Reading Notebook: 02-September-09
Comments in italics are mine and express my own views, thoughts and opinions
Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:
Instancing the namespace in \Sessions\n (p. 167) - note that prior to Vista console session was 0 and was shared with services
DeviceMap _EPROCESS substructure (p. 168)
0: kd> dt _DEVICE_MAP
nt!_DEVICE_MAP
+0x000 DosDevicesDirectory : Ptr64 _OBJECT_DIRECTORY
+0x008 GlobalDosDevicesDirectory : Ptr64 _OBJECT_DIRECTORY
+0x010 ReferenceCount : Uint4B
+0x014 DriveMap : Uint4B
+0x018 DriveType : [32] UChar
Altitude object filtering concept (p. 170)
Incorrect sharing of memory example (p. 171) - although context switches emulate multiprocessor systems single-processor machines experience the same error conditions less frequently: http://www.dumpanalysis.org/blog/index.php/2007/04/14/race-conditions-on-a-uniprocessor-machine/
Spinlock illustration (pp. 173) - here is a “spinning” illustration in 3-dimensional abstract space: http://www.dumpanalysis.org/blog/index.php/2007/10/25/threads-as-braided-strings-in-abstract-space-part-1/
lock xadd and lock bts (pp. 172 - 173)
Spinlock busy wait CPU consumption (p. 174) - I had some cases and named a pattern called Dispatch Level Spin (not only applicable to spinlocks but to every loop at DPC level and higher(: http://www.dumpanalysis.org/blog/index.php/2008/01/25/crash-dump-analysis-patterns-part-44/
Pause instruction (p. 174) - Here’s a short description with disassembly example from Asmpedia: http://www.asmpedia.org/index.php?title=PAUSE
- Dmitry Vostokov @ SoftwareGeneralist.com -
_1125.png)
Coming Soon:
Management Bits: An Anthology from Reductionist Manager
Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
Crash Dump Analysis for System Administrators and Support Engineers
New Magazines:
Debugged! MZ/PE: MagaZine for/from Practicing Engineers
New Books:
Memory Dump Analysis Anthology: Color Supplement for Volumes 1-3
Memory Dump Analysis Anthology, Volume 3
First Fault Software Problem Solving: A Guide for Engineers, Managers and Users
x64 Windows Debugging: Practical Foundations
Also available:
Windows Debugging: Practical Foundations
DLL List Landscape: The Art from Computer Memory Space
Dumps, Bugs and Debugging Forensics: The Adventures of Dr. Debugalov
WinDbg: A Reference Poster and Learning Cards
Memory Dump Analysis Anthology, Volume 2
Memory Dump Analysis Anthology, Volume 1
New Children's Book:
