What's new

Add Windbg (kd>) Commands to Program Default for Dump Files

jcgriff2

Site Administrator, Forum General Manager, BSOD Kernel Dump Expert
Staff member
Joined
Feb 19, 2012
Messages
17,479
Location
New Jersey Shore
Most of us have Windbg set up as the default program for dump files - Register Windbg for dump files (File Associations)

Did you know that you can also add kd commands to run by default as well?

Simply setting up Windbg as the default program leaves Windbg at this point after double-clicking on a dump file -- waiting for you to enter additional commands at the kd> line such as !analyze -v -
Code:
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffff80011b0e74d, 8, fffff80011b0e74d, 2}

Could not read faulting driver name
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+43346 )

Followup: MachineOwner
---------
I changed my default set up to include these commands -
Code:
!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck
So, when I double-click on a dump file, all of the basic commands that I like to run do so without me having to enter them at the kd> command line.

Try it out!

Back up your registry first (I opted to create a system restore point).

Maneuver to this registry key and add your default Windbg commands -

Code:
HKLM\SOFTWARE\Classes\WinDbg.DumpFile.1\shell\Open\command
The (Default) should look something like this (by default):
Code:
"C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\windbg.exe" -z "%1"
I added the kd commands that I mentioned above (listed in RED):
Code:
"C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\windbg.exe" -z "%1" -c "!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck"
Double-clicking on a dump file now runs all of the commands in RED by default.

Please note that I made these changes yesterday for the first time, so it is far from 100% tested.

Regards. . .

John
 
Last edited:

Aura

Sysnative Staff, Security Analyst
Staff member
Joined
Mar 16, 2015
Messages
8,074
Sorry for the "gravedig", but I just followed these instructions on my work laptop that have WinDbg and it worked perfectly :) Thank you for the tip John, very useful. I'll be sure to do it on my home computer as well.
 

jcgriff2

Site Administrator, Forum General Manager, BSOD Kernel Dump Expert
Staff member
Joined
Feb 19, 2012
Messages
17,479
Location
New Jersey Shore
Glad it worked out.

The registry changes sure do save time from having to enter all of the KD commands manually for every dump -- which can add up quickly each day.

No worries on the "grave dig" -- do so anytime; any thread.
 

axe0

Forum Moderator, BSOD Kernel Dump Expert, Contributor
Staff member
Joined
May 21, 2015
Messages
756
Location
The Netherlands
Works perfectly for me :smile9:
Do you have had any problems with the tweak?
 

jcgriff2

Site Administrator, Forum General Manager, BSOD Kernel Dump Expert
Staff member
Joined
Feb 19, 2012
Messages
17,479
Location
New Jersey Shore
Here we are 3.5 years later and while I have received numerous THANK YOU PMs for this -- none have complained that it didn't work.

So... All looks good.
 

HyperHenry

Active member
Joined
Feb 12, 2018
Messages
40
Location
Currently Texas
What OS was this used on? I have Windows 10 and in Software/Class.... WinDbg isn't there. Also I always install programs on a different disk.
 

axe0

Forum Moderator, BSOD Kernel Dump Expert, Contributor
Staff member
Joined
May 21, 2015
Messages
756
Location
The Netherlands
On my Windows 10 Pro 1703, registry export
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinDbg.DumpFile.1\shell\Open\command]
@="\"C:\\Program Files (x86)\\Windows Kits\\10\\Debuggers\\x86\\windbg.exe\" -z \"%1\" -c \"!load cmkd; !load procdumpext; !load niemiro; !analyze -v; lmtsmn; !rawstack; !dpx; !sysinfo smbios; !sysinfo machineid; !sysinfo cpuspeed; !thread; .bugcheck; .time;\""
 
Top