When I analyzed a crush dump file, I often got such errors:
0:025> kP
Child-SP RetAddr Call Site
0000000005a4fc78 0000000077548638 ntdll!DbgBreakPoint(void) [d:\w7rtm\minkernel\ntos\rtl\amd64\debugstb.asm @ 51]
0000000005a4fc80 00000000774b39cb ntdll!DbgUiRemoteBreakin(
void * Context = 0x0000000000000000)+0x38 [d:\w7rtm\minkernel\ntdll\dlluistb.c @ 310]
0000000005a4fcb0 0000000000000000 ntdll!RtlUserThreadStart(
<function> * StartAddress = 0x0000000000000000,
void * Argument = 0x00000000`00000000)+0x25 [d:\w7rtm\minkernel\ntos\rtl\rtlexec.c @ 3179]
It seems that the process crushed when creating a thread. So, I want to find who or which thread created the current thread. How can I get it?