Attaching a debugger to a hung process or one that is running that we can cause to crash through an action is one thing… but sometimes a process will not even reach a running state and simply throw an error at the very start. If you’re lucky the error is caused by I/O and Process Monitor is able to give...

We’ve looked at generating dumps of processes, the kernel or the entire set of used physical memory pages – but there is another method to do debug analysis on the target directly rather than with a “snapshot” of what it looked like at one point in time, and sometimes this is very useful. The “live”...

I’ve already covered the different types of memory dump in a previous blog entry, so this is a quick dip into how we manually trigger a bugcheck to create a memory dump on demand, and also how we can take a look inside the kernel of a running OS without crashing it.   Crash Landing In the event...

So you’ve managed to get a dump from a process… now what? Dump analysis is a skill that requires a bit of knowledge of how processors work, how to read assembly language, how functions are called, what stacks and heaps are, and so on – it’s way beyond the scope of a blog to give you this set of skills...