Pattern Repertoire

When developing, debugging, maintaining, and supporting software it is important to have knowledge of general problem analysis patterns of abnormal software structure and behavior. As with any language, such a pattern language comes in passive and active usage variants. A passive pattern user knows about a particular analysis pattern but may have difficulty recognizing it in a specific software execution artifact such as a memory dump or log. A passive user may become an active user after training and experience. “Pattern Repertoire” is such user knowledge (or awareness) of a specific set of patterns from pattern catalogues (see the definition of repertoire). An active pattern repertoire of a Windows software engineer first becomes passive when the engineer starts working with Linux, Mac OS X, Android, iOS, z/OS, or any other platform but then becomes active through experience. In any case, the possession of a pattern repertoire and its size (the pattern language vocabulary) is an important asset. What distinguishes the pattern repertoire from a mere set of pattern names is the knowledge of its syntax (analysis pattern combinations), semantics (the meaning of analysis patterns), and pragmatics (active usage in concrete situations and passive knowledge of usage in general situations). Similar to software construction pattern repertoire which helps with software construction problem analysis, architecture, design, and implementation, software post-construction pattern repertoire helps to perform software post-construction problem diagnostic analysis and debugging more efficiently and effectively. A few words must be said about implicit pattern knowledge. Some patterns may be obvious and used unconsciously. However, their explicit naming helps with communicating analysis decisions, troubleshooting and debugging recommendations, and creating problem-solving case studies.

Here, we would like to show the building of our diagnostic analysis pattern repertoire for memory dumps, software traces, and logs. The following picture illustrates the growth of the number of software diagnostic analysis patterns with each successive volume of Memory Dump Analysis Anthology (excluding malware analysis patterns published in Volume 7, and structural memory patterns published in Volume 5):

The picture shows, for example, that volumes 6 – 8 introduced more analysis patterns than volumes 1 – 5. Volumes 7 and 8 alone introduced 63% of the current trace and log analysis patterns, and 32% of the current crash and hang memory dump analysis patterns.