SHA1_HASH_MOD_FUNC: 042a2b51772309c39e12d732cc93cacf0af3064e
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 07b9ad924f3cf370069a4b3dc5ad161802bff97c
THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
FOLLOWUP_NAME: MachineOwner
STACK_COMMAND: .thread ; .cxr ; kb
FAILURE_BUCKET_ID: 0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll
BUCKET_ID: 0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll
PRIMARY_PROBLEM_CLASS: 0xEF_CmgShieldSvc.exe_BUGCHECK_CRITICAL_PROCESS_2b91f700_ntdll.dll!RtlReportCriticalFailure_IMAGE_ntdll.dll
TARGET_TIME: 2018-05-30T00:52:12.000Z
OSBUILD: 16299
OSSERVICEPACK: 431
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2018-05-03 14:05:22
BUILDDATESTAMP_STR: 180502-1908
BUILDLAB_STR: rs3_release_svc_escrow
BUILDOSVER_STR: 10.0.16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
ANALYSIS_SESSION_ELAPSED_TIME: 5dc
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xef_cmgshieldsvc.exe_bugcheck_critical_process_2b91f700_ntdll.dll!rtlreportcriticalfailure_image_ntdll.dll
FAILURE_ID_HASH: {cc2da2af-f2b6-5948-d66d-5964e7c20e3b}
Followup: MachineOwner
---------
