************* Preparing the environment for Debugger Extensions Gallery repositories ************** ExtensionRepository : Implicit UseExperimentalFeatureForNugetShare : true AllowNugetExeUpdate : true NonInteractiveNuget : true AllowNugetMSCredentialProviderInstall : true AllowParallelInitializationOfLocalRepositories : true EnableRedirectToV8JsProvider : false -- Configuring repositories ----> Repository : LocalInstalled, Enabled: true ----> Repository : UserExtensions, Enabled: true >>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds ************* Waiting for Debugger Extensions Gallery to Initialize ************** >>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.032 seconds ----> Repository : UserExtensions, Enabled: true, Packages count: 0 ----> Repository : LocalInstalled, Enabled: true, Packages count: 41 Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\071724-25187-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: srv* Executable search path is: Windows 10 Kernel Version 19041 MP (12 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0xfffff802`12000000 PsLoadedModuleList = 0xfffff802`12c2a7c0 Debug session time: Wed Jul 17 08:57:28.264 2024 (UTC + 8:00) System Uptime: 0 days 23:49:12.263 Loading Kernel Symbols ............................................................... ................................................................ ................................................................ .................................. Loading User Symbols PEB is paged out (Peb.Ldr = 000000b0`aa825018). Type ".hh dbgerr001" for details Loading unloaded module list .......................... For analysis of this file, run !analyze -v nt!KeBugCheckEx: fffff802`123fdaf0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffde81`115bec10=00000000000000ef 1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CRITICAL_PROCESS_DIED (ef) A critical system process died Arguments: Arg1: ffffce8c7af71240, Process object or thread object Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died. Arg3: 0000000000000000, The process object that initiated the termination. Arg4: 0000000000000000 Debugging Details: ------------------ KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 4265 Key : Analysis.Elapsed.mSec Value: 13343 Key : Analysis.IO.Other.Mb Value: 1 Key : Analysis.IO.Read.Mb Value: 1 Key : Analysis.IO.Write.Mb Value: 7 Key : Analysis.Init.CPU.mSec Value: 702 Key : Analysis.Init.Elapsed.mSec Value: 17345 Key : Analysis.Memory.CommitPeak.Mb Value: 94 Key : Bugcheck.Code.LegacyAPI Value: 0xef Key : Bugcheck.Code.TargetModel Value: 0xef Key : CriticalProcessDied.ExceptionCode Value: 7f70a080 Key : CriticalProcessDied.Process Value: csrss.exe Key : Dump.Attributes.AsUlong Value: c Key : Dump.Attributes.InsufficientDumpfileSize Value: 1 Key : Dump.Attributes.KernelGeneratedTriageDump Value: 1 Key : Dump.Attributes.RequiredDumpfileSize Value: 0x55224c5d Key : Failure.Bucket Value: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak Key : Failure.Hash Value: {4831b411-c06f-c427-208f-9aef56c024db} BUGCHECK_CODE: ef BUGCHECK_P1: ffffce8c7af71240 BUGCHECK_P2: 0 BUGCHECK_P3: 0 BUGCHECK_P4: 0 FILE_IN_CAB: 071724-25187-01.dmp DUMP_FILE_ATTRIBUTES: 0xc Insufficient Dumpfile Size Kernel Generated Triage Dump PROCESS_NAME: csrss.exe CRITICAL_PROCESS: csrss.exe EXCEPTION_RECORD: ffffce8c7af71980 -- (.exr 0xffffce8c7af71980) ExceptionAddress: 0000000000000000 ExceptionCode: 00000000 ExceptionFlags: 00000000 NumberParameters: 0 ERROR_CODE: (NTSTATUS) 0x7f70a080 - <Unable to get error code text> BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXPNP: 1 (!blackboxpnp) BLACKBOXWINLOGON: 1 CUSTOMER_CRASH_COUNT: 1 EXCEPTION_STR: 0x0 STACK_TEXT: ffffde81`115bec08 fffff802`1290d7a2 : 00000000`000000ef ffffce8c`7af71240 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx ffffde81`115bec10 fffff802`1281eb61 : 00000000`00000001 fffff802`1233d93d 00000000`00000002 fffff802`1230cb9b : nt!PspCatchCriticalBreak+0x10e ffffde81`115becb0 fffff802`126c8370 : ffffce8c`00000000 00000000`00000000 ffffce8c`7af71240 ffffce8c`7af71678 : nt!PspTerminateAllThreads+0x155bf5 ffffde81`115bed20 fffff802`126c816c : ffffce8c`7af71240 00000000`00000001 ffffffff`ffffffff 00000000`00000000 : nt!PspTerminateProcess+0xe0 ffffde81`115bed60 fffff802`12411b05 : ffffce8c`7af71240 ffffce8c`7f70a080 ffffde81`115bee50 fffff802`12733ed2 : nt!NtTerminateProcess+0x9c ffffde81`115bedd0 fffff802`124028e0 : fffff802`1244e15d ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff : nt!KiSystemServiceCopyEnd+0x25 ffffde81`115bef68 fffff802`1244e15d : ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff 00007ff8`9d3d3000 : nt!KiServiceLinkage ffffde81`115bef70 fffff802`124124ec : ffffce8c`7af71980 fffff802`1221e5d6 00000000`00000c00 ffffde81`115bfa00 : nt!KiDispatchException+0x1a592d ffffde81`115bf820 fffff802`1240dd52 : 00000000`00000001 00000000`00000001 00000000`00032c62 ffffce8c`7f70a080 : nt!KiExceptionDispatch+0x12c ffffde81`115bfa00 00007ff8`9fd62c62 : 00000000`00000000 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 : nt!KiPageFault+0x452 000000b0`aac81720 00000000`00000000 : 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 00007ff8`9d3d3000 : 0x00007ff8`9fd62c62 SYMBOL_NAME: nt!PspCatchCriticalBreak+10e MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe IMAGE_VERSION: 10.0.19041.4412 STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 10e FAILURE_BUCKET_ID: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {4831b411-c06f-c427-208f-9aef56c024db} Followup: MachineOwner --------- 1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CRITICAL_PROCESS_DIED (ef) A critical system process died Arguments: Arg1: ffffce8c7af71240, Process object or thread object Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died. Arg3: 0000000000000000, The process object that initiated the termination. Arg4: 0000000000000000 Debugging Details: ------------------ KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 4109 Key : Analysis.Elapsed.mSec Value: 4107 Key : Analysis.IO.Other.Mb Value: 1 Key : Analysis.IO.Read.Mb Value: 1 Key : Analysis.IO.Write.Mb Value: 7 Key : Analysis.Init.CPU.mSec Value: 5046 Key : Analysis.Init.Elapsed.mSec Value: 30767 Key : Analysis.Memory.CommitPeak.Mb Value: 95 Key : Bugcheck.Code.LegacyAPI Value: 0xef Key : Bugcheck.Code.TargetModel Value: 0xef Key : CriticalProcessDied.ExceptionCode Value: 7f70a080 Key : CriticalProcessDied.Process Value: csrss.exe Key : Dump.Attributes.AsUlong Value: c Key : Dump.Attributes.InsufficientDumpfileSize Value: 1 Key : Dump.Attributes.KernelGeneratedTriageDump Value: 