Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: WinDBG - Install and Configure for BSOD Analysis


WinDBG - Install and Configure for BSOD Analysis

How to Install and Configure WinDBG for BSOD Analysis
Published by Golden
12 Dec 2014
Published by

How to Install and Configure WinDBG for BSOD Analysis

information   Information

WinDBG (Windows DeBuGger) is a Microsoft software tool that is needed to load and analyse the .dmp files that are created when a system BSOD's. The latest version of WinDBG allows debugging of Windows 10.x, Windows 8.x, Windows 7 and Windows Vista.

This tutorial will show you how to download, install, configure and test WinDBG in preparation for analysing BSOD's.



Note   Note

WinDBG requires .NET Framework 4.5.2 in order to run. If it's not installed, download it from this location, and install it before downloading and installing WinDBG.




WinDBG - Install and Configure for BSOD Analysis Step 1 WinDBG - Install and Configure for BSOD Analysis
Downloading and Installing WinDBG

1. Download the WinDBG sdksetup.exe setup file.

2. Run sdksetup.exe, and specify the installation location (this example uses the default location):
WinDBG - Install and Configure for BSOD Analysis-1.png
3. Once you have accepted the licence agreement, you will be prompted to select the features to install. Select only the Debugging Tools for Windows option, as shown. Proceed with installation.
WinDBG - Install and Configure for BSOD Analysis-2.png
4. The debugging tools will be downloaded and installed.
WinDBG - Install and Configure for BSOD Analysis-3.png





WinDBG - Install and Configure for BSOD Analysis Step 2 WinDBG - Install and Configure for BSOD Analysis
Associate .dmp files with WinDBG

If configured correctly, Windows will write information to a .dmp file when the host system BSOD's. In order to read the information within the .dmp file, it needs to be associated with WinDBG.

Open an elevated cmd window. Copy the highlighted text below, and paste it into the cmd window and hit enter to change directory to the installation location path.

cd\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\

Now copy this highlighted text, paste it into the cmd window, and hit enter to make the association.

windbg.exe -IA

This is how it looks when executed in the cmd window.
WinDBG - Install and Configure for BSOD Analysis-4.png
If done correctly, a new blank instance of WinDBG will open with a confirmation box. WinDBG can now be closed.





WinDBG - Install and Configure for BSOD Analysis Step 3 WinDBG - Install and Configure for BSOD Analysis
Configuring the WinDBG Symbol Path

The symbol path is the location in which WinDBG searches for symbols each time it reads a binary in the BSOD .dmp file. It is critical to get this step correct.

You can specify any location to create a cache/store of downloaded symbols, but I recommend using the default location (as used in this tutorial).

To create and set a symbol path, do the following.

1. Start a blank instance of WinDBG by going to:
Start > All Programs > Windows Kits > Debugging Tools for x64 > WinDBG (x64)
2. In the WinDBG panel, go to:
File > Symbol File Path
3. Copy the highlighted text below and paste it into the Symbol Search Path box, and click OK - there is no confirmation.

WinDBG - Install and Configure for BSOD Analysis-5.png
What that line means is :
  • Create a folder called C:\SymCache
  • Download new symbols from the msdl site and save them to C:\SymCache
4. Save the symbol path by going to:
File > Save WorkSpace
5. Close WinDBG.





WinDBG - Install and Configure for BSOD Analysis Step 4 WinDBG - Install and Configure for BSOD Analysis
Testing the WinDBG Installation

1. Download this small zip file.
test.zip
2. Open it, and double click the .dmp file.


3 WinDBG should open automatically and you should see some text appearing in the workspace. Since this is the first .dmp file being read on your system, WinDBG appears to be - slow do not interrupt it. What is happening is:
  • A folder called Symcache is being created on C:
  • Symbols are being downloaded and saved to C:\Symcache
The next time a .dmp is opened, it will be quicker since it already has some symbols. Over time the C:\Symcache folder will grow in size as more symbols are added. My current Symcache folder is 1.07GB in size.

Tip   Tip
If you think your \Symbols folder is starting to take up too much disk space, simply delete the contents of the folder in Windows Explorer - WinDBG will automatically download the required symbols when you open a .dmp again.


You will know the reading of the .dmp file is complete when our output looks like this. Note the breakpoint that I have highlighted in bold text red - that means the .dmp file has been completely read.

