Windows Performance Trouble shooting

1.Open the Dump file using windbg.exe

Image

2. First use !analyze –v command it will give the exception code, errors, stacks, faulty image or driver name.

Image

3. See the Bug check code, Module name or Image name if it point to any driver’s .sys files related to windows check for any latest version or hotfix available. You can check version of drivers by collecting MPS report. You need google with driver file BSOD error code mostly it will give you hotfix KB

 

Image

4.For memory Leak and Non paged file usage use !vm command to see the memory usage.

Use !vm 1 . It will give the memory details will show excessive Memory usage.

Image

5. !poolused /t10 2 this command will top 10 users of paged and non-paged memory. So with Pooltag identify the driver and check any latest update available or known issues with driver and update it to latest version.

Image

Tools for troubleshooting

Windbg,Perfmon,xperf

References:

for understanding the memory limits.

http://blogs.technet.com/b/markrussinovich/archive/2008/07/21/3092070.aspx

Understanding Crash dump files:

http://blogs.technet.com/b/askperf/archive/2008/01/08/understanding-crash-dump-files.aspx

Ask performance Blog: http://blogs.technet.com/b/askperf/default.aspx?PostSortBy=MostViewed&PageIndex=1

Debugging Blog: http://blogs.msdn.com/b/ntdebugging/archive/tags/pool+leak+series/ (Memory Leak series)

http://www.dumpanalysis.org/memory-dump-analysis-pattern-classification

Windbg commands: http://windbg.info/doc/1-common-cmds.html

 

 

 

 

 

Advertisements

About jaihunt
Working as Technical consultant in Windows technologies

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: