The full-color transcript of Software Diagnostics Services training. Learn how to analyze Linux process and kernel crashes and hangs, navigate through core memory dump space and diagnose corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and much more. This training uses a unique and innovative pattern-oriented diagnostic analysis approach to speed up the learning curve. The training consists of 47 practical step-by-step exercises using GDB and WinDbg debuggers, highlighting almost 40 memory analysis patterns diagnosed in 64-bit core memory dumps from x64 and ARM64 platforms. The training also includes source code of modeling applications, a catalog of relevant patterns from the Software Diagnostics Institute, and an overview of relevant similarities and differences between Windows and Linux memory dump analysis useful for engineers with a Wintel background. In addition to various improvements, the third edition includes a review of relevant x64 and ARM64 disassembly and a new set of ARM64 GDB exercises.
Author(s): Dmitry Vostokov
Series: Linux Internals Supplements
Edition: 3
Publisher: Opentask
Year: 2023
Language: English
Commentary: Revision 3.02 (January 2023)
Pages: 638
City: Dublin
Tags: Core Dump Analysis; Linux; Data Recovery; Memory Management; Debugging; Operating Systems; x64 Disassembly; ARM64 Disassembly; GDB; WinDbg
About the Author
Presentation Slides and Transcript
Core Dump Collection
x64 Disassembly
ARM64 Disassembly
Practice Exercises
Exercise 0 (x64, GDB)
Exercise 0 (A64, GDB)
Exercise 0 (A64, WinDbg Preview, WinDbg, Docker)
Exercise A1 (x64, GDB)
Exercise A1 (A64, GDB)
Exercise A1 (A64, WinDbg Preview)
Exercise A2D (x64, GDB)
Exercise A2D (A64, GDB)
Exercise A2D (A64, WinDbg Preview)
Exercise A2C (x64, GDB)
Exercise A2C (A64, GDB)
Exercise A2C (A64, WinDbg Preview)
Exercise A2S (x64, GDB)
Exercise A2S (A64, GDB)
Exercise A3 (x64, GDB)
Exercise A3 (A64, GDB)
Exercise A3 (A64, WinDbg Preview)
Exercise A4 (x64, GDB)
Exercise A4 (A64, GDB)
Exercise A4 (A64, WinDbg Preview)
Exercise A5 (x64, GDB)
Exercise A5 (A64, GDB)
Exercise A5 (A64, WinDbg Preview)
Exercise A6 (x64, GDB)
Exercise A6 (A64, GDB)
Exercise A6 (A64, WinDbg Preview)
Exercise A7 (x64, GDB)
Exercise A8 (x64, GDB)
Exercise A8 (A64, GDB)
Exercise A8 (A64, WinDbg Preview)
Exercise A9 (x64, GDB)
Exercise A9 (A64, GDB)
Exercise A9 (A64, WinDbg Preview)
Exercise A10 (x64, GDB)
Exercise A10 (A64, GDB)
Exercise A10 (A64, WinDbg Preview)
Exercise A11 (x64, GDB)
Exercise A11 (A64, GDB)
Exercise A11 (A64, WinDbg Preview)
Exercise A12 (x64, GDB)
Exercise A12 (A64, GDB)
Exercise A12 (A64, WinDbg Preview)
Exercise K1 (x64, GDB)
Exercise K2 (x64, GDB)
Exercise K3 (x64, GDB)
Exercise K4 (x64, GDB)
Exercise K5 (x64, GDB)
Selected Q&A
App Source Code
App0
App1
App2D
App2C
App2S
App3
App4
App5
App6
App7
App8
App9
App10
App11 / App12
K2
K3
K4
K5
Selected Analysis Patterns
NULL Pointer (Data)
Incomplete Stack Trace
Stack Trace
NULL Pointer (Code)
Spiking Thread
Dynamic Memory Corruption (Process Heap)
Execution Residue (User Space)
Coincidental Symbolic Information
Stack Overflow (User Mode)
Divide by Zero (User Mode)
Local Buffer Overflow (User Space)
C++ Exception
Paratext
Active Thread
Lateral Damage
Critical Region
