Visual studio is the one shop stop for most .NET developers; itâs a shame since there are other powerful tools out there.
WinDbg is such a tool â it can help analyze and solve bugs, memory issues, deadlocks and is crucial to solving bugs that are found on the client machines.
The problem is that WinDbg is not as friendly as Visual Studio (to say the least) â or is it?
In this talk Iâll show how a .NET developer can use WinDbg to crash bugs.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
Veil-Ordnance is a new tool recently added into the Veil-Framework. It's designed to quickly generate shellcode for exploits or use inside backdoor executables.
Key items of the presentation will be:
What is PHPUnit
Whats new in testing in Drupal 8
Core Classes and Components
Core/ Contibuted modules
PHPUnit file structure, namespace, and required metadata
Running PHPUnit tests.
Available tools for running automated tests.
Visual studio is the one shop stop for most .NET developers; itâs a shame since there are other powerful tools out there.
WinDbg is such a tool â it can help analyze and solve bugs, memory issues, deadlocks and is crucial to solving bugs that are found on the client machines.
The problem is that WinDbg is not as friendly as Visual Studio (to say the least) â or is it?
In this talk Iâll show how a .NET developer can use WinDbg to crash bugs.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
Veil-Ordnance is a new tool recently added into the Veil-Framework. It's designed to quickly generate shellcode for exploits or use inside backdoor executables.
Key items of the presentation will be:
What is PHPUnit
Whats new in testing in Drupal 8
Core Classes and Components
Core/ Contibuted modules
PHPUnit file structure, namespace, and required metadata
Running PHPUnit tests.
Available tools for running automated tests.
Ever Present Persistence - Established Footholds Seen in the WildCTruncer
Â
This talk is about different attacker persistence techniques that we have seen in the wild, or published by other companies. We wanted to create a massive document containing all of these techniques with a mile wide, inch deep approach. Our goal is to give a description of how each technique works and a way to detect them to allow anyone to start looking for these specific techniques.
This presentation walks the reader through implementing a simple web application and its tests using Python, Flask, and the Pytest testing framework. Emphasis is placed on following the process of test-driven development (TDD) in creating the application.
The Five Easy Ways to QA Your Site has been presented at DrupalCamp South Florida as well as DrupalCamp Florida. The talk addresses the issue of using simple methods to add polish to your site through established Quality Assurance methods. During this presentation you'll learn quick and easy tasks as well as what tools to use to provide a high level of quality.
This talk is about why I believe having the ability to write tools and/or scripts can help elevate a Pen Testers game to the next level.
The talk is case study driven by the different scenarios I've encountered on assessments and the scripts or tools that have been developed as a result.
North Virginia Coldfusion User Group Meetup - Testbox - July 19th 2017Ortus Solutions, Corp
Â
Testbox is a tool we all should be using to test our ColdFusion Applications which was created and is maintained by Ortus Solutions, the people that brought you ColdBox. We will have Gavin from Ortus in house on this day to go over some testbox examples, talk about its importance, and answer any questions you have.
SO --- if you have and high level questions for Gavin, reply to this post (or hit me up) so I can get the questions to Gavin a head of time just in case he needs to consult others at Ortus.
Gavin Pickin is a proud ColdFusion developer, starting with ColdFusion in the late 90s. Now working with Ortus Solutions, a leading force in CFML Development frameworks and tools, Gavin gets to work on a lot of great projects, for a big variety of clients. At Ortus Solutions, a big focus is on free and open source tools, on open source Fridays, Gavin spend most of his open source time working on ContentBox Content Management System.
This talk is about developing malware in higher level languages. Languages such as Python or C# can give you the flexibility to quickly develop malware and use it on client engagements.
The Supporting Role of Antivirus Evasion while PersistingCTruncer
Â
This talk goes over different techniques to evade detection by antivirus programs, talks about how Veil-Evasion evades the programs, and shows an AV signature bypass. It also then documents a large number of techniques on how actors can persist in networks.
Stopping the Rot - Putting Legacy C++ Under TestSeb Rose
Â
Presentation given at the ACCU 2011 Conference in Oxford, UK.
Case study of applying unit test to the DOORS codebase. Includes a quick overview of unit test & the Google Test and Mock libraries. Also 3 specific refactoring examples shown.
