Memory Dump Analysis Anthology, Volume 9a
Memory Dump Analysis Anthology, Volume 9a
About the Book
This reference volume consists of revised, edited, cross-referenced, and thematically organized articles from Software Diagnostics Institute and Software Diagnostics Library (former Crash Dump Analysis blog) about software diagnostics, root cause analysis, debugging, crash and hang dump analysis, software trace and log analysis written in August 2015 - February 2016. It is fully cross-referenced with volumes 1 - 8.
Compared to the volume 8b, the volume 9a features:
- 9 new crash dump analysis patterns
- 9 new software log and trace analysis patterns
- 15 Linux core dump analysis pattern variants
- New workaround pattern
- New memory dump analysis case study
- Introduction to pattern-oriented software internals, pattern paradigms, pattern stacks, pattern repertoire
- Introduction to software diagnostics canvas
- Introduction to patterns-based root cause analysis methodology
- Introduction to a protein metaphor for software traces and logs
- Definition of software diagnostics scope
- Introduction to artificial debugger and pseudo-memory dumps
- Definition of tool-centric and pattern-centric software diagnostics, forensics, prognostics
The primary audience for Memory Dump Analysis Anthology reference volumes (Diagnomicon) is software engineers developing and maintaining products on Windows and Linux platforms, technical support, escalation, and site reliability engineers dealing with complex software issues, quality assurance engineers testing software, security and vulnerability researchers, reverse engineers, malware and memory forensics analysts.
About the Author
Bundles that include this book
Table of Contents
Preface 7
About the Author 9
PART 1: Professional Crash Dump Analysis and Debugging 11
When realloc is not a realloc 11
WinDbg Shortcut !ddstack 12
PART 2: Crash Dump Analysis Patterns 15
Stack Trace Collection (CPUs) 15
Object Distribution Anomaly (.NET Heap) 19
Stack Trace Surface 22
Hidden Stack Trace 24
Evental Dumps 27
Active Thread (Windows) 55
Clone Dump 59
Parameter Flow 63
Diachronic Module 67
PART 3: Pattern Interaction 69
Spiking Thread, Top Module, Module Hint, and Memory Fluctuation 69
PART 4: A Bit of Science and Philosophy 83
Quotes from Memoriarch 83
PART 5: Software Trace Analysis Patterns 85
Ruptured Trace 85
Sequence Repeat Anomaly 88
Adjoint Message 90
Coupled Activities 92
Error Powerset 94
Trace Dimension 96
Calibrating Trace 98
Data Interval 99
Identification Messages 101
PART 6: Fun with Debugging, Crash Dumps, and Traces 103
Dangerous Words 103
Debugging Slang 104
MOAN 104
LOG 104
Diplodoc 104
pMud 104
HLL 104
Success 105
F00D 105
Tor-mented 105
Obsession 105
Literature 105
CLERK 105
Analysis Paralysis 106
3D Dump 106
Star Wars 106
Daily Standup 106
Debugging Curiosities 107
Hung vs. Hanged 107
Trace Messages 107
13 107
Similar Cases 107
Error 1917 108
Dump2Wave Update 109
Diagnostics and Debugging in Science Fiction 110
Suspicious Volume 9a 111
Music for Debugging 112
Shpongle: Nothing Lasts But Nothing Is Lost 112
PART 7: Linux Core Dump Analysis Patterns 113
NULL Pointer (Data) 113
Stack Trace 114
NULL Pointer (Code) 115
Spiking Thread 116
Dynamic Memory Corruption (process heap) 118
Execution Residue 119
Coincidental Symbolic Information 121
Stack Overflow (user mode) 122
Divide by Zero (user mode) 124
Local Buffer Overflow 125
C++ Exception 126
Paratext 127
Active Thread 129
Lateral Damage 130
Critical Region 131
PART 8: Software Diagnostics, Root Cause Analysis, Debugging 135
Workaround Patterns 135
Axed Data 135
Diagnostics, Forensics, Prognostics: The Copernican Revolution 137
Pattern Repertoire 140
Pattern-Oriented Software Internals: Pattern Paradigms and Software Internals Pattern Stack 142
Software Diagnostics Canvas 147
Software Traces and Logs as Proteins 149
Patterns-Based Root Cause Analysis Methodology 152
Teaching Complex Diagnostic Scenarios with Artificial Debugger (ArtDbg) and Pseudo-Memory Dumps 156
The Scope of Software Diagnostics 159
PART 9: Art and Photography 163
W - I'M DEBUGGIN' IT® 163
Coincidental Symbolic Information Pattern 164
Pisa Fault System Model 165
System Playing Tetris 166
A Pattern of Zeroes 167
Abnormal Structure 168
Control Your Software Emissions! 169
Component-Based Bug Architecture 170
PART 10: Miscellaneous 171
Quotes 171
World Software Diagnostics Day 173
Train Journey 174
Appendix 175
Crash Dump Analysis Checklist 175
Pattern Changes 178
Index of WinDbg Commands 179
Other books by this author
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $14 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
