Installing and Configuring WinDbg (Windows Debug Tools)‏

SHARE & COMMENTShare on Facebook1Tweet about this on Twitter2Share on Google+0Share on LinkedIn0

These steps outline how to install and configure WinDbg correctly to analyse Windows Dump files and IIS Debug Diagnostics files amongst others.

Setup Guide:

1. Install WinDbg

- Navigate to Debugging tools for Windows on the Microsoft site and download the Windows Driver Kit (WDK) file from here. (Please bear in mind that as at the time of this post, Microsoft in their infinite wisdom :) have merged the standalone version of the tool as part of the Windows Drivers Kit). Click here for direct link to download.

- Run the downloaded MSI application package -> click Next (Bear in mind that if you were debugging a 64-bit version of Windows you will require the 64-bit version of the debugging tools and install on a 64-bit version of Windows)

- On End-User License Agreement page -> Select I Agree -> click Next

- On the Select an Installation Type -> For the purpose of this post, I’ll select the Complete package -> click Next

- On Ready to Install page -> click Install

- Click Finish when installation is completed

2. Configure the Symbols

- Load up the debugging tool by clicking on Start -> All Programs -> Debugging Tools for Windows -> Windbg

- Click File -> Symbol File Path… -> enter the following text into the window “SRV*c:\WINDOWS\symbols*http://msdl.microsoft.com/download/symbols” without the quote (“”)
(Note: The path at the front can be changed i.e. c:\windows\symbols, this is just the store for the file that need to be downloaded) -> click OK

3. Analyzing Dump Files

I am not going to analyze any dump files in this post but my aim here is to ease your search and provide you with links to very useful sites that have already documented steps needed when debugging a dump file. All dump files varies depending on the type of crash, this includes Memory Dump, IIS Application Pool Crash Dump,

- Basics of Analyzing a Crash dump

- Checking a dump file for WCF throttles

- Process Memory Dump

- Analyze “Deadlocked Schedulers” Dump

- Troubleshoot OutOfMemoryExceptions

Getting started with windbg – part I
Getting started with windbg – part II

- Debugging tutorials in codeproject

Debug Tutorial Part 1: Beginning Debugging Using CDB and NTSD
Debug Tutorial Part 2: The Stack
Debug Tutorial Part 3: The Heap
Debug Tutorial Part 4: Writing WINDBG Extensions
Debug Tutorial Part 5: Handle Leaks
Debug Tutorial Part 6: Navigating The Kernel Debugger
Debug Tutorial Part 7: Locks and Synchronization Objects

4. Useful WinDbg commands

- windbg.info

- Crash Dump Analysis Checklist

SHARE & COMMENTShare on Facebook1Tweet about this on Twitter2Share on Google+0Share on LinkedIn0
6 comments
tmack
tmack

Hi, I selected the option to include redistributable files but they are nowhere to be found on my drive. I have Win 7 x64 so the x64 bits were installed; will these tools debug x86 apps? Thanks

Waqar Ahmed
Waqar Ahmed

Thank you very much for this. Very useful

Sysadmin
Sysadmin

@ tmack: If you are analyzing a dump file, you can use either the 32-bit debugging tools or the 64-bit debugging tools. (It is not important whether the dump file is a user-mode dump file or a kernel-mode dump file, and it is not important whether the dump file was made on an x86-based or an x64-based platform.) If you are debugging live user-mode code that is running on the same computer as the debugger, use the 64-bit tools for debugging 64-bit code and 32-bit code running on WOW64. To set the debugger for 32-bit or 64-bit mode, use the .effmach command. This article is also very useful and might answer your question http://blogs.msdn.com/b/msdnforum/archive/2010/03/14/how-do-i-switch-to-32bit-mode-when-i-use-windbg-to-debug-a-dump-of-a-32bit-application-running-on-an-x64-machine.aspx