Crash Dump Analysis Patterns (Part 113)
Sometimes we have very similar abnormal software behaviour dispositions (like crashes with similar stack traces) for different applications or services. In such cases, we should also check application or service vendor and copyright in the output of lmv command. Similar to Template Module Same Vendor pattern can be useful to relate such different incidents. Usually, in the same company, code and people reuse tends to distribute code fragments and code construction styles across different product lines, and software defects might surface in different images. For example:
0:000> lmv m ApplicationA
start end module name
00400000 00d99000 ApplicationA (deferred)
[...]
Image name: ApplicationA.exe
Timestamp: [...]
CheckSum: 00000000
[...]
CompanyName: CompanyA
ProductName: CompanyA Application
LegalCopyright: Copyright (c) CompanyA
[…]
0:000> lmv m ApplicationB
start end module name
00400000 019d0000 ApplicationB C (no symbols)
Image name: ApplicationB.exe
[...]
CompanyName: CompanyA
ProductName: ApplicationB
LegalCopyright: Copyright (c) CompanyA
[…]
- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -