When you try to open the dump file created by Windows Debugging Tools, you will find inside those file are all written in weird language, you may want to know how exactly those experts interpreted the dump file. Can they read those dump file in such a format? Or they do understand weird computer language? Actually, Windows Debugging Tool provide the facilities that allow user to analyze the dump file, the command that available are “Windbg” (graphical user interface) & “kd” (command line interface). Basically these two commands provide the same abilities and both commands basically shared most of the command switches.
I did mentioned in the previous post on how to generate a dump file for a program, today I would like to share with you all how to analyze the dump file by using Windows Debugging Tool, by the way, you also can make use the same method to analyze system dump file. So let’s take example from my previous post, which I showed how to generate the dump file to C:\CrashReport directory. After that, please follow below instructions:
- 1. Ensure the dump file is created, the dump file is with ‘.dmp” extension and type of file is categorized as “DMP File”
- 2. Open command prompt, change directory to “C:\Program Files\Debugging Tools for Windows (x86)”. (This only apply to normal 32-bit system, if you are using 64-bit debugging tool, the directory path is different)
- 3. Type “windbg”
- 4. Browse to File > Symbol File Path… Insert below line:
SRV*C:\Windows\Symbols*http://msdl.microsoft.com/download/symbols
The above command will directly connect to Microsoft and get their symbol files, you also can download the symbol file manually from this link.
- 5. Browse to File > Image File Path… Insert the executable source file path. Normally do not forget to insert Windows system directory, because when most of the program launch, it maybe trigger the execution of Windows system files or DLLs files. In order to perform this diagnostic, you will need to be clear on your program behavior.
C:\Test; C:\Windows; C:\Windows\system32
Based on above example, C:\Test is where my program located.
- 6. Browse to File > Open Crash Dump… Locate the dump file at C:\CrashReport and you are ready to go.In order to analyze further, you can click on the “Command Browser” button or browse to View > Command Browser.
- 7. From there, you are able to make used of command such as
!analyze –v
lm nt
There are other commands such as !memusage, !vm, etc. Please to be remind that, troubleshooting application failure is always time consuming, you will need to know how that application behave, and what kind of components it will trigger for each task. But with above hints and tips, I would say it is good to troubleshoot a system failure. As we all know, it is always easier to troubleshoot products with the tools owned by the same manufacturer.
Related posts:
I’m sorry, but these informations are not helpful. How to know the cause of a specific bsod?
Thank you for writing article on my suggestion. This is useful basic info. Is it possible that you write in detail, how to analyze some blue screen in Windows? Maybe one example.
yes, the link is working now. thanks!
Thanks Juan for the useful share ;).
soon – It should be fine now.
Nhoel – You are very kind. Thanks.
David – So far, I never really try in-depth troubleshooting using command, GUI is sufficient for me.
Jack Mccurdy – Thanks for your comment, no hard feeling. I will take it and learn it. Anyway, it is my mistake. :)
WimP – Thanks for sharing.
Thanks june for share
try blue screen viewer
nirsoft.net/utils/blue_screen_view.html
Juan, I like the posts that you are doing here, I can tell you are very knowledgeable on Windows. Just the kind of content I like to see on Ramond CC. Your English is very good, I have no trouble understanding it. On some of the words, you are using the wrong form of the word. But it they are just minor mistakes. I am American and I can help you edit some of your posts, if you want. English is a very difficult language. For instance ” I did mentioned in the previous post” should be “I did mention in the previous post” Or you could have put ” I mentioned in the previous post” By removing “did” from the sentence “mentioned” is correct. I know this is very confusing. I’m not criticizing, Just trying to help. Your English is still very good.
If I recalled correctly there was one article written by reymond on this subject earlier and he described about one tool which can hach can handsomely ananlyse the debugging instructions.
which one is better??
the command or gui??
can u give a kis 2011 key .It’s urgent
nice one Juan, you really deserves to be here.
nice pick Raymond !
thx juan
didnt knew about this stuff
“link” is not working- no url on that word.thank you.