O'Reilly logo

Memory Dump Analysis Anthology, Volume 5 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Software Trace Analysis Patterns

Significant Event

When looking at software traces and doing either a search for or just scrolling certain messages grab attention immediately. We call them Significant Events. It could be a recorded exception (Volume 4, page 337) or an error, a basic fact (Volume 3, page 345), a trace message from vocabulary index (Volume 4, page 349), or just any trace state-ment that marks the start of some activity we want to explore in depth, for example, a certain DLL is attached to the process, a coupled process is started or a function is called. The start of a trace and the end of it are trivial significant events and are used in deciding whether the trace is circular (Volume 3, page 346), in determining the trace ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required