1 / 33

SQL Server Crash Dump Analysis

SQL Server Crash Dump Analysis. A brief tour with WinDbg and other ugly tools . Pablo Á lvarez Doval Debugging & Optimization Team Lead pablod@plainconcepts.com. Who am I?. Session Objectives. What is this session about ? What isn’t this session about ?. Who are you?. Agenda.

nathaniel-brock
Télécharger la présentation

SQL Server Crash Dump Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SQL Server CrashDumpAnalysis A brief tour withWinDbg and otheruglytools Pablo Álvarez Doval Debugging & OptimizationTeam Lead pablod@plainconcepts.com

  2. Who am I?

  3. SessionObjectives • Whatisthissessionabout? • Whatisn’tthissessionabout?

  4. Who are you?

  5. Agenda • Tools of theTrade • Brief Windows ArchitectureRefresher • SQL Server Post-mortem Debugging • Handling SQL Server dumps • Analyzing SQL Server dumps • Debugging .NET Applicationswith SOS

  6. Debugging Tools for Windows • Free download: • http://www.microsoft.com/whdc/devtools/debugging • Updated several times a year • Debuggers, extensions, tools and a great help file: • windbg.exe, kd.exe, cdb.exe • gflags.exe, tlist.exe, etc • debugger.chm • Can be installed via xcopy

  7. Demo 0: … isitreally so ugly?

  8. Thesaurus • Just to keep with the forensics analogy: • Corpse  Dump file • Forensic Lab  WinDbg • Forensic Scientist  You! • Gray’s Anathomy  Windows Internals 5th Ed.  • We are not going to get into details, but we will do a little refresher of some key concepts

  9. Usermode vs. Kernelmode Windows on Windows wowexec.exe UNIX LSA Shell Lsass.exe Client/Server csrss.exe Notepad notepad.exe Virtual DOS Machine ntvdm.exe Win32 Interix User Mode Kernel Mode ExecutiveServices I/O IPC Memory Processes Security PNP WM FS Object Manager GraphicsController Device Drivers Microkernel Hardware AbstractionLayer (HAL)

  10. Application, Processes and Threads • An application is formed by one or more processes • A process is an in-memory executable, which is made up of one or more threads and its resources • A thread is the basic unit of execution and schedulingin the OS.

  11. … isitreallyworthit?

  12. Othergoodreasons…

  13. Win32 Virtual MemoryAddressing (I) Process n sqlsrv.exe Process 1 Process 2 Thread 1 Thread 1 Thread 1 Thread 1 Thread2 Thread2 Thread2 Thread2 … : : : : 2 Gb Thread n Thread n Thread n Thread n 4Gb Kernel 2 Gb

  14. Win32 Virtual MemoryAddressing(II)

  15. ntdll!KiFastSystemCallRet • USER32!NtUserGetMessage+0xc • notepad!WinMain+0xe5 • notepad!WinMainCRTStartup+0x174 • kernel32!BaseProcessStart+0x23 Thread Call Stacks • Shows part of the history of the function calls of the thread • Each thread has its own Call Stack • i.e:

  16. CallStacks (I) Eachthread of theprocess has itsowncallstack:

  17. CallStacks (II) Frame Parameters ReturnAddress Frame Pointer ExceptionHandler Local Variables Registros Eachframe has thefollowingstructure:

  18. Symbols • Symbols make the call stack useful: • Without Symbols: • With Symbols: • kernel32!+136aa • kernel32!CreateFileW+0x35f

  19. Symbol formats • Current format: .PDB • Old Format: .DBG • Retail vs. Debug (Free vs. Checked) builds • Private symbols vs. public symbols

  20. Symbol Servers • Uses the File System as a Symbol’s database: • Organized by name and a unique identifier • Folder structure: \\SymSrv\file_name.pdb\unique_number\____ • i.e: \\Symbols\ntdll.pdb\3B5EDCA52\ntdll.pdb \\Symbols\ntdll.pdb\380FCC4F2\ntdll.pdb

  21. Demo 1: Scheduler Non-Yielding

  22. Scenario • … • 2007-02-12 11:17:14.10 server Error: 17883, Severity: 1, State: 0 • 2007-02-12 11:17:14.10 server Process 59:0 (834) UMS Context 0x125ABD80 appears to be non-yielding on Scheduler 1. • … A customer’s SQL Server 2000 ishanging, showing 17883 errors in SQL Server’sErrorLog Whenthese errores ocurr, SQL Server automaticallytriggersthecreation of a dump

  23. Demo 2: DBCC CHECKDB

  24. Demo 3: ClusterResources

  25. ManagedDebuggingwith .NET • WinDbgis a nativedebugger • In ordertodebug .NET codeweneedto use debuggerextensions: • SOS.dll (untilframework .NET 3.5) • CLR.dll (framework 4.0) • Whyallthis? Isitworthit?

  26. Demo 4: ManagedDebuggingwith SOS

  27. Somecooltips… • Didwereallygettothisslide in time?! • Well.. enjoysome free tips!  • Using SOS from VS.NET • Memorydumpanalysisfrominside VS2010

  28. Resources • pablod@plainconcepts.com • @Plain Concepts • http://www.geeks.ms/blogs/palvarez • http://www.geeks.ms/blogs/rcorral • http://www.geeks.ms/blogs/luisguerrero • @MSDN: • http://blogs.msdn.com/tess/ • Books: • Microsoft Windows Internals, 5th Ed. [Mark E. Russinovich and David A. Solomon]Microsoft Press. • Debugging Applications for Microsoft .NET and Microsoft Windows[John Robbins]Microsoft Press.

  29. AnyQuestions? Thanks! 

More Related