[How-to] Analysing Windows Crash Dumps

Microsoft Windows related discussion

[How-to] Analysing Windows Crash Dumps

Postby Sam » Fri Aug 06, 2010 7:37 pm

I have to do this so infrequently that I find the need to Google the steps to do so every few months. This isn’t a comprehensive guide to using the Debugging Tools, but it should be a good start to quickly debugging crash dump (BSOD) files.

1) Download & install the current release of Windows Debugging Tools, either 32 or 64 bit version depending on your platform, from: http://www.microsoft.com/whdc/devtools/debugging/default.mspx

2) Launch WinDbg.exe (GUI version, there is also a command line version). Point WinDbg to the location of the symbols files. These can be downloaded, but easier, if you have Internet access, is using the Microsoft symbols server. This also ensures you’re using up to date symbols. Click File -> Symbol File Path, then type in “srv*c:\symbols*http://msdl.microsoft.com/download/symbols” (without quotes) and click OK.

3) Attach WinDbg to a crash dump file, these are typically found in C:\WINDOWS\Minidump. Go to File -> Open Crash Dump. Give the program several seconds to download the required symbols, and several more seconds to analyze the crash dump, then you should see a Bugcheck Analysis section with a brief description of the Bugcheck and a line reading “Probably caused by:”. This usually isn’t enough information for adequate troubleshooting, so either type the command “!analyze -v” into the debugger, or just simply click that link in the output. This will do a verbose analysis of the crash dump file, and the provided information will go a long way in helping to diagnose the issue, usually showing the exact cause.
Technical Support Engineer
Sheridan Computers Limited
Posts: 36
Joined: Fri Aug 06, 2010 6:57 pm
Location: Manchester, UK

Return to Windows

Who is online

Users browsing this forum: No registered users and 1 guest