O'Reilly logo

Accelerated Windows Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes, Third Edition by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exercise P14: Analysis of an application process dump (ApplicationS, 32-bit)

images

Goal: Learn how to analyze memory leaks.

Patterns: Spiking Thread; Thread Age; Memory Leak (process heap)

1.      Launch WinDbg from Windows Kits \ Debugging Tools for Windows (X64).

2.      Open \AWMDA-Dumps\32-bit\Processes\ApplicationS-std.DMP

3.      We get the dump file loaded:

 Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\AWMDA-Dumps\32-bit\Processes\ApplicationS-std.DMP] User Mini Dump File with Full Memory: Only application data is available Symbol search path is: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required