Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Defrag Tools: #46 - WPT - Driver Analysis

Download

Right click “Save as…”

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

Resources:
Defrag Tools: #23 - Windows 8 SDK
Defrag Tools: #29 - WinDbg - ETW Logging
Windows Performance Analysis Developer Center
Windows Performance Toolkit
Channel 9 Videos
NTDebugging Blog Article
PFE Blog Series

Timeline:
[00:32] - xperf -on PROC_THREAD+LOADER+PROFILE+DRIVERS -stackwalk ...
[01:27] - xPerfView - Driver Delays
[05:09] - WPA
[05:50] - Device Stack & IRPs
[09:14] - Advanced Settings (Filter)
[12:14] - Long Duration example
[13:30] - Zoom and then look at other graphs - e.g. CPU Usage (Sampled)
[15:22] - Summary

Example: "xperf - Collect Drivers.cmd"

@echo off
echo Press a key when ready to start...
pause

echo .
echo ...Capturing...
echo .

xperf -on PROC_THREAD+LOADER+PROFILE+DRIVERS -stackwalk Profile -BufferSize 1024 -MinBuffers 256 -MaxBuffers 256 -MaxFile 256 -FileMode Circular

echo Press a key when you want to stop...
pause
echo .
echo ...Stopping...
echo .

xperf -stop -d drivers.etl

Tag:

Follow the Discussion

  • loverboyloverboy

    C:\Program Files\Windows Performance Toolkit>"xperf - Collect Drivers.cmd"
    Press a key when ready to start...
    Premere un tasto per continuare . . .
    .
    ...Capturing...
    .
    xperf: warning: This system is not fully configured for x64 stack tracing.
    Please modify the registry under:

    HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management

    and set the value:

    DisablePagingExecutive (REG_DWORD) = 1

    Then reboot before retrying tracing.

    Note: Tracing has been enabled, this is just a warning.
    xperf: error: NT Kernel Logger: Flag non validi. (0x3ec).
    Press a key when you want to stop...
    Press a key to continue. . .
    .
    ...Stopping...
    .
    xperf: error: NT Kernel Logger: Il nome di istanza inviato non Þ valido per il provider di dati WMI. (0x1069).

    **********

    Is this error (0x1069) related to DisablePagingExecutive not set at 1?

    I have Windows 7 64bit Home Premium

    I wish you could reply also to my question posted in #45 that I copy and paste here
    ***************
    Not directly related to this video, but in general.
    Whenever I launch those cmd, xperf correctly warns me that "This system is not fully configured for x64 stack tracing" so that Disable Paging Executive must be set at 1, to have valid results.
    My question is: "Why isn't Disable Paging Executive set to 1 as default in Windows 7?"

    I have Windows 7 Home Premium 64bit with 16 GB RAM
    What do I risk if I leave it set at 1 as default?

    is there any (brief) technical reason why Microsoft didn't leave at 1 in W7, while I understand it is set at 1 in W8?
    **********************

  • Andrew Richardswindev Andrew Richards

    @loverboy: "Disable Paging Executive" keeps the PE Header of drivers in RAM - so that symbolic resolution can be guaranteed.  It isn't on by default as it would waste RAM (once the image is loaded, it isn't need).  In Windows 8, they did some magic (not sure what) to make it irrelevant.

    In my personal experience, I've always been able to do the analysis without it set - other may have a different experience.

  • loverboyloverboy

    OK thanks for your reply.

    But what about these errors (that I try to translate) when running the cmd file

    xperf: error: NT Kernel Logger: Not valid flags. (0x3ec).

    and

    xperf: error: NT Kernel Logger: Sent instance name is not valid for WMI data provider. (0x1069).

    Any ideas?

  • Andrew Richardswindev Andrew Richards

    @loverboy: The command provided is for Win8 but it should work on Win7 as well.  This might be a text formatting issue due caused by copy/paste of the web page.  Try downloading the script instead (http://sdrv.ms/11C7S9c).

  • loverboyloverboy

    Solved
    There is an "S" missing in the example above

    PROC_THREAD+LOADER+PROFILE+DRIVER --> PROC_THREAD+LOADER+PROFILE+DRIVERS

    Thanks ;)

  • Andrew Richardswindev Andrew Richards

    @loverboy: Sorry about that -- fixed.

Remove this comment

Remove this thread

close

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.