You are previewing Windows Performance Analysis Field Guide.
O'Reilly logo
Windows Performance Analysis Field Guide

Book Description

Microsoft Windows 8.1 and Windows Server 2012 R2 are designed to be the best performing operating systems to date, but even the best systems can be overwhelmed with load and/or plagued with poorly performing code. Windows Performance Analysis Field Guide gives you a practical field guide approach to performance monitoring and analysis from experts who do this work every day. Think of this book as your own guide to "What would Microsoft support do?" when you have a Windows performance issue.

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. Biography
  8. Foreword
  9. Introduction
    1. Who should read this book?
  10. Chapter 1: Start here
    1. Abstract
    2. Introduction
    3. General slow system performance
    4. Common environmental and hardware-induced performance problems
    5. Conclusion
  11. Chapter 2: Performance monitor
    1. Abstract
    2. Introduction
    3. Basic usage
    4. Performance counters
    5. Data collectors
    6. Tools
    7. Conclusion
  12. Chapter 3: Storage
    1. Abstract
    2. Introduction
    3. Storage hardware and industry terminology
    4. Disk capacity
    5. Understanding and measuring disk performance
    6. Disk performance analysis tools
    7. Common causes, recommendations for poorly performing disks, and best practices
    8. Conclusion
  13. Chapter 4: Process memory
    1. Abstract
    2. Process virtual address space
    3. What you need to know about an application's virtual address space
    4. Identifying applications that run out of virtual address space
    5. How to determine the maximum virtual address space for an application
    6. Identifying application virtual address space problems using performance monitor and the application event log
    7. Identifying application virtual address space problems using the PAL tool
    8. Investigating application virtual address space problems using VMMap
    9. About debugdiag
    10. Preparing for a call with microsoft support
    11. Dealing with 32-bit applications that run out of virtual address space
    12. Identifying and adding large address aware
    13. The concept and advantages of virtual memory
    14. 32-bit (<span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" class="bold">&#215;</span>&#160;86) virtual address space 86) virtual address space
    15. 64-bit (<span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" class="bold">&#215;</span>&#160;64) virtual address space 64) virtual address space
    16. Many processes, one kernel
    17. How can each application have a private 8 TB on a system with 4 GB of physical memory?
    18. Virtual memory and paging files
    19. Reserved, committed, and free memory
    20. Identifying application out of virtual address space conditions
    21. Read this if you are considering /3GB or IncreaseUserVa
    22. Identifying processes leaking system committed memory
    23. Troubleshooting processes leaking system committed memory using Sysinternals VMMap
    24. Troubleshooting processes leaking system committed memory using debug dumps
    25. Treating the symptoms of process committed memory leaks
    26. Conclusion
  14. Chapter 5: Kernel memory
    1. Abstract
    2. Introduction
    3. What you need to know about kernel (system) memory
    4. Initial indicators of pool paged and pool nonpaged kernel memory
    5. 64-bit (x64) versions of Windows and Windows Server
    6. Troubleshooting a lack of PTEs
    7. Monitoring kernel memory using process explorer
    8. Analyzing kernel memory using WPA
    9. Analyzing kernel memory using poolmon.exe
    10. Installing a kernel debugger
    11. Analyzing kernel memory with a kernel debugger
    12. The page frame number database, physical memory, and virtual address space
    13. Read this if considering the /3GB switch or increaseUserVa
    14. Conclusion
  15. Chapter 6: System committed memory
    1. Abstract
    2. Introduction
    3. The system commit limit
    4. Monitoring system committed memory with task manager
    5. Monitoring system committed memory with performance monitor
    6. Monitoring system committed memory with sysinternals process explorer
    7. Monitoring system committed memory with windows management instrumentation
    8. Where did all of the system committed memory go?
    9. Treating the symptoms of high system committed memory
    10. A case study of system committed memory
    11. Conclusion
  16. Chapter 7: Page files
    1. Abstract
    2. Introduction
    3. Page file sizing
    4. Systems with a low amount of physical memory
