I suspect that one of my applications eats more CPU cycles than I want it to. The problem is - it happens in bursts, and just looking at the task manager doesn't help me as it shows immediate usage only.
Is there a way (on Windows) to track the history of CPU & Memory usage for some process. E.g. I will start tracking "firefox", and after an hour or so will see a graph of its CPU & memory usage during that hour.
I'm looking for either a ready-made tool or a programmatic way to achieve this.
Press Win+R, type perfmon and press Enter. When the Performance window is open, click on the + sign to add new counters to the graph. The counters are different aspects of how your PC works and are grouped by similarity into groups called "Performance Object".
For your questions, you can choose the "Process", "Memory" and "Processor" performance objects. You then can see these counters in real time
You can also specify the utility to save the performance data for your inspection later. To do this, select "Performance Logs and Alerts" in the left-hand panel. (It's right under the System Monitor console which provides us with the above mentioned counters. If it is not there, click "File" > "Add/remove snap-in", click Add and select "Performance Logs and Alerts" in the list".) From the "Performance Logs and Alerts", create a new monitoring configuration under "Counter Logs". Then you can add the counters, specify the sampling rate, the log format (binary or plain text) and log location.
Process Explorer can show total CPU time taken by a process, as well as a history graph per process.
Using perfmon.exe, I have tried using the "Private Bytes" counter under "Process" counters for tracking memory usage and it works well.
maybe you can use this. It should work for you and will report processor time for the specified process.
#echo off
: Rich Kreider <rjk#techish.net>
: report processor time for given process until process exits (could be expanded to use a PID to be more
: precise)
: Depends: typeperf
: Usage: foo.cmd <processname>
set process=%~1
echo Press CTRL-C To Stop...
:begin
for /f "tokens=2 delims=," %%c in ('typeperf "\Process(%process%)\%% Processor Time" -si 1 -sc 1 ^| find /V "\\"') do (
if %%~c==-1 (
goto :end
) else (
echo %%~c%%
goto begin
)
)
:end
echo Process seems to have terminated.
I agree, perfmon.exe allows you to add counters (right click on the right panel) for any process you want to monitor.
Performance Object: Process
Check "Select instances from list" and select firefox.
WMI is Windows Management Instrumentation, and it's built into all recent versions of Windows. It allows you to programmatically track things like CPU usage, disk I/O, and memory usage.
Perfmon.exe is a GUI front-end to this interface, and can monitor a process, write information to a log, and allow you to analyze the log after the fact. It's not the world's most elegant program, but it does get the job done.
Process Lasso is designed more for process automation and priority class optimization, not graphs. That said, it does offer per-process CPU utilization history (drawn as a white line on the graph) but it does NOT offer per-process memory utilization history.
DISCLAIMER: I am the author of Process Lasso, but am not actually endorsing it here - as there are better solutions (perfmon being the best).
The best thing ever is Windows Vista+ Resource and Performance Monitor. It can track usage of CPU, Memory, Network, and Disk accesses by processes over time. It is a great overall system information utility that should have been created long ago. Unless I am mistaken, it can track per-process CPU and memory utilization over time (amongst the other things listed).
You can also try using a C#/Perl/Java script get the utilization data using WMI Commands, and below is the steps for it.
We need to execute 2 WMI Select Queries and apply CPU% utilization formula
1. To retrieve the total number of logical process
select NumberOfLogicalProcessors from Win32_ComputerSystem
2. To retrieve the values of PercentProcessorTime, TimeStamp_Sys100NS ( CPU utilization formula has be applied get the actual utilization percentage)and WorkingSetPrivate ( RAM ) minimum of 2 times with a sleep interval of 1 second
select * from Win32_PerfRawData_PerfProc_Process where IDProcess=1234
3. Apply CPU% utilization formula
CPU%= ((p2-p1)/(t2-t1)*100)/NumberOfLogicalProcessors
p2 indicated PercentProcessorTime retrieved for the second time, and p1 indicateds the PercentProcessorTime retrieved for the first time, t2 and t1 is for TimeStamp_Sys100NS.
A sample Perl code for this can be found in the link http://www.craftedforeveryone.com/cpu-and-ram-utilization-of-an-application-using-perl-via-wmi/
This logic applies for all programming language which supports WMI queries
Although I have not tried this out, ProcDump seems like a better solution.
Description from site:
ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts.
There was a requirement to get status and cpu / memory usage of some specific windows servers. I used below script:
This is an example of Windows Search Service.
