tailieunhanh - Memory Dump Analysis Anthology- P2

Memory Dump Analysis Anthology- P2: This is a revised, edited, cross-referenced and thematically organized volume of selected blog posts about crash dump analysis and debugging written in 2006 - 2007 for software engineers developing and maintaining products on Windows platforms, technical support and escalation engineers dealing with complex software issues and general Windows users. | Hangs Explained 31 HANGS EXPLAINED Another category of problems happens very often where we also need a dump for analysis hangs. There is some confusion exists in understanding the difference between these two categories crash and hang. Although sometimes a hang is a direct consequence of a crash most of the time hangs happen independently. They also manifest themselves differently. Let s look at application process crashes and hangs first. When a crash happens an application process often disappears. When a hang happens an application process is still in memory we can see it in Task Manager for example but it doesn t respond to user commands or to any other requests like pinging a TCP IP port. If we have a crash in OS then the most visible manifestation is blue screen and or reboot. If we have a hang then everything freezes. Application or system hang happens because from the high level of view the interaction between applications and OS components modules is done via messages. One component sends a message to another and waits for a response. Some components are critical for example a registry. The following hand-made picture depicts very common system hang situations when the register component stops responding. Then every running application process stops responding if its execution path depends on registry access. Please purchase PDF Split-Merge on to remove this watermark 32 PART 1 Crash Dumps for Beginners The very common reason for hang is the so called deadlock when two running applications their execution paths or threads are waiting for each other. Here is an analogy with a blocked road In order to see what s inside the process or OS which caused a hang we need a memory dump. Usually this dump is called a crash dump too because in order to get it the usual method is to make some sort of a trap which causes an application or OS to crash and to save the dump. I personally prefer to call these crash dumps just memory dumps to avoid .

TÀI LIỆU MỚI ĐĂNG
41    188    5    28-12-2024
309    143    0    28-12-2024