    5. Systems with a large amount of physical memory
    6. System crash dumps
    7. Automatic memory dump
    8. System committed memory and paging files
    9. System-managed paging files
    10. Dedicated dump files
    11. What is written to a page file?
    12. Other crash dump-related registry keys
    13. Other page file-related performance counters
    14. Multiple page files and disk considerations
    15. Running without a page file
    16. Should the page file be moved from C: drive?
    17. Page file fragmentation
    18. Tracking page file reads and writes
    19. High security? Consider cleaning the page file
    20. Conclusion
  17. Chapter 8: Physical memory
    1. Abstract
    2. Introduction
    3. Free memory is different than available memory
    4. Identifying a low-available-physical memory condition using performance monitor
    5. Identifying a low available physical memory condition using task manager
    6. Identifying a low-available physical memory condition using resource monitor
    7. Monitoring for low-memory conditions using scripting
    8. Where did all of the physical memory go?
    9. Process working sets
    10. Minimum working sets
    11. Driver-locked memory
    12. Address windowing extensions (AWE)
    13. Locking memory with microsoft SQL server
    14. Out of physical memory, but not out of committed memory
    15. How physical memory is managed
    16. Detecting bad physical memory
    17. Page faults
    18. Hard page faults and disk performance
    19. Sizing physical memory
    20. ReadyBoost
    21. Prefetch
    22. Superfetch
    23. System cache
    24. Too much physical memory and power considerations
    25. Conclusion
  18. Chapter 9: Network
    1. Abstract
    2. Introduction
    3. Initial indicators
    4. Measuring the slowest node and black hole routers
    5. Monitoring network utilization using performance monitor
    6. Monitoring network utilization using task manager
    7. Monitoring network utilization using resource monitor
    8. Detecting NIC duplex settings
    9. Chattiness and latency
    10. Conclusion
  19. Chapter 10: Processor
    1. Abstract
    2. Introduction
    3. Identifying high processor usage using task manager
    4. Searching the file system for a process's executable file
    5. Identifying high processor usage using performance monitor
    6. Identifying high processor usage using resource monitor
    7. Identifying high processor usage using process explorer
    8. Introducing the microsoft windows performance analyzer
    9. Introducing Microsoft Xperf.exe
    10. Capturing and analyzing processor interrupts and DPC events using the windows performance toolkit
    11. Capturing and analyzing user mode processor events using the windows performance toolkit
    12. Capturing processor events using microsoft WPR
    13. VM considerations
    14. Conclusion
  20. Chapter 11: Boot performance
    1. Abstract
    2. Introduction
    3. Common causes of poor boot performance
    4. Startup impact in task manager
    5. Using Autoruns to validate startup drivers, services, and applications
    6. Recording a boot trace using windows performance recorder
    7. Analyzing a boot trace using WPA
    8. An example of a bad boot trace using the WPA
    9. Conclusion
  21. Chapter 12: Performance Analysis of Logs (PAL) Tool
    1. Abstract
    2. Introduction
    3. Installation and prerequisites
    4. Creating a counter log using a PAL template
    5. Using the PAL wizard
    6. Interpreting the report
    7. Running the PAL tool without the PAL wizard
    8. Examining the PAL log
    9. How to create a threshold file for the PAL tool
    10. Converting a Perfmon template to a PAL threshold file
    11. Conclusion
  22. Appendix A: Tools
    1. Debug diagnostic tool (Debugdiag) v2.0
    2. Microsoft network monitor 3.4 (Netmon)
    3. PathPing
    4. Performance monitor (Perfmon)
    5. Poolmon
    6. Process explorer
    7. Process monitor
    8. RAMMap
    9. Resource monitor (Resmon)
    10. Microsoft server performance advisor
    11. Task manager
    12. TCPView
    13. VMMap
    14. Windows debugger (WinDBG)
    15. Windows performance analyzer
  23. Appendix B: Collecting Process Memory Dumps
    1. Using task manager
    2. Using debugdiag
    3. Using ADPlus
    4. Using ProcDump
    5. Using windows error reporting
    6. Using process explorer
    7. Using WinDBG
    8. Verifying the process memory dump file
  24. Appendix C: Debug symbols
    1. Introduction
    2. Using symbol paths
    3. Creating symbols
    4. Symbols and security concerns
    5. Managing symbol files using symbol servers
  25. Index