What killed my process?

Hello, world! We’re often challenged with a process that exits unexpectedly, but this doesn’t always equate to an application "crash".  Occasionally this behavior is caused by cross-process termination, where one process terminates another one. Discovering root cause of this behavior used to be just slightly less cumbersome than a barefoot walk to Mordor, but an… Read more

Windows 7 / Windows Server 2008 R2: Fault Tolerant Heap and Memory Management

Hello, and welcome to our second post in the Windows 7 launch series. This post is going to be a long one, so buckle in.  We’re going to start with an overview of Fault Tolerant Heap, which is a new feature in Windows 7 and Windows Server 2008 R2 and then go over some Memory… Read more

Debug 101: !poolused

Good morning AskPerf!  We’ve had plenty of discussions in the past about Pool Memory – both Paged and NonPaged.  Today we’re going to review how we can determine the Pool Memory usage from a memory dump file via the !poolused command.  A quick note – if you’re trying to identify a leaking pool tag, analyzing… Read more

Debug 101: Examining Memory Use

Happy Friday AskPerf!  No alphabet soup or Sesame Street quips today.  Today, we’re going to take a quick look at two debugger commands that you can use to examine memory use, !vm and !memusage.  Why two commands?  One shows you information about virtual memory usage (!vm) and the other one displays information about physical memory… Read more

Debug 101: What does !analyze do?

Over the last few weeks, we’ve been posting quite a bit on different topics related to Debugging.  Today we’re continuing in that vein by looking at one of the most common commands that we use when reviewing both kernel- and user-mode dump files – !analyze.  !analyze is an extension command that performs a number of… Read more

Two Minute Drill: Debugging – lm, not just Alphabet Neighbors

I know – it really does seem like I’m on a bit of a Sesame Street kick at the moment, doesn’t it?  Ah well – it is Friday and the weekend is almost upon us.  Why not have a little fun?  Today, we’re continuing on with looking at different debugger commands.  Our topic for today… Read more

Two Minute Drill: Debugging and the k* Commands

Good morning AskPerf!  2009 is moving fast – it’s hard to believe we’re already into August!  Today, we’re continuing on with our debugging focus.  Over the next few posts, we’ll be looking at different command types within the debugger.  Today’s post is brought to you by the letter … k.  I know, I couldn’t resist… Read more

Two Minute Drill: Stack Basics

Welcome back AskPerf!  Carrying on with our debugging / architectural theme from the last couple of weeks, today’s topic is about the stack.  A stack is a way of storing information – a data structure.  When a new object is placed on the stack it is placed on the top of the stack.  Similar to… Read more

Semaphores – More than Flag Waving

Good Morning AskPerf!  Today is the last in our series on Windows Synchronization Mechanisms.  Our topic today is Semaphore Objects.  A semaphore object is a kernel-mode synchronization object that maintains a count between zero and a maximum specified value.  Semaphores are similar to mutexes in that they allow exclusive access to a resource.  What is… Read more

The Basics of Mutexes and Spin Locks

Good Morning AskPerf!  We’re continuing on with our mini-series on Synchronization Mechanisms today with a look at Mutexes.  A mutex is a synchronization object.  Mutexes ensure mutually exclusive (hence the term) access.  In other words, while one thread has the mutex, all other threads are prevented from using it.  Essentially any lock that grants mutually… Read more