How can I gather a useful system profile on Windows? - windows

A few of my users have problems starting up my Java application on Windows XP and 7. I cannot reproduce the bug on my systems.
On Mac, the next step would be to ask them to send their system profile to me by going to Apple Menu > About This Mac > More Info and then saving the system profile.
Is there an equivalent on Windows? I would love to see:
Version numbers for the system
Hardware configuration
Shell paths: $HOME, $APPDATA, $LOCALAPPDATA
Drive layout
Programs running on startup
Loaded drivers and DLLs
Possible system logs

The built-in "System Information" tool in Windows provides most of what you want, and a lot of other useful information. No System logs though.
Have your users run "MSINFO32" from the start menu. Then File -> Export if you want a text output, or File -> Save... if you want a file that you can open with MSINFO32 on your end.

Whenever I'm debugging on a webserver (Windows) DebugDiag is good for memory/dll issues. You can load the crash dumps right into WinDBG.
For the system information, you will probably have to write your own script to collect this. WMI should let you collect the remainder of the system settings.

Here are a couple of possibilities that get part way there. The PsTools suite from SysInternals has a number of command line utilities that might be useful for this. In particular psinfo (system information) and pslist (running processes). Also, Process Explorer could be useful too since it has an option to save information to a file.

Related

Read Performance counter in Mac from terminal

I would like to know how to get
performance monitoring counter measurements on a Mac. With Linux, we
can use the "perf stat" command to get measurements. With a Mac it's
harder. Specifically, I would like to know how I can get the number of
branch mispredictions and the number of branches executed for a
program running from the command line, preferably without recompiling
the program. I have done some Googling but what I need is a solution;
if you can show me how you brought up a terminal, typed in some
command (maybe using some tool you downloaded), and got the number of
mispredictions for, say /bin/ls, that would be great.
Official macOS tool to work with profiling, both based on software events and on hardware events (performance counters), is Instruments tool - https://help.apple.com/instruments/mac/current/. It seems to be part of XCode development tools.
This tool have some limited variants to collect profiles from command-line mode, check https://help.apple.com/instruments/mac/current/#/devb14ffaa5
https://help.apple.com/instruments/mac/current/#/devba105ecc
Launch Instruments from the command line
You can use the open command to launch any app in OS X via Terminal,
including Instruments.
Launch Terminal (in /Applications/Utilities/).
Run the following command:
open /Applications/Xcode.app/Contents/Applications/Instruments.app
The Instruments app launches.
Note: You can also use either of two command-line utilities to profile
an app without actually displaying the Instruments user interface.
instruments — This utility profiles an app using a specified template. The results can be saved to a file and then manually opened
in the main Instruments app for viewing and analysis. To learn more,
go to Profile with the instruments command-line tool.
To get IPC or branches, use GUI to create profile with usage of counters usage (1 or 2) and save it as template, and then use CLI tool instruments to collect trace data. Trace file can be viewed with Instruments GUI; there was incomplete attempt to decode that files.
The page https://medium.com/#pavelkucera/counting-branch-mispredictions-on-macos-7397ae8c5b51 also lists another variant to work with hardware counters on macOS, the https://github.com/opcm/pcm project:
You first have to build the tool, but then it is easy to use:
run pmu-query.py
enter “BR_INST_RETIRED.NOT_TAKEN”, the result should be similar to: cpu/umask=0x10,event=0xC4,name=BR_INST_RETIRED.NOT_TAKEN/
run ./pcm-core.x -e event where “event” stands for the result from the previous step
This gives you continuous results for all the running processes. Find
info on how to profile a single process in ./pmc-core.x --help
The good news is that results are easily readable as they can be
output as csv file. The bad news is that profiling a single process
still includes activity from other processes.

