Memory Dump Analysis Services (DumpAnalysis.com) organizes a free webinar

Date: 18th of August 2010
Time: 21:00 (UTC+0) 15:00 (Eastern) 13:00 (Pacific)
Duration: 90 minutes

Topics include:

- User vs. kernel vs. physical (complete) memory space
- Challenges of complete memory dump analysis
- Common WinDbg commands
- Patterns
- Common mistakes
- Fiber bundles
- Hands-on exercise: a complete memory dump analysis
- A guide to DumpAnalysis.org case studies

Prerequisites: working knowledge of basic user process and kernel memory dump analysis or live debugging using WinDbg

The webinar link will be posted before 18th of August.

Our future sponsor has been registered in Ireland and has its own independent website and logo: DumpAnalysis.com

Being a software engineer, the author penetrated a software technical support department of a major software company rising to a management position. There he started collecting various management bits and tips promising everyone to write a management book. After moving back to engineering he became a director of several software research, education, publishing and software behavior analysis consultancy institutions including a museum. This book is an anthology of selected and edited blog posts from his Management Bits and Tips blog.

What this book has to do with the crash dump analysis then? Considering metaphorically an organization as a software machine, teams as processes and individuals as threads the author had applied his unique knowledge of software crashes and hangs to organizational project failures.

• Title: Management Bits: An Anthology from Reductionist Manager
• Author: Dmitry Vostokov
• Publisher: OpenTask (September 2010)
• Language: English
• Product Dimensions: 19.8 x 12.9
• Paperback: 100 pages
• ISBN-13: 978-1906717131

07.07 and/or 08.08 starting from The Year of Dump Analysis, 2010, 7DA at 7:00 and/or 8:00 (pm preferably for moderation purposes)

Art work for this day:

This multi-dimensional museum shows exhibitions dedicated to the history of debugging, memory dump artifacts and art.

If you would like to donate an exhibit (for example, an old memory dump or a picture related to debugging) please use this page: http://www.dumpanalysis.org/contact. Any donations are greatly appreciated!

• Customized EasyDbg Implementation
• Crash and Hang Analysis Audit Service
• CARE: Crash Analysis Report Environment
• Memory Dump and Software Trace Analysis Training
• STARE: Software Trace Analysis Report Environment

Mad about debugging? Join the annual competition by telling your Windows debugging story (*) or nominating a person after 7/7/2010 and before 8/8/2010 (**). The first prize is 3 volumes of Memory Dump Analysis Anthology + Color Supplement all signed by the author. There are also 2nd, 3rd, 4th and 5th level prizes.

Please send your story or nominate someone using this page: http://www.dumpanalysis.org/contact or dmitry dot vostokov at dumpanalysis dot org (if your story is formatted with pictures)

(*) DumpAnalysis.org reserves the right to publish your story (in a modified form if necessary) in OpenTask magazines and books with full credit.

(**) 7/7 and 8/8 are originally proposed Memory Analysts and Debuggers Days. Other proposed days are 7/8 and 8/7.

Problem: You are not satisfied with a crash report.

Problem: Your critical issue is escalated to the VP level. Engineers analyze memory dumps and software traces. No definite conclusion so far. You want to be sure that nothing has been omitted from the analysis.

Problem: You analyze a system dump or a software trace. You need a second pair of eyes but don't want to send your memory dump due to your company security policies.

Resolution: DumpAnalysis.com analyzes your analysis and provides recommendations.

This new service comes in July - August, 2010. Prices will be announced soon.

/*** Adding AI. Analysis Improvement. ***/

NEW! Forthcoming webinars from August, 2010:

The First Webinar: Fundamentals of Complete Crash and Hang Memory Dump Analysis

If you are interested in training please answer these questions (use this form http://www.dumpanalysis.org/contact):

• Are you interested in on-site training, prefer traveling or attending webinars?
• Are you interested in software trace analysis as well?
• What specific topics are you interested in?
• What training level (beginner, intermediate, advanced) are you interested in? (please provide an example, if possible)

Additional topics of expertise that can be integrated into training include Source Code Reading and Analysis, Debugging, Windows Architecture, Device Drivers, Troubleshooting Tools Design and Implementation, Multithreading, Deep Down C and C++, x86 and x64 Assembly Language Reading.

Available for Safari Books Online subscribers

The following direct links can be used to order the book now:

New! Buy Kindle Edition from Amazon

Buy Paperback or Hardcover from Amazon

Buy Paperback or Hardcover from Barnes & Noble

Buy Digital from Lulu

Written by the founder of DumpAnalysis.org this book is not about bugs or debugging techniques but about background knowledge everyone needs to start experimenting with WinDbg, learn from practical experience and read other advanced debugging books. Solid understanding of fundamentals like pointers is needed to analyze stack traces beyond !analyze -v and lmv WinDbg commands. This is the book to help technical support and escalation engineers and Windows software testers without the knowledge of assembly language to master necessary prerequisites to understand and start debugging and crash dump analysis on Windows platforms. It doesn't require any specific knowledge, fills the gap and lowers the learning curve. The book is also useful for software engineers coming from managed code or Java background, engineers coming from non-Wintel environments, Windows C/C++ software engineers without assembly language background, security researchers and beginners learning Windows software disassembling and reverse engineering techniques. This book can also be used as Intel assembly language and Windows debugging supplement for relevant undergraduate level courses.

Product details:

• Title: Windows Debugging: Practical Foundations
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 200 pages
• ISBN-13: 978-1-906717-10-0
• Publisher: Opentask (01 February 2009)

• Hardback: 200 pages
• ISBN-13: 978-1-906717-67-4
• Publisher: Opentask (23 March 2009)

Table of Contents
Errata

Praise for the book:

I am a C++/Windows developer and have been a Windows debugging enthusiast for quite a long time now. However, I have never been able to get a good and credible source of information with regards to the internals of debugging using WinDbg. Over the years, I have laid my hands on various sources that deal with Windows Debugging tools and debugging techniques. Every time I purchased a book or went through an online source, I was limited to confusing information that lead me to give up on this topic. Even reliable books that claimed to be the best in the market were nothing less than a colossal disappointment. However, recently when I came across "Windows Debugging: Practical Foundation" that was purchased by a friend of mine, I was sceptic but, nonetheless, decided to give it a chance. Trust me, although not perfect, the book has helped me a lot in learning more about windows internals and debugging techniques. I would like to extend my complements for writing a book that divulges details in a very concise yet clear manner.

Sriram Sarma

Book reviews:

Amazon reviews
Amazon UK reviews

The following direct links can be used to order the book now:

Buy Paperback from Amazon

Buy Paperback from Barnes & Noble

This is a supplemental volume of selected articles with 68 full color illustrations from Memory Dump Analysis Anthology: revised, edited, cross-referenced and thematically organized volumes of selected DumpAnalysis.org blog posts about modern crash dump analysis and debugging written in August 2006 - June 2009 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms, technical support and escalation engineers dealing with complex software issues, security and defect researchers, computer scientists and philosophers. Unique in its breadth, depth, and scope it offers unprecedented insight into the world of Windows software and draws profound scientific and metaphysical implications.

• Title: Memory Dump Analysis Anthology: Color Supplement for Volumes 1-3
• Author: Dmitry Vostokov
• Publisher: OpenTask (May 2010)
• Language: English
• Product Dimensions: 21.6 x 14.0
• Paperback: 110 pages
• ISBN-13: 978-1906717698

Table of Contents

Modern pattern-driven software trace analysis on Microsoft and Citrix platforms requires a practical guide and OpenTask plans to publish this summer the following book in both Practical Foundations and Systematic Software Fault Analysis series:

• Title: Citrix Common Diagnostic Facility (CDF) and Microsoft Event Tracing for Windows (ETW) Software Trace Analysis: Practical Foundations
• Author: Dmitry Vostokov
• Publisher: Opentask (August 2010)
• Language: English
• Product Dimensions: 22.86 x 15.24
• ISBN: 1906717176
• ISBN-13: 978-1906717179
• Paperback: 200 pages

The following direct links can be used to order the book now:

New! Buy Kindle Edition from Amazon

Buy Paperback from Amazon

Buy Paperback from Barnes & Noble

Written by a veteran in mission-critical computer system problem resolution, problem prevention, and system recovery, this book discusses solving problems on their FIRST occurrence while emphasizing software supportability and serviceability.

• Title: First Fault Software Problem Solving: A Guide for Engineers, Managers and Users
• Author: Dan Skwire
• Publisher: Opentask (1 December 2009)
• Language: English
• Product Dimensions: 22.86 x 15.24
• ISBN: 1906717427
• ISBN-13: 978-1906717421
• Paperback: 180 pages

Table of Contents
Amazon reviews
c’t – Magazin für Computertechnik review

Who should read this book?

• Software professional engineers and managers
• End-users, system administrators and their managers
• Software engineering students

What will the readers of this book learn?

• How to optimize use of pre-existing software problem solving features
• How to choose the best products to improve first fault problem-solving
• How to get the best results when problems occur on outsourced and cloud-placed work
• How to choose amongst first-fault tools, second-fault tools, and manual problem solving methods to best advantage for difficult problems
• How to be an educated consumer or creator of future problem-solving software

What is the business value of reading this book?

• Saving money on problem solving resources (servers, storage, network, software, power, space, cooling, personnel)
• Keeping customers happier since their issues are resolved sooner
• Reducing the durations of computer service outages that affect external clients
• Decreasing operational overhead and encouraging sustainable, higher-performing organizations and enterprises through best problem-solving practices

What else is special about this book?

• 21 original illustrations to feed the soul and tickle the funny-bone
• 21 thought-provoking quotes to feed the intellect and the spirit
• An extensive bibliography to aid in clarification and personal growth

This is the first book from Windows Crash Dump Analysis tetralogy. It introduces basic definitions, tools, memory dump collection and preliminary analysis methods for Windows platforms including legacy versions. This practical guide and reference book is a must have for system administrators of Windows server platforms and client workstations, technical support engineers and general Windows users. It builds foundation for the second tetralogy book Crash Dump Analysis for System Administrators and Support Engineers and the remaining tetralogy books Windows Crash Dump Analysis and Advanced Windows Crash Dump Analysis.

• Title: Crash Dump Analysis: Practical Foundations (Windows Edition, Systematic Software Fault Analysis Series)
• Authors: Dmitry Vostokov
• Publisher: Opentask (May 2010)
• Language: English
• Product Dimensions: 22.86 x 15.24
• ISBN-13: 978-1-906717-98-8
• Paperback: 100 pages

OpenTask to offer first 3 volumes of Memory Dump Analysis Anthology in one set:

The set is available exclusively from OpenTask e-Commerce web site starting from June. Individual volumes are also available from Amazon, Barnes & Noble and other bookstores worldwide.

Product information:

• Title: Modern Memory Dump and Software Trace Analysis: Volumes 1-3
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24
• Paperback: 1600 pages
• Publisher: Opentask (31 May 2010)
• ISBN-13: 978-1-906717-99-5

Information about individual volumes:

• Volume 1
• Volume 2
• Volume 3

Also available: Memory Dump Analysis Anthology: Color Supplement for Volumes 1-3

Welcome to the project CARE!

CARE means Crash Analysis Report Environment. It includes a pattern-driven debugger log analyzer and standards for structured audience-driven reports.

Please help to populate the database of stack traces by submitting your WinDbg output logs. You can use VBScript / WinDbg script to process all .DMP files on your hard drives: DebuggerLogs.zip. The archive contains VBScript file for x64 WinDbg (DebuggerLogs64.vbs) and for x86 WinDbg (DebuggerLogs.vbs) plus the very simple mode-independent WinDbg script (DebuggerLogs.wds). The WinDbg output is stored in dbgeng.log file.

Note: Please do not submit your crash dumps because the file size is limited to 2 MB and CARE system is currently being designed to analyze debugger logs only. If your log is bigger you can submit a zip file. If you have any problems please contact the administrator. Please do not expect any crash analysis response for your logs. The submittal is currently for internal CARE database population only and not for the pattern analysis of your computer memory.

New! Available for Safari Books Online subscribers

The following direct links can be used to order the book now:

Buy Paperback or Hardcover from Amazon

Buy Paperback or Hardcover from Barnes & Noble

Buy Digital from Lulu

Written by the founder of DumpAnalysis.org this book is not about bugs or debugging techniques but about background knowledge everyone needs to start experimenting with x64 WinDbg, learn from practical experience and read other advanced debugging books. Solid understanding of fundamentals like pointers is needed to analyze stack traces beyond !analyze -v and lmv WinDbg commands. This is the book to help technical support and escalation engineers and Windows software testers without the knowledge of assembly language to master necessary prerequisites to understand and start debugging and crash dump analysis on x64 Windows platforms. It doesn't require any specific knowledge, fills the gap and lowers the learning curve. The book is also useful for software engineers coming from managed code or Java background, engineers coming from non-Wintel environments, Windows C/C++ software engineers without assembly language background, security researchers and beginners learning x64 Windows software disassembling and reverse engineering techniques. This book can also be used as AMD64 and Intel EM64T assembly language and x64 Windows debugging supplement for relevant undergraduate level courses. For someone, who wants to learn these foundations in the context of 32-bit Windows environments there is a separate x86 book (ISBN: 978-1-906717-10-0). However, this book is completely independent from that earlier book and almost every illustration was recreated to reflect x64 architecture and x64 Windows ILP 32-32-64 model (Integer-Long-Pointer).

Product details:

• Title: x64 Windows Debugging: Practical Foundations
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 194 pages
• Publisher: Opentask (17 August 2009)
• ISBN-13: 978-1-906717-56-8

• Hardcover: 194 pages
• Publisher: Opentask (15 March 2010)
• ISBN-13: 978-1-906717-92-6

Table of Contents

The following direct links can be used to order the book now:

Buy Paperback or Hardcover from Amazon

Buy Paperback or Hardcover from Barnes & Noble

Buy Paperback or Hardcover or Digital from Lulu

This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in October 2008 - June 2009 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms and technical support and escalation engineers dealing with complex software issues. The third volume features:

- 15 new crash dump analysis patterns
- 29 new pattern interaction case studies
- Trace analysis patterns
- Updated checklist
- Fully cross-referenced with Volume 1 and Volume 2
- New appendixes

Product information:

• Title: Memory Dump Analysis Anthology, Volume 3
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 404 pages
• Publisher: Opentask (20 December 2009)
• ISBN-13: 978-1-906717-43-8

• Hardcover: 404 pages
• Publisher: Opentask (15 March 2010)
• ISBN-13: 978-1-906717-44-5

Table of Contents

Back cover features 3D computer memory visualization image.

New! Available for Safari Books Online subscribers

The Korean edition is available:

The following direct links can be used to order the English edition now:

Buy Paperback or Hardcover from Amazon

Buy Paperback or Hardcover from Barnes & Noble

Buy Digital or Collector's Full-Color Hardcover from Lulu

The following direct links can be used to order the Korean edition now:

Acorn (The Korean translation publisher) or Kyobo book or Yes24.com

This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in 2006 - 2007 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms, technical support and escalation engineers dealing with complex software issues and general Windows users.

• Title: Memory Dump Analysis Anthology, Volume 1
• Author: Dmitry Vostokov
• Publisher: OpenTask (15 Apr 2008)
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 720 pages
• ISBN-13: 978-0-9558328-0-2

• Hardcover: 720 pages
• ISBN-13: 978-0-9558328-1-9

Table of Contents
Errata
Google Book Preview

The back cover image is the picture of TestDefaultDebugger crash dump generated by Dump2Picture

Book reviews:

Caloni.com.br Blog (in Portuguese)
Amazon reviews

Testimonials:

"This book is very good to startup on debugging. It really starts from the basics and it keeps going more in depth. Easy to read and very didactic." - Yuri Diogenes, ISA Server Support Team, Microsoft (Link)

Also available:

• Title: Memory Dump Analysis Anthology Collector's Edition, Volume 1
• Hardcover (full-color): 720 pages
• ISBN-13: 978-1-9067-1701-8

Create a black box inside your software to solve problems on their first occurrence. Don’t be with incomplete data at the time of your (software) crashes:

Toyota Clarifies the Facts About Event Data Recorders

Read about solving problems on their FIRST occurrence while emphasizing software supportability and serviceability:

First Fault Software Problem Solving Book

During the last year of debugging Dmitry Vostokov has successfully launched and led a number of initiatives and in recognition of his efforts he has been promoted to a senior director role at Software Maintenance Institute (SMI).

This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in July 2009 - January 2010 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms and technical support and escalation engineers dealing with complex software issues. The fourth volume features:

- 13 new crash dump analysis patterns
- 13 new pattern interaction case studies
- 10 new trace analysis patterns
- 6 new Debugware patterns and case study
- Workaround patterns
- Updated checklist
- Fully cross-referenced with Volume 1, Volume 2 and Volume 3
- New appendixes

Product information:

• Title: Memory Dump Analysis Anthology, Volume 4
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 410 pages
• Publisher: Opentask (30 March 2010)
• ISBN-13: 978-1-906717-86-5

• Hardcover: 410 pages
• Publisher: Opentask (30 April 2010)
• ISBN-13: 978-1-906717-87-2

Back cover features memory space art image: Internal Process Combustion.

Release the first beta version of EasyDbg

Release the first beta version of CARE (Crash Analysis Report Environment) for a pattern-driven debugger log analyzer with standards for structured audience-driven reports

Release the first beta version of STARE (Software Trace Analysis Report Environment) for a pattern-driven software trace analyzer with corresponding standards for structured audience-driven reports

Publish the following books on dump analysis that address different audiences (general users, system administrators, support and escalation engineers, testers, software engineers, security and software defect researchers):

- Windows Debugging Notebook
- Crash Dump Analysis for System Administrators and Support Engineers
- Memory Dump Analysis Anthology, Volume 4
- Memory Dump Analysis Anthology, Volume 5
- Memory Dump Analysis Anthology Color Supplement
- Principles of Memory Dump Analysis
- My Computer Crashes and Freezes: A Non-technical Guide to Software and Hardware Errors
- Linux, FreeBSD and Mac OS X Debugging: Practical Foundations
- Encyclopedia of Crash Dump Analysis Patterns
- WinDbg In Use: Debugging Exercises

Publish articles related to memory dump analysis in Debugged! magazine

Update WinDbg Poster and Cards

The Year of Debugging, 0x7D9, was a remarkable year for DumpAnalysis.org. Here is the list of achievements to report:

- Software Trace Analysis as a new discipline with its own set of patterns

- Unification of Memory Dump Analysis with Software Trace Analysis (DA+TA)

- New computer memory dump-based art movements: Opcodism and Physicalist Art

- Discovery of 3D computer memory visualization techniques

- Establishing Software Maintenance Institute

- Broadening software fault injection as Software Defect Construction discipline

- Establishing a new profession of a Software Defect Researcher

- Starting ambitious Dictionary of Debugging

- Publishing Windows Debugging: Practical Foundations book

- Publishing the first x86-free Windows debugging book: x64 Windows Debugging: Practical Foundations

- Establishing the new debugging magazine: Debugged! MZ/PE

- Publishing Memory Dump Analysis Anthology, Volume 3

- Cooperation with OpenTask to promote First Fault Software Problem Solving book

- Establishing Debugging Expert(s) Magazine Online

- Creating the first development process for debugging and software troubleshooting tools: RADII

- Publishing the first pattern-driven memory dump analysis troubleshooting methodology as a foundation for software debugging

- Proposal for an International Memory Analysts and Debuggers Day

- Almost completed Windows Debugging Notebook to be published soon

- The founder of DumpAnalysis.org (Dr. DebugLove) becomes a member of Citrix Systems Tweetrix Support Team

As one of the new initiatives for the Year of Debugging (2009, 0x7D9) OpenTask starts publishing full color variable page periodical publication called:

Debugged! MZ/PE: MagaZine for/from Practicing Engineers

The only serial publication dedicated entirely to Windows® debugging

The following direct links can be used to order issues now:

Order March, 2009 issue from Amazon or Barnes & Noble

Order June, 2009 issue from Amazon or Barnes & Noble

Order September, 2009 issue from Amazon or Barnes & Noble

Free version: Debugging Expert(s) Magazine Online

Sample magazine back covers featuring debugging, crash dump and software trace analysis tips:

If you have an article idea or if you'd like to write an article for us please use the following contact form:

http://www.dumpanalysis.org/contact

We plan to open 2010 (7DA), The Year of Dump Analysis, with the publication of a gigabyte.

Product information is:

• Title: Gigabyte
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 21.6 x 21.6
• Paperback: 80 pages
• Publisher: Opentask (01 Jan 2010)
• ISBN-13: 978-1-906717-89-6

The following direct links can be used to order the book now:

Buy Paperback or Hardcover from Amazon

Buy Paperback or Hardcover from Barnes & Noble

Buy Paperback or Hardcover or Digital from Lulu

This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in January - September 2008 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms and technical support and escalation engineers dealing with complex software issues. The second volume features:

- 45 new crash dump analysis patterns
- Pattern interaction and case studies
- Updated checklist
- Fully cross-referenced with Volume 1
- New appendixes

Product information is:

• Title: Memory Dump Analysis Anthology, Volume 2
• Author: Dmitry Vostokov
• Language: English
• Product Dimensions: 22.86 x 15.24

• Paperback: 470 pages
• Publisher: Opentask (03 Oct 2008)
• ISBN-13: 978-0-9558328-7-1

• Hardcover: 470 pages
• Publisher: Opentask (01 Nov 2008)
• ISBN-13: 978-1-906717-22-3

Table of Contents
Errata
Google Book Preview

Back cover features visualized virtual process memory generated from a memory dump of colorimetric computer memory dating sample using Dump2Picture.

By analogy with a security researcher profession, DumpAnalysis.org, Memory Analysis and Debugging Institute and Software Maintenance Institute propose the new title of a software defect researcher as a unified profession combining relevant fields of security research, testing, debugging, memory dump analysis, software reverse engineering, construction and maintenance.

As a dual to Resume and CV: As a Book OpenTask plans to publish the long time memories of the founder of DumpAnalysis.org in the following book next year:

My Failed Job Interviews: Reflections on 50 Percent (ISBN: 978-1906717889)

The recollections span East and West, small and giant software companies, full time and part time, office and remote job positions, direct and recruitment company hiring, phone and on-site, technical and business interviews.