Debugging Process Startup

Attaching a debugger to a hung process or one that is running that we can cause to crash through an action is one thing… but sometimes a process will not even reach a running state and simply throw an error at the very start. If you’re lucky the error is caused by I/O and Process…

0

Pre-mortem debug analysis

We’ve looked at generating dumps of processes, the kernel or the entire set of used physical memory pages – but there is another method to do debug analysis on the target directly rather than with a “snapshot” of what it looked like at one point in time, and sometimes this is very useful. The “live”…

0

Kernel-mode dump analysis

I’ve already covered the different types of memory dump in a previous blog entry, so this is a quick dip into how we manually trigger a bugcheck to create a memory dump on demand, and also how we can take a look inside the kernel of a running OS without crashing it.   Crash Landing…

0

Analyzing User Mode Dumps

So you’ve managed to get a dump from a process… now what? Dump analysis is a skill that requires a bit of knowledge of how processors work, how to read assembly language, how functions are called, what stacks and heaps are, and so on – it’s way beyond the scope of a blog to give…

0