task scheduler does not run when not logged in

I have created simple exe to perform a task using VB6. I have deployed the same on Windows Server 2008 as task scheduler. The issue is when the user is not logged in on server, task fails to execute.
I have kept option to "Run whether user is logged on or not", still no use.
How do you know that it doesn't run. Task Scheduler keeps a history of what happened.
Most programs have some dependecy on the user profile and the user's configuration.
More likely your program is crashing. Look in TS's History tab. There's a general one and a task one.
How do you know that. You can't see it so you can't know. Many programs won't run if not logged on. If you check a setting, try to use a mapped drive, write temporary files in certain ways your program won't work.
It's irrelevent that it works when you are logged on.
Try it with psexec from Sysinternals. This can run programs as system (unlike RunAs command). See what happens when you run it as system.
http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx
Whatever we need an error number. If your program doesn't have much error reporting then run it with windbg.
psexec -s windbg "c:\yourprogram.exe"
You can also start in a debugger.
windbg or ntsd (ntsd is a console program and maybe installed). Both are also from Debugging Tools For Windows.
Download and install Debugging Tools for Windows
http://msdn.microsoft.com/en-us/windows/hardware/hh852363
Install the Windows SDK but just choose the debugging tools.
Create a folder called Symbols in C:\
Start Windbg. File menu - Symbol File Path and enter
srvC:\symbolshttp://msdl.microsoft.com/download/symbols
then
windbg -o -g -G c:\windows\system32\cmd.exe /k batfile.bat
You can press F12 to stop it and kb will show the call stack (g continues the program). If there's errors it will also stop and show them.
Type lm to list loaded modules, x ! to list the symbols and bp symbolname to set a breakpoint
If programming in VB6 then this environmental variable link=/pdb:none stores the symbols in the dll rather than seperate files. Make sure you compile the program with No Optimisations and tick the box for Create Symbolic Debug Info. Both on the Compile tab in the Project's Properties.
Also CoClassSyms (microsoft.com/msj/0399/hood/hood0399.aspx) can make symbols from type libraries.
.

On Windows, how can I find what files a given process is using? Is there software that does this?

I want to know the files a given process is reading/writing. Is there a program that shows this? On Windows XP. Thanks. I've tried Autohotkey Spy, Spy++, and Process Explorer. They show a lot of detail but not which files are being accessed.
Process Monitor
Process Monitor is an advanced
monitoring tool for Windows that shows
real-time file system, Registry and
process/thread activity. It combines
the features of two legacy
Sysinternals utilities, Filemon and
Regmon, and adds an extensive list of
enhancements
Filemon

How do you debug a deadlocked Windows app on a customer machine

I have a multi-threaded Windows application that occasionally deadlocks. Inevitably this happens on a customer system and not when the software is in test. What is the easiest way of getting a Windows Minidump of the current state of the application? If it could also terminate the application so the user can restart it and continue using the system that would be great.
In Vista you can create a dump file directly from task manager. Right click on a process in the processes tab and choose 'create dump file'.
Prior to Vista I prefer the ntsd route, since although it is not totally user friendly it works without the user installing any other software and the instructions are actually fairly easy to follow.
See the Microsoft support article How to use ADPlus to troubleshoot "hangs" and "crashes", as well as the helpful blog post Debugging Production Applications using ADPlus.
Both of these articles are about "ADPlus", a VBScript tool supplied with Debugging Tools for Windows that can be used to generate minidumps from a production environment (which can later be loaded up with WinDbg on your development machine). ADPlus has a lot of functionality and a lot of options, so it may take some reading, experimentation, and practice to find the best way to use it in your environment.
I know how to achieve this. It's just my technique is a bit clunky. All Windows 2000 and later systems have a basic command line debugger as part of the default install called NTSD. What I do at the moment is run:
ntsd -pn MyApp.exe
When the debugger console appears I can then type the following into the debugger console:
.dump c:\my-deadlock.mdmp
.kill
What I'm looking for is something that's a little bit cleaner and easier to put in an email to customers to just run. I've seen it alluded to somewhere (that google can't find for now) that you can use drwtsn32.exe to extract a crash dump and terminate an application.
Edit: It is possible to streamline the command somewhat:
ntsd -pn MyApp.exe -c ".dump c:\my-deadlock.mdmp; .kill"
The command .detach can be given if the process has not terminally hung (e.g. a long network timeout) and you want the process to keep going.

USB drive with debugging tools

I'm putting together a USB drive that should contain tools useful for troubleshooting various software problems encountered by users.
What tools would you recommend that I include?
Main environment: Windows and .NET
I can recommend the following : {Some of them have been already mentioned though}
LOG ANALYSIS:
TextPad
NotePad++
VIM {for opening very large txt files}
SYSTEM MONITORING:
Process Explorer {allows to check the threads and dlls loaded}
CODE/ERROR ANALYSIS:
Reflector
DebugView
WinDbg
Autodump+
KeePass for all the different passwords used by your customers.
Any application-specific scripts you've built up (SQL, batch files, PowerShell etc).
Angry IP Scanner
PSTools from Sysinternals
If you're .NET you should get Reflector
SysInternals Suite, especially AutoRuns, Process Explorer, and Process Monitor
http://www.sysinternals.com
"DebugView is an application that lets you monitor debug output on your local system, or any computer on the network that you can reach via TCP/IP. It is capable of displaying both kernel-mode and Win32 debug output, so you don't need a debugger to catch the debug output your applications or device drivers generate, nor do you need to modify your applications or drivers to use non-standard debug output APIs."
http://technet.microsoft.com/en-us/sysinternals/bb896647.aspx

Resources