$cpu = Get-WmiObject win32_processor
$search = get-service "WSearch"
if ($search.Status -eq 'Running')
{
$searchmem = Get-WmiObject Win32_Service -Filter "Name = 'WSearch'"
$searchid = $searchmem.ProcessID
$searchcpu1 = Get-WmiObject Win32_PerfRawData_PerfProc_Process | Where {$_.IDProcess -eq $searchid}
Start-Sleep -Seconds 1
$searchcpu2 = Get-WmiObject Win32_PerfRawData_PerfProc_Process | Where {$_.IDProcess -eq $searchid}
$searchp2p1 = $searchcpu2.PercentProcessorTime - $searchcpu1.PercentProcessorTime
$searcht2t1 = $searchcpu2.Timestamp_Sys100NS - $searchcpu1.Timestamp_Sys100NS
$searchcpu = [Math]::Round(($searchp2p1 / $searcht2t1 * 100) /$cpu.NumberOfLogicalProcessors, 1)
$searchmem = [Math]::Round($searchcpu1.WorkingSetPrivate / 1mb,1)
Write-Host 'Service is' $search.Status', Memory consumed: '$searchmem' MB, CPU Usage: '$searchcpu' %'
}
else
{
Write-Host Service is $search.Status -BackgroundColor Red
}
Hmm, I see that Process Explorer can do it, although its graphs are not too convenient. Still looking for alternative / better ways to do it.
Perfmon.exe is built into windows.
You might want to have a look at Process Lasso.
I use taskinfo for history graph of CPU/RAM/IO speed.
http://www.iarsn.com/taskinfo.html
But bursts of unresponsiveness, sounds more like interrupt time due to a falty HD/SS drive.
Under Windows 10, the Task Manager can show you cumulative CPU hours. Just head to the "App history" tab and "Delete usage history". Now leave things running for an hour or two:
What this does NOT do is break down usage in browsers by tab. Quite often inactive tabs will do a tremendous amount of work, with each open tab using energy and slowing your PC.
Download process monitor
Start Process Monitor
Set a filter if required
Enter menu Options > Profiling Events
Click "Generate thread prof‌iling events", choose the frequency, and click OK.
To see the collected historical data at any time, enter menu Tools > Process Activity Summary
Related
I am trying to somehow programamtically log the CPU frequency of my windows 10 machine. However I apparently fail to get the current frequency as shown in the task manager.
in Powershell, using
get-wmiobject Win32_Processor -Property CurrentClockSpeed
does only return a clock speed that is exactly the maximum one (even though i can see in task manager that it is not running that high)
I even tried this solution: https://www.remkoweijnen.nl/blog/2014/07/18/get-actual-cpu-clock-speed-powershell/ but it did not give me anything but a static value = max value.
Even python's psutil does only return a static value.
Does anybody know how to get around this and actually somehow log the CPU frequency each x seconds?
any help would be appreciated, thanks!
TLDR: To find the Current Processor Frequency, you have to use the % Processor Performance performance counter:
$MaxClockSpeed = (Get-CimInstance CIM_Processor).MaxClockSpeed
$ProcessorPerformance = (Get-Counter -Counter "\Processor Information(_Total)\% Processor Performance").CounterSamples.CookedValue
$CurrentClockSpeed = $MaxClockSpeed*($ProcessorPerformance/100)
Write-Host "Current Processor Speed: " -ForegroundColor Yellow -NoNewLine
Write-Host $CurrentClockSpeed
The more in depth explanation as to why does querying WMI Win32_Processor for CurrentClockSpeed seem to always return the maximum frequency rather than the actual "Current Clock Speed"? In fact, why do all of the dozens of WMI/CMI/Perfmon counters all seem to return the "wrong" frequency? If CPU-Z and Task Manager can get it, what do we have to do to get the "actual" frequency? To answer that, we need to understand what CurrentClockSpeed is actually returning.
From the WMI documentation for Win32_Processor CurrentClockSpeed:
Current speed of the processor, in MHz. This value comes from the
Current Speed member of the Processor Information structure in the
SMBIOS information.
Great! One would think that this simple query should get us the current frequency. This worked great a dozen years ago, but nowadays it doesn't; because it really only works for two very specific cases:
When you have a processor that only runs at its defined stock speed.
When a mobile processor is asked by Windows to run at a different speed (e.g. moving to battery mode).
At startup, Widows gets the processor information and gets the Current Clock Speed. Most people are running their processor at the recommended settings so Current Clock Speed == Max Clock Speed, which mean that the two numbers match all the time. When you change power states, Windows will change the frequency, and CurrentClockSpeed will be changed as well.
