Is WinDbg supposed to be so excruciatingly slow?

Question

I'm trying to analyze some mini crash dumps. I'm using Windows 10 Pro Build 1607 and WinDbg 10.0.14321.1024. I have my symbol file path set to

SRV*C:\SymCache*https://msdl.microsoft.com/download/symbols

Basically, whenever I load up a minidump (all < 1 MB .dmp files), it takes WinDbg forever to actually analyze them. I understand the first run can take long, but it took mine almost 12 hours before it would let me enter a command. I assumed that, since the symbols were cached, it wouldn't take long at all to re-open the same .dmp. This is not the case. It loads up, goes pretty much instantaneously to "Loading Kernel Symbols", then takes another 30 minutes before it prints the "BugCheck" line. It's been another 30 minutes, and I still can't enter commands into it.

My PC has a 512 GB SSD, 8 GB of RAM, and an i5-4590. I don't think it should be this slow.

What am I doing wrong?

Answer 1

These kind of complaints seem to occur more often lately and I can reproduce it on my PC. This is not your fault but some issue with the Internet or the symbol server on Microsoft side.

Monitoring the traffic with Wireshark and looking at my disk on how the symbol cache get populated, I can say:

• only one file is being downloaded at a time.
• the problem also occurs with older WinDbg versions (6.2.9200)
• the problem occurs with HTTP and HTTPS
• when symbols are found, the transfer speed is very slow, then increasing. The effective transfer rate is down at 11 kb/s to 20 kb/s (on a line which can handle 6500 kb/s)
• there's quite a high number of packets out of order, duplicate packets etc., especially during the "lookup phase" where no file is downloaded yet. Such a lookup phase can easily take 8 minutes.
• even if the file already exists on disk, the "lookup phase" is performed.
• the HTTP roundtrip time (request to response) is 8 to 9 seconds