There and back again…a tale of XP performance tracing…

So back in the day, when Plug and Play was sort of a new concept and auto-negotiating network settings didn’t actually work properly, XP was launched.  It was a fine operating system for its time, and there was much rejoicing….

Now, in the modern era of NOWNOWNOW, venerable XP shows some issues here and there with performance.  Perhaps around boot times, or application launch, etc.

This post is an attempt to guide the technician through the oft’ uncharted waters of performance data collection, and provide a good data set that a performance analyst can analyze and determine the golden “Root Cause”…

Step 1.  Enable UserEnv Logging:

Use Registry Editor to add or to modify the following registry entry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Entry: UserEnvDebugLevel
Type: REG_DWORD
Value data: 10002 (Hexadecimal)

(http://support.microsoft.com/kb/221833 for more information)

Step 2.  Get a Process Monitor log of your boot up.

(Get the tool at http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx)

image

Click Options, Enable Boot Logging, Reboot.

Boot up, Run Process Monitor, and save off the data into PML format using the defaults.  It’s that easy.

Step 3.  Get a Windows 7 machine of the same architecture as your XP host (presumably x86).  Install the Windows SDK 7.1 that has WPT 4.7:

http://msdn.microsoft.com/en-us/performance/cc752957.aspx

After installing Windows Performance Toolkit onto the Windows 7 machine, copy the Windows Performance Toolkit directory onto the XP host and run the following command in the directory as an administrator (local admin to the box)

(THIS REBOOTS YOUR MACHINE ASAP)

xbootmgr –trace boot –traceflags dispatcher+latency

THIS REBOOTS YOUR MACHINE ASAP

You hit enter and it reboots.  Log back onto the machine ASAP and let it count down for 2 minutes.

At this juncture, one of 3 things will happen:

1)  The trace will stop itself and everything will be cool, you’ll have an ETL file in the directory, grats!

2)  You get an error about a logger not being able to stop.  You look in the directory and see an .etl file with the letters KM in the name.  This trace is pretty much toast.

3)  You get an error about a logger not being able to stop.  You look in the directory and see 2 .etl files with KM and UM in the names, and they are still growing.  Type xperf -d merge.etl at this point and it should stop the traces and merge the file for you.

Step 4.  Zip the userenv.log, the Process Monitor pml log(s) and the xperf log(s) and get them to your support professional for assistance.

Hope this helps!

 

Jeff

How to collect a trace for audio or video problems in Windows 7

Assume the following:  You have a Windows 7 host that you want to collect a trace from.  The user complains of audio issues, stuttering, latency, etc…or video frame rate is low.  Something annoying.

Like my previous post, lets cover a few basic rules here as we get started:

1.  If host = Windows 7 AND bitness = amd64 THEN Set DisablePagingExecutive to 1 and reboot:

http://technet.microsoft.com/en-us/library/cc959492.aspx

2.  Make sure the user account we want to trace is local administrator, even temporarily.

 

After we have that, install the Windows 8 ADK on the target machine, or copy the Windows Performance Toolkit from a machine it has already been installed on onto our target machine.

(We can install by running ADK Setup and deselecting EVERYTHING except Windows Performance Toolkit, by the way.)

installADK-WPT_thumb1

 

So, its there, somewhere.

 

1.  Run WPRUI elevated/as administrator

 

wprui1_thumb1

 

2.  Click More Options on the bottom left, revealing the window that looks like this:

 

image_thumb3

3.  For audio and video glitches that are easy to reproduce, check the scenario you are reproducing in the scenario analysis area.  Change Logging Mode to File based and hit start.

image

 

4.  Click “Start” and the reproduce the issue.  The window will look like this while you do so:

image

5.  When it reproduces, click Save and save the file off, review in xperfview or Windows Performance Analyzer to determine the cause of the glitches, probably DPCs from usbaudio drivers, but what do I know….

“But way Dude!  What if this isn’t easy to reproduce?” you may ask….

Step….