Practical tips for dealing with projects involving legacy code. Covers investigating past projects, static analysis of existing code, and methods for changing legacy code.
Presented at PHP Benelux '10
Crash (or) Hang dump analysis using WinDbg in Windows platform by K.S.Shanmug...Shanmuga KS
Â
This training comprises of 2 sessions
Session -1 (Theory)
1. Understanding Dump File
2. Varieties of Dump File
3. Creation of Dump File
4. Terminologies for analyzing of Dump File
5. Introduction to WinDbg
Session -2 ( Lab)
1. Postmortem Debugger Settings
2. WinDbg Setup
3. Dump File creation using Tools
4. Dump File creation using Win32 API
5. Dump File Analyzing case study
For Download, drop mail to contactshanmugaks@gmail.com
In this talk, we look at WinDbg, a powerful debugger that can help resolve difficult errors in production environments. We use WinDbg to pinpoint stack traces given dump files generated in production, to find memory leak causes and inspect heap memory, and even to automatically walk objects and threads to find deadlocks.
Ever Present Persistence - Established Footholds Seen in the WildCTruncer
Â
This talk is about different attacker persistence techniques that we have seen in the wild, or published by other companies. We wanted to create a massive document containing all of these techniques with a mile wide, inch deep approach. Our goal is to give a description of how each technique works and a way to detect them to allow anyone to start looking for these specific techniques.
This presentation walks the reader through implementing a simple web application and its tests using Python, Flask, and the Pytest testing framework. Emphasis is placed on following the process of test-driven development (TDD) in creating the application.
The Five Easy Ways to QA Your Site has been presented at DrupalCamp South Florida as well as DrupalCamp Florida. The talk addresses the issue of using simple methods to add polish to your site through established Quality Assurance methods. During this presentation you'll learn quick and easy tasks as well as what tools to use to provide a high level of quality.
This talk is about why I believe having the ability to write tools and/or scripts can help elevate a Pen Testers game to the next level.
The talk is case study driven by the different scenarios I've encountered on assessments and the scripts or tools that have been developed as a result.
North Virginia Coldfusion User Group Meetup - Testbox - July 19th 2017Ortus Solutions, Corp
Â
Testbox is a tool we all should be using to test our ColdFusion Applications which was created and is maintained by Ortus Solutions, the people that brought you ColdBox. We will have Gavin from Ortus in house on this day to go over some testbox examples, talk about its importance, and answer any questions you have.
SO --- if you have and high level questions for Gavin, reply to this post (or hit me up) so I can get the questions to Gavin a head of time just in case he needs to consult others at Ortus.
Gavin Pickin is a proud ColdFusion developer, starting with ColdFusion in the late 90s. Now working with Ortus Solutions, a leading force in CFML Development frameworks and tools, Gavin gets to work on a lot of great projects, for a big variety of clients. At Ortus Solutions, a big focus is on free and open source tools, on open source Fridays, Gavin spend most of his open source time working on ContentBox Content Management System.
This talk is about developing malware in higher level languages. Languages such as Python or C# can give you the flexibility to quickly develop malware and use it on client engagements.
The Supporting Role of Antivirus Evasion while PersistingCTruncer
Â
This talk goes over different techniques to evade detection by antivirus programs, talks about how Veil-Evasion evades the programs, and shows an AV signature bypass. It also then documents a large number of techniques on how actors can persist in networks.
Stopping the Rot - Putting Legacy C++ Under TestSeb Rose
Â
Presentation given at the ACCU 2011 Conference in Oxford, UK.
Case study of applying unit test to the DOORS codebase. Includes a quick overview of unit test & the Google Test and Mock libraries. Also 3 specific refactoring examples shown.
Practical tips for dealing with projects involving legacy code. Covers investigating past projects, static analysis of existing code, and methods for changing legacy code.