Now, what happened a dozen years ago to essentially make CurrentClockSpeed completely inaccurate/irrelevant? You can ultimately thank Intel. They essentially blew this whole ideal value out of the water thanks to a new technology called Turbo Boost.
What does Turbo Boost have to do with this?
Turbo Boost dynamically changes the processor frequency based on the current load on the processor within the confines of voltage, current, and thermal envelopes. Almost all modern processors also now have power saving modes and can dynamically change their frequencies based on their current marketing buzzword (e.g. Turbo Boost (up), Cool'N'Quiet (down)).
The key point is: all this frequency moving up/down/off/on is all automatically done without Windows knowing about it. Because Windows doesn't know about it, the CurrentClockSpeed value could be completely inaccurate most of the time. In fact, Microsoft knows this, and when you open your Performance Monitor, and you look at the description under Processor Performance/Processor Frequency:
Processor Frequency is the frequency of the current processor in
megahertz. Some processors are capable of regulating their frequency
outside of the control of Windows. Processor Frequency will not
accurately reflect actual processor frequency on these systems. Use
Processor Information\% Processor Performance instead.
Fortunately this description gives us a hint of what we have to use to get the actual value: Processor Information\% Processor Performance
We can use Get-Counter to access the current Processor performance like so:
PS C:\> Get-Counter -Counter "\Processor Information(_Total)\% Processor Performance"
Timestamp CounterSamples
--------- --------------
2020-01-01 1:23:45 AM \\HAL9256\processor information(_total)\% processor performance :
153.697654229441
Here, you can see that my processor is running at 153% performance a.k.a. 153% of the frequency of the processor (yay for Turbo Boost!). We then query the MaxClockSpeed from CIM_Processor class (you can use WMI_Processor as well):
PS C:\> (Get-CimInstance CIM_Processor).MaxClockSpeed
2592
In order to calculate out the actual clock speed:
$MaxClockSpeed = (Get-CimInstance CIM_Processor).MaxClockSpeed
$ProcessorPerformance = (Get-Counter -Counter "\Processor Information(_Total)\% Processor Performance").CounterSamples.CookedValue
$CurrentClockSpeed = $MaxClockSpeed*($ProcessorPerformance/100)
Write-Host "Current Processor Speed: " -ForegroundColor Yellow -NoNewLine
Write-Host $CurrentClockSpeed
Then wrapping it up in a loop if you need it to run every 2 seconds (Ctrl+C to stop):
$MaxClockSpeed = (Get-CimInstance CIM_Processor).MaxClockSpeed
While($true){
$ProcessorPerformance = (Get-Counter -Counter "\Processor Information(_Total)\% Processor Performance").CounterSamples.CookedValue
$CurrentClockSpeed = $MaxClockSpeed*($ProcessorPerformance/100)
Write-Host "Current Processor Speed: " -ForegroundColor Yellow -NoNewLine
Write-Host $CurrentClockSpeed
Sleep -Seconds 2
}
With help of the PS code above and the doc of win32pdh, I'm able to get it work in Python:
from win32pdh import PDH_FMT_DOUBLE
from win32pdh import OpenQuery, CloseQuery, AddCounter
from win32pdh import CollectQueryData, GetFormattedCounterValue
def get_freq():
ncores = 16
paths = []
counter_handles = []
query_handle = OpenQuery()
for i in range(ncores):
paths.append("\Processor Information(0,{:d})\% Processor Performance".format(i))
counter_handles.append(AddCounter(query_handle, paths[i]))
CollectQueryData(query_handle)
time.sleep(1)
CollectQueryData(query_handle)
freq = []
for i in range(ncores):
(counter_type, value) = GetFormattedCounterValue(counter_handles[i], PDH_FMT_DOUBLE)
freq.append(value*2.496/100)
# 2.496 is my base speed, I didn't spend time to automate this part
# print("{:.3f} Ghz".format(max(freq)))
CloseQuery(query_handle)
return "{:.3f} GHz".format(max(freq))
Is it possible using ETW to also get memory statistics of all the processes and the system ?
With memory statistics I mean : e.g. Commited bytes, private bytes,paged pool,working set,...
I cannot find anything about using xperf to get and see memory statistics. It is always about CPU , disk , network.
One could probably use performance counters to get that kind of information, but how can one overlay the statistics graphically in one chart (how to correlate/sync the timestamps) ?
Your best bet on Windows 8.1 and higher is the Microsoft-Windows-Kernel-Memory provider, which records per-process memory information every 0.5 s. See https://github.com/google/UIforETW/issues/80 for details. UIforETW enables this by default when it is available.
