Introduction
Most of us get situations where our application crashes on a non-development machine. At that time we either look for remote debugging or a dump analysis technique. Some developers are very friendly with these techniques while other do Google, read some blogs, and perform steps. The second approach usually takes time. Below I am trying to list down some quick steps for dump analysis. For remote debugging I have already briefed them around 3+ years back at Remote Debugging: Quick Steps[^] and I still refer to them whenever required.
Installing Debugging Tools for Windows
Download and install Debugging Tools for Windows dbg_x86_6.11.1.404.msi or a later build number depending on the platform (approx 17 MB) from Download and Install Debugging Tools for Windows[^].
Installing Symbols (PDB files)
Install OS symbols by using the following command:
symchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
In this command “c:\symbols” is your symbol directory. This could be anything whatever is your symbol location. This command may take an hour’s time to finish and it would download more than 700 MB. Better you run it overnight.
Set the system variable _NT_SYMBOL_PATH to symsrv*symsrv.dll*c:\Symbols*http://msdl.microsoft.com/download/symbols.
Generating a DUMP file
Using ADPlus
To attach debugger with your executable which is causing the crash, use the following command at the command prompt from the location where you installed Debugging Tools (typically C:\Program Files\Debugging Tools for Windows (x86), ADPlus is a VBScript file).
ADPlus -crash -pn iexplore.exe -o C:\dump
Where iexplore.exe is the process name for which you want to observe the crash, and C:\dump is the location where CDB.exe will create log and dump files.
Using Task Manager
Use Task Manager, right click on the process, and choose Create Dump File (useful for a hang process). You can configure the dump type from the Control Panel using System > Advanced tab, and then click Settings under Startup and Recovery. Choose the “Write debugging information” dropdown to change the dump type and location. Note: this option is available only in Windows Vista onwards.
Analyzing Dump file
Using Visual Studio
Once we have the dump files, open it in Visual Studio using Open Solution option and start debugging to see the stack trace and local variables etc.
Using dumpchk command
Use dumpchk command at the command prompt:
dumpchk -y C:\symbols mydumpfile.dmp > dump.txt
Using WinDBG
Start WinDBG using:
windbg -y c:\Symbols -z mini.dmp
Add Local symbols path using:
.sympath+ C:\LocalSymbols
This should not be same as your symbol server cache directory. Use the following command to analyze the dump further.
!analyze -v
References
