Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Debugging temporal hangs

Alexander_KolevAlexander_Kolev Member Posts: 10
I have a generic question as to what approach you'd use to debug a temporal hang, e.g. sometimes some winapi seems to be taking too long to execute and you want to get to the root of it.

If it was a regular/permanent hang, I'd kick off kd and take my time, but.. given the temporal nature of the former example, what is the best course of action?

What tool would you use for creating kernel mode dumps?

Comments

  • Scott_Noone_(OSR)Scott_Noone_(OSR) Administrator Posts: 3,302
    This is in an app you own or some other app? Is the app talking to a driver?

    -scott
    OSR
    @OSRDrivers

    wrote in message news:[email protected]

    I have a generic question as to what approach you'd use to debug a temporal
    hang, e.g. sometimes some winapi seems to be taking too long to execute and
    you want to get to the root of it.

    If it was a regular/permanent hang, I'd kick off kd and take my time, but..
    given the temporal nature of the former example, what is the best course of
    action?

    What tool would you use for creating kernel mode dumps?

    -scott
    OSR

  • Alexander_KolevAlexander_Kolev Member Posts: 10
    It's another app, I don't own it. In fact - it's the Java JRE I need to debug, as the latest build seems to have introduced a regression that's causing random slowness when performing ssl handshakes.

    And yes, I assume that this is caused by talking to a network driver, but i'm still figuring out what's the best course of action to debugging such a thing..
  • Alexander_KolevAlexander_Kolev Member Posts: 10
    Come on, folks.. there must be some general-purpose approach that could do :)
  • Scott_Noone_(OSR)Scott_Noone_(OSR) Administrator Posts: 3,302
    There's no one answer. You can use ProcDump to get a process dump when you
    experience the hang:

    https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx

    Though that isn't necessarily going to tell you much. If you have a kernel
    debugger attached you can break in and look at threads during the hang, but
    that won't necessarily tell you much either.

    Given that it's a hang talking about the network, I'd start with WireShark
    and compare traces from the old working version to the new not working
    version. This might give you a breadcrumb to work with.

    -scott
    OSR
    @OSRDrivers

    wrote in message news:[email protected]

    Come on, folks.. there must be some general-purpose approach that could do
    :)

    -scott
    OSR

  • Tom_MonahanTom_Monahan Member - All Emails Posts: 9
    There is a bit of a learning curve involved but stackwalking xperf is super
    powerful for this type of thing.

    https://blogs.msdn.microsoft.com/ntdebugging/tag/xperf/
    https://randomascii.wordpress.com/2012/05/05/xperf-wait-analysisfinding-idle-time/

    Tom


    On Wed, Sep 14, 2016 at 5:37 PM, Scott Noone wrote:

    > There's no one answer. You can use ProcDump to get a process dump when you
    > experience the hang:
    >
    > https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
    >
    > Though that isn't necessarily going to tell you much. If you have a kernel
    > debugger attached you can break in and look at threads during the hang, but
    > that won't necessarily tell you much either.
    >
    > Given that it's a hang talking about the network, I'd start with WireShark
    > and compare traces from the old working version to the new not working
    > version. This might give you a breadcrumb to work with.
    >
    > -scott
    > OSR
    > @OSRDrivers
    >
    > wrote in message news:[email protected]
    >
    >
    > Come on, folks.. there must be some general-purpose approach that could do
    > :)
    >
    > ---
    > WINDBG is sponsored by OSR
    >
    > OSR is hiring!! Info at http://www.osr.com/careers
    >
    >
    > MONTHLY seminars on crash dump analysis, WDF, Windows internals and
    > software drivers!
    > Details at
    >
    > To unsubscribe, visit the List Server section of OSR Online at <
    > http://www.osronline.com/page.cfm?name=ListServer&gt;
    >
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA