Archive for the ‘Software Technical Support’ Category
Thursday, June 19th, 2008
Not My Version is another basic pattern of DLL Hell variety. It is when we look at the component timestamps and paths and realize that that one of the modules from the production environment is older than we had during development and testing. The lmft WinDbg command will produce the necessary output. If there are many modules we might want to create a CAD graph (Component Age Diagram) to spot anomalies. Component version check is one of the basic troubleshooting and system administration activities that will be fully illustrated in the forthcoming book “Crash Dump Analysis for System Administrators and Support Engineers” (ISBN-13: 978-1-906717-02-5). Here is one example (module start and end load addresses are removed for visual clarity):
0:000> kL
Child-SP RetAddr Call Site
00000000`0012fed8 00000001`40001093 MyDLL!fnMyDLL
00000000`0012fee0 00000001`40001344 2DLLs+0×1093
00000000`0012ff10 00000000`773acdcd 2DLLs+0×1344
00000000`0012ff60 00000000`774fc6e1 kernel32!BaseThreadInitThunk+0xd
00000000`0012ff90 00000000`00000000 ntdll!RtlUserThreadStart+0×1d
0:000> lmft
module name
MyDLL C:\OLD\MyDLL.dll Wed Jun 18 14:49:13 2004
user32 C:\Windows\System32\user32.dll Thu Feb 15 05:22:33 2007
kernel32 C:\Windows\System32\kernel32.dll Thu Nov 02 11:14:48 2006
ntdll C:\Windows\System32\ntdll.dll Thu Nov 02 11:16:02 2006
2DLLs C:\2DLLs\2DLLs.exe Thu Jun 19 10:46:44 2008 (485A2B04)
uxtheme C:\Windows\System32\uxtheme.dll Thu Nov 02 11:15:07 2006
rpcrt4 C:\Windows\System32\rpcrt4.dll Tue Jul 17 05:21:15 2007
lpk C:\Windows\System32\lpk.dll Thu Nov 02 11:12:33 2006
oleaut32 C:\Windows\System32\oleaut32.dll Thu Dec 06 05:09:35 2007
usp10 C:\Windows\System32\usp10.dll Thu Nov 02 11:15:03 2006
ole32 C:\Windows\System32\ole32.dll Thu Nov 02 11:14:31 2006
advapi32 C:\Windows\System32\advapi32.dll Thu Nov 02 11:11:35 2006
gdi32 C:\Windows\System32\gdi32.dll Thu Feb 21 04:40:51 2008
msvcrt C:\Windows\System32\msvcrt.dll Thu Nov 02 11:13:37 2006
imm32 C:\Windows\System32\imm32.dll Thu Nov 02 11:13:15 2006
msctf C:\Windows\System32\msctf.dll Thu Nov 02 11:13:42 2006
This pattern should be checked when we have instances of Module Variety and, especially, Duplicated Module. Note that this pattern can also easily become an anti-pattern when applied to an unknown component: Alien Component.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Crash Dump Analysis, Crash Dump Patterns, Crash Dumps for Dummies, Debugging, Software Technical Support, Troubleshooting Methodology | 8 Comments »
Tuesday, June 17th, 2008
From “coordinated coping” to “what feels like chaos can feel like a dance - a fast one” - say Francoise Tourniaire and Richard Farrell in their infuential book “The Art of Software Support”. I totally agree and from my observation the most successful (not stressful) people in software support are “dancing” when dealing with everyday and hot customer issues. You see them literally thriving on inherent chaos. Truly multitaskers and even multithreaders!
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Books, Software Technical Support | No Comments »
Monday, June 16th, 2008
Due to a request I opened AERA subforum:
http://www.dumpanalysis.org/forum/viewforum.php?f=29
Everyone is welcome to comment and add thoughts.
IBCDAS code name has been changed to AERA 
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Crash Dump Analysis, Debugging, Software Technical Support, Tools | No Comments »
Wednesday, June 4th, 2008
Crash dump analysis is a support activity. Therefore understanding software support business is important. I recently started abbreviating book titles for my personal book reading accounting purposes and here accidentally emerges the ASS abbreviation that reminds me every time that support guys cover “asses” of software engineers designing and developing software and expose their own “asses” when talking to customers :-)
I’m sorry if I offended someone here…
The Art of Software Support
The book was on my shelf for 4 years and only today I got the message :-)
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Books, Fun with Crash Dumps, Software Technical Support | 2 Comments »
Friday, May 30th, 2008
Following the introductory division of memory analysis into two broad categories I decided to plan yet another book with the following title and preliminary product details:
- Title: Memory Analysis Forensics and Intelligence: An Integral Approach
- Author: Dmitry Vostokov
- Publisher: Opentask (01 September 2009)
- Language: English
- Product Dimensions: 22.86 x 15.24
- ISBN-13: 978-1-906717-05-6
- Paperback: 256 pages
As you might have noticed, I prefer to put 128, 256 or 512 pages in my book announcements. What that would say about the author’s background? I would like to set 1024 pages for my memory dump analysis anthology series but 740 or 800 pages is the limit for POD technology I use.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Books, Crash Dump Analysis, Crash Dump Patterns, Memory Analysis Forensics and Intelligence, Science of Memory Dump Analysis, Security, Software Technical Support, Troubleshooting Methodology | No Comments »
Thursday, May 22nd, 2008
The book has finally made it through Google Search program and is available for search here:
http://www.google.com/books?id=RR5whfK1BYsC
Also, yesterday I approved the hardcover version for distribution on Amazon and it should be available there in a week or so.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Books, Crash Dump Analysis, Debugging, Publishing, Software Technical Support | 1 Comment »
Thursday, May 15th, 2008
PubForum pictures are available where you can see me selling Crash Dump Tools to the audience and explaining broken clipboard chains:
Pictures
All presentations from that event are available here:
Presentations
My presentation is also available here:
Citrix Tools: PubForum Presentation
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Citrix, Crash Dump Analysis, Fun with Crash Dumps, Software Technical Support, Tools | No Comments »
Tuesday, May 13th, 2008
Here is the presentation PDF file:
Citrix Tools - everything you need for troubleshooting, optimization and analysis
It is based on my previous presentation with a few added slides which can be downloaded from Citrix support web site:
Selected Citrix Troubleshooting Tools
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Citrix, Crash Dump Analysis, Debugging, Software Technical Support, Tools | 1 Comment »
Tuesday, May 13th, 2008
There are few tools available. Please drop a comment if you know any other. As the focus here is mainly troubleshooting Citrix terminal service environments I put links to Citrix articles where possible:
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in CDF Analysis Tips and Tricks, Citrix, Debugging, Software Technical Support, Tools | No Comments »
Friday, May 9th, 2008
Thanks to Volker who noticed WinDbg online help I was able to quickly update my HTML version of CDA Poster to point to online links instead of the local help CHM file:
http://www.dumpanalysis.org/CDAPoster.html
It is also featured on http://www.windbg.org
I’m also working on the better version that will be released simultaneuosly with WDN book.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Crash Dump Analysis, Debugging, Software Technical Support, Tools, WinDbg Tips and Tricks | No Comments »
Wednesday, May 7th, 2008
I’m presenting Citrix Tools at the famous PubForum event. It is a non-commercial Microsoft Terminal Services, Citrix, Virtualization and Server-Based Computing event. This year PubForum is held in Dublin, Republic of Ireland. See the final event details and agenda:
PubForum, 2008
My presentation date, time and topic are:
Friday, May 9, 19:00 “Citrix Tools - everything you need for troubleshooting, optimization and analysis”
See you there
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Citrix, Software Technical Support, Tools | No Comments »
Tuesday, May 6th, 2008
This is a must have book for system administrators of complex Windows server platforms and client workstations to understand and choose the best course of action to address system and application crashes, hangs, CPU spikes and memory leaks. It is also invaluable to general Windows users and technical support engineers.
