Finally I can pre-order this 1232 page 5th edition! Looking forward to seeing it in the post.
Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (PRO-Developer)
I read all previous editions as the part of my knowledge read ahead cache. Here is my short review of the previous 4th edition.
- Dmitry Vostokov @ DumpAnalysis.org -
This useful catalogue has links to many free tools that can be used to troubleshoot now ubiquitous Citrix environments. The last time I mentioned the catalogue was Oct 2006 and since then it was updated several times.
Troubleshooting Tools for Citrix Environments
The following document is also useful:
Citrix Brief Troubleshooting Guide
- Dmitry Vostokov @ DumpAnalysis.org -
I have published the sample chapter from “Windows® Crash Dump Analysis” book. I have decided that it should be a short introduction to the scripting language from Debugging Tools for Windows package. If you know some C-style language like C, C++, Java or C# then the mapping between it and scripting facilities is pretty straightforward. You can download the chapter from this link:
- Dmitry Vostokov @ DumpAnalysis.org -
Here is the list of 100 most frequent phrases and keywords (out of almost 30,000 unique phrases recorded for 2007) from various search engines that brought people to my blog. Therefore I believe that publishing this list will bring more people searching for the same phrases straight to my blog, some kind of “SEO resonance” :-)
crash dump analysis
vista crash dump
what is kifastsystemcallret
kmode_exception_not_handled
crash dump
windbg commands
crash dump vista
werfault.exe
dump analysis
stressprinters
kernel_mode_exception_not_handled
debugging by thinking
interrupt enable flag asmpedia
fnodobfm
dr watson vista
debugging techniques using windbg
component timestamps crash dump
dumpanalysis
system_thread_exception_not_handled
windbg script
stack trace reconstruction
error inittyperead( teb )
false positive dump
coupled processes windbg
windbg
gs peb teb register
user mode process dumper
windows rootkits drivers rus
minidump analysis
windbg analyze
drwtsn32 vista
crash dumps
debugware.com
ntdll!kifastsystemcallret
csrss crash avoid
kifastsystemcallret
windbg scripts
bugcheck explained
memory dumping mechanism
irql_not_less_or_equal
dump analyzer
vdtw30.dll
vista dr watson
userdump
kei386eoihelper
windbg command
vista memory dump
windows crash kernel analysis
dmitry vostokov
wermgr.exe
kernel32!pnlsuserinfo
userdump.exe
!clrstack
vista crash analysis
xp ntsd .loadby
drwatson vista
how to use windbg
receivelotsacalls
system_thread_exception_not_handled (7e)
pspunhandledexceptioninsystemthread
x64 debugging
dr watson postmortem debugger
werfault.exe vista
wersvc
automate windbg dmp info
windbg tips
faultrep.dll
windbg tutorial
convertticket
windows crash dump analysis
your debugger is not using the correct symbols
werfault
warning: frame ip not in any known module. following frames may be wrong.
windbg !analyze
windbg dump
crash dump analyzer
analyze minidump
crash dump analysis blog
when a process dies silently
windbg crash dump analysis
vista crash dump analysis
dr watson postmortem
frame ip not in any known module
memory dump
windbg crash dump analysis blog
advanced windows debugging
ntsd vista
rtlactivateactivationcontextunsafefast
unable to find module ‘mscorwks’
vista crash dumps
exception_double_fault
vista 64bit post mortem debugger
windows vista crash dump
crash dump analysis tool
what is memory dump
crash dump in vista
double fault + x64
memory dump analysis
symbol file could not be found
systemdump
- Dmitry Vostokov @ DumpAnalysis.org -
It is about the number of visits a website has at some point of its evolution. This blog has been visited more than 65,535 times and now belongs to ULONG category (unsigned long type). Has anyone seen ULONGLONG websites?
- Dmitry Vostokov @ DumpAnalysis.org -
As promised I’m posting here the first monthly summary of my Management Bits and Tips blog where I introduced the port of crash dump analysis patterns to project failure analysis patterns.
- Dmitry Vostokov @ DumpAnalysis.org -
As a voracious reader (half of my book collection) I always wanted to share my book search results (I spend some time researching books on Amazon). Finally I opened my 3rd blog where I intend to review books written by literate scientists that I have read and which are not quite related to crash dump analysis and debugging domain:
http://www.literatescientist.com/
Happy New Year and Happy Reading in 2008 :-)
- Dmitry Vostokov @ DumpAnalysis.org -
I’ve upgraded the hosting to make it more reliable especially for e-mail and notification delivery. Recently I found that people had problems contacting me through the contact form. I apologize for any inconvenience caused.
- Dmitry Vostokov @ DumpAnalysis.org -
I’ve found that e-mail subscribers do not get notifications and this has been going on for almost all December. This let me think about distributing a monthly e-zine highlighting written posts and other useful and related information. Previously registered subscribers will receive the first sample e-zine issue soon. If you would like to subscribe too (or unsubscribe) you can do it at the bottom of the main blog page.
- Dmitry Vostokov @ DumpAnalysis.org -
I started this blog in August, 2006 and during Christmas, 2007 moved it to dumpanalysis.org registered in March, 2006. However I didn’t track any site stats until Feb, 2007 when I added Google Analytics and ShinyStat counters. I was surprised by the growing number of visits started with 2,000/month in February and exceeding 9,000/month in November. Here is the simplified daily visits curve from ShinyStat:
I’ll put more interesting analytic observations from 2007 data later on.
Wishing all visitors a Happy Christmas and New Year.
- Dmitry Vostokov @ DumpAnalysis.org -
To disassociate management activities and thoughts with crashes and hangs I have created a separate blog called
with the subtitle “Reflections on Software Engineering and Software Technical Support Management”.
Although, in the future, I reserve the right to metaphorically relate crash and hang dump analysis patterns with technical and people management.
All future posts in Management Bits and Tips category and related posts in Software Techical Support category will go there and here I will only post monthly or bi-monthly summary.
- Dmitry Vostokov @ DumpAnalysis.org -
Faced with the problem to find time to write troubleshooting tools that spring to my mind I devised this process that seems to be a novel way to write software for busy professionals. Its essence is in writing software when presenting it or when presenting software writing topics, for example, software architecture, design and implementation. It has some agile process flavour but magnified by a bigger audience than pair programming has and nicely complements my Reading Windows-based Code series. SIMSIM is an abbreviation for:
Show IMplementation and Subsequent IMprovement
More details will be announced soon.
- Dmitry Vostokov @ DumpAnalysis.org -
I’ve been slowly accumulating blog posts about various troubleshooting tools for my next book in a row with a working title:
DebugWare: The Art and Craft of Writing Troubleshooting and Debugging Tools
Details will be announced later together with supporting website which is under construction. This book will be about architecture, design and implementation of troubleshooting tools for software technical support.
- Dmitry Vostokov @ DumpAnalysis.org -
Thomas Koetzing wrote a useful article on how to use StressPrinters and put some examples:
Understanding and using Citrix StressPrinters
- Dmitry Vostokov @ DumpAnalysis.org -
To troubleshoot and study memory leaks the following tool called NotMyLeak will be released soon. It injects different kinds of leaks into specified processes and system:
The idea is to model various real-time leaks, analyze memory dumps and then apply discovered patterns to crash dump analysis of memory dumps coming from real-world systems.
The draft GUI (subject to change):
Note: the tool name prefix NotMy… was inspired by the name of Mark Russinovich’s tool called NotMyFault.
- Dmitry Vostokov @ DumpAnalysis.org -
Scheduled to be updated with Windows Vista and Windows Server 2008 details:
Windows® Internals, Fifth Edition
- Dmitry Vostokov @ DumpAnalysis.org -
Where do native exceptions come from? How do they propagate from hardware and eventually result in crash dumps? I was asking these questions when I started doing crash dump analysis more than four years ago and I tried to find answers using IA-32 Intel® Architecture Software Developer’s Manual, WinDbg and complete memory dumps.
Eventually I wrote some blog posts about my findings. They are buried between many other posts so I dug them out and put on a dedicated page:
Interrupts and Exceptions Explained
- Dmitry Vostokov @ DumpAnalysis.org -
I write most of my tools using C++, MFC and STL and I was really delighted to hear about new MFC framework improvements in forthcoming Visual Studio 2008. You can read the following press release from Russian ISV:
http://www.bcgsoft.com/pressreleases/PR071110.pdf
This is also discussed on MS Visual C++ team blog:
http://blogs.msdn.com/vcblog/archive/2007/11/09/quick-tour-of-new-mfc-functionality.aspx
I was also thinking about extending my MFC projects with .NET class library and found this interesting practical book:
Extending MFC Applications with the .NET Framework
- Dmitry Vostokov @ DumpAnalysis.org -
Due to increased popularity this site became slow and even had severe service disruptions during last few days. I have moved it to a dedicated virtual server and now it should be much faster with at least 99.9% service uptime.
- Dmitry Vostokov @ DumpAnalysis.org -
Sometimes there are situations when we need to test exception handling to see whether it works and how to get dumps or logs from it. For example, a customer reports infrequent process crashes but no dumps are saved. Then we can try some application that crashes immediately to see whether it results in error messages and/or saved crash dumps. This was the motivation behind TestDefaultDebugger package. Unfortunately it contains only native applications and today I needed to test .NET CLR exception handling and see what messages it shows in my environment. So I wrote a simple program in C# that creates an empty Stack object and then calls its Pop method which triggers “Stack empty” exception sufficient for my purposes.
The updated package now includes TestDefaultDebugger.NET.exe and can be downloaded from Citrix support web site (requires free registration):
Download TestDefaultDebugger package
- Dmitry Vostokov @ DumpAnalysis.org -
