- Multiple Exceptions
- Dynamic Memory Corruption (process heap)
- Dynamic Memory Corruption (kernel pool)
- False Positive Dump
- Lateral Damage
- Optimized Code
- Invalid Pointer (general)
- NULL Pointer (code)
- Inconsistent Dump
- Hidden Exception
- Deadlock (critical sections)
- Deadlock (executive resources)
- Deadlock (mixed objects)
- Deadlock (LPC)
- Changed Environment
- Incorrect Stack Trace
- OMAP Code Optimization
- No Component Symbols
- Insufficient Memory (committed memory)
- Insufficient Memory (handle leak)
- Insufficient Memory (kernel pool)
- Insufficient Memory (PTE)
- Insufficient Memory (virtual memory)
- Spiking Thread
- Module Variety
- Stack Overflow (kernel)
- Managed Code Exception
- Truncated Dump
- Waiting Thread Time
- Memory Leak (process heap)
- Memory Leak (.NET heap)
- Missing Thread
- Unknown Component
- Double Free (process heap)
- Double Free (kernel pool)
- Coincidental Symbolic Information
- Stack Trace
- Virtualized Process (WOW64)
- Stack Trace Collection
- Coupled Processes
- High Contention
- Accidental Lock
- Passive Thread (user space)
- Passive System Thread (kernel space)
- Main Thread
- Busy System
- Historical Information
- IRP Distribution Anomaly
- Local Buffer Overflow
- Early Crash Dump
- Hooked Functions
- Custom Exception Handler
- Special Stack Trace
- Manual Dump (kernel)
- Manual Dump (process)
- Wait Chain (general)
- Wait Chain (critical sections)
- Wait Chain (executive resources)
- Corrupt Dump
- Dispatch Level Spin
- No Process Dumps
- No System Dumps
- Suspended Thread
- Special Process
- Frame Pointer Omission
- False Function Parameters
- Message Box
- Self-Dump
- Blocked Thread
- Zombie Processes
- Wild Pointer
- Wild Code
- Hardware Error
- Handle Limit (GDI)
- Missing Component
- Execution Residue
- Optimized VM Layout
Forthcoming Book: Crash Dump Analysis for System Administrators
This is a must have book for system administrators of complex Windows server platforms and client workstations to understand and choose the best course of action to address system and application crashes, hangs, CPU spikes and memory leaks. It is also invaluable to general Windows users and technical support engineers.
- Title: Crash Dump Analysis for System Administrators
- Author: Dmitry Vostokov
- Publisher: Opentask (25 August 2008)
- Language: English
- Product Dimensions: 22.86 x 15.24
- ISBN-13: 978-1-906717-02-5
- Paperback: 180 pages
Memory Dump Analysis Anthology, Volume 1
The following direct links can be used to order the book now:
Buy Paperback
from Amazon
Buy Paperback or Hardcover or Digital from Lulu
This is a revised, edited and cross-referenced volume of selected blog posts written in 2006 - 2007. Available from 15th of April in both paperback and hardcover editions.
- Title: Memory Dump Analysis Anthology, Volume 1
- Author: Dmitry Vostokov
- Publisher: OpenTask (15 Apr 2008)
- Language: English
- Product Dimensions: 22.86 x 15.24
- Paperback: 720 pages
- ISBN-13: 978-0-9558328-0-2
- Hardcover: 720 pages
- ISBN-13: 978-0-9558328-1-9
The back cover image is the picture of TestDefaultDebugger crash dump generated by Dump2Picture
Please also see Crash Dump Analysis Publishing Roadmap
Book reviews:
Forthcoming Windows® Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
This is a forthcoming reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. The book is also invaluable for software maintenance and development engineers debugging unmanaged, managed and native code.
- Title: Windows® Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
- Author: Dmitry Vostokov
- Publisher: Opentask (1 July 2008)
- Language: English
- Product Dimensions: 22.86 x 15.24
- ISBN-13: 978-0-9558328-5-7
- Hardcover (Cloth): 256 pages
- ISBN-13: 978-1-906717-00-1
- Paperback: 256 pages
Crash Dump Analysis Forum has been reopened
Crash Dump Analysis and Debugging Forum has been upgraded and reopened again. In order to prevent spammers gaining access any new registration has to be approved by the forum administrator (usually in less than 24 hours).
Advanced Windows® Crash Dump Analysis
This is planned for publication after Windows® Crash Dump Analysis book. Preliminary information is:
Memory Dump Analysis Anthology, Volume 2
This is a forthcoming thoroughly revised, expanded, commented and cross-referenced volume of selected blog posts written in 2008. Free PDF version will be available for download too. Preliminary information is:
Windows® Device Drivers
Forthcoming reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. Can also useful for software engineers transitioning to kernel-mode development or expanding their knowledge and skills. Preliminary information is:
Unmanaged Code: Escaping the Matrix of .NET
This is a forthcoming book about .NET debugging seen in a wider context than CLR. Preliminary information is:
DebugWare: The Art and Craft of Writing Troubleshooting Tools
This is a forthcoming book about architecture, design and implementation of troubleshooting and debugging tools for software technical support. Preliminary information is:
Forthcoming Book about Windows® Crash Dump Analysis
The reader will master crash and hang memory dump analysis for process, minidump, kernel and complete memory dumps from Windows XP/Vista and Windows Server 2003/2008.
Memory Dump Analysis Anthology, Volume 1
Tue, 05/06/2008 - 00:31 — Dmitry Vostokov
Review:
This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in 2006 - 2007 for software engineers developing and maintaining products on Windows platforms, technical support and escalation engineers dealing with complex software issues and general Windows users.
Inside the C++ Object Model
Thu, 02/14/2008 - 13:11 — Dmitry Vostokov
Review:
Although Windows user space and kernel interfaces are based on C language huge amount of code present in crash dumps especially in user space was written in C++ and compiled by C++ compilers. Therefore it is absolutely necessary to understand how C++ constructs need to be translated to C in order to implement various OO concepts like inheritance and polymorphism because from there you can see familiar straightforward mapping between C language constructs and assembly language. This book gives software maintenance and support engineers such solid foundation necessary to understand possible variants of C++ object layout and method dispatch that you might encounter during crash dump analysis.
Reference Stack Traces (Volume 3)
Thu, 01/31/2008 - 16:52 — Dmitry Vostokov
Review:
The reference contains normal thread stacks and other information from Windows Server 2003 x86 complete memory dump. Useful when trying to spot anomalies in crash dumps from problem servers.
Printed versions are available for purchase at the nominal price to cover manufacturing costs:
Reference Stack Traces (Volume 2)
Tue, 01/29/2008 - 17:39 — Dmitry Vostokov
Review:
The reference contains normal thread stacks and other information from Windows Vista x64 complete memory dump. Useful when trying to spot anomalies in crash dumps from problem workstations.
Printed version is available for purchase at the nominal price to cover manufacturing costs.
Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition
Tue, 01/29/2008 - 14:04 — Dmitry Vostokov
Review:
Click here to pre-order this 1232 page edition:
I'll write a full comparative review as soon as it is published.