You could also try the MEMINFO provider. It gives a system-wide overview of memory pressure. It shows the Active List (currently in use memory), the Standby List ('useful' pages not currently in use, such as the disk cache), and the Zero and Free lists (genuinely free memory). This at least lets you tell whether a system is running out of memory.
You could also try MEMINFO_WS and CONTMEMGEN but these are undocumented so I really don't know what they do. They show up in xperf -providers k but when I record with them I can't see any new graphs appearing. Apparently Microsoft ships these providers but no way to view them. Sigh...
If you want more memory details on Windows 7 -- such as per-process working sets -- your best bet is to have a process running which periodically queries this data and emits it in custom ETW events. This is available in a prepackaged form in UIforETW which can query the working set of a specified set of processes once a second. See the announcement post for how to get UIforETW:
https://randomascii.wordpress.com/2015/04/14/uiforetw-windows-performance-made-easier/
UIforETW's Windows 7 working set data shows up in Generic Events under Task Name == WorkingSet. On Windows 8.1 the OS working set data (more detailed, more efficiently recorded) shows up under Memory-> Virtual Memory Snapshots.
You can trace memory usage with ReferenceSet kernel group. It includes the following traceflags:
PROC_THREAD+LOADER+HARD_FAULTS+MEMORY+FOOTPRINT+VIRT_ALLOC+MEMINFO+VAMAP+SESSION+REFSET+MEMINFO_WS
MEMORY = Memory tracing
FOOTPRINT+REFSET = Support footprint analysis
MEMINFO = Memory List Info (active, standby and oters you see from ResMon)
VIRT_ALLOC = Virtual allocation reserve and release
VAMAP = mapped files information
MEMINFO_WS = Working set Info
As you can see xperf can capture a lot of memory data when you sue the right flags.
Let's say I have a contrived program:
#include <Windows.h>
void useless_function()
{
Sleep(5000);
}
void useful_function()
{
// ... do some work
useless_function();
// ... do some more work
}
int main()
{
useful_function();
return 0;
}
Objective: I want the profiler to tell me useful_function() is needlessly calling useless_function() which waits for no obvious reasons. Under XPerf, this doesn't show up in any of the graphs I have because the call to WaitForMultipleObjects() seem to be accounted to Idle.exe instead of my own program.
And here's the xperf command line that I currently run:
xperf -on Latency -stackwalk Profile
Any ideas?
(This is not restricted to wait functions. The above might have been solved by placing breakpoints at NtWaitForMultipleObjects. Ideally there could be a way to see the stack sample that's taking up a lot of wall-clock time as opposed to only CPU time)
I think what you are looking for is the Wait analysis with Ready Thread functionality in Xperf. It captures every context switch and gives you the call stack of the thread once it wakes up from sleep (or an otherwise blocked operation). In your case, you would see the stack just after the call sleep(5000) as well as the time spend sleeping.
The functionality is a bit obscure to use. But it is fortunately well described here:
Use Xperf's Wait Analysis for Application-Performance Troubleshooting
Wait Analysis is the way to do this. You should:
Record the CSWITCH provider, in order to get all context switches
Record call stacks on context switches by adding +CSWITCH to your -stackwalk argument
Probably record call stacks on the ready thread to get more information on who readied you (i.e.; who released the Mutex or CS or semaphore and where) by adding +READYTHREAD to your -stackwalk
Then you use CPU Usage (Precise) in WPA (or xperfview, but that's ancient) to look at the context switches and find where your TimeSinceLast is high on a thread that shouldn't be going idle. You'll typically want the columns in CPU Usage (Precise) in this sort of order:
NewProcess (your process being switched in)
NewThreadId
NewThreadStack
ReadyingProcess (who made your thread ready to run)
ReadyingThreadId (optional)
ReadyThreadStack (optional, requires +ReadyThread on -stackwalk)
Orange bar
Count
TimeSinceLast (us) - sort by this column, usually
Whatever other columns you want
For details see these particular articles from my blog:
- https://randomascii.wordpress.com/2014/08/19/etw-training-videos-available-now/
- https://randomascii.wordpress.com/2012/06/19/wpaxperf-trace-analysis-reimagined/
This "profiler" will tell you - just randomly pause it a few times and look at the stack. If do some work takes 5 seconds, and do some more work takes 5 seconds, then 33% of the time the stack will look like this
main: calling useful_function
useful_function: calling useless_function
useless_function: calling Sleep
So roughly 33% of your stack samples will show exactly that. Any line of code that's costing some fraction of wall-clock time will appear on roughly that fraction of samples.
On the rest of the samples you will see it doing the other things.
