none
xperfview crash - heap corruption when accessing "disk utilization per process" metrics from the analysis. RRS feed

  • Question

  • Hi,

    I've been doing boot time performance analysis to find places for optimization in the bootup sequence of the product we're creating. However, i've been unable to get further because of bugs in the Microsoft Windows Performance Analyzer. In particular i'm seeing heap corruption in the performance analyzer DLL. Has anyone seen this and any idea when we could see a potential fix?

    Basically this happens every time I try to access "disk utilization per process" metrics from the xperfview tool.

    Here's !analyze -v from windbg:

    FAULTING_IP:
    ntdll!DbgBreakPoint+0
    774b7dfe cc              int     3

    EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
    ExceptionAddress: 774b7dfe (ntdll!DbgBreakPoint)
       ExceptionCode: 80000003 (Break instruction exception)
      ExceptionFlags: 00000000
    NumberParameters: 3
       Parameter[0]: 00000000
       Parameter[1]: 87630c60
       Parameter[2]: 774c9a94

    FAULTING_THREAD:  000007a0

    DEFAULT_BUCKET_ID:  HEAP_CORRUPTION

    PROCESS_NAME:  xperfview.exe

    ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION}  Breakpoint  A breakpoint has been reached.

    NTGLOBALFLAG:  400

    APPLICATION_VERIFIER_FLAGS:  0

    ADDITIONAL_DEBUG_TEXT:  Enable Pageheap/AutoVerifer

    PRIMARY_PROBLEM_CLASS:  HEAP_CORRUPTION

    BUGCHECK_STR:  APPLICATION_FAULT_HEAP_CORRUPTION

    LAST_CONTROL_TRANSFER:  from 77520d68 to 7752015d

    STACK_TEXT: 
    774eb7d9 ntdll!RtlpCoalesceFreeBlocks
    774d8417 ntdll!RtlpFreeHeap
    774d8652 ntdll!RtlFreeHeap
    76bbc56f kernel32!HeapFree
    76ed9d6b msvcrt!free
    6b869e51 perf_nt_g!operator delete
    6b869e66 perf_nt_g!operator delete[]
    6b84d926 perf_nt_g!DiskUtilizationByProcessMiniGraph::QueryRawData
    6b84d97d perf_nt_g!XPerfGUI::CMiniGraphT<DiskUtilizationByProcessMiniGraph,CDiskUtilizationByProcessGraphFactory,XPerfGUI::CQueryDataImpl<float,XPerfGUI::CUsageMiniGraph<XPerfGUI::CPointIntervalMiniGraph> > >::QueryRawData
    6b84a15b perf_nt_g!XPerfGUI::CIntervalMiniGraph::UpdateData
    6b6e605e perfg!AbstractGraph::UpdateData
    6b6f0644 perfg!GraphFrame::CalculateDataBounds
    6b6f2ad3 perfg!GraphFrame::AttachOverlayGraph
    6b6f712a perfg!Window::ProcessOverlayGraphSubMenuEvent
    6b6e93ae perfg!AbstractGraph::MouseEvent
    6b6f162b perfg!GraphFrame::FrameWndProc
    6b6efd05 perfg!AbstractFrame::AbstractFrameWndProc
    76e4f8d2 USER32!InternalCallWinProc
    76e4f794 USER32!UserCallWinProcCheckWow
    76e50008 USER32!DispatchMessageWorker
    76e50060 USER32!DispatchMessageW
    6b6f8952 perfg!WindowManager::BeginMessageLoop
    6b6bdd5c perfg!XPerfGUI::CWindowManager::Run
    009d2fde xperfview!WinMain
    009d3449 xperfview!_initterm_e
    76bb4911 kernel32!BaseThreadInitThunk
    774ae4b6 ntdll!__RtlUserThreadStart
    774ae489 ntdll!_RtlUserThreadStart


    STACK_COMMAND:  .cxr 0010E92C ; kb ; dds 7753c068 ; kb

    SYMBOL_NAME:  heap_corruption!heap_corruption

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: heap_corruption

    IMAGE_NAME:  heap_corruption

    DEBUG_FLR_IMAGE_TIMESTAMP:  0

    FAILURE_BUCKET_ID:  HEAP_CORRUPTION_80000003_heap_corruption!heap_corruption

    BUCKET_ID:  APPLICATION_FAULT_HEAP_CORRUPTION_heap_corruption!heap_corruption

    ------


    Here's the whole stack:

              0010e79c 775045dc 54c96c76 00000000 00000000 ntdll!DbgBreakPoint
           30 0010e7cc 775200ec 0010e914 0010e92c 00000000 ntdll!RtlReportException+0x51
           14 0010e7e0 77520172 c0000374 0010e814 77479a14 ntdll!RtlpTerminateFailureFilter+0x14
            c 0010e7ec 77479a14 00000000 0010ec70 774d4a30 ntdll!RtlReportCriticalFailure+0x6b
           14 0010e800 774740f4 00000000 00000000 00000000 ntdll!_EH4_CallFilterFunc+0x12
           28 0010e828 774c9b99 fffffffe 0010ec60 0010e92c ntdll!_except_handler4+0x8e
           24 0010e84c 774c9b6b 0010e914 0010ec60 0010e92c ntdll!ExecuteHandler2+0x26
           b0 0010e8fc 774c99f7 0010e914 0010e92c 0010e914 ntdll!ExecuteHandler+0x24
            0 0010e8fc 7752015d 0010e914 0010e92c 0010e914 ntdll!KiUserExceptionDispatcher+0xf
          374 0010ec70 77520d68 c0000374 7753c030 0010ecb4 ntdll!RtlReportCriticalFailure+0x5b
           10 0010ec80 77520e56 00000002 54c9670e 065d7a88 ntdll!RtlpReportHeapFailure+0x21
           34 0010ecb4 774eb7d9 00000003 00900000 065d9cd0 ntdll!RtlpLogHeapFailure+0xa1
           48 0010ecfc 774d8417 00900000 065d9cd0 0010eda4 ntdll!RtlpCoalesceFreeBlocks+0x4b9
           f8 0010edf4 774d8652 065d7a88 065d7a90 065d7a90 ntdll!RtlpFreeHeap+0x1e2
           1c 0010ee10 76bbc56f 00900000 00000000 065d7a88 ntdll!RtlFreeHeap+0x14e
           14 0010ee24 76ed9d6b 00900000 00000000 065d7a90 kernel32!HeapFree+0x14
           4c 0010ee70 6b869e51 065d7a90 0010ee88 6b869e66 msvcrt!free+0xcd
            c 0010ee7c 6b869e66 065d7a90 0010ef1c 6b84d926 perf_nt_g!operator delete+0xd
            c 0010ee88 6b84d926 065d7a90 0e43a2ed 01998020 perf_nt_g!operator delete[]+0xd
           94 0010ef1c 6b84d97d 04ce6960 00000192 0001ae44 perf_nt_g!DiskUtilizationByProcessMiniGraph::QueryRawData+0x3e5
           14 0010ef30 6b84a15b 7750cc88 00000000 0198f090 perf_nt_g!XPerfGUI::CMiniGraphT<DiskUtilizationByProcessMiniGraph,CDiskUtilizationByProcessGraphFactory,XPerfGUI::CQueryDataImpl<float,XPerfGUI::CUsageMiniGraph<XPerfGUI::CPointIntervalMiniGraph> > >::QueryRawData+0x1b
           3c 0010ef6c 6b6e605e 00000112 6b6e69f0 00000000 perf_nt_g!XPerfGUI::CIntervalMiniGraph::UpdateData+0xa7
            8 0010ef74 6b6e69f0 00000000 01997d08 76e489f9 perfg!AbstractGraph::UpdateData+0x9
           40 0010efb4 6b6f0644 00000002 0e429272 000003e8 perfg!AbstractGraph::CalculateDataBounds+0x181
           50 0010f004 6b6f2ad3 0010f040 0e429212 0198f090 perfg!GraphFrame::CalculateDataBounds+0xd4
           60 0010f064 6b6f712a 0198f090 00000066 7ffff272 perfg!GraphFrame::AttachOverlayGraph+0x1e5
           24 0010f088 6b6e93ae 7ffff272 019888a0 0e4292b2 perfg!Window::ProcessOverlayGraphSubMenuEvent+0x13b
           3c 0010f0c4 6b6f162b 00000000 00000000 7ffff272 perfg!AbstractGraph::MouseEvent+0x42f
           d4 0010f198 6b6efd05 019888a0 000b0838 00000204 perfg!GraphFrame::FrameWndProc+0x55e
           28 0010f1c0 76e4f8d2 000b0838 00000204 00000002 perfg!AbstractFrame::AbstractFrameWndProc+0xed
           2c 0010f1ec 76e4f794 6b6efc18 000b0838 00000204 USER32!InternalCallWinProc+0x23
           78 0010f264 76e50008 0031f76c 6b6efc18 000b0838 USER32!UserCallWinProcCheckWow+0x14b
           64 0010f2c8 76e50060 6b6efc18 00000000 0010f320 USER32!DispatchMessageWorker+0x322
           10 0010f2d8 6b6f8952 0010f2f4 0e429156 00000000 USER32!DispatchMessageW+0xf
           48 0010f320 6b6bdd5c 0010fa98 009d2fde 0090ff58 perfg!WindowManager::BeginMessageLoop+0x56
            8 0010f328 009d2fde 0090ff58 0e403548 009d5740 perfg!XPerfGUI::CWindowManager::Run+0x10
          770 0010fa98 009d3449 009d0000 00000000 0030292f xperfview!WinMain+0x43d
           90 0010fb28 76bb4911 7ffd9000 0010fb74 774ae4b6 xperfview!_initterm_e+0x1a1
            c 0010fb34 774ae4b6 7ffd9000 54c970ce 00000000 kernel32!BaseThreadInitThunk+0xe
           40 0010fb74 774ae489 009d35af 7ffd9000 00000000 ntdll!__RtlUserThreadStart+0x23
           18 0010fb8c 00000000 009d35af 7ffd9000 00000000 ntdll!_RtlUserThreadStart+0x1b

    Thanks for any help.
    Saturday, February 28, 2009 7:04 PM

All replies

  • Hi Simo,

    We'll try to repro this in house. Does this happen for you for all traces or only boot traces? Which version of Windows Performance Analyzer are you using? What OS are you capturing the traces on?

    Thanks,
    Michael
    Saturday, February 28, 2009 11:02 PM
  • I'm running analysis on Vista Ultimate SP1 32bit.
    I installed this package in december, the xperfview version should be 4.1.6512.1.

    The data I have collected is a boot trace from a vmware virtual machine, which appears to give out also a warning about possible time inversion issues, so i'm running xperfview with the -tti switch against this data.

    I'll find out if I still have the analysis package that induces the crash and look into providing that if you can't figure out anything from the code by then. I can also try to provide the actual crash dump file.
    Saturday, March 7, 2009 6:23 AM
  • It'd be useful to have the trace for repro, as we were able to get a repro thus far. Does this repro for you consistently for all traces you capture in this scenario? Are you always seeing boot traces captured on the VM having time inversion issues?

    If you have access to Win7 Beta SDK you may want to try WPT 4.4 bits and see if you still hit this issue there.

    Thanks,
    Michael
    Monday, March 9, 2009 4:58 PM