Transcript: Let’s first start with a brief overview of memory dumps, debuggers and logs.
Transcript: Why we talk about memory dumps and not live debugging? This is because memory dump analysis is an integral part of any debugging, be it a postmortem, live or remote. This is also one of important techniques in system troubleshooting. Basically, a memory dump is a snapshot of a process or a system memory state. Every memory debugging session inspects a memory snapshot. From a debugger perspective there is no big difference. Memory dump files can be generated by various methods and tools including debuggers. When we use debuggers to inspect memory dumps files we can save results or textual output from time consuming or verbose commands into log files. We can use these logs for further processing and analysis.
Comment: We can consider software traces as a special kind of memory dumps because trace messages are assembled in memory. If traces are binary (like ETL files) then if formatted (for example, CDF or Process Monitor) can be considered as textual log files.
- Dmitry Vostokov @ Citrix Blogs –