Presented at PHP Benelux '10
Crash (or) Hang dump analysis using WinDbg in Windows platform by K.S.Shanmug...Shanmuga KS
Â
This training comprises of 2 sessions
Session -1 (Theory)
1. Understanding Dump File
2. Varieties of Dump File
3. Creation of Dump File
4. Terminologies for analyzing of Dump File
5. Introduction to WinDbg
Session -2 ( Lab)
1. Postmortem Debugger Settings
2. WinDbg Setup
3. Dump File creation using Tools
4. Dump File creation using Win32 API
5. Dump File Analyzing case study
For Download, drop mail to contactshanmugaks@gmail.com
In this talk, we look at WinDbg, a powerful debugger that can help resolve difficult errors in production environments. We use WinDbg to pinpoint stack traces given dump files generated in production, to find memory leak causes and inspect heap memory, and even to automatically walk objects and threads to find deadlocks.
How do you deal with issues that happen in production? Error and Event logs are helpful but often they provide little to no help with things like deadlocks and memory leaks.
In this session we'll explore some low level utilities that allow us to take snapshots of running code and bring it back in house for analysis.
Choosing Between Scrum and Kanban - TriAgile 2015Cory Foy
Â
In this talk from TriAgile 2015, Cory Foy details the differences between Scrum and Kanban to figure out how to combine the best of both to increase the agility of your organization.
Talk recording available! See
http://www.st.cs.uni-saarland.de/zeller/Debugging-Debugging/
"Yesterday, my program worked. Today, it does not. Why?" This paper, originally published at ESEC/FSE 1999, introduced the concept of delta debugging, a simple, yet very effective method for automated debugging.
In 2009, this paper received the ACM SIGSOFT impact award as the most influential software engineering publication of 1999. In his keynote at ESEC/FSE in Amsterdam on August 27, 2009, Andreas Zeller reviews the state of automated debugging in the past and the future. He shares stories about how delta debugging came to be, how it can be hard to be simple, what programmers really need, and what research should do (and should not do) to explore and cater to these needs.
Talk recording available! See
http://www.st.cs.uni-saarland.de/zeller/Debugging-Debugging/
.NET Debugging tricks you wish you knew tamir dresherTamir Dresher
Â
Do you know what developers do most of their day (except for surfing the internet)?
Writing code? WRONG!
They are debugging. The debugger is a powerful tool, but in this talk you'll learn tricks that will help find bugs in half the time and with less frustration. Because a happy developer is a productive developer.
This session will show you tools that will point to you to right direction and features you didn't know that are even there.
As a guest speaker in NCU, I gave a talk about some best practices of JavaScript programming to college students. It covers basic JavaScript elements and some common pitfalls while dealing with asynchronous programming.
We continue where we left off from Part 1. This section covers 2 main topics, debugging libraries and fuzzer design. For debugging libraries we go over PyDBG and WinAppDbg, discussing basic to intermediate examples, and when you might want to use one instead of the other. After that, fuzzer design is discussed, including goals, design choices, architecture, etc. Some code samples are shown from my fuzzer, along with a github link for those who are interested.
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneDavid Glick
Â
Using real issues encountered in the wild, this session will help beginning integrators gain confidence in knowing what to do when Plone fails to behave as expected. Learn how to solve common problems like "My changes aren't taking effect" and "My Zope instance won't start," as well as how to use pdb to investigate more complex Python errors.
This talk is targeted at integrators who have some experience with Plone, but who are not confident in troubleshooting errors and other unexpected behavior. Knowledge of Python is not required, though at least a cursory familiarity with some programming language will make the talk more digestible.
Defending Commoditization: Mapping Gameplays and Strategies to Stay Ahead in ...Cory Foy
Â
One of the goals of agility is to be able to respond rapidly to market change. But do you feel prepared to wake up to a product announcement from Amazon disrupting your entire business? Would you know what steps to take?
Instead of being worried, we can get mapping! Wardley Mapping, coined by Simon Wardley, is a way of understanding markets and components in a way that allows us to visualize and anticipate change in markets - and develop strategies and gameplays for how we can respond to them.
This session uses several real-world cases of work with organizations to map their landscape and show the strategies and gameplays that allowed them to reshape where they were headed - and allow you to understand your organizationâs market and how you can think about features and product direction.
Stratgic Play - Doing the Right Thing at the Right TimeCory Foy
Â
In this talk from Red Hat Agile Day 2015, Cory Foy covers the notion of Strategic Play by covering tools like Wardley Maps, Business Model Canvas, Purpose-Based Alignment Model and Product Vision Statement
Continuous Deployment and Testing Workshop from Better Software WestCory Foy
Â
In this workshop from the 2015 SQE Better Software West conference, Cory Foy details the Continuous Paradigm companies are embracing - including Continuous Integration, Continuous Deployment, and Continuous Testing. This presentation was co-created by Jared Richardson.