1 Key : Dump.Attributes.RequiredDumpfileSize Value: 0x55224c5d Key : Failure.Bucket Value: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak Key : Failure.Hash Value: {4831b411-c06f-c427-208f-9aef56c024db} BUGCHECK_CODE: ef BUGCHECK_P1: ffffce8c7af71240 BUGCHECK_P2: 0 BUGCHECK_P3: 0 BUGCHECK_P4: 0 FILE_IN_CAB: 071724-25187-01.dmp DUMP_FILE_ATTRIBUTES: 0xc Insufficient Dumpfile Size Kernel Generated Triage Dump PROCESS_NAME: csrss.exe CRITICAL_PROCESS: csrss.exe EXCEPTION_RECORD: ffffce8c7af71980 -- (.exr 0xffffce8c7af71980) ExceptionAddress: 0000000000000000 ExceptionCode: 00000000 ExceptionFlags: 00000000 NumberParameters: 0 ERROR_CODE: (NTSTATUS) 0x7f70a080 - <Unable to get error code text> BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXPNP: 1 (!blackboxpnp) BLACKBOXWINLOGON: 1 CUSTOMER_CRASH_COUNT: 1 EXCEPTION_STR: 0x0 STACK_TEXT: ffffde81`115bec08 fffff802`1290d7a2 : 00000000`000000ef ffffce8c`7af71240 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx ffffde81`115bec10 fffff802`1281eb61 : 00000000`00000001 fffff802`1233d93d 00000000`00000002 fffff802`1230cb9b : nt!PspCatchCriticalBreak+0x10e ffffde81`115becb0 fffff802`126c8370 : ffffce8c`00000000 00000000`00000000 ffffce8c`7af71240 ffffce8c`7af71678 : nt!PspTerminateAllThreads+0x155bf5 ffffde81`115bed20 fffff802`126c816c : ffffce8c`7af71240 00000000`00000001 ffffffff`ffffffff 00000000`00000000 : nt!PspTerminateProcess+0xe0 ffffde81`115bed60 fffff802`12411b05 : ffffce8c`7af71240 ffffce8c`7f70a080 ffffde81`115bee50 fffff802`12733ed2 : nt!NtTerminateProcess+0x9c ffffde81`115bedd0 fffff802`124028e0 : fffff802`1244e15d ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff : nt!KiSystemServiceCopyEnd+0x25 ffffde81`115bef68 fffff802`1244e15d : ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff 00007ff8`9d3d3000 : nt!KiServiceLinkage ffffde81`115bef70 fffff802`124124ec : ffffce8c`7af71980 fffff802`1221e5d6 00000000`00000c00 ffffde81`115bfa00 : nt!KiDispatchException+0x1a592d ffffde81`115bf820 fffff802`1240dd52 : 00000000`00000001 00000000`00000001 00000000`00032c62 ffffce8c`7f70a080 : nt!KiExceptionDispatch+0x12c ffffde81`115bfa00 00007ff8`9fd62c62 : 00000000`00000000 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 : nt!KiPageFault+0x452 000000b0`aac81720 00000000`00000000 : 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 00007ff8`9d3d3000 : 0x00007ff8`9fd62c62 SYMBOL_NAME: nt!PspCatchCriticalBreak+10e MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe IMAGE_VERSION: 10.0.19041.4412 STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 10e FAILURE_BUCKET_ID: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {4831b411-c06f-c427-208f-9aef56c024db} Followup: MachineOwner --------- 1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* CRITICAL_PROCESS_DIED (ef) A critical system process died Arguments: Arg1: ffffce8c7af71240, Process object or thread object Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died. Arg3: 0000000000000000, The process object that initiated the termination. Arg4: 0000000000000000 Debugging Details: ------------------ KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 4109 Key : Analysis.Elapsed.mSec Value: 4112 Key : Analysis.IO.Other.Mb Value: 1 Key : Analysis.IO.Read.Mb Value: 1 Key : Analysis.IO.Write.Mb Value: 7 Key : Analysis.Init.CPU.mSec Value: 9233 Key : Analysis.Init.Elapsed.mSec Value: 34952 Key : Analysis.Memory.CommitPeak.Mb Value: 95 Key : Bugcheck.Code.LegacyAPI Value: 0xef Key : Bugcheck.Code.TargetModel Value: 0xef Key : CriticalProcessDied.ExceptionCode Value: 7f70a080 Key : CriticalProcessDied.Process Value: csrss.exe Key : Dump.Attributes.AsUlong Value: c Key : Dump.Attributes.InsufficientDumpfileSize Value: 1 Key : Dump.Attributes.KernelGeneratedTriageDump Value: 1 Key : Dump.Attributes.RequiredDumpfileSize Value: 0x55224c5d Key : Failure.Bucket Value: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak Key : Failure.Hash Value: {4831b411-c06f-c427-208f-9aef56c024db} BUGCHECK_CODE: ef BUGCHECK_P1: ffffce8c7af71240 BUGCHECK_P2: 0 BUGCHECK_P3: 0 BUGCHECK_P4: 0 FILE_IN_CAB: 071724-25187-01.dmp DUMP_FILE_ATTRIBUTES: 0xc Insufficient Dumpfile Size Kernel Generated Triage Dump PROCESS_NAME: csrss.exe CRITICAL_PROCESS: csrss.exe EXCEPTION_RECORD: ffffce8c7af71980 -- (.exr 0xffffce8c7af71980) ExceptionAddress: 0000000000000000 ExceptionCode: 00000000 ExceptionFlags: 00000000 NumberParameters: 0 ERROR_CODE: (NTSTATUS) 0x7f70a080 - <Unable to get error code text> BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXPNP: 1 (!blackboxpnp) BLACKBOXWINLOGON: 1 CUSTOMER_CRASH_COUNT: 1 EXCEPTION_STR: 0x0 STACK_TEXT: ffffde81`115bec08 fffff802`1290d7a2 : 00000000`000000ef ffffce8c`7af71240 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx ffffde81`115bec10 fffff802`1281eb61 : 00000000`00000001 fffff802`1233d93d 00000000`00000002 fffff802`1230cb9b : nt!PspCatchCriticalBreak+0x10e ffffde81`115becb0 fffff802`126c8370 : ffffce8c`00000000 00000000`00000000 ffffce8c`7af71240 ffffce8c`7af71678 : nt!PspTerminateAllThreads+0x155bf5 ffffde81`115bed20 fffff802`126c816c : ffffce8c`7af71240 00000000`00000001 ffffffff`ffffffff 00000000`00000000 : nt!PspTerminateProcess+0xe0 ffffde81`115bed60 fffff802`12411b05 : ffffce8c`7af71240 ffffce8c`7f70a080 ffffde81`115bee50 fffff802`12733ed2 : nt!NtTerminateProcess+0x9c ffffde81`115bedd0 fffff802`124028e0 : fffff802`1244e15d ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff : nt!KiSystemServiceCopyEnd+0x25 ffffde81`115bef68 fffff802`1244e15d : ffffde81`115bf958 ffffde81`115bf958 ffffffff`ffffffff 00007ff8`9d3d3000 : nt!KiServiceLinkage ffffde81`115bef70 fffff802`124124ec : ffffce8c`7af71980 fffff802`1221e5d6 00000000`00000c00 ffffde81`115bfa00 : nt!KiDispatchException+0x1a592d ffffde81`115bf820 fffff802`1240dd52 : 00000000`00000001 00000000`00000001 00000000`00032c62 ffffce8c`7f70a080 : nt!KiExceptionDispatch+0x12c ffffde81`115bfa00 00007ff8`9fd62c62 : 00000000`00000000 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 : nt!KiPageFault+0x452 000000b0`aac81720 00000000`00000000 : 000000b0`00000000 000000b0`aac81740 000000b0`aac81748 00007ff8`9d3d3000 : 0x00007ff8`9fd62c62 SYMBOL_NAME: nt!PspCatchCriticalBreak+10e MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe IMAGE_VERSION: 10.0.19041.4412 STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 10e FAILURE_BUCKET_ID: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_7f70a080_nt!PspCatchCriticalBreak OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {4831b411-c06f-c427-208f-9aef56c024db} Followup: MachineOwner ---------
请大神帮忙看看windbg分析dump文件 解决windows蓝屏
最新推荐文章于 2024-07-25 19:28:17 发布