There are automated profilers that do the same thing in a more pretty way, such as Zoom and LTProf, although they don't actually show you the samples.
I looked at the xperf doc, trying to figure out if you could get stack samples on wall-clock time and get percents at line-level resolution. It seems you gotta be on Windows 7 or Vista. They only bother with functions, not lines, which if you have realistically big functions, is important. I couldn't figure out how to get access to the individual samples, which I think is important for seeing why the program is spending its time.
I'm trying to use a script to control my power options since XP doesn't give you an intuitive way to change CPU Frequency options. Here's my script so far:
meh = `cmd.exe /C POWERCFG.EXE /QUERY Portable/Laptop`
puts ""
puts meh
case input
when 1 then system('cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac NONE')
when 2 then system('cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac ADAPTIVE')
when 3 then `cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac CONSTANT`
end
The problem is that the changes simply don't take place. If I run the same commands directly into a cmd.exe prompt, they work. It's very strange, but nothing works after the initial powercfg query. I feel like I'm missing something incredibly obvious.
How can I get the above script to run correctly?
Update:
C:\shoe>ruby freq.rb
Field Description Value
----------------- -----
Name Portable/Laptop
Numerical ID 1
Turn off monitor (AC) After 15 mins
Turn off monitor (DC) After 5 mins
Turn off hard disks (AC) After 30 mins
Turn off hard disks (DC) After 5 mins
System standby (AC) After 20 mins
System standby (DC) After 5 mins
System hibernates (AC) Not Supported
System hibernates (DC) Not Supported
Processor Throttle (AC) ADAPTIVE
Processor Throttle (DC) ADAPTIVE
Enter a number to switch portable/laptop profile to that mode.
1 - None (HIGHEST FREQUENCY MODE)
2 - Adaptive (SPEEDSTEP)
3 - Constant (LOWEST FREQUENCY MODE)
#SCRIPT IS CANCELED HERE. I've already tested the methods to change powercfg options, and they work, but they only apply to Ruby's instance of powercfg.
C:\shoe>powercfg /QUERY 1 /NUMERICAL
Field Description Value
----------------- -----
Name Portable/Laptop
Numerical ID 1
Turn off monitor (AC) After 15 mins
Turn off monitor (DC) After 5 mins
Turn off hard disks (AC) After 30 mins
Turn off hard disks (DC) After 5 mins
System standby (AC) After 20 mins
System standby (DC) After 5 mins
System hibernates (AC) Not Supported
System hibernates (DC) Not Supported
Processor Throttle (AC) CONSTANT
Processor Throttle (DC) ADAPTIVE
Script works fine (indeed, you don't need the cmd.exe /C bit); that is it works fine if "input" is an integer, not a string like "1".
Could that be the incredible obvious thing you overlooked?
This works for me (my system does not support processor_throttle, so I tested with something else).
def status
`POWERCFG.EXE /QUERY #{#scheme_name} `
end
#scheme_name = "Portable/Laptop"
puts 'Before:'
puts status
`POWERCFG.EXE /CHANGE #{#scheme_name} /disk-timeout-ac 15`
puts '_'*50
puts 'After: '
puts status
However, this code changes a scheme (kind of a profile), not neccesarily the active scheme.
try
%x[cmd.exe /C ....]
Yes without the '' tags. This works for me when i have to do thing in ruby in the shell.
Instead of running these commands directly from a system call, try writing the POWERCFG call in a .bat file and run that file via system. I have had to do that in the past for some DOS applications to run the same way that they would when executed by hand in a cmd.exe window.
Edit: Based off of the example here, I would recommend running POWERCFG /SETACTIVE Portable/Laptop after you make your changes (to make sure your changes take effect).
I want to use extra-cpu cycles to do some of my own processing, and I was wondering if someone could point me in the right direction as to how to get started on this?
I would suggest writing a program that runs continuously (make sure it blocks occasionally), and then simply setting it to a low priority. The OS Scheduler (Windows/*nix) should handle the rest automatically.
You can use extra CPU cycles by writing a program that runs in the background.
You can check the CPU usage to find out when the computer is idle (but it's not necessarily a good idea), or you can listen for mouse/keyboard activity.
To check CPU usage in C#, use the following code:
float cpuUsage; //Between 0 and 100
using (var cpu = new PerformanceCounter("Processor", "% Processor Time", "_Total")) {
cpu.NextValue(); //First call gives wrong values
cpuUsage = cpu.NextValue();
}
To check for keyboard or mouse activity, you'll need to use a keyboard / mouse hook; see here for instructions.
Write an application. Set its thread priorities to "background". Job done ;)