Click here to Skip to main content
Click here to Skip to main content

Windows Symbols and Dump Analysis (Quick Steps)

, 6 Jun 2013
Rate this:
Please Sign up or sign in to vote.
Windows symbols and crash dump analysis.

Introduction

Most of us get situations where our application crashes on a non-development machine. At that time we either look for remote debugging or a dump analysis technique. Some developers are very friendly with these techniques while other do Google, read some blogs, and perform steps. The second approach usually takes time. Below I am trying to list down some quick steps for dump analysis. For remote debugging I have already briefed them around 3+ years back at Remote Debugging: Quick Steps[^] and I still refer to them whenever required.

Installing Debugging Tools for Windows

Download and install Debugging Tools for Windows dbg_x86_6.11.1.404.msi or a later build number depending on the platform (approx 17 MB) from Download and Install Debugging Tools for Windows[^].

Installing Symbols (PDB files)

Install OS symbols by using the following command:

symchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols 

In this command “c:\symbols” is your symbol directory. This could be anything whatever is your symbol location. This command may take an hour’s time to finish and it would download more than 700 MB. Better you run it overnight.

Set the system variable _NT_SYMBOL_PATH to symsrv*symsrv.dll*c:\Symbols*http://msdl.microsoft.com/download/symbols.

Generating a DUMP file

Using ADPlus

To attach debugger with your executable which is causing the crash, use the following command at the command prompt from the location where you installed Debugging Tools (typically C:\Program Files\Debugging Tools for Windows (x86), ADPlus is a VBScript file).

ADPlus -crash -pn iexplore.exe -o C:\dump 

Where iexplore.exe is the process name for which you want to observe the crash, and C:\dump is the location where CDB.exe will create log and dump files.

Using Task Manager

Use Task Manager, right click on the process, and choose Create Dump File (useful for a hang process). You can configure the dump type from the Control Panel using System > Advanced tab, and then click Settings under Startup and Recovery. Choose the “Write debugging information” dropdown to change the dump type and location. Note: this option is available only in Windows Vista onwards.

Analyzing Dump file

Using Visual Studio

Once we have the dump files, open it in Visual Studio using Open Solution option and start debugging to see the stack trace and local variables etc.

Using dumpchk command

Use dumpchk command at the command prompt:

dumpchk -y C:\symbols mydumpfile.dmp > dump.txt 

Using WinDBG

Start WinDBG using:

windbg -y c:\Symbols -z mini.dmp 

Add Local symbols path using:

.sympath+ C:\LocalSymbols 

This should not be same as your symbol server cache directory. Use the following command to analyze the dump further.

!analyze -v

References

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Manish K. Agarwal
Software Developer (Senior) Oracle
India India
Working with Oracle. Using C/C++, VC++, MFC, STL, C#, Java etc. on various platform like Windows, Unix, Macintosh etc. from last 13+ years to convert various type of requirements into running software components. My core expertise is multithreaded desktop product and large scale enterprises software development.
Follow on   LinkedIn

Comments and Discussions

 
-- There are no messages in this forum --
| Advertise | Privacy | Mobile
Web04 | 2.8.140721.1 | Last Updated 6 Jun 2013
Article Copyright 2012 by Manish K. Agarwal
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid