Memory Analysis Patterns
Multiple Exceptions (user mode)
Multiple Exceptions (kernel mode)
Dynamic Memory Corruption (process heap)
Dynamic Memory Corruption (kernel pool)
False Positive Dump
Lateral Damage- Optimized Code
- Invalid Pointer (general)
- NULL Pointer (code)
- NULL Pointer (data)
- Inconsistent Dump
- Hidden Exception
- Deadlock (critical sections)
- Deadlock (executive resources)
- Deadlock (mixed objects, user space)
- Deadlock (LPC)
- Deadlock (mixed objects, kernel space)
- Changed Environment
- Incorrect Stack Trace
- OMAP Code Optimization
- No Component Symbols
- Insufficient Memory (committed memory)
- Insufficient Memory (handle leak)
- Insufficient Memory (kernel pool)
- Insufficient Memory (PTE)
- Insufficient Memory (virtual memory)
- Insufficient Memory (physical memory)
- Insufficient Memory (control blocks)
- Spiking Thread
- Module Variety
- Stack Overflow (kernel mode)
- Stack Overflow (user mode)
- Managed Code Exception
- Truncated Dump
- Waiting Thread Time (kernel dumps)
- Waiting Thread Time (user dumps)
- Memory Leak (process heap)
- Memory Leak (.NET heap)
- Missing Thread
- Unknown Component
- Double Free (process heap)
- Double Free (kernel pool)
- Coincidental Symbolic Information
- Stack Trace
- Virtualized Process (WOW64)
- Stack Trace Collection
- Coupled Processes
- High Contention (executive resources)
- High Contention (critical sections)
- Accidental Lock
- Passive Thread (user space)
- Passive System Thread (kernel space)
- Main Thread
- Busy System
- Historical Information
- IRP Distribution Anomaly
- Local Buffer Overflow
- Early Crash Dump
- Hooked Functions
- Custom Exception Handler
- Special Stack Trace
- Manual Dump (kernel)
- Manual Dump (process)
- Wait Chain (general)
- Wait Chain (critical sections)
- Wait Chain (executive resources)
- Wait Chain (thread objects)
- Wait Chain (LPC/ALPC)
- Wait Chain (process objects)
- Corrupt Dump
- Dispatch Level Spin
- No Process Dumps
- No System Dumps
- Suspended Thread
- Special Process
- Frame Pointer Omission
- False Function Parameters
- Message Box
- Self-Dump
- Blocked Thread
- Zombie Processes
- Wild Pointer
- Wild Code
- Hardware Error
- Handle Limit (GDI)
- Missing Component (general)
- Missing Component (static linking, user mode)
- Execution Residue
- Optimized VM Layout
- Invalid Handle
- Overaged System
- Thread Starvation
- Duplicated Module
- Not My Version (software)
- Not My Version (hardware)
- Data Contents Locality
- Nested Exceptions (unmanaged code)
- Nested Exceptions (managed code)
- Affine Thread
- Self-Diagnosis
- Inline Function Optimization
- Critical Section Corruption
- Lost Opportunity
- Young System
- Last Error Collection
- Hidden Module
- Data Alignment (page boundary)
- C++ Exception
- Divide by Zero (user mode)
- Swarm of Shared Locks
- Process Factory
- Paged Out Data
- Semantic Split
- Pass Through Function
- JIT Code (.NET)
- Ubiquitous Component
- Nested Offender
- Virtualized System
- Effect Component
- Well-Tested Function
- Mixed Exception
- Random Object
- Missing Process
- Platform-Specific Debugger
- Value Deviation (stack trace)
- CLR Thread
- Coincidental Frames
- Fault Context
Memory Dump Analysis Anthology, Volume 1
The following direct links can be used to order the book now:
Buy Paperback
or Hardcover
from Amazon
Buy Paperback or Hardcover from Barnes & Noble
Buy Paperback or Hardcover or Digital or Collector's Full-Color Hardcover from Lulu
This is a revised, edited, cross-referenced and thematically organized volume of selected DumpAnalysis.org blog posts about crash dump analysis and debugging written in 2006 - 2007 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software on Windows platforms, technical support and escalation engineers dealing with complex software issues and general Windows users.
- Title: Memory Dump Analysis Anthology, Volume 1
- Author: Dmitry Vostokov
- Publisher: OpenTask (15 Apr 2008)
- Language: English
- Product Dimensions: 22.86 x 15.24
- Paperback: 720 pages
- ISBN-13: 978-0-9558328-0-2
- Hardcover: 720 pages
- ISBN-13: 978-0-9558328-1-9
The back cover image is the picture of TestDefaultDebugger crash dump generated by Dump2Picture
Book reviews:
Caloni.com.br Blog (in Portuguese)
Amazon reviews
Testimonials:
"This book is very good to startup on debugging. It really starts from the basics and it keeps going more in depth. Easy to read and very didactic." - Yuri Diogenes, ISA Server Support Team, Microsoft (Link)
Also available:
- Title: Memory Dump Analysis Anthology Collector's Edition, Volume 1
- Hardcover (full-color): 720 pages
- ISBN-13: 978-1-9067-1701-8