In the software development world, we spend a lot of our time coding, and very little practicing. In this presentation to the Triangle.rb group, Smashing Boxes CTO Cory Foy talks about a focused development practice called Code Katas - and how they can help you improve your hiring, your team, and your own programming abilities
In this talk from Southern Fried Agile 2014, Cory Foy gives an overview of the patterns necessary to have successful agility when working with distributed and dispersed teams. He looks at Scrum, Kanban and various virtual tools.
In this talk from Red Hat's 2014 Agile Conference, Cory Foy talks about the conditions necessary to bring about true organizational change towards agility. In addition, he covers patterns of adoptions and a variety of techniques used at scale
In this talk from Triangle.rb, Cory Foy goes over basic language features of Ruby, along with some gotchas from David Black's "The Well Grounded Rubyist". We cover variables, classes, blocks, and other aspects.
Agile Roots: The Agile Mindset - Agility Across the OrganizationCory Foy
Â
In this talk from Agile Roots 2014, Cory Foy talks about what is necessary for agility across the entire enterprise - regardless of whether you are using Agile, Lean, or Waterfall. Cory also covers the three principles and four value statements of agility.
Triangle.rb - How Secure is Your Rails Site, Anyway?Cory Foy
Â
In this talk from Triangle.rb, Cory Foy details the state of Rails security, including paying attention to libraries you use. He includes real world examples of exploits, and links to resources
In this talk from Boston's SQE Conference, Cory Foy talks about the strategies for developing and architecting quality code by changing how we learn about code and how we can let go of design and architecture in some ways to be able to listen to what the code is telling us - leading to happy code!
In this talk from GOTO Berlin 2013, Cory Foy discusses the importance of listening to your code to know when to refactor, test, and build solutions which will withstand the test of time.
In this talk from a Tampa 8th Light University, Senior Craftsman Cory Foy details the design patterns used in Rails, and shows their use and implementation while reference Fowler's PoEAA and Alexander's Timeless Way of Building
Many companies have created a proper noun titled "Agile". But that word doesn't exist as a proper noun. The goal isn't to achieve some mythical ethos of "Agile" but instead to have organizational agility. This presentation covers the principles of Organizational Agility and how to make your organization get to the goal of agility.
Getting Unstuck: Working with Legacy Code and DataCory Foy
Â
From this presentation for the IASA in 2007, Cory covers common challenges in dealing with Legacy Code and Data, and some tools and techniques for handling them.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
Â
As AI technology is pushing into IT I was wondering myself, as an âinfrastructure container kubernetes guyâ, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefitâs both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
Â
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Â
Clients donât know what they donât know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clientsâ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Â
Are you looking to streamline your workflows and boost your projectsâ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, youâre in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part âEssentials of Automationâ series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Hereâs what youâll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
Weâll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Donât miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Â
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Â
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Â
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
7. Viewing Managed Objects Start up the app and click on the Managed Objects button Start up WinDBG and attach to the executable (click âNoâ if it asks you to save the workspace) then load SOS by typing â.loadbysosmscorwksâ and hitting enter. Also load symbols by typing â.symfix C:ymbolsâ and hitting enter, then typing â.reloadâ and hitting enter
8. Viewing Managed Objects View All Threads by typing in â~â and hitting enter. View all managed threads by typing in â!threadsâ and hitting enter. Note there are 5 native threads, but only 2 managed threads. Also note that thread 2 is marked as (Finalizer) â thatâs the thread responsible for finalization Change to the main thread by typing â~0sâ (tilde zero s). This tells WinDBG to switch to thread 0. Then type â!clrstackâ to see where we are in the application. Note we are in the Main method right now.
9. Viewing Managed Objects Next, letâs look at the objects on the heap. Type â!dumpheap âstatâ. Youâll see many objects. You can filter by typing things like -min or âmax as parameters to dumpheap. Now find all of our objects on the heap by typing â!dumpheap âtype WinDBGâ. This filters for any object with the text âWinDBGâ in itâs name. The top list are the actual objects and their memory locations, while the bottom list are the type names. You can figure out which is which by matching up the MethodTable addresses (MT Column)
10. Viewing Managed Objects We can view a specific object using â!dumpobjâ (or â!doâ for short). Weâll look at the HelloWorld Object by typing â!do <address>â where address is from the !dumpheap command earlier. We can see we have a string field called âhelloâ and a world property. We can then look at the string by typing â!do <address>â. In this example, the address would be 263a000. We can see that field contains the string âHelloâ.
11. Viewing Managed Objects When we did a !do on the HelloWorld object, one piece of information was the MethodTable address. We can use the !dumpmt command to see what methods the object exposes. Type â!dumpmt âmd <methodtableaddress>â. If the JIT Column has âPreJITâ then the method came from an Ngenâd object. If it has JIT, then the method has been called and JITâd. If it has NONE, the method hasnât been called. You can dissassemble IL that has been JITâd by passing in the MethodDesc address to â!Uâ
12. Viewing Managed Objects If weâve attached to the process doing a live debug (which weâre doing here), then you can set breakpoints using !bpmd. For example, we can have it breakpoint just before the MessageBox shows up by passing in the assembly name and fully qualified type. You can use bl to see the breakpoints. We then type âgâ to release the current break we have on the app, and click the Managed Objects button again. Weâll then see WinDBG hit the breakpoint. We can run !clrstack to see what led us to that call
13. CLR Fundamentals Threads Managed Threads is an object â it lives on native system threads CLR Threads Finalizer Garbage Collector (Server GC) Debugger Timer Threadpool (I/O and Worker)
14. CLR Fundamentals Just-In-Time compilation Program makes a call to a method The .NET Runtime checks to see if the method has been called before If so, it executes the JITâd code If not, it compiles the IL code and stores it in memory, updating the MethodDesc
16. Memory Management Stacks versus Heaps Stack â First in / First Out Heap â access by address Garbage Collector Heap Where all objects are stored Broken into 3 generations and one Large Object Heap Large Object > 85,000 bytes
17. Memory Management Garbage Collector Sequence Suspend Execution Engine Mark objects without roots Plan (budgets, fragmentation) Sweep (delete market objects) Compact (move leftover objects to back of heap) Restart Execution Engine
18. Memory Management Memory Leaks Possible in both Managed and Unmanaged Code Use Perfmon to check for symptoms Unmanaged Leak Private Bytes Increase, #Bytes In All Heaps stays flat Managed Leak Both Private Bytes and Bytes In All Heaps increase Need multiple dump files
20. Memory Management Why do we leak managed memory? Objects not being released âPinnedâ memory Finalized Objects (Destructors on Managed Objects) Finalized objects require an additional GC cycle to be cleaned since they have to go in the finalizer thread to run
21. Memory Management Exception Handling Workflow Exception Occurs (create an exception object) Notify Debugger (1st Chance Exception) Look for a handler by walking up the call stack If handler found, let it handle exception If not, throw a 2nd Chance Exception and terminate the process
23. Debugging Fundamentals Typical Problems in Production System hangs or deadlocks Fatal Exceptions Data Loss or inconsistency Performance Problems Excessive Memory Usage App Pool Restarts (slow access to ASP.NET pages)
24. Debugging Fundamentals Approaching the problem Be the application (visualize what could cause the problem) Use Application and System Logs Try to reproduce in Development or Staging environments Create a hypothesis and use WinDBG to validate
25. Debugging Fundamentals Debugging Production Apps Typically donât have Visual Studio installed, or access to the remote debugger Attaching a debugger freezes all threads Capture memory dumps At time of crash / exception Over time to troubleshoot hangs / leaks
26. Agenda .NET Fundamentals Debugging Crashes Debugging Memory Leaks Debugging Hangs WinDBG Tips and Tricks Other Tools
27. Debugging Crashes Application seems to work fine, but something happens Unhandled Exception Dialog App âdisappearsâ Steps Desktop App: Attach and stop on Exceptions Web App: Use DebugDiag to capture memory dump
29. Debugging Crashes Open Application and click the âCrashâ buttonâ. Unhandled Dialog should appear and kill the app. Start app back up and attach to it with WinDBG, then load SOS. Once SOS is loaded, type âsxeclrâ to tell WinDBG to break on all .NET Exceptions, then type âgâ and click on the Crash button again. Because weâve enabled exception notification, WinDBG breaks on the first-chance exception.
