Process information in dump

windbg crash-dumps sos
12,440

Solution 1

!process 0 1 will list all the processes and show memory related info for each. I issued this command using livekd and got all the processes. And here's my chrome process (which I picked out from the output):

PROCESS fffffa8007cb4200
SessionId: 1  Cid: 1158    Peb: 7efdf000  ParentCid: 0ff8
DirBase: 1b7962000  ObjectTable: fffff8a00addb010  HandleCount: 135.
Image: chrome.exe
VadRoot fffffa80090a6f80 Vads 169 Clone 0 Private 4037. Modified 3702. Locked 0.
DeviceMap 0000000000000000
Token                             fffff8a0091f9120
ElapsedTime                       00:05:49.161
UserTime                          00:00:00.000
KernelTime                        00:00:00.000
QuotaPoolUsage[PagedPool]         0
QuotaPoolUsage[NonPagedPool]      0
Working Set Sizes (now,min,max)  (8020, 50, 345) (32080KB, 200KB, 1380KB)
PeakWorkingSetSize                10137
VirtualSize                       144 Mb
PeakVirtualSize                   151 Mb
PageFaultCount                    66631
MemoryPriority                    BACKGROUND
BasePriority                      8
CommitCharge                      5784
Job                               fffffa8009822e30

Note memory related properties such as "Working Set Sizes", "Virtual Size", etc.

ps. Works with livekd and with system memory dumps (which I believe is what livekd does).

Marc

Solution 2

This information is not contained in process dump. .tlist queries your current system, not the state when the dump was taken. If you can take a system dump, than you can check out processes and their memory usage, as Marc Sherman already answered.

Share:
12,440
Rockstart
Author by

Rockstart

Updated on June 04, 2022

Comments

  • Rockstart
    Rockstart almost 2 years

    I learnt that .tlist command in windbg dumps all the processes running in the system at the time of creating crash dump.

    I would like to see the Memory Information of each process. So that it will help me to see if the system is over loaded by any specific process.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using WinDbg to analyze .NET dump
Windbg crash dump analysis
Detailed memory usage analysis of windows crash dump file?
How to list call stack of all managed threads using WinDBG?
How to use WinDbg to analyze the crash dump for VC++ application?
Unable to load SOS in WinDbg
Crash dump - WinDbg - force PDB files to match doesn't work?
Decoding the parameters of a thrown C++ exception (0xE06D7363)
WinDbg and SoS, how do I print/dump a large string?
Why can't WinDBG find the mscordacwks.dll?