You are previewing Memory Dump Analysis Anthology, Volume 8b.
O'Reilly logo
Memory Dump Analysis Anthology, Volume 8b

Book Description

This reference volume consists of revised, edited, cross-referenced, and thematically organized articles from Software Diagnostics Institute (DumpAnalysis.org + TraceAnalysis.org) and Software Diagnostics Library (former Crash Dump Analysis blog, DumpAnalysis.org/blog) about software diagnostics, debugging, crash dump analysis, memory forensics, software trace and log analysis written in December 2014 - July 2015 for software engineers developing and maintaining products on Windows platforms, quality assurance engineers testing software, technical support and escalation engineers dealing with complex software issues, security researchers, reverse engineers, malware and memory forensics analysts. This volume is fully cross-referenced with volumes 1 - 7, 8a, and features: - 12 new crash dump analysis patterns; - 15 new software log and trace analysis patterns; - New memory dump analysis case study; - Introduction to articoding; - Introduction to special and general trace and log analysis; - Introduction to projective debugging; - Introduction to artifact-malware; - Introduction to concrete and general problem analysis patterns.

Table of Contents

  1. Preface
  2. About the Author
  3. PART 1: Professional Crash Dump Analysis and Debugging
    1. Win32 Start Address Fallacy
    2. Multidimensionality of Exceptions
  4. PART 2: Crash Dump Analysis Patterns
    1. Reference Leak
    2. Origin Module
    3. Hidden Call
    4. Corrupt Structure
    5. Software Exception
    6. Crashed Process
    7. Variable Subtrace
    8. User Space Evidence
    9. Technology-Specific Subtrace (COM Client Call)
    10. Internal Stack Trace
    11. Distributed Exception (Managed Code)
    12. Thread Poset
  5. PART 3: Pattern Interaction
    1. Virtualized Process, Stack Trace Collection, COM Interface Invocation Subtrace, Active Thread, Spiking Thread, Last Error Collection, RIP Stack Trace, Value References, Namespace, and Module Hint
  6. PART 4: A Bit of Science and Philosophy
    1. Cantor Operating System
    2. Metaphor of Memory as a Directed Container
    3. Praxiverse
    4. When Universe is Going to End?
    5. Notes on Memoidealism
  7. PART 5: Software Trace Analysis Patterns
    1. Timeout
    2. Activity Overlap
    3. Adjoint Space
    4. Indirect Message
    5. Watch Thread
    6. Punctuated Activity
    7. Trace Mask
    8. Trace Viewpoints
    9. Data Reversal
    10. Recovered Messages
    11. Palimpsest Messages
    12. Message Space
    13. Interspace
    14. Translated Message
    15. Activity Disruption
  8. PART 6: Fun with Debugging, Crash Dumps, and Traces
    1. The Dump from the Future
    2. Exchange Rate on 16.12.14
    3. Check the Plug
    4. Debugging Slang
    5. YAWE
    6. Embedded Software Engineer
    7. Minute-wise
    8. Developer
    9. Multidigitalist
    10. KgB
    11. CIQ (Crash IQ)
    12. Pat Ching
    13. Explosive Mixture
    14. POEM
    15. YearNormous Day
    16. eNormous
    17. 2015 - The Year of RAM
    18. Diagnostics and Debugging in Science Fiction
    19. Software and Hardware Exceptions
    20. Logging for Kids
    21. Find the Bug
    22. Music for Debugging
    23. Tracing and Counting Book
    24. The Last Error
    25. Patching the Hardware Defect
    26. Pattern Match
  9. PART 7: Software Narratology
    1. Coding and Articoding
  10. PART 8: Software Diagnostics, Troubleshooting, and Debugging
    1. Special and General Trace and Log Analysis
    2. Projective Debugging
    3. Pattern! What Pattern?
    4. I Didn’t See Anything
  11. PART 9: Art and Photography
    1. Diagnostics Designer Glasses
    2. Pattern Diagnostics Logo
    3. Happy Valentine’s Day
    4. 50 Shades of Crash Dump
    5. Computer Universe
    6. Failed Surveillance
    7. Debugging Allegory on FEB 23
    8. Object in Signaled State
    9. Kernel Space Starts with 8
    10. The Day of ST. P. The Elimination of Snakes
    11. The Fifth Column
    12. Proportionate Disproportionate Proportion
    13. Autoportrait in 5 Objects
    14. Kernel Works
    15. Chip Forensics
    16. Industrial Windows
    17. The Meaning of Life
    18. Hidden Bug
  12. PART 10: Memory Forensics
    1. Artifact-Malware and its Primary and Secondary Effects
  13. PART 11: Miscellaneous
    1. Quotes
    2. Status Updates
    3. Execution Residue
  14. Appendix
    1. Patterns are Weapons for Massive Debugging
    2. Crash Dump Analysis Checklist