Hi all,
I need some guidance in how to use windbg to track down a memory leak in winlogon.exe
Heres the situation.
3 windows 2003 R2 enterprise servers (One an application server, one web front end, one SQL server) are all exhibiting a memory leak in winlogon.exe
The 3 machines are production machines.
I've found lots of hits on this problem and we have put down numerous patches none of which fixes the memory leak.
(The last attempt was this weekend putting down SP2 on the app server, the other 2 machines are still at SP1 and will stay that way because SP2 has not fixed the leak.)
The leak itself is a gradual leak (3-4 meg per hour) affecting both physical memory which eventually causes virtual memory to also grow.
The app server was rebooted 36 hours ago and it's winlogon process is at 134 meg memory and 132 virtual usage.
Logging off then back on the server releases the physical memory but not the virtual memory.
Now using the windows debugging tools I know I can issue the following command to get a dump of the winlogon process.
cscript adplus.vbs -hang -pn winlogon.exe -o c:\adplus
Now my question is how would I go about analysing the resulting dump to find the possible culprit.
Please note I'll have to install the debugging tools on the server. This is more a can it be done so I can then feel more confident about the process after I've installed the debugging tools on the server. Our client is getting rather tired of weekly reboots to keep the servers going so any advice you can give me would be greatly appreciated.
(For this I'll be using a WinXP dump of the winlogon process so I can prove to myself it will help us on the server)
Thanks in advance,
Terry
Start Free Trial
