A new version of Windows means a new version of the Windows Performance Toolkit (WPT), the ship vehicle for xperf, WPA and other Event Tracing for Windows (ETW) tools.
I’m a huge fan of xperf/ETW (just look at some of the performance investigations I’ve done with it) and the new version offers enough improvements that I’m switching to WPT 10 immediately, but keeping WPT 8.1 installed, with UIforETW automatically selecting between them. You should too.
Event Tracing for Windows (ETW) has always recorded a rich set of data and allowed graphing it all on the same timeline. With the creation of UIforETW (which records more data) and the new* ETW trace viewer (which can graph custom data) the ability to visualize important patterns is better than ever before.
And, what better way to visualize how to create graphs than a video demonstrating what is discussed in this post.
When I’m describing what I do for a living to non-programmers I sometimes say that I solve puzzles. I solve fascinating puzzles that are different every day, and there’s no answer key, and very often nobody else knows the solution. Whether it’s figuring out why code is slow, or why it is crashing, or how to make code simpler and better, it’s all puzzles, and I love it.
Event Tracing for Windows (ETW, aka xperf) is usually used to monitor CPU usage, through its sampling profiler and its ability to record detailed information about context switches. Well, ETW is also used to monitor file I/O, and disk I/O, and sometimes registry accesses, and of course GPU activity, window-in-focus, UI Delays, process lifetimes, and a few other things. Okay, so ETW gets used for a lot of different things, normally configured in the same way and recorded across the entire system.
Heap profiling is different. Even to those who are used to the odd incantations needed to record an ETW trace it can be daunting trying to figure out how to do heap profiling. I’ve postponed writing about it because it was too much work to explain how to record heap traces and analyze them. But now that UIforETW has been released it is almost trivial to record ETW heap traces, and even analyzing them is made easier.
And, as a bonus, system memory-lists and VirtualAlloc calls for all processes are recorded in all UIforETW traces and lightly documented at the bottom of this post, with optional VirtualAlloc call stacks for lightweight memory profiling.
Event Tracing for Windows (ETW) aka xperf is an amazing tool for investigating the performance of Windows machines – I’ve blogged about it many times and it’s helped me find some amazing issues. But recording ETW traces has always been tricky. Microsoft’s wprui.exe showed some potential, but is ultimately missing some features and often gets tripped up by ETW performance bugs.
The fallback plan is to use carefully crafted batch files to record ETW traces. These offer flexibility but… uggh. Batch files? Really? Are we savages?
I finally got annoyed enough by this situation to create UIforETW. This is a tool that records ETW traces, works around ETW performance bugs, allows configuration of trace recording options, works as a trace management UI, and more.
Posted in xperf
Tagged ETW, github, UIforETW
Despite extolling the virtues of wprui for recording ETW traces (here, and here) I’ve actually returned to using xperf.exe in batch files to do most of my trace recording. It gives me more precise control over what is recorded, and where, and with Windows 8+ it has another advantage: trace compression!
As usual the trace compression feature is lightly documented so I’m going to explain it here, and while I’m at it I’ll explain a bit more about recording traces with xperf.
Update: I eventually gave in and wrote a UI for recording ETW traces. You can read more about it at the UIforETW announcement.