!runway is a beautiful command which tells you the time taken by specific threads, very useful in hang scenarios, this is the sample output of the command:
0:004> !runaway User Mode Time Thread Time 0:11b8 0 days 0:00:05.656 6:5f8 0 days 0:00:00.265 9:9a8 0 days 0:00:00.156 4:1200 0 days 0:00:00.109 12:1418 0 days 0:00:00.015 11:1018 0 days 0:00:00.000 10:1028 0 days 0:00:00.000 .
.
But, what if you do not have this command? and no, I am not trying to reinvent the wheal, actually, this command was broken in one of the internal builds of windbg, so I had to use an alternative. Here is the alternative, with the sample output (nowadays, I prefer to use this command rather than !runaway)
0:004> ~*e .block{~.;.ttime} . 0 Id: df4.11b8 Suspend: 1 Teb: 7ffdf000 Unfrozen Start: EXCEL!Ordinal40+0x2f74 (30002f74) Priority: 0 Priority class: 32 Affinity: 3 Created: Wed Dec 9 20:18:13.610 2009 (UTC + 5:30) Kernel: 0 days 0:00:04.484 User: 0 days 0:00:05.656 . 1 Id: df4.14a4 Suspend: 1 Teb: 7ffdd000 Unfrozen Start: csma_ldr!WlnDisconnect+0x28c7 (611052cb) Priority: 0 Priority class: 32 Affinity: 3 Created: Wed Dec 9 20:18:13.641 2009 (UTC + 5:30) Kernel: 0 days 0:00:00.000 User: 0 days 0:00:00.000 . 2 Id: df4.1700 Suspend: 1 Teb: 7ffde000 Unfrozen Start: EXCEL!Ordinal40+0x13681 (30013681) Priority: 0 Priority class: 32 Affinity: 3 Created: Wed Dec 9 20:18:13.750 2009 (UTC + 5:30) Kernel: 0 days 0:00:00.000 User: 0 days 0:00:00.000 . 3 Id: df4.5d8 Suspend: 1 Teb: 7ffdc000 Unfrozen Start: EXCEL!Ordinal40+0x13681 (30013681) Priority: 0 Priority class: 32 Affinity: 3 Created: Wed Dec 9 20:18:13.750 2009 (UTC + 5:30) Kernel: 0 days 0:00:00.000 User: 0 days 0:00:00.000 . 4 Id: df4.1200 Suspend: 1 Teb: 7ffdb000 Unfrozen Start: <Unloaded_DLL>+0xe927f (001284c7) Priority: 0 Priority class: 32 Affinity: 3 Created: Wed Dec 9 20:18:13.844 2009 (UTC + 5:30) Kernel: 0 days 0:00:00.484 User: 0 days 0:00:00.109
Btw, there is a rather funny story regarding this command, I’ll tell you about it latter …
Hello Friends,
Today, let me try to give you a few tips about my favourite part of job, dump analysis. All of us know that a problem is the mother of all inventions (or reinventions). So, what’s the problem with me? My problem is, I am lazy, very very lazy, not in everything, but in anything redundant which makes me try to automate anything and everything possible, here are a few attempts.
Problem: Lot of dumps to analyze for the exact same problem, (say, 10 -12) and I’ve got to open all of them, find out if the dump is worth examining or not, very painstaking and believe me, the pain is directly proportional to the number of dumps.
Solution: Write a nifty piece of code, that does the work for you ..
Code:
REM: "This batch file (*.bat) is intended to do an auto analysis of multiple dumps. REM: It will just do enough analysis to get you started. "
REM: "The problem I am trying to solve here is, how to find a needle from a haystack."
REM: "This is just a first pass of the haystack :)"
REM: "This batch file needs two parameters."
REM: "First parameter: The directory, in which either you have the dumps, or you have subdirectories with the dumps."
REM: "Second parameter: A log file name, in which you want to dump the analysis"
FOR /R %1 %%x IN (*.dmp) DO C:\debuggers\cdb.exe -c ".echo -------------------------------------------------------------;.echo --------------------| Start Analysis |--------------------;.echo --------------------| Start kvnL |--------------------;kvnL;.echo --------------------| End kvnL |--------------------;.echo --------------------| Start .ecxr |--------------------;.ecxr;.echo --------------------| End .ecxr |--------------------;.echo --------------------| Start !locks |--------------------;!locks;.echo --------------------| End !locks |--------------------;.echo --------------------| Start !cs -l |--------------------;!cs -l;.echo --------------------| End !cs -l |--------------------;.echo --------------------| Start !analyze -v |--------------------;!analyze -v;.echo --------------------| End !analyze -v |--------------------;.echo --------------------| End Analysis |--------------------;.echo -------------------------------------------------------------;qd" -loga %2 -y "srv*C:\pubsym*http://msdl.microsoft.com/downloads/symbols" -z %%x
Isn’t it a good one, it uses just the common commands, !analyze, .ecxr, !locks, !cs –l and the output file tells you which dump(s) to analyze.
Next Script, in my next post …