30. Debugging Crashes The first place to look is the exception object itself. We can either do a â!doâ on the object address listed, or simply type â!peâ. You can also pass an address to !pe if you need to view other than the last exception thrown. We can see there is a file not found exception. Letâs see where we were at. So it looks like the app calls âReadAllTextâ from a method called âCrash_Clickâ from the Form1 object. If we have access to Source, weâd start there. If not, we can find the method address and dissassemble
31. Debugging Crashes Note that if we click âgâ at this point, WinDBG breaks again. This is because the exception we first saw was *not* the crash reason. Like the previous exception, this one is listed as a First Chance Exception. If we click âgâ again, weâll see WinDBG breakpoint again. Note that it clearly tells us this is a second chance exception â the next thing that will happen is process termination.
33. Debugging Crashes On Startup Open the App and check the âCrash on Startupâ option, then close the app and restart. Notice it immediately crashes. The challenge is that we wonât have time to attach a debugger. You can set registry keys to automatically launch a debugger, or we could launch the app from the debugger, which weâll do here. Start up WinDBG and go to File->Open Executable. Browse to the WinDBGDemo executable and select it.
34. Debugging Crashes On Startup At this point, we are in the PE load of the application, meaning it hasnât even decided if this is a native or managed app yet. Which also means no .NET libraries are loaded, so we canât load SOS. What we can do is set a breakpoint to fire when the .NET runtime is loaded, at which point we can set the handlers we need. Type âsxe ld mscorwksâ which means set WinDBG to break when mscorwks is loaded. We can now load SOS and set the CLR Exception breakpoints. Now type âgâ till our app breaks. You can now debug it as a crash.
35. Debugging Crashes On Startup If you have a Windows Service which is crashing on startup, then youâll need to modify some registry keys and permissions on the service. For more information, see the following KB article, or the blog post from our site (Note: When you finish this demo, go to your user directoryppDataocalicrosoftinDBGDemo.exe.0.0.0 and modify the user.config file to have CrashOnStartup to be False) http://support.microsoft.com/kb/824344 http://blog.coryfoy.com/2008/06/debugging-a-net-windows-service-that-is-crashing-on-startup/
36. Agenda .NET Fundamentals Debugging Crashes Debugging Memory Leaks Debugging Hangs WinDBG Tips and Tricks Other Tools
37. Debugging Memory Leaks Memory Usage Continues to grow in the app May cause app pool restarts in ASP.NET Out of Memory exceptions when you still have memory free Several Reasons Unreleased objects âPinnedâ memory You have plenty of memory! (GC only runs when it feels memory pressure)
38. Debugging Memory Leaks Diagnosing Memory Leaks PerfMon to determine if it is a managed leak Take multiple memory dumps to determine what is happening For the objects on the heap, find out why they are sticking around Check the GC Generation for the objects
40. Debugging Memory Leaks Start the app and task manager, then click on the Memory Leak button. Note that the memory is still increasing. Fire up Perfmon to see if this is a managed or native leak. Start->Run->Perfmon. You can remove the Processor Time counter and add the following counters: .NET CLR Memory -> #Bytes in all Heaps -> WinDBGDemo and Process -> Private Bytes -> WinDBGDemo. You should see that both are growing at about the same rate indicating a managed leak
41. Debugging Memory Leaks To debug this, weâll need to take two snapshots of the application far enough apart to see memory difference. You can do this right from Task Manager. Create two, about 15 seconds apart. You can now kill the application. Open two instances of WinDBG and open each memory dump file you created in a different instance of WinDBG. Load up SOS in each one as well.
42. Debugging Memory Leaks What weâre wanting to do is compare the two memory dumps to see if we can spot the culprit. Using !VMStat on each file we can see that memory usage is certainly increasing. And if we do a â!dumpheap âstatâ on each one, we can see something quite startlingly â 230,000 additional objects are on the heap!
43. Debugging Memory Leaks Normally youâd have to dig through the heap to find which objects increased, but we see something interesting. An object called âLeakFormâ has had 900 instances created. Perhaps those arenât being cleaned up? Letâs look at one. Weâll see all the instances by doing a â!dumpheap -type WinDBGDemo.LeakFormâ then picking any object at random to do a !do on With that object address, letâs see what is holding on to it with â!GCRoot <address>â
44. Debugging Memory Leaks We see that the LeakForm is being held on to an object, which is of type System.Object[]. If we do a !do on it, we donât see much of interest But if we compare the arrays between the first dump and the second dump using the â!da <address>â command, we find a clue. Between the first and second memory dumps, all of the extra LeakForms were added to this array! At this point, we examine the source code to see what is going on.
45. Agenda .NET Fundamentals Debugging Crashes Debugging Memory Leaks Debugging Hangs WinDBG Tips and Tricks Other Tools
46. Debugging Hangs Two types of hangs Low CPU Hang Generally caused by a deadlock High CPU Hang App in a tight loop, or under heavy load
47. Debugging Hangs Diagnosing Hangs High CPU Hang Multiple memory dumps Compare which thread is getting processor time Low CPU Hang Walk through the waiting threads and match locks Very tedious process
49. Debugging High CPU Hangs Start the app and Task Manager. Click on the High CPU Hang. You should see a single processor spike (100% on 1CPU). In this example, I have a 4CPU system, so a CPU of 25% indicates it is fully utilizing one processor. Take two memory dumps from Task Manager about 15 seconds apart. You can then kill the application.
50. Debugging High CPU Hangs Open the two memory dump files in different WinDBG instances and load SOS. The first thing we need to know is if a single thread is using up all of the time, indicating a possible loop. We can use the command !runaway to see which threads are getting CPU time We can see from this that thread 0 was using up all of the time in between the two memory dumps
51. Debugging High CPU Hangs So what is thread 0 doing? By running !clrstack on each memory dump, we can see that the call stacks are the same, possibly indicating that this is the culprit. I say possibly because if a bunch of calls are happening to different methods, we very well could have gotten âluckyâ and seen the same method. Always verify your assumptions. In this case, looking at the source (either real source, or through reflector) we see the following. I think we have our culprit
52. Agenda .NET Fundamentals Debugging Crashes Debugging Memory Leaks Debugging Hangs WinDBG Tips and Tricks Other Tools
54. WinDBG Tips and Tricks You can get quite a bit of help with both WinDBG and SOS. For the WinDBG help content, type â.hhâ and it will open the WinDBG CHM file. You can also type â.hh <command>â and it will take you to that section For SOS, you can type â!helpâ to see all available commands, or â!help <command>â to see a specific one
55. WinDBG Tips and Tricks You can use the shell command to run the output of a WinDBG command to an external process and the results are displayed back into the UI. For example, to quickly find the shared domain, you can run â.shell âci â!dumpdomainâ find /i âshared domainââ You can also take advantage of this to do integrations with PowerShell
56. WinDBG Tips and Tricks When viewing stacks, you can use !clrstack to view the managed stack. You can also use the command âkâ to view the native stack You can also output the stack for all threads by combining the â~â command with a star (for all threads) and the command. For example â~*kâ or â~*e!clrstackâ (which means execute the command !clrstack)
57. WinDBG Tips and Tricks You can do a lot with automation of WinDBG. For example, you can have WinDBG execute commands when certain breakpoints are hit You can also automate what happens when CLR Exceptions are hit by using the âc option with sxe. In this example, every time we hit an exception we would spit out the exception and CLR stack trace.
58. WinDBG Tips and Tricks You can also loop through various elements. For example, if we wanted to dump out all strings greater than 5k that were on the heap, we could do the following with the â.foreachâ command Finally, if you want to adjust the colors, you can do that in View->Options
59. Agenda .NET Fundamentals Debugging Crashes Debugging Memory Leaks Debugging Hangs WinDBG Tips and Tricks Other Tools
60. Additional Tools DebugDiag Used to automate the capture of exceptions for IIS processes ADPlus Used to capture dumps from command line Managed Debuggers (CorDbg, MDbg) Managed Debugging Assistants (Visual Studio) Profilers
61. More Information http://blogs.msdn.com/tess microsoft.com/whdc/DevTools/Debugging http://windbg.info http://www.coryfoy.com foyc at coryfoy dot com @cory_foy on Twitter Slides will be posted on CoryFoy.com