Code:
Microsoft (R) Windows Debugger Version 6.3.9600.17029 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [F:\TEMP\7zO89606264\050114-17253-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
 
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.18247.amd64fre.win7sp1_gdr.130828-1532
Machine Name:
Kernel base = 0xfffff800`02a53000 PsLoadedModuleList = 0xfffff800`02c966d0
Debug session time: Fri May 2 11:37:27.580 2014 (UTC + 9:30)
System Uptime: 0 days 0:04:04.718
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
..............................................................
................................................................
................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 24, {1904fb, fffff88008f94c48, fffff88008f944a0, fffff80002ddde2e}
 
Probably caused by : ntkrnlmp.exe ( nt!FsRtlNotifyFilterReportChange+122 )
 
Followup: MachineOwner
---------
To close WinDBG go to File > Exit


You are done. WinDBG has been installed, .dmp file associations created, and symbol path correctly setup.

Tip   Tip

If you open the .dmp files from within the .zip file, you never need to save individually .dmp files to your HDD/SSD - all you need to do is delete the original .zip file once you are finished with that BSOD. This will save you a lot of space in the long run.
17 Dec 2014   #1
Tookeri

Windows 7 Pro 32
 
 

Good job! Interesting tool, but I hope I never have to use it


My System SpecsSystem Spec
12 Jan 2015   #2
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Ok Colin nice tutorial and so far so good until I get to the that zip file bit in step 4 I get what is in the pic so where now?


Attached Images
WinDBG - Install and Configure for BSOD Analysis-colin.png 
My System SpecsSystem Spec
12 Jan 2015   #3
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Try using 7Zip...I think I created the zip file using that format.
My System SpecsSystem Spec
.

12 Jan 2015   #4
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Hmm the only option I am getting is Open and with that result.
I did get one chance at Extract but it went south too.


Attached Thumbnails
WinDBG - Install and Configure for BSOD Analysis-colin-2.png  
My System SpecsSystem Spec
12 Jan 2015   #5
z3r010

 

It was in the stupid 7zip format, I've re-uploaded it as a normal zip.
My System SpecsSystem Spec
12 Jan 2015   #6
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Thanks John I shall try again
My System SpecsSystem Spec
12 Jan 2015   #7
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Ok something worked - after a bit of a scrambling around and I end up with what you see in these pics am I ok now?


Attached Thumbnails
WinDBG - Install and Configure for BSOD Analysis-colin-4.png   WinDBG - Install and Configure for BSOD Analysis-colin-3.png  
My System SpecsSystem Spec
12 Jan 2015   #8
z3r010

 

Yep, that looks good.
My System SpecsSystem Spec
12 Jan 2015   #9
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Right time to roll
My System SpecsSystem Spec
Comment

 WinDBG - Install and Configure for BSOD Analysis




Tutorial Tools Search this Tutorial
Search this Tutorial:

Advanced Search




Similar help and support threads
Windows 7 Tutorial Category
DSOD browsing firefox, Bugcheck 0x0000000a (WinDbg analysis available)
Hi I just got out from a faulty GPU nightmare one week ago. Now I recently got this BSOD while browsing on firefox and I would like to know I i should worry or if there's anyway to keep it from happening again.
BSOD Help and Support
BSOD, Windows 7 New Install - WinDbg says ntoskrnl.exe
Hi, I have had a BSOD twice now over the last 2 days. Both times analysis of minidump file says that probable cause is ntoskrnl.exe. I have run your diagnostic tool and have attached the output. Any help here would be much appreciated. I am sure the attached files give you the...
BSOD Help and Support
2nd Win 7 install not working - Win says cant configure hardware?
I installed win 7 Ultimate successfully from a thumb drive and then did a re-install. The second time I am receiving the prompt "Windows setup could not configure windows to run on this computers hardware" Any ideas? I did not have any issues on the first install, it was totally successful.
Hardware & Devices
How to install windbg for win7
Hello Everyone, I tried to install windbg from the link below: Debugging Tools for Windows 32-bit Version but when open the crash file it gives me the following message: Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for...
BSOD Help and Support
WinDBG vs BSOD exe
I'm slightly familiar with the BSOD_Windows7_....exe provided on this forum, but I also see reference to the Microsoft-provided WinDBG and would like to understand their purposes. The BSOD thing seems to be mostly a data collection tool, but doesn't have much built in debugging. Is that correct,...
BSOD Help and Support
windbg help for BSOD
Good evening, I have recently been having BSOD issues while playing a game of mine that has been frustrating. Because of this I am trying to learn more about the dmp files and how to read them. From what I see in windbg it keeps saying that the probable cause is ntkrnlmp.exe ( nt! ??...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:28.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App