|
|
|
|
|
|
by nonane
1399 days ago
|
|
|
Somewhat similar: I worked on the !chkimg (1) Windbg extension at Microsoft. This little extension was run on incoming kernel dumps to see if it can identify crashes due to bad RAM. It analyzed incoming memory dump files - sent via Windows Error Reporting. If the dump had any code sections for Microsoft code, it would compare that with the binaries that Microsoft officially shipped. If it found evidence of code corruption, it would try to classify the pattern - bad RAM had a distinctive pattern of corruption. We also found other interesting things - i.e. lots of anti-virus patching the kernel code and causing alot of problems (this was way back before PatchGuard). 1. https://docs.microsoft.com/en-us/windows-hardware/drivers/de... |
|
|