Windows Performance Trouble shooting

1.Open the Dump file using windbg.exe

Image

2. First use !analyze –v command it will give the exception code, errors, stacks, faulty image or driver name.

Image

3. See the Bug check code, Module name or Image name if it point to any driver’s .sys files related to windows check for any latest version or hotfix available. You can check version of drivers by collecting MPS report. You need google with driver file BSOD error code mostly it will give you hotfix KB

 

Image

4.For memory Leak and Non paged file usage use !vm command to see the memory usage.

Use !vm 1 . It will give the memory details will show excessive Memory usage.

Image

5. !poolused /t10 2 this command will top 10 users of paged and non-paged memory. So with Pooltag identify the driver and check any latest update available or known issues with driver and update it to latest version.

Image

Tools for troubleshooting

Windbg,Perfmon,xperf

References:

for understanding the memory limits.

http://blogs.technet.com/b/markrussinovich/archive/2008/07/21/3092070.aspx

Understanding Crash dump files:

http://blogs.technet.com/b/askperf/archive/2008/01/08/understanding-crash-dump-files.aspx

Ask performance Blog: http://blogs.technet.com/b/askperf/default.aspx?PostSortBy=MostViewed&PageIndex=1

Debugging Blog: http://blogs.msdn.com/b/ntdebugging/archive/tags/pool+leak+series/ (Memory Leak series)

http://www.dumpanalysis.org/memory-dump-analysis-pattern-classification

Windbg commands: http://windbg.info/doc/1-common-cmds.html