O'Reilly logo

Memory Dump Analysis Anthology, Volume 7 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Step Dumps

It is common to get dozens of process memory dumps saved sequentially, for example, after each second. Then we can first analyze memory dumps corresponding to changes in their file sizes ignoring plateaus to save analysis time. This pattern is called by an analogy with step functions19. For example, we have this dump set with comments from WinDbg analysis sessions (it was reported that an application was freezing for some time until its disappearance from a user screen):

C:\MemoryDumps>dir
[...]
12/30/2012  8:33 PM  218,252,862 AppA-1.dmp // normal
12/30/2012  8:34 PM  218,541,762 AppA-2.dmp // slightly increased CPU
consumption for thread #11
12/30/2012  8:37 PM  218,735,848 AppA-3.dmp // spiking thread #11
12/30/2012 8:38 PM 218,735,848 ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required