- Title: Crash Dump Analysis for System Administrators and Support Engineers
- Authors: Thomas Monahan, Dmitry Vostokov
- Publisher: Opentask (30 November 2009)
- Language: English
- Product Dimensions: 22.86 x 15.24
- ISBN-13: 978-1-906717-02-5
- Paperback: 180 pages
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Books, Crash Dump Analysis, Crash Dumps for Dummies, Minidump Analysis, Publishing, Software Technical Support, Tools, Troubleshooting Methodology, Vista, Windows Server 2008 | 1 Comment »
Thursday, May 1st, 2008
Preliminary Table of Contents is available for previously announced Windows® Debugging Notebook:
Draft Table of Contents
This book also features:
-
- 256 pages
-
- 64 essential WinDbg commands
-
- 32 essential concepts
-
- 16 essential tools including Citrix
-
- Hexadecimal and binary page numbering
-
- Quick base, meta and extension command reminder at the bottom of each page
-
- Expanded Crash Dump Analysis checklists
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Books, Citrix, Crash Dump Analysis, Debugging, Software Technical Support, Tools, WinDbg Tips and Tricks | 3 Comments »
Friday, April 25th, 2008
This is the next scheduled book from Crash Dump Analysis Publishing Roadmap:
- Title: Windows® Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
- Authors: Roberto Alexis Farah, Dmitry Vostokov
- Language: English
- Product Dimensions: 22.86 x 15.24
- ISBN-13: 978-1-906717-00-1
- Publisher: Opentask (1 December 2009)
- Paperback: 256 pages
- ISBN-13: 978-0-9558328-5-7
- Publisher: Opentask (1 February 2010)
- Hardcover (Cloth): 256 pages
Draft Table of Contents will be published next month together with a sample chapter.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Assembly Language, Books, Crash Dump Analysis, Debugging, Kernel Development, Minidump Analysis, Publishing, Software Technical Support, Tools, Vista, WinDbg Scripts, WinDbg Tips and Tricks, WinDbg for GDB Users, Windows Server 2008 | 1 Comment »
Friday, April 25th, 2008
Due to demand from people that prefer ebooks I published Memory Dump Analysis Anthology, Volume 1 in a digital format that can be purchased in Crash Dump Analysis Store. This format has color pictures inside.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Assembly Language, Books, Bugchecks Depicted, Citrix, Crash Dump Analysis, Crash Dump Patterns, Crash Dumps for Dummies, Debugging, Fun with Crash Dumps, GDB for WinDbg Users, Hardware, Kernel Development, Memory Dump Analysis Jobs, Memory Visualization, Minidump Analysis, Publishing, Science of Memory Dump Analysis, Security, Software Architecture, Software Technical Support, Stack Trace Collection, Tools, Troubleshooting Methodology, Vista, WinDbg Scripts, WinDbg Tips and Tricks, WinDbg for GDB Users, Windows Server 2008 | No Comments »
Thursday, April 17th, 2008
Just to remind about this sometimes useful resource where we can check the product and indirectly any updates for the particular module if we have its file name and version from a crash dump, for example:
http://support.microsoft.com/dllhelp/
We can event see exports and component dependencies if we need to quickly check them without running depends.exe:
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Crash Dump Analysis, Software Technical Support, Tools | 1 Comment »
Tuesday, April 15th, 2008
I’m very proud to announce that it is finally available in both paperback and hardback. Why have I made available both editions? Because I personally prefer hardcover books. You can order the book today and it will be printed in 3-5 days (paperback) or 5-10 days (hardcover) and sent to you:
Memory Dump Analysis Anthology, Volume 1
Note: although listed on Amazon and other online bookstores it is not immediately available at these stores at the moment due to the late submission. I apologize for this. However, I expect that in a few weeks pre-orders taken there will be eventually fulfilled. In the mean time, if you want the book now, you can use the link above.
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in Announcements, Assembly Language, Books, Bugchecks Depicted, CDF Analysis Tips and Tricks, Citrix, Crash Dump Analysis, Crash Dump Patterns, Crash Dumps for Dummies, Debugging, Fun with Crash Dumps, GDB for WinDbg Users, Hardware, Kernel Development, Memory Dump Analysis Jobs, Memory Visualization, Minidump Analysis, Publishing, Science of Memory Dump Analysis, Security, Software Architecture, Software Technical Support, Stack Trace Collection, Tools, Troubleshooting Methodology, Vista, WinDbg Scripts, WinDbg Tips and Tricks, WinDbg for GDB Users, Windows Server 2008 | 3 Comments »
Saturday, April 12th, 2008
Because Citrix CDF traces are ETW based it should be possible to process and analyze them using XPrerf and XPerfView from the latest Microsoft Windows Performance Tools:
Windows Performance Tools Kit, v.4.1.1
- Dmitry Vostokov @ DumpAnalysis.org -
Posted in CDF Analysis Tips and Tricks, Citrix, Software Technical Support, Tools, Troubleshooting Methodology, Vista, Windows Server 2008 | No Comments »