Thursday, February 25, 2010

How to Setup WinDBG

In order to successfully and effectively analyze a dump file it is very important to ensure your environment is configured correctly.

The first step is to ensure symbol paths are setup.  This is extremely important to have a successful analysis session.  Assuming you want your symbols to be stored on your local hard drive in a directory called “c:\symbols” you would create a folder structure that looks like “c:\symbols\web” and “c:\symbols\private”.  Set the _NT_SYMBOL_PATH and _NT_ALT_SYMBOL_PATH environment variables to “c:\symbols\private;srv*c:\symbols\web*http://msdl.microsoft.com/download/symbols”.  This symbol path will tell the debugger to look in the private folder first (where you can place your own private symbols as desired) then the web folder.  In the event that the debugger cannot find the symbol already in the web folder it will go the http://msdl.microsoft.com/download/symbols site and download them to the web folder, if they are available.

Note: If either environment variable already exists, do not overwrite their values without understanding the impact as it could negatively impact other applications that use them.  The symbol path is delimited by ‘;’ and you can often append the string above to the end of the existing string.

Next install the version of “Debugging Tools for Windows” that reflects the architecture of the dump you are analyzing.  If your machine is 32 bit you cannot install the 64 bit tools, but on a 64 bit machine both the 32 bit and 64 bit installations can coexist.  If the dump was taken from a 64 bit machine under WOW it will be considered a 32 bit dump.  After the package has been installed on one machine it can be copied to others as required.  

Read more: Practical Development

Posted via email from jasper22's posterous