6.  If this is not easy to reproduce, get setup to collect a trace as above, but don’t use WPRUI.

Instead, elevate a command prompt, go to the root of a drive, I’ll use C: for the example, and do the following after you have DisablePagingExecutive set and WPT installed…make a trace directory and cd to it.

xperf -on dispatcher+latency+drivers -stackwalk readythread+threadcreate+cswitch+profile -f C:\trace\xperftrace.etl -minbuffers 1024 -maxbuffers 1024 -maxfile 512 -filemode circular

Then let it run in the background while you dork around trying to reproduce the issue.  Once it hits, simply do the following:

Xperf -d C:\trace\results.etl

Now you can open results.etl in xperfview.exe or Windows Performance Analyzer and look for DPCs and so forth that might be causing the issue….

Enjoy!

How to collect a good boot trace on Windows 7

Assume the following:  You have a Windows 7 host that you want to collect a trace from.  A good trace.  One that you know other people will be able to decipher as well as yourself.  Maybe I’ve asked you to collect a boot trace so I can look at it and pointed you to this blog.  Maybe your Sherpa of IT has decided you should learn this and you are doing it to learn….

(edited 11-2)

[You may also use xperf’s xbootmgr with a syntax similar to this:

xbootmgr -trace boot -traceflags base+latency+dispatcher -stackwalk profile+cswitch+readythread+threadcreate -notraceflagsinfilename -postbootdelay 30

]

 

In any event, you have a Windows 7 host.

Lets cover a few basic rules here as we get started:

1.  If host = Windows 7 AND bitness = amd64 THEN Set DisablePagingExecutive to 1 and reboot:

http://technet.microsoft.com/en-us/library/cc959492.aspx

2.  Make sure the user account we want to trace is local administrator, even temporarily.

3.  Set AutoLogon up in the registry for this user so we don’t flub a password input and invalidate a trace with bogus data:

http://support.microsoft.com/kb/324737

 

After we have that, install the Windows 8 ADK on the target machine, or copy the Windows Performance Toolkit from a machine it has already been installed on onto our target machine. (link http://www.microsoft.com/en-us/download/details.aspx?id=30652)

(We can install by running ADK Setup and deselecting EVERYTHING except Windows Performance Toolkit, by the way.)

installADK-WPT

 

So, its there, somewhere.

 

1.  Run WPRUI elevated/as administrator

 

wprui1

 

2.  For a boot trace, click More Options on the bottom left, revealing the window that looks like this:

 

image

3.  For the boot trace, I would like to see CPU Usage, Disk I/O Activity and File I/O Activity.  I would like you to change the Performance Scenario to “Boot” and number of iterations to “1”, as so:

image

 

4.  Click “Start” and then type something into the box and select a convenient place to store your trace and then hit “Save” which will reboot your machine and collect the trace.

image

 

5.  Let it reboot, let it logon as the user you specified in the auto logon, let it count down the normal boot process and end with the ETL trace in the directory you specified.  Get me that trace, stat!  Or if you are doing this to learn, poke around in it in XperfView.exe and WPA.exe, two entirely different ways to view the data set.

Hope this helps, after I stand up a VM or two I’m going to do some WPA examples….

Welcome to the Windows Assessment Server from the Windows 8 ADK. Part 1 of X

Fa-La…It’s the magical mystery tour…..

 

Well, not really, but it is the Windows Assessment Server brought to us by the Windows 8 ADK!

 

Lets fire this bad boy up and play around with it.

Step 0.  Prepare your environment.

You need DHCP and DNS and a Server running 2008 R2 SP1 or Windows Server 2012.  This MAY NOT be installed on a server with the AD DS role by the way…

Step 1.  Install the ADK:

Go here:  http://www.microsoft.com/en-us/download/details.aspx?id=30652 and run ADKSetup.exe

image

Next

image

Next

image

Accept

image

Click Install

image

And then be patient…

image

And then

image

And then

image

And finally…

image

Start the Windows Assessment Service – Client and click to configure the server.  It’ll do a lot of work.

image

Like that and this

image

And finally….

image