下面的实例是使用UMDH抓取IBM Spectrum Symphony环境下的核心进程vemkd的core dump文件。
1. Install WinDbg, which will include GFlags and UMDH.参考下面MS的链接安装WinDbg,里面会带有GFlags和UMDH两个工具。 https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/ 2. Set below environment variables. _NT_SYMBOL_PATH points to where vemkd.pdb locates, OANOCACHE=1 disables BSTR caching so that UMDH can determine the owner of a memory allocation. 设置环境变量_NT_SYMBOL_PATH,这个变量会指向vemkd.pdb文件,而OANOCACHE=1则会把BSTR缓存去掉,这样UMDH就可识别内存分配属于谁。
- C:\Users\Administrator>set _NT_SYMBOL_PATH=C:\SpectrumComputing\3.8\etc
- C:\Users\Administrator>set OANOCACHE=1
3. Run below command to enable the user-mode stack trace database in UMDH.运行下面的命令来启动UMDH在user-mode下的stack trace
- c:\Program Files\Debugging Tools for Windows (x64)>gflags /i vemkd.exe +ust
- Current Registry Settings for vemkd.exe executable are: 00001000
- ust - Create user mode stack trace database
4. Stop VEMKD by "egosh ego restart -f" A new VEMKD process will be started shortly.运行命令“egosh ego restart -f”来重启VEMKD。 5. Find the Process ID of VEMKD process with below command. 运行下面命令来确定VEMKD的进程。可知vemkd.exe的pid是6160
- c:\Program Files\Debugging Tools for Windows (x64)>tlist|findstr "vemkd.exe"
- 6496 cmd.exe findstr "vemkd.exe"
- 6160 vemkd.exe
6. From a CMD window, go to the directory where UMDH locates. By default it is c:\Program Files\Debugging Tools for Windows (x64). 打开一个新的CMD窗口,cd到UMDH所在的目录,一般是“c:\Program Files\Debugging Tools for Windows (x64)” 7. At time 1, execute below command to record and analyze the heap memory allocations of VEMKD. This will get the first memory allocation log.抓取第一份内存分配的log文件,命令如下。
c:\Program Files\Debugging Tools for Windows (x64)>umdh -p:6160 -g -f:c:\Log1.txt
8. At time 2 when memory increase is observed, run below command again to generate the second log.几分钟后,抓取第二份log。务必注意,这几分钟间隔当中VEMKD必须发生有内存明显上涨的问题,即问题复现。
c:\Program Files\Debugging Tools for Windows (x64)>umdh -p:6160 -g -f:c:\Log2.txt
9. Execute below command to compare the logs generated above.对比两次的log,生成一份报告。
c:\Program Files\Debugging Tools for Windows (x64)>umdh -d C:\Log1.txt C:\Log2.txt -f:C:\result.txt
10. Upload all three files, Log1.txt, Log2.txt and result.txt 仔细分析两个log文件以及对比两个log文件生成的报告,查出